Manual Cisco Systems DOC-7814982

648 pages 7.69 mb
Download

Go to site of 648

Summary
  • Cisco Systems DOC-7814982 - page 1

    Corporate He adquarters Cisc o Syst ems , Inc . 170 West Ta sman Drive San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catal yst 2950 Desktop S witc h Sof tware Configuration Guide Cisco IOS Release 12.1(1 1)EA1 and 12. 1(1 1)YJ No vem ber 2002 Custome r Order Numb er: DO C-78149 82= Tex ...

  • Cisco Systems DOC-7814982 - page 2

    THE SPECIFICATIONS AND INFORMATION REG ARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOU T NOTICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDA TIONS IN T HIS MANUAL ARE BELIEVED TO BE ACCURATE BU T ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED. USERS MUST TAKE FULL RESPON SIBILITY FOR THEIR AP PLICATION OF ANY PRO ...

  • Cisco Systems DOC-7814982 - page 3

    iii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 CONTENTS Preface xx v Audienc e xxv Pur pose xxv Organi zation xx vi Conv enti ons xxviii Rela te d Publi cation s xxix Obtain ing Docu mentati on xxix World Wide Web xxix Document ation C D-ROM xxx Orderi ng Documenta tion xxx Docu m en ta t ion Fe ed bac k xxx Obtain ing ...

  • Cisco Systems DOC-7814982 - page 4

    Cont ent s iv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 CHAPTER 2 Using t he Command -Line I nterface 2-1 IOS Command Mode s 2-1 Gettin g Help 2-3 Specif ying P orts in In terface Confi guratio n Mode 2-4 Abbrevi ating Comma nds 2-5 Using no an d defau lt Forms of Commands 2-5 Underst anding CL I Message s 2-5 Using Co ...

  • Cisco Systems DOC-7814982 - page 5

    Content s v Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Topolo gy View Po pup Menus 3-22 Link Popu p Me nu 3-22 Device Po pup Menus 3-23 Inter action Mode s 3-25 Guide Mo de 3-2 5 Exper t Mod e 3-25 Wizards 3-26 Tool Ti ps 3-26 Online Help 3-26 CMS Window Compon ents 3-28 Host Na me List 3-28 Tabs, Li sts, and Tables 3-2 ...

  • Cisco Systems DOC-7814982 - page 6

    Cont ent s vi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Example Conf igurat ion 4-8 Manua lly As sign ing IP Infor matio n 4-10 Checki ng and Sav in g the Runn i ng Configu ration 4-10 CHAPTER 5 Configur ing IE2 100 CNS Agents 5-1 Underst anding I E2100 Series Config uratio n Registr ar Softwar e 5-1 CNS C onfigur atio ...

  • Cisco Systems DOC-7814982 - page 7

    Content s vii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Virtua l IP Addr es s es 6-13 Other Consider ations for Clust er Stan dby Grou ps 6-13 Automa tic Recov ery of Clu ster Co nfigura tion 6-15 IP Ad dres ses 6-15 Host Na mes 6-16 Passw or ds 6-16 SNMP Communi ty Str ings 6-16 TACACS+ a nd RAD IUS 6-1 7 Access Mode ...

  • Cisco Systems DOC-7814982 - page 8

    Cont ent s viii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Identi fying t he TACACS+ Server Host and Sett in g the Aut hentica tion Key 7-1 3 Config urin g TACAC S+ Logi n Authenti cation 7-14 Config urin g TACAC S+ Autho rizati on for Privi leged EXE C Access and Net work Ser vices 7-16 Starti ng TA CACS+ Acc ounting 7 ...

  • Cisco Systems DOC-7814982 - page 9

    Content s ix Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Config urin g a Sys tem Name and Prompt 7-48 Defaul t Syste m Name and Prompt Co nfig ura tion 7-48 Config urin g a Sys tem Name 7-48 Config urin g a System Promp t 7-49 Underst anding DNS 7-49 Defau lt D NS C onfig urat ion 7-5 0 Setti ng Up DNS 7-5 0 Displa ying ...

  • Cisco Systems DOC-7814982 - page 10

    Cont ent s x Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Changin g the Swi tch-to- Client Retran smi ssio n Ti me 8-12 Settin g t he S witch -to -Cli ent Fr ame -Re trans mis sion Num ber 8-13 Enab ling Mul tip le Host s 8-13 Resett ing th e 802 .1X Conf igurat ion to the Defaul t Values 8-14 Displa ying 802. 1X Stat is ...

  • Cisco Systems DOC-7814982 - page 11

    Content s xi Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Guidel ines f or Using LRE Profil es 10-7 CPE Ether net Li nk Guidel ines 10-7 Cons ider atio ns f or Co nne cted Cis co 57 5 LR E C PEs 10-7 Cons ider atio ns f or Co nne cted Cis co 58 5 LR E C PEs 10-8 Assigni ng a Glo bal Profil e to All LRE Po rts 10-8 Assigni ...

  • Cisco Systems DOC-7814982 - page 12

    Cont ent s xii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Spannin g Tree an d Redundan t Connec tivit y 11-8 Acceler ated Aging to R etain Connect ivity 11-9 Config urin g Spanning -Tree F ea tures 11-9 Defaul t STP Conf igurat ion 11-10 STP Confi gurati on Guid el ines 11-1 0 Disabl ing STP 11-12 Config urin g the Root ...

  • Cisco Systems DOC-7814982 - page 13

    Content s xiii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Config urin g a Sec ondar y Root Switc h 12-16 Config urin g the Port Pr iori t y 12-17 Config urin g the Path Cos t 12-18 Config urin g the Swit ch Prior ity 12-19 Config urin g th e Hello Time 12-19 Config urin g the Forwar ding- D el ay Time 12-20 Config urin ...

  • Cisco Systems DOC-7814982 - page 14

    Cont ent s xiv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 CHAPTER 14 Configur ing V LANs 14-1 Underst anding VL ANs 14-1 Support ed V LANs 14 -2 VLAN Port Mem ber ship M odes 14-3 Config urin g Nor mal-Ra nge VLANs 14-4 Token Ri ng VLANs 14-5 Normal- Range VLAN Conf igurat ion Guide lines 14-5 VLAN Confi gurati on Mode ...

  • Cisco Systems DOC-7814982 - page 15

    Content s xv Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Config urin g the VMPS Clie nt 14 -28 Enter ing the IP Ad dres s o f the V MP S 14-28 Config urin g Dynamic Acce ss Port s on VMPS Cli ents 14-29 Reco nfirm ing V LA N Me mber ship s 14-30 Changin g the Rec onfirmat ion Int er val 14-30 Changin g the Ret ry Count 1 ...

  • Cisco Systems DOC-7814982 - page 16

    Cont ent s xvi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Defau lt V oic e VLA N Co nfig urat ion 16 -2 Voice VLA N Config urat ion Guidel ines 16-3 Config urin g a Port to Con nect to a Cisco 7960 IP Phone 16-3 Config urin g Ports to Ca rry Voice T raffic in 8 02.1Q Frames 16-4 Config urin g Ports to Carry Voice T raff ...

  • Cisco Systems DOC-7814982 - page 17

    Content s xvii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 CHAPTER 18 Configur ing Port -Ba sed Traf fi c Control 18-1 Config urin g Sto rm Contr ol 18-1 Underst anding St orm Contro l 18-1 Defaul t Storm Cont rol Confi gurati on 18 -2 Enabli ng S torm Cont rol 18 -2 Disabl ing Storm Co ntrol 18-3 Config urin g Protect e ...

  • Cisco Systems DOC-7814982 - page 18

    Cont ent s xviii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 SPAN Sessi on 21-3 Tra ffic Ty pes 21-3 Source Po rt 21-4 Destin atio n Por t 21-5 Reflec tor Po rt 21 -5 VLAN-Base d SPAN 21 -6 SPAN Traff ic 21-6 SPAN and RS PAN I nteract ion wit h Ot her Featur es 21-7 SPAN and RSPAN Se ssion Limi t s 21-8 Defaul t SPAN and ...

  • Cisco Systems DOC-7814982 - page 19

    Content s xix Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Setti ng the Message Displ ay Des tinati on Device 23-4 Synchro nizing Log Mes sages 23-6 Enabli ng and Disa blin g Timestamps on Log Mess ages 23-7 Enabli ng and Disa blin g Seq uence Numb ers in Log Mes sages 23-8 Defini ng the Messag e Severit y Level 23-8 Limi ...

  • Cisco Systems DOC-7814982 - page 20

    Cont ent s xx Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 ACL Numbers 25-8 Creati ng a Nu mbered Standar d ACL 25-9 Creati ng a Nu mbered Extend ed ACL 25-10 Creati ng Named Stand ard and Ext ended ACL s 25-1 3 Applyi ng Time Range s to ACLs 25-15 Includ ing Comm ents Ab out E ntrie s in A CL s 25-17 Creati ng Named MAC ...

  • Cisco Systems DOC-7814982 - page 21

    Content s xxi Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Config urin g Trusted Bo undary 26-13 Enab ling P ass-Thr ough Mode 26 -15 Config urin g a QoS Policy 26-16 Classi fyin g Tr affic by Using ACL s 26-16 Classi fyin g Tr affic by Using Cl ass Maps 26-20 Classi fying, Polici ng, and Marki ng Traff ic by Using Policy ...

  • Cisco Systems DOC-7814982 - page 22

    Cont ent s xxii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Replac ing a Fail ed Command Swit ch with a Clus ter Member 28-9 Replac ing a Fail ed Command Swit ch with Anoth er Swit ch 28-10 Recover ing from Lo st Member Conne ctiv ity 28-11 Preven ting Au ton egoti at ion Mism atches 28-12 Troubl eshoo ting L RE Po rt Co ...

  • Cisco Systems DOC-7814982 - page 23

    Content s xxiii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Copyin g Configur atio n Fi les By Usin g FTP B- 13 Prepa ring to Downlo ad or U pload a C onfig urat ion File B y U sing F TP B-13 Download ing a Con fi gurati on File By Us ing FTP B-14 Uploadi ng a Conf igurat ion File By Using FTP B-15 Copyin g Configur atio ...

  • Cisco Systems DOC-7814982 - page 24

    Cont ent s xxiv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 ...

  • Cisco Systems DOC-7814982 - page 25

    xxv Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Preface Audience The Cataly st 2 950 Desktop Sw itch Sof tware Configuration Gui de is for t he n etwor k ma na ger responsible for conf igur ing the Catalyst 2950 switches, hereaf ter referred to as the switches . Befo re using this guide, y ou should be familia r with the ...

  • Cisco Systems DOC-7814982 - page 26

    xxvi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Preface Organizati on This guid e does not descr ibe system me ssages you migh t encounte r or how to install your swit ch. For more i nf o rm at i on, re fe r to t he Catalyst 2950 Desk top Switch Sy stem Mes sage Guide for this release and to the Catalyst 2950 D esktop S ...

  • Cisco Systems DOC-7814982 - page 27

    xxvii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Pre face Organization Chapter 8, “ Config uring 802.1X Po rt-Based Au thentication, ” describe s how to configure 802. 1X port-base d authe nticat i on to pr ev ent unau thoriz ed devices (c lients) from ga i ning ac cess to the ne twork. As LA Ns extend to hot el s, ...

  • Cisco Systems DOC-7814982 - page 28

    xxvii i Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Preface Conv ent ions Chapter 25, “ Conf iguring Network Sec urity with A CLs, ” des cri bes h ow to conf igure netw ork securi ty by using acce ss cont rol list s (ACLs). Chapter 26, “ Configur ing QoS, ” describes ho w to conf igure quality of service ( QoS) o ...

  • Cisco Systems DOC-7814982 - page 29

    xxix Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Pre face Related Publ icati ons Related Publications These do cuments p rovid e comple te informati on about the switch and ar e av a ilable f rom this Cisco.com site: http://www .cisc o.com/uni v ercd/cc/t d/doc/product/l an/cat295 0/index. htm Y o u can ord er printe d c ...

  • Cisco Systems DOC-7814982 - page 30

    xxx Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Preface Obtain in g Technical Assis ta nce Documenta tion C D-ROM Cisco documentati on and additio nal literature are a v ailable in a Cisco Documentation CD-R OM packag e, w hich is shi pped with you r prod uct. T he Docu menta tion CD-ROM is up dated m onthl y and may be ...

  • Cisco Systems DOC-7814982 - page 31

    xxxi Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Pre face Ob taining Technical Assistance Cisco.com Cisco.com is t he foundation of a suite of inter acti ve, network ed services that prov ides immediate, open access to Cisco information, networkin g solut ions, serv ices , progr am s, and re sour ces at any time , from a ...

  • Cisco Systems DOC-7814982 - page 32

    xxxii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Preface Obtain in g Technical Assis ta nce If you are a Ci sco. com registered use r, and you cannot resol ve your tech nica l issu es by using the C isco T AC W eb Site, you can open a ca se online by using the T AC Case Op en tool at t his URL: http://www .cisco.com/tac ...

  • Cisco Systems DOC-7814982 - page 33

    C HAPTER 1-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 1 Overview This chapter pro vides these topics ab out the Catalyst 2950 switch software: • Feat ures , page 1- 1 • Managem ent Options, page 1-7 • Network Configu ratio n Exa mp les, pa ge 1-8 • Where to Go Next, page 1-21 Features The Ca talyst 2950 so ftw ...

  • Cisco Systems DOC-7814982 - page 34

    1-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Feature s Th is section descri bes the featu res suppor ted in this rele ase: Note Som e features re quire tha t you have the EI installed on your switch. For a list of the switches that support the EI, see Ta b l e 1 - 1 , or refer to the rele ase n ...

  • Cisco Systems DOC-7814982 - page 35

    1-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Features • Switch clus teri n g te chnol ogy u sed with CM S for – Unif ied conf iguration, mo nitoring, authen tication, and softw are upgrade of multip le switches (refer to the r elease notes for a li st of eli gible clust er membe rs). – Autom a ...

  • Cisco Systems DOC-7814982 - page 36

    1-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Feature s • Address Resolution Protocol (ARP) for identif ying a switch through its IP address and its corresp ond in g MAC address • Cisco Disc overy Protocol (CDP) version s 1 and 2 for networ k to pology disc overy and ma pping betwee n th e s ...

  • Cisco Systems DOC-7814982 - page 37

    1-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Features – Loop gu ar d for pr ev enting alterna te or roo t ports fr om bec om ing d esignate d port s be cause of a failur e that l eads to a unidirect ional li nk Note The switch support s up to 64 spanni ng-tre e insta nces. VLAN Support • The swi ...

  • Cisco Systems DOC-7814982 - page 38

    1-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Feature s Quality of Service and Class of Service • Classif ication – IEEE 8 02. 1P cl ass o f ser vice (CoS) w ith fou r p rior ity qu eu es on t he sw itch 1 0/100 a nd LR E ports and eight priori ty queues on the Gigabit ports for prioritizing ...

  • Cisco Systems DOC-7814982 - page 39

    1-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Manageme nt Options Management Options The swi t ch es are des igned for plug-an d-play o peratio n: you on ly need to assign basic IP infor ma tion to the switc h and c on nect i t to t he ot her devices in you r net work. I f yo u have specific network ...

  • Cisco Systems DOC-7814982 - page 40

    1-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples By using switch cl usters a nd CM S, yo u c an: • Manage and monito r interconnected Ca talyst switches (refer to the relea se notes for a list of supporte d switches ), regardl ess of their ge ographi c proxi mit ...

  • Cisco Systems DOC-7814982 - page 41

    1-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Network Configuration Examples Bandwidt h alone is not the only c onsiderat ion when d esigning you r network. As you r network t raff ic profiles ev o lve, consid er providin g net work servic es tha t can support appli cations such as voic e an d data i ...

  • Cisco Systems DOC-7814982 - page 42

    1-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Y o u can cr eate bac kup paths by using Fast Ethern et, Gigab it, Fast Eth erChanne l, or Gigab it EtherCha nnel li nks. Usi ng G igabit m odules on t wo of the sw i tches, yo u can have redunda nt uplink connec t ...

  • Cisco Systems DOC-7814982 - page 43

    1-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Network Configuration Examples Figur e 1 -1 Example Configur ations Small to Medium-Sized Network Configuration Figure 1-2 sh ows a con figurat ion for a n etwork th at has u p t o 25 0 u ser s. User s in t his n etwor k re quir e e-mail, f ile- sharing, ...

  • Cisco Systems DOC-7814982 - page 44

    1-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples A network backbone i s a high-ba ndwidth co nnectio n (such as Fast Ethe rnet or G igabit Ethe rnet) tha t interc onnects segm ents and netw ork resour ces. It is re qu i re d i f n um e r ou s s eg me nt s re qu i ...

  • Cisco Systems DOC-7814982 - page 45

    1-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Network Configuration Examples Collaps ed Backbo ne an d Switch Clu ster Configuratio n Figure 1-3 sh ows a con figura tion for a n etwor k of appro xi mat ely 50 0 em pl oyees. Th is ne twor k u ses a collapse d back bone and swit ch cluste rs. A colla ...

  • Cisco Systems DOC-7814982 - page 46

    1-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Figur e 1 -3 Collapsed Back bone and Switc h Clust er Conf iguration Large C ampus C onfiguration Figure 1-4 shows a c on f i gur atio n fo r a n etw ork of m ore th an 1 0 00 users. Be ca us e it ca n aggr eg ate ...

  • Cisco Systems DOC-7814982 - page 47

    1-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Network Configuration Examples Figur e 1 -4 Larg e Campus Confi gura tion Catalyst 6500 s witch Cisco access gatew a y Ser vers Cisco CallManager Cisco 7200 or 7500 router WA N IP telephony network or PSTN IP IP IP IP 81636 Catalyst 3524-PWR GigaStack cl ...

  • Cisco Systems DOC-7814982 - page 48

    1-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Hotel Network Configuration Figure 1-5 sh ows the Cataly st 2950 LRE switches in a hotel netw ork en vironmen t with approximatel y 200 room s. Th is ne twork inc lude s a PBX swi tch board , a rout er, and hig h-s ...

  • Cisco Systems DOC-7814982 - page 49

    1-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Network Configuration Examples Y ou can mana ge the swit ch es as a s witch clu s ter an d th r oug h th e clu s te r ma na geme nt suite (C MS). Y ou can also m anage an d monito r the individual CPE devices fro m the LRE sw itches to which th ey are co ...

  • Cisco Systems DOC-7814982 - page 50

    1-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Multidwelling Network Usi ng Catalyst 2950 Switches A growing segmen t of residen tial a nd co mmer cial cu stome rs ar e requir ing h igh-spe ed acc ess t o Ether net metropolita n-area networks (MANs). Figure 1-6 ...

  • Cisco Systems DOC-7814982 - page 51

    1-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Network Configuration Examples Figur e 1 -6 Catalyst 2950 Swi tches in a MAN Con figur ation 50833 Ser vice Provider POP Mini-POP Gigabit MAN Residential location Catalyst 3550 multila yer s witches Catalyst s witches Catalyst 6500 s witches Cisco 12000 ...

  • Cisco Systems DOC-7814982 - page 52

    1-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Long-Distan ce, High-Ba ndwidth T ransport C onfiguration Note T o use the feature de scribed in this sectio n, you must hav e the EI installe d on your Cataly st 2950 switch. This featur e does not apply to the Ca ...

  • Cisco Systems DOC-7814982 - page 53

    1-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 1 Overview Where t o Go Next Where to Go Next Before conf iguring the switch, re view th ese section s for start up inform ation: • Chapter 2, “ Usin g the Comma nd-Line Interfac e ” • Chapter 3, “ Getting Star ted with CMS ” • Chapter 4, “ Assignin ...

  • Cisco Systems DOC-7814982 - page 54

    1-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Ch ap ter 1 Ov er vi ew Where to Go Nex t ...

  • Cisco Systems DOC-7814982 - page 55

    C HAPTER 2-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 2 Using the Command-Line Interface This c ha pter d escri bes th e IO S comm an d-l ine int erfa ce ( CLI ) th at you c a n u se to con figure your switch es. I t conta ins th ese sec tions: • IOS Comma nd Modes, pa ge 2-1 • Getting He lp, pa ge 2-3 • Abbrevi ...

  • Cisco Systems DOC-7814982 - page 56

    2-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce IOS Command Modes Ta b l e 2 - 1 desc ribes the main co mman d modes, how to acc ess each one , the prom pt you see in that mo de, and ho w to e xit the mo de. The e xample s in t he table u se the host name Sw itch . T ...

  • Cisco Systems DOC-7814982 - page 57

    2-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 Using the Comm a nd-Line In terface Getting Help Getting Help Y ou can enter a qu es t i on ma rk (? ) at th e s y s tem pr om p t to d is p lay a lis t of co mm an d s a v ailab l e f or eac h comma nd mode . Y ou can als o obtain a list of asso ciated ke ywo rds ...

  • Cisco Systems DOC-7814982 - page 58

    2-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Spec ifyi ng Po rts in I nte rfa ce Co nfig urat ion Mo de Specifying Ports in Interfac e Configu ration Mode T o configure a port, you need to spe cify the int erface type , slot, and sw itch-por t number with the inter ...

  • Cisco Systems DOC-7814982 - page 59

    2-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 Using the Comm a nd-Line In terface Abbrev iating Com mands • Port number — T he n umber of the physic al por t on the sw itch . Refe r to y our swi tch for th e por t numb ers . Abbreviating Command s Y o u have to en ter on ly e nou gh c ha racte rs for t he ...

  • Cisco Systems DOC-7814982 - page 60

    2-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Usin g C omm a nd His tor y Using Command History The IOS provid es a history or re cord of com mands tha t you have entered. This fe ature is pa rticularl y useful for re callin g long or compl ex commands or entri es, ...

  • Cisco Systems DOC-7814982 - page 61

    2-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 Using the Comm a nd-Line In terface Using Edit ing Featu res Disabling th e Com mand His tor y F eatu re The comma nd history feature is automatic ally enab led. T o disable the feature du ring the cu rrent ter minal sessi on, enter the terminal no history pri vil ...

  • Cisco Systems DOC-7814982 - page 62

    2-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Using E diting Feature s Editing C ommands throu gh Keystrok es Ta b l e 2 - 5 shows th e ke ystrok es that you need to edit co mmand lines . T able 2-5 Editing Comma nds thr ough K e ystro k es Capability Key stroke 1 P ...

  • Cisco Systems DOC-7814982 - page 63

    2-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 Using the Comm a nd-Line In terface Using Edit ing Featu res Editing C ommand Lines that Wrap Y o u can use a wrap around feature for commands t hat extend beyond a singl e line on th e screen . When the cursor reaches the right mar gin, the command lin e shifts t ...

  • Cisco Systems DOC-7814982 - page 64

    2-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Searching and F iltering O utput of show and more Com man ds Use lin e wrapping with the co mman d history fe ature to recall and modif y previous complex co mmand entries. F or i nformation about recalling pre v ious c ...

  • Cisco Systems DOC-7814982 - page 65

    2-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 Using the Comm a nd-Line In terface Acce ssi ng th e C L I fro m a B rows er Accessing the CLI from a Bro wser This proc edure assu mes you have met the software re quirem ents (includ ing browser and Java plug-i n conf iguratio ns) and hav e assigned IP informat ...

  • Cisco Systems DOC-7814982 - page 66

    2-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Access ing th e CLI from a Br owse r ...

  • Cisco Systems DOC-7814982 - page 67

    C HAPTER 3-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 3 Getting Started with CMS This chapte r provides these topics about the Cluste r Management Suite (CMS ) software: • Feat ures , page 3- 2 • Fro nt Pa nel V i e w , page 3-4 • T opology V iew , page 3-10 • Men us and T oolba r , page 3-15 • Int eracti on ...

  • Cisco Systems DOC-7814982 - page 68

    3-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Feature s Features CMS pro vides these featu res (see Figure 3-1 ) for m anagi ng switc h cluste rs and individual swit ches fr om W eb browsers such as Netsca pe Comm unica tor or Micro soft In ternet Explore r: • T wo views of your net ...

  • Cisco Systems DOC-7814982 - page 69

    3-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Features • T wo lev els of access to the conf iguration optio ns: read-wr ite access for users allo wed to change switch se ttings; read- only acce ss for users allo wed to on ly vie w switch settings. • Consiste nt set of GU I com po ...

  • Cisco Systems DOC-7814982 - page 70

    3-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Front Panel Vi ew Front Panel View When CMS is laun ched from a comma nd switch, the Front Panel vi ew displays the front -pan el images of al l the switche s in the c luster ( see Figure 3-2 for an 295 0 LRE swi tch and Figur e 3-3 for a ...

  • Cisco Systems DOC-7814982 - page 71

    3-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Front Pa nel Vie w Figur e 3-3 F r ont P anel View fr om a 2950 Com mand Sw itch When CMS is laun ched from a standalon e or noncomm and membe r switch, the Fron t Panel view displays on ly the fr ont panel of t he specific swit ch (see F ...

  • Cisco Systems DOC-7814982 - page 72

    3-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Front Panel Vi ew Figur e 3-5 F r ont P anel View fr om a 2950 no n-LRE Standalone S witc h Cluste r Tr ee The c luster tree (see Figure 3-2 for LRE switc hes and Figure 3-3 for non- LR E switc he s) appe ars in t he left fr am e of the Fr ...

  • Cisco Systems DOC-7814982 - page 73

    3-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Front Pa nel Vie w Front-Panel Images Y o u can mana ge the swit ch from a remot e stati on by using the front- panel ima ges. Th e front- panel images a re u pda ted base d on t he ne twork p ol ling int erval tha t you set from CMS > ...

  • Cisco Systems DOC-7814982 - page 74

    3-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Front Panel Vi ew Redundant Power System LE D The Redundant Po wer System ( RPS) LED sho ws t he RPS stat us (see Ta b l e 3 - 3 ). Certain switches in the switch clust er us e a spec ific RPS mo del: • Cisco RP S 300 ( mo del PWR3 00- A ...

  • Cisco Systems DOC-7814982 - page 75

    3-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Front Pa nel Vie w T o sele ct or ch an ge a m ode, c lick t he M ode button un til the desi re d mo de L ED i s gree n. VLAN Membership Modes Ports in the Front P anel v ie w are ou tlined b y colors ( see Ta b l e 3 - 6 ) when you clic ...

  • Cisco Systems DOC-7814982 - page 76

    3-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Topology Vie w Topology Vie w The T opology vie w displays ho w the de vices within a switch cluster are con nected and ho w the switch cluster i s con ne cte d to oth er cl usters and devices . From t his view , you c an a dd and remove ...

  • Cisco Systems DOC-7814982 - page 77

    3-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Topol ogy View Figur e 3-8 Expan d Cluste r View Figur e 3-9 Collaps e Clust er View Right-click a link icon to displa y a link popup menu. Cluster members of cluster1 and other de vices connected to cluster1. 65722 Right-click a de vice ...

  • Cisco Systems DOC-7814982 - page 78

    3-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Topology Vie w Topology Icons The T op ology view and the cl ust e r tree us e the sam e set of device icons to r epresen t cluster s, com mand and standby c omm and sw it ches, a nd m embe r swit che s (see Figur e 3-10 ). T he T opo lo ...

  • Cisco Systems DOC-7814982 - page 79

    3-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Topol ogy View Figur e 3-1 1 T opolog y -V iew Lin k Icons Device and Link Lab els The T opo logy view displays device and lin k informa tion by using thes e labels : • Cluster and switch names • Switch MAC and IP addresses • Link ...

  • Cisco Systems DOC-7814982 - page 80

    3-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Topology Vie w Colors in the Topo logy Vie w The col ors of the T o pology vi e w ic ons show the st atus of t he d evices and li nks (see Ta b l e 3 - 7 , Ta b l e 3 - 8 , and Ta b l e 3 - 9 ). The c olor o f a d ev ice la bel sh o ws th ...

  • Cisco Systems DOC-7814982 - page 81

    3-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Menus and To olbar Topology Display Optio ns Y o u can set th e type of info rmati on displaye d in the T opology view b y changing the settings i n the T opology O ptio ns wi ndow . T o displ ay thi s wi ndow , se lect View > T opolo ...

  • Cisco Systems DOC-7814982 - page 82

    3-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Menu s an d Toolba r Note • W e stron gly recomm end that the hig hest- end, comm and-ca pabl e switch in the clu ster be the comm an d s witc h: – If your switch cl uster has a Catalyst 3550 switch, that switch sho uld be the command ...

  • Cisco Systems DOC-7814982 - page 83

    3-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Menus and To olbar T able 3-1 1 Menu Bar Menu-B ar O ptio ns T ask CMS Page Setup Set default doc um ent pr int er p rop ertie s t o be use d whe n prin tin g from CM S. Print Pre vie w V iew t he way the CMS wind o w or help f ile will ...

  • Cisco Systems DOC-7814982 - page 84

    3-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Menu s an d Toolba r STP 2 Display and conf igure STP para meters for a switch. IGMP Sn oopin g 2 E nable and di sable In ternet Group Manage ment Protoc ol (IGMP) snoo ping an d IGMP Immediate-Lea ve proc essing on the switch. Join or le ...

  • Cisco Systems DOC-7814982 - page 85

    3-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Menus and To olbar V oice VL AN 2 Configu re a port to use a v oice VLAN f or voice traf fic, separating it fr om the VLANs for data traf f ic. Reports In ventory Displa y the device type , software versio n, IP address, and other info r ...

  • Cisco Systems DOC-7814982 - page 86

    3-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Menu s an d Toolba r Toolbar The toolba r buttons display com monly- used switch and cluster configurat ion options and i nformat ion windo ws such as l eg ends an d onlin e he lp. Ho v er the cursor ov er a n ic on to displa y the fe atu ...

  • Cisco Systems DOC-7814982 - page 87

    3-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Menus and To olbar Front Panel V iew Po pup M enus These popu p menus ar e available in the Front Panel view . Device Popup Menu Y o u can displ ay a ll swit ch a nd clus ter c onfigura tion w ind ows from the menu ba r , or yo u c an d ...

  • Cisco Systems DOC-7814982 - page 88

    3-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Menu s an d Toolba r Topology View P opup Men us These popu p menus ar e available in the T o pology vi ew . Link Popup Menu Y o u ca n disp lay repo rt s an d graph s for a speci fic link displa yed in the T opo lo gy view (see Ta b l e ...

  • Cisco Systems DOC-7814982 - page 89

    3-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Menus and To olbar Figur e 3-12 Multilin k Decomposer Window Device Popup Menus Specific devices in th e T opol ogy v iew displ ay a sp eci fic popup m e nu: • Cluster (see Ta b l e 3 - 1 6 ) • Comm and switch (see Ta b l e 3 - 1 7 ) ...

  • Cisco Systems DOC-7814982 - page 90

    3-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Menu s an d Toolba r T able 3-1 7 Device P opup M enu of a Comm and-S witc h Icon Popup M enu Opt ion T ask Coll apse clu ster V ie w the neighbo rhood outsi de a specific clu ster . Host Name 1 1. Not av ailable in read- only mode . For ...

  • Cisco Systems DOC-7814982 - page 91

    3-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Inter action Mo des Interaction Modes Y o u can ch an ge the inte ra ctio n m ode of CMS t o eit her gu ide or expert m ode . G uide m od e st ep s you through each fea ture optio n and provides i nformat ion about the parame ter . Exper ...

  • Cisco Systems DOC-7814982 - page 92

    3-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Wizards Wizards Note Wiz ards are not a v ailable if your switch access le v el is read-only . For more informa tion about the read- only acc ess mode, s ee the “ Ac cess Modes in CMS ” sect ion o n page 3-31 . W izards simpl ify some ...

  • Cisco Systems DOC-7814982 - page 93

    3-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Online Help Figur e 3-13 Help Con ten ts and In dex Figur e 3-14 Help Con ten ts and In dex Inf or mation about the CMS interf ace. F eature help , such as concepts. Legend of icons and color codes. Glossar y of terms used in the online ...

  • Cisco Systems DOC-7814982 - page 94

    3-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS CMS W indow Com ponent s CMS Window Components CMS windo ws consistently present conf iguration info rmation. Figure 3-15 shows the components of a typical CMS window . Figur e 3-15 CMS Wind ow Comp onents Host Name List T o display or ch ...

  • Cisco Systems DOC-7814982 - page 95

    3-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS CMS Wi nd ow Co mpo n ents Tabs, Lists, and T ables Some CMS windows ha ve tabs that presen t diff erent sets of info rmation. T abs are arranged like fold er headings acr oss the top of the windo w . Click the tab to display its informa ...

  • Cisco Systems DOC-7814982 - page 96

    3-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Access ing CMS Buttons These a re the m ost common butto ns that you use to change the info rmation in a CMS win dow: • OK — Sa v e an y chan ge s and clos e th e wi ndo w . If yo u mad e no chan ge s , the win d o w cl o ses . I f CM ...

  • Cisco Systems DOC-7814982 - page 97

    3-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Acce s sing CMS T o acces s CMS, follo w these st eps: Step 1 Enter the switc h IP address and your pri vile ge le v el in the browser Location fie ld (Netsc ape Commu nicator ) or Address field (M icrosof t Internet Explore r). For exam ...

  • Cisco Systems DOC-7814982 - page 98

    3-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Verifying Yo ur Cha nges • These switc hes do n ot su ppo rt r ead- only mo de on CMS: – Catalyst 1900 and Ca taly st 28 20 – Catalyst 2900 XL switches with 4-MB CPU DRAM In rea d-o nly mod e, t hes e sw itc hes a ppea r as unavaila ...

  • Cisco Systems DOC-7814982 - page 99

    3-33 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Star ted with CMS Saving Your Configuration Saving Your Co nfigurat ion Note Th e Save Configurati on option is not a vailable if you r switch acce ss lev el is read-onl y . For more inform ation a bout the rea d-only ac cess mode , see the “ Access Mod ...

  • Cisco Systems DOC-7814982 - page 100

    3-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 3 Getting Started with CMS Using Differen t Versions of CMS Using Different Versions of CMS When managi ng switch clusters thr oug h CMS, reme mber that clu sters can have a mix of switch mo de ls using d if f erent IOS releases and th at CMS in e arlier IO S relea ...

  • Cisco Systems DOC-7814982 - page 101

    C HAPTER 4-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 4 Assigning the Switch IP Address and Default Gateway This chapt er describes ho w to create the initial switch conf iguration (for e xample, assig n the switch IP address an d default gateway informa tion) by using a variety of au tomati c and manua l methods. Not ...

  • Cisco Systems DOC-7814982 - page 102

    4-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n The boot loader a lso provid es trap-door access in to the system if the o perating system has problems serious enoug h that i t cannot be use d. The trap- door me chan ism pro ...

  • Cisco Systems DOC-7814982 - page 103

    4-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Default Switch Information Ta b l e 4 - 1 shows the default switch information. Understand ing DHCP-Ba sed Autoco nfiguration The DHCP prov ides confi guration information to I ...

  • Cisco Systems DOC-7814982 - page 104

    4-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n DHCP Client Request Proce ss When you boot yo ur switch, the sw itch automa ticall y requests con figuration info rmati on fr om a DHCP server only if a co nfiguration file is ...

  • Cisco Systems DOC-7814982 - page 105

    4-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Configuring the DHCP Ser ver Y o u shoul d configure t he DHC P server wi th rese rved leases t hat ar e boun d to each switch by th e switc h hardware address. If you wa nt th ...

  • Cisco Systems DOC-7814982 - page 106

    4-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n For the switch to successf ull y do wnl oad a conf igu ratio n f i le, the TFTP ser v er must contain one o r more configur ation files in its base direct ory . The files ca n ...

  • Cisco Systems DOC-7814982 - page 107

    4-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Figur e 4-2 Rela y Devic e Used in A utoconfig uration Obtaining Configurati on Files Depending on the a v aila bility of th e IP add ress and the conf iguratio n file name in ...

  • Cisco Systems DOC-7814982 - page 108

    4-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n Note The switch br oadcasts TFTP server requests if the TFTP serv er is not obtained f rom the DHCP replies, if all attempts to read the conf iguration f il e through u nicast ...

  • Cisco Systems DOC-7814982 - page 109

    4-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information DNS Ser ver Conf iguration The DNS server ma ps the TF TP server name ma ri ts u to IP address 10. 0.0.3 . TFTP Serve r Conf iguration (on UNIX) The TF TP server base di rector ...

  • Cisco Systems DOC-7814982 - page 110

    4-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Checking and Saving th e Run ning Confi gura tion Manually Assigning IP Information Beginn ing in pri vilege d EXEC mode, follo w these steps to manually assign I P information to multiple switched virt ual i ...

  • Cisco Systems DOC-7814982 - page 111

    4-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Checki n g an d Sav in g the Ru nnin g Co nfig ur atio n ! hostname Switch ! enable secret 5 $1$ej9.$DMUvAUnZOAmvmgqBEzIxE0 ! ip subnet-zero ! vlan 3020 cluster enable Test 0 cluster member 1 mac-address ...

  • Cisco Systems DOC-7814982 - page 112

    4-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Checking and Saving th e Run ning Confi gura tion no ip address shutdown ! interface Vlan1 ip address 172.20.139.133 255.255.255.224 no ip route-cache ! ip default-gateway 172.20.139.129 ip http server ! ip a ...

  • Cisco Systems DOC-7814982 - page 113

    C HAPTER 5-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 5 Configuring IE2100 CNS Ag ents This chap ter describes h ow to c onfigure th e Intelligence Engine 2100 (IE2100) Series Cisco Netw orking Servic es (CNS) embe dded ag ent s on you r switc h. T o u se t he fea ture de scribed in thi s chapt er , you must ha ve th ...

  • Cisco Systems DOC-7814982 - page 114

    5-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configur ing IE2100 C NS Agents Unders tan ding IE21 0 0 Series Config uration Reg istrar Softwar e Figur e 5-1 Configur ation Registra r Arc hit ect ural O vervie w These secti ons cont ain this co nceptu al in forma tion: • CNS Configurati on Se rvic e, pag e ...

  • Cisco Systems DOC-7814982 - page 115

    5-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configuring IE21 00 CNS Agents Understan ding IE2100 Series Configurat ion Registrar S oftware CNS E ven t Serv i ce The Conf iguration Regi strar uses the CNS Ev ent Servic e for rece ipt and ge neration of conf iguration e ven ts. The CNS e v ent agen t resides ...

  • Cisco Systems DOC-7814982 - page 116

    5-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configur ing IE2100 C NS Agents Unders tan ding IE21 0 0 Series Config uration Reg istrar Softwar e DeviceID Each co nfigured s wi t ch part i cipati ng on th e ev ent bus has a un ique deviceID, w hich i s an alog ous to the switch source ad dress so that the swi ...

  • Cisco Systems DOC-7814982 - page 117

    5-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configuring IE21 00 CNS Agents Unde rstan ding CNS Embe dde d Ag ent s Understandin g CNS Embedde d Agents The CNS e v ent ag ent feature allo ws the swit ch to publish and su bscribe to e vents on the e v ent b us and works with the CNS configurati on agent. The ...

  • Cisco Systems DOC-7814982 - page 118

    5-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configur ing IE2100 C NS Agents Configur ing CNS Em b edded A gen ts Incremental (Partial) Configur ation After t he ne twork is r unn ing, new serv ice s ca n b e ad de d by using t he CN S c onfigura tion ag en t. Increme ntal (p artial) c onf igura tions can be ...

  • Cisco Systems DOC-7814982 - page 119

    5-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configuring IE21 00 CNS Agents Config uri ng CNS Embe dded Ag en ts Note For more informatio n about running the setup program and cr eating templates o n the Configurat ion Registrar, refer to the Cisco Intelligen ce Engine 2100 Series Conf igurat ion Re gistr ar ...

  • Cisco Systems DOC-7814982 - page 120

    5-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configur ing IE2100 C NS Agents Configur ing CNS Em b edded A gen ts Enabling th e CNS Ev ent Agent Note Y ou must e nable t he CNS ev ent agent on the s witch b efore y ou enab le the CNS conf igurat ion ag ent. Beginn ing in pri vilege d EXEC mode, follo w these ...

  • Cisco Systems DOC-7814982 - page 121

    5-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configuring IE21 00 CNS Agents Config uri ng CNS Embe dded Ag en ts T o disable the CNS e v ent agent, use the no cns event { ip-address | hostname } glob al configur ation comm and. This e xample sho ws ho w to e nable the CNS e v ent agent, set the IP a ddress g ...

  • Cisco Systems DOC-7814982 - page 122

    5-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configur ing IE2100 C NS Agents Configur ing CNS Em b edded A gen ts Step 3 config-cli or line -c li Enter config -cli to connect to the Config uration Registrar through t he interface de fined in cns c onfig connect-i ntf . Enter line-cli to connec t to th e Reg ...

  • Cisco Systems DOC-7814982 - page 123

    5-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configuring IE21 00 CNS Agents Config uri ng CNS Embe dded Ag en ts T o disa ble t he CNS conf igurati on age nt, use t he no cns conf ig initia l { ip-add r ess | hostname } global configurati on comm a nd. This e xample sho ws ho w to conf igure a n initial c o ...

  • Cisco Systems DOC-7814982 - page 124

    5-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configur ing IE2100 C NS Agents Configur ing CNS Em b edded A gen ts Enabling a Partial Configur ation Beginn ing in pri vilege d EXEC mode, follo w these st eps to enable the CNS conf iguration ag ent and to initiate a p artial conf iguration on the switch: T o ...

  • Cisco Systems DOC-7814982 - page 125

    5-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configuring IE21 00 CNS Agents Displaying CNS Configuration Displaying CNS Confi guration Y o u can use the privileged EXEC comma nds in Ta b l e 5 - 2 to display CN S Configuration inform ation . T able 5-2 Displa ying CNS Configu ratio n Command Purpose show cn ...

  • Cisco Systems DOC-7814982 - page 126

    5-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 5 Configur ing IE2100 C NS Agents Displaying CNS Con figuration ...

  • Cisco Systems DOC-7814982 - page 127

    C HAPTER 6-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 6 Clustering Switches This chapte r provides these topics to help you get started with switch clu stering: • Understa ndin g Swi tch Cl u sters , pa ge 6-2 • Planning a Sw itch Cluster, page 6-5 • Creating a Switch C l uster , pag e 6- 19 • Using the CL I t ...

  • Cisco Systems DOC-7814982 - page 128

    6-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Unders tan din g Sw itch Cluste rs Understandin g Switch Clust ers A switch cluster i s a group of connected C atalyst swit ches that a re manage d as a sing le entity . In a sw itch clus ter , 1 swi tch mu st be the comma nd s wi tch a nd up t ...

  • Cisco Systems DOC-7814982 - page 129

    6-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Underst anding Swi tch Clust ers Command Switch Character istics A Cataly st 2950 co mm an d swit ch m ust me et t hese r equi reme nts: • It is running Release 12.0(5.2) WC(1) or later . • It has an IP address . • It has Cisc o Discover ...

  • Cisco Systems DOC-7814982 - page 130

    6-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Unders tan din g Sw itch Cluste rs Note Ca talyst 2950 com mand sw itches r unning R eleas e 12. 1(9)EA1 or la ter can conn ect to s tandby com mand swit ches in the ma nage ment VLAN. • It is redundantly connected to the c luster so that c o ...

  • Cisco Systems DOC-7814982 - page 131

    6-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Note Catalyst 2950 stand by command switche s runni ng Releas e 12. 1(9)EA1 or later can co nnect to candidat e and membe r switche s in VLANs di f fer ent from their mana gement VL ANs. Planning a Switch Cl uster ...

  • Cisco Systems DOC-7814982 - page 132

    6-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Discovery through CDP Hops By using CDP , a comma nd switch can di scover switches up to se ven CDP hops away (the default is three hops) from the ed ge of the clus ter . The edge of the clus ter is where the las t ...

  • Cisco Systems DOC-7814982 - page 133

    6-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Figur e 6-2 Disco very thr ough CDP Hops (Co mmand S witch Running Releas e 12.1(9)E A1 or Lat er) Discovery through Non-CDP-Capab le and Noncluster-Capable Devices If a comman d swi tch is connecte d to a non-CDP- ...

  • Cisco Systems DOC-7814982 - page 134

    6-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Discovery through the Same Management VLAN A Catalyst 2900 XL command switch, a Ca talyst 2950 comma nd switch ru nning a rele ase earl ier than Release 12 .1(9) EA1, or a Catal yst 3500 XL comm and switc h must co ...

  • Cisco Systems DOC-7814982 - page 135

    6-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Discovery through Different M anagement VLANs W e reco mmend us ing a Catalyst 3550 com mand switc h or a Catalyst 2950 comm and swi tch runni ng Releas e 12. 1(9)EA1 or la ter . These command switch es can disco v ...

  • Cisco Systems DOC-7814982 - page 136

    6-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Figur e 6-6 Disco very thr ough Dif f er ent Ma nagem ent VLANs with a L ay er 3 Command S witch Discovery of Newly Installed Switches T o join a cluste r , the new , out-of-the -box switc h must be conne cted to ...

  • Cisco Systems DOC-7814982 - page 137

    6-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Figur e 6-7 Disco v ery of Newly I nstalled S witc hes in the Sa me Manag ement VLAN Figur e 6-8 Disco very of Newly I nstalled S witc hes in Dif f er ent Ma nag ement VLANs AP AP Command s witch Catalyst 3500 XL ...

  • Cisco Systems DOC-7814982 - page 138

    6-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er HSRP and S tandby Command Sw itches The switc h supp orts H ot Sta ndby Rout er Protoc ol (HSRP) so that you ca n co nfigure a group of standby comman d s wit che s. Beca use a c om mand sw itch ma nage s the fo r ...

  • Cisco Systems DOC-7814982 - page 139

    6-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Virtual IP Addresses Y o u need to assig n a uniqu e virt ual IP add ress and gr oup num ber a nd name to t he clu ster sta ndby group. This i nf ormat ion m ust be co nfigured on the m ana gem ent VL AN on the a ...

  • Cisco Systems DOC-7814982 - page 140

    6-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er • All stan dby-group memb ers must be me mber s of the clust er . Note The re is no lim it to the number of sw itches that you can assi gn as standb y command switches. Howe v er , the tot al number of switches ...

  • Cisco Systems DOC-7814982 - page 141

    6-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Automatic Recover y of Cluster Configuration The act iv e comm and switc h contin ually forwa rds clust er-configurati on informa tion (but not device-configurat ion info rmation) to the standby comma nd switch. T ...

  • Cisco Systems DOC-7814982 - page 142

    6-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Host Names Y o u do not need to assig n a host name to either a c omman d switch or an eligibl e clust er membe r . Ho we ver , a host name assigned to the command switch can help to identify the switc h cluster . ...

  • Cisco Systems DOC-7814982 - page 143

    6-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er TACACS+ an d RADIUS Inconsistent authenti cation configur ations in switch clusters cause CMS to continually pr ompt for a user name and pa ssword. If T erminal Acce ss Co ntro ller Acces s Co ntrol System Plus (T ...

  • Cisco Systems DOC-7814982 - page 144

    6-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Manageme nt VLAN Communication wi th the sw itch manag ement int erfaces i s through the comma nd-switch IP address. T he IP address is a ssociate d with th e management V LAN, whic h b y def ault is VL AN 1. T o ...

  • Cisco Systems DOC-7814982 - page 145

    6-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Creati ng a Swit ch Cluster Availability of Switch-Specifi c Features in Switch Clusters The me nu bar on t he co m mand switch d isplays al l optio ns av ailab le f rom the switch c l uster . Therefor e, feat ures spe cif ic to a member swit ...

  • Cisco Systems DOC-7814982 - page 146

    6-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Creating a Switch Cluster If you did not enab le a command switch durin g initial switch setup, launch De vice Manager from a command-cap able switch, a nd select Cluster > Cr eate Cluster . Ente r a clust er numbe r (the default i s 0), an ...

  • Cisco Systems DOC-7814982 - page 147

    6-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Creati ng a Swit ch Cluster If a cand idat e s witc h in th e gr oup has a password di fferent from t he gr oup, on ly that speci fic candi dat e switch is no t adde d to t h e cl us ter . When a candidate switch joins a clu ster , it inherit ...

  • Cisco Systems DOC-7814982 - page 148

    6-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Creating a Switch Cluster Figur e 6-12 Using the T opolog y V iew t o A dd Member Switc hes Creating a Clu ster S tandby Group The cl uster st andb y grou p member s must meet the requir ements de scri bed in the “ St andby Command Switch C ...

  • Cisco Systems DOC-7814982 - page 149

    6-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Creati ng a Swit ch Cluster These a bbreviations are ap pended t o the switc h host nam es in the St andby Command G roup li st to show their eligib ility or status in the cluster standby group : • AC — Acti v e command swi tch • SC — ...

  • Cisco Systems DOC-7814982 - page 150

    6-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Creating a Switch Cluster Verifying a Switch Cluster When yo u fini sh adding cl uster me mbers , follo w these step s to v erify the clu ster: Step 1 Ent er the command switch IP addr ess in the bro w ser Location fiel d (Nets cape Commu nica ...

  • Cisco Systems DOC-7814982 - page 151

    6-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switche s Using the CLI to Manage Switch Clusters Using the CLI to Manage Swit ch Clusters Y o u can co nfigure memb er switch es from the CLI by f irst logg ing into the co mmand switch . Enter the rcommand user EXEC com mand and th e membe r switch n ...

  • Cisco Systems DOC-7814982 - page 152

    6-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 6 Clustering Switches Using SNMP to Ma nage Sw itch Cl usters Using SNMP to Manage Switc h Clusters When you first power on the sw itch, SN MP is en abled i f you e nter the IP infor matio n by using the setup program a nd a ccep t i ts p rop ose d con figurat ion. ...

  • Cisco Systems DOC-7814982 - page 153

    C HAPTER 7-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 7 Administering the Switch This cha pter descri bes how to perform one-t ime ope rations to administ er your switc h. This ch apter consists of t hese section s: • Pre ve nting Unauthorized Acc ess to Y our Switch, page 7-1 • Protectin g A cce ss to Pr ivileged ...

  • Cisco Systems DOC-7814982 - page 154

    7-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds • For an add iti o n al la ye r of se cu rity , you can al so co nfigur e user name a nd password p airs, w h i ch are locally stored on the switch. These pairs ar e assi gned to lines o ...

  • Cisco Systems DOC-7814982 - page 155

    7-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Setting o r Changin g a Static Enab le Pa ssword The en able password control s access to the privileged EXEC mode. Beginning in privileged EXEC mode, follo w these step s to set or ...

  • Cisco Systems DOC-7814982 - page 156

    7-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds Protecting En able and E nable Secre t Passw ord s with Enc ryption T o pro vide an additional layer of security , particularly for passwords tha t cross the network or that are stored on a ...

  • Cisco Systems DOC-7814982 - page 157

    7-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds If bo th the en able and e nable sec ret pas sword s are de f ined, us ers must enter th e enable s ecret p asswo rd. Use th e level keyword to define a password fo r a sp ecific pr ...

  • Cisco Systems DOC-7814982 - page 158

    7-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds Beginning i n privileged E X EC mo de , follow these s teps to d isab le pa ssword r ecovery: T o re -ena ble pa ssword r ecovery , use the service passw ord-r eco very global configuration ...

  • Cisco Systems DOC-7814982 - page 159

    7-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds T o remo v e the passwo rd, use the no password global co nfigurati on comm and. This example sho ws ho w to set the T elnet password to let45me67i n89 : Switch(config)# line vty 10 ...

  • Cisco Systems DOC-7814982 - page 160

    7-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds T o disable us ernam e authe nticat ion for a specif ic u ser , use the no username na me global conf igurati on comman d. T o disab le passwor d checki ng and allow conne ctions without a ...

  • Cisco Systems DOC-7814982 - page 161

    7-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds When y ou set a command to a pr i vile ge le ve l, all command s whose syntax is a subs et of th at com mand are al so set to th at le v el. Fo r exa mple, if y ou set the show ip t ...

  • Cisco Systems DOC-7814982 - page 162

    7-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ Logging into and Exiting a Privilege Level Beginn ing in pri vile ged EXEC mode, f ollo w these steps to log in to a s pe c if ie d p r i v i l e ge le ve l an d t o e xi t to a specified pri vil ...

  • Cisco Systems DOC-7814982 - page 163

    7-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ Figur e 7 -1 T ypical T ACACS+ N etwo r k Configur ation T A CA CS +, admin istered throug h the AAA secu rity s ervices, can pro vide these services: • Authentic ation — Provides complete cont ...

  • Cisco Systems DOC-7814982 - page 164

    7-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ TACACS+ Ope ration When a use r attempts a sim ple ASCII login by authent icating to a switch using T A CA CS+, this proc ess occurs: 1. When th e connection is establishe d, the swi tch contact ...

  • Cisco Systems DOC-7814982 - page 165

    7-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ This se ctio n c onta ins thi s configu ratio n inf or mat ion: • Default T A CA CS+ Configuration , page 7-13 • Identif ying the T A CA CS+ Server Host and Setting th e Authent ication Key , p ...

  • Cisco Systems DOC-7814982 - page 166

    7-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ T o remov e the specif ie d T A CA CS+ s erv er name or addr ess, use the no tac acs- server ho st hostnam e global configurat ion comm and. T o remov e a server grou p from th e configur ation l ...

  • Cisco Systems DOC-7814982 - page 167

    7-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ Beginning i n privileged E XEC mo de, foll ow these s teps to c on figure lo gi n au th entic a tion : Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l configurati on mode. Step 2 aaa n ...

  • Cisco Systems DOC-7814982 - page 168

    7-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ T o disa ble A AA, us e the no aaa new-model glo bal co nfigur atio n c omm and. T o di sabl e AA A authenti cation, use th e no aaa aut hent ica tion l ogin { default | list-name } method1 [ met ...

  • Cisco Systems DOC-7814982 - page 169

    7-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ Starting TACACS+ Accounting The AA A accou nting featu re trac ks the servic es tha t users are a ccess ing an d the amoun t of ne twor k resources th at the y are co nsuming. When AAA ac counting ...

  • Cisco Systems DOC-7814982 - page 170

    7-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Controlling Switch Access with RADIUS This sec tion descr ibes ho w to enab le and conf igu re the Remot e Authenti cation Dial -In User Service (RADIUS), which pro vides detailed ac counting i ...

  • Cisco Systems DOC-7814982 - page 171

    7-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS RADIUS is not suitable in these netw ork security situations: • Multipr otocol acce ss en v ironmen ts. RADIUS do es not supp ort Apple T alk Remote Access (A RA), NetBI OS F ram e Co ntrol P roto ...

  • Cisco Systems DOC-7814982 - page 172

    7-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Configuring RADIUS This se ctio n de scri bes how to c onfigure yo ur sw itch to su ppo rt R ADI US. At a mi nim um, y ou mus t identify t he host or host s that ru n the RA DIUS server software ...

  • Cisco Systems DOC-7814982 - page 173

    7-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Y o u iden tif y R ADI US secu ri ty s er vers by the ir host na me or I P ad dre ss, host name a nd spe c ific UDP port num bers, or t heir I P addre ss and spec ific UDP port numb ers. The combin ...

  • Cisco Systems DOC-7814982 - page 174

    7-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS T o remo ve the specif ied RADIUS serv er , u se the no radius-serv er host hostname | ip- address global configurati on comm a nd. This exampl e sho ws ho w to con fi gure one RADIUS ser ver to ...

  • Cisco Systems DOC-7814982 - page 175

    7-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS This examp le shows how to configure ho st1 as t he RADIUS se rver and to use the de fault ports fo r both authenti cation a nd acc ountin g: Switch(config)# radius-server host host1 Note Y ou also ...

  • Cisco Systems DOC-7814982 - page 176

    7-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l configurati on mode. Step 2 aaa new-model Enable AAA. Step 3 aaa authent ication logi n { default | list-name } method1 [ meth od2... ...

  • Cisco Systems DOC-7814982 - page 177

    7-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS T o disa ble A AA, us e the no aaa new-model glo bal co nfigur atio n c omm and. T o di sabl e AA A authenti cation, use th e no aaa aut hent ica tion l ogin { default | list-name } method1 [ method ...

  • Cisco Systems DOC-7814982 - page 178

    7-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Beginning i n privileged E XEC mo de, fol low these s teps to d efine t he A AA ser ver grou p a nd assoc iat e a particu lar RADIUS se rver with it: Comma nd Pu rpos e Step 1 conf igure t ermin ...

  • Cisco Systems DOC-7814982 - page 179

    7-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS T o remo ve the specif ied RADIUS serv er , u se the no radius-serv er host hostname | ip- address global configurati on comm and. T o remove a server gro up from the c onfiguration list, use the no ...

  • Cisco Systems DOC-7814982 - page 180

    7-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Beginn ing in pri vile ged EXEC mo de, follo w these ste ps to specif y RADIUS author ization for privile ged EXEC a cce ss an d n etwor k ser vi ces: T o disable a u thor iza tio n, u se th e n ...

  • Cisco Systems DOC-7814982 - page 181

    7-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Configuring Settings for All RADIUS S ervers Beginning i n privileged E X EC mo de , follow these s teps to c on figure gl obal com mun ica tion sett ings between the switch and all RADIUS serv ers: ...

  • Cisco Systems DOC-7814982 - page 182

    7-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS For e x am ple , th e f oll o wing A V p air acti vates Cis co ’ s mu ltiple n amed ip addr ess pools feature du r i ng IP author izatio n (dur ing PPP ’ s IPCP address a ssignmen t): cisco- ...

  • Cisco Systems DOC-7814982 - page 183

    7-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Beginning i n privileged EXEC mode, f ollow thes e steps to specif y a vendor-propr ietar y RADI US server host a nd a sh ared se cret te xt string : T o delet e the vendo r -proprietary RADIU S hos ...

  • Cisco Systems DOC-7814982 - page 184

    7-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Configur ing the Switc h fo r Local Au thentica tion and A uthorizat ion Configuring the Switch for Local Authentication and Authorization Y ou can conf igur e AAA to operate without a server by setting th e switch to implem ent AAA i n ...

  • Cisco Systems DOC-7814982 - page 185

    7-33 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Configuring the Switch for Secure Shell Configuring the Switch for Se cure Sh ell This sec tion descri bes ho w to conf igure th e Secure Shell (SSH) feature . T o use this featu re, the cryp to (encrypte d) multilayer software image mu ...

  • Cisco Systems DOC-7814982 - page 186

    7-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Managing the System Time and Date Y o u can ma nage the sy stem ti me and d ate o n y our swi tch usin g aut om atic con figurat ion, such a s the Network Time Protocol (NTP) , or manual configurati on ...

  • Cisco Systems DOC-7814982 - page 187

    7-35 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e NTP uses the concept o f a str atum to desc ribe h ow many NT P hops away a d evice is fro m an author itative time sourc e. A stratu m 1 time server has a radio or at omic cloc k direct ly att ...

  • Cisco Systems DOC-7814982 - page 188

    7-36 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Figur e 7 -3 T ypical NTP Netw or k Config ura tion Configuring NTP The Cat alyst 2950 switche s do not have a hardware- suppor ted cloc k, and th ey cannot funct ion as an NTP master clock to which pe ...

  • Cisco Systems DOC-7814982 - page 189

    7-37 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Default NTP Configurati on Ta b l e 7 - 2 shows the d efault NTP co nfiguration . NTP is enable d on all interfa ces b y default. All in terfa ces recei v e NTP pack ets. Configuring NTP Authen ...

  • Cisco Systems DOC-7814982 - page 190

    7-38 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date T o dis ab le N TP au then tic atio n, use the no ntp authenticate global configurat ion comm and. T o re m ove an auth entication ke y , use th e no ntp authe ntic atio n-ke y number glob al co nfigur ...

  • Cisco Systems DOC-7814982 - page 191

    7-39 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Y o u need to co nfigure only one end of an assoc iation; the other de vice can a utomat icall y establi sh the associat ion. If you are using the default NTP version (version 3) and NTP sync h ...

  • Cisco Systems DOC-7814982 - page 192

    7-40 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date T o disable the interface from s ending NTP broadcast pack ets, use the no ntp broadcast interface conf igurat ion command. This e xample sho ws ho w to conf igure an interf ace to send NTP version 2 p ...

  • Cisco Systems DOC-7814982 - page 193

    7-41 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Creating an Access Gro up and Assigni ng a Basic IP Access List Beginn ing in pri vilege d EXEC mode, follo w these steps to contro l access to NTP services b y using access lists: The ac c ess ...

  • Cisco Systems DOC-7814982 - page 194

    7-42 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date If the source IP address m atches the access lists fo r more t han one acces s type, the f irst typ e is grant ed. If n o access gro ups are spec ifie d, all a ccess types are gr anted t o all de vices ...

  • Cisco Systems DOC-7814982 - page 195

    7-43 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Beginn ing in pri vile ged EXEC mode, follo w these steps to conf igure a specif ic interf ace from which the IP sourc e ad dress is to be ta ke n: The specif i ed interface is u sed for the so ...

  • Cisco Systems DOC-7814982 - page 196

    7-44 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Setting the System Clock If you have an outsid e source on the net work that pr ovides time ser vices, su ch as a n NTP server , you do not need to manuall y set the syste m clock. Begi nning in pri vi ...

  • Cisco Systems DOC-7814982 - page 197

    7-45 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Configuring the Tim e Zone Beginn ing in pri vilege d EXEC mode, follo w these st eps to manually conf igure the time zone: The minutes-of fset v ariable in the clo ck timezone global con figur ...

  • Cisco Systems DOC-7814982 - page 198

    7-46 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Configuring Summer Time (Daylight Saving Ti me) Beginn ing in pri vilege d EXEC mode, follo w these step s to configur e summer time (daylight saving time) in ar eas where it s tarts and en ds on a par ...

  • Cisco Systems DOC-7814982 - page 199

    7-47 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Beginning in privileged EX EC mode, fol low these steps if summ er time in your area do es not follow a recurr ing patt ern (con figure the exact da te and tim e of the next summe r time ev ent ...

  • Cisco Systems DOC-7814982 - page 200

    7-48 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Configur ing a Sys tem Nam e and Prompt Configuring a System Name a nd Prompt Y o u configure the system name on the switc h to identi fy it. By default , the system na me and pr ompt are Switc h . If you have not c onfigured a sy stem p ...

  • Cisco Systems DOC-7814982 - page 201

    7-49 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Confi guring a S ystem Name an d Prompt Configuring a System P rompt Beginning i n privileged EX EC mode , follow th ese s teps t o ma nual ly c on figure a s yst em prom pt: T o re turn to th e default p rom pt, use t h e no prompt [ s ...

  • Cisco Systems DOC-7814982 - page 202

    7-50 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Configur ing a Sys tem Nam e and Prompt Default DNS Configur ation Ta b l e 7 - 3 shows the d efault DNS configura tion . Setting Up DNS Beginning i n privileged EX EC mo de , follow these s teps to s et up you r s witc h to use th e DNS ...

  • Cisco Systems DOC-7814982 - page 203

    7-51 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Creat ing a Bann er domain name is the v alue set by the ip d oma in -n ame glo bal c onfigurati on c om mand. I f ther e is a period (.) in th e hostn am e, t he IO S soft ware look s u p th e IP ad dress w itho ut appe nd ing any de f ...

  • Cisco Systems DOC-7814982 - page 204

    7-52 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Creating a Banner Configurin g a Mess age-of-the -Day Log in Bann er Y ou can create a sing le or mult iline messa ge b anner tha t a ppea rs on th e scr een wh en so m eone lo g s in to the switch. Beginning in privileged EX EC mode, fo ...

  • Cisco Systems DOC-7814982 - page 205

    7-53 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Creat ing a Bann er Configurin g a Login B anner Y o u c an co nfigur e a l og in ba nner t o be di spla yed on al l c onnec ted t ermin al s. Thi s ba nn er ap pe ar s after the M O TD ba nn er a nd befo re the lo gin pro mpt. Beginnin ...

  • Cisco Systems DOC-7814982 - page 206

    7-54 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table Managing the MAC Ad dress Tabl e The MA C address table cont ains add ress inf ormation that th e switc h uses to fo rwar d traf fic betwe en ports. All MA C addr esses in th e address ta ble ar e associ ...

  • Cisco Systems DOC-7814982 - page 207

    7-55 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Managin g the MAC Addre ss Table MAC Addr esses an d VLANs All addr esses are as sociate d with a VLAN. An add ress can e xist in more than one VLA N and ha ve different de stinati ons in each. Multic ast add resses , for exa mple, cou ...

  • Cisco Systems DOC-7814982 - page 208

    7-56 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table T o retur n to the default v alue, use the no mac address-table agi ng-time global configurati on comma nd. Removi ng Dyn amic Ad dre ss E ntries T o remove all d ynamic en tries, use the cl ear m ac a d ...

  • Cisco Systems DOC-7814982 - page 209

    7-57 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Managin g the MAC Addre ss Table Beginning i n privileged E X EC mo de , follow these s teps to c on figure th e switc h t o send M A C a ddress notif ication traps to an NMS host: Command Purpos e Step 1 configur e terminal Enter glob ...

  • Cisco Systems DOC-7814982 - page 210

    7-58 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table T o disable the switch fr om sending MA C address notification tra ps, use the no snmp-serv er enable traps mac-notification global con f igura tion co mman d. T o disab le the MAC address notification t ...

  • Cisco Systems DOC-7814982 - page 211

    7-59 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Managin g the MAC Addre ss Table Beginning i n privileged EX EC mo de , follo w these steps to add a static address: T o re move sta t ic en tr i es fr om t he a ddres s t abl e, u se th e no mac address-tabl e static mac-addr vlan vlan ...

  • Cisco Systems DOC-7814982 - page 212

    7-60 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table Beginning i n privileged EX EC mo de , follow these s teps to a dd a se cure ad dress: T o remov e a secur e address, u se the no switchport port -security mac-addr ess mac-addr ess global configurati on ...

  • Cisco Systems DOC-7814982 - page 213

    7-61 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adminis ter ing the Switch Managi ng the ARP Ta ble Managing the ARP Ta ble T o commun icate w ith a de vice (o v er Eth ernet, for e xam ple), the softw are f irst m ust dete rmine the 48-bi t MA C or the local data link addre ss of that device. The pro cess of ...

  • Cisco Systems DOC-7814982 - page 214

    7-62 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 7 Adm inistering the Switch Switch Softw are Release s ...

  • Cisco Systems DOC-7814982 - page 215

    C HAPTER 8-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 8 Configuring 802.1X Port-Ba sed Authen tication This cha pter describ es how to configure IEEE 802 .1X port-ba sed au thentic ation to pr e vent unautho rized devices (clie nt s) f rom ga ining ac cess to the network. As LANs extend to ho te l s, airp orts, and co ...

  • Cisco Systems DOC-7814982 - page 216

    8-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticat ion Unders tan ding 802.1X Port -Based A ut henticat io n Device Roles W it h 802.1X po rt-ba sed authentic ation, the de vices in the netw ork ha ve specif ic role s as sho wn in Figure 8-1 . Figu re 8- 1 80 2. 1X De ...

  • Cisco Systems DOC-7814982 - page 217

    8-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Understandi ng 802.1X P ort-Based Aut henticat ion Authentication Initiation and Message Exchange The swi tch or th e client can initi ate authen tication. If you enable auth entication on a p ort b y using the do ...

  • Cisco Systems DOC-7814982 - page 218

    8-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticat ion Unders tan ding 802.1X Port -Based A ut henticat io n Ports in Au thorized and Un authorized S tates The switc h port state determi nes whet her or not the client is gran ted acces s to the net work. The por t star ...

  • Cisco Systems DOC-7814982 - page 219

    8-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication Support ed Topo lo gies The 802 .1X port-ba sed au thentic ation is supp orted in two topologie s: • Point-to-poi nt • W ireless LAN In a po in t-to- point configur ati on ( ...

  • Cisco Systems DOC-7814982 - page 220

    8-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticat ion Configur ing 80 2. 1X Au thent ica tion Default 802.1X Configuration Ta b l e 8 - 1 shows the d efault 802.1 X configurat ion . T able 8-1 Def ault 8 02.1X Configur ation Feature Default Setting Auth entic ation, a ...

  • Cisco Systems DOC-7814982 - page 221

    8-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication 802.1X Configuration Guidelines These ar e the 80 2.1X authenti cation co nfigurati on guid elines : • When 802.1 X is enabl ed, port s are auth enticat ed befor e any other L ...

  • Cisco Systems DOC-7814982 - page 222

    8-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticat ion Configur ing 80 2. 1X Au thent ica tion Enabling 802.1X Authentication T o enable 802 .1X port-based auth entication , you must enable AAA and specify the au thenticatio n method list. A method list descri bes the ...

  • Cisco Systems DOC-7814982 - page 223

    8-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication This e xample sho ws ho w to enable AAA and 802 .1X on Fast Ethernet port 0/ 1: Switch# configure terminal Switch(config)# aaa new-model Switch(config)# aaa authentication dot1x ...

  • Cisco Systems DOC-7814982 - page 224

    8-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticat ion Configur ing 80 2. 1X Au thent ica tion This exam ple sh ows how to specify the server w it h IP add re ss 172. 20. 39.46 a s the R ADI US server, to use port 1612 as the author izat ion port , an d to se t the en ...

  • Cisco Systems DOC-7814982 - page 225

    8-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication Manually Re-Authenticating a Client Connected to a Port Y ou can manually re-authentic ate the client co nnected to a specif ic port at any time b y entering the dot1x re-a uth ...

  • Cisco Systems DOC-7814982 - page 226

    8-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticat ion Configur ing 80 2. 1X Au thent ica tion Changing the Sw itch-to-Clie nt Retran smission Time The client respon ds to the EAP-request/id entity frame fro m the switch with an EAP-response/i dentity frame. If the sw ...

  • Cisco Systems DOC-7814982 - page 227

    8-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication Setting the Switch-to-Client Frame-Retransmission Number In addi ti on t o c hang i ng th e swi tch- to-c li ent re tra nsmiss io n ti m e, y ou ca n ch an ge the n umb er o f ...

  • Cisco Systems DOC-7814982 - page 228

    8-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticat ion Display ing 802.1 X Stat is t ics and Status T o disabl e multip le hosts on the po rt, use the no do t1x mu ltipl e-ho sts interface conf iguration c ommand. This e xample sho ws how to enable 802.1X on Fast Eth ...

  • Cisco Systems DOC-7814982 - page 229

    C HAPTER 9-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 9 Configuring the Switch Interfaces This c ha pter d efines the ty pes o f i nte rface s on th e swi tch and de scri bes how to c on figure th em . Th e chap ter has these sect ions: • Understa ndin g I nte rface T ypes, pa ge 9-1 • Using th e Interfa ce Comm a ...

  • Cisco Systems DOC-7814982 - page 230

    9-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Unders tan ding Inte rfa ce Type s These sectio ns describes these type s of interf aces: • Access Por ts, page 9-2 • T runk Po rts, page 9 -2 • Port-Ba sed VLA Ns , pa ge 9-3 • EtherCha nne l Po rt Gro ups, p age 9-3 • ...

  • Cisco Systems DOC-7814982 - page 231

    9-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Unde rsta ndi n g In t erf ac e Ty p es Port-Based VLANs A VLAN is a switched netwo rk that is logically segmented b y function, team, or application, witho ut reg ard to the physic al location of the user s. For more in forma ...

  • Cisco Systems DOC-7814982 - page 232

    9-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Using the Inter fa ce Comma nd Figur e 9-1 Connecting VLANs with La y er 2 S witche s Using the Interf ace Command T o configure a p hysical interface (p ort), use the interface glob al conf iguration command to enter int e rf a c ...

  • Cisco Systems DOC-7814982 - page 233

    9-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Using the Interface Command Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# Step 2 Enter t he interface globa l c onfigurati on co mma nd. Id ent ify the int e rface typ e an d th e num ber of the ...

  • Cisco Systems DOC-7814982 - page 234

    9-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Using the Inter fa ce Comma nd Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 ...

  • Cisco Systems DOC-7814982 - page 235

    9-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Using the Interface Command – gigab iteth ernet slo t/{ fi rs t p o r t } - { last po rt }, where slot is 0 – port-channel port-channe l-number - port-channe l-numb er , where port-chan nel-nu mber is from 1 to 6 • Y ou ...

  • Cisco Systems DOC-7814982 - page 236

    9-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Using the Inter fa ce Comma nd Configur ing an d Using Inter f ace- Ra nge Ma cros Y ou can crea te an in terface -rang e macro to autom atically select a range o f inter faces for co nfig uration . Befo re you can us e the macr o ...

  • Cisco Systems DOC-7814982 - page 237

    9-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Configuring Switch Interfaces This exampl e shows ho w to define an interfac e-rang e macro na med enet_list to select Fast Ethernet ports 1 to 4 and to verif y the macro conf igurat ion: Switch# configure terminal Switch(conf ...

  • Cisco Systems DOC-7814982 - page 238

    9-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Conf igu rin g Sw itch Int erf aces Default Ethernet Interface Configuration Ta b l e 9 - 1 shows th e E th erne t inter f ace d efa ul t c onf igura tion. F or m ore detai ls on the V LAN pa rame ter s listed in the t able, s ee ...

  • Cisco Systems DOC-7814982 - page 239

    9-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Configuring Switch Interfaces become acti v e. In that scenario, a v alid conf igurati on is to install th e f iber- optic under Up link Port 1 b y having an SFP module plugg ed in, and to install the copper under Up link Por ...

  • Cisco Systems DOC-7814982 - page 240

    9-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Conf igu rin g Sw itch Int erf aces Note Y ou c annot co nfigure spee d or duplex mod e on Giga bit Inte rface Converter (GBIC) po rts, but for ce rtain types of G BICs, you can c onfigure spee d to not negotiate ( nonegoti ate ) ...

  • Cisco Systems DOC-7814982 - page 241

    9-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Configuring Switch Interfaces Setting the Interface Speed and Duplex Pa rameters Note Th e Ether net link set tings on the CPE Ethe rnet por ts hav e speci al conside rations a nd different default settings from the 10/1 00 p ...

  • Cisco Systems DOC-7814982 - page 242

    9-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Conf igu rin g Sw itch Int erf aces service timestamps log uptime no service password-encryption ! hostname Switch ! <output truncated> ! interface FastEthernet0/3 switchport mode trunk no ip address duplex half speed 10 ! ...

  • Cisco Systems DOC-7814982 - page 243

    9-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Configuring Switch Interfaces These ru les appl y to flo w co ntrol settin gs on the de vice: • rec e i ve o n (or des ired ) and send on : Flow control oper ates in bo th directi ons; both the local and the r emote d ev ic ...

  • Cisco Systems DOC-7814982 - page 244

    9-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Monito rin g and Mai nt aining th e In terfaces Adding a De scription fo r an In terface Y ou can add a descrip tion about an inte rface to help you remember its func tion. The d escripti on appear s in th e out pu t of the se co ...

  • Cisco Systems DOC-7814982 - page 245

    9-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Monitoring and Maintaining the Interfaces This exam ple sh ows how to displ ay the status of all inter faces : Switch# show interfaces status Port Name Status Vlan Duplex Speed Type Fa0/1 connected 1 a-full a-100 10/100BaseTX ...

  • Cisco Systems DOC-7814982 - page 246

    9-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Monito rin g and Mai nt aining th e In terfaces Operational Mode: down <output truncated> This exam ple sh ows how to displa y the run ning co nfigurati on of Fast Eth erne t i nte rface 0/2 : Switch# show running-config in ...

  • Cisco Systems DOC-7814982 - page 247

    9-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring th e Sw itch Interf ace s Monitoring and Maintaining the Interfaces Clearing and Resetting Interfaces and Counters Ta b l e 9 - 3 lists the clear p ri vile ged EXEC co mmands that you can use to clear coun ters and r eset interf aces. T o cl ear th e ...

  • Cisco Systems DOC-7814982 - page 248

    9-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 9 Configuring the Switch Interfaces Monito rin g and Mai nt aining th e In terfaces Use the no shutdown inter face co nf iguration command to restart th e interf ace. This exam ple sh ows how to shut down Fast Ethe rnet in terfa ce 0 / 5: Switch# configure terminal ...

  • Cisco Systems DOC-7814982 - page 249

    C HAPTER 10-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 10 Configuring LRE This chap ter de scri bes ho w to con fig ure the Lo ng-Re ach Ether net (LRE) featur es on you r switch. This chapter co nsists of these sections: • Ports on the 2950 L RE, page 10- 1 • LRE Link s and LRE Profiles , page 10-2 • Conf iguri ...

  • Cisco Systems DOC-7814982 - page 250

    10-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE LRE Link s and LRE Profiles LRE Links and LRE Profiles The LR E link s ettings d efine the conn ection be twee n the swi tch LRE port and the CPE RJ-11 wall port . The LRE l ink pro vide s sy mmetr ic an d as ymme tric band width for data , v oi ...

  • Cisco Systems DOC-7814982 - page 251

    10-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE LRE Links and LRE Profiles Y our data rates will al ways b e le ss than the g ross d ata rate li sted in table . A smal l p ercen tag e of the li nk rate i s us ed by 295 0 LRE sw itc h f or super vis ory f unc tions w ith t he C P E device con n ...

  • Cisco Systems DOC-7814982 - page 252

    10-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE LRE Link s and LRE Profiles • Use the LL prof iles (LRE-5LL, L RE-10LL, an d LRE-15LL ) with car e. These prof iles ha ve the low-latency (LL) fe ature enable d and the in terleaver featur e disa bled. Th e LL feat ure do es not delay data tra ...

  • Cisco Systems DOC-7814982 - page 253

    10-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Configuring LRE Ports Beginn ing with the f irst prof ile in a sequence, the switc h attempts to apply each pro file within that sequence to the L RE interf ace. T he switch conti nues these att empts unti l it c on v e r ges ( co n ver gence tim ...

  • Cisco Systems DOC-7814982 - page 254

    10-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Conf igu rin g LR E Por ts Environmental Guidelines for LRE Links The guid eline s for your LR E en vironm ent are based on the se factors: • Maximum distanc e between th e LRE switc h and CPE devices — LRE ru ns on Ca te gor y 1, 2, a nd 3 ...

  • Cisco Systems DOC-7814982 - page 255

    10-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Configuring LRE Ports The g reate st imp act on LR E pe rf orm ance is from t he fr eq ue ncy respon se of th e c ab le at th e hi gher freque ncies. LRE signal s are more susc eptibl e to interf erence at highe r freq uencies. The LRE upstrea m ...

  • Cisco Systems DOC-7814982 - page 256

    10-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Conf igu rin g LR E Por ts Note Whe n the defau lt speed is set to 10 or 100 Mbps with half dupl ex, the va lues set are the same. If the remote values ar e 10 Mbps wi th full dupl ex, the Cisco 5 75 LR E CPE Ethe rnet por t is profile independe ...

  • Cisco Systems DOC-7814982 - page 257

    10-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Configuring LRE Ports Use the sho w contro llers lr e privileged EXEC co mmand s to displa y the LR E link st a tistic s an d profile informatio n on the LRE ports. Fo r informatio n about these commands , refer to the switch command refere nce. ...

  • Cisco Systems DOC-7814982 - page 258

    10-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Conf igu rin g LR E Por ts Assigning a Sequence to a Specific LRE Port Y o u can set seq uenc es on a per-port basis. Y ou can assign the same sequen ce or different se quence s to the LRE ports on the switch. If you assi gn a se quence on a po ...

  • Cisco Systems DOC-7814982 - page 259

    10-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Configuring LRE Ports In any of these cases, rate selection obta ins the optimal prof ile for your line condit ions. Note When an LRE lin k is lost f or fe wer t han 25 seco nds, the switch does not e xec ute rate se lection to re-establi sh the ...

  • Cisco Systems DOC-7814982 - page 260

    10-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Conf igu rin g LR E Por ts Link Qualification and SN R Margins When rate se lection is ru nning, th e SNR is used as an ind icator of li nk quality . The switch doe s not prov ide an y inte rnal mechan ism to en sure link quality . There c an b ...

  • Cisco Systems DOC-7814982 - page 261

    10-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Configuring LRE Ports The margin ra nge for link qu alificatio n is from 1 to 10 dB. The re comme nded value in a low-noise en vi ronme nt is 2 dB . The recomm ende d value for me dium noi se environment i s 4 dB. T he reco mmen ded value in a h ...

  • Cisco Systems DOC-7814982 - page 262

    10-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Conf igu rin g LR E Por ts Note Th e margin co mm an d is effective with any profile, but only in conj unct ion w ith rate select ion an d only when a link is being acti vated. LRE Link Persistence A brief LRE link do wn and up transitio n can ...

  • Cisco Systems DOC-7814982 - page 263

    10-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Upgrading LRE Switch Firmware • Link Fail Counts : Th e number of times the link f ailed. A link f ail interru pts operation of the Ethernet link for a small nu mber of milli seconds. Du ring this in terruption, some pack ets mi ght be dropped ...

  • Cisco Systems DOC-7814982 - page 264

    10-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Upgradi ng L RE Switch F ir m w are If you wish to ov erride the switch ’ s automatic selectio n of LRE binaries, you ha ve these me thods av ailable: • Globa l LRE Upgr ade Con f igura tion Com mands • LRE Contr oll er c onfiguratio n c ...

  • Cisco Systems DOC-7814982 - page 265

    10-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Upgrading LRE Switch Firmware Global Configuration of LRE Upgrades Beginning in pr ivileged EXEC mod e, follow thes e steps to perform a system-w ide upgr ade to co nfigure the LRE bina ry to ap ply to a target device and upg radable ha rdware e ...

  • Cisco Systems DOC-7814982 - page 266

    10-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Upgradi ng L RE Switch F ir m w are LRE Upgrad e Behavior De tails Y o u see on th e console screen wh en you star t an upgr ade: Switch> en Switch# hw-module slot 0 upgrade lre You are about to start an LRE upgrade on all LRE interfaces. Us ...

  • Cisco Systems DOC-7814982 - page 267

    10-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configuring LRE Upgrading LRE Switch Firmware The CPE device has finished resetti ng. The de sired profile is app lied. 00:23:58: %LRE_LINK-3-UPDOWN: Interface Lo0/1, changed state to UP 00:23:59: %LINK-3-UPDOWN: Interface LongReachEthernet0/1, changed state to ...

  • Cisco Systems DOC-7814982 - page 268

    10-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 10 Configur ing LRE Upgradi ng L RE Switch F ir m w are ...

  • Cisco Systems DOC-7814982 - page 269

    C HAPTER 11-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 11 Configuring STP This chapt er describ es ho w to configure the Span ning Tree Protocol (STP) on you r switch. For information about the Rapi d Spanning T ree Proto col (RSTP) and the Multiple Sp anning T ree Protocol (MSTP), see Chapter 12, “ Conf iguring R S ...

  • Cisco Systems DOC-7814982 - page 270

    11-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures • Spanning Tree and Redun da nt Co nnec tivity , page 1 1-8 • Acceler ated Aging to Retain Connec tiv ity , page 11-9 STP Overvie w STP is a Lay er 2 link mana gement pr otocol t hat provide s path re ...

  • Cisco Systems DOC-7814982 - page 271

    11-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Unders tanding Spanni ng-Tree Featu res • Message age • The iden tif ier of the sending interfac e • V alues for the he llo, for ward d elay , and max- age pro tocol time rs When a switch recei v es a conf igur ation BPDU that contains supe ...

  • Cisco Systems DOC-7814982 - page 272

    11-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures BPDUs conta in informa tion about the sending switch and i ts ports, inclu ding switch a nd MA C addresses, swit ch pri ority , port prior ity , and path co st. Spanning tree uses this informati on to ele ...

  • Cisco Systems DOC-7814982 - page 273

    11-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Unders tanding Spanni ng-Tree Featu res Creating the S pannin g-Tree To pology In Figure 11 -1 , Switch A is elected as the root swit ch because the switch prio rity of all the switches is set to the default (32768) and Sw itch A has the lowest M ...

  • Cisco Systems DOC-7814982 - page 274

    11-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures An interfac e mov es through these state s: • From initiali zation to blocking • From bl ocki ng to li ste ning or to disab l ed • From list eni ng to le arni ng o r t o di sabl ed • From le arnin ...

  • Cisco Systems DOC-7814982 - page 275

    11-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Unders tanding Spanni ng-Tree Featu res Blocking State A Layer 2 in ter f ace in th e b lo ckin g state does not p ar tic ipate in frame f o rw a rdin g. Af ter in iti aliz atio n , a BPDU is sent to each interf ace in the switch. A switch initia ...

  • Cisco Systems DOC-7814982 - page 276

    11-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures Disabled State A Laye r 2 int erface in th e disab led state do es not parti cipa te in frame forwar ding or in the span ning tree. An interf ace in the disabled state is nonop erational. A disab led inte ...

  • Cisco Systems DOC-7814982 - page 277

    11-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Confi guring S panni ng-Tree Featu res Figur e 1 1 - 3 Spanning T r ee and Redun dan t Connectivity Y o u can also c reate red undan t links betwe en switches by using EtherCha nnel gro ups. For more inform ati on, see Chapter 27, “ Configuring ...

  • Cisco Systems DOC-7814982 - page 278

    11-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s • Conf iguring the Hello T ime, page 11-19 • Conf iguring th e Fo rwa rding- Delay T ime for a VLAN, page 11-19 • Configuring t he M axi mu m-Ag ing Time for a V LA N, p age 11- 20 • Conf igu ring ...

  • Cisco Systems DOC-7814982 - page 279

    11-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Confi guring S panni ng-Tree Featu res Cautio n Switches that are not running spanning tree still for ward BPDUs that the y recei v e so that the other switche s on the V LA N that have a run ning span ning -tree in stance can b reak l oops. T h ...

  • Cisco Systems DOC-7814982 - page 280

    11-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Disabling STP STP is e nabl ed by d efau lt on V LAN 1 a nd on al l newly cre ated V LAN s u p to the sp anni ng- tree lim it specif ied in T able 11- 3 . Disable STP only if you are sure there are no loop ...

  • Cisco Systems DOC-7814982 - page 281

    11-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Confi guring S panni ng-Tree Featu res These e xamp les sho w the ef fect of th e spanning-tree vlan vlan-id roo t command with an d without the extended system ID support: • For Catalyst 2950 switches wit h the e xtended system ID (Release 12 ...

  • Cisco Systems DOC-7814982 - page 282

    11-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Be gin n in g i n p r i vil e g ed E XEC m ode, follo w t he se s tep s to a swi tch to be co me the root f or th e sp eci f ied VLAN: T o retur n the switc h to its def ault settin g, use the no spanning- ...

  • Cisco Systems DOC-7814982 - page 283

    11-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Confi guring S panni ng-Tree Featu res Beginn ing in pri vile ged EXEC mo de, follo w these step s to confi gure a switch to b ecome the second ary root for the specif ied VLAN: T o retur n the switc h to its def ault settin g, use the no spanni ...

  • Cisco Systems DOC-7814982 - page 284

    11-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Note Th e show spanning-tree int erface interface- id privileged EXEC command displa ys informat ion only if th e por t is i n a l ink -up op er ative state . O the rwi se, y ou can use th e show running-c ...

  • Cisco Systems DOC-7814982 - page 285

    11-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Confi guring S panni ng-Tree Featu res Note Th e show spanning-tree int erface interface- id privileged EXEC command displa ys informat ion only for por ts that ar e in a link- up opera ti ve s tate. Ot herwis e, you can u se the show running-co ...

  • Cisco Systems DOC-7814982 - page 286

    11-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Configuring the Switch Priority of a VLAN Y ou can config ure the switch prior ity and make it more lik ely that the switc h will be chosen as t he root switch. Note Exercis e care when using this comm and ...

  • Cisco Systems DOC-7814982 - page 287

    11-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Confi guring S panni ng-Tree Featu res Configuring the Hello Time Y ou can config ure the interv al b etween the genera tion of conf iguratio n messages by the root switch b y chan ging the hello tim e. Note Exercis e care when using this comm a ...

  • Cisco Systems DOC-7814982 - page 288

    11-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s T o retur n the switc h to its def ault settin g, use the no spanning-tr ee vlan vlan -id for w a r d - t i m e global configurati on comm a nd. Configuring the Maximum- Aging Time for a VLAN Beginning in ...

  • Cisco Systems DOC-7814982 - page 289

    11-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Display ing the S panning -Tree St atus Figur e 1 1 -4 Gigabit Ether ne t Stac k Displaying the Sp anning-Tre e Status T o display the span ning-t ree stat us, use on e or more of the pri vile ged EXE C commands in T able 1 1-5 : For informati o ...

  • Cisco Systems DOC-7814982 - page 290

    11-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 11 Configuring STP Displaying the Spannin g-Tree Stat us ...

  • Cisco Systems DOC-7814982 - page 291

    C HAPTER 12-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 12 Configuring RSTP and MST P This ch apter descr ibes how to co nfigure the C isco im plement ation of the IE EE 80 2.1W Ra pid Spa nning T ree Protocol (RSTP) and th e IEEE 802. 1S Multiple STP (MSTP) on your sw itch. T o use the feat ures descri bed i n t his c ...

  • Cisco Systems DOC-7814982 - page 292

    12-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Unders tan din g RSTP Understandin g RSTP The RSTP takes ad vantage of point- to-po int wiring and provides rapi d conv ergence of the span ning tree . Reconfigur at ion of th e sp anni ng t ree can oc cur in less t han 1 s econd ( ...

  • Cisco Systems DOC-7814982 - page 293

    12-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Understa nding RST P T o be consistent with Cisco STP implementation s, this guide documents the por t state as bloc k ing instead of discar ding . Designated ports start i n the listening sta te. Rapid Con vergenc e The RSTP pro vides ...

  • Cisco Systems DOC-7814982 - page 294

    12-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Unders tan din g RSTP Figur e 12-1 Pr oposa l and A gr eemen t Handshak ing for R apid Con v er genc e Synchronizatio n of Port R oles When th e switc h receives a proposal me ssage on one of its port s and tha t port is selec ted ...

  • Cisco Systems DOC-7814982 - page 295

    12-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Understa nding RST P Figur e 12-2 Sequen ce of Eve nts Dur ing Rapid Conv er ge nce Bridge Protoco l Data Unit Format an d Process ing The R STP BP DU for mat is th e sam e as t he IEEE 802.1D BPD U fo rmat exce pt tha t th e proto col ...

  • Cisco Systems DOC-7814982 - page 296

    12-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Unders tan din g RSTP The RSTP does not have a separate topol ogy chan ge notificati on (TCN) BPDU . It uses the topology change (T C) flag to sho w the to pology cha nges. Ho wev er , f or interoper ability with 802 .1D switches, ...

  • Cisco Systems DOC-7814982 - page 297

    12-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Unde rsta ndi n g MS TP • Propagatio n — When an RSTP s witch r ecei ves a TC message from another switch throug h a designat ed or r oot por t, it pro pa gate s the to pology c hange to a ll of it s n onedge , edge , de signa te d ...

  • Cisco Systems DOC-7814982 - page 298

    12-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Unders tan din g MSTP IST, CIST, an d CST Unlike PVST+ i n which all the spann ing-tree instances ar e independe nt, the MST P establish es and maintain s two t ypes o f spanni ng-t ree s: • An interna l spanning tree (IST) , whi ...

  • Cisco Systems DOC-7814982 - page 299

    12-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Unde rsta ndi n g MS TP Operations Between M ST Regions If there are multip le regio ns or legacy 802.1D switches within the netw ork, MSTP establishe s and maintains the CST , which includes all MST re gions and all le gac y STP switch ...

  • Cisco Systems DOC-7814982 - page 300

    12-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Unders tan din g MSTP Hop Count The IST and M ST inst ances do not use the mes sage- age an d maximum -age informa tion in the configurati on BPDU to comp ut e t he sp an ning- tre e t opolo gy . Instead, they use th e path cost t ...

  • Cisco Systems DOC-7814982 - page 301

    12-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Interoperability with 802.1D STP Interoperability with 802.1D STP A switch running both M STP a nd RST P supports a built-in p rotoco l migrati on m ec ha nism t ha t ena bl es it to interoperate with leg acy 802.1D switc hes. If this ...

  • Cisco Systems DOC-7814982 - page 302

    12-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Default RSTP and MS TP Configura tion T able 12-3 sh ows the de fault RST P a nd M STP c onfiguration . RSTP and MSTP C onfiguration Gu idelines These are th e configurat ion g uidelin es for RS ...

  • Cisco Systems DOC-7814982 - page 303

    12-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Specifying the MST Region Co nfiguration and En abling MST P For two or more swit ches t o be in the same MST re gion, they must ha v e the same VLAN-to -instance mappin g, the same con figuration r ...

  • Cisco Systems DOC-7814982 - page 304

    12-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es configurati on com mand. T o retur n to the default revision nu mber, use the no revision MST conf igurat ion comman d. T o re -ena ble PV ST , use th e no spanning-tree mode or t he spanning-tr ...

  • Cisco Systems DOC-7814982 - page 305

    12-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Note Th e ro ot swi tch fo r eac h s pan ning -t ree inst anc e shoul d b e a ba ckbon e or dist ribution sw itch . D o no t conf igu re an acces s switch as the spanni ng-t ree prim ary roo t. Use ...

  • Cisco Systems DOC-7814982 - page 306

    12-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Configur ing a Se co ndar y R oot S witch When you con f igure a Catal yst 2950 switch that su pports the extended syste m ID a s the seco ndary ro ot, the spann ing-tre e switch prio rity is mo ...

  • Cisco Systems DOC-7814982 - page 307

    12-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Configuring the Port Priority If a l oop occur s, the MST P uses the port priority when selec ting an in terface to put in to the for warding state. Y ou can assign hig her priority v alues (lo wer ...

  • Cisco Systems DOC-7814982 - page 308

    12-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Configuring the Path Cost The MSTP path cost def ault v alue is deri v ed from the media speed of an interf ace. If a loop oc curs, the MSTP use s cost when se lecting an interfac e to put in th ...

  • Cisco Systems DOC-7814982 - page 309

    12-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Configuring the Switch Priority Y ou can config ure the switch prior ity and make it more lik ely that the switc h will be chosen as the root switch. Note Exercis e care when using this comm and. F ...

  • Cisco Systems DOC-7814982 - page 310

    12-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Beginn ing in pri vileg ed EXEC mode, follo w these st eps to conf igure the hello time for al l MST inst ance s: T o return the switch to its d ef ault setting , use th e no spanning-tree mst h ...

  • Cisco Systems DOC-7814982 - page 311

    12-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Configuring the Maxi mum-Aging Time Beginning in privileged EX EC mode, fol low these steps to con figure the maxi mum- aging tim e for all MST inst ance s: T o return the swit ch to its default set ...

  • Cisco Systems DOC-7814982 - page 312

    12-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Specifying the Link Type to Ensure Rapid Transitions If you con nect a port to anothe r port throug h a point-t o-po int link an d the local port beco mes a designated por t, the RSTP negoti ate ...

  • Cisco Systems DOC-7814982 - page 313

    12-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Configuring RSTP and MSTP Displaying the MST Configuration and Status Displaying the MST Configuratio n and Status T o display the span ning-t ree stat us, use on e or more of the pri vile ged EXE C commands in T able 1 2-4 : For informati on about oth er keywo ...

  • Cisco Systems DOC-7814982 - page 314

    12-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 12 Co nfiguring R ST P and M ST P Displaying the MST Configu rat ion and Status ...

  • Cisco Systems DOC-7814982 - page 315

    C HAPTER 13-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 13 Configuring Optional Spannin g-Tree Features This cha pter descri b es how to configure opt iona l span ning- t ree fea tu res. Y o u ca n configur e all of the se featu re s whe n you r swi t ch is run ning th e per-VLAN sp anni ng-tre e (PVST ). Y ou ca n onl ...

  • Cisco Systems DOC-7814982 - page 316

    13-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Understand ing Port Fa st Port Fast immedia tely br ings an inte rface configured as an acces s or trunk port to t he forwardin g state from a bloc kin g sta ...

  • Cisco Systems DOC-7814982 - page 317

    13-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Understanding BPDU Guard The BP DU guard feature can be global ly enab led on th e switch or can b e enab led per in terfa ce, b ut the featu re oper ate s with som ...

  • Cisco Systems DOC-7814982 - page 318

    13-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Understanding UplinkFast Switches i n hie rarchi cal ne tworks can be g rou ped int o b ackb one sw itch es, d istr ibution swi tc hes, an d acces s swit ches ...

  • Cisco Systems DOC-7814982 - page 319

    13-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 13-3 Upli nkF ast E xample Bef or e Di r ect Link F ailure If Switch C detects a link failu re on the currentl y acti ve lin k L2 on the root port (a dir ec ...

  • Cisco Systems DOC-7814982 - page 320

    13-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures How CSUF Work s CSUF ensures that one link in the stack is elected as the path to the root. As shown in Figure 13-5 , Switch es A, B, and C are ca scaded thr ...

  • Cisco Systems DOC-7814982 - page 321

    13-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res The switch sending the fast-tr ansition requ est needs to do a f ast transitio n to the f orwardi ng state of a port that it ha s chosen as the root po rt, and it m ...

  • Cisco Systems DOC-7814982 - page 322

    13-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Limitations These lim itations ap ply to CSUF: • CSUF uses the GigaStac k GBIC and runs on all Catalyst 3550 switches, all Catalyst 3500 XL switches, Ca tal ...

  • Cisco Systems DOC-7814982 - page 323

    13-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 13-6 Gig aStac k GBIC Connec tions an d Spanning-T ree Co nv er g ence Catalyst 2950G-24 S P E E D S Y S T E M R P S S T A T U S M O D E U T I L D U P L X C ...

  • Cisco Systems DOC-7814982 - page 324

    13-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Understand ing Back boneF ast Backbo neFas t detects ind irect failures in the core of th e backbon e. Backbo neFas t is a complem entary technol ogy to the ...

  • Cisco Systems DOC-7814982 - page 325

    13-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res If lin k L 1 fail s as s hown in Figure 13 -8 , Switch C cannot det ect this f ailure bec ause it is not co nnected direct ly to link L1. Ho weve r, becau se Switc ...

  • Cisco Systems DOC-7814982 - page 326

    13-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Unders tanding Root Gu ar d The Laye r 2 network of a service provide r (SP) can incl ude many co nnectio ns to switche s that are no t owned by the SP . In ...

  • Cisco Systems DOC-7814982 - page 327

    13-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Understand ing Loop Guard Y o u can use loo p g ua rd t o p revent al tern ate o r roo t po rts f rom b ecom ing de signat ed po rt s bec ause o f a failur e that lea ...

  • Cisco Systems DOC-7814982 - page 328

    13-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures Default Optional Spanning-Tree Conf iguration T able 13-1 sh ows the default opt iona l spa nn ing- tree co nfigurat ion. Enabling P ort Fast A port with the Po rt ...

  • Cisco Systems DOC-7814982 - page 329

    13-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Note Y ou ca n use the spa nning-tre e portfast default global con figuration co mmand to global ly enab le the Port Fast featur e on all nontrun king por ts. T o dis ...

  • Cisco Systems DOC-7814982 - page 330

    13-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures T o disable BPDU guard, use the no spanning-tree por tfast bpduguard default global configur ation comm an d. Y ou can ov e rr ide the setting of th e no spanning- ...

  • Cisco Systems DOC-7814982 - page 331

    13-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures T o disable BPDU filte ring, use t he no spanning-tree portfa st bpdufilt er default global configurat ion comm an d. Y o u c a n override th e s ett ing o f t he no ...

  • Cisco Systems DOC-7814982 - page 332

    13-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures Enabling C ross-S tack Up linkFas t Before ena bling CSU F , make sure your sta ck switch es are proper ly connec ted. For more informat ion, see th e “ Connec t ...

  • Cisco Systems DOC-7814982 - page 333

    13-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Enabling Ba ckbon eFast Y o u can en able Bac kboneFast to detect indi rect li nk failures and to start the sp anning- tree reconfigur atio n soo ne r . Note If yo u ...

  • Cisco Systems DOC-7814982 - page 334

    13-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures T o disa ble ro ot g uard, use the no spanning-tre e guard interf ace conf igurati on command. Enabling L oop Guard Y o u can use loo p g ua rd t o p revent al ter ...

  • Cisco Systems DOC-7814982 - page 335

    13-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 13 Configuring Op tiona l Spa nni ng-Tree Features Display ing the S panning -Tree St atus Displaying the Sp anning-Tre e Status T o display the span ning-t ree stat us, use on e or more of the pri vile ged EXE C commands in T able 1 3-2 : For informati on about o ...

  • Cisco Systems DOC-7814982 - page 336

    13-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 13 Configurin g Optiona l Spann ing-Tr ee Featu res Displaying the Spannin g-Tree Stat us ...

  • Cisco Systems DOC-7814982 - page 337

    C HAPTER 14-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 14 Configuring VLANs This c hapt er d escri b es how to c onfigure norm al -ra nge V LAN s (V L AN IDs 1 to 100 5) and extended-ra nge V LANs (VLAN I Ds 100 6 to 4094 ). It include s inform ation about V LAN modes an d the VLAN Member ship Policy Serv er (VMPS). N ...

  • Cisco Systems DOC-7814982 - page 338

    14-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Unders tan ding VLAN s For a Catalyst 295 0 LRE Switch, th e maxim um supported num ber of VLA Ns is 250, t he maximum number of STP inst ances is 64, an d trunkin g is supported. The Catal yst 2950 LRE also supports 4094 VLAN ID s. The 295 0 ...

  • Cisco Systems DOC-7814982 - page 339

    14-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Unde rst an din g VLA Ns VLAN Port M embership M odes Y o u configure a port to belong to a VLAN by assigning a me mber ship mode that de termin es the ki nd of traf fic the port c arries and t he number of V LANs to which i t can belon g. T a ...

  • Cisco Systems DOC-7814982 - page 340

    14-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing Normal- R ang e VLAN s Configuring Normal -Range VLANs Normal- range VL A Ns are VL ANs with VLA N I Ds 1 to 1005 . If the sw it ch is in VT P server or transpare nt mod e, y ou ca n a dd, modi fy or r e move configurat ions for ...

  • Cisco Systems DOC-7814982 - page 341

    14-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s This sect ion incl udes infor mation ab out these topics about norma l-ran ge VLAN s: • T oken Ring VLA Ns, page 1 4-5 • Normal -R ange VL AN Con figurat ion Guid eli nes , pa ge 14- 5 • VLAN Co nf ...

  • Cisco Systems DOC-7814982 - page 342

    14-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing Normal- R ang e VLAN s • The swi tch supp orts 64 spa nning-t ree instanc es. I f a switch has more ac tiv e VLANs than supporte d spannin g-tr ee i nsta nce s, spanni ng tree c an b e enab le d on 64 V LANs an d is di sabl ed ...

  • Cisco Systems DOC-7814982 - page 343

    14-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s Saving VL AN Configur ation The co nfiguration s of VLAN IDs 1 to 10 05 are a lways sa ved in the VLA N database (vlan.d at file). If VTP mode is transpa rent, they a re also saved in the swi tch runn in ...

  • Cisco Systems DOC-7814982 - page 344

    14-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing Normal- R ang e VLAN s Default Ethernet VLAN Configuration T able 14-2 shows the default co nfig uration for Ethernet VL ANs. Note The switch suppo rts Ethe rnet interf aces exc lusi v ely . Becaus e FDDI a nd T oken Ri ng VLANs ...

  • Cisco Systems DOC-7814982 - page 345

    14-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s Beginning i n privileged EXEC mode, f ollow these st eps to use config-vl an mode to cre ate or mo dify an Ethern et VLAN: T o return the VLAN name to the defaul t settings, use the no vlan name or no vl ...

  • Cisco Systems DOC-7814982 - page 346

    14-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing Normal- R ang e VLAN s T o return th e VLAN name to th e defaul t settings, use th e no vlan vlan-id name or no vl an vlan-i d mtu VLAN conf iguration comm and. This examp le shows how to use VLAN configurati on mode t o create ...

  • Cisco Systems DOC-7814982 - page 347

    14-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s Assigning S tatic-Ac cess Ports to a VLAN Y o u can assi gn a s tati c-ac cess port to a VLAN wi tho ut having VT P gl obal ly p rop agate V LAN configurat ion inf orm at ion ( VTP is di sabl ed). If y ...

  • Cisco Systems DOC-7814982 - page 348

    14-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing Extended-R ange VLA Ns Configuring Ex tended-Rang e VLANs When the switch is in VTP transparent mode (VT P disabled) and the EI is installed) , you can create extended -rang e VLA Ns ( in the ra nge 1006 t o 4094). E xte nded- r ...

  • Cisco Systems DOC-7814982 - page 349

    14-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Confi guring Exte nded-Ra nge VL ANs • STP is enable d by default on extended -range V LANs, but you can di sable it by using the no spann ing- tre e vlan vlan-id global co nfigur ation c omm an d. Wh en t he m a ximum n umb er o f spann in ...

  • Cisco Systems DOC-7814982 - page 350

    14-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Displa ying VL ANs T o delete an extend ed-range VLA N, use the no vlan vlan-i d global configurat ion comm and. The proc edure fo r assign ing stat ic-acc ess port s to an ext ended-r ange VLAN is the s ame as for normal-ra nge VL ANs. See ...

  • Cisco Systems DOC-7814982 - page 351

    14-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Config uri n g VL AN Tr unk s Configuring VLAN T runks These sec tions descr ibe how VLAN trunks functio n on the swi tch: • T runking O verview , page 14 -15 • 802.1 Q Configuration Cons ider ation s, page 14-16 • Default La yer 2 Ethe ...

  • Cisco Systems DOC-7814982 - page 352

    14-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing VLAN Trunk s T o avoid this, yo u s hould configu re int erfac es conn ect ed t o devices tha t do no t sup port DTP to n ot forward D TP frame s, tha t i s, to t urn off DTP . • If you do not int end to trunk ac ross thos e l ...

  • Cisco Systems DOC-7814982 - page 353

    14-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Config uri n g VL AN Tr unk s • Disabling span ning tree on the na ti v e VLAN of an 802.1 Q trunk without d isabling spann ing tree on e very VLAN i n the network can po tentia lly cause spa nning-t ree loops. W e recomm end that you leave ...

  • Cisco Systems DOC-7814982 - page 354

    14-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing VLAN Trunk s – STP Port F ast setting – trunk s tat us: i f o ne po rt i n a po rt g rou p ce as es t o b e a t runk, a ll por t s ce ase t o be t runk s. • If you tr y to enab le 802. 1X on a trun k port, a n erro r messa ...

  • Cisco Systems DOC-7814982 - page 355

    14-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Config uri n g VL AN Tr unk s This exam pl e shows how to c on figure t he Fast E the rne t i nte rface 0 /4 as a n 802 .1 Q t run k. Th e exam pl e assumes th at the nei ghbor int erface is configure d to support 80 2.1Q trunki ng. Switch# c ...

  • Cisco Systems DOC-7814982 - page 356

    14-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing VLAN Trunk s This e xample shows ho w to remo v e VLAN 2 f rom the allo wed V LAN list: Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end Switch# Changing ...

  • Cisco Systems DOC-7814982 - page 357

    14-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Config uri n g VL AN Tr unk s Beginning i n privileged EX EC mo de, foll ow these s teps to c onfigure th e nat iv e VL AN on an 8 02. 1Q trunk: T o return to the default nati v e VLAN, VLAN 1, use th e no switchport trunk native vlan inte r ...

  • Cisco Systems DOC-7814982 - page 358

    14-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configur ing VLAN Trunk s In thi s way , Trunk 1 c arri es t r affic for VLA Ns 8 t hr oug h 10, a nd Trunk 2 c ar rie s tra ff ic fo r VLA Ns 3 through 6. If the a cti ve tru nk fails, th e trunk wit h the lo wer priority tak es ov er and c ...

  • Cisco Systems DOC-7814982 - page 359

    14-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Config uri n g VL AN Tr unk s Load Sharing Using STP Path C ost Y o u can co nfigure paralle l trunks to share VLAN traffic by setting di fferent path costs on a trunk and associ ating the path costs with dif feren t sets of VLA Ns. The VLANs ...

  • Cisco Systems DOC-7814982 - page 360

    14-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configuring VMPS Beginn ing in pri vile ged EXE C mode, follo w these steps to conf ig ure th e netw o rk sho wn in Figure 14-4 : Configuring VMPS The swi tch can not be a VMPS ser ver b ut can ac t as a client to the VMPS and communi cate w ...

  • Cisco Systems DOC-7814982 - page 361

    14-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configuring VMPS • “ Monitori ng the VMPS ” sectio n on pa ge 14-31 • “ T rouble sho oti ng Dy na mic Por t VLAN Memb er ship ” sectio n on page 14 -31 • “ VMPS C onfiguration Exa mple ” sectio n on pa ge 14-32 Understand in ...

  • Cisco Systems DOC-7814982 - page 362

    14-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configuring VMPS If the link goes do wn on a dynamic por t, the port retur ns to an isolated state and does not belong to a VLAN. An y h osts that com e online through the port are chec ked again through t he VQP with the VMPS before the p o ...

  • Cisco Systems DOC-7814982 - page 363

    14-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configuring VMPS ! address <addr> vlan-name <vlan_name> ! address 0012.2233.4455 vlan-name hardware address 0000.6509.a080 vlan-name hardware address aabb.ccdd.eeff vlan-name Green address 1223.5678.9abc vlan-name ExecStaff addres ...

  • Cisco Systems DOC-7814982 - page 364

    14-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configuring VMPS VMPS Configuration Guidelines These gui deline s and restric tions app ly to dynami c port VL AN memb ership: • Y o u must co nfigure the VMPS befo re you con figure ports as dyna mic. • The co mm unic ation be tw een a ...

  • Cisco Systems DOC-7814982 - page 365

    14-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configuring VMPS Beginn ing in pri vilege d EXEC mode, follo w these step s to enter the IP address of the VMPS: Note The switch port that is co nnected to the V MPS serv er cannot be a dynamic acc ess port. It can be either a stat ic ac cess ...

  • Cisco Systems DOC-7814982 - page 366

    14-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configuring VMPS Reconfirming VLAN Memberships Beginning in privileged EXEC mo de, foll ow these steps to co nfirm the dynamic port VLAN me mbershi p assignments that the switc h has receiv ed from the VMPS: Changing the Reconfirmation In te ...

  • Cisco Systems DOC-7814982 - page 367

    14-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Configuring VLA Ns Configuring VMPS T o retur n the switc h to its def ault settin g, use the no vmps r etry global configura tion c om mand . Monitoring the VMPS Y ou can display inform ation about th e VMPS b y usin g the sho w vmps pri vi le ged EXEC comman ...

  • Cisco Systems DOC-7814982 - page 368

    14-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 14 Co n figuring VLANs Configuring VMPS VMPS Co nfig ur at ion Ex am ple Figure 14-5 shows a ne twork with a VMPS serve r switch and V MPS client switches with dynamic p orts. In this e xampl e, these assu mptions apply: • The VMPS serv er and th e VMPS client a ...

  • Cisco Systems DOC-7814982 - page 369

    C HAPTER 15-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 15 Configuring VTP This c hapt er d escri b es how to us e t he V LAN Trunking Pr otoc ol ( VTP) a nd t he V LAN dat aba se for managing V LANs . Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to the c ommand refer ...

  • Cisco Systems DOC-7814982 - page 370

    15-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Unders tan din g VTP The VTP Do main A VTP do ma in ( also c alle d a VLA N ma nage ment domai n ) con sis ts of o ne sw itch or several interconn ected swit ches under th e same a dministrati ve responsibili ty sharing the same VTP d omain name. ...

  • Cisco Systems DOC-7814982 - page 371

    15-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Understanding VTP VTP Mode s Y o u can co nfigure a supporte d switch to be in one of the VTP modes liste d in Ta b l e 1 5 - 1 . When the netwo rk is configu red with more than the maximu m 250 VLANs, the switch automatica lly changes from VTP s ...

  • Cisco Systems DOC-7814982 - page 372

    15-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Unders tan din g VTP • MD5 diges t VLAN co nf igurat ion, in clud ing max imum tr ansmi ssion unit (M TU) si ze fo r each VLAN. • Frame fo rmat VTP adv ertis ements distrib ute this VLAN information for each conf igured VLAN: • VLAN IDs • ...

  • Cisco Systems DOC-7814982 - page 373

    15-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Understanding VTP Figur e 15-1 Floodi ng T raffi c withou t VTP Pr un ing Figure 15-2 shows a swi tched network w ith V T P pruni ng ena ble d. The broa dcast tra ff ic fro m Swit ch 1 is not for war ded to Switch es 3, 5, and 6 be cause tr aff i ...

  • Cisco Systems DOC-7814982 - page 374

    15-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Conf igu rin g VTP VTP pruning is not designed to func tion in VTP transparent mode . If one or more switches in the netwo rk are in VTP transparen t mode, yo u should do on e of thes e: • T urn off VTP prun ing in the en tire network . • T u ...

  • Cisco Systems DOC-7814982 - page 375

    15-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Configuring VTP VTP Configuration Options Y o u can co nfigure VTP by using these co nfiguration mo des. • VTP Configurat ion in G lobal Co nfiguration M odes, page 15- 7 • VTP Configurat ion in VLA N Configuratio n Mod e, p ag e 15- 7 Y o u ...

  • Cisco Systems DOC-7814982 - page 376

    15-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Conf igu rin g VTP VTP Configuration Guidelines These sec tions descr ibe guid elines you should fol low when implem entin g VTP in your ne twork. Domain Names When co nfiguring VTP f or the first tim e, y ou mu st always a ssign a do main n am e ...

  • Cisco Systems DOC-7814982 - page 377

    15-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Configuring VTP VTP Ve rs ion Foll ow these gui delines whe n deciding which VTP ver sion to im plement: • All switches in a VTP domain must run the same VTP versi on. • A VTP ver sion 2-cap able switch can operat e in the same VTP doma in as ...

  • Cisco Systems DOC-7814982 - page 378

    15-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Conf igu rin g VTP When you con figure a domain na me, it cannot be rem oved; you can only rea ssign a switc h to a different domain. T o retu rn the swi tch to a no-pa sswor d s tate, u se the no vtp password global co nfiguration c omman d. Th ...

  • Cisco Systems DOC-7814982 - page 379

    15-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Configuring VTP This exam ple sh ows ho w to use VLA N configurat ion m ode to configure the switc h as a VTP server with the domain name eng_ gr oup an d t he pa ssword mypassw ord : Switch# vlan database Switch(vlan)# vtp server Switch(vlan)# ...

  • Cisco Systems DOC-7814982 - page 380

    15-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Conf igu rin g VTP Note Y ou ca n also configur e a VTP client by using th e vlan database p rivile ged EXEC command to enter VLAN c onfiguratio n mode a nd e ntering the vtp client command, simi lar t o the secon d p rocedur e und er “ Config ...

  • Cisco Systems DOC-7814982 - page 381

    15-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Configuring VTP Note Y ou ca n also configure V TP transpare nt mode by using the vlan dat abas e pri vileged EX EC comm and to ente r VLAN c onfiguratio n mode a nd by enter ing th e vtp tran spar ent command, si milar t o the s econd procedu r ...

  • Cisco Systems DOC-7814982 - page 382

    15-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Conf igu rin g VTP Enabling V TP Prunin g Pruning inc reases available bandwi dth by restric ting flood ed traffic to those trunk links th at the traffic must use to acces s the destinat ion devices. Y ou can o nly ena ble V TP prunin g on a s w ...

  • Cisco Systems DOC-7814982 - page 383

    15-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Configuring VTP Adding a VT P Client S witch to a VT P Domain Before adding a V TP clien t to a VT P domai n, always verify tha t its VTP co nfiguration revision number is lower than the co nfiguration r evision number of the other swi tches in ...

  • Cisco Systems DOC-7814982 - page 384

    15-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 15 Configuring VTP Monito rin g VTP Monitoring VTP Y o u mon itor V TP by di sp layin g VT P configu ratio n in for matio n: th e dom ain name , the c ur rent V T P revision, and the n umb er of VL AN s. Y ou c a n al so di spla y stati stic s ab out th e ad verti ...

  • Cisco Systems DOC-7814982 - page 385

    C HAPTER 16-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 16 Configuring Voic e VLAN This ch apt er descr ibes how to configure the voice VLAN f eature on yo ur sw itch. V oice VLA N is re ferred to as an auxiliary VLAN in the Cata lyst 6000 f amily swi tch do cumentation. Note For comple te syntax and us age inform atio ...

  • Cisco Systems DOC-7814982 - page 386

    16-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 16 C onfiguring Voice VLAN Configuring Voic e VL AN Figure 16-1 shows one way to conne ct a Cisco 7 960 IP Phone. Figur e 16-1 Cisc o 7960 IP Phone Connect ed t o a S witc h When t he I P ph one con ne cts to t he s wit ch, the a ccess p ort (PC- t o-te lep hone ja ...

  • Cisco Systems DOC-7814982 - page 387

    16-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 16 Configuring Voice VLA N Configuring Voice VLAN Voice V LAN Con figuration Guide lines These a re the v oic e VLAN con figu ration guid elines: • Y o u shou ld configu re voice VLA N on swi tch a cce ss port s. • The Port Fas t featu re is au tomatical ly en ...

  • Cisco Systems DOC-7814982 - page 388

    16-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 16 C onfiguring Voice VLAN Configuring Voic e VL AN Configuring Ports to Carr y Voice Traffic in 802.1Q Frames Beginn ing in pri vileg ed EXEC mode, follo w thes e steps to conf igure a port to carry v oice traf fic in 802.1 Q fram es for a speci fic VLAN: T o r e ...

  • Cisco Systems DOC-7814982 - page 389

    16-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 16 Configuring Voice VLA N Configuring Voice VLAN Overriding the CoS Pr iority of Incoming Data Frame s Y o u can conne ct a PC or o t her dat a device to a Cisco 7960 IP Phon e por t . T he PC can ge nerat e packets with an assigned CoS valu e. Y ou can configur e ...

  • Cisco Systems DOC-7814982 - page 390

    16-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 16 C onfiguring Voice VLAN Displa ying Vo ice VLA N Configuring the IP Phone to Tr ust the CoS Priority of Inc oming Data Frames Y o u can conne ct a PC or o t her dat a device to a Cisco 7960 IP Phon e por t . T he PC can ge nerat e packets with an assigned CoS v ...

  • Cisco Systems DOC-7814982 - page 391

    C HAPTER 17-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 17 Configuring IGMP Sno oping an d MVR This cha pter d escribes h ow to configure In ternet Gr oup Ma nageme nt Prot ocol (IGM P) snoop ing on your switch, including an applicatio n of loca l IGMP snoopi ng, Multica st VLAN Re gistration (MVR). It a lso include s ...

  • Cisco Systems DOC-7814982 - page 392

    17-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Unders tan ding IGM P Snoo ping the switc h adds the host p ort numb er to the for wardin g table en try; when it recei ves an IGMP Lea v e Group message from a host, it remo ves the host port from the table entry . I t also ...

  • Cisco Systems DOC-7814982 - page 393

    17-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping Figur e 17 -1 Initial IGMP J oin Messag e Router A se nds a genera l query to t he switc h, which f orwards the qu ery t o ports 2 thro ugh 5, a ll members of the same VLAN. Ho st 1 wants to join mu ...

  • Cisco Systems DOC-7814982 - page 394

    17-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Unders tan ding IGM P Snoo ping Figur e 17 -2 Second Host Joi ning a Multic ast Gr oup Leaving a Multicast Group The ro uter send s periodic mu lticast genera l queri es and the sw itch forwar ds these que ries through al l ...

  • Cisco Systems DOC-7814982 - page 395

    17-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Note Y o u shou ld on ly u se the I mm ediat e- Leave proc essin g feat ure on V LANs wher e a si ng le h ost i s connect ed to each port. If Im mediate L eav e is enab led in VLANs where more th an o ...

  • Cisco Systems DOC-7814982 - page 396

    17-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Configuring IG MP Sn ooping Beginning i n privileged E X EC mo de , follow these s teps to g loba ll y ena ble IGM P snoo ping on the switch: T o globa ll y d isabl e I GMP sno oping on a ll V LAN in terfa ces, use th e no i ...

  • Cisco Systems DOC-7814982 - page 397

    17-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Beginn ing in pr i vileged EXEC m ode, follo w t hese step s to alter t he metho d in whic h a VLAN in terf ace dynamically accesses a multicast router : This example shows ho w to configure IGMP sno ...

  • Cisco Systems DOC-7814982 - page 398

    17-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Configuring IG MP Sn ooping T o rem ov e a mul ticast route r port f rom the VLAN, use the no ip igmp snooping vlan vlan- id mr outer interface inte rface-id global configurat ion comm and. This e x am pl e sho ws ho w t o e ...

  • Cisco Systems DOC-7814982 - page 399

    17-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping This e xample sho ws how to statically conf igure a hos t on an interface and verify the co nfig uration: Switch# configure terminal Switch(config)# ip igmp snooping vlan 1 static 0100.5e00.0203 inter ...

  • Cisco Systems DOC-7814982 - page 400

    17-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Configuring IG MP Sn ooping If you disable IP multicast- source-only lea rning with the ip igmp snoo ping sour ce-only-lear ning global configuration c ommand, the switch flood s unknown multicast traff ic to the VL AN and ...

  • Cisco Systems DOC-7814982 - page 401

    17-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information Displaying IGMP Snooping Information Y o u can di spla y IG MP snoo ping inf orm ati on for dyn am ica lly l ear ne d and st at ical ly c on figured rou ter ports and V LAN interfac es. Y ...

  • Cisco Systems DOC-7814982 - page 402

    17-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Displaying IG MP Sn ooping Informa tion IGMP snooping immediate-leave is disabled on this Vlan IGMP snooping mrouter learn mode is pim-dvmrp on this Vlan IGMP snooping is running in IGMP_ONLY mode on this Vlan This i s an e ...

  • Cisco Systems DOC-7814982 - page 403

    17-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Underst anding Multicast VLAN Registration Understandin g Multicast VL AN Registrati on Multica st VLA N R egistrat ion (M VR) is desi gned f or ap pli cati ons usi ng wi de-sc ale d ep loymen t of multica st traf f ic acr os ...

  • Cisco Systems DOC-7814982 - page 404

    17-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Unde rs ta n din g Mu ltic as t V LAN Reg i stra t io n When a subscriber chan ges channels or turns of f the tele vision, the set-to p box sends an IGMP leav e messag e for th e mult icast st ream. T he swit ch CPU sends a ...

  • Cisco Systems DOC-7814982 - page 405

    17-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Configuring MVR MVR elimin ates the need to duplicate tele vision-c h annel multi cast traf fic for subscribers in e ach VLAN. Multica st traffic for a ll c hanne ls is only se nt a ro und t he V L AN trun k onc e — o nly o ...

  • Cisco Systems DOC-7814982 - page 406

    17-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Conf igu rin g MVR MVR Configuration Guidelines and Limitations Foll ow these gui delines when conf iguring MV R: • Receiver ports cann ot b e t runk p ort s. Re ceiver port s on a sw it ch c an be in d i fferent VL AN s, ...

  • Cisco Systems DOC-7814982 - page 407

    17-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Configuring MVR T o return t he switch t o its defa ult settin gs, use the no mvr [ mode | group ip-a dd ress | querytime | vlan ] global configurati on comm ands. This e xample sho ws how to enable MVR, conf igure the MVR gr ...

  • Cisco Systems DOC-7814982 - page 408

    17-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Conf igu rin g MVR T o return the inter face to its default settings, u se the no mvr [ type | immediate | vlan vl an-id | group ] interf ace conf igu ration com mands. This exam ple sh ows how to con figure Giga bit E t he ...

  • Cisco Systems DOC-7814982 - page 409

    17-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Displaying MVR Information This is an example of output fro m the show mvr interface privileged EXE C c omm and w hen th e member keyword is inc lud ed : Switch# show mvr interface fastethernet0/2 members 224.0.1.1 DYNAMIC AC ...

  • Cisco Systems DOC-7814982 - page 410

    17-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Conf igu ring I GMP Filt eri ng This is an example of output fro m the show mvr interface privileged EXEC com mand for a spe cified interf ace: Switch# show mvr interface fastethernet0/2 224.0.1.1 DYNAMIC ACTIVE This is an ...

  • Cisco Systems DOC-7814982 - page 411

    17-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Con f ig u ri n g IG M P Fi lt e ri n g Default IGMP Filtering Configuration T able 17-7 shows the default IGMP f iltering configura tion. Configuring IGMP Profiles T o conf igure an IGMP pr of ile, use the ip igmp prof ile g ...

  • Cisco Systems DOC-7814982 - page 412

    17-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Conf igu ring I GMP Filt eri ng T o delete a profil e, use the no i p igmp p rof ile pr of ile numb er global configurat ion comm and. T o delete an IP multi cast address or range of IP multi cast addresses, u se the no ran ...

  • Cisco Systems DOC-7814982 - page 413

    17-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Configuring IGMP Sno oping and M VR Con f ig u ri n g IG M P Fi lt e ri n g Current configuration : 123 bytes ! interface FastEthernet0/12 no ip address shutdown snmp trap link-status ip igmp max-groups 25 ip igmp filter 4 end Setting th e Maximum Numbe r of IG ...

  • Cisco Systems DOC-7814982 - page 414

    17-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 17 Co nfiguring IGMP S noo ping and M VR Displaying IGMP Filterin g Configura ti on Displaying IGMP Filtering Configuration Y o u can di splay I GMP profile cha racter istics , and you can display t he IGM P profile and maximu m grou p conf iguration for all int e ...

  • Cisco Systems DOC-7814982 - page 415

    C HAPTER 18-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 18 Configuring Port-Base d Traffic Control This chapte r des cribes how t o conf igure th e port-b ased traf fic contro l featur es on your switch . Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to the c ommand re ...

  • Cisco Systems DOC-7814982 - page 416

    18-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port-Based Traffic Co ntro l Configuring Stor m Control The rising t hresho ld is the p erce nt age of to tal a v a ilab le b andwi dth assoc iate d with m ultica st, broad cast, or unicast t raf fi c before forwarding is block ed. The f alling t hre ...

  • Cisco Systems DOC-7814982 - page 417

    18-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port -B ased Tra ffic Control Configuring Protected Ports Disabling Stor m Co nt rol Beginning i n privileged E X EC mo de , follow these s teps to d isab le sto rm c ontr ol: Configuring Prote cted Ports Some appl ications re quire tha t no traff ic ...

  • Cisco Systems DOC-7814982 - page 418

    18-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port-Based Traffic Co ntro l Configuring Port Security Beginning in privileged EXE C mode, foll ow these step s to define a port as a pro tected port: T o disable prot ected p ort, use th e no switchport protected interface configurat ion comm and. T ...

  • Cisco Systems DOC-7814982 - page 419

    18-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Understand ing Port Secu rity This sect ion conta ins infor mation ab out th ese topi cs: • Secure MAC Addresses, page 18-5 • Securi ty V iolatio ns, page 1 8-6 Secure MAC Addresses A secu ...

  • Cisco Systems DOC-7814982 - page 420

    18-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port-Based Traffic Co ntro l Configuring Port Security This i s a n exampl e of t ext fr om the r unn ing co nfigurat ion w hen st ic ky lea rni ng is en ab led on an interf ace: <output truncated> ! interface FastEthernet0/2 switchport mode ac ...

  • Cisco Systems DOC-7814982 - page 421

    18-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Default Port Security Configuration T able 18-1 shows the default por t security conf iguration for an interface. Port Security Configuration Guidelines Foll ow these gui delines when co nfig ...

  • Cisco Systems DOC-7814982 - page 422

    18-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port-Based Traffic Co ntro l Configuring Port Security Step 5 switchport port-security maximum value (Optional ) Set the maxim um numbe r of secure MA C address es for the interface . The rang e is 1 to 132; the default is 1. Step 6 switchport port-s ...

  • Cisco Systems DOC-7814982 - page 423

    18-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty T o retur n the inter fac e to the de fault conditi on as not a secure p ort, use the no switchport port -security interf ace co nf igurati on com mand. If you enter this comman d when sticky ...

  • Cisco Systems DOC-7814982 - page 424

    18-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port-Based Traffic Co ntro l Configuring Port Security This e xampl e sho ws how to co nf igure a stati c sec ur e M A C addres s an d a s ti ck y s ecur e MA C address on Fast Ethernet port 12 and verify the configuration: Switch# configure termina ...

  • Cisco Systems DOC-7814982 - page 425

    18-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Beginn ing in pri vilege d EXEC mode, follo w these st eps to confi gure port security ag ing: T o disable por t securi ty aging for a ll secure addr esses on a por t, use the no switchport p ...

  • Cisco Systems DOC-7814982 - page 426

    18-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 18 Configuring Port-Based Traffic Co ntro l Displaying Port-Base d Traffic Cont rol Settings Displaying Port-Based Traffic Control Settings The show i nterfa ces i nterface-id switchport privileged EXEC c om mand disp lays (a mong ot her characteri stics) the inte ...

  • Cisco Systems DOC-7814982 - page 427

    C HAPTER 19-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 19 Configuring UDLD This c hapt er d escri b es how to c onfigure the Un iDi rec tiona l Li n k De tect ion (UD LD) pr otoc ol o n y our switch. Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to the c ommand refere ...

  • Cisco Systems DOC-7814982 - page 428

    19-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 19 Co nfiguring UDLD Unders tan ding UDL D UDLD oper ates b y using two mech anisms: • Neighbor datab ase maintenance UDLD l ear ns ab out othe r UDL D-c apabl e n ei ghbor s by p er iodi cal ly sen ding a hel lo p acket (al so called an adve rtiseme nt or prob e ...

  • Cisco Systems DOC-7814982 - page 429

    19-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 19 Configuring UD LD Configuring UDLD Configuring UDLD This se cti on de scri bes how to c onfigure UD LD o n your sw it ch. It con tai ns t his c on figurati on inform ation: • Default UD LD Configurati on, page 19-3 • Ena bling UDLD Gl oball y , page 19-4 • ...

  • Cisco Systems DOC-7814982 - page 430

    19-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 19 Co nfiguring UDLD Conf igu ring U DLD Enabling UDL D Globally Beginning in privileged EXEC mode , foll ow these steps to enab le UDLD in the agg ressiv e or the norm al mode and to set the conf igurable message timer on all f iber -optic int erfaces on the switc ...

  • Cisco Systems DOC-7814982 - page 431

    19-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 19 Configuring UD LD Configuring UDLD T o disabl e UDLD on a no n-f ibe r- opti c inte rface , use the no udld enable interf ace conf igura tion comm an d. Note O n fiber-optic i n terface s, the no udld enable command r ev erts the i nterf ace c onf igur ation to ...

  • Cisco Systems DOC-7814982 - page 432

    19-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 19 Co nfiguring UDLD Displa ying U DLD Statu s Displaying UDLD Status T o display the UDLD stat us for the s pecif ied i nterf ace or for all interf aces, use the show udld [ interface-id ] pri vileged EX EC comm and. For detailed in formation about the fie lds in ...

  • Cisco Systems DOC-7814982 - page 433

    C HAPTER 20-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 20 Configuring CDP This c hapt er d escrib es how to configure Cisc o Discovery Pro toco l ( CDP ) on your swi tch . Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to the c ommand refere nce fo r thi s r ele ase an ...

  • Cisco Systems DOC-7814982 - page 434

    20-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 20 Co nfigu ri n g CDP Conf igu rin g CD P Configuring CDP These sec tions inclu de CDP con figuration info rmation a nd procedu res: • Default CDP Configurat ion, pa ge 20-2 • Conf igu ring the CD P Characteri stics, page 20- 2 • Dis ablin g an d Ena bli ng ...

  • Cisco Systems DOC-7814982 - page 435

    20-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 20 Configuring CDP C onfiguring CDP Use the no form of the CDP commands to return to the def ault settings. This e xample sho ws how to confi gure an d veri fy CDP character istics . Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdti ...

  • Cisco Systems DOC-7814982 - page 436

    20-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 20 Co nfigu ri n g CDP Conf igu rin g CD P This example shows how to enable CDP if it has been di sabled . Switch# configure terminal Switch(config)# cdp run Switch(config)# end Disabling an d Enab ling CDP on a n Interfac e CDP is enabled by def ault on all suppo ...

  • Cisco Systems DOC-7814982 - page 437

    20-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 20 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o mon itor a nd mai ntai n CDP on yo ur device, per form one o r mor e of t hese ta sks, begi nnin g in privileged EXEC mo de . This i s a n exam ple of the o utput from t he show cd ...

  • Cisco Systems DOC-7814982 - page 438

    20-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapte r 20 Co nfigu ri n g CDP Monito rin g and Mai nt aining CDP ...

  • Cisco Systems DOC-7814982 - page 439

    C HAPTER 21-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 21 Configuring SPAN and RSPAN This chapte r descr ibes ho w to co nf igure Switc hed Port Analyzer (SP AN) and Remote SP AN (RSP AN) on your switch. Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to the c ommand re ...

  • Cisco Systems DOC-7814982 - page 440

    21-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Understan din g SPA N and RSPAN Figur e 21 -1 Example SP AN Configur ation Only traffic that e nte rs or l eaves sourc e por ts or t raffic that e nte rs sour ce V LA Ns can be mon ito re d by using SP AN; t ra ff ic that ge ts rout e ...

  • Cisco Systems DOC-7814982 - page 441

    21-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Understanding SPAN a nd RSPAN SPAN and RS PAN Conc epts a nd Terminology This secti on descri bes conce pts and te rminology associate d with SP AN and RSP AN co nfiguration. SPAN Session A local SP AN sessi on is an associ ation o f a ...

  • Cisco Systems DOC-7814982 - page 442

    21-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Understan din g SPA N and RSPAN standard a nd extende d output ACLs for unicast a nd ingress QoS policing .VLAN ma ps, ingress Q oS policing, and p olicy-based routing . Switc h co ngestion that c auses p ackets to b e dropp ed a lso ...

  • Cisco Systems DOC-7814982 - page 443

    21-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Understanding SPAN a nd RSPAN Destination Port Each local SP AN sessio n or RSP AN destination session must ha ve a destination port (also called a monitoring po rt ) th at rece iv es a copy of traffic from th e source por ts and VLA N ...

  • Cisco Systems DOC-7814982 - page 444

    21-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Understan din g SPA N and RSPAN • Spanning tree is au tomati cally disabl ed on a refl ecto r port. • A refl ector port recei v es co pies o f sen t and recei v ed t raf f ic fo r all m onitor ed sou rce port s. If a reflect or po ...

  • Cisco Systems DOC-7814982 - page 445

    21-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Understanding SPAN a nd RSPAN SPAN and RS PAN Interac tion with Other F eatures SP AN interacts with th ese featur es: • Routing — Ingress SP AN does not mo nitor r outed traf f ic. VSP AN only m onitors traf f ic t hat ent ers the ...

  • Cisco Systems DOC-7814982 - page 446

    21-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Configuring SPAN SPAN and RS PAN Sess ion Limits Y o u can co nfigure (and st ore in NV RAM) a m aximum of t wo SP AN or RSP A N sessions o n each sw itch. Y o u c an divide th e two sess ions b etw een SP AN, RSP AN source , and RSP ...

  • Cisco Systems DOC-7814982 - page 447

    21-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Configuring SPAN • When yo u con figure a switc h por t as a SP AN dest ination port, it is no l ong er a norm al switc h por t ; only m onitore d traffic passes thr oug h th e SP AN dest inatio n p ort. • A trunk por t c an be a s ...

  • Cisco Systems DOC-7814982 - page 448

    21-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Configuring SPAN This exam ple shows how to set up a SP AN sessi on, s essi on 1 , for m oni tor ing s our ce p ort t raffi c to a destinati on port . Fi rst, any existing SP AN c onfigurat ion for se ssion 1 is c lea red, and t hen ...

  • Cisco Systems DOC-7814982 - page 449

    21-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Configuring SPAN Removin g Ports from a SPAN Session Beginning in pr ivileged EXEC mode, fo llow these steps t o remove a por t as a SP AN source fo r a se ssion: T o remove a so urce o r des tina tion por t f rom the SP AN sessi on, ...

  • Cisco Systems DOC-7814982 - page 450

    21-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Configuring SPAN Specifying VLANs to Monitor VLAN monitor ing is similar to port monitoring. Be ginning in pri vileged EXEC mode, follo w these steps to specify VLANs to monitor: T o remove one or more sour ce VLAN s or destinat i on ...

  • Cisco Systems DOC-7814982 - page 451

    21-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Configuring SPAN Specifying VLANs to Filter Beginn ing in p ri vil eged EXEC mode , follo w t hese ste ps to limit SP AN source tr af f ic to specif ic VLANs: T o monitor all VLA Ns on the trunk port, use the no monitor session sessio ...

  • Cisco Systems DOC-7814982 - page 452

    21-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Configuring RSPAN Configuring RSPAN This secti on descri bes how to configure RSP AN on you r switc h. It contai ns this co nfiguration inform ation: • RSP AN C onfigurati on Guid eli nes , pa ge 21 -1 4 • Creatin g an RSP AN Ses ...

  • Cisco Systems DOC-7814982 - page 453

    21-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Configuring RSPAN • Y o u shou ld cre ate a n RSP AN VL AN befo re c onfiguring a n RS P AN sou rce or de stina tion s ession . • If you enable VT P and VTP pruning, RSP AN traf f ic is pruned in the trunks to pre v ent the unw an ...

  • Cisco Systems DOC-7814982 - page 454

    21-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Configuring RSPAN This example shows ho w to clear any existing RSP AN configur ation fo r session 1, co nfigure RSP A N session 1 to monitor m ultiple sourc e interf aces, and c onfi gure the destination RSP AN VLAN and the reflect ...

  • Cisco Systems DOC-7814982 - page 455

    21-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Configuring RSPAN Removin g Ports from an RS PAN Session Beginning i n privileged EX EC m ode, foll ow these s te ps t o r emove a p ort as an R S P AN sou rce fo r a session: This exampl e sh ows how to re move port 1 as an RSP AN so ...

  • Cisco Systems DOC-7814982 - page 456

    21-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Configuring RSPAN Specifying VLANs to Monitor VLAN monitor ing is similar to port monitoring. Be ginning in pri vileged EXEC mode, follo w these steps to specify VLANs to monitor: T o remove one or more sour ce V LA Ns fr om the RSP ...

  • Cisco Systems DOC-7814982 - page 457

    21-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 Configuring SPAN and RSPAN Configuring RSPAN Specifying VLANs to Filter Beginn ing in pri vilege d EXEC mode, follo w these step s to limit RSP AN so urce traf f ic to specific VLANs: T o monitor all VLA Ns on the trun k port, use the no monitor session session ...

  • Cisco Systems DOC-7814982 - page 458

    21-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 21 C onfiguring SPAN and RSPAN Displaying SPAN and RS PAN Status Displaying SPAN and RSPAN Status T o display the statu s of the current SP AN or RSP AN configuratio n, use the show monitor pri vilege d EXEC co mmand. This i s a n exam ple of out put for th e show ...

  • Cisco Systems DOC-7814982 - page 459

    C HAPTER 22-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 22 Configuring RMON This ch apter descr ibes how to con figure Remote Network Mo nitori ng (RMO N) on your swit ch. R MON is a standard monitoring specifi cation th at def ines a set of sta tistics and functions th at can be e xchanged betwee n RMON-com plian t co ...

  • Cisco Systems DOC-7814982 - page 460

    22-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 22 Co n figuring RM ON Conf igu ring R MON Figur e 22-1 Remot e Mo nito r ing Exam ple The switc h supports t hese RM ON groups (defined in RFC 1757) : • Statistics (RMON grou p 1) — Collec ts Ether net, F a st Ethernet, an d Gig abit Eth er net statisti cs on ...

  • Cisco Systems DOC-7814982 - page 461

    22-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 22 Configuring RMON Configuring RMON Note RM ON configuration , statu s, and di splay for rem ote CP E FE interfac es is suppor ted thro ugh SNMP onl y by using the RMON-MIB. Default RMON Configuration RMON is disa bled by default ; no alarms or events are configur ...

  • Cisco Systems DOC-7814982 - page 462

    22-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 22 Co n figuring RM ON Conf igu ring R MON T o disable an al arm, use th e no rmo n alar m num ber global configura t ion com mand on e ach al arm you configured . Y ou c anno t disa ble at on ce a ll t he ala rms tha t yo u c on figured. T o disable a n event, use ...

  • Cisco Systems DOC-7814982 - page 463

    22-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 22 Configuring RMON Configuring RMON Configuring RMON Collection on an Interface Y o u must first c onfigure RM ON al ar ms an d events to displa y co llec tion i nf orma tio n. Beginning i n privileged EX EC mode , follow th ese s teps t o col le ct gro up hi stor ...

  • Cisco Systems DOC-7814982 - page 464

    22-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 22 Co n figuring RM ON Displa ying RM ON Sta tus T o disabl e the co llecti on of g roup E thern et sta tistics , use th e no rmon collec tion stats index interf ace configurati on comm a nd. Displaying RMON Status T o display the RMON stat us, use one or more of t ...

  • Cisco Systems DOC-7814982 - page 465

    C HAPTER 23-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 23 Configuring System Message Logg ing This c hapter d escrib es how to c onfigure system me ssage log ging on your sw itch. Note For comp lete syntax a nd usage i nformation f or the commands u sed in th is chapter , refer to the Ci sco IOS Configuration Fund am ...

  • Cisco Systems DOC-7814982 - page 466

    23-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Configuring Sy stem Me ssage Logging These sec ti ons de scr ibe how to c on figure s ystem m es sag e loggi n g: • System Log Me ssage Format, page 23-2 • Default Syste m Message Log ...

  • Cisco Systems DOC-7814982 - page 467

    23-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuring Sys te m Message L ogging Config uring Syst em Message Logging This example shows a partial switch system message : 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:00:47: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed ...

  • Cisco Systems DOC-7814982 - page 468

    23-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Disabling an d Enab ling Me ssage Lo gging Message logging is enab led by de fault. It must be enabled to send messages to any destination othe r than the conso le. Wh en ena ble d, l og ...

  • Cisco Systems DOC-7814982 - page 469

    23-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuring Sys te m Message L ogging Config uring Syst em Message Logging The logging buffered globa l configur ation comm and c opies l ogging messa ges to a n inte rnal buffer . The buf fer is c irc ula r, so newer message s overwrite o lder m ess ages af ter ...

  • Cisco Systems DOC-7814982 - page 470

    23-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Synchronizing Log M essages Y o u can co nfigure the system t o synchroni ze unsolic ited message s and debug pri vileged EXEC comman d outpu t with solic ited device outpu t and promp ts ...

  • Cisco Systems DOC-7814982 - page 471

    23-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuring Sys te m Message L ogging Config uring Syst em Message Logging T o disable syn chroni za t ion of unsoli c ited messa ge s and debug outpu t, use the no logging synchronous [ lev el sever ity-le vel | all ] [ limit number-of-buffers ] line conf igura ...

  • Cisco Systems DOC-7814982 - page 472

    23-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Enabling a nd Disab ling Seq uence Numb ers in Lo g Messa ges Becaus e th ere is a chan ce th at mo re than on e log me ssage can have the sam e time stam p, you ca n disp lay messages w ...

  • Cisco Systems DOC-7814982 - page 473

    23-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuring Sys te m Message L ogging Config uring Syst em Message Logging Note Spe cifying a level c auses messages at that le v el an d numerical ly lo wer le v els to be displayed a t the destination. T o disable logging t o the console , use the no logging c ...

  • Cisco Systems DOC-7814982 - page 474

    23-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Limiting Syslog Messages Sent to the History Table and to SNMP If you enable d syslog message traps to be sent to an SNMP network manage ment station by using the snmp-ser ver enab le tr ...

  • Cisco Systems DOC-7814982 - page 475

    23-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuring Sys te m Message L ogging Config uring Syst em Message Logging Logging Messages to a UNIX Syslog Daemo n Before yo u ca n send system log m essages to a UNIX syslog server , you m ust con figure the syslog daemon on a U N IX ser ver . Log in a s roo ...

  • Cisco Systems DOC-7814982 - page 476

    23-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 23 Configuri ng System Me ssage Logging Display ing the Log gi ng Configur ation T o remov e a syslog s erv er , use the no logging host globa l configurati on co mman d, and spe cify the syslog server IP address. T o disable logging to syslog servers, enter the n ...

  • Cisco Systems DOC-7814982 - page 477

    C HAPTER 24-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 24 Configuring SNMP This chapt er describ es ho w to configure the Sim ple Network Mana gement Prot ocol (SNM P) on your switch. Note For comp lete syntax and usag e informa tion for th e comman ds used i n this c hapter , refer to the switc h command re ference f ...

  • Cisco Systems DOC-7814982 - page 478

    24-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Unders tan ding SNMP • Using SNMP to Access MIB V ariables, page 24-4 • SNMP Notif ica tions, page 24-5 SNMP Versio ns This sof tware rel ease su ppor ts t hese SNM P version s: • SNMPv1 — The Simpl e N et work M anag eme nt Pr otoc ol, ...

  • Cisco Systems DOC-7814982 - page 479

    24-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNM P Under standin g SNMP Y ou must co nfigure the SN MP agent to use the SNMP version support ed by the manage ment stat ion. Because an ag ent can commu nicate with multip le managers, y ou can conf igure the software to supp ort com munica tio ns ...

  • Cisco Systems DOC-7814982 - page 480

    24-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Unders tan ding SNMP SNMP Community String s SNMP comm unity stri ngs authent icate acc ess to MIB object s and functio n as embedde d passwords. In order for the NMS to access th e switch, the community string def initions on the NMS must match ...

  • Cisco Systems DOC-7814982 - page 481

    24-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNM P Configuring SNMP SNMP Notifications SNMP allo ws t he switch to send n otif ications to SNMP manager s when p articular ev ents occur . SNMP notifications ca n be sent as tr aps or inform request s. In com mand synt ax, un less ther e is an opt ...

  • Cisco Systems DOC-7814982 - page 482

    24-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Conf igu rin g SNMP Default SNMP Configuration T able 24-3 sh ows the de fault SNM P c onfigurat ion. SNMP Configuration Guidelines An SNMP gr oup is a table th at ma ps SNM P use rs to SN MP views. A n SNM P use r is a member of an SNMP group. ...

  • Cisco Systems DOC-7814982 - page 483

    24-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNM P Configuring SNMP Disabling the SNMP Agent Beginn ing in pr iv ileged EXEC mode, f ollo w these steps to disable the SNMP agent: The no snmp-server global con figuration com mand disabl es all ru nning version s (version 1, version 2C, and v ers ...

  • Cisco Systems DOC-7814982 - page 484

    24-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Conf igu rin g SNMP Note T o disabl e acce ss for an SNM P commun ity , set th e comm unity string for that co mmunity to the null string (do not enter a value for th e communi ty string ). T o remo ve a specif ic community string, use the no sn ...

  • Cisco Systems DOC-7814982 - page 485

    24-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNM P Configuring SNMP Beginn ing in pri vileg ed EXEC mode, follo w these st eps to confi gure SNMP on the switch: Command Purpo se Step 1 c onfigure te rmina l Enter global configurat ion mode . Step 2 s nmp- server eng ineID { lo ca l eng ineid -s ...

  • Cisco Systems DOC-7814982 - page 486

    24-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Conf igu rin g SNMP Configuring SNMP Notifications A trap manag er is a mana geme nt statio n that recei ves and pro cesses tr aps. T rap s are sys tem alerts that the switc h gener ates whe n cert ain events occu r . By default , no trap mana ...

  • Cisco Systems DOC-7814982 - page 487

    24-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNM P Configuring SNMP Some noti fication type s can not be c ontr olled wi th the sn mp-se rver ena ble globa l configurati on comm an d, for exampl e, tty a nd udp-port . Thes e no ti f ica tio n ty p es ar e a lw ay s en ab led. Y ou can use the ...

  • Cisco Systems DOC-7814982 - page 488

    24-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Conf igu rin g SNMP The snmp-serv er host co mmand s pecif ies which ho sts rec eiv e th e noti fica tions. T he snmp-serv er enab le trap command global ly enable s the mech anism for the specif ied notif icatio n (for tra ps and informs ). T ...

  • Cisco Systems DOC-7814982 - page 489

    24-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNM P Configuring SNMP Setting th e Agent C ontact and Location In formation Beginn ing in pri vilege d EXEC mode, follo w these step s to set the system contact and locatio n of the SNMP agen t so that these de scripti ons can be accesse d through ...

  • Cisco Systems DOC-7814982 - page 490

    24-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Conf igu rin g SNMP SNMP Examp les This example shows ho w to enable all versions of SN MP . Th e configurati on permi ts any SNMP manager to access all objects with read-only permissions using the co mmunity string public . This configurati on ...

  • Cisco Systems DOC-7814982 - page 491

    24-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNM P Disp la yin g S N M P S t at us Displaying SNMP Status T o display SN M P input and o utput sta tisti cs, i ncl udin g the num ber of illegal co mm unity strin g en tri es, errors, a nd re que ste d variable s, use t he show snmp privileged EX ...

  • Cisco Systems DOC-7814982 - page 492

    24-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 24 Configuring SNMP Displaying SNM P Status ...

  • Cisco Systems DOC-7814982 - page 493

    C HAPTER 25-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 25 Configuring Network Security with ACLs This cha pter d escri bes how to configu re net work se curit y on yo ur swi tch by usi ng a cce ss contr ol l ists (A CL s), whic h are also ref erred to in comm ands an d tables as acce ss lists . Y ou can create A CLs f ...

  • Cisco Systems DOC-7814982 - page 494

    25-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Unders tandin g A CLs Understandin g ACLs Pack et f ilterin g can limit net work traff ic and restrict netw ork use b y certain users or de v ices. A CLs can fi lter traf f ic a s it passes thr ough a switch and permit ...

  • Cisco Systems DOC-7814982 - page 495

    25-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Unde rsta ndi n g AC Ls Figur e 25-1 Usi ng AC Ls to Contr ol T raff ic t o a Netw or k Handling Fragmented and Unfragmented Traffic IP packets can be fragment ed as they cross the ne twork. Whe n this happens, only the ...

  • Cisco Systems DOC-7814982 - page 496

    25-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Unders tandin g A CLs • Packet A is a TCP pa cket fro m ho st 10. 2. 2.2, po rt 65000 , go ing to h ost 10.1. 1.1 on th e SMTP por t. If this packe t is fragmented, the firs t fragment matches the f irs t A CE (a perm ...

  • Cisco Systems DOC-7814982 - page 497

    25-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Unde rsta ndi n g AC Ls • Layer 4 fields: – TCP (Y ou c an sp eci fy a T CP so urce , de stin ation po rt n um ber, or both a t the same time. ) – UDP (Y ou c an sp ec ify a UD P sou rce, d estina tion por t nu mbe ...

  • Cisco Systems DOC-7814982 - page 498

    25-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs Guidelines for Applying ACLs to Physical Interfaces When ap plyi ng ACLs to physic al in terfaces , f oll ow these configura tion g uide lines: • Only one A C L can be attached to an interface . Fo ...

  • Cisco Systems DOC-7814982 - page 499

    25-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Confi guring ACLs Unsupporte d Features The switc h does not support these IOS rout er A CL-relat ed feature s: • Non -IP prot ocol A CL s (s ee T a ble 25- 2 on page 25 -8 ) • Bridge -group ACLs • IP accoun ting ? ...

  • Cisco Systems DOC-7814982 - page 500

    25-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs ACL Numbers The numbe r you use to denote your A CL shows the type of access list th at you ar e cre ating. T abl e 25-2 lists t he acce ss l ist n umber and c orresp onding type a nd shows whe ther ...

  • Cisco Systems DOC-7814982 - page 501

    25-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Confi guring ACLs Creating a Numbered Standard ACL Note For info rmati on about cr eati ng A CLs to app ly to a manage ment in terface, refer to the “ Conf igurin g IP Services ” sec tion of th e Cisco IOS IP a nd IP ...

  • Cisco Systems DOC-7814982 - page 502

    25-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs This exampl e shows ho w to creat e a standard ACL to deny access to IP host 171 .69.1 98.102, pe rmit access to an y others, and display the results. Switch (config)# access-list 2 deny host 171.69 ...

  • Cisco Systems DOC-7814982 - page 503

    25-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Confi guring ACLs Note Th e switc h does not supp ort dyna mic or reflexive access lis ts. It al so does n ot suppor t filtering based on the min imize -mon eta ry-co st typ e of servic e (T oS ) bit. When crea ting A C ...

  • Cisco Systems DOC-7814982 - page 504

    25-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs Beginn ing in pri vileg ed EXEC mode, follo w these st eps to create an exte nded A CL: Command Purp ose Step 1 co nfi gure terminal Ent er g loba l c onfigura tion m od e. Step 2 access-list access ...

  • Cisco Systems DOC-7814982 - page 505

    25-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Confi guring ACLs Use the no a ccess-lis t a ccess-list-number gl obal conf igurat ion command to dele te the entire access list. Y o u ca nnot del ete in dividual ACEs from n umb ered a cce ss lis ts. This e xample sho ...

  • Cisco Systems DOC-7814982 - page 506

    25-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs Be ginning in pri vile ged EXEC m ode, fo llo w thes e steps to cre ate a sta ndard n amed acces s list u sing names: Beginning in pr ivileged EXEC mode, follow these step s to crea te an extende d ...

  • Cisco Systems DOC-7814982 - page 507

    25-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Confi guring ACLs When ma king t he stan dar d an d extend ed A CL, reme m ber tha t, by defaul t, the e nd o f the ACL conta ins an implicit deny statement f or everything if it did no t find a match befor e reachi ng ...

  • Cisco Systems DOC-7814982 - page 508

    25-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs T o remov e a conf igu red time -ran ge, use the no time-r ange ti me-range-nam e globa l c onfigura tion comm and. Repeat t he steps if you ha ve multiple items tha t you w ant operational at dif f ...

  • Cisco Systems DOC-7814982 - page 509

    25-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Confi guring ACLs deny tcp any any time-range new_year_day_2000 (inactive) deny tcp any any time-range thanskgiving_2000 (active) deny tcp any any time-range christmas_2000 (inactive) permit tcp any any time-range workh ...

  • Cisco Systems DOC-7814982 - page 510

    25-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs In this exam ple, the Jones subnet is not allo wed to use outbound T elnet: Switch(config)# ip access-list extended telnetting Switch(config-ext-nacl)# remark Do not allow Jones subnet to telnet out ...

  • Cisco Systems DOC-7814982 - page 511

    25-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Confi guring ACLs This exam ple sh ows how to cr eate an d displ ay a n acc ess l ist name d mac1 , denying o nl y E the rT yp e DECnet Phase IV traf f ic, b ut permitting all other types of traf f ic. Switch(config)# m ...

  • Cisco Systems DOC-7814982 - page 512

    25-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Applying ACLs to Ter m in al Lines or Phy sical Inter faces Applying ACLs to Terminal Line s or Physical Interfac es Note Be fore appl ying a n A CL to a phy sica l int erfac e , see the “ Guidelines for Applying A C ...

  • Cisco Systems DOC-7814982 - page 513

    25-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Displaying ACL Information Applying ACLs to a Physical Interface Beginn ing in pr iv ileged EXEC mode, follo w thes e steps to control a ccess to a Layer 2 interfac e: This exam ple shows how to app ly a ccess li st 2 o ...

  • Cisco Systems DOC-7814982 - page 514

    25-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Displa ying A CL Inf ormati on Displaying ACLs Y ou ca n display existi ng A CLs by using show commands. Beginn ing in priv ileged EXEC mode, follo w these steps to display access lists: This example shows all standard ...

  • Cisco Systems DOC-7814982 - page 515

    25-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Examples for Compiling ACLs Displaying A ccess Groups Note Th is fea ture is available o nly i f your sw itch i s r unn ing the EI . Y o u use the ip ac cess-g roup int erface co nfiguration c omman d to apply A CLs t o ...

  • Cisco Systems DOC-7814982 - page 516

    25-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Examples fo r Compilin g ACLs Use swi tch A CLs to d o these: • Create a standa rd A CL, and filter traff ic fr om a spe cific Interne t host with an addre ss 172.20. 128.64 . • Create an ex tended A CL, and filte ...

  • Cisco Systems DOC-7814982 - page 517

    25-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Configuring Net work Securi t y with ACLs Examples for Compiling ACLs Numbered ACL Examples This example shows that the swi tch accept s addre sses on networ k 36.0.0.0 subnets and deni es all pac kets coming f rom 56.0 .0. 0 subn ets. T he ACL is th en a pplie ...

  • Cisco Systems DOC-7814982 - page 518

    25-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 25 Con figuring Ne two rk Sec urity with ACLs Examples fo r Compilin g ACLs In this ex ample o f a num bered A CL, the W inter and Sm ith w orkstation s are not al lo wed to br o wse th e web: Switch(config)# access-list 100 remark Do not allow Winter to browse th ...

  • Cisco Systems DOC-7814982 - page 519

    C HAPTER 26-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 26 Configuring QoS This chapter descr ibes ho w to conf igure quality of service (QoS) b y using QoS com mands. W ith QoS, you can p rovid e preferen tial treatm ent to cert ain types of traf fi c at the e xpense o f others. W ithou t QoS, the switch of f ers b es ...

  • Cisco Systems DOC-7814982 - page 520

    26-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Unders tan ding QoS • V ideo w izard — Giv es traff ic th at origin ates from speci fied video servers a highe r priori ty than the prior ity of data t raf f ic. The wiz ard as sume s that the vi deo serv ers ar e con nected to a s ing ...

  • Cisco Systems DOC-7814982 - page 521

    26-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Under sta n din g Q oS Figur e 26-1 QoS Cl assificatio n Lay ers in F ram es and P ack ets All swi tches and rou ters t hat acce ss the Intern et rely o n the class inf ormation to pro vide th e sam e forwar din g treatm ent to p ac ke ts with t ...

  • Cisco Systems DOC-7814982 - page 522

    26-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Unders tan ding QoS • Markin g e va luates the policer an d conf iguration info rmation for the actio n to be taken when a packet is out of profile and d ecide s what t o do wi th the p acket (pa ss through a packe t witho ut modificat i ...

  • Cisco Systems DOC-7814982 - page 523

    26-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Under sta n din g Q oS The trust DSCP con figur ation is meaningless fo r non-IP traf f ic. If you conf igure a por t with this option and no n-IP traffic is received, the switch assig ns the default port CoS value and classi f ies traf f ic bas ...

  • Cisco Systems DOC-7814982 - page 524

    26-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Unders tan ding QoS Classification Based on Class Maps and Policy Map s A class map is a mechanism th at you use to isol ate and n ame a specif ic tr af fic flo w (or clas s) from all other traf f ic. Th e clas s map def ines the crite ria ...

  • Cisco Systems DOC-7814982 - page 525

    26-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Under sta n din g Q oS • Only one policer can be applied to a pack et in the input direc tion. • Only t he a verag e rate and com mitted b urst parameter s are co nf igurable. • Policing occurs o n the ingress interface s: – 60 policers ...

  • Cisco Systems DOC-7814982 - page 526

    26-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Unders tan ding QoS Port Prior ity Frames rec ei ve d from users in the adminis trati v ely-def ined VLANs are clas sif ied or tagge d for transmission to other de vices. Based on rules that you def ine, a unique identif ier (the tag) is i ...

  • Cisco Systems DOC-7814982 - page 527

    26-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S Configuring QoS Before configur ing QoS, you must hav e a thoroug h understand ing of the se items: • The type s of applica tions used and the traffic patterns on yo ur network. • T ra ff i c chara cteri stics an d need s o ...

  • Cisco Systems DOC-7814982 - page 528

    26-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Configuration Guidelines Note Th ese guide lines are applicab le only if you r switch is ru nning the E I. Before beginni ng the QoS configu ration, yo u should be aware of this informat ion: • If you have EtherCh an ...

  • Cisco Systems DOC-7814982 - page 529

    26-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S Note Both the EI a nd SI support this featur e. Configuring the Trust State on Po rts within the QoS Domain Pa ckets en tering a QoS domai n are classi fied at the edge of the QoS dom ain. When the pa ckets ar e classif ied at ...

  • Cisco Systems DOC-7814982 - page 530

    26-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Beginn ing in pr iv ilege d EXEC mode, follo w the se steps to conf igure the port to trust t he classif icati on of the traf f ic that it re cei ves : T o return a port to its untrusted state, use th e no mls qos t rus ...

  • Cisco Systems DOC-7814982 - page 531

    26-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S Configuring the CoS Val ue for an Interface QoS assigns the CoS v al ue specif ied with the mls qos cos interfac e conf igu ration c ommand to unta gged frames re ceived on trusted and untrust ed port s. Beginn ing in pri vile ...

  • Cisco Systems DOC-7814982 - page 532

    26-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Ho we ver , if a user byp asses the telep hone and c onnects th e PC directl y to the switch, t he CoS labels generated by t he PC are trusted by the switch ( because o f the tr usted CoS setting) and can allo w misuse ...

  • Cisco Systems DOC-7814982 - page 533

    26-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S Enabling Pass-Through Mode In software rel eases earl ier than Re lease 12. 1(11) EA1, the swit ch is in pas s-thr ough mode. It uses the CoS value of incoming pa ckets witho ut mod ifying the DSCP value and sen ds the packets ...

  • Cisco Systems DOC-7814982 - page 534

    26-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Configuring a QoS Policy Note Th is fea ture is available o nly i f your sw itch i s r unn ing the EI . Conf iguring a QoS polic y typical ly requires cla ssifying traf f i c into classes, co nf iguring policies applied ...

  • Cisco Systems DOC-7814982 - page 535

    26-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S For more information abo ut creating IP standar d A CLs, see the “ Guidelin es f or A pplying ACLs to Physica l Interfa ces ” section on page 25-6 . T o delete an A CL, use the no access-list access-list-number global co n ...

  • Cisco Systems DOC-7814982 - page 536

    26-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Beginn ing in pri vileg ed EXEC mode, follo w the se steps to create an IP exte nded A CL for IP tra ff ic: Command Purpose Step 1 conf igure t erminal Enter glo bal configurat ion m ode. Step 2 access-list access- list ...

  • Cisco Systems DOC-7814982 - page 537

    26-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S For more information about crea ting IP exten ded A CLs, see the “ Guidelines for Applyi ng A CLs to Physica l Interfa ces ” section on page 25-6 . T o delete an A CL, use the no access-list access-list-number global co nf ...

  • Cisco Systems DOC-7814982 - page 538

    26-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS This e xample sho ws ho w to cr eate a Lay er 2 MA C A CL wit h a permit s tatement. Th e statem ent allo ws traff ic from the host wi th MA C address 0001.0 000.00 01 to the host with MA C address 00 02.000 0.0001. Swi ...

  • Cisco Systems DOC-7814982 - page 539

    26-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S T o delete an exi sting class ma p, u se the no class-map cl ass-map- name gl obal conf igur ati on com man d. T o re move a m atch cr i ter ion, use th e no m atch { access-gr oup a cl-index | name acl-n ame | ip d sc p } cla ...

  • Cisco Systems DOC-7814982 - page 540

    26-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Beginning in privileged EX EC mode , follow these steps t o create a po licy map: Command Purpose Step 1 conf igure t erminal Enter glo bal configurat ion m ode. Step 2 access-list access-list- number permit { sourc e s ...

  • Cisco Systems DOC-7814982 - page 541

    26-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S T o delete an e xisting polic y map, use the no policy-map poli cy-m ap-n ame global configuration comm and. T o de lete an existi ng class ma p, use the no clas s class-map-nam e poli cy-map co nfigurati on comma nd. T o remo ...

  • Cisco Systems DOC-7814982 - page 542

    26-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Switch(config)# access-list 1 permit 10.1.0.0 0.0.255.255 Switch(config)# class-map ipclass1 Switch(config-cmap)# match access-group 1 Switch(config-cmap)# exit Switch(config)# policy-map flow1t Switch(config-pmap)# cla ...

  • Cisco Systems DOC-7814982 - page 543

    26-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S Configuring the CoS-t o-DSCP Map Y ou use the CoS- to-DSCP ma p to map CoS v alues in incomin g pack ets to a DSCP v alu e that Qo S uses internall y to rep resent the priority o f the tr af fic . T able 26-3 shows the default ...

  • Cisco Systems DOC-7814982 - page 544

    26-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Conf igu rin g QoS Configuring the DSCP-to- CoS Map Y o u use the DSCP- to-CoS ma p to map DSCP values in incom ing pac kets to a Co S value, which is used to sele ct one of the fou r egress queues . The switc h supports these D SCP value ...

  • Cisco Systems DOC-7814982 - page 545

    26-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S Configur ing Qo S Config ur ing Co S an d WRR Note Th is feature is supported by both the EI and SI. This section de scribe s how to configure CoS pr iorities a nd weighted ro und-ro bin (WRR): • Conf iguring C oS Pri orit y Que ues, pa ge 26 ...

  • Cisco Systems DOC-7814982 - page 546

    26-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS Displa ying QoS Infor mation T o di sable th e WRR sche dule r an d ena ble th e st rict pri ori ty sc he du ler, use the no wrr -queue bandwidth globa l configuration command. Displaying QoS Information T o display QoS inform ation, use ...

  • Cisco Systems DOC-7814982 - page 547

    26-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S QoS Config uratio n Examples QoS Configuration Exa mples Note These ex amples are applicab le only i f your switc h is run ning the EI . This se ction pr ovides a Q oS migr at ion pa th to he lp you quickl y imple ment Q oS featur es ba sed o n ...

  • Cisco Systems DOC-7814982 - page 548

    26-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS QoS Configura tion Examp les QoS Configuration for the Existing Wiring Closet The exi sting wiring closet in Figure 26-4 consi sts of existing Ca talyst 290 0 X L and 3500 X L switche s. These sw itches ar e running IOS release 12.0(5)X P ...

  • Cisco Systems DOC-7814982 - page 549

    26-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 26 Configuring Qo S QoS Config uratio n Examples Step 9 police 5000000 819 2 exce ed-ac tion drop Def ine a p olicer f or the classi fie d vide o traf f ic to drop tr af fi c that exc eeds 5-Mb ps a v erag e tra f f ic rat e with an 81 92-b y te b u rst size . Ste ...

  • Cisco Systems DOC-7814982 - page 550

    26-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapt e r 2 6 Co nf igur ing Q oS QoS Configura tion Examp les ...

  • Cisco Systems DOC-7814982 - page 551

    C HAPTER 27-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 27 Configuring EtherChannels This cha pter descri bes how to configure Ether Channel on Layer 2 interfaces. EtherCha nnel provi des fault-to lerant high- speed links betw een switc hes, ro uters, and ser vers. Y ou can use it to incre ase the bandwidt h betw een t ...

  • Cisco Systems DOC-7814982 - page 552

    27-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 7 Configur ing Ethe rChannel s Unders tan ding Ether Channels Figur e 27 -1 T ypical EtherChanne l Configur ation Each Et h erCha nne l ca n co ns is t of up to eigh t com pa tib ly configur ed Ethe rn et i nte rface s. A ll in te rface s in ea ch E ther Cha nn e ...

  • Cisco Systems DOC-7814982 - page 553

    27-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 27 Configuring Eth erCh annels Understa nding Et herChann els Figur e 27 -2 Relationship of P h ysical P orts, Lo gical P o rt Cha nnels, and Channel Gr oup s After y ou co nf igu re an Eth erC hann el , conf ig urati on ch ange s appli ed to the por t-ch anne l in ...

  • Cisco Systems DOC-7814982 - page 554

    27-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 7 Configur ing Ethe rChannel s Unders tan ding Ether Channels PAgP Modes T able 27-1 sh ows the user-configurab le Ethe rC han nel mode s f or the channel-group interfa ce configurati on comm a nd: on , auto , and desi r abl e . Switch interfaces e xchange P AgP ...

  • Cisco Systems DOC-7814982 - page 555

    27-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 27 Configuring Eth erCh annels Understa nding Et herChann els Physical Learners an d Aggregate-P ort Learners Network devices are cla ssified as P AgP physic al lea rner s o r a ggregate- por t l ear ne rs. A d evice is a physical learn er i f i t lea rns a ddre ss ...

  • Cisco Systems DOC-7814982 - page 556

    27-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 7 Configur ing Ethe rChannel s Unders tan ding Ether Channels Use the option tha t provi des the greatest v ariety in your conf iguration. For e xample, if the tr af fic on a chan nel is goi ng only to a single MA C address, usi ng the de stinat ion -M A C addres ...

  • Cisco Systems DOC-7814982 - page 557

    27-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 27 Configuring Eth erCh annels Config uring Et herCh annels Configuring Eth erChannels These sec tions descr ibe how to configure Ethe rChanne l interfac es: • Default Eth erCha nnel Configurat ion, pa ge 27-7 • Ether Channe l C onfigurat ion G uide lin es, pa ...

  • Cisco Systems DOC-7814982 - page 558

    27-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 7 Configur ing Ethe rChannel s Configur ing Eth erChann els EtherChann el Configuratio n Guidelin es If improperly co nf igured, some EtherCh annel interf aces are automatic ally disabled to a v oid network loops and ot her pr oblems. Follow these g ui delin es t ...

  • Cisco Systems DOC-7814982 - page 559

    27-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 27 Configuring Eth erCh annels Config uring Et herCh annels Beginn ing in pri vileg ed EXEC mode, follo w these st eps to assign a Layer 2 Ethernet interfa ce to a Layer 2 EtherC hannel: Comma nd Pu rpos e Step 1 conf igure t erminal Enter gl obal configurat ion mo ...

  • Cisco Systems DOC-7814982 - page 560

    27-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 7 Configur ing Ethe rChannel s Configur ing Eth erChann els T o remove an inte rface from the Et herC hannel group, u se the no channel-group interface co nfiguration comm and. If you del ete th e Ethe rCha nnel by u sing the no interface port-c hannel global co ...

  • Cisco Systems DOC-7814982 - page 561

    27-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 27 Configuring Eth erCh annels Displa ying Ethe rChannel and PAgP St atus T o ret urn EtherCh annel load balancing to the d efault c onfig uration, u se the no port-channel load-balanc e global con figurati on comm and. Configuring the PAgP Learn Method and Priori ...

  • Cisco Systems DOC-7814982 - page 562

    27-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 2 7 Configur ing Ethe rChannel s Displaying Eth erCh annel and PA gP Status ...

  • Cisco Systems DOC-7814982 - page 563

    C HAPTER 28-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 28 Troubleshooting This chapte r describes ho w to identify and resolv e software prob lems related to the IOS softwa re. Depen ding on the nature of the problem , you can use the comm and-li ne inte rface (CL I) or the Clu ster Managemen t Suite (C MS) to ide nti ...

  • Cisco Systems DOC-7814982 - page 564

    28-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting LRE St atisti cs T a ble 28-1 Ether net P ort Sta tistics Statistic T ype Explanation T ransmi t Unicast Frames The to tal numbe r of well -formed un icast frame s sent by a port. It e xclu des f rames se nt with errors or with multicast or broa ...

  • Cisco Systems DOC-7814982 - page 565

    28-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Troublesho oti ng LRE Stat istics Multicast Frames Th e total number of well- formed multica st fra mes recei ved b y a port. It e xcludes f rames received with errors, wit h unicast or br oadcast de stination addresses, or with oversized or undersi zed frame s. ...

  • Cisco Systems DOC-7814982 - page 566

    28-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting LRE St atisti cs T able 28-2 LRE Li nk Statistics Statistic T ype Explanation Upstrea m Ba ndwidth Usa ge T he percen tage of the bandwi dth used fo r upstream traff ic , based on the current upst ream ra te and act ual ups tream speed of LRE li ...

  • Cisco Systems DOC-7814982 - page 567

    28-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Troublesho oti ng LRE Stat istics Late Collisions The total number of frames disca rded because of late c ollisions detect ed during transmission. It includes all transmit frames that ha d a collision after the transmission of the frame's 64th byte. T he p ...

  • Cisco Systems DOC-7814982 - page 568

    28-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting Using Re covery Procedu res Using Recovery Proced ures These re covery procedur es requir e that you hav e physical ac cess to the sw itch: • Recovering f ro m C orr upte d Soft ware , page 2 8-6 • Recovering fro m a Los t or Forgotte n Pass ...

  • Cisco Systems DOC-7814982 - page 569

    28-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Troublesho oti ng Using Reco very Pr ocedures Step 3 Unplug the swi tc h power cor d. Step 4 Press the Mode button, and at th e same time, reconnect the pow er cord to the switch. Y o u can re le ase th e Mode button a second or two af ter the LE D above port 1X ...

  • Cisco Systems DOC-7814982 - page 570

    28-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting Using Re covery Procedu res Step 13 Copy the c onfiguration file into memory: switch# copy flash: config.text system: running-config Source filename [config.text]? Destination filename [running-config]? Press Return in response to the confirmati ...

  • Cisco Systems DOC-7814982 - page 571

    28-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Troublesho oti ng Using Reco very Pr ocedures Replacing a Failed Command Switch with a Cluster Member T o replace a faile d comm and switc h with a comman d-capab le member in the s ame clu ster , follo w these steps: Step 1 Disco nnect the command switch from t ...

  • Cisco Systems DOC-7814982 - page 572

    28-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting Using Re covery Procedu res Step 11 Respond to the questions in the setup program. When prom pted for t he host n ame, reca ll that on a comman d switch, the host nam e is limite d to 28 charac ters; on a member switch to 31 character s. Do n o ...

  • Cisco Systems DOC-7814982 - page 573

    28-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Troublesho oti ng Using Reco very Pr ocedures Basic management setup configures only enough connectivity for management of the system, extended setup will ask you to configure each interface on the system Would you like to enter basic management setup? [yes/no] ...

  • Cisco Systems DOC-7814982 - page 574

    28-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting Preventing Autone gotiati on M ismatche s Preventing Autone gotiation Mismatc hes The IEE E 802.3A B auto negotiation proto col mana ges the sw itch sett ings for speed (10 Mbps, 100 Mbps, and 1 000 Mbps excludin g GBIC ports) and dup lex (hal ...

  • Cisco Systems DOC-7814982 - page 575

    28-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Troublesho oti ng GBIC and SF P Module Securi ty and Ide ntif icati on GBIC and SFP Module Security and Identification Cisco-app roved Gigabit Inter face Con verter (GBI C) modules hav e a seri al EEPROM that contai ns the module seri al numbe r, the vendor nam ...

  • Cisco Systems DOC-7814982 - page 576

    28-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting Using D ebug Command s Using Debug Commands This sectio n explains how you use deb ug com mands to dia gnose a nd resolve inter networki ng prob lems. It conta ins this information: • Enab ling D e bugging o n a Spe cific Fea ture , page 28- ...

  • Cisco Systems DOC-7814982 - page 577

    28-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Troublesho oti ng Usin g th e c ra shi n fo Fi le Enabling All-Sy stem Diag nostics Beginn ing in pri vile ged EXE C mode, e nter this co mmand to ena ble all-system diagnostics: Switch# debug all Cautio n Because debugging ou tput ta kes priori ty over other n ...

  • Cisco Systems DOC-7814982 - page 578

    28-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Chapter 28 Trouble shooting Using t he c rashinfo File Each ne w crash info fi le that is created uses a sequen ce number that is lar ger than any pre vious ly-exi sting sequence number , so the f ile with the lar gest sequence n umber describes the most re cent failu re. ...

  • Cisco Systems DOC-7814982 - page 579

    A- 1 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 APPEND IX A Supported MIBs This appendix l ists the supp orted mana gement i nformat ion base (M IBs) for this re lease. I t contains t hese sections: • MIB List, pa ge A-1 • Usin g F TP to Acce ss th e MIB File s, pa ge A-2 MIB List • BRIDGE-MIB (R FC149 3) • CISC ...

  • Cisco Systems DOC-7814982 - page 580

    A- 2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendi x A Support ed MIBs Using FTP t o Acces s the MIB Fi le s • CISCO-TCP-MIB • CISCO-VL AN-MEMB ERSHIP-M IB • CISCO-VTP-MIB • ENTI TY -MIB • IANAifT ype-MI B • IF-M IB (RFC 1573) • OLD-CISCO- CHASSIS-MIB • OLD-CISCO- CPU-MIB • OLD-CISCO- INTERF A CES ...

  • Cisco Systems DOC-7814982 - page 581

    A-3 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix A Support ed M IBs Using FTP to Access the MIB Files Step 5 Chan ge di rector ies to wsc2 900xl for a list of Catalyst 2900 X L MIBs. Step 6 Use the get MIB_f ilename command to obtain a copy of the MIB file. Note Y ou can also access informatio n about MIBs on th ...

  • Cisco Systems DOC-7814982 - page 582

    A- 4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendi x A Support ed MIBs Using FTP t o Acces s the MIB Fi le s ...

  • Cisco Systems DOC-7814982 - page 583

    B-1 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 APPEND IX B Working with the IOS File System, Configuration Files, and Software Imag es This a ppend ix desc ribe s how to manip ul ate t he Flash file s ystem , how to copy c on figurati on files, an d how to archiv e (upload an d download) software i mages. Note For compl ...

  • Cisco Systems DOC-7814982 - page 584

    B-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w it h t he F lash File Sy st em Displaying Available File Systems T o displ ay t he available file syst ems o n your swi tch , use the show file systems pri vi le ged EX EC c ...

  • Cisco Systems DOC-7814982 - page 585

    B-3 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with the Flash File System Setting the Default File System Y ou can specif y the f ile system o r direct ory that t he system uses a s the def ault file system b y usin g ...

  • Cisco Systems DOC-7814982 - page 586

    B-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w it h t he F lash File Sy st em T o display informat ion about f iles on a fil e system, use one of the pri vile ged EXEC comma nds in Ta b l e B - 2 : Changing Dir ect or ie ...

  • Cisco Systems DOC-7814982 - page 587

    B-5 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with the Flash File System T o delete a directo ry with all its f iles and subdirectorie s, use the delete /f orce /r ecursi ve file system :/ fil e -u rl pri vileg ed EX ...

  • Cisco Systems DOC-7814982 - page 588

    B-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w it h t he F lash File Sy st em Use the /rec ursiv e keyword for deleting a director y and all subdire ctori es and the files contai ned in it. Use the /f or ce keyw ord to s ...

  • Cisco Systems DOC-7814982 - page 589

    B-7 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with the Flash File System Displaying the Contents of a tar File T o display the co ntents of a tar f ile on the screen, use this pri vile ged EXEC comm and: ar chiv e ta ...

  • Cisco Systems DOC-7814982 - page 590

    B-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w ith Con figuration Files • For the T ri vial Fil e T ransfer Pr otocol (TFTP), the synt ax is tftp: [[ // lo cation ] / dir ectory ] / tar -f ilename .t ar The tar-f ilena ...

  • Cisco Systems DOC-7814982 - page 591

    B-9 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with Configuration Files Yo u c a n c o p y ( uploa d ) conf iguration f iles fr om the switch to a f ile serve r by u sing TFTP , FTP , or RCP . Y o u might pe rform thi ...

  • Cisco Systems DOC-7814982 - page 592

    B-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w ith Con figuration Files Note Th e co py { ftp: | r cp: | tf tp: } system: running-conf ig pri vile ged E XEC comm and lo ads the conf igura tion f iles on the swit ch as i ...

  • Cisco Systems DOC-7814982 - page 593

    B-11 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with Configuration Files Copying Configuration Files By Using TFTP Y o u can con figure the switc h by using configurat i on files you creat e, download from an other sw ...

  • Cisco Systems DOC-7814982 - page 594

    B-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w ith Con figuration Files Downloading the Configur ation File By Using TFTP T o co nfigu re the swi tch b y using a conf igu ration f ile d o wnloaded f rom a TFT P server , ...

  • Cisco Systems DOC-7814982 - page 595

    B-13 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with Configuration Files Copying Configuration Files By Using FTP Y o u can co py configuration f iles to or fro m an FTP server . The FTP pr otoc ol r eq uire s a c li ...

  • Cisco Systems DOC-7814982 - page 596

    B-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w ith Con figuration Files NVRAM. I f y ou ar e acc essing th e switc h t hro ugh a T elnet ses sio n and you have a valid use rnam e, this u ser name is use d, and you do n ...

  • Cisco Systems DOC-7814982 - page 597

    B-15 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with Configuration Files Switch# copy ftp: nvram:startup-config Address of remote host [255.255.255.255]? 172.16.101.101 Name of configuration file[rtr2-confg]? host2-co ...

  • Cisco Systems DOC-7814982 - page 598

    B-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w ith Con figuration Files This e xample s hows how to store a st artup conf iguration f ile on a serv er b y using FTP to cop y the f ile: Switch# configure terminal Switch( ...

  • Cisco Systems DOC-7814982 - page 599

    B-17 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with Configuration Files Preparing to Download or Uploa d a Configuration File By Using RCP Before yo u begin downloading or uplo ading a co nfiguration file by using RC ...

  • Cisco Systems DOC-7814982 - page 600

    B-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working w ith Con figuration Files This exam ple shows how to copy a c onfigurati on file named host 1-confg from the ne tadm in1 directory on the remot e server with an IP addr ess ...

  • Cisco Systems DOC-7814982 - page 601

    B-19 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with Configuration Files This exam ple shows how to copy t he run ni ng co nfigura tion file name d swi tch2-confg to the netadmin1 directo ry on t he r emot e ho st wit ...

  • Cisco Systems DOC-7814982 - page 602

    B-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images Deleting a Stored Config uration File T o delete a sa ved configurati on from Flash memory , use the delete flash: f ilen ame privileged EXEC comm and. ...

  • Cisco Systems DOC-7814982 - page 603

    B-21 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with So ftware Images tar File Forma t of Images on a Server o r Cisco.co m Softw are image s located o n a serv er o r do wnloade d from Cisco .com are pro vided in a t ...

  • Cisco Systems DOC-7814982 - page 604

    B-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images Copying Imag e Files By Us ing TF TP Y ou can do wnload a switch image fr om a TFTP serv er or u pload the image f rom the switc h to a TFTP server . Y ...

  • Cisco Systems DOC-7814982 - page 605

    B-23 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with So ftware Images Downloading an Image File By Using TFTP Y ou can do wnlo ad a n ew image f ile and rep lace the curr ent imag e or k eep th e curren t imag e. Begi ...

  • Cisco Systems DOC-7814982 - page 606

    B-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images Note If the Flash device has su ff icie nt space to h old two image s and y ou want to overwrite one of these i mages with the same ve rsion, you must ...

  • Cisco Systems DOC-7814982 - page 607

    B-25 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with So ftware Images Cautio n For the download and up load al gorithms to operate properl y , do not rename imag e names. Copying Image Files By Using FTP Y ou can do w ...

  • Cisco Systems DOC-7814982 - page 608

    B-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images Before yo u begin dow nload ing or upload ing an image f ile by using FTP , do these tasks: • Ensur e that the swit ch has a route to th e FTP serve ...

  • Cisco Systems DOC-7814982 - page 609

    B-27 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with So ftware Images The download a lgor ithm verifies tha t t he i m age i s a pp ropri ate f or the swi tch m odel and t hat enou gh DRAM is prese nt, or it abor ts t ...

  • Cisco Systems DOC-7814982 - page 610

    B-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images The alg orithm insta lls the do wnlo aded ima ge onto t he system board Flash dev ice (fla sh:). T he image is placed into a ne w di rectory na med wit ...

  • Cisco Systems DOC-7814982 - page 611

    B-29 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with So ftware Images The archiv e upload-sw command bu ilds an image f ile on the serve r by uploading these files in order: info, the I OS image, the HTML fi les, and ...

  • Cisco Systems DOC-7814982 - page 612

    B-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images For th e R CP c op y re qu est to e x ecute succ es sf ully , an account mu st be de f in ed on th e n et wor k serv e r fo r the remo te userna me. If ...

  • Cisco Systems DOC-7814982 - page 613

    B-31 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with So ftware Images The download a lgor ithm verifies tha t t he i m age i s a pp ropri ate f or the swi tch m odel and t hat enou gh DRAM is prese nt, or it abor ts t ...

  • Cisco Systems DOC-7814982 - page 614

    B-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images If yo u sp ecify the /lea ve- old-sw , the e xisting f iles ar e not rem o ved . If ther e is n ot eno ugh room to instal l the ne w imag e an keep t h ...

  • Cisco Systems DOC-7814982 - page 615

    B-33 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 Append ix B Workin g w ith the IOS Fi le System, Co nfigu ration Fi les, and Soft w are Imag es Working with So ftware Images The archiv e upload-sw pri vile ged EXEC command b uilds an image f ile on the serve r by uploading these f iles in order: in fo, the IOS image, th ...

  • Cisco Systems DOC-7814982 - page 616

    B-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-14982-01 Appendix B Working with the IOS File System , Configura tion Files, an d Software Ima g es Working wi th Soft ware Images ...

  • Cisco Systems DOC-7814982 - page 617

    IN-1 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 INDEX Numerics 802.1 D See STP 802.1 Q and trunk ports 9-2 config urati on limitat ions 14-16 nati ve VL AN fo r un tagge d tr affic 14-20 trunk m ode 3-10 802.1 S See MSTP 802.1 W See RSTP 802.1 X See port -based auth entication 802.3 Z flow con trol 9-14 A abbrev iati ng ...

  • Cisco Systems DOC-7814982 - page 618

    Index IN-2 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 displaying i nterfac e 25-23 exam ple s of 25-23 exten ded I P configuring for QoS classi fication 26-18 crea ting 25-10 matc hing cri teria 25-7 host keywor d 25-9 IP crea ting 25-7 implici t deny 25-9, 25-13, 25-15 implicit m asks 25-9 manage ment inter faces, a p ...

  • Cisco Systems DOC-7814982 - page 619

    Inde x IN-3 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 ARP table address resolution 7-61 managing 7-61 asymmetric d igital subs criber line See ADSL attribute s, RADIUS vendor-p ropri etary 7-30 vendor-s peci fic 7-29 authenti cation local mo de with AAA 7-32 NTP associations 7-37 RADIUS key 7-21 login 7-23 TACACS+ defi ...

  • Cisco Systems DOC-7814982 - page 620

    Index IN-4 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 disabling 18-3 browser conf i gurat ion 3-1, 6-1 buttons, CMS 3-30 C cables , monit oring for uni direct ional links 19-1 Cancel but ton 3-30 cand id ate s wi tc h adding 6-20 automatic d iscovery 6-5 defined 6-4 HC 6-23 passwords 6-20 requir ements 6-4 standby gr o ...

  • Cisco Systems DOC-7814982 - page 621

    Inde x IN-5 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 See CMS clusters, switch acce ssing 6-15 adding me mber swit ches 6-20 automatic d iscovery 6-5 automatic r ecovery 6-12 comman d sw it ch c on figur ation 6-19 compatibilit y 6-5 crea ting 6-19 creat ing a c lus ter st andb y g rou p 6-22 describe d 6-1 LRE prof il ...

  • Cisco Systems DOC-7814982 - page 622

    Index IN-6 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 no and defaul t 2-5 setting privileg e levels 7-8 comm an d sw it ch acce ssing 6-13 active (AC) 6-12, 6-23 comman d sw itc h wi th HSR P di sabl ed ( CC) 6-23 config urati on confli cts 28-11 defined 6-2 enab lin g 6-19 passive ( PC) 6-12, 6-23 password privilege l ...

  • Cisco Systems DOC-7814982 - page 623

    Inde x IN-7 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 config uring duplex mo de 10-7 for an LRE upg rade 10-15 LRE por ts 10-5 speed on Cisco 575 LR E CPE 10-8 config-vlan mode 2-2, 14-6 conflicts, c onfigurati on 28-11 connec tions, se cure rem ote 7-33 consistenc y checks in VTP version 2 15-4 console p ort, conn ec ...

  • Cisco Systems DOC-7814982 - page 624

    Index IN-8 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 RMON 22-3 RSPAN 21-8 RSTP and M STP 12-12 SNMP 24-6 SPAN 21-8 STP 11-10 system message logging 23-3 system name and prompt 7-48 TACACS+ 7-13 UDLD 19-3 VLAN, La yer 2 Ethe rnet in terfa ces 14-17 VLANs 14-8 VMPS 14-27 voice VL AN 16-2 VTP 15-6 default gatew ay 4-10 d ...

  • Cisco Systems DOC-7814982 - page 625

    Inde x IN-9 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 using FTP B-26 using RC P B-30 using T FTP B-23 DSCP 1-6, 26-2 DSCP-to-CoS ma p for QoS 26-26 DTP 1-5, 14-15 duplex mo de config uring 10-7 CPE Et hernet lin k 10-7 duplex mo de, confi gurin g 9-11 dynami c access mode 3-10 dynami c access po rts char act eris tics ...

  • Cisco Systems DOC-7814982 - page 626

    Index IN- 10 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 ETSI 1-2 European T elecommunicatio n Standard s Institute See ETSI even ts , RMON 22-3 exam ples convent ion s for xx viii network c onfigurat ion 1-8 Expand Cl uster view 3-11 expert m ode 3-25 extend ed-r ange V LAN s config urati on guidelin es 14-12 config ur ...

  • Cisco Systems DOC-7814982 - page 627

    Inde x IN- 11 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 G GBICs 1000BASE -L X/LH modul e 1-10 1000BASE -SX m odu le 1-10 1000BASE -ZX modul e 1-10 CWDM m odul e 1-20 Giga Stac k modul e 1-9 securit y and identification 28-13 get-bulk -requ est operati on 24-3 get-next -r eque st op er ati on 24-3, 24-4 get-requ est ope ...

  • Cisco Systems DOC-7814982 - page 628

    Index IN- 12 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 config urati on servic e 5-2 describe d 5-1 even t s ervi c e 5-3 describe d 1-7 support fo r 1-3 IEEE 8 02. 1P 16-1 IGMP joining m ulticast grou p 17-2 join messages 17-2 leave pr ocessin g, enabling 17-9 leaving multi cast group 17-4 queries 17-3 IGMP f ilt eri ...

  • Cisco Systems DOC-7814982 - page 629

    Inde x IN- 13 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 exten ded , crea tin g 25-10 for QoS clas sificat ion 26-16 implici t deny 25-9, 25-13, 25-15 implicit m asks 25-9 manage ment inter faces, a pplying to 25-20 named 25-13 physica l interf aces, ap plying t o 25-21 stand ard, creat ing 25-9 undef ined 25-19, 25-21 ...

  • Cisco Systems DOC-7814982 - page 630

    Index IN- 14 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 troublesh ooting 28-12 LRE li nk monitor 10-14 persistence 10-14 LRE li nks See LRE ports LRE por ts config uring 10-1, 10-5 assi gni ng a globa l se quen ce 10-9 assigni ng a po rt sequ en ce 10-10 assigni ng a private pro file 10-9 assigni ng a public pro file 1 ...

  • Cisco Systems DOC-7814982 - page 631

    Inde x IN- 15 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 manageme nt VLAN chan ging 6-18 consider ations in switch cluster s 6-8, 6-9, 6-18 discovery thr oug h d iffere nt ma nage ment VL ANs 6-9 discovery thr oug h sam e mana geme nt V LA N 6-8 IP addre ss 6-18 MANs CWDM conf igura tion exam ple 1-20 long-di sta nce, h ...

  • Cisco Systems DOC-7814982 - page 632

    Index IN- 16 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 describe d 12-10 BPDU filtering describe d 13-3 enab lin g 13-16 BPDU guard describe d 13-3 enab lin g 13-15 CIST, descri bed 12-8 config urati on guidelin es 12-12 config uring forwar d-dela y time 12-20 hello time 12-19 link ty pe for rapi d converg ence 12-22 m ...

  • Cisco Systems DOC-7814982 - page 633

    Inde x IN- 17 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 MVR configur ing interfaces 17-17 default conf igur ati on 17-15 describe d 17-13 modes 17-17 monitoring 17- 19 setting global paramete rs 17-16 N named IP AC Ls 25-13 Name Space Mapp er See NSM native VL AN config uring 14-20 default 14-20 negotia te trunk mode 3 ...

  • Cisco Systems DOC-7814982 - page 634

    Index IN- 18 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 passwords default conf igur ati on 7-2 disabling re cove ry of 7-5 encr ypting 7-4 in clusters 6-16, 6-20 in CMS 3-30 overvi ew 7-1 recove ry of 28-6 setting enab le 7-3 enab le sec ret 7-4 Telne t 7-6 with user names 7-7 VTP domain 15-8 patch panel 1-16 path cost ...

  • Cisco Systems DOC-7814982 - page 635

    Inde x IN- 19 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 port-cha nnel See E ther Chann el Port Fast describe d 13-2 enab lin g 13-14 mode, s pa nning t ree 14-28 support fo r 1-4 port ic ons, Fr ont Pane l v iew 3-7 port LED s describe d 3-9 DUPLX 3-9 port m odes 3-8 SPEED 3-9 STAT 3-9 port m embe rship mode s, VLAN 3- ...

  • Cisco Systems DOC-7814982 - page 636

    Index IN- 20 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 CMS 3-31 comm an d sw it ch 6-25 exiting 7- 10 logging i nto 7-10 mapping on me mber switche s 6-25 overvi ew 7-2, 7-8 setting a command with 7-8 profile ac quisition, a utomatic 10-10 profile locking 10-11 profile s, LRE conside rations 10-7 default ass igni ng 1 ...

  • Cisco Systems DOC-7814982 - page 637

    Inde x IN- 21 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 ingress po rt scheduling 26-8 IP phone s, detec tion a nd t rus ted se ttin gs 26-13 mappin g tabl es CoS-to-DSCP 26-25 displaying 26-28 DSCP-to-CoS 26-26 types of 26-5 mar ked-d own ac tio ns 26-23 markin g, de scri bed 26-4, 26-6 overvi ew 26-2 pass-throug h mod ...

  • Cisco Systems DOC-7814982 - page 638

    Index IN- 22 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 read-on ly a c cess mode 3-31 read-w rit e a cce ss mode 3-31 reconf irmation i nterval, VMPS, chang ing 14-30 recove ry proc edures 28-6 redunda ncy EtherC hannel 27-2 STP backbon e 11-8 multidr op back bone 13-5 path cost 14-23 port priority 14-21 redunda nt c l ...

  • Cisco Systems DOC-7814982 - page 639

    Inde x IN- 23 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 removi ng source (m onitored ) ports 21-17 specifying mo nitore d ports 21-15 source ports 21-4 transmitted tra ffic 21-4 VLAN-based 21-6 RSTP active topolog y, determining 12-2 BPDU format 12-5 processing 12-6 config urati on guidelin es 12-12 designat ed po rt, ...

  • Cisco Systems DOC-7814982 - page 640

    Index IN- 24 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 SNAP 20-1 SNMP acce ssing MIB variab les with 24-4 agen t describe d 24-3 disabling 24-7 communi ty strings config uring 24-7 for cluster switch es 24-4 overvi ew 24-4 config urati on exam ples 24-14 default conf igur ati on 24-6 groups 24-8 in clusters 6-16 infor ...

  • Cisco Systems DOC-7814982 - page 641

    Inde x IN- 25 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 source ports 21-4 transmitted tra ffic 21-4 VLAN-based 21-6 spannin g tr ee and na tiv e V LAN s 14-17 Spanning T re e Pro toco l See STP speed, conf iguring on interfaces 9-11 speed, settin g 10-7 SSH config uring 7-33 cryp to so ftware image 7-33 describe d 7-33 ...

  • Cisco Systems DOC-7814982 - page 642

    Index IN- 26 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 enab lin g 13-18 default conf igur ati on 11-10 defau lt option al featur e configur ation 13-14 designat ed po rt, de fine d 11-3 designated swi tch, defi ned 11-3 detectin g indirec t link failu res 13-10 disabling 11-12 displaying sta tus 11-21 exten ded s y st ...

  • Cisco Systems DOC-7814982 - page 643

    Inde x IN- 27 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 displaying the tim e and date 7-44 overvi ew 7-34 See also NT P system message logging default conf igur ati on 23-3 defining err or messa ge se veri ty level s 23-8 disabling 23-4 displaying t he c on figur ation 23-12 enab lin g 23-4 facility keywo rds, describe ...

  • Cisco Systems DOC-7814982 - page 644

    Index IN- 28 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 limiti ng acc ess by server s 24-13 time See NTP and s ystem cloc k time -range co mm and 25-15 time ranges in ACLs 25-15 timestam ps in log messa ges 23-7 time z ones 7-45 Token R in g VLAN s support fo r 14-5 VTP support 15-4 toolbar 3-20 tool tips 3-26 Topolog ...

  • Cisco Systems DOC-7814982 - page 645

    Inde x IN- 29 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 neighbor da tabase 19-2 overvi ew 19-1 resettin g an interface 19-5 status, displaying 19-6 unautho rized port s with 802.1X 8-4 UniDir ect iona l L ink Dete cti on prot ocol See UDLD UNIX sysl og se rver s daemon c onfigura tion 23-11 facilities su pported 23-12 ...

  • Cisco Systems DOC-7814982 - page 646

    Index IN- 30 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 config urati on option s 14-6 config uring 14-1 config uring IDs 10 06 to 4094 14-12 creating in config -vlan mode 14-9 creat ing in VLA N config uration mo de 14-9 default conf igur ati on 14-8 deleting 14-10 describe d 9-3, 14-1 displaying 14-14 exten ded -ran g ...

  • Cisco Systems DOC-7814982 - page 647

    Inde x IN- 31 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-14982-01 server mode 15-9 transp arent mo de 15-12 cons iste ncy ch ecks 15-4 default conf igur ati on 15-6 describe d 15-1 disabling 15-12 domain na m es 15-8 domains 15-2 modes client 15-3, 15-11 server 15-3, 15-9 transitions 15-3 transp arent 15-3, 15-12 monitoring 15- ...

  • Cisco Systems DOC-7814982 - page 648

    Index IN- 32 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-14982-0 1 ...

Manufacturer Cisco Systems Category Stereo System

Documents that we receive from a manufacturer of a Cisco Systems DOC-7814982 can be divided into several groups. They are, among others:
- Cisco Systems technical drawings
- DOC-7814982 manuals
- Cisco Systems product data sheets
- information booklets
- or energy labels Cisco Systems DOC-7814982
All of them are important, but the most important information from the point of view of use of the device are in the user manual Cisco Systems DOC-7814982.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Cisco Systems DOC-7814982, service manual, brief instructions and user manuals Cisco Systems DOC-7814982. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Cisco Systems DOC-7814982.

A complete manual for the device Cisco Systems DOC-7814982, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Cisco Systems DOC-7814982 by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Cisco Systems DOC-7814982.

A complete Cisco Systems manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Cisco Systems DOC-7814982 - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Cisco Systems DOC-7814982, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Cisco Systems DOC-7814982, that we can find in the current document
3. Tips how to use the basic functions of the device Cisco Systems DOC-7814982 - which should help us in our first steps of using Cisco Systems DOC-7814982
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Cisco Systems DOC-7814982
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Cisco Systems DOC-7814982 in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Cisco Systems DOC-7814982?

Use the form below

If you did not solve your problem by using a manual Cisco Systems DOC-7814982, ask a question using the form below. If a user had a similar problem with Cisco Systems DOC-7814982 it is likely that he will want to share the way to solve it.

Copy the text from the picture

Comments (0)