Cisco Systems 2950 User manual

Corporate Headquarters

Cisco Systems, Inc.

170 West Tasman Drive

San Jose, CA 95134-1706

USA

http://www.cisco.com

Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 526-4100

Catalyst 2950 Desktop Switch Software

Configuration Guide

Cisco IOS Release 12.1(11)EA1

August 2002

Customer Order Number: DOC-7811380=

Text Part Number: 78-11380-05

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL

STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT

WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT

SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE

OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH

ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT

LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF

DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,

WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO

OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Catalyst 2950 Desktop Switch Software Configuration Guide

CCIP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, Internet Quotient, iQ

Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and Voice LAN are trademarks

of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That’s Possible, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are

service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,

the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel,

EtherSwitch, Fast Step, GigaStack, IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX,

Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other

countries.

All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship

between Cisco and any other company. (0206R)

iii

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

CONTENTS

Preface xxiii

Audience xxiii

Purpose xxiii

Organization xxiv

Conventions xxvi

Related Publications xxvii

Obtaining Documentation xxvii

World Wide Web xxvii

Documentation CD-ROM xxviii

Ordering Documentation xxviii

Documentation Feedback xxviii

Obtaining Technical Assistance xxviii

Cisco.com xxix

Technical Assistance Center xxix

Cisco TAC Website xxix

Cisco TAC Escalation Center xxx

CHAPTER

1 Overview 1-1

Features 1-1

Management Options 1-5

Management Interface Options 1-6

Advantages of Using CMS and Clustering Switches 1-6

Network Configuration Examples 1-7

Design Concepts for Using the Switch 1-7

Small to Medium-Sized Network Configuration 1-10

Collapsed Backbone and Switch Cluster Configuration 1-12

Large Campus Configuration 1-13

Multidwelling Network Using Catalyst 2950 Switches 1-14

Long-Distance, High-Bandwidth Transport Configuration 1-16

Where to Go Next 1-17

Contents

iv

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

CHAPTER

2 Using the Command-Line Interface 2-1

IOS Command Modes 2-1

Getting Help 2-3

Abbreviating Commands 2-3

Using no and default Forms of Commands 2-4

Understanding CLI Messages 2-4

Using Command History 2-5

Changing the Command History Buffer Size 2-5

Recalling Commands 2-5

Disabling the Command History Feature 2-6

Using Editing Features 2-6

Enabling and Disabling Editing Features 2-6

Editing Commands through Keystrokes 2-7

Editing Command Lines that Wrap 2-8

Searching and Filtering Output of show and more Commands 2-9

Accessing the CLI 2-9

Accessing the CLI from a Browser 2-10

CHAPTER

3 Getting Started with CMS 3-1

Features 3-2

Front Panel View 3-4

Cluster Tree 3-5

Front-Panel Images 3-5

Redundant Power System LED 3-6

Port Modes and LEDs 3-7

VLAN Membership Modes 3-8

Topology View 3-9

Topology Icons 3-11

Device and Link Labels 3-12

Colors in the Topology View 3-12

Topology Display Options 3-13

Menus and Toolbar 3-14

Menu Bar 3-14

Toolbar 3-19

Front Panel View Popup Menus 3-20

Device Popup Menu 3-20

Port Popup Menu 3-20

Contents

v

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Topology View Popup Menus 3-21

Link Popup Menu 3-21

Device Popup Menus 3-22

Interaction Modes 3-23

Guide Mode 3-24

Expert Mode 3-24

Wizards 3-24

Tool Tips 3-25

Online Help 3-25

CMS Window Components 3-26

Host Name List 3-26

Tabs, Lists, and Tables 3-27

Icons Used in Windows 3-27

Buttons 3-27

Accessing CMS 3-28

Access Modes in CMS 3-29

HTTP Access to CMS 3-29

Verifying Your Changes 3-30

Change Notification 3-30

Error Checking 3-30

Saving Your Configuration 3-30

Restoring Your Configuration 3-31

CMS Preferences 3-31

Using Different Versions of CMS 3-31

Where to Go Next 3-32

CHAPTER

4 Assigning the Switch IP Address and Default Gateway 4-1

Understanding the Boot Process 4-1

Assigning Switch Information 4-2

Default Switch Information 4-3

Understanding DHCP-Based Autoconfiguration 4-3

DHCP Client Request Process 4-4

Configuring the DHCP Server 4-5

Configuring the TFTP Server 4-5

Configuring the DNS 4-6

Configuring the Relay Device 4-6

Obtaining Configuration Files 4-7

Example Configuration 4-8

Contents

vi

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Manually Assigning IP Information 4-10

Checking and Saving the Running Configuration 4-10

CHAPTER

5 Configuring IE2100 CNS Agents 5-1

Understanding IE2100 Series Configuration Registrar Software 5-1

CNS Configuration Service 5-2

CNS Event Service 5-3

NameSpace Mapper 5-3

What You Should Know About ConfigID, DeviceID, and Host Name 5-3

ConfigID 5-3

DeviceID 5-4

Host Name and DeviceID 5-4

Using Host Name, DeviceID, and ConfigID 5-4

Understanding CNS Embedded Agents 5-5

Initial Configuration 5-5

Incremental (Partial) Configuration 5-6

Synchronized Configuration 5-6

Configuring CNS Embedded Agents 5-6

Enabling Automated CNS Configuration 5-6

Enabling the CNS Event Agent 5-8

Enabling the CNS Configuration Agent 5-9

Enabling an Initial Configuration 5-9

Enabling a Partial Configuration 5-12

Displaying CNS Configuration 5-12

CHAPTER

6 Clustering Switches 6-1

Understanding Switch Clusters 6-2

Command Switch Characteristics 6-3

Standby Command Switch Characteristics 6-3

Candidate Switch and Member Switch Characteristics 6-4

Planning a Switch Cluster 6-5

Automatic Discovery of Cluster Candidates and Members 6-5

Discovery through CDP Hops 6-6

Discovery through Non-CDP-Capable and Noncluster-Capable Devices 6-8

Discovery through the Same Management VLAN 6-9

Discovery through Different Management VLANs 6-10

Discovery of Newly Installed Switches 6-11

Contents

vii

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

HSRP and Standby Command Switches 6-13

Virtual IP Addresses 6-14

Other Considerations for Cluster Standby Groups 6-14

Automatic Recovery of Cluster Configuration 6-16

IP Addresses 6-16

Host Names 6-17

Passwords 6-17

SNMP Community Strings 6-17

TACACS+ and RADIUS 6-18

Access Modes in CMS 6-18

Management VLAN 6-19

LRE Profiles 6-19

Availability of Switch-Specific Features in Switch Clusters 6-20

Creating a Switch Cluster 6-20

Enabling a Command Switch 6-20

Adding Member Switches 6-21

Creating a Cluster Standby Group 6-23

Verifying a Switch Cluster 6-25

Using the CLI to Manage Switch Clusters 6-26

Catalyst 1900 and Catalyst 2820 CLI Considerations 6-26

Using SNMP to Manage Switch Clusters 6-27

CHAPTER

7 Administering the Switch 7-1

Preventing Unauthorized Access to Your Switch 7-1

Protecting Access to Privileged EXEC Commands 7-2

Default Password and Privilege Level Configuration 7-2

Setting or Changing a Static Enable Password 7-3

Protecting Enable and Enable Secret Passwords with Encryption 7-4

Setting a Telnet Password for a Terminal Line 7-5

Configuring Username and Password Pairs 7-6

Configuring Multiple Privilege Levels 7-7

Setting the Privilege Level for a Command 7-7

Changing the Default Privilege Level for Lines 7-8

Logging into and Exiting a Privilege Level 7-9

Controlling Switch Access with TACACS+ 7-9

Understanding TACACS+ 7-9

TACACS+ Operation 7-11

Contents

viii

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Configuring TACACS+ 7-11

Default TACACS+ Configuration 7-12

Identifying the TACACS+ Server Host and Setting the Authentication Key 7-12

Configuring TACACS+ Login Authentication 7-13

Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 7-15

Starting TACACS+ Accounting 7-16

Displaying the TACACS+ Configuration 7-16

Controlling Switch Access with RADIUS 7-17

Understanding RADIUS 7-17

RADIUS Operation 7-18

Configuring RADIUS 7-19

Default RADIUS Configuration 7-19

Identifying the RADIUS Server Host 7-19

Configuring RADIUS Login Authentication 7-22

Defining AAA Server Groups 7-24

Configuring RADIUS Authorization for User Privileged Access and Network Services 7-26

Starting RADIUS Accounting 7-27

Configuring Settings for All RADIUS Servers 7-28

Configuring the Switch to Use Vendor-Specific RADIUS Attributes 7-28

Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 7-29

Displaying the RADIUS Configuration 7-30

Configuring the Switch for Local Authentication and Authorization 7-31

Managing the System Time and Date 7-32

Understanding the System Clock 7-32

Understanding Network Time Protocol 7-32

Configuring NTP 7-34

Default NTP Configuration 7-35

Configuring NTP Authentication 7-35

Configuring NTP Associations 7-36

Configuring NTP Broadcast Service 7-37

Configuring NTP Access Restrictions 7-38

Configuring the Source IP Address for NTP Packets 7-40

Displaying the NTP Configuration 7-41

Configuring Time and Date Manually 7-41

Setting the System Clock 7-42

Displaying the Time and Date Configuration 7-42

Configuring the Time Zone 7-43

Configuring Summer Time (Daylight Saving Time) 7-44

Contents

ix

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Configuring a System Name and Prompt 7-46

Default System Name and Prompt Configuration 7-46

Configuring a System Name 7-46

Configuring a System Prompt 7-47

Understanding DNS 7-47

Default DNS Configuration 7-48

Setting Up DNS 7-48

Displaying the DNS Configuration 7-49

Creating a Banner 7-49

Default Banner Configuration 7-49

Configuring a Message-of-the-Day Login Banner 7-50

Configuring a Login Banner 7-51

Managing the MAC Address Table 7-52

Building the Address Table 7-52

MAC Addresses and VLANs 7-53

Default MAC Address Table Configuration 7-53

Changing the Address Aging Time 7-53

Removing Dynamic Address Entries 7-54

Configuring MAC Address Notification Traps 7-54

Adding and Removing Static Address Entries 7-56

Adding and Removing Secure Addresses 7-57

Displaying Address Table Entries 7-58

Managing the ARP Table 7-59

CHAPTER

8 Configuring 802.1X Port-Based Authentication 8-1

Understanding 802.1X Port-Based Authentication 8-1

Device Roles 8-2

Authentication Initiation and Message Exchange 8-3

Ports in Authorized and Unauthorized States 8-4

Supported Topologies 8-5

Configuring 802.1X Authentication 8-5

Default 802.1X Configuration 8-6

802.1X Configuration Guidelines 8-7

Enabling 802.1X Authentication 8-8

Configuring the Switch-to-RADIUS-Server Communication 8-9

Enabling Periodic Re-Authentication 8-10

Manually Re-Authenticating a Client Connected to a Port 8-11

Changing the Quiet Period 8-11

Changing the Switch-to-Client Retransmission Time 8-12

Contents

x

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Setting the Switch-to-Client Frame-Retransmission Number 8-13

Enabling Multiple Hosts 8-13

Resetting the 802.1X Configuration to the Default Values 8-14

Displaying 802.1X Statistics and Status 8-14

CHAPTER

9 Configuring Interface Characteristics 9-1

Understanding Interface Types 9-1

Port-Based VLANs 9-1

Switch Ports 9-2

Access Ports 9-2

Trunk Ports 9-3

EtherChannel Port Groups 9-3

Connecting Interfaces 9-3

Using the Interface Command 9-4

Procedures for Configuring Interfaces 9-5

Configuring a Range of Interfaces 9-6

Configuring and Using Interface Range Macros 9-8

Configuring Layer 2 Interfaces 9-9

Default Layer 2 Ethernet Interface Configuration 9-9

Configuring Interface Speed and Duplex Mode 9-10

Configuration Guidelines 9-11

Setting the Interface Speed and Duplex Parameters 9-11

Configuring IEEE 802.3X Flow Control on Gigabit Ethernet Ports 9-12

Adding a Description for an Interface 9-13

Monitoring and Maintaining the Interfaces 9-14

Monitoring Interface and Controller Status 9-14

Clearing and Resetting Interfaces and Counters 9-16

Shutting Down and Restarting the Interface 9-17

CHAPTER

10 Configuring STP 10-1

Understanding Spanning-Tree Features 10-1

STP Overview 10-2

Supported Spanning-Tree Instances 10-2

Bridge Protocol Data Units 10-2

Election of the Root Switch 10-3

Bridge ID, Switch Priority, and Extended System ID 10-4

Spanning-Tree Timers 10-4

Creating the Spanning-Tree Topology 10-5

Contents

xi

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Spanning-Tree Interface States 10-5

Blocking State 10-7

Listening State 10-7

Learning State 10-7

Forwarding State 10-7

Disabled State 10-8

Spanning-Tree Address Management 10-8

STP and IEEE 802.1Q Trunks 10-8

Spanning Tree and Redundant Connectivity 10-8

Accelerated Aging to Retain Connectivity 10-9

Configuring Spanning-Tree Features 10-9

Default STP Configuration 10-10

STP Configuration Guidelines 10-10

Disabling STP 10-12

Configuring the Root Switch 10-12

Configuring a Secondary Root Switch 10-14

Configuring the Port Priority 10-15

Configuring the Path Cost 10-16

Configuring the Switch Priority of a VLAN 10-18

Configuring the Hello Time 10-19

Configuring the Forwarding-Delay Time for a VLAN 10-19

Configuring the Maximum-Aging Time for a VLAN 10-20

Configuring STP for Use in a Cascaded Stack 10-20

Displaying the Spanning-Tree Status 10-21

CHAPTER

11 Configuring RSTP and MSTP 11-1

Understanding RSTP 11-2

Port Roles and the Active Topology 11-2

Rapid Convergence 11-3

Synchronization of Port Roles 11-4

Bridge Protocol Data Unit Format and Processing 11-5

Processing Superior BPDU Information 11-6

Processing Inferior BPDU Information 11-6

Topology Changes 11-6

Understanding MSTP 11-7

Multiple Spanning-Tree Regions 11-7

IST, CIST, and CST 11-8

Operations Within an MST Region 11-8

Operations Between MST Regions 11-9

Contents

xii

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Hop Count 11-10

Boundary Ports 11-10

Interoperability with 802.1D STP 11-11

Configuring RSTP and MSTP Features 11-11

Default RSTP and MSTP Configuration 11-12

RSTP and MSTP Configuration Guidelines 11-12

Specifying the MST Region Configuration and Enabling MSTP 11-13

Configuring the Root Switch 11-14

Configuring a Secondary Root Switch 11-16

Configuring the Port Priority 11-17

Configuring the Path Cost 11-18

Configuring the Switch Priority 11-19

Configuring the Hello Time 11-19

Configuring the Forwarding-Delay Time 11-20

Configuring the Maximum-Aging Time 11-21

Configuring the Maximum-Hop Count 11-21

Specifying the Link Type to Ensure Rapid Transitions 11-22

Restarting the Protocol Migration Process 11-22

Displaying the MST Configuration and Status 11-23

CHAPTER

12 Configuring Optional Spanning-Tree Features 12-1

Understanding Optional Spanning-Tree Features 12-1

Understanding Port Fast 12-2

Understanding BPDU Guard 12-3

Understanding BPDU Filtering 12-3

Understanding UplinkFast 12-4

Understanding Cross-Stack UplinkFast 12-5

How CSUF Works 12-6

Events That Cause Fast Convergence 12-7

Limitations 12-8

Connecting the Stack Ports 12-8

Understanding BackboneFast 12-10

Understanding Root Guard 12-12

Understanding Loop Guard 12-13

Configuring Optional Spanning-Tree Features 12-13

Default Optional Spanning-Tree Configuration 12-14

Enabling Port Fast 12-14

Enabling BPDU Guard 12-15

Enabling BPDU Filtering 12-16

Contents

xiii

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Enabling UplinkFast for Use with Redundant Links 12-17

Enabling Cross-Stack UplinkFast 12-18

Enabling BackboneFast 12-19

Enabling Root Guard 12-19

Enabling Loop Guard 12-20

Displaying the Spanning-Tree Status 12-21

CHAPTER

13 Configuring VLANs 13-1

Understanding VLANs 13-1

Supported VLANs 13-2

VLAN Port Membership Modes 13-3

Configuring Normal-Range VLANs 13-4

Token Ring VLANs 13-5

Normal-Range VLAN Configuration Guidelines 13-5

VLAN Configuration Mode Options 13-6

VLAN Configuration in config-vlan Mode 13-6

VLAN Configuration in VLAN Configuration Mode 13-6

Saving VLAN Configuration 13-7

Default Ethernet VLAN Configuration 13-8

Creating or Modifying an Ethernet VLAN 13-8

Deleting a VLAN 13-10

Assigning Static-Access Ports to a VLAN 13-11

Configuring Extended-Range VLANs 13-12

Default VLAN Configuration 13-12

Extended-Range VLAN Configuration Guidelines 13-12

Creating an Extended-Range VLAN 13-13

Displaying VLANs 13-14

Configuring VLAN Trunks 13-15

Trunking Overview 13-15

802.1Q Configuration Considerations 13-16

Default Layer 2 Ethernet Interface VLAN Configuration 13-17

Configuring an Ethernet Interface as a Trunk Port 13-17

Interaction with Other Features 13-17

Configuring a Trunk Port 13-18

Defining the Allowed VLANs on a Trunk 13-19

Changing the Pruning-Eligible List 13-20

Configuring the Native VLAN for Untagged Traffic 13-20

Contents

xiv

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Load Sharing Using STP 13-21

Load Sharing Using STP Port Priorities 13-21

Load Sharing Using STP Path Cost 13-23

Configuring VMPS 13-24

Understanding VMPS 13-25

Dynamic Port VLAN Membership 13-25

VMPS Database Configuration File 13-26

Default VMPS Configuration 13-27

VMPS Configuration Guidelines 13-28

Configuring the VMPS Client 13-28

Entering the IP Address of the VMPS 13-28

Configuring Dynamic Access Ports on VMPS Clients 13-29

Reconfirming VLAN Memberships 13-30

Changing the Reconfirmation Interval 13-30

Changing the Retry Count 13-30

Monitoring the VMPS 13-31

Troubleshooting Dynamic Port VLAN Membership 13-31

VMPS Configuration Example 13-32

CHAPTER

14 Configuring VTP 14-1

Understanding VTP 14-1

The VTP Domain 14-2

VTP Modes 14-3

VTP Advertisements 14-3

VTP Version 2 14-4

VTP Pruning 14-4

Configuring VTP 14-6

Default VTP Configuration 14-6

VTP Configuration Options 14-7

VTP Configuration in Global Configuration Modes 14-7

VTP Configuration in VLAN Configuration Mode 14-7

VTP Configuration Guidelines 14-8

Domain Names 14-8

Passwords 14-8

Upgrading from Previous Software Releases 14-8

VTP Version 14-9

Configuration Requirements 14-9

Configuring a VTP Server 14-9

Configuring a VTP Client 14-11

Contents

xv

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Disabling VTP (VTP Transparent Mode) 14-12

Enabling VTP Version 2 14-13

Enabling VTP Pruning 14-14

Adding a VTP Client Switch to a VTP Domain 14-15

Monitoring VTP 14-16

CHAPTER

15 Configuring Voice VLAN 15-1

Understanding Voice VLAN 15-1

Configuring Voice VLAN 15-2

Default Voice VLAN Configuration 15-2

Voice VLAN Configuration Guidelines 15-3

Configuring a Port to Connect to a Cisco 7960 IP Phone 15-3

Configuring Ports to Carry Voice Traffic in 802.1Q Frames 15-4

Configuring Ports to Carry Voice Traffic in 802.1P Priority Tagged Frames 15-4

Overriding the CoS Priority of Incoming Data Frames 15-5

Configuring the IP Phone to Trust the CoS Priority of Incoming Data Frames 15-6

Displaying Voice VLAN 15-6

CHAPTER

16 Configuring IGMP Snooping and MVR 16-1

Understanding IGMP Snooping 16-1

Joining a Multicast Group 16-2

Leaving a Multicast Group 16-4

Immediate-Leave Processing 16-4

Configuring IGMP Snooping 16-5

Default IGMP Snooping Configuration 16-5

Enabling or Disabling IGMP Snooping 16-5

Setting the Snooping Method 16-6

Configuring a Multicast Router Port 16-7

Configuring a Host Statically to Join a Group 16-8

Enabling IGMP Immediate-Leave Processing 16-9

Displaying IGMP Snooping Information 16-9

Understanding Multicast VLAN Registration 16-12

Using MVR in a Multicast Television Application 16-12

Configuring MVR 16-14

Default MVR Configuration 16-14

MVR Configuration Guidelines and Limitations 16-15

Configuring MVR Global Parameters 16-15

Configuring MVR Interfaces 16-16

Contents

xvi

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Displaying MVR Information 16-18

Configuring IGMP Filtering 16-19

Default IGMP Filtering Configuration 16-19

Configuring IGMP Profiles 16-20

Applying IGMP Profiles 16-21

Setting the Maximum Number of IGMP Groups 16-22

Displaying IGMP Filtering Configuration 16-23

CHAPTER

17 Configuring Port-Based Traffic Control 17-1

Configuring Storm Control 17-1

Understanding Storm Control 17-1

Default Storm Control Configuration 17-2

Enabling Storm Control 17-2

Disabling Storm Control 17-3

Configuring Protected Ports 17-3

Configuring Port Security 17-4

Understanding Port Security 17-4

Secure MAC Addresses 17-5

Security Violations 17-6

Default Port Security Configuration 17-6

Port Security Configuration Guidelines 17-7

Enabling and Configuring Port Security 17-7

Enabling and Configuring Port Security Aging 17-10

Displaying Port-Based Traffic Control Settings 17-12

CHAPTER

18 Configuring UDLD 18-1

Understanding UDLD 18-1

Configuring UDLD 18-3

Default UDLD Configuration 18-3

Enabling UDLD Globally 18-4

Enabling UDLD on an Interface 18-4

Resetting an Interface Shut Down by UDLD 18-5

Displaying UDLD Status 18-6

Contents

xvii

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

CHAPTER

19 Configuring CDP 19-1

Understanding CDP 19-1

Configuring CDP 19-2

Default CDP Configuration 19-2

Configuring the CDP Characteristics 19-2

Disabling and Enabling CDP 19-3

Disabling and Enabling CDP on an Interface 19-4

Monitoring and Maintaining CDP 19-5

CHAPTER

20 Configuring SPAN and RSPAN 20-1

Understanding SPAN and RSPAN 20-1

SPAN and RSPAN Concepts and Terminology 20-3

SPAN Session 20-3

Traffic Types 20-3

Source Port 20-4

Destination Port 20-4

Reflector Port 20-4

SPAN Traffic 20-5

SPAN and RSPAN Interaction with Other Features 20-5

SPAN and RSPAN Session Limits 20-6

Default SPAN and RSPAN Configuration 20-6

Configuring SPAN 20-7

SPAN Configuration Guidelines 20-7

Creating a SPAN Session and Specifying Ports to Monitor 20-7

Removing Ports from a SPAN Session 20-9

Configuring RSPAN 20-10

RSPAN Configuration Guidelines 20-10

Creating an RSPAN Session 20-11

Creating an RSPAN Destination Session 20-12

Removing Ports from an RSPAN Session 20-13

Displaying SPAN and RSPAN Status 20-14

Contents

xviii

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

CHAPTER

21 Configuring RMON 21-1

Understanding RMON 21-1

Configuring RMON 21-2

Default RMON Configuration 21-3

Configuring RMON Alarms and Events 21-3

Configuring RMON Collection on an Interface 21-5

Displaying RMON Status 21-6

CHAPTER

22 Configuring System Message Logging 22-1

Understanding System Message Logging 22-1

Configuring System Message Logging 22-2

System Log Message Format 22-2

Default System Message Logging Configuration 22-3

Disabling and Enabling Message Logging 22-4

Setting the Message Display Destination Device 22-4

Synchronizing Log Messages 22-6

Enabling and Disabling Timestamps on Log Messages 22-7

Enabling and Disabling Sequence Numbers in Log Messages 22-8

Defining the Message Severity Level 22-8

Limiting Syslog Messages Sent to the History Table and to SNMP 22-10

Configuring UNIX Syslog Servers 22-10

Logging Messages to a UNIX Syslog Daemon 22-11

Configuring the UNIX System Logging Facility 22-11

Displaying the Logging Configuration 22-12

CHAPTER

23 Configuring SNMP 23-1

Understanding SNMP 23-1

SNMP Versions 23-2

SNMP Manager Functions 23-3

SNMP Agent Functions 23-3

SNMP Community Strings 23-4

Using SNMP to Access MIB Variables 23-4

SNMP Notifications 23-5

Configuring SNMP 23-5

Default SNMP Configuration 23-6

SNMP Configuration Guidelines 23-6

Disabling the SNMP Agent 23-7

Configuring Community Strings 23-7

Contents

xix

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

Configuring SNMP Groups and Users 23-8

Configuring SNMP Notifications 23-10

Setting the Agent Contact and Location Information 23-13

Limiting TFTP Servers Used Through SNMP 23-13

SNMP Examples 23-14

Displaying SNMP Status 23-15

CHAPTER

24 Configuring Network Security with ACLs 24-1

Understanding ACLs 24-2

Handling Fragmented and Unfragmented Traffic 24-3

Understanding Access Control Parameters 24-4

Guidelines for Applying ACLs to Physical Interfaces 24-6

Configuring ACLs 24-6

Unsupported Features 24-7

Creating Standard and Extended IP ACLs 24-7

ACL Numbers 24-8

Creating a Numbered Standard ACL 24-9

Creating a Numbered Extended ACL 24-10

Creating Named Standard and Extended ACLs 24-13

Applying Time Ranges to ACLs 24-15

Including Comments About Entries in ACLs 24-17

Creating Named MAC Extended ACLs 24-18

Creating MAC Access Groups 24-19

Applying ACLs to Terminal Lines or Physical Interfaces 24-20

Applying ACLs to a Terminal Line 24-20

Applying ACLs to a Physical Interface 24-21

Displaying ACL Information 24-21

Displaying ACLs 24-22

Displaying Access Groups 24-23

Examples for Compiling ACLs 24-23

Numbered ACL Examples 24-25

Extended ACL Examples 24-25

Named ACL Example 24-25

Commented IP ACL Entry Examples 24-25

Contents

xx

Catalyst 2950 Desktop Switch Software Configuration Guide

78-11380-05

CHAPTER

25 Configuring QoS 25-1

Understanding QoS 25-2

Basic QoS Model 25-3

Classification 25-4

Classification Based on QoS ACLs 25-5

Classification Based on Class Maps and Policy Maps 25-6

Policing and Marking 25-6

Mapping Tables 25-7

Queueing and Scheduling 25-7

How Class of Service Works 25-7

Port Priority 25-8

Port Scheduling 25-8

CoS and WRR 25-8

Configuring QoS 25-9

Default QoS Configuration 25-9

Configuration Guidelines 25-10

Configuring Classification Using Port Trust States 25-10

Configuring the Trust State on Ports within the QoS Domain 25-11

Configuring the CoS Value for an Interface 25-13

Configuring Trusted Boundary 25-13

Enabling Pass-Through Mode 25-15

Configuring a QoS Policy 25-16

Classifying Traffic by Using ACLs 25-16

Classifying Traffic by Using Class Maps 25-20

Classifying, Policing, and Marking Traffic by Using Policy Maps 25-21

Configuring CoS Maps 25-24

Configuring the CoS-to-DSCP Map 25-25

Configuring the DSCP-to-CoS Map 25-26

Configuring CoS and WRR 25-27

Configuring CoS Priority Queues 25-27

Configuring WRR 25-27

Displaying QoS Information 25-28

QoS Configuration Examples 25-29

QoS Configuration for the Existing Wiring Closet 25-30

QoS Configuration for the Intelligent Wiring Closet 25-30

Cisco Systems 2950, Telephone 2950 User manual

Related papers

Other documents