2. Computers & electronics
  3. Software
  4. Cisco
  5. Catalyst 4900 Series Switches

Cisco Catalyst 4900 Series Switches Configuration Guide

  • Hello! I am an AI chatbot trained to assist you with the Cisco Catalyst 4900 Series Switches Configuration Guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Catalyst 4500 Series Switch Cisco IOS
Software Configuration Guide
Release 12.2(37)SG
Customer Order Number: DOC-OL12524=
Text Part Number: OL-12524-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of
Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo,
Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study,
LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise,
The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0704R)
Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide
Copyright © 1999–2007 Cisco Systems, Inc. All rights reserved.
3
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
CONTENTS
Preface 29
Audience 29
Organization 29
Related Documentation 32
Software Documentation 33
Conventions 33
Commands in Task Tables 34
Obtaining Documentation, Obtaining Support, and Security Guidelines 34
CHAPTER
1Product Overview 1
Layer 2 Software Features 1
802.1Q and Layer 2 Protocol Tunneling 2
CDP 2
EtherChannel Bundles 2
Jumbo Frames 2
MST 3
PVRST+ 3
QoS 3
Spanning Tree Protocol 3
SSO 4
SVI Autostate 4
UBRL 4
UDLD 4
Unidirectional Ethernet 5
VLANs 5
Layer 3 Software Features 6
CEF 6
HSRP 6
IP Routing Protocols 7
Multicast Services 9
NSF with SSO 9
ISSU 10
Policy-Based Routing 10
Contents
4
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Unidirectional Link Routing 10
VRF-lite 10
Management Features 11
Cisco Network Assistant and Embedded CiscoView 11
Dynamic Host Control Protocol 11
Forced 10/100 Autonegotiation 12
Intelligent Power Management 12
MAC Address Notification 12
MAC Notify MIB 12
NetFlow Statistics 12
Secure Shell 13
Simple Network Management Protocol 13
SPAN and RSPAN 13
Virtual Router Redundancy Protocol 13
Web Content Coordination Protocol 14
Security Features 14
802.1X Identity-Based Network Security 14
Dynamic ARP Inspection 15
Dynamic Host Configuration Protocol Snooping 15
Flood Blocking 16
Hardware-Based Control Plane Policing 16
IP Source Guard for Static Hosts 16
IP Source Guard 17
Local Authentication, RADIUS, and TACACS+ Authentication 17
Network Admission Control (NAC) 17
Network Security with ACLs 18
Port Security 18
Storm Control 18
Utilities 19
CHAPTER
2Command-Line Interfaces 1
Accessing the Switch CLI 1
Accessing the CLI Using the EIA/TIA-232 Console Interface 1
Accessing the CLI Through Telnet 2
Performing Command-Line Processing 3
Performing History Substitution 3
Understanding Cisco IOS Command Modes 4
Getting a List of Commands and Syntax 5
Virtual Console for Standby Supervisor Engine 6
Contents
5
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
ROMMON Command-Line Interface 7
CHAPTER
3Configuring the Switch for the First Time 1
Default Switch Configuration 1
Configuring DHCP-Based Autoconfiguration 2
Understanding DHCP-Based Autoconfiguration 2
DHCP Client Request Process 3
Configuring the DHCP Server 4
Configuring the TFTP Server 4
Configuring the DNS Server 5
Configuring the Relay Device 5
Obtaining Configuration Files 6
Example Configuration 7
Configuring the Switch 8
Using Configuration Mode to Configure Your Switch 9
Verifying the Running Configuration Settings 9
Saving the Running Configuration Settings to Your Start-Up File 10
Reviewing the Configuration in NVRAM 10
Configuring a Default Gateway 11
Configuring a Static Route 11
Controlling Access to Privileged EXEC Commands 13
Setting or Changing a Static enable Password 13
Using the enable password and enable secret Commands 14
Setting or Changing a Privileged Password 14
Controlling Switch Access with TACACS+ 15
Encrypting Passwords 22
Configuring Multiple Privilege Levels 23
Recovering a Lost Enable Password 24
Modifying the Supervisor Engine Startup Configuration 25
Understanding the Supervisor Engine Boot Configuration 25
Configuring the Software Configuration Register 26
Specifying the Startup System Image 29
Controlling Environment Variables 31
Resetting a Switch to Factory Default Settings 31
CHAPTER
4Administering the Switch 1
Managing the System Time and Date 1
The System Clock 2
Understanding Network Time Protocol 2
Contents
6
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Configuring NTP 3
Configuring Time and Date Manually 11
Configuring a System Name and Prompt 14
Default System Name and Prompt Configuration 15
Configuring a System Name 15
Understanding DNS 15
Creating a Banner 17
Default Banner Configuration 18
Configuring a Message-of-the-Day Login Banner 18
Configuring a Login Banner 19
Managing the MAC Address Table 19
Building the Address Table 20
MAC Addresses and VLANs 20
Default MAC Address Table Configuration 21
Changing the Address Aging Time 21
Removing Dynamic Address Entries 22
Configuring MAC Change Notification Traps 22
Configuring MAC Move Notification Traps 24
Configuring MAC Threshold Notification Traps 26
Adding and Removing Static Address Entries 27
Configuring Unicast MAC Address Filtering 28
Displaying Address Table Entries 30
Managing the ARP Table 30
Configuring Embedded CiscoView Support 30
Understanding Embedded CiscoView 31
Installing and Configuring Embedded CiscoView 31
Displaying Embedded CiscoView Information 34
CHAPTER
5Configuring the Cisco IOS
In Service Software Upgrade Process 1
Related Documents 1
Contents 1
Prerequisites for Performing ISSU 2
Restrictions for Performing ISSU 3
Information About Performing ISSU 3
Stateful Switchover Overview 3
NSF Overview 5
ISSU Process Overview 6
Versioning Capability in Cisco IOS Software to Support ISSU 11
Contents
7
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
SNMP Support for ISSU 13
Compatibility Verification Using Cisco Feature Navigator 13
How to Perform the ISSU Process 13
Verifying the ISSU Software Installation 14
Verifying Redundancy Mode Before Beginning the ISSU Process 15
Verifying the ISSU State Before Beginning the ISSU Process 16
Loading New Cisco IOS Software on the Standby Supervisor Engine 16
Switching to the Standby Supervisor Engine 19
Stopping the ISSU Rollback Timer (Optional) 22
Loading New Cisco IOS Software on the New Standby Supervisor Engine 23
Aborting a Software Upgrade During ISSU 25
Configuring the Rollback Timer to Safeguard Against Upgrade Issues 26
Displaying ISSU Compatibility Matrix Information 27
CHAPTER
6Configuring Interfaces 1
Overview of Interface Configuration 1
Using the interface Command 2
Configuring a Range of Interfaces 4
Defining and Using Interface-Range Macros 5
Deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP Ports 6
Digital Optical Monitoring Transceiver Support 7
Configuring Optional Interface Features 7
Configuring Ethernet Interface Speed and Duplex Mode 8
Configuring Flow Control 11
Configuring Jumbo Frame Support 13
Interacting with the Baby Giants Feature 15
Configuring auto-MDIX on a Port 16
Understanding Online Insertion and Removal 18
Monitoring and Maintaining the Interface 19
Monitoring Interface and Controller Status 19
Clearing and Resetting the Interface 19
Shutting Down and Restarting an Interface 20
Configuring Interface Link Status and Trunk Status Events 21
Resetting the Interface to the Default Configuration 23
CHAPTER
7Checking Port Status and Connectivity 1
Checking Module Status 1
Checking Interfaces Status 2
Contents
8
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Displaying MAC Addresses 3
Checking Cable Status Using TDR 3
Overview 4
Running the TDR Test 4
Guidelines 5
Using Telnet 5
Changing the Logout Timer 5
Monitoring User Sessions 6
Using Ping 7
Understanding How Ping Works 7
Running Ping 7
Using IP Traceroute 8
Understanding How IP Traceroute Works 8
Running IP Traceroute 8
Using Layer 2 Traceroute 9
Layer 2 Traceroute Usage Guidelines 9
Running Layer 2 Traceroute 10
Configuring ICMP 11
Enabling ICMP Protocol Unreachable Messages 11
Enabling ICMP Redirect Messages 12
Enabling ICMP Mask Reply Messages 12
CHAPTER
8Configuring Supervisor Engine Redundancy Using RPR and SSO 1
Understanding Supervisor Engine Redundancy 2
Overview 2
RPR Operation 3
SSO Operation 3
Understanding Supervisor Engine Redundancy Synchronization 4
RPR Supervisor Engine Configuration Synchronization 5
SSO Supervisor Engine Configuration Synchronization 5
Supervisor Engine Redundancy Guidelines and Restrictions 5
Configuring Supervisor Engine Redundancy 7
Configuring Redundancy 7
Virtual Console for Standby Supervisor Engine 9
Synchronizing the Supervisor Engine Configurations 11
Performing a Manual Switchover 12
Performing a Software Upgrade 13
Manipulating Bootflash on the Redundant Supervisor Engine 14
Contents
9
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
CHAPTER
9Configuring Cisco NSF with SSO Supervisor Engine Redundancy 1
Understanding NSF with SSO Supervisor Engine Redundancy 1
Understanding Cisco IOS NSF-Aware and NSF-Capable Support 2
NSF with SSO Supervisor Engine Redundancy Overview 4
SSO Operation 4
NSF Operation 5
Cisco Express Forwarding 5
Routing Protocols 5
NSF Guidelines and Restrictions 9
Configuring NSF with SSO Supervisor Engine Redundancy 9
Configuring SSO 10
Configuring CEF NSF 11
Verifying CEF NSF 11
Configuring BGP NSF 11
Verifying BGP NSF 12
Configuring OSPF NSF 13
Verifying OSPF NSF 13
Configuring IS-IS NSF 14
Verifying IS-IS NSF 15
Configuring EIGRP NSF 16
Verifying EIGRP NSF 17
CHAPTER
10 Environmental Monitoring and Power Management 1
Understanding Environmental Monitoring 1
Using CLI Commands to Monitor your Environment 2
System Alarms 2
Power Management 3
Power Management for the Catalyst 4500 Series Switches 3
Powering Down a Module 17
Power Management for the Catalyst 4948 Switches 17
CHAPTER
11 Configuring Power over Ethernet 1
Overview 1
Hardware Requirements 2
Power Management Modes 2
Intelligent Power Management 4
Configuring Power Consumption for Powered Devices
on an Interface 4
Overview 4
Contents
10
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
PoE and Supported Cabling Topology 6
Displaying the Operational Status for an Interface 7
Displaying the PoE Consumed by a Module 8
CHAPTER
12 Configuring the Catalyst 4500 Series Switch
with Cisco Network Assistant 1
Configuring and Using the Network Assistant 1
Network Assistant-Related Features and Their Defaults 2
Overview of the CLI Commands 2
Configuring Your Switch for Network Assistant 3
Managing a Network using Community 5
Converting a Cluster into a Community 9
Managing a Network using Cluster 10
Configuring Network Assistant in Community or Cluster Mode 13
CHAPTER
13 Configuring VLANs, VTP, and VMPS 1
VLANs 1
Overview of VLANs 1
VLAN Configuration Guidelines and Restrictions 3
VLAN Default Configuration 4
Configuring VLANs 4
VLAN Trunking Protocol 8
Overview of VTP 8
VTP Configuration Guidelines and Restrictions 12
VTP Default Configuration 12
Configuring VTP 13
VLAN Membership Policy Server 17
Overview of VMPS 17
Overview of VMPS Clients 20
Dynamic Port VLAN Membership Configuration Example 26
VMPS Database Configuration File Example 29
CHAPTER
14 Configuring IP Unnumbered Interface 1
Related Documents 1
Overview of IP Unnumbered Support 2
IP Unnumbered Interface Support with DHCP Server and Relay Agent 2
DHCP Option 82 2
IP Unnumbered with Connected Host Polling 3
Configuring IP Unnumbered Interface Support with DHCP Server 4
Contents
11
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Configuring IP Unnumbered Interface Support on LAN and VLAN Interfaces 4
Configuring IP Unnumbered Interface Support on a Range of Ethernet VLANs 5
Configuring IP Unnumbered Interface Support
with Connected Host Polling 6
Displaying IP Unnumbered Interface Settings 7
Troubleshooting IP Unnumbered 8
CHAPTER
15 Configuring Layer 2 Ethernet Interfaces 1
Overview of Layer 2 Ethernet Switching 1
Understanding Layer 2 Ethernet Switching 1
Understanding VLAN Trunks 3
Layer 2 Interface Modes 4
Default Layer 2 Ethernet Interface Configuration 4
Layer 2 Interface Configuration Guidelines and Restrictions 5
Configuring Ethernet Interfaces for Layer 2 Switching 5
Configuring an Ethernet Interface as a Layer 2 Trunk 6
Configuring an Interface as a Layer 2 Access Port 8
Clearing Layer 2 Configuration 9
CHAPTER
16 Configuring SmartPort Macros 1
Understanding SmartPort Macros 1
Configuring Smart-Port Macros 2
Passing Parameters Through the Macro 2
Default SmartPort Macro Configuration 3
SmartPort Macro Configuration Guidelines 6
Creating Smartports Macros 7
Applying Smartports Macros 8
Displaying SmartPort Macros 13
CHAPTER
17 Configuring STP and MST 1
Overview of STP 1
Understanding the Bridge ID 2
Bridge Protocol Data Units 3
Election of the Root Bridge 4
STP Timers 4
Creating the STP Topology 4
STP Port States 5
MAC Address Allocation 5
Contents
12
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
STP and IEEE 802.1Q Trunks 6
Per-VLAN Rapid Spanning Tree 6
Default STP Configuration 6
Configuring STP 7
Enabling STP 7
Enabling the Extended System ID 8
Configuring the Root Bridge 9
Configuring a Secondary Root Switch 12
Configuring STP Port Priority 13
Configuring STP Port Cost 15
Configuring the Bridge Priority of a VLAN 16
Configuring the Hello Time 17
Configuring the Maximum Aging Time for a VLAN 18
Configuring the Forward-Delay Time for a VLAN 18
Disabling Spanning Tree Protocol 19
Enabling Per-VLAN Rapid Spanning Tree 20
Overview of MST 21
IEEE 802.1s MST 22
IEEE 802.1w RSTP 23
MST-to-SST Interoperability 24
Common Spanning Tree 25
MST Instances 26
MST Configuration Parameters 26
MST Regions 26
Message Age and Hop Count 28
MST-to-PVST+ Interoperability 28
MST Configuration Restrictions and Guidelines 29
Configuring MST 29
Enabling MST 29
Configuring MST Instance Parameters 32
Configuring MST Instance Port Parameters 33
Restarting Protocol Migration 33
Displaying MST Configurations 34
CHAPTER
18 Configuring Optional STP Features 1
Overview of Root Guard 2
Enabling Root Guard 2
Overview of Loop Guard 3
Enabling Loop Guard 4
Contents
13
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Overview of PortFast 5
Enabling PortFast 6
Overview of BPDU Guard 7
Enabling BPDU Guard 7
Overview of PortFast BPDU Filtering 8
Enabling PortFast BPDU Filtering 8
Overview of UplinkFast 10
Enabling UplinkFast 11
Overview of BackboneFast 12
Enabling BackboneFast 15
CHAPTER
19 Configuring EtherChannel 1
EtherChannel Overview 1
Port-Channel Interfaces 2
How EtherChannels Are Configured 2
Load Balancing 4
EtherChannel Configuration Guidelines and Restrictions 5
Configuring EtherChannel 6
Configuring Layer 3 EtherChannels 6
Configuring Layer 2 EtherChannels 9
Configuring the LACP System Priority and System ID 11
Configuring EtherChannel Load Balancing 12
Removing an Interface from an EtherChannel 13
Removing an EtherChannel 14
CHAPTER
20 Configuring IGMP Snooping and Filtering 1
Overview of IGMP Snooping 1
Immediate-Leave Processing 3
IGMP Configurable-Leave Timer 3
Explicit Host Tracking 4
Configuring IGMP Snooping 4
Default IGMP Snooping Configuration 4
Enabling IGMP Snooping Globally 5
Enabling IGMP Snooping on a VLAN 6
Configuring Learning Methods 6
Configuring a Static Connection to a Multicast Router 7
Enabling IGMP Immediate-Leave Processing 8
Configuring the IGMP Leave Timer 8
Contents
14
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Configuring Explicit Host Tracking 10
Configuring a Host Statically 10
Suppressing Multicast Flooding 10
Displaying IGMP Snooping Information 13
Displaying Querier Information 13
Displaying IGMP Host Membership Information 14
Displaying Group Information 15
Displaying Multicast Router Interfaces 16
Displaying MAC Address Multicast Entries 16
Displaying IGMP Snooping Information on a VLAN Interface 17
Configuring IGMP Filtering 17
Default IGMP Filtering Configuration 18
Configuring IGMP Profiles 18
Applying IGMP Profiles 19
Setting the Maximum Number of IGMP Groups 20
Displaying IGMP Filtering Configuration 21
CHAPTER
21 Configuring 802.1Q and Layer 2 Protocol Tunneling 1
Understanding 802.1Q Tunneling 1
Configuring 802.1Q Tunneling 4
802.1Q Tunneling Configuration Guidelines 4
802.1Q Tunneling and Other Features 5
Configuring an 802.1Q Tunneling Port 6
Understanding Layer 2 Protocol Tunneling 7
Configuring Layer 2 Protocol Tunneling 9
Default Layer 2 Protocol Tunneling Configuration 9
Layer 2 Protocol Tunneling Configuration Guidelines 10
Configuring Layer 2 Tunneling 11
Monitoring and Maintaining Tunneling Status 12
CHAPTER
22 Configuring CDP 1
Overview of CDP 1
Configuring CDP 2
Enabling CDP Globally 2
Displaying the CDP Global Configuration 2
Enabling CDP on an Interface 3
Displaying the CDP Interface Configuration 3
Monitoring and Maintaining CDP 3
Contents
15
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
CHAPTER
23 Configuring UDLD 1
Overview of UDLD 1
Default UDLD Configuration 2
Configuring UDLD on the Switch 2
Enabling UDLD Globally 3
Enabling UDLD on Individual Interfaces 3
Disabling UDLD on Non-Fiber-Optic Interfaces 3
Disabling UDLD on Fiber-Optic Interfaces 4
Resetting Disabled Interfaces 4
CHAPTER
24 Configuring Unidirectional Ethernet 1
Overview of Unidirectional Ethernet 1
Configuring Unidirectional Ethernet 1
CHAPTER
25 Configuring Layer 3 Interfaces 1
Overview of Layer 3 Interfaces 1
Logical Layer 3 VLAN Interfaces 2
Physical Layer 3 Interfaces 2
Configuration Guidelines 3
Configuring Logical Layer 3 VLAN Interfaces 3
Configuring VLANs as Layer 3 Interfaces 4
Understanding SVI Autostate Exclude 5
Configuring SVI Autostate Exclude 5
Configuring Physical Layer 3 Interfaces 6
Configuring EIGRP Stub Routing 8
Overview 8
How to Configure EIGRP Stub Routing 9
Monitoring and Maintaining EIGRP 13
EIGRP Configuration Examples 14
CHAPTER
26 Configuring Cisco Express Forwarding 1
Overview of CEF 1
Benefits of CEF 1
Forwarding Information Base 2
Adjacency Tables 2
Catalyst 4500 Series Switch Implementation of CEF 3
Hardware and Software Switching 4
Load Balancing 6
Contents
16
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Software Interfaces 6
CEF Configuration Restrictions 6
Configuring CEF 6
Enabling CEF 6
Configuring Load Balancing for CEF 7
Monitoring and Maintaining CEF 8
Displaying IP Statistics 8
CHAPTER
27 Configuring IP Multicast 1
Overview of IP Multicast 1
IP Multicast Protocols 2
IP Multicast on the Catalyst 4500 Series Switch 4
Unsupported Features 12
Configuring IP Multicast Routing 12
Default Configuration in IP MUlticast Routing 13
Enabling IP Multicast Routing 13
Enabling PIM on an Interface 13
Monitoring and Maintaining IP Multicast Routing 15
Displaying System and Network Statistics 15
Displaying the Multicast Routing Table 16
Displaying IP MFIB 18
Displaying IP MFIB Fast Drop 19
Displaying PIM Statistics 20
Clearing Tables and Databases 20
Configuration Examples 21
PIM Dense Mode Example 21
PIM Sparse Mode Example 21
BSR Configuration Example 21
CHAPTER
28 Configuring Policy-Based Routing 1
Overview of Policy-Based Routing 1
Understanding PBR 2
Understanding PBR Flow Switching 2
Using Policy-Based Routing 2
Policy-Based Routing Configuration Task List 3
Enabling PBR 3
Enabling Local PBR 5
Unsupported Commands 5
Contents
17
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Policy-Based Routing Configuration Examples 5
Equal Access Example 5
Differing Next Hops Example 6
Deny ACE Example 6
CHAPTER
29 Configuring VRF-lite 1
Understanding VRF-lite 2
Default VRF-lite Configuration 3
VRF-lite Configuration Guidelines 4
Configuring VRFs 5
Configuring a VPN Routing Session 5
Configuring BGP PE to CE Routing Sessions 6
VRF-lite Configuration Example 7
Configuring Switch S8 8
Configuring Switch S20 9
Configuring Switch S11 10
Configuring the PE Switch S3 10
Displaying VRF-lite Status 11
CHAPTER
30 Configuring Quality of Service 1
Overview of QoS 1
Prioritization 2
QoS Terminology 3
Basic QoS Model 5
Classification 6
Policing and Marking 10
Mapping Tables 14
Queueing and Scheduling 14
Packet Modification 16
Per Port Per VLAN QoS 16
QoS and Software Processed Packets 16
Configuring Auto-QoS 17
Generated Auto-QoS Configuration 17
Effects of Auto-QoS on the Configuration 19
Configuration Guidelines 19
Enabling Auto-QoS for VoIP 19
Displaying Auto-QoS Information 20
Auto-QoS Configuration Example 21
Contents
18
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Configuring QoS 23
Default QoS Configuration 23
Configuration Guidelines 25
Enabling QoS Globally 25
Configuring a Trusted Boundary to Ensure Port Security 26
Enabling Dynamic Buffer Limiting 27
Creating Named Aggregate Policers 30
Configuring a QoS Policy 32
Configuring CoS Mutation 41
Configuring User Based Rate Limiting 42
Enabling Per-Port Per-VLAN QoS 48
Enabling or Disabling QoS on an Interface 51
Configuring VLAN-Based QoS on Layer 2 Interfaces 52
Configuring the Trust State of Interfaces 53
Configuring the CoS Value for an Interface 53
Configuring DSCP Values for an Interface 54
Configuring Transmit Queues 55
Configuring DSCP Maps 58
CHAPTER
31 Configuring Voice Interfaces 1
Overview of Voice Interfaces 1
Cisco IP Phone Voice Traffic 2
Cisco IP Phone Data Traffic 2
Configuring a Port to Connect to a Cisco 7960 IP Phone 2
Configuring Voice Ports for Voice and Data Traffic 3
Overriding the CoS Priority of Incoming Frames 4
Configuring Power 5
CHAPTER
32 Configuring 802.1X Port-Based Authentication 1
Understanding 802.1X Port-Based Authentication 1
Device Roles 2
802.1X and Network Access Control 3
Authentication Initiation and Message Exchange 3
Ports in Authorized and Unauthorized States 4
802.1X Host Mode 6
Using 802.1X with VLAN Assignment 7
Using 802.1X for Guest VLANs 8
Using 802.1X with MAC Authentication Bypass 9
Using 802.1X with Inaccessible Authentication Bypass 12
Contents
19
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Using 802.1X with Unidirectional Controlled Port 12
Using 802.1X with Authentication Failed VLAN Assignment 13
Using 802.1X with Port Security 15
Using 802.1X with RADIUS-Provided Session Timeouts 16
Using 802.1X with RADIUS Accounting 16
Using 802.1X with Voice VLAN Ports 19
Using Multiple Domain Authentication 19
Supported Topologies 21
Configuring 802.1X 21
Default 802.1X Configuration 22
802.1X Configuration Guidelines 23
Enabling 802.1X Authentication 23
Configuring Switch-to-RADIUS-Server Communication 26
Configuring Multiple Domain Authentication 28
Configuring RADIUS-Provided Session Timeouts 31
Enabling 802.1X RADIUS Accounting 32
Configuring 802.1X with Guest VLANs 32
Configuring 802.1X with MAC Authentication Bypass 35
Configuring 802.1X with Inaccessible Authentication Bypass 36
Configuring 802.1X with Unidirectional Controlled Port 38
Configuring 802.1X with Authentication Failed VLAN Assignment 39
Configuring 802.1X with Voice VLAN 41
Enabling Periodic Reauthentication 42
Enabling Multiple Hosts 43
Changing the Quiet Period 44
Changing the Switch-to-Client Retransmission Time 44
Setting the Switch-to-Client Frame-Retransmission Number 45
Manually Reauthenticating a Client Connected to a Port 47
Initializing the 802.1X Authentication State 47
Removing 802.1X Client Information 47
Resetting the 802.1X Configuration to the Default Values 47
Displaying 802.1X Statistics and Status 48
CHAPTER
33 Configuring Port Security 1
Command List 1
Overview of Port Security 3
Secure MAC Addresses 3
Maximum Number of Secure MAC Addresses 4
Aging Secure MAC Addresses 5
Contents
20
Software Configuration Guide—Release 12.2(37)SG
OL-12524-01
Sticky Addresses on a Port 5
Violation Actions 6
Invalid Packet Handling 6
Port Security on Access Ports 6
Configuring Port Security on Access Ports 7
Examples 10
Port Security on a Private VLAN Port 13
Configuring Port Security on an Isolated Private VLAN Host Port 14
Example of Port Security on an Isolated Private VLAN Host Port 15
Configuring Port Security on a Private VLAN Promiscous Port 15
Example of Port Security on a Private VLAN Promiscous Port 16
Port Security on Trunk Ports 16
Configuring Trunk Port Security 16
Examples of Trunk Port Security 18
Trunk Port Security Guidelines and Restrictions 20
Port Security on Voice Ports 21
Configuring Port Security on Voice Ports 22
Examples of Voice Port Security 24
Voice Port Security Guidelines and Restrictions 26
Displaying Port Security Settings 26
Examples 27
Configuring Port Security with Other Features/Environments 29
DHCP and IP Source Guard 30
802.1X Authentication 30
Configuring Port Security in a Wireless Environment 31
Configuring Port Security over Layer 2 EtherChannel 31
Port Security Guidelines and Restrictions 31
CHAPTER
34 Configuring Control Plane Policing 1
Understanding How Control Plane Policing Works 1
Caveats for Control Plane Policing 3
CoPP Default Configuration 3
Configuring CoPP 3
Configure CoPP for Control Plan Traffic 4
Configure CoPP for Data Plane and Management Plan Traffic 5
CoPP Configuration Guidelines and Restrictions 7
Monitoring CoPP 7
/