Cisco Systems 2950 User manual

Americas Headquarters

Cisco Systems, Inc.

170 West Tasman Drive

San Jose, CA 95134-1706

USA

http://www.cisco.com

Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 527-0883

Catalyst 2950 and Catalyst 2955 Switch

Software Configuration Guide

Cisco IOS Release 12.1(22)EA11 and Later

March 2008

Text Part Number: OL-10101-02

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL

STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT

WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT

SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE

OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH

ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR

IMPLIED, INCLUDING, WITHOUT

LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF

DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,

WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO

OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCDE, CCVP, Cisco Eos, Cisco StadiumVision, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and

Learn is a service mark; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the

Cisco

Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without

Limitation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient,

IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace,

MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise,

The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx

logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the

United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship

between Cisco and any other company. (0801R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the

document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

iii

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

CONTENTS

Preface xxvii

Audience xxvii

Purpose xxvii

Conventions xxviii

Related Publications xxix

Obtaining Documentation and Submitting a Service Request xxx

CHAPTER

1 Overview 1-1

Features 1-1

Ease of Deployment and Ease of Use 1-2

Performance 1-3

Manageability 1-4

Redundancy 1-5

VLAN Support 1-6

Security 1-6

Quality of Service and Class of Service 1-7

Monitoring 1-8

LRE Features (available only on Catalyst 2950 LRE switches) 1-8

Management Options 1-9

Management Interface Options 1-9

Advantages of Using Network Assistant and Clustering Switches 1-10

Network Configuration Examples 1-11

Design Concepts for Using the Switch 1-11

Small to Medium-Sized Network Configuration 1-14

Collapsed Backbone and Switch Cluster Configuration 1-15

Hotel Network Configuration 1-16

Service-Provider Central-Office Configuration 1-18

Large Campus Configuration 1-20

Multidwelling Network Using Catalyst 2950 Switches 1-21

Long-Distance, High-Bandwidth Transport Configuration 1-23

Where to Go Next 1-23

Contents

iv

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

CHAPTER

2 Using the Command-Line Interface 2-1

Cisco IOS Command Modes 2-1

Getting Help 2-3

Abbreviating Commands 2-4

Using no and default Forms of Commands 2-4

Understanding CLI Messages 2-5

Using Command History 2-5

Changing the Command History Buffer Size 2-5

Recalling Commands 2-6

Disabling the Command History Feature 2-6

Using Editing Features 2-6

Enabling and Disabling Editing Features 2-6

Editing Commands through Keystrokes 2-7

Editing Command Lines that Wrap 2-8

Searching and Filtering Output of show and more Commands 2-9

Accessing the CLI 2-9

CHAPTER

3 Configuring Catalyst 2955 Switch Alarms 3-1

Understanding Catalyst 2955 Switch Alarms 3-1

Global Status Monitoring Alarms 3-2

FCS Error Hysteresis Threshold 3-2

Port Status Monitoring Alarms 3-3

Triggering Alarm Options 3-3

Configuring Catalyst 2955 Switch Alarms 3-4

Default Catalyst 2955 Switch Alarm Configuration 3-4

Configuring the Power Supply Alarm 3-5

Setting the Power Mode 3-5

Setting the Power Supply Alarm Options 3-5

Configuring the Switch Temperature Alarms 3-6

Setting a Secondary Temperature Threshold for the Switch 3-6

Associating the Temperature Alarms to a Relay 3-7

Configuring the FCS Bit Error Rate Alarm 3-7

Setting the FCS Error Threshold 3-8

Setting the FCS Error Hysteresis Threshold 3-8

Contents

v

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring Alarm Profiles 3-9

Creating or Modifying an Alarm Profile 3-9

Attaching an Alarm Profile to a Specific Port 3-10

Enabling SNMP Traps 3-11

Displaying Catalyst 2955 Switch Alarms Status 3-11

CHAPTER

4 Assigning the Switch IP Address and Default Gateway 4-1

Understanding the Boot Process 4-1

Assigning Switch Information 4-2

Default Switch Information 4-3

Understanding DHCP-Based Autoconfiguration 4-3

DHCP Client Request Process 4-4

Configuring DHCP-Based Autoconfiguration 4-5

DHCP Server Configuration Guidelines 4-5

Configuring the TFTP Server 4-6

Configuring the DNS 4-7

Configuring the Relay Device 4-7

Obtaining Configuration Files 4-8

Example Configuration 4-9

Understanding DHCP-Based Autoconfiguration with a Saved Configuration 4-10

Limitations and Restrictions 4-10

Configuring DHCP-Based Autoconfiguration with a saved configuration 4-11

Manually Assigning IP Information 4-12

Checking and Saving the Running Configuration 4-12

Modifying the Startup Configuration 4-13

Default Boot Configuration 4-13

Automatically Downloading a Configuration File 4-13

Specifying the Filename to Read and Write the System Configuration 4-14

Booting Manually 4-14

Booting a Specific Software Image 4-15

Controlling Environment Variables 4-16

Scheduling a Reload of the Software Image 4-17

Configuring a Scheduled Reload 4-18

Displaying Scheduled Reload Information 4-19

CHAPTER

5 Configuring Cisco IOS CNS Agents 5-1

Understanding Cisco Configuration Engine Software 5-1

Configuration Service 5-2

Contents

vi

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Event Service 5-3

NameSpace Mapper 5-3

What You Should Know About the CNS IDs and Device Hostnames 5-3

ConfigID 5-4

DeviceID 5-4

Hostname and DeviceID 5-4

Using Hostname, DeviceID, and ConfigID 5-5

Understanding Cisco IOS Agents 5-5

Initial Configuration 5-5

Incremental (Partial) Configuration 5-6

Synchronized Configuration 5-6

Configuring Cisco IOS Agents 5-7

Enabling Automated CNS Configuration 5-7

Enabling the CNS Event Agent 5-8

Enabling the Cisco IOS CNS Agent 5-9

Enabling an Initial Configuration 5-9

Enabling a Partial Configuration 5-11

Displaying CNS Configuration 5-12

CHAPTER

6 Clustering Switches 6-1

Understanding Switch Clusters 6-1

Cluster Command Switch Characteristics 6-2

Standby Cluster Command Switch Characteristics 6-3

Candidate Switch and Member Switch Characteristics 6-4

Planning a Switch Cluster 6-4

Automatic Discovery of Cluster Candidates and Members 6-5

Discovery Through CDP Hops 6-5

Discovery Through Non-CDP-Capable and Noncluster-Capable Devices 6-6

Discovery Through Different VLANs 6-7

Discovery Through Different Management VLANs 6-7

Discovery of Newly Installed Switches 6-8

HSRP and Standby Cluster Command Switches 6-9

Virtual IP Addresses 6-10

Other Considerations for Cluster Standby Groups 6-10

Automatic Recovery of Cluster Configuration 6-11

IP Addresses 6-12

Hostnames 6-12

Passwords 6-12

SNMP Community Strings 6-13

Contents

vii

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

TACACS+ and RADIUS 6-13

LRE Profiles 6-13

Catalyst 1900 and Catalyst 2820 CLI Considerations 6-14

Using SNMP to Manage Switch Clusters 6-14

CHAPTER

7 Administering the Switch 7-1

Managing the System Time and Date 7-1

Understanding the System Clock 7-1

Understanding Network Time Protocol 7-2

Configuring NTP 7-3

Default NTP Configuration 7-4

Configuring NTP Authentication 7-4

Configuring NTP Associations 7-5

Configuring NTP Broadcast Service 7-6

Configuring NTP Access Restrictions 7-8

Configuring the Source IP Address for NTP Packets 7-10

Displaying the NTP Configuration 7-10

Configuring Time and Date Manually 7-11

Setting the System Clock 7-11

Displaying the Time and Date Configuration 7-11

Configuring the Time Zone 7-12

Configuring Summer Time (Daylight Saving Time) 7-12

Configuring a System Name and Prompt 7-14

Default System Name and Prompt Configuration 7-15

Configuring a System Name 7-15

Understanding DNS 7-15

Default DNS Configuration 7-16

Setting Up DNS 7-16

Displaying the DNS Configuration 7-17

Creating a Banner 7-17

Default Banner Configuration 7-17

Configuring a Message-of-the-Day Login Banner 7-17

Configuring a Login Banner 7-18

Managing the MAC Address Table 7-19

Building the Address Table 7-20

MAC Addresses and VLANs 7-20

Default MAC Address Table Configuration 7-20

Changing the Address Aging Time 7-21

Removing Dynamic Address Entries 7-21

Contents

viii

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring MAC Address Notification Traps 7-21

Adding and Removing Static Address Entries 7-23

Configuring Unicast MAC Address Filtering 7-24

.Displaying Address Table Entries 7-25

Managing the ARP Table 7-26

CHAPTER

8 Configuring Switch-Based Authentication 8-1

Preventing Unauthorized Access to Your Switch 8-1

Protecting Access to Privileged EXEC Commands 8-2

Default Password and Privilege Level Configuration 8-2

Setting or Changing a Static Enable Password 8-3

Protecting Enable and Enable Secret Passwords with Encryption 8-4

Disabling Password Recovery 8-5

Setting a Telnet Password for a Terminal Line 8-6

Configuring Username and Password Pairs 8-7

Configuring Multiple Privilege Levels 8-8

Setting the Privilege Level for a Command 8-8

Changing the Default Privilege Level for Lines 8-9

Logging into and Exiting a Privilege Level 8-10

Controlling Switch Access with TACACS+ 8-10

Understanding TACACS+ 8-10

TACACS+ Operation 8-12

Configuring TACACS+ 8-12

Default TACACS+ Configuration 8-13

Identifying the TACACS+ Server Host and Setting the Authentication Key 8-13

Configuring TACACS+ Login Authentication 8-14

Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 8-16

Starting TACACS+ Accounting 8-16

Displaying the TACACS+ Configuration 8-17

Controlling Switch Access with RADIUS 8-17

Understanding RADIUS 8-17

RADIUS Operation 8-19

Contents

ix

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring RADIUS 8-19

Default RADIUS Configuration 8-20

Identifying the RADIUS Server Host 8-20

Configuring RADIUS Login Authentication 8-23

Defining AAA Server Groups 8-25

Configuring RADIUS Authorization for User Privileged Access and Network Services 8-27

Starting RADIUS Accounting 8-28

Configuring Settings for All RADIUS Servers 8-28

Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29

Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-30

Displaying the RADIUS Configuration 8-31

Configuring the Switch for Local Authentication and Authorization 8-32

Configuring the Switch for Secure Shell 8-33

Understanding SSH 8-33

SSH Servers, Integrated Clients, and Supported Versions 8-33

Limitations 8-34

Configuring SSH 8-34

Configuration Guidelines 8-34

Cryptographic Software Image Guidelines 8-35

Setting Up the Switch to Run SSH 8-35

Configuring the SSH Server 8-36

Displaying the SSH Configuration and Status 8-37

CHAPTER

9 Configuring IEEE 802.1x Port-Based Authentication 9-1

Understanding IEEE 802.1x Port-Based Authentication 9-1

Device Roles 9-2

Authentication Initiation and Message Exchange 9-3

Ports in Authorized and Unauthorized States 9-4

IEEE 802.1x Host Mode 9-5

IEEE 802.1x Accounting 9-6

IEEE 802.1x Accounting Attribute-Value Pairs 9-6

Using IEEE 802.1x Authentication with VLAN Assignment 9-7

Using IEEE 802.1x Authentication with Guest VLAN 9-8

Using IEEE 802.1x Authentication with Restricted VLAN 9-9

Using IEEE 802.1x Authentication with Voice VLAN Ports 9-10

Using IEEE 802.1x Authentication with Port Security 9-10

Using IEEE 802.1x Authentication with Wake-on-LAN 9-11

Network Admission Control Layer 2 IEEE 802.1x Validation 9-11

Contents

x

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring IEEE 802.1x Authentication 9-12

Default IEEE 802.1x Authentication Configuration 9-12

IEEE 802.1x Authentication Configuration Guidelines 9-13

IEEE 802.1x Authentication 9-14

VLAN Assignment, Guest VLAN, and Restricted VLAN 9-14

Upgrading from a Previous Software Release 9-15

Configuring IEEE 802.1x Authentication 9-15

Configuring the Switch-to-RADIUS-Server Communication 9-17

Configuring the Host Mode 9-18

Enabling Periodic Re-Authentication 9-19

Manually Re-Authenticating a Client Connected to a Port 9-19

Changing the Quiet Period 9-20

Changing the Switch-to-Client Retransmission Time 9-20

Setting the Switch-to-Client Frame-Retransmission Number 9-21

Configuring IEEE 802.1x Accounting 9-22

Configuring a Guest VLAN 9-23

Configuring a Restricted VLAN 9-24

Configuring IEEE 802.1x Authentication with WoL 9-26

Configuring NAC Layer 2 IEEE 802.1x Validation 9-27

Resetting the IEEE 802.1x Configuration to the Default Values 9-28

Displaying IEEE 802.1x Statistics and Status 9-28

CHAPTER

10 Configuring Interface Characteristics 10-1

Understanding Interface Types 10-1

Access Ports 10-2

Trunk Ports 10-2

Port-Based VLANs 10-3

EtherChannel Port Groups 10-3

Connecting Interfaces 10-4

Using the Interface Command 10-4

Procedures for Configuring Interfaces 10-5

Configuring a Range of Interfaces 10-5

Configuring and Using Interface-Range Macros 10-7

Configuring Ethernet Interfaces 10-8

Default Ethernet Interface Configuration 10-9

Configuring Interface Speed and Duplex Mode 10-10

Configuration Guidelines 10-10

Setting the Interface Speed and Duplex Parameters on a Non-LRE Switch Port 10-12

Setting the Interface Speed and Duplex Parameters on an LRE Switch Port 10-12

Contents

xi

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring Media Types for Gigabit Ethernet Interfaces on LRE Switches 10-13

Configuring IEEE 802.3x Flow Control on IEEE 802.3z Gigabit Ethernet Ports 10-13

Adding a Description for an Interface 10-14

Configuring Loopback Detection 10-15

Monitoring and Maintaining the Interfaces 10-15

Monitoring Interface and Controller Status 10-16

Clearing and Resetting Interfaces and Counters 10-16

Shutting Down and Restarting the Interface 10-17

CHAPTER

11 Configuring Smartports Macros 11-1

Understanding Smartports Macros 11-1

Configuring Smartports Macros 11-2

Default Smartports Macro Configuration 11-2

Smartports Macro Configuration Guidelines 11-3

Creating Smartports Macros 11-4

Applying Smartports Macros 11-5

Applying Cisco-Default Smartports Macros 11-6

Displaying Smartports Macros 11-8

CHAPTER

12 Configuring LRE 12-1

Understanding LRE Features 12-1

Ports on the Catalyst 2950 LRE Switches 12-1

LRE Links and LRE Profiles 12-2

LRE Profiles 12-2

LRE Sequences 12-5

CPE Ethernet Links 12-6

LRE Link Monitor 12-7

LRE Message Logging Process 12-7

Configuring LRE Ports 12-8

Default LRE Configuration 12-8

Environmental Guidelines for LRE Links 12-9

Guidelines for Using LRE Profiles 12-10

CPE Ethernet Link Guidelines 12-10

Guidelines for Configuring Cisco 575 LRE CPEs and 576 LRE 997 CPEs 12-11

Guidelines for Configuring Cisco 585 LRE CPEs 12-11

Assigning a Global Profile to All LRE Ports 12-12

Assigning a Profile to a Specific LRE Port 12-12

Assigning a Global Sequence to All LRE Ports 12-13

Assigning a Sequence to a Specific LRE Port 12-13

Contents

xii

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Using Rate Selection to Automatically Assign Profiles 12-14

Precedence 12-15

Profile Locking 12-15

Link Qualification and SNR Margins 12-16

Configuring LRE Link Persistence 12-19

Configuring LRE Link Monitor 12-19

Configuring LRE Interleave 12-19

Configuring Upstream Power Back-Off 12-20

Configuring CPE Toggle 12-21

Configuring Syslog Export 12-22

Upgrading LRE Switch Firmware 12-23

Configuring for an LRE Upgrade 12-23

Performing an LRE Upgrade 12-24

Global Configuration of LRE Upgrades 12-24

Controller Configuration of LRE Upgrades 12-24

LRE Upgrade Details 12-25

LRE Upgrade Example 12-26

Displaying LRE Status 12-27

CHAPTER

13 Configuring STP 13-1

Understanding Spanning-Tree Features 13-1

STP Overview 13-2

Spanning-Tree Topology and BPDUs 13-2

Bridge ID, Switch Priority, and Extended System ID 13-3

Spanning-Tree Interface States 13-4

Blocking State 13-5

Listening State 13-6

Learning State 13-6

Forwarding State 13-6

Disabled State 13-6

How a Switch or Port Becomes the Root Switch or Root Port 13-7

Spanning Tree and Redundant Connectivity 13-7

Spanning-Tree Address Management 13-8

Accelerated Aging to Retain Connectivity 13-8

Spanning-Tree Modes and Protocols 13-9

Supported Spanning-Tree Instances 13-9

Spanning-Tree Interoperability and Backward Compatibility 13-10

STP and IEEE 802.1Q Trunks 13-10

Contents

xiii

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring Spanning-Tree Features 13-10

Default Spanning-Tree Configuration 13-11

Spanning-Tree Configuration Guidelines 13-11

Changing the Spanning-Tree Mode 13-12

Disabling Spanning Tree 13-13

Configuring the Root Switch 13-14

Configuring a Secondary Root Switch 13-16

Configuring the Port Priority 13-17

Configuring the Path Cost 13-18

Configuring the Switch Priority of a VLAN 13-19

Configuring Spanning-Tree Timers 13-20

Configuring the Hello Time 13-20

Configuring the Forwarding-Delay Time for a VLAN 13-21

Configuring the Maximum-Aging Time for a VLAN 13-21

Configuring Spanning Tree for Use in a Cascaded Stack 13-22

Displaying the Spanning-Tree Status 13-23

CHAPTER

14 Configuring MSTP 14-1

Understanding MSTP 14-2

Multiple Spanning-Tree Regions 14-2

IST, CIST, and CST 14-2

Operations Within an MST Region 14-3

Operations Between MST Regions 14-3

Hop Count 14-4

Boundary Ports 14-5

Interoperability with IEEE 802.1D STP 14-5

Understanding RSTP 14-6

Port Roles and the Active Topology 14-6

Rapid Convergence 14-7

Synchronization of Port Roles 14-8

Bridge Protocol Data Unit Format and Processing 14-9

Processing Superior BPDU Information 14-10

Processing Inferior BPDU Information 14-10

Topology Changes 14-10

Configuring MSTP Features 14-11

Default MSTP Configuration 14-11

MSTP Configuration Guidelines 14-12

Specifying the MST Region Configuration and Enabling MSTP 14-13

Contents

xiv

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring the Root Switch 14-14

Configuring a Secondary Root Switch 14-15

Configuring the Port Priority 14-16

Configuring the Path Cost 14-17

Configuring the Switch Priority 14-18

Configuring the Hello Time 14-19

Configuring the Forwarding-Delay Time 14-20

Configuring the Maximum-Aging Time 14-20

Configuring the Maximum-Hop Count 14-21

Specifying the Link Type to Ensure Rapid Transitions 14-21

Restarting the Protocol Migration Process 14-22

Displaying the MST Configuration and Status 14-22

CHAPTER

15 Configuring Optional Spanning-Tree Features 15-1

Understanding Optional Spanning-Tree Features 15-1

Understanding Port Fast 15-2

Understanding BPDU Guard 15-2

Understanding BPDU Filtering 15-3

Understanding UplinkFast 15-3

Understanding Cross-Stack UplinkFast 15-5

How CSUF Works 15-6

Events that Cause Fast Convergence 15-7

Limitations 15-8

Connecting the Stack Ports 15-8

Understanding BackboneFast 15-9

Understanding EtherChannel Guard 15-11

Understanding Root Guard 15-12

Understanding Loop Guard 15-13

Configuring Optional Spanning-Tree Features 15-13

Default Optional Spanning-Tree Configuration 15-13

Optional Spanning-Tree Configuration Guidelines 15-14

Enabling Port Fast 15-14

Enabling BPDU Guard 15-15

Enabling BPDU Filtering 15-16

Enabling UplinkFast for Use with Redundant Links 15-17

Enabling Cross-Stack UplinkFast 15-18

Enabling BackboneFast 15-19

Enabling EtherChannel Guard 15-19

Contents

xv

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Enabling Root Guard 15-20

Enabling Loop Guard 15-20

Displaying the Spanning-Tree Status 15-21

CHAPTER

16 Configuring VLANs 16-1

Understanding VLANs 16-1

Supported VLANs 16-2

VLAN Port Membership Modes 16-3

Configuring Normal-Range VLANs 16-4

Token Ring VLANs 16-5

Normal-Range VLAN Configuration Guidelines 16-5

VLAN Configuration Mode Options 16-6

VLAN Configuration in config-vlan Mode 16-6

VLAN Configuration in VLAN Configuration Mode 16-6

Saving VLAN Configuration 16-6

Default Ethernet VLAN Configuration 16-7

Creating or Modifying an Ethernet VLAN 16-8

Deleting a VLAN 16-9

Assigning Static-Access Ports to a VLAN 16-10

Configuring Extended-Range VLANs 16-11

Default VLAN Configuration 16-11

Extended-Range VLAN Configuration Guidelines 16-11

Creating an Extended-Range VLAN 16-12

Displaying VLANs 16-13

Configuring VLAN Trunks 16-13

Trunking Overview 16-14

IEEE 802.1Q Configuration Considerations 16-15

Default Layer 2 Ethernet Interface VLAN Configuration 16-16

Configuring an Ethernet Interface as a Trunk Port 16-16

Interaction with Other Features 16-16

Configuring a Trunk Port 16-17

Defining the Allowed VLANs on a Trunk 16-18

Changing the Pruning-Eligible List 16-19

Configuring the Native VLAN for Untagged Traffic 16-19

Load Sharing Using STP 16-20

Load Sharing Using STP Port Priorities 16-20

Load Sharing Using STP Path Cost 16-22

Contents

xvi

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring VMPS 16-23

Understanding VMPS 16-23

Dynamic Port VLAN Membership 16-24

VMPS Database Configuration File 16-24

Default VMPS Client Configuration 16-25

VMPS Configuration Guidelines 16-25

Configuring the VMPS Client 16-26

Entering the IP Address of the VMPS 16-26

Configuring Dynamic Access Ports on VMPS Clients 16-26

Reconfirming VLAN Memberships 16-27

Changing the Reconfirmation Interval 16-27

Changing the Retry Count 16-28

Monitoring the VMPS 16-28

Troubleshooting Dynamic Port VLAN Membership 16-29

VMPS Configuration Example 16-29

CHAPTER

17 Configuring VTP 17-1

Understanding VTP 17-1

The VTP Domain 17-2

VTP Modes 17-2

VTP Advertisements 17-3

VTP Version 2 17-4

VTP Pruning 17-4

Configuring VTP 17-6

Default VTP Configuration 17-6

VTP Configuration Options 17-6

VTP Configuration in Global Configuration Mode 17-7

VTP Configuration in VLAN Configuration Mode 17-7

VTP Configuration Guidelines 17-8

Domain Names 17-8

Passwords 17-8

Upgrading from Previous Software Releases 17-8

VTP Version 17-9

Configuration Requirements 17-9

Configuring a VTP Server 17-9

Configuring a VTP Client 17-11

Disabling VTP (VTP Transparent Mode) 17-12

Enabling VTP Version 2 17-13

Contents

xvii

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Enabling VTP Pruning 17-14

Adding a VTP Client Switch to a VTP Domain 17-14

Monitoring VTP 17-15

CHAPTER

18 Configuring Voice VLAN 18-1

Understanding Voice VLAN 18-1

Configuring Voice VLAN 18-2

Default Voice VLAN Configuration 18-2

Voice VLAN Configuration Guidelines 18-3

Configuring a Port to Connect to a Cisco 7960 IP Phone 18-3

Configuring Ports to Carry Voice Traffic in IEEE 802.1Q Frames 18-4

Configuring Ports to Carry Voice Traffic in IEEE 802.1p Priority-Tagged Frames 18-4

Overriding the CoS Priority of Incoming Data Frames 18-5

Configuring the IP Phone to Trust the CoS Priority of Incoming Data Frames 18-5

Displaying Voice VLAN 18-6

CHAPTER

19 Configuring DHCP Features 19-1

Understanding DHCP Features 19-1

DHCP Server 19-2

DHCP Relay Agent 19-2

DHCP Snooping 19-2

Option-82 Data Insertion 19-3

Configuring DHCP Features 19-5

Default DHCP Configuration 19-5

DHCP Snooping Configuration Guidelines 19-6

Configuring the DHCP Server 19-7

Enabling DHCP Snooping and Option 82 19-7

Displaying DHCP Information 19-8

CHAPTER

20 Configuring IGMP Snooping and MVR 20-1

Understanding IGMP Snooping 20-1

IGMP Versions 20-2

Joining a Multicast Group 20-3

Leaving a Multicast Group 20-4

Immediate-Leave Processing 20-5

IGMP Configurable-Leave Timer 20-5

IGMP Report Suppression 20-5

Source-Only Networks 20-6

Contents

xviii

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring IGMP Snooping 20-6

Default IGMP Snooping Configuration 20-7

Enabling or Disabling IGMP Snooping 20-7

Setting the Snooping Method 20-8

Configuring a Multicast Router Port 20-9

Configuring a Host Statically to Join a Group 20-9

Enabling IGMP Immediate-Leave Processing 20-10

Configuring the IGMP Leave Timer 20-10

Disabling IGMP Report Suppression 20-11

Disabling IP Multicast-Source-Only Learning 20-12

Configuring the Aging Time 20-13

Displaying IGMP Snooping Information 20-13

Understanding Multicast VLAN Registration 20-14

Using MVR in a Multicast Television Application 20-15

Configuring MVR 20-17

Default MVR Configuration 20-17

MVR Configuration Guidelines and Limitations 20-17

Configuring MVR Global Parameters 20-18

Configuring MVR Interfaces 20-19

Displaying MVR Information 20-20

Configuring IGMP Filtering and Throttling 20-21

Default IGMP Filtering and Throttling Configuration 20-21

Configuring IGMP Profiles 20-22

Applying IGMP Profiles 20-23

Setting the Maximum Number of IGMP Groups 20-24

Configuring the IGMP Throttling Action 20-24

Displaying IGMP Filtering and Throttling Configuration 20-25

CHAPTER

21 Configuring Port-Based Traffic Control 21-1

Configuring Storm Control 21-1

Understanding Storm Control 21-1

Default Storm Control Configuration 21-2

Configuring Storm Control and Threshold Levels 21-2

Configuring Protected Ports 21-4

Contents

xix

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Configuring Port Blocking 21-5

Blocking Flooded Traffic on an Interface 21-5

Resuming Normal Forwarding on a Port 21-6

Configuring Port Security 21-6

Understanding Port Security 21-6

Secure MAC Addresses 21-6

Security Violations 21-7

Default Port Security Configuration 21-8

Port Security Configuration Guidelines 21-8

Enabling and Configuring Port Security 21-9

Enabling and Configuring Port Security Aging 21-11

Displaying Port-Based Traffic Control Settings 21-13

CHAPTER

22 Configuring UDLD 22-1

Understanding UDLD 22-1

Modes of Operation 22-1

Methods to Detect Unidirectional Links 22-2

Configuring UDLD 22-3

Default UDLD Configuration 22-4

Configuration Guidelines 22-4

Enabling UDLD Globally 22-5

Enabling UDLD on an Interface 22-5

Resetting an Interface Shut Down by UDLD 22-6

Displaying UDLD Status 22-7

CHAPTER

23 Configuring CDP 23-1

Understanding CDP 23-1

Configuring CDP 23-2

Default CDP Configuration 23-2

Configuring the CDP Characteristics 23-2

Disabling and Enabling CDP 23-3

Disabling and Enabling CDP on an Interface 23-4

Monitoring and Maintaining CDP 23-4

Contents

xx

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

CHAPTER

24 Configuring SPAN and RSPAN 24-1

Understanding SPAN and RSPAN 24-1

SPAN and RSPAN Concepts and Terminology 24-3

SPAN Session 24-3

Traffic Types 24-3

Source Port 24-4

Destination Port 24-4

Reflector Port 24-5

SPAN Traffic 24-5

SPAN and RSPAN Interaction with Other Features 24-5

SPAN and RSPAN Session Limits 24-6

Default SPAN and RSPAN Configuration 24-7

Configuring SPAN 24-7

SPAN Configuration Guidelines 24-7

Creating a SPAN Session and Specifying Ports to Monitor 24-8

Creating a SPAN Session and Enabling Ingress Traffic 24-9

Removing Ports from a SPAN Session 24-10

Configuring RSPAN 24-11

RSPAN Configuration Guidelines 24-11

Configuring a VLAN as an RSPAN VLAN 24-12

Creating an RSPAN Source Session 24-13

Creating an RSPAN Destination Session 24-14

Removing Ports from an RSPAN Session 24-15

Displaying SPAN and RSPAN Status 24-16

CHAPTER

25 Configuring RMON 25-1

Understanding RMON 25-1

Configuring RMON 25-2

Default RMON Configuration 25-3

Configuring RMON Alarms and Events 25-3

Configuring RMON Collection on an Interface 25-4

Displaying RMON Status 25-6

CHAPTER

26 Configuring System Message Logging 26-1

Understanding System Message Logging 26-1

Configuring System Message Logging 26-2

System Log Message Format 26-2

Default System Message Logging Configuration 26-3

Page is loading ...

Cisco Systems 2950, 2955 User manual

Related papers

Other documents