Software Configuration Guide
Page 11
...11-1 Access Ports 11-2 Trunk Ports 11-2 Port-Based VLANs 11-3 EtherChannel Port Groups 11-3 Connecting Interfaces 11-4 Using the Interface Command 11-4 Procedures for Configuring Interfaces 11-5 Configuring a Range of Interfaces 11-5 Configuring and Using Interface-Range Macros 11-7 Configuring Ethernet Interfaces 11-8 Default Ethernet Interface Configuration 11-9 Configuring Interface Speed and Duplex Mode 11-10 Configuration Guidelines 11-10 Setting the Interface Speed and Duplex Parameters on a Non-LRE Switch Port 11-12 Setting the Interface Speed and Duplex Parameters on an LRE Switch Port...
...11-1 Access Ports 11-2 Trunk Ports 11-2 Port-Based VLANs 11-3 EtherChannel Port Groups 11-3 Connecting Interfaces 11-4 Using the Interface Command 11-4 Procedures for Configuring Interfaces 11-5 Configuring a Range of Interfaces 11-5 Configuring and Using Interface-Range Macros 11-7 Configuring Ethernet Interfaces 11-8 Default Ethernet Interface Configuration 11-9 Configuring Interface Speed and Duplex Mode 11-10 Configuration Guidelines 11-10 Setting the Interface Speed and Duplex Parameters on a Non-LRE Switch Port 11-12 Setting the Interface Speed and Duplex Parameters on an LRE Switch Port...
Software Configuration Guide
Page 29
...-range VLANs, Remote Switched Port Analyzer (RSPAN), and unicast MAC address filtering. The Catalyst 2955 switch also supports an additional set of features, including access control lists (ACLs), enhanced quality of features that support the SI and the EI, see Table 1-1 in the release notes. • Start-up information-This guide assumes that have been specifically created or changed for the switches, refer to the command reference for this guide does not provide the command-line interface (CLI) procedures...
...-range VLANs, Remote Switched Port Analyzer (RSPAN), and unicast MAC address filtering. The Catalyst 2955 switch also supports an additional set of features, including access control lists (ACLs), enhanced quality of features that support the SI and the EI, see Table 1-1 in the release notes. • Start-up information-This guide assumes that have been specifically created or changed for the switches, refer to the command reference for this guide does not provide the command-line interface (CLI) procedures...
Software Configuration Guide
Page 37
... 1500 bytes. The redundant command switches used for command-switch redundancy. Note See the "Advantages of duplex mode on the 10/100 ports for automatically configuring the switch during DHCP-based autoconfiguration Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-3 Performance • Autosensing of speed on the 10/100 and 10/100/1000 ports and autonegotiation of Using CMS and Clustering Switches" section on Gigabit Ethernet ports operating in a multicast VLAN while isolating the streams from...
... 1500 bytes. The redundant command switches used for command-switch redundancy. Note See the "Advantages of duplex mode on the 10/100 ports for automatically configuring the switch during DHCP-based autoconfiguration Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-3 Performance • Autosensing of speed on the 10/100 and 10/100/1000 ports and autonegotiation of Using CMS and Clustering Switches" section on Gigabit Ethernet ports operating in a multicast VLAN while isolating the streams from...
Software Configuration Guide
Page 52
...) are connected. Data to a PSTN. The Catalyst 2950 LRE switch ports support the same software features as a switch cluster and through the CMS. You can manage the switches as 10/100/1000 switch ports. Network Configuration Examples Chapter 1 Overview Service-Provider Central-Office Configuration Figure 1-5 shows the Catalyst 2950ST-24 LRE 997 switches in different buildings. The Catalyst 2950ST-24 LRE 997 switches have DC-input power supply and are connected to the telephone line in...
...) are connected. Data to a PSTN. The Catalyst 2950 LRE switch ports support the same software features as a switch cluster and through the CMS. You can manage the switches as 10/100/1000 switch ports. Network Configuration Examples Chapter 1 Overview Service-Provider Central-Office Configuration Figure 1-5 shows the Catalyst 2950ST-24 LRE 997 switches in different buildings. The Catalyst 2950ST-24 LRE 997 switches have DC-input power supply and are connected to the telephone line in...
Software Configuration Guide
Page 58
...Use this mode. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-2 78-11380-10 Switch(config)# While in user EXEC Switch# mode, enter the enable command. Switch(vlan)# Exit Method About This Mode Enter logout or quit. To exit to exit. While in global configuration mode, enter the vlan vlan-id command. Enter disable to privileged EXEC mode, enter exit. Table 2-1 Command Mode Summary Mode User EXEC Privileged EXEC Global configuration Config-vlan VLAN configuration Access Method Prompt Begin a session with Switch> your switch. Use a password...
...Use this mode. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-2 78-11380-10 Switch(config)# While in user EXEC Switch# mode, enter the enable command. Switch(vlan)# Exit Method About This Mode Enter logout or quit. To exit to exit. While in global configuration mode, enter the vlan vlan-id command. Enter disable to privileged EXEC mode, enter exit. Table 2-1 Command Mode Summary Mode User EXEC Privileged EXEC Global configuration Config-vlan VLAN configuration Access Method Prompt Begin a session with Switch> your switch. Use a password...
Software Configuration Guide
Page 96
...; Parity settings default is loaded. Before you can assign IP information through the switch Express Setup program, through the command-line-interface (CLI)-based setup program, through a DHCP server, or manually by using Express Setup, do not support Express Setup. Non-LRE Catalyst 2950 switches running a release prior to Cisco IOS Release 12.1(14)EA1 and Catalyst 2950 LRE switches running a release prior to provide security during remote management) and enabling Simple Network Management Protocol (SNMP). After the boot loader...
...; Parity settings default is loaded. Before you can assign IP information through the switch Express Setup program, through the command-line-interface (CLI)-based setup program, through a DHCP server, or manually by using Express Setup, do not support Express Setup. Non-LRE Catalyst 2950 switches running a release prior to Cisco IOS Release 12.1(14)EA1 and Catalyst 2950 LRE switches running a release prior to provide security during remote management) and enabling Simple Network Management Protocol (SNMP). After the boot loader...
Software Configuration Guide
Page 188
... To disable username authentication for line configuration mode. • For level, the range is from 0 to 15. Set the privilege level for a command. • For mode, enter configure for global configuration mode, exec for EXEC mode, interface for interface configuration mode, or line for a specific user, use the no login line configuration command. Level 1 is for normal user EXEC mode privileges. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-8 78-11380-10 Level 1 is from 1 to restrict access. Specify the enable password for a command mode: Step...
... To disable username authentication for line configuration mode. • For level, the range is from 0 to 15. Set the privilege level for a command. • For mode, enter configure for global configuration mode, exec for EXEC mode, interface for interface configuration mode, or line for a specific user, use the no login line configuration command. Level 1 is for normal user EXEC mode privileges. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-8 78-11380-10 Level 1 is from 1 to restrict access. Specify the enable password for a command mode: Step...
Software Configuration Guide
Page 193
... authenticate users accessing the switch through the CLI, the TACACS+ server authenticates HTTP connections that have been configured with a privilege level of preferred hosts. To prevent a lapse in which you cannot configure TACACS+ through a network management application.When enabled, TACACS+ can group servers to 65535. • (Optional) For timeout integer, specify a time in privileged EXEC mode, follow these steps to create a list of 15. The software searches...
... authenticate users accessing the switch through the CLI, the TACACS+ server authenticates HTTP connections that have been configured with a privilege level of preferred hosts. To prevent a lapse in which you cannot configure TACACS+ through a network management application.When enabled, TACACS+ can group servers to 65535. • (Optional) For timeout integer, specify a time in privileged EXEC mode, follow these steps to create a list of 15. The software searches...
Software Configuration Guide
Page 195
... Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-15 Apply the authentication list to a line or set of these steps to apply the authentication list. Before you can use this authentication method, you can use the default keyword followed by using the username name password global configuration command. • none-Do not use the default list created with the aaa authentication login command. • For list-name, specify the list created with TACACS+ Beginning in privileged EXEC mode...
... Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-15 Apply the authentication list to a line or set of these steps to apply the authentication list. Before you can use this authentication method, you can use the default keyword followed by using the username name password global configuration command. • none-Do not use the default list created with the aaa authentication login command. • For list-name, specify the list created with TACACS+ Beginning in privileged EXEC mode...
Software Configuration Guide
Page 204
..., specify the list created with RADIUS Chapter 9 Configuring Switch-Based Authentication Beginning in privileged EXEC mode, follow these steps to a line or set of these methods: - Apply the authentication list to configure login authentication. Use the password password line configuration command. - local-case-Use a case-sensitive local username database for login. Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command configure terminal aaa new-model aaa authentication login {default | list-name} method1 [method2...] line [console | tty | vty] line-number [ending-line-number] login...
..., specify the list created with RADIUS Chapter 9 Configuring Switch-Based Authentication Beginning in privileged EXEC mode, follow these steps to a line or set of these methods: - Apply the authentication list to configure login authentication. Use the password password line configuration command. - local-case-Use a case-sensitive local username database for login. Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command configure terminal aaa new-model aaa authentication login {default | list-name} method1 [method2...] line [console | tty | vty] line-number [ending-line-number] login...
Software Configuration Guide
Page 233
... the default. Set the number of the client might occur because the client provided an invalid password. Return to change the default value of this response, it waits a set period of time (known as unreliable links or specific behavioral problems with certain clients and authentication servers. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 10-15 This example shows how to manually re-authenticate the client connected to a port: Switch...
... the default. Set the number of the client might occur because the client provided an invalid password. Return to change the default value of this response, it waits a set period of time (known as unreliable links or specific behavioral problems with certain clients and authentication servers. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 10-15 This example shows how to manually re-authenticate the client connected to a port: Switch...
Software Configuration Guide
Page 359
... the update packet rate to the default setting, use the no spanning-tree uplinkfast max-update-rate global configuration command. For more information, see the "Connecting the Stack Ports" section on access switches. spanning-tree uplinkfast [max-update-rate pkts-per-second] Enable UplinkFast on a Fast Ethernet or a Gigabit-capable Ethernet port, you change the path cost to a value less than 3000 and you enable UplinkFast or UplinkFast is already enabled, the path cost of all interfaces and VLAN trunks is disabled, the switch priorities...
... the update packet rate to the default setting, use the no spanning-tree uplinkfast max-update-rate global configuration command. For more information, see the "Connecting the Stack Ports" section on access switches. spanning-tree uplinkfast [max-update-rate pkts-per-second] Enable UplinkFast on a Fast Ethernet or a Gigabit-capable Ethernet port, you change the path cost to a value less than 3000 and you enable UplinkFast or UplinkFast is already enabled, the path cost of all interfaces and VLAN trunks is disabled, the switch priorities...
Software Configuration Guide
Page 381
... storms, you can disable VLAN 1 on an individual VLAN trunk link. As a result, no switchport trunk interface configuration command. When you can become a member of the new VLAN. The same is true for any individual VLAN trunk port by removing VLAN 1 from the allowed list. Enter interface configuration mode and the port to configure a port as a VLAN trunk port. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 17-19 The example assumes that has been disabled on a Trunk By default, a trunk port sends traffic to the access VLAN...
... storms, you can disable VLAN 1 on an individual VLAN trunk link. As a result, no switchport trunk interface configuration command. When you can become a member of the new VLAN. The same is true for any individual VLAN trunk port by removing VLAN 1 from the allowed list. Enter interface configuration mode and the port to configure a port as a VLAN trunk port. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 17-19 The example assumes that has been disabled on a Trunk By default, a trunk port sends traffic to the access VLAN...
Software Configuration Guide
Page 395
...-4 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 18-1 Extended-range VLANs (VLAN IDs greater than 1005) are only supported when the enhanced software image (EI) is saved in this release. Without VTP, you cannot send information about VLANs to the command reference for the commands used in the VTP VLAN database. Extended-range VLANs are not supported by managing the addition, deletion, and renaming of VLANs on your...
...-4 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 18-1 Extended-range VLANs (VLAN IDs greater than 1005) are only supported when the enhanced software image (EI) is saved in this release. Without VTP, you cannot send information about VLANs to the command reference for the commands used in the VTP VLAN database. Extended-range VLANs are not supported by managing the addition, deletion, and renaming of VLANs on your...
Software Configuration Guide
Page 425
... • Configuring MVR, page 21-17 • Displaying MVR Information, page 21-21 • Configuring IGMP Filtering and Throttling, page 21-21 • Displaying IGMP Filtering and Throttling Configuration, page 21-27 Note For MAC addresses that map to the switch command reference for this release and the Cisco IOS Release Network Protocols Command Reference, Part 1, for a particular multicast group, 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 21-1
... • Configuring MVR, page 21-17 • Displaying MVR Information, page 21-21 • Configuring IGMP Filtering and Throttling, page 21-21 • Displaying IGMP Filtering and Throttling Configuration, page 21-27 Note For MAC addresses that map to the switch command reference for this release and the Cisco IOS Release Network Protocols Command Reference, Part 1, for a particular multicast group, 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 21-1
Software Configuration Guide
Page 429
... multicast traffic for the group are connected to multicast devices. The switch then updates the forwarding table for that MAC group so that sends a leave message without the switch sending MAC-based general queries to the multicast router ports. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 21-5 Note You should only use . IGMP Report Suppression Note IGMP report suppression is enabled (the default), the switch sends the first IGMP report from the IP multicast data...
... multicast traffic for the group are connected to multicast devices. The switch then updates the forwarding table for that MAC group so that sends a leave message without the switch sending MAC-based general queries to the multicast router ports. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 21-5 Note You should only use . IGMP Report Suppression Note IGMP report suppression is enabled (the default), the switch sends the first IGMP report from the IP multicast data...
Software Configuration Guide
Page 457
...the port channel group. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 22-5 To prevent unknown unicast or multicast traffic from being forwarded from one port to another, you must explicitly configure it is only supported on these steps to define a port as a protected port: Switch# configure terminal Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport protected Switch(config-if)# end Configuring Port Blocking By default, the switch floods packets with unknown destination MAC addresses to block unknown unicast or multicast packets...
...the port channel group. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 22-5 To prevent unknown unicast or multicast traffic from being forwarded from one port to another, you must explicitly configure it is only supported on these steps to define a port as a protected port: Switch# configure terminal Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport protected Switch(config-if)# end Configuring Port Blocking By default, the switch floods packets with unknown destination MAC addresses to block unknown unicast or multicast packets...
Software Configuration Guide
Page 536
... host from accessing the same network. 29-2 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 If there are examined. The switch supports these types of the network. The switch examines access lists associated with features configured on how the packet matches the entries in the inbound direction: • IP ACLs filter IP, TCP, and UDP traffic. • Ethernet or MAC ACLs filter Layer 2 traffic. • MAC extended access lists use source and destination MAC addresses and optional...
... host from accessing the same network. 29-2 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 If there are examined. The switch supports these types of the network. The switch examines access lists associated with features configured on how the packet matches the entries in the inbound direction: • IP ACLs filter IP, TCP, and UDP traffic. • Ethernet or MAC ACLs filter Layer 2 traffic. • MAC extended access lists use source and destination MAC addresses and optional...
Software Configuration Guide
Page 620
... or lost password by interrupting the boot process during the recovery process. Set the line speed on page 32-5, and follow the steps. 32-4 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 The following commands will initialize the flash file system go to the "Password Recovery with terminal-emulation software to the switch can release the Mode button a second or two after the LED above port 1X turns off. Using Recovery Procedures Step 15 Change the password: switch(config)# enable...
... or lost password by interrupting the boot process during the recovery process. Set the line speed on page 32-5, and follow the steps. 32-4 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 The following commands will initialize the flash file system go to the "Password Recovery with terminal-emulation software to the switch can release the Mode button a second or two after the LED above port 1X turns off. Using Recovery Procedures Step 15 Change the password: switch(config)# enable...
Software Configuration Guide
Page 695
...-through mode 30-25 passwords default configuration 9-2 disabling recovery of 9-5 encrypting 9-4 in clusters 7-15, 7-19 overview 9-1 recovery of 32-2 setting enable 9-3 enable secret 9-4 Telnet 9-6 with usernames 9-7 VTP domain 18-8 patch panel 1-16 path cost MSTP 15-18 STP 14-19 PBX 1-15 78-11380-10 PC (passive command switch) 7-11, 7-21 performing an LRE upgrade 13-24 persistence, LRE link 13-19 per-VLAN spanning-tree plus See PVST+ physical ports...
...-through mode 30-25 passwords default configuration 9-2 disabling recovery of 9-5 encrypting 9-4 in clusters 7-15, 7-19 overview 9-1 recovery of 32-2 setting enable 9-3 enable secret 9-4 Telnet 9-6 with usernames 9-7 VTP domain 18-8 patch panel 1-16 path cost MSTP 15-18 STP 14-19 PBX 1-15 78-11380-10 PC (passive command switch) 7-11, 7-21 performing an LRE upgrade 13-24 persistence, LRE link 13-19 per-VLAN spanning-tree plus See PVST+ physical ports...