Configuration Guide
Page 1
Catalyst 2950 Desktop Switch Software Configuration Guide Cisco IOS Release 12.1(6)EA2b March, 2002 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7811380= Text Part Number: 78-11380-03
Catalyst 2950 Desktop Switch Software Configuration Guide Cisco IOS Release 12.1(6)EA2b March, 2002 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7811380= Text Part Number: 78-11380-03
Configuration Guide
Page 2
..., the Networkers logo, ScriptBuilder, ScriptShare, SMARTnet, TransPath, Voice LAN, Wavelength Router, and WebViewer are service marks of Cisco Systems, Inc.; and certain other company. (0110R) Catalyst 2950 Desktop Switch Software Configuration Guide Copyright © 2002, Cisco Systems, Inc. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED...
..., the Networkers logo, ScriptBuilder, ScriptShare, SMARTnet, TransPath, Voice LAN, Wavelength Router, and WebViewer are service marks of Cisco Systems, Inc.; and certain other company. (0110R) Catalyst 2950 Desktop Switch Software Configuration Guide Copyright © 2002, Cisco Systems, Inc. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED...
Configuration Guide
Page 3
... xxi Documentation Feedback xxi Obtaining Technical Assistance xxi Cisco.com xxii Technical Assistance Center xxii Cisco TAC Web Site xxii Cisco TAC Escalation Center xxiii Overview 1-1 Features 1-1 Management Options 1-6 Management Interface Options 1-6 Advantages of Using CMS and Clustering Switches 1-7 Network Configuration Examples 1-8 Design Concepts for Using the Switch 1-8 Small to Medium-Sized Network Configuration 1-10...
... xxi Documentation Feedback xxi Obtaining Technical Assistance xxi Cisco.com xxii Technical Assistance Center xxii Cisco TAC Web Site xxii Cisco TAC Escalation Center xxiii Overview 1-1 Features 1-1 Management Options 1-6 Management Interface Options 1-6 Advantages of Using CMS and Clustering Switches 1-7 Network Configuration Examples 1-8 Design Concepts for Using the Switch 1-8 Small to Medium-Sized Network Configuration 1-10...
Configuration Guide
Page 4
... Verifying Your Changes 2-32 Change Notification 2-32 Error Checking 2-32 Saving Your Changes 2-32 Using Different Versions of CMS 2-33 Where to Go Next 2-33 Catalyst 2950 Desktop Switch Software Configuration Guide iv 78-11380-03
... Verifying Your Changes 2-32 Change Notification 2-32 Error Checking 2-32 Saving Your Changes 2-32 Using Different Versions of CMS 2-33 Where to Go Next 2-33 Catalyst 2950 Desktop Switch Software Configuration Guide iv 78-11380-03
Configuration Guide
Page 5
...Next 3-10 General Switch Administration 4-1 Basic IP Connectivity to the Switch 4-1 Switch Software Releases 4-2 ...Console Port Access 4-2 Telnet Access to the CLI 4-2 HTTP Access to CMS 4-3 SNMP Network Management Platforms 4-4 SNMP Versions 4-4 Using FTP to Access the MIB Files 4-5 Using SNMP to Access MIB Variables 4-5 Default Settings 4-6 Clustering Switches 5-1 Understanding Switch Clusters 5-2 Command Switch Characteristics 5-2 Standby Command Switch Characteristics 5-3 Candidate and Member Switches Characteristics 5-3 Catalyst 2950 Desktop Switch...
...Next 3-10 General Switch Administration 4-1 Basic IP Connectivity to the Switch 4-1 Switch Software Releases 4-2 ...Console Port Access 4-2 Telnet Access to the CLI 4-2 HTTP Access to CMS 4-3 SNMP Network Management Platforms 4-4 SNMP Versions 4-4 Using FTP to Access the MIB Files 4-5 Using SNMP to Access MIB Variables 4-5 Default Settings 4-6 Clustering Switches 5-1 Understanding Switch Clusters 5-2 Command Switch Characteristics 5-2 Standby Command Switch Characteristics 5-3 Candidate and Member Switches Characteristics 5-3 Catalyst 2950 Desktop Switch...
Configuration Guide
Page 6
... in CMS 5-15 Management VLAN 5-15 LRE Profiles 5-16 Availability of Switch-Specific Features in Switch Clusters 5-16 Creating a Switch Cluster 5-16 Enabling a Command Switch 5-17 Adding Member Switches 5-18 Creating a Cluster Standby Group 5-20 Verifying a Switch Cluster 5-22 Using the CLI to Manage Switch Clusters 5-23 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-23 Using SNMP to Manage...
... in CMS 5-15 Management VLAN 5-15 LRE Profiles 5-16 Availability of Switch-Specific Features in Switch Clusters 5-16 Creating a Switch Cluster 5-16 Enabling a Command Switch 5-17 Adding Member Switches 5-18 Creating a Cluster Standby Group 5-20 Verifying a Switch Cluster 5-22 Using the CLI to Manage Switch Clusters 5-23 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-23 Using SNMP to Manage...
Configuration Guide
Page 7
...6-11 Configuring Daylight Saving Time 6-11 Configuring the Network Time Protocol 6-11 Configuring the Switch as an NTP Client 6-11 Enabling NTP Authentication 6-11 Configuring the Switch for NTP Broadcast-Client Mode 6-12 Configuring SNMP 6-12 Disabling and Enabling SNMP 6-12...6-21 Specifying TACACS+ Authorization for Privileged EXEC Access and Network Services 6-22 Starting TACACS+ Accounting 6-22 Configuring a Switch for Local AAA 6-23 Controlling Switch Access with RADIUS 6-24 Understanding RADIUS 6-24 RADIUS Operation 6-25 Configuring RADIUS 6-26 Default RADIUS Configuration 6-26 Identifying...
...6-11 Configuring Daylight Saving Time 6-11 Configuring the Network Time Protocol 6-11 Configuring the Switch as an NTP Client 6-11 Enabling NTP Authentication 6-11 Configuring the Switch for NTP Broadcast-Client Mode 6-12 Configuring SNMP 6-12 Disabling and Enabling SNMP 6-12...6-21 Specifying TACACS+ Authorization for Privileged EXEC Access and Network Services 6-22 Starting TACACS+ Accounting 6-22 Configuring a Switch for Local AAA 6-23 Controlling Switch Access with RADIUS 6-24 Understanding RADIUS 6-24 RADIUS Operation 6-25 Configuring RADIUS 6-26 Default RADIUS Configuration 6-26 Identifying...
Configuration Guide
Page 8
...RADIUS Servers 6-35 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 6-35 Configuring the Switch for Vendor-Proprietary RADIUS Server ...7-7 Enabling 802.1X Authentication 7-8 Configuring the Switch-to-RADIUS-Server Communication 7-9 Enabling Periodic Re-Authentication 7-10... 7-11 Changing the Switch-to-Client Retransmission Time 7-12 Setting the Switch-to-Client Frame-Retransmission...Configuring VLANs 8-1 Overview 8-1 Management VLANs 8-3 Changing the Management VLAN for a New Switch 8-3 Changing the Management VLAN Through a Telnet Connection 8-4 Assigning VLAN Port Membership Modes...
...RADIUS Servers 6-35 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 6-35 Configuring the Switch for Vendor-Proprietary RADIUS Server ...7-7 Enabling 802.1X Authentication 7-8 Configuring the Switch-to-RADIUS-Server Communication 7-9 Enabling Periodic Re-Authentication 7-10... 7-11 Changing the Switch-to-Client Retransmission Time 7-12 Setting the Switch-to-Client Frame-Retransmission...Configuring VLANs 8-1 Overview 8-1 Management VLANs 8-3 Changing the Management VLAN for a New Switch 8-3 Changing the Management VLAN Through a Telnet Connection 8-4 Assigning VLAN Port Membership Modes...
Configuration Guide
Page 9
... Using STP Port Priorities 8-25 Configuring STP Port Priorities and Load Sharing 8-25 Load Sharing Using STP Path Cost 8-27 How the VMPS Works 8-28 Catalyst 2950 Desktop Switch Software Configuration Guide ix
... Using STP Port Priorities 8-25 Configuring STP Port Priorities and Load Sharing 8-25 Load Sharing Using STP Path Cost 8-27 How the VMPS Works 8-28 Catalyst 2950 Desktop Switch Software Configuration Guide ix
Configuration Guide
Page 10
... Membership 8-34 Dynamic Port VLAN Membership Configuration Example 8-34 Configuring STP 9-1 Understanding Basic STP Features 9-1 Supported STP Instances 9-2 STP Overview 9-2 Election of the Root Switch 9-3 Bridge Protocol Data Units 9-3 STP Timers 9-4 Creating the STP Topology 9-4 STP Interface States 9-5 Blocking State 9-6 Listening State 9-7 Learning State 9-7 Forwarding State ...Guard 9-10 Understanding UplinkFast 9-11 Understanding Cross-Stack UplinkFast 9-12 How CSUF Works 9-13 Events that Cause Fast Convergence 9-14 Catalyst 2950 Desktop Switch Software Configuration Guide x 78-11380-03
... Membership 8-34 Dynamic Port VLAN Membership Configuration Example 8-34 Configuring STP 9-1 Understanding Basic STP Features 9-1 Supported STP Instances 9-2 STP Overview 9-2 Election of the Root Switch 9-3 Bridge Protocol Data Units 9-3 STP Timers 9-4 Creating the STP Topology 9-4 STP Interface States 9-5 Blocking State 9-6 Listening State 9-7 Learning State 9-7 Forwarding State ...Guard 9-10 Understanding UplinkFast 9-11 Understanding Cross-Stack UplinkFast 9-12 How CSUF Works 9-13 Events that Cause Fast Convergence 9-14 Catalyst 2950 Desktop Switch Software Configuration Guide x 78-11380-03
Configuration Guide
Page 11
... BPDU Guard 9-31 Configuring UplinkFast for Use with Redundant Links 9-32 Configuring Cross-Stack UplinkFast 9-33 Configuring BackboneFast 9-34 Configuring Root Guard 9-34 Configuring the Switch Ports 10-1 Changing the Port Speed and Duplex Mode 10-1 Connecting to Devices That Do Not Autonegotiate 10-2 Setting Speed and Duplex Parameters 10-2 Configuring... Protected Ports 10-5 Enabling Port Security 10-6 Defining the Maximum Secure Address Count 10-7 Enabling Port Security 10-7 Disabling Port Security 10-8 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xi
... BPDU Guard 9-31 Configuring UplinkFast for Use with Redundant Links 9-32 Configuring Cross-Stack UplinkFast 9-33 Configuring BackboneFast 9-34 Configuring Root Guard 9-34 Configuring the Switch Ports 10-1 Changing the Port Speed and Duplex Mode 10-1 Connecting to Devices That Do Not Autonegotiate 10-2 Setting Speed and Duplex Parameters 10-2 Configuring... Protected Ports 10-5 Enabling Port Security 10-6 Defining the Maximum Secure Address Count 10-7 Enabling Port Security 10-7 Disabling Port Security 10-8 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xi
Configuration Guide
Page 12
... 11-3 Setting the Snooping Method 11-4 Joining a Multicast Group 11-4 Statically Configuring a Host to Join a Group 11-5 CLI: Statically Configuring a Interface to Join a Group 11-6 Catalyst 2950 Desktop Switch Software Configuration Guide xii 78-11380-03
... 11-3 Setting the Snooping Method 11-4 Joining a Multicast Group 11-4 Statically Configuring a Host to Join a Group 11-5 CLI: Statically Configuring a Interface to Join a Group 11-6 Catalyst 2950 Desktop Switch Software Configuration Guide xii 78-11380-03
Configuration Guide
Page 13
... with ACLs 12-1 Understanding ACLs 12-1 ACLs 12-2 Handling Fragmented and Unfragmented Traffic 12-3 Understanding Access Control Parameters 12-4 Guidelines for Configuring ACLs on the Catalyst 2950 Switches 12-5 Configuring ACLs 12-6 Unsupported Features 12-6 Creating Standard and Extended IP ACLs 12-7 ACL Numbers 12-7 Creating a Numbered Standard ACL 12-8 Creating a ...13-3 Classification 13-4 Classification Based on QoS ACLs 13-5 Classification Based on Class Maps and Policy Maps 13-5 Policing and Marking 13-6 Mapping Tables 13-7 Catalyst 2950 Desktop Switch Software Configuration Guide xiii
... with ACLs 12-1 Understanding ACLs 12-1 ACLs 12-2 Handling Fragmented and Unfragmented Traffic 12-3 Understanding Access Control Parameters 12-4 Guidelines for Configuring ACLs on the Catalyst 2950 Switches 12-5 Configuring ACLs 12-6 Unsupported Features 12-6 Creating Standard and Extended IP ACLs 12-7 ACL Numbers 12-7 Creating a Numbered Standard ACL 12-8 Creating a ...13-3 Classification 13-4 Classification Based on QoS ACLs 13-5 Classification Based on Class Maps and Policy Maps 13-5 Policing and Marking 13-6 Mapping Tables 13-7 Catalyst 2950 Desktop Switch Software Configuration Guide xiii
Configuration Guide
Page 14
...-4 Recovery Procedures 14-5 Recovering from Lost Member Connectivity 14-5 Recovering from a Command Switch Failure 14-5 Replacing a Failed Command Switch with a Cluster Member 14-6 Replacing a Failed Command Switch with Another Switch 14-7 Recovering from a Failed Command Switch Without HSRP 14-8 Recovering from a Lost or Forgotten Password 14-9 Catalyst 2950 Desktop Switch Software Configuration Guide xiv 78-11380-03
...-4 Recovery Procedures 14-5 Recovering from Lost Member Connectivity 14-5 Recovering from a Command Switch Failure 14-5 Replacing a Failed Command Switch with a Cluster Member 14-6 Replacing a Failed Command Switch with Another Switch 14-7 Recovering from a Failed Command Switch Without HSRP 14-8 Recovering from a Lost or Forgotten Password 14-9 Catalyst 2950 Desktop Switch Software Configuration Guide xiv 78-11380-03
Configuration Guide
Page 15
... Reports B-3 Error Messages and Recovery Procedures B-3 Chassis Message B-3 CMP Messages B-3 Environment Messages B-4 GigaStack Messages B-4 Link Message B-5 RTD Messages B-5 Storm Control Messages B-6 Contents 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xv
... Reports B-3 Error Messages and Recovery Procedures B-3 Chassis Message B-3 CMP Messages B-3 Environment Messages B-4 GigaStack Messages B-4 Link Message B-5 RTD Messages B-5 Storm Control Messages B-6 Contents 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xv
Configuration Guide
Page 17
... this guide with the concepts and terminology of service (QoS) features. The enhanced software image supports these switches: • Catalyst 2950C-24 • Catalyst 2950G-12-EI • Catalyst 2950G-24-EI • Catalyst 2950G-24-EI-DC • Catalyst 2950G-48-EI • Catalyst 2950T-24 The standard software image supports these topics: • Requirements-This guide assumes that you have...
... this guide with the concepts and terminology of service (QoS) features. The enhanced software image supports these switches: • Catalyst 2950C-24 • Catalyst 2950G-12-EI • Catalyst 2950G-24-EI • Catalyst 2950G-24-EI-DC • Catalyst 2950G-48-EI • Catalyst 2950T-24 The standard software image supports these topics: • Requirements-This guide assumes that you have...
Configuration Guide
Page 18
...-line interface (CLI), and describes CLI messages that have been specifically created or changed for the Catalyst 2950 switches, refer to the Catalyst 2950 Desktop Switch Command Reference. On the Cisco Product Documentation home page, select Release 12.1 from the Cisco.com home page at Service and Support > Technical Documents. For information on configuring your web...
...-line interface (CLI), and describes CLI messages that have been specifically created or changed for the Catalyst 2950 switches, refer to the Catalyst 2950 Desktop Switch Command Reference. On the Cisco Product Documentation home page, select Release 12.1 from the Cisco.com home page at Service and Support > Technical Documents. For information on configuring your web...
Configuration Guide
Page 19
...are in boldface text. • Arguments for configuring quality of traffic. With this manual. 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xix Chapter 13, "Configuring QoS," provides the considerations and CLI procedures for which you enter ... a required choice within an optional element. Preface Conventions Chapter 9, "Configuring STP," provides the considerations and CLI procedures for the switch. Chapter 14, "Troubleshooting," describes how to identify and resolve software problems related to interfaces and provides examples. It also describes...
...are in boldface text. • Arguments for configuring quality of traffic. With this manual. 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xix Chapter 13, "Configuring QoS," provides the considerations and CLI procedures for which you enter ... a required choice within an optional element. Preface Conventions Chapter 9, "Configuring STP," provides the considerations and CLI procedures for the switch. Chapter 14, "Troubleshooting," describes how to identify and resolve software problems related to interfaces and provides examples. It also describes...
Configuration Guide
Page 20
... not be troubleshooting or even an action, but is available on Cisco.com) Note Switch requirements and procedures for the latest information. • Catalyst 2950 Desktop Switch Software Configuration Guide, (order number DOC-7811380=) • Catalyst 2950 Desktop Switch Command Reference, (order number DOC-7811381=) • Catalyst 2950 Desktop Switch Hardware Installation Guide (order number DOC-7811157=) •...
... not be troubleshooting or even an action, but is available on Cisco.com) Note Switch requirements and procedures for the latest information. • Catalyst 2950 Desktop Switch Software Configuration Guide, (order number DOC-7811380=) • Catalyst 2950 Desktop Switch Command Reference, (order number DOC-7811381=) • Catalyst 2950 Desktop Switch Hardware Installation Guide (order number DOC-7811157=) •...
Configuration Guide
Page 21
...on. After you display the survey, select the manual that you display the document listing for all technical assistance. Ordering Documentation Cisco documentation is shipped with your product. To submit your comments by mail, use the response card behind the front cover of...or write to the technical support resources on the Cisco TAC Web Site. 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xxi Preface Obtaining Technical Assistance Documentation CD-ROM Cisco documentation and additional literature are reading Cisco product documentation on the World Wide Web, you ...
...on. After you display the survey, select the manual that you display the document listing for all technical assistance. Ordering Documentation Cisco documentation is shipped with your product. To submit your comments by mail, use the response card behind the front cover of...or write to the technical support resources on the Cisco TAC Web Site. 78-11380-03 Catalyst 2950 Desktop Switch Software Configuration Guide xxi Preface Obtaining Technical Assistance Documentation CD-ROM Cisco documentation and additional literature are reading Cisco product documentation on the World Wide Web, you ...