Software Configuration Guide
Page 10
... Ports 10-2 Access Ports 10-2 Trunk Ports 10-3 Routed Ports 10-3 Switch Virtual Interfaces 10-4 EtherChannel Port Groups 10-5 Connecting Interfaces 10-5 Using Interface Configuration Mode 10-6 Procedures for Configuring Interfaces 10-7 Configuring a Range of Interfaces 10-8 Configuring and Using Interface Range Macros 10-9 Configuring Ethernet Interfaces 10-11 Default Ethernet Interface Configuration 10-11 Configuring Interface Speed and Duplex Mode 10-12 Configuration Guidelines 10-13 Setting the Interface Speed and Duplex Parameters 10-13 Catalyst 3560 Switch Software Configuration Guide...
... Ports 10-2 Access Ports 10-2 Trunk Ports 10-3 Routed Ports 10-3 Switch Virtual Interfaces 10-4 EtherChannel Port Groups 10-5 Connecting Interfaces 10-5 Using Interface Configuration Mode 10-6 Procedures for Configuring Interfaces 10-7 Configuring a Range of Interfaces 10-8 Configuring and Using Interface Range Macros 10-9 Configuring Ethernet Interfaces 10-11 Default Ethernet Interface Configuration 10-11 Configuring Interface Speed and Duplex Mode 10-12 Configuration Guidelines 10-13 Setting the Interface Speed and Duplex Parameters 10-13 Catalyst 3560 Switch Software Configuration Guide...
Software Configuration Guide
Page 33
... Layer 2+ features including access control lists (ACLs), quality of the CMS windows nor does it from the Cisco.com home page at Service and Support > Technical Documents. It does not provide detailed information about these commands. This guide provides procedures for using this release and to the Catalyst 3560 Switch Hardware Installation Guide. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide xxxiii For detailed information about these commands, refer to the Catalyst 3560 Switch Command Reference for this release. On the Cisco Product Documentation...
... Layer 2+ features including access control lists (ACLs), quality of the CMS windows nor does it from the Cisco.com home page at Service and Support > Technical Documents. It does not provide detailed information about these commands. This guide provides procedures for using this release and to the Catalyst 3560 Switch Hardware Installation Guide. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide xxxiii For detailed information about these commands, refer to the Catalyst 3560 Switch Command Reference for this release. On the Cisco Product Documentation...
Software Configuration Guide
Page 40
...; Layer 3 Features, page 1-8 (includes features requiring the EMI) • Power over Ethernet (PoE) Features, page 1-8 • Monitoring Features, page 1-9 Ease-of-Use and Ease-of-Deployment Features • Express Setup for quickly configuring a switch for the first time with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a supported web browser from anywhere in configuring complex features such as VLANs, ACLs, and quality of service (QoS). - Applying...
...; Layer 3 Features, page 1-8 (includes features requiring the EMI) • Power over Ethernet (PoE) Features, page 1-8 • Monitoring Features, page 1-9 Ease-of-Use and Ease-of-Deployment Features • Express Setup for quickly configuring a switch for the first time with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a supported web browser from anywhere in configuring complex features such as VLANs, ACLs, and quality of service (QoS). - Applying...
Software Configuration Guide
Page 41
... IGMP forwarding table • Switch Database Management (SDM) templates for user-selected features 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-3 Automatic discovery of candidate switches and creation of clusters of up to 8 Gbps (Gigabit EtherChannel) or 800 Mbps (Fast EtherChannel) full duplex of bandwidth between switches, routers, and servers • Port Aggregation Protocol (PAgP) and Link Aggregation Control Protocol (LACP) for automatic creation of EtherChannel links • Forwarding of Layer 2 and Layer 3 packets at Gigabit line rate • Per-port storm...
... IGMP forwarding table • Switch Database Management (SDM) templates for user-selected features 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-3 Automatic discovery of candidate switches and creation of clusters of up to 8 Gbps (Gigabit EtherChannel) or 800 Mbps (Fast EtherChannel) full duplex of bandwidth between switches, routers, and servers • Port Aggregation Protocol (PAgP) and Link Aggregation Control Protocol (LACP) for automatic creation of EtherChannel links • Forwarding of Layer 2 and Layer 3 packets at Gigabit line rate • Per-port storm...
Software Configuration Guide
Page 44
... network resources • Dynamic Trunking Protocol (DTP) for negotiating trunking on the trunk. Note The Kerberos feature listed in this feature enabled, no user traffic is , supports encryption) versions of the SMI and EMI. • Password-protected access (read-only and read-write access) to management interfaces (CMS and CLI) for protection against unauthorized configuration changes • Multilevel security for a choice of security level, notification, and resulting actions • Static MAC addressing...
... network resources • Dynamic Trunking Protocol (DTP) for negotiating trunking on the trunk. Note The Kerberos feature listed in this feature enabled, no user traffic is , supports encryption) versions of the SMI and EMI. • Password-protected access (read-only and read-write access) to management interfaces (CMS and CLI) for protection against unauthorized configuration changes • Multilevel security for a choice of security level, notification, and resulting actions • Static MAC addressing...
Software Configuration Guide
Page 51
... powered devices (such as existing telephone lines. Refer to the documentation sets specific to these switches for security management. The switches are using existing infrastructure to transport data and voice from accessing critical pieces of IP connectivity over data traffic. In addition to inter-VLAN routing, the multilayer switches provide QoS mechanisms such as an IP phone, can be connected to AC power sources to receive power. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-13 The powered...
... powered devices (such as existing telephone lines. Refer to the documentation sets specific to these switches for security management. The switches are using existing infrastructure to transport data and voice from accessing critical pieces of IP connectivity over data traffic. In addition to inter-VLAN routing, the multilayer switches provide QoS mechanisms such as an IP phone, can be connected to AC power sources to receive power. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-13 The powered...
Software Configuration Guide
Page 90
... ip default-gateway ip-address Step 6 Step 7 Step 8 end show running -config startup-config Purpose Enter the IP address of the next-hop router interface that is configured, the switch has connectivity to the remote networks with which a host needs to have a default gateway set. Return to the switch where a default gateway is configured to route with unresolved destination IP addresses from the switch. To remove the default gateway address, use the no ip default-gateway global configuration command. interface VLAN1 4-10 Catalyst 3560 Switch Software Configuration Guide 78...
... ip default-gateway ip-address Step 6 Step 7 Step 8 end show running -config startup-config Purpose Enter the IP address of the next-hop router interface that is configured, the switch has connectivity to the remote networks with which a host needs to have a default gateway set. Return to the switch where a default gateway is configured to route with unresolved destination IP addresses from the switch. To remove the default gateway address, use the no ip default-gateway global configuration command. interface VLAN1 4-10 Catalyst 3560 Switch Software Configuration Guide 78...
Software Configuration Guide
Page 100
... switches. This section includes management VLAN considerations for the list of Cluster Candidates and Members" section on IP addresses, especially if you can be designated as a Layer 3 router between the Layer 2 switches in a switch-cluster environment, refer to configure, manage, and monitor the cluster member switches. One or more switches can only be the cluster command switch and up to 16 connected, cluster-capable Catalyst switches that specific switch. • Command-switch redundancy if a cluster command switch fails. Refer...
... switches. This section includes management VLAN considerations for the list of Cluster Candidates and Members" section on IP addresses, especially if you can be designated as a Layer 3 router between the Layer 2 switches in a switch-cluster environment, refer to configure, manage, and monitor the cluster member switches. One or more switches can only be the cluster command switch and up to 16 connected, cluster-capable Catalyst switches that specific switch. • Command-switch redundancy if a cluster command switch fails. Refer...
Software Configuration Guide
Page 105
... switches must be the cluster command switch. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 5-7 It does not discover the switch in the first column because the cluster command switch has no VLAN connectivity to the cluster command switch through their management VLAN. As cluster member switches, they must be connected through their management VLAN. Note If the switch cluster has a Catalyst 3750 switch or switch stack, that switch or switch stack must be connected through management VLANs, the "Discovery Through Different Management VLANs...
... switches must be the cluster command switch. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 5-7 It does not discover the switch in the first column because the cluster command switch has no VLAN connectivity to the cluster command switch through their management VLAN. As cluster member switches, they must be connected through their management VLAN. Note If the switch cluster has a Catalyst 3750 switch or switch stack, that switch or switch stack must be connected through management VLANs, the "Discovery Through Different Management VLANs...
Software Configuration Guide
Page 204
... -user access control lists (ACLs) to an interface that are not 802.1X-capable are filtered by default. When the RADIUS server authenticates a user connected to an 802.1X port, it is configured. RADIUS supports per -user ACLs are supported on the user identity and sends them to the network. The attribute contains the ACL number followed by using the extended naming convention. The guest VLAN feature is already configured on the same Catalyst 3560 switch. MAC ACLs are created by...
... -user access control lists (ACLs) to an interface that are not 802.1X-capable are filtered by default. When the RADIUS server authenticates a user connected to an 802.1X port, it is configured. RADIUS supports per -user ACLs are supported on the user identity and sends them to the network. The attribute contains the ACL number followed by using the extended naming convention. The guest VLAN feature is already configured on the same Catalyst 3560 switch. MAC ACLs are created by...
Software Configuration Guide
Page 261
... mode. You can set to -Point Protocol. The interface becomes a trunk interface if the neighboring interface is dynamic auto. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 12-17 The default switchport mode for all Ethernet interfaces is set an interface as trunking or nontrunking or to not generate DTP frames. For more information about EtherChannel, see Table 12-4). Trunk negotiation is autonegotiated. Ethernet trunk interfaces support different trunking modes (see Chapter 29, "Configuring EtherChannels." The interface becomes a nontrunk interface...
... mode. You can set to -Point Protocol. The interface becomes a trunk interface if the neighboring interface is dynamic auto. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 12-17 The default switchport mode for all Ethernet interfaces is set an interface as trunking or nontrunking or to not generate DTP frames. For more information about EtherChannel, see Table 12-4). Trunk negotiation is autonegotiated. Ethernet trunk interfaces support different trunking modes (see Chapter 29, "Configuring EtherChannels." The interface becomes a nontrunk interface...
Software Configuration Guide
Page 265
... trunk port with CNTL/Z. However, you remove VLAN 1 from all Cisco switches, and it is configured to remove specific VLANs from the allowed list. To return an interface to its default configuration, use the switchport trunk allowed vlan remove vlan-list interface configuration command to support 802.1Q trunking. The example assumes that no switchport trunk interface configuration command. Switch# configure terminal Enter configuration commands, one per line. Note VLAN 1 is enabled, if VTP knows of the display. When you can use the no user traffic (including spanning tree...
... trunk port with CNTL/Z. However, you remove VLAN 1 from all Cisco switches, and it is configured to remove specific VLANs from the allowed list. To return an interface to its default configuration, use the switchport trunk allowed vlan remove vlan-list interface configuration command to support 802.1Q trunking. The example assumes that no switchport trunk interface configuration command. Switch# configure terminal Enter configuration commands, one per line. Note VLAN 1 is enabled, if VTP knows of the display. When you can use the no user traffic (including spanning tree...
Software Configuration Guide
Page 312
..., see Chapter 16, "Configuring MSTP." However, you can map multiple VLANs to the same spanning-tree instances by setting up allowed lists on enough switches to enable spanning tree on a per -VLAN basis) Spanning-tree VLAN port cost (configurable on the desired VLAN. For more labor-intensive to the network. 15-12 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 If 128 instances of spanning tree are already in use the spanning-tree vlan vlan-id global configuration command to break all the...
..., see Chapter 16, "Configuring MSTP." However, you can map multiple VLANs to the same spanning-tree instances by setting up allowed lists on enough switches to enable spanning tree on a per -VLAN basis) Spanning-tree VLAN port cost (configurable on the desired VLAN. For more labor-intensive to the network. 15-12 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 If 128 instances of spanning tree are already in use the spanning-tree vlan vlan-id global configuration command to break all the...
Software Configuration Guide
Page 376
... Vector Multicast Routing Protocol (DVMRP) packets • Listening to Cisco Group Management Protocol (CGMP) packets from other routers • Statically connecting to a multicast router port with the ip igmp snooping mrouter global configuration command You can configure the switch either to snoop on a VLAN interface, use the ip igmp snooping vlan vlan-id mrouter learn cgmp global configuration command. By default, the switch snoops on PIM/DVMRP packets on IGMP queries and PIM-DVMRP packets. Beginning in the configuration file. 19-8 Catalyst 3560 Switch Software Configuration Guide...
... Vector Multicast Routing Protocol (DVMRP) packets • Listening to Cisco Group Management Protocol (CGMP) packets from other routers • Statically connecting to a multicast router port with the ip igmp snooping mrouter global configuration command You can configure the switch either to snoop on a VLAN interface, use the ip igmp snooping vlan vlan-id mrouter learn cgmp global configuration command. By default, the switch snoops on PIM/DVMRP packets on IGMP queries and PIM-DVMRP packets. Beginning in the configuration file. 19-8 Catalyst 3560 Switch Software Configuration Guide...
Software Configuration Guide
Page 386
....4 Switch(config)# mvr querytime 10 Switch(config)# mvr vlan 22 Switch(config)# mvr mode dynamic Switch(config)# end You can also dynamically join multicast groups by using IGMP join and leave messages. 19-18 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 If you attempt to receiver ports and source ports. In dynamic mode, it becomes a member of the group until statically removed. Configuring MVR Interfaces Beginning in privileged EXEC mode, follow these : • source-Configure uplink ports that...
....4 Switch(config)# mvr querytime 10 Switch(config)# mvr vlan 22 Switch(config)# mvr mode dynamic Switch(config)# end You can also dynamically join multicast groups by using IGMP join and leave messages. 19-18 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 If you attempt to receiver ports and source ports. In dynamic mode, it becomes a member of the group until statically removed. Configuring MVR Interfaces Beginning in privileged EXEC mode, follow these : • source-Configure uplink ports that...
Software Configuration Guide
Page 428
... access control lists (ACLs), ingress QoS policing, VLAN ACLs and egress QoS policing. 23-4 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 There can also be configured as SPAN sources and destinations. • SPAN sessions do not interfere with the normal operation of network traffic. • You can run on disabled ports; however, a SPAN session does not become active unless you enable the destination port and at least one source port or VLAN for that SPAN...
... access control lists (ACLs), ingress QoS policing, VLAN ACLs and egress QoS policing. 23-4 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 There can also be configured as SPAN sources and destinations. • SPAN sessions do not interfere with the normal operation of network traffic. • You can run on disabled ports; however, a SPAN session does not become active unless you enable the destination port and at least one source port or VLAN for that SPAN...
Software Configuration Guide
Page 440
... "SPAN Configuration Guidelines" section on page 23-10 apply to RSPAN. • As RSPAN VLANs have active RSPAN VLANs. RSPAN VLANs can apply an output access control list (ACL) to RSPAN traffic to selectively filter or monitor specific packets. Specify these ACLs on your network. • RSPAN does not support BPDU packet monitoring or other Layer 2 switch protocols. • The RSPAN VLAN is used for only VLANs 1 through 5 and VLAN 9 to monitor traffic received on Gigabit Ethernet trunk port 2, and...
... "SPAN Configuration Guidelines" section on page 23-10 apply to RSPAN. • As RSPAN VLANs have active RSPAN VLANs. RSPAN VLANs can apply an output access control list (ACL) to RSPAN traffic to selectively filter or monitor specific packets. Specify these ACLs on your network. • RSPAN does not support BPDU packet monitoring or other Layer 2 switch protocols. • The RSPAN VLAN is used for only VLANs 1 through 5 and VLAN 9 to monitor traffic received on Gigabit Ethernet trunk port 2, and...
Software Configuration Guide
Page 445
... traffic forwarding on the destination port as the default ingress VLAN. Note In an RSPAN destination session, you must be a physical interface. For interface-id, specify the destination interface. enter a space before and after the hyphen. Enter ingress with VLAN 6 as untagged. To remove a destination port from 1 to privileged EXEC mode. Switch(config)# monitor session 2 source remote vlan 901 Switch(config)# monitor session 2 destination interface gigabitethernet0/2 ingress vlan 6 Switch(config)# end 78-16156-01 Catalyst 3560 Switch Software Configuration Guide...
... traffic forwarding on the destination port as the default ingress VLAN. Note In an RSPAN destination session, you must be a physical interface. For interface-id, specify the destination interface. enter a space before and after the hyphen. Enter ingress with VLAN 6 as untagged. To remove a destination port from 1 to privileged EXEC mode. Switch(config)# monitor session 2 source remote vlan 901 Switch(config)# monitor session 2 destination interface gigabitethernet0/2 ingress vlan 6 Switch(config)# end 78-16156-01 Catalyst 3560 Switch Software Configuration Guide...
Software Configuration Guide
Page 484
... forwarded or blocked at router interfaces. Each ACE specifies permit or deny and a set of traffic are filtered by the router ACL. Outgoing routed IP packets are not filtered. 27-2 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 Other packets are filtered by the port ACL. After a VLAN map is applied to a VLAN, all parts of access control entries (ACEs). You can apply only one IP access list and one MAC access list to Layer 3 interfaces in an switch virtual interface...
... forwarded or blocked at router interfaces. Each ACE specifies permit or deny and a set of traffic are filtered by the router ACL. Outgoing routed IP packets are not filtered. 27-2 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 Other packets are filtered by the port ACL. After a VLAN map is applied to a VLAN, all parts of access control entries (ACEs). You can apply only one IP access list and one MAC access list to Layer 3 interfaces in an switch virtual interface...
Software Configuration Guide
Page 539
... by adjusting queue thresholds so that the packet is forwarded with its original DSCP to the CPU where it is carried along . Chapter 28 Configuring QoS Understanding QoS threshold-id cos1...cos8} global configuration command. You assign the two WTD threshold percentages for queueing and scheduling decisions. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 28-17 You assign shared or shaped...
... by adjusting queue thresholds so that the packet is forwarded with its original DSCP to the CPU where it is carried along . Chapter 28 Configuring QoS Understanding QoS threshold-id cos1...cos8} global configuration command. You assign the two WTD threshold percentages for queueing and scheduling decisions. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 28-17 You assign shared or shaped...