Software Guide
Page 43
...of the MAC address table • Cisco Discovery Protocol (CDP) Versions 1 and 2 for network topology discovery and mapping between the switch and other Cisco devices on the network (supported only on NNIs) • Network Time Protocol (NTP) for user-selected features Management Options • CLI-The Cisco IOS software supports desktop- For more information about using SNMP, see Chapter 27, "Configuring SNMP." For more information about using Telnet from a remote management station. The switch supports a comprehensive set of multicast groups to which hosts on a switch port can belong...
...of the MAC address table • Cisco Discovery Protocol (CDP) Versions 1 and 2 for network topology discovery and mapping between the switch and other Cisco devices on the network (supported only on NNIs) • Network Time Protocol (NTP) for user-selected features Management Options • CLI-The Cisco IOS software supports desktop- For more information about using SNMP, see Chapter 27, "Configuring SNMP." For more information about using Telnet from a remote management station. The switch supports a comprehensive set of multicast groups to which hosts on a switch port can belong...
Software Guide
Page 75
... these steps to manually assign IP information to global configuration mode. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 3-9 This directory contains the network-confg file used in the same way. Return to a switch virtual interface (SVI). Enter the IP address and subnet mask. Chapter 3 Assigning the Switch IP Address and Default Gateway Assigning Switch Information DNS Server Configuration The DNS server maps the TFTP server name tftpserver to its IP address. This file contains the hostname to...
... these steps to manually assign IP information to global configuration mode. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 3-9 This directory contains the network-confg file used in the same way. Return to a switch virtual interface (SVI). Enter the IP address and subnet mask. Chapter 3 Assigning the Switch IP Address and Default Gateway Assigning Switch Information DNS Server Configuration The DNS server maps the TFTP server name tftpserver to its IP address. This file contains the hostname to...
Software Guide
Page 76
...-id ! vlan internal allocation policy ascending 3-10 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 no ip domain-lookup ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no ip address interface configuration command. Verify the configured default gateway. (Optional) Save your switch is configured, the switch has connectivity to the remote networks with which a host needs to the switch will be lost. enable password cisco ! Once the default gateway is configured to have a default gateway set.
...-id ! vlan internal allocation policy ascending 3-10 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 no ip domain-lookup ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no ip address interface configuration command. Verify the configured default gateway. (Optional) Save your switch is configured, the switch has connectivity to the remote networks with which a host needs to the switch will be lost. enable password cisco ! Once the default gateway is configured to have a default gateway set.
Software Guide
Page 119
... addresses, multicast addresses, or other static addresses. 5-22 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 You can set a trap interval time to bundle the notification traps and reduce network traffic. To return to the default value, use the clear mac address-table dynamic command in privileged EXEC mode. For vlan-id, valid IDs are never aged or removed from the network, you have been removed, use the show mac address-table aging-time copy running-config startup-config Purpose Enter global configuration mode...
... addresses, multicast addresses, or other static addresses. 5-22 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 You can set a trap interval time to bundle the notification traps and reduce network traffic. To return to the default value, use the clear mac address-table dynamic command in privileged EXEC mode. For vlan-id, valid IDs are never aged or removed from the network, you have been removed, use the show mac address-table aging-time copy running-config startup-config Purpose Enter global configuration mode...
Software Guide
Page 121
..., enable the MAC address notification feature, set the interval time to 60 seconds, set the history-size to the interface specified with this destination address are not replicated in the associated VLAN. You can add and remove static addresses and define the forwarding behavior for each source port. For more information about private VLANs, see Chapter 12, "Configuring Private VLANs." 5-24 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 To disable the MAC address notification...
..., enable the MAC address notification feature, set the interval time to 60 seconds, set the history-size to the interface specified with this destination address are not replicated in the associated VLAN. You can add and remove static addresses and define the forwarding behavior for each source port. For more information about private VLANs, see Chapter 12, "Configuring Private VLANs." 5-24 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 To disable the MAC address notification...
Software Guide
Page 136
... EXEC mode. To disable password checking and allow connections without a password, use the no login line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-7 If you have defined privilege levels, you can also assign a specific privilege level (with associated rights and privileges) to each user before that requests a login username and a password: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Command configure terminal username name [privilege level] {password encryption-type password} line console 0 or line vty 0 15 login local...
... EXEC mode. To disable password checking and allow connections without a password, use the no login line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-7 If you have defined privilege levels, you can also assign a specific privilege level (with associated rights and privileges) to each user before that requests a login username and a password: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Command configure terminal username name [privilege level] {password encryption-type password} line console 0 or line vty 0 15 login local...
Software Guide
Page 137
... configure for global configuration mode, exec for EXEC mode, interface for interface configuration mode, or line for line configuration mode. • For level, the range is for normal user EXEC mode privileges. Protecting Access to Privileged EXEC Commands Chapter 7 Configuring Switch-Based Authentication Configuring Multiple Privilege Levels By default, the Cisco IOS software has two modes of commands for a command mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command configure terminal privilege mode level level command enable password level level password end show running-config...
... configure for global configuration mode, exec for EXEC mode, interface for interface configuration mode, or line for line configuration mode. • For level, the range is for normal user EXEC mode privileges. Protecting Access to Privileged EXEC Commands Chapter 7 Configuring Switch-Based Authentication Configuring Multiple Privilege Levels By default, the Cisco IOS software has two modes of commands for a command mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command configure terminal privilege mode level level command enable password level level password end show running-config...
Software Guide
Page 138
... using the privilege level line configuration command by the enable password. Level 15 is the level of that command are automatically set to change the default privilege level for Lines Beginning in privileged EXEC mode, follow these steps to privilege level 15 unless you set them individually to a higher privilege level, they can use the no privilege level line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-9 The second command...
... using the privilege level line configuration command by the enable password. Level 15 is the level of that command are automatically set to change the default privilege level for Lines Beginning in privileged EXEC mode, follow these steps to privilege level 15 unless you set them individually to a higher privilege level, they can use the no privilege level line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-9 The second command...
Software Guide
Page 195
... switchport interface configuration command. Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-4 78-17058-01 A trunk port can limit VLAN membership by putting the interface into Layer 3 mode with the customer VLANs, are retrieved. Configure routed ports by configuring an allowed list of an IEEE 802.1Q tag (called the metro tag), containing a VLAN ID unique in the enabled state. Understanding Interface Types Chapter 9 Configuring Interface Characteristics Trunk Ports Tunnel Ports they are assumed to belong to the port default PVID. Routed ports can...
... switchport interface configuration command. Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-4 78-17058-01 A trunk port can limit VLAN membership by putting the interface into Layer 3 mode with the customer VLANs, are retrieved. Configure routed ports by configuring an allowed list of an IEEE 802.1Q tag (called the metro tag), containing a VLAN ID unique in the enabled state. Understanding Interface Types Chapter 9 Configuring Interface Characteristics Trunk Ports Tunnel Ports they are assumed to belong to the port default PVID. Routed ports can...
Software Guide
Page 208
... on , off interface configuration command. Note For details on the command settings and the resulting IEEE 802.3x flow control resolution on Switch(config-if)# end 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-17 Verify the interface IEEE 802.3x flow control settings. (Optional) Save your entries in the command reference for the port. Chapter 9 Configuring Interface Characteristics Configuring Ethernet Interfaces Configuring IEEE 802.3x Flow Control IEEE 802.3x flow control enables connected Ethernet ports to control traffic rates during the...
... on , off interface configuration command. Note For details on the command settings and the resulting IEEE 802.3x flow control resolution on Switch(config-if)# end 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-17 Verify the interface IEEE 802.3x flow control settings. (Optional) Save your entries in the command reference for the port. Chapter 9 Configuring Interface Characteristics Configuring Ethernet Interfaces Configuring IEEE 802.3x Flow Control IEEE 802.3x flow control enables connected Ethernet ports to control traffic rates during the...
Software Guide
Page 209
...Cabling Link up Link up Link up Link down Beginning in the configuration file. By default, UNIs are disabled, and NNIs are enabled. duplex auto Configure the interface to be configured, and enter interface configuration mode. end Return to other devices, and the interface automatically corrects for any incorrect cabling. Configuring Ethernet Interfaces Chapter 9 Configuring Interface Characteristics Configuring Auto-MDIX on an Interface When automatic medium-dependent interface crossover (auto-MDIX) is enabled on 1000 BASE-SX or -LX SFP module interfaces. When connecting switches...
...Cabling Link up Link up Link up Link down Beginning in the configuration file. By default, UNIs are disabled, and NNIs are enabled. duplex auto Configure the interface to be configured, and enter interface configuration mode. end Return to other devices, and the interface automatically corrects for any incorrect cabling. Configuring Ethernet Interfaces Chapter 9 Configuring Interface Characteristics Configuring Auto-MDIX on an Interface When automatic medium-dependent interface crossover (auto-MDIX) is enabled on 1000 BASE-SX or -LX SFP module interfaces. When connecting switches...
Software Guide
Page 212
... individual interface; By default, UNIs are disabled, and NNIs are sent to the CPU, such as a routed port and to control traffic, SNMP, Telnet, or routing protocols. You cannot set it an IP address: Switch# configure terminal Enter configuration commands, one per line. Routed packets are not received by using the system mtu jumbo global configuration command. End with a peer router. Enable the interface. When you change the MTU size, you set the MTU size for a specific VLAN, use the show running-config interface [interface-id...
... individual interface; By default, UNIs are disabled, and NNIs are sent to the CPU, such as a routed port and to control traffic, SNMP, Telnet, or routing protocols. You cannot set it an IP address: Switch# configure terminal Enter configuration commands, one per line. Routed packets are not received by using the system mtu jumbo global configuration command. End with a peer router. Enable the interface. When you change the MTU size, you set the MTU size for a specific VLAN, use the show running-config interface [interface-id...
Software Guide
Page 239
... is true for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), and Link Aggregation Control Protocol (LACP) in the configuration file. You do this release. Beginning in the Trunking VLANs Enabled field of VLANs described by two VLAN numbers, the lower one first, separated by default. If the access VLAN is set to disable VLAN 1 on a port: Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end 11-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01...
... is true for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), and Link Aggregation Control Protocol (LACP) in the configuration file. You do this release. Beginning in the Trunking VLANs Enabled field of VLANs described by two VLAN numbers, the lower one first, separated by default. If the access VLAN is set to disable VLAN 1 on a port: Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end 11-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01...
Software Guide
Page 240
... traffic belongs. For load sharing using STP port priorities, both tagged and untagged traffic. By default, the switch forwards untagged traffic in the configuration file. Note The native VLAN can receive both load-sharing links must be connected to 4094. For information about STP, see the "IEEE 802.1Q Configuration Considerations" section on an IEEE 802.1Q trunk: Step 1 Step 2 Command configure terminal interface interface-id Step 3 no switchport trunk native vlan interface configuration command. Enable the port...
... traffic belongs. For load sharing using STP port priorities, both tagged and untagged traffic. By default, the switch forwards untagged traffic in the configuration file. Note The native VLAN can receive both load-sharing links must be connected to 4094. For information about STP, see the "IEEE 802.1Q Configuration Considerations" section on an IEEE 802.1Q trunk: Step 1 Step 2 Command configure terminal interface interface-id Step 3 no switchport trunk native vlan interface configuration command. Enable the port...
Software Guide
Page 325
... 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command Purpose configure terminal Enter global configuration mode. interface interface-id Specify an interface to place into the forwarding state. If the interface is not an NNI, enter the port-type nni interface configuration command before you can use the no spanning-tree mst instance-id cost interface configuration command. 15-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 Otherwise, you configure MST path cost. If a loop...
... 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command Purpose configure terminal Enter global configuration mode. interface interface-id Specify an interface to place into the forwarding state. If the interface is not an NNI, enter the port-type nni interface configuration command before you can use the no spanning-tree mst instance-id cost interface configuration command. 15-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 Otherwise, you configure MST path cost. If a loop...
Software Guide
Page 347
... 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 If the DHCP server cannot give the DHCP client the requested configuration parameters from a device that forwards DHCP packets between networks. Relay agents forward requests and replies between untrusted hosts and DHCP servers. In a service-provider network, a trusted interface is connected to an interface on a device that is connected to the DHCP server or another switch. You use DHCP snooping in the network or to a port on page 18-13. DHCP snooping acts like a firewall...
... 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 If the DHCP server cannot give the DHCP client the requested configuration parameters from a device that forwards DHCP packets between networks. Relay agents forward requests and replies between untrusted hosts and DHCP servers. In a service-provider network, a trusted interface is connected to an interface on a device that is connected to the DHCP server or another switch. You use DHCP snooping in the network or to a port on page 18-13. DHCP snooping acts like a firewall...
Software Guide
Page 419
...the default condition (shutdown mode), use the no switchport port-security mac-address sticky command, or the sticky addresses will be restored if the switch reboots. The interface converts the sticky secure MAC addresses to configure a static secure MAC address on VLAN 3 on a port: Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address 0000.02000.0004 vlan 3 21-14 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 Use the clear port...
...the default condition (shutdown mode), use the no switchport port-security mac-address sticky command, or the sticky addresses will be restored if the switch reboots. The interface converts the sticky secure MAC addresses to configure a static secure MAC address on VLAN 3 on a port: Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address 0000.02000.0004 vlan 3 21-14 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 Use the clear port...
Software Guide
Page 753
... set up a boundary for Clearing Caches, Tables, and Databases Command clear ip igmp group [group-name | group-address | interface] clear ip mroute {* | group [source]} clear ip pim auto-rp rp-address clear ip sdr [group-address | "session-name"] Purpose Delete entries from the IP multicast routing table. Note This release does not support per-route statistics. 34-34 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 Clearing a cache, table, or database might be necessary when the contents of IP routing tables...
... set up a boundary for Clearing Caches, Tables, and Databases Command clear ip igmp group [group-name | group-address | interface] clear ip mroute {* | group [source]} clear ip pim auto-rp rp-address clear ip sdr [group-address | "session-name"] Purpose Delete entries from the IP multicast routing table. Note This release does not support per-route statistics. 34-34 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 Clearing a cache, table, or database might be necessary when the contents of IP routing tables...
Software Guide
Page 779
... an error during the boot-up sequence, as shown in this example: ***** The system will autoboot in this procedure if you see that begins with Password Recovery Disabled, page 36-7 You enable or disable password recovery by using the service password-recovery global configuration command. Power off until the break key is different for the password recovery purpose. Step 1 Step 2 Step 3 Step 4 Connect a terminal or PC with Password Recovery Enabled" section on the console terminal...
... an error during the boot-up sequence, as shown in this example: ***** The system will autoboot in this procedure if you see that begins with Password Recovery Disabled, page 36-7 You enable or disable password recovery by using the service password-recovery global configuration command. Power off until the break key is different for the password recovery purpose. Step 1 Step 2 Step 3 Step 4 Connect a terminal or PC with Password Recovery Enabled" section on the console terminal...
Software Guide
Page 869
... port-control command 8-4 authorized and unauthorized 8-4 port security described 8-7 interactions 8-7 multiple-hosts mode 8-6 resetting to default values 8-17 statistics, displaying 8-19 switch as proxy 8-3 RADIUS client 8-3 VLAN assignment AAA authorization 8-11 characteristics 8-8 configuration tasks 8-8 described 8-8 port blocking 1-2, 21-7 port-channel See EtherChannel Port Fast described 16-2 enabling 16-5 support for 1-4 port membership modes, VLAN 11-4 port priority MSTP 15-17 STP 14-16 ports access 9-3 blocking 21-7 dynamic access 11-5 IEEE 802.1Q tunnel 11-5 protected 21-5 routed...
... port-control command 8-4 authorized and unauthorized 8-4 port security described 8-7 interactions 8-7 multiple-hosts mode 8-6 resetting to default values 8-17 statistics, displaying 8-19 switch as proxy 8-3 RADIUS client 8-3 VLAN assignment AAA authorization 8-11 characteristics 8-8 configuration tasks 8-8 described 8-8 port blocking 1-2, 21-7 port-channel See EtherChannel Port Fast described 16-2 enabling 16-5 support for 1-4 port membership modes, VLAN 11-4 port priority MSTP 15-17 STP 14-16 ports access 9-3 blocking 21-7 dynamic access 11-5 IEEE 802.1Q tunnel 11-5 protected 21-5 routed...