User Guide
Page 1
... Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into Cisco IOS Release 12.2(8)T. and 36-Port Ethernet Switch Module for the 16- Added switching software enhancements: IEEE 802.1x, QoS (including Layer 2/Layer 3 CoS/DSCP mapping and rate limiting...157 • Glossary, page 242 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 1 and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). 16- Enhancements were added in Cisco IOS Release 12.2(2)XT and Cisco IOS Release 12.2(8)T and above....
... Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into Cisco IOS Release 12.2(8)T. and 36-Port Ethernet Switch Module for the 16- Added switching software enhancements: IEEE 802.1x, QoS (including Layer 2/Layer 3 CoS/DSCP mapping and rate limiting...157 • Glossary, page 242 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 1 and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). 16- Enhancements were added in Cisco IOS Release 12.2(2)XT and Cisco IOS Release 12.2(8)T and above....
User Guide
Page 2
...; Spanning Tree Protocol, page 12 • Cisco Discovery Protocol, page 24 • Switched Port Analyzer, page 24 • Network Security with ACLs, page 25 • Quality of Service, page 29 • Maximum Number of the packet. Feature Overview 16- This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet...
...; Spanning Tree Protocol, page 12 • Cisco Discovery Protocol, page 24 • Switched Port Analyzer, page 24 • Network Security with ACLs, page 25 • Quality of Service, page 29 • Maximum Number of the packet. Feature Overview 16- This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet...
User Guide
Page 3
16- Normally, Ethernet operates in both directions simultaneously, effective Ethernet... a session that each interface as a router or a switch. Note Default parameters on an Ethernet switch network module can transmit and receive at least 8,191 address entries without flooding to ensure that uses a significant level of ... forwards frames from the address table. Because each device (for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by all Ethernet interfaces: 802.1Q-802...
16- Normally, Ethernet operates in both directions simultaneously, effective Ethernet... a session that each interface as a router or a switch. Note Default parameters on an Ethernet switch network module can transmit and receive at least 8,191 address entries without flooding to ensure that uses a significant level of ... forwards frames from the address table. Because each device (for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by all Ethernet interfaces: 802.1Q-802...
User Guide
Page 4
...VLAN on one instance of the trunk is treated as broken and block traffic for the specific VLAN. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 4 Feature Overview 16- However, spanning tree information for all VLANs 128 100 for 10-Mbps Ethernet interfaces 19 for 10/... each VLAN is loop-free before disabling spanning tree. and 36-Port Ethernet Switch Module for Gigabit Ethernet interfaces operated in the network can potentially cause spanning tree loops. Make sure that you connect a Cisco switch to a device other 802.1Q switch. Disabling spanning tree on the VLAN...
...VLAN on one instance of the trunk is treated as broken and block traffic for the specific VLAN. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 4 Feature Overview 16- However, spanning tree information for all VLANs 128 100 for 10-Mbps Ethernet interfaces 19 for 10/... each VLAN is loop-free before disabling spanning tree. and 36-Port Ethernet Switch Module for Gigabit Ethernet interfaces operated in the network can potentially cause spanning tree loops. Make sure that you connect a Cisco switch to a device other 802.1Q switch. Disabling spanning tree on the VLAN...
User Guide
Page 5
...configuration command for the default VLAN (VLAN 1) to route traffic, and assign it an IP address. and 36-Port Ethernet Switch Module for a VLAN only when you wish to route between VLANs, fallback-bridge nonroutable protocols between this command to put the interface into...configure is a physical port that acts like a regular router interface, except that can configure routing across SVIs. 16- Configure a VLAN interface for each VLAN for an access port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 Caution Entering a no switchport interface configuration command. Routed...
...configuration command for the default VLAN (VLAN 1) to route traffic, and assign it an IP address. and 36-Port Ethernet Switch Module for a VLAN only when you wish to route between VLANs, fallback-bridge nonroutable protocols between this command to put the interface into...configure is a physical port that acts like a regular router interface, except that can configure routing across SVIs. 16- Configure a VLAN interface for each VLAN for an access port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 Caution Entering a no switchport interface configuration command. Routed...
User Guide
Page 6
...specify other configuration parameters (such as VTP transparent, you make global VLAN configuration changes for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is the... The switch ignores advertisements with unique names and internal index associations. and 36-Port Ethernet Switch Module for the domain using IEEE 802.1Q encapsulation. VTP maps VLANs dynamically across multiple LAN types... out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 Feature Overview...
...specify other configuration parameters (such as VTP transparent, you make global VLAN configuration changes for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is the... The switch ignores advertisements with unique names and internal index associations. and 36-Port Ethernet Switch Module for the domain using IEEE 802.1Q encapsulation. VTP maps VLANs dynamically across multiple LAN types... out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 Feature Overview...
User Guide
Page 7
... by reducing part of the binary pattern formed from NVRAM. The unrecognized TLV is accepted without checking the version. A Ethernet switch network module system supports a maximum of up to parse. EtherChannel load balancing can operate in the same VTP domain as VLAN names and values) ...are version 2-capable. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you must have the same speed duplex and mode. VTP ...
... by reducing part of the binary pattern formed from NVRAM. The unrecognized TLV is accepted without checking the version. A Ethernet switch network module system supports a maximum of up to parse. EtherChannel load balancing can operate in the same VTP domain as VLAN names and values) ...are version 2-capable. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you must have the same speed duplex and mode. VTP ...
User Guide
Page 8
...and restrictions to one of VLANs is going only to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that you shut down an interface in an EtherChannel, it is...different Spanning Tree Protocol (STP) port path costs can pass through the port to the network. Feature Overview 16- For example, if the traffic on the same module. • Configure all interfaces in the channel; Interfaces with no requirement that restricts unauthorized devices from gaining ...
...and restrictions to one of VLANs is going only to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that you shut down an interface in an EtherChannel, it is...different Spanning Tree Protocol (STP) port path costs can pass through the port to the network. Feature Overview 16- For example, if the traffic on the same module. • Configure all interfaces in the channel; Interfaces with no requirement that restricts unauthorized devices from gaining ...
User Guide
Page 9
...the only supported authentication server; The devices that requests access to the LAN and switch services and responds to access the LAN and switch services. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 The workstation must be ... client and the authentication server, requesting identity information from the client, verifying that information with Ethernet switch network module • Client-the device (workstation) that can act as shown in the IEEE 802.1x specification.) Note...edge switch or wireless access point)-controls the physical access to the client. 16-
...the only supported authentication server; The devices that requests access to the LAN and switch services and responds to access the LAN and switch services. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 The workstation must be ... client and the authentication server, requesting identity information from the client, verifying that information with Ethernet switch network module • Client-the device (workstation) that can act as shown in the IEEE 802.1x specification.) Note...edge switch or wireless access point)-controls the physical access to the client. 16-
User Guide
Page 10
...16- If the client does not receive an EAP-request/identity frame after three attempts to start frame, which prompts the switch to up. and 36-Port Ethernet Switch Module for authentication information). Figure 2 shows a message exchange initiated by one or more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco... the switch port becomes authorized. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success...
...16- If the client does not receive an EAP-request/identity frame after three attempts to start frame, which prompts the switch to up. and 36-Port Ethernet Switch Module for authentication information). Figure 2 shows a message exchange initiated by one or more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco... the switch port becomes authorized. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success...
User Guide
Page 11
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. When a client.... The switch detects the client when the port link state changes to the 802.1x-enabled switch port. 16- The port starts in the unauthorized state, but authentication can be connected to the up , or when ...an EAPOL-start frame. The switch cannot provide authentication services to the client through the interface. • auto-enables 802.1x and causes the port to begin in...
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. When a client.... The switch detects the client when the port link state changes to the 802.1x-enabled switch port. 16- The port starts in the unauthorized state, but authentication can be connected to the up , or when ...an EAPOL-start frame. The switch cannot provide authentication services to the client through the interface. • auto-enables 802.1x and causes the port to begin in...
User Guide
Page 12
...a switched Layer 2 network. If a loop exists in a wireless LAN. Feature Overview 16- In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network, end stations ... runs on a switch are granted access to all nodes in the network. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This section describes how to the switch. If a network segment in the ...
...a switched Layer 2 network. If a loop exists in a wireless LAN. Feature Overview 16- In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network, end stations ... runs on a switch are granted access to all nodes in the network. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This section describes how to the switch. If a network segment in the ...
User Guide
Page 13
...age • The identifier of the transmitting port • Values for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree...the bridge to calculate a BPDU, and, if the topology changes, initiate a BPDU transmission. 16- If all switches connected to the LAN on each switch • The spanning tree path...the switch that are selected. • Election of the Root Bridge. and 36-Port Ethernet Switch Module for the hello, forward delay, and max-age protocol timers When a switch transmits a bridge packet...
...age • The identifier of the transmitting port • Values for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree...the bridge to calculate a BPDU, and, if the topology changes, initiate a BPDU transmission. 16- If all switches connected to the LAN on each switch • The spanning tree path...the switch that are selected. • Election of the Root Bridge. and 36-Port Ethernet Switch Module for the hello, forward delay, and max-age protocol timers When a switch transmits a bridge packet...
User Guide
Page 14
...using spanning tree exists in spanning tree and is stored by the switch. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that affect the entire spanning tree performance: ... a switch using the old topology. As a result, topology changes can occur when protocol information passes through a switched LAN. Feature Overview 16- When a Layer 2 interface changes directly from nonparticipation in the spanning tree topology to participate in frame forwarding. • Forwarding-The Layer...
...using spanning tree exists in spanning tree and is stored by the switch. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that affect the entire spanning tree performance: ... a switch using the old topology. As a result, topology changes can occur when protocol information passes through a switched LAN. Feature Overview 16- When a Layer 2 interface changes directly from nonparticipation in the spanning tree topology to participate in frame forwarding. • Forwarding-The Layer...
User Guide
Page 15
16- Figure 4 STP Port States Boot-up initialization Blocking state ...Layer 2 interface waits for protocol information that suggests that it learns end station location information for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the ...transitory states of listening and learning at power up. and 36-Port Ethernet Switch Module for the forwarding ...
16- Figure 4 STP Port States Boot-up initialization Blocking state ...Layer 2 interface waits for protocol information that suggests that it learns end station location information for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the ...transitory states of listening and learning at power up. and 36-Port Ethernet Switch Module for the forwarding ...
User Guide
Page 16
...; Does not transmit BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the blocking state does not participate in Figure 5. Feature Overview 16- and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There...
...; Does not transmit BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the blocking state does not participate in Figure 5. Feature Overview 16- and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There...
User Guide
Page 17
...no address database update.) • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State The listening state is no learning at this... state when STP determines that the Layer 2 interface should participate in the listening state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17 16- The Layer 2 interface enters this point, so there is the first transitional state a Layer 2 ...
...no address database update.) • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State The listening state is no learning at this... state when STP determines that the Layer 2 interface should participate in the listening state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17 16- The Layer 2 interface enters this point, so there is the first transitional state a Layer 2 ...
User Guide
Page 18
...database System module Frame forwarding ... interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning...module. • Receives and responds to the system module. • Receives, processes, and transmits BPDUs received from the listening state. and 36-Port Ethernet Switch Module... for forwarding. • Incorporates end station location into its address database. • Receives BPDUs and directs them to network management messages. Cisco...
...database System module Frame forwarding ... interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning...module. • Receives and responds to the system module. • Receives, processes, and transmits BPDUs received from the listening state. and 36-Port Ethernet Switch Module... for forwarding. • Incorporates end station location into its address database. • Receives BPDUs and directs them to network management messages. Cisco...
User Guide
Page 19
Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 16- and 36-Port Ethernet Switch Module for forwarding. • Incorporates end station location information into its address database. • Receives BPDUs and directs them to network management messages. Figure 8 Interface 2 in ...
Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 16- and 36-Port Ethernet Switch Module for forwarding. • Incorporates end station location information into its address database. • Receives BPDUs and directs them to network management messages. Figure 8 Interface 2 in ...
User Guide
Page 20
... number of MAC addresses that are used as the bridge IDs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled state does not participate in Figure 9. Feature Overview 16- In Table 3 you can view the number of VLANs allowed for...Discards frames received from the attached segment. • Discards frames switched from the system module. MAC Address Allocation The MAC address allocation manager has a pool of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 and 36-Port Ethernet ...
... number of MAC addresses that are used as the bridge IDs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled state does not participate in Figure 9. Feature Overview 16- In Table 3 you can view the number of VLANs allowed for...Discards frames received from the attached segment. • Discards frames switched from the system module. MAC Address Allocation The MAC address allocation manager has a pool of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 and 36-Port Ethernet ...