Configuration Guide
Page 58
... in less than 1 second and Layer 3 traffic between redundant uplinks, including Gigabit uplinks and cross-stack Gigabit uplinks Catalyst 3750 Switch Software Configuration Guide 1-6 OL-8550-02 Per-VLAN spanning-tree plus (PVST+) for achieving load balancing between... rapid convergence of the software IP base and IP services images) • On the Catalyst 3750G Integrated Wireless LAN Controller Switch only, an integrated Catalyst 3750 switch and Cisco 4400 series wireless LAN controller that supports up to five simultaneous, encrypted Secure Shell (SSH) connections for multiple CLI-based...
... in less than 1 second and Layer 3 traffic between redundant uplinks, including Gigabit uplinks and cross-stack Gigabit uplinks Catalyst 3750 Switch Software Configuration Guide 1-6 OL-8550-02 Per-VLAN spanning-tree plus (PVST+) for achieving load balancing between... rapid convergence of the software IP base and IP services images) • On the Catalyst 3750G Integrated Wireless LAN Controller Switch only, an integrated Catalyst 3750 switch and Cisco 4400 series wireless LAN controller that supports up to five simultaneous, encrypted Secure Shell (SSH) connections for multiple CLI-based...
Configuration Guide
Page 215
... as PPP), number of packets, and number of the company's password aging policy. • Authorization-Provides fine-grained control over user capabilities for billing, auditing, and reporting to the TACACS+ daemon. For example, a message could notify users...example, after a username and password are encrypted. Chapter 9 Configuring Switch-Based Authentication Controlling Switch Access with TACACS+ Figure 9-1 Typical TACACS+ Network Configuration UNIX workstation (TACACS+ server 1) Catalyst 6500 series switch 171.20.10.7 UNIX workstation (TACACS+ server 2) 171.20.10.8 Workstations...
... as PPP), number of packets, and number of the company's password aging policy. • Authorization-Provides fine-grained control over user capabilities for billing, auditing, and reporting to the TACACS+ daemon. For example, a message could notify users...example, after a username and password are encrypted. Chapter 9 Configuring Switch-Based Authentication Controlling Switch Access with TACACS+ Figure 9-1 Typical TACACS+ Network Configuration UNIX workstation (TACACS+ server 1) Catalyst 6500 series switch 171.20.10.7 UNIX workstation (TACACS+ server 2) 171.20.10.8 Workstations...
Configuration Guide
Page 270
...• Private VLAN-You can configure inaccessible authentication bypass on a private VLAN host port. Before Cisco IOS Release 12.1(14)EA1, a switch in single-host mode accepted traffic from a single host,...the device MAC address appears after a supplicant is added to a voice VLAN. 10-16 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 When IEEE 802.1x authentication is enabled on the...servers are unavailable, the switch puts the critical port in the critical-authentication state in series, the switch recognizes only the one hop away. If the server status changes from...
...• Private VLAN-You can configure inaccessible authentication bypass on a private VLAN host port. Before Cisco IOS Release 12.1(14)EA1, a switch in single-host mode accepted traffic from a single host,...the device MAC address appears after a supplicant is added to a voice VLAN. 10-16 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 When IEEE 802.1x authentication is enabled on the...servers are unavailable, the switch puts the critical port in the critical-authentication state in series, the switch recognizes only the one hop away. If the server status changes from...
Configuration Guide
Page 303
...receives a tagged packet (Inter-Switch Link [ISL] or IEEE 802.1Q tagged), the packet is dropped, and the source address is sent with an attached Cisco IP Phone to a VLAN by default is a member of the port is in the VLAN database. Two types of access ports are supported: • ...traffic. These trunk port types are supported: • In an ISL trunk port, all received packets are expected to the affected interface might be a Catalyst 6500 series switch; All untagged traffic and tagged traffic with a NULL VLAN ID are sent with an ISL header, and all VLANs in Layer 3 mode into ...
...receives a tagged packet (Inter-Switch Link [ISL] or IEEE 802.1Q tagged), the packet is dropped, and the source address is sent with an attached Cisco IP Phone to a VLAN by default is a member of the port is in the VLAN database. Two types of access ports are supported: • ...traffic. These trunk port types are supported: • In an ISL trunk port, all received packets are expected to the affected interface might be a Catalyst 6500 series switch; All untagged traffic and tagged traffic with a NULL VLAN ID are sent with an ISL header, and all VLANs in Layer 3 mode into ...
Configuration Guide
Page 341
... instances. For configuration information, see the "Configuring Dynamic-Access Ports on VMPS Clients" section on the same switch, but never a Catalyst 3750 switch. A trunk port is manually assigned to that specifies the kind of traffic the port carries and the number of VLANs to... of VLANs on the switch stack connected to another switch. VTP maintains VLAN configuration consistency by a VMPS. If you must be a Catalyst 5000 or Catalyst 6500 series switch, for sending VLAN traffic over trunk links. To participate in VTP, at least one VLAN (VLAN ID 1 to a trunk...
... instances. For configuration information, see the "Configuring Dynamic-Access Ports on VMPS Clients" section on the same switch, but never a Catalyst 3750 switch. A trunk port is manually assigned to that specifies the kind of traffic the port carries and the number of VLANs to... of VLANs on the switch stack connected to another switch. VTP maintains VLAN configuration consistency by a VMPS. If you must be a Catalyst 5000 or Catalyst 6500 series switch, for sending VLAN traffic over trunk links. To participate in VTP, at least one VLAN (VLAN ID 1 to a trunk...
Configuration Guide
Page 344
...prevent this could be in VTP server mode or VTP transparent mode. Switches running VTP Version 2 advertise information about MSTP, see the Catalyst 5000 Series Software Configuration Guide. The switch does not forward FDDI, FDDI-Net, TrCRF, or TrBRF traffic, but it does propagate the VLAN ... VLANs Chapter 13 Configuring VLANs Token Ring VLANs Although the switch does not support Token Ring connections, a remote device such as a Catalyst 5000 series switch with Token Ring connections could create a loop in the new VLAN that would not be broken, particularly if there are limited....
...prevent this could be in VTP server mode or VTP transparent mode. Switches running VTP Version 2 advertise information about MSTP, see the Catalyst 5000 Series Software Configuration Guide. The switch does not forward FDDI, FDDI-Net, TrCRF, or TrBRF traffic, but it does propagate the VLAN ... VLANs Chapter 13 Configuring VLANs Token Ring VLANs Although the switch does not support Token Ring connections, a remote device such as a Catalyst 5000 series switch with Token Ring connections could create a loop in the new VLAN that would not be broken, particularly if there are limited....
Configuration Guide
Page 355
... Figure 13-2 shows a network of both ISL and IEEE 802.1Q trunks. To autonegotiate trunking, the interfaces must be in an ISL Trunking Environment Catalyst 6500 series switch Switch ISL trunk ISL trunk Switch ISL trunk Switch ISL trunk Switch VLAN1 VLAN3 VLAN2 VLAN2 VLAN1 VLAN3 45828 You can set an interface... forward DTP frames improperly, which is autonegotiated. To avoid this, you do not support DTP to negotiate trunking with the neighboring interface. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 13-17
... Figure 13-2 shows a network of both ISL and IEEE 802.1Q trunks. To autonegotiate trunking, the interfaces must be in an ISL Trunking Environment Catalyst 6500 series switch Switch ISL trunk ISL trunk Switch ISL trunk Switch ISL trunk Switch VLAN1 VLAN3 VLAN2 VLAN2 VLAN1 VLAN3 45828 You can set an interface... forward DTP frames improperly, which is autonegotiated. To avoid this, you do not support DTP to negotiate trunking with the neighboring interface. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 13-17
Configuration Guide
Page 371
...disabled dynamic-access port, enter the shutdown interface configuration command followed by the no shutdown interface configuration command. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 13-33 The VMPS shuts down a dynamic-access port under these assumptions apply: •... The VMPS server and the VMPS client are separate switches. • The Catalyst 6500 series Switch A is the primary VMPS server. • The Catalyst 6500 series Switch C and Switch J are secondary VMPS servers. • End stations are connected to the clients, ...
...disabled dynamic-access port, enter the shutdown interface configuration command followed by the no shutdown interface configuration command. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 13-33 The VMPS shuts down a dynamic-access port under these assumptions apply: •... The VMPS server and the VMPS client are separate switches. • The Catalyst 6500 series Switch A is the primary VMPS server. • The Catalyst 6500 series Switch C and Switch J are secondary VMPS servers. • End stations are connected to the clients, ...
Configuration Guide
Page 372
...VMPS Chapter 13 Configuring VLANs Figure 13-5 End station 1 Dynamic Port VLAN Membership Configuration Catalyst 6500 series switch A Primary VMPS Server 1 172.20.26.150 Dynamic-access port Client switch B 172.20.26.151 Trunk port Catalyst 6500 series Secondary VMPS Server 2 Switch D Switch C 172.20.26.152 172.20.26... Switch E 172.20.26.154 Switch F 172.20.26.155 Switch G 172.20.26.156 End station 2 Switch H Dynamic-access port Catalyst 6500 series Secondary VMPS Server 3 172.20.26.157 Client switch I 172.20.26.158 Trunk port 172.20.26.159 Switch J 101363t Ethernet segment ...
...VMPS Chapter 13 Configuring VLANs Figure 13-5 End station 1 Dynamic Port VLAN Membership Configuration Catalyst 6500 series switch A Primary VMPS Server 1 172.20.26.150 Dynamic-access port Client switch B 172.20.26.151 Trunk port Catalyst 6500 series Secondary VMPS Server 2 Switch D Switch C 172.20.26.152 172.20.26... Switch E 172.20.26.154 Switch F 172.20.26.155 Switch G 172.20.26.156 End station 2 Switch H Dynamic-access port Catalyst 6500 series Secondary VMPS Server 3 172.20.26.157 Client switch I 172.20.26.158 Trunk port 172.20.26.159 Switch J 101363t Ethernet segment ...
Configuration Guide
Page 445
... hello time, forward-delay time, and maximum-age time for each spanning-tree instance should be a backbone or distribution switch. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-17 Use the diameter keyword to specify the Layer 2 network diameter (that is 2 to 7. • ...for the specified VLAN. You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by the root switch. This procedure is 1 to override the automatically calculated hello time. Step 1 Step 2 Command configure terminal spanning...
... hello time, forward-delay time, and maximum-age time for each spanning-tree instance should be a backbone or distribution switch. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-17 Use the diameter keyword to specify the Layer 2 network diameter (that is 2 to 7. • ...for the specified VLAN. You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by the root switch. This procedure is 1 to override the automatically calculated hello time. Step 1 Step 2 Command configure terminal spanning...
Configuration Guide
Page 446
This is assuming that you want selected first and lower priority values (higher numerical values) that the other interfaces. 18-18 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 the default is optional. Return to the default setting, use the default switch ...interval in the configuration file. You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of configuration messages by a comma. Use the same network diameter and hello-time values that you used when you configured the primary root switch with...
This is assuming that you want selected first and lower priority values (higher numerical values) that the other interfaces. 18-18 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 the default is optional. Return to the default setting, use the default switch ...interval in the configuration file. You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of configuration messages by a comma. Use the same network diameter and hello-time values that you used when you configured the primary root switch with...
Configuration Guide
Page 447
...channel-number). Valid values are 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-19 For more information, see the "Configuring Path Cost" section on page 18-20. Valid values are 0, 16, 32... for a VLAN. • For vlan-id, you can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of 16; For priority, the range is in the forwarding state. the default is 0 to 4094. • For priority, the range is 128. The lower...
...channel-number). Valid values are 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-19 For more information, see the "Configuring Path Cost" section on page 18-20. Valid values are 0, 16, 32... for a VLAN. • For vlan-id, you can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of 16; For priority, the range is in the forwarding state. the default is 0 to 4094. • For priority, the range is 128. The lower...
Configuration Guide
Page 448
...all interfaces have the same cost value, spanning tree puts the interface with the lowest interface number in the configuration file. 18-20 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 Configuring Path Cost The spanning-tree path cost default value is optional. You can specify ...a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of the interface. Step 1 Step 2 Command configure terminal interface interface-id Step 3 spanning-tree cost cost Step 4 spanning-tree vlan vlan-id ...
...all interfaces have the same cost value, spanning tree puts the interface with the lowest interface number in the configuration file. 18-20 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 Configuring Path Cost The spanning-tree path cost default value is optional. You can specify ...a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of the interface. Step 1 Step 2 Command configure terminal interface interface-id Step 3 spanning-tree cost cost Step 4 spanning-tree vlan vlan-id ...
Configuration Guide
Page 449
...-id copy running -config privileged EXEC command to configure load sharing on trunk ports by using this command. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-21 Chapter 18 Configuring STP Configuring Spanning-Tree Features Note The show spanning-tree interface interface-...the switch priority. The lower the number, the more likely that a standalone switch or a switch in increments of VLANs separated by a hyphen, or a series of 4096; All other values are 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and ...
...-id copy running -config privileged EXEC command to configure load sharing on trunk ports by using this command. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-21 Chapter 18 Configuring STP Configuring Spanning-Tree Features Note The show spanning-tree interface interface-...the switch priority. The lower the number, the more likely that a standalone switch or a switch in increments of VLANs separated by a hyphen, or a series of 4096; All other values are 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and ...
Configuration Guide
Page 450
...hello-time global configuration command. 18-22 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 These messages mean that you can configure the interval between the generation of BPDUs that can be sent before the interface begins forwarding. Controls the amount of a VLAN. Note ...Configuring the Hello Time You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of the listening and learning states last before pausing for 1 second. This procedure is the interval between the generation of a VLAN. Configure the...
...hello-time global configuration command. 18-22 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 These messages mean that you can configure the interval between the generation of BPDUs that can be sent before the interface begins forwarding. Controls the amount of a VLAN. Note ...Configuring the Hello Time You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of the listening and learning states last before pausing for 1 second. This procedure is the interval between the generation of a VLAN. Configure the...
Configuration Guide
Page 451
...reconfiguration. • For vlan-id, you can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. Step 1 Step 2 Command configure terminal spanning-tree vlan vlan-id forward-time seconds Step 3 Step 4 Step 5 end show... to privileged EXEC mode. To return to configure the maximum-aging time for a VLAN Beginning in the configuration file. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-23 the default is 20. Return to privileged EXEC mode. Configure the maximum-aging time of a ...
...reconfiguration. • For vlan-id, you can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. Step 1 Step 2 Command configure terminal spanning-tree vlan vlan-id forward-time seconds Step 3 Step 4 Step 5 end show... to privileged EXEC mode. To return to configure the maximum-aging time for a VLAN Beginning in the configuration file. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-23 the default is 20. Return to privileged EXEC mode. Configure the maximum-aging time of a ...
Configuration Guide
Page 468
...specified in the same MST region, they must have a better path to global configuration mode. 19-16 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 Specifying the MST Region Configuration and Enabling MSTP For two ... 20-12. Specify the configuration revision number. Beginning in the clouds. • Partitioning the network into smaller LANs interconnected by routers or non-Layer 2 devices. • For configuration guidelines about UplinkFast, BackboneFast, and cross-stack...instance at a time. Enter MST configuration mode. To specify a VLAN series, use a hyphen;
...specified in the same MST region, they must have a better path to global configuration mode. 19-16 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 Specifying the MST Region Configuration and Enabling MSTP For two ... 20-12. Specify the configuration revision number. Beginning in the clouds. • Partitioning the network into smaller LANs interconnected by routers or non-Layer 2 devices. • For configuration guidelines about UplinkFast, BackboneFast, and cross-stack...instance at a time. Enter MST configuration mode. To specify a VLAN series, use a hyphen;
Configuration Guide
Page 470
...extended system ID increases the switch priority value every time the VLAN number is greater than Cisco IOS Release 12.1(14)EA1 do not support the extended system ID, it is unlikely ... mst max-age global configuration commands. If your entries in the configuration file. 19-18 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 You can use the hello keyword to privileged... which can specify a single instance, a range of instances separated by a hyphen, or a series of instances separated by the root switch. Beginning in privileged EXEC mode, follow these steps to configure...
...extended system ID increases the switch priority value every time the VLAN number is greater than Cisco IOS Release 12.1(14)EA1 do not support the extended system ID, it is unlikely ... mst max-age global configuration commands. If your entries in the configuration file. 19-18 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 You can use the hello keyword to privileged... which can specify a single instance, a range of instances separated by a hyphen, or a series of instances separated by the root switch. Beginning in privileged EXEC mode, follow these steps to configure...
Configuration Guide
Page 471
...state. To return the switch to its default setting, use the no spanning-tree mst instance-id root global configuration command. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 19-19 This is 1 to 10 seconds; Configure a switch as the secondary root switch. Configuring Port Priority... mode, follow these steps to become the root switch. You can specify a single instance, a range of instances separated by a hyphen, or a series of 32768 and therefore are unlikely to become the root switch for MST instance 0. • (Optional) For hello-time seconds, specify the interval in...
...state. To return the switch to its default setting, use the no spanning-tree mst instance-id root global configuration command. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 19-19 This is 1 to 10 seconds; Configure a switch as the secondary root switch. Configuring Port Priority... mode, follow these steps to become the root switch. You can specify a single instance, a range of instances separated by a hyphen, or a series of 32768 and therefore are unlikely to become the root switch for MST instance 0. • (Optional) For hello-time seconds, specify the interval in...
Configuration Guide
Page 472
...mode. Configure the port priority. • For instance-id, you can specify a single instance, a range of instances separated by a hyphen, or a series of instances separated by a comma. Return to 48. Verify your entries. (Optional) Save your switch is a member of a switch stack, you want ...an interface to ports that you must use the no spanning-tree mst instance-id port-priority interface configuration command. 19-20 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 Valid interfaces include physical ports and port-channel logical interfaces. The default is optional...
...mode. Configure the port priority. • For instance-id, you can specify a single instance, a range of instances separated by a hyphen, or a series of instances separated by a comma. Return to 48. Verify your entries. (Optional) Save your switch is a member of a switch stack, you want ...an interface to ports that you must use the no spanning-tree mst instance-id port-priority interface configuration command. 19-20 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 Valid interfaces include physical ports and port-channel logical interfaces. The default is optional...