Configuration Guide
Page 1
Catalyst 3750 Switch Software Configuration Guide Cisco IOS Release 12.2(35)SE December 2006 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Text Part Number: OL-8550-02
Catalyst 3750 Switch Software Configuration Guide Cisco IOS Release 12.2(35)SE December 2006 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Text Part Number: OL-8550-02
Configuration Guide
Page 2
... of California, Berkeley (UCB) as part of UCB's public domain version of Cisco Systems, Inc. and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing...
... of California, Berkeley (UCB) as part of UCB's public domain version of Cisco Systems, Inc. and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing...
Configuration Guide
Page 3
...xliv Related Publications xliv Obtaining Documentation xlvi Cisco.com xlvi Product Documentation DVD xlvi Ordering Documentation xlvi Documentation Feedback xlvii Cisco Product Security Overview xlvii Reporting Security Problems in Cisco Products xlvii Product Alerts and Field Notices xlviii Obtaining Technical Assistance xlviii Cisco Support Website xlviii Submitting a Service ...CoS Features 1-9 Layer 3 Features 1-11 Power over Ethernet Features 1-12 Monitoring Features 1-12 Default Settings After Initial Switch Configuration 1-12 CONTENTS Catalyst 3750 Switch Software Configuration Guide iii
...xliv Related Publications xliv Obtaining Documentation xlvi Cisco.com xlvi Product Documentation DVD xlvi Ordering Documentation xlvi Documentation Feedback xlvii Cisco Product Security Overview xlvii Reporting Security Problems in Cisco Products xlvii Product Alerts and Field Notices xlviii Obtaining Technical Assistance xlviii Cisco Support Website xlviii Submitting a Service ...CoS Features 1-9 Layer 3 Features 1-11 Power over Ethernet Features 1-12 Monitoring Features 1-12 Default Settings After Initial Switch Configuration 1-12 CONTENTS Catalyst 3750 Switch Software Configuration Guide iii
Configuration Guide
Page 4
... A P T E R Network Configuration Examples 1-15 Design Concepts for Using the Switch 1-16 Small to Medium-Sized Network Using Catalyst 3750 Switches 1-21 Large Network Using Catalyst 3750 Switches 1-23 Multidwelling Network Using Catalyst 3750 Switches 1-25 Long-Distance, High-Bandwidth Transport Configuration 1-26 Where to Go Next 1-27 Using the Command-Line Interface 2-1 ... 3-1 Assigning Switch Information 3-2 Default Switch Information 3-3 Understanding DHCP-Based Autoconfiguration 3-3 DHCP Client Request Process 3-4 Catalyst 3750 Switch Software Configuration Guide iv OL-8550-02
... A P T E R Network Configuration Examples 1-15 Design Concepts for Using the Switch 1-16 Small to Medium-Sized Network Using Catalyst 3750 Switches 1-21 Large Network Using Catalyst 3750 Switches 1-23 Multidwelling Network Using Catalyst 3750 Switches 1-25 Long-Distance, High-Bandwidth Transport Configuration 1-26 Where to Go Next 1-27 Using the Command-Line Interface 2-1 ... 3-1 Assigning Switch Information 3-2 Default Switch Information 3-3 Understanding DHCP-Based Autoconfiguration 3-3 DHCP Client Request Process 3-4 Catalyst 3750 Switch Software Configuration Guide iv OL-8550-02
Configuration Guide
Page 5
... Write the System Configuration 3-12 Booting Manually 3-13 Booting a Specific Software Image 3-14 Controlling Environment Variables 3-15 Scheduling a Reload of the Software Image 3-16 Configuring a Scheduled Reload 3-17 Displaying Scheduled Reload Information 3-18 Configuring Cisco IOS CNS Agents 4-1 Understanding Cisco Configuration Engine Software 4-1 Configuration Service 4-2 Event Service 4-3 NameSpace Mapper 4-3 What You Should Know...
... Write the System Configuration 3-12 Booting Manually 3-13 Booting a Specific Software Image 3-14 Controlling Environment Variables 3-15 Scheduling a Reload of the Software Image 3-16 Configuring a Scheduled Reload 3-17 Displaying Scheduled Reload Information 3-18 Configuring Cisco IOS CNS Agents 4-1 Understanding Cisco Configuration Engine Software 4-1 Configuration Service 4-2 Event Service 4-3 NameSpace Mapper 4-3 What You Should Know...
Configuration Guide
Page 6
... Agents 4-6 Enabling Automated CNS Configuration 4-6 Enabling the CNS Event Agent 4-8 Enabling the Cisco IOS CNS Agent 4-9 Enabling an Initial Configuration 4-9 Enabling a Partial Configuration 4-11 Displaying CNS Configuration 4-12 Managing Switch Stacks 5-1 Understanding Switch Stacks 5-1 Switch Stack Membership 5-3 Stack ... Through an SSH Session 5-16 Connectivity to the Switch Stack Through Console Ports 5-16 Connectivity to Specific Stack Members 5-17 Switch Stack Configuration Scenarios 5-17 Catalyst 3750 Switch Software Configuration Guide vi OL-8550-02
... Agents 4-6 Enabling Automated CNS Configuration 4-6 Enabling the CNS Event Agent 4-8 Enabling the Cisco IOS CNS Agent 4-9 Enabling an Initial Configuration 4-9 Enabling a Partial Configuration 4-11 Displaying CNS Configuration 4-12 Managing Switch Stacks 5-1 Understanding Switch Stacks 5-1 Switch Stack Membership 5-3 Stack ... Through an SSH Session 5-16 Connectivity to the Switch Stack Through Console Ports 5-16 Connectivity to Specific Stack Members 5-17 Switch Stack Configuration Scenarios 5-17 Catalyst 3750 Switch Software Configuration Guide vi OL-8550-02
Configuration Guide
Page 7
... SNMP Community Strings 6-14 Switch Clusters and Switch Stacks 6-15 TACACS+ and RADIUS 6-16 LRE Profiles 6-16 Using the CLI to Manage Switch Clusters 6-16 Catalyst 1900 and Catalyst 2820 CLI Considerations 6-17 Using SNMP to Manage Switch Clusters 6-17 OL-8550-02...
... SNMP Community Strings 6-14 Switch Clusters and Switch Stacks 6-15 TACACS+ and RADIUS 6-16 LRE Profiles 6-16 Using the CLI to Manage Switch Clusters 6-16 Catalyst 1900 and Catalyst 2820 CLI Considerations 6-17 Using SNMP to Manage Switch Clusters 6-17 OL-8550-02...
Configuration Guide
Page 8
... 7-22 Configuring MAC Address Notification Traps 7-22 Adding and Removing Static Address Entries 7-24 Configuring Unicast MAC Address Filtering 7-25 Displaying Address Table Entries 7-27 Catalyst 3750 Switch Software Configuration Guide viii OL-8550-02
... 7-22 Configuring MAC Address Notification Traps 7-22 Adding and Removing Static Address Entries 7-24 Configuring Unicast MAC Address Filtering 7-25 Displaying Address Table Entries 7-27 Catalyst 3750 Switch Software Configuration Guide viii OL-8550-02
Configuration Guide
Page 9
...9-6 Configuring Multiple Privilege Levels 9-7 Setting the Privilege Level for a Command 9-8 Changing the Default Privilege Level for Lines 9-9 Logging into and Exiting a Privilege Level 9-9 Controlling Switch Access with TACACS+ 9-10 Understanding TACACS+ 9-10 TACACS+ Operation 9-12 Configuring TACACS+ 9-12 Default TACACS+ Configuration 9-13 Identifying the TACACS+ Server Host and ... TACACS+ Authorization for Privileged EXEC Access and Network Services 9-16 Starting TACACS+ Accounting 9-17 Displaying the TACACS+ Configuration 9-17 OL-8550-02 Catalyst 3750 Switch Software Configuration Guide ix
...9-6 Configuring Multiple Privilege Levels 9-7 Setting the Privilege Level for a Command 9-8 Changing the Default Privilege Level for Lines 9-9 Logging into and Exiting a Privilege Level 9-9 Controlling Switch Access with TACACS+ 9-10 Understanding TACACS+ 9-10 TACACS+ Operation 9-12 Configuring TACACS+ 9-12 Default TACACS+ Configuration 9-13 Identifying the TACACS+ Server Host and ... TACACS+ Authorization for Privileged EXEC Access and Network Services 9-16 Starting TACACS+ Accounting 9-17 Displaying the TACACS+ Configuration 9-17 OL-8550-02 Catalyst 3750 Switch Software Configuration Guide ix
Configuration Guide
Page 10
... 9-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 9-31 Displaying the RADIUS Configuration 9-31 Controlling Switch Access with Kerberos 9-32 Understanding Kerberos 9-32 Kerberos Operation 9-34 Authenticating to a Boundary Switch ... and Authorization 9-36 Configuring the Switch for Secure Shell 9-37 Understanding SSH 9-38 SSH Servers, Integrated Clients, and Supported Versions 9-38 Limitations 9-39 Configuring SSH 9-39 Configuration Guidelines 9-39 Setting Up... Authority Trustpoints 9-42 CipherSuites 9-44 Catalyst 3750 Switch Software Configuration Guide x OL-8550-02
... 9-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 9-31 Displaying the RADIUS Configuration 9-31 Controlling Switch Access with Kerberos 9-32 Understanding Kerberos 9-32 Kerberos Operation 9-34 Authenticating to a Boundary Switch ... and Authorization 9-36 Configuring the Switch for Secure Shell 9-37 Understanding SSH 9-38 SSH Servers, Integrated Clients, and Supported Versions 9-38 Limitations 9-39 Configuring SSH 9-39 Configuration Guidelines 9-39 Setting Up... Authority Trustpoints 9-42 CipherSuites 9-44 Catalyst 3750 Switch Software Configuration Guide x OL-8550-02
Configuration Guide
Page 11
... IEEE 802.1x Authentication with Port Security 10-17 Using IEEE 802.1x Authentication with Wake-on-LAN 10-18 Using IEEE 802.1x Authentication with MAC Authentication Bypass 10-18 Using Network Admission Control Layer 2 IEEE 802.1x Validation 10-19 Using Multidomain Authentication 10-20 Using Web Authentication 10-21... 10-23 IEEE 802.1x Authentication 10-23 VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass 10-24 MAC Authentication Bypass 10-25 Catalyst 3750 Switch Software Configuration Guide xi
... IEEE 802.1x Authentication with Port Security 10-17 Using IEEE 802.1x Authentication with Wake-on-LAN 10-18 Using IEEE 802.1x Authentication with MAC Authentication Bypass 10-18 Using Network Admission Control Layer 2 IEEE 802.1x Validation 10-19 Using Multidomain Authentication 10-20 Using Web Authentication 10-21... 10-23 IEEE 802.1x Authentication 10-23 VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass 10-24 MAC Authentication Bypass 10-25 Catalyst 3750 Switch Software Configuration Guide xi
Configuration Guide
Page 12
...-6 Power over Ethernet Ports 11-6 Supported Protocols and Standards 11-7 Powered-Device Detection and Initial Power Allocation 11-7 Power Management Modes 11-8 Connecting Interfaces 11-9 Catalyst 3750 Switch Software Configuration Guide xii OL-8550-02
...-6 Power over Ethernet Ports 11-6 Supported Protocols and Standards 11-7 Powered-Device Detection and Initial Power Allocation 11-7 Power Management Modes 11-8 Connecting Interfaces 11-9 Catalyst 3750 Switch Software Configuration Guide xii OL-8550-02
Configuration Guide
Page 13
...17 Speed and Duplex Configuration Guidelines 11-17 Setting the Interface Speed and Duplex Parameters 11-18 Configuring IEEE 802.3x Flow Control 11-19 Configuring Auto-MDIX on an Interface 11-20 Configuring a Power Management Mode on a PoE Port 11-21 ... Macros 12-2 Default Smartports Macro Configuration 12-2 Smartports Macro Configuration Guidelines 12-3 Creating Smartports Macros 12-4 Applying Smartports Macros 12-5 Applying Cisco-Default Smartports Macros 12-6 Displaying Smartports Macros 12-8 Configuring VLANs 13-1 Understanding VLANs 13-1 Supported VLANs 13-2 VLAN Port Membership Modes...
...17 Speed and Duplex Configuration Guidelines 11-17 Setting the Interface Speed and Duplex Parameters 11-18 Configuring IEEE 802.3x Flow Control 11-19 Configuring Auto-MDIX on an Interface 11-20 Configuring a Power Management Mode on a PoE Port 11-21 ... Macros 12-2 Default Smartports Macro Configuration 12-2 Smartports Macro Configuration Guidelines 12-3 Creating Smartports Macros 12-4 Applying Smartports Macros 12-5 Applying Cisco-Default Smartports Macros 12-6 Displaying Smartports Macros 12-8 Configuring VLANs 13-1 Understanding VLANs 13-1 Supported VLANs 13-2 VLAN Port Membership Modes...
Configuration Guide
Page 14
... VMPS 13-28 Understanding VMPS 13-28 Dynamic-Access Port VLAN Membership 13-29 Default VMPS Client Configuration 13-29 VMPS Configuration Guidelines 13-29 Catalyst 3750 Switch Software Configuration Guide xiv OL-8550-02
... VMPS 13-28 Understanding VMPS 13-28 Dynamic-Access Port VLAN Membership 13-29 Default VMPS Client Configuration 13-29 VMPS Configuration Guidelines 13-29 Catalyst 3750 Switch Software Configuration Guide xiv OL-8550-02
Configuration Guide
Page 15
... Version 2 14-13 Enabling VTP Pruning 14-14 Adding a VTP Client Switch to a VTP Domain 14-14 Monitoring VTP 14-16 Contents OL-8550-02 Catalyst 3750 Switch Software Configuration Guide xv
... Version 2 14-13 Enabling VTP Pruning 14-14 Adding a VTP Client Switch to a VTP Domain 14-14 Monitoring VTP 14-16 Contents OL-8550-02 Catalyst 3750 Switch Software Configuration Guide xv
Configuration Guide
Page 16
... Phone Data Traffic 15-2 Configuring Voice VLAN 15-3 Default Voice VLAN Configuration 15-3 Voice VLAN Configuration Guidelines 15-3 Configuring a Port Connected to a Cisco 7960 IP Phone 15-4 Configuring Cisco IP Phone Voice Traffic 15-5 Configuring the Priority of Incoming Data Frames 15-6 Displaying Voice VLAN 15-6 Configuring Private VLANs 16-1 Understanding Private... a Layer 2 Interface as a Private-VLAN Promiscuous Port 16-13 Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface 16-14 Monitoring Private VLANs 16-15 Catalyst 3750 Switch Software Configuration Guide xvi OL-8550-02
... Phone Data Traffic 15-2 Configuring Voice VLAN 15-3 Default Voice VLAN Configuration 15-3 Voice VLAN Configuration Guidelines 15-3 Configuring a Port Connected to a Cisco 7960 IP Phone 15-4 Configuring Cisco IP Phone Voice Traffic 15-5 Configuring the Priority of Incoming Data Frames 15-6 Displaying Voice VLAN 15-6 Configuring Private VLANs 16-1 Understanding Private... a Layer 2 Interface as a Private-VLAN Promiscuous Port 16-13 Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface 16-14 Monitoring Private VLANs 16-15 Catalyst 3750 Switch Software Configuration Guide xvi OL-8550-02
Configuration Guide
Page 17
... Instances 18-10 Spanning-Tree Interoperability and Backward Compatibility 18-11 STP and IEEE 802.1Q Trunks 18-11 VLAN-Bridge Spanning Tree 18-11 Catalyst 3750 Switch Software Configuration Guide xvii
... Instances 18-10 Spanning-Tree Interoperability and Backward Compatibility 18-11 STP and IEEE 802.1Q Trunks 18-11 VLAN-Bridge Spanning Tree 18-11 Catalyst 3750 Switch Software Configuration Guide xvii
Configuration Guide
Page 18
... 802.1D STP 19-9 Understanding RSTP 19-9 Port Roles and the Active Topology 19-9 Rapid Convergence 19-10 Synchronization of Port Roles 19-11 xviii Catalyst 3750 Switch Software Configuration Guide OL-8550-02
... 802.1D STP 19-9 Understanding RSTP 19-9 Port Roles and the Active Topology 19-9 Rapid Convergence 19-10 Synchronization of Port Roles 19-11 xviii Catalyst 3750 Switch Software Configuration Guide OL-8550-02
Configuration Guide
Page 19
... Optional Spanning-Tree Features 20-11 Default Optional Spanning-Tree Configuration 20-12 Optional Spanning-Tree Configuration Guidelines 20-12 Enabling Port Fast 20-12 Catalyst 3750 Switch Software Configuration Guide xix
... Optional Spanning-Tree Features 20-11 Default Optional Spanning-Tree Configuration 20-12 Optional Spanning-Tree Configuration Guidelines 20-12 Enabling Port Fast 20-12 Catalyst 3750 Switch Software Configuration Guide xix
Configuration Guide
Page 20
... Features and IP Source Guard 22-1 Understanding DHCP Features 22-1 DHCP Server 22-2 DHCP Relay Agent 22-2 DHCP Snooping 22-2 Option-82 Data Insertion 22-3 Cisco IOS DHCP Server Database 22-6 DHCP Snooping Binding Database 22-7 DHCP Snooping and Switch Stacks 22-8 Configuring DHCP Features 22-8 Default DHCP Configuration 22-8 DHCP... Stacks 22-10 Configuring the DHCP Relay Agent 22-11 Specifying the Packet Forwarding Address 22-11 Enabling DHCP Snooping and Option 82 22-12 Catalyst 3750 Switch Software Configuration Guide xx OL-8550-02
... Features and IP Source Guard 22-1 Understanding DHCP Features 22-1 DHCP Server 22-2 DHCP Relay Agent 22-2 DHCP Snooping 22-2 Option-82 Data Insertion 22-3 Cisco IOS DHCP Server Database 22-6 DHCP Snooping Binding Database 22-7 DHCP Snooping and Switch Stacks 22-8 Configuring DHCP Features 22-8 Default DHCP Configuration 22-8 DHCP... Stacks 22-10 Configuring the DHCP Relay Agent 22-11 Specifying the Packet Forwarding Address 22-11 Enabling DHCP Snooping and Option 82 22-12 Catalyst 3750 Switch Software Configuration Guide xx OL-8550-02