Software Guide
Page 11
... A P T E R OL-6696-01 Default IGMP Snooping Configuration 18-4 Enabling IGMP Snooping 18-5 Configuring Learning Methods 18-6 Configuring a Multicast Router Port Statical 18-7 Enabling IGMP Immediate-Leave Processing 18-7 Configuring Explicit Host Tracking 18-8 Configuring a Host Statically 18-8 Suppressing Multicast Flooding 18-9 ... Querier Information 18-12 Displaying IGMP Host Membership Information 18-12 Displaying Group Information 18-13 Displaying Multicast Router Interfaces 18-14 Displaying MAC Address Multicast Entries 18-15 Displaying IGMP Snooping Information on a VLAN Interface 18...
... A P T E R OL-6696-01 Default IGMP Snooping Configuration 18-4 Enabling IGMP Snooping 18-5 Configuring Learning Methods 18-6 Configuring a Multicast Router Port Statical 18-7 Enabling IGMP Immediate-Leave Processing 18-7 Configuring Explicit Host Tracking 18-8 Configuring a Host Statically 18-8 Suppressing Multicast Flooding 18-9 ... Querier Information 18-12 Displaying IGMP Host Membership Information 18-12 Displaying Group Information 18-13 Displaying Multicast Router Interfaces 18-14 Displaying MAC Address Multicast Entries 18-15 Displaying IGMP Snooping Information on a VLAN Interface 18...
Software Guide
Page 17
...: One Switch Supports Dynamic ARP Inspection 34-9 Configuring Network Security with ACLs 35-1 Understanding ACLs 35-1 ACL Overview 35-2 Supported Features That Use ACLs 35-2 Router ACLs 35-3 Port ACLs 35-4 VLAN Maps 35-5 Hardware and Software ACL Support 35-5 TCAM Programming and ACLs 35-6 Layer 4 Operators in ACLs 35-7 Restrictions...
...: One Switch Supports Dynamic ARP Inspection 34-9 Configuring Network Security with ACLs 35-1 Understanding ACLs 35-1 ACL Overview 35-2 Supported Features That Use ACLs 35-2 Router ACLs 35-3 Port ACLs 35-4 VLAN Maps 35-5 Hardware and Software ACL Support 35-5 TCAM Programming and ACLs 35-6 Layer 4 Operators in ACLs 35-7 Restrictions...
Software Guide
Page 18
... VLAN Maps in Your Network 35-16 Displaying VLAN Access Map Information 35-19 Using VLAN Maps with Router ACLs 35-19 Guidelines for Using Router ACLs and VLAN Maps 35-20 Examples of Router ACLs and VLAN Maps Applied to VLANs 35-20 Configuring PACLs 35-22 Creating a PACL 35-22 PACL... 2 Interface 35-24 Applying ACLs to a Layer 2 Interface 35-25 Displaying an ACL Configuration on a Layer 2 Interface 35-25 Using PACL with VLAN Maps and Router ACLs 35-26 Configuring Private VLANs 36-1 Overview of PVLANs 36-1 PVLAN Trunks 36-2 PVLANs and VLAN ACL/QoS 36-2 How to Configure PVLANs 36...
... VLAN Maps in Your Network 35-16 Displaying VLAN Access Map Information 35-19 Using VLAN Maps with Router ACLs 35-19 Guidelines for Using Router ACLs and VLAN Maps 35-20 Examples of Router ACLs and VLAN Maps Applied to VLANs 35-20 Configuring PACLs 35-22 Creating a PACL 35-22 PACL... 2 Interface 35-24 Applying ACLs to a Layer 2 Interface 35-25 Displaying an ACL Configuration on a Layer 2 Interface 35-25 Using PACL with VLAN Maps and Router ACLs 35-26 Configuring Private VLANs 36-1 Overview of PVLANs 36-1 PVLAN Trunks 36-2 PVLANs and VLAN ACL/QoS 36-2 How to Configure PVLANs 36...
Software Guide
Page 20
...40-7 Exporting NetFlow Statistics 40-8 Managing NetFlow Statistics Collection 40-8 Configuring an Aggregation Cache 40-8 Configuring a NetFlow Minimum Prefix Mask for Router-Based Aggregation 40-9 Configuring NetFlow Aging Parameters 40-11 NetFlow Statistics Collection Configuration Example 40-11 NetFlow Configuration Examples 40-13 Sample NetFlow Enabling... Schemes 40-13 Sample NetFlow Aggregation Configurations 40-13 Sample NetFlow Minimum Prefix Mask Router-Based Aggregation Schemes 40-14 Acronyms A-1 Software Configuration Guide-Release 12.2(25)EW xx OL-6696-01
...40-7 Exporting NetFlow Statistics 40-8 Managing NetFlow Statistics Collection 40-8 Configuring an Aggregation Cache 40-8 Configuring a NetFlow Minimum Prefix Mask for Router-Based Aggregation 40-9 Configuring NetFlow Aging Parameters 40-11 NetFlow Statistics Collection Configuration Example 40-11 NetFlow Configuration Examples 40-13 Sample NetFlow Enabling... Schemes 40-13 Sample NetFlow Aggregation Configurations 40-13 Sample NetFlow Minimum Prefix Mask Router-Based Aggregation Schemes 40-14 Acronyms A-1 Software Configuration Guide-Release 12.2(25)EW xx OL-6696-01
Software Guide
Page 30
...If the amount of a DHCP server. and protocol-independent. Each device configured for all Cisco products, including routers, switches, bridges, and access servers. CDP enables Cisco switches and routers to prevent LANs from outside the network or firewall that enters the tunnel is encapsulated with ... measures how much broadcast traffic is passing through a port and compares the broadcast traffic with the tunnel VLAN ID. CDP The Cisco Discovery Protocol (CDP) is a device-discovery protocol that is a component of broadcast traffic reaches the threshold during this interval, ...
...If the amount of a DHCP server. and protocol-independent. Each device configured for all Cisco products, including routers, switches, bridges, and access servers. CDP enables Cisco switches and routers to prevent LANs from outside the network or firewall that enters the tunnel is encapsulated with ... measures how much broadcast traffic is passing through a port and compares the broadcast traffic with the tunnel VLAN ID. CDP The Cisco Discovery Protocol (CDP) is a device-discovery protocol that is a component of broadcast traffic reaches the threshold during this interval, ...
Software Guide
Page 33
VLANs A VLAN configures switches and routers according to the port. For more information about private VLANs, see Chapter 11, "Configuring Dynamic VLAN Membership." The following VLAN-related features are also supported. ...
VLANs A VLAN configures switches and routers according to the port. For more information about private VLANs, see Chapter 11, "Configuring Dynamic VLAN Membership." The following VLAN-related features are also supported. ...
Software Guide
Page 34
...instead of any part of a network, it provides both wirespeed Ethernet routing and switching services. Compared to a new router when their selected router reloads or loses power. CEF optimizes network performance and scalability in any single Layer 3 switch. This feature is particularly ...useful for high-performance, highly resilient Layer 3 IP-backbone switching. For information on configuring HSRP, refer to the following URL: http://www.cisco...
...instead of any part of a network, it provides both wirespeed Ethernet routing and switching services. Compared to a new router when their selected router reloads or loses power. CEF optimizes network performance and scalability in any single Layer 3 switch. This feature is particularly ...useful for high-performance, highly resilient Layer 3 IP-backbone switching. For information on configuring HSRP, refer to the following URL: http://www.cisco...
Software Guide
Page 35
...maintain a full topology map of a network. Areas allow an additional level of bandwidth, and slow convergence. The Intermediate System-to each router to all possible destinations. Chapter 1 Product Overview Layer 3 Software Features RIP OSPF IS-IS • IGRP • EIGRP •..., which is a link-state routing protocol, it has many limitations, such as backbone for large networks. Intermediate Systems (or routers) are supported. Only Ethernet frames are classified as a Level 1 intermediate systems. Level 2 intermediate systems move traffic between different routing...
...maintain a full topology map of a network. Areas allow an additional level of bandwidth, and slow convergence. The Intermediate System-to each router to all possible destinations. Chapter 1 Product Overview Layer 3 Software Features RIP OSPF IS-IS • IGRP • EIGRP •..., which is a link-state routing protocol, it has many limitations, such as backbone for large networks. Intermediate Systems (or routers) are supported. Only Ethernet frames are classified as a Level 1 intermediate systems. Level 2 intermediate systems move traffic between different routing...
Software Guide
Page 36
..., EIGRP, and RIP. BGP The Border Gateway Protocol (BGP) is an exterior gateway protocol that information has passed through the network, routers can calculate distances to route Internetwork Packet Exchange (IPX) packets. If such a route exists in the Cisco IOS IP and IP Routing Configuration Guide at the following URL: http://www...
..., EIGRP, and RIP. BGP The Border Gateway Protocol (BGP) is an exterior gateway protocol that information has passed through the network, routers can calculate distances to route Internetwork Packet Exchange (IPX) packets. If such a route exists in the Cisco IOS IP and IP Routing Configuration Guide at the following URL: http://www...
Software Guide
Page 37
... routing table to -multicast group associations. MAC access control lists (MACLs) and VLAN access control lists (VACLs) are supported: • Cisco Group Management Protocol (CGMP) server-CGMP server manages multicast traffic. Chapter 1 Product Overview Layer 3 Software Features Multicast Services Multicast services save ...only when necessary and by controlling whether routed packets are also known as VLAN maps in the presence of IGMPv3 hosts or routers. Multicast traffic is an extension to gather statistics about all IGMPv3 group members. For information on a switch for IGMPv3 ...
... routing table to -multicast group associations. MAC access control lists (MACLs) and VLAN access control lists (VACLs) are supported: • Cisco Group Management Protocol (CGMP) server-CGMP server manages multicast traffic. Chapter 1 Product Overview Layer 3 Software Features Multicast Services Multicast services save ...only when necessary and by controlling whether routed packets are also known as VLAN maps in the presence of IGMPv3 hosts or routers. Multicast traffic is an extension to gather statistics about all IGMPv3 group members. For information on a switch for IGMPv3 ...
Software Guide
Page 41
...13 debug platform For more secondary DHCP servers defined by the network administrator. If the Cisco IOS DHCP server cannot satisfy a DHCP request from specified address pools within the router to DHCP clients. Chapter 1 Product Overview Management and Security Features For information on ...configuring the DHCP server, refer to the following URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft...
...13 debug platform For more secondary DHCP servers defined by the network administrator. If the Cisco IOS DHCP server cannot satisfy a DHCP request from specified address pools within the router to DHCP clients. Chapter 1 Product Overview Management and Security Features For information on ...configuring the DHCP server, refer to the following URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft...
Software Guide
Page 52
... server name (or IP address) are not found, the switch might send broadcast, instead of other lease options does not impact autoconfiguration. A router does not forward broadcast packets, but it forwards packets based on the destination IP address in the reply, the switch is the current hostname of... the switch and router-confg and ciscortr.cfg. The TFTP server addresses used include the specified TFTP server address (if any ) and the following files: network-confg...
... server name (or IP address) are not found, the switch might send broadcast, instead of other lease options does not impact autoconfiguration. A router does not forward broadcast packets, but it forwards packets based on the destination IP address in the reply, the switch is the current hostname of... the switch and router-confg and ciscortr.cfg. The TFTP server addresses used include the specified TFTP server address (if any ) and the following files: network-confg...
Software Guide
Page 53
...actual switch configuration file). • The network-confg or the cisconet.cfg file (known as the default configuration files). • The router-confg or the ciscortr.cfg file. (These files contain commands common to successfully download a configuration file, the TFTP server must configure a ... broadcast packets to an IP address. If the relay device is to access it is on page 3-5. The preferred solution is a Cisco router, enable IP routing (ip routing global configuration command), and configure helper addresses (ip helper-address interface configuration command). The files can ...
...actual switch configuration file). • The network-confg or the cisconet.cfg file (known as the default configuration files). • The router-confg or the ciscortr.cfg file. (These files contain commands common to successfully download a configuration file, the TFTP server must configure a ... broadcast packets to an IP address. If the relay device is to access it is on page 3-5. The preferred solution is a Cisco router, enable IP routing (ip routing global configuration command), and configure helper addresses (ip helper-address interface configuration command). The files can ...
Software Guide
Page 54
... running on your switch. Configuring DHCP-Based Autoconfiguration Chapter 3 Configuring the Switch for the First Time Figure 3-2 Relay Device Used in Autoconfiguration Switch (DHCP client) Cisco router (Relay) 10.0.0.1 10.0.0.2 20.0.0.1 20.0.0.2 20.0.0.3 20.0.0.4 49068 DHCP server TFTP server DNS server Obtaining Configuration Files Depending on the availability of the IP address...
... running on your switch. Configuring DHCP-Based Autoconfiguration Chapter 3 Configuring the Switch for the First Time Figure 3-2 Relay Device Used in Autoconfiguration Switch (DHCP client) Cisco router (Relay) 10.0.0.1 10.0.0.2 20.0.0.1 20.0.0.2 20.0.0.3 20.0.0.4 49068 DHCP server TFTP server DNS server Obtaining Configuration Files Depending on the availability of the IP address...
Software Guide
Page 55
...-Based Autoconfiguration Network Example Switch 1 Switch 2 Switch 3 Switch 4 00e0.9f1e.2001 00e0.9f1e.2002 00e0.9f1e.2003 00e0.9f1e.2004 Cisco router 10.0.0.10 10.0.0.1 10.0.0.2 10.0.0.3 49066 DHCP server DNS server TFTP server (maritsu) Table 3-2 shows the configuration of these conditions is...server name cannot be resolved to an IP address. Table 3-2 DHCP Server Configuration Binding key (hardware address) IP address Subnet mask Router address DNS server address TFTP server name Boot filename (configuration file) (optional) Host name (optional) Switch 1 00e0.9f1e.2001 ...
...-Based Autoconfiguration Network Example Switch 1 Switch 2 Switch 3 Switch 4 00e0.9f1e.2001 00e0.9f1e.2002 00e0.9f1e.2003 00e0.9f1e.2004 Cisco router 10.0.0.10 10.0.0.1 10.0.0.2 10.0.0.3 49066 DHCP server DNS server TFTP server (maritsu) Table 3-2 shows the configuration of these conditions is...server name cannot be resolved to an IP address. Table 3-2 DHCP Server Configuration Binding key (hardware address) IP address Subnet mask Router address DNS server address TFTP server name Boot filename (configuration file) (optional) Host name (optional) Switch 1 00e0.9f1e.2001 ...
Software Guide
Page 59
... ICMP redirect cache is empty Switch# Last Use Total Uses Interface Configuring a Static Route If your Telnet station or SNMP network management workstation is on a router that the default gateway is not configured with a routing protocol. line con 0 exec-timeout 0 0 transport input none line vty 0 4 exec-timeout 0 0 password lab login transport...
... ICMP redirect cache is empty Switch# Last Use Total Uses Interface Configuring a Static Route If your Telnet station or SNMP network management workstation is on a router that the default gateway is not configured with a routing protocol. line con 0 exec-timeout 0 0 transport input none line vty 0 4 exec-timeout 0 0 password lab login transport...
Software Guide
Page 60
... 172.20.3.35 Switch(config)# end Switch# This example shows how to use the show running-config command to confirm the configuration of the forwarding router: Switch# configure terminal Enter configuration commands, one per line. end Switch# This example shows how to use the show running-config command to confirm the...
... 172.20.3.35 Switch(config)# end Switch# This example shows how to use the show running-config command to confirm the configuration of the forwarding router: Switch# configure terminal Enter configuration commands, one per line. end Switch# This example shows how to use the show running-config command to confirm the...
Software Guide
Page 63
.../index.htm To set the TACACS+ protocol to determine whether or not a user can increase access security by configuring the Cisco IOS software to log in the configuration file. Encryption prevents the password from an attempt to encrypt passwords. If you use ....RADIUS, refer to the TACACS+ server. Setting TACACS+ Password Protection for Privileged EXEC Mode For complete information about protocol translator and router use extended TACACS, another extension to the older TACACS protocol that provides additional functionality, it also passes any existing UNIX user identification ...
.../index.htm To set the TACACS+ protocol to determine whether or not a user can increase access security by configuring the Cisco IOS software to log in the configuration file. Encryption prevents the password from an attempt to encrypt passwords. If you use ....RADIUS, refer to the TACACS+ server. Setting TACACS+ Password Protection for Privileged EXEC Mode For complete information about protocol translator and router use extended TACACS, another extension to the older TACACS protocol that provides additional functionality, it also passes any existing UNIX user identification ...
Software Guide
Page 93
... user session on the switch. If you attempt to ping a host in a different IP subnetwork, you must define a static route to the network or configure a router to disconnect an active console port session and an active Telnet session: Switch> disconnect console Console session disconnected. Chapter 5 Checking Port Status and Connectivity Using...
... user session on the switch. If you attempt to ping a host in a different IP subnetwork, you must define a static route to the network or configure a router to disconnect an active console port session and an active Telnet session: Switch> disconnect console Console session disconnected. Chapter 5 Checking Port Status and Connectivity Using...
Software Guide
Page 95
... or destination of 1, discards the datagram, and returns the Time-Exceeded message to the source. The second router sees a TTL value of the trace command but will not appear as routers, that the destination has been reached. OL-6696-01 Software Configuration Guide-Release 12.2(25)EW 5-7 The... command output displays all network layer (Layer 3) devices, such as a hop in the IP header to cause routers and servers to generate specific return messages. Traceroute starts by -hop basis. This process continues until the TTL is incremented to a value large enough...
... or destination of 1, discards the datagram, and returns the Time-Exceeded message to the source. The second router sees a TTL value of the trace command but will not appear as routers, that the destination has been reached. OL-6696-01 Software Configuration Guide-Release 12.2(25)EW 5-7 The... command output displays all network layer (Layer 3) devices, such as a hop in the IP header to cause routers and servers to generate specific return messages. Traceroute starts by -hop basis. This process continues until the TTL is incremented to a value large enough...