Software Guide
Page 5
... 3-14 Setting TACACS+ Password Protection for Privileged EXEC Mode 3-15 Encrypting Passwords 3-15 Configuring Multiple Privilege Levels 3-16 Recovering a Lost Enable Password 3-18 Modifying the Supervisor Engine Startup Configuration 3-18 Understanding the Supervisor Engine Boot Configuration...Monitoring Interface and Controller Status 4-13 Clearing and Resetting the Interface 4-14 Shutting Down and Restarting an Interface 4-14 Checking Port Status and Connectivity 5-1 Checking Module Status 5-1 Checking Interfaces Status 5-2 Checking MAC Addresses 5-3 Using Telnet 5-3 Changing the Logout...
... 3-14 Setting TACACS+ Password Protection for Privileged EXEC Mode 3-15 Encrypting Passwords 3-15 Configuring Multiple Privilege Levels 3-16 Recovering a Lost Enable Password 3-18 Modifying the Supervisor Engine Startup Configuration 3-18 Understanding the Supervisor Engine Boot Configuration...Monitoring Interface and Controller Status 4-13 Clearing and Resetting the Interface 4-14 Shutting Down and Restarting an Interface 4-14 Checking Port Status and Connectivity 5-1 Checking Module Status 5-1 Checking Interfaces Status 5-2 Checking MAC Addresses 5-3 Using Telnet 5-3 Changing the Logout...
Software Guide
Page 9
15 C H A P T E R STP Timers 14-4 Creating the STP Topology 14-4 STP Port States 14-5 MAC Address Allocation 14-5 STP and IEEE 802.1Q Trunks 14-6 Per-VLAN Rapid Spanning Tree 14-6 Default STP Configuration 14-6 Configuring STP ... Extended System ID 14-8 Configuring the Root Bridge 14-9 Configuring a Secondary Root Switch 14-12 Configuring STP Port Priority 14-13 Configuring STP Port Cost 14-15 Configuring the Bridge Priority of a VLAN 14-16 Configuring the Hello Time 14-17 Configuring the Maximum Aging Time for a VLAN 14-18 Configuring the Forward...
15 C H A P T E R STP Timers 14-4 Creating the STP Topology 14-4 STP Port States 14-5 MAC Address Allocation 14-5 STP and IEEE 802.1Q Trunks 14-6 Per-VLAN Rapid Spanning Tree 14-6 Default STP Configuration 14-6 Configuring STP ... Extended System ID 14-8 Configuring the Root Bridge 14-9 Configuring a Secondary Root Switch 14-12 Configuring STP Port Priority 14-13 Configuring STP Port Cost 14-15 Configuring the Bridge Priority of a VLAN 14-16 Configuring the Hello Time 14-17 Configuring the Maximum Aging Time for a VLAN 14-18 Configuring the Forward...
Software Guide
Page 10
...-to-SST Interoperability 16-4 Common Spanning Tree 16-5 MST Instances 16-5 MST Configuration Parameters 16-5 MST Regions 16-6 Message Age and Hop Count 16-7 MST-to-PVST+ Interoperability 16-8 MST Configuration Restrictions and Guidelines 16-8 Configuring MST 16-9 Enabling MST 16-9 Configuring MST Instance Parameters 16-11 Configuring MST Instance Port Parameters 16-12 Restarting Protocol Migration 16-12 Displaying MST Configurations 16-13 Understanding...
...-to-SST Interoperability 16-4 Common Spanning Tree 16-5 MST Instances 16-5 MST Configuration Parameters 16-5 MST Regions 16-6 Message Age and Hop Count 16-7 MST-to-PVST+ Interoperability 16-8 MST Configuration Restrictions and Guidelines 16-8 Configuring MST 16-9 Enabling MST 16-9 Configuring MST Instance Parameters 16-11 Configuring MST Instance Port Parameters 16-12 Restarting Protocol Migration 16-12 Displaying MST Configurations 16-13 Understanding...
Software Guide
Page 11
...Displaying MAC Address Multicast Entries 18-15 Displaying IGMP Snooping Information on a VLAN Interface 18-15 Configuring IGMP Filtering 18-16 Default IGMP Filtering Configuration 18-17 Configuring IGMP Profiles 18-17 Applying IGMP Profiles 18-18 Setting the Maximum Number of...Configuring 802.1Q Tunneling 19-4 802.1Q Tunneling Configuration Guidelines 19-4 802.1Q Tunneling and Other Features 19-5 Configuring an 802.1Q Tunneling Port 19-6 Understanding Layer 2 Protocol Tunneling 19-7 Configuring Layer 2 Protocol Tunneling 19-9 Default Layer 2 Protocol Tunneling Configuration 19-9 Layer 2 Protocol...
...Displaying MAC Address Multicast Entries 18-15 Displaying IGMP Snooping Information on a VLAN Interface 18-15 Configuring IGMP Filtering 18-16 Default IGMP Filtering Configuration 18-17 Configuring IGMP Profiles 18-17 Applying IGMP Profiles 18-18 Setting the Maximum Number of...Configuring 802.1Q Tunneling 19-4 802.1Q Tunneling Configuration Guidelines 19-4 802.1Q Tunneling and Other Features 19-5 Configuring an 802.1Q Tunneling Port 19-6 Understanding Layer 2 Protocol Tunneling 19-7 Configuring Layer 2 Protocol Tunneling 19-9 Default Layer 2 Protocol Tunneling Configuration 19-9 Layer 2 Protocol...
Software Guide
Page 15
...13 Queueing and Scheduling 29-13 Packet Modification 29-15 QoS and Software Processed Packets 29-15 Configuring Auto-QoS 29-16 Generated Auto-QoS Configuration 29-16 Effects of Auto-QoS on the Configuration 29-17 Configuration Guidelines 29-17 Enabling Auto-QoS for VoIP 29-18 ... Queues 29-43 Configuring DSCP Maps 29-45 Configuring Voice Interfaces 30-1 Overview of Voice Interfaces 30-1 Configuring a Port to Connect to a Cisco 7690 IP Phone 30-2 Configuring Voice Ports for Voice and Data Traffic 30-2 Overriding the CoS Priority of Incoming Frames 30-3 Configuring Inline Power 30-4 Understanding...
...13 Queueing and Scheduling 29-13 Packet Modification 29-15 QoS and Software Processed Packets 29-15 Configuring Auto-QoS 29-16 Generated Auto-QoS Configuration 29-16 Effects of Auto-QoS on the Configuration 29-17 Configuration Guidelines 29-17 Enabling Auto-QoS for VoIP 29-18 ... Queues 29-43 Configuring DSCP Maps 29-45 Configuring Voice Interfaces 30-1 Overview of Voice Interfaces 30-1 Configuring a Port to Connect to a Cisco 7690 IP Phone 30-2 Configuring Voice Ports for Voice and Data Traffic 30-2 Overriding the CoS Priority of Incoming Frames 30-3 Configuring Inline Power 30-4 Understanding...
Software Guide
Page 16
...Voice VLAN Ports 31-10 Supported Topologies 31-10 How to Configure 802.1X 31-11 Default 802.1X Configuration 31-12 802.1X Configuration Guidelines 31-13 Enabling 802.1X Authentication 31-13 Configuring Switch-to-RADIUS-Server Communication 31-15 Enabling 802.1X Accounting 31-16 Configuring 802....1X with Guest VLANs 31-17 Configuring 802.1X with Voice VLAN 31-18 Enabling Periodic Reauthentication 31-18 Manually Reauthenticating a Client Connected to a Port 31-19 Changing the Quiet Period 31-19 Changing the Switch...
...Voice VLAN Ports 31-10 Supported Topologies 31-10 How to Configure 802.1X 31-11 Default 802.1X Configuration 31-12 802.1X Configuration Guidelines 31-13 Enabling 802.1X Authentication 31-13 Configuring Switch-to-RADIUS-Server Communication 31-15 Enabling 802.1X Accounting 31-16 Configuring 802....1X with Guest VLANs 31-17 Configuring 802.1X with Voice VLAN 31-18 Enabling Periodic Reauthentication 31-18 Manually Reauthenticating a Client Connected to a Port 31-19 Changing the Quiet Period 31-19 Changing the Switch...
Software Guide
Page 18
... Configuration Guidelines 35-13 Creating and Deleting VLAN Maps 35-13 Applying a VLAN Map to a VLAN 35-16 Using VLAN Maps in Your Network 35-16 Displaying VLAN Access Map Information 35-19 Using VLAN Maps with Router ACLs 35-19 Guidelines for Using Router... Primary VLAN 36-6 Configuring a Layer 2 Interface as a PVLAN Promiscuous Port 36-7 Configuring a Layer 2 Interface as a PVLAN Host Port 36-8 Configuring a Layer 2 Interface as a PVLAN Trunk Port 36-9 Permitting Routing of Secondary VLAN Ingress Traffic 36-11 Port Unicast and Multicast Flood Blocking 37-1 Overview of Flood Blocking 37-1 xviii...
... Configuration Guidelines 35-13 Creating and Deleting VLAN Maps 35-13 Applying a VLAN Map to a VLAN 35-16 Using VLAN Maps in Your Network 35-16 Displaying VLAN Access Map Information 35-19 Using VLAN Maps with Router ACLs 35-19 Guidelines for Using Router... Primary VLAN 36-6 Configuring a Layer 2 Interface as a PVLAN Promiscuous Port 36-7 Configuring a Layer 2 Interface as a PVLAN Host Port 36-8 Configuring a Layer 2 Interface as a PVLAN Trunk Port 36-9 Permitting Routing of Secondary VLAN Ingress Traffic 36-11 Port Unicast and Multicast Flood Blocking 37-1 Overview of Flood Blocking 37-1 xviii...
Software Guide
Page 19
... 39-8 Configuring SPAN Destinations 39-9 Monitoring Source VLANs on a Trunk Interface 39-9 Configuration Scenario 39-10 Verifying a SPAN Configuration 39-10 CPU Port Sniffing 39-10 Encapsulation Configuration 39-12 Ingress Packets 39-12 Access List Filtering 39-13 ACL Configuration Guidelines 39-13 Configuring Access List Filtering... 39-14 Packet Type Filtering 39-14 Configuration Example 39-15 Configuring RSPAN 39-16 RSPAN Configuration Guidelines 39-16 Creating an RSPAN Session 39-17 Software Configuration Guide-Release 12.2(25)EW xix
... 39-8 Configuring SPAN Destinations 39-9 Monitoring Source VLANs on a Trunk Interface 39-9 Configuration Scenario 39-10 Verifying a SPAN Configuration 39-10 CPU Port Sniffing 39-10 Encapsulation Configuration 39-12 Ingress Packets 39-12 Access List Filtering 39-13 ACL Configuration Guidelines 39-13 Configuring Access List Filtering... 39-14 Packet Type Filtering 39-14 Configuration Example 39-15 Configuring RSPAN 39-16 RSPAN Configuration Guidelines 39-16 Creating an RSPAN Session 39-17 Software Configuration Guide-Release 12.2(25)EW xix
Software Guide
Page 22
... 10 Chapter 11 Chapter 12 Chapter 13 Chapter 14 Chapter 15 Chapter 16 Chapter 17 Chapter 18 Chapter 19 Chapter 20 Chapter 21 Chapter 22 ...to configure 802.1Q and Layer 2 Protocol Tunneling protocol Tunneling Understanding and Configuring Describes how to configure the Cisco Discovery CDP Protocol (CDP) Configuring UDLD Describes how to configure the UniDirectional Link Detection (UDLD) protocol Configuring...QoS) Configuring Voice Interfaces Describes how to configure multi-VLAN access ports for use with Cisco IP phones Software Configuration Guide-Release 12.2(25)EW xxii OL-6696-01
... 10 Chapter 11 Chapter 12 Chapter 13 Chapter 14 Chapter 15 Chapter 16 Chapter 17 Chapter 18 Chapter 19 Chapter 20 Chapter 21 Chapter 22 ...to configure 802.1Q and Layer 2 Protocol Tunneling protocol Tunneling Understanding and Configuring Describes how to configure the Cisco Discovery CDP Protocol (CDP) Configuring UDLD Describes how to configure the UniDirectional Link Detection (UDLD) protocol Configuring...QoS) Configuring Voice Interfaces Describes how to configure multi-VLAN access ports for use with Cisco IP phones Software Configuration Guide-Release 12.2(25)EW xxii OL-6696-01
Software Guide
Page 32
... links using uplink groups. The Catalyst 4500 series switch supports the following STP enhancements: • Spanning tree PortFast-PortFast allows a port with respect to become a root switch. You can group and associate VLANs to the forwarding state directly, bypassing the listening and ...that experiences an indirect link failure. • Spanning tree root guard-Root guard forces a port to STP mode and runs RSTP protocol based on configuring STP, see Chapter 16, "Understanding and Configuring Multiple Spanning Trees." For information on 802.1w. Network fault tolerance...
... links using uplink groups. The Catalyst 4500 series switch supports the following STP enhancements: • Spanning tree PortFast-PortFast allows a port with respect to become a root switch. You can group and associate VLANs to the forwarding state directly, bypassing the listening and ...that experiences an indirect link failure. • Spanning tree root guard-Root guard forces a port to STP mode and runs RSTP protocol based on configuring STP, see Chapter 16, "Understanding and Configuring Multiple Spanning Trees." For information on 802.1w. Network fault tolerance...
Software Guide
Page 92
...display the currently active user sessions on the switch using the show users [all active console port and Telnet sessions on the switch, perform this task in privileged EXEC mode: Command Switch# show... users command. Changing the Logout Timer Chapter 5 Checking Port Status and Connectivity To establish a Telnet connection to another device on the switch. To display ...logout timer, perform this task: Command Switch# telnet host [port] Purpose Opens a Telnet session to the remote host named labsparc: Switch# telnet labsparc Trying 172...
...display the currently active user sessions on the switch using the show users [all active console port and Telnet sessions on the switch, perform this task in privileged EXEC mode: Command Switch# show... users command. Changing the Logout Timer Chapter 5 Checking Port Status and Connectivity To establish a Telnet connection to another device on the switch. To display ...logout timer, perform this task: Command Switch# telnet host [port] Purpose Opens a Telnet session to the remote host named labsparc: Switch# telnet labsparc Trying 172...
Software Guide
Page 94
...is configurable from the switch, perform this task: Command Switch# ping host Purpose Checks connectivity to a remote host. Using Ping Chapter 5 Checking Port Status and Connectivity The ping command is returned. This example shows how to ping a remote host from normal executive mode: Switch# ping labsparc labsparc... is alive Switch> ping 72.16.10.3 12.16.10.3 is alive Switch# This example shows how to enter a ping command in privileged EXEC mode specifying the number of packets, the...
...is configurable from the switch, perform this task: Command Switch# ping host Purpose Checks connectivity to a remote host. Using Ping Chapter 5 Checking Port Status and Connectivity The ping command is returned. This example shows how to ping a remote host from normal executive mode: Switch# ping labsparc labsparc... is alive Switch> ping 72.16.10.3 12.16.10.3 is alive Switch# This example shows how to enter a ping command in privileged EXEC mode specifying the number of packets, the...
Software Guide
Page 96
... in the physical path are the Layer 2 traceroute usage guidelines: • CDP must have IP connectivity. Using Layer 2 Traceroute Chapter 5 Checking Port Status and Connectivity This example shows use the Layer 2 traceroute feature: • Understanding Layer 2 Traceroute, page 5-8 • Layer 2 Traceroute Usage... Type escape sequence to the destination device. Tracing the route to ABA.NYC.mil (26.0.0.73) 1 DEBRIS.CISCO.COM (192.180.1.6) 1000 msec 8 msec 4 msec 2 BARRNET-GW.CISCO.COM (192.180.16.2) 8 msec 8 msec 8 msec 3 EXTERNAL-A-GATEWAY.STANFORD.EDU (192.42.110.225) 8 msec 4 ...
... in the physical path are the Layer 2 traceroute usage guidelines: • CDP must have IP connectivity. Using Layer 2 Traceroute Chapter 5 Checking Port Status and Connectivity This example shows use the Layer 2 traceroute feature: • Understanding Layer 2 Traceroute, page 5-8 • Layer 2 Traceroute Usage... Type escape sequence to the destination device. Tracing the route to ABA.NYC.mil (26.0.0.73) 1 DEBRIS.CISCO.COM (192.180.1.6) 1000 msec 8 msec 4 msec 2 BARRNET-GW.CISCO.COM (192.180.16.2) 8 msec 8 msec 8 msec 3 EXTERNAL-A-GATEWAY.STANFORD.EDU (192.42.110.225) 8 msec 4 ...
Software Guide
Page 155
... chassis, with color-coded modules and ports, and monitoring capabilities that can be embedded on the cluster command switch. The command mode changes and the Cisco IOS commands operate as on page 2-2....CISCO-CLUSTER_MIB is a web-based interface that the required security privileges have been granted. These sections describe the Embedded CiscoView support available with Release 12.1(20)EW and later releases: • Understanding Embedded CiscoView, page 9-13 • Installing and Configuring Embedded CiscoView, page 9-14 • Displaying Embedded CiscoView Information, page 9-16...
... chassis, with color-coded modules and ports, and monitoring capabilities that can be embedded on the cluster command switch. The command mode changes and the Cisco IOS commands operate as on page 2-2....CISCO-CLUSTER_MIB is a web-based interface that the required security privileges have been granted. These sections describe the Embedded CiscoView support available with Release 12.1(20)EW and later releases: • Understanding Embedded CiscoView, page 9-13 • Installing and Configuring Embedded CiscoView, page 9-14 • Displaying Embedded CiscoView Information, page 9-16...
Software Guide
Page 198
... uses the VLAN ID as part of the bridge ID (see Table 14-2). See the "Enabling the Extended System ID" section on page 14-16. When two ports on each network device has a unique 64-bit bridge ID consisting of a bridge priority value, an extended system ID, and an STP MAC...later releases support a 12-bit extended system ID field as the extended system ID. If a network segment in the blocking state. The spanning tree port priority value represents the location of an interface in a spanning tree. Table 14-1 Bridge Priority Value with the Extended System ID Disabled Bridge Priority Value...
... uses the VLAN ID as part of the bridge ID (see Table 14-2). See the "Enabling the Extended System ID" section on page 14-16. When two ports on each network device has a unique 64-bit bridge ID consisting of a bridge priority value, an extended system ID, and an STP MAC...later releases support a 12-bit extended system ID field as the extended system ID. If a network segment in the blocking state. The spanning tree port priority value represents the location of an interface in a spanning tree. Table 14-1 Bridge Priority Value with the Extended System ID Disabled Bridge Priority Value...
Software Guide
Page 203
The switch maintains a separate instance of a VLAN, page 14-16 • Configuring the Hello Time, page 14-17 • Configuring the Maximum Aging Time for a VLAN, page 14-18 • Configuring the Forward-Delay Time ... on VLANs on which you have disabled a spanning tree). You can enable a spanning tree on a per -VLAN basis-used on interfaces configured as Layer 2 trunk ports) Hello time Forward delay time Maximum aging time Default Value • 10-Gigabit Ethernet: 2 • Gigabit Ethernet: 4 • Fast Ethernet: 19 2 sec 15 sec 20...
The switch maintains a separate instance of a VLAN, page 14-16 • Configuring the Hello Time, page 14-17 • Configuring the Maximum Aging Time for a VLAN, page 14-18 • Configuring the Forward-Delay Time ... on VLANs on which you have disabled a spanning tree). You can enable a spanning tree on a per -VLAN basis-used on interfaces configured as Layer 2 trunk ports) Hello time Forward delay time Maximum aging time Default Value • 10-Gigabit Ethernet: 2 • Gigabit Ethernet: 4 • Fast Ethernet: 19 2 sec 15 sec 20...
Software Guide
Page 209
... it is 128). Note The Cisco IOS software uses the port priority value when the interface is configured as an access port and uses VLAN port priority values when the interface is configured as an access port: Switch# show spanning-tree vlan...Step 5 Command Switch(config)# interface {{fastethernet | gigabitethernet | tengigabitethernet} slot/port} | {port-channel port_channel_number} Switch(config-if)# [no] spanning-tree port-priority port_priority Switch(config-if)# [no keyword to 240, in increments of 16. The port_priority value can be from 0 to restore the defaults. The ...
... it is 128). Note The Cisco IOS software uses the port priority value when the interface is configured as an access port and uses VLAN port priority values when the interface is configured as an access port: Switch# show spanning-tree vlan...Step 5 Command Switch(config)# interface {{fastethernet | gigabitethernet | tengigabitethernet} slot/port} | {port-channel port_channel_number} Switch(config-if)# [no] spanning-tree port-priority port_priority Switch(config-if)# [no keyword to 240, in increments of 16. The port_priority value can be from 0 to restore the defaults. The ...
Software Guide
Page 212
...the spanning-tree vlan vlan_ID root primary and the spanning-tree vlan vlan_ID root secondary commands to modify the bridge priority. 14-16 Software Configuration Guide-Release 12.2(25)EW OL-6696-01 In most cases, we recommend that you can issue a show running...-config command to confirm the configuration. Configuring STP Chapter 14 Understanding and Configuring STP This example shows how to change the spanning tree port cost of a Fast Ethernet interface: Switch# configure terminal Switch(config)# interface fastethernet 5/8 Switch(config-if)# spanning-tree cost 18 Switch(...
...the spanning-tree vlan vlan_ID root primary and the spanning-tree vlan vlan_ID root secondary commands to modify the bridge priority. 14-16 Software Configuration Guide-Release 12.2(25)EW OL-6696-01 In most cases, we recommend that you can issue a show running...-config command to confirm the configuration. Configuring STP Chapter 14 Understanding and Configuring STP This example shows how to change the spanning tree port cost of a Fast Ethernet interface: Switch# configure terminal Switch(config)# interface fastethernet 5/8 Switch(config-if)# spanning-tree cost 18 Switch(...
Software Guide
Page 231
...enable PortFast BPDU filtering on port 4/4: Switch(config)# interface ...more detail on the port: Switch# show spanning-tree interface fastEthernet 4/4 detail Port 196 (FastEthernet4/4) of transitions to forwarding state:1 The port is in PVST+... is disabled BackboneFast is disabled Pathcost method used is forwarding Port path cost 1000, Port priority 160, Port Identifier 160.196. Enables BPDU filtering. To enable PortFast BPDU... 00d0.00b8.140a Designated bridge has priority 32768, address 00d0.00b8.140a Designated port id is 160.196, designated path cost 0 Timers:message age 0, forward ...
...enable PortFast BPDU filtering on port 4/4: Switch(config)# interface ...more detail on the port: Switch# show spanning-tree interface fastEthernet 4/4 detail Port 196 (FastEthernet4/4) of transitions to forwarding state:1 The port is in PVST+... is disabled BackboneFast is disabled Pathcost method used is forwarding Port path cost 1000, Port priority 160, Port Identifier 160.196. Enables BPDU filtering. To enable PortFast BPDU... 00d0.00b8.140a Designated bridge has priority 32768, address 00d0.00b8.140a Designated port id is 160.196, designated path cost 0 Timers:message age 0, forward ...
Command Reference
Page 126
... might shut down and reenable the interface during the reconfiguration. You must configure the correct duplex mode on a 16-port RJ-45 Gigabit Ethernet port is set to full. Table2-3 describes the system performance for full-duplex operation: Switch(config-if)# duplex full...Commands speed interface (refer to Cisco IOS documentation) show controllers (refer to Cisco IOS documentation) show interfaces (refer to Cisco IOS documentation) 2-94 Catalyst4500 Series SwitchCiscoIOS Command Reference-Release 12.2(18)EW 78-16201-01 duplex Chapter2 Cisco IOS Commands for the Catalyst 4500...
... might shut down and reenable the interface during the reconfiguration. You must configure the correct duplex mode on a 16-port RJ-45 Gigabit Ethernet port is set to full. Table2-3 describes the system performance for full-duplex operation: Switch(config-if)# duplex full...Commands speed interface (refer to Cisco IOS documentation) show controllers (refer to Cisco IOS documentation) show interfaces (refer to Cisco IOS documentation) 2-94 Catalyst4500 Series SwitchCiscoIOS Command Reference-Release 12.2(18)EW 78-16201-01 duplex Chapter2 Cisco IOS Commands for the Catalyst 4500...
