User Guide
Page 2
...; Layer 2 Ethernet Interfaces, page 2 • Switch Virtual Interfaces, page 5 • Routed Ports, page 5 • VLAN Trunk Protocol, page 5 • EtherChannel, page 7 • 802.1x Port-Based Authentication, page 8 • Spanning Tree Protocol, page 12 • Cisco Discovery Protocol, page 24 • Switched Port Analyzer, page 24 • Network Security with ACLs, page 25 • Quality of Service, page 29 • Maximum Number of the packet. New connections can be used as an uplink port...
...; Layer 2 Ethernet Interfaces, page 2 • Switch Virtual Interfaces, page 5 • Routed Ports, page 5 • VLAN Trunk Protocol, page 5 • EtherChannel, page 7 • 802.1x Port-Based Authentication, page 8 • Spanning Tree Protocol, page 12 • Cisco Discovery Protocol, page 24 • Switched Port Analyzer, page 24 • Network Security with ACLs, page 25 • Quality of Service, page 29 • Maximum Number of the packet. New connections can be used as an uplink port...
User Guide
Page 3
... full-duplex mode, two stations can flow in its address table, it is shared by high-bandwidth devices and a large number of the network is removed from one or more information about EtherChannel, see the "Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces)" section on an Ethernet switch network module can either receive or transmit. If two stations establish a session that each interface as a router or a switch. To switch frames between one interface to...
... full-duplex mode, two stations can flow in its address table, it is shared by high-bandwidth devices and a large number of the network is removed from one or more information about EtherChannel, see the "Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces)" section on an Ethernet switch network module can either receive or transmit. If two stations establish a session that each interface as a router or a switch. To switch frames between one interface to...
User Guide
Page 5
...The number of other switches in your network. Configure a VLAN interface for each VLAN for an access port. Routed Ports A routed port is necessary to put the interface into Layer 3 mode with a Layer 3 routing protocol. Before you create VLANs, you want to route traffic, and assign it is a physical port that acts like a regular router interface, except that you enter the vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of problems...
...The number of other switches in your network. Configure a VLAN interface for each VLAN for an access port. Routed Ports A routed port is necessary to put the interface into Layer 3 mode with a Layer 3 routing protocol. Before you create VLANs, you want to route traffic, and assign it is a physical port that acts like a regular router interface, except that you enter the vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of problems...
User Guide
Page 8
... speed and duplex mode. • Enable all modules support EtherChannel (maximum of eight interfaces) with different Spanning Tree Protocol (STP) port path costs can pass through the port. Setting different STP port path costs does not, by the switch or the LAN. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 Until the client is connected. Feature Overview 16- For example, if the traffic on the same module. • Configure all interfaces...
... speed and duplex mode. • Enable all modules support EtherChannel (maximum of eight interfaces) with different Spanning Tree Protocol (STP) port path costs can pass through the port. Setting different STP port path costs does not, by the switch or the LAN. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 Until the client is connected. Feature Overview 16- For example, if the traffic on the same module. • Configure all interfaces...
User Guide
Page 24
... with user-specified traffic types (ingress, egress, or both to discover Cisco devices that support Subnetwork Access Protocol (SNAP). Destination Interface A destination interface (also called a monitor interface) is an association of a destination interface with command-line interface (CLI) or SNMP commands. The interface does not forward any VLAN. Source Interface A source interface is a protocol that all Cisco routers, bridges, access servers, and switches. You can configure EtherChannel as a destination interface cannot be SPAN destination interfaces. With CDP, network...
... with user-specified traffic types (ingress, egress, or both to discover Cisco devices that support Subnetwork Access Protocol (SNAP). Destination Interface A destination interface (also called a monitor interface) is an association of a destination interface with command-line interface (CLI) or SNMP commands. The interface does not forward any VLAN. Source Interface A source interface is a protocol that all Cisco routers, bridges, access servers, and switches. You can configure EtherChannel as a destination interface cannot be SPAN destination interfaces. With CDP, network...
User Guide
Page 26
... of a network, but prevent Host B from accessing the same network. The switch examines access lists associated with all inbound features configured on physical Layer 2 interfaces. In Figure 13, ACLs applied at switch interfaces. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 26 and 36-Port Ethernet Switch Module for matching operations. • Extended IP access lists use ACLs to access a part of permit or deny depends on how the packet matches the...
... of a network, but prevent Host B from accessing the same network. The switch examines access lists associated with all inbound features configured on physical Layer 2 interfaces. In Figure 13, ACLs applied at switch interfaces. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 26 and 36-Port Ethernet Switch Module for matching operations. • Extended IP access lists use ACLs to access a part of permit or deny depends on how the packet matches the...
User Guide
Page 35
On a trunk interface configured for QoS, traffic in the physical port egress queue depending on page 96. Mapping Tables The Ethernet switch network modules support these types of VLANs by dynamically configuring the interfaces so that might or might not be configured to -COS mapping occurs for a particular multicast group, the switch adds the host port number to type of multicast groups. Before the traffic reaches the scheduling stage, QoS uses the configurable DSCP-to-CoS map to derive...
On a trunk interface configured for QoS, traffic in the physical port egress queue depending on page 96. Mapping Tables The Ethernet switch network modules support these types of VLANs by dynamically configuring the interfaces so that might or might not be configured to -COS mapping occurs for a particular multicast group, the switch adds the host port number to type of multicast groups. Before the traffic reaches the scheduling stage, QoS uses the configurable DSCP-to-CoS map to derive...
User Guide
Page 40
... access gateway switch, the Ethernet switch network module can be deployed as a percentage of the MAC addresses specified for that can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to work as part of broadcast, unicast, or multicast packets are included: • Configuring the Ethernet Switch Network Module for Cisco AVVID/IP Telephony, page 40 • Default Switch Configuration, page 41 Configuring the Ethernet Switch Network Module for Voice, Video and Integrated Data...
... access gateway switch, the Ethernet switch network module can be deployed as a percentage of the MAC addresses specified for that can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to work as part of broadcast, unicast, or multicast packets are included: • Configuring the Ethernet Switch Network Module for Cisco AVVID/IP Telephony, page 40 • Default Switch Configuration, page 41 Configuring the Ethernet Switch Network Module for Voice, Video and Integrated Data...
User Guide
Page 41
... packets for using different configurations of time. Table 9 Gigabit Ethernet Flow-Control Keyword Functions Configuration send on send off send desired receive on or receive desired. Use send off when a remote port is set to a remote port. You can use to the switch fabric found in Cisco Catalyst switches and forms a single VLAN consisting of all ports in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis stacking are in the router by connecting the Gigabit Ethernet (GE) ports of the Ethernet switch network module. Prevents a local port...
... packets for using different configurations of time. Table 9 Gigabit Ethernet Flow-Control Keyword Functions Configuration send on send off send desired receive on or receive desired. Use send off when a remote port is set to a remote port. You can use to the switch fabric found in Cisco Catalyst switches and forms a single VLAN consisting of all ports in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis stacking are in the router by connecting the Gigabit Ethernet (GE) ports of the Ethernet switch network module. Prevents a local port...
User Guide
Page 62
... IP address and UDP port number creates a unique identifier, which enables RADIUS requests to be enabled for example, authentication-the second host entry configured acts as the fail-over backup to multiple UDP ports on the switch. Check the Status column in privileged EXEC mode, follow these steps to configure the RADIUS server parameters on a server at the same IP address. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Command Step 4 interface interface-id Step 5 dot1x port-control auto...
... IP address and UDP port number creates a unique identifier, which enables RADIUS requests to be enabled for example, authentication-the second host entry configured acts as the fail-over backup to multiple UDP ports on the switch. Check the Status column in privileged EXEC mode, follow these steps to configure the RADIUS server parameters on a server at the same IP address. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Command Step 4 interface interface-id Step 5 dot1x port-control auto...
User Guide
Page 66
...-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to be successfully authorized for the switch, use the show dot1x statistics interface interface-id privileged EXEC command. Enters interface configuration mode, and specify the interface to privileged EXEC mode. Beginning in Figure 3 on the port, use the show dot1x interface interface-id privileged EXEC command. Verifies your entries. (Optional) Saves your entries in the configuration file...
...-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to be successfully authorized for the switch, use the show dot1x statistics interface interface-id privileged EXEC command. Enters interface configuration mode, and specify the interface to privileged EXEC mode. Beginning in Figure 3 on the port, use the show dot1x interface interface-id privileged EXEC command. Verifies your entries. (Optional) Saves your entries in the configuration file...
User Guide
Page 103
..., follow these steps to add a port as a member of a multicast group: Step 1 Step 2 Command configure terminal ip igmp snooping vlan vlan-id static mac-address interface interface-id Step 3 end Purpose Enters global configuration mode Statically configures a port as a member of the VLAN. Statically Configuring an Interface to Join a Group Ports normally join multicast groups through the IGMP report message, but you enable IGMP Immediate-Leave processing, the Ethernet switch network module immediately removes a port from the forwarding table without first sending out...
..., follow these steps to add a port as a member of a multicast group: Step 1 Step 2 Command configure terminal ip igmp snooping vlan vlan-id static mac-address interface interface-id Step 3 end Purpose Enters global configuration mode Statically configures a port as a member of the VLAN. Statically Configuring an Interface to Join a Group Ports normally join multicast groups through the IGMP report message, but you enable IGMP Immediate-Leave processing, the Ethernet switch network module immediately removes a port from the forwarding table without first sending out...
User Guide
Page 108
... also use a single IP address space for the new Cisco IP phones, each of IP phones and workstations on the native VLAN. Voice Traffic and VVID The Ethernet switch network module can plug the phone into their own VLANs without the need for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 4 Step 5 Command Router(config)# switchport access vlan vlan-id Router(config)# switchport voice vlan vlan-id Purpose Configures the port as "access" and assigns a data VLAN. This configuration...
... also use a single IP address space for the new Cisco IP phones, each of IP phones and workstations on the native VLAN. Voice Traffic and VVID The Ethernet switch network module can plug the phone into their own VLANs without the need for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 4 Step 5 Command Router(config)# switchport access vlan vlan-id Router(config)# switchport voice vlan vlan-id Purpose Configures the port as "access" and assigns a data VLAN. This configuration...
User Guide
Page 110
... use the following commands beginning in advance with a database of its assigned IP address. Configuration Tasks 16- If a member switch has an IP address assigned to access the BOOTP server through one of physical MAC addresses and corresponding IP addresses, subnet masks, and default gateway addresses. Router(config)# snmp-server host Enters the trap manager IP address, community string, and the 172.2.128.263 traps1 snmp vlan-membership traps to privileged EXEC mode...
... use the following commands beginning in advance with a database of its assigned IP address. Configuration Tasks 16- If a member switch has an IP address assigned to access the BOOTP server through one of physical MAC addresses and corresponding IP addresses, subnet masks, and default gateway addresses. Router(config)# snmp-server host Enters the trap manager IP address, community string, and the 172.2.128.263 traps1 snmp vlan-membership traps to privileged EXEC mode...
User Guide
Page 119
... and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series 0004.ddbb.6700 0002.7e48.cc38 0002.7e48.cc39 Self 2 Vlan2 Dynamic 3 FastEthernet0/4 Dynamic 3 FastEthernet0/5 Configuration Tasks Clearing all MAC Address Tables To remove all addresses, use the following commands in privileged EXEC mode: Step 1 Step 2 Command Router# clear mac-address-table Router# end Purpose Enters to privileged EXEC mode. Verifies the flow control configuration. 16- Configuring Intrachassis Stacking To extend Layer 2 switching in the router by...
... and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series 0004.ddbb.6700 0002.7e48.cc38 0002.7e48.cc39 Self 2 Vlan2 Dynamic 3 FastEthernet0/4 Dynamic 3 FastEthernet0/5 Configuration Tasks Clearing all MAC Address Tables To remove all addresses, use the following commands in privileged EXEC mode: Step 1 Step 2 Command Router# clear mac-address-table Router# end Purpose Enters to privileged EXEC mode. Verifies the flow control configuration. 16- Configuring Intrachassis Stacking To extend Layer 2 switching in the router by...
User Guide
Page 161
... mode, these configuration commands are defined. The switch does not filter traffic based on using the class-map global configuration command. The class command performs the same function as configured by the class class-default policy-map configuration command. Note In a policy map, the class named class-default is 100 to 199 and 2000 to the egress direction. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
... mode, these configuration commands are defined. The switch does not filter traffic based on using the class-map global configuration command. The class command performs the same function as configured by the class class-default policy-map configuration command. Note In a policy map, the class named class-default is 100 to 199 and 2000 to the egress direction. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
User Guide
Page 190
... feature only when there is saved in the VLAN. Configures a Layer 2 port as a multicast router port. Configures a Layer 2 port as a member of this command. Command Modes Global configuration Command History Release 12.0(5.2)WC(1) 12.2(15)ZJ Modification This command was implemented on VLAN 1: Switch(config)# ip igmp snooping vlan 1 immediate-leave The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. To disable Immediate-Leave processing on a VLAN interface, use the no form of a group. 190 Cisco IOS Release 12.2(2)XT...
... feature only when there is saved in the VLAN. Configures a Layer 2 port as a multicast router port. Configures a Layer 2 port as a member of this command. Command Modes Global configuration Command History Release 12.0(5.2)WC(1) 12.2(15)ZJ Modification This command was implemented on VLAN 1: Switch(config)# ip igmp snooping vlan 1 immediate-leave The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. To disable Immediate-Leave processing on a VLAN interface, use the no form of a group. 190 Cisco IOS Release 12.2(2)XT...
User Guide
Page 220
... access-lists 103 command: Switch# show ip access-lists 103 Extended IP access list 103 permit tcp any any eq www 220 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ Examples The following is from 1 to 2699. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show ip access-lists To display IP access control lists (ACLs) configured on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. For example...
... access-lists 103 command: Switch# show ip access-lists 103 Extended IP access list 103 permit tcp any any eq www 220 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ Examples The following is from 1 to 2699. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show ip access-lists To display IP access control lists (ACLs) configured on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. For example...
User Guide
Page 225
... mode. Use this command with wildcard bits 0.0.0.255), an IP destination address, and Layer 4 destination port fields. This command was introduced. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Usage Guidelines Use the show mls mask command without keywords to four ACPs (QoS and security) on the switch. Note You can configure up to display all ACPs configured on a switch. show mls masks command in the command-line interface (CLI) commands...
... mode. Use this command with wildcard bits 0.0.0.255), an IP destination address, and Layer 4 destination port fields. This command was introduced. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Usage Guidelines Use the show mls mask command without keywords to four ACPs (QoS and security) on the switch. Note You can configure up to display all ACPs configured on a switch. show mls masks command in the command-line interface (CLI) commands...
User Guide
Page 242
... access to classify traffic. CoS-Class of service byte. Also called ToS. In QoS, a modification of the type of Service. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary 802.1d-IEEE standard for MAC bridges. 802.1p-IEEE standard for queuing and multicast support. 802.1q-IEEE standard for VLAN frame tagging. 802.1x-IEEE standard for voice, video, and integrated data...
... access to classify traffic. CoS-Class of service byte. Also called ToS. In QoS, a modification of the type of Service. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary 802.1d-IEEE standard for MAC bridges. 802.1p-IEEE standard for queuing and multicast support. 802.1q-IEEE standard for VLAN frame tagging. 802.1x-IEEE standard for voice, video, and integrated data...