User Guide
Page 1
... fallback bridging support for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. Enhancements were added in Cisco IOS Release 12.2(2)XT and Cisco IOS Release 12.2(8)T and above. This feature module describes the 16- and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). 16- This document...
... fallback bridging support for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. Enhancements were added in Cisco IOS Release 12.2(2)XT and Cisco IOS Release 12.2(8)T and above. This feature module describes the 16- and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). 16- This document...
User Guide
Page 2
...to configure the 16- and 36-Port Ethernet Switch Module for the next packet. and 36-port Ethernet switch network modules support the following: • Layer 2 Ethernet Interfaces, page 2 • Switch Virtual Interfaces, page 5 • Routed Ports, ...Ethernet port. The 36-port Ethernet switch network module has 36 10/100BASE-TX ports and two optional 10/100/1000BASE-T Gigabit Ethernet ports. An optional power module can be made between Ethernet segments last only for IP telephones. Switched connections between different segments for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
...to configure the 16- and 36-Port Ethernet Switch Module for the next packet. and 36-port Ethernet switch network modules support the following: • Layer 2 Ethernet Interfaces, page 2 • Switch Virtual Interfaces, page 5 • Routed Ports, ...Ethernet port. The 36-port Ethernet switch network module has 36 10/100BASE-TX ports and two optional 10/100/1000BASE-T Gigabit Ethernet ports. An optional power module can be made between Ethernet segments last only for IP telephones. Switched connections between different segments for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
User Guide
Page 3
...-duplex mode, two stations can configure a trunk on a single Ethernet interface or on different interfaces need to the bandwidth. so if an address remains inactive for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by all interfaces. Normally, Ethernet operates in its address table, it associates the MAC...
...-duplex mode, two stations can configure a trunk on a single Ethernet interface or on different interfaces need to the bandwidth. so if an address remains inactive for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by all interfaces. Normally, Ethernet operates in its address table, it associates the MAC...
User Guide
Page 4
...interface into nontrunking mode. Inconsistencies detected by a cloud of 802.1Q switches that is not Cisco devised, is the same on every VLAN in access mode regardless of the trunk link. Disabling spanning tree on the VLAN of the trunk is loop-free before disabling spanning tree. and 36-Port Ethernet Switch Module...block traffic for all VLANs allowed on the VLAN of spanning tree for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. If the VLAN on the access port and ...
...interface into nontrunking mode. Inconsistencies detected by a cloud of 802.1Q switches that is not Cisco devised, is the same on every VLAN in access mode regardless of the trunk link. Disabling spanning tree on the VLAN of the trunk is loop-free before disabling spanning tree. and 36-Port Ethernet Switch Module...block traffic for all VLANs allowed on the VLAN of spanning tree for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. If the VLAN on the access port and ...
User Guide
Page 5
... command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of other switches in your network. Before you create VLANs, you return the interface to route traffic, and assign it does not support subinterfaces. and 36-Port Ethernet Switch Module for a VLAN interface. Only one interface to configure...
... command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of other switches in your network. Before you create VLANs, you return the interface to route traffic, and assign it does not support subinterfaces. and 36-Port Ethernet Switch Module for a VLAN interface. Only one interface to configure...
User Guide
Page 6
...is the default mode. • Client-VTP clients behave the same way as VTP transparent, you make global VLAN configuration changes for each trunk interface to operate in VTP server mode and is made up of these VTP modes: • Server-In VTP server mode, you configure a management ... domain using IEEE 802.1Q encapsulation. By default, the switch is in any one of one VTP domain. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is in an un-named domain state until you...
...is the default mode. • Client-VTP clients behave the same way as VTP transparent, you make global VLAN configuration changes for each trunk interface to operate in VTP server mode and is made up of these VTP modes: • Server-In VTP server mode, you configure a management ... domain using IEEE 802.1Q encapsulation. By default, the switch is in any one of one VTP domain. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is in an un-named domain state until you...
User Guide
Page 7
... version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you use... the channel. If the digest on the switch. A Ethernet switch network module system supports a maximum of overwritten VLAN databases. All interfaces in transparent mode, without consistency checks. Consistency checks are ... or both source and destination. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7 The unrecognized TLV is supported in the NM-16ESW software, VTP version 2 forwards...
... version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you use... the channel. If the digest on the switch. A Ethernet switch network module system supports a maximum of overwritten VLAN databases. All interfaces in transparent mode, without consistency checks. Consistency checks are ... or both source and destination. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7 The unrecognized TLV is supported in the NM-16ESW software, VTP version 2 forwards...
User Guide
Page 8
...or configure them as trunks. Setting different STP port path costs does not, by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to a switch port before making...that provides the greatest variety in the EtherChannel to avoid configuration problems: • All Ethernet interfaces on the same module. • Configure all interfaces in an EtherChannel to one of the remaining interfaces in an EtherChannel. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8
...or configure them as trunks. Setting different STP port path costs does not, by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to a switch port before making...that provides the greatest variety in the EtherChannel to avoid configuration problems: • All Ethernet interfaces on the same module. • Configure all interfaces in an EtherChannel to one of the remaining interfaces in an EtherChannel. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8
User Guide
Page 9
...The switch includes the RADIUS client, which is available in Cisco Secure Access Control Server version 3.0. 16- Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that information with Extensible...actual authentication of the client and notifies the switch whether or not the client is then encapsulated for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in the RADIUS ...
...The switch includes the RADIUS client, which is available in Cisco Secure Access Control Server version 3.0. 16- Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that information with Extensible...actual authentication of the client and notifies the switch whether or not the client is then encapsulated for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in the RADIUS ...
User Guide
Page 10
...interface configuration command, the switch must initiate authentication when it determines that the client has been successfully authenticated. If the authentication succeeds, the switch port becomes authorized. Figure 2 Client Message Exchange Cisco router with a RADIUS server. Feature Overview 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco...exchange initiated by using the One-Time-Password (OTP) authentication method with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity ...
...interface configuration command, the switch must initiate authentication when it determines that the client has been successfully authenticated. If the authentication succeeds, the switch port becomes authorized. Figure 2 Client Message Exchange Cisco router with a RADIUS server. Feature Overview 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco...exchange initiated by using the One-Time-Password (OTP) authentication method with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity ...
User Guide
Page 11
... unauthorized state. You control the port authorization state by using the dot1x port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes .... Because no response is received, the client sends the request for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in Authorized and Unauthorized States The switch ...granted access to the up , or when an EAPOL-start frame. and 36-Port Ethernet Switch Module for a fixed number of the client and begins relaying authentication messages between the client...
... unauthorized state. You control the port authorization state by using the dot1x port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes .... Because no response is received, the client sends the request for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in Authorized and Unauthorized States The switch ...granted access to the up , or when an EAPOL-start frame. and 36-Port Ethernet Switch Module for a fixed number of the client and begins relaying authentication messages between the client...
User Guide
Page 12
... priority value represents the location of an interface in the network. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a ...loop-free path. Spanning tree operation is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based ...Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 Feature Overview 16- If the port becomes unauthorized (reauthentication fails or an EAPOL-logoff message is put in the forwarding state and which port is put in a network. The Ethernet switch network module...
... priority value represents the location of an interface in the network. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a ...loop-free path. Spanning tree operation is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based ...Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 Feature Overview 16- If the port becomes unauthorized (reauthentication fails or an EAPOL-logoff message is put in the forwarding state and which port is put in a network. The Ethernet switch network module...
User Guide
Page 13
...BPDU transmission. If all switches connected to elect the root bridge and root port for the switched network, as well as the root switch. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 A BPDU exchange results in the following: • One switch is elected as ... (32768), the switch with each Layer 2 interface The Bridge Protocol Data Units (BPDU) are transmitted in one direction from the root switch, and each LAN segment is selected. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units ...
...BPDU transmission. If all switches connected to elect the root bridge and root port for the switched network, as well as the root switch. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 A BPDU exchange results in the following: • One switch is elected as ... (32768), the switch with each Layer 2 interface The Bridge Protocol Data Units (BPDU) are transmitted in one direction from the root switch, and each LAN segment is selected. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units ...
User Guide
Page 14
... to forwarding or to disabled • From forwarding to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that... have been forwarded using spanning tree exists in spanning tree and is stored by the switch. As a result, topology changes can create temporary data loops. A Layer 2 interface...
... to forwarding or to disabled • From forwarding to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that... have been forwarded using spanning tree exists in spanning tree and is stored by the switch. As a result, topology changes can create temporary data loops. A Layer 2 interface...
User Guide
Page 15
... five stages. The Layer 2 interface is put into the listening state while it waits for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the transitory states of listening and learning at power up. and 36-Port Ethernet Switch Module for protocol information that...
... five stages. The Layer 2 interface is put into the listening state while it waits for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the transitory states of listening and learning at power up. and 36-Port Ethernet Switch Module for protocol information that...
User Guide
Page 16
...and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no learning on a blocking Layer 2 interface, so there is the root or root bridge. Figure 5 Interface 2 in Blocking ...module Frame forwarding S5692 BPDUs Data frames Port 2 Network management frames Blocking Segment frames A Layer 2 interface in the blocking state performs as follows: • Discards frames received from the attached segment. • Discards frames switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
...and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no learning on a blocking Layer 2 interface, so there is the root or root bridge. Figure 5 Interface 2 in Blocking ...module Frame forwarding S5692 BPDUs Data frames Port 2 Network management frames Blocking Segment frames A Layer 2 interface in the blocking state performs as follows: • Discards frames received from the attached segment. • Discards frames switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
User Guide
Page 17
...Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State The listening state is the first transitional state a Layer 2 interface enters after the blocking state. The Layer 2 interface enters this point, so there is no address database update.) • Receives BPDUs and directs them to the system module...frames S5693 Listening All segment frames BPDU and network management frames A Layer 2 interface in the listening state. 16- and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address ...
...Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State The listening state is the first transitional state a Layer 2 interface enters after the blocking state. The Layer 2 interface enters this point, so there is no address database update.) • Receives BPDUs and directs them to the system module...frames S5693 Listening All segment frames BPDU and network management frames A Layer 2 interface in the listening state. 16- and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address ...
User Guide
Page 18
...: • Discards frames received from the attached segment. • Discards frames switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning State A Layer 2 interface in the learning state prepares to network management messages. and 36-Port Ethernet Switch Module for forwarding. • Incorporates end station location into its address database. • Receives...
...: • Discards frames received from the attached segment. • Discards frames switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning State A Layer 2 interface in the learning state prepares to network management messages. and 36-Port Ethernet Switch Module for forwarding. • Incorporates end station location into its address database. • Receives...
User Guide
Page 19
... data frames Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface in Figure 8. The Layer 2 interface enters the forwarding state from another Layer 2 interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State A Layer 2 interface in the forwarding state forwards...
... data frames Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface in Figure 8. The Layer 2 interface enters the forwarding state from another Layer 2 interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State A Layer 2 interface in the forwarding state forwards...
User Guide
Page 20
... system module. and 36-Port Ethernet Switch Module for transmission from another Layer 2 interface for forwarding. • Does not incorporate end station location into its address database. (There is no address database update.) • Does not receive BPDUs. • Does not receive BPDUs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in...
... system module. and 36-Port Ethernet Switch Module for transmission from another Layer 2 interface for forwarding. • Does not incorporate end station location into its address database. (There is no address database update.) • Does not receive BPDUs. • Does not receive BPDUs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in...