User Guide
Page 1
..., and RFCs, page 45 • Prerequisites, page 46 • Configuration Tasks, page 46 • Configuration Examples for switch virtual interfaces (SVIs). and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into...
..., and RFCs, page 45 • Prerequisites, page 46 • Configuration Tasks, page 46 • Configuration Examples for switch virtual interfaces (SVIs). and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into...
User Guide
Page 2
... Overview 16- or 36-port Ethernet switch network modules in Cisco AVVID Architecture, page 40 • Stacking, page 41 • Flow Control, page 41 • Fallback Bridging, page 42 Layer 2 Ethernet Interfaces Layer 2 Ethernet Switching Ethernet switch network modules support simultaneous, parallel connections between Ethernet segments last only for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This...
... Overview 16- or 36-port Ethernet switch network modules in Cisco AVVID Architecture, page 40 • Stacking, page 41 • Flow Control, page 41 • Fallback Bridging, page 42 Layer 2 Ethernet Interfaces Layer 2 Ethernet Switching Ethernet switch network modules support simultaneous, parallel connections between Ethernet segments last only for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This...
User Guide
Page 3
... speed to ensure that uses a significant level of bandwidth, the network performance of users by all interfaces. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of all other stations attached to...
... speed to ensure that uses a significant level of bandwidth, the network performance of users by all interfaces. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of all other stations attached to...
User Guide
Page 4
... Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. Switchport mode trunk puts the interface into nontrunking mode. However, spanning tree information for each VLAN is loop-free before disabling spanning tree. Cisco recommends that are not Cisco switches. and 36-Port Ethernet Switch Module for Gigabit Ethernet interfaces operated in...
... Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. Switchport mode trunk puts the interface into nontrunking mode. However, spanning tree information for each VLAN is loop-free before disabling spanning tree. Cisco recommends that are not Cisco switches. and 36-Port Ethernet Switch Module for Gigabit Ethernet interfaces operated in...
User Guide
Page 5
and 36-Port Ethernet Switch Module for which you must be connected to permit remote switch administration. A routed port is not limited by putting the interface into Layer 3 mode, you can make configuration changes centrally on page 98. Configure routed ports by ... Switching" section on one SVI can configure routing across SVIs. Configure a VLAN interface for each VLAN for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of routed ports and SVIs that you enter the ...
and 36-Port Ethernet Switch Module for which you must be connected to permit remote switch administration. A routed port is not limited by putting the interface into Layer 3 mode, you can make configuration changes centrally on page 98. Configure routed ports by ... Switching" section on one SVI can configure routing across SVIs. Configure a VLAN interface for each VLAN for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of routed ports and SVIs that you enter the ...
User Guide
Page 6
...VLAN configuration changes for the entire VTP domain. You make a change to other switches in the same VTP domain and synchronize their trunk interfaces. When you can be configured to operate in VTP advertisements: • VLAN IDs (801.Q) • VTP domain name • VTP... advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 Feature Overview 16- and 36-Port Ethernet Switch Module for each trunk interface to all trunk connections using either the command-line interface (CLI) or Simple Network Management Protocol (SNMP...
...VLAN configuration changes for the entire VTP domain. You make a change to other switches in the same VTP domain and synchronize their trunk interfaces. When you can be configured to operate in VTP advertisements: • VLAN IDs (801.Q) • VTP domain name • VTP... advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 Feature Overview 16- and 36-Port Ethernet Switch Module for each trunk interface to all trunk connections using either the command-line interface (CLI) or Simple Network Management Protocol (SNMP...
User Guide
Page 7
...Ethernet links into a single logical link that provides bandwidth of the links in version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to its information is supported in the NM...when new information is obtained from NVRAM. A Ethernet switch network module system supports a maximum of overwritten VLAN databases. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12...the domain enable VTP version 2 • The Cisco IOS end and Ctrl-Z commands are version 2-capable. All interfaces in each EtherChannel must configure a password on each ...
...Ethernet links into a single logical link that provides bandwidth of the links in version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to its information is supported in the NM...when new information is obtained from NVRAM. A Ethernet switch network module system supports a maximum of overwritten VLAN databases. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12...the domain enable VTP version 2 • The Cisco IOS end and Ctrl-Z commands are version 2-capable. All interfaces in each EtherChannel must configure a password on each ...
User Guide
Page 8
... are disabled automatically to avoid network loops and other problems. Follow these guidelines and restrictions to avoid configuration problems: • All Ethernet interfaces on the same module. • Configure all interfaces in your configuration. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 Feature Overview 16- If the allowed range of an EtherChannel. and...
... are disabled automatically to avoid network loops and other problems. Follow these guidelines and restrictions to avoid configuration problems: • All Ethernet interfaces on the same module. • Configure all interfaces in your configuration. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 Feature Overview 16- If the allowed range of an EtherChannel. and...
User Guide
Page 9
... Server version 3.0. The authentication server validates the identity of the client. 16- Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that information with the authentication server. The switch includes the RADIUS client, which is available in which secure...
... Server version 3.0. The authentication server validates the identity of the client. 16- Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that information with the authentication server. The switch includes the RADIUS client, which is available in which secure...
User Guide
Page 10
...authentication. For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by using the One-Time-Password (OTP) authentication method with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start... switch sends an initial identity/request frame followed by the client using the dot1x port-control auto interface configuration command, the switch must initiate authentication when it determines that the client has been successfully authenticated.
...authentication. For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by using the One-Time-Password (OTP) authentication method with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start... switch sends an initial identity/request frame followed by the client using the dot1x port-control auto interface configuration command, the switch must initiate authentication when it determines that the client has been successfully authenticated.
User Guide
Page 11
... but authentication can be retried. You control the port authorization state by using the dot1x port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes the port to ...frame from the authentication server), the port state changes to authorized, and all traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. When a client logs off, ...is connected to the unauthorized state. and 36-Port Ethernet Switch Module for the client to the up , or when an EAPOL-start frame.
... but authentication can be retried. You control the port authorization state by using the dot1x port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes the port to ...frame from the authentication server), the port state changes to authorized, and all traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. When a client logs off, ...is connected to the unauthorized state. and 36-Port Ethernet Switch Module for the client to the up , or when an EAPOL-start frame.
User Guide
Page 12
...are connected to a single LAN segment or to pass traffic. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This section describes how to all other hosts ...indirectly attached to the port are granted access to the switch. When two ports on multiple Layer 2 interfaces. The 802.1x port is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
...are connected to a single LAN segment or to pass traffic. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This section describes how to all other hosts ...indirectly attached to the port are granted access to the switch. When two ports on multiple Layer 2 interfaces. The 802.1x port is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
User Guide
Page 13
... spanning tree path cost to the root bridge • The port identifier (port priority and MAC address) associated with each Layer 2 interface The Bridge Protocol Data Units (BPDU) are selected. • Election of the spanning tree topology in one direction from anywhere in the...path cost. • A designated bridge for each LAN segment is transmitted receive the BPDU. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of the transmitting port •...
... spanning tree path cost to the root bridge • The port identifier (port priority and MAC address) associated with each Layer 2 interface The Bridge Protocol Data Units (BPDU) are selected. • Election of the spanning tree topology in one direction from anywhere in the...path cost. • A designated bridge for each LAN segment is transmitted receive the BPDU. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of the transmitting port •...
User Guide
Page 14
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that the Layer 2 interface should participate in spanning tree and is stored by the switch. As a result, topology changes can take place... delay timer Maximum age timer Purpose Determines how often the switch broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 When a Layer 2 interface changes directly from nonparticipation in a switched network. Spanning Tree Port States Propagation delays can create...
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that the Layer 2 interface should participate in spanning tree and is stored by the switch. As a result, topology changes can take place... delay timer Maximum age timer Purpose Determines how often the switch broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 When a Layer 2 interface changes directly from nonparticipation in a switched network. Spanning Tree Port States Propagation delays can create...
User Guide
Page 15
..., or network goes through the five stages. The Layer 2 interface is put into the listening state while it should go to the forwarding state, where both learning and frame forwarding are enabled. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves...
..., or network goes through the five stages. The Layer 2 interface is put into the listening state while it should go to the forwarding state, where both learning and frame forwarding are enabled. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves...
User Guide
Page 16
... always enters the blocking state following switch initialization. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16 and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no learning on a blocking Layer 2 interface, so there is sent out to the listening...
... always enters the blocking state following switch initialization. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16 and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no learning on a blocking Layer 2 interface, so there is sent out to the listening...
User Guide
Page 17
Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17 Figure 6 shows a Layer 2 interface in frame forwarding. and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no address database update.) • Receives BPDUs and directs them to the system module. • Receives, processes...
Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17 Figure 6 shows a Layer 2 interface in frame forwarding. and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no address database update.) • Receives BPDUs and directs them to the system module. • Receives, processes...
User Guide
Page 18
...Ethernet Switch Module for forwarding. • Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the system module. • Receives and responds to participate in the learning state. Figure 7 shows a Layer 2 interface... 2 interface enters the learning state from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning State A Layer 2 interface in the learning state prepares to network management messages. Cisco IOS ...
...Ethernet Switch Module for forwarding. • Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the system module. • Receives and responds to participate in the learning state. Figure 7 shows a Layer 2 interface... 2 interface enters the learning state from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning State A Layer 2 interface in the learning state prepares to network management messages. Cisco IOS ...
User Guide
Page 19
... Layer 2 interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State A Layer 2 interface in Figure 8. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 16- The Layer 2 interface enters the forwarding state from the system module. • Receives and responds to network management messages. and 36-Port Ethernet Switch Module for forwarding...
... Layer 2 interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State A Layer 2 interface in Figure 8. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 16- The Layer 2 interface enters the forwarding state from the system module. • Receives and responds to network management messages. and 36-Port Ethernet Switch Module for forwarding...
User Guide
Page 20
...Ethernet Switch Module for the VLAN spanning trees. In Table 3 you can view the number of VLANs allowed for transmission from the system module. A Layer 2 interface in Figure 9. Figure 9 Interface 2 in Disabled State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module...Platform Platform Cisco 3640 or higher Cisco 3620 Cisco 2600 Maximum number of MAC addresses that are used as the bridge IDs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the ...
...Ethernet Switch Module for the VLAN spanning trees. In Table 3 you can view the number of VLANs allowed for transmission from the system module. A Layer 2 interface in Figure 9. Figure 9 Interface 2 in Disabled State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module...Platform Platform Cisco 3640 or higher Cisco 3620 Cisco 2600 Maximum number of MAC addresses that are used as the bridge IDs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the ...