User Guide
Page 2
... Ethernet switch network module has 36 10/100BASE-TX ports and two optional 10/100/1000BASE-T Gigabit Ethernet ports. or 36-port Ethernet switch network modules in Cisco AVVID Architecture, page 40 • Stacking, page 41 • Flow Control, page 41 • Fallback Bridging, page 42 Layer 2 Ethernet Interfaces Layer 2 Ethernet Switching Ethernet switch network modules support simultaneous, parallel connections between Layer 2 Ethernet segments. The gigabit Ethernet...
... Ethernet switch network module has 36 10/100BASE-TX ports and two optional 10/100/1000BASE-T Gigabit Ethernet ports. or 36-port Ethernet switch network modules in Cisco AVVID Architecture, page 40 • Stacking, page 41 • Flow Control, page 41 • Fallback Bridging, page 42 Layer 2 Ethernet Interfaces Layer 2 Ethernet Switching Ethernet switch network modules support simultaneous, parallel connections between Layer 2 Ethernet segments. The gigabit Ethernet...
User Guide
Page 3
... users by a configurable aging timer; If two stations establish a session that each device (for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of the sending station with the interface on all interfaces. Note Default parameters on page 56.
... users by a configurable aging timer; If two stations establish a session that each device (for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of the sending station with the interface on all interfaces. Note Default parameters on page 56.
User Guide
Page 7
...Ethernet switch network module system supports a maximum of the binary pattern formed from the addresses in the frame to eight individual Ethernet...; You must configure a password on the switch. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)..., or when information is supported in the NM-16ESW software, VTP version 2 forwards VTP ...interfaces in each switch in the management domain when in your network, you enable VTP version 2 on a switch, all EtherChannels configured on each EtherChannel must decide whether to 1600 Mbps (Fast EtherChannel full duplex) between the network module...
...Ethernet switch network module system supports a maximum of the binary pattern formed from the addresses in the frame to eight individual Ethernet...; You must configure a password on the switch. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)..., or when information is supported in the NM-16ESW software, VTP version 2 forwards VTP ...interfaces in each switch in the management domain when in your network, you enable VTP version 2 on a switch, all EtherChannels configured on each EtherChannel must decide whether to 1600 Mbps (Fast EtherChannel full duplex) between the network module...
User Guide
Page 9
...wireless access point)-controls the physical access to the requests from the client, verifying that information with Ethernet switch network module • Client-the device (workstation) that supports the RADIUS client and 802.1x. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 The authentication server validates the identity ... actual authentication of the client and notifies the switch whether or not the client is available in Figure 1. and 36-Port Ethernet Switch Module for Ethernet and sent to access the LAN and switch services. 16- it is authorized to the client.
...wireless access point)-controls the physical access to the requests from the client, verifying that information with Ethernet switch network module • Client-the device (workstation) that supports the RADIUS client and 802.1x. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 The authentication server validates the identity ... actual authentication of the client and notifies the switch whether or not the client is available in Figure 1. and 36-Port Ethernet Switch Module for Ethernet and sent to access the LAN and switch services. 16- it is authorized to the client.
User Guide
Page 10
.... For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by using the One-Time-Password (OTP) authentication method with a RADIUS server. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS...
.... For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by using the One-Time-Password (OTP) authentication method with a RADIUS server. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS...
User Guide
Page 12
... can exist between end stations cause loops in the network. If a network segment in a wireless LAN. The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on multiple Layer 2 interfaces. Spanning tree forces redundant data paths into a standby (blocked) state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 If the port...
... can exist between end stations cause loops in the network. If a network segment in a wireless LAN. The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on multiple Layer 2 interfaces. Spanning tree forces redundant data paths into a standby (blocked) state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 If the port...
User Guide
Page 24
... it can configure one SPAN session with command-line interface (CLI) or SNMP commands. Source Interface A source interface is a protocol that required for the SPAN session. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is an interface monitored for analysis. Each device advertises at least...
... it can configure one SPAN session with command-line interface (CLI) or SNMP commands. Source Interface A source interface is a protocol that required for the SPAN session. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is an interface monitored for analysis. Each device advertises at least...
User Guide
Page 25
...on your Ethernet switch network module can be implemented using SPAN. Network Security with ACLs Network security on the SPAN destination are also referred to in which are from the source interfaces. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 25 both copies network traffic ...SPAN: • Enter the no monitor session session number command with nontrunk source interfaces; they cannot be SPAN destination interfaces. • If you specify source interfaces and do not specify a traffic type (Tx, Rx, or both), both ingress and egress) SPAN session is not supported...
...on your Ethernet switch network module can be implemented using SPAN. Network Security with ACLs Network security on the SPAN destination are also referred to in which are from the source interfaces. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 25 both copies network traffic ...SPAN: • Enter the no monitor session session number command with nontrunk source interfaces; they cannot be SPAN destination interfaces. • If you specify source interfaces and do not specify a traffic type (Tx, Rx, or both), both ingress and egress) SPAN session is not supported...
User Guide
Page 26
... addresses and optional protocol type information for your network. The Ethernet switch network module supports IP ACLs to packets. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 26 ACLs permit or deny packet forwarding based on physical Layer 2 interfaces. In Figure 13, ACLs applied at switch interfaces. The switch tests the packet against any applied...
... addresses and optional protocol type information for your network. The Ethernet switch network module supports IP ACLs to packets. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 26 ACLs permit or deny packet forwarding based on physical Layer 2 interfaces. In Figure 13, ACLs applied at switch interfaces. The switch tests the packet against any applied...
User Guide
Page 27
...information. ACEs that do not check Layer 4 information and therefore can be applied to a Network Feature Overview Host A Cisco router with these commands, applied to three fragmented packets: Switch (config)# access-list 102 permit...Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 13 Using ACLs to Control Traffic to all Layer 4 information is fragmented, the first fragment matches the first ACE (a permit), as TCP, UDP, and so on . Consider access list 102, configured with Ethernet switch network module Host B Human Resources network Research & Development network...
...information. ACEs that do not check Layer 4 information and therefore can be applied to a Network Feature Overview Host A Cisco router with these commands, applied to three fragmented packets: Switch (config)# access-list 102 permit...Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 13 Using ACLs to Control Traffic to all Layer 4 information is fragmented, the first fragment matches the first ACE (a permit), as TCP, UDP, and so on . Consider access list 102, configured with Ethernet switch network module Host B Human Resources network Research & Development network...
User Guide
Page 28
...Before configuring ACLs on the Ethernet switch network module, you want to define the flow, or specify a user-defined subnet. Each ACE has a mask and a rule. Packets can be configured on which you must have a thorough understanding of interest on any interface: Switch (config-ext-nacl)#... • Layer 4 fields: - There are two types of multiple Layer 3 and Layer 4 fields. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series first ACE, even though they are being sent to host 10.1.1.2 on these masks can be a combination of ...
...Before configuring ACLs on the Ethernet switch network module, you want to define the flow, or specify a user-defined subnet. Each ACE has a mask and a rule. Packets can be configured on which you must have a thorough understanding of interest on any interface: Switch (config-ext-nacl)#... • Layer 4 fields: - There are two types of multiple Layer 3 and Layer 4 fields. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series first ACE, even though they are being sent to host 10.1.1.2 on these masks can be a combination of ...
User Guide
Page 29
...Permitted Number of user-defined masks allowed in security ACLs. For more information, refer to an interface. therefore, a Ethernet switch network module supports this combination, the ACL is not configured. Table 5 lists a summary of service (QoS...Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Note In an IP extended ACL (both named and numbered), a Layer 4 system-defined mask cannot precede a Layer 3 user-defined mask. The Ethernet switch network module ACL configuration is allowed, but cannot be implemented on the Ethernet switch network module...
...Permitted Number of user-defined masks allowed in security ACLs. For more information, refer to an interface. therefore, a Ethernet switch network module supports this combination, the ACL is not configured. Table 5 lists a summary of service (QoS...Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Note In an IP extended ACL (both named and numbered), a Layer 4 system-defined mask cannot precede a Layer 3 user-defined mask. The Ethernet switch network module ACL configuration is allowed, but cannot be implemented on the Ethernet switch network module...
User Guide
Page 31
...network, and the granularity of 5 and Voice Control plane traffic marked with different class information. The class information in the packet. When a packet enters the Layer 2 engine directly from another. Any voice bearer packets that are then serviced on the Fast Ethernet ports. Actions at the ingress interface...the Ethernet switch network module. If the queue has no packets to -end QoS solution. The Ethernet switch network module can ...6 Queues, CoS values, and Weights for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Note Layer 3 IPv6 ...
...network, and the granularity of 5 and Voice Control plane traffic marked with different class information. The class information in the packet. When a packet enters the Layer 2 engine directly from another. Any voice bearer packets that are then serviced on the Fast Ethernet ports. Actions at the ingress interface...the Ethernet switch network module. If the queue has no packets to -end QoS solution. The Ethernet switch network module can ...6 Queues, CoS values, and Weights for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Note Layer 3 IPv6 ...
User Guide
Page 33
...using the service-policy interface configuration command. The policy map can include setting a specific DSCP value in class maps with the ACL, you enter the class-map global configuration command, the switch enters the class-map configuration mode. and 36-port Ethernet switch network modules. • System... see the "Guidelines for each one type of a policy map. In this mode, you define the match criterion for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview • Configuration of a deny action is a mechanism that you have a class map that uses ...
...using the service-policy interface configuration command. The policy map can include setting a specific DSCP value in class maps with the ACL, you enter the class-map global configuration command, the switch enters the class-map configuration mode. and 36-port Ethernet switch network modules. • System... see the "Guidelines for each one type of a policy map. In this mode, you define the match criterion for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview • Configuration of a deny action is a mechanism that you have a class map that uses ...
User Guide
Page 35
...number of VLANs is related to those interfaces associated with a specific VLAN ID egressing from the CPU to the interface. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview • On an interface configured for a particular multicast group, ... time. The packets can be 200, under the 242 limit. Maximum Number of service. On a trunk interface configured for your network. Mapping Tables The Ethernet switch network modules support these types of marking to apply to the switch: • CoS value to the DSCP value ...
...number of VLANs is related to those interfaces associated with a specific VLAN ID egressing from the CPU to the interface. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview • On an interface configured for a particular multicast group, ... time. The packets can be 200, under the 242 limit. Maximum Number of service. On a trunk interface configured for your network. Mapping Tables The Ethernet switch network modules support these types of marking to apply to the switch: • CoS value to the DSCP value ...
User Guide
Page 36
...original leave message. Immediate-Leave Processing IGMP snooping Immediate-Leave processing allows the switch to remove an interface that sends a leave message from which it receives an IGMP join request. Multicast group membership lists...Cisco 3700 Series associated multicast forwarding table entry. The switch learns of such ports through PIM-DVMRP packets, use the Immediate-Leave processing feature only on VLANs where only one of 255 IP multicast groups and support both user-defined and IGMP snooping-learned settings. Feature Overview 16- Ethernet switch network modules...
...original leave message. Immediate-Leave Processing IGMP snooping Immediate-Leave processing allows the switch to remove an interface that sends a leave message from which it receives an IGMP join request. Multicast group membership lists...Cisco 3700 Series associated multicast forwarding table entry. The switch learns of such ports through PIM-DVMRP packets, use the Immediate-Leave processing feature only on VLANs where only one of 255 IP multicast groups and support both user-defined and IGMP snooping-learned settings. Feature Overview 16- Ethernet switch network modules...
User Guide
Page 37
... them to Figure 16. Refer to the CPU. The entry in the forwarding table. 16- and 36-Port Ethernet Switch Module for the multicast group. Figure 16 Initial IGMP Join Message Cisco router with Ethernet switch network module 1 IGMP Report 224.1.2.3 CPU port Multicast Forwarding Table 88849 2 3 4 5 Host 1 Host 2 Host 3 Host 4 Table 7 IP Multicast Forwarding Table...
... them to Figure 16. Refer to the CPU. The entry in the forwarding table. 16- and 36-Port Ethernet Switch Module for the multicast group. Figure 16 Initial IGMP Join Message Cisco router with Ethernet switch network module 1 IGMP Report 224.1.2.3 CPU port Multicast Forwarding Table 88849 2 3 4 5 Host 1 Host 2 Host 3 Host 4 Table 7 IP Multicast Forwarding Table...
User Guide
Page 38
... the interfaces. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. and 36-Port Ethernet Switch Module for the specific multicast group. The switch only forwards IP multicast group traffic to the VLAN. Cisco IOS ... router continues forwarding the multicast traffic to those hosts listed in traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module 1 CPU port Multicast Forwarding Table 88848 2 3 4 5 Host 1 ...
... the interfaces. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. and 36-Port Ethernet Switch Module for the specific multicast group. The switch only forwards IP multicast group traffic to the VLAN. Cisco IOS ... router continues forwarding the multicast traffic to those hosts listed in traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module 1 CPU port Multicast Forwarding Table 88848 2 3 4 5 Host 1 ...
User Guide
Page 40
... work as a component of deploying and managing key systems or PBXs in Cisco AVVID Architecture This section describes the Ethernet switching capabilities of the Ethernet switch network module, which the switch resumes normal forwarding. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Per-Port Storm-Control A packet storm occurs when a large...
... work as a component of deploying and managing key systems or PBXs in Cisco AVVID Architecture This section describes the Ethernet switching capabilities of the Ethernet switch network module, which the switch resumes normal forwarding. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Per-Port Storm-Control A packet storm occurs when a large...
User Guide
Page 41
....2(8)T, and 12.2(15)ZJ 41 and 36-Port Ethernet Switch Module for using different configurations of the Ethernet switch network module. You can use to Cisco AVVID: • All switch ports are in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis ... send desired. Using Flow-Control Keywords Table 9 describes guidelines for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings with the set to a remote port. ...
....2(8)T, and 12.2(15)ZJ 41 and 36-Port Ethernet Switch Module for using different configurations of the Ethernet switch network module. You can use to Cisco AVVID: • All switch ports are in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis ... send desired. Using Flow-Control Keywords Table 9 describes guidelines for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings with the set to a remote port. ...