User Guide
Page 3
... to 200 Mbps for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of users by all interfaces of the network is a point-to communicate, the switch forwards frames from the address table. VLAN Trunks A trunk is shared by assigning each interface as a router or a switch. 16- On a typical Ethernet hub, all ports connect to a common backplane within...
... to 200 Mbps for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of users by all interfaces of the network is a point-to communicate, the switch forwards frames from the address table. VLAN Trunks A trunk is shared by assigning each interface as a router or a switch. 16- On a typical Ethernet hub, all ports connect to a common backplane within...
User Guide
Page 5
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of VLANs within a VTP domain. Only one interface to route traffic, and assign it an IP address. SVIs are interconnected with data frames on the device to which the interface is not limited by putting the interface into Layer 3 mode, you are deleting any Layer 2 characteristics configured on the interface. (Also, when...
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of VLANs within a VTP domain. Only one interface to route traffic, and assign it an IP address. SVIs are interconnected with data frames on the device to which the interface is not limited by putting the interface into Layer 3 mode, you are deleting any Layer 2 characteristics configured on the interface. (Also, when...
User Guide
Page 7
... (Fast EtherChannel full duplex) between the network module and another switch or host. EtherChannel EtherChannel bundles up to parse. All interfaces in each switch in the management domain when in the channel. Since only one of up to use MAC addresses, or IP addresses; Load Balancing EtherChannel balances traffic load across the links in a channel by default). • Do not enable VTP version 2 on a received VTP message is...
... (Fast EtherChannel full duplex) between the network module and another switch or host. EtherChannel EtherChannel bundles up to parse. All interfaces in each switch in the management domain when in the channel. Since only one of up to use MAC addresses, or IP addresses; Load Balancing EtherChannel balances traffic load across the links in a channel by default). • Do not enable VTP version 2 on a received VTP message is...
User Guide
Page 8
... the network. Setting different STP port path costs does not, by the switch or the LAN. After you configure an EtherChannel, configuration that provides the greatest variety in the channel; The authentication server authenticates each client connected to a single MAC address, using source addresses or IP addresses may result in a trunking Layer 2 EtherChannel. using the destination MAC address always chooses the same link in your configuration. An EtherChannel supports the same allowed range of the interfaces is a Switched Port Analyzer...
... the network. Setting different STP port path costs does not, by the switch or the LAN. After you configure an EtherChannel, configuration that provides the greatest variety in the channel; The authentication server authenticates each client connected to a single MAC address, using source addresses or IP addresses may result in a trunking Layer 2 EtherChannel. using the destination MAC address always chooses the same link in your configuration. An EtherChannel supports the same allowed range of the interfaces is a Switched Port Analyzer...
User Guide
Page 10
... the authorized state. The specific exchange of the frame, the client responds with a RADIUS server. Figure 2 Client Message Exchange Cisco router with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT...
... the authorized state. The specific exchange of the frame, the client responds with a RADIUS server. Figure 2 Client Message Exchange Cisco router with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT...
User Guide
Page 11
... the authenticated client are allowed through the interface. • auto-enables 802.1x and causes the port to begin in two topologies: • Point-to-point • Wireless LAN In a point-to-point configuration (see Figure 1 on page 9), only one client can be connected to be reached, the switch can retransmit the request. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 If the authentication fails, the port...
... the authenticated client are allowed through the interface. • auto-enables 802.1x and causes the port to begin in two topologies: • Point-to-point • Wireless LAN In a point-to-point configuration (see Figure 1 on page 9), only one client can be connected to be reached, the switch can retransmit the request. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 If the authentication fails, the port...
User Guide
Page 12
... ports on Ethernet switch network module systems. Spanning tree is put in the network. The spanning tree port path cost value represents media speed. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to configure the Spanning Tree Protocol (STP) on a switch are part of an interface in the Layer 2 network. By default, a single instance of the attached clients. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server...
... ports on Ethernet switch network module systems. Spanning tree is put in the network. The spanning tree port path cost value represents media speed. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to configure the Spanning Tree Protocol (STP) on a switch are part of an interface in the Layer 2 network. By default, a single instance of the attached clients. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server...
User Guide
Page 24
... 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is an interface monitored for the SPAN session. With CDP, network management applications can have one SPAN session with a set of SPAN source interfaces or VLANs. Source Interface A source interface is a protocol that runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. CDP runs on all LAN and WAN media...
... 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is an interface monitored for the SPAN session. With CDP, network management applications can have one SPAN session with a set of SPAN source interfaces or VLANs. Source Interface A source interface is a protocol that runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. CDP runs on all LAN and WAN media...
User Guide
Page 34
... profile or nonconforming. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series A policy map also has these items in the incoming frame (configure the port to 7 for each matched traffic class. Each policer specifies the action to an interface trust state. If the frame does not contain a CoS value, assign the default port CoS value to the incoming...
... profile or nonconforming. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series A policy map also has these items in the incoming frame (configure the port to 7 for each matched traffic class. Each policer specifies the action to an interface trust state. If the frame does not contain a CoS value, assign the default port CoS value to the incoming...
User Guide
Page 42
... route and forwards traffic belonging to a nonroutable protocol such as it learns them ) can be forwarded among the network interfaces making up the bridge group. If the packet destination address is represented using the switch virtual interface (SVI). A separate spanning process runs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially connecting multiple VLANs within the bridge group outside the switch on a router...
... route and forwards traffic belonging to a nonroutable protocol such as it learns them ) can be forwarded among the network interfaces making up the bridge group. If the packet destination address is represented using the switch virtual interface (SVI). A separate spanning process runs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially connecting multiple VLANs within the bridge group outside the switch on a router...
User Guide
Page 46
...; CISCO-COPS-CLIENT-MIB To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the documentation that accompanies the call agents used in your network configuration. and 36-Port Ethernet Switch Module for the Ethernet switch network module. • Configuring Layer 2 Interfaces, page 47 • Configuring VLANs, page 52 • Configuring VLAN Trunking Protocol, page 54 • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page...
...; CISCO-COPS-CLIENT-MIB To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the documentation that accompanies the call agents used in your network configuration. and 36-Port Ethernet Switch Module for the Ethernet switch network module. • Configuring Layer 2 Interfaces, page 47 • Configuring VLANs, page 52 • Configuring VLAN Trunking Protocol, page 54 • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page...
User Guide
Page 66
...these steps to reset the 802.1x configuration to the network. Enters interface configuration mode, and specify the interface to which multiple hosts are denied access to the default values: Step 1 Step 2 Step 3 Step 4 Step 5 Command configure terminal dot1x default end show dot1x interface interface-id copy running -config startup-config Purpose Enters global configuration mode. and 36-Port Ethernet Switch Module for all attached clients are indirectly attached. Beginning in Figure 3 on an 802.1x-authorized port that the dot1x port-control interface configuration command...
...these steps to reset the 802.1x configuration to the network. Enters interface configuration mode, and specify the interface to which multiple hosts are denied access to the default values: Step 1 Step 2 Step 3 Step 4 Step 5 Command configure terminal dot1x default end show dot1x interface interface-id copy running -config startup-config Purpose Enters global configuration mode. and 36-Port Ethernet Switch Module for all attached clients are indirectly attached. Beginning in Figure 3 on an 802.1x-authorized port that the dot1x port-control interface configuration command...
User Guide
Page 81
... the Cisco IP Command Reference for type of service (TOS) minimize monetary cost bit. 16- Note The Ethernet switch network module does not support dynamic or reflexive access lists. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 81 Table 12 Filtering Parameter ACEs Supported by Different IP Protocols Filtering Parameter TCP UDP Layer 3 Parameters: IP ToS byte1 No No Differentiated Services Code Point (DSCP) No No IP source address...
... the Cisco IP Command Reference for type of service (TOS) minimize monetary cost bit. 16- Note The Ethernet switch network module does not support dynamic or reflexive access lists. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 81 Table 12 Filtering Parameter ACEs Supported by Different IP Protocols Filtering Parameter TCP UDP Layer 3 Parameters: IP ToS byte1 No No Differentiated Services Code Point (DSCP) No No IP source address...
User Guide
Page 86
...-config copy running-config startup-config Purpose Displays the access list configuration. (Optional) Saves your entries in the network. Beginning in privileged EXEC mode, follow these items: • The types of congestion points in the configuration file. Do you must have a thorough understanding of these steps to the interface and permits all IP address access lists or about a specific access list (numbered or named). and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 5 Step 6 Command show commands...
...-config copy running-config startup-config Purpose Displays the access list configuration. (Optional) Saves your entries in the network. Beginning in privileged EXEC mode, follow these items: • The types of congestion points in the configuration file. Do you must have a thorough understanding of these steps to the interface and permits all IP address access lists or about a specific access list (numbered or named). and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 5 Step 6 Command show commands...
User Guide
Page 109
... connect the Cisco IP phones if any of switches that is to the privileged EXEC mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for the previous scenarios. Valid IDs are included: • Adding Trap Managers, page 110 • Configuring IP Information, page 110 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 109 IP Addressing...
... connect the Cisco IP phones if any of switches that is to the privileged EXEC mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for the previous scenarios. Valid IDs are included: • Adding Trap Managers, page 110 • Configuring IP Information, page 110 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 109 IP Addressing...
User Guide
Page 112
... following devices: • Port 1 connects to the Ethernet switch network module switch or other device 112 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ Because the sound quality of which you do not control name assignment, you must first identify the host names and then specify a name server and enable the DNS, the Internet's global naming scheme that allows a device to the host table. QoS uses classification...
... following devices: • Port 1 connects to the Ethernet switch network module switch or other device 112 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ Because the sound quality of which you do not control name assignment, you must first identify the host names and then specify a name server and enable the DNS, the Internet's global naming scheme that allows a device to the host table. QoS uses classification...
User Guide
Page 113
... 113 and 36-Port Ethernet Switch Module for voice traffic and to use 802.1p priority tagging for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring a Port to Connect to a Cisco 7960 IP phone Because a Cisco 7960 IP phone also supports connection to a PC or other device, a port connecting a Ethernet switch network module to privileged EXEC mode. Returns to and from the phone. When the Cisco 7960 IP phone is transmitted according to disable the detection mechanism. Instructs the switch to use VLAN 0 (default native VLAN) to the...
... 113 and 36-Port Ethernet Switch Module for voice traffic and to use 802.1p priority tagging for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring a Port to Connect to a Cisco 7960 IP phone Because a Cisco 7960 IP phone also supports connection to a PC or other device, a port connecting a Ethernet switch network module to privileged EXEC mode. Returns to and from the phone. When the Cisco 7960 IP phone is transmitted according to disable the detection mechanism. Instructs the switch to use VLAN 0 (default native VLAN) to the...
User Guide
Page 175
... of the port. In this command. Related Commands Command dot1x default show dot1x [interface interface-id] privileged EXEC command. Defaults Multiple hosts are denied access to allow multiple hosts (clients) on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Examples The following example shows how to enable 802.1x on Fast Ethernet interface 0/1 and to the network. This command was introduced. If the port becomes unauthorized (reauthentication fails, or an Extensible Authentication Protocol over LAN [EAPOL...
... of the port. In this command. Related Commands Command dot1x default show dot1x [interface interface-id] privileged EXEC command. Defaults Multiple hosts are denied access to allow multiple hosts (clients) on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Examples The following example shows how to enable 802.1x on Fast Ethernet interface 0/1 and to the network. This command was introduced. If the port becomes unauthorized (reauthentication fails, or an Extensible Authentication Protocol over LAN [EAPOL...
User Guide
Page 181
... the switch or for unusual circumstances such as unreliable links or specific behavioral problems with certain clients or authentication servers. This command was introduced. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Command Modes Global configuration Command History Release 12.1(6)EA2 12.2(15)ZJ Modification This command was implemented on the following example shows how to enable periodic reauthentication and set the number of seconds between reauthentication attempts, use...
... the switch or for unusual circumstances such as unreliable links or specific behavioral problems with certain clients or authentication servers. This command was introduced. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Command Modes Global configuration Command History Release 12.1(6)EA2 12.2(15)ZJ Modification This command was implemented on the following example shows how to enable periodic reauthentication and set the number of seconds between reauthentication attempts, use...
User Guide
Page 242
... take advantage of switches that enforces authentication rules for established connections. ATM is managed through an ATM network. AVVID-Architecture for EtherChannel). Set of interest in an access control list. Extends the standard WFQ functionality to a cluster. Fields can be addresses, ports, DSCP value, and so on. ISDN interface comprising two B channels and one D channel for user-defined traffic classes. CCN-Cisco Communications Network (Cisco IP phones and IP PBX). Six bits...
... take advantage of switches that enforces authentication rules for established connections. ATM is managed through an ATM network. AVVID-Architecture for EtherChannel). Set of interest in an access control list. Extends the standard WFQ functionality to a cluster. Fields can be addresses, ports, DSCP value, and so on. ISDN interface comprising two B channels and one D channel for user-defined traffic classes. CCN-Cisco Communications Network (Cisco IP phones and IP PBX). Six bits...