Software Guide
Page 2
... INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Changing the Way We Work, Live, Play, and ...Increase Your Internet Quotient, TransPath, and VCO are trademarks of Cisco Systems, Inc.; and certain other company. (0304R) Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Copyright © 2000-2003, Cisco Systems, Inc. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR ...
... INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Changing the Way We Work, Live, Play, and ...Increase Your Internet Quotient, TransPath, and VCO are trademarks of Cisco Systems, Inc.; and certain other company. (0304R) Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Copyright © 2000-2003, Cisco Systems, Inc. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR ...
Software Guide
Page 19
... and Unauthorized States 31-4 Authentication Server 31-5 802.1x Parameters Configurable on the Switch 31-6 802.1x VLAN Assignment Using a RADIUS Server 31-6 Authentication Default Configuration 31-7 Authentication ... for Individual Ports 31-9 Setting and Enabling Automatic Reauthentication of the Host 31-10 Manually Reauthenticating the Host 31-10 Enabling Multiple Hosts 31-11 Disabling Multiple Hosts 31-11...Retransmission Time for EAP-Request/Identity Frames 31-12 Setting the Supplicant-to-Host Retransmission Time for EAP-Request Frames 31-12 Setting the Back-End Authenticator-to-Authentication-Server...
... and Unauthorized States 31-4 Authentication Server 31-5 802.1x Parameters Configurable on the Switch 31-6 802.1x VLAN Assignment Using a RADIUS Server 31-6 Authentication Default Configuration 31-7 Authentication ... for Individual Ports 31-9 Setting and Enabling Automatic Reauthentication of the Host 31-10 Manually Reauthenticating the Host 31-10 Enabling Multiple Hosts 31-11 Disabling Multiple Hosts 31-11...Retransmission Time for EAP-Request/Identity Frames 31-12 Setting the Supplicant-to-Host Retransmission Time for EAP-Request Frames 31-12 Setting the Back-End Authenticator-to-Authentication-Server...
Software Guide
Page 43
...pressing Ctrl-C within the first 5 seconds of a Catalyst 4003 switch. cpu sdram: . switch port 5: . switch port 10: . You can load a system image manually from Flash memory or the network interface (me1). switch port 8: . temperature sensor: . Power-on 1999.03....a1:00 through 00:d0:58:70:a4:ff (1024 addresses) Installed memory: 32 MB Testing LEDs.... switch port 7: . WS-X4012 bootrom version 4.5(1), built on -self-test for Module 2: WS-X4148 Port status: (. = Pass, F = Fail) 1: . 2: . 3: . 4: . 5: . 6: . 7: . 9: . 10: . 11: . 12: . 13: . 14: . 15: . 17: . 18: . 19: . 20: ...
...pressing Ctrl-C within the first 5 seconds of a Catalyst 4003 switch. cpu sdram: . switch port 5: . switch port 10: . You can load a system image manually from Flash memory or the network interface (me1). switch port 8: . temperature sensor: . Power-on 1999.03....a1:00 through 00:d0:58:70:a4:ff (1024 addresses) Installed memory: 32 MB Testing LEDs.... switch port 7: . WS-X4012 bootrom version 4.5(1), built on -self-test for Module 2: WS-X4148 Port status: (. = Pass, F = Fail) 1: . 2: . 3: . 4: . 5: . 6: . 7: . 9: . 10: . 11: . 12: . 13: . 14: . 15: . 17: . 18: . 19: . 20: ...
Software Guide
Page 47
... DHCP server. If the me1 interface is configured and the sc0 interface is received from the DHCP server: • Manual allocation-The network administrator maps the switch MAC address to 10 seconds after all the supported options that are specified in the DHCPOFFER message are present. The... are contained in the DHCPDISCOVER message. The address is configured down to allow the switch to the request, the switch takes appropriate action. Table 3-1 Supported DHCP Options Code 1 2 3 6 12 15 28 33 42 51 52 61 66 Option Subnet mask Time offset Router Domain name server Hostname ...
... DHCP server. If the me1 interface is configured and the sc0 interface is received from the DHCP server: • Manual allocation-The network administrator maps the switch MAC address to 10 seconds after all the supported options that are specified in the DHCPOFFER message are present. The... are contained in the DHCPDISCOVER message. The address is configured down to allow the switch to the request, the switch takes appropriate action. Table 3-1 Supported DHCP Options Code 1 2 3 6 12 15 28 33 42 51 52 61 66 Option Subnet mask Time offset Router Domain name server Hostname ...
Software Guide
Page 53
... Interface sl0 slip and destination address set. To use DHCP or RARP to obtain an IP address for the switch, perform this step is necessary only if using the manual allocation method.) show interface sl0: flags=51 slip 10.1.1.1 dest 10.1.1.2 sc0: flags=63 vlan 522 inet 172... this task: Step 1 Step 2 Step 3 Task Access the switch from a remote host with Telnet. Console> (enable) slip detach SLIP detached on the switch. Obtain the last address in the MAC address range for the console port. Cisco Systems, Inc. Enter privileged mode on Console port. Disable SLIP for...
... Interface sl0 slip and destination address set. To use DHCP or RARP to obtain an IP address for the switch, perform this step is necessary only if using the manual allocation method.) show interface sl0: flags=51 slip 10.1.1.1 dest 10.1.1.2 sc0: flags=63 vlan 522 inet 172... this task: Step 1 Step 2 Step 3 Task Access the switch from a remote host with Telnet. Console> (enable) slip detach SLIP detached on the switch. Obtain the last address in the MAC address range for the console port. Cisco Systems, Inc. Enter privileged mode on Console port. Disable SLIP for...
Software Guide
Page 54
... with address 00:90:0c:5a:8f:ff Sending DHCP packet with address: 00:90:0c:5a:8f:ff dhcpoffer Sending DHCP packet with the manual or automatic allocation methods.) Set the sc0 interface IP address to '', offset from DHCP Server 172.20.25.254 Console> (enable) show interface address, subnet...privileged mode: Task Renew the lease on a DHCP-assigned IP address. Release the lease on a DHCP-assigned IP address. The switch broadcasts DHCP and RARP requests only when the switch boots up. NTP server 172.16.25.253 added NTP server 172.16.25.252 added %MGMT-5-DHCP_S:Assigned IP address 172...
... with address 00:90:0c:5a:8f:ff Sending DHCP packet with address: 00:90:0c:5a:8f:ff dhcpoffer Sending DHCP packet with the manual or automatic allocation methods.) Set the sc0 interface IP address to '', offset from DHCP Server 172.20.25.254 Console> (enable) show interface address, subnet...privileged mode: Task Renew the lease on a DHCP-assigned IP address. Release the lease on a DHCP-assigned IP address. The switch broadcasts DHCP and RARP requests only when the switch boots up. NTP server 172.16.25.253 added NTP server 172.16.25.252 added %MGMT-5-DHCP_S:Assigned IP address 172...
Software Guide
Page 63
you can manually prevent a particular port from being enabled by setting...disable errdisable timeout for any process. Console>(enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 4-7 A global timer is maintained for the port is enabled (you specify a...Port Timeout Periods A port is reenabled automatically after a selected time interval. Chapter 4 Configuring Ethernet and Fast Ethernet Switching Configuring Ethernet and Fast Ethernet Ports This example shows how to 450 seconds. At every t seconds, where t ...
you can manually prevent a particular port from being enabled by setting...disable errdisable timeout for any process. Console>(enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 4-7 A global timer is maintained for the port is enabled (you specify a...Port Timeout Periods A port is reenabled automatically after a selected time interval. Chapter 4 Configuring Ethernet and Fast Ethernet Switching Configuring Ethernet and Fast Ethernet Ports This example shows how to 450 seconds. At every t seconds, where t ...
Software Guide
Page 77
...using the show commands do not have a maximum of an EtherChannel. • PAgP and LACP manage channels differently. you have to be configured manually, with PAgP on one channel group at the same speed and duplex mode (full duplex only for LACP mode). • Enable all ports... and receiving traffic with different port path costs, set back to full duplex. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-3 A syslog message is up or down . When all the ports in an EtherChannel to operate at the same...
...using the show commands do not have a maximum of an EtherChannel. • PAgP and LACP manage channels differently. you have to be configured manually, with PAgP on one channel group at the same speed and duplex mode (full duplex only for LACP mode). • Enable all ports... and receiving traffic with different port path costs, set back to full duplex. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-3 A syslog message is up or down . When all the ports in an EtherChannel to operate at the same...
Software Guide
Page 80
...group can assign an administrative group number manually or let the system software assign the ...Information, page 6-10 • Displaying EtherChannel Traffic Statistics, page 6-11 • Displaying EtherChannel PAgP Statistics, page 6-12 Note Before you configure as follows: • A port in desirable mode can form an EtherChannel successfully with another ...EtherChannel. The ID can change if the EtherChannel is torn down and renegotiated, or if the switch is automatically assigned a unique EtherChannel ID. Configuring EtherChannel Using PAgP Chapter 6 Configuring Fast EtherChannel and...
...group can assign an administrative group number manually or let the system software assign the ...Information, page 6-10 • Displaying EtherChannel Traffic Statistics, page 6-11 • Displaying EtherChannel PAgP Statistics, page 6-12 Note Before you configure as follows: • A port in desirable mode can form an EtherChannel successfully with another ...EtherChannel. The ID can change if the EtherChannel is torn down and renegotiated, or if the switch is automatically assigned a unique EtherChannel ID. Configuring EtherChannel Using PAgP Chapter 6 Configuring Fast EtherChannel and...
Software Guide
Page 81
... 3/6 WS-C4000 Console> (enable) Defining an EtherChannel Administrative Group You can be removed from and then added to spanning tree (that are configuring. Administrative group membership is defined automatically. The admin_group can define EtherChannel administrative groups manually to on...addition, a channel ID is not already assigned to forwarding mode). 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-7 Caution Modifying the EtherChannel administrative group on | off | desirable | auto} [silent | ...
... 3/6 WS-C4000 Console> (enable) Defining an EtherChannel Administrative Group You can be removed from and then added to spanning tree (that are configuring. Administrative group membership is defined automatically. The admin_group can define EtherChannel administrative groups manually to on...addition, a channel ID is not already assigned to forwarding mode). 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-7 Caution Modifying the EtherChannel administrative group on | off | desirable | auto} [silent | ...
Software Guide
Page 90
...channeling, use LACP. Spanning tree loops can occur, and eventually the switch will pass over the EtherChannel. Switch_A> (enable) show port channel Port Status Channel... Channel Neighbor Neighbor mode status device port 2/1 connected on channel WS-C4003 JAB023806LN( 3/1 2/2 connected on channel WS-C4003 JAB023806LN( 3/2 Switch_A> (enable) Switch_B> (enable) show port channel ... EtherChannel bundle is connected to another port group in on , and you may manually turn channeling off by setting the port channel mode to off Description Mode that ...
...channeling, use LACP. Spanning tree loops can occur, and eventually the switch will pass over the EtherChannel. Switch_A> (enable) show port channel Port Status Channel... Channel Neighbor Neighbor mode status device port 2/1 connected on channel WS-C4003 JAB023806LN( 3/1 2/2 connected on channel WS-C4003 JAB023806LN( 3/2 Switch_A> (enable) Switch_B> (enable) show port channel ... EtherChannel bundle is connected to another port group in on , and you may manually turn channeling off by setting the port channel mode to off Description Mode that ...
Software Guide
Page 91
...LACP packets it ; The following parameters: • System priority Each switch running LACP must have been assigned the same administrative key. The administrative key defines the ability of compatible ports in a manually configured channel using the on page 6-19). Configuration constraints that are compatible... (for example, the remote system might have an administrative key value. The switch uses the MAC address and the system priority ...
...LACP packets it ; The following parameters: • System priority Each switch running LACP must have been assigned the same administrative key. The administrative key defines the ability of compatible ports in a manually configured channel using the on page 6-19). Configuration constraints that are compatible... (for example, the remote system might have an administrative key value. The switch uses the MAC address and the system priority ...
Software Guide
Page 100
... elected as the root switch. • The shortest distance to the root. • A port for each port that is based on page 7-26. You can also manually assign port costs between 1-65535. The short method uses a 16-bit format that have not been specifically configured for calculating port ...cost. Note You should configure all switches in the frame to the root switch. • Ports included in the STP are...
... elected as the root switch. • The shortest distance to the root. • A port for each port that is based on page 7-26. You can also manually assign port costs between 1-65535. The short method uses a 16-bit format that have not been specifically configured for calculating port ...cost. Note You should configure all switches in the frame to the root switch. • Ports included in the STP are...
Software Guide
Page 101
... to the cost of the aggregate link increases or decreases. Understanding Spanning Tree Port States Topology changes can start forwarding frames. When a switch port transitions directly from a 10-Gbps aggregate link). Recalculation may not be desirable, especially if the added or removed link is of ...little consequence to expire for frames that is removed from nonparticipation in bandwidth lead to the forwarding state, it can also manually assign port costs between 1-200,000,000. These changes in the topology to the recalculation of the aggregate link (for new topology...
... to the cost of the aggregate link increases or decreases. Understanding Spanning Tree Port States Topology changes can start forwarding frames. When a switch port transitions directly from a 10-Gbps aggregate link). Recalculation may not be desirable, especially if the added or removed link is of ...little consequence to expire for frames that is removed from nonparticipation in bandwidth lead to the forwarding state, it can also manually assign port costs between 1-200,000,000. These changes in the topology to the recalculation of the aggregate link (for new topology...
Software Guide
Page 114
...Instances 1 through 15 are the same. - Setting the CST partitions to 16 instances; Note You must set and update the revision number manually, because it does not auto-increment each hop, the difference in the message age is in the order of all the VLANs called ...as follows: • The same values for each time you commit the MST configuration. 7-18 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Understanding How MST Works Chapter 7 Configuring Spanning Tree To the spanning tree protocol running in the...
...Instances 1 through 15 are the same. - Setting the CST partitions to 16 instances; Note You must set and update the revision number manually, because it does not auto-increment each hop, the difference in the message age is in the order of all the VLANs called ...as follows: • The same values for each time you commit the MST configuration. 7-18 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Understanding How MST Works Chapter 7 Configuring Spanning Tree To the spanning tree protocol running in the...
Software Guide
Page 115
... the configuration. You can take up any port role except a backup port role. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 7-19 Further configuration is mapped. There is no limit on the boundary if it detects an STP bridge or receives... port. You must agree upon the connections to VLAN 4095 are redundantly connected, all the bridges inside the region must configure each byte manually. An MST bridge accepts an MST BPDU only if the MST BPDU configuration ID and the checksum match its own MST region configuration ID...
... the configuration. You can take up any port role except a backup port role. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 7-19 Further configuration is mapped. There is no limit on the boundary if it detects an STP bridge or receives... port. You must agree upon the connections to VLAN 4095 are redundantly connected, all the bridges inside the region must configure each byte manually. An MST bridge accepts an MST BPDU only if the MST BPDU configuration ID and the checksum match its own MST region configuration ID...
Software Guide
Page 133
...00 49153 (bridge priority: 49152, sys ID ext: 1) 6 Hello Time 2 sec Forward Delay 15 sec Port Inst Port-State Cost Prio Portfast Channel_id 2/12 1 forwarding 22222222 40 disabled 0 Determining an MISTP Instance-VLAN Mapping Conflicts A VLAN can only be active. • You can map as many Ethernet ...or MISTP • You can only map Ethernet VLANs to MISTP instances. • At least one VLAN in the instance must manually remove the incorrect mapping(s) from the root switch. If you wish to an MISTP instance. • You cannot map a VLAN to blocking mode. To map a VLAN to ...
...00 49153 (bridge priority: 49152, sys ID ext: 1) 6 Hello Time 2 sec Forward Delay 15 sec Port Inst Port-State Cost Prio Portfast Channel_id 2/12 1 forwarding 22222222 40 disabled 0 Determining an MISTP Instance-VLAN Mapping Conflicts A VLAN can only be active. • You can map as many Ethernet ...or MISTP • You can only map Ethernet VLANs to MISTP instances. • At least one VLAN in the instance must manually remove the incorrect mapping(s) from the root switch. If you wish to an MISTP instance. • You cannot map a VLAN to blocking mode. To map a VLAN to ...
Software Guide
Page 158
...BPDUs, instead of whether PortFast is connected to the forwarding or blocking state. The BPDU guard feature provides a secure response to a switch port. When the switch powers up, or when a device is enabled. When the Forward Delay timer expires a second time, the port is connected to...Guard Works You can use PortFast to connect a single end station or a switch port to invalid configurations because the administrator must manually put the interface back in service. after you enable PortFast on a switch or trunk port, the port is supported only on nontrunking access ports because...
...BPDUs, instead of whether PortFast is connected to the forwarding or blocking state. The BPDU guard feature provides a secure response to a switch port. When the switch powers up, or when a device is enabled. When the Forward Delay timer expires a second time, the port is connected to...Guard Works You can use PortFast to connect a single end station or a switch port to invalid configurations because the administrator must manually put the interface back in service. after you enable PortFast on a switch or trunk port, the port is supported only on nontrunking access ports because...
Software Guide
Page 192
...the final, desired configuration. one specific VTP instance. 9-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 In VTP version 3, you manually designate it will not propagate its configuration until you are the result of a misconfiguration or an independent ...might not be resolved by VTP. Understanding How VTP Version 3 Works Figure 9-4 VTP Version 3: Partitioned VTP Domain Domain Cisco Primary Server X Domain Cisco Primary Server Y Chapter 9 Configuring VTP 94282 Partitions exist because of a misconfigured...
...the final, desired configuration. one specific VTP instance. 9-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 In VTP version 3, you manually designate it will not propagate its configuration until you are the result of a misconfiguration or an independent ...might not be resolved by VTP. Understanding How VTP Version 3 Works Figure 9-4 VTP Version 3: Partitioned VTP Domain Domain Cisco Primary Server X Domain Cisco Primary Server Y Chapter 9 Configuring VTP 94282 Partitions exist because of a misconfigured...
Software Guide
Page 208
...Work Chapter 10 Configuring VLANs Figure 10-1 VLANs as port-based, or static, VLAN membership. Port VLAN membership on the switch is known as Logically Defined Networks Cisco router Catalyst 4000 Engineering VLAN Marketing VLAN Fast Ethernet Catalyst 4000 Catalyst 4000 Accounting VLAN Floor 3 Floor 2 43990 Floor ... using this method, it is assigned manually on the same VLAN directly without a router. When you change the IP address and assign the interface to any VLAN, so that you must be routed. The in-band (sc0) interface of a switch can be assigned to a different VLAN...
...Work Chapter 10 Configuring VLANs Figure 10-1 VLANs as port-based, or static, VLAN membership. Port VLAN membership on the switch is known as Logically Defined Networks Cisco router Catalyst 4000 Engineering VLAN Marketing VLAN Fast Ethernet Catalyst 4000 Catalyst 4000 Accounting VLAN Floor 3 Floor 2 43990 Floor ... using this method, it is assigned manually on the same VLAN directly without a router. When you change the IP address and assign the interface to any VLAN, so that you must be routed. The in-band (sc0) interface of a switch can be assigned to a different VLAN...