Software Guide
Page 1
Catalyst 2960 Switch Software Configuration Guide Cisco IOS Release 12.2(40)SE Revised September 2007 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-8603-04
Catalyst 2960 Switch Software Configuration Guide Cisco IOS Release 12.2(40)SE Revised September 2007 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-8603-04
Software Guide
Page 2
... OF DEALING, USAGE, OR TRADE PRACTICE. and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing,... Academy, Network Registrar, PIX, ProConnect, ScriptShare, SMARTnet, StackWise, The Fastest Way to be actual addresses. All other countries. Catalyst 2960 Switch Software Configuration Guide © 2006-2007 Cisco Systems, Inc.
... OF DEALING, USAGE, OR TRADE PRACTICE. and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing,... Academy, Network Registrar, PIX, ProConnect, ScriptShare, SMARTnet, StackWise, The Fastest Way to be actual addresses. All other countries. Catalyst 2960 Switch Software Configuration Guide © 2006-2007 Cisco Systems, Inc.
Software Guide
Page 3
... 1-6 VLAN Features 1-7 Security Features 1-7 QoS and CoS Features 1-9 Monitoring Features 1-10 Default Settings After Initial Switch Configuration 1-10 Network Configuration Examples 1-12 Design Concepts for Using the Switch 1-12 Small to Medium-Sized Network Using Catalyst 2960 Switches 1-16 Long-Distance, High-Bandwidth Transport Configuration 1-17 Where to Go Next 1-18 Using the Command...
... 1-6 VLAN Features 1-7 Security Features 1-7 QoS and CoS Features 1-9 Monitoring Features 1-10 Default Settings After Initial Switch Configuration 1-10 Network Configuration Examples 1-12 Design Concepts for Using the Switch 1-12 Small to Medium-Sized Network Using Catalyst 2960 Switches 1-16 Long-Distance, High-Bandwidth Transport Configuration 1-17 Where to Go Next 1-18 Using the Command...
Software Guide
Page 4
... Accessing the CLI 2-10 Accessing the CLI through a Console Connection or through Telnet 2-10 Assigning the Switch IP Address and Default Gateway 3-1 Understanding the Boot Process 3-1 Assigning Switch Information 3-2 Default Switch Information 3-3 Understanding DHCP-Based Autoconfiguration 3-3 DHCP Client Request Process 3-4 Configuring DHCP-Based Autoconfiguration 3-5 DHCP Server... Variables 3-14 Scheduling a Reload of the Software Image 3-16 Configuring a Scheduled Reload 3-16 Displaying Scheduled Reload Information 3-17 Catalyst 2960 Switch Software Configuration Guide iv OL-8603-04
... Accessing the CLI 2-10 Accessing the CLI through a Console Connection or through Telnet 2-10 Assigning the Switch IP Address and Default Gateway 3-1 Understanding the Boot Process 3-1 Assigning Switch Information 3-2 Default Switch Information 3-3 Understanding DHCP-Based Autoconfiguration 3-3 DHCP Client Request Process 3-4 Configuring DHCP-Based Autoconfiguration 3-5 DHCP Server... Variables 3-14 Scheduling a Reload of the Software Image 3-16 Configuring a Scheduled Reload 3-16 Displaying Scheduled Reload Information 3-17 Catalyst 2960 Switch Software Configuration Guide iv OL-8603-04
Software Guide
Page 5
...Cisco IOS CNS Agent 4-9 Enabling an Initial Configuration 4-9 Enabling a Partial Configuration 4-11 Displaying CNS Configuration 4-12 Clustering Switches 5-1 Understanding Switch Clusters 5-1 Cluster Command Switch Characteristics 5-3 Standby Cluster Command Switch Characteristics 5-3 Candidate Switch and Cluster Member Switch Characteristics 5-3 Planning a Switch...Different VLANs 5-6 Discovery Through Different Management VLANs 5-7 Discovery of Newly Installed Switches 5-8 HSRP and Standby Cluster Command Switches 5-9 Virtual IP Addresses 5-10 Other Considerations for Cluster Standby Groups 5-...
...Cisco IOS CNS Agent 4-9 Enabling an Initial Configuration 4-9 Enabling a Partial Configuration 4-11 Displaying CNS Configuration 4-12 Clustering Switches 5-1 Understanding Switch Clusters 5-1 Cluster Command Switch Characteristics 5-3 Standby Cluster Command Switch Characteristics 5-3 Candidate Switch and Cluster Member Switch Characteristics 5-3 Planning a Switch...Different VLANs 5-6 Discovery Through Different Management VLANs 5-7 Discovery of Newly Installed Switches 5-8 HSRP and Standby Cluster Command Switches 5-9 Virtual IP Addresses 5-10 Other Considerations for Cluster Standby Groups 5-...
Software Guide
Page 6
...5-13 SNMP Community Strings 5-13 TACACS+ and RADIUS 5-14 LRE Profiles 5-14 Using the CLI to Manage Switch Clusters 5-14 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-14 Using SNMP to Manage Switch Clusters 5-15 6 C H A P T E R Administering the Switch 6-1 Managing the System Time and Date 6-1 Understanding the System Clock 6-1 Understanding Network Time Protocol 6-2 Configuring ... a Message-of-the-Day Login Banner 6-18 Configuring a Login Banner 6-19 Managing the MAC Address Table 6-19 Building the Address Table 6-20 Catalyst 2960 Switch Software Configuration Guide vi OL-8603-04
...5-13 SNMP Community Strings 5-13 TACACS+ and RADIUS 5-14 LRE Profiles 5-14 Using the CLI to Manage Switch Clusters 5-14 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-14 Using SNMP to Manage Switch Clusters 5-15 6 C H A P T E R Administering the Switch 6-1 Managing the System Time and Date 6-1 Understanding the System Clock 6-1 Understanding Network Time Protocol 6-2 Configuring ... a Message-of-the-Day Login Banner 6-18 Configuring a Login Banner 6-19 Managing the MAC Address Table 6-19 Building the Address Table 6-20 Catalyst 2960 Switch Software Configuration Guide vi OL-8603-04
Software Guide
Page 7
... Understanding the SDM Templates 7-1 Configuring the Switch SDM Template 7-2 Default SDM Template 7-2 SDM Template Configuration Guidelines 7-2 Setting the SDM... Template 7-2 .Displaying the SDM Templates 7-3 Configuring Switch-Based Authentication 8-1 Preventing Unauthorized Access to Your Switch 8-1 Protecting Access to Privileged EXEC Commands 8-2 Default Password and Privilege... the Default Privilege Level for Lines 8-9 Logging into and Exiting a Privilege Level 8-9 Controlling Switch Access with TACACS+ 8-10 Understanding TACACS+ 8-10 TACACS+ Operation 8-12 Configuring TACACS+ 8-12...
... Understanding the SDM Templates 7-1 Configuring the Switch SDM Template 7-2 Default SDM Template 7-2 SDM Template Configuration Guidelines 7-2 Setting the SDM... Template 7-2 .Displaying the SDM Templates 7-3 Configuring Switch-Based Authentication 8-1 Preventing Unauthorized Access to Your Switch 8-1 Protecting Access to Privileged EXEC Commands 8-2 Default Password and Privilege... the Default Privilege Level for Lines 8-9 Logging into and Exiting a Privilege Level 8-9 Controlling Switch Access with TACACS+ 8-10 Understanding TACACS+ 8-10 TACACS+ Operation 8-12 Configuring TACACS+ 8-12...
Software Guide
Page 8
...Versions 8-33 Limitations 8-34 Configuring SSH 8-34 Configuration Guidelines 8-34 Setting Up the Switch to Run SSH 8-35 Configuring the SSH Server 8-36 Displaying the SSH Configuration and Status 8-37 Configuring the Switch for Secure Socket Layer HTTP 8-37 Understanding Secure HTTP Servers and Clients 8-37 Certificate ... the Secure HTTP Server 8-41 Configuring the Secure HTTP Client 8-43 Displaying Secure HTTP Server and Client Status 8-43 Configuring the Switch for Secure Copy Protocol 8-43 Information About Secure Copy 8-44 Catalyst 2960 Switch Software Configuration Guide viii OL-8603-04
...Versions 8-33 Limitations 8-34 Configuring SSH 8-34 Configuration Guidelines 8-34 Setting Up the Switch to Run SSH 8-35 Configuring the SSH Server 8-36 Displaying the SSH Configuration and Status 8-37 Configuring the Switch for Secure Socket Layer HTTP 8-37 Understanding Secure HTTP Servers and Clients 8-37 Certificate ... the Secure HTTP Server 8-41 Configuring the Secure HTTP Client 8-43 Displaying Secure HTTP Server and Client Status 8-43 Configuring the Switch for Secure Copy Protocol 8-43 Information About Secure Copy 8-44 Catalyst 2960 Switch Software Configuration Guide viii OL-8603-04
Software Guide
Page 9
... 9-21 MAC Authentication Bypass 9-22 Upgrading from a Previous Software Release 9-22 Configuring IEEE 802.1x Authentication 9-22 Configuring the Switch-to-RADIUS-Server Communication 9-24 Configuring the Host Mode 9-25 Configuring Periodic Re-Authentication 9-25 Manually Re-Authenticating a Client Connected... to a Port 9-26 Changing the Quiet Period 9-26 Changing the Switch-to-Client Retransmission Time 9-27 Setting the Switch-to-Client Frame-Retransmission Number 9-28 Setting the Re-Authentication Number 9-28 Configuring IEEE 802.1x Accounting ...
... 9-21 MAC Authentication Bypass 9-22 Upgrading from a Previous Software Release 9-22 Configuring IEEE 802.1x Authentication 9-22 Configuring the Switch-to-RADIUS-Server Communication 9-24 Configuring the Host Mode 9-25 Configuring Periodic Re-Authentication 9-25 Manually Re-Authenticating a Client Connected... to a Port 9-26 Changing the Quiet Period 9-26 Changing the Switch-to-Client Retransmission Time 9-27 Setting the Switch-to-Client Frame-Retransmission Number 9-28 Setting the Re-Authentication Number 9-28 Configuring IEEE 802.1x Accounting ...
Software Guide
Page 10
... 9-41 Displaying IEEE 802.1x Statistics and Status 9-41 10 C H A P T E R Configuring Interface Characteristics 10-1 Understanding Interface Types 10-1 Port-Based VLANs 10-2 Switch Ports 10-2 Access Ports 10-2 Trunk Ports 10-3 EtherChannel Port Groups 10-3 Dual-Purpose Uplink Ports 10-4 Connecting Interfaces 10-4 Using Interface Configuration Mode 10...Resetting Interfaces and Counters 10-19 Shutting Down and Restarting the Interface 10-19 11 C H A P T E R Configuring Smartports Macros 11-1 Understanding Smartports Macros 11-1 Catalyst 2960 Switch Software Configuration Guide x OL-8603-04
... 9-41 Displaying IEEE 802.1x Statistics and Status 9-41 10 C H A P T E R Configuring Interface Characteristics 10-1 Understanding Interface Types 10-1 Port-Based VLANs 10-2 Switch Ports 10-2 Access Ports 10-2 Trunk Ports 10-3 EtherChannel Port Groups 10-3 Dual-Purpose Uplink Ports 10-4 Connecting Interfaces 10-4 Using Interface Configuration Mode 10...Resetting Interfaces and Counters 10-19 Shutting Down and Restarting the Interface 10-19 11 C H A P T E R Configuring Smartports Macros 11-1 Understanding Smartports Macros 11-1 Catalyst 2960 Switch Software Configuration Guide x OL-8603-04
Software Guide
Page 11
...8603-04 Configuring Smartports Macros 11-2 Default Smartports Macro Configuration 11-2 Smartports Macro Configuration Guidelines 11-2 Creating Smartports Macros 11-4 Applying Smartports Macros 11-5 Applying Cisco-Default Smartports Macros 11-6 Displaying Smartports Macros 11-8 Configuring VLANs 12-1 Understanding VLANs 12-1 Supported VLANs 12-2 VLAN Port Membership Modes 12-3 Configuring Normal-...18 Changing the Pruning-Eligible List 12-19 Configuring the Native VLAN for Untagged Traffic 12-19 Configuring Trunk Ports for Load Sharing 12-20 Catalyst 2960 Switch Software Configuration Guide xi
...8603-04 Configuring Smartports Macros 11-2 Default Smartports Macro Configuration 11-2 Smartports Macro Configuration Guidelines 11-2 Creating Smartports Macros 11-4 Applying Smartports Macros 11-5 Applying Cisco-Default Smartports Macros 11-6 Displaying Smartports Macros 11-8 Configuring VLANs 12-1 Understanding VLANs 12-1 Supported VLANs 12-2 VLAN Port Membership Modes 12-3 Configuring Normal-...18 Changing the Pruning-Eligible List 12-19 Configuring the Native VLAN for Untagged Traffic 12-19 Configuring Trunk Ports for Load Sharing 12-20 Catalyst 2960 Switch Software Configuration Guide xi
Software Guide
Page 46
... following: • Cost-effective Gigabit-to-the-desktop for LRE information. To prevent congestion, use the Cisco Catalyst 2960 switches in the access layer to a Gigabit multilayer switch with a dedicated 1-Gb/s connection to network resources, you can use QoS DSCP marking priorities on IEEE ... capability, such as existing telephone lines. See the documentation sets specific to -the-Desktop) Catalyst 3750 switches Access-layer Catalyst switches 89373 1-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 Figure 1-1 High-Performance Workgroup (Gigabit-to these...
... following: • Cost-effective Gigabit-to-the-desktop for LRE information. To prevent congestion, use the Cisco Catalyst 2960 switches in the access layer to a Gigabit multilayer switch with a dedicated 1-Gb/s connection to network resources, you can use QoS DSCP marking priorities on IEEE ... capability, such as existing telephone lines. See the documentation sets specific to -the-Desktop) Catalyst 3750 switches Access-layer Catalyst switches 89373 1-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 Figure 1-1 High-Performance Workgroup (Gigabit-to these...
Software Guide
Page 47
Chapter 1 Overview WAN Cisco 2600 router Access-layer Catalyst switches Network Configuration Examples 89374 • Server aggregation (Figure 1-2)-You can use the switches to interconnect groups of servers, centralizing physical security and administration of servers connected to switches, which have redundant Gigabit...core. Using SFP modules provides flexibility in the data flow. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-15 Security features on the switches provide preferential treatment for certain data streams. They segment traffic streams into different paths...
Chapter 1 Overview WAN Cisco 2600 router Access-layer Catalyst switches Network Configuration Examples 89374 • Server aggregation (Figure 1-2)-You can use the switches to interconnect groups of servers, centralizing physical security and administration of servers connected to switches, which have redundant Gigabit...core. Using SFP modules provides flexibility in the data flow. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-15 Security features on the switches provide preferential treatment for certain data streams. They segment traffic streams into different paths...
Software Guide
Page 48
...-IP (VoIP) gateway services, and WAN and Internet access. 1-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 This network uses Catalyst 2960 switches with high-speed connections to two routers. The switches are providing inter-VLAN routing. Cisco CallManager controls call processing, routing, and Cisco IP Phone features and configuration. This network uses VLANs to...
...-IP (VoIP) gateway services, and WAN and Internet access. 1-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 This network uses Catalyst 2960 switches with high-speed connections to two routers. The switches are providing inter-VLAN routing. Cisco CallManager controls call processing, routing, and Cisco IP Phone features and configuration. This network uses VLANs to...
Software Guide
Page 50
Where to Go Next Chapter 1 Overview Figure 1-4 Long-Distance, High-Bandwidth Transport Configuration Access layer Aggregation layer 8 Gbps Catalyst switches CWDM OADM modules Eight 1-Gbps connections CWDM OADM modules Catalyst 4500 multilayer switches Where to Go Next Before configuring the switch, review these sections for startup information: • Chapter 2, "Using the Command-Line Interface" • Chapter 3, "Assigning the Switch IP Address and Default Gateway" 95750 1-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
Where to Go Next Chapter 1 Overview Figure 1-4 Long-Distance, High-Bandwidth Transport Configuration Access layer Aggregation layer 8 Gbps Catalyst switches CWDM OADM modules Eight 1-Gbps connections CWDM OADM modules Catalyst 4500 multilayer switches Where to Go Next Before configuring the switch, review these sections for startup information: • Chapter 2, "Using the Command-Line Interface" • Chapter 3, "Assigning the Switch IP Address and Default Gateway" 95750 1-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
Software Guide
Page 91
... 5-1 For more information about Network Assistant, including introductory information on Catalyst 2960 switch clusters. You can configure and troubleshoot a group of these other switches. The switches in the cluster use the switch clustering technology so that are configured with Cisco Network Assistant, available on ACLs, see the switch command reference. For complete procedures, see Getting Started with...
... 5-1 For more information about Network Assistant, including introductory information on Catalyst 2960 switch clusters. You can configure and troubleshoot a group of these other switches. The switches in the cluster use the switch clustering technology so that are configured with Cisco Network Assistant, available on ACLs, see the switch command reference. For complete procedures, see Getting Started with...
Software Guide
Page 92
... for the Catalyst 1900, Catalyst 2820, Catalyst 2900 XL, Catalyst 2950, and Catalyst 3500 XL switches. For complete information about these switches in the cluster) network. This conserves on page 5-4. Table 5-1 Switch Software and Cluster Capability Switch Catalyst 3750 Catalyst 3560 Catalyst 3550 Catalyst 2970 Catalyst 2960 Catalyst 2955 Catalyst 2950 Catalyst 2950 LRE Catalyst 2940 Catalyst 3500 XL Catalyst 2900 XL (8-MB switches) Catalyst 2900 XL (4-MB switches) Catalyst 1900 and 2820 Cisco IOS...
... for the Catalyst 1900, Catalyst 2820, Catalyst 2900 XL, Catalyst 2950, and Catalyst 3500 XL switches. For complete information about these switches in the cluster) network. This conserves on page 5-4. Table 5-1 Switch Software and Cluster Capability Switch Catalyst 3750 Catalyst 3560 Catalyst 3550 Catalyst 2970 Catalyst 2960 Catalyst 2955 Catalyst 2950 Catalyst 2950 LRE Catalyst 2940 Catalyst 3500 XL Catalyst 2900 XL (8-MB switches) Catalyst 2900 XL (4-MB switches) Catalyst 1900 and 2820 Cisco IOS...
Software Guide
Page 93
... have actually been added to all other cluster member switches (except the cluster command and standby command switches) through a common VLAN. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-3 To join a cluster, a candidate switch must meet these requirements: • It is running Cisco IOS 12.2(25)FX or later. • It has an IP address...
... have actually been added to all other cluster member switches (except the cluster command and standby command switches) through a common VLAN. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-3 To join a cluster, a candidate switch must meet these requirements: • It is running Cisco IOS 12.2(25)FX or later. • It has an IP address...
Software Guide
Page 94
... Members The cluster command switch uses Cisco Discovery Protocol (CDP) to the cluster command switch and standby cluster command switches. Catalyst 2960 Switch Software Configuration Guide 5-4 OL-8603-04 Planning a Switch Cluster Anticipating conflicts and compatibility issues is connected to the cluster command switch through their management VLAN to discover cluster member switches, candidate switches, neighboring switch clusters, and edge devices...
... Members The cluster command switch uses Cisco Discovery Protocol (CDP) to the cluster command switch and standby cluster command switches. Catalyst 2960 Switch Software Configuration Guide 5-4 OL-8603-04 Planning a Switch Cluster Anticipating conflicts and compatibility issues is connected to the cluster command switch through their management VLAN to discover cluster member switches, candidate switches, neighboring switch clusters, and edge devices...
Software Guide
Page 244
... should be in the same configuration mode. 11-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 This could cause commands that follow exit, end, or interface interface-id to your application. Cisco-default Smartports macros vary depending on the software version running on the usage of pretested, Cisco-recommended baseline configuration templates for Catalyst switches.
... should be in the same configuration mode. 11-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 This could cause commands that follow exit, end, or interface interface-id to your application. Cisco-default Smartports macros vary depending on the software version running on the usage of pretested, Cisco-recommended baseline configuration templates for Catalyst switches.