Software Guide
Page 3
... Support, and Security Guidelines xxxii Overview 1-1 Features 1-1 Ease-of-Deployment and Ease-of-Use Features 1-1 Performance Features 1-2 Management Options 1-3 Manageability Features 1-4 Availability and Redundancy Features 1-6 VLAN Features 1-7 Security Features 1-7 QoS and CoS Features 1-9 Monitoring Features 1-10 Default Settings After Initial Switch Configuration 1-10 Network Configuration Examples 1-12 Design Concepts for Using...
... Support, and Security Guidelines xxxii Overview 1-1 Features 1-1 Ease-of-Deployment and Ease-of-Use Features 1-1 Performance Features 1-2 Management Options 1-3 Manageability Features 1-4 Availability and Redundancy Features 1-6 VLAN Features 1-7 Security Features 1-7 QoS and CoS Features 1-9 Monitoring Features 1-10 Default Settings After Initial Switch Configuration 1-10 Network Configuration Examples 1-12 Design Concepts for Using...
Software Guide
Page 5
...Hostname, DeviceID, and ConfigID 4-4 Understanding Cisco IOS Agents 4-5 Initial Configuration 4-5 Incremental (Partial) Configuration 4-6 Synchronized Configuration 4-6 Configuring Cisco IOS Agents 4-6 Enabling Automated CNS Configuration 4-6 Enabling the CNS Event Agent 4-8 Enabling the Cisco IOS CNS Agent 4-9 Enabling an Initial ...CDP Hops 5-5 Discovery Through Non-CDP-Capable and Noncluster-Capable Devices 5-6 Discovery Through Different VLANs 5-6 Discovery Through Different Management VLANs 5-7 Discovery of Newly Installed Switches 5-8 HSRP and Standby Cluster Command Switches 5-9 Virtual IP...
...Hostname, DeviceID, and ConfigID 4-4 Understanding Cisco IOS Agents 4-5 Initial Configuration 4-5 Incremental (Partial) Configuration 4-6 Synchronized Configuration 4-6 Configuring Cisco IOS Agents 4-6 Enabling Automated CNS Configuration 4-6 Enabling the CNS Event Agent 4-8 Enabling the Cisco IOS CNS Agent 4-9 Enabling an Initial ...CDP Hops 5-5 Discovery Through Non-CDP-Capable and Noncluster-Capable Devices 5-6 Discovery Through Different VLANs 5-6 Discovery Through Different Management VLANs 5-7 Discovery of Newly Installed Switches 5-8 HSRP and Standby Cluster Command Switches 5-9 Virtual IP...
Software Guide
Page 7
Contents 7 C H A P T E R 8 C H A P T E R OL-8603-04 MAC Addresses and VLANs 6-20 Default MAC Address Table Configuration 6-21 Changing the Address Aging Time 6-21 Removing Dynamic Address Entries 6-22 Configuring MAC Address Notification Traps 6-22 Adding ...
Contents 7 C H A P T E R 8 C H A P T E R OL-8603-04 MAC Addresses and VLANs 6-20 Default MAC Address Table Configuration 6-21 Changing the Address Aging Time 6-21 Removing Dynamic Address Entries 6-22 Configuring MAC Address Notification Traps 6-22 Adding ...
Software Guide
Page 9
...1x Accounting Attribute-Value Pairs 9-8 Using IEEE 802.1x Authentication with VLAN Assignment 9-9 Using IEEE 802.1x Authentication with Guest VLAN 9-11 Using IEEE 802.1x Authentication with Restricted VLAN 9-12 Using IEEE 802.1x Authentication with Inaccessible Authentication Bypass 9-... 802.1x Authentication Configuration 9-19 IEEE 802.1x Authentication Configuration Guidelines 9-20 IEEE 802.1x Authentication 9-20 VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass 9-21 MAC Authentication Bypass 9-22 Upgrading from a Previous Software Release 9-22 Configuring...
...1x Accounting Attribute-Value Pairs 9-8 Using IEEE 802.1x Authentication with VLAN Assignment 9-9 Using IEEE 802.1x Authentication with Guest VLAN 9-11 Using IEEE 802.1x Authentication with Restricted VLAN 9-12 Using IEEE 802.1x Authentication with Inaccessible Authentication Bypass 9-... 802.1x Authentication Configuration 9-19 IEEE 802.1x Authentication Configuration Guidelines 9-20 IEEE 802.1x Authentication 9-20 VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass 9-21 MAC Authentication Bypass 9-22 Upgrading from a Previous Software Release 9-22 Configuring...
Software Guide
Page 10
... Configuration to the Default Values 9-41 Displaying IEEE 802.1x Statistics and Status 9-41 10 C H A P T E R Configuring Interface Characteristics 10-1 Understanding Interface Types 10-1 Port-Based VLANs 10-2 Switch Ports 10-2 Access Ports 10-2 Trunk Ports 10-3 EtherChannel Port Groups 10-3 Dual-Purpose Uplink Ports 10-4 Connecting Interfaces 10-4 Using Interface Configuration...
... Configuration to the Default Values 9-41 Displaying IEEE 802.1x Statistics and Status 9-41 10 C H A P T E R Configuring Interface Characteristics 10-1 Understanding Interface Types 10-1 Port-Based VLANs 10-2 Switch Ports 10-2 Access Ports 10-2 Trunk Ports 10-3 EtherChannel Port Groups 10-3 Dual-Purpose Uplink Ports 10-4 Connecting Interfaces 10-4 Using Interface Configuration...
Software Guide
Page 11
... Cisco-Default Smartports Macros 11-6 Displaying Smartports Macros 11-8 Configuring VLANs 12-1 Understanding VLANs 12-1 Supported VLANs 12-2 VLAN Port Membership Modes 12-3 Configuring Normal-Range VLANs 12-4 Token Ring VLANs 12-5 Normal-Range VLAN Configuration Guidelines 12-5 VLAN Configuration Mode Options 12-6 VLAN Configuration in config-vlan Mode 12-6 VLAN Configuration in VLAN Database Configuration Mode 12-6 Saving VLAN Configuration 12-6 Default Ethernet VLAN...
... Cisco-Default Smartports Macros 11-6 Displaying Smartports Macros 11-8 Configuring VLANs 12-1 Understanding VLANs 12-1 Supported VLANs 12-2 VLAN Port Membership Modes 12-3 Configuring Normal-Range VLANs 12-4 Token Ring VLANs 12-5 Normal-Range VLAN Configuration Guidelines 12-5 VLAN Configuration Mode Options 12-6 VLAN Configuration in config-vlan Mode 12-6 VLAN Configuration in VLAN Database Configuration Mode 12-6 Saving VLAN Configuration 12-6 Default Ethernet VLAN...
Software Guide
Page 12
...12-20 Load Sharing Using STP Path Cost 12-22 Configuring VMPS 12-23 Understanding VMPS 12-24 Dynamic-Access Port VLAN Membership 12-24 Default VMPS Client Configuration 12-25 VMPS Configuration Guidelines 12-25 Configuring the VMPS Client 12-25 Entering...Pruning 13-4 Configuring VTP 13-6 Default VTP Configuration 13-6 VTP Configuration Options 13-7 VTP Configuration in Global Configuration Mode 13-7 VTP Configuration in VLAN Database Configuration Mode 13-7 VTP Configuration Guidelines 13-8 Domain Names 13-8 Passwords 13-8 VTP Version 13-8 Configuration Requirements 13-9 Configuring a VTP Server...
...12-20 Load Sharing Using STP Path Cost 12-22 Configuring VMPS 12-23 Understanding VMPS 12-24 Dynamic-Access Port VLAN Membership 12-24 Default VMPS Client Configuration 12-25 VMPS Configuration Guidelines 12-25 Configuring the VMPS Client 12-25 Entering...Pruning 13-4 Configuring VTP 13-6 Default VTP Configuration 13-6 VTP Configuration Options 13-7 VTP Configuration in Global Configuration Mode 13-7 VTP Configuration in VLAN Database Configuration Mode 13-7 VTP Configuration Guidelines 13-8 Domain Names 13-8 Passwords 13-8 VTP Version 13-8 Configuration Requirements 13-9 Configuring a VTP Server...
Software Guide
Page 13
... 13-14 Monitoring VTP 13-16 Configuring Voice VLAN 14-1 Understanding Voice VLAN 14-1 Cisco IP Phone Voice Traffic 14-2 Cisco IP Phone Data Traffic 14-2 Configuring Voice VLAN 14-3 Default Voice VLAN Configuration 14-3 Voice VLAN Configuration Guidelines 14-3 Configuring a Port Connected to a Cisco 7960 IP Phone 14-4 Configuring Cisco IP Phone Voice Traffic 14-4 Configuring the Priority...
... 13-14 Monitoring VTP 13-16 Configuring Voice VLAN 14-1 Understanding Voice VLAN 14-1 Cisco IP Phone Voice Traffic 14-2 Cisco IP Phone Data Traffic 14-2 Configuring Voice VLAN 14-3 Default Voice VLAN Configuration 14-3 Voice VLAN Configuration Guidelines 14-3 Configuring a Port Connected to a Cisco 7960 IP Phone 14-4 Configuring Cisco IP Phone Voice Traffic 14-4 Configuring the Priority...
Software Guide
Page 14
...-19 Configuring Spanning-Tree Timers 15-20 Configuring the Hello Time 15-20 Configuring the Forwarding-Delay Time for a VLAN 15-21 Configuring the Maximum-Aging Time for a VLAN 15-21 Configuring the Transmit Hold-Count 15-22 Displaying the Spanning-Tree Status 15-22 Configuring MSTP 16-1 Understanding MSTP 16-2 Multiple...
...-19 Configuring Spanning-Tree Timers 15-20 Configuring the Hello Time 15-20 Configuring the Forwarding-Delay Time for a VLAN 15-21 Configuring the Maximum-Aging Time for a VLAN 15-21 Configuring the Transmit Hold-Count 15-22 Displaying the Spanning-Tree Status 15-22 Configuring MSTP 16-1 Understanding MSTP 16-2 Multiple...
Software Guide
Page 16
... a TCN Event 18-13 Configuring the IGMP Snooping Querier 18-14 Disabling IGMP Report Suppression 18-15 Displaying IGMP Snooping Information 18-15 Understanding Multicast VLAN Registration 18-17 Using MVR in a Multicast Television Application 18-18 Configuring MVR 18-19 Default MVR Configuration 18-19 MVR Configuration Guidelines and Limitations...
... a TCN Event 18-13 Configuring the IGMP Snooping Querier 18-14 Disabling IGMP Report Suppression 18-15 Displaying IGMP Snooping Information 18-15 Understanding Multicast VLAN Registration 18-17 Using MVR in a Multicast Television Application 18-18 Configuring MVR 18-19 Default MVR Configuration 18-19 MVR Configuration Guidelines and Limitations...
Software Guide
Page 18
... 23-2 SPAN and RSPAN Concepts and Terminology 23-3 SPAN Sessions 23-3 Monitored Traffic 23-4 Source Ports 23-5 Source VLANs 23-6 VLAN Filtering 23-6 Destination Port 23-6 RSPAN VLAN 23-7 SPAN and RSPAN Interaction with Other Features 23-8 Configuring SPAN and RSPAN 23-9 Default SPAN and RSPAN Configuration ... 23-10 Creating a Local SPAN Session and Configuring Incoming Traffic 23-13 Specifying VLANs to Filter 23-14 Configuring RSPAN 23-15 RSPAN Configuration Guidelines 23-16 Configuring a VLAN as an RSPAN VLAN 23-16 Creating an RSPAN Source Session 23-17 Creating an RSPAN Destination Session ...
... 23-2 SPAN and RSPAN Concepts and Terminology 23-3 SPAN Sessions 23-3 Monitored Traffic 23-4 Source Ports 23-5 Source VLANs 23-6 VLAN Filtering 23-6 Destination Port 23-6 RSPAN VLAN 23-7 SPAN and RSPAN Interaction with Other Features 23-8 Configuring SPAN and RSPAN 23-9 Default SPAN and RSPAN Configuration ... 23-10 Creating a Local SPAN Session and Configuring Incoming Traffic 23-13 Specifying VLANs to Filter 23-14 Configuring RSPAN 23-15 RSPAN Configuration Guidelines 23-16 Configuring a VLAN as an RSPAN VLAN 23-16 Creating an RSPAN Source Session 23-17 Creating an RSPAN Destination Session ...
Software Guide
Page 19
Contents 24 C H A P T E R 25 C H A P T E R 26 C H A P T E R OL-8603-04 Creating an RSPAN Destination Session and Configuring Incoming Traffic 23-20 Specifying VLANs to Filter 23-21 Displaying SPAN and RSPAN Status 23-22 Configuring RMON 24-1 Understanding RMON 24-1 Configuring RMON 24-2 Default RMON Configuration 24-3 Configuring ...
Contents 24 C H A P T E R 25 C H A P T E R 26 C H A P T E R OL-8603-04 Creating an RSPAN Destination Session and Configuring Incoming Traffic 23-20 Specifying VLANs to Filter 23-21 Displaying SPAN and RSPAN Status 23-22 Configuring RMON 24-1 Understanding RMON 24-1 Configuring RMON 24-2 Default RMON Configuration 24-3 Configuring ...
Software Guide
Page 33
...see the release notes for this chapter are available only on the cryptographic (supports encryption) version of the software from Cisco.com. Features Some features described in this release. The switch has these features: • Ease-of-Deployment and...• Manageability Features, page 1-4 (includes a feature requiring the cryptographic version of the software) • Availability and Redundancy Features, page 1-6 • VLAN Features, page 1-7 • Security Features, page 1-7 (includes a feature requiring the cryptographic version of the software) • QoS and CoS Features, page...
...see the release notes for this chapter are available only on the cryptographic (supports encryption) version of the software from Cisco.com. Features Some features described in this release. The switch has these features: • Ease-of-Deployment and...• Manageability Features, page 1-4 (includes a feature requiring the cryptographic version of the software) • Availability and Redundancy Features, page 1-6 • VLAN Features, page 1-7 • Security Features, page 1-7 (includes a feature requiring the cryptographic version of the software) • QoS and CoS Features, page...
Software Guide
Page 34
...the physical LEDs. • Switch clustering technology for - For information about Express Setup, see the switch online help. • Cisco Network Assistant (hereafter referred to accomplish specific tasks. - Performance Features The switch ships with basic IP information, contact information, switch ... to provide only the minimum required information to those used on the images are similar to configure complex features such as VLANs, ACLs, and quality of their geographic proximity and interconnection media, including Ethernet, Fast Ethernet, Fast EtherChannel, small form-...
...the physical LEDs. • Switch clustering technology for - For information about Express Setup, see the switch online help. • Cisco Network Assistant (hereafter referred to accomplish specific tasks. - Performance Features The switch ships with basic IP information, contact information, switch ... to provide only the minimum required information to those used on the images are similar to configure complex features such as VLANs, ACLs, and quality of their geographic proximity and interconnection media, including Ethernet, Fast Ethernet, Fast EtherChannel, small form-...
Software Guide
Page 35
...system resources to maximize support for user-selected features • Cisco IOS IP Service Level Agreements (SLAs), a part of Cisco IOS software that uses active traffic monitoring for measuring network performance Support for Cisco IOS IP Service Level Agreements (SLAs) responder that is a...IPv6) multicast data to clients and routers in a switched network • Multicast VLAN registration (MVR) to continuously send multicast streams in a multicast VLAN while isolating the streams from subscriber VLANs for bandwidth and security reasons • IGMP filtering for controlling the set of ...
...system resources to maximize support for user-selected features • Cisco IOS IP Service Level Agreements (SLAs), a part of Cisco IOS software that uses active traffic monitoring for measuring network performance Support for Cisco IOS IP Service Level Agreements (SLAs) responder that is a...IPv6) multicast data to clients and routers in a switched network • Multicast VLAN registration (MVR) to continuously send multicast streams in a multicast VLAN while isolating the streams from subscriber VLANs for bandwidth and security reasons • IGMP filtering for controlling the set of ...
Software Guide
Page 38
...links on the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) for rapid convergence of spanning-tree instances - Rapid PVST+ for load balancing across VLANs - Per-VLAN spanning-tree plus (rapid-PVST+) based on fiber-optic interfaces caused by enabling a port to STP for load balancing across... change and for achieving load balancing between redundant uplinks, including Gigabit uplinks • IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) for grouping VLANs into a spanning-tree instance and for providing multiple forwarding paths for data traffic and load balancing and rapid per...
...links on the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) for rapid convergence of spanning-tree instances - Rapid PVST+ for load balancing across VLANs - Per-VLAN spanning-tree plus (rapid-PVST+) based on fiber-optic interfaces caused by enabling a port to STP for load balancing across... change and for achieving load balancing between redundant uplinks, including Gigabit uplinks • IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) for grouping VLANs into a spanning-tree instance and for providing multiple forwarding paths for data traffic and load balancing and rapid per...
Software Guide
Page 39
... to be a target device for IP SLAs active traffic monitoring • Web authentication to allow a supplicant (client) that carry upstream traffic from Cisco IP Phones • VLAN 1 minimization for VLAN IDs in the 1 to provide Layer 2 redundancy without requiring Spanning Tree Protocol (STP). Security Features The switch ships with appropriate network resources, traffic...
... to be a target device for IP SLAs active traffic monitoring • Web authentication to allow a supplicant (client) that carry upstream traffic from Cisco IP Phones • VLAN 1 minimization for VLAN IDs in the 1 to provide Layer 2 redundancy without requiring Spanning Tree Protocol (STP). Security Features The switch ships with appropriate network resources, traffic...
Software Guide
Page 40
... the HTTP 1.1 server authentication, encryption, and message integrity and HTTP client authentication to detect and recognize a Cisco IP phone. - Features Chapter 1 Overview • VLAN aware port security option to shut down the VLAN on the port when a violation occurs, instead of shutting down the entire port. • Port security aging to set the...
... the HTTP 1.1 server authentication, encryption, and message integrity and HTTP client authentication to detect and recognize a Cisco IP phone. - Features Chapter 1 Overview • VLAN aware port security option to shut down the VLAN on the port when a violation occurs, instead of shutting down the entire port. • Port security aging to set the...
Software Guide
Page 42
... that a packet takes from a source device to a destination device • Time Domain Reflector (TDR) to diagnose and resolve cabling problems on Cisco.com. 1-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 For more information, see Chapter 3, "Assigning the Switch IP Address and Default ...switch has learned or removed • Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) for traffic monitoring on any port or VLAN • SPAN and RSPAN support of Intrusion Detection Systems (IDS) to identify the physical path that provide port- For information about ...
... that a packet takes from a source device to a destination device • Time Domain Reflector (TDR) to diagnose and resolve cabling problems on Cisco.com. 1-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 For more information, see Chapter 3, "Assigning the Switch IP Address and Default ...switch has learned or removed • Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) for traffic monitoring on any port or VLAN • SPAN and RSPAN support of Intrusion Detection Systems (IDS) to identify the physical path that provide port- For information about ...
Software Guide
Page 43
..."Configuring Flex Links and the MAC Address-Table Move Update Feature." • DHCP snooping is disabled. The DHCP snooping information option is VLAN 1. For more information, see Chapter 9, "Configuring IEEE 802.1x Port-Based Authentication." • Port parameters - For more information,... Switch Configuration • No passwords are applied. Interface speed and duplex mode is Version 1. Trunk encapsulation is disabled. Voice VLAN is negotiate. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-11 For more information, see Chapter 13, "Configuring VTP...
..."Configuring Flex Links and the MAC Address-Table Move Update Feature." • DHCP snooping is disabled. The DHCP snooping information option is VLAN 1. For more information, see Chapter 9, "Configuring IEEE 802.1x Port-Based Authentication." • Port parameters - For more information,... Switch Configuration • No passwords are applied. Interface speed and duplex mode is Version 1. Trunk encapsulation is disabled. Voice VLAN is negotiate. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-11 For more information, see Chapter 13, "Configuring VTP...