Software Guide
Page 1
Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Software Release 8.1 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7815486= Text Part Number: 78-15486-01
Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Software Release 8.1 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7815486= Text Part Number: 78-15486-01
Software Guide
Page 2
... imply a partnership relationship between Cisco and any other company. (0304R) Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Copyright © 2000-2003, Cisco Systems, Inc. and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet...
... imply a partnership relationship between Cisco and any other company. (0304R) Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Copyright © 2000-2003, Cisco Systems, Inc. and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet...
Software Guide
Page 3
... Ordering Documentation xxvii Documentation Feedback xxviii Obtaining Technical Assistance xxviii Cisco.com xxviii Technical Assistance Center xxix Obtaining Additional Publications and Information xxx Product Overview 1-1 Catalyst 4000 Series Switches 1-1 Catalyst 2948G Switch 1-2 Catalyst 2980G Switch 1-3 Supervisor Engine Software 1-3 Using the Command-Line Interface 2-1 Switch CLI Overview 2-1 Accessing the Switch CLI 2-2 Accessing the CLI Through the Console Port 2-2 Accessing the...
... Ordering Documentation xxvii Documentation Feedback xxviii Obtaining Technical Assistance xxviii Cisco.com xxviii Technical Assistance Center xxix Obtaining Additional Publications and Information xxx Product Overview 1-1 Catalyst 4000 Series Switches 1-1 Catalyst 2948G Switch 1-2 Catalyst 2980G Switch 1-3 Supervisor Engine Software 1-3 Using the Command-Line Interface 2-1 Switch CLI Overview 2-1 Accessing the Switch CLI 2-2 Accessing the CLI Through the Console Port 2-2 Accessing the...
Software Guide
Page 4
... 2-8 Specifying IP Addresses, Host Names, and IP Aliases 2-8 ROM Monitor CLI 2-9 Example of a Catalyst 4003 Bootup Display 2-9 Configuring the Switch IP Address and Default Gateway 3-1 Understanding How the Switch Management Interfaces Work 3-1 Understanding How Automatic IP Configuration Works 3-2 Automatic IP Configuration Overview 3-2 Understanding DHCP ... State Ethernet and Fast Ethernet Port Timeout Periods 4-7 Checking Ethernet and Fast Ethernet Port Connectivity 4-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 iv 78-15486-01
... 2-8 Specifying IP Addresses, Host Names, and IP Aliases 2-8 ROM Monitor CLI 2-9 Example of a Catalyst 4003 Bootup Display 2-9 Configuring the Switch IP Address and Default Gateway 3-1 Understanding How the Switch Management Interfaces Work 3-1 Understanding How Automatic IP Configuration Works 3-2 Automatic IP Configuration Overview 3-2 Understanding DHCP ... State Ethernet and Fast Ethernet Port Timeout Periods 4-7 Checking Ethernet and Fast Ethernet Port Connectivity 4-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 iv 78-15486-01
Software Guide
Page 5
Contents 5 C H A P T E R 6 C H A P T E R 78-15486-01 Configuring Gigabit Ethernet Switching 5-1 Understanding How Gigabit Ethernet Works 5-1 Understanding How Gigabit Ethernet Flow Control Works 5-1 Understanding How Port Negotiation Works 5-3 Understanding How Oversubscribed ...EtherChannel Bundle 6-9 Displaying EtherChannel Configuration Information 6-10 Displaying EtherChannel Traffic Statistics 6-11 Displaying EtherChannel PAgP Statistics 6-12 EtherChannel Configuration Examples 6-12 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 v
Contents 5 C H A P T E R 6 C H A P T E R 78-15486-01 Configuring Gigabit Ethernet Switching 5-1 Understanding How Gigabit Ethernet Works 5-1 Understanding How Gigabit Ethernet Flow Control Works 5-1 Understanding How Port Negotiation Works 5-3 Understanding How Oversubscribed ...EtherChannel Bundle 6-9 Displaying EtherChannel Configuration Information 6-10 Displaying EtherChannel Traffic Statistics 6-11 Displaying EtherChannel PAgP Statistics 6-12 EtherChannel Configuration Examples 6-12 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 v
Software Guide
Page 6
...22 7 C H A P T E R Configuring Spanning Tree 7-1 Understanding How STPs Work 7-2 Understanding How a Topology Is Created 7-2 Understanding How a Switch or Port Becomes the Root Switch or Root Port 7-3 Understanding BPDUs 7-4 Calculating and Assigning Port Costs 7-4 Understanding Spanning Tree Port States 7-5 Understanding How PVST+ and MISTP Modes Work 7-11...Tree Protocol 7-16 MST-to-SST Interoperability 7-17 Common Spanning Tree 7-18 MST Instances 7-18 MST Configuration 7-18 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 vi 78-15486-01
...22 7 C H A P T E R Configuring Spanning Tree 7-1 Understanding How STPs Work 7-2 Understanding How a Topology Is Created 7-2 Understanding How a Switch or Port Becomes the Root Switch or Root Port 7-3 Understanding BPDUs 7-4 Calculating and Assigning Port Costs 7-4 Understanding Spanning Tree Port States 7-5 Understanding How PVST+ and MISTP Modes Work 7-11...Tree Protocol 7-16 MST-to-SST Interoperability 7-17 Common Spanning Tree 7-18 MST Instances 7-18 MST Configuration 7-18 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 vi 78-15486-01
Software Guide
Page 7
...MISTP Instance 7-36 Disabling MISTP-PVST+ or MISTP 7-39 Configuring a Root Switch 7-39 Configuring a Primary Root Switch 7-39 Configuring a Secondary Root Switch 7-40 Configuring a Root Switch to Improve Convergence 7-41 Using Root Guard-Preventing Switches from Becoming Root 7-43 Displaying Spanning Tree BPDU Statistics 7-43 Configuring Spanning...57 Configuring Spanning Tree PortFast, BPDU Guard, BPDU Filter, UplinkFast, BackboneFast, and Loop Guard 8-1 Understanding How PortFast Works 8-1 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 vii
...MISTP Instance 7-36 Disabling MISTP-PVST+ or MISTP 7-39 Configuring a Root Switch 7-39 Configuring a Primary Root Switch 7-39 Configuring a Secondary Root Switch 7-40 Configuring a Root Switch to Improve Convergence 7-41 Using Root Guard-Preventing Switches from Becoming Root 7-43 Displaying Spanning Tree BPDU Statistics 7-43 Configuring Spanning...57 Configuring Spanning Tree PortFast, BPDU Guard, BPDU Filter, UplinkFast, BackboneFast, and Loop Guard 8-1 Understanding How PortFast Works 8-1 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 vii
Software Guide
Page 8
... VTP Version 2 9-3 Understanding VTP Pruning 9-4 Default VTP Version 1 and Version 2 Configuration 9-5 VTP Version 1 and Version 2 Configuration Guidelines 9-6 Configuring VTP Version 1 and Version 2 9-6 Configuring a VTP Server 9-7 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 viii 78-15486-01
... VTP Version 2 9-3 Understanding VTP Pruning 9-4 Default VTP Version 1 and Version 2 Configuration 9-5 VTP Version 1 and Version 2 Configuration Guidelines 9-6 Configuring VTP Version 1 and Version 2 9-6 Configuring a VTP Server 9-7 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 viii 78-15486-01
Software Guide
Page 9
... How VLANs Work 10-1 VLAN Ranges 10-3 Configurable VLAN Parameters 10-4 VLAN Default Configuration 10-4 VLAN Configuration Guidelines 10-5 Configuring VLANs on the Switch 10-6 Creating or Modifying an Ethernet VLAN 10-6 Creating or Modifying a Normal-Range Ethernet VLAN 10-7 Creating or Modifying an Extended-Range VLAN ...10-9 Assigning Switch Ports to a VLAN 10-10 Mapping 802.1Q VLANs to ISL VLANs 10-11 Clearing 802.1Q-to-ISL VLAN Mappings 10-12 Deleting...
... How VLANs Work 10-1 VLAN Ranges 10-3 Configurable VLAN Parameters 10-4 VLAN Default Configuration 10-4 VLAN Configuration Guidelines 10-5 Configuring VLANs on the Switch 10-6 Creating or Modifying an Ethernet VLAN 10-6 Creating or Modifying a Normal-Range Ethernet VLAN 10-7 Creating or Modifying an Extended-Range VLAN ...10-9 Assigning Switch Ports to a VLAN 10-10 Mapping 802.1Q VLANs to ISL VLANs 10-11 Clearing 802.1Q-to-ISL VLAN Mappings 10-12 Deleting...
Software Guide
Page 10
... 12-7 Configuring VMPS Clients 12-8 Monitoring VMPS 12-9 Maintaining VMPS 12-9 Configuring Static Ports 12-10 Troubleshooting VMPS and Dynamic Port VLAN Membership 12-11 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 x 78-15486-01
... 12-7 Configuring VMPS Clients 12-8 Monitoring VMPS 12-9 Maintaining VMPS 12-9 Configuring Static Ports 12-10 Troubleshooting VMPS and Dynamic Port VLAN Membership 12-11 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 x 78-15486-01
Software Guide
Page 11
...GVRP Works 13-1 GVRP Hardware and Software Requirements 13-1 Default GVRP Configuration 13-2 GVRP Configuration Guidelines 13-2 Configuring GVRP on the Switch 13-2 Enabling GVRP Globally 13-2 Enabling GVRP on Individual 802.1Q Trunk Ports 13-3 Enabling GVRP Dynamic VLAN Creation 13-4 ... Value for the Switch 14-5 Reverting to the Default Switch CoS Value 14-5 Mapping CoS Values to Transmit Queues and Drop Thresholds 14-6 Reverting to the Default CoS-to-Transmit Queue and Drop Threshold Mapping 14-6 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
...GVRP Works 13-1 GVRP Hardware and Software Requirements 13-1 Default GVRP Configuration 13-2 GVRP Configuration Guidelines 13-2 Configuring GVRP on the Switch 13-2 Enabling GVRP Globally 13-2 Enabling GVRP on Individual 802.1Q Trunk Ports 13-3 Enabling GVRP Dynamic VLAN Creation 13-4 ... Value for the Switch 14-5 Reverting to the Default Switch CoS Value 14-5 Mapping CoS Values to Transmit Queues and Drop Thresholds 14-6 Reverting to the Default CoS-to-Transmit Queue and Drop Threshold Mapping 14-6 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
Software Guide
Page 12
...15-8 Configuring GMRP 15-9 GMRP Software Requirements 15-9 Default GMRP Configuration 15-9 Enabling GMRP Globally 15-9 Enabling GMRP on Individual Switch Ports 15-10 Disabling GMRP on Individual Switch Ports 15-10 Enabling GMRP Forward-All Option 15-11 Disabling GMRP Forward-All Option 15-11 Configuring GMRP Registration 15-12... Router Ports and Group Entries 15-15 Specifying Multicast Router Ports 15-16 Configuring Multicast Groups 15-16 Disabling Multicast Router Ports 15-17 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xii 78-15486-01
...15-8 Configuring GMRP 15-9 GMRP Software Requirements 15-9 Default GMRP Configuration 15-9 Enabling GMRP Globally 15-9 Enabling GMRP on Individual Switch Ports 15-10 Disabling GMRP on Individual Switch Ports 15-10 Enabling GMRP Forward-All Option 15-11 Disabling GMRP Forward-All Option 15-11 Configuring GMRP Registration 15-12... Router Ports and Group Entries 15-15 Specifying Multicast Router Ports 15-16 Configuring Multicast Groups 15-16 Disabling Multicast Router Ports 15-17 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xii 78-15486-01
Software Guide
Page 13
...MAC Address 16-2 Blocking Unicast Flood Packets on Secure Ports 16-3 Port Security Configuration Guidelines 16-3 Configuring Port Security on the Switch 16-3 Enabling Port Security 16-3 Setting the Maximum Number of Secure MAC Addresses 16-4 Setting the Port Security Age Time 16-5... 17-1 Understanding How Unicast Flood Blocking Works 17-1 Configuration Guidelines for Unicast Flood Blocking 17-2 Configuring Unicast Flood Blocking on the Switch 17-2 Enabling Unicast Flood Blocking 17-2 Disabling Unicast Flood Blocking 17-3 Displaying Unicast Flood Blocking 17-3 Configuring the IP Permit List...
...MAC Address 16-2 Blocking Unicast Flood Packets on Secure Ports 16-3 Port Security Configuration Guidelines 16-3 Configuring Port Security on the Switch 16-3 Enabling Port Security 16-3 Setting the Maximum Number of Secure MAC Addresses 16-4 Setting the Port Security Age Time 16-5... 17-1 Understanding How Unicast Flood Blocking Works 17-1 Configuration Guidelines for Unicast Flood Blocking 17-2 Configuring Unicast Flood Blocking on the Switch 17-2 Enabling Unicast Flood Blocking 17-2 Disabling Unicast Flood Blocking 17-3 Displaying Unicast Flood Blocking 17-3 Configuring the IP Permit List...
Software Guide
Page 14
... Configuring Protocol Filtering 19-1 Understanding How Protocol Filtering Works 19-1 Default Protocol Filtering Configuration 19-2 Configuring Protocol Filtering on the Switch 19-2 Configuring Protocol Filtering 19-2 Disabling Protocol Filtering 19-3 Checking Status and Connectivity 20-1 Checking Module Status 20-1 Checking Port...CDP 21-1 Understanding How CDP Works 21-1 Default CDP Configuration 21-2 Configuring CDP on the Switch 21-2 Setting the CDP Global Enable State 21-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xiv 78-15486-01
... Configuring Protocol Filtering 19-1 Understanding How Protocol Filtering Works 19-1 Default Protocol Filtering Configuration 19-2 Configuring Protocol Filtering on the Switch 19-2 Configuring Protocol Filtering 19-2 Disabling Protocol Filtering 19-3 Checking Status and Connectivity 20-1 Checking Module Status 20-1 Checking Port...CDP 21-1 Understanding How CDP Works 21-1 Default CDP Configuration 21-2 Configuring CDP on the Switch 21-2 Setting the CDP Global Enable State 21-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xiv 78-15486-01
Software Guide
Page 220
... of the ports that are connected to a phone. Configuring Auxiliary VLANs Chapter 10 Configuring VLANs Figure 10-2 Switch-to-Phone Connections Cisco IP Phone 7960 Catalyst switch 10/100 module Phone ASIC P2 P1 3-port P3 switch Access port Workstation/PC 38204 When the IP phone connects to a 10/100 port on the VLAN supporting...
... of the ports that are connected to a phone. Configuring Auxiliary VLANs Chapter 10 Configuring VLANs Figure 10-2 Switch-to-Phone Connections Cisco IP Phone 7960 Catalyst switch 10/100 module Phone ASIC P2 P1 3-port P3 switch Access port Workstation/PC 38204 When the IP phone connects to a 10/100 port on the VLAN supporting...
Software Guide
Page 431
If there is an example of this device type. Table 28-3 Switch Components Supporting Inline Power Switch Chassis Catalyst 4006 Catalyst 4503 Catalyst 4506 Modules WS-X4148-RJ45V WS-X4148-RJ45V Power Supplies Catalyst 4000 Series Power Entry Module (PEM) 1300 W AC 2800 W AC 1400 W DC You can supply inline power to the powered device if there is no...
If there is an example of this device type. Table 28-3 Switch Components Supporting Inline Power Switch Chassis Catalyst 4006 Catalyst 4503 Catalyst 4506 Modules WS-X4148-RJ45V WS-X4148-RJ45V Power Supplies Catalyst 4000 Series Power Entry Module (PEM) 1300 W AC 2800 W AC 1400 W DC You can supply inline power to the powered device if there is no...
Software Guide
Page 434
... that is connected to redundant mode. Figure 28-1 Power Detection Summary Catalyst Switch Inline power switching module Cisco legacy powered device Switching module discovers the powered device using proprietary discovery mechanism Inline power switching module Inline power switching module Third party powered device Wall-power Switching module will not know about powered device unless powered device has a separate...
... that is connected to redundant mode. Figure 28-1 Power Detection Summary Catalyst Switch Inline power switching module Cisco legacy powered device Switching module discovers the powered device using proprietary discovery mechanism Inline power switching module Inline power switching module Third party powered device Wall-power Switching module will not know about powered device unless powered device has a separate...
Software Guide
Page 452
... None specified 5 sec 0 (servers not marked dead) 2 times 30-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Configuring Authentication Chapter 30 Configuring Switch Access Using AAA Figure 30-2 Non-Kerberized Telnet Connection Host (Telnet client) Kerberos server (contains KDC) 1 2 3 Catalyst switch 55510 Configuring Authentication The following sections describe how to...
... None specified 5 sec 0 (servers not marked dead) 2 times 30-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Configuring Authentication Chapter 30 Configuring Switch Access Using AAA Figure 30-2 Non-Kerberized Telnet Connection Host (Telnet client) Kerberos server (contains KDC) 1 2 3 Catalyst switch 55510 Configuring Authentication The following sections describe how to...
Software Guide
Page 500
...the controlled port opens, allowing normal traffic to the host. 31-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 it is reencapsulated in Cisco Secure Access Control Server version 3.0. The RADIUS client encapsulates and decapsulates the.... (See Figure 31-1.) Figure 31-1 802.1x Device Roles Workstations (supplicants) Catalyst switch Authentication server (RADIUS) 79599 • Host-Requests access to the LAN and switch services and responds to requests from the authentication server, the server's frame header ...
...the controlled port opens, allowing normal traffic to the host. 31-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 it is reencapsulated in Cisco Secure Access Control Server version 3.0. The RADIUS client encapsulates and decapsulates the.... (See Figure 31-1.) Figure 31-1 802.1x Device Roles Workstations (supplicants) Catalyst switch Authentication server (RADIUS) 79599 • Host-Requests access to the LAN and switch services and responds to requests from the authentication server, the server's frame header ...
Software Guide
Page 501
... that is followed by one or more requests for authentication information). When the host supplies its identity (typically, the switch sends an initial identity/request frame that the host has been successfully authenticated. Chapter 31 Configuring 802.1x Authentication Understanding ...not receive an EAP-request/identity frame after three attempts to request the host's identity. Figure 31-2 Message Exchange Supplicant Catalyst switch Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS ...
... that is followed by one or more requests for authentication information). When the host supplies its identity (typically, the switch sends an initial identity/request frame that the host has been successfully authenticated. Chapter 31 Configuring 802.1x Authentication Understanding ...not receive an EAP-request/identity frame after three attempts to request the host's identity. Figure 31-2 Message Exchange Supplicant Catalyst switch Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS ...