Software Guide
Page 3
... 1-1 Ease-of-Deployment and Ease-of-Use Features 1-1 Performance Features 1-2 Management Options 1-3 Manageability Features 1-4 Availability and Redundancy Features 1-6 VLAN Features 1-7 Security Features 1-7 QoS and CoS Features 1-9... Monitoring Features 1-10 Default Settings After Initial Switch Configuration 1-10 Network Configuration Examples 1-12 Design Concepts for Using the Switch 1-12 Small to Medium-Sized Network Using Catalyst 2960 Switches...
... 1-1 Ease-of-Deployment and Ease-of-Use Features 1-1 Performance Features 1-2 Management Options 1-3 Manageability Features 1-4 Availability and Redundancy Features 1-6 VLAN Features 1-7 Security Features 1-7 QoS and CoS Features 1-9... Monitoring Features 1-10 Default Settings After Initial Switch Configuration 1-10 Network Configuration Examples 1-12 Design Concepts for Using the Switch 1-12 Small to Medium-Sized Network Using Catalyst 2960 Switches...
Software Guide
Page 5
...Cisco IOS CNS Agent 4-9 Enabling an Initial Configuration 4-9 Enabling a Partial Configuration 4-11 Displaying CNS Configuration 4-12 Clustering Switches 5-1 Understanding Switch Clusters 5-1 Cluster Command Switch Characteristics 5-3 Standby Cluster Command Switch Characteristics 5-3 Candidate Switch and Cluster Member Switch Characteristics 5-3 Planning a Switch...5-6 Discovery Through Different VLANs 5-6 Discovery Through Different Management VLANs 5-7 Discovery of Newly Installed Switches 5-8 HSRP and Standby Cluster Command Switches 5-9 Virtual IP Addresses 5-10 Other Considerations for ...
...Cisco IOS CNS Agent 4-9 Enabling an Initial Configuration 4-9 Enabling a Partial Configuration 4-11 Displaying CNS Configuration 4-12 Clustering Switches 5-1 Understanding Switch Clusters 5-1 Cluster Command Switch Characteristics 5-3 Standby Cluster Command Switch Characteristics 5-3 Candidate Switch and Cluster Member Switch Characteristics 5-3 Planning a Switch...5-6 Discovery Through Different VLANs 5-6 Discovery Through Different Management VLANs 5-7 Discovery of Newly Installed Switches 5-8 HSRP and Standby Cluster Command Switches 5-9 Virtual IP Addresses 5-10 Other Considerations for ...
Software Guide
Page 6
... 5-13 TACACS+ and RADIUS 5-14 LRE Profiles 5-14 Using the CLI to Manage Switch Clusters 5-14 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-14 Using SNMP to Manage Switch Clusters 5-15 6 C H A P T E R Administering the Switch 6-1 Managing the System Time and Date 6-1 Understanding the System Clock 6-1 Understanding Network Time Protocol...17 Default Banner Configuration 6-17 Configuring a Message-of-the-Day Login Banner 6-18 Configuring a Login Banner 6-19 Managing the MAC Address Table 6-19 Building the Address Table 6-20 Catalyst 2960 Switch Software Configuration Guide vi OL-8603-04
... 5-13 TACACS+ and RADIUS 5-14 LRE Profiles 5-14 Using the CLI to Manage Switch Clusters 5-14 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-14 Using SNMP to Manage Switch Clusters 5-15 6 C H A P T E R Administering the Switch 6-1 Managing the System Time and Date 6-1 Understanding the System Clock 6-1 Understanding Network Time Protocol...17 Default Banner Configuration 6-17 Configuring a Message-of-the-Day Login Banner 6-18 Configuring a Login Banner 6-19 Managing the MAC Address Table 6-19 Building the Address Table 6-20 Catalyst 2960 Switch Software Configuration Guide vi OL-8603-04
Software Guide
Page 7
... 6-24 Configuring Unicast MAC Address Filtering 6-25 Displaying Address Table Entries 6-26 Managing the ARP Table 6-26 Configuring SDM Templates 7-1 Understanding the SDM Templates 7-1 Configuring the Switch SDM Template 7-2 Default SDM Template 7-2 SDM Template Configuration Guidelines 7-2 Setting the...Privilege Level for a Command 8-8 Changing the Default Privilege Level for Lines 8-9 Logging into and Exiting a Privilege Level 8-9 Controlling Switch Access with TACACS+ 8-10 Understanding TACACS+ 8-10 TACACS+ Operation 8-12 Configuring TACACS+ 8-12 Default TACACS+ Configuration 8-13 Identifying...
... 6-24 Configuring Unicast MAC Address Filtering 6-25 Displaying Address Table Entries 6-26 Managing the ARP Table 6-26 Configuring SDM Templates 7-1 Understanding the SDM Templates 7-1 Configuring the Switch SDM Template 7-2 Default SDM Template 7-2 SDM Template Configuration Guidelines 7-2 Setting the...Privilege Level for a Command 8-8 Changing the Default Privilege Level for Lines 8-9 Logging into and Exiting a Privilege Level 8-9 Controlling Switch Access with TACACS+ 8-10 Understanding TACACS+ 8-10 TACACS+ Operation 8-12 Configuring TACACS+ 8-12 Default TACACS+ Configuration 8-13 Identifying...
Software Guide
Page 13
... Voice VLAN 14-3 Default Voice VLAN Configuration 14-3 Voice VLAN Configuration Guidelines 14-3 Configuring a Port Connected to a Cisco 7960 IP Phone 14-4 Configuring Cisco IP Phone Voice Traffic 14-4 Configuring the Priority of Incoming Data Frames 14-6 Displaying Voice VLAN 14-6 Configuring STP ... 15-6 Learning State 15-6 Forwarding State 15-6 Disabled State 15-7 How a Switch or Port Becomes the Root Switch or Root Port 15-7 Spanning Tree and Redundant Connectivity 15-8 Spanning-Tree Address Management 15-8 Accelerated Aging to Retain Connectivity 15-8 Spanning-Tree Modes and Protocols 15-9...
... Voice VLAN 14-3 Default Voice VLAN Configuration 14-3 Voice VLAN Configuration Guidelines 14-3 Configuring a Port Connected to a Cisco 7960 IP Phone 14-4 Configuring Cisco IP Phone Voice Traffic 14-4 Configuring the Priority of Incoming Data Frames 14-6 Displaying Voice VLAN 14-6 Configuring STP ... 15-6 Learning State 15-6 Forwarding State 15-6 Disabled State 15-7 How a Switch or Port Becomes the Root Switch or Root Port 15-7 Spanning Tree and Redundant Connectivity 15-8 Spanning-Tree Address Management 15-8 Accelerated Aging to Retain Connectivity 15-8 Spanning-Tree Modes and Protocols 15-9...
Software Guide
Page 36
... server for automatic assignment of IP addresses and other Cisco devices on Cisco.com. • CLI-The Cisco IOS software supports desktop- Manageability Features These are the manageability features: • CNS embedded agents for automating switch management, configuration storage, and delivery • DHCP for automating the deployment and management of MIB extensions and four remote monitoring (RMON) groups...
... server for automatic assignment of IP addresses and other Cisco devices on Cisco.com. • CLI-The Cisco IOS software supports desktop- Manageability Features These are the manageability features: • CNS embedded agents for automating switch management, configuration storage, and delivery • DHCP for automating the deployment and management of MIB extensions and four remote monitoring (RMON) groups...
Software Guide
Page 92
...they can be cluster member switches. This section includes management VLAN considerations for that specific switch. • Command-switch redundancy if a cluster command switch fails. Understanding Switch Clusters Chapter 5 Clustering Switches In a switch cluster, 1 switch must be the cluster command switch and up to 15 other switches can be distributed across ...Catalyst 2950 Catalyst 2950 LRE Catalyst 2940 Catalyst 3500 XL Catalyst 2900 XL (8-MB switches) Catalyst 2900 XL (4-MB switches) Catalyst 1900 and 2820 Cisco IOS Release 12.1(11)AX or later 12.1(19)EA1b or later 12.1(4)EA1...
...they can be cluster member switches. This section includes management VLAN considerations for that specific switch. • Command-switch redundancy if a cluster command switch fails. Understanding Switch Clusters Chapter 5 Clustering Switches In a switch cluster, 1 switch must be the cluster command switch and up to 15 other switches can be distributed across ...Catalyst 2950 Catalyst 2950 LRE Catalyst 2940 Catalyst 3500 XL Catalyst 2900 XL (8-MB switches) Catalyst 2900 XL (4-MB switches) Catalyst 1900 and 2820 Cisco IOS Release 12.1(11)AX or later 12.1(19)EA1b or later 12.1(4)EA1...
Software Guide
Page 99
... HSRP standby hello time interval is necessary if the entire switch stack fails. Because a cluster command switch manages the forwarding of standby cluster command switches. A cluster standby group is the standby cluster command switch (SC). The switch with the highest priority becomes the active cluster command switch. The default HSRP standby hold time interval should be assigned...
... HSRP standby hello time interval is necessary if the entire switch stack fails. Because a cluster command switch manages the forwarding of standby cluster command switches. A cluster standby group is the standby cluster command switch (SC). The switch with the highest priority becomes the active cluster command switch. The default HSRP standby hold time interval should be assigned...
Software Guide
Page 105
... privilege level 15. Using SNMP to Manage Switch Clusters When you enter the IP information by default. If you did not use the setup program to enter the IP information and SNMP was not enabled, you create a cluster, the cluster command switch manages the exchange of gets, sets, and... get-next messages between cluster member switches and an SNMP application. On Catalyst 1900 and Catalyst 2820 switches, SNMP is enabled if you first power on page 26-6. The cluster ...
... privilege level 15. Using SNMP to Manage Switch Clusters When you enter the IP information by default. If you did not use the setup program to enter the IP information and SNMP was not enabled, you create a cluster, the cluster command switch manages the exchange of gets, sets, and... get-next messages between cluster member switches and an SNMP application. On Catalyst 1900 and Catalyst 2820 switches, SNMP is enabled if you first power on page 26-6. The cluster ...
Software Guide
Page 109
... NTP, when in server association with Switch A. Chapter 6 Administering the Switch Managing the System Time and Date Figure 6-1 shows a typical network example using other method. Switch A is synchronized through NTP. Other devices then synchronize to which peers synchronize themselves when an external NTP source is isolated from the Internet, Cisco's implementation of time are not...
... NTP, when in server association with Switch A. Chapter 6 Administering the Switch Managing the System Time and Date Figure 6-1 shows a typical network example using other method. Switch A is synchronized through NTP. Other devices then synchronize to which peers synchronize themselves when an external NTP source is isolated from the Internet, Cisco's implementation of time are not...
Software Guide
Page 111
...remove an authentication key, use the no ntp trusted-key key-number global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-5 Chapter 6 Administering the Switch Managing the System Time and Date Step 3 Step 4 Step 5 Step 6 Step 7 Command ntp authentication-key number md5... or allow the other way around). By default, no ntp authenticate global configuration command. This example shows how to configure the switch to synchronize only to a device unless both have one or more key numbers (defined in Step 3) that message authentication support ...
...remove an authentication key, use the no ntp trusted-key key-number global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-5 Chapter 6 Administering the Switch Managing the System Time and Date Step 3 Step 4 Step 5 Step 6 Step 7 Command ntp authentication-key number md5... or allow the other way around). By default, no ntp authenticate global configuration command. This example shows how to configure the switch to synchronize only to a device unless both have one or more key numbers (defined in Step 3) that message authentication support ...
Software Guide
Page 113
... 3 ntp broadcast client Step 4 exit Purpose Enter global configuration mode. By default, no ntp broadcast interface configuration command. The switch can synchronize to it. end Return to receive NTP broadcast packets, and enter interface configuration mode. Specify the interface to privileged ...in privileged EXEC mode, follow these steps to configure the switch to send NTP broadcast packets to this feature is synchronizing its own clock. Chapter 6 Administering the Switch Managing the System Time and Date The switch can send or receive NTP broadcast packets on an interface-...
... 3 ntp broadcast client Step 4 exit Purpose Enter global configuration mode. By default, no ntp broadcast interface configuration command. The switch can synchronize to it. end Return to receive NTP broadcast packets, and enter interface configuration mode. Specify the interface to privileged ...in privileged EXEC mode, follow these steps to configure the switch to send NTP broadcast packets to this feature is synchronizing its own clock. Chapter 6 Administering the Switch Managing the System Time and Date The switch can send or receive NTP broadcast packets on an interface-...
Software Guide
Page 115
...queries, but does not allow only time requests from least restrictive to most restrictive: 1. To remove access control to the switch NTP services, use the no access groups are specified, all devices. query-only-Allows only NTP control queries from a device....6 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-9 Return to privileged EXEC mode. However, the switch restricts access to allow the switch to synchronize itself to a device whose address passes the access list criteria. 4. Chapter 6 Administering the Switch Managing the System Time and Date Step...
...queries, but does not allow only time requests from least restrictive to most restrictive: 1. To remove access control to the switch NTP services, use the no access groups are specified, all devices. query-only-Allows only NTP control queries from a device....6 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-9 Return to privileged EXEC mode. However, the switch restricts access to allow the switch to synchronize itself to a device whose address passes the access list criteria. 4. Chapter 6 Administering the Switch Managing the System Time and Date Step...
Software Guide
Page 117
... EXEC mode, follow these displays, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. If you have an outside source to which the switch can synchronize, you do not need to manually... Clock If you have an outside source on July 23, 2001: Switch# clock set 13:32:00 23 July 2001 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-11 Chapter 6 Administering the Switch Managing the System Time and Date Displaying the NTP Configuration You can use ...
... EXEC mode, follow these displays, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. If you have an outside source to which the switch can synchronize, you do not need to manually... Clock If you have an outside source on July 23, 2001: Switch# clock set 13:32:00 23 July 2001 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-11 Chapter 6 Administering the Switch Managing the System Time and Date Displaying the NTP Configuration You can use ...
Software Guide
Page 119
... start and end on the last Sunday in October at 02:00: Switch(config)# clock summer-time PDT recurring 1 Sunday April 2:00 last Sunday October 2:00 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-13 This example shows how to specify that you ...week each year: Step 1 Step 2 Step 3 Step 4 Step 5 Command Purpose configure terminal Enter global configuration mode. Chapter 6 Administering the Switch Managing the System Time and Date Configuring Summer Time (Daylight Saving Time) Beginning in privileged EXEC mode, follow these steps to configure summer time (daylight ...
... start and end on the last Sunday in October at 02:00: Switch(config)# clock summer-time PDT recurring 1 Sunday April 2:00 last Sunday October 2:00 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-13 This example shows how to specify that you ...week each year: Step 1 Step 2 Step 3 Step 4 Step 5 Command Purpose configure terminal Enter global configuration mode. Chapter 6 Administering the Switch Managing the System Time and Date Configuring Summer Time (Daylight Saving Time) Beginning in privileged EXEC mode, follow these steps to configure summer time (daylight ...
Software Guide
Page 125
... the login banner, use the delimiting character in privileged EXEC mode, follow these types of the banner text. Chapter 6 Administering the Switch Managing the MAC Address Table Configuring a Login Banner You can configure a login banner to forward traffic between ports. For c, enter the ...delimiting character of your username and password. $ Switch(config)# Managing the MAC Address Table The MAC address table contains address information that the switch learns and then ages when it is not lost when the switch resets. Please enter your choice, for authorized users only....
... the login banner, use the delimiting character in privileged EXEC mode, follow these types of the banner text. Chapter 6 Administering the Switch Managing the MAC Address Table Configuring a Login Banner You can configure a login banner to forward traffic between ports. For c, enter the ...delimiting character of your username and password. $ Switch(config)# Managing the MAC Address Table The MAC address table contains address information that the switch learns and then ages when it is not lost when the switch resets. Please enter your choice, for authorized users only....
Software Guide
Page 127
...mac address-table aging-time global configuration command. To return to be prematurely removed from the table. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-21 You can cause the address table to the default value, use . Static address entries are 1 to... your entries in the MAC address table after the entry is 300. The default is used or updated. Chapter 6 Administering the Switch Managing the MAC Address Table Default MAC Address Table Configuration Table 6-3 shows the default MAC address table configuration. This unnecessary flooding can cause...
...mac address-table aging-time global configuration command. To return to be prematurely removed from the table. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-21 You can cause the address table to the default value, use . Static address entries are 1 to... your entries in the MAC address table after the entry is 300. The default is used or updated. Chapter 6 Administering the Switch Managing the MAC Address Table Default MAC Address Table Configuration Table 6-3 shows the default MAC address table configuration. This unnecessary flooding can cause...
Software Guide
Page 129
...default is 0 to 500; Verify your entries. (Optional) Save your entries in the MAC notification history table. Chapter 6 Administering the Switch Managing the MAC Address Table Step 5 Command mac address-table notification [interval value] | [history-size value] Step 6 interface interface-id ... command. To disable the MAC address notification feature, use the no mac address-table notification global configuration command. To disable the switch from this interface. Return to 100 entries, and enable traps whenever a MAC address is 1 second. • (Optional) For...
...default is 0 to 500; Verify your entries. (Optional) Save your entries in the MAC notification history table. Chapter 6 Administering the Switch Managing the MAC Address Table Step 5 Command mac address-table notification [interval value] | [history-size value] Step 6 interface interface-id ... command. To disable the MAC address notification feature, use the no mac address-table notification global configuration command. To disable the switch from this interface. Return to 100 entries, and enable traps whenever a MAC address is 1 second. • (Optional) For...
Software Guide
Page 131
... the packet with specific source or destination MAC addresses. Chapter 6 Administering the Switch Managing the MAC Address Table Configuring Unicast MAC Address Filtering When unicast MAC address filtering is enabled, the switch drops packets with the specified MAC address is received. Return to drop a source... configuration file. For example, if you add a unicast MAC address as a static address and configure unicast MAC address filtering, the switch either adds the MAC address as a static address or drops packets with the specified MAC address as a static address. If you entered...
... the packet with specific source or destination MAC addresses. Chapter 6 Administering the Switch Managing the MAC Address Table Configuring Unicast MAC Address Filtering When unicast MAC address filtering is enabled, the switch drops packets with the specified MAC address is received. Return to drop a source... configuration file. For example, if you add a unicast MAC address as a static address and configure unicast MAC address filtering, the switch either adds the MAC address as a static address or drops packets with the specified MAC address as a static address. If you entered...
Software Guide
Page 478
.... The results of a poll can have one of an NMS is created, the command switch manages the exchange of messages among member switches and the SNMP application. CiscoWorks 2000 software uses the switch MIB variables to set device variables and to , when a port or module goes up ...manager requests as follows: • Get a MIB variable-The SNMP agent begins this function in response to a message from the NMS. The agent retrieves the value of the requested MIB variable and responds to the NMS with Cisco Network Assistant, available on Cisco.com. For more . 26-4 Catalyst 2960 Switch...
.... The results of a poll can have one of an NMS is created, the command switch manages the exchange of messages among member switches and the SNMP application. CiscoWorks 2000 software uses the switch MIB variables to set device variables and to , when a port or module goes up ...manager requests as follows: • Get a MIB variable-The SNMP agent begins this function in response to a message from the NMS. The agent retrieves the value of the requested MIB variable and responds to the NMS with Cisco Network Assistant, available on Cisco.com. For more . 26-4 Catalyst 2960 Switch...