Manuale d’uso / di manutenzione del prodotto 2950 del fabbricante Cisco Systems
Vai alla pagina of 566
Corporate He adquarters Cisc o Syst ems , Inc . 170 West Ta sman Drive San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catal yst 2950 Desktop S witc h Sof tware Configuration Guide Cisco IOS Release 12.
THE SPECIFICATIONS AND INFORMATION REG ARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOU T NOTICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDA TIONS IN T HIS MANUAL ARE BELIEVED TO BE ACCURATE BU T ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED.
iii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 CONTENTS Preface xx iii Audienc e xxiii Pur pose xx iii Organi zation xx iv Conv enti ons xxvi Rela te d Publi cation s xxvi.
Cont ent s iv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 CHAPTER 2 Using t he Command -Line I nterface 2-1 IOS Command Mode s 2-1 Gettin g Help 2-3 Abbrevi ating Comma nds.
Content s v Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Topolo gy View Po pup Menus 3-21 Link Popu p Me nu 3-21 Device Po pup Menus 3-22 Inter action Mode s 3-23 Guide Mo d.
Cont ent s vi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Manua lly As sign ing IP Infor matio n 4-10 Checki ng and Sav in g the Runn i ng Configu ration 4-10 CHAPTER 5 Con.
Content s vii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 HSRP and Sta ndby Comman d Swi tches 6-13 Virtua l IP Addr es s es 6-14 Other Consider ations for Clust er Stan db.
Cont ent s viii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Config urin g TACAC S+ 7-11 Defaul t TACACS+ Co nfi gurati on 7-12 Identi fying t he TACACS+ Server Host and Set.
Content s ix Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Config urin g a Sys tem Name and Prompt 7-46 Defaul t Syste m Name and Prompt Co nfig ura tion 7-46 Config urin g a.
Cont ent s x Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Settin g t he S witch -to -Cli ent Fr ame -Re trans mis sion Num ber 8-13 Enab ling Mul tip le Host s 8-13 Resett ing th e 802 .1X Conf igurat ion to the Defaul t Values 8-14 Displa ying 802.
Content s xi Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Spannin g-Tr ee Interf ace State s 10-5 Blocki ng Stat e 10-7 List ening Sta te 10-7 Learni ng Stat e 10-7 Forw ardi ng S tat e 10-7 Disabl ed State 10-8 Spannin g-Tr ee Add ress Man age ment 10-8 STP and IE EE 802.
Cont ent s xii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Hop Count 11-10 Boundar y Ports 11-10 Intero per abili ty wi th 8 02.
Content s xiii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Enabli ng Uplink Fast f or Use with Re dundan t Li nks 12-17 Enabli ng C ross-St ack Up linkFa st 12 -18 Enabli n.
Cont ent s xiv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Load S harin g Using STP 13-21 Load S harin g Using STP Port Prior ities 13-21 Load S harin g Using STP Path Co s.
Content s xv Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Disabl ing VTP (VT P Trans par ent Mode ) 14-12 Enabli ng V TP Versi on 2 14-13 Enabli ng V TP Pruni ng 14-14 Addin.
Cont ent s xvi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Displa ying MVR Inf ormation 16-18 Config urin g IGMP Fil te ring 16-19 Defaul t IGMP Fil terin g Confi g ur atio.
Content s xvii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 CHAPTER 19 Configur ing C DP 19-1 Underst anding CDP 19-1 Config urin g CDP 19-2 Defaul t CDP Conf ig urati on 19.
Cont ent s xviii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 CHAPTER 21 Configur ing R MON 21-1 Underst anding RMON 21-1 Config urin g RMON 21-2 Defaul t RMON Configur atio.
Content s xix Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Config urin g SNMP Groups and Us ers 23-8 Config urin g SNMP Notif icati ons 23-1 0 Setti ng the Age n t Contact a.
Cont ent s xx Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 CHAPTER 25 Configur ing Q oS 25-1 Underst anding QoS 25-2 Basic QoS Model 25-3 Classi ficati on 25-4 Classi ficati.
Content s xxi Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 CHAPTER 26 Configur ing E therChannel s 26-1 Underst anding Et herCh ann els 26-1 Underst andi ng Po rt-Ch annel I.
Cont ent s xxii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05.
xxiii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Preface Audience The Cataly st 2 950 Desktop Sw itch Sof tware Configuration Gui de is for t he n etwor k ma na ger responsible for conf igur ing the Catalyst 2950 switches, hereaf ter referred to as the switches .
xxiv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Preface Organizati on • Cluster Ma nageme nt Suite (CM S) info rmation — This guide provides an overview of the CMS web-base d, switc h ma nage ment inter face.
xxv Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Pre face Organization Chapter 7, “ Administeri ng the Switc h, ” describes how to perform one-time operati ons to administ er your switch.
xxvi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Preface Conv ent ions Chapter 22, “ Conf i gurin g Syst em Mes sage Lo gging, ” describes how to configure system me ssage logging.
xxvii Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Pre face Related Publ icati ons Ti p Means the followin g will help yo u solve a pr oblem . The tips informat ion might not be trouble shootin g or even an ac tio n, but cou ld be use ful info rma ti on.
xxvii i Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Preface Obtain in g Technical Assis ta nce Documenta tion C D-ROM Cisco documentati on and additio nal literature are a v ailable in a Cisco Documentation CD-R OM packag e, w hich is shi pped with you r prod uct.
xxix Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 Pre face Ob taining Technical Assistance Cisco.com Cisco.com is t he foundation of a suite of inter acti ve, network ed ser.
xxx Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Preface Obtain in g Technical Assis ta nce If you are a Ci sco. com registered use r, and you cannot resol ve your tech nica l issu es by using the C isco T AC W eb Site, you can open a ca se online by using the T AC Case Op en tool at t his URL: http://www .
C HAPTER 1-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 1 Overview This chapter pro vides these topics ab out the Catalyst 2950 switch software: • Feat ures , page 1- 1 .
1-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Feature s Per for ma nce • Autosensing of spee d on the 10/ 100 and 1 0/100 / 1000 ports a nd auto negotiation o f du plex mode o n the 10 /100 port s f or op tim izing ba ndwid th • IEEE 8 02.
1-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Features • In-band man agement access throug h up to 16 simultaneous T elnet connec tions for multiple .
1-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Feature s • The swit ch supp orts up t o 4094 VLA N IDs to all o w se rvice pro v ider netw orks t o suppor t the numb er of VLANs allo wed by th e IEEE 802.
1-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Manageme nt Options • Policing – T raffic-policing p oli cies o n the switc h por t for a ll ocati ng.
1-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Managem e nt Optio ns Manageme nt Interface Optio ns Y o u can co nfigure and monit or individual sw.
1-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Network Configuration Examples • Apply a ctions from CMS to multipl e ports an d multiple switches at the same time to a v oid re-ente ring the same comma nds for eac h individual port or switch.
1-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Bandwidt h alone is not the only c onsiderat ion when d esigning you r network.
1-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Network Configuration Examples Y o u can cr eate bac kup paths by using Fast Ethernet , Gigab it, Fast EtherCha nnel, or Gigabit EtherCha nnel li nks.
1-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Figur e 1 -1 Example Configur ations Small to Medium-Sized Network Configuration Figure 1-2 sh ows a con figurat ion for a n etwork th at has u p to 25 0 u ser s.
1-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Network Configuration Examples A network backbone i s a high-ba ndwidth co nnectio n (such as Fast Ethe rnet or G igabit Ethe rnet) tha t interc onnects segm ents and netw ork resour ces.
1-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Collaps ed Backbo ne an d Switch Clu ster Configuratio n Figure 1-3 sh ows a con figura tion for a n etwor k of appro xi mat ely 50 0 em pl oyees.
1-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Network Configuration Examples Figur e 1 -3 Collapsed Back bone and Switc h Clust er Conf iguration Large C ampus C onfiguration Figure 1-4 shows a c on f i gur atio n fo r a n etw ork of m ore th an 1 0 00 users.
1-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Figur e 1 -4 Larg e Campus Confi gura tion Multidwelling Network.
1-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Network Configuration Examples All ports on the resident ial Catalyst 2950 switches (a nd Catalyst 2912-LRE XL or 2924-LR E XL switche s if th ey ar e incl u ded) ar e configur ed a s 8 02.
1-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Long-Distan ce, High-Ba ndwidth T ransport C onfiguration Note T o u se the fea ture de scr ibed in thi s se ctio n, yo u m ust have the E I i nstall ed on you r s witc h.
1-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 1 Overview Where t o Go Next Where to Go Next Before conf iguring the switch, re view th ese section s for start up.
1-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Ch ap ter 1 Ov er vi ew Where to Go Nex t.
C HAPTER 2-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 2 Using the Command-Line Interface This c ha pter d escri bes th e IO S comm an d-l ine int erfa ce ( CLI ) th at you c a n u se to con figure your switch es.
2-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce IOS Command Modes T able 2-1 Command Mo de Summary Mode Acces s Met hod Prom pt Exit Met hod About Th is Mode User EXE C Be gin a session with your sw itch .
2-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 Using the Comm a nd-Line In terface Getting Help Getting Help Y ou can enter a qu es t i on ma rk (? ) at th e s y s tem pr om p t to d is p lay a lis t of co mm an d s a v ailab l e f or eac h comma nd mode .
2-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Using no and default Forms of Comman ds Using no and defa ult Forms of Comman ds Almos t e v ery co nf iguration comma nd also has a no form.
2-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 Using the Comm a nd-Line In terface Using Com mand History Using Command History The IOS provid es a history or re cord of com mands tha t you have entered.
2-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Using E diting Feature s Disabling the Comma nd History Fe ature The c ommand histor y feat ure is automatic ally enabled.
2-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 Using the Comm a nd-Line In terface Using Edit ing Featu res Editing C ommands throu gh Keystrok es Ta b l e 2 - 5 show s the ke yst rokes that you need to edit comman d lines.
2-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Using E diting Feature s Editing C ommand Lines that Wrap Y o u can use a w rap aro und f eature for c om mands t hat extend b eyond a singl e l ine on th e scre en .
2-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 Using the Comm a nd-Line In terface Searching and Filtering Output of show and m o re Co mm ands Use lin e wrapping with the co mman d history fe ature to recall and modif y previous complex co mmand entries.
2-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Access ing th e CLI from a Br owse r Accessing the CLI from a Bro wse.
C HAPTER 3-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 3 Getting Started with CMS This chapte r provides these topics about the Cluste r Management Suite (CMS ) software:.
3-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Feature s Features CMS p rovides these feat ures ( Figur e 3-1 ) for mana ging sw itch cl.
3-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Features • T wo lev els of access to the conf iguration optio ns: read-wr ite access f.
3-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Front Panel Vi ew Front Panel View When CMS is laun ched from a comma nd switch, the Front Panel vi ew displays the front -pan el images of all swit ches in the clus ter ( Figure 3-2 ).
3-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Front Pa nel Vie w Cluste r Tr ee The cl uster tre e ( Figure 3-2 ) appears in the left f rame of the Front P anel vie w and sh o ws the name of the cluste r and a list of its memb ers.
3-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Front Panel Vi ew Figure 3-5 shows the por t icons as th ey appea r in the fron t-panel imag es. T o select a port, cl ick the por t on the front-panel image.
3-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Front Pa nel Vie w Port Modes and LEDs The por t mode s ( Ta b l e 3 - 4 ) dete rmi ne t he t y pe of i nfo rma tion d ispl ayed thr ough the port LED s.
3-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Front Panel Vi ew VLAN Membership Modes Ports in the Fr ont P anel vie w are ou tlined by.
3-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Topol ogy View Topology Vie w The T opology vie w displays ho w the de vices within a switch cluster are conne cted and ho w the switch cluster i s con ne cte d to oth er cl usters and devices .
3-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Topology Vie w Figur e 3-6 Expan d Cluste r View Figur e 3-7 Collaps e Clust er View Right-click a link icon to displa y a link popup menu.
3-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Topol ogy View Topology Icons The T op ology view and the cl ust e r tree us e the sam e set of device icons to r epresen t cluster s, com mand and standby comma nd switch es, and m ember switches ( Figure 3-8 ).
3-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Topology Vie w Figur e 3-9 T opol og y-V iew Link Icons Device and Link L abels The T op.
3-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Topol ogy View The c olor o f a d ev ice la bel sho ws the cl uster member ship o f the de vice ( Ta b l e 3 - 1 0 ).
3-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Menu s an d Toolba r Menus and Tool bar The co nfigur ation a nd moni tori ng opt ions for configu ring sw itche s an d s wit ch c lust ers ar e av ailabl e from menu s and a toolbar .
3-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Menus and To olbar Note • W e strongly recomm end that the hig hest-en d, comm and-ca.
3-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Menu s an d Toolba r T able 3-1 1 Menu Bar Menu-B ar O ptio ns T ask CMS Page Setup Set de fau lt doc um en t pr int er p rop er ties t o be use d whe n pr intin g f ro m CM S.
3-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Menus and To olbar IGMP Sn oopin g 2 E nable and di sable In ternet Group Manage ment Protoc ol (IGMP) snoo ping an d IGMP Immediate-Lea ve proc essing on the switch.
3-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Menu s an d Toolba r Port Statistic s Display port sta tistics. Bandwidth G raphs Display g ra phs t hat plot the tota l ba nd width in use by t he swi tc h.
3-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Menus and To olbar Toolbar The toolba r buttons display com monly- used switch and cluster configurat ion options and i nformat ion wind o ws such as le gends and on line h elp.
3-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Menu s an d Toolba r Front Panel V iew Po pup M enus These popu p menus ar e available in the Front Panel view .
3-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Menus and To olbar Topology View P opup Men us These popu p menus ar e available in the T o pology vi ew . Link Popup Menu Y o u can displ ay reports a nd graphs for a specific link displa yed in the T opol ogy view ( Ta b l e 3 - 1 5 ).
3-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Menu s an d Toolba r Device Popup Menus Specific devices in the T opolo gy v iew display.
3-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Inter action Mo des Interaction Modes Y o u can ch an ge the inte ra ctio n m ode of CMS t o eit her gu ide or expert m ode . G uide m od e st ep s you through each fea ture optio n and provides i nformat ion about the parame ter .
3-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Wizards Guide Mode Note Gu ide mode is not av ailable if you r switch ac cess lev el is re ad-only . For more informa tion ab out the read- only acc ess mode, s ee the “ Ac cess Modes in CMS ” sect ion o n page 3-29 .
3-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Tool Tips Tool Tips CMS disp lays a po pup messa ge when yo u move your m ouse over the.
3-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS CMS W indow Com ponents CMS Window Components CMS windo ws consistently present conf iguration info rmation. Figure 3-12 shows the components of a typical CMS window .
3-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS CMS Wi nd ow Co mpo n ents window does n ot i ncl ud e Ca talyst 1900 a nd Cat alys t 282 0 switc he s even though t hey are pa rt o f the cluster .
3-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Access ing CMS Accessing CMS This section assumes the follo wing: • Y o u know the IP addre ss and pa ssword of t he com mand sw itch or a spe cific switch.
3-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Acce s sing CMS Access Mo des in CMS CMS pro vides tw o le v e ls of acce ss to the co nf igurat ion options: read-wr ite ac cess and read -only ac cess.
3-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Verifying Yo ur Cha nges Verifying Your Changes CMS pr ovid es notif i cation cues to help y ou track and conf irm t he cha nges yo u mak e.
3-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Star ted with CMS Restoring Your Configuration Restoring Your Configuration After you sav e a switch c on.
3-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 3 Getting Started with CMS Where to Go Nex t Where to Go Next Before conf iguring the switch , refer to th ese places for start- up info rmation: • Switch r elease notes on Cisco .
C HAPTER 4-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 4 Assigning the Switch IP Address and Default Gateway This chapt er describes ho w to create the initial switch conf iguration (for e xample, assig n the switch IP address an d default gateway informa tion) by using a variety of au tomati c and manua l methods.
4-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n The boot loader a lso provid es trap-door access in to the system if the o perating system has problems serious enoug h that i t cannot be use d.
4-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Default Switch Information Ta b l e 4 - 1 shows the def ault switch informatio n.
4-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n DHCP Client Request Proce .
4-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Configuring the DHCP Ser ver Y o u shoul d configure t he DHC P server wi th rese rved leases t hat ar e boun d to each switch by th e switc h hardware address.
4-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n For the switch to successf ull y do wnl oad a conf igu ratio n f i le, the TFTP ser v er must contain one o r more configur ation files in its base direct ory .
4-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Figur e 4-2 Rela y Devic e.
4-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Assign ing Swi tch Info rmatio n Note The switch br oadcast.
4-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information DNS Ser ver Conf iguration The DNS server ma ps the TF TP server name ma ri ts u to IP address 10.
4-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Checking and Saving th e Run ning Confi gura tion Manually.
4-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Checki n g an d Sav in g the Ru nnin g Co nfig ur atio n ! hostname Switch ! enable secret 5 $1$ej9.
4-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 4 Assigning the S witch IP Add ress and Defau lt Gateway Checking and Saving th e Run ning Confi gura tion no ip address shutdown ! interface Vlan1 ip address 172.20.
C HAPTER 5-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 5 Configuring IE2100 CNS Ag ents This chap ter describes h ow to c onfigure th e Intelligence Engine 2100 (IE2100) Series Cisco Netw orking Servic es (CNS) embe dded ag ent s on you r switc h.
5-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Confi guring I E2100 CNS Agent s Unders tan ding IE21 0 0 Series Config uration Reg istrar Softwar e Figur e 5-1 C.
5-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Configuring IE21 00 CNS Agents Understan ding IE2100 Series Configurat ion Registrar S oftware CNS E ven t Serv i ce The Conf iguration Regi strar uses the CNS Ev ent Servic e for rece ipt and ge neration of conf iguration e ven ts.
5-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Confi guring I E2100 CNS Agent s Unders tan ding IE21 0 0 Series Config uration Reg istrar Softwar e DeviceID Each.
5-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Configuring IE21 00 CNS Agents Unde rstan ding CNS Embe dde d Ag ent s Understandin g CNS Embedde d Agents The CNS e v ent ag ent feature allo ws the swit ch to publish and su bscribe to e vents on the e v ent b us and works with the CNS configurati on agent.
5-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Confi guring I E2100 CNS Agent s Configur ing CNS Em b edded A gen ts Incremental (Partial) Configur ation After t he ne twork is r unn ing, new serv ice s ca n b e ad de d by using t he CN S c onfigura tion ag en t.
5-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Configuring IE21 00 CNS Agents Config uri ng CNS Embe dded Ag en ts Note For more informatio n about running the s.
5-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Confi guring I E2100 CNS Agent s Configur ing CNS Em b edded A gen ts Enabling th e CNS Ev ent Agent Note Y ou must e nable t he CNS ev ent agent on the s witch b efore y ou enab le the CNS conf igurat ion ag ent.
5-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Configuring IE21 00 CNS Agents Config uri ng CNS Embe dded Ag en ts T o disable the CNS e v ent agent, use the no cns event { ip-address | hostname } glob al configur ation comm and.
5-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Confi guring I E2100 CNS Agent s Configur ing CNS Em b edded A gen ts Step 3 config-cli or line -c li Enter config -cli to connect to the Config uration Registrar through t he interface de fined in cns c onfig connect-i ntf .
5-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Configuring IE21 00 CNS Agents Config uri ng CNS Embe dded Ag en ts T o disa ble t he CNS conf igurati on age nt, use t he no cns conf ig initia l { ip-add r ess | hostname } global configurati on comm a nd.
5-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Confi guring I E2100 CNS Agent s Displaying CNS Con figuration Enabling a Partial Configur ation Beginn ing in pr.
5-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Configuring IE21 00 CNS Agents Displaying CNS Configuration show cns e v ent stats Displays statistic s about the CNS e ven t agent. show cns ev ent subject Disp la ys a li st of event ag en t s u bjec ts th at ar e s ubs cr ib ed t o by appli cations .
5-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 5 Confi guring I E2100 CNS Agent s Displaying CNS Con figuration.
C HAPTER 6-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 6 Clustering Switches This chapte r provides these topics to help you get started with switch clu stering: • Unde.
6-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Unders tan din g Sw itch Cluste rs Understandin g Switch Clust ers A switch cluster i s a group of connected C atalyst swit ches that a re manage d as a sing le entity .
6-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Underst anding Swi tch Clust ers Command Switch Character istics A Cataly st 2950 co mm an d swit ch m ust me et t hese r equi reme nts: • It is running Release 12.
6-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Unders tan din g Sw itch Cluste rs Note Ca talyst 2950 com mand sw itches r unning R eleas e 12. 1(9)EA1 or la ter can conn ect to s tandby com mand swit ches in the ma nage ment VLAN.
6-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Note Catalyst 2950 stand by command switche s runni ng Releas e 12. 1(9)EA1 or later can co nnect to candidat e and membe r switche s in VLANs di f fer ent from their mana gement VL ANs.
6-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Discovery through CDP Hops By using CDP , a comma nd switch can di scover switches up to se ven CDP hops away (the default is three hops) from the ed ge of the clus ter .
6-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Figur e 6-2 Disco very thr ough CDP Hops (Co mmand S witch Running Releas e 12.
6-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Discovery through Non-CDP-Capabl e and Noncluster-Capable Device.
6-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Discovery through the Same Managemen t VLAN A Catalyst 2900 XL command switch, a Ca talyst 2950 comma nd switch ru nning a rele ase earl ier than Release 12 .
6-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Discovery through Different M anagement VLANs W e recomme nd usin g a Catalyst 3550 com mand switch or a Catalyst 29 50 comm and swit ch runni ng Releas e 12.
6-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Figur e 6-6 Disco very thr ough Dif f er ent Ma nagem ent VLANs.
6-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Figur e 6-7 Disco v ery of Newly I nstalled S witc hes in the S.
6-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er HSRP and S tandby Command Sw itches The switc h supp orts Hot Standby Router Protoc ol (HSRP) so that you ca n configure a gro up of standby comman d s wit che s.
6-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Virtual IP Addresses Y o u need to assig n a uniqu e virt ual IP add ress and gr oup num ber a nd name to t he clu ster sta ndby group.
6-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er • All stan dby-group memb ers must be me mber s of the clust er . Note The re is no lim it to the number of sw itches that you can assi gn as standb y command switches.
6-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er Automatic Recover y of Cluster Configuration The act iv e comm and swit ch cont inually forwards cluster-configura tion info rmati on (but not device-configurat ion info rmation) to the standby com mand switch.
6-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Host Names Y o u do not need to assign a host name to eit her a comm and swit ch or an el igible c luster mem ber .
6-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Planning a Sw it ch Cl ust er TACACS+ an d RADIUS Inconsistent authenti cation configur ations in switch clusters cause CMS to continually pr ompt for a user name and pa ssword.
6-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Planni ng a Swit ch Clust er Manageme nt VLAN Communication wi th the sw itch manag ement int erfaces i s through the comma nd-switch IP address.
6-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Creating a Switch Cluster Availability of Switch-Specifi c Features in Switch Clusters The me nu bar on t he com mand switch disp lays al l optio ns available from the sw itch clust er .
6-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Creati ng a Swit ch Cluster If you did not enab le a command switch durin g initial switch setup, launch De vice Manager from a command-cap able switch, a nd select Cluster > Cr eate Cluster .
6-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Creating a Switch Cluster If a cand idat e s witc h in th e gr oup has a password di fferent from t he gr oup, on ly that speci fic candi dat e switch is no t adde d to t h e cl us ter .
6-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Creati ng a Swit ch Cluster Figur e 6-12 Using the T opolog y V iew t o A dd Membe r Switc h.
6-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Creating a Switch Cluster These a bbreviations are ap pended t o the switc h host nam es in t.
6-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Creati ng a Swit ch Cluster Verifying a Switch Cluster When yo u fini sh adding cl uster me .
6-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Using the CLI to Ma nage Swit ch Cl us ters Using the CLI to Manage Swit ch Clusters Y o u can co nfigure memb er switch es from the CLI by f irst logg ing into the command switch .
6-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switche s Using S NMP to Ma nage Swit ch Clust ers Using SNMP to Manage Switc h Clusters When you firs.
6-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 6 Clustering Switches Using SNMP to Ma nage Sw itch Cl usters.
C HAPTER 7-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 7 Administering the Switch This cha pter descri bes how to perform one-t ime ope rations to administ er your switc h.
7-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds • If you want to u se use rn ame and .
7-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Setting o r Changin g a Static Enab le Pa ssword The en able password control s access to the privileged EXEC mode.
7-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds Protecting En able and E nable Secre t .
7-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds If bo th the en able and e nable sec ret pas sword s are de f ined, us ers must enter th e enable s ecret p asswo rd.
7-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds T o remo v e the passwo rd, use the no password global configurat ion comm and.
7-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Configuring Multiple Privilege Level s By default, the IOS sof tware has two mo des of password sec urity : user EX EC an d privileged EXEC.
7-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Protecting A ccess to Privileged EXE C Comman ds When y ou set a command to a pr i vile ge le ve l, all command s whose syntax is a subs et of th at com mand are al so set to th at le v el.
7-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ Logging into and Exiting a Privilege Level Begin.
7-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ Figur e 7 -1 T ypical T ACACS+ N etwo r k Con.
7-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ TACACS+ Ope ration When a use r attempts a sim ple ASCII login b y authent icating to a switch using T A CA CS+, this proc ess occurs: 1.
7-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ This se ctio n c onta ins thi s configu ratio.
7-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ T o remo ve the specif ied T A CA CS+ server name or address, use the no tacacs- server ho st hostnam e global configurat ion comm and.
7-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ Beginn ing in pri vilege d EXEC mode, follo w these st eps to conf igure login authent ication: Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l configurati on mode.
7-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with TACACS+ T o disa ble A AA, us e the no aaa new-model glo bal co nfigur atio n c omm and.
7-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controlling Sw itch Acce ss w ith TACACS+ Starting TACACS+ Accounting The AAA acco unting feature tracks th e services that users are acces sing an d the amoun t of netwo rk resources th at the y are co nsuming.
7-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Controlling Switch Access with RADIUS This sec t.
7-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS RADIUS is not suitable in these netw ork security situations: • Multipr otocol acce ss en vi ronmen ts.
7-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Configuring RADIUS This se ctio n de scri bes how to c onfigure your sw itch to su ppo rt R ADI US.
7-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Y o u iden tif y R ADI US secu ri ty s er vers by the ir host na me or I P ad dre ss, host name a nd spe c ific UDP port num bers, or t heir I P addre ss and spec ific UDP port numb ers.
7-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Beginning i n privileged E XEC mo de, foll ow these s teps to c on figure p er-server R ADI US ser ver comm unicatio n.
7-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS This exampl e sho ws ho w to con fi gure one RADIUS ser ver to be us ed for au thentica tion and a nother to be us ed for ac coun ting : Switch(config)# radius-server host 172.
7-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Step 3 aaa authent ication logi n { default | list-name } method1 [ meth od2 ... ] Create a login auth entic ation meth od list.
7-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS T o disa ble A AA, us e the no aaa new-model glo bal co nfigur atio n c omm and.
7-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Be ginning in pri v ile ged EXEC mode, fo llo w .
7-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS T o remo ve the specif ied RADIUS serv er , u se the no radius-serv er host hostname | ip- address global configurat ion comm and.
7-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS Beginn ing in pri vile ged EXEC mo de, follo w t.
7-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Configuring Settings for All RADIUS S ervers.
7-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Controlling Switch Access with RADIUS For e x am ple , th e f oll o wing A V p air act.
7-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Controllin g Switch A cce ss wit h RA DIUS Beginning i n privileged EXEC mode, f ollow .
7-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Configuring the Switch for Local Authentication and Authorization Configuring the Swit.
7-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Managing the System Time and Date Y o u can ma nage.
7-33 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e running NTP autom atically chooses as its time source the dev ice with the lo west stratum number with which it communic ates through NTP .
7-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Figur e 7 -3 T ypical NTP Netw or k Config ura tion.
7-35 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Default NTP Configurati on Ta b l e 7 - 2 shows the d efault NTP co nfigurati on. NTP is enable d on all interfa ces b y default.
7-36 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date T o dis ab le N TP au then tic atio n, use the no ntp authenticate global configurat ion comm and.
7-37 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Y o u need to co nfigure only one end of an assoc iation; the other de vice can a utomat icall y establi sh the associat ion.
7-38 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date T o disable the interface from s ending NTP broadcast pack ets, use the no ntp broadcast interface conf igurat ion command.
7-39 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Creating an Access Gro up and Assigni ng a .
7-40 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date If the source IP address m atches the access lists fo r more t han one acces s type, the f irst typ e is grant ed.
7-41 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Beginn ing in pri vile ged EXEC mode, follo.
7-42 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Setting the System Clock If you have an outsid e source on the net work that pr ovides time ser vices, su ch as a n NTP server , you do not need to manuall y set the syste m clock.
7-43 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Configuring the Tim e Zone Beginn ing in pr.
7-44 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the Syste m Time and Date Configuring Summer Time (Daylight Saving Ti me) Beg.
7-45 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Beginning in privileged EX EC mode, fol low.
7-46 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Configur ing a Sys tem Nam e and Prompt Configuring a System Name a nd Prompt Y o u configure the system name on the switc h to identi fy it.
7-47 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Confi guring a S ystem Name an d Prompt Configuring a System P rompt Beginning i n pri.
7-48 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Configur ing a Sys tem Nam e and Prompt Default DNS Configur ation Ta b l e 7 - 3 shows the d efault DN S configur ation .
7-49 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Creat ing a Bann er domain name is the v alue set by the ip d oma in -n ame glo bal c onfigurati on c om mand.
7-50 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Creating a Banner Configurin g a Mess age-of-the -Day Log in Bann er Y ou can create a sing le or mult iline messa ge b anner tha t a ppea rs on th e scr een wh en so m eone lo g s in to the switch.
7-51 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Creat ing a Bann er Configurin g a Login B anner Y o u c an co nfigur e a l og in ba nner t o be di spla yed on al l c onnec ted t ermin al s.
7-52 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table Managing the MAC Ad dress Tabl e The MA C address table cont ains add ress inf ormation that th e switc h uses to fo rwar d traf fic betwe en ports.
7-53 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Managin g the MAC Addre ss Table MAC Addr esses an d VLANs All addr esses are as sociate d with a VLAN. An add ress can e xist in more than one VLA N and ha ve different de stinati ons in each.
7-54 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table T o retur n to the default v alue, use the no mac address-table agi ng-time global configurati on comma nd.
7-55 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Managin g the MAC Addre ss Table Beginning i n privileged E X EC mo de , follow these .
7-56 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table T o disable the switch fr om sending MA C address notification tra ps, use the no snmp-serv er enable traps mac-notification global con f igura tion co mman d.
7-57 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Managin g the MAC Addre ss Table Beginning i n privileged EX EC mo de , follo w these .
7-58 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the MAC A ddre ss Table Beginning i n privileged EX EC mo de , follow these s.
7-59 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adminis ter ing the Switch Managi ng the ARP Ta ble Managing the ARP Ta ble T o commun icate w ith a de vice (o v er Eth ernet, for e xam ple), the softw are f irst m ust dete rmine the 48-bi t MA C or the local data link addre ss of that device.
7-60 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 7 Adm inistering the Switch Managin g the ARP Table.
C HAPTER 8-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 8 Configuring 802.1X Port-Ba sed Authen tication This cha pter describ es how to configure IEEE 802 .1X port-ba sed au thentic ation to pr e vent unautho rized devices (clie nt s) f rom ga ining ac cess to the network.
8-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticati on Unders tan ding 802.1X Port -Based A ut henticat io n Device Roles W it h 802.1X po rt-ba sed authentic ation, the de vices in the netw ork ha ve specif ic role s as sho wn in Figure 8-1 .
8-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Understandi ng 802.1X P ort-Based Aut henticat ion Authentication Initiation and Message Exchange The swi tch or th e client can initi ate authen tication.
8-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticati on Unders tan ding 802.1X Port -Based A ut henticat io n Ports in Au thorized and Un authorized S tates The switc h port state determi nes whet her or not the client is gran ted acces s to the net work.
8-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802.
8-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticati on Configur ing 80 2. 1X Au thent ica tion Default 802.1X Configuration Ta b l e 8 - 1 shows the d efault 80 2.1X configur ation .
8-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication 802.1X Configuration Guidelines These ar e the 80 2.1X authenti cation co nfigurati on guid elines : • When 802.
8-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticati on Configur ing 80 2. 1X Au thent ica tion Enabling 802.1X Authentication T o enable 802 .1X port-based auth entication , you must enable AAA and specify the au thenticatio n method list.
8-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802.
8-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticati on Configur ing 80 2. 1X Au thent ica tion This exam ple sh ows how to specify the server w it h IP add re ss 172. 20.
8-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802.
8-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticati on Configur ing 80 2. 1X Au thent ica tion Changing the Sw itch-to-Clie nt Retran smission Time The client respon ds to the EAP-request/id entity frame fro m the switch with an EAP-response/i dentity frame.
8-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802.
8-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen ticati on Display ing 802.1 X Stat is t ics and Status T o disabl e multip le hosts on the po rt, use the no do t1x mu ltipl e-ho sts interface conf iguration c ommand.
C HAPTER 9-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 9 Configuring Interface Cha racteristics This c ha pter d efines the ty pes o f i nte rface s on th e swi tch and de scri bes how to c on figure th em .
9-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Unders tan ding Inte rfa ce Type s VLAN partitio ns provid e hard fire walls for traff ic in the VLAN, and each VLAN has its o wn MA C address table.
9-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Unde rsta ndi n g In t erf ac e Ty p es Trunk Ports A trunk port carries th e traf f ic of multiple VLANs and by default is a member of all VLANs in the VLAN database .
9-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Using the Inter fa ce Command Figur e 9-1 Connecting VLANs with La y er 2 .
9-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Using the Interface Command Procedures for Configuring In terfaces These ge neral instruc tions apply to all interfa ce conf igurati on processes.
9-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Using the Inter fa ce Command reliability 255/255, txload 1/255, rxload 1/.
9-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Using the Interface Command When usin g the interf ace range global confi.
9-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Using the Inter fa ce Command If you ent e r multi pl e co nfigura t ion com mands whi l e you are in inter face rang e m ode, e ac h com ma nd is ex ecute d as it is entered.
9-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Configuring Layer 2 Interfaces • All interf aces in a range must be the.
9-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Configur ing Layer 2 In ter faces Configuring In terface Sp eed and Du plex M ode Ether net in terfaces on the switch op erate in 10, 1 00, or 1000 M bps and i n eith er full or hal f duplex mod e.
9-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Configuring Layer 2 Interfaces These sec tions descr ibe how to configur.
9-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Configur ing Layer 2 In ter faces Use the no spee d and no duplex interf a ce c onf igu ratio n comm and s to re turn th e inte rf ace to the d ef ault speed and duple x settin gs (autone gotiate ).
9-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Configuring Layer 2 Interfaces • rec e ive o f f an d send on : The port send s pause fra mes if the r emote device supports flow contro l but canno t recei v e pause f rames fr om the remo te de vice.
9-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Monito rin g and Mai nt aining th e In terfaces Use the no description interface configurat ion comm and to delete the de script ion.
9-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Monitoring and Maintaining the Interfaces This exam ple sh ows how to di.
9-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Monito rin g and Mai nt aining th e In terfaces no ip address mls qos cos.
9-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Configuring In te rface Charac teristics Monitoring and Maintaining the Interfaces Shutting Down and Restarting t.
9-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 9 Con figuring Interface Chara cteristics Monito rin g and Mai nt aining th e In terfaces.
C HAPTER 10-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 10 Configuring STP This chapt er describ es ho w to configure the Span ning Tree Protocol (STP) on you r switch.
10-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures • Spanning Tree and Redun da nt Co nnec tivity , pag.
10-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Unders tanding Spanni ng-Tree Featu res • Message age • The iden tif ier of the sending inte.
10-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures BPDUs conta in informa tion about the sending switch and i ts ports, inclu ding switch a nd MA C addresses, swit ch pri ority , port prior ity , and path co st.
10-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Unders tanding Spanni ng-Tree Featu res Creating the S pannin g-Tree To pology In Figure 10 -1 ,.
10-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures An interfac e mov es through these state s: • From i.
10-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Unders tanding Spanni ng-Tree Featu res Blocking State A Layer 2 in ter f ace in th e b lo ckin g state does not p ar tic ipate in frame f o rw a rdin g.
10-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures Disabled State A Laye r 2 int erface in th e disab led state do es not parti cipa te in frame forwar ding or in the span ning tree.
10-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Confi guring S panni ng-Tree Featu res Figur e 1 0-3 Spanning T ree and Redun dan t Conne ctiv ity Y o u can also c reate red undan t links betwe en switches by using EtherCha nnel gro ups.
10-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Configur ing Span ning-T ree F eature s • Conf iguring the Hello T ime, page 10-19 • Conf i.
10-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Confi guring S panni ng-Tree Featu res Cautio n Switches that are not running spanning tree still for ward BPDUs that the y recei v e so that the other switche s on the V LA N that have a run ning span ning -tree in stance can b reak l oops.
10-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Configur ing Span ning-T ree F eature s Disabling STP STP is e nabl ed by d efau lt on V LAN 1 a nd on al l newly cre ated V LAN s u p to the sp anni ng- tree lim it specif ied in T able 10- 3 .
10-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Confi guring S panni ng-Tree Featu res These e xamp les sho w the ef fect of th e spanning-tree.
10-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Configur ing Span ning-T ree F eature s Be gin n in g i n p r i vil e g ed E XEC m ode, follo w.
10-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Confi guring S panni ng-Tree Featu res Beginn ing in pri vile ged EXEC mo de, follo w these ste.
10-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Configur ing Span ning-T ree F eature s Note Th e show spanning-tree int erface interface- id privileged EXEC command displa ys informat ion only if th e por t is i n a l ink -up op er ative state .
10-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Confi guring S panni ng-Tree Featu res Note Th e show spanning-tree int erface interface- id privileged EXEC command displa ys informat ion only for por ts that ar e in a link- up opera ti ve s tate.
10-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Configur ing Span ning-T ree F eature s Configuring the Switch Priority of a VLAN Y ou can config ure the switch prior ity and make it more lik ely that the switc h will be chosen as t he root switch.
10-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Confi guring S panni ng-Tree Featu res Configuring the Hello Time Y ou can config ure the interv al b etween the genera tion of conf iguratio n messages by the root switch b y chan ging the hello tim e.
10-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Configur ing Span ning-T ree F eature s T o retur n the switc h to its def ault settin g, use the no spanning-tr ee vlan vlan -id for w a r d - t i m e gl obal configurati on comm a nd.
10-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Display ing the S panning -Tree St atus Figur e 1 0-4 Gig abi t Ether ne t Stac k Displaying th.
10-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 10 Configuring STP Displaying the Spannin g-Tree Stat us.
C HAPTER 11-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 11 Configuring RSTP and MST P This ch apter descr ibes how to co nfigure the C isco im plement ation of the IE EE 80 2.1W Ra pid Spa nning T ree Protocol (RSTP) and th e IEEE 802.
11-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Unders tan din g RSTP Understandin g RSTP The RSTP takes ad vantage of point- to-po int wiring and provides rapi d conv ergence of the span ning tree .
11-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Understa nding RST P T o be consistent with Cisco STP implementation s, this guide documents the por t state as bloc k ing instead of discar ding .
11-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Unders tan din g RSTP Figur e 1 1 -1 Pr oposal an d A gr eement Handshaking for R.
11-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Understa nding RST P Figur e 1 1 -2 Sequence of Ev ents Dur ing Rapid Con ver ge nce Bridge Protoco l Data Unit Format an d Process ing The R STP BP DU for mat is th e sam e as t he IEEE 802.
11-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Unders tan din g RSTP The RSTP does not have a separate topol ogy chan ge notificati on (TCN) BPDU . It uses the topology change (T C) flag to sho w the to pology cha nges.
11-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Unde rsta ndi n g MS TP • Propagatio n — When an RSTP s witch r ecei ves a TC mess.
11-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Unders tan din g MSTP IST, CIST, an d CST Unlike PVST+ i n which all the spann in.
11-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Unde rsta ndi n g MS TP Operations Between M ST Regions If there are multip le regio ns or legacy 802.
11-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Unders tan din g MSTP Hop Count The IST and M ST inst ances do not use the mes sage- age an d maximum -age informa tion in the configurati on BPDU to comp ut e t he sp an ning- tre e t opolo gy .
11-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Interoperability with 802.1D STP Interoperability with 802.1D STP A switch running both M STP a nd RST P supports a built-in p rotoco l migrati on m ec ha nism t ha t ena bl es it to interoperate with leg acy 802.
11-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Default RSTP and MS TP Configura tion T able 11-3 sh ows the de fault RST P a nd M STP c onfiguration .
11-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Specifying the MST Region Co nfiguration and En .
11-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es configurati on com mand. T o retur n to the default revision nu mber, use the no revision MST conf igurat ion comman d.
11-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Note Th e ro ot swi tch fo r eac h s pan ning -t ree inst anc e shoul d b e a ba ckbon e or dist ribution sw itch .
11-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Configur ing a Se co ndar y R oot S witch Wh.
11-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Configuring the Port Priority If a l oop occur s, the MST P uses the port priority when selec ting an in terface to put in to the for warding state.
11-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Configuring the Path Cost The MSTP path cost def ault v alue is deri v ed from the media speed of an interf ace.
11-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Configuring the Switch Priority Y ou can config ure the switch prior ity and make it more lik ely that the switc h will be chosen as the root switch.
11-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Beginn ing in pri vileg ed EXEC mode, follo .
11-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Confi guring RSTP and MSTP Featu res Configuring the Maxi mum-Aging Time Beginning in.
11-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Configuring RSTP and MSTP Featur es Specifying the Link Type to Ensure Rapid Tra.
11-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Configuring RSTP and MSTP Displaying the MST Configuration and Status Displaying the MST Configuratio n and Sta.
11-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 11 Co nfiguring R ST P and M ST P Displaying the MST Configu rat ion and Status.
C HAPTER 12-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 12 Configuring Optional Spannin g-Tree Features This cha pter descri b es how to configure opt iona l span ning- t ree fea tu res. Y o u ca n configur e all of the se featu re s whe n you r swi t ch is run ning th e per-VLAN sp anni ng-tre e (PVST ).
12-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Understa.
12-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Understanding .
12-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Understa.
12-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 12-3 U.
12-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures How CSUF Work s CSUF ensures that one link in the stack is elected as the path to the root.
12-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res The switch sen.
12-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Limitati.
12-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 12-6 G.
12-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Understand ing Back boneF ast Backbo neFas t detects ind irect failures in the core of th e backbon e.
12-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res If lin k L 1 fail s as s hown in Figure 12 -8 , Switch C cannot det ect this f ailure bec ause it is not co nnected direct ly to link L1.
12-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Unders tanding Root Gu ar d The Laye r 2 network of a service provide r (SP) can incl ude many co nnectio ns to switche s that are no t owned by the SP .
12-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Understand ing L.
12-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures Default Optional Spanning-Tree Conf iguration T able 12-1 sh ows the default opt iona l spa nn ing- tree co nfigurat ion.
12-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Note Y ou ca n use the spa nning-tre e portfast default global con figuration co mmand to global ly enab le the Port Fast featur e on all nontrun king por ts.
12-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures T o disable BPDU guard, use the no spanning-tree por tfast bpduguard default global configur ation comm an d.
12-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures T o disable BPDU filte ring, use t he no spanning-tree portfa st bpdufilt er default global configurat ion comm an d.
12-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures Enabling C ross-S tack Up linkFas t Before ena bling CSU F , make sure your sta ck switch es are proper ly connec ted.
12-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Enabling Ba ckbon eFast Y o u can en able Bac kboneFast to detect indi rect li nk failures and to start the sp anning- tree reconfigur atio n soo ne r .
12-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Configur ing Optiona l Spanning- Tree Fea tures T o disa ble ro ot g uard, use the no spanning-tre e guard interf ace conf igurati on command.
12-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Display ing the S panning -Tree St atus Displaying the Sp annin.
12-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 12 Configurin g Optiona l Spann ing-Tr ee Featu res Displaying the Spannin g-Tree Stat us.
C HAPTER 13-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 13 Configuring VLANs This c hapt er d escri b es how to c onfigure norm al -ra nge V LAN s (V L AN IDs 1 to 100 5) and extended-ra nge V LANs (VLAN I Ds 100 6 to 4094 ).
13-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Unders tan ding VLAN s Figure 13-1 shows an exam ple of V L ANs segmented into l ogica lly defined n etwor ks. Figur e 13-1 VLANs as Logically Defined Netw or k s VLANs are of ten assoc iated with IP su bnetw orks.
13-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Unde rst an din g VLA Ns VLAN Port M embership M odes Y o u configure a port to belong to a VLAN by assigning a me mber ship mode that de termin es the ki nd of traf fic the port c arries and t he number of V LANs to which i t can belon g.
13-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing Normal- R ang e VLAN s Configuring Normal -Range VLANs Normal- range VL A Ns are VL ANs with VLA N I Ds 1 to 1005 .
13-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s This sect ion incl udes infor mation ab out these top.
13-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing Normal- R ang e VLAN s is to a llow all VLA Ns ), th e new VLAN is ca rrie d o n all t ru nk po rts.
13-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s Saving VL AN Configur ation The co nfiguration s of VLAN IDs 1 to 10 05 are a lways sa ved in the VLA N database (vlan.
13-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing Normal- R ang e VLAN s Default Ethernet VLAN Configuration T able 13-2 shows the default co nfig uration for Ethernet VL ANs. Note The switch suppo rts Ethe rnet interf aces exc lusi v ely .
13-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s Beginning i n privileged EXEC mode, f ollow these st .
13-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing Normal- R ang e VLAN s T o return th e VLAN name to th e defaul t settings, use th e no vlan vlan-id name or no vl an vlan-i d mtu VLAN conf iguration comm and.
13-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configur ing N orma l -Ran g e VL A N s Assigning S tatic-Ac cess Ports to a VLAN Y o u can assi gn a s tati c-ac cess port to a VLAN wi tho ut having VT P gl obal ly p rop agate V LAN configurat ion inf orm at ion ( VTP is di sabl ed).
13-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing Extended-R ange VLA Ns Configuring Ex tended-Rang e VLANs When the switch is in VTP transparent mode (VT P disabled) and the EI is installed) , you can create extended -rang e VLA Ns ( in the ra nge 1006 t o 4094).
13-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Confi guring Exte nded-Ra nge VL ANs • STP is enable d by default on extended -range V LANs, but you can di sable it by using the no spann ing- tre e vlan vlan-id global co nfigur ation c omm an d.
13-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Displa ying VL ANs T o delete an extend ed-range VLA N, use the no vlan vlan-i d global configurat ion comm and. The proc edure fo r assign ing stat ic-acc ess port s to an ext ended-r ange VLAN is the s ame as for normal-ra nge VL ANs.
13-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s Configuring VLAN T runks These sec tions descr ibe how VLAN trunks functio n on the swi tch: • T runking O verview , page 13 -15 • 802.
13-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing VLAN Trunk s T o avoid this, yo u s hould configu re int erfac es conn ect ed t o devices tha t do no t sup port DTP to n ot forward D TP frame s, tha t i s, to t urn off DTP .
13-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s • Disabling span ning tree on the na ti v e VLAN of an 802.1 Q trunk without d isabling spann ing tree on e very VLAN i n the network can po tentia lly cause spa nning-t ree loops.
13-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing VLAN Trunk s – STP Port F ast setting – trunk s tat us: i f o ne po rt i n a po rt g rou p ce as es t o b e a t runk, a ll por t s ce ase t o be t runk s.
13-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s Switch(config-if)# switchport mode dynamic desirable Switch(config-if)# end Defining the Allowed VLANs on a Trunk By default, a trunk port sends traf f ic to and re cei ves tra ff ic from al l VLANs.
13-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing VLAN Trunk s Changing the Pruning-Elig ible List The prunin g-eligible l ist applies o nly to t runk ports. Each tru nk port has its o wn eligibilit y list.
13-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s Beginning i n privileged EX EC mo de, foll ow these s teps to c onfigure th e nat iv e VL AN on an 8 02.
13-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configur ing VLAN Trunk s In thi s way , Trunk 1 c arri es t r affic for VLA Ns 8 t hr oug h 10, a nd Trunk 2 c ar rie s tra ff ic fo r VLA Ns 3 through 6.
13-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s Load Sharing Using STP Path C ost Y o u can co nfigure paralle l trunks to share VLAN traffic by setting di fferent path costs on a trunk and associ ating the path costs with dif feren t sets of VLA Ns.
13-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configuring VMPS Beginn ing in pri vile ged EXE C mode, follo w these steps to conf ig ure .
13-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configuring VMPS • “ Monitori ng the VMPS ” sectio n on pa ge 13-31 • “ T rouble s.
13-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configuring VMPS If the link goes do wn on a dynamic por t, the port retur ns to an isolated state and does not belong to a VLAN.
13-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configuring VMPS ! address <addr> vlan-name <vlan_name> ! address 0012.2233.4455 vlan-name hardware address 0000.6509.a080 vlan-name hardware address aabb.
13-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configuring VMPS VMPS Configuration Guidelines These gui deline s and restric tions app ly to dynami c port VL AN memb ership: • Y o u must co nfigure the VMPS befo re you con figure ports as dyna mic.
13-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configuring VMPS Beginn ing in pri vilege d EXEC mode, follo w these step s to enter the IP address of the VMPS: Note The switch port that is co nnected to the V MPS serv er cannot be a dynamic acc ess port.
13-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configuring VMPS Reconfirming VLAN Memberships Beginning in privileged EXEC mo de, foll ow .
13-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Configuring VLA Ns Configuring VMPS T o retur n the switc h to its def ault settin g, use the no vmps r etry global configura tion c om mand .
13-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 13 Co n figuring VLANs Configuring VMPS VMPS Co nfig ur at ion Ex am ple Figure 13-5 shows a ne twork with a VMPS serve r switch and V MPS client switches with dynamic p orts.
C HAPTER 14-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 14 Configuring VTP This c hapt er d escri b es how to us e t he V LAN Trunking Pr otoc ol ( VTP) a nd t he V LAN dat aba se for managing V LANs .
14-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Unders tan din g VTP The VTP Do main A VTP do ma in ( also c alle d a VLA N ma nage ment domai n ) con sis ts of o ne sw itch or several interconn ected swit ches under th e same a dministrati ve responsibili ty sharing the same VTP d omain name.
14-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Understanding VTP VTP Mode s Y o u can co nfigure a supporte d switch to be in one of the VTP modes liste d in Ta b l e 1 4 - 1 .
14-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Unders tan din g VTP • MD5 diges t VLAN co nf igurat ion, in clud ing max imum tr ansmi ssion unit (M TU) si ze fo r each VLAN.
14-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Understanding VTP Figur e 14-1 Floodi ng T raffi c without VTP Pr uning Figure 14-2 shows a swi tched network w ith V T P pruni ng ena ble d.
14-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Conf igu rin g VTP VTP pruning is not designed to func tion in VTP transparent mode . If one or more switches in the netwo rk are in VTP transparen t mode, yo u should do on e of thes e: • T urn off VTP prun ing in the en tire network .
14-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Configuring VTP VTP Configuration Options Y o u can co nfigure VTP by using these co nfiguration mo des.
14-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Conf igu rin g VTP VTP Configuration Guidelines These sec tions descr ibe guid elines you should fol low when implem entin g VTP in your ne twork.
14-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Configuring VTP VTP Ve rs ion Foll ow these gui delines whe n deciding which VTP ver sion to im plement: • All switches in a VTP domain must run the same VTP versi on.
14-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Conf igu rin g VTP When you con figure a domain na me, it cannot be rem oved; you can only rea ssign a switc h to a different domain. T o retu rn the swi tch to a no-pa sswor d s tate, u se the no vtp password global co nfiguration c omman d.
14-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Configuring VTP This exam ple sh ows ho w to use VLA N configurat ion m ode to configure the sw.
14-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Conf igu rin g VTP Note Y ou ca n also configur e a VTP client by using th e vlan database p ri.
14-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Configuring VTP Note Y ou ca n also configure V TP transpare nt mode by using the vlan dat abas.
14-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Conf igu rin g VTP Enabling V TP Prunin g Pruning inc reases available bandwi dth by restric ting flood ed traffic to those trunk links th at the traffic must use to acces s the destinat ion devices.
14-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Configuring VTP Adding a VT P Client S witch to a VT P Domain Before adding a V TP clien t to a.
14-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 14 Configuring VTP Monito rin g VTP Monitoring VTP Y o u mon itor V TP by di sp layin g VT P configu ratio n in for matio n: th e dom ain name , the c ur rent V T P revision, and the n umb er of VL AN s.
C HAPTER 15-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 15 Configuring Voic e VLAN This ch apt er descr ibes how to configure the voice VLAN f eature on yo ur sw itch. V oice VLA N is re ferred to as an auxiliary VLAN in the Cata lyst 6000 f amily swi tch do cumentation.
15-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 15 C onfiguring Voice VLAN Configuring Voic e VL AN Figure 15-1 shows one way to conne ct a Cisco 7 960 IP Phone.
15-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 15 Configuring Voice VLA N Configuring Voice VLAN Voice V LAN Con figuration Guide lines These a re the v oic e VLAN con figu ration guid elines: • Y o u shou ld configu re voice VLA N on swi tch a cce ss port s.
15-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 15 C onfiguring Voice VLAN Configuring Voic e VL AN Configuring Ports to Carr y Voice Traffic in 802.1Q Frames Beginn ing in pri vileg ed EXEC mode, follo w thes e steps to conf igure a port to carry v oice traf fic in 802.
15-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 15 Configuring Voice VLA N Configuring Voice VLAN Overriding the CoS Pr iority of Incoming Data Frame s Y o u can conne ct a PC or o t her dat a device to a Cisco 7960 IP Phon e por t .
15-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 15 C onfiguring Voice VLAN Displa ying Vo ice VLA N Configuring the IP Phone to Tr ust the CoS Priority of Inc oming Data Frames Y o u can conne ct a PC or o t her dat a device to a Cisco 7960 IP Phon e por t .
C HAPTER 16-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 16 Configuring IGMP Sno oping an d MVR This cha pter d escribes h ow to configure In ternet Gr oup Ma nageme nt Prot ocol (IGM P) snoop ing on your switch, including an applicatio n of loca l IGMP snoopi ng, Multica st VLAN Re gistration (MVR).
16-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Unders tan ding IGM P Snoo ping the switc h adds the host p ort numb er to the for wardin g table en try; when it recei ves an IGMP Lea v e Group message from a host, it remo ves the host port from the table entry .
16-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping Figur e 16-1 Initial IGMP Join M essag e Router A se nds a genera l query to t he switc h, which f orwards the qu ery t o ports 2 thro ugh 5, a ll members of the same VLAN.
16-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Unders tan ding IGM P Snoo ping Figur e 16-2 Second Hos t Joi ning a Multi.
16-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Note Y o u shou ld on ly u se the I mm ediat e- Leave proc essin g feat ure on V LANs wher e a si ng le h ost i s connect ed to each port.
16-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Configuring IG MP Sn ooping Beginning i n privileged E X EC mo de , follow.
16-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Beginn ing in pr i vileged EXEC m ode, follo w t h.
16-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Configuring IG MP Sn ooping T o rem ov e a mul ticast route r port f rom the VLAN, use the no ip igmp snooping vlan vlan- id mr outer interface inte rface-id global configurat ion comm and.
16-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information Switch# show mac address-table multicast vlan 1 Vlan Mac Address Type Ports ---- ----------- ---- ----- 1 0100.
16-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Displaying IG MP Sn ooping Informa tion This is an example of output from.
16-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information This i s an exampl e of outp ut f rom .
16-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Unde rs ta n din g Mu ltic as t V LAN Reg i stra t io n Understandin g Mu.
16-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Underst anding Multicast VLAN Registration When a subscriber chan ges channels or turns of f the tele vision, the set-to p box sends an IGMP leav e messag e for th e mult icast st ream.
16-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Conf igu rin g MVR MVR elimin ates the need to duplicate tele vision-c h annel multi cast traf fic for subscribers in e ach VLAN.
16-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Configuring MVR MVR Configuration Guidelines and Limitations Foll ow these gui delines when conf iguring MV R: • Receiver ports cann ot b e t runk p ort s.
16-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Conf igu rin g MVR T o return t he switch to its defa ult settin gs, use the no mvr [ mode | group ip-a dd ress | querytime | vlan ] global configurati on comm ands.
16-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Configuring MVR T o return the inter face to its default settings, u se the no mvr [ type | immediate | vl an vlan -id | gro up ] interf ace conf igu ration com mands.
16-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Disp l ay in g MV R Info rma t ion This is an example of output fro m the show mvr interface privileged EXEC com mand whe n the member keyword is inc lud ed : Switch# show mvr interface fastethernet0/2 members 224.
16-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Con f ig u ri n g IG M P Fi lt e ri n g This is an example of output fro m the show mvr interface pri vile ged EXEC command for a specif ied interf ace: Switch# show mvr interface fastethernet0/2 224.
16-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Conf igu ring I GMP Filt eri ng Configuring IGMP Profiles T o conf igure .
16-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Con f ig u ri n g IG M P Fi lt e ri n g This e xample show s how to crea te IGMP prof ile 4 allo wing access to the single IP multica st address and ho w to v erify t he conf iguration.
16-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Conf igu ring I GMP Filt eri ng Setting th e Maximum Numbe r of IGMP Grou.
16-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Configuring IGMP Sno oping and M VR Displaying IGMP Filtering Configuration Displaying IGMP Filtering Configura.
16-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 16 Co nfiguring IGMP S noo ping and M VR Displaying IGMP Filterin g Configura ti on.
C HAPTER 17-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 17 Configuring Port-Base d Traffic Control This chapte r des cribes how t o conf igure th e port-b ased traf fic contro l featur es on your switch .
17-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Stor m Control The rising t hresho ld is the p erce nt age of to tal a v a ilab le b andwi dth assoc iate d with m ultica st, broad cast, or unicast t raf fi c before forwarding is block ed.
17-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port -B ased Tra ffic Control Configuring Protected Ports Disabling Stor m Co nt rol Beginning i n p.
17-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Port Security T o disable prot ected p ort, use th e no switchport protected interface configurat ion comm and.
17-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Secure MAC Addresses A secure port can have from 1 to 132 associ ated sec ure addre sses.
17-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Port Security If port sec urit y i s d isabl ed, the s ticky secur e M A C ad dresse s re ma in in t he r unnin g c onfigura tion.
17-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Port Security Configuration Guidelines Foll ow these gui delines when co nfig uring port security: • Port security can only be config ured on static access ports.
17-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Port Security Step 6 switchport port-security violation { p.
17-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty T o retur n the inter fac e to the de fault conditi on as not a secure p ort, use the no switchport port -security interf ace co nf igurati on com mand.
17-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Port Security Switch(config-if)# switchport port-security mac-address 0000.
17-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Beginn ing in pri vilege d EXEC mode, fol.
17-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 17 Configuring Port-Based Traffic Co ntro l Displaying Port-Base d Traffic Cont rol Settings Displaying Port-Based.
C HAPTER 18-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 18 Configuring UDLD This c hapt er d escri b es how to c onfigure the Un iDi rec tiona l Li n k De tect ion (UD LD) pr otoc ol o n y our switch.
18-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 18 Co nfiguring UDLD Unders tan ding UDL D UDLD oper ates b y using two mech anisms: • Neighbor datab ase mainten.
18-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 18 Configuring UD LD Configuring UDLD Configuring UDLD This se cti on de scri bes how to c onfigure UD LD o n your sw it ch.
18-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 18 Co nfiguring UDLD Conf igu ring U DLD Enabling UDL D Globally Beginn ing in pri vilege d EXEC mode, follo w thes.
18-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 18 Configuring UD LD Configuring UDLD T o disabl e UDLD on a no n-f ibe r- opti c inte rface , use the no udld enable interf ace conf igura tion comm an d.
18-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 18 Co nfiguring UDLD Displa ying U DLD Statu s Displaying UDLD Status T o display the UDLD stat us for the s pecif ied i nterf ace or for all interf aces, use the show udld [ interface-id ] pri vileged EX EC comm and.
C HAPTER 19-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 19 Configuring CDP This c hapt er d escrib es how to configure Cisc o Discovery Pro toco l ( CDP ) on your swi tch .
19-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 19 Co nfigu ri n g CDP Conf igu rin g CD P Configuring CDP These sec tions inclu de CDP con figuration info rmatio.
19-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 19 Configuring CDP C onfiguring CDP Use the no form of the CDP commands to return to the def ault settings. This e xample sho ws how to confi gure an d veri fy CDP character istics .
19-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 19 Co nfigu ri n g CDP Conf igu rin g CD P This example shows how to enable CDP if it has been di sabled .
19-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 19 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o mon itor a nd mai ntai n CDP on yo ur device, per form one o r mor e of t hese ta sks, begi nnin g in privileged EXEC mo de .
19-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapte r 19 Co nfigu ri n g CDP Monito rin g and Mai nt aining CDP.
C HAPTER 20-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 20 Configuring SPAN and RSPAN This chapte r descr ibes ho w to co nf igure Switc hed Port Analyzer (SP AN) and Remote SP AN (RSP AN) on your switc h.
20-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 C onfiguring SPAN and RSPAN Understan din g SPA N and RSPAN Figur e 20-1 Example SP AN Configur ation Only traffic that ent ers or le aves source port s c an be mon i tore d by us ing SP AN.
20-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN SPAN and RS PAN Conc epts a nd Terminology This secti on descri bes conce pts and te rminology associate d with SP AN and RSP AN co nfiguration.
20-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 C onfiguring SPAN and RSPAN Understan din g SPA N and RSPAN Source Port A source port (als o called a monitor ed p ort ) is a switch ed port th at you mo nitor fo r network tra f fic analy sis.
20-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN • It can be a physical port that is ass ig ned to a n Ether Channel gr oup, even if the Et herChan nel grou p is specif ied a s a SP AN source.
20-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 C onfiguring SPAN and RSPAN Understan din g SPA N and RSPAN If a po rt is added to a mo nitored Ethe rChan nel gr oup, the new por t is a dded t o the SP AN sou rce por t list.
20-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 Configuring SPAN and RSPAN Configuring SPAN Configuring SPAN This sec tion d escribes h ow to configure SP AN on your switc h.
20-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 C onfiguring SPAN and RSPAN Configuring SPAN This exam ple shows how to set up a SP AN sessi on, s essi on 1 , for m oni tor ing s our ce p ort t raffi c to a destinati on port .
20-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 Configuring SPAN and RSPAN Configuring SPAN Removin g Ports from a SPAN Session Beginning in pr ivileged EXEC mo.
20-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 C onfiguring SPAN and RSPAN Configuring RSPAN Configuring RSPAN This secti on descri bes how to configure RSP AN on you r switc h.
20-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 Configuring SPAN and RSPAN Configuring RSPAN • Y o u shou ld cre ate a n RSP AN VL AN befo re c onfiguring a n RS P AN sou rce or de stina tion s ession .
20-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 C onfiguring SPAN and RSPAN Configuring RSPAN This example shows ho w to clear any existing RSP AN configur ati.
20-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 Configuring SPAN and RSPAN Configuring RSPAN This exampl e shows ho w to configure VLA N 901 as the sou rce rem.
20-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 20 C onfiguring SPAN and RSPAN Displaying SPAN and RS PAN Status Displaying SPAN and RSPAN Status T o display the statu s of the current SP AN or RSP AN configuratio n, use the show monitor pri vilege d EXEC co mmand.
C HAPTER 21-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 21 Configuring RMON This ch apter descr ibes how to con figure Remote Network Mo nitori ng (RMO N) on your swit ch.
21-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 21 Co n figuring RM ON Conf igu ring R MON Figur e 21 -1 Remot e Monit or i ng Example The switc h supports t hese .
21-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 21 Configuring RMON Confi guring RMON Default RMON Configuration RMON is disa bled by default ; no alarms or events are configured . Only RMON 1 is supp orted on the switch.
21-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 21 Co n figuring RM ON Conf igu ring R MON T o disable an al arm, use th e no rmo n alar m num ber global configura t ion com mand on e ach al arm you configured . Y ou c anno t disa ble at on ce a ll t he ala rms tha t yo u c on figured.
21-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 21 Configuring RMON Confi guring RMON Configuring RMON Collection on an Interface Y o u must first c onfigure RM ON al ar ms an d events to displa y co llec tion i nf orma tio n.
21-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 21 Co n figuring RM ON Displa ying RM ON Sta tus T o disabl e the co llecti on of g roup E thern et sta tistics , use th e no rmon collec tion stats index interf ace configurati on comm a nd.
C HAPTER 22-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 22 Configuring System Message Logg ing This c hapter d escrib es how to c onfigure system me ssage log ging on your sw itch.
22-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Configuring Sy stem Me ssage Logging .
22-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging This example shows a partial switch s.
22-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Disabling an d Enab ling Me ssage Lo gging Message logging is enab led by de fault. It must be enabled to send messages to any destination othe r than the conso le.
22-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging The logging buffered globa l configur ation comm and c opies l ogging messa ges to a n inte rnal buffer .
22-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Synchronizing Log M essages Y o u can.
22-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging T o disable syn chroni za t ion of un.
22-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Enabling a nd Disab ling Seq uence Nu.
22-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging Note Spe cifying a level c auses messages at that le v el an d numerical ly lo wer le v els to be displayed a t the destination.
22-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuri ng System Me ssage Logging Configur ing System Mes sage Logg ing Limiting Syslog Messages Sent to the.
22-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging Logging Messages to a UNIX Syslog Daemo n Before yo u ca n send system log m essages to a UNIX syslog server , you m ust con figure the syslog daemon on a U N IX ser ver .
22-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 22 Configuri ng System Me ssage Logging Display ing the Log gi ng Configur ation T o remov e a syslog s erv er , use the no logging host globa l configurati on co mman d, and spe cify the syslog server IP address.
C HAPTER 23-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 23 Configuring SNMP This chapt er describ es ho w to configure the Sim ple Network Mana gement Prot ocol (SNM P) on your switch.
23-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Unders tan ding SNMP • Using SNMP to Access MIB V ariables, page 23-4 • SNMP Notif ica tion.
23-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNM P Under standin g SNMP Y ou must co nfigure the SN MP agent to use the SNMP version support ed by the manage ment stat ion.
23-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Unders tan ding SNMP SNMP Community String s SNMP comm unity stri ngs authent icate acc ess to MIB object s and functio n as embedde d passwords.
23-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNM P Configuring SNMP SNMP Notifications SNMP allo ws t he switch to send n otif ications to SNMP manager s when p articular ev ents occur . SNMP notifications ca n be sent as tr aps or inform request s.
23-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Conf igu rin g SNMP Default SNMP Configuration T able 23-3 sh ows the de fault SNM P c onfigurat ion. SNMP Configuration Guidelines An SNMP gr oup is a table th at ma ps SNM P use rs to SN MP views.
23-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNM P Configuring SNMP Disabling the SNMP Agent Beginn ing in pr iv ileged EXEC mode, f ollo w these.
23-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Conf igu rin g SNMP Note T o disabl e acce ss for an SNM P commun ity , set th e comm unity string for that co mmunity to the null string (do not enter a value for th e communi ty string ).
23-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNM P Configuring SNMP Beginn ing in pri vileg ed EXEC mode, follo w these st eps to confi gure SNMP on the switch: Command Purpo se Step 1 c onfigure te rmina l Enter global configurat ion mode .
23-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Conf igu rin g SNMP Configuring SNMP Notifications A trap manag er is a mana geme nt statio n that recei ves and pro cesses tr aps. T rap s are sys tem alerts that the switc h gener ates whe n cert ain events occu r .
23-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNM P Configuring SNMP Some noti fication type s can not be c ontr olled wi th the sn mp-se rver ena ble globa l configurati on comm an d, for exampl e, tty a nd udp-port .
23-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Conf igu rin g SNMP The snmp-serv er host co mmand s pecif ies which ho sts rec eiv e th e noti fica tions. T he snmp-serv er enab le trap command global ly enable s the mech anism for the specif ied notif icatio n (for tra ps and informs ).
23-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNM P Configuring SNMP Setting th e Agent C ontact and Location In formation Beginn ing in pri vile.
23-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Conf igu rin g SNMP SNMP Examp les This example shows ho w to enable all versions of SN MP . Th e configurati on permi ts any SNMP manager to access all objects with read-only permissions using the co mmunity string public .
23-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNM P Disp la yin g S N M P S t at us Displaying SNMP Status T o display SN M P input and o utput s.
23-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 23 Configuring SNMP Displaying SNM P Status.
C HAPTER 24-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 24 Configuring Network Security with ACLs This cha pter d escri bes how to configu re net work se curit y on yo ur swi tch by usi ng a cce ss contr ol l ists (A CL s), whic h are also ref erred to in comm ands an d tables as acce ss lists .
24-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Unders tandin g A CLs Understandin g ACLs Pack et f ilterin g can limit net work traff ic and restrict netw ork use b y certain users or de v ices.
24-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Unde rsta ndi n g AC Ls Figur e 24-1 Usi ng AC Ls to Contr ol T raff ic t o a Netw or k Handling Fragmented and Unfragmented Traffic IP packets can be fragment ed as they cross the ne twork.
24-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Unders tandin g A CLs • Packet A is a TCP pa cket fro m ho st 10. 2. 2.2, po rt 65000 , go ing to h ost 10.1. 1.1 on th e SMTP por t.
24-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Unde rsta ndi n g AC Ls • Layer 4 fields: – TCP (Y ou c an sp eci fy a T CP so urce , de stin ation po rt n um ber, or both a t the same time.
24-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs Guidelines for Applying ACLs to Physical Interfaces When ap plyi ng ACLs to physic al in terfaces , f oll ow these configura tion g uide lines: • Only one A C L can be attached to an interface .
24-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Confi guring ACLs Unsupporte d Features The switc h does not support t.
24-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs ACL Numbers The numbe r you use to denote your A CL shows the type of access list th at you ar e cre ating.
24-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Confi guring ACLs Creating a Numbered Standard ACL Note For info rmati.
24-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs This exampl e shows ho w to creat e a standard ACL to deny access to IP host 171 .69.1 98.102, pe rmit access to an y others, and display the results.
24-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Confi guring ACLs Note Th e switc h does not supp ort dyna mic or reflexive access lis ts. It al so does n ot suppor t filtering based on the min imize -mon eta ry-co st typ e of servic e (T oS ) bit.
24-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs Beginn ing in pri vileg ed EXEC mode, follo w these st eps to create an exte nded A CL: Command Purp ose Step 1 co nfi gure terminal Ent er g loba l c onfigura tion m od e.
24-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Confi guring ACLs Use the no a ccess-lis t a ccess-list-number gl obal conf igurat ion command to dele te the entire access list.
24-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs Be ginning in pri vile ged EXEC m ode, fo llo w .
24-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Confi guring ACLs When ma king t he stan dar d an d extend ed A CL, r.
24-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs T o remov e a conf igu red time -ran ge, use the no time-r ange ti me-range-nam e globa l c onfigura tion comm and.
24-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Confi guring ACLs deny tcp any any time-range new_year_day_2000 (inac.
24-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Conf igu ring A CLs In this exam ple, the Jones subnet is not allo w.
24-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Confi guring ACLs This exam ple sh ows how to cr eate an d displ ay a n acc ess l ist name d mac1 , denying o nl y E the rT yp e DECnet Phase IV traf f ic, b ut permitting all other types of traf f ic.
24-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Applying ACLs to Ter m in al Lines or Phy sical Inter faces Applying.
24-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Displaying ACL Information Applying ACLs to a Physical Interface Begi.
24-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Displa ying A CL Inf ormati on Displaying ACLs Y ou ca n display existi ng A CLs by using show commands.
24-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Examples for Compiling ACLs Displaying A ccess Groups Note Th is fea ture is available o nly i f your sw itch i s r unn ing the EI .
24-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Examples fo r Compilin g ACLs Use swi tch A CLs to d o these: • Create a standa rd A CL, and filter traff ic fr om a spe cific Interne t host with an addre ss 172.
24-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Configuring Net work Securi t y with ACLs Examples for Compiling ACLs Numbered ACL Examples This example shows that the swi tch accept s addre sses on networ k 36.
24-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 24 Con figuring Ne two rk Sec urity with ACLs Examples fo r Compilin g ACLs In this ex ample o f a num bered A CL,.
C HAPTER 25-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 25 Configuring QoS This chapter descr ibes ho w to conf igure quality of service (QoS) b y using QoS com mands. W ith QoS, you can p rovid e preferen tial treatm ent to cert ain types of traf fi c at the e xpense o f others.
25-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Unders tan ding QoS • V ideo w izard — Giv es traff ic th at origin ates from speci fied video servers a highe r priori ty than the prior ity of data t raf f ic.
25-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Under sta n din g Q oS Figur e 25-1 QoS Cl assificatio n Lay ers in F ram es and P ack ets All .
25-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Unders tan ding QoS • Markin g e va luates the policer an d conf iguration info rmation.
25-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Under sta n din g Q oS The trust DSCP con figur ation is meaningless fo r non-IP traf f ic.
25-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Unders tan ding QoS Classification Based on Class Maps and Policy Map s A class map is a mechanism th at you use to isol ate and n ame a specif ic tr af fic flo w (or clas s) from all other traf f ic.
25-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Under sta n din g Q oS • Only one policer can be applied to a pack et in the input direc tion. • Only t he a verag e rate and com mitted b urst parameter s are co nf igurable.
25-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Unders tan ding QoS Port Prior ity Frames rec ei ve d from users in the adminis trati v ely-def ined VLANs are clas sif ied or tagge d for transmission to other de vices.
25-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S Configuring QoS Before configur ing QoS, you must hav e a thoroug h understand ing of the se items: • The type s of applica tions used and the traffic patterns on yo ur network.
25-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Configuration Guidelines Note Th ese guide lines are applicab le only if you r switch is ru nning the E I.
25-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S Note Both the EI a nd SI support this featur e. Configuring the Trust State on Po rts within the QoS Domain Pa ckets en tering a QoS domai n are classi fied at the edge of the QoS dom ain.
25-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Beginn ing in pr iv ilege d EXEC mode, follo w the se steps to conf i.
25-13 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S Configuring the CoS Val ue for an Interface QoS assigns the CoS v al ue specif ied with the mls qos cos interfac e conf igu ration c ommand to unta gged frames re ceived on trusted and untrust ed port s.
25-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Ho we ver , if a user byp asses the telep hone and c onnects th e PC .
25-15 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S Enabling Pass-Through Mode In software rel eases earl ier than Re lease 12.
25-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Configuring a QoS Policy Note Th is fea ture is available o nly i f your sw itch i s r unn ing the EI .
25-17 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S For more information abo ut creating IP standar d A CLs, see the “ Guidelin es f or A pplying ACLs to Physica l Interfa ces ” section on page 24-6 .
25-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Beginn ing in pri vileg ed EXEC mode, follo w the se steps to create an IP exte nded A CL for IP tra ff ic: Command Purpose Step 1 conf igure t erminal Enter g lo bal c onfigurat ion m ode.
25-19 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S For more information about crea ting IP exten ded A CLs, see the “ Guidelines for Applyi ng A CLs to Physica l Interfa ces ” section on page 24-6 .
25-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS This e xample sho ws ho w to cr eate a Lay er 2 MA C A CL wit h a permit s tatement. Th e statem ent allo ws traff ic from the host wi th MA C address 0001.
25-21 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S T o delete an exi sting class ma p, u se the no class-map cl ass-map- name gl obal conf igur ati on com man d.
25-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Beginning in privileged EX EC mode , follow these steps t o create a po licy map: Command Purpose Step 1 conf igure t erminal Enter g lo bal c onfigurat ion m ode.
25-23 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S T o delete an e xisting polic y map, use the no policy-map poli cy-m ap-n ame global configuration comm and. T o de lete an existi ng class ma p, use the no clas s class-map-nam e poli cy-map co nfigurati on comma nd.
25-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Switch(config)# access-list 1 permit 10.
25-25 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S Configuring the CoS-t o-DSCP Map Y ou use the CoS- to-DSCP ma p to map CoS v alues in incomin g pack ets to a DSCP v alu e that Qo S uses internall y to rep resent the priority o f the tr af fic .
25-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Conf igu rin g QoS Configuring the DSCP-to- CoS Map Y o u use the DSCP- to-CoS ma p to map DSCP values in incom ing pac kets to a Co S value, which is used to sele ct one of the fou r egress queues .
25-27 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S Configur ing Qo S Config ur ing Co S an d WRR Note Th is feature is supported by both the EI and SI.
25-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS Displa ying QoS Infor mation T o di sable th e WRR sche dule r an d ena ble th e st rict pri ori ty sc he du ler, use the no wrr -queue bandwidth globa l configuration command.
25-29 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S QoS Config uratio n Examples QoS Configuration Exa mples Note These ex amples are applicab le only i f your switc h is run ning the EI .
25-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS QoS Configura tion Examp les QoS Configuration for the Existing Wiring Closet The exi sting wiring closet in Figure 25-4 consi sts of existing Ca talyst 290 0 X L and 3500 X L switche s.
25-31 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 25 Configuring Qo S QoS Config uratio n Examples Step 9 police 5000000 819 2 exce ed-ac tion drop Def ine a p olicer f or the classi fie d vide o traf f ic to drop tr af fic that exc eeds 5-Mb ps a v erag e tra f f ic rat e with an 81 92-b y te b u rst size .
25-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapt e r 2 5 Co nf igur ing Q oS QoS Configura tion Examp les.
C HAPTER 26-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 26 Configuring EtherChannels This cha pter descri bes how to configure Ether Channel on Layer 2 interfaces. EtherCha nnel provi des fault-to lerant high- speed links betw een switc hes, ro uters, and ser vers.
26-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 6 Configur ing Ethe rChannel s Unders tan ding Ether Channels Figur e 26-1 T ypical EtherChannel Con figur ation Each Et h erCha nne l ca n co ns is t of up to eigh t com pa tib ly configur ed Ethe rn et i nte rface s.
26-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 26 Configuring Eth erCh annels Understa nding Et herChann els Figur e 26-2 Relation ship of Ph ysical P or ts, Lo g.
26-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 6 Configur ing Ethe rChannel s Unders tan ding Ether Channels PAgP Modes T able 26-1 sh ows the user-configurab le Ethe rC han nel mode s f or the channel-group interfa ce configurati on comm a nd: on , auto , and desi r abl e .
26-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 26 Configuring Eth erCh annels Understa nding Et herChann els Physical Learners an d Aggregate-P ort Learners Network devices are cla ssified as P AgP physic al lea rner s o r a ggregate- por t l ear ne rs.
26-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 6 Configur ing Ethe rChannel s Unders tan ding Ether Channels Use the option tha t provi des the greatest v ariety in your conf iguration.
26-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 26 Configuring Eth erCh annels Co nfiguri ng Ether Chann els Configuring Eth erChannels These sec tions descr ibe h.
26-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 6 Configur ing Ethe rChannel s Configur ing Eth erChann els EtherChann el Configuratio n Guidelin es If improperly co nf igured, some EtherCh annel interf aces are automatic ally disabled to a v oid network loops and ot her pr oblems.
26-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 26 Configuring Eth erCh annels Co nfiguri ng Ether Chann els Beginn ing in pri vileg ed EXEC mode, follo w these st.
26-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 6 Configur ing Ethe rChannel s Configur ing Eth erChann els T o remove an inte rface from the Et herC hannel group, u se the no channel-group interface co nfiguration comm and.
26-11 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 26 Configuring Eth erCh annels Displa ying Ethe rChannel and PAgP St atus T o ret urn EtherCh annel load balancing to the d efault c onfig uration, u se the no port-channel load-balanc e global con figurati on comm and.
26-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 2 6 Configur ing Ethe rChannel s Displaying Eth erCh annel and PA gP Status.
C HAPTER 27-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 27 Troubleshooting This chapte r describes ho w to identify and resolv e software prob lems related to the IOS softwa re.
27-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Trouble shooting Using Re covery Procedu res Recovering from Corru pted Softw are Switch software can be cor ru pted du ring an up grade , by downloadin g the wr ong file to the swi tch, and by d eleting the im age f ile.
27-3 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Troublesho oti ng Using Reco very Pr ocedures Step 4 Press the Mode button, and at th e same time, reconnect the pow er cord to the switch. Y o u can re le ase th e Mode button a second or two af ter the LE D above port 1X goes off.
27-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Trouble shooting Using Re covery Procedu res Step 13 Copy the c onfiguration file into memory: switch# copy flash: config.text system: running-config Source filename [config.
27-5 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Troublesho oti ng Using Reco very Pr ocedures Replacing a Failed Command Switch with a Cluster Member T o replac.
27-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Trouble shooting Using Re covery Procedu res Step 11 Respond to the questions in the setup program. When prom pted for t he host n ame, reca ll that on a comman d switch, the host nam e is limite d to 28 charac ters; on a member switch to 31 character s.
27-7 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Troublesho oti ng Using Reco very Pr ocedures Basic management setup configures only enough connectivity for man.
27-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Trouble shooting Preventing Autone gotiati on M ismatche s Preventing Autone gotiation Mismatc hes The IEE E 802.
27-9 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Troublesho oti ng Using Debug C ommands Cautio n Beca use de bu gging output is assi gned hi gh pri orit y in the CP U proces s, it can re nder the sys tem unusab le.
27-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter 27 Trouble shooting Using t he c rashinfo File The no debug al l privileged EXEC comm and di sables all diagnost ic output . Using t he no debug all comm and is a convenient way to ensure th at you have not accide ntally l eft any debug co mmand s enab led.
C HAPTER A-1 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 A Supported MIBs This appendix l ists the supp orted mana gement i nformat ion base (M IBs) for this re lease.
A- 2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-05 Chapter A Supported MIBs Using FTP t o Acces s the MIB Fi le s • CISCO-VL AN-MEMB ERSHIP-M IB • CISCO-VTP-MIB • ENTI .
IN-1 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 INDEX Numerics 802.1 D See STP 802.1 Q and trunk ports 9-3 config urati on limitat ions 13-16 nati ve VL AN fo r un tagge d tr affic 13-20 trunk m ode 3-8 802.1 S See MSTP 802.
Index IN-2 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 ACLs ( continue d) exten ded I P configuring for QoS classi fication 25-18 crea ting 24-10 matc hing cri teria 24-7 .
Inde x IN-3 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 alarm s, RM ON 21-3 allowed-V LAN list 13-19 Apply button 3-27 ARP table address resolution 7-59 managing 7-59 attri.
Index IN-4 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 BPDU guard describe d 12-3 enab lin g 12-15 support fo r 1-3 broa dcas t stor m cont rol config uring 17-1 disabling.
Inde x IN-5 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 CLI (co ntinue d) history chan ging t he b uff er si z e 2-5 describe d 2-5 disabling 2-6 recal ling co mman ds 2-5 .
Index IN-6 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 CMS (c onti nued) online help 3-25 requir ements 3-28 saving co nfig uration ch ange s 3-30 toolbar 3-19 tool tips 3.
Inde x IN-7 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 convent ions comm and xxvi for ex amples xxvi text xxvi CoS config uring 25-7 configurin g priority queues 25-27 def.
Index IN-8 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 device ic ons Front Pane l vie w 3-5 Topolog y v iew 3-11 device la bels 3-12 Devi ce Mana ger 3-2 See also Swi tch .
Inde x IN-9 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 error ch ecking, CMS 3-30 erro r me ssag es during co mman d entry 2-4 setting the display destinati on device 22-4 .
Index IN- 10 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 Front Pane l vie w clu ster t ree 3-5 comm an d sw it ch 3-4 describe d 3-4 pop- up me nus 3-20 port ic ons 3-6 po.
Inde x IN- 11 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 icons (co ntinue d) editab le table cell 3-27 Front Pane l vie w 3-6 multilink 3-21 sorting 3-27 toolbar 3-19 Topo.
Index IN- 12 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 interfac es (continue d) supported 9-4 types of 9-1 interf aces rang e macro co mmand 9-8 inventor y, cluster 6-25.
Inde x IN- 13 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 link l abels 3-12 link pop-up me nu, To pology vi ew 3-21 links, unidirec tional 18-1 lists, CMS 3-27 login a uthe.
Index IN- 14 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 menu bar describe d 3-14 variatio ns 3-14 messages system 3-18 to user s thr ou gh banne rs 7-49 metrop olitan- ar.
Inde x IN- 15 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 MSTP (c onti nued) exten ded s y st em I D affec ts on ro ot sw itch 11-14 affec ts on se conda ry r oot s wit ch 11-16 unexpec ted b ehavio r 11-14 interface stat e, blocking t o forwardi ng 12-2 interoper ability with 802.
Index IN- 16 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 network e xample s collapse d back bone an d switch clust er 1-12 design co ncepts cost -effec tiv e wiri ng clo s.
Inde x IN- 17 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 PC (passi ve comman d switch) 6-13, 6-24 per-V LAN Spanni ng Tree (PV ST) 10-2 per-V LAN Span ning Tree+ (PVST+) 1.
Index IN- 18 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 port po p-u p me nu, Fr ont Pane l v iew 3-20 port priority MSTP 11-17 STP 10-15 ports 802.
Inde x IN- 19 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 QoS (conti nued) classifica tion (continued) trusted bou ndary , describ ed 25-13 trusted CoS, descri bed 25-4 typ.
Index IN- 20 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 RADIUS (c ontinued) in clusters 6-18 limiting the services to the user 7-26 method lis t, defi ned 7-19 operati on.
Inde x IN- 21 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 RSPAN (continued ) displaying sta tus 20-14 interactio n with other featur es 20-5 monitore d ports 20-4 monit ori.
Index IN- 22 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 SNM P (co ntin ued) config urati on exam ples 23-14 default conf igur ati on 23-6 groups 23-8 in clusters 6-17 inf.
Inde x IN- 23 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 static access ports assigni ng to VLAN 13-11 defined 9-2, 13-3 static addre sses See ad dresses static VLAN memb ership 13-2 statistics 802.
Index IN- 24 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 STP (continued) load sharing overvi ew 13-21 using pa th cost s 13-23 using port priori ties 13-21 loop gu ar d de.
Inde x IN- 25 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 system messa ge logging (c ontinued ) UNIX sysl og se rver s configur ing the daemon 22-11 configurin g the loggin.
Index IN- 26 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 TOS 1-4 traffic frag mented 24-3 unfragm ented 24-3 traffic polic ing 1-5 transp arent m ode, VTP 14-3, 14-12 trap.
Inde x IN- 27 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 VLAN c onfi gur ation at bootu p 13-7 saving 13-7 VLAN c onfi gurat ion m ode 2-2, 13-6 VLAN database and st artup.
Index IN- 28 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5 voice VLAN (continued) configurin g ports for voice traffic in 802.
Inde x IN- 29 Catalyst 2950 Desktop Switch Software Conf igurati on Guide 78-11380-05 WRR config uring 25-27 defining 25-8 descript ion 25-8 X XMOD EM pr otoc ol 27-2.
Index IN- 30 Catalyst 2950 Desktop Switch Software C onfigurati on Guide 78-11380-0 5.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il Cisco Systems 2950 è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del Cisco Systems 2950 - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso Cisco Systems 2950 imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul Cisco Systems 2950 ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il Cisco Systems 2950, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del Cisco Systems 2950.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il Cisco Systems 2950. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo Cisco Systems 2950 insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.