Page 1: Cisco 3700 Series
This feature module describes the 16- and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(2)XT and Cisco IOS Release 12.2(8)T and above. Enhancements were added in Cisco IOS Release 12.2(15)ZJ.
Page 2: Table Of Contents
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Feature Overview This document explains how to configure the 16- and 36-port Ethernet switch network modules. This network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
Page 3 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of users by assigning each device (for example, a server) to its own 10-, 100-, or 1000-Mbps segment.
Page 4 4 for Gigabit Ethernet interfaces operated in 1000-Mb mode When you connect a Cisco switch to a device other than a Cisco device through an 802.1Q trunk, the Cisco switch combines the spanning tree instance of the VLAN trunk with the spanning tree instance of the other 802.1Q switch.
Page 5: Switch Virtual Interfaces
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of switch ports as one interface to the routing or bridging function in the system.
Page 6 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Domain A VTP domain (also called a VLAN management domain) is made up of one or more interconnected switches that share the same VTP domain name. A switch can be configured to be in one and only one VTP domain.
Page 7: Etherchannel
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you use VTP in your network, you must decide whether to use VTP version 1 or version 2. VTP version 2 supports the following features not supported in version 1: Unrecognized Type-Length-Value (TLV) Support—A VTP server or client propagates configuration...
Page 8: X Port-Based Authentication
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Use the option that provides the greatest variety in your configuration. For example, if the traffic on a channel is going only to a single MAC address, using the destination MAC address always chooses the same link in the channel;...
Page 9 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in the network have specific roles as shown in Figure Figure 1 802.1x Device Roles...
Page 10 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Authentication Initiation and Message Exchange The switch or the client can initiate authentication. If you enable authentication on a port by using the dot1x port-control auto interface configuration command, the switch must initiate authentication when it determines that the port link state changes from down to up.
Page 11 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state.
Page 12: Spanning Tree Protocol
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 3 shows 802.1x-port-based authentication in a wireless LAN. The 802.1x port is configured as a multiple-host port that becomes authorized as soon as one client is authenticated. When the port is authorized, all other hosts indirectly attached to the port are granted access to the network.
Page 13 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of a switched network is determined by the following: The unique bridge ID (bridge priority and MAC address) associated with each VLAN on each switch •...
Page 14 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview STP Timers Table 2 describes the STP timers that affect the entire spanning tree performance: Table 2 STP Timers Timer Purpose Hello timer Determines how often the switch broadcasts hello messages to other switches.
Page 15 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the five stages. Figure 4 STP Port States Boot-up initialization Blocking state Listening...
Page 16 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Blocking State A Layer 2 interface in the blocking state does not participate in frame forwarding, as shown in Figure After initialization, a BPDU is sent out to each Layer 2 interface in the switch. A switch initially assumes it is the root until it exchanges BPDUs with other switches.
Page 17 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State The listening state is the first transitional state a Layer 2 interface enters after the blocking state. The Layer 2 interface enters this state when STP determines that the Layer 2 interface should participate in frame forwarding.
Page 18 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Learning State A Layer 2 interface in the learning state prepares to participate in frame forwarding. The Layer 2 interface enters the learning state from the listening state.
Page 19 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State A Layer 2 interface in the forwarding state forwards frames, as shown in Figure 8. The Layer 2 interface enters the forwarding state from the learning state.
Page 20 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Disabled State A Layer 2 interface in the disabled state does not participate in frame forwarding or spanning tree, as shown in Figure 9.
Page 21 The possible priority range is 0 to 255, configurable in increments of 4 (the default is 128). Cisco IOS software uses the port priority value when the interface is configured as an access port and uses VLAN port priority values when the interface is configured as a trunk port.
Page 22 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview cost values to interfaces that you want spanning tree to select last. If all interfaces have the same cost value, spanning tree puts the interface with the lowest interface number in the forwarding state and blocks other interfaces.
Page 23 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview If link L1 fails, Switch C cannot detect this failure because it is not connected directly to link L1. However, because Switch B is directly connected to the root switch over L1, it detects the failure, elects itself the root, and begins sending BPDUs to Switch C, identifying itself as the root.
Page 24: Cisco Discovery Protocol
Feature Overview Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is a protocol that runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. CDP allows network management applications to discover Cisco devices that are neighbors of already known devices, in particular, neighbors running lower-layer, transparent protocols.
Page 25: Network Security With Acls
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Trunk interfaces can be configured as source interfaces and mixed with nontrunk source interfaces; however, the destination interface never encapsulates. Traffic Types Ingress SPAN (Rx) copies network traffic received by the source interfaces for analysis at the destination interface.
Page 26 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Understanding ACLs Packet filtering can limit network traffic and restrict network use by certain users or devices. ACLs can filter traffic as it passes through a switch and permit or deny packets from crossing specified interfaces.
Page 27 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 13 Using ACLs to Control Traffic to a Network Host A Cisco router with Ethernet switch network module Host B Human Research &...
Page 28 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview first ACE, even though they do not contain the SMTP port information because the first ACE only checks Layer 3 information when applied to fragments. (The information in this example is that the packet is TCP and that the destination is 10.1.1.1.)
Page 29: Quality Of Service
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview In an IP extended ACL (both named and numbered), a Layer 4 system-defined mask cannot Note precede a Layer 3 user-defined mask. For example, a Layer 4 system-defined mask such as permit tcp any any or deny udp any any cannot precede a Layer 3 user-defined mask such as permit ip 10.1.1.1 any.
Page 30 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Understanding Quality of Service (QoS) Typically, networks operate on a best-effort delivery basis, which means that all traffic has equal priority and an equal chance of being delivered in a timely manner.
Page 31 32-MB shared memory buffer. The queue assignment is based on the dot1p value in the packet. Any voice bearer packets that come in from the Cisco IP phones on the voice VLAN are automatically placed in the highest priority (Queue 3) based on the 802.1p value generated by the IP phone.
Page 32 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Policing determines whether a packet is in or out of profile according to the configured policer, and • the policer limits the bandwidth consumed by a flow of traffic. The result of this determination is passed to the marker.
Page 33 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Configuration of a deny action is not supported in QoS ACLs on the 16- and 36-port Ethernet switch • network modules.
Page 34 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview A policy map also has these characteristics: A policy map can contain multiple class statements. • A separate policy-map class can exist for each type of traffic received through an interface.
Page 35: Maximum Number Of Vlan And Multicast Groups
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview On an interface configured for QoS, all traffic received through the interface is classified, policed, • and marked according to the policy map attached to the interface. On a trunk interface configured for QoS, traffic in all VLANs received through the interface is classified, policed, and marked according to the policy map attached to the interface.
Page 36 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview associated multicast forwarding table entry. When it receives an IGMP Leave Group message from a host, it removes the host port from the table entry. After it relays the IGMP queries from the multicast router, it deletes entries periodically if it does not receive any IGMP membership reports from the multicast clients.
Page 37 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Joining a Multicast Group When a host connected to the switch wants to join an IP multicast group, it sends an IGMP join message, specifying the IP multicast group it wants to join.
Page 38: Global Storm-Control
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module CPU port Multicast Forwarding Table Host 1...
Page 39 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Global storm-control monitors incoming traffic statistics over a time period and compares the measurement with a predefined suppression level threshold. The threshold represents the percentage of the total available bandwidth of the port.
Page 40: Per-Port Storm-Control
The section outlines some of the concepts involved in configuring Ethernet ports on the Ethernet switch network module to support Cisco IP phones in a branch office on your network. Also included is a section describing the default settings on the Ethernet switch network module.
Page 41: Stacking
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings with respect to Cisco AVVID: • All switch ports are in access VLAN 1.
Page 42: Fallback Bridging
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially connecting multiple VLANs within one bridge domain. Fallback bridging forwards traffic that the multilayer switch does not route and forwards traffic belonging to a nonroutable protocol such as DECnet.
Page 43 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 19 Fallback Bridging Network Example Cisco router with Routed port Ethernet switch 172.20.130.1 network module Host C 172.20.128.1 SVI 1 SVI 2 172.20.129.1...
Page 44: Related Documents
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Multi-VLAN ports Network Port • Shared STP instances • STP uplink fast for clusters • VLAN-based SPAN • VLAN Query Protocol •...
Page 45: Supported Platforms
Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Page 46: Configuration Tasks
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Prerequisites IPMROUTE-MIB • CISCO-MEMORY-POOL-MIB • ETHER-LIKE-MIB (RFC 1643) • CISCO-ENTITY-FRU-CONTROL-MIB.my • CISCO-RTTMON-MIB • CISCO-PROCESS-MIB • CISCO-COPS-CLIENT-MIB • To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at the following URL:...
Page 47: Configuring Layer 2 Interfaces
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Power Management on the Interface, page 98 • Configuring IP Multicast Layer 3 Switching, page 98 • Configuring IGMP Snooping, page 102 •...
Page 48 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Defining a Range Macro To define an interface range macro, use the define interface-range command in global configuration mode: Command Purpose Step 1 Defines the interface-range macro and save it in NVRAM.
Page 49 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Interface Speed To set the interface speed, use the following commands in global configuration mode: Command Purpose Specifies the interface to be configured.
Page 50: Configuring An Ethernet Interface As A Layer 2 Trunk
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles...
Page 51 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying an Ethernet Interface as a Layer 2 Trunk Use the following show commands to verify the configuration of an Ethernet interface as a Layer 2 trunk:...
Page 52: Configuring Vlans
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring an Ethernet Interface as a Layer 2 Access To configure an Ethernet Interface as a Layer 2 access use the following commands beginning in global...
Page 53: Deleting A Vlan From The Database
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring VLANs To configure an Ethernet Interface as a Layer 2 access, use the following commands beginning in EXEC mode: Command Purpose Enters VLAN configuration mode.
Page 54 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 1 Router# vlan database Enters VLAN configuration mode. Deletes the VLAN. Step 2 Router(vlan)# no vlan vlan-id Updates the VLAN database, propagate it throughout the...
Page 55 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 1 Router# vlan database Enters VLAN configuration mode. Step 2 Configures the switch as a VTP server. Router(vlan)# vtp server...
Page 56 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying VTP Use the show vtp status to verify VTP status: Step 1 Router# show vtp status VTP Version Configuration Revision...
Page 57 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying Layer 2 EtherChannels Use the following show commands to verify Layer 2 EtherChannels: Step 1 Router# show running-config interface fastethernet 5/6 Building configuration...
Page 58: Configuring Etherchannel Load Balancing
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 4 Router# show etherchannel 2 port-channel Port-channels in the group: ---------------------- Port-channel: Po2 ------------ Age of the Port-channel = 00h:23m:33s...
Page 59 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Removing an Interface from an EtherChannel To remove an Ethernet interface from an EtherChannel, use the following commands in global configuration mode:...
Page 60: Understanding The Default 802.1X Configuration
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Setting the Switch-to-Client Frame-Retransmission Number, page 65 • Enabling Multiple Hosts, page 66 • Understanding the Default 802.1x Configuration Table 10 shows the default 802.1x configuration.
Page 61: Enabling 802.1X Authentication
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks 802.1x Configuration Guidelines These are the 802.1x authentication configuration guidelines: When the 802.1x protocol is enabled, ports are authenticated before any other Layer 2 feature is •...
Page 62: Configuring The Switch-To-Radius-Server Communication
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 4 interface interface-id Enters interface configuration mode, and specify the interface to be enabled for 802.1x authentication. Step 5 dot1x port-control auto Enables 802.1x on the interface.
Page 63: Enabling Periodic Reauthentication
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 1 configure terminal Enters global configuration mode. Step 2 radius-server host {hostname | Configures the RADIUS server parameters on the switch.
Page 64: Changing The Quiet Period
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 1 configure terminal Enters global configuration mode. Step 2 dot1x re-authentication Enables periodic reauthentication of the client, which is disabled by default.
Page 65 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks You should change the default value of this command only to adjust for unusual circumstances such Note as unreliable links or specific behavioral problems with certain clients and authentication servers.
Page 66 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Multiple Hosts You can attach multiple hosts to a single 802.1x-enabled port as shown in Figure 3 on page 12. In this mode, only one of the attached hosts must be successfully authorized for all hosts to be granted network access.
Page 67: Configuring Spanning Tree
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Spanning Tree • Enabling Spanning Tree, page 67 Configuring Spanning Tree Port Priority, page 68 • Configuring Spanning Tree Port Cost, page 68 •...
Page 68: Configuring Spanning Tree Port Priority
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Spanning Tree Port Priority To configure the spanning tree port priority of an interface, use the following commands beginning in...
Page 69: Configuring The Bridge Priority Of A Vlan
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 3 Configures the VLAN port cost for an interface. The value of Router(config-if)# [no] spanning-tree vlan vlan-id cost port-cost port-cost can be from 1 to 65,535.
Page 70: Configuring The Hello Time
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying the Bridge Priority of a VLAN Use the show spanning-tree vlan bridge command to verify the bridge priority: Step 1...
Page 71: Configuring Backbonefast
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Root Bridge The Ethernet switch network module maintains a separate instance of spanning tree for each active VLAN configured on the switch. A bridge ID, consisting of the bridge priority and the bridge MAC address, is associated with each instance.
Page 72: Disabling Spanning Tree
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Beginning in privileged EXEC mode, follow these steps to enable BackboneFast: Command Purpose Step 1 configure terminal Enters global configuration mode.
Page 73 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Known MAC Address Traffic To enable the MAC address secure option, use the following commands beginning in privileged EXEC mode:...
Page 74: Configuring Cisco Discovery Protocol
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying the MAC Address Table Use the show mac command to verify the MAC Address Table: Step 1 Router# show mac...
Page 75: Enabling Cdp On An Interface
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Cisco Discovery Protocol To enable Cisco Discovery Protocol (CDP) globally, use the following command in global configuration mode: Command Purpose Step 1 Enables CDP globally.
Page 76: Monitoring And Maintaining Cdp
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying CDP Neighbors Use the show cdp neighbors command to verify information about the neighboring equipment: Step 1 Router# show cdp neighbors...
Page 77: Configuring Span Destinations
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Specifying the Switched Port Analyzer Session To configure the source for a Switched Port Analyzer (SPAN) session, use the following command in...
Page 78 “Configuring IP Services” chapter in the Cisco IP Configuration Guide for Cisco IOS Release 12.2. For detailed information about the commands, refer to Cisco IOS IP Command Reference for Cisco IOS Release 12.2. For a list of Cisco IOS features not supported on the Ethernet switch network module, see the following section.
Page 79 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks ACL Numbers The number you use to denote your ACL shows the type of access list that you are creating. Table 11 lists the access list number and corresponding type and shows whether or not they are supported by the switch.
Page 80: Creating A Numbered Standard Acl
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Creating a Numbered Standard ACL Beginning in privileged EXEC mode, follow these steps to create a numbered standard ACL: Command Purpose...
Page 81 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Supported parameters can be grouped into these categories: • • Table 12 lists the possible filtering parameters for ACEs for each protocol type.
Page 82 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Beginning in privileged EXEC mode, follow these steps to create an extended ACL: Command Purpose Step 1 configure terminal Enters global configuration mode.
Page 83 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Use the no access-list access-list-number global configuration command to delete the entire access list. You cannot delete individual ACEs from numbered access lists.
Page 84 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Beginning in privileged EXEC mode, follow these steps to create a standard access list using names: Command Purpose Step 1 configure terminal Enters global configuration mode.
Page 85 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks When making the standard and extended ACL, remember that, by default, the end of the ACL contains an implicit deny statement for everything if it did not find a match before reaching the end. For standard ACLs, if you omit the mask from an associated IP host address access list specification, 0.0.0.0 is...
Page 86 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 5 show running-config Displays the access list configuration. Step 6 copy running-config startup-config (Optional) Saves your entries in the configuration file.
Page 87: Configuring Classification Using Port Trust States
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Understanding the Default QoS Configuration The default port CoS value is 0. • • The default port trust state is untrusted.
Page 88 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Figure 20 Port Trusted States within the QoS Domain Cisco router with Ethernet switch network module Trusted interface Catalyst 2950 Trunk...
Page 89 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 3 mls qos trust {cos | dscp} Configures the port trust state. By default, the port is not trusted.
Page 90: Configuring A Qos Policy
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 3 mls qos cos {default-cos | override} Configures the default CoS value for the port. For default-cos, specify a default CoS value to be assigned to a port. If the port is CoS trusted and packets are untagged, the default CoS value becomes the CoS value for the packet.
Page 91 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Classifying Traffic by Using ACLs You can classify IP traffic by using IP standard or IP extended ACLs. Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IP traffic:...
Page 92 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Beginning in privileged EXEC mode, follow these steps to create an IP extended ACL for IP traffic: Command Purpose Step 1 configure terminal Enters global configuration mode.
Page 93 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Classifying Traffic by Using Class Maps You use the class-map global configuration command to isolate a specific traffic flow (or class) from all other traffic and to name it.
Page 94 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Classifying, Policing, and Marking Traffic by Using Policy Maps A policy map specifies which traffic class to act on. Actions can include trusting the CoS or DSCP values in the traffic class;...
Page 95 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 5 police {bps | cir bps} [burst-byte | bc Defines a policer for the classified traffic. burst-byte] conform-action transmit...
Page 96 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring CoS Maps This section describes how to configure the DSCP maps: Configuring the CoS-to-DSCP Map, page 96 • Configuring the DSCP-to-CoS Map, page 96 •...
Page 97: Displaying Qos Information
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Table 14 shows the default DSCP-to-CoS map. Table 14 Default DSCP-to-CoS Map DSCP values 0 8, 10 16, 18 24, 26...
Page 98: Configuring Ip Multicast Layer 3 Switching
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Power Management on the Interface To manage the powering of the Cisco IP phones, use the following commands beginning in privileged...
Page 99: Enabling Ip Multicast Routing Globally
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling IP Multicast Routing Globally You must enable IP multicast routing globally before you can enable IP multicast Layer 3 switching on Layer 3 interfaces.
Page 100 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying IP Multicast Layer 3 Hardware Switching Summary Note The show interface statistics command does not verify hardware-switched packets, only packets switched by software.
Page 101 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks IP fast switching on the same interface is disabled IP Flow switching is disabled IP CEF switching is enabled IP Fast switching turbo vector...
Page 102: Configuring Igmp Snooping
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks The RPF-MFD flag indicates that the flow is completely hardware switched. The H flag indicates that Note the flow is hardware-switched on the outgoing interface.
Page 103 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 4 show ip igmp snooping [vlan vlan-id] Displays snooping configuration. (Optional) vlan-id is the number of the VLAN.
Page 104 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 4 show mac-address-table multicast [vlan Displays MAC address table entries for a VLAN. vlan-id] [user | igmp-snooping] [count] •...
Page 105 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Global Storm-Control Enable global storm-control globally and enter the percentage of total available bandwidth that you want to be used by all traffic (multicast, unicast,); entering 100 percent would allow all traffic.
Page 106 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks The following is sample output from the show interface counters broadcast privileged EXEC command: Router# show interface counters broadcast Port BcastSuppDiscards...
Page 107 Refer to the Cisco AVVID QoS Design Guide for more information on how to implement end-to-end QoS as you deploy Cisco AVVID solutions. To automatically configure Cisco IP phones to send voice traffic on the voice VLAN ID (VVID) on a per-port basis (see the “Voice Traffic and VVID”...
Page 108 Administering a network with a mix of IP phones and workstations on the same subnet might pose • a challenge. To automatically configure Cisco IP phones to send voice and data traffic on the same VLAN, use the following commands beginning in privileged EXEC mode: Command...
Page 109 Router# write memory Configuring Ethernet Ports to Support Cisco IP Phones with Multiple Ports You might want to use multiple ports to connect the Cisco IP phones if any of the following conditions apply to your Cisco IP telephony network: You are connecting Cisco IP phones that do not have a second Ethernet port for attaching a PC.
Page 110: Adding Trap Managers
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Voice Ports, page 112 • Enabling Switch Port Analyzer, page 114 • Managing the ARP Table, page 114 • Managing the MAC Address Tables, page 115 •...
Page 111 Specifying a Domain Name and Configuring the DNS Each unique IP address can have a host name associated with it. The Cisco IOS software maintains a EC mode, and related Telnet support operations. This cache speeds the process of converting names to addresses.
Page 112: Configuring Voice Ports
Disabling Inline Power on a Ethernet switch network module, page 113 • The Ethernet switch network module can connect to a Cisco 7960 IP phone and carry IP voice traffic. If necessary, the Ethernet switch network module can supply electrical power to the circuit connecting it to the Cisco 7960 IP phone.
Page 113 The Ethernet switch network module can supply inline power to a Cisco 7960 IP phone, if necessary. The Cisco 7960 IP phone can also be connected to an AC power source and supply its own power to the voice circuit. When the Cisco 7960 IP phone is supplying its own power, a Ethernet switch network module can forward IP voice traffic to and from the phone.
Page 114: Managing The Arp Table
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying Inline Power Configuration Use the show power inline interface configured command to verifies the change by displaying the Step 1...
Page 115: Managing The Mac Address Tables
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Managing the MAC Address Tables This section describes how to manage the MAC address tables on the Ethernet switch network module.
Page 116 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Changing the Address Aging Time Dynamic addresses are source MAC addresses that the switch learns and then drops when they are not in use.
Page 117: Adding Secure Addresses
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Verifying Dynamic Addresses Use the show mac-address-table dynamic command to verify configuration: Step 1 Router# show mac-address-table dynamic Adding Secure Addresses The secure address table contains secure MAC addresses and their associated ports and VLANs.
Page 118 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Static Addresses A static address has the following characteristics: It is manually entered in the address table and must be manually removed.
Page 119: Configuring Flow Control On Gigabit Ethernet Ports
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks 0004.ddbb.6700 Self Vlan2 0002.7e48.cc38 Dynamic FastEthernet0/4 0002.7e48.cc39 Dynamic FastEthernet0/5 Clearing all MAC Address Tables To remove all addresses, use the clear mac-address command in privileged EXEC mode:...
Page 120: Configuring Layer 3 Interfaces
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Layer 3 Interfaces The Ethernet switch network module supports two types of Layer 3 interfaces for routing and bridging: SVIs: You should configure SVIs for any VLANs for which you want to route traffic. SVIs are •...
Page 121: Configuring Fallback Bridging
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Fallback Bridging This section describes how to configure fallback bridging on your switch. It contains this configuration information: • Understanding the Default Fallback Bridging Configuration, page 121 •...
Page 122 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks The protected port feature is not compatible with fallback bridging. When fallback bridging is Note enabled, it is possible for packets to be forwarded from one protected port on a switch to another protected port on the same switch if the ports are in different VLANs.
Page 123 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Beginning in privileged EXEC mode, follow these steps to prevent the switch from forwarding frames for stations that it has dynamically learned:...
Page 124 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks To return to the default aging-time interval, use the no bridge bridge-group aging-time global configuration command. Filtering Frames by a Specific MAC Address A switch examines frames and sends them through the internetwork according to the destination address;...
Page 125 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Only network administrators with a good understanding of how switches and STP function should Note make adjustments to spanning-tree parameters. Poorly planned adjustments can have a negative impact on performance.
Page 126 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Command Purpose Step 3 bridge-group bridge-group priority Changes the priority of an interface. number • For bridge-group, specify the bridge group number. The range is 1 to 255.
Page 127 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Changing the Forward-Delay Interval, page 127 • Changing the Maximum-Idle Interval, page 128 • Each switch in a spanning tree adopts the interval between hello BPDUs, the forward delay interval,...
Page 128 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Changing the Maximum-Idle Interval If a switch does not hear BPDUs from the root switch within a specified interval, it recomputes the spanning-tree topology.
Page 129: Monitoring And Maintaining The Network
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Monitoring and Maintaining the Network To monitor and maintain the network, use one or more of the privileged EXEC commands in...
Page 130 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Configuration Examples for the 16- and 36-Port Ethernet Switch Module This section provides the following configuration examples: Range of Interface Examples, page 130 •...
Page 131 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module *Oct 6 08:24:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/5, changed state to up...
Page 132: Vlan Configuration Example
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Interface Speed Example The following example shows the interface speed being set to 100 Mbps on the Fast Ethernet interface...
Page 133 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module VTP Examples • VTP Server Example, page 133 VTP Client Example, page 133 •...
Page 134 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Router(vlan)# exit APPLY completed. Exiting..Router# EtherChannel Load Balancing Example • Layer 2 EtherChannels Example, page 134 •...
Page 135 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Setting the Switch-to-Client Frame-Retransmission Number Example, page 135 • Enabling Multiple Hosts Example, page 135 •...
Page 136 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Switch(config)# interface fastethernet0/1 Switch(config-if)# dot1x port-control auto Switch(config-if)# dot1x multiple-hosts Spanning Tree Examples •...
Page 137 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following example shows how to verify the configuration of the interface when it is configured as...
Page 138 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module BackboneFast Example The following example shows BackboneFast being enabled on the Ethernet switch module:...
Page 139 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Switched Port Analyzer (SPAN) Source Examples • SPAN Source Configuration Example, page 139 SPAN Destinations Example, page 139 •...
Page 140 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following example shows that the switch accepts addresses on network 36.0.0.0 subnets and denies all packets coming from 56.0.0.0 subnets.
Page 141 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Including Comments About Entries in ACLs Example The following example shows an IP numbered standard ACL using the access-list access-list number remark remark global configuration command to include a comment about an access list.
Page 142 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following example displays only IP standard and extended ACLs: Switch# show ip access-lists Standard IP access list 1 permit 172.20.10.10...
Page 143 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Compiling ACLs Example For detailed information about compiling ACLs, refer to the Security Configuration Guide and the “IP Services”...
Page 144: Qos Configuration Examples
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following example uses an extended ACL to deny traffic from port 80 (HTTP). It permits all other...
Page 145: Igmp Snooping Example
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Switch(config-pmap)# exit Switch(config)# interface gigabitethernet0/1 Switch(config-if)# switchport mode access Switch(config-if)# service-policy input flow1t...
Page 146 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following example shows the output from configuring IGMP snooping: Router# show mac-address-table multicast igmp-snooping...
Page 147 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following example shows output from the multicast routing table: Router# show ip mroute...
Page 148 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Broadcast Suppression Level: 100 Multicast Suppression Level: 70 Unicast Suppression Level: 100 Ethernet Switching Examples Subnets for Voice and Data Example, page 148 •...
Page 149 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module interface Vlan 60 description data vlan ip address 10.60.1.1 255.255.255.0 interface Serial1/0 ip address 160.3.1.2 255.255.255.0...
Page 150 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following example illustrates the configuration on the PC: interface FastEthernet2/3 switchport access vlan 10...
Page 151 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Flow Control on Gigabit Ethernet Ports Example The following examples show how to turn transmit and receive flow control on and how to verify the...
Page 152 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module The following is sample output from the show interfaces privileged EXEC command for Gigabit...
Page 153 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module RTP/IP header compression is disabled Probe proxy name replies are disabled Policy routing is disabled...
Page 154 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier...
Page 155 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Fallback Bridging Example This section describes how to configure fallback bridging on your switch. It contains this configuration information: •...
Page 156 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for the 16- and 36-Port Ethernet Switch Module Changing the Switch Priority Example The following example shows how to set the switch priority to 100 for bridge group 10:...
Page 157: Command Reference
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Command Reference Command Reference This section documents new commands or existing commands that are newly ported to the 16- and 36-port Ethernet switch module. All other commands used with this feature are documented in the Cisco IOS Release 12.2 command reference publications.
Page 158 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Command Reference show class-map • show dot1x • show ip access-lists • show ip igmp snooping • show ip igmp snooping mrouter •...
Page 159: Aaa Authentication Dot1X
The remaining methods enable AAA to authenticate the client by using locally configured data. For example, the local and local-case methods use the username and password that are saved in the Cisco IOS configuration file. The enable and line methods use the enable and line passwords for authentication.
Page 160 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series aaa authentication dot1x If you specify group radius, you must configure the RADIUS server by entering the radius-server host global configuration command. If you are not using a RADIUS server, you can use the local or local-case methods, which access the local username database to perform authentication.
Page 161 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series class class To define a traffic classification for the policy to act on using the class-map name or access group, use the class policy-map configuration command. To delete an existing class map, use the no form of this command.
Page 162 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series class exit: exits policy-map class configuration mode and returns to policy-map configuration mode. • no: returns a command to its default setting. •...
Page 163 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series class-map class-map To create a class map to be used for matching packets and to enter class-map configuration mode, use the class-map command in global configuration mode. To delete an existing class map, use the no form of this command.
Page 164 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series class-map For more information about configuring IP ACLs, refer to the “Configuring IP Services” chapter in Note the Cisco IOS IP Configuration Guide, Release 12.2.
Page 165: Debug Dot1X
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series debug dot1x debug dot1x To enable debugging of the 802.1x feature, use the debug dot1x command in privileged EXEC mode. To disable debugging output, use the no form of this command.
Page 166 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series debug eswilp debug eswilp To enable debugging of Ethernet switch network module features, use the debug eswilp command in privileged EXEC mode. To disable debugging output, use the no form of this command.
Page 167: Debug Ip Igmp Snooping
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series debug ip igmp snooping debug ip igmp snooping To display debugging messages about Internet Group Management Protocol (IGMP) snooping services, use the debug ip igmp snooping command in privileged EXEC mode. To disable debugging output, use the no form of this command.
Page 168 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series debug spanning-tree debug spanning-tree To debug spanning-tree activities, use the debug spanning-tree command in privileged EXEC mode. To disable debugging output, use the no form of this command.
Page 169 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series debug spanning-tree Related Commands Command Description show debugging Displays information about the types of debugging that are enabled. show spanning-tree Displays spanning-tree state information.
Page 170 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series deny (access-list configuration) deny (access-list configuration) To configure conditions for a named or numbered IP access control list (ACL), use the deny command in access-list configuration mode.
Page 171 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series deny (access-list configuration) operator port (Optional) Source or destination port. The operator can be only eq (equal). If operator is after the source IP address and wildcard, conditions match when the source port matches the defined port.
Page 172 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series deny (access-list configuration) In these examples, all other IP access is implicitly denied. Note You can verify your settings by entering the show ip access-lists or show access-lists privileged EXEC command.
Page 173: Dot1X Default
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x default dot1x default To reset the global 802.1x parameters to their default values, use the dot1x default command in global configuration mode.
Page 174 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x max-req dot1x max-req To set the maximum number of times that the switch sends an Extensible Authentication Protocol (EAP)-request/identity frame (assuming that no response is received) before restarting the authentication process, use the dot1x max-req command in global configuration mode.
Page 175 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x multiple-hosts dot1x multiple-hosts To allow multiple hosts (clients) on an 802.1x-authorized port that has the dot1x port-control interface configuration command set to auto, use the dot1x multiple-hosts command in interface configuration mode.
Page 176 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x port-control dot1x port-control To enable manual control of the authorization state of the port, use the dot1x port-control command in interface configuration mode. To return to the default setting, use the no form of this command.
Page 177 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x port-control Examples The following example shows how to enable 802.1x on Fast Ethernet interface 0/1: Switch(config)# interface fastethernet0/1 Switch(config-if)# dot1x port-control auto You can verify your settings by entering the show dot1x privileged EXEC command and checking the Status column in the 802.1x Port Summary section of the display.
Page 178 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x re-authenticate dot1x re-authenticate To manually initiate a reauthentication of all 802.1x-enabled ports or the specified 802.1x-enabled port, use the dot1x re-authenticate command in privileged EXEC mode.
Page 179 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x re-authentication dot1x re-authentication To enable periodic reauthentication of the client, use the dot1x re-authentication command in global configuration mode. To return to the default setting, use the no form of this command.
Page 180 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x timeout quiet-period dot1x timeout quiet-period To set the number of seconds that the switch remains in the quiet state following a failed authentication exchange (for example, the client provided an invalid password), use the dot1x quiet-period command in global configuration mode.
Page 181 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x timeout re-authperiod dot1x timeout re-authperiod To set the number of seconds between reauthentication attempts, use the dot1x timeout re-authperiod command in global configuration mode. To return to the default setting, use the no form of this command.
Page 182 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x timeout tx-period dot1x timeout tx-period To set the number of seconds that the switch waits for a response to an Extensible Authentication Protocol (EAP)-request /identity frame from the client before retransmitting the request, use the dot1x timeout tx-period command in global configuration mode.
Page 183 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip access-group ip access-group To control access to an interface, use the ip access-group command in interface configuration mode. To remove an access group from an interface, use the no form of this command.
Page 184 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip access-group You can verify your settings by entering the show access-lists or show ip access-lists privileged EXEC command. Related Commands Command Description deny (access-list configuration) Configures conditions for an IP ACL.
Page 185 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip access-list ip access-list To create an IP access control list (ACL) to be used for matching packets to an ACL whose name or number you specify and to enter access-list configuration mode, use the ip access-list command in global configuration mode.
Page 186 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip access-list Examples The following example shows how to configure a standard ACL named Internetfilter1: Switch(config)# ip access-list standard Internetfilter1 Switch(config-std-nacl)# permit 192.5.34.0 0.0.0.255...
Page 187: Ip Igmp Snooping
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping ip igmp snooping To globally enable Internet Group Management Protocol (IGMP) snooping, use the ip igmp snooping command in global configuration mode. To disable IGMP snooping, use the no form of this command.
Page 188 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping Command Description ip igmp snooping vlan static Configures a Layer 2 port as a member of a group. show ip igmp snooping Displays the IGMP snooping configuration.
Page 189: Ip Igmp Snooping Vlan
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping vlan ip igmp snooping vlan To enable Internet Group Management Protocol (IGMP) snooping on a specific VLAN, use the ip igmp snooping vlan command in global configuration mode.
Page 190 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping vlan immediate-leave ip igmp snooping vlan immediate-leave To enable Internet Group Management Protocol (IGMP) Immediate-Leave processing on a VLAN interface, use the ip igmp snooping immediate-leave command in global configuration mode. To disable Immediate-Leave processing on the VLAN interface, use the no form of this command.
Page 191 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping vlan immediate-leave Command Description show ip igmp snooping Displays the IGMP snooping configuration. show mac-address-table multicast Displays the Layer 2 multicast entries for a VLAN.
Page 192: Ip Igmp Snooping Vlan Mrouter
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping vlan mrouter ip igmp snooping vlan mrouter To add a multicast router port and to configure the multicast router learning method, use the ip igmp snooping vlan mrouter command in global configuration mode.
Page 193 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping vlan mrouter Command Description ip igmp snooping vlan Configures IGMP Immediate-Leave processing. immediate-leave ip igmp snooping vlan static Configures a Layer 2 port as a member of a group.
Page 194: Ip Igmp Snooping Vlan Static
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping vlan static ip igmp snooping vlan static To add a Layer 2 port as a member of a multicast group, use the ip igmp snooping vlan vlan-id static command in global configuration mode.
Page 195 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series ip igmp snooping vlan static Command Description ip igmp snooping vlan mrouter Configures a Layer 2 port as a multicast router port. show mac-address-table multicast Displays the Layer 2 multicast entries for a VLAN.
Page 196 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series match (class-map configuration) match (class-map configuration) To define the match criteria to classify traffic, use the match command in class-map configuration mode. To remove the match criteria, use the no form of this command.
Page 197 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series match (class-map configuration) Related Commands Command Description class Defines a traffic classification for a policy to act on using the class-map name or access group.
Page 198 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series mls qos cos mls qos cos To define the default class of service (CoS) value of a port or to assign the default CoS to all incoming packets on the port, use the mls qos cos command in interface configuration mode.
Page 199 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series mls qos cos The following example shows how to assign all the packets entering a port to the default port CoS value of 4:...
Page 200 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series mls qos map mls qos map To define the class of service (CoS)-to-Differentiated Services Code Point (DSCP) map or DSCP-to-CoS map, use the mls qos map command in global configuration mode. To return to the default map, use the no form of this command.
Page 201 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series mls qos map Usage Guidelines All the maps are globally defined. You apply all maps to all ports. If you enter the mls qos trust cos command, the default CoS-to-DSCP map is applied.
Page 202: Mls Qos Trust
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series mls qos trust mls qos trust To configure the port trust state and classify traffic by examining the class of service (CoS) or Differentiated Services Code Point (DSCP) value, use the mls qos trust command in interface configuration mode.
Page 203 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series mls qos trust The following example shows how to configure a VLAN interface to be a DSCP-trusted port. DSCP-to-COS mapping occurs for all packets with the configured VLAN ID of 60 egressing from the CPU to the physical port.
Page 204 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series permit (access-list configuration) permit (access-list configuration) To configure conditions for a named or numbered IP access control list (ACL), use the permit command in access-list configuration mode.
Page 205 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series permit (access-list configuration) operator port (Optional) Defines a source or destination port. The operator can be only eq (equal). If operator is after the source IP address and wildcard, conditions match when the source port matches the defined port.
Page 206 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series permit (access-list configuration) In these examples, all other IP access is implicitly denied. Note You can verify your settings by entering the show ip access-lists or show access-lists privileged EXEC command.
Page 207 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series police police To define a policer for classified traffic, use the police command in policy-map class configuration mode. To remove an existing policer, use the no form of this command.
Page 208 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series police For more information about configuring access control lists (ACLs), refer to the “Configuring Note Network Security with ACLs” chapter in the Catalyst 2950 Desktop Switch Software Configuration Guide for this release.
Page 209 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series policy-map policy-map To create or modify a policy map that can be attached to multiple interfaces and to enter policy-map configuration mode, use the policy-map command in global configuration mode. To delete an existing policy map and return to global configuration mode, use the no form of this command.
Page 210 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series policy-map You can configure class policies in a policy map only if the classes have match criteria defined for them. Use the class-map and match commands to configure the match criteria for a class. Only one match command per class map is supported.
Page 211 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series service-policy service-policy To apply a policy map defined by the policy-map command to the input of a particular interface, use the service-policy command in interface configuration mode. To remove the policy map and interface association, use the no form of this command.
Page 212 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show access-lists show access-lists To display access control lists (ACLs) configured on the switch, use the show access-lists command in privileged EXEC mode.
Page 213 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show access-lists Related Commands Command Description ip access-list Configures an IP ACL on the switch. show ip access-lists Displays the IP ACLs configured on a switch.
Page 214 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show class-map show class-map To display quality of service (QoS) class maps, which define the match criteria to classify traffic, use the show class-map command in privileged EXEC mode.
Page 215 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show class-map Related Commands Command Description class-map Creates a class map to be used for matching packets to the class whose name you specify.
Page 216: Show Dot1X
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show dot1x show dot1x To display the 802.1x statistics, administrative status, and operational status for the switch or for the specified interface, use the show dot1x command in privileged EXEC mode.
Page 217 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show dot1x Authenticator State Machine State AUTHENTICATING Reauth Count Backend State Machine State RESPONSE Request Count Identifier (Server) 2 Reauthentication State Machine State...
Page 218 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show dot1x Table 20 show dot1x interface Field Descriptions Field Description Status Status of the port (authorized or unauthorized). The status of a port appears as authorized if the dot1x port-control interface configuration command is set to auto, and authentication was successful.
Page 219 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show dot1x Table 21 show dot1x statistics Field Descriptions (continued) Field Description RX EAP Resp/Oth Number of valid EAP-response frames (other than response/identity frames) that have been received.
Page 220 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show ip access-lists show ip access-lists To display IP access control lists (ACLs) configured on the switch, use the show ip access-lists command in privileged EXEC mode.
Page 221 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show ip access-lists Related Commands Command Description access-list (IP extended) Configures an extended ACL on the switch. access-list (IP standard) Configures a standard ACL on the switch.
Page 222: Show Ip Igmp Snooping
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show ip igmp snooping show ip igmp snooping To display the Internet Group Management Protocol (IGMP) snooping configuration of the switch or the VLAN, use the show ip igmp snooping command in privileged EXEC mode.
Page 223 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show ip igmp snooping IGMP snooping immediate-leave is disabled on this Vlan IGMP snooping mrouter learn mode is pim-dvmrp on this Vlan vlan 33...
Page 224: Show Ip Igmp Snooping Mrouter
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show ip igmp snooping mrouter show ip igmp snooping mrouter To display information on dynamically learned and manually configured multicast router ports, use the show ip igmp snooping mrouter command in privileged EXEC mode.
Page 225 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show mls masks show mls masks To display the details of the Access Control Parameters (ACPs) used for quality of service (QoS) and security access control lists (ACLs), use the show mls masks command in privileged EXEC mode.
Page 226 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show mls masks Related Commands Command Description ip access-group Applies an IP ACL to an interface. policy-map Creates or modifies a policy map that can be attached to multiple interfaces and enters policy-map configuration mode.
Page 227: Show Mls Qos Interface
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show mls qos interface show mls qos interface To display quality of service (QoS) information at the interface level, use the show mls qos interface command in privileged EXEC mode.
Page 228: Show Mls Qos Maps
16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show mls qos maps show mls qos maps To display quality of service (QoS) mapping information, use the show mls qos maps command in privileged EXEC mode.
Page 229 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show mls qos maps The following is sample output from the show mls qos maps command: Switch# show mls qos maps Dscp-cos map:...
Page 230 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show policy-map show policy-map To display quality of service (QoS) policy maps, which define classification criteria for incoming traffic, use the show policy-map command in privileged EXEC mode. Policy maps can include policers that specify the bandwidth limitations and the action to take if the limits are exceeded.
Page 231 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show policy-map The following is sample output from the show policy-map policytest command: Switch# show policy-map policytest Policy Map policytest class classtest police 10000000 8192 exceed-action drop...
Page 232 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show spanning-tree show spanning-tree To display spanning-tree information for the specified spanning-tree instances, use the show spanning-tree command in privileged EXEC mode. show spanning-tree [bridge-group] [active | backbonefast | blockedports | bridge | brief |...
Page 233 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show spanning-tree Examples The following is sample output from the show spanning-tree summary command: Switch# show spanning-tree summary UplinkFast is disabled Name Blocking Listening Learning Forwarding STP Active...
Page 234 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show spanning-tree Designated bridge has priority 32768, address 00e0.1eb2.ddc0 Designated port is 1, path cost 10 Timers: message age 0, forward delay 0, hold 0...
Page 235 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show storm-control show storm-control To display the packet-storm control information, use the show storm-control command in privileged EXEC mode. This command also displays the action that the switch takes when the thresholds are reached.
Page 236 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series show storm-control Table 22 describes the fields shown in the display. Table 22 show storm-control Field Descriptions Field Description Interface Displays the ID of the interface.
Page 237 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series spanning-tree backbonefast spanning-tree backbonefast To enable the BackboneFast feature, use the spanning-tree backbonefast command in global configuration mode. To return to the default setting, use the no form of the command.
Page 238 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series storm-control storm-control To enable broadcast, multicast, or unicast storm control on a port and to specify the action taken when a storm occurs on a port, use the storm-control command in interface configuration mode. To disable storm control for broadcast, multicast, or unicast traffic and disable the specified storm-control action, use the no form of this command.
Page 239 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series storm-control Usage Guidelines Use the storm-control command to enable or disable broadcast, multicast, or unicast storm control on a port. After a port is disabled during a storm, use the no shutdown interface configuration command to enable the port.
Page 240 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series switchport switchport To set an interface that is in Layer 3 mode into Layer 2 mode for Layer 2 configuration, use the switchport command in interface configuration mode. To set an interface in Layer 3 mode, use the no form of this command.
Page 241 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series switchport The switchport command without keywords is not used on platforms that do not support Cisco-routed Note ports. All physical ports on such platforms are assumed to be Layer 2-switched interfaces.
Page 242 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary Glossary 802.1d—IEEE standard for MAC bridges. 802.1p—IEEE standard for queuing and multicast support. 802.1q—IEEE standard for VLAN frame tagging. 802.1x—IEEE standard for port-based network access control.
Page 243 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary DSL—digital subscriber line. Public network technology that delivers high bandwidth over conventional copper wiring at limited distances. There are four types of DSL: ADSL, HDSL, SDSL, and VDSL. All are provisioned via modem pairs, with one modem at a central office and the other at the customer site.
Page 244 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary QoS—quality of service. Measure of performance for a transmission system that reflects its transmission quality and service availability. RADIUS—Remote Access Dial-In User Service. A service used to authenticate and authorize clients.
Page 245 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary VQP—VLAN Query Protocol. VTP—VLAN Trunking Protocol. WAN—wide area network. A communications network that covers a wide geographic area such as state or country. A LAN (local area network) is within a building or complex, and a MAN (metropolitan area network) generally covers a city or suburb.
Page 246 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ...

This manual is also suitable for:

Nm-18dm - digital modem - 33.6 kbps Nm-4b-s/t= - interface module isdn-bri Nm-8am-v2 - syst. 8prt analg modem net mod Nm-cem-4te1 - 3600 series products Nm-hd-1v= - nm-hd-1v= voip voice fax module Nm-hdv-1e1-30e - 30 enhanced channel e1 voice/fax network module ... Show all

Cisco NM-8B-U - HW ROUTERS L-M User Manual

Feature Overview

Configuring 802.1X Authentication

Configuring Spanning Tree

Configuring Spanning Tree

Enabling Spanning Tree

Verify Spanning Tree

Quick Links

Cisco 3700 Series

Chapters

Related Manuals for Cisco NM-8B-U - HW ROUTERS L-M

Summary of Contents for Cisco NM-8B-U - HW ROUTERS L-M

This manual is also suitable for:

Table of Contents