Page 2: Table Of Contents
Entering and Exiting Privileged EXEC Mode...28 Entering and Exiting Global Configuration Mode ...28 Entering and Exiting Interface Configuration Mode...28 Entering and Exiting Subinterface Configuration Mode...28 Saving Configuration Changes...29 Chapter 2: Basic Switch Configuration...30 In Depth...30 Command−Line Interfaces...30 Campus Hierarchical Switching Model...31 Access Layer...32 Distribution Layer...32...
Page 3 Configuring an IP Address and Netmask...41 Configuring a Default Route and Gateway...41 Configuring Port Speed and Duplex...42 Enabling SNMP Contact...42 Configuring a Set/Clear−Based CLI Switch ...42 Logging On to a Switch ...42 Setting the Login and Enable Passwords...43 Changing the Console Prompt ..43 Entering a Contact Name and Location Information...44...
Page 4 Displaying the Alarm Level of the Switch...67 Chapter 4: LAN Switch Architectures...68 In Depth...68 The Catalyst Crescendo Architecture...68 BUS...68 ASICs...69 The Crescendo Processors...71 Crescendo Logic Units...71 Other Cisco Switch Processors, Buses, ASICs, and Logic Units...72 CAM...72 AXIS Bus...72 CEF ASIC ...73 Phoenix ASIC...75 Table of Contents...
Page 5 Setting the System Message Severity Levels on a Set/Clear Command−Based IOS ...84 Enabling the Logging Time Stamp on a Set/Clear Command−Based Switch...84 Disabling the Logging Time Stamp on a Set/Clear Command−Based Switch...85 Configuring the Logging Buffer Size on a Set/Clear Command−Based Switch ...85 Clearing the Server Logging Table...85 Disabling Server Logging...85 Displaying the Logging Configuration...86...
Page 6 InterVLAN Routing...101 Internal Route Processors...102 How InterVLAN Routing Works...102 Configuring a Static VLAN on a Catalyst 5000 Series Switch...103 Configuring Multiple VLANs on a Catalyst 5000 Series Switch...103 Creating VLANs on a Catalyst 1900EN Series...103 Assigning a Static VLAN to an Interface on a 1900EN Series...104 Viewing the VLAN Configuration on a 1900 Series...105...
Page 7 Manually Configured MAC Addresses...123 Determining the Slot Number in Which a Module Resides...123 Accessing the Internal Route Processor from the Switch...124 Configuring a Hostname on the RSM ...124 Assigning an IP Address and Encapsulation Type to an Ethernet Interface ...125 Setting the Port Speed and Port Name on an Ethernet Interface...125...
Page 8 Configuring CGMP ...154 Disabling CGMP...154 Enabling CGMP Fast−Leave Processing...154 Disabling CGMP Fast−Leave Processing...154 Displaying CGMP Statistics ...154 Configuring RGMP on the Switch ...155 Disabling RGMP on the Switch...155 Configuring RGMP on the Router...155 Disabling RGMP on the Router...155 Displaying RGMP Groups...155 Displaying RGMP−Capable Router Ports...156...
Page 9 Integrated Local Management Interface (ILMI)...172 LANE Communication ...172 LANE Configuration Guidelines ...174 How LANE Works...174 Implementing LANE...175 Configuring ATM on the 5000 Switch ...175 Connecting in an ATM Network...177 Monitoring and Maintaining LANE...178 Accessing the ATM LANE Module...178 Displaying the Selector Field...178 Configuring the LES/BUS...179...
Page 10 Configuring the STP Root Switch...215 Configuring the STP Secondary Root Switch...215 Setting the Root Bridge for More than One VLAN on a Set/Clear Command−Based Switch...216 Assigning a Port Cost to a Port Using the Set/Clear Command−Based IOS...216 Assigning a Port Cost to a Port Using a CLI−Based Switch...216...
Page 11 Adjusting the MaxAge Timer on a Set/Clear Command−Based IOS...219 Preparing to Enable EtherChannel ..219 Viewing the Port Setting for EtherChannel on a Set/Clear Command−Based Switch ...219 Creating an EtherChannel on a Set/Clear Command−Based Switch...220 Verifying the EtherChannel Configuration ...221 Defining an EtherChannel Administrative Group...221...
Page 12 Adding an MLS Interface to a VTP Domain...236 Enabling MLS on an Individual Interface...237 Disabling MLS on an External Router Interface...237 Configuring the MLS Switch Engine...237 Re−enabling MLS on a Catalyst 6000...237 Re−enabling MLS on a Catalyst 5000...238 Disabling MLS on a Catalyst 6000...238 Disabling MLS on a Catalyst 5000...238...
Page 13 CVSM Access Levels...273 CVSM Default Home Page ...273 The Switch Image ...274 Configuring the Switch with an IP Address and Setting the Default Web Administration Port...275 Connecting to the Web Management Console ...276 Configuring the Switch Port Analyzer ...281 Chapter 15: The Standard Edition IOS...283 In Depth...283...
Page 14 Viewing the IOS Version Information on a CLI−Based IOS...321 Using the show flash Command on a Set/Clear Command−Based IOS...321 Testing the Supervisor Engine Hardware on a Set/Clear Command−Based Switch...322 Testing External Module Hardware on a Set/Clear Command−Based Switch...323 Viewing the System Configuration on a Set/Clear Command−Based Switch...323 Viewing the VTP Domain Configuration on a Set/Clear IOS...324...
Page 15 Configuring SPAN for VLAN Monitoring on a Set/Clear Command−Based IOS...337 Launching the Diagnostic Console on a Cisco 1900 or 2820 Series Switch...337 Using the Diagnostic Console to Upgrade the Firmware on a Cisco 1900 or 2820 Series Switch...338 Using the Diagnostic Console for Debugging the Firmware and Hardware...339 Appendix A: Study Resources...341...
Page 16 Cisco Catalyst 4000 Series...365 Catalyst 5000 Series...365 Catalyst 6000 Series...366 Core Layer/WAN Switches...367 Cisco Catalyst 8400 Series...368 Cisco Catalyst 8500 Series...369 BPX 8600 Series...370 MGX 8800 Series...371 12000 Series Gigabit Switch Routers ...372 A...373 B...375 C...376 D...378 E−F...380 G−I...382 K−L...385 M−N...386...
Page 17: Cisco Switching Black Book
Cisco Switching Black Book Sean Odom Hanson Nottingham © 2001 The Coriolis Group. All rights reserved. This book may not be duplicated in any way without the express written consent of the publisher, except in the form of brief excerpts or quotations for the purposes of review. The information contained herein is for the personal use of the reader and may not be incorporated in any commercial programs, other books, databases, or any kind of software without written consent of the publisher.
Page 18 Steve Sayre Acquisitions Editor Charlotte Carpentier Product Marketing Manager Tracy Rooney Project Editor Toni Zuccarini Ackley Technical Reviewer Deniss Suhanovs Production Coordinator Carla J. Schuder Cover Designer Jody Winkler Layout Designer April Nielsen Dear Reader: Coriolis Technology Press was founded to create a very elite group of books: the ones you keep closest to your machine.
Page 19 Jeff Duntemann VP and Editorial Director This book is dedicated to all those who endeavor to turn dreams into realities. —Sean Odom To my wife, Sonia, and my daughter, Sabrina. —Hanson Nottingham About the Authors Sean Odom is a CCNP, MCSE, and CNX−Ethernet. He has been in the computer networking field for over 12 years and can be found instructing a number of Cisco courses, including the Switching and Remote Access courses for Globalnet Training Solutions, Inc.
Page 20: Introduction
Introduction Overview For many years I have been a consultant for different companies and have written books on switch and router configurations and troubleshooting. During my years as a consultant I have had to either install, administer, or troubleshoot switching problems and configurations for switches without a good handbook. I have constantly gone through bookstores looking for a book on Cisco switch troubleshooting and configurations that didn’t...
Page 21: The Black Book Philosophy
Words in brackets that are separated by bars are used when indicating that there are multiple choices of commands. For example, when configuring VTP you can enable the trunk port to choose one mode: on, off, desirable, or auto mode. This will be shown like this: [on|off|desirable|auto]. Knowledge of what configuration mode you are in and how to enter each configuration mode on the Cisco Command Line Interface is important.
Page 22: Chapter 1: Network Switching Fundamentals
Chapter 1: Network Switching Fundamentals In Depth Although writing the first paragraph of a book is probably the least important part, it’s invariably the most difficult section to write. To get a good picture of the different parts of networking, readers need to know where networking began and the history behind the networks of today.
Page 23: A Bit Of History
Switches are one of these alternative methods. In many respects, switches are relatively simple devices. A switch’s design and self−learning features require very little manual configuration to get it up and running. To properly use these devices in your network, you must have an in−depth knowledge of the issues involved in implementing...
Page 24 Network backbones are generally high−speed links running between segments of the network. Normally, backbone cable links run between two routers; but they can also be found between two switches or a switch and a router.
Page 25: The Pieces Of Technology
Client/Server Network Model Peer−to−peer model networks evolved into the client/server model, in which the server shares applications and data storage with the clients in a somewhat more centralized network. This setup includes a little more security, provided by the operating system, and ease of administration for the multiple users trying to access data.
Page 26: Repeaters
The MAC address uses a physical address which, in terms of the OSI Reference Model, contains the lowest level address. This is the address used by a switch. The router at Layer 3 uses a protocol address, which is referred as a logical address.
Page 27: Bridges
Six types of hubs are found in the network: Active hubs—Act as repeaters and eliminate attenuation by amplifying the signals they replicate to all the attached ports. Backbone hubs—Collect other hubs into a single collection point. This type of design is also known as a multitiered design.
Page 28 Latency delay is measured from the moment a packet enters the input port on the switch until the time the bridge forwards the packet out the exit port. Bridges can introduce 20 to 30 percent loss of throughput for some applications.
Page 29: Routers
A new option had to be developed to overcome the problems associated with bridges and routers. These new devices were called switches. The term switching was originally applied to packet−switch technologies, such as Link Access Procedure, Balanced (LAPB); Frame Relay; Switched Multimegabit Data Service (SMDS);...
Page 30: Network Design
Information from the sending device is routed directly to the receiving device. No device other than the router, switch, and end nodes sees or processes the information.
Page 31: Collision Domains
VLAN 1 is seen by those ports assigned to VLAN 1 even if they are on other switches attached by trunk links. A switch port can be a member of only one VLAN and requires a Layer 3 device such...
Page 32: Broadcast Domains
On a physical link between the port on the switch and a workstation in a VLAN with very few nodes, data can be sent at almost 100 percent of the physical wire speed.
Page 33 bridged networks. To resolve the issue, your network administrator may even upgrade your PC to a faster CPU or more RAM. This allows your PC to generate more input/output (I/O), increasing the saturation on the network. In this type of environment, every data packet is sent to every machine, and each station has to process every frame on the network.
Page 34 Distribution layer Core layer Note Chapter 2 will introduce the layers at which each switch can be found and the basic configuration steps for both of the command line interfaces. The Access layer’s primary function is to connect to the end−user’s interface. It routes traffic between ports and broadcasts collision domain traffic to its membership broadcast domain.
Page 35: Switched Forwarding
13 bytes. The minimum valid size for an Ethernet frame is 64 bytes. By verifying the first 64 bytes of the frame, the switch then determines if the frame is good or if a collision...
Page 36: Switched Network Bottlenecks
Figure 1.6 shows a network that has been upgraded to 100Mbps links to and from the switch for all the nodes. Because all the devices can send data at 100Mbps or wire−speed to and from the switch, a link that receives data from multiple nodes will need to be upgraded to a faster link than all the other nodes in order to process and fulfill the data requests without creating a bottleneck.
Page 37 In this situation, the demand nodes are connected to one switch and the resource nodes are connected to another switch. As you add additional users to switch A, you’ll find out where our bottleneck is. As you can see from Figure 1.8, the bottleneck is now on the trunk link between the two switches. Even if all the switches have a VLAN assigned to each port, a trunk link without VTP pruning enabled will send all the VLANs to the next switch.
Page 38: The Rule Of The Network Road
Tip If the interfaces on your resource nodes can implement full duplex, it can also be a secondary solution for your servers. Almost every Cisco switch has an acceptable throughput level and will work well in its own layer of the Cisco hierarchical switching model or its designed specification. Implementing VLANs has become a popular solution for breaking down a segment into smaller collision domains.
Page 39: Switched Ethernet Innovations
Around 1990, many vendors offered popular devices known as intelligent multiport bridges; the first known usage of the term switch was the Etherswitch, which Kalpana brought to the market in 1990. At the time, these devices were used mainly to connect multiple segments—they usually did very little to improve performance other than the inherent benefits bridges provide, such as filtering and broadcast suppression.
Page 40: Gigabit Ethernet
Fortunately for Ethernet switches you can provide connectivity in a number of ways. You can attach shared hubs to any port on the switch in the same manner that you connect end stations. Doing so makes for a larger collision domain, but you avoid paying the high costs of upgrades.
Page 41: Connecting To The Switch
Another way to connect to a Cisco switch or router is through an auxiliary port. This is basically the same as connecting through a console port, but it allows you to connect remotely by using a modem. This means you can dial up a remote switch and perform configuration changes, verify the configuration, or check statistics.
Page 42 Router(config)#interface e0/0.? <0−4294967295> Ethernet interface number Router(config)#interface e0/0.1 Router(config−subif)# Let’s take a look at the commands available in the User EXEC mode of a Cisco Catalyst 1912 EN switch: SeansSwitch>? Exec commands: enable Turn on privileged commands exit Exit from the EXEC...
Page 43: The Challenges
Notice that as you progress through the modes on the Cisco IOS, more and more commands become available. If your switch does not boot correctly, it may mean that you are in ROM Configuration mode, which is covered in Chapter 2.
Page 44: Entering And Exiting Privileged Exec Mode
Entering and Exiting Privileged EXEC Mode After the switch has gone through the power on self test (POST), it will come to a User EXEC mode prompt with the hostname and an angle bracket as shown here, assuming no password has been configured: Switch>...
Page 45: Saving Configuration Changes
When you are done, copy the running configuration to the startup configuration. In the following example, the hostname is being changed and then saved to the start−up configuration: Switch> enable Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# hostname BBSwitch BBSwitch (config) end BBSwitch# copy running−config startup−config...
Page 46: Chapter 2: Basic Switch Configuration
After the switch has been powered on and has completed its power on self test (POST) sequence, it’s a good idea to assign the switch a hostname to help to identify the switch. Doing so is particularly useful if you have multiple switches at multiple layers of the network.
Page 47: Campus Hierarchical Switching Model
Once you have finished the preceding basic steps, you can connect the switch to the rest of the local network. You can use many different types of physical media, such as Ethernet, Fast Ethernet, and Gigabit Ethernet.
Page 48: Access Layer
The Access layer switch connects the physical wire from the end user interface, thereby providing the means to connect to the devices located on the Distribution layer. It provides connections to both the local LAN and remote devices.
Page 49: Core Layer
Remote Monitoring (RMON) is an industry−standard method used to monitor statistics on a network using Simple Network Management Protocol (SNMP). RMON allows a network administrator to obtain information about a switch’s Layer 1 or Layer 2 statistics. This type of information cannot be obtained by using the console port of the switch.
Page 50: Connecting To The Console Port
Connecting to the Console Port To initially configure a switch, you must make a connection to the console port and enter instructions to the switch from this port. The console comes preconfigured on a Cisco device and ready to use. You can access the console port in a number of ways, as shown in Figure 2.2.
Page 51: Console Cable Pinouts
Whatever the type of console port in use on the switch, you will need to connect an RJ−45 cable from the console port or connector to the dumb terminal or PC. On a PC, you can use a third−party program to gain access, such as HyperTerminal (included with most Microsoft Windows operating systems).
Page 52: Console Connectors
Console port settings by default are 9600 baud, 8 data bits, 1 stop bit, and no parity. Normally, all three connectors will come with your switch. You will need to use the appropriate adapter for the device with which you are configuring your switch.
Page 53 Table 2.5: The RJ−45−to−DB−9 AUX port pinouts by color. Color Brown Blue Yellow Green Black Orange White Table 2.6 shows the connectors most often used for modem connections. Table 2.7 shows the connectors most often used with Unix workstation connections to the console port. Table 2.6: DCE connector pinouts for an RJ−45 to a DB−25 male.
Page 54: Switch Ioss
Menu−driven—Found exclusively on the Catalyst 1900SE, 2820SE, 3000, 3100, and 3200 series switches. You have to do very little in order to get a Cisco switch to work. By default, the Set/Clear command set switches and the Cisco CLI IOS interface switches have the following default attributes: The prompt name is set to Console>.
Page 55: Limiting Telnet Access
Configuration commands modify the operation of an interface such as an Ethernet port or a VLAN. Passwords can be configured on every access method to a Cisco Catalyst switch. Passwords can be applied to the console port, auxiliary (AUX) port, and VTY lines.
Page 56: Setting The Login Passwords
You should assign an enable password for each configured privilege level. To assign the password a privilege level of 3, use the following command: 5000RSM(config)# enable secret level 3 sean1 To get into the switch, I will now use the following command: 5000RSM(config)# username seano password sean1 Assigning Allowable Commands...
Page 57: Configuring The Telnet Time−Out Value
Switch (config) hostname CORIOLIS8500 CORIOLIS8500> Configuring the Date and Time To set the system clock on an IOS−based switch and to put it in the PST time zone, use the following command: CORIOLIS8500(config) clock set 22:09:00 08 Oct 00 CORIOLIS8500(config) clock timezone PST −8 Configuring an IP Address and Netmask To configure an IP address on a Cisco IOS−based switch, enter the following commands in Global...
Page 58: Configuring Port Speed And Duplex
To begin configuring your switch, do the following: Connect the console cable and connector to a terminal or PC and power on the switch. The switch will then go through its initial POST, which runs diagnostics and checks for the reliability of the switch components.
Page 59: Setting The Login And Enable Passwords
Telnet into your switch—you should name the switch prompt something that identifies it. If you fail to identify the switch correctly, it can be pretty embarrassing to work on the wrong switch. To change your hostname to CORIOLIS5000, use the following command:...
Page 60: Entering A Contact Name And Location Information
Before you can Telnet, ping, or manage the switch remotely, you need to define an IP address and netmask for the console port and assign it to a VLAN. By default, the switch console is in VLAN1. The syntax for setting...
Page 61: Configuring A Default Route And Gateway
The switch attempts to use the secondary gateways in the order they were configured, unless the syntax primary is used. The switch will send periodic pings to determine if each gateway has lost connectivity. If the primary gateway loses its link, it begins forwarding to the secondary default gateway.
Page 62: Enabling Snmp
There are three levels of access for configuring SNMP. The levels of access are defined by the information configured on the switch; the accessing management station must abide by those given sets of rights. The levels can be defined with community string configuration or by trap receivers, as follows: Read−only—Allows management stations to read the SNMP information but make no configuration...
Page 63: Configuring A Menu−Driven Ios
As with the other two types of interfaces, you need to connect the switch to a dumb terminal or PC. This switch, however, supports a process known as autobaud, which allows you to press the Enter key several times to get the switch’s attention. The switch will then automatically configure the console port to the correct baud rate.
Page 64: Configuring The Console Port
Break key on the PC or dumb terminal. You can set the baud rate on the switch from 2,400 to 57,600 baud.
Page 65: Configuring Snmp
Enabling Port Security Configuring SNMP You can configure up to 10 community strings on the menu−driven switch IOS by following these steps: Enter the appropriate IP configurations as shown in Configuring an IP Address and Default Gateway. Select Configuration|SNMP Configuration. You are then presented with three configuration options: Send Authentication Traps, Community Strings, or Trap Receivers.
Page 66: Configuring Rom
You can enter ROM configuration mode by using one of these two methods: Cycle the power on the switch and press the Break key during the first 60 seconds of startup. (The Break key is enabled for the first 60 seconds after cycling the power on the switch.) Enter ROM mode through a terminal server, using Telnet or another terminal emulation program.
Page 67: Configuring Snmp
RMON works in conjunction with SNMP and requires a protocol analyzer or probe to use its full features. To use SNMP−based monitoring, you need to verify that SNMP is running on your IOS−based switch. Verify that SNMP is running, using the following command in User or EXEC mode: show snmp Enable SNMP and allow read−only access to hosts using the public SNMP string by using this...
Page 68: Using Set/Clear Command Set Recall Key Sequences
The CLI of a Set/Clear interface is based on Unix, so certain c−shell commands can be issued to recall commands previously issued. The switch by default stores the previous 20 commands in its buffer. Unlike the Cisco IOS routers or switches, the up arrows do not work. You can, however, use the key sequences shown in Table 2.10 to recall or modify commands:...
Page 69 Up arrow Down arrow Ctrl+A Ctrl+B Ctrl+D Ctrl+E Ctrl+F Ctrl+K Ctrl+L Ctrl+T Ctrl+U Ctrl+V Ctrl+W Ctrl+Y Ctrl+Z Recalls commands in the history buffer Returns to more recent commands Moves to the beginning of a line Moves back one character Deletes a character Moves to the end of the command line Moves forward one character Deletes all characters to the end of the line...
Page 70: Chapter 3: Wan Switching
If the host does not detect a collision, it sends out the next packet. You may think that if the switch or host is set to full−duplex, there will be no collision—that is correct, but the host still waits between sending packets.
Page 71: Wan Transmission Media
Figure 3.1: A packet’s journey from a host to a WAN device. The WAN transmission is continuous and does not have to wait for acknowledgement or permission. Let’s take a look at how this process would work in a T1 line. T1 has 24 slots in each frame; each slot is 8 bits, and there is 1 framing bit: 24 slots x 8 bits + 1 framing bit = 193 bits T1 frames are transmitted 8,000 frames per second, or one frame every 125 microseconds:...
Page 72: Synchronous Transport Signal (Sts)
The capability of broadband to carry multiple signals enables it to have a higher transmission speed. Table 3.2 displays the various broadband transmissions, which require more expensive and specialized transmitters and receivers. Table 3.2: The different broadband transmission types and their bandwidth. Transmission Type OC/STS−1 OC/STS−3...
Page 73: Cisco Wan Switches
STS−n is an interleaving of multiple (n) STS−1s. The size of the payload and the overhead are multiplied by n. Figure 3.4 displays an STS diagram. Figure 3.4: The STS−1 framing and STS−n framing. The overhead and payload are proportionate to the n value, with the STS−1 frame as the base.
Page 74: Igx 8400 Series
Internet service providers (ISPs) to aggregate dial−in traffic, which is delivered by the local central office’s Class 4 or Class 5 switch in a T1 or T3 interface. The combined traffic is delivered to the broadband network via OC−3 trunk ports.
Page 75: Mgx 8800 Series Wide−Area Edge Switches
Switching (MPLS) and virtual private networks (VPNs). Currently, the LSC is a Cisco 7200 series router with an ATM interface. The plan is to have native LSC modules for the BPX series (similar to a Route Switch Module [RSM] for the Catalyst LAN switches). The BPX 8650 also introduced a new control and switch module to increase the throughput to 19.2Gbps.
Page 76: Cisco Wan Switch Network Topologies
The feeders aggregate multiple narrowband transmissions into broadband trunk connections to the core switches. The edge switches can be right next to the core switch, or they can be miles apart. The IGX series and the MGX 8800 series can be configured as core switches or feeders. The BPX can only be configured as a core switch, whereas the MGX 8200 series can only be a feeder node.
Page 77: Network Management
In response to prompts—A prompt will request the required parameters. Using the prompt method, you enter the desired command, and the switch asks you for all the required parameters. Using direct entry—Direct entry is the only way to issue optional parameters in the CLI; all the parameters must follow the command in exact order, separated by spaces.
Page 78: Accessing And Setting Up Igx And Bpx Switches
the network while highlighting any local problems. Connection Management—Provides a graphic interface to configure WAN switches. It provides templates to minimize the work in setting up many connections. All interface modules are supported, including VoIP/VoATM setups. Performance and Accounting Data Management—Controls the collection of SNMP information from the network.
Page 79: Using The History Command
The clear configuration command, clrcnf, will erase the connections, trunks, circuit lines, and other network settings. This is a fast way to clear settings if you’re moving the switch to another location. The switch name, IP address, user, and other function settings are maintained. To change all the settings back to their factory...
Page 80: Displaying Other Switches
It has a privilege level of 1. To set the time and date, use cnfdate followed by the year, month, day, hour, minute, and second. The format of the time must use a 24−hour clock. The switch will prompt you for confirmation before executing the command.
Page 81: Accessing The Mgx 8850 And 8220
MGX commands are case sensitive; most of the commands are lowercase, except for Help. Adding New Users The adduser command will create a new user who can access the switch: MGX.1.3.ASC.a > adduser user 2 MGX.1.3.ASC.a >...
Page 82: Displaying A Summary Of All Modules
The command dspcds will display the summary information of all the modules. This is a level 6 command. The card number, card status, card type, switch name, date, time, time zone, and IP address are all displayed. The information is displayed one screen at a time. Press the Enter key to display a second screen, and press Q to stop the display.
Page 83: Configuring The Ip Interface
−bc—The broadcast address This command has a privilege level of 1. Displaying the Alarm Level of the Switch The command dspshelfalm is used to display the alarm level and current status of the temperature, power supply, fans, and voltage. This is a level 6 command.
Page 84: Chapter 4: Lan Switch Architectures
Broadcast and Unknown Server (BUS), ASICs, Arbiters, and logic units work inside the switch. Let’s look at Figure 4.1, which shows a diagram of the ASICs and processors found inside a Cisco 5000 series switch. We’ll examine these components and then look at several other ASICs that are for more specialized or earlier model Cisco Catalyst switches.
Page 85: Asics
Over−subscription is characterized as a condition in which the total bandwidth of all the ports on the switch is greater than the capacity of the switching fabric or backplane. As a result, data is held up at the port because the tunnel−through switch is too small. Examples of Cisco switches with a single−BUS architecture are the Cisco Catalyst 1900, 2820, 3000, and 5000 series.
Page 86 Access Control (MAC) address. Note The CAM table contains the MAC address of the interfaces connected to the port and the time the switch last read a frame from that source port and address. The CAM table receives updated information by examining frames it receives from a segment;...
Page 87: The Crescendo Processors
NMP on the Supervisor Engine module and the LCP on the individual line cards located in the switch. The MCP also has a secondary job: to test and check the configuration of the local ports, control of local ports, downloading of runtime code, and performing continuous port diagnostics.
Page 88: Other Cisco Switch Processors, Buses, Asics, And Logic Units
The Local Target Logic (LTL) works in conjunction with the EARL ASIC to determine if a frame is switched to one individual port or sent to multiple ports. The LTL also helps identify the port or ports on the switch to which the frame needs to be forwarded, and it can look at the frame to determine if the frame is a unicast or a multicast frame for broadcast forwarding.
Page 89: Cef Asic
(discussed later in this chapter) in previous versions of the IOS. CEF allows you to optimize the resources on your switch by using multiple paths to load−balance traffic. You can configure per−destination or per−packet load balancing on the outbound interface of the switch:...
Page 90 IPX network numbers. The packet is now transferred across the switching fabric to its point of destination to be sent to its next hop. The destination interface prepares the packet prior to exiting the switch. Figure 4.3 shows the CEFA components.
Page 91: Phoenix Asic
The architecture of the Catalyst 3900 is centered around the AXIS bus (discussed earlier), using the Quad Token Ring Port (QTP) ASIC. Cisco uses the 3900 series line of switches as its primary switch dedicated to Token Ring topology networks. This line of switches uses a 520Mbps switching fabric through which all switched interfaces communicate.
Page 92: Qmac
It maintains a routing table, building tables composed of destination addresses. It has the ability to switch network packets based upon a match of the destination address, such as those used with IP, IPX, and AppleTalk.
Page 93: Source Route Transparent Bridging
If a host sends a frame to a single host on another port, then if the bridge or switch has learned the port the destination resides on and it is on the local switch, the switch forwards the frame out the destination interface.
Page 94: Switching Paths
Switching Paths The switch is commonly referred to in marketing terms as a Layer 2 device. If you keep thinking that way, this section will confuse you. By definition, switching paths are logical paths that Layer 3 packets follow when they are switched through a Layer 3 device such as a router or internal route processor. These switching types allow the device to push packets from the incoming interface to the interface where the packet must exit using switching paths or table lookups.
Page 95: Autonomous Switching
Silicon−switched packets use a silicon−switching cache on the Silicon Switching Engine (SSE) found on the Silicon Switch Processor (SSP). This is a dedicated switch processor used to offload the switching process from the route processor. Packets must use the router’s backplane to get to and from the SSP.
Page 96: System Message Logging
By default, the switch logs normal but significant system messages to its internal buffer and sends these messages to the system console. You can access logged system messages using the switch CLI or by saving them to a properly configured syslog server.
Page 97: Booting The Supervisor Engine Iii From Flash
Setting the Boot Configuration Register You can set the boot method for the switch manually using the boot field in the configuration register. This command affects the configuration register bits that control the boot field, similar to the way a router does.
Page 98: Enabling Dcef
Enabling dCEF To enable dCEF operation, use the following command: ip cef distributed Disabling dCEF To disable dCEF operation, use the following command: no ip cef distributed Warning Never disable dCEF on a Cisco 12000 series. Disabling CEF on an Individual Interface When you enable or disable CEF or dCEF in Global Configuration mode, all supported interfaces that support CEF or dCEF are affected.
Page 99: Viewing Cef Packet−Dropped Statistics
show ip cef Viewing CEF Packet−Dropped Statistics To view the number of packets dropped from each line card, use the following command: show cef drop Viewing Non−CEF Path Packets To view what packets went to a path other than CEF, use the following command: show cef not−cef−switched Disabling Per−Destination Load Sharing If you want to use per−packet load balancing, you need to disable per−destination load balancing.
Page 100: Enabling Telnet Session Logging On A Set/Clear Command−Based Ios
[all|facility] severity [default|value] Here’s an example of the command’s use: Catalyst5000> (enable) set logging level all 5 All system logging facilities for this session set to severity 5(notifications) Catalyst5000> (enable) Enabling the Logging Time Stamp on a Set/Clear Command−Based Switch...
Page 101: Disabling The Logging Time Stamp On A Set/Clear Command−Based Switch
System logging messages timestamp will be enabled. Catalyst5000> (enable) Disabling the Logging Time Stamp on a Set/Clear Command−Based Switch To disable the logging time stamp, use the following command in Privileged mode: Catalyst5000> (enable) set logging timestamp disable System logging messages timestamp will be disabled.
Page 102: Displaying The Logging Configuration
0(emergencies) 1(alerts) 3(errors) 4(warnings) 6(information) 7(debugging) Catalyst5000> (enable) Displaying System Logging Messages You can use the show logging buffer command to display the messages in the switch logging buffer. If you enabled enabled disabled LOCAL7 warnings(4) Current Session Severity ————————————————————————...
Page 103 do not specify the number of messages, the default is to display the last 20 messages in the buffer (−20). To display the first five messages in the buffer, use the following code: Catalyst5000> (enable) show logging buffer 5 2000 Aug 21 09:41:12 %SYS−5−MOD_OK:Module 1 is online 2000 Aug 21 09:41:14 %SYS−5−MOD_OK:Module 3 is online 2000 Aug 21 09:41:14 %SYS−5−MOD_OK:Module 2 is online 2000 Aug 21 09:42:16 %PAGP−5−PORTTOSTP:Port 2/1 joined bridge port 2/1...
Page 104: Chapter 5: Virtual Local Area Networks
Chapter 5: Virtual Local Area Networks In Depth Faced with the problems of a slow network, many network administrators make expensive mistakes. Several times, I have come across companies that have a fiber link to every desktop. In fact, an architectural firm I consulted for comes to mind.
Page 105: Why Use Vlans
Another definition of a VLAN is a logical grouping of network users and resources connected administratively to defined ports on a switch. By creating VLANs, you are able to create smaller broadcast domains within a switch by assigning different ports on the switch to different subnetworks. Ports assigned to a VLAN are treated like their own subnet or broadcast domain.
Page 106: Vlan Basics
CAD applications. In the figure, you see 10Mbps links to each workstation, a Fast Ethernet trunk to the switch containing the servers, and 100Mbps links to each server. This way, the amount of bandwidth entering from the 10Mbps switch will not overwhelm all the server links, and you create an efficiently switched network without bottlenecks.
Page 107: Switched Internetwork Security
By using switches and implementing VLANs, the switch takes care of making sure that data is sent directly from the port on the switch containing the source node, and that the data only exits out the port on which the destination node resides.
Page 108: Scaling With Vlans
Layer 3 devices to handle load balancing. An end−to−end VLAN spans the entire switch fabric from one end of the network to the other. With this type of VLAN boundary, all the switches in the network know about all the configured VLANs in the network.
Page 109: Vlan Membership Types
VLAN by default. A static VLAN is the most common and easiest in terms of administration. The switch port that you assign a VLAN association always remains in the VLAN you assign until you change the port assignment. Static VLAN configurations are easy to configure and monitor, and they work well in a network where the movement of users remains controlled.
Page 110: Vlan Trunking
Trunk Types Trunk links are point−to−point, high−speed links from 100 to 1000Mbps. These trunked links between two switches, a switch and a router, or a switch and a server carry the traffic of up to 1,005 VLANs at any given time.
Page 111 As a frame enters the switch fabric, it is tagged with additional information regarding the VLAN properties. Just as in ISL (discussed next), the tag remains in the frame while it is forwarded from switch to switch; the tag is removed prior to exiting the access link to the destination interface. Unlike ISL, which uses an external tagging process, 802.1Q uses an internal tagging process by modifying the existing Ethernet frame itself.
Page 112 VLAN information as traffic travels between switches on trunk links. Along with switches, you can also use ISL to create trunk links between two Cisco routers that support ISL, a switch and a router, and a switch and a server that has a NIC that supports ISL.
Page 113: Lan Emulation (Lane)
Cisco switches as a VTP server. All the VTP servers that need to share VLAN information must use the same domain name, and a switch can only be a member of one VTP domain. A switch configured as a server can only share VTP configuration information with switches configured as members of the same VTP domain.
Page 114: Vtp Versions
Transparent mode change support Unrecognized Type Length Value support If all the switches in the network support VTP version 2, then only one switch needs to have version 2 enabled to enable version 2 on all other switches. Consistency Checks Consistency checks are performed when new information is entered by an administrator through the command line interface (CLI) or through Simple Network Management Protocol (SNMP).
Page 115 VLANs within a VTP advertisement, they process the information received as authentic information. What happens when a new switch is configured as a server and the revision number is higher than the current revision number used in the domain? Oops! If the rest of the domain gets that information, it reconfigures every single member with the configuration on that new switch.
Page 116: Vtp Switch Modes
You can take care of this problem two ways. The easiest way is to cycle the power on the switch after placing the switch in client mode.
Page 117: Methods For Vlan Identification
If data arrives on a port assigned to a VLAN and the destination is unknown, the switch repeats the signal only to the port or ports assigned to the VLAN, except for the port of arrival.
Page 118: Internal Route Processors
This device can be an external or internal route processor. An external route processor is your typical router. An internal router processor is considered a “router on a stick”; it is a module inside of the switch, but the switch must access it remotely to make forwarding decisions. Let’s take a look at an internal route processor.
Page 119: Configuring A Static Vlan On A Catalyst 5000 Series Switch
Creating VLANs on a Catalyst 1900EN Series When you first turn on the Cisco 1912 or 1924EN series switch, you will see a screen asking you to choose an interface. Choose K from the initial user interface menu to get into IOS configuration:...
Page 120: Assigning A Static Vlan To An Interface On A 1900En Series
[K] Command Line [I] IP Configuration Enter Selection: K Once a CLI session on the switch is open, you must create a VLAN number and name. The command used to do this is as follows: vlan [vlan#] name [vlan name] command To use this command, you must be in Global Configuration mode on the switch.
Page 121: Viewing The Vlan Configuration On A 1900 Series
1912# Configuring a Trunk Port on a Cisco 5000 Series To configure a trunk on a 5000 series switch, you use the set trunk command. You can see the command and its syntaxes by typing “set trunk ?”: 5000> (enable) set trunk ? Usage: set trunk <mod_num/port_num>...
Page 122 Use this option when DISL negotiation that takes place on ISL trunks is not supported. When using dot1q as the final parameter, this option tells the switch that ISL will not be used for trunking the ports. Description Applies the ISL protocol encapsulation to an Ethernet trunk.
Page 123: Mapping Vlans To A Trunk Port
Configuring a Trunk Port on a Cisco 1900EN Series To configure a trunk on a 1900EN series switch, you use the trunk command. The 1900 switch has the same port negotiation options as the 5000 series, but only runs the DISL encapsulation method. You can see the...
Page 124: Verifying A Trunk Link Configuration On A 5000 Series
Display joined vlans joining−vlans Display joining vlans prune−eligible Display pruning eligible vlans Configuring the VTP Version on a Catalyst 5000 Switch To configure VTP version 2, use the set vtp v2 enable command. Let’s look at an example: Native vlan ——————...
Page 125: Configuring A Vtp Domain On A Catalyst 1900 Switch
Configuring a VTP Domain on a Catalyst 1900 Switch The 1900EN series switches only use VTP version 1. The switch can be a member of only one VTP domain. To set the switch to the Coriolis domain, use the following command:...
Page 126: Configuring Vtp Pruning On A Catalyst 1900 Switch
If you set the mode to client or server, then you need to set the VTP domain name and password on the first switch. The VTP name can be up to 32 characters long. The password is a minimum of 8 characters with a maximum of 64.
Page 127: Verifying The Vtp Configuration On A Set/Clear Cli
1900EN(config)#vtp domain Coriolis 1900EN(config)# To set a VTP domain password on a 1900EN to “pass1” use the following command: 1900EN(config)# vtp password pass1 1900EN(config)# Verifying the VTP Configuration on a Set/Clear CLI To verify the VTP domain information, use the command show vtp domain. This command will show you the domain name, mode, and pruning information: 5002>...
Page 128: Configuring Vtp Pruning On A Set/Clear Cli Switch
Enabling pruning on a VTP server enables pruning for the entire domain, which is by default VLANs 2 through 1005. VLAN 1 can never prune. Before you can set a VLAN to be eligible for VTP pruning, you should go to the switch to see what the available syntaxes are for the command: 5002>...
Page 129: Configuring Ipx Intervlan Routing On An External Router
Cisco7505(config)#router rip Cisco7505(config−router)#network 192.1.0.0 Create a subinterface on a physical interface in Interface Configuration mode for the port connected to the switch: 7505(config−router)#interface fastethernet2/0.100 Specify the encapsulation type and VLAN number to use on the subinterface: 7505(config−subif)#encapsulation isl 100 Assign an IP address and subnet mask to the subinterface: 7505(config−subif)#ip address 192.1.1.1 255.255.255.0...
Page 130: Chapter 6: Intervlan And Basic Module Configuration
One of the first things you will discover in this chapter is that switch is merely a marketing term. When we think of a switch, we think of a device that operates at Layer 2. Well, in this chapter we’ll walk through the process of configuring Cisco switch−swappable cards and modules, and you’ll find that today’s switches have...
Page 131 The CEF ASIC is used to ensure that all packets have equal access to the switch’s internal memory. It performs lookups via the CEF ASIC (CEFA) search engine. CEFA uses a round−robin approach, giving fair access to data traffic on each port as well as cycling data between ports and processing requests as needed.
Page 132: Available Route Processors
Available Route Processors When a switch receives a packet from a port on one VLAN destined for the port of another VLAN, the switch must find a path on which to send the frame. Because switches are designed to isolate traffic to collision domains or subnets, they cannot by default forward data to another VLAN or network without some other device’s intervention to route the data and create routing tables of networks and devices.
Page 133 11.3.4 or higher of the Cisco IOS. This Cisco solution provides frame and packet filtering at wire speeds, utilizing ASICs instead of processors and allowing the switch to scale forwarding rates from millions of packets per second to gigabit wire speeds.
Page 134 1 mapped to channel 1. The switch uses VLAN 0 to communicate with the RSM; the user cannot access VLAN 0. VLAN 1 is the switch default, but this default can be changed and mapped to a specific channel to...
Page 135 The RSFC is another daughter card of the Supervisor Engine IIG or the Supervisor Engine IIIG. This card basically transforms your switch into a Level 3 router with lots of ports. Two great features of this card are Web browser support, which provides a graphical navigation tool through the Command Line Interface (CLI), and the integration of NetFlow switching services, which include those services built into the NetFlow Feature Card.
Page 136: Routing Protocol Assignment
Network Management Processor (NMP). The processor’s ability to switch more than one million packets per second (pps) provides data path and data control for all the switch’s network interfaces, including two on−board integrated Fast Ethernet interfaces that can support redundancy using the Spanning−Tree Algorithm...
Page 137: Supervisor Engine Iii
Support for core−switching logic The Supervisor Engine II G supports additional features, such as: An optional NetFlow Feature Card II (NFFC II) chipset built in Route Switch Feature Card (RSFC) Modular uplink ports Supervisor Engine III The Supervisor Engine III is available in three models:...
Page 138: Using The Supervisor Engine
Supervisor Engine to its factory defaults. You can determine the boot process the switch will use when you recycle the power by setting the boot field in the configuration register. There are three different settings for the boot field. These are as follows: ROM monitor—Use the rommon syntax, which will instruct the switch to remain in ROM−monitor...
Page 139: Port Security
Determining the Slot Number in Which a Module Resides To determine the slot number in which a module or card resides, use the following steps: On the switch console, enter the enable command and the password to enter Privileged mode: Coriolis5000# enable Password: ******** Coriolis5000>(enable)
Page 140: Accessing The Internal Route Processor From The Switch
The session command, followed by the slot number on the switch in which the internal routing processor module resides, allows you to access the module from the switch’s CLI. You can then end the session by using the exit command. Let’s take a look at an example of accessing the internal route processor: Seans5002>...
Page 141: Assigning An Ip Address And Encapsulation Type To An Ethernet Interface
Router# configure terminal Warning When you make changes in this mode, they must be saved to NVRAM. Otherwise, the next time you recycle the switch, the changes will be lost. The command to save changes is copy running−config startup−config. Assign the RSM a unique hostname with the following command. Call it RSM1: Router>(config)# hostname RSM1...
Page 142: Configuring A Default Gateway On A Catalyst 5000
Just as an end−user interface needs to have a defined default gateway, a switch needs to know the address of the interface of the route processor connected to the local subnet.
Page 143: Viewing The Rsm's Running Configuration
Configuring InterVLAN Routing on an RSM Before you configure the RSM, you must configure the switch as a VTP server and assign a VTP domain name. You must also configure the ISL trunk links and assign the switch ports on each switch to the appropriate VLAN.
Page 144: Configuring Ipx Intervlan Routing On The Rsm
RSM1>enable RSM1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. RSM1(config)#interface vlan 2 RSM1(config−if)# %LINEPROTO−5−UPDOWN: Line protocol on Interface Vlan2, changed state to down Assign IP addresses to the VLAN interfaces: RSM1(config−if)#ip address 172.20.52.33 255.255.255.224 RSM1(config−if)#no shutdown %LINEPROTO−5−UPDOWN: Line protocol on Interface Vlan2, changed state to up RSM1(config−if)#interface vlan 3 RSM1(config−if)# Repeat these steps for each VLAN.
Page 145: Viewing The Rsm Configuration
Router# Viewing the RSM Configuration Just as on a router, you use the show running−config to view the running configuration: Coriolis5000RSM# show running−config Building configuration… Current configuration: version 11.2 no service udp−small−servers no service tcp−small−servers hostname Coriolis5000RSM enable book1234 interface Vlan1 ip address 130.77.20.15 255.255.254.0 interface Vlan2 ip address 130.77.20.15 255.255.254.0...
Page 146: Configuring Filtering On An Ethernet Interface
To configure protocol filtering for IP only, follow these steps: To configure protocol filtering on the Ethernet, Fast Ethernet, or Gigabit Ethernet ports, you must first enable protocol filtering on the switch. To enable protocol filtering, use this command in Privileged mode:...
Page 147: Clearing Mac Addresses
Dynamic port security is when a switch is configured to allow only the first MAC address used on an interface to use the switch port.
Page 148: Setting The Boot Config−Register On The Supervisor Engine Module
Port(s) 2/24 trunk type set to isl. 2000 Nov 19 12:32:46 %DTP−5−TRUNKPORTON:Port 2/24 Enable the switch to be a VTP client for the Coriolis VTP domain. Doing so will propagate the VLAN information from the 1912EN switch: Catalyst5000> (enable) set vtp domain ? Usage: set vtp [domain <name>] [mode <mode>] [passwd <passwd>]...
Page 149: Changing The Management Vlan On A Supervisor Engine
Changing the Management VLAN on a Supervisor Engine By default, the switch places all of its ports into what Cisco refers to as a native management VLAN. The native management VLAN is always configured for VLAN 1 on a Cisco switch. Cisco recommends adding another layer of security by changing the default management VLAN from VLAN 1, which is the default of all the ports on the module.
Page 150: Configuring The Cisco 2621 External Router For Isl Trunking
DRAM Module Total Used Free —————— ————— ———— ————— 32640K 20331K 12309K Uptime is 2 days, 19 hours, 3 minutes Catalyst5000> (enable) You can also use the show module command, as shown in the following output: Catalyst5000> (enable) show module Mod Slot Ports Module−Type ——...
Page 151: Configuring Redundancy Using Hsrp
Configuring Redundancy Using HSRP To configure HSRP on router interfaces, perform the following steps: Enter Interface Configuration mode and identify a standby group and an IP address: standby [group−number] ip [ip−address] Identify the priority for the HSRP interface. The interface with the highest priority becomes active for that HSRP group;...
Page 152 RSM2(config−if)#standby 10 authentication Secret RSM2(config−if)#interface vlan20 RSM2(config−if)#ip address 172.16.20.2 255.255.255.0 RSM2(config−if)#no shutdown RSM2(config−if)#standby 20 ip 172.16.20.10 RSM2(config−if)#standby 20 preempt RSM2(config−if)#standby 20 timers 5 15 RSM2(config−if)#standby 20 authentication Covert RSM2(config−if)#^Z RSM2#...
Page 153: Chapter 7: Ip Multicast
Chapter 7: IP Multicast In Depth Over time, our use of computers has moved from the local desktop to the local network. Most of this network traffic consists of using local network sources, such as printing and file transfers. As our personal computers become more powerful, the applications that we use now contain more audio and video components.
Page 154: Broadcast
Unicast Multicast Broadcast In its simplest form, broadcast traffic consists of packets that reach every point of the network. In a typical network, broadcasts are stopped at the router. You can set the router to forward broadcasts, but doing so is not very efficient—it creates a lot of traffic on the network and slows the end users’...
Page 155: Multicast
Figure 7.2: Unicast traffic flow. Multicast Multicast is a combination of broadcast and unicast. It sends one copy of the packet to many hosts that requested it, thereby using less bandwidth. It also saves bandwidth by not sending the packet to the portion of the network whose hosts didn’t request the transmission.
Page 156: Ip Multicasting Addresses
each other and with the server by multicast. When an individual driving a tank or a fighter enters a grid square, it joins the multicast group to receive that square’s simulation traffic. As the individual moves from square to square, the individual’s multicast group membership changes. IP multicasting uses Class D network addresses to route data to different groups and hosts.
Page 157 The X bits are not used. The remaining bits 000 1010 0000 1000 0000 0101 give you 0a:08:05. Put that result together with 01:00:5e: and you get 01:00:5e:0a:08:05. Here is another example, using the multicast address 224.127.15.10: 1110 0000 0111 1111 0000 1111 0000 1010 XXXX XXXX X111 1111 0000 1111 0000 1010 After removing the X portion, the section 111 1111 0000 1111 0000 1010...
Page 158: Delivery Of Multicast Datagrams
Address 224.0.0.2 The range from 224.0.1.0 to 224.1.255.255 is assigned by IANA to network protocols and network applications on a permanent basis. To obtain one of these addresses, you must have a really good technical justification. The range from 239.0.0.0 to 239.255.255.255 contains administratively scoped addresses for use in private networks, similar to the use of 10.x.x.x for IP addresses.
Page 159: Multicast Forwarding
shortest path tree (SPT) because it uses the shortest path to reach the destination. This design functions very well in a one−to−many model, but it has drawbacks when used in a many−to−many model. For example, a live concert has only one source, so there will be only one distribution tree in the router for the multicast group.
Page 160 Distance Vector Multicast Routing Protocol DVMRP is based on RIP and is widely used. Just like RIP, it uses a distance vector (hops) and sends out periodic route updates. It’s different from RIP in that it is classless and has a hop limit of 32 rather than 16. When DVMRP is first implemented on a router, it sends a probe packet with its IP address out all the interfaces.
Page 161: Internet Group Management Protocol (Igmp)
receive the multicast traffic sends a PIM join message toward the root node (rendezvous point). As this join message travels up the tree, the multicast routers along the way forward the requested traffic back down the tree to the destination. To put it in a simple form, PIM−DM will send the multicast traffic everywhere until it is told not to.
Page 162: Igmpv2
responses, it will build a list of all the multicast groups for that interface. Any other router on the same subnet will also receive the responses and will have the same information. Note A host does not have to wait for a host membership query to send out a membership report. It could send an unsolicited membership report, a process sometimes mistakenly referred to as sending out an IGMP join to the router.
Page 163: Time To Live
Black Book. Let’s get down to how multicast behaves in a switch environment. As you are well aware, the difference between a hub and a switch is how the device forwards the frames out the ports: A hub will forward a frame out every port except the receiving port, whereas a switch will forward the frame to the ports based on the destination MAC address.
Page 164: Cisco Group Management Protocol
Let’s look at the entire process. When a host broadcasts an IGMP report, the report is processed by the switch and sent out to every port. The router will begin to send multicast traffic to the switch. The switch will add the source port to the CAM table along with the first port.
Page 165: Garp Multicast Registration Protocol
Generic Attribute Registration Protocol (GARP) Multicast Registration Protocol (GMRP) prevents multicast flooding on the switch. This protocol provides a way for the host to communicate with the switch at the MAC level. It runs independently of the Layer 3 protocol.
Page 166: Configuring The Rendezvous Point
Configuring the Rendezvous Point You can configure the rendezvous point (RP) manually or let it be auto−discovered. To configure the RP manually, you have to configure the routers that have either the sender of the multicast traffic or the receiver of the multicast traffic connected to its segment.
Page 167: Changing The Igmp Host−Query Message Interval
Coriolis> (enable) set cam static 01−00−5e−0c−8−5 2/1−12 Static multicast entry added to CAM table. This multicast group exists only until you reset the switch. To store the entry in the NVRAM, replace static with permanent: Coriolis> (enable) set cam permanent 01−00−5e−0c−8−5 2/1−12 Permanent multicast entry added to CAM table.
Page 168: Removing The Multicast Router
Coriolis> (enable) set igmp enable IGMP Snooping is enabled. CGMP is disabled. Note The switch will not let you enable IGMP snooping if CGMP or GMRP is enabled. Disabling IGMP Snooping To disable IGMP snooping, use the following command: Coriolis> (enable) set igmp disable IGMP feature for IP multicast disabled.
Page 169: Displaying Igmp Statistics
Topology Notifications rcvd This is a good way to verify that IGMP is set up correctly. If you have more than one VLAN on the switch and want to display only the specific VLAN, use the command show igmp multicast statistics [vlan].
Page 170: Configuring Cgmp
Total Number of Entries = 1 To get more detail about the multicast groups, use this command: Coriolis> (enable) show multicast group [vlan] CGMP disable IGMP enable VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type] ———— —————————————————— —————————————————————————————————————————— 01−88−75−88−08−57* 2/1−12 11−87−96−54−22−11*...
Page 171: Configuring Rgmp On The Switch
GDA to EARL topology notifications received 10 number of CGMP packets dropped Configuring RGMP on the Switch RGMP is disabled by default. Use the following command to enable RGMP globally: Coriolis> (enable) set rgmp enable RGMP enabled.
Page 172: Displaying Rgmp−Capable Router Ports
To display the total number of RGMP groups, use the following command: Coriolis> (enable) show rgmp group count [vlan] Total Number of Entries = 2 Displaying RGMP−Capable Router Ports To display the ports to which RGMP routers are connected, use the following command: Coriolis>...
Page 173: Disabling Gmrp
Coriolis> (enable) set port gmrp enable 2/1−12 GMRP enabled on ports 2/1−12. But don’t be fooled—the switch will let you configure GMRP on a per−port basis, but it will not work unless you enable it globally. Disabling GMRP on Individual Ports To disable GMRP on each port, use the following command: Coriolis>...
Page 174: Displaying The Gmrp Configuration
Coriolis> (enable) set gmrp registration forbidden 2/1 GMRP Registration is set forbidden on port 2/1. Displaying the GMRP Configuration To display the GMRP configuration setting on the switch, use the following command: Coriolis> (enable) show gmrp configuration Global GMRP Configuration: GMRP Feature is currently enabled on this switch.
Page 175: Configuring Bandwidth−Based Suppression
Packet−based suppression is a software−based suppression method. The threshold is set as a number of packets traveling through the port. When the multicast/broadcast traffic exceeds the threshold within a one−second period, the switch stops all incoming traffic for the remainder of the period. Use the following command to configure packet−based suppression: Coriolis>...
Page 176: Chapter 8: Wan Cell Switching
BPX switch or routing node. Hybrid nodes—The IGX 8400 and the MGX 8800 switches, which are used to aggregate UNI connections. These switches are also used to route and switch packets to the trunks that lead to the final destination.
Page 177: Lane
An ATM network includes two types of devices: ATM switches and ATM endpoints. One type of ATM interface, called a user−network interface (UNI), connects an ATM device to a switch; a second type, called a network−to−network interface (NNI), connects an ATM switch to another ATM switch.
Page 178: Atm Protocols
ATM Protocols The protocols used in ATM have been specifically designed to support high−speed networks at speeds ranging up to gigabits per second (Gbps). Other physical LAN topologies, such as Gigabit Ethernet, provide high−speed networking and work very well in LANs. ATM, on the other hand, can handle network Gbps traffic in both LAN and WAN environments and could care less about the type of physical media being used.
Page 179 Figure 8.2. If a source has nothing to send, then the timeslot goes unused, and the bandwidth is considered wasted. Figure 8.2: Data from multiple switch ports (resources) is sent down a single multiplexed serial link. Time Division Multiplexing...
Page 180: The Atm Switch And Atm Endpoints
As mentioned earlier in the chapter, in a UNI, the ATM interface connects an endpoint to a switch. In an NNI, the interface connects two ATM switches together. The UNI and NNI connections can be used to further divide the network into private and public networks.
Page 181 A VCI is also known as a virtual channel. It is an identifier for the physical connection between the two ends that form a logical connection. A VPI is the identifier for a group of VCIs that allows an ATM switch to...
Page 182: Specifying Atm Connections
The ATM Adaptation Layer The ATM Adaptation Layer (AAL) provides the translation between the larger service data units of the upper layers of the OSI Reference Model and ATM cells. It works by receiving packets from the upper−level protocols and breaking them into 48−byte segments to be dumped into the payload of an ATM cell. The AAL has two sublayers: segmentation and reassembly (SAR) and the convergence sublayer (CS).
Page 183: Atm Addressing
Variable bit rate−real time (VBR−RT)—Typically used for connections that carry VBR traffic in which a fixed timing relationship exists between either VBR video or voice compression. Variable bit rate−non real time (VBR−NRT)—Used to carry VBR traffic in which no timing relationship exists for data traffic where a guarantee of bandwidth or latency is needed.
Page 184: Lane Components
changing the application itself or Layer 3 drivers. This approach allows backward compatibility with existing LANs, broadcast support, and connectionless delivery. LANE has some drawbacks, however: It prevents the use of ATM−specific benefits such as QoS and doesn’t have the ability to provide flexible bandwidth allocations. LANE is the primary component that provides connectivity between ATM devices and the devices residing on the Layer 2 LAN.
Page 185 The LEC is the component responsible for passing traffic between separate VLANs on the Catalyst switches and between ELANs on the ATM switch. You can configure multiple LECs for one or more ELANs on the ATM modules. Prior to configuring a LEC on an ATM module, a VLAN must be configured on the switch, and the LES/BUS or an ELAN must be configured on one or more ATM module subinterfaces.
Page 186 The registration process of the LECS ATM address uses the ILMI functions to connect to the ATM network; this situation usually includes an ATM switch. Support for configurations from the LECS ensures that the correct LES address is supplied to the LEC.
Page 187 Broadcast and Unknown Server (BUS) The BUS provides broadcasting support for an ELAN. The BUS distributes multicast data, sends or distributes unicast data, and connects the other LANE components. When the destination address of an Ethernet or Token Ring frame contains a local broadcast or a multicast address, the LEC forwards the traffic to the BUS, which forwards it to all the other LECs in the ELAN.
Page 188: Integrated Local Management Interface (Ilmi)
The ILMI protocol was defined by the ATM Forum. It aids in initialization and configuration of ATM LECs. ILMI uses the Simple Network Management Protocol (SNMP) to share information between an ATM client and an ATM switch. It uses a well−known permanent connection to the LECS that has a VPI of 0 and a VCI of 17.
Page 189 VCC. This query is made to the ATM switch containing the LECS, using ILMI. The query is a request for the ATM address of the LES for its emulated LAN. The switch contains a Management Information Base (MIB) variable containing the requested ATM address. The...
Page 190: Lane Configuration Guidelines
LE_ARP_REQUEST—Contains the broadcast MAC address 0xFFFFFFFF. This packet is sent on a control direct VCC to the LES to query for the ATM address of the BUS. LE_ARP_RESPONSE—Sent in response to an LE_ARP_REQUEST; it contains the ATM address of the BUS. LE_JOIN_RESPONSE—Contains the LANE client identifier (LECID) that is a unique identifier for each client.
Page 191: Implementing Lane
Routers such as the Cisco 4000, 4500, 7000, and 7500 can support LANE, as well. If you’re designing an ATM LANE network, you need to examine each switch’s level of performance and functionality. Doing so allows you to determine which switching product is needed at each point in the network.
Page 192 Tables 8.1 and 8.2 show the LED lights and functions on the LANE modules. These modules provide a connection between multiple ATM networks connecting through the ATM switch: Table 8.1: LANE module status LEDs.
Page 193: Connecting In An Atm Network
Supervisor Engine’s console port. Tip Even though the LANE module is configured through the Supervisor Engine, the Supervisor Engine maintains no configuration information regarding the LANE module. This information is stored on the LANE module itself. Segmentation and Reassembly In a frame−based network such as Ethernet, packets sent on the physical wire require a minimum frame size. Ethernet requires a minimum frame size of 64 bytes;...
Page 194: Monitoring And Maintaining Lane
After the destination node receives the LE_ARP response from the LES, the destination client responds to the source with its address information. The source sends a “flush” message to the BUS, which instructs the BUS to stop sending any unsent cells—the source will now establish a direct connection with the destination and send the remaining data.
Page 195: Configuring The Les/Bus
LANE Server: 47.00817200000000E04BAAA006.00E04BAAA061.** LANE Bus: 47.00817200000000E04BAAA006.00E04BAAA062.** LANE Config Server: 47.00817200000000E04BAAA006.00E04BAAA063.00 note: ** is the subinterface number byte in hex Note The asterisks in this example indicate that the addresses are in hexadecimal. The ATM LANE module does not list these addresses with this command. Configuring the LES/BUS Follow these steps to configure a LES/BUS for two ELANS—the default ELAN and ELAN2: Enter Global Configuration mode on the LANE module:...
Page 196: Verifying A Lec Configuration On An Elan
ATM(config)#interface atm0.1 Map the LEC bus to the Ethernet ELAN named “default”: ATM(config−subif)#lane client ethernet default Repeat Steps 2 and 3 for each LEC you want to configure on this LANE module. Enter Interface Configuration mode for the ATM0 subinterface 2: ATM(config−subif)#interface atm0.2 Map the LEC bus to the Ethernet ELAN named ELAN2: ATM(config−subif)#lane client ethernet ELAN2...
Page 197: Configuring The Lecs
Configuring the LECS Prior to configuring the LECS, you will need to go to each LES and get its ATM address. This address can be gathered with the following command: ATM#show lane server LE Server ATM0.1 ELAN name: default Admin: up State: operational type: ethernet Max Frame Size: 1516 ATM address:47.00918100000000E04FACB401.00100DAACC41.01...
Page 198: Verifying The Lecs Configuration
ATM(config−if)#lane config database ELAN2 ATM(config−if)#end Verifying the LECS Configuration Verify the proper setup with the following command: ATM#show lane config LE Config Server ATM0 config table: ELAN2 Admin: up State: operational LECS Mastership State: active master list of global LECS addresses (58 seconds to update): 47.00918100000000E04FACB401.00100DAACC43.00 ATM Address of this LECS: 47.00918100000000E04FACB401.
Page 199: Chapter 9: Lightstream Switches
LightStream 100 As with all the LightStream switches, the LS100 switch shown in Figure 9.1 is a desktop ATM switch used in the LAN, WAN, or campus backbone. This switch supports a maximum of 16 ATM lines; it supports a maximum of 155Mbps per line, for an aggregate throughput of 2.5Gbps.
Page 200: Lightstream 1010
Non−blocking means the switch fabric can process and switch just as much or more data than all the ports on the switch combined can possibly bring in. This is possible because the switch uses a feature card and a high−performance reduced instruction set computer (RISC) processor that provides the speed and routing intelligence for the architecture.
Page 201: Lightstream 2020
UBR + MCR One of the great features of the LightStream 1010 switch is its ability to use the same interface modules as the Cisco Catalyst 5500 series of switches. This feature allows the LS1010 to be controlled in the same way as the Catalyst 5500 series, with the AtmDirector, CiscoView, and CiscoWorks for Switched Internetworks (CWSI) software available from Cisco.
Page 202: Neighborhood Discovery Function
LS2020 switch. CDF enables the switch to find nodes in the network; the found nodes are placed in a database to make internal routing decisions. This neighborhood discovery process runs on the network processor (NP) inside the LS2020’s attached network.
Page 203: Lightstream Troubleshooting Tools
ROM could have a problem. If the switch has no configuration, it will default to setup mode. If you see the following notice during the boot process and you’re prompted to set up the switch, then the installed nonvolatile RAM (NVRAM) may have a problem—particularly if a saved configuration existed when the power was recycled.
Page 204: Supported Troubleshooting Protocols
From this prompt, you can enter the initial configuration dialog or decline and manually enter the configuration. This choice allows an administrator to use the Command Line Interface (CLI) on the LightStream switch. If you are not familiar with configuring a LightStream switch, you may want to continue using the System Configuration Dialog screen.
Page 205: Configuring The Hostname
Configuring the Processor Card Ethernet Interface You must configure the Ethernet port on the processor card in order to allow Telnet access to the switch CLI. To configure the Ethernet interface, you must have local administrative access. Connect a PC or workstation...
Page 206: Configuring Virtual Private Tunnels
Enter Interface Configuration mode for the Ethernet interface: CoriolisLS1010(config)# interface ethernet 0 Assign the IP address and subnet mask to the interface just as you would a switch or router Ethernet interface, and then exit: CoriolisLS1010(config−if)# ip address 63.78.127.2 255.255.255.0 CoriolisLS1010(config−if)# ^C...
Page 207: Viewing The Configured Virtual Connections
Tip To verify the address configuration, use the show atm ilmi−configuration command. Configuring the Advertised LECS Address To configure the LECS address advertised by the switch to the end system, use the atm lecs−address−default Global Configuration command. The syntax is as follows: atm lecs−address−default lecsaddress [sequence #]...
Page 208: Viewing The Installed Modules
Viewing the Installed Modules Just as you can on a Catalyst switch, you can use the show module command to look at the installed modules on the LightStream switch. Remember, the LS1010 can use the same modules as the 5500 series switch.
Page 209: Configuring The Mpc
——— ———————— ————————— —————————— —————— EARL 1+ WS−F5511 0002278010 1.0 Mod SMT User−Data T−Notify CF−St ——— ——————————————————— ———————— —————— WorkGroup Stack CoriolisLS1010> Configuring the MPC This example configures the MPC and binds an LEC to the MPC: Define the MPC with the name THEMPC, as follows: mpoa client config name THEMPC Specify the ATM interface to which the MPC is attached.
Page 210: Monitoring The Mps
%ATM−5−ATMSOFTSTART:Restarting ATM signaling and ILMI on ATM3/1/2 Configuring LANE on a LightStream 1010 To configure a LANE client connection from a remote ATM switch router to the processor card (CPU) of a local switch, follow these configuration steps: Use the enable command to enter Privileged EXEC mode: CoriolisLS1010>...
Page 211: Powering On The Lightstream 100 Atm Switch
To power on the LightStream 100 ATM switch, use the following steps: Turn the power switch to the on position, which is depicted by a symbol that looks like this: (|). The switch will execute the diagnostic power on self test (POST). The results can be viewed by connecting to the console port.
Page 212: Recovering A Lost Password
Choose option 5 to boot the system for a single−user: Network Processor bootstrap(version 1.3: Sep 13 1993) 1 − Boot ATM switch application 2 − Begin full installation with boot from floppy disk 3 − List contents of hard disk root directory 4 −...
Page 213 Starting VM system … Virtual Memory Engaged! inetd started Starting crond … Initializing the switch hardware interface … Using switch A, cards are NOT synchronized, fast cutover is supported PCP version: 0x410, CMP version: 0x12, FSU version 0x109 Starting the switch software LightStream 2020 Version 2.0.6 Copyright 1993 LightStream Corp.
Page 214 user name: coriolisuser password: This process changes the password and recovers any lost passwords.
Page 215: Chapter 10: Layer 2 Redundant Links
STP can be running on the network. When a frame is received on a switch port, the switch looks at the destination address in the frame header and compares the address with known source addresses the switch has learned to see if it knows the port the destination resides on.
Page 216: Broadcast And Multicast Frames
00001010.00000001.11111111.11111111 When a switch receives a broadcast or a multicast, the frame is sent out all the ports of the switch by default, with the exception of the port on which the frame arrived. VLANs can be used to break down the broadcasts into smaller broadcast domains.
Page 217: Danger! Data Loops
and Electronics Engineers (IEEE) a protocol similar to STP to become a networking standard. However, after the IEEE 802 committee revised it into what is now known as the IEEE 802.1D standard (Spanning Tree Protocol), the protocol differed just enough from DEC’s version that they were incompatible. Danger! Data Loops! Data loops can easily become a network disaster.
Page 218: Stp Root Bridges
After the root bridge is selected, the root ports on all other bridges are determined. Switch A in Figure 10.3 is acting as the root bridge, calculating the least−cost path to switch D. Notice the numbers associated with the root bridge’s path to each individual destination; the path with the lowest number has the highest priority.
Page 219: Bridge Protocol Data Units
STP will use to calculate a higher path cost. The goal is to make changes to the network so that the fastest, most efficient route to the root port is designated for the switch to use. The fastest links should always have the lowest port costs.
Page 220 The timers are set by default on the switch. Table 10.2 shows the three different STP timers and the default timer settings based on a default setting of 2 for the Hello Time and 7 for the switch diameter.
Page 221: Root Bridge Selection
Media Access Control (MAC) address—The 6−byte MAC address of the switch or bridge. These two fields of the bridge ID help an STP switch yield a value that can be compared with other switches’ bridge IDs to determine which switch will become the root bridge. The lower the bridge ID value, the higher the chance of a root−bridge assignment.
Page 222 BPDUs. Bridges look at the path cost first to determine if the port has the lowest−cost path to the root switch. If the port has the lowest port cost, the port is placed in forwarding mode. All the other ports that are receiving the same BPDU information are placed in blocking mode.
Page 223: Spanning Tree Convergence Time
ID wins. For example, let’s look at the two switches depicted in Figure 10.5. One switch uses the MAC address 0000.80ac.0000.1111, and the other switch uses the MAC address 0000.80ac.0000.2222. The switch using 0000.80ac.0000.1111 would become the root bridge or the root port, depending on which decision the switch is making.
Page 224: Stp Port States
Blocking—The port will not forward frames. It merely accepts BPDUs the port receives and processes them. All ports are in the blocking state by default when the switch is powered up. The port stays in a blocked state if STP determines that a lower−cost path exists to the root bridge. The port does not put any of the information it hears into the address table.
Page 225: Per−Vlan Spanning Tree
Common Spanning Tree (CST) in large−scale spanning tree networks. PVST creates a separate instance of STP on each VLAN in the switch block. This setup gives each VLAN a unique STP topology containing its own port cost, path cost, priority, and root switch.
Page 226: Link Failure
the network. Thus, eight wires can be used to simulate one link able to handle up to 800Mbps and load balance data across those links, as shown in Figure 10.7. Figure 10.7: Eight equal−cost links between two switches, creating a bundle of eight channels acting as a single link.
Page 227: Fast Convergence Components Of Stp
VLANs. The VLANs must be static VLANs, meaning that the port on the switch must be assigned to a VLAN. PAgP also requires that all ports in the channel belong to the same VLAN or be configured as trunk ports.
Page 228: Backbonefast
The switch will send another kind of BPDU called the root Link Query PDU if more than one link exists to the root bridge. The switch will send a root Link Query PDU out all the available alternate paths to the root bridge to determine which one will forward.
Page 229: Enabling Stp On A Set/Clear Command−Based Switch For All Vlans
(enable) set spantree disable all Spantree disabled. Disabling STP on a Set/Clear Command−Based Switch by VLAN To selectively disable specific ports on the switch by VLAN, use this Privileged mode command: set spantree disable [VLAN] set spantree disable all...
Page 230: Configuring Stp On An Ios Command−Based Switch
The 6−byte MAC address for the designated root bridge The 2−byte priority setting for the root bridge Total cost to get to the root bridge from this switch (0 indicates the root switch) The port used to get to the root bridge Timer values of the root bridge or switch;...
Page 231: Viewing The Stp Configuration On A Command Line Switch
Timers: message age 20, forward delay 15, hold 1 Configuring the STP Root Switch To configure the switch to become the root bridge, enter the following command in Privileged mode (Table 10.7 defines the syntax fields for this command): set spantree root <vlan> dia <seconds> hello <seconds>...
Page 232: Setting The Root Bridge For More Than One Vlan On A Set/Clear Command−Based Switch
Setting the Root Bridge for More than One VLAN on a Set/Clear Command−Based Switch To set the primary root switch for more than one VLAN on a Set/Clear−based switch, use the Privileged mode command to change configuration to a root bridge. The default priority automatically changes to 8,192, which is the default when the command is used to configure the switch as the root bridge.
Page 233: Verifying The Port Cost Configuration On Both A Set/Clear Command− And Cli−Based Interface
Configuring the Port Priority on a CLI−Based IOS On a Cisco IOS command−based switch, the priority value is a numerical value from 0 to 255. To set the port priority on a Cisco IOS command−based switch, enter the following Interface Configuration mode command: spantree priority <port priority>...
Page 234: Verifying The Stp Port Priority On A Set/Clear Command−Based Switch
Verifying the STP Port Priority on a Set/Clear Command−Based Switch To verify the proper port priority setting, use this command (only the module and port numbers are required): show spantree <module/port> The following command provides output on module 2, port 3:...
Page 235: Adjusting The Maxage Timer On A Set/Clear Command−Based Ios
All ports in a channel must be enabled. Any disabled ports are considered link failures by the switch, and traffic for those ports is automatically transferred to any remaining ports in the bundle.
Page 236: Creating An Etherchannel On A Set/Clear Command−Based Switch
Table 10.8 explains the syntaxes available for the mode option. The mode on each port can be set to on, off, auto, or desirable. Table 10.8: The four mode options for configuring an EtherChannel bundle on a switch. EtherChannel Mode Option...
Page 237: Verifying The Etherchannel Configuration
Verifying the EtherChannel Configuration To verify the EtherChannel configuration on a Set/Clear command−based switch, use this command: catalyst5000> (enable) show port channel ? info Show port channel information statistics Show port channel statistics <mod>...
Page 238: Configuring Etherchannel On An Ios−Based Switch
———— ———— —————————————————————————————— ————————————— ———————— Configuring EtherChannel on an IOS−Based Switch To configure EtherChannel on an IOS command−based switch such as the 1900EN series and 2800 series switches, use the Global Configuration port−channel command followed by the mode (on, desirable, or auto): port−channel mode <on|desirable|auto>...
Page 239: Enabling Portfast On A Set/Clear Command−Based Switch
(enable) Enabling PortFast on a Set/Clear Command−Based Switch To enable PortFast on a Set/Clear command−based switch port, use the following Privileged mode command: set spantree portfast <module/port> enable In this example, 2 is the module number and 1 is the port number: catalyst5000>...
Page 240: Disabling Portfast On A Cli−Based Ios Switch
Disabling PortFast on a CLI−Based IOS Switch To disable PortFast on a Cisco IOS command−based switch, use this Interface Configuration mode command: no spantree start−forwarding Verifying the PortFast Configuration To verify the PortFast configuration on a Set/Clear command−based switch, enter the following Privileged mode command: show spantree <module/port>...
Page 241: Verifying The Uplinkfast Configuration
Verifying the UplinkFast Configuration To verify the UplinkFast configuration on a Set/Clear command−based switch, you can use the following Privileged mode command: show spantree uplinkfast You should get output similar to the following—notice that the VLANs followed by a comma, module number, and port number are forwarding to 3/1: station update rate set to 15 packets/100ms.
Page 242: Viewing The Uplinkfast Configuration On An Ios−Based Switch
Viewing the UplinkFast Configuration on an IOS−Based Switch To view the UplinkFast configuration on an IOS command−based switch, enter the following Privileged mode command: show uplink−fast Viewing UplinkFast Statistics on an IOS−Based Switch To view UplinkFast statistics, use this Privileged mode command: show uplink−fast statistics...
Page 243: Chapter 11: Multilayer Switching
Chapter 11: Multilayer Switching In Depth Earlier in this book, I told you that switches were Layer 2 devices and routers were Layer 3 devices, which fit nicely into those well−known seven layers. You know the seven—the Open System Interconnection (OSI) Reference Model layers.
Page 244: Mls Components
PC and a server at Coriolis. How does my host, a router, or even the switch know which conversation I want on my screen? Why don’t parts of the Coriolis Web site get mixed into the chapter I am uploading? The reason it works is that each flow is assigned an individual port number.
Page 245 Figure 11.1 shows the three MLS components contained in a single switch chassis, such as that of a Cisco Catalyst 5000 or 6000 family switch. Figure 11.1: The MLS components using an internal route processor in an MLS switch. The Cisco 5000 and 6000 families of switches can use multiple internal route processors, such as the...
Page 246: Mls Flows
When a host from one VLAN on the network begins a network flow that is destined for a host on another VLAN, the MLS switch that received the first packet in the flow extracts the Layer 3 information for the flow.
Page 247: Access List Flow Masks
IP address. Any flows that go to a given destination IP address will use this MLS entry. Figure 11.4: An MLS switch and one MLS router. The router has no access list configured, so the flow mask will be Destination−IP.
Page 248: Mls Troubleshooting Notes
Figure 11.5: An MLS switch and two MLS routers. IP Access Lists and MLS Interaction When any interface has an inbound access list applied, the interface where the access list is applied cannot be used for MLS. However, you can apply an output access list on an interface, and it will not affect MLS.
Page 249: Configuring Mls
On a Catalyst 6000, no configuration is needed unless you have disabled MLS. On the MLS−SE, you need to configure the switch to determine the IP destination of the MLS−RP, if it is an external router. If it is an internal MLS−RP, no configuration is necessary. The default behavior of IP is to maintain a cache entry for each destination IP address.
Page 250: Mls Cache
If fastagingtime is not configured to one of the values indicated, it adjusts to the closest value. On the Catalyst 6000, MLS aging is configured somewhat differently. You configure it on the switch using the mls aging command, which has three parameters: normal—Configures the waiting time before aging out and deleting shortcut entries in the Layer 3...
Page 251: Vlan Id
While configuring MLS, it is important to determine which of the MLS−RP interfaces will be MLS interfaces, and to add them to the VTP domain of which your other MLS switches are members. Remember, a switch can be a member of only one domain, and any interfaces participating in MLS on the switch or router must be configured members of that domain.
Page 252: Enabling Mlsp On An Mls−Rp For Ip
MLS−RP(config) no mls rp ip Enabling MLSP on an MLS−RP for IPX If you are using version 12.0 or later of the Cisco IOS, you can also enable MLSP to multilayer−switch IPX packets. To do so, use the following command: MLS−RP (config) mls rp ipx...
Page 253: Enabling Mls On An Individual Interface
Router(config)interface fastethernet 1/1 Use the following command to disable MLS on the interface: Router(config−if)# no mls rp ip Configuring the MLS Switch Engine Configuring the MLS−SE (Catalyst 5000 and 6000) for MLS involves the following tasks: Re−enabling MLS Enabling aging timers Configuring the MLS Management Interface Let’s examine each of these tasks, as well as how to disable each of these features in case they are no longer...
Page 254: Re−Enabling Mls On A Catalyst 5000
Re−enabling MLS on a Catalyst 5000 To re−enable MLS on a Catalyst 5000, use the following command: CAT5000(enable) set mls enable Disabling MLS on a Catalyst 6000 To disable MLS on a Catalyst 6000, use the following command: CAT6000(config) no mls ip Disabling MLS on a Catalyst 5000 To disable MLS on a Catalyst 5000, use the following command: CAT5000(enable) set mls disable...
Page 255: Configuring Long Aging On The Catalyst 6000
Configuring Long Aging on the Catalyst 6000 To configure the long aging time on the Catalyst 6000, use the following command: mls aging long <seconds> An example of using the mls aging long command is as follows: mls aging long 64 Disabling Long Aging on the Catalyst 6000 To disable the long aging time on the Catalyst 6000, use the following command: no mls aging long...
Page 256: Monitoring And Viewing The Mls Configuration
To see which MLS−RPs are configured on an MLS switch, use the following command: MLS−RP> (enable) show mls include Included MLS−RP ——————————————————— 38.187.128.254 38.187.127.254 Console> (enable) Viewing MLS−RP Specifics To display MLS information for a specific MLS−RP on an MLS switch, enter the following: MLS−RP> (enable) show mls rp 38.187.128.254...
Page 257: Displaying Mls Vtp Domain Information
Related solutions: Configuring VTP on a Set/Clear CLI Switch Configuring VTP on a 1900 Cisco IOS CLI Switch Viewing the MLS VLAN Interface Information To view the MLS information about specific interfaces, use the show mls rp interface vlan command as shown here: MLS−RP# show mls rp interface vlan 2...
Page 258: Viewing Mls Statistics On The Catalyst 6000
38.187.128.254 0000808dade0 38.187.127.254 0000808a22b2 Viewing MLS Statistics on the Catalyst 6000 On the Catalyst 6000, you can get information similar to that provided by the previous command by entering the following: CAT6000> (enable) show mls ip Total Active MLS entries = 0 Total packets switched = 0 IP Multilayer switching enabled IP Multilayer switching aging time = 256 seconds...
Page 259: Chapter 12: Hot Standby Routing Protocol
The Cisco switched campus model builds redundancy into the Layer 2 switch block level devices. However, Hot Standby Routing Protocol (HSRP) is designed to build redundancy into the Layer 3 routing devices found in the Distribution layer of a network.
Page 260: Routing Information Protocol
The next sections look at some ways that administrators and engineers have devised to overcome problems related to assigning default gateways, along with the benefits and difficulties in using each technique. Routing Information Protocol Once solution designed to inject Layer 3 routing redundancy allows nodes utilizing IP to use Routing Information Protocol (RIP) to discover secondary routers located on the network.
Page 261: The Solution
The Solution HSRP is a Cisco proprietary protocol developed for redundancy. It defines a group of routers working as one virtual router. It enables host interfaces to continue communicating outside the local segment even if a host interface’s default route fails or the link is down. Basically, HSRP is a group of routers working together as a unit to provide fault tolerance.
Page 262 Active route processor Standby route processor Virtual route processor All other route processors fall into the “other route processor” category. Warning By increasing the number of standby groups on a route processor, you decrease the route processor’s performance and increase latency. You’ll increase the number of standby groups primarily to facilitate load sharing.
Page 263: Hsrp Message Format
Inter−Switch Link (ISL) links are used to transport VLAN information across the links to the different route processors used in each standby group. In order to pass HSRP standby group information between links for multiple VLANs, the interfaces in the group must be configured with ISL.
Page 264: Hsrp Configuration
HSRP Configuration You can configure more than one HSRP group on a Route Switch Feature Card (RSFC) VLAN interface to provide a transparent route processor backup per network. Every VLAN interface within an HSRP group shares a virtual IP and MAC address.
Page 265: Opening A Session On An Internal Route Processor
To configure HSRP on an internal route processor such as an RSFC or RSM, you must start a session using the session command. To start a session on the RSM located in slot 3, use the following command from Privileged mode on the switch Internetwork Operating System (IOS): HSN_5K>(enable) session 3 Trying Router−3…...
Page 266: Assigning An Hsrp Interface Priority
Assigning an HSRP Interface Priority You should increase the priority of the interface in the HSRP group that you would like to be active by default. Always remember that the interface with the highest priority becomes the active route processor for the HSRP group.
Page 267: Removing The Hsrp Hello And Hold Timers
Removing the HSRP Hello and Hold Timers To remove the manual timer settings and return the settings to the default values for HSRP group 3, use the following command: no standby 3 timers Configuring a Clear−Text Password for HSRP Authentication You can specify a clear−text password for the HSRP authentication string for the interface.
Page 268: Enabling Interface Tracking
You selected and entered the VLAN interface you want to have configured (vlan200). You configured the HSRP group and entered the virtual default gateway IP address on that interface. You set the priority accordingly, allowing one route processor to be active and the other to be standby.
Page 269: Using The Debug Command
To get a brief output of all the configured interfaces, you can use the show standby brief command. Using the debug Command By enabling the debug command, it will list the changes in real−time for the HSRP group you specified. This includes the sending and receiving packets through the HSRP.
Page 270: Chapter 13: Policy Networking
Chapter 13: Policy Networking In Depth Behind all switching implementations and configurations lies an area that, if left unattended, can render you and your network defenseless: access security policies. In this chapter, we will discuss the need for and creation of access security policies; we will also focus on how to implement these policies. Security is one of the most important functions in today’s networks.
Page 271: Core Layer Policies
The job of the Core layer is to pass traffic as quickly as possible.
Page 272 Managing Hypertext Transfer Protocol (HTTP) access Access Lists An access list is a list of conditions that control access to the switch, router, or route processor. IP, AppleTalk, and Internetwork Packet Exchange (IPX) access lists are like gatekeepers that control access from or to different segments of the network.
Page 273 access list string as an example: access−list 2 permit 193.5.5.10 0.0.0.255 log Tip An octet is the 8−bit value between each dotted decimal in an IP address. For the IP address of 193.5.5.10 the first octet is 193 and the fourth octet is 10. It is always important to remember which octet you want to mask.
Page 274 Item Network 1 Network First Host Last Host Broadcast Address Subnetting using variable length subnet masks (VLSM) seems pretty easy, doesn’t it? The type of access list defined is identified by the number you assign to the access list. Table 13.3 identifies the types of access lists that can be configured, along with the associated string of numbers that can be used with each type.
Page 275 Tip To disallow the flow of data through any port or interface, use the in syntax. To allow data to flow through the switch but not exit out a certain interface or port, use the out syntax on the outbound interface.
Page 276 LAN topologies. We want subnet 128 to be permitted through to the Core layer on Gigabit Ethernet port g0/0, which connects to the Core layer switch. The second network is used for testing purposes only, so the access list should block any traffic from that subnet from reaching the Core layer switches. For this scenario, we will assume there are no other subnets in our switch block to contend with.
Page 277: Security At The Access Layer
Implementing port security Managing VLANs Configuring Passwords Passwords can be configured on every access method to a Cisco Catalyst switch, by the VTY line, console, Web access, and auxiliary (AUX) ports. Limiting Telnet Access VTY access can be secured with a password—but when a careless administrator walks away from a logged−in Telnet session, the door is open with full access to the entire network.
Page 278: Configuring Banner Messages
MAC address to the secure source address learned by the switch. If a port receives data from a MAC address that has not yet been previously identified, the switch will lock that port and mark the port as disabled. A light on that port will then turn orange, indicating that the port has been disabled.
Page 279: Vlan Management
VLAN Management When you first provide the switch with an IOS, all the ports on the switch are assigned to VLAN1. In a typical environment, VLAN1 is also kept as the management VLAN. As a result, if the ports were not configured or were reset to their defaults, then anyone entering the network on VLAN1 would be in the management VLAN.
Page 280: Creating An Extended Access List
You do not want to apply the access list to an outbound interface, because then the FTP packets would span the switch fabric and use up bandwidth and processing power. You want to apply the access list immediately to the inbound interface to the company’s Distribution layer switch.
Page 281 host A single destination host Match only packets with a lower port number Match only packets not on a given port number range Match only packets in the range of port numbers Now do the same for the destination address identifying the destination of 172.15.10.0: CoriolisRSM1(config)# access−list 199 deny tcp 172.16.10.0 0.0.0.255 172.15.10.0 0.0.0.255 ? Match on the ACK bit...
Page 282: Applying Access Lists Using Access−Class
Let’s create an access list that allows Telnet access to the switch from the IP address 192.151.52.19 (this is the IP address of the only PC that will be used to Telnet into your switch). To do this, use the following command: CAT5KRSM(config)# access−list 5 permit 192.151.52.19...
Page 283: Configuring A Telnet Session Time−Out Value
You can use the lock command to lock an unused Telnet session. After you issue the lock command, the system will ask you to enter and verify an unlocking password. To configure a Set/Clear command−based switch with a time−out value of five minutes, use the following command:...
Page 284: Configuring Banner Messages
To apply the access list, use the following command: CAT5KRSM(config)# ip http access−class 2 You can apply four types of authentication to HTTP access on a switch or router. Table 13.4 describes each of the four types of authentication.
Page 285: Enabling Port Security
You can reset the HTTP TCP port to its default by using the following command: CAT5KRSM(config)# no ip http 50 Enabling Port Security To enable dynamic port security on a Set/Clear command−based switch for module 3 port 3, use the following command: CAT5K>(enable) set port security 3/3 enable Port 3/3 port security enabled with the learned mac address.
Page 286: Displaying The Mac Address Table
CAT5K> (enable) On a Cisco IOS command−based switch, you can use the port secure interface configuration command to enable addressing security. In Interface Configuration mode, to assign a port to allow only one MAC address, use the following command: 2924XL(config−if)# port secure max−mac−count 1...
Page 287 Dynamic Addresses Count: Secure Addresses (User−defined) Count: 0 Static Addresses (User−defined) Count: 0 System Self Addresses Count: Total MAC addresses: Non−static Address Table: Destination Address Address Type VLAN Destination Port ————————— —————— 00−15−20−5c−80−a1 Dynamic 00−15−20−5c−80−a1 Dynamic 00−15−20−5c−80−b4 Dynamic 00−15−20−5c−80−12 Dynamic 00−15−20−5c−80−c5 Dynamic Tip You can use the no port secure command to disable addressing security or to set the maximum number...
Page 288: Chapter 14: Web Management
Standard Edition and you upgrade to the Enterprise Edition IOS, you will see a difference in the CVSM. The Standard Edition is designed to work out of the box; it simply connects desktops to its switch and then to high−speed network backbones. The Enterprise Edition, however, adds scalability. For example, when you’re using the Standard Edition IOS, you can only join an existing switch cluster.
Page 289: Cvsm Access Levels
CVSM Access Levels Once you are on your switch, you can configure privilege levels for users; you can grant up to 15 different user access levels. You can use these accounts and access levels for users to log on to the CVSM. The privilege access levels boil down to three types: User EXEC mode (level 1), Privileged EXEC mode (level 3), and Full Access (set by specifying 15).
Page 290: The Switch Image
The Switch Image Each port on the switch image has an LED above it. The following LEDs, as a group or individually, display information about the switch and its individual ports: Port Status (STAT)—The default view of the switch image. It focuses on the actual status of the individual ports.
Page 291: Configuring The Switch With An Ip Address And Setting The Default Web Administration Port
Configuring the Switch with an IP Address and Setting the Default Web Administration Port When a switch is first plugged in and finishes initializing, no IP address is configured. You do not have to configure an IP address, but having one in place will help you manage your switch.
Page 292: Connecting To The Web Management Console
Basic System Configuration Page shown in Figure 14.1. Figure 14.1: The home page of the Web Management Console. Take some time to get to know what the Switch Manager has to offer. Beginning from the top, from left to right, you have the following options: Note This list covers only the options located at the top of the frame.
Page 293 Figure 14.2: This page allows you the ability to configure port speeds, view statistics, name the ports, and manage various switch modules if they have been inserted into the switch. ADDRESS—The Address Table Management page. This page manages the Dynamic Address Table, the Permanent Unicast Address and Port Security Table, and the Multicast Address Table.
Page 294 STP—The Spanning Tree Management page. This management page allows you to enable or disable STP on the specific switch ports, modify various Spanning Tree parameters, and configure STP. Among other things, you can set the path cost, priority, and port fast mode. For an example, see Figure 14.5.
Page 295 Figure 14.6: The CDP Management page allows you to choose which ports you want defined for CDP. SPAN—The SPAN Configuration and Port Monitoring page. Here you have the option of selecting the port to which you want to send the captured frames and the ports to be monitored. See Figure 14.7.
Page 296 STATISTICS—The Statistics Reports page. Here you can reset individual statistics or all statistics captured on each port. Figure 14.9 shows an example. Figure 14.9: This page allows you to reset the individual ports or all ports on the switch. You can also view various receiving and forwarding information.
Page 297: Configuring The Switch Port Analyzer
device.
Page 298 Click on the ports you want to monitor in the Ports Not Monitored window. Click on the Add button to move them to the Ports Monitored Window. Select the port you wish to monitor from by choosing from the pull−down menu next to Select Monitoring Port.
Page 299: Chapter 15: The Standard Edition Ios
IOS on the Cisco Catalyst 1900 and 2820 series. Main Menu Choices When you log on to the 1900 switch you are presented with a Main Menu that looks similar to the following: Catalyst 1900 − Main Menu [C] Console Settings...
Page 300: [C] Console Settings
[D] Default mode of status LED—This displays one of three status LEDs: port status, duplex status, and utilization of the switch. You can select the display mode by pressing the mode button on the front panel. Once a mode is selected and the mode button is released, the display automatically returns to the default status after 30 seconds.
Page 301: [S] System Menu
[P] Network Port—This option specifies the port to which all unknown unicasts are forwarded. You can specify a port in the range of port numbers on the switch: A indicates port 25, B indicates port 26, AUI indicates the AUI port, and N indicates None.
Page 302: [N] Network Management
[X] Exit to previous menu Enter selection: In order to use Telnet or SNMP to manage the switch, an IP address must be assigned to the switch. The following are the settings from the IP Configuration menu: [I] IP address—Configures the IP address on the switch.
Page 303 [L] LinkUp/LinkDown trap generation—Informs the switch of the actions to take when the port changes its state from suspended, down, or up from STP. It also notifies the switch when an address violation has occurred, link errors are present, or a manual configuration error had been found.
Page 304 By default, the Cisco Catalyst 1900 and Catalyst 2820 series switches send certain trap messages. Trap messages are sent by default in response to the following events: Port security violations Power recycling (powering on and off) Logon authentication failures STP port changes STP bridge assignments Broadcast threshold problems Power supply problems...
Page 305: [P] Port Configuration
The device’s capabilities are indicated by letters: R indicates a router, T indicates a Trans Bridge, B indicates a Route Bridge, S indicates a switch, P indicates a repeater, H indicates a host, and I indicates IGMP.
Page 306 Suspended−not−present—A module in an expansion slot (on the 2820 series only) cannot be detected. Suspended−not−recognized—The switch cannot detect the switch port or a module in the expansion slot (on the 2820 series only). Disabled−self−test—The port has been disabled due to a self−test failure.
Page 307 [N] Next port—This option is used to forward to the next configurable port. [G] Goto port—This option is used to configure any identified port. [P] Previous port—This option is used to configure the previous configurable port. [X] Exit to Main Menu—This option returns you to the Main Menu. Let’s take a look at the options available on the 2820 using an FDDI module on port A1: Catalyst 2820 −...
Page 308: [A] Port Addressing
MAC address to use the port. [L] List addresses—Displays all the static and dynamic MAC addresses that the switch has learned are attached to the port. The screen displays the first 15 entries beginning with those that have been statically configured.
Page 309: [D] Port Statistics Detail
The following list shows the Monitoring Configuration menu options and a description of each: [C] Capturing frames to the Monitor—Allows you to enable or disable port monitoring on the switch. [M] Monitor port assignment—Allows you to indicate the port to which captured frames are sent. The default is None.
Page 310: [R] Multicast Registration
[R] Multicast Registration By default, the switch forwards all multicast packets to all ports on the switch. To reduce the amount of multicast flooding on the switch, you can register multicast addresses and list the ports to which these packets are to be forwarded.
Page 311: [I] Rs−232 Interface
[T]System TFTP upgrade Enter Selection: The switch firmware version and the amount of Flash memory are displayed in the System Information area of the Firmware Configuration menu. The following list displays each option and its description: [S] TFTP Server name or IP address—Allows you to enter the server name or the IP address of the TFTP server where the upgrade file is located.
Page 312: [U] Usage Summaries
[M] Match remote baud rate (auto baud)—Allows you to enable or disable the console port from automatically matching the baud rate of an incoming call. The switch only matches a baud rate that is lower than its configured baud rate.
Page 313 Errors: FCS errors Alignment errors Giant frames Address violations Select [A] Port addressing, [C] Configure port, [N] Next port, [P] Previous port, [G] Goto port, [R] Reset port statistics, or [X] Exit to Main Menu: [A] Port Addressing Report—This option displays the Port Addressing report, which displays the number of MAC addresses and the MAC addresses assigned to a port: Catalyst 1900 −...
Page 314: Configuring Network Settings On The 1900 And 2820 Series
[X] Exit—This option returns you to the Main Menu. Configuring Network Settings on the 1900 and 2820 Series To configure a 1900 or 2820 series switch, follow these steps: Plug in your switch. You should see the following display: Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc.1993−1999...
Page 315: Configuring Broadcast Storm Control On Switch Ports
Select [P] (ping); then, if you have a client attached to your switch, try to ping a host on that particular subnet. If you can do so, your configuration was successful.
Page 316: Configuring Snmp On The 1900 Series
Enter Selection: This menu has options to give a client read or write access to the local SNMP log files on the switch. Let’s say we want to configure a read string for remote clients to access 1900 switch SNMP log files.
Page 317 [4] Fourth READ community string [X] Exit to previous menu Enter Selection: 1 This command configures the community string the switch will recognize on all SNMP read ( Enter READ community string: Current setting ===> public New setting ===> Techs Remember that all SNMP traps are case sensitive, so you will want to have your SNMP configurations well documented to reduce human error.
Page 318 [D] Fourth WRITE manager name or IP address [X] Exit to previous menu Enter Selection: 1 This command configures the community string the switch will recognize on all SNMP read/w Enter WRITE community string: Current setting ===> private New setting ===> techwrite Again, once you have entered the new setting, your screen will automatically refresh.
Page 319: Configuring Port Monitoring On The Standard Edition Ios
Enter Selection: A SNMP Trap Manager is the management station to which the switch will send any SNMP traps (alerts). The types of traps the switch can send are authentication traps, linkUp/linkDown traps, among others. From the Management Console, up to 4 Trap management stations can be defined.
Page 320: Configuring Vlans On The Standard Edition Ios
——————————— Actions ——————————————————————————————————— [A] Add ports to capture list [D] Delete ports from capture list [X] Exit to Main Menu Enter Selection: A This command adds ports to the capture list. Actual monitoring takes place only if all of the following information has been properly configured: 1) the capturing status, 2) the identity of a port to which monitored frames are sent, and 3) a non−empty capture list.
Page 321 VTP mode may be set to [C]lient, [S]erver or [T]ransparent: Current setting ===> Server New setting ===> Server Select [A] to add an Ethernet VLAN to the switch. You’ll see the following: The following VLAN types can be added: [1]Ethernet, [2]FDDI, [3]Token−Ring, [4]FDDI−Net, or [5]Token−Ring−Net Select a VLAN type [1−5]: 1...
Page 322 That’s it. You completed the configuration. Related solutions: Configuring a Static VLAN on a Catalyst 5000 Series Switch Configuring Multiple VLANs on a Catalyst 5000 Series Switch Creating VLANs on a Catalyst 1900EN Series Encapsulation type: Unknown 1−1005 2−1001 [E] Add Pruning Eligible VLAN(s)
Page 323: Configuring Spanning Tree Protocol
Assigning a Static VLAN to an Interface on a 1900EN Series Configuring Spanning Tree Protocol To configure Spanning Tree Protocol, start from the Main Menu and do the following: Select option [N], Network Management. From the Network Management menu, select option [B]: Catalyst 1900 −...
Page 324 [4] Configuration option 4 [O] VLAN bridge operating parameters ————————————————————— Actions ———————————————————— [E] Enable spanning tree(s) [C] Uplink Fast statistics Related solution: Enabling STP on a Set/Clear Command−Based Switch 2−64 Enabled [D] Disable spanning tree(s) [X] Exit to previous menu Found on page:...
Page 325: Chapter 16: Switch Troubleshooting
No Power The first indicator of a problem is the failure of a switch to power up. If there is no power to the switch, meaning the fan does not power up and no indicator lights appear lit on the front or back of the switch, follow these steps: Check the physical cable for breaks or an unsecure connection.
Page 326: Indicator Lights
16/26 Tip If the light turns green, the test has been passed. The switch will not boot if all the tests are not passed, with the exception of the realtime clock test. You can enter the Diagnostic Console on a 1900/2820 series switch to activate debugging or firmware upgrade options.
Page 327: Switch Cabling
Multimode fiber (full) Single−mode fiber It’s hard to use a network sniffer on a switch the way you can in a flat topology network, because the switch isolates traffic, segments broadcast domains, and makes each port the collision domain. This isolation forces an administrator to manually connect a network sniffer to each port on a switch to monitor the traffic.
Page 328: Cable Problems
A connection to a network node from a switch or hub uses a straight−through cable. A crossover cable is used to connect two network devices: a hub to a hub, a switch to a switch, a switch to a router, and so on. Many times in my classroom or on the job, I have come across someone who couldn’t get a connection between...
Page 329: Ios Software Troubleshooting Commands
Cisco IOS. These applications are helpful and will be discussed later in this chapter. Let’s look at some the commands that you can use to view the switch configuration and perform diagnostics in order to troubleshoot switch problems and configuration issues. We’ll describe the following commands;...
Page 330 By using the show cam command, you can view the list of known MAC addresses for interfaces attached to each switch port. If you are in a network where the administration of network devices is divided within the organization, I recommend that a central process be created to review and document assigned MAC addresses and thereby avoid this duplication problem.
Page 331 Related solution: Creating an EtherChannel on a Set/Clear Command−Based Switch show spantree The use of spanning trees is a necessity in today’s networks in order to provide for redundant links and at the same time avoid a data looping problem.
Page 332: Viewing The Set/Clear Ios Configuration
1900EN series switches. show test The show test command can be used to obtain the status of the switch, interface cards, power supplies, Enhanced Address Recognition Logic (EARL) tests, or active loopback. It also displays the memory status of the read−only memory (ROM), flash electrically erasable programmable ROM (EEPROM), serial EEPROM,...
Page 333 set system contact Sean Odom/Gina Galbraith #snmp set snmp community read−only set snmp community read−write set snmp community read−write−all all set snmp rmon disable set snmp trap enable module set snmp trap enable chassis set snmp trap enable bridge set snmp trap enable repeater set snmp trap enable vtp set snmp trap enable auth set snmp trap enable ippermit...
Page 334 set vlan 1003 name Token−Ring−default type trcrf mtu 1500 said 101003 state active parent 0 ring 0x0 mode srb aremaxhop 7 stemaxhop 7 #spantree #uplinkfast groups set spantree uplinkfast disable #vlan 1 set spantree enable 1 set spantree fwddelay 15 1 set spantree hello 2 1 set spantree maxage 20 1 set spantree priority 32768 1...
Page 335 set logging level snmp 2 default set logging level spantree 2 default set logging level sys 5 default set logging level tac 2 default set logging level tcp 2 default set logging level telnet 2 default set logging level tftp 2 default set logging level vtp 2 default set logging level vmps 2 default set logging level kernel 2 default...
Page 336: Viewing The Cli−Based Ios Configuration
2/21 10 set spantree portcost 2/1−10,2/13−16,2/20,2/22−24 19 set spantree portpri 2/1−24 32 #switch port analyzer set span enable #cam set cam agingtime 1−2,10,1003,1005 300 Viewing the CLI−Based IOS Configuration To view the CLI−based IOS configuration, use the show running−config command. Let’s take a look at an example of the output from this command: 1912EN#show running−config...
Page 337: Viewing The Software Version On A Set/Clear Command−Based Ios Module
Using the show flash Command on a Set/Clear Command−Based IOS You can use the show flash command on a Set/Clear command−based IOS switch. You can view use optional syntaxes to view the individal chip or file system information. Let’s take a look at the command and its...
Page 338: Testing The Supervisor Engine Hardware On A Set/Clear Command−Based Switch
Testing the Supervisor Engine Hardware on a Set/Clear Command−Based Switch To test the Supervisor Engine module on a Set/Clear command−based switch, use the show test command. Let’s take a look at the command, its optional syntax, and an example of its output: show test [module number] Catalyst5002>...
Page 339: Testing External Module Hardware On A Set/Clear Command−Based Switch
Viewing the System Configuration on a Set/Clear Command−Based Switch To view the system configuration on a Set/Clear command−based IOS switch, use the show system command. Let’s take a look at the command and an example of its output: Catalyst5002> (enable) show system PS1Status PS2Status Fan−Status Temp−Alarm Sys−Status Uptime d,h:m:s Logout...
Page 340: Viewing The Vtp Domain Configuration On A Set/Clear Ios
The show vtp domain command can be used to obtain the VTP domain configuration on a Set/Clear command−based IOS switch. Let’s take a look at the command and an example of the output associated with Catalyst5002> (enable) show vtp domain Domain Name —————————————————————————...
Page 341: Viewing The Vlan Configuration On A Cli−Based Ios
Catalyst5002> Viewing the VLAN Configuration on a CLI−Based IOS To view the VLAN configuration on a CLI−based IOS switch, use the show vlan command. Let’s look at the command, its optional syntax, and an example of its output: 1912EN#show vlan ? <1−1005>...
Page 342: Viewing The Spanning Tree Configuration On A Cli−Based Ios
Catalyst5002> (enable) show spantree VLAN 1 Spanning tree enabled Spanning tree type Designated Root Designated Root Priority Designated Root Cost Designated Root Port Root Max Age 20 sec Bridge ID MAC ADDR Bridge ID Priority Bridge Max Age 20 sec Port Vlan Port−State ————————...
Page 343 Port Ethernet 0/1 of VLAN2 is Forwarding Port path cost 100, Port priority 128 Designated root has priority 32768, address 0000.0C00.4BD0 Designated bridge has priority 32768, address 0000.0C00.4BD0 Designated port is Ethernet 0/7, path cost 0 Timers: message age 20, forward delay 15, hold 1 Port Ethernet 0/2 of VLAN2 is Forwarding Port path cost 100, Port priority 128 Designated root has priority 32768, address 0000.0C00.4BD0...
Page 344: Viewing The Cam (Mac Address) Table On A Set/Clear Command−Based Ios
Viewing the CAM (MAC Address) Table on a Set/Clear Command−Based IOS A switch uses the CAM table to make forwarding decisions on the switch. Let’s take a look at the available command options, syntaxes, and an example of the output using the show cam command: Catalyst5002>...
Page 345: Viewing The Cdp Neighbors On A Set/Clear Command−Based Ios
IP Address: 68.27.187.254 Holdtime: 150 sec Capabilities: ROUTER Version: Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500−IO−L), Version 12.0(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986−1999 by cisco Systems, Inc. Platform: cisco 2500 Port−ID: FastEthernet0 Port: 2/1 Device−ID: 1900EN.coriolis.com Device Addresses: IP Address: 68.27.187.253...
Page 346: Viewing Individual Port Cam Tables On A Cli−Based Ios
1912EN#show cdp neighbors Capability Codes: R − Router, T − Trans Bridge, B − Source Route Bridge S − Switch, P − Repeater, DeviceID IP Addr 1005 68.127.187.254 1912EN# Viewing Individual Port CAM Tables on a CLI−Based IOS The show mac interface command allows you to view the MAC addresses associated with each individual port.
Page 347 Dely−Exced MTU−Exced In−Dcrd Lrn−Dcrd In−Lost Out−Lost 2/10 2/11 2/12 Port Rcv−Unicast Rcv−Multicast 326653 2465834 99675 345562 2/10 2/11 2/12 Port Xmit−Unicast Xmit−Multicast 8809 5798 6260 7341 2/10 2/11 2/12 Port Rcv−Octet 3346321 3442573 6738753 234434 2/10 2/11 2/12 Rcv−Broadcast 3444 72348 1755 566432...
Page 348: Viewing Port Statistics On A Cli−Based Ios
Last−Time−Cleared —————————————————————————— Sat Sep 23 2000, 11:29:11 Viewing Port Statistics on a CLI−Based IOS To view the port statistics on a CLI−based IOS, use the show usage command. Let’s take a look at the command, the options available, and an example of its output: 1912EN#show usage ? exception Display exception statistics report...
Page 349: Using The Port Configuration On A Set/Clear Command−Based Ios
Using the show port Command on a CLI−Based IOS The show port command can be used on a CLI−based IOS switch to view the port configuration. Let’s take a look at the command, its syntaxes, and an example of its output:...
Page 350: Using The Show Vlan Command On A Set/Clear Command−Based Ios
Using the show vlan Command on a CLI−Based IOS You can use the show vlan command on a CLI−based IOS switch to obtain configuration information for each VLAN. Let’s look at the command, its optional syntaxes, and an example of its output: show vlan <vlan>...
Page 351: Using The Show Interface Command On A Set/Clear Command−Based Ios
Using the show interface Command on a Set/Clear Command−Based IOS You can view information about the switch network interfaces using the show interface command on a Set/Clear command−based IOS. Let’s take a look at the command, its available option, and an example of its...
Page 352: Using The Show Log Command On A Set/Clear Command−Based Ios
Receive Statistics —————————————————————————————————— Total good frames Total octets Broadcast/multicast frames Broadcast/multicast octets Good frames forwarded Frames filtered Runt frames No buffer discards Errors: FCS errors Alignment errors Giant frames Address violations 1912EN# Using the show log Command on a Set/Clear Command−Based On the Set/Clear command−based IOS, you can view the stored logs by using the show log command.
Page 353: Configuring Span For Port Monitoring On A Set/Clear Command−Based Ios
<source VLAN> <destination module/ destination port> [rx|tx|both] Launching the Diagnostic Console on a Cisco 1900 or 2820 Series Switch To launch the Diagnostic Console on the 1900 or 2820 series switch, follow these steps: Attach a terminal or PC to the console port.
Page 354: Using The Diagnostic Console To Upgrade The Firmware On A Cisco 1900 Or 2820 Series Switch
Cisco 1900 or 2820 Series Switch Follow these steps to upgrade the firmware on a Cisco 1900 or 2820 series switch: Press the Mode button on the front of the switch while booting, to enter the Diagnostic Console, as shown here: ———————————————————————————————————————————————————...
Page 355: Using The Diagnostic Console For Debugging The Firmware And Hardware
Do you wish to continue with the download process, [Y]es or [N]o? By answering [Y]es here, the switch immediately deletes the IOS from the Flash. It doesn’t give you any warning. The configuration is left to run on the new IOS that is installed: Erasing invalid flash −...
Page 356 [T] Toggle byte/word display [V] Value for output ————————————————Actions———————————————— [I] Input [O] Output [X] Exit to Previous Menu Enter Selection: Here is an example of the output from the [M] Memory (CPU) I/O option: Enter Selection: M Diagnostic Console − Memory (CPU) I/O ————————————————Settings————————————————...
Page 357: Appendix A: Study Resources
Dallas/Ft.Worth Cisco Users Group, Texas—http://dfw.cisco−users.org/ Denver Cisco Users Group, Colorado—www.twpm.com/dcug/ Groupstudy.Com—http://www.groupstudy.com/ Kansas City Cisco Users Group, Kansas—www.cugkansas.com/home.cfm New England Cisco Systems Users Group—http://www.ciscousers.com/ Northern California Cisco Users Group, Sacramento, California—www.csecnet.com/cisco/index.htm Omaha Cisco User Group, Nebraska—http://www.teklnk.com/ Sacramento Placer County Cisco Users Group, California—http://www.cisco−cert.org/ Southern California Cisco Users Group—http://www.sccug.org/...
Page 358: Online Resources
Configuring User Interface—www.cisco.com/univercd/cc/td/doc/product/atm/c8540/wa5/12_0/12_3/sw_conf/admin.htm Hot Standby Router Protocol HSRP frequently asked questions—www.cisco.com/warp/public/619/3.html Frequently asked questions and solutions—www.cisco.com/warp/public/619/3.html Sample configuration of HSRP—www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs009.htm Inter−Switch Link ISL Functional Specification—www.cisco.com/warp/public/741/4.html ISL Trunking on the Catalyst 5000 and 6000 Family Switches—http://www.cisco.%20com/warp/public/793/lan_switching/2.html IP Multicast Higher−level Protocols Used with Multicast—www.ipmulticast.com/community/whitepapers/highprot.html...
Page 359: Quality Of Service
Quality of Service Quality of Service Overview—www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/qos_c/qcdintro.htm Configuring Quality of Service on a Cisco Catalyst 6000—www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_5_4/config/qos.htm Configuring IOS Quality of Service on the Catalyst 6000 Family—www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios127xe/qos.htm Spanning Tree Protocol Configuring STP on a Cisco Catalyst 2900—www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35sa6/olhelp/stphelp.htm Configuring STP on a Cisco Catalyst 6000—www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_5_3/cofigide/spantree.htm TACACS+ Configuring TACACS+ and RADIUS on the Catalyst 5000, 5500, 4000, and 2900...
Page 360: Cisco Job Search Sites
Internet Engineering Task Force (IETF)—This organization is responsible for the TCP/IP, Simple Network Management Protocol (SNMP), and Internet standards. A lot of its work relates to upgrading and enlarging the TCP/IP protocol suite and networks utilizing that protocol. The IETF Web site can be found at http://www.ietf.org/.
Page 361: Appendix B: Basic Ios Cli−To−Set/Clear Commands
Table B.1: 1900EN commands mapped to 5000 commands. 1900EN IOS−Based Switch description <description_string> duplex <auto|full|full−flow−control|half> <mod|number> enable password level 1 <password> Sets the switch enable password level 15 <password> Sets the enable hostname <name> ip address <ip_address> <netmask> no trunk−vlan <vlan_range> no spantree <vlan−list>...
Page 362 show vlan show vtp spantree <vlan−list> spantree cost <cost−value> spantree priority <priority−value> spantree start−forwarding spantree−template spantree−template spantree−template uplink−fast trunk <on|off|desirable|auto|nonegotiate> vlan <vlan_number> name <vlan_name> vlan−membership static <vlan> vtp <mode> vtp <name> vtp password <password> configuration Shows the VLAN show vlan configuration Shows the VLAN show vtp domain...
Page 363: Appendix C: The Cisco Consultant
Appendix C: The Cisco Consultant Overview On the side, I run a small consulting company. When I tell people that I am a Cisco consultant, they usually reply, “Oh”; or, they ask how well Cisco’s stock is currently doing. Consulting means that you work from one project to another on a freelance basis.
Page 364: Come Off As An Expert
Make sure you are on time for your first appointment with the customer. Turn off your cellular phone (let voice mail be useful for once) and put your pager on vibrate. You want to project to the customer that he or she is the most important person in the world at that moment.
Page 365: Estimating The Cost
(briefly, this term refers to the fact that buying equipment correctly up front will be significantly cheaper than upgrading individual components later when it becomes necessary). Customers may not want to invest more money than they have to in the short term, but sometimes they will—and you wind up making a much bigger sale.
Page 366: Contracting
Contracting When you first go into business as a consultant, you should have a contract that is created by an attorney and authorized by your insurance carrier. Once you have the contract in a word−processing document form that outlines your liabilities and those of the customer, you can modify the contract to suit each individual customer.
Page 367: Failing To Manage Your Time
would only be there a week or so. The first day the contractor showed up, we gave him the initial payment for his work. He did a great day of work, removing the old flooring, vents, cabinets, toilet, and other fixtures. He said he would be back the next day to work some more—but the next day came and went, and he failed to show up.
Page 368: Failing To Take Responsibility
Failing to Take Responsibility If you realize that you failed to contract an item, you should absorb the cost if it is small. No one feels more nickeled and dimed than a person who has hired a consultant, when the consultant says he forgot to add a cable and will be charging another $10 five times.
Page 369: Appendix D: Cisco 1912En And Catalyst 5000 Configuration Practice Lab
Appendix D: Cisco 1912EN and Catalyst 5000 Configuration Practice Lab Today Joe Snow, our imaginary consultant, has received a Catalyst 1912EN switch, a Catalyst 5000 with a Supervisor Engine III, and a 24−port 10/100 Ethernet module. Joe has taken both the switches out of the box and has assembled all the devices into a rack. At present, neither switch is configured;...
Page 370: Lab Objectives
One Cisco 2600 router. (Any Cisco router from the 2600 series through the 7000 series will work fine as a substitute as long as it has at least two 10/100 Ethernet ports. A 10Mbps attachment unit interface [AUI] port will not work, because Inter−Switch Link [ISL] needs to use a 100BaseTX port for optimum trunking support.) Note For this lab, the Cisco 2620 series router has been previously configured with its basic configuration.
Page 371: Possible Solution
The 1912 Basic Configuration To configure the Cisco Catalyst 1912EN, follow these steps: Access the Cisco Catalyst through the Console port and configure the switch. Choose K to access the command−line interface. The initial password is to just press Enter, as shown here: Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc.
Page 372 1912EN(config)#vlan 2 name CAD 1912EN(config)#vlan 3 name Graphics 1912EN(config)#vlan 4 name DocProduction Assign the VLAN number that matches the Ethernet port number on the front of the switch: 1912EN#config terminal Enter configuration commands, one per line. End with CNTL/Z. 1912EN(config)#interface e0/2 1912EN(config−if)#vlan−membership static ?
Page 373: The Catalyst 5000 Basic Configuration
Retype new password: coriolis2 Password changed. Catalyst5000(enable) Enter the IP address and the default gateway (router) for the switch. The switch must be configured on the SC0 interface: Catalyst5000> (enable) set interface sc0 63.78.39.174 255.255.255.0 Interface sc0 IP address and netmask set.
Page 374: Configuring The Cisco 2621 Interface For Isl Trunking
Port(s) 2/24 trunk type set to isl. 2000 Oct 19 12:32:46 %DTP−5−TRUNKPORTON:Port 2/24 Enable this switch to be a VTP client for the Coriolis VTP domain. By doing this step you will propagate VLAN information to and from the 1912EN switch: Catalyst5000>...
Page 375: Appendix E: Switch Features
Appendix E: Switch Features This appendix is dedicated to helping you determine which switch needs to be placed in your network. If the wrong switch is placed in each point in your network the load can cause severe problems, including bottlenecks or load failures.
Page 376: Cisco Catalyst 2820
10/100 auto−negotiation. Auto−negotiation allows the switch to negotiate the switch port speed and duplex based on the type of traffic being sent to the switch by the sending interface. The models available in this series are the 2908 XL, 2912 XL, 2916 XL, and the 2924 XL.
Page 377 2926F. The Catalyst 2926GS and 2926GL each support uplinks of up to 800Mbps. These FEC ports can be configured between two switches, two routers, or a switch and a router. Special configurations and Network Interface Cards (NICs) also allow a server to be configured with FEC uplinks to a router or switch.
Page 378: Cisco Catalyst 3000
1,700 Cisco Catalyst 3500 Series XL The Cisco Systems Catalyst 3500 series XL is a scalable line of stackable 10/100 and Gigabit Ethernet switches. These switches provide high performance and investment protection for companies that are expanding their switched networks. The three major applications for the 3500 series XL are as follows:...
Page 379: Cisco Catalyst 3900 Series
Catalyst 3900 switches or to remove any one switch without needing to have the power cycled or turned off. A Cisco Systems proprietary shielded cable (1 meter long, with a 50−pin connector at each end) is used to connect the switches participating in the switch stack. The cable uses cross−over wiring so either end can be used for either side of the connection.
Page 380: Distribution Layer Switches
FlexSlot accommodating two expansion modules or one double−wide module for future expansion Nine−pin EIA/TIA−232 interface for local console or modem connectivity Automatic 4−, 16−, and 32Mbps speed adaptation TokenChannel switch interconnect MAC address and protocol (DSAP/SNAP) filters IEEE and IBM Spanning−Tree Protocol The Catalyst 3920 provides the following features: Twenty−four shielded Token Ring ports for 150−ohm STP or 100−ohm UTP connectivity...
Page 381: Cisco Catalyst 4000 Series
1 to 25 million pps. The 5509 supports 10/100 Ethernet, or Gigabit Ethernet for backbone applications, with over 25 million pps switching performance. The 5500 is the most versatile switch in the Catalyst series, with the ability to support LightStream 1010 ATM switching or Catalyst 8500 Layer 3 switching line cards as well as all the Catalyst 5000 series line cards.
Page 382: Catalyst 6000 Series
1,000 Table E.10 shows the switching modules, the ports available for each module, and the maximum allowable ports on each switch chassis. Table E.10: Catalyst 5000 family port densities for each switch chassis. Switching Module Ports Supported per Module Gigabit Ethernet 2, 3, 9 Group−Switched...
Page 383: Core Layer/Wan Switches
T1/E1, T3/E3, High−Speed Serial Interface (HSSI), and OC−3. Up to eight FlexWAN modules are supported in a Catalyst 6000 family switch. However, this module does not support modules for Ethernet, Token Ring, FDDI, channel port adapters, encryption service modules, compression service modules, and doublewide port adapters.
Page 384: Cisco Catalyst 8400 Series
Frame Relay traffic. Standards−based messaging on the user−network interface (UNI) enables the Catalyst switch to extend traffic management features to Cisco routers, delivering high QoS across the entire Frame Relay network. Enhanced Local Management Interface (ELMI) also enables automatic Frame Relay traffic−shaping parameter configuration on Cisco routers.
Page 385: Cisco Catalyst 8500 Series
Cisco Catalyst 8500 Series The Catalyst 8500 series multiservice switch routers integrate multiservice ATM switching with wire−speed multiprotocol routing and Layer 3 switching into a single platform that supports Cisco IOS services for QoS and security. The Catalyst 8500 family delivers campus and metropolitan network solutions with scalable performance and lower cost of ownership.
Page 386: Bpx 8600 Series
BPX 8680 Universal Service Node The BPX 8680 Universal Service Node is a scalable IP+ATM WAN edge switch that combines the benefits of Cisco IOS IP with the extensive queuing, buffering, scalability, and QoS capabilities provided by the BPX 8600 series.
Page 387: Mgx 8800 Series
The MGX 8850 wide−area edge switch is designed for carrier−class reliability. Every system component can be configured for 100−percent redundancy, and all MGX 8850 switch modules can be removed and reinserted without impacting service delivery or affecting the performance of other modules. Background diagnostics continually monitor switch functions on active as well as standby modules, ensuring fault−tolerant operation.
Page 388: 12000 Series Gigabit Switch Routers
The MGX 8800 RPM also supports MPLS. It can act as a label edge router or label switch router. It also supports MPLS−VPNs via mulitprotocol BGP extentions, VPN route−target extended BGP community attributes, MPLS forwarding across backbone, and multiple routing/forwarding instances on the provider edge router.
Page 389 The user’s entry point into the switched network. This link connects the NIC in the user’s local resource to a switch or other device such as a bridge or hub that in turn connects to the network backbone or higher−layer switches and routers.
Page 390 Application−Specific Integrated Circuit (ASIC) A feature of many LAN controllers. ASICs are internal to the switch. They work in conjunction with the internal processor to make Layer 2 forwarding decisions. However, they lack the ability to make flexible software−implemented forwarding decisions. Their ability to perform small tasks quickly and inexpensively makes them a key in the switching process.
Page 391 A high−capacity infrastructure system that provides optimal transport on a LAN. Typically in a LAN, the data running from router to router, switch to switch, or switch to router is transported through a faster physical topology than the rest of the local area or virtual LAN devices. The physical cable is called the backbone.
Page 392 A Port to Application Mapping (PAM) module that allows no ATM devices utilizing either T1 or E1 interfaces to attach to an ATM switch backplane. This module can be used to connect private branch exchange (PBX), video conferencing, and non−ATM routers to the network backbone.
Page 393 All the interfaces on a single segment that can send data on the same physical wire. In the case of a switch, all the nodes connected to each individual port are in their own collision domain. In a hub, all the interfaces connected to the hub ports are in their own collision domain.
Page 394 The switch begins forwarding the frame as soon as the first 13 bytes and MAC address are received. It relies on the receiving device to discard the frame if there is corruption.
Page 395 A unit of measurement between the root switch and child switches, calculated from the root bridge with the root bridge counting as the first switch. Each subsequent child switch out from the root bridge is added to come up with the diameter number.
Page 396: E−F
1900 and 2820 switches in software. The ECU is an Intel 486 processor, Flash memory module, and 512K DRAM. It is also used in initializing the switch, using STP on a per−VLAN basis, controlling the LEDs on the chassis, maintaining RMON statistics, and handling in−band and out−of−band management of the switch.
Page 397 As part of normal operations, switches share filter tables. The frame’s contents are compared to the filter table in the switch, thereby increasing the latency of the switch. Frame filtering is not used to implement VLANs in the Cisco Catalyst 5000 or 6000 family of switches.
Page 398: G−I
VLAN information. It retains this information through the switching fabric; the tagging is removed before the frame exits the switch port with the attached destination interface. The process is transparent to the sending and receiving interfaces.
Page 399 A hardware device that connects multiple independent nodes. Also known as a concentrator or multiport repeater. Hypertext Transfer Protocol (HTTP) A protocol used by Web browsers to transfer pages and files from a remote node to your computer. IEEE See Institute of Electrical and Electronics Engineers. IEEE 802.1 Standard that defines the OSI model’s Physical and Data Link layers.
Page 400 Institute of Electrical and Electronics Engineers (IEEE) A professional organization that develops standards for networking and communications. Integrated Local Management Interface (ILMI) A protocol created by the ATM forum to allow any ATM switch and ATM device to communicate using SNMP. Integrated Services Digital Network (ISDN) An internationally adopted standard for end−to−end digital communications over PSTN that permits...
Page 401: K−L
Ethernet or Token Ring devices. LANE provides a bridge from devices using ATM to Layer 2 devices using Ethernet and Token Ring. LAN Module ASIC (LMA) An ASIC in the Cisco Catalyst 3000 series switch that provides frame buffering, address learning, bus arbitration, and switching decisions for Ethernet ports. latency The time used to forward a packet in and out of a device.
Page 402: M−N
VLAN Beneficial for networks whose resources are centralized and in one geographical location. The VLAN can span one switch or many switches within the same floor or building. logical addressing scheme The addressing method used in providing manually assigned node addressing.
Page 403 A single packet transmission from one sender to a specific group of destination nodes. multilayer switches A combination of Layer 2, 3, and 4 switches that use the concept of route once, switch many. multiprocessor Support for multiple processors in a single machine.
Page 404: O−P
Static memory similar to that of the Flash. Information stored in the NVRAM does not get lost when the power is cycled on the device. On a switch, the NVRAM stores the VLAN configuration, system configuration, SNMP parameters, STP configuration, and configuration of each port.
Page 405 (POST) A series of tests run on a Cisco Catalyst switch when the power is turned on. POST tests the hardware, memory, processors, ports, and ASICs to verify they are functioning properly.
Page 406: Q−R
An Ethernet cable connector used with twisted−pair cable, which can support eight conductors for four pairs of wires. Route Switch Feature Card (RSFC) A Cisco router on a card running the Cisco IOS. This card allows the switch to disregard installing an RSM or daughter cards, because they are built into the modules.
Page 407 Runtless switching A switching method in which the switch reads the first 64 bytes to verify that there is no corruption of the packet. If there is corruption, a preset maximum of errors changes the switching type from cut−through switching to store−and−forward switching.
Page 408 IP addresses that are assigned to each network device individually; often referred to as hard−coded. static VLAN port A port on a switch manually assigned a VLAN number. Any node or interface connected to the port automatically becomes a member of the assigned VLAN.
Page 409 A fast packet−switching method that produces a higher latency than other switching methods. The switch waits for the entire packet to arrive before checking the CRC. It then forwards or discards the packet. StreetTalk A global naming service created by Banyan and included with the Banyan Vines network operating system.
Page 410 Trivial File Transfer Protocol (TFTP) A simplified version of FTP, allowing files to be transferred over a network from one computer to another. It’s also used to install the Cisco IOS on an IOS−based switch, router, or Gigabit Switch Router (GSR).
Page 411: U−X
VLANs’ numbered ports. For example, if switch 1 and switch 2 have ports belonging to VLAN 6 and switch 3 does not, it will not forward VLAN 6 traffic on the trunk link to switch 3 unless switch 3 is a gateway to another switch that has VLAN 6 member ports.

This manual is also suitable for:

Catalyst 2820 series Catalyst 2900g series Catalyst 2900 xl series Catalyst 3000 series Catalyst 3500 xl series Catalyst 3900 series ... Show all

Cisco RJ-45-to-AUX Brochure

Cisco Switching Black Book

Introduction

Chapter 1: Network Switching Fundamentals

Chapter 2: Basic Switch Configuration

Chapter 3: WAN Switching

Chapter 4: LAN Switch Architectures

Chapter 5: Virtual Local Area Networks

Chapter 6: Intervlan and Basic Module Configuration

Chapter 7: IP Multicast

Quick Links

Troubleshooting

Related Manuals for Cisco RJ-45-to-AUX

Summary of Contents for Cisco RJ-45-to-AUX