Ciscoメーカー2950の使用説明書/サービス説明書
ページ先へ移動 of 376
Corporate He adquarters Cisco System s, Inc . 170 West T asman Dri ve San Jos e, CA 95134 -1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catal yst 2950 Desktop S witc h Sof tware Configuration Guide Cisco IOS Release 12.
THE SPECIFICATIONS AND INF ORMATION REGARDING THE PRODUCT S IN THIS MANUAL ARE SUBJECT TO CHA NGE WITHOUT NOTICE. ALL STATEMENT S, INFORMATION, AND RE COMMENDATIONS IN T HIS MANUAL ARE BELI EVED TO BE ACCURATE BUT ARE PR ESENTED WITHOUT WARRANTY OF ANY KIND, E XPRESS OR IMPLIED.
iii Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 CONTENTS Preface xv ii Audienc e xvii Pur pose xvii Organi zation xv iii Convent ions xi x Rela te d Publi cation s xx Obtain.
Cont ents iv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Port Mo des and LEDs 2-8 VLAN Member sh ip Modes 2-9 Topolo gy View 2-10 Topolo gy Icons 2-12 Device an d Link Labe.
Content s v Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 CHAPTER 3 Using t he Command -Line I nterface 3-1 IOS Command Mode s 3-1 Gettin g Help 3-3 Abbrevi ating Comma nds 3-.
Cont ents vi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Planni ng a Switch Cluste r 5-4 Automa ti c Discove ry of Cluster Can didates and Members 5-4 Discove ry thr ough C.
Content s vii Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Obtain ing Configurat ion Fil es 6-7 Example Conf igurat ion 6-8 Changin g the Password 6-10 Setti ng the Sys te m .
Cont ents viii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Defini ng AAA Server Groups 6- 31 Config urin g RADI US Authori zation f or Privi leged EXEC Access and Net work .
Content s ix Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 VTP Adver tisement s 8-8 VTP Versi on 2 8-9 VTP Pruni ng 8-9 VTP Confi gura ti on Guid el ines 8-10 Domain Names 8-1.
Cont ents x Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Dynam ic Por t VLAN Member ship 8-29 VMPS Da t ab a se Co nf ig ur at ion Fi le 8-29 VMPS C onfigur ation Guideli ne.
Content s xi Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Limita tions 9-15 Connect ing the Stack P or ts 9-15 Underst anding Bac kbone Fast 9-17 Underst anding Roo t Guard 9.
Cont ents xii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Underst anding th e EtherChannel 10-8 Underst andi ng Po rt-Ch annel In terface s 10-9 Underst andi ng th e Port A.
Content s xiii Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Leavin g a M ulti cast Group 11-6 CLI: C onfig urin g a M ultica st Ro uter P ort 11-7 Underst anding Mul ticast V.
Cont ents xiv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Queuein g and Scheduling 13-8 How Clas s of S ervice Works 13-8 Port Pr iority 13-8 Port Sch eduling 13-8 CoS and .
Content s xv Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Recover ing fr om Cor rupt ed So ftwar e 14-10 Debug C ommands 14-11 Enabli ng Debug ging on a Spe cific Fe ature 14.
Cont ents xvi Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03.
xvii Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Preface Audience The Cataly st 2950 Desktop Sw itch Softwar e Configuration Guide is for the netw ork manager responsible for configuring the Ca talyst 2950 switches, hereafter referred to as the switches.
xviii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Preface Organization • Cluster M anagemen t Suite (CMS) in forma tion — This guide provides a n o verview of the CMS web-base d, switch manage ment inter face.
xix Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Pre face Conventi ons Chapter 9, “ Configur ing STP , ” provides the conside rations a nd CLI proced ures for co nfiguring basic and advanced spann ing-tr ee featur es. The o nline he lp provides the C MS proc edures.
xx Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Preface Related Publi ca tions Cautio n Mean s re a d e r b e c a re f u l . In this s ituation , you might do some thing that coul d result in equip ment dam age or loss of da ta.
xxi Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Pre face Obtaining Techn ical Assistance Documenta tion C D-ROM Cisco documentati o n and additio nal literature are a vailab le in a Cisco Documenta tion CD-R OM packag e, whi ch is shi pped w ith you r produc t.
xxii Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Preface Obtain in g Technical As sistance Cisco.com Cisco.com i s the foundatio n of a suite of in teract i ve, n etworked .
xxiii Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Pre face Obtaining Techn ical Assistance If you ca nnot resol ve your tec hnical issu es by using t he Cisco T A C W eb Site, an d you are a Cisco.com registe red user , you can open a ca se online by u sing the T A C Case Open tool at the follo wing URL: http://www .
xxiv Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Preface Obtain in g Technical As sistance.
C HAPTER 1-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 1 Overview This cha pter provides t hese topics a bout the C atalyst 2950 switch sof tware: • Features • Managem.
1-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Ch ap ter 1 Over v iew Feature s T able 1 -1 Fea tur es Ease of Use and Ease of Deplo yment • Cluster Manageme nt Suite (C.
1-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 1 Overview Features Manageability • Dynamic Host C onfi guration Prot ocol (DHCP)-based autoconf iguration f or aut.
1-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Ch ap ter 1 Over v iew Feature s Red undancy • HSRP for com mand switch re dundancy • UniDirectio nal link detec tion (U.
1-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 1 Overview Features Security • Bridge Protocol Data Unit (BPDU) Guar d for shutting down a Por t Fast-configured po.
1-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Ch ap ter 1 Over v iew Managem e nt Options Management Options The Cat alyst 29 50 swit ches ar e designed for plug -and-play operat ion: you on ly need t o assign ba sic IP information to t h e switch a nd connect it to the other de vices i n your netwo rk.
1-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 1 Overview Manageme nt Options Y ou can mana ge the switch fro m an SNMP-co mpatible m anagemen t station that is run ning platforms such as HP O penV iew or SunNet Man ager .
1-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Ch ap ter 1 Over v iew Netwo rk Conf iguration Ex amples Network Config uration E xamples This secti on provides network co .
1-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 1 Overview Networ k Confi gurati on Examp les Figure 1-1 sh o ws configurat ion examples of using the C atalyst switc.
1-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Ch ap ter 1 Over v iew Netwo rk Conf iguration Ex amples Figur e 1 -1 Example Configur ations Small to Medium-Sized Network Configuration Figure 1-2 sh ows a configurat ion for a networ k that ha s up to 250 us ers.
1-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 1 Overview Networ k Confi gurati on Examp les A network backbone is a h igh-bandw idth conne ction (suc h as Fast Ethern et or Gigabit Et hernet) t hat in te r con n ec ts se gm ents an d net wo rk re so ur ce s.
1-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Ch ap ter 1 Over v iew Netwo rk Conf iguration Ex amples Collaps ed Backbo ne and Switch Cluster Config uration Figure 1-3 sh ows a con figuration for a net work of appro ximate ly 500 empl oyees.
1-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 1 Overview Networ k Confi gurati on Examp les Figur e 1 -3 Collapsed Bac kbone and Switc h Cluster Con figuration Large C ampus Config uration Figure 1-4 shows a co nfiguration for a network o f more t han 1000 u sers.
1-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Ch ap ter 1 Over v iew Netwo rk Conf iguration Ex amples Figur e 1 -4 Larg e Campus Confi guration Catalyst 6500 s witch Ci.
C HAPTER 2-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 2 Getting Started with CMS This cha pter provid es these topi cs about t he Clust er Manag ement Sui te (CM S) softw.
2-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Feature s Features CMS provides these fe atures ( Figu re 2- 1 ) for managing sw itch c.
2-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Features • T wo lev els of access to the conf iguration optio ns: read- write access fo.
2-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Front Panel Vi ew Front Panel View When CMS i s launc hed from a co mmand swit ch, the Fr ont P anel vie w displays the front-pa nel imag es of all switche s in the cluster ( Figur e 2-2 ).
2-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Front Pa nel Vie w Cluste r Tr ee The c lust er tr ee ( Figure 2- 3 ) appears in th e left frame of t he Front P anel vi ew and sh o ws the name of the cluster and a li st of its me mbers.
2-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Front Panel Vi ew Front-Panel Images Y ou can manage th e switch from a remote statio n by using the f ront-panel imag es.
2-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Front Pa nel Vie w Redundant Power System LE D The Redun dant Power System (RPS) LED shows the RPS sta tus ( Ta b l e 2 - 2 ).
2-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Front Panel Vi ew Port Modes and LEDs The por t modes ( Ta b l e 2 - 3 ) determi ne the type of inf ormation d isplayed thr ough the por t LEDs.
2-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Front Pa nel Vie w VLAN Membership Modes Ports in the Front P anel view ar e outlined b y.
2-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Topology Vie w Topology Vie w The T opology vi e w display s how the de vices wi thin a switc h cluster ar e connec ted and how the switch cluster i s connecte d to other cluster s and devices.
2-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Topol ogy View Figur e 2-6 Expan d Cluste r Vie w Figur e 2-7 Collaps e Clust er V iew Right-click a link icon to displa y a link popup menu.
2-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Topology Vie w Topology Icons The T opology vi ew and the cluste r tree us e the sam e set of device icon s to rep resent c lusters, c ommand and stand by command swit ches, and mem ber switc hes ( Figure 2-8 ).
2-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Topol ogy View Figur e 2-9 T opol ogy -View Lin k Icons Device and Link Lab els The T op.
2-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Topology Vie w Colors in the Topo logy Vie w The col ors of the T opology vi ew icons reflect th e status o f the devices and li nks ( Ta b l e 2 - 6 , Ta b l e 2 - 7 , and Ta b l e 2 - 8 ).
2-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Menus and To olbar Menus and Tool bar The conf iguratio n and monitoring o ptions for con figurin g switches and switch clusters a re av ailable from the m enu bar , toolba r , and the Front- Panel and T opology view popup menu s.
2-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Menu s an d Toolbar • If your cl uster has thes e member switc hes running ea rlier .
2-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Menus and To olbar Clust er Cluster M anager 3 Launc h a CMS session from the com mand switch. Create Clus ter 14 Desi gnate a comma nd switch , and name a clu ster .
2-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Menu s an d Toolbar Port Port Settings 2 Display and config ure port pa ramet ers on a switch. Port Se arch Searc h for a port thro ugh its de scrip tio n.
2-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Menus and To olbar Vie w Refresh Update the vie ws with the latest statu s. Front Pa nel D ispla y the F ront Panel view . Arrang e Front Pane l 15 Rear range the o rder in wh ich switch es appe ar in the Fro nt Pa nel vie w .
2-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Menu s an d Toolbar Toolbar The toolba r buttons display commo nly used switc h and cluster con f igurat ion options and i nformati on wind o ws suc h as le gends an d onlin e help.
2-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Menus and To olbar Front Panel V iew Popu p Menu s These popu p menus ar e av a ilable in t he Front Panel view .
2-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Menu s an d Toolbar Topology View Popu p Menus These popu p menus ar e av ailable in the T opology view . Link Popup Menu Y ou can displa y reports a nd graphs for a spec ific link displayed in the T opology vi ew ( Ta b l e 2 - 1 4 ).
2-23 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Menus and To olbar Device Popup Menus Specific devices in the T opology view displ ay a .
2-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Menu s an d Toolbar T able 2-1 7 Device P opup Menu of a Member o r Standb y Command-S witch Ic on Pop up Menu O ption T ask Remove from Clus ter 1 1.
2-25 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Inter action Mo des Interaction Modes Y ou can ch ange the i nteractio n mode of CM S to either guide or expe rt mode. Gui de mode st eps you throug h each feat ure option and provide s inform ation abo ut the par ameter .
2-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Wizards Wizards Note Wizards are not av ailab le if y our switch acce ss level is read- only . For more inform ation abou t the read-o nly ac cess mod e, see the “ Access Modes in CMS ” s e c t i o no np a g e2 - 3 1 .
2-27 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Online Help Online Help CMS provides co mprehen si ve online help t o assist you in under standing an d perfo rming con f igura tion and mon itoring task s from the CM S windows ( Figure 2-11 ).
2-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S CMS W indow Comp onents CMS Window Components CMS window s consistently present conf iguration information. Figure 2-12 shows the component s of a typical CMS window .
2-29 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS CMS Win dow Components Tabs, Lists, and T ables Some CMS w indows hav e tabs that present dif ferent sets of informatio n. T a bs are arrange d like folder headings acr oss the top of the windo w .
2-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Access ing CMS Accessing CMS This sectio n assumes the follo wing: • Y ou kno w th e IP add ress and password of th e command switch or a spec ific sw itch.
2-31 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Acce s sing CM S Access Mo des in CMS CMS pro vides two le vels of access to the conf iguration options: read-write ac cess and read-only ac cess.
2-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Verifying Yo ur Cha nges Verifying Your Changes CMS provides not ification cues to h elp you track an d confirm the chang es you make.
2-33 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 2 Getting Started wi th CMS Using Differ ent Version s of CMS Using Different Versions of CMS When managi ng switch .
2-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 2 Getting St arted with CM S Where to Go Nex t.
C HAPTER 3-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 3 Using the Command-Line Interface This ch apter d escribes the IOS comm and-li ne interfa ce (CLI ) that you ca n use t o configure your switches.
3-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 3 Using th e C omma n d-Line In terface IOS Command Modes T able 3-1 Command Mo de Summary Mode Access Method Prompt Exit Method About This Mode User EXEC B egin a session with your switch .
3-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 3 Using the Comma nd-L ine Interfa ce Getting Help Getting Help Y ou can e nter a q uestion mar k (?) at the syste m prompt t o display a list o f comma nds av ailable fo r each comma nd mode.
3-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 3 Using th e C omma n d-Line In terface Using no and default Forms of Commands Using no and defa ult Forms of Comman ds Almo st e very co nf iguratio n com mand a lso ha s a no form .
3-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 3 Using the Comma nd-L ine Interfa ce Using Com mand History Using Command History The IOS pr ovi des a history o r record o f command s that you ha ve e ntere d.
3-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 3 Using th e C omma n d-Line In terface Using E diting Features Using Editing Fea tures This sec tion descr ibes the e diting features th at can help y ou manipu late the c ommand line.
3-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 3 Using the Comma nd-L ine Interfa ce Using Edit ing Featu res Editing C ommand Lines that Wrap Y ou can use a w raparound feature for com mands that extend b eyond a single li ne on the sc reen.
3-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 3 Using th e C omma n d-Line In terface Searching and F iltering Outp ut of show and m ore Commands T o sc roll back to th e begi nning of the command en try , press Ctrl- B or the left ar ro w ke y repeat edly .
3-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 3 Using the Comma nd-L ine Interfa ce Acce ssi ng the C LI Accessing the CLI This proc edure assume s you have alre ady assign ed IP inform ation and passwor d to the switch or command switch .
3-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 3 Using th e C omma n d-Line In terface Saving Con figur ation Chang es Step 4 Enter the switch password. The User E XEC promp t appears o n the manage ment stati on.
C HAPTER 4-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 4 General Switch Administration This chapt er provides these sw itch administ ration topi cs: • Basic IP connecti .
4-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 4 Ge ner al Switch Ad min istration Switch Softw are Releases Switch Software Releases The swi tch softwar e is regularl y update d with new featur es and bug fix es, and y ou migh t want to upgrad e your Ca ta ly st 295 0 wit h the la tes t sof tw are r elea se.
4-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 4 General Switch A dmi nistratio n HTTP Acce ss to CMS T o conf igure the s witch fo r T el net acces s, follo w thes.
4-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 4 Ge ner al Switch Ad min istration SNMP Networ k Manage m ent Pla tforms • Conf igur ing y our we b bro wser • Displa ying the Cisco Syste m s Access pa ge Y ou can also see the “ Accessing CMS ” s e c t i o no np a g e 2 - 3 0 .
4-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 4 General Switch A dmi nistratio n SNMP Netw ork Mana gement Platf orms The b ulk retrie val me chanism r etrie ve s tables a nd lar ge quantit ies of informatio n, minim izing the number of rou nd-trips re quired.
4-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 4 Ge ner al Switch Ad min istration Default Sett ings As shown in Figure 4-1 , the SNM P agent gathe rs data fro m the MIB, whi ch is the rep ository for inform ation about device parame ters and network da ta.
4-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 4 General Switch A dmi nistratio n Default Settings T able 4-2 Def ault Set tings and Wher e T o Chang e Them Featur .
4-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 4 Ge ner al Switch Ad min istration Default Sett ings Domai n name No ne “ Configuring the D omain Name an d the DNS ” s e c t i o no np a g e6 - 5 . Documen tation set for Cisco IOS Rele ase 12.
4-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 4 General Switch A dmi nistratio n Default Settings Performanc e Configuring a por t None Chapter 10, “ Configurin g the Switch Ports.
4-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 4 Ge ner al Switch Ad min istration Default Sett ings Quali ty of Se rvice ( QoS) 3 Disabled “ Configuring Classification U sing Port T rust States ” s e c t i o no np a g e1 3 - 1 0 .
4-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 4 General Switch A dmi nistratio n Default Settings 802.1X p ort-b ased authentica tion Disabled “ C onf igu ring 8 02.1X A uthe nti cation ” section on page 7-6 .
4-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 4 Ge ner al Switch Ad min istration Default Sett ings.
C HAPTER 5-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 5 Clustering Switches This chapte r prov ides these topics to help you get star ted with switch clustering: • Unde.
5-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Unders tan din g Sw itch Clusters Understandin g Switch Clust ers A switch c luster is a gr oup of conn ected Ca talyst switche s that are m anaged as a singl e entity .
5-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Command Switch Characteristics • If your sw itch clust er has Cata lyst 2900 XL , Catalyst 2 950, an d Catalyst 35 00 XL switche s, the Catalyst 2950 sh ould be t he co mmand s witch.
5-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Planning a Sw it ch Cl ust er Planning a Switch Cl uster Anticipatin g conflicts and c ompatibility issue s is a high priorit y when you manage se veral switche s throug h a cluster .
5-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Planni ng a Swit ch Clust er Discovery through CDP Hops B yu s i n gC D P ,ac o m m a n ds w i t c hc a nd i s c o v e rs w i t c h e su pt os e v e nC D Ph o p sa w a y( t h ed e f a u l ti s three ho ps) from the e dge of the cl uster .
5-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Planning a Sw it ch Cl ust er Discovery through Non-CDP-Capabl e and Noncluster-Capable Devi.
5-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Planni ng a Swit ch Clust er Discovery through the Same Managemen t VLAN When the cluste r has .
5-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Planning a Sw it ch Cl ust er Discovery through Different M anagement VLANs W e strongl y re.
5-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Planni ng a Swit ch Clust er Discovery of Newly Installed Switches A ne w , out-o f-th e-bo x swit ch is se t with t he def ault mana geme nt VLAN , VLAN 1.
5-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Planning a Sw it ch Cl ust er HSRP and S tandby Comma nd Switche s The switc h supports H ot Standby Router Pr otocol (HSR P) so that you can co nfigure a group of stan dby command s witches.
5-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Planni ng a Swit ch Clust er Virtual IP Addresses Y ou need t o assign a uni que virt ual IP addre ss and group num ber and na me to the clu ster stand by group.
5-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Planning a Sw it ch Cl ust er Considerations for Cluster Stan dby Groups In additio n to pr.
5-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Planni ng a Swit ch Clust er Figur e 5-6 VLAN Co nnectivity be tween Sta ndb y -Grou p Members an d Cluste r Members IP Addresse s Y ou must assign IP inf ormatio n to a command switc h.
5-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Planning a Sw it ch Cl ust er Host Names Y ou do not nee d to assign a host name to e ither a command sw itch or an eligible c luster member .
5-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Planni ng a Swit ch Clust er TACACS+ If T ermina l Access Controller Ac cess Control Syste m P.
5-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Crea tin g a Sw itch Cl uster Y o u can glob ally change th e managemen t VLAN for the cluster as lo ng as each member swit ch has eithe r a trunk co nnection o r connection t o the new command-switc h manageme nt VLAN.
5-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Creati ng a Swit ch Cluster Note Refer to the release no tes for the list o f Catalyst switch .
5-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Crea tin g a Sw itch Cl uster Adding Me mber Switc hes A s e x p l a i n e di nt h e “ Au.
5-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Creati ng a Swit ch Cluster Figur e 5-8 A dd to Cluste r Windo w Figur e 5-9 Usi ng the T opolog y Vie w t o A dd Member S witc hes Enter the pass word of the candidate s witch.
5-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Crea tin g a Sw itch Cl uster Creating a Clu ster Stand by Group The cluste r standby group.
5-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Creati ng a Swit ch Cluster Figu re 5- 10 Sta ndby C om ma nd Co nfig urati on Wi ndow 2950C (cisco WS-C2950-C-24, HC, ... NMS-3550-12T -149 (cisco WS-C3550-1 3550-150 (cisco WS-C3550-12T , SC, .
5-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Crea tin g a Sw itch Cl uster Verifying a Switch Cluster When you finish adding c luster me.
5-23 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 5 Clustering Switches Using th e CLI to Ma nage Swit ch Clusters Using the CLI to Manage Swit ch Clusters Y ou can co nfi gure memb er switches fr om the CLI by f irst logg ing into the co mmand sw itch.
5-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 5 Clusterin g Switches Using SNMP to Ma nage Switch Cl ust ers Using SNMP to Manage Switc h Clusters When you first po wer on the switc h, SNMP is enable d if you enter the IP informa tion by using the setup program a nd accep t its propose d configuration.
C HAPTER 6-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 6 Configuring the System This cha pter provides i nformati on about chan ging switc h-wide co nfiguration se ttings.
6-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Changing IP In formation Manually Assigning and Removing Switch IP Information Y ou can manual ly assign a n IP addre ss, mask, and defaul t gateway to the swit ch.
6-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Changing IP Infor mation Note DHC P replaces the Bootst rap Protocol (BOO TP) featu re autocon f igurat ion to ensure re triev al of conf iguration f iles by unicast TFTP me ssages.
6-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Changing IP In formation In a DHCPRE QUEST broadc ast message , the client r eturns a re quest for the offered configura tion informatio n to the DHCP server .
6-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Changing IP Infor mation Note If the config uration file o n the switch does not contain t he IP address, the switch obta ins its address, mask, g ate way IP address, and hos t name from DHCP .
6-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Changing IP In formation Y o u can sp ecify a de fault d omain na me that th e softw are uses to co mplet e domain nam e reques ts. Y ou can speci fy either a singl e domain nam e or a list o f domain n ames.
6-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Changing IP Infor mation Figur e 6-2 Rela y Device Used in A ut oconfigur ation For CLI procedur es, refe r to the Cisco IOS Relea se 12.1 docum entati on on Cisco.
6-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Changing IP In formation After obtain ing its host name from the de fault con figu ration fil e or the DHCP reply , t he switch reads the conf iguration f ile that has the same name as its host name ( hostname -conf g or host name .
6-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Changing IP Infor mation DNS Server Co nfigurati on The DNS ser ver map s the TFTP ser ver n ame mar its u to IP addr ess 10.0.0.3 . TFTP Server Co nfigurati on (o n UNIX ) The TFTP serv er b ase directo ry is set to /tftpser ver /work/.
6-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Changing the Pa ssword • It reads t he configuration file th at correspon ds to it s host name; f or example, i t reads swi tch1-co nfg from the T FTP ser ver .
6-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Setting the System Date and Time Both types of pa sswords can contai n from 1 to 25 up percase and l o werc ase alphanu meric chara cters, and both can st art with a number .
6-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Conf igurin g SNMP Configuring the Switch for NTP Broadcast-Client Mo de Y o u can con .
6-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Config uring CDP Beginning in privileged EXEC mode, foll o w these steps to add a trap ma.
6-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Managin g the ARP Tabl e Configurin g CDP for E xtended Dis covery Y ou can change the def ault conf ig uration of CDP on the comman d switch to discov er dev ices up to sev e n hops away .
6-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Managin g the MAC Addre ss Tables The Addr ess Resolut ion Prot ocol (ARP) assoc iates a host IP addre ss with the corr espondi ng media or MA C addresse s and the VLAN I D.
6-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Managin g the MAC Addre ss Tables Changing the Address Aging Time Dynamic a ddresses a re source M A C a ddresses that the sw itch learn s and then dro ps when t hey are not in use.
6-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Managin g the MAC Addre ss Tables MAC Address Notification MA C address notif ication enab les you t o keep trac k of the MA C addresse s that are le arned or re mov ed from your s witch.
6-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Managin g the MAC Addre ss Tables Adding Sec ure Addresse s The se cure address tabl e contain s secure M A C addre sses and th eir associ ated por ts and VLA Ns.
6-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Managin g the MAC Addre ss Tables Y ou can add an d remove static address es and define the forwa rding behavior for th em.
6-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Configuring TA CACS+ Configuring TACACS+ Y ou can use the T ermin al Access Cont roller Access Co ntrol Syste m Plus (T ACA CS+) to ma nage networ k security (au thenticatio n, authoriz ation, and ac counting [AAA] ) from a ser ver .
6-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Configuring TACACS+ Configuring Login Authentication Be ginning i n pri vile ge d EXEC m .
6-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Configuring TA CACS+ • tacacs + — Uses T A CACS+ authenticat ion. Y ou must configure t he T ACA CS+ ser ver before yo u can use this aut henticatio n method.
6-23 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Configuring TACACS+ Beginning in privileged EXEC mode , follow th ese steps to enable T A CACS+ accounting : Note Th ese com mands a re doc umented in the “ Accounting an d Billing Command s ” chap ter of t he Cisc o IOS Release 12.
6-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS Controlling Switch Access with RADIUS This sec.
6-25 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Controlling Switch Access with RADIUS RADIUS is not suita ble in these netw ork secur ity situations: • Multipr otoco l access en vironmen ts.
6-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS The A CCEPT or RE JECT respo nse is bundled wit h additiona l data that is use d for privileged EXEC or networ k authorization.
6-27 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Controlling Switch Access with RADIUS Identifying the RADIUS Serve r Host Switch-t o-RADI.
6-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS Beginning in privileged EXEC mo de, follow these steps t o configure per-server RADI US server comm unication .
6-29 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Controlling Switch Access with RADIUS This examp le shows how to configure on e RADIUS se rver to be used f or authe nticati on and an other to be used fo r accoun ting: Switch(config)# radius-server host 172.
6-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS Beginning in privileged EXEC mo de, follow these steps to con f igure lo gin authen tication. Th is procedu re is requir ed.
6-31 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Controlling Switch Access with RADIUS Defining AAA Server Groups Y ou can co nfigure the switch to us e AAA server grou ps to group existin g server hosts for au thentic ation.
6-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS Beginning in privileged EXEC mode, follow thes.
6-33 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Controlling Switch Access with RADIUS T o remove the spe cified RAD IUS ser ver , u se the no radius-server host hostname | ip- addre ss global configurati on comma nd.
6-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS Beginning in privileged EXE C mode, foll o w t.
6-35 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Controlling Switch Access with RADIUS Configuring Settings for All RADIUS S ervers Beginn.
6-36 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS For e xample, th is A V pair acti vates Cisco .
6-37 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 6 Configuring the Sy st em Controlling Switch Access with RADIUS Beginning i n privileged EXEC mode, fol low these s.
6-38 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 6 Configuri ng the Sy stem Controllin g Switch Acce ss with RA DIUS.
C HAPTER 7-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 7 Configuring 802.1X Port-Ba sed Authen tication This cha pter describ es how to configure IEEE 802.1 X port-ba sed authen ticatio n to pre vent unautho rized devices (clie nts) from ga ining ac cess to the ne twork.
7-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 7 Confi guring 8 02.1X Port-Bas ed Authenticat ion Unders tan ding 802.1X Port -Based Aut henticatio n Device Roles W ith 802.1X por t-bas ed authenticatio n, the de vices in the netwo rk ha ve s pecif ic roles as sho wn in Figure 7-1 .
7-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 7 Configuring 802.1X Port -B ased Authen tication Understandi ng 802.1X Port- Based Authent ication The de vices that can act as inte rmediaries inc lude the Catalyst 3550 multilayer s witch, Catalyst 29 50 switch, o r a wireless acce ss point.
7-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 7 Confi guring 8 02.1X Port-Bas ed Authenticat ion Unders tan ding 802.
7-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 7 Configuring 802.1X Port -B ased Authen tication Understandi ng 802.1X Port- Based Authent ication • auto — en ables 802.1X and ca uses the port to begin in the unau thorize d state, allowing only EAPOL frames to be sent and re ceiv ed thro ugh the port.
7-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 7 Confi guring 8 02.1X Port-Bas ed Authenticat ion Configur ing 802. 1 X Authe nticati on Configuring 802.1X Authent ication The section de scribes h o w to configure 802.
7-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 7 Configuring 802.1X Port -B ased Authen tication Configuring 802. 1X Authent ication 802.1X Configuration Guidelines These are the 802.1X auth entication conf iguratio n guidelines: • When the 80 2.
7-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 7 Confi guring 8 02.1X Port-Bas ed Authenticat ion Configur ing 802. 1 X Authe nticati on Enabling 802.1X Authentication T o enable 802. 1X port- based aut hentica tion, you must e nable AAA an d speci fy the authe nticat ion method list.
7-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 7 Configuring 802.1X Port -B ased Authen tication Configuring 802. 1X Authent ication This exam ple sh o ws how to enabl e AAA a nd 802.
7-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 7 Confi guring 8 02.1X Port-Bas ed Authenticat ion Configur ing 802. 1 X Authe nticati on T o delete the specif ied RADIUS server , use the no radi us- server ho st { hostn ame | ip-add r ess } global configurati on comma nd.
7-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 7 Configuring 802.1X Port -B ased Authen tication Configuring 802. 1X Authent ication This exam ple sh ows how to en.
7-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 7 Confi guring 8 02.1X Port-Bas ed Authenticat ion Configur ing 802. 1 X Authe nticati on Changing the Switc h-to-Client R etransmission Time The client re sponds to the EAP-request/iden tity frame fr om the switch with an EAP- response/identi ty frame .
7-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 7 Configuring 802.1X Port -B ased Authen tication Configuring 802. 1X Authent ication Setting the Switch-to-Client F.
7-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 7 Confi guring 8 02.1X Port-Bas ed Authenticat ion Display ing 802.1X Statis t ics and Status T o disable mult iple hosts on the port, use the no dot1x multiple-hosts interf ace conf iguration comma nd.
C HAPTER 8-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 8 Configuring VLANs This ch apter p rovides infor mation a bout configuri ng virtual LANs ( VLANs ). It inclu des comm and-li ne interf ace (CLI) proced ures for using comma nds that h av e been specif icall y creat ed or chang ed for the Catalyst 2950 swi tches.
8-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Overv iew Figur e 8-1 VLANs as Logica lly Defined Netw ork s Ta b l e 8 - 1 lists the number of suppor ted VLANs on the switches. The Catalyst 2950 switches support IEEE 802.
8-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Managem ent VL ANs Note Th e Catalyst 2950 swit ches do no t support I SL trunk ing. T runking is not supported on all switches. For the list of products th at support trunking, refer to the release n otes.
8-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Assigni ng VL AN Port Memb ership Mo des Before a new switch can be add ed to a cluster, it must be connecte d to a port that belon gs to the cluste r manage ment VL AN.
8-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Assignin g VLAN Port Membe rship Modes When a port be longs to a V LAN, the swi tch learn s and manage s the addre sses associat ed with th e port on a per-VLAN basis.
8-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Assigni ng VL AN Port Memb ership Mo des VLAN Membership Combinations Y ou can c onfi gure your switch ports in the v arious VLAN member ship combination s in Ta b l e 8 - 3 .
8-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Assigni ng Stati c-Access Por ts to a VLAN Assigning Static-Access Ports to a VLAN By default, a ll ports are d ynamic d esirable p orts ass igned to the m anagem ent VLAN, V LAN 1.
8-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Using V TP These con figurations can cau se a switch to auto matically change i ts VTP mode : .
8-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Using VTP VTP adv ertisemen ts distrib ute this V LAN informatio n for each co nf igured VLAN: .
8-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Using V TP Figur e 8-2 Optimi zed F looded T raf fic with VTP Pr uning VTP Configuration Guidelines These se ctions de scribe th e guide lines you should fo llow when configuri ng the VTP domain na me and password and the VTP version numb er .
8-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Using VTP If you con figure a VTP password fo r a doma in, a Catalyst 2950 swit ch that is boo ted without a VTP configurati on does not a ccept VTP advert isement s until you con figure it with t he correct p assword.
8-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Using V TP Configuring VTP Y ou can configure V TP throu gh the CLI by entering c ommands i n the VLAN d atabase c ommand mo de. When yo u enter t he exit command i n VLAN database mode, it app lies a ll the c ommand s tha t you enter ed.
8-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Using VTP Cautio n Do not configure a VTP domai n name if al l switches are operat ing in VTP client mod e. If you do so, it is impossi ble to make ch anges to th e VLAN con f igura tion of tha t domai n.
8-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Using V TP Enabling VTP Version 2 VTP version 2 is disabled by default on VTP version 2-capabl e switches. When you en able VTP version 2 on a switch, every VTP version 2-capa ble switch in th e VTP domai n enables version 2.
8-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s VLANs in the VT P Data base Enabling VTP Pruning Pruning increa ses a va ilable bandwid th by restr icting flooded tr af fic to t h ose trunk li nks that the traf fic must use to acce ss the destin ation devices.
8-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s VLANs in the VTP Databa se • Security Associat ion Identif ier (SAID) • Bridge identif ic.
8-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s VLANs in the VT P Data base Configuring VLANs in the VTP Database Yo u u s e t h e C L I vl an database VL AN database comma nd to add, change , and delete VLANs.
8-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s VLANs in the VTP Databa se Adding a VLAN Each VLAN has a unique, 4-di git ID that can be a number from 1 to 1001. T o add a VLAN to the VLAN database, assign a number a nd name to the VLAN.
8-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s VLANs in the VT P Data base Beginn ing in pri vilege d EXEC mode, follo w th ese steps to delet.
8-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s How VL AN Tru nks Wor k How VLAN Trunks Work A trunk is a point- to-poin t link that tra nsmits and rece iv es traff ic between switch es or between switc hes and route rs.
8-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s How VLAN Trunk s Work IEEE 802.1 Q Configuratio n Considera tions IEEE 802. 1Q trunk s impose these l imitatio ns on the trun king strategy for a n etwork: • Make sure the na ti ve VLAN f or a 802.
8-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s How VL AN Tru nks Wor k Configuring a Trunk Port For informati on on trunk port int eractions w ith other fea tures, see the “ Tr unks Interacting with Other Features ” s e c t i o no np a g e8 - 2 1 .
8-23 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s How VLAN Trunk s Work CLI: Defining the Allowed V LANs on a Trunk By default, a t runk port se nds to and r eceiv es tra ff i c from all VLA Ns in the V LAN dat abase.
8-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Load Sh aring Us ing STP Configuring the Native VLAN for Untagged Traffic A trunk port c onfigured with 802 .1Q taggi ng can receive both tagged and unt agged tra f fic.
8-25 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Load Sharin g Using ST P Y ou conf igure load sh aring on trunk ports b y using STP port priorities or STP path costs. F or load sharing using ST P port prio rities, both l oad-sharing lin ks must be con nected to the sa me switch.
8-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s Load Sh aring Us ing STP Step 4 exit Return to pri vilege d EXEC mode. Step 5 show vtp st atus V e r i f yt h eV T Pc o n f i g u r a t i o no nb o t hS w i t c h1a n dS w i t c h2 .
8-27 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s Load Sharin g Using ST P Load Sha ring Using STP Path Co st Y ou can co nfigure parallel tru nks to share VLA N traffic by sett ing different path cost s on a trunk an d assoc iatin g the pat h costs w ith differe nt sets of VLA Ns.
8-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s How the VMPS Works How the VMPS Works A switch running thi s software release acts as a client to th e VLAN Membership Polic y Server ( VMPS) and comm unicate s with it thro ugh the V LAN Quer y Protocol ( VQP ).
8-29 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s How the VMPS Works Dynamic Port VLAN Membership A dynam ic (nontr unking) p ort on the switch c an belong to only o ne VLA N.
8-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s How the VMPS Works vmps fallback default vmps no-domain-req deny ! ! !MAC Addresses ! vmps-mac-addrs ! ! address <addr> vlan-name <vlan_name> ! address 0012.
8-31 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s How the VMPS Works VMPS Configuration Guidelines These guideline s and re strictio ns apply to dynami c port VL AN memb ership: • Y ou must co nfigure the VMPS befo re you co nfi gure ports as dy namic.
8-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s How the VMPS Works Beginning in privileged EXEC mo de, follow these steps to enter t he IP ad.
8-33 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s How the VMPS Works Reconfirming VLAN Memberships Beginning in privileged EXEC mo de, follow the.
8-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s How the VMPS Works Administering an d Monitoring the VMPS Y ou can disp lay infor mation abo ut the VMPS by usi ng the pr i vileged EXEC show vmps command.
8-35 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 8 Configuring VLAN s How the VMPS Works Figur e 8-6 Dynami c P ort VLAN M embership Conf iguration Primar y VMPS Ser v er 1 Secondar y VMPS Ser v er 2 Secondar y VMPS Ser v er 3 172.
8-36 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 8 Confi guring VLAN s How the VMPS Works.
C HAPTER 9-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 9 Configuring STP This cha pter descri bes how to configure the Sp anning Tree Protocol (ST P) on your switch.
9-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g B asic STP Features For i nform ation abo ut adv anced STP featu res, see th e .
9-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Understa nding Basi c STP Feat ures Multip le activ e path s between end stati ons caus e loops in the ne twork. If a loo p exists in the net work, end stations m ight recei ve dup licate messages.
9-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g B asic STP Features • The identif ier of the transmitting inter face • V al.
9-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Understa nding Basi c STP Feat ures Figur e 9-1 S TP T opology When the spann ing-tr ee topology i s calculated ba sed on default par ameters , the path betw een source a nd destination end stations in a switched netwo rk might not be ideal.
9-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g B asic STP Features Figure 9-2 illustrates how an in terface m ov es through the states.
9-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Understa nding Basi c STP Feat ures Listening State The listen ing state is the f irst state an i nterfac e enters after the blo cking state.
9-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g B asic STP Features MAC Address Allocation The switch has a poo l of MA C address es, one f or each in stance of STP , that is used a s the bri dge IDs f or the VLAN spanni ng-tree i nstances.
9-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Underst anding Advan ced STP Fe atures Figur e 9-3 S TP and Redundant Connec tivity Y ou can also cre ate redund ant links betwe en switches by using Et herChann el groups.
9-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g Advance d STP F eat ures Understand ing Port Fast Port Fast immedia tely brin gs an interface c onfigured as an acces s port to the forward ing state f rom a block ing stat e, by passi ng the li stening an d learnin g states .
9-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Underst anding Advan ced STP Fe atures Understanding UplinkFast Switches in hie rarchical ne tworks can be groupe d into backb one switches, distr ibution switches, an d acces s switches.
9-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g Advance d STP F eat ures Figur e 9-6 Upli nkF ast Example Bef ore Di rec t Lin.
9-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Underst anding Advan ced STP Fe atures How CSUF Work s CSUF ensures th at one link in the sta ck is elected as the path to the root.
9-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g Advance d STP F eat ures The switch se nding the fast - transition r equest ne.
9-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Underst anding Advan ced STP Fe atures Limitations These lim itations ap ply to CSUF: • CSUF use.
9-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g Advance d STP F eat ures Figur e 9-9 Gig aStack GBIC Co nnections a nd STP Co .
9-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Underst anding Advan ced STP Fe atures Understand ing Back boneFas t Backbo neFast is init iated when a root po rt or block ed port o n a switch rec eiv es inferior BPDUs from i ts designated br idge.
9-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Unders tan din g Advance d STP F eat ures switch ov er take s appro ximately 30 secon ds, twice the F orwa rd Delay time if the defa ult For ward Dela y time of 1 5 second s is s et.
9-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Underst anding Advan ced STP Fe atures Unders tanding Root Gu ar d The net work of a servic e provider (SP) c an inclu de many connec tions to swi tches that are not owned by the SP .
9-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Basic STP F eat ures Configuring Basic STP Features These s ections i nclude ba si.
9-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Confi guring Basi c STP Features Disabling STP STP is enabl ed b y default o n VLAN 1 and on all newl y created VLANs up to the spanning-tree limit specif ied in Ta b l e 9 - 2 .
9-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Basic STP F eat ures T o conf igure a switch to become the r oot, the switch prior.
9-23 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Confi guring Basi c STP Features Configur ing a Se co ndar y R oot S witch When you configure a sw.
9-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Basic STP F eat ures Configuring STP Port Priority In the ev ent of a loop, STP con siders port pri ority when se lecting an inte rface to put into the for warding state.
9-25 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Confi guring Basi c STP Features For inf ormation on ho w to configure load sharing on trunk p orts by using ST P port priorities, see the “ Load Sharin g Using STP ” s e c t i o no np a g e8 - 2 4 .
9-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Basic STP F eat ures T o return the inte rface to its defa ult settin g, use the no spanning-tree cost interf ace conf iguration or t he no spanning-tree vlan vlan-id co st int erface co nfiguration c ommand.
9-27 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Confi guring Basi c STP Features Configuring the Hello Time Y ou can conf igure the interval betw een the generation of conf iguratio n messages by the root switch b y changing th e STP hello t ime.
9-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Basic STP F eat ures T o re turn the swi tch to its default set ting, use the no spanning- tr ee vlan vlan- id fo rw ar d - t i m e glob al configurati on comma nd.
9-29 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Confi guring Basi c STP Features Figur e 9-14 Gig abi t Ether net Cluste rs Displaying S TP Status.
9-30 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Advan ced STP Features Configuring Advan ced STP Features These sec tions in clude.
9-31 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Confi guri ng Ad v anced STP Feat ur es Configuring BPDU Guard When the BPDU guard f eature is enabl ed on the s witch, STP sh uts do wn Port Fa st-enab led inte rface s that rece i ve BPDUs r ather than p utting them in to the block ing state.
9-32 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Advan ced STP Features Configuring UplinkFast for Use with Redundant Links UplinkF.
9-33 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 9 Configuring STP Confi guri ng Ad v anced STP Feat ur es Configuring C ross-Stac k UplinkFas t Before e nabling CSU F , ma ke sure your sta ck switches are prop erly conn ected.
9-34 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt er 9 Configurin g STP Configur ing Advan ced STP Features Configurin g Backbon eFast Y ou can ena ble BackboneFa st to detect indirect link failu res and to start the spanning -tree reconfigur ation soo ner .
C HAPTER 10-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 10 Configuring the Switch Ports This chap ter provide s informa tion about ch anging por t configuratio n settin gs.
10-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Changing the Port Speed and D uplex Mode Connectin g to Devices That Do Not Au ton.
10-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Changi ng the Po rt Speed and Dupl ex Mode Configuring IEEE 802.
10-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Configur ing Flooding Cont rols T o disable flow control, use the flowc ontr ol rece ive off and flowcontrol se nd off interface co nfigur ation comm ands.
10-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Configuring Protected Ports Disabling Stor m Co nt rol Beginning in privileged EXEC.
10-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Enablin g Port Secu rity Beginning in privileged EXEC mo de, follow these steps to.
10-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Enabl ing Por t S ecurity For the restric tions that appl y to secure p orts, see the “ A voiding Configuration Con flicts ” sect ion o n page 14-1 .
10-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Unders tan ding the Ether Channel Disabling Port Security Beginn ing in pri vilege.
10-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Unders tanding the Ether Channel Figur e 1 0-1 T ypical EtherChannel Con figur ation Understand ing Port-Chann el Interfaces When you c reate an Ether Channe l for Layer 2 in terfa ces, a logic al interf ace is dynamicall y created.
10-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Unders tan ding the Ether Channel Figur e 1 0-2 Relationship of P h ysical P orts.
10-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Unders tanding the Ether Channel Both the auto and desirable m odes allo w interfa.
10-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Unders tan ding the Ether Channel When a d ev ice and i ts partn er are bot h aggre gate-port l earne rs, the y learn the addr ess on the logical port-ch annel.
10-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Unders tanding the Ether Channel Figur e 1 0-3 Load Distr ibution and F o rwar ding Methods Default EtherCh annel Con figuration T able 10-2 sh o ws th e default E therChan nel configur ation.
10-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Unders tan ding the Ether Channel EtherChann el Configuratio n Guidelines If imprope rly conf ig ured, s ome EtherChannel i nterface s are autom atically disabl ed to a voi d network loops and othe r problems.
10-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Unders tanding the Ether Channel Beginning in privileged EXEC mode , follow these .
10-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Unders tan ding the Ether Channel If you d elete th e Ether Cha nnel is b y using the no int erface port- channel global con figuration c ommand without re moving the physical inter faces, the physical interface s are shutdown.
10-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Displa ying Ethe rChannel and PAgP Status T o return Ether Channel lo ad balan cing to the de fault configur ation , use the no port-channel load-balanc e global con figuration co mmand.
10-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Configur ing UniDir ect ional Link D et ection Configuring UniDirectio nal Link Detect ion UniDirectional Link Detection (UDLD) is a Layer 2 protocol that detects and shuts down unidirectional links.
10-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Understa nding SPAN SP AN doe s not af fect th e switc hing o f netw ork tr af fic o n source por ts; a c opy of the pa ckets rece i ved or sent b y the source in terfa ces are sent to th e destina tion inter fa ce.
10-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Understan ding SPAN Some featur es that can cau se a packet to be dropp ed during tran smit processi ng might also affect t he duplica ted copy for SP A N.
10-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Understa nding SPAN SPAN Traffic Y ou can use SP AN to monitor all netwo rk traf fic, inclu ding multicast and bridge protocol d ata unit ( B P D U )p a c k e t s ,a n dC D P ,V T P ,D T P ,S T P ,a n dP a g Pp a c k e t s .
10-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Configuring SPAN Configuring SPAN This secti on describe s ho w to configure SP A.
10-23 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Configuring SPAN Creating a SP AN Session a nd Specifying P orts to Monito r Begin.
10-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Configuring SPAN Both: Gi0/1 Destination Ports: Gi0/2 Use the show monitor session privile ged EXEC command to v erify the con figur ation.
10-25 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 10 Configuring the Switch Port s Configuring SPAN The moni toring of tr aff i c received on port 1 is disab led, but traffi c sen t from this port co ntinues to be monitored.
10-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 10 Co nfiguring the Switch Ports Configuring SPAN.
C HAPTER 11-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 11 Configuring IGMP Sno oping an d MVR This chapte r describes h o w to configure Interne t Group Manageme nt Protocol (IGM P) snooping on you r switch, in cluding an applic ation of loca l IGMP snooping, Multi cast VLAN Re gistration ( MVR).
11-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unders tan ding and Config uring IGMP Snoo ping Layer 2 multicast groups learn ed through IGMP snoo ping are dynamic.
11-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 11 Configuring IGMP Snoopi ng and MVR Underst anding a nd Configu ring IGMP Snoop ing T o disable IGMP snoopi ng on a VLAN i nterface, use the no ip igmp snooping vlan vlan- id global configurati on comma nd for the specified VLAN numbe r (for example, vlan1) .
11-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unders tan ding and Config uring IGMP Snoo ping Setting th e Snooping Method Multicast -capable rout er ports are added to the forw arding table for e very IP multicast ent ry .
11-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 11 Configuring IGMP Snoopi ng and MVR Underst anding a nd Configu ring IGMP Snoop ing Note that the switc h architecture allo ws the CPU to distinguish IGMP information pack ets from other packets for the mu lticast grou p.
11-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unders tan ding and Config uring IGMP Snoo ping CLI: Statically Configurin.
11-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 11 Configuring IGMP Snoopi ng and MVR Understanding Multicast VLAN R egistration CLI: Configuring a Multicast Router.
11-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unde rsta n din g M ult ic ast V LAN Regi st ratio n The Cata lyst 2950 sw.
11-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 11 Configuring IGMP Snoopi ng and MVR Understanding Multicast VLAN R egistration Figur e 1 1 -3 Multicast VLAN Registr ation Example MVR eliminate s the need to dupli cate tele vision-channel multicast traff ic for subscribers in e ach VLAN.
11-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unde rsta n din g M ult ic ast V LAN Regi st ratio n Configuration Guidelines and Limitations Foll ow th ese guidelines w hen conf iguring MVR: • Recei ver por ts cannot be tru nk ports.
11-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 11 Configuring IGMP Snoopi ng and MVR Understanding Multicast VLAN R egistration Step 3 mv r group ip-address [ co unt ] Confi gure an IP multicast address on the switch or use the co unt paramet er to configure a conti guous serie s of IP addr esses.
11-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unde rsta n din g M ult ic ast V LAN Regi st ratio n This exampl e shows .
11-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 11 Configuring IGMP Snoopi ng and MVR Understanding Multicast VLAN R egistration This exam ple shows how to configu.
11-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unde rsta n din g M ult ic ast V LAN Regi st ratio n Displaying M VR Y ou can disp lay MVR inform ation for the sw itch or for a spec ifie d interfa ces.
11-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 11 Configuring IGMP Snoopi ng and MVR Understanding Multicast VLAN R egistration T h i se x a m p l es h o w st h e.
11-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapte r 11 Configu ring IG MP Snoop ing and MVR Unde rsta n din g M ult ic ast V LAN Regi st ratio n.
C HAPTER 12-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 12 Configuring Network Security with ACLs This chapte r describes h o w to conf igure netw ork secur ity on your switch b y using access control lists (A CLs), whic h are also ref erred to i n comman ds and tabl es as acce ss lists.
12-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Unders tanding A C Ls after the f irst match, the order of cond itions in the list is cr itical. If no con ditions match, the sw itch rejects the p acket.
12-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Unde rsta nd ing A CLs Figur e 1 2-1 Using A CLs to Contr ol T ra ff ic to a Netw or k Handling Fragmented and Unfragmented Traffic IP packets ca n be fragment ed as they cross the network.
12-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Unders tanding A C Ls • Packet A is a TCP packet from hos t 10.2.2.2, po rt 65000, goi ng to host 10.1.1. 1 on the SMTP port.
12-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Unde rsta nd ing A CLs Note A mask can be a combi nation of eith er multiple Layer 3 an d Layer 4 f ields or of multiple L ayer 2 f ields.
12-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs T able 12-1 lists a summary of th e A CL restrictions on Cat alyst 2950 switches. Configuring ACLs Note Y ou ca n configure A CLs only if your swi tch is running t he enhanced soft ware image.
12-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs Creating Stan dard and Extended IP ACLs This sectio n describes ho w to create switch IP A CLs. An A CL is a sequential collection of permit and deny conditions.
12-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs Note In addition to n umbered s tandard an d exte n ded A CLs, you can als o create stan dard an d exten ded named IP A C Ls by using the supporte d numbers.
12-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs Note When creating an A CL, remember th at, by de fault, t he end of the A CL contains an im plicit den y statem ent for all packet s that it did not f ind a match for bef ore reac hing the en d.
12-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs For m ore details on the s pecif ic keyw ords rela tiv e to each protoco l, refer to th e Cisco IP and IP Rout ing Command R efer ence for IOS Re lease 12.
12-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs Beginning in privileged EXEC mo de, follow these steps to crea te an extended A CL: Command Purpose Step 1 confi g ure t erminal Ente r global configuratio n mode.
12-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs Use the no access-list a ccess-list-number gl obal conf iguration comman d to delete the entire access list.
12-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs Beginn ing in pri vileged EXEC mode, fo llo w these s.
12-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs When making th e standar d and extended A CL, re.
12-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs Applying the ACL to an Interface or Terminal L ine After you c reate an A CL, you ca n apply it to o ne or more in terfaces o r ter minal lines.
12-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs This exam ple shows how to app ly acce ss list 2.
12-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs Thi s exa mple d ispl ays onl y IP st andar d and e xtended A CLs . Switch# show ip access-lists Standard IP access list 1 permit 172.
12-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs Examples for Compiling ACLs For deta iled inform.
12-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs This exampl e uses an extende d A CL to deny traff ic from por t 80 (HTTP). It p ermits all oth er types o f traf fic.
12-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs Commented IP ACL Ent ry Examples In this e xampl.
12-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 12 Configuring Network Se curity with A CLs Confi guring ACLs Use the no mac access-list extended nam e global conf iguration command to dele te the entire A CL. Y ou can als o dele te individu al A CEs from n amed M A C ext ended ACLs.
12-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 12 Confi guring Networ k Securit y with ACL s Conf igu ring A CLs This e xample sho ws how to apply A CL 2 on Giga.
C HAPTER 13-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 13 Configuring QoS This chapter d escribes ho w to configure qua lity of service (QoS) on your swit ch. W ith this feature, you can provide prefer ential tr eatment to cert ain types of traffi c.
13-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Unders tan ding QoS Y ou can also use th ese wizards to con f igure QoS: Note These wizards are a v ailable only if your switc h is running the enhance d software imag e.
13-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Unde r sta ndi n g QoS Layer 3 IP pac kets can carr y a Differentiat ed Servi ces Code P oint (DSCP) value. The su pported DSCP values are 0, 8, 10, 16, 1 8, 24, 26, 3 2, 34, 40, 46, 48, and 56.
13-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Unders tan ding QoS • Classif ying disting uishes o ne kind of tr aff ic f rom ano ther . For more informa tion, see t he “ Classification ” section on page 13- 4 .
13-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Unde r sta ndi n g QoS Classification Based on QoS ACLs Y ou can u se IP standa rd, IP exten ded, and L ayer 2 MAC A CLs t o define a group o f packets wi th the same char acte rist ics ( class ).
13-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Unders tan ding QoS Y o uc r e a t eac l a s sm a pb yu s i n gt h e class-ma p global configur ation com mand or the class polic y -map configurati on command.
13-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Unde r sta ndi n g QoS For IP traff ic, you have these classification options: • T rust the IP DSCP in the incomi ng packet (conf igure the port to trust DS CP), and assign the same DSCP to th e pac k et fo r int er na l use .
13-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Unders tan ding QoS Queuein g an d Sc he dulin g Note Both t he enhance d and standard so ftware image s support th is feature. The Catalyst 295 0 switches provide QoS-ba sed 802.
13-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S • W eighted ro und-robi n (WRR) schedulin g WRR sched uling req uires y ou to specif y a number th at indi cates t he importan ce (weigh t) of the queue re lativ e to the ot her CoS queue s.
13-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS Configuration Guidelines Note Th ese guidel ines are a pplicabl e only if you r switch is ru nning the e nhance d software im age.
13-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S Configuring the Trust State on Po rts within the QoS Domain Note Th is feature i s av a ilable o nly if your sw itch is runn ing the en hanced so ftware image .
13-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS Beginning in privileged EXEC mode, foll o w these s teps to configure t.
13-13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S Configuring the CoS Val ue for an Interface Note Both t he enhanced and s tandar d software images supp ort this feat ure.
13-14 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS This section c ontains thi s configuration infor mation: • Classifyi .
13-15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S Beginning in privileged EXEC mo de, follow these steps to cr eate an IP extended ACL for IP traff ic : T o de lete an A CL, use the no access-list access- list-number global co nfiguration c ommand.
13-16 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS This exampl e shows ho w to crea te an A CL that permits only TCP tra f fic from the dest inatio n IP address 128.88.1 .2 with TCP port numbe r 25: Switch(config)# access-list 102 permit tcp 0.
13-17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S Classifying Traffic by Using Class Ma ps Yo u u s e t h e class -map global configur ation comma nd to isolate a sp ecific traff i c flow (or class) from all other traf fic and to name it.
13-18 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS T o del ete an e xisting class map, us e the no class-map c lass-map-nam e glob al conf igurat ion comma nd.
13-19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S Beginn ing in pri vilege d EXEC mode, follo w th ese steps to create a policy m ap: Command Purpose Step 1 configur e terminal Enter g lobal configurat ion mode .
13-20 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS T o delete an ex isting policy map, use the no policy-map policy- map-n ame global configuratio n command. T o delete an existing class map, u se the no clas s class-map- name polic y-m ap con f igu rati on comm and.
13-21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S Switch(config)# access-list 1 permit 10.
13-22 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS If these values are not app ropria te for your net work, you need to m odify them.
13-23 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Confi guring Qo S Beginning in privileged EXEC mode , follow th ese steps to modify th e DSCP-to-CoS ma p: T o ret urn to the default map, use the no mls qos map dscp-cos global configur ation comm and.
13-24 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS Conf igurin g QoS CLI: Configuring CoS Pri ority Queues Beginning in privileged EX EC mod.
13-25 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS Displaying QoS Information Displaying QoS Information T o display the cur rent QoS inf ormation .
13-26 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS QoS Configura tion Examp les Figur e 13-4 QoS Configu ratio n Example Netw ork QoS Config ur ation fo r th e Co mmon W iring C los et The common wiring closet in Figure 13-4 c onsists of existi ng Cataly st 2900 X L and 3500 XL s witches.
13-27 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 13 Configuring QoS QoS Config uratio n Examples For the Cataly st 2900 an d 3500 XL switc hes, CoS c onfigures each.
13-28 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapt e r 13 Conf i guri n g QoS QoS Configura tion Examp les Step 18 end Return t o privileged EXEC mode . Step 19 show class- map videoclass show policy-map v ideopolicy show mls qos ma ps [ cos-d scp | dscp-cos ] V eri fy yo ur ent ries.
C HAPTER 14-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 14 Troubleshooting This chapte r provide s this infor mation about a voiding an d resolving proble ms related to th e switch software.
14-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 14 Trouble shooting Avoiding Auton egotiation Mismatch es Avoiding Autoneg otiati on Mismatches The IEEE 802.3U autone gotiation protocol ma nages the switc h settings fo r speed (10 Mbp s or 100 Mbps) a nd duple x (half or full) .
14-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 14 Troubleshooting Troubl eshooti ng CMS Sessi ons Troubleshooting CMS Sessions T able 14-2 lists proble ms commonly.
14-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 14 Trouble shooting Copying Co nfi gu ration Fi le s to Troubl esh oot Config ura tion Proble m s Copying Configu r.
14-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 14 Troubleshooting Recover y Proce dures Recovery Procedu res These re cov ery pr ocedur es requir e that you have p.
14-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 14 Trouble shooting Recovery Proce dures Replacing a Failed Command Switch with a Cluster Member T o replace a fail.
14-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 14 Troubleshooting Recover y Proce dures If this prompt doe s not appear, ent er enable ,a n dp r e s s Return .E n t e r se tup , and press Re turn to start the setup progra m.
14-8 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 14 Trouble shooting Recovery Proce dures Basic management setup configures only enough connectivity for management .
14-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 14 Troubleshooting Recover y Proce dures Recovering from a Lost or Forgotte n Passw ord Foll ow the s teps in this procedure if you ha ve forgotte n or lost the switch passw ord.
14-10 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 14 Trouble shooting Recovery Proce dures Continue with the configuration dialog? [yes/no]: N Step 11 At the switch.
14-11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Chapter 14 Troubleshooting Debug Com mands Step 4 Reconn ect the po wer cord to the s witch. The software image do es not load . The switch star ts in boot loa der mode, whi ch is indica ted by the switch: p rompt.
14-12 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Chapter 14 Trouble shooting Debug Comm a nds T o di splay the state of ea ch debugging option, ent er this comma nd in pri.
A- 1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 APPENDIX A Error Messages fo r Secu rity and Qo S Configurations This ap pendix de scribe s the erro r message s for co nfiguring net work securi ty with ACLs and con figuring QoS.
A- 2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Appendix A Er ror Message s for Securi ty and QoS Configura tions %Error:Deny ACE not supported in access-group within a class-map A deny A CE is not supp orted in an access group within a class map .
A-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Append ix A Error Mes s ages for Secu ri ty and QoS Confi gur ations %Error:Invalid rule Th is err or messa ge means tha t the har dwa re had a pr oble m programm ing the resou rce.
A- 4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Appendix A Er ror Message s for Securi ty and QoS Configura tions %Error:Access Group is not supported on EtherChannel interface This erro r messag e means tha t an acces s group i s appli ed on an EtherCh annel in terface .
B-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 APPENDIX B System Messages This a ppendix des cribes the I OS system messag es for the swi tch. Th e system softwar e sends these e rror messages to the c onsole (and, opti onally , to a logging se rver on another system) duri ng operation.
B-2 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Appendix B System Message s How to Read Sy st em Messag es • SEVERIT Y is a single -digit code fr om 0 to 7 that r eflects the sev erity of t he conditio n. The lower the number , the more serious the situati on.
B-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Append ix B System Mes sages Error Me ssage Tr aceback R eports Error Message Trace back Rep orts Some mes sages d escribe interna l erro rs and co ntain tra ceback i nforma tion.
B-4 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Appendix B System Message s Error Mess ages and Rec overy Proce dures Error Message CMP-5-REMOVE The Device is removed fr om the cluster (Cluster Name:[chars]) Explanati on The messa ge mean s that the device is re moved from the clust er: [char s] is the clust er name.
B-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Append ix B System Mes sages E rror Messages and R ecovery Pr ocedures Error Message GIGASTACK-6-NO_LOOP_DETECT Explanati on .
B-6 Catalyst 2950 Desktop Switch Software C onfiguratio n Guide 78-11380-03 Appendix B System Message s Error Mess ages and Rec overy Proce dures Error Message RTD-1-LINK_FLAP [chars] link down/up [de.
IN-1 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 INDEX Numerics 802. 1Q trunk mo de 2-9 802.1 X authenti cation ini tiation 7-3 config uring 7-6 chan ging the q uiet peri od.
Index IN-2 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 ACEs defined 12-2 Ether net 12-2 IP 12-2 Layer 3 pa rameter s 12-9 Layer 4 pa rameter s 12-9 ACLs ACEs 12-2 applyi ng.
Inde x IN-3 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 addres s table aging time, co nfiguring 6-16 dynami c addresse s, removing 6-16 MAC 6-15 secure addresses adding 6-18.
Index IN-4 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 cautions xix CC (comma nd switch) 5-20 CDP 1-3 automatic disco very in switch c lusters 5-4 config uring 6-13, 6-14 d.
Inde x IN-5 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 CMS (co ntinued) chan ge notif icati on 2-32 clu ster tre e 2-5 describe d 2-1 differ ent ve rsio ns of 2-33 displayi.
Index IN-6 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 communi ty strings config uring 5-14, 6-12 in clusters 5-14 SNMP 5-14 compatibilit y featu re 14-2 config tr ap 6-13 .
Inde x IN-7 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 console p ort acces s 4-2 connect ing to 3-9 default s ettings 4-2 convent ions comm and xix for examp les xix text x.
Index IN-8 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 disabling (co ntinued) VTP version 2 8-14 discovery , clusters See automat ic discovery display opti ons, Topology v .
Inde x IN-9 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Ether Channel (co ntinue d) interaction with STP 10-14 with VLANs 10-14 load balancing 10-12, 10-16 overvi ew 10-8 PA.
Index IN- 10 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 get-requ est operat ion 4-6 get-response o peration 4-6 Giga bit Ethern et port set tings 10-1 settings 10-1, 10-2 .
Inde x IN- 11 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 interfac e configurati on mode 3-2 interfac es flow cont rol 10-3 IOS suppo rted 1-6 Intern et Group M anageme nt P.
Index IN- 12 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 MAC addr esses (continu ed) in ACLs 12-20 notificat ion 6-17 mac addr ess notif ication 6-17 MAC ad dre ss ta bles .
Inde x IN- 13 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Multicast VLAN Regis tration See MVR Multilink Decomposer wind ow 2-22 multilink ic on 2-22 multi-VLAN p orts VLAN .
Index IN- 14 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 policers config uring for each matched tra ffic class 13-18 describe d 13-4 number of 1-5, 13- 7 types of 13-6 poli.
Inde x IN- 15 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 priority port describe d 13-8 p r i v a t eV L A Ne d g ep o r t s see prote cted po rts privile ged EXE C mode 3-2.
Index IN- 16 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 policing, de scribed 13-4, 13- 6 policy maps char acte rist ics of 13-18 config uring 13-18 displaying 13-25 queuei.
Inde x IN- 17 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 S saving ch ange s in CMS 2-32 SC (standby comma nd switch) 5-10, 5-20 secure a ddress count 10-7 secure addresses .
Index IN- 18 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 SPAN ( cont inue d) sessions (c ontinu ed) removi ng sourc e (monit ored) p orts 10-24 specifyi ng monitored por ts.
Inde x IN- 19 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 STP ( con tinue d) load sharing overvi ew 8-24 u s i n gp a t hc o s t s 8-27 using port priori ties 8-25 MAC a ddr.
Index IN- 20 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 Telne t acces s 4-2 acce ssing mana gement in terfaces 3-9 acce ssing the CLI 1-6 from a br owser 3-9 TFTP se rver,.
Inde x IN- 21 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-03 Unreco gnized Ty pe-Len gth- Value see TLV suppor t 8-9 upgradi ng software 4-1 VLAN consi derations 8-11 UplinkFas.
Index IN- 22 Catalyst 2950 Desktop Switch Software Conf iguration Guide 78-11380-0 3 VMP S (co ntin ued) mapping MAC addresses to VLANs 8-28 monitori ng 8-34 overvi ew 8-28 reconfirmati on interval , .
デバイスCisco 2950の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
Cisco 2950をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはCisco 2950の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。Cisco 2950の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。Cisco 2950で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
Cisco 2950を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はCisco 2950の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、Cisco 2950に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちCisco 2950デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。
