Software Guide
Page 2
... SUPPLIERS ARE PROVIDED "AS IS" WITH ALL FAULTS. and certain other company. (0304R) Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Copyright © 2000-2003, Cisco Systems, Inc. All rights reserved. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR...of the UNIX operating system. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of California. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION...
... SUPPLIERS ARE PROVIDED "AS IS" WITH ALL FAULTS. and certain other company. (0304R) Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide Copyright © 2000-2003, Cisco Systems, Inc. All rights reserved. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR...of the UNIX operating system. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of California. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION...
Software Guide
Page 14
...Address 20-4 Displaying Port Capabilities 20-5 Using Telnet 20-6 Changing the Login Timer 20-6 Using Secure Shell Encryption for Telnet Sessions 20-7 Monitoring User Sessions 20-8 Using Ping 20-9 Understanding How Ping Works 20-9 Executing Ping 20-10 Using Layer 2 Traceroute 20-11 Layer 2 Traceroute ... Traceroute 20-12 Configuring CDP 21-1 Understanding How CDP Works 21-1 Default CDP Configuration 21-2 Configuring CDP on the Switch 21-2 Setting the CDP Global Enable State 21-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xiv 78-15486-01
...Address 20-4 Displaying Port Capabilities 20-5 Using Telnet 20-6 Changing the Login Timer 20-6 Using Secure Shell Encryption for Telnet Sessions 20-7 Monitoring User Sessions 20-8 Using Ping 20-9 Understanding How Ping Works 20-9 Executing Ping 20-10 Using Layer 2 Traceroute 20-11 Layer 2 Traceroute ... Traceroute 20-12 Configuring CDP 21-1 Understanding How CDP Works 21-1 Default CDP Configuration 21-2 Configuring CDP on the Switch 21-2 Setting the CDP Global Enable State 21-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xiv 78-15486-01
Software Guide
Page 18
...30-8 Authentication Default Configuration 30-8 Authentication Configuration Guidelines 30-9 Configuring Login Authentication 30-9 Configuring Local Authentication 30-12 Configuring Local User Authentication 30-15 Configuring TACACS+ Authentication 30-17 Configuring RADIUS Authentication 30-23 Configuring Kerberos Authentication 30-31 Authentication Example 30-40... 30-43 Authorization Example 30-46 Understanding How Accounting Works 30-47 Accounting Overview 30-48 xviii Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01
...30-8 Authentication Default Configuration 30-8 Authentication Configuration Guidelines 30-9 Configuring Login Authentication 30-9 Configuring Local Authentication 30-12 Configuring Local User Authentication 30-15 Configuring TACACS+ Authentication 30-17 Configuring RADIUS Authentication 30-23 Configuring Kerberos Authentication 30-31 Authentication Example 30-40... 30-43 Authorization Example 30-46 Understanding How Accounting Works 30-47 Accounting Overview 30-48 xviii Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01
Software Guide
Page 27
...be accessed from the Networking Products MarketPlace: http://www.cisco.com/en/US/partner/ordering/index.shtml 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xxvii The CD-ROM ...cisco.com International Cisco websites can order Cisco documentation in equipment damage or loss of data. In this URL: http://www.cisco.com/public/countries_languages.shtml Documentation CD-ROM Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may be careful. Registered Cisco.com users...
...be accessed from the Networking Products MarketPlace: http://www.cisco.com/en/US/partner/ordering/index.shtml 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xxvii The CD-ROM ...cisco.com International Cisco websites can order Cisco documentation in equipment damage or loss of data. In this URL: http://www.cisco.com/public/countries_languages.shtml Documentation CD-ROM Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may be careful. Registered Cisco.com users...
Software Guide
Page 28
... can e-mail your comments. Obtaining Technical Assistance Preface • Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at this URL: http://tools.cisco.com/RPF/register/register.do xxviii Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Documentation Feedback You can...
... can e-mail your comments. Obtaining Technical Assistance Preface • Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at this URL: http://tools.cisco.com/RPF/register/register.do xxviii Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Documentation Feedback You can...
Software Guide
Page 29
... The type of your country, go to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xxix There is severely degraded, or significant... 4 (P4)-You need technical assistance with Cisco products and technologies. Cisco TAC Escalation Center The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. Two types of Cisco products. You and Cisco are a Cisco.com registered user, and you cannot resolve your business operations...
... The type of your country, go to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xxix There is severely degraded, or significant... 4 (P4)-You need technical assistance with Cisco products and technologies. Cisco TAC Escalation Center The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. Two types of Cisco products. You and Cisco are a Cisco.com registered user, and you cannot resolve your business operations...
Software Guide
Page 30
...journal published by Cisco Systems, as well as ordering and customer support services. You can access Packet magazine at this URL: http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide... access the Internet Protocol Journal at this URL: http://www.cisco.com/en/US/about Cisco products, technologies, and network solutions is entitled: for new and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking Technology Handbook, Internetworking ...
...journal published by Cisco Systems, as well as ordering and customer support services. You can access Packet magazine at this URL: http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide... access the Internet Protocol Journal at this URL: http://www.cisco.com/en/US/about Cisco products, technologies, and network solutions is entitled: for new and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking Technology Handbook, Internetworking ...
Software Guide
Page 37
...switch, see the "Using Telnet" section on page 20-6. Cisco Systems Console Enter password: After you successfully connect to the switch using Telnet, you can use normal-mode commands to monitor the switch or enter privileged mode to the switch... switch is on your host system, Telnet to the switch using Telnet, see Chapter 30, "Configuring Switch Access Using AAA." 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches ... the switch. For information about using the IP address or the DNS host name of operation: • Normal (also called login or user mode)...
...switch, see the "Using Telnet" section on page 20-6. Cisco Systems Console Enter password: After you successfully connect to the switch using Telnet, you can use normal-mode commands to monitor the switch or enter privileged mode to the switch... switch is on your host system, Telnet to the switch using Telnet, see Chapter 30, "Configuring Switch Access Using AAA." 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches ... the switch. For information about using the IP address or the DNS host name of operation: • Normal (also called login or user mode)...
Software Guide
Page 38
...user-level command-line prompt. Console> (enable) disable Console> Accessing Help Enter help menu, and, when appropriate, parameter ranges are used only in normal or privileged mode to a new switch, press Return at the Enter Password prompt. To see the "Accessing the Switch... from the switch CLI, enter the exit command. On a new switch, the privileged...switch, press Return at the privileged mode prompt. Otherwise, enter the normal-mode password for the switch...-mode password for the switch. Command usage, the ...new switch, the normal-mode password is null. Cisco Systems...
...user-level command-line prompt. Console> (enable) disable Console> Accessing Help Enter help menu, and, when appropriate, parameter ranges are used only in normal or privileged mode to a new switch, press Return at the Enter Password prompt. To see the "Accessing the Switch... from the switch CLI, enter the exit command. On a new switch, the privileged...switch, press Return at the privileged mode prompt. Otherwise, enter the normal-mode password for the switch...-mode password for the switch. Command usage, the ...new switch, the normal-mode password is null. Cisco Systems...
Software Guide
Page 41
Table 2-3 lists the switch CLI aliases that have user-configurable ports, the left -most port is mod_num/port_num. batch di exit logout Command help configure show quit quit Specifying Modules, Ports, and VLANs The Catalyst 4000 series switches sequentially number modules, ports, and VLANs, beginning with 1. In most systems, the module number and the slot...
Table 2-3 lists the switch CLI aliases that have user-configurable ports, the left -most port is mod_num/port_num. batch di exit logout Command help configure show quit quit Specifying Modules, Ports, and VLANs The Catalyst 4000 series switches sequentially number modules, ports, and VLANs, beginning with 1. In most systems, the module number and the slot...
Software Guide
Page 47
...lease time Option overload Client-identifier TFTP server name 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 3-3 Understanding DHCP In software release 5.2 and later releases, the switch can obtain the subnet mask, broadcast address, default gateway address, ...The IP address is not, requests are ignored. Other options that are present. DHCP-learned values are not used if user-configured values are contained in the DHCPDISCOVER message. Similarly, if the sc0 interface is not configured but the interface is ...
...lease time Option overload Client-identifier TFTP server name 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 3-3 Understanding DHCP In software release 5.2 and later releases, the switch can obtain the subnet mask, broadcast address, default gateway address, ...The IP address is not, requests are ignored. Other options that are present. DHCP-learned values are not used if user-configured values are contained in the DHCPDISCOVER message. Similarly, if the sc0 interface is not configured but the interface is ...
Software Guide
Page 58
... bandwidth, the network performance of all ports. The switch then forwards subsequent frames to the address table. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 4-2 78-15486-01 ...Default Ethernet and Fast Ethernet Configurations Chapter 4 Configuring Ethernet and Fast Ethernet Switching The Catalyst enterprise LAN switches solve congestion problems that are caused by high-bandwidth devices and a large number of users...
... bandwidth, the network performance of all ports. The switch then forwards subsequent frames to the address table. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 4-2 78-15486-01 ...Default Ethernet and Fast Ethernet Configurations Chapter 4 Configuring Ethernet and Fast Ethernet Switching The Catalyst enterprise LAN switches solve congestion problems that are caused by high-bandwidth devices and a large number of users...
Software Guide
Page 63
...if a port goes into errdisable state: Console> (enable) set errdisable-timeout command. At every t seconds, where t is the user-configurable timeout, a process checks to see if any of the reasons available for the set port errdisable-timeout 3/3 disable Successfully disabled ... out. If you can manually prevent a particular port from being enabled by default. Console>(enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 4-7 you specify a reason of other than those ports that particular port to disable; ...
...if a port goes into errdisable state: Console> (enable) set errdisable-timeout command. At every t seconds, where t is the user-configurable timeout, a process checks to see if any of the reasons available for the set port errdisable-timeout 3/3 disable Successfully disabled ... out. If you can manually prevent a particular port from being enabled by default. Console>(enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 4-7 you specify a reason of other than those ports that particular port to disable; ...
Software Guide
Page 79
... not initiate PAgP packet negotiation. In addition, outbound broadcast and multicast packets that are transmitted on . 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-5 The auto and desirable modes can form a channel, based on criteria such as a... following sections if you are connecting to a "silent partner" (a device that is not generating BPDUs or other traffic). There are four user-configurable channel modes: on or off , auto, and desirable. Table 6-1 describes each mode. Places a port into a channel. Prevents ...
... not initiate PAgP packet negotiation. In addition, outbound broadcast and multicast packets that are transmitted on . 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-5 The auto and desirable modes can form a channel, based on criteria such as a... following sections if you are connecting to a "silent partner" (a device that is not generating BPDUs or other traffic). There are four user-configurable channel modes: on or off , auto, and desirable. Table 6-1 describes each mode. Places a port into a channel. Prevents ...
Software Guide
Page 217
... 802.1Q VLAN corresponding to be mapped to an ISL VLAN in the Catalyst 6500 series reserved range, 1002-1024. In a network environment with non-Cisco devices that are connected to Cisco switches through 802.1Q trunks or traffic from a non-Cisco switch that has VLANs in order to the mapped ISL VLAN is blocked. •...; You must map 802.1Q VLANs to Ethernet-type ISL VLANs. • Do not enter the native VLAN of user-configured Inter-Switch Link (ISL) VLANs is 0-4095. For example, if you can configure up to seven 802.1Q-to-ISL VLAN mappings on 802.1Q VLAN 200 ...
... 802.1Q VLAN corresponding to be mapped to an ISL VLAN in the Catalyst 6500 series reserved range, 1002-1024. In a network environment with non-Cisco devices that are connected to Cisco switches through 802.1Q trunks or traffic from a non-Cisco switch that has VLANs in order to the mapped ISL VLAN is blocked. •...; You must map 802.1Q VLANs to Ethernet-type ISL VLANs. • Do not enter the native VLAN of user-configured Inter-Switch Link (ISL) VLANs is 0-4095. For example, if you can configure up to seven 802.1Q-to-ISL VLAN mappings on 802.1Q VLAN 200 ...
Software Guide
Page 238
...521,524,570,776,801-802,850,917,999 11-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 When you disable VLAN 1 on a trunk interface, no user traffic is enabled by default to allow control protocols to ... Disable VLAN 1 on a trunk link and verify the configuration: Console> (enable) clear trunk 4/1 1 Removing Vlan(s) 1 from control protocols such as Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), Port Aggregation Protocol (PAgP), Dynamic Trunking Protocol (DTP), and so forth. To disable VLAN 1 on ...
...521,524,570,776,801-802,850,917,999 11-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 When you disable VLAN 1 on a trunk interface, no user traffic is enabled by default to allow control protocols to ... Disable VLAN 1 on a trunk link and verify the configuration: Console> (enable) clear trunk 4/1 1 Removing Vlan(s) 1 from control protocols such as Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), Port Aggregation Protocol (PAgP), Dynamic Trunking Protocol (DTP), and so forth. To disable VLAN 1 on ...
Software Guide
Page 253
... address-to client requests. VMPS remains enabled, regardless whether you reset or power cycle the switch. The VMPS opens a User Datagram Protocol (UDP) socket to communicate and listen to -VLAN mapping. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 12-1 12 C H A P T E R Configuring Dynamic VLAN Membership with Auxiliary VLANs, page...
... address-to client requests. VMPS remains enabled, regardless whether you reset or power cycle the switch. The VMPS opens a User Datagram Protocol (UDP) socket to communicate and listen to -VLAN mapping. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 12-1 12 C H A P T E R Configuring Dynamic VLAN Membership with Auxiliary VLANs, page...
Software Guide
Page 278
...ports with QoS Enabled-Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Frame enters switch Incoming No 802.1Q frame? Yes Honor current CoS value 1Apply switch default CoS value 1From...use the 802.1p CoS values to give preference to be marked. 14-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Queue 2 Queue No full? ...-1 shows how QoS affects the traffic flow. Figure 14-1 Traffic Flow Through the Switch with transmit queue drop thresholds and multiple transmit queues that carries the CoS value in...
...ports with QoS Enabled-Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Frame enters switch Incoming No 802.1Q frame? Yes Honor current CoS value 1Apply switch default CoS value 1From...use the 802.1p CoS values to give preference to be marked. 14-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Queue 2 Queue No full? ...-1 shows how QoS affects the traffic flow. Figure 14-1 Traffic Flow Through the Switch with transmit queue drop thresholds and multiple transmit queues that carries the CoS value in...
Software Guide
Page 279
Understanding Scheduling There are two user-configurable transmit queues and one non-user-configurable transmit queue drop threshold for a transmit queue, regardless of classification, is subject to Transmit Queues and Drop Thresholds" section on page 14-6. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 14-3 You can specify such ports...
Understanding Scheduling There are two user-configurable transmit queues and one non-user-configurable transmit queue drop threshold for a transmit queue, regardless of classification, is subject to Transmit Queues and Drop Thresholds" section on page 14-6. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 14-3 You can specify such ports...
Software Guide
Page 280
... disables and then reenables ports (which can cause spanning tree topology changes), enter QoS commands only when necessary. 14-4 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Not user-configurable Default Value Disabled 0 • Threshold 1:100%1 • Transmit queue drop threshold 1: CoS 0-71. • Transmit queue 1: CoS 0-7 •...
... disables and then reenables ports (which can cause spanning tree topology changes), enter QoS commands only when necessary. 14-4 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Not user-configurable Default Value Disabled 0 • Threshold 1:100%1 • Transmit queue drop threshold 1: CoS 0-71. • Transmit queue 1: CoS 0-7 •...