User Guide
Page 1
and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into Cisco IOS Release 12.2(8)T. 16- and 36-Port Ethernet Switch Module, page...12.2(8)T, and 12.2(15)ZJ 1 This feature module describes the 16- and 36-Port Ethernet Switch Module for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. This document includes the following sections: • Feature Overview, page 2 •...
and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into Cisco IOS Release 12.2(8)T. 16- and 36-Port Ethernet Switch Module, page...12.2(8)T, and 12.2(15)ZJ 1 This feature module describes the 16- and 36-Port Ethernet Switch Module for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. This document includes the following sections: • Feature Overview, page 2 •...
User Guide
Page 2
...switch network module requires a double-wide slot. An optional power module can also be added to provide inline power for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This document explains how to another 16- and 36-port Ethernet switch network modules support the following...connections between Ethernet segments last only for the next packet. Feature Overview 16- The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. New connections can be made between Layer 2 Ethernet segments.
...switch network module requires a double-wide slot. An optional power module can also be added to provide inline power for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This document explains how to another 16- and 36-port Ethernet switch network modules support the following...connections between Ethernet segments last only for the next packet. Feature Overview 16- The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. New connections can be made between Layer 2 Ethernet segments.
User Guide
Page 3
...by a configurable aging timer; The switch then forwards subsequent frames to a single interface without flooding any entries. Because each interface as a router or a switch. When a frame enters the switch, it associates the MAC address of the same virtual local area network (VLAN) ... address table, it was received. On a typical Ethernet hub, all interfaces. When the switch receives a frame for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number ...
...by a configurable aging timer; The switch then forwards subsequent frames to a single interface without flooding any entries. Because each interface as a router or a switch. When a frame enters the switch, it associates the MAC address of the same virtual local area network (VLAN) ... address table, it was received. On a typical Ethernet hub, all interfaces. When the switch receives a frame for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number ...
User Guide
Page 5
... is made up of hardware limitations. SVIs support routing protocol and bridging configurations. A routed port is created for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of VLANs within a ...changes centrally on one or more information about configuring IP routing, see the "Configuring IP Multicast Layer 3 Switching" section on a router; Then assign an IP address to the port, enable routing, and assign routing protocol characteristics by putting the interface into Layer ...
... is made up of hardware limitations. SVIs support routing protocol and bridging configurations. A routed port is created for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of VLANs within a ...changes centrally on one or more information about configuring IP routing, see the "Configuring IP Multicast Layer 3 Switching" section on a router; Then assign an IP address to the port, enable routing, and assign routing protocol characteristics by putting the interface into Layer ...
User Guide
Page 9
...the LAN and switch services and responds to the client. Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with the authentication server, and relaying a response to the requests from the switch. The switch acts as an intermediary (proxy) between ...access to the authentication server, the Ethernet header is stripped and the remaining EAP frame is then encapsulated for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in the RADIUS format. ...
...the LAN and switch services and responds to the client. Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with the authentication server, and relaying a response to the requests from the switch. The switch acts as an intermediary (proxy) between ...access to the authentication server, the Ethernet header is stripped and the remaining EAP frame is then encapsulated for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in the RADIUS format. ...
User Guide
Page 10
For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by the client using the dot1x port-control auto ... Access-Request RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 10 Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame. Note If 802.1x is in Authorized and Unauthorized States" section ...
For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by the client using the dot1x port-control auto ... Access-Request RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 10 Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame. Note If 802.1x is in Authorized and Unauthorized States" section ...
User Guide
Page 12
...a standby (blocked) state. If the port becomes unauthorized (reauthentication fails or an EAPOL-logoff message is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network. Switches send and receive spanning tree frames...in a network. and 36-Port Ethernet Switch Module for authenticating the clients attached to all VLANs. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to it is a Layer 2 link management protocol that you must ...
...a standby (blocked) state. If the port becomes unauthorized (reauthentication fails or an EAPOL-logoff message is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network. Switches send and receive spanning tree frames...in a network. and 36-Port Ethernet Switch Module for authenticating the clients attached to all VLANs. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to it is a Layer 2 link management protocol that you must ...
User Guide
Page 24
...specified VLANs are neighbors of a SPAN session. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is operational. SPAN sessions allow you to send either ingress traffic,...discarding it can configure one SPAN destination interface. An interface configured as a SPAN destination interface stops trunking on all Cisco routers, bridges, access servers, and switches. With CDP, network management applications can configure source interfaces in particular, neighbors running...
...specified VLANs are neighbors of a SPAN session. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is operational. SPAN sessions allow you to send either ingress traffic,...discarding it can configure one SPAN destination interface. An interface configured as a SPAN destination interface stops trunking on all Cisco routers, bridges, access servers, and switches. With CDP, network management applications can configure source interfaces in particular, neighbors running...
User Guide
Page 27
... B and permitting traffic from host 10.2.2.2, port 65000, going to all Layer 4 information is present. The remaining fragments also match the Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 27 16- All other fragments are considered to most of what the missing Layer ...the examples, the eq keyword after the destination address means to test for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 13 Using ACLs to Control Traffic to a Network Feature Overview Host A Cisco router with these commands, applied to three fragmented packets: Switch (config)# access-list...
... B and permitting traffic from host 10.2.2.2, port 65000, going to all Layer 4 information is present. The remaining fragments also match the Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 27 16- All other fragments are considered to most of what the missing Layer ...the examples, the eq keyword after the destination address means to test for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 13 Using ACLs to Control Traffic to a Network Feature Overview Host A Cisco router with these commands, applied to three fragmented packets: Switch (config)# access-list...
User Guide
Page 31
... then serviced on the Fast Ethernet ports. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 31 The class information in the packet can be a simple or complex task and depends on the 802.1p value generated by switches or routers along the path can construct an end-to...and patterns in your network can function as a Layer 2 switch connected to packets with a CoS/ToS of resources allocated per traffic class. All switches and routers across the Internet rely on the Layer 2 switch ports. Voice Realtime Transport Protocol (RTP) bearer traffic marked with a CoS or ToS of 5 and ...
... then serviced on the Fast Ethernet ports. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 31 The class information in the packet can be a simple or complex task and depends on the 802.1p value generated by switches or routers along the path can construct an end-to...and patterns in your network can function as a Layer 2 switch connected to packets with a CoS/ToS of resources allocated per traffic class. All switches and routers across the Internet rely on the Layer 2 switch ports. Voice Realtime Transport Protocol (RTP) bearer traffic marked with a CoS or ToS of 5 and ...
User Guide
Page 35
...configured on the egress interface on the IGMP traffic between the host and the router and keeps track of multicast groups and member ports. The number of VLANs is less than or equal to the Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 35 The product of... Multicast Groups The maximum number is determined by multiplying the number of multicast groups. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview • On an interface configured for QoS, traffic in the physical port egress queue depending on ...
...configured on the egress interface on the IGMP traffic between the host and the router and keeps track of multicast groups and member ports. The number of VLANs is less than or equal to the Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 35 The product of... Multicast Groups The maximum number is determined by multiplying the number of multicast groups. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview • On an interface configured for QoS, traffic in the physical port egress queue depending on ...
User Guide
Page 36
...not receive any automatic manipulation by using the ip igmp snooping vlan static command. Setting the Snooping Method Multicast-capable router ports are added to the interface. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 36 Layer 2 multicast groups learned through PIM-DVMRP packets,...all VLANs. Multicast group membership lists can statically configure MAC multicast groups by IGMP snooping. If you can consist of multicast router ports through IGMP snooping are in the original leave message. The VLAN interface is supported only with only one join request ...
...not receive any automatic manipulation by using the ip igmp snooping vlan static command. Setting the Snooping Method Multicast-capable router ports are added to the interface. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 36 Layer 2 multicast groups learned through PIM-DVMRP packets,...all VLANs. Multicast group membership lists can statically configure MAC multicast groups by IGMP snooping. If you can consist of multicast router ports through IGMP snooping are in the original leave message. The VLAN interface is supported only with only one join request ...
User Guide
Page 37
...addressed to the 0100.5E01.0203 multicast MAC address that are not IGMP packets (!IGMP) to the router and to the multicast forwarding table as shown in the forwarding table. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 37 and 36-Port Ethernet Switch Module for... the multicast group. Figure 16 Initial IGMP Join Message Cisco router with Ethernet switch network module 1 IGMP Report 224.1.2.3 CPU port Multicast Forwarding Table 88849 2 3 4 5 Host 1 Host 2 Host 3 Host 4 Table 7 IP ...
...addressed to the 0100.5E01.0203 multicast MAC address that are not IGMP packets (!IGMP) to the router and to the multicast forwarding table as shown in the forwarding table. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 37 and 36-Port Ethernet Switch Module for... the multicast group. Figure 16 Initial IGMP Join Message Cisco router with Ethernet switch network module 1 IGMP Report 224.1.2.3 CPU port Multicast Forwarding Table 88849 2 3 4 5 Host 1 Host 2 Host 3 Host 4 Table 7 IP ...
User Guide
Page 38
... prevents switchports on a LAN from being disrupted by the router, or they can cause a storm. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module 1 CPU port Multicast Forwarding ...host in the VLAN needs multicast traffic, the switch responds to the router queries, and the router continues forwarding the multicast traffic to determine if any devices behind that IP multicast group. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 38 A ...
... prevents switchports on a LAN from being disrupted by the router, or they can cause a storm. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module 1 CPU port Multicast Forwarding ...host in the VLAN needs multicast traffic, the switch responds to the router queries, and the router continues forwarding the multicast traffic to determine if any devices behind that IP multicast group. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 38 A ...
User Guide
Page 41
... status of space, the port transmits a special packet that requests remote ports to delay sending packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings with...processing pause frames. Indicates preference to process pause frames, but autonegotiates flow control. Stacking Layer 2 switching may be extended in the router by connecting the Gigabit Ethernet (GE) ports of time. If a buffer on a Gigabit Ethernet port runs out of intrachassis stacked ...
... status of space, the port transmits a special packet that requests remote ports to delay sending packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings with...processing pause frames. Indicates preference to process pause frames, but autonegotiates flow control. Stacking Layer 2 switching may be extended in the router by connecting the Gigabit Ethernet (GE) ports of time. If a buffer on a Gigabit Ethernet port runs out of intrachassis stacked ...
User Guide
Page 42
... switch has two interfaces configured as a routed port with a particular VLAN, does not support subinterfaces, but behaves like a port on a router, but it is not connected to the routing or bridging function in a separate spanning-tree instance. Another interface is configured as SVIs with ...a VLAN, and it is only necessary to configure an SVI for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially ...
... switch has two interfaces configured as a routed port with a particular VLAN, does not support subinterfaces, but behaves like a port on a router, but it is not connected to the routing or bridging function in a separate spanning-tree instance. Another interface is configured as SVIs with ...a VLAN, and it is only necessary to configure an SVI for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially ...
User Guide
Page 43
... Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 43 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 19 Fallback Bridging Network Example Cisco router with Ethernet switch network module Routed port 172.20.130.1 Host C 172.20.128.1 SVI 1 Host A SVI 2 172.20...
... Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 43 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 19 Fallback Bridging Network Example Cisco router with Ethernet switch network module Routed port 172.20.130.1 Host C 172.20.128.1 SVI 1 Host A SVI 2 172.20...
User Guide
Page 44
... installing voice network modules and voice interface cards in Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers refer to these documents: • Cisco 2600 Series Modular Routers Quick Start Guide • Cisco 2600 Series Hardware Installation Guide • Quick Start Guides for Cisco 3600 series routers • Cisco 3600 Series Hardware Installation Guide • Quick start guides...
... installing voice network modules and voice interface cards in Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers refer to these documents: • Cisco 2600 Series Modular Routers Quick Start Guide • Cisco 2600 Series Hardware Installation Guide • Quick Start Guides for Cisco 3600 series routers • Cisco 3600 Series Hardware Installation Guide • Quick start guides...
User Guide
Page 46
... Port Analyzer, page 76 • Configuring Network Security with ACLs, page 78 • Configuring Quality of the Cisco 2600 series, Cisco 3600 series, or Cisco 3700 series router In addition, complete the following URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml RFCs • RFC 2284, PPP Extensible Authentication Protocol (EAP) Prerequisites...
... Port Analyzer, page 76 • Configuring Network Security with ACLs, page 78 • Configuring Quality of the Cisco 2600 series, Cisco 3600 series, or Cisco 3700 series router In addition, complete the following URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml RFCs • RFC 2284, PPP Extensible Authentication Protocol (EAP) Prerequisites...
User Guide
Page 47
... command. interface}] Selects the range of interfaces, use the interface range command in global configuration mode: Step 1 Command Purpose Router(config)# interface range {vlan vlan-id vlan-id} | {{ethernet | fastethernet | macro macro-name} slot/interface - 16- and ...36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks • Configuring Power Management on the Interface, page 98 • Configuring IP Multicast Layer 3 Switching,...
... command. interface}] Selects the range of interfaces, use the interface range command in global configuration mode: Step 1 Command Purpose Router(config)# interface range {vlan vlan-id vlan-id} | {{ethernet | fastethernet | macro macro-name} slot/interface - 16- and ...36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks • Configuring Power Management on the Interface, page 98 • Configuring IP Multicast Layer 3 Switching,...