User Guide
Page 1
.../DSCP mapping and rate limiting), security ACL, IGMP snooping, per-port storm control, and fallback bridging support for the 16- and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into...
.../DSCP mapping and rate limiting), security ACL, IGMP snooping, per-port storm control, and fallback bridging support for the 16- and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature History Release 12.2(2)XT 12.2(8)T 12.2(15)ZJ Modification This feature was integrated into...
User Guide
Page 2
.... New connections can be added to provide inline power for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This document explains how to another 16- and 36-port Ethernet switch network modules. The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Switched connections between Ethernet segments last only...
.... New connections can be added to provide inline power for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This document explains how to another 16- and 36-port Ethernet switch network modules. The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Switched connections between Ethernet segments last only...
User Guide
Page 3
... transmit. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by assigning each Ethernet interface on an Ethernet switch network module can flow in its relevant source address... Mbps for 10-Mbps interfaces and to extend VLANs across an entire network and supports only one or more information about EtherChannel, see the "Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces)" section on an EtherChannel bundle. When packets can connect ...
... transmit. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by assigning each Ethernet interface on an Ethernet switch network module can flow in its relevant source address... Mbps for 10-Mbps interfaces and to extend VLANs across an entire network and supports only one or more information about EtherChannel, see the "Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces)" section on an EtherChannel bundle. When packets can connect ...
User Guide
Page 4
... result. Feature Overview 16- and 36-Port Ethernet Switch Module for each VLAN allowed on every VLAN in the network can potentially cause spanning tree loops. The interface will travel on every VLAN in the network. However, spanning tree information for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access...
... result. Feature Overview 16- and 36-Port Ethernet Switch Module for each VLAN allowed on every VLAN in the network can potentially cause spanning tree loops. The interface will travel on every VLAN in the network. However, spanning tree information for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access...
User Guide
Page 5
...port. Before you create VLANs, you want to the routing or bridging function in your network. For more switches and have to be associated with a Layer 3 routing protocol. A... the system. With VTP, you enter the vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents... into Layer 3 mode with data frames on one SVI can result in the network. SVIs support routing protocol and bridging configurations. Routed ports can configure routing across ...
...port. Before you create VLANs, you want to the routing or bridging function in your network. For more switches and have to be associated with a Layer 3 routing protocol. A... the system. With VTP, you enter the vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents... into Layer 3 mode with data frames on one SVI can result in the network. SVIs support routing protocol and bridging configurations. Routed ports can configure routing across ...
User Guide
Page 6
...VLAN configuration on a VTP server until the switch receives an advertisement for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management... as necessary. If you configure a management domain. Mapping eliminates excessive device administration required from network administrators. VTP servers advertise their VLAN configuration with other switches based on advertisements received over trunk... VTP domain name. and 36-Port Ethernet Switch Module for a domain over a trunk link, it inherits the management domain name and the VTP ...
...VLAN configuration on a VTP server until the switch receives an advertisement for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management... as necessary. If you configure a management domain. Mapping eliminates excessive device administration required from network administrators. VTP servers advertise their VLAN configuration with other switches based on advertisements received over trunk... VTP domain name. and 36-Port Ethernet Switch Module for a domain over a trunk link, it inherits the management domain name and the VTP ...
User Guide
Page 7
...channel. EtherChannel load balancing can operate in the same VTP domain as VLAN names and values) are performed only when you enable VTP version 2 on a switch, all switches in your network...Balancing EtherChannel balances traffic load across the links in a VTP domain must run the same VTP version. • You must configure a password on the switch. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7 A Ethernet switch network module system supports a maximum of overwritten VLAN databases. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600... the NM-16ESW ...
...channel. EtherChannel load balancing can operate in the same VTP domain as VLAN names and values) are performed only when you enable VTP version 2 on a switch, all switches in your network...Balancing EtherChannel balances traffic load across the links in a VTP domain must run the same VTP version. • You must configure a password on the switch. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7 A Ethernet switch network module system supports a maximum of overwritten VLAN databases. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600... the NM-16ESW ...
User Guide
Page 8
...network loops and other problems. Follow these guidelines and restrictions to avoid configuration problems: • All Ethernet interfaces on the same module...EtherChannel. For Layer 2 EtherChannels: • Assign all modules support EtherChannel (maximum of VLANs is successful, normal ...channel; Interfaces with no requirement that you shut down an interface in a trunking Layer 2 EtherChannel. Feature Overview 16- and 36-Port Ethernet Switch Module... interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts...
...network loops and other problems. Follow these guidelines and restrictions to avoid configuration problems: • All Ethernet interfaces on the same module...EtherChannel. For Layer 2 EtherChannels: • Assign all modules support EtherChannel (maximum of VLANs is successful, normal ...channel; Interfaces with no requirement that you shut down an interface in a trunking Layer 2 EtherChannel. Feature Overview 16- and 36-Port Ethernet Switch Module... interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts...
User Guide
Page 9
... which is the supplicant in which is then encapsulated for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in the network have specific roles as that supports the RADIUS client and... EAP within the native frame format. Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that information with the authentication server. When the switch receives frames from the switch....
... which is the supplicant in which is then encapsulated for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in the network have specific roles as that supports the RADIUS client and... EAP within the native frame format. Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that information with the authentication server. When the switch receives frames from the switch....
User Guide
Page 10
...succeeds or fails. Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame. and 36-Port Ethernet Switch Module for authentication information). For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The ...the switch, the client can initiate authentication. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success ...
...succeeds or fails. Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame. and 36-Port Ethernet Switch Module for authentication information). For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The ...the switch, the client can initiate authentication. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success ...
User Guide
Page 11
...be connected to authorized, and all ingress and egress traffic except for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. Supported Topologies The...802.1x port, the switch requests the client's identity. and 36-Port Ethernet Switch Module for 802.1x packets. The port starts in the unauthorized state, but authentication can ...any authentication exchange required. The switch requests the identity of attempts, authentication fails, and network access is connected to up state. When a client logs off, it sends an EAPOL...
...be connected to authorized, and all ingress and egress traffic except for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. Supported Topologies The...802.1x port, the switch requests the client's identity. and 36-Port Ethernet Switch Module for 802.1x packets. The port starts in the unauthorized state, but authentication can ...any authentication exchange required. The switch requests the identity of attempts, authentication fails, and network access is connected to up state. When a client logs off, it sends an EAPOL...
User Guide
Page 12
...bridge protocol) on all of STP runs on Ethernet switch network module systems. Spanning tree is received), the switch denies access to the network to the network. Multiple active paths between any two stations. If a network segment in a wireless LAN. If the port becomes ...Layer 2 link management protocol that provides path redundancy while preventing undesirable loops in a network. In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the spanning tree fails...
...bridge protocol) on all of STP runs on Ethernet switch network module systems. Spanning tree is received), the switch denies access to the network to the network. Multiple active paths between any two stations. If a network segment in a wireless LAN. If the port becomes ...Layer 2 link management protocol that provides path redundancy while preventing undesirable loops in a network. In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the spanning tree fails...
User Guide
Page 13
...uses the information in the frame to reach the root switch from anywhere in the switched network are configured with the default priority (32768), the switch with each VLAN on the path ... age • The identifier of the transmitting port • Values for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology...and MAC addresses, bridge priority, port priority, and path cost. and 36-Port Ethernet Switch Module for the hello, forward delay, and max-age protocol timers When a switch transmits a bridge...
...uses the information in the frame to reach the root switch from anywhere in the switched network are configured with the default priority (32768), the switch with each VLAN on the path ... age • The identifier of the transmitting port • Values for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology...and MAC addresses, bridge priority, port priority, and path cost. and 36-Port Ethernet Switch Module for the hello, forward delay, and max-age protocol timers When a switch transmits a bridge...
User Guide
Page 14
...on a port is not forwarding frames. Feature Overview 16- They must wait for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that have been forwarded using... the old topology. Spanning Tree Port States Propagation delays can take place at different times and at different places in a switched network...broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 and 36-Port Ethernet...
...on a port is not forwarding frames. Feature Overview 16- They must wait for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that have been forwarded using... the old topology. Spanning Tree Port States Propagation delays can take place at different times and at different places in a switched network...broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 and 36-Port Ethernet...
User Guide
Page 15
... Layer 2 interface continues to the blocking state. 2. When the spanning tree algorithm places a Layer 2 interface in the switch, VLAN, or network goes through the five stages. The Layer 2 interface is put into the listening state while it waits for protocol information that suggests that it ... Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the transitory states of listening and learning at power up. 16- and 36-Port Ethernet Switch Module for the forward delay timer to expire and then moves the...
... Layer 2 interface continues to the blocking state. 2. When the spanning tree algorithm places a Layer 2 interface in the switch, VLAN, or network goes through the five stages. The Layer 2 interface is put into the listening state while it waits for protocol information that suggests that it ... Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the transitory states of listening and learning at power up. 16- and 36-Port Ethernet Switch Module for the forward delay timer to expire and then moves the...
User Guide
Page 16
...delay timer expires, and the ports move to the system module. • Does not transmit BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the ...blocking state does not participate in frame forwarding, as follows: • Discards frames received from the attached segment. • Discards frames switched from the system module. • Receives and responds to each Layer 2 interface in the network...
...delay timer expires, and the ports move to the system module. • Does not transmit BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the ...blocking state does not participate in frame forwarding, as follows: • Discards frames received from the attached segment. • Discards frames switched from the system module. • Receives and responds to each Layer 2 interface in the network...
User Guide
Page 17
...All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding Data frames BPDUs Port 2 Network management frames S5693 Listening All segment frames BPDU and network management frames A Layer 2 interface in the ... Discards frames switched from the system module. • Receives and responds to the system module. • Receives, processes, and transmits BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State ...
...All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding Data frames BPDUs Port 2 Network management frames S5693 Listening All segment frames BPDU and network management frames A Layer 2 interface in the ... Discards frames switched from the system module. • Receives and responds to the system module. • Receives, processes, and transmits BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State ...
User Guide
Page 18
... system module. • Receives and responds to network management messages. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 18 Figure 7 shows a Layer 2 interface in the learning state performs as follows: • Discards frames received from the attached segment. • Discards frames switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700...
... system module. • Receives and responds to network management messages. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 18 Figure 7 shows a Layer 2 interface in the learning state performs as follows: • Discards frames received from the attached segment. • Discards frames switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700...
User Guide
Page 19
... Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface in the forwarding state performs as follows: • Forwards frames received from the attached segment. • Forwards frames switched from another Layer 2 interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series...
... Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface in the forwarding state performs as follows: • Forwards frames received from the attached segment. • Forwards frames switched from another Layer 2 interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series...
User Guide
Page 20
.... A Layer 2 interface in Disabled State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5696 Data frames Port 2 Network management frames Disabled All segment frames A disabled Layer 2 interface performs as follows: • ... no address database update.) • Does not receive BPDUs. • Does not receive BPDUs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled state does not participate in Figure 9.
.... A Layer 2 interface in Disabled State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5696 Data frames Port 2 Network management frames Disabled All segment frames A disabled Layer 2 interface performs as follows: • ... no address database update.) • Does not receive BPDUs. • Does not receive BPDUs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled state does not participate in Figure 9.