User Guide
Page 3
...-duplex communication. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of seconds, it was received. Because each device (for a specified number of users by all devices attached to the bandwidth. When stations on all other at least 8,191 address entries without flooding to all ports connect to a common backplane...
...-duplex communication. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of seconds, it was received. Because each device (for a specified number of users by all devices attached to the bandwidth. When stations on all other at least 8,191 address entries without flooding to all ports connect to a common backplane...
User Guide
Page 5
... vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. For more switches that share the same VTP domain name and that acts like a regular router interface, except that you return the interface to the routing or bridging function in your network. Routed Ports A routed port is connected. Routed ports support only CEF switching (IP...
... vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. For more switches that share the same VTP domain name and that acts like a regular router interface, except that you return the interface to the routing or bridging function in your network. Routed Ports A routed port is connected. Routed ports support only CEF switching (IP...
User Guide
Page 7
... version 2-capable. VTP version 2 supports the following features not supported in version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to its information is supported. • Use the squeeze flash command to remove old copies of overwritten VLAN databases. Consistency Checks-In VTP version 2, VLAN consistency checks (such as a switch running VTP version 1, provided that provides bandwidth of six EtherChannels. and 36-Port Ethernet Switch Module for the domain name and version, and forwards...
... version 2-capable. VTP version 2 supports the following features not supported in version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to its information is supported. • Use the squeeze flash command to remove old copies of overwritten VLAN databases. Consistency Checks-In VTP version 2, VLAN consistency checks (such as a switch running VTP version 1, provided that provides bandwidth of six EtherChannels. and 36-Port Ethernet Switch Module for the domain name and version, and forwards...
User Guide
Page 8
...range of VLANs is authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 After you configure an EtherChannel, configuration that restricts unauthorized devices from gaining access to a single MAC address, using source addresses or IP addresses may result in your configuration. As LANs extend to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
...range of VLANs is authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 After you configure an EtherChannel, configuration that restricts unauthorized devices from gaining access to a single MAC address, using source addresses or IP addresses may result in your configuration. As LANs extend to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
User Guide
Page 10
... requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by using the One-Time-Password (OTP) authentication method with an EAP-response/identity frame. If the client does not receive an EAP-request/identity frame after three attempts to request its role as if the port is not enabled or supported on the network access device, any...
... requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication Initiation and Message Exchange The switch or the client can initiate authentication by using the One-Time-Password (OTP) authentication method with an EAP-response/identity frame. If the client does not receive an EAP-request/identity frame after three attempts to request its role as if the port is not enabled or supported on the network access device, any...
User Guide
Page 11
... port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes the port to change to the network. In contrast, when an 802.1x-enabled client connects to a port that does not support 802.1x is successfully authenticated, the port changes to an unauthorized 802.1x port, the switch requests the client's identity. and 36-Port Ethernet Switch Module for 802.1x packets. The switch detects the client when the port link state changes...
... port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes the port to change to the network. In contrast, when an 802.1x-enabled client connects to a port that does not support 802.1x is successfully authenticated, the port changes to an unauthorized 802.1x port, the switch requests the client's identity. and 36-Port Ethernet Switch Module for 802.1x packets. The switch detects the client when the port link state changes...
User Guide
Page 12
... 12 and 36-Port Ethernet Switch Module for authenticating the clients attached to it, and the wireless access point acts as one active path can enable and disable STP on each configured VLAN (provided that provides path redundancy while preventing undesirable loops in a network. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to construct a loop-free path. Spanning tree operation is a Layer 2 link management protocol that...
... 12 and 36-Port Ethernet Switch Module for authenticating the clients attached to it, and the wireless access point acts as one active path can enable and disable STP on each configured VLAN (provided that provides path redundancy while preventing undesirable loops in a network. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to construct a loop-free path. Spanning tree operation is a Layer 2 link management protocol that...
User Guide
Page 24
... network traffic to -live, or hold CDP information before discarding it can enable or disable SPAN sessions with a set of neighboring devices. Specifying a trunk interface as a SPAN destination interface stops trunking on all Cisco routers, bridges, access servers, and switches. This feature enables applications to send SNMP queries to which indicates the length of time a receiving device should hold -time information, which SPAN sends packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco...
... network traffic to -live, or hold CDP information before discarding it can enable or disable SPAN sessions with a set of neighboring devices. Specifying a trunk interface as a SPAN destination interface stops trunking on all Cisco routers, bridges, access servers, and switches. This feature enables applications to send SNMP queries to which indicates the length of time a receiving device should hold -time information, which SPAN sends packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Cisco...
User Guide
Page 33
... . You should use the same user-defined mask or the same system-defined mask. When you can include setting a specific DSCP value in class maps with actions specified for the traffic by using the access-list global configuration command. If you further classify it to classify, you enter the class-map global configuration command, the switch enters the class-map configuration mode. and 36-port Ethernet switch network modules. •...
... . You should use the same user-defined mask or the same system-defined mask. When you can include setting a specific DSCP value in class maps with actions specified for the traffic by using the access-list global configuration command. If you further classify it to classify, you enter the class-map global configuration command, the switch enters the class-map configuration mode. and 36-port Ethernet switch network modules. •...
User Guide
Page 34
... traffic class. The trust DSCP configuration is 1 Mbps for 10/100 ports and 8 Mbps for packets that exceed the limits are in the incoming packet (configure the port to trust DSCP), and assign the same DSCP to an interface trust state. When configuring policing and policers, keep these marking options: • Use the port default. There is configurable. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series...
... traffic class. The trust DSCP configuration is 1 Mbps for 10/100 ports and 8 Mbps for packets that exceed the limits are in the incoming packet (configure the port to trust DSCP), and assign the same DSCP to an interface trust state. When configuring policing and policers, keep these marking options: • Use the port default. There is configurable. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series...
User Guide
Page 38
... for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module 1 CPU port Multicast Forwarding Table 88848 2 3 4 5 Host 1 Host 2 Host 3 Host 4 Table 8 Updated Multicast Forwarding Table Destination Address 0100.5e01.0203 Type of the interfaces. and 36-Port Ethernet Switch Module for that interface are interested in the network configuration can send a leave message. When hosts need to the VLAN. A LAN storm occurs when packets flood the LAN, creating excessive traffic and...
... for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module 1 CPU port Multicast Forwarding Table 88848 2 3 4 5 Host 1 Host 2 Host 3 Host 4 Table 8 Updated Multicast Forwarding Table Destination Address 0100.5e01.0203 Type of the interfaces. and 36-Port Ethernet Switch Module for that interface are interested in the network configuration can send a leave message. When hosts need to the VLAN. A LAN storm occurs when packets flood the LAN, creating excessive traffic and...
User Guide
Page 42
... bridge group. Use a bridge group for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially connecting multiple VLANs within the bridge group outside the switch on which runs on the BPDUs it is twofold: • To bridge all forwarding interfaces in the bridge group. Fallback bridging forwards traffic that is only necessary to configure an SVI for each separately bridged (topologically distinct) network connected to the switch. A VLAN bridge...
... bridge group. Use a bridge group for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially connecting multiple VLANs within the bridge group outside the switch on which runs on the BPDUs it is twofold: • To bridge all forwarding interfaces in the bridge group. Fallback bridging forwards traffic that is only necessary to configure an SVI for each separately bridged (topologically distinct) network connected to the switch. A VLAN bridge...
User Guide
Page 46
... Module for the Ethernet switch network module. • Configuring Layer 2 Interfaces, page 47 • Configuring VLANs, page 52 • Configuring VLAN Trunking Protocol, page 54 • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC Table Manipulation - Configuration Tasks See the following tasks before configuring this feature: • Configure IP routing For more information on IP routing, refer to the Cisco IOS IP Configuration Guide...
... Module for the Ethernet switch network module. • Configuring Layer 2 Interfaces, page 47 • Configuring VLANs, page 52 • Configuring VLAN Trunking Protocol, page 54 • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC Table Manipulation - Configuration Tasks See the following tasks before configuring this feature: • Configure IP routing For more information on IP routing, refer to the Cisco IOS IP Configuration Guide...
User Guide
Page 66
... Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to the network. Enters interface configuration mode, and specify the interface to which multiple hosts are denied access to the default values with a single command. Verifies your entries. (Optional) Saves your entries in the configuration file. To disable multiple hosts on an 802.1x-authorized port. and 36-Port Ethernet Switch Module for the switch, use the show dot1x copy running -config startup-config...
... Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to the network. Enters interface configuration mode, and specify the interface to which multiple hosts are denied access to the default values with a single command. Verifies your entries. (Optional) Saves your entries in the configuration file. To disable multiple hosts on an 802.1x-authorized port. and 36-Port Ethernet Switch Module for the switch, use the show dot1x copy running -config startup-config...
User Guide
Page 109
...receiving untagged traffic on the access VLAN. Router(config)# switchport voice vlan dot1p Configures the Cisco IP phone to send voice traffic with higher priority (CoS=5 on 802.1Q tag) on the port. Managing the Ethernet Switch Network Module This section describes how to limit the number of the following topics are not accepted. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for IP telephony. Leading...
...receiving untagged traffic on the access VLAN. Router(config)# switchport voice vlan dot1p Configures the Cisco IP phone to send voice traffic with higher priority (CoS=5 on 802.1Q tag) on the port. Managing the Ethernet Switch Network Module This section describes how to limit the number of the following topics are not accepted. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for IP telephony. Leading...
User Guide
Page 112
... traffic. Because the sound quality of names mapped to the host table. The following devices: • Port 1 connects to supply name information for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series IP defines a hierarchical naming scheme that IP identifies by default. This service is a commercial organization that allows a device to configure voice ports on IEEE 802.1p CoS. Configuration Tasks 16- The Cisco 7960 IP phone contains an integrated three-port 10/100 switch. For example, Cisco...
... traffic. Because the sound quality of names mapped to the host table. The following devices: • Port 1 connects to supply name information for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series IP defines a hierarchical naming scheme that IP identifies by default. This service is a commercial organization that allows a device to configure voice ports on IEEE 802.1p CoS. Configuration Tasks 16- The Cisco 7960 IP phone contains an integrated three-port 10/100 switch. For example, Cisco...
User Guide
Page 113
... Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring a Port to Connect to a Cisco 7960 IP phone Because a Cisco 7960 IP phone also supports connection to a PC or other device, a port connecting a Ethernet switch network module to forward all traffic through the 802.1Q native VLAN, use VLAN 0 (default native VLAN) to disable the detection mechanism. Displays the administrative and operational status of the port. If the switch senses that there is in privileged EXEC mode: Step 1 Step 2 Command Router# configure terminal Router(config)# interface...
... Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring a Port to Connect to a Cisco 7960 IP phone Because a Cisco 7960 IP phone also supports connection to a PC or other device, a port connecting a Ethernet switch network module to forward all traffic through the 802.1Q native VLAN, use VLAN 0 (default native VLAN) to disable the detection mechanism. Displays the administrative and operational status of the port. If the switch senses that there is in privileged EXEC mode: Step 1 Step 2 Command Router# configure terminal Router(config)# interface...
User Guide
Page 174
...: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. and 36-Port Ethernet Switch Module for a response to 5 before restarting the authentication process, use the dot1x max-req command in global configuration mode. Defaults The default is received) before restarting the authentication process: Switch(config)# dot1x max-req 5 You can verify your settings by entering the show dot1x Description Sets the number of seconds that no form of this command only to set the maximum number of times...
...: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. and 36-Port Ethernet Switch Module for a response to 5 before restarting the authentication process, use the dot1x max-req command in global configuration mode. Defaults The default is received) before restarting the authentication process: Switch(config)# dot1x max-req 5 You can verify your settings by entering the show dot1x Description Sets the number of seconds that no form of this command only to set the maximum number of times...
User Guide
Page 175
...: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. To return to allow multiple hosts (clients) on Fast Ethernet interface 0/1 and to the default setting, use the dot1x multiple-hosts command in interface configuration mode. 16- If the port becomes unauthorized (reauthentication fails, or an Extensible Authentication Protocol over LAN [EAPOL]-logoff message is received), all hosts to a single 802.1x-enabled port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 175 and 36-Port Ethernet Switch Module for...
...: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. To return to allow multiple hosts (clients) on Fast Ethernet interface 0/1 and to the default setting, use the dot1x multiple-hosts command in interface configuration mode. 16- If the port becomes unauthorized (reauthentication fails, or an Extensible Authentication Protocol over LAN [EAPOL]-logoff message is received), all hosts to a single 802.1x-enabled port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 175 and 36-Port Ethernet Switch Module for...
User Guide
Page 242
.... In QoS, a modification of the type of Service. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary 802.1d-IEEE standard for MAC bridges. 802.1p-IEEE standard for queuing and multicast support. 802.1q-IEEE standard for VLAN frame tagging. 802.1x-IEEE standard for voice, video, and integrated data. Used for established connections. BRI-Basic Rate Interface. CAC-connection admission control. Fields can be addresses, ports...
.... In QoS, a modification of the type of Service. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Glossary 802.1d-IEEE standard for MAC bridges. 802.1p-IEEE standard for queuing and multicast support. 802.1q-IEEE standard for VLAN frame tagging. 802.1x-IEEE standard for voice, video, and integrated data. Used for established connections. BRI-Basic Rate Interface. CAC-connection admission control. Fields can be addresses, ports...