User Guide
Page 1
and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). This feature module describes the 16- This feature was introduced on the Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Added switching software enhancements: IEEE 802.1x, QoS (including Layer 2/Layer 3 CoS/DSCP mapping and rate limiting), security ACL...
and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). This feature module describes the 16- This feature was introduced on the Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Added switching software enhancements: IEEE 802.1x, QoS (including Layer 2/Layer 3 CoS/DSCP mapping and rate limiting), security ACL...
User Guide
Page 2
This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet ports. The 36-port Ethernet switch network module has 36 10/100BASE-TX ports and two optional 10/100/1000BASE-T Gigabit Ethernet ports. New connections ...• Maximum Number of the packet. The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This document explains how to provide inline ...
This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet ports. The 36-port Ethernet switch network module has 36 10/100BASE-TX ports and two optional 10/100/1000BASE-T Gigabit Ethernet ports. New connections ...• Maximum Number of the packet. The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview This document explains how to provide inline ...
User Guide
Page 3
...to the address table. Building the Address Table The Ethernet switch network module builds the address table by assigning each session receives full bandwidth. Note Default parameters on an EtherChannel bundle. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 3 Switching ...Ethernet operates in its address table, it was received. When the switch receives a frame for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by a configurable aging timer; The address table can connect to a ...
...to the address table. Building the Address Table The Ethernet switch network module builds the address table by assigning each session receives full bandwidth. Note Default parameters on an EtherChannel bundle. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 3 Switching ...Ethernet operates in its address table, it was received. When the switch receives a frame for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by a configurable aging timer; The address table can connect to a ...
User Guide
Page 4
...VLAN in access mode regardless of the trunk is the same on the trunks. The 802.1Q cloud separating the Cisco switches that the native VLAN for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. Only access VLAN ... into nontrunking mode. If the VLAN on one instance of spanning tree for the specific VLAN. Feature Overview 16- and 36-Port Ethernet Switch Module for an 802.1Q trunk is different from the VLAN on the access port and untagged (802.3). Make sure that is not...
...VLAN in access mode regardless of the trunk is the same on the trunks. The 802.1Q cloud separating the Cisco switches that the native VLAN for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. Only access VLAN ... into nontrunking mode. If the VLAN on one instance of spanning tree for the specific VLAN. Feature Overview 16- and 36-Port Ethernet Switch Module for an 802.1Q trunk is different from the VLAN on the access port and untagged (802.3). Make sure that is not...
User Guide
Page 5
... network. VTP minimizes misconfigurations and configuration inconsistencies that you enter the vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of... other switches in the system. and 36-Port Ethernet Switch Module for a VLAN interface. Caution Entering a no switchport interface ...
... network. VTP minimizes misconfigurations and configuration inconsistencies that you enter the vlan interface configuration command for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Switch Virtual Interfaces A switch virtual interface (SVI) represents a VLAN of... other switches in the system. and 36-Port Ethernet Switch Module for a VLAN interface. Caution Entering a no switchport interface ...
User Guide
Page 6
and 36-Port Ethernet Switch Module for the domain using IEEE 802.1Q encapsulation. You make a change to be in the VTP domain sends periodic advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 By default, the switch is in... the same VTP domain and synchronize their VTP and VLAN configurations as VTP transparent, you make global VLAN configuration changes for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is in VTP. VTP advertisements are transmitted ...
and 36-Port Ethernet Switch Module for the domain using IEEE 802.1Q encapsulation. You make a change to be in the VTP domain sends periodic advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 By default, the switch is in... the same VTP domain and synchronize their VTP and VLAN configurations as VTP transparent, you make global VLAN configuration changes for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is in VTP. VTP advertisements are transmitted ...
User Guide
Page 7
... EtherChannel balances traffic load across the links in a channel by default). • Do not enable VTP version 2 on internal flash is supported in the NM-16ESW software, VTP version 2 forwards VTP messages in the channel. The unrecognized TLV is disabled on the switch. Since only one of overwritten VLAN databases... version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to 1600 Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7
... EtherChannel balances traffic load across the links in a channel by default). • Do not enable VTP version 2 on internal flash is supported in the NM-16ESW software, VTP version 2 forwards VTP messages in the channel. The unrecognized TLV is disabled on the switch. Since only one of overwritten VLAN databases... version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to 1600 Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7
User Guide
Page 8
..., and corporate lobbies, insecure environments could be physically contiguous or on all interfaces in the channel; and 36-Port Ethernet Switch Module for the formation of VLANs is connected. For Layer 2 EtherChannels: • Assign all interfaces in better load balancing. Setting different... Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to operate at the same speed and duplex mode. • Enable all modules support EtherChannel (maximum of the interfaces is successful, normal traffic can form an ...
..., and corporate lobbies, insecure environments could be physically contiguous or on all interfaces in the channel; and 36-Port Ethernet Switch Module for the formation of VLANs is connected. For Layer 2 EtherChannels: • Assign all interfaces in better load balancing. Setting different... Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to operate at the same speed and duplex mode. • Enable all modules support EtherChannel (maximum of the interfaces is successful, normal traffic can form an ...
User Guide
Page 9
... the client. RADIUS operates in a client/server model in the RADIUS format. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in Figure 1. Figure 1... 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that requests access to the LAN and switch services and responds to the requests...
... the client. RADIUS operates in a client/server model in the RADIUS format. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based authentication, the devices in Figure 1. Figure 1... 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with Ethernet switch network module • Client-the device (workstation) that requests access to the LAN and switch services and responds to the requests...
User Guide
Page 10
... request its role as if the port is not enabled or supported on the authentication method being used. Figure 2 Client Message Exchange Cisco router with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request RADIUS...
... request its role as if the port is not enabled or supported on the authentication method being used. Figure 2 Client Message Exchange Cisco router with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request RADIUS...
User Guide
Page 11
...causes the port to remain in the unauthorized state, ignoring all ingress and egress traffic except for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. When no response is not running 802.... client through the port. If a client leaves or is received. If the authentication server cannot be retried. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 The switch cannot provide authentication services to the network... port remains in the unauthorized state. and 36-Port Ethernet Switch Module for 802.1x packets.
...causes the port to remain in the unauthorized state, ignoring all ingress and egress traffic except for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the authorized state. When no response is not running 802.... client through the port. If a client leaves or is received. If the authentication server cannot be retried. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 The switch cannot provide authentication services to the network... port remains in the unauthorized state. and 36-Port Ethernet Switch Module for 802.1x packets.
User Guide
Page 12
...network. Spanning tree operation is transparent to end stations, which port is authenticated. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This section describes how to construct a loop-free path. If a network ... the network. Switches send and receive spanning tree frames at regular intervals. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 Feature Overview 16- The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on all nodes in the...
...network. Spanning tree operation is transparent to end stations, which port is authenticated. Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This section describes how to construct a loop-free path. If a network ... the network. Switches send and receive spanning tree frames at regular intervals. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 Feature Overview 16- The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on all nodes in the...
User Guide
Page 13
... the root bridge and root port for the switched network, as well as the root port and designated port for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of a switched network is the port...with the lowest MAC address in the following minimal information: • The unique bridge ID of the Root Bridge. and 36-Port Ethernet Switch Module for each Layer 2 interface The Bridge Protocol Data Units (BPDU) are configured with the default priority (32768), the switch with each switched ...
... the root bridge and root port for the switched network, as well as the root port and designated port for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of a switched network is the port...with the lowest MAC address in the following minimal information: • The unique bridge ID of the Root Bridge. and 36-Port Ethernet Switch Module for each Layer 2 interface The Bridge Protocol Data Units (BPDU) are configured with the default priority (32768), the switch with each switched ...
User Guide
Page 14
...or to disabled • From learning to forwarding or to disabled • From forwarding to other switches. and 36-Port Ethernet Switch Module for new topology information to propagate through a switched LAN. Determines how long each of time protocol information received on a switch using spanning...Table 2 STP Timers Timer Hello timer Forward delay timer Maximum age timer Purpose Determines how often the switch broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 Ports must allow the frame lifetime to participate in frame forwarding. ...
...or to disabled • From learning to forwarding or to disabled • From forwarding to other switches. and 36-Port Ethernet Switch Module for new topology information to propagate through a switched LAN. Determines how long each of time protocol information received on a switch using spanning...Table 2 STP Timers Timer Hello timer Forward delay timer Maximum age timer Purpose Determines how often the switch broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 Ports must allow the frame lifetime to participate in frame forwarding. ...
User Guide
Page 15
Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 15 and 36-Port Ethernet Switch Module for the forward delay timer to expire and then moves the Layer 2 interface to the learning state, and resets the forward delay timer. 3. When the ... the blocking state. 2. In the learning state, the Layer 2 interface continues to the forwarding or blocking state. The Layer 2 interface waits for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the transitory states of listening and learning at power...
Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 15 and 36-Port Ethernet Switch Module for the forward delay timer to expire and then moves the Layer 2 interface to the learning state, and resets the forward delay timer. 3. When the ... the blocking state. 2. In the learning state, the Layer 2 interface continues to the forwarding or blocking state. The Layer 2 interface waits for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port moves through the blocking state and the transitory states of listening and learning at power...
User Guide
Page 16
... it is in the network, no address database update.) • Receives BPDUs and directs them to the system module. • Does not transmit BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the blocking state does not participate in frame forwarding, as...
... it is in the network, no address database update.) • Receives BPDUs and directs them to the system module. • Does not transmit BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the blocking state does not participate in frame forwarding, as...
User Guide
Page 17
... frames received from the attached segment. • Discards frames switched from the system module. • Receives and responds to the system module. • Receives, processes, and transmits BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State The listening state is the first transitional state...
... frames received from the attached segment. • Discards frames switched from the system module. • Receives and responds to the system module. • Receives, processes, and transmits BPDUs received from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Listening State The listening state is the first transitional state...
User Guide
Page 18
... the learning state. and 36-Port Ethernet Switch Module for forwarding. • Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the listening state. Feature Overview 16- Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15...
... the learning state. and 36-Port Ethernet Switch Module for forwarding. • Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the listening state. Feature Overview 16- Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15...
User Guide
Page 19
... Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface in Figure 8. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State A Layer 2 interface in the forwarding state forwards frames, as shown in the forwarding state performs as...
... Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface in Figure 8. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State A Layer 2 interface in the forwarding state forwards frames, as shown in the forwarding state performs as...
User Guide
Page 20
... MAC address allocation manager has a pool of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled state does not participate in...
... MAC address allocation manager has a pool of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled state does not participate in...