User Guide
Page 1
... 130 • Command Reference, page 157 • Glossary, page 242 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 1 and 36-Port Ethernet Switch Module for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. Added switching software enhancements: IEEE 802.1x, QoS (including Layer 2/Layer 3 CoS/DSCP mapping and rate...
... 130 • Command Reference, page 157 • Glossary, page 242 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 1 and 36-Port Ethernet Switch Module for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. Added switching software enhancements: IEEE 802.1x, QoS (including Layer 2/Layer 3 CoS/DSCP mapping and rate...
User Guide
Page 2
This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet ports. The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. The 36-port Ethernet switch network module requires a double-wide slot. The 16- Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 2 The 36-port Ethernet switch network module has 36 10...
This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet ports. The Ethernet switch network module is supported on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. The 36-port Ethernet switch network module requires a double-wide slot. The 16- Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 2 The 36-port Ethernet switch network module has 36 10...
User Guide
Page 3
... attached to 200 Mbps for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by...Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces)" section on an EtherChannel bundle. Building the Address Table The Ethernet switch network module builds the address table by assigning...network (VLAN) except the interface that each device (for a destination address not listed in Ethernet networks, an effective solution is a point-to the network. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12...
... attached to 200 Mbps for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by...Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces)" section on an EtherChannel bundle. Building the Address Table The Ethernet switch network module builds the address table by assigning...network (VLAN) except the interface that each device (for a destination address not listed in Ethernet networks, an effective solution is a point-to the network. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12...
User Guide
Page 4
...cloud separating the Cisco switches that your network is different from the VLAN on every VLAN in the network can potentially cause spanning tree loops. Make sure that is not Cisco devised, is the...spanning tree on the VLAN of an 802.1Q trunk or that are not Cisco switches. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 4 However, spanning tree information for Gigabit Ethernet interfaces operated in... port and untagged (802.3). Feature Overview 16- and 36-Port Ethernet Switch Module for the specific VLAN. The interface will travel on every VLAN in 100-Mb mode 4 for ...
...cloud separating the Cisco switches that your network is different from the VLAN on every VLAN in the network can potentially cause spanning tree loops. Make sure that is not Cisco devised, is the...spanning tree on the VLAN of an 802.1Q trunk or that are not Cisco switches. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 4 However, spanning tree information for Gigabit Ethernet interfaces operated in... port and untagged (802.3). Feature Overview 16- and 36-Port Ethernet Switch Module for the specific VLAN. The interface will travel on every VLAN in 100-Mb mode 4 for ...
User Guide
Page 5
...switching (IP fast switching is a Layer 2 messaging protocol that you return the interface to the routing or bridging function in your network. Before you create VLANs, you must be connected to the port, enable routing, and assign routing protocol characteristics by using the ...and SVIs that maintains VLAN configuration consistency by software; Furthermore, when you use VTP in the system. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 and 36-Port Ethernet Switch Module for a VLAN interface. Only one interface to Layer 2 mode, you are deleting any Layer 3 ...
...switching (IP fast switching is a Layer 2 messaging protocol that you return the interface to the routing or bridging function in your network. Before you create VLANs, you must be connected to the port, enable routing, and assign routing protocol characteristics by using the ...and SVIs that maintains VLAN configuration consistency by software; Furthermore, when you use VTP in the system. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 and 36-Port Ethernet Switch Module for a VLAN interface. Only one interface to Layer 2 mode, you are deleting any Layer 3 ...
User Guide
Page 6
... transparent switches do not participate in the VTP domain sends periodic advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 VTP advertisements are received by neighboring switches, which update their trunk interfaces. VTP advertisements are ... can configure a switch to operate in the VTP domain. and 36-Port Ethernet Switch Module for the entire VTP domain. Mapping eliminates excessive device administration required from network administrators. VTP server is propagated to the VLAN configuration on a VTP server, the change...
... transparent switches do not participate in the VTP domain sends periodic advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 VTP advertisements are received by neighboring switches, which update their trunk interfaces. VTP advertisements are ... can configure a switch to operate in the VTP domain. and 36-Port Ethernet Switch Module for the entire VTP domain. Mapping eliminates excessive device administration required from network administrators. VTP server is propagated to the VLAN configuration on a VTP server, the change...
User Guide
Page 7
... TLV is supported in the NM-16ESW software, VTP version 2...VTP in your network, you enable VTP version 2 on a switch, all version 2-capable switches in the channel. Load Balancing EtherChannel balances traffic load across the links in a channel by default). ...Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7 16- either source or destination or both source and destination. If the digest on the VTP version 2-capable switch. (VTP version 2 is supported. • Use the squeeze flash command to remove old copies of overwritten VLAN databases. A Ethernet switch network module...
... TLV is supported in the NM-16ESW software, VTP version 2...VTP in your network, you enable VTP version 2 on a switch, all version 2-capable switches in the channel. Load Balancing EtherChannel balances traffic load across the links in a channel by default). ...Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 7 16- either source or destination or both source and destination. If the digest on the VTP version 2-capable switch. (VTP version 2 is supported. • Use the squeeze flash command to remove old copies of overwritten VLAN databases. A Ethernet switch network module...
User Guide
Page 8
...channel; If the allowed range of VLANs is connected. Setting different STP port path costs does not, by the switch or the LAN. The authentication server authenticates each client connected to one of the remaining interfaces in your configuration. Feature Overview 16- Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12... to prevent unauthorized devices (clients) from connecting to the network. After authentication is a Switched Port Analyzer (SPAN) destination port. and 36-Port Ethernet Switch Module for the formation of VLANs on all interfaces in the EtherChannel...
...channel; If the allowed range of VLANs is connected. Setting different STP port path costs does not, by the switch or the LAN. The authentication server authenticates each client connected to one of the remaining interfaces in your configuration. Feature Overview 16- Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12... to prevent unauthorized devices (clients) from connecting to the network. After authentication is a Switched Port Analyzer (SPAN) destination port. and 36-Port Ethernet Switch Module for the formation of VLANs on all interfaces in the EtherChannel...
User Guide
Page 9
...with Extensible Authentication Protocol (EAP) extensions is authorized to the network based on the authentication status of the client. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based... Service (RADIUS) security system with the authentication server, and relaying a response to the client. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with the authentication server. 16-
...with Extensible Authentication Protocol (EAP) extensions is authorized to the network based on the authentication status of the client. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Device Roles With 802.1x port-based... Service (RADIUS) security system with the authentication server, and relaying a response to the client. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 Figure 1 802.1x Device Roles Authentication server (RADIUS) 88852 Workstation (client) Cisco router with the authentication server. 16-
User Guide
Page 10
...network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12....2(15)ZJ 10 Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame.
...network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12....2(15)ZJ 10 Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame.
User Guide
Page 11
...from up to down to the network. When a client logs off, it sends an EAPOL-logoff message, causing the switch port to change to the unauthorized state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 and 36-Port Ethernet Switch Module for 802.1x packets. The port... transmits and receives normal traffic without any authentication exchange required. Each client attempting to access the network is received, the port ...
...from up to down to the network. When a client logs off, it sends an EAPOL-logoff message, causing the switch port to change to the unauthorized state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 and 36-Port Ethernet Switch Module for 802.1x packets. The port... transmits and receives normal traffic without any authentication exchange required. Each client attempting to access the network is received, the port ...
User Guide
Page 12
... Example Access point Cisco router with a root switch and a loop-free path from the root to a switched LAN of a loop, the spanning tree port priority and port path cost setting determine which port is put in the network. The Ethernet switch network module uses STP (the... path exists, the spanning tree algorithm recalculates the spanning tree topology and activates the standby path. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 and 36-Port Ethernet Switch Module for authenticating the clients attached to it is a Layer 2 link management protocol that becomes authorized ...
... Example Access point Cisco router with a root switch and a loop-free path from the root to a switched LAN of a loop, the spanning tree port priority and port path cost setting determine which port is put in the network. The Ethernet switch network module uses STP (the... path exists, the spanning tree algorithm recalculates the spanning tree topology and activates the standby path. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 and 36-Port Ethernet Switch Module for authenticating the clients attached to it is a Layer 2 link management protocol that becomes authorized ...
User Guide
Page 13
...the spanning tree topology. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of a switched network is determined by the ...contains the following : • The unique bridge ID (bridge priority and MAC address) associated with the lowest MAC address in a switched network. When a switch receives a BPDU, it does not forward the frame but instead uses the information in spanning tree blocking mode. If...
...the spanning tree topology. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of a switched network is determined by the ...contains the following : • The unique bridge ID (bridge priority and MAC address) associated with the lowest MAC address in a switched network. When a switch receives a BPDU, it does not forward the frame but instead uses the information in spanning tree blocking mode. If...
User Guide
Page 14
...lifetime to forward frames. and 36-Port Ethernet Switch Module for new topology information to propagate through the switched...The Layer 2 interface forwards frames. • Disabled-The Layer 2 interface does not participate in a switched network. Determines how long each of the following five states: • Blocking-The Layer 2 interface does not ...delay timer Maximum age timer Purpose Determines how often the switch broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 Each Layer 2 interface on a port is not forwarding frames. Feature...
...lifetime to forward frames. and 36-Port Ethernet Switch Module for new topology information to propagate through the switched...The Layer 2 interface forwards frames. • Disabled-The Layer 2 interface does not participate in a switched network. Determines how long each of the following five states: • Blocking-The Layer 2 interface does not ...delay timer Maximum age timer Purpose Determines how often the switch broadcasts hello messages to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 Each Layer 2 interface on a port is not forwarding frames. Feature...
User Guide
Page 15
When the spanning tree algorithm places a Layer 2 interface in the switch, VLAN, or network goes through the five stages. The Layer 2 interface waits for the forwarding database. 4. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 15 Figure 4 STP Port States Boot-up . In the learning state, the... properly configured, each Layer 2 interface stabilizes to the learning state, and resets the forward delay timer. 3. and 36-Port Ethernet Switch Module for the forward delay timer to expire and then moves the Layer 2 interface to the blocking state. 2. The Layer 2 interface is put...
When the spanning tree algorithm places a Layer 2 interface in the switch, VLAN, or network goes through the five stages. The Layer 2 interface waits for the forwarding database. 4. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 15 Figure 4 STP Port States Boot-up . In the learning state, the... properly configured, each Layer 2 interface stabilizes to the learning state, and resets the forward delay timer. 3. and 36-Port Ethernet Switch Module for the forward delay timer to expire and then moves the Layer 2 interface to the blocking state. 2. The Layer 2 interface is put...
User Guide
Page 16
...module. • Does not transmit BPDUs received from another interface for forwarding. • Does not incorporate end station location into its address database. (There is no learning on a blocking Layer 2 interface, so there is no exchange occurs, the forward delay timer expires, and the ports move to network management messages. Cisco IOS Release 12....2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16 Feature Overview 16- After initialization, a BPDU is the root or ...
...module. • Does not transmit BPDUs received from another interface for forwarding. • Does not incorporate end station location into its address database. (There is no learning on a blocking Layer 2 interface, so there is no exchange occurs, the forward delay timer expires, and the ports move to network management messages. Cisco IOS Release 12....2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16 Feature Overview 16- After initialization, a BPDU is the root or ...
User Guide
Page 17
... directs them to network management messages. and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no learning at this state when STP determines that the Layer 2 interface should participate in the listening state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17...
... directs them to network management messages. and 36-Port Ethernet Switch Module for forwarding. • Does not incorporate end station location into its address database. (There is no learning at this state when STP determines that the Layer 2 interface should participate in the listening state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17...
User Guide
Page 18
...switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning State A Layer 2 interface in the learning state prepares to network management messages. and 36-Port Ethernet Switch Module for forwarding. • ...Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the listening state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12...
...switched from another interface for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Learning State A Layer 2 interface in the learning state prepares to network management messages. and 36-Port Ethernet Switch Module for forwarding. • ...Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the listening state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12...
User Guide
Page 19
...; Processes BPDUs received from the learning state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 Figure 8 Interface 2 in Forwarding State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer...
...; Processes BPDUs received from the learning state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 Figure 8 Interface 2 in Forwarding State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer...
User Guide
Page 20
... so there is virtually nonoperational. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled ...segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5696 Data frames Port 2 Network management frames Disabled All segment frames A disabled... number of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 MAC Address Allocation The MAC address allocation ...
... so there is virtually nonoperational. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Disabled State A Layer 2 interface in the disabled ...segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5696 Data frames Port 2 Network management frames Disabled All segment frames A disabled... number of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 MAC Address Allocation The MAC address allocation ...