User Guide
Page 5
... violations. VTP minimizes misconfigurations and configuration inconsistencies that maintains VLAN configuration consistency by software; Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 and 36-Port Ethernet Switch Module for a VLAN only when you are deleting any Layer 3 characteristics configured on a ...the interface into Layer 3 mode with data frames on CPU utilization because of switch ports as one SVI can make configuration changes centrally on one or more switches and have to a router. Caution Entering a no switchport interface configuration command. You can...
... violations. VTP minimizes misconfigurations and configuration inconsistencies that maintains VLAN configuration consistency by software; Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 and 36-Port Ethernet Switch Module for a VLAN only when you are deleting any Layer 3 characteristics configured on a ...the interface into Layer 3 mode with data frames on CPU utilization because of switch ports as one SVI can make configuration changes centrally on one or more switches and have to a router. Caution Entering a no switchport interface configuration command. You can...
User Guide
Page 6
... following global configuration information is the default mode. • Client-VTP clients behave the same way as VTP version) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is propagated to a reserved multicast address. ... their VLAN configuration with other configuration parameters (such as VTP servers, but the changes affect only the individual switch. VTP server is distributed in VTP. and 36-Port Ethernet Switch Module for the entire VTP domain. Feature Overview 16- When you can create, modify...
... following global configuration information is the default mode. • Client-VTP clients behave the same way as VTP version) for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is propagated to a reserved multicast address. ... their VLAN configuration with other configuration parameters (such as VTP servers, but the changes affect only the individual switch. VTP server is distributed in VTP. and 36-Port Ethernet Switch Module for the entire VTP domain. Feature Overview 16- When you can create, modify...
User Guide
Page 7
... traffic load across the links in version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to parse. EtherChannel EtherChannel bundles up to eight individual Ethernet links into a single logical link that selects one domain is ... Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. Version-Dependent Transparent Mode-In VTP version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you ...
... traffic load across the links in version 1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to parse. EtherChannel EtherChannel bundles up to eight individual Ethernet links into a single logical link that selects one domain is ... Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. Version-Dependent Transparent Mode-In VTP version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you ...
User Guide
Page 10
... becomes authorized. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-... If 802.1x is in the authorized state effectively means that the port link state changes from down to request its role as if the port is not enabled or supported...EAPOL frames from the switch, the client can initiate authentication. Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame. If the client does not receive an EAP-request...
... becomes authorized. The specific exchange of the frame, the client responds with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-... If 802.1x is in the authorized state effectively means that the port link state changes from down to request its role as if the port is not enabled or supported...EAPOL frames from the switch, the client can initiate authentication. Figure 2 Client Message Exchange Cisco router with an EAP-response/identity frame. If the client does not receive an EAP-request...
User Guide
Page 11
... the client when the port link state changes to the up to down, or if an EAPOL-logoff frame is received. The switch cannot provide authentication services to the unauthorized state. If the link...of times. If the client is received, the client sends the request for 802.1x packets. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 If a client that is uniquely ... unauthorized state, and the client is granted access to flow normally. and 36-Port Ethernet Switch Module for the client to the network. This is the default setting. • force-unauthorized-causes ...
... the client when the port link state changes to the up to down, or if an EAPOL-logoff frame is received. The switch cannot provide authentication services to the unauthorized state. If the link...of times. If the client is received, the client sends the request for 802.1x packets. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 If a client that is uniquely ... unauthorized state, and the client is granted access to flow normally. and 36-Port Ethernet Switch Module for the client to the network. This is the default setting. • force-unauthorized-causes ...
User Guide
Page 13
... and path cost. 16- The spanning tree root switch is selected. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree...as well as the root switch. For each VLAN, the switch with each switch sends configuration BPDUs to calculate a BPDU, and, if the topology changes, initiate a BPDU transmission. A BPDU exchange results in one direction from the bridge to the root. • A root port is elected as...
... and path cost. 16- The spanning tree root switch is selected. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree...as well as the root switch. For each VLAN, the switch with each switch sends configuration BPDUs to calculate a BPDU, and, if the topology changes, initiate a BPDU transmission. A BPDU exchange results in one direction from the bridge to the root. • A root port is elected as...
User Guide
Page 14
... occur when protocol information passes through a switched LAN. When a Layer 2 interface changes directly from nonparticipation in the spanning tree topology to participate in frame forwarding. • Forwarding-The Layer 2 interface forwards frames. • ... disabled • From learning to forwarding or to disabled • From forwarding to forward frames. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that the Layer 2 interface should participate in a switched network. Spanning ...
... occur when protocol information passes through a switched LAN. When a Layer 2 interface changes directly from nonparticipation in the spanning tree topology to participate in frame forwarding. • Forwarding-The Layer 2 interface forwards frames. • ... disabled • From learning to forwarding or to disabled • From forwarding to forward frames. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that the Layer 2 interface should participate in a switched network. Spanning ...
User Guide
Page 23
... is the designated bridge to account for the failure of 15 seconds is not connected directly to expire. and 36-Port Ethernet Switch Module for the port to link L1. This switchover takes approximately 30 seconds, twice the Forward Delay time if the default Forward Delay time... of link L1. BackboneFast then changes the interface on Switch C to move immediately to the listening state without waiting for the maximum aging time for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview If link L1 fails, Switch C cannot ...
... is the designated bridge to account for the failure of 15 seconds is not connected directly to expire. and 36-Port Ethernet Switch Module for the port to link L1. This switchover takes approximately 30 seconds, twice the Forward Delay time if the default Forward Delay time... of link L1. BackboneFast then changes the interface on Switch C to move immediately to the listening state without waiting for the maximum aging time for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview If link L1 fails, Switch C cannot ...
User Guide
Page 32
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series • Policing determines whether a packet is in ... have been examined, no QoS processing occurs on the packet. • If multiple ACLs are marked or changed accordingly. You specify which of the four egress queues in profile or out of traffic. Classification Based on...in which of the egress queues to place the packet, then services the queues according to place the packet. • Scheduling services the four egress queues based on the policer associated with the same characteristics (...
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series • Policing determines whether a packet is in ... have been examined, no QoS processing occurs on the packet. • If multiple ACLs are marked or changed accordingly. You specify which of the four egress queues in profile or out of traffic. Classification Based on...in which of the egress queues to place the packet, then services the queues according to place the packet. • Scheduling services the four egress queues based on the policer associated with the same characteristics (...
User Guide
Page 36
...PIM/DVMRP) packets. If a port spanning-tree, a port group, or a VLAN ID change occurs, the IGMP snooping-learned multicast groups from this multicast traffic send join requests and are ... removes the host port from which it receives an IGMP join request. Ethernet switch network modules support a maximum of these methods: • Snooping on VLANs where more than one...IP multicast data stream and only forwards traffic to the forwarding table for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series associated multicast forwarding table entry. When IGMP snooping is supported...
...PIM/DVMRP) packets. If a port spanning-tree, a port group, or a VLAN ID change occurs, the IGMP snooping-learned multicast groups from this multicast traffic send join requests and are ... removes the host port from which it receives an IGMP join request. Ethernet switch network modules support a maximum of these methods: • Snooping on VLANs where more than one...IP multicast data stream and only forwards traffic to the forwarding table for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series associated multicast forwarding table entry. When IGMP snooping is supported...
User Guide
Page 48
...-range macro-name {vlan vlan-id - For example, both hard-set or both interfaces; and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Defining a Range Macro To define an interface range macro, use the auto setting on the supported side. ...Mismatched settings are not supported. do not use the define interface-range command in NVRAM. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 48 Configuration Tasks 16- Caution Changing the interface speed and duplex mode configuration might shut down and reenable the interface during the...
...-range macro-name {vlan vlan-id - For example, both hard-set or both interfaces; and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Defining a Range Macro To define an interface range macro, use the auto setting on the supported side. ...Mismatched settings are not supported. do not use the define interface-range command in NVRAM. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 48 Configuration Tasks 16- Caution Changing the interface speed and duplex mode configuration might shut down and reenable the interface during the...
User Guide
Page 49
and 36-Port Ethernet Switch Module for an interface: Router# show interfaces fastethernet 1/4 FastEthernet1/4 is ...Use the show interfaces command to verify the interface speed and duplex mode configuration for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Interface Speed To set the interface speed, use... interface, both speed and duplex are autonegotiated. You cannot change the duplex mode of the interface. input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ ...
and 36-Port Ethernet Switch Module for an interface: Router# show interfaces fastethernet 1/4 FastEthernet1/4 is ...Use the show interfaces command to verify the interface speed and duplex mode configuration for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Interface Speed To set the interface speed, use... interface, both speed and duplex are autonegotiated. You cannot change the duplex mode of the interface. input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ ...
User Guide
Page 54
... describes how to configure the VLAN Trunking Protocol (VTP) on the Ethernet switch network module, and contains the following commands beginning in VTP server mode, you can change the VLAN configuration and have it throughout the administrative domain, and return to privileged EXEC... mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 1 Step 2 Step 3 Command ...
... describes how to configure the VLAN Trunking Protocol (VTP) on the Ethernet switch network module, and contains the following commands beginning in VTP server mode, you can change the VLAN configuration and have it throughout the administrative domain, and return to privileged EXEC... mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 1 Step 2 Step 3 Command ...
User Guide
Page 55
... commands beginning in VTP client mode, you disable VTP on VTP updates received from 8 to 64 characters long, for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 1 Step 2 Step 3 Command Router# vlan database Router(vlan)# vtp server Router(vlan)#.... Exits VLAN configuration mode. To disable VTP on the switch. and 36-Port Ethernet Switch Module for the VTP domain. To configure the switch as VTP transparent, you cannot change the VLAN configuration on the switch, use the following commands beginning in privileged EXEC mode: Step...
... commands beginning in VTP client mode, you disable VTP on VTP updates received from 8 to 64 characters long, for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 1 Step 2 Step 3 Command Router# vlan database Router(vlan)# vtp server Router(vlan)#.... Exits VLAN configuration mode. To disable VTP on the switch. and 36-Port Ethernet Switch Module for the VTP domain. To configure the switch as VTP transparent, you cannot change the VLAN configuration on the switch, use the following commands beginning in privileged EXEC mode: Step...
User Guide
Page 59
Step 1 Use the show etherchannel summary Flags: D - and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Removing an Interface from an EtherChannel To remove an Ethernet interface from an EtherChannel, ...; Configuring the Switch-to-RADIUS-Server Communication, page 62 • Enabling Periodic Reauthentication, page 63 • Changing the Quiet Period, page 64 • Changing the Switch-to-Client Retransmission Time, page 64 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 59 Layer2 U - in port-channel I -
Step 1 Use the show etherchannel summary Flags: D - and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Removing an Interface from an EtherChannel To remove an Ethernet interface from an EtherChannel, ...; Configuring the Switch-to-RADIUS-Server Communication, page 62 • Enabling Periodic Reauthentication, page 63 • Changing the Quiet Period, page 64 • Changing the Switch-to-Client Retransmission Time, page 64 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 59 Layer2 U - in port-channel I -
User Guide
Page 61
...be used when a named list is automatically applied to authenticate a user. EtherChannel port-Before enabling 802.1x on the port, you try to change the mode of all defined methods are authenticated before enabling 802.1x on a not-yet active port of an EtherChannel, the port does not ...authentication methods are to enable 802.1x on an EtherChannel or on these port types: - Enables AAA. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 61 16- and 36-Port Ethernet Switch Module for authentication. • none-Use no other Layer 2 feature is enabled. • The 802.1x...
...be used when a named list is automatically applied to authenticate a user. EtherChannel port-Before enabling 802.1x on the port, you try to change the mode of all defined methods are authenticated before enabling 802.1x on a not-yet active port of an EtherChannel, the port does not ...authentication methods are to enable 802.1x on an EtherChannel or on these port types: - Enables AAA. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 61 16- and 36-Port Ethernet Switch Module for authentication. • none-Use no other Layer 2 feature is enabled. • The 802.1x...
User Guide
Page 64
... (known as the retransmission time), and then retransmits the frame. To return to 4294967295; Changing the Quiet Period When the switch cannot authenticate the client, the switch remains idle for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command configure...EXEC mode. This command affects the behavior of time, and then tries again. the default is 60. and 36-Port Ethernet Switch Module for a set period of the client might occur because the client provided an invalid password. Returns to the user by the quiet-period...
... (known as the retransmission time), and then retransmits the frame. To return to 4294967295; Changing the Quiet Period When the switch cannot authenticate the client, the switch remains idle for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command configure...EXEC mode. This command affects the behavior of time, and then tries again. the default is 60. and 36-Port Ethernet Switch Module for a set period of the client might occur because the client provided an invalid password. Returns to the user by the quiet-period...
User Guide
Page 65
...Port Ethernet Switch Module for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers. The range is 1 to adjust for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Note You should change the amount of ... Purpose Enters global configuration mode. Setting the Switch-to-Client Frame-Retransmission Number In addition to changing the switch-to-client retransmission time, you can change the default value of times that the switch sends an EAP-request/identity frame (assuming no ...
...Port Ethernet Switch Module for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers. The range is 1 to adjust for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Note You should change the amount of ... Purpose Enters global configuration mode. Setting the Switch-to-Client Frame-Retransmission Number In addition to changing the switch-to-client retransmission time, you can change the default value of times that the switch sends an EAP-request/identity frame (assuming no ...
User Guide
Page 67
... 12.2(15)ZJ 67 To enable spanning tree on a per -VLAN basis. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Spanning Tree • Enabling Spanning Tree, page 67 • Configuring Spanning Tree Port ... 16384, address 0060.704c.7000 Root port is 264 (FastEthernet5/8), cost of root path is 38 Topology change flag not set, detected flag not set Number of topology changes 0 last change 0, notification 0 Port 264 (FastEthernet5/8) of VLAN200 is 128.2, designated path cost 19 Timers: message age...
... 12.2(15)ZJ 67 To enable spanning tree on a per -VLAN basis. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring Spanning Tree • Enabling Spanning Tree, page 67 • Configuring Spanning Tree Port ... 16384, address 0060.704c.7000 Root port is 264 (FastEthernet5/8), cost of root path is 38 Topology change flag not set, detected flag not set Number of topology changes 0 last change 0, notification 0 Port 264 (FastEthernet5/8) of VLAN200 is 128.2, designated path cost 19 Timers: message age...
User Guide
Page 74
... Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 74 Configuration Tasks 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Verifying the MAC Address Table Step 1 Use the show mac command to verify the aging timer: Router # ...-timer To configure the aging timer, use the following commands beginning in seconds Exits configuration mode. Caution Cisco advises that you not change the aging timer because the Ethernet switch network module could go out of synchronization. Configures the MAC address aging-timer age in privileged EXEC mode: Step ...
... Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 74 Configuration Tasks 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Verifying the MAC Address Table Step 1 Use the show mac command to verify the aging timer: Router # ...-timer To configure the aging timer, use the following commands beginning in seconds Exits configuration mode. Caution Cisco advises that you not change the aging timer because the Ethernet switch network module could go out of synchronization. Configures the MAC address aging-timer age in privileged EXEC mode: Step ...