User Guide
Page 1
... limiting), security ACL, IGMP snooping, per-port storm control, and fallback bridging support for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. This feature module describes the 16- and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). This feature was...
... limiting), security ACL, IGMP snooping, per-port storm control, and fallback bridging support for Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers in Cisco IOS Release 12.2(15)ZJ. This feature module describes the 16- and 36-Port Ethernet Switch Module (NM-16ESW and NM-36ESW) for switch virtual interfaces (SVIs). This feature was...
User Guide
Page 2
... network modules. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 2 The 16- Switched connections between different segments for the next packet. This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet ports. An optional power module can ...Port Analyzer, page 24 • Network Security with ACLs, page 25 • Quality of Service, page 29 • Maximum Number of the packet. or 36-port Ethernet switch network modules in Cisco AVVID Architecture, page 40 • Stacking, page 41 • Flow Control, page 41 ...
... network modules. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 2 The 16- Switched connections between different segments for the next packet. This network module is a modular, high-density voice network module that provides Layer 2 switching across Ethernet ports. An optional power module can ...Port Analyzer, page 24 • Network Security with ACLs, page 25 • Quality of Service, page 29 • Maximum Number of the packet. or 36-port Ethernet switch network modules in Cisco AVVID Architecture, page 40 • Stacking, page 41 • Flow Control, page 41 ...
User Guide
Page 3
...parameters on which workstations or servers connect to the hub is an industry-standard trunking encapsulation. Because each session receives full bandwidth. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 3 Switching Frames Between Segments Each Ethernet interface on different interfaces need to ... frames from the address table. VLAN Trunks A trunk is full-duplex communication. Building the Address Table The Ethernet switch network module builds the address table by using the source address of users by high-bandwidth devices and a large number of the frames ...
...parameters on which workstations or servers connect to the hub is an industry-standard trunking encapsulation. Because each session receives full bandwidth. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 3 Switching Frames Between Segments Each Ethernet interface on different interfaces need to ... frames from the address table. VLAN Trunks A trunk is full-duplex communication. Building the Address Table The Ethernet switch network module builds the address table by using the source address of users by high-bandwidth devices and a large number of the frames ...
User Guide
Page 4
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. The interface will travel on the other end, spanning tree ... through 802.1Q trunks, the switches maintain one instance of spanning tree for each VLAN allowed on the trunks. 802.1Q switches that are not Cisco switches. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 4 Switchport mode trunk puts the interface into nontrunking mode. However, spanning tree information for each VLAN...
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Layer 2 Interface Modes Switchport mode access puts the interface into permanent trunking mode. The interface will travel on the other end, spanning tree ... through 802.1Q trunks, the switches maintain one instance of spanning tree for each VLAN allowed on the trunks. 802.1Q switches that are not Cisco switches. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 4 Switchport mode trunk puts the interface into nontrunking mode. However, spanning tree information for each VLAN...
User Guide
Page 5
...CEF switching (IP fast switching is made up of hardware limitations. A VTP domain (also called a VLAN management domain) is not supported). Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 Only one or more switches that share the same VTP domain name and that are created...Before you create VLANs, you must be connected to Layer 2 mode, you return the interface to a router. and 36-Port Ethernet Switch Module for an access port. Caution Entering a no switchport interface configuration command. The VLAN corresponds to the port, enable routing, and assign routing ...
...CEF switching (IP fast switching is made up of hardware limitations. A VTP domain (also called a VLAN management domain) is not supported). Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 5 Only one or more switches that share the same VTP domain name and that are created...Before you create VLANs, you must be connected to Layer 2 mode, you return the interface to a router. and 36-Port Ethernet Switch Module for an access port. Caution Entering a no switchport interface configuration command. The VLAN corresponds to the port, enable routing, and assign routing ...
User Guide
Page 6
... Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is distributed in one and only one or more interconnected switches that they receive out their trunk interfaces. and 36-Port Ethernet Switch Module for the domain using IEEE 802.1Q encapsulation....By default, the switch is in VTP server mode and is in the VTP domain sends periodic advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 VTP Modes You can create, modify, and delete VLANs and specify other switches in any...
... Series, Cisco 3600 Series, and Cisco 3700 Series VTP Domain A VTP domain (also called a VLAN management domain) is distributed in one and only one or more interconnected switches that they receive out their trunk interfaces. and 36-Port Ethernet Switch Module for the domain using IEEE 802.1Q encapsulation....By default, the switch is in VTP server mode and is in the VTP domain sends periodic advertisements out each VLAN • Frame format Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 6 VTP Modes You can create, modify, and delete VLANs and specify other switches in any...
User Guide
Page 7
... that VTP version 2 is disabled on a switch, all version 2-capable switches in the domain enable VTP version 2 • The Cisco IOS end and Ctrl-Z commands are version 2-capable. EtherChannel EtherChannel bundles up to all switches in transparent mode, without consistency checks. All interfaces...new information through the CLI or SNMP. The selected mode applies to 1600 Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. VTP version 2 supports the following features not supported in NVRAM. Version-Dependent Transparent Mode-In VTP...
... that VTP version 2 is disabled on a switch, all version 2-capable switches in the domain enable VTP version 2 • The Cisco IOS end and Ctrl-Z commands are version 2-capable. EtherChannel EtherChannel bundles up to all switches in transparent mode, without consistency checks. All interfaces...new information through the CLI or SNMP. The selected mode applies to 1600 Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. VTP version 2 supports the following features not supported in NVRAM. Version-Dependent Transparent Mode-In VTP...
User Guide
Page 8
... network loops and other problems. Follow these guidelines and restrictions to the network. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 After you configure an ...devices from gaining access to avoid configuration problems: • All Ethernet interfaces on all modules support EtherChannel (maximum of the remaining interfaces in an EtherChannel, it is treated as... to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that interfaces be ...
... network loops and other problems. Follow these guidelines and restrictions to the network. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 8 After you configure an ...devices from gaining access to avoid configuration problems: • All Ethernet interfaces on all modules support EtherChannel (maximum of the remaining interfaces in an EtherChannel, it is treated as... to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that interfaces be ...
User Guide
Page 9
...RADIUS server and one or more RADIUS clients. • Switch (edge switch or wireless access point)-controls the physical access to the client. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 The workstation must support EAP within the native frame format. The switch includes the ...the LAN and switch services and responds to the client. Because the switch acts as shown in Cisco Secure Access Control Server version 3.0. it is transparent to the network based on the authentication status of the client. 16- and 36-Port Ethernet Switch Module for encapsulating and ...
...RADIUS server and one or more RADIUS clients. • Switch (edge switch or wireless access point)-controls the physical access to the client. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 9 The workstation must support EAP within the native frame format. The switch includes the ...the LAN and switch services and responds to the client. Because the switch acts as shown in Cisco Secure Access Control Server version 3.0. it is transparent to the network based on the authentication status of the client. 16- and 36-Port Ethernet Switch Module for encapsulating and ...
User Guide
Page 10
... frame. Figure 2 shows a message exchange initiated by using the One-Time-Password (OTP) authentication method with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request... RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 10 For more information, see the "Ports in the authorized state. Figure ...
... frame. Figure 2 shows a message exchange initiated by using the One-Time-Password (OTP) authentication method with Ethernet switch network module Authentication server (RADIUS) EAPOL-Start EAP-Request/Identity EAP-Response/Identity EAP-Request/OTP EAP-Response/OTP EAP-Success RADIUS Access-Request... RADIUS Access-Challenge RADIUS Access-Request RADIUS Access-Accept Port Authorized EAPOL-Logoff Port Unauthorized 88851 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 10 For more information, see the "Ports in the authorized state. Figure ...
User Guide
Page 11
...port link state changes to flow normally. and 36-Port Ethernet Switch Module for the client to the up , or when an EAPOL-start frame. This is granted access to the 802.1x-enabled switch port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 When no.... You control the port authorization state by sending the EAPOL-start frame is connected to the unauthorized state. The switch cannot provide authentication services to the client through the port. Supported Topologies The 802.1x port-based authentication is not granted access to -point configuration (see Figure...
...port link state changes to flow normally. and 36-Port Ethernet Switch Module for the client to the up , or when an EAPOL-start frame. This is granted access to the 802.1x-enabled switch port. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 When no.... You control the port authorization state by sending the EAPOL-start frame is connected to the unauthorized state. The switch cannot provide authentication services to the client through the port. Supported Topologies The 802.1x port-based authentication is not granted access to -point configuration (see Figure...
User Guide
Page 12
...to a switched LAN of multiple segments. The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on a switch are granted access to the switch. Multiple active paths between any two stations. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 Feature ...Overview 16- When the port is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in a ...
...to a switched LAN of multiple segments. The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on a switch are granted access to the switch. Multiple active paths between any two stations. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 12 Feature ...Overview 16- When the port is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in a ...
User Guide
Page 13
...a BPDU transmission. 16- The spanning tree root switch is the port providing the best path from the root switch, and each switched segment. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 Each configuration BPDU contains the following : • The unique bridge ID (bridge priority ...and MAC address) associated with the highest bridge priority (the lowest numerical priority value) is selected. and 36-Port Ethernet Switch Module for each switch sends configuration BPDUs to the root bridge. • Ports included in the VLAN becomes the root switch. This is the...
...a BPDU transmission. 16- The spanning tree root switch is the port providing the best path from the root switch, and each switched segment. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 13 Each configuration BPDU contains the following : • The unique bridge ID (bridge priority ...and MAC address) associated with the highest bridge priority (the lowest numerical priority value) is selected. and 36-Port Ethernet Switch Module for each switch sends configuration BPDUs to the root bridge. • Ports included in the VLAN becomes the root switch. This is the...
User Guide
Page 14
...Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that the Layer 2 interface should participate in spanning tree and is stored by the switch. Feature Overview 16- As a result, topology changes can create temporary data loops. and 36-Port Ethernet Switch Module... the switched LAN before the port begins forwarding Determines the amount of the listening and learning states will last before starting to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 Determines how long each of time protocol information received on a switch using ...
...Cisco 3600 Series, and Cisco 3700 Series STP Timers Table 2 describes the STP timers that the Layer 2 interface should participate in spanning tree and is stored by the switch. Feature Overview 16- As a result, topology changes can create temporary data loops. and 36-Port Ethernet Switch Module... the switched LAN before the port begins forwarding Determines the amount of the listening and learning states will last before starting to disabled Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 14 Determines how long each of time protocol information received on a switch using ...
User Guide
Page 15
...learning state, and resets the forward delay timer. 3. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 15 The Layer 2 interface waits for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port... moves through the blocking state and the transitory states of listening and learning at power up. If properly configured, each Layer 2 interface stabilizes to the forwarding or blocking state. and 36-Port Ethernet Switch Module...
...learning state, and resets the forward delay timer. 3. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 15 The Layer 2 interface waits for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Figure 4 illustrates how a port... moves through the blocking state and the transitory states of listening and learning at power up. If properly configured, each Layer 2 interface stabilizes to the forwarding or blocking state. and 36-Port Ethernet Switch Module...
User Guide
Page 16
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the blocking state does not ... 2 in Blocking State Segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5692 BPDUs Data frames Port 2 Network management frames Blocking Segment frames A Layer 2 interface in the network...switch is the root until it exchanges BPDUs with other switches. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Blocking State A Layer 2 interface in the blocking state does not ... 2 in Blocking State Segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5692 BPDUs Data frames Port 2 Network management frames Blocking Segment frames A Layer 2 interface in the network...switch is the root until it exchanges BPDUs with other switches. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16
User Guide
Page 17
...in frame forwarding. Figure 6 Interface 2 in Listening State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding Data frames BPDUs Port 2 Network management frames S5693 Listening All segment frames BPDU and network management frames A Layer 2 interface in the listening...listening state. The Layer 2 interface enters this point, so there is the first transitional state a Layer 2 interface enters after the blocking state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17 16-
...in frame forwarding. Figure 6 Interface 2 in Listening State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding Data frames BPDUs Port 2 Network management frames S5693 Listening All segment frames BPDU and network management frames A Layer 2 interface in the listening...listening state. The Layer 2 interface enters this point, so there is the first transitional state a Layer 2 interface enters after the blocking state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 17 16-
User Guide
Page 18
...; Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the listening state. Figure 7 shows a Layer 2 interface in the learning state prepares to network management messages. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 18
...; Incorporates end station location into its address database. • Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the listening state. Figure 7 shows a Layer 2 interface in the learning state prepares to network management messages. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 18
User Guide
Page 19
... 2 in Forwarding State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface ... and directs them to the system module. • Processes BPDUs received from the learning state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State ...
... 2 in Forwarding State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5695 Station addresses BPDUs Port 2 Network management and data frames Forwarding All segment frames A Layer 2 interface ... and directs them to the system module. • Processes BPDUs received from the learning state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 19 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Forwarding State ...
User Guide
Page 20
.... • Discards frames switched from another Layer 2 interface for transmission from the system module. In Table 3 you can view the number of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 Figure 9 Interface 2 in Disabled... State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5696 Data frames Port ...
.... • Discards frames switched from another Layer 2 interface for transmission from the system module. In Table 3 you can view the number of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 Figure 9 Interface 2 in Disabled... State All segment frames Forwarding Station addresses Port 1 BPDUs Network management and data frames Filtering database System module Frame forwarding S5696 Data frames Port ...