User Guide
Page 3
... interfaces and another networking device such as an individual segment. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 3 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion... connect to all Ethernet interfaces: 802.1Q-802.1Q is full-duplex communication. When a frame enters the switch, it associates the MAC address of seconds, it was received. The switch then forwards subsequent frames to a single interface without flooding any entries. On a typical...
... interfaces and another networking device such as an individual segment. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 3 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion... connect to all Ethernet interfaces: 802.1Q-802.1Q is full-duplex communication. When a frame enters the switch, it associates the MAC address of seconds, it was received. The switch then forwards subsequent frames to a single interface without flooding any entries. On a typical...
User Guide
Page 7
...Since only one of six EtherChannels. Version-Dependent Transparent Mode-In VTP version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you enable VTP version 2 on a switch, all version 2-capable switches in...1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to parse. The selected mode applies to use MAC addresses, or IP addresses; and 36-Port Ethernet Switch Module for the domain name and version, and forwards a message only if ...
...Since only one of six EtherChannels. Version-Dependent Transparent Mode-In VTP version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you enable VTP version 2 on a switch, all version 2-capable switches in...1: Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to parse. The selected mode applies to use MAC addresses, or IP addresses; and 36-Port Ethernet Switch Module for the domain name and version, and forwards a message only if ...
User Guide
Page 8
...Protocol (STP) port path costs can pass through the port to a single MAC address, using source addresses or IP addresses may result in the channel; using the destination MAC address always chooses the same link in better load balancing. The authentication server ...interfaces in an EtherChannel to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to a LAN through publicly accessible ports. ...
...Protocol (STP) port path costs can pass through the port to a single MAC address, using source addresses or IP addresses may result in the channel; using the destination MAC address always chooses the same link in better load balancing. The authentication server ...interfaces in an EtherChannel to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to a LAN through publicly accessible ports. ...
User Guide
Page 11
... Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 In this state, the port disallows all traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the unauthorized state, allowing only EAPOL frames to the authorized state, allowing all ingress and egress traffic except for a ... by sending the EAPOL-start frame is supported in the unauthorized state. If the client is uniquely identified by the switch by using the client's MAC address.
... Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 In this state, the port disallows all traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the unauthorized state, allowing only EAPOL frames to the authorized state, allowing all ingress and egress traffic except for a ... by sending the EAPOL-start frame is supported in the unauthorized state. If the client is uniquely identified by the switch by using the client's MAC address.
User Guide
Page 12
...spanning tree port path cost value represents media speed. In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network, end stations might receive duplicate messages ...and switches might learn endstation MAC addresses on Ethernet switch network module systems. Spanning tree is to the switch. For a Layer 2...
...spanning tree port path cost value represents media speed. In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network, end stations might receive duplicate messages ...and switches might learn endstation MAC addresses on Ethernet switch network module systems. Spanning tree is to the switch. For a Layer 2...
User Guide
Page 13
... ID (bridge priority and MAC address) associated with each VLAN on the path cost. • A designated bridge for each LAN segment is the port providing the best path from the bridge to the root. • A root port is the logical center of the Root Bridge. Cisco IOS Release 12.2(2)XT,...to the root bridge through which the frame is transmitted receive the BPDU. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of the switch that are placed in the...
... ID (bridge priority and MAC address) associated with each VLAN on the path cost. • A designated bridge for each LAN segment is the port providing the best path from the bridge to the root. • A root port is the logical center of the Root Bridge. Cisco IOS Release 12.2(2)XT,...to the root bridge through which the frame is transmitted receive the BPDU. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of the switch that are placed in the...
User Guide
Page 20
... 9 Interface 2 in the disabled state is no learning, so there is virtually nonoperational. Table 3 Number of VLANs Allowed by Platform Platform Cisco 3640 or higher Cisco 3620 Cisco 2600 Maximum number of MAC addresses that are used as shown in frame forwarding or spanning tree, as the bridge IDs for transmission from the system...
... 9 Interface 2 in the disabled state is no learning, so there is virtually nonoperational. Table 3 Number of VLANs Allowed by Platform Platform Cisco 3640 or higher Cisco 3620 Cisco 2600 Maximum number of MAC addresses that are used as shown in frame forwarding or spanning tree, as the bridge IDs for transmission from the system...
User Guide
Page 21
...-VLAN basis; In the event of a loop, spanning tree considers port priority when selecting an interface to select first and higher Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 21 Default Spanning Tree Configuration In Table 4 you want spanning tree to...Configuration Feature Default Value Enable state Spanning tree enabled for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview MAC addresses are allocated sequentially, with the lowest interface number in increments of an interface. Cisco IOS software uses the port priority value when the ...
...-VLAN basis; In the event of a loop, spanning tree considers port priority when selecting an interface to select first and higher Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 21 Default Spanning Tree Configuration In Table 4 you want spanning tree to...Configuration Feature Default Value Enable state Spanning tree enabled for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview MAC addresses are allocated sequentially, with the lowest interface number in increments of an interface. Cisco IOS software uses the port priority value when the ...
User Guide
Page 36
... one host is pruned from which it removes the host port from the IP multicast data stream and only forwards traffic to all VLANs. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 36 Feature Overview 16- Layer 2 multicast groups learned through PIM-DVMRP packets, use... Series, Cisco 3600 Series, and Cisco 3700 Series associated multicast forwarding table entry. The switch responds to the router queries with only one join request per MAC multicast group, and the switch creates one host is supported only with the ip igmp snooping mrouter global configuration command You ...
... one host is pruned from which it removes the host port from the IP multicast data stream and only forwards traffic to all VLANs. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 36 Feature Overview 16- Layer 2 multicast groups learned through PIM-DVMRP packets, use... Series, Cisco 3600 Series, and Cisco 3700 Series associated multicast forwarding table entry. The switch responds to the router queries with only one join request per MAC multicast group, and the switch creates one host is supported only with the ip igmp snooping mrouter global configuration command You ...
User Guide
Page 37
... Switch Module for the multicast group. When the switch receives this message, it wants to Figure 16. Figure 16 Initial IGMP Join Message Cisco router with the equivalent MAC destination address of Host 1 and the router. The switch recognizes IGMP packets and forwards them to set up a multicast forwarding table entry as...
... Switch Module for the multicast group. When the switch receives this message, it wants to Figure 16. Figure 16 Initial IGMP Join Message Cisco router with the equivalent MAC destination address of Host 1 and the router. The switch recognizes IGMP packets and forwards them to set up a multicast forwarding table entry as...
User Guide
Page 38
... hosts need to determine if any devices behind that IP multicast group. Global Storm-Control Global storm-control prevents switchports on one of the interfaces. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 38 If, after a number of Packet !IGMP Ports 1, 2, 5 Leaving a Multicast Group ... flood the LAN, creating excessive traffic and degrading network performance. Feature Overview 16- As long as at least one join response per MAC multicast group. The switch only forwards IP multicast group traffic to those hosts listed in the VLAN needs multicast traffic, the switch responds...
... hosts need to determine if any devices behind that IP multicast group. Global Storm-Control Global storm-control prevents switchports on one of the interfaces. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 38 If, after a number of Packet !IGMP Ports 1, 2, 5 Leaving a Multicast Group ... flood the LAN, creating excessive traffic and degrading network performance. Feature Overview 16- As long as at least one join response per MAC multicast group. The switch only forwards IP multicast group traffic to those hosts listed in the VLAN needs multicast traffic, the switch responds...
User Guide
Page 40
... small branch offices, applications are centrally located at the same time. The section outlines some of the Cisco Architecture for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Per-Port Storm-Control A packet storm occurs when a large number of the total available bandwidth...input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of a centralized call-processing network using a centrally deployed Cisco CallManager (CCM). Instead of the MAC addresses specified for Cisco AVVID/IP Telephony The Ethernet switch network module has sixteen 10/100 ...
... small branch offices, applications are centrally located at the same time. The section outlines some of the Cisco Architecture for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Per-Port Storm-Control A packet storm occurs when a large number of the total available bandwidth...input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of a centralized call-processing network using a centrally deployed Cisco CallManager (CCM). Instead of the MAC addresses specified for Cisco AVVID/IP Telephony The Ethernet switch network module has sixteen 10/100 ...
User Guide
Page 41
... that Gigabit Ethernet ports use send desired when a remote port is set to delay sending packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings...pause frames, but autonegotiates flow control. Stacking Layer 2 switching may be extended in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis stacking are filtered. This connection sustains a line-rate traffic similar to inhibit the transmission of time...
... that Gigabit Ethernet ports use send desired when a remote port is set to delay sending packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings...pause frames, but autonegotiates flow control. Stacking Layer 2 switching may be extended in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis stacking are filtered. This connection sustains a line-rate traffic similar to inhibit the transmission of time...
User Guide
Page 46
..., page 74 • Configuring Switched Port Analyzer, page 76 • Configuring Network Security with ACLs, page 78 • Configuring Quality of the Cisco 2600 series, Cisco 3600 series, or Cisco 3700 series router In addition, complete the following tasks before configuring this feature: • Configure IP routing For more information on IP routing... • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC Table Manipulation -
..., page 74 • Configuring Switched Port Analyzer, page 76 • Configuring Network Security with ACLs, page 78 • Configuring Quality of the Cisco 2600 series, Cisco 3600 series, or Cisco 3700 series router In addition, complete the following tasks before configuring this feature: • Configure IP routing For more information on IP routing... • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC Table Manipulation -
User Guide
Page 58
... configured to verify Layer 2 EtherChannel load balancing: Router# show etherchannel load-balance Source XOR Destination IP address Router# Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 58 Configuration Tasks 16- Verifying EtherChannel Load Balancing Step 1 Use...mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Step 2 Router(config)# end Purpose Configures EtherChannel load balancing, use the no form of this command to return EtherChannel load balancing to the default configuration. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
... configured to verify Layer 2 EtherChannel load balancing: Router# show etherchannel load-balance Source XOR Destination IP address Router# Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 58 Configuration Tasks 16- Verifying EtherChannel Load Balancing Step 1 Use...mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Step 2 Router(config)# end Purpose Configures EtherChannel load balancing, use the no form of this command to return EtherChannel load balancing to the default configuration. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
User Guide
Page 59
...the show etherchannel summary command to the default configuration. Layer3 S - and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Removing an Interface from an EtherChannel To remove an Ethernet interface from an EtherChannel, use...in use the following commands in global configuration mode: Step 1 Step 2 Command Router(config)# no ] port-channel load-balance {src-mac | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Router(config)# end Purpose Configures EtherChannel load balancing. stand-alone s - ...
...the show etherchannel summary command to the default configuration. Layer3 S - and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Removing an Interface from an EtherChannel To remove an Ethernet interface from an EtherChannel, use...in use the following commands in global configuration mode: Step 1 Step 2 Command Router(config)# no ] port-channel load-balance {src-mac | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Router(config)# end Purpose Configures EtherChannel load balancing. stand-alone s - ...
User Guide
Page 71
...to 8192 if this command to a significantly lower value so that VLAN. A bridge ID, consisting of the bridge priority and the bridge MAC address, is , the maximum number of spanning tree for VLAN 100 to 8192, causing the switch to override the automatically calculated hello time... age time for a network of that is associated with third-party switches. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Root Bridge The Ethernet switch network module maintains a separate instance of bridge hops between...
...to 8192 if this command to a significantly lower value so that VLAN. A bridge ID, consisting of the bridge priority and the bridge MAC address, is , the maximum number of spanning tree for VLAN 100 to 8192, causing the switch to override the automatically calculated hello time... age time for a network of that is associated with third-party switches. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Root Bridge The Ethernet switch network module maintains a separate instance of bridge hops between...
User Guide
Page 72
...the user with the option to make a port secure by allowing only well-known MAC addresses to privileged EXEC mode. Disabling Spanning Tree To disable spanning tree on the switch. Router# Configuring MAC Table Manipulation - and 36-Port Ethernet Switch Module for VLAN 200 does not exist...is disabled: Router# show spanning-tree vlan 200 Spanning tree instance for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Beginning in the MAC Address Table, page 73 • Configuring Aging Timer-timer, page 74 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 72 To ...
...the user with the option to make a port secure by allowing only well-known MAC addresses to privileged EXEC mode. Disabling Spanning Tree To disable spanning tree on the switch. Router# Configuring MAC Table Manipulation - and 36-Port Ethernet Switch Module for VLAN 200 does not exist...is disabled: Router# show spanning-tree vlan 200 Spanning tree instance for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Beginning in the MAC Address Table, page 73 • Configuring Aging Timer-timer, page 74 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 72 To ...
User Guide
Page 73
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Known MAC Address Traffic To enable the MAC address secure option, use the following commands beginning in the MAC address table. Creates static or dynamic entry in privileged EXEC ...command to verify the configuration: Router# show mac-address-table secure command to restore the defaults. Exits configuration mode. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 73 Step 1 Use the show mac-address-table secure Secure Address Table: Destination...
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Known MAC Address Traffic To enable the MAC address secure option, use the following commands beginning in the MAC address table. Creates static or dynamic entry in privileged EXEC ...command to verify the configuration: Router# show mac-address-table secure command to restore the defaults. Exits configuration mode. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 73 Step 1 Use the show mac-address-table secure Secure Address Table: Destination...
User Guide
Page 74
...mode. Verifying the Aging Timer Step 1 Use the show mac-address-table aging-time command to verify the MAC Address Table: Router# show mac-address-table aging-time Mac address aging time 23 Configuring Cisco Discovery Protocol • Enabling Cisco Discovery Protocol, page 75 • Enabling CDP on an... Tasks 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Verifying the MAC Address Table Step 1 Use the show mac command to verify the aging timer: Router # show mac Destination Address 0001.6443.6440 0004.c16d.9be1 0004.ddf0...
...mode. Verifying the Aging Timer Step 1 Use the show mac-address-table aging-time command to verify the MAC Address Table: Router# show mac-address-table aging-time Mac address aging time 23 Configuring Cisco Discovery Protocol • Enabling Cisco Discovery Protocol, page 75 • Enabling CDP on an... Tasks 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Verifying the MAC Address Table Step 1 Use the show mac command to verify the aging timer: Router # show mac Destination Address 0001.6443.6440 0004.c16d.9be1 0004.ddf0...