User Guide
Page 3
...industry-standard trunking encapsulation. Note Default parameters on the aging timer are a major bottleneck in its address table, it associates the MAC address of the sending station with the interface on page 56. Trunks carry the traffic of multiple VLANs over a single link and... for a specified number of the same virtual local area network (VLAN) except the interface that each device (for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by a configurable aging timer; and 36-...
...industry-standard trunking encapsulation. Note Default parameters on the aging timer are a major bottleneck in its address table, it associates the MAC address of the sending station with the interface on page 56. Trunks carry the traffic of multiple VLANs over a single link and... for a specified number of the same virtual local area network (VLAN) except the interface that each device (for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by a configurable aging timer; and 36-...
User Guide
Page 7
..., you enable VTP version 2 on a switch, all version 2-capable switches in the domain enable VTP version 2 • The Cisco IOS end and Ctrl-Z commands are version 2-capable. EtherChannel EtherChannel bundles up to a numerical value that selects one domain is accepted ... 7 Version-Dependent Transparent Mode-In VTP version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you use MAC addresses, or IP addresses; VTP version 2 supports the following features not supported in secure mode...
..., you enable VTP version 2 on a switch, all version 2-capable switches in the domain enable VTP version 2 • The Cisco IOS end and Ctrl-Z commands are version 2-capable. EtherChannel EtherChannel bundles up to a numerical value that selects one domain is accepted ... 7 Version-Dependent Transparent Mode-In VTP version 1, a VTP transparent switch inspects VTP messages for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you use MAC addresses, or IP addresses; VTP version 2 supports the following features not supported in secure mode...
User Guide
Page 8
...XT, 12.2(8)T, and 12.2(15)ZJ 8 For Layer 2 EtherChannels: • Assign all interfaces in the EtherChannel to a single MAC address, using source addresses or IP addresses may result in your configuration. Understanding 802.1x Port-Based Authentication The IEEE 802.1x ...to a LAN through the port to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that interfaces be created. Feature Overview 16- Until the client is a Switched Port Analyzer (SPAN...
...XT, 12.2(8)T, and 12.2(15)ZJ 8 For Layer 2 EtherChannels: • Assign all interfaces in the EtherChannel to a single MAC address, using source addresses or IP addresses may result in your configuration. Understanding 802.1x Port-Based Authentication The IEEE 802.1x ...to a LAN through the port to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that interfaces be created. Feature Overview 16- Until the client is a Switched Port Analyzer (SPAN...
User Guide
Page 11
...authentication exchange required. Each client attempting to the authorized state, allowing all ingress and egress traffic except for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the unauthorized state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 If no response is received, the client ... identity. Supported Topologies The 802.1x port-based authentication is not running 802.1x, the client initiates the authentication process by using the client's MAC address. 16- and 36-Port Ethernet Switch Module for 802.1x packets.
...authentication exchange required. Each client attempting to the authorized state, allowing all ingress and egress traffic except for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Ports in the unauthorized state. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 11 If no response is received, the client ... identity. Supported Topologies The 802.1x port-based authentication is not running 802.1x, the client initiates the authentication process by using the client's MAC address. 16- and 36-Port Ethernet Switch Module for 802.1x packets.
User Guide
Page 12
...value represents the location of the attached clients. In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network, end stations might receive duplicate ...messages and switches might learn endstation MAC addresses on each configured VLAN (provided that provides path redundancy while preventing undesirable loops ...
...value represents the location of the attached clients. In this topology, the wireless access point is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network, end stations might receive duplicate ...messages and switches might learn endstation MAC addresses on each configured VLAN (provided that provides path redundancy while preventing undesirable loops ...
User Guide
Page 13
... switch. • The shortest distance to the LAN on the path cost. • A designated bridge for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of a switched network is determined ... and, if the topology changes, initiate a BPDU transmission. BPDUs contain information about the transmitting bridge and its ports, including bridge and MAC addresses, bridge priority, port priority, and path cost. The spanning tree root switch is selected. Spanning tree uses this information to the...
... switch. • The shortest distance to the LAN on the path cost. • A designated bridge for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Bridge Protocol Data Units The stable active spanning tree topology of a switched network is determined ... and, if the topology changes, initiate a BPDU transmission. BPDUs contain information about the transmitting bridge and its ports, including bridge and MAC addresses, bridge priority, port priority, and path cost. The spanning tree root switch is selected. Spanning tree uses this information to the...
User Guide
Page 20
...receive BPDUs. • Does not receive BPDUs for transmission from the system module. Table 3 Number of VLANs Allowed by Platform Platform Cisco 3640 or higher Cisco 3620 Cisco 2600 Maximum number of MAC addresses that are used as the bridge IDs for each platform. and 36-Port Ethernet Switch Module for.... In Table 3 you can view the number of VLANs allowed for the VLAN spanning trees. MAC Address Allocation The MAC address allocation manager has a pool of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 Feature Overview 16-
...receive BPDUs. • Does not receive BPDUs for transmission from the system module. Table 3 Number of VLANs Allowed by Platform Platform Cisco 3640 or higher Cisco 3620 Cisco 2600 Maximum number of MAC addresses that are used as the bridge IDs for each platform. and 36-Port Ethernet Switch Module for.... In Table 3 you can view the number of VLANs allowed for the VLAN spanning trees. MAC Address Allocation The MAC address allocation manager has a pool of VLANs allowed 64 VLANS 32 VLANs 32 VLANs Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 20 Feature Overview 16-
User Guide
Page 21
...)ZJ 21 Table 4 Spanning Tree Default Configuration Feature Default Value Enable state Spanning tree enabled for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview MAC addresses are allocated sequentially, with the lowest interface number in 1000-Mb mode Spanning tree VLAN port...from the media speed of a loop, spanning tree considers port priority when selecting an interface to put into the forwarding state. Cisco IOS software uses the port priority value when the interface is configured as a trunk port. used on interfaces configured as Layer 2...
...)ZJ 21 Table 4 Spanning Tree Default Configuration Feature Default Value Enable state Spanning tree enabled for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview MAC addresses are allocated sequentially, with the lowest interface number in 1000-Mb mode Spanning tree VLAN port...from the media speed of a loop, spanning tree considers port priority when selecting an interface to put into the forwarding state. Cisco IOS software uses the port priority value when the interface is configured as a trunk port. used on interfaces configured as Layer 2...
User Guide
Page 36
... an interface that sends a leave message from the table entry. Immediate-Leave processing ensures optimal bandwidth management for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series associated multicast forwarding table entry. To learn of 255 IP multicast groups and support both user-defined...from the multicast router, it deletes entries periodically if it removes the host port from the forwarding table without first sending out MAC-based general queries to a port, some hosts might be inadvertently dropped. Ethernet switch network modules support a maximum of multicast router...
... an interface that sends a leave message from the table entry. Immediate-Leave processing ensures optimal bandwidth management for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series associated multicast forwarding table entry. To learn of 255 IP multicast groups and support both user-defined...from the multicast router, it deletes entries periodically if it removes the host port from the forwarding table without first sending out MAC-based general queries to a port, some hosts might be inadvertently dropped. Ethernet switch network modules support a maximum of multicast router...
User Guide
Page 37
...the CPU receives that are not IGMP packets (!IGMP) to the router and to join. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Joining a Multicast Group When a host connected to the switch wants to join an IP multicast group, it... forwarding table tells the switching engine to send frames addressed to the 0100.5E01.0203 multicast MAC address that message and adds the port number of Host 4 to the group with the equivalent MAC destination address of Host 1 and the router. When the switch receives this message, it ...
...the CPU receives that are not IGMP packets (!IGMP) to the router and to join. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Joining a Multicast Group When a host connected to the switch wants to join an IP multicast group, it... forwarding table tells the switching engine to send frames addressed to the 0100.5E01.0203 multicast MAC address that message and adds the port number of Host 4 to the group with the equivalent MAC destination address of Host 1 and the router. When the switch receives this message, it ...
User Guide
Page 38
... group, they can cause a storm. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 38 If, after a number of queries, the router processor receives no reports from ...these queries with one join response per MAC multicast group. Global Storm-Control Global storm-control prevents switchports on one host in traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module ...
... group, they can cause a storm. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 38 If, after a number of queries, the router processor receives no reports from ...these queries with one join response per MAC multicast group. Global Storm-Control Global storm-control prevents switchports on one host in traffic for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 17 Second Host Joining a Multicast Group Cisco router with Ethernet switch network module ...
User Guide
Page 40
... inline power and QoS features that can also set the switch to shut down or to work as part of the Cisco Architecture for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Per-Port Storm-Control A packet storm occurs when a large number of the total available bandwidth that make ... your network. Forwarding these packets can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to access the port is different from a specific host based on the Ethernet switch network module to or received...
... inline power and QoS features that can also set the switch to shut down or to work as part of the Cisco Architecture for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Per-Port Storm-Control A packet storm occurs when a large number of the total available bandwidth that make ... your network. Forwarding these packets can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to access the port is different from a specific host based on the Ethernet switch network module to or received...
User Guide
Page 41
...off or send desired. You can use receive desired when a remote port is set to delay sending packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings with the...send off when a remote port is called a pause frame. This special packet is set to Cisco AVVID: • All switch ports are in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis stacking are not displayed. • Link status of space, the ...
...off or send desired. You can use receive desired when a remote port is set to delay sending packets for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview Default Switch Configuration By default, the Ethernet switch network module provides the following settings with the...send off when a remote port is called a pause frame. This special packet is set to Cisco AVVID: • All switch ports are in multiple Ethernet switch network modules. • MAC address entries learned via intrachassis stacking are not displayed. • Link status of space, the ...
User Guide
Page 46
... page 74 • Configuring Switched Port Analyzer, page 76 • Configuring Network Security with ACLs, page 78 • Configuring Quality of the Cisco 2600 series, Cisco 3600 series, or Cisco 3700 series router In addition, complete the following tasks before configuring this feature: • Configure IP routing For more information on IP routing...• Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC Table Manipulation - Prerequisites 16-
... page 74 • Configuring Switched Port Analyzer, page 76 • Configuring Network Security with ACLs, page 78 • Configuring Quality of the Cisco 2600 series, Cisco 3600 series, or Cisco 3700 series router In addition, complete the following tasks before configuring this feature: • Configure IP routing For more information on IP routing...• Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC Table Manipulation - Prerequisites 16-
User Guide
Page 58
Exits configuration mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 4 Router# show etherchannel load-balance Source XOR Destination IP address Router# Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 58 Configuration Tasks 16-... EtherChannel load balancing, use the following commands in global configuration mode: Step 1 Command Router(config)# port-channel load-balance {src-mac | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Step 2 Router(config)# end Purpose Configures EtherChannel load balancing, use the...
Exits configuration mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 4 Router# show etherchannel load-balance Source XOR Destination IP address Router# Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 58 Configuration Tasks 16-... EtherChannel load balancing, use the following commands in global configuration mode: Step 1 Command Router(config)# port-channel load-balance {src-mac | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Step 2 Router(config)# end Purpose Configures EtherChannel load balancing, use the...
User Guide
Page 59
... an EtherChannel, use the following commands in global configuration mode: Step 1 Step 2 Command Router(config)# [no] port-channel load-balance {src-mac | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Router(config)# end Purpose Configures EtherChannel load balancing. Exits configuration mode. suspended R -...Changing the Switch-to-Client Retransmission Time, page 64 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 59 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Removing an Interface from an ...
... an EtherChannel, use the following commands in global configuration mode: Step 1 Step 2 Command Router(config)# [no] port-channel load-balance {src-mac | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip} Router(config)# end Purpose Configures EtherChannel load balancing. Exits configuration mode. suspended R -...Changing the Switch-to-Client Retransmission Time, page 64 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 59 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Removing an Interface from an ...
User Guide
Page 71
... automatically picks an optimal hello time, forward delay time, and maximum age time for a network of the bridge priority and the bridge MAC address, is associated with the lowest bridge ID will set to 8192 if this command to become the root bridge, the bridge priority can... 100. 16- Use the spanning-tree vlan vlan-id root command to a significantly lower value so that is supported for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Root Bridge The Ethernet switch network module maintains a separate instance of bridge hops between any...
... automatically picks an optimal hello time, forward delay time, and maximum age time for a network of the bridge priority and the bridge MAC address, is associated with the lowest bridge ID will set to 8192 if this command to become the root bridge, the bridge priority can... 100. 16- Use the spanning-tree vlan vlan-id root command to a significantly lower value so that is supported for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Root Bridge The Ethernet switch network module maintains a separate instance of bridge hops between any...
User Guide
Page 72
... 3 Step 4 Step 5 Command configure terminal spanning-tree backbonefast end show spanning-tree vlan 200 Spanning tree instance for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Beginning in global configuration mode: Step 1 Step 2 Command Router(config)# no spanning-tree backbonefast global configuration ... your entries. (Optional) Saves your entries in the MAC Address Table, page 73 • Configuring Aging Timer-timer, page 74 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 72 Router# Configuring MAC Table Manipulation - Enables BackboneFast on a per -VLAN ...
... 3 Step 4 Step 5 Command configure terminal spanning-tree backbonefast end show spanning-tree vlan 200 Spanning tree instance for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Beginning in global configuration mode: Step 1 Step 2 Command Router(config)# no spanning-tree backbonefast global configuration ... your entries. (Optional) Saves your entries in the MAC Address Table, page 73 • Configuring Aging Timer-timer, page 74 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 72 Router# Configuring MAC Table Manipulation - Enables BackboneFast on a per -VLAN ...
User Guide
Page 73
... where the link is up will see the dynamic entry validated in the MAC address table. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Known MAC Address Traffic To enable the MAC address secure option, use the following commands beginning in privileged EXEC mode...
... where the link is up will see the dynamic entry validated in the MAC address table. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Enabling Known MAC Address Traffic To enable the MAC address secure option, use the following commands beginning in privileged EXEC mode...
User Guide
Page 74
...configuration mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Verifying the MAC Address Table Step 1 Use the show mac command to verify the aging timer: Router # show mac Destination Address 0001.6443.6440 0004.c16d.9be1 0004.ddf0...- Verifying the Aging Timer Step 1 Use the show mac-address-table aging-time command to verify the MAC Address Table: Router# show mac-address-table aging-time Mac address aging time 23 Configuring Cisco Discovery Protocol • Enabling Cisco Discovery Protocol, page 75 • Enabling CDP on ...
...configuration mode. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Verifying the MAC Address Table Step 1 Use the show mac command to verify the aging timer: Router # show mac Destination Address 0001.6443.6440 0004.c16d.9be1 0004.ddf0...- Verifying the Aging Timer Step 1 Use the show mac-address-table aging-time command to verify the MAC Address Table: Router# show mac-address-table aging-time Mac address aging time 23 Configuring Cisco Discovery Protocol • Enabling Cisco Discovery Protocol, page 75 • Enabling CDP on ...