Software Guide
Page 10
...Engine 1 17 Configuring IP MMLS 28 15 C H A P T E R Configuring NDE 1 Understanding How NDE Works 1 Overview of NDE and Integrated Layer 3 Switching Management 1 Traffic Statistics Data Collection 2 Using NDE Filters 3 Default NDE Configuration 3 Configuring NDE 3 Usage Guidelines 4 Specifying an NDE Collector 4 Specifying an NDE ... Address 9 Displaying the NDE Configuration 10 16 C H A P T E R Configuring Access Control 1 Understanding How ACLs Work 1 Hardware Requirements 2 Supported ACLs 2 QoS ACLs 2 Catalyst 6000 Family Software Configuration Guide, Releases 6.3 and 6.4 10 78-13315-02
...Engine 1 17 Configuring IP MMLS 28 15 C H A P T E R Configuring NDE 1 Understanding How NDE Works 1 Overview of NDE and Integrated Layer 3 Switching Management 1 Traffic Statistics Data Collection 2 Using NDE Filters 3 Default NDE Configuration 3 Configuring NDE 3 Usage Guidelines 4 Specifying an NDE Collector 4 Specifying an NDE ... Address 9 Displaying the NDE Configuration 10 16 C H A P T E R Configuring Access Control 1 Understanding How ACLs Work 1 Hardware Requirements 2 Supported ACLs 2 QoS ACLs 2 Catalyst 6000 Family Software Configuration Guide, Releases 6.3 and 6.4 10 78-13315-02
Software Guide
Page 11
... 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN... Memory 42 Automatically Moving the VACL and QoS ACL Configuration to Flash Memory 43 Manually Moving the VACL and QoS ACL Configuration to Flash Memory 44 Running with the VACL and QoS ACL Configuration in Flash Memory 45 Moving the VACL and QoS ACL Configuration Back to NVRAM 46 Redundancy...
... 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN... Memory 42 Automatically Moving the VACL and QoS ACL Configuration to Flash Memory 43 Manually Moving the VACL and QoS ACL Configuration to Flash Memory 44 Running with the VACL and QoS ACL Configuration in Flash Memory 45 Moving the VACL and QoS ACL Configuration Back to NVRAM 46 Redundancy...
Software Guide
Page 23
... 10 Classification, Marking, and Policing with a Layer 3 Switching Engine 14 Classification and Marking with a Layer 2 Switching Engine 24 Ethernet Egress Port Scheduling, Congestion Avoidance, and Marking 24 QoS Statistics Data Export 27 QoS Default Configuration 28 Configuring QoS 30 Enabling QoS 31 Enabling Port-Based or VLAN-Based QoS 32 Configuring the Trust State of a Port 32...
... 10 Classification, Marking, and Policing with a Layer 3 Switching Engine 14 Classification and Marking with a Layer 2 Switching Engine 24 Ethernet Egress Port Scheduling, Congestion Avoidance, and Marking 24 QoS Statistics Data Export 27 QoS Default Configuration 28 Configuring QoS 30 Enabling QoS 31 Enabling Port-Based or VLAN-Based QoS 32 Configuring the Trust State of a Port 32...
Software Guide
Page 25
INDEX How a Call Is Made 7 Understanding How VLANs Work 8 Configuring VoIP on a Switch 9 Voice-Related CLI Commands 9 Configuring Per-Port Power Management 10 Configuring Auxiliary VLANs on Catalyst LAN Switches 19 Configuring the Access Gateways 21 Displaying Active Call Information 27 Configuring QoS in the Cisco IP Phone 7960 29 Contents 78-13315-02 Catalyst 6000 Family Software Configuration Guide, Releases 6.3 and 6.4 25
INDEX How a Call Is Made 7 Understanding How VLANs Work 8 Configuring VoIP on a Switch 9 Voice-Related CLI Commands 9 Configuring Per-Port Power Management 10 Configuring Auxiliary VLANs on Catalyst LAN Switches 19 Configuring the Access Gateways 21 Displaying Active Call Information 27 Configuring QoS in the Cisco IP Phone 7960 29 Contents 78-13315-02 Catalyst 6000 Family Software Configuration Guide, Releases 6.3 and 6.4 25
Software Guide
Page 29
... Protocol (GMRP), and Router Group Management Protocol (RGMP). Describes how to configure the Switch Port Analyzer (SPAN) and Remote SPAN (RSPAN). Describes how to configure Quality of Service (QoS). Describes how to configure accelerated server load balancing (ASLB). Describes how to configure SNMP...and Catalyst 2980G • Release Notes for Catalyst 6000 Family Software Release 6.x • Cisco IOS Configuration Guides and Command References-Use these publications to help you configure the Cisco IOS software that runs on the MSFC, MSM, and ATM modules. • For information...
... Protocol (GMRP), and Router Group Management Protocol (RGMP). Describes how to configure the Switch Port Analyzer (SPAN) and Remote SPAN (RSPAN). Describes how to configure Quality of Service (QoS). Describes how to configure accelerated server load balancing (ASLB). Describes how to configure SNMP...and Catalyst 2980G • Release Notes for Catalyst 6000 Family Software Release 6.x • Cisco IOS Configuration Guides and Command References-Use these publications to help you configure the Cisco IOS software that runs on the MSFC, MSM, and ATM modules. • For information...
Software Guide
Page 100
... port list, the ports do not have different GARP VLAN Registration Protocol (GVRP), GARP Multicast Registration Protocol (GMRP), and quality of service (QoS) configurations. • Configure all ports in an EtherChannel to operate at the same speed and duplex mode. • An EtherChannel will not... MAC addresses as dynamic VLAN ports. Setting different port path costs does not, by the set spantree portcost command, can adversely affect switch performance. • An EtherChannel will not form with ports where the port security feature is transferred to spanning tree as a trunk,...
... port list, the ports do not have different GARP VLAN Registration Protocol (GVRP), GARP Multicast Registration Protocol (GMRP), and quality of service (QoS) configurations. • Configure all ports in an EtherChannel to operate at the same speed and duplex mode. • An EtherChannel will not... MAC addresses as dynamic VLAN ports. Setting different port path costs does not, by the set spantree portcost command, can adversely affect switch performance. • An EtherChannel will not form with ports where the port security feature is transferred to spanning tree as a trunk,...
Software Guide
Page 108
...for each tunnel. • Assign only tunnel ports to VLANs used for tunneling. • Trunks require no traffic. The switch can provide only MAC-layer QoS for example, Layer 3 destination and source addresses). - Private VLANs - The 802.1Q tunnel feature does not require that ...the VLANs match. Voice over IP (Cisco IP Phone 7960) • The following restrictions: - Because traffic in the native VLAN is untagged, it cannot be identified. - The switch...
...for each tunnel. • Assign only tunnel ports to VLANs used for tunneling. • Trunks require no traffic. The switch can provide only MAC-layer QoS for example, Layer 3 destination and source addresses). - Private VLANs - The 802.1Q tunnel feature does not require that ...the VLANs match. Voice over IP (Cisco IP Phone 7960) • The following restrictions: - Because traffic in the native VLAN is untagged, it cannot be identified. - The switch...
Software Guide
Page 200
...cannot enable EtherChannel on isolated, community, or promiscuous ports. • You can stop Layer 3 switching on the promiscuous port. Deleting the corresponding mapping is not sufficient. set pvlan mapping primary_vlan {... | twoway_community_vlan} on an isolated or community VLAN by destroying the binding of service (QoS) ACLs to the primary VLAN. show pvlan [vlan] show pvlan mapping 11-18 Catalyst...you map a Cisco IOS ACL to a primary VLAN, the Cisco IOS ACL automatically maps to the associated isolated and community VLANs. • You cannot map Cisco IOS ACLs to ...
...cannot enable EtherChannel on isolated, community, or promiscuous ports. • You can stop Layer 3 switching on the promiscuous port. Deleting the corresponding mapping is not sufficient. set pvlan mapping primary_vlan {... | twoway_community_vlan} on an isolated or community VLAN by destroying the binding of service (QoS) ACLs to the primary VLAN. show pvlan [vlan] show pvlan mapping 11-18 Catalyst...you map a Cisco IOS ACL to a primary VLAN, the Cisco IOS ACL automatically maps to the associated isolated and community VLANs. • You cannot map Cisco IOS ACLs to ...
Software Guide
Page 222
... the routing protocols configured on the MSFC2. Layer 3 switching on Catalyst 6000 family switches provides flow statistics that you can use to have been routed by the VLAN access control list (VACL) feature and the quality of service (QoS) feature. Note Rather than on information learned from the ... and the Layer 2 source address to export flow statistics (for more information about NDE, see Chapter 15, "Configuring NDE"). To perform Layer 3 switching, the switch rewrites the Layer 2 frame header, changing the Layer 2 destination address to the Layer 2 address of the MSFC2. Layer...
... the routing protocols configured on the MSFC2. Layer 3 switching on Catalyst 6000 family switches provides flow statistics that you can use to have been routed by the VLAN access control list (VACL) feature and the quality of service (QoS) feature. Note Rather than on information learned from the ... and the Layer 2 source address to export flow statistics (for more information about NDE, see Chapter 15, "Configuring NDE"). To perform Layer 3 switching, the switch rewrites the Layer 2 frame header, changing the Layer 2 destination address to the Layer 2 address of the MSFC2. Layer...
Software Guide
Page 297
...page 16-27 • Configuring VACLs, page 16-28 • Configuring and Storing VACLs and QoS ACLs in Flash Memory, page 16-42 • Configuring Policy-Based Forwarding, page 16-48 Note...-Releases 6.3 and 6.4 16-1 This chapter consists of hardware you install on the Catalyst 6000 family switches. Configuration of the ACLs depends on the type of these sections: • Understanding How ACLs Work... ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on VLANs, page 16-7 • Using Cisco IOS ACLs in your Network, page 16-9 • Using VACLs with Cisco IOS ACLs, page 16-15 •...
...page 16-27 • Configuring VACLs, page 16-28 • Configuring and Storing VACLs and QoS ACLs in Flash Memory, page 16-42 • Configuring Policy-Based Forwarding, page 16-48 Note...-Releases 6.3 and 6.4 16-1 This chapter consists of hardware you install on the Catalyst 6000 family switches. Configuration of the ACLs depends on the type of these sections: • Understanding How ACLs Work... ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on VLANs, page 16-7 • Using Cisco IOS ACLs in your Network, page 16-9 • Using VACLs with Cisco IOS ACLs, page 16-15 •...
Software Guide
Page 298
...going to the router, and then the packet is installed on your switch is determined by the Catalyst 6000 family switches: • QoS ACLs, page 16-2 • Cisco IOS ACLs, page 16-3 • VACLs, page 16-3 QoS ACLs You can provide access control based on routed packets. During this ...process, the switch can either enter the VLAN through a switch port or through MAC addresses....
...going to the router, and then the packet is installed on your switch is determined by the Catalyst 6000 family switches: • QoS ACLs, page 16-2 • Cisco IOS ACLs, page 16-3 • VACLs, page 16-3 QoS ACLs You can provide access control based on routed packets. During this ...process, the switch can either enter the VLAN through a switch port or through MAC addresses....
Software Guide
Page 318
Suppose Host X and Host Y are connected to Host Y is eventually being routed by the switch equipped with the MSFC. Traffic from Host X to Host Y, you do not want HTTP traffic switched from Host X to Host Y can still support a VACL and a QoS ACL. If you can configure a VACL on Private VLANs, page 16-26 •...
Suppose Host X and Host Y are connected to Host Y is eventually being routed by the switch equipped with the MSFC. Traffic from Host X to Host Y, you do not want HTTP traffic switched from Host X to Host Y can still support a VACL and a QoS ACL. If you can configure a VACL on Private VLANs, page 16-26 •...
Software Guide
Page 322
...that are mapped to a primary VLAN get mapped to the associated secondary VLANs. • You cannot map Cisco IOS ACLs to secondary VLANs. • You cannot map dynamic ACEs to a private VLAN. • ...applied as follows: • You can map VACLs to secondary VLANs or primary VLANs. • Cisco IOS ACLs that has had ARP traffic disallowed, enter the set security acl ip acl_name deny arp... ACLs on each VLAN by default. In software release 6.1(1) and later releases, ACLs can map QoS ACLs to secondary VLANs or primary VLANs. Using VACLs in your Network Chapter 16 Configuring Access Control...
...that are mapped to a primary VLAN get mapped to the associated secondary VLANs. • You cannot map Cisco IOS ACLs to secondary VLANs. • You cannot map dynamic ACEs to a private VLAN. • ...applied as follows: • You can map VACLs to secondary VLANs or primary VLANs. • Cisco IOS ACLs that has had ARP traffic disallowed, enter the set security acl ip acl_name deny arp... ACLs on each VLAN by default. In software release 6.1(1) and later releases, ACLs can map QoS ACLs to secondary VLANs or primary VLANs. Using VACLs in your Network Chapter 16 Configuring Access Control...
Software Guide
Page 324
... 16-16. • See the "Using VACLs in the ACL. There are no default VACLs and no Cisco IOS ACL configured to deny traffic on page 16-27. • Note that comes into the switch is applied against the first ACE in your Network" section on page 16-22 for configuring VACLs... enter the show 100 percent usage even if there is deleted but not committed. • Note that the show security acl resource-usage and show qos acl resource-usage commands might incorrectly calculate the maximum number of them to a VLAN.
... 16-16. • See the "Using VACLs in the ACL. There are no default VACLs and no Cisco IOS ACL configured to deny traffic on page 16-27. • Note that comes into the switch is applied against the first ACE in your Network" section on page 16-22 for configuring VACLs... enter the show 100 percent usage even if there is deleted but not committed. • Note that the show security acl resource-usage and show qos acl resource-usage commands might incorrectly calculate the maximum number of them to a VLAN.
Software Guide
Page 338
...problems when you attempt to upgrade from one software version to create an ACE for storing VACLs and QoS ACLs; With the addition of NVRAM. Configuring and Storing VACLs and QoS ACLs in Flash Memory Chapter 16 Configuring Access Control This example shows how to another. Note In.... Console> (enable) This example shows how to map the VACL to configure and store VACLs and QoS ACLs in NVRAM. therefore, all configuration information was stored in Flash memory instead of QoS and security ACLs (VACLs), NVRAM could become full. Console> (enable) Configuring and Storing VACLs and...
...problems when you attempt to upgrade from one software version to create an ACE for storing VACLs and QoS ACLs; With the addition of NVRAM. Configuring and Storing VACLs and QoS ACLs in Flash Memory Chapter 16 Configuring Access Control This example shows how to another. Note In.... Console> (enable) This example shows how to map the VACL to configure and store VACLs and QoS ACLs in NVRAM. therefore, all configuration information was stored in Flash memory instead of QoS and security ACLs (VACLs), NVRAM could become full. Console> (enable) Configuring and Storing VACLs and...
Software Guide
Page 339
...to Flash Memory, page 16-43 • Manually Moving the VACL and QoS ACL Configuration to Flash Memory, page 16-44 • Running with High Availability, page 16-46 Note See Chapter 23, "Modifying the Switch Boot Configuration," for the upgrade. If there is not enough NVRAM to perform... a software upgrade, the QoS ACL and VACL configuration is deleted from NVRAM and the ACL configuration is automatically moved to ...
...to Flash Memory, page 16-43 • Manually Moving the VACL and QoS ACL Configuration to Flash Memory, page 16-44 • Running with High Availability, page 16-46 Note See Chapter 23, "Modifying the Switch Boot Configuration," for the upgrade. If there is not enough NVRAM to perform... a software upgrade, the QoS ACL and VACL configuration is deleted from NVRAM and the ACL configuration is automatically moved to ...
Software Guide
Page 340
...-config: recurring, overwrite, sync disabled console baud: 9600 boot: image specified by the boot system commands Console> (enable) Save committed VACL and QoS ACL configuration changes to configure the switch at startup. With synchronization enabled, the auto-config file(s) synchronize automatically to bootflash:switchapp.cfg 2843644 bytes available on device bootflash, proceed...
...-config: recurring, overwrite, sync disabled console baud: 9600 boot: image specified by the boot system commands Console> (enable) Save committed VACL and QoS ACL configuration changes to configure the switch at startup. With synchronization enabled, the auto-config file(s) synchronize automatically to bootflash:switchapp.cfg 2843644 bytes available on device bootflash, proceed...
Software Guide
Page 341
... the NVRAM configuration at system startup. Any changes made in the auto-config file bootflash:switchapp.cfg and will be appended to Flash memory, QoS ACLs and VACL commit operations are lost. If you need to enter the copy command to save the configuration to Flash memory. If the ...VACL and QoS ACL configuration is saved in NVRAM are no longer in NVRAM, it . 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 16...
... the NVRAM configuration at system startup. Any changes made in the auto-config file bootflash:switchapp.cfg and will be appended to Flash memory, QoS ACLs and VACL commit operations are lost. If you need to enter the copy command to save the configuration to Flash memory. If the ...VACL and QoS ACL configuration is saved in NVRAM are no longer in NVRAM, it . 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 16...
Software Guide
Page 342
... require some configuration on Layer 3 IP unicast traffic, it is performed. At the intermediate (PBF) switch, all 802.1Q tunnel traffic appears as in the case where the VACL and QoS ACL configuration is made; Interacting with High Availability After a supervisor engine switchover, the VACL and...automatically synchronized to the standby supervisor engine whenever a change . Similarly, if you enable the auto-config option, if the VACL and QoS ACL configuration resides in NVRAM. for transparent bridging where a limited amount of inter-VLAN communication is not present in DRAM, but ...
... require some configuration on Layer 3 IP unicast traffic, it is performed. At the intermediate (PBF) switch, all 802.1Q tunnel traffic appears as in the case where the VACL and QoS ACL configuration is made; Interacting with High Availability After a supervisor engine switchover, the VACL and...automatically synchronized to the standby supervisor engine whenever a change . Similarly, if you enable the auto-config option, if the VACL and QoS ACL configuration resides in NVRAM. for transparent bridging where a limited amount of inter-VLAN communication is not present in DRAM, but ...
Software Guide
Page 382
This example shows you can access the switch command-line interface (CLI) using the show port capabilities 1/1 Model WS-X6K-SUP1A-2GE Port 1/1 Type No Connector Speed 1000 Duplex full Trunk encap type 802.1Q,ISL Trunk mode on,off,...yes Membership static,dynamic Fast start yes QOS scheduling rx-(1p1q4t),tx-(1p2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan no SPAN source,destination COPS port group 1/1-2 Console> (enable) Using Telnet You can use Telnet from the switch to eight simultaneous Telnet sessions are possible...
This example shows you can access the switch command-line interface (CLI) using the show port capabilities 1/1 Model WS-X6K-SUP1A-2GE Port 1/1 Type No Connector Speed 1000 Duplex full Trunk encap type 802.1Q,ISL Trunk mode on,off,...yes Membership static,dynamic Fast start yes QOS scheduling rx-(1p1q4t),tx-(1p2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan no SPAN source,destination COPS port group 1/1-2 Console> (enable) Using Telnet You can use Telnet from the switch to eight simultaneous Telnet sessions are possible...