Cisco IOS LAN Switching Configuration Guide Release 12.4T Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
About Cisco IOS and Cisco IOS XE Software Documentation Last updated: August 6, 2008 This document describes the objectives, audience, conventions, and organization used in Cisco IOS and Cisco IOS XE software documentation, collectively referred to in this document as Cisco IOS documentation. Also included are resources for obtaining technical assistance, additional documentation, and other information from Cisco.
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Conventions Documentation Conventions In Cisco IOS documentation, the term router may be used to refer to various Cisco products; for example, routers, access servers, and switches. These and other networking devices that support Cisco IOS software are shown interchangeably in examples and are used only for illustrative purposes. An example that shows one product does not necessarily mean that other products are not supported.
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Software Conventions Cisco IOS uses the following program code conventions: Convention Description Courier font Courier font is used for information that is displayed on a PC or terminal screen. Bold Courier font Bold Courier font indicates text that the user must enter. < > ! [ Angle brackets enclose text that is not displayed, such as a password.
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Cisco IOS Documentation Set Cisco IOS documentation consists of the following: • Release notes and caveats provide information about platform, technology, and feature support for a release and describe severity 1 (catastrophic), severity 2 (severe), and severity 3 (moderate) defects in released Cisco IOS code. Review release notes before other documents to learn whether or not updates have been made to a feature.
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Command References Command reference books describe Cisco IOS commands that are supported in many different software releases and on many different platforms. The books are provided by technology. For information about all Cisco IOS commands, use the Command Lookup Tool at http://tools.cisco.com/Support/CLILookup or the Cisco IOS Master Command List, All Releases, at http://www.cisco.
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Table 1 Cisco IOS and Cisco IOS XE Configuration Guides and Command References (continued) Configuration Guide and Command Reference Titles Cisco IOS Bridging and IBM Networking Configuration Guide Features/Protocols/Technologies • Transparent and source-route transparent (SRT) bridging, source-route bridging (SRB), Token Ring Inter-Switch Link (TRISL), and token ring route switch module (TRRSM).
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Table 1 Cisco IOS and Cisco IOS XE Configuration Guides and Command References (continued) Configuration Guide and Command Reference Titles Features/Protocols/Technologies Cisco IOS H.323 Configuration Guide Gatekeeper enhancements for managed voice services, Gatekeeper Transaction Message Protocol, gateway codec order preservation and shutdown control, H.323 dual tone multifrequency relay, H.
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Table 1 Cisco IOS and Cisco IOS XE Configuration Guides and Command References (continued) Configuration Guide and Command Reference Titles Features/Protocols/Technologies Cisco IOS IP Routing Protocols Configuration Guide Cisco IOS IP Routing Protocols Command Reference Border Gateway Protocol (BGP), multiprotocol BGP, multiprotocol BGP extensions for IP multicast, bidirectional forwarding detection (BFD), Enhanced In
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Table 1 Cisco IOS and Cisco IOS XE Configuration Guides and Command References (continued) Configuration Guide and Command Reference Titles Features/Protocols/Technologies Cisco IOS Multiprotocol Label Switching Configuration Guide MPLS Label Distribution Protocol (LDP), MPLS Layer 2 VPNs, MPLS Layer 3 VPNs, MPLS Traffic Engineering (TE), and MPLS Embedded Management (EM) and MIBs.
About Cisco IOS and Cisco IOS XE Software Documentation Documentation Organization Table 1 Cisco IOS and Cisco IOS XE Configuration Guides and Command References (continued) Configuration Guide and Command Reference Titles Features/Protocols/Technologies Cisco IOS Service Selection Gateway Configuration Guide Subscriber authentication, service access, and accounting.
About Cisco IOS and Cisco IOS XE Software Documentation Additional Resources and Documentation Feedback Table 2 Cisco IOS Supplementary Documents and Resources Document Title Description Cisco IOS Master Command List, All Releases Alphabetical list of all the commands documented in all Cisco IOS releases. Cisco IOS New, Modified, Removed, and Replaced Commands List of all the new, modified, removed, and replaced commands for a Cisco IOS release.
About Cisco IOS and Cisco IOS XE Software Documentation Additional Resources and Documentation Feedback CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetw
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Last updated: August 6, 2008 This document provides basic information about the command-line interface (CLI) in Cisco IOS and Cisco IOS XE software and how you can use some of the CLI features.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI Changing the Default Settings for a Console or AUX Port There are only two changes that you can make to a console port and an AUX port: Note • Change the port speed with the config-register 0x command. Changing the port speed is not recommended. The well-known default speed is 9600. • Change the behavior of the port; for example, by adding a password or changing the timeout value.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI Table 1 CLI Command Modes Command Mode Access Method Prompt Exit Method User EXEC Log in. Router> Issue the logout or exit command. Privileged EXEC From user EXEC mode, issue the enable command. Router# Issue the disable command or the exit command to return to user EXEC mode. Mode Usage • Change terminal settings. • Perform basic tests. • Display device status. • Issue show and debug commands.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI Table 1 CLI Command Modes (continued) Command Mode Access Method Prompt Exit Method ROM monitor From privileged EXEC mode, issue the reload command. Press the Break key during the first 60 seconds while the system is booting. rommon # > Issue the continue command. Diagnostic (available only on the Cisco ASR1000 series router) Router(diag)# The router boots or enters diagnostic mode in the following scenarios.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI EXEC commands are not saved when the software reboots. Commands that you issue in a configuration mode can be saved to the startup configuration. If you save the running configuration to the startup configuration, these commands will execute when the software is rebooted. Global configuration mode is the highest level of configuration mode.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI The following examples show how to use the help commands: help Router> help Help may be requested at any point in a command by entering a question mark '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. Two styles of help are provided: 1. Full help is available when you are ready to enter a command argument (e.g.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI Table 3 CLI Syntax Conventions Symbol/Text Function Notes < > (angle brackets) Indicate that the option is an argument. Sometimes arguments are displayed without angle brackets. A.B.C.D. Indicates that you must enter a dotted decimal IP address. Angle brackets (< >) are not always used to indicate that an IP address is an argument. WORD (all capital letters) Indicates that you must enter one word.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI Understanding Enable and Enable Secret Passwords Some privileged EXEC commands are used for actions that impact the system, and it is recommended that you set a password for these commands to prevent unauthorized use. Two types of passwords, enable (not encrypted) and enable secret (encrypted), can be set.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI • Press Ctrl-N or the down arrow key—Recalls the most recent commands in the history buffer after they have been recalled using Ctrl-P or the up arrow key. Repeat the key sequence to recall successively more recent commands. Note • The arrow keys function only on ANSI-compatible terminals such as the VT100.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI To view both default and user-created aliases, issue the show alias command. For more information about the alias command, see http://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_book.html. Using the no and default Forms of Commands Most configuration commands have a no form that is used to reset a command to its default value or disable a feature or function.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Using the CLI To use one of these output modifiers, type the command followed by the pipe symbol (|), the modifier, and the regular expression that you want to search for or filter. A regular expression is a case-sensitive alphanumeric pattern. It can be a single character or number, a phrase, or a more complex string.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Saving Changes to a Configuration Saving Changes to a Configuration To save changes that you made to the configuration of a device, you must issue the copy running-config startup-config command or the copy system:running-config nvram:startup-config command.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Additional Information • Command Lookup Tool, a tool to help you find detailed descriptions of Cisco IOS commands (requires Cisco.com user ID and password) http://tools.cisco.com/Support/CLILookup • Output Interpreter, a troubleshooting tool that analyzes command output of supported show commands https://www.cisco.com/pcgi-bin/Support/OutputInterpreter/home.
Using the Command-Line Interface in Cisco IOS and Cisco IOS XE Software Additional Information xiv
Virtual LANs
Virtual LANS Features Roadmap This roadmap lists the features documented in the Virtual LANs modules in which they appear. Roadmap History This roadmap was first published April 20, 2006 and last updated on April 20, 2006. Features and Release Support Table 1 lists Virtual LANs feature support for the following Cisco IOS software release trains: • Cisco IOS Releases 12.0, 12.1, 12.2, 12.3, and 12.3T Only features that were introduced or modified in Cisco IOS Release 12.
Virtual LANS Features Roadmap Table 1 Release Supported Network Address Translation Features Feature Name Feature Description Where Documented Cisco IOS Releases 12.0, 12.1, 12.2, 12.3, and 12.3T 12.0(7)XE VLAN Range 12.1(5)T 12.2(2)DD 12.2(4)B 12.2(8)T Using the VLAN Range feature, you can group VLAN subinterfaces together so that any command entered in a group applies to every subinterface within the group. This capability simplifies configurations and reduces command parsing.
Virtual LANS Features Roadmap Table 1 Supported Network Address Translation Features (continued) Release Feature Name Feature Description Where Documented 12.3(8)T4 Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Cisco EtherSwitch HWICs are 10/100BASE-T Layer 2 Ethernet switches with Layer 3 routing capability. (Layer 3 routing is forwarded to the host and is not actually performed at the switch.) Traffic between different VLANs on a switch is routed through the router platform.
Virtual LANS Features Roadmap Table 1 Release Supported Network Address Translation Features (continued) Feature Name Feature Description Where Documented Cisco IOS Releases 12.2SR 12.2(33)SRB cGVRP cGVRP The Compact (c) Generic Attribute Registration Protocol (GARP) VLAN Registration Protocol (GVRP) feature reduces CPU time for transmittal of 4094 VLAN states on a port.
Configuring Routing Between VLANs First Published: March 15, 2006 Last Updated: October 10, 2008 This module provides an overview of VLANs. It describes the encapsulation protocols used for routing between VLANs and provides some basic information about designing VLANs. This module contains tasks for configuring routing between VLANS. Finding Feature Information in This Module Your Cisco IOS software release may not support all of the features documented in this module.
Configuring Routing Between VLANs Information About Routing Between VLANs Information About Routing Between VLANs This module describes routing between VLANs.
Configuring Routing Between VLANs Information About Routing Between VLANs LAN Segmentation VLANs allow logical network topologies to overlay the physical switched infrastructure such that any arbitrary collection of LAN ports can be combined into an autonomous user group or community of interest. The technology logically segments the network into separate Layer 2 broadcast domains whereby packets are switched between ports designated to be within the same VLAN.
Configuring Routing Between VLANs Information About Routing Between VLANs Broadcast Control Just as switches isolate collision domains for attached hosts and only forward appropriate traffic out a particular port, VLANs provide complete isolation between VLANs. A VLAN is a bridging domain, and all broadcast and multicast traffic is contained within it.
Configuring Routing Between VLANs Information About Routing Between VLANs Figure 74 Relaying Function Port state information Forwarding process Port state information Ingress rules Filtering database Egress rules Frame transmission 54713 Frame reception The Tagging Scheme Figure 75 shows the tagging scheme proposed by the 802.3ac standard, that is, the addition of the four octets after the source MAC address.
Configuring Routing Between VLANs Information About Routing Between VLANs Figure 75 Tagging Scheme User priority 6 Destination address 6 Source address 2 EtherType = 0x8100 2 Tag control information 2 MAC length/type CFI VID (VLAN ID) - 12 bits Data Variable 4 54712 PAD FCS The EtherType and VLAN ID are inserted after the MAC source address, but before the original Ethertype/Length or Logical Link Control (LLC).
Configuring Routing Between VLANs Information About Routing Between VLANs connected to the central trunk link in the lower part of Figure 77. They are VLAN-unaware and they will be associated to the VLAN C, because the PVIDs of the VLAN-aware bridges are equal to VLAN C. Because the VLAN-unaware stations will send only untagged frames, when the VLAN-aware bridge devices receive these untagged frames they will assign them to VLAN C.
Configuring Routing Between VLANs Information About Routing Between VLANs Ingress and Egress Rules The BPDU transmission on the 802.1Q port of a PVST+ router will be implemented in compliance with the following rules: • The CST BPDU (of VLAN 1, by default) is sent to the IEEE address. • All the other BPDUs are sent to Shared Spanning Tree Protocol (SSTP)-Address and encapsulated with Logical Link Control-Subnetwork Access Protocol (LLC-SNAP) header.
Configuring Routing Between VLANs Information About Routing Between VLANs strips the header and forwards the frame to interfaces that match the VLAN color. If you are using a Cisco network management product such as VlanDirector, you can actually color code the VLANs and monitor VLAN graphically. Implementing VLANS Network managers can logically group networks that span all major topologies, including high-speed technologies such as, ATM, FDDI, and Fast Ethernet.
Configuring Routing Between VLANs Information About Routing Between VLANs IEEE 802.10 Protocol The IEEE 802.10 protocol provides connectivity between VLANs. Originally developed to address the growing need for security within shared LAN/MAN environments, it incorporates authentication and encryption techniques to ensure data confidentiality and integrity throughout the network. Additionally, by functioning at Layer 2, it is well suited to high-throughput, low-latency switching environments. The IEEE 802.
Configuring Routing Between VLANs Information About Routing Between VLANs The FSSRP feature improves upon SSRP such that LANE server and BUS switchover for LANE clients is immediate. With SSRP, a LANE server would go down, and depending on the network load, it may have taken considerable time for the LANE client to come back up joined to the correct LANE server and BUS.
Configuring Routing Between VLANs How to Configure Routing Between VLANS VLAN Translation VLAN translation refers to the ability of the Cisco IOS software to translate between different VLANs or between VLAN and non-VLAN encapsulating interfaces at Layer 2. Translation is typically used for selective inter-VLAN switching of nonroutable protocols and to extend a single VLAN topology across hybrid switching environments.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Restrictions • Each command you enter while you are in interface configuration mode with the interface range command is executed as it is entered. The commands are not batched together for execution after you exit interface configuration mode. If you exit interface configuration mode while the commands are being executed, some commands might not be executed on some interfaces in the range.
Configuring Routing Between VLANs How to Configure Routing Between VLANS 8. show interfaces DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface range {{ethernet | fastethernet | gigabitethernet | atm} slot/interface.subinterface {{ethernet | fastethernet | gigabitethernet | atm}slot/interface.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Step 7 Command Purpose show running-config Verifies subinterface configuration. Example: Router# show running-config Step 8 Verifies that subinterfaces have been created.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Figure 78 VLAN Packets Traversing the Shared Backbone Green Green Fast Ethernet Token Ring Red Green Blue Blue Red Red Token Ring S6621 Blue You can configure routing between any number of VLANs in your network. This section documents the configuration tasks for each protocol supported with ISL encapsulation. The basic process is the same, regardless of the protocol being routed.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 Enters global configuration mode. configure terminal Example: Router# configure terminal Step 3 appletalk routing [eigrp router-number] Enables AppleTalk routing globally on either ISL or 802.10 interfaces.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Configuring Banyan VINES Routing over ISL Banyan VINES can be routed over VLAN subinterfaces using the ISL encapsulation protocol. The Banyan VINES Routing over ISL Virtual LANs feature provides full-feature Cisco IOS software Banyan VINES support on a per-VLAN basis, allowing standard Banyan VINES capabilities to be configured on VLANs.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Configuring DECnet Routing over ISL DECnet can be routed over VLAN subinterfaces using the ISL VLAN encapsulation protocols. The DECnet Routing over ISL Virtual LANs feature provides full-feature Cisco IOS software DECnet support on a per-VLAN basis, allowing standard DECnet capabilities to be configured on VLANs. To route DECnet over ISL VLANs, you need to configure ISL encapsulation on the subinterface.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Configuring the Hot Standby Router Protocol over ISL The Hot Standby Router Protocol (HSRP) provides fault tolerance and enhanced routing performance for IP networks. HSRP allows Cisco IOS routers to monitor each other’s operational status and very quickly assume packet forwarding responsibility in the event the current forwarding device in the HSRP group fails or is taken down for maintenance.
Configuring Routing Between VLANs How to Configure Routing Between VLANS 4. encapsulation isl vlan-identifier 5. ip address ip-address mask [secondary] 6. standby [group-number] ip [ip-address [secondary]] 7. standby [group-number] timers hellotime holdtime 8. standby [group-number] priority priority 9. standby [group-number] preempt 10. standby [group-number] track type-number [interface-priority] 11.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Step 8 Command or Action Purpose Router(config-if)# standby [group-number] priority priority Sets the Hot Standby priority used to choose the active router. Example: Router(config-if)# standby 1 priority 105 Step 9 Router(config-if)# standby [group-number] preempt Specifies that if the local router has priority over the current active router, the local router should attempt to take its place as the active router.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 Enables IP routing on the router. ip routing Example: Router(config)# ip routing Step 4 interface type slot/port.
Configuring Routing Between VLANs How to Configure Routing Between VLANS • SNAP (IEEE 802.2 SNAP to 802.10 on FDDI) NetWare users can now configure consolidated VLAN routing over a single VLAN trunking FDDI interface. Not all IPX encapsulations are currently supported for SDE VLAN. The IPX interior encapsulation support can be achieved by messaging the IPX header before encapsulating in the SDE format.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Step 4 Command or Action Purpose interface fddi slot/port.subinterface-number Specifies the subinterface on which SDE will be used. Example: Router(config)# interface 2/0.1 Step 5 encapsulation sde vlan-identifier Defines the encapsulation format and specifies the VLAN identifier.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 ipx routing [node] Enables IPX routing globally. Example: Router(config)# source-bridge ring-group 100 Step 4 interface type slot/port.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Figure 80 Cisco 7500 Distributed Architecture Route Switch Processor IP routing table IP forwarding table Versatile Interface Processor Versatile Interface Processor Versatile Interface Processor Distributed IP forwarding cache Distributed IP forwarding cache Distributed IP forwarding cache Fast Fast Ethernet Ethernet Fast Fast Ethernet Ethernet Fast Fast Ethernet Ethernet VLAN 1,2,3 VLAN 4,5,6 VLAN 7,8,9 VLAN VLAN 10,1
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 Enables IP routing on the router.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 xns routing [address] Enables XNS routing globally. Example: Router(config)# xns routing 0123.4567.adcb Step 4 interface type slot/port.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 Enables CLNS routing globally. clns routing Example: Router(config)# clns routing Step 4 interface type slot/port.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 router isis [tag] Enables IS-IS routing, and enters router configuration mode.
Configuring Routing Between VLANs How to Configure Routing Between VLANS entire physical interface would stop routing any AppleTalk packets. With this feature enabled, AppleTalk routing on subinterfaces will be unaffected by changes in the main interface with the main interface in the “no-shut” state. To route AppleTalk over IEEE 802.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Step 6 Command or Action Purpose appletalk zone zone-name Assigns the AppleTalk zone for the subinterface. Example: Router(config-if)# appletalk zone eng Step 7 encapsulation sde said Example: Defines the encapsulation format as IEEE 802.10 (sde) and specifies the VLAN identifier or security association identifier, respectively.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Configuring Routing Between VLANs with IEEE 802.1Q Encapsulation This section describes the required and optional tasks for configuring routing between VLANs with IEEE 802.1Q encapsulation. The IEEE 802.1Q protocol is used to interconnect multiple switches and routers, and for defining VLAN topologies. Prerequisites Configuring routing between VLANs with IEEE 802.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Configuring AppleTalk Routing over IEEE 802.1Q AppleTalk can be routed over virtual LAN (VLAN) subinterfaces using the IEEE 802.1Q VLAN encapsulation protocol. AppleTalk Routing provides full-feature Cisco IOS software AppleTalk support on a per-VLAN basis, allowing standard AppleTalk capabilities to be configured on VLANs. To route AppleTalk over IEEE 802.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Step 6 Command or Action Purpose appletalk cable-range cable-range [network.node] Assigns the AppleTalk cable range and zone for the subinterface. Example: Router(config-if)# appletalk cable-range 100-100 100.1 Step 7 appletalk zone zone-name Assigns the AppleTalk zone for the subinterface.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Step 3 Command or Action Purpose ip routing Enables IP routing on the router. Example: Router(config)# ip routing Step 4 interface fastethernet slot/port.subinterface-number Specifies the subinterface on which IEEE 802.1Q will be used. Example: Router(config)# interface fastethernet 4/1.101 Step 5 encapsulation dot1q vlanid Defines the encapsulation format at IEEE.802.1Q (dot1q) and specifies the VLAN identifier.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 ipx routing [node] Enables IPX routing globally. Example: Router(config)# ipx routing Step 4 interface fastethernet slot/port.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface fastethernet slot/port.subinterface-number Selects a particular interface to configure. Example: Router(config)# interface fastethernet 4/1.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface fastethernet slot/port.subinterface-number Selects a particular interface to configure. Example: Router(config)# interface fastethernet 4/1.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Restrictions The following restrictions apply to the Cisco 10000 series Internet router: • Supported on Ethernet, FastEthernet, or Gigabit Ethernet interfaces. • Supports only Point-to-Point Protocol over Ethernet (PPPoE) packets that are double-tagged for Q-in-Q VLAN tag termination. • IP and Multiprotocol Label Switching (MPLS) packets are not supported. • Modular QoS can be applied to unambiguous subinterfaces only.
Configuring Routing Between VLANs How to Configure Routing Between VLANS The Q-in-Q VLAN tag termination feature is simpler than the IEEE 802.1Q tunneling feature deployed for the Catalyst 6500 series switches or the Catalyst 3550 and Catalyst 3750 switches. Whereas switches require IEEE 802.1Q tunnels on interfaces to carry double-tagged traffic, routers need only encapsulate Q-in-Q VLAN tags within another level of 802.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Broadband Ethernet-based DSLAM Model of Q-in-Q VLANs VLAN 30 VLAN 20 QinQ Outer VLAN 1 FE/GE L2/L3 switch Outer VLAN 2 VLAN 10 DSLAM VLAN 1 L2/L3 switch GigE BRAS L2/L3 switch Outer VLAN 3 170136 Figure 82 DSLAM VLAN aggregation on a DSLAM will result in a lot of aggregate VLANs that at some point need to be terminated on the broadband remote access servers (BRAS).
Configuring Routing Between VLANs How to Configure Routing Between VLANS Router(config-subif)# ip access-group 1 Unambiguous and Ambiguous Subinterfaces The encapsulation dot1q command is used to configure Q-in-Q termination on a subinterface. The command accepts an Outer VLAN ID and one or more Inner VLAN IDs. The outer VLAN ID always has a specific value, while inner VLAN ID can either be a specific value or a range of values.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Prerequisites For the Cisco 10000 series Internet router: • PPPoE is already configured. • Virtual private dial-up network (VPDN) is enabled. The first task is optional. A step in this task shows you how to configure the EtherType field to be 0x9100 for the outer VLAN tag, if that is required. After the subinterface is defined, the 802.1Q encapsulation is configured to use the double tagging.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Configuring the Q-in-Q Subinterface Use the following steps to configure Q-in-Q subinterfaces. This task is required. SUMMARY STEPS 1. enable 2. configure terminal 3. interface type number.subinterface-number 4. encapsulation dot1q vlan-id second-dot1q {any | vlan-id | vlan-id-vlan-id [,vlan-id-vlan-id]} 5. pppoe enabled [group group-name] 6. exit 7. Repeat Step 3 to configure another subinterface. 8.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Step 5 Command or Action Purpose pppoe enable [group group-name] Enables PPPoE sessions on a subinterface. • Example: The example specifies that the PPPoE profile, vpn1, will be used by PPPoE sessions on the subinterface. Router(config-subif)# pppoe enable group vpn1 Step 6 Exits subinterface configuration mode and returns to interface configuration mode.
Configuring Routing Between VLANs How to Configure Routing Between VLANS 3. show vlans dot1q [internal | interface-type interface-number.subinterface-number [detail] | outer-id [interface-type interface-number | second-dot1q [inner-id | any]] [detail]] DETAILED STEPS Step 1 enable Enables privileged EXEC mode. Enter your password if prompted. Router> enable Step 2 show running-config Use this command to show the currently running configuration on the device.
Configuring Routing Between VLANs How to Configure Routing Between VLANS ! interface GigabitEthernet5/0.1011002 encapsulation dot1Q 101 second-dot1q 1002 ip address 10.8.8.5 255.255.255.252 ! interface GigabitEthernet5/0.1019999 encapsulation dot1Q 101 second-dot1q 1-1000,1003-2000 pppoe enable . . . The following shows the currently running configuration on a Cisco 10000 series Internet router: Router# show running-config . . . interface FastEthernet1/0/0.201 encapsulation dot1Q 201 ip address 10.7.7.
Configuring Routing Between VLANs How to Configure Routing Between VLANS Note The show vlans dot1q command is not supported on the Cisco 10000 series Internet router. Router# show vlans dot1q Total statistics for 802.1Q VLAN 1: 441 packets, 85825 bytes input 1028 packets, 69082 bytes output Total statistics for 802.1Q VLAN 101: 5173 packets, 510384 bytes input 3042 packets, 369567 bytes output Total statistics for 802.
Configuring Routing Between VLANs How to Configure Routing Between VLANS DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 Enters global configuration mode. configure terminal Example: Router# configure terminal Step 3 Displays VLAN subinterfaces.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs Protocols Configured: IP Virtual LAN ID: Address: 172.20.0.3 Received: 1558 Transmitted: 1521 4 (Inter Switch Link Encapsulation) vLAN Trunk Interface: Protocols Configured: IP FastEthernet5/0.2 Address: 172.30.0.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs ISL Encapsulation Configuration: Examples This section provides the following configuration examples for each of the protocols described in this chapter: • AppleTalk Routing over ISL Configuration: Example, page 53 • Banyan VINES Routing over ISL Configuration: Example, page 54 • DECnet Routing over ISL Configuration: Example, page 54 • HSRP over ISL Configuration: Example, page 54 • IP Routing with RIF
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs As shown in Figure 84, AppleTalk traffic is routed to and from switched VLAN domains 3, 4, 100, and 200 to any other AppleTalk routing interface. This example shows a sample configuration file for the Cisco 7500 series router with the commands entered to configure the network shown in Figure 84. Cisco 7500 Router Configuration ! appletalk routing interface Fddi 1/0.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs Figure 85 Hot Standby Router Protocol Sample Configuration Enterprise network Cisco IOS Cisco IOS Router A on FastEthernet ISL connection to a Catalyst 5000 switch Cisco IOS HSRP peers FE 1/1 FE 1/1 Cisco IOS Router B on FastEthernet ISL connection to a Catalyst 5000 switch ISL VLAN 110 Port 2/8 Port 2/9 Port 5/3 Port 5/4 Catalyst VLAN switch Ethernet 1/2 Ethernet 1/2 Ethernet 1/2 Host 1 Host 2 S62
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs ! end ! Router B Configuration interface FastEthernet 1/1.110 encapsulation isl 110 ip address 10.1.1.3 255.255.255.0 standby 1 ip 10.1.1.101 standby 1 preempt standby 2 ip 10.1.1.102 standby 2 preempt standby 2 priority 105 router igrp 1 ! network 10.1.0.0 network 10.2.0.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs interface FastEthernet4/0.2 ip address 10.4.4.1 255.255.255.0 encapsulation tr-isl trbrf-vlan 998 bridge-num 13 multiring trcrf-vlan 300 ring 101 multiring all The following is the configuration for the Catalyst 5000 switch with the Token Ring switch module in slot 5.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs IPX Routing over ISL Configuration: Example Figure 88 shows IPX interior encapsulations configured over ISL encapsulation in VLAN configurations. Note that three different IPX encapsulation formats are used. VLAN 20 uses SAP encapsulation, VLAN 30 uses ARPA, and VLAN 70 uses novell-ether encapsulation.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs VLAN 70 Configuration ipx routing interface FastEthernet 3/0 no shutdown interface Fast3/0.70 encapsulation isl 70 ipx network 70 encapsulation novell-ether IPX Routing on FDDI Interfaces with SDE: Example The following example enables IPX routing on FDDI interfaces 0.2 and 0.3 with SDE. On FDDI interface 0.2, the encapsulation type is SNAP. On FDDI interface 0.3, the encapsulation type is Novell’s FDDI_RAW.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs The following is the configuration for the Catalyst 5000 switch with the Token Ring switch module in slot 5.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs In Figure 90, the VIP cards forward the traffic between ISL VLANs or any other routing interface. Traffic from any VLAN can be routed to any of the other VLANs, regardless of which VIP card receives the traffic. These commands show the configuration for each of the VLANs shown in Figure 90: interface FastEthernet1/0/0 ip address 10.1.1.1 255.255.255.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs CLNS Routing over ISL Configuration: Example To configure routing of the CLNS protocol over ISL trunks, you need to define ISL as the encapsulation type. This example shows CLNS configured to be routed over an ISL trunk: clns routing interface fastethernet 1/0.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs Cisco 7500 Router Configuration ! interface Fddi 1/0.100 encapsulation sde 100 appletalk cable-range appletalk zone 100 ! interface Fddi 1/0.200 encapsulation sde 200 appletalk cable-range appletalk zone 200 ! interface FastEthernet encapsulation isl 3 appletalk cable-range appletalk zone 3 ! interface FastEthernet encapsulation isl 4 appletalk cable-range appletalk zone 4 ! 100-100 100.2 200-200 200.2 2/0.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs ip routing ! interface fastethernet 4/1.101 encapsulation dot1q 101 ip addr 10.0.0.11 255.0.0.0 ! Configuring IPX Routing over IEEE 802.1Q: Example This configuration example shows IPX being routed on VLAN 102: ! ipx routing ! interface fastethernet 4/1.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs ! end ! ipx routing appletalk routing ! interface FastEthernet 1/1.110 encapsulation isl 110 !if 802.1Q, encapsulation dot1Q 110 ip address 10.1.1.2 255.255.255.0 appletalk cable-range 1.1 1.2 appletalk zone 1 ipx network 110 encapsulation snap ! interface FastEthernet 1/1.120 encapsulation isl 120 !if 802.1Q, encapsulation dot1Q 120 ip address 10.2.1.2 255.255.255.0 appletalk cable-range 2-2 2.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs interface FastEthernet4/0.300 encapsulation dot1Q 1 no ip route-cache bridge-group 3 ! interface FastEthernet10/0 no ip address no ip route-cache half-duplex ! interface FastEthernet10/0.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs interface Ethernet11/3 no ip address bridge-group 1 ! interface BVI 1 ip address 10.1.1.11 255.255.255.0 appletalk cable-range 100-100 100.11 appletalk zone bridging ipx network 100 ! router rip network 10.0.0.0 network 10.3.0.0 ! bridge 1 protocol ieee bridge 1 route appletalk bridge 1 route ip bridge 1 route ipx bridge 2 protocol ieee ! Configuring IEEE 802.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs Table 40 Subinterfaces Mapped to Outer and Inner VLAN IDs for GE Interface 1/0/0 Outer VLAN ID Inner VLAN ID Subinterface mapped to 100 1 through 99 GigabitEthernet1/0/0.4 100 100 GigabitEthernet1/0/0.1 100 101 through 199 GigabitEthernet1/0/0.4 100 200 GigabitEthernet1/0/0.2 100 201 through 299 GigabitEthernet1/0/0.4 100 300 through 400 GigabitEthernet1/0/0.
Configuring Routing Between VLANs Configuration Examples for Configuring Routing Between VLANs 69
Configuring Routing Between VLANs Additional References Additional References The following sections provide references related to configuring a VLAN range. Related Documents Related Topic Document Title Configuring wide-area networking Cisco IOS Wide-Area Networking Configuration Guide, Release 12.2 Commands used in configuring wide-area networking Cisco IOS Wide-Area Networking Command Reference, Release 12.
Configuring Routing Between VLANs Feature Information for Routing Between VLANs Technical Assistance Description Link http://www.cisco.com/techsupport The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.
Configuring Routing Between VLANs Feature Information for Routing Between VLANs Table 42 Feature Name Feature Information for Routing Between VLANs Releases Feature Information 12.1(5)T The interface range command was integrated into Cisco IOS Release 12.1(5)T. 12.2(2)DD The interface range command was expanded to enable configuration of subinterfaces. 12.2(4)B The interface range command was integrated into Cisco IOS Release 12.2(4)B. 12.
Managed LAN Switch The Managed LAN Switch feature enables the control of the four switch ports in Cisco 831, 836, and 837 routers. Each switch port is associated with a Fast Ethernet interface. The output of the command show controllers fastEthernet <1-4> displays the status of the selected switch port.
Managed LAN Switch Information About Managed LAN Switch Information About Managed LAN Switch To configure the Managed LAN Switch feature, you should understand the following concept: • LAN Switching, page 2 LAN Switching A LAN is a high-speed, fault-tolerant data network that supplies connectivity to a group of computers, printers, and other devices that are in close proximity to each other, as in an office building, a school or a home.
Managed LAN Switch How to Enable Managed LAN Switch DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 interface fastEthernet interface-number Configures a Fast Ethernet interface and enters interface configuration mode. Example: Router(config)# interface fastEthernet Step 3 Enables LAN switching on the selected port with duplex setting in auto mode.
Managed LAN Switch Configuration Examples for Managed LAN Switch Tx Counter Register [17] : 0008 ! Configuration Examples for Managed LAN Switch This section provides the following configuration example: • Enabling Managed LAN Switch: Example Enabling Managed LAN Switch: Example The following example shows the Managed LAN Switch configured with duplex set to auto and full, speed set to auto and 100: configure terminal Enter configuration commands, one per line. End with CNTL/Z.
Managed LAN Switch Command Reference Standards Standards Title None — MIBs MIBs • MIBs Link None To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.
Managed LAN Switch Command Reference All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0809R) Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards First Published: May 17, 2005 Last Updated: October 10, 2008 This document provides configuration tasks for the 4-port Cisco HWIC-4ESW and the 9-port Cisco HWIC-D-9ESW EtherSwitch high-speed WAN interface cards (HWICs) hardware feature supported on Cisco 1800 (modular), Cisco 2800, and Cisco 3800 series integrated services routers. Cisco EtherSwitch HWICs are 10/100BASE-T Layer 2 Ethernet switches with Layer 3 routing capability.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Contents Contents The following sections provide information about the Cisco EtherSwitch HWICs.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Prerequisites for Installing Two Ethernet Switch Network Modules in a Single Chassis Prerequisites for Installing Two Ethernet Switch Network Modules in a Single Chassis A maximum of two Ethernet switch network modules can be installed in a single chassis.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Information About EtherSwitch HWICs Inline Power for Cisco IP Phones For information on the concept of inline power for Cisco IP phones, refer to the material at this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt1636nm.ht m#1048439 Layer 2 Ethernet Switching For information on the concept of Layer 2 Ethernet switching, refer to the material at this URL: http://www.cisco.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Storm Control For information on the concept of storm control, refer to the material at this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt1636nm.ht m#1051018 Intrachassis Stacking For information on the concept of intrachassis stacking, refer to the material at this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt1636nm.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring VLANs This section describes how to configure VLANs on the switch and contains the following sections: • Adding a VLAN Instance, page 6 • Deleting a VLAN Instance from the Database, page 8 Adding a VLAN Instance A total of 15 VLANs can be supported by an EtherSwitch HWIC. Follow the steps below to configure a Fast Ethernet interface as Layer 2 access. SUMMARY STEPS 1. enable 2.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Media Type: Ethernet VLAN 802.10 Id: 100001 State: Operational MTU: 1500 Translational Bridged VLAN: 1002 Translational Bridged VLAN: 1003 VLAN ISL Id: 2 Name: VLAN0002 Media Type: Ethernet VLAN 802.10 Id: 100002 State: Operational MTU: 1500 VLAN ISL Id: 3 Name: Red_VLAN Media Type: Ethernet VLAN 802.10 Id: 100003 State: Operational MTU: 1500 VLAN ISL Id: 1002 Name: fddi-default Media Type: FDDI VLAN 802.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Bridge Number: 1 STP Type: IBM Router(vlan)# exit APPLY completed. Exiting.... Router# Router# Enter the show vlan-switch command in EXEC mode using the Cisco IOS CLI to verify the VLAN configuration, as shown below.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 Enters VLAN configuration mode. vlan database Example: Router# vlan database Step 3 no vlan vlan_id Deletes an Ethernet VLAN.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/1/0, Fa0/1/1, Fa0/1/2 Fa0/1/3, Fa0/1/4, Fa0/1/5 Fa0/1/6, Fa0/1/7, Fa0/1/8 300 VLAN0300 active 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active Router# Configuring VLAN Trunking Protocol This section describes how to configure the VL
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 vlan database Enters VLAN configuration mode. Example: Router# vlan database Step 3 vtp server Configures the switch as a VTP server. Example: Router(vlan)# vtp server Step 4 vtp domain domain_name Defines the VTP domain name, which can be up to 32 characters long.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring a VTP Client When a switch is in VTP client mode, you cannot change the VLAN configuration on the switch. The client switch receives VTP updates from a VTP server in the management domain and modifies its configuration accordingly. Follow the steps below to configure the switch as a VTP client. SUMMARY STEPS 1. enable 2. vlan database 3. vtp client 4.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Enables privileged EXEC mode. enable • Enter your password if prompted. Example: Router> enable Step 2 Enters VLAN configuration mode. vlan database Example: Router# vlan database Step 3 Configures VTP transparent mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring a Range of Interfaces Use the following task to configure a range of interfaces. SUMMARY STEPS 1. enable 2. configure terminal 3. interface range {macro macro_name | FastEthernet interface-id [ - interface-id] | vlan vlan_ID} [, FastEthernet interface-id [ - interface-id] | vlan vlan-ID] DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Caution Changing the interface speed and duplex mode configuration might shut down and reenable the interface during the reconfiguration. Configuring the Interface Speed Use the following task to set the interface speed. SUMMARY STEPS 1. enable 2. configure terminal 3. interface fastethernet interface-id 4.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring the Interface Duplex Mode Follow the steps below to set the duplex mode of a Fast Ethernet interface. SUMMARY STEPS 1. enable 2. configure terminal 3. interface fastethernet interface-id 4. duplex [auto | full | half] DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs FastEthernet0/1/0 is up, line protocol is up Hardware is Fast Ethernet, address is 000f.f70a.f272 (bia 000f.f70a.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface fastethernet interface-id Selects the interface to be configured.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface fastethernet interface-id Selects the interface to be configured.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Note Ports do not support Dynamic Trunk Protocol (DTP). Ensure that the neighboring switch is set to a mode that will not send DTP. Verifying a Fast Ethernet Interface as a Layer 2 Trunk Use the following show commands to verify the configuration of a Fast Ethernet interface as a Layer 2 trunk. router# show running-config interfaces fastEthernet 0/3/1 Building configuration...
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface fastethernet interface-id Selects the interface to be configured.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs switchport access vlan 3 no ip address end Use the show interfaces command to verify the switchport configuration of the interface, as shown below.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Table 1 Default 802.1x Configuration Feature Default Setting Authentication, authorization, and accounting (AAA) Disabled. RADIUS server • IP address • None specified. • UDP authentication port • 1645. • Key • None specified. Per-interface 802.1x enable state Disabled (force-authorized). The port transmits and receives normal traffic without 802.1x-based authentication of the client.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs – Switch Port Analyzer (SPAN) destination port—You can enable 802.1x on a port that is a SPAN destination port; however, 802.1x is disabled until the port is removed as a SPAN destination. You can enable 802.1x on a SPAN source port. Enabling 802.1x Authentication To enable 802.1x port-based authentication, you must enable AAA and specify the authentication method list.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 3 Command or Action Purpose aaa authentication dot1x {default | listname} method1 [method2...] Creates an 802.1x authentication method list. • To create a default list that is used when a named list is not specified in the authentication command, use the default keyword followed by the methods that are to be used in default situations. The default method list is automatically applied to all interfaces.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs configured for the same service—for example, authentication—the second host entry configured acts as the fail-over backup to the first one. The RADIUS host entries are tried in the order that they were configured. Follow these steps to configure the RADIUS server parameters on the switch. This procedure is required. SUMMARY STEPS 1. enable 2. configure terminal 3.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 4 Command or Action Purpose end Returns to privileged EXEC mode. Example: Router(config-if)# end Step 5 show running-config Verifies your entries. Example: Router# show running-config Step 6 copy running-config startup-config (Optional) Saves your entries in the configuration file.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 dot1x re-authentication Enables periodic reauthentication of the client. • Periodic reauthentication is disabled by default.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs SUMMARY STEPS 1. enable 2. configure terminal 3. dot1x timeout quiet-period seconds 4. end 5. show dot1x 6. copy running-config startup-config DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Note You should change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers. Follow the steps below to change the amount of time that the switch waits for client notification. SUMMARY STEPS 1. enable 2. configure terminal 3. dot1x timeout tx-period seconds 4. end 5.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Setting the Switch-to-Client Frame-Retransmission Number In addition to changing the switch-to-client retransmission time, you can change the number of times that the switch sends an EAP-request/identity frame (assuming no response is received) to the client before restarting the authentication process.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 5 Command or Action Purpose show dot1x Verifies your entries. Example: Router# show dot1x Step 6 copy running-config startup-config (Optional) Saves your entries in the configuration file. Example: Router# copy running-config startup-config To return to the default retransmission number, use the no dot1x max-req global configuration command.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 3 Command or Action Purpose interface interface-id Enters interface configuration mode. Example: Router# interface 0/1/2 Step 4 dot1x multiple-hosts • Example: Router(config-if)# dot1x multiple-hosts Step 5 Allows multiple hosts (clients) on an 802.1x-authorized port. Make sure that the dot1x port-control interface configuration command is set to auto for the specified interface.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 Resets the configurable 802.1x parameters to the default values.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs • Configuring the Forward-Delay Time for a VLAN, page 42 • Configuring the Maximum Aging Time for a VLAN, page 43 • Configuring the Root Bridge, page 44 Enabling Spanning Tree You can enable spanning tree on a per-VLAN basis. The switch maintains a separate instance of spanning tree for each VLAN (except on VLANs on which you disable spanning tree). SUMMARY STEPS 1. enable 2. configure terminal 3.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Use the show spanning-tree vlan to verify spanning tree configuration, as illustrated below: Router# show spanning-tree vlan 200 VLAN200 is executing the ieee compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0050.3e8d.6401 Configured hello time 2, max age 20, forward delay 15 Current root has priority 16384, address 0060.704c.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 3 Command or Action Purpose interface {ethernet | fastethernet} interface-id Selects an interface to configure. Example: Router(config)# interface fastethernet 0/1/6 Step 4 spanning-tree port-priority port-priority Configures the port priority for an interface. • The of port-priority value can be from 4 to 252 in increments of 4. • Use the no form of this command to restore the defaults.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Calculating Port Cost Port cost value calculations are based on the bandwidth of the port. There are two classes of values. Short (16-bit) values are specified by the IEEE 802.1D specification and range in value from 1 to 65535. Long (32-bit) values are specified by the IEEE 802.1t specification and range in value from 1 to 200,000,000.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface {ethernet | fastethernet} interface-id Selects an interface to configure.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Number of transitions to forwarding state: 1 BPDU: sent 0, received 13513 Router# Configuring the Bridge Priority of a VLAN Use the following task to configure the spanning tree bridge priority of a VLAN. SUMMARY STEPS 1. enable 2. configure terminal 3. spanning-tree vlan vlan-ID priority bridge-priority 4.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Example Use the show spanning-tree vlan bridge command to verify the bridge priority, as shown below. Router# show spanning-tree vlan 200 bridge brief Hello Max Fwd Vlan Bridge ID Time Age Delay ---------------- -------------------- ---- ---- ----VLAN200 33792 0050.3e8d.64c8 2 20 15 Router# Protocol -------ieee Configuring Hello Time Use the following tasks to configure the hello interval for the spanning tree.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 spanning-tree vlan vlan-ID forward-time forward-time Example: Router(config)# spanning-tree vlan 20 forward-time 5 Configures the forward time of a VLAN.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 spanning-tree vlan vlan-ID max-age max-age Example: Router(config)# spanning-tree vlan 200 max-age 30 Configures the maximum aging time of a VLAN.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Follow these steps to configure the switch as the root.: SUMMARY STEPS 1. enable 2. configure terminal 3. spanning-tree vlan vlaN-ID root primary [diameter hops [hello-time seconds]] 4. end 5. no spanning-tree vlan vlan-ID 6. show spanning-tree vlan vlan-ID DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Router# show spanning-tree vlan 200
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 4 Command or Action Purpose end Returns to privileged EXEC mode. Example: Router(config)# end Step 5 Verifies the configuration.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 Enters global configuration mode. configure terminal Example: Router# configure terminal Step 3 Router(config)# mac-address-table static mac-address fastethernet interface-id [vlan vlan-id] Creates a static entry in the MAC address table.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring and Verifying the Aging Timer The aging timer may be configured from 16 seconds to 4080 seconds, in 16-second increments. Follow these steps to configure the aging timer. SUMMARY STEPS 1. enable 2. configure terminal 3. mac-address-table aging-time time 4. end 5. show mac-address-table aging-time DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring Cisco Discovery Protocol • Enabling Cisco Discovery Protocol, page 50 • Enabling CDP on an Interface, page 51 • Monitoring and Maintaining CDP, page 52 Enabling Cisco Discovery Protocol To enable Cisco Discovery Protocol (CDP) globally, use the following commands. SUMMARY STEPS 1. enable 2. configure terminal 3. cdp run 4. end 5.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Example Use the show cdp command to verify the CDP configuration: Router# show cdp Global CDP information: Sending CDP packets every 120 seconds Sending a holdtime value of 180 seconds Sending CDPv2 advertisements is enabled Router# Enabling CDP on an Interface Use the steps below to enable CDP on an interface. SUMMARY STEPS 1. enable 2. configure terminal 3. interface {ethernet | fastethernet} 4.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 5 Command or Action Purpose end Returns to privileged EXEC mode. Example: Router(config)# end Step 6 show cdp interface interface-id Verifies the CDP configuration on the interface. Example: Router# show cdp interface Step 7 show cdp neighbors Verifies the information about the neighboring equipment.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 clear cdp counters (Optional) Resets the traffic counters to zero. Example: Router# clear cdp counters Step 3 (Optional) Deletes the CDP table of information about neighbors.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Note An EtherSwitch HWIC supports only one SPAN session. Either Tx or both Tx and Rx monitoring is supported. Configuring the SPAN Sources Use the following task to configure the source for a SPAN session. SUMMARY STEPS 1. enable 2. configure terminal 3.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 1 Command or Action Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring Power Management on the Interface The HWICs can supply inline power to a Cisco 7960 IP phone, if necessary. The Cisco 7960 IP phone can also be connected to an AC power source and supply its own power to the voice circuit. When the Cisco 7960 IP phone is supplying its own power, an HWICs can forward IP voice traffic to and from the phone.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 5 Command Purpose end Returns to privileged EXEC mode. Example: Router(config-if)# end Step 6 Displays power configuration on the ports. show power inline Example: Router# show power inline Example Use the show power inline command to verify the power configuration on the ports, as illustrated below. Router# show power inline PowerSupply ----------INT-PS SlotNum. -------0 Maximum ------120.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs For complete information and procedures, refer to these publications: • Cisco IOS IP Configuration Guide, Release 12.2, at this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ • Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services, Release 12.2, at this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipras_r/index.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Enabling IP Protocol-Independent Multicast (PIM) on Layer 3 Interfaces You must enable protocol-independent multicast (PIM) on the Layer 3 interfaces before enabling IP multicast Layer 3 switching functions on those interfaces. Beginning in global configuration mode, follow these steps to enable IP PIM on a Layer 3 interface. SUMMARY STEPS 1. enable 2. configure terminal 3. interface vlan vlan-id 4.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Verifying IP Multicast Layer 3 Hardware Switching Summary Note The show interface statistics command does not verify hardware-switched packets, only packets switched by software. The show ip pim interface count command verifies the IP multicast Layer 3 switching enable state on IP PIM interfaces and verifies the number of packets received and sent on the interface.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs IP fast switching on the same interface is disabled IP Flow switching is disabled IP CEF switching is enabled IP CEF Fast switching turbo vector IP multicast fast switching is enabled IP multicast distributed fast switching is disabled IP route-cache flags are Fast, CEF Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disa
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Enabling or Disabling IGMP Snooping By default, IGMP snooping is globally enabled on the EtherSwitch HWIC. When globally enabled or disabled, it is also enabled or disabled in all existing VLAN interfaces. By default, IGMP snooping is enabled on all VLANs, but it can be enabled and disabled on a per-VLAN basis. Global IGMP snooping overrides the per-VLAN IGMP snooping capability.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 5 Command Purpose show ip igmp snooping Displays snooping configuration. Example: Router# show ip igmp snooping Step 6 copy running-config startup-config (Optional) Saves your configuration to the startup configuration. Example: Router# copy running-config startup-config To globally disable IGMP snooping on all VLAN interfaces, use the no ip igmp snooping global command.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Command Step 5 Purpose show ip igmp snooping [vlan vlan-id] Displays snooping configuration. • (Optional) vlan-id is the number of the VLAN. Example: Router# show ip igmp snooping vlan 1 Step 6 copy running-config startup-config (Optional) Saves your configuration to the startup configuration.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 3 Command Purpose ip igmp snooping vlan vlan-id immediate-leave Enables IGMP Immediate-Leave processing on the VLAN interface. Example: Router(config)# ip igmp snooping vlan 1 immediate-leave Step 4 Returns to privileged EXEC mode. end Example: Router(config)# end Step 5 show ip igmp snooping Displays snooping configuration.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 Enters global configuration mode. configure terminal Example: Router# configure terminal Step 3 ip igmp snooping vlan interface interface-id vlan-id static mac-address Enables IGMP snooping on the VLAN interface.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring a Multicast Router Port Follow the steps below to enable a static connection to a multicast router. SUMMARY STEPS 1. enable 2. configure terminal 3. ip igmp snooping vlan vlan-id mrouter {interface interface-id | learn pim-dvmrp} 4. end 5. show ip igmp snooping 6. show ip igmp snooping mrouter [vlan vlan-id] 7.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 6 Command Purpose show ip igmp snooping mrouter [vlan vlan-id] Displays Mroute discovery information. Example: Router# show ip igmp snooping mroute vlan vlan1 Step 7 copy running-config startup-config (Optional) Saves your configuration to the startup configuration.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface interface-id Enters interface configuration mode and specifies the port to configure.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs SUMMARY STEPS 1. enable 2. configure terminal 3. interface interface-id 4. no storm-control {broadcast | multicast | unicast} level level-high [level-low] 5. no storm-control action shutdown 6. end 7. show storm-control {broadcast | multicast | unicast} DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 6 Command Purpose end Returns to privileged EXEC mode. Example: Router(config-if)# end Step 7 show storm-control [interface] [{broadcast | multicast | unicast | history}] Verifies your entries. Example: Router(config-if)# show storm-control Configuring Stacking Stacking is the connection of two switch modules resident in the same chassis so that they behave as a single switch.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 interface fastethernet interface-id Enters interface configuration mode and specifies the port to configure.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Note Caution Both stacking partner ports must have their speed and duplex parameters set to auto. If stacking is removed, stacked interfaces will go to shutdown state. Other nonstacked ports will be left unchanged. Configuring Fallback Bridging This section describes how to configure fallback bridging on your switch.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Creating a Bridge Group To configure fallback bridging for a set of switched virtual interfaces (SVIs), these interfaces must be assigned to bridge groups. All interfaces in the same group belong to the same bridge domain. Each SVI can be assigned to only one bridge group. Follow the steps below to create a bridge group and assign an interface to it. SUMMARY STEPS 1. enable 2. configure terminal 3.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 5 Command Purpose interface interface-id Enters interface configuration mode and specifies the interface on which you want to assign the bridge group. Example: • The specified interface must be an SVI: a VLAN interface that you created by using the interface vlan vlan-id global configuration command. • These ports must have IP addresses assigned to them.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs 4. end 5. show running-config 6. copy running-config startup-config DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring the Bridge Table Aging Time A switch forwards, floods, or drops packets based on the bridge table. The bridge table maintains both static and dynamic entries. Static entries are entered by you. Dynamic entries are entered by the bridge learning process. A dynamic entry is automatically removed after a specified length of time, known as aging time, from the time the entry was created or last updated.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 5 Command Purpose show running-config Verifies your entry. Example: Router# show running-config Step 6 copy running-config startup-config (Optional) Saves your entry in the configuration file. Example: Router# copy running-config startup-config To return to the default aging-time interval, use the no bridge bridge-group aging-time global configuration command.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 3 Command Purpose show running-config Verifies your entry. Example: Router: show running-config Step 4 copy running-config startup-config (Optional) Saves your entry in the configuration file. Example: Router# copy running-config startup-config To disable the frame forwarding ability, use the no bridge bridge-group address mac-address global configuration command.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs SUMMARY STEPS 1. enable 2. configure terminal 3. bridge bridge-group priority number 4. end 5. show running-config 6. copy running-config startup-config DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Changing the Interface Priority You can change the priority for an interface. When two switches tie for position as the root switch, you configure an interface priority to break the tie. The switch with the lower interface value is elected. Follow the steps below to change the interface priority. SUMMARY STEPS 1. enable 2. configure terminal 3. interface interface-id 4.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 6 Command Purpose show running-config Verifies your entry. Example: Router: show running-config Step 7 copy running-config startup-config (Optional) Saves your entry in the configuration file. Example: Router# copy running-config startup-config To return to the default setting, use the bridge-group bridge-group priority number interface configuration command.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 3 Command Purpose interface interface-id Enters interface configuration mode and specifies the interface to set the priority. Example: Router(config)# interface 0/3/1 Step 4 bridge bridge-group path-costs cost Changes the path cost. Example: Router(config-if)# bridge 100 pathcost 4 Step 5 Returns to privileged EXEC mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs 3. bridge bridge-group hello-time seconds 4. end 5. show running-config 6. copy running-config startup-config DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs SUMMARY STEPS 1. enable 2. configure terminal 3. bridge bridge-group forward-time seconds 4. end 5. show running-config 6. copy running-config startup-config DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Changing the Maximum-Idle Interval If a switch does not hear BPDUs from the root switch within a specified interval, it recomputes the spanning-tree topology. Follow the steps below to change the maximum-idle interval (maximum aging time). SUMMARY STEPS 1. enable 2. configure terminal 3. bridge bridge-group max-age seconds 4. end 5. show running-config 6.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs To return to the default setting, use the no bridge bridge-group max-age global configuration command. Disabling the Spanning Tree on an Interface When a loop-free path exists between any two switched subnetworks, you can prevent BPDUs generated in one switching subnetwork from impacting devices in the other switching subnetwork, yet still permit switching throughout the network as a whole.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 6 Command Purpose show running-config Verifies your entry. Example: Router: show running-config Step 7 copy running-config startup-config (Optional) Saves your entry in the configuration file. Example: Router# copy running-config startup-config To reenable spanning tree on the interface, use the no bridge-group bridge-group spanning-disabled interface configuration command.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs SUMMARY STEPS 1. enable 2. configure terminal 3. interface interface-id 4. switchport mode trunk 5. switchport voice vlan vlan-id DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring a Single Subnet for Voice and Data For network designs with incremental IP telephony deployment, network managers can configure the HWICs so that the voice and data traffic coexist on the same subnet.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 4 Command Purpose switchport access vlan vlan-id Sets the native VLAN for untagged traffic. • Example: Router(config-if)# Step 5 switchport access vlan 100 end The value of vlan-id represents the ID of the VLAN that is sending and receiving untagged traffic on the port. Valid IDs are from 1 to 1001. Leading zeroes are not permitted. Returns to the privileged EXEC mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs SUMMARY STEPS 1. enable 2. configure terminal 3. snmp-server host ip-address traps snmp vlan-membership 4. end DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs information from the BOOTP server; the requested information is saved in the switch running the configuration file. To ensure that the IP information is saved when the switch is restarted, save the configuration by entering the write memory command in privileged EXEC mode. You can change the information in these fields. The mask identifies the bits that denote the network number in the IP address.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 6 Command Purpose ip default-gateway ip-address Enters the IP address of the default router. Example: Router# ip default-gateway 192.0.2.20 Step 7 end Returns to privileged EXEC mode. Example: Router# end Use the following procedure to remove the IP information from a switch. Note Using the no ip address command in configuration mode disables the IP protocol stack and removes the IP information.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 4 Command Purpose no ip address Removes the IP address and subnet mask. Example: Router(config-subif)# no ip address Step 5 end Returns to privileged EXEC mode. Example: Router(config-subif)# end Caution If you are removing the IP address through a telnet session, your connection to the switch will be lost.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Enabling Switch Port Analyzer You can monitor traffic on a given port by forwarding incoming and outgoing traffic on the port to another port in the same VLAN. A Switch Port Analyzer (SPAN) port cannot monitor ports in a different VLAN, and a SPAN port must be a static-access port. Any number of ports can be defined as SPAN ports, and any combination of ports can be monitored.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs 2. configure terminal 3. no monitor session session-id 4. end DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 no monitor session session-id Disables port monitoring for a specific session.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs • Configuring the Aging Time, page 98 • Verifying Aging-Time Configuration, page 99 The switch uses the MAC address tables to forward traffic between ports. All MAC addresses in the address tables are associated with one or more ports. These MAC tables include the following types of addresses: • Dynamic address—A source MAC address that the switch learns and then drops when it is not in use.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs 3. mac-address-table aging-time seconds 4. end DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 no mac-address-table dynamic hw-addr Enters the MAC address to be removed from dynamic MAC address table.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 mac-address-table secure address hw-addr interface interface-id vlan vlan-id Enters the MAC address, its associated port, and the VLAN ID.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 3 Command Purpose no mac-address-table secure hw-addr vlan vlan-id Enters the secure MAC address, its associated port, and the VLAN ID to be removed. Example: Router(config)# no mac-address-table secure address 0100.5e05.0505 vlan vlan 1 Step 4 Returns to privileged EXEC mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs DETAILED STEPS Step 1 Command Purpose enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Router> enable Step 2 configure terminal Enters global configuration mode. Example: Router# configure terminal Step 3 mac-address-table static hw-addr [interface] interface-id [vlan] vlan-id Enters the static MAC address, the interface, and the VLAN ID of those ports.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs Step 3 Command Purpose no mac-address-table static hw-addr Enters the static MAC address, the interface, and the VLAN ID of the port to be removed. [interface] interface-id [vlan] vlan-id Example: Router(config)# no mac-address-table static 0100.5e05.0505 interface 0/3/1 vlan vlan Step 4 Returns to privileged EXEC mode.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs • Storm-Control: Example, page 112 • Ethernet Switching: Examples, page 112 Range of Interface: Examples • Single Range Configuration: Example, page 105 • Range Macro Definition: Example, page 105 Single Range Configuration: Example The following example shows all Fast Ethernet interfaces on an HWIC-4ESW in slot 2 being reenabled: Router(config)# interface range fastEthernet 0/3/0 - 8 Router(con
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs Setting the Interface Duplex Mode: Example The following example shows the interface duplex mode being set to full on Fast Ethernet interface 0/3/7: Router(config)# interface fastethernet 0/3/7 Router(config-if)# duplex full Adding a Description for an Interface: Example The following example shows how to add a description of Fast Ethernet interface 0/3/7: Router(config)# interface fastethernet 0/3/7 R
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs Router# vlan database Router(vlan)# vtp server Setting device to VTP SERVER mode. Router(vlan)# vtp domain Lab_Network Setting VTP domain name to Lab_Network Router(vlan)# vtp password WATER Setting device VLAN database password to WATER. Router(vlan)# exit APPLY completed. Exiting....
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs Router# show spanning-tree vlan 20 VLAN20 is executing the ieee compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 00ff.ff90.3f54 Configured hello time 2, max age 20, forward delay 15 Current root has priority 32768, address 00ff.ff10.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs Bridge Priority of a VLAN: Example The following example shows the bridge priority of VLAN 20 being configured to 33792: Router# configure terminal Router(config)# spanning-tree vlan 20 priority 33792 Router(config)# end Router# Hello Time: Example The following example shows the hello time for VLAN 20 being configured to 7 seconds: Router# configure terminal Router(config)# spanning-tree vlan 20 hello
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs Spanning Tree Root: Example The following example shows the switch being configured as the root bridge for VLAN 10, with a network diameter of 4: Router# configure terminal Router(config)# spanning-tree vlan 10 root primary diameter 4 Router(config)# exit Router# MAC Table Manipulation: Example The following example shows a static entry being configured in the MAC address table: Router(config)# mac-add
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs Router# show mac-address-table multicast igmp-snooping HWIC Slot: 1 -------------MACADDR 0100.5e05.0505 0100.5e06.0606 HWIC Slot: 3 -------------MACADDR 0100.5e05.0505 0100.5e06.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs U - URD, I - Received Source Specific Host Report Outgoing interface flags:H - Hardware switched Timers:Uptime/Expires Interface state:Interface, Next-Hop or VCD, State/Mode (*, 209.165.200.230), 01:06:43/00:02:17, RP 0.0.0.0, flags:DC Incoming interface:Null, RPF nbr 0.0.0.0 Outgoing interface list: Vlan1, Forward/Sparse, 01:06:43/00:02:17 (*, 209.165.200.226), 01:12:42/00:00:00, RP 0.0.0.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Configuration Examples for EtherSwitch HWICs • Inter-VLAN Routing: Example, page 113 • Single Subnet Configuration: Example, page 114 • Ethernet Ports on IP Phones with Multiple Ports: Example, page 114 Subnets for Voice and Data: Example The following example shows separate subnets being configured for voice and data on the EtherSwitch HWIC: interface FastEthernet0/1/1 description DOT1Q port to IP Phone switchport native vlan 50 switchport
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Additional References Note Standard IGP routing protocols such as RIP, IGRP, EIGRP, and OSPF are supported on the EtherSwitch HWIC. Multicast routing is also supported for PIM dense mode, sparse mode and sparse-dense mode. Single Subnet Configuration: Example The EtherSwitch HWIC supports the use of an 802.1p-only option when configuring the voice VLAN.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Additional References Standards Standards Title No new or modified standards are supported by this feature, and support for existing standards have not been modified by this feature. — MIBs MIBs MIBs Link No new or modified MIBs are supported by this feature, and support for existing MIBs have not been modified by this feature.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Feature Information for the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch Cards Feature Information for the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch Cards Table 3 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in 12.3(8)T4 or a later release appear in the table. Not all commands may be available in your Cisco IOS software release.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Feature Information for the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch Cards Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. © 2008 Cisco Systems, Inc. All rights reserved.
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Feature Information for the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch Cards 118
Multilayer Switching
Multilayer Switching Overview This chapter provides an overview of Multilayer Switching (MLS). Note The information in this chapter is a brief summary of the information contained in the Catalyst 5000 Series Multilayer Switching User Guide. The commands and configurations described in this guide apply only to the devices that provide routing services. Commands and configurations for Catalyst 5000 series switches are documented in the Catalyst 5000 Series Multilayer Switching User Guide.
Multilayer Switching Overview Terminology • Key MLS Features • MLS Implementation • Standard and Extended Access Lists • Introduction to IP Multicast MLS • Introduction to IPX MLS • Guidelines for External Routers • Features That Affect MLS Terminology The following terminology is used in the MLS chapters: • Multilayer Switching-Switching Engine (MLS-SE)—A NetFlow Feature Card (NFFC)-equipped Catalyst 5000 series switch.
Multilayer Switching Overview MLS Implementation Table 37 Summary of Key Features Feature Description Ease of Use Is autoconfigurable and autonomously sets up its Layer 3 flow cache. Its “plug-and-play” design eliminates the need for you to learn new IP switching technologies. Transparency Requires no end-system changes and no renumbering of subnets. It works with DHCP1 and requires no new routing protocols.
Multilayer Switching Overview MLS Implementation Note The MLS-RPs shown in the figures represent either a RSM or an externally attached Cisco router. The MLSP informs the Catalyst 5000 series switch of the MLS-RP MAC addresses used on different VLANs and the MLS-RP’s routing and access list changes. Through this protocol, the MLS-RP multicasts its MAC and VLAN information to all MLS-SEs.
Multilayer Switching Overview MLS Implementation The MLS-RP routes the packet to Host B. When the packet appears back on the Catalyst 5000 series switch backplane, the MLS-SE recognizes the source MAC address as that of the MLS-RP, and that the packet’s flow information matches the flow for which it set up a candidate entry. The MLS-SE considers this packet an enabler packet and completes the MLS entry (established by the candidate packet) in the MLS cache (see Figure 65).
Multilayer Switching Overview Standard and Extended Access Lists Standard and Extended Access Lists Note Router interfaces with input access lists cannot participate in MLS. However, any input access list can be translated to an output access list to provide the same effect on the interface. For complete details on how input and output access lists affect MLS, see the chapter “Configuring Multilayer Switching.
Multilayer Switching Overview Introduction to IP Multicast MLS Introduction to IP Multicast MLS The IP multicast MLS feature provides high-performance, hardware-based, Layer 3 switching of IP multicast traffic for routers connected to LAN switches. An IP multicast flow is a unidirectional sequence of packets between a multicast source and the members of a destination multicast group. Flows are based on the IP address of the source device and the destination IP multicast group address.
Multilayer Switching Overview Introduction to IP Multicast MLS Figure 67 Basic IP Multicast MLS Network Topology Router Before IP multicast MLS Trunk link VLANs 100, 200, 300 VLAN 100 Switch G1 member G1 source VLAN 300 G1 member G1 member VLAN 200 After IP multicast MLS (completely switched) Router (MMLS-RP) Trunk link VLANs 100, 200, 300 Switch (MMLS-SE) G1 member G1 source G1 member VLAN 300 G1 member VLAN 200 18952 VLAN 100 Benefits of multicast MLS are as follows: • Improves throug
Multilayer Switching Overview Introduction to IP Multicast MLS • Multicast MLS-Switching Engine (MMLS-SE)—For example, a Catalyst 5000 series switch with hardware that supports IP multicast MLS. The MMLS-SE provides Layer 3 LAN-switching services. • Multicast MLS-Route Processor (MMLS-RP)—Routing platform running Cisco IOS software that supports IP multicast MLS. The MMLS-RP interacts with the IP multicast routing software and updates the MLS cache in the MMLS-SE.
Multilayer Switching Overview Introduction to IP Multicast MLS Layer 3-Switched Multicast Packet Rewrite When a multicast packet is Layer 3-switched from a multicast source to a destination multicast group, the MMLS-SE performs a packet rewrite based on information learned from the MMLS-RP and stored in the multicast MLS cache.
Multilayer Switching Overview Introduction to IPX MLS • The router is configured as a member of the IP multicast group (using the ip igmp join-group interface command) on the RPF interface of the multicast source. • The router is the first-hop router to the source in PIM sparse mode (in this case, the router must send PIM-register messages to the rendezvous point [RP]). • Multicast TTL threshold or multicast boundary is configured on an outgoing interface for the flow.
Multilayer Switching Overview Introduction to IPX MLS IPX MLS Flows Layer 3 protocols such as IP and IPX are connectionless—they deliver every packet independently of every other packet. However, actual network traffic consists of many end-to-end conversations, or flows, between users or applications. A flow is a unidirectional packet sequence between a particular source and destination that share identical protocol and network-layer information.
Multilayer Switching Overview Introduction to IPX MLS Note • Destination mode—The least-specific flow mask mode. The MLS-SE maintains one IPX MLS entry for each destination IPX address (network and node). All flows to a given destination IPX address use this IPX MLS entry. Use this mode if no access lists have been configured according to source IPX address on any of the IPX MLS router interfaces.
Multilayer Switching Overview Introduction to IPX MLS Table 41 Layer 3-Switched Packet with Rewrite from the MLS-RP Frame Header Destination Encap Source Host B MAC MLS-RP MAC IPX Header Length Checksum/ Packet Destination Type Net/Node/ IPX Socket Length/ Transport Host B IPX Control Payload Source Net/Node/ Socket Data PAD/FCS Host A IPX IPX MLS Operation Figure 68 shows a simple IPX MLS network topology: • Host A is on the Sales VLAN (IPX address 01.Aa).
Multilayer Switching Overview Introduction to IPX MLS Figure 68 IPX MLS Example Topology Source IPX Address Destination IPX Address Rewrite Src/Dst MAC Address Destination VLAN 01.Aa 03.Bb Dd:Bb Marketing 01.Aa 02.Cc Dd:Cc Engineering 02.Cc 01.Aa Dd:Aa Sales MAC = Bb MAC = Dd RSM MAC = Aa ting arke 03 3/M Net Net 1/Sales Net 01 2/E ngin 02 01.Aa:02.Cc MAC = Cc Data 01.Aa:02.
Multilayer Switching Overview Guidelines for External Routers In contrast, if the MLS-SE is already Layer 3 switching a flow and the access list is created on the MLS-RP, MLSP notifies the MLS-SE, and the MLS-SE immediately purges the affected flow from the MLS cache. New flows are created based on the restrictions imposed by the access list.
Multilayer Switching Overview Features That Affect MLS Access List Impact on Flow Masks Access lists impact the flow mask advertised by an MLS-RP. When no access list on any MLS-RP interface, the flow mask mode is destination-ip (the least specific). When there is a standard access list is on any of the MLS-RP interfaces, the mode is source-destination-ip. When there is an extended access list is on any of the MLS-RP interfaces, the mode is ip-flow (the most specific).
Multilayer Switching Overview Features That Affect MLS Maximum Transmission Unit The maximum transmission unit (MTU) for an MLS interface must be the default Ethernet MTU, 1500 bytes. To change the MTU on an MLS-enabled interface, you must first disable MLS on the interface (enter no mls rp ip global configuration command in the interface). If you attempt to change the MTU with MLS enabled, the following message is displayed: Need to turn off the mls router for this interface first.
Configuring IP Multilayer Switching This chapter describes how to configure your network to perform IP Multilayer Switching (MLS). This chapter contains these sections: • Configuring and Monitoring MLS • Configuring NetFlow Data Export • Multilayer Switching Configuration Examples For a complete description of the commands in this chapter, refer to the the Cisco IOS Switching Services Command Reference.
Configuring IP Multilayer Switching Configuring and Monitoring MLS • Configuring MLS on a Router (Required) • Monitoring MLS (Optional) • Monitoring MLS for an Interface (Optional) • Monitoring MLS Interfaces for VTP Domains (Optional) Configuring MLS on a Router To configure MLS on your router, use the following commands beginning in global configuration mode. Depending upon your configuration, you might not have to perform all the steps in the procedure.
Configuring IP Multilayer Switching Configuring and Monitoring MLS • MLS status (enabled or disabled) for switch interfaces and subinterfaces • Flow mask used by this MLS-enabled switch when creating Layer 3-switching entries for the router • Current settings of the keepalive timer, retry timer, and retry count • MLSP-ID used in MLSP messages • List of interfaces in all VTP domains that are enabled for MLS Command Purpose Router# show mls rp Displays MLS details for all interfaces.
Configuring IP Multilayer Switching Configuring NetFlow Data Export mls active on Vlan10, domain WBU router# Monitoring MLS Interfaces for VTP Domains To show MLS information for a specific VTP domain use the following command in EXEC mode: Command Purpose Router# show mls rp vtp-domain [domain-name] Displays MLS interfaces for a specific VTP domain.
Configuring IP Multilayer Switching Multilayer Switching Configuration Examples Command Purpose Router(config)# mls rp nde-address ip-address Specifies an NDE IP address for the router doing the Layer 3 switching. The router and the Catalyst 5000 series switch use the NDE IP address when sending MLS statistics to a data collection application. Multilayer Switching Configuration Examples In these examples, VLAN interfaces 1 and 3 are in VTP domain named Engineering.
Configuring IP Multilayer Switching Multilayer Switching Configuration Examples number of domains configured for mls 1 vlan domain name: Engineering current flow mask: destination-ip current sequence number: 82078006 current/maximum retry count: 0/10 current domain state: no-change current/next global purge: false/false current/next purge count: 0/0 domain uptime: 02:54:21 keepalive timer expires in 11 seconds retry timer not running change timer not running 1 management interface(s) currently defined: vla
Configuring IP Multilayer Switching Multilayer Switching Configuration Examples 2 mac-vlan(s) configured for multi-layer switching: mac 0006.7c71.8600 vlan id(s) 1 3 router currently aware of following 1 switch(es): switch id 00e0.fe4a.aeff Router Configuration with an Extended Access List Example This configuration is the same as the previous examples but with an extended access list configured on the VLAN 3 interface. The flow mask changes to ip-flow. . interface Vlan3 ip address 172.16.3.73 255.255.
Configuring IP Multilayer Switching Multilayer Switching Configuration Examples Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Configuring IP Multicast Multilayer Switching This chapter describes how to configure your network to perform IP multicast Multilayer Switching (MLS). This chapter contains these sections: • Prerequisites • Restrictions • Configuring and Monitoring IP Multicast MLS • IP Multicast MLS Configuration Examples For a complete description of the commands in this chapter, refer to the the Cisco IOS Switching Services Command Reference.
Configuring IP Multicast Multilayer Switching Restrictions • IP multicast routing and PIM must be enabled on the router. The minimal steps to configure them are described in the “Configuring and Monitoring IP Multicast MLS” section later in this document. For detailed information on configuring IP multicast routing and PIM, refer to the Cisco IOS IP Routing Configuration Guide. Restrictions You must also configure the Catalyst 5000 series switch in order for IP multicast MLS to function on the router.
Configuring IP Multicast Multilayer Switching Configuring and Monitoring IP Multicast MLS External Router Guidelines Follow these guidelines when using an external router: • The connection to the external router must be over a single ISL or 802.1Q trunk link with subinterfaces (using appropriate encapsulation type) configured. • A single external router can serve as the MMLS-RP for multiple switches, provided each switch connects to the router through a separate ISL or 802.1Q trunk link.
Configuring IP Multicast Multilayer Switching Configuring and Monitoring IP Multicast MLS For examples of IP multicast MLS configurations, see the “IP Multicast MLS Configuration Examples” section later in this document. Enabling IP Multicast Routing You must enable IP multicast routing globally on the MMLS-RPs before you can enable IP multicast MLS on router interfaces.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples Specifying a Management Interface When you enable IP multicast MLS, the subinterface (or VLAN interface) that has the lowest VLAN ID and is active (in the “up” state) is automatically selected as the management interface. The one-hop protocol Multilayer Switching Protocol (MLSP) is used between a router and a switch to pass messages about hardware-switched flows.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples Basic IP Multicast MLS Network Examples This example consists of the following sections: • Network Topology Example • Operation Before IP Multicast MLS Example • Operation After IP Multicast MLS Example • Router Configuration • Switch Configuration Network Topology Example Figure 69 shows a basic IP multicast MLS example network topology.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples Operation Before IP Multicast MLS Example Without IP multicast MLS, when the G1 source (on VLAN 10) sends traffic destined for IP multicast group G1, the switch forwards the traffic (based on the Layer 2 multicast forwarding table entry generated by the IGMP snooping, CGMP, or GMRP multicast service) to Host A on VLAN 10 and to the router subinterface in VLAN 10.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples You will receive the following message informing you that you changed the management interface: Warning: MLS Multicast management interface is now Fa2/0.30 Switch Configuration The following example shows how to configure the switch (MMLS-SE): Console> (enable) set trunk 1/2 on isl Port(s) 1/2 trunk mode set to on. Port(s) 1/2 trunk type set to isl.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples Complex IP Multicast MLS Example Network Router A (MMLS-RP) VLANs 10, 20 Router B (MMLS-RP) ISL trunks VLANs 10, 30 Switch B G1 source A B G1 VLAN 10 172.20.10.0/24 Switch C Switch A (MMLS-SE) C D E G1 G1 G1 VLAN 20 172.20.20.0/24 F VLAN 30 172.20.30.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples • Switch B and Switch C perform Layer 2 switching functions only. Operation Before IP Multicast MLS Example Without IP multicast MLS, when Server A (on VLAN 10) sends traffic destined for IP multicast group G1, Switch B forwards the traffic (based on the Layer 2 multicast forwarding table entry) to Host A on VLAN 10 and to Switch A. Switch A forwards the traffic to the Router A and Router B subinterfaces in VLAN 10.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples ip pim dense-mode interface fastethernet1/0.20 encapsulation isl 20 ip address 172.20.20.1 255.255.255.0 ip pim dense-mode Router B (MMLS-RP) Configuration ip multicast-routing interface fastethernet1/0.1 encapsulation isl 1 ip address 172.20.1.2 255.255.255.0 interface fastethernet2/0.10 encapsulation isl 10 ip address 172.20.10.100 255.255.255.0 ip pim dense-mode interface fastethernet2/0.
Configuring IP Multicast Multilayer Switching IP Multicast MLS Configuration Examples IGMP feature for IP multicast enabled Console> (enable) CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCN
Configuring IPX Multilayer Switching This chapter describes how to configure your network to perform IPX Multilayer Switching (MLS). This chapter contains these sections: • Prerequisites • Restrictions • IPX MLS Configuration Task List • Troubleshooting Tips • Monitoring and Maintaining IPX MLS on the Router • IPX MLS Configuration Examples For a complete description of the commands in this chapter, refer to the the Cisco IOS Switching Services Command Reference.
Configuring IPX Multilayer Switching Restrictions • IPX MLS must be configured on the switch. For more information refer to the Catalyst 5000 Software Configuration Guide, Release 5.1 and the Catalyst 5000 Command Reference, Release 5.1. IPX MLS must be enabled on the router. The minimal configuration steps are described in the section “IPX MLS Configuration Tasks.” For more details on configuring IPX routing, refer to the Cisco IOS AppleTalk and Novell IPX Configuration Guide.
Configuring IPX Multilayer Switching IPX MLS Configuration Task List Note • You can translate input access lists to output access lists to provide the same effect on the interface. Output access lists—When an output access list is applied to an interface, the IPX MLS cache entries for that interface are purged. Entries associated with other interfaces are not affected; they follow their normal aging or purging procedures.
Configuring IPX Multilayer Switching IPX MLS Configuration Task List Adding an IPX MLS Interface to a VTP Domain Caution Perform this configuration task only if the switch connected to your router interfaces is in a VTP domain. Perform the task before you enter any other IPX MLS interface command—specifically the mls rp ipx or mls rp management-interface command. If you enter these commands before adding the interface to a VTP domain, the interface will be automatically placed in a null domain.
Configuring IPX Multilayer Switching Troubleshooting Tips Enabling IPX MLS on a Router Interface To enable IPX MLS on a router interface, use the following command in interface configuration mode: Command Purpose Router(config-if)# mls rp ipx Enables a router interface for IPX MLS.
Configuring IPX Multilayer Switching Monitoring and Maintaining IPX MLS on the Router Monitoring and Maintaining IPX MLS on the Router To monitor and maintain IPX MLS on the router, use the following command in EXEC mode, as needed: Command Purpose Router# mls rp locate ipx Displays information about all switches currently shortcutting for the specified IPX flow(s). Router# show mls rp interface type number Displays MLS details for a specific interface.
Configuring IPX Multilayer Switching IPX MLS Configuration Examples Figure 71 Example Network: IPX MLS with Cisco 7505 over ISL Cisco 7505 (MLS-RP) Subinterfaces: fa2/0.1 IPX network 1 fa2/0.10 IPX network 10 fa2/0.20 IPX network 20 fa2/0.
Configuring IPX Multilayer Switching IPX MLS Configuration Examples Operation Before IPX MLS Example Before IPX MLS is implemented, when the source host NC1 (on VLAN 10) sends traffic destined for destination server NS2 (on VLAN 30), Switch B forwards the traffic (based on the Layer 2 forwarding table) to Switch A over the ISL trunk link. Switch A forwards the packet to the router over the ISL trunk link.
Configuring IPX Multilayer Switching IPX MLS Configuration Examples SwitchA> (enable) set mls enable ipx IPX Multilayer switching is enabled. SwitchA> (enable) set mls include ipx 10.1.1.1 IPX Multilayer switching enabled for router 10.1.1.1. SwitchA> (enable) set port name 3/1 Destination D2 Port 3/1 name set. SwitchA> (enable) set vlan 20 3/1 VLAN 20 modified. VLAN 1 modified.
Configuring IPX Multilayer Switching IPX MLS Configuration Examples MLS-RP Configuration This example shows how to configure the MLS-RP: mls rp ipx interface fastethernet 2/0 full-duplex mls rp vtp-domain Engineering interface fastethernet2/0.1 encapsulation isl 1 ipx address 10.1.1.1 255.255.255.0 mls rp ipx mls rp management-interface interface fastethernet2/0.10 encapsulation isl 10 ipx network 10 mls rp ipx interface fastethernet2/0.
Configuring IPX Multilayer Switching IPX MLS Configuration Examples Building configuration... Current configuration: ! version 12.0 ! interface Vlan22 ip address 10.2.2.155 255.255.255.0 ipx access-group 800 out ipx network 2222 mls rp vtp-domain Engineering mls rp ip mls rp ipx ! . . . ! ! ! access-list 800 deny 1111 2222 access-list 800 permit FFFFFFFF FFFFFFFF . . .
Configuring IPX Multilayer Switching IPX MLS Configuration Examples 12
cGVRP First Published: February 27, 2007 Last Updated: February 27, 2007 The Compact (c) Generic Attribute Registration Protocol (GARP) VLAN Registration Protocol (GVRP) feature reduces CPU time for transmittal of 4094 VLAN states on a port. Finding Feature Information in This Module Your Cisco IOS software release may not support all of the features documented in this module.
cGVRP Information About cGVRP • cGVRP and Connectivity Fault Management(CFM) can coexist but if the line card (LC) or supervisor does not have enough mac-match registers to support both protocols, the cGVRP ports on those LCs are put in error disabled state. To use Layer 2 functionality, disable cGVRP on those ports and configure shut/no shut. • cGVRP functionality applies only to interfaces configured for Layer 2 (switchport) functionality.
cGVRP Information About cGVRP In Compact GVRP a GVRP PDU may be sent out the port if the port is in forwarding state in a spanning tree instance. GVRP PDUs must be transmitted in the native VLAN of .1Q trunks. GVRP Interoperability with VTP and VTP Pruning VTP Pruning is an extension of VTP. It has its own Join message that can be exchanged with VTP PDUs. VTP PDUs can be transmitted on both .1Q trunks and ISL trunks.
cGVRP How to Configure cGVRP High Availability High Availability (HA) is a redundancy feature in IOS. On platforms that support HA and State SwitchOver (SSO), many features and protocols my resume working in a couple of seconds after the system encounters a failure such as a crash of the active supervisor in a Catalyst 7600 switch. GVRP needs to be configured to enable user configurations, and protocol states should be synched to a standby system.
cGVRP How to Configure cGVRP Step 4 Command or Action Purpose interface type number Exits configuration mode. Example: Router(config)# interface GigabitEthernnet 12/15 Step 5 gvrp timer join timer-value Sets the period timers. Example: Router(config-if)# gvrp timer join 1000 Step 6 gvrp registration normal Sets the registrar for normal response to incoming GVRP messages.
cGVRP How to Configure cGVRP Command or Action Step 3 gvrp mac-learning auto Purpose Disables learning of mac-entries. Example: Router(config)# gvrp mac-learning auto Step 4 Exits configuration mode. exit Example: Router(config)# exit Enabling a Dynamic VLAN To enable a dynamic VLAN, perform the following task. SUMMARY STEPS 1. enable 2. configure terminal 3. gvrp vlan create 4. exit DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode.
cGVRP Troubleshooting the cGVRP Configuration Troubleshooting the cGVRP Configuration Perform this task to troubleshoot the cGVRP configuration. Use the show gvrp summary and show gvrp interface commands to display configuration information and interface states, and the debug gvrp command to enable all or a limited output messages related to an interface. SUMMARY STEPS 1. enable 2. show gvrp summary 3. show gvrp interface 4. debug gvrp 5.
cGVRP Configuration Examples for cGVRP • Verifying CE Ports Configured as Access Ports: Example, page 8 • Enabling a Dynamic VLAN: Example, page 8 • Verifying CE Ports Configured as Access Ports: Example, page 8 • Verifying CE Ports Configured as ISL Ports: Example, page 10 • Verifying CE Ports Configured in Fixed Registration Mode: Example, page 12 • Verifying CE Ports Configured in Forbidden Registration Mode: Example, page 12 • Verifying cGVRP: Example, page 13 • Verifying Disabled mac-le
cGVRP Configuration Examples for cGVRP Current configuration : 109 bytes ! interface GigabitEthernet3/1 switchport switchport trunk encapsulation dot1q switchport mode trunk end R2#show running-config interface gi12/15 Building configuration... Current configuration : 168 bytes ! interface GigabitEthernet12/15 switchport switchport access vlan 2 switchport trunk encapsulation dot1q switchport mode access spanning-tree portfast trunk end R2#show running-config interface gi3/1 Building configuration...
cGVRP Configuration Examples for cGVRP Port Gi3/1 Status on Mode fastcompact Registrar State normal Port Gi3/1 Transmit Timeout 200 Port Gi3/1 Vlans Declared 2 Port Gi3/1 Vlans Registered 2 Port Gi3/1 Vlans Registered and in Spanning Tree Forwarding State 2 Leave Timeout 600 Leaveall Timeout 10000 Verifying CE Ports Configured as ISL Ports: Example Topology CE1 – gi3/15 R1 gi3/1 - dot1q trunk - gi3/1 R2 gi12/15 – CE2 R1#show running-config interface gi3/15 Building configuration...
cGVRP Configuration Examples for cGVRP switchport switchport trunk encapsulation dot1q switchport mode trunk switchport backup interface Gi4/1 end R1#show gvrp summary GVRP global state GVRP VLAN creation VLANs created via GVRP MAC learning auto provision Learning disabled on VLANs : : : : : enabled disabled none disabled none R1#show gvrp interface Port Status Mode Gi3/1 on fastcompact Registrar State normal Port Gi3/1 Transmit Timeout 200 Leave Timeout 600 Leaveall Timeout 10000 Port Gi3/1 Vlan
cGVRP Configuration Examples for cGVRP Verifying CE Ports Configured in Fixed Registration Mode: Example Router1 #show running-config interface gi3/15 Building configuration...
cGVRP Configuration Examples for cGVRP Gi3/15 none Verifying cGVRP: Example The following example shows how to verify the compact GVRP configuration. Router# show gvrp summary GVRP global state GVRP VLAN creation VLANs created via GVRP MAC learning auto provision Learning disabled on VLANS : : : : : enabled disabled none disabled none Verifying Disabled mac-learning on VLANs: Example The following examples show how to verify that mac-learning has been disabled.
cGVRP Configuration Examples for cGVRP Verifying Dynamic VLAN: Example The following examples show how to verify the GVRP summary and interface.
cGVRP Configuration Examples for cGVRP switchport mode trunk spanning-tree portfast trunk end Router1 #show gvrp summary GVRP global state GVRP VLAN creation VLANs created via GVRP MAC learning auto provision Learning disabled on VLANs : : : : : enabled disabled none disabled none Router1 #show gvrp interface Port Status Mode Gi3/1 on fastcompact Gi3/15 on fastcompact Registrar State normal fixed Port Gi3/1 Gi3/15 Transmit Timeout 200 200 Port Gi3/1 Gi3/15 Vlans Declared 1-10 1-2 Port Gi3/1 Gi3/15
cGVRP Additional References Additional References The following sections provide references related to the cGVRP feature. Related Documents Related Topic Document Title LAN Switching commands: complete command syntax, command mode, defaults, command history, usage guidelines, and examples Cisco IOS LAN Switching Command Reference, Release 12.
cGVRP Additional References Technical Assistance Description Link The Cisco Support website provides extensive online http://www.cisco.com/techsupport resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register on Cisco.com.
cGVRP Feature Information for cGVRP Feature Information for cGVRP Table 1 lists the release history for this feature. Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation. Use Cisco Feature Navigator to find information about platform support and software image support.
cGVRP Feature Information for cGVRP CCVP, the Cisco logo, and Welcome to the Human Network are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.
cGVRP Feature Information for cGVRP 20
