Cisco HWIC-4ESW - EtherSwitch HWIC Switch, User Manual

Page 1: ...itch HWIC or EtherSwitch network module in the same system An optional power module can also be added to provide inline power for IP telephones The HWIC D 9ESW HWIC requires a double wide card slot This hardware feature does not introduce any new or modified Cisco IOS commands Finding Feature Information in This Module Your Cisco IOS software release may not support all of the features documented ...

Page 2: ...W and the Cisco HWIC D 9ESW EtherSwitch HWICs No more than two Ethernet Switch HWICs or network modules may be installed in a host router Multiple Ethernet Switch HWICs or network modules installed in a host router will not act independently of each other They must be stacked as they will not work at all otherwise The ports of a Cisco EtherSwitch HWIC must NOT be connected to the Fast Ethernet Gig...

Page 3: ...board ports must be configured For information about intrachassis stacking configuration see the 16 and 36 Port Ethernet Switch Module for Cisco 2600 Series Cisco 3600 Series and Cisco 3700 series feature document Note Without this configuration and connection duplications will occur in the VLAN databases and unexpected packet handling may occur Information About EtherSwitch HWICs To configure the...

Page 4: ...duct software ios123 123newft 123t 123t_4 gt1636nm ht m 1051006 Spanning Tree Protocol For information on the concept of Spanning Tree Protocol refer to the material at this URL http www cisco com univercd cc td doc product software ios123 123newft 123t 123t_4 gt1636nm ht m 1048458 Cisco Discovery Protocol For information on the concept of the Cisco Discovery Protocol refer to the material at this...

Page 5: ...ercd cc td doc product software ios123 123newft 123t 123t_4 gt1636nm ht m 1054833 How to Configure EtherSwitch HWICs See the following sections for configuration tasks for the EtherSwitch HWICs Configuring VLANs page 6 Configuring VLAN Trunking Protocol page 10 Configuring Layer 2 Interfaces page 13 Configuring 802 1x Authentication page 23 Configuring Spanning Tree page 35 Configuring MAC Table M...

Page 6: ...vlan database 3 vlan vlan_id 4 exit DETAILED STEPS Verifying the VLAN Configuration You can verify the VLAN configuration in VLAN database mode Use the show command in VLAN database mode to verify the VLAN configuration as shown below Router vlan show VLAN ISL Id 1 Name default Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 v...

Page 7: ...d 101002 State Operational MTU 1500 Bridge Type SRB Translational Bridged VLAN 1 Translational Bridged VLAN 1003 VLAN ISL Id 1003 Name token ring default Media Type Token Ring VLAN 802 10 Id 101003 State Operational MTU 1500 Bridge Type SRB Ring Number 0 Bridge Number 1 Parent VLAN 1005 Maximum ARE Hop Count 7 Maximum STE Hop Count 7 Backup CRF Mode Disabled Translational Bridged VLAN 1 Translatio...

Page 8: ... active Fa0 1 0 3 Red_VLAN active 1002 fddi default active 1003 token ring default active 1004 fddinet default active 1005 trnet default active VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 1 enet 100001 1500 1002 1003 2 enet 100002 1500 0 0 3 enet 100003 1500 0 0 1002 fddi 101002 1500 1 1003 1003 tr 101003 1500 1005 0 srb 1 1002 1004 fdnet 101004 1500 1 ibm 0 0 1005 trnet 1...

Page 9: ...slational Bridged VLAN 1002 Translational Bridged VLAN 1003 VLAN ISL Id 1002 Name fddi default Media Type FDDI VLAN 802 10 Id 101002 State Operational MTU 1500 Bridge Type SRB Translational Bridged VLAN 1 Translational Bridged VLAN 1003 output truncated Router vlan Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 vlan database ...

Page 10: ...default active 1005 trnet default active Router Configuring VLAN Trunking Protocol This section describes how to configure the VLAN Trunking Protocol VTP on an EtherSwitch HWIC and contains the following tasks Configuring a VTP Server page 10 Configuring a VTP Client page 12 Disabling VTP VTP Transparent Mode page 12 Verifying VTP page 13 Note VTP pruning is not supported by EtherSwitch HWICs Conf...

Page 11: ...an vtp server Configures the switch as a VTP server Step 4 vtp domain domain_name Example Router vlan vtp domain distantusers Defines the VTP domain name which can be up to 32 characters long Step 5 vtp password password_value Example Router vlan vtp password philadelphis Optional Sets a password which can be from 8 to 64 characters long for the VTP domain Step 6 exit Example Router vlan exit Upda...

Page 12: ...gure the switch as VTP transparent you disable VTP on the switch A VTP transparent switch does not send VTP updates and does not act on VTP updates received from other switches Follow the steps below to disable VTP on the switch SUMMARY STEPS 1 enable 2 vlan database 3 vtp transparent 4 exit Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 vla...

Page 13: ...D is 1 3 214 25 on interface Fa0 0 first interface found Router Configuring Layer 2 Interfaces This section provides the following configuration information Configuring a Range of Interfaces page 14 required Defining a Range Macro page 14 optional Configuring Layer 2 Optional Interface Features page 15 optional Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if...

Page 14: ...er enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface range macro macro_name FastEthernet interface id interface id vlan vlan ID FastEthernet interface id interface id vlan vlan ID Example Router config interface range FastEthernet 0 1 0 0 1 3 Select the range of interface...

Page 15: ...ss page 21 Interface Speed and Duplex Configuration Guidelines When configuring an interface speed and duplex mode note these guidelines If both ends of the line support autonegotiation Cisco highly recommends the default auto negotiation settings If one interface supports auto negotiation and the other end does not configure duplex and speed on both interfaces do not use the auto setting on the s...

Page 16: ...terface speed to auto on a 10 100 Mbps Ethernet interface both speed and duplex are automatically negotiated Configuring the Interface Duplex Mode Follow the steps below to set the duplex mode of a Fast Ethernet interface Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure term...

Page 17: ...e the show interfaces command to verify the interface speed and duplex mode configuration for an interface as shown in the following output example Router show interfaces fastethernet 0 1 0 FastEthernet0 1 0 is up line protocol is up Hardware is Fast Ethernet address is 000f f70a f272 bia 000f f70a f272 MTU 1500 bytes BW 100000 Kbit DLY 100 usec reliability 255 255 txload 1 255 rxload 1 255 Encaps...

Page 18: ...0 CRC 0 frame 0 overrun 0 ignored 0 input packets with dribble condition detected 6 packets output 664 bytes 0 underruns 0 0 0 0 output errors 0 collisions 3 interface resets 0 babbles 0 late collision 0 deferred 0 lost carrier 0 no carrier 0 output buffer failures 0 output buffers swapped out Router Configuring a Description for an Interface You can add a description of an interface to help you r...

Page 19: ...rt trunk native vlan vlan num 7 switchport trunk allowed vlan add except none remove vlan1 vlan vlan 8 no shutdown 9 end Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface fastethernet interface id Example Router confi...

Page 20: ...omplete Step 5 switchport mode trunk Example Router config if switchport mode trunk Configures the interface as a Layer 2 trunk Note Encapsulation is always dot1q Step 6 switchport trunk native vlan vlan num Example Router config if switchport trunk native vlan 1 Optional For 802 1Q trunks specifies the native VLAN Step 7 switchport trunk allowed vlan add except none remove vlan1 vlan vlan Example...

Page 21: ...configuration 71 bytes interface FastEthernet0 3 1 switchport mode trunk no ip address end Router Router show interfaces trunk Port Mode Encapsulation Status Native vlan Fa0 3 1 on 802 1q trunking 1 Port Vlans allowed on trunk Fa0 3 1 1 1005 Port Vlans allowed and active in management domain Fa0 3 1 1 Port Vlans in spanning tree forwarding state and not pruned Fa0 3 1 1 Router Configuring a Fast E...

Page 22: ...ample Router configure terminal Enters global configuration mode Step 3 interface fastethernet interface id Example Router config interface fastethernet 0 1 0 Selects the interface to be configured Step 4 shutdown Example Router config if shutdown Optional Shuts down the interface to prevent traffic flow until configuration is complete Step 5 switchport mode access Example Router config if switchp...

Page 23: ...ty for untagged frames 0 Override vlan tag priority FALSE Voice VLAN none Appliance trust none Router Configuring 802 1x Authentication This section describes how to configure 802 1x port based authentication on an EtherSwitch HWIC Information About the Default 802 1x Configuration page 23 Enabling 802 1x Authentication page 25 Configuring the Switch to RADIUS Server Communication page 26 Enabling...

Page 24: ...out 802 1x based authentication of the client Periodic reauthentication Disabled Number of seconds between reauthentication attempts 3600 seconds Quiet period 60 seconds number of seconds that the switch remains in the quiet state following a failed authentication exchange with the client Retransmission time 30 seconds number of seconds that the switch should wait for a response to an EAP request ...

Page 25: ...he next authentication method in the method list This process continues until there is successful communication with a listed authentication method or until all defined methods are exhausted If authentication fails at any point in this cycle the authentication process stops and no other authentication methods are attempted Beginning in privileged EXEC mode follow these steps to configure 802 1x po...

Page 26: ...list To create a default list that is used when a named list is not specified in the authentication command use the default keyword followed by the methods that are to be used in default situations The default method list is automatically applied to all interfaces Enter at least one of these keywords group radius Use the list of all RADIUS servers for authentication none Use no authentication The ...

Page 27: ...ep 3 radius server host hostname ip address auth port port number key string Example Router raduis server host hostseven auth port 75 key newauthority75 Configures the RADIUS server parameters on the switch For hostname ip address specify the host name or IP address of the remote RADIUS server For auth port port number specify the UDP destination port for authentication requests The default is 164...

Page 28: ...ng Periodic Reauthentication You can enable periodic 802 1x client reauthentication and specify how often it occurs If you do not specify a time period before enabling reauthentication the number of seconds between reauthentication attempts is 3600 seconds Automatic 802 1x client reauthentication is a global setting and cannot be set for clients connected to individual ports Follow these steps to ...

Page 29: ...quiet period Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 dot1x re authentication Example Router config dot1x re authentication Enables periodic reauthentication of the client Periodic reauthentication is disabled by defau...

Page 30: ...mission time and then retransmits the frame Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 dot1x timeout quiet period seconds Example Router config dot1x timeout quiet period 120 Sets the number of seconds that the switch re...

Page 31: ... tx period global configuration command Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 dot1x timeout tx period seconds Example Router config dot1x timeout tx period seconds Sets the number of seconds that the switch waits fo...

Page 32: ... clients and authentication servers Follow the steps below to set the switch to client frame retransmission number SUMMARY STEPS 1 enable 2 configure terminal 3 dot1x max req count 4 end 5 show dot1x 6 copy running config startup config DETAILED STEPS Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal...

Page 33: ...s below to allow multiple hosts clients on an 802 1x authorized port that has the dot1x port control interface configuration command set to auto SUMMARY STEPS 1 enable 2 configure terminal 3 interface interface id 4 dot1x multiple hosts 5 end 6 show dot1x interface interface id 7 copy running config startup config DETAILED STEPS Step 5 show dot1x Example Router show dot1x Verifies your entries Ste...

Page 34: ...ow dot1x 6 copy running config startup config Step 3 interface interface id Example Router interface 0 1 2 Enters interface configuration mode Step 4 dot1x multiple hosts Example Router config if dot1x multiple hosts Allows multiple hosts clients on an 802 1x authorized port Make sure that the dot1x port control interface configuration command is set to auto for the specified interface Step 5 end ...

Page 35: ...C command Configuring Spanning Tree Enabling Spanning Tree page 36 Configuring Spanning Tree Port Priority page 37 Configuring Spanning Tree Port Cost page 38 Configuring the Bridge Priority of a VLAN page 41 Configuring Hello Time page 42 Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Rou...

Page 36: ...RY STEPS 1 enable 2 configure terminal 3 spanning tree vlan vlan ID 4 end 5 show spanning tree vlan vlan id DETAILED STEPS Example Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 spanning tree vlan vlan ID Example Router conf...

Page 37: ...64 FastEthernet0 1 8 of VLAN200 is forwarding Port path cost 19 Port priority 128 Port Identifier 129 9 Designated root has priority 16384 address 0060 704c 7000 Designated bridge has priority 32768 address 00e0 4fac b000 Designated port id is 128 2 designated path cost 19 Timers message age 3 forward delay 0 hold 0 Number of transitions to forwarding state 1 BPDU sent 3 received 3417 Router Confi...

Page 38: ...nning Tree Port Cost Spanning tree port costs are explained in the following section Step 3 interface ethernet fastethernet interface id Example Router config interface fastethernet 0 1 6 Selects an interface to configure Step 4 spanning tree port priority port priority Example Router config if spanning tree port priority 8 Configures the port priority for an interface The of port priority value c...

Page 39: ...ually assign port costs in the range of 1 to 65535 Default cost values are as follows Assigning Long Port Cost Values You can manually assign port costs in the range of 1 to 200 000 000 Recommended cost values are as follows Follow the steps below to configure the spanning tree port cost of an interface SUMMARY STEPS 1 enable 2 configure terminal 3 interface ethernet fastethernet interface id 4 sp...

Page 40: ...ters global configuration mode Step 3 interface ethernet fastethernet interface id Example Router config interface fastethernet 0 1 6 Selects an interface to configure Step 4 spanning tree cost port cost Example Router config if spanning tree cost 2000 Configures the port cost for an interface The value of port_cost can be from 1 to 200 000 000 1 to 65 535 in Cisco IOS Releases 12 1 2 E and earlie...

Page 41: ...rivileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 spanning tree vlan vlan ID priority bridge priority Example Router config spanning tree vlan 200 priority 2 Configures the bridge priority of a VLAN The bridge_priority value can be from 1 to 65535 Use the no form of this command to restore the def...

Page 42: ...ID hello time hello time DETAILED STEPS Configuring the Forward Delay Time for a VLAN Use the following task to configure the forward delay for the spanning tree SUMMARY STEPS 1 enable 2 configure terminal 3 spanning tree vlan vlan ID forward time forward time Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure...

Page 43: ...e vlan vlan ID max age max age Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 spanning tree vlan vlan ID forward time forward time Example Router config spanning tree vlan 20 forward time 5 Configures the forward time of a V...

Page 44: ...alue of 32768 entering the spanning tree vlan 100 root primary command on a switch will set the bridge priority for VLAN 100 to 8192 causing the switch to become the root bridge for VLAN 100 Note The root switch for each instance of spanning tree should be a backbone or distribution switch Do not configure an access switch as the spanning tree primary root Use the diameter keyword to specify the L...

Page 45: ...outer enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 spanning tree vlan vlan ID root primary diameter hops hello time seconds Example Router config spanning tree vlan 200 root primary Configures a switch as the root switch Use the no form of this command to restore the defaults ...

Page 46: ...ort secure by allowing only well known MAC addresses to send in data traffic Up to 200 secure MAC addresses per HWIC are supported Enabling Known MAC Address Traffic page 46 Creating a Static Entry in the MAC Address Table page 47 Configuring and Verifying the Aging Timer page 49 Enabling Known MAC Address Traffic Follow these steps to enable the MAC address secure option SUMMARY STEPS 1 enable 2 ...

Page 47: ... terminal 3 mac address table static mac address fastethernet interface id vlan vlan id 4 end 5 show mac address table Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 mac address table secure mac address fastethernet interfac...

Page 48: ...08 Static 331 FastEthernet0 3 2 000b bf94 0038 Static 331 FastEthernet0 3 0 000b bf94 0008 Static 348 FastEthernet0 3 2 000b bf94 0038 Static 348 FastEthernet0 3 0 Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 Router config...

Page 49: ...address table aging timer as illustrated below Router show mac address table aging time Mac address aging time 320 Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 mac address table aging time time Example Router config mac ad...

Page 50: ...obally use the following commands SUMMARY STEPS 1 enable 2 configure terminal 3 cdp run 4 end 5 show cdp DETAILED STEPS Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 cdp run Example Router config cdp run Enables CDP globall...

Page 51: ... an interface SUMMARY STEPS 1 enable 2 configure terminal 3 interface ethernet fastethernet 4 cdp enable 5 end 6 show cdp interface interface id 7 show cdp neighbors DETAILED STEPS Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Ste...

Page 52: ...t ID tftp switch Fas 0 0 125 R S I 2811 Fas 0 3 6 hwic 3745 2 Fas 0 1 0 149 R S I 3745 Fas 0 1 Router Monitoring and Maintaining CDP Use the following commands to monitor and maintain CDP on your device SUMMARY STEPS 1 enable 2 clear cdp counters 3 clear cdp table 4 show cdp 5 show cdp entry entry name protocol version 6 show cdp interface interface id 7 show cdp neighbors interface id detail 8 sh...

Page 53: ...neighbors Step 4 show cdp Example Router show cdp Optional Verifies global information such as frequency of transmissions and the holdtime for packets being transmitted Step 5 show cdp entry entry_name protocol version Example Router show cdp entry newentry Optional Verifies information about a specific neighbor The display can be limited to protocol or version information Step 6 show cdp interfac...

Page 54: ...able 2 configure terminal 3 monitor session session id destination interface type interface id vlan vlan ID 4 show monitor session 5 no monitor session session id Command or Action Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 monitor sessio...

Page 55: ...onfigure terminal Example Router configure terminal Enters global configuration mode Step 3 monitor session session id destination interface interface id vlan vlan ID rx tx both Example Router config monitor session 1 source interface fastethernet 0 3 1 Specifies the SPAN session number 1 the source interfaces or VLANs and the traffic direction to be monitored The example shows how to configure th...

Page 56: ... You can configure the switch never to supply power to the Cisco 7960 IP phone and to disable the detection mechanism Follow these steps to manage the powering of the Cisco IP phones SUMMARY STEPS 1 enable 2 configure terminal 3 interface fastethernet interface id 4 power inline auto never 5 end 6 show power inline DETAILED STEPS Command Purpose Step 1 enable Example Router enable Enables privileg...

Page 57: ...s Fa0 3 2 auto Cisco On 6 300 Watts Fa0 3 3 auto Cisco On 6 300 Watts Fa0 3 4 auto Cisco On 6 300 Watts Fa0 3 5 auto Cisco On 6 300 Watts Fa0 3 6 auto IEEE 2 On 7 000 Watts Fa0 3 7 auto Cisco On 6 300 Watts Configuring IP Multicast Layer 3 Switching These sections describe how to configure IP multicast Layer 3 switching Enabling IP Multicast Routing Globally page 57 Enabling IP Protocol Independen...

Page 58: ...tocols Release 12 2 at this URL http www cisco com univercd cc td doc product software ios122 122cgcr fiprrp_r index htm Cisco IOS IP Command Reference Volume 3 of 3 Multicast Release 12 2 at this URL http www cisco com univercd cc td doc product software ios122 122cgcr fiprmc_r index htm Use the following commands to enable IP multicast routing globally SUMMARY STEPS 1 enable 2 configure terminal...

Page 59: ...LED STEPS Examples The following example shows how to enable PIM on an interface using the default mode sparse dense mode Router config if ip pim sparse dense mode Router config if The following example shows how to enable PIM sparse mode on an interface Router config if ip pim sparse mode Router config if Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your ...

Page 60: ...otal RPF failed Other drops OIF null rate limit etc Group 209 165 200 225 Source count 1 Packets forwarded 0 Packets received 66 Source 10 0 0 2 32 Forwarding 0 0 0 0 Other 66 0 66 Group 209 165 200 226 Source count 0 Packets forwarded 0 Packets received 0 Group 209 165 200 227 Source count 0 Packets forwarded 0 Packets received 0 Group 209 165 200 228 Source count 0 Packets forwarded 0 Packets re...

Page 61: ...gs D Dense S Sparse B Bidir Group s SSM Group C Connected L Local P Pruned R RP bit set F Register flag T SPT bit set J Join SPT M MSDP created entry X Proxy Join Timer Running A Candidate for MSDP Advertisement U URD I Received Source Specific Host Report Z Multicast Tunnel Y Joined MDT data group y Sending to MDT data group Outgoing interface flags H Hardware switched A Assert winner Timers Upti...

Page 62: ...enable VLAN snooping If global snooping is enabled you can enable or disable snooping on a VLAN basis Follow the steps below to globally enable IGMP snooping on the EtherSwitch HWIC SUMMARY STEPS 1 enable 2 configure terminal 3 ip igmp snooping 4 end 5 show ip igmp snooping 6 copy running config startup config DETAILED STEPS Command Purpose Step 1 enable Example Router enable Enables privileged EX...

Page 63: ...mp snooping Example Router show ip igmp snooping Displays snooping configuration Step 6 copy running config startup config Example Router copy running config startup config Optional Saves your configuration to the startup configuration Command Purpose Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example R...

Page 64: ...hould use the Immediate Leave feature only when there is only a single receiver present on every port in the VLAN Use the following steps to enable IGMP Immediate Leave processing SUMMARY STEPS 1 enable 2 configure terminal 3 ip igmp snooping vlan vlan id immediate leave 4 end 5 show ip igmp snooping 6 copy running config startup config DETAILED STEPS Step 5 show ip igmp snooping vlan vlan id Exam...

Page 65: ...EPS 1 enable 2 configure terminal 3 ip igmp snooping vlan vlan id static mac address interface interface id 4 end 5 show mac address table multicast vlan vlan id user igmp snooping count 6 show igmp snooping 7 copy running config startup config Step 3 ip igmp snooping vlan vlan id immediate leave Example Router config ip igmp snooping vlan 1 immediate leave Enables IGMP Immediate Leave processing ...

Page 66: ...xample Router config end Returns to privileged EXEC mode Step 5 show mac address table multicast vlan vlan id user igmp snooping count Example Router show mac address table multicast vlan 1 igmp snooping Displays MAC address table entries for a VLAN vlan id is the multicast group VLAN ID user displays only the user configured multicast entries igmp snooping displays entries learned via IGMP snoopi...

Page 67: ...g startup config DETAILED STEPS Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 ip igmp snooping vlan vlan id mrouter interface interface id learn pim dvmrp Example Router config ip igmp snooping vlan1 interface Fa0 1 1 learn pim dvmrp...

Page 68: ...oadcast and multicast suppression is disabled Enabling Per Port Storm Control Use these steps to enable per port storm control SUMMARY STEPS 1 enable 2 configure terminal 3 interface interface id 4 storm control broadcast multicast unicast level level high level low 5 storm control action shutdown 6 end 7 show storm control interface broadcast multicast unicast history Step 6 show ip igmp snooping...

Page 69: ...ol broadcast multicast unicast level level high level low Example Router config if Storm control broadcast level 7 Configures broadcast multicast or unicast per port storm control Specify the rising threshold level for either broadcast multicast or unicast traffic The storm control action occurs when traffic utilization reaches this level Optional Specify the falling threshold level The normal tra...

Page 70: ...e Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface interface id Example Router config interface 0 3 1 Enters interface configuration mode and specifies the port to configure Step 4 no storm control broadcast multicast unicast level level high level low Example Router config if ...

Page 71: ...rom each switch module to physically stack the switch modules Any one port in a switch module can be designated as the stacking partner for that switch module Follow the steps below to configure a pair of ports on two different switch modules as stacking partners SUMMARY STEPS 1 enable 2 configure terminal 3 interface fastethernet interface id 4 no shutdown 5 switchport stacking partner interface ...

Page 72: ...terface This step is required only if you shut down the interface Step 5 switchport stacking partner interface fastethernet partner interface id Example Router config if switchport stacking partner interface FastEthernet partner interface id Selects and configures the stacking partner port To restore the defaults use the no form of this command Step 6 exit Example Router config if exit Returns to ...

Page 73: ...the Bridge Table Aging Time page 77 Filtering Frames by a Specific MAC Address page 78 Adjusting Spanning Tree Parameters page 79 Monitoring and Maintaining the Network page 89 Understanding the Default Fallback Bridging Configuration Table 2 shows the default fallback bridging configuration Table 2 Default Fallback Bridging Configuration Feature Default Setting Bridge groups None are defined or a...

Page 74: ...dge group bridge group 7 end 8 show vlan bridge 9 show running config 10 copy running config startup config DETAILED STEPS Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 no ip routing Example Router config no ip routing Disables IP ro...

Page 75: ...interface id Example Router config interface 0 3 1 Enters interface configuration mode and specifies the interface on which you want to assign the bridge group The specified interface must be an SVI a VLAN interface that you created by using the interface vlan vlan id global configuration command These ports must have IP addresses assigned to them Step 6 bridge group bridge group Example Router co...

Page 76: ...0 acquire Enables the switch to stop forwarding any frames for stations that it has dynamically learned through the discovery process and to limit frame forwarding to statically configured stations The switch filters all frames except those whose destined to addresses have been statically configured into the forwarding cache To configure a static address use the bridge bridge group address mac add...

Page 77: ...entries for a longer time and thus reduce the possibility of flooding when the hosts send again Follow the steps below to configure the aging time SUMMARY STEPS 1 enable 2 configure terminal 3 bridge bridge group aging time seconds 4 end 5 show running config 6 copy running config startup config DETAILED STEPS Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter y...

Page 78: ...icular MAC layer station destination address Any number of addresses can be configured in the system without a performance penalty Follow the steps below to filter by the MAC layer address SUMMARY STEPS 1 enable 2 configure terminal 3 bridge bridge group address mac address forward discard interface id 4 end 5 show running config 6 copy running config startup config DETAILED STEPS Step 5 show runn...

Page 79: ... Interval page 84 Changing the Maximum Idle Interval page 85 Disabling the Spanning Tree on an Interface page 87 Note Only network administrators with a good understanding of how switches and STP function should make adjustments to spanning tree parameters Poorly planned adjustments can have a negative impact on performance A good source on switching is the IEEE 802 1d specification for more infor...

Page 80: ...1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 bridge bridge group priority number Example Router config bridge 100 priority 5 Changes the priority of the switch For bridge group specify the bridge group number The range is 1 to 255 For number enter a num...

Page 81: ...ridge group bridge group priority number 5 end 6 show running config 7 copy running config startup config DETAILED STEPS Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface interface id Example Router config interface 0 3 1 Enter...

Page 82: ...dge group path cost cost 5 end 6 show running config 7 copy running config startup config DETAILED STEPS Step 6 show running config Example Router show running config Verifies your entry Step 7 copy running config startup config Example Router copy running config startup config Optional Saves your entry in the configuration file Command Purpose Command Purpose Step 1 enable Example Router enable E...

Page 83: ...interval and the maximum idle interval parameters of the root switch regardless of what its individual configuration might be Adjusting the Interval Between Hello BPDUs Follow the steps below to adjust the interval between hello BPDUs SUMMARY STEPS 1 enable 2 configure terminal 3 bridge bridge group hello time seconds 4 end 5 show running config Step 4 bridge bridge group path costs cost Example R...

Page 84: ...erminal Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 bridge bridge group hello time seconds Example Router config if bridge 100 hello time 5 Specifies the interval between hello BPDUs For bridge group specify the bridge group number...

Page 85: ...e Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 bridge bridge group forward time seconds Example Router config if bridge 100 forward time 25 Specifies the forward delay interval For bridge group specify the bridge group number The ra...

Page 86: ... configure terminal Example Router configure terminal Enters global configuration mode Step 3 bridge bridge group max age seconds Example Router config if bridge 100 forward time 25 Specifies the interval the switch waits to hear BPDUs from the root switch For bridge group specify the bridge group number The range is 1 to 255 For seconds enter a number from 10 to 200 The default is 30 seconds Step...

Page 87: ...nfigure terminal 3 interface interface id 4 bridge group bridge group spanning disabled 5 end 6 show running config 7 copy running config startup config DETAILED STEPS Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface interface...

Page 88: ...he interface use the no bridge group bridge group spanning disabled interface configuration command Step 6 show running config Example Router show running config Verifies your entry Step 7 copy running config startup config Example Router copy running config startup config Optional Saves your entry in the configuration file Command Purpose ...

Page 89: ...and intelligent services of Cisco IOS software for branch office applications The HWICs can identify user applications such as voice or multicast video and classify traffic with the appropriate priority levels Note Refer to the Cisco AVVID QoS Design Guide for more information on how to implement end to end QoS as you deploy Cisco AVVID solutions Follow these steps to automatically configure Cisco...

Page 90: ...dditional IP subnet for IP phones or to divide the existing IP address space into an additional subnet at the remote branch it might be necessary to use a single IP address space for branch offices This is one of the simpler ways to deploy IP telephony This configuration approach must address two key considerations Network managers should ensure that existing subnets have enough available IP addre...

Page 91: ...guration in flash memory Router write memory Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface interface id Example Router config interface 0 2 1 Enters the interface configuration mode and the port to be configured e g interfa...

Page 92: ...e 101 Configuring Static Addresses page 103 Clearing All MAC Address Tables page 105 Adding Trap Managers A trap manager is a management station that receives and processes traps When you configure a trap manager community strings for each member switch must be unique If a member switch has an IP address assigned to it the management station accesses the switch by using its assigned IP address By ...

Page 93: ...hout an IP address requests the information from the BOOTP server the requested information is saved in the switch running the configuration file To ensure that the IP information is saved when the switch is restarted save the configuration by entering the write memory command in privileged EXEC mode You can change the information in these fields The mask identifies the bits that denote the networ...

Page 94: ...mpted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface vlan_id Example Router config interface vlan 1 Enters interface configuration mode and specifies the VLAN to which the IP information is assigned VLAN 1 is the management VLAN but you can configure any VLAN from IDs 1 to 1001 Step 4 ip address ip address subnet mask Example Router co...

Page 95: ...nd related Telnet support operations This cache speeds the process of converting names to addresses Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 interface vlan_id Example Router config interface vlan 1 Enters interface configuration...

Page 96: ...r a list of domain names When you specify a domain name any IP host name without a domain name has that domain name appended to it before being added to the host table Specifying a Name Server You can specify up to six hosts that can function as a name server to supply name information for the DNS Enabling the DNS If your network devices require connectivity with devices in networks for which you ...

Page 97: ...lobal configuration mode Step 3 monitor session session id destination source interface vlan interface id vlan id both tx rx Example Router config monitor session session id destination source interface vlan interface id vlan id both tx rx Enables port monitoring for a specific session number Optionally supply a SPAN destination interface and a source interface Step 4 end Example Router config end...

Page 98: ...nd must be manually removed Managing the MAC Address Tables This section describes how to manage the MAC address tables on the HWICs The following topics are included Understanding MAC Addresses and VLANs page 99 Changing the Address Aging Time page 99 Configuring the Aging Time page 99 Verifying Aging Time Configuration page 100 The switch uses the MAC address tables to forward traffic between po...

Page 99: ...dresses that are statically entered in one VLAN must be static addresses in all other VLANs Changing the Address Aging Time Dynamic addresses are source MAC addresses that the switch learns and then drops when they are not in use Use the Aging Time field to define how long the switch retains unseen addresses in the table This parameter applies to all VLANs Configuring the Aging Time Setting too sh...

Page 100: ...able 2 configure terminal 3 no mac address table dynamic hw addr 4 end Command Purpose Step 1 enable Example Router enable Enables privileged EXEC mode Enter your password if prompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 mac address table aging time seconds Example Router config mac address table aging time 30000 Enters the number of s...

Page 101: ...itch reassigns the secure address to the new port You can enter a secure port address even when the port does not yet belong to a VLAN When the port is later assigned to a VLAN packets destined for that address are forwarded to the port Follow these steps to add a secure address SUMMARY STEPS 1 enable 2 configure terminal 3 mac address table secure address hw addr interface interface id vlan vlan ...

Page 102: ...p 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 mac address table secure address hw addr interface interface id vlan vlan id Example Router config mac address table secure address 0100 5e05 0505 interface 0 3 1 vlan vlan 1 Enters the MAC address its associated port and the VLAN ID Step 4 end Example Router config end Returns to privileged EXEC mode ...

Page 103: ... ports are associated with at least one VLAN the switch acquires the VLAN ID for the address from the ports that you select on the forwarding map A static address in one VLAN must be a static address in other VLANs A packet with a static address that arrives on a VLAN where it has not been statically entered is flooded to all ports and not learned Follow these steps to add a static address SUMMARY...

Page 104: ...rompted Step 2 configure terminal Example Router configure terminal Enters global configuration mode Step 3 mac address table static hw addr interface interface id vlan vlan id Example Router config mac address table static 0100 5e05 0505 interface 0 3 1 vlan vlan 1 Enters the static MAC address the interface and the VLAN ID of those ports Step 4 end Example Router config end Returns to privileged...

Page 105: ...ype VLAN Destination Port 000a 000b 000c Static 1 FastEthernet0 1 0 Clearing All MAC Address Tables To remove all addresses use the clear mac address command in privileged EXEC mode Step 3 no mac address table static hw addr interface interface id vlan vlan id Example Router config no mac address table static 0100 5e05 0505 interface 0 3 1 vlan vlan Enters the static MAC address the interface and ...

Page 106: ...e range fastEthernet 0 3 0 8 Router config if range no shutdown Router config if range Mar 21 14 01 21 474 LINK 3 UPDOWN Interface FastEthernet0 3 0 changed state to up Mar 21 14 01 21 490 LINK 3 UPDOWN Interface FastEthernet0 3 1 changed state to up Mar 21 14 01 21 502 LINK 3 UPDOWN Interface FastEthernet0 3 2 changed state to up Mar 21 14 01 21 518 LINK 3 UPDOWN Interface FastEthernet0 3 3 chang...

Page 107: ...g set to full on Fast Ethernet interface 0 3 7 Router config interface fastethernet 0 3 7 Router config if duplex full Adding a Description for an Interface Example The following example shows how to add a description of Fast Ethernet interface 0 3 7 Router config interface fastethernet 0 3 7 Router config if description Link to root switch Stacking Example The following example shows how to stack...

Page 108: ...ter config if switchport access vlan 2 Router config if exit VLAN Trunking Using VTP Example The following example shows how to configure the switch as a VTP server Router vlan database Router vlan vtp server Setting device to VTP SERVER mode Router vlan vtp domain Lab_Network Setting VTP domain name to Lab_Network Router vlan vtp password WATER Setting device VLAN database password to WATER Route...

Page 109: ...ieee compatible Spanning Tree protocol Bridge Identifier has priority 32768 address 00ff ff90 3f54 Configured hello time 2 max age 20 forward delay 15 Current root has priority 32768 address 00ff ff10 37b7 Root port is 33 FastEthernet0 3 2 cost of root path is 19 Topology change flag not set detected flag not set Number of topology flags 0 last change occurred 00 05 50 ago Times hold 1 topology ch...

Page 110: ...ted path cost 0 Timers message age 2 forward delay 0 hold 0 Number of transitions to forwarding state 1 BPDU sent 1 received 175 Router Bridge Priority of a VLAN Example The following example shows the bridge priority of VLAN 20 being configured to 33792 Router configure terminal Router config spanning tree vlan 20 priority 33792 Router config end Router Hello Time Example The following example sh...

Page 111: ...nfig end Router Spanning Tree Root Example The following example shows the switch being configured as the root bridge for VLAN 10 with a network diameter of 4 Router configure terminal Router config spanning tree vlan 10 root primary diameter 4 Router config exit Router MAC Table Manipulation Example The following example shows a static entry being configured in the MAC address table Router config...

Page 112: ... Session Example This following example shows interface Fast Ethernet 0 3 2 being removed as a SPAN source for SPAN session 1 Router config no monitor session 1 source interface fastethernet 0 3 2 IGMP Snooping Example The following example shows the output from configuring IGMP snooping Router show mac address table multicast igmp snooping HWIC Slot 1 MACADDR VLANID INTERFACES 0100 5e05 0505 1 Fa...

Page 113: ...oute IP Multicast Routing Table Flags D Dense S Sparse B Bidir Group s SSM Group C Connected L Local P Pruned R RP bit set F Register flag T SPT bit set J Join SPT M MSDP created entry X Proxy Join Timer Running A Candidate for MSDP Advertisement U URD I Received Source Specific Host Report Outgoing interface flags H Hardware switched Timers Uptime Expires Interface state Interface Next Hop or VCD...

Page 114: ...00 00 N A Fa0 1 1 inactive 100 00 100 00 N A Fa0 1 2 inactive 100 00 100 00 N A Fa0 1 3 inactive 100 00 100 00 N A Fa0 3 0 inactive 100 00 100 00 N A Fa0 3 1 inactive 100 00 100 00 N A Fa0 3 2 inactive 100 00 100 00 N A Fa0 3 3 Forwarding 70 00 30 00 0 00 Fa0 3 4 inactive 100 00 100 00 N A Fa0 3 5 inactive 100 00 100 00 N A Fa0 3 6 inactive 100 00 100 00 N A Fa0 3 7 inactive 100 00 100 00 N A Fa0 ...

Page 115: ...helper address would not be required Inter VLAN Routing Example Configuring inter VLAN routing is identical to the configuration on an EtherSwitch HWIC with an MSFC Configuring an interface for WAN routing is consistent with other IOS platforms The following example provides a sample configuration interface Vlan 160 description voice vlan ip address 10 6 1 1 255 255 255 0 interface Vlan 60 descrip...

Page 116: ...e Using a separate subnet and possibly a separate IP address space may not be an option for some small branch offices due to the IP routing configuration If the IP routing can handle an additional subnet at the remote branch you can use Cisco Network Registrar and secondary addressing Additional References The following sections provide references related to EtherSwitch HWICs Related Documents Sta...

Page 117: ... may be available in your Cisco IOS software release For release information about a specific command see the command reference documentation MIBs MIBs Link No new or modified MIBs are supported by this feature and support for existing MIBs have not been modified by this feature To locate and download MIBs for selected platforms Cisco IOS releases and feature sets use Cisco MIB Locator found at th...

Page 118: ...erved Table 3 Feature Information for the 4 Port Cisco HWIC 4ESW and the 9 Port Cisco HWIC D 9ESW EtherSwitch High Speed WAN Interface Cards Feature Name Releases Feature Information 4 port Cisco HWIC 4ESW and the 9 port Cisco HWIC D 9ESW EtherSwitch high speed WAN interface cards HWICs hardware feature 12 3 8 T4 The 4 port Cisco HWIC 4ESW and the 9 port Cisco HWIC D 9ESW EtherSwitch high speed WA...