Cisco WS-C2960S-48LPD-L Software Guide

Cisco WS-C2960S-48LPD-L Manual

Get Cisco WS-C2960S-48LPD-L PDF manuals and user guides View all Cisco WS-C2960S-48LPD-L manuals
Add to My Manuals
Save this manual to your list of manuals

Cisco WS-C2960S-48LPD-L manual content summary:

  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 1
    Catalyst 2960 Switch Software Configuration Guide Cisco IOS Release 12.2(40)SE Revised September 2007 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 2
    , and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. Catalyst 2960 Switch Software Configuration Guide © 2006-2007 Cisco Systems, Inc. All rights reserved.
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 3
    Support, VLAN Features 1-7 Security Features 1-7 QoS and CoS Features 1-9 Monitoring Features 1-10 Default Settings After Initial Switch Configuration 1-10 Network Configuration Examples 1-12 Design Concepts for Using the Switch 1-12 Small to Medium-Sized Network Using Catalyst 2960 Switches
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 4
    3-12 Booting Manually 3-13 Booting a Specific Software Image 3-14 Controlling Environment Variables 3-14 Scheduling a Reload of the Software Image 3-16 Configuring a Scheduled Reload 3-16 Displaying Scheduled Reload Information 3-17 Catalyst 2960 Switch Software Configuration Guide iv OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 5
    VLANs 5-7 Discovery of Newly Installed Switches 5-8 HSRP and Standby Cluster Command Switches 5-9 Virtual IP Addresses 5-10 Other Considerations for Cluster Standby Groups 5-10 Automatic Recovery of Cluster Configuration 5-11 IP Addresses 5-12 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 6
    Service 6-6 Configuring NTP Access Restrictions 6-8 Configuring the Source IP Address for NTP Packets 6-10 Displaying the NTP Configuration 6-11 Configuring Time and Date Manually MAC Address Table 6-19 Building the Address Table 6-20 Catalyst 2960 Switch Software Configuration Guide vi OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 7
    E R 8 C H A P T E R OL-8603-04 MAC Addresses and VLANs 6-20 Default MAC Address Table Configuration 6-21 Changing the Address Aging Time 6-21 Removing Dynamic Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 8-16 Catalyst 2960 Switch Software Configuration Guide vii
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 8
    8-40 Configuring the Secure HTTP Server 8-41 Configuring the Secure HTTP Client 8-43 Displaying Secure HTTP Server and Client Status 8-43 Configuring the Switch for Secure Copy Protocol 8-43 Information About Secure Copy 8-44 Catalyst 2960 Switch Software Configuration Guide viii OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 9
    Switch-to-Client Retransmission Time 9-27 Setting the Switch-to-Client Frame-Retransmission Number 9-28 Setting the Re-Authentication Number 9-28 Configuring IEEE 802.1x Accounting 9-29 Configuring a Guest VLAN 9-30 Configuring a Restricted VLAN 9-31 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 10
    Understanding Interface Types 10-1 Port-Based VLANs 10-2 Switch Ports 10-2 Access Ports 10-2 Configuring Ethernet Interfaces 10-9 Default Ethernet Interface on an Interface 10-15 Adding a Description for an Interface 10-16 Configuring Catalyst 2960 Switch Software Configuration Guide x OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 11
    with Other Features 12-16 Configuring a Trunk Port 12-17 Defining the Allowed VLANs on a Trunk 12-18 Changing the Pruning-Eligible List 12-19 Configuring the Native VLAN for Untagged Traffic 12-19 Configuring Trunk Ports for Load Sharing 12-20 Catalyst 2960 Switch Software Configuration Guide xi
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 12
    -27 Changing the Retry Count 12-28 Monitoring the VMPS 12-28 Troubleshooting Dynamic-Access Port VLAN Membership 12-29 VMPS Configuration Example 12-29 Configuring VTP 13-1 Understanding VTP Version 2 13-13 Enabling VTP Pruning 13-14 Catalyst 2960 Switch Software Configuration Guide xii OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 13
    -10 Default Spanning-Tree Configuration 15-11 Spanning-Tree Configuration Guidelines 15-12 Changing the Spanning-Tree Mode. 15-13 Disabling Spanning Tree 15-14 Catalyst 2960 Switch Software Configuration Guide xiii
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 14
    Switch Priority of a VLAN 15-19 Configuring Spanning-Tree Timers 15-20 Configuring the Hello Time 15-20 Configuring the Forwarding-Delay Time for a VLAN 15-21 Configuring the Maximum-Aging Time for a VLAN the Root Switch 16-17 Catalyst 2960 Switch Software Configuration Guide xiv OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 15
    -18 Configuring Port Priority 16-19 Configuring Path Cost 16-20 Configuring the Switch Priority 16-21 Configuring the Hello Time 16-22 Configuring the Forwarding-Delay IGMP Snooping and MVR 18-1 Understanding IGMP Snooping 18-1 IGMP Versions 18-2 Catalyst 2960 Switch Software Configuration Guide xv
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 16
    Suppression 18-15 Displaying IGMP Snooping Information 18-15 Understanding Multicast VLAN Registration 18-17 Using MVR in a Multicast Television Application 18- 19-1 Configuring Storm Control 19-1 Understanding Storm Control 19-1 Catalyst 2960 Switch Software Configuration Guide xvi OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 17
    Configuration 21-3 Configuring LLDP Characteristics 21-4 Disabling and Enabling LLDP Globally 21-5 Disabling and Enabling LLDP on an Interface 21-5 Configuring LLDP-MED TLVs 21-6 Catalyst 2960 Switch Software Configuration Guide xvii
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 18
    23-13 Specifying VLANs to Filter 23-14 Configuring RSPAN 23-15 RSPAN Configuration Guidelines 23-16 Configuring a VLAN as an RSPAN VLAN 23-16 Creating an RSPAN Source Session 23-17 Creating an RSPAN Destination Session 23-19 xviii Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 19
    -8603-04 Creating an RSPAN Destination Session and Configuring Incoming Traffic 23-20 Specifying VLANs to Filter 23-21 Displaying SPAN and RSPAN Status 23-22 Configuring RMON 24-1 Interface 24-5 Collecting Group Ethernet Statistics on an Interface Catalyst 2960 Switch Software Configuration Guide xix
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 20
    Cisco IOS IP SLAs Operations 27-1 Understanding Cisco IOS IP SLAs 27-1 Using Cisco IOS IP Weighted Tail Drop 28-12 SRR Shaping and Sharing 28-13 Queueing and Scheduling on Ingress Queues 28-14 Queueing and Scheduling on Egress Queues 28-16 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 21
    Ingress Queue and Setting WTD Thresholds 28-58 Allocating Buffer Space Between the Ingress Queues 28-59 Allocating Bandwidth Between the Ingress Queues 28-60 Catalyst 2960 Switch Software Configuration Guide xxi
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 22
    30-3 Multicast Client Aging Robustness 30-3 Multicast Router Discovery 30-3 MLD Reports 30-4 MLD Done Messages and Immediate-Leave 30-4 Topology Change Notification Processing 30-5 Catalyst 2960 Switch Software Configuration Guide xxii OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 23
    -State Tracking Configuration 31-20 Link-State Tracking Configuration Guidelines 31-20 Configuring Link-State Tracking 31-20 Displaying Link-State Tracking Status 31-21 Catalyst 2960 Switch Software Configuration Guide xxiii
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 24
    -19 Using the show platform forward Command 32-20 Using the crashinfo Files 32-21 Basic crashinfo Files 32-21 Extended crashinfo Files 32-22 Supported MIBs A-1 MIB List A-1 Using FTP to Access the MIB Files A-3 xxiv Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 25
    I X Working with the Cisco IOS File System, Configuration Files, Replacement and Rollback B-19 Configuration Guidelines B-21 Configuring the Configuration Archive B-21 Performing a Configuration Replacement or Rollback Operation B-22 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 26
    a Catalyst 2950 Switch to a Catalyst 2960 Switch C-1 Configuration Compatibility Issues C-1 Feature Behavior Incompatibilities C-5 Unsupported Commands in Cisco IOS Release Commands D-3 Unsupported Global Configuration Commands D-3 xxvi Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 27
    Interface Configuration Command D-6 VLAN D-6 Unsupported Global Configuration Command D-6 Unsupported vlan-config Command D-6 Unsupported User EXEC Commands D-6 VTP D-6 Unsupported Privileged EXEC Commands D-6 Contents OL-8603-04 Catalyst 2960 Switch Software Configuration Guide xxvii
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 28
    Contents xxviii Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 29
    with the concepts and terminology of Ethernet and local area networking. Purpose This guide provides the information that you need to configure Cisco IOS software features on your switch. The Catalyst 2960 software provides enterprise-class intelligent services such as access control lists (ACLs
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 30
    instructions and information: Command descriptions not contained in this manual. Caution Means reader be Cisco.com). • For Network Assistant requirements, see the Getting Started with Cisco Network Assistant (not orderable but available on Cisco.com). Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 31
    Support, and Security Guidelines" section on page xxxii. • Release Notes for the Catalyst 3750, 3560, 2970, and 2960 Switches (not orderable but available on Cisco.com) • Catalyst 3750, 3560, 3550, 2970, and 2960 Switch System Message Guide (not orderable but available on Cisco.com) • Catalyst 2960
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 32
    aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html xxxii Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 33
    the cryptographic version of the software) • QoS and CoS Features, page 1-9 • Monitoring Features, page 1-10 Ease-of-Deployment and Ease-of-Use Features The switch ships with these features to make the deployment and the use easier: OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 34
    that are not directly connected to the command switch. Performance Features The switch ships with these performance features: • Autosensing of port speed and autonegotiation of duplex mode on all switch ports for optimizing bandwidth Catalyst 2960 Switch Software Configuration Guide 1-2 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 35
    for configuring the leave latency for the network • Switch Database Management (SDM) templates for allocating system resources to maximize support for user-selected features • Cisco IOS IP Service Level Agreements (SLAs), a part of Cisco IOS software that uses active traffic monitoring for measuring
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 36
    the endpoint device • Network Time Protocol (NTP) for providing a consistent time stamp to all switches from an external source • Cisco IOS File System (IFS) for providing a single interface to all file systems that the switch uses Catalyst 2960 Switch Software Configuration Guide 1-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 37
    copying switch configuration or switch image files (requires the cryptographic version of the software) • Configuration replacement and rollback to replace the running configuration on a switch with any saved Cisco IOS configuration file OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 38
    128 spanning-tree instances supported - Per-VLAN spanning-tree plus (PVST+) for load balancing across VLANs - Rapid PVST+ for load balancing across VLANs and providing rapid as an alternative to STP for basic link redundancy Catalyst 2960 Switch Software Configuration Guide 1-6 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 39
    to an operational link on another Cisco Ethernet switch. • RPS support through the Cisco RPS 300 and Cisco RPS 675 for enhancing power reliability VLAN Features These are the VLAN features: • Support for up to 255 VLANs for assigning users to VLANs associated with appropriate network resources
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 40
    AAA) services • Secure Socket Layer (SSL) Version 3.0 support for the HTTP 1.1 server authentication, encryption, and message integrity and HTTP client authentication to allow secure HTTP communications (requires the cryptographic version of the software) Catalyst 2960 Switch Software Configuration
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 41
    switch port for managing how much of the port bandwidth should be allocated to a specific traffic flow - In Cisco IOS - Weighted tail drop service for specifying the rate at which packets are sent to the internal ring (sharing is the only supported Catalyst 2960 Switch Software Configuration Guide 1-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 42
    DHCP Features and IP Source Guard." • Switch cluster is disabled. For more information about switch clusters, see Chapter 5, "Clustering Switches," and the Getting Started with Cisco Network Assistant, available on Cisco.com. 1-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 43
    Chapter 11, "Configuring Smartports Macros." • VLANs - Default VLAN is VLAN 1. For more information, see Chapter 12, "Configuring VLANs." - VLAN trunking setting is dynamic auto (DTP). For 18, "Configuring IGMP Snooping and MVR." OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 44
    Fast Ethernet and Gigabit Ethernet connections. • "Design Concepts for Using the Switch" section on page 1-12 • "Small to Medium-Sized Network Using Catalyst 2960 Switches" section of the network applications that they use. 1-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 45
    on the uplink ports and availability to provide always on so that the uplink port with a lower relative port cost is selected to carry the VLAN mission-critical applications traffic. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 46
    documentation sets specific to these switches for LRE information. You can use the switches to create the following: • Cost-effective Gigabit-to-the-desktop for high-performance workgroups (Figure 1-1)-For high-speed access to network resources, you can use the Cisco Catalyst 2960 switches in the
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 47
    redundant Gigabit EtherChannels. Using dual SFP module uplinks from the switches provides redundant uplinks to the network core. Using SFP modules provides flexibility in media and distance options through fiber-optic connections. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 48
    telephony and IP networks, and the IP network supports both voice and data. The routers also provide firewall services, Network Address Translation (NAT) services, voice-over-IP (VoIP) gateway services, and WAN and Internet access. 1-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 49
    cable. The CWDM OADM modules on the receiving end separate (or demultiplex) the different wavelengths. For more information about the CWDM SFP modules and CWDM OADM modules, see the Cisco CWDM GBIC and CWDM SFP Installation Note. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 50
    multilayer switches Where to Go Next Before configuring the switch, review these sections for startup information: • Chapter 2, "Using the Command-Line Interface" • Chapter 3, "Assigning the Switch IP Address and Default Gateway" 95750 1-18 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 51
    2 C H A P T E R Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) and how to use it to configure your Catalyst 2960 switch. It contains these sections: • Understanding Command Modes, page 2-1 • Understanding the Help System, page 2-3 • Understanding
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 52
    -range VLANs (VLAN IDs greater than 1005) and save configurations in the switch startup configuration file. To exit to privileged EXEC mode, enter exit. Use this mode to configure VLAN parameters for VLANs 1 to 1005 in the VLAN database. Catalyst 2960 Switch Software Configuration Guide 2-2 OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 53
    description of the help system in any command mode. Obtain a list of commands that begin with a particular character string. For example: Switch# di? dir disable disconnect Complete a partial command name. For example: Switch# sh conf Switch# show configuration OL-8603-04 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 54
    keep this packet Understanding Abbreviated Commands You need to enter only enough characters for the switch to recognize the command as unique. This example shows how to enter the show sets variables to their default values. Catalyst 2960 Switch Software Configuration Guide 2-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 55
    Beginning with Cisco IOS Release 12.2(25)SED, you can log and view changes to the switch configuration. cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1e81. html Note Only CLI or HTTP changes are logged. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 56
    of the terminal history global configuration command and the history line configuration command. 1. The arrow keys function only on ANSI-compatible terminals such as VT100s. Catalyst 2960 Switch Software Configuration Guide 2-6 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 57
    mode is automatically enabled, you can disable it, re-enable it, or configure a specific line to have enhanced editing. These procedures are optional. To globally disable enhanced editing the cursor back one character. left arrow key. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 2-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 58
    Esc L. Change the word at the cursor to lowercase. Press Esc U. Capitalize letters from the cursor to the end of the word. Designate a particular keystroke as Press Ctrl-V or Esc Q. an executable command, perhaps as a shortcut. Catalyst 2960 Switch Software Configuration Guide 2-8 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 59
    access-list global configuration command entry extends beyond one line. When the cursor first reaches the end of the line, the line is shifted ten spaces to the left and redisplayed. The dollar through Keystrokes" section on page 2-7. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 2-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 60
    on page 8-33. The switch supports up to five simultaneous secure SSH sessions. After you connect through the console port, through a Telnet session or through an SSH session, the user EXEC prompt appears on the management station. 2-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 61
    ) for the Catalyst 2960 switch by using a variety of automatic and manual methods. It also describes how to modify the switch startup configuration. Note For complete syntax and usage information for the commands used in this chapter, see the command reference for this release and the Cisco IOS IP
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 62
    reset or power-on. The boot loader also provides trap-door access into the system if the operating system has problems serious enough switch configuration steps, manually configure the switch. Otherwise, use the setup program described previously. Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 63
    Manually Assigning IP Information, page 3-10 Default Switch Information Table 3-1 shows the default switch information. Table 3-1 Default Switch DHCP-based autoconfiguration replaces the BOOTP client functionality on your switch. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 3-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 64
    the client has had a chance to formally request the address. If the switch accepts replies from a BOOTP server and configures itself, the switch broadcasts, instead of unicasts, TFTP requests to obtain the switch configuration file. Catalyst 2960 Switch Software Configuration Guide 3-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 65
    switch is not configured. If the router IP address or the TFTP server name are not found, the switch might send broadcast, instead of unicast, TFTP requests. Unavailability of other lease options does not affect autoconfiguration. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 3-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 66
    an interface to the destination host. If the relay device is a Cisco router, enable IP routing (ip routing global configuration command), and configure helper addresses by using the ip helper-address interface configuration command. Catalyst 2960 Switch Software Configuration Guide 3-6 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 67
    Switch (DHCP client) Cisco switch sends a unicast message to the TFTP server to retrieve the network-confg or cisconet.cfg default configuration file. (If the network-confg file cannot be read, the switch reads the cisconet.cfg file.) OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 68
    255.255.0 10.0.0.10 10.0.0.2 tftpserver or 10.0.0.3 Switch C 00e0.9f1e.2003 10.0.0.23 255.255.255.0 10.0.0.10 10.0.0.2 tftpserver or 10.0.0.3 Switch D 00e0.9f1e.2004 10.0.0.24 255.255.255.0 10.0.0.10 10.0.0.2 tftpserver or 10.0.0.3 Catalyst 2960 Switch Software Configuration Guide 3-8 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 69
    server. • If no configuration filename is given in the DHCP server reply, Switch A reads the network-confg file from the base directory of the TFTP Switches B through D retrieve their configuration files and IP addresses in the same way. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 70
    # show running-config Building configuration... Current configuration: 1363 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch A ! 3-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 71
    Specific Software Image, page 3-14 • Controlling Environment Variables, page 3-14 See also Appendix B, "Working with the Cisco IOS File System, Configuration Files, and Software Images," for information about switch configuration files. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 72
    switch attempts to load and execute the first executable image it can by performing a recursive, depth-first search throughout the flash file system. The Cisco IOS config-file flash:/file-url Step 3 end Step 4 show boot Step 5 copy Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 73
    terminal boot manual end show boot Step 5 copy running-config startup-config Purpose Enter global configuration mode. Enable the switch to manually boot up disable manual booting, use the no boot manual global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 3-
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 74
    filesystem:/file-url end show boot copy running-config startup-config Purpose Enter global configuration mode. Configure the switch to boot a specific image in flash environment variables are predefined and have default values. 3-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 75
    manually boot up the switch from the boot loader mode. Enables manually booting up the switch Cisco IOS uses to read and write a nonvolatile copy of the system configuration. This command changes the CONFIG_FILE environment variable. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 76
    reload. This example shows how to reload the software on the switch on the current day at 7:30 p.m: Switch# reload at 19:30 Reload scheduled for 19:30:00 UTC Wed Jun 5 1996 (in 2 hours and 25 minutes) Proceed with reload? [confirm] 3-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 77
    on the switch, use the show reload privileged EXEC command. It displays reload information including the time the reload is scheduled to occur and the reason for the reload (if it was specified when the reload was scheduled). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 3-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 78
    Scheduling a Reload of the Software Image Chapter 3 Assigning the Switch IP Address and Default Gateway 3-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 79
    , the Configuration Engine supports an embedded Directory Service. In this mode, no external directory or other data store is required. In server mode, the Configuration Engine supports the use of a user-defined external directory. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 4-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 80
    protocol (LDAP) URLs that reference the device-specific configuration information stored in a directory. The Cisco IOS agent can perform a syntax check on received of a synchronization event from the configuration server. Catalyst 2960 Switch Software Configuration Guide 4-2 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 81
    the switch must match the ConfigID for the corresponding switch definition on the Configuration Engine. The ConfigID is fixed at startup time and cannot be changed until the device restarts, even if the switch hostname is reconfigured. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 82
    Engine, see the Configuration Engine setup and configuration guide at this URL on cisco.com: http://www.cisco.com/en/US/products/sw/netmgtsw/ps4617/products_installation_and_configuration_ guide_book09186a00803b59db.html Catalyst 2960 Switch Software Configuration Guide 4-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 83
    by using DHCP-based autoconfiguration. Figure 4-2 Initial Configuration Overview Configuration Engine V WAN TFTP server DHCP server Distribution layer DHCP relay agent default gateway Access layer switches 141328 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 4-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 84
    for instructions: • Enabling the CNS Event Agent, page 4-8 • Enabling the Cisco IOS CNS Agent, page 4-9 Enabling Automated CNS Configuration To enable automated CNS configuration of the switch, you must first complete the prerequisites in Table 4-1. When you complete them, power on the switch. At
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 85
    Configuration Engine, see the Cisco Configuration Engine Installation and Setup Guide, 1.5 for Linux at this URL: http://www.cisco.com/en/US/products/sw/netmgtsw/ps4617/products_installation_and_configuration_ guide_book09186a00803b59db.html OL-8603-04 Catalyst 2960 Switch Software Configuration
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 86
    event agent, set the IP address gateway to 10.180.1.27, set 120 seconds as the keepalive interval, and set 10 as the retry count. Switch(config)# cns event 10.180.1.27 keepalive 120 10 Catalyst 2960 Switch Software Configuration Guide 4-8 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 87
    & generates the command ip route 0.0.0.0 0.0.0.0 FastEthernet0/1. Return to global configuration mode. Enter the hostname for the switch. Establish a static route to the Configuration Engine whose IP address is network-number. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 4-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 88
    syntax-check to check the syntax when this parameter is entered. Note Though visible in the command-line help string, the encrypt keyword is not supported. end Return to privileged EXEC mode. 4-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 89
    keyword is not supported. Return to privileged Cisco IOS agent, use the no cns config partial {ip-address | hostname} global configuration command. To cancel a partial configuration, use the cns config cancel privileged EXEC command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 90
    . Displays statistics about the Cisco IOS agent. Displays the status of the CNS event agent connections. Displays statistics about the CNS event agent. Displays a list of event agent subjects that are subscribed to by applications. 4-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 91
    on Catalyst 2960 switch clusters. It also includes guidelines and limitations for clusters mixed with other cluster-capable Catalyst switches, but it does not provide complete descriptions of the cluster features for these other switches. For complete cluster information for a specific Catalyst
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 92
    and Cluster Capability Switch Catalyst 3750 Catalyst 3560 Catalyst 3550 Catalyst 2970 Catalyst 2960 Catalyst 2955 Catalyst 2950 Catalyst 2950 LRE Catalyst 2940 Catalyst 3500 XL Catalyst 2900 XL (8-MB switches) Catalyst 2900 XL (4-MB switches) Catalyst 1900 and 2820 Cisco IOS Release 12.1(11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 93
    " section on page 5-13). To join a cluster, a candidate switch must meet these requirements: • It is running cluster-capable software. • It has CDP version 2 enabled. • It is not a command or cluster member switch of another cluster. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 94
    , refer to the software configuration guide for that specific switch. This requirement does not apply if you have a Catalyst 2970, Catalyst 3550, Catalyst 3560, or Catalyst 3750 cluster command switch. Candidate and cluster member switches can connect through any VLAN in common with the cluster
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 95
    . Figure 5-1 Discovery Through CDP Hops Command device VLAN 16 Member device 8 Member device 9 Device 11 candidate device Edge of cluster VLAN 62 Member device 10 Device 12 Device 13 Candidate devices Device 14 Device 15 101321 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 96
    switch through their management VLAN. For information about discovery through management VLANs, see the "Discovery Through Different Management VLANs" section on page 5-7. For more information about VLANs, see Chapter 12, "Configuring VLANs." Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 97
    management VLAN 4) because they are not connected through a common VLAN (meaning VLANs 62 and 9) with the cluster command switch • Switch 9 because automatic discovery does not extend beyond a noncandidate device, which is switch 7 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 98
    to VLANs 9 and 16. When new cluster-capable switches join the cluster: • One cluster-capable switch and its access port are assigned to VLAN 9. • The other cluster-capable switch and its access port are assigned to management VLAN 16. Catalyst 2960 Switch Software Configuration Guide 5-8 OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 99
    Switches Command device VLAN 9 Device A AP VLAN 9 New (out-of-box) candidate device VLAN 16 Device B AP VLAN 16 New (out-of-box) candidate device 101325 HSRP and Standby Cluster Command Switches The switch interval is 3 seconds. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 100
    command switch is a Catalyst 2960 switch, the standby cluster command switches must also be Catalyst 2960 switches. Refer to the switch configuration guide of other cluster-capable switches for their requirements on standby cluster command switches. If your switch cluster has a Catalyst 2960 switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 101
    information (but not device-configuration information) to the standby cluster command switch. This ensures that the standby cluster command switch can take over the cluster immediately after the active cluster command switch fails. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 102
    assign a host name to either a cluster command switch or an eligible cluster member. However, a hostname assigned to the cluster command switch can help to identify the switch cluster. The default hostname for the switch is Switch. 5-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 103
    about SNMP and community strings, see Chapter 26, "Configuring SNMP." For SNMP considerations specific to the Catalyst 1900 and Catalyst 2820 switches, refer to the installation and configuration guides specific to those switches. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 104
    switch. The Cisco IOS commands then operate as usual. For instructions on configuring the switch for a Telnet session, see the "Disabling Password Recovery" section on page 8-5. Catalyst 1900 and Catalyst 2820 CLI Considerations If your switch cluster has Catalyst 1900 and Catalyst 2820 switches
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 105
    , as shown in Figure 5-7. If a cluster member switch has its own IP address and community strings, the cluster member switch can send traps directly to the management station, without going through the cluster command switch. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 5-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 106
    about SNMP and community strings, see Chapter 26, "Configuring SNMP." Figure 5-7 SNMP Management for a Cluster SNMP Manager Command switch Trap 1, Trap 2, Trap 3 Trap Trap 33020 Trap Member 1 Member 2 Member 3 5-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 107
    Clock The heart of the time service is the system clock. This clock runs from the moment the system starts up and keeps track of the date and time. The system clock can then be set from these sources: • NTP • Manual configuration OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 108
    . Cisco's implementation of NTP does not support stratum 1 service; it is not possible to connect to a radio or atomic clock. We recommend that the time service for your network be derived from the public NTP servers available on the IP Internet. Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 109
    synchronize themselves when an external NTP source is not available. The switch also has no hardware support for a calendar. As a result, the ntp update-calendar and the ntp master global configuration commands are not available. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 110
    Configuration Feature NTP authentication NTP peer or server associations NTP broadcast service NTP access restrictions NTP packet source IP address Default Setting the NTP authentication feature, which is disabled by default. Catalyst 2960 Switch Software Configuration Guide 6-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 111
    this switch can either synchronize to the other device or allow the other device to synchronize to it), or it can be a server association (meaning that only this switch synchronizes to the other device, and not the other way around). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 112
    configuration file. You need to configure only one end of an association; the other device can automatically Version 2: Switch(config)# ntp server 172.16.22.44 version 2 Configuring NTP Broadcast Service The communications between Catalyst 2960 Switch Software Configuration Guide 6-6 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 113
    address, specify the IP address of the peer that is synchronizing its clock to this switch. end Return to privileged EXEC mode. show running-config Verify your entries. copy running-config . Return to global configuration mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 114
    allow the switch to synchronize to the remote device. • peer-Allows time requests and NTP control queries and allows the switch to synchronize to the remote device. For access-list-number, enter a standard IP access list number from 1 to 99. Catalyst 2960 Switch Software Configuration Guide 6-8 OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 115
    switch NTP services, Switch# configure terminal Switch(config)# ntp access-group peer 99 Switch(config)# ntp access-group serve-only 42 Switch(config)# access-list 99 permit 172.20.130.5 Switch(config)# access list 42 permit 172.20.130.6 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 116
    destinations. If a source address is to be used for a specific association, use the source keyword in the ntp peer or ntp server global configuration command as described in the "Configuring NTP Associations" section on page 6-5. 6-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 117
    in the month. • For month, specify the month by name. • For year, specify the year (no abbreviation). This example shows how to manually set the system clock to 1:32 p.m. on July 23, 2001: Switch# clock set 13:32:00 23 July 2001 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 118
    in privileged EXEC mode, follow these steps to manually configure the time zone: Step 1 Step 2 Command end show running-config copy running-config startup-config Purpose Enter global configuration mode. Set the time zone. The switch Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 119
    shows how to specify that summer time starts on the first Sunday in April at 02:00 and ends on the last Sunday in October at 02:00: Switch(config)# clock summer-time PDT recurring 1 Sunday April 2:00 last Sunday October 2:00 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 120
    end on Cisco.com page, select Documentation > Cisco IOS Software > 12.2 Mainline > Command References and see the Cisco IOS Configuration Fundamentals Command Reference and the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols. 6-14 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 121
    com domain name, so its domain name is cisco.com. A specific device in this domain, for example, the File Transfer Protocol (FTP) system is identified as ftp.cisco.com. To keep track of domain names, network, and enable the DNS. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 122
    ip name-server server-address1 [server-address2 ... server-address6] ip domain-lookup end Purpose Enter global configuration mode. Define a default domain name that the software uses scheme (DNS). Return to privileged EXEC mode. 6-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 123
    ip domain-name global configuration command. If there is a period (.) in the hostname, the Cisco IOS software looks up the IP address without appending any default domain name to the hostname. To login banners are not configured. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 124
    configure terminal banner motd c message c Step 3 Step 4 Step 5 end show running-config copy running-config startup-config Purpose Enter global configuration mode , contact technical support. User Access Verification Password: 6-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 125
    associated VLAN ID, and port number associated with the address and the type (static or dynamic). Note For complete syntax and usage information for the commands used in this section, see the command reference for this release. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 126
    to port 1 in VLAN 1 and ports 9, 10, and 1 in VLAN 5. Each VLAN maintains its own logical address table. A known address in one VLAN is unknown in another until it is learned or statically associated with a port in the other VLAN. 6-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 127
    entries in the configuration file. To return to the default value, use the no mac address-table aging-time global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 128
    notification-type, use the mac-notification keyword. snmp-server enable traps mac-notification Enable the switch to send MAC address traps to the NMS. mac address-table notification Enable the MAC address notification feature. 6-22 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 129
    /2 Switch(config-if)# snmp trap mac-notification added You can verify the previous commands by entering the show mac address-table notification interface and the show mac address-table notification privileged EXEC commands. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 130
    table. When a packet is received in VLAN 4 with this MAC address as its destination address, the packet is forwarded to the specified port: Switch(config)# mac address-table static c2f3.220a.12f4 vlan 4 interface gigabitethernet0/1 6-24 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 131
    enabled, the switch drops packets with specific source or destination MAC addresses. This feature is disabled by default and only supports unicast static mac address-table static mac-addr vlan vlan-id global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 6-25
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 132
    ARP entries added manually to the table do not age and must be manually removed. Note For CLI procedures, see the Cisco IOS Release 12.2 documentation from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline. 6-26 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 133
    supported in each template. Table 7-1 Approximate Number of Feature Resources Allowed by Each Template Resource Unicast MAC addresses IPv4 IGMP groups IPv4 unicast routes Default QoS Dual 8 K 8 K 8 K 256 256 256 0 0 0 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 134
    in privileged EXEC mode, follow these steps to use the SDM template to maximize feature usage: Command Step 1 configure terminal Purpose Enter global configuration mode. Catalyst 2960 Switch Software Configuration Guide 7-2 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 135
    default | dual-ipv4-and-ipv6 default | qos} end reload Purpose Specify the SDM template to be used on the switch: The keywords have these meanings: • default-Gives display the resource numbers supported by the specified template. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 7-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 136
    .Displaying the SDM Templates Chapter 7 Configuring SDM Templates Catalyst 2960 Switch Software Configuration Guide 7-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 137
    privilege levels, you can also assign a specific privilege level (with associated rights and privileges) to each username and password pair. For more information, see the "Configuring Username and Password Pairs" section on page 8-6. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 138
    used in this section, see the Cisco IOS Security Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command is written to the configuration file. No password is defined. Catalyst 2960 Switch Software Configuration Guide 8-2 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 139
    1 Step 2 Command configure terminal enable password password Step 3 Step 4 Step 5 end show running-config copy running-config startup-config Purpose Enter global configuration mode. Define a cannot be in effect simultaneously. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 140
    service password-encryption Step 4 Step 5 end only type 5, a Cisco proprietary encryption algorithm, keyword to define a password for a specific privilege level. After you specify the service password-encryption global configuration command. Catalyst 2960 Switch Software Configuration Guide 8-4 OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 141
    Disabling password recovery will not work if you have set the switch to boot up manually by using the boot manual global configuration command. This command produces the boot loader prompt (switch:) after the switch is power cycled. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 142
    ports and authenticate each user before that user can access the switch. If you have defined privilege levels, you can also assign a specific privilege level (with associated rights and privileges) to each username and password pair. Catalyst 2960 Switch Software Configuration Guide 8-6 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 143
    or line vty 0 15 login local end show running-config copy running-config startup . To disable username authentication for a specific user, use the no username name Privilege Levels By default, the Cisco IOS software has two modes of password -04 Catalyst 2960 Switch Software Configuration Guide 8-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 144
    privilege mode level level command enable password level level password end show running-config or show privilege copy running-config startup- Switch(config)# privilege exec level 14 configure Switch(config)# enable password level 14 SecretPswd14 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 145
    Command configure terminal line vty line privilege level level Step 4 Step 5 Step 6 end show running-config or show privilege copy running-config startup-config Purpose Enter global configuration . For level, the range is 0 to 15. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 146
    the Cisco IOS Security service. Your switch can be a network access server along with other Cisco routers and access servers. A network access server provides connections to a single user, to a network or subnetwork, and to interconnected networks as shown in Figure 8-1. 8-10 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 147
    switch and the TACACS+ daemon, and it ensures confidentiality because all protocol exchanges between the switch and the TACACS+ daemon are encrypted. You need a system running the TACACS+ daemon software to use TACACS+ on your switch. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 148
    services • Connection parameters, including the host or client IP address, access list, and user timeouts Configuring TACACS+ This section describes how to configure your switch to support TACACS method listed to authenticate, to 8-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 149
    of the configured server hosts and use them for a particular service. The server group is used with a global server-host switch and the TACACS+ daemon. You must configure the same key on the TACACS+ daemon for encryption to be successful. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 150
    end show tacacs copy running-config startup-config Purpose Enable AAA. (Optional) Define the AAA server-group with a group name. This command puts the switch ; it must be applied to a specific port before any of the defined authentication Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 151
    TACACS+ authentication for logins or to return to the default value, use the no login authentication {default | list-name} line configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 152
    Cisco IOS Security Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 153
    > Cisco IOS Software > 12.2 Mainline > Command References. These sections contain this configuration information: • Understanding RADIUS, page 8-18 • RADIUS Operation, page 8-19 • Configuring RADIUS, page 8-19 • Displaying the RADIUS Configuration, page 8-31 OL-8603-04 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 154
    in which applications support the RADIUS the start and end of services, showing the Cisco device if the non-Cisco device requires authentication. • Networks using a variety of services. RADIUS generally binds a user to one service model. 8-18 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 155
    EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts Configuring RADIUS This section describes how to configure your switch to support RADIUS. the initial method fails. The OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 156
    accounting services, the %RADIUS-4-RADIUS_DEAD message appears, and then the switch tries the second host entry configured on the same device for accounting services. (The RADIUS host entries are tried in the order that they are configured.) 8-20 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 157
    for All RADIUS Servers" section on page 8-29. You can configure the switch to use AAA server groups to group existing server hosts for authentication. For more information, see the "Defining AAA Server Groups" section on page 8-25. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 158
    spaces are ignored, but spaces within and at the end of the key are used. If you use spaces in Switch(config)# radius-server host 172.29.36.49 auth-port 1612 key rad1 Switch(config)# radius-server host 172.20.36.50 acct-port 1618 key rad2 8-22 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 159
    performed and the sequence in which they are performed; it must be applied to a specific port before any of the defined authentication methods are performed. The only exception is the Enter global configuration mode. Enable AAA. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 160
    list created with the aaa authentication login command. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. 8-24 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 161
    server by its IP address or identify multiple host instances or entries by using the optional auth-port and acct-port keywords. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-25
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 162
    command. Leading spaces are ignored, but spaces within and at the end of the key are used. If you use spaces in your with the specific RADIUS host. Enable AAA. Define the AAA server-group with a group name. This command puts the switch in Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 163
    User Privileged Access and Network Services AAA authorization limits the services available to a user. When AAA authorization is enabled, the switch uses information retrieved from the user if authorization has been configured. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-27
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 164
    the end. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. To disable accounting, use the no aaa accounting {network | exec} {start-stop} method1... global configuration command. 8-28 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 165
    TACACS+ authorization can then be used for RADIUS. For example, this AV pair activates Cisco's multiple named ip address pools feature during IP authorization (during PPP IPCP address assignment): cisco-avpair= "ip:addr-pool=first" OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-29
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 166
    about vendor-specific attribute 26, see the "RADIUS Attributes" appendix in the Cisco IOS Security Configuration Guide, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. 8-30 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 167
    : Switch(config)# radius-server host 172.20.30.15 nonstandard Switch(config)# radius-server key rad124 Displaying the RADIUS Configuration To display the RADIUS configuration, use the show running-config privileged EXEC command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-31
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 168
    Configure user AAA authorization for all network-related service requests. username name [privilege level] Enter be the last option specified in the username command. end Return to privileged EXEC mode. show running-config Verify Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 169
    a switch running the SSH server. The SSH server works with the SSH client supported in this release and with non-Cisco SSH clients. The SSH client also works with the SSH server supported in this release and with non-Cisco SSH servers. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 170
    Setting Up the Switch to Run SSH" section on page 8-35. • When generating the RSA key pair, the message No host name specified might appear. If it does, you must configure a hostname by using the hostname global configuration command. 8-34 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 171
    end switch. (Optional) Save your entries in the configuration file. To delete the RSA key pair, use the crypto key zeroize rsa global configuration command. After the RSA key pair is deleted, the SSH server is automatically disabled. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 172
    5 Step 6 Step 7 end show ip ssh or show ssh switch. (Optional) Save your entries in the configuration file. To return to the default SSH control parameters, use the no ip ssh {timeout | authentication-retries} global configuration command. 8-36 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 173
    Server and Client with SSL 3.0" feature description for Cisco IOS Release 12.2(15)T at this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a008015a4c6 begins with https:// instead of http://. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-37
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 174
    devices. These services provide centralized security key and certificate management for the participating devices. Specific CA servers are IOS-Self-Signed-Certificate-3080755072 revocation-check none rsakeypair TP-self-signed-3080755072 ! ! 8-38 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 175
    used for both key generation and authentication on SSL connections. This usage is independent of whether or not a CA trustpoint is configured. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 8-39
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 176
    required for security keys and certificates. Specify the IP domain name of the switch (required only if you have not previously configured an IP domain name). The the URL to which the switch should send certificate requests. 8-40 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 177
    15 end show crypto ca trustpoints copy running-config startup-config Purpose (Optional) Configure the switch to obtain HTTP server to determine if the secure HTTP server feature is supported in the software. You should see one of these lines Catalyst 2960 Switch Software Configuration Guide 8-41
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 178
    both support. minutes). • life-the maximum time 12 end switch. If you configure a port other than the default port, you must also specify the port number after the URL. For example: https://209.165.129:1026 or https://host.domain.com:1026 8-42 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 179
    -cbc-sha]} end show ip http they both support. This is specification switch configurations or switch image files. SCP relies on Secure Shell (SSH), an application and a protocol that provides a secure replacement for the Berkeley r-tools. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 180
    and verify SCP, see the "Secure Copy Protocol" chapter of the Cisco IOS New Features, Cisco IOS Release 12.2, at this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087b18 .html 8-44 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 181
    in the Cisco IOS Security Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > to a switch port before making available any services offered by the switch or the LAN Host Mode, page 9-7 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 9-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 182
    1x Authentication with Voice VLAN Ports, page 9-14 service is transparent to the client. In this release, the RADIUS security system with Extensible Authentication Protocol (EAP) extensions is the only supported authentication server. It is available Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 183
    by putting the port in the critical-authentication state in the RADIUS-configured or the user-specified access VLAN. Note Inaccessible authentication bypass is also referred to as critical authentication or the AAA fail policy. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 9-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 184
    restricted VLAN. Assign the port to a VLAN. Assign the port to Assign the port to a VLAN. a guest VLAN.1 Done You can configure the re-authentication timer to use a switch-specific value or to be based on values from the RADIUS Catalyst 2960 Switch Software Configuration Guide 9-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 185
    The specific exchange of EAP frames depends on the authentication method being used. Figure 9-3 shows a message exchange initiated by the client when the client uses the One-Time-Password (OTP) authentication method with a RADIUS server. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 186
    Message Exchange During MAC Authentication Bypass Switch Authentication server (RADIUS) EAPOL Request/Identity EAPOL Request/Identity EAPOL Request/Identity Ethernet packet RADIUS Access/Request RADIUS Access/Accept 141681 Catalyst 2960 Switch Software Configuration Guide 9-6 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 187
    is configured as a voice VLAN port, the port allows The switch cannot provide authentication services to the replaced with another client, the switch changes the port link state to down, and the port returns to the unauthorized state. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 188
    for IEEE 802.1x accounting. Three types of RADIUS accounting packets are sent by a switch: • START-sent when a new user session starts • INTERIM-sent during an existing session for updates • STOP-sent when a session terminates Catalyst 2960 Switch Software Configuration Guide 9-8 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 189
    the switch port. The RADIUS server database maintains the username-to-VLAN mappings, assigning the VLAN based on the username of the client connected to the switch port. You can use this feature to limit network access for certain users. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 190
    into the configured access VLAN. The IEEE 802.1x authentication with VLAN assignment feature is not supported on trunk ports, VLAN assignment feature is automatically enabled when you configure IEEE 802.1x authentication on an access port). 9-10 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 191
    , the switch waits for an Ethernet packet from the client. The switch sends the authentication server a RADIUS-access/request frame with a username and password based on the MAC address. If authorization succeeds, the switch grants the OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 192
    VLAN except an RSPAN VLAN or a voice VLAN as an IEEE 802.1x restricted VLAN. The restricted VLAN feature is not supported on trunk ports; it is supported VLAN. For more information, see the "Configuring a Restricted VLAN" section on page 9-31. 9-12 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 193
    clients to the guest VLAN if one is configured. - If all the RADIUS servers are not available and if a client is connected to a critical port and was previously assigned to a guest VLAN, the switch keeps the port in the guest VLAN. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 9-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 194
    VLAN is configured and to which a Cisco IP Phone is connected, the Cisco IP phone loses connectivity to the switch for up to 30 seconds. For more information about voice VLANs, see Chapter 14, "Configuring Voice VLAN on a port, 9-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 195
    you manually voice VLAN can be powered when the switch receives a specific Ethernet switch continues to block ingress traffic other than EAPOL packets. The host can receive packets but cannot send packets to other devices in the network. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 196
    out, the switch uses the MAC authentication bypass feature to initiate re-authorization. For more information about these AV pairs, see RFC 3580, "IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines." 9-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 197
    a web browser to authenticate a client that does not support IEEE 802.1x functionality. This feature can authenticate up to eight users on the same shared port and apply the appropriate policies for each end host on a shared port. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 9-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 198
    support IEEE 802.1x authentication. Web authentication requires two Cisco IP address replaces the any support IEEE 802.1x or web browser functionality. This allows end Manually Re-Authenticating a Client Connected to a Port, page 9-26 (optional) 9-18 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 199
    that the switch restarts the authentication process before the port changes to the unauthorized state). 60 seconds (number of seconds that the switch remains in the quiet state following a failed authentication exchange with the client). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 200
    If the VLAN to which an IEEE 802.1x port is assigned to shut down, disabled, or removed, the port becomes unauthorized. For example, the port is unauthorized after the access VLAN to which a port is assigned shuts down or is removed. 9-20 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 201
    (VLAN supported on IEEE 802.1x port in single-host mode and multihosts mode. - If the client is running Windows XP and the port to which the client is connected is in the critical-authentication state, Windows XP might report that the interface is not authenticated. OL-8603-04 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 202
    Cisco IOS service requests. This is the IEEE 802.1x AAA process: Step 1 Step 2 Step 3 A user connects to a port on the switch. Authentication is performed. VLAN assignment is enabled, as appropriate, based on the RADIUS server configuration. 9-22 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 203
    11 Step 12 Step 13 end show dot1x copy running-config supported. Enable IEEE 802.1x authentication globally on the switch. (Optional) Configure the switch to use user-RADIUS authorization for all network-related service requests, such as VLAN Catalyst 2960 Switch Software Configuration Guide 9-23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 204
    retransmit, and the radius-server key global configuration commands. For more information, see the "Configuring Settings for All RADIUS Servers" section on page 8-29. 9-24 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 205
    access server to recognize and use vendor-specific attributes (VSAs). interface interface-id Specify the specified interface. switchport voice vlan vlan-id (Optional) Configure the voice VLAN. end Return to privileged EXEC mode. 8603-04 Catalyst 2960 Switch Software Configuration Guide 9-25
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 206
    Switch(config-if)# dot1x reauthentication Switch(config-if)# dot1x timeout reauth-period 4000 Manually Re-Authenticating a Client Connected to a Port You can manually re-authenticate the client connected to a specific the default. 9-26 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 207
    Step 4 Step 5 Step 6 end show dot1x interface interface-id copy specific behavioral problems with certain clients and authentication servers. Beginning in privileged EXEC mode, follow these steps to change the amount of time that the switch Catalyst 2960 Switch Software Configuration Guide 9-27
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 208
    to the unauthorized state. Note You should change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers. 9-28 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 209
    Step 6 end show switch. This procedure is optional. Step 1 Step 2 Command configure terminal interface interface-id Purpose Enter global configuration mode. Specify the port to be configured, and enter interface configuration mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 210
    range is 1 to 4094. You can configure any active VLAN except an RSPAN VLAN or a voice VLAN as an IEEE 802.1x guest VLAN. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. 9-30 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 211
    configuration command. The port returns to the unauthorized state. This example shows how to enable VLAN 2 as an IEEE 802.1x restricted VLAN: Switch(config)# interface gigabitethernet0/2 Switch(config-if)# dot1x auth-fail vlan 2 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 9-31
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 212
    max-attempts interface configuration command. This example shows how to set 2 as the number of authentication attempts allowed before the port moves to the restricted VLAN: Switch(config-if)# dot1x auth-fail max-attempts 2 9-32 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 213
    . The switch dynamically determines the default tries parameter that is 10 to 100. (Optional) Set the number of minutes that a RADIUS server is not sent requests. The range is from 0 to 1440 minutes (24 hours). The default is 0 minutes. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 214
    command syntax because leading spaces are ignored, but spaces within and at the end of the key are used. If you use spaces in the key, supported port types, see the "IEEE 802.1x Authentication Configuration Guidelines" section on page 9-20. 9-34 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 215
    recovery action reinitialize | vlan vlan-id] Step 8 Step 9 Step 10 end show dot1x [interface to be configured, and enter interface configuration mode. For the supported port types, see the "IEEE 802.1x Authentication Configuration Guidelines Catalyst 2960 Switch Software Configuration Guide 9-35
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 216
    , and enter interface configuration mode. For the supported port types, see the "IEEE 802.1x configure the switch to use EAP for authorization. Step 5 Step 6 Step 7 end show dot1x Switch(config-if)# dot1x mac-auth-bypass 9-36 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 217
    2 IEEE 802.1x Validation In Cisco IOS Release 12.2(25)SED or later, Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# dot1x reauthentication Switch(config-if)# dot1x timeout reauth-period server OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 218
    group radius Switch(config)# radius-server host 1.1.1.2 key key1 Switch(config)# radius-server attribute 8 include-in-access-req Switch(config)# radius-server vsa send authentication Switch(config)# ip device tracking Switch(config) end 9-38 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 219
    6 Step 7 Step 8 Step 9 ip admission rule end show running-config interface interface-id copy running-config startup information, see the Network Admission Control Software Configuration Guide on Cisco.com. Specify the port to be configured, and Catalyst 2960 Switch Software Configuration Guide 9-39
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 220
    . Disable IEEE 802.1x authentication on the port. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. 9-40 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 221
    -id dot1x default end show dot1x interface specific port, use the show dot1x interface interface-id privileged EXEC command. For detailed information about the fields in these displays, see the command reference for this release. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 222
    Displaying IEEE 802.1x Statistics and Status Chapter 9 Configuring IEEE 802.1x Port-Based Authentication 9-42 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 223
    characteristics. These sections describe the interface types: • Port-Based VLANs, page 10-2 • Switch Ports, page 10-2 • EtherChannel Port Groups, page 10-3 • Dual-Purpose Uplink Ports, page 10-4 • Connecting Interfaces, page 10-4 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 10-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 224
    with no VLAN tagging. Traffic arriving on an access port is assumed to belong to the VLAN assigned to the port. If an access port receives a tagged packet (IEEE 802.1Q tagged), the packet is dropped, and the source address is not learned. 10-2 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 225
    access ports on the switch are assigned to a VLAN by a VLAN Membership Policy Server (VMPS). The VMPS can be a Catalyst 6500 series switch; the Catalyst 2960 switch cannot be a VMPS server. You can also configure an access port with an attached Cisco IP Phone to use one VLAN for voice traffic and
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 226
    Cisco router Switch Host A Host B VLAN 20 VLAN 30 Using Interface Configuration Mode The switch supports these interface types: • Physical ports-switch ports • VLANs-switch virtual interfaces • Port channels-EtherChannel interfaces 10-4 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 227
    for 10/100 Mb/s Ethernet, Gigabit Ethernet (gigabitethernet or gi) for 10/100/1000 Mb/s Ethernet ports, or small form-factor pluggable (SFP) module Gigabit Ethernet interfaces. • Module number-The module or slot number on the switch (always 0 on the Catalyst 2960 switch). • Port number-The interface
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 228
    end vlan vlan-ID, where the VLAN ID is 1 to 4094 Note Although the command-line interface shows options to set multiple VLANs, these options are not supported. - fastethernet module/{first port} - {last port}, where the module is always 0 10-6 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 229
    defined in a range must be the same type (all Fast Ethernet ports, all Gigabit Ethernet ports, all EtherChannel ports, or all VLANs), but you can enter multiple ranges in a command. This example command to define the macro. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 10-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 230
    as interface-ranges. • All interfaces defined as in a range must be the same type (all Fast Ethernet ports, all Gigabit Ethernet ports, all EtherChannel ports, or all VLANs), but you can combine multiple interface types in a macro. 10-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 231
    the port, see Chapter 19, "Configuring Port-Based Traffic Control." Table 10-1 Default Layer 2 Ethernet Interface Configuration Feature Allowed VLAN range Default VLAN (for access ports) Default Setting VLANs 1 to 4094. VLAN 1. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 10-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 232
    . This is regardless of whether auto-MIDX is enabled on the switch port. Keepalive messages Disabled on SFP module ports; enabled on all other ports. Setting the Type of a Dual-Purpose Uplink Port Some Catalyst 2960 switches support dual-purpose uplink ports. For more information, see the "Dual
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 233
    If the link goes down, the switch disables the RJ-45 side and selects the SFP module interface. • When the 100BASE-x SFP module is removed, the switch again dynamically selects the type (auto-select) and re-enables the RJ-45 side. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 10-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 234
    and full). However, Gigabit Ethernet ports operating at 1000 Mb/s do not support half-duplex mode. • For SFP module ports, the speed and duplex CLI options change depending on the SFP module type: - The the reconfiguration. 10-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 235
    speed 10 Switch(config-if)# duplex half This example shows how to set the interface speed to 100 Mb/s on a 10/100/1000 Mb/s port: Switch# configure terminal Switch(config)# interface gigabitethernet0/2 Switch(config-if)# speed 100 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 10-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 236
    Flow control enables connected Ethernet ports to control traffic rates during congestion by allowing congested nodes to pause link operation at the other end. If one port experiences Save your entries in the configuration file. 10-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 237
    is supported on all 10/100 and 10/100/1000-Mb/s interfaces. It is not supported on 1000BASE-SX or -LX SFP module interfaces on the interface. end Return to privileged EXEC mode. show controllers ethernet-controller Verify the operational Catalyst 2960 Switch Software Configuration Guide 10-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 238
    operating at 10 or 100 Mb/s by using the system mtu global configuration command. You can increase the MTU size to support jumbo frames on all Gigabit Ethernet interfaces by using the system mtu jumbo global configuration command. 10-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 239
    mtu 1800 Switch(config)# exit Switch# reload This example shows the response when you try to set Gigabit Ethernet interfaces to an out-of-range number: Switch(config)# system mtu jumbo 25000 ^ % Invalid input detected at '^' marker. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 10
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 240
    , the names and sources of configuration files, and the boot images. Display the operational state of the auto-MDIX feature on the interface. 10-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 241
    only a specific interface type from a specific interface terminal Enter global configuration mode. interface {vlan vlan-id} | {{fastethernet | gigabitethernet} Select shutdown Shut down an interface. end Return to privileged EXEC mode. Catalyst 2960 Switch Software Configuration Guide 10-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 242
    Monitoring and Maintaining the Interfaces Chapter 10 Configuring Interface Characteristics 10-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 243
    error recovery for link state failures. Use this interface configuration macro for increased network security and reliability when connecting a desktop device, such as a PC, to a switch port. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 11-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 244
    by using interface interface-id. This could cause commands that follow exit, end, or interface interface-id to execute in a different command mode. • When creating a macro, all CLI commands should be in the same configuration mode. 11-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 245
    required values by using the parameter value keywords. The Cisco-default macros use the $ character to help identify required keywords. There is no restriction on using the $ character to define keywords when you create a macro. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 11-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 246
    with one command per line. Use the @ character to end the macro. Use the # character at the beginning of Switch(config)# macro name test switchport access vlan $VLANID switchport port-security maximum $MAX #macro keywords $VLANID $MAX @ 11-4 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 247
    on a switch only by entering the no version of each command that is in the macro. You can delete a macro-applied configuration on an interface by entering the default interface interface-id interface configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 11-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 248
    Switch# show parser macro description Interface Macro Description Gi0/2 desktop-config This example shows how to apply the user-created macro called desktop-config and to replace all occurrences of VLAN 1 with VLAN 25: Switch(config-if)# macro apply desktop-config vlan 25 Applying Cisco
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 249
    inactivity # Configure port as an edge network port spanning-tree portfast spanning-tree bpduguard enable Switch# Switch# configure terminal Switch(config)# gigabitethernet0/4 Switch(config-if)# macro apply cisco-desktop $AVID 25 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 11-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 250
    parser macro description [interface interface-id] Purpose Displays all configured macros. Displays a specific macro. Displays the configured macro names. Displays the macro description for all interfaces or for a specified interface. 11-8 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 251
    , "Configuring STP." Note Before you create VLANs, you must decide whether to use VLAN Trunking Protocol (VTP) to maintain global VLAN configuration for your network. For more information on VTP, see Chapter 13, "Configuring VTP." OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 252
    Guidelines" section on page 12-5 for more information about the number of spanning-tree instances and the number of VLANs. The switch supports only IEEE 802.1Q trunking methods for sending VLAN traffic over Ethernet ports. 12-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 253
    Table 12-4 on page 12-15. When a port belongs to a VLAN, the switch learns and manages the addresses associated with the port on a per-VLAN basis. For more information, see the "Managing the MAC Address Table" section on page 6-19. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 254
    create a new normal-range VLAN or modify an existing VLAN in the VLAN database: • VLAN ID • VLAN name • VLAN type (Ethernet, Fiber Distributed Data Interface that control VLAN configuration, see the command reference for this release. 12-4 Catalyst 2960 Switch Software Configuration Guide OL-
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 255
    ports of that switch (which is to allow all VLANs), the new VLAN is carried on all trunk ports. Depending on the topology of the network, this could create a loop in the new VLAN that would not be broken, particularly if there OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 256
    file. You can enter the copy running-config startup-config privileged EXEC command to save the configuration in the startup configuration file. To display the VLAN configuration, enter the show vlan privileged EXEC command. 12-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 257
    (100000 plus the VLAN ID) 1 to 4294967294 MTU size 1500 1500 to 18190 Translational bridge 1 0 0 to 1005 Translational bridge 2 0 0 to 1005 VLAN state active active, suspend Remote SPAN disabled enabled, disabled OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 258
    example shows how to use config-vlan mode to create Ethernet VLAN 20, name it test20, and add it to the VLAN database: Switch# configure terminal Switch(config)# vlan 20 Switch(config-vlan)# name test20 Switch(config-vlan)# end 12-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 259
    a VLAN from a switch that is in VTP transparent mode, the VLAN is deleted only on that specific switch. You cannot delete the default VLANs for the different media types: Ethernet VLAN 1 and FDDI or Token Ring VLANs 1002 to 1005. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 260
    port). switchport access vlan vlan-id Assign the port to a VLAN. Valid VLAN IDs are 1 to 4094. end Return to privileged EXEC mode. show running-config interface interface-id Verify the VLAN membership mode of the interface. 12-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 261
    12-2 on page 12-7 for the default configuration for Ethernet VLANs. You can change only the MTU size and the remote SPAN configuration state on extended-range VLANs; all other characteristics must remain at the default state. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 262
    mode, follow these steps to create an extended-range VLAN: Step 1 Step 2 Command configure terminal vtp mode transparent Purpose Enter global configuration mode. Configure the switch for VTP transparent mode, disabling VTP. 12-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 263
    Command show show current [vlan-id] Command Mode VLAN database configuration VLAN database configuration Purpose Display status of VLANs in the VLAN database. Display status of all or the specified VLAN in the VLAN database. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 264
    interfaces and another networking device such as a router or a switch. Ethernet trunks carry the traffic of multiple VLANs over a single link, and you can extend the VLANs across an entire network. The Catalyst 2960 switch supports IEEE 802.1Q encapsulation. You can configure a trunk on a single
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 265
    -tree loops. We recommend that you leave spanning tree enabled on the native VLAN of an IEEE 802.1Q trunk or disable spanning tree on every VLAN in the network. Make sure your network is loop-free before you disable spanning tree. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 266
    VLAN range VLANs 1 to 4094 VLAN range eligible for pruning VLANs 2 to 1001 Default VLAN (for access ports) VLAN 1 Native VLAN (for IEEE 802.1Q trunks) VLAN 1 Configuring an Ethernet more than 40 trunk ports in MST mode. 12-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 267
    to support IEEE 802.1Q trunking. Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport mode dynamic desirable Switch(config-if)# end OL-8603-04 Catalyst 2960 Switch Software Configuration
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 268
    end Return to privileged EXEC mode. show interfaces interface-id switchport Verify your entries in the Trunking VLANs Enabled field of the display. copy running-config startup-config (Optional) Save your entries in the configuration file. 12-18 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 269
    can receive both tagged and untagged traffic. By default, the switch forwards untagged traffic in the native VLAN configured for the port. The native VLAN is VLAN 1 by default. Note The native VLAN can be assigned any VLAN ID. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 270
    connecting supported switches. In this example, the switches are configured as follows: • VLANs 8 through 10 are assigned a port priority of 16 on Trunk 1. • VLANs 3 through 6 retain the default port priority of 128 on Trunk 1. 12-20 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 271
    to the trunk ports configured on Switch A. When the trunk links come up, VTP passes the VTP and VLAN information to Switch B. Verify that Switch B has learned the VLAN configuration. Enter global configuration mode on Switch A. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 272
    vlan 8-10 port-priority 16 exit interface gigabitethernet0/2 spanning-tree vlan 3-6 port-priority 16 end Switch A. Define the interface to be configured as a trunk, and enter interface configuration mode. Configure the port as a trunk port. 12-22 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 273
    • "Configuring the VMPS Client" section on page 12-25 • "Monitoring the VMPS" section on page 12-28 • "Troubleshooting Dynamic-Access Port VLAN Membership" section on page 12-29 • "VMPS Configuration Example" section on page 12-29 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 274
    down on a dynamic-access port, the port returns to an isolated state and does not belong to a VLAN. Any hosts that come online through the port are checked again through the VQP with the VMPS before the port is assigned to a VLAN. 12-24 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 275
    be the same. • The VLAN configured on the VMPS server should not be a voice VLAN. Configuring the VMPS Client You configure dynamic VLANs by using the VMPS (server). The switch can be a VMPS client; it cannot be a VMPS server. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 12-25
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 276
    the end station, and enter interface configuration mode. Set the port to access mode. Configure the port as eligible for dynamic VLAN membership. The dynamic-access port must be connected to an end station. Return to privileged EXEC mode. 12-26 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 277
    VLAN reconfirmation status in the Reconfirm Interval field of the display. (Optional) Save your entries in the configuration file. To return the switch to its default setting, use the no vmps reconfirm global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 278
    reconfirmation interval expires, or you can force it by entering the vmps reconfirm privileged EXEC command or its Network Assistant or SNMP equivalent. 12-28 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 279
    Catalyst 6500 series Switch C and Switch J are secondary VMPS servers. • End stations are connected to the clients, Switch B and Switch I. • The database configuration file is stored on the TFTP server with the IP address 172.20.22.7. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 280
    End station 2 Switch H Dynamic-access port Catalyst 6500 series Secondary VMPS Server 3 172.20.26.157 Client switch I 172.20.26.158 Trunk port 172.20.26.159 Switch J 101363t Ethernet segment (Trunk link) TFTP server Router 172.20.22.7 12-30 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 281
    vlan user EXEC command shows the VLAN in a suspended state. VTP only learns about normal-range VLANs (VLAN IDs 1 to 1005). Extended-range VLANs (VLAN IDs greater than 1005) are not supported by VTP or stored in the VTP VLAN database. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 282
    this mode are saved in the switch running configuration and can be saved to the switch startup configuration file. For domain name and password configuration guidelines, see the "VTP Configuration Guidelines" section on page 13-8. 13-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 283
    on trunk ports, see the "Configuring VLAN Trunks" section on page 12-14. VTP advertisements distribute this global domain information: • VTP domain name • VTP configuration revision number • Update identity and update timestamp OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 13-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 284
    list can be pruned. By default, VLANs 2 through 1001 are pruning eligible switch trunk ports. If the VLANs are configured as pruning-ineligible, the flooding continues. VTP pruning is supported with VTP Version 1 and Version 2. 13-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 285
    pruning on a VTP server enables pruning for the entire management domain. Making VLANs pruning-eligible or pruning-ineligible affects pruning eligibility for those VLANs on that trunk only (not on all switches in the VTP domain). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 13-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 286
    traffic from VLANs that are pruning-ineligible. VLAN 1 and VLANs 1002 to 1005 are always pruning-ineligible; traffic from these VLANs cannot be pruned. Extended-range VLANs (VLAN IDs higher 1 (Version 2 is disabled). None. Disabled. 13-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 287
    name and the mode (transparent) are saved in the switch running configuration, and you can save this information in the switch startup configuration file by entering the copy running-config startup-config privileged EXEC command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 13-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 288
    must run the same VTP version. • A VTP Version 2-capable switch can operate in the same VTP domain as a switch running VTP Version 1 if Version 2 is disabled on the Version 2-capable switch (Version 2 is disabled by default). 13-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 289
    enable VTP Version 2 for Token Ring VLAN switching to function properly. To run Token Ring switch in the domain. Return to privileged EXEC mode. Verify your entries in the VTP Operating Mode and the VTP Domain Name fields of the display. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 290
    the domain name eng_group and the password mypassword: Switch# vlan database Switch(vlan)# vtp server Switch(vlan)# vtp domain eng_group Switch(vlan)# vtp password mypassword Switch(vlan)# exit APPLY completed. Exiting.... Switch# 13-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 291
    VTP server mode or the no vtp password VLAN database configuration command to return the switch to a no-password state. When you configure a domain name, it cannot be removed; you can only reassign a switch to a different domain. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 13-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 292
    configuration command to return the switch to VTP server mode. If extended-range VLANs are configured on the switch, you cannot change VTP mode to server. You receive an error message, and the configuration is not allowed. 13-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 293
    vlan database privileged EXEC command to enter VLAN database configuration mode and by entering the vtp v2-mode VLAN database configuration command. To disable VTP Version 2, use the no vtp v2-mode VLAN database configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 294
    Step 3 end Step switch with the highest VTP configuration revision number. If you add a switch that has a revision number higher than the revision number in the VTP domain, it can erase all VLAN information from the VTP server and VTP domain. 13-14 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 295
    mode transparent global configuration command or the vtp transparent VLAN database configuration command to disable VTP on the switch, and then change its VLAN information without affecting the other switches in the VTP domain. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 13-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 296
    , and the number of VLANs. You can also display statistics about the advertisements sent and received by the switch. Table 13-3 shows the switch configuration information. Display counters about VTP messages that have been sent and received. 13-16 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 297
    chapter describes how to configure the voice VLAN feature on the Catalyst 2960 switch. Voice VLAN is referred to as an auxiliary VLAN in some Catalyst 6500 family switch documentation. Note For complete syntax and usage information for the commands used in this chapter, see the command reference
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 298
    • In untrusted mode, all traffic in IEEE 802.1Q or IEEE 802.1p frames received through the access port on the Cisco IP Phone receive a configured Layer 2 CoS value. The default Layer 2 CoS value is 0. Untrusted mode is the default. 14-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 299
    . • If the Cisco IP Phone and a device attached to the phone are in the same VLAN, they must be in the same IP subnet. These conditions indicate that they are in the same VLAN: - They both use IEEE 802.1p or untagged frames. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 14-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 300
    to configure the way in which the phone sends voice traffic. The phone can carry voice traffic in IEEE 802.1Q frames for a specified voice VLAN with a Layer 2 CoS value. It can use IEEE 802.1p priority tagging to give 14-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 301
    /1 Switch(config-if)# mls qos trust cos Switch(config-if)# switchport voice vlan dot1p Switch(config-if)# end To return the port to its default setting, use the no switchport voice vlan interface configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 14
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 302
    setting, use the no switchport priority extend interface configuration command. Displaying Voice VLAN To display voice VLAN configuration for an interface, use the show interfaces interface-id switchport privileged EXEC command. 14-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 303
    the Spanning Tree Protocol (STP) on port-based VLANs on the Catalyst 2960 switch. The switch can use either the per-VLAN spanning-tree plus (PVST+) protocol based on the IEEE 802.1D standard and Cisco proprietary extensions, or the rapid per-VLAN spanning-tree plus (rapid-PVST+) protocol based on
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 304
    messages (to ensure the connection is up) only on interfaces that do not have small form-factor pluggable (SFP) modules. You can use the [no] keepalive interface configuration command to change the default for an interface. 15-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 305
    through which the designated switch is attached to the LAN is called the designated port. All paths that are not needed to reach the root switch from anywhere in the switched network are placed in the spanning-tree blocking mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 15-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 306
    VLAN. Support for the extended system ID affects how you manually configure the root switch, the secondary root switch, and the switch priority of a VLAN. For example, when you change the switch -tree instance running on the port. 15-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 307
    the switch learns end-station location information for the forwarding database. 4. When the forward-delay timer expires, spanning tree moves the interface to the forwarding state, where both learning and frame forwarding are enabled. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 308
    from the learning state. An interface in the forwarding state performs these functions: • Receives and forwards frames received on the interface • Forwards frames switched from another interface • Learns addresses • Receives BPDUs 15-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 309
    end stations in a switched Ethernet link. By changing the spanning-tree port priority on the Gigabit Ethernet port to a higher priority (lower numerical value) than the root port, the Gigabit Ethernet port becomes the new root port. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 310
    from the address table and then relearned. The accelerated aging is the same as the forward-delay parameter value (spanning-tree vlan vlan-id forward-time seconds global configuration command) when the spanning tree reconfigures. 15-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 311
    of VLANs that can be mapped to a particular MST instance is unlimited. For information about how spanning tree interoperates with the VLAN Trunking Protocol (VTP), see the "Spanning-Tree Configuration Guidelines" section on page 15-12. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 312
    VLAN of the trunk with the spanning-tree instance of the non-Cisco IEEE 802.1Q switch. However, all PVST+ or rapid-PVST+ information is maintained by Cisco switches separated by a cloud of non-Cisco IEEE 802.1Q switches. The non-Cisco -10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 313
    VLAN port priority (configurable on a per-VLAN basis) Spanning-tree VLAN port cost (configurable on a per-VLAN basis) Spanning-tree timers Default Setting Enabled on VLAN 1. For more information, see the "Supported count: 6 BPDUs OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 15-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 314
    the "Optional Spanning-Tree Configuration Guidelines" section on page 17-10. Caution Loop guard works only on point-to-point links. We recommend that each end of the link has a directly connected device that is running STP. 15-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 315
    switch supports three spanning-tree modes: PVST+, rapid PVST+, or MSTP. By default, the switch link-type point-to-point end clear spanning-tree detected- interfaces include physical ports, VLANs, and port channels. The VLAN ID range is 1 to Catalyst 2960 Switch Software Configuration Guide 15-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 316
    with the extended system ID support will become the root switch. The extended system ID increases the switch priority value every time the VLAN number is greater than the priority of the connected switches running older software. 15-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 317
    privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. To return to the default setting, use the no spanning-tree vlan vlan-id root global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 15-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 318
    the same priority value, spanning tree puts the interface with the lowest interface number in the forwarding state and blocks the other interfaces. 15-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 319
    vlan-id] port-priority interface configuration command. For information on how to configure load sharing on trunk ports by using spanning-tree port priorities, see the "Configuring Trunk Ports for Load Sharing" section on page 12-20. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 320
    cost Step 4 spanning-tree vlan vlan-id cost cost Step 5 Step 6 Step 7 end show spanning-tree interface interface-id or show spanning-tree vlan vlan-id copy running-config privileged EXEC command to confirm the configuration. 15-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 321
    privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. To return to the default setting, use the no spanning-tree vlan vlan-id priority global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 15-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 322
    age timer Transmit hold count Description Controls how often the switch broadcasts hello messages to other switches. Controls how long each of setting, use the no spanning-tree vlan vlan-id hello-time global configuration command. 15-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 323
    VLAN. This procedure is optional. Step 1 Step 2 Command configure terminal spanning-tree vlan vlan-id forward-time seconds Step 3 Step 4 Step 5 end show spanning-tree vlan vlan vlan vlan-id max-age global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 15-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 324
    configure terminal spanning-tree transmit hold-count value Step 3 Step 4 Step 5 end show spanning-tree detail copy running-config startup-config Purpose Enter global configuration mode. the command reference for this release. 15-22 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 325
    Multiple STP (MSTP) on the Catalyst 2960 switch. Note The multiple spanning-tree (MST) implementation in Cisco IOS Release 12.2(25)SED is based on the IEEE 802.1s standard. The MST implementations in earlier Cisco IOS releases are prestandard. The MSTP enables multiple VLANs to be mapped to the same
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 326
    of MST regions in a network, but each region can support up to 65 spanning-tree instances. Instances can be identified by any number in the range from 0 to 4094. You can assign a VLAN to only one spanning-tree instance at a time. 16-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 327
    As switches receive superior IST information, they leave their old subregions and join the new subregion that contains the true CIST regional root. Thus all subregions shrink, except for the one that contains the true CIST regional root. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 328
    add their spanning-tree information into the BPDUs to interact with neighboring switches and compute the final spanning-tree topology. Because of this, the spanning-tree parameters related to BPDU transmission (for example, 16-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 329
    root path cost Cisco Prestandard IST master IST master path cost Root path cost Instance root Root path cost Cisco Standard CIST switch of the instance always sends a BPDU (or M-record) with a cost of 0 and the hop count set to the OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 330
    .1s Implementation The Cisco implementation of the IEEE MST standard includes features required to meet the standard, as well as some of the desirable prestandard functionality that is not yet incorporated into the published standard. 16-6 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 331
    is maintained in Cisco's implementation. However, Switch Interoperation Segment X MST Region Switch A Switch B 92721 Segment Y Note We recommend that you minimize the interaction between standard and prestandard MST implementations. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 332
    , but it is included in this Cisco IOS release. The software checks the consistency switch running MSTP supports a built-in protocol migration mechanism that enables it to interoperate with legacy IEEE 802.1D switches. If this switch Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 333
    by a point-to-point link or when a switch has two or more connections to a shared LAN segment Cisco STP implementations, this guide defines the port state as blocking instead of discarding. Designated ports start in the listening state. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 334
    as a Port Fast-enabled port, and you should enable it only on ports that connect to a single end station. • Root ports-If the RSTP selects a new root port, it blocks the old root port tree link-type interface configuration command. 16-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 335
    the RSTP forces all other ports to synchronize with the new root information. The switch is synchronized with superior root information received on the root port if all other ports are synchronized. An , its port state is set to blocking. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 16-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 336
    10 11 4 5 6 7 Function Topology change (TC) Proposal Port role: Unknown Alternate port Root port Designated port Learning Forwarding Agreement Topology change acknowledgement (TCA) 16-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 337
    connected to an IEEE 802.1D switch and a configuration BPDU with the TCA bit set is received, the TC-while timer is reset. This behavior is only required to support IEEE 802.1D switches. The RSTP BPDUs never have the TCA bit set. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 16-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 338
    shows the default MSTP configuration. Table 16-4 Default MSTP Configuration Feature Spanning-tree mode Switch priority (configurable on a per-CIST port basis) Default Setting PVST+ (Rapid PVST+ and MSTP are disabled). 32768. 16-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 339
    and MSTP are supported, but only one version can be active at any time. (For example, all VLANs run PVST+, all VLANs run rapid PVST+, or all VLANs run MSTP.) cloud. You might have to manually configure the switches in the clouds. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 16-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 340
    the number of MST regions in a network, but each region can only support up to 65 spanning-tree instances. You can assign a VLAN to only one spanning-tree instance at a time. Beginning in privileged rapid PVST+ at the same time. 16-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 341
    switch with the extended system ID support will become the root switch. The extended system ID increases the switch priority value every time the VLAN number is greater than the priority of the connected switches running older software. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 342
    to become the root switch for the specified instance if the primary root switch fails. This is assuming that the other network switches use the default switch priority of 32768 and therefore are unlikely to become the root switch. 16-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 343
    is 0 to 4094. • (Optional) For diameter net-diameter, specify the maximum number of switches between any two end stations. The range is 2 to 7. This keyword is available only for MST instance 0. • and blocks the other interfaces. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 16-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 344
    6 Command configure terminal interface interface-id spanning-tree mst instance-id port-priority priority end show spanning-tree mst interface interface-id or show spanning-tree mst instance-id copy blocks the other interfaces. 16-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 345
    1 to 200000000; the default value is derived from the media speed of the interface. end Return to privileged EXEC mode. show spanning-tree mst interface interface-id Verify your entries. to modify the switch priority. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 16-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 346
    spanning-tree mst hello-time seconds Step 3 Step 4 Step 5 end show spanning-tree mst copy running-config startup-config Purpose Enter switch to its default setting, use the no spanning-tree mst hello-time global configuration command. 16-22 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 347
    spanning-tree mst max-age seconds Step 3 Step 4 Step 5 end show spanning-tree mst copy running-config startup-config Purpose Enter global switch to its default setting, use the no spanning-tree mst max-age global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 348
    max-hops hop-count Step 3 Step 4 Step 5 end show spanning-tree mst copy running-config startup-config Purpose mode. Valid interfaces include physical ports, VLANs, and port-channel logical interfaces. The VLAN ID range is 1 to 4094. Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 349
    spanning-tree mst pre-standard end show spanning-tree mst interface Process A switch running MSTP supports a built-in specific interface, use the clear spanning-tree detected-protocols interface interface-id privileged EXEC command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 350
    the specified interface. For information about other keywords for the show spanning-tree privileged EXEC command, see the command reference for this release. 16-26 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 351
    optional spanning-tree features on the Catalyst 2960 switch. You can configure all of these features when your switch is running the per-VLAN spanning-tree plus (PVST+). Root Guard, page 17-8 • Understanding Loop Guard, page 17-9 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 17-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 352
    on interfaces connected to end stations. If you enable Port Fast on an interface connecting to another switch, you risk creating a vlan global configuration command to shut down just the offending VLAN on the port where the violation occurred. 17-2 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 353
    into backbone switches, distribution switches, and access switches. Figure 17-2 shows a complex network where distribution switches and access switches each have at least one redundant link that spanning tree blocks to prevent loops. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 354
    with no link failures. Switch A, the root switch, is connected directly to Switch B over link L1 and to Switch C over link L2. The Layer 2 interface on Switch C that is connected directly to Switch B is in a blocking state. 17-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 355
    switch has lost its connection to the root switch). Under spanning-tree rules, the switch ignores inferior BPDUs for the configured maximum aging time specified by the spanning-tree vlan vlan-id max-age global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 356
    root-switch election takes approximately 30 seconds, twice the Forward Delay time if the default Forward Delay time of 15 seconds is set. Figure 17-6 shows how BackboneFast reconfigures the topology to account for the failure of link L1. 17-6 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 357
    device, EtherChannel guard places the switch interfaces in the error-disabled state, and displays an error message. You can enable this feature by using the spanning-tree etherchannel guard misconfig global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 17-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 358
    Service-provider network Potential spanning-tree root without root guard enabled Desired root switch Enable the root-guard feature on these interfaces to prevent switches in the customer network from becoming the root switch or being in the path to the root. 101232 17-8 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 359
    designated ports, and spanning tree does not send BPDUs on root or alternate ports. When the switch is operating in MST mode, BPDUs are not sent on nonboundary ports only if the interface all interfaces. Disabled on all interfaces. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 17-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 360
    , Port Fast is disabled on all interfaces. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. 17-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 361
    Specify the interface connected to an end station, and enter interface configuration mode. Enable the Port Fast feature. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 17-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 362
    filtering. By default, BPDU filtering is disabled. Specify the interface connected to an end station, and enter interface configuration mode. Enable the Port Fast feature. Return bpdufilter enable interface configuration command. 17-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 363
    more slowly after a loss of connectivity. end Return to privileged EXEC mode. show spanning- switches in the network. BackboneFast is not supported on Token Ring VLANs. This feature is supported for use with third-party switches. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 364
    Step 4 Step 5 Command configure terminal spanning-tree etherchannel guard misconfig end show spanning-tree summary copy running-config startup-config Purpose Enter global configuration channel interfaces that were misconfigured. 17-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 365
    VLANs to which the interface belongs. Do not enable the root guard on interfaces to be used by the UplinkFast feature. With UplinkFast, the backup interfaces (in the blocked state) replace on all interfaces. end Return to privileged EXEC Catalyst 2960 Switch Software Configuration Guide 17-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 366
    -Tree Features Command Step 3 spanning-tree loopguard default Step 4 Step 5 Step 6 end show running-config copy running-config startup-config Purpose Enable loop guard. By default, , see the command reference for this release. 17-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 367
    This chapter describes how to configure Internet Group Management Protocol (IGMP) snooping on the Catalyst 2960 switch, including an application of local IGMP snooping, Multicast VLAN Registration (MVR). It also includes procedures for controlling multicast group membership by using IGMP filtering
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 368
    using the ip igmp snooping vlan vlan-id static ip_address interface interface switch supports IGMPv3 snooping based only on the destination multicast MAC address. It does not support snooping based on the source MAC address or on proxy reports. 18-2 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 369
    receives multicast traffic for that multicast group. See Figure 18-1. Figure 18-1 Initial IGMP Join Message Router A CPU PFC 0 1 IGMP report 224.1.2.3 VLAN 45750 Forwarding table 2 3 4 5 Host 1 Host 2 Host 3 Host 4 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 370
    Multicast Group Router A 1 CPU PFC 0 VLAN 45751 Forwarding table 2 3 4 5 Host 1 Host 2 Host 3 Host 4 Table 18-2 Updated IGMP Snooping Forwarding Table Destination Address 224.1.2.3 Type of Packet IGMP Ports 1, 2, 5 18-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 371
    . The timer can be set either globally or on a per-VLAN basis. The VLAN configuration of the leave time overrides the global configuration. For configuration steps, see the "Configuring the IGMP Leave Timer" section on page 18-11. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 372
    IGMPv1 and IGMPv2 reports. This feature is not supported when the query includes IGMPv3 reports. The switch uses IGMP report suppression to forward only one IGMP Default Setting Enabled globally and per VLAN None configured 18-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 373
    snooping vlan vlan-id Purpose Enter global configuration mode. Enable IGMP snooping on the VLAN interface.The VLAN ID range is 1 to 1001 and 1006 to 4094. Note IGMP snooping must be globally enabled before you can enable VLAN snooping. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 374
    Step 2 Command configure terminal ip igmp snooping vlan vlan-id mrouter learn {cgmp | pim-dvmrp} Step 3 Step 4 Step 5 end show ip igmp snooping copy running-config startup . (Optional) Save your entries in the configuration file. 18-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 375
    global configuration command. This example shows how to enable a static connection to a multicast router: Switch# configure terminal Switch(config)# ip igmp snooping vlan 200 mrouter interface gigabitethernet0/2 Switch(config)# end OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 376
    : Step 1 Step 2 Step 3 Command configure terminal ip igmp snooping vlan vlan-id immediate-leave end Purpose Enter global configuration mode. Enable IGMP Immediate Leave on the VLAN interface. Return to privileged EXEC mode. 18-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 377
    on VLAN 130: Switch# configure terminal Switch(config)# ip igmp snooping vlan 130 immediate-leave Switch(config)# end Configuring VLAN, use the no ip igmp snooping vlan vlan-id last-member-query-interval global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 378
    flood query count count Step 3 Step 4 Step 5 end show ip igmp snooping copy running-config startup-config Purpose Enter switch is the spanning-tree root regardless of this configuration command. By default, query solicitation is disabled. 18-12 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 379
    2 Command configure terminal ip igmp snooping tcn query solicit Step 3 Step 4 Step 5 end show ip igmp snooping copy running-config startup-config Purpose Enter global configuration mode. Send an interface configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 380
    address on the switch. • The IGMP snooping querier supports IGMP Versions 1 VLAN interface. The VLAN ID range is 1 to 1001 and 1006 to 4094. Step 10 copy running-config startup-config (Optional) Save your entries in the configuration file. 18-14 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 381
    Information You can display IGMP snooping information for dynamically learned and statically configured router ports and VLAN interfaces. You can also display MAC address multicast entries for a VLAN configured for IGMP snooping. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 382
    query message in the VLAN and the configuration and operational state of the IGMP snooping querier in the VLAN. For more information about the keywords and options in these commands, see the command reference for this release. 18-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 383
    bandwidth on MVR data port links, which occurs when the switch runs in compatible mode. Only Layer 2 ports take part in MVR. You must configure ports as MVR receiver ports. Only one MVR multicast VLAN per switch is supported. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 384
    Multicast data Switch A RP1 RP2 RP3 RP4 RP5 RP6 RP7 Customer premises Hub IGMP join Set-top box TV data Set-top box PC 101364 TV RP = Receiver Port SP = Source Port TV Note: All source ports belong to the multicast VLAN. 18-18 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 385
    MVR configuration. Table 18-5 Default MVR Configuration Feature MVR Multicast addresses Query response time Multicast VLAN Mode Default Setting Disabled globally and per interface None configured 0.5 second VLAN 1 Compatible OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 386
    multicast data sent to this address is sent to all source ports on the switch and all receiver ports that have elected to receive data on that multicast address. Each multicast address would correspond to one television channel. 18-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 387
    : Step 1 Step 2 Step 3 Command configure terminal mvr interface interface-id Purpose Enter global configuration mode. Enable MVR on the switch. Specify the Layer 2 port to configure, and enter interface configuration mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 388
    receiver Switch(config-if)# mvr vlan 22 group 228.1.23.4 Switch(config-if)# mvr immediate Switch(config)# end Switch# show mvr interface Port Type Status Immediate Leave ---- ---- ------- Gi0/2 RECEIVER ACTIVE/DOWN ENABLED 18-22 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 389
    their MVR configurations. [members [vlan vlan-id]] When a specific interface is entered, displays this switch port can belong. You can control the distribution of multicast services, such as IP/TV, based on some type of subscription or service Catalyst 2960 Switch Software Configuration Guide 18-23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 390
    report or to replace the randomly selected multicast entry with the received IGMP report. Note IGMPv3 join and leave messages are not supported on switches running IGMP filtering. no: Negates a command or returns to its defaults. 18-24 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 391
    . You can enter a single IP address or a range with a start and an end address. The default is for the switch to have no IGMP profiles configured. When a profile is configured, if neither the permit only one profile applied to it. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 18-25
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 392
    interface-id Step 3 ip igmp max-groups number Step 4 Step 5 Step 6 end show running-config interface interface-id copy running-config startup-config Purpose Enter global configuration your entries in the configuration file. 18-26 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 393
    can join. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# ip igmp max-groups 25 Switch(config-if)# end Configuring the IGMP replace-Replace the existing group with the new group for which the IGMP report was received. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 394
    MVR Step 4 Step 5 Step 6 Command end show running-config interface interface-id copy running switch, including (if configured) the maximum number of IGMP groups to which an interface can belong and the IGMP profile applied to the interface. 18-28 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 395
    if the packet is unicast, multicast, or broadcast. The switch counts the number of packets of a specified type received within the 1-second time interval and compares the measurement with a predefined suppression-level threshold. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 19-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 396
    all multicast traffic except control traffic, such as bridge protocol data unit (BDPU) and Cisco Discovery Protocol (CDP) frames, are blocked. The graph in Figure 19-1 shows broadcast , or unicast traffic on that port is blocked. 19-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 397
    differ from the configured level by several percentage points. Note Storm control is supported on physical interfaces. You can also configure storm control on an EtherChannel. When , and enter interface configuration mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 19-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 398
    ] | pps pps [pps-low]} Step 4 storm-control action {shutdown | trap} Step 5 end Purpose Configure broadcast, multicast, or unicast storm control. By default, storm control is disabled. The . Return to privileged EXEC mode. 19-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 399
    the switch drops all broadcast traffic until the end of the traffic-storm-control interval: Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config , page 19-6 • Configuring a Protected Port, page 19-6 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 19-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 400
    ports on a physical interface (for example, Gigabit Ethernet port 1) or an EtherChannel group (for example, Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# switchport protected Switch(config-if)# end 19-6 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 401
    switchport block unicast end show interfaces Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# switchport block multicast Switch(config-if)# switchport block unicast Switch(config-if)# end OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 402
    or manually configured, stored in the address table, and added to the running configuration. If these addresses are saved in the configuration file, when the switch restarts, the interface does not need to dynamically reconfigure them. 19-8 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 403
    global configuration command, or you can manually re-enable it by entering the shutdown and vlan-Use to set the security violation mode per-VLAN. In this mode, the VLAN is error disabled instead of the entire port when a violation occurs OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 404
    switch returns an error message if you manually configure an address that would cause a security violation. 3. Shuts down only the VLAN VLAN is only supported on access ports and not on trunk ports, even though the configuration is allowed. 19-10 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 405
    Cisco IP phone, the IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but is not learned on the access VLAN. If you connect a single PC to the Cisco . • The switch does not support port security aging Catalyst 2960 Switch Software Configuration Guide 19-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 406
    as a voice VLAN. Note The voice keyword is available only if a voice VLAN is configured on a port and if that port is not the access VLAN. If an interface is configured for voice VLAN, configure a maximum of two secure MAC addresses. 19-12 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 407
    cause psecure-violation global configuration command. You can manually re-enable it by entering the shutdown and no shutdown interface configuration commands or by using the clear errdisable interface vlan privileged EXEC command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 19-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 408
    Note The voice keyword is available only if a voice VLAN is configured on a port and if that port is not the access VLAN. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. 19-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 409
    on VLAN 3 on a port: Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address 0000.02000.0004 vlan 3 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 410
    1 Step 2 Command configure terminal interface interface-id Purpose Enter global configuration mode. Specify the interface to be configured, and enter interface configuration mode. 19-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 411
    | inactivity}} aging time or type. Note The switch does not support port security aging of sticky secure addresses. Step 4 Step 5 Step 6 end show port-security [interface interface-id] [address] and port security settings. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 19-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 412
    on all switch interfaces or on a specified interface with aging information for each address. show port-security interface interface-id vlan Displays the number of secure MAC addresses configured per VLAN on the specified interface. 19-18 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 413
    . The switch uses CDP to find cluster candidates and maintain information about cluster members and other devices up to three cluster-enabled devices away from the command switch by default. The switch supports CDP Version 2. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 20-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 414
    terminal cdp timer seconds Step 3 cdp holdtime seconds Step 4 cdp advertise-v2 Step 5 end Purpose Enter global configuration mode. (Optional) Set the transmission frequency of CDP updates in state. Return to privileged EXEC mode. 20-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 415
    see Chapter 5, "Clustering Switches" and see Getting Started with Cisco Network Assistant, available on Cisco.com. Beginning in privileged has been disabled. Switch# configure terminal Switch(config)# cdp run Switch(config)# end OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 20-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 416
    default on all supported interfaces to Description Reset the traffic counters to zero. Delete the CDP table of information about neighbors. Display global information, such as frequency of transmissions and the holdtime for packets being sent. 20-4 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 417
    traffic Description Display information about a specific neighbor specific interface or expand the display to provide more detailed information. Display CDP counters, including the number of packets sent and received and checksum errors. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 418
    Monitoring and Maintaining CDP Chapter 20 Configuring CDP 20-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 419
    and learn about other Cisco devices connected to the network. To support non-Cisco devices and to allow for interoperability between other devices, the switch supports the IEEE 802.1AB layer protocols to learn about each other. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 21-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 420
    Enables advanced power management between LLDP-MED endpoint and network connectivity devices. Allows switches and phones to convey power information, such as how the device is powered, power priority, and how much power the device needs. 21-2 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 421
    an endpoint to send detailed inventory information about itself to the switch, including information hardware revision, firmware version, software version, serial number, manufacturer name, model name, to send and receive all TLVs. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 21-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 422
    terminal Switch(config)# lldp holdtime 120 Switch(config)# lldp reinit 2 Switch(config)# lldp timer 30 Switch(config)# end For additional LLDP show commands, see the "Monitoring and Maintaining LLDP and LLDP-MED" section on page 21-7. 21-4 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 423
    LLDP, and enter interface configuration mode. No LLDP packets are sent on the interface. No LLDP packets are received on the interface. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 21-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 424
    5 Step 6 lldp transmit lldp receive end copy running-config startup-config Purpose Enter global power-management Description LLDP-MED inventory management TLV LLDP-MED location TLV LLDP-MED network policy TLV LLDP-MED power management TLV 21-6 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 425
    5 no lldp med-tlv-select tlv end copy running-config startup-config Purpose Enter interface [interface-id] Description Reset the traffic counters on an interface. Display information about a specific neighbor. You can enter an asterisk (*) Catalyst 2960 Switch Software Configuration Guide 21-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 426
    neighbors of a specific interface or expand the display to provide more detailed information. Display LLDP counters, including the number of packets sent and received, number of packets discarded, and number of unrecognized TLVs. 21-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 427
    Ethernet cables to monitor the physical configuration of the cables and detect when a unidirectional link exists. All connected devices must support of problems, including spanning-tree topology loops. Modes of Operation UDLD supports two modes Catalyst 2960 Switch Software Configuration Guide 22-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 428
    can also detect a unidirectional link when one of these problems exists: • On fiber-optic or twisted-pair links, one expires. If the switch receives a new hello message before an older cache entry ages, the switch replaces the older entry Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 429
    ends Switch B on the same port. If UDLD is in aggressive mode, it detects the problem and disables the port. If UDLD is in normal mode, the logical link is considered undetermined, and UDLD does not disable the interface. Switch B 98648 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 430
    the same mode is configured on both sides of the link. Caution Loop guard works only on point-to-point links. We recommend that each end of the link has a directly connected device that is running STP. 22-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 431
    For more information, see the "Enabling UDLD on an Interface" section on page 22-5. end Return to privileged EXEC mode. show udld Verify your entries. copy running-config startup-config , and enter interface configuration mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 22-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 432
    UDLD Command Step 3 udld port [aggressive] Step 4 Step 5 Step 6 end show udld interface-id copy running-config startup-config Purpose UDLD is disabled by default command output, see the command reference for this release. 22-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 433
    network security device. For example, if you connect a Cisco Intrusion Detection System (IDS) sensor appliance to a destination port, the IDS device can send TCP reset packets to close down the TCP session of a suspected attacker. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 434
    carrying the RSPAN VLAN to a destination session monitoring the RSPAN VLAN. Each RSPAN source switch must have either ports or VLANs as RSPAN sources. The destination is always a physical port, as shown on Switch C in the figure. 23-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 435
    the RSPAN VLAN. To configure an RSPAN destination session on another device, you associate the destination port with the RSPAN VLAN. The destination session collects all RSPAN VLAN traffic and sends it out the RSPAN destination port. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 436
    unless you enable the destination port and at least one source port or VLAN for that session. • The switch does not support a combination of local SPAN and RSPAN in a single session. That is QoS policing, and egress QoS policing. 23-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 437
    (for example, EtherChannel, Fast Ethernet, Gigabit Ethernet, and so forth). • For EtherChannel sources, you can monitor traffic for the entire EtherChannel or individually on a physical port as it participates in the port channel. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 438
    session or RSPAN destination session must have a destination port (also called a monitoring port) that receives a copy of traffic from the source ports or VLANs and sends the SPAN packets to the user, usually a network analyzer. 23-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 439
    RSPAN VLAN traffic only flows on trunk ports. • RSPAN VLANs must be configured in VLAN configuration mode by using the remote-span VLAN configuration mode command. • STP can run on RSPAN VLAN trunks but not on SPAN destination ports. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 440
    VLAN ID in the extended VLAN range (1006 to 4094), you must manually configure all intermediate switches. It is normal to have multiple RSPAN VLANs in a network at the same time with each RSPAN VLAN the multicast packet is sent. 23-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 441
    : • SPAN Configuration Guidelines, page 23-10 • Creating a Local SPAN Session, page 23-10 • Creating a Local SPAN Session and Configuring Incoming Traffic, page 23-13 • Specifying VLANs to Filter, page 23-14 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 442
    port or source VLAN are enabled. • You can limit SPAN traffic to specific VLANs by using the filter vlan keyword. If a trunk port is being monitored, only traffic on the VLANs specified with to remove all remote SPAN sessions. 23-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 443
    Configuring SPAN and RSPAN Step 3 Command Purpose monitor session session_number source {interface interface-id | vlan vlan-id} [, | -] [both | rx | tx] Specify the SPAN session and the configure multiple destination ports. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 444
    (config)# no monitor session 2 Switch(config)# monitor session 2 source vlan 1 - 3 rx Switch(config)# monitor session 2 destination interface gigabitethernet0/2 Switch(config)# monitor session 2 source vlan 10 Switch(config)# end 23-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 445
    default VLAN. end Return to privileged EXEC mode. show monitor [session session_number] Verify the configuration. show running-config copy running-config startup-config (Optional) Save the configuration in the configuration file. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 446
    3. For vlan-id, the range is 1 to 4094. (Optional) Use a comma (,) to specify a series of VLANs, or use a hyphen (-) to specify a range of VLANs. Enter a space before and after the comma; enter a space before and after the hyphen. 23-14 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 447
    Session, page 23-17 • Creating an RSPAN Destination Session, page 23-19 • Creating an RSPAN Destination Session and Configuring Incoming Traffic, page 23-20 • Specifying VLANs to Filter, page 23-21 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 448
    RSPAN VLAN on both source and destination switches and any intermediate switches. Use VTP pruning to get an efficient flow of RSPAN traffic, or manually delete the RSPAN VLAN from all trunks that do not need to carry the RSPAN traffic. 23-16 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 449
    VLAN and convert it back to a normal VLAN, use the no remote-span VLAN configuration command. This example shows how to create RSPAN VLAN 901. Switch(config)# vlan 901 Switch(config-vlan)# remote span Switch(config-vlan)# end . OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 450
    /1 tx Switch(config)# monitor session 1 source interface gigabitethernet0/2 rx Switch(config)# monitor session 1 source interface port-channel 2 Switch(config)# monitor session 1 destination remote vlan 901 Switch(config)# end 23-18 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 451
    string, encapsulation replicate is not supported for RSPAN. The original VLAN ID is overwritten by the RSPAN VLAN ID, and all packets appear on VLAN from the session, use the no monitor session session_number source remote vlan vlan-id. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 452
    packets with IEEE 802.1Q encapsulation with the specified VLAN as the default VLAN. • untagged vlan vlan-id or vlan vlan-id-Forward incoming packets with untagged encapsulation type with the specified VLAN as the default VLAN. 23-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 453
    3. For vlan-id, the range is 1 to 4094. (Optional) Use a comma (,) to specify a series of VLANs or use a hyphen (-) to specify a range of VLANs. Enter a space before and after the comma; enter a space before and after the hyphen. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 454
    end Displaying SPAN and RSPAN Status To display the current SPAN or RSPAN configuration, use the show monitor user EXEC command. You can also use the show running-config privileged EXEC command to display configured SPAN or RSPAN sessions. 23-22 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 455
    configure Remote Network Monitoring (RMON) on the Catalyst 2960 switch. RMON is a standard monitoring specification that defines a set of statistics and in the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software >
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 456
    , page 24-3 • Configuring RMON Alarms and Events, page 24-3 (required) • Collecting Group History Statistics on an Interface, page 24-5 (optional) • Collecting Group Ethernet Statistics on an Interface, page 24-5 (optional) 24-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 457
    no alarms or events are configured. Configuring RMON Alarms and Events You can configure your switch for RMON by using the command-line interface (CLI) or an SNMP-compatible network string, specify the owner of the alarm. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 24-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 458
    owns the row that is created in the event table by this command. This example also generates an SNMP trap when the event is triggered. Switch(config)# rmon event 1 log trap eventtrap description "High ifOutErrors" owner jjones 24-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 459
    Ethernet statistics on an interface. This procedure is optional. Step 1 Step 2 Command configure terminal interface interface-id Purpose Enter global configuration mode. Specify the interface on which to collect statistics, and enter interface configuration mode. OL-8603-04 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 460
    , see the "System Management Commands" section in the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. 24-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 461
    message logging on the Catalyst 2960 switch. Note For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 462
    sign depends on the setting of the service sequence-numbers, service timestamps log datetime, service timestamps log datetime [localtime] [msec] [show-timezone], or service timestamps log uptime global configuration command. 25-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 463
    Element Description seq no: Stamps log messages with a sequence number only if the service supported facilities, see Table 25-4 on page 25-13. severity Single-digit code from 0 to 7 that is the severity of the message. For a description Catalyst 2960 Switch Software Configuration Guide 25-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 464
    Step 2 Step 3 Step 4 Step 5 Command configure terminal no logging console end show running-config or show logging copy running-config startup-config Purpose Enter global use the logging on global configuration command. 25-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 465
    enabled, you can send messages to specific locations in addition to the console ended. You must perform this step for each session to see the debugging messages. Verify your entries. (Optional) Save your entries in the configuration file. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 466
    with solicited device output and prompts for a specific console port line or virtual terminal line. You configure terminal line [console | vty] line-number [ending-line-number] Purpose Enter global configuration mode. Specify the 25-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 467
    time-zone, and the time zone name. end Return to privileged EXEC mode. show running- service timestamps log datetime global configuration command enabled: *Mar 1 18:46:11: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 468
    Step 1 Step 2 Step 3 Step 4 Step 5 Command configure terminal service sequence-numbers end show running-config copy running-config startup-config Purpose Enter global configuration mode lower levels (see Table 25-3 on page 25-9). 25-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 469
    logging trap level Step 5 Step 6 Step 7 end show running-config or show logging copy running-config 2 3 4 5 6 7 Description System unstable Immediate action needed Critical information; switch functionality is not affected. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 25-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 470
    table. The default is to store one message. The range is 0 to 500 messages. end Return to privileged EXEC mode. show running-config Verify your entries. copy running-config startup-config to disable and reenable logging. 25-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 471
    14 temi@vty4 | exit 45 16 temi@vty5 |interface FastEthernet5/0/1 46 16 temi@vty5 | switchport mode trunk 47 16 temi@vty5 | exit OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 25-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 472
    Add a line such as the following to the file /etc/syslog.conf: local7.debug /usr/adm/logs/cisco.log The local7 keyword specifies the logging facility to be used; see Table 25-4 on page 25-13 for , enter this command more than once. 25-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 473
    For information about the fields in this display, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 25-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 474
    Displaying the Logging Configuration Chapter 25 Configuring System Message Logging 25-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 475
    the Catalyst 2960 switch. Note For complete syntax and usage information for the commands used in this chapter, see the command reference for this release and the Cisco IOS Functions, page 26-3 • SNMP Agent Functions, page 26-4 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 26-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 476
    This software release supports these SNMP versions: • SNMPv1-The Simple Network Management Protocol, a Full Internet Standard, defined in RFC 1157. • SNMPv2C replaces the Party-based security models are SNMPv1, SNMPv2C, and SNMPv3. 26-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 477
    to use the SNMP version supported by the management station. Because an agent can communicate SNMP Operations Operation Description get-request get-next-request get-bulk-request2 Retrieves a value from a specific variable. Retrieves Catalyst 2960 Switch Software Configuration Guide 26-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 478
    network for specific information. The results of a poll can be displayed as a graph and analyzed to troubleshoot internetworking problems, increase network performance, verify the configuration of devices, monitor traffic loads, and more. 26-4 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 479
    to send SNMP notifications as traps or informs. Note SNMPv1 does not support informs. Traps are unreliable because the receiver does not send an acknowledgment the switch is a concern and notification is not required, use traps. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 26-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 480
    SVI1 EtherChannel Loopback Tunnel Physical (such as Gigabit Ethernet or SFP2-module interfaces) Null 1. SVI = switch virtual interface 2. SFP = small form-factor pluggable ifIndex Range 1- , page 26-16 • SNMP Examples, page 26-17 26-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 481
    all users associated with that group. See the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 for information switch does not send informs for the auth (authNoPriv) and the priv (authPriv) authentication levels. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 482
    Step 4 Step 5 Command configure terminal no snmp-server end show running-config copy running-config startup-config Purpose Enter 2C, and Version 3) on the device. No specific Cisco IOS command exists to enable SNMP. The first snmp- Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 483
    permit} source [source-wildcard] Step 4 Step 5 Step 6 end show running-config copy running-config startup-config Purpose Enter global specific community string, use the no snmp-server community string global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 484
    specify that IP access list 4 can use the community string to gain access to the switch SNMP agent: Switch(config)# snmp-server community comaccess ro 4 Configuring SNMP Groups and Users You can specify . The default is 162. 26-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 485
    , or trap. • (Optional) Enter access access-list with a string (not to exceed 64 characters) that is the name of the access list. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 26-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 486
    26-5 Switch Notification Types Notification Type Keyword bridge cluster config Description Generates STP bridge MIB traps. Generates a trap when the cluster configuration changes. Generates a trap for SNMP configuration changes. 26-12 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 487
    any or all of these traps: Cisco specific, errors, link-state advertisement, rate VLAN membership changes. Generates SNMP VLAN created traps. Generates SNMP VLAN deleted traps. Generates a trap for VLAN Trunking Protocol (VTP) changes. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 488
    cpu [threshold], insertion, and removal keywords are not supported. To enable the sending of SNMP inform notifications, the snmp-server host global configuration command to a specific host to receive the notification types listed in Table Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 489
    id snmp-server queue-length length snmp-server trap-timeout seconds end show running-config copy running-config startup-config • snmp- host informs global configuration command. To disable a specific trap type, use the no snmp-server enable Catalyst 2960 Switch Software Configuration Guide 26-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 490
    -number {deny | permit} source [source-wildcard] Step 4 Step 5 Step 6 end show running-config copy running-config startup-config Purpose Enter global configuration mode. Limit TFTP ) Save your entries in the configuration file. 26-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 491
    snmp-server user authuser authgroup v3 auth md5 mypassword Switch(config)# snmp-server host 192.180.1.27 informs version 3 auth authuser config Switch(config)# snmp-server enable traps Switch(config)# snmp-server inform retries 0 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 26-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 492
    display SNMP information. For information about the fields in the displays, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2. Table 26-6 Commands for Displaying SNMP user name in the SNMP users table. 26-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 493
    services, and assist with network troubleshooting. The Catalyst 2960 switch supports only IP SLAs responder functionality and must be configured with another device that supports full IP SLAs functionality. For more information about IP SLAs, see the Cisco IOS IP SLAs Configuration Guide, Release
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 494
    measurement that immediately identifies problems and saves troubleshooting time. • Multiprotocol Label Switching (MPLS) performance monitoring and network verification (if the switch supports MPLS) This section includes this information about IP SLAs functionality: • Using Cisco IOS IP SLAs to
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 495
    see the operation-specific chapters in the Cisco IOS IP SLAs Configuration Guide at this URL: http://www.cisco.com/en/US/products/ps6441/products_configuration_guide_book09186a0080707055 .html Note The switch does not support Voice over IP (VoIP) service level analysis or IP service level analysis
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 496
    can be a Cisco IOS Layer 2, responder-configurable switch, such as a Catalyst 2960 or Cisco ME 2400 switch. The responder does not need to support full IP SLAs functionality. Figure 27-1 shows where the Cisco IOS IP SLAs responder fits in the IP network. The responder listens on a specific port for
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 497
    For detailed descriptions and configuration procedures, see the Cisco IOS IP SLAs Configuration Guide, Release 12.4T at this URL: http://www.cisco.com/en/US/products/ps6441/products_configuration_guide_book09186a0080707055 .html OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 27-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 498
    IP SLAs Responder The IP SLAs responder is available only on Cisco IOS software-based devices, including some Layer 2 switches that do not support full IP SLAs functionality, such as the Catalyst 2960 or the Cisco ME 2400 switch. Beginning in privileged EXEC mode, follow these steps to configure the
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 499
    Chapter 27 Configuring Cisco IOS IP SLAs Operations Monitoring IP SLAs Operations Monitoring IP SLAs Operations Use the User EXEC or Display IP SLAs authentication information. Display information about the IP SLAs responder. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 27-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 500
    Monitoring IP SLAs Operations Chapter 27 Configuring Cisco IOS IP SLAs Operations 27-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 501
    (auto-QoS) commands or by using standard QoS commands on the Catalyst 2960 switch. With QoS, you can provide preferential treatment to certain types of traffic at the expense of others. Without QoS, the switch offers best-effort service to each packet, regardless of the packet contents or size. It
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 502
    VLAN. Services Code Point (DSCP) value. QoS supports the use of either value because DSCP values are backward-compatible with IP precedence values. IP precedence values range from 0 to 7. DSCP values range from 0 to 63. Note IPv6 QoS is not supported in this release. 28-2 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 503
    hop behavior, you can construct an end-to-end QoS solution. Implementing QoS in your of service as the packets move through the switch, make switch also needs to ensure that traffic sent from it meets a specific traffic profile (shape). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 504
    Scheduling services the four egress queues based on their configured SRR shared or shaped weights. One of the queues (queue 1) can be the expedited queue, which is serviced until empty before the other queues are serviced. Basic QoS Model 28-4 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 505
    DSCP value for the packet by using the configurable IP-precedence-to-DSCP map. The IP Version 4 specification defines the 3 most-significant bits of the 1-byte ToS field as the IP precedence. IP precedence " section on page 28-34. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 506
    -profile action configured for this policer. Mark Drop Drop packet. Modify DSCP according to the policed-DSCP map. Generate a new QoS label. Done 86835 28-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 507
    , the switch enters the policy-map configuration mode. In this mode, you specify the actions to take on a specific traffic class by using the class, trust, or set policy-map configuration and policy-map class configuration commands. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 508
    are exceeded. To enable the policy map, you attach it to a port by using the service-policy interface configuration command. For more information, see the "Policing and Marking" section on Aggregate Policers" section on page 28-49. 28-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 509
    of traffic within a policy map. Policing uses a token-bucket algorithm. As each frame is received by the switch, a token is added to the bucket. The bucket has a hole in it and leaks at a rate -policer global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 510
    action configured for this policer. Mark Drop Drop packet. Modify DSCP according to the policed-DSCP map. Generate a new QoS label. Done 86835 28-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 511
    The DSCP-to-DSCP-mutation map is the only map you apply to a specific port. All other maps apply to the entire switch. For configuration information, see the "Configuring DSCP Maps" section on page 28 " section on page 28-16. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 512
    Queueing and Scheduling Overview The switch has queues at specific points to help prevent outbound queues are located after the internal ring. Weighted Tail Drop Both the ingress and egress queues use the switch drops it. 28-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 513
    ingress and egress queues are serviced by SRR, which controls it is the only mode supported. In shaped mode, Weights on Egress Queues" section on page 28-66, and the "Configuring SRR Shared Weights on Egress Queues" section on page 28-67. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 514
    using the mls qos srr-queue input priority-queue global configuration command. The expedite queue has guaranteed bandwidth. 1. The switch uses two nonconfigurable queues for traffic that is essential for proper network operation. 28-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 515
    "Weighted servicing the queue more frequently, and by adjusting queue thresholds so that packets with lower priorities are dropped. For configuration information, see the "Configuring Ingress Queue Characteristics" section on page 28-57. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 516
    exceeded? No Queue the packet. Service the queue according to the SRR weights. Drop packet. Rewrite DSCP and/or switch flows through one of these four queues and is subjected to a threshold based on the QoS label assigned to the packet. 28-16 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 517
    is not empty. WTD Thresholds You can assign each packet that flows through the switch to a queue and to a threshold. Specifically, you map DSCP or CoS values to an egress queue and map DSCP or queue-id {cos1...cos8 | threshold OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 518
    EXEC command. The queues use WTD to support distinct drop percentages for different traffic classes. Each how WTD works, see the "Weighted Tail Drop" section on page 28-12. Shaped or Shared Mode SRR services each queue-set in shared or Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 519
    behavior. (The default is that QoS is disabled. The switch then offers best-effort service to each packet, regardless of the packet contents or size • Detects the presence or absence of Cisco IP Phones • Configures QoS classification • 04 Catalyst 2960 Switch Software Configuration Guide 28-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 520
    Ethernet switch enables the trusted boundary feature. The switch uses the Cisco Discovery Protocol (CDP) to detect the presence or absence of a Cisco IP Phone. When a Cisco IP Phone is detected, the ingress classification on the port is set to 28-20 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 521
    threshold 3 3 6 7 Switch(config)# mls qos srr-queue output cos-map queue 3 threshold 3 2 4 Switch(config)# mls qos srr-queue output cos-map queue 4 threshold 2 1 Switch(config)# mls qos srr-queue output cos-map queue 4 threshold 3 0 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 522
    -queue 2 Switch(config)# mls qos srr-queue input bandwidth 90 10 Switch(config)# mls qos srr-queue input threshold 1 8 16 Switch(config)# mls qos srr-queue input threshold 2 34 66 Switch(config)# mls qos srr-queue input buffers 67 33 28-22 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 523
    the switch automatically applies the policy map called AutoQoS-Police-SoftPhone to an ingress interface on which auto-QoS with the Cisco SoftPhone feature is enabled. Switch(config-if)# service-policy input AutoQoS-Police-SoftPhone OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 524
    with the Cisco Phone feature is enabled. Switch(config-if)# service-policy input AutoQoS switch without saving the current configuration to memory. If the generated commands fail to be applied, the previous running configuration is restored. 28-24 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 525
    Cisco IP Phone, the port that is connected to a device running the Cisco SoftPhone feature, or the uplink port that is connected to another trusted switch or router in the interior of the network, and enter interface configuration mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 526
    how to enable auto-QoS and to trust the QoS labels received in incoming packets when the switch or router connected to a port is a trusted device: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# auto qos voip trust 28-26 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 527
    to IP phones IP Cisco IP phones 101234 Figure 28-10 shows a network in which the VoIP traffic is prioritized over all other traffic. Auto-QoS is enabled on the switches in the wiring closets at the edge of the QoS domain. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-27
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 528
    interface interface-id Step 5 auto qos voip cisco-phone Step 6 Step 7 Step 8 exit interface interface-id Step 9 auto qos voip trust Step 10 end Step 11 show auto qos Step 12 copy -QoS configuration in the configuration file. 28-28 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 529
    map or the policed-DSCP map) • Configuring Ingress Queue Characteristics, page 28-57 (optional) • Configuring Egress Queue Characteristics, page 28-62 (optional) OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-29
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 530
    shared mode only. 2. Queue 2 is the priority queue. SRR services the priority queue for its configured share before servicing the other queue. Table 28-7 shows the default CoS input queue 48-63 Queue ID-Threshold ID 1-1 2-1 1-1 28-30 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 531
    400 percent 400 percent 400 percent SRR shaped weights 25 0 0 (absolute) 1 SRR shared weights 2 25 25 25 1. A shaped weight of zero means that this queue is operating in 63 Queue ID-Threshold ID 2-1 3-1 4-1 1-1 4-1 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-31
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 532
    one match class-map configuration command per class map are supported. The ACL can have multiple ACEs, which match fields requires multiple TCAM entries per ACL line. If an input service policy map contains a trust statement in an ACL, the Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 533
    on physical ports; there is no support for it at the VLAN or switch virtual interface level. • Control traffic Step 3 Step 4 Step 5 Command configure terminal mls qos end show mls qos copy running-config startup-config Purpose Enter global Catalyst 2960 Switch Software Configuration Guide 28-33
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 534
    at the edge of the QoS domain. When the packets are classified at the edge, the switch port within the QoS domain can be configured to one of the trusted states because there is here P3 P1 IP Trusted boundary 28-34 Catalyst 2960 Switch Software Configuration Guide 101236 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 535
    Step 3 mls qos trust [cos | dscp | ip-precedence] Step 4 Step 5 Step 6 end show mls qos interface copy running-config startup-config Purpose Enter global configuration mode. Specify the port to DSCP Map" section on page 28-52. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-35
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 536
    to the switch should be trusted to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using the mls qos trust cos interface configuration command, you configure the switch port to which 28-36 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 537
    Step 7 Step 8 Step 9 mls qos trust device cisco-phone end show mls qos interface copy running-config startup-config ed. Specify that the Cisco IP Phone is a trusted device. You cannot enable both interface configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-37
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 538
    the switch modifies the internal DSCP value of the packet, which the switch uses to generate a class of service (CoS) value that represents the priority of the traffic. The switch also to match the definition in the other domain. 28-38 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 539
    trust dscp Step 5 mls qos dscp-mutation dscp-mutation-name Step 6 Step 7 Step 8 end show mls qos maps dscp-mutation copy running-config startup-config Purpose Enter global configuration mode. Modify in the configuration file. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-39
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 540
    to 30 Switch(config)# interface gigabitethernet0/2 Switch(config-if)# mls qos trust dscp Switch(config-if)# mls qos dscp-mutation gi0/2-mutation Switch(config-if)# end Configuring a Traffic by Using Aggregate Policers, page 28-49 28-40 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 541
    Step 5 end show Switch(config)# access-list 1 permit 192.5.255.0 0.0.0.255 Switch(config)# access-list 1 permit 128.88.0.0 0.0.255.255 Switch(config)# access-list 1 permit 36.0.0.0 0.0.0.255 ! (Note: all other access implicitly denied) OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 542
    deny | permit} protocol source source-wildcard destination destination-wildcard end show access-lists copy running-config startup-config Purpose Enter set to 32: Switch(config)# access-list 102 permit pim any 224.0.0.2 dscp 32 28-42 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 543
    packet with Ethernet II or end. end Switch(config-ext-macl)# permit 0001.0000.0001 0.0.0 0002.0000.0001 0.0.0 Switch(config-ext-macl)# permit 0001.0000.0002 0.0.0 0002.0000.0002 0.0.0 xns-idp ! (Note: all other access implicitly denied) OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 544
    criteria to use to match against a specific traffic flow to further classify it. Match , by default, the end of the access list contains an implicit deny statement for supported, the match-all and match-any keywords function the same. 28-44 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 545
    one match criterion per class map is supported, and only one ACL per class map is supported. • For access-group acl-index-or Switch(config)# class-map class3 Switch(config-cmap)# match ip precedence 5 6 7 Switch(config-cmap)# end Switch# OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 546
    in the traffic class; setting a specific DSCP or IP precedence value in ip precedence in the switch configuration. • Beginning with Cisco IOS Release 12.2(40)SE, supported, the match-all and match-any keywords function the same. 28-46 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 547
    63. • For ip precedence new-precedence, enter a new IP-precedence value to be assigned to the classified traffic. The range is 0 to 7. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-47
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 548
    11 service- is supported. Step 12 end Return Switch(config)# access-list 1 permit 10.1.0.0 0.0.255.255 Switch(config)# class-map ipclass1 Switch(config-cmap)# match access-group 1 Switch(config-cmap)# exit Switch(config)# policy-map flow1t 28-48 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 549
    by multiple traffic classes within the same policy map. However, you cannot use the aggregate policer across different policy maps or ports. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-49
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 550
    By default, no aggregate policer is defined. For information on the number of policers supported, see the "Standard QoS Configuration Guidelines" section on page 28-32. • For aggregate . Valid interfaces include physical ports. 28-50 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 551
    28-53 (optional) • Configuring the Policed-DSCP Map, page 28-54 (optional, unless the null settings in the map are not appropriate) OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-51
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 552
    2 Command configure terminal mls qos map cos-dscp dscp1...dscp8 Step 3 Step 4 Step 5 end show mls qos maps cos-dscp copy running-config startup-config Purpose Enter global configuration mode. dscp global configuration command. 28-52 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 553
    Command configure terminal mls qos map ip-prec-dscp dscp1...dscp8 Step 3 Step 4 Step 5 end show mls qos maps ip-prec-dscp copy running-config startup-config Purpose Enter global configuration mode global configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-53
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 554
    4 Step 5 Command configure terminal mls qos map policed-dscp dscp-list to mark-down-dscp end show mls qos maps policed-dscp copy running-config startup-config Purpose Enter global configuration mode. Modify 58 59 6 : 60 61 62 63 28-54 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 555
    2 Step 3 Step 4 Step 5 Command configure terminal mls qos map dscp-cos dscp-list to cos end show mls qos maps dscp-to-cos copy running-config startup-config Purpose Enter global configuration mode. Modify configuration command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-55
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 556
    , 32, 40, 48, and 50 to CoS value 0 and to display the map: Switch(config)# mls qos map dscp-cos 0 8 16 24 32 40 48 50 to 0 Switch(config)# end Switch# show mls qos maps dscp-cos Dscp-cos map: d1 : d2 0 1 2 include physical ports. 28-56 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 557
    trust dscp Step 5 mls qos dscp-mutation dscp-mutation-name Step 6 Step 7 Step 8 end show mls qos maps dscp-mutation copy running-config startup-config Purpose Configure the ingress port as space is allocated between the queues? OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-57
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 558
    id cos1...cos8 mls qos srr-queue input threshold queue-id threshold-percentage1 threshold-percentage2 end Purpose Enter global configuration mode. Map DSCP or CoS values to an ingress queue queue. Return to privileged EXEC mode. 28-58 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 559
    2 Command configure terminal mls qos srr-queue input buffers percentage1 percentage2 Step 3 end Purpose Enter global configuration mode. Allocate the buffers between the ingress queues By . Return to privileged EXEC mode. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-59
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 560
    bandwidth weight1 weight2 Step 3 Step 4 Step 5 end show mls qos interface queueing or show mls qos Separate each value with a space. SRR services the priority queue for its configured weight as specified by the bandwidth keyword in the Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 561
    dropping frames). SRR services the priority queue for its configured weight as specified by -id bandwidth weight Step 3 Step 4 Step 5 end show mls qos weight to 0, for example, mls qos srr-queue input priority-queue queue-id bandwidth 0. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 562
    enabled or the egress queues are serviced based on their SRR weights: • If the egress expedite queue is enabled, it overrides the SRR shaped and shared weights for queue 1. • If the maximum-threshold global configuration command. 28-62 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 563
    id buffers allocation1 ... allocation4 global configuration command. The queues use WTD to support distinct drop percentages for different traffic classes. Note The egress queue default settings with the highest-priority traffic. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-63
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 564
    end enter the specific queue in the Switch(config)# mls qos queue-set output 2 buffers 40 20 20 20 Switch(config)# mls qos queue-set output 2 threshold 2 40 60 100 200 Switch(config)# interface gigabitethernet0/1 Switch(config-if)# queue-set 2 28-64 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 565
    by placing packets with particular DSCPs or costs of service into certain queues and adjusting the queue thresholds so cos-map queue queue-id threshold threshold-id cos1...cos8 end show mls qos maps copy running-config startup-config Purpose Catalyst 2960 Switch Software Configuration Guide 28-65
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 566
    weight3 weight4 Step 4 Step 5 Step 6 end show mls qos interface interface-id queueing copy weight for queue 1 is 1/8, which is 12.5 percent: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# srr-queue bandwidth shape 8 0 0 0 28-66 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 567
    4 Step 5 Step 6 end show mls qos interface interface This example shows how to configure the weight ratio of the SRR scheduler running on Switch(config)# interface gigabitethernet0/1 Switch(config-if)# srr-queue bandwidth share 1 2 3 4 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 568
    Cisco IOS Release 12.1(19)EA1, Yyou can ensure that certain packets have priority over all others by queuing them in the egress expedite queue. SRR services this queue until it is empty before servicing configuration mode. 28-68 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 569
    Information Step 3 Step 4 Step 5 Step 6 Command srr-queue bandwidth limit weight1 end show mls qos interface [interface-id] queueing copy running-config startup-config Purpose Specify Display QoS settings for the egress queues. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 28-69
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 570
    EXEC command to display classification information for incoming traffic. The control-plane and interface keywords are not supported, and the statistics shown in the display should be ignored. Display the DSCP transparency setting. 28-70 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 571
    Version 6 (IPv6) is the network-layer Internet Protocol intended to replace Version 4 (IPv4) in the TCP/IP suite of protocols. This chapter describes how to configure IPv6host functions on the Catalyst 2960 switch. For information about configuring IPv6 Multicast Listener Discovery (MLD) snooping
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 572
    , go to the "Implementing Addressing and Basic Connectivity" section of "The Cisco IOS IPv6 Configuration Library" at this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00807fcf4b. html 29-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 573
    /products_feature_guide09186a00807fcf4b. html Each IPv6 host interface can support up to three addresses in hardware (one aggregatable global unicast address, one link-local unicast address, and zero or more privacy addresses). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 29-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 574
    autoconfiguration using Dynamic Host Configuration Protocol (DHCP) v6. The switch supports stateless autoconfiguration to manage link, subnet, and site addressing changes, such as management of host and mobile IP addresses. 29-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 575
    and automatically generate global IPv6 addresses without the need for manual configuration or the help of a server, such as a both IPv4 and IPv6 protocol stacks. The Cisco IOS software supports the dual IPv4 and IPv6 protocol stack technique Catalyst 2960 Switch Software Configuration Guide 29-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 576
    supported. • In dual IPv4 and IPv6 environments, the switch applies IPv4 QoS and ACLs in hardware. Note If you do not plan to use IPv6, do not use the dual stack template because this template results in less TCAM capacity for each resource. 29-6 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 577
    These SDM templates support IPv4 and IPv6 environments: Note This release does not support IPv6 multicast routing or QoS. This release does support IPv6 Multicast Listener Discovery • Configuring Static Routes for IPv6, page 29-9 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 29-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 578
    terminal ipv6 icmp error-interval interval [bucketsize] Step 3 Step 4 Step 5 end show ipv6 interface [interface-id] copy running-config startup-config Purpose Enter global (Optional) Save your entries in the configuration file. 29-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 579
    static routes are not automatically updated, as with a dynamic routing protocol, and must be manually reconfigured if the network topology changes. Static routes are useful for smaller networks with only route is used in its place. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 29-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 580
    the next hop (the link-local next hop must also be an adjacent router). Step 3 end • administrative distance-(Optional) An administrative distance. The range is 1 to 254; the default value . Return to privileged EXEC mode. 29-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 581
    for IPv6" chapter in the Cisco IOS IPv6 Configuration Library at this URL: http://www.cisco.com/en/US/products/sw/iosswrel switch. Display the IPv6 route table entries. Display IPv6 static routes. Display IPv6 traffic statistics. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 29
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 582
    output from the show ipv6 route privileged EXEC command: Switch# show ipv6 route IPv6 Routing Table - Default - 1 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route L FF00::/8 [0/0] via Null0, receive 29-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 583
    is an example of the output from the show ipv6 traffic privileged EXEC command. Switch# show ipv6 traffic IPv6 statistics: Rcvd: 1 total, 1 local destination 0 : Rcvd: 0 input, 0 checksum errors Sent: 0 output, 0 retransmitted OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 29-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 584
    Displaying IPv6 Chapter 29 Configuring IPv6 Host Functions 29-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 585
    chapter, see the command reference for this release or the Cisco IOS documentation referenced in the procedures. This chapter includes these sections: in a VLAN. This list is constructed by snooping IPv6 multicast control packets. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 30-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 586
    Messages MLDv1 supports three types of messages: • Listener Queries are the equivalent of IGMPv2 queries and are either General Queries or Multicast-Address-Specific Queries (MASQs addresses are ignored by MLD routers and switches. 30-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 587
    order for the Catalyst 2960 switch to receive queries on the VLAN. For normal-range VLANs (1 to 1005), it is not necessary to enable IPv6 MLD snooping on the VLAN on the Catalyst 6500 switch. When a group exists in the MLD snooping database, the switch responds to a group-specific query by sending
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 588
    are flooded to the ingress VLAN. The switch also supports MLDv1 proxy reporting. When an MLDv1 MASQ is received, the switch responds with MLDv1 reports the switch sends the address leave information to all detected multicast routers. 30-4 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 589
    The VLAN value overrides the global setting. When the VLAN value is 0, the VLAN uses the global count. Global: 2; Per VLAN: 0. Note The VLAN value overrides the global setting. When the VLAN value is 0, the VLAN uses the global count. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 590
    enable MLD snooping on the switch: Step 1 Step 2 Step 3 Command configure terminal ipv6 mld snooping end Purpose Enter global configuration mode. Globally enable MLD snooping on the switch. Return to privileged EXEC mode. 30-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 591
    the Catalyst 2960 switch to receive queries on the VLAN. For normal-range VLANs (1 to 1005), it is not necessary to enable IPv6 MLD snooping on the VLAN on the Catalyst 6500 switch. Step 1 Step 2 Step 3 Command configure terminal ipv6 mld snooping ipv6 mld snooping vlan vlan-id Step 4 end Step
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 592
    router port (add a static connection to a multicast router), use the ipv6 mld snooping vlan mrouter global configuration command on the switch. Note Static connections to multicast routers are supported only on switch ports. 30-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 593
    vlan vlan-id immediate-leave global configuration command. This example shows how to enable MLD Immediate Leave on VLAN 130: Switch# configure terminal Switch(config)# ipv6 mld snooping vlan 130 immediate-leave Switch(config)# exit OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 594
    mld snooping tcn flood query count count end show ipv6 mld snooping querier [vlan vlan-id] copy running-config startup-config Purpose for the switch or for the VLAN. (Optional) Save your entries in the configuration file. 30-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 595
    message-suppression end show VLAN interfaces. You can also display MAC address multicast entries for a VLAN configured for MLD snooping. To display MLD snooping information, use one or more of the privileged EXEC commands in Table 30-2. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 596
    MLD snooping user-configured group information for the switch or for a VLAN. show ipv6 mld snooping multicast-address vlan Display MLD snooping for the specified VLAN and IPv6 multicast vlan-id [ipv6-multicast-address] address. 30-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 597
    Aggregation Protocol, page 31-4 • Link Aggregation Control Protocol, page 31-5 • EtherChannel On Mode, page 31-6 • Load Balancing and Forwarding Methods, page 31-6 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 598
    , no negotiations take place. The switch forces all compatible ports to become active in the EtherChannel. The other end of the channel (on the other switch) must also be configured in the on mode; otherwise, packet loss can occur. 31-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 599
    -2. • Use the interface port-channel port-channel-number global configuration command to manually create the port-channel logical interface. Then use the channel-group channel-group- to configure a Layer 2 EtherChannel as a trunk. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 600
    physical port connected to a silent partner prevents that switch port from ever becoming operational. However, the silent setting allows PAgP to operate, to attach the port to a channel group, and to use the port for transmission. 31-4 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 601
    units (PDUs) on the lowest numbered VLAN. In Layer 2 EtherChannels, the first enables Cisco switches to manage Ethernet channels between switches Ethernet ports. By using LACP, the switch learns the identity of partners capable of supporting Catalyst 2960 Switch Software Configuration Guide 31-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 602
    forwarding is better suited on a particular switch. With source-and-destination MAC-address forwarding, packets sent from host A to host B, host A to host C, and host C to host B could all use different ports in the channel. 31-6 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 603
    it is not clear whether source-IP or destination-IP address-based forwarding is better suited on a particular switch. In this method, packets sent from the IP address A to IP address B, from IP address A in better load balancing. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 604
    31-3 Load Distribution and Forwarding Methods Switch with source-based forwarding enabled EtherChannel Cisco router with destination-based forwarding enabled 101239 port affect only the port where you apply the configuration. 31-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 605
    in the group: - Allowed-VLAN list - Spanning-tree path cost for each VLAN - Spanning-tree port priority for each VLAN - Spanning-tree Port Fast setting • Do not configure a port to be a member of more than one EtherChannel group. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 606
    supports the same allowed range of VLANs on all the ports in a trunking Layer 2 EtherChannel. If the allowed range of VLANs is Ethernet ports of the same type. Up to eight ports can be active, and up to eight ports can be in standby mode. 31-10 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 607
    | trunk} switchport access vlan vlan-id Assign all ports as static-access ports in the same VLAN, or configure them as trunks switch and its partner, see the "PAgP Modes" section on page 31-4 and the "LACP Modes" section on page 31-5. end Catalyst 2960 Switch Software Configuration Guide 31-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 608
    source-MAC address of the incoming packet. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. 31-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 609
    at both ends of the manually support address learning by physical ports. When the link partner of the Catalyst 2960 switch is a physical learner (such as a Catalyst 1900 series switch), we recommend that you configure the Catalyst 2960 switch Catalyst 2960 Switch Software Configuration Guide 31-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 610
    Balancing" section on page 31-12. The learning method must be configured the same at both ends of the link. Assign a priority so that the selected port is chosen for packet transmission. For all compatible ports from aggregating. 31-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 611
    1 Step 2 Command configure terminal lacp system-priority priority Step 3 Step 4 Step 5 end show running-config or show lacp sys-id copy running-config startup-config Purpose Enter global (denoted with an H port-state flag). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 612
    port-priority priority Step 4 Step 5 Step 6 end show running-config or show lacp [channel-group-number [channel-group-number] {counters | internal | neighbor} Description Displays EtherChannel information in a brief, detailed, and one Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 613
    4. Port 3 and port 4 are the downstream interfaces in link-state group 2. - Port 5 and port 6 are connected to distribution switch 2 through link-state group 2. Port 5 and port 6 are the upstream interfaces in link-state group 2. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 614
    server interface. As an example of a connectivity change from link-state group 1 to link-state group 2 on switch A, see Figure 31-4 on page 31-19. If the upstream link for port 6 is lost, the link , disable the link-state group. 31-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 615
    Typical Link-State Tracking Configuration Network Configuring Link-State Tracking Distribution switch 1 Link-state group 1 Port 5 Switch A Link-state group 1 Port Port 67 Port 8 Port Status, page 31-21 Server 4 141680 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 616
    configuration problems: • Switch(config-if)# interface gigabitethernet0/3 Switch(config-if)# link state group 1 downstream Switch(config-if)# interface gigabitethernet0/5 Switch(config-if)# link state group 1 downstream Switch(config-if)# end 31-20 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 617
    display information about all link-state groups. Enter the group number to display information specific to the group. Enter the detail keyword to display detailed information about the group. command reference for this release. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 31-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 618
    Configuring Link-State Tracking Chapter 31 Configuring EtherChannels and Link-State Tracking 31-22 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 619
    problems related to the Cisco IOS software on the Catalyst 2960 switch. Depending on the nature of the problem, you can use the command-line interface (CLI), the device manager, or Network Assistant to identify and solve problems. Additional troubleshooting information, such as LED descriptions
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 620
    system. The following commands will initialize the flash file system, and finish loading the operating system software# flash_init load_helper boot Initialize the flash file system: switch: flash_init 32-2 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 621
    switch. Reconnect the power cord to the switch and, within 15 seconds, press the Mode button while the System LED is still flashing green. Continue pressing the Mode button until the System LED turns briefly amber and then solid green; then release the Mode button. OL-8603-04 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 622
    30:48 c2960-lanbase-mz.122-25.FX Mar 01 1993 22:31:59 config.text Mar 01 1993 02:21:30 vlan.dat 16128000 bytes total (10003456 bytes free) Rename the configuration file to config.text.old. This file contains the password definition. 32-4 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 623
    Chapter 32 Troubleshooting Recovering from a Lost or Forgotten Password switch: rename flash:config.text flash:config.text.old Step 6 Boot up the system: switch: boot You to privileged EXEC mode: Switch (config)# exit Switch# OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 32-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 624
    that you contact your system administrator to verify if there are backup switch and VLAN configuration files. • If you enter n (no), the normal boot files: Switch: load_helper Display the contents of flash memory: switch: dir flash: 32-6 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 625
    a redundant command switch group by using the Hot Standby Router Protocol (HSRP). For more information, see Chapter 5, "Clustering Switches." Also see the Getting Started with Cisco Network Assistant, available on Cisco.com. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 32-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 626
    # configure terminal Enter configuration commands, one per line. End with CNTL/Z. Remove the member switch from the cluster. Switch(config)# no cluster commander-address Return to privileged EXEC mode. Switch(config)# end Switch# 32-8 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 627
    , enter N, press Return, and begin again at Step 9. Start your browser, and enter the IP address of the new command switch. From the Cluster menu, select Add to Cluster to display a list of candidate switches to add to the cluster. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 32-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 628
    leading spaces. When prompted for the enable secret and enable passwords, enter the passwords of the failed command switch again. When prompted, make sure to enable the switch as the cluster command switch, and press Return. 32-10 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 629
    on both ends of the connection. Note If a remote device does not autonegotiate, configure the duplex settings on the two ports to match. The speed parameter can adjust itself even if the connected port does not autonegotiate. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 32-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 630
    an SFP module. For more information, see the show interfaces transceiver command in the command reference for this release. Using Ping These sections contain this information: • Understanding Ping, page 32-13 • Executing Ping, page 32-13 32-12 Catalyst 2960 Switch Software Configuration Guide OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 631
    I Description Each exclamation point means receipt of a reply. Each period means the network server timed out while waiting for a reply. A destination unreachable error PDU was received. A congestion experienced packet was received. User interrupted test. OL-8603-04 Catalyst 2960 Switch Software
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 632
    enter the traceroute mac or the traceroute mac ip privileged EXEC command on a switch that is not in the physical path from the source device to the destination device. All switches in the path must be reachable from this switch. 32-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 633
    2 path is not identified, and an error message appears. • This feature is not supported in Token Ring VLANs. Displaying the Physical Path You can display physical path that a packet takes from a source the way to the destination. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 32-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 634
    4 msec 0 msec 5 171.9.121.34 0 msec 4 msec 4 msec 6 171.9.15.9 120 msec 132 msec 128 msec 7 171.9.15.10 132 msec 128 msec 128 msec Switch# 32-16 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 635
    to the initial signal. TDR is supported only on 10/100 and 10/100/1000 copper Ethernet ports. It is not supported on SFP module ports. TDR can detect these cabling problems: • Open, broken, or cut length at which the wire is open. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 32-17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 636
    to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support Switched Port Analyzer (SPAN): Switch# debug span-session The switch continues to generate output until you enter the no form of the command. 32-18 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 637
    Troubleshooting Using Debug Commands If you enable a debug command and no output appears, consider these possibilities: • The switch switch performance or even render it unusable. In virtually all cases, it is best to use more specific debug Catalyst 2960 Switch Software Configuration Guide 32-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 638
    support personnel, who have access to detailed information about the switch application-specific integrated circuits (ASICs). However, packet forwarding information can also be helpful in troubleshooting -Hit A-Data 01FFE 03000000 32-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 639
    03000000 Port Gi0/2 Vlan SrcMac DstMac Cos Dscpv 0005 0001.0001.0001 0009.43A8.0145 Using the crashinfo Files The crashinfo files save information that helps Cisco technical support representatives to debug problems that caused the Cisco IOS image to fail (crash). The switch writes the crash
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 640
    of the switch failure. You provide this information to the Cisco technical support representative by manually accessing the switch to not create the extended creashinfo file by using the no exception crashinfo global configuration command. 32-22 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 641
    -ERR-DISABLE-MIB • CISCO-FLASH-MIB (Flash memory on all switches is modeled as removable flash memory.) • CISCO-FTP-CLIENT-MIB • CISCO-IGMP-FILTER-MIB • CISCO-IMAGE-MIB • CISCO IP-STAT-MIB • CISCO-LAG-MIB • CISCO-MAC-NOTIFICATION-MIB OL-8603-04 Catalyst 2960 Switch Software Configuration Guide A-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 642
    • OLD-CISCO-TS-MIB • RFC1213-MIB (Functionality is as per the agent capabilities specified in the CISCO-RFC1213-CAPABILITY.my.) • RMON-MIB • RMON2-MIB • SNMP-FRAMEWORK-MIB • SNMP-MPD-MIB • SNMP-NOTIFICATION-MIB • SNMP-TARGET-MIB • SNMPv2-MIB Catalyst 2960 Switch Software Configuration Guide A-2 OL
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 643
    supported MIBs for the Catalyst 2960 switch: ftp://ftp.cisco.com/pub/mibs/supportlists/cat2960/cat2960-supportlist.htmlYou can access other information about MIBs and Cisco products on the Cisco web site: http://www.cisco MIB file. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide A-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 644
    Using FTP to Access the MIB Files Appendix A Supported MIBs Catalyst 2960 Switch Software Configuration Guide A-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 645
    X Working with the Cisco IOS File System, Configuration Files, and Software Images This appendix describes how to manipulate the Catalyst 2960 switch flash file system, how to copy configuration files, and how to archive (upload and download) software images to a standalone switch. Note For complete
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 646
    Cisco IOS File System, Configuration Files, and Software Images Displaying Available File Systems To display the available file systems on your switch Flags Prefixes show file systems Field Descriptions Value Amount of memory in the Catalyst 2960 Switch Software Configuration Guide B-2 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 647
    B Working with the Cisco IOS File System, Configuration Files Description Display a list of files on a file system. Display more information about each of the files on a file system. Display information about a specific directory. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 648
    Working with the Flash File System Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Creating and • TFTP-tftp:[[//location]/directory]/filename Local writable file systems include flash:. Catalyst 2960 Switch Software Configuration Guide B-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 649
    with the Cisco IOS File System, Configuration Files, and Software Images Working with the Flash File System Some invalid combinations of source and destination exist. Specifically, you download and upload software image files. . OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 650
    Cisco IOS These options are supported: • For switch tar file that is in flash memory: Switch# archive tar /table flash:c2960-lanbase-mz.122-25.FX.tar info (219 bytes) c2960-lanbase-mz.122-25.FX/ (directory) c2960-lanbase-mz.122-25.FX/html/ (directory) Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 651
    file on a TFTP server: Switch# more tftp://serverA/hampton/savedconfig ! ! Saved configuration on server ! version 11.3 service timestamps log datetime localtime service linenumber service udp-small-servers service pt-vty-logging OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 652
    the function of the Cisco IOS software. A way to page B-19 • Replacing and Rolling Back Configurations switches. For example, you might want to download the same configuration file to several switches that have the same hardware configuration. Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 653
    to the appropriate server location. For example, copy the file to the TFTP directory on the workstation (usually /tftpboot on a UNIX workstation). OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-9
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 654
    Cisco IOS File System, Configuration Files, and Software Images Step 5 Make sure the permissions on the file are set to world-read. Copying Configuration Files By Using TFTP You can configure the switch and /etc/services files. To Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 655
    shows how to upload a configuration file from a switch to a TFTP server: Switch# copy system:running-config tftp://172.16.2.155/tokyo-confg Write file tokyo-confg on host 172.16.2.155? [confirm] y # Writing tokyo-confg!!! [OK] OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 656
    FTP request to a server. When you copy a configuration file from the switch to a server by using FTP, the Cisco IOS software sends the first valid username in this list: • The username specified . The new username is stored in B-12 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 657
    on the remote server with an IP address of 172.16.101.101 to the switch startup configuration. Switch# configure terminal Switch(config)# ip ftp username netadmin1 Switch(config)# ip ftp password mypass Switch(config)# end OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 658
    by using FTP to copy the file: Switch# configure terminal Switch(config)# ip ftp username netadmin2 Switch(config)# ip ftp password mypass Switch(config)# end Switch# copy nvram:startup-config ftp: Remote host[]? 172.16.101.101 B-14 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 659
    server from or to which you will be copying files must support RCP. The RCP copy commands rely on the rsh server . When you copy a configuration file from the switch to a server, the Cisco IOS software sends the first valid username in this list Catalyst 2960 Switch Software Configuration Guide B-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 660
    on the switch: Switch# copy rcp://[email protected]/host1-confg system:running-config Configure using host1-confg from 172.16.101.101? [confirm] Connected to 172.16.101.101 Loading 1112 byte file host1-confg:![OK] Switch# B-16 Catalyst 2960 Switch Software Configuration Guide OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 661
    with the Cisco IOS File switch-confg on host 172.16.101.101?[confirm] Building configuration...[OK] Connected to 172.16.101.101 Switch# This example shows how to store a startup configuration file on a server: Switch# configure terminal OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 662
    remote-username netadmin2 Switch(config)# end Switch# copy nvram:startup-config rcp: Remote host[]? 172.16.101.101 Name of configuration file to write [switch2-confg]? Write file switch2-confg on host 172.16.101.101?[confirm] ![OK] B-18 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 663
    and Rollback To use the configuration replacement and rollback feature, you should understand these concepts: • Archiving a Configuration, page B-20 • Replacing a Configuration, page B-20 • Rolling Back a Configuration, page B-20 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 664
    the changes by using the configure replace target-url command. You can specify any saved configuration file as the rollback configuration. You are not limited to a fixed number of rollbacks, as is the case in some rollback models. B-20 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 665
    comply with the format of files generated by Cisco IOS devices. Configuring the Configuration Archive Using the configure replace command with the configuration archive and with the for the files in the configuration archive. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 666
    with the Cisco IOS File System, Configuration Files, and Software Images Command Step 5 time-period minutes Step 6 Step 7 Step 8 end show running- changing the running configuration during a configuration replacement operation. B-22 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 667
    on the Switch, page B-24 • tar File Format of Images on a Server or Cisco.com, page B-24 • Copying Image Files By Using TFTP, page B-25 • Copying Image Files By Using FTP, page B-28 • Copying Image Files By Using RCP, page B-33 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 668
    image_feature: LAYER_2|MIN_DRAM_MEG=64 image_family:C2960 stacking_number:1.11 board_ids:0x00000034 0x00000042 0x00000037 0x00000041 0x0000003c info_end: Note Disregard the stacking_number field. It does not apply to the switch. B-24 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 669
    image with the new one or keep the current image after a download. You upload a switch image file to a server for backup purposes; this uploaded image can be used for future downloads to the same or another switch of the same type. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-25
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 670
    Working with the Cisco IOS File System, the inetd daemon after modifying the /etc/inetd.conf and /etc/services files. To restart the daemon, either stop the inetd process and replace the current image or keep the current image. B-26 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 671
    Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images Beginning in privileged EXEC mode, follow , the download process stops, and an error message is displayed. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-27
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 672
    order: info, the Cisco IOS image, and the switch to an FTP server. You download a switch image file from a server to upgrade the switch software. You can overwrite the current image with the new one or keep the current image after a download. B-28 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 673
    the switch has a route to the FTP server. The switch and the FTP server must be in the same subnetwork if you do not have a router to route traffic between subnets. Check connectivity to the FTP server by using the ping command. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-29
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 674
    the Cisco IOS File System, Configuration Files, and Software Images • If you are accessing the switch through Step 6 ip ftp username username ip ftp password password end Purpose Verify that the FTP server is properly configured by Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 675
    enough space to install the new image and keep the running image, the download process stops, and an error message is displayed. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide B-31
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 676
    Software Images Appendix B Working with the Cisco IOS File System, Configuration Files, and ftp password password (Optional) Change the default password. end Return to privileged EXEC mode. archive upload-sw ftp:[[//[ server. B-32 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 677
    the server by uploading these files in order: info, the Cisco IOS image, and the web management files. After these files the server from or to which you will be copying files must support RCP. The RCP copy commands rely on the rsh server (or Catalyst 2960 Switch Software Configuration Guide B-33
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 678
    an image to the RCP to the server, it must be properly configured to accept the RCP write request from the user on the switch. For UNIX systems, you must add an entry to the .rhosts file for the remote user on the RCP server. B-34 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 679
    Cisco IOS File System, Configuration Files, and Software Images Working with Software Images For example, suppose the switch contains these configuration lines: hostname Switch1 ip rcmd remote-username User0 If the switch and replace or end Catalyst 2960 Switch Software Configuration Guide B-35
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 680
    files in the directory and the directory are removed. Caution For the download and upload algorithms to operate properly, do not rename image names. B-36 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 681
    username end Cisco IOS image, and the web management files. After these files are uploaded, the upload algorithm creates the tar file format. Caution For the download and upload algorithms to operate properly, do not rename image names. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 682
    Working with Software Images Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images B-38 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 683
    : • The Catalyst 2950 switch runs Cisco IOS 12.1EA software, and the Catalyst 2960 switch runs Cisco IOS 12.2SE software. • The switch families have different hardware. If you use a Catalyst 2950 switch command, it might not be supported on the Catalyst 2960 switch. The Catalyst 2960 switch software
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 684
    intentionally removed and are not supported in Cisco IOS 12.2SE. The Catalyst 2960 switch rejects these commands, and this message appears: Switch(config)# aaa processes 10 ^ %Invalid input detected at '^' marker. The Catalyst 2950 switch supports only one management VLAN. You can use this global
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 685
    2950 Switch to a Catalyst 2960 Switch Configuration Compatibility Issues Table C-1 Catalyst 2950 and 2960 Switch Configuration Incompatibilities (continued) Feature Catalyst 2950 Switch Command and Explanation Result on the Catalyst 2960 Switch IEEE 802.1x In Cisco IOS 12.1EA, the Catalyst
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 686
    Result on the Catalyst 2960 Switch There is limited QoS configuration compatibility between the Catalyst 2950 switch and the Catalyst 2960 switch. We recommend that you enable automatic QoS (auto-QoS) on the Catalyst 2950 switch by using the auto qos voip {cisco-phone | cisco-softphone | trust
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 687
    ACLs for IP packets on the Catalyst 2950 switch, but on the Catalyst 2960 switch: - You cannot apply MAC ACLs to IP packets. - You cannot apply any ACLs for IPv6 frames. - With MAC ACLs, an Ethertype of Appletalk is not supported. OL-8603-04 Catalyst 2960 Switch Software Configuration Guide C-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 688
    extra port, called the reflector port, for its RSPAN implementation. This is not necessary in the Catalyst 2960 switch RSPAN implementation. The Catalyst 2960 switch also supports VLANs as SPAN sources and can forward received packets on SPAN destination ports. • Multicast The multicast forwarding
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 689
    in Cisco IOS Release 12.2(40)SE This appendix lists some of the command-line interface (CLI) commands that appear when you enter the question mark (?) at the Catalyst 2960 switch prompt but are not supported in this release, either because they are not tested or because of Catalyst 2960 switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 690
    D Unsupported Commands in Cisco IOS Release 12.2(40)SE expression] ] | repository [url location] Parameters are not supported for this command: event manager run [policy name] |< -redirection main debug platform configuration Catalyst 2960 Switch Software Configuration Guide D-2 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 691
    Cisco IOS Release 12.2(40)SE |IGMP Snooping Commands |IGMP Snooping Commands Unsupported Global Configuration Commands ip igmp snooping tcn Interface Commands Unsupported Privileged EXEC Commands show interfaces [interface-id | vlan vlan -04 Catalyst 2960 Switch Software Configuration Guide D-3
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 692
    unicast flood l2protocol-tunnel global drop-threshold service compress-config stack-mac persistent timer Network Address Translation (NAT) Commands Unsupported Privileged EXEC Commands show ip nat statistics show ip nat translations Catalyst 2960 Switch Software Configuration Guide D-4 OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 693
    Appendix D Unsupported Commands in Cisco IOS Release 12.2(40)SE QoS QoS Unsupported Global Configuration Command priority-list Unsupported Interface Global Configuration Commands snmp-server enable informs snmp-server ifindex persist OL-8603-04 Catalyst 2960 Switch Software Configuration Guide D-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 694
    show running-config vlan show vlan ifindex show vlan private-vlan VTP Unsupported Privileged EXEC Commands vtp {password password | pruning | version number} Note This command has been replaced by the vtp global configuration command. Catalyst 2960 Switch Software Configuration Guide D-6 OL-8603
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 695
    map 28-32 QoS 28-7, 28-41 standard IP, configuring for QoS classification 28-41 support for 1-8 OL-8603-04 active traffic monitoring, IP SLAs 27-1 address aliasing 18-2 addresses policers 28-49 aggregate policing 1-9 aging, accelerating 15-8 Catalyst 2960 Switch Software Configuration Guide IN-1
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 696
    with IEEE 802.1x 9-7 autoconfiguration 3-3 IN-2 Catalyst 2960 Switch Software Configuration Guide automatic discovery considerations beyond a noncandidate device 5-7 brand new switches 5-8 connectivity 5-4 different VLANs 5-6 management VLANs 5-7 non-CDP-capable devices 5-6 noncluster-capable
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 697
    manually 3-13 specific support for 1-4 transmission timer and holdtime, setting 20-2 updates 20-2 CGMP as IGMP snooping learning method 18-8 joining multicast group 18-3 CipherSuites 8-39 Cisco 7960 IP Phone 14-1 Cisco Discovery Protocol See CDP Cisco IOS File System See IFS Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 698
    Index Cisco IOS IP Service Level Agreements (SLAs) responder 1-3 Cisco IOS IP SLAs 27-1 Cisco Network Assistant See Network VTP 13-3 IN-4 Catalyst 2960 Switch Software Configuration Guide clock See system clock cluster requirements xxxi clusters, switch accessing 5-12 automatic discovery
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 699
    B-10, B-13, B-16 reasons for B-8 using FTP B-13 using RCP B-17 using TFTP B-11 guidelines for creating and using B-9 guidelines for replacing and rolling back B-21 invalid combinations when copying B-5 limiting TFTP server access 26-16 Catalyst 2960 Switch Software Configuration Guide IN-5
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 700
    replacement B-19 configuration rollback B-19, B-20 configuration settings, saving 3-10 configure terminal command 10-5 config-vlan mode 2-2, 12-6 conflicts, configuration 32-11 connections, secure remote 8-33 connectivity problems 18 IN-6 Catalyst 2960 Switch Software Configuration Guide CoS-to-
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 701
    -based autoconfiguration 3-6 default configuration 6-16 displaying the configuration 6-17 in IPv6 29-4 overview 6-15 setting up 6-16 support for 1-4 documentation, related xxx document conventions xxx domain names DNS 6-15 VTP 13-8 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide IN-7
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 702
    supporting 29-6 dual-purpose uplinks defined 10-4 LEDs 10-4 link selection 10-4 setting the type 10-10 IN-8 Catalyst 2960 Switch Software Configuration Guide See DHCP-based autoconfiguration dynamic port VLAN membership described 12-24 reconfirming 12-27 troubleshooting 12-29 types of connections
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 703
    groups 10-3 support for 1-3 EtherChannel guard described 17-7 disabling 17-14 enabling 17-14 OL-8603-04 Ethernet VLANs adding 12-8 description 32-21 location 32-21 copying B-5 crashinfo, description 32-21 deleting B-5 displaying the contents of B-8 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 704
    ) extended crashinfo description 32-22 location B-13 uploading B-14 IN-10 Catalyst 2960 Switch Software Configuration Guide FTP (continued) image files deleting global leave, IGMP 18-12 guest VLAN and 802.1x 9-11 guide audience xxix purpose of xxix guide mode 1-2 GUIs See device manager and
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 705
    12-15 encapsulation 12-14 native VLAN for untagged traffic 12-19 IEEE support for 1-3 IGMP groups configuring filtering 18-27 setting the maximum number 18-26 IGMP Immediate Leave configuration guidelines 18-11 described 18-5 enabling 18-10 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 706
    14 supported versions 18-2 support for 1-3 VLAN Catalyst 2960 Switch Software Configuration Guide interfaces auto-MDIX, configuring 10-15 configuration guidelines duplex and speed 10-12 configuring procedure 10-5 counters, clearing 10-19 default configuration 10-9 described 10-16 descriptive
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 707
    2 traceroute and ARP 32-15 and CDP 32-14 broadcast traffic 32-14 described 32-14 IP addresses and subnets 32-15 MAC addresses and VLANs 32-15 multicast traffic 32-15 Catalyst 2960 Switch Software Configuration Guide IN-13
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 708
    maintaining 21-7 IN-14 Catalyst 2960 Switch Software Configuration Guide LLDP-MED (continued) overview 21-1, 21-2 supported TLVs 21-2 LLDP Media Long-Reach Ethernet (LRE) technology 1-14 loop guard described 17-9 enabling 17-15 support for 1-6 LRE profiles, considerations in switch clusters 5-14
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 709
    Index MAC address notification, support for 1-10 MAC address-to-VLAN mapping 12-24 MAC extended access lists configuring for QoS 28-43 for QoS classification 28-5 16, 30-12 MVR 18-23 network traffic for analysis with probe 23-2 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide IN-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 710
    19-18 SFP status 10-18, 32-12 speed and duplex mode 10-13 traffic flowing among switches 24-1 traffic suppression 19-17 VLANs 12-13 VMPS priority 16-19 root switch 16-17 secondary root switch 16-18 switch priority 16-21 IN-16 Catalyst 2960 Switch Software Configuration Guide MSTP (continued)
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 711
    18-20 support for 1-3 VLAN configuring 12-19 default 12-19 neighbor discovery, IPv6 29-4 Network Admission Control See NAC Network Admission Control Software Configuration Guide 9-39, 9-40 Network Assistant benefits 1-1 described 1-3 downloading image files 1-2 guide mode 1-2 Catalyst 2960 Switch
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 712
    28-9 nontrunking mode 12-15 normal-range VLANs 12-4 configuration guidelines 12-5 configuration modes 12-6 configuring 12-4 defined 12-1 note, described xxx NSM 4-3 IN-18 Catalyst 2960 Switch Software Configuration Guide NTP associations authenticating 6-4 defined 6-2 enabling broadcast messages
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 713
    number 9-28 switch-to-client retransmission time 9-27 default configuration 9-19 described 9-1 device roles 9-2 displaying statistics 9-41 EAPOL-start frame 9-5 EAP-request/identity frame 9-5 EAP-response/identity frame 9-5 encapsulation 9-3 Catalyst 2960 Switch Software Configuration Guide IN-19
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 714
    tasks 9-10 described 9-9 IN-20 Catalyst 2960 Switch Software Configuration Guide port-based authentication (continued) voice VLAN described 9-14 PVID 9-14 VVID 9-14 wake-on-LAN, described 9-15 port blocking 1-3, 19-7 port-channel See EtherChannel port description TLV 21-2 Port Fast described 17
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 715
    12-19 for VTP pruning 13-4 VLANs 13-14 OL-8603-04 Index PVST+ described 15-9 IEEE 802.1Q trunking interoperability 15-10 instances supported 15-9 Q QoS and MQC commands 28 trusted CoS, described 28-5 trust IP precedence, described 28-5 Catalyst 2960 Switch Software Configuration Guide IN-21
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 716
    weights for SRR 28-67 described 28-4 displaying the threshold map 28-65 flowchart 28-16 mapping DSCP or CoS values 28-65 scheduling, described 28-4 setting WTD thresholds 28-62 WTD, described 28-18 enabling globally 28-33 IN-22 Catalyst 2960 Switch Software Configuration Guide shared weights for
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 717
    10-6 rapid convergence 16-10 rapid per-VLAN spanning-tree plus See rapid PVST+ rapid PVST+ described 15-9 IEEE 802.1Q trunking interoperability 15-10 instances supported 15-9 Rapid Spanning Tree Protocol See RSTP rcommand command 5-14 Catalyst 2960 Switch Software Configuration Guide IN-23
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 718
    22-6 IN-24 Catalyst 2960 Switch Software Configuration Guide responder, IP SLAs described 27-3 enabling 27-6 response time, measuring with IP SLAs 27-4 restricted VLAN configuring 9-31 described 9-12 using with IEEE 802.1x 9-12 restricting access NTP services 6-8 overview 8-1 passwords and
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 719
    creating 23-16 defined 23-3 limiting source traffic to specific VLANs 23-21 specifying monitored ports 23-16 with ingress replacing B-19, B-20 rolling back B-19, B-20 running configuration, saving 3-10 S SC (standby command switch) Catalyst 2960 Switch Software Configuration Guide IN-25
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 720
    See SNMP Smartports macros applying Cisco-default macros 11-6 applying global parameter values 11-5, 11-6 applying macros 11-5 applying parameter values 11-5, 11-7 configuration guidelines 11-2 IN-26 Catalyst 2960 Switch Software Configuration Guide Smartports macros (continued) creating 11
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 721
    source traffic to specific VLANs 23-14 removing destination weights on egress queues 28-66 shared weights on egress queues 28-67 shared weights on ingress queues 28-60 described 28-13 shaped mode 28-13 shared mode 28-13 support for 1-9 OL-8603-04 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 722
    static MAC addressing 1-7 IN-28 Catalyst 2960 Switch Software Configuration Guide static routes configuring for IPv6 29-9 static VLAN membership 12-2 statistics 802.1x 9-41 CDP 20-4 interface 10-18 LLDP 21-7 LLDP-MED 21-7 QoS ingress and egress 28-69 RMON group Ethernet 24-5 RMON group history 24
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 723
    17-8 protocols supported 15-9 redundant connectivity 15-8 root guard described 17-8 enabling 17-15 root port, defined 15-3 root switch configuring 15-14 effects of extended system ID 15-4, 15-14 election 15-3 unexpected behavior 15-14 Catalyst 2960 Switch Software Configuration Guide IN-29
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 724
    manually 6-11 summer time 6-13 time zones 6-12 displaying the time and date 6-12 overview 6-1 See also NTP IN-30 Catalyst 2960 Switch Software Configuration Guide system description -12 facilities supported 25-13 system name default configuration 6-15 default setting 6-15 manual configuration 6-15
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 725
    32-15 MAC addresses and VLANs 32-15 multicast traffic 32-15 multiple devices on a port 32-15 unicast traffic 32-14 usage guidelines 32-14 traceroute command 32-16 See also IP traceroute traffic blocking flooded 19-7 traffic policing 1-9 Catalyst 2960 Switch Software Configuration Guide IN-31
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 726
    -32 Catalyst 2960 Switch Software Configuration Guide trusted boundary for QoS 28-36 trusted port states between QoS domains 28-38 classification options 28-5 ensuring port security for IP phones 28-36 support for 1-9 within a QoS domain 28-34 trustpoints, CA 8-38 twisted-pair Ethernet, detecting
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 727
    17-13 support for vlan database command 12-6 VLAN filtering and SPAN 23-6 vlan global configuration command 12-6 VLAN ID, discovering 6-26 VLAN management domain 13-2 VLAN Management Policy Server See VMPS VLAN membership confirming 12-27 modes 12-3 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 728
    range 12-1, 12-4 number supported 1-7 parameters 12-4 port membership modes 12-3 static- description 12-23 dynamic port membership described 12-24 reconfirming 12-27 troubleshooting 12-29 entering server address 12-26 mapping MAC addresses to VLANs Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 729
    EXEC mode 13-7 requirements 13-9 saving 13-7 VLAN configuration mode 13-7 configuration mode options 13-7 weighted tail drop See WTD wizards 1-2 WTD described 28-12 setting thresholds egress queue-sets 28-62 ingress queues 28-58 support for 1-9 Catalyst 2960 Switch Software Configuration Guide
  • Cisco WS-C2960S-48LPD-L | Software Guide - Page 730
    Index X Xmodem protocol 32-2 IN-36 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • 398
  • 399
  • 400
  • 401
  • 402
  • 403
  • 404
  • 405
  • 406
  • 407
  • 408
  • 409
  • 410
  • 411
  • 412
  • 413
  • 414
  • 415
  • 416
  • 417
  • 418
  • 419
  • 420
  • 421
  • 422
  • 423
  • 424
  • 425
  • 426
  • 427
  • 428
  • 429
  • 430
  • 431
  • 432
  • 433
  • 434
  • 435
  • 436
  • 437
  • 438
  • 439
  • 440
  • 441
  • 442
  • 443
  • 444
  • 445
  • 446
  • 447
  • 448
  • 449
  • 450
  • 451
  • 452
  • 453
  • 454
  • 455
  • 456
  • 457
  • 458
  • 459
  • 460
  • 461
  • 462
  • 463
  • 464
  • 465
  • 466
  • 467
  • 468
  • 469
  • 470
  • 471
  • 472
  • 473
  • 474
  • 475
  • 476
  • 477
  • 478
  • 479
  • 480
  • 481
  • 482
  • 483
  • 484
  • 485
  • 486
  • 487
  • 488
  • 489
  • 490
  • 491
  • 492
  • 493
  • 494
  • 495
  • 496
  • 497
  • 498
  • 499
  • 500
  • 501
  • 502
  • 503
  • 504
  • 505
  • 506
  • 507
  • 508
  • 509
  • 510
  • 511
  • 512
  • 513
  • 514
  • 515
  • 516
  • 517
  • 518
  • 519
  • 520
  • 521
  • 522
  • 523
  • 524
  • 525
  • 526
  • 527
  • 528
  • 529
  • 530
  • 531
  • 532
  • 533
  • 534
  • 535
  • 536
  • 537
  • 538
  • 539
  • 540
  • 541
  • 542
  • 543
  • 544
  • 545
  • 546
  • 547
  • 548
  • 549
  • 550
  • 551
  • 552
  • 553
  • 554
  • 555
  • 556
  • 557
  • 558
  • 559
  • 560
  • 561
  • 562
  • 563
  • 564
  • 565
  • 566
  • 567
  • 568
  • 569
  • 570
  • 571
  • 572
  • 573
  • 574
  • 575
  • 576
  • 577
  • 578
  • 579
  • 580
  • 581
  • 582
  • 583
  • 584
  • 585
  • 586
  • 587
  • 588
  • 589
  • 590
  • 591
  • 592
  • 593
  • 594
  • 595
  • 596
  • 597
  • 598
  • 599
  • 600
  • 601
  • 602
  • 603
  • 604
  • 605
  • 606
  • 607
  • 608
  • 609
  • 610
  • 611
  • 612
  • 613
  • 614
  • 615
  • 616
  • 617
  • 618
  • 619
  • 620
  • 621
  • 622
  • 623
  • 624
  • 625
  • 626
  • 627
  • 628
  • 629
  • 630
  • 631
  • 632
  • 633
  • 634
  • 635
  • 636
  • 637
  • 638
  • 639
  • 640
  • 641
  • 642
  • 643
  • 644
  • 645
  • 646
  • 647
  • 648
  • 649
  • 650
  • 651
  • 652
  • 653
  • 654
  • 655
  • 656
  • 657
  • 658
  • 659
  • 660
  • 661
  • 662
  • 663
  • 664
  • 665
  • 666
  • 667
  • 668
  • 669
  • 670
  • 671
  • 672
  • 673
  • 674
  • 675
  • 676
  • 677
  • 678
  • 679
  • 680
  • 681
  • 682
  • 683
  • 684
  • 685
  • 686
  • 687
  • 688
  • 689
  • 690
  • 691
  • 692
  • 693
  • 694
  • 695
  • 696
  • 697
  • 698
  • 699
  • 700
  • 701
  • 702
  • 703
  • 704
  • 705
  • 706
  • 707
  • 708
  • 709
  • 710
  • 711
  • 712
  • 713
  • 714
  • 715
  • 716
  • 717
  • 718
  • 719
  • 720
  • 721
  • 722
  • 723
  • 724
  • 725
  • 726
  • 727
  • 728
  • 729
  • 730
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Catalyst 2960 Switch
Software Configuration Guide
Cisco IOS Release 12.2(40)SE
Revised September 2007
Text Part Number: OL-8603-04