HP Cisco Catalyst Blade Switch 3020 Cisco Catalyst Blade Switch 3020 for HP So
HP Cisco Catalyst Blade Switch 3020 Manual
View all HP Cisco Catalyst Blade Switch 3020 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP Cisco Catalyst Blade Switch 3020 manual content summary:
- HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 1
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide Cisco IOS Release 12.2(25)SEF June 2006 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Text Part Number: OL- - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 2
SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL as part of UCB and iQuick Study are service marks of Cisco Blade Switch 3020 for HP Software Configuration Guide Copyright © - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 3
Features 1-5 Security Features 1-5 QoS and CoS Features 1-7 Monitoring Features 1-8 Default Settings After Initial Switch Configuration 1-8 Design Concepts for Using the Switch 1-10 Where to Go Next 1-13 CONTENTS OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide iii - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 4
Running Configuration 3-10 Modifying the Startup Configuration 3-13 Default Boot Configuration 3-14 Automatically Downloading a Configuration File 3-14 Specifying the Filename to Read and Write the System Configuration 3-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide iv OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 5
R OL-8915-01 Booting Manually 3-15 Booting a Specific Software Image 3-16 Controlling Environment Variables 3-16 Scheduling a Reload of the Software Image 3-18 Configuring a Service 5-6 Configuring NTP Access Restrictions 5-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 6
NTP Packets 5-10 Displaying the NTP Configuration 5-11 Configuring Time and Date Manually 5-11 Setting the the MAC Address Table 5-19 Building the Address Table 5-20 MAC Addresses and VLANs 5-20 Default MAC Address Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide vi OL-8915- - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 7
6-34 Authenticating to a Boundary Switch 6-34 Obtaining a TGT from a KDC 6-35 Authenticating to Network Services 6-35 Configuring Kerberos 6-35 Configuring the Switch for Local Authentication and Authorization 6-36 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide vii - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 8
Supported Versions 6-38 Limitations 6-39 Configuring SSH 6-39 Configuration Guidelines 6-39 Setting Up the Switch 7-9 Using IEEE 802.1x Authentication with VLAN Assignment 7-10 Using IEEE 802.1x Authentication with Per-User ACLs 7- Blade Switch 3020 for HP Software Configuration Guide viii OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 9
with WoL 7-35 Configuring MAC Authentication Bypass 7-36 Configuring IEEE Switch Ports 8-2 Internal Gigabit Ethernet Ports 8-2 Access Ports 8-3 Trunk Ports 8-3 EtherChannel Port Groups 8-4 Dual-Purpose Uplink Ports 8-4 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 10
Macros 9-8 Configuring VLANs 10-1 Understanding VLANs 10-1 Supported VLANs 10-2 VLAN Port Membership Modes 10-3 Configuring Normal-Range VLANs 10-4 Token Ring VLANs 10-5 Normal-Range VLAN Configuration Guidelines 10-5 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide x OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 11
the IP Address of the VMPS 10-27 Configuring Dynamic-Access Ports on VMPS Clients 10-27 Reconfirming VLAN Memberships 10-28 Changing the Reconfirmation Interval 10-28 Changing the Retry Count 10-29 Monitoring the VMPS 10-29 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xi - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 12
Contents Troubleshooting Dynamic-Access Port VLAN Membership 10-30 VMPS Configuration Example 10-30 11 C H A P T E R Configuring VTP 11-1 Understanding VTP 11-1 The VTP Frames 12-6 Displaying Voice VLAN 12-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xii OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 13
13-9 Supported Spanning-Tree Instances 13-9 Spanning-Tree Interoperability and Backward Compatibility 13-10 STP and IEEE 802.1Q Trunks 13-10 Configuring Spanning-Tree Features 13-10 Default Status 13-22 Contents OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xiii - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 14
-8 Understanding RSTP 14-8 Port Roles and the Active Topology 14-9 Rapid Convergence 14-10 Synchronization of Port Roles 14-11 Bridge Protocol Data Unit Format and Processing 14-12 MST Configuration and Status 14-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xiv OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 15
-10 Enabling Port Fast 15-10 MAC Address-Table Move Update 16-5 Configuring Flex Links 16-5 Configuring the MAC Address-Table Move Update Feature 16-6 Monitoring Flex Links and the MAC Address-Table Move Update 16-8 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 16
DHCP Snooping and Option 82 17-8 Enabling the Cisco IOS DHCP Server Database 17-10 Displaying DHCP Snooping Information 17-10 18 C H A P T E R Configuring IGMP Snooping and MVR 18-1 Television Application 18-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xvi OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 17
19-10 Port Security Configuration Guidelines 19-10 Enabling and Configuring Port Security 19-11 Enabling and Configuring Port Security Aging 19-15 Displaying Port-Based Traffic Control Settings 19-16 Contents OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xvii - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 18
RSPAN Interaction with Other Features 22-8 Configuring SPAN and RSPAN 22-9 Default SPAN and RSPAN Configuration 22-9 Configuring Local SPAN 22-9 SPAN Configuration Guidelines 22-10 xviii Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 19
the History Table and to SNMP 24-9 Configuring UNIX Syslog Servers 24-10 Logging Messages to a UNIX Syslog Daemon 24-10 Configuring the UNIX System Logging Facility 24-11 Displaying the Logging Configuration 24-12 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xix - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 20
P T E R Configuring Network Security with ACLs 26-1 Understanding ACLs 26-1 Supported ACLs 26-2 Port ACLs 26-3 VLAN Maps 26-4 Handling Fragmented and Unfragmented Traffic and Software Treatment of IP ACLs 26-19 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xx OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 21
20 Commented IP ACL Entries 26-20 Creating Named MAC Extended ACLs 26-21 Applying a MAC ACL to a Layer 2 Interface 26-22 27-8 Policing on Physical Ports 27-9 Policing on SVIs 27-10 Mapping Tables 27-12 Queueing and Scheduling Overview 27-13 Blade Switch 3020 for HP Software Configuration Guide xxi - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 22
Space Between the Ingress Queues 27-67 Allocating Bandwidth Between the Ingress Queues 27-67 Configuring the Ingress Priority Queue 27-68 xxii Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 23
28-9 EtherChannel Configuration Guidelines 28-9 Configuring Layer 2 EtherChannels 28-10 Configuring EtherChannel Load Balancing 28-12 Configuring the PAgP Learn Method Layer 2 Trunk Failover Status 28-20 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xxiii - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 24
-16 Using the show platform forward Command 29-16 Using the crashinfo Files 29-18 Basic crashinfo Files 29-18 Extended crashinfo Files 29-18 Supported MIBs A-1 MIB List A-1 Using FTP to Access the MIB Files A-3 xxiv Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 25
on the Switch B-20 tar File Format of Images on a Server or Cisco.com B-20 Copying Image Files By Using TFTP B-21 Preparing to Download or Upload an Image File By Using TFTP B-21 Downloading an Image File By Using TFTP B-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xxv - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 26
Image Files By Using RCP B-28 Preparing to Download or Upload an Image File By Using RCP B-29 Downloading an Image File By Using RCP B-30 Uploading an Interface Configuration Commands C-2 MAC Address Commands C-2 xxvi Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 27
Command C-4 VLAN C-5 Unsupported Global Configuration Commands C-5 Unsupported vlan-config Command C-5 Unsupported User EXEC Commands C-5 VTP C-5 Unsupported Privileged EXEC Commands C-5 Contents OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xxvii - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 28
Contents xxviii Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 29
Cisco Catalyst Blade Switch 3020 for HP Command Reference for this release. For information about the standard Cisco IOS Release 12.2 commands, see the Cisco IOS documentation set available from the Cisco.com home page at Technical Support & Documentation > Cisco IOS Software. This guide does not - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 30
conventions to convey instructions and information: Command switch, see the Cisco Catalyst Blade Switch 3020 for HP documentation on Cisco.com. http://www.cisco.com/en/US Downloading Software" section in the release notes. xxviii Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 31
, you have access to the same HTML documentation that is found on the Cisco website without being connected to the Internet. Certain products also have .PDF versions of the documentation available. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xxix - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 32
Security Vulnerability Policy portal at this URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html From this site, you will find information about how : http://www.cisco.com/go/psirt Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xxx OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 33
. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide xxxi - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 34
Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID .com/techsupport/contacts xxxii Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 35
and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL: http://www.cisco.com/packet OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 36
Cisco Systems, as well as customer support services, can be obtained at this URL: http://www.cisco.com/en/US/products/index.html • Networking Professionals URL: http://www.cisco.com/en/US/learning/index.html xxxiv Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 37
Features, page 1-4 • VLAN Features, page 1-5 • Security Features, page 1-5 (includes a feature requiring the cryptographic version of the software) • QoS and CoS Features, page 1-7 • Monitoring Features, page 1-8 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 1-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 38
hosts on a switch port can belong • IGMP throttling for configuring the action when the maximum number of entries is in the IGMP forwarding table • IGMP leave timer for configuring the leave latency for the network Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 1-2 OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 39
Address Resolution Protocol (ARP) for identifying a switch through its IP address and its corresponding MAC address • Unicast MAC address filtering to drop packets with specific source or destination MAC addresses OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 1-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 40
HP Onboard Administrator Note For additional descriptions of the management interfaces, see the "Design Concepts for Using the Switch" section on page 1-10 Up to 128 spanning-tree instances supported - Per-VLAN spanning-tree plus ( Blade Switch 3020 for HP Software Configuration Guide 1-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 41
Link Layer 2 interfaces to back up one another as an alternative to STP for MAC addressing for ensuring security • Protected port option for restricting the forwarding of traffic to designated ports on the same switch OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 42
) Version 3.0 support for the HTTP 1.1 server authentication, encryption, and message integrity and HTTP client authentication to allow secure HTTP communications (requires the cryptographic version of the software) Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 1-6 OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 43
flows in aggregate to restrict specific applications or traffic flows to ingress queues for user traffic (one queue can be the priority service for specifying the rate at which packets are sent to the internal ring (sharing is the only supported Blade Switch 3020 for HP Software Configuration Guide 1-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 44
Domain Reflector (TDR) to diagnose and resolve cabling problems on 10/100/1000 copper Ethernet ports • SFP module Switch." • System name and prompt is Switch. For more information, see Chapter 5, "Administering the Switch." Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 45
, see Chapter 10, "Configuring VLANs." - Trunk encapsulation is negotiate. For more information, see Chapter 10, "Configuring VLANs see Chapter 16, "Configuring Flex Links and the MAC Address-Table Move Update Feature." • DHCP snooping Blade Switch 3020 for HP Software Configuration Guide 1-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 46
"Configuring EtherChannels and Layer 2 Trunk Failover." Design Concepts for Using the Switch As your network users compete for network bandwidth, it takes longer to send bandwidth available to your network users. 1-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 47
Figure 1-1)-For high-speed access to network resources, you can use the Cisco Catalyst Blade Switch 3020 for HP in the access layer to provide Gigabit Ethernet to the blade servers. To prevent congestion, use QoS OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 1-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 48
. Using dual SFP module uplinks from the blade switches provides redundant uplinks to the network core. Using SFP modules provides flexibility in media and distance options through fiber-optic connections. 1-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 49
Where to Go Next Before configuring the switch, review these sections for startup information: • Chapter 2, "Using the Command-Line Interface" • Chapter 3, "Assigning the Switch IP Address and Default Gateway" OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 1-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 50
Where to Go Next Chapter 1 Overview 1-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 51
one-time switch reboots. To access the various configuration modes, you must start at global configuration mode. From global configuration mode, you can enter interface configuration mode and line configuration mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 52
While in privileged EXEC mode, enter the vlan database command. Switch(vlan)# To exit to privileged EXEC mode, enter exit. Use this mode to configure VLAN parameters for VLANs 1 to 1005 in the VLAN database. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 2-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 53
enter the interface command (with a specific interface). Switch(config-if)# To exit to Switch# di? dir disable disconnect Complete a partial command name. For example: Switch# sh conf Switch# show configuration OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 54
example: Switch> ? List the associated keywords for a command. For example: Switch> show ? List the associated arguments for a keyword. For example: Switch(config)# cdp holdtime ? to their default values. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 2-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 55
enter the command followed by a question mark (?) for your switch to recognize the with a space between the command and the software/ios123/123newft/123t/123t_4/ gtconlog.htm Note Only CLI or HTTP changes are logged. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 56
line: Switch(config-line)# history [size number-of-lines] The range is from 0 to 256. Recalling Commands To recall commands from the history buffer, perform one of the compatible terminals such as VT100s. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 2-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 57
enabled, you can disable it, re-enable it, or configure a specific line to have enhanced editing. These procedures are optional. To globally disable or press the Move the cursor back one character. left arrow key. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 2-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 58
of the command line. Press Esc B. Move the cursor back one word. Press Esc F. Move the cursor forward one word. Press Ctrl-T. Transpose the character to the left of the command, perhaps as a shortcut. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 2-8 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 59
terminals such as VT100s. In this example, the access-list global configuration command entry extends beyond one line. When the cursor first reaches the end of the line, the line is shifted ten section on page 2-7. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 2-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 60
more command followed by the pipe character (|), one of the keywords begin, include, or switch must have network connectivity with the Telnet or SSH client, and the switch must have an enable secret password configured. 2-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 61
. The switch supports up to five simultaneous secure SSH sessions. After you connect through the console port, through a Telnet session or through an SSH session, the user EXEC prompt appears on the management station. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 62
Accessing the CLI Chapter 2 Using the Command-Line Interface 2-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 63
3-10 • Modifying the Startup Configuration, page 3-13 • Scheduling a Reload of the Software Image, page 3-18 Understanding the Boot Process To start your switch, you need to follow the procedures in the Cisco Catalyst Blade Switch 3020 for HP Getting Started Guide or the Cisco Catalyst Blade Switch - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 64
into the system if the operating system has problems serious enough that it cannot be used. The Switch Information, page 3-3 • Understanding DHCP-Based Autoconfiguration, page 3-3 • Manually Assigning IP Information, page 3-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 65
two components: one for delivering switch through the fa0 interface. See the HP BladeSystem documentation at http://www.hp.com/go/bladesystem/documentation for more information about the Onboard Administrator. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 66
a chance to formally request the address. If the switch accepts replies from a BOOTP server and configures itself, the switch broadcasts, instead of unicasts, TFTP requests to obtain the switch configuration file. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 3-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 67
Addressing and Services" section of the Cisco IOS IP Configuration Guide, Release switch might send broadcast, instead of unicast, TFTP requests. Unavailability of other lease options does not affect autoconfiguration. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 68
address (255.255.255.255). For the switch to successfully download a configuration file, the TFTP server must contain one or more configuration files in its base directory. -address interface configuration command. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 3-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 69
. The switch sends a unicast message to the TFTP server to retrieve the network-confg or cisconet.cfg default configuration file. (If the network-confg file cannot be read, the switch reads the cisconet.cfg file.) OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 3-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 70
.255.0 10.0.0.10 10.0.0.2 tftpserver or 10.0.0.3 Switch C 00e0.9f1e.2003 10.0.0.23 255.255.255.0 10.0.0.10 10.0.0.2 tftpserver or 10.0.0.3 Switch D 00e0.9f1e.2004 10.0.0.24 255.255.255.0 10.0.0.10 10.0.0.2 tftpserver or 10.0.0.3 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 71
It reads the configuration file that corresponds to its hostname; for example, it reads switch1-confg from the TFTP server. Switches B through D retrieve their configuration files and IP addresses in the same way. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 3-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 72
manually assign IP information to multiple switched Switch A Current configuration : 3990 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! 3-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 73
spanning-tree portfast ! interface GigabitEthernet0/8 speed 1000 spanning-tree portfast ! interface GigabitEthernet0/9 speed 1000 spanning-tree portfast ! interface GigabitEthernet0/10 speed 1000 spanning-tree portfast ! Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 3-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 74
Checking and Saving the Running Configuration Chapter 3 Assigning the Switch IP Address and Default Gateway interface GigabitEthernet0/11 speed 1000 spanning switchport trunk native vlan 2 switchport mode access 3-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 75
a Specific Software Image, page 3-16 • Controlling Environment Variables, page 3-16 See also Appendix B, "Working with the Cisco IOS File System, Configuration Files, and Software Images," for information about switch configuration files. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 76
memory. A new switch has no configuration file. Automatically Downloading a Configuration File You can automatically download a configuration file to your switch by using the DHCP Return to privileged EXEC mode. 3-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 77
of the bootable image. Filenames and directory names are case sensitive. (Optional) Save your entries in the configuration file. To disable manual booting, use the no boot manual global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 3-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 78
global configuration mode. Configure the switch to boot a specific image in flash memory during the . Then the boot loader switch: prompt appears. The switch boot loader software provides support for nonvolatile environment variables, Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 79
changes the setting of the BOOT environment variable. set MANUAL_BOOT yes boot manual Decides whether the switch automatically or manually boots. Valid values are 1, yes, 0, and no. If it variable. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 3-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 80
shows how to reload the software on the switch on the current day at 7:30 p.m: Switch# reload at 19:30 Reload scheduled for 19:30:00 UTC Wed Jun 5 1996 (in 2 hours and 25 minutes) Proceed with reload? [confirm] 3-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 81
switch, use the show reload privileged EXEC command. It displays reload information including the time the reload is scheduled to occur and the reason for the reload (if it was specified when the reload was scheduled). OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 82
Scheduling a Reload of the Software Image Chapter 3 Assigning the Switch IP Address and Default Gateway 3-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 83
Engine supports an embedded Directory Service. In this mode, no external directory or other data store is required. In server mode, the Configuration Engine supports the use of a user-defined external directory. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 4-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 84
Service uses the CNS Event Service to send and receive configuration change events and to send success and failure notifications. The configuration server is a web server that uses configuration templates and the device-specific Blade Switch 3020 for HP Software Configuration Guide 4-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 85
the ConfigID for the corresponding switch definition on the Configuration Engine. The ConfigID is fixed at startup time and cannot be changed until the device restarts, even if the switch hostname is reconfigured. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 4-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 86
, see the Configuration Engine setup and configuration guide at this URL on cisco.com: http://www.cisco.com/en/US/products/sw/netmgtsw/ps4617/products_installation_and_configuration_ guide_book09186a00803b59db.html Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 4-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 87
IOS agent. The Cisco IOS agent feature supports the switch by providing these features: • Initial Configuration, to a template and downloads the full configuration file to the switch. Figure 4-2 shows switches 141328 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 88
, do nothing: The switch begins the initial configuration as described in the "Initial Configuration" section on page 4-5. When the full configuration file is loaded on your switch, you need to do nothing else. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 4-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 89
Cisco Configuration Engine Installation and Setup Guide, 1.5 for Linux at this URL: http://www.cisco.com/en/US/products/sw/netmgtsw/ps4617/products_installation_and_configuration_ guide_book09186a00803b59db.html OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 4-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 90
shows how to enable the CNS event agent, set the IP address gateway to 10.180.1.27, set 120 seconds as the keepalive interval, and set 10 as the retry count. Switch(config)# cns event 10.180.1.27 keepalive 120 10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 4-8 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 91
ping attempts. The range is 1 to 30 seconds. The default is 10 seconds. • (Optional) For retries num, enter the number of switch. Establish a static route to the Configuration Engine whose IP address is network-number. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 92
8 Step 9 Command Purpose cns id interface num {dns-reverse | ipaddress | mac-address} [event] or cns id {hardware-serial | hostname | string string} is not supported. end Return to privileged EXEC mode. 4-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 93
Switch(config-cns-conn-if)# config-cli no keepalive Switch(config-cns-conn-if)# config-cli no shutdown Switch(config-cns-conn-if)# exit Switch(config)# hostname RemoteSwitch RemoteSwitch(config)# ip route 10 is not supported. Return to Blade Switch 3020 for HP Software Configuration Guide 4-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 94
event agent connections. Displays statistics about the CNS event agent. Displays a list of event agent subjects that are subscribed to by applications. 4-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 95
of the time service is the system clock. This clock runs from the moment the system starts up and keeps track of the date and time. The system clock can then be set from these sources: • NTP • Manual configuration OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 96
Manually" is one-way support stratum 1 service; it is not possible to connect to a radio or atomic clock. We recommend that the time service for your network be derived from the public NTP servers available on the IP Internet. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 97
when an external NTP source is not available. The switch also has no hardware support for a calendar. As a result, the ntp update-calendar and the ntp master global configuration commands are not available. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 98
Configuring NTP Broadcast Service, page 5-6 • Configuring NTP Access Restrictions, page 5-8 • Configuring the Source IP Address for NTP Packets, page 5-10 • Displaying the feature, which is disabled by default. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 99
md5 specifies that message authentication support is provided by using the The switch does not synchronize to a device unless both have one of switch synchronizes to the other device, and not the other way around). OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 100
172.16.22.44 using NTP Version 2: Switch(config)# ntp server 172.16.22.44 version 2 Configuring NTP Broadcast Service The communications between devices running NTP (known , the information flow is one-way only. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 101
-address, specify the IP address of the peer that is synchronizing its clock to this switch. end Return to privileged EXEC mode. show running-config Verify your entries. copy running- global configuration mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 102
to the remote device. • peer-Allows time requests and NTP control queries and allows the switch to synchronize to the remote device. For access-list-number, enter a standard IP access list number from 1 to 99. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-8 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 103
: Switch# configure terminal Switch(config)# ntp access-group peer 99 Switch(config)# ntp access-group serve-only 42 Switch(config)# access-list 99 permit 172.20.130.5 Switch(config)# access list 42 permit 172.20.130.6 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 104
a source address is to be used for a specific association, use the source keyword in the ntp peer or ntp server global configuration command as described in the "Configuring NTP Associations" section on page 5-5. 5-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 105
services, such as an NTP server, you do not need to manually Purpose Manually set the system clock using one of these manually set the system clock to 1:32 p.m. on July 23, 2001: Switch# clock set 13:32:00 23 July 2001 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 106
. Configuring the Time Zone Beginning in privileged EXEC mode, follow these steps to manually configure the time zone: Step 1 Step 2 Command configure terminal clock timezone zone configuration command. 5-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 107
first part of the clock summer-time global configuration command specifies when summer time begins, and the second part Switch(config)# clock summer-time PDT recurring 1 Sunday April 2:00 last Sunday October 2:00 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 108
the configuration file. The first part of the clock summer-time global configuration command specifies when summer time begins, and the second part specifies when it ends. All Routing Protocols, Release 12.2. 5-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 109
Manually configure a system name. The default setting is switch switch, you can substitute the hostname for the IP address with all IP commands, such as ping, telnet, connect, and related Telnet support cisco.com. A specific device in this Blade Switch 3020 for HP Software Configuration Guide 5-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 110
BOOTP or DHCP server (if the servers were configured with this information). Specify the address of one or more name servers to use for name and address resolution. You can specify up to to privileged EXEC mode. 5-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 111
name global configuration command. If there is a period (.) in the hostname, the Cisco IOS software looks up the IP address without appending any default domain name to the hostname. To remove are not configured. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 112
172.2.5.4 Trying 172.2.5.4... Connected to 172.2.5.4. Escape character is '^]'. This is a secure site. Only authorized users are allowed. For access, contact technical support. User Access Verification Password: 5-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 113
address and the type (static or dynamic). Note For complete syntax and usage information for the commands used in this section, see the Cisco Catalyst Blade Switch 3020 for HP Command Reference for this release. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 114
1 and ports 9, 10, and 1 in VLAN 5. Each VLAN maintains its own logical address table. A known address in one VLAN is unknown in another until it is learned or statically associated with a port in the other VLAN. 5-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 115
that a dynamic entry remains in the MAC address table after the entry is used or updated. The range is 10 to 1000000 seconds. The default is 300 the no mac address-table aging-time global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-21 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 116
, use the mac-notification keyword. snmp-server enable traps mac-notification Enable the switch to send MAC address traps to the NMS. mac address-table notification Enable the MAC address notification feature. 5-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 117
-if)# snmp trap mac-notification added You can verify the previous commands by entering the show mac address-table notification interface and the show mac address-table notification privileged EXEC commands. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 118
at least one VLAN, the switch acquires the MAC address as its destination address, the packet is forwarded to the specified port: Switch(config)# mac address-table static c2f3.220a.12f4 vlan 4 interface gigabitethernet0/1 5-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 119
. Verify your entries. (Optional) Save your entries in the configuration file. To disable unicast MAC address filtering, use the no mac address-table static mac-addr vlan vlan-id global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 5-25 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 120
by the arpa keyword) is enabled on the IP interface. ARP entries added manually to the table do not age and must be manually removed. For CLI procedures, see the Cisco IOS Release 12.2 documentation on Cisco.com. 5-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 121
can also assign a specific privilege level (with associated rights and privileges) to each username and password pair. For more information, see the "Configuring Username and Password Pairs" section on page 6-6. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 122
authorization) information. For more information, see the "Controlling Switch Access with TACACS+" section on page 6-10. Protecting Access to Privileged EXEC Commands A simple way file. No password is defined. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 123
the configuration file. The enable password is not encrypted and can be read in the switch configuration file. To remove the password, use the no enable password global configuration command. effect simultaneously. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 124
enable secret password. Use the level keyword to define a password for a specific privilege level. After you specify the level and set a password, give the the no service password-encryption global configuration command. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-4 OL- - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 125
recovery will not work if you have set the switch to boot manually by using the boot manual global configuration command. This command produces the boot loader prompt (switch:) after the switch is power cycled. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 126
let45me67in89: Switch(config)# line vty 10 Switch(config-line switch. If you have defined privilege levels, you can also assign a specific privilege level (with associated rights and privileges) to each username and password pair. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 127
each user. • For name, specify the user ID as one word. Spaces and quotation marks are not allowed. • (Optional configuration file. To disable username authentication for a specific user, use the no username name global -01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 128
to privilege level 14 and define SecretPswd14 as the password users must enter to use level 14 commands: Switch(config)# privilege exec level 14 configure Switch(config)# enable password level 14 SecretPswd14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-8 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 129
Chapter 6 Configuring Switch-Based Authentication Protecting Access to Privileged EXEC Commands Changing the Default Privilege Level for Lines Exit to a specified privilege level. For level, the range is 0 to 15. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 130
gain access to your switch. TACACS+ services are maintained in a database on a TACACS+ daemon typically running on a UNIX or Windows NT workstation. You , and to interconnected networks as shown in Figure 6-1. 6-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 131
daemon, and it ensures confidentiality because all protocol exchanges between the switch and the TACACS+ daemon are encrypted. You need a system running the TACACS+ daemon software to use TACACS+ on your switch. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 132
on a user. You can use method lists to designate one or more security protocols to be used, thus ensuring a backup system if the initial method fails. The software uses the first method listed to authenticate, to 6-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 133
configured server hosts and use them for a particular service. The server group is used with a global switch and the TACACS+ daemon. You must configure the same key on the TACACS+ daemon for encryption to be successful. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 134
which they are performed; it must be applied to a specific port before any of the defined authentication methods are performed queried to authenticate a user. You can designate one or more security protocols to be used for Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 135
are used only if the previous method returns an error, not if it fails. Select one of these methods: • enable-Use the enable password for authentication. Before you can use list-name} line configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 136
these steps to specify TACACS+ authorization for privileged EXEC access and network services: Step 1 Step 2 Command configure terminal aaa authorization network tacacs+ method1 global configuration command. 6-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 137
steps to enable TACACS+ accounting for each Cisco IOS privilege level and for network services: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Command configure • Displaying the RADIUS Configuration, page 6-31 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 138
can be used to authenticate from one device to a non-Cisco device if the non-Cisco device requires authentication. • Networks using a variety of services. RADIUS generally binds a user to one service model. 6-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 139
included with the ACCEPT or REJECT packets includes these items: • Telnet, SSH, rlogin, or privileged EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 140
Server Host Switch-to-RADIUS-server communication involves several components: • Hostname or IP address • Authentication destination port • Accounting destination port • Key string • Timeout period • Retransmission value 6-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 141
hosts providing a specific AAA service. This unique switch to use AAA server groups to group existing server hosts for authentication. For more information, see the "Defining AAA Server Groups" section on page 6-25. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 142
marks are part of the key. To configure the switch to recognize more than one host entry specific RADIUS host. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. 6-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 143
which they are performed; it must be applied to a specific port before any of the defined authentication methods are performed. queried to authenticate a user. You can designate one or more security protocols to be used for authentication Blade Switch 3020 for HP Software Configuration Guide 6-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 144
used only if the previous method returns an error, not if it fails. Select one of these methods: - enable-Use the enable password for authentication. Before you can Save your entries in the configuration file. 6-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 145
a specific AAA service. If you configure two different host entries on the same RADIUS server for the same service, ( for example, accounting), the second configured host entry acts as a fail-over backup to the first one. You Blade Switch 3020 for HP Software Configuration Guide 6-25 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 146
are part of the key. To configure the switch to recognize more than one host switch software searches for hosts in the order in which you specify them. Set the timeout, retransmit, and encryption key values to use with the specific Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 147
: Step 1 Step 2 Command configure terminal aaa authorization network radius Purpose Enter global configuration mode. Configure the switch for user RADIUS authorization for all network-related service requests. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 148
Enter global configuration mode. Enable RADIUS accounting for all network-related service requests. Enable RADIUS accounting to send a start-record accounting notice at } method1... global configuration command. 6-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 149
the quotation marks are part of the key. Specify the number of times the switch sends each RADIUS request supports one vendor-specific option by using the format recommended in the specification. Cisco's vendor-ID is 9, and the supported Blade Switch 3020 for HP Software Configuration Guide 6-29 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 150
file. For a complete list of RADIUS attributes or more information about vendor-specific attribute 26, see the "RADIUS Attributes" appendix in the Cisco IOS Security Configuration Guide, Release 12.2. 6-30 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 151
the quotation marks are part of the key. Return Switch(config)# radius-server key rad124 Displaying the RADIUS Configuration To display the RADIUS configuration, use the show running-config privileged EXEC command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 152
software/ios122/122cgcr/fsecur_c/fsecsp/index.htm. Note In the Kerberos configuration examples and in the Cisco IOS Security Command Reference, Release 12.2, the trusted third party can be a Cisco Catalyst Blade Switch 3020 for HP that supports network services that they use are what the services - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 153
In this software release, Kerberos supports these network services: • services register their identity with the Kerberos server. Network services query the Kerberos server to authenticate to other network services. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 154
then occurs: 1. The user opens an un-Kerberized Telnet connection to the boundary switch. 2. The switch prompts the user for a username and password. 3. The switch requests a TGT from the KDC for this user. 6-34 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 155
authenticate to the network services in a Kerberos realm. For instructions about how to authenticate to a network service, see the "Authenticating to Network Services" section in the in all uppercase characters. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-35 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 156
. Configure user AAA authorization, check the local database, and allow the user to run an EXEC shell. Configure user AAA authorization for all network-related service requests. 6-36 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 157
each user. • For name, specify the user ID as one word. Spaces and quotation marks are not allowed. • (Optional software image on your switch. You must obtain authorization to use this feature and to download the cryptographic software Blade Switch 3020 for HP Software Configuration Guide 6-37 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 158
and authorization (for more information, see the "Configuring the Switch for Local Authentication and Authorization" section on page 6-36) Note This software release does not support IP Security (IPSec). 6-38 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 159
Up the Switch to Run SSH Follow these steps to set up your switch to run SSH: 1. Download the cryptographic software image from switch. Follow this procedure only if you are configuring the switch as an SSH server. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 160
, use the crypto key zeroize rsa global configuration command. After the RSA key pair is deleted, the SSH server is automatically disabled. 6-40 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 161
switch to run SSH Version 1. • 2-Configure the switch to run SSH Version 2. If you do not enter this command or do not specify a keyword, the SSH server selects the latest SSH version supported to the default of 10 minutes. • Specify the one Blade Switch 3020 for HP Software Configuration Guide 6-41 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 162
issue certificates to participating network devices. These services provide centralized security key and certificate management for the participating devices. Specific CA servers are referred to as trustpoints. 6-42 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 163
authentication by itself. For additional information on Certificate Authorities, see the "Configuring Certification Authority Interoperability" chapter in the Cisco IOS Security Configuration Guide, Release 12.2. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-43 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 164
best encryption algorithm to use from those on the list that are supported by both. For example, Netscape Communicator 4.76 supports U.S. security with RSA Public Key Cryptography, MD2, MD5, RC2- are generated. 6-44 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 165
8 enrollment url url enrollment http-proxy host-name port-number crl query url Step 9 primary Step 10 exit Step 11 crypto ca authentication name Step 12 crypto ca enroll name Step 13 Step 14 Step the CA. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-45 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 166
determine if the secure HTTP server feature is supported in the software. You should see one of these lines in the output: Step the client certificate connection. Step 8 Step 9 Step 10 ip http path path-name ip http access-class Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 167
Web browser, enter https://URL, where the URL is the IP address or hostname of the server switch. If you configure a port other than the default port, you must also specify the port number has been configured. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-47 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 168
server and client to negotiate a CipherSuite that they both support. This is the default. Return to privileged EXEC mode. ciphersuite to remove a previously configured CipherSuite specification for the client. Displaying Secure HTTP Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 169
copy any file in the Cisco IOS File System (IFS) to and from a switch by using the copy command. An authorized administrator can also do this from a /doc/product/software/ios122/122newft/122t/122t2/ftscp.htm OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 6-49 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 170
Configuring the Switch for Secure Copy Protocol Chapter 6 Configuring Switch-Based Authentication 6-50 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 171
authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN. Until the client is Mode, page 7-8 • IEEE 802.1x Accounting, page 7-9 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 172
Authentication with MAC Authentication Bypass, page 7-17 Device Roles With IEEE 802.1x port-based authentication, the devices in the network have specific roles as the RADIUS server and one or more RADIUS clients. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 173
3560, Catalyst 3550, Catalyst 2970, Catalyst 2960, Cisco Catalyst Blade Switch 3020 for HP, Catalyst 2955, Catalyst 2950, Catalyst 2940 switches, or a wireless access point. These devices must be running software that supports the RADIUS client and IEEE 802.1x authentication. Authentication Process - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 174
switch re-authenticates a client when one of these situations occurs: • Periodic re-authentication is enabled, and the re-authentication timer expires. You can configure the re-authentication timer to use a switch-specific Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 175
during re-authentication. • You manually re-authenticate the client by services, or network access is not granted. For more information, see the "Ports in Authorized and Unauthorized States" section on page 7-7. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 176
packet while waiting for an Ethernet packet, the switch stops the MAC authentication bypass process and stops IEEE 802.1x authentication. Figure 7-4 shows the message exchange during MAC authentication bypass. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 177
support IEEE 802.1x authentication connects to an unauthorized IEEE 802.1x port, the switch to authenticate. The switch cannot provide authentication services to the client through switch by using the client MAC address. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 178
LAN. In this mode, only one of the attached clients must be authorized MAC addresses, including that of the client. Figure 7-5 Multiple Host Mode Example Wireless clients Access point Authentication server (RADIUS) 101227 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 179
. • Link-down occurs. • Re-authentication successfully occurs. • Re-authentication fails. The switch does not log IEEE 802.1x accounting information. Instead, it sends this information to the Always Always Always OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 180
at this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_book09186a008 00872ce.html For 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines." Using IEEE 10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 181
standard and IP extended ACLs). Only one IEEE 802.1x-authenticated user is supported on a port. If the multiple-hosts mode is enabled on the port, the per-user ACL attribute is disabled for the associated port. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 182
an EAPOL message exchange. After detecting a client on an IEEE 802.1x port, the switch waits for an Ethernet packet from the client. The switch sends the authentication server a RADIUS-access/request frame with 7-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 183
authentication. Some clients (for example, devices running Windows XP) cannot implement DHCP without EAP success. Restricted VLANs are supported only on IEEE 802.1x ports in single-host VLAN" section on page 7-31. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 184
VLAN if one is configured. - If all the RADIUS servers are not available and if a client is connected to a critical port and was previously assigned to a guest VLAN, the switch keeps the port in the guest VLAN. 7-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 185
port becomes active when there is a link, and the device MAC address appears after the first CDP message from the IP phone. on a voice VLAN port, the switch drops packets from unrecognized IP phones more than one hop away. When IEEE 802.1x Blade Switch 3020 for HP Software Configuration Guide 7-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 186
magic packets. While the port is unauthorized, the switch continues to block ingress traffic other than EAPOL packets. The host can receive packets but cannot send packets to other devices in the network. 7-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 187
the MAC authentication bypass feature to initiate re-authorization. For more information about these AV pairs, see RFC 3580, "IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines." OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 188
MAC address identity, the switch assigns the client to a guest VLAN if one is configured. • Restricted VLAN-This feature is not supported Re-Authentication, page 7-25 (optional) • Manually Re-Authenticating a Client Connected to a Port, Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 189
the client to the authentication server, the amount of time the switch waits for a reply before resending the response to the server. This setting is not configurable.) None specified. Disabled. None specified. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 190
Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass, page 7-21 • MAC Authentication Bypass, page 7-22 IEEE 802.1x Authentication These are the IEEE 802.1x is not enabled. 7-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 191
same switch port. • You can configure any VLAN except an RSPAN VLAN or a voice VLAN as an IEEE 802.1x restricted VLAN. The restricted VLAN feature is not supported on trunk ports; it is supported only on access ports. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 192
the client MAC address is added to the database, the switch can use MAC authentication bypass to , you must enable AAA authorization to configure the switch for all network-related service requests. This is the IEEE 802.1x AAA Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 193
access Step 10 dot1x port- service-for example, authentication-the second host entry configured acts as the fail-over backup to the first one. The RADIUS host entries are tried in the order that they were configured. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 194
in quotation marks unless the quotation marks are part of the key. This key must match the switch and the key string to be shared by both the server and the switch. For more information, see the RADIUS server documentation. 7-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 195
to be configured, and enter interface configuration mode. Enable periodic re-authentication of the client, which is disabled by default. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-25 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 196
Switch(config-if)# dot1x reauthentication Switch(config-if)# dot1x timeout reauth-period 4000 Manually Re-Authenticating a Client Connected to a Port You can manually re-authenticate the client connected to a specific Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 197
shows how to set 60 as the number of seconds that the switch waits for a response to an EAP-request/identity frame from the client before resending the request: Switch(config-if)# dot1x timeout tx-period 60 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 198
configuration command. This example shows how to set 5 as the number of times that the switch sends an EAP-request/identity request before restarting the authentication process: Switch(config-if)# dot1x max-req 5 7-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 199
Start for session 172.20.50.145 sam 11/06/03 07:01:16 11000002 failed to receive Accounting Response. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-29 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 200
configuration mode. Specify the port to be configured, and enter interface configuration mode. For the supported port types, see the "IEEE 802.1x Authentication Configuration Guidelines" section on page 7-20. 7-30 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 201
the supported port types, see the "IEEE 802.1x Authentication Configuration Guidelines" section on page 7-20. Set the port to access mode, or Configure the port as a private-VLAN host port. Enable IEEE 802.1x authentication on the port. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 202
Specify the port to be configured, and enter interface configuration mode. For the supported port types, see the "IEEE 802.1x Authentication Configuration Guidelines" section on page configuration command. 7-32 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 203
determines the default tries parameter that is 10 to 100. (Optional) Set the number of minutes that a RADIUS server is not sent requests. The range is from 0 to 1440 minutes (24 hours). The default is 0 minutes. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-33 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 204
time-Set the interval of time in minutes after which the switch sends test packets to the server. The range is from 1 supported port types, see the "IEEE 802.1x Authentication Configuration Guidelines" section on page 7-20. 7-34 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 205
vlan vlan-id] Step 8 Step 9 Step 10 end show dot1x [interface interface-id] copy running to be configured, and enter interface configuration mode. For the supported port types, see the "IEEE 802.1x Authentication Configuration Guidelines" Blade Switch 3020 for HP Software Configuration Guide 7-35 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 206
. For the supported port types, MAC authentication bypass, use the no dot1x mac-auth-bypass interface configuration command. This example shows how to enable MAC authentication bypass: Switch(config-if)# dot1x mac-auth-bypass 7-36 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 207
configure IEEE 802.1x using a RADIUS server: Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# dot1x reauthentication Switch(config-if)# dot1x timeout reauth-period server OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-37 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 208
to disable IEEE 802.1x authentication on the port: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# no dot1x pae authenticator Resetting the IEEE ) Save your entries in the configuration file. 7-38 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 209
operational status for a specific port, use the show dot1x interface interface-id privileged EXEC command. For detailed information about the fields in these displays, see the command reference for this release. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 7-39 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 210
Displaying IEEE 802.1x Statistics and Status Chapter 7 Configuring IEEE 802.1x Port-Based Authentication 7-40 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 211
, page 8-10 • Configuring supported by the switch Switch Ports, page 8-2 • EtherChannel Port Groups, page 8-4 • Dual-Purpose Uplink Ports, page 8-4 • Connecting Interfaces, page 8-5 • Management-Only Interface, page 8-5 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 212
Administrator to find the root cause of the problem, and to recover from the error-disabled state. See the HP BladeSystem documentation at http://www.hp.com/go/bladesystem/documentation for more information. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 213
only one Switch Link [ISL] or IEEE 802.1Q tagged), the packet is dropped, and the source address is not learned. Two types of access ports are supported: • Static access ports are manually 10, "Configuring VLANs." OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 214
that is installed in a corresponding module bay in the blade server. The default operation mode for ports 23x and 24x is external, set by using the rj45 keyword of the media-type interface configuration command. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 215
other VLAN interfaces on the switch. IP packets that are received by the VLAN interfaces are not routed to the fa0 interface. The fa0 interface is a routed interface, but the switch does not route IP data packets. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 216
specific interface or all the interfaces on the switch. The remainder of this chapter primarily provides physical interface configuration procedures. Procedures for Configuring Interfaces These general instructions Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 217
a list of all interfaces on or configured for the switch. A report is provided for each interface that the device supports or for the specified interface. Configuring a Range of entries in the configuration file. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 218
maximum character string. • A macro can contain up to five comma-separated interface ranges. • Each interface-range must consist of the same port type. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-8 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 219
)# end This example shows how to enter interface-range configuration mode for the interface-range macro enet_list: Switch# configure terminal Switch(config)# interface range macro enet_list Switch(config-if-range)# OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 220
IEEE 802.1Q VLAN 1. trunks) VLAN trunking Switchport mode dynamic auto (supports DTP). Port enable state All ports are enabled. Port description None defined Protected Ports" section on page 19-5. 8-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 221
Ethernet (10/100/1000-Mbps) ports support all speed support autonegotiation, you can configure speed on copper SFP module ports; however, you can only configure fiber SFP module ports to not negotiate (nonegotiate). OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 222
both ends of the line support autonegotiation, we highly recommend the default setting of auto negotiation. • If one interface supports autonegotiation and the other end , and enter interface configuration mode. 8-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 223
and the no shutdown interface configuration commands, the switch gives preference to the SFP module interface. In all other situations, the switch selects the active link based on which type first links up. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 224
Enter 10, 100, or 1000 to set a specific speed for the interface. The 1000 keyword is available only for 10/100 negotiate if connected to a device that does not support autonegotiation. For more information about speed settings, see Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 225
operation at the other end. If one port experiences congestion and cannot receive Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# flowcontrol receive on Switch(config-if)# end OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 226
to auto so that the feature operates correctly. Auto-MDIX is supported on all 10/100/1000-Mbps interfaces. It is not supported on 1000BASE-SX or -LX SFP module interfaces. Table 8-2 configuration command. 8-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 227
config-if)# description Connects to Marketing Switch(config-if)# end Switch# show interfaces gigabitethernet0/2 description Interface Status Protocol Description Gi0/2 admin down down Connects to Marketing OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 8-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 228
operating at 10 or 100 Mbps by using the system mtu global configuration command. You can increase the MTU size to support jumbo frames bytes: Switch(config)# system jumbo mtu 1800 Switch(config)# exit Switch# reload 8-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 229
all interfaces or a specific interface. Display interface software version, the names and sources of configuration files, and the boot images. Display the operational state of the auto-MDIX feature on the interface. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 230
interface unless you specify optional arguments that clear only a specific interface type from a specific interface number. Note The clear counters privileged EXEC command as administratively down in the display. 8-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 231
, and dynamic port error recovery for link state failures. Use this interface configuration macro for increased network security and reliability when connecting a desktop device, such as a PC, to a switch port. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 9-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 232
desktop device such as a PC with a Cisco IP Phone to a switch port. This macro is an extension of the cisco-desktop specific to your application. After you create the macro, you can apply it globally to a switch or to a switch Catalyst Blade Switch 3020 for HP Software Configuration Guide 9-2 OL-8915- - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 233
if it is part of a larger CLI commands are specific to certain interface switch software (see Table 9-1). You can display these macros and the commands they contain by using the show parser macro user EXEC command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 234
secure MAC addresses and also includes two help string keywords by using # macro keywords: Switch(config)# macro name test switchport access vlan $VLANID switchport port-security maximum $MAX #macro keywords $VLANID $MAX @ Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 9-4 OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 235
switch only by entering the no version of each command that is in the macro. You can delete a macro-applied configuration on an interface by entering the default interface interface-id interface configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 236
desktop-config and to verify the configuration. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# macro apply desktop-config Switch(config-if)# end Switch in the switch software. Display the specific macro that Blade Switch 3020 for HP Software Configuration Guide 9-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 237
port as an edge network port spanning-tree portfast spanning-tree bpduguard enable Switch# Switch# configure terminal Switch(config)# gigabitethernet0/4 Switch(config-if)# macro apply cisco-desktop $AVID 25 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 9-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 238
Macros To display the Smartports macros, use one or more of the privileged EXEC commands in specific macro. Displays the configured macro names. Displays the macro description for all interfaces or for a specified interface. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 239
to the VLAN must be forwarded through a router or a switch supporting fallback bridging, as shown in Figure 10-1. Because a VLAN is considered a separate logical network, it Chapter 11, "Configuring VTP." OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 240
the switch is assigned manually on an interface-by-interface basis. When you assign switch interfaces switch supports both Inter-Switch Link (ISL) and IEEE 802.1Q trunking methods for sending VLAN traffic over Ethernet ports. 10-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 241
10-16. When a port belongs to a VLAN, the switch learns and manages the addresses associated with the port on a per-VLAN basis. For more information, see the "Managing the MAC Address Table" section on page 5-19. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 242
memory. Caution You can cause inconsistency in the VLAN database if you attempt to manually delete the vlan.dat file. If you want to modify the VLAN configuration, use command reference for this release. 10-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 243
switch (which is to allow all VLANs), the new VLAN is carried on all trunk ports. Depending on the topology of the network, this could create a loop in the new VLAN that would not be broken, particularly if there OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 244
ports of switches that have used up their allocation of spanning-tree instances. If the number of VLANs on the switch exceeds the number of supported spanning-tree instances show vlan privileged EXEC command. 10-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 245
are not locally supported, you only configure FDDI and Token Ring media-specific characteristics for VTP global advertisements to other switches. Table 10-2 Ethernet VLAN 1005 active, suspend enabled, disabled OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 246
to use config-vlan mode to create Ethernet VLAN 20, name it test20, and add it to the VLAN database: Switch# configure terminal Switch(config)# vlan 20 Switch(config-vlan)# name test20 Switch(config-vlan)# end 10-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 247
that is in VTP transparent mode, the VLAN is deleted only on that specific switch. You cannot delete the default VLANs for the different media types: Ethernet VLAN 1 and FDDI or Token Ring VLANs 1002 to 1005. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 248
the Administrative Mode and the Access Mode VLAN fields of the display. copy running-config startup-config (Optional) Save your entries in the configuration file. 10-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 249
10-7 for the default configuration for Ethernet VLANs. You can change only the MTU size and the remote SPAN configuration state on extended-range VLANs; all other characteristics must remain at the default state. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 250
Although the switch supports a total of 1005 (normal-range and extended-range) VLANs, the number of configured features affects the use of the switch hardware. If the switch for VTP transparent mode, disabling VTP. 10-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL- - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 251
in the CLI help in config-vlan mode, only the mtu mtu-size, and remote-span commands are supported for extended-range VLANs. (Optional) Configure the VLAN as the RSPAN VLAN. See the "Configuring a VLAN database. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 252
entire network. Two trunking encapsulations are available on all Ethernet interfaces: • Inter-Switch Link (ISL)-Cisco-proprietary trunking encapsulation. • IEEE 802.1Q- industry-standard trunking encapsulation. 10-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 253
can also specify on DTP interfaces whether the trunk uses ISL or IEEE 802.1Q encapsulation or if the encapsulation type is autonegotiated. The DTP supports autonegotiation of both ISL and IEEE 802.1Q trunks. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 254
VLAN is maintained by Cisco switches separated by a cloud of non-Cisco IEEE 802.1Q switches. The non-Cisco IEEE 802.1Q cloud separating the Cisco switches is treated as a single trunk link between the switches. 10-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 255
be added to the group. If you change the configuration of one of these parameters, the switch propagates the setting you entered to all ports in the group: - allowed-VLAN list. - STP port priority for each VLAN. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 256
10 Configuring VLANs - STP Port Fast setting. - trunk status: if one negotiate} Configure the port to support ISL or IEEE 802.1Q 10 copy running-config startup-config (Optional) Save your entries in the configuration file. 10-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 257
support IEEE 802.1Q trunking. Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport mode dynamic desirable Switch Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 258
from 1 to 4094 or a range of VLANs described by two VLAN numbers, the lower one first, separated by a hyphen. Do not enter any spaces between comma-separated VLAN parameters or Return to privileged EXEC mode. 10-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 259
connecting switches. To avoid loops, STP normally blocks all but one parallel link between switches. Using load sharing, you divide the traffic between the links according to which VLAN the traffic belongs. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-21 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 260
. Configure Switch A as the VTP server. Return to privileged EXEC mode. Verify the VTP configuration on both Switch A and Switch B. In the display, check the VTP Operating Mode and the VTP Domain Name fields. 10-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 261
configuration mode. Configure the port to support ISL or IEEE 802.1Q encapsulation 10 are assigned a path cost of 30 on Trunk port 2. • VLANs 2 through 4 retain the default 100BASE-T path cost on Trunk port 2 of 19. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 262
8, 9, and 10. Return to privileged EXEC mode. Verify your entries. In the display, verify that the path costs are set correctly for both trunk interfaces. (Optional) Save your entries in the configuration file. 10-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 263
a query to the VMPS when it identifies a new host address. If the switch receives a port-shutdown response from the VMPS, it disables the port. The port must be manually re-enabled by using the CLI or SNMP. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-25 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 264
can connect to a network. A maximum of 20 MAC addresses are allowed per port on the switch. A dynamic-access port can belong to only one VLAN at a time, but the VLAN can change over configuration is not changed. 10-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 265
on VMPS Clients Caution Dynamic-access port VLAN membership is for end stations or hubs connected to end stations. Connecting dynamic-access ports to other switches can cause a loss of connectivity. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 266
privileged EXEC mode. Verify the dynamic VLAN reconfirmation status in the Reconfirm Interval field of the display. (Optional) Save your entries in the configuration file. 10-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 267
switch queries the VMPS that is using VQP Version 1. • Reconfirm Interval-the number of minutes the switch waits before reconfirming the VLAN-to-MAC servers. The switch sends queries to the one marked current. The one marked primary is Blade Switch 3020 for HP Software Configuration Guide 10-29 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 268
series Switch C and Switch J are secondary VMPS servers. • End stations are connected to the clients, Switch B and Switch I. • The database configuration file is stored on the TFTP server with the IP address 172.20.22.7. 10-30 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 269
6500 series Secondary VMPS Server 3 172.20.26.157 Client switch I 172.20.26.158 Trunk port 172.20.26.159 Switch J 101363t Ethernet segment (Trunk link) Configuring VMPS TFTP server Router 172.20.22.7 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 10-31 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 270
Configuring VMPS Chapter 10 Configuring VLANs 10-32 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 271
that can cause several problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. Before 1005) are not supported by VTP or stored in the VTP VLAN database. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 11-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 272
in the switch running configuration and can be saved to the switch startup configuration file. For domain name and password configuration guidelines, see the "VTP Configuration Guidelines" section on page 11-8. 11-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 273
can configure a supported switch to be in one of the VTP 10-14. VTP advertisements distribute this global domain information: • VTP domain name • VTP configuration revision number • Update identity and update timestamp OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 274
specific 10-4. • Unrecognized Type-Length-Value (TLV) support switch trunk ports. If the VLANs are configured as pruning-ineligible, the flooding continues. VTP pruning is supported with VTP Version 1 and Version 2. 11-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 275
for the entire management domain. Making VLANs pruning-eligible or pruning-ineligible affects pruning eligibility for those VLANs on that trunk only (not on all switches in the VTP domain). OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 11-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 276
not designed to function in VTP transparent mode. If one or more switches in the network are in VTP transparent mode, you should do one of these: • Turn off VTP pruning in the is disabled). None. Disabled. 11-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 277
(transparent) are saved in the switch running configuration, and you can save this information in the switch startup configuration file by entering the copy running-config startup-config privileged EXEC command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 11-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 278
you configure at least one switch in the VTP domain switch can operate in the same VTP domain as a switch running VTP Version 1 if Version 2 is disabled on the Version 2-capable switch (Version 2 is disabled by default). 11-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 279
. When you configure a domain name, it cannot be removed; you can only reassign a switch to a different domain. To return the switch to a no-password state, use the no vtp password global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 11-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 280
and the password mypassword: Switch# vlan database Switch(vlan)# vtp server Switch(vlan)# vtp domain eng_group Switch(vlan)# vtp password mypassword Switch(vlan)# exit APPLY completed. Exiting.... Switch# 11-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 281
the no vtp password VLAN database configuration command to return the switch to a no-password state. When you configure a domain name, it cannot be removed; you can only reassign a switch to a different domain. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 11-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 282
command to return the switch to VTP server mode. If extended-range VLANs are configured on the switch, you cannot change VTP mode to server. You receive an error message, and the configuration is not allowed. 11-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 283
on switches in the same VTP domain. Every switch in the VTP domain must use the same VTP version. Do not enable VTP Version 2 unless every switch in the VTP domain supports Version configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 11-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 284
one switch is supported with VTP 10-20. Adding a VTP Client Switch switch that has a revision number higher than the revision number in the VTP domain, it can erase all VLAN information from the VTP server and VTP domain. 11-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 285
name from the original one displayed in Step 1 to a new name. The VLAN information on the switch is updated and the switch, and then change its VLAN information without affecting the other switches in the VTP domain. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 286
. Table 11-3 VTP Monitoring Commands Command show vtp status show vtp counters Purpose Display the VTP switch configuration information. Display counters about VTP messages that have been sent and received. 11-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 287
devices: • Port 1 connects to the switch or other voice-over-IP (VoIP) device. • Port 2 is an internal 10/100 interface that carries the IP Phone traffic. • Port 3 (access port) connects to a PC or other device. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 12-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 288
can configure Layer 2 access ports on the switch to send CDP packets that instruct the attached phone to configure the phone access port in one of these modes: • In trusted mode, Untrusted mode is the default. 12-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 289
guidelines: • You should configure voice VLAN on switch access ports; voice VLAN is not supported on trunk ports. Note Voice VLAN is only supported on access ports and not on trunk ports 802.1p or untagged frames. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 12-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 290
Clients" section on page 10-27 for more information. MAC addresses. Configuring a Port Connected to a Cisco 7960 IP Phone Because a Cisco 7960 IP Phone also supports a connection to a PC or other device, a port connecting the switch Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 291
/1 Switch(config-if)# mls qos trust cos Switch(config-if)# switchport voice vlan dot1p Switch(config-if)# end To return the port to its default setting, use the no switchport voice vlan interface configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 292
the switch to send CDP packets to instruct Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet0/1 Switch(config-if)# switchport priority extend trust Switch Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 293
, page 13-1 • Configuring Spanning-Tree Features, page 13-10 • Displaying the Spanning-Tree Status, page 13-22 Understanding Spanning and Protocols, page 13-9 • Supported Spanning-Tree Instances, page 13-9 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 294
traffic. The path cost value represents the media speed. Note The switch sends keepalive messages (to ensure the connection is up) only on interfaces that do not have small form-factor pluggable (SFP) modules. 13-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 295
designated switch is attached to the LAN is called the designated port. All paths that are not needed to reach the root switch from anywhere in the switched network are placed in the spanning-tree blocking mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 296
switch priority, and the allocated spanning-tree MAC address to make the bridge ID unique for each VLAN. Support for the extended system ID affects how you manually configure the root switch, the secondary root switch, and the switch Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 297
-delay timer expires, spanning tree moves the interface to the forwarding state, where both learning and frame forwarding are enabled. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 298
state. An interface in the forwarding state performs these functions: • Receives and forwards frames received on the interface • Forwards frames switched from another interface • Learns addresses • Receives BPDUs 13-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 299
the fastest link the root port. For example, assume that one port on Switch B is a Gigabit Ethernet link and that another port on Switch B (a 10/100 link) is the root port. Network traffic might be new root port. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 300
switch interfaces to another device or to two different devices, as shown in Figure 13-3. Spanning tree automatically disables one interface but enables it if the other one fails. If one tree reconfigures. 13-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 301
spanning tree interoperates with the VLAN Trunking Protocol (VTP), see the "Spanning-Tree Configuration Guidelines" section on page 13-12. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 302
compatibility among the supported spanning-tree switches connected through IEEE 802.1Q trunks, the switches maintain one spanning-tree instance for each VLAN allowed on the trunks. When you connect a Cisco switch 10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 303
see the "Supported Spanning-Tree Instances 10 Mbps: 100. 128. 1000 Mbps: 4. 100 Mbps: 19. 10 Mbps: 100. Hello time: 2 seconds. Forward-delay time: 15 seconds. Maximum-aging time: 20 seconds. Transmit hold count: 6 BPDUs OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 304
The switch supports PVST+, rapid PVST+, and MSTP, but only one version can 10. For configuration guidelines about UplinkFast and BackboneFast, see the "Optional Spanning-Tree Configuration Guidelines" section on page 15-10. 13-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 305
Changing the Spanning-Tree Mode. The switch supports three spanning-tree modes: PVST+, rapid PVST+, or MSTP. By default, the switch runs the PVST+ protocol. Beginning in interface configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 306
system ID support will become the root switch. The extended system ID increases the switch priority value every time the VLAN number is greater than the priority of the connected switches running older software. 13-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 307
After configuring the switch as the root switch, we recommend that you avoid manually configuring the hello time the generation of configuration messages by the root switch. The range is 1 to 10; the default is 2. Return to privileged EXEC Blade Switch 3020 for HP Software Configuration Guide 13-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 308
switches use the default switch priority of 32768 and therefore are unlikely to become the root switch. You can execute this command on more than one switch to configure multiple backup root switches root switch. The range is 1 to 10; Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 309
how to configure load sharing on trunk ports by using spanning-tree port priorities, see the "Configuring Trunk Ports for Load Sharing" section on page 10-21. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 310
are in a link-up operative state. Otherwise, you can use the show running-config privileged EXEC command to confirm the configuration. 13-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 311
section on page 10-21. Configuring the Switch Priority of a VLAN You can configure the switch priority and make it more likely that the switch will be chosen as the root switch. Note Exercise command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 312
switch is alive. • For vlan-id, you can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. The range is 1 to 4094. • For seconds, the range is 1 to 10 Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 313
time of a VLAN. The maximum-aging time is the number of seconds a switch waits without receiving spanning-tree configuration messages before attempting a reconfiguration. • For vlan global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 13-21 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 314
command. Displaying the Spanning-Tree Status To display the spanning-tree status, use one or more of the privileged EXEC commands in Table 13-5: Table 13-5 Commands for command reference for this release. 13-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 315
-tree instances needed to support a large number of because a failure in one instance (forwarding path) switched network. This deployment provides the highly available network required in a service-provider environment. When the switch Blade Switch 3020 for HP Software Configuration Guide 14-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 316
a network, but each region can support up to 65 spanning-tree instances. Instances can be identified by any number in the range from 0 to 4094. You can assign a VLAN to only one spanning-tree instance at a time. 14-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 317
instances, the number of BPDUs that need to be processed to support multiple spanning-tree instances is significantly reduced. All MST instances within except for the one that contains the true CIST regional root. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 318
-tree information into the BPDUs to interact with neighboring switches and compute the final spanning-tree topology. Because of this, the spanning-tree parameters related to BPDU transmission (for example, 14-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 319
The hop count achieves the same result as the message-age information (triggers a reconfiguration). The root switch of the instance always sends a BPDU (or M-record) with a cost of 0 and the hop count set to the OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 320
one and propagates this value as the remaining hop count in the BPDUs it generates. When the count reaches zero, the switch MST instances. When a message is internal, the CIST part is received by the CIST, and each MST instance receives Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 321
and Prestandard Switch Interoperation Segment X MST Region Switch A Switch B 92721 Segment Y Note We recommend that you minimize the interaction between standard and prestandard MST implementations. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 322
802.1D STP A switch running MSTP supports a built-in protocol migration mechanism that enables it to interoperate with legacy IEEE 802.1D switches. If this switch receives a legacy IEEE 802.1D spanning tree). 14-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 323
Topology, page 14-9 • Rapid Convergence, page 14-10 • Synchronization of Port Roles, page 14-11 • Bridge guide defines the port state as blocking instead of discarding. Designated ports start in the listening state. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 324
to the forwarding state. With each iteration of this handshaking process, one more switch joins the active topology. As the network converges, this proposal-agreement -type interface configuration command. 14-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 325
port RP = root port F = forwarding 88760 Synchronization of Port Roles When the switch receives a proposal message on one of its ports and that port is selected as the new root port, the RSTP blocking. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 326
Flags Bit 0 1 2-3: 00 01 10 11 4 5 6 7 Function Topology change (TC) Proposal Port role: Unknown Alternate port Root port Designated port Learning Forwarding Agreement Topology change acknowledgement (TCA) 14-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 327
802.1D switch and a configuration BPDU with the TCA bit set is received, the TC-while timer is reset. This behavior is only required to support IEEE 802.1D switches. The RSTP BPDUs never have the TCA bit set. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 328
MSTP configuration. Table 14-4 Default MSTP Configuration Feature Spanning-tree mode Switch priority (configurable on a per-CIST port basis) Default Setting PVST+ (Rapid PVST+ and MSTP are disabled). 32768. 14-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 329
particular MST instance is unlimited. • PVST+, rapid PVST+, and MSTP are supported, but only one version can be active at any time. (For example, all VLANs run to manually configure the switches in the clouds. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 330
region can only support up to 65 spanning-tree instances. You can assign a VLAN to only one spanning-tree instance series, use a comma; for example, instance 1 vlan 10, 20, 30 maps VLANs 10, 20, and 30 to MST instance 1. Specify the Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 331
system ID support will become the root switch. The extended system ID increases the switch priority value every time the VLAN number is greater than the priority of the connected switches running older software. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 332
root switch for the specified instance if the primary root switch fails. This is assuming that the other network switches use the default switch priority of 32768 and therefore are unlikely to become the root switch. 14-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 333
one switch to configure multiple backup root switches. Use the same network diameter and hello-time values that you used when you configured the primary root switch messages by the root switch. The range is 1 to 10 seconds; the default is Blade Switch 3020 for HP Software Configuration Guide 14-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 334
cost value, the MSTP puts the interface with the lowest interface number in the forwarding state and blocks the other interfaces. 14-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 335
you use the spanning-tree mst instance-id root primary and the spanning-tree mst instance-id root secondary global configuration commands to modify the switch priority. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-21 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 336
by the root switch. These messages mean that the switch is alive. For seconds, the range is 1 to 10; the default is switch to its default setting, use the no spanning-tree mst hello-time global configuration command. 14-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 337
privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file. To return the switch to its default setting, use the no spanning-tree mst max-age global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 14-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 338
to ensure a loop-free topology as described in the "Rapid Convergence" section on page 14-10. By default, the link type is controlled from the duplex mode of the interface: a full configuration command. 14-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 339
the Protocol Migration Process A switch running MSTP supports a built-in protocol migration mechanism specific interface, use the clear spanning-tree detected-protocols interface interface-id privileged EXEC command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 340
MST Configuration and Status To display the spanning-tree status, use one or more of the privileged EXEC commands in Table 14-5: Table Switch Module for the HP BladeSystem p-Class Command Reference Guide for this release. 14-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 341
15-3 • Understanding BackboneFast, page 15-5 • Understanding EtherChannel Guard, page 15-7 • Understanding Root Guard, page 15-8 • Understanding Loop Guard, page 15-9 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 15-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 342
command. Figure 15-1 Port Fast-Enabled Interfaces Blade Switch Blade Servers Port Fast-enabled ports Blade Servers 119646 Understanding BPDU Guard The BPDU guard it is put in the error-disabled state. 15-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 343
, distribution switches, and access switches. Figure 15-2 shows a complex network where distribution switches and access switches each have at least one redundant link that spanning tree blocks to prevent loops. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 15-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 344
link failures. Switch A, the root switch, is connected directly to Switch B over link L1 and to Switch C over link L2. The Layer 2 interface on Switch C that is connected directly to Switch B is in a blocking state. 15-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 345
connection to the root switch). Under spanning-tree rules, the switch ignores inferior BPDUs for the configured maximum aging time specified by the spanning-tree vlan vlan-id max-age global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 15-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 346
time on the interface that received the RLQ reply. If one or more alternate paths can still connect to the root switch, the switch makes all interfaces on which it received an inferior BPDU failure of link L1. 15-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 347
guard places the switch interfaces in the error-disabled state, and displays an error message. You can enable this feature by using the spanning-tree etherchannel guard misconfig global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 15-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 348
root guard enabled Desired root switch Enable the root-guard feature on these interfaces to prevent switches in the customer network from becoming the root switch or being in the path to the root. 101232 15-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 349
Configuration, page 15-9 • Optional Spanning-Tree Configuration Guidelines, page 15-10 • Enabling Port Fast, page 15-10 (optional) • Enabling BPDU Guard, page 15-11 (optional) • . Disabled on all interfaces. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 15-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 350
disabling loops in your network, which could cause broadcast storms and address-learning problems. If you enable the voice VLAN feature, the Port Fast feature is automatically entries in the configuration file. 15-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 351
response to invalid configurations because you must manually put the interface back in service. Use the BPDU guard feature in a service-provider network to prevent an access port configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 15-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 352
and can result in spanning-tree loops. You can enable the BPDU filtering feature if your switch is running PVST+, rapid PVST+, or MSTP. Beginning in privileged EXEC mode, follow these steps configuration command. 15-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 353
file. When UplinkFast is enabled, the switch priority of all VLANs is set to switches in the network. BackboneFast is not supported on Token Ring VLANs. This feature is supported for use with third-party switches. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 354
Guard You can enable EtherChannel guard to detect an EtherChannel misconfiguration if your switch is running PVST+, rapid PVST+, or MSTP. Beginning in privileged EXEC channel interfaces that were misconfigured. 15-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 355
both root guard and loop guard at the same time. You can enable this feature if your switch is running PVST+, rapid PVST+, or MSTP. Beginning in privileged EXEC mode, follow these steps to configuration mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 15-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 356
the Spanning-Tree Status To display the spanning-tree status, use one or more of the privileged EXEC commands in Table 15-2: Table Cisco Catalyst Blade Switch 3020 for HP Command Reference for this release. 15-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 357
interface as the Flex Link or backup link. When one of the links is up and forwarding traffic, the other link is in standby mode, ready to begin forwarding traffic if the other link shuts down. At any given time, OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 16-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 358
server. The switch sends a MAC address-table move update packet from port 2. Switch C gets this packet on port 4 and immediately learns the MAC address of the PC on port 4, which reduces the reconvergence time. 16-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 359
port 4, which reduces the loss of traffic from the server to the PC. Figure 16-2 MAC Address-Table Move Update Example Server Switch C Port 3 Port 4 Switch B Switch D Port 1 Port 2 Switch A PC 141223 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 16-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 360
interface. • An interface can belong to only one Flex Link pair. An interface can be a backup link for only one active link. An active link cannot belong MAC address-table move update feature is not configured on the switch. 16-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 361
Flex Links, page 16-5 • Configuring the MAC Address-Table Move Update Feature, page 16-6 Layer 2 interface (or port channel) as part of a Flex Link pair with the interface. When one link is forwarding traffic, the other interface Blade Switch 3020 for HP Software Configuration Guide 16-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 362
Configuring the MAC Address-Table Move Update Feature This section contains this information: • Configuring a switch to send MAC address-table move updates • Configuring a switch to get MAC address-table move updates 16-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 363
.1780 Dst mac-address : 0180.c200.0010 Vlans/Macs supported : 1023/8320 Default/Current settings: Rcv Off/On, Xmt Off/On Max packets per min : Rcv 40, Xmt 60 Rcv packet count : 5 Rcv conforming packet count : 5 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 16-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 364
configured for an interface or all the configured Flex Links and the state of each active and backup interface (up or standby mode). Displays the MAC address-table move update information on the switch. 16-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 365
, page 17-6 • Displaying DHCP Snooping Information, page 17-10 Understanding DHCP Features DHCP is widely used in LAN environments to and Services" section of the Cisco IOS IP Configuration Guide, Release 12.2. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 17-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 366
to one or more 10 switch compares the source MAC address and the DHCP client hardware address. If the addresses match (the default), the switch forwards the packet. If the addresses do not match, the switch drops the packet. 17-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 367
access switch and are uniquely identified. Note The DHCP option-82 feature is supported only when DHCP snooping is globally enabled and on the VLANs to which subscriber devices using this feature are assigned. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 17-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 368
Blade switch (DHCP relay agent) Access layer VLAN 10 Blade Server A (DHCP client) Subscribers Blade blade switch receives the DHCP request, it adds the option-82 information in the packet. The remote-ID suboption is the switch MAC Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 369
are copper 10/100/1000BASE-T ports Gi0/21 and Gi0/22. Ports 23x and 24x are dual-purpose external/internal 10/100/ MAC address 6 bytes Figure 17-2 shows the packet formats for user-configured remote-ID and circuit-ID suboptions The switch Blade Switch 3020 for HP Software Configuration Guide 17-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 370
agent DHCP packet forwarding address Checking the relay agent information Default Setting Enabled in Cisco IOS software, requires configuration1 Enabled2 None configured Enabled (invalid messages are dropped)2 17-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 371
, the DHCP option-82 data insertion feature is not supported. • If a switch port is connected to a DHCP server, configure a port as trusted by entering the ip dhcp snooping trust interface configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 17-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 372
the switch: Step 1 Step 2 Command configure terminal service dhcp switch to insert and remove DHCP relay information (option-82 field) in forwarded DHCP request messages to the DHCP server. This is the default setting. 17-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 373
untrusted. Step 10 ip dhcp snooping one VLAN on which DHCP snooping is enabled. Step 11 exit Return to global configuration mode. Step 12 ip dhcp snooping verify mac-address (Optional) Configure the switch to verify that the source MAC Blade Switch 3020 for HP Software Configuration Guide 17-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 374
IOS IP Configuration Guide, Release 12.2. Displaying DHCP Snooping Information To display the DHCP snooping information, use one or more of state, the switch does not delete the statically configured bindings. 17-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 375
associated with IP multicast devices. As the name implies, IGMP snooping requires the LAN switch to snoop on the IGMP transmissions between the host and the router and to keep track the multicast clients. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 376
IGMPv3 hosts. It constrains traffic to approximately the same set of ports as the IGMP snooping feature on IGMPv2 or IGMPv1 hosts. 18-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 377
18-1. Figure 18-1 Initial IGMP Join Message Router A CPU 19 Switching engine 0 IGMP report 224.1.2.3 VLAN 119647 Forwarding table 1 3 5 7 Blade Blade Blade Blade Server 1 Server 2 Server 3 Server 4 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 378
Forwarding table 1 3 5 7 Blade Blade Blade Blade Server 1 Server 2 Server 3 Server 4 Table 18-2 Updated IGMP Snooping Forwarding Table Destination Address 224.1.2.3 Type of Packet IGMP Ports 1, 2, 5 18-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 379
time overrides the global configuration. For configuration steps, see the "Configuring the IGMP Leave Timer" section on page 18-11. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 380
supported when the query includes IGMPv3 reports. The switch uses IGMP report suppression to forward only one Configuring a Blade Server Statically to Join a Group, page 18-9 • Enabling IGMP Immediate Leave, page 18-10 • Configuring Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 381
Enabling or Disabling IGMP Snooping By default, IGMP snooping is globally enabled on the switch. When globally enabled or disabled, it is also enabled or disabled in all existing you can enable VLAN snooping. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 382
to the forwarding table for every Layer 2 multicast entry. The switch learns of such ports through one of these methods: • Snooping on IGMP queries, Protocol Independent your entries in the configuration file. 18-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 383
that are connected to Layer 2 ports normally join multicast groups dynamically. You can also statically configure a Layer 2 port, to which a blade server is connected, so that the port joins a multicast group. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 384
mac-address interface interface-id global configuration command. This example shows how to statically configure a blade server on a port: Switch# configure terminal Switch( your entries in the configuration file. 18-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 385
• The default leave time is 1000 milliseconds. • The IGMP configurable leave time is only supported on hosts running IGMP Version 2. • The actual leave latency in the network is usually the TCN Event, page 18-13 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 386
of IGMP general queries for which the multicast traffic is flooded. The range is 1 to 10. By default, the flooding query count is 2. Return to privileged EXEC mode. Verify the . Return to privileged EXEC mode. 18-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 387
privileged EXEC command. The IGMP snooping querier does not generate an IGMP general query if it cannot find an available IP address on the switch. • The IGMP snooping querier supports IGMP Versions 1 and 2. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 388
Step 10 copy Switch(config)# end This example shows how to set the IGMP snooping querier timeout to 60 seconds: Switch# configure terminal Switch(config)# ip igmp snooping querier timeout expiry 60 Switch(config)# end 18-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 389
supported when the query includes IGMPv3 reports. IGMP report suppression is enabled by default. When it is enabled, the switch forwards only one MAC address multicast entries for a VLAN configured for IGMP snooping. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 390
information, use one or more of table information for a multicast VLAN or about a specific parameter for the VLAN: • vlan-id-The VLAN manually configured multicast router interfaces. Note When you enable IGMP snooping, the switch Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 391
port links, which occurs when the blade server runs in compatible mode. Only Layer 2 ports take part in MVR. You must configure ports as MVR receiver ports. Only one MVR multicast VLAN per switch is supported. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 392
receive the multicast stream. Multiple set-top boxes or PCs can be connected to one subscriber port, which is a switch port configured as an MVR receiver port. Figure 18-3 is an example configuration. VLAN. 18-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 393
television, the set-top box sends an IGMP leave message for the multicast stream. The switch CPU sends a MAC-based general query through the receiver port VLAN. If there is another set-top box VLAN 1 Compatible OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 394
to this address is sent to all source ports on the switch and all receiver ports that have elected to receive data on that multicast address. Each multicast address would correspond to one television channel. 18-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 395
and the default is 5 tenths or one-half second. mvr vlan vlan-id (Optional 2900 XL switches and does not support IGMP dynamic switch. Specify the Layer 2 port to configure, and enter interface configuration mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 396
an MVR port as one of these: • source Switch(config-if)# mvr immediate Switch(config)# end Switch# show mvr interface Port Type Status Immediate Leave ---- ---- ------- Gi0/2 RECEIVER ACTIVE/DOWN ENABLED 18-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 397
[vlan vlan-id]] When a specific interface is entered, displays this information: • Type-Receiver or Source • Status-One of these: - Active means the port is part of a VLAN. - Up/Down the multicast traffic. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 398
received IGMP report. Note IGMPv3 join and leave messages are not supported on switches running IGMP filtering. These sections contain this configuration information: • a command or returns to its defaults. 18-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 399
address or a range with a start and an end address. The default is for the switch to have no IGMP profiles configured. When a profile is configured, if neither the permit can have only one profile applied to it. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-25 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 400
Beginning in privileged EXEC mode, follow these steps to apply an IGMP profile to a switch port: Step 1 Step 2 Command configure terminal interface interface-id Step 3 ip igmp in the configuration file. 18-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 401
entries are aged out and the maximum number of entries is in the forwarding table, the switch drops the next IGMP report received on the interface. - If you configure the throttling action report was received. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 18-27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 402
interface or the configuration of all interfaces on the switch, including (if configured) the maximum number of IGMP groups to which an interface can belong and the IGMP profile applied to the interface. 18-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 403
unicast storm on one of the physical switch counts the number of packets of a specified type received within the 1-second time interval and compares the measurement with a predefined suppression-level threshold. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 404
below the falling threshold (if one is specified) and then resumes normal forwarding. If the falling suppression level is not specified, the switch blocks all traffic until the traffic for each traffic type. 19-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 405
differ from the configured level by several percentage points. Note Storm control is supported on physical interfaces. You can also configure storm control on an EtherChannel. When interface configuration mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 19-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 406
(Optional) For pps-low, specify the falling threshold level in packets per second (up to one decimal place). It can be less than or equal to the rising threshold level. The port . Return to privileged EXEC mode. 19-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 407
that no traffic be forwarded at Layer 2 between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an 19-6 • Configuring a Protected Port, page 19-6 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 19-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 408
other ports. These sections contain this configuration information: • Default Port Blocking Configuration, page 19-7 • Blocking Flooded Traffic on an Interface, page 19-7 19-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 409
identified secure MAC addresses, a security violation occurs. Also, if a station with a secure MAC address configured or learned on one secure port attempts to access another secure port, a violation is flagged. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 19-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 410
do not save the sticky secure addresses, they are lost. If sticky learning is disabled, the sticky secure MAC addresses are converted to dynamic secure addresses and are removed from the running configuration. 19-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 411
dropped until you remove a sufficient number of secure MAC addresses. 2. The switch returns an error message if you manually configure an address that would cause a security violation. Shuts down port No No Yes OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 19-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 412
When the port is connected to a Cisco IP phone, the IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but switch does not support port security aging of sticky secure MAC addresses. 19-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 413
EXEC mode, follow these steps to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port: Step 1 Step 2 Step 3 Enable port security on the interface. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 19-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 414
} violation is detected, as one of these: • protect-When the number of port secure MAC addresses reaches the maximum limit manually re-enable it by entering the shutdown and no shutdown interface configuration commands. 19-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 415
10 switchport port-security mac-address sticky switchport port-security mac-address sticky [mac-address | vlan {vlan-id | {access | voice}}] (Optional) vlan-set a per-VLAN maximum value. Enter one file. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 19-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 416
maximum 20 Switch(config-if)# switchport port-security violation restrict Switch(config-if)# switchport port-security mac-address sticky Switch(config-if)# switchport port-security mac-address sticky 0000.0000.0002 19-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 417
. Use this feature to remove and add devices on a secure port without manually deleting the existing secure MAC addresses and to still limit the number of secure addresses on a port. in the configuration file. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 19-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 418
and port security settings. To display traffic control information, use one or more of the privileged EXEC commands in Table 19-4. Table of secure MAC addresses configured per VLAN on the specified interface. 19-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 419
to learn about neighboring devices. On the switch, CDP enables SNMP management applications such as HP OpenView and CiscoWorks to display a graphical view of the network. The switch supports CDP Version 2. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 20-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 420
your device before discarding it. The range is 10 to 255 seconds; the default is 180 seconds. (Optional) Configure CDP to send Version-2 advertisements. This is the default state. Return to privileged EXEC mode. 20-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 421
mode. Enable CDP after disabling it. Return to privileged EXEC mode. This example shows how to enable CDP if it has been disabled. Switch# configure terminal Switch(config)# cdp run Switch(config)# end OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 20-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 422
by default on all supported interfaces to send and Switch(config)# interface gigabitethernet0/1 Switch(config-if)# cdp enable Switch(config-if)# end Monitoring and Maintaining CDP To monitor and maintain CDP on your device, perform one Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 423
can limit the display to neighbors of a specific interface or expand the display to provide more detailed information. Display CDP counters, including the number of packets sent and received and checksum errors. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 20-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 424
Monitoring and Maintaining CDP Chapter 20 Configuring CDP 20-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 425
alerts you. Unidirectional links can cause a variety of problems, including spanning-tree topology loops. Modes of Operation UDLD supports two modes of operation: normal (the default) and by the local device. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 21-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 426
restarts the detection window on its side of the connection and sends echo messages in reply. Because this behavior is the same on all UDLD neighbors, the sender of the echoes expects to receive an echo in reply. 21-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 427
detection window Switch A TX RX Switch B successfully receives traffic from Switch A on this port. TX RX However, Switch A does not receive traffic from Switch B on the same port. If UDLD is in aggressive mode, it detects the problem Blade Switch 3020 for HP Software Configuration Guide 21-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 428
a unidirectional link if it is connected to a UDLD-incapable port of another switch. • When configuring the mode (normal or aggressive), make sure that the same mode is configured on both sides of the link. 21-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 429
or normal mode and to set the configurable message timer on all fiber-optic ports on the switch: Step 1 Step 2 Step 3 Step 4 Step 5 Command Purpose configure terminal Enter global configuration mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 21-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 430
[interface-id] privileged EXEC command. For detailed information about the fields in the command output, see the command reference for this release. 21-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 431
source ports or source VLANs to a destination port for analysis. SPAN does not affect the switching of network traffic on the source ports or VLANs. You must dedicate the destination port for suspected attacker. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 432
VLAN to a destination session monitoring the RSPAN VLAN. Each RSPAN source switch must have either ports or VLANs as RSPAN sources. The destination is always a physical port, as shown on Switch C in the figure. 22-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 433
(local or remote) allow you to monitor traffic on one or more ports, or one or more VLANs, and send the monitored traffic to one or more destination ports. A local SPAN session is an RSPAN destination port. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 434
of the switch. However, an oversubscribed SPAN destination, for example, a 10-Mbps port at least one source port or VLAN for that session. • The switch does not support a service (QoS)-for example, modified Differentiated Services Code Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 435
source ports or VLANs for traffic in one or both directions. The switch supports any number of source ports (up to the maximum number of available ports on the switch) and any number of source VLANs port channel. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 436
(VSPAN) is the monitoring of the network traffic in one or more VLANs. The SPAN or RSPAN source interface in can limit SPAN traffic monitoring on trunk source ports to specific VLANs by using VLAN filtering. • VLAN filtering applies Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 437
or a VLAN. • It can participate in only one SPAN session at a time (a destination port in one SPAN session cannot be a destination port for a in the RSPAN VLAN is always flooded. • No MAC address learning occurs on the RSPAN VLAN. • RSPAN Blade Switch 3020 for HP Software Configuration Guide 22-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 438
VLAN range (1006 to 4094), you must manually configure all intermediate switches. It is normal to have multiple RSPAN be configured as a SPAN source port and still be a part of the EtherChannel. In this case, data from the physical Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 439
: • SPAN Configuration Guidelines, page 22-10 • Creating a Local SPAN Session, page 22-10 • Creating a Local SPAN Session and Configuring Incoming Traffic, page 22-13 • Specifying VLANs to Filter, page 22-14 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 440
not start until the destination port and at least one source port or source VLAN are enabled. • You can limit SPAN traffic to specific VLANs by using the filter vlan keyword. If a remove all remote SPAN sessions. 22-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 441
in a series of commands, but you cannot combine source ports and source VLANs in one session. Step 4 monitor session session_number destination {interface interface-id [, | -] [encapsulation EXEC mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 442
session 2 Switch(config)# monitor session 2 source vlan 1 - 3 rx Switch(config)# monitor session 2 destination interface gigabitethernet0/2 Switch(config)# monitor session 2 source vlan 10 Switch(config)# end 22-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 443
not related to incoming traffic, see the "Creating a Local SPAN Session" section on page 22-10. Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Command configure terminal no in the configuration file. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 444
a trunk port. monitor session session_number filter vlan Limit the SPAN source traffic to specific VLANs. vlan-id [, | -] For session_number, enter the session number specified in before and after the hyphen. 22-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 445
Guidelines" section on page 22-10 apply to RSPAN. • As RSPAN VLANs have special properties, you should reserve a few VLANs across your network for use as RSPAN VLANs; do not assign access ports to these VLANs. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 446
and destination switches and any intermediate switches. Use VTP pruning to get an efficient flow of RSPAN traffic, or manually delete the RSPAN VLAN from all trunks that do not need to carry the RSPAN traffic. 22-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 447
command. This example shows how to create RSPAN VLAN 901. Switch(config)# vlan 901 Switch(config-vlan)# remote span Switch(config-vlan)# end Creating an RSPAN Source Session Beginning in privileged sessions. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 448
combine source ports and source VLANs in one session. (Optional) [, | -] Switch(config)# monitor session 1 source interface port-channel 2 Switch(config)# monitor session 1 destination remote vlan 901 Switch(config)# end 22-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 449
monitor [session session_number] show running-config Step 10 copy running-config startup-config Purpose Enter global the command-line help string, encapsulation replicate is not supported for RSPAN. The original VLAN ID is overwritten by Blade Switch 3020 for HP Software Configuration Guide 22-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 450
the source RSPAN VLAN. For session_number, the range is 1 to 66. For vlan-id, specify the source RSPAN VLAN to monitor. 22-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 451
replicate is not supported for RSPAN. The Switch(config)# monitor session 2 source remote vlan 901 Switch(config)# monitor session 2 destination interface gigabitethernet0/2 ingress vlan 6 Switch(config)# end OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 452
specific Switch(config)# monitor session 2 source interface gigabitethernet0/2 rx Switch(config)# monitor session 2 filter vlan 1 - 5 , 9 Switch(config)# monitor session 2 destination remote vlan 902 Switch(config)# end 22-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 453
EXEC command. You can also use the show running-config privileged EXEC command to display configured SPAN or RSPAN sessions. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 22-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 454
Displaying SPAN and RSPAN Status Chapter 22 Configuring SPAN and RSPAN 22-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 455
Task Force (IETF) standard monitoring specification that allows various network agents and console switch to monitor all the traffic flowing among switches on all connected LAN segments as shown in Figure 23-1. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 456
, depending on the switch type and supported interfaces) for a specified polling interval. • Alarm (RMON group 3)-Monitors a specific management information base ( Statistics on an Interface, page 23-5 (optional) 23-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 457
RMON 1 is supported on the switch. Configuring RMON Alarms and Events You can configure your switch for RMON by value, specify a number at which the alarm is triggered and one for when the alarm is reset. The range for the rising threshold Blade Switch 3020 for HP Software Configuration Guide 23-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 458
on any MIB object. The following example configures RMON alarm number 10 by using the rmon alarm command. The alarm monitors the MIB Switch(config)# rmon event 1 log trap eventtrap description "High ifOutErrors" owner jjones 23-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 459
statistics. Return to privileged EXEC mode. Verify your entries. Display the contents of the switch history table. (Optional) Save your entries in the configuration file. To disable history configuration mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 23-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 460
owner root: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# rmon collection stats 2 owner root Displaying RMON Status To display the RMON status, use one or more of Reference, Release 12.2. 23-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 461
switch software saves syslog messages in an internal buffer. You can remotely monitor system messages by viewing the logs on a syslog server or by accessing the switch through Telnet or through the console port. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 24 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 462
a list of supported facilities, see Table 24-4 on page 24-11. severity Single-digit code from 0 to 7 that is the severity of the message. For a description of the severity levels, see Table 24-3 on page 24-9. 24-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 463
1 18:46:11: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) 18:47:02: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) *Mar 1 18:48:50.483 UTC: %SYS-5- that generated the messages. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 24-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 464
send messages to specific locations in addition to the console. Beginning in privileged EXEC mode, use one or more of switch. However, this value is the maximum available, and the buffer size should not be set to this amount. 24-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 465
steps, see the "Configuring UNIX Syslog Servers" section on page 24-10. Store log messages in a file in flash memory. • For filename with solicited device output and prompts for a specific console port line or virtual terminal line. You Blade Switch 3020 for HP Software Configuration Guide 24-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 466
logging of messages. • Use the console keyword for configurations that occur through the switch console port. • Use the line vty line-number command to specify which vty -buffers] line configuration command. 24-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 467
%SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) This example shows part of a logging display with the service timestamps log uptime global configuration command enabled: 00: the configuration file. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 24-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 468
use the no service sequence-numbers global configuration command. This example shows part of a logging , see the "Configuring UNIX Syslog Servers" section on page 24-10. Return to privileged EXEC mode. Verify your entries. (Optional) Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 469
the history table because SNMP traps are not guaranteed to reach their destination. By default, one message of the level warning and numerically lower levels (see Table 24-3 on page emergencies messages are sent. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 24-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 470
syslog messages that can be stored in the history table. The default is to store one message. The range is 0 to 500 messages. end Return to privileged EXEC mode. /cisco.log $ chmod 666 /var/log/cisco.log 24-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 471
the UNIX system facilities supported by the software. For more information about these facilities, consult the operator's manual for your UNIX operating system Kernel Locally defined messages Line printer system OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 24-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 472
privileged EXEC command. For information about the fields in this display, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2. 24-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 473
part of a network management system (NMS) such as CiscoWorks. The agent and MIB reside on the switch. To configure SNMP on the switch, , restarts, link status (up or down), MAC address tracking, closing of a TCP connection, loss Catalyst Blade Switch 3020 for HP Software Configuration Guide 25-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 474
page 25-5 • SNMP ifIndex MIB Object Values, page 25-5 SNMP Versions This software release supports these SNMP versions: • SNMPv1-The Simple Network Management Protocol, a Full Internet SNMPv2C, and SNMPv3. 25-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 475
multiple managers, you can configure the software to support communications using SNMPv1, SNMPv2C, or -request sent by an NMS. set-request Stores a value in a specific variable. trap An unsolicited message sent by an SNMP agent to an Blade Switch 3020 for HP Software Configuration Guide 25-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 476
, Get-next-request, Get-bulk, Set-request Network device 43581 SNMP Manager Get-response, traps MIB SNMP Agent For information on supported MIBs and how to access them, see Appendix A, "Supported MIBs." 25-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 477
not support informs. switch virtual interface 2. SFP = small form-factor pluggable ifIndex Range 1-4999 5000-5012 5013-5077 5078-5142 10000-14500 14501 Note The switch might not use sequential values within a range. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 478
global configuration commands. SNMP Configuration Guidelines If the switch starts and the witch startup configuration has at least one snmp-server global configuration command, the SNMP agent remote SNMP engine. 25-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 479
versions (Version 1, Version 2C, and Version 3) on the device. No specific Cisco IOS command exists to enable SNMP. The first snmp-server global configuration command that you enter enables all versions of SNMP. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 25-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 480
to be applied to the source. Place ones in the bit positions that you want to ignore. Recall that the access list is always terminated by an implicit deny statement for everything. Return to privileged EXEC mode. 25-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 481
the null string (do not enter a value for the community string). To remove a specific community string, use the no snmp-server community string global configuration command. This example shows The default is 162. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 25-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 482
(also called privacy). Note The priv keyword is available only when the cryptographic software image is installed. • (Optional) Enter read readview with a string (not ) that is the name of the access list. 25-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 483
whether to send SNMP notifications as traps or informs. Table 25-5 describes the supported switch traps (notification types). You can enable any or all of these traps and configure configuration changes. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 25-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 484
Switch Notification Types (continued) Notification Type Keyword config-copy entity envmon flash hsrp ipmulticast mac keywords are not supported. To enable specific host to receive the notification types listed in Table 25-5. 25-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 485
the host. • (Optional) Specify the SNMP version (1, 2c, or 3). SNMPv1 does not support informs. • (Optional) For Version 3, select authentication level auth, noauth, or priv. Note 1 to 1000; the default is 10. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 25-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 486
Command snmp-server trap-timeout seconds Step 10 Step 11 Step 12 end show running- snmp-server host informs global configuration command. To disable a specific trap type, use the no snmp-server enable traps notification- Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 487
snmp-server enable traps vtp Switch(config)# snmp-server host 192.180.1.27 version 2c public Switch(config)# snmp-server host 192.180.1.111 version 1 public Switch(config)# snmp-server host 192.180.1.33 public OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 25-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 488
to the host cisco.com. The community string is restricted. The first line enables the switch to send Entity MIB traps in addition to any traps previously enabled. The second line specifies the SNMP users table. 25-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 489
the packet. If there are no restrictions, the switch forwards the packet; otherwise, the switch drops the packet. The switch can use ACLs on all packets it forwards, including packets bridged within a VLAN. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 490
switch could be allowed onto all parts of the network. You can use ACLs to control which hosts can access different parts switch does not support port ACLs in the outbound direction. You can apply only one IP access list and one MAC Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 491
on a switch. Port ACLs are supported only on physical MAC addresses. You can filter both IP and non-IP traffic on the same Layer 2 interface by applying both an IP access list and a MAC access list to the interface. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 492
10 from being forwarded. You can apply only one VLAN map to a VLAN. Figure 26-2 Using VLAN Maps to Control Traffic Blade Server A (VLAN 10) Blade Server B (VLAN 10) 101353 = VLAN map denying specific . 26-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 493
Services" chapter of the Cisco IOS IP Configuration Guide, Release 12.2. For detailed information about the commands, see the Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services, Release 12.2. The switch does not support Blade Switch 3020 for HP Software Configuration Guide 26-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 494
permit and deny conditions. One by one, the switch tests packets against the conditions in an access critical. If no conditions match, the switch denies the packet. The software supports these types of ACLs or access lists Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 495
SAP access list Extended 48-bit MAC address access list IPX summary address access list IP standard access list (expanded range) IP extended access list (expanded range) Supported Yes Yes No No No a named list. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 496
ACL specification, Switch (config)# access-list 2 deny host 171.69.198.102 Switch (config)# access-list 2 permit any Switch(config)# end Switch# show access-lists Standard IP access list 2 10 deny 171.69.198.102 20 permit any 26-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 497
access lists. It also does not support filtering based on the type of service (ToS) minimize-monetary-cost bit. Supported parameters can be grouped into these categories: TCP, UDP, ICMP, IGMP, or other IP. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 498
This step includes options for most IP protocols. For additional specific parameters for TCP, UDP, ICMP, and IGMP, see fragments. • tos-Enter to match by type of service level, specified by a number from 0 to 15 10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 499
names, use the ? or see the "Configuring IP Services" section in the "IP Addressing and Services" chapter of the Cisco IOS IP Configuration Guide, Release 12.2. Use only TCP port numbers or names when for UDP. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 500
see the "Configuring IP Services" section of the Cisco IOS IP Configuration Guide, Release 12.2. Step 2e Switch(config)# access-list 102 permit tcp any any Switch(config)# end Switch# show access-lists Extended IP access list 102 10 Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 501
list. Note The name you give to a standard or extended ACL can also be a number in the supported range of access list numbers. That is, the name of a standard IP ACL can be 1 to 99 can be a number from 1 to 99. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 502
[source-wildcard] | host source | In access-list configuration mode, specify one or more conditions any} denied or permitted to decide if the packet is list specification, 0.0.0.0 is assumed to be the mask. 26-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 503
to a specific ACL. However one configured last is executed. • You can enter multiple periodic statements. For example, you could configure different hours for weekdays and weekends. See the example configurations. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 504
lpip_default 10 permit ip any any Extended IP access list deny_access 10 deny tcp any any time-range new_year_day_2006 (inactive) Extended IP access list may_access 10 permit tcp any any time-range workhours (inactive) 26-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 505
you to understand and scan. Each remark line Switch(config-ext-nacl)# deny tcp host 171.69.2.88 any eq telnet Applying an IPv4 ACL to a Terminal Line You can use numbered ACLs to control access to one . Identify a specific line to configure Blade Switch 3020 for HP Software Configuration Guide 26-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 506
interface-id Identify a specific interface for configuration, switch acts as if the ACL has not been applied to the interface and permits all packets. Remember this behavior if you use undefined ACLs for network security. 26-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 507
Services" section in the "IP Addressing and Services" chapter of the Cisco IOS IP Configuration Guide, Release 12.2. This example uses a standard ACL to allow a port access to a specific Internet host with the address 172.20.128.64. Switch Blade Switch 3020 for HP Software Configuration Guide 26-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 508
1 remark Permit only Jones server through Switch(config)# access-list 1 permit 171.69.2.88 Switch(config)# access-list 1 remark Do not allow Smith server through Switch(config)# access-list 1 deny 171.69.3.13 26-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 509
supported non-IP protocols in the mac MAC extended ACL: Step 1 Step 2 Command configure terminal mac access-list extended name Purpose Enter global configuration mode. Define an extended MAC access list using a name. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 510
by the port ACL. • You can apply no more than one IP access list and one MAC access list to the same Layer 2 interface. The IP access list filters only IP packets, and the MAC access list filters non-IP packets. 26-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 511
. For complete syntax and usage information for the commands used in this section, see the command reference for this release. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 512
part of the VLAN map is taken. If there is no match, the packet is tested against the next entry in the map. • If the VLAN map has at least one match clause for the type of packet (IP or MAC on page 26-28. 26-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 513
extended ip1 Switch(config-ext-nacl)# permit tcp any any Switch(config-ext-nacl)# exit Switch(config)# vlan access-map map_1 10 Switch(config-access-map)# match ip address ip1 Switch(config-access-map)# action drop OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 514
good-hosts Switch(config-ext-macl)# permit host 000.0c00.0111 any Switch(config-ext-macl)# permit host 000.0c00.0211 any Switch(config-ext-nacl)# exit Switch(config)# mac access-list extended good-protocols 26-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 515
, use the no vlan filter mapname vlan-list list global configuration command. This example shows how to apply VLAN map 1 to VLANs 20 through 22: Switch(config)# vlan filter map 1 vlan-list 20-22 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 516
a wiring closet configuration, the switch can support a VLAN map and a QoS Switch(config)# ip access-list extended http Switch(config-ext-nacl)# permit tcp host 10.1.1.32 host 10.1.1.34 eq www Switch(config-ext-nacl)# exit 26-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 517
that match SERVER1_ACL and forward IP packets that do not match the ACL. Switch(config)# vlan access-map SERVER1_MAP Switch(config-access-map)# match ip address SERVER1_ACL Switch(config-access-map)# action drop OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 26-29 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 518
interface interface-id] show mac access-group [interface interface-id] Purpose Display the contents of one or all current IP and MAC address access lists or a specific access list (numbered or VLAN access map. 26-30 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 519
techniques to provide preferential treatment. Implementing QoS in your network makes network performance more predictable and bandwidth utilization more effective. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 520
in the IP packet header, using 6 bits from the deprecated IP type of service (ToS) field to carry the classification (class) information. Classification can also be Note IPv6 QoS is not supported in this release. 27-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 521
mark), and provide different treatment (queue and schedule) in all situations where resource contention exists. The switch also needs to ensure that traffic sent from it meets a specific traffic profile (shape). OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 522
egress queues based on their configured SRR shared or shaped weights. One of the queues (queue 1) can be the expedited queue, which is serviced until empty before the other queues are serviced. Basic QoS Model 27-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 523
one kind of traffic from another by examining the fields in the packet. Classification is enabled only if QoS is globally enabled on the switch precedence-to-DSCP map. The IP Version 4 specification defines the 3 most-significant bits of the Blade Switch 3020 for HP Software Configuration Guide 27-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 524
to generate the QoS label. Assign the default DSCP (0). Generate the DSCP by using the CoS-to-DSCP map. Done Done 86834 27-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 525
MAC ACLs the switch offers best-effort service to the specified for each one of them. A specific traffic class by using the class, trust, or set policy-map configuration and policy-map class configuration commands. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 526
bridged or routed, is subjected to a policer, if one is configured. As a result, bridged packets might be 10. After you configure the policy map and policing actions, attach the policy to an ingress port or SVI by using the service Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 527
traffic within a policy map. Policing uses a token-bucket algorithm. As each frame is received by the switch, a token is added to the bucket. The bucket has a hole in it and leaks at a rate secondary policy map. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 528
interface-level policy map only supports individual policers and does not support aggregate policers. You can configure different interface-level policy maps for each class defined in the VLAN-level policy map. 27-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 529
this policer. Mark Drop Drop packet. Modify DSCP according to the policed-DSCP map. Generate a new QoS label. Done 92355 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 530
DSCP-to-DSCP-mutation map is the only map you apply to a specific port. All other maps apply to the entire switch. For configuration information, see the "Configuring DSCP Maps" section on page on page 27-17. 27-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 531
QoS Understanding QoS Queueing and Scheduling Overview The switch has queues at specific points to help prevent congestion as shown in queue, the threshold will be exceeded, so the switch drops it. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 532
SRR Shaping and Sharing Both the ingress and egress queues are serviced by SRR, which controls the rate at which packets are is the default mode, and it is the only mode supported. In shaped mode, the egress queues are guaranteed a Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 533
-queue input priority-queue global configuration command. The expedite queue has guaranteed bandwidth. 1. The switch uses two nonconfigurable queues for traffic that is essential for proper network operation. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 534
switch to a queue and to a threshold. Specifically, WTD to support distinct drop percentages Priority Queueing You can configure one ingress queue as the priority part of the bandwidth regardless of the load on the internal ring. SRR services Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 535
Yes being exceeded? No Queue the packet. Service the queue according to the SRR weights. switch flows through one of these four queues and is subjected to a threshold based on the QoS label assigned to the packet. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 536
a queue in the full condition to obtain more buffers than are reserved for it by setting a maximum threshold. The switch can allocate the needed buffers from the common pool if the common pool is not empty. 27-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 537
the switch to a queue and to a threshold. Specifically, to support distinct drop percentages thresholds and one nonconfigurable (implicit 13. Shaped or Shared Mode SRR services each queue-set in shared or software. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 538
using the default QoS behavior. (The default is that QoS is disabled. The switch then offers best-effort service to each packet, regardless of the packet contents or size, and sends it from Example, page 27-27 27-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 539
boundary feature. The switch uses the Cisco Discovery Protocol (CDP) to detect the presence or absence of a Cisco IP Phone. When a Cisco IP Phone is detected, the ingress classification on the port is set to OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-21 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 540
(config)# mls qos srr-queue output cos-map queue 3 threshold 3 2 4 Switch(config)# mls qos srr-queue output cos-map queue 4 threshold 2 1 Switch(config)# mls qos srr-queue output cos-map queue 4 threshold 3 0 27-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 541
)# mls qos srr-queue input bandwidth 90 10 Switch(config)# mls qos srr-queue input threshold 1 8 16 Switch(config)# mls qos srr-queue input threshold 2 34 66 Switch(config)# mls qos srr-queue input buffers 67 33 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 542
applies the policy map called AutoQoS-Police-SoftPhone to an ingress interface on which auto-QoS with the Cisco SoftPhone feature is enabled. Switch(config-if)# service-policy input AutoQoS-Police-SoftPhone 27-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 543
this new policy map instead of the generated one, remove the generated policy map from the supports only Cisco IP SoftPhone Version 1.3(3) or later. • Connected devices must use Cisco Call Manager Version 4 or later. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 544
QoS and to trust the QoS labels received in incoming packets when the switch or router connected to a port is a trusted device: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# auto qos voip trust 27-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 545
IP phones 148957 Figure 27-11 shows a network in which the VoIP traffic is prioritized over all other traffic. Auto-QoS is enabled on the switches in the wiring closets at the edge of the QoS domain. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 546
Step 6 exit Step 7 Step 8 interface interface-id Step 9 auto qos voip trust Step 10 end Step 11 show auto qos Step 12 copy running-config startup-config Purpose Enable debugging for the configuration file. 27-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 547
QoS settings. To display information about the QoS configuration that might be affected by auto-QoS, use one of these commands: • show mls qos • show mls qos maps cos-dscp • show mls qos , page 27-69 (optional) OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-29 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 548
is enabled. Table 27-8 Default DSCP Input Queue Threshold Map DSCP Value 0-39 40-47 48-63 Queue ID-Threshold ID 1-1 2-1 1-1 27-30 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 549
means that this queue is operating in shared mode. 2. One quarter of the bandwidth is allocated to each queue. 0 25 Table 27-10 shows the default CoS output queue threshold map when QoS is enabled. Table 27-10 Default CoS Output Queue Blade Switch 3020 for HP Software Configuration Guide 27-31 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 550
to the CPU. It is possible for bridged frames to be dropped or to have their DSCP and CoS values modified. 27-32 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 551
than one physical port, supports 256 policers switch are subject to all ingress QoS processing. • You are likely to lose data when you change queue settings; therefore, try to make changes when traffic is at a minimum. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 552
QoS on Physical Ports By default, VLAN-based QoS is disabled on all physical switch ports. The switch applies QoS, including class maps and policy maps, only on a physical-port basis. You on the physical port. 27-34 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 553
by using port trust states. Depending on your network configuration, you must perform one or more of these tasks or one or more of the tasks in the "Configuring a QoS Policy" section on P3 P1 IP Trusted boundary Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-35 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 554
if the packet is tagged; for an untagged packet, the default port CoS is used. Internally, the switch maps the CoS value to a DSCP value by using the CoS-to-DSCP map. Return to privileged section on page 27-59. 27-36 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 555
from the telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header contains the VLAN information and the class of service (CoS) 3-bit field, configure the switch port to which OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-37 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 556
include physical ports. Enable CDP on the port. By default, CDP is enabled. Configure the switch port to trust the CoS value in traffic received from the Cisco IP Phone. or Configure configuration command. 27-38 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 557
the switch modifies the internal DSCP value of the packet, which the switch uses to generate a class of service (CoS) value that represents the priority of the traffic. The switch also uses in the other domain. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-39 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 558
DSCP value. • For dscp-mutation-name, enter the mutation map name. You can create more than one map by specifying a new name. • For in-dscp, enter up to eight DSCP values separated by in the configuration file. 27-40 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 559
10 to 13 are mapped to DSCP 30: Switch(config)# mls qos map dscp-mutation gi0/21-mutation 10 11 12 13 to 30 Switch(config)# interface gigabitethernet0/2 Switch(config-if)# mls qos trust dscp Switch , you must perform one or more of these Blade Switch 3020 for HP Software Configuration Guide 27-41 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 560
using Layer 2 MAC ACLs. Beginning source. Place ones in the bit Switch(config)# access-list 1 permit 128.88.0.0 0.0.255.255 Switch(config)# access-list 1 permit 36.0.0.0 0.0.0.255 ! (Note: all other access implicitly denied) 27-42 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 561
placing ones in 10.1.1.1 to a destination host at 10.1.1.2 with a precedence value of 5: Switch(config)# access-list 100 permit ip host 10.1.1.1 host 10 Switch(config)# access-list 102 permit pim any 224.0.0.2 dscp 32 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 562
extended maclist1 Switch(config-ext-macl)# permit 0001.0000.0001 0.0.0 0002.0000.0001 0.0.0 Switch(config-ext-macl)# permit 0001.0000.0002 0.0.0 0002.0000.0002 0.0.0 xns-idp ! (Note: all other access implicitly denied) 27-44 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 563
. If neither the match-all or match-any keyword is specified, the default is match-all. Note Because only one match command per class map is supported, the match-all and match-any keywords function the same. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-45 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 564
defined. Only one match criterion per class map is supported, and only one ACL per class map is supported. • Switch(config)# class-map class3 Switch(config-cmap)# match ip precedence 5 6 7 Switch(config-cmap)# end Switch# 27-46 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 565
IP precedence values in the traffic class; setting a specific DSCP or IP precedence value in the traffic class; and configuring policy maps on physical ports: • You can attach only one policy map per ingress port. • If you configure the IP Blade Switch 3020 for HP Software Configuration Guide 27-47 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 566
match-any keyword is specified, the default is match-all. Note Because only one match command per class map is supported, the match-all and match-any keywords function the same. Create a policy in this command. 27-48 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 567
classified traffic. By default, no policer is defined. For information on the number of policers supported, see the "Standard QoS Configuration Guidelines" section on page 27-32. • For rate-bps on page 27-61. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-49 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 568
-ext-mac)# exit Switch(config)# mac access-list extended maclist2 Switch(config-ext-mac)# permit 0001.0000.0003 0.0.0 0002.0000.0003 0.0.0 Switch(config-ext-mac)# permit 0001.0000.0004 0.0.0 0002.0000.0004 0.0.0 aarp 27-50 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 569
setting a specific DSCP or You can attach only one policy map per ingress switch configuration. • If VLAN-based QoS is enabled, the hierarchical policy map supersedes the previously configured port-based policy map. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 570
-any keyword is specified, the default is match-all. Note Because only one match command per class map is supported, the match-all and match-any keywords function the same. match {access map configuration mode. 27-52 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 571
match input-interface interface-id-list Step 8 Step 9 Step 10 exit exit policy-map policy-map-name Step 11 class-map is match-all. Note Because only one match command per class map is supported, the match-all and match-any keywords Blade Switch 3020 for HP Software Configuration Guide 27-53 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 572
classified traffic. By default, no policer is defined. For information on the number of policers supported, see the "Standard QoS Configuration Guidelines" section on page 27-32. • For rate-bps in this command. 27-54 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 573
the hierarchical VLAN-level policy map has more than one interface-level policy map, all class maps must be configured to the same VLAN-level policy map specified in the service-policy policy-map-name command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-55 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 574
ip dscp 2 Switch(config-pmap-c)#service-policy port-plcmap-1 Switch(config-pmap)#exit Switch(config-pmap)#class-map cm-3 Switch(config-pmap-c)#match ip dscp 3 Switch(config-pmap-c)#service-policy port-plcmap-2 27-56 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 575
map. By default, no aggregate policer is defined. For information on the number of policers supported, see the "Standard QoS Configuration Guidelines" section on page 27-32. • For aggregate section on page 27-47. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-57 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 576
one policy map per ingress port is supported. Switch(config-pmap-c)# exit Switch(config-pmap)# class ipclass2 Switch(config-pmap-c)# set dscp 56 Switch(config-pmap-c)# police aggregate transmit1 Switch(config-pmap-c)# exit 27-58 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 577
QoS Configuring Standard QoS Switch(config-pmap)# exit Switch(config)# interface gigabitethernet0/1 Switch(config-if)# service-policy input aggflow1 Switch(config-if)# exit map. This procedure is optional. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-59 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 578
to-DSCP map: Switch(config)# mls qos map cos-dscp 10 15 20 25 30 35 40 45 Switch(config)# end Switch# show mls qos maps cos-dscp Cos-dscp map: cos: 0 1 2 3 4 5 6 7 dscp: 10 15 20 25 , you need to modify them. 27-60 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 579
: Switch(config)# mls qos map ip-prec-dscp 10 15 20 25 30 35 40 45 Switch(config)# end Switch# show mls qos maps ip-prec-dscp IpPrecedence-dscp map: ipprec: 0 1 2 3 4 5 6 7 dscp: 10 15 the configuration file. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-61 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 580
Switch(config)# end Switch# show mls qos maps policed-dscp Policed-dscp map: d1 : d2 0 1 2 3 4 5 6 7 8 9 0 : 00 01 02 03 04 05 06 07 08 09 1 : 10 a CoS value, which is used to select one of the four egress queues. Table 27-14 shows Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 581
If two QoS domains have different DSCP definitions, use the DSCP-to-DSCP-mutation map to translate one set of DSCP values to match the definition of another domain. You apply the DSCP-to-DSCP the same DSCP value. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-63 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 582
DSCP-mutation map. • For dscp-mutation-name, enter the mutation map name. You can create more than one map by specifying a new name. • For in-dscp, enter up to eight DSCP values separated by 6 : 60 61 62 63 27-64 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 583
mutated value. For example, a DSCP value of 12 corresponds to a mutated value of 10. Configuring Ingress Queue Characteristics Depending on the complexity of your network and your QoS solution, 27-68 (optional) OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-65 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 584
return to the default WTD threshold percentages, use the no mls qos srr-queue input threshold queue-id global configuration command. 27-66 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 585
between the ingress queues By default 90 percent of the buffers are allocated to queue 1, and 10 percent of the buffers are allocated to queue 2. For percentage1 percentage2, the range is 0 to in shared mode. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-67 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 586
Then, SRR shares the remaining bandwidth with both ingress queues and services them as specified by the weights configured with the mls qos srr-queue input bandwidth weight1 weight2 global configuration command. 27-68 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 587
the ring is congested. By default, the priority queue is queue 2, and 10 percent of the bandwidth is allocated to it. • For queue-id, the be serviced and which technique (shaped, shared, or both) should be used? OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 588
when the expedite queue is enabled or the egress queues are serviced based on their SRR weights: • If the egress expedite configuration command. The queues use WTD to support distinct drop percentages for different traffic classes. Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 589
port. • For allocation1 ... allocation4, specify four percentages, one for each queue in the queue-set. For allocation1, The range is 1 to 2. • For queue-id, enter the specific queue in the queue-set on which the command is performed. The Blade Switch 3020 for HP Software Configuration Guide 27-71 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 590
Switch(config)# interface gigabitethernet0/1 Switch(config-if)# queue-set 2 Mapping DSCP or CoS Values to an Egress Queue and to a Threshold ID You can prioritize traffic by placing packets with particular DSCPs or costs of service Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 591
output cos-map global configuration command. This example shows how to map DSCP values 10 and 11 to egress queue 1 and to threshold 2: Switch(config)# mls qos srr-queue output dscp-map queue 1 threshold 2 10 11 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 27-73 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 592
set to 0, these queues operate in shared mode. The bandwidth weight for queue 1 is 1/8, which is 12.5 percent: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# srr-queue bandwidth shape 8 0 0 0 27-74 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 593
3/(1+2+3+4), and 4/(1+2+3+4), which is 10 percent, 20 percent, 30 one-and-a-third times the bandwidth of queue 3. Switch(config)# interface gigabitethernet0/1 Switch(config-if)# srr-queue bandwidth share 1 2 3 4 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 594
the egress expedite queue. SRR services this queue until it is empty before servicing the other queues. Beginning weight and queue size ratios are affected because there is one fewer queue participating in SRR. This means that weight1 Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 595
port speed to which the port should be limited. The range is 10 to 90. By default, the port is not rate limited and is Standard QoS Information To display standard QoS information, use one or more of the privileged EXEC commands in Table Blade Switch 3020 for HP Software Configuration Guide 27-77 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 596
classification information for incoming traffic. The control-plane and interface keywords are not supported, and the statistics shown in the display should be ignored. Display the DSCP transparency setting. 27-78 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 597
, page 28-4 • Link Aggregation Control Protocol, page 28-5 • EtherChannel On Mode, page 28-6 • Load Balancing and Forwarding Methods, page 28-6 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 28-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 598
failure that identifies the switch, the EtherChannel, and the failed link. Inbound broadcast and multicast packets on one link in an EtherChannel are blocked from returning on any other link of the EtherChannel. 28-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 599
The channel-group command binds the physical (10/100/1000 ports) and the logical ports -number global configuration command to manually create the port-channel logical interface number corresponds to the one specified with the channel-group Blade Switch 3020 for HP Software Configuration Guide 28-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 600
to a silent partner prevents that switch port from ever becoming operational. However, the silent setting allows PAgP to operate, to attach the port to a channel group, and to use the port for transmission. 28-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 601
MAC address to the EtherChannel. If this port is removed from the bundle, one of the remaining ports in the bundle provides its MAC address using LACP, the switch learns the identity of partners capable of supporting LACP and the Blade Switch 3020 for HP Software Configuration Guide 28-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 602
better suited on a particular switch. With source-and-destination MAC-address forwarding, packets sent from host A to host B, host A to host C, and host C to host B could all use different ports in the channel. 28-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 603
on a channel is only going to a single MAC address, using the destination-MAC address always chooses the same link in the channel. Using source addresses or IP addresses might result in better load balancing. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 28-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 604
EtherChannel Configuration Guidelines, page 28-9 • Configuring Layer 2 EtherChannels, page 28-10 (required) • Configuring EtherChannel Load Balancing, page 28-12 (optional) • where you apply the configuration. 28-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 605
for each VLAN - Spanning-tree port priority for each VLAN - Spanning-tree Port Fast setting • Do not configure a port to be a member of more than one EtherChannel group. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 28-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 606
Switched Port Analyzer (SPAN) destination port as part of an EtherChannel. • Do not configure a secure port as part ports can have unexpected results. - An EtherChannel supports the same allowed range of VLANs on all 10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 607
them as trunks. If you configure the port as a static-access port, assign it to only one VLAN. The range is 1 to 4094. channel-group channel-group-number mode Assign the port to configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 28-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 608
host-MAC address. • src-ip-Load distribution is based on the source-host IP address. • src-mac-Load distribution is based on the source-MAC address of the incoming packet. Return to privileged EXEC mode. 28-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 609
manually switch supports switch then sends packets to the Catalyst 1900 switch using the same port in the EtherChannel from which it learned the source address. Only use the pagp learn-method command in this situation. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 610
links can be active at one time. The software places any additional links in a hot-standby mode. If one of the active links becomes inactive, a link that is in the hot-standby mode becomes active in its place. 28-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 611
that operate LACP, the software assigns a unique priority made up of these elements (in priority order): • LACP system priority • System ID (the switch MAC address) • LACP port global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 28-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 612
in the EtherChannel are put in the hot-standby state and are used only if one of the channeled ports fails. Beginning in privileged EXEC mode, follow these steps to configure interface configuration command. 28-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 613
| internal | neighbor} Description Displays EtherChannel information in a brief, detailed, and one-line summary form. Also displays the load-balance or frame-distribution scheme, port, as link-state groups. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 28-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 614
link-down state, the associated downstream interfaces are forced into the link-down state. If any one of the upstream interfaces in the link-state group is in a link-up state, the associated for any group. 28-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 615
specific link-state group. • Only interfaces gi0/ Switch(config-if)# link state group 1 downstream Switch(config-if)# end To disable a link-state group, use the no link state track number global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 616
display information about all link-state groups. Enter the group number to display information specific to the group. Enter the detail keyword to display detailed information about the group for this release. 28-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 617
2 Traceroute, page 29-10 • Using IP Traceroute, page 29-12 • Using TDR, page 29-14 • Using Debug Commands, page 29-14 • Using the show platform forward Command, page 29-16 • Using the crashinfo Files, page 29-18 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 29-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 618
again. The switch restarts when it reseats in the server chassis. The switch performs POST after power is applied. Push the release latch on the front of the switch to the closed position. Press the Mode button. 29-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 619
the recovery process. These sections describes how to recover a forgotten or lost switch password: • Procedure with Password Recovery Enabled, page 29-4 • Procedure with Password Recovery Disabled, page 29-6 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 29-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 620
had set the console port speed to anything other than 9600, it has been reset to that particular speed. Change the emulation software line speed to match that of the switch console port. Load any helper files: 29-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 621
EXEC mode: Switch (config)# exit Switch# Write the running configuration to the startup configuration file: Switch# copy running-config startup-config The new password is now in the startup configuration. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 29-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 622
contents of flash memory: switch: dir flash: The switch file system appears: Directory of flash: 13 drwx 192 Mar 01 1993 22:30:48 cbs30x0-lanbasek9-mz.122-25.SEE.0 16128000 bytes total (10003456 bytes free) 29-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 623
or duplex parameter is different from the manually set speed or duplex parameter on the connected port. • A port is set to autonegotiate, and the connected port is set to full duplex with no autonegotiation. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 29-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 624
on a specific interface and the alarm status. You can also use the command to check the speed and the duplex settings on an SFP module. For more information, see the show interfaces transceiver command in the command reference for this release. 29-8 Cisco Catalyst Blade Switch 3020 for HP Software - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 625
host through IP or by supplying the hostname or network address. Note Though other protocol keywords are available with the ping command, they are not supported in this release. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 29-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 626
. It cannot identify the path that a packet takes from source host to the source device or from the destination device to the destination host. 29-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 627
traceroute feature is not supported. When more than one CDP neighbor is detected on a port, the Layer 2 path is not identified, and an error message appears. • This feature is not supported in Token Ring VLANs. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 29-11 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 628
errors come from intermediate hops, the receipt of a port-unreachable error means that this message was sent by the destination port. 29-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 629
Chapter 29 Troubleshooting Using IP they are not supported in this release. This example shows how to perform a traceroute to an IP host: Switch# traceroute ip 171.9.15.10 Type escape sequence X key. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide 29-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 630
to diagnose and resolve internetworking problems: • Enabling Debugging on a Specific Feature, page 29-15 • Enabling All-System Diagnostics, page 29-15 • Redirecting Debug and Error Message Output, page 29-16 29-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 631
to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support switch performance or even render it unusable. In virtually all cases, it is best to use more specific debug commands. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 632
support personnel, who have access to detailed information about the switch application-specific integrated circuits (ASICs). However, packet forwarding information can also be helpful in troubleshooting F005 29-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 633
29 Troubleshooting Using the show platform forward Command Egress:Asic 2, switch 1 Output .0001 0002.0002.0002 Packet 10 Lookup Key-Used OutptACL 50_0D020202_0D010101-00_40000014_000A0000 Packet dropped Blade Switch 3020 for HP Software Configuration Guide 29-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 634
/. The filenames are crashinfo_ext_n where n is a sequence number. You can configure the switch to not create the extended creashinfo file by using the no exception crashinfo global configuration command. 29-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 635
switches is modeled as removable flash memory.) • CISCO-FTP-CLIENT-MIB • CISCO-IGMP-FILTER-MIB • CISCO-IMAGE-MIB • CISCO IP-STAT-MIB • CISCO-L2L3-INTERFACE-CONFIG-MIB • CISCO-LAG-MIB • CISCO-MAC-NOTIFICATION-MIB OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide A-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 636
-MIB • IEEE8021-PAE-MIB • IEEE8023-LAG-MIB • IF-MIB (In and out counters for VLANs are not supported.) • INET-ADDRESS-MIB • MIB-II (RFC1213) • OLD-CISCO-CHASSIS-MIB • OLD-CISCO-FLASH-MIB • .) • RMON-MIB • RMON2-MIB Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide A-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 637
procedure: Step 1 Make sure that your FTP client is in passive mode. Note Some FTP clients do not support passive mode. Step 2 Step 3 Step 4 Step 5 Step 6 Use FTP to access the server ftp.cisco of the MIB file. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide A-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 638
Using FTP to Access the MIB Files Appendix A Supported MIBs Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide A-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 639
copy configuration files, and how to archive (upload and download) software images to a switch. Note For complete syntax and usage information for the commands page B-5 • Displaying the Contents of a File, page B-8 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 640
The file system is a locally generated pseudo file system (for example, the system) or a download interface, such as brimux. unknown-The file system is an unknown type. Permission for file the Ymodem protocol. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 641
display information about files on a file system, use one of the privileged EXEC commands in Table B-2: Table B-2 the files on a file system. Display information about a specific file. Display a list of open file descriptors. File descriptors Blade Switch 3020 for HP Software Configuration Guide B-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 642
. Use the /force and /recursive keywords for deleting old software images that were installed by using the archive download-sw command but are no longer needed. For filesystem, use file systems include flash:. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 643
the copy privileged EXEC command or the archive tar privileged EXEC command, we recommend using the archive download-sw and archive upload-sw privileged EXEC commands to download and upload software image files. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 644
list of files or directories after the tar file; then only those files appear. If none are specified, all files and directories appear. Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 645
-tar.122-25.SEE/html/preflight.js (14442 bytes) cbs30x0-lanbase-tar.122-25.SEE/html/sitewide.js (17408 bytes) OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-7 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 646
for the local file system. These options are supported: • For the local flash file system, the located on the TFTP server at 172.20.10.30. This command extracts just the new- Switch IP Address and Default Gateway." Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-8 OL-8915- - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 647
the commands needed to configure one or more switches. For example, you might want to download the same configuration file to several switches that have the same hardware the copied configuration is used. However, OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-9 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 648
: • Preparing to Download or Upload a Configuration File By Using TFTP, page B-11 • Downloading the Configuration File By Using TFTP, page B-11 • Uploading the Configuration File By Using TFTP, page B-12 B-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 649
and /etc/services files. To switch. Specify the IP address or hostname of the TFTP server and the name of the file to download. Use one downloads, and the commands are executed as the file is parsed line-by-line. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 650
. • The switch forms a password named [email protected]. The variable username is the username associated with the current session, switchname is the configured hostname, and domain is the domain of the switch. B-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 651
the switch through the console port or a Telnet session. Enter global configuration mode on the switch. This step is required only if you override the default remote username or password (see Steps 4, 5, and 6). OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 652
FTP server is properly configured by referring to the "Preparing to Download or Upload a Configuration File By Using FTP" section on page B-13. Log into the switch through the console port or a Telnet session. B-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 653
systems support rsh.) Because you are copying a file from one place to another, you must have read permission on the source file and write permission on the destination file. If the destination file does not exist, RCP creates it for you. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 654
the switch IP address translates to Switch1.company.com, the .rhosts file for User0 on the RCP server should contain this line: Switch1.company.com Switch1 For more information, see the documentation for your RCP server. B-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 655
to Download or Upload a Configuration File By Using RCP" section on page B-16. Log into the switch through the Switch# %SYS-5-CONFIG_NV:Non-volatile store configured from host2-config by rcp from 172.16.101.101 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 656
configuration information from the startup configuration. If you reboot the switch with no startup configuration, the switch enters the setup program so that you can reconfigure the switch with all new settings. B-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 657
new one or keep the current image in flash memory after a download. You upload a switch Switch, page B-20 • tar File Format of Images on a Server or Cisco.com, page B-20 • Copying Image Files By Using TFTP, page B-21 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 658
server or downloaded from Cisco.com are provided in a tar file format, which contains these files: • An info file, which serves as a table of contents for the tar file • One or more does not apply to the switch. B-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 659
the /etc/inetd.conf file contains this line: tftp dgram udp wait root /usr/etc/in.tftpd in.tftpd -p -s /tftpboot Make sure that the /etc/services file contains this line: tftp 69/udp OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-21 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 660
. Make sure the TFTP server is properly configured; see the "Preparing to Download or Upload an Image File By Using TFTP" section on page B-21. Log into the switch through the console port or a Telnet session. B-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 661
file-url, enter the directory name of the old image. All the files in the directory and the directory are removed. Caution For the download and upload algorithms to operate properly, do not rename image names. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-23 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 662
this configuration information: • Preparing to Download or Upload an Image File By Using FTP, page B-25 • Downloading an Image File By Using FTP, page B-26 • Uploading an Image File By Using FTP, page B-27 B-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 663
. • When you upload an image file to the FTP server, it must be properly configured to accept the write request from the user on the switch. For more information, see the documentation for your FTP server. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-25 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 664
page B-25. • For @location, specify the IP address of the FTP server. • For directory/image-name.tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive. B-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 665
download this image to the same switch or to another switch of the same type. Use the upload feature only if the web management pages associated with the embedded device manager have been installed with the existing image. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 666
the new one or keep the current image after a download. You upload a switch image file to a server for backup purposes. You can use this uploaded image for future downloads to the same switch or another of the same type. B-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 667
only need to have access to a server that supports the remote shell (rsh). (Most UNIX systems support rsh.) Because you are copying a file from one place to another, you must have read permission on all archive OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-29 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 668
For more information, see the documentation for your RCP server. Downloading an Image File By Using RCP You can download a new image file and replace or keep the current image. . Return to privileged EXEC mode. B-30 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 669
-old-sw, the existing files are not removed. If there is not enough room to install the new image an keep the running image, the download process stops, and an error message is displayed. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-31 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 670
, see the "Preparing to Download or Upload an Image File By software image to be uploaded. Directory and image names are case sensitive. • The image-name.tar is the name of software image to be stored on the server. B-32 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 671
, and the web management files. After these files are uploaded, the upload algorithm creates the tar file format. Caution For the download and upload algorithms to operate properly, do not rename image names. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide B-33 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 672
Working with Software Images Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images B-34 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 673
switch prompt but are not supported in this release, either because they are not tested or because of switch hardware limitations. This is not a complete list. The unsupported commands are listed by software ...] OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide C-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 674
address-table dynamic show mac-address-table interface show mac-address-table multicast show mac-address-table notification show mac-address-table static show mac-address-table vlan show mac address-table multicast Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide C-2 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 675
stack-mac persistent timer Network Address Translation (NAT) Commands Unsupported Privileged EXEC Commands show ip nat statistics show ip nat translations QoS Unsupported Global Configuration Commands priority-list OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 676
-server ifindex persist Spanning Tree Unsupported Global Configuration Command spanning-tree pathcost method {long | short} Unsupported Interface Configuration Command spanning-tree stack-port Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide C-4 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 677
EXEC Commands vtp {password password | pruning | version number} Note This command has been replaced by the vtp global configuration command. OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide C-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 678
Appendix C Unsupported Commands in Cisco IOS Release 12.2(25)SEF VTP Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide C-6 OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 679
-2 Ethernet 26-2 IP 26-2 ACLs ACEs 26-2 any keyword 26-10 applying time ranges to 26-15 to an interface 26-18 to QoS 26-7 terminal lines, setting on 26-17 unsupported features 26-5 MAC extended 26-21, 27-44 matching 26-6, 26-18 monitoring 26 Blade Switch 3020 for HP Software Configuration Guide IN-1 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 680
6-27 with TACACS+ 6-11, 6-16 authorized ports with IEEE 802.1x 7-7 autoconfiguration 3-3 automatic QoS See QoS auto-MDIX configuring 8-16 described 8-16 IN-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 681
-6 booting boot loader, function of 3-2 boot process 3-1 manually 3-15 specific image 3-16 boot loader accessing 3-16 described 3-2 environment variables 20-4 on a switch 20-3 monitoring 20-4 overview 20-1 support for 1-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-3 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 682
overview 25-4 compatibility, feature 19-11 config.text 3-14 configurable leave timer, IGMP 18-5 configuration, initial defaults 1-8 Express Setup 1-2 See also getting started guide and hardware installation guide IN-4 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 683
cryptographic software image Kerberos 6-32 SSH 6-37 SSL 6-42 D daylight saving time 5-13 debugging enabling all system diagnostics 29-15 enabling for a specific feature DNS 5-16 EtherChannel 28-9 Ethernet interfaces 8-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-5 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 684
3-3 relay support 1-3 support for 1-3 DHCP binding table See DHCP snooping binding database DHCP option 82 circuit ID suboption 17-5 configuration guidelines 17-7 default configuration 17-6 displaying 17-10 overview 17-3 IN-6 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 685
10-3 configuring 10-27 defined 8-3 dynamic addresses See addresses dynamic auto trunking mode 10-16 dynamic desirable trunking mode 10-16 Dynamic Host Configuration Protocol See DHCP-based autoconfiguration OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 686
10-8 defaults and ranges 10-7 modifying 10-8 events, RMON 23-3 examples conventions for xxviii expedite queue for QoS 27-76 Express Setup 1-2 See also getting started guide extended crashinfo file 29-18 extended-range VLANs IN-8 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 687
output 2-10 filtering show and more command output 2-10 filters, downloading B-13 overview B-12 preparing the server B-13 uploading B-14 image files deleting old image B-27 downloading B-26 preparing the server B-25 uploading B-27 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 688
authentication IEEE 802.3ad See EtherChannel IEEE 802.3x flow control 8-15 ifIndex values, SNMP 25-5 IFS 1-4 IGMP configurable leave timer enabling 18-11 IN-10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 689
configuration guidelines 18-13 configuring 18-13 supported versions 18-2 support for 1-2 VLAN configuration 18-7 IGMP throttling 10 described 8-17 descriptive name, adding 8-17 displaying information about 8-19 flow control 8-15 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 690
services 6-35 configuration examples 6-32 configuring 6-35 credentials 6-32 cryptographic software image 6-32 described 6-32 KDC 6-32 operation 6-34 realm 6-33 server 6-33 support for 1-6 switch as trusted third party 6-32 IN-12 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 691
5-24 MAC address notification, support for 1-8 MAC address-table move update configuration guidelines 16-4 configuring 16-6 default configuration 16-4 description 16-2 monitoring 16-8 MAC address-to-VLAN mapping 10-25 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-13 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 692
with 25-4 supported A-1 mirroring traffic 19 IPv4 ACL configuration 26-30 MAC address-table move update 16-8 multicast switches 23-1 traffic suppression 19-16 VLAN filters 26-30 maps 26-30 VLANs 10-13 VMPS 10-29 VTP 11-16 IN-14 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 693
spanning-tree instances 14-2 optional features supported 1-5 overview 14-2 Port Fast described 15-2 enabling 15-10 preventing root switch selection 15-8 root guard described 15-8 enabling 15-15 root switch configuring 14-17 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-15 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 694
18-20 support for 1-2 10-4 configuration guidelines 10-5 configuration modes 10-6 configuring 10-4 defined 10-1 note, described xxviii NSM 4-3 NTP associations authenticating 5-4 defined 5-2 enabling broadcast messages 5-6 IN-16 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 695
services per interface 5-10 source IP address, configuring 5-10 stratum 5-2 support for 1-4 synchronizing devices 5-5 time services traffic class 27-47 for more than one traffic class 27-57 described 27-4 displaying 10 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-17 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 696
7-25 inaccessible authentication bypass 7-33 manual re-authentication of a client 7-26 switch as proxy 7-3 RADIUS client 7-3 VLAN assignment AAA authorization 7-22 characteristics 7-10 configuration tasks 7-11 described 7-10 IN-18 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 697
in VTP domain 11-14 on a port 10-20 examples 11-5 overview 11-4 pruning-eligible list changing 10-20 for VTP pruning 11-4 VLANs 11-14 PVST+ described 13-9 IEEE 802.1Q trunking interoperability 13-10 instances supported 13-9 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-19 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 698
27-69 ingress queue characteristics 27-65 IP extended ACLs 27-43 IP standard ACLs 27-42 MAC ACLs 27-44 policy maps, hierarchical 27-51 policy maps on physical ports 27-47 port queueing and scheduling 27-17 IN-20 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 699
and marking 27-10 implicit deny 27-7 service See QoS queries, IGMP 18-4 query solicitation, IGMP 18-12 R RADIUS attributes vendor-proprietary 6-31 vendor-specific 6-29 configuring accounting 6-28 authentication 6-23 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 700
-10 instances supported 13-9 Rapid Spanning Tree Protocol See RSTP RCP configuration files downloading services 5-8 overview 6-1 passwords and privilege levels 6-2 RADIUS 6-17 TACACS+ 6-10 retry count, VMPS, changing 10-29 IN-22 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 701
to specific VLANs 22 10 point-to-point links 14-10, 14-24 root ports 14-10 root port, defined 14-9 See also MSTP running configuration, saving 3-10 S scheduled reloads 3-18 secure HTTP client configuring 6-47 displaying 6-48 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 702
-14 enabling 25-14 limiting access by TFTP servers 25-15 limiting system log messages to NMS 24-9 manager functions 1-3, 25-3 IN-24 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 703
described 27-14 shaped mode 27-14 shared mode 27-14 support for 1-7 SSH configuring 6-39 cryptographic software image 6-37 described 1-4, 6-38 encryption methods 6-38 user authentication methods, supported 6-38 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-25 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 704
default configuration 13-11 default optional feature configuration 15-9 designated port, defined 13-3 designated switch, defined 13-3 detecting indirect link failures 15-5 disabling 13-14 displaying status 13-22 IN-26 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 705
See SPAN switched ports 8-2 switchport block multicast command 19-7 switchport block unicast command 19-7 switchport protected command 19-6 switch priority MSTP 14-21 STP 13-19 switch software features 1-1 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-27 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 706
13 limiting the services to the user 6-16 operation of 6-12 overview 6-10 support for 1-6 tracking services accessed by user downloading B-11 preparing the server B-11 uploading B-12 configuration files in base directory 3-6 IN-28 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 707
10-18, 10-23, 10-24 trunks allowed-VLAN list 10-19 configuring 10-18, 10-23, 10-24 ISL 10-14 load sharing setting STP path costs 10-23 using STP port priorities 10-22 native VLAN for untagged traffic 10-21 parallel 10-23 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 708
10 facilities supported 24-11 message logging configuration 24-11 unrecognized Type-Length-Value (TLV) support 11-4 upgrading information See release notes upgrading software images See downloading 6-6 IN-30 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 709
-14 modifying 10-8 multicast 18-17 native, configuring 10-21 normal-range 10-1, 10-4 number supported 1-5 parameters 10-4 port membership modes 10-3 static-access ports 10-10 STP and IEEE 802.1Q trunks 13-10 supported 10-2 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-31 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 710
-3, 11-9 transitions 11-3 transparent 11-3, 11-12 monitoring 11-16 passwords 11-8 pruning disabling 11-14 enabling 11-14 examples 11-5 IN-32 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 711
1-5 pruning-eligible list, changing 10-20 server mode, configuring 11-9 statistics 11-16 support for 1-5 Token Ring support 11-4 transparent mode, configuring 11 27-66 support for 1-7 X Xmodem protocol 29-2 OL-8915-01 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide IN-33 - HP Cisco Catalyst Blade Switch 3020 | Cisco Catalyst Blade Switch 3020 for HP So - Page 712
Index IN-34 Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide OL-8915-01
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Cisco Catalyst Blade Switch 3020 for HP
Software Configuration Guide
Cisco IOS Release 12.2(25)SEF
June 2006
Text Part Number: OL-8915-01