Cisco Systems 2950 Switch Ports

9-2

Catalyst2950 Desktop Switch Software Configuration Guide

78-11380-05

Chapter9 Configuring Interface Characteristics

Understanding Interface Types

VLAN partitions provide hard firewalls for traffic in the VLAN, and each VLAN has its own MAC

address table. A VLAN comes into existence when a local port is configured to be associated with the

VLAN, when the VLAN Trunking Protocol (VTP) learns of its existence from a neighbor on a trunk, or

when a user creates a VLAN.

To configure normal-range VLANs (VLAN IDs 1 to 1005), use the vlan vlan-id global configuration

command to enter config-vlan mode or the vlan database privileged EXEC command to enter VLAN

configuration mode. The VLAN configurations for VLAN IDs 1 to 100 5 ar e saved in the VLA N

database. To configure extended-range VLANs (VLAN IDs 1006 to 4094) when the enhanced software

image is installed, you must use config-vlan mode with VTP mode set to transparent. Extended-range

VLANs are not added to the VLAN database. When VTP mode is transparent, the VTP and VLAN

configuration is saved in the switch running configuration, and you can save it in the swit ch st art up

configuration file by entering the copy running-config startup-config privileged EXEC command.

Add ports to a VLAN by using the switchport interface configuration commands:

•Identify the interface.

•For a trunk port, set trunk characteristics, and if desired, define the VLANs to which it can belong.

•For an access port, set and define the VLAN to which it belongs.

Switch Ports

Switch ports are Layer 2-only interfaces associated with a physical port. A switch port can be either an

access port, or a trunk port. You can configure a port as an access port or trunk port or let the Dynamic

Trunking Protocol (DTP) operate on a per-port basis to determine if a switch port should be an access

port or a trunk port by negotiating with the port on the other end of the link. Switch ports are used for

managing the physical interface and associated Layer 2 protocols and do not handle routing or bridging.

Configure switch ports by using the switchport interface configuration commands. For detailed

information about configuring access port and trunk port characteristics, see Chapter 13, “Configuring

VLANs.”

An access port belongs to and carries the traffic of only one VLAN. Traffic is received and sent in native

formats with no VLAN tagging. Traffic arriving on an access port is assumed to belong to the VLAN

assigned to the port. If an access port receives a tagged packet (Inter-Switch Link [ISL] or 802.1Q

tagged), the packet is dropped, the source address is not learned, and the frame is counted in th e No

destination statistic. An access port can forward a tagged packet (802.1P and 802.1Q).

Two types of access ports are supported:

•Static access ports are manually assigned to a VLAN.

•VLAN membership of dynamic access ports is learned through i ncomi ng pac kets. By de fau lt, a

dynamic access port is a member of no VLAN, and forwarding to and from the p or t is en ab led o nl y

when the VLAN membership of the port is discovered. Dynamic access ports on the switch are

assigned to a VLAN by a VLAN Membership Policy Server (VMPS). The VMPS can be a

Catalyst 6000 series switch; the Catalyst 2950 switch does not support the function of a VMPS.