Manuals / Brands / Computer Equipment / Switch / IBM / Computer Equipment / Switch

IBM 12.1(22)EA6 manual

1 550

Download 550 pages, 5.74 Mb

Cisco Systems Intelligent Gigabit Ethernet

Switch Modules for the IBM BladeCenter

Software Configuration Guide

Cisco IOS Release 12.1(22)EA6

Contents

Main Page CONTENTS Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Preface Audience Purpose Conventions Related Publications Page Overview Features Ease of Use and Ease of Deployment Performance Manageability Redundancy VLAN Support Security Quality of Service and Class of Service Monitoring Management Options Management Interface Options 1-7 Network Configuration Examples Figure 1-1, Figure 1-2, and Figure 1-3 show three different network configurations. 1-8 Where to Go Next Before configuring the switch, review these sections for start-up information: Using the Command-Line Interface Cisco IOS Command Modes Page Getting Help Abbreviating Commands Using no and default Forms of Commands Understanding CLI Messages Using Command History Changing the Command History Buffer Size Recalling Commands Disabling the Command History Feature Using Editing Features Enabling and Disabling Editing Features Editing Commands through Keystrokes Editing Command Lines that Wrap Searching and Filtering Output of show and more Commands Accessing the CLI Page Assigning the Switch IP Address and Default Gateway Understanding the Boot Process Assigning Switch Information Default Switch Information Manually Assigning IP Information Checking and Saving the Running Configuration 3-5 Modifying the Startup Configuration Default Boot Configuration Specifying the Filename to Read and Write the System Configuration Booting a Specific Software Image Controlling Environment Variables Page Page Scheduling a Reload of the Software Image Configuring a Scheduled Reload Displaying Scheduled Reload Information Administering the Switch Managing the System Time and Date Understanding the System Clock Understanding Network Time Protocol Configuring NTP Default NTP Configuration Configuring NTP Authentication Configuring NTP Associations Configuring NTP Broadcast Service Configuring NTP Access Restrictions Creating an Access Group and Assigning a Basic IP Access List Disabling NTP Services on a Specific Interface Configuring the Source IP Address for NTP Packets Displaying the NTP Configuration Configuring Time and Date Manually Setting the System Clock Displaying the Time and Date Configuration Configuring the Time Zone Configuring Summer Time (Daylight Saving Time) Configuring a System Name and Prompt Default System Name and Prompt Configuration Configuring a System Name Understanding DNS Default DNS Configuration Setting Up DNS Displaying the DNS Configuration Creating a Banner Default Banner Configuration Configuring a Message-of-the-Day Login Banner Page Configuring a Login Banner Managing the MAC Address Table Building the Address Table MAC Addresses and VLANs Default MAC Address Table Configuration Changing the Address Aging Time Removing Dynamic Address Entries Configuring MAC Address Notification Traps Page Adding and Removing Static Address Entries Displaying Address Table Entries Managing the ARP Table Configuring Switch-Based Authentication Preventing Unauthorized Access to Your Switch Protecting Access to Privileged EXEC Commands Default Password and Privilege Level Configuration Setting or Changing a Static Enable Password Protecting Enable and Enable Secret Passwords with Encryption Setting a Telnet Password for a Terminal Line Configuring Username and Password Pairs Configuring Multiple Privilege Levels Setting the Privilege Level for a Command Changing the Default Privilege Level for Lines Logging into and Exiting a Privilege Level Controlling Switch Access with TACACS+ Understanding TACACS+ Page TACACS+ Operation Configuring TACACS+ Default TACACS+ Configuration Identifying the TACACS+ Server Host and Setting the Authentication Key Configuring TACACS+ Login Authentication Page Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services Starting TACACS+ Accounting Displaying the TACACS+ Configuration Controlling Switch Access with RADIUS Understanding RADIUS RADIUS Operation Configuring RADIUS Default RADIUS Configuration Identifying the RADIUS Server Host Page Page Configuring RADIUS Login Authentication Page Defining AAA Server Groups Page Configuring RADIUS Authorization for User Privileged Access and Network Services Starting RADIUS Accounting Configuring Settings for All RADIUS Servers Configuring the Switch to Use Vendor-Specific RADIUS Attributes Configuring the Switch for Vendor-Proprietary RADIUS Server Communication Displaying the RADIUS Configuration Configuring the Switch for Local Authentication and Authorization Configuring the Switch for Secure Shell Understanding SSH SSH Servers, Integrated Clients, and Supported Versions Limitations Configuring SSH Configuration Guidelines Cryptographic Software Image Guidelines Setting Up the Switch to Run SSH Configuring the SSH Server Displaying the SSH Configuration and Status Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Port-Based Authentication Device Roles Authentication Initiation and Message Exchange Ports in Authorized and Unauthorized States IEEE 802.1x Accounting IEEE 802.1x Accounting Attribute-Value Pairs IEEE 802.1x Host Mode Using IEEE 802.1x with Port Security Using IEEE 802.1x with Voice VLAN Ports Using IEEE 802.1x with VLAN Assignment Using IEEE 802.1x with Guest VLAN Using IEEE 802.1x with Wake-on-LAN Unidirectional State Bidirectional State Configuring IEEE 802.1x Authentication Default IEEE 802.1x Configuration IEEE 802.1x Configuration Guidelines Enabling IEEE 802.1x Authentication Configuring the Switch-to-RADIUS-Server Communication Page Configuring IEEE 802.1x Authentication Using a RADIUS Server Enabling Periodic Re-Authentication Manually Re-Authenticating a Client Connected to a Port Changing the Quiet Period Changing the Switch-to-Client Retransmission Time Setting the Switch-to-Client Frame-Retransmission Number Configuring the Host Mode Configuring a Guest VLAN Page Resetting the IEEE 802.1x Configuration to the Default Values Configuring IEEE 802.1x Authentication Page Configuring IEEE 802.1x Accounting Displaying IEEE 802.1x Statistics and Status Page Configuring Interface Characteristics Understanding Interface Types Access Ports Trunk Ports Port-Based VLANs EtherChannel Port Groups Connecting Interfaces Using the Interface Command Procedures for Configuring Interfaces Configuring a Range of Interfaces Configuring and Using Interface-Range Macros Page Configuring Ethernet Interfaces Default Ethernet Interface Configuration Configuring Interface Speed and Duplex Mode Configuration Guidelines Setting the Interface Speed and Duplex Parameters Adding a Description for an Interface Monitoring and Maintaining the Interfaces Monitoring Interface and Controller Status Page Clearing and Resetting Interfaces and Counters Shutting Down and Restarting the Interface Page Configuring Smartports Macros Understanding Smartports Macros Configuring Smartports Macros Default Smartports Macro Configuration Smartports Macro Configuration Guidelines Page Creating Smartports Macros Applying Smartports Macros Applying Cisco-Default Smartports Macros Page Displaying Smartports Macros Configuring STP Understanding Spanning-Tree Features STP Overview Spanning-Tree Topology and BPDUs Bridge ID, Switch Priority, and Extended System ID Spanning-Tree Interface States Blocking State Listening State Learning State Forwarding State Disabled State How a Switch or Port Becomes the Root Switch or Root Port Spanning Tree and Redundant Connectivity Spanning-Tree Address Management Accelerated Aging to Retain Connectivity Spanning-Tree Modes and Protocols Supported Spanning-Tree Instances Spanning-Tree Interoperability and Backward Compatibility STP and IEEE 802.1Q Trunks Spanning Tree Considerations for Cisco Systems Intelligent Gigabit Ethernet Switch Modules Configuring Spanning-Tree Features Default Spanning-Tree Configuration Spanning-Tree Configuration Guidelines Changing the Spanning-Tree Mode Disabling Spanning Tree Configuring the Root Switch Page Configuring a Secondary Root Switch Configuring the Port Priority Page Configuring the Path Cost Configuring the Switch Priority of a VLAN Configuring Spanning-Tree Timers Configuring the Hello Time Configuring the Forwarding-Delay Time for a VLAN Configuring the Maximum-Aging Time for a VLAN Displaying the Spanning-Tree Status Page Configuring MSTP Understanding MSTP Multiple Spanning-Tree Regions IST, CIST, and CST Operations Within an MST Region Hop Count Interoperability with IEEE 802.1D STP Understanding RSTP Port Roles and the Active Topology Rapid Convergence Synchronization of Port Roles Bridge Protocol Data Unit Format and Processing Processing Superior BPDU Information Processing Inferior BPDU Information Topology Changes Configuring MSTP Features Default MSTP Configuration MSTP Configuration Guidelines Specifying the MST Region Configuration and Enabling MSTP Configuring the Root Switch Page Configuring a Secondary Root Switch Configuring the Port Priority Page Configuring the Path Cost Configuring the Switch Priority Configuring the Hello Time Configuring the Forwarding-Delay Time Configuring the Maximum-Aging Time Configuring the Maximum-Hop Count Specifying the Link Type to Ensure Rapid Transitions Restarting the Protocol Migration Process Displaying the MST Configuration and Status Configuring Optional Spanning-Tree Features Understanding Optional Spanning-Tree Features Understanding Port Fast Understanding BPDU Guard Understanding BPDU Filtering Understanding UplinkFast Understanding BackboneFast Page Page Understanding EtherChannel Guard Understanding Root Guard Understanding Loop Guard Configuring Optional Spanning-Tree Features Default Optional Spanning-Tree Configuration Optional Spanning-Tree Configuration Guidelines Enabling Port Fast Enabling BPDU Guard Enabling BPDU Filtering Enabling UplinkFast for Use with Redundant Links Enabling BackboneFast Enabling EtherChannel Guard Enabling Root Guard Enabling Loop Guard Displaying the Spanning-Tree Status Page Configuring VLANs Understanding VLANs Supported VLANs VLAN Port Membership Modes Configuring Normal-Range VLANs Token Ring VLANs Normal-Range VLAN Configuration Guidelines VLAN Configuration Mode Options VLAN Configuration in config-vlan Mode VLAN Configuration in VLAN Configuration Mode Saving VLAN Configuration Default Ethernet VLAN Configuration Creating or Modifying an Ethernet VLAN Page Deleting a VLAN Assigning Static-Access Ports to a VLAN Configuring Extended-Range VLANs Default VLAN Configuration Extended-Range VLAN Configuration Guidelines Creating an Extended-Range VLAN Displaying VLANs Configuring VLAN Trunks Trunking Overview Page IEEE 802.1Q Configuration Considerations Default Layer 2 Ethernet Interface VLAN Configuration Configuring an Ethernet Interface as a Trunk Port Interaction with Other Features Configuring a Trunk Port Defining the Allowed VLANs on a Trunk Changing the Pruning-Eligible List Configuring the Native VLAN for Untagged Traffic Load Sharing Using STP Load Sharing Using STP Port Priorities Page Load Sharing Using STP Path Cost Configuring VMPS Understanding VMPS Dynamic Port VLAN Membership VMPS Database Configuration File Default VMPS Client Configuration VMPS Configuration Guidelines Configuring the VMPS Client Entering the IP Address of the VMPS Configuring Dynamic Access Ports on VMPS Clients Reconfirming VLAN Memberships Changing the Reconfirmation Interval Changing the Retry Count Monitoring the VMPS Troubleshooting Dynamic Port VLAN Membership VMPS Configuration Example 12-32 Configuring VTP Understanding VTP The VTP Domain VTP Modes VTP Advertisements VTP Version 2 VTP Pruning Page Configuring VTP Default VTP Configuration VTP Configuration Options VTP Configuration in Global Configuration Mode VTP Configuration in VLAN Configuration Mode VTP Configuration Guidelines Domain Names Passwords VTP Version Configuration Requirements Configuring a VTP Server Configuring a VTP Client Disabling VTP (VTP Transparent Mode) Enabling VTP Version 2 Enabling VTP Pruning Adding a VTP Client Switch to a VTP Domain Monitoring VTP Page Configuring IGMP Snooping and MVR Understanding IGMP Snooping IGMP Versions Joining a Multicast Group Page Leaving a Multicast Group Immediate-Leave Processing IGMP Configurable-Leave Timer IGMP Report Suppression Source-Only Networks Configuring IGMP Snooping Default IGMP Snooping Configuration Enabling or Disabling IGMP Snooping Setting the Snooping Method Configuring a Multicast Router Port Configuring a Host Statically to Join a Group Enabling IGMP Immediate-Leave Processing Configuring the IGMP Leave Timer Disabling IGMP Report Suppression Disabling IP Multicast-Source-Only Learning Configuring the Aging Time Displaying IGMP Snooping Information Understanding Multicast VLAN Registration Using MVR in a Multicast Television Application Configuring MVR Default MVR Configuration MVR Configuration Guidelines and Limitations Configuring MVR Global Parameters Page Configuring MVR Interfaces Displaying MVR Information Configuring IGMP Filtering and Throttling Default IGMP Filtering and Throttling Configuration Configuring IGMP Profiles Applying IGMP Profiles Setting the Maximum Number of IGMP Groups Configuring the IGMP Throttling Action Page Displaying IGMP Filtering and Throttling Configuration Page Configuring Port-Based Traffic Control Configuring Storm Control Understanding Storm Control Default Storm Control Configuration Configuring Storm Control and Threshold Levels Configuring Protected Ports Configuring Port Security Understanding Port Security Secure MAC Addresses Security Violations Default Port Security Configuration Port Security Configuration Guidelines Enabling and Configuring Port Security Page Enabling and Configuring Port Security Aging Page Displaying Port-Based Traffic Control Settings Page Configuring UDLD Understanding UDLD Modes of Operation Methods to Detect Unidirectional Links Page Configuring UDLD Default UDLD Configuration Enabling UDLD Globally Enabling UDLD on an Interface Resetting an Interface Shut Down by UDLD Displaying UDLD Status Page Configuring CDP Understanding CDP Configuring CDP Default CDP Configuration Configuring the CDP Characteristics Disabling and Enabling CDP Disabling and Enabling CDP on an Interface Monitoring and Maintaining CDP Page Configuring SPAN and RSPAN Understanding SPAN and RSPAN Page SPAN and RSPAN Concepts and Terminology SPAN Session Traffic Types Source Port Destination Port Reflector Port SPAN Traffic SPAN and RSPAN Interaction with Other Features SPAN and RSPAN Session Limits Default SPAN and RSPAN Configuration Configuring SPAN SPAN Configuration Guidelines Creating a SPAN Session and Specifying Ports to Monitor Creating a SPAN Session and Enabling Ingress Traffic Page Removing Ports from a SPAN Session Configuring RSPAN RSPAN Configuration Guidelines Configuring a VLAN as an RSPAN VLAN Creating an RSPAN Source Session Creating an RSPAN Destination Session Removing Ports from an RSPAN Session 18-17 Displaying SPAN and RSPAN Status Page Configuring RMON Understanding RMON Configuring RMON Default RMON Configuration Configuring RMON Alarms and Events Page Configuring RMON Collection on an Interface Displaying RMON Status Configuring System Message Logging Understanding System Message Logging Configuring System Message Logging System Log Message Format Default System Message Logging Configuration Disabling and Enabling Message Logging Setting the Message Display Destination Device Page Synchronizing Log Messages Enabling and Disabling Timestamps on Log Messages Enabling and Disabling Sequence Numbers in Log Messages Defining the Message Severity Level Page Limiting Syslog Messages Sent to the History Table and to SNMP Configuring UNIX Syslog Servers Logging Messages to a UNIX Syslog Daemon Configuring the UNIX System Logging Facility Displaying the Logging Configuration Configuring SNMP Understanding SNMP SNMP Versions SNMP Manager Functions SNMP Agent Functions SNMP Community Strings Using SNMP to Access MIB Variables SNMP Notifications Configuring SNMP Default SNMP Configuration SNMP Configuration Guidelines Disabling the SNMP Agent Configuring Community Strings Configuring SNMP Groups and Users Page Configuring SNMP Notifications Page Page Setting the Agent Contact and Location Information Limiting TFTP Servers Used Through SNMP SNMP Examples Displaying SNMP Status Page Configuring Network Security with ACLs Understanding ACLs Handling Fragmented and Unfragmented Traffic Understanding Access Control Parameters Guidelines for Applying ACLs to Physical Interfaces Configuring ACLs Unsupported Features Creating Standard and Extended IP ACLs ACL Numbers Creating a Numbered Standard ACL Creating a Numbered Extended ACL Page Page Creating Named Standard and Extended ACLs Page Applying Time Ranges to ACLs Page Including Comments About Entries in ACLs Creating Named MAC Extended ACLs Creating MAC Access Groups Applying ACLs to Terminal Lines or Physical Interfaces Applying ACLs to a Terminal Line Applying ACLs to a Physical Interface Displaying ACL Information Displaying ACLs Displaying Access Groups Examples for Compiling ACLs Numbered ACL Examples Extended ACL Examples Named ACL Example Commented IP ACL Entry Examples Page Configuring QoS Understanding QoS Basic QoS Model Classification Classification Based on QoS ACLs Classification Based on Class Maps and Policy Maps Policing and Marking Mapping Tables Queueing and Scheduling How Class of Service Works Port Priority Port Scheduling Egress CoS Queues Configuring Auto-QoS Generated Auto-QoS Configuration Page Effects of Auto-QoS on the Configuration Enabling Auto-QoS for VoIP Displaying Auto-QoS Information Auto-QoS Configuration Example Page Configuring Standard QoS Default Standard QoS Configuration Configuring Classification Using Port Trust States Configuring the Trust State on Ports within the QoS Domain Configuring the CoS Value for an Interface Configuring Trusted Boundary Page Enabling Pass-Through Mode Configuring a QoS Policy Classifying Traffic by Using ACLs Page Page Page Classifying Traffic by Using Class Maps Classifying, Policing, and Marking Traffic by Using Policy Maps Page Page Configuring CoS Maps Configuring the CoS-to-DSCP Map Configuring the DSCP-to-CoS Map Configuring the Egress Queues Configuring CoS Priority Queues Configuring WRR Priority Enabling the Expedite Queue and Configuring WRR Priority Displaying Standard QoS Information Standard QoS Configuration Examples QoS Configuration for the Existing Wiring Closet QoS Configuration for the Intelligent Wiring Closet Page Page Configuring EtherChannels and Layer 2 Trunk Failover Understanding EtherChannels Understanding Port-Channel Interfaces Understanding the Port Aggregation Protocol and Link Aggregation Protocol PAgP and LACP Modes Exchanging PAgP Packets Exchanging LACP Packets Physical Learners and Aggregate-Port Learners PAgP and LACP Interaction with Other Features EtherChannel On Mode Understanding Load Balancing and Forwarding Methods Page Configuring EtherChannels Default EtherChannel Configuration EtherChannel Configuration Guidelines Configuring Layer 2 EtherChannels Page Configuring EtherChannel Load Balancing Configuring the PAgP Learn Method and Priority Configuring the LACP Port Priority Configuring Hot Standby Ports Configuring the LACP System Priority Displaying EtherChannel, PAgP, and LACP Status Understanding Layer 2 Trunk Failover Configuring Layer 2 Trunk Failover Default Layer 2 Trunk Failover Configuration Layer 2 Trunk Failover Configuration Guidelines Configuring Layer 2 Trunk Failover Displaying Layer 2 Trunk Failover Status Troubleshooting Using Recovery Procedures Recovering from a Software Failure Recovering from Lost or Forgotten Passwords Page Password Recovery with Password Recovery Enabled Procedure with Password Recovery Disabled Page Preventing Autonegotiation Mismatches SFP Module Security and Identification Diagnosing Connectivity Problems Using Ping Understanding Ping Executing Ping Using Layer 2 Traceroute Understanding Layer 2 Traceroute Usage Guidelines Displaying the Physical Path Using Debug Commands Enabling Debugging on a Specific Feature Enabling All-System Diagnostics Redirecting Debug and Error Message Output Using the debug auto qos Command Using the crashinfo File Page A Supported MIBs MIB List Page Using FTP to Access the MIB Files Page B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with the Flash File System Displaying Available File Systems Setting the Default File System Displaying Information about Files on a File System Changing Directories and Displaying the Working Directory Creating and Removing Directories Copying Files Deleting Files Creating, Displaying, and Extracting tar Files Creating a tar File Displaying the Contents of a tar File Extracting a tar File Displaying the Contents of a File Working with Configuration Files Guidelines for Creating and Using Configuration Files Configuration File Types and Location Creating a Configuration File By Using a Text Editor Copying Configuration Files By Using TFTP Preparing to Download or Upload a Configuration File By Using TFTP Downloading the Configuration File By Using TFTP Uploading the Configuration File By Using TFTP Copying Configuration Files By Using FTP Preparing to Download or Upload a Configuration File By Using FTP Downloading a Configuration File By Using FTP Uploading a Configuration File By Using FTP Copying Configuration Files By Using RCP Preparing to Download or Upload a Configuration File By Using RCP Downloading a Configuration File By Using RCP Uploading a Configuration File By Using RCP Clearing Configuration Information Clearing the Startup Configuration File Deleting a Stored Configuration File Working with Software Images Image Location on the Switch tar File Format of Images on a Server or IBM.com Copying Image Files By Using TFTP Preparing to Download or Upload an Image File By Using TFTP Downloading an Image File By Using TFTP Uploading an Image File By Using TFTP Copying Image Files By Using FTP Preparing to Download or Upload an Image File By Using FTP Downloading an Image File By Using FTP Page Uploading an Image File By Using FTP Copying Image Files By Using RCP Preparing to Download or Upload an Image File By Using RCP Downloading an Image File By Using RCP Page Uploading an Image File By Using RCP Page C Getting Help and Technical Assistance Before You Call Using the Documentation Getting Help and Information from the World Wide Web Software Service and Support Hardware Service and Support D Notices Edition Notice Trademarks Page Page INDEX Numerics A Page B C D Page E F G H I J L M Page N O P Page Page Q R Page S Page Page T Page U V Page W X