Inhaltszusammenfassung zur Seite Nr. 1
Catalyst 4500 Series Switch Cisco IOS
Software Configuration Guide
Release 12.2(25)SG
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Customer Order Number: DOC-OL7659=
Text Part Number: OL-7659-03
Inhaltszusammenfassung zur Seite Nr. 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE IN
Inhaltszusammenfassung zur Seite Nr. 3
CONTENTS Preface xxiii Audience xxiii Organization xxiii Related Documentation xxv Conventions xxvi Commands in Task Tables xxvii Obtaining Documentation xxvii Cisco.com xxvii Product Documentation DVD xxvii Ordering Documentation xxviii Documentation Feedback xxviii Cisco Product Security Overview xxviii Reporting Security Problems in Cisco Products xxix Obtaining Technical Assistance xxix Cisco Technical Support & Documentation Website xxx Submitting a Service Request xxx Definitions of Servic
Inhaltszusammenfassung zur Seite Nr. 4
Contents Layer 3 Software Features 1-5 CEF 1-6 HSRP 1-6 IP Routing Protocols 1-6 Multicast Services 1-8 Policy-Based Routing 1-9 Unidirectional Link Routing 1-9 VRF-lite 1-9 Management Features 1-9 Cisco Network Assistant and Embedded CiscoView 1-10 Dynamic Host Control Protocol 1-10 Forced 10/100 Autonegotiation 1-10 Intelligent Power Management 1-10 NetFlow Statistics 1-11 Secure Shell 1-11 Simple Network Management Protocol 1-11 SPAN and RSPAN 1-11 Security Features 1-12 Network Admission Con
Inhaltszusammenfassung zur Seite Nr. 5
Contents CHAPTER 3 Configuring the Switch for the First Time 3-1 Default Switch Configuration 3-1 Configuring DHCP-Based Autoconfiguration 3-2 Understanding DHCP-Based Autoconfiguration 3-2 DHCP Client Request Process 3-3 Configuring the DHCP Server 3-4 Configuring the TFTP Server 3-4 Configuring the DNS Server 3-5 Configuring the Relay Device 3-5 Obtaining Configuration Files 3-6 Example Configuration 3-7 Configuring the Switch 3-8 Using Configuration Mode to Configure Your Switch 3-9 Verifying
Inhaltszusammenfassung zur Seite Nr. 6
Contents Deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP Ports 4-6 Configuring Optional Interface Features 4-7 Configuring Ethernet Interface Speed and Duplex Mode 4-7 Configuring Jumbo Frame Support 4-10 Interacting with the Baby Giants Feature 4-13 Understanding Online Insertion and Removal 4-13 Monitoring and Maintaining the Interface 4-13 Monitoring Interface and Controller Status 4-14 Clearing and Resetting the Interface 4-14 Shutting Down and Restarting an Interface 4-15 Configuri
Inhaltszusammenfassung zur Seite Nr. 7
Contents CHAPTER 6 Configuring Supervisor Engine Redundancy Using RPR and SSO 6-1 Understanding Cisco IOS NSF-Awareness Support 6-2 Understanding Supervisor Engine Redundancy 6-3 Overview 6-3 RPR Operation 6-4 SSO Operation 6-4 Understanding Supervisor Engine Redundancy Synchronization 6-6 RPR Supervisor Engine Configuration Synchronization 6-6 SSO Supervisor Engine Configuration Synchronization 6-7 Supervisor Engine Redundancy Guidelines and Restrictions 6-7 Configuring Supervisor Engine Redund
Inhaltszusammenfassung zur Seite Nr. 8
Contents Network Assistant-Related Features and Their Defaults 9-4 Overview of the CLI Commands 9-4 Installing Network Assistant 9-5 Getting Started with Network Assistant 9-5 Launching the Network Assistant 9-6 Connecting Network Assistant to a Device 9-7 Using Community Mode to Manage a Network 9-8 Converting a Cluster into a Community 9-11 Using Cluster Mode to Manage a Network of Switches 9-12 Configuring Network Assistant in Community or Cluster Mode 9-15 Configuring Embedded CiscoView Supp
Inhaltszusammenfassung zur Seite Nr. 9
Contents Configuring Ethernet Interfaces for Layer 2 Switching 11-5 Configuring an Ethernet Interface as a Layer 2 Trunk 11-6 Configuring an Interface as a Layer 2 Access Port 11-8 Clearing Layer 2 Configuration 11-9 CHAPTER 12 Configuring SmartPort Macros 12-1 Understanding SmartPort Macros 12-1 Configuring Smart-Port Macros 12-2 Default SmartPort Macro Configuration 12-2 SmartPort Macro Configuration Guidelines 12-4 Creating and Applying SmartPort Macros 12-4 Displaying SmartPort Macros 12-8 C
Inhaltszusammenfassung zur Seite Nr. 10
Contents CHAPTER 14 Configuring STP Features 14-1 Overview of Root Guard 14-2 Enabling Root Guard 14-2 Overview of Loop Guard 14-3 Enabling Loop Guard 14-4 Overview of PortFast 14-5 Enabling PortFast 14-6 Overview of BPDU Guard 14-7 Enabling BPDU Guard 14-7 Overview of PortFast BPDU Filtering 14-8 Enabling PortFast BPDU Filtering 14-8 Overview of UplinkFast 14-10 Enabling UplinkFast 14-11 Overview of BackboneFast 14-12 Enabling BackboneFast 14-15 CHAPTER 15 Understanding and Configuring Multiple
Inhaltszusammenfassung zur Seite Nr. 11
Contents Understanding Port-Channel Interfaces 16-2 Understanding How EtherChannels Are Configured 16-2 Understanding Load Balancing 16-5 EtherChannel Configuration Guidelines and Restrictions 16-5 Configuring EtherChannel 16-6 Configuring Layer 3 EtherChannels 16-6 Configuring Layer 2 EtherChannels 16-9 Configuring the LACP System Priority and System ID 16-11 Configuring EtherChannel Load Balancing 16-12 Removing an Interface from an EtherChannel 16-13 Removing an EtherChannel 16-14 CHAPTER 17
Inhaltszusammenfassung zur Seite Nr. 12
Contents CHAPTER 18 Configuring 802.1Q and Layer 2 Protocol Tunneling 18-1 Understanding 802.1Q Tunneling 18-1 Configuring 802.1Q Tunneling 18-4 802.1Q Tunneling Configuration Guidelines 18-4 802.1Q Tunneling and Other Features 18-5 Configuring an 802.1Q Tunneling Port 18-6 Understanding Layer 2 Protocol Tunneling 18-7 Configuring Layer 2 Protocol Tunneling 18-9 Default Layer 2 Protocol Tunneling Configuration 18-9 Layer 2 Protocol Tunneling Configuration Guidelines 18-10 Configuring Layer 2 Tun
Inhaltszusammenfassung zur Seite Nr. 13
Contents Logical Layer 3 VLAN Interfaces 22-2 Physical Layer 3 Interfaces 22-2 Configuration Guidelines 22-3 Configuring Logical Layer 3 VLAN Interfaces 22-3 Configuring Physical Layer 3 Interfaces 22-4 CHAPTER 23 Configuring Cisco Express Forwarding 23-1 Overview of CEF 23-1 Benefits of CEF 23-1 Forwarding Information Base 23-2 Adjacency Tables 23-2 Catalyst 4500 Series Switch Implementation of CEF 23-3 Hardware and Software Switching 23-4 Load Balancing 23-6 Software Interfaces 23-6 CEF Config
Inhaltszusammenfassung zur Seite Nr. 14
Contents Configuration Examples 24-21 PIM Dense Mode Example 24-21 PIM Sparse Mode Example 24-21 BSR Configuration Example 24-21 CHAPTER 25 Configuring Policy-Based Routing 25-1 Overview of Policy-Based Routing 25-1 Understanding PBR 25-2 Understanding PBR Flow Switching 25-2 Using Policy-Based Routing 25-2 Policy-Based Routing Configuration Task List 25-3 Enabling PBR 25-3 Enabling Local PBR 25-5 Unsupported Commands 25-5 Policy-Based Routing Configuration Examples 25-5 Equal Access Example 25-
Inhaltszusammenfassung zur Seite Nr. 15
Contents Classification 27-6 Policing and Marking 27-10 Mapping Tables 27-14 Queueing and Scheduling 27-14 Packet Modification 27-16 Per Port Per VLAN QoS 27-16 QoS and Software Processed Packets 27-16 Configuring Auto-QoS 27-17 Generated Auto-QoS Configuration 27-17 Effects of Auto-QoS on the Configuration 27-18 Configuration Guidelines 27-18 Enabling Auto-QoS for VoIP 27-19 Displaying Auto-QoS Information 27-20 Auto-QoS Configuration Example 27-21 Configuring QoS 27-23 Default QoS Configuratio
Inhaltszusammenfassung zur Seite Nr. 16
Contents CHAPTER 29 Understanding and Configuring 802.1X Port-Based Authentication 29-1 Understanding 802.1X Port-Based Authentication 29-1 Device Roles 29-2 802.1x and Network Access Control 29-3 Authentication Initiation and Message Exchange 29-3 Ports in Authorized and Unauthorized States 29-4 Using 802.1X with VLAN Assignment 29-5 Using 802.1X Authentication for Guest VLANs 29-6 Using 802.1X with Authentication Failed VLAN Assignment 29-7 Using 802.1X with Port Security 29-8 Using 802.1X wit
Inhaltszusammenfassung zur Seite Nr. 17
Contents Configuring Port Security on an Interface 30-4 Configuring Trunk Port Security 30-7 Configuring Port Security Aging 30-9 Displaying Port Security Settings 30-11 CHAPTER 31 Configuring DHCP Snooping and IP Source Guard 31-1 Overview of DHCP Snooping 31-1 Overview of the DHCP Snooping Database Agent 31-2 Configuring DHCP Snooping on the Switch 31-3 Default Configuration for DHCP Snooping 31-3 Enabling DHCP Snooping 31-4 Enabling DHCP Snooping on Aggregration Switch 31-5 Enabling DHCP Snoo
Inhaltszusammenfassung zur Seite Nr. 18
Contents Performing Validation Checks 32-18 CHAPTER 33 Configuring Network Security with ACLs 33-1 Understanding ACLs 33-1 ACL Overview 33-2 Supported Features That Use ACLs 33-2 Router ACLs 33-3 Port ACLs 33-4 VLAN Maps 33-5 Hardware and Software ACL Support 33-5 TCAM Programming and ACLs 33-6 Layer 4 Operators in ACLs 33-7 Restrictions for Layer 4 Operations 33-8 Configuration Guidelines for Layer 4 Operations 33-8 How ACL Processing Impacts CPU 33-9 Configuring Unicast MAC Address Filtering 3
Inhaltszusammenfassung zur Seite Nr. 19
Contents PVLAN Trunks 34-2 PVLANs and VLAN ACL/QoS 34-2 How to Configure PVLANs 34-3 PVLAN Configuration Guidelines and Restrictions 34-3 Configuring a VLAN as a PVLAN 34-5 Associating a Secondary VLAN with a Primary VLAN 34-6 Configuring a Layer 2 Interface as a PVLAN Promiscuous Port 34-7 Configuring a Layer 2 Interface as a PVLAN Host Port 34-8 Configuring a Layer 2 Interface as a PVLAN Trunk Port 34-9 Permitting Routing of Secondary VLAN Ingress Traffic 34-11 CHAPTER 35 Port Unicast and Mult
Inhaltszusammenfassung zur Seite Nr. 20
Contents Configuration Scenario 37-10 Verifying a SPAN Configuration 37-10 CPU Port Sniffing 37-10 Encapsulation Configuration 37-12 Ingress Packets 37-12 Access List Filtering 37-13 ACL Configuration Guidelines 37-13 Configuring Access List Filtering 37-14 Packet Type Filtering 37-14 Configuration Example 37-15 Configuring RSPAN 37-16 RSPAN Configuration Guidelines 37-16 Creating an RSPAN Session 37-17 Creating an RSPAN Destination Session 37-18 Creating an RSPAN Destination Session and Enablin