Resumen del contenido incluido en la página 1
Catalyst 3750-E and 3560-E Switch
Software Configuration Guide
Cisco IOS Release 12.2(37)SE
May 2007
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-9775-02
Resumen del contenido incluido en la página 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE
Resumen del contenido incluido en la página 3
CONTENTS Preface xliii Audience xliii Purpose xliii Conventions xliii Related Publications xliv Obtaining Documentation, Obtaining Support, and Security Guidelines xlvi CHAPTER 1 Overview 1-1 Features 1-1 Deployment Features 1-2 Performance Features 1-4 Management Options 1-5 Manageability Features 1-6 Availability and Redundancy Features 1-7 VLAN Features 1-8 Security Features 1-8 QoS and CoS Features 1-10 Layer 3 Features 1-11 Power over Ethernet Features 1-12 Monitoring Features 1-13 Defaul
Resumen del contenido incluido en la página 4
Contents Understanding Abbreviated Commands 2-4 Understanding no and default Forms of Commands 2-4 Understanding CLI Error Messages 2-5 Using Configuration Logging 2-5 Using Command History 2-6 Changing the Command History Buffer Size 2-6 Recalling Commands 2-6 Disabling the Command History Feature 2-7 Using Editing Features 2-7 Enabling and Disabling Editing Features 2-7 Editing Commands through Keystrokes 2-8 Editing Command Lines that Wrap 2-9 Searching and Filtering Output of show and more
Resumen del contenido incluido en la página 5
Contents Scheduling a Reload of the Software Image 3-17 Configuring a Scheduled Reload 3-17 Displaying Scheduled Reload Information 3-18 CHAPTER 4 Configuring Cisco IOS CNS Agents 4-1 Understanding Cisco Configuration Engine Software 4-1 Configuration Service 4-2 Event Service 4-3 NameSpace Mapper 4-3 What You Should Know About the CNS IDs and Device Hostnames 4-3 ConfigID 4-3 DeviceID 4-4 Hostname and DeviceID 4-4 Using Hostname, DeviceID, and ConfigID 4-4 Understanding Cisco IOS Agents 4-5 I
Resumen del contenido incluido en la página 6
Contents Stack Protocol Version Compatibility 5-11 Major Version Number Incompatibility Among Switches 5-11 Minor Version Number Incompatibility Among Switches 5-11 Understanding Auto-Upgrade and Auto-Advise 5-12 Auto-Upgrade and Auto-Advise Example Messages 5-13 Incompatible Software and Stack Member Image Upgrades 5-15 Switch Stack Configuration Files 5-15 Additional Considerations for System-Wide Configuration on Switch Stacks 5-16 Switch Stack Management Connectivity 5-16 Connectivity to t
Resumen del contenido incluido en la página 7
Contents HSRP and Standby Cluster Command Switches 6-11 Virtual IP Addresses 6-12 Other Considerations for Cluster Standby Groups 6-12 Automatic Recovery of Cluster Configuration 6-13 IP Addresses 6-14 Hostnames 6-14 Passwords 6-15 SNMP Community Strings 6-15 Switch Clusters and Switch Stacks 6-16 TACACS+ and RADIUS 6-17 LRE Profiles 6-17 Using the CLI to Manage Switch Clusters 6-18 Catalyst 1900 and Catalyst 2820 CLI Considerations 6-18 Using SNMP to Manage Switch Clusters 6-19 CHAPTER 7 Admi
Resumen del contenido incluido en la página 8
Contents Creating a Banner 7-17 Default Banner Configuration 7-17 Configuring a Message-of-the-Day Login Banner 7-18 Configuring a Login Banner 7-19 Managing the MAC Address Table 7-19 Building the Address Table 7-20 MAC Addresses and VLANs 7-20 MAC Addresses and Switch Stacks 7-21 Default MAC Address Table Configuration 7-21 Changing the Address Aging Time 7-21 Removing Dynamic Address Entries 7-22 Configuring MAC Address Notification Traps 7-22 Adding and Removing Static Address Entries 7-24
Resumen del contenido incluido en la página 9
Contents Configuring Multiple Privilege Levels 9-7 Setting the Privilege Level for a Command 9-8 Changing the Default Privilege Level for Lines 9-9 Logging into and Exiting a Privilege Level 9-9 Controlling Switch Access with TACACS+ 9-10 Understanding TACACS+ 9-10 TACACS+ Operation 9-12 Configuring TACACS+ 9-12 Default TACACS+ Configuration 9-13 Identifying the TACACS+ Server Host and Setting the Authentication Key 9-13 Configuring TACACS+ Login Authentication 9-14 Configuring TACACS+ Authori
Resumen del contenido incluido en la página 10
Contents Configuring the Switch for Secure Shell 9-37 Understanding SSH 9-38 SSH Servers, Integrated Clients, and Supported Versions 9-38 Limitations 9-39 Configuring SSH 9-39 Configuration Guidelines 9-39 Setting Up the Switch to Run SSH 9-40 Configuring the SSH Server 9-41 Displaying the SSH Configuration and Status 9-41 Configuring the Switch for Secure Socket Layer HTTP 9-42 Understanding Secure HTTP Servers and Clients 9-42 Certificate Authority Trustpoints 9-42 CipherSuites 9-44 Configur
Resumen del contenido incluido en la página 11
Contents Using IEEE 802.1x Authentication with Port Security 10-16 Using IEEE 802.1x Authentication with Wake-on-LAN 10-17 Using IEEE 802.1x Authentication with MAC Authentication Bypass 10-17 Network Admission Control Layer 2 IEEE 802.1x Validation 10-19 Using Multidomain Authentication 10-19 Using Web Authentication 10-20 Configuring IEEE 802.1x Authentication 10-21 Default IEEE 802.1x Authentication Configuration 10-22 IEEE 802.1x Authentication Configuration Guidelines 10-23 IEEE 802.1x Au
Resumen del contenido incluido en la página 12
Contents CHAPTER 11 Configuring Interface Characteristics 11-1 Understanding Interface Types 11-1 Port-Based VLANs 11-2 Switch Ports 11-2 Access Ports 11-3 Trunk Ports 11-3 Tunnel Ports 11-4 Routed Ports 11-4 Switch Virtual Interfaces 11-5 EtherChannel Port Groups 11-5 10-Gigabit Ethernet Interfaces 11-6 Power over Ethernet Ports 11-6 Supported Protocols and Standards 11-6 Powered-Device Detection and Initial Power Allocation 11-7 Power Management Modes 11-8 Power Monitoring and Power Policing
Resumen del contenido incluido en la página 13
Contents Configuring the Power Supplies 11-37 Monitoring and Maintaining the Interfaces 11-38 Monitoring Interface Status 11-38 Clearing and Resetting Interfaces and Counters 11-39 Shutting Down and Restarting the Interface 11-40 CHAPTER 12 Configuring Smartports Macros 12-1 Understanding Smartports Macros 12-1 Configuring Smartports Macros 12-2 Default Smartports Macro Configuration 12-2 Smartports Macro Configuration Guidelines 12-3 Creating Smartports Macros 12-4 Applying Smartports Macros
Resumen del contenido incluido en la página 14
Contents Trunking Overview 13-16 Encapsulation Types 13-18 IEEE 802.1Q Configuration Considerations 13-19 Default Layer 2 Ethernet Interface VLAN Configuration 13-19 Configuring an Ethernet Interface as a Trunk Port 13-19 Interaction with Other Features 13-20 Configuring a Trunk Port 13-20 Defining the Allowed VLANs on a Trunk 13-21 Changing the Pruning-Eligible List 13-22 Configuring the Native VLAN for Untagged Traffic 13-23 Configuring Trunk Ports for Load Sharing 13-24 Load Sharing Using S
Resumen del contenido incluido en la página 15
Contents Configuring VTP 14-6 Default VTP Configuration 14-7 VTP Configuration Options 14-7 VTP Configuration in Global Configuration Mode 14-7 VTP Configuration in VLAN Database Configuration Mode 14-8 VTP Configuration Guidelines 14-8 Domain Names 14-8 Passwords 14-8 VTP Version 14-9 Configuration Requirements 14-9 Configuring a VTP Server 14-9 Configuring a VTP Client 14-11 Disabling VTP (VTP Transparent Mode) 14-12 Enabling VTP Version 2 14-13 Enabling VTP Pruning 14-14 Adding a VTP Client
Resumen del contenido incluido en la página 16
Contents Configuring Private VLANs 16-6 Tasks for Configuring Private VLANs 16-6 Default Private-VLAN Configuration 16-7 Private-VLAN Configuration Guidelines 16-7 Secondary and Primary VLAN Configuration 16-7 Private-VLAN Port Configuration 16-8 Limitations with Other Features 16-9 Configuring and Associating VLANs in a Private VLAN 16-10 Configuring a Layer 2 Interface as a Private-VLAN Host Port 16-12 Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port 16-13 Mapping Secondary
Resumen del contenido incluido en la página 17
Contents Bridge ID, Switch Priority, and Extended System ID 18-4 Spanning-Tree Interface States 18-5 Blocking State 18-7 Listening State 18-7 Learning State 18-7 Forwarding State 18-7 Disabled State 18-8 How a Switch or Port Becomes the Root Switch or Root Port 18-8 Spanning Tree and Redundant Connectivity 18-9 Spanning-Tree Address Management 18-9 Accelerated Aging to Retain Connectivity 18-9 Spanning-Tree Modes and Protocols 18-10 Supported Spanning-Tree Instances 18-10 Spanning-Tree Interop
Resumen del contenido incluido en la página 18
Contents CHAPTER 19 Configuring MSTP 19-1 Understanding MSTP 19-2 Multiple Spanning-Tree Regions 19-2 IST, CIST, and CST 19-3 Operations Within an MST Region 19-3 Operations Between MST Regions 19-4 IEEE 802.1s Terminology 19-5 Hop Count 19-5 Boundary Ports 19-6 IEEE 802.1s Implementation 19-6 Port Role Naming Change 19-7 Interoperation Between Legacy and Standard Switches 19-7 Detecting Unidirectional Link Failure 19-8 MSTP and Switch Stacks 19-8 Interoperability with IEEE 802.1D STP 19-9 Und
Resumen del contenido incluido en la página 19
Contents Specifying the Link Type to Ensure Rapid Transitions 19-24 Designating the Neighbor Type 19-25 Restarting the Protocol Migration Process 19-26 Displaying the MST Configuration and Status 19-26 CHAPTER 20 Configuring Optional Spanning-Tree Features 20-1 Understanding Optional Spanning-Tree Features 20-1 Understanding Port Fast 20-2 Understanding BPDU Guard 20-2 Understanding BPDU Filtering 20-3 Understanding UplinkFast 20-3 Understanding Cross-Stack UplinkFast 20-5 How CSUF Works 20-6
Resumen del contenido incluido en la página 20
Contents Configuring Flex Links and MAC Address-Table Move Update 21-5 Configuration Guidelines 21-5 Default Configuration 21-5 Configuring Flex Links and MAC Address-Table Move Update 21-6 Configuring Flex Links 21-6 Configuring VLAN Load Balancing on Flex Links 21-8 Configuring the MAC Address-Table Move Update Feature 21-9 Monitoring Flex Links and the MAC Address-Table Move Update 21-11 CHAPTER 22 Configuring DHCP Features and IP Source Guard 22-1 Understanding DHCP Features 22-1 DHCP Serv