|
|
This chapter describes basic interface configuration for the Layer 3 switch router to help you get your switch router up and running. For more information about the Cisco IOS commands used in this chapter, refer to the Cisco IOS Command Reference publication. This chapter includes the following sections:
A router's main function is to relay packets from one data link to another. To do that, the characteristics of the interfaces through which the packets are received and sent must be defined. Interface characteristics include, but are not limited to, IP address, address of the port, data encapsulation method, and media type.
Many features are enabled on a per-interface basis. Interface configuration mode contains commands that modify the interface operation, for example, of an Ethernet port. When you issue the interface command, you must define the interface type and number.
Layer 3 interfaces have both a Media Access Control (MAC) address and an interface name. The router keeps track of these designators, and uses them for routing traffic.
 | Tips To find the MAC address for a device, use the show interfaces command. |
The interface name designates the physical location of the Layer 3 interface within the chassis. This is the name that you use to identify the interface when configuring it. The system software uses interface names to control activity within the switch router and to display status information. Interface names are not used by other devices in the network; they are specific to the individual switch router and its internal components and software.
You can find the interface name on the rear of the switch router. It is composed of a three parts, formatted as slot number/0/port number.
| slot number/ | 0/ | port number |
|---|---|---|
The slot in which the interface module is installed. Module slots are numbered 0 to 12, from top to bottom. | The number of the interface module for this port. When the module consists of a single card, this number is always 0. |
|
The interface names on the Ethernet modules remain the same regardless of whether other modules are installed or removed. However, when you move an interface module to a different slot, the first number in the address changes to reflect the new slot number.
You can identify module ports by physically checking the slot/0/port location on the back of the switch router. You can also use Cisco IOS show commands to display information about a specific interface, or all the interfaces, in the switch router.
The following general configuration instructions apply to all interfaces. Begin in global configuration mode. To configure an interface, follow these steps:
| Tips Before you configure interfaces, be sure to have the interface network (IP or IPX) addresses and the corresponding subnet mask information. If you do not have this information, consult your network administrator. |
Step 1 Use the configure EXEC command at the privileged EXEC prompt to enter the global configuration mode.
Router> enable Router# configure terminal Router (config)#
Step 2 From global configuration mode, enter the interface command, followed by the interface type (for example, Fast Ethernet or Gigabit Ethernet) and its interface name (see the "Interface Name" section).
For example, to configure the Gigabit Ethernet port on slot 1, port 2, use this command:
Router(config)# interface gi 1/0/2
Step 3 Follow each interface command with the interface configuration commands required for your particular interface.
The commands you enter define the protocols and applications that will run on the interface. The commands are collected and applied to the interface command until you enter another interface command, a command that is not an interface configuration command, or you enter Ctrl-Z to return to privileged EXEC mode.
Step 4 Once an interface is configured, you can check its status by using the EXEC show commands.
Router# show interface gi 1/0/2 FastEthernet0 is up, line protocol is up Hardware is Lance, address is 0060.4740.c2b6 (bia 0060.4740.c2b6) MTU 1500 bytes, BW 10000 Kbit, DLY 1000 used, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP TImeout 04:00:00
Layer 3 switching supports two different Gigabit Ethernet interfaces, an eight-port module and a two-port module. This section provides some examples of configurations for both interface types. For more information on interface configuration, see the IOS Command Reference publications.
 | TimeSaver Before you configure interfaces, be sure to have the interface network (IP or IPX) addresses and the corresponding subnet mask information. If you do not have this information, consult your network administrator. |
Table 5-1 shows an example of configuring a two-port Gigabit Ethernet interface.
| Step | Command | Description | ||
|---|---|---|---|---|
| | From global configuration mode, enter Ethernet interface configuration mode to configure the Gigabit Ethernet interface. | ||
| | When you set negotiation mode to auto, the Gigabit Ethernet port attempts to negotiate the link (that is, both port speed and duplex setting) with the partner port. When you set the Gigabit Ethernet interface to no negotiation auto, the port forces the link up no matter what the partner port setting is. This brings up the link with 1000 Mbps and full duplex only. | ||
| | Enter the IP address and IP subnet mask to be assigned to the Gigabit Ethernet x/0/z interface. | ||
| | Return to global configuration mode, and repeat steps 1 to 3 to configure the second Gigabit Ethernet interface on this interface module. | ||
| Router(config)#Ctrl-Z | Return to privileged EXEC mode. | ||
| | When finished, save your configuration changes to NVRAM. |
(config-if)# speed auto
When this command is disabled, the saved values for port speed are restored.
Between ports on the eight-port Gigabit Ethernet interface module itself, local switching at Layer 2 provides nonblocking performance at wire speed. For ports on this module configured as a bridge group, Layer 2 traffic is processed at full Gigabit Ethernet rates. For Layer 3 traffic, however, this interface module provides 2-Gbps routing bandwidth from the switch fabric.
The following configuration sequence for this interface module assumes that you want to optimize throughput by configuring as many ports as possible in a bridge group, and also ensuring those networks are routed using integrated routing and bridging features from Cisco IOS.
For additional configuration considerations, see the "About Integrated Routing and Bridging" section.
To configure an eight-port Gigabit Ethernet interface as a bridge group, use the procedures in Table 5-2 and Table 5-3.
| Step | Command | Description | ||
|---|---|---|---|---|
| | From global configuration mode, define one or more bridge groups. | ||
|
| Enter Ethernet interface configuration mode to configure the Fast Ethernet interface. | ||
| | Assign bridge groups to appropriate interfaces. | ||
| | Return to global configuration mode. |
| Step | Command | Description | ||
|---|---|---|---|---|
| | Enable IRB so you can route traffic from the bridged interfaces. | ||
| | Configure the BVI by assigning the corresponding bridge group's number to the BVI. Each bridge group can only have one corresponding BVI. | ||
| | Configure protocol addresses on routed interfaces. This step shows an example for IP. | ||
|
| Enable a BVI to accept and route routable packets received from its corresponding bridge group. You must issue this command for each protocol that you want the BVI to route from its corresponding bridge group to other routed interfaces. | ||
| | Optionally, you can configure additional routing attributes to the BVI. | ||
| | Save your configuration changes to NVRAM. |
Use the procedure in Table 5-4 to assign an IP address to the Ethernet 10BaseT or 100BaseT interface of your switch router so that it can be recognized as a device on the Ethernet LAN. The Fast Ethernet interface supports 10-Mbps and 100-Mbps speeds with Cisco 10BaseT and 100BaseT routers, hubs, switches, and switch routers.
| Step | Command | Description |
|---|---|---|
| 1 | | From global configuration mode, enter Ethernet interface configuration mode to configure the Fast Ethernet interfaces. |
| 2 | | Enter the IP address and IP subnet mask to be assigned to the FastEthernet x/0/z interface. |
| 3 | | Configure the transmission speed for 10 or 100 Mbps. If you set the speed for auto, you enable autonegotiation on the system--the switch router matches the speed of the partner node. See the "Configuring a Two-Port Gigabit Ethernet Interface" section. |
| 4 | | Configure for full or half duplex. If you set duplex for auto, the switch router matches the duplex setting of the partner node. |
| 5 | | Return to privileged EXEC mode. |
| 6 | | Save your configuration changes to NVRAM. |
Virtual LANs enable network managers to group users logically rather than by physical location. A virtual LAN (VLAN) is an emulation of a standard LAN that allows data transfer and communication to occur without the traditional restraints placed on the network. It can also be considered a broadcast domain set up within a switch. With VLANs, switches can support more than one subnet (or VLAN) on each switch, and give routers and switches the opportunity to support multiple subnets on a single physical link. A group of devices on a LAN are configured so that they communicate as if they were attached to the same LAN segment, when they are actually located on different segments. Layer 3 switching supports up to 255 VLANs per system.
VLANs enable efficient traffic separation and provide excellent bandwidth utilization. VLANs also alleviate scaling issues by logically segmenting the physical LAN structure into different subnetworks so that packets are switched only between ports within the same VLAN. This can be very useful for security, broadcast containment, and accounting.
Layer 3 switching software supports a port-based VLAN on a trunk port, which is a port that carries the traffic of multiple VLANs. Each frame transmitted on a trunk link is tagged as belonging to only one VLAN.
Layer 3 switching software supports VLAN frame encapsulation through the Inter-Switch Link (ISL) protocol and the 802.1Q standard.
ISL is a Cisco protocol for interconnecting multiple switches and maintaining VLAN information as traffic travels between switches. For more information, see the "About Encapsulation Over EtherChannel" section.
The VLAN configuration example shown in Figure 5-1 assumes the following:
To configure the Layer 3 switching VLANs shown in Figure 5-1, use the procedure in Table 5-5.
| Step | Command | Description |
|---|---|---|
| 1 | | From global configuration mode, enter Ethernet subinterface configuration mode to configure the Fast Ethernet subinterface fa 1/0/2.1. |
| 2 |
| |
| 3 | | Assign VLAN 50 to bridge group 1. Note When you are configuring VLAN routing, skip this step. |
| 4 | | Proceed to configure the Fast Ethernet subinterface fa1/0/2.2. |
| 5 | | Assign subinterface fa 1/0/2.2 to VLAN 100. |
| 6 | | Assign VLAN 100 to bridge group 2. |
| 7 | | Return to privileged EXEC mode. |
| 8 | | Save your configuration changes to NVRAM. |
The maximum VLAN bridge group values obtainable are as follows:
Once the VLANs are configured on the switch router, you can monitor their operation using the commands in Table 5-6.
| Command | Description |
|---|---|
show vlan vlan_id | Displays information on all configured VLANs or on a specific VLAN (by VLAN ID number). |
clear vlan vlan_id | When the VLAN ID is not specified, clears the counters for all VLANs. |
debug vlan packet | Displays contents of the packets sent to and exiting from the route processor. |
Port snooping augments the first four RMON groups (mini-RMON). For a description of RMON, see the "Remote Monitoring" section.
Port-based snooping features include the following:
The snooping destination port can be any port in the system, except for the management port on the route processor (Ethernet0) and ports configured for Fast EtherChannel. Typically, the destination port has a network analyzer or RMON probe attached to it.
When in snooping mode, all the existing connections to the snooping destination port are set to the down state, and the snooping destination port cannot perform any Layer 2 or Layer 3 operations in this state. The receive side of the snooping destination port is also disabled when in snooping mode. The snooping destination port resumes normal operation only when snooping mode is disabled.
A source port is a port monitored by the snooping operation. The snooping source ports can be on any interface module.
The normal operation of a snooping source port is not altered during snooping operations. Any port with bandwidth less than or equal to the bandwidth of the snooping destination port can function as a snooping source port.
Layer 3 switching software supports snooping from multiple source ports to a destination port. The total bandwidth of the snooping source ports must not exceed the bandwidth of the snooping destination port. For example, up to ten Fast Ethernet ports can be configured as snooping source ports to a 1-Gb Ethernet destination port.
To enable port-based snooping on an interface, follow the procedure in Table 5-7.
| Step | Command | Description |
|---|---|---|
| 1 |
| From global configuration mode, define the interface configuration for the destination (test) port. Use the standard interface addressing nomenclature: fa x/0z or gi x/0/z. |
| 2 | | Shut down the destination port. |
| 3 | |
Snoop direction parameters: |
| 4 | | When you bring the destination port back up, snooping mode is fully functional. |
| 5 | | Save your configuration changes to NVRAM. |
To disable port-based snooping on an interface, follow the procedure in Table 5-8.
| Step | Command | Description | ||
|---|---|---|---|---|
|
| Go to the interface previously configured as the destination port. Use the standard interface addressing nomenclature: fa x/0z or gi x/0/z. | ||
| | Shut down the destination port. | ||
| | The no snoop interface command disables port snooping by the destination port defined in Step 1 on the indicated source port. | ||
| | When you bring the destination port back up, snooping mode is disabled and any existing configuration and connections are reestablished. | ||
| | Save your configuration changes to NVRAM. |
To view the current snooping mode configuration and status, use the commands in Table 5-9.
| Monitoring Command | Displays |
|---|---|
show snoop interface destination_port | Whether the indicated destination port is in snooping mode. If so, it indicates the source (monitored) port and the snooping direction. |
show snoop | All the snoop sessions configured on the system. |
show snoop-vc interface destination_port | The list of virtual circuits that are being monitored by the destination port. |
Now that you have configured the interfaces on your switch router, see "Networking Protocol Configurations," for instructions on configuring network and routing protocols.
Posted: Wed Aug 2 15:37:48 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.