Product Overview

The Catalyst 5000 series of LAN switches allow organizations to migrate from traditional shared-hub LANs to large-scale, fully integrated internetworks. Catalyst 5000 series switches provide switched connections to individual workstations, servers, LAN segments, backbones, or other Catalyst 5000 series switches using shielded twisted-pair, unshielded twisted-pair (UTP), and fiber-optic cable. This chapter includes the following sections:

• Catalyst 5000 Series Switches

• Supported Switching Modules

• Supported Software Features

• Supported Internet Protocols

• Supported MIBs

For detailed descriptions of the hardware features and functionality of the Catalyst 5000 series switches, refer to the Catalyst 5000 Installation Guide, the Catalyst 5002 Installation Guide, or the Catalyst 5500 Installation Guide.

---

Note Throughout this guide and all Catalyst 5000 series documents, the term "Catalyst 5000 series switches" refers to all of the Catalyst 5000 series switches--Catalyst 5000, Catalyst 5002, and Catalyst 5500--unless otherwise noted.

---

Catalyst 5000 Series Switches

Table 1-1 lists and describes the Catalyst 5000 series switches.

Table  1-1: Catalyst 5000 Series Switch Models

Switch Model	Description	Features
Catalyst 5002	2-slot switch	Supports 1 supervisor module and 1 additional switching module (Ethernet, Fast Ethernet, CDDI/FDDI1, or ATM2) Supports optional redundant AC- or DC-input power supply
Catalyst 5000	5-slot switch	Supports 1 supervisor module and up to 4 additional switching modules (Ethernet, Fast Ethernet, CDDI/FDDI, and ATM) Supports optional redundant AC- or DC-input power supply
Catalyst 5500	13-slot switch	Supports 1 supervisor module and up to 12 additional switching modules (Ethernet, Fast Ethernet, CDDI/FDDI, ATM, and LightStream 1010) Supports optional redundant supervisor module Supports optional redundant AC- or DC-input power supply

1. 1. CDDI/FDDI = Copper Distributed Data Interface/Fiber Distributed Data Interface.
   
2. 2. ATM = Asynchronous Transfer Mode.
   

High-Performance Switching Backplanes

The Catalyst 5000 and Catalyst 5002 switches feature a single, integrated 1.2 Gbps switching backplane. The Catalyst 5500 switches feature a 3.6-Gbps switching backplane. All Catalyst 5000 series switches support switched 10/100 Mbps Ethernet/Fast Ethernet and Ethernet repeater connections, with backbone connections to Fast Ethernet, Asynchronous Transfer Mode (ATM), Fiber Distributed Data Interface (FDDI), Copper Distributed Data Interface (CDDI), and Token Ring.

Slot 1 in all Catalyst 5000 series switches is dedicated to the supervisor engine module. The Catalyst 5500 switch supports a redundant supervisor engine module and LightStream 1010 modules. The Catalyst 5500 switch supports ATM Port Adapter Modules (PAMs) in slots
9 through 12.

---

Note In a configuration that includes ATM modules, slot 13 in the Catalyst 5500 switch is reserved for the ATM Switch Processor (ASP).

---

All Catalyst 5000 series switches support wire-speed, single-stream 10-Mbps Ethernet and 100-Mbps Fast Ethernet packet transmission for packet sizes from 64 bytes to 1500 bytes. When
100 pairs of interfaces are configured, the switches also support wire-speed, multiple-stream 10-Mbps Ethernet traffic with no packet loss.

Three levels of priority are available on the data switching bus to handle an oversubscribed interface: backplane-based, high priority, and low priority. Two of these priority levels are user defined; each interface can be set as high priority or normal priority.

Network Management Processor Software

Catalyst 5000 series switches use Network Management Processor (NMP) software, which governs the general control of the hardware, its configuration, and diagnostic routines. The NMP software comes installed on the supervisor engine module. The supervisor engine modules in the Catalyst 5500 switch have been enhanced to support the redundant supervisor-engine-module option, and are fully backward-compatible with Catalyst 5000 and Catalyst 5002 switches.

---

Note Catalyst 5000 and Catalyst 5002 supervisor engine modules do not support the redundant supervisor-engine-module option and are therefore not upward-compatible with Catalyst 5500 switches.

---

Ethernet and Fast Ethernet modules also use the NMP software. However, FDDI and ATM LAN Emulation (LANE) modules require additional software.

NMP software includes a command-line interface (CLI) that allows you to configure specific features of the Catalyst 5000 series switch modules to enhance network performance. For more information, see Chapter 2, "Understanding the Command-Line Interfaces." For descriptions of all available CLI commands, refer to the Catalyst 5000 Series Command Reference publication.

NMP software uses the IEEE 802.1D bridge protocol Spanning-Tree Protocol (STP), which helps create fault-tolerant internetworks by ensuring an active, loop-free data path between all nodes in the network. The Spanning-Tree Protocol uses an algorithm to calculate the best loop-free path throughout a Catalyst 5000 series switched network. Spanning-tree packets are sent and received by switches in the network at regular intervals. The packets are not forwarded by the switches participating in the spanning tree, but instead are processed to determine the current topology of the spanning tree itself.

Supported Switching Modules

Catalyst 5000 series switching modules use OSI Layer 2 LAN switching to prevent unicast packets that are sent between two switched ports from going to all the switched ports on the LAN. Preventing extraneous traffic across switched interfaces increases the bandwidth of all networks. Catalyst 5000 series switches support the following switching modules:

• Ethernet and Fast Ethernet

• CDDI/FDDI

• ATM

Ethernet and Fast Ethernet

Catalyst 5000 series Ethernet and Fast Ethernet switching modules provide high-density switching for both wiring closet and data-center applications.

Typically, the Catalyst 5000 Ethernet modules connect workstations and repeaters, and the Fast Ethernet modules connect workstations, servers, switches, and routers. The 10/100 BaseTX Fast Ethernet Switching Module supports autosensing and autonegotiation, a process that allows the Catalyst 5000 to negotiate the correct port connection speed (10 or 100 Mbps) and duplex mode (half or full duplex) with an attached device. Fast Ethernet connections can interconnect multiple
Catalyst 5000 switches on multiple floors in different buildings of a campus. Fast Ethernet connections can also act as redundant backup links between switches and can expand existing Ethernet networks that need additional capacity.

The Catalyst 5000 series switch employs virtual LANs (VLANs) and STP on all Ethernet and Fast Ethernet ports.

For information on configuring the Ethernet and Fast Ethernet modules, including STP, refer to Chapter 4, "Configuring Ethernet and Fast Ethernet Switching Modules." For information on configuring VLANs, refer to Chapter 7, "Configuring Virtual LANs."

CDDI/FDDI

Catalyst 5000 series switches support an optional CDDI/FDDI switching module. A/B port cards--which support single-mode optic fiber, multimode optic fiber, and CDDI/MLT-3 copper cabling--provide connectivity from the CDDI/FDDI interface to a variety of wiring plants. All A/B port cards allow you to configure the switch for single-attached, dual-attached, or dual-homed operation.

When configured as a single-attached station, either the A or B port on the FDDI module is connected to an M port on a CDDI/FDDI concentrator. The concentrator is in turn connected to the CDDI/FDDI rings through its own A/B ports. When configured as a dual-attached station, both the A and B ports of the CDDI/FDDI module must be attached to the CDDI/FDDI ring cabling.

For information on configuring the CDDI/FDDI modules, refer to Chapter 6, "Configuring the CDDI/FDDI Module."

ATM

Catalyst 5000 series ATM switching modules support ATM connectivity through the use of LANE technology, which allows an ATM network to model a LAN backbone for Ethernet switches. LANE, which is an ATM service defined by the ATM Forum specification "LAN Emulation over ATM," ATM_FORUM 94-0035, makes an ATM interface look like one or more Ethernet interfaces. It also allows upper-layer protocols that expect connectionless service to use connection-oriented ATM switches. LANE extends VLANs throughout the network by establishing point-to-point ATM virtual-circuit connections between switches on the same VLAN.

The following are LAN-specific characteristics:

• Connectionless services

• Multicast services

• LAN MAC driver services

For information on configuring the ATM module, refer to Chapter 5, "Configuring the ATM Module."

Supported Software Features

Catalyst 5000 series switches support the following software features:

• VLANs-- Allow you to control traffic flow by grouping end stations into administratively defined broadcast domains.

• Multicast Services-- Allow you to prevent traffic congestion on your network.

• Supervisor Resilience-- Allows you to establish resilient and fault-tolerant networks by using redundant supervisor modules and the STP.

• Network Security-- Allows you to establish Media Access Control (MAC) address security by blocking input to an Ethernet or Fast Ethernet port, and to control access through Terminal Access Control Access Control System Plus (TACACS+).

• Network Management-- Includes a variety of features allowing you to configure and manage your network for optimal performance.

Virtual Local Area Networks

A VLAN on a Catalyst 5000 series switch is essentially an administratively defined broadcast domain. Only end stations within the VLAN receive packets that are unicast, broadcast, or multicast (flooded). A VLAN enhances performance by limiting traffic; it allows the transmission of traffic among stations that belong to it and blocks traffic from other stations in other VLANs. VLANs can provide security barriers (firewalls) between end stations on different VLANs within the same switch.

The VLAN feature includes the following components:

VLAN Trunks	Allows you to extend VLANs from one Catalyst 5000 series switch to one or more routers or other Catalyst 5000 series switches using high-speed interfaces, such as Fast Ethernet, FDDI, and ATM.
Load Sharing	Allows parallel Fast Ethernet Inter-Switch Link (ISL) trunks to split traffic between multiple trunks. By setting spanning-tree parameters on a VLAN basis, you can define which VLANs are active on a trunk and which use the trunk as a backup if the active trunk fails.
VLAN Trunk Protocol	Allows VLAN naming consistency and connectivity between all devices in a management domain. When new VLANs are added to a Catalyst 5000 series switch in a management domain, the VLAN Trunk Protocol (VTP) automatically distributes the information to all the devices in the management domain. The VTP is transmitted on all trunk connections, including ISL, 802.10, and ATM LANE. You can have redundancy in a network domain by using multiple VTP servers, through which you can maintain and modify the global VLAN information. Only a few VTP servers are required in a large network. All devices are normally VTP servers in a small network.
VTP Pruning	Limits the extent of packet forwarding through VLANs to specific areas of the network. VTP pruning constrains flooded traffic to only those trunks necessary to reach network devices on that VLAN. Although all packet types are received from a pruned VLAN, trunk ports send only Cisco Discovery Protocol (CDP), Spanning-Tree Protocol, and VTP packets to pruned VLANs. No other broadcast or flooded unicast frames are sent to pruned VLANs.
Dynamic Port VLAN Membership	Provides the flexibility to move a connection from a port on one device to a port on another device in the network while retaining the VLAN identity of the port.

For information on configuring VLANs, refer to Chapter 7, "Configuring Virtual LANs."

Multicast Services

Multicasting saves bandwidth by forcing the network to replicate packets only when necessary and by allowing hosts to join and leave groups dynamically.

The multicast services feature includes the following components:

Cisco Group Management Protocol	Manages multicast traffic in Catalyst 5000 series switches. IP multicast packets are filtered to go only to ports with a host interested in receiving each multicast address.
Broadcast/Multicast Suppression	Provides a means of limiting broadcast from any port and can prevent a switched port from being disrupted by a broadcast storm.

For information on configuring multicast services, refer to Chapter 8, "Configuring Multicast Services."

Supervisor Resilience

The Catalyst 5500 series switch offers the option of using two supervisor engine modules to provide fault tolerance in mission-critical environments and to ensure switching resilience. The two supervisor modules coexist in slots 1 and 2 of the Catalyst 5500 chassis. When the switch is powered up, the Supervisor module that comes up first enters active mode, while the second Supervisor module goes to standby mode. All network management functions take place on the active supervisor. The Ethernet ports on the standby supervisor are inactive in the same way that enabled ports on disabled modules are inactive. The console port on the standby supervisor module is also inactive.

If the active Supervisor module detects a major problem, it resets itself. The standby Supervisor detects that the active Supervisor has been reset and becomes the active Supervisor. When the resetting Supervisor comes back up, it enters standby mode.

An LED on the Supervisor module indicates its status. The LED is green when the Supervisor module is in active mode, orange when it is in standby mode, and red if there is a redundancy error condition.

For information on configuring Supervisor resilience, refer to Chapter 9, "Supervisor Resilience."

Network Security

Network security features allow you to control access to network resources to protect sensitive information from unauthorized users.

The network security feature includes the following components:

MAC Address Security	Allows Ethernet and Fast Ethernet switching modules to block input to an Ethernet or Fast Ethernet port when the MAC address of a station attempting to access the port is different from the configured or learned MAC address.
TACACS+ Protocol	Controls access to the NMP and determines the identity of a user by verifying a user name with a password.

For information on configuring network security, refer to Chapter 10, "Configuring Network Security."

Network Management

Catalyst 5000 series switches offer network management and control through the CLI or through alternative methods such as CiscoWorks for Switched Networks and Simple Network Management Protocol (SNMP). The network management feature includes the following components:

CiscoWorks for Switched Internetworks	Provides tools for configuring Catalyst switches.
Simple Network Management Protocol	Facilitates the exchange of management information between network devices.
Remote Monitoring	Allows various network monitors and console systems to exchange network monitoring data.
Telnet Client Access	Allows a network manager to use the Telnet feature to transition from the CLI of the switch to other devices on the network.
Cisco Discovery Protocol	Allows network management applications to retrieve the device type and SNMP-agent address of neighboring devices so that the applications can send SNMP queries to neighboring devices.
Switched Port Analyzer	Enables you to monitor traffic on any port for analysis by a sniffer or Remote Monitoring (RMON) probe.
Serial Line Protocol	Allows access to the Catalyst 5000 series switch administrative interface using Serial Line Internet Protocol (SLIP). SLIP is a version of the IP that runs over serial links.
System Message Logs	Allows you to redirect debug EXEC command output and system error messages from the NMP, as well as output from asynchronous events such as interface transition, to other destinations. These destinations include virtual terminals, internal buffers, and UNIX hosts running a syslog server; the syslog format is compatible with 4.3 BSD UNIX.
Network Time Protocol	Time-synchronizes Catalyst 5000 series switches in a network by downloading the system time to all users. This synchronization allows events to be correlated when system logs are created and other time-specific events occur. NTP is off by default.
Domain Name System	Allows the resolution of host names through the Domain Name System protocol from a DNS server. This feature is available to all IP commands such as ping, unload, download, and outgoing telnet.
Login Banner	Allows you to create a single-line or multiline message banner that appears on your screen before session login. To create the message, you must be in privileged mode.
Multiple Module Download	Allows you to perform a single Trivial File Transfer Protocol (TFTP) download that updates all modules of the same type on a Catalyst 5000 series switch.

For information on network management and control features, refer to Chapter 11, "Configuring Network Management."

Supported Internet Protocols

Catalyst 5000 series switches use the following standard Internet protocols:

• Address Resolution Protocol (ARP)--Determines the destination Media Access Control (MAC) address of a host using its known IP address.

• BOOTP--Allows the switch (BOOTP client) to retrieve its IP address from a BOOTP server. BOOTP uses connectionless transport layer User Datagram Protocol (UDP).

• Internet Control Message Protocol (ICMP)--Allows hosts to send error or control messages to other hosts. ICMP is a required part of IP. For example, the ping command uses ICMP echo requests to test if a destination is alive and reachable.

• Internet Protocol (IP)--Sends IP datagram packets between nodes on the Internet. IP is a protocol suite.

• Packet internet groper (ping)--Tests the accessibility of a remote site by sending it an ICMP echo request and waiting for a reply.

• Reverse Address Resolution Protocol (RARP)--Determines an IP address knowing only a Media Access Control (MAC) address. For example, BOOTP and RARP broadcast requests are used to get IP addresses from a BOOTP or RARP server.

• Serial Line Internet Protocol (SLIP)--Allows IP communications over the administrative interface. SLIP is a version of IP that runs over serial links.

• Simple Network Management Protocol (SNMP)--Processes requests for network management stations and reports exception conditions when they occur. These agents require access to information stored in a Management Information Base (MIB). (For more information, refer to the following section, "Supported MIBs.")

• Transmission Control Protocol (TCP)--Transports full-duplex, connection-oriented, end-to-end packets running on top of IP. For example, the Telnet protocol uses the TCP/IP protocol suite.

• Telnet--Allows remote access to the administrative interface of a switch over the network (in band). Telnet is a terminal emulation protocol.

• Trivial File Transfer Protocol (TFTP)--Downloads software updates and configuration files to workgroup switch products.

• User Datagram Protocol (UDP)--Allows an application (such as an SNMP agent) on one system to send a datagram to an application (a network management station using SNMP) on another system. UDP uses IP to deliver datagrams. UDP/IP protocol suites are used by TFTP and SNMP.

Supported MIBs

Catalyst 5000 series switches support the following standard and enterprise-specific MIBs:

• RFC 1155-1157 (SNMP v1)

• RFC 1213 (MIB II)

• RFC 1493 (Bridge MIB)

• RFC 1512 (FDDI MIB)

• RFC 1516 (SNMP-REPEATER-MIB)

• RFC 1573 (Interfaces MIB)

• RFC 1643 (MIB for Ethernet Interface; supersedes RFC 1398 t10)

• RFC 1757 (RMON MIB)

• CISCO-CDP-MIB

• CISCO-STACK-MIB

• CISCO-VTP-MIB

For more information about Cisco-proprietary MIBs, refer to Appendix C, "Workgroup MIB Reference."