Product Overview

The Catalyst 5000 series switches allow organizations to migrate from traditional shared-hub LANs to large-scale, fully integrated internetworks. Catalyst 5000 series switches provide switched connections to individual workstations, servers, LAN segments, backbones, or other Catalyst 5000 series switches using shielded twisted-pair, unshielded twisted-pair, and fiber-optic cable. This chapter includes the following sections:

• Catalyst 5000 Series Switches

• Supported Modules

• Supported Software Features

• Supported Internet Protocols

• Supported MIBs

For descriptions of the Catalyst 5000 series switch hardware, refer to the Catalyst 5000 Series Installation Guide and the Catalyst 5000 Series Module Installation Guide.

---

Note Throughout this guide and all Catalyst 5000 series documents, the term "Catalyst 5000 series switches" refers to all of the Catalyst 5000 series switches--Catalyst 5000, Catalyst 5002, and Catalyst 5500--unless otherwise noted.

---

Catalyst 5000 Series Switches

Table 1-1 describes the Catalyst 5000 series switches.

Table  1-1: Catalyst 5000 Series Switch Models

Switch Model	Description	Features
Catalyst 5002	2-slot switch	Supports 1 supervisor module and 1 additional switching module (Ethernet, Fast Ethernet, CDDI/FDDI1 or ATM2) Supports optional redundant AC-input power supply
Catalyst 5000	5-slot switch	Supports 1 supervisor module, up to 4 additional switching modules (Ethernet, Fast Ethernet, CDDI/FDDI, ATM), and the RSM3 Supports optional redundant AC- or DC-input power supply
Catalyst 5500	13-slot switch	Supports 1 supervisor module, up to 12 additional switching modules (Ethernet, Fast Ethernet, CDDI/FDDI, ATM, and LightStream 1010), and the RSM Supports optional redundant supervisor module Supports optional redundant AC- or DC-input power supply

High-Performance Switching Backplanes

The Catalyst 5000 and Catalyst 5002 switches have a single, integrated 1.2-Gbps switching backplane; the Catalyst 5500 switch has a 3.6-Gbps switching backplane. All Catalyst 5000 series switches support switched 10/100 Mbps Ethernet/Fast Ethernet and Ethernet repeater connections, with backbone connections to Fast Ethernet, Asynchronous Transfer Mode (ATM), Fiber Distributed Data Interface (FDDI), Copper Distributed Data Interface (CDDI), and Token Ring.

Slot 1 in all Catalyst 5000 series switches is dedicated to the supervisor engine module. The Catalyst 5500 switch supports a redundant supervisor engine module in slot 2 and LightStream 1010 ATM modules in slots 9 through 13. In addition, the Catalyst 5000 and Catalyst 5500 switches support the RSM.

---

Note Slot 13 in the Catalyst 5500 switch is reserved for the ATM Switch Processor (ASP); ATM Port Adapter Modules (PAMs) can be installed in slots 9 through 12.

---

See the following "Supervisor Engine Modules" section and "Understanding Supervisor Resilience," for more information on the Catalyst 5000 series supervisor engines.

All Catalyst 5000 series switches support wire-speed, single-stream, 10-Mbps Ethernet and 100-Mbps Fast Ethernet packet transmission for packet sizes from 64 to 1500 bytes. When 100 pairs of interfaces are configured, the switches also support wire-speed, multiple-stream 10-Mbps Ethernet traffic with no packet loss.

Three priority levels are available on the data-switching bus to handle an oversubscribed interface: backplane-based, high priority, and low priority. The high- and low-priority levels are user defined; each interface can be set as high priority or normal priority.

Supervisor Engine Modules

Two types of supervisor engine modules are available on Catalyst 5000 series switches: Supervisor Engine I and Supervisor Engine II. Supervisor Engine II supports the redundant supervisor engine option available in the Catalyst 5500 switch.

The Catalyst 5000 and Catalyst 5002 switches accept both Supervisor Engines I and II, although these switches do not support the redundant supervisor module option. The Catalyst 5500 switch accepts Supervisor Engine II only. The Catalyst 2900 switch accepts Supervisor Engine I only.

Table 1-2 shows the supervisor engine module types and which Catalyst 5000 series switch each supports.

Table  1-2: Supervisor Engine Module Matrix

Switch	Supervisor Engine I	Supervisor Engine II
Catalyst 2900	Yes	No
Catalyst 5000	Yes	Yes
Catalyst 5002	Yes	Yes
Catalyst 5500	No	Yes

Network Management Processor Software

Catalyst 5000 series switches use Network Management Processor (NMP) software, which governs the general control of the hardware, its configuration, and diagnostic routines. The NMP software comes installed on the supervisor engine module. Ethernet and Fast Ethernet modules also use the NMP software. However, FDDI and ATM LAN Emulation (LANE) modules require additional software images, which are installed directly onto the modules.

A command-line interface (CLI) included in the NMP software allows you to configure Catalyst 5000 series modules to enhance network performance. For more information, see "Understanding the Command-Line Interfaces." For descriptions of the available CLI commands, refer to the Catalyst 5000 Series Command Reference publication.

NMP software uses the IEEE 802.1D bridge protocol Spanning-Tree Protocol, which helps create fault-tolerant internetworks by ensuring an active, loop-free data path between all nodes in the network. The Spanning-Tree Protocol uses an algorithm to calculate the best loop-free path throughout a Catalyst 5000 series switched network. Spanning-tree packets are sent and received by switches in the network at regular intervals. The packets are not forwarded by the switches participating in the spanning tree, but instead are processed to determine the current topology of the spanning tree itself.

Supported Modules

Catalyst 5000 series switching modules use OSI Layer 2 LAN switching to prevent unicast packets that are sent between two switched ports from going to all the switched ports on the LAN, thereby increasing the bandwidth of all networks. Catalyst 5000 series switches support the following switching modules:

• Ethernet and Fast Ethernet

• CDDI/FDDI

• ATM

In addition, the Catalyst 5000 and Catalyst 5500 switches support the RSM.

Ethernet and Fast Ethernet

Catalyst 5000 series Ethernet and Fast Ethernet switching modules provide high-density switching for both wiring closet and data-center applications.

Typically, the Catalyst 5000 series Ethernet modules connect workstations and repeaters at port connection speeds of 10 Mbps, and the Fast Ethernet modules connect workstations, servers, switches, and routers at port connection speeds up to 100 Mbps. The 10/100BaseTX Fast Ethernet Switching module supports autosensing and autonegotiation, which allows Catalyst 5000 series switches to negotiate the correct port connection speed (10 or 100 Mbps) and duplex mode (half or full duplex) with an attached device. Fast Ethernet connections can interconnect multiple Catalyst 5000 series switches on multiple floors in different buildings of a campus. Fast Ethernet connections can also act as redundant backup links between switches and can expand existing Ethernet networks that need additional capacity.

In addition, Fast EtherChannel modules provide parallel bandwidth of up to 800 Mbps between a Catalyst 5000 series switch and another switch or host by grouping multiple Fast Ethernet interfaces into a single logical transmission path.

The Catalyst 5000 series switch employs virtual LANs (VLANs) and Spanning-Tree Protocol on all Ethernet and Fast Ethernet ports.

For information on configuring the Ethernet and Fast Ethernet modules, including Spanning-Tree Protocol, refer to "Configuring Ethernet and Fast Ethernet Switching Modules." For information on configuring VLANs, refer to "Configuring VLANs."

CDDI/FDDI

Catalyst 5000 series switches support an optional CDDI/FDDI switching module. A/B port cards--which support single-mode optic fiber, multimode optic fiber, and CDDI/MLT-3 copper cabling--provide connectivity from the CDDI/FDDI interface to a variety of wiring plants. All A/B port cards allow you to configure the switch for single-attached, dual-attached, or dual-homed operation.

When configured as a single-attached station (SAS), either the Port A or Port B on the FDDI module is connected to an M port on a CDDI/FDDI concentrator. The concentrator is in turn connected to the CDDI/FDDI rings through its own A/B ports. When configured as a dual-attached station (DAS), both Ports A and B of the CDDI/FDDI module must be attached to the CDDI/FDDI ring cabling.

For information on configuring the CDDI/FDDI modules, refer to "Configuring the CDDI/FDDI Module."

ATM

Catalyst 5000 series ATM switching modules support ATM connectivity by using LANE technology. LANE allows an ATM network to model a LAN backbone for Ethernet switches. LANE, which is an ATM service defined by the ATM Forum specification "LAN Emulation over ATM," ATM_FORUM 94-0035, makes an ATM interface look like one or more Ethernet interfaces. It also allows upper-layer protocols that expect connectionless service to use connection-oriented ATM switches. LANE extends VLANs throughout the network by establishing point-to-point ATM virtual-circuit connections between switches on the same VLAN.

The following are LAN-specific characteristics:

• Connectionless services

• Multicast services

• LAN Media Access Control (MAC) driver services

For information on configuring the ATM module, refer to "Configuring the ATM Module."

RSM

The Catalyst 5000 series RSM is a Route/Switch Protocol-2 (RSP2)-based router module running Cisco IOS router software that plugs directly into the Catalyst 5000 series switch backplane.

From the perspective of the Catalyst 5000 series switch, the RSM appears as a module with a single trunked port and one MAC address. From the perspective of the user, the RSM has one port. This port is unlike other Catalyst 5000 switch line card ports in that it has no external attributes such as media type or speed. Within this trunk port, the RSM can route between VLANs and between optional port adapters in a Versatile Interface Processor (VIP) which can be installed in the neighboring slot.

For information on configuring the RSM, refer to "Configuring the Route Switch Module."

Supported Software Features

Catalyst 5000 series switches support the following software features:

• VLANs-- Allow you to control traffic flow by grouping end stations into administratively defined broadcast domains.

• Multicast Services-- Allow you to prevent traffic congestion on your network.

• Supervisor Resilience-- Allows you to establish resilient and fault-tolerant networks by using redundant supervisor modules and the Spanning-Tree Protocol.

• Network Security-- Allows you to establish MAC-address security by blocking input to an Ethernet or Fast Ethernet/Fast EtherChannel port, and to control access through Terminal Access Control Access Control System Plus (TACACS+).

• Network Management-- Allows you to configure and manage your network for optimal performance.

VLANs

A VLAN on a Catalyst 5000 series switch is an administratively defined broadcast domain. Only end stations within the VLAN receive packets that are unicast, broadcast, or multicast (flooded). A VLAN enhances performance by limiting traffic; it allows the transmission of traffic among stations that belong to it and blocks traffic from other stations in other VLANs. VLANs can provide security barriers (firewalls) between end stations on different VLANs within the same switch.

The VLAN feature includes the following components:

VLAN Trunks	Allows you to extend VLANs from one Catalyst 5000 series switch to one or more routers or other Catalyst 5000 series switches using high-speed interfaces, such as Fast Ethernet, FDDI, and ATM.
Load Sharing	Allows parallel Fast Ethernet Inter-Switch Link (ISL) trunks to split traffic between multiple trunks. By setting spanning-tree parameters on a VLAN basis, you can define which VLANs are active on a trunk and which use the trunk as a backup if the active trunk fails.
VLAN Trunk Protocol	Allows VLAN naming consistency and connectivity between all devices in a management domain. When new VLANs are added to a Catalyst 5000 series switch in a management domain, the VLAN Trunk Protocol (VTP) automatically distributes this information to all the devices in the management domain. The VTP is transmitted on all trunk connections, including ISL, 802.10, and ATM LANE. You can have redundancy in a network domain by using multiple VTP servers, through which you can maintain and modify the global VLAN information. Only a few VTP servers are required in a large network. All devices are normally VTP servers in a small network.
VTP Pruning	Limits the extent of packet forwarding through VLANs to specific areas of the network. VTP pruning constrains flooded traffic to only those trunks necessary to reach network devices on that VLAN. Although all packet types are received from a pruned VLAN, trunk ports send only Cisco Discovery Protocol (CDP), Spanning-Tree Protocol, and VTP packets to pruned VLANs. No other broadcast or flooded unicast frames are sent to pruned VLANs.
Dynamic Port VLAN Membership	Provides the flexibility to move a connection from a port on one device to a port on another device in the network while retaining the VLAN identity of the port.

For information on configuring VLANs, refer to "Configuring VLANs."

Multicast Services

Multicasting saves bandwidth by forcing the network to replicate packets only when necessary and by allowing hosts to join and leave groups dynamically.

The multicast services feature includes the following components:

Cisco Group Management Protocol	Manages multicast traffic in Catalyst 5000 series switches. IP multicast packets are filtered to go only to ports with a host interested in receiving each multicast address.
Broadcast/Multicast Suppression	Provides a means of limiting broadcast from any port and can prevent a switched port from being disrupted by a broadcast storm.

For information on configuring multicast services, refer to "Configuring Multicast Services."

Supervisor Resilience

The Catalyst 5500 switch offers the option of using two Supervisor Engine II modules to provide fault tolerance in mission-critical environments and to ensure switching resilience. The two supervisor modules are installed in slots 1 and 2 of the Catalyst 5500 chassis. When the switch is powered up, the supervisor module that comes up first enters active mode, while the second supervisor module goes to standby mode. All network management functions occur on the active supervisor. The Ethernet ports on the standby supervisor are inactive, in the same way that enabled ports on disabled modules are inactive. The console port on the standby supervisor module is also inactive.

If the active supervisor module detects a major problem, it resets itself. The standby supervisor detects that the active supervisor has been reset and becomes the active supervisor. When the resetting supervisor comes back up, it enters standby mode.

An LED on the supervisor module indicates its status. The LED is green when the supervisor module is in active mode, orange when it is in standby mode, and red if there is a redundancy error condition.

For information on configuring supervisor resilience, refer to "Understanding Supervisor Resilience."

Network Security

Network security allows you to control access to network resources to protect sensitive information from unauthorized users.

The network security feature includes the following components:

Secure Port Filtering	Allows Ethernet and Fast Ethernet switching modules to block input to an Ethernet or Fast Ethernet port when the MAC address of a station attempting to access the port is different from the configured or learned MAC address.
TACACS+ Protocol	Controls access to the NMP and determines the identity of a user by verifying a username with a password.
IP Permit List	Restricts incoming Telnet access to a limited list of IP addresses.

For information on configuring network security, refer to "Configuring Network Security."

Network Management

Catalyst 5000 series switches offer network management and control through the CLI or through alternative methods, such as CiscoWorks for Switched Internetworks (CWSI) and Simple Network Management Protocol (SNMP). The network management feature includes the following components:

CWSI	Provides tools for configuring Catalyst series switches.
SNMP	Facilitates the exchange of management information between network devices.
Remote Monitoring	Allows network monitors and console systems to exchange network monitoring data. The remote monitoring configuration can be stored in nonvolatile random-access memory (NVRAM).
Telnet Client Access	Allows a network manager to use the Telnet protocol to transition from the CLI of the switch to other devices on the network.
Cisco Discovery Protocol	Allows network management applications to retrieve the device type and SNMP-agent address of neighboring devices so that the applications can send SNMP queries to neighboring devices.
Switched Port Analyzer	Enables you to monitor traffic on any port for analysis by a sniffer or Remote Monitoring (RMON) probe.
Serial Line Protocol	Allows access to the Catalyst 5000 switch's administrative interface using Serial Line Internet Protocol (SLIP), which is a version of IP that runs over serial links.
System Message Logs	Allows you to redirect debug EXEC command output and system error messages from the NMP, as well as output from asynchronous events such as interface transition, to other destinations. These destinations include virtual terminals, internal buffers, and UNIX hosts running a syslog server; the syslog format is compatible with 4.3 BSD UNIX.
Network Time Protocol	Time-synchronizes Catalyst 5000 series switches by downloading the system time to all users. This synchronization allows events to be correlated when system logs are created and other time-specific events occur. Network Time Protocol (NTP) is off by default.
Domain Name System	Allows the resolution of host names through the Domain Name System protocol from a DNS server. This feature is available to all IP commands such as ping, unload, download, and outgoing telnet.
Login Banner	Allows you to create a single-line or multiline message banner that appears on your screen before session login. To create the message, you must be in privileged mode.
Multiple Module Download	Allows you to perform a single Trivial File Transfer Protocol (TFTP) download that updates all modules of the same type on a Catalyst 5000 series switch.

For information on network management and control features, refer to "Configuring Network Management."

Supported Internet Protocols

Catalyst 5000 series switches use the following standard Internet protocols:

• Address Resolution Protocol (ARP)--Determines the destination MAC address of a host using its known IP address.

• BOOTP--Allows the switch (BOOTP client) to retrieve its IP address from a BOOTP server. BOOTP uses connectionless transport layer User Datagram Protocol (UDP).

• Internet Control Message Protocol (ICMP)--Allows hosts to send error or control messages to other hosts. ICMP is a required part of IP. For example, the ping command uses ICMP echo requests to test if a destination is alive and reachable.

• Internet Protocol (IP)--Sends IP datagram packets between nodes on the Internet. IP is a protocol suite.

• Packet internet groper (ping)--Tests the accessibility of a remote site by sending it an ICMP echo request and waiting for a reply.

• Reverse Address Resolution Protocol (RARP)--Determines an IP address knowing only a MAC address. For example, BOOTP and RARP broadcast requests are used to get IP addresses from a BOOTP or RARP server.

• Serial Line Internet Protocol (SLIP)--Allows IP communications over the administrative interface. SLIP is a version of IP that runs over serial links.

• Simple Network Management Protocol (SNMP)--Processes requests for network management stations and reports exception conditions when they occur. These agents require access to information stored in a Management Information Base (MIB). (For more information, refer to the following section, "Supported MIBs.")

• Transmission Control Protocol (TCP)--Transports full-duplex, connection-oriented, end-to-end packets running on top of IP. For example, the Telnet protocol uses the TCP/IP protocol suite.

• Telnet--Allows remote access to the administrative interface of a switch over the network (in band). Telnet is a terminal emulation protocol.

• Trivial File Transfer Protocol (TFTP)--Downloads software updates and configuration files to workgroup switch products.

• User Datagram Protocol (UDP)--Allows an application (such as an SNMP agent) on one system to send a datagram to an application (a network management station using SNMP) on another system. UDP uses IP to deliver datagrams. UDP/IP protocol suites are used by TFTP and SNMP.

Supported MIBs

Catalyst 5000 series switches support the following standard and enterprise-specific MIBs:

• RFC 1155-1157 (SNMP v1)

• RFC 1213 (MIB II)

• RFC 1493 (Bridge MIB)

• RFC 1512 (FDDI MIB)

• RFC 1516 (SNMP-REPEATER-MIB)

• RFC 1573 (Interfaces MIB)

• RFC 1643 (MIB for Ethernet Interface; supersedes RFC 1398 t10)

• RFC 1757 (RMON MIB)

• CISCO-CDP-MIB

• CISCO-STACK-MIB

• CISCO-VTP-MIB

For more information about Cisco-proprietary MIBs, refer to "Workgroup MIB Reference."