|
|
This chapter describes how to configure Ethernet, Fast Ethernet, and Gigabit Ethernet switching on the Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches. The configuration tasks in this chapter apply to Ethernet, Fast Ethernet, and Gigabit Ethernet switch ports on switching modules and fixed-configuration switches, as well as to supervisor engine Fast Ethernet and Gigabit Ethernet uplink ports.
This chapter consists of these sections:
The Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches support simultaneous, parallel conversations between Ethernet segments. Switched connections between Ethernet segments last only for the duration of the packet. New connections can be made between different segments for the next packet.
The Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches solve congestion problems caused by high bandwidth devices and a large number of users by assigning each device (for example, a server) to its own 10-, 100-, or 1000-Mbps segment. Because each Ethernet port on the switch represents a separate Ethernet segment, servers in a properly configured switched environment achieve full access to the bandwidth.
Because the major bottleneck in Ethernet networks is usually due to collisions, an effective solution is full-duplex communication, an option for each port on the switches (Gigabit Ethernet ports only support full duplex). Normally, Ethernet operates in half-duplex mode, which means that stations can either receive or transmit. In full-duplex mode, two stations can transmit and receive at the same time. When packets can flow in both directions simultaneously, effective Ethernet bandwidth for Ethernet ports is 20 Mbps, for Fast Ethernet ports 200 Mbps, and for Gigabit Ethernet ports 2 Gbps.
Each Ethernet port on the switch can connect to a single workstation or server, or to a hub through which workstations or servers connect to the network.
Ports on a typical Ethernet hub all connect to a common backplane within the hub, and the bandwidth of the network is shared by all devices attached to the hub. If two stations establish a session that uses a significant level of bandwidth, the network performance of all other stations attached to the hub is degraded.
To reduce degradation, the Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches treat each port as an individual segment. When stations on different ports need to communicate, the switch forwards frames from one port to the other at wire speed to ensure that each session receives the full bandwidth available.
To switch frames between ports efficiently, the switch maintains an address table. When a frame enters the switch, it associates the Media Access Control (MAC) address of the sending station with the port on which it was received.
The switch builds the address table by using the source address of the frames received. When the switch receives a frame for a destination address not yet listed in its address table, it floods the frame to all ports of the same virtual LAN (VLAN) except the port that received the frame. When the destination station replies, the switch adds its relevant source address and port ID to the address table. The switch then forwards subsequent frames to a single port without flooding to all ports.
The address table can store at least 16,000 address entries without flooding any entries. The switch uses an aging mechanism, defined by a configurable aging timer, so if an address remains inactive for a specified number of seconds, it is removed from the address table.
Table 4-1 shows the Ethernet, Fast Ethernet, and Gigabit Ethernet default configuration.
| Feature | Default Value |
|---|---|
Port enable state | All ports are enabled |
Port name | None |
Port priority | Normal |
Duplex mode |
|
Flow control (Gigabit Ethernet only) | Flow control set to off for receive (Rx) and desired for transmit (Tx) |
Link negotiation protocol (Gigabit Ethernet only) | Enabled |
Spanning-Tree Protocol | Enabled for VLAN 1 |
Native VLAN | VLAN 1 |
Port VLAN cost |
|
Fast EtherChannel | Disabled on all Fast Ethernet ports (auto mode) |
Gigabit EtherChannel | Disabled on all Gigabit Ethernet ports (auto mode) |
These sections describe how to configure Ethernet, Fast Ethernet, and Gigabit Ethernet switching ports on the Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches:
You can assign names to the ports on Ethernet, Fast Ethernet, and Gigabit Ethernet modules to facilitate switch administration.
To assign a name to a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Assign a name to a port. | set port name mod_num/port_num [name_string] |
Step 2 Verify that the port name is configured. | show port [mod_num[/port_num]] |
This example shows how to set the name for ports 1/1 and 1/2 and how to verify that the port names are configured correctly:
Console> (enable) set port name 1/1 Router Connection Port 1/1 name set. Console> (enable) set port name 1/2 Server Link Port 1/2 name set. Console> (enable) show port 1 Port Name Status Vlan Level Duplex Speed Type ----- ------------------ ---------- ---------- ------ ------ ----- ------------ 1/1 Router Connection connected trunk normal half 100 100BaseTX 1/2 Server Link connected trunk normal half 100 100BaseTX <...output truncated...> Last-Time-Cleared -------------------------- Tue Jun 16 1998, 16:25:57 Console> (enable)
You can configure the priority level of each port. When ports request access to the switching bus simultaneously, the switch uses the port priority level to determine the order in which ports are given access.
To set the port priority level, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Configure the priority level for a port. | set port level mod_num/port_num {normal | high} |
Step 2 Verify that the port priority level is configured correctly. | show port [mod_num[/port_num]] |
This example shows how to set the port priority level to high for port 1/1 and verify that the port priority is configured correctly:
Console> (enable) set port level 1/1 high Port 1/1 level set to high. Console> (enable) show port 1 Port Name Status Vlan Level Duplex Speed Type ----- ------------------ ---------- ---------- ------ ------ ----- ------------ 1/1 Router Connection connected trunk high half 100 100BaseTX 1/2 Server Link connected trunk normal half 100 100BaseTX <...output truncated...> Last-Time-Cleared -------------------------- Tue Jun 16 1998, 16:25:57 Console> (enable)
You can configure the port speed on 10/100-Mbps Fast Ethernet modules. Use the auto keyword to have the port autonegotiate speed and duplex mode with the neighboring port.
 | Caution Make sure the device on the other end of the link is also configured for autonegotiation or a port speed or duplex mismatch will result. |
To set the port speed for a 10/100-Mbps port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Set the port speed of a 10/100-Mbps Fast Ethernet port. | set port speed mod num/port num {10 | 100 | auto} |
Step 2 Verify that the speed of the port is configured correctly. | show port [mod_num[/port_num]] |
This example shows how to set the port speed to 100 Mbps on port 2/2:
Console> (enable) set port speed 2/2 100 Port 2/2 speed set to 100 Mbps. Console> (enable)
This example shows how to make port 2/1 autonegotiate speed and duplex with the neighbor port:
Console> (enable) set port speed 2/1 auto Port 2/1 speed set to auto-sensing mode. Console> (enable)
You can set the port duplex mode to full or half duplex for Ethernet and Fast Ethernet ports.
To set the duplex mode of a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Set the duplex mode of a port. | set port duplex mod num/port num {full | half} |
Step 2 Verify that the duplex mode of the port is configured correctly. | show port [mod_num[/port_num]] |
This example shows how to set the duplex mode to half duplex on port 2/1:
Console> (enable) set port duplex 2/1 half Port 2/1 set to half-duplex. Console> (enable)
Use the ping and traceroute commands to test connectivity out Ethernet, Fast Ethernet, or Gigabit Ethernet ports.
To check connectivity out a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Ping a remote host that is located out the port you want to test. | ping [-s] host [packet_size] [packet_count] |
Step 2 Trace the hop-by-hop route of packets from the switch to a remote host located out the port you want to test. | traceroute host |
Step 3 If the host is unresponsive, check the IP address and default gateway configured on the switch. | show interface |
This example shows how to ping a remote host and how to trace the hop-by-hop path of packets through the network using traceroute:
Console> (enable) ping somehost somehost is alive Console> (enable) traceroute somehost traceroute to somehost.company.com (10.1.2.3), 30 hops max, 40 byte packets 1 engineering-1.company.com (173.31.192.206) 2 ms 1 ms 1 ms 2 engineering-2.company.com (173.31.196.204) 2 ms 3 ms 2 ms 3 gateway_a.company.com (173.16.1.201) 6 ms 3 ms 3 ms 4 somehost.company.com (10.1.2.3) 3 ms * 2 ms Console> (enable)
This section describes how to configure features specific to Gigabit Ethernet ports.
These sections describe how to configure Gigabit Ethernet ports:
All Gigabit Ethernet ports can respond to flow-control frames (pause frames) received from neighboring devices by inhibiting the transmission of packets from each port for a period of time. When a pause frame is received on a port, it is processed internally; pause frames are not switched through the system.
Except for ports on the Gigabit EtherChannel module (WS-X5410), Gigabit Ethernet ports on the Catalyst 5000 and 2926G series switches can transmit pause frames to neighboring devices. If the receive buffer for a port becomes full, the module transmits a pause packet on that port that tells remote devices to delay sending more packets for a specified period of time.
Use the set port flow control command to configure flow control on Gigabit Ethernet ports. Table 4-2 describes the flow-control behavior of a Gigabit Ethernet port depending on the set port flowcontrol command keywords used to configure the port.
| Keywords | Gigabit Ethernet Ports | Gigabit EtherChannel Ports1 |
|---|---|---|
receive on | The port uses flow control dictated by the neighbor port. | The port operates with an attached device that is required to send flow-control packets, or with an attached device that is not required to but might send flow-control packets. |
receive desired | The port uses flow control if the neighbor port uses it, and does not use flow control if the neighbor port does not use it. | The port operates with an attached device that is required to send flow-control packets, or with an attached device that is not required to but might send flow-control packets. |
receive off | The port does not use flow control, regardless of whether flow control is requested by the neighbor port. | The port discards received flow-control frames without processing them. If negotiation is enabled, the port advertises that it refuses to accept flow-control frames. This can cause the remote device not to send flow-control frames, or if the attached device is configured to send flow-control frames unconditionally, it can prevent the link from coming up. |
send on | The port sends flow-control frames to the neighbor port. | The local port advertises that it will send flow-control frames. |
send desired | The port sends flow-control frames to the neighbor port if the neighbor port asks to use flow control. | The local port advertises that it will send flow-control frames if the attached device elects to receive them. |
send off | The port does not send flow-control frames to the neighbor port. | The local port advertises that it will never send flow-control frames. |
| 1Catalyst 5000 series WS-X5410 module and Catalyst 4000 and 2948G series Gigabit Ethernet ports only. |
To configure flow control on a Gigabit Ethernet port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Set the flow-control parameters on a Gigabit Ethernet port. | set port flowcontrol {receive | send} mod_num/port_num {off | on | desired} |
Step 2 Verify the flow-control configuration. | show port flowcontrol |
This example shows how to turn transmit and receive flow control on and how to verify the flow-control configuration:
Console> (enable) set port flowcontrol send 3/1 on
Port 3/1 will send flowcontrol to far end.
Console> (enable) set port flowcontrol receive 3/1 on
Port 3/1 will require far end to send flow control
Console> (enable) show port flowcontrol
Port Send-Flowcontrol Receive-Flowcntl RxPause TxPause
Admin Oper Admin Oper
----- ---------------- ---------------- ------- -------
3/1 on disagree on disagree 0 0
3/2 off off off off 0 0
3/3 desired on desired off 10 10
Console> (enable)
| Caution Unlike autonegotiation with 10/100 Fast Ethernet, Gigabit Ethernet autonegotiation does not involve negotiating port speed. You cannot disable autonegotiation using the set port speed command. |
With Gigabit Ethernet ports, autonegotiation is used to exchange flow-control parameters, remote fault information, and duplex information (even though Cisco Gigabit Ethernet ports only support full-duplex mode). With Gigabit Ethernet ports, you configure autonegotiation using the set port negotiation command. Gigabit Ethernet port negotiation is enabled by default.
The ports on both ends of a Gigabit Ethernet link must have the same setting. The link will not come up if the ports at each end of the link are set inconsistently (link negotiation enabled on one port and disabled on the other). Table 4-3 shows the four possible autonegotiation configurations for a Gigabit Ethernet link and the resulting link status for each configuration.
| Autonegotiation State | Link Status | ||
| Near End1 | Far End2 | Near End | Far End |
Off | Off | Up | Up |
On | On | Up | Up |
Off | On | Up | Down |
On | Off | Down | Up |
| 1Near End refers to the local Gigabit EtherChannel module port. 2Far End refers to the remote port at the other end of the Gigabit link. |
To enable link negotiation on a Gigabit Ethernet port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable Gigabit Ethernet link negotiation. | set port negotiation mod_num/port_num enable |
Step 2 Verify the link negotiation configuration. | show port negotiation [mod_num/port_num] |
This example shows how to enable port negotiation and verify the configuration:
Console> (enable) set port negotiation 5/1 enable Port 5/1 negotiation enabled. Console> (enable) show port negotiation 5/1 Port Link Negotiation ------- -------------------- 5/1 enabled Console> (enable)
To disable link negotiation on a Gigabit Ethernet port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Disable Gigabit Ethernet link negotiation. | set port negotiation mod_num/port_num disable |
Step 2 Verify the link negotiation configuration. | show port negotiation [mod_num/port_num] |
These sections describe how to configure protocol filtering on Catalyst 5000 series Ethernet-type VLANs and on Ethernet, Fast Ethernet, and Gigabit Ethernet ports:
Protocol filtering prevents certain protocol traffic from being forwarded out switch ports. Broadcast and unicast flood traffic is filtered based on the membership of ports in different protocol groups. This filtering is in addition to the filtering provided by port-VLAN membership. Protocol filtering is supported only on nontrunking Ethernet, Fast Ethernet, and Gigabit Ethernet ports.
Trunking ports are always members of all protocol groups. Filtering is not performed on trunk ports; therefore, there are no interoperability issues with switches without an NFFC. Layer 2 protocols, such as Spanning-Tree Protocol (STP) and Cisco Discovery Protocol (CDP), are not affected by protocol filtering. Dynamic ports and ports that have port security enabled are members of all protocol groups.
You can configure a port with any one of these modes for each protocol group: on, off, or auto. If the configuration is set to on, the port receives all the flood traffic for that protocol. If the configuration is set to off, the port does not receive any flood traffic for that protocol.
If the configuration is set to auto, the port is added to the group only after packets of the specific protocol are received on that port. With autolearning, ports become members of the protocol group only after receiving packets of the corresponding protocol from the device attached to that port. Autoconfigured ports are removed from the protocol group if no packets are received for that protocol within 60 minutes. Ports are also removed from the protocol group when the supervisor engine detects that the link is down on the port.
For example, if a host that supports both IP and Internetwork Packet Exchange (IPX) is connected to a switch port configured as auto for IPX, but the host is transmitting only IP traffic, the port to which the host is connected will not forward any IPX flood traffic to the host. However, if the host sends an IPX packet, the supervisor engine software detects the protocol traffic and the port is added to the IPX group, allowing the port to receive IPX flood traffic. If the host stops sending IPX traffic for more than 60 minutes, the port is removed from the IPX protocol group.
By default, ports are configured to on for the IP protocol group. Typically, you should only configure a port to auto for IP if there is a directly connected end station out the port. The default port configuration for IPX and Group is auto.
On the Catalyst 5000, 2926G, and 2926 series switches, packets are classified into the following protocol groups:
On the Catalyst 4000 and 2948G series switches, packets are classified into the following protocol groups:
Table 4-4 shows the default protocol filtering configuration.
| Feature | Default Value |
|---|---|
Protocol filtering | Disabled |
ip mode | on |
ipx mode | auto |
group mode | auto |
Protocol filtering requires the following hardware and software:
To configure protocol filtering on Ethernet, Fast Ethernet, or Gigabit Ethernet ports, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable protocol filtering on the switch. | set protocolfilter enable |
Step 2 Set the protocol membership of the desired ports. | set port protocol mod_num/port_num {ip | ipx | group} {on | off | auto} |
Step 3 Verify the port filtering configuration. | show port protocol [mod_num[/port_num]] |
This example shows how to enable protocol filtering, set the protocol membership of ports, and verify the configuration:
Console> (enable) set protocolfilter enable Protocol filtering enabled on this switch. Console> (enable) set port protocol 7/1-4 ip on IP protocol set to on mode on ports 7/1-4. Console> (enable) set port protocol 7/1-4 ipx off IPX protocol disabled on ports 7/1-4. Console> (enable) set port protocol 7/1-4 group auto Group protocol set to auto mode on ports 7/1-4. Console> (enable) show port protocol 7/1-4 Port Vlan IP IP Hosts IPX IPX Hosts Group Group Hosts -------- ---------- -------- -------- -------- --------- -------- ----------- 7/1 4 on 1 off 0 auto-off 0 7/2 5 on 1 off 0 auto-on 1 7/3 2 on 1 off 0 auto-off 0 7/4 4 on 1 off 0 auto-on 1 Console> (enable)
To disable protocol filtering, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable protocol filtering on the switch. | set protocolfilter disable |
|
|