Table of Contents

Catalyst 5000 Series Switches
Catalyst 4000 Series Switches
Catalyst 2948G Series Switches
Catalyst 2926G Series Switches
Supervisor Engine Software
Supported Software Features

Spanning-Tree Protocol
Virtual LANs
VLAN Trunks
EtherChannel Port Bundles
Network Security
Network Management
Multicast Services
Broadcast/Multicast Suppression
Administrative Features
Multilayer Switching and NetFlow Data Export
Redundant Supervisor Operation

Supported Internet Protocols
Supported MIBs

Product Overview

The Catalyst 5000, 4000, 2948G, and 2926G series switches facilitate the migration from traditional shared-hub LANs to large-scale, fully integrated internetworks. These switches provide switched connections to individual workstations, servers, LAN segments, backbones, or other switches using a variety of media.

This chapter consists of these sections:

• Catalyst 5000 Series Switches

• Catalyst 4000 Series Switches

• Catalyst 2948G Series Switches

• Catalyst 2926G Series Switches

• Supervisor Engine Software

• Supported Software Features

• Supported Internet Protocols

• Supported MIBs

Catalyst 5000 Series Switches

Table 1-1: Catalyst 5000 Series Switches

Product Number	Chassis Description
WS-C5002	Catalyst 5002 Modular 2-slot chassis Redundant fixed power supplies 1.2 Gbps backplane
WS-C5000	Catalyst 5000 Modular 5-slot chassis Optional redundant power supplies 1.2 Gbps backplane
WS-C5505	Catalyst 5505 Modular 5-slot chassis Optional redundant power supplies 3.6 Gbps backplane
WS-C5509	Catalyst 5509 Modular 9-slot chassis Optional redundant power supplies 3.6 Gbps backplane
WS-C5500	Catalyst 5500 Modular 13-slot chassis Optional redundant power supplies 3.6 Gbps backplane

Catalyst 4000 Series Switches

Table 1-2: Catalyst 4000 Series Switches

Product Number	Chassis Description
WS-C4003	Catalyst 4003 Modular 3-slot chassis Optional redundant fixed power supplies
WS-C4912	Catalyst 4912G Fixed configuration switch Optional redundant power supplies 12 1000BaseX (GBIC) Gigabit Ethernet ports

Catalyst 2948G Series Switches

Catalyst 2926G Series Switches

Table 1-4: Catalyst 2926G Series Switches

Product Number	Chassis Description
WS-C2926GS	Catalyst 2926GS Fixed configuration switch NFFC Two 1000BaseSX uplinks and 24 10/100BaseTX ports
WS-C2926GL	Catalyst 2926GL Fixed configuration switch NFFC Two 1000BaseLX/LH uplinks and 24 10/100BaseTX ports

Supervisor Engine Software

The supervisor engine software is factory installed on every supervisor engine module or fixed-configuration switch. Some modules (such as FDDI and ATM modules) require an additional software image which is factory installed on the module.

The Catalyst 5000, 4000, 2948G, and 2926G series switches share a command-line interface (CLI) with which you can configure modules and ports on the switches. For more information, see "Command-Line Interfaces." For descriptions of the available CLI commands, refer to the Command Reference for your switch.

Supported Software Features

The Catalyst 5000, 4000, 2948G, and 2926G series switches support these software features:

• Spanning-Tree Protocol

• Virtual LANs

• VLAN Trunks

• EtherChannel Port Bundles

• Network Security

• Network Management

• Multicast Services

• Broadcast/Multicast Suppression

• Administrative Features

• Multilayer Switching and NetFlow Data Export

• Redundant Supervisor Operation

Spanning-Tree Protocol

The Spanning-Tree Protocol (STP) allows you to create fault-tolerant internetworks that ensure an active, loop-free data path between all nodes in the network. STP uses an algorithm to calculate the best loop-free path throughout a switched network.

The Catalyst 5000, 4000, 2948G, and 2926G series switches support the following spanning-tree enhancements:

• Spanning-tree PortFast---PortFast allows a port with a directly attached host to transition to forwarding state immediately, bypassing the listening and learning states.

• Spanning-tree UplinkFast---UplinkFast provides fast convergence after a spanning-tree topology change and achieves load balancing between redundant links using uplink groups. Uplink groups provide an alternate path in case the currently forwarding link fails. UplinkFast is designed to decrease spanning-tree convergence time for switches that experience a direct link failure.

• Spanning-tree BackboneFast---BackboneFast reduces the time needed for the spanning tree to converge after experiencing a topology change caused by an indirect link failure. BackboneFast decreases spanning-tree convergence time for any switch that experiences an indirect link failure.

For information on configuring STP, see "Configuring Spanning Tree." For information on configuring the STP enhancements, see "Configuring Spanning-Tree PortFast, UplinkFast, and BackboneFast."

Virtual LANs

A virtual LAN (VLAN) is an administratively defined broadcast domain. A VLAN enhances performance by limiting traffic; it allows the transmission of traffic among stations that belong to it and blocks traffic from other stations in other VLANs. VLANs can provide security barriers (firewalls) between end stations on different VLANs within the same switch. Only end stations within the VLAN receive packets that are unicast, broadcast, or multicast (flooded).

These VLAN-related features are also supported on the switches:

• VLAN Trunk Protocol (VTP)---VTP maintains VLAN naming consistency and connectivity between all devices in the VTP management domain. When you add new VLANs on a switch, VTP distributes this information automatically to all the devices in the management domain. VTP is transmitted on all trunk connections, including ISL, 802.1Q, 802.10, and ATM LANE. You can have redundancy in a domain by using multiple VTP servers, through which you can maintain and modify the global VLAN information. Only a few VTP servers are required in a large network.

• GARP VLAN Registration Protocol (GVRP)---GVRP is an industry-standard VLAN management protocol specified in IEEE 802.1p for use in IEEE 802.1Q environments.

• VLAN Management Policy Server (VMPS)---You can assign VLAN port membership dynamically using VMPS. VLAN membership is determined based on the MAC address of the station attached to the port.

For information on configuring VTP, see "Configuring VTP." For information on configuring VLANs, see "Configuring VLANs." For information on configuring GVRP, see "Configuring GVRP." For information on configuring dynamic VLAN port membership using VMPS, see "Configuring Dynamic Port VLAN Membership with VMPS."

VLAN Trunks

You can extend VLANs from one switch to another, or from a switch to a router, using VLAN trunks over high-speed interfaces, such as Fast Ethernet, Gigabit Ethernet, FDDI, and ATM. Table 1-5 shows which trunking methods are supported on which platforms. Trunking capabilities are hardware dependent. Not all hardware of the types listed in Table 1-5 supports all trunking methods available on that hardware type. For example, not all Gigabit Ethernet ports support ISL trunking. To verify the trunking capabilities of a particular port, see the hardware documentation for your switch or use the show port capabilities command.

Table 1-5: Supported Trunking Methods

Trunking Method	Catalyst 5000 Series	Catalyst 4000 Series	Catalyst 2948G Series	Catalyst 2926G Series
ISL1---Fast Ethernet and Gigabit Ethernet ports	Yes	No	No	Yes
IEEE 802.1Q---Fast Ethernet and Gigabit Ethernet ports	Yes	Yes	Yes	Yes
IEEE 802.10---FDDI2/CDDI3 ports	Yes	No	No	No
LANE---ATM ports	Yes	No	No	No

1ISL=InterSwitch Link 2FDDI=Fiber Distributed Data Interface 3CDDI=Copper Distributed Data Interface

You can split VLAN traffic between parallel trunks. By setting spanning-tree parameters on a per-VLAN basis, you can define which VLANs are active on a trunk and which use the trunk as a backup if the primary trunk fails.

For information on configuring trunks, see the following sections:

• For information on configuring ISL and 802.1Q Fast Ethernet and Gigabit Ethernet VLAN trunks, see "Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports."

• For information on configuring ATM LANE, see "Configuring ATM LAN Emulation."

• For information on configuring FDDI 802.10 trunks, see "Configuring FDDI 802.10 Trunks."

EtherChannel Port Bundles

Fast and Gigabit EtherChannel port bundles allow you to create high-bandwidth connections between two switches by grouping multiple ports into a single logical transmission path.

For information on configuring EtherChannel, see "Configuring Fast EtherChannel and Gigabit EtherChannel."

Network Security

The switches support these network security features:

• Local, RADIUS, and TACACS+ authentication---You can control access to the switch using any combination of these authentication methods. RADIUS and TACACS+ determine the identity of a user by authenticating a username with a password. For information on configuring authentication, see "Controlling Access to the Switch Using Authentication."

• Secure port filtering---You can block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of a station attempting to access the port is different from the configured or learned MAC address. For information on secure port filtering, see "Configuring Secure Port Filtering."

• IP permit list---You can restrict incoming Telnet and SNMP access to a limited list of IP addresses. For information on IP permit list, see "Configuring IP Permit List."

Network Management

The Catalyst 5000, 4000, 2948G, and 2926G series switches offer network management and control through the CLI or through alternative methods, such as CWSI and SNMP. The switch software supports these network management features:

• SNMP---This protocol facilitates the exchange of management information between network devices. Catalyst 5000 series switches support these SNMP types and enhancements:

  • SNMP---Simple Network Management Protocol, a Full Internet Standard

  • SNMP v2C---Community-based administrative framework for Version 2 of SNMP

  • SNMP trap message enhancements---Additional information with certain SNMP trap messages, including spanning-tree topology change and configuration change notifications.

For information on SNMP, see "Configuring SNMP."

• Remote Monitoring (RMON)---This protocol allows network monitors and console systems to exchange network monitoring data. The following RMON enhancements are supported:

  • Extended RMON alarms---RMON alarms for all Management Information Base (MIB) objects supported by the Catalyst 5000 series SNMP agent.

  • RMON2 configuration group---The RMON2 configuration group trap destinations MIB defined in RFC 2021. When you generate a trap, it is sent to all the hosts configured in the sysTrapReceiverTable and the trapDestTable, and is registered at the given User Datagram Protocol (UDP) port.

For information on RMON, see "Configuring RMON."

• Switched Port Analyzer (SPAN)---SPAN allows you to monitor traffic on any port for analysis by a network analyzer or RMON probe. For information on SPAN, see "Configuring SPAN."

• System message logs---You can redirect system error messages, and output from asynchronous events such as interface transition, to a virtual terminal, internal buffers, or a UNIX host running a syslog server. The syslog format is compatible with 4.3 BSD UNIX. For information on system message logging, see "Configuring System Message Logging."

• Switch TopN reports---This feature allows you to generate a report showing metrics for port utilization, broadcasts, multicasts, unicasts, and errors. Reports are available through either SNMP or the CLI. The Switch TopN Reports utility cannot be used to generate reports on ATM or RSM ports. For information on switch TopN reports, see "Using Switch TopN Reports."

For a list of MIBs supported on the Catalyst 5000, 4000, 2948G, and 2926G series switches, see the "Supported MIBs" section. For additional information, refer to the "Enterprise MIB User Quick Reference," on Cisco Connection Online (http://www.cisco.com).

Multicast Services

Multicasting saves bandwidth by forcing the network to replicate packets only when necessary and by allowing hosts to join and leave groups dynamically. These multicast services are supported:

• Cisco Group Management Protocol (CGMP)---CGMP manages multicast traffic. Multicast traffic is forwarded only to ports with attached hosts interested in receiving the multicast traffic.

• Internet Group Management Protocol (IGMP) snooping---IGMP snooping manages multicast traffic. The switch software examines IP multicast packets and makes forwarding decisions based on their content. Multicast traffic is forwarded only to ports with attached hosts interested in receiving the multicast traffic. IGMP snooping is supported only with specific hardware.

• GARP Multicast Registration Protocol (GMRP)---GMRP is an industry-standard multicast group membership protocol specified in IEEE 802.1p.

For information on configuring multicast services, see "Configuring Multicast Services."

Broadcast/Multicast Suppression

Broadcast/multicast suppression controls excessive broadcast and multicast traffic in the network. You can limit the number of broadcasts and multicasts from switch ports to prevent congestion caused by broadcast storms. For information on configuring broadcast/multicast suppression, see "Configuring Broadcast/Multicast Suppression."

Administrative Features

These administrative features are supported:

• Multiple default IP gateways---You can configure up to three default IP gateways to provide redundancy. In the event that the primary gateway is not reachable, the switch uses the secondary default IP gateways in the order in which they were configured. For information on configuring default gateways, see "Configuring the Supervisor Engine Software."

• Domain Name System (DNS)---This protocol resolves IP addresses to host names. In addition, a Catalyst 5000 series switch populates the system name string based on the switch IP address-to-host name mapping in DNS. For information on configuring default gateways, see "Configuring DNS."

• Cisco Discovery Protocol (CDP)---This protocol discovers and learns information about neighboring Cisco devices on the network. Network management applications can use CDP to retrieve the device type and SNMP-agent address of neighboring devices so the applications can send SNMP queries to neighboring devices. For information on configuring default gateways, see "Configuring CDP."

• Network Time Protocol (NTP)---This protocol time-synchronizes switches by downloading the system time from an NTP server. Synchronization allows events to be correlated when system logs are created and other time-specific events occur. For information on configuring default gateways, see "Configuring NTP."

Multilayer Switching and NetFlow Data Export

Multilayer Switching (MLS) scales Layer 3 performance to high-performance link speeds by extending the MLS concept introduced in Cisco IOS software to LAN switching hardware. MLS requires a Catalyst 5000 series switch with a Supervisor Engine III and NetFlow Feature Card (NFFC) or NFFC II. NetFlow Data Export allows you to export MLS flow information to an RMON probe for analysis.

There are three MLS feature sets supported:

• IP unicast MLS

• IP multicast MLS

• IPX unicast MLS

For information on configuring IP MLS, refer to "Configuring IP Multilayer Switching." For information on configuring IP multicast MLS, refer to "Configuring IP Multicast Multilayer Switching." For information on configuring IPX MLS, refer to "Configuring IPX MLS." For information on configuring NDE, refer to "Configuring NetFlow Data Export."

Redundant Supervisor Operation

Catalyst 5505, 5509, and 5500 switches support an optional redundant supervisor engine module. You can install two Supervisor Engine II, two Supervisor Engine III, or two Supervisor Engine III F modules in slots 1 and 2 of the chassis. When the switch powers up, the supervisor module that comes up first enters active mode, while the second supervisor module enters standby mode.

All network management functions occur on the active supervisor. The console port on the standby supervisor module is inactive. However, in Catalyst 5000 series software release 4.1 and later, the uplink ports on the standby supervisor are active and can be used as normal switch ports.

If the active supervisor module detects a major problem, it resets itself and the standby supervisor seamlessly becomes the active supervisor.

For information on how supervisor redundancy works, see "Using Redundant Supervisor Engines."

Supported Internet Protocols

The Catalyst 5000, 4000, 2948G, and 2926G series switches support these standard Internet protocols:

• Address Resolution Protocol (ARP)---Determines the destination MAC address of a host using its known IP address.

• Bootstrap Protocol (BOOTP)---Allows the switch (BOOTP client) to retrieve its IP address from a BOOTP server. BOOTP uses connectionless transport layer UDP.

• Internet Control Message Protocol (ICMP)---Allows hosts to send error or control messages to other hosts. ICMP is a required part of IP. For example, the ping command uses ICMP echo requests to test if a destination is alive and reachable.

• IP---Sends IP datagram packets between nodes on the Internet. IP is a protocol suite.

• Packet internet groper (ping)---Tests the accessibility of a remote site by sending an ICMP echo request and waiting for a reply.

• Reverse Address Resolution Protocol (RARP)---Determines an IP address knowing only a MAC address. For example, BOOTP and RARP broadcast requests are used to get IP addresses from a BOOTP or RARP server.

• SLIP---Allows IP communications over the administrative interface. SLIP is a version of TCP/IP that runs over serial links.

• SNMP---Processes requests for network management stations and reports exception conditions when they occur. These agents require access to information stored in a MIB. (For more information, see the "Network Management" section.)

• TCP---Transports full-duplex, connection-oriented, end-to-end packets running on top of IP. For example, Telnet uses the TCP/IP protocol suite.

• Telnet---Allows remote access to the administrative interface of a switch over the network (in band). Telnet is a terminal emulation protocol.

• Trivial File Transfer Protocol (TFTP)---Downloads software updates and configuration files to workgroup switch products.

• UDP---Allows an application (such as an SNMP agent) on one system to send a datagram to an application (a network management station using SNMP) on another system. UDP uses IP to deliver datagrams. UDP/IP protocol suites are used by TFTP and SNMP.

Supported MIBs

This section lists the supported MIBs in each supervisor engine software release. MIBs related to features or media types are supported only on those platforms that support those features or media types (for example, the TOKENRING-MIB is not supported on switches with no Token Ring modules).

For additional information on MIBs, RMON groups, and traps, refer to the Cisco public MIB directory (http://www.cisco.com/public/mibs/) and the "Enterprise MIB User Quick Reference," on Cisco Connection Online (CCO).

Table 1-6 shows the supported MIB objects for the supervisor engine software releases. Table 1-7 shows the supported MIB objects for the ATM software releases.

Table 1-6: Supported MIB Objects by Supervisor Engine Software Release

Software Release 5.1 and later
	CISCO-SYSLOG-MIB
	CISCO-PROCESS-MIB
	Show Port Capabilities MIB
	Config File Management MIB
	Switch TopN MIB
	Trace Route MIB
	Multiple Default Gateways MIB
	CISCO-STP-EXTENSIONS-MIB enhancements
	CISCO-IMAGE-MIB
	ENTITY-MIB
Software Release 4.1 and later
	CISCO-MEMORY-POOL-MIB
	CISCO-SWITCH-ENGINE-MIB
	ENTITY-MIB (RFC 2037)
	RMON2-MIB (RFC 2021)
Software Release 3.1 and later
	CISCO-FLASH-MIB
	CISCO-STP-EXTENSIONS-MIB
	CISCO-VLAN-MEMBERSHIP-MIB
	SOURCE-ROUTING-MIB (RFC 1525)
	TOKEN-RING-RMON-MIB (RFC 1513)
	TOKENRING-MIB (RFC 1748)
Software Release 2.3 and later
	CISCO-VMPS-MIB
Software Release 2.2 and later
	CISCO-VLAN-BRIDGE-MIB
Software Release 2.1 and later
	CISCO-VTP-MIB
	RMON-MIB (RFC 1757)
	SNMP-REPEATER-MIB (RFC 1516)
Software Release 1.3 and later
	FDDI-SMT73-MIB (RFC 1512)
All Software Releases
	BRIDGE-MIB (RFC 1493)
	CISCO-CDP-MIB
	CISCO-STACK-MIB
	ETHERLIKE-MIB (RFC 1643)
	IF-MIB (RFC 1573)
	RFC1213-MIB (MIB-II)

Table 1-7: Supported MIB Objects by ATM Module Software Release

Software Release 3.2(2) and later
	CISCO-ATM-DUAL-PHY-MIB
Software Release 51.1 and later
	CISCO-ATM-DUAL-PHY-MIB
	CISCO-ATM-PVC-MIB

Posted: Mon Jul 19 12:58:27 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.