|
|
This chapter describes how to use the command-line interface (CLI) to configure Ethernet, Fast Ethernet, and Gigabit Ethernet switching on the Catalyst 6000 and 6500 series switches. The configuration tasks in this chapter apply to Ethernet, Fast Ethernet, and Gigabit Ethernet switching modules, as well as to the uplink ports on the supervisor engine.
This chapter consists of these sections:
The Catalyst 6000 and 6500 series switches support simultaneous, parallel connections between Ethernet segments. Switched connections between Ethernet segments last only for the duration of the packet. New connections can be made between different segments for the next packet.
The Catalyst 6000 and 6500 series switches solve congestion problems caused by high-bandwidth devices and a large number of users by assigning each device (for example, a server) to its own 10-, 100-, or 1000-Mbps segment. Because each Ethernet port on the switch represents a separate Ethernet segment, servers in a properly configured switched environment achieve full access to the bandwidth.
Because collisions are a major bottleneck in Ethernet networks, an effective solution is full-duplex communication, which is an option for any 10- or 100-Mbps port on a Catalyst 6000 or 6500 series switch (Gigabit Ethernet ports are always full duplex). Normally, Ethernet operates in half-duplex mode, which means that stations can either receive or transmit. In full-duplex mode, two stations can transmit and receive at the same time. When packets can flow in both directions simultaneously, effective Ethernet bandwidth doubles to 20 Mbps for 10-Mbps ports and to 200 Mbps for Fast Ethernet ports. Gigabit Ethernet ports on Catalyst 6000 series and 6500 series switches are full-duplex only (2 Gbps effective bandwidth).
Each Ethernet port on a Catalyst 6000 or 6500 series switch can connect to a single workstation or server, or to a hub through which workstations or servers connect to the network.
Ports on a typical Ethernet hub all connect to a common backplane within the hub, and the bandwidth of the network is shared by all devices attached to the hub. If two stations establish a session that uses a significant level of bandwidth, the network performance of all other stations attached to the hub is degraded.
To reduce degradation, the switch treats each port as an individual segment. When stations on different ports need to communicate, the switch forwards frames from one port to the other at wire speed to ensure that each session receives full bandwidth.
To switch frames between ports efficiently, the switch maintains an address table. When a frame enters the switch, it associates the Media Access Control (MAC) address of the sending station with the port on which it was received.
The Catalyst 6000 and 6500 series switches build the address table by using the source address of the frames received. When the switch receives a frame for a destination address not listed in its address table, it floods the frame to all ports of the same virtual LAN (VLAN) except the port that received the frame. When the destination station replies, the switch adds its relevant source address and port ID to the address table. The switch then forwards subsequent frames to a single port without flooding to all ports.
The address table can store at least 16,000 address entries without flooding any entries. The switch uses an aging mechanism, defined by a configurable aging timer, so if an address remains inactive for a specified number of seconds, it is removed from the address table.
Table 4-1 shows the Ethernet, Fast Ethernet, and Gigabit Ethernet default configuration.
| Feature | Default Value |
|---|---|
Port enable state | All ports are enabled |
Port name | None |
Duplex mode |
|
Flow control (Gigabit Ethernet) | Flow control set to off for receive (Rx) and desired for transmit (Tx) |
Flow control (other Ethernet) | Flow control set to off for receive (Rx); transmit (Tx) not supported |
Spanning-Tree Protocol (STP) | Enabled for VLAN 1 |
Native VLAN | VLAN 1 |
Port VLAN cost |
|
EtherChannel | Disabled on all Ethernet ports |
These sections describe how to configure Ethernet, Fast Ethernet, and Gigabit Ethernet switching on the Catalyst 6000 and 6500 series switches:
You can assign names to the ports on Ethernet, Fast Ethernet, and Gigabit Ethernet switching modules to facilitate switch administration.
To assign a name to a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Assign a name to a port. | set port name mod_num/port_num [name_string] |
Step 2 Verify that the port name is configured. | show port [mod_num[/port_num]] |
This example shows how to set the name for ports 1/1 and 1/2 and how to verify that the port names are configured correctly:
Console> (enable) set port name 1/1 Router Connection Port 1/1 name set. Console> (enable) set port name 1/2 Server Link Port 1/2 name set. Console> (enable) show port 1 Port Name Status Vlan Level Duplex Speed Type ----- ------------------ ---------- ---------- ------ ------ ----- ------------ 1/1 Router Connection connected trunk normal half 100 100BaseTX 1/2 Server Link connected trunk normal half 100 100BaseTX <...output truncated...> Last-Time-Cleared -------------------------- Tue Jun 16 1998, 16:25:57 Console> (enable)
You can configure the port speed on 10/100-Mbps Ethernet switching modules. Use the auto keyword to autonegotiate the port's speed and duplex mode with the neighboring port.
To set the port speed for a 10/100-Mbps port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Set the port speed of a 10/100-Mbps Fast Ethernet port. | set port speed mod num/port num {10 | 100 | auto} |
Step 2 Verify that the speed of the port is configured correctly. | show port [mod_num[/port_num]] |
This example shows how to set the port speed to 100 Mbps on port 2/2:
Console> (enable) set port speed 2/2 100 Port 2/2 speed set to 100 Mbps. Console> (enable)
This example shows how to make port 2/1 autonegotiate speed and duplex with the neighbor port:
Console> (enable) set port speed 2/1 auto Port 2/1 speed set to auto-sensing mode. Console> (enable)
You can set the port duplex mode to full or half duplex for Ethernet and Fast Ethernet ports.
To set the duplex mode of a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Set the duplex mode of a port. | set port duplex mod num/port num {full | half} |
Step 2 Verify that the duplex mode of the port is configured correctly. | show port [mod_num[/port_num]] |
This example shows how to set the duplex mode to half duplex on port 2/1:
Console> (enable) set port duplex 2/1 half Port 2/1 set to half-duplex. Console> (enable)
Gigabit Ethernet ports on the Catalyst 6000 and 6500 series switches use flow control to inhibit the transmission of packets to the port for a period of time; other Ethernet ports use flow control to respond to flow control requests.
If a Gigabit Ethernet port receive buffer becomes full, the port transmits a "pause" packet that tells remote ports to delay sending more packets for a specified period of time. All Ethernet ports (1000 Mbps, 100 Mbps, and 10 Mbps) can receive and act upon "pause" packets from other devices.
Enter the set port flow control command to configure flow control on ports. Table 4-2 lists the set port flowcontrol command keywords and describes their functions.
| Keywords | Function |
|---|---|
receive on | The port uses flow control dictated by the neighbor port. |
receive desired | The port uses flow control if the neighbor port uses it, and does not use flow control if the neighbor port does not use it. |
receive off | The port does not use flow control, regardless of whether flow control is requested by the neighbor port. |
send on1 | The port sends flow-control frames to the neighbor port. |
send desired1 | The port sends flow-control frames to the neighbor port if the neighbor port asks to use flow control. |
send off1 | The port does not send flow-control frames to the neighbor port. |
| 1Supported only on Gigabit Ethernet ports. |
To configure flow control, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Set the flow-control parameters. | set port flowcontrol mod_num/port_num {receive | send} {off | on | desired} |
Step 2 Verify the flow-control configuration. | show port flowcontrol |
This example shows how to turn transmit and receive flow control on and how to verify the flow-control configuration:
Console> (enable) set port flowcontrol 3/1 send on Port 3/1 will send flowcontrol to far end. Console> (enable) set port flowcontrol 3/1 receive on Port 3/1 will require far end to send flow control Console> (enable) show port flowcontrol PortSend-FlowcontrolReceive-FlowcntlRxPauseTxPause AdminOperAdminOper ----- ---------------------------------------------- 3/1ondisagreeondisagree00 3/2offoffoffoff00 3/3desiredondesiredoff1010 Console> (enable)
Use the ping and traceroute commands to test connectivity.
To check connectivity out a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Ping a remote host that is located out the port you want to test. | ping [-s] host [packet_size] [packet_count] |
Step 2 Trace the hop-by-hop route of packets from the switch to a remote host located out the port you want to test. | traceroute host |
Step 3 If the host is unresponsive, check the IP address and default gateway configured on the switch. | show interface |
This example shows how to ping a remote host and how to trace the hop-by-hop path of packets through the network using traceroute:
Console> (enable) ping somehost somehost is alive Console> (enable) traceroute somehost traceroute to somehost.company.com (10.1.2.3), 30 hops max, 40 byte packets 1 engineering-1.company.com (173.31.192.206) 2 ms 1 ms 1 ms 2 engineering-2.company.com (173.31.196.204) 2 ms 3 ms 2 ms 3 gateway_a.company.com (173.16.1.201) 6 ms 3 ms 3 ms 4 somehost.company.com (10.1.2.3) 3 ms * 2 ms Console> (enable)
These sections describe the UniDirectional Link Detection (UDLD) protocol feature:
The UDLD protocol allows two devices running UDLD to verify the physical configuration of fiber-optic Ethernet cables connecting them. UDLD shuts down any Ethernet connection that does not properly exchange UDLD packets between devices.
These sections describe how to configure UDLD:
To enable UDLD, perform this task in privileged mode:
| Task | Command |
|---|---|
Enable UDLD on the switch. | set udld enable |
This example shows how to enable UDLD:
Console> (enable) set udld enable UDLD enabled globally Console> (enable)
To enable UDLD on a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Enable UDLD on a port. | set udld enable mod_num/port_num |
This example shows how to enable UDLD on port 1/1:
Console> (enable) set udld enable 1/1 UDLD enabled on port 1/1. Console> (enable)
To disable UDLD on a port, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable UDLD on a port. | set udld disable mod_num/port_num |
This example shows how to disable UDLD on port 1/1:
Console> (enable) set udld disable 1/1 UDLD disabled on port 1/1. Console> (enable)
To disable UDLD on the switch, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable UDLD on the switch. | set udld disable |
This example shows how to disable UDLD:
Console> (enable) set udld disable UDLD disabled globally Console> (enable)
Use the following commands to display UDLD configuration.
To display the UDLD enable state, perform this task in privileged mode:
| Task | Command |
|---|---|
Display UDLD enable state. | show udld |
This example shows how to display the UDLD enable state:
Console> (enable) show udld UDLD enabled globally Console> (enable)
To display UDLD configuration for a module or port, perform this task in privileged mode:
| Task | Command |
|---|---|
Display the UDLD configuration for a module or port. | show udld port mod_num[/port_num] |
This example shows how to display the UDLD configuration for port 1/1:
Console> (enable) show udld port 1/1 UDLD :enabled Port Admin Status Link State -------- ------------ ---------------- 1/1 enabled bidirectional Console> (enable)
These sections describe how to configure Layer 3 protocol filtering on Catalyst 6000 and 6500 series Ethernet VLANs and on Ethernet ports:
Layer 3 protocol filtering is supported only on nontrunking Ethernet ports. Trunking ports are always members of all the protocol groups. Layer 3 protocol filtering is disabled by default on all Ethernet VLANs. In addition to configuring a VLAN to the port, you can configure the port to be a member of one or more of the protocol groups. Filtering is not done on trunk ports; therefore, there are no interoperability issues with other switches. Layer 2 protocols, such as Spanning-Tree Protocol and Cisco Discovery Protocol, are not affected by Layer 3 protocol filtering.
The supervisor engine software supports autolearning. With autolearning, ports become members of the protocol flood domain only after receiving packets of the corresponding protocol. For example, if a host supports both IP and Internetwork Packet Exchange (IPX) and the host is using only IP, the port to which this host is connected is configured as auto for IPX. This port does not receive any IPX flood traffic. When the host actually sends an IPX packet, it is detected by the supervisor engine, and the port is added to the IPX group, which allows the port to start receiving the IPX flood traffic.
Ports that have port security enabled are members of all protocol groups.
You can configure a port with the following options: on, off, and auto for a particular protocol. If the configuration is set to on, it receives all the flood traffic for that protocol; if it is set to off, it does not receive any flood traffic for that protocol. If the port configuration is set to auto, it is added to the group only after receiving packets of the specific protocol. Initially, the port does not receive any flood packets for that protocol. When the corresponding protocol packets are received on that port, the supervisor engine detects this condition and adds the port to the protocol group.
By default, ports are configured to on for the IP protocol groups. You can configure the ports to auto for IP if only clients are connected to the ports. The default port configuration for IPX and Group is auto. Autoconfigured ports are removed from the protocol group if no packets are received for that protocol within 60 minutes. Ports are also removed from the protocol group when the supervisor engine detects a link down.
The supervisor engine software provides broadcast and unicast flood traffic filtering based on the port's membership to different protocol groups in addition to the port VLAN.
A port can be a member of one or more of the first three groups.
To configure Layer 3 protocol filtering on Ethernet ports, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable Layer 3 protocol filtering on the switch. | set protocolfilter {enable | disable} |
Step 2 Set the protocol membership of the desired ports. | set port protocol mod_num/port_num {ip | ipx | group} {on | off | auto} |
Step 3 Verify the port filtering configuration. | show port protocol [mod_num[/port_num]] |
This example shows how to enable Layer 3 protocol filtering, set the protocol membership of ports, and verify the configuration:
Console> (enable) set protocolfilter enable Protocol filtering enabled on this switch. Console> (enable) set port protocol 7/1-4 ip on IP protocol set to on mode on ports 7/1-4. Console> (enable) set port protocol 7/1-4 ipx off IPX protocol disabled on ports 7/1-4. Console> (enable) set port protocol 7/1-4 group auto Group protocol set to auto mode on ports 7/1-4. Console> (enable) show port protocol 7/1-4 Port Vlan IP IP Hosts IPX IPX Hosts Group Group Hosts -------- ---------- -------- -------- -------- --------- -------- ----------- 7/1 4 on 1 off 0 auto-off 0 7/2 5 on 1 off 0 auto-on 1 7/3 2 on 1 off 0 auto-off 0 7/4 4 on 1 off 0 auto-on 1 Console> (enable)
Posted: Thu Apr 8 14:23:46 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.