PowerPoint 프레젠테이션

Catalyst 4500 1. Catalys4500 Hardware 1.1 1.2 1.3 1.4 2. Catalys4500 Configuration Guide 2.1 CLI 2.2 2.3 RPR Supervisor Engine Redundancy 2.4 2.5 Layer 2 Switching LAN 2.6 VTP 2.7 VLANs 2.8 Layer 3 2.9 EtherChannels 2.10 IEEE 802.1Q Trunk 2.11 STP(Spanning Tree Protocol) 2.12 IP Unicast Layer 3 Switching 2.13 Network Security 2.14 1. Catalys4500 Hardware 1.1 Cisco Catalyst 4500 (resiliency) (nonblocking) 2/3/4 . / / , (metro) . Cisco Catalyst 4000 Catalyst 4500 Cisco Cata lyst , Cisco Catalyst 4507R(7 ), Cisco Catalyst 4506(6 ) Cisco Cat alyst 4503(3 ) . Cisco Catalyst 4500 1 + 1 (supervisor) (Cisco Catalyst 4507R ), IP , (fault tolerance) , 1 + 1 . . , . 1.2 Scalable, Predictable, wire-speed Performance Catalyst 4500 64Gbps 48MppsMpps , . Scalable Port Density Catalyst 4500 3 / 6 / 7 . Catalyst 4500 , 240 10/100 , 240 . 16Gbps

Fast EtherChannel Gigabit EtherChannel 8Mpps Catalyst 4000 Switching Modules Cisco Catalyst 4503 Cisco Catalyst 4506 Cisco Catalyst 4507R Switched 10/100 Fast Ethernet (RJ-45) 32 48 96 240 240 Switched 10/100 Fast Ethernet (RJ-21) 48 96 240 240 Switched 100 Fast Ethernet (MT-RJ) 4, 24 48 96 240 240 Switched 1000 Gigabit Ethernet (fiber) 2, 6, 18 48 96 240 240 Switched10/100/1000BASE-T Gigabit Ethernet 12 (1000BASE-T ), 24 48 96

240 240 Network Resilience( Catalyst 4507R ) Multiple levels of network resiliency and serviceability device-level fault tolerance Supervisors Redundant, load-sharing power supplies (AC and DC) Redundant sharing fans, Redundant system clocks Redundant uplinks, Redundant switch fabrics(1 per line card ) Spanning Tree loop VLAN Cisco Redundant Fast EtherChannel Gigabit EtherChannel load sharing HSRP(Hot Powerful Standby Routing Protocol) management CiscoWorks Cisco 2000 Discovery Protocol VTP(Cisco Virtual Trunking Protocol) Network topology , VLAN trunk configuration port RMON agent Local, port VLAN Ethernet Fast Ethernet port mirror out-of-band management Console

Remote AUX interface in-band management SNMP(Simple Network Management Protocol), Telnet Client, BOOTP, T FTP(Trivial File Transfer Protocol) IEEE 8Mpps02.3, 10BASE-T IEEE 8Mpps02.3u, 100BASE-TX IEEE 8Mpps02.3, 100BASE-FX IEEE 8Mpps02.3z IEEE 8Mpps02.3x IEEE 8Mpps02.3ab 1000BASE-X (GBIC) 1000BASE-SX 1000BASE-LX/LH 1000BASE-ZX VLAN(Virtual LAN) / IEEE 8Mpps02.1Q Spanning-Tree Protocol IEEE 8Mpps02.1D IEEE 8Mpps02.1w IEEE 8Mpps02.1s IEEE 8Mpps02.1x Network Cisco Works Resource Manager Essentials (LAN Management So lution(LMS) ) :

, , Network Cisco Works Resource Manager Essentials (LAN Management So lution (LMS) ) : (topology discovery) VLAN (logical display) CiscoView Cisco Discovery Protocol Cisco Virtual Trunking Protocol (VTP) SNMP(Simple Network Management Protocol) Version 1 (RFCs 1155-1157) SNMP Cisco 2c Workgroup Management Information Base (MIB) Ethernet MIB (RFC 1643)

Ethernet Repeater MIB (RFC 1516) SNMP MIB II (RFC 1213) Remote Monitoring (RMON) (RFC 1757) Remote Monitoring II (RMON II) (RFC 2021) Interface Bridge Table (RFC 1573) MIB (RFC 1493) Switched Port Analyzer (SPAN) Enhanced Switched Port Analyzer (ESPAN) Cisco Catalyst 5000 CLI (command-line interface) (Supervisor Engine II only) Cisco IOS : TACACS+ , TFTP(Trivial File Transfer Protocol), BOOTP Catalyst 4500 . Cisco Catalyst 4503 Cisco Catalyst 4506 Cisco Catalyst 4507R (H x W x D): (12.25 x 17.31 x 12.50 in.), (31.12 x 43.97 x 31.70 cm) (17.38 x 17.31 x 12.50 in.), (44.13 x 43.97 x 31.70 cm) (19.19 x 17.31 x 12.50 in.), (48.74 x 43.97 x 31.70 cm)

7 rack units high 10 rack units high 11 rack units high : 23.59 kg 25.40 kg 25.85 kg : 34.02 kg 45.36 kg 48.53 kg : 19 23 (19 ) 19 23 (19 ) 19 23 (19 ) . : : ( ) : ( ) SNMP MIB ( ) 1000 Watt AC 1300 Watt ACV 2800 Watt ACV (48V ) No (data only)

Yes (up to 800W) Yes (up to 1400W) 13.2A maximum @ 100VAC 6.6A maximum @ 200VAC 17.6A maximum @ 100VAC 8.8A maximum @ 200VAC 17.6A maximum @ 200VAC AC 100-240V~ 50/60 Hz 12-6A 100-240V~ 50/60 Hz 16-8A 200-240V~ 50/60 Hz 16A ( ) 12V @ 84.7A maximum 12V @ 84.7A maximum 12V @ 115.3A maximum ( ) N/A 48V @ 16.7A maximum 48V @ 29.1A maximum KVA 1.32 KVA 1.76 KVA 3.52 KVA ( ) 1000W + 40W (fan) per power supply Up to 1000W + 40W (fan) per power supply (data + voice max = 1300W) 1360W + 40W (fan) per power supply ( ) 1+1 (combined mode)

1667W combined maximum 1667W combined maximum 2473W combined maximum ( ) N/A Up to 800W per power supply (data + voice max = 1300W) 1400W per power supply ( ) 1+1 (combined mode) N/A 1333W combined maximum 2333W combined maximum 943 BTU/hr 1557 BTU/hr 2387 BTU/hr (Holdup) ) 20 ms 20 ms 20 ms 1.3 1.3.1 Supervisor Engine Catalyst 4500 series Switching Core Multi-layer Switching Net work Management Engine 1 ~ 4 4507R Supervisor Engine 4 . Supervisor 2 modular Gigabit Ethernet uplink port (single/multi mode fiber ) Cisco Gigabit EtherChannel, multimodule channeling ( 16Gbps link ) Supervisor Engine IV High-density Gigabit Ethernet Backbone switchin g

ACL QoS 48Mpps Mpps forwarding Netflow Data Expression Ver 1, 5 Industry-Leading Cisco 4000, 4500 4006 4506 Migration Software Services IOS Catalyst 6500 12.1E IOS Sup 3, Sup 4 IOS OS ( Cat OS ) Scalability IP IPX Layer 3 switching, AppleTalk, DecNET, Vines Fast EtherChannel Gigabit EtherChannel, Port Aggregation Protocol(PAgP) Policy server, VMPS VLANs ISL(Inter-Switch Link) Trunking Protocol DISL (Dynamic ISL) IEEE 8Mpps02.1Q VLAN Trunking VTP(Virtual LAN Trunking Protocol), VTP version, VTP pruning Network Resiliency Redundant Supervisor Engines Spanning-Tree Protocol ( PortFast, UplinkFast, BackbonFast ) FastEtherChannel,

GigaEtherChannel Manageability CDP(Cisco SNMP Discovery Protocol) agent, SNMPv2 agent, RMON agent (RFC 1757), RMON2 support (RFC 2021) SPAN(Switched Port Analyzer), ESPAN(Enhanced SPAN), SPAN from multiple source ports Syslog support DNS(Domain Bridge MIB (RFC 1493), IF-MIB (RFC 1573), MIB II (RFC 1213) High-Availability Fast options EtherChannel, Gigabit EtherChannel, and multimode channeling PortFast, Powerful Name Service), NTP(Network Time Protocol) BackboneFast, and UplinkFast Management Options CiscoWorks Local, 2000 out-of-band management ( console, modem) , Remote, in-band manageme nt ( SNMP, Telnet client, BOOTP,TFTP) Memory Memory speed : 133MHz SDRAM : 512MB Packet memory : dynamically 16MB Onboard Flash memory : 64MB Optional CPU

PCMCIA Flash card : scalable from 64 or 128MppsMB (Network Management processor [NMP]) Processor 333-MHz Supervisor Engine Indicator and Interface Console Port : RJ-45 (female) , DTE : local or remote connectivity Supervisor System Engine Status LED LED : displays chassis environment status 1.3.2 Netflow Services Card Netflow Services Card Netflow accounting Feature Catalyst 4500 . Netflow Flow accounting Flow . source IP address, destination IP address, IP protocol type, sourc e Layer 4 port destination Layer 4 port . NetFlow Services Card Supervisor Engine IV NetFlow accounting . Hardware, . Software NetFlow Services Card , . - Catalyst 4500 series switch (Catalyst 4503, 4506, or 4507R) - Supervisor Engine IV Cisco IOS Version 12.1(13)EW 1.3.4 Gigabit Ethernet Module <6 Port Gigabit Ethernet Module> <18 Port Gigabit Ethernet Module> <48 Port Gigabit Ethernet Module> GBIC 3 GBIC , 6 1000BASE-X(WS-X4306-GB), 18 1000BASE-X(WS-X4418-GB) 48 1000-BASE-LX .

32,000 4000 MAC LAN(VLAN) 64 Gbps 48 Mpps CEF 2/3/4 Cisco Catalyst 4000/4500 10/100/1000 RJ-45 240 Cisco Catalyst 6500 IEEE 802.3z IEEE 80 2.3ab 1000BASE-SX, 1000BASE-LX/L H, 1000BASEZX CWDM GBIC 100 Km SC 5 10/100/1000 1000 Mbps 100 1000 Mbps EtherChannel 1000 Mbps 802.1s 802.1w ( ) IEEE 802.3ad ( ) 4 6port Gigabit Ethernet Module 6 1000BASE-X , (switch-to-switch)

, , . EtherChannel IEEE 802.3ad 18port Gigabit Ethernet Module 2 1000BASE-X GBIC 16 GBIC 16 8 Gbps (4 Gbps ) 4Gbps GBIC GBIC EtherChannel IEEE 802.3ad . IEEE 802.1x (PAUSE ) 48port Gigabit Ethernet Module 1000BASE-LX / 48 (point-to-point) 12 Gbps (6 Gbps ) . IEEE 802.1x (PAUSE ) 1.3.5 Fast Ethernet Switching Modules 48Mpps 10/100BaseTX 24 10/100BaseFX 2 Gigabit Ethernet GBIC 32 10/100BaseTX

IEEE 8Mpps02.3u Platform 8Mpps Fast Ethernet modules per-interface buffers priority queue Large Switching VLAN spanning tree algorithm SNMP, Standard port MAC address 4 RMON groups Network Protocols Ethernet Fast <48 Port Fast Ethernet 10/100TX Module> : IEEE 8Mpps02.3, 10BaseT Ethernet : IEEE 8Mpps02.3u, 100BaseTX, and 100BaseFX <32 Port Fast Ethernet 10/100TX + 2 Gigabit Ethernet Module> Frame processing Transparent Network <24 Port Fast Ethernet 100FX Module> Management ETHERLIKE-MIB IF-MIB Bridge CISCO-VLAN-Membership-MIB ENTITY-MIB (RFC 2037) HC-RMON RFC 1213-MIB (MIB-II) SMON-MIB bridging (8Mpps02.1d) (RFC 1643) (RFC 1573) MIB (RFC 1493) CISCO-STACK-MIB

CISCO-VTP-MIB CISCO-CDP-MIB RMON MIB (RFC 1757) CISCO-PAGP-MIB CISCO-STP-Extensions-MIB Station cabling 10/100BaseTX CISCO-VLAN-Bridge-MIB ( Cat. 5 UTP : 100m) 100BaseFX Fast Ethernet : 62.5/125-micron multimode fiber ( 400m, 2km ) 100BaseFX Fast Ethernet : 8Mpps/125-micron single mode fiber ( 10km ) Indicators and Interfaces Status Link : green(operational) / red(faulty) / orange(module booting or running diagnostics) good : green(port active) / orange(disabled) / off(not active/connected) / blinking ora nge(failed diagnostic and disabled) 1.4 - (H x W x D) : 64.8Mpps x 43.1 x 46.0 cm Chassis depth including cable guide is 55.0 cm - Chassis only: 24.9 kg Chassis fully configured with 1 supervisor engine, 8Mpps switching modules, and 2 powe r supplies: 61.2 kg 19-inch (48Mpps.3 cm) 19.25 inches (48Mpps.9 cm) . Rack-Mounting 1. a. b. c. AC, DC AC/ DC (W)

DC (W) AC 120 V AC 240 V DC 40V DC 48V Cat4503 53 40 .44 .22 1.11 1.03 Cat4506 67 50 .56 .28 1.39 1.28 Cat4507R 120 90 1.00 .50 2.50 2.31 1.4 3. L - L 4. a. . b. . c. . d. L . e. . 5. Eject 6. . 7. .

1.4 Power-Supply : DC PDP , TAPE . 1. . 2. PDP DC Off . 3. Off . 4. . 5. . 6. . 7. DC . 8Mpps. DC . 9. . 10. . 11. PDP 12. On 13. LED - INPUT OK LED : Green - FAN OK LED : Green - OUTPUT FAIL LED : 2. Catalys4500 Configuration Guide 2.1 CLI ( Command Line Interface ) Supervisor Terminal Module . Speed 9600, 8Mpps Daba bits, No parity, 2 stop bits . ( window HyperTerminal .) . User mode . Mode , Monitoring . Mode Privileged mode . Mode , , . Mode User mode enable Mode User mode Privileged mode . Router> enable Password: Router# IP address . 8Mpps , idle exec-timeout .

Step2 default password password , . Step2 password no login line vty . Command Purp) ose Step) 1 telnet {hostname | ip_addr} Step) 2 Password: password Router# . Note Return . no login > , login . . Step) 3 Router> enable enable mode Step) 4 Password: password Router# . Step) 5 Router# quit unix_host% telnet Router_1 Trying 172.20.52.40... Connected to 172.20.52.40. Escape character is '^]'. User Access Verification Password: Router_1> enable Password: Router_1# Command Line Process Command , Command . . . Keystrokes

Purp) ose Press Ctrl-B or press the left arrow key1 Press Ctrl-F or press the right arrow key1 Press Ctrl-A Press Ctrl-E Press Esc B Press Esc F 1 The arrow keys function only on ANSI-compatible terminals such as VT100s History Buffer 20 . . . Command Purp) ose Ctrl-P or the up arrow key.1 . .Recalls commands in the history buffer, beginning with the mos t recent command. Repeat the key sequence to recall successively older commands. Ctrl-N or the down arrow key.1 Ctrl-P . Router# show history . 1 The arrow keys function only on ANSI-compatible terminals such as VT100s Command

User EXEC Mode , Privileged EXEC . . Mode Descrip) tion of Use How to Access Promp) t User EXEC , . Log in. Router> Privileged EXEC (enable) , , configure . user EXEC mode enable Router# Global configuration privileged EXEC mode configure terminal Router(confi g)# Interface configuration . global configuration mode interface type slot/port Router(config -if)# Console configuration

global configuration mode line console 0 Router(config -line)# (?) . Router> ? (?) . Router# co? configure . Router# configure ? memory network Configure from NV memory Configure from a TFTP network host overwrite-network Overwrite NV memory from TFTP network host terminal Configure from the terminal 2.2 Native IOS 4500 IOS(Hybrid IOS, Native IOS) Native IOS . port Layer 3 routed port . Layer 3 configuration ios . Global Parameters 1. boot parameter rommon.> boot . rommon 1 > boot slot0:c6sup22-jsv-mz.121-5c.EX.bin Self decompressing the image : ################################################# ################################################################################ ################################################################################ ################################################################################ ################################################################################ [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted 2. . Yes . --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: y At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'.

Basic management setup configures only enough connectivity for management of the system, extended setup will ask you to configure each interface on the system Would you like to enter the initial configuration dialog? [yes]: no No . 3. Privileged EXEC . Privileged . Router> enable Router# 4. # configure terminal global configuration . Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Global configuration interface line . 5. . running configuration Router(config)# interface fastethernet 5/1 . Router(config-if)# Router# show running-config Building configuration... Current configuration: Current configuration : 3441 bytes ! version 12.1 service timestamps debug datetime localtime service timestamps log datetime localtime no service password-encryption ! hostname Router ! boot buffersize 522200 boot system flash slot0:c6sup22-jsv-mz.121-5c.EX.bin boot bootldr bootflash:c6msfc2-boot-mz.121-3a.E4 enable password lab ! redundancy main-cpu auto-sync standard ip subnet-zero no ip finger ! cns event-service server ! <...output truncated...> line con 0 exec-timeout 0 0 transport input none line vty 0 4 exec-timeout 0 0 password lab login . transport input lat pad mop telnet rlogin udptn nasi Router# copy running-config startup-config Static SNMP IP address . static . Command

Purp) ose Step) 1 Router(config)# ip route dest_IP_address mask {forwarding_IP | vlan vlan_ID} static route Step) 2 Router# show running-config static route Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ip route 171.10.5.10 255.255.255.255 172.20.3.35 Router(config)# end Router# Running configuration . Router# show running-config Building configuration... . <...output truncated...> . ip default-gateway 172.20.52.35 ip classless ip route 171.10.5.10 255.255.255.255 172.20.3.35 no ip http server ! Static Vlan . Router# configure terminal Router(config)# ip route 171.20.5.3 255.255.255.255 vlan 1 Router(config)# end Router# Router# show running-config Building configuration... . <...output truncated...> . ip default-gateway 172.20.52.35 ip classless ip route 171.20.52.3 255.255.255.255 Vlan1 no ip http server ! Password Password . Static Enable Password User EXEC Privileged EXEC password Encription . Command Purp) ose Router(config)# enable password p assword privileged EXEC mode

Router# configure terminal Router(config)# enable password lab Router(config)# Enable Secret password Encription . enable password privileged exec , enable password . Command Purp) ose Router(config)# enable password [level level] {password | encrypt ion-type encrypted-password} the privileged EXEC mode Router(config)# enable secret [le vel level] {password | encryption -type encrypted-password} Encryption ( enable p) assword enable secret enable secret .) password encription . Command Purp) ose Router(config)# service password-encryption encryption . Line Password Console Telnet Line Password . Command Purp) ose Router(config-line)# password pa ssword Password Recovery Password Step Step Step Step Step Step Step

1 2 3 4 5 6 7 . . Configuration . . Enable(Previliged) . , . , . . Step2 rommon> Break Ctrl-break Alt_B . . sup-bootlfash: slot0: . boot loader bootflash: . boot . Router# show bootvar BOOT variable = sup-bootflash:c6sup-js-mz.120-7.XE.bin,1; CONFIG_FILE variable does not exist BOOTLDR variable = bootflash:c6msfc-boot-mz.120-7.XE.bin Configuration register is 0x0 copy Active Supervisor IOS Slave Supervisor . IOS image . Router# copy source_device:source_filename slavesup-bootflash:target_filename Bootloader Rx-boot image . Router# copy source_device:source_filename slavebootflash:target_filename 2.3 RPR Supervisor Engine Redundancy RPR

Active Redundant supervisor auto-startup bootvar Active Redundant 60 redundant supervisor redundant supervisor GE redundncy Active RPR Trigger Clock MSFC PFC Power Up MSFC Subsybytem( Ex, Layer2 Layer3 ) . ACL supervisor . RPR+ RPR , 30~60 running-configuration , reload . OIR Redundant supervisor Active RPR Supervisor Engine G1/1, G2/1 Active G1/2, G2/2 standby

RPR Feature , command : redundancy force-switchover RPR Trigger Clock MSFC PFC . RPR+ RPR+ vlan database configuration . SNMP . 60 Active Redundancy Active Redundancy IOS . Active Redundancy FIB(Forwarding Information Base) routed Static . Dynamic (BGP Session ) . core dum , core dump Redundancy Active 15 . . RPR RPR+

Command Purp) ose Step1 Router(config)# redundancy redundancy configuration mode Step2 Router(config-red)# mode { rp) r | rp) r-p) lus } RPR RPR+ . redundant supervisor engine reload RPR RPR+ . Step3 Router# show running-config RPR RPR+ Step4 Router# show redundancy states redundancy Router> enable Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# redundancy Router(config-red)# mode rpr-plus Router(config-red)# ^Z Router# show redundancy states my state = 13 -ACTIVE peer state = 1 -DISABLED Mode = Simplex Unit = Primary Unit ID = 1 Redundancy Mode (Operational) = Route Processor Redundancy Plus Redundancy Mode (Configured) = Route Processor Redundancy Plus Split Mode = Disabled Manual Swact = Disabled Reason: Simplex mode Communications = Down Reason: Simplex mode Supervisor startup-config config-register . bootvar Redundancy running config . Command Purp) ose Step1 Router(config)# redundancy redundancy configuration Step2 Router(config-red)# main-cp) u

main-cpu configuration submode Step3 Router(config-r-mc)# auto-sync {startup) -config | config-register | bootvar | standard } configuration Step4 Router(config-r-mc)# end privileged EXEC mode Step5 Router# cop) y running-config startup) -config NVRAM . redundant supervisor NVRAM . Router(config)# redundancy Router(config-red)# main-cpu Router(config-r-mc)# auto-sync standard Router(config-r-mc)# auto-sync bootvar Router(config-r-mc)# end Router# copy running-config startup-config Router# show redundancy states my state = 13 -ACTIVE peer state = 8 -STANDBY HOT Mode = Duplex Unit = Primary Unit ID = 1 Redundancy Mode (Operational) = Route Processor Redundancy Plus Redundancy Mode (Configured) = Route Processor Redundancy Plus Split Mode = Disabled Manual Swact = Enabled Communications = Up client count = 11 client_notification_TMR = 30000 milliseconds keep_alive TMR = 9000 milliseconds keep_alive count = 0 keep_alive threshold = 18 RF debug mask = 0x0 2.4 - Ethernet (ethernet ) - Fast Ethernet(fastethernet ) - Gigabit Ehternet(gigabitethernet ) - 10-Gigabit Ethernet(tengigabitethernet ) : Catalyst 4500 1 : 1 Interface

Interface mode global configuration Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Type Slot/Port Router(config)# interfaces fastethernet 5/1 Router(config-if)# . show interface . Router# show interfaces fastethernet 5/48 FastEthernet5/48 is up, line protocol is up Hardware is C6k 100Mb 802.3, address is 0050.f0ac.3083 (bia 0050.f0ac.3083) Internet address is 172.20.52.18/27 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 100Mb/s ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 1000 bits/sec, 1 packets/sec 5 minute output rate 1000 bits/sec, 1 packets/sec 4834677 packets input, 329545368 bytes, 0 no buffer Received 4796465 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 51926 packets output, 15070051 bytes, 0 underruns 0 output errors, 2 collisions, 2 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Range Command Purp) ose Router(config)# interface range {{vlan vlan_ID - vlan_ ID [, vlan vlan_ID - vlan_ID]} | {type slot/port - por t [, type slot/port - port]} | {macro_name [, macro_na me]}} . Router(config)# no interface range {{vlan vlan_ID - vl an_ID [, vlan vlan_ID - vlan_ID]} | {macro_name [, mac ro_name]}} VLAN . space

5 (,) (,) space . interface range , IOS . - ethernet, fastethernet, gigabitethernet,tengigabitethernet vlan Router(config)# interface range fastethernet 5/1 - 5 Router(config-if)# no shutdown Router(config-if)# *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet5/1, changed state to up *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet5/2, changed state to up *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet5/3, changed state to up *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet5/4, changed state to up *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet5/5, changed state to up *Oct 6 08:24:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet 5/ 5, changed state to up *Oct 6 08:24:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet 5/ 3, changed state to up *Oct 6 08:24:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet 5/ 4, changed state to up Router(config-if)# * Link state (LINK-3-UPDOWN and LINEPROTO-5-UPDOWN) link interface command Logging event link status . Step) 1 Step) 2 Step) 3 Speed Duplex auto , . auto-negotiation speed duplex , speed duplex . 10-Gigabit Ethernet Gigabit Ethernet Full Duplex . Command Purp) ose Router(config)# interface fastethernet slot/port Router(config-if)# speed {10 | 100 | 1 000 | auto}

. Router(config-if)# no speed auto speed . Router(config-if)# duplex [auto | full | half] Router(config-if)# no duplex auto duplex . Gigabit Ethernet Link Negotiation Link negotiation flow-control parameters, remote fault , duplex . Link negotiation . . . Link Negotiation State Link Status Local Port Remote Port Local Port Remote Port Off Off Up Up On On Up Up Off On Up Down On Off Down Up

Step) 1 Step) 2 Command Purp) ose Router(config)# interface gigabitethernet slot/port Router(config-if)# speed nonegotiate negotiation Router(config-if)# no speed nonegotiate (link negotiation enabled). Router(config)# interface gigabitethernet 5/4 Router(config-if)# no speed nonegotiate Speed Duplex Display show interface . Command Purp) ose Router# show interfaces type slot/port . type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet Router# show interfaces fastethernet 5/4 FastEthernet5/4 is up, line protocol is up Hardware is Cat6K 100Mb Ethernet, address is 0050.f0ac.3058 (bia 0050.f0ac .3058) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:33, output never, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1238 packets input, 273598 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 1380 packets output, 514382 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Router# Description

. show configuration, show running-configuration, show interface . Command Purp) ose Router(config-if)# description string . Router(config-if)# no description description Router(config)# interface fastethernet 5/5 Router(config-if)# description Channel-group to "Marketing" Counter show interface counter Command Purp) ose Router# clear counters {{vlan vlan_ID} | {type slot/port} | {port-channel channel_ID}} 1 type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet Router# clear counters fastethernet 5/5 Clear "show interface" counters on this interface [confirm] y Router# *Sep 30 08:42:55: %CLEAR-5-COUNTERS: Clear counter on interface FastEthernet5/5 Reset reset Command Purp) ose Router# clear interface type slot/port 1 type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet Router# clear interface fastethernet 5/5 Router# Shutdown Restarting shutdown . no shutdown .

Command Purp) ose Step) 1 Router(config)# interface {{vlan vlan_ID} | {type1 slot/port} | {port-channel channel_ID}} Step) 2 Router(config-if)# shutdown Shuts down. Step) 3 Router(config-if)# no shutdown Router(config)# interface fastethernet 5/5 Router(config-if)# shutdown Router(config-if)# *Sep 30 08:33:47: %LINK-5-CHANGED: Interface FastEthernet5/5, changed state to administrativ ely down Router(config-if)# no shutdown Router(config-if)# *Sep 30 08:36:00: %LINK-3-UPDOWN: Interface FastEthernet5/5, changed state to up 2.5 Layer 2 Switching LAN Layer 2 Layer 2 D-mac S-mac Layer 3 D-ip S-ip - Mac . ( Mac ) Layer 3 - IP . (Routing ) Layer 4 D-Port C-Port Layer 4 - Port . Mac Frame source mac-address

mac-address Vlan Forwa rding Frame source mac-address mac 16,000 mac-address , aging ( 300 ) active VLAN VLAN 6 , LAN . ( ) Point-to-Point VLAN Encapsulation . - ISL : - 8Mpps02.1q : , . DPT ISL 8Mpps02.1q Autonegotiation , ISL . VLAN Encapsulation Type . Encap) sulation Function switchp) ort trunk encap) sulation isl ISL Note 10-Gigabit Ethernet ISL . switchp) ort trunk encap) sulation dot1q 802.1Q . switchp) ort trunk encap) sulation negotiate Negotiation ISL , 802.1q . LAN Access Trunk . Mode

Function switchp) ort mode acc ess . negotiation . Trunk Access . switchp) ort mode dyn amic desirable . tr unk, desirable auto mode , . 4500 . . switchp) ort mode dyn amic auto , trunk desirable mode . switchp) ort mode trun k , negotiation On desir able auto . trunk . switchp) ort nonegotia te DPT . nonegotiate . trunk mode . Default Layer 2 LAN Catalyst4500 Feature Default Interface mode: Before entering the switchp) or t command Layer 3 (unconfigured) Routed Interface . After entering the switchp) ort command switchp) ort mode dynamic desirable Trunk encapsulation switchp) ort trunk encap) sulation negotiate Allowed VLAN range With Release 12.1(13)E and later releases, VLANs 1 to 4094, except res erved VLANs With 12.1 E releases earlier than Release 12.1(13)E, VLANs 1 to 1005 12.1(13)E VLAN . VLAN range eligible for pruning

VLANs 2 to 1001 Default VLAN (for access ports) VLAN 1 Native VLAN (for 802.1Q trunks) VLAN 1 Spanning Tree Protocol (STP) Enabled for all VLANs STP port priority 128 100 for 10-Mbps Ethernet LAN ports 19 for 10/100-Mbps Fast Ethernet LAN ports 19 for 100-Mbps Fast Ethernet LAN ports 4 for 1,000-Mbps Gigabit Ethernet LAN ports 2 for 10,000-Mbps 10-Gigabit Ethernet LAN ports STP port cost LAN 10 Gigabit Ethernet ISL encapsulation . Non-Cisco Switch Spanning Tree VLAN . LAN 8Mpps02.1q native vlan . native vlan stp loop . 8Mpps02.1q VLAN Spanning Tree Native VLAN VLAN , Native VLAN . stp loop . STP loop . Non Cisco Trunk 8Mpps02.1q . Layer 2 default default interface {ethernet | fastethernet | gigabitethernet | tengigaethernet} slot/port switchport , switchport mode dynamic desirable trunk on , auto . desirable .

switchport , encapsulaton negotiation ISL en capsultion , ISL 8Mpps02.1q . Command Purp) ose Step) 1 Router(config)# interface type1 slot/port Step) 2 Router(config-if)# shutdown (Optional) shutdown Router(config-if)# switchport Layer 3 Routed , switchport Layer 2 Switched . , switchport . Router(config-if)# no switchpo rt Layer 2 LAN Step) 4 Router(config-if)# no shutdown . (Required only if you shut down the interface.) Step) 5 Router(config-if)# end configuration mode Step) 6 Router# show running-config in terface [type slot/port] running configuration Step) 7 Router# show interfaces [type slot/port] switchport switch port configuration Step) 8 Router# show interfaces [type slot/port] trunk trunk configuration Step) 3 type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet

LAN ISL 8Mpps02.1q , negotiation(auto) . Command Purp) ose Router(config-if)# switchport trunk enc apsulation {isl | dot1q | negotiate} (Optional) encapsulation ISL 802.1Q trunk Note switchp) ort mode trunk encapsulation . Router(config-if)# no switchport trunk encapsulation default trunk encapsulation mode (negotiate). DTP(Dynamic Trunking Protocol) , auto desirable Command Purp) ose Router(config-if)# switchport mode dyna mic {auto | desirable} (Optional) DTP . Router(config-if)# no switchport mode (switchp) ort mode dynamic desirable). DTP(Dynamic Trunking Protocol) Step) 1 Step) 2 DTP switchport mode trunk encapsulation Command Purp) ose Router(config-if)# switchport mode trunk

(Optional) trunk . Router(config-if)# no switchpo rt mode (switchp) ort mode dynamic desirable). Router(config-if)# switchport nonegotiate (Optional) DTP Router(config-if)# no switchpo rt nonegotiate DTP Default VLAN Access . Access VLAN Command Purp) ose Router(config-if)# switchport access vl an vlan_ID (Optional) VLAN 12.1(13)E 1 ~ 4094 VLAN Release 12.1(13)E 1 ~ 1005 VL AN Router(config-if)# no switchport access vlan default value (VLAN 1) 802.1q Native VLAN 8Mpps02.1q Native VLAN access VLAN Native VLAN . Command Purp) ose Router(config-if)# switchport trunk nat ive vlan vlan_ID (Optional) 802.1Q native VLAN Router(config-if)# no switchport trunk native vlan Native VLAN default (VLAN 1)

Allowed VLAN VLAN . Allowed VLAN VLAN 12.1(11b)E VLAN 1 . 8Mpps02.1q VLAN1 , CDP(Cisco Discovery Protocol), VTP(VLAN Trunking Prot ocol), PAgP(Prot Aggregation Protocol), DTP(Dynamic Trunking Protocol) . Command Purp) ose Router(config-if)# switchport trunk all owed vlan {add | except | none | remov e} vlan [,vlan[,vlan[,...]] (Optional) VLAN ID Router(config-if)# no switchport trunk allowed vlan default (all VLANs allowed) Prune VLAN Prune Broadcast Trunk . 6 VTP Prune . VLAN Prune . VLAN1 Prune . Command Purp) ose Router(config-if)# switchport trunk prun ing vlan {none |{{add | except | remove} vlan[,vlan[,vlan[,...]]}} (Optional) prune-eligible VLAN Router(config-if)# no switchport trunk p runing vlan (all VLANs prune-eligible)

. Command Purp) ose Step) 1 Router(config-if)# no shutdown (Required only if you shut down the interface.) Step) 2 Router(config-if)# end configuration mode show . Command Purp) ose Step) 1 Router# show running-config in terface type1 slot/port running configuration Step) 2 Router# show interfaces [type slot/port] switchport switch port configuration Step) 3 Router# show interfaces [type slot/port] trunk configuration Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface fastethernet 5/8 Router(config-if)# shutdown Router(config-if)# switchport Router(config-if)# switchport mode dynamic desirable Router(config-if)# switchport trunk encapsulation dot1q Router(config-if)# no shutdown Router(config-if)# end Router# exit Router# show running-config interface fastethernet 5/8 Building configuration... Current configuration: ! interface FastEthernet5/8 no ip address switchport switchport trunk encapsulation dot1q end Router# show interfaces fastethernet 5/8 switchport Name: Fa5/8 Switchport: Enabled

Administrative Mode: dynamic desirable Operational Mode: trunk Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Enabled Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Pruning VLANs Enabled: ALL Layer 2 Access VLAN . VLAN shutdown . Command Purp) ose Step) 1 Router(config)# interface typ e slot/port . Step) 2 Router(config-if)# shutdown (Optional) Step) 3 Router(config-if)# switchport Layer 3 Routed , switchport Layer 2 Switched . , switchport Step) 4 Router(config-if)# no switchp ort Layer 2 LAN . Router(config-if)# switchport mode access Layer 2 access port Router(config-if)# no switchp ort mode (switchp) ort mode dynamic desi rable) Router(config-if)# switchport access vlan vlan_ID (Optional) VLAN 12.1(13)E 1 ~ 4094 VLAN Release 12.1(13)E 1 ~ 1005 VL AN

Router(config-if)# no switchp ort access vlan default VLAN (VLAN 1) Step) 7 Router(config-if)# no shutdow n (Required only if you shut down the interface.) Step) 8 Router(config-if)# end configuration mode Step) 9 Router# show running-config i nterface [type slot/port] running configuration Step) 10 Router# show interfaces [type slot/port] switchport switch port configuration Step) 5 Step) 6 Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface fastethernet 5/6 Router(config-if)# shutdown Router(config-if)# switchport Router(config-if)# switchport mode access Router(config-if)# switchport access vlan 200 Router(config-if)# no shutdown Router(config-if)# end Router# exit Router# show running-config interface fastethernet 5/6 Building configuration... ! Current configuration: interface FastEthernet5/6 no ip address switchport access vlan 200 switchport mode access end Router# show interfaces fastethernet 5/6 switchport Name: Fa5/6 Switchport: Enabled Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: Enabled Access Mode VLAN: 200 (VLAN0200) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Pruning VLANs Enabled: ALL Router# 2.6 VTP

VTP VTP , VTP domain VLAN VLAN Layer 2 messaging protocol . VTP domain(VLAN management domain) VTP domain name trunk network device . VTP VLAN name, VLAN-type . VLAN network VTP . VTP network de vice network network device . VTP Pruning VTP pruning broadcast, multicast, unknown, unicast packet traffic network bandwidth . VTP pruning network device trunk lin k traffic bandwidth . VTP pruning . VTP pruning management domain device VTP pruning . VTP pruning device trunk VLAN . 6-1 VTP pruning network switch . Network Switch 1 Interface 1 Switch 4 port 2 Red VLAN . Broadcast Switch 1 host . Switch 1 foods the broadcast network network device , Red VLAN port Switch 3,5 6 . 6-1 Flooding Traffic VTP Pruning 6-2 VTP pruning network switch . Switch 1 Broadcast traffic R ed VLAN traffic link (Switch 2 port 5 Switch 4 port 4) S witch 3,5 6 . 6-2 Flooding Traffic with VTP Pruning management domain VTP server pruning VTP pruning . VTP pruning . VLAN 2 1000 pruning .V TP pruning traffic pruning-ineligible VLAN . VLAN 1 pruning . , VLAN 1 traffic . Trunking LAN port VTP pruning switchport trunk pruning vlan . VTP pruning LAN port trunking . VTP Feature

Default Value VTP domain name Null VTP mode Server VTP version 2 enable state Version 2 is disabled VTP password None VTP pruning Disabled VTP global parameter . Command Purp) ose Router(config)# vtp password pass word_string Password , VTP domain 8 64 Router(config)# no vtp password Password Release 12.1(13)E VTP Password . Router# configure terminal Router(config)# vtp password WATER Setting device VLAN database password to WATER. Router# VTP Password . Router# vtp password WATER Setting device VLAN database password to WATER. Router# VTP Pruning VTP pruning Command Purp) ose Router(config)# vtp pruning Management domain VTP pruning

Step) 1 Router(config)# no vtp prunin g Management domain VTP pruning Step) 2 Router# show vtp status Configuration Release 12.1(13)E VTP pruning .. Router# configure terminal Router(config)# vtp pruning Pruning switched ON VTP pruning . Router# vtp pruning Pruning switched ON Router# show vtp status | include Pruning VTP Pruning Mode: Enabled Router# VTP Version2 VTP version2 network device VTP version2 . VTP v ersion2 VTP VTP version2 network device VTP v ersion2 . VTP version1 VTP version2 VTP network device . VTP network device VTP version . VTP netwo rk device version2 VTP version2 . Step) 1 Step) 2 VTP version2 Command Purp) ose Router(config)# vtp version {1 | 2} VTP version 2 Router(config)# no vtp version (VTP version 1). Router# show vtp status Configuration

Release 12.1(13)E VTP Password . Router# configure terminal Router(config)# vtp version 2 V2 mode enabled. Router(config)# VTP Password . Router# vtp version 2 V2 mode enabled. Router# Router# show vtp status | include V2 VTP V2 Mode: Enabled Router# VTP Mode VTP mode Command Purp) ose Router(config)# vtp m ode {client | server | transparent} VTP mode Router(config)# no vt p mode VTP mode (server). Step) 2 Router(config)# vtp d omain domain_name (Server mode ) VTP domain name , 32 . VTP server mode domain name . Switch VTP domain trunk switch domain VTP server dom ain name . Step) 3 Router(config)# end VLAN configuration mode Step) 4 Router# show vtp stat us Configuration Step) 1 VTP

Router# configure terminal Router(config)# vtp mode server Setting device to VTP SERVER mode. Router(config)# vtp domain Lab_Network Setting VTP domain name to Lab_Network Router(config)# end Router# VTP Router# show vtp status VTP Version : 2 Configuration Revision : 255 Maximum VLANs supported locally : 1005 Number of existing VLANs : 35 VTP Operating Mode : Server VTP Domain Name : Lab_Network VTP Pruning Mode : Enabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled MD5 digest : 0x08 0x7E 0x54 0xE2 0x5A 0x79 0xA9 0x2D Configuration last modified by 127.0.0.12 at 8-7-02 11:21:43 Local updater ID is 127.0.0.12 on interface EO0/0 (first interface found) Router# VTP Router# configure terminal Router(config)# vtp mode client Setting device to VTP CLIENT mode. Router(config)# exit Router# VTP Router# show vtp status VTP Version : 2 Configuration Revision : 255 Maximum VLANs supported locally : 1005 Number of existing VLANs : 35 VTP Operating Mode : Client VTP Domain Name : Lab_Network VTP Pruning Mode : Enabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled MD5 digest : 0x08 0x7E 0x54 0xE2 0x5A 0x79 0xA9 0x2D Configuration last modified by 127.0.0.12 at 8-7-02 11:21:43 Router#

VTP Router# configure terminal Router(config)# vtp transparent Setting device to VTP TRANSPARENT mode. Router(config)# end Router# VTP Router# show vtp status VTP Version : 2 Configuration Revision : 247 Maximum VLANs supported locally : 1005 Number of existing VLANs : 33 VTP Operating Mode : Transparent VTP Domain Name : Lab_Network VTP Pruning Mode : Enabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80 Configuration last modified by 0.0.0.0 at 8-12-99 15:04:49 Router# VTP VTP VTP VTP . Command Purp) ose Router# show vtp counter s Displays VTP statistics VTP Router# show vtp counters VTP statistics: Summary advertisements received Subset advertisements received Request advertisements received Summary advertisements transmitted Subset advertisements transmitted Request advertisements transmitted Number of config revision errors Number of config digest errors Number of V1 summary errors : : : : : : :

: : 7 5 0 997 13 3 0 0 0 VTP pruning statistics: Trunk Join Transmitted Join Received Summary advts received from non-pruning-capable device ---------------- ---------------- ---------------- ------------------Fa5/8 43071 42766 5 2.7 VLAN VLAN VLAN . VLAN physi cal LAN . LAN segment . VLAN IP subnetwork . , IP subnet VLAN . VLAN traffic route . LAN port VLAN membership port-by-port . VLAN Ranges Release 12.1(13)E Catalyst 6500 IEEE 8Mpps02.1Q 4096 VAN . VLAN . , . VLAN VLAN Trunking Protocol (VTP) . Extended-range VLAN VTP . network device extended-range VLAN . VLANs Range Usage Prop) agated by VTP 0, 4095 Reserved System . VLAN 1 Normal Cisco . VLAN

Yes 2-1001 Normal Ethernet VLANs ; VLANs , Yes 10021005 Normal Cisco FDDI Token Ring . VLANs 1002-1005 Yes 10064094 Extended Ethernet VLANs No VLAN range . Layer 3 LAN ports, WAN interfaces, subinterfaces VLAN . VLAN . Release 12.1(13)E VPN show vlan internal usage , show internal usage show cwan vlanss . Release 12.1(13)E internal VLAN (1006 ) intern al VLAN (4094 ) . 12.1EX 4096 VLAN inte rnal VLAN 1096 . Catalyst operating system switch VLAN 1006-1024 . VLAN 1006-1024 ,VLAL Catalyst software . VLAN VLAN 2 1001 . VLAN name VLAN type (Ethernet, FDDI, FDDI network entity title [NET], TrB RF, or TrCRF) VLAN state (active or suspended) Security Association Identifier (SAID) Bridge identification number for TrBRF VLANs Ring number for FDDI and TrCRF VLANs Parent VLAN number for TrCRF VLANs Spanning Tree Protocol (STP) type for TrCRF VLANs VLAN

Ethernet VLAN Parameter Default Range VLAN ID 1 1-4094 VLAN name "default" for VLAN 1 "VLANvlan_ID" for other Ethernet VLANs 802.10 SAID 10vlan_ID 100001-104094 MTU size 1500 1500-18190 Translational bridge 1 0 0-1005 Translational bridge 2 0 0-1005 VLAN state active active, suspend Pruning eligibility VLANs 2-1001 are pruning eligible; VLANs 1006-4094 are not pru ning eligible. FDDI VLAN Parameter Default Range VLAN ID 1002

1-1005 VLAN name "fddi-default" 802.10 SAID 101002 1-4294967294 MTU size 1500 1500-18190 Ring number 0 1-4095 Parent VLAN 0 0-1005 Translational bridge 1 0 0-1005 Translational bridge 2 0 0-1005 VLAN state active active, suspend Token Ring(TrCRF) VLAN Parameter Default Range VLAN ID 1003 1-1005 VLAN name "token-ring-default"

802.10 SAID 101003 1-4294967294 Ring Number 0 1-4095 MTU size VTPv1 default 1500 VTPv2 default 4472 1500-18190 Translational bridge 1 0 0-1005 Translational bridge 2 0 0-1005 VLAN state active active, suspend Bridge mode srb srb, srt ARE max hops 7 0-13 STE max hops 7 0-13 Backup CRF disabled disable; enable FDDI-Net VLAN Parameter Default Range VLAN ID 1004

1-1005 VLAN name "fddinet-default" 802.10 SAID 101004 1-4294967294 MTU size 1500 1500-18190 Bridge number 1 0-15 STP type ieee auto, ibm, ieee VLAN state active active, suspend Token Ring(TrBRF) VLAN Parameter Default Range VLAN ID 1005 1-1005 VLAN name "trnet-default" 802.10 SAID 101005 1-4294967294 MTU size VTPv1 1500; VTPv2 4472 1500-18190

Bridge number 1 0-15 STP type ibm auto, ibm, ieee VLAN state active active, suspend VLAN Supervisor engine redundancy nondefault VLAN data file . supervisor engine VTP file file_name . RPR+ redundancy VLAN database mode . RPR+ redundancy Global configuration mode . Extended-range VLAN global configuration mode . VLAN database mode extended-range VLAN . Cisco IOS end VLAN database mode . VLAN database mode Ctrl-Z . Catalyst 6500 series switch Token Ring FDDI media . FDDI,F DDI-Net, TrCRF, or TrBRF traffic VTP VLAN . Token Ring TrBRF logical interface( TrBRF TrCRF ) . The TrBRF is running the IBM STP, and the TrCRF is in SRT mode. The TrBRF is running the IEEE STP, and the TrCRF is in SRB mode. Redundant supervisor engine no vtp file . VLAN Catalyst 6500 VTP server mode VTP transparent mo de .

VLAN vlan.dat file . vlan.dat file VLAN database . VLAN VTP Catalyst 6500 Series Swit ch Cisco IOS Command Reference . vlan.dat file . Catalyst 6500 VTP FDDI Token Ring VLAN . TrCRF TrBRF . VLAN VLAN VLAN Configuration in Global Configuration Mode VTP server transparent mode global config-vlan configuration mod e VLAN . global config-vlan configuration mode VLAN VLAN vlan.dat fil e . VLAN show vlan . VLAN transparent mode copy running-config startup-config VLAN startup-config file . running-config startup-config show running-config show startup-config VLAN . VLAN Configuration in VLAN Database Mode VTP server transparent mode VLAN database mode VLAN . VLAN database mode VLAN VLAN vlan.dat VLAN show vlan . VLAN port membership mode , , interface configuration command m ode . running-config file show runnig-config file . VLAN User-configured VLAN 1 4094 ID VLAN . VLAN ID VLAN . VLAN VLAN VLAN .

Command Purp) ose Router# configure terminal or Router# vlan database Enters VLAN configuration mode. Router(config)# vlan vlan_ID{[-vla n_ID]|[,vlan_ID]) Router(config-vlan)# or Router(vlan)# vlan vlan_ID Ethernet VLAN , Ethernet VLANs , Ethernet VLANs comma list ( ). Router(config)# no vlan vlan_ID Router(config-vlan)# or Router(vlan)# no vlan vlan_ID VLAN Step) 3 Router(config-vlan)# end or Router(vlan)# exit Updates the VLAN database privileged EXEC mode Step) 4 Router# show vlan [id | name] vlan VLAN configuration Step) 1 Step) 2 Ethernet VLAN Releases 12.1(11b)E global configuration mode VLAN . Releases 12.1(11b)E extended-range VLAN . RPR+ redundancy VLAN database mode . Global configuration mo de RPR+ redundancy . Layer 3 port internal VLAN 1006 extended-ra nge VLAN 4094 . Extended-range VLAN global configuration mode . VLAN database

mode extended-range VLAN . Layer 3 port extended-range VLAN . VLAN Layer 3 port VLAN . VLAN VLAN : Ethernet VALN1 FDDI Token Ring V LANs 1002 1005. VLAN LAN port access port VLAN . port VLAN VLAN . global configuration mode Ethernet VLAN . Router# configure terminal Router(config)# vlan 3 Router(config-vlan)# end Router# show vlan id 3 VLAN Name Status Ports ---- -------------------------------- --------- --------------------------3 VLAN0003 active VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Tra ns2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ----3 enet 100003 1500 0 0 Primary Secondary Type Interfaces ------- --------- ----------------- --------------------------------------- VLAN database mode Ethernet VLAN . Router# vlan database Router(vlan)# vlan 3 VLAN 3 added: Name: VLAN0003 Router(vlan)# exit APPLY completed. Exiting.... . Router# show vlan name VLAN0003 VLAN Name Status Ports ---- -------------------------------- --------- --------------------3 VLAN0003 active VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- ------ -----3 enet 100003 1500 0 0 Router# Assigning a Layer 2 LAN Interface to a VLAN

Management domain VLAN VLAN LAN port . Configuration the Internal VLAN Allocation Policy Internal VLAN Release 12.1(13)E . Internal VLAN Step) 1 Step) 2 Command Purp) ose Router(config)# vlan internal allocation policy {ascending | descending} Internal VLAN Router(config)# no vlan inter nal allocation policy (ascending). Router(config)# end Configuration mode Internal VLAN Step) 3 Router# reload reload . reload maintenance window . Internal VLAN ascending keyword 1006 Internal VLAN . descending keyword 4094 Internal VLAN . internal VLAN descending . Mapping 802.1Q VLANs to ISL VLANs User-configurable ISL VLAN 1 1001 1006 4094 . IEEE 8Mpps0 2.1Q VLAN 1 4094 . ISL VLAN number 8Mpps02.1Q VLA N . 1 1001 1006 4094 8Mpps02.1Q VLAN ISL VLAN . 8Mpps02.1Q VLAN ISL VLAN Cisco network device VLAN .

ISL VLAN 8Mpps02.1Q VLAN mapping . Catalyst 6500 8Mpps 8Mpps02.1Q-to-ISL VLAN mapping . Ethernet-type Mapping ISL ISL VLAN 8Mpps02.1Q VLAN map . table 8Mpps02.1Q trunk VLAN . VLAN 8Mpps02.1Q VLAN map map ISL VLAN 8Mpps02.1Q VLA N traffic . , ISL VLAN 200 8Mpps02.1Q map 8Mpps02.1Q VLAN 200 traffic . VLAN mapping Catalyst 6500 . network device VLAN mapping . To map an 802.1Q VLAN to an ISL VLAN Command Purp) ose Router(config)# vlan mapping dot1q dot1q_vlan isl isl_vlan ILS Ethernet VANL 802.1Q VLAN map . dot1q_vlan 1001 4094 . The valid range for dot1q_vlan is 1001 to 4094. isl_vl an . Router(config)# no vlan mappi ng dot1q {all | dot1q_vlan} mapping Step) 2 Router(config)# end Configuration mode Step) 3 Router# show vlan VLAN mapping Step) 1 ISL VLAN 200 8Mpps02.1Q VLAN map . Router# configure terminal Router(config)# vlan mapping dot1q 1003 isl 200 Router(config)# end Router# . Router# show vlan <...output truncated...> 802.1Q Trunk Remapped VLANs: 802.1Q VLAN ISL VLAN --------------------1003 200 2.8 Layer 3 Interface

IP Routing and Address Policy Feature Card 2(PFC2) Distributed Feature Cards(DFCs) match ip address set ip next-hop keyword route-map policy-based routing(PBR) . Release 12.1(11b)E , PFC2 DFCs ip default next-hop PBR keyword . Multilayer Switch Feature Card 2(MSFC2) match set interface keyword route -map . Layer 3 interface IP routing IP address Command Purp) ose Step) 1 Router(config)# ip routing IP routing . (IP routing .) Step) 2 Router(config)# router ip_routing_protocol IP routing protocol . Step) 3 Router(config)# interface {vlan vlan_ID} | {ty pe1 slot/port} | {port-channel port_channel_num ber} Interface Step) 4 Router(config-if)# ip address ip_address subne t_mask Configures the IP address and IP subnet. Step) 5 Router(config-if)# no shutdown Enables the interface. Step) 6 Router(config-if)# end Exits configuration mode. Step) 7 Router# show interfaces [{vlan vlan_ID} | {typ e1 slot/port} | {port-channel port_channel_numb er}]

Router# show ip interfaces [{vlan vlan_ID} | { type1 slot/port} | {port-channel port_channel_n umber}] Router# show running-config interfaces [{vlan vlan_ID} | {type321 slot/port} | {port-channel port_channel_number}] Verifies the configuration 1. type = ethernet, fastethernet, gigabitethernet, tengigabitethernet, or ge-wan IP Routing information Protocol (RIP) routing . Router# configure terminal Enter configuration commands, one per line. Router(config)# ip routing Router(config)# router rip Router(config-router)# network 10.0.0.0 Router(config-router)# end Router# End with CNTL/Z. Fast Ethernet port 5/4 IP address . Router# configure terminal Enter configuration commands, one per line. End with CNT L/Z. Router(config)# interface fastethernet 5/4 Router(config-if)# ip address 172.20.52.106 255.255.255.2 48 Router(config-if)# no shutdown Router(config-if)# Router(config-if)# end Router# show interfaces Fast Ethernet port 5/4 IP address . Router# show interfaces fastethernet 5/4 FastEthernet5/4 is up, line protocol is up Hardware is Cat6K 100Mb Ethernet, address is 0050.f0ac.3058 (bia 0050 .f0ac.3058) Internet address is 172.20.52.106/29 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output never, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 7 packets input, 871 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 8 packets output, 1658 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Router#

show ip interface Fast Ethernet port 5/4 . Router# show ip interface fastethernet 5/4 FastEthernet5/4 is up, line protocol is up Internet address is 172.20.52.106/29 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Multicast reserved groups joined: 224.0.0.10 Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP CEF switching is enabled IP Fast switching turbo vector IP Normal CEF switching turbo vector IP multicast fast switching is enabled IP multicast distributed fast switching is disabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled WCCP Redirect outbound is disabled WCCP Redirect exclude is disabled BGP Policy Mapping is disabled IP multicast multilayer switching is disabled IP mls switching is enabled Router# show running-config Fast Ethernet port 5/4 interface IP address . Router# show running-config interfaces fastethernet 5/4 Building configuration... Current configuration: ! interface FastEthernet5/4 description "Router port" ip address 172.20.52.106 255.255.255.248 no ip directed-broadcast ! IPX Routing and Network Numbers Internetwork Packet Exchange(IPX) routing Layer 3 interface IPX Command Purp) ose Step) 1 Router(config)# ipx routing IPX routing

Step) 2 Router(config)# router ipx_rout ing_protocol IP routing protocol . network route network . Step) 3 Router(config)# interface {vlan vlan_ID} | {type1 slot/port} | {port-channel port_channel_numb er} Interface Step) 4 Router(config-if)# ipx network [network | unnumbered] encapsul ation encapsulation_type IPX network number . Interface IPX routing . IPX routing encapsulation type . Step) 5 Router(config-if)# no shutdown Interface Step) 6 Router(config-if)# end Configuration mode Step) 7 Router# show interfaces [{vlan vlan_ID} | {type1 slot/port} | {port-channel port_channel_numb er}] Router# show ipx interfaces [{v lan vlan_ID} | {type1 slot/port} | {port-channel port_channel_nu mber}] Router# show running-config int erfaces [{vlan vlan_ID} | {type1 slot/port} | {port-channel por t_channel_number}] Configuration 1. type = ethernet, fastethernet, gigabitethernet, tengigabitethernet, or ge-wan IPX routing IPX interface VLAN 100 network address . Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ipx routing Router(config)# ipx router rip Router(config-ipx-router)# network all Router(config-ipx-router)# interface vlan 100 Router(config-if)# ipx network 100 encapsulation snap Router(config-if)# no shutdown Router(config-if)# end Router# copy running-config startup-config

AppleTalk Routing, Cable Ranges, and Zones Global configuration mode AppleTalk routing Command Purp) ose Step) 1 Router(config)# appletalk routing AppleTalk routing Step) 2 Router(config)# interface {vlan vlan_ID} | {type1 slo t/port} | {port-channel port_channel_number} Interface Step) 3 Router(config-if)# appletalk cable-range cable_range Interface cable range Step) 4 Router(config-if)# appletalk zone zone_name Interface zone name Step) 5 Router(config-if)# no shutdown Interface Step) 6 Router(config-if)# end Configuration mode Step) 7 Router# show interfaces [{vlan vlan_ID} | {type1 slot /port} | {port-channel port_channel_number}] Router# show appletalk interfaces [{vlan vlan_ID} | { type1 slot/port} | {port-channel port_channel_number} ] Router# show running-config interfaces [{vlan vlan_ID } | {type1 slot/port} | {port-channel port_channel_nu mber}] Configuration 1. type = ethernet, fastethernet, gigabitethernet, tengigabitethernet, or ge-wan AppleTalk routing AppleTalk cable-range interface VLAN 100 zone name . Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# appletalk routing Router(config)# interface vlan 100 Router(config-if)# appletalk cable-range 100-100 Router(config-if)# appletalk zone Engineering Router(config-if)# no shutdown Router(config-if)# end

Router# copy running-config startup-config 2.9 EtherChannels EtherChannel Feature Overview EtherChannel logical link physical link 8Mpps bandwidth Ethernet link . Catalyst 6500 64 EtherChannels (256 with Release 12.1(2) an d earlier). Catalyst 6500 module LAN port 8Mpps EtherChannel . EtherChannel LAN Prot Layer 2 Layer 3 L AN port . EtherChannels EtherChnnel Configuration Overview EtherChannel Release 12.1(13)E Port Aggregation Control Protocol (PAgP), EtherChannels Link Aggregation Control Protocol(LACP) . Et herChannel protocol network device dynamic negotiation EtherChannel . PAgP Cisco-proprietary protocol LACP IEEE 8Mpps0 2.3ad . PAgP LACP . PAgP Port LCAP EtherChannel . LACP port PAgP port EtherChann el . EtherChannel Modesl Mode Descrip) tion on LAN port channel mode. On mode , on mode LAN port group o n mode LAN port group EtherChannel . port on mode , port negotiation traffic . EtherChannel protocol on mode . auto PAqP mode LAN port, port PAqP packet . PAqP n egotiation .( ) desirable PAqP mode LAN port, port LAN port PAqP packet negotiatio n . p) assive LACP mode port, port LACP packet . LACP negotiation .( ) active LACP mode port, port port LACP packet negotiation

. Configuring port Channel Logical Interfaces for Layer 3 Eth erChannels Layer 3 EtherChnnel port channel interface Command Purp) ose Router(config)# interface port-channel number Port channel interface Router(config)# no interface port-chan nel number Port channel interface Step) 2 Router(config-if)# ip address ip_addre ss mask EtherChannel IP address and subnet mask Step) 3 Router(config-if)# end Configuration mode Step) 4 Router# show running-config interface port-channel number Configuration Step) 1 Port channel interface group number . of 64 port channel interfaces Release 12.1(5)E and later1 through 256, up to a maximum Releases 12.1(4)E1, 12.1(3a)E4, and 12.1(3a)E31 through 64 Release 12.1(2)E and earlier1 through 256 port channel interface 1 . Router# configure terminal Router(config)# interface port-channel 1 Router(config-if)# ip address 172.32.52.10 255.255.255.0 Router(config-if)# end

channel interfaceinterface 1 . Router# show port running-config port-channel 1 Building configuration... Current configuration: ! interface Port-channel1 ip address 172.32.52.10 255.255.255.0 no ip directed-broadcast end Router# Channel Groups Channel groups , LAN port Command Purp) ose Step) 1 Router(config)# interface typ e1 slot/port LAN port Step) 2 Router(config-if)# no ip addr ess LAN port no IP address Router(config-if)# channel-pr otocol (lacp | pagp} (Optional) LAN port Channel-protocol EtherChannel protocol channel-grou p Router(config-if)# no channel -protocol Router(config-if)# channel-gr oup number mode {active | aut o | desirable | on | passive} Port channel LAN port mode . PAgP auto mode . LACP active passive mode . Router(config-if)# no channel -group Channel group LAN port Router(config-if)# lacp portpriority priority_value (Optional for LACP) 1 65535 . . 32768 . Router(config-if)# no lacp po rt-priority

Step) 6 Router(config-if)# end Configuration mode Step) 7 Router# show running-config i nterface type1 slot/port Router# show interfaces type1 slot/port etherchannel Configuration Step) 3 Step) 4 Step) 5 type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet PAgP mode desirable port channel Fast Ethernet ports 5/6 5/7 . Router# configure terminal Router(config)# interface range fastethernet 5/6 -7 Router(config-if)# channel-group 2 mode desirable Router(config-if)# end port channel interface 2 . Router# show running-config interface port-channel 2 Building configuration... Current configuration: ! interface Port-channel2 no ip address switchport switchport access vlan 10 switchport mode access end Router# fast Ethernet 5/6 . Router# show running-config interface fastethernet 5/6 Building configuration... Current configuration: ! interface FastEthernet5/6 no ip address switchport switchport access vlan 10 switchport mode access channel-group 2 mode desirable end Router# show interfaces fastethernet 5/6 etherchannel Port state = Down Not-in-Bndl Channel group = 12 Mode = Desirable-Sl Gcchange = 0 Port-channel = null GC = 0x00000000 Pseudo port-channel = Po1 2 Port index = 0 Load = 0x00 Protocol =

PAgP Flags: te. S - Device is sending Slow hello. C - Device is in Consistent sta A - Device is in Auto mode. P - Device learns on physical p ort. d - PAgP is down. Timers: H - Hello timer is running. S - Switching timer is running. Q - Quit timer is running. I - Interface timer is running. Local information: Port x Fa5/2 Flags State d U1/S1 Timers Hello Partner PAgP Interval Count Priority 1s 0 128 Age of the port in the current state: 04d:18h:57m:19s Learning Group Method Ifinde Any 0 port channel interface 2 LAN port . Router# show etherchannel 12 port-channel Port-channels in the group: ---------------------Port-channel: Po12 -----------Age of the Port-channel = 04d:18h:58m:50s Logical slot/port = 14/1 Number of ports = 0 GC = 0x00000000 HotStandBy port = null Port state = Port-channel Ag-Not-Inuse Protocol = PAgP Router# LACP System Priority System ID LACP system ID LACP system priority value MAC address .

LACP system priority system Command Purp) ose Router(config)# lacp syst em-priority priority_valu e (Optional for LACP) 1 65535 . . 32768 . Router(config)# no lacp s ystem-priority Step) 2 Router(config)# end Configuration mode Step) 3 Router# show lacp sys-id Configuration Step) 1 LACP system priority . Router# configure terminal Router(config)# lacp system-priority 23456 Router(config)# end Router(config)# . Router# show lacp sys-id 23456,0050.3e8d.6400 Router# System priority , MAC address . Ether Channel Load Balancing EtherChannel load balancing Command Purp) ose Router(config)# port-channel load-balance {src-m ac | dst-mac | src-dst-mac | src-ip | dst-ip | s rc-dst-ip | src-port | dst-port | src-dst-port} EtherChannel load-balanci ng Router(config)# no port-channel load-balance EtherChannel load-balanci ng Step) 2 Router(config)# end Configuration mode Step) 3 Router# show etherchannel load-balance

Configuration Step) 1 Load-balancing keyword . With a PFC2: src-p) ortSource Layer 4 port dst-p) ortDestination Layer 4 port src-dst-p) ortSource and destination Layer 4 port With a PFC or PFC2: src-ip) Source IP addresses dst-ip) Destination IP addresses src-dst-ip) Source and destination IP addresses src-macSource MAC addresses dst-macDestination MAC addresses src-dst-macSource and destination MAC addresses source destination IP address EtherChannel . Router# configure terminal Router(config)# port-channel load-balance src-dst-ip Router(config)# end Router(config)# . Router# show etherchannel load-balance Source XOR Destination IP address Router# 2.10 IEEE 802.1Q Tunneling 802.1Q Tunnel VLAN VLAN . VLAN . Tunnel . 8Mpps02.1q tagging VLAN( ) . 802.1Q Tunnel 8Mpps02.1q . 8Mpps02.1q tagged frame 2Byte Ethernet Filed 2Byte CoS VL AN . VLAN . . VLAN 8Mpps02.1q .

2Byte Ethernet Filed 2Byte CoS VLAN 802.1q tagged frame . Untagged, 8Mpps02.1q-tagged, double-tagged Etherenet Frame. Layer3 . . mac-layer . Native VLAN VLAN CDP Native VLAN mismatch . 8Mpps02.1q Native VLAN , . DTP(Dyanmic Trunking Protocol) . Dynamic . 8Mpps02.1q PVLAN(Private VLAN) . VTP(VLAN Trunk Protocol) . server mode, transparent mode, client mode . . . VLAN . Trunk Native VLAN . Native VLAN , native VLAN tag . vlan dot 1q tag native . CDP

UDLD( UniDirectional Link Detection ) PAgP( Port Aggregation Protocol) LACP(Link Aggregation Protocol) 12.1(13)E BPDU Filtering . CDP . Router(config-if)# no cdp enable 802.1Q Tunneling Layer2 . Step 1 edge switch PortFast BPDU filtering . Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# spanning-tree portfast Step 2 VLAN Native VLAN tagging(vlan dot1q tag native option) . VLAN vlan dot1q tag native option . Step 3 core switch tag native VLAN traffic drop untagged native VLAN traffic . Step 4 customer switch vlan dot1q tag native option 802.1Q Tunnel Ports Port 802.1Q tunneling Command Purp) ose Router(config)# interface type1 slot/port LAN Router(config-if)# switch port Configures the LAN port for Layer 2 switching: You must enter the switchp) ort command once without any keywords to configure the LAN port a s a Layer 2 interface before you can enter additio nal switchp) ort commands with keywords. Required only if you have not entered the switch p) ort command already for the interface. Router(config-if)# switch port mode dot1qtunnel Configures the Layer 2 port as a tunnel port. Router(config-if)# no swi tchport mode dot1qtunnel Clears the tunnel port configuration. Step) 4 Router(config-if)# end Exits configuration mode.

Step) 5 Router# show dot1q-tunnel [{interface type interface-number}] Verifies the configuration. Step) 1 Step) 2 Step) 3 port 4/1 tunneling . Router# configure terminal Router(config)# interface fastethernet 4/1 Router(config-if)# switchport mode dot1qtunnel Router(config-if)# end Router# show dot1q-tunnel interface Tag Native VLAN Traffic Switch Vlan dot1q tag native tag native VLNA traffic switch global command 8Mpps02.1Q trunk 8Mpps02.1Q tagged frames . untagged traffic native VLA N untagged traffic . Native VLAN tag traffic switch Command Purp) ose Router(config)# vlan dot1q tag native Configures the switch to tag native VLAN traffic. Router(config)# no vlan dot1q tag nat ive Clears the configuration. Step) 2 Router(config)# end Exits configuration mode. Step) 3 Router# show vlan dot1q tag native Verifies the configuration. Step) 1 switch tag native VLAN traffic . Router# configure terminal Router(config)# vlan dot1q tag native Router(config)# end Router# show vlan dot1q tag native Layer 2 Protocol Tunneling Port Layer 2 protocol tunneling Command Purp) ose Router(config)# interface typ e1 slot/port

Selects the LAN port to configure. Router(config-if)# switchport Configures the LAN port for Layer 2 switching: You must enter the switchp) ort command once with out any keywords to configure the LAN port as a Lay er 2 interface before you can enter additional switch p) ort commands with keywords. Required only if you have not entered the switchp) o rt command already for the interface. Router(config-if)# l2protocol -tunnel [cdp | drop-threshold [packets] | shutdown-threshol d [packets] | stp | vtp] Configures the Layer 2 port as a Layer 2 protocol tun nel port for the protocol(s) specified. Router(config-if)# no l2proto col-tunnel [cdp | drop-thresh old | shutdown-threshold | st p | vtp] Clears the configuration. Step) 4 Router(config)# end Exits configuration mode. Step) 5 Router# show l2protocoltunnel [interface type1 slot/port | summary] Verifies the configuration. Step) 1 Step) 2 Step) 3 type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet Layer 2 protocol tunneling CDP, STP, VTP port 5/1 shutdown threshold . Router# configure terminal Router(config)# interface fastethernet 5/1 Router(config-if)# switchport Router(config-if)# l2protocol-tunnel shutdown-threshold cdp 10 Router(config-if)# l2protocol-tunnel shutdown-threshold stp 10 Router(config-if)# l2protocol-tunnel shutdown-threshold vtp 10 Router(config-if)# end Router# show l2protocol-tunnel summary Port Protocol Threshold (cos/cdp/stp/vtp) ---------------------------------------Fa5/1 cdp stp vtp 0/10 /10 /10 down trunk Router# port 5/1 counter . Router# show l2protocol-tunnel interface fastethernet 5/1 Port Protocol Threshold

Counters (cos/cdp/stp/vtp) (cdp/stp/vtp/decap) -------------------------------------------------------------Router# port 5/1 Layer 2 tunneling . Router(config-if)# no l2protocol-tunnel shutdown-threshold cdp 10 Router(config-if)# no l2protocol-tunnel shutdown-threshold stp 10 Router(config-if)# no l2protocol-tunnel shutdown-threshold vtp 10 Router(config-if)# no l2protocol-tunnel cdp Router(config-if)# no l2protocol-tunnel stp Router(config-if)# no l2protocol-tunnel vtp Router(config-if)# end Router# show l2protocol-tunnel summary Port Protocol Threshold (cos/cdp/stp/vtp) ---------------------------------------Router# clear Layer 2 protocol tunneling port counter . Router# clear l2protocol-tunnel counters Router# 2.11 STP(Spanning Tree Protocol) 2.11.1 STP Bridging Loops PC1 PC4 data Switch A Switch B PC1 MAC PC1 Frame Address Table . PC4 Switch Port Switch A 2/1 Port Switch B 2/1 Port Switch B Switch A Switch Table PC4 PC1 Switch PC1, PC4 Bridging Loop Bridge ID Loop Root Bridge Bridge ID .

bridge priority extended system ID, STP MAC address . VLAN 64-bit bridge ID . Bridge Priority 12.1.8MppsaE 4bit 16bit .. . Bridge Priority Value Bit 16 Bit 15 Bit 14 Bit 13 Bit 12 Bit 11 Bit 10 Bit 9 Bit 8 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 32768

16384 8192 4096 2048 1024 512 256 128 64 32 16 8 4 2 1 Extended System ID 12.1.8MppsaE Bridge Priority 4bit , 12bit System ID . VLAN ID( 1 ~ 4094 ) Extended system ID Bridge Priority Value Extended System ID (Set Equal to the VLAN ID) Bit 16 Bit 15 Bit 14 Bit 13 Bit 12 Bit 11 Bit 10 Bit 9 Bit 8

Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 32768 16384 8192 4096 2048 1024 512 256 128 64 32 16 8 4 2 1 Mac Address 64bit Bridge Priority Extended System ID 12bit 48Mppsbit MAC Address . VLAN ID( 1 ~ 4094 ) Extended system ID Bridge Protocol Data Unit STP BPDU .

Switch Switch Port MAC Source STP multicast mac 01-8Mpps0-C2-00-00-00 Destination BPDU . BPDU Configuration BPDU : STP Topology Change Notification(NCN) BPDU : Network Topology BPDU Spanning Tree . BPDU Root bridge BPDU . Configuration BPDU . BPDU . Root bridge Bridge ID Root bridge STP Path Cost Bridge ID Message age Identifier hello, forward delay, max-age protocol timer LAN BPDU . . BPDU . BID Root bridge .

Root bridge . LAN segment designated bridge . root bridge . RP(Root Port) . RP Root bridge . Root Bridge Electing a Root Ports Root Bridge Port Cost 0 Electing Designated Ports Root Bridge Port Designated Port . Root Port Designate Port Priority Bridge ID Desig nated Port . Switch B MAC Switch B P ort Designated Port 2.11.2 STP STP STP . . Blocking : Port Blocking Bridge Loop Data MAC Table . BPDU . Listening : Switch Root Port Designated Port Blocking Listenin g . Blocking Data Frame MAC Table BPD U STP Process . Learning : BPDU MAC Table Root bridge . Forwarding : Data Frame MAC Table BPDU . , Switch Port STP Topology .

Disabled : Data Frame MAC Table BPDU . , Switch Port STP Topology . . Blocking State Blocking . BPDU Root BPDU Blocking . BPDU Blocking .. MAC address . Listening State Listening . Listening . BPDU Listening . mac address . Learning State Learning . Learning . BPDU Learning . mac address . Forwarding State

Forwarding . Forward . BPDU Forwarding . mac address . Disabled State Shut down . STP Timers Hello Time : Root Bridge Configuration BPDU Root Bridge . 8Mpps02.1q 2 . Forwarding Delay : Listening Learning 15 . Maximum Age : BPDU , Maximum Age . STP Type Common Spanning Tree( CST ) 8Mpps02.1q VLAN STP BPDU VLAN1 Managed VLAN CST STP CPU , Redundant Link Load Balancing . Per VLAN Spanning Tree Plus(PVST+) CST STP STP

VLAN Redundant Link Load Balancing CST . 2.11.2 STP Design Root Bridge Root Bridge . Root Bridge , . . Root Bridge Root Bridge . Default Root Bridge . Root Bridge Root Bridge BID A . Root Bridge . A Root Access Layer . Root Bridge Distribution Layer Core Layer . Switch B Data Switch A Switch G Data . 2.11.3 STP Default STP Catalyst6500 Spanning Tree Protocol .

Default Tie Breaker Mac Address . Feature Default Value Enable state VLAN STP Bridge priority 32768 STP port priority (configurable on a per-port basisused on LAN ports configured as Layer 2 access ports) 128 STP port cost (configurable on a per-port basisused on LAN ports configured as Layer 2 access ports) STP VLAN port priority (configurable on a per-VLAN basisused on LAN ports configured as Layer 2 trunk ports) STP VLAN port cost (configurable on a per-VLAN basisused on LAN ports configured as Layer 2 trunk ports) 10-Gigabit Ethernet: 2 Gigabit Ethernet: 4 Fast Ethernet: 19 Ethernet: 100 128 10-Gigabit Ethernet: 2 Gigabit Ethernet: 4 Fast Ethernet: 19 Ethernet: 100 Hello time 2 Forward delay time 15 Maximum aging time 20 Mode PVST STP STP VLAN . STP VLAN , VLAN STP . Loop STP , Loop .

show running , . Command Purp) ose Router(config)# spanning-tree vlan vlan _ID VLAN STP vlan_ID 1 ~ 4094 , (reserved VLAN ) Router(config)# default spanning-tree v lan vlan_ID STP parameter . Router(config)# no spanning-tree vlan v lan_ID VLAN STP . Loop Step) 2 Router(config)# end configuration mode Step) 3 Router# show spanning-tree vlan vlan_ID VLAN STP Step) 1 Router# configure terminal Router(config)# spanning-tree vlan 200 Router(config)# end Router# Router# show spanning-tree vlan 200 VLAN0200 Spanning tree enabled protocol ieee Root ID Priority 32768 Address 00d0.00b8.14c8 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID Priority 32768 Address 00d0.00b8.14c8 Hello Time 2 sec Max Age 20 sec Aging Time 300 Interface ---------------Fa4/4 Fa4/5 Router# Role

---Desg Back Sts --FWD BLK Cost --------200000 200000 Prio.Nbr -------128.196 128.197 Forward Delay 15 sec Forward Delay 15 sec Status --------------------------P2p P2p Extended System ID Catalyst 6500 1024 VLAN . 1 ~ 4094 VLAN Number Extended System ID . Command Purp) ose Router(config)# spanning-tree ext end system-id extended system ID VLAN 1 ~ 4094 Router(config)# no spanning-tree extend system-id extended system ID Step) 2 Router(config)# end configuration mode Step) 3 Router# show spanning-tree vlan v lan_ID VLAN STP Step) 1 Router# configure terminal Router(config)# spanning-tree extend system-id Router(config)# end Router# Router# show spanning-tree summary | include Extended Extended system ID is enabled.

Root Bridge Bridge ID Root Bridge . Root Bridge spannig-tree vlan vlan_ID root . Extended System ID 32768Mpps 8Mpps192 . 8Mpps192 8Mpps000 1 7999 . Extended Sytstem ID 24576 . 24576 1000 4096 2048Mpps0 . 1 Root . Diameter STP Hop . STP Timer . 7 . Step) 1 Step) 2 Command Purp) ose Router(config)# spanning-tree vlan vlan_ID root primary [di ameter hops [hello-time secon ds]] root bridge vlan_ID 1 ~ 4094 Router(config)# no spanning-t ree vlan vlan_ID root root bridge Router(config)# end configuration mode Router# configure terminal Router(config)# spanning-tree vlan 10 root primary diameter 4 Router(config)# end Router# Secondary Root Bridge Step) 1 Step) 2 Default Bridge Priority 32768Mpps , secondary root .

Extended System ID 1638Mpps4 Extended System ID 28Mpps672 . Command Purp) ose Router(config)# [no] spanning -tree vlan vlan_ID root secon dary [diameter hops [hello-ti me seconds]] secondary root bridge vlan_ID 1 ~ 4094 Router(config)# no spanning-t ree vlan vlan_ID root root bridge Router(config)# end configuration mode Router# configure terminal Router(config)# spanning-tree vlan 10 root secondary diameter 4 Router(config)# end Router# STP Port Priority Loop Tie Breaker 128Mpps . 0 ~ 240 , 16 . Command Purp) ose Router(config)# interface {{type slot/port} | {port-channel port_channel_number}} Router(config-if)# spanning-tree port-priori ty port_priority port priority port_priority 1 252 4 Router(config-if)# no spanning-tree port-pri ority default port priority Router(config-if)# spanning-tree vlan vlan_I D port-priority port_priority VLAN port priority port_priority 1 252 4

Router(config-if)# [no] spanning-tree vlan v lan_ID port-priority default VLAN port priority default port priority Step) 4 Router(config-if)# end configuration mode Step) 5 Router# show spanning-tree interface {type s lot/port} | {port-channel port_channel_numbe r} Router# show spanning-tree vlan vlan_ID Step) 1 Step) 2 Step) 3 Router# configure terminal Router(config)# interface fastethernet 4/4 Router(config-if)# spanning-tree port-priority 160 Router(config-if)# end Router# Router# show spanning-tree interface fastethernet 4/4 Vlan Role Sts Cost Prio.Nbr Status ---------------- ---- --- --------- -------- ------------------------------VLAN0001 Back BLK 200000 160.196 P2p VLAN0006 Back BLK 200000 160.196 P2p ... VLAN0198 Back BLK 200000 160.196 P2p VLAN0199 Back BLK 200000 160.196 P2p VLAN0200 Back BLK 200000 160.196 P2p Router# fastethernet 4/4 VLAN Priority . Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface fastEthernet 4/4 Router(config-if)# spanning-tree vlan 200 port-priority 64 Router(config-if)# ^Z Router# Router# show spanning-tree interface fastethernet 4/4 Vlan Role Sts Cost Prio.Nbr Status ---------------- ---- --- --------- -------- ------------------------VLAN0001 Back BLK 200000 160.196 P2p VLAN0006 Back BLK 200000

160.196 P2p ... VLAN0199 Back BLK 200000 160.196 P2p VLAN0200 Desg FWD 200000 64.196 P2p Router# Router# show spanning-tree vlan 200 interface fastEthernet 4/4 Interface Role Sts Cost Prio.Nbr Status ---------------- ---- --- --------- -------- ------------------------Fa4/4 Desg LRN 200000 64.196 P2p STP Port Cost Loop Tie Breaker . 0 ~ 2000000000 , Tie Breaker Number , Number . Command Purp) ose Router(config)# interface {{type slot/port} | {port-channel port_c hannel_number}} . Router(config-if)# spanning-tree cost port_cost port_cost 1 ~ 200000000 Router(config-if)# no spanning-tr ee cost cost Step) 3 Router(config-if)# [no] spanningtree vlan vlan_ID cost port_cost VLAN port_cost 1 ~ 200000000 Step) 4 Router(config-if)# no spanning-tr ee vlan vlan_ID cost VLAN port cost Step) 5 Router(config-if)# end configuration mode Step) 6

Router# show spanning-tree interf ace {type slot/port} | {port-chan nel port_channel_number} show spanning-tree vlan vlan_ID Step) 1 Step) 2 Router# configure terminal Enter configuration commands, one per line. Router(config)# interface fastEthernet 4/4 Router(config-if)# spanning-tree cost 1000 Router(config-if)# ^Z Router# End with CNTL/Z. Router# show spanning-tree interface fastEthernet 4/4 Vlan Role Sts Cost Prio.Nbr Status ---------------- ---- --- --------- -------- --------------------VLAN0001 Back BLK 1000 160.196 P2p VLAN0006 Back BLK 1000 160.196 P2p VLAN0007 Back BLK 1000 160.196 P2p VLAN0008 Back BLK 1000 160.196 P2p VLAN0009 Back BLK 1000 160.196 P2p VLAN0010 Back BLK 1000 160.196 P2p Router fastethernet 4/4 VLAN Cost . Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface fastEthernet 4/4 Router(config-if)# spanning-tree vlan 200 cost 2000 Router(config-if)# ^Z Router# Router# show spanning-tree vlan 200 interface fastEthernet 4/4 Interface Role Sts Cost Prio.Nbr Status ---------------- ---- --- --------- -------- --------------------Fa4/4 Desg FWD 2000 64.196 P2p VLAN Bridge Priority , root primary root secondary . Command Purpose

Router(config)# spanning-tree vlan vla n_ID priority bridge_priority VLAN bridge priority 1 6553 5 Router(config)# no spanning-tree vlan vlan_ID priority . Step 2 Router(config)# end configuration mode Step 3 Router# show spanning-tree vlan vlan_I D bridge [detail] Step 1 Extended System ID , . Command Purpose Router(config)# [no] spanning-tree vla n vlan_ID priority {0 | 4096 | 8192 | 12288 | 16384 | 20480 | 24576 | 28672 | 32768 | 36864 | 40960 | 45056 | 4915 2 | 53248 | 57344 | 61440} Extended sytem ID VLA N bridge priority 4096 Router(config)# no spanning-tree vlan vlan_ID priority default bridge priority Step 2 Router(config)# end Configuration mode Step 3 Router# show spanning-tree vlan vlan_I D bridge [detail] Step 1 Router# configure terminal Router(config)# spanning-tree vlan 200 priority 33792 Router(config)# end Router# Router# show spanning-tree vlan 200 bridge Hello Max Fwd Vlan Bridge ID Time Age Delay

ol ---------------- -------------------- ---- ---- ----VLAN200 33792 0050.3e8d.64c8 2 20 15 Router# Protoc -----ieee Hello Time , root primary root secondary . Command Purpose Router(config)# spanning-tree vlan vlan_ID hello-time hello _time VLAN hello time hello_time 1 ~ 10 vlan_ID 1 ~ 4094 Router(config)# no spanning-t ree vlan vlan_ID hello-time default hello time Step 2 Router(config)# end configuration mode Step 3 Router# show spanning-tree vl an vlan_ID bridge [detail] Step 1 Router# configure terminal Router(config)# spanning-tree vlan 200 hello-time 7 Router(config)# end Router# Router# show spanning-tree vlan 200 bridge Hello Max Fwd Vlan Bridge ID Time Age Delay ---------------- -------------------- ---- ---- ----VLAN200 49152 0050.3e8d.64c8 7 20 15 Router# Protocol -------ieee

Forward-Delay Time 15 , . Command Purpose Router(config)# spanning-tr ee vlan vlan_ID forward-tim e forward_time VLAN forward time hello_time 4 ~ 30 vlan_ID 1 ~ 4094 Router(config)# no spanning -tree vlan vlan_ID forwardtime default forward time Step 2 Router(config)# end configuration mode Step 3 Router# show spanning-tree vlan vlan_ID bridge [detai l] Step 1 Router# configure terminal Router(config)# spanning-tree vlan 200 forward-time 21 Router(config)# end Router# Router# show spanning-tree vlan 200 bridge Hello Max Fwd Vlan Bridge ID Time Age Delay ---------------- -------------------- ---- ---- ----VLAN200 49152 0050.3e8d.64c8 2 20 21 Router# Protocol -------ieee Maximum Aging Time 20 , . Command Purpose Router(config)# spanning-tree vlan vlan_ID max-age max_age VLAN maximum aging time hello_time 6 ~ 40

vlan_ID 1 ~ 4094 Router(config)# no spanning-t ree vlan vlan_ID max-age default maximum aging time Step 2 Router(config)# end configuration mode Step 3 Router# show spanning-tree vl an vlan_ID bridge [detail] Step 1 Router# configure terminal Router(config)# spanning-tree vlan 200 max-age 36 Router(config)# end Router# Router# show spanning-tree vlan 200 bridge Hello Max Fwd Vlan Bridge ID Time Age Delay ---------------- -------------------- ---- ---- ----VLAN200 49152 0050.3e8d.64c8 2 36 15 Router# Protocol -------ieee BPDU Filtering Spanning Tree , BPDU BPDU Filtering . Command Purp) ose Step) 1 Router(config)# interface fas tEthernet 4/4 Step) 2 Router(config-if)# spanning-t ree bpdufilter enable BPDU filtering Step) 3 Router# show spanning-tree in terface fastEthernet 4/4

Router(config)# interface fastEthernet 4/4 Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# ^Z Router# show spanning-tree interface fastEthernet 4/4 Vlan Role Sts Cost Prio.Nbr Status ---------------- ---- --- --------- -------- -----------------------------VLAN0010 Desg FWD 1000 160.196 Edge P2p Router# show spanning-tree interface fastEthernet 4/4 detail Router# show spanning-tree interface fastEthernet 4/4 detail Port 196 (FastEthernet4/4) of VLAN0010 is forwarding Port path cost 1000, Port priority 160, Port Identifier 160.196. Designated root has priority 32768, address 00d0.00b8.140a Designated bridge has priority 32768, address 00d0.00b8.140a Designated port id is 160.196, designated path cost 0 Timers:message age 0, forward delay 0, hold 0 Number of transitions to forwarding state:1 The port is in the portfast mode by portfast trunk configuration Link type is point-to-point by default Bpdu filter is enabled BPDU:sent 0, received 0 Router# 2.12 3 3 Hardware Layer 3 switching MSFC2 PFC2 DFC IP wire-speed . Hardware Layer 3 switching MFSC2 PBR(policy-based routing) Hardware access control list(ACL) switchin g TCP , WCCP, SLB(server load balencing) Hardware NetFow swit ching IP unicast Hardware CEF switching PFC2 Hardware Layer 3 switching DFC MSFC2 Layer 3 Hardware Layer 3 switching , rewrite . 6500 rewrite . Hardware Layer 3 switching Layer 3 flow , Net flow Data Export(NDE) . Layer 3 Switched Packet Rewrite Layer 3 6500 MSFC2 rewrite . write 5 Layer 2 (MAC) destination address Layer Layer 3 IP Time to Live(TTL) Layer

2 (MAC) source address 3 checksum Layer 2 (MAC) checksum (also called the frame checksum or FCS) . A B A B MS FC2 . Layer 3 switching , Layer 2 rewrite . Layer 2 B Layer 2 , Layer 2 IP unicast IP multicast , Layer 3 TTL 1 Layer 3 ch ecksum . Layer 2 checksum , rewrite B . IP 2 3 IP TTL MSFC2 MAC MAC B IP A IP n 1 FCS FCS IP 2 3 IP TTL B MAC

MSFC2 MAC B IP A IP n-1 1 Layer 3 Switched Packet Rewrite . A Sales VLAN(IP 171.59.1.0), B Marketing VLAN(IP 171.59.3.0), C Engineering VLAN (IP 171.59.2.0) . A HTTP C , Hardware Layer 3 switching forwardin g information base(FIB) . 3 Default Hardware 3 3 enable enable(disable ) MFSC2 IOS CEF enable enable(disable ) MFSC2 IOS dCEF enable enable(disable ) IGMP enable MSFC2 disable MFSC2 PIM IP 3 IP PIM enable eable RPR Trigger Layer 3 Switching PFC2 16 HSRP . disable Hardware Layer 3 switching encapsulation . Ethernet V2.0(ARPA) 802.3 with 802.2 with 1 byte control(SAP1) 802.3 with 802.2 and SNAP Hardware Layer 3 Switching PFC2, MSFC2 DFC Supervisor Engine 2 Hardware Layer 3 switchin

g . Layer 3 3 Command Purp) ose Router# show interface {{type1 slot/port} | {p) ort-channel number}} | begin L3 3 Type=ethernet, fastethernet, gigabitethernet,tengigabitethernet Router# show interface fastethernet 3/3 | begin L3 L3 in Switched: ucast: 0 pkt, 0 bytes - mcast: 12 pkt, 778 bytes mc ast L3 out Switched: ucast: 0 pkt, 0 bytes - mcast: 0 pkt, 0 bytes 4046399 packets input, 349370039 bytes, 0 no buffer Received 3795255 broadcasts, 2 runts, 0 giants, 0 throttles < ...> Router# IOS CEF dCEF MSFC2 enable . 3 . 3 3 VLAN . Command Purp) ose Router# show interfaces {{type1 slot/port} | {p) ort-channel number}} 3 . Router# show interfaces gigabitethernet 9/5 | include Switched L2 Switched: ucast: 8199 pkt, 1362060 bytes - mcast: 6980 pkt, 371952 bytes L3 in Switched: ucast: 0 pkt, 0 bytes - mcast: 0 pkt, 0 bytes mcast L3 out Switched: ucas t: 0 pkt, 0 bytes - mcast: 0 pkt, 0 bytes adjacency Command Purp) ose Router# show adjacency [{{type1 slot/port} | {p) ort-channel number}} | detail | internal | summary] adjacency detail Router# show adjacency gigabitethernet 9/5 detail Protocol Interface Address IP GigabitEthernet9/5 172.20.53.206(11) 504 packets, 6110 bytes 00605C865B82 000164F83FA50800 ARP 03:49:31 2.13 Network Security

ACL Access MFSC default ICMP unreachable . ACL drop ICMP CPU no ip unreachable no ip redirects VLAN ACL VACL , IP, IPX MAC-Layer . Bridged Packet bridged packet VACL . Routed Packet Routed Layer 3-switched Packet . VACL for input ACL Output Cisco IOS ACL VACL for output VLAN Routed VACL VACL VLAN Access Map Command Purp) ose Router(config)# vlan access-map) map _name [0-65535] VLAN . Router(config)# no vlan access-map) m ap_name 0-65535 VLAN Router(config)# no vlan access-map) m ap_name VLAN . map . map

. map map . no . map no . Command Purp) ose Router(config-access-map)# match {ip) address {1-199 | 1300-2699 | acl_ name} | ip) x address {800-999 | acl_name}| mac address acl_name} Router(config-access-map)# no match {ip) address {1-199 | 1300-2699 | a cl_name} | ip) x address {800-999 | acl_name}| mac address acl_name} ACL . WAN No VACL IP ACL . ACL . Command Purp) ose Router(config-access-map)# action {drop) [log]} | {forward [cap) ture]} | {r edirect {{ethernet | fastethernet | gigabitethernet | tengigabitetherne t} slot/port} | {p) ort-channel channel_id}} VLAN Router(config-access-map)# no action {drop) [log]} | {forward [cap) ture]} | {redirect {{ethernet | fastethernet | gigabitethernet | tengigabitether net} slot/port} | {p) ort-channel channel_id}} , , . WAN Log 2 . WAN Log VACL IP ACL .

VACL log . log . Redirect 5 . VLAN Command Purp) ose Router(config)# vlan filter map_name {vlan-list vlan_list | interface type number} CP_CmdPlain VLAN WAN VLAN Router(config)# no vlan filter map_name [vlan-li st vlan_list | interface type number ] VLAN VLAN VLAN WAN . vlan_list VLAN-ID 1 , . VACL WAN VACL . VLAN VACL . NO WAN VLAN VLAN . VLAN Command Purp) ose Router# show vlan access-map) [map_name] VLAN Router# show vlan filter [access-map) map_name | vlan vlan_id | interface type1 number2 ] VACL VLAN Router# show ip access-lists net_10 Extended IP access list net_10 permit ip 10.0.0.0 0.255.255.255 any Router# show ip access-lists any_host Standard IP access list any_host permit any VLAN IP VLAN . IP Net_10 ,

. Router(config)# vlan access-map thor 10 Router(config-access-map)# match ip address net_10 Router(config-access-map)# action forward Router(config-access-map)# exit Router(config)# vlan filter thor vlan-list 12-16 VLAN . IP net_10 . . Router(config)# vlan access-map ganymede 10 Router(config-access-map)# match ip address net_10 Router(config-access-map)# action drop log Router(config-access-map)# exit Router(config)# vlan access-map ganymede 20 Router(config-access-map)# match ip address any_host Router(config-access-map)# action forward Router(config-access-map)# exit Router(config)# vlan filter ganymede vlan-list 7-9 IP VLAN . IP net_10 . . Router(config)# vlan access-map mordred 10 Router(config-access-map)# match ip address net_10 Router(config-access-map)# action forward capture Router(config-access-map)# exit Router(config)# vlan filter mordred vlan-list 2, 4-6 VACL VACL . 2 . rate-limit VACL . . Command Purp) ose Step 1 Router(config)# vlan access-log maxflow max_number . Step 2 Router(config)# vlan access-log ratelimit p ps VACL. rate Step 3 Router(config)# vlan access-log threshold pkt_count threshold Step 4 Router(config)# exit

VLAN Step 5 Router# show vlan access-log config (Optional) VACL property Step 6 Router# show vlan access-log flow protoc ol {{src_addr src_mask} | any | {host {hostn ame | host_ip}}} {{dst_addr dst_mask} | any | {host {hostname | host_ip}}} [vlan vlan_id] (Optional) VACL Step 7 Router# show vlan access-log statistics (Optional) Router(config)# vlan access-log maxflow 800 Router(config)# vlan access-log ratelimit 2200 Router(config)# vlan access-log threshold 4000 2.14 Power Redundancy power redundancy-mode combined | redundant , ( ) . Power ON/Off no power enable module slot power down . power enable module slot power on . show power . Router# show power system power redundancy mode = redundant system power total = 1153.32 Watts (27.46 Amps @ 42V) system power used = 397.74 Watts ( 9.47 Amps @ 42V) system power available = 755.58 Watts (17.99 Amps @ 42V) Power-Capacity PS-Fan Output Oper PS Type Watts A @42V Status Status State ---- ------------------ ------- ------ ------ ------ ----1 WS-CAC-2500W 1153.32 27.46 OK OK on 2 none Pwr-Requested Pwr-Allocated Admin Oper Slot Card-Type Watts A @42V Watts A @42V State State ---- ------------------ ------- ------ ------- ------ ----- ----1 WS-X6K-SUP2-2GE 142.38 3.39 142.38 3.39 on on 2 - - 142.38 3.39 - 5 WS-X6248-RJ-45 112.98 2.69 112.98 2.69 on on Router# Show environment[alarm|status|temperature] . LED LED major minor .

Comp) onent Supervisor major 1 Alarm Typ) e LED Indication Major STATUS LED red Action Syslog and SNMP trap Active supervisor s hutdown Active supervisor 5 shutdown Supervisor minor Minor STATUS LED orange Syslog and SNMP trap Redundant supervisor engine major minor Major STATUS LED red Minor STATUS LED orange major Major STATUS LED red Syslog and SNMP trap major 5 shutdown minor . Syslog and SNMP trap 4 minor Minor STATUS LED orange * System LED LED Syslog and SNMP trap .

Recently Viewed Presentations

  • Jazyk literrnho dla UDSLB 1. Zvukov strnka jazyka

    Jazyk literrnho dla UDSLB 1. Zvukov strnka jazyka

    Jazyk literárního díla UDSLB 1. Zvuková stránka jazyka Důležitou roli hraje tzv. hlásková instrumentace. tj. záměrné hromadění určitých hlásek nebo hláskových skupin.
  • Unit 3, Lesson 1: Skeletal System - Colorado FFA

    Unit 3, Lesson 1: Skeletal System - Colorado FFA

    Unit 3, Lesson 3: Skeletal System What is the function of bone? Bone helps with: Movement Support Protection What is bone made of? Bone is comprised of: 26% minerals (mostly calcium phosphate and calcium carbonate) 50% is water 4% is...
  • liuzhengyang.github.io

    liuzhengyang.github.io

    NIO. Non-Blocking IO. ByteBuffer byte container. Channel nexus which can do IO operation. Selector event monitor which can watch multiple channels
  • The Effect of Generation on Retention of Women Engineers in ...

    The Effect of Generation on Retention of Women Engineers in ...

    Time lag design: Age effect vs generation effect . Generational change is a hot topic, so no doubt you have seen headlines such as "Millennials are lazy entitled narcissists", or "Baby boomers can't use technology", or something similar. One of...
  • Speaker Name

    Speaker Name

    Decision Usefulness - Information. One other aspect is the understanding of project information, based on the deliverables. It goes without saying that if less deliverables are required, less information is available… Is some circumstances, this may be required. Always look...
  • PowerPoint Presentation

    PowerPoint Presentation

    Oxidation Reduction Reactions(Synthesis, Decomposition, Single Replacement, Combustion). In these reactions, electrons are transferred from one atom to another. Atoms that . lose. electrons (become more . positive
  • Demographic Redistricting Study

    Demographic Redistricting Study

    Middle school changes only within same high school boundaries. ... as indicated in the lower portion of the below picture. PLArea: 242 - This is a planning area, or "puzzle piece", that represents a small section of the district ......
  • Datums and Projections: How to fit a globe

    Datums and Projections: How to fit a globe

    Times New Roman Arial Wingdings Calibri Comic Sans MS Expedition 1_Expedition Datums and Projections: How to fit a globe onto a 2-dimensional surface Overview Definitions: Ellipsoid PowerPoint Presentation PowerPoint Presentation PowerPoint Presentation PowerPoint Presentation Definition: Datum Commonly used datums Projection...