Converged Plantwide Ethernet (CPwE) Design and Implementation Guide
Configurations
Downloads: This chapterpdf (PDF - 264.0KB) The complete bookPDF (PDF - 18.93MB) | Feedback

Configurations

Table Of Contents

Configurations

Express Setup

Stratix 8000

IE 3000 with Recommended System Setup Enabled

Smartports

Stratix 8000

Automation Device

Automation Device with QoS

Desktop for Automation

Switch for Automation

Router for Automation

Phone for Automation

Wireless for Automation

Port Mirroring

None

IE 3000

IE Desktop

IE Switch

IE Router

IE Phone

IE Wireless

Cisco EtherNet/IP

Diagnostics

None


Configurations


Express Setup

Stratix 8000

The following is a sample of a Stratix 8000 configuration after running Express Setup. The Stratix 8000 was running Release 3 (IOS version 12.2(50)SE2).

version 12.2
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname Stratix8000
!
boot-start-marker
boot-end-marker
!
logging buffered 16384
no logging console
enable secret level 1 5 $1$dIHm$S0Rzhzd9OWa9L5dgA5Egl.
enable secret 5 $1$QIyE$FQLtO8wJiuyp.u3BYMi8n.
!
no aaa new-model
clock timezone EST -5
clock summer-time EST recurring
cip security password rockwell
system mtu routing 1500
ptp mode e2etransparent 
vtp mode transparent
udld aggressive
 
   
ip subnet-zero
no ip source-route
!
!
no ip domain-lookup
ip igmp snooping querier
!
mls qos map policed-dscp  24 27 31 43 46 47 55 59 to 0
mls qos map dscp-cos  9 11 12 13 14 15 to 0
mls qos map dscp-cos  25 26 28 29 30 to 2
mls qos map dscp-cos  40 41 42 44 45 49 50 51 to 4
mls qos map dscp-cos  52 53 54 56 57 58 60 61 to 4
mls qos map dscp-cos  62 63 to 4
mls qos map cos-dscp 0 8 16 27 32 47 55 59
mls qos srr-queue input bandwidth 40 60
mls qos srr-queue input threshold 1 16 66
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 40 60 
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0 2
mls qos srr-queue input cos-map queue 2 threshold 2 4
mls qos srr-queue input cos-map queue 2 threshold 3 3 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 2 8 10
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 9 11 12 13 14 15 16 17
mls qos srr-queue input dscp-map queue 1 threshold 3 18 19 20 21 22 23 25 26
mls qos srr-queue input dscp-map queue 1 threshold 3 28 29 30
mls qos srr-queue input dscp-map queue 2 threshold 2 32 33 34 35 36 37 38 39
mls qos srr-queue input dscp-map queue 2 threshold 2 40 41 42 44 45 49 50 51
mls qos srr-queue input dscp-map queue 2 threshold 2 52 53 54 56 57 58 60 61
mls qos srr-queue input dscp-map queue 2 threshold 2 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 27 31 43 46 47 48 55
mls qos srr-queue input dscp-map queue 2 threshold 3 59
mls qos srr-queue output cos-map queue 1 threshold 3 7
mls qos srr-queue output cos-map queue 2 threshold 2 1
mls qos srr-queue output cos-map queue 2 threshold 3 0 2 4
mls qos srr-queue output cos-map queue 3 threshold 3 5 6
mls qos srr-queue output cos-map queue 4 threshold 3 3
mls qos srr-queue output dscp-map queue 1 threshold 3 59
mls qos srr-queue output dscp-map queue 2 threshold 2 8 10
mls qos srr-queue output dscp-map queue 2 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 2 threshold 3 9 11 12 13 14 15 16 17
mls qos srr-queue output dscp-map queue 2 threshold 3 18 19 20 21 22 23 25 26
mls qos srr-queue output dscp-map queue 2 threshold 3 28 29 30 32 33 34 35 36
mls qos srr-queue output dscp-map queue 2 threshold 3 37 38 39 40 41 42 44 45
mls qos srr-queue output dscp-map queue 2 threshold 3 49 50 51 52 53 54 56 57
mls qos srr-queue output dscp-map queue 2 threshold 3 58 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 43 46 47 48 55
mls qos srr-queue output dscp-map queue 4 threshold 3 24 27 31
mls qos queue-set output 1 buffers 10 25 40 25
mls qos queue-set output 2 buffers 10 25 40 25
no mls qos rewrite ip dscp
mls qos
!
!
macro global description ab-password | ab-global | ab-qos-map-setup | ab-qos-queue-setup
!
!
!
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause small-frame
errdisable recovery interval 30
no mac authentication
mac authentication table version 0
!
spanning-tree mode mst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default
spanning-tree EtherChannel guard misconfig
spanning-tree extend system-id
!
alarm profile defaultPort
 alarm 3 
 syslog 3 
 notifies 3 
!
alarm profile ab-alarm
 alarm 1 2 3 4 
 syslog 1 2 3 4 
 notifies 1 2 3 4 
 relay-major 2 
 relay-minor 1 3 4 
!
alarm facility power-supply relay major
alarm facility power-supply syslog
alarm facility power-supply notifies
alarm facility temperature primary relay major 
alarm facility temperature primary syslog 
alarm facility temperature primary notifies 
alarm facility temperature secondary relay minor 
alarm facility temperature secondary syslog 
alarm facility temperature secondary notifies 
alarm facility temperature secondary low 0
alarm facility temperature secondary high 90
!
vlan internal allocation policy ascending
!
!
class-map match-all 1588-PTP-General
 match access-group 107
class-map match-all 1588-PTP-Event
 match access-group 106
class-map match-all CIP-Implicit_dscp_any
 match access-group 104
class-map match-all CIP-Other
 match access-group 105
class-map match-all voip-data
 match ip dscp ef 
class-map match-all voip-control
 match ip dscp cs3  af31 
class-map match-all CIP-Implicit_dscp_43
 match access-group 103
class-map match-all CIP-Implicit_dscp_55
 match access-group 101
class-map match-all CIP-Implicit_dscp_47
 match access-group 102
!
!
policy-map Voice-Map
 class voip-data
  set dscp ef
  police 320000 8000 exceed-action policed-dscp-transmit
 class voip-control
  set dscp cs3
  police 32000 8000 exceed-action policed-dscp-transmit
policy-map CIP-PTP-Traffic
 class CIP-Implicit_dscp_55
  set ip dscp 55
 class CIP-Implicit_dscp_47
  set ip dscp 47
 class CIP-Implicit_dscp_43
  set ip dscp 43
 class CIP-Implicit_dscp_any
  set ip dscp 31
 class CIP-Other
  set ip dscp 27
 class 1588-PTP-Event
  set ip dscp 59
 class 1588-PTP-General
  set ip dscp 47
!
!
!
interface FastEthernet1/1
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface FastEthernet1/2
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface FastEthernet1/3
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface FastEthernet1/4
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface FastEthernet1/5
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface FastEthernet1/6
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface FastEthernet1/7
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface FastEthernet1/8
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface GigabitEthernet1/1
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface GigabitEthernet1/2
 ptp enable
 alarm profile ab-alarm
 service-policy input CIP-PTP-Traffic
!
interface Vlan1
 ip address 10.17.10.10 255.255.255.0
 no ip route-cache
 cip enable
!
ip default-gateway 10.17.10.1
ip http server
access-list 101 permit udp any eq 2222 any dscp 55
access-list 102 permit udp any eq 2222 any dscp 47
access-list 103 permit udp any eq 2222 any dscp 43
access-list 104 permit udp any eq 2222 any
access-list 105 permit udp any eq 44818 any
access-list 105 permit tcp any eq 44818 any
access-list 106 permit udp any eq 319 any
access-list 107 permit udp any eq 320 any
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps transceiver all
snmp-server enable traps tty
snmp-server enable traps cluster
snmp-server enable traps entity
snmp-server enable traps rep
snmp-server enable traps cpu threshold
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps flash insertion removal
snmp-server enable traps port-security
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps energywise
snmp-server enable traps rtr
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps alarms informational
snmp-server enable traps mac-notification change move threshold
snmp-server enable traps vlan-membership
snmp-server enable traps errdisable
!
control-plane
!
!
line con 0
 password 7 1500040F0F3D2E2824
line vty 0 4
 password 7 1500040F0F3D2E2824
 login
line vty 5 15
 password 7 1500040F0F3D2E2824
 login
!
monitor flash reload-check
end

IE 3000 with Recommended System Setup Enabled

The following is a sample of an IE 3000 configuration after running Express Setup and enabling the recommended System Setup. The IE 3000 was running IOS Release 12.2(50)SE2 using the LAN BASE WITH WEB BASED DEV MGR feature set.

version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname IE3000
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$rgWL$kPKiLLQdUlakTsiCTSshm.
!
no aaa new-model
clock timezone EST -5
clock summer-time EST recurring
system mtu routing 1500
ptp mode e2etransparent 
udld aggressive
 
   
ip subnet-zero
!
!
ip igmp snooping querier
!
mls qos map policed-dscp  24 27 31 43 46 47 55 59 to 0
mls qos map dscp-cos  9 11 12 13 14 15 to 0
mls qos map dscp-cos  25 26 28 29 30 to 2
mls qos map dscp-cos  40 41 42 44 45 49 50 51 to 4
mls qos map dscp-cos  52 53 54 56 57 58 60 61 to 4
mls qos map dscp-cos  62 63 to 4
mls qos map cos-dscp 0 8 16 27 32 47 55 59
mls qos srr-queue input bandwidth 40 60
mls qos srr-queue input threshold 1 16 66
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 40 60 
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0 2
mls qos srr-queue input cos-map queue 2 threshold 2 4
mls qos srr-queue input cos-map queue 2 threshold 3 3 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 2 8 10
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 9 11 12 13 14 15 16 17
mls qos srr-queue input dscp-map queue 1 threshold 3 18 19 20 21 22 23 25 26
mls qos srr-queue input dscp-map queue 1 threshold 3 28 29 30
mls qos srr-queue input dscp-map queue 2 threshold 2 32 33 34 35 36 37 38 39
mls qos srr-queue input dscp-map queue 2 threshold 2 40 41 42 44 45 49 50 51
mls qos srr-queue input dscp-map queue 2 threshold 2 52 53 54 56 57 58 60 61
mls qos srr-queue input dscp-map queue 2 threshold 2 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 27 31 43 46 47 48 55
mls qos srr-queue input dscp-map queue 2 threshold 3 59
mls qos srr-queue output cos-map queue 1 threshold 3 7
mls qos srr-queue output cos-map queue 2 threshold 2 1
mls qos srr-queue output cos-map queue 2 threshold 3 0 2 4
mls qos srr-queue output cos-map queue 3 threshold 3 5 6
mls qos srr-queue output cos-map queue 4 threshold 3 3
mls qos srr-queue output dscp-map queue 1 threshold 3 59
mls qos srr-queue output dscp-map queue 2 threshold 2 8 10
mls qos srr-queue output dscp-map queue 2 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 2 threshold 3 9 11 12 13 14 15 16 17
mls qos srr-queue output dscp-map queue 2 threshold 3 18 19 20 21 22 23 25 26
mls qos srr-queue output dscp-map queue 2 threshold 3 28 29 30 32 33 34 35 36
mls qos srr-queue output dscp-map queue 2 threshold 3 37 38 39 40 41 42 44 45
mls qos srr-queue output dscp-map queue 2 threshold 3 49 50 51 52 53 54 56 57
mls qos srr-queue output dscp-map queue 2 threshold 3 58 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 43 46 47 48 55
mls qos srr-queue output dscp-map queue 4 threshold 3 24 27 31
mls qos queue-set output 1 buffers 10 25 40 25
mls qos queue-set output 2 buffers 10 25 40 25
no mls qos rewrite ip dscp
mls qos
!
crypto pki trustpoint HTTPS_SS_CERT_KEYPAIR
 enrollment selfsigned
 serial-number
 revocation-check none
 rsakeypair HTTPS_SS_CERT_KEYPAIR
!
!
crypto pki certificate chain HTTPS_SS_CERT_KEYPAIR
 certificate self-signed 01
  30820253 308201BC A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  3B311030 0E060355 04031307 49453330 30302E31 27300F06 03550405 13083143 
  33303841 38303014 06092A86 4886F70D 01090216 07494533 3030302E 301E170D 
  30393036 31373132 30393335 5A170D32 30303130 31303030 3030305A 303B3110 
  300E0603 55040313 07494533 3030302E 3127300F 06035504 05130831 43333038 
  41383030 1406092A 864886F7 0D010902 16074945 33303030 2E30819F 300D0609 
  2A864886 F70D0101 01050003 818D0030 81890281 8100D1FD F4FED5F3 C28A8DDC 
  864A2BF1 3D7D8853 64AB3775 0DB46748 938FDA4A 430B03B7 F01A939F 5F3A5BD0 
  B20A182D D1AA826A 47B25679 85814D80 EFE26FFA 9AE20F8C 5CCE680E F23807FB 
  3CC016D8 37385B12 F7D3EC82 D77A342F 2275092C 8CDD5E06 080B9312 930A3A66 
  4572668E 3389E090 B9F18B63 DB927ADE 9752C2FD 3A570203 010001A3 67306530 
  0F060355 1D130101 FF040530 030101FF 30120603 551D1104 0B300982 07494533 
  3030302E 301F0603 551D2304 18301680 14443056 FBDE73C1 1766C192 3BCE4455 
  590E2CC2 A0301D06 03551D0E 04160414 443056FB DE73C117 66C1923B CE445559 
  0E2CC2A0 300D0609 2A864886 F70D0101 04050003 81810082 A8454321 5ECDA2F5 
  574A48B7 A97324BD 357ED4DD 1BC8A1FF F9DB3AE9 FD9C134E F3C63CC7 CF613C41 
  1D5F54D0 DEE2D8AC 5DD0DF81 52427FB0 CF53DF62 853CBA04 E893D820 221A2F6B 
  638098E1 41EFC650 7BE0601A 06472FD9 E85B0F26 AC91C92F C6E6962D DD8123EE 
  5112A029 3E43F872 54A2CE84 B3F1A045 845C40A0 6FD8C7
  quit
!
!
macro global description cisco-global | cisco-ie-global | cisco-ie-qos-map-setup | 
cisco-ie-qos-queue-setup
!
!
!
errdisable recovery cause link-flap
errdisable recovery interval 60
no mac authentication
mac authentication table version 0
!
spanning-tree mode mst
spanning-tree loopguard default
spanning-tree EtherChannel guard misconfig
spanning-tree extend system-id
!
alarm profile defaultPort
 alarm 3 
 syslog 3 
 notifies 3 
!
alarm facility temperature primary relay major 
alarm facility temperature primary syslog 
alarm facility temperature primary notifies 
!
vlan internal allocation policy ascending
!
!
class-map match-all 1588-PTP-General
 match access-group 107
class-map match-all 1588-PTP-Event
 match access-group 106
class-map match-all CIP-Implicit_dscp_any
 match access-group 104
class-map match-all CIP-Other
 match access-group 105
class-map match-all voip-data
 match ip dscp ef 
class-map match-all voip-control
 match ip dscp cs3  af31 
class-map match-all CIP-Implicit_dscp_43
 match access-group 103
class-map match-all CIP-Implicit_dscp_55
 match access-group 101
class-map match-all CIP-Implicit_dscp_47
 match access-group 102
!
!
policy-map Voice-Map
 class voip-data
  set dscp ef
  police 320000 8000 exceed-action policed-dscp-transmit
 class voip-control
  set dscp cs3
  police 32000 8000 exceed-action policed-dscp-transmit
policy-map CIP-PTP-Traffic
 class CIP-Implicit_dscp_55
  set ip dscp 55
 class CIP-Implicit_dscp_47
  set ip dscp 47
 class CIP-Implicit_dscp_43
  set ip dscp 43
 class CIP-Implicit_dscp_any
  set ip dscp 31
 class CIP-Other
  set ip dscp 27
 class 1588-PTP-Event
  set ip dscp 59
 class 1588-PTP-General
  set ip dscp 47
!
!
!
interface FastEthernet1/1
 ptp enable
!
interface FastEthernet1/2
 ptp enable
!
interface FastEthernet1/3
 ptp enable
!
interface FastEthernet1/4
 ptp enable
!
interface GigabitEthernet1/1
 ptp enable
!
interface GigabitEthernet1/2
 ptp enable
!
interface Vlan1
 ip address 10.17.10.11 255.255.255.0
 no ip route-cache
 cip enable
!
ip default-gateway 10.17.10.1
ip http server
ip http secure-server
access-list 101 permit udp any eq 2222 any dscp 55
access-list 102 permit udp any eq 2222 any dscp 47
access-list 103 permit udp any eq 2222 any dscp 43
access-list 104 permit udp any eq 2222 any
access-list 105 permit udp any eq 44818 any
access-list 105 permit tcp any eq 44818 any
access-list 106 permit udp any eq 319 any
access-list 107 permit udp any eq 320 any
!
control-plane
!
!
line con 0
line vty 0 4
 password rockwell
 login
line vty 5 15
 password rockwell
 login
!
monitor flash reload-check
end

Smartports

Stratix 8000

Automation Device

The Automation Device Smartport should be used for any EtherNet/IP devices. This includes controllers, HMI displays, distributed I/O, etc. The Automation Device Smartport enables the following features:

Sets the port to host mode

Enables MAC flooding attack protection

Sets the VLAN number

Enables the automation QoS policy

Configures the output queues

Enables the alarm profile

Disables Cisco Discovery Protocol (CDP)

 
   
Macro name : ab-ethernetip
Macro type : default interface
# macro keywords $access_vlan
#macro description ab-ethernetip
switchport host
switchport port-security
switchport port-security maximum 1
switchport port-security violation restrict
switchport port-security aging type inactivity
switchport access vlan $access_vlan
service-policy input CIP-PTP-Traffic
priority-queue out
srr-queue bandwidth share 1 19 40 40
alarm profile ab-alarm
load-interval 30
no cdp enable
 
   

Automation Device with QoS

The Automation Device with QoS should be used for CIP Sync and CIP Motion devices. The Automation Device with QoS Smartport enables the following features:

Sets the port in trunk mode

Enables Spanning Tree Portfast

Disables Dynamic Trunking Protocol (DTP)

Sets the native VLAN number

Enables MAC flooding attack protection

Enables the automation QoS policy

Configures the output queues

Enables the alarm profile

Disables Cisco Discovery Protocol (CDP)

Sets the port to trust DSCP

 
   
Macro name : ab-syncmotion
Macro type : default interface
#macro keywords $native_vlan
#macro name ab-syncmotion
#macro description ab-syncmotion
switchport mode trunk
spanning-tree portfast trunk
switchport nonegotiate
switchport trunk native vlan $native_vlan
switchport port-security
switchport port-security maximum 1
switchport port-security violation restrict
switchport port-security aging type inactivity
service-policy input CIP-PTP-Traffic
priority-queue out
srr-queue bandwidth share 1 19 40 40
alarm profile ab-alarm
load-interval 30
no cdp enable
mls qos trust dscp
 
   

Desktop for Automation

The Desktop for Automation Smartport should be used for PCs used on the Cell/Area zone EtherNet/IP network. It should not be used for any systems running virtual machines with out turning the port security configuration off. If the Desktop for Automation Smartport is used with a virtual machine, the port security configuration will need to be modified using CNA or CLI. The Desktop for Automation Smartport enables the following features:

Sets the port in access mode

Set the VLAN number

Enables MAC flooding attack protection

Enables Spanning Tree Portfast

Enables Spanning Tree BPDU Guard

Enables the automation QoS policy

Sets the alarm profile

 
   
Macro name : desktop-automation
Macro type : default interface
#macro keywords $access_vlan
#macro name desktop-automation
switchport mode access
switchport access vlan $access_vlan
switchport port-security
switchport port-security maximum 1
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
spanning-tree portfast
spanning-tree bpduguard enable
service-policy input CIP-PTP-Traffic
no alarm profile
alarm profile ab-alarm
 
   

Switch for Automation

The Switch for Automation Smartport is used on ports that connect to other managed Ethernet switches. The Switch for Automation enables the following features:

Sets the port in trunk mode

Sets the native VLAN

Sets Spanning Tree to use a point-to-point link

Sets the port to trust COS

Enables the automation QoS policy

Configures the output queues

Sets the alarm profile

 
   
Macro name : switch-automation
Macro type : default interface
#macro keywords $native_vlan
#macro name: switch-automation
switchport mode trunk
switchport trunk native vlan $native_vlan
spanning-tree link-type point-to-point
mls qos trust cos
service-policy input CIP-PTP-Traffic
priority-queue out
srr-queue bandwidth share 1 19 40 40
no alarm profile
alarm profile ab-alarm

The switch for Automation Smartport does not disable DTP. This must be done manually with the switchport nonegotiate interface configuration command.

Router for Automation

The Router for Automation Smartport is used on ports that connect to routers such as the Cisco 2800 Series ISR. The Router for Automation Smartport enables the following features:

Sets the port in trunk mode

Sets the native VLAN

Enables Spanning Tree Portfast

Enables Spanning Tree BPDU Guard

Sets the port to trust DSCP

Enables the automation QoS policy

Configures the output queues

Sets the alarm profile

 
   
Macro name : router-automation
Macro type : default interface
#macro keywords $native_vlan
#Macro name router-automation
switchport mode trunk
switchport trunk native vlan $native_vlan
spanning-tree portfast trunk
spanning-tree bpduguard enable
mls qos trust dscp
service-policy input CIP-PTP-Traffic
priority-queue out
srr-queue bandwidth share 1 19 40 40
no alarm profile
alarm profile ab-alarm
 
   

Phone for Automation

The Phone for Automation Smartport is used on ports that connect to a VoIP phone. The Phone for Automation Smartport enables the following features:

Sets the port in access mode

Sets the voice and data VLANs

Enables MAC Flooding protection

Enables Spanning Tree Portfast

Enables Spanning Tree BPDU Guard

Enables the VoIP QoS policy

Configures the output queues

Sets the alarm profile

 
   
Macro name : phone-automation
Macro type : default interface
#macro keywords: $access_vlan $voice_vlan
#macro  name phone-automation
switchport mode access
switchport access vlan $access_vlan
switchport voice vlan $voice_vlan
switchport port-security
switchport port-security maximum 2
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
no service-policy input CIP-PTP-Traffic
spanning-tree portfast
spanning-tree bpduguard enable
service-policy input Voice-Map
srr-queue bandwidth share 10 10 60 20
no alarm profile
alarm profile ab-alarm
 
   

Wireless for Automation

The Wireless for Automation Smartport is used on ports that connect to wireless access points or Wireless LAN Controllers. The Wireless for Automation Smartport enables the following features:

Sets the port in trunk mode

Sets the native VLAN

Disables Dynamic Trunking Protocol (DTP)

Enables Spanning Tree BPDU Guard

Sets the port to trust COS

Enables the Automation QoS policy

Configures the output queues

Sets the alarm profile

 
   
Macro name : wireless-automation
Macro type : default interface
#macro keywords:  $native_vlan
 #macro name: wireless-automation
switchport mode trunk
switchport trunk native vlan $native_vlan
switchport nonegotiate
spanning-tree bpduguard enable
mls qos trust cos
service-policy input CIP-PTP-Traffic
srr-queue bandwidth share 1 19 40 40
no alarm profile
alarm profile ab-alarm
 
   

Port Mirroring

The Port Mirroring Smartport is used to mirror traffic from one interface to another. This feature is used in conjunction with a network traffic analyzer to troubleshoot system and application problems.

None

The None Smartport is used to clear all Smartport configurations from the port.

IE 3000

IE Desktop

The IE Desktop Smartport is used on ports that have a single desktop computer connected. The IE Desktop Smartport enables the following features:

Sets the port to access mode

Sets the VLAN number

Enables MAC Address Flooding protection

Enables Spanning Tree Portfast

Enables Spanning Tree BPDU Guard

Macro name : cisco-ie-desktop
Macro type : default interface
# macro keywords $access_vlan
#macro name cisco-ie-desktop
switchport mode access
switchport access vlan $access_vlan
switchport port-security
switchport port-security maximum 1
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
spanning-tree portfast
spanning-tree bpduguard enable
 
   

IE Switch

The IE Switch Smartport is used on ports that connect to other switches. The IE Switch enables the following features:

Sets the port to trunk mode

Sets the native VLAN

Sets the Spanning Tree link type to point-to-point

Sets the port to trust CoS

Enables the Automation QoS policy

Configures the output queues.

 
   
Macro name : cisco-ie-switch
Macro type : default interface
# macro keywords $native_vlan
#macro name: cisco-ie-switch
switchport mode trunk
switchport trunk native vlan $native_vlan
spanning-tree link-type point-to-point
mls qos trust cos
service-policy input CIP-PTP-Traffic
priority-queue out
srr-queue bandwidth share 1 19 40 40
 
   

The switch for Automation Smartport does not disable DTP. This must be done manually with the switchport nonegotiate interface configuration command.

IE Router

The IE Router Smartport is used on ports that connect to Cisco routers such as the 2800 Series ISR. The IE Router smartport enables the following features:

Sets the port to trunk mode

Sets the native VLAN

Enables Spanning Tree Portfast

Enables Spanning Tree BPDU Guard

Sets the port to trust DSCP

Enables the automation QoS policy

Configures the output queues

Macro name : cisco-ie-router
Macro type : default interface
# macro keywords $native_vlan
#Macro name cisco-ie-router
switchport mode trunk
switchport trunk native vlan $native_vlan
spanning-tree portfast trunk
spanning-tree bpduguard enable
mls qos trust dscp
service-policy input CIP-PTP-Traffic
priority-queue out
srr-queue bandwidth share 1 19 40 40
 
   

IE Phone

The IE Phone Smartport is used to connect VoIP phones to the switch. The IE Phone Smartport enables the following features:

Sets the switch port to access mode

Sets the voice and data VLANs

Enables MAC Address Flooding protection

Enables Spanning Tree Portfast

Enables Spanning Tree BPDU Guard

Sets the port to trust the CoS from the phone

Sets the VoIP service policy

Configures the output queues

Macro name : cisco-ie-phone
Macro type : default interface
# macro keywords $access_vlan $voice_vlan
#macro  name cisco-ie-phone
switchport mode access
switchport access vlan $access_vlan
switchport voice vlan $voice_vlan
switchport port-security
switchport port-security maximum 2
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
spanning-tree portfast
spanning-tree bpduguard enable
no service-policy input CIP-PTP-Traffic
mls qos trust device cisco-phone
mls qos trust cos
service-policy input Voice-Map
srr-queue bandwidth share 10 10 60 20
 
   

IE Wireless

The IE Wireless Smartport is used to connect to Access Points and Wireless LAN Controllers. The IE Wireless Smartport enables the following features:

Set the port to trunk mode

Set the native VLAN

Disable Dynamic Trunking Protocol (DTP)

Enables Spanning Tree BPDU Guard

Set the port to trust CoS

Configures the output queues

 
   
Macro name : cisco-ie-wireless
Macro type : default interface
#macro keywords $native_vlan
#macro name: cisco-ie-wireless
switchport mode trunk
switchport trunk native vlan $native_vlan
switchport nonegotiate
spanning-tree bpduguard enable
mls qos trust cos
srr-queue bandwidth share 1 19 40 40
 
   

Cisco EtherNet/IP

The Cisco EtherNet/IP Smartport is used to connect to EtherNet/IP devices such as PAC, distributed I/O, etc. The Cisco EtherNet/IP Smartport enables the following features:

Sets the port to host

Sets the access VLAN

Enables broadcast storm control

Enables the Automation service policy

Configures the output queues

 
   
Macro name : cisco-ethernetip
Macro type : default interface
#macro keywords $access_vlan
#macro name cisco-ethernetip
#macro description cisco-ethernetip
switchport host
switchport access vlan $access_vlan
storm-control broadcast level 3.00 1.00
service-policy input CIP-PTP-Traffic
priority-queue out
srr-queue bandwidth share 1 19 40 40

Diagnostics

The Diagnostics Smartport is used to mirror traffic from one interface to another. This feature is used in conjunction with a network traffic analyzer to troubleshoot system and application problems.

None

The None Smartport is used to clear all Smartport configurations from the port.