Catalyst 2950 Desktop Switch Software Configuration Guide, 12.0(5.2)WC(1)
Creating and Managing Clusters
Downloads: This chapterpdf (PDF - 633.0KB) The complete bookPDF (PDF - 3.54MB) | Feedback

Creating and Managing Clusters

Table Of Contents

Creating and Managing Clusters

Planning Your Cluster

Creating Clusters with Different Releases of IOS Software

Command Switch Requirements

Candidate Switch Requirements

Understanding Management VLAN Changes

Creating Clusters

Enabling the Command Switch

Automatically Discovering Cluster Candidates

CLI: Creating a Cluster

When a Cluster is Created

Changes to the Host Name

Changes to the SNMP Community Strings

Changes to Passwords

Adding and Removing Member Switches

Determining Why a Switch Is Not Added to a Cluster

CLI: Adding a Member to a Cluster

CLI: Removing a Member from a Cluster

Building a Redundant Cluster

Understanding HSRP

Recovering from a Failed Command Switch without HSRP

Configuring a Cluster Standby Group

Standby Command Switch Requirements

Using the Standby Configuration Window

CLI: Creating a Standby Group

CLI: Adding Member Switches to a Standby Group

CLI: Removing a Switch from a Standby Group

CLI: Removing a Standby Group from the Network

Managing Switch Clusters

Accessing the Cluster Management Suite

Configuring Initial Cluster Settings

Arranging and Saving the Network Map

Changing User Settings

Rearranging the Order of the Displayed Switches

Changing the Host Name

Saving Configuration Changes

Displaying an Inventory of Cluster Switches

Displaying Link Information

Changing the Management VLAN

Guidelines for Changing the Management VLAN

Changing the Management VLAN for a Cluster

Changing the Management VLAN for a New Switch

CLI: Changing the Management VLAN Through a Telnet Connection

Monitoring and Configuring Ports

Monitoring Port Settings

Monitoring Other Switch LEDs

Guidelines for Configuring Ports

Connecting to Devices That Do Not Autonegotiate

Configuring Ports

Port Statistics

Port Search

CLI: Setting Speed and Duplex Parameters

CLI: Configuring Flow Control on Gigabit Ethernet Ports

Displaying VLAN Membership

Upgrading or Reloading the Switch Software

Guidelines for Upgrading or Reloading Switch Software

Configuring the Cisco TFTP Server to Upgrade Multiple Switches

CLI: Copying the Startup Configuration from the Switch to a PC or Server

Using the Software Upgrade Page to Upgrade Switch Software

CLI: Upgrading a Standalone Switch

CLI: Reloading or Upgrading Catalyst 2950, 2900 XL, or 3500  XL Member Switches

CLI: Upgrading Catalyst 1900 or 2820 Member Switches

Reloading Switch Software

Configuring SNMP for a Cluster

Enabling or Disabling the SNMP Agent

Configuring Community Strings for Cluster Switches

Configuring Trap Managers and Enabling Traps


Creating and Managing Clusters


A cluster is a group of connected switches that are managed as a single entity.
The switches can be in the same location, or they can be distributed across a contiguous Layer 2 network. All communication with cluster switches is through one IP address.


Tips You can have up to 16 switches in a cluster: 1 command switch and up to 15 member switches. The command switch is the single point of access used to manage, configure, and monitor the member switches.


Clusters can be configured for management redundancy by using the Hot Standby Router Protocol (HSRP). Figure 3-1 shows a cluster of switches with a standby command switch.

This chapter describes how to create and manage clusters of switches by using the Cluster Management Suite (CMS) applications: Cluster Builder, Cluster View, and Cluster Manager. You use Cluster Builder to create the cluster, you use Cluster View to display the devices connected to the cluster, and you use Cluster Manager to configure and monitor your cluster after it has been created.

This chapter describes how to perform the following tasks:

Planning your cluster

Creating a cluster

Building a redundant cluster

Managing a cluster

Figure 3-1 A Cluster with a Standby Command Switch

Planning Your Cluster

Anticipating conflicts and compatibility issues is a high priority when you manage several switches through a cluster. This section describes the requirements and caveats that you should understand before you create the cluster.

Before you create a cluster, you might want to consider creating a cluster with a redundant command switch. Cluster redundancy is described in the "Building a Redundant Cluster" section.

Creating Clusters with Different Releases of IOS Software

Some versions of the Catalyst 2900 and 3500 XL software do not support clustering, and other versions do not support the features in this release. To ensure that all cluster switches are operating with the same level of software, we recommend that you upgrade all cluster switches to IOS Release 12.0(5)WC(1).


Note Catalyst 1900 and 2820 switches are always member switches.


Command Switch Requirements

You must select a switch to be the command switch of your cluster. The command switch must satisfy the following requirements:

It is running Cisco IOS Release 12.0(5)XU or later. See "Supported Hardware" section for a list of switches that can run these versions.


Note If you are running Cisco IOS Release 12.0(5)XW or earlier, a Catalyst 2950 switch will show as an unknown device in Cluster Manager. In this case, you will need to use Visual Switch Manager (VSM) to manage the Catalyst 2950 switch.


It is assigned an IP address.

It has Cisco Discovery Protocol (CDP) version 2 enabled (the default).

It is not a command or member switch of another cluster.

It belongs to the same management virtual LAN (VLAN) as the cluster member switches.

No access lists have been defined for the switch. Access lists can restrict access to a switch but are not usually used in configuring Catalyst 2950, 2900 XL, or 3500 XL switches. (This does not include access class 199 that is created when a device is configured as the command switch.)


Note To avoid losing contact with cluster members when a command switch fails, you might want to create a redundant cluster. For more information, see the "Building a Redundant Cluster" section.


Candidate Switch Requirements

Before adding a candidate switch to the cluster, you must know any assigned enable or enable secret password.

A candidate switch must satisfy the following requirements to join a cluster.

It is running cluster-capable software. See the "Supported Hardware" section for a list of switches that support clustering.

It has CDP version 2 enabled.

It is connected to a command switch through ports that belong to the same management VLAN (see "Changing the Management VLAN" section).

It is not an active member or command switch of another cluster.

A candidate switch can have an IP address, but it is not required.


Note If you are unable to maintain management contact with a member, see the "Recovering from Lost Member Connectivity" section.


Understanding Management VLAN Changes

Communication with the switch management interfaces is through the switch IP address. The IP address is associated with the management VLAN, which by default is VLAN 1. To manage switches in a cluster, the port connections among the command, member, and candidate switches must be connected through ports that belong to the management VLAN.

You can change the management VLAN on an existing cluster, and the command switch synchronizes activities with member switches to ensure that no loss of management connectivity occurs.


Note This is only valid for IOS Release 12.0(5)XU and later. Previous releases of the software require that switches be upgraded one at a time.


To change the management VLAN on an existing cluster, see the "Changing the Management VLAN" section.

If you add a new switch to an existing cluster and the cluster is using a management VLAN other than the default VLAN 1, the command switch automatically senses that the new switch has a different management VLAN and has not been configured. The command switch issues commands to change the management VLAN and change the port on the new switch, which is connected to the cluster, to match the one in use by the cluster. This automatic change of the VLAN only occurs for new, out-of-box switches that do not have a config.text file and for which there have been no changes to the running configuration.

Creating Clusters

You create a cluster by performing these tasks:

1. Cabling together switches running clustering software

2. Assigning an IP address to one switch (the command switch) and enabling the switch as the command switch

3. Starting Cluster Builder and adding the candidate switches to the cluster

After the cluster is formed, you can access all switches in the cluster by entering the IP address of the command switch into the browser Location field (Netscape Communicator) or Address field (Internet Explorer).

Enabling the Command Switch

You enable the command-switch functionality through the Switch Manager or through the CLI. Before you enable a switch as a command switch, see the "Command Switch Requirements" section to ensure that the switch meets all the requirements.

Follow these steps to enable the switch as a command switch by using Visual Switch Manager (VSM):


Step 1 Enter the switch IP address in your browser, and press Return. The Cisco Access Page displays.

Step 2 Click Cluster Management Suite or Visual Switch Manager on the Cisco Access Page. The switch home page displays.

Step 3 Select Cluster > Cluster Command Configuration from the menu bar.

Step 4 Select Enable on the Cluster Configuration window. You can use up to 31 characters to name your cluster.


After you have enabled the command switch, select Cluster > Cluster Builder to begin building your cluster. To enable a switch as the command switch by using the command-line interface (CLI), see the "CLI: Creating a Cluster" section.

Automatically Discovering Cluster Candidates

Cluster Builder uses the CDP to discover candidate switches that can be added to a cluster. By using CDP, a switch can automatically discover switches in star or cascaded topologies that are up to three CDP-hops away from the edge of the cluster. You can configure the command switch to discover switches up to seven CDP-hops away.

When an edge device that does not support CDP is connected to the command switch, CDP can still discover the candidate switches that are attached to it. When a switch that does support CDP but does not support clustering is connected to the command switch, the cluster is unable to discover candidates that are attached to it. For example, Cluster Builder cannot create a cluster that includes candidates that are connected to a Catalyst 5000 series or 6000 switch connected to the command switch.

When Cluster Builder starts, it automatically prompts you to create a cluster by adding qualified candidates, as shown in Figure 3-2. The Suggested Candidate window lists each candidate switch with its device type, MAC address, and the switch through which it is connected to the cluster. When new switches are added to the topology, Cluster Builder prompts you the next time it starts to add the latest candidate to the cluster. The Suggested Candidate window does not display after the number of switches in the cluster has reached the maximum of 16.

By default, the suggested candidates are highlighted in the Suggested Candidates window, but you can select one or more switches as long as the number of switches selected does not exceed 16. You can accept the suggested candidates or not. If you do not accept the suggested candidates, none of the switches are added.


Note You can always select one or more candidates in Cluster Builder and select Add to Cluster to add them to the cluster.


When you accept the suggested candidates, enter the password of the candidate switch if one has been defined. If no password has been defined, click OK to add the switch to the cluster with no password. If you enter a password that does not match the password defined for the candidate, or if the switch does not have a password, it does not look at the password field, and the candidate is not added to the cluster. In all cases, once a candidate switch joins a cluster, it inherits the command-switch password. For more information on setting passwords, see the "Changes to Passwords" section.


Note The Suggested Candidates window displays prequalified candidates whether or not they are in the same management VLAN as the command switch. If you enter the password for a candidate in a different management VLAN than the cluster and click OK, this switch is not added to the cluster. It appears as a candidate switch in Cluster Builder. For information on how to change the management VLAN, see the "Understanding Management VLAN Changes" section.


You can set Cluster Builder to not automatically display suggested candidates. For more information, see the "Changing User Settings" section.

Figure 3-2 Suggested Candidate Window

CLI: Creating a Cluster

This procedure assumes that the candidate switches and the command switch are connected through ports that belong to the same management VLAN. The "Changing the Management VLAN" section describes the characteristics of the management VLAN.

Beginning in privileged EXEC mode on the command switch, follow these steps to enable the command switch and add candidate switches to the cluster:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

cluster enable name

Enable the command switch and name the cluster (up to 31 characters).

Step 3 

end

Return to privileged EXEC mode.

Step 4 

show cluster candidates

Display a list of candidates.

Step 5 

show cluster members

Display a list of current cluster members.

Step 6 

configure terminal

Enter global configuration mode.

Step 7 

cluster member n mac-address hw-addr password password

Add candidates to the cluster.

Assign a unique number from 1 to 15 for n. Do not use any switch number (SN) that appears in the show cluster members display. Enter the candidate switch MAC address, which can be obtained from the show cluster candidates display.

Step 8 

end

Return to privileged EXEC mode.

Step 9 

show cluster members

Display the status of the cluster.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

When a Cluster is Created

When a cluster is created, Network Address Translation (NAT) commands are added to the configuration file of the command switch. Do not remove these commands. The command switch also automatically makes configuration changes to the member switch host name, password, and SNMP community string.

Changes to the Host Name

If you did not assign a host name to a member switch, the command switch appends a unique member number to its own host name and assigns it sequentially to the switch when it joins the cluster. The number indicates the order in which the switch was added to the cluster. For example, a command switch named eng-cluster could name cluster member 5 eng-cluster-5.

If you did not assign a host name to the command switch, it keeps the default host name of Switch.

If you assigned a host name to a member switch, it retains that name when it joins the cluster. A host name is also retained even after removing the switch from the cluster.

However, if your switch was part of a cluster, received its host name from the command switch, was removed and then added back to a new cluster, its host name (such as eng-cluster-5) is not overwritten with the new version of the command switch host name.

Changes to the SNMP Community Strings

The following SNMP community strings are added to a member switch when it joins a cluster:

commander-readonly-community-string@esN, where N is the member-switch number.

commander-readwrite-community-string@esN, where N is the member-switch number.

If the command switch has multiple read-only or read-write community strings, only the first read-only and read-write strings are propagated to the member switch.

Catalyst 2950, 2900 XL, and 3500 XL switches support an unlimited number of community strings and string lengths.

The Catalyst 1900 and 2820 switches support up to four read-only and four read-write community strings; each string contains up to 32 characters. When these switches join the cluster, the first read-only and read-write community string on the command switch is propagated and overwrites the fourth read-only and read-write community string on the member switches. To support the 32-character string-length limitation on the Catalyst 1900 and 2820 switches, the command-switch community strings are truncated to 27 characters when propagating them to these switches, and the @esN (where N refers to the member switch number and can be up to two digits) is appended to them.

For more information about configuring community strings through Cluster Manager, see the "Configuring SNMP" section.

Changes to Passwords

The member switch inherits the command-switch enable-secret or enable password when it joins the cluster and retains it when it leaves the cluster. If no command-switch password is configured, the member switch inherits a null password. Member switches only inherit the command-switch password privilege level 15.

However, certain caveats apply to Catalyst 1900 and 2820 switches as cluster members. Their passwords and privilege levels are altered in the following ways:

Password length

If the command-switch enable password is longer than 8 characters, the member-switch enable password is truncated to 8 characters.

If the command-switch enable password is between 1 and 8 characters inclusive, the member-switch enable password will be the same as the command switch password. (Though the password length for Catalyst 1900 and 2820 switches is from 4 to 8 characters, the length is only checked when the password is configured from the menu console or with the CLI.)

Both the command switch and member switch support up to 25 characters (52 characters encrypted) in the enable secret password.

Privilege level

The command switch supports up to 15 privilege levels. Catalyst 1900 and 2820 member switches support only levels 1 and 15.

Command-switch privilege levels 1 to 14 map to level 1 on the member switch.

Command-switch privilege level 15 maps to level 15 on the member switch.

Adding and Removing Member Switches

You can use the network map in Cluster Builder (Figure 3-3) to add a switch or switches to a cluster. Clustered switches have green labels, and candidates have blue labels. To add a single switch to a cluster, right-click the candidate, and click Add to Cluster from the pop-up menu. If the candidate is in a different management VLAN than the command switch, a message is displayed indicating that this candidate is unreachable, and you will not be able to add it to the cluster.

To add several switches to a cluster, press Ctrl, and left-click the candidates you want to add. The candidates are added if they all have the same password. If any of the candidates cannot be added, Cluster Builder displays a message explaining which candidates were not added and why.

You can add a candidate to a cluster if no more than 16 switches are in the cluster; otherwise, you must remove a member before adding a new one. If a password has been configured on the switch, you are prompted to enter.


Note The Add to Cluster option is disabled when the number of switches in the cluster reaches 16.


To remove a member switch, right-click it, and select Remove from Cluster from the pop-up menu. The switch retains the password configured for it when it leaves the cluster. You can also use the CLI to remove a member switch, as described in the "CLI: Removing a Member from a Cluster" section.

Figure 3-3 Cluster Builder

Determining Why a Switch Is Not Added to a Cluster

If a switch does not become part of the cluster, you can learn why by selecting Views > Toggle View from the menu bar in Cluster Builder. Cluster View displays the cluster as a double-switch icon and shows connections to devices outside of the cluster (Figure 3-4). Right-click the device (yellow label), and select Disqualification Code to display the reason it did not join the cluster.

Figure 3-4 Cluster View

CLI: Adding a Member to a Cluster

You can use the cluster setup command to add members to an existing cluster or to create a cluster. This command generates a script that proposes configuration changes and prompts you to approve or disapprove them. Enter this command from a switch that is enabled as a command switch.


Note Only candidate switches that are one hop away and have not been assigned an IP address are displayed by this command. You can display all valid candidates by using the show cluster candidates command, and you can display all cluster members by using the show cluster members command.


Beginning in privileged EXEC mode on a command switch, follow these steps to add a member switch to a cluster:

 
Command
Purpose

Step 1 

cluster setup

Start the setup script. You can end the script at any time by entering ctrl-c.

Step 2 

Continue with cluster configuration dialog? [yes/no]: yes

The following configuration command script was created: cluster member n mac-address hw-addr

The current cluster members and candidates are displayed. When prompted by the script, enter yes to accept the proposed cluster configuration or no to reject it.

If you enter yes, the script displays candidates that have been added to the cluster. If you enter no, the cluster setup command ends.

 

Step 3 

Use this configuration? [yes/no]: yes

Enter yes to accept the proposed configuration or no to reject it.

If you enter yes, the candidate switches are added to the cluster. If you enter no, the cluster setup command ends.

Step 4 

end

Return to privileged EXEC mode.

Step 5 

show cluster members

Verify that all members have been added to the cluster.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

CLI: Removing a Member from a Cluster

You remove a cluster member by entering commands on the command switch.

Beginning in privileged EXEC mode on the command switch, follow these steps to remove a member switch from the cluster:

 
Command
Purpose

Step 1 

show cluster members

Display the status of the cluster, and note the MAC address and member number of the switch you want to remove.

Step 2 

configure terminal

Enter global configuration mode.

Step 3 

no cluster member n

Remove the switch from the cluster, where n is the switch member number.

Step 4 

end

Return to privileged EXEC mode.

Step 5 

show cluster members

Display the status of the new cluster.

You can remove a member by entering commands on the member itself, but the member is not entirely removed from the cluster until you also enter commands on the cluster command switch. A member switch that is removed by entering commands only on the member switch is considered by the command switch to be down until it is explicitly removed on the command switch.

Beginning in privileged EXEC mode on a Catalyst 2950, 2900 XL, or 3500 XL member switch, follow these steps to remove it from a cluster:

 
Command
Purpose

Step 1 

configure terminal

On the member switch, enter global configuration mode.

Step 2 

no cluster commander-address

Remove the member switch from the cluster.

Step 3 

end

Return to privileged EXEC mode.

Step 4 

show cluster

Verify that the member switch is no longer part of the cluster.

Step 5 

show cluster members

On the command switch, display the status of the cluster, and note the MAC address and switch number of the switch you want to remove.

Step 6 

configure terminal

Enter global configuration mode.

Step 7 

no cluster member n

Remove the switch from the cluster.

Step 8 

end

Return to privileged EXEC mode.

Step 9 

show cluster members

Display the status of the new cluster.

For information on how to remove Catalyst 1900 or 2820 member switches, refer to the Catalyst 1900 Series Installation and Configuration Guide or the Catalyst 2820 Series Installation and Configuration Guide.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

Building a Redundant Cluster

Because a cluster command switch manages the forwarding of all configuration information to cluster members, a redundant command switch is necessary to take over if the command switch fails. Cisco IOS Release 12.0(5)WC(1) supports a version of the HSRP so that you can configure a standby group of Catalyst 2950, 2900 XL, or 3500 XL switches. When this standby group is bound to the cluster, one of the switches acts as a standby command switch that becomes active when the command switch fails. The "Understanding HSRP" section describes how the protocol works.

Redundant cabling is also required for a standby switch to automatically take over when a command switch fails. Figure 3-5 shows a network cabled to allow the standby switch to maintain management contact with the member switches if the cluster command switch fails. Spanning Tree Protocol prevents the loops in such a configuration from reducing performance.

Figure 3-5 Redundant Cabling to Support HSRP

Understanding HSRP

To build a redundant cluster, you use HSRP to configure a stand-by group that contains a cluster command switch and one or more eligible member switches. The standby group is configured with a unique virtual IP address. When the standby group is bound on the command switch, the command switch receives member traffic destined for the virtual IP address.

To manage the redundant cluster, access the command switch through the virtual IP address and not the command-switch IP address. If HSRP is enabled and you use the command-switch IP address, you can be prompted a second time for a password when you move between Cluster Builder and VSM.

Other switches in the standby group are candidates to become the standby command switch and are ranked according to a set of user-defined priorities. The member switch with the highest priority in the group is the standby command switch. To ensure that the standby command switch can take over the cluster if the command switch fails, the command switch continually forwards cluster configuration information to the standby command switch.


Note The command switch forwards cluster configuration information to the standby switch but not device-configuration information. The standby command switch is informed of new cluster members but not the configuration of any given switch.


If the command switch fails, the standby command switch assumes ownership of the virtual IP address and MAC address and begins acting as the command switch. The remaining switches in the group compare their assigned priorities to determine the new standby command switch. To configure an HSRP standby group, see the "Configuring a Cluster Standby Group" section.

If a standby switch replaces a command switch and the command switch becomes active again, the command switch resumes its role as the active command switch. An automatic recovery procedure can add cluster members that were added to the cluster while the command switch was down.

Recovering from a Failed Command Switch without HSRP

If a command switch fails and no standby command switch is configured, member switches continue forwarding among themselves, and they retain the ability to be managed through normal standalone means. You can configure member switches through the console-port CLI, and they can be managed through SNMP, HTML, and Telnet after you assign an IP address to them.

The password you enter when you log into the command switch gives you access to member switches. If the command switch fails and there is no standby command switch, you can use the command-switch password to recover. For more information, see "Recovering from a Command Switch Failure" section.

Configuring a Cluster Standby Group

This section describes how to create a standby group and bind it to a cluster, how to add and remove members from a standby group, and how to remove a standby group from the network.

Use the Standby Command Configuration window (Figure 3-6) to create a standby group. When an active command switch fails, a new command switch is chosen from this group according to their order in their Selected list in the window.

Standby Command Switch Requirements

To be eligible to join a standby group, a switch must meet the following requirements:

It is running Cisco IOS Release 12.0(5)XU or later.

It has its own IP address.

Any number of eligible switches can belong to a standby group.


Note Switches running earlier releases of the IOS software can belong to clusters supported by HSRP but cannot belong to a standby group.


For redundancy, we also recommend that a switch belonging to a standby group have the following characteristics:

It is a member of a cluster.

It is cabled so that connectivity to cluster members is maintained even if the command switch fails.

Using the Standby Configuration Window

You create a standby group by moving candidates from the Candidates list to the Selected list in the Standby Command Configuration window (Figure 3-6). Eligible switches are listed in the Candidates list according to an eligibility ranking. Switches are ranked first by the number of links they have and second by the speed of the switch. If switches have the same number of links and speed, they are listed alphabetically.

When you add a switch to the standby group, you can configure the priority of group members by using the Add and Remove buttons. The command switch has the highest priority and is always at the top of the list. The standby switch is below the command switch, and the priority of the other switches is represented by their place in the list. The last switch in the list has the lowest priority.

Figure 3-6 Standby Command Configuration

The following abbreviations are appended to the switch host names in the Selected list to indicate their status in the standby group:

AC

Active command switch

SC

Standby command switch

PC

Passive command switch (member of the standby group but is not the standby command switch)

CC

Command switch when HSRP is disabled


The virtual IP address (VIP) must be in the same subnet as the IP addresses of the switches, and the group number must be unique within the IP subnet. It can be from 0 to 255, and the default is 0. The VIP should be different from the commander IP address to avoid duplicate IP addresses.

The Standby Command Configuration window uses default values for the preempt and name commands that you can explicitly set by using the CLI. If you use this window to create the HSRP group, all switches in the group have the preempt command enabled, and the name for the group is clustername_standby.

CLI: Creating a Standby Group

There are two steps to configuring a standby group through the CLI:

1. Entering the name, number, and virtual IP address of the HSRP group on each switch in the group, including the command switch.

2. Binding the HSRP group to the cluster by entering the redundancy-enable command on the cluster command switch.

Follow these guidelines when you configure a standby group by using the CLI:

Configure one HSRP group per cluster.

Assign the unique virtual IP address to every switch in the group.

Assign the unique name to every switch in the group.

Assign the standby priority to each switch in relation to the active command switch. That is, the active command switch has the highest priority, the switch with the most redundant connectivity has the next highest priority, and so on.

Enter the preempt command on each switch to ensure that the priority is maintained.

Beginning in privileged EXEC mode on the command switch, follow these steps to create the HSRP group and bind it to the command switch:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

interface vlan1

Set the switch to configure the management interface in VLAN 1.

Step 3 

standby number ip ip_address

Create the standby group, and give it a number and virtual IP address. The group number must be unique within the IP subnet. It can be from 0 to 255, and the default is 0.

Step 4 

standby number name name

Give the standby group a name. This name is used to bind the group to the command switch. The name can be a string up to 32 characters long.

Step 5 

standby number priority priority

Set the priority of the switch to a number between 0 and 255. Assign the highest priority to the command switch. The default priority is 100.

Step 6 

standby number preempt

Set the standby group to always maintain the priority ranking, even when the command switch fails and becomes active again.

Step 7 

end

Return to privileged EXEC mode.

Step 8 

show running-config

Verify the creation of the standby group.

Step 9 

 

Repeat Steps 1 through 6 on each switch eligible to belong to the group. Configure the priority to ensure that the best-suited standby switch has the highest priority after the active command switch.

Step 10 

configure terminal

After all eligible switches have been added to the group, return to the command switch CLI, and enter global configuration mode.

Step 11 

cluster standby-group name

Enable command-switch redundancy for the cluster by entering the name of the standby group you created in Step 4.

Step 12 

 

Begin to use the virtual IP address that you entered in Step 3 as the means to manage the cluster.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

CLI: Adding Member Switches to a Standby Group

Member switches must have an IP address and be running Cisco IOS
Release 12.0(5)XU or later before they can be added to an existing HSRP group. Beginning in privileged EXEC mode on the command switch, follow these steps to add the switch to the HSRP group:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

interface vlan1

Set the switch to configure the management interface in VLAN 1.

Step 3 

show cluster

Display the HSRP group number to which the cluster is bound.

Step 4 

show standby

Display the information defined for the existing HSRP group, and note the virtual IP address, name, and priority.

Step 5 

show cluster members

Display the members that are part of the cluster. From the display, get the number of the member switch that you want to add to the group. The member number is listed in the SN column of the display. You need the member number for Step 6.

Step 6 

rcommand n

Access the CLI for the member switch that you want to add to the group.

For n, enter the switch number that you obtained in Step 5.

Step 7 

configure terminal

On the member switch, enter global configuration mode.

Step 8 

standby number ip ip_address

Enter the group number and the virtual IP address.

Step 9 

standby number name name

Enter the HSRP group number and name.

Step 10 

standby number priority priority

Set the priority of the switch to a number between 0 and 255.

Step 11 

standby number preempt

Set the standby group to always maintain the priority ranking, even when the command switch fails and becomes active again.

Step 12 

end

Return to privileged EXEC mode.

Step 13 

show cluster members

Verify that the member was added to the cluster.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

CLI: Removing a Switch from a Standby Group

You can remove standby switches from a standby group, but you cannot remove an active command switch from a standby group. Beginning in privileged EXEC mode on the command switch, follow these steps to remove a switch from the HSRP group:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

interface vlan1

Set the switch to configure the management interface in VLAN 1.

Step 3 

show cluster

Display the standby group number to which the cluster is bound. Note the number.

Step 4 

show cluster members

Display the members that are part of the cluster. From the display, get the number of the member switch that you want to remove from the group. The member number is listed in the SN column of the display. You need the member number for Step 5.

Step 5 

rcommand n

Access the CLI for the member switch you want to remove from the group.

For n, enter the switch number that you obtained in Step 4.

Step 6 

configure terminal

Enter global configuration mode.

Step 7 

no standby number ip

Use the group number to remove the virtual IP address.

Step 8 

no standby number name

Use the group number to remove the name setting.

Step 9 

no standby number priority

Use the group number to remove the priority setting.

Step 10 

no standby number preempt

Use the group number to remove the preempt setting.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

CLI: Removing a Standby Group from the Network

You remove a standby group from your network by disabling the standby group on the command switch and entering the no version of the HSRP CLI commands on all switches in the HSRP group. When all HSRP parameters have been removed from all the members of the group, including the command switch, the group has been removed from the network.

Beginning in privileged EXEC mode on the command switch, follow these steps to remove a standby group:

 
Command
Purpose

Step 1 

show cluster

Display the standby group number.

Step 2 

configure terminal

Enter global configuration mode.

Step 3 

no cluster standby-group

Unbind the command switch from the standby group.

Step 4 

no standby number ip

Use the group number to remove the virtual IP address of the standby group.

Step 5 

no standby number name

Use the group number to remove the name setting.

Step 6 

no standby number priority

Use the group number to remove the priority setting.

Step 7 

no standby number preempt

Use the group number to remove the preempt setting.

Step 8 

show cluster members

Display the members that are part of the cluster. From the display, get the number of the switch that you want to remove from the group. You need the member number for Step 9.

Step 9 

rcommand n

Access the CLI for each switch in the group, enter global configuration mode, and repeat Steps 4 through 7.

For n, enter the switch number that you obtained in Step 8.


Note After the last switch has been removed from the standby group, start accessing the cluster by using the IP address of the command switch.


The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

Managing Switch Clusters

This section describes how to perform tasks on switch clusters. Cluster members could be Catalyst 1900, 2820, 2950, 2900 XL, or 3500 XL switches. These management tasks operate on all switches in the cluster and are distinct from configuring individual switches. For information on managing individual devices, see "Managing Switches."

This section describes how to perform the following tasks:

Accessing CMS

Configuring initial cluster settings

Saving configuration changes

Displaying an inventory of cluster switches

Monitoring and configuring ports

Changing the management VLAN for a cluster

Displaying link information

Displaying VLAN membership information

Upgrading the switch software on all switches in the cluster

Enabling and configuring SNMP

Accessing the Cluster Management Suite

If you have not already configured your browser for CMS, refer to the Release Notes for the Catalyst 2950 Cisco IOS Release 12.0(5)WC(1) for detailed instructions on configuring the browsers.

When you enter the switch IP address in the browser Location field (Netscape Communicator) or Address field (Internet Explorer), the Cisco Systems Access page (Figure 3-7) is displayed. Click Cluster Management Suite or Visual Switch Manager. Cluster Builder or Cluster Manager displays (Figure 3-8).

Figure 3-7 Cisco Systems Access Page

After you have created a cluster, you can use Cluster Manager to monitor and configure the cluster switches. Figure 3-8 shows a cluster displayed in Cluster Manager. The switch software updates the LEDs displayed on these images in real time, making the images displayed by Cluster Manager as informative as the switch LEDs themselves. You can also use Cluster Builder and Cluster View to manage your cluster.

Figure 3-8 Cluster Manager

Configuring Initial Cluster Settings

This section describes how to customize the CMS environment to meet
your needs.

Arranging and Saving the Network Map

You can reposition devices in Cluster Builder and Cluster View and save this information. Before arranging and saving the network map, make sure that the command switch discovered all the devices and that you have added them to the cluster.

You arrange the layout by clicking and holding the left mouse-button on a device and dragging it to a new location on the map. Select Options > Save Layout from the menu bar to save the arrangement displayed by Cluster Builder and Cluster View.

If the topology did not change, the saved version of the network map displays the next time you start Cluster Builder or Cluster View. If a topology change occurs, you can arrange the devices and save the map again.

Changing User Settings

Select Cluster > User Settings from the menu bar in Cluster View, Cluster Builder, or Cluster Manager to change the parameters described in the following list. The user settings are automatically saved in permanent storage on the command switch.

Cluster Builder and Cluster Manager polling interval—Select the number of seconds the switch waits before polling the switch for new cluster and port information by clicking on the slide bar and moving it to the left or right. Lowering the polling interval can be useful when you are changing or testing cluster switches. The default is 120 seconds.

Reload the page for the new setting to take effect.


Tips A long polling interval reduces the number of requests made on the command switch, and topology updates are not reported as frequently. A short polling interval has the opposite effect. We recommend that you use a short interval only for troubleshooting or while building a cluster.


Link and device graph polling interval—Select the number of seconds the switch waits before the application polls it for new graph information by clicking on the slide bar and moving it to the left or right. The default is
24 seconds. Reload the page for the new setting to take effect.

Show the splash screen when the Cluster Management Suite starts—Select Show Splash Screen at startup to always see the splash screen.

Change the default view—Choose Cluster Manager or Cluster Builder as the default view to display when CMS starts. For example, you might make Cluster Manager the default after the cluster-creation process is compete.

Rearranging the Order of the Displayed Switches

You can arrange the order in which switches are displayed in Cluster Manager to match the arrangement in your wiring closet. Select Cluster > Device Position from the menu bar to display the Device Position window (Figure 3-9). Select a device in the Device Position window, and use the arrows to move it up or down in the list. Click OK when you are finished.

Figure 3-9 Device Position

Changing the Host Name

You can change the host name of any switch in the cluster by using Cluster Builder.

To change the host name of a member switch in Cluster Builder, right-click the switch, and select Host Name Config from the pop-up menu. Enter a host name of up to 28 characters in the field, and click OK. Member switch host names must be unique in the cluster. Do not use a number as the last character in a host name on any switch.

When you change the host name on the command switch, assign a name no longer than 28 characters. Limiting the command switch host name to 28 characters ensures that each member switch host name is unique and viewable in the application. The "Changes to the Host Name" section describes how the command switch appends a member number to its host name and propagates it to new switches not originally configured with a name when they joined the cluster.

Saving Configuration Changes

Configuration changes on the Catalyst 2950 switches are not written to Flash memory until you select System > Save Configuration in Cluster Manager or Options > Save Configuration in Cluster Builder or Cluster View.

As you make cluster configuration changes (except for changes to the network map and in the User Settings window), make sure you periodically save the configuration. The configuration is saved on the command and member switches.

Displaying an Inventory of Cluster Switches

You can display a summary table of all the switches in a cluster. The cluster inventory contains the following information:

Cisco model numbers and serial numbers

IOS version running on the switches

IP information for the switches

Location of the switches

Modules installed in the switches, if applicable

To display the Inventory window (Figure 3-10), select System > Inventory. To display this information for a single switch, select the switch, right-click with the mouse, and select System > Inventory.

Figure 3-10 Inventory

Displaying Link Information

You can see how the cluster members are interconnected by using the Cluster Builder network map. It shows how the switches are connected and the type of connection between each device. Click Help > Legend in Cluster Builder to learn the meaning of each icon, link, and color.

To display port-connection information, select Views > Toggle Labels. By clicking Toggle Labels, you display the port numbers for each end of the link.

Changing the Management VLAN

Access to all switch management facilities is through the switch IP address, and the switch IP address always belongs to the management VLAN, VLAN 1, by default. This section describes how to configure a cluster to support management connectivity when the management VLAN is other than the default.

Guidelines for Changing the Management VLAN

The management VLAN has the following characteristics:

It is created by the VSM or the CLI on static-access, multi-VLAN, and dynamic-access and trunk ports. You cannot create or remove the management VLAN through SNMP.

Only one management VLAN can be administratively active at a time.

With the exception of VLAN 1, the management VLAN can be deleted.

When created, the management VLAN is administratively down.

Before changing the management VLAN on your switch network, make sure you follow these guidelines:

The new management VLAN should not have an HSRP standby group configured on it.

You must be able to move your network management station to a switch port assigned to the same VLAN as the new management VLAN.

Connectivity through the network must exist from the network management station to all switches involved in the management VLAN change.

For switches running a version of IOS software that is earlier than Cisco IOS 12.0(5)XP, you cannot change the management VLAN.

Changing the Management VLAN for a Cluster

To manage switches in a cluster, the port connections among the command, member, and candidate switches must all be in the management VLAN. You can use the VLAN Management window (Figure 3-11) or the CLI to change the management VLAN of the command and member switches. Any VLAN can serve as the management VLAN as long as there are links between the command switch and the member switches for both the old and the new management VLANs.

Figure 3-11 Management VLAN

When you select the new VLAN to be the management VLAN, the IOS software coordinates the change on the member switches to ensure that the cluster continues running without a loss in management connectivity.

If your cluster includes members that are running a software release earlier than
Cisco IOS Release 12.0(5)XP, you cannot change the management VLAN of the cluster. If your cluster includes member switches that are running Cisco IOS Release 12.0(5)XP, those members need to have the VLAN changed before using the Management VLAN window. The procedure for changing member switches running Cisco IOS Release 12.0(5)XP is included in the Cisco IOS Desktop Switching Software Configuration Guide for Catalyst 2900 Series XL and Catalyst 3500 Series XL Cisco IOS Release 12.0(5)XP.


Caution Changing the management VLAN ends your HTTP or Telnet session. You must restart the HTTP session by entering the switch IP address in the browser Location field (Netscape Communicator) or Address field (Internet Explorer) or by restarting your CLI session through Telnet. You can change the management VLAN through a console connection without interruption.

Changing the Management VLAN for a New Switch

For a new switch to be added to a cluster, it must first be connected to a port that belongs to the management VLAN of the cluster. If the cluster is configured with a management VLAN other than the default, the command switch changes the management VLAN for new switches when they are connected to the cluster. In this way, the new switch can exchange CDP messages with the command switch and be proposed as a cluster candidate.


Note For the command switch to change the management VLAN on a new switch, there must be no changes to the switch configuration, and there must be no config.text file.


Because the switch is new and unconfigured, its management VLAN is changed to the cluster management VLAN when it is first added to the cluster. All ports that have an active link at the time of this change become members of the new management VLAN.

CLI: Changing the Management VLAN Through a Telnet Connection

Before you start, review the "Guidelines for Changing the Management VLAN" section. Beginning in privileged EXEC mode on the command switch, follow these steps to configure the management VLAN interface through a Telnet connection:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

cluster management-vlan vlanid

Change the management VLAN for the cluster. This ends your Telnet session. Move the port through which you are connected to the switch to a port in the new management VLAN.

Step 3 

show running-config

Verify the change.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

Monitoring and Configuring Ports

You can configure one or more ports on the same switch by clicking them from Cluster Manager. You can also configure groups of ports from different switches as a group, and you can display the settings for each port. Table 3-1 describes the parameters that you can monitor and configure.

Table 3-1 Port Configuration Parameters 

Feature
Description

Status

Administratively enables or disables the port.

Description

Displays the description for the port.

Duplex

Sets a port to full-duplex (Full), half-duplex (Half), or autonegotiate (Auto).
The default is Auto.

Note The Gigabit Ethernet ports can operate in either half- or full-duplex mode when they are set to 10 or 100 Mbps, but when they are set to 1000 Mbps, they can only operate in full-duplex mode.

Speed

Sets a 10/100 port to 10 Mbps (10), 100 Mbps (100), or autonegotiate (Auto).
The default is Auto.

Sets a 10/100/1000 port to 10 Mbps (10), 100 Mbps (100), 1000 Mbps (1000), or autonegotiate (Auto). The default is Auto.

Port Fast

Sets the port to immediately enter the STP forwarding state and bypass the normal transition from the listening and learning states to the forwarding state.

802.1p

Assigns a class of service (CoS) priority to the port. CoS values range between zero for lowest-priority and seven for highest-priority. For more information on this parameter, see the "Configuring IEEE 802.1p Class of Service" section.

Flow Control

Enables or disables flow control on Gigabit Ethernet ports. Flow control enables the connected Gigabit Ethernet ports to control traffic rates during congestion. If one port experiences congestion and cannot receive any more traffic, it notifies the other port to stop transmitting until the condition clears.

Select Symmetric when you want the local port to perform flow control of the remote port only if the remote port can also perform flow control on the local port.

Select Asymmetric when you want the local port to perform flow control on the remote port. For example, if the local port is congested, it notifies the remote port to stop transmitting. This is the default setting.

Select Any when the local port can support any level of flow control required by the remote port.

Select None to disable flow control on the port.

This field is displayed only when a Gigabit Ethernet port is present; it does not apply to a Fast Ethernet port.


Monitoring Port Settings

The LEDs on the switch image present the same information as the actual LEDs, but they use colors instead of the on-off methods of the switch front panel.

The LEDs above the ports (or the port openings) in Figure 3-8 display the port status (STAT), duplex (DUPLX), or transmission speed (SPEED) of the ports on the switch.


Note The UTIL LED is not displayed in Cluster Manager.


Click the Mode button to highlight STAT (status), SPEED (speed), DUPLX (duplex). The port LEDs convey the selected information, and you can select
Help > Legend to display the color meanings.

Figure 3-12 Using the Mode Button to Read Switch LEDs

Monitoring Other Switch LEDs

The other LEDs function as follows:

The System LED displays the status of the switch.

The RPS LED is on when a Cisco RPS is attached. For more information on the RPS, refer to the Catalyst 2950 Desktop Switch Hardware Installation Guide.

Guidelines for Configuring Ports

The Port Configuration window displays the Requested and Actual settings for each port. A port connected to a device that does not support the requested setting or that is not connected to a device can cause the Requested and Actual settings to differ.


Caution If you reconfigure the port through which you are managing the switch, a Spanning-Tree Protocol (STP) reconfiguration could cause a temporary loss of connectivity.

Follow these guidelines when configuring the duplex and speed settings for a switch:

The Gigabit Ethernet ports can operate in either half- or full-duplex mode when they are set to 10 or 100 Mbps, but when they are set to 1000 Mbps, they can only operate in full-duplex mode.

If STP is enabled, the switch can take up to 30 seconds to check for loops when a port is reconfigured. The port LED is amber while STP reconfigures.

After you make a change, you can verify the change by clicking the port on the Home page or by using the Mode button.

Connecting to Devices That Do Not Autonegotiate

To connect to a remote 100BaseT device that does not autonegotiate, set the duplex setting to Full or Half, and set the speed setting to Auto. Autonegotiation for the speed setting selects the correct speed even if the attached device does not autonegotiate, but the duplex setting must be explicitly set.

To connect to a remote Gigabit Ethernet device that does not autonegotiate, disable autonegotiation on the local device, and set the duplex and flow control parameters to be compatible with the other device.

Configuring Ports

To monitor or reconfigure all the ports of a switch, click the switch, and select Port > Port Configuration from the menu bar. The Port Configuration window (Figure 3-13) displays a table with the configured and actual status of each port. Because of autonegotiation, the actual status of a port can differ from how it was configured. To reconfigure a port, select a row, and click Modify.

To monitor or reconfigure a single port, right-click it, and then select Port > Port Configuration from the pop-up menu. The Port Configuration window (Figure 3-14) displays the status and settings of the port. Use the drop-down lists to reconfigure the port, and click OK.

To make changes, select one or more rows in the table, and click Modify. The Group Port Configuration window (Figure 3-14) displays. When more than one port is selected, the window does not display the actual settings for the ports.

Figure 3-13 Port Configuration

Although you can configure settings for multiple mixed ports, some settings might not apply to all ports. For example, you can select half duplex from the drop-down list for a mixture of Ethernet and Gigabit Ethernet ports. The "Guidelines for Configuring Ports" section describes some of the differences that apply to certain technologies.

You can also configure multiple ports on different switches. Select the ports by holding down the Ctrl key and left-clicking the ports. Right-click to display the pop-up menu, and select Port > Port Configuration. The Group Port Configuration pop-up (Figure 3-14) displays. You can use this window to change the ports settings for the selected ports, but the window does not display the actual port settings or VLAN information.

Figure 3-14 Group Port Configuration Pop-up

To enter a description for a port, select a row, and click Describe. The Basic Port Description window (Figure 3-15) appears. Enter a description, and click OK. To enter a description for more than one port, select the rows, and click Describe. Enter a description in the Advanced Port Description window (Figure 3-16), and click OK.

Figure 3-15 Basic Port Description

Figure 3-16 Advanced Port Description

Port Statistics

To display detailed port statistics, click the switch, and select Port > Port Statistics from the Menu bar. The Port Statistics window (Figure 3-17) appears. The Port Statistics window displays detailed port statistics on link performance, dropped packages, total errors, etc.

Figure 3-17 Port Statistics

Port Search

To search for a port or a group of ports, click the switch, and select Port > Port Search from the Menu bar. The Port Search window (Figure 3-18) appears. Enter a description in the Find Port(s) with Description field, and click Search. The search results display all the ports that match the description.

Figure 3-18 Port Search

CLI: Setting Speed and Duplex Parameters

Beginning in privileged EXEC mode, follow these steps to set the speed and duplex parameters on a port:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

interface interface

Enter interface configuration mode, and enter the port to be configured.

Step 3 

speed {10 | 100 | 1000 | auto}

Enter the speed parameter for the port.

Step 4 

duplex {full | half | auto}

Enter the duplex parameter for the port.

Note The Gigabit Ethernet ports can operate in either half- or full-duplex mode when they are set to 10 or 100 Mbps, but when they are set to 1000 Mbps they can only operate in full-duplex mode.

Step 5 

end

Return to privileged EXEC mode.

Step 6 

show running-config

Verify your entries.

Step 7 

copy running-config startup-config

(Optional) Save your entry in the configuration file. This retains the configuration when the switch restarts.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

CLI: Configuring Flow Control on Gigabit Ethernet Ports

The meaning of this parameter is described in Table 3-1.

Beginning in privileged EXEC mode, follow these steps to configure flow control on a Gigabit Ethernet port.

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

interface interface

Enter interface configuration mode, and enter the port to be configured.

Step 3 

flowcontrol [asymmetric | symmetric]

Configure flow control for the port.

Step 4 

end

Return to privileged EXEC mode.

Step 5 

show running-config

Verify your entries.

Step 6 

copy running-config startup-config

(Optional) Save your entry in the configuration file. This retains the configuration when the switch restarts.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

Displaying VLAN Membership

The VLAN Membership window (Figure 3-19) displays the list of all the user-defined VLANs on the switch. By selecting a VLAN, you can display in Cluster Manager the ports that belong to that VLAN. You can also use this window to configure VLANs and trunks, as described in "Creating and Maintaining VLANs."

To display the VLANs that are active on a switch, right-click the switch chassis in Cluster Manager, and select VLAN > VLAN Membership from the menu bar.

To display the ports that belong to a given VLAN, select the Display Port Members tab. Select the VLAN ID, and click Highlight Port Members on Device. Cluster Manager highlights all the switch ports that belong to that VLAN. The legend on the page describes the meaning of each color.

Figure 3-19 VLAN Membership

Upgrading or Reloading the Switch Software

You can upgrade cluster switches as a group or one at a time by using the Software Upgrade window (Figure 3-20) or the CLI. New software releases are posted on Cisco Connection Online (CCO) and are available through authorized resellers. Cisco also supplies a TFTP server that you can download from 48. Use the Software Upgrade window to upgrade several switches at once, or use the CLI to upgrade one switch at a time.

Guidelines for Upgrading or Reloading Switch Software

You can upgrade all or some of the switches in a cluster at once, but the software first performs a series of checks.

Configuring the Cisco TFTP Server to Upgrade Multiple Switches

The Cisco TFTP server application can handle multiple requests and sessions, but you must first disable the TFTP Show File Transfer Progress and the Enable Logging options to avoid TFTP server failures. If you are performing multiple-switch upgrades with a different TFTP server, it must be capable of managing multiple requests and sessions at the same time.

CLI: Copying the Startup Configuration from the Switch to a PC or Server

When you make changes to a switch configuration, your changes become part of the running configuration. When you enter the command to save those changes to the startup configuration, the switch copies the configuration to the config.text file in Flash memory.

To ensure that you can recreate the configuration if a switch fails, you might want to copy the config.text file from the switch to a PC or server. The following procedure requires a configured TFTP server such as the Cisco TFTP server available on CCO.

Beginning in privileged EXEC mode, enter the following commands to copy a switch configuration file to the PC or server that has the TFTP server.

 
Command
Purpose

Step 1 

copy flash:config.text tftp

Copy the file in Flash memory to the root directory of the TFTP server.

Step 2 

Address or name of remote host? ip_address

Follow the prompt for the IP address of the device where the TFTP server resides.

Step 3 

Destination filename [config.text]? yes/no

Enter the name of the destination file. This could still be config.text.

Step 4 

 

Verify the copy by displaying the contents of the root directory on the PC or server.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

Using the Software Upgrade Page to Upgrade Switch Software

In Cluster Manager, select System > Software Upgrade to display the Software Upgrade window (Figure 3-20). Enter the tar filename that contains the switch software image and the web-management code. You can enter just the filename or a path into the New Image File Name field. You do not need to enter a path if the image file is in directory you have defined as the TFTP root directory.

On Catalyst 2950 switches, new images are copied to Flash memory and do not affect the operation of the switch. The switch checks Flash memory to ensure that there is sufficient space before the upgrade takes place. If there is not enough space in Flash memory for the new and old images, the old image is deleted, and the new image is downloaded. If there is enough space, the new image is copied to the switch without replacing the old image, and after the new image is completely downloaded, the old one is erased. In this case, you can still reboot your switch using the old image if a failure occurs during the copy process.

New features provided by the software are not available until you reload the software.

Figure 3-20 Cluster Software Upgrade

CLI: Upgrading a Standalone Switch

To upgrade a standalone switch, log into the switch by using Telnet, or connect to console port on the back of the switch.

The upgrade procedure consists of these steps:

Changing the name of the current image file to the name of the new file you are copying and replacing the old image file with the new one by using the tar command.

Disabling access to the HTML pages and deleting the existing HTML files before you upgrade the software to avoid a conflict with users accessing the web pages during the software upgrade.

Reenabling access to the HTML pages after the upgrade is complete.

Beginning in privileged EXEC mode, follow these steps to upgrade the switch software:

 
Command
Purpose

Step 1 

show version

Verify that your switch has 16 MB of DRAM.

For example, check the line cisco WS-C2950C (RC32300) processor with 1638K bytes of memory

Step 2 

show boot

Display the name of the current (default) image file.

Step 3 

rename flash:current_image flash:new_image.bin

Rename the current image file to the name of the file that you downloaded, and replace the tar extension with bin. This step does not affect the operation of the switch.

Step 4 

dir flash:

Display the contents of Flash memory to verify the renaming of the file.

Step 5 

configure terminal

Enter global configuration mode.

Step 6 

no IP http server

Disable access to the switch HTML pages.

Step 7 

end

Return to privileged EXEC mode.

Step 8 

delete flash:html/*

Remove the HTML files.

Press Enter to confirm the deletion of each file. Do not press any other keys during this process.

Step 9 

delete flash:html/Snmp/*

For IOS release 11.2(8)SA5 and earlier running on 2900 XL switches, remove the files in the Snmp directory.

Make sure the S in Snmp is uppercase.

Press Enter to confirm the deletion of each file. Do not press any other keys during this process.

Step 10 

tar /x tftp://server_ip_address//path/
filename
.tar flash:

Use the tar command to copy the files into the switch Flash memory.

Depending on the TFTP server, you might need to enter only one slash (/) after the server_ip_address in the tar command.

Step 11 

configure terminal

Enter global configuration mode.

Step 12 

ip http server

Reenable access to the switch HTTP pages.

Step 13 

end

Return to privileged EXEC mode.

Step 14 

reload

Reload the new software.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

CLI: Reloading or Upgrading Catalyst 2950, 2900 XL, or 3500  XL Member Switches

Because a member switch might not be assigned an IP address, command-line software upgrades through TFTP are managed through the command switch. Follow these steps to reload or upgrade the software on a Catalyst 2950, 2900 XL, or 3500 XL member switch:


Step 1 In privileged EXEC mode on the command switch, display information about the cluster members:

switch# show cluster members

From the display, get the number of the member switch that needs to be upgraded. The member number is listed in the SN column of the display. You need the member number for Step 2.

Step 2 Log into the member switch (for example, member number 1):

switch# rcommand 1

Step 3 Start the TFTP copy as if you were initiating it from the command switch.

switch-1# tar /x tftp://server_ip_address//path/filename.tar flash:
Source IP address or hostname [server_ip_address]?  
Source filename [path/filename]?  
Destination filename [flash:new_image]?  
Loading /path/filename.bin from server_ip_address (via!) 
[OK - 843975 bytes]

Step 4 Reload the new software with the following command:

switch-1# reload 
System configuration has been modified. Save? [yes/no]:y 
Proceed with reload? [confirm]

Press Enter to start the download.


You lose contact with the switch while it reloads the software. For more information on the rcommand, see the "Understanding the CLI" section.

CLI: Upgrading Catalyst 1900 or 2820 Member Switches

Because a member switch might not be assigned an IP address, command-line software upgrades through TFTP are managed through the command switch. Follow these steps to upgrade the software on a Catalyst 1900 or 2820 member switch:


Step 1 In privileged EXEC mode on the command switch, display information about the cluster members:

switch# show cluster members

From the display, get the number of the member switch that needs to be upgraded. The member number is listed in the SN column of the display. You need the member number for Step 2.

Step 2 Log into the member switch (for example, member number 1):

switch# rcommand 1

Step 3 For switches running standard edition software, enter the password (if prompted), access the Firmware Configuration menu from the menu console, and perform the upgrade.

The Telnet session accesses the menu console (the menu-driven interface) if the command switch is at privilege level 15. If the command switch is at privilege level 1, you are prompted for the password before accessing the menu console.

Follow the instructions in the installation and configuration guide that shipped with your switch. When the download is complete, the switch resets and begins using the new software.

Step 4 For switches running Enterprise Edition Software, start the TFTP copy as if you were initiating it from the member switch:

switch-1# copy tftp://host/src_file opcode

For example, copy tftp://spaniel/op.bin opcode downloads new system operational code op.bin from the host spaniel.

You should see the TFTP successfully downloaded operational code message. When the download is complete, the switch resets and begins using the new software.


You can also perform the upgrade through the menu console Firmware Configuration menu. For more information, refer to the switch installation and configuration guide.

You lose contact with the switch while it reloads the software. For more information on the rcommand, see the "Understanding the CLI" section.

Reloading Switch Software

When you upgrade a switch, the switch continues to operate normally while the new software is copied to Flash memory. If Flash memory does not have enough space for two images, the new image is copied over the existing one. If Flash memory has enough space, the new image is copied to the selected switch but does not replace the current running image. Only after the new image is completely downloaded is the old one erased. If you experience a failure during the copy process, you can still reboot your switch by using the old image. The new software is loaded the next time you reboot.

If you group switches into a cluster, you can upgrade the entire cluster from Cluster Manager. For more information, see the "Upgrading or Reloading the Switch Software" section.

Configuring SNMP for a Cluster

The command switch manages SNMP communication for all switches in the cluster. The command switch forwards the set and get requests from SNMP applications to member switches, and it forwards the traps and other responses coming from the member switches to the appropriate management station. SNMP must be enabled for the Cluster Management features to work properly.


Note This section describes how the clustering software interacts with SNMP when a cluster is created. For more information on configuring SNMP, see the "Configuring SNMP" section.


Enabling or Disabling the SNMP Agent

You can enable or disable the SNMP agent on your cluster switches. By default, the SNMP agent is enabled on the Catalyst 1900, 2820, Catalyst 2950, 2900 XL, and 3500 XL switches. You cannot disable the agent on Catalyst 1900 and 2820 switches.


Note SNMP must be enabled for the CMS graphing features.


Configuring Community Strings for Cluster Switches

Use the SNMP Manager window (Figure 3-21 and Figure 3-22) to enter read-write and read-only community strings on individual cluster switches. Community strings provide authentication in the exchange of SNMP messages.

Catalyst 2950, 2900 XL, and 3500 XL switches support an unlimited number of community strings of any length. When you configure a community string for these switches using SNMP Manager, do not use the @esN notation (N is the member-switch number) because this information is automatically appended to each string.

When a switch is removed from the cluster, community strings ending in @esN are removed. If the switch rejoins a cluster at a later time, the first read-only and read-write community strings from the command switch are appended with an @esN and propagated to the member switch.

The Catalyst 1900 and 2820 switches support up to four read-only and four read-write community strings that are 32 characters in length. Because a read-only and read-write community string from the command switch was propagated to the switch when it joined the cluster, you can configure up to three additional read-only and three read-write community strings. When you configure community strings for these switches through the SNMP Manager window, limit the string length to 27 characters because the @esN, where N can be up to two digits, is automatically appended to each string. Do not use the @esN notation in any community string you configure. If you enter a string longer than 27 characters, it is truncated to 27.

When removing community strings from cluster members, make sure not to remove the community strings propagated from the command switch when the switch joined the cluster. If you remove the propagated community string, the command switch cannot route SNMP packets to the member switch.
On Catalyst 2950, 2900 XL, and 3500 XL switches, the first read-only and read-write community string listed in the SNMP Manager window is propagated from the command switch. On Catalyst 1900 and 2820 switches, the last read-only and last read-write community string listed in the SNMP Manager window is propagated from the command switch.

Figure 3-21 SNMP Manager for Catalyst 2950 Switches

Figure 3-22 SNMP Manager for Catalyst 1900 and 2820 Switches

Configuring Trap Managers and Enabling Traps

A trap manager is a management station that receives and processes traps. Traps are system alerts that the switch generates when certain events occur. If the member switch does not have an IP address, communication between the SNMP management station and the switch is managed by the command switch.

The command switch does not propagate its trap manager addresses or trap community strings to cluster members. By default, no trap manager is defined, and no traps are issued.

Catalyst 2950, 2900 XL, and 3500 XL switches support an unlimited number of trap managers. Community strings can be any length. When you configure a community string for these switches, do not use the @esN notation because this information is automatically appended to each string by the command switch.

Table 3-2 describes the Catalyst 2950, 2900 XL, and 3500 XL switch traps. You can enable any or all of these traps and configure a trap manager to receive them.

Table 3-2 2950, 2900 XL, and 3500 XL Switch Traps

Trap Type
Description

Config

Generates a trap when the switch configuration changes.

TTY

Generates a trap when the switch starts a management console CLI session.

VTP

Generates a trap for VLAN Trunk Protocol (VTP) changes.

SNMP

Generates the supported SNMP traps.

VLAN Membership

Generates a trap for each VLAN Membership Policy Server (VMPS).

C2900/C3500

Generates the switch-specific traps. These traps are in the private enterprise-specific Management Information Base (MIB).


Catalyst 1900 and 2820 switches support up to four trap managers. When you configure community strings for these switches, limit the string length to
32 characters. When configuring traps on Catalyst 1900 and 2820 switches, you cannot configure individual trap managers to receive specific traps.

Table 3-3 describes the Catalyst 1900 and 2820 switch traps. You can enable any or all of these traps, but these traps are received by all configured trap managers.

Table 3-3 Catalyst 1900 and 2820 Switch Traps 

Trap Type
Description

Address-violation

Generates a trap when the address violation threshold is exceeded.

Authentication

Generates a trap when an SNMP request is not accompanied by a valid community string.

BSC

Generates a trap when the broadcast threshold is exceeded.

Link-up-down

Generates a link-down trap when a port is suspended or disabled for any of these reasons:

Secure address violation (address mismatch or duplication)

Network connection error (loss of linkbeat or jabber error)

User disabling the port

Generates a link-up trap when a port is enabled for any of these reasons:

Presence of linkbeat

Management intervention

Recovery from an address violation or any other error

STP action

VTP

Generates a trap when VTP changes occur.