The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Ethernet management port, also referred to as the "Fa1" or "fastethernet1" port is a Layer 3 host port to which a personal computer (PC) or laptop can be connected. It supports speeds of 10/100Mbps in Auto-negotiation mode.
Note The Cisco RF Gateway 10 cannot route packets from the Fa1 port to a network port, and back to the Fa1 port.
The Fa1 port does not support routing. However, routing protocols should be enabled on the Fa1 port when the PC is multiple hops away from the Cisco RF Gateway 10.
Warning The FastEthernet port is not intended for heavy traffic load since it is not connected to the switching fabric on the supervisor. It is a simple NIC-style interface to which the CPU has software-level access. The “fa1” port is directly connected to the CPU. This implies that traffic on “fa1” port adversely affects the CPU performance. You should not use this port for data traffic under any circumstance. Moreover, the CPU is an easy target for Denial-of-Service attacks through the “fa1” port. You need to build your network topology such that the “fa1” port is restricted to management traffic only.
The Cisco RF Gateway 10 automatically places the Fa1 interface on a separate routing domain (or the VRF domain), called the Management VRF. The Fa1 interface cannot be configured on any other routing domain. Also, no other interface can be configured on the Management VRF.
On bootup the Fa1 port assumes the following default configuration:
Use the Ethernet management port instead of the Cisco RF Gateway 10 console port for network management. When managing a Cisco RF Gateway 10, connect the PC to the Ethernet management port on the Cisco RF Gateway 10 Supervisor Engine.
Note When connecting a PC to the Ethernet management port, you must assign an IP address.
Because the management port is placed in management Vrf, you should be aware of the VRF-related commands required for the following tasks:
Note Commands specific to the Management VRF are mentioned below. All additional configuration necessary to make the feature work should be performed.
If you want to ping an IP address that is reachable through an fa1 port, enter the following command:
Type escape sequence to abort.
Type escape sequence to abort.
If you want to Telnet to a remote Cisco RF Gateway 10 through the Fa1 port, enter the following command:
word—IP address or hostname of a remote system
Following is an example illustrating how to use this command:
If you want to use the Fa1 port for TFTP operation, configure the Fa1 port as the source interface for TFTP as follows:
If you want to use an Fa1 port for an FTP operation, configure the Fa1 port as the source interface for FTP as follows:
If you want to initiate SSH from the Cisco RF Gateway 10 through the Fa1 port, enter the following command:
On a redundant chassis, management port behavior differs from that of a standard Ethernet port in that each supervisor engine possesses a management port, and only the port on the active supervisor engine is enabled. The management port on the standby supervisor engine is always disabled; it cannot switch any kind of traffic.
When a switchover occurs, the management port of the standby supervisor engine (now, active) is enabled and can be used to switch traffic, while the management port on the "old" active supervisor engine is disabled.
Note The Cisco IOS configuration for the management port is synchronized between the two supervisor engines. Under Cisco IOS, they possess the same IP address. To avoid address overlapping during a switchover on a redundant chassis, you should assign a different IP address on the management port from the one you assigned to the same port in the ROMMON configuration.
Do not point the route to the Ethernet Management VRF interface. Instead, use the management VRF to add routes for the interface.
Use the following command to add routes:
ip route vrf vrf-name prefix mask [ next-hop-address ] [ interface interface-number ] [ global ] [ distance ]
The Ethernet management port supports these features:
Note Effective with Cisco IOS-XE Release 3.2.2SQ, all features that use Fa1 now need to be VRF-aware.
To specify the Ethernet management port, enter fastethernet1.
To disable the port, use the shutdown interface configuration command. To enable the port, use the
no shutdown interface configuration command.
To determine the link status to the PC, you can monitor the LED for the Ethernet management port:
To display the link status, use the show interfaces fastethernet 1 privileged EXEC command.
The following is an example to show configuration of the Ethernet Management port with the source interface pointing to the management interface:
This example shows how to display ARP entries related to Management VRF:
This example shows how to display the Cisco Discovery Protocol (CDP) status for the Ethernet Management Interface:
This example shows a sample route entry for the Management VRF:
EtherChannel provides automatic recovery for the loss of a link by redistributing the load across the remaining links. If a link fails, EtherChannel redirects traffic from the failed link to the remaining links in the channel without intervention. EtherChannel bundles up to eight individual Ethernet links into a single ink that provides an aggregate bandwidth.
EtherChannel can be configured in three ways.
A manually configured EtherChannel forms only when you configure all ports compatibly in the EtherChannel.
PAgP supports the automatic creation of EtherChannels by exchanging PAgP packets between LAN ports using auto and desirable modes.
LACP supports the automatic creation of EtherChannels by exchanging LACP packets between LAN ports using passive and active modes.
If improperly configured, some EtherChannel interfaces are disabled automatically to avoid network loops and other problems. Follow these guidelines and restrictions to avoid configuration problems:
Note Effective with Cisco IOS-XE Release 3.2.2SQ, only limited Etherchannel functionality using Layer 2 Etherchannel is supported on the Cisco RF Gateway 10.
– Assign all interfaces in the EtherChannel to the same VLAN, or configure them as trunks.
– If you configure an EtherChannel from trunk interfaces, verify that the trunking mode and the native VLAN is the same on all the trunks. Interfaces in an EtherChannel with different trunk modes or different native VLANs can have unexpected results.
– An EtherChannel supports the same allowed range of VLANs on all the interfaces in a trunking Layer 2 EtherChannel. If the allowed ranges differ for the selected interfaces, they do not form an EtherChannel.
– Interfaces with different Spanning Tree Protocol (STP) port path costs can form an EtherChannel as long they are otherwise compatibly configured. Setting different STP port path costs does not make interfaces incompatible for the formation of an EtherChannel.
These sections describe the configuration of the EtherChannel on the Cisco RF Gateway 10:
To configure Layer 2 EtherChannels, configure the Ethernet interfaces with the channel-group command. This operation creates the port channel logical interface.
Note Cisco IOS software creates port channel interfaces for Layer 2 EtherChannels when you configure Layer 2 Ethernet interfaces with the channel-group command.
To configure Layer 2 Ethernet interfaces as Layer 2 EtherChannels, perform this task for each interface:
This example shows how to configure TenGigabit interface into port channel 1 with mode on :
This example shows how to verify the configuration of port channel interface 1:
These two examples show how to verify the configuration of TenGigabit Ethernet:
This example shows how to verify the configuration of port channel interface 2 after the interfaces have been configured:
This example shows how to remove TenGigabit interfaces from port channel 1:
Note If you remove an EtherChannel, the member ports are shut down and removed from the channel group.
|
|
|
---|---|---|
|
||
|
||
|
This example shows how to remove port channel 1: