Table Of Contents
Configuring the Ethernet Switches
Switch Port Numbering and Naming
Restrictions for the FE Switch
Information About Ethernet Switches
How to Configure Ethernet Switches
Configuring Layer 2 Interfaces
Configuring 802.1x Authentication
Configuring Spanning Tree Protocol
Configuring MAC Table Manipulation
Configuring Cisco Discovery Protocol
Configuring the Switched Port Analyzer
Configuring Power Management on the Interface
Configuring IP Multicast Layer 3 Switching
Configuring Per-Port Storm Control
Configuring Separate Voice and Data Subnets
Configuring the Ethernet Switches
This chapter gives an overview of configuration tasks for the 4-port Fast Ethernet (FE) switch, and for the Gigabit Ethernet (GE) switch that services the embedded wireless access point on the Cisco 860 and Cisco 880 series Integrated Services Routers (ISRs).
The FE switches are 10/100Base T Layer 2 Fast Ethernet switches. Traffic between different VLANs on a switch is routed through the router platform with the switched virtual interface (SVI).
The GE switch is a 1000Base T Layer 2 Gigabit Ethernet switch, the internal interface between the router and its embedded wireless access point.
Any switch port may be configured as a trunking port to connect to other Cisco Ethernet switches.
An optional power module can be added to Cisco 880 series ISRs to provide inline power to two of the FE ports for IP telephones or external access points.
This chapter contains the following sections:
•
Switch Port Numbering and Naming
•
•
•
Switch Port Numbering and Naming
The ports on the FE switch are numbered FE0 through FE3. The port on the GE switch is named and numbered Wlan-GigabitEthernet0.
Restrictions for the FE Switch
The following restrictions apply to the FE switch:
•
•
•
•
Information About Ethernet Switches
To configure Ethernet switches, you should understand the following concepts:
•
VLANs and VLAN Trunk Protocol
For information on the concepts of VLANs and VLAN Trunk Protocol (VTP), see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1047027
Inline Power
Inline power is not supported on the Cisco 860 series ISRs. On the Cisco_880 series ISRs, inline power can be supplied to Cisco IP phones or external access points on FE switch ports FE0 and FE1.
A detection mechanism on the FE switch determines whether it is connected to a Cisco device. If the switch senses that there is no power on the circuit, the switch supplies the power. If there is power on the circuit, the switch does not supply it.
You can configure the switch to never supply power to the Cisco device and to disable the detection mechanism.
The FE switch also provides support for powered devices compliant with IEEE 802.3af.
Layer 2 Ethernet Switching
For information on the concept of Layer 2 Ethernet Switching, see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1048478
802.1x Authentication
For information on the concept of 802.1x Authentication, see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1051006
Spanning Tree Protocol
For information on the concept of Spanning Tree Protocol, see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1048458
Cisco Discovery Protocol
Cisco Discovery Protocol (CDP) runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. CDP allows network management applications to discover Cisco devices that are neighbors of already known devices, in particular, neighbors running lower-layer, transparent protocols. With CDP, network management applications can learn the device type and the SNMP agent address of neighboring devices. This feature enables applications to send SNMP queries to neighboring devices.
CDP runs on all LAN and WAN media that support Subnetwork Access Protocol (SNAP). Each CDP-configured device sends periodic messages to a multicast address. Each device advertises at least one address at which it can receive SNMP messages. The advertisements also contain the time-to-live, or hold-time information, which indicates the length of time a receiving device should hold CDP information before discarding it.
Switched Port Analyzer
For information on the concept of Switched Port Analyzer, see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1053663
IGMP Snooping
For information on the concept of IGMP Snooping, see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1053727
IGMP Version 3
The Cisco 880 series ISRs support Version 3 of IGMP snooping.
IGMPv3 provides supports for source filtering, which enables a multicast receiver host to signal to a router which groups the receiver host wants to receive multicast traffic from, and from which sources this traffic is expected. Enabling the IGMPv3 feature with IGMP snooping on Cisco ISRs provides Basic IGMPv3 Snooping Support (BISS). BISS provides constrained flooding of multicast traffic in the presence of IGMPv3 hosts. This support constrains traffic to approximately the same set of ports as IGMPv2 snooping does with IGMPv2 hosts. The constrained flooding only considers the destination multicast address.
Storm Control
For information on the concept of storm control, see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1051018
Fallback Bridging
For information on the concept of fallback bridging, see the information at this URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1054833
How to Configure Ethernet Switches
See the following sections for configuration tasks for Ethernet switches.
•
•
•
•
•
•
•
•
•
•
•
Configuring VLANs
This section provides information on how to configure VLANs. The Cisco 860 series ISRs support 2 VLANs. and the Cisco 880 series ISRs support 8 VLANs.
VLANs on the FE Ports
Perform these steps to configure VLANs, beginning in configuration mode.
For additional information, see the information at the following URL:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/layer2.html
VLANs on the GE Port
Because the GE port is an internal interface that services only the router's embedded access point, it cannot be configured only with the command switchport access vlan X, where X is other than 1. It may, however, be configured in trunk mode. This may be done by performing the following steps, beginning in configuration mode.
Configuring Layer 2 Interfaces
For information on how to configure Layer 2 interfaces, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1047041
The URL contains information on the following topics:
•
•
•
Configuring 802.1x Authentication
For information on how to configure 802.1x port-based authentication, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_8021x.html
The URL contains information on the following topics:
•
•
•
•
•
•
•
•
•
•
Configuring Spanning Tree Protocol
For information on how to configure Spanning Tree Protocol, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1047906
The URL contains information on the following topics:
•
•
•
•
•
•
•
•
Configuring MAC Table Manipulation
For information on how to configure MAC table manipulation, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1048223
The URL contains information on the following topics:
•
•
•
•
Port Security
The topic of enabling known MAC address traffic deals with port security. Port security can be either static or dynamic.
Static port security allows the user to specify which devices are allowed access through a given switch port. The specification is done manually by placing allowed device MAC addresses in the MAC address table. Static port security is also known as MAC address filtering.
Dynamic port security is similar. However, instead of specifying the MAC address of the devices, the user specifies the maximum number of devices that will be allowed on the port. If the maximum number specified is more than the number of MAC addresses specified manually, the switch will learn the MAC address automatically, up to the maximum specified. If the maximum number specified is less than the number of MAC addresess already specified statically, an error message will be produced.
The following command is used to specify static or dynamic port security.
Configuring Cisco Discovery Protocol
For information on how to configure Cisco Discovery Protocol (CDP), see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1048365
The URL contains information on the following topics:
•
•
•
Configuring the Switched Port Analyzer
For information on how to configure a switched port analyzer (SPAN) session, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1048473
The URL contains information on the following topics:
•
•
•
•
Configuring Power Management on the Interface
For information on how to configure inline power for access points or Cisco IP phones, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1048551
Configuring IP Multicast Layer 3 Switching
For information on how to configure IP multicast Layer 3 switching, see the material at the URL given here. The URL contains information on the following topics:
•
•
•
•
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1048610
Configuring IGMP Snooping
For information on how to configure IGMP snooping, see the follwoing URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1048777
The URL contains information on the following topics:
•
•
•
•
IGMP Version 3
In support of the IGMPv3 feature in Cisco IOS Release 12.4(15)T, the groups and count keywords were added to the show ip igmp snooping command, and the output of the show ip igmp snooping command was modified to include global information about IGMP snooping groups. Use the show ip igmp snooping command with the groups keyword to display the multicast table learned by IGMP snooping for all VLANs, or that the show ip igmp snooping command with the groups keyword, vlan-id keyword, and vlan-id argument to display the multicast table learned by IGMP snooping for a specific VLAN. Use the show ip igmp snooping command with the groups and count keywords to display the number of multicast groups learned by IGMP snooping.
Configuring Per-Port Storm Control
For information on how to configure per-port storm control, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1049009
The URL contains information on the following topics:
•
•
Configuring Fallback Bridging
For information on how to configure fallback bridging, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1049176
The URL contains information on the following topics:
•
•
•
•
•
•
•
Configuring Separate Voice and Data Subnets
For information on how to configure separate voice and data subnets, see the following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1049866
Managing the Switch
For information on management of the switch, see thefollwoing URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/esw_cfg.html#wp1049978
The URL contains information on the following topics:
•
•
•
•
•
•
•
•
•