Catalyst 1900 Series Installation and Configuration Guide
Configuring and Monitoring from the Management Console
Download this chapter
Configuring and Monitoring from the Management ConsoleConfiguring and Monitoring from the Management Console
give_us_feedback

Table Of Contents

Configuring and Monitoring from the Management Console

Navigating the Management Console

Making Changes from the Management Console

Management Console Logon Screen

Management Console Main Menu

Console Settings Menu

Changing the Switch Password

Privileged-Level Passwords

Cluster Member Password

System Configuration Menu

Switching Modes

Broadcast Storm Control Menu

Network Management Menu

IP Configuration Menu

Network Management (SNMP) Configuration Menu

Network Management (SNMP) READ Configuration Menu

Network Management (SNMP) WRITE Configuration Menu

Network Management (SNMP) TRAP Configuration Menu

Spanning Tree Configuration Menu

Spanning-Tree Root Settings

Port and Forwarding STP States

CDP Configuration/Status Menu

Cisco Group Management Protocol Configuration Menu

HTTP Server Configuration Menu

Cluster Management Menu

Port Configuration Menu

Full-Duplex Operation

Flow Control

Autonegotiation

Port Addressing Menu

Flooding of Unknown MAC Addresses

Port Statistics Report

Monitoring Configuration Menu

Bridge Group Configuration Menu

Multicast Registration Menu

Firmware Configuration Menu

Downloading the Switch Firmware from a TFTP Server

Downloading the Switch Firmware from a TFTP Client

Downloading the Switch Firmware with the XMODEM Protocol

RS-232 Interface Configuration Menu

Usage Summary Menu

Port Status Report

Port Addressing Report

Exception Statistics Report

Utilization Statistics Report

Bandwidth Usage Report


Configuring and Monitoring from the Management Console

This chapter explains how to use the management console to change the configuration settings and to monitor the switch. This chapter assumes that you have already performed the following tasks that are described in this guide or in the Quick Start Guide: Catalyst 1900 Series Ethernet Switches:

"Connecting to the Console Port" section

"Assigning IP Information and a Password to the Switch" section

"Accessing the Management Console and CLI" section

Note   This chapter describes only standard-edition options. For information about the enterprise edition software features such as VLANs, see the Catalyst 1900 Series and Catalyst 2820 Series Enterprise Edition Software Configuration Guide.

The menus and displays in this chapter are for reference only and might not exactly reflect the menus and displays on your console.

Navigating the Management Console

lists the menus that are available from the Main Menu of the management console.

To select an option, enter a letter in the Enter Selection field. You do not need to press Return.

To return to a parent menu, enter [X] Exit. To exit the management console and return to the command prompt, enter [X] Exit on the .

Figure 4-1 Management Console Menus and Displays

Making Changes from the Management Console

Note   Wait approximately 1 minute for the changes to be saved to permanent storage before turning off the switch, or the changes might not be saved.

Press Return to save changes.

The information you enter at the prompts is not case sensitive, except when entered as a descriptive string that preserves case. Press the Backspace key to erase characters you enter. To clear an entry, place the cursor at the beginning of an entry, and press Backspace.

To cancel your unsaved changes, place the cursor at the beginning of an entry, and press Return. The menu is redisplayed unchanged.

When you use the management console, keep the following in mind:

You can restrict access to the management console by using a password and locking out a user who fails to enter the password within a set number of attempts. The network administrator can then be alerted by in-band management messages. For information about passwords, see the "Console Settings Menu" section.

Menus display the current settings used by the switch except when parameters are activated as a group. In certain cases, the settings are overridden by the settings on some menus and become active when those settings are turned off.

Certain menus, such as the , allow activation of the given parameters as a group.

Note   If you are using VT100 terminal emulation, the statistics displayed from the management console are refreshed every 5 seconds. If you are connected to the management console through a modem running at less than 2400 baud, the statistics displays are refreshed every 8 seconds. Press Return or the Spacebar to refresh these reports at any time.

Management Console Logon Screen

The () is displayed on the management station after you connect to the switch through the console port or through a Telnet session. (For complete information about the console port, see the "Connecting to the Console Port" section. For information about logging on to the management console, see the "Accessing the Management Console and CLI" section.)

Figure 4-2 Management Console Logon Screen 


Catalyst 1900 Management Console

Copyright (c) Cisco Systems, Inc.  1993-1999

All rights reserved.


Standard Edition Software

Ethernet address:      00-E0-1E-7E-B4-40


PCA Number: 73-2239-01

PCA Serial Number: SAD01200001

Model Number: WS-C1924-A

System Serial Number: FAA01200001

---------------------------------------


      User Interface Menu


      [M] Menus

      [I] IP Address

      [P] Console Password


Enter Selection:

Note   Even if the switch has an IP address, the [I] IP Address and [P] Console Password options are displayed if a switch password has not been assigned.

[M] Menus—Display the .

[I] IP Address—Display the . This option is available at log on only if the switch does not have a password. For information about IP addresses, see the "IP Configuration Menu" section.

[P] Console Password—Enter a 4-to-8 character unencrypted privileged-level password to the switch management interfaces. This option is available at log on only if the switch does not have a password. For information about passwords, see the "Changing the Switch Password" section.

Management Console Main Menu

To display the (), enter the [M] Menus option from the . To select an option from the menu, enter a letter in the Enter Selection field. You do not need to press Return.

The remaining sections in this chapter describe the options available from this menu.

Figure 4-3 Management Console Main Menu 


Catalyst 1900 - Main Menu


[C] Console Settings

[S] System

[N] Network Management

[P] Port Configuration

[A] Port Addressing

[D] Port Statistics Detail

[M] Monitoring

[B] Bridge Group

[R] Multicast Registration

[F] Firmware

[I] RS-232 Interface

[U] Usage Summaries

[H] Help


[X] Exit Management Console


Enter Selection:

[H] Help—Display the online help and to change the expertise level of the online prompts.

Note   If the switch is running the Cisco Catalyst 1900/2820 Enterprise Edition Software and the VLANs option is enabled, the [V] Virtual LAN option replaces the [B] Bridge Group option on the . This chapter describes standard-edition options only. For information about the enterprise edition software features such as VLANs, see the Catalyst 1900 Series and Catalyst 2820 Series Enterprise Edition Software Configuration Guide.

Console Settings Menu

To display the (), enter the [C] Console Settings option from the .

Figure 4-4 Console Settings Menu 


Catalyst 1900 - Console Settings


--------------------Settings------------------

[P] Password intrusion threshold                3 attempt(s)

[S] Silent time upon intrusion detection        None

[T] Management Console inactivity timeout       None

[D] Default mode of status LED                  Port Status


--------------------Actions-------------------

[M] Modify password

[E] Modify secret password


[X] Exit to Main Menu


Enter Selection:

[P] Password intrusion threshold—Enter the allowed number of failed password attempts. After this number is reached, the management console becomes quiet for a user-defined length of time (see the [S] Silent time upon intrusion detection option) before allowing the next log-in attempt. The default is 3.

[S] Silent time upon intrusion detection—Enter the number of minutes (0 to 65500) the management console is unavailable because of an excessive number of failed attempts to log in. The default is None (no silent time).

[T] Management console inactivity time-out—Enter the number of seconds (0, or a number between 30 and 65500) the management console can wait without activity before it times out. After timeout, you must reenter the password. The default is 0, which means the console session does not time out.

[D] Default mode of status LED—Select the default mode of the port LEDs (see the "Port LEDs and Modes" section). The switch returns to this mode 30 seconds after you release the Mode button. You can enter [1] Port Status, [2] Utilization, or [3] Duplex Status. The default is [1] Port Status.

[M] Modify password—Enter the unencrypted privileged-level password for the switch management interfaces. The password can be 4 to 8 characters and is not case-sensitive. You can use any character found on the keyboard, including spaces and double-quotation marks. A multistring password (such as two words) is also valid.

Note   Unlike assigning a password through the CLI, do not enclose a multistring password within double-quotation marks unless you intend for the quotation marks to be part of the password (such as "two words").

If the switch already has a password, you must enter it before it can be changed. To erase a password, press the Backspace key, and then press Return. The default is None.

For more information about passwords, see the "Changing the Switch Password" section.

[E] Modify secret password—Enter the encrypted (secret) privileged-level password for the switch management interfaces. The password can be 1 to 25 characters and is case-sensitive. You can use any character found on the keyboard, including spaces and double-quotation marks. A multistring password (such as two words) is also valid.

If the switch already has a password, you must enter it before it can be changed. To erase a password, press the Backspace key, and then press Return. The default is None.

For more information about passwords, see the "Changing the Switch Password" section.

[X] Exit—Display the .

Changing the Switch Password

A privileged-level password (encrypted or unencrypted) is required to access the switch management interfaces (switch manager, management console through a Telnet session, or CLI).

If you had assigned a password from the [P] Console Password option on the (see the "Assigning IP Information and a Password to the Switch" section), that password is an unencrypted privileged-level password.

From the , you can either use the [M] Modify password option to assign an unencrypted password or use the [E] Modify secret password option to assign an encrypted (secret) privileged-level password. An encrypted password provides higher security and supersedes any existing unencrypted privileged-level password, including the unencrypted privileged-level password that is assigned from the [P] Console Password or [M] Modify password options. (For more information about where you can assign privileged-level passwords, see the "Privileged-Level Passwords" section.)

Note   When the switch is shipped, no password is assigned to it. However, a privileged-level password is required to access the Catalyst 1900 Switch Manager or to use Telnet access from a remote station. If you do not assign a password, this access will not be available until the switch joins a cluster or until you assign the switch a privileged-level password from the management console (see the "Console Settings Menu" section) through a direct connection to the switch console port.

When your switch is a cluster member, the highest privileged-level password for the command switch is the privileged-level password to the switch. The command-switch password overwrites any switch-specific passwords. For more information about passwords in switch clusters, see the "Cluster Member Password" section.

Note   We do not recommend changing the password while the switch is a cluster member. This will cause a password mismatch, and you will have to manually enter the cluster member password to display the management console from the command switch.

If you have lost or forgotten the password, see the "Recovering from a Lost or Forgotten Password" section.

Privileged-Level Passwords

If you plan to manage the switch outside of a switch cluster, you can assign an unencrypted or encrypted privileged-level password to the switch to restrict access to its management interfaces ().

Table 4-1 Assigning Privileged-Level Passwords

Privileged-Level
Password
Assigned from...

Unencrypted

[P] Console Password option on the

[M] Modify password option on the

CLI

Encrypted

[E] Modify secret password option on the

CLI


Read and Write community strings operate as passwords to the switch when managing it from an SNMP management station. See the "Network Management (SNMP) Configuration Menu" section.

For information about the user-level passwords, refer to the online-only Catalyst 1900 Series and Catalyst 2820 Series Command Reference.

Cluster Member Password

When the switch joins a cluster, the highest privileged-level password (encrypted or unencrypted) of the command switch supersedes any existing password for the switch. Keep in mind the following considerations:

When you add the switch to a cluster, inform other users that they must now use the command-switch password to access the switch management interfaces.

If the command switch does not have a password, no password is required when accessing the member switch from the command switch.

When the switch leaves the cluster, it retains the command-switch password. You can assign a different privileged-level (encrypted or unencrypted) password to the switch to manage and monitor it as a nonmember switch.

Note   We do not recommend changing the password while the switch is a cluster member. This will cause a password mismatch, and you will have to manually enter the cluster member password to display the switch manager from the command switch.

For password information about switch clusters, refer to the Cisco IOS Desktop Switch Software Configuration Guide, Catalyst 2900 Series XL and Catalyst 3500 Series XL Cisco IOS Release 12.0(5)XP.

System Configuration Menu

To display the (), enter the [S] System option from the .

Figure 4-5 System Configuration Menu 


Catalyst 1900 - System Configuration

System Revision:  0   Address Capacity:  1024

System UpTime:    0day(s) 00hour(s) 11minute(s) 29second(s)


--------------------Settings------------------

[N] Name of system

[C] Contact name

[L] Location

[S] Switching mode                              FragmentFree

[U] Use of store-and-forward for multicast      Disabled

[A] Action upon address violation               Suspend

[G] Generate alert on address violation         Enabled

[I] Address aging time                          300 second(s)

[P] Network Port                                None

[H] Half duplex back pressure   (10-mbps ports) Disabled

[E] Enhanced Congestion Control (10 Mbps Ports) Disabled


--------------------Actions-------------------

[R] Reset system                      [F] Reset to factory defaults

------------------Related Menus---------------

[B] Broadcast storm control           [X] Exit to Main Menu


Enter Selection

Note   If your switch is running the Cisco Catalyst 1900/2820 Enterprise Edition Software, the provides the options to enable and disable bridge groups and VLANs. For information about VLANs, see the Catalyst 1900 Series and Catalyst 2820 Series Enterprise Edition Software Configuration Guide.

[N] Name of system—Enter the name (up to 255 characters) of the switch. The name you assign to the switch is kept even when the switch joins or leaves a cluster.

Caution   Do not use "-NN" (where NN is a number) in the name you define for the switch. When the switch joins a cluster, the command switch overwrites any name containing "-NN."

The name you assign to the switch is kept even when the switch joins or leaves a cluster. If the switch does not have a name before it joins a cluster, the command switch assigns it a name that consists of the command-switch name and a number that reflects when the switch was added to the cluster. For example, a command switch can name a Catalyst 1900 switch eng-cluster-5, where eng-cluster is the command-switch name and 5 means that it is the fifth switch to join the cluster. When the switch name is viewed from the Cluster Management applications, the name is truncated to 32 characters. If the switch leaves the cluster, the switch keeps the name given by the command switch.

[C] Contact name—Enter of the name (up to 255 characters) of the person responsible for managing the switch.

[L] Location—Enter the physical location (up to 255 characters) of the switch.

[S] Switching mode—Set the switching mode to either FragmentFree (cut-through) or store-and-forward. The default is FragmentFree. For additional information, see "Switching Modes" section.

[U] Use of store-and-forward for multicast—Enter [E]nable if you want the switch to use store-and-forward mode for multicast packets. Enter [D]isable if you want to use the FragmentFree (cut-through) switching mode. If this option is disabled, the switch forwards multicast frames according to the switching mode. The store-and-forward mode is always used for broadcast frames. The default is [D]isable.

[A] Action upon address violation—Enter one of the following options:

[S]uspend (default)—The port stops forwarding until a packet with a valid source address is received.

[D]isable—The port is disabled until its status is manually re-enabled.

[I]gnore—The port status remains unchanged.

The default action is [S]uspend.

An address violation occurs if a secure port receives a source address statically assigned to another port or if a secure port tries to learn more than a defined number of addresses. For information about secure ports, see the "Port Statistics Report" section.

[G] Generate alert on address violation—Enter [E]nable if you want the switch to generate SNMP alerts if an address violation occurs. Enter [D]isable to disable this option. This option enables the switch to generate SNMP alerts if an address violation occurs. The default is [E]nable.

Note   Traps are sent to the trap managers defined on the .

[I] Address aging time—Enter the number of seconds (10 to 1000000; where 1000000 seconds is approximately 11 1/2 days) the switch stores an inactive entry, after which it is removed from the table. The default is 300 seconds (5 minutes). This value applies to all dynamic addresses in the Dynamic Address Table.

As the switch reaches the maximum address limit of 1024, switch performance can degrade. Address aging helps prevent this by allowing the switch to only keep dynamic addresses that remain active over a specified period of time.

During a topology change, if the [H] Port Fast mode option on the Port Configuration Menu is disabled, addresses are aged more quickly by using the [F] Forward delay option on the . When the topology stabilizes, address-aging value again takes effect.

[P] Network Port—Enter the number of the port that you want to designate as the network port. By default, no port is assigned as the network port. The network port is the destination port for all packets with unknown unicast addresses. The network port

Does not learn addresses.

Serves only within the bridge groups of which the Network Port is member.

Is usually connected to a legacy network or backbone.

Cannot be a secure port.

Cannot be port A or B if the following enterprise edition software features are enabled: Fast EtherChannel mode or VLAN or ISL trunking.

A unicast address identifies one unique device on the network. However, if the switch has not received packets from the device for a while (longer than the aging period), the switch removes the device address from its address table, and the address is then an unknown unicast address. The switch must flood (send to all ports except the one the packet is received on) packets destined for the unknown unicast address in order to ensure the device receives the packet. Once the switch learns the location of the device, this flooding stops. The use of a network port can eliminate this type of flooding.

For more information about unicast addresses, see the "Port Addressing Menu" section and the "Flooding of Unknown MAC Addresses" section.

[H] Half duplex back pressure (10-Mbps ports)—Enter [E]nable if you want the switch to apply back pressure on all half-duplex 10-Mbps ports. Enter [D]isable to disable this option. The default is [D]isable.

Back pressure ensures retransmission of incoming packets if a half-duplex 10-Mbps switch port is unable to receive incoming packets.

When back pressure is enabled and no buffers are available to a port, the switch generates collision frames across the affected port and causes the transmitting station to resend the packets. The switch can then use this retransmission time to clear its receive buffer by transmitting packets already in the queue.

For information about flow control on the 100-Mbps ports, see the "Port Configuration Menu" section.

[E] Enhanced Congestion Control (10-Mbps ports)—Enter one of the following options:

[1] Adaptive—Causes the port to operate under the ECC Disabled setting if the transmit queue is not full. If the queue is full, the port uses the ECC Aggressive setting.

[2] Disabled (Default)—Causes the port to operate under the standard IEEE 802.3 backoff algorithm for retransmitting frames.

[3] Moderately Aggressive—Causes the port to use a modified backoff algorithm to more aggressively retransmit frames and empty the queue.

[4] Aggressive—Is the highest acceleration rate configurable for ECC. The port uses a modified backoff algorithm to more aggressively retransmit frames and empty the queue than when set at ECC Moderately Aggressive.

By default, enhanced congestion control (ECC) is disabled on all 10-Mbps ports. An ECC-enabled port accelerates transmission of frames and empties its queue more quickly. This option reduces congestion on the switch and keeps the switch from dropping frames because of full transmit queues. The ECC option can be enabled on half-duplex ports and can be configured on a global basis for the 10-Mbps ports.

For information about ECC on the 100-Mbps ports, see the "Port Configuration Menu" section. ECC on the 100-Mbps ports is set on a per-port basis, not on a global basis.

[R] Reset system—Enter [Y]es to reset the switch. All configured system parameters and static addresses are retained; all dynamic addresses are removed.

[F] Reset to factory defaults—Enter [Y]es to reset the switch and return it to its factory settings. All static and dynamic addresses are removed, as are the IP address and all other configuration parameters.

Note   If the switch is a cluster member, using the [F] Reset to factory defaults option removes the switch from the cluster.

We recommend using the command-switch management interfaces to remove member switches from a cluster. If you want to add the switch to a cluster but had previously used the [F] Reset to factory defaults option to remove it from a cluster, you must use one of the command-switch management interfaces to remove and then add the switch.

[B] Broadcast storm control—Display the . You can use this menu to inhibit the forwarding of broadcast packets when large numbers or storms of broadcast packets are received by a port. For more information, see the "Broadcast Storm Control Menu" section.

[X] Exit—Display the .

Switching Modes

By default, the switching mode is FragmentFree (cut-through). The switching mode determines how quickly the switch forwards a packet and, therefore, how much latency the packet experiences. Latency is the delay between the time a port begins to receive a packet and the time the port begins to transmit the packet to a destination port. FragmentFree mode filters out collision fragments before forwarding. Store-and-forward stores complete packets and checks for errors before forwarding.

The switch uses these switching modes:

FragmentFree—This mode is cut-through switching. The FragmentFree mode filters out collision fragments (the majority of packet errors) before forwarding begins. In a properly functioning network, collision fragments are packets with less than 64 bytes. In FragmentFree mode, the switch waits until 64 bytes are received (determines the received packet is not a collision fragment) before forwarding the packet. In FragmentFree mode, latency is measured as first-bit-received to first-bit-transmitted or "First-In, First-Out" (FIFO).

If latency is an issue, use FragmentFree switching.

Store-and-forward—This mode stores complete packets and checks for errors before transmission. In this mode, latency is measured as last-bit-received to first-bit-transmitted or "Last-In, First-Out" (LIFO). This latency does not include the time to receive the entire packet, which can vary according to packet size. At 10 Mbps, the packet receipt time varies between 51.2 microseconds and 1.2 milliseconds. At 100 Mbps, the packet receipt time varies between 5.12 and 122 microseconds. The store-and-forward mode is always used for broadcast packets and transfers from 10-Mbps to 100-Mbps ports.

Store-and-forward is the most error-free form of switching, but the forwarding latency is higher than FragmentFree (cut-through) switching. If you have frame check sequence (FCS) or alignment errors, use the store-and-forward mode so that packets with errors are filtered and not propagated to the rest of the network.

Although shows store-and-forward experiencing the lowest latency, the figures do not include the time it takes to receive the packet, which varies according to the packet size. shows the minimum and maximum packet reception latencies, which you need to add to the store-and-forward latencies in .

Table 4-2 FIFO Switching Latencies

Switching Mode
10 Mbps to
10 Mbps
10 Mbps to
100 Mbps
100 Mbps to
100 Mbps
100 Mbps to
10 Mbps

FragmentFree (cut-through)

70 microsec

-

9 microsec

10 microsec

Store-and-forward

7 microsec + PRL

7 microsec + PRL

3 microsec + PRL

3 microsec + PRL


Table 4-3 Packet Reception Latencies (PRL)

Link Speed
Minimum Latency
Maximum Latency

10 Mbps

51.2 microsec

1224 microsec

100 Mbps

5.1 microsec

122.4 microsec


Broadcast Storm Control Menu

A broadcast storm is an excessive number of broadcast packets being received on a given switch port. Broadcast storm packets can congest the receiving switch port. If the switch port forwards a broadcast storm to the other switch ports, traffic on those ports and all network segments are affected. Broadcast storm control allows you to control the quantity of broadcast packets the switch forwards to your network, thus reserve switch bandwidth for your network users.

Use the broadcast storm control settings to inhibit the forwarding of broadcast packets when the broadcast rate (number of broadcast packets received from a port per second) on a switch port exceeds a specified threshold. Broadcast storm control is configured for the switch as a whole, but operates on a per-port basis.

Note   Only broadcast packets are filtered through the broadcast storm control option. For information about unicast and multicast flooding control, see the "Flooding of Unknown MAC Addresses" section and the "Multicast Registration Menu" section.

To display the (), enter the [B] Broadcast storm control option from the .

Figure 4-6 Broadcast Storm Control Menu 


Catalyst 1900 - Broadcast Storm Control


--------------------Settings------------------


[A] Action upon exceeding broadcast threshold   Ignore

[G] Generate alert when threshold exceeded      Disabled


[T] Broadcast threshold (BC's received / sec)   500

[R] Broadcast re-enable threshold               250


[X] Exit to previous menu


Enter Selection:

[A] Action upon exceeding broadcast threshold—Enter [B]lock or [I]gnore for the action the switch takes when the broadcast threshold is exceeded. The default is [I]gnore.

This option assigns the action the switch takes if the number of broadcast packets reaches the broadcast threshold:

Block—The switch drops all broadcast packets received from a port if the broadcast threshold is exceeded. The switch resumes forwarding if the rate of broadcast packets received drops below the re-enable threshold.

Ignore—The switch forwards broadcast packets. There is no set threshold.

[G] Generate alert when threshold exceeded—Enter [E]nable if you want the switch to generate SNMP alerts when the broadcast threshold is exceeded. Enter [D]isable to disable this option. The alert generated is the trapbroadcastStorm. A trap is generated every 30 seconds. The default is [D]isable.

[T] Broadcast threshold (BCs received/sec)—Enter the threshold that constitutes a broadcast storm. The range is 10 to 14400 broadcast packets received from a port per second. The default is 500.

When this threshold is exceeded, the switch, if configured to do so, blocks the broadcast packets received from the port and generates an SNMP alert.

[R] Broadcast re-enabled threshold—Enter the threshold below which broadcast forwarding is re-enabled. The range is 10 to 14400 packets. The default is 250.

[X] Exit—Display the .

Network Management Menu

To display the (Figure 4-7), enter the [N] Network Management option from the .

Figure 4-7 Network Management Menu 


Catalyst 1900 - Network Management


[I] IP Configuration

[S] SNMP Management

[B] Bridge - Spanning Tree

[C] Cisco Discovery Protocol

[G] Cisco Group Management Protocol

[H] HTTP Server Configuration

[R] Cluster Management


[X] Exit to Main Menu


Enter Selection:

[I] IP Configuration—Display the .

[S] SNMP Management—Display the .

[B] Bridge-Spanning-Tree—Display the .

[C] Cisco Discovery Protocol—Display the .

[G] Cisco Group Management Protocol—Display the .

[H] HTTP Server Configuration—Display the .

[R] Cluster Management—Display the .

[X] Exit—Display the .

IP Configuration Menu

Typically, after the switch is installed, an IP address is assigned to the switch. (See the "Assigning IP Information and a Password to the Switch" section.)

IP information identifies the switch on the network and is required to configure and monitor it as an individual switch. When you assign the switch its own IP address, you can manage it from its management interfaces (switch manager, management console, SNMP, or CLI). The switch retains its own IP address even when it joins or leaves a switch cluster.

If you do not assign an IP address to the switch, you must add the switch to a switch cluster and manage it through the command switch. Whether or not the switch has its own IP address, when the switch is a cluster member, it is managed and communicates with other member switches through the IP address of the command switch. If the switch leaves the cluster and it does not have its own IP address, you then must assign IP information to it to manage and monitor it as a nonmember switch.

Note   We recommend that you assign an IP address to the switch even if the switch is or will be a cluster member so that if the switch is removed from the cluster, it remains manageable as a nonmember switch.

Note   You access the switch manager from a management station that is connected to one of the switch ports. Therefore, make sure that you do not disable or otherwise misconfigure the port through which you are communicating with the switch. You might want to write down the port number to which you are connected. Make changes to the switch IP information with care.

For information about IP information in switch clusters, refer to the Cisco IOS Desktop Switch Software Configuration Guide, Catalyst 2900 Series XL and Catalyst 3500 Series XL Cisco IOS Release 12.0(5)XP.

To display the (), enter the [I] IP Configuration option from the .

Figure 4-8 IP Configuration Menu 


Catalyst 1900 - IP Configuration


Ethernet Address:  00-E0-1E-7E-B4-40


--------------------Settings------------------

[I] IP address                              0.0.0.0

[S] Subnet mask                             0.0.0.0

[G] Default gateway                         0.0.0.0

[B] Management Bridge Group                 1 (fixed)

[M] IP address of DNS server 1              0.0.0.0

[N] IP address of DNS server 2              0.0.0.0

[D] Domain name

[R] Use Routing Information Protocol        Enabled


----------------------- Actions ----------------------------------------

[P] Ping

[C] Clear cached DNS entries

[X] Exit to previous menu


Enter Selection:

[I] IP address—Assign an IP address to the switch. Use dotted quad format (nnn.nnn.nnn.nnn). If the switch is connected to a network that has a Dynamic Host Configuration Protocol (DHCP)/Bootstrap Protocol (BOOTP) server, the server assigns it an IP address automatically.

This field displays the IP address assigned to the switch. If the switch does not have an IP address, this field displays 0.0.0.0.

Caution   Changing the switch IP address on this menu will end your Telnet session to the switch. You will need to start another Telnet session and use the new IP address of the switch.

Note   We recommend that you assign an IP address to the switch even if the switch is or will be a cluster member so that if the switch is removed from the cluster, it remains manageable as a nonmember switch.

[S] Subnet mask—Enter the subnet mask for the switch. Subnet masks exist only if the network has been divided up into subnetworks.

[G] Default gateway—Enter the IP address of the default gateway. Use dotted quad format (nnn.nnn.nnn.nnn). If the switch is connected to a DNS server, you can enter the name of the router instead. The default gateway is the router that the switch uses to reach IP subnets other than the local subnet to which the switch is attached. A default gateway is also necessary if the management station from which the switch is to be managed is not on the same IP subnet as the switch. For automatic assignment of a gateway, see the [R] Use Routing Information Protocol option on the .

[B] Management bridge group—Displays the management bridge group, which is always bridge group 1. The switch IP address must be assigned to a management bridge group to enable the switch to communicate with devices within the bridge group without use of a router. Devices in other bridge groups can only communicate with the switch if the other bridge groups are connected to the management bridge group by a router.

For information about VLANs, refer to the Catalyst 1900 Series and Catalyst 2820 Series Enterprise Edition Software Configuration Guide.

[M] IP address of DNS server 1—Enter the IP address of the Domain Name System (DNS) server in the IP Address of DNS Server 1 field. Use dotted quad format (nnn.nnn.nnn.nnn).

A network device can be identified through its IP address or its associated host name. Domain Name System (DNS) servers maintain name-to-address mappings.

If you enter the device name instead of its IP address from the switch management interfaces, the DNS server associated with the switch looks up the name before forwarding the packet to the destination device. The switch can be associated to up to two DNS servers.

[N] IP address of DNS server 2—Enter the IP address of a second DNS server. Use dotted quad format (nnn.nnn.nnn.nnn).

[D] Domain name—Enter the domain name (up to 62 characters) of the DNS server to which the switch is associated (such as cisco.com).

[R] Use Routing Information Protocol—Enter [E]nable if you want the Routing Information Protocol (RIP) to automatically discover and assign an IP gateway to the switch. Enter [D]isable to disable this option. The default is [E]nable.

The default gateway is the router that the switch uses to reach IP subnets other than the local subnet to which the switch is attached. A default gateway is also necessary if the management station from which the switch is to be managed is not on the same IP subnet as the switch.

[P] Ping—Enter the IP address of a device that can communicate with switch. Use dotted quad format (nnn.nnn.nnn.nnn). If the switch is connected to a DNS server, you can enter the name of the device instead.

[C] Clear cached DNS entries—Enter [Y]es if you want to purge all the cached DNS entries. Enter [N]o to display the .

[X] Exit—Display the .

Network Management (SNMP) Configuration Menu

Simple Network Management Protocol (SNMP) provides the means to manage and monitor the switch through the Management Information Base (MIB) objects. Additional information about SNMP and MIB objects is in the "Simple Network Management Protocol" section and the "Accessing MIB Files" section.

For information about how the command switch uses SNMP to manage the switch in the cluster, refer to the Cisco IOS Desktop Switch Software Configuration Guide, Catalyst 2900 Series XL and Catalyst 3500 Series XL Cisco IOS Release 12.0(5)XP.

To display the (), enter the [S] SNMP Management option from the .

Figure 4-9 Network Management (SNMP) Configuration Menu 


Catalyst 1900 - Network Management (SNMP) Configuration


[R] READ configuration

[W] WRITE configuration

[T] TRAP configuration


[X] Exit to previous menu


Enter Selection:

[R] READ Configuration—Display the .

[W] WRITE Configuration—Display the .

[T] TRAP Configuration—Display the .

[X] Exit—Display the .

Network Management (SNMP) READ Configuration Menu

To display the (), enter the [R] READ configuration option from the .

Figure 4-10 Network Management (SNMP) READ Configuration Menu 


Catalyst 1900 - Network Management (SNMP) READ Configuration


----------------------- Settings ---------------------------------------


[1] First  READ community string

[2] Second READ community string

[3] Third  READ community string

[4] Fourth READ community string


[X] Exit to previous menu


Enter Selection:

[1-4] READ community strings—Enter the community string(s) (up to 32 characters). The default for the first Read community string is public. You can assign up to four community strings to serve as passwords that enable the switch to validate SNMP read (Get) requests from a management station.

When the switch joins a cluster, the command switch propagates its first Read community string as the last Read community string for the member switch. If the joining Catalyst 1900 switch already has four Read community strings, the command switch overrides that fourth community string with its own first community string. When the switch leaves the cluster, the command-switch community string is deleted.

The command-switch string contains up to 27 characters and a suffix "@esNN" where NN is the member switch number.

Caution   Do not use "@es" in the community strings you define for the switch. When the switch joins a cluster, any community string containing "@es" is deleted.

[X] Exit—Display the .

Network Management (SNMP) WRITE Configuration Menu

To display the (), enter the [W] WRITE configuration option from the .

Figure 4-11 Network Management (SNMP) WRITE Configuration Menu 


Catalyst 1900 - Network Management (SNMP) WRITE Configuration


----------------------- Settings ---------------------------------------


[1] First  WRITE community string

[2] Second WRITE community string

[3] Third  WRITE community string

[4] Fourth WRITE community string


[A] First  WRITE manager name or IP address

[B] Second WRITE manager name or IP address

[C] Third  WRITE manager name or IP address

[D] Fourth WRITE manager name or IP address


[X] Exit to previous menu


Enter Selection:

[1-4] WRITE community strings—Enter the community string(s) (up to 32 characters). The default for the first Write community string is private. You can assign up to four community strings to serve as passwords that enable the switch to validate SNMP read-write (Set) requests from a management station. The write managers you assign can use any of the switch Write community strings.

When the switch joins a cluster, the command switch assigns its first Write community string as the last Write community string for the member switch. If the joining Catalyst 1900 switch already has four Write community strings, the command switch overrides that fourth community string with its own first community string. When the switch leaves the cluster, the command-switch community string is deleted.

The command-switch string contains up to 27 characters and a suffix "@esNN" where NN is the member switch number.

Caution   Do not use "@es" in the community strings you define for the switch. When the switch joins a cluster, any community string containing "@es" is deleted.

[A-D] WRITE manager names or IP addresses—Enter the IP address(es) or name(s) of the SNMP management station(s) that can issue write requests to the switch. Use dotted quad format (nnn.nnn.nnn.nnn). If the switch is connected to a DNS server, you can enter the name of the management station(s) instead. To remove a write manager, press the Backspace key to erase characters.

You can assign up to four write managers. The switch allows write requests from only the specified write managers or from the command switch. The write managers you assign can use any of the switch Write community strings.

Caution   If no write manager is assigned to the switch, any management station can modify the switch MIB objects.

Note   The write manager option is not available from the command switch. To use this option, use the or the .

[X] Exit—Display the .

Network Management (SNMP) TRAP Configuration Menu

A trap manager, or trap client, is an SNMP management station that receives traps, which are the system alerts generated by the switch. If no trap manager is defined, no traps are issued.

You can assign up to four trap managers and their accompanying community strings. A trap manager can only use its accompanying community string; it cannot use the community string of another trap manager.

Trap manager settings can be configured from the switch or, if the switch is a cluster member, from the command switch.

After you have assigned the trap manager(s), the switch generates, by default, the following traps:

warmStart

coldStart

linkDown

linkUp

authenticationFailure

newRoot

topologyChange

logonIntruder

switchDiagnostic

addressViolation

broadcastStormControl

rpsFailed

ipAddressChange

For more information about traps, see the "Simple Network Management Protocol" section and the "Accessing MIB Files" section.

To display the (), enter the [T] TRAP configuration option from the .

Figure 4-12 Network Management (SNMP) TRAP Configuration Menu 



Catalyst 1900 - Network Management (SNMP) TRAP Configuration


----------------------- Settings ---------------------------------------


[1] First  TRAP community string

[A] First  TRAP manager name or IP address


[2] Second TRAP community string

[B] Second TRAP manager name or IP address


[3] Third  TRAP community string

[C] Third  TRAP manager name or IP address


[4] Fourth TRAP community string

[D] Fourth TRAP manager name or IP address


[U] Authentication trap generation              Enabled

[L] LinkUp/LinkDown trap generation             Enabled


[X] Exit to previous menu


Enter Selection:

Note   A trap manager can only use its accompanying community string; it cannot use the community string of another trap manager.

[1-4] TRAP community strings—Enter the community string(s) (up to 32 characters). You can assign up to four community strings to serve as passwords that enable the switch to validate trap requests from a management station.

[A-D] TRAP manager names or IP addresses—Enter the IP address of the SNMP management station(s) that can issue trap requests to the switch. Use dotted quad format (nnn.nnn.nnn.nnn). If the switch is connected to a DNS server, you can enter the name of the management station(s) instead.

To remove a trap manager, press the Backspace key to erase characters.

You can assign up to four trap managers and their accompanying community strings.

[U] Authentication trap generation—Enter [E]nable if you want the switch to generate authentication traps, which alerts a management station of SNMP requests not accompanied by a valid community string. Enter [D]isable to disable this option. The default is [E]nable.

Note   Even if this option is enabled, no traps are generated if no trap manager addresses or names are assigned.

[L] LinkUp/LinkDown trap generation—Enter [E]nable if you want the switch to generate linkDown traps when a port is suspended or disabled for any of these reasons:

Secure address violation (address mismatch or duplication)

Network connection error (loss of linkbeat or jabber error)

Port disabled by management action

The switch generates linkUp traps when a port is enabled for any of these reasons:

Presence of linkbeat

Management intervention

Recovery from an address violation or any other error

Note   No more than one trap is sent every 5 seconds per port. The last trap generated in the 5-second interval is the one sent.

Enter [D]isable to disable this option. The default is [E]nable.

[X] Exit—Display the .

Spanning Tree Configuration Menu

The Spanning-Tree Protocol (STP) constructs network topologies that do not contain loops. When the network configuration changes, STP transparently reconfigures bridges and switches to avoid the creation of loops. STP avoids loops by placing ports in a forwarding or blocking state and establishes redundant paths (in the event of lost connections).

The following are two examples for using STP:

Redundant connectivity—You can create a redundant backbone with STP by connecting two of the ports on a switch to another device or to two different devices. STP automatically disables one port but enables it if the other port is lost. If one link is high-speed and the other low-speed, STP uses the high-speed link. If the speed of the two links is the same, the port priority and port ID are added together, and the link with the lowest value is disabled.

Accelerated address aging—Dynamic addresses are aged and dropped from the address table after a configurable period of time. The default for aging dynamic addresses is 5 minutes. However, a reconfiguration of the spanning tree can cause many station locations to change. Because this could mean that many stations are unreachable for 5 minutes or more, the address-aging time is accelerated so that station addresses can be dropped from the address table and then relearned. The accelerated-aging value is the same as the forward-delay parameter value when STP reconfigures.

A separate spanning-tree instance runs on each bridge group, and each bridge group participates in a separate spanning tree. Each switch in a spanning tree adopts the Hello, Max age, and Delay parameters of the root bridge regardless of how it is configured. Overlapping ports (ports that belong to more than one bridge group) participate in all spanning trees to which they belong. All ports on the switch support STP, and STP is managed through the standard Bridge MIB.

Note   Overlapping ports should be connected to end nodes only, not to other bridges. To configure bridge groups, use the on the management console.

For more information about bridge groups, see the "Bridge Group Configuration Menu" on page 64. For information about VLANs and the Uplink Fast option, refer to the Catalyst 1900 Series and Catalyst 2820 Series Enterprise Edition Software Configuration Guide.

To display the (), enter the [B] Bridge - Spanning Tree option from the .

Figure 4-13 Spanning Tree Configuration Menu 


Catalyst 1900 - Bridge Group 1 - Spanning Tree Configuration

Bridge ID: 8000 00-E0-1E-81-1E-40


--------------------Information----------------

Designated root 8000 00-E0-1E-81-1E-40

Number of member ports    27   Root port                N/A

Max age (sec)             20   Root path cost             0

Forward Delay (sec)       15   Hello time (sec)           2

Topology changes           0   Last TopChange   0d00h00m00s


--------------------Settings------------------

[S] Spanning Tree Algorithm & Protocol          Enabled

[B] Bridge priority                             32768 (8000 hex)

[M] Max age when operating as root              20 second(s)

[H] Hello time when operating as root           2 second(s)

[F] Forward delay when operating as root        15 second(s)


--------------------Actions-------------------

[N] Next bridge group         [G] Goto bridge group

[P] Previous bridge group     [X] Exit to previous menu


Enter Selection:

Spanning-Tree Root Settings

The Information fields on this menu display the following read-only STP settings for the current root switch, which could be defined on another switch.

Bridge ID

Unique hexadecimal ID number that has a bridge priority and a unique MAC address.

Number of Member Ports

Number of ports configured with STP.

Max Age

Number of seconds a bridge waits for STP configuration messages before attempting a reconfiguration.

Hello Time

Number of seconds between the transmission of STP configuration messages. All bridges send configuration messages during reconfiguration to elect the designated root bridge. After STP completes its network discovery, only designated bridges send configuration messages.

Topology Changes

Number of bridge topology changes experienced by the network. A topology change occurs as ports on any bridge change from a nonforwarding to a forwarding state or when a new root is selected.

Designated Root

ID number of the bridge identified as the root by the STP.

Root Port

Port on this bridge with the lowest-cost path to the root bridge. This option identifies the port through which the path to the root bridge is established. N/A is displayed when STP is disabled or when this bridge is the root bridge.

Root Path Cost

Cost of the path from this bridge to the root bridge shown in the Designated Root field. It equals the path cost parameters held for the root port.

Forward Delay

Number of seconds before a port changes from its STP learning and listening states to a forwarding state. Every bridge on the network ensures that no loop is formed before the port can forward packets.

Last TopChange

Number of days (d), hours (h), minutes (min), and seconds (s) since the last topology change.


Port and Forwarding STP States

The State column displays the state of the port. A port can be in one of the following states:

Blocking

The port is not forwarding frames and is not learning new addresses.

Listening

The port is not forwarding frames but is progressing toward a forwarding state. The port is not learning addresses.

Learning

The port is not forwarding frames but is learning addresses.

Forwarding

The port is forwarding frames and learning addresses.

Disabled

The port has been removed from STP operation. You need to re-enable the port.


The Forward Transitions column displays the number of times STP changed forwarding states.

Note   Modifying the spanning-tree settings causes a temporary loss of connectivity while the network reconfigures.

When the switch is powered up, the forwarding state, even if Port Fast mode is enabled, is delayed to allow the Spanning-Tree Protocol to discover the topology of the network and ensure no temporary loops are formed. Spanning-tree discovery takes approximately 30 seconds to complete, and no packet forwarding takes place during this time. After the initial discovery, Port Fast-enabled ports transition directly from the blocking state to the forwarding state. See the "Port Configuration Menu" section for Port Fast mode configuration instructions.

[S] Spanning-Tree Algorithm and Protocol—Enter [E]nable or [D]isable the Spanning-Tree Protocol (STP) to ensure a loop-free configuration in the bridge topology. When STP is enabled, redundant ports are kept in standby (suspended) status and are enabled when needed. The default is [E]nable.

Note   You can slightly improve switch performance by disabling STP. However, disable STP only if you are sure there are no loops in your network topology. With STP disabled and loops present in the topology, network performance is degraded by excessive traffic and indefinite packet duplication.

[B] Bridge priority—Enter a value (0 to 65535) used in determining the root bridge. The bridge with the lowest value has the highest priority and is selected as the root. The default is 32768.

[M] Max age when operating as root—Enter the number of seconds (6 to 40) a switch waits for STP configuration messages before it attempts a reconfiguration. After this period expires, other bridges recognize that the root has not sent a configuration message, and a new root is selected. The default is 20.

[H] Hello time when operating as root—Enter the number of seconds (1 to 10) between the transmission of STP configuration messages. The default is 2.

[F] Forward delay when operating as root—Enter the number of seconds (4 to 30) a port waits before changing from its STP learning and listening states to the forwarding state. This delay time is necessary to ensure that no loop is formed before the switch forwards a packet. The default is 15.

Note   Spanning-Tree Protocol also uses this value to accelerate address aging when the spanning tree is reconfigured.

[N] Next bridge group—Display the Spanning-Tree configuration for the next sequentially numbered bridge group.

[G] Goto bridge group—Display the Spanning-Tree configuration for a specified bridge group.

[P] Previous bridge group—Display the Spanning-Tree configuration for the previous sequentially numbered bridge group.

[X] Exit—Display the .

CDP Configuration/Status Menu

The Cisco Discovery Protocol (CDP) enables the switch to advertise its existence to other Cisco devices on the network. When CDP is enabled, the switch and the network management applications have an accurate picture of the network at any time because CDP gathers information about device types, links between devices, and the number of interfaces on each device.

Before the switch joins a cluster, CDP version 2 must be enabled on the switch. For information about cluster management and membership, refer to the Cisco IOS Desktop Switch Software Configuration Guide, Catalyst 2900 Series XL and Catalyst 3500 Series XL Cisco IOS Release 12.0(5)XP.

To display the (), enter the [C] Cisco Discovery Protocol option from the .

Figure 4-14 CDP Configuration/Status Menu 


Catalyst 1900 - CDP Configuration/Status


CDP enabled on: 1-24, AUI, A, B


--------------------Settings------------------


[V] Version                                      2

[H] Hold Time (secs)                           180

[T] Transmission Interval (secs)                60


--------------------Actions-------------------


[E] Enable CDP on Port(s)

[D] Disable CDP on Port(s)

[S] Show Neighbor

[X] Exit to previous menu


Enter Selection:

[V] Version—Enter the version [1] or [2] the switch uses. Version 1 provides standard CDP support. Version 2 is required for the switch to be a cluster member. When the switch is using version 2, it can still interoperate with neighboring Cisco devices running version 1. The default is 2.

Note   We recommend using version 2, which must be enabled before the switch joins a cluster.

[H] Hold Time—Enter the number of seconds (between 5 and 255) that a neighboring device keeps the CDP neighbor information received from this switch. The default is 180 seconds.

If a neighboring device does not receive a CDP message b