Table Of Contents
Overview
Features
Management Options
Management Interface Options
Advantages of Using CMS and Clustering Switches
Network Configuration Examples
Design Concepts for Using the Switch
Small to Medium-Sized Network Configuration
Collapsed Backbone and Switch Cluster Configuration
Large Campus Configuration
Multidwelling Configuration
Overview
This chapter provides these topics about the Catalyst 2900 XL and Catalyst 3500 XL switch software:
•
Features
•Management Options
•Network Configuration Examples
Features
Note This guide describes the features for the Catalyst 2900 XL and Catalyst 3500 XL switches that are not Long-Reach Ethernet (LRE) switches. The Cisco IOS Release 12.0(5)WC3 software is for non-LRE switches only. Do not install this release on the Catalyst 2900 LRE XL switches. For configuring the Catalyst 2900 LRE XL switches, refer to Cisco IOS Release 12.0(5)WC2.
The Cisco IOS Release 12.0(5)WC3 software supports the hardware listed in the release notes (http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/index.htm).
Table 1-1 describes the features for this release. (Table 4-2 lists the defaults for these features and includes references to where you can find additional information about each feature.)
Table 1-1 Features
Ease of Use and Ease of Deployment
|
•Cluster Management Suite (CMS) software for simplified switch and switch cluster management through a web browser, such as Netscape Communicator or Microsoft Internet Explorer, from anywhere in your intranet
•Switch clustering technology, in conjunction with CMS, for
–Unified configuration, monitoring, authentication, and software upgrade of multiple switches. Refer to the release notes (http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/index.htm) for a list of eligible cluster members.
–Automatic discovery of candidate switches and creation of clusters of up to 16 switches that can be managed through a single IP address.
–Extended discovery of cluster candidates that are not directly connected to the command switch.
•Hot Standby Router Protocol (HSRP) for command-switch redundancy
Note See the "Advantages of Using CMS and Clustering Switches" section. Refer to the release notes (http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/index.htm) for the CMS and cluster hardware, software, and browser requirements.
|
Performance
|
•Autosensing of speed on the 10/100 ports and autonegotiation of duplex mode on all switch ports for optimizing bandwidth
•IEEE 802.3x flow control on the Gigabit ports operating in full-duplex mode
•Fast EtherChannel and Gigabit EtherChannel for enhanced fault tolerance and for aggregating up to 8 ports of bandwidth between switches, routers, and servers
•Per-port broadcast storm control for preventing faulty end stations from degrading overall system performance with broadcast storms
•Cisco Group Management Protocol (CGMP) for limiting multicast traffic to specified end stations and reducing overall network traffic
•CGMP Fast Leave for accelerating the removal of unused CGMP groups to reduce superfluous traffic on the network
•Multicast VLAN registration (MVR) to continuously send multicast streams in a multicast VLAN, but to isolate the streams from subscriber VLANs for bandwidth and security reasons
•Internet Group Management Protocol (IGMP) filtering for restricting the IP multicast groups that hosts connected to one or more switch ports can join
•Protected port (private VLAN edge port) option for restricting the forwarding of traffic to designated ports on the same switch
|
Manageability
|
•Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration for automatically configuring the switch during startup with IP address information and a configuration file that it receives during DHCP-based autoconfiguration
Note DHCP replaces the Bootstrap Protocol (BOOTP) feature autoconfiguration to ensure retrieval of configuration files by unicast TFTP messages. BOOTP is available in earlier software releases for this switch.
•Directed unicast requests to a Domain Name System (DNS) server for identifying a switch through its IP address and its corresponding host name
•Address Resolution Protocol (ARP) for identifying a switch through its IP address and its corresponding Media Access Control (MAC) address
•Cisco Discovery Protocol (CDP) versions 1 and 2 for network topology discovery and mapping between the switch and other Cisco devices on the network
•Network Time Protocol (NTP) for providing a consistent timestamp to all switches from an external source
•Directed unicast requests to a Trivial File Transfer Protocol (TFTP) server for administering software upgrades from a TFTP server
•Default configuration stored in Flash memory to ensure that the switch can be connected to a network and can forward traffic with minimal user intervention
•In-band management access through a CMS web-based session
•In-band management access through up to 16 simultaneous Telnet connections for multiple command-line interface (CLI)-based sessions over the network
•In-band management access through Simple Network Management Protocol (SNMP) versions 1 and 2c get and set requests
•Out-of-band management access through the switch console port to a directly-attached terminal or to a remote terminal through a serial connection and a modem
Note For additional descriptions of the management interfaces, see the "Management Options" section.
|
Redundancy
|
•HSRP for command switch redundancy
•UniDirectional link detection (UDLD) on all Ethernet ports for detecting and disabling unidirectional links on fiber-optic interfaces caused by incorrect fiber-optic wiring or port faults
•IEEE 802.1d Spanning Tree Protocol (STP) for redundant backbone connections and loop-free networks. STP has these features
–Per-VLAN Spanning Tree (PVST) for balancing load across virtual LANs (VLANs)
–Port Fast mode for eliminating forward delay by enabling a port to immediately change from a blocking state to a forwarding state
–UplinkFast, Cross-Stack UplinkFast, and BackboneFast for fast convergence after a spanning-tree topology change and for achieving load balancing between redundant uplinks, including Gigabit uplinks and cross-stack Gigabit uplinks
–STP root guard for preventing switches outside the core of the network from becoming the STP root
Note Up to 64 instances of STP is supported on each switch (see Table 8-1).
|
VLAN Support
|
•Depending on the switch model, up to 64 or 250 port-based VLANs are supported for assigning users to VLANs associated with appropriate network resources, traffic patterns, and bandwidth
Note For information about the maximum number of VLANs supported on each Catalyst 2900 XL and Catalyst 3500 XL switch, see the Table 8-1.
•Inter-Switch Link (ISL) and IEEE 802.1Q trunking encapsulation on all ports for network moves, adds, and changes; management and control of broadcast and multicast traffic; and network security by establishing VLAN groups for high-security users and network resources
•VLAN Membership Policy Server (VMPS) for dynamic VLAN membership
•VLAN Trunking Protocol (VTP) pruning for reducing network traffic by restricting flooded traffic to links destined for stations receiving the traffic
|
Quality of Service and Class of Service
|
•IEEE 802.1p class of service (CoS) with two priority queues on the 10/100 switch ports and eight priority queues on the Gigabit ports for prioritizing mission-critical and time-sensitive traffic from data, voice, and telephony applications
•Voice VLAN (VVID) for creating subnets for voice traffic from Cisco IP Phones
|
Security
|
•Password-protected access (read-only and read-write access) to management interfaces (CMS and CLI) for protection against unauthorized configuration changes
•Multilevel security for a choice of security level, notification, and resulting actions
•Static MAC addressing for ensuring security
•MAC-based port security for restricting the use of a switch port to a specific group of source addresses and preventing switch access from unauthorized stations
•Terminal Access Controller Access Control System Plus (TACACS+), a proprietary feature for managing network security through a TACACS server
|
Monitoring
|
•Switch LEDs that provide visual management of port- and switch-level status
•MAC address notification for tracking the MAC addresses that the switch has learned or removed
•Switch Port Analyzer (SPAN) for complete traffic monitoring on any port
•Four groups (history, statistics, alarm, and events) of embedded remote monitoring (RMON) agents for network monitoring and traffic analysis
•Syslog facility for logging system messages about authentication or authorization errors, resource issues, and time-out events
|
Catalyst 3524-PWR XL Switch-Specific Support
|
•Ability to provide inline power to Cisco IP Phones from all 24 10/100 Ethernet ports
•Autodetection and control of inline phone power on a per-port basis on all 10/100 ports
•Fan-fault and over-temperature detection through Visual Switch Manager (VSM)
|
Management Options
The Catalyst 2900 XL and Catalyst 3500 XL switches are designed for plug-and-play operation: you only need to assign basic IP information to the switch and connect it to the other devices in your network. If you have specific network needs, you can configure and monitor the switch—on an individual basis or as part of a switch cluster—through its various management interfaces.
This section discusses these topics:
•Interface options for managing the switches
•Advantages of clustering switches and using CMS
Management Interface Options
You can configure and monitor individual switches and switch clusters by using these interfaces:
•CMS—CMS is a graphical user interface that can be launched from anywhere in your network through a web browser such as Netscape Communicator or Microsoft Internet Explorer. CMS is already installed on the switch. Using CMS, you can fully configure and monitor a standalone switch, a specific cluster member, or an entire switch cluster. You can also display network topologies to gather link information and to display switch images to modify switch- and port-level settings.
For more information about CMS, see "Getting Started with CMS."
•CLI—The switch IOS CLI software is enhanced to support desktop-switching features. You can fully configure and monitor the switch and switch cluster members from the CLI. You can access the CLI either by connecting your management station directly to the switch console port or by using Telnet from a remote management station.
For more information about the CLI, see "Getting Started with the CLI."
•SNMP—SNMP provides a means to monitor and control the switch and switch cluster members. You can manage switch configuration settings, performance, security, and collect statistics by using SNMP management applications such as CiscoWorks2000 LAN Management Suite (LMS) and HP OpenView.
You can manage the switch from an SNMP-compatible management station that is running platforms such as HP OpenView or SunNet Manager. The switch supports a comprehensive set of MIB extensions and four RMON groups.
For more information about using SNMP, see the "SNMP Network Management Platforms" section.
Advantages of Using CMS and Clustering Switches
Using CMS and switch clusters can simplify and minimize your configuration and monitoring tasks. You can use Cisco switch clustering technology to manage up to 16 interconnected supported Catalyst switches through one IP address as if they were a single entity. This can conserve IP addresses if you have a limited number of them. CMS is the easiest interface to use and makes switch and switch cluster management accessible to authorized users from any PC on your network.
By using switch clusters and CMS, you can
•Manage and monitor interconnected Catalyst switches, regardless of their geographic proximity and interconnection media, including Ethernet, Fast Ethernet, Fast EtherChannel, Cisco GigaStack Gigabit Interface Converter (GBIC), Gigabit Ethernet, and Gigabit EtherChannel connections. Refer to the release notes (http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/index.htm) for a list of supported switches.
•Accomplish multiple configuration tasks from a single CMS window without needing to remember CLI commands to accomplish specific tasks.
•Apply actions from CMS to multiple ports and multiple switches at the same time to avoid re-entering the same commands for each individual port or switch. Here are some examples of globally setting and managing multiple ports and switches:
–Port configuration such as speed and duplex settings
–Port and console port security
–NTP, STP, VLAN, and quality of service (QoS) configuration
–Inventory and statistic reporting and link- and switch-level monitoring and troubleshooting
–Group software upgrade
•View a topology of interconnected devices to identify existing switch clusters and eligible switches that can join a cluster. You can also use the topology to quickly identify link information between switches.
•Monitor real-time status of a switch or multiple switches from the LEDs on the front-panel images. The system, redundant power system (RPS), and port LED colors on the images are similar to those used on the physical LEDs themselves.
•Use an interactive mode that takes you step-by-step through VLAN and voice VLAN (VVID) configuration
•Use a wizard that prompts you to provide only minimal required information to configure VVIDs
For more information about CMS, see "Getting Started with CMS." For more information about switch clusters, see "Clustering Switches."
Network Configuration Examples
This section provides network configuration concepts and includes examples of using the switch to create dedicated network segments and interconnecting the segments through Fast Ethernet and Gigabit Ethernet connections.
Design Concepts for Using the Switch
As your network users compete for network bandwidth, it takes longer to send and receive data. When you configure your network, consider the bandwidth required by your network users and the relative priority of the network applications they use.
Table 1-2 describes what can cause network performance to degrade and describes how you can configure your network to increase the bandwidth available to your network users.
Table 1-2 Increasing Network Performance
Network Demands
|
Suggested Design Methods
|
Too many users on a single network segment and a growing number of users accessing the Internet
|
•Create smaller network segments so that fewer users share the bandwidth, and use VLANs and IP subnets to place the network resources in the same logical network as the users who access those resources most.
•Use full-duplex operation between the switch and its connected workstations.
|
•Increased power of new PCs, workstations, and servers
•High demand from networked applications (such as e-mail with large attached files) and from bandwidth-intensive applications (such as multimedia)
|
•Connect global resources—such as servers and routers to which network users require equal access—directly to the Fast Ethernet or Gigabit Ethernet switch ports so that they have their own Fast Ethernet or Gigabit Ethernet segment.
•Use the Fast EtherChannel or Gigabit EtherChannel feature between the switch and its connected servers and routers.
|
Bandwidth alone is not the only consideration when designing your network. As your network traffic profiles evolve, consider providing network services that can support applications such as voice and data integration and security.
Table 1-3 describes some network demands and how you can meet those demands.
Table 1-3 Providing Network Services
Network Demands
|
Suggested Design Methods
|
High demand for multimedia support
|
•Use CGMP and MVR to efficiently forward multicast traffic.
|
High demand for protecting mission-critical applications
|
•Use VLANs and protected ports to provide security and port isolation.
•Use VLAN trunks, Cross-Stack UplinkFast, and BackboneFast for traffic-load balancing on the uplink ports so that the uplink port with a lower relative port cost is selected to carry the VLAN traffic.
|
An evolving demand for IP telephony
|
•Use QoS to prioritize applications such as IP telephony during congestion and to help control both delay and jitter within the network.
•Use switches that support at least two queues per port to prioritize voice and data traffic as either high- or low-priority, based on 802.1p/Q.
•Use VVIDs to provide a separate VLAN for voice traffic.
|
A growing demand for using existing infrastructure to transport data and voice from a home or office to the Internet or an intranet at higher speeds
|
•Use the Catalyst 2900 LRE XL switches to provide up to 15 Mb of IP connectivity over existing infrastructure (existing telephone lines).
Note For more information about the Catalyst 2900 LRE XL switches and LRE technology, refer to the Catalyst 2900 XL and Catalyst 3500 XL documentation set for Cisco IOS Release 12.0(5.x)WC1 and Cisco IOS Release 12.0(5.x)WC2.
|
Figure 1-1 shows three configuration examples for using the Catalyst 2900 XL and Catalyst 3500 XL switches to create the following:
•Cost-effective wiring closet—A cost-effective way to connect many users to the wiring closet is to connect up to nine Catalyst 2900 and Catalyst 3500 XL switches through GigaStack GBIC connections. When you use a stack of Catalyst 3548 XL switches, you can connect up to 432 users. To preserve switch connectivity if one switch in the stack fails, connect the bottom switch to the top switch to create a GigaStack loopback and enable Cross-Stack UplinkFast on the cross-stack Gigabit uplinks.
You can create backup paths by using Fast Ethernet, Gigabit, or Fast EtherChannel, or Gigabit EtherChannel links. Using Gigabit modules on two of the switches, you can have redundant uplink connections to a Gigabit backbone switch such as the Catalyst 3508G XL switch. If one of the redundant connections fails, the other can serve as a backup path. You can configure the stack members and the Catalyst 3508G XL switch as a switch cluster to manage them through a single IP address.
•High-performance workgroup—For users who require high-speed access to network resources, use Gigabit modules to connect the switches directly to a backbone switch in a star configuration. Each switch in this configuration provides users a dedicated 1-Gbps connection to network resources in the backbone. Compare this with the switches in a GigaStack configuration, where the 1-Gbps connection is shared among the switches. Using these Gigabit modules also provides flexibility in media and distance options:
–1000BASE-SX GBIC: fiber connections of up to 1804 ft (550 m)
–1000BASE-LX/LH GBIC: fiber connections of up to 32,808 ft (10 km)
–1000BASE-ZX GBIC: fiber connections of up to 328,084 ft (100 km)
–1000BASE-T GBIC: copper connections of up to 328 ft (100 m)
–Catalyst 2900 XL 1000BASE-T: copper connections of up to 328 ft (100 m)
•Redundant Gigabit backbone—Using HSRP, you can create backup paths between Catalyst 4908G-L3 switches. To enhance network reliability and load balancing for different VLANs and subnets, you can connect the Catalyst 2900 XL and Catalyst 3500 XL switches, again in a star configuration, to two backbone switches. If one of the backbone switches fails, the second backbone switch preserves connectivity between the switches and network resources.
Figure 1-1 Example Configurations
Small to Medium-Sized Network Configuration
Figure 1-2 shows a configuration for a network that has up to 250 users. Users in this network require e-mail, file-sharing, database, and Internet access.
You optimize network performance by placing workstations on the same logical segment as the servers they access most often. This divides the network into smaller segments (or workgroups) and reduces the amount of traffic that travels over a network backbone, thereby increasing the bandwidth available to each user and improving server response time.
A network backbone is a high-bandwidth connection (such as Fast Ethernet or Gigabit Ethernet) that interconnects segments and network resources. It is required if numerous segments require access to the servers. The Catalyst 2900 XL and Catalyst 3500 XL switches in this network are connected through a GigaStack GBIC on each switch to form a 1-Gbps network backbone. This GigaStack can also be configured as a switch cluster, with primary and secondary command switches for redundant cluster management.
Workstations are connected directly to the 10/100 switch ports for their own 10- or 100-Mbps access to network resources (such as web and mail servers). When a workstation is configured for full-duplex operation, it receives up to 200 Mbps of dedicated bandwidth from the switch.
Servers are connected to the Gigabit module ports on the switches, allowing 1-Gbps throughput to users when needed. When the switch and server ports are configured for full-duplex operation, the links provide 2 Gbps of bandwidth. For networks that do not require Gigabit performance from a server, connect the server to a Fast Ethernet or Fast EtherChannel switch port.
Connecting a router to a Fast Ethernet switch port provides multiple, simultaneous access to the Internet through one line.
Figure 1-2 Small to Medium-Sized Network Configuration
Collapsed Backbone and Switch Cluster Configuration
Figure 1-3 shows a configuration for a network of approximately 500 employees. This network uses a collapsed backbone and switch clusters. A collapsed backbone has high-bandwidth uplinks from all segments and subnetworks to a single device, such as a Gigabit switch, which serves as a single point for monitoring and controlling the network. You can use a Catalyst 3550-12G switch, as shown, or a Catalyst 3508G XL switch to create a Gigabit backbone. A Catalyst 3550-12G backbone switch provides the benefits of inter-VLAN routing and allows the router to focus on WAN access.
The workgroups are created by clustering all the Catalyst switches. Using CMS and Cisco switch clustering technology, you can group the switches into multiple clusters, as shown, or into a single cluster. You can manage a cluster through the IP address of its active and standby command switches, regardless of the geographic location of the cluster members.
This network uses VLANs to segment the network logically into well-defined broadcast groups and for security management. Data and multimedia traffic are configured on the same VLAN. Voice traffic from the Cisco IP Phones are configured on separate VVIDs. For any switch port connected to Cisco IP Phones, 802.1p/Q QoS gives forwarding priority to voice traffic over data traffic.
Grouping servers in a centralized location provides benefits such as security and easier maintenance. The Gigabit connections to a server farm provide the workgroups full access to the network resources (such as a call-processing server running Cisco CallManager software, a DHCP server, or an IP/TV multicast server).
Cisco IP Phones are connected—using standard straight-through, twisted-pair cable with RJ-45 connectors—to the 10/100 inline-power ports on the Catalyst 3524-PWR XL switches and to the 10/100 ports on the Catalyst 2900 XL and Catalyst 3500 XL switches. These multiservice switch ports automatically detect if an IP phone is connected. Cisco CallManager controls call processing, routing, and IP phone features and configuration. Users with workstations running Cisco SoftPhone software can place, receive, and control calls from their PCs. Using Cisco IP Phones, Cisco CallManager software, and Cisco SoftPhone software integrates telephony and IP networks, where the IP network supports both voice and data.
Each 10/100 inline-power port on the Catalyst 3524-PWR XL switches provides -48 VDC power to the Cisco IP Phone. The IP phone can receive redundant power when it also is connected to an AC power source. IP phones not connected to the Catalyst 3524-PWR XL switches receive power from an AC power source.
Figure 1-3 Collapsed Backbone and Switch Cluster Configuration
Large Campus Configuration
Figure 1-4 shows a configuration for a network of more than 1000 users. Because it can aggregate up to 130 Gigabit connections, a Catalyst 6500 multilayer switch is used as the backbone switch.
You can use the workgroup configurations shown in previous examples to create workgroups with Gigabit uplinks to the Catalyst 6500 switch. For example, you can use switch clusters that have a mix of Catalyst 2900 XL and Catalyst 3500 XL switches.
The Catalyst 6500 switch provides the workgroups with Gigabit access to core resources:
•Cisco 7000 series router for access to the WAN and the Internet.
•Server farm that includes a call-processing server running Cisco CallManager software. Cisco CallManager controls call processing, routing, and IP phone features and configuration.
•Cisco Access gateway (such as Cisco Access Digital Trunk Gateway or Cisco Access Analog Trunk Gateway) that connects the IP network to the PSTN or to users in an IP telephony network.
Figure 1-4 Large Campus Configuration
Multidwelling Configuration
A growing segment of residential and commercial customers are requiring high-speed access to Ethernet metropolitan-area networks (MANs). Figure 1-5 shows a configuration for a Gigabit Ethernet MAN ring using Catalyst 6500 switches as aggregation switches in the mini-point-of-presence (POP) location. These switches are connected through 1000BASE-X GBIC ports.
The resident switches can be Catalyst 2900 XL and Catalyst 3500 XL switches, providing customers with either Fast Ethernet or Gigabit Ethernet connections to the MAN. Catalyst 2900 LRE XL switches can also be used as residential switches for customers requiring connectivity through existing telephone lines. The Catalyst 2900 LRE XL switches can then connect to another residential switch through a 10/100 connection.
For more information about the Catalyst 2900 LRE XL switches and LRE technology, refer to the Catalyst 2900 XL and Catalyst 3500 XL documentation set for Cisco IOS Release 12.0(5.x)WC1 and Cisco IOS Release 12.0(5.x)WC2.
All ports on the residential switches are configured as 802.1Q trunks with the protected port and STP root guard options enabled. The protected port option provides security and isolation between ports on the switch, ensuring that subscribers cannot view packets destined for other subscribers. STP root guard prevents unauthorized devices from becoming the STP root switch. All ports have CGMP enabled for multicast traffic management.
Figure 1-5 Multidwelling Configuration
