Table Of Contents
Release Notes for the Catalyst 2900 XL and Catalyst 3500 XL Switches, Cisco IOS Release 12.0(5)WC7
Browser and Java Plug-In Requirements
Cluster Requirements and Guidelines
Catalyst 2900 XL and Catalyst 3500 XL Switches
Catalyst 1900 and Catalyst 2820 Switches
Minimum Cisco IOS Release for Major Features
Using the spanning-tree portfast command
Resolved IOS Caveats in Release 12.0(5)WC7
Resolved CMS Caveats in Release 12.0(5)WC7
Corrections to Software Configuration Guide
Correction to Command Reference
Corrections to Catalyst 3500 XL Hardware Installation Guide
Installing the Required Plug-In
Displaying the CMS Access Page
Guidelines for Upgrading Switch Software
Overview of the Switch Upgrade Process
Determining the Switch Software Version
Which Software Files to Download from Cisco.com
Downloading the New Software and TFTP Server Application to Your Management Station
Copying the Current Startup Configuration from the Switch to a PC or Server
Using CMS to Upgrade One or More Switches
Recovering from an Incomplete CMS Software Upgrade
Using the CLI to Upgrade an 8-MB Catalyst 2900 XL Switch
Using the CLI to Upgrade Member Switches
Upgrading Catalyst 2900 XL or Catalyst 3500 XL Member Switches
Obtaining Technical Assistance
Obtaining Additional Publications and Information
Release Notes for the Catalyst 2900 XL and Catalyst 3500 XL Switches, Cisco IOS Release 12.0(5)WC7
March 2003
Cisco IOS Release 12.0(5)WC7 runs on the Catalyst 2900 series XL and Catalyst 3500 series XL switches with 8-MB CPU DRAM.
Note
This release is not for the Catalyst 2900 LRE XL switches. Do not install this release on the Long-Reach Ethernet (LRE) switches.
Note
These release notes include important information about this release and any limitations, restrictions, and caveats that apply to it. To verify that these are the correct release notes for your switch:
•
•
•
You can download the switch software from these sites:
•
(for registered Cisco.com users with a login password)•
(for nonregistered Cisco.com users)This release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future releases become available, they will be posted to Cisco.com in the Cisco IOS software area.
Contents
This document has the following sections:
•
•
•
•
•
•
•
•
•
•
•
•
Hardware Requirements
This release supports the 8-MB Catalyst 2900 XL switches (see Table 1) and Catalyst 3500 XL switches (see Table 2).
Note
Note
Software Requirements
This section describes the requirements for the system and for the Cluster Management Suite (CMS) software.
System Requirements
These operating systems are supported for CMS management:
•
•
•
•
•
The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM. Table 3 lists the recommended platforms for using CMS.
Table 3 Recommended Minimum Platform Configuration for Web-Based Management
Windows NT 4.01
Pentium 300 MHz
128 MB
65,536
1024 x 768
Small
Solaris 2.5.1
SPARC 333 MHz
128 MB
Most colors for applications
-
Small (3)
1 Service Pack 3 or higher required
Browser and Java Plug-In Requirements
When starting a CMS session, the switch verifies the browser version to ensure that the browser is supported. If the browser is not supported, an error message appears, and the session does not start. Table 4 lists the browsers supported by CMS.
CMS requires the Java plug-ins described in the "Installing the Required Plug-In" section.
Table 4 Browser Requirements
Windows 95
4.61, 4.7
5.0, or 5.5
Windows 98
-2
5.0, or 5.5
Windows NT 4.0
4.61, 4.7
5.0, or 5.5
Windows 2000
4.61, 4.7
5.0, or 5.5
Solaris 2.5.1 or higher
4.61, 4.7
-3
1 Netscape Communicator version 4.60 and 6.0 are not supported. (CSCdx34982)
2 CMS is not supported on machines running Windows 98 and Netscape Navigator. The workaround is to use Microsoft Internet Explorer if your operating system is Windows 98. (CSCdx4997)
3 Microsoft Internet Explorer is not supported on Solaris 2.5.1 or higher.
Note
To access CMS, follow the procedures in the "Initial Switch Configuration" section.
Cluster Requirements and Guidelines
This section describes the hardware and software requirements for clustering Catalyst desktop switches.
Catalyst 2900 XL and Catalyst 3500 XL Switches
Some versions of switch software do not support clustering, and other versions do not support some of the features in this release. To ensure that all cluster switches are using the same software level, we recommend that you upgrade all cluster switches to the software release that supports the features that you want.
If you have a cluster with switches that are running different versions of switch software, changes on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a switch running Release 11.2(8)SA6, the windows and functionality can be different from a switch running Release 12.0(5)XU or later.
Table 5 describes the Catalyst 2900 XL and Catalyst 3500 XL switches supported by this release and shows which switches can be command switches. All switches can function as standalone devices.
All Catalyst 2900 XL and Catalyst 3500 XL switches running Release 12.0(5.3)WC(1) and later are cluster-capable. All Catalyst 2900 XL modules are supported in cluster configurations.
We recommend that either the command switch has the latest software version installed if there switches in the cluster with older software versions or that all switches in the same platform be upgraded to the latest software version.
Note
Table 5 Catalyst 2900 XL and Catalyst 3500 XL Switches as Cluster Members
Catalyst 2900 XL (4 MB of DRAM)1
No
No
Yes
Catalyst 2900 XL (8 MB of DRAM)
Yes
Yes
Yes
Catalyst 2900 LRE XL (16 MB of DRAM)
Yes
Yes
Yes
Catalyst 3500 XL
Yes
Yes
Yes
1 These switches can act as cluster members if they are running Release 11.2(8.x)SA6 original edition software. They can interoperate with this software release, but they cannot be upgraded to it.
Catalyst 3550 Switches
Catalyst 3550 switches running Release 12.0(4)EA1 or higher can be command and member switches. For more information, refer to the documentation for the Catalyst 3550 switches.
Note
Catalyst 2950 Switches
Catalyst 2950 switches running Release 12.0(5)WC(1) or higher can be command and member switches. For more information, refer to the documentation for the Catalyst 2950 switches.
Note
Catalyst 1900 and Catalyst 2820 Switches
Table 6 lists the Catalyst 1900 and Catalyst 2820 switches and the minimum software release that they require to be cluster members. All Catalyst 2820 modules are supported in cluster configurations. For more information, refer to the documentation for the Catalyst 1900 and Catalyst 2820 switches.
Note
Table 6 Catalyst 1900 and Catalyst 2820 Switches as Cluster Members
Catalyst 1900
Yes
Yes
No
Catalyst 2820
Yes
Yes
No
Minimum Cisco IOS Release for Major Features
Table 7 lists the minimum software release required to support the major features of the Catalyst 2900 XL and Catalyst 3500 XL switches.
Table 7 Catalyst 2900 XL (including 2900 LRE XL) and Catalyst 3500 XL Features and the Minimum Cisco IOS Release Required
Bridge protocol data unit (BPDU) filtering
Release 12.0(5)WC7
Port security MAC address aging
Release 12.0(5)WC5
Bridge protocol data unit (BPDU) guard
Release 12.0(5)WC5
Remote Authentication Dial-In User Service (RADIUS)
Release 12.0(5)WC5
UniDirectional Link Detection (UDLD) recovery
Release 12.0(5)WC5
Support for the Cisco Coarse Wave Division Multiplexing (CWDM) Gigabit Interface Converter (GBIC) modules
Release 12.0(5)WC5
Enhanced web-based switch management (CMS)
Release 12.0(5)WC3
MAC address notification
Release 12.0(5)WC3
Internet Group Management Protocol (IGMP) filtering
Release 12.0(5)WC3
Extended cluster member compatibility with the Catalyst 2950 and Catalyst 3550 switches
Release 12.0(5)WC(1)
Multicast VLAN Registration (MVR)
Release 12.0(5)WC(1)
Cross-stack UplinkFast
Release 12.0(5)XW
Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration
Release 12.0(5)XW
Support for the single-port 1000BASE-T GBIC module (WS-G5482)
Release 12.0(5)XW
WS-C3524-PWR XL switch with 10/100 inline-power ports
Release 12.0(5)XU
WS-C2924M-XL-EN-DC switch with DC power connector
Release 12.0(5)XU
WS-X2932-XL Catalyst 2900 XL 1-port 1000BASE-T module
Release 12.0(5)XU
Hot Standby Router Protocol (HSRP) for clustering
Release 12.0(5)XU
Extended discovery of cluster candidates up to 7 hops from the command switch
Release 12.0(5)XU
Support for up to 16 switches in a cluster
Release 12.0(5)XU
VLAN Trunking Protocol (VTP) pruning
Release 12.0(5)XU
Change management Virtual LAN (VLAN) for a cluster
Release 12.0(5)XU
Private VLAN edge support
Release 12.0(5)XU
UDLD for detecting unidirectional links
Release 12.0(5)XU
Extended cluster member functionality for Catalyst 1900 and 2820 switches
Release 12.0(5)XP
Remote monitoring (RMON) support through the command-line interface (CLI) or Simple Network Management Protocol (SNMP)
Release 12.0(5)XP
Change management VLAN
Release 12.0(5)XP
Quality of service (QoS) based on IEEE 802.1P class of service (CoS) values
Release 12.0(5)XP
WS-C3548-XL switch with 48 10/100 ports
Release 12.0(5)XP
WS-X2931-XL Catalyst GigaStack GBIC module
Release 12.0(5)XP
Catalyst 3500 series XL switches (except WS-C3548-XL)
Release 11.2(8)SA6
Cluster management
Release 11.2(8)SA6
Terminal Access Control Access System Plus (TACACS+)
Release 11.2(8)SA6 (Enterprise Edition Software)
Network Time Protocol (NTP)
Release 11.2(8)SA6
Spanning Tree Protocol (STP) UplinkFast
Release 11.2(8)SA6
(Enterprise Edition Software)250 VLANs (some models: see the "Limitations and Restrictions" section)
Release 11.2(8)SA6
Catalyst 2900 series XL 1000BASE-X modules
Release 11.2(8)SA5
Catalyst 2900 series XL asynchronous transmission mode (ATM) modules
Release 11.2(8)SA5
IEEE 802.1Q trunking
Release 11.2(8)SA5
(Enterprise Edition Software)Inter-Switch Link (ISL) trunking
Release 11.2(8)SA4
(Enterprise Edition Software)VLAN Membership Policy Server (VMPS)
Release 11.2(8)SA4 (Enterprise Edition Software)
8192 media access control (MAC) addresses on modular switches
Release 11.2(8)SA4
Switch Network View stack management
Release 11.2(8)SA3
Web-based switch management
Release 11.2(8)SA
Fast EtherChannel port groups
Release 11.2(8)SA
New Software Feature
This release supports bridge protocol data unit (BPDU) filtering. BPDU filtering prevents ports that are in a Port Fast-operational state from sending or receiving BPDUs. BPDU filtering is described in these sections:
•
•
Enabling BPDU Filtering
The BPDU filtering feature can be globally enabled on the switch or can be enabled per interface, but the feature operates with some differences.
At the global level, you can enable BPDU filtering on Port Fast-enabled ports by using the spanning-tree portfast bpdufilter default global configuration command. This command prevents ports that are in a Port Fast-operational state from sending or receiving BPDUs. The ports still send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should globally enable BPDU filtering on a switch so that hosts connected to these ports do not receive BPDUs. If a BPDU is received on a Port Fast-enabled port, the port loses its Port Fast-operational status, and BPDU filtering is disabled.
At the interface level, you can enable BPDU filtering on any port without also enabling the Port Fast feature by using the spanning-tree bpdufilter enable interface configuration command. This command prevents the port from sending or receiving BPDUs.
Caution
You can also use the spanning-tree bpdufilter enable interface configuration command to enable BPDU filtering on any port without also enabling the Port Fast feature. This command prevents the port from sending or receiving BPDUs.
Caution
Beginning in privileged EXEC mode, follow these steps to globally enable the BPDU filtering feature:
To disable BPDU filtering, use the no spanning-tree portfast bpdufilter global configuration command.
You can use the spanning-tree bpdufilter enable interface configuration command to re-enable BPDU filtering.
Using the spanning-tree portfast command
Use the spanning-tree portfast global configuration command to globally enable BPDU filtering on Port Fast-enabled ports, the BPDU guard feature on Port Fast-enabled ports, or the Port Fast feature on all nontrunking ports. The BPDU filtering feature prevents the switch port from sending or receiving BPDUs. The BPDU guard feature puts Port Fast-enabled ports that receive BPDUs in an error-disabled state. Use the no form of this command to return to the default setting.
spanning-tree portfast {bpdufilter default | bpduguard default | default}
no spanning-tree portfast {bpdufilter default | bpduguard default | default}
Syntax Description
Defaults
The BPDU filtering, the BPDU guard, and the Port Fast features are disabled on all ports unless they are individually configured.
Command Modes
Global configuration
Command History
Usage Guidelines
Use the spanning-tree portfast bpdufilter default global configuration command to globally enable BPDU filtering on ports that are Port Fast-enabled (the ports are in a Port Fast-operational state). The ports still send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should globally enable BPDU filtering on a switch so that hosts connected to switch ports do not receive BPDUs. If a BPDU is received on a Port Fast-enabled port, the port loses its Port Fast-operational status and BPDU filtering is disabled.
You can override the spanning-tree portfast bpdufilter default global configuration command by using the spanning-tree bdpufilter interface configuration command.
Caution
Use the spanning-tree portfast bpduguard default global configuration command to globally enable BPDU guard on ports that are in a Port Fast-operational state. In a valid configuration, Port Fast-enabled ports do not receive BPDUs. Receiving a BPDU on a Port Fast-enabled port signals an invalid configuration, such as the connection of an unauthorized device, and the BPDU guard feature puts the port in the error-disabled state. The BPDU guard feature provides a secure response to invalid configurations because you must manually put the port back in service. Use the BPDU guard feature in a service-provider network to prevent an access port from participating in the spanning tree.
You can override the spanning-tree portfast bpduguard global configuration command by using the spanning-tree bdpuguard interface configuration command.
Use the spanning-tree portfast global configuration command to globally enable the Port Fast feature on all nontrunking ports. Configure Port Fast only on ports that connect to end stations; otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operation. A Port Fast-enabled port moves directly to the spanning-tree forwarding state when linkup occurs without waiting for the standard forward-delay time.
You can override the spanning-tree portfast global configuration command by using the spanning-tree portfast interface configuration command. You can use the no spanning-tree portfast global configuration command to disable Port Fast on all ports unless they are individually configured with the spanning-tree portfast interface configuration command.
Examples
This example shows how to globally enable the BPDU filtering feature:
Switch(config)# spanning-tree portfast bpdufilterThis example shows how to globally enable the BPDU guard feature:
Switch(config)# spanning-tree portfast bpduguardThis example shows how to globally enable the Port Fast feature on all nontrunking ports:
Switch(config)# spanning-tree portfastYou can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
Limitations and Restrictions
You should review this section before you begin working with the switches. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.
•
•
•
Caution
•
•
•
Caution
Beginning in user EXEC mode, follow these steps to verify and reset the VTP configuration revision number on a switch before adding it to a VTP domain.
After resetting the configuration revision number, add the switch to the VTP domain.
Note
•
•
•
•
–
–
CMS Restrictions
These are the Cluster Management Suite (CMS) restrictions for this release:
•
•
•
The workaround, if you do not want to disable the proxy server settings on the browser, is to download a browser from a different vendor and use it without the proxy server settings configured to access the CMS.
Important Notes
This section describes important information related to this release.
•
•
•
Open Caveats
These are the open caveats in this release:
Open IOS Caveats
These are the severity 3 IOS configuration caveats:
•
A switch might not send a coldStart and warmStart SNMP traps when it is reloaded or powered up, depending on the configuration and the topology.
There is no workaround.
•
When trying to find the cam table (show mac) through SNMP, you have to query dot1dTpFdbPort (.1.3.6.1.2.1.17.4.3.1.2), and then based on the results poll dot1dBasePortIfIndex (.1.3.6.1.2.1.17.1.4.1.2). When you issue an snmpwalk dot1dTpFdbPort all interfaces are returned. However, the snmpwalk dot1dBasePortIfIndex displays the physical interfaces only.
The workaround is to do an snmpget dot1dBasePortIfIndex by using the index found from the snmpwalk dot1dTpFdbPort query.
•
A switch that is running in VTP server mode unexpectedly removes VLANs when there is a topology change on another device.
There is no workaround.
•
When a switch is dually uplinked to a core switch (for example, a Catalyst 5000 switch) and each uplink carries up to ten VLANs, each uplink behaves normally for approximately two to three minutes: All ports for all VLANs are in a consistent state, and one port forwards while another is blocked.
After two to three minutes, only one VLAN stops registering the current Spanning Tree Protocol (STP) root. The switch then maximizes its age setting, declares itself a root, and unblocks the blocked port.
There is no workaround.
•
When a Catalyst 3548 XL switch is connected to a PIX 515 firewall and devices are not properly configured for VLAN trunking, the switch could reload.
There is no workaround.
•
If port is configured for multicast storm control and the multicast traffic reaches the threshold, the port blocks all traffic on the port.
There is no workaround.
Resolved Caveats
These caveats were resolved in this release:
•
•
Resolved IOS Caveats in Release 12.0(5)WC7
These IOS caveats were resolved in Release 12.0(5)WC7:
•
A switch now sends coldStart and warmStart traps when it is reloaded or powered up, depending on the configuration.
•
When a destination based port group is configured as a (MVR) receiver ports and the hosts subscribe to the multicast traffic through the port group members, you no longer receive duplicated multicast streams from all the port members.
•
This error message is no longer reported in the message log:
Assert failure in ../src-l2-les-common/stp_les_shim.c line 2443
•
This error message no longer appears when a MAC address is changed from one type (secure, static, dynamic) to another:
The same static address could not be assigned to another interface.
•
A link-up trap is now generated when a VLAN interface is shut down and then brought back up by using the shutdown and no shutdown interface configuration commands.
•
Multicast VLAN Registration (MVR) no longer stops properly receiving Internet Group Management Protocol (IGMP) messages after a VLAN assignment change or a link up or link down event from a dynamic VLAN port.
•
When a Gigabit Ethernet port is configured as an access port, that port no longer forwards incoming 801.Q-tagged VLAN frames.
•
When a Cisco IP Phone is supplied with an external power supply and inline power is enabled for the port connected to the IP phone, the output of the show power inline privileged EXEC command no longer shows "no" under the Phone column.
•
When the connection to the primary server fails, a switch no longer skips the secondary Terminal Access Controller Access Control System (TACACS) server defined in the server list.
•
A buffer leak is no longer caused by Terminal Access Controller Access Control System Plus (TACACS+) packets in the middle buffer pool.
•
Low-memory conditions no longer occur when high rates of HTTP traffic are sent to a switch.
•
A VLAN Membership Policy Server (VMPS) server no longer sends multiple VMPS requests to a switch when the server and the switch first establish a link.
•
A Gigabit Ethernet link now correctly shuts down when you enter the shutdown interface command.
•
A switch now correctly processes incoming VLAN Query Protocol (VPQ) packets from a VLAN Membership Policy Server (VMPS) server.
•
Rebooting a switch or entering the shutdown and no shutdown interface commands on a Gigastack link between two switches now stops link flap between those links and now stabilizes the link.
•
A loop no longer occurs when two switches are trunked together through a Gigabit interface by 801.Q and you remove the native VLAN from the trunk.
•
When a switch is configured with Port Fast through SNMP, the port begins forwarding immediately.
•
When a trunk port is aging out or deleting an address on a Catalyst 2924C XL switch, this error message is no longer displayed:
Oct 29 11:52:04.844: Assert failure in ../src-malibu/co_addr.c line 2216
•
A switch now logs a message when a self-loop condition is detected. The switch now also displays the self-loopback status when you enter the show interface interface-id switchport privileged EXEC command.
•
A switch might now sends coldStart and warmStart SNMP traps when it is reloaded or powered up, depending on the configuration and the topology.
•
When you enter the power inline never interface configuration command for a Cisco IP Phone that is connected to the port on a switch, the phone no longer receives power. The phone is not supplied power even after the switch reloads. In previous releases, the phone would be incorrectly supplied with power after the switch rebooted.
•
The UniDirectional Link Detection (UDLD) protocol now immediately detects a stuck port or a unidirectional link error on the remote end of a port. In previous releases, UDLD did not detect these error conditions for approximately 2 to 3 minutes.
•
This error message is no longer randomly displayed:
Sep 11 07:10:08 UTC: %SCHED-3-STUCKMTMR: Sleep with expired managed timer 4D1C44 , time 0x7A32C00A3 (00:00:00 ago). -Process= "IP SNMP", ipl= 6, pid= 61 -Traceback= 1C1E2C 1C2114 649CC 1D0CCC
•
A switch does not respond correctly to the etherHistoryUtilisation object identifier (OID) if the port speed is changed.
•
Traceback messages no longer occur when a multicast VLAN Registration (MVR) port is a dynamic access port and an MVR address is deleted.
•
When Visual Switch Manager is used to configure a switch, the configuration archive on Resource Manager Essentials (RME) now works properly, and the configuration history is registered to the RME database on schedule polling.
•
When an MVR port is a dynamic access port and an MVR address is deleted, a traceback message no longer appears.
•
When a switch is configured as a (VLAN Trunking Protocol) VTP server or VTP client, the switch continues processing Cisco Discovery Protocol (CDP), spanning-tree protocol (STP), or VTP control-plane traffic.
•
When a dynamic VLAN port loses connectivity to the VLAN, or when the shutdown and no shutdown interface configuration commands are applied to that port, the port no stops processing packets or remains in the Link Up/Protocol Down state.
•
The counters that are displayed by entering the show interface privileged EXEC command now count symbol errors as part of the input errors counter.
•
When polling the dot3StatsTable for interfaces, the counters no longer show uninitialized random values.
•
Bridge protocol data unit (BPDU) filtering was added in Release 12.0(5)WC7. For more information, see the New Features section on "New Software Feature" section.
•
A switch no longer creates a traceback when the spanning-tree debugging is enabled
•
The SNMP agent now returns normal values (0 to 100, as defined in the CISCO-PROCESS-MIB) for these objects:
–
–
–
–
–
–
Resolved CMS Caveats in Release 12.0(5)WC7
These CMS caveats were resolved in Release 12.0(5)WC7:
•
You can change the distribution of EtherChannels from CMS.
•
Port status is now correctly displayed in the Front Panel view.
•
CMS now displays all Cisco IP Phones in a cluster that are connected to Catalyst 3524 XL switches.
•
Link status is now correctly displayed on a Catalyst 3500 XL switch in the Front Panel view.
•
Multiple SPAN instances can now be configured through CMS.
•
You can now disable port security by using the Visual Switch Manager (VSM).
•
When a switch is powered by a Cisco 675 Redundant Power System (RPS), the switch LED in the Front Panel view now correctly shows the LED as blinking amber. In previous releases, the LED was black.
Documentation Updates
This information is now only in the release notes and is no longer in the manuals:
•
•
•
Corrections to Software Configuration Guide
These are corrections for the software configuration guide:
•
When you start the switch, the switch automatically requests configuration information from a DHCP server only if a configuration file is not present on the switch.
DHCP autoconfiguration does not occur under these conditions:
–
–
•
•
•
By default, a trunk port sends to and receives traffic from all VLANs in the VLAN database. If the switch is configured with a number of VLANs and it is connected to Cisco IP Phones through 802.1Q trunk ports, the switch sends spanning-tree BPDUs for all VLANs to all of the phones. This can flood the phones with traffic
Beginning in privileged EXEC mode, follow these steps to configure a VLAN list that allows only voice and data VLANs on the trunk port:
l
For more information about these commands, refer to the switch command reference.
Correction to Command Reference
The lre rate selection sequence global configuration command was introduced in 12.0(5)WC6. The switch command reference incorrectly states that this command was introduced in 12.0(6)WC6. (CSCea10612)
Corrections to Catalyst 3500 XL Hardware Installation Guide
These corrections are for the Catalyst 3500 XL Hardware Installation Guide:
•
•
•
Japan
This is a Class A product based on the standard of the Voluntary Control Council for Interference by Information Technology Equipment (VCCI). If this equipment is used in a domestic environment, radio disturbance may arise. When such trouble occurs, the user may be required to take corrective actions.
Korea
Hungary
This equipment is a Class A product and should be used and installed properly according to the Hungarian EMC Class A requirements (MSZEN55022). Class A equipment is designed for typical commercial establishments for which special conditions of installation and protection distance are used.
Figyelmeztetés a felhasználói kézikönyv számára:
Ez a berendezés "A" osztályú termék, felhasználására és üzembe helyezésére a magyar EMC "A" osztályú követelményeknek (MSZ EN 55022) megfeleloen kerülhet sor, illetve ezen "A" osztályú berendezések csak megfelelo kereskedelmi forrásból származhatnak, amelyek biztosítják a megfelelo speciális üzembe helyezési körülményeket és biztonságos üzemelési távolságok alkalmazását.Initial Switch Configuration
This section provides these procedures:
•
•
•
This section assumes that you have already installed the switch and connected devices to it, as described in the switch hardware installation guide.
Using the Setup Program
You can use an automatic setup program to assign switch IP information, host and cluster names, and passwords and to create a default configuration for continued operation. Later, you can use CMS or the command-line interface (CLI) to customize your configuration. To run the setup program, access the switch from the PC terminal that you connected to the console port. For information about connecting a PC or terminal to the switch console port, refer to the switch hardware installation guide.
Note
The first time that you access the switch, it runs a setup program that prompts you for IP and other configuration information necessary for the switch to communicate with local routers and the Internet. This information is also required if you plan to use CMS to configure and manage the switch.
You will need the following information from your system administrator:
Use this procedure to create an initial configuration for the switch:
Note
At any point you can enter a question mark for help. Use Ctrl-C to stop the configuration dialog at any prompt. The default settings are in square brackets.
Step 1
Continue with configuration dialog? [yes/no]: yStep 2
Enter IP address: ip_addressStep 3
Enter IP netmask: ip_netmaskStep 4
Would you like to enter a default gateway address? [yes]: yStep 5
IP address of the default gateway: ip_address
Note
Note
Step 6
Note
Enter enable secret: secret_passwordStep 7
Would you like to configure a Telnet password? [yes] y
Note
Step 8
Enter Telnet password: telnet_passwordStep 9
Note
Would you like to enable as a cluster command switch? yStep 10
Enter cluster name: cls_name
Note
Step 11
The following configuration command script was created: ip subnet-zero interface VLAN1 ip address 172.20.153.36 255.255.255.0 ip default-gateway 172.20.153.01 hostname host_name enable secret 5 $1$M3pS$cXtAlkyR3/6Cn8/ line vty 0 15 password telnet_password snmp community private rw snmp community public ro cluster enable cls_name endStep 12
•
•
Use this configuration? [yes/no]: yAfter you complete the setup program, the switch can use the created default configuration. If you want to change this configuration or want to perform other management tasks, use one of these tools:
•
•
The switch software configuration guide provides more information about how to set a password to protect the switch against unauthorized Telnet access and how to access the switch if you forget the password.
Installing the Required Plug-In
A Java plug-in is required for the browser to access CMS. Download and install the plug-in before you start CMS. Each platform, Windows and Solaris, supports three plug-in versions. For information on the supported plug-ins, see the "Windows 95, Windows 98, and Windows NT 4.0, and Windows 2000 Users" section and the "Solaris Platforms" section.
You can download the recommended plug-ins from this URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/java
Note
If the Java applet does not initialize after you have installed the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these settings:
In the Proxies tab, verify that the Use browser settings is checked and that no proxies are enabled.
Note
From the Start menu, disable the options by selecting Start > Programs > Network Associates > Virus Scan Console > Configure.
or
From the taskbar, right-click the Virus Shield icon, and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan.
Windows 95, Windows 98, and Windows NT 4.0, and Windows 2000 Users
These Java plug-ins are supported on the Windows platform:
•
•
•
You can download these plug-ins from this URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/java
Note
Solaris Platforms
These Java plug-ins are supported on the Solaris platform:
Caution
•
•
•
If you have a SmartNet contract, you can download these plug-ins and instructions from this URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/java
To install the Java plug-in, follow the instructions in the README_FIRST.txt file.
If you do not have a SmartNet contract, download the plug-in from this URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/java
Note
Displaying the CMS Access Page
After the browser is configured, display the CMS access page:
Step 1
http://10.1.126.45:184/level/14/where 10.1.126.45 is the switch IP address, 184 is the HTTP port, and level/14 is the privilege level. You do not need to enter the HTTP port if the switch is using HTTP port 80 (the default) or enter the privilege level if you have read-write access to the switch (privilege level is 15).
For information about the HTTP port and privilege levels, refer to the switch software configuration guide.
Step 2
If you configure a local username and password, make sure you enable it by using the ip http authentication global configuration command. Enter your username and password when prompted.
Step 3
If you access CMS from a standalone or member switch, Device Manager appears. If you access CMS from a command switch, you can display the Front Panel and Topology views.
For complete information about CMS, refer to the switch software configuration guide.
Upgrading the Switch Software
This section provides topics about upgrading the switch software:
•
•
•
•
•
•
•
•
•
Note
Guidelines for Upgrading Switch Software
Note
When upgrading the switch software, follow these rules:
•
•
•
–
–
•
•
•
Overview of the Switch Upgrade Process
The software upgrade procedure has these major steps:
•
•
The tar command extracts the IOS image and the HTML files from the .tar file during the TFTP copy to the switch.
•
When you upgrade a switch, the switch continues to operate while the new software is copied to Flash memory. If Flash memory has enough space, the new image is copied to the selected switch but does not replace the running image until you reboot the switch.
Note
If Flash memory does not have enough space for two images, your new image is copied over the existing one.
Note
•
–
–
Features provided by the new software are not available until you reload the switch.
Determining the Switch Software Version
The IOS image is stored as a .bin file in a directory that is named with the IOS release. A subdirectory contains the HTML files needed for web management. The image is stored on the system board Flash device (flash:).
You can use the show version user EXEC command to see the software version that is running on your switch. For example:
3500-239-34> show versionCisco Internetwork Operating System SoftwareIOS (tm) C3500xl Software (C3500xl-C3H2S-M), Version 12.0(0.0.2)WC5, RELEASE SOFT)
Copyright (c) 1986-2002 by cisco Systems, Inc.Compiled Tue 14-May-02 12:57 by antoninoImage text-base: 0x00003000, data-base: 0x0034A3B8You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that might be stored in Flash memory.
Note
Which Software Files to Download from Cisco.com
New software releases are posted on Cisco.com and are also available through authorized resellers. From Cisco.com, you can also download a TFTP server application to copy the switch software from your PC to the switch.
Table 8 describes the file extensions and what they mean for the upgrade procedure. Table 9 and Table 10 list the software files that you need from Cisco.com.
Downloading the New Software and TFTP Server Application to Your Management Station
Follow these steps to download the new software and, if necessary, the TFTP server application, from Cisco.com to your management station:
Step 1
Step 2
If you have a SmartNet support contract, go to one of these URLs, and download the appropriate files:
http://www.cisco.com/pcgi-bin/tablebuild.pl/cat2900XL
http://www.cisco.com/pcgi-bin/tablebuild.pl/cat3500XL
If you do not have a SmartNet contract, go to one of these URLs, and download the appropriate files:
http://www.cisco.com/pcgi-bin/tablebuild.pl/cat2900XL
http://www.cisco.com/pcgi-bin/tablebuild.pl/cat3500XL
Step 3
The readme.txt file describes how to download the TFTP server application. New features provided by the software are not available until you reload the software.
Copying the Current Startup Configuration from the Switch to a PC or Server
When you make changes to a switch configuration, your changes become part of the running configuration. When you enter the command to save those changes to the startup configuration, the switch copies the configuration to the config.text file in Flash memory. To ensure that you can recreate the configuration if a switch fails, you might want to copy the config.text file from the switch to a PC or server.
The following procedure requires a configured TFTP server such as the Cisco TFTP server available on Cisco.com.
Beginning in privileged EXEC mode, follow these steps to copy a switch configuration file to the PC or server that has the TFTP server application:
Step 1
switch# copy flash:config.text tftpStep 2
Address or name of remote host []? ip_addressStep 3
Destination filename [config.text]? yes/noStep 4
Using CMS to Upgrade One or More Switches
You can use the Software Upgrade window in Cluster Manager to upgrade all or some of the switches in a cluster at once. Consider these conditions when doing an upgrade:
•
–
–
•
Follow these steps to use CMS to upgrade switch software. Refer to the online help for more details.
Step 1
Step 2
You can enter just the filename or a pathname into the New Image File Names field. You do not need to enter a pathname if the image file is in the directory that you have defined as the TFTP root directory.
Note
Note
On the Catalyst 2900 XL and Catalyst 3500 XL switches, new images are copied to Flash memory and do not affect operation. The switch checks Flash memory to ensure that there is sufficient space before the upgrade takes place. If there is enough space, the new image is copied to the switch without replacing the old image, and after the new image is completely downloaded, the old one is erased. In this case, you can still reboot your switch by using the old image if a failure occurs during the copy process.
If there is not enough space in Flash memory for the new and old images, the old image is deleted, and the new image is downloaded.
On the Catalyst 1900 and Catalyst 2820 switches, the new image overwrites the current image during the upgrade.
Note
Recovering from an Incomplete CMS Software Upgrade
An upgrade failure can create multiple copies of IOS images and other files in Flash memory. This would not leave enough space for the HTML files to also be copied to Flash memory; thus, you will not be able to access the switch through CMS.
If a failure occurs, ensure that the image file in Flash memory has the same name as the contents of the boot variable:
•
•
If the contents of the boot variable and the image file name are the same, the switch can reset successfully. If they are different, rename the image file, or reset the boot variable by entering the system boot name global configuration command. The boot variable and the image file name should be the same.
To recover from the incomplete download of the HTML files, log in to the switch, and upgrade the software as described in the "Using the CLI to Upgrade Member Switches" section.
Using the CLI to Upgrade an 8-MB Catalyst 2900 XL Switch
Caution
This procedure is for upgrading Catalyst 2900 XL switches with 8 MB of DRAM. You upgrade a switch by extracting the IOS image file and the HTML files from a combined .tar file. You copy the files to the switch from a TFTP server and extract the files by entering the tar privileged EXEC command with these results:
•
•
•
If you are unsure whether your switch has 4 MB or 8 MB of memory, you can verify memory capacity at Step 4.
Follow these steps to upgrade the switch software by using the tar privileged EXEC command to start a TFTP transfer:
Step 1
Step 2
To start a Telnet session on your PC or workstation, enter this command:
server% telnet switch_ip_addressEnter the Telnet password if you are prompted to do so.
Step 3
switch> enable switch#Enter a password if you are prompted to do so.
Step 4
switch# show versionCisco Internetwork Operating System Software IOS (tm)C2900XL Software (C2900XL-HS-M), Version 11.2(8.2)SA6, RELEASE SOFTWARE (fc1)Copyright (c) 1986-1998 by cisco Systems, Inc.Compiled Mon 23-Nov-98 20:59 by paulinesImage text-base: 0x00003000, data-base: 0x00202144ROM: Bootstrap program is C2900XL boot loader2900XL-EN-84.3 uptime is 1 day, 22 hours, 23 minutesSystem restarted by power-onRunning default softwarecisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11)Processor board ID 0x0E, with hardware revision 0x01Last reset from power-onProcessor is running Enterprise Edition Software24 Ethernet/IEEE 802.3 interface(s)32K bytes of flash-simulated non-volatile configuration memory.Base ethernet MAC Address: 00:50:80:39:EC:40Motherboard assembly number: 73-3382-04Power supply part number: 34-0834-01Motherboard serial number: FAA02499G7XModel number: WS-C2924-XL-ENSystem serial number: FAA0250U03PConfiguration register is 0xFStep 5
switch# show bootIf there is no file defined in the BOOT path-list, enter the dir flash: privileged EXEC command to display the contents of Flash memory. For example, the file named c2900XL-c3h2-mz-120-5.3.WC.1.bin is the image file.
c2900XL-c3h2-mz-120-5.3.WC.1.binswitch# dir flash:Directory of flash:/4 d--x 6848 Apr 04 1993 15:23:11 html6 -rwx 79 Apr 04 1993 15:20:34 env_vars5 ---x 106 Apr 04 1993 15:20:36 info68 -rwx 1399 May 16 2000 14:43:42 config.text259 ---x 106 Apr 04 1993 15:23:12 info.ver3612672 bytes total (940032 bytes free)Step 6
switch# config terminal Enter configuration commands, one per line. End with CNTL/Z.Step 7
switch(config)# no IP http serverStep 8
switch(config)# boot system flash:new_imageFor example:
switch(config)# boot system flash:c2900XL-c3h2s-mz-120-5.3.WC.1.bin
Note
Step 9
switch(config)# endStep 10
switch# delete flash:html/*Step 11
Step 12
switch# delete flash:html/Snmp/*Make sure the S in Snmp is uppercase.
Press Enter to confirm the deletion of each file. Do not press any other keys during this process.
Caution
Step 13
switch# tar /x tftp://server_ip_address/path/filename.tar flash: Loading /path/filename.tar from server_ip_address (via VLAN1):!) extracting info (111 bytes)extracting c2900XL-c3h2s-mz-120-5.3.WC.1.bin (1557286 bytes)!!!!!!!!!!!!!!!!!!!!html/ (directory)extracting html/Detective.html.gz (1139 bytes)!extracting html/ieGraph.html.gz (553 bytes)extracting html/DrawGraph.html.gz (787 bytes)!. . .Depending on the TFTP server being used, you might need to enter only one slash (/) after the server_ip_address in the tar privileged command.
Step 14
switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z.Step 15
switch(config)# IP http serverStep 16
switch(config)# endStep 17
switch# reload System configuration has been modified. Save? [yes/no]:y Proceed with reload? [confirm]Step 18
Your Telnet session ends when the switch resets.
Step 19
Using the CLI to Upgrade Member Switches
Because a member switch might not be assigned an IP address, command-line software upgrades through TFTP are managed through the command switch.
This section provides these procedures:
•
•
Upgrading Catalyst 2900 XL or Catalyst 3500 XL Member Switches
Follow these steps to upgrade the software on a Catalyst 2900 XL or Catalyst 3500 XL member switch:
Step 1
switch# show cluster membersFrom the display, select the number of the member switch that you want to upgrade. The member number is in the SN column of the display. You need this member number for Step 2.
Step 2
switch# rcommand 1Step 3
switch-1# tar /x tftp://server_ip_address/path/filename.tar flash:Source IP address or hostname [server_ip_address]? Source filename [path/filename]? Destination filename [flash:new_image]? Loading /path/filename.bin from server_ip_address (via!) [OK - 843975 bytes]Step 4
switch-1# reload System configuration has been modified. Save? [yes/no]:y Proceed with reload? [confirm]Press Enter to start the download.
You lose contact with the switch while it reloads the software. For more information on the rcommand privileged EXEC command, refer to the switch command reference.
Related Documentation
You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and from the telephone numbers listed in the "Obtaining Documentation" section.
These publications provide more information about the switches and the switch software:
•
•
•
•
•
•
•
•
•
•
Obtaining Documentation
Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
International Cisco web sites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Registered Cisco.com users can order the Documentation CD-ROM (product number DOC-CONDOCCD=) through the online Subscription Store:
http://www.cisco.com/go/subscription
Ordering Documentation
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
•
http://www.cisco.com/en/US/partner/ordering/index.shtml
•
http://www.cisco.com/go/subscription
•
Documentation Feedback
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page.
You can e-mail your comments to bug-doc@cisco.com.
You can submit your comments by mail by using the response card behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com, which includes the Cisco Technical Assistance Center (TAC) Website, as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from the Cisco TAC website. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC website, including TAC tools and utilities.
Cisco.com
Cisco.com offers a suite of interactive, networked services that let you access Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com provides a broad range of features and services to help you with these tasks:
•
•
•
•
•
To obtain customized information and service, you can self-register on Cisco.com at this URL:
Technical Assistance Center
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC website and the Cisco TAC Escalation Center. The avenue of support that you choose depends on the priority of the problem and the conditions stated in service contracts, when applicable.
We categorize Cisco TAC inquiries according to urgency:
•
•
•
•
Cisco TAC Website
You can use the Cisco TAC website to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC website, go to this URL:
All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC website. Some services on the Cisco TAC website require a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:
http://tools.cisco.com/RPF/register/register.do
If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can open a case online at this URL:
http://www.cisco.com/en/US/support/index.html
If you have Internet access, we recommend that you open P3 and P4 cases through the Cisco TAC website so that you can describe the situation in your own words and attach any necessary files.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
•
•
http://www.cisco.com/en/US/about/ac123/ac114/about_cisco_packet_magazine.html
•
http://business.cisco.com/prod/tree.taf%3fasset_id=44699&public_view=true&kbns=1.html
•
http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html
•
http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, iQ Net Readiness Scorecard, Networking Academy, and ScriptShare are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, SMARTnet, StrataView Plus, Stratm, SwitchProbe, TeleRouter, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0303R)
Copyright © 1998-2003, Cisco Systems, Inc.
All rights reserved.
