Table Of Contents
Default Settings and Where to Change Them
Managing Configuration Conflicts
Saving Changes to the Startup Configuration
Managing Switches via Switch Network View
Understanding a Network View Stack
Displaying the Network View Page
Displaying Switch Connection Information
Displaying the Cisco Visual Stack
Checking Port Speed and Duplex Settings
Enabling the Switch as a Command Switch
Using the Switch Image to Monitor and Configure the Switch
Configuring Ports on the Switch Home Page
Connecting To Devices That Do Not Autonegotiate
CLI Procedure for Setting Speed and Duplex Parameters
Creating EtherChannel Port Groups
Understanding EtherChannel Port Grouping
Port Group Restrictions on Static-Address Forwarding
CLI Commands to Create EtherChannel Port Groups
CLI Commands for Enabling a Network Port
Enabling Broadcast Storm Control
CLI Commands for Enabling Broadcast Storm Control
Blocking Flooded Traffic on a Port
CLI Commands for Blocking Flooded Traffic on a Port
Reloading and Upgrading the Switch Software
Entering the System Reload Options
CLI Commands for Upgrading the Switch Software
Setting the System Date and Time
Setting the System Date and Time
Configuring the Network Time Protocol
Configuring the Switch as an NTP Client
Configuring the Switch for NTP Broadcast-Client Mode
CLI Commands for Assigning IP Information to the Switch
CLI Commands for Adding a Trap Manager
Managing the MAC Address Tables
Changing the Address Aging Time
CLI Commands to Define the Aging Time
CLI Commands for Adding Secure Addresses
Adding and Removing Static Addresses
Configuring Static Addresses for EtherChannel Port Groups
CLI Commands for Adding Static Addresses
Defining the Maximum Secure Address Count
CLI Commands to Enable Port Security
Configuring the Cisco Discovery Protocol
CLI Commands for Configuring CDP
Controlling IP Management Packets via CGMP
CLI Commands for Enabling the CGMP Fast Leave Option
Modifying the Router Hold Time
CLI Commands for Changing the Router Hold Time
CLI Commands for Removing Multicast Groups
Configuring Spanning-Tree Protocol
Using STP to Support Redundant Connectivity
Accelerating Aging to Retain Connectivity
Changing STP Parameters for a VLAN
CLI Commands for Enabling STP Port Fast
Creating and Maintaining VLANs
CLI Commands for Assigning Static Access Ports to a VLAN
VLAN Membership for an ATM Port
CLI Commands for Assigning Multi-VLAN Ports to VLANs
Configuring the Switch to Log Information
Managing Your Switches
You can use the IOS Release 11.2(8)SA6 software to manage a single switch, a group of switches that are managed individually, or a cluster of switches that is managed through a single IP address. You can use any of the management interfaces to manage a switch or cluster. This chapter describes the switching features provided by Release 11.2(8)SA6 and how you can change them. For descriptions of the network-management features and clustering, see "."
The graphical user interface of Cisco Visual Switch Manager (CVSM) is the primary focus of this chapter. You can use this interface to monitor a live image of the switch, reconfigure ports and other features, and upgrade the switch software.
Cisco IOS command-line interface (CLI) procedures are included for many tasks in this chapter. However, this guide describes only the use of IOS commands that have been created or changed for use with Catalyst 2900 XL and Catalyst 3500 XL switches. These commands are further described in the Cisco IOS Desktop Switching Command Reference. For information on other IOS Release 11.2(8) commands, see the IOS documentation set available from the CCO home page by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Note
How-to information for CVSM is in the online help available from all CVSM pages.
This chapter also describes the Cisco Switch Network View, hereafter called Network View, an HTML tool that displays a map of the devices that are connected to your switch. From this map you can display the CVSM interface for the other supported switches.
Default Settings and Where to Change Them
You can configure the features of this IOS release by using any of the available interfaces. lists the most important features, their defaults, and where they are described in this guide.
Table 3-1 Default Settings and Where to Find Them
Creating clusters
None
Cluster Builder
Removing cluster members
None
Cluster Manager
Upgrading cluster software
Enabled
Cluster Manager
Displaying reports
Enabled
Cluster Manager, Cluster Builder, Cluster View
-
Switch IP address, subnet mask, and default gateway
0.0.0.0
System>IP Management
"CLI Commands for Assigning IP Information to the Switch" section
Cisco Discovery Protocol (CDP)
Enabled
Device>Cisco Discovery Protocol
Documentation set for Cisco IOS Release 11.2(8) on CCO
Address Resolution Protocol (ARP)
Enabled
System>ARP Table
Documentation set for Cisco IOS Release 11.2(8) on CCO
System Time Management
None
System>System Time Management
Documentation set for
Cisco IOS Release 11.2(8) on CCOStatic address assignment
None assigned
Security>Address Management
Cisco Switch Network View
Enabled
-
VLAN membership
Static access ports in VLAN 1
VLAN>VLAN Membership
"CLI Commands for Assigning Static Access Ports to a VLAN" section
Autonegotiation of duplex mode
Enabled
Port>Port Configuration
"CLI Procedure for Setting Speed and Duplex Parameters" section
Autonegotiation of port speeds
Enabled
Port>Port Configuration
"CLI Procedure for Setting Speed and Duplex Parameters" section
Broadcast storm control
Disabled
Port>Flooding Controls
Flooding unknown unicast and multicast packets
Enabled
Port>Flooding Controls
"CLI Commands for Blocking Flooded Traffic on a Port" section
Network port
Disabled
Port>Flooding Controls
Cisco Group Management Protocol (CGMP)
Enabled
Device>Cisco Group Management Protocol
"CLI Commands for Enabling the CGMP Fast Leave Option" section
Spanning-Tree Protocol
Enabled
Device>Spanning-Tree Protocol
Port grouping
None assigned
Port>Port Grouping (EC)
SPAN port monitoring
Disabled
Port>Switch Port Analyzer (SPAN)
See the documentation set for Cisco IOS Release 11.2(8) on CCO
Console, buffer, and file logging
Disabled
Fault>Logging Config
Documentation set for Cisco IOS Release 11.2(8) on CCO
Password
None
Visual Switch Manager Home
Addressing security
Disabled
Security>Address Management
Trap manager
0.0.0.0
System>SNMP Configuration
Documentation set for Cisco IOS Release 11.2(8) on CCO
Community strings
public
System>SNMP Configuration
Documentation set for Cisco IOS Release 11.2(8) on CCO
Port security
Disabled
Security>Port Security
Documentation set for Cisco IOS Release 11.2(8) on CCO
Managing Configuration Conflicts
Certain combinations of port features conflict with one another. For example, if you define a port as the network port for a VLAN, all unknown unicast and multicast traffic is flooded to the port. You could not enable port security on the network port because a secure port limits the traffic allowed on it. In , no means that the two referenced features are incompatible.
If you try to enable incompatible features by using CVSM, CVSM issues a warning message and prevents you from making the change. Reload the web page to refresh CVSM.
Table 3-2
-
No
No
No
No
No
No
-
No
No
Yes
Yes
No
No
-
No
No
No
No
No
No
-
No
No
No
Yes
No
No
-
Yes
No
Yes (source-based only)
No
No
Yes
-
1 Catalyst 2900 XL only.
2 Cannot be used in a cluster.
Incompatible Features
Saving Changes to the Startup Configuration
The configuration file that loads when the switch is restarted is in Flash memory. This configuration in this file is not necessarily the same as the running configuration. If you want the running (current) configuration to be used when the switch restarts, use CVSM or the CLI to save the configuration file. This procedure is described for CVSM in the "Reloading and Upgrading the Switch Software" section. It is described for the CLI in the "Working with Files in Flash Memory" section.
Managing Switches via Switch Network View
This section describes the switch Network View, an application that extends web-based network management to the other devices in your network. By exchanging Cisco Discovery Protocol (CDP) messages with attached CDP-enabled devices, a Network View switch is able to graphically display a surrounding star topology that can consist of Catalyst 2900 and Catalyst 3500 series XL switches and Cisco edge devices.
Network View is an alternative to the cluster that you can create by using Cluster Management. Each Network View member needs to be assigned its own IP address. A Network View stack differs from a cluster in that each member has its own IP address assigned to it. In addition, a Network View stack must be in a star topology and does not support daisy-chained switches.
Understanding a Network View Stack
The center node in a star topology acts as a primary switch in Network View. Up to four directly connected supported switches can be stack members. These switches can be displayed in a consolidated physical view called the visual stack. You can access device and link information from the Network View page and the Visual Stack page.
If more than four switches are connected, Network View displays only the four connected to the lowest port numbers of the primary switch. All other devices are considered edge devices. A star topology with the primary switch in the center ensures the most complete view of the network.
To run Network View, all stack members must be running Cisco IOS Release SA6 or later and the corresponding CVSM release. In addition, you need to enable SNMP and set the community string to public on all stack members.
For a complete description of the Network View interface, see "Using Switch Network View" section.
Displaying the Network View Page
If you have not enabled a command switch, the Network View page (Figure 3-1) displays a map of the devices and links that are directly connected to your switch. From this page, you can display switch-connection information, device reports, and link reports. This page also displays Cisco routers, switches, hubs, and Cisco Micro Web Servers, but these devices must be directly attached to one of the supported switches. Other devices using CDP display as generic edge devices.
Note
Follow these steps to display the Network View page:
Step 1
Step 2
Displaying Switch Connection Information
Figure 3-2 shows the information that you can display about the switches being managed by Network View. Click on the Switch Manager button on the Network View page to display this table.
Figure 3-1 Switch Network View Page
Figure 3-2 Visual Switch Manager Connection Information
Displaying the Cisco Visual Stack
The visual stack is an image of up to four Catalyst 2900 series XL or Catalyst 3500 series XL switches (Figure 3-3) with the primary switch at the top. This stack contains the same switches as those on the Network View page, which displays the primary switch in the middle and stack members connected to it. The stack images display real-time information about the switches and their ports. You can use the stack to monitor port status, check port speed and duplex settings, configure switch ports, and start the CVSM software.
Follow these steps to display the Visual Stack page:
Step 1
Step 2
The visual stack displays in a separate browser window (see Figure 3-3).
Figure 3-3 Visual Stack
Monitoring Port Status
The visual stack shows LED colors to depict the port status:
•
•
•
Checking Port Speed and Duplex Settings
To check the transmission speed settings for all switch ports, click MODE, and highlight SPD (speed). Blue means 10 Mbps; green means 100 Mbps.
To check the duplex setting, click MODE, and highlight FDUP (full-duplex). Blue means half-duplex mode; green means full-duplex mode.
Configuring Switch Ports
On the visual stack, click on a port and right-click to display the pop-up menu. Select Port Configuration. The Port Configuration pop-up window shows the port settings and status. Select Enable to enable or disable the port and STP Port Fast setting, and select a speed and duplex setting from the drop-down lists. This window is the same as the one described in the "Configuring Ports on the Switch Home Page" section.
In addition, you can configure multiple ports as a group. To do so, press Ctrl and left-click the ports, and then right-click the selected ports and select Port Configuration from the pop-up menu.
Accessing CVSM
The visual stack displays the IP address of each switch next to the switch image. Click the IP address to open a separate browser window displaying the CVSM home page for that switch. End the browser session when you want to return to the visual stack.
Note
Managing Your Switch via CVSM
You access CVSM through one of the supported browsers described in the "Hardware and Software Requirements" section. Ensure that you have the browser configured correctly before starting CVSM.
Using the Switch Home Page
The Cisco Visual Switch Manager Home page (Figure 3-4) is always displayed when you click Visual Switch Manager on the Cisco Systems Access page. All the CVSM pages have a Home button you can click to return to this page.
Use this page to perform the following tasks:
•
•
•
•
•
Changing the Password
Changing the password from this page breaks your connection with the switch, and the browser prompts you for the new password. Click Help for the complete procedure. If you have forgotten your password, see the "Recovering from a Lost or Forgotten Password" section.
Enabling the Switch as a Command Switch
If the switch is command-capable, use this page to enable it as the command switch and to name the cluster. The Cluster Management button displays on the home page after the command switch is enabled, and the cluster name appears in Cluster View with the cluster icon. in "," lists the switches that are able to be command switches and those that can be enabled by a software upgrade.
Using the Switch Image to Monitor and Configure the Switch
The CVSM home page refreshes the image of the switch every 30 seconds. Besides using it to configure the features listed in this section, you can use the switch images in Cluster Manager to display VLAN membership information and detailed information about the links between switches. For more information on monitoring the switch via a web interface, see the "."
Monitoring the Ports
The LEDs on the switch image present the same information as the actual LEDs, but they use colors instead of the on/off methods used on the switch front panel. Click the Mode button to highlight STAT (status), SPD (speed), or FDUP (duplex), thus changing the information conveyed by the port LEDs. The legend under the image describes the meaning of the colors in each mode.
Monitoring Other Switch LEDs
The other LEDs function as follows:
•
•
•
Figure 3-4 CVSM Home Page
Configuring Ports on the Switch Home Page
To configure a port, left-click on it and then right-click to display the pop-up menu. Select Port Configuration. Press+ Ctrl and left-click the ports to select more than one at a time. The dialog box shown in Figure 3-5 displays the same information and supports the same changes as the Port Configuration page. The live LEDs on the image of the switch reflect any changes you make.
This IOS release supports 10/100, Gigabit Ethernet, ATM, and Catalyst GigaStack Gigabit Interface Converters (GBICs). See the "Configuring Port Parameters" section for defaults and guidelines for configuring the different types of ports.
Figure 3-5 Port Configuration Dialog Box
Configuring Ports
Use this page to enable and disable ports and to set the duplex, speed and Port Fast parameters. Select Port>Port Configuration from the menu bar.
Figure 3-6 shows the Port Configuration page, and describes the meaning of column headings and fields. The "Configuring Port Parameters" section contains guidelines for you to use when using this page.
Figure 3-6 Port Configuration Page
Table 3-3
Port
Displays Fa (Fast Ethernet), Gi (Gigabit Ethernet), or AT (ATM); the module number: 0 (fixed), 1 (right slot), or 2 (left slot); and the port number. In Figure 3-5, the port is a fixed port (0) and port number 14: Fa0/14.
Note
Status: Admin/Actual
Enables or disable the port. The field also displays the current port status.
Duplex: Requested/Actual
Displays the current duplex setting. You can set a port to full-duplex (Full), half-duplex (Half), or autonegotiate (Auto). The default is Auto. For ATM ports, this field is read-only and displays Full.
Speed: Requested/Actual
Displays the current speed setting. You can set a port to 10 Mbps (10), 100 Mbps (100), or autonegotiate (Auto). The default is Auto.
For Gigabit Ethernet ports, the field displays 1000 and is read-only. For ATM ports, the field displays 155 (155 Mbps) and is read-only.
Port Name
Names the port or describes how it is connected.
Statistics
Displays transmit and receive statistics for the port. Click Reset to clear the statistics and close the statistics window.
Flow Control
Enables or disables flow control on Gigabit Ethernet ports. Flow control enables the connected Gigabit Ethernet ports to control traffic rates during congestion. If one port experiences congestion and cannot receive any more traffic, it notifies the other port to stop transmitting until the condition clears.
Select Symmetric when you want the local port to perform flow control of the remote port only if the remote port can also perform flow control on the local port. Select Asymmetric when you want the local port to perform flow control on the remote port. For example, if the local port is congested, it notifies the remote port to stop transmitting. This is the default setting
Select Any when the local port can support any level of flow control required by the remote port. This setting is the default. Select None to disable flow control on the port.
This field is displayed only when a Gigabit Ethernet port is present; it does not apply to Fast Ethernet or ATM ports.
Port Configuration Parameters
Configuring Port Parameters
The Port Configuration page displays the Requested and Actual settings for each port. A port connected to a device that does not support the requested setting or that is not connected to a device can cause the Requested and Actual settings to differ.
Caution
Follow these guidelines when configuring the duplex and speed settings:
•
•
•
•
•
•
Connecting To Devices That Do Not Autonegotiate
To connect to a remote 100BaseT device that does not autonegotiate, do not configure AUTO for the duplex setting on the local device. Autonegotiation of the speed setting works correctly even if the attached device does not autonegotiate.
To connect to a remote Gigabit Ethernet device that does not autonegotiate, disable Autonegotiation on the local device, and set the duplex and flow control parameters to be compatible with the other device. For more information, see the "Identifying an Autonegotiation Mismatch" section.
CLI Procedure for Setting Speed and Duplex Parameters
Beginning in privileged EXEC mode, follow these steps to set the speed and duplex parameters on a port:
For more information on IOS Release 11.2(8)SA6, see the Cisco IOS Desktop Switching Command Reference. The complete IOS Release 11.2(8) documentation is available through CCO by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Creating EtherChannel Port Groups
Use the Port Group (EtherChannel) page (see Figure 3-8) to create Fast EtherChannel and Gigabit EtherChannel port groups. These port groups act as single logical ports for high-bandwidth connections between switches or between switches and servers.
Note
To display this page, select Port>Port Grouping (EC) from the menu bar.
Understanding EtherChannel Port Grouping
This IOS release supports two different types of port groups: source-based forwarding port groups and destination-based forwarding port groups. Source-based forwarding ports groups distribute packets forwarded to the group based on the source address of incoming packets from ports that are not in the port group. Port groups that forward based on the source address can have as many as eight ports. Source-based forwarding is enabled by default.
Destination-based port groups distribute packets forwarded to the group based on the destination address of incoming packets from ports not in the group. Port groups that forward based on the destination address can have any number of ports.
Port groups that link switches each switch, but both ends of a port group must be configured consistently. In , a port group of two workstations communicates with a router. Because the router is a single-MAC address device, source-based forwarding ensures that the switch uses all available bandwidth to the router. The router is configured to forward based on destination address because the larger number of stations ensures that the traffic is evenly distributed out the port-group ports on the router.
Figure 3-7 Source-Based Forwarding
The switch treats the port group as a single logical port; therefore, when you create a port group, the switch uses the configuration of the first port for all ports added to the group. If you add a port and change the forwarding method, it changes the forwarding for all ports in the group. After the group is created, changing STP or VLAN membership parameters for one port in the group automatically changes the parameters for all ports. Each port group has one port that carries all unknown multicast, broadcast, and STP packets.
Figure 3-8 Port Group (EtherChannel)
Port Group Restrictions on Static-Address Forwarding
The following restrictions apply to entering static addresses that are forwarded to port groups:
•
•
Note
CLI Commands to Create EtherChannel Port Groups
Beginning in privileged EXEC mode, complete these tasks to create a two-port group:
For more information on IOS Release 11.2(8)SA6, see the Cisco IOS Desktop Switching Command Reference. The complete IOS Release 11.2(8) documentation is available through CCO by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Enabling Switch Port Analyzer
Use the Switch Port Analyzer (SPAN) page (Figure 3-9) to enable port monitoring. You can monitor traffic on a given port by forwarding incoming and outgoing traffic on the port to another port in the same VLAN. A SPAN port cannot monitor ports in a different VLAN, and a SPAN port must be a static-access port. Any number of ports can be defined as SPAN ports, and any combination of ports can be monitored.
To display this page, select Port>Switch Port Analyzer (SPAN) from the menu bar.
For the restrictions that apply to SPAN ports, see the "Managing Configuration Conflicts" section.
Figure 3-9 Switch Port Analyzer (SPAN)
Configuring Flooding Controls
Use the Flooding Controls page (Figure 3-10) to block the forwarding of unnecessary flooded traffic. You can enable three flooding techniques from this page:
•
•
•
To display this page, select Port>Flooding Controls from the menu bar.
Figure 3-10 Flooding Controls
Enabling a Network Port
Network ports are assigned per VLAN and can reduce flooded traffic on your network. The switch forwards all traffic with unknown destination addresses to the network port instead of flooding the traffic to all ports in the VLAN.
When you configure a port as the network port, the switch deletes all associated addresses from the address table and disables learning on the port. If you configure other ports in the VLAN as secure ports, the addresses on those ports are not aged. If you move a network port to a VLAN without a network port, it becomes the network port for the new VLAN.
You cannot change the settings for unicast and multicast flooding on a network port.
Caution
For limitations on configuring a network port, see the "Managing Configuration Conflicts" section.
CLI Commands for Enabling a Network Port
Beginning in privileged EXEC mode, complete these tasks to define a port as the network port:
For more information on IOS Release 11.2(8)SA6, see the Cisco IOS Desktop Switching Command Reference. The complete IOS Release 11.2(8) documentation is available through CCO by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Enabling Broadcast Storm Control
A broadcast storm occurs when a large number of broadcast packets are received. Forwarding these packets can cause the network to slow down or to time out. Broadcast storm control is configured for the switch as a whole, but operates on a per-port basis. By default, broadcast storm control is disabled.
Broadcast storm control uses specific high and low numbers of broadcast packets to block and then to restore forwarding of broadcast packets. In general, the higher the threshold, the less effective the protection against broadcast storms. The maximum half-duplex transmission on a 100BaseT link is 148,000 packets per second, but you can enter a threshold up to 4294967295 broadcast packets per second.
CLI Commands for Enabling Broadcast Storm Control
Beginning in privileged EXEC mode, follow these steps to enable broadcast-storm control.
Blocking Flooded Traffic on a Port
By default, the switch floods packets with unknown destination MAC addresses to all ports. Some configurations do not require flooding. For example, a port that has only manually assigned addresses has no unknown destinations, and flooding serves no purpose. Therefore, you can disable the flooding of unicast and multicast packets on a per-port basis. Ordinarily, flooded traffic does not cross VLAN boundaries, but multi-VLAN ports flood traffic to all VLANs they belong to.
To display the page for blocking flooded traffic, select Port>Flooding Controls from the menu bar.
CLI Commands for Blocking Flooded Traffic on a Port
Beginning in privileged EXEC mode, follow these steps to disable the flooding of multicast and unicast packets to a port:
For more information on IOS Release 11.2(8)SA6, see the Cisco IOS Desktop Switching Command Reference. The complete IOS Release 11.2(8) documentation is available through CCO by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Reloading and Upgrading the Switch Software
Use the System Configuration page (see Figure 3-11 and Figure 3-12) to specify the Flash memory filenames that the switch uses when it starts or resets. You can also use this page to upgrade your switch firmware.
To display this page, select System>System Configuration from the menu bar.
You can use this page for the following tasks:
•
•
•
•
Saving the Configuration File
The startup configuration file contains the IP addresses, passwords, and any other information you entered. The switch reloads this file when it restarts. However, the startup configuration file might not be the running (current) configuration. Changes made through the CVSM or the CLI take effect immediately but must be explicitly saved to be included in the startup configuration.
Use this page to save the running configuration to the startup configuration file. The following buttons control the switch startup:
Figure 3-11 System Configuration (Part 1)
Entering the System Reload Options
By default, the System Reload Options fields contain the correct information to reboot the system. Some of the fields contain files in Flash memory. To determine the filenames to use, enter the following EXEC mode command at the CLI:
switch# dir flash:Directory of flash:2 -rwx 843947 Mar 01 1993 00:02:18 C2900XL-hs-mz-112.8-SA6.bin4 drwx 3776 Mar 01 1993 01:23:24 html66 -rwx 130 Jan 01 1970 00:01:19 env_vars68 -rwx 1296 Mar 01 1993 06:55:51 config.text1728000 bytes total (456704 bytes free)The image file that runs the switch has a .bin extension, the html directory contains the CVSM HTML files, and config.text contains the current configuration. If you need more information about accessing the switch via the CLI, refer to the "Configuring the Switch for Telnet" section.
Click Help for procedures on how to configure the fields on this page.
Upgrading Switch Software
When you upgrade a switch or cluster, the switch or switches continue to operate normally while the new software is copied to Flash memory. When the copy is complete, the old files are deleted, and the new software is loaded the next time you reboot. If the browser halts or the copy fails in some way, you can reboot the switch with the old version of the software and re-execute the upgrade procedure.
If you group switches into a cluster, you can upgrade the entire cluster from Cluster Manager. For more information, see the "Upgrading Software for a Group of Switches" section.
New releases of switch software are available on Cisco Connection Online (CCO). The process of upgrading your switch consists of the following steps:
Step 1
Step 2
Step 3
Click Help for the complete procedures for this process.
Figure 3-12 System Configuration (Part 2)
CLI Commands for Upgrading the Switch Software
This procedure is for switches already running IOS Release 11.2(8)SA6. Switches running earlier IOS releases might have less memory and require slightly different procedures. If you need to upgrade an older switch to this IOS release, refer to the Release Notes for Cisco IOS Release 11.2(8)SA6 or the release notes that came with your switch.
These steps are included in the upgrade procedure:
•
•
Follow these steps to upgrade the switch software, starting in privileged EXEC mode:
For more information on IOS Release 11.2(8)SA6, see the Cisco IOS Desktop Switching Command Reference. The complete IOS Release 11.2(8) documentation is available through CCO by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Setting the System Date and Time
Use the System Time Management page (Figure 3-13) to set the system time for a switch or enable an external source such as Network Time Protocol (NTP) to supply time to the switch.
You can use this page to set the switch time by using one of the following techniques:
•
•
•
To display this page, select System>System Time Management from the menu bar.
Figure 3-13 System Time Management
Setting the System Date and Time
Enter the date and a 24-hour clock time setting on the System Time Management page. If you are entering the time for an American time zone, enter the three-letter abbreviation for the time zone in the Name of Time Zone field. If you are identifying the time zone by referring to Greenwich Mean Time, enter UTC (Universal Time Coordinated) in the Name of Time Zone field. You then must enter a negative or positive number as an offset to indicate the number of time zones the switch is from Greenwich, England. Enter a negative number if the switch is west of Greenwich, England, and east of the International Date Line. California is eight time zones west of Greenwich, and you would enter -8 in the Hours Offset From UTC field. Negative and positive numbers can also be entered for minutes.
To configure daylight saving time, select an option from the drop-down menu, and Click Configure Summer/Daylight Saving Time. You can configure the switch to change to daylight saving time on a particular day every year, on a day that you enter, or not at all.
Configuring the Network Time Protocol
In complex networks it can make sense to distribute time information from a central server. The NTP can distribute time information by responding to requests from clients or by broadcasting time information. You can use the Network Time Protocol page (Figure 3-14) to enable these options and to enter authentication information to accompany NTP client requests.
To display this page, click Configure NTP on the System Time Management page.
Configuring the Switch as an NTP Client
You configure the switch as an NTP client by entering the IP addresses of up to ten NTP servers in the IP Addr field. Click Preferred to specify which server should be used first. You can also enter an authentication key to be used as a password when requests for time information are sent to the server.
Enabling NTP Authentication
To ensure the validity of information received from NTP servers, you can authenticate NTP messages with public-key encryption. This procedure must be coordinated with the administrator of the NTP servers: the information you enter on this page will be matched by the servers to authenticate it.
Click Help for more information about entering information in the Key Number, Key Value, and Encryption Type fields.
Configuring the Switch for NTP Broadcast-Client Mode
You can configure the switch to receive NTP broadcast messages if there is an NTP broadcast server, such as a router, broadcasting time information on the network. You can also enter a delay in the Estimated Round-Trip Delay field to account for round-trip delay between the client and the NTP broadcast server.
Figure 3-14 Network Time Protocol
Configuring IP Information
Use the IP Management page (see Figure 3-15) to change or enter IP information for the switch. Some of this information, such as the IP address, you had previously entered.
To change IP information for the switch, select System>IP Management from the menu bar.
Configuring the Switch for IP
The switch IP address belongs to VLAN 1 and is used to access interfaces such as the CVSM and SNMP. For a port to access one of these management interfaces, it must also belong to VLAN 1.
If your switch is configured as a member switch in a cluster, it might not have an IP address assigned to it. If your switch is configured as a command switch in a cluster, its IP information supports the IP connectivity of all its member switches.
Caution
Figure 3-15 IP Management
CLI Commands for Assigning IP Information to the Switch
Beginning in privileged EXEC mode, follow these steps to enter the IP information:
For more information on IOS Release 11.2(8)SA6, see the Cisco IOS Desktop Switching Command Reference. The complete IOS Release 11.2(8) documentation is available through CCO by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Configuring SNMP
Use the SNMP Configuration page (Figure 3-16) to configure your switch for SNMP management.
To display this page, select System>SNMP Configuration from the menu bar.
This guide describes the use of IOS commands that have been created or changed for use with switches that support IOS Release 11.2(8)SA6. For information on other IOS Release 11.2(8) commands, see the IOS documentation set available from the CCO home page by selecting Service and Support>Technical Documents>Documentation Home Page>Cisco IOS Software Configuration>Cisco IOS Release 11.2.
Use this page to perform the following tasks:
•
•
•
•
•
•
Disabling and Enabling SNMP
If you deselect Enable SNMP and click Apply, SNMP is disabled, and the SNMP parameters on the page disappear. SNMP must be enabled for some network view and Cluster Management features to work properly. For information SNMP and Cluster Management, see "Managing Clusters via SNMP" section.
Figure 3-16 SNMP Configuration - Part 1
Entering Community Strings
Community strings serve as passwords for SNMP messages. You can enter them with the following characteristics:
Read only (RO)
Requests accompanied by the string can display MIB-object information.
Read write (RW)
Requests accompanied by the string can display MIB-object information and set MIB objects.
Adding Trap Managers
A trap manager is a management station that receives and processes traps. When you configure a trap manager, community strings for each member switch must be unique. If a member switch has an IP address assigned to it, the management station accesses the switch via the IP address.
By default, no trap manager is defined, and no traps are issued.
Figure 3-17 SNMP Configuration - Part 2
Select a check box to enable on of the following classes of traps:
CLI Commands for Adding a Trap Manager
Beginning in privileged EXEC mode, follow these steps to add a trap manager and community string:
