Table Of Contents
Finding More Information About IOS Commands
Managing Configuration Conflicts
Features, Default Settings, and Descriptions
Configuring Standalone Switches
Enabling the Switch as a Command Switch
Creating EtherChannel Port Groups
Understanding EtherChannel Port Grouping
Port Group Restrictions on Static-Address Forwarding
CLI: Creating EtherChannel Port Groups
CLI: Enabling Switch Port Analyzer
CLI: Disabling Switch Port Analyzer
Managing the System Date and Time
Setting the System Date and Time
Configuring Daylight Saving Time
Configuring the Network Time Protocol
Configuring the Switch as an NTP Client
Configuring the Switch for NTP Broadcast-Client Mode
Manually Assigning IP Information to the Switch
CLI: Assigning IP Information to the Switch
Specifying a Domain Name and Configuring the DNS
Managing the MAC Address Tables
Changing the Address Aging Time
CLI: Configuring the Aging Time
CLI: Removing Dynamic Address Entries
CLI: Removing Secure Addresses
Adding and Removing Static Addresses
Configuring Static Addresses for EtherChannel Port Groups
CLI: Removing Static Addresses
Defining the Maximum Secure Address Count
Configuring the Cisco Discovery Protocol
CLI: Configuring CDP for Extended Discovery
Enabling or Disabling IGMP Snooping
CLI: Enabling or Disabling IGMP Snooping
CLI: Enabling IGMP Immediate-Leave Processing
Statically Configuring a Host to Join a Group
CLI: Statically Configuring a Interface to Join a Group
Configuring a Multicast Router Port
CLI: Configuring a Multicast Router Port
Configuring the Spanning Tree Protocol
Using STP to Support Redundant Connectivity
Accelerating Aging to Retain Connectivity
Configuring Redundant Links By Using STP UplinkFast
Changing STP Parameters for a VLAN
CLI: Changing the STP Implementation
CLI: Changing the Switch Priority
CLI: Changing the BPDU Message Interval
CLI: Changing the Hello BPDU Interval
CLI: Changing the Forwarding Delay Time
Enabling the Port Fast Feature
CLI: Changing the Port Priority
CLI: Configuring STP Root Guard
CLI: Configuring UniDirectional Link Detection
CLI: Configuring Protected Ports
CLI Procedures for Configuring TACACS+
CLI: Configuring the TACACS+ Server Host
CLI: Configuring Login Authentication
CLI: Specifying TACACS+ Authorization for EXEC Access and Network Services
CLI: Starting TACACS+ Accounting
CLI: Configuring a Switch for Local AAA
Configuring the Switch for Remote Monitoring
Managing Switches
This chapter describes how to use the device-management features of the Cluster Management Suite (CMS). The features described in this chapter can all be implemented through Visual Switch Manager (VSM), the web-based interface for managing standalone switches, or through Cluster Manager. If you need information on how to group your switches into a cluster, see "Creating and Managing Clusters."
This chapter describes two ways to configure switches:
•
By using CMS windows to monitor and configure switches and ports.
How-to procedures for using the windows are in the online help.
•
CLI procedures are included for many tasks in this chapter. There are some features that can only be implemented by using the CLI.
Finding More Information About IOS Commands
This guide describes only the IOS commands that have been created or changed for the Catalyst 2950 switches. These commands are further described in the Catalyst 2950 Desktop Switch Command Reference.
For information on other IOS Release 12.0 commands, refer to the Cisco IOS Release 12.0 documentation set available on Cisco.com.
Managing Configuration Conflicts
Certain combinations of port features create configuration conflicts (see Table 4-1). If you try to enable incompatible features, CMS issues a warning message, and you cannot make the change. Reload the page to refresh CMS.
In Table 4-1, No means that the two referenced features are incompatible and should not both be enabled; yes means that both can be enabled at the same time and will not cause an incompatibility conflict.
Features, Default Settings, and Descriptions
You can configure the software features of this release by using any of the available interfaces. Table 4-2 lists the most important features, their defaults, and where they are described in this guide.
Table 4-2 Default Settings and Where To Change Them
Creating clusters
None
Cluster Builder
Removing cluster members
None
Cluster Builder
Reloading or Upgrading cluster software
Enabled
Cluster Manager: System > Software Upgrade
Displaying graphs
Enabled
Cluster Manager and Cluster Builder
-
Configuring SNMP community strings and trap managers
None
Cluster Manager: System > SNMP Management
-
Configuring a port
None
Cluster Manager
Switch IP address, subnet mask, and default gateway
0.0.0.0
Cluster Manager: System > IP Management
Dynamic Host Configuration Protocol (DHCP)
DHCP client enabled
-
Management VLAN
VLAN 1
Cluster Manager: Cluster > Management VLAN
Domain name
None
Cluster Manager: System > IP Management
Documentation set for Cisco IOS Release 12.0 on Cisco.com
Cisco Discovery Protocol (CDP)
Enabled
-
Documentation set for Cisco IOS Release 12.0 on Cisco.com
CoS and WRR
Disabled
Cluster Manager: Device > CoS and WRR
"CLI: Configuring CoS Priority Queues" section
Address Resolution Protocol (ARP)
Enabled
Cluster Manager: System > ARP Table
Documentation set for Cisco IOS Release 12.0 on Cisco.com
System Time Management
None
Cluster Manager: Cluster > System Time Management
Documentation set for Cisco IOS Release 12.0 on Cisco.com
Static address assignment
None assigned
Cluster Manager: Security > Address Management
Dynamic address management
Enabled
Cluster Manager: Security > Address Management
"Managing the MAC Address Tables" section and "Changing the Address Aging Time" section
"CLI: Configuring the Aging Time" section
VLAN membership
Static-
access ports in VLAN 1Cluster Manager: VLAN > VLAN Membership
"Displaying VLAN Membership" section
"Assigning Static-Access Ports to a VLAN" section
"CLI: Assigning Static-Access Ports to a VLAN" section
VTP Management
VTP server mode
Cluster Manager: VLAN > VTP Management
Autonegotiation of duplex mode and port speeds
Enabled
Cluster Manager: Port > Port Configuration
Gigabit Ethernet flow control
Any
Cluster Manager > Port Configuration
Storm control
Disabled
Cluster Manager: Port > Flooding Control
IGMP Snooping
Enabled
Cluster Manager: Device > IGMP Snooping
"CLI: Enabling or Disabling IGMP Snooping" section
"CLI: Enabling IGMP Immediate-Leave Processing" section
Hot Standby Router Protocol
Disabled
"CLI: Creating a Standby Group" section
"CLI: Adding Member Switches to a Standby Group" section
Spanning Tree Protocol
Enabled
Cluster Manager: Device > Spanning Tree Protocol
"CLI: Changing the Path Cost" section
"CLI: Changing the Port Priority" section
"CLI: Enabling STP Port Fast" section
Unidirectional link detection
Disabled
-
Port grouping
None assigned
Cluster Manager: Port > Port Grouping (EC)
SPAN port monitoring
Disabled
Cluster Manager: Port > Switch Port Analyzer (SPAN)
Console, buffer, and file logging
Disabled
-
Documentation set for Cisco IOS Release 12.0 on Cisco.com
Remote monitoring (RMON)
Disabled
Documentation set for Cisco IOS Release 12.0 on Cisco.com
Password
None
Addressing security
Disabled
Cluster Manager: Security > Address Management
Trap manager
0.0.0.0
Cluster Manager: System > SNMP Management
"CLI: Adding a Trap Manager" section
Community strings
public
Cluster Manager: System > SNMP Configuration
Documentation set for Cisco IOS Release 12.0 on Cisco.com
Port security
Disabled
Cluster Manager: Security > Port Security
TACACS+
Disabled
Protected Port
Disabled
Configuring Standalone Switches
Visual Switch Manager (VSM) is one of the CMS interfaces for managing individual switch features. If you are configuring a standalone switch, you can access VSM directly by entering the switch IP address in the browser Location field (Netscape Communicator) or Address field (Internet Explorer). Click Cluster Management Suite or Visual Switch Manager on the Cisco Systems Access Page, and the switch senses that the IP address refers to a standalone switch and displays the VSM home page.
Note
A browser plug-in is required to access the HTML interface. For information on installing the plug-in, refer to the Release Notes for the Catalyst 2950 Cisco IOS Release 12.0(5)WC(1).
Figure 4-1 VSM Home Page
Enabling the Switch as a Command Switch
Before you can create a cluster, one switch must be assigned an IP address and enabled as the command switch. See the "Command Switch Requirements" section to ensure that the switch meets all the requirements.
To enable a command switch, select Cluster > Cluster Command Configuration from the menu bar, and select Enable on the Cluster Configuration window. You can use up to 28 characters to name your cluster. After you have enabled the command switch, select Cluster > Cluster Builder to begin building your cluster. To build your cluster by using the CLI, see the "CLI: Creating a Cluster" section.
Figure 4-2 Enable Command Switch
Changing the Password
If you change the enable secret password, your connection with the switch breaks, and the browser prompts you for the new password. You can only change a password by using the CLI. If you have forgotten your password, see the "Recovering from a Lost or Forgotten Password" section.
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
Creating EtherChannel Port Groups
Use the Port Group (EtherChannel) window (Figure 4-4) to create Fast EtherChannel and Gigabit EtherChannel port groups. These port groups act as single logical ports for high-bandwidth connections between switches or between switches and servers.
To display this window, select Port > Port Grouping (EtherChannel) from the menu bar.
For the restrictions that apply to port groups, see the "Managing Configuration Conflicts" section.
Understanding EtherChannel Port Grouping
This software release supports two different types of port groups: source-based forwarding port groups and destination-based forwarding port groups.
Source-based forwarding port groups distribute packets forwarded to the group based on the source address of incoming packets. You can configure up to eight ports in a source-based forwarding port group. Source-based forwarding is enabled by default.
Destination-based port groups distribute packets forwarded to the group based on the destination address of incoming packets. You can configure up to eight ports in a group.
You can create up to 6 port groups of all source-based, all destination-based, or a combination of source- and destination-based ports. All ports in the group must be of the same type; for example, they must be all source based or all destination based. You can independently configure port groups that link switches, but you must consistently configure both ends of a port group.
In Figure 4-3, a port group of two workstations communicates with a router. Because the router is a single-MAC address device, source-based forwarding ensures that the switch uses all available bandwidth to the router. The router is configured for destination-based forwarding because the large number of stations ensures that the traffic is evenly distributed through the port-group ports on the router.
Figure 4-3 Source-Based Forwarding
The switch treats the port group as a single logical port; therefore, when you create a port group, the switch uses the configuration of the first port for all ports added to the group. If you add a port and change the forwarding method, it changes the forwarding for all ports in the group. After the group is created, changing STP or VLAN membership parameters for one port in the group automatically changes the parameters for all ports. Each port group has one port that carries all unknown multicast, broadcast, and STP packets.
Figure 4-4 Port Grouping (EtherChannel)
Figure 4-5 Port Group Configuration
Port Group Restrictions on Static-Address Forwarding
The following restrictions apply to entering static addresses that are forwarded to port groups:
•
•
CLI: Creating EtherChannel Port Groups
Beginning in privileged EXEC mode, follow these steps to create a two-port group:
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
Enabling Switch Port Analyzer
You can monitor traffic on a given port by forwarding incoming and outgoing traffic on the port to another port in the same VLAN. Use the Switch Port Analyzer (SPAN) window (Figure 4-6) to enable port monitoring on a port, and use the Modify the Ports Being Monitored window (Figure 4-7) to select the port to be monitored. A SPAN port cannot monitor ports in a different VLAN, and a SPAN port must be a static-access port. You can have only one assigned monitor port at any given time. If you select another port as the monitor port, the previous monitor port is disabled, and the newly selected port becomes the monitor port.
To display this window, select Port > Switch Port Analyzer from the menu bar.
For the restrictions that apply to SPAN ports, see the "Managing Configuration Conflicts" section.
Figure 4-6 Switch Port Analyzer (SPAN)
Figure 4-7 Modify the Ports Being Monitored
CLI: Enabling Switch Port Analyzer
Beginning in privileged EXEC mode, follow these steps to enable switch port analyzer:
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
CLI: Disabling Switch Port Analyzer
Beginning in privileged EXEC mode, follow these steps to disable switch port analyzer:
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
Configuring Flooding Controls
Use the Flooding Controls window (Figure 4-8) to block the forwarding of unnecessary flooded traffic.
To display this window, select Port > Flooding Controls from the menu bar.
Enabling Storm Control
A packet storm occurs when a large number of broadcast, unicast, or multicast packets are received on a port. Forwarding these packets can cause the network to slow down or to time out. Storm control is configured for the switch as a whole but operates on a per-port basis. By default, storm control is disabled.
Storm control uses high and low thresholds to block and then restore the forwarding of broadcast, unicast, or multicast packets. You can also set the switch to shut down the port when the rising threshold is reached.
The rising threshold is the number of packets that a switch port can receive before forwarding is blocked. The falling threshold is the number of packets below which the switch resumes normal forwarding. In general, the higher the threshold, the less effective the protection against broadcast storms. The maximum half-duplex transmission on a 100BaseT link is 148,000 packets per second, but you can enter a threshold of up to 4294967295 broadcast packets per second.
To configure storm control, right-click a switch chassis in Cluster Manager, and select Port > Flooding Controls. Select one of the Storm tabs (Figure 4-8), select a port, and click Modify. Set the parameters on the Flooding Controls Configuration pop-up (Figure 4-9).
Figure 4-8 Flooding Controls
Figure 4-9 Flooding Controls Configuration Pop-up
CLI: Enabling Storm Control
With the exception of the broadcast keyword, the following procedure could also be used to enable storm control for unicast or multicast packets.
Beginning in privileged EXEC mode, follow these steps to enable broadcast-storm control.
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
CLI: Disabling Storm Control
Beginning in privileged EXEC mode, follow these steps to disable broadcast-storm control.
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
Managing the System Date and Time
Use the System Time Management window (Figure 4-10) to set the system time for a switch or enable an external source such as Network Time Protocol (NTP) to supply time to the switch.
You can use this window to set the switch time by using one of the following techniques:
•
•
•
To display this window, select Cluster > System Time Management from the menu bar.
Setting the System Date and Time
Enter the date and a 24-hour clock time setting on the System Time Management window. If you are entering the time for an American time zone, enter the three-letter abbreviation for the time zone in the Name of Time Zone field, such as PST for Pacific standard time. If you are identifying the time zone by referring to Greenwich mean time, enter UTC (universal coordinated time) in the Name of Time Zone field. You then must enter a negative or positive number as an offset to indicate the number of time zones between the switch and Greenwich, England. Enter a negative number if the switch is west of Greenwich, England, and east of the international date line. For example, California is eight time zones west of Greenwich, so you would enter -8 in the Hours Offset From UTC field. Enter a positive number if the switch is east of Greenwich. You can also enter negative and positive numbers for minutes.
You can also set the date and time by using the CLI. "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
Figure 4-10 System Time Management
Configuring Daylight Saving Time
To configure daylight saving time, click the Set Daylight Saving Time tab (Figure 4-11). You can configure the switch to change to daylight saving time on a particular day every year, on a day that you enter, or not at all.
Figure 4-11 Set Daylight Savings Time Tab
Configuring the Network Time Protocol
In complex networks, it is often prudent to distribute time information from a central server. The NTP can distribute time information by responding to requests from clients or by broadcasting time information. You can use the Network Time Protocol window (Figure 4-12) to enable these options and to enter authentication information to accompany NTP client requests.
To display this window, click Network Time Protocol on the System Time Management window.
You can also configure NTP by using the CLI. "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
Figure 4-12 Network Time Protocol
Configuring the Switch as an NTP Client
You configure the switch as an NTP client by entering the IP addresses of up to ten NTP servers in the IP Address field. Click Preferred Server to specify which server should be used first. You can also enter an authentication key to be used as a password when requests for time information are sent to the server.
Enabling NTP Authentication
To ensure the validity of information received from NTP servers, you can authenticate NTP messages with public-key encryption. This procedure must be coordinated with the administrator of the NTP servers: the information you enter on this window will be matched by the servers to authenticate it.
Click Help for more information about entering information in the Key Number, Key Value, and Encryption Type fields.
Configuring the Switch for NTP Broadcast-Client Mode
You can configure the switch to receive NTP broadcast messages if there is an NTP broadcast server, such as a router, broadcasting time information on the network. You can also enter a delay in the Estimated Round-Trip Delay field to account for round-trip delay between the client and the NTP broadcast server.
Configuring IP Information
Use the IP Management window (Figure 4-13) to change or enter IP information for the switch. Some of this information, such as the IP address was previously entered.
You can use this window to perform the following tasks:
•
•
•
To display this window, select System > IP Management from the menu bar.
Figure 4-13 IP Management—IP Configuration Tab
You can assign IP information to your switch in these ways:
•
•
•
Manually Assigning IP Information to the Switch
You can manually assign an IP address, mask, and default gateway to the switch through the management console. This information is displayed in the IP Address, IP Mask, and Default Gateway fields of the IP Management window.
You can change the information in these fields. The mask identifies the bits that denote the network number in the IP address. When you use the mask to subnet a network, the mask is then referred to as a subnet mask. The broadcast address is reserved for sending messages to all hosts. The CPU sends traffic to an unknown IP address through the default gateway.
Caution
CLI: Assigning IP Information to the Switch
Beginning in privileged EXEC mode, follow these steps to enter the IP information:
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
CLI: Removing an IP Address
Use the following procedure to remove the IP information from a switch.
Note
Beginning in privileged EXEC mode, follow these steps to remove an IP address:
Caution
The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.
DHCP-Based Autoconfiguration
The DHCP provides configuration information to Internet hosts and internetworking devices. This protocol consists of two components: one for delivering configuration parameters from a DHCP server to a device and a mechanism for allocating network addresses to devices. DHCP is built on a client-server model, where designated DHCP servers allocate network addresses and deliver configuration parameters to dynamically configured devices.
With DHCP-based autoconfiguration, your switch (DHCP client) can be automatically configured at startup with IP address information and a configuration file that it receives during DHCP-based autoconfiguration.
With DHCP-based autoconfiguration, no DHCP client-side configuration is required on your switch. However, you need to configure the DHCP server for various lease options. You might also need to configure a TFTP server, a Domain Name System (DNS) server, and possibly a relay device if the servers are on a different LAN than your switch. A relay device forwards broadcast traffic between two directly connected LANs. A router does not forward broadcast packets, but it forwards packets based on the destination IP address in the received packet. DHCP-based autoconfiguration replaces the BOOTP client functionality on your switch.
DHCP Client Request Process
When you boot your switch, the DHCP client can be invoked and automatically request configuration information from a DHCP server under the following conditions:
•
•
•
Figure 4-14 shows the sequence of messages that are exchanged between the DHCP client and the DHCP server.
Figure 4-14 DHCP Request for IP Information from a DHCP Server
The client, Switch A, broadcasts a DHCPDISCOVER message to locate a DHCP server. The DHCP server offers configuration parameters (such as an IP address, subnet mask, gateway IP address, DNS IP address, a lease for the IP address, and so forth) to the client in a DHCPOFFER unicast message.
In a DHCPREQUEST broadcast message, the client returns a formal request for the offered configuration information to the DHCP server. The formal request is broadcast so that all other DHCP servers that received the DHCPDISCOVER broadcast message from the client can reclaim the IP addresses that they offered to the client.
The DHCP server confirms that the IP address has been allocated to the client by returning a DHCPACK unicast message to the client. With this message, the client and server are bound, and the client uses configuration information received from the server. The amount of information the switch receives depends on how you configure the DHCP server. For more information, see the "Configuring the DHCP Server" section.
If the configuration parameters sent to the client in the DHCPOFFER unicast message by the DHCP server are invalid (a configuration error exists), the client returns a DHCPDECLINE broadcast message to the DHCP server.
The DHCP server sends the client a DHCPNAK denial broadcast message, which means the offered configuration parameters have not been assigned, an error has occurred during the negotiation of the parameters, or the client has been slow in responding to the DHCPOFFER message (the DHCP server assigned the parameters to another client) of the DHCP server.
A DHCP client might receive offers from multiple DHCP or BOOTP servers and can accept any one of the offers; however, the client usually accepts the first offer it receives. The offer from the DHCP server is not a guarantee that the IP address will be allocated to the client; however, the server usually reserves the address until the client has had a chance to formally request the address. If the switch accepts replies from a BOOTP server and configures itself, the switch will broadcast, instead of unicast, TFTP requests to obtain the switch configuration file.
Configuring the DHCP Server
You should configure the DHCP servers with reserved leases that are bound to each switch by the switch hardware address. If the DHCP server does not support reserved leases, the switch can obtain different IP addresses and configuration files at different boot instances. You should configure the DHCP server with the following lease options:
•
•
•
•
•
•
•
If you do not configure the DHCP server with the lease options described earlier, then it replies to client requests with only those parameters that have available values. If the IP address and subnet mask are not in the reply, the switch is not configured. If the DNS server IP address, router IP address, or TFTP server name are not found, the switch might broadcast TFTP requests. Unavailability of other lease options does not affect autoconfiguration.
Note
The DHCP server can be on the same or a different LAN as the switch. If it is on a different LAN, the switch must be able to access it through a relay device. The DHCP server can be running on a UNIX or Linux operating system; however, the Windows NT operating system is not supported in this release.
For more information, see the "Configuring the Relay Device" section. You must also set up the TFTP server with the switch configuration files; for more information, see the next section.
Configuring the TFTP Server
The TFTP server must contain one or more configuration files in its base directory. The files can include the following:
•
•
•
You must specify the TFTP server name in the DHCP server lease database. You must also specify the TFTP server name-to-IP-address mapping in the DNS server database.
The TFTP server can be on the same or a different LAN as the switch. If it is on a different LAN, the switch must be able to access it through a relay device or a router. For more information, see the "Configuring the Relay Device" section.
If the configuration filename is provided in the DHCP server reply, the configuration files for multiple switches can be spread over multiple TFTP servers. However, if the configuration filename is not provided, then the configuration files must reside on a single TFTP server.
Configuring the DNS
The switch uses the DNS server to resolve the TFTP server name to a TFTP server IP address. You must configure the TFTP server name-to-IP address map on the DNS server. The TFTP server contains the configuration files for the switch.
You must configure the IP addresses of the DNS servers in the lease database of the DHCP server from where the DHCP replies will retrieve them. You can enter up to two DNS server IP addresses in the lease database.
The DNS server can be on the same or a different LAN as the switch. If it is on a different LAN, the switch must be able to access it through a relay device or router. For more information, see the "Configuring the Relay Device" section.
Configuring the Relay Device
You need to use a relay device if the DHCP, DNS, or TFTP servers are on a different LAN than the switch. You must configure this relay device to forward received broadcast packets on an interface to the destination host. This configuration ensures that broadcasts from the DHCP client can reach the DHCP, DNS, and TFTP servers and that broadcasts from the servers can reach the DHCP client.
If the relay device is a Cisco router, you enable IP routing (ip routing global configuration command) and configure it with helper addresses by using the ip helper-address interface configuration command.
For example, in Figure 4-15, you configure the router interfaces as follows:
On interface 10.0.0.2:
router(config-if)# ip helper-address 20.0.0.2router(config-if)# ip helper-address 20.0.0.3router(config-if)# ip helper-address 20.0.0.4On interface 20.0.0.1
router(config-if)# ip helper-address 10.0.0.1Figure 4-15 Relay Device Used in Autoconfiguration
Obtaining Configuration Files
Depending on the availability of the IP address and the configuration filename in the DHCP reserved lease, the switch obtains its configuration information in the following ways:
•
The switch receives its IP address, subnet mask, and configuration filename from the DHCP server. It also receives a DNS server IP address and a TFTP server name. The switch sends a DNS request to the DNS server, specifying the TFTP server name, to obtain the TFTP server address. Then the switch sends a unicast message to the TFTP server to retrieve the named configuration file from the base directory of the server, and upon receipt, completes its boot-up process.
•
The switch follows the same configuration process described above.
•
The switch receives its IP address and subnet mask from the DHCP server. It also receives a DNS server IP address and a TFTP server name. The switch sends a DNS request to the DNS server, specifying the TFTP server name, to obtain the TFTP server address.
The switch sends a unicast message to the TFTP server to retrieve the network-confg or cisconet.cfg default configuration file. (If the network-confg file cannot be read, the switch reads the cisconet.cfg file.)
The default configuration file contains the host names-to-IP-address mapping for the switch. The switch fills its host table with the information in the file and obtains its host name. If the host name is not found in the file, the switch uses the host name in the DHCP reply. If the host name is not specified in the DHCP reply, the switch uses the default "Switch" as its host name.
After obtaining its host name from the default configuration file or the DHCP reply, the switch reads the configuration file that has the same name as its host name (hostname-confg or hostname.cfg, depending on whether network-confg or cisconet.cfg was read earlier) from the TFTP server. If the cisconet.cfg file is read, the filename of the host is truncated to eight characters.
If the switch cannot read the network-confg, cisconet.cfg, or the host-name file, it reads the router-confg file. If the switch cannot read the router-confg file, it reads the ciscortr.cfg file.
Note
Example Configuration
Figure 4-16 shows a sample network for retrieving IP information using DHCP-based autoconfiguration.
Figure 4-16 DHCP-Based Autoconfiguration Network Example
Table 4-3 shows the configuration of the reserved leases on the DHCP server.
DNS Server Configuration
The DNS server maps the TFTP server name maritsu to IP address 10.0.0.3.
TFTP Server Configuration (on UNIX)
The TFTP server base directory is set to /tftpserver/work/. This directory contains the network-confg file used in the two-file read method. This file contains the host name to be assigned to the switch based on its IP address. The base directory also contains a configuration file for each switch (switch1-confg, switch2-confg, and so forth) as shown in the following display:
prompt> cd /tftpserver/work/prompt> lsnetwork-confgswitch1-confgswitch2-confgswitch3-confgswitch4-confgprompt> cat network-confgip host switch1 10.0.0.21ip host switch2 10.0.0.22ip host switch3 10.0.0.23ip host switch4 10.0.0.24DHCP Client Configuration
No configuration file is present on Switch 1 through Switch 4.
Configuration Explanation
In Figure 4-16, Switch 1 reads its configuration file as follows:
•
•
•
•
•
Switches 2 through 4 retrieve their configuration files and IP addresses in the same way.
Specifying a Domain Name and Configuring the DNS
Each unique Internet Protocol (IP) address can have a host name associated with it. The IOS software maintains a cache of host name-to-address mappings for use by the EXEC mode connect, telnet, ping, and related Telnet support operations. This cache speeds the process of converting names to addresses.
IP defines a hierarchical naming scheme that allows a device to be identified by its location or domain. Domain names are pieced together with periods (.) as the delimiting characters. For example, Cisco Systems is a commercial organization that IP identifies by a
