Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Catalyst 2950 Series Switches

Release Notes for the Catalyst 2950 Switch, Cisco IOS Release 12.1(14)AZ

Downloads

Table Of Contents

Release Notes for the Catalyst 2950 Switch
Cisco IOS Release 12.1(14)AZ

Contents

System Requirements

Hardware Supported

Hardware Not Supported

Software Compatibility

Recommended Platform Configuration for Web-Based Management

Operating System and Browser Support

Supported Java Plug-Ins

Java Plug-In Notes

Cluster Capability

Downloading Software

Determining the Software Version and Feature Set

Determining Which Files to Use

Upgrading a Switch by Using CMS

Upgrading a Switch by Using the CLI

Downloading the Software

Copying the Current Startup Configuration from the Switch to a PC or Server

Using the CLI to Upgrade a Catalyst 2950 Switch

Recovering from Software Failure

Installation Notes

Setting Up the Catalyst 2950 Switch Initial Configuration

New Features

Limitations and Restrictions

Cisco IOS Limitations and Restrictions

CMS Limitations and Restrictions

Cluster Limitations And Restrictions

Hardware and Software Compatibility Matrixes

Important Notes

Cisco IOS Notes

CMS Notes

Open Caveats

Open Cisco IOS Caveats

Open CMS Caveats

Documentation Updates

Correction to the Catalyst 2950 Switch Hardware Installation Guide

Corrections to the Software Configuration Guide and Command Reference

ip igmp snooping report-suppression

Related Documentation

Obtaining Documentation

Cisco.com

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Cisco TAC Website

Cisco TAC Escalation Center

Obtaining Additional Publications and Information


Release Notes for the Catalyst 2950 Switch
Cisco IOS Release 12.1(14)AZ

October 2003

Cisco IOS Release 12.1(14)AZ runs on Catalyst 2950 switches.

Note This release supports only the non-LRE Catalyst 2950 switches.

These release notes include important information about this release and any limitations, restrictions, and caveats that apply to it. To verify that these are the correct release notes for your switch:

If you are installing a new switch, refer to the Cisco IOS release label on the rear panel of your switch.

If your switch is running, you can use the show version user EXEC command. See the "Determining the Software Version and Feature Set" section.

If you are upgrading to a new release, refer to the software upgrade filename for the Cisco IOS version.

For the complete list of Catalyst 2950 switch documentation, see the "Related Documentation" section.

You can download the switch software from these sites:

http://www.cisco.com/public/sw-center/sw-lan.shtml

(for registered Cisco.com users with a login password)

http://www.cisco.com/public/sw-center/sw-lan.shtml

(for nonregistered Cisco.com users)

This release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future releases become available, they will be posted to Cisco.com (previously Cisco Connection Online [CCO]) in the Cisco IOS software area.

Contents

This information is in the release notes:

"System Requirements" section

"Downloading Software" section

"Installation Notes" section

"New Features" section

"Limitations and Restrictions" section

"Important Notes" section

"Open Caveats" section

"Documentation Updates" section

"Related Documentation" section

"Ordering Documentation" section

"Obtaining Technical Assistance" section

System Requirements

The system requirements for this release are described in these sections:

"Hardware Supported" section

"Hardware Not Supported" section

"Software Compatibility" section

"Cluster Capability" section

Hardware Supported

The Catalyst 2950 switch is supported by either the standard software image (SI) or the enhanced software image (EI).

The EI provides a richer set of features, including access control lists (ACLs), enhanced quality of service (QoS) features, extended-range VLANs, the IEEE 802.1W Rapid Spanning Tree Protocol (RSTP), and the IEEE 802.1S Multiple STP (MSTP). The enhanced crypto software image supports the Secure Shell (SSH) protocol.

For information about the software releases that support the switches listed in Table 1, see the "Hardware and Software Compatibility Matrixes" section.

Table 1 lists the hardware supported by this release:

Table 1 Hardware Supported 

Hardware
Software Image
Description

Catalyst 2950-12

SI

12 fixed autosensing 10/100 Ethernet ports

Catalyst 2950-24

SI

24 fixed autosensing 10/100 Ethernet ports

Catalyst 2950C-24

EI

24 fixed autosensing 10/100 Ethernet ports and 2 100BASE-FX ports

Catalyst 2950G-12-EI

EI

12 fixed autosensing 10/100 Ethernet ports and 2 GBIC1 module slots

Catalyst 2950G-24-EI 

EI

24 fixed autosensing 10/100 Ethernet ports and 2 GBIC module slots

Catalyst 2950G-24-EI-DC

EI

24 fixed autosensing 10/100 Ethernet ports and 2 GBIC module slots with DC-input power

Catalyst 2950G-48-EI

EI

48 fixed autosensing 10/100 Ethernet ports and 2 GBIC module slots

Catalyst 2950SX-24

SI

24 fixed autosensing 10/100 Ethernet ports and 2 1000BASE-SX ports

Catalyst 2950T-24

EI

24 fixed autosensing 10/100 Ethernet ports and 2 10/100/1000 Ethernet ports2

Catalyst 2950SX-48-SI

SI

48 fixed autosensing10/100 Ethernet ports and 2 1000BASE-SX ports.

Catalyst 2950T-48-SI

SI

48 fixed autosensing 10/100 Ethernet ports and 2 10/100/1000 Ethernet ports.

GBIC modules

1000BASE-SX GBIC

1000BASE-LX/LH GBIC

1000BASE-ZX GBIC

1000BASE-T GBIC (model WS-5483)

CWDM3 fiber-optic GBIC4

GigaStack GBIC

Redundant power system

Cisco RPS 300 Redundant Power System

Cisco RPS 675 Redundant Power System

SFP modules

1000BASE-SX SFP module

1000BASE-LX\LH SFP module

1000BASE-ZX SFP module

1000BASE-T SFP module

1 GBIC = Gigabit Interface Converter

2 The 10/100/1000 interfaces on the Catalyst 2950T-24 switch do not support the half keyword in the duplex command.

3 CDWM = Coarse Wave Division Multiplexer

4 This feature is only supported when your switch is running the EI.


Hardware Not Supported

Table 2 lists the hardware that is not supported by this release:

Table 2 Hardware Not Supported

Hardware
Description

GBIC module

1000BASE-T GBIC (model WS-G5482)

Redundant power system

Cisco RPS 600 Redundant Power System


Software Compatibility

These are the software compatibility requirements for this release:

"Recommended Platform Configuration for Web-Based Management" section

"Operating System and Browser Support" section

"Supported Java Plug-Ins" section

"Java Plug-In Notes" section

Recommended Platform Configuration for Web-Based Management

Table 3 lists the recommended platforms for web-based management.

Table 3 Recommended Platform Configuration for Web-Based Management

OS
Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Windows NT 4.01

Pentium 300 MHz

128 MB

65,536

1024 x 768

Small

Solaris 2.5.1 or higher

SPARC 333 MHz

128 MB

Most colors for applications

Small (3)

1 Service Pack 3 or higher is required.


The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM.

Note These are only the recommended configurations for running CMS. For information about all supported operating systems, see the next section.

Operating System and Browser Support

You can access the web-based interfaces by using the operating systems and browsers listed in Table 4. CMS checks the browser version when starting a session to ensure that the browser is supported.

Table 4 Supported Operating Systems and Browsers

Operating System
Minimum Service Pack or Patch
Netscape Communicator1
Microsoft Internet Explorer2

Windows 95

Service Pack 1

4.75, 6.22, or 6.23

5.5 or 6.0

Windows 98

Second Edition

4.75, 6.22, or 6.23

5.5 or 6.0

Windows NT 4.0

Service Pack 3 or later

4.75, 6.22, or 6.23

5.5 or 6.0

Windows 2000

None

4.75, 6.22, or 6.23

5.5 or 6.0

Windows XP

None

4.75, 6.22, or 6.23

5.5 or 6.0

Solaris 2.5.1 or later

Sun-recommended patch cluster for the OS and Motif library patch 103461-24

4.75, 6.22, or 6.23

Not supported

1 Netscape Communicator version 6.0 is not supported.

2 Service Pack 1 or higher is required for Internet Explorer 5.5.


Note If your browser is Internet Explorer and you receive an error message stating that the page might not display correctly because your security settings prohibit running activeX controls, this might mean that your security settings are set too high. To lower security settings, go to Tools > Internet Options, and select the Security tab. Select the indicated Zone, and move the Security Level for this Zone slider from High to Medium (the default).

Note In Cluster Management displays, Internet Explorer versions 4.01 and 5.0 might not display edge devices that are not connected to the command switch. Other functionality is similar to that of Netscape Communicator.

Supported Java Plug-Ins

One of the these Java plug-ins is required for the browser to access and run the Java-based CMS:

Java plug-in 1.4

Java plug-in 1.3.1

These Java plug-ins are supported both in Windows environments and on Solaris platforms. You can download the plug-ins and installation instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

Note Only one of these Java plug-ins is required for CMS. Do not install more than one Java plug-in.

On Solaris platforms, follow the instructions in the README_FIRST.txt file to install the Java plug-in.

Java Plug-In Notes

These notes apply to Java plug-in configuration:

To verify that a supported version of the Java plug-in is installed, select Start > Settings > Control Panel. The Java plug-in is listed with the version number in the Control Panel menu.

If you have installed the Java plug-in but CMS still does not launch, make sure that the plug-in is enabled by selecting Start > Settings > Control Panel > Java Plug-in. Click the Basic tab, select Enable Java Plug-in, and click Apply.

If the Java applet does not initialize after you have installed and enabled the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these settings:

In the Proxies tab, verify that Use browser settings is checked and that no proxies are enabled.

If you are running an Internet virus checker on Windows 2000 and the plug-in takes a long time to load, you can speed up CMS operation by disabling the virus checker filter option or download option or both.

From the Start menu on McAfee VirusScan, disable the VirusScan Internet Filter option, the Download Scan option, or both by selecting Start > Programs > Network Associates > Virus Scan Console > Configure.

or

From the taskbar, right-click the Virus Shield icon and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan. Windows XP, Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Plug-Ins

Cluster Capability

When creating a switch cluster, we recommend configuring the highest-end switch in your cluster as the command switch.

A Catalyst 2950 switch can be a command switch or a member of a switch cluster.

If your cluster has Catalyst 2950, Catalyst 2955, Catalyst 2940, Catalyst 2900 XL, and Catalyst 3500 XL switches, the Catalyst 2950 switch should be the command switch. The Catalyst 2950 switch that has the latest software should be the command switch.

Table 5 lists the cluster capabilities and minimum software versions for the switches. The switches are listed in the order of highest to lowest end switch. A lower-end switch cannot be the command switch of a switch listed above it in the table. For example, a Catalyst 2940 switch cannot be the command switch of a cluster that has Catalyst 2950 or Catalyst 3550 switches.

Table 5 Switch Software and Cluster Capability 

Switch
Cisco IOS Release
Cluster Capability

Catalyst 3750

Cisco IOS Release 12.1(11)AX or later

Member or command switch

Catalyst 3550

Cisco IOS Release 12.1(4)EA1 or later

Member or command switch

Catalyst 2970

Cisco IOS Release 12.1(11)AX later

Member or command switch

Catalyst 2955

Cisco IOS Release 12.1(12c)EA1 or later

Member or command switch

Catalyst 2950

Cisco IOS Release 12.0(5.2)WC(1) or later

Member or command switch

Catalyst 2950 LRE

Cisco IOS Release 12.1(11)JY or later

Member or command switch

Catalyst 2940

Cisco IOS Release 12.1(13)AY or later

Member or command switch

Catalyst 3500 XL

Cisco IOS Release 12.0(5.1)XU or later

Member or command switch

Catalyst 2900 XL (8-MB switches)

Cisco IOS Release 12.0(5.1)XU or later

Member or command switch

Catalyst 2900 XL (4-MB switches)

Cisco IOS Release 11.2(8.5)SA6 (recommended)

Member switch only1

Catalyst 1900 and 2820

Cisco IOS Release 9.00(-A or -EN)

Member switch only

1 Catalyst 2900 XL (4-MB) switches appear in the front-panel and topology views of CMS. However, CMS does not support configuration or monitoring of these switches.


Some versions of the Catalyst 2900 XL software do not support clustering, and if you have a cluster with switches that are running different versions of software, software features added on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a Catalyst 2900 XL switch running Cisco IOS Release 11.2(8)SA6, the windows and functionality can be different from a switch running Cisco IOS Release 12.0(5)WC(1) or later.

Note The CMS is not forward-compatible, which means that if a member switch is running a software version that is newer than the release running on the command switch, the new features are not available on the member switch. If the member switch is a new device supported by a software release that is later than the software release on the command switch, the command switch cannot recognize the member switch and it is displayed as an unknown device in the Front Panel view. You cannot configure any parameters or generate a report through CMS for that member; instead, you must launch the Device Manager application to perform configuration and obtain reports for that member.

Downloading Software

This section describes these procedures for downloading software:

"Determining the Software Version and Feature Set" section

"Determining Which Files to Use" section

"Upgrading a Switch by Using the CLI" section

"Recovering from Software Failure" section

For information about the software releases that support the Catalyst 2950 switches, see the "Limitations and Restrictions" section.

Note Before downloading software, read this section for important information.

Note The Catalyst 2950-12 and Catalyst 2950-24 switches cannot be upgraded to Cisco IOS Release 12.1(6)EA2, Cisco IOS Release 12.1(6)EA2a, or Cisco IOS Release 12.1(6)EA2b. They can be upgraded to Cisco IOS Release 12.1(6)EA2c or later.

When you upgrade a switch, the switch continues to operate while the new software is copied to Flash memory. If Flash memory has enough space, the new image is copied to the selected switch but does not replace the running image until you reboot the switch. If a failure occurs during the copy process, you can still reboot your switch by using the old image. If Flash memory does not have enough space for two images, the new image is copied over the existing one. Features provided by the new software are not available until you reload the switch.

If a failure occurs while copying a new image to the switch, and the old image has already been deleted, refer to the "Recovering from Corrupted Software" section in the "Troubleshooting" chapter of the software configuration guide for this release.

Note If you are upgrading a switch that is running a release earlier than Cisco IOS Release 12.1(11)EA1, this release includes a bootloader upgrade. The bootloader can take up to 30 seconds to upgrade.

Caution Do not power cycle the switch while you are copying an image to the switch. If a power failure occurs while you are copying the software image to the switch, call Cisco Systems immediately.

Determining the Software Version and Feature Set

The image is stored as a .bin file in a directory that is named with the Cisco IOS release number. A subdirectory contains the files needed for web management. The image is stored on the system board Flash device (flash:).

You can use the show version user EXEC command to see the software version that is running on your switch. In the display, check the line that begins with System image file is. This line shows the directory name in Flash memory where the image is stored. A couple of lines below the image name, you see Running Enhanced Image if you are running the EI or Running Standard Image if you are running the SI.

Note Although the show version output always shows the software image running on the switch (SI or EI), the model name shown at the end of this display is the factory configuration and does not change if you upgrade the software image.

You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in Flash memory.

Determining Which Files to Use

The upgrade procedures in these release notes describe how to perform the upgrade by using a combined .tar file. This file contains both the Cisco IOS image file and the CMS files. You must use the combined .tar file to upgrade the switch through the CMS.

The .tar file is an archive file from which you can extract files by using the archive tar command.

Note If you are upgrading from a release earlier than Cisco IOS Release 12.1(6)EA2, use the tar command instead of the archive tar command.

Table 6 lists the software filenames for this Cisco IOS release.

Table 6 Catalyst 2950 Cisco IOS Software Files

Filename
Description

c2950-i6k2l2q4-tar.121-14.AZ.tar

Catalyst 2950 SI1 and EI files. This includes the enhanced crypto Cisco IOS image and CMS files.

c2950-i6q4l2-tar.121-14.AZ.tar

Catalyst 2950 SI and EI files. This includes the enhanced and standard Cisco IOS image, and CMS files.

1 Switches that support only the SI cannot run the crypto image. For more information, see the SI-only switches listed in Table 1 and the "Cisco IOS Limitations and Restrictions" section.


Upgrading a Switch by Using CMS

You can upgrade switch software by using CMS. From the menu bar, select Administration > Software Upgrade. For detailed instructions, click Help.

Note If you are upgrading a switch that is running a release earlier than Cisco IOS Release 12.1(11)EA1, this release includes a bootloader upgrade. The bootloader can take up to 30 seconds to upgrade.

Caution Do not power cycle the switch while you are copying an image to the switch. If a power failure occurs when you are copying the software image to the switch, call Cisco Systems immediately.

Upgrading a Switch by Using the CLI

To download switch software by using the CLI, follow these procedures in this order:

1. Decide which software files to download from Cisco.com (see the "Determining the Software Version and Feature Set" section).

2. Download the .tar file from Cisco.com (see the "Downloading the Software" section).

Use the archive tar command to extract the image and the CMS files from the .tar file during the TFTP copy to the switch. If you are upgrading from a release earlier than Cisco IOS Release 12.1(6)EA2, use the tar command instead of the archive tar command.

3. Copy the current startup configuration file (see the "Copying the Current Startup Configuration from the Switch to a PC or Server" section).

4. If you are using the CLI to upgrade a Catalyst 2950 switch, see the "Using the CLI to Upgrade a Catalyst 2950 Switch" section.

Note If you are upgrading from a Cisco IOS release earlier than Cisco IOS Release 12.1(6)EA2, use the tar command instead of the archive tar command as described in the "Using the CLI to Upgrade a Catalyst 2950 Switch" section.

Downloading the Software

This procedure is for copying the combined .tar file to the Catalyst 2950 switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.

Note If you do not have access to a TFTP server, download it before downloading the software.

Follow these steps to download the software from Cisco.com to your management station:

Step 1 Use Table 6 to identify the files that you want to download.

Step 2 Download the files from one of these locations:

If you have a SmartNet support contract, go to this URL, and log in to download the appropriate files:

http://www.cisco.com/public/sw-center/sw-lan.shtml

If you do not have a SmartNet contract, go to this URL, follow the instructions to register on Cisco.com, and download the appropriate files:

http://www.cisco.com/public/sw-center/sw-lan.shtml

To download the files, select Catalyst 2950 for a Catalyst 2950 switch.

To obtain authorization and download the enhanced crypto software files, select Catalyst 2950 Strong Cryptographic (3DES) Software for a Catalyst 2950 switch.

Step 3 Use the CLI or web-based interface to perform a TFTP transfer of the file or files to the switch after you have downloaded them to your PC or workstation.

New features provided by the software are not available until you reload the software.

Copying the Current Startup Configuration from the Switch to a PC or Server

When you make changes to a switch configuration, your changes become part of the running configuration. When you enter the command to save those changes to the startup configuration, the switch copies the configuration to the config.text file in Flash memory. To ensure that you can recreate the configuration if a switch fails, you might want to copy the config.text file from the switch to a PC or server.

This procedure requires a configured TFTP server.

Beginning in privileged EXEC mode, follow these steps to copy a switch configuration file to the PC or server that has the TFTP server application:

Step 1 Copy the file in Flash memory to the root directory of the TFTP server: 

switch# copy flash:config.text tftp

Step 2 Enter the IP address of the device where the TFTP server resides: 

Address or name of remote host []? ip_address

Step 3 Enter the name of the destination file (for example, config.text): 

Destination filename [config.text]? yes/no

Step 4 Verify the copy by displaying the contents of the root directory on the PC or server.

Using the CLI to Upgrade a Catalyst 2950 Switch

Use this procedure for upgrading Catalyst 2950 switch by copying the .tar file to the switch. You copy the files to the switch from a TFTP server and extract the files by entering the archive tar command, with these results:

Changes the name of the current image file to the name of the new file that you are copying and replaces the old image file with the new one. Perform this step only if you have space available on your switch.

Disables access to the CMS pages and deletes the existing CMS files before the software upgrade to avoid a conflict if users access the web pages during the software upgrade.

Re-enables access to the CMS pages after the upgrade is complete.

Note If you are upgrading a switch that is running a release earlier than Cisco IOS Release 12.1(11)EA1, this release includes a bootloader upgrade. The bootloader can take up to 30 seconds to upgrade.

Caution Do not power cycle the switch while you are copying an image to the switch. If a power failure occurs when you are copying the software image to the switch, call Cisco Systems immediately.

Follow these steps to upgrade the switch software by using a TFTP transfer:

Step 1 If your PC or workstation cannot act as a TFTP server, copy the file to a TFTP server to which you have access.

Step 2 Access the CLI by starting a Telnet session or by connecting to the switch console port through the RS-232 connector.

To start a Telnet session on your PC or workstation, enter this command: 

server% telnet switch_ip_address

Enter the Telnet password if you are prompted to do so.

Step 3 Enter privileged EXEC mode: 

switch> enable 
switch#

Enter the password if you are prompted to do so.

Step 4 Remove the CMS files: 

switch# delete flash:html/*

Press Enter to confirm the deletion of each file. Do not press any other keys during this process.

Step 5 Enter this command to copy the new image and CMS files to Flash memory:

Caution In this step, the archive tar command copies the .tar file that contains both the image and the CMS files. If you are upgrading from a release earlier than Cisco IOS Release 12.1(6)EA2, use the tar command instead of the archive tar command. 
switch# archive tar /x tftp://server_ip_address/path/filename.tar flash: 
Loading /path/filename.tar from server_ip_address (via VLAN1):!) 
extracting info (110 bytes)

extracting c2950-i6q4l2-mz.121-13.EA1b.bin (2239579 bytes)!!!!!!!!!!!!!!!!!!!!

html/ (directory)

extracting html/Detective.html.gz (1139 bytes)!

extracting html/ieGraph.html.gz (553 bytes)

extracting html/DrawGraph.html.gz (787 bytes)

extracting html/GraphFrame.html.gz (802 bytes)!

...

Depending on the TFTP server being used, you might need to enter only one slash (/) after the server_ip_address in the archive tar command.

Step 6 Display the name of the running (default) image file (BOOT path-list). This example shows the name in italic: 

switch# show boot 
BOOT path-list:    flash:current_image 
Config file:       flash:config.text 
Enable Break:      1 
Manual Boot:       no 
HELPER path-list:  
NVRAM/Config file 
buffer size: 32768

Step 7 Enter global configuration mode: 

switch# configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.

Step 8 Enter the boot command with the name of the new image filename: 

switch(config)# boot system flash:new_image

For example: 

switch(config)# boot system flash:c2950-i6q4l2-mz.121-13.EA1b.bin

Note If the show boot command entered in Step 6 displays no image name, you do not need to enter this command; the switch automatically finds the correct file to use when it resets.

Step 9 Return to privileged EXEC mode: 

switch(config)# end

Step 10 Reload the new software with this command: 

switch# reload 
System configuration has been modified. Save? [yes/no]:y 
Proceed with reload? [confirm]

Step 11 Press Return to confirm the reload.

Your Telnet session ends when the switch resets.

After the switch reboots, use Telnet to return to the switch, and enter the show version user EXEC command to verify the upgrade procedure. If you have a previously opened browser session to the upgraded switch, close the browser, and start it again to ensure that you are using the latest CMS files.

Recovering from Software Failure

If the software fails, you can reload the software. For detailed recovery procedures, refer to the "Troubleshooting" chapter in the software configuration guide for this release.

Installation Notes

You can assign IP information to your switch by using one of these methods:

The Express Setup program if your Catalyst 2950 switch is running Cisco IOS Release 12.1(14)EA1 or later (Refer to the Catalyst 2950 Switch Hardware Installation Guide.)

The CLI-based setup program (See the "Setting Up the Catalyst 2950 Switch Initial Configuration" section.)

The Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration (Refer to the Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide.)

Manually assigning an IP address (Refer to the Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide.)

Setting Up the Catalyst 2950 Switch Initial Configuration

The first time that you access the switch, it runs a setup program that prompts you for an IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. This information is also required if you plan to use the CMS to configure and manage the switch.

Note If the switch will be a cluster member managed through the IP address of the command switch, it is not necessary to assign IP information or a password. If you are configuring the switch as a standalone switch or as a command switch, you must assign IP information.

Follow these steps to create an initial configuration for the switch:

Step 1 Enter Yes at the first two prompts. 

Would you like to enter the initial configuration dialog? [yes/no]: yes


At any point you may enter a question mark '?' for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.


Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you

to configure each interface on the system.


Would you like to enter basic management setup? [yes/no]: yes

Step 2 Enter a host name for the switch, and press Return.

On a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last character in a host name for any switch. 

Enter host name [Switch]: host_name

Step 3 Enter a secret password, and press Return.

The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces. 

Enter enable secret: secret_password

Step 4 Enter an enable password, and press Return. 

Enter enable password: enable_password

Step 5 Enter a virtual terminal (Telnet) password, and press Return.

The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces. 

Enter virtual terminal password: terminal-password

Step 6 (Optional) Configure the Simple Network Management Protocol (SNMP) by responding to the prompts.

Step 7 Enter the interface name (physical interface or VLAN name) of the interface that connects to the management network, and press Return. For this release, always use VLAN 1 as that interface. 

Enter interface name used to connect to the

management network from the above interface summary: vlan 1

Step 8 Configure the interface by entering the switch IP address and subnet mask and pressing Return: 

Configuring interface vlan1:

Configure IP on this interface? [yes]: yes 

IP address for this interface: 10.4.120.106

Subnet mask for this interface [255.0.0.0]: 255.255.255.0

Step 9 Enter Y to configure the switch as the cluster command switch. Enter N to configure it as a member switch or as a standalone switch.

If you enter N, the switch appears as a candidate switch in the CMS. In this case, the message in Step 10 does not appear. 

Would you like to enable as a cluster command switch? [yes/no]: yes

Step 10 Assign a name to the cluster, and press Return. 

Enter cluster name: cluster_name

The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.

The initial configuration appears: 

The following configuration command script was created:


hostname host_name

enable secret 5 $1$Max7$Qgr9eXBhtcBJw3KK7bc850

enable password my

line vty 0 15

password my_password

snmp-server community public

!

no ip routing

!

interface Vlan1

no shutdown

ip address 172.20.139.145 255.255.255.224

!

interface Vlan2

shutdown

no ip address

!

interface FastEthernet0/1

!

interface FastEthernet0/2

!

...<output abbreviated)

!!!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

end

Step 11 These choices appear: 

[0] Go to the IOS command prompt without saving this config.


[1] Return back to the setup without saving this config.


[2] Save this configuration to nvram and exit.


Enter your selection [2]:

Make your selection, and press Return.

After you complete the setup program, the switch can run the created default configuration. If you want to change this configuration or want to perform other management tasks, use one of these tools:

CLI

CMS from your browser

New Features

For a list of supported hardware, see the "Hardware Supported" section. These are the new features for the Catalyst 2950SX-48-SI and 2950T-48-SI switches:

The Catalyst 2950SX-48-SI and 2950T-48-SI both support the standard image (SI).

Note For more information about features supported by the SI, refer to the switch software configuration guide for Cisco IOS Release 12.1(14)EA1.

The 10/100/1000 ports on the Catalyst 2950T-48-SI switch operate at 10 or 100 Mbps in either full- or half-duplex mode or at 1000 Mbps only in full-duplex mode.

The 1000BASE-SX ports on the Catalyst 2950SX-48-SI switch operate only at 1000 Mbps and in full-duplex mode.

You can configure the speed on Fast Ethernet (10/100 Mbps) and Gigabit Ethernet (10/100/1000 Mbps) interfaces. You cannot configure the speed on the 100BASE-FX, 1000BASE-SX, GBIC-module, and SFP module interfaces.

You can configure the duplex mode on any Fast Ethernet interfaces that are not set to autonegotiate. You can configure the duplex mode on the 10/100/1000 ports on the Catalyst 2950T-48-SI switch.

Limitations and Restrictions

You should review this section before you begin working with the switches. These are known limitations that will not be fixed, and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.

Note These limitations and restrictions apply to all Catalyst 2950 switches unless otherwise noted.

These are the limitations and restrictions:

"Cisco IOS Limitations and Restrictions" section

"CMS Limitations and Restrictions" section

"Cluster Limitations And Restrictions" section

"Hardware and Software Compatibility Matrixes" section

Cisco IOS Limitations and Restrictions

These limitations and restrictions apply to the Cisco IOS configuration:

Root guard is inconsistent when configured on a port that is in the STP blocked state at the time of configuration.

There is no workaround. (CSCdp85954)

Aging of dynamic addresses does not always occur exactly after the specified aging time elapses. It might take up to three times this time period before the entries are removed from the table.

There is no workaround. (CSCdr96565)

If the switch gets configured from the dynamic IP pool, a duplicate or different IP address might be assigned.

The workaround is to make sure that the DHCP server contains reserved addresses that are bound to each switch by the switch hardware address so that the switch does not obtain its IP address from the dynamic pool. (CSCds58369)

Internal loopback in half-duplex mode causes input errors. We recommend that you configure the PHY to operate in full duplex before setting the internal loopback.

There is no workaround. (CSCds20365)

A source-based distribution port group does not share the broadcast with all the group members. When the destination of the packets is a broadcast or unknown unicast or multicast, the packets are forwarded only on one port member of a port group, instead of being shared among all members of the port group.

There is no workaround. (CSCdt24814)

When you enter the show controllers ethernet-controller interface-id or show interfaces interface-id counters privileged EXEC command, if a large number of erroneous frames are received on an interface, the receive-error counts might be smaller than the actual values, and the receive-unicast frame count might be larger than the actual frame count.

There is no workaround. (CSCdt27223)

Two problems occur when a switch is in transparent mode:

If the switch is a leaf switch, any new VLANs added to it are not propagated upstream through VTP messages. As a result, the switch does not receive flooded traffic for that VLAN.

If the switch is connected to two VTP servers, it forwards their pruning messages. If the switch has a port on a VLAN that is not requested by other servers through their pruning messages, it does not receive flooded traffic for that VLAN.

There is no workaround. (CSCdt48011)

The receive count output for the show controllers ethernet-controller interface-id privileged EXEC command shows the incoming packets count before the ASIC makes a decision of whether to drop the packet or not. Therefore, for ports in the STP blocking states, even though the receive count shows incoming frames, the packet is not forwarded to the other port.

There is no workaround. (CSCdu83640)

In some network topologies, when UplinkFast is enabled on all switches and BackboneFast is not enabled on all switches, a temporary loop might be caused when the STP root switch is changed.

The workaround is to enable BackboneFast on all switches. (CSCdv02941)

At times, the Window XP pop-up window might not appear while authenticating a client (supplicant) because the user information is already stored in Windows XP. However, the Extensible Authentication Protocol over LAN (EAPOL) response to the switch (authenticator) might have an empty user ID that causes the 802.1X port to be de-authenticated.

The workaround is to manually re-initiate authentication by either logging off or detaching the link and then re-connecting it. (CSCdv19671)

If two Catalyst 2950 switches are used in a network and if access ports are used to connect two different VLANs whose VLAN IDs are separated by the correct multiple of 64, it is possible to create a situation where the two switches use the same bridge ID in the same spanning-tree instances. This might cause a loss of connectivity in the VLAN as the spanning tree blocks the ports that should be forwarding.

The workaround is to not cross-connect VLANs. For example, do not use an access port to connect VLAN 1 to VLAN 65 on either the same switch or from one switch to another switch. (CSCdv27247)

A command switch might not show the Catalyst 1900, Catalyst 2820, and Catalyst 2900 XL 4-MB (models C2908-XL, C2916M-XL, C2924C-XL, and C2924-XL) switches as candidates even though their management VLAN is the same as the command switch. This occurs only when their management VLAN is not VLAN 1.

There is no workaround. (CSCdv34505)

You can configure up to 256 Multicast VLAN Registration (MVR) groups by using the mvr vlan group interface configuration command, but only 255 groups are supported on a Catalyst 2950 switch at one time. If you statically add a 256th group, and 255 groups are already configured on the switch, it continues trying (and failing) to add the new group.

The workaround is to set the mode to dynamic for Catalyst 2950 switches that are connected to IGMP-capable devices. The new group can join the multicast stream if another stream is dynamically removed from the group. (CSCdv45190)

A Catalyst 2950 command switch can discover only the first Catalyst 3550 switch if the link between the Catalyst 3550 switches is an 802.1Q trunk and the native VLAN is not the same as the management VLAN of the Catalyst 2950 switch or if the link between the Catalyst 3550 switches is an ISL trunk and the management VLAN is not VLAN 1.

The workaround is to connect Catalyst 3550 switches by using the access link on the command switches management VLAN or to configure an 802.1Q trunk with a native VLAN that is the same as the management VLAN of the command switch. (CSCdv49871)

There might be a link on the Fast Ethernet port of the Catalyst 2950 switch when it is forced to 10 Mbps and full-duplex mode and its link partner is forced to 100 Mbps and forced duplex mode. The LED on the Catalyst 2950 switch might display the link, and the error counters might increment.

The workaround is to configure both sides of a link to the same speed or use autonegotiation. (CSCdv62271)

The ip http authentication enable global configuration command is not saved to the configuration file because this is the default configuration. Therefore, this configuration is lost after a reboot.

The workaround is to manually enter the command again after a reboot. (CSCdv67047)

If a stack that has Catalyst 2940, Catalyst 2950, or Catalyst 2955 switches also has Catalyst 2900 XL or Catalyst 3500 XL switches, cross-stack UplinkFast (CSUF) does not function if the management VLAN on the Catalyst 2900 XL or Catalyst 3500 XL switches is changed to a VLAN other than VLAN 1 (the default).

The workaround is to make sure that the management VLANs of all Catalyst 2900 XL or 3500 XL switches in the stack are set to VLAN 1. (CSCdv82224)

If a port is configured as a secure port with the violation mode as restrict, the secure ports might process packets even after maximum limit of MAC addresses is reached, but those packets are not forwarded to other ports.

There is no workaround. (CSCdw02638)

The discarded frames count of the show controllers ethernet-controller privileged EXEC command output and the ignored count of the show controller ethernet privileged EXEC command output can increment for these reasons:

The source and destination ports are the same.

The spanning-tree state of the ingress port is not in the forwarding state.

Traffic is filtered because of unicast or multicast storms are on the port.

Traffic is dropped because a VLAN has not been assigned by VLAN Query Protocol (VQP).

Note This error occurs only on switches that can run Cisco IOS Release 12.0(5)WC2b or earlier.

There is no workaround. (CSCdw48441)

You can apply ACLs to a management VLAN or to any traffic that is going directly to the CPU, such as SNMP, Telnet, or web traffic. For information on creating ACLs for these interfaces, refer to the "Configuring IP Services" section of the Cisco IOS IP and IP Routing Configuration Guide for Cisco IOS Release 12.1 and the Cisco IOS IP and IP Routing Command Reference for Cisco IOS Release 12.1.

The SSH feature uses a large amount of switch memory, which limits the number of VLANs, trunk ports, and cluster members that you can configure on the switch. Before you download the crypto software image, your switch configuration must meet these conditions:

The number of trunk ports multiplied by the number of VLANs on the switch must be less than or equal to 128. These are examples of switch configurations that meet this condition:

If the switch has 2 trunk ports, it can have up to 64 VLANs.

If the switch has 32 VLANs, it can have up to 4 trunk ports.

If your switch is a cluster command switch, it can only support up to eight cluster members.

Note A switch that runs the SI cannot run the crypto image. If a crypto image is loaded on an SI-only switch, the switch will perform a forced reload.

If your switch has a saved configuration that does not meet the previous conditions and you upgrade the switch software to the crypto software image, the switch might run out of memory. If this happens, the switch does not operate properly. For example, it might continuously reload.

If the switch runs out of memory, this message appears: 

%SYS-2-MALLOCFAIL: Memory allocation of (number_of_bytes) bytes failed ...

The workaround is to check your switch configuration and ensure that it meets the previous conditions. (CSCdw66805)

When the Internet Group Management Protocol (IGMP) Immediate-Leave is configured, new ports are added to the group membership each time a join message is received, and ports are pruned (removed) each time a leave message is received.

If the join and leave messages arrive at high rate, the CPU can become busy processing these messages. For example, the CPU usage is approximately 50 percent when 50 pairs of join and leave messages are received each second. Depending on the rate at which join and leave messages are received, the CPU usage can go very high, even up to 100 percent, as the switch continues processing these messages.

The workaround is to only use the Immediate-Leave processing feature on VLANs where a single host is connected to each port. (CSCdx95638)

A switch does not use the default gateway address in the DHCP offer packet from the server during automatic-install process.

The workaround is to manually assign an IP address to the switch. (CSCdy08716)

In a Remote Switched Port Analyzer (RSPAN) session, if at least one switch is used as an intermediate or destination switch and if traffic for a port is monitored in both directions, traffic does not reach the destination switch. (CSCdy38476)

These are the workarounds:

Use a Catalyst 3550 or Catalyst 6000 switch as an intermediate or destination switch.

Monitor traffic in only one direction if a Catalyst 2950 switch is used as an intermediate or destination switch.

If you assign a nonexistent VLAN ID to a static-access EtherChannel by setting the ciscoVlanMembershipMIB:vmVlan object, the switch does not create the VLAN in the VLAN database.

There is no workaround. (CSCdy65850)

When you configure a dynamic switch port by using the switchport access vlan dynamic interface configuration command, the port might allow unauthorized users to access network resources if the interface changes from access mode to trunk mode through Dynamic Trunking Protocol (DTP) negotiation.

The workaround is to configure the port as a static access port. (CSCdz32556)

The output from the show stack privileged EXEC command might show a large number of false interrupts.

There is no workaround. The number of interrupts does not affect the switch functionality. (CSCdz34545)

If you configure a static secure MAC address on an interface before enabling port security on the interface, the same MAC address is allowed on multiple interfaces. If the same MAC address is added on multiple ports before enabling port security and port security is later enabled on those ports, only the first MAC address can be added to the hardware database. If port security is first enabled on the interface, the same static MAC address is not allowed on multiple interfaces.

There is no workaround. (CSCdz74685)

In Cisco IOS Release 12.1(13)EA1 or later, these are the default settings for a IP Phone connected to a switch:

The port trust state is to not trust the priority of frames arriving on the IP Phone port from connected devices.

The CoS value of incoming traffic is overwritten and set to zero. (CSCdz76915)

If you press and hold the spacebar while the output of any show user EXEC command is being displayed, the Telnet session is stopped, and you can no longer communicate with the management VLAN. (CSCea12888)

These are the workarounds:

Enter the show commands from privileged EXEC mode, and use this command to set the terminal length to zero:

switch# terminal length 0

Telnet directly from a PC or workstation to the switch.

Do not hold down the spacebar while scrolling through the output of a show user EXEC command. Instead, slowly press and release the spacebar.

When you connect a switch to another switch through a trunk port and the number of VLANs on the first switch is lower than the number on the connected switch, interface errors are received on the management VLAN of the first switch.

The workaround is to match the configured VLANs on each side of the trunk port. (CSCea23138)

When you enable Port Fast on a static-access port and then change the port to dynamic, Port Fast remains enabled. However, if you change the port back to static, Port Fast is disabled.

The workaround is to configure Port Fast globally by using the spanning-tree portfast global configuration command. (CSCea24969)

When a switch sends a system message to an external syslog server, the switch adds a sequence number to the system message. (CSCea26598)

When using the SPAN feature, the monitoring port receives copies of sent and received traffic for all monitored ports. If the monitoring port is oversubscribed, it will probably become congested. This might also affect how one or more of the monitored ports forwards traffic.

When a 10/100 switch port is connected to a 10/00 port on a hub and another 10/100 port on the hub is connected to a 10/100 port on another switch, when one of the switches restarts, the link state might transition from down to up, and these messages might appear: 

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Then the switch that restarted does not forward traffic until the spanning-tree state enters the forwarding state. This can occur on a switch running Cisco IOS Release 12.1(13)EA1 or later.

There is no workaround. (CSCea47230)

CMS Limitations and Restrictions

These limitations apply to CMS configuration:

A red border appears around the text-entering area of some CMS dialogs. The color of the border changes to green when text is entered. This is only a cosmetic error. The colored border does not prevent you from entering text.

There is no workaround. (CSCdv82352)

Note This error only occurs with Java plug-in 1.4.0.

You cannot switch modes (for example, from Guide Mode to Expert Mode) for an open CMS window.

The workaround is to close the open window, select the mode that you want, and then reopen the CMS window. (CSCdw87550)

Note For the mode change to take effect on any other CMS window that is open, you need to close that window and then reopen it after you select the new mode.

After you click Apply or Refresh in the SNMP window, the window size changes.

There is no workaround. (CSCdz75666)

When you enable log scaling for Link Graphs, the Y-axis scale becomes illegible.

There is no workaround. (CSCdz81086)

The CMS window does not re