-
Catalyst 6500 Series Software Configuration Guide, 8.7
-
Index
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch IP Address and Default Gateway
-
Configuring Ethernet, Fast Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet Switching
-
Configuring Ethernet VLAN Trunks
-
Configuring EtherChannel
-
Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling
-
Configuring Spanning Tree
-
Configuring Spanning Tree PortFast, UplinkFast, BackboneFast, and Loop Guard
-
Configuring VTP
-
Configuring VLANs
-
Configuring InterVLAN Routing
-
Configuring CEF for PFC2/PFC3
-
Configuring MLS
-
Configuring Access Control
-
Configuring NDE
-
Configuring GVRP
-
Configuring MVRP
-
Configuring Dynamic Port VLAN Membership with VMPS
-
Checking Status and Connectivity
-
Configuring Online Diagnostics
-
Administering the Switch
-
Configuring Redundancy
-
Configuring NSF with SSO MSFC Redundancy
-
Modifying the Switch Boot Configuration
-
Working with the Flash File System
-
Working with System Software Images
-
Working with Configuration Files
-
Configuring System Message Logging
-
Configuring DNS
-
Configuring CDP
-
Configuring UDLD
-
Configuring DHCP Snooping and IP Source Guard
-
Configuring NTP
-
Configuring Broadcast Suppression
-
Configuring Layer 3 Protocol Filtering
-
Configuring the IP Permit List
-
Configuring Port Security
-
Configuring Switch Access Using AAA
-
Configuring 802.1x Authentication
-
Configuring MAC Authentication Bypass
-
Configuring Web-Based Proxy Authentication
-
Tracking Host Aging
-
Configuring Network Admission Control
-
Configuring Unicast Flood Blocking
-
Configuring SNMP
-
Configuring RMON
-
Configuring SPAN, RSPAN and the Mini Protocol Analyzer
-
Using Switch TopN Reports
-
Configuring Multicast Services
-
Configuring QoS
-
Configuring Automatic QoS
-
Configuring ASLB
-
Configuring the Switch Fabric Module
-
Configuring a VoIP Network
-
Configuring MSFC IOS Features
-
Acronyms
-
Table Of Contents
Understanding How InterVLAN Routing Works
Configuring InterVLAN Routing on the MSFC
MSFC Routing Configuration Guidelines
Configuring IP InterVLAN Routing on the MSFC
Configuring IPX InterVLAN Routing on the MSFC
Configuring AppleTalk InterVLAN Routing on the MSFC
Configuring InterVLAN Routing
This chapter describes how to configure the Multilayer Switch Feature Card (MSFC) for interVLAN routing on the Catalyst 6500 series switches.
Note
For complete syntax and usage for the commands that are used in this chapter, refer to the Catalyst 6500 Series Switch Command Reference publication.
This chapter consists of these sections:
•
•
Note
Understanding How InterVLAN Routing Works
The network devices in different VLANs cannot communicate with one another without a router to forward traffic between the VLANs. In most network environments, the VLANs are associated with individual networks or subnetworks.
For example, in an IP network, each subnetwork is mapped to an individual VLAN. In an IPX network, each VLAN is mapped to an IPX network number.
Configuring the VLANs helps to control the size of the broadcast domain and keeps the local traffic local. When an end station in one VLAN needs to communicate with an end station in another VLAN, interVLAN communication is required. This communication is provided by interVLAN routing. You configure one or more routers to route traffic to the appropriate destination VLAN.
Figure 12-1 shows a basic interVLAN routing topology. Switch A is in VLAN 10 and Switch B is in VLAN 20. The router has an interface in each VLAN.
Figure 12-1 Basic InterVLAN Routing Topology
When Host A in VLAN 10 needs to communicate with Host B in VLAN 10, it sends a packet that is addressed to that host. Switch A forwards the packet directly to Host B without sending it to the router.
When Host A sends a packet to Host C in VLAN 20, Switch A forwards the packet to the router, which receives the traffic on the VLAN 10 interface. The router checks the routing table, determines the correct outgoing interface, and forwards the packet out the VLAN 20 interface to Switch B. Switch B receives the packet and forwards it to Host C.
Configuring InterVLAN Routing on the MSFC
Note
These sections describe how to configure interVLAN routing on the MSFC:
•
•
•
•
MSFC Routing Configuration Guidelines
This section describes the guidelines (which consists of two main procedures) for configuring interVLAN routing on the MSFC:
1.
2.
The VLAN interfaces on the MSFC are virtual interfaces. However, you configure them the same as you do a physical router interface.
The MSFC3, MSFC2, MSFC2A, and MSFC support the same range of VLANs as the supervisor engine. MSFC3, MSFC2, and MSFC2A support up to 1,000 VLAN interfaces, and the MSFC supports up to 256 VLAN interfaces.
Configuring IP InterVLAN Routing on the MSFC
To configure interVLAN routing for IP, perform this task:
Step 1
(Optional) Enable IP routing on the router1 .
Router(config)# ip routing
Step 2
(Optional) Specify an IP routing protocol2 .
Router(config)# router ip_routing_protocol
Step 3
Specify a VLAN interface on the MSFC.
Router(config)# interface vlan-id
Step 4
Assign an IP address to the VLAN.
Router(config-if)# ip address n.n.n.n mask
Step 5
Exit configuration mode.
Router(config-if)# Ctrl-Z
1 This step is necessary if you have multiple routers in the network.
2 This step is necessary if you enabled IP routing in Step 1. This step might include other commands, such as using the network router configuration command to specify the networks to route. Refer to the documentation for your router platform for detailed information on configuring routing protocols.
This example shows how to enable IP routing on the MSFC, create a VLAN interface, and assign the IP address to the interface:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# ip routingRouter(config)# router ripRouter(config-router)# network 10.0.0.0Router(config-router)# interface vlan 100Router(config-if)# ip address 10.1.1.1 255.0.0.0Router(config-if)# ^ZRouter#Configuring IPX InterVLAN Routing on the MSFC
Note
To configure interVLAN routing for Internetwork Packet Exchange (IPX), perform this task:
Step 1
(Optional) Enable IPX routing on the router1 .
Router(config)# ipx routing
Step 2
(Optional) Specify an IPX routing protocol2 .
Router(config)# ipx router ipx_routing_protocol
Step 3
Specify a VLAN interface on the MSFC.
Router(config)# interface vlan-id
Step 4
Assign a network number to the VLAN3 .
Router(config-if)# ipx network [network | unnumbered] encapsulation encapsulation-type
Step 5
Exit configuration mode.
Router(config-if)# Ctrl-Z
1 This step is necessary if you have multiple routers in the network.
2 This step is necessary if you enabled IPX routing in Step 1. This step might include other commands, such as using the network router configuration command to specify the networks to route. Refer to the documentation for your router platform for detailed information on configuring routing protocols.
3 This step enables IPX routing on the VLAN. When you enable IPX routing on the VLAN, you can also specify an encapsulation type.
This example shows how to enable IPX routing on the MSFC, create a VLAN interface, and assign an IPX network address to the interface:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# ipx routingRouter(config)# ipx router ripRouter(config-ipx-router)# network allRouter(config-ipx-router)# interface vlan100Router(config-if)# ipx network 100 encapsulation snapRouter(config-if)# ^ZRouter#Configuring AppleTalk InterVLAN Routing on the MSFC
To configure interVLAN routing for AppleTalk, perform this task:
Step 1
(Optional) Enable AppleTalk routing on the router1 .
Router(config)# appletalk routing
Step 2
Specify a VLAN interface on the MSFC.
Router(config)# interface vlan-id
Step 3
Assign a cable range to the VLAN.
Router(config-if)# appletalk cable-range cable-range
Step 4
Assign a zone name to the VLAN.
Router(config-if)# appletalk zone zone-name
Step 5
Exit configuration mode.
Router(config-if)# Ctrl-Z
1 This step is necessary if you have multiple routers in the network.
This example shows how to enable AppleTalk routing on the MSFC, create a VLAN interface, and assign an AppleTalk cable range and zone name to the interface:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# appletalk routingRouter(config)# interface vlan100Router(config-if)# appletalk cable-range 100-100Router(config-if)# appletalk zone EngineeringRouter(config-if)# ^ZRouter#Configuring MSFC Features
These sections describe the MSFC features:
Local Proxy ARP
With Release 12.1(2)E or later releases, the Local Proxy Address Resolution Protocol (ARP) allows the MSFC to respond to the ARP requests for the IP addresses within a subnet where normally no routing is required. With local proxy ARP enabled, the MSFC responds to all the ARP requests for the IP addresses within the subnet and forwards all traffic between the hosts in the subnet. Use this feature only on the subnets where the hosts are intentionally prevented from communicating directly by the configuration on the switch to which they are connected.
Local proxy ARP is disabled by default. Enter the ip local-proxy-arp interface configuration command to enable local proxy ARP on an interface. Enter the no ip local-proxy-arp interface configuration command to disable the feature. The Internet Control Message Protocol (ICMP) redirects are disabled on the interfaces where local proxy ARP is enabled.
WCCP Layer 2 Redirection
Note
Web Cache Communication Protocol (WCCP) Layer 2 redirection allows directly connected Cisco Cache Engines to use Layer 2 redirection, which is more efficient than Layer 3 redirection, through generic routing encapsulation (GRE). You can configure a directly connected Cache Engine to negotiate WCCP Layer 2 redirection. WCCP Layer 2 redirection requires no configuration on the MSFC. Enter the show ip wccp web-cache detail command to display which redirection method is in use for each cache. Follow these guidelines when using this feature:
•
•
•
Configure the Cisco IOS WCCP as described in the Cisco IOS Configuration Fundamentals Configuration Guide at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_c/fcprt3/fcd305.htmAutostate Feature
These MSFC autostate port-based modes are supported:
Normal Autostate Mode
Autostate shuts down (or brings up) the Layer 3 interfaces/subinterfaces on the MSFC and the Multilayer Switch Module (MSM) when the following port configuration changes occur on the switch:
•
•
The Catalyst 6500 series switch does not have knowledge of, or control over, the MSM or MSFC configuration (just as the switch does not have knowledge of, or control over, external router configurations). Autostate does not work on MSM or MSFC interfaces if the MSM or MSFC is not properly configured. For example, consider this MSM trunk configuration:
interface GigabitEthernet0/0/0.200encap isl 200..In the example, the GigabitEthernet0/0/0.200 interface is not autostated if any of these configuration errors are made:
•
•
•
Autostate Exclude Mode
Autostate exclude mode allows you to specify the ports to exclude from autostate. In normal autostate mode, the Layer 3 interfaces remain up if at least one port in the VLAN remains up. If you have appliances, such as load balancers or firewall servers that are connected to the ports in the VLAN, you can configure these ports to be excluded from the autostate feature to make sure that the forwarding SVI does not go down if these ports become inactive.
Autostate exclude mode affects all VLANs to which the port belongs and is supported on Ethernet, Fast Ethernet, and Gigabit Ethernet ports only.
Note
Autostate Track Mode
You can use autostate track mode to track key VLAN or port connections to the MSFC. When you configure the autostate track mode, the SVI stays up if any tracked connections remain up in the VLAN. Track mode requires that you define a global tracked VLAN group. The VLANs in this group will be tracked by MSFC autostate whether or not you define a member port to be tracked.
When you configure a VLAN and the ports to be tracked by autostate, the tracked SVIs remain down until at least one tracked Ethernet port in the VLAN moves to the Spanning Tree Protocol (STP) forwarding state. Conversely, tracked SVIs remain up if at least one tracked Ethernet port stays in the STP forwarding state.
Autostate track mode is supported on Ethernet, Fast Ethernet, and Gigabit Ethernet ports only.
Note
Configuring Autostate Exclude Mode
To configure autostate exclude mode, perform one of these tasks in privileged mode:
Configure autostate exclude mode.
set msfcautostate exclude mod/port
Clear the autostate configuration.
clear msfcautostate {all | mod/port}
This example shows how to exclude a port from MSFC autostate:
Console> (enable) set msfcautostate exclude 3/1Port 3/1 configured as excluded portConsole> (enable)This example shows how to clear the autostate configuration:
Console> (enable) clear msfcautostate 3/1MSFC autostate config cleared on excluded port 3/1Console> (enable)Configuring Autostate Track Mode
To configure autostate track mode, perform one of these tasks in privileged mode:
This example shows how to configure autostate to track VLANs 20, 21, 22, and 28:
Console> (enable) set msfcautostate track enable 20-22,28Vlans 20-22,28 added to MSFC autostate track vlan groupConsole> (enable)This example shows how to configure autostate to track ports 1-5 on module 3:
Console> (enable) set msfcautostate track 3/1-5Port 3/1-5 configured as tracked portConsole> (enable)Displaying the Autostate Configuration
To display the current line protocol state determination for the MSM, perform this task in normal mode:
Display the current line protocol state determination for the MSM.
show msmautostate mod
This example shows how to display the current line protocol state determination for the MSM:
Console> show msmautostateMSM Auto port state: enabledConsole>To display the line protocol state determination for the MSFC, perform this task in privileged mode:
This example shows how to display the line protocol state determination for the MSFC:
Console> (enable) show msfcautostateMSFC Auto port state: enabledExcluded ports:Tracked ports: 3/1-5Tracked vlans: 20-22,28Console> (enable)To check which MSM interfaces are currently autostated, perform this task in enabled mode from the MSM prompt:
This example shows how to check which MSM interfaces are currently autostated (shut down or brought up through autostate):
Router# show autostate entriesPort-channel1.5Port-channel1.6Port-channel1.4Router#Disabling Autostate
To disable autostate if you have an MSM installed, perform this task in privileged mode:
Autostate is enabled by default. This example shows how to disable autostate if you have an MSM installed:
Console> (enable) set msmautostate disableMSM port auto state disabled.Console> (enable)To disable the line protocol state determination of the MSFC, perform this task in privileged mode:
Note
This example shows how to disable the line protocol state determination of the MSFC:
Console> (enable) set msfcautostate disableMSM port auto state disabled.Console> (enable)
