Cisco 800 Series Integrated Services Routers Software Configuration Guide

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents
Find Matches in This Book
Available Languages
Download Options

Book Title

Cisco 800 Series Integrated Services Routers Software Configuration Guide

Chapter Title

Configuring Ethernet Switches

Results

Updated:
July 24, 2014

Chapter: Configuring Ethernet Switches

Configuring Ethernet Switches

This chapter gives an overview of configuration tasks for the following:

  • 4-port Fast Ethernet (FE) switch on the Cisco 860, 880, and 890 integrated service routers (ISRs)
  • Gigabit Ethernet (GE) switch on the Cisco 860VAE-K9
  • Gigabit Ethernet (GE) switch that services the embedded wireless access point on the Cisco 860 and Cisco 880 series ISRs.

The FE switches are 10/100Base T Layer 2 Fast Ethernet switches. The GE switch is a 1000Base T Layer 2 Gigabit Ethernet switch. Traffic between different VLANs on a switch is routed through the router platform with the switched virtual interface (SVI).

Any switch port may be configured as a trunking port to connect to other Cisco Ethernet switches. An optional power module can be added to Cisco 880 series ISRs to provide inline power to two of the FE ports for IP telephones or external access points.

This chapter contains the following sections:

Switch Port Numbering and Naming

The ports for Cisco 860, 880, and 890 ISRs are numbered as follows:

  • The ports on the FE switch for the Cisco 860, 880, and 890 ISRs are numbered FE0 through FE3.
  • The port on the GE switch for the 860VAE-K9 is numbered GE0.
  • The port on the GE switch that services the embedded wireless access point on the Cisco 860 and Cisco 880 series ISRs is named and numbered Wlan-GigabitEthernet0.

Switch Port Mode

Prior to release 15.7(3)M, the default mode for the switch ports on Cisco 800 series routers was access. The command for the default switch port mode (access) is: switchport mode access

From release 15.7(3)M, dynamic truncking is the default switch port mode. The dynamic trunking mode on a switch port allows the switch to dynamically shift between the trunk or access mode based on the type of link that the communicating switch on the other side is trying to establish. The command for the default switch port mode (dynamic truncking) is: switchport mode dynamic auto

From release 15.7(3)M, you can also configure the switch ports of Cisco 800 series routers using the following CLI: switchport mode dynamic desirable

Restrictions for the FE Switch

The following restrictions apply to the FE switch:

  • Ports of an FE switch must not be connected to any Fast Ethernet onboard port of the router.
  • On Cisco 880 series ISRs, inline power is supported only on FE switch ports FE0 and FE1. Inline power is not supported on Cisco 860 series ISRs.
  • VTP pruning is not supported.
  • FE switch can support up to 200 secure MAC addresses.

Ethernet Switches

To configure Ethernet switches, you should understand the following concepts:

VLANs and VLAN Trunk Protocol

For information on the concepts of VLANs and VLAN Trunk Protocol (VTP), see:

http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t4/​feature/​guide/​gt1636nm.html#wp1047027

Inline Power

Inline power is not supported on the Cisco 860 series ISRs. On the Cisco 880 series ISRs, inline power can be supplied to Cisco IP phones or external access points on FE switch ports FE0 and FE1.

A detection mechanism on the FE switch determines whether it is connected to a Cisco device. If the switch senses that there is no power on the circuit, the switch supplies the power. If there is power on the circuit, the switch does not supply it.

You can configure the switch to never supply power to the Cisco device and to disable the detection mechanism.

The FE switch also provides support for powered devices compliant with IEEE 802.3af.

Configuring 802.1x Authentication

IEEE 802.1x port-based authentication defines a client-server-based access control and authentication protocol to prevent unauthorized clients from connecting to a LAN through publicly accessible ports.The authentication server authenticates each client connected to a switch port before allowing access to any switch or LAN services. Until the client is authenticated, IEEE 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL), Cisco Discovery Protocol (CDP), and Spanning Tree Protocol (STP) traffic through the port to which the client is connected. After authentication, normal traffic passes through the port.

With IEEE 802.1x authentication, the devices in the network have specific roles:

  • Supplicant—Device (workstation) that requests access to the LAN and switch services and responds to requests from the router. The workstation must be running IEEE 802.1x-compliant client software such as that offered in the Microsoft Windows XP operating system. (The supplicant is sometimes called the client.)

  • Supplicant—Device (workstation) that requests access to the LAN and switch services and responds to requests from the router. The workstation must be running IEEE 802.1x-compliant client software such as that offered in the Microsoft Windows XP operating system. (The supplicant is sometimes called the client.)

  • Authentication server—Device that performs the actual authentication of the supplicant. The authentication server validates the identity of the supplicant and notifies the router whether or not the supplicant is authorized to access the LAN and switch services. The Network Access Device (or Cisco ISR router in this instance) transparently passes the authentication messages between the supplicant and the authentication server, and the authentication process is carried out between the supplicant and the authentication server. The particular EAP method used will be decided between the supplicant and the authentication server (RADIUS server). The RADIUS security system with EAP extensions is available in Cisco Secure Access Control Server Version 3.0 or later. RADIUS operates in a client and server model in which secure authentication information is exchanged between the RADIUS server and one or more RADIUS clients.

  • Authenticator—Router that controls the physical access to the network based on the authentication status of the supplicant. The router acts as an intermediary between the supplicant and the authentication server, requesting identity information from the supplicant, verifying that information with the authentication server, and relaying a response to the supplicant. The router includes the RADIUS client, which is responsible for encapsulating and decapsulating the EAP frames and interacting with the authentication server.

For detailed information on how to configure 802.1x port-based authentication, see the following link:

http:/​/​www.cisco.com/​c/​en/​us/​td/​docs/​ios-xml/​ios/​sec_usr_8021x/​configuration/​15-mt/​sec-user-8021x-15-mt-book/​config-ieee-802x-pba.html

Configuring Spanning Tree Protocol

Spanning Tree Protocol (STP) is a Layer 2 link management protocol that provides path redundancy while preventing loops in the network. For a Layer 2 Ethernet network to function properly, only one active path can exist between any two stations. Multiple active paths among end stations cause loops in the network. If a loop exists in the network, end stations might receive duplicate messages. Switches might also learn end-station MAC addresses on multiple Layer 2 interfaces. These conditions result in an unstable network. Spanning-tree operation is transparent to end stations, which cannot detect whether they are connected to a single LAN segment or a switched LAN of multiple segments.

The STP uses a spanning-tree algorithm to select one switch of a redundantly connected network as the root of the spanning tree. The algorithm calculates the best loop-free path through a switched Layer 2 network by assigning a role to each port based on the role of the port in the active topology:

  • Root—A forwarding port elected for the spanning-tree topology

  • Designated—A forwarding port elected for every switched LAN segment

  • Alternate—A blocked port providing an alternate path to the root bridge in the spanning tree

  • Backup—A blocked port in a loopback configuration

The switch that has all of its ports as the designated role or as the backup role is the root switch. The switch that has at least one of its ports in the designated role is called the designated switch.Spanning tree forces redundant data paths into a standby (blocked) state. If a network segment in the spanning tree fails and a redundant path exists, the spanning-tree algorithm recalculates the spanning-tree topology and activates the standby path. Switches send and receive spanning-tree frames, called bridge protocol data units (BPDUs), at regular intervals. The switches do not forward these frames but use them to construct a loop-free path. BPDUs contain information about the sending switch and its ports, including switch and MAC addresses, switch priority, port priority, and path cost. Spanning tree uses this information to elect the root switch and root port for the switched network and the root port and designated port for each switched segment.

When two ports on a switch are part of a loop, the spanning-tree port priority and path cost settings control which port is put in the forwarding state and which is put in the blocking state. The spanning-tree port priority value represents the location of a port in the network topology and how well it is located to pass traffic. The path cost value represents the media speed.

For detailed configuration information on STP see the following link:

http:/​/​www.cisco.com/​c/​en/​us/​td/​docs/​switches/​lan/​catalyst3750/​software/​release/​15-0_2_se/​configuration/​guide/​scg3750/​swstp.html

Example: Spanning Tree Protocol Configuration

The following example shows configuring spanning-tree port priority of a Gigabit Ethernet interface. If a loop occurs, spanning tree uses the port priority when selecting an interface to put in the forwarding state.

Router# configure terminal 
Router(config)# interface gigabitethernet 0/2
Router(config-if)# spanning-tree vlan 1 port-priority 64 
Router(config-if)# end

The following example shows how to change the spanning-tree port cost of a Gigabit Ethernet interface. If a loop occurs, spanning tree uses cost when selecting an interface to put in the forwarding state.

Router#configure terminal 
Router(config)# interface gigabitethernet 0/2
Router(config-if)# spanning-tree cost 18 
Router(config-if)# end

The following example shows configuring the bridge priority of VLAN 10 to 33792:

Router# configure terminal 
Router(config)# spanning-tree vlan 10 priority 33792 
Router(config)# end

The following example shows configuring the hello time for VLAN 10 being configured to 7 seconds. The hello time is the interval between the generation of configuration messages by the root switch.

Router# configure terminal 
Router(config)# spanning-tree vlan 10 hello-time 4
Router(config)# end

The following example shows configuring forward delay time. The forward delay is the number of seconds an interface waits before changing from its spanning-tree learning and listening states to the forwarding state.

Router# configure terminal 
Router(config)# spanning-tree vlan 10 forward-time 21 
Router(config)# end

The following example shows configuring maximum age interval for the spanning tree. The maximum-aging time is the number of seconds a switch waits without receiving spanning-tree configuration messages before attempting a reconfiguration.

Router# configure terminal 
Router(config)# spanning-tree vlan 20 max-age 36 
Router(config)# end

The following example shows the switch being configured as the root bridge for VLAN 10, with a network diameter of 4. 

Router# configure terminal 
Router(config)# spanning-tree vlan 10 root primary diameter 4 
Router(config)# exit

Spanning Tree Protocol

For information on Spanning Tree Protocol, see:

http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t4/​feature/​guide/​gt1636nm.html#wp1048458

Cisco Discovery Protocol

Cisco Discovery Protocol (CDP) runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. CDP allows network management applications to discover Cisco devices that are neighbors of already known devices, in particular, neighbors running lower-layer, transparent protocols. With CDP, network management applications can learn the device type and the SNMP agent address of neighboring devices. This feature enables applications to send SNMP queries to neighboring devices.

CDP runs on all LAN and WAN media that support Subnetwork Access Protocol (SNAP). Each CDP-configured device sends periodic messages to a multicast address. Each device advertises at least one address at which it can receive SNMP messages. The advertisements also contain the time-to-live, or hold-time information, which indicates the length of time a receiving device should hold CDP information before discarding it.

Switched Port Analyzer

For information on Switched Port Analyzer, see:

http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t4/​feature/​guide/​gt1636nm.html#wp1053663

IGMP Snooping

For information on IGMP Snooping, see:

http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t4/​feature/​guide/​gt1636nm.html#wp1053727

IGMP Version 3

The Cisco 880 series ISRs support Version 3 of IGMP snooping.

IGMPv3 provides support for source filtering, which enables a multicast receiver host to signal to a router from which groups the receiver host is to receive multicast traffic, and from which sources this traffic is expected. Enabling the IGMPv3 feature with IGMP snooping on Cisco ISRs provides Basic IGMPv3 Snooping Support (BISS). BISS provides constrained flooding of multicast traffic in the presence of IGMPv3 hosts. This support constrains traffic to approximately the same set of ports as IGMPv2 snooping does with IGMPv2 hosts. The constrained flooding only considers the destination multicast address.

Storm Control

For information on storm control, see:

http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t4/​feature/​guide/​gt1636nm.html#wp1051018

Overview of SNMP MIBs

Simple Management Network Protocol (SNMP) development and use is centered around the MIB. An SNMP MIB is an abstract database and it is a conceptual specification for information that a management application may read and modify in a certain form. This does not imply that the information is kept in the managed system in that same form. The SNMP agent translates between the internal data structures and formats of the managed system and the external data structures and formats defined for the MIB.

The SNMP MIB is conceptually a tree structure with conceptual tables. Cisco Layer 2 Switching Interface MIB is discussed in more detail in BRIDGE-MIB for Layer 2 Ethernet Switching. Relative to this tree structure, the term MIB is used in two ways. One definitions of MIB is, it is actually a MIB branch, usually containing information for a single aspect of technology, such as a transmission medium or a routing protocol. A MIB used in this sense is more accurately called a MIB module, and is usually defined in a single document. The other definition of a MIB is a collection of such branches. Such a collection might comprise, for example, all the MIB modules implemented by a given agent, or the entire collection of MIB modules defined for SNMP.

A MIB is a tree where the leaves are individual items of data called objects. An object may be, for example, a counter or a protocol status. MIB objects are also sometimes called variables.

BRIDGE-MIB for Layer 2 Ethernet Switching

The Layer 2 Ethernet Switching Interface BRIDGE-MIB is supported in the Cisco 887, 880, and 890 platforms. The BRIDGE-MIB enables the user to know the Media Access Control (MAC) addresses and spanning tree information of the Ethernet switch modules. The user can query the MIB agent using the SNMP protocol and get the details of Ethernet switch modules, such as MAC addresses, of each interface and spanning protocol information.

The Bridge-MIB uses the following approaches to get the Layer 2 BRIDGE-MIB information:

  • Community-string-based approach
  • Context-based approach

In the community string based approach, one community string is created for each VLAN. Based on the query, the respective VLAN MIB is displayed.

To get the BRIDGE-MIB details, use the snmp-server community public RW command in the configuration mode.

Router(config)# snmp-server community public RW

Use the following syntax to query the SNMP BRIDGE-MIB details: 

snmpwalk -v2c <ip address of the ISR, ...>  public .1.3.6.1.2.1.17
snmpwalk -v2c <ip address of the ISR, ...>  public@2 .1.3.6.1.2.1.17
snmpwalk -v2c <ip address of the ISR, ...>  public@3 .1.3.6.1.2.1.17

Note
When you create a VLAN ‘x’, the logical entity public@x is added. If you query with public community, the Layer 3 MIB is displayed. When you query with public@x, the Layer 2 MIB for VLAN ‘x’ is displayed.

In the context based approach, the SNMP context mapping commands are used to display the values for Layer 2 interfaces. Each VLAN is mapped to a context. When the user queries with a context, the MIB displays the data for that specific VLAN, which is mapped to the context. In this approach, each VLAN is manually mapped to a context.

To get the BRIDGE-MIB details, use the following commands in the configuration mode: 

Router(config)# Routersnmp-server group public v2c context bridge-group
Router(config)# snmp-server community public RW
Router(config)# snmp-server community private RW
Router(config)# snmp-server context bridge-group
Router(config)# snmp mib community-map public context bridge-group

Use the following syntax to query the SNMP BRIDGE-MIB details. 

snmpwalk -v2c <ip address of the ISR, ...>  public@1 .1.3.6.1.2.1.17 ?L2-MIB
snmpwalk -v2c <ip address of the ISR, ...>  private .1.3.6.1.2.1.17?L3-MIB


Note
When you query with the public community, the Layer 2 MIB is displayed. Use a private group for Layer 3 MIB.

For more details to configure and retrieve the BRIDGE-MIB details, see:

http:/​/​www.cisco.com/​en/​US/​tech/​tk648/​tk362/​technologies_​tech_​note09186a0080094a9b. shtml#brgmib

MAC Address Notification

MAC address notification enables you to track users on a network by storing the MAC address activity on the switch. Whenever the switch learns or removes a MAC address, an SNMP notification can be generated and sent to the NMS. If you have many users coming and going from the network, you can set a trap interval time to bundle the notification traps and reduce network traffic. The MAC notification history table stores the MAC address activity for each hardware port for which the trap is enabled. MAC address notifications are generated for dynamic and secure MAC addresses; events are not generated for self addresses, multicast addresses, or other static addresses.

For more details to configure MAC address notification, see:

http:/​/​www1.cisco.com/​en/​US/​docs/​switches/​lan/​catalyst3550/​software/​release/​12.2_25_see/​ configuration/​guide/​swadmin.html#wp1102213

Configuring Ethernet Switches

See the following sections for configuration tasks for Ethernet switches:

Configuring VLANs

This section provides information on how to configure VLANs. The Cisco 860 series ISRs support two VLANs and the 860VAE series ISRs support five VLANs.The Cisco 880 series ISRs support eight VLANs.


Note
Cisco 866VAE-K9 and 867VAE-K9 routers have four Fast Ethernet (FE) switching ports and one Gigabit Ethernet (GE) switching port.

VLANs on the FE and GE Switch Ports

To configure VLANs, perform these steps, beginning in configuration mode.

SUMMARY STEPS

    1.    interface type number

    2.    shutdown

    3.    switchport access vlan vlan_id

    4.    no shutdown

    5.    end


DETAILED STEPS
     Command or ActionPurpose
    Step 1interface type number


    Example: 
    Router(config)# Interface fastethernet0
     

    Selects the Fast Ethernet port to configure.

     
    Step 2shutdown


    Example: 
    Router(config-if)# shutdown
     

    (Optional) Shuts down the interface to prevent traffic flow until configuration is complete.

     
    Step 3switchport access vlan vlan_id


    Example: 
    Router(config-if)# switchport access vlan 2
     

    Creates instances of additional VLANs. Allowable values of vlan_id are 2 to 4094, except for reserved values of 1002 to 1005.

     
    Step 4no shutdown


    Example: 
    Router(config-if)# no shutdown
     

    Enables the interface, changing its state from administratively down to administratively up.

     
    Step 5end


    Example: 
    Router(config-if)# end
     

    Exits configuration mode.

     
    What to Do Next

    For additional information, see the information at the following URL:

    http:/​/​www.cisco.com/​en/​US/​docs/​switches/​lan/​catalyst6500/​ios/​12.2SX/​configuration/​guide/​ layer2.html

    VLANs on the GE Port and GE ESW Port of Wireless APs

    Because the GE port is an internal interface that services only the embedded access point of the router, it cannot be configured only with the switchport access vlan X command, where X is other than 1. It may, however, be configured in trunk mode. This may be done by performing the following steps, beginning in global configuration mode.

    SUMMARY STEPS

      1.    interface type number

      2.    switchport mode trunk

      3.    switchport access vlan vlan_id


    DETAILED STEPS
       Command or ActionPurpose
      Step 1interface type number


      Example: 
      Router(config)# Interface gigabitethernet0
       

      Selects the Gigabit Ethernet port to configure.

       
      Step 2switchport mode trunk


      Example: 
      Router(config-if)# switchport mode trunk
       

      Places the port in trunk mode.

       
      Step 3switchport access vlan vlan_id


      Example: 
      Router(config-if)# switchport access vlan 2
       

      (Optional) Once the port is in trunk mode, it may be assigned a VLAN number other than 1.

       

      Configuring Layer 2 Interfaces

      For information on how to configure Layer 2 interfaces, see the following URL:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1047041

      The URL contains information on the following topics:

      • Configuring a range of interfaces
      • Defining a range macro
      • Configuring Layer 2 optional interface features

      Configuring 802.1x Authentication

      For information on how to configure 802.1x port-based authentication, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_4t/​12_4t11/​ht_​8021x.html

      The document contains information on the following topics:

      • Understanding the default 802.1x configuration
      • Enabling 802.1x authentication
      • Configuring the switch-to-RADIUS-server comunication
      • Enabling periodic reauthentication
      • Changing the quiet period
      • Changing the switch-to-client retransmission time
      • Setting the switch-to-client frame-retransmission number
      • Enabling multiple hosts
      • Resetting the 802.1x configuration to default values
      • Displaying 802.1x statistics and status

      Note

      When the ethernet switch port is configured with local session time out using the authentication timer reauthenticate seconds command, only the port will be reauthenticated for the authorized user. The user will not be prompted to a login page for central web authentication (CWA). If the user needs to be re-authenticated for central web authentication (CWA), use the authentication timer reauthenticate server seconds command.

      Configuring Spanning Tree Protocol

      For information on how to configure Spanning Tree Protocol, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1047906

      The document contains information on the following topics:

      • Enabling spanning tree
      • Configuring spanning tree port priority
      • Configuring spanning tree port cost
      • Configuring the bridge priority of a VLAN
      • Configuring the Hello Time
      • Configuring the forward-delay time for a VLAN
      • Configuring the maximum aging time for a VLAN
      • Disabling spanning tree

      Configuring MAC Table Manipulation

      For information on how to configure MAC table manipulation, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1048223

      The document contains information on the following topics:

      • Enabling known MAC address traffic
      • Creating a static entry in the MAC address table
      • Configuring the aging timer
      • Verifying the aging time

      Port Security

      The topic of enabling known MAC address traffic deals with port security. Port security can be either static or dynamic.

      Static port security allows the user to specify which devices are allowed access through a given switch port. The specification is done manually by placing allowed device MAC addresses in the MAC address table. Static port security is also known as MAC address filtering.

      Dynamic port security is similar. However, instead of specifying the MAC address of the devices, the user specifies the maximum number of devices that is allowed on the port. If the maximum number specified is more than the number of MAC addresses specified manually, the switch learns the MAC address automatically, up to the maximum specified. If the maximum number specified is less than the number of MAC addresess already specified statically, an error message is produced.

      The following command is used to specify static or dynamic port security.

      Command

      Purpose

      Router(config)# mac-address-table secure [mac-address | maximum maximum addresses] fastethernet interface-id [vlan vlan id]

      mac-address enables static port security. The maximum keyword enables dynamic port security.

      Configuring Cisco Discovery Protocol

      For information on how to configure Cisco Discovery Protocol (CDP), see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1048365

      The document contains information on the following topics:

      • Enabling CDP
      • Enabling CDP on an interface
      • Monitoring and maintaining CDP

      Configuring the Switched Port Analyzer

      For information on how to configure a switched port analyzer (SPAN) session, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1048473

      The document contains information on the following topics:

      • Configuring the SPAN sources
      • Configuring SPAN destinations
      • Verifying SPAN sessions
      • Removing sources or destinations from a SPAN session

      Configuring Power Management on the Interface

      For information on how to configure inline power for access points or Cisco IP phones, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1048551

      Configuring IP Multicast Layer 3 Switching

      For information on how to configure IP multicast Layer 3 switching, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1048610

      The document contains information on the following topics:

      • Enabling IP multicast routing globally
      • Enabling IP protocol-independent multicast (PIM) on Layer 3 interfaces
      • Verifying IP multicast Layer 3 hardware switching summary
      • Verifying the IP multicast routing table

      Configuring IGMP Snooping

      For information on how to configure IGMP snooping, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1048777

      The document contains information on the following topics:

      • Enabling or disabling IGMP snooping
      • Enabling IGMP immediate-leave processing
      • Statically configuring an interface to join a group
      • Configuring a multicast router port

      IGMP Version 3

      In support of the IGMPv3 feature in Cisco IOS Release 12.4(15)T, the groups and count keywords were added to the show ip igmp snooping command, and the output of the show ip igmp snooping command was modified to include global information about IGMP snooping groups. Use the show ip igmp snooping command with the groups keyword to display the multicast table learned by IGMP snooping for all VLANs, or the show ip igmp snooping command with the groups keyword, vlan-id keyword, and vlan-id argument to display the multicast table learned by IGMP snooping for a specific VLAN. Use the show ip igmp snooping command with the groups and count keywords to display the number of multicast groups learned by IGMP snooping.

      Configuring Per-Port Storm Control

      For information on how to configure per-port storm control, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1049009

      The document contains information on the following topics:

      • Enabling per-port storm-control
      • Disabling per-port storm-control

      Configuring Separate Voice and Data Subnets

      For information on how to configure separate voice and data subnets, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1049866

      Managing the Switch

      For information on management of the switch, see:

      http:/​/​www.cisco.com/​en/​US/​docs/​ios/​12_3t/​12_3t8/​feature/​guide/​esw_​cfg.html#wp1049978

      The document contains information on the following topics:

      • Adding Trap Managers
      • Configuring IP Information
      • Enabling Switch Port Analyzer
      • Managing the ARP Table
      • Managing the MAC Address Tables
      • Removing Dynamic Addresses
      • Adding Secure Addresses
      • Configuring Static Addresses
      • Clearing all MAC Address Tables

      Was this Document Helpful?

      FeedbackFeedback

      Contact Cisco