Configuring Smartports Macros

This chapter describes how to configure Smartports macros on the Cisco Industrial Ethernet 2000U Series (IE 2000U) and Connected Grid Switches, hereafter referred to as switch . This chapter includes the following sections:

Information About Smartports Macros

Smartports macros provide a convenient way to save and share common configurations. You can use Smartports macros to enable features and settings based on the location of a switch in the network and for mass configuration deployments across the network.

Each Smartports macro is a set of CLI commands. The switch software has a set of default macros. You can also create your own macros. Smartports macros do not contain new CLI commands; they are simply a group of existing CLI commands.

A macro can be user defined or system default (which cannot be edited by user).

Prerequisites

You must be familiar with the switch CLI commands.

Guidelines and Limitations

  • You can apply a macro globally or to a specific switch interface.
  • When creating a macro, do not use the exit or end commands or change the command mode by using interface interface-id . This could cause commands that follow exit , end , or interface interface-id to execute in a different command mode.
  • When creating a macro, all CLI commands should be in the same configuration mode.
  • When you apply a macro to an interface, the CLI commands within the macro are configured on the interface. The existing interface configurations are not lost.

The new commands are added to the interface and are saved in the running configuration file. This is helpful when applying an incremental configuration

  • If a command fails because of a syntax or a configuration error, the macro continues to apply the remaining commands. You can use the macro global trace macro-name global configuration command or the macro trace macro-name interface configuration command to apply and debug a macro to find any syntax or configuration errors.
  • When creating a macro that requires the assignment of unique values, use the parameter value keywords to designate values specific to the interface. Keyword matching is case sensitive. All matching occurrences of the keyword are replaced with the corresponding value. Any full match of a keyword, even if it is part of a larger string, is considered a match and is replaced by the corresponding value.
  • Macro names are case sensitive. For example, the commands macro name Sample-Macro and macro name sample-macro will result in two separate macros.
  • Some macros might contain keywords that require a parameter value. You can use the macro global apply macro-name ? global configuration command or the macro apply macro-name ? interface configuration command to display a list of any required values in the macro. If you apply a macro without entering the keyword values, the commands are invalid and are not applied.
  • If you modify a macro definition by adding or deleting commands, the changes are not reflected on the interface where the original macro was applied. You need to reapply the updated macro on the interface to apply the new or changed commands.
  • Some CLI commands are specific to certain interface types. If you apply a macro to an interface that does not accept the configuration, the macro fails the syntax or the configuration check, and the switch returns an error message.
  • Applying a macro to an interface range is the same as applying a macro to a single interface. When you use an interface range, the macro is applied sequentially to each interface within the range. If a macro command fails on one interface, it is still applied to the remaining interfaces.
  • When you apply a macro to a switch or a switch interface, the macro name is automatically added to the switch or interface. You can display the applied commands and macro names by using the show running-config user EXEC command.
  • When you apply a macro to a user network interface (UNI) or enhanced network interface (ENI), you must first enable the port. UNIs and ENIs are disabled by default.

Default Settings

There are no Smartports macros enabled on the switch. The system default macros are listed in Table 7-1 .

 

Table 7-1 Default Smartports Macros

Macro Name 1
Description
Global Configuration Macros

cisco-cg-global

Use this global configuration macro to configure the switch settings for the industrial Ethernet environment. This macro is automatically applied when you use Express Setup to initially configure the switch.

Note You must first apply the cisco-cg-global macro for the interface configuration macros to work properly.

cisco-cg-password

Use this global configuration macro to configure the password settings for the switch.

no-cisco-cg-password

Use the no form of this global configuration macro to delete the macro from the switch.

cisco-sniffer

Use this global configuration macro to configure SPAN functionality to analyze traffic on another port of the switch.

no-cisco-sniffer

Use the no form of this global configuration macro to delete the macro from the interface.
Interface Configuration Macros

cisco-cg-hmi

Use this interface configuration macro for increased network security and reliability when connecting a desktop device, such as a PC, to a switch port. This macro is optimized for utility deployments.

no-cisco-cg-hmi

Use the no form of this interface configuration macro to delete the macro from the switch.

cisco-cg-ied

Use this interface configuration macro when connecting the switch to an IED.

no-cisco-cg-ied

Use the no form of this interface configuration macro to delete the macro from the switch.

cisco-cg-router

Use this interface configuration macro when connecting the switch and a WAN router. This macro is optimized for utility deployments.

no-cisco-cg-router

Use the no form of this interface configuration macro to delete the macro from the switch.

cisco-cg-switch

Use this interface configuration macro when connecting a ring of switches. This macro is optimized for utility deployments.

no-cisco-cg-switch

Use the no form of this interface configuration macro to delete the macro from the switch.

cisco-cg-wireless

Use this interface configuration macro when connecting the switch and a wireless access point. This macro is optimized for utility deployments.

no-cisco-cg-wireless

Use the no form of this interface configuration macro to delete the macro from the switch.

cisco-desktop

Use this interface configuration macro for increased network security and reliability when connecting a desktop device, such as a PC, to a switch port. This macro is optimized for utility deployments.

no-cisco-desktop

Use the no form of this interface configuration macro to delete the macro from the interface.

1.Cisco-default Smartports macros vary, depending on the software version running on your switch.

Configuring Smartports Macros

This section includes the following topics:

Creating Smartports Macros

BEFORE YOU BEGIN

Review the “Guidelines and Limitations” section.

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

macro name macro-name

Create a macro definition, and enter a macro name. A macro definition can contain up to 3000 characters.

Enter the macro commands with one command per line. Use the @ character to end the macro. Use the # character at the beginning of a line to enter comment text within the macro.

(Optional) You can define keywords within a macro by using a help string to specify the keywords. Enter # macro keywords word to define the keywords that are available for use with the macro. Separated by a space, you can enter up to three help string keywords in a macro.

Macro names are case sensitive. For example, the commands macro name Sample-Macro and macro name sample-macro will result in two separate macros.

We recommend that you do not use the exit or end commands or change the command mode by using interface interface-id in a macro. This could cause any commands following exit , end , or interface interface-id to execute in a different command mode. For best results, all commands in a macro should be in the same configuration mode.

Step 3

end

Return to privileged EXEC mode.

Step 4

show parser macro name macro-name

Verify that the macro was created.

The no form of the macro name global configuration command only deletes the macro definition. It does not affect the configuration of those interfaces on which the macro is already applied.

EXAMPLE

This example shows how to create a macro that defines the switchport access VLAN and the number of secure MAC addresses and also includes two help string keywords by using # macro keywords :

Switch(config)# macro name test
switchport access vlan $VLANID
switchport port-security maximum $MAX
#macro keywords $VLANID $MAX
@

Applying Smartports Macros

BEFORE YOU BEGIN

Review the “Guidelines and Limitations” section.

DETAILED STEPS

 

Command
Purpose

Step 1

show parser macro

Display the Cisco-default Smartports macros embedded in the switch software.

Step 2

show parser macro name macro-name

Display the specific macro that you want to apply.

Step 3

configure terminal

Enter global configuration mode.

Step 4

macro global { apply | trace } macro-name [ parameter { value }] [ parameter { value }] [ parameter { value }]

Apply each individual command defined in the macro to the switch by entering macro global apply macro-name . Specify macro global trace macro-name to apply and to debug a macro to find any syntax or configuration errors.

Append the macro with the required values by using the parameter value keywords. Keywords that begin with $ require a unique parameter value.

You can use the macro global apply macro-name ? command to display a list of any required values for the macro. If you apply a macro without entering the keyword values, the commands are invalid and are not applied.

(Optional) Specify unique parameter values that are specific to the switch. You can enter up to three keyword-value pairs. Parameter keyword matching is case sensitive. The corresponding value replaces all matching occurrences of the keyword.

Step 5

interface interface-id

(Optional) Enter interface configuration mode, and specify the interface on which to apply the macro.

Step 6

default interface interface-id

(Optional) Clear all configuration from the specified interface.

Step 7

macro { apply | trace } macro-name [ parameter { value }] [ parameter { value }] [ parameter { value }]

Apply each individual command defined in the macro to the port by entering macro apply macro-name . Specify macro trace macro-name to apply and to debug a macro to find any syntax or configuration errors.

Append the macro with the required values by using the parameter value keywords. Keywords that begin with $ require a unique parameter value.

You can use the macro apply macro-name ? command to display a list of any required values for the macro. If you apply a macro without entering the keyword values, the commands are invalid and are not applied.

(Optional) Specify unique parameter values that are specific to the switch. You can enter up to three keyword-value pairs. Parameter keyword matching is case sensitive. The corresponding value replaces all matching occurrences of the keyword.

Step 8

end

Return to privileged EXEC mode.

Step 9

show running-config interface interface-id

Verify that the macro is applied to an interface.

Step 10

copy running-config startup-config

(Optional) Save your entries in the configuration file.

You can delete the cisco-cg-password and cisco-sniffer global macros on a switch by entering the no version of each command in the macro. The cisco-cg-global global macro does not have a no version. You can delete a macro-applied configuration on a port by entering the default interface interface-id interface configuration command.

EXAMPLE

This example shows how to display the cisco - desktop macro and how to set the access VLAN ID to 25 on an interface:

Switch# show parser macro name cisco-desktop
Macro name : cisco-desktop
Macro type : default interface
# Macro keywords $access_vlan
# macro description cisco-desktop
switchport access vlan $access_vlan
switchport port-security
switchport port-security maximum 1
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
port-type nni
spanning-tree portfast
spanning-tree bpduguard enable
 
Switch# configure terminal
Switch(config-if)# interface fastethernet 0/2
Switch(config-if)# macro trace cisco-desktop $access_vlan 25
Applying command... 'macro description cisco-desktop'
Applying command... 'switchport access vlan 25'
Applying command... 'switchport port-security'
Applying command... 'switchport port-security maximum 1'
Applying command... 'switchport port-security aging time 2'
Applying command... 'switchport port-security violation restrict'
Applying command... 'switchport port-security aging type inactivity'
Applying command... 'port-type nni'
Applying command... 'spanning-tree portfast'

Verifying Configuration

 

Command
Purpose

show parser macro

Displays all Smartports macros.

show parser macro name macro-name

Displays a specific Smartports macro.

show parser macro brief

Displays the Smartports macro names.

show parser macro description [ interface interface-id ]

Displays the Smartports macro description for all interfaces or for a specified interface.

Configuration Example

This example shows how to create a macro that defines the switchport access VLAN and the number of secure MAC addresses and also includes two help string keywords by using # macro keywords :

Switch(config)# macro name test
switchport access vlan $VLANID
switchport port-security maximum $MAX
#macro keywords $VLANID $MAX
@
 

This example shows how to display the cisco-desktop macro and how to set the access VLAN ID to 25 on an interface:

Switch# show parser macro name cisco-desktop
Macro name : cisco-desktop
Macro type : default interface
# Macro keywords $access_vlan
# macro description cisco-desktop
switchport access vlan $access_vlan
switchport port-security
switchport port-security maximum 1
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
port-type nni
spanning-tree portfast
spanning-tree bpduguard enable
 
Switch# configure terminal
Switch(config-if)# interface fastethernet 0/2
Switch(config-if)# macro trace cisco-desktop $access_vlan 25
Applying command... 'macro description cisco-desktop'
Applying command... 'switchport access vlan 25'
Applying command... 'switchport port-security'
Applying command... 'switchport port-security maximum 1'
Applying command... 'switchport port-security aging time 2'
Applying command... 'switchport port-security violation restrict'
Applying command... 'switchport port-security aging type inactivity'
Applying command... 'port-type nni'
Applying command... 'spanning-tree portfast'
 

Feature History

Platform
First Supported Release

IE 2000U

Cisco IOS Release 15.0(2)EH

CGS 2520

Cisco IOS Release 12.2(53)EX

Ethernet Switch Module (ESM) for CGR 2010

Cisco IOS Release 12.2(53)EX