- Preface
- Software Licensing
- The Cisco IOS command-line interface (CLI)
- Configuring Interfaces
- Switch Alarms
- Initial Switch Configuration (IP address assignments and DHCP autoconfiguration)
- How to Setup and Use the Cisco Configuration Engine
- How to Create and Manage Switch Clusters
- Performing Switch Administration
- Configuring Precision Time Protocol (PTP)
- Configuring PROFINET
- Common Industrial Protocol (CIP)
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- MACsec
- Web-Based Authentication
- Configuring Smartports Macros
- Configuring SGACL Monitor Mode and SGACL Logging
- Configuring SGT Exchange Protocol over TCP (SXP) and Layer 3 Transport
- Configuring VLANs
- VLAN Trunking Protocol (VTP)
- Configuring Voice VLAN
- How to Configure Spanning Tree Protocol (STP)
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Resilient Ethernet Protocol
- Configuring the FlexLinks and the MAC Address-Table Move Update
- Configuring DHCP
- Dynamic Address Resolution Protocol (ARP)
- Configuring IP Source Guard
- How to Configure Internet Group Management Protocol (IGMP) and Multicast VLAN Registration (MVR)
- Configuring Port-Based Traffic Control
- Configuring LLDP, LLDP-MED, and Wired Location Service
- Configuring SPAN and RSPAN
- One-to-one (1:1) Layer 2 Network Address Translation (NAT)
- How to Configure CDP
- Configuring UniDirectional Link Detection (UDLD)
- Configuring RMON
- Configuring System Message Logging
- Configuring Simple Network Management Protocol (SNMP)
- Network Security with ACLs
- Configuring Quality of Service (QoS)
- Configuring Static IP Unicast Routing
- Configuring IPv6 Host Functions
- Configuring Link State Tracking
- Configuring IP multicast routing
- Configuring Multicast Source Discovery Protocol (MSDP)
- Configuring Multicast Listener Discovery (MLD) snooping
- Configuring HSRP and VRRP
- Configuring IPv6 access control lists (ACLs)
- Configuring Embedded Event Manager (EEM)
- IP Unicast Routing
- IPv6 Unicast Routing
- Unicast Routing Overview
- Configuring Cisco IOS IP SLAs Operations
- Configuring Dying-Gasp
- How to Configure Enhanced Object Tracking
- Configuring MODBUS TCP
- Configuring Ethernet CFM
- Working with the Flash File System
- How to Configure EtherChannels
- Troubleshooting
- How to use a Secure Digital (SD) flash memory module (SD card)
Configuration Overview
Note: The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.
Feature Availability
Unless otherwise indicated, all features and configurations in this guide are supported beginning with release 15.2(2)EA for the IE-4000, 15.2(2)EB for the IE-5000 and in release 15.2(4)EC for the IE-4010. Where new features or support for existing features was added after these releases, detailed release information will be indicated in the Feature History Table for that feature.
Feature availability varies depending on your license. For more information about licenses and available features, refer to the datasheet: http://www.cisco.com/c/en/us/products/switches/industrial-ethernet-5000-series-switches/datasheet-listing.html
http://www.cisco.com/c/en/us/products/switches/industrial-ethernet-4010-series-switches/datasheet-listing.html
http://www.cisco.com/c/en/us/products/switches/industrial-ethernet-4000-series-switches/datasheet-listing.html
Feature Software Licensing
Software Licensing is now simplified with the introduction of right-to-use (RTU) licensing. This allows you to order and activate a specific license type and level via command line. Uploading an extra license file is no longer necessary.
Note: Upgrading to the IP Services feature set requires the purchase of one of the following licenses (product IDs listed):
The IE-5000 uses " L-IE5000-RTU= " and IE-4000 and IE-4010 use " L-IE4000-RTU= " to upgrade to IP Services.
Right to Use Licenses
The introduction of right-to-use (RTU) licensing allows you to order and activate a specific license type and level via command line. Uploading an extra license file is no longer necessary.
LanBase images provide basic Layer2 functionality, including:
Defaults
Configuring RTU Licenses
Displaying License Information
To determine which license is running on your device, do the following:
■Enter the show version privileged EXEC command. The first line of output indicates the image, such as LANBASE.
■Enter the show license privileged EXEC command, to see which is the active image:
ipservices license
To activate a Permanent Right-To-Use ipservices license, use the following command:
IE5000#license right-to-use activate ipservices
PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR
LICENSE KEY PROVIDED FOR ANY CISCO PRODUCT FEATURE OR USING SUCH
PRODUCT FEATURE CONSTITUTES YOUR FULL ACCEPTANCE OF THE FOLLOWING
TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT WILLING TO BE BOUND
BY ALL THE TERMS SET FORTH HEREIN.
Use of this product feature requires an additional license from Cisco, together
with an additional payment. You may use this product feature subject to the
Cisco end user license agreement
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,
together with any supplements relating to such product feature.
It is your responsibility to make payment to Cisco for your use of the
product feature if not already licensed to do so. Your acceptance
of this agreement for the software features on one product shall be deemed
your acceptance with respect to all such software on all Cisco products you
purchase which includes the same software. (The foregoing notwithstanding, you must
purchase a license for each software feature you use, so that if you enable
a software feature on 1000 devices, you must purchase 1000 licenses for use.)
This license may be transferrable from another Cisco device of the same model
for the same functionality if such license already is owned.
Activation of the software command line interface will be evidence of your acceptance
Activated Permanent Right-To-Use ipservices license
Ease-of-Deployment and Ease-of-Use Features
■Express Setup for quickly configuring a switch for the first time with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a browser-based program.
■User-defined and Cisco-default Smartports macros for creating custom switch configurations for simplified deployment across the network.
■A removable SD flash card that stores the Cisco IOS software image and configuration files for the switch. You can replace and upgrade the switch without reconfiguring the software features.
■An embedded Device Manager GUI for configuring and monitoring a single switch through a web browser. For more information about Device Manager, see the switch online help.
Performance Features
■Autosensing of port speed and autonegotiation of duplex mode on all switch ports for optimizing bandwidth
■Automatic medium-dependent interface crossover (auto-MDIX) capability on 10/100 and 10/100/1000 Mb/s interfaces and on 10/100/1000 BASE-TX SFP module interfaces that enables the interface to automatically detect the required cable connection type (straight-through or crossover) and to configure the connection appropriately
■Support for up to 1546 bytes routed frames, up to 9000 bytes for frames that are bridged in hardware, and up to 2000 bytes for frames that are bridged by software
■IEEE 802.3x flow control on all ports (the switch does not send pause frames)
■Support for up to 10 EtherChannel groups
■Port Aggregation Protocol (PAgP) and Link Aggregation Control Protocol (LACP) for automatic creation of EtherChannel links
■Per-port storm control for preventing broadcast, multicast, and unicast storms
■Port blocking on forwarding unknown Layer 2 unknown unicast, multicast, and bridged broadcast traffic
■Cisco Group Management Protocol (CGMP) server support and Internet Group Management Protocol (IGMP) snooping for IGMP Versions 1, 2, and 3:
–(For CGMP devices) CGMP for limiting multicast traffic to specified end stations and reducing overall network traffic
–(For IGMP devices) IGMP snooping for forwarding multimedia and multicast traffic
■IGMP report suppression for sending only one IGMP report per multicast router query to the multicast devices (supported only for IGMPv1 or IGMPv2 queries)
■IGMP snooping querier support to configure switch to generate periodic IGMP general query messages
■IGMP helper to allow the switch to forward a host request to join a multicast stream to a specific IP destination address
■IGMP filtering for controlling the set of multicast groups to which hosts on a switch port can belong
■IGMP throttling for configuring the action when the maximum number of entries is in the IGMP forwarding table
■IGMP leave timer for configuring the leave latency for the network
■Switch Database Management (SDM) templates for allocating system resources to maximize support for user-selected features such as lanbase-routing, ipv6 routing.
■Cisco IOS IP Service Level Agreements (SLAs), a part of Cisco IOS software that uses active traffic monitoring for measuring network performance
■Configurable small-frame arrival threshold to prevent storm control when small frames (64 bytes or less) arrive on an interface at a specified rate (the threshold)
■FlexLink Multicast Fast Convergence to reduce the multicast traffic convergence time after a FlexLink failure
■RADIUS server load balancing to allow access and authentication requests to be distributed evenly across a server group
■Support for QoS marking of CPU-generated traffic and queue CPU-generated traffic on the egress network ports
Management Options
■An embedded Device Manager—Device Manager is a GUI application that is integrated in the software image. You use it to configure and to monitor a single switch. For more information about Device Manager, see the switch online help.
■Network Assistant—Network Assistant is a network management application that can be downloaded from Cisco.com. You use it to manage a single switch, a cluster of switches, or a community of devices. For more information about Network Assistant, see Getting Started with Cisco Network Assistant, available at software.cisco.com/download/.
■Prime Infrastructure—Cisco Prime Infrastructure simplifies the management of wireless and wired networks. It offers Day 0 and 1 provisioning, as well as Day N assurance from the branch to the data center. We call it One Management. With this single view and point of control, you can reap the benefits of One Management across both network and compute.
■CLI—The Cisco IOS software supports desktop- and multilayer-switching features. You can access the CLI either by connecting your management station directly to the switch console port or by using Telnet from a remote management station.
■SNMP—SNMP management applications such as CiscoWorks2000 LAN Management Suite (LMS) and HP OpenView. You can manage from an SNMP-compatible management station that is running platforms such as HP OpenView or SunNet Manager. The switch supports a comprehensive set of MIB extensions and four remote monitoring (RMON) groups. For more information about using SNMP, see Configuring SNMP
■Cisco IOS Configuration Engine (previously known as the Cisco IOS CNS agent)—Configuration service automates the deployment and management of network devices and services. You can automate initial configurations and configuration updates by generating switch-specific configuration changes, sending them to the switch, executing the configuration change, and logging the results.
For more information about CNS, see Configuring Cisco IOS Configuration Engine
Industrial Application
■CIP—Common Industrial Protocol (CIP) is a peer-to-peer application protocol that provides application level connections between the switch and industrial devices such as I/O controllers, sensors, relays, and so forth.You can manage the switch using RSlogix/RSlinx then monitor the CIP functionality via IOS command lines or Web based Device Manager.
■Profinet Version 2—Support for PROFINET IO, a modular communication framework for distributed automation applications. The embedded Profinet GSD file allows user to bring up Cisco IE switch using Siemens STEP7 or TIA Portal software then monitor the functionality via command line or Web based Device Manger.
Default Settings After Initial Switch Configuration
The switch is designed for plug-and-play operation, requiring only that you assign basic IP information to the switch and connect it to the other devices in your network. If you have specific network needs, you can change the interface-specific and system-wide settings.
Note: For information about assigning an IP address by using the CLI-based setup program, see the hardware installation guide.
If you do not configure the switch at all, the switch operates with these default settings:
Note: For more information about the following default settings, see the corresponding sections of this guide.
■Default switch IP address, subnet mask, and default gateway is 0.0.0.0.
■Default domain name is not configured.
■DHCP client is enabled, the DHCP server is enabled, and the DHCP relay agent is enabled.
■System name and prompt is Switch.
■The standard HTTP server and Secure Socket Layer (SSL) HTTPS server are both enabled.
–Interface speed and duplex mode is autonegotiate.
–VLAN trunking setting is dynamic auto (DTP).
–Trunk encapsulation is negotiate.
■STP, PVST+ is enabled on VLAN 1.
■Optional spanning-tree features are disabled.
■FlexLinks are not configured.
■DHCP server port-based address allocation is disabled.
■Dynamic ARP inspection is disabled on all VLANs.
■IGMP snooping is enabled. No IGMP filters are applied.
■IGMP throttling setting is deny.
■The IGMP snooping querier feature is disabled.
–Broadcast, multicast, and unicast storm control is disabled.
–No protected ports are defined.
–Unicast and multicast traffic flooding is not blocked.
–No secure ports are configured.
■Syslog messages are enabled and appear on the console.