Cisco N3KC3048TP1GE - Manuals

Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information,see the monthly What's New in Cisco Product Documentation , which also lists all new and revised Cisco technical documentation, at: ...

C H A P T E R 1 New and Changed Information for this Release The following table provides an overview of the significant changes to this guide for this current release.The table does not provide an exhaustive list of all changes made to the configuration guides or of the newfeatures in this release....

C H A P T E R 2 Overview This chapter contains the following sections: • Layer 2 Ethernet Switching Overview, page 3 • VLANs, page 3 • Private VLANs, page 4 • Spanning Tree , page 4 Layer 2 Ethernet Switching Overview The device supports simultaneous, parallel connections between Layer 2 Ethernet se...

All ports, including the management port, are assigned to the default VLAN (VLAN1) when the device firstcomes up. A VLAN interface, or switched virtual interface (SVI), is a Layer 3 interface that is created toprovide communication between VLANs. The devices support 4094 VLANs in accordance with the...

Cisco NX-OS for the Cisco Nexus 3000 Series uses the extended system ID and MAC address reduction;you cannot disable these features. Note In addition, Cisco has created some proprietary features to enhance the spanning tree activities. Rapid PVST+ Rapid PVST+ is the default spanning tree mode for th...

C H A P T E R 3 Configuring Ethernet Interfaces This chapter contains the following sections: • Information About Ethernet Interfaces, page 7 • Configuring Ethernet Interfaces, page 11 • Displaying Interface Information, page 21 • Displaying Input Packet Discard Information, page 23 • Default Physic...

The interface numbering convention is extended to support use with a Cisco Nexus 2000 Series Fabric Extenderas follows: switch(config)# interface ethernet [ chassis /] slot / port • Chassis ID is an optional entry to address the ports of a connected Fabric Extender. The chassis ID isconfigured on a ...

The following figure shows an example of a unidirectional link condition. Device B successfully receivestraffic from Device A on the port. However, Device A does not receive traffic from Device B on the sameport. UDLD detects the problem and disables the port. Figure 1: Unidirectional Link Default U...

In these cases, the UDLD aggressive mode disables one of the ports on the link, which prevents traffic frombeing discarded. About Interface Speed A Cisco Nexus 3000 Series switch has a number of fixed 10-Gigabit ports, each equipped with SFP+ interfaceadapters. About the Cisco Discovery Protocol The...

enabled, the interface status displays as err-disabled. Once an interface goes into the err-disabled state, youmust manually reenable it or you can configure an automatic timeout recovery value. The err-disabled detectionis enabled by default for all causes. The automatic recovery is not configured ...

Configuring the UDLD Mode You can configure normal or aggressive unidirectional link detection (UDLD) modes for Ethernet interfaceson devices configured to run UDLD. Before you can enable a UDLD mode for an interface, you must makesure that UDLD is already enabled on the device that includes the int...

This example shows how to disable UDLD for an Ethernet port: switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# udld disable This example shows how to disable UDLD for the switch: switch# configure terminal switch(config)# no feature udld Changing an Interface Port ...

switch(config)# hardware profile portmode 48x10g+4x40g Warning: This command will take effect only after saving the configuration and reload!Port configurations could get lost when port mode is changed!switch(config)# copy running-config startup-config switch(config)# reload WARNING: This command wi...

Purpose Command or Action This command can only be applied to a physical Ethernetinterface. The speed argument can be set to one of the following: • 10 Mbps • 100 Mbps • 1 Gbps • 10Gbps • automatic The following example shows how to set the speed for a 1-Gigabit Ethernet port: switch# configure term...

Purpose Command or Action Disables link negotiation on the selected Ethernetinterface (1-Gigabit port). switch(config-if)# no negotiate auto Step 3 (Optional)Enables link negotiation on the selected Ethernetinterface. The default for 1-Gigabit ports is enabled. switch(config-if)# negotiate auto Step...

Purpose Command or Action Use the no form of the command to return to its default setting. (Optional)Sets the transmission frequency of CDP updates in seconds.The range is 5 to 254; the default is 60 seconds. switch(config)# [ no ] cdp timer seconds Step 5 Use the no form of the command to return to...

Enabling the Error-Disabled Detection You can enable error-disable (err-disabled) detection in an application. As a result, when a cause is detectedon an interface, the interface is placed in an err-disabled state, which is an operational state that is similar tothe link-down state. Procedure Purpos...

Enabling the Error-Disabled Recovery You can specify the application to bring the interface out of the error-disabled (err-disabled) state and retrycoming up. It retries after 300 seconds, unless you configure the recovery timer (see the errdisable recovery interval command). Procedure Purpose Comma...

Procedure Purpose Command or Action Enters configuration mode. config t Example: switch# config t switch(config)# Step 1 Specifies the interval for the interface torecover from the err-disabled state. The range errdisable recovery interval interval Example: switch(config)# errdisable recovery interv...

Purpose Command or Action Specifies the description for the interface. switch(config-if)# description test Step 3 This example shows how to set the interface description to "Server 3 Interface." switch# configure terminal switch(config)# interface ethernet 1/3 switch(config-if)# description ...

Trunk encap. type: 802.1Q Channel: yes Broadcast suppression: percentage(0-100)Flowcontrol: rx-(off/on),tx-(off/on) Rate mode: none QOS scheduling: rx-(6q1t),tx-(1p6q0t) CoS rewrite: no ToS rewrite: no SPAN: yes UDLD: yes MDIX: no FEX Fabric: yes The following example shows how to display the physic...

+-----------------------------------------+-----------------+----------------+| Counter Description | Count | | +-----------------------------------------+-----------------+----------------+ IPv4 Discards 0 STP Discards 0 Policy Discards 100 ACL Drops 0 Receive Drops 0 Vlan Discards 33 +------------...

C H A P T E R 4 Configuring VLANs This chapter contains the following sections: • Information About VLANs, page 27 • Configuring a VLAN, page 30 Information About VLANs Understanding VLANs A VLAN is a group of end stations in a switched network that is logically segmented by function or application,...

the stations in the marketing department are assigned to another VLAN, and the stations in the accountingdepartment are assigned to another VLAN. Figure 2: VLANs as Logically Defined Networks VLANs are usually associated with IP subnetworks. For example, all the end stations in a particular IP subne...

When you delete a specified VLAN, the ports associated to that VLAN are shut down and no traffic flows.However, the system retains all the VLAN-to-port mapping for that VLAN, and when you reenable , or recreate, the specified VLAN, the system automatically reinstates all the original ports to that V...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Enters VLAN configuration submode. If the VLAN does notexist, the system first creates the specified VLAN. switch(config)# vlan { vlan-id | vlan-range } Step 2 Names the VLAN. You can enter up to 32 alph...

Purpose Command or Action Sets the access mode of the interface to thespecified VLAN. switch(config-if)# switchport access vlan vlan-id Step 3 This example shows how to configure an Ethernet interface to join VLAN 5: switch# configure terminal switch(config)# interface ethernet 1/13 switch(config-if...

What to Do Next You can configure routing protocols on this interface. Configuring a VLAN as a Management SVI You can configure a VLAN to be a management switch virtual interface (SVI). Procedure Purpose Command or Action Enters global configuration mode. configure terminal Step 1 Enables the creati...

VTP Traps Generation : Disabled MD5 Digest : 0xF5 0xF1 0xEC 0xE7 0x29 0x0C 0x2D 0x01 Configuration last modified by 60.10.10.1 at 0-0-00 00:00:00 VTP version running : 1 Verifying VLAN Configuration Use one of the following commands to verify the configuration: Purpose Command Displays VLAN informat...

C H A P T E R 5 Configuring Private VLANs This chapter contains the following sections: • Information About Private VLANs, page 37 • Guidelines and Limitations for Private VLANs, page 42 • Configuring a Private VLAN, page 42 • Verifying the Private VLAN Configuration, page 47 Information About Priva...

the associated promiscuous port in its primary VLAN. Hosts on community VLANs can communicate amongthemselves and with their associated promiscuous port but not with ports in other community VLANs. Figure 3: Private VLAN Domain You must first create the VLAN before you can convert it to a PVLAN, eit...

• Promiscuous port — A promiscuous port belongs to the primary VLAN. The promiscuous port can communicate with all interfaces, including the community and isolated host ports, that belong to thosesecondary VLANs associated to the promiscuous port and associated with the primary VLAN. You canhave sev...

The following figure shows the traffic flows within a PVLAN, along with the types of VLANs and types ofports. Figure 4: Private VLAN Traffic Flows The PVLAN traffic flows are unidirectional from the host ports to the promiscuous ports. Traffic receivedon primary VLAN enforces no separation and forwa...

For an association to be operational, the following conditions must be met: • The primary VLAN must exist and be configured as a primary VLAN. • The secondary VLAN must exist and be configured as either an isolated or community VLAN. Use the show vlan private-vlan command to verify that the associat...

• Configure selected interfaces connected to end stations as isolated ports to prevent any communication.For example, if the end stations are servers, this configuration prevents communication between theservers. • Configure interfaces connected to default gateways and selected end stations (for exa...

Configuring a VLAN as a Private VLAN To create a PVLAN, you first create a VLAN, and then configure that VLAN to be a PVLAN. Before You Begin Ensure that the PVLAN feature is enabled. Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Places you into the...

Configuring an Interface as a Private VLAN Host Port In PVLANs, host ports are part of the secondary VLANs, which are either community VLANs or isolatedVLANs. Configuring a PVLAN host port involves two steps. First, you define the port as a PVLAN host portand then you configure a host association be...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Selects the port to configure as a PVLANpromiscuous port. A physical interface is required.This port cannot be on a FEX. switch(config)# interface type slot / port Step 2 Configures the port as a promisc...

Configuring Native 802.1Q VLANs on Private VLANs You cannot perform this task because the Cisco Nexus 3000 Series device does not support Private VLANtrunk ports. Verifying the Private VLAN Configuration To display PVLAN configuration information, use the following commands: Purpose Command Displays...

C H A P T E R 6 Configuring Access and Trunk Interfaces This chapter contains the following sections: • Information About Access and Trunk Interfaces, page 49 • Configuring Access and Trunk Interfaces, page 53 • Verifying Interface Configuration, page 57 Information About Access and Trunk Interfaces...

The following figure shows how you can use trunk ports in the network. The trunk port carries traffic for twoor more VLANs. Figure 5: Devices in a Trunking Environment In order to correctly deliver the traffic on a trunk port with several VLANs, the device uses the IEEE 802.1Qencapsulation or taggin...

and packet belong. This method allows packets that are encapsulated for several different VLANs to traversethe same port and maintain traffic separation between the VLANs. The encapsulated VLAN tag also allowsthe trunk to move traffic end-to-end through the network on the same VLAN. Figure 6: Header...

Understanding the Native VLAN ID for Trunk Ports A trunk port can carry untagged packets simultaneously with the 802.1Q tagged packets. When you assign adefault port VLAN ID to the trunk port, all untagged traffic travels on the default port VLAN ID for the trunkport, and all untagged traffic is ass...

This feature is supported on all the directly connected Ethernet and EtherChannel interfaces of the CiscoNexus 3000 Series switch. You can enable the vlan dot1q tag native command by issuing the command in the global configuration mode. Note Configuring Access and Trunk Interfaces Configuring a LAN ...

Configuring Access Host Ports By using switchport host, you can make an access port a spanning-tree edge port, and enable bpdu filteringand bpdu guard at the same time. Before You Begin Ensure that you are configuring the correct interface; it must be an interface that is connnected to an endstation...

Purpose Command or Action Sets the interface as an Ethernet trunk port. A trunk port cancarry traffic in one or more VLANs on the same physical switch(config-if)# switchport mode { access | trunk } Step 3 link (VLANs are based on the trunk-allowed VLANs list).By default, a trunk interface can carry ...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Specifies an interface to configure, and enters interfaceconfiguration mode. switch(config)# interface { type slot / port | port-channel number } Step 2 Sets allowed VLANs for the trunk interface. The de...

Purpose Command or Action Enables dot1q (IEEE 802.1Q) tagging for all nativeVLANs on all trunked ports on the Cisco Nexus 3000Series switch. By default, this feature is disabled. switch(config)# vlan dot1q tag native Step 2 (Optional)Disables dot1q (IEEE 802.1Q) tagging for all nativeVLANs on all tr...

C H A P T E R 7 Configuring Switching Modes This chapter contains the following sections: • Information About Switching Modes, page 59 • Guidelines and Limitations for Switching Modes, page 60 • Licensing Requirements for Switching Modes, page 60 • Default Settings for Switching Modes, page 61 • Con...

Because it waits to forward the frame until the entire frame has been received and checked, the switchingspeed in store-and-forward switching mode is slower than the switching speed in cut-through switching mode. Guidelines and Limitations for Switching Modes Consider the following guidelines and li...

Default Settings for Switching Modes Cut-through switching is enabled by default. Configuring Switching Modes Enabling Store-and-Forward Switching Enabling store-and-forward switching mode might impact your port-to-port switching latency. Note Procedure Purpose Command or Action Enters global config...

Purpose Command or Action (Optional)Saves the change persistently through reboots andrestarts by copying the running configuration to thestartup configuration. switch(config)# copy running-config startup-config Step 3 This example shows how to reenable cut-through switching: switch# configure termin...

C H A P T E R 8 Configuring Rapid PVST+ This chapter contains the following sections: • Information About Rapid PVST+, page 63 • Configuring Rapid PVST+, page 78 • Verifying Rapid PVST+ Configurations, page 86 Information About Rapid PVST+ The Rapid PVST+ protocol is the IEEE 802.1w standard, Rapid ...

Multiple active paths between end stations cause loops in the network. If a loop exists in the network, endstations might receive duplicate messages and switches might learn end station MAC addresses on multipleLAN ports. These conditions result in a broadcast storm, which creates an unstable networ...

Extended System ID A 12-bit extended system ID field is part of the bridge ID. Figure 7: Bridge ID with Extended System ID The switches always use the 12-bit extended system ID. Combined with the bridge ID, the system ID extension functions as the unique identifier for a VLAN. Table 6: Bridge Priori...

• 36864 • 40960 • 45056 • 49152 • 53248 • 57344 • 61440 STP uses the extended system ID plus a MAC address to make the bridge ID unique for each VLAN. If another bridge in the same spanning tree domain does not run the MAC address reduction feature, itcould achieve root bridge ownership because its ...

Understanding Rapid PVST+ Rapid PVST+ Overview Rapid PVST+ is the IEEE 802.1w (RSTP) standard implemented per VLAN. A single instance of STP runson each configured VLAN (if you do not manually disable STP). Each Rapid PVST+ instance on a VLANhas a single root switch. You can enable and disable STP o...

Proposal and Agreement Handshake As shown in the following figure, switch A is connected to switch B through a point-to-point link, and all ofthe ports are in the blocking state. Assume that the priority of switch A is a smaller numerical value than thepriority of switch B. Figure 10: Proposal and A...

Protocol Timers The following table describes the protocol timers that affect the Rapid PVST+ performance. Table 7: Rapid PVST+ Protocol Timers Description Variable Determines how often each switch broadcasts BPDUsto other switches. The default is 2 seconds, and therange is from 1 to 10. Hello timer...

are always in the blocking state. Designated ports start in the blocking state. The port state controls the operationof the forwarding and learning processes. A port with the root or a designated port role is included in the active topology. A port with the alternate orbackup port role is excluded f...

• Forwards frames received from the attached segment. • Forwards frames switched from another port for forwarding. • Incorporates the end station location information into its address database. • Receives BPDUs and directs them to the system module. • Processes BPDUs received from the system module....

The switch is synchronized with superior root information received on the root port if all other ports aresynchronized. An individual port on the switch is synchronized if either of the following applies: • That port is in the blocking state. • It is an edge port (a port configured to be at the edge...

Processing Inferior BPDU Information An inferior BPDU is a BPDU with root information (such as a higher switch ID or higher path cost) that isinferior to what is currently stored for the port. If a designated port receives an inferior BPDU, it immediately replies with its own information. Spanning-T...

Long Path-cost Method of Port Cost Short Path-cost Method of PortCost Bandwidth 200,000 19 100 Mbps 20,000 4 1 Gigabit Ethernet 2,000 2 10 Gigabit Ethernet You can assign lower cost values to LAN interfaces that you want STP to select first and higher cost valuesto LAN interfaces that you want STP t...

BPDU version 0, the switch does not set the proposal flag and starts the forward-delay timer for the port. Thenew root port requires twice the forward-delay time to transition to the forwarding state. The switch interoperates with legacy 802.1D switches as follows: • Notification — Unlike 802.1D BPD...

Changing the spanning tree mode disrupts traffic because all spanning tree instances are stopped for theprevious mode and started for the new mode. Note Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Enables Rapid PVST+ on the switch. Rapid PVST+ is ...

Purpose Command or Action Do not disable spanning tree on a VLAN unless all switchesand bridges in the VLAN have spanning tree disabled. Youcannot disable spanning tree on some of the switches andbridges in a VLAN and leave it enabled on other switchesand bridges. This action can have unexpected res...

With the switch configured as the root bridge, do not manually configure the hello time, forward-delaytime, and maximum-age time using the spanning-tree mst hello-time , spanning-tree mst forward-time , and spanning-tree mst max-age configuration commands. Note Procedure Purpose Command or Action En...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Configures a software switch as the secondary rootbridge. The vlan-range value can be 2 through 4094 switch(config)# spanning-tree vlan vlan-range root secondary [ diameter dia [ hello-time hello-time ]]...

Configuring the Rapid PVST+ Pathcost Method and Port Cost On access ports, you assign port cost by the port. On trunk ports, you assign the port cost by VLAN; you canconfigure the same port cost on all the VLANs on a trunk. In Rapid PVST+ mode, you can use either the short or long pathcost method, a...

Be careful when using this configuration. For most situations, we recommend that you configure theprimary root and secondary root to modify the bridge priority. Note Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Configures the bridge priority of a V...

Configuring the Rapid PVST+ Forward Delay Time for a VLAN You can configure the forward delay time per VLAN when using Rapid PVST+. Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Configures the forward delay time of a VLAN. Theforward delay time valu...

If you set the link to shared, STP moves back to 802.1D. Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Specifies the interface to configure, and enters the interfaceconfiguration mode. switch(config)# interface type slot / port Step 2 Configures the...

C H A P T E R 9 Configuring Multiple Spanning Tree This chapter contains the following sections: • Information About MST, page 89 • Configuring MST, page 97 • Verifying MST Configurations, page 112 Information About MST MST Overview Spanning tree is used to refer to IEEE 802.1w and IEEE 802.1s. If t...

You must enable MST; Rapid PVST+ is the default spanning tree mode. Note MST Regions To allow switches to participate in MST instances, you must consistently configure the switches with thesame MST configuration information. A collection of interconnected switches that have the same MST configuratio...

MST Configuration Information The MST configuration that must be identical on all switches within a single MST region is configured bythe user. You can configure the following three parameters of the MST configuration: • Name — 32-character string, null padded and null terminated, identifying the MS...

The following figure shows a network with three MST regions and an 802.1D switch (D). The CIST regionalroot for region 1 (A) is also the CIST root. The CIST regional root for region 2 (B) and the CIST regionalroot for region 3 (C) are the roots for their respective subtrees within the CIST. Figure 1...

• The CIST external root path cost is the cost to the CIST root. This cost is left unchanged within an MSTregion. An MST region looks like a single switch to the CIST. The CIST external root path cost is theroot path cost calculated between these virtual switches and switches that do not belong to a...

Port Cost and Port Priority Spanning tree uses port costs to break a tie for the designated port. Lower values indicate lower port costs,and spanning tree chooses the least costly path. Default port costs are taken from the bandwidth of the interface,as follows: • 10 Mbps — 2,000,000 • 100 Mbps — 20...

Interoperability with Rapid PVST+: Understanding PVST Simulation MST interoperates with Rapid PVST+ with no need for user configuration. The PVST simulation featureenables this seamless interoperability. PVST simulation is enabled by default. That is, by default, all interfaces on the switch interop...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Enables MST on the switch. switch(config)# spanning-tree mode mst Step 2 (Optional)Disables MST on the switch and returns youto Rapid PVST+. switch(config)# no spanning-tree mode mst Step 3 This example ...

Purpose Command or Action • Synchronize primary and secondary VLANs in privateVLANs switch(config-mst)# exit or switch(config-mst)# abort Step 3 • The first form commits all the changes and exits MSTconfiguration mode. • The second form exits the MST configuration modewithout committing any of the c...

Specifying the MST Configuration Revision Number You configure the revision number on the bridge. For two or more bridges to be in the same MST region,they must have the identical MST name, VLAN-to-instance mapping, and MST revision number. Procedure Purpose Command or Action Enters configuration mo...

Mapping and Unmapping VLANs to MST Instances When you change the VLAN-to-MSTI mapping, the system restarts MST. Caution You cannot disable an MSTI. Note For two or more bridges to be in the same MST region, they must have the identical MST name,VLAN-to-instance mapping, and MST revision number. Proc...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Enters MST configuration submode. switch(config)# spanning-tree mst configuration Step 2 Automatically maps all secondary VLANs to thesame MSTI and their associated primary VLANfor all private VLANs. swi...

Purpose Command or Action (Optional)Returns the switch priority, diameter, and hello-time to defaultvalues. switch(config)# no spanning-tree mst instance-id root Step 3 This example shows how to configure the switch as the secondary root switch for MSTI 5: switch# configure terminal switch(config)# ...

Configuring the Port Cost The MST path cost default value is derived from the media speed of an interface. If a loop occurs, MST usesthe cost when selecting an interface to put in the forwarding state. You can assign lower cost values to interfacesthat you want selected first and higher cost to inte...

Exercise care when using this command. For most situations, we recommend that you enter the spanning-tree mst root primary and the spanning-tree mst root secondary global configuration commands to modify the switch priority. Note Procedure Purpose Command or Action Enters configuration mode. switch#...

Purpose Command or Action messages by the root bridge. These messages mean that theswitch is alive. For seconds , the range is from 1 to 10, and the default is 2 seconds. This example shows how to configure the hello time of the switch to 1 second: switch# configure terminal switch(config)# spanning...

Purpose Command or Action Configures the maximum-aging time for all MST instances.The maximum-aging time is the number of seconds that a switch(config)# spanning-tree mst max-age seconds Step 2 switch waits without receiving spanning tree configurationmessages before attempting a reconfiguration. Fo...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Disables all interfaces on the switch from automaticallyinteroperating with connected switch that is running in Rapid switch(config)# no spanning-tree mst simulate pvst global Step 2 PVST+ mode. The defa...

Procedure Purpose Command or Action Restarts MST on entire switch orspecified interfaces. switch# clear spanning-tree detected-protocol [ interface interface [ interface-num | port-channel ]] Step 1 This example shows how to restart MST on the Ethernet interface on slot 2, port 8: switch# clear span...

C H A P T E R 10 Configuring STP Extensions This chapter contains the following sections: • About STP Extensions, page 113 About STP Extensions Cisco has added extensions to STP that make convergence more efficient. In some cases, even though similarfunctionality may be incorporated into the IEEE 80...

If you configure a port connected to another switch as an edge port, you might create a bridging loop. Note Spanning Tree Network Ports Network ports are connected only to switches or bridges. Configuring a port as "network" while BridgeAssurance is enabled globally, enables Bridge Assurance...

interface signals an invalid configuration, such as the connection of an unauthorized host or switch. BPDUGuard, when enabled globally, shuts down all spanning tree edge ports when they receive a BPDU. BPDU Guard provides a secure response to invalid configurations, because you must manually put the...

BPDU Filtering State STP Edge PortConfiguration BPDU Filtering GlobalConfiguration BPDU Filtering Per PortConfiguration Enable BPDUs arenever sent andif received,they do nottrigger theregular STPbehavior - usewith caution. Caution Enabled/Disabled Enabled/Disabled Enable Understanding Loop Guard Loo...

put into a root-inconsistent (blocked) state. After the port stops send superior BPDUs, the port is unblockedagain. Through STP, the port moves to the forwarding state. Recovery is automatic. Root Guard enabled on an interface applies this functionality to all VLANs to which that interface belongs. ...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Configures all interfaces as edge ports. This assumes all ports areconnected to hosts/servers. Edge ports immediately transition to switch(config)# spanning-tree port type edge default Step 2 the forward...

A port connected to a host that is configured as a network port automatically moves into the blockingstate. Note Before You Begin Ensure that STP is configured. Ensure that the interface is connected to switches or routers. Procedure Purpose Command or Action Enters configuration mode. switch# confi...

Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Enables BPDU Guard by default on all spanningtree edge ports. By default, global BPDU Guardis disabled. switch(config)# spanning-tree port type edge bpduguard default Step 2 This example shows how to ena...

Purpose Command or Action This example shows how to explicitly enable BPDU Guard on the Ethernet edge port 1/4: switch# configure terminal switch (config)# interface ethernet 1/4 switch(config-if)# spanning-tree bpduguard enable switch(config-if)# no spanning-tree bpduguard Enabling BPDU Filtering G...

Enabling BPDU Filtering on Specified Interfaces You can apply BPDU Filtering to specified interfaces. When enabled on an interface, that interface does notsend any BPDUs and drops all BPDUs that it receives. This BPDU Filtering functionality applies to the entireinterface, whether trunking or not. B...

This example shows how to explicitly enable BPDU Filtering on the Ethernet spanning tree edge port 1/4: switch# configure terminal switch (config)# interface ethernet 1/4 switch(config-if)# spanning-tree bpdufilter enable Enabling Loop Guard Globally You can enable Loop Guard globally by default on ...

Before You Begin Ensure that STP is configured. Ensure that you are configuring Loop Guard on spanning tree normal or network ports. Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Specifies the interface to configure, and enters the interfaceconfigur...

C H A P T E R 11 Configuring LLDP This chapter contains the following sections: • Configuring Global LLDP Commands, page 127 • Configuring Interface LLDP Commands, page 129 Configuring Global LLDP Commands You can set global LLDP settings. These settings include the length of time before discarding ...

This example shows how to configure the global LLDP hold time to 200 seconds: switch# configure terminal switch(config)# lldp holdtime 200 switch(config)# This example shows how to to enable LLDP to send or receive the management address TLVs: switch# configure terminal switch(config)# lldp tlv-sele...

C H A P T E R 12 Configuring the MAC Address Table This chapter contains the following sections: • Information About MAC Addresses, page 131 • Configuring MAC Addresses, page 131 • Verifying the MAC Address Configuration, page 133 Information About MAC Addresses To switch frames between LAN ports, t...

You can also configure a static MAC address in interface configuration mode or VLAN configurationmode. Note Procedure Purpose Command or Action Enters configuration mode. switch# configure terminal Step 1 Specifies a static address to add to the MACaddress table. switch(config-)# mac-address-table s...

Purpose Command or Action The seconds range is from 0 to 1000000. The default is 300 seconds. Entering the value 0 disables the MAC aging. If aVLAN is not specified, the aging specification applies to allVLANs. This example shows how to set the aging time for entries in the MAC address table to 1800...

C H A P T E R 13 Configuring IGMP Snooping This chapter contains the following sections: • Information About IGMP Snooping, page 135 • Configuring IGMP Snooping Parameters, page 138 • Verifying IGMP Snooping Configuration, page 141 Information About IGMP Snooping The IGMP snooping software examines ...

The following figure shows an IGMP snooping switch that is located between the host and the IGMP router.The IGMP snooping switch snoops the IGMP membership reports and leave messages and forwards themonly when necessary to the connected IGMP routers. Figure 18: IGMP Snooping Switch The switch suppor...

Configuring IGMP Snooping Parameters To manage the operation of the IGMP snooping process, you can configure the optional IGMP snoopingparameters described in the following table. Table 11: IGMP Snooping Parameters Description Parameter Enables IGMP snooping on a per-VLAN basis. Thedefault is enable...

switch(config-vlan)# ip igmp snooping fast-leave switch(config-vlan)# ip igmp snooping report-suppression switch(config-vlan)# ip igmp snooping mrouter interface ethernet 1/10 switch(config-vlan)# ip igmp snooping static-group 230.0.0.1 interface ethernet 1/10 switch(config-vlan)# end Verifying IGMP...

C H A P T E R 14 Configuring Traffic Storm Control This chapter contains the following sections: • Information About Traffic Storm Control, page 143 • Traffic Storm Guidelines and Limitations, page 144 • Configuring Traffic Storm Control, page 145 • Traffic Storm Control Example Configuration, page ...

The following figure shows the broadcast traffic patterns on an Ethernet interface during a specified timeinterval. In this example, traffic storm control occurs between times T1 and T2 and between T4 and T5. Duringthose intervals, the amount of broadcast traffic exceeded the configured threshold. F...

Verifying Traffic Storm Control Configuration To display traffic storm control configuration information, perform one of these tasks: Purpose Command Displays the traffic storm control configuration forthe interfaces. Traffic storm control uses a 10-microsecondinterval that can affect the operation ...

I N D E X 802.1Q VLANs 47, 56 configuring 56 private VLANs 47 A aging time, configuring 132 MAC table 132 B blocking state, STP 73 BPDU guard 114 bridge ID 64 broadcast storms 143 broadcast traffic 27 VLANs 27 C changed information 1 description 1 CIST regional root 92 CIST root 93 community ports 3...