5.2 switch configuration

8/7/2019 5.2 Switch Configuration

1/21

1

Switching Basics andSwitching Basics and

Intermediate RoutingIntermediate Routing

SWITCHINGSWITCHING

CONFIGURATIONCONFIGURATION


2/21

2

STARTING THE SWITCHSTARTING THE SWITCH


3/21

3

Physical startup of the Catalyst switchPhysical startup of the Catalyst switch

- Central processing unit (CPU)- Random access memory (RAM),- An operating system several ports for the purpose

of connecting hosts- Specialized ports for the purpose of management


4/21

4

Switch LED Indicators: STATSwitch LED Indicators: STAT

Off No link

Solid Green Link operational

Flashing GreenPort is sending or receivingdata

Alternating Green/Amber Link fault

Solid Amber

Port is not forwarding becoz itwas disabled by managementor address violation, orblocked by spanning treeProtocol


5/21

5

Switch LED Indicators: FDUP,100Switch LED Indicators: FDUP,100

FDUPOff Port is operating in half-duplex

Green Port is operating in full-duplex

100

Off Port is operating at 10Mbps

Green Port is operating at 100Mbps


6/21

6

Verifying PortVerifying Port LedsLeds During Switch POSTDuring Switch POST

If the System LED is off but the switch is pluggedin, then POST is running.

If the System LED is green, then POST wassuccessful.

If the System LED is amber, then POST failed. POST failure is considered to be a fatal error.

The Port Status LEDs turn amber for about 30

seconds as the switch discovers the networktopology and searches for loops.

If the Port Status LEDs turn green, the switch has

established a link between the port and a target


7/21

7

Viewing InitialViewing Initial BootupBootup Output From The SwitchOutput From The Switch

Use a rollover cable to connect the console port onthe back of the switch to a COM port on the back of

the computer Start HyperTerminal on the computer

After the switch has booted and completed POST,

prompts for the System Configuration dialog arepresented


8/21

8

Examining Help In The Switch CLIExamining Help In The Switch CLI

Switch>?

Exec commands:

access-enable Create a temporary Access-List entryclear Reset functions

connect Open a terminal connection

disable Turn off privileged commands

disconnect Disconnect an existing network connection

enable Turn on privileged commandsexit Exit from the EXEC

help Description of the interactive help system

lock Lock the terminal

login Log in as a particular userlogout Exit from the EXEC

name-connection Name an existing network connection

ping Send echo messages

rcommand Run command on remote switch

--More--


9/21

9

Switch Command ModesSwitch Command Modes

The User EXEC mode is recognized by its ending in

a greater-than character (>). The commands available in User EXEC mode are limited

to those that change terminal settings, perform basictests, and display system information.

Privileged EXEC mode is also recognized by itsending in a pound-sign character (#).

The Privileged EXEC mode command set includes thosecommands allowed in User EXEC mode, as well as theconfigure command.

The configure command allows other command modes

to be accessed.


10/21

10

CONFIGURING THE SWITCH


11/21

11

Verifying The Catalyst Switch Default ConfigurationVerifying The Catalyst Switch Default Configuration

Show running-config

Show interface FastEthernet 0/1 Show vlan

Show flash ( or dir flash:)

Show version


12/21

12

Configuring The Catalyst SwitchConfiguring The Catalyst Switch

Note

Remove any existing VLAN information by deleting theVLAN database file vlan.dat from the flash directory

Erase the back up configuration file startup-config

Reload the switch

Catalyst 2900

Delete flash:vlan.dat

Erase startup-config

reload


13/21

13

Configuring The Catalyst Switch (cont)Configuring The Catalyst Switch (cont)

A switch should be given a hostname, and passwords shouldbe set on the console and vty lines

switch(config)#hostname ALSwitch

ALSwitch(config)#line console 0

ALSwitch(config-line)#login ALSwitch(config-line)#password consolepass

ALSwitch(config-line)#line vty 0 4

ALSwitch(config-line)#login

ALSwitch(config-line)#password telnetpass

ALSwitch(config-line)#^Z


14/21

14


To allow the switch to be accessible by Telnet andother TCP/IP applications, IP addresses and a

default gateway should be set

ALSwitch(config)#interface vlan 1

ALSwitch(config-if)#ip address 192.168.20.254255.255.255.0

ALSwitch(config)#ip default-gateway 192.168.20.1


15/21

15


The Fast Ethernet switch ports default to auto-

speed and auto-duplex

ALSwitch(config)#interface f0/1

ALSwitch(config-if)#duplex full

ALSwitch(config-if)#speed 100


16/21

16


Intelligent networking devices can provide a web-

based interface for configuration and managementpurposes

ALSwitch(config)#ip http server

Any additional software such as an applet, can bedownloaded to the browser from the switch


17/21

17

Managing The MAC Address TableManaging The MAC Address Table

ALSwitch#show mac-address-table

Dynamic Address Count: 2

Secure Address Count: 0Static Address (User-defined) Count: 0

System Self Address Count: 49

Total MAC addresses: 51

Maximum MAC addresses: 2048

Non-static Address Table:

Destination Address Address Type VLAN Destination Port

------------------- ------------ ---- --------------------0000.3951.b2e3 Dynamic 1 FastEthernet0/5

0201.0000.0000 Dynamic 1 FastEthernet0/5

ALSw itch#clear mac-address-table


18/21

18

Configuring Static MAC AddressesConfiguring Static MAC Addresses

It may be decided that it is desirable for a MACaddress to be permanently assigned to an interface

To set a static MAC address entry for a switch:

Switch(config)#mac-address-table staticinterface FastEthernetvlan

To remove this entry use the no form of the

command: Switch(config)#no mac-address-table static

interface FastEthernet

vlan


19/21

19

Configuring Port SecurityConfiguring Port Security

ALSwitch(config)#interface f0/2

ALSwitch(config-if)# switchport mode access

ALSwitch(config-if)#switchport port-security

ALSwitch(config-if)#switchport port-security maximum{maximum_addresses}

ALSwitch(config-if)# switchport port-security mac-

address sticky

ALSwitch(config-if)#switchport port-security violation{shutdown | restrict | protect}


20/21

20

Verifying Switch configurationVerifying Switch configuration

Show port-security [interfaceinterface-id][address]

Show interface [interface interface-id] [status]

Show run

Show start


21/21

21

SummarySummary

Monitoring switch activity and status using LED indicators

Examining the switch bootup output using HyperTerminal

Using the help features of the command line interface

Setting an IP address and default gateway for the switch toallow connection and management over a network

Setting interfaces for speed and duplex operation

Examining and managing the switch MAC address table

Configuring port security

Managing configuration files and IOS images

Performing password recovery on a switch

Upgrading the IOS of a switch

5.2 switch configuration

Documents