The following is a brief description of the configuration steps of 5505:
1. Supervisor Engine Software Configuration:
First, the Supervisor Engine Module needs an in-band (sc0) interface IP address, which is a manageable address and can be managed by telnet or SNMP for 5505. There is also an SLIPsl0 interface, which is not commonly used and is not described here.
The default IP address of sc0 is 0.0.0.0, which belongs to vlan1. VLAN1 is the default VLAN of 5505. All ports belong to vlan1.
The configuration is as follows, for example:
Console> (enable) set interface sc0 ip_addr netmask
Console> (enable) set interface sc0 vlan_num
The second is the default gateway settings: 5505 three gateways can be set, two of which are redundant gateways.
For example, Console> (enable) set ip route default gateway [primary]
Set Static Routing: for example, Console> (enable) set ip route destination gateway
[Metric]
2. Configure Fast EtherChannel:
Fast EtherChannel provides a bandwidth of up to Mbps. Fast EtherChannel is composed of two or four Fast Ethernet ports with the Fast EtherChannel function, the modes of these channels include on, off, auto, and desirable. The port that makes up the channel should be a continuous port. The configuration is as follows:
Console> (enable) set port channel mod_num/ports {on | off | auto |
Desirable}
Console> (enable) show port channel
3. STP Configuration:
In 5505, the default STP configuration is activated, and you can only enable or disable all VLANs, but not for a certain VLAN. By setting the priority of each port, you can share the load of the same link. Common commands are as follows:
Console> (enable) set spantree enable [vlan]
Console> (enable) set spantree portpri mod_num/port_num priority [vlans]
Console> (enable) set spantree portvlanpri mod_num/port_num priority
[Vlans]
Console> (enable) set spantree disable [vlan]
Console> (enable) show spantree [mod_num/port_num]
4. VTP (VLAN Trunk Protocol) Configuration:
A VTP domain is composed of vswitches with the same domain name. When configuring a VLAN, you must determine whether to use VTP in the network. A VTP domain manages L2 information, that is, VLAN information, such as VLAN addition, deletion, and renaming. These information is broadcast in the domain through the trunk link. There are three VTP modes: Server, Client, and Transparent. Each vswitch can only have one VTP mode.
In Server mode, you can configure the VALN information on a vswitch, such as adding or deleting VLANs. The VTP Server broadcasts the information to other vswitches in the domain through the trunk link to synchronize VLAN information. The default VTP mode on the vswitch is Server.
In Client mode, a vswitch can only receive VLAN information from The VTP Server without modifying any VLAN information. You can only add the VALN created by the VTP Server.
In Transparent mode, a vswitch does not participate in VLAN information exchange in the VTP domain, that is, it does not send or receive VLAN information. You can set any information of valn on the vswitch. In VTP VERSION2, the switch can broadcast the VTP broadcast it receives from the trunk link. The VTP configuration is as follows:
Console> (enable) set vtp domain name
Console> (enable) set vtp mode [server | Client | Transparent]
Console> (enable) show vtp domain
VTP Pruning:
VTP Pruning can reduce the number of broadcasts to increase the bandwidth. There are many broadcast packets, multi-object broadcast packets, and non-broadcast packets in the network. They are connected to all vswitches in the domain through the trunk link, occupying a large amount of bandwidth. VTP Pruning can effectively reduce the number of packets broadcast. VTP Pruning is supported in Supervisor Engine Software release 2.3 and later versions.
5. Configure VLAN:
Console> (enable) set vlan vlan_num [name]
Console> (enable) show vlan vlan_num
Console> (enable) set vlan vlan_num mod_num/port_num
Console> (enable) show vlan vlan_num
Console> (enable) show port [mod_num/port_num]
6. Configure VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports:
VLAN Trunk is used for interconnection between switches. You can set the Trunk on the Fast Ethernet and Gigabit Ethernet ports or on the Fast or Gigabit EtherChannel bundle, and use DTPDynamic Trunking Protocol as the Port of the tr unk) the protocol can also be used) for negotiation.
VLAN Trunk has five modes and two kinds of encapsulation:
Five modes: on, off, desirable, auto, nonegotiate
Two packages are available: ISL and 802.1Q.
In addition, when the Trunk is configured, all VLANs are added to the Trunk. You can add or delete the VALN in the Trunk, but you cannot delete the default VLAN (VLAN1 ).
The configuration is as follows:
Console> (enable) set trunk mod_num/port_num {on |
Desirable | auto} {isl | dot1q | negotiate}
Console> (enable) show trunk
7. Configure VMPS (VLAN Management Policy Server ):
With VMPS, the switch port can dynamically add VLANs Based on the MAC address of the host connected to this port. When VMPS is activated, the VMPS Server downloads a MAC address-to-vlan database ing database from the TFTP Server and starts to respond to the VMPS Client request. If the MAC address of the host matches in the database, then, the VMPS Server responds to the Client request and assigns the vlan number to the port, which dynamically adds the corresponding VALN. If a match cannot be found, "access denied" is returned. To enhance security, you can restrict the VLAN to a specified port group. Only hosts connected to these ports can dynamically add VLANs, the MAC address of the host on other ports cannot be added to the VLAN even if the MAC address is matched in the database.
8. Configure InterVLAN routing:
Communication between VLANs requires a router, which is completed by the RSM module in 5505,
Therefore, the RSM module must be configured to configure routes between VLANs. The configuration is as follows:
Console> (enable) session mod/num // slot of RSM
Password :*****
Router> configure terminal
Router (config) # ip routing
Router (config) # router ip_routing_protocol
Router (config) # interface vlan-id
Router (config-if) # ip address n. n mask
Router (config) # copy running-config startup-config
9. MLS (multi-layer switching ):
The MLS function is implemented by the RSM module inserted in the switch cabinet. It can also be completed by the vrouters connected to the switch, such as the 7000 Series.
MLS provides efficient hardware-based layer-3 switching. MLS uses advanced application-specific integrated circuit (ASIC) to exchange non-broadcast packets between subnets, use standard routing protocols such as OSPF, RIP, VPN, and IS-IS to make route selection. It also provides traffic statistics for ease of management.
MLS consists of three parts:
Multilayer Switching-Switching Engine (MLS-SE): Catalyst 5000 series switch
With the NFFC or nffc ii.
Multilayer Switching-Route Processor (MLS-RP): The MLS-RP provides Cisco
IOS-based multiprotocol routing, network services, and central configuration
And control for the switches.
Multilayer Switching Protocol (MLSP) --- The protocol running between the MLS-
SE and MLS-RP to enable MLS.
MLS operation process:
When an MLS stream is assumed to be an IP stream) generated, its first IP package reaches the MLS-SE, The MLS-SE executes the package override, the destination MAC address to the MLS-RP address, and sends it to the MLS-RP, the MLS-RP checks the Access List to check whether the establishment of this IP stream is allowed. If no Access List is set, it selects an exit for this package based on the routing protocol, and passes the IP stream information to the MLS-SE through the MLSP protocol, the MLS-SE creates an Entry for this IP stream in the MLS-SE Cache, and then the IP package for the same IP stream will quickly find the exit using the Entry just created, without having to route through the MLS-RP when the IP stream ends, this Entry disappears automatically.
1) vro configuration.
Router (config) # mls rp ip
Router (config-if) # mls rp vtp-domain [domain_name]
Router (config-if) # mls rp vlan-id [vlan_id_num]
Router (config-if) # mls rp ip
Router (config-if) # mls rp management-interface
2) Switch configuration.
Console> (enable) set mls enable
Console> (enable) set mls include ip_address
Console> (enable) set mls flow {destination | destination-source | full}
MLS software and hardware requirements:
The following software and hardware versions are required for multi-layer switching:
L Catalyst 5000 Series Super User engine software 4.11) or an updated version.
2 Cisco IOS router software 11.32) WA44) or an updated version.
3 superuser Engine III Supervisor Engine III) with NFFC
4 RSM or Cisco7500, 7200, 4500, or 4700 series routers
10. NDE (NetFlow Data Export) Description:
NDE can monitor the traffic of NFFC, NFFCII, RSM, and external routers. NDE implements the built-in RMON function to allow you to monitor all the port traffic.
Integrated MLS includes management, secondary application stream data collection, output, and processing, and stream collection, such as Cisco SwitchProbe and NetFlow FlowCollector, gather and classify flows. For example, trafficdire, NetSys, or NetFlow Analyzer ).
Catalyst 5000 series Network Analysis Module (WS-X5380) and Cisco SwitchProbe device are capable of collecting stream information, the Network Analysis Module provides the extended RMON monitoring function and analyzes the VLAN stream information output on NFFC and NFFCII.
Use NDE to filter:
You can specify a filter to output the expected data stream. The parameter values of the filter are stored in NVRAM and can be changed only when NDE is activated.
Software and Hardware requirements:
Supervisor engine software --- Software release 4.1 (1) or later
Cisco IOS router software --- IOS release 11.3 (2) WA4 (4) or later
Catalyst 2926G series switch or a Catalyst 5000 series switch with Supervisor Engine III, iii fsx, or iii flx modulewith a NetFlow Feature Card (NFFC) or NFFC II
Route Switch Module (RSM) or Cisco 7500,720 0, 4500, or 4700 series router
RMON data collector (such as the Catalyst 5000 series Network Analysis Module)
NDE Configuration:
1. Specify the NDE address:
When collecting MLS statistics, you should first specify the nde ip address used by the MLS-RP and MLS-SE.
Router (config) # mls rp nde-address [ip_addr]
After the address is specified, you must also include the IP address of the MLS-RP with the set mls include [ip_addr] command on the switch.
2. Specify the nde collector:
When activating NDE for the first time, you need to specify an NDE collector and UDP port number, which are kept in NVRAM. If the Network Analysis Module (WS-X5380) is installed, you do not need to specify them.
Console> (enable) set mls nde [collector_ip] [udp_port_number]
3. Activate NDE:
Console> (enable) set mls nde enable
4. Specify the filter:
Console> (enable) set mls nde flow destination [ip_addr_spec]
Console> (enable) set mls nde flow destination [ip_addr_spec]
Source [ip_addr_spec]
Console> (enable) set mls nde flow dst_prt [port_number]
Console> (enable) set mls nde flow source [ip_addr_spec] dst_prt [port_number]
Console> (enable) set mls nde flow protocol
Speed query of configuration 4/5505:
1. Basic Configuration:
1) enter the privileged mode.
Console> enable
Enter password :******
Console> (enable)
2) assign an IP address to the vswitch.
Console> (enable) set interface sc0 ip_addr netmask
Console> (enable) set interface sc0 vlan_num
Allocate the sc0 interface of the switch to VLAN. The default value is VALN1.
Console> (enable) set ip route default gateway
Console> (enable) show interface
Console> (enable) show ip route
View the configuration.
3) Ethernet port configuration.
Console> (enable) set port speed mod_num/port_num {10 | 100 |
Auto}
Console> (enable) set port duplex mod_num/port_num {full | half |
Auto}
Console> (enable) set port enable mod_num/port_num
Console> (enable) set port name mod_num/port_num name_string
Console> (enable) show port mod_num/port_num
4) system settings
Console> (enable) set system name name_string
Console> (enable) set time mm/dd/yy hh: mm: ss
Console> (enable) set prompt prompt_string
Console> (enable) set password
Console> (enable) set enablepass
2. VLAN configuration
1) VTP configuration.
Console> (enable) set vtp domain name
Console> (enable) set vtp mode [server | Client | Transparent]
Console> (enable) show vtp domain
2) Set VLAN
Console> (enable) set vlan vlan_num [name]
Console> (enable) show vlan vlan_num
Console> (enable) set vlan vlan_num mod_num/port_num
Console> (enable) show vlan vlan_num
Console> (enable) show port [mod_num/port_num]
3) set VLAN TRUNK
Console> (enable) set trunk mod_num/port_num {on |
Desirable | auto} {isl | dot1q | negotiate}
Console> (enable) show trunk
4) set EtherChannel
Console> (enable) set port channel port_list {on | desirable |
Auto}
Console> (enable) show port channel [mod_num [/port_num]
Console> (enable) write memory
3. Configure routes between VLANs.
1) Configure RSM.
Console> (enable) session mod/num // slot of RSM
Password :*****
Router> configure terminal
Router (config) # ip routing
Router (config) # router ip_routing_protocol
Router (config) # interface vlan-id
Router (config-if) # ip address n. n mask
Router (config) # copy running-config startup-config
4. MLS configuration.
3) router configuration.
Router (config) # mls rp ip
Router (config-if) # mls rp vtp-domain [domain_name]
Router (config-if) # mls rp vlan-id [vlan_id_num]
Router (config-if) # mls rp ip
Router (config-if) # mls rp management-interface
4) Switch configuration.
Console> (enable) set mls enable
Console> (enable) set mls include ip_address
Console> (enable) set mls flow {destination | destination-source | full}