Cisco Switches: Difference between revisions

From CLONWiki
Jump to navigation Jump to search
Boiarino (talk | contribs)
No edit summary
Boiarino (talk | contribs)
No edit summary
Line 2: Line 2:


To get active links:
To get active links:
  show int | include is up
  show int(erface) | include is up
show int(erface) fastethernet 0/20


To get MAC addresses:
To get MAC addresses:

Revision as of 10:52, 10 February 2009

Useful commands:

To get active links:

show int(erface) | include is up
show int(erface) fastethernet 0/20

To get MAC addresses:

show mac-ad
show mac-ad | include Fa0/26
mac-ad | include 0800.3e26.1a04

NOTE: should be no 'Half duplex' connections, check it with command:

show int | include Half

If any exist, change it to the Full duplex:

mmm

Configure the VLAN on Catalyst 2900XL, 3500XL, 2950, 2970, and 2940 Series Switches

Create VLANs and Ports

Note: The output that you see can be different from some of the command output that this section displays. The difference depends on the model of your switch.

Complete these steps in order to create a VLAN.

Decide whether to use VTP in your network.

With VTP, you can make configuration changes centrally on a single switch, and you can automatically communicate those changes to all the other switches in the network. The default VTP mode on the Catalyst 2900XL, 3500XL, 2950, 2970, and 2940 Switches is the server mode. Refer to Understanding VLAN Trunk Protocol (VTP) for more information on VTP.

Note: Issue the show vtp status command in order to check the VTP status on XL Series Switches.

3524XL#show vtp status
  VTP Version                     : 2
  Configuration Revision          : 0
  Maximum VLANs supported locally : 254
  Number of existing VLANs        : 5
  VTP Operating Mode              : Server
  !--- This is the default mode.
  VTP Domain Name                 : 
  VTP Pruning Mode                : Disabled
  VTP V2 Mode                     : Disabled
  VTP Traps Generation            : Disabled
  MD5 digest                      : 0xBF 0x86 0x94 0x45 0xFC 0xDF 0xB5 0x70 
  Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

After you set and verify the VTP domain, begin to create VLANs on the switch.

By default, there is only a single VLAN for all ports. This VLAN is called default. You cannot rename or delete VLAN 1.

Issue the show vlan command in order to check the VLAN information.

3524XL#show vlan
  VLAN Name                             Status    Ports
  ---- -------------------------------- --------- -------------------------------
  1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4,
                                                  Fa0/5, Fa0/6, Fa0/7, Fa0/8,
                                                  Fa0/9, Fa0/10, Fa0/11, Fa0/12,
                                                  Fa0/13, Fa0/14, Fa0/15, Fa0/16,
                                                  Fa0/17, Fa0/18, Fa0/19, Fa0/20,
                                                  Fa0/21, Fa0/22, Fa0/23, Fa0/24,
                                                  Gi0/1, Gi0/2
  1002 fddi-default                     active
  1003 token-ring-default               active
  1004 fddinet-default                  active
  1005 trnet-default                    active
  VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
  ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
  1    enet  100001     1500  -      -      -        -    -        1002   1003
  1002 fddi  101002     1500  -      -      -        -    -        1      1003
  1003 tr    101003     1500  1005   0      -        -    srb      1      1002
  1004 fdnet 101004     1500  -      -      1        IBM  -        0      0
  1005 trnet 101005     1500  -      -      1        IBM  -        0      0

Issue this set of commands in privileged mode in order to create another VLAN:

3524XL#vlan database
  !--- You must enter into VLAN database in order to configure any VLAN.
  3524XL(vlan)#vtp server
  Device mode already VTP SERVER.
  !--- You can skip this command if the switch is already in server mode and you
  !--- want the switch to be in server mode.

Note: A switch can only create VLANs if it is in VTP server mode or VTP transparent mode. Refer to Understanding VLAN Trunk Protocol (VTP) for more information on VTP.

524XL(vlan)#vlan ?
  <1-1005>  ISL VLAN index
3524XL(vlan)#vlan 2 ?
  are        Maximum number of All Route Explorer hops for this VLAN
  backupcrf  Backup CRF mode of the VLAN
  bridge     Bridging characteristics of the VLAN
  media      Media type of the VLAN
  mtu        VLAN Maximum Transmission Unit
  name       Ascii name of the VLAN
  parent     ID number of the Parent VLAN of FDDI or Token Ring type VLANs
  ring       Ring number of FDDI or Token Ring type VLANs
  said       IEEE 802.10 SAID
  state      Operational state of the VLAN
  ste        Maximum number of Spanning Tree Explorer hops for this VLAN
  stp        Spanning tree characteristics of the VLAN
  tb-vlan1   ID number of the first translational VLAN for this VLAN (or zero
             if none)
  tb-vlan2   ID number of the second translational VLAN for this VLAN (or zero
             if none)
3524XL(vlan)#vlan 2 name ?
  WORD  The ASCII name for the VLAN
3524XL(vlan)#vlan 2 name cisco_vlan_2
  VLAN 2 added:
    Name: cisco_vlan_2
3524XL(vlan)#exit
  !--- You must exit from the VLAN database in order for the changes 
  !--- to be committed.
  APPLY completed.
  Exiting....
3524XL#

Note: The VTP mode can change from client mode to transparent mode if the switch attempts to learn or pass a greater number of VLANs than it supports. Always check that the switches that run in client mode support the same number of VLANs that the switches in server mode send.

Issue the show vlan command in order to ensure that the VLAN is created.

3524XL#show vlan
  VLAN Name                             Status    Ports
  ---- -------------------------------- --------- -------------------------------
  1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4,
                                                  Fa0/5, Fa0/6, Fa0/7, Fa0/8,
                                                  Fa0/9, Fa0/10, Fa0/11, Fa0/12,
                                                  Fa0/13, Fa0/14, Fa0/15, Fa0/16,
                                                  Fa0/17, Fa0/18, Fa0/19, Fa0/20,
                                                  Fa0/21, Fa0/22, Fa0/23, Fa0/24,
                                                  Gi0/1, Gi0/2
  2    cisco_vlan_2                     active    
  1002 fddi-default                     active
  1003 token-ring-default               active
  1004 fddinet-default                  active
  1005 trnet-default                    active
  VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
  ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
  1    enet  100001     1500  -      -      -        -    -        1002   1003
  2    enet  100002     1500  -      -      -        -    -        0      0
  1002 fddi  101002     1500  -      -      -        -    -        1      1003
  1003 tr    101003     1500  1005   0      -        -    srb      1      1002
  1004 fdnet 101004     1500  -      -      1        IBM  -        0      0
  1005 trnet 101005     1500  -      -      1

You can add ports (interfaces) in the newly created VLAN.

You must go to interface configuration mode for each of the interfaces that you want to add into the new VLAN.

Note: You can assign the ports of a Layer 2 Catalyst Switch to multiple VLANs, but the switch only supports one active management VLAN interface at a time and other switched virtual interfaces (SVIs) do not up/up because of Layer 2 functionality. Therefore, the switch supports only one active management Layer 3 address. On a Layer 2 Catalyst Switch, you can issue the optional management command under the new SVI in order to automatically shut down VLAN 1 and transfer the IP address to the new VLAN.

Switch#configure terminal
Switch(config)#interface vlan 2
Switch(config-subif)#management
Switch(config-subif)#^Z
Switch#show ip interface brief
  Interface                  IP-Address      OK? Method Status   Protocol
  VLAN1                      10.0.0.2        YES manual up       down    
  VLAN2                      20.0.0.2        YES manual up       up      
  FastEthernet0/1            unassigned      YES unset  up       up      
  FastEthernet0/2            unassigned      YES unset  up       up
  !--- Output suppressed.

Issue this set of commands in privileged mode in order to add a particular interface in the VLAN:

3524XL#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

3524XL(config)#interface fastethernet 0/2
3524XL(config-if)#switchport access ?
  vlan  Set VLAN when interface is in access mode
3524XL(config-if)#switchport access vlan ?
  <1-1001>  VLAN ID of the VLAN when this port is in access mode
  dynamic   When in access mode, this interfaces VLAN is controlled by VMPS
3524XL(config-if)#switchport access vlan 2
  !--- These commands assign interface Fast Ethernet 0/2 to VLAN 2.
3524XL(config-if)#exit
3524XL(config)#interface fastethernet 0/3
3524XL(config-if)#switchport access vlan 2
  !--- These commands assign interface Fast Ethernet 0/3 to VLAN 2.
3524XL(config-if)#end
3524XL#
  00:55:26: %SYS-5-CONFIG_I: Configured from console by console
3524XL#write memory
  !--- This saves the configuration.
  Building configuration...

Issue the show vlan command in order to verify the VLAN configuration.


3524XL#show vlan
  VLAN Name                             Status    Ports
  ---- -------------------------------- --------- -------------------------------
  1    default                          active    Fa0/1, Fa0/4, Fa0/5, Fa0/6,
                                                  Fa0/7, Fa0/8, Fa0/9, Fa0/10,
                                                  Fa0/11, Fa0/12, Fa0/13, Fa0/14,
                                                  Fa0/15, Fa0/16, Fa0/17, Fa0/18,
                                                  Fa0/19, Fa0/20, Fa0/21, Fa0/22,
                                                  Fa0/23, Fa0/24, Gi0/1, Gi0/2
  2    cisco_vlan_2                     active    Fa0/2, Fa0/3
  1002 fddi-default                     active
  1003 token-ring-default               active
  1004 fddinet-default                  active
  1005 trnet-default                    active
  VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
  ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
  1    enet  100001     1500  -      -      -        -    -        1002   1003
  2    enet  100002     1500  -      -      -        -    -        0      0
  1002 fddi  101002     1500  -      -      -        -    -        1      1003
  1003 tr    101003     1500  1005   0      -        -    srb      1      1002
  1004 fdnet 101004     1500  -      -      1        IBM  -        0      0
  1005 trnet 101005     1500  -      -      1        IBM  -        0      0


Remove Ports or VLANs

In order to remove ports from the VLAN, issue the no switchport access vlan vlan_number command in interface configuration mode. After the port is removed from a VLAN that is not VLAN 1 (the default VLAN), that port is automatically added back to the default VLAN.

For example, if you want to remove interface Fast Ethernet 0/2 from cisco_vlan_2 (VLAN 2), issue this set of commands in privileged mode:

3524XL#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

3524XL(config)#interface fastethernet 0/2
3524XL(config-if)#no switchport access vlan 2
  !--- These two commands remove interface Fast Ethernet 0/2 from VLAN 2.
3524XL(config-if)#end
3524XL#show vlan
  VLAN Name                             Status    Ports
  ---- -------------------------------- --------- -------------------------------
  1    default                          active    Fa0/1, Fa0/2, Fa0/4, Fa0/5,
  !--- Note: Fast Ethernet 0/2 is added back to the default VLAN.
                                                  Fa0/6, Fa0/7, Fa0/8, Fa0/9,
                                                  Fa0/10, Fa0/11, Fa0/12, Fa0/13,
                                                  Fa0/14, Fa0/15, Fa0/16, Fa0/17,
                                                  Fa0/18, Fa0/19, Fa0/20, Fa0/21,
                                                  Fa0/22, Fa0/23, Fa0/24, Gi0/1,
                                                  Gi0/2
  2    cisco_vlan_2                     active    Fa0/3
  1002 fddi-default                     active
  1003 token-ring-default               active
  1004 fddinet-default                  active
  1005 trnet-default                    active
  VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
  ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
  1    enet  100001     1500  -      -      -        -    -        1002   1003
  2    enet  100002     1500  -      -      -        -    -        0      0
  1002 fddi  101002     1500  -      -      -        -    -        1      1003
  1003 tr    101003     1500  1005   0      -        -    srb      1      1002
  1004 fdnet 101004     1500  -      -      1        IBM  -        0      0
  1005 trnet 101005     1500  -      -      1        IBM  -        0      0

In order to delete the VLAN, issue the no vlan vlan_number command in VLAN database mode. Interfaces in that VLAN remain a part of that VLAN and are deactivated because they no longer belong to any VLAN.

For example, if you want to delete cisco_vlan_2 from the switch, issue this set of commands in privileged mode:

3524XL#vlan database
  !--- This command enters you into the VLAN database mode.
3524XL(vlan)#no vlan 2
  !--- This command removes the VLAN from the database.
  Deleting VLAN 2...
3524XL(vlan)#exit
  APPLY completed.
  Exiting....
3524XL#show vlan
  VLAN Name                             Status    Ports
  ---- -------------------------------- --------- -------------------------------
  1    default                          active    Fa0/1, Fa0/2, Fa0/4, Fa0/5,
                                                  Fa0/6, Fa0/7, Fa0/8, Fa0/9,
                                                  Fa0/10, Fa0/11, Fa0/12, Fa0/13,
                                                  Fa0/14, Fa0/15, Fa0/16, Fa0/17,
                                                  Fa0/18, Fa0/19, Fa0/20, Fa0/21,
                                                  Fa0/22, Fa0/23, Fa0/24, Gi0/1,
                                                  Gi0/2
  1002 fddi-default                     active
  1003 token-ring-default               active
  1004 fddinet-default                  active
  1005 trnet-default                    active
  !--- Output suppressed.

Notice that port Fast Ethernet 0/3 is not displayed in the show vlan command output. The removal of VLAN 2 deactivates this port. Unless you add the port back in another VLAN, the port is neither displayed or usable.

3524XL#show interfaces fastethernet 0/3
  FastEthernet0/3 is down, line protocol is down
  !--- Output suppressed.

In order to make the interface usable, you must ensure that it belongs to some VLAN. In the case in this section of the document, you must add interface Fast Ethernet 0/3 to the default VLAN (VLAN 1) in order to make this interface usable.

If you have the output of a show-tech support command from your Cisco device, you can use Output Interpreter ( registered customers only) in order to display potential issues and fixes.

Note: In the case of Catalyst 3550 Switches, you can still use the interface without the addition of the interface to a VLAN. However, you need to make that interface a Layer 3 interface. Refer to the Configuring Layer 3 Interfaces section of Configuring Interface Characteristics for more information on Layer 3 interfaces on Catalyst 3550 Switches.