CCNA – Semester3
Module 6 Switch Configuration
Objectives
• Major components of a Catalyst switch • Examine the switch bootup • Configuring the switch
Starting the Switch
Physical startup of the Catalyst switch •
•
Switches usually have several ports for the purpose of connecting hosts, as well as specialized ports for the purpose of management. Switches typically have no power switch to turn them on and off. They simply connect or disconnect from a power source.
Switch LED indicators • System LED: shows whether the system is receiving power and functioning correctly. • RPS LED: indicates whether or not the remote power supply is in use. • Mode LEDs: indicate the current state of the Mode button, used to determine how the Port Status LEDs are interpreted. To select or change the port mode, press the Mode button repeatedly until the Mode LEDs indicate the desired mode. • Port Status LEDs: meanings depend on the current value of the Mode LED.
Verifying port LEDs during switch POST • Once the power cable is connected, the switch initiates a series of tests called the power-on self test (POST) to verify that the switch functions correctly.
• Port Status LEDs: – turn amber for 30s: discovering the network topology – turn green: established a link between the port and a device – turn off: nothing is plugged into the port
Initial bootup output • The initial bootup output shows information about the switch, details about POST status, and data about the switch hardware.
Examining help in the switch CLI • The command-line interface (CLI) for Cisco switches is very similar to the CLI for Cisco routers. • The help command is issued by entering a question mark (?). • This form of help is called command syntax help, because it provides applicable keywords or arguments based on a partial command.
Switch command modes • Switches have several command modes. – – – – –
User EXEC mode Privileged EXEC mode Global configuration mode Interface mode Vlan mode
Show commands in user EXEC mode
Configuring the Switch
Verifying the Catalyst switch default configuration
• May be given an IP address for management purpose. This is configured on the virtual interface, VLAN 1. • Has no IP address. • Ports are set to auto mode, and all switch ports are in VLAN 1. VLAN 1 is known as the default management VLAN.
Flash directory content • The flash directory by default, has a file that contains the IOS image, a file called env_vars, and a sub-directory called html. • After configuring the switch, it may contain a config.text file, and a VLAN database.
Configure from factory default
IP configuration
Set port speed and duplex settings
http service and port
Web interface •
•
Intelligent networking devices can provide a web-based interface for configuration and management purposes. Any additional software such as an applet, can be downloaded to the browser from the switch. Also, the network devices can be managed by a browser based graphical user interface (GUI).
Managing the MAC address table • • •
To examine the addresses that a switch has learned, enter the privileged EXEC command show mac-address–table. MAC address entry is automatically aged out after 300 seconds unused. To delete MAC table use privileged EXEC command clear mac-address-table dynamic
Permanent MAC address • The reasons for assigning a permanent MAC address to an interface include: – The MAC address will not be aged out automatically by the switch. – A specific server or user workstation must be attached to the port and the MAC address is known. – Security is enhanced.
Configuring static MAC addresses • To set a static MAC address entry for a switch: Switch(config)#mac-address-table static <mac-address of host> vlan vlno interface FastEthernet <Ethernet numer>
• To remove this entry use the no form of the command • Eg: mac-address-table static 0010.7a60.1884 vlan 1 interface f0/1
Port security • To limit the number of addresses that can be learned on an interface. • The switch can be configured to take an action if this is exceeded. • The number of MAC address per port can be limited to 1. The first address dynamically learned by the switch becomes the secure address.
Configuring port security
Managing switch operating system file • An administrator should document and maintain the operational configuration files for networking devices. • The most recent running-configuration file should be backed up on a server or disk. • The IOS should also be backed up to a local server. The IOS can then be reloaded to flash memory if needed.
2950 password recovery •
Turn the switch off. Turn it back on while holding down the “MODE” button on the front of the switch at the same time that the switch is powered on. Release the “MODE” button after the STAT LED goes out. switch:flash_init switch:load_helper switch:dir flash: switch:rename flash:config.text flash:config.old switch:boot switch#rename flash:config.old flash:config.text switch#copy flash:config.text system:running-config
• •
Change console and enable password (for other catalyst series, search for “catalyst password recovery” on www.cisco.com)
1900/2900 firmware upgrade • IOS and firmware images are periodically released with bugs fixed, new features introduced, and performance improved. • If the network can be made more secure, or can operate more efficiently with a new version of the IOS, then the IOS should be upgraded. • Firmware upgrade may be made via TFTP or XModem
Summary • • • • • • • • • •
Monitoring switch activity and status using LED indicators The major switch command modes The default settings of a Catalyst switch Switch basic configuration Viewing the switch settings with a Web browser Setting interfaces for speed and duplex operation Examining and managing the switch MAC address table Configuring port security Performing password recovery on a switch Upgrading the IOS of a switch
Lab Topology
CCNA3 – Module6