Vlans y Switcheo

CHAPTER 11
Conguring a Switch
This chapter provides information and commands concerning the following topics:
Help commands
Command modes
Verifying commands
Resetting switch conguration
Setting host names
Setting passwords
Setting IP addresses and default gateways
Setting interface descriptions
Setting duplex operation
Setting operation speed
Managing the MAC address table
Conguring static MAC addresses
Switch port security
Verifying switch port security
Sticky MAC addresses
Conguration example
Help Commands
Command Modes
switch>??? ?
The ? works here the same as
in a router.
switch>eee ennn naaa abbb blll leee e
User mode, same as a router
switch# Privileged mode
switch#ddd diii isss saaa abbb blll leee e
Leaves privileged mode
switch>eee exxx xiii ittt t
Leaves user mode
106 Verifying Commands
Verifying Commands
switch#sss shhh hooo owww w vvv veee errr rsss siii iooo onnn n
Displays information about
software and hardware.
switch#sss shhh hooo owww w fff flll laaa asss shhh h::: :
ash memory (for the 2900/
2950 series only).
switch#sss shhh hooo owww w mmm maaa accc c--- -aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e
Displays the current MAC
address forwarding table.
switch#sss shhh hooo owww w ccc cooo onnn nttt trrr rooo olll llll leee errr rsss s eee ettt thhh heee errr rnnn neee ettt t--- -ccc cooo onnn nttt trrr rooo olll llll leee errr r
the Ethernet controller.
switch#sss shhh hooo owww w rrr ruuu unnn nnnn niii innn nggg g--- -ccc cooo onnn nfff fiii iggg g
Displays the current
conguration in DRAM.
switch#sss shhh hooo owww w sss sttt taaa arrr rttt tuuu uppp p--- -ccc cooo onnn nfff fiii iggg g
Displays the current
conguration in NVRAM.
switch#sss shhh hooo owww w ppp pooo osss sttt t
Displays whether the switch
passed POST.
switch#sss shhh hooo owww w vvv vlll laaa annn n
Displays the current VLAN
conguration.
switch#sss shhh hooo owww w iii innn nttt teee errr rfff faaa accc ceee esss s
Displays the interface
conguration and status of
line: up/up, up/down, admin
down.
NOTE: This command is
unsupported in some Cisco
IOS Software releases, such
as 12.2(25)FX.
switch#sss shhh hooo owww w iii innn nttt teee errr rfff faaa accc ceee e vvv vlll laaa annn n111 1
Displays setting of virtual
interface VLAN 1, the
default VLAN on the switch.
NOTE: This command is
unsupported in some Cisco
IOS Software releases, such
as 12.2(25)FX.
Setting Passwords 107
Resetting Switch Conguration
Setting Host Names
Setting Passwords
Setting passwords for the 2960 series switches is the same method as used for a router.
Switch#ddd deee elll leee ettt teee e fff flll laaa asss shhh h::: :vvv vlll laaa annn n... .ddd daaa attt t
Removes the VLAN database
from ash memory.
Delete filename [vlan.dat]? Press .
Delete flash:vlan.dat? [confirm] Reconrm by pressing
.
Switch#eee errr raaa asss seee e sss sttt taaa arrr rttt tuuu uppp p--- -ccc cooo onnn nfff fiii iggg g
Erases the le from NVRAM.
<output omitted>
Switch#rrr reee elll looo oaaa addd d
Restarts the switch.
Switch#ccc cooo onnn nfff fiii iggg guuu urrr reee e ttt teee errr rmmm miii innn naaa alll l
Moves to global conguration
mode.
Switch(config)#hhh hooo osss sttt tnnn naaa ammm meee e 222 2999 9666 6000 0SSS Swww wiii ittt tccc chhh h
Creates a locally signicant
host name of the switch. This
is the same command as the
router.
2960Switch(config)#
2960Switch(config)#eee ennn naaa abbb blll leee e ppp paaa asss ssss swww wooo orrr rddd d ccc ciii isss sccc cooo o
Sets the enable password to
cisco
2960Switch(config)#eee ennn naaa abbb blll leee e sss seee eccc crrr reee ettt t ccc clll laaa asss ssss s
Sets the encrypted secret
password to class
2960Switch(config)#lll liii innn neee e ccc cooo onnn nsss sooo olll leee e 000 0
Enters line console mode
2960Switch(config-line)#lll looo oggg giii innn n
Enables password checking
2960Switch(config-line)#ppp paaa asss ssss swww wooo orrr rddd d ccc ciii isss sccc cooo o
Sets the password to cisco
2960Switch(config-line)#eee exxx xiii ittt t
Exits line console mode
2960Switch(config-line)#lll liii innn neee e aaa auuu uxxx x 000 0
Enters line auxiliary mode
108 Setting Interface Descriptions
Setting IP Addresses and Default Gateways
TIP: For the 2960 series switches, the IP address of the switch is just thatthe IP
address for the entire switch. That is why you set the address in VLAN 1 (the
default VLAN of the switch) and not in a specic Ethernet interface.
Setting Interface Descriptions
TIP: The 2960 series switches have either 12 or 24 Fast Ethernet ports named
fa0/1, fa0/2, ... fa0/24there is no fastethernet 0/0.
Exits line auxiliary mode
2960Switch(config-line)#lll liii innn neee e vvv vttt tyyy y 000 0 444 4
Enters line vty mode for all
ve virtual ports
Exits line vty mode
2960Switch(config)#
2960Switch(config)#iii innn nttt teee errr rfff faaa accc ceee e vvv vlll laaa annn n111 1
Enters the virtual interface
for VLAN 1, the default
VLAN on the switch
2960Switch(config-if)#iii ippp p aaa addd dddd drrr reee esss ssss s 111 1777 7222 2... .111 1666 6... .111 1000 0... .222 2
222 2555 5555 5... .222 2555 5555 5... .222 2555 5555 5... .000 0
Sets the IP address and
netmask to allow for remote
access to the switch
2960Switch(config-if)#eee exxx xiii ittt t
2960Switch(config)#iii ippp p ddd deee efff faaa auuu ulll lttt t--- -ggg gaaa attt teee ewww waaa ayyy y
111 1777 7222 2... .111 1666 6... .111 1000 0... .111 1
Allows IP information an
exit past the local network
2960Switch(config)#iii innn nttt teee errr rfff faaa accc ceee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1
Enters interface
conguration mode
2960Switch(config-if)#ddd deee esss sccc crrr riii ippp pttt tiii iooo onnn n FFF Fiii innn naaa annn nccc ceee e VVV VLLL LAAA ANNN N
Adds a description of the
interface
Conguring Static MAC Addresses 109
Setting Duplex Operation
Setting Operation Speed
Managing the MAC Address Table
Conguring Static MAC Addresses
2960Switch2960Switch(config)#iii innn nttt teee errr rfff faaa accc ceee e
fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1
Moves to interface
conguration mode
2960Switch(config-if)#ddd duuu uppp plll leee exxx x fff fuuu ulll llll l
Forces full-duplex
operation
2960Switch(config-if)#ddd duuu uppp plll leee exxx x aaa auuu uttt tooo o
Enables auto-duplex cong
2960Switch(config-if)#ddd duuu uppp plll leee exxx x hhh haaa alll lfff f
Forces half-duplex operation
2960Switch(config)#iii innn nttt teee errr rfff faaa accc ceee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1
2960Switch(config-if)#sss sppp peee eeee eddd d 111 1000 0
Forces 10-Mbps operation
2960Switch(config-if)#sss sppp peee eeee eddd d 111 1000 0000 0
Forces 100-Mbps operation
2960Switch(config-if)#sss sppp peee eeee eddd d aaa auuu uttt tooo o
Enables autospeed
conguration
switch#sss shhh hooo owww w mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e
Displays current MAC
address forwarding table
switch#ccc clll leee eaaa arrr r mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e
Deletes all entries from
current MAC address
forwarding table
switch#ccc clll leee eaaa arrr r mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e ddd dyyy ynnn naaa ammm miii iccc c
Deletes only dynamic
entries from table
2960Switch(config)#mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e sss sttt taaa attt tiii iccc c
aaaa.aaaa.aaaa vvv vlll laaa annn n 111 1 iii innn nttt teee errr rfff faaa accc ceee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t
000 0/// /111 1
Sets a permanent address to
port fastethernet 0/1 in
VLAN 1
110 Switch Port Security
Switch Port Security
2960Switch(config)#nnn nooo o mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e
sss sttt taaa attt tiii iccc c aaaa.aaaa.aaaa vvv vlll laaa annn n 111 1 iii innn nttt teee errr rfff faaa accc ceee e
Removes the permanent
address to port fastethernet
0/1 in VLAN 1
Switch(config)#iii innn nttt teee errr rfff faaa accc ceee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1
Moves to interface
conguration mode.
Switch(config-if)#sss swww wiii ittt tccc chhh hppp pooo orrr rttt t ppp pooo orrr rttt t--- -sss seee eccc cuuu urrr riii ittt tyyy y
Enables port security on the
interface.
mmm maaa axxx xiii immm muuu ummm m 444 4
Sets a maximum limit of
four MAC addresses that
will be allowed on this port.
NOTE: The maximum
number of secure MAC
addresses that you can
congure on a switch is set
by the maximum number of
available MAC addresses
allowed in the system.
mmm maaa accc c--- -aaa addd dddd drrr reee esss ssss s 111 1222 2333 3444 4... .555 5666 6777 7888 8... .999 9000 0aaa abbb b
Sets a specic secure MAC
address 1234.5678.90ab.
You can add additional
secure MAC addresses up to
the maximum value
congured.
vvv viii iooo olll laaa attt tiii iooo onnn n sss shhh huuu uttt tddd dooo owww wnnn n
Congures port security to
shut down the interface if a
security violation occurs.
NOTE: In shutdown mode,
the port is errdisabled, a log
entry is made, and manual
intervention or errdisable
recovery must be used to
reenable the interface.
vvv viii iooo olll laaa attt tiii iooo onnn n rrr reee esss sttt trrr riii iccc cttt t
restrict mode if a security
violation occurs.
Verifying Switch Port Security 111
Verifying Switch Port Security
NOTE: In restrict mode,
frames from a nonallowed
address are dropped, and
a log entry is made. The
interface remains
operational.
vvv viii iooo olll laaa attt tiii iooo onnn n ppp prrr rooo ottt teee eccc cttt t
protect mode if a security
violation occurs.
NOTE: In protect mode,
frames from a nonallowed
address are dropped, but no
log entry is made. The
interface remains
operational.
Switch#sss shhh hooo owww w ppp pooo orrr rttt t--- -sss seee eccc cuuu urrr riii ittt tyyy y
Displays security
information for all
interfaces
Switch#sss shhh hooo owww w ppp pooo orrr rttt t--- -sss seee eccc cuuu urrr riii ittt tyyy y iii innn nttt teee errr rfff faaa accc ceee e
Displays security
information for interface
fastethernet 0/5
Switch#sss shhh hooo owww w ppp pooo orrr rttt t--- -sss seee eccc cuuu urrr riii ittt tyyy y aaa addd dddd drrr reee esss ssss s
Displays MAC address
table security information
Switch#sss shhh hooo owww w mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e
Displays the MAC address
table
Switch#ccc clll leee eaaa arrr r mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e ddd dyyy ynnn naaa ammm miii iccc c
Deletes all dynamic MAC
addresses
Switch#ccc clll leee eaaa arrr r mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e ddd dyyy ynnn naaa ammm miii iccc c aaa addd dddd drrr reee esss ssss s
aaaa.bbbb.cccc
Deletes the specied
dynamic MAC address
Switch#ccc clll leee eaaa arrr r mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e ddd dyyy ynnn naaa ammm miii iccc c
iii innn nttt teee errr rfff faaa accc ceee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /555 5
addresses on interface
fastethernet 0/5
Switch#ccc clll leee eaaa arrr r mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e ddd dyyy ynnn naaa ammm miii iccc c vvv vlll laaa annn n 111 1000 0
addresses on VLAN 10
112 Sticky MAC Addresses
Sticky MAC Addresses
Sticky MAC addresses are a feature of port security. Sticky MAC addresses limit switch
port access to a specic MAC address that can be dynamically learned, as opposed to a
network administrator manually associating a MAC address with a specic switch port.
These addresses are stored in the running conguration le. If this le is saved, the sticky
MAC addresses do not have to be relearned when the switch is rebooted, and thus provide
a high level of switch port security.
Switch#ccc clll leee eaaa arrr r mmm maaa accc c aaa addd dddd drrr reee esss ssss s--- -ttt taaa abbb blll leee e nnn nooo ottt tiii ifff fiii iccc caaa attt tiii iooo onnn n
Clears MAC notication
global counters
NOTE: Beginning with
Cisco IOS Software Release
12.1(11)EA1, the clear mac
address-table command
(no hyphen in mac address)
replaces the clear mac-
address-table command
(with the hyphen in mac-
address). The clear mac-
address-table static
command (with the hyphen
in mac-address) will
become obsolete in a future
release.
Moves to interface
conguration mode.
mmm maaa accc c--- -aaa addd dddd drrr reee esss ssss s sss sttt tiii iccc ckkk kyyy y
Converts all dynamic port
security learned MAC
addresses to sticky secure
MAC addresses.
mmm maaa accc c--- -aaa addd dddd drrr reee esss ssss s sss sttt tiii iccc ckkk kyyy y vvv vlll laaa annn n 111 1000 0 vvv vooo oiii iccc ceee e
Converts all dynamic port
security learned MAC
addresses to sticky secure
MAC addresses on voice
VLAN 10.
NOTE: The voice
keyword is available only
if a voice VLAN is rst
congured on a port and if
that port is not the access
VLAN.
Conguration Example 113
Conguration Example
Figure 11-1 shows the network topology for the basic conguration of a 2960 series switch
using commands covered in this chapter.
Figure 11-1 Network Topology for 2960 Series Switch Conguration
switch>eee ennn naaa abbb blll leee e
Enters privileged mode.
switch#ccc cooo onnn nfff fiii iggg guuu urrr reee e ttt teee errr rmmm miii innn naaa alll l
Enters global conguration
mode.
switch(config)#nnn nooo o iii ippp p ddd dooo ommm maaa aiii innn n--- -lll looo oooo okkk kuuu uppp p
Turns off Domain Name
System (DNS) queries so
that spelling mistakes do not
slow you down.
switch(config)#hhh hooo osss sttt tnnn naaa ammm meee e 222 2999 9666 6000 0
Sets the host name.
2960(config)#eee ennn naaa abbb blll leee e sss seee eccc crrr reee ettt t ccc ciii isss sccc cooo o
Sets the encrypted secret
password to cisco.
2960(config)#lll liii innn neee e ccc cooo onnn nsss sooo olll leee e 000 0
Enters line console mode.
2960(config-line)#lll looo oggg gggg giii innn nggg g sss syyy ynnn nccc chhh hrrr rooo onnn nooo ouuu usss s
Appends commands to a
new line; router information
will not interrupt.
Workstation B
192.168.1.11
Network 192.168.1.0/24
Workstation A
192.168.1.10
192.168.1.1 Fa0/0
192.168.1.2
Fa0/1
2960Switch
Bismarck
Fa0/8 Fa0/4
114 Conguration Example
2960(config-line)#lll looo oggg giii innn n
User must log in to console
before use.
2960(config-line)#ppp paaa asss ssss swww wooo orrr rddd d sss swww wiii ittt tccc chhh h
Sets the password to switch.
2960(config-line)#eee exxx xeee eccc c--- -ttt tiii immm meee eooo ouuu uttt t 000 0 000 0 Console will never log out.
2960(config-line)#eee exxx xiii ittt t
Moves back to global
conguration mode.
2960(config)#lll liii innn neee e aaa auuu uxxx x 000 0
Moves to line auxiliary
mode.
User must log in to auxiliary
port before use.
2960(config-line)#ppp paaa asss ssss swww wooo orrr rddd d ccc clll laaa asss ssss s
Sets the password to class.
conguration mode.
2960(config)#lll liii innn neee e vvv vttt tyyy y 000 0 111 1555 5
Moves to congure all 16 vty
ports at the same time.
User must log in to vty port
before use.
2960(config-line)#ppp paaa asss ssss swww wooo orrr rddd d ccc clll laaa asss ssss s
Sets the password to class.
conguration mode.
2960(config)#iii ippp p ddd deee efff faaa auuu ulll lttt t--- -ggg gaaa attt teee ewww waaa ayyy y 111 1999 9222 2... .111 1666 6888 8... .111 1... .111 1
Sets default gateway.
2960(config)#iii innn nttt teee errr rfff faaa accc ceee e vvv vlll laaa annn n 111 1
Moves to virtual interface
VLAN 1 conguration
mode.
2960(config-if)#iii ippp p aaa addd dddd drrr reee esss ssss s 111 1999 9222 2... .111 1666 6888 8... .111 1... .222 2
222 2555 5555 5... .222 2555 5555 5... .222 2555 5555 5... .000 0
Sets the IP address and
netmask for switch.
2960(config-if)#nnn nooo o sss shhh huuu uttt tddd dooo owww wnnn n
Turns the virtual interface
on.
2960(config-if)#iii innn nttt teee errr rfff faaa accc ceee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1
Moves to interface
conguration mode for
fastethernet 0/1.
Conguration Example 115
2960(config-if)#ddd deee esss sccc crrr riii ippp pttt tiii iooo onnn n LLL Liii innn nkkk k ttt tooo o BBB Biii isss smmm maaa arrr rccc ckkk k
RRR Rooo ouuu uttt teee errr r
Sets a local description.
Moves to interface
fastethernet 0/4.
2960(config-if)#ddd deee esss sccc crrr riii ippp pttt tiii iooo onnn n LLL Liii innn nkkk k ttt tooo o
WWW Wooo orrr rkkk ksss sttt taaa attt tiii iooo onnn n AAA A
2960(config-if)#sss swww wiii ittt tccc chhh hppp pooo orrr rttt t ppp pooo orrr rttt t--- -sss seee eccc cuuu urrr riii ittt tyyy y
Activates port security.
Only one MAC address will
be allowed in the MAC
table.
Port will be turned off if
more than one MAC address
is reported.
Moves to interface
fastethernet 0/8.
2960(config-if)#ddd deee esss sccc crrr riii ippp pttt tiii iooo onnn n LLL Liii innn nkkk k ttt tooo o
WWW Wooo orrr rkkk ksss sttt taaa attt tiii iooo onnn n BBB B
Activates port security.
Only one MAC address will
be allowed in the MAC
table.
Port will be turned off if
more than one MAC address
is reported.
2960(config-if)#eee exxx xiii ittt t
Returns to global
conguration mode.
2960(config)#eee exxx xiii ittt t
Returns to privileged mode.
2960#ccc cooo oppp pyyy y rrr ruuu unnn nnnn niii innn nggg g--- -ccc cooo onnn nfff fiii iggg g sss sttt taaa arrr rttt tuuu uppp p--- -ccc cooo onnn nfff fiii iggg g
Saves the conguration to
NVRAM.
2960#
This page intentionally left blank
CHAPTER 12
VLANs
This chapter provides information and commands concerning the following topics:
Creating static VLANs
Using VLAN conguration mode
Using VLAN database mode
Assigning ports to VLANs
Using the range command
Verifying VLAN information
Saving VLAN congurations
Erasing VLAN congurations
Conguration example: VLANs
Creating Static VLANs
Static VLANs occur when a switch port is manually assigned by the network
administrator to belong to a VLAN. Each port is associated with a specic VLAN. By
default, all ports are originally assigned to VLAN 1. You can create VLANs in two
different ways:
Using the VLAN conguration mode, which is the recommended way to create
VLANs
Using the VLAN database mode (which should not be used but is still available)
Using VLAN Conguration Mode
Switch(config)#vvv vlll laaa annn n 333 3
Creates VLAN 3 and enters VLAN
conguration mode for further
denitions.
Switch(config-vlan)#nnn naaa ammm meee e
EEE Ennn nggg giii innn neee eeee errr riii innn nggg g
Assigns a name to the VLAN. The
length of the name can be from 1 to
32 characters.
Switch(config-vlan)#eee exxx xiii ittt t
Applies changes, increases the revision
number by 1, and returns to global
conguration mode.
Switch(config)#
118 Assigning Ports to VLANs
NOTE: This method is the only way to congure extended-range VLANs (VLAN
IDs from 100 to 4094).
NOTE: Regardless of the method used to create VLANs, the VTP revision number
is increased by 1 each time a VLAN is created or changed.
Using VLAN Database Mode
CAUTION: The VLAN database mode has been deprecated and will be removed
in some future Cisco IOS Software release. It is recommended to use only VLAN
conguration mode.
NOTE: You must apply the changes to the VLAN database for the changes to take
effect. You must use either the apply command or the exit command to do so.
Using the -Zcommand to exit out of the VLAN database does not work in this
mode because it aborts all changes made to the VLAN databaseyou must either
use exit or apply and then the exit command.
Assigning Ports to VLANs
Switch#vvv vlll laaa annn n ddd daaa attt taaa abbb baaa asss seee e
Enters VLAN database mode.
Switch(vlan)#vvv vlll laaa annn n 444 4 nnn naaa ammm meee e SSS Saaa alll leee esss s
Creates VLAN 4 and names it Sales.
The length of the name can be from 1 to
32 characters.
Switch(vlan)#vvv vlll laaa annn n 111 1000 0
Creates VLAN 10 and gives it a name of
VLAN0010 as a default.
Switch(vlan)#aaa appp pppp plll lyyy y
Applies changes to the VLAN database and
increases the revision number by 1.
Switch(vlan)#eee exxx xiii ittt t
Applies changes to the VLAN database,
increases the revision number by 1, and exits
VLAN database mode.
Switch#
Moves to interface
conguration mode
Switch(config-if)#sss swww wiii ittt tccc chhh hppp pooo orrr rttt t mmm mooo oddd deee e aaa accc cccc ceee esss ssss s
Sets the port to access mode
Switch(config-if)#sss swww wiii ittt tccc chhh hppp pooo orrr rttt t aaa accc cccc ceee esss ssss s vvv vlll laaa annn n 111 1000 0
Assigns this port to VLAN 10
Saving VLAN Congurations 119
NOTE: When the switchport mode access command is used, the port
operates as a nontrunking, single VLAN interface that transmits and receives
nonencapsulated frames.
An access port can belong to only one VLAN.
Using the range Command
Verifying VLAN Information
Saving VLAN Congurations
The congurations of VLANs 1 through 1005 are always saved in the VLAN database. As
long as the apply or the exit command is executed in VLAN database mode, changes are
saved. If you are using VLAN conguration mode, the exit command saves the changes to
the VLAN database, too.
Switch(config)#iii innn nttt teee errr rfff faaa accc ceee e rrr raaa annn nggg geee e
fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1 --- - 999 9
Enables you to set the same conguration
parameters on multiple ports at the same
time.
NOTE: There is a space before and after
the hyphen in the interface range
command.
Switch(config-if-range)#sss swww wiii ittt tccc chhh hppp pooo orrr rttt t
mmm mooo oddd deee e aaa accc cccc ceee esss ssss s
Sets ports 19 as access ports.
Switch(config-if-range)#sss swww wiii ittt tccc chhh hppp pooo orrr rttt t
aaa accc cccc ceee esss ssss s vvv vlll laaa annn n 111 1000 0
Assigns ports 19 to VLAN 10.
Switch#sss shhh hooo owww w vvv vlll laaa annn n
Displays VLAN information
Switch#sss shhh hooo owww w vvv vlll laaa annn n bbb brrr riii ieee efff f
Displays VLAN information in brief
Switch#sss shhh hooo owww w vvv vlll laaa annn n iii iddd d 222 2
Displays information about VLAN 2 only
Switch#sss shhh hooo owww w vvv vlll laaa annn n nnn naaa ammm meee e mmm maaa arrr rkkk keee ettt tiii innn nggg g
Displays information about VLAN named
marketing only
Switch#sss shhh hooo owww w iii innn nttt teee errr rfff faaa accc ceee esss s vvv vlll laaa annn n x Displays interface characteristics for the
specied VLAN
120 Erasing VLAN Congurations
If the VLAN database conguration is used at startup, and the startup conguration
le contains extended-range VLAN conguration, this information is lost when the system
boots.
If you are using VTP transparent mode, the congurations are also saved in the running
conguration and can be saved to the startup conguration using the copy running-cong
startup-cong command.
If the VTP mode is transparent in the startup conguration, and the VLAN database and the
VTP domain name from the VLAN database matches that in the startup conguration le,
the VLAN database is ignored (cleared), and the VTP and VLAN congurations in the
startup conguration le are used. The VLAN database revision number remains
unchanged in the VLAN database.
Erasing VLAN Congurations
Removes the entire VLAN database from ash.
WARNING: Make sure there is no space
between the colon (:) and the characters vlan.dat.
You can potentially erase the entire contents of
the ash with this command if the syntax is not
correct. Make sure you read the output from the
switch. If you need to cancel, press -C to
escape back to privileged mode:
(Switch#)
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Switch#
Switch(config)#iii innn nttt teee errr rfff faaa accc ceee e
Moves to interface conguration mode.
Switch(config-if)#nnn nooo o
sss swww wiii ittt tccc chhh hppp pooo orrr rttt t aaa accc cccc ceee esss ssss s vvv vlll laaa annn n 555 5
Removes port from VLAN 5 and reassigns it to
VLAN 1the default VLAN.
Switch(config-if)#eee exxx xiii ittt t
Moves to global conguration mode.
Switch(config)#nnn nooo o vvv vlll laaa annn n 555 5
Removes VLAN 5 from the VLAN database.
Or
Switch#vvv vlll laaa annn n ddd daaa attt taaa abbb baaa asss seee e
Enters VLAN database mode.
Switch(vlan)#nnn nooo o vvv vlll laaa annn n 555 5
Removes VLAN 5 from the VLAN database.
Switch(vlan)#eee exxx xiii ittt t
Applies changes, increases the revision number
by 1, and exits VLAN database mode.
Conguration Example: VLANs 121
NOTE: When you delete a VLAN from a switch that is in VTP server mode, the
VLAN is removed from the VLAN database for all switches in the VTP domain.
When you delete a VLAN from a switch that is in VTP transparent mode, the
VLAN is deleted only on that specic switch.
NOTE: You cannot delete the default VLANs for the different media types:
Ethernet VLAN 1 and FDDI or Token Ring VLANs 1002 to 1005.
CAUTION: When you delete a VLAN, any ports assigned to that VLAN become
inactive. They remain associated with the VLAN (and thus inactive) until you
assign them to a new VLAN. Therefore, it is recommended that you reassign
ports to a new VLAN or the default VLAN before you delete a VLAN from the
VLAN database.
Conguration Example: VLANs
Figure 12-1 illustrates the network topology for the conguration that follows, which shows
how to congure VLANs using the commands covered in this chapter.
Figure 12-2 Network Topology for VLAN Conguration Example
2960
10.1.30.10/24
WS1
Native
VLAN 1
10.1.1.0/24
Ports: 1-8
10.1.10.0/24
Ports: 9-15
10.1.20.0/24
Engineering
VLAN 30
Admin
VLAN 10
Accounting
VLAN 20
Ports: 16-24
10.1.30.0/24
122 Conguration Example: VLANs
2960 Switch
Switch>eee ennn naaa abbb blll leee e
Moves to privileged mode.
Switch#ccc cooo onnn nfff fiii iggg guuu urrr reee e ttt teee errr rmmm miii innn naaa alll l
Moves to global conguration mode.
Switch(config)#hhh hooo osss sttt tnnn naaa ammm meee e 222 2999 9666 6000 0
Sets the host name.
2960(config)#vvv vlll laaa annn n 111 1000 0
conguration mode.
2960(config-vlan)#nnn naaa ammm meee e AAA Addd dmmm miii innn n
Assigns a name to the VLAN.
2960(config-vlan)#eee exxx xiii ittt t
Increases the revision number by 1 and
returns to global conguration mode.
2960(config)#vvv vlll laaa annn n 222 2000 0
conguration mode.
2960(config-vlan)#nnn naaa ammm meee e AAA Accc cccc cooo ouuu unnn nttt tiii innn nggg g
2960(config-vlan)#vvv vlll laaa annn n 333 3000 0
conguration mode. Note that you do not
have to exit back to global conguration
mode to execute this command.
2960(config-vlan)#nnn naaa ammm meee e
EEE Ennn nggg giii innn neee eeee errr riii innn nggg g
2960(config-vlan)#eee exxx xiii ittt t
Increases the revision number by 1 and
returns to global conguration mode.
2960(config)#iii innn nttt teee errr rfff faaa accc ceee e rrr raaa annn nggg geee e
fff faaa asss sttt thhh heee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1 888 8
time.
2960(config-if-range)#sss swww wiii ittt tccc chhh hppp pooo orrr rttt t
2960(config-if-range)#iii innn nttt teee errr rfff faaa accc ceee e
rrr raaa annn nggg geee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /999 9 111 1555 5
time.
Conguration Example: VLANs 123
2960(config-if-range)#iii innn nttt teee errr rfff faaa accc ceee e
rrr raaa annn nggg geee e fff faaa asss sttt teee ettt thhh heee errr rnnn neee ettt t 000 0/// /111 1666 6 --- - 222 2444 4
time.
2960(config-if-range)#eee exxx xiii ittt t
Returns to global conguration mode.
2960(config)#eee exxx xiii ittt t
Returns to privileged mode.
2960#ccc cooo oppp pyyy y rrr ruuu unnn nnnn niii innn nggg g--- -ccc cooo onnn nfff fiii iggg g sss sttt taaa arrr rttt tuuu uppp p--- -
ccc cooo onnn nfff fiii iggg g
Saves the conguration in NVRAM.

Vlans y Switcheo

Încărcat de

Informații document

Descriere originală:

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Vlans y Switcheo

Încărcat de

Drepturi de autor:

Formate disponibile

CHAPTER 11

S-ar putea să vă placă și