Gigabit EtherSwitch EHWIC Basic Customer Configuration Example

From DocWiki

Revision as of 21:54, 30 July 2010 by Mesriniv (Talk | contribs)
Jump to: navigation, search

Contents

Introduction

This is a basic customer configuration for the Cisco Gigabit EtherSwitch EHWIC. It includes the following elements:

  1. Trunk configuration
  2. Spanning tree priority & spanning tree port fast feature
  3. VTP configurtaion ( Server & Client)
  4. Control Broadcast traffic - Shutdown port if broadcast traffic is more than 50% from Host
  5. Port Security - to learn maximim one address on port connected to Host
  6. Configure DHCP Server to get IP address to HOST

Design

279290.jpg

Configuration

1.Trunk Configuration - dot1q



ROUTER1(config)#inte g0/0/0
ROUTER1(config-if)#switchport trunk encapsulation dot1q 
ROUTER1(config-if)#switchport mode trunk 
ROUTER1(config)#inte g0/0/1
ROUTER1(config-if)#switchport trunk encapsulation dot1q 
ROUTER1(config-if)#switchport mode trunk
ROUTER2(config)#inte g0/0/0
ROUTER2(config-if)#switchport trunk encapsulation dot1q 
ROUTER2(config-if)#switchport mode trunk 
ROUTER2(config)#inte g0/0/1
ROUTER2(config-if)#switchport trunk encapsulation dot1q 
ROUTER2(config-if)#switchport mode trunk


2.Spanning tree - Configuration


ROUTER1(config)#spanning-tree vlan 1 priority 0


Host-Enabled spanning tree port fast feature & bpduguard


ROUTER1(config)#interface g0/0/2
ROUTER1(config-if)#spanning-tree portfast
 
Warning: portfast should only be enabled on ports connected to a single host Connecting hubs,
concentrators, switches,  bridges, etc.to this interface when portfast is enabled, can cause temporary
spanning tree loops. Use with CAUTION Portfast has been configured on GigabitEthernet0/0/2 but will only
have effect when the interface is in a non-trunking mode.

ROUTER1(config)#spanning-tree portfast bpduguard 


3.VTP configurtaion


ROUTER1(config)#vtp mode server 
Device mode already VTP SERVER.

ROUTER1(config)#vtp domain CISCO
Changing VTP domain name from CISCO to CISCO

ROUTER1(config)#vtp password test
Setting device VLAN database password to TEST

ROUTER2(config)#vtp mode client 
ROUTER2(config)#vtp domain CISCO
Changing VTP domain name from CISCO to CISCO

ROUTER2(config)#vtp password test
Setting device VLAN database password to TEST


4.Shutdown port if Broadcast traffic is more than 50%


ROUTER1(config)#inte g0/0/2
ROUTER1(config-if)#storm-control broadcast level 50
ROUTER1(config-if)#storm-control action shutdown 

</pre?

5.Port Security - allow to learn maximim one address on port g0/0/2
-----------------------------------------------------------------
<pre>
ROUTER1(config)#mac-address-table secure maximum 1 gigabitEtherne0/0/2


6.DHCP Server to get IP address to HOST


ROUTER2(config)#inte vlan 1
ROUTER2(config-if)#ip address 10.0.0.1 255.255.255.0
ROUTER2(config)#ip dhcp pool TEST
ROUTER2(dhcp-config)#network 10.0.0.0 255.255.255.0
ROUTER2(dhcp-config)#default-router 10.0.0.1
ROUTER2(config)#ip dhcp excluded-address 10.0.0.1

Show commands

1.Trunk Configuration - dot1q


ROUTER1#show interfaces trunk 
Port      Mode         Encapsulation  Status        Native vlan
Gi0/0/0   on           802.1q         trunking      1
Port      Vlans allowed on trunk
Gi0/0/0   1-4094
Port      Vlans allowed and active in management domain
Gi0/0/0   1-10,12-33
Port      Vlans in spanning tree forwarding state and not pruned
Gi0/0/0   none

ROUTER1#


2.Spanning tree -



ROUTER1#show spanning-tree vlan 1 brie
VLAN1
Spanning tree enabled protocol ieee
Root ID    Priority    0          
Address     000f.f70b.3ea5
This bridge is the root
Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
Bridge ID  Priority    0
Address     000f.f70b.3ea5
Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
Aging Time 300

Interface                                   Designated

Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID


GigabitEthernet0/0/0 128.1    128     4 FWD     0     0 000f.f70b.3ea5 128.1  

GigabitEthernet0/0/1 128.2    128     4 FWD     0     0 000f.f70b.3ea5 128.2  

3.VTP



ROUTER1#show vtp status 
VTP Version                     : 2

Configuration Revision          : 0

Maximum VLANs supported locally : 36

Number of existing VLANs        : 36

VTP Operating Mode              : Server

VTP Domain Name                 : CISCO

VTP Pruning Mode                : Disabled

VTP V2 Mode                     : Disabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0xA1 0x13 0xD9 0x04 0x8D 0xD6 0xF8 0x9A 

Configuration last modified by 40.0.0.2 at 4-12-10 09:06:10

Local updater ID is 192.168.1.1 on interface Vl1 (lowest numbered VLAN interface found)

ROUTER1#show vtp pas    
ROUTER1#show vtp password 
VTP Password: TEST

ROUTER1#

ROUTER2#show vtp status 

VTP Version                     : 2

Configuration Revision          : 0

Maximum VLANs supported locally : 20

Number of existing VLANs        : 20

VTP Operating Mode              : Client

VTP Domain Name                 : CISCO

VTP Pruning Mode                : Disabled

VTP V2 Mode                     : Disabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0xFC 0x06 0x7A 0xAA 0xC7 0xDB 0xE6 0xCD 

Configuration last modified by 0.0.0.0 at 6-1-10 05:04:50

ROUTER2#show vtp password   

VTP Password: TEST

ROUTER2#


4.Shutdown port if Broadcast traffic is more than 50%



ROUTER1#show storm-control broadcast 
Interface  Filter State   Upper    Lower    Current

Gi0/0/0    inactive       100.00%  100.00%      N/A

Gi0/0/1    inactive       100.00%  100.00%      N/A

Gi0/0/2    Forwarding      50.00%   50.00%    0.00%

Gi0/0/3    inactive       100.00%  100.00%      N/A

ROUTER1#

5.Port Security - allow to learn maximim one address on port g0/0/2


ROUTER1#sh runn | incl mac
mac-address-table secure maximum 1 GigabitEthernet0/0/2

ROUTER1#

6.DHCP Server


ROUTER1#sh runn | beg dhcp

ip dhcp excluded-address 192.168.4.1

ip dhcp excluded-address 10.0.0.1

ip dhcp pool TEST

network 10.0.0.0 255.255.255.0

default-router 10.0.0.1


ROUTER1#show ip dhcp pool 
Pool TEST :

Utilization mark (high/low)    : 100 / 0

Subnet size (first/next)       : 0 / 0 

Total addresses                : 254

Leased addresses               : 0

Pending event                  : none

1 subnet is currently in the pool :

Current index        IP address range                    Leased addresses

10.0.0.1             10.0.0.1         - 10.0.0.254        0

ROUTER2#

Show running-config


ROUTER1#show running-config 

Building configuration...

Current configuration : 2809 bytes

Last configuration change at 07:33:39 UTC Tue Jun 1 2010

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname ROUTER1

boot-start-marker

boot system flash0:c2900-universalk9-mz.SSA.1_20100412

boot-end-marker


no aaa new-model

ip dhcp excluded-address 10.0.0.1


ip dhcp pool TEST

network 10.0.0.0 255.255.255.0

default-router 10.0.0.1 


spanning-tree portfast bpduguard

spanning-tree vlan 1 priority 0

interface GigabitEthernet0/0

ip address 9.43.16.40 255.255.0.0

duplex auto

speed auto

interface GigabitEthernet0/1

duplex auto

speed auto

interface GigabitEthernet0/2

duplex auto

speed auto


interface GigabitEthernet0/0/0

switchport mode trunk

interface GigabitEthernet0/0/1

switchport mode trunk

interface GigabitEthernet0/0/2

switchport access vlan 2

storm-control broadcast level 50.00

storm-control action shutdown

spanning-tree portfast

interface Vlan1

ip address 10.0.0.1 255.255.255.0

ip forward-protocol nd

no ip http server

no ip http secure-server

mac-address-table secure maximum 1 GigabitEthernet0/0/2


line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

transport input all

exception data-corruption buffer truncate

scheduler allocate 20000 1000

end

ROUTER1#


Related Information

Technical Support & Documentation - Cisco Systems

Rating: 0.0/5 (0 votes cast)

Personal tools