Chapter 8. Configuring a Switch
This chapter provides information and commands concerning the following topics:
Note
As of the publication of this Command Guide, the latest switch platform from Cisco is the Catalyst 9xxx series. This series consists of wireless APs, Layer 2 switches, and Layer 3 switches for use in small branch deployments up to large core deployments. For those using older Catalyst switches, this book makes the following assumptions:
Layer 2 switches are named either Switch2960 or Switch9200.
Layer 3 switches are named either Switch3650 or Switch9300.
If you have any questions regarding the validity of commands on your devices, refer to your device-specific/OS-specific documentation on the Cisco.com website.
Help Commands
switch> ? |
Lists all commands available in the current command mode Tip The ? works here the same as in a router |
|
Lists all the possible choices that start with the letter c |
switch# show ? |
Shows all parameters for this command |
Command Modes
switch> enable |
Moves the user from user mode to privileged mode Tip This is the same command as used in a router |
switch# |
Indicates privileged mode |
switch# disable |
Leaves privileged mode |
switch> exit |
Leaves user mode |
Verifying Commands
switch# show version |
Displays information about software and hardware |
switch# show flash: |
Displays information about flash memory |
switch# show mac address-table |
Displays the current MAC address forwarding table |
switch# show controllers ethernet-controller |
Displays information about the Ethernet controller |
switch# show running-config |
Displays the current configuration in DRAM |
switch# show startup-config |
Displays the current configuration in NVRAM |
switch# show post |
Displays whether the switch passed POST |
switch# show vlan |
Displays the current VLAN configuration |
switch# show interfaces |
Displays the interface configuration and status of line: up/up, up/down, admin down Note The show interfaces command is unsupported in some earlier Cisco IOS Software releases, such as 12.2(25)FX |
switch# show interfaces vlan1 |
Displays setting of virtual interface VLAN 1, the default VLAN on the switch Note The show interfaces vlanx command is unsupported in some earlier Cisco IOS Software releases, such as 12.2(25)FX |
Resetting Switch Configuration
Switch# delete flash:vlan.dat |
Removes the VLAN database from flash memory |
Delete filename [vlan.dat]? |
Press  |
Delete flash:vlan.dat? [confirm] |
Reconfirm by pressing |
Switch# erase startup-config |
Erases the file from NVRAM |
<output omitted> |
|
Switch# reload |
Restarts the switch |
Switch# write erase |
Erases the startup-config file from NVRAM. This is an older version of the erase startup-config command |
Setting Host Names
Switch# configure terminal |
Moves to global configuration mode |
Switch(config)# hostname Switch9200 |
Creates a locally significant host name of the switch. This is the same command as is used on routers |
Switch9200(config)# |
Tip
If you set a host name that begins with a number, you receive a warning about using illegal characters. However, the switch accepts the name.
Switch(config)# hostname 9200 % Hostname contains one or more illegal characters. 9200(config)#
Setting Passwords
Setting passwords for the 2960/9200 series switches is the same method as used for a router.
Switch9200(config)# enable password cisco |
Sets the enable password to cisco |
Switch9200(config)# enable secret class |
Sets the encrypted secret password to class |
Switch9200(config)# line console 0 |
Enters line console mode |
Switch9200(config-line)# login |
Enables password checking |
Switch9200(config-line)# password cisco |
Sets the password to cisco |
Switch9200(config-line)# exit |
Exits line console mode |
Switch9200(config-line)# line vty 0 15 |
Enters line vty mode for all 15 virtual ports |
Switch9200(config-line)# login |
Enables password checking |
Switch9200(config-line)# password cisco |
Sets the password to cisco |
Switch9200(config-line)# exit |
Exits line vty mode |
Switch9200(config)# |
Setting IP Addresses and Default Gateways
Switch9200(config)# interface vlan1 |
Enters the virtual interface for VLAN 1, the default VLAN on the switch |
Switch9200(config-if)# ip address 172.16.10.2 255.255.255.0 |
Sets the IP address and netmask to allow for remote access to the switch |
Switch9200(config-if)# exit |
Returns to global configuration mode |
Switch9200(config)# ip default-gateway 172.16.10.1 |
Allows IP information an exit past the local network |
Tip
For the 2960/9200 series switches, the IP address of the switch is just that—the IP address for the entire switch. That is why you set the address in VLAN 1 (the default VLAN of the switch) and not in a specific Ethernet interface. If you choose to make your management VLAN a different number, you would use these commands in that VLAN using the interface vlan x command, where x is the number of your management VLAN.
Setting Interface Descriptions
Switch2960(config)# interface fastethernet 0/1 |
Enters interface configuration mode |
Switch2960(config-if)# description Finance VLAN |
Adds a description of the interface. The description is locally significant only |
Tip
The 2960 series switches have ports ranging from 8 to 48 Fast Ethernet ports named fa0/1, fa0/2, ... fa0/48—there is no fastethernet 0/0. This is true for the 2960G series, in which all ports are Gigabit Ethernet ports named gi0/1, gi0/2 ... gi0/48. Again, there is no gigabitethernet0/0 port.
The 9200 series switches have GigabitEthernet (GE) and 10-GE ports only.
The mdix auto Command
When automatic medium-dependent interface crossover (Auto-MDIX) is enabled on an interface, the interface automatically detects the required cable connection type (straight-through or crossover) and configures the connection appropriately. When connecting switches without the Auto-MDIX feature, you must use straight-through cables to connect to devices such as servers, workstations, or routers and use crossover cables to connect to other switches or repeaters. With Auto-MDIX enabled, you can use either type of cable to connect to other devices, and the interface automatically corrects for incorrect cabling.
Switch2960(config)# interface fastethernet 0/1 |
Enters interface configuration mode |
Switch2960(config-if)# mdix auto |
Enables Auto-MDIX on the interface |
Switch2960(config-if)# no mdix auto |
Disables Auto-MDIX on the interface |
Tip
The Auto-MDIX feature is enabled by default on switches running Cisco IOS Release 12.2(18)SE or later. For releases between Cisco IOS Release 12.1(14)EA1 and 12.2(18)SE, the Auto-MDIX feature is disabled by default.
Tip
If you are working on a device where Auto-MDIX is enabled by default, the command does not show up when you enter show running-config.
Caution
When you enable Auto-MDIX, you must also set the interface speed and duplex to auto so that the feature operates correctly. In other words, if you use Auto-MDIX to give you the flexibility to use either type of cable to connect your switches, you lose the ability to hard-set the speed/duplex on both sides of the link.
The following table shows the different link state results from Auto-MDIX settings with correct and incorrect cabling.
| Local Side Auto-MDIX | Remote Side Auto-MDIX | With Correct Cabling | With Incorrect Cabling |
| On | On | Link up | Link up |
| On | Off | Link up | Link up |
| Off | On | Link up | Link up |
| Off | Off | Link up | Link down |
Setting Duplex Operation
Switch2960(config)# interface fastethernet 0/1 |
Moves to interface configuration mode |
Switch2960(config-if)# duplex full |
Forces full-duplex operation |
Switch2960(config-if)# duplex auto |
Enables auto-duplex config |
Switch2960(config-if)# duplex half |
Forces half-duplex operation |
Setting Operation Speed
Switch2960(config)# interface fastethernet 0/1 |
Moves to interface configuration mode |
Switch2960(config-if)# speed 10 |
Specifies that the port runs at 10 Mbps |
Switch2960(config-if)# speed 100 |
Specifies that the port runs at 100 Mbps |
Switch9200(config-if)# speed 1000 |
Specifies that the port runs at 1000 Mbps |
Switch9200(config-if)# speed 2500 |
Specifies that the port runs at 2500 Mbps. This option is only valid and visible on multi-Gigabit-supported Ethernet ports |
Switch9200(config-if)# speed 5000 |
Specifies that the port runs at 5000 Mbps. This option is only valid and visible on multi-Gigabit-supported Ethernet ports |
Switch2960(config-if)# speed auto |
Detects the speed at which the port should run, automatically, based on the port at the other end of the link |
Switch9200(config-if)# speed nonegotiate |
Disables autonegotiation, and the port runs at 1000 Mbps |
Managing the MAC Address Table
switch# show mac address-table |
Displays current MAC address forwarding table |
switch# clear mac address-table |
Deletes all entries from current MAC address forwarding table |
switch# clear mac address-table dynamic |
Deletes only dynamic entries from table |
Configuration Example
Figure 8-1 shows the network topology for the basic configuration of a 2960 series switch using commands covered in this chapter. These commands will also work on a 9200 series switch, with the exception that all Fast Ethernet ports will be Gigabit Ethernet ports on the 9200 switch.
Figure 8-1 Network Topology for 2960 Series Switch Configuration
|
Enters privileged EXEC mode |
switch# configure terminal |
Enters global configuration mode |
switch(config)# no ip domain-lookup |
Turns off Domain Name System (DNS) queries so that spelling mistakes do not slow you down |
switch(config)# hostname Switch2960 |
Sets the host name |
Switch2960(config)# enable secret cisco |
Sets the encrypted secret password to cisco |
Switch2960(config)# line console 0 |
Enters line console mode |
Switch2960(config-line)# logging synchronous |
Appends commands to a new line; switch information will not interrupt |
Switch2960(config-line)# login |
User must log in to console before use |
Switch2960(config-line)# password switch |
Sets the console password to switch |
Switch2960(config-line)# exec-timeout 0 0 |
The console line will not log out because of the connection to the console being idle |
Switch2960(config-line)# exit |
Moves back to global configuration mode |
Switch2960(config)# line vty 0 15 |
Moves to configure all 16 vty ports at the same time |
Switch2960(config-line)# login |
User must log in to vty port before use |
Switch2960(config-line)# password class |
Sets the vty password to class |
Switch2960(config-line)# exit |
Moves back to global configuration mode |
Switch2960(config)# ip default-gateway 192.168.1.1 |
Sets default gateway address |
Switch2960(config)# interface vlan 1 |
Moves to virtual interface VLAN 1 configuration mode |
Switch2960(config-if)# ip address 192.168.1.2 255.255.255.0 |
Sets the IP address and netmask for switch |
Switch2960(config-if)# no shutdown |
Turns the virtual interface on |
Switch2960(config-if)# interface fastethernet 0/1 |
Moves to interface configuration mode for fastethernet 0/1 |
Switch2960(config-if)# description Link to Bismarck Router |
Sets a local description |
Switch2960(config-if)# interface fastethernet 0/4 |
Moves to interface configuration mode for fastethernet 0/4 |
Switch2960(config-if)# description Link to Workstation A |
Sets a local description |
Switch2960(config-if)# interface fastethernet 0/8 |
Moves to interface configuration mode for fastethernet 0/8 |
Switch2960(config-if)# description Link to Workstation B |
Sets a local description |
Switch2960(config-if)# exit |
Returns to global configuration mode |
Switch2960(config)# exit |
Returns to privileged EXEC mode |
Switch2960# copy running-config startup-config |
Saves the configuration to NVRAM |
Switch2960# |