cisco switch

Cisco命令大全switch配置命令(1)模式转换命令用户模式----特权模式,使用命令"enable"特权模式----全局配置模式,使用命令"config t"全局配置模式----接口模式,使用命令"interface+接口类型+接口号" 全局配置模式----线控模式,使用命令"line+接口类型+接口号" 注:用户模式:查看初始化的信息.特权模式:查看所有信息、调试、保存配置信息全局模式：配置所有信息、针对整个路由器或交换机的所有接口接口模式：针对某一个接口的配置线控模式：对路由器进行控制的接口配置（2）配置命令show running config 显示所有的配置show versin 显示版本号和寄存器值shut down 关闭接口no shutdown 打开接口ip add +ip地址配置IP地址secondary+IP地址为接口配置第二个IP地址show interface+接口类型+接口号查看接口管理性show controllers interface 查看接口是否有DCE电缆show history 查看历史记录show terminal 查看终端记录大小hostname+主机名配置路由器或交换机的标识config memory 修改保存在NVRAM中的启动配置exec timeout 0 0 设置控制台会话超时为0service password-encryptin 手工加密所有密码enable password +密码配置明文密码ena sec +密码配置密文密码line vty 0 4/15 进入telnet接口password +密码配置telnet密码line aux 0 进入AUX接口password +密码配置密码line con 0 进入CON接口password +密码配置密码bandwidth+数字配置带宽no ip address 删除已配置的IP地址show startup config 查看NVRAM中的配置信息copy run-config atartup config 保存信息到NVRAMwrite 保存信息到NVRAMerase startup-config 清除NVRAM中的配置信息show ip interface brief 查看接口的谪要信息banner motd # +信息+ # 配置路由器或交换机的描素信息description+信息配置接口听描素信息vlan database 进入VLAN数据库模式vlan +vlan号+ 名称创建VLANswitchport access vlan +vlan号为VLAN为配接口interface vlan +vlan号进入VLAN接口模式ip add +ip地址为VLAN配置管理IP地址vtp+service/tracsparent/client 配置SW的VTP工作模式vtp +domain+域名配置SW的VTP域名vtp +password +密码配置SW的密码switchport mode trunk 启用中继no vlan +vlan号删除VLANshow spamming-tree vlan +vlan号查看VLA怕生成树议2. 路由器配置命令ip route+非直连网段+子网掩码+下一跳地址配置静态/默认路由show ip route 查看路由表show protocols 显示出所有的被动路由协议和接口上哪些协议被设置show ip protocols 显示了被配置在路由器上的路由选择协议,同时给出了在路由选择协议中使用的定时器等信息router rip 激活RIP协议network +直连网段发布直连网段interface lookback 0 激活逻辑接口passive-interface +接口类型+接口号配置接口为被动模式debug ip +协议动态查看路由更新信息undebug all 关闭所有DEBUG信息router eigrp +as号激活EIGRP路由协议network +网段+子网掩码发布直连网段show ip eigrp neighbors 查看邻居表show ip eigrp topology 查看拓扑表show ip eigrp traffic 查看发送包数量router ospf +process-ID 激活OSPF协议network+直连网段+area+区域号发布直连网段show ip ospf 显示OSPF的进程号和ROUTER-IDencapsulation+封装格式更改封装格式no ip admain-lookup 关闭路由器的域名查找ip routing 在三层交换机上启用路由功能show user 查看SW的在线用户clear line +线路号清除线路3. 三层交换机配置命令配置一组二层端口configure terminal 进入配置状态nterface range {port-range} 进入组配置状态配置三层端口configure terminal 进入配置状态interface {{fastethernet | gigabitethernet} interface-id} | {vlan vlan-id} | {port-channel port-channel-number} 进入端口配置状态no switchport 把物理端口变成三层口ip address ip_address subnet_mask 配置IP地址和掩码no shutdown 激活端口例：Switch(config)# interface gigabitethernet0/2Switch(config-if)# no switchportSwitch(config-if)# ip address 192.20.135.21 255.255.255.0Switch(config-if)# no shutdown配置VLANconfigure terminal 进入配置状态vlan vlan-id 输入一个VLAN号, 然后进入vlan配态，可以输入一个新的VLAN号或旧的来进行修改。

1.在基于IOS的交换机上设置主机名/系统名:switch(config)# hostname hostname在基于CLI的交换机上设置主机名/系统名:switch(enable) set system name name-string2.在基于IOS的交换机上设置登录口令:switch(config)# enable password level 1 password在基于CLI的交换机上设置登录口令:switch(enable) set passwordswitch(enable) set enalbepass3.在基于IOS的交换机上设置远程访问:switch(config)# interface vlan 1switch(config-if)# ip address ip-address netmaskswitch(config-if)# ip default-gateway ip-address在基于CLI的交换机上设置远程访问:switch(enable) set interface sc0 ip-address netmask broadcast-address switch(enable) set interface sc0 vlanswitch(enable) set ip route default gateway4.在基于IOS的交换机上启用和浏览CDP信息:switch(config-if)# cdp enableswitch(config-if)# no cdp enable为了查看Cisco邻接设备的CDP通告信息:switch# show cdp interface [type modle/port]switch# show cdp neighbors [type module/port] [detail]在基于CLI的交换机上启用和浏览CDP信息:switch(enable) set cdp {enable|disable} module/port为了查看Cisco邻接设备的CDP通告信息:switch(enable) show cdp neighbors[module/port] [vlan|duplex|capabilities|detail] 5.基于IOS的交换机的端口描述:switch(config-if)# description description-string基于CLI的交换机的端口描述:switch(enable)set port name module/number description-string6.在基于IOS的交换机上设置端口速度:switch(config-if)# speed{10|100|auto}在基于CLI的交换机上设置端口速度:switch(enable) set port speed moudle/number {10|100|auto}switch(enable) set port speed moudle/number {4|16|auto}7.在基于IOS的交换机上设置以太网的链路模式:switch(config-if)# duplex {auto|full|half}在基于CLI的交换机上设置以太网的链路模式:switch(enable) set port duplex module/number {full|half}8.在基于IOS的交换机上配置静态VLAN:switch# vlan databaseswitch(vlan)# vlan vlan-num name vlaswitch(vlan)# exitswitch# configure teriminalswitch(config)# interface interface module/numberswitch(config-if)# switchport mode accessswitch(config-if)# switchport access vlan vlan-numswitch(config-if)# end在基于CLI的交换机上配置静态VLAN:switch(enable) set vlan vlan-num [name name]switch(enable) set vlan vlan-num mod-num/port-list9. 在基于IOS的交换机上配置VLAN中继线:switch(config)# interface interface mod/portswitch(config-if)# switchport mode trunkswitch(config-if)# switchport trunk encapsulation {isl|dotlq}switch(config-if)# switchport trunk allowed vlan remove vlan-list switch(config-if)# switchport trunk allowed vlan add vlan-list在基于CLI的交换机上配置VLAN中继线:switch(enable) set trunk module/port [on|off|desirable|auto|nonegotiate]Vlan-range [isl|dotlq|dotl0|lane|negotiate]10.在基于IOS的交换机上配置VTP管理域:switch# vlan databaseswitch(vlan)# vtp domain domain-name在基于CLI的交换机上配置VTP管理域:switch(enable) set vtp [domain domain-name]11.在基于IOS的交换机上配置VTP 模式:switch# vlan databaseswitch(vlan)# vtp domain domain-nameswitch(vlan)# vtp {sever|cilent|transparent}switch(vlan)# vtp password password在基于CLI的交换机上配置VTP 模式:switch(enable) set vtp [domain domain-name] [mode{ sever|cilent|transparent }][pa ssword password]12. 在基于IOS的交换机上配置VTP版本:switch# vlan databaseswitch(vlan)# vtp v2-mode在基于CLI的交换机上配置VTP版本:switch(enable) set vtp v2 enable13. 在基于IOS的交换机上启动VTP剪裁:switch# vlan databaseswitch(vlan)# vtp pruning在基于CL I 的交换机上启动VTP剪裁:switch(enable) set vtp pruning enable14.在基于IOS的交换机上配置以太信道:switch(config-if)# port group group-number [distribution {source|destination}] 在基于CLI的交换机上配置以太信道:switch(enable) set port channel moudle/port-range mode{on|off|desirable|auto} 15.在基于IOS的交换机上调整根路径成本:switch(config-if)# spanning-tree [vlan vlan-list] cost cost在基于CLI的交换机上调整根路径成本:switch(enable) set spantree portcost moudle/port costswitch(enable) set spantree portvlancost moudle/port [cost cost][vlan-list] 16.在基于IOS的交换机上调整端口ID:switch(config-if)# spanning-tree[vlan vlan-list]port-priority port-priority在基于CLI的交换机上调整端口ID:switch(enable) set spantree portpri {mldule/port}priorityswitch(enable) set spantree portvlanpri {module/port}priority [vlans]17. 在基于IOS的交换机上修改STP时钟:switch(config)# spanning-tree [vlan vlan-list] hello-time secondsswitch(config)# spanning-tree [vlan vlan-list] forward-time secondsswitch(config)# spanning-tree [vlan vlan-list] max-age seconds在基于CLI的交换机上修改STP时钟:switch(enable) set spantree hello interval[vlan]switch(enable) set spantree fwddelay delay [vlan]switch(enable) set spantree maxage agingtiame[vlan]18. 在基于IOS的交换机端口上启用或禁用Port Fast 特征:switch(config-if)#spanning-tree portfast在基于CLI的交换机端口上启用或禁用Port Fast 特征:switch(enable) set spantree portfast {module/port}{enable|disable}19. 在基于IOS的交换机端口上启用或禁用UplinkFast 特征:switch(config)# spanning-tree uplinkfast [max-update-rate pkts-per-second]在基于CLI的交换机端口上启用或禁用UplinkFast 特征:switch(enable) set spantree uplinkfast {enable|disable}[rate update-rate] [all-protoc ols off|on]20. 为了将交换机配置成一个集群的命令交换机,首先要给管理接口分配一个IP地址,然后使用下列命令: switch(config)# cluster enable cluster-name cv21. 为了从一条中继链路上删除VLAN,可使用下列命令:switch(enable) clear trunk module/port vlan-range22. 用show vtp domain 显示管理域的VTP参数.23. 用show vtp statistics显示管理域的VTP参数.24. 在Catalyst交换机上定义TrBRF的命令如下:switch(enable) set vlan vlan-name [name name] type trbrf bridge bridge-num[stp {ieee|ibm}]25. 在Catalyst交换机上定义TrCRF的命令如下:switch (enable) set vlan vlan-num [name name] type trcrf{ring hex-ring-num|decring decimal-ring-num} parent vlan-num26. 在创建好TrBRF VLAN之后,就可以给它分配交换机端口.对于以太网交换,可以采用如下命令给VLAN分配端口:switch(enable) set vlan vlan-num mod-num/port-num27. 命令show spantree显示一个交换机端口的STP状态.28. 配置一个ELAN的LES和BUS,可以使用下列命令:ATM (config)# interface atm number.subint multiointATM(config-subif)# lane serber-bus ethernet elan-name29. 配置LECS:ATM(config)# lane database database-nameATM(lane-config-databade)# name elan1-name server-atm-address les1-nsap-addres sATM(lane-config-databade)# name elan2-name server-atm-address les2-nsap-addres sATM(lane-config-databade)# name …30. 创建完数据库后,必须在主接口上启动LECS.命令如下:ATM(config)# interface atm numberATM(config-if)# lane config database database-nameATM(config-if)# lane config auto-config-atm-address31. 将每个LEC配置到一个不同的ATM子接口上.命令如下: ATM(config)# interface atm number.subint multipointATM(config)# lane client ethernet vlan-num elan-num32. 用show lane server 显示LES的状态.33. 用show lane bus显示bus的状态.34. 用show lane database显示LECS数据库可内容.35. 用show lane client显示LEC的状态.36. 用show module显示已安装的模块列表.37. 用物理接口建立与VLAN的连接:router# configure terminalrouter(config)# interface media module/portrouter(config-if)# description description-stringrouter(config-if)# ip address ip-addr subnet-maskrouter(config-if)# no shutdown38. 用中继链路来建立与VLAN的连接:router(config)# interface module/port.subinterfacerouter(config-ig)# encapsulation[isl|dotlq] vlan-numberrouter(config-if)# ip address ip-address subnet-mask39. 用LANE 来建立与VLAN的连接:router(config)# interface atm module/portrouter(config-if)# no ip addressrouter(config-if)# atm pvc 1 0 5 qsaalrouter(config-if)# atm pvc 2 0 16 ilnirouter(config-if)# interface atm module/port.subinterface multipointrouter(config-if)# ip address ip-address subnet-maskrouter(config-if)# lane client ethernet elan-numrouter(config-if)# interface atm module/port.subinterface multipointrouter(config-if)# ip address ip-address subnet-namerouter(config-if)# lane client ethernet elan-namerouter(config-if)# …40. 为了在路由处理器上进行动态路由配置,可以用下列IOS命令来进行: router(config)# ip routingrouter(config)# router ip-routing-protocolrouter(config-router)# network ip-network-numberrouter(config-router)# network ip-network-number41. 配置默认路由:switch(enable) set ip route default gateway42. 为一个路由处理器分配VLANID,可在接口模式下使用下列命令:router(config)# interface interface numberrouter(config-if)# mls rp vlan-id vlan-id-num43. 在路由处理器启用MLSP:router(config)# mls rp ip44. 为了把一个外置的路由处理器接口和交换机安置在同一个VTP域中:router(config)# interface interface numberrouter(config-if)# mls rp vtp-domain domain-name45. 查看指定的VTP域的信息:router# show mls rp vtp-domain vtp domain name46. 要确定RSM或路由器上的管理接口,可以在接口模式下输入下列命令:router(config-if)#mls rp management-interface47. 要检验MLS-RP的配置情况：router# show mls rp48. 检验特定接口上的MLS配置：router# show mls rp interface interface number49. 为了在MLS-SE上设置流掩码而又不想在任一个路由处理器接口上设置访问列表：set mls flow [destination|destination-source|full]50. 为使MLS和输入访问列表可以兼容，可以在全局模式下使用下列命令：router(config)# mls rp ip input-acl51. 当某个交换机的第3层交换失效时，可在交换机的特权模式下输入下列命令：switch(enable) set mls enable52. 若想改变老化时间的值，可在特权模式下输入以下命令：switch(enable) set mls agingtime agingtime53. 设置快速老化：switch(enable) set mls agingtime fast fastagingtime pkt_threshold54. 确定那些MLS-RP和MLS-SE参与了MLS，可先显示交换机引用列表中的内容再确定：switch(enable) show mls include55. 显示MLS高速缓存记录：switch(enable) show mls entry56. 用命令show in arp显示ARP高速缓存区的内容。

cisco路由器常用命令1、Switch> 用户模式2、Switch>enable 进入特权模式Switch#3、Switch#config terminal 进入全局模式Switch(config)#4、Switch(config)#interface f0/1 进入接口模式Switch(config-if)#5、Switch(config)#line console 0 进入line模式Switch(config-line)#exit 退回上层end 结束所有操作6、Switch(config)#hostname aaa 配置主机名7、switch#show running-config 查看配置情况8、Switch(config)#enable password 111 设置使能密码(明文)9、Switch(config)#enable secret 111 设置使能密码(密文)Switch(config)#line console 0 设置console密码Switch(config-line)#password 333Switch(config-line)#login10、Switch(config)#interface vlan1Switch(config-if)#ip address 192.168.1.1 255.255.255.0 设置IP地址Switch(config-if)#no shutdown11、Switch(config)#ip default-gateway 192.168.1.10 设置网关12、Switch#show mac-address-table 查看MAC地址表13、Switch#show cdp cdp全局配置信息14、Switch#show cdp interface f0/1 cdp接口配置信息15、Switch#show cdp traffic cdp包的配置信息16、Switch#show cdp neighbors cdp邻居基本信息17、Switch#show cdp neighbors detail cdp邻居详细信息Switch#show cdp neighbors entry18、Switch#copy running-config startup-config19、Switch#erase startup-config 恢复出厂信息Switch#reload 重新加载20、交换机密码恢复*断开电源*按住MODE键，加电(等待数秒)*switch:出现此符号*switch:flash_init 初始化flash*switch:dir flash: (查看文件，可省去)*switch:rename config.text config.old 改名*switch:boot 重启*switch>enable 进入特权*switch#dir flash: (查看文件，可省去)*switch#rename config.old config.text改名*switch#copy flash:config.text running-config 复制到系统内*switch#confit terminal 进入全局模式*switch(config)#enable password 222 设置新密码21、switch#show vlan-sw brief 查看vlan22、switch#vlan database 进入vlan模式switch(vlan)#vlan 20 name bbb 创建vlan并命名23、switch(vlan)#no vlan 20 删除vlan24、添加端口到vlan(单个)switch(config)#interface f0/1 进入接口模式switch(config-if)#switchport access vlan 10 添加至vlan10switch(config-if)#end 退出switch#show vlan brief (id) 验证vlanswitch(config)#show running-config interface f0/1(查看某接口)25、添加端口到vlan(批量)switch(config)#interface range f0/1 - 5switch(config-if-range)#switchport access vlan 1026、switch(config)#interface f0/1 进入接口switch(config-if)#switchport mode trunk 设置为trunk(永久)switch(config-if)#switchport mode dynamic desirable/auto(其它trunk)switch(config-if)#switchport trunk allowed vlan remove 10 移除vlan10)switch(config-if)#switchport trunk allowed vlan add 20 添加vlan2027、switch#show interface f0/1 switchport 查看接口模式show ip interface briefSwitch#write 保存交换机配置信息。

Cisco Catalyst Switch Modules 3110G and 3110X for BladeCenterProduct Guide (withdrawn product)The Cisco Catalyst Switch Module 3110G and 3110X are Gigabit Ethernet Switch Modules in a standard switch-bay form-factor for use in all BladeCenter chassis. These stackable switches are full wire-rated, non-blocking switches for use with high performance servers. The 3110G offers four external RJ-45 Gigabit Ethernet connections and the 3110X offers one external 10 Gb Ethernet slot (for use with an X2 transceiver module) for making 10Gb uplinks to backbone switches or routers.Built upon Cisco's market-leading hardware and IOS software, the switches are designed to deliver scalable, high performance, highly resilient connectivity while reducing server infrastructure complexity.Figure 1. Cisco Catalyst Switch Module 3110G (left) and 3110X (right). The 3110X is shown with an optional X2 transceiver module installed.Did you know?The Cisco Catalyst Switch Module 3110 has a unique technology called Virtual Blade Switch (VBS). Much like server virtualization technology, this switch virtualization technology treats the individual physical switches within a rack as a single logical switch. As with server virtualization technology, this innovation allows the switches to deliver better utilization, increased performance, and greater resilience while simplifying operations and management.Click here to check for updatesFigure 2. Virtual Blade Switch sample topologySupported BladeCenter chassis and expansion cardsThe Cisco Catalyst Switch Modules 3110G and 3110X are supported in the BladeCenter chassis as listed in Table 4.Table 4. BladeCenter chassis that support the Cisco Catalyst Switch Modules 3110G and 3110XCisco Catalyst Switch Module 3110G 41Y8523N Y†Y Y Y Y N Cisco Catalyst Switch Module 3110X41Y8522NY†YYYYN† The Advanced Management Module must be installed in the BladeCenter E chassisThe Cisco Catalyst Switch Modules 3110G and 3110X support the expansion cards listed in Table 5. Table 5 also lists the chassis bays in which the switch module must be installed when used with each expansion card.The Cisco Catalyst Switch Modules 3110G and 3110X fit in a standard I/O bay (bays 1-4) and, with the addition of the Multi-Switch Interconnect Module (MSIM) in the BladeCenter H, can also fit in a high-speed I/O bay (bays 7-10). These switch modules are not supported with MSIM-HT in high-speed bays of the BladeCenter HT chassis.Table 5. Expansion card and BladeCenter chassis I/O bays support.Gigabit Ethernet integrated on the server planar None Y Y‡N N N N N N N N Ethernet Expansion Card (CFFv)39Y9310Y†Y†Y Y N N N N N N Ethernet Expansion Card (CIOv)44W4475N N Y Y N N N N N N QLogic Ethernet and 4 Gb FC Card (CFFh)39Y9306N N N N N N Y N Y N 2/4 Port Ethernet Expansion Card (CFFh)44W4479N Y*N N N N Y Y Y Y QLogic Ethernet and 8 Gb FC Card (CFFh)44X1940NNNNNNYNYN‡ For all BladeCenter chassis except the BladeCenter S† Supported only if the expansion card is installed in slot 1 of a BladeCenter Storage and I/O Expansion Unit (39R7563).* The 2/4 Port Ethernet Expansion Card supports I/O bay 2 connections only when installed into a blade server that is installed into a BladeCenter S chassis.Popular configurationsThis section shows how the Cisco Catalyst Switch Modules 3110G and 3110X can be used in configurations.Basic two-port configurationFigure 3 shows basic use of the Cisco Catalyst Switch Modules 3110 to route the two-port Ethernet controller that is integrated onto the blade server. Two Ethernet Switch Modules are installed in bay 1 and bay 2 of the BladeCenter chassis. The connections between the controller and the switch modules are internal to the chassis. The two switches are connected together with StackWise Plus cables to form a single Virtual Blade Switch.Figure 3. Using Cisco Catalyst Switch Module 3110 to route the integrated Ethernet portsTable 6 lists the components that are used in the two-port configuration shown in Figure 3.Table 6. Components used in the two-ports-per-server configurationDiagram reference Part number / machinetypeDescription QuantityVaries BladeCenter HS22 or other server 1 to 14None Ethernet controller on the system board of the server 1 perserverVaries BladeCenter E, H, HT or T141Y8523 or 41Y8522Cisco Catalyst Switch Module 3110G or 3110X2None StackWise Plus cables (one included with each Ciscoswitch)2Four-port configurationFigure 4 shows the use of four Cisco Catalyst Switch Module 3110 units to route four Ethernet ports from each server: the two integrated ports plus two ports supplied by a compatible CFFv or CIOv expansion card. Four Ethernet Switch Modules are installed in bay 1, bay 2, bay 3, and bay 4 of the BladeCenter chassis. All connections between the controller and card and the switch modules are internal to the chassis. The four switches are connected together with StackWise Plus cables to form a single Virtual Blade Switch.Figure 4. Using the Cisco Catalyst Switch Module 3110 to route the four Ethernet ports from the integrated controller and a CFFv or CIOv expansion cardTable 7 lists the components that are used in the four-port configuration shown in Figure 4.Table 7. Components used in the four-ports-per-server configurationDiagram referencePart number /machine type DescriptionQuantityVaries BladeCenter HS22 or other supported server 1 to 14None Ethernet controller on the system board of the server 1 per serverVaries Compatible CFFv or CIOv expansion card (see Table 5) 1 per serverVaries BladeCenter E, H, HT or T141Y8523 or 41Y8522Cisco Catalyst Switch Module 3110G or 3110X routing signals from the CFFv or CIOv card241Y8523 or41Y8522Cisco Catalyst Switch Module 3110G or 3110X routing signals from the integrated controller2NoneStackWise Plus cables (one included with each Cisco switch)4Maximum configuration: Eight Ethernet ports per serverSince BladeCenter servers support a CFFh expansion card plus either a CFFv or CIOv card (depending on the model of the server), you can install up to eight Cisco Catalyst Switch Module 3110 devices in aBladeCenter H chassis or BladeCenter HT. Figure 5 shows this eight-port solution. All connections between the cards and the switch modules are internal to the chassis. The eight switches are connected together with StackWise Plus cables to form a single Virtual Blade Switch.Figure 5. Using the Cisco Catalyst Switch Module 3110 to route eight Ethernet ports per serverTable 8 lists the components that are used in the eight-Ethernet-ports-per-server configuration shown in Figure 5.Table 8. Components used in the eight-Ethernet-ports-per-server configurationDiagram reference Part number /machine typeDescription QuantityVaries BladeCenter HS22 or other supported server 1 to 14None Ethernet controller on the system board of the server 1 per serverVaries Compatible CFFv or CIOv expansion card (see Table 5) 1 per server44W44792/4 Port Ethernet Expansion Card (CFFh) 1 per server8852BladeCenter H chassis141Y8523 / 41Y8522Cisco Catalyst Switch Module 3110 routing signals from theintegrated controller241Y8523 / 41Y8522Cisco Catalyst Switch Module 3110 routing signals from theCFFv or CIOv card2 41Y8523 / 41Y8522Cisco Catalyst Switch Module 3110 routing signals from theCFFh card4 39Y9314Multi-switch Interconnect Module210None StackWise Plus cables (one included with each Cisco switch)8Connectors and LEDsConnectors and LEDsFigure 6 shows the front panels of the Cisco Catalyst Switch Module 3110G and 3110X.Figure 6. Front panel of the Cisco Catalyst Switch Module 3110G (left) and 3110X (right). The front panel contains the components identified in Table 9.Table 9. Front panel calloutsCallout Description1, 8Stack member LED2, 9Mode button3, 10Fault/stack mode LED4, 11System power LED5, 12Stack master LED6, 7Port link and activity LEDs for each RJ-45 (3110G)13X2 port status LEDs (3110X)Network cabling requirementsTrademarksLenovo and the Lenovo logo are trademarks or registered trademarks of Lenovo in the United States, other countries, or both. A current list of Lenovo trademarks is available on the Web athttps:///us/en/legal/copytrade/.The following terms are trademarks of Lenovo in the United States, other countries, or both:Lenovo®BladeCenter Interoperability GuideBladeCenter®Other company, product, or service names may be trademarks or service marks of others.。

思科交换机NAT配置介绍及实例思科交换机（Cisco Switch）是企业级网络设备中最常用的一种。

与传统的路由器不同，交换机主要用于在局域网（LAN）内部提供数据包的转发和过滤功能。

然而，在一些情况下，我们可能需要使用交换机进行网络地址转换（NAT）来实现特定的网络部署需求。

本文将介绍思科交换机的NAT配置方法，并提供实例说明。

1.NAT概述网络地址转换（NAT）是一种在不同网络之间转换IP地址的技术。

它主要用于解决IPv4地址空间的短缺问题，并允许多个主机通过一个公网IP地址来访问互联网。

NAT实现了将内部网络地址与外部IP地址之间进行映射，使得内部主机可以通过共享公网IP地址来与外部网络进行通信。

2.NAT配置方法在思科交换机上配置NAT通常涉及以下步骤：步骤1：创建访问控制列表（ACL）访问控制列表（Access Control List）用于定义需要进行NAT转换的数据包。

我们可以根据源地址、目标地址、端口等条件来配置ACL，以确定哪些数据包需要进行NAT转换。

例如，下面是一条配置ACL的命令示例：access-list 10 permit 192.168.1.0 0.0.0.255该命令表示允许192.168.1.0/24网段的内部主机进行NAT转换。

步骤2：创建NAT池NAT池用于定义可以被映射到的公网IP地址范围。

我们可以通过配置交换机的外部接口和NAT池来设置NAT转换的目标IP地址。

例如，下面是一条配置NAT池的命令示例：ip nat pool NAT_POOL 203.0.113.1 203.0.113.10 netmask255.255.255.0该命令表示创建一个名为NAT_POOL的NAT池，其中可用的IP地址范围为203.0.113.1至203.0.113.10。

步骤3：创建NAT规则NAT规则用于将内部网络的私有IP地址映射到NAT池的公网IP地址。

我们可以通过配置NAT类型（静态/动态）、内部地址、外部地址等参数来创建NAT规则。

Data SheetCisco Nexus 3048 SwitchProduct OverviewThe Cisco Nexus® 3048 Switch (Figure 1) is a line-rate Gigabit Ethernet top-of-rack (ToR) switch and is part of the Cisco Nexus 3000 Series Switches portfolio. The Cisco Nexus 3048, with its compact one-rack-unit (1RU) form factor and integrated Layer 2 and 3 switching, complements the existing Cisco Nexus family of switches. This switch runs the industry-leading Cisco® NX-OS Software operating system, providing customers with robust features and functions that are deployed in thousands of data centers worldwide. The Cisco Nexus 3048 is ideal for big data customers that require a Gigabit Ethernet ToR switch with local switching that connects transparently to upstream Cisco Nexus switches, providing an end-to-end Cisco Nexus fabric in their data centers. This switch supports both forward and reversed airflow schemes with AC and DC power inputs.Figure 1. Cisco Nexus 3048 SwitchMain BenefitsThe Cisco Nexus 3048 provides the following main benefits:●Wire-rate Layer 2 and 3 switching◦Layer 2 and 3 switching of up to 176 Gigabit per second (Gbps) and more than 132 million packets per second (mpps) in a compact 1RU form-factor switch●Robust and purpose-built Cisco NX-OS operating system for end-to-end Cisco Nexus fabric◦Transparent integration with the Cisco Nexus family of switches to provide a consistent end-to-end Cisco Nexus fabric◦Modular operating system built for resiliency◦Integration with Cisco Data Center Network Manager (DCNM) and XML management tools●Comprehensive feature set and innovations for next-generation data centers◦Virtual PortChannel (vPC) provides Layer 2 multipathing through the elimination of Spanning Tree Protocol and enables fully utilized bisectional bandwidth and simplified Layer 2 logical topologies without the need to change the existing management and deployment models.◦Power On Auto Provisioning (POAP) enables touchless bootup and configuration of the switch, drastically reducing provisioning time.◦Cisco Embedded Event Manager (EEM) and Python scripting enable automation and remote operations in the data center.◦Advanced buffer monitoring reports real-time buffer utilization per port and per queue, which allows organizations to monitor traffic bursts and application traffic patterns.◦The 64-way equal-cost multipath (ECMP) routing enables Layer 3 fat tree designs and allows organizations to prevent network bottlenecks, increase resiliency, and add capacity with little networkdisruption.◦EtherAnalyzer is a built-in packet analyzer for monitoring and troubleshooting control-plane traffic and is based on the popular Wireshark open source network protocol analyzer.◦Precision Time Protocol (PTP; IEEE 1588) provides accurate clock synchronization and improved data correlation with network captures and system events.◦Full Layer 3 unicast and multicast routing protocol suites are supported, including Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol(EIGRP), Routing Information Protocol Version 2 (RIPv2), Protocol Independent Multicast sparse mode (PIM-SM), Source-Specific Multicast (SSM), and Multicast Source Discovery Protocol (MSDP).●Network traffic monitoring with Cisco Nexus Data Broker◦Build simple, scalable and cost-effective network tap or Cisco Switched Port Analyzer (SPAN) aggregation for network traffic monitoring and analysis.Configuration●48 fixed 10/100/1000-Mbps Ethernet ports● 4 fixed Enhanced Small Form-Factor Pluggable (SFP+) ports●Locator LED●Dual redundant power supplies●Fan tray with redundant fans●Two 10/100/1000-Mbps management ports*●One RS-232 serial console port●One USB port●Locator LED and buttonSupport for both forward (port-side exhaust) and reversed (port-side intake) airflow schemes is available.Transceiver and Cabling OptionsFor uplink connectivity, the Cisco Nexus 3048 supports SFP+ direct-attach 10 Gigabit Ethernet copper, an innovative solution that integrates transceivers with Twinax cables into an energy-efficient and low-cost solution. For longer cable runs, multimode and single-mode optical SFP+ transceivers are supported. Table 1 lists the supported 10 Gigabit Ethernet transceiver options.Table 1. Cisco Nexus 3048 10 Gigabit Transceiver Support Matrix1* Only one Management port is enabled and active with no plan to enable both.For more information about the transceiver types, see/en/US/products/hw/modules/ps5455/prod_module_series_home.html.Cisco NX-OS Software OverviewCisco NX-OS is a data center-class operating system built with modularity, resiliency, and serviceability at its foundation. Cisco NX-OS helps ensure continuous availability and sets the standard for mission-critical data center environments. The self-healing and highly modular design of Cisco NX-OS makes zero-impact operations a reality and enables exceptional operation flexibility.Focused on the requirements of the data center, Cisco NX-OS provides a robust and comprehensive feature set that meets the networking requirements of present and future data centers. With an XML interface and a command-line interface (CLI) like that of Cisco IOS® Software, Cisco NX-OS provides state-of-the-art implementations of relevant networking standards as well as a variety of true data center-class Cisco innovations.Cisco NX-OS Software BenefitsTable 2 summarizes the benefits that Cisco NX-OS offers.Table 2. Benefits of Cisco NX-OS SoftwareCisco NX-OS Software Packages for Cisco Nexus 3048The Cisco NX-OS Software package for the Cisco Nexus 3048 offers flexibility and a comprehensive feature set along with consistency with Cisco Nexus access switches. The default system software has a comprehensive Layer 2 feature set with extensive security and management features. To enable Layer 3 IP unicast and multicast routing functions, additional licenses need to be installed. Table 3 lists the software licensing details.Table 3. Cisco NX-OS Software Package in the Cisco Nexus 3048* The Base license (N3K-C3048-BAS1K9) is required to take advantage of LAN Enterprise license (N3K-C3048-LAN1K9) features. Table 5 later in this document provides a complete feature list.Cisco Data Center Network ManagerThe Cisco Nexus 3048 is supported in Cisco DCNM. Cisco DCNM is designed for hardware platforms enabled for Cisco NX-OS, which consist of the Cisco Nexus Family of products. Cisco DCNM is a Cisco management solution that increases overall data center infrastructure uptime and reliability, hence improving business continuity. Focused on the management requirements of the data center network, Cisco DCNM provides a robust framework and comprehensive feature set that meets the routing, switching, and storage administration needs of present and future data centers. In particular, Cisco DCNM automates the provisioning process, proactively monitors the LAN by detecting performance degradation, secures the network, and streamlines the diagnosis of dysfunctional network elements.Cisco Nexus Data BrokerThe Cisco Nexus 3048 Switch with Cisco Nexus Data Broker can be used to build a scalable and cost-effective traffic monitoring infrastructure using network taps and SPAN. This approach replaces the traditional purpose-built matrix switches with one or more OpenFlow-enabled Cisco Nexus switches. You can interconnect these switches to build a scalable tap or SPAN aggregation infrastructure. You also can combine tap and SPAN sources to bring the copy of the production traffic to this tap or SPAN aggregation infrastructure. In addition, you can distribute these sources and traffic monitoring and analysis tools across multiple Cisco Nexus switches. For more details, visit /go/nexusdatabroker.Product SpecificationsTable 4 lists the specifications for the Cisco Nexus 3048, Table 5 lists software features, and Table 6 lists management standards and support.Table 4. Specifications* Please refer to Cisco Nexus 3000 Series Verified Scalability Guide for scalability numbers validated for specific software releases: /en/US/products/ps11541/products_installation_and_configuration_guides_list.html.Table 5. Software Features●HSRP and VRRP●ACL: Routed ACL with Layer 3 and 4 options to match ingress and egress ACLs●VRF: VRF-lite (IP VPN), VRF-aware unicast (BGP, OSPF, and RIP), and VRF-aware multicast●uRPF with ACL; strict and loose modes●Jumbo frame support (up to 9216 bytes)Multicast Multicast: PIM-SM Version 2 and SSMBootstrap router (BSR), Automatic Rendezvous Point (Auto-RP), and Static RPMSDP and Anycast-RPInternet Group Management Protocol (IGMP) Versions 2, and 3Quality of service (QoS) Layer 2 IEEE 802.1p (class of service [CoS])8 hardware queues per portPer-port QoS configurationCoS trustPort-based CoS assignmentModular QoS CLI (MQC) complianceACL-based QoS classification (Layers 2, 3, and 4)MQC CoS markingDifferentiated services code point (DSCP) markingWeighted Random Early Detection (WRED)CoS-based egress queuingEgress strict-priority queuingEgress port-based scheduling: Weighted Round-Robin (WRR)Explicit Congestion Notification (ECN)Security ●Ingress ACLs (standard and extended) on Ethernet●Standard and extended Layer 3 to 4 ACLs: IPv4, Internet Control Message Protocol (ICMP), TCP, UserDatagram Protocol (UDP), etc.●VLAN-based ACLs (VACLs)●Port-based ACLs (PACLs)●Named ACLs●ACLs on virtual terminals (vtys)●DHCP snooping with Option 82●Port number in DHCP Option 82●DHCP relay●Dynamic Address Resolution Protocol (ARP) inspection●CoPPCisco Nexus Data Broker ●Topology support for tap and SPAN aggregation●Support for QinQ to tag input source tap and SPAN ports●Traffic load balancing to multiple monitoring tools●Traffic filtering based on Layer 1 through Layer 4 header information●Traffic replication and forwarding to multiple monitoring tools●Robust RBAC●Northbound Representational State Transfer (REST) API for all programmability support Management ●Switch management using 10/100/1000-Mbps management or console ports●CLI-based console to provide detailed out-of-band management●In-band switch management●Locator and beacon LEDs●Port-based locator and beacon LEDs●Configuration rollback●SSHv2●Telnet●AAA●AAA with RBAC●RADIUS●TACACS+●SyslogTable 6. Management and Standards Support Description SpecificationMIB support Generic MIBs●SNMPv2-SMI●CISCO-SMI●SNMPv2-TM●SNMPv2-TC●IANA-ADDRESS-FAMILY-NUMBERS-MIB●IANAifType-MIB●IANAiprouteprotocol-MIB●HCNUM-TC●CISCO-TC●SNMPv2-MIB●SNMP-COMMUNITY-MIB●SNMP-FRAMEWORK-MIB●SNMP-NOTIFICATION-MIB●SNMP-TARGET-MIB●SNMP-USER-BASED-SM-MIB●SNMP-VIEW-BASED-ACM-MIB●CISCO-SNMP-VACM-EXT-MIBEthernet MIBs●CISCO-VLAN-MEMBERSHIP-MIB●LLDP-MIB●IP-MULTICAST-MIBConfiguration MIBs●ENTITY-MIB●IF-MIB●CISCO-ENTITY-EXT-MIB●CISCO-ENTITY-FRU-CONTROL-MIB●CISCO-ENTITY-SENSOR-MIB●CISCO-SYSTEM-MIB●CISCO-SYSTEM-EXT-MIB Monitoring MIBs●NOTIFICATION-LOG-MIB●CISCO-SYSLOG-EXT-MIB●CISCO-PROCESS-MIB●RMON-MIB●CISCO-RMON-CONFIG-MIB●CISCO-HC-ALARM-MIBSecurity MIBs●CISCO-AAA-SERVER-MIB●CISCO-AAA-SERVER-EXT-MIB ●CISCO-COMMON-ROLES-MIB●CISCO-COMMON-MGMT-MIB●CISCO-SECURE-SHELL-MIB Miscellaneous MIBs●CISCO-LICENSE-MGR-MIB●CISCO-FEATURE-CONTROL-MIB ●CISCO-CDP-MIB●CISCO-RF-MIBLayer 3 and Routing MIBs●UDP-MIB●TCP-MIB●OSPF-MIB●BGP4-MIB●CISCO-HSRP-MIB●CISCO-IP-IF-MIB●CISCO-IF-EXTENSION-MIB●CISCO-NTP-MIB●CISCO-IMAGE-MIB●CISCO-IMAGE-UPGRADE-MIBStandards ●IEEE 802.1D: Spanning Tree Protocol●IEEE 802.1p: CoS Prioritization●IEEE 802.1Q: VLAN Tagging●IEEE 802.1s: Multiple VLAN Instances of Spanning Tree Protocol●IEEE 802.1w: Rapid Reconfiguration of Spanning Tree Protocol●IEEE 802.3z: Gigabit Ethernet●IEEE 802.3ad: Link Aggregation Control Protocol (LACP)●IEEE 802.3ae: 10 Gigabit Ethernet●IEEE 802.1ab: LLDP●IEEE 1588-2008: Precision Time Protocol (Boundary Clock)RFC BGP●RFC 1997: BGP Communities Attribute●RFC 2385: Protection of BGP Sessions with the TCP MD5 Signature Option●RFC 2439: BGP Route Flap Damping●RFC 2519: A Framework for Inter-Domain Route Aggregation●RFC 2545: Use of BGPv4 Multiprotocol Extensions●RFC 2858: Multiprotocol Extensions for BGPv4●RFC 3065: Autonomous System Confederations for BGP●RFC 3392: Capabilities Advertisement with BGPv4●RFC 4271: BGPv4●RFC 4273: BGPv4 MIB: Definitions of Managed Objects for BGPv4●RFC 4456: BGP Route Reflection●RFC 4486: Subcodes for BGP Cease Notification Message●RFC 4724: Graceful Restart Mechanism for BGP●RFC 4893: BGP Support for Four-Octet AS Number SpaceOSPF●RFC 2328: OSPF Version 2●8431RFC 3101: OSPF Not-So-Stubby-Area (NSSA) Option●RFC 3137: OSPF Stub Router Advertisement●RFC 3509: Alternative Implementations of OSPF Area Border Routers●RFC 3623: Graceful OSPF Restart●RFC 4750: OSPF Version 2 MIBRIP●RFC 1724: RIPv2 MIB Extension●RFC 2082: RIPv2 MD5 Authentication●RFC 2453: RIP Version 2●IP Services●RFC 768: User Datagram Protocol (UDP)●RFC 783: Trivial File Transfer Protocol (TFTP)●RFC 791: IP●RFC 792: Internet Control Message Protocol (ICMP)●RFC 793: TCP●RFC 826: ARP●RFC 854: Telnet●RFC 959: FTP●RFC 1027: Proxy ARP●RFC 1305: Network Time Protocol (NTP) Version 3●RFC 1519: Classless Interdomain Routing (CIDR)●RFC 1542: BootP Relay●RFC 1591: Domain Name System (DNS) ClientSoftware RequirementsCisco Nexus 3000 Series Switches are supported by Cisco NX-OS Software Release 5.0 and later. Cisco NX-OS interoperates with any networking OS, including Cisco IOS Software, that conforms to the networking standards mentioned in this data sheet.Regulatory Standards ComplianceTable 7 summarizes regulatory standards compliance for the Cisco Nexus 3000 Series.Table 7. Regulatory Standards Compliance: Safety and EMCOrdering InformationTable 8 provides ordering information for the Cisco Nexus 3048. Table 8. Ordering InformationService and SupportCisco offers a wide range of services to help accelerate your success in deploying and optimizing the Cisco Nexus 3000 Series in your data center. The innovative Cisco Services offerings are delivered through a uniquecombination of people, processes, tools, and partners and are focused on helping you increase operation efficiency and improve your data center network. Cisco Advanced Services uses an architecture-led approach to help you align your data center infrastructure with your business goals and achieve long-term value. Cisco SMARTnet ® Service helps you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. With this service, you can take advantage of the Cisco Smart Call Home service capability, which offers proactive diagnostics and real-time alerts on your Cisco Nexus 3000 Series Switches. Spanning the entire network lifecycle, Cisco Services helps increase investment protection, optimize network operations, support migration operations, and strengthen your IT expertise.For More InformationFor more information, please visit /go/nexus3000. For information about Cisco Nexus Data Broker, please visit /go/nexusdatabroker .Printed in USA C78-685363-0706/16。

Aim and purposeThis unit covers the advanced deployment of switched VLAN, VTP and DOT1Q technologies in a multilayer switched environment. By enabling the learner to develop their network management skills in supporting STP , RSTP , PVSTP and integrating router redundancy via VRRP and HSRP and bandwidth loading on Etherchannel. The learner will address the systems security, wireless infrastructure, voice and data contention requirement of a campus based switched infrastructure.Unit introductionThis unit is a comprehensive exploration of the core principles of multilayer networking. This is one of the three units in the professional study pathway, leading to the Cisco Certified Networking Professional (CCNP) qualification. This unit focuses on Gateway Redundancy, voice over internet Protocol, Spanning T ree, Virtual Local Area Networks (VLANs) and trunking.The unit covers networking sector skills and knowledge that an ICT networking expert would need to successfully complete their work. In particular, learners will be taught how to plan and deploy a complex network infrastructure using more than one switching technology in unison with a routing protocol. This unit involves hands-on, lab-oriented activities that stresses laboratory safety and working effectively in a group environment. Theory aspects are studied and tested online using Cisco’s own electronic curriculum which learners may also access from home. The unit is delivered through a blended learning approach where tutor-led teaching is combined with the electronic materials and testing.This unit is assessed via the Cisco CCNP Switch (CCNP2) online examination. There are further criteria for merit and distinction grades.Learning outcomesOn completion of this unit a learner should:1Understand the analysis of an Enterprise Campus Architecture 2Be able to Implement VLANs in Campus Networks 3Be able to implement Spanning T ree 4Be able to implement inter-VLAN Routing 5Understand High Availability and Redundancy in a Campus Network 6Understand Campus Infrastructure Security 7 Understand the preparation of the Campus Infrastructure for Advanced Services.Unit content in relation to the Merit and Distinction Criteria Switched Network: four or more switches in a mesh with two or more VLANS running trunking and a routing protocolRedundancy: types eg HSRP, VSRP, cable mesh, ether-channelSwitched T echnology: types eg STP, PV-STP, VLAN, dot1q, trunking, VTP, VACL’sBenchmark data: types eg current system throughput, switching table size, switching performance Current standards: types eg quality of service, campus design, address space allocation, vlan sizeAssessment and grading criteriaIn order to pass this unit, the evidence that the learner presents for assessment needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria for a pass grade describe the level of achievement required to pass this unit.Assessment and grading criteriaTo achieve a pass grade the evidence must show that the learner is able to:To achieve a merit grade theevidence must show that, inaddition to the pass criteria,the learner is able to:To achieve a distinction gradethe evidence must show that,in addition to the pass andmerit criteria, the learner isable to:Pass CCNP Switch (CCNP2) academy examination.The centre will evidence this with a copy of the learner’s class grade book from the assessment system on completion of the course (this must be listed by learner name).A pass grade is a score of 70% or more in the final examination.M1research an existing networkinfrastructure and evaluatecurrent performanceD1justify network design againstcurrent standardsM2plan a switched networkinfrastructure usingredundancy and switchedtechnologyD2research performance ofnetwork design and providebenchmark data.M3manage the deploymentof the planned switchednetwork.PLTS: This summary references where applicable, in the square brackets, the elements of the personal, learning and thinking skills applicable in the pass criteria. It identifies opportunities for learners to demonstrate effective application of the referenced elements of the skills.Key IE – independent enquirersCT – creative thinkers RL – reflective learnersTW – team workersSM – self-managersEP – effective participatorsEssential guidance for tutorsDeliveryCisco CCNP Switch is a proprietary unit within the Cisco Networking Academy program. The curriculum, assessment and support materials are available only to institutions participating in the program.Cisco Systems makes these available at no cost for any non-profit institution; there are some costs for instructor training and support. For detailed information please consult this web link:/web/learning/netacad/get_involved/BecomeAnAcademy.html.If learners are following the Cisco unit in parallel with a BTEC National or Higher National unit then it is recommended that the two aspects of the assessment are integrated. T asks being completed as part of the practical preparation for Cisco Skills Based Exams can then be used to support the BTEC assessment for the merit and distinction criteria.T o view general information about the Cisco CCNP Switch objectives please visit: /web/learning/netacad/course_catalog/CCNP .html. The detailed scope and sequence documents are available to academies on the Cisco internal site.Links to National Occupational Standards, other BTEC units, other BTEC qualifi cations and other relevant units and qualifi cations The learning outcomes associated with this unit are closely linked with:Level 3Level 4Level 5Unit 5: Managing NetworksUnit 2: Computer Systems Unit 43: Networking Infrastructure Unit 9: Computer Networks Unit 24: Networking T echnologies Unit 44: Local Area Network T echnologiesUnit 32: Network Systems Security Unit 25: Routing Concepts Unit 45: Wide Area Network T echnologiesAll Cisco Discovery and Exploration UnitsAll Cisco CCNP Units Unit 46: Network Security This unit has links to the Level 4 and Level 5 National Occupational Standards for IT and T elecoms Professionals, particularly the areas of competence of:IT/T echnology Infrastructure Design and Planning Systems Development IT/T echnology Service Operations and Event Management IT/T echnology Management and Support Change and Release Management.●●●●●Essential RequirementsLearners must have access to a live or ‘detached’ network environment to create the network infrastructure and develop their skills; this may be successfully accomplished using virtual machines.Learners must have access to facilities, which allow them the opportunity to fully evidence all the criteria of the unit. If this cannot be guaranteed then centres should not attempt to deliver this unit.Evaluation of current systems and solutions, commercial practices, social conditions and the culture surrounding the system in use is of as much importance as delivering work supporting potential understanding of the technological systems and the services they offer.Learners must have access to a range of suitable routing hardware as it is important to undertake as many practical activities as possible to reinforce theoretical learning. There are many virtual, emulated and simulated systems that now support delivery.ResourcesFor a list of Cisco resources to assist with this unit, including exam preparation materials, see:/web/learning/netacad/course_catalog/CCNP.htmlBooksMacfarlane J – Network Routing Basics: Understanding IP Routing in Cisco Systems (Wiley, 2006) ISBN-10: 0471772739Xiao Y, Li J, Pan Y – Security and Routing in Wireless Networks: Wireless Networks and Mobile Computing v. 3 (Nova Science, 2005) ISBN-10: 159454316XFroom, R et al, Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for the ROUTE 642-813 Exam (Cisco Press 2010) ISBN-10: 1-58705-884-7 WebsitesEmployer engagement and vocational contextsThe Cisco CCNA certification is internationally recognized by a diverse range of employers (from SME’s to large corporations) as one of the principal certifications in networking and telecommunications.。

cisco命令大全解释、注释Dynamips作为一款十分优秀的Cisco路由器模拟软件，实验模拟效果远比Boson NetSim更加真实可信。

Boson NetSim是对IOS命令行的模拟，而Dynamips是通过在计算机中构建运行IOS的虚拟机来真正运行IOS实现对Cisco路由器的模拟。

收录最常用的Cisco命令分类如下:cisco命令大全1. switch配置命令(1)模式转换命令用户模式----特权模式,使用命令"enable"特权模式----全局配置模式,使用命令"config t"全局配置模式----接口模式,使用命令"interface+接口类型+接口号"全局配置模式----线控模式,使用命令"line+接口类型+接口号"注:用户模式:查看初始化的信息.特权模式:查看所有信息、调试、保存配置信息全局模式：配置所有信息、针对整个路由器或交换机的所有接口接口模式：针对某一个接口的配置线控模式：对路由器进行控制的接口配置（2）配置命令show running config 显示所有的配置show versin 显示版本号和寄存器值shut down 关闭接口no shutdown 打开接口ip add +ip地址配置IP地址secondary+IP地址为接口配置第二个IP地址show interface+接口类型+接口号查看接口管理性show controllers interface 查看接口是否有DCE电缆show history 查看历史记录show terminal 查看终端记录大小hostname+主机名配置路由器或交换机的标识config memory 修改保存在NVRAM中的启动配置exec timeout 0 0 设置控制台会话超时为0service password-encryptin 手工加密所有密码enable password +密码配置明文密码ena sec +密码配置密文密码line vty 0 4/15 进入telnet接口password +密码配置telnet密码line aux 0 进入AUX接口password +密码配置密码line con 0 进入CON接口password +密码配置密码bandwidth+数字配置带宽no ip address 删除已配置的IP地址show startup config 查看NVRAM中的配置信息copy run-config atartup config 保存信息到NVRAM write 保存信息到NVRAMerase startup-config 清除NVRAM中的配置信息show ip interface brief 查看接口的谪要信息banner motd # +信息+ # 配置路由器或交换机的描素信息description+信息配置接口听描素信息vlan database 进入VLAN数据库模式vlan +vlan号+ 名称创建VLANswitchport access vlan +vlan号为VLAN为配接口interface vlan +vlan号进入VLAN接口模式ip add +ip地址为VLAN配置管理IP地址vtp+service/tracsparent/client 配置SW的VTP工作模式vtp +domain+域名配置SW的VTP域名vtp +password +密码配置SW的密码switchport mode trunk 启用中继no vlan +vlan号删除VLANshow spamming-tree vlan +vlan号查看VLA怕生成树议2. 路由器配置命令ip route+非直连网段+子网掩码+下一跳地址配置静态/默认路由show ip route 查看路由表show protocols 显示出所有的被动路由协议和接口上哪些协议被设置show ip protocols 显示了被配置在路由器上的路由选择协议,同时给出了在路由选择协议中使用的定时器等信息router rip 激活RIP协议network +直连网段发布直连网段interface lookback 0 激活逻辑接口passive-interface +接口类型+接口号配置接口为被动模式debug ip +协议动态查看路由更新信息undebug all 关闭所有DEBUG信息router eigrp +as号激活EIGRP路由协议network +网段+子网掩码发布直连网段show ip eigrp neighbors 查看邻居表show ip eigrp topology 查看拓扑表show ip eigrp traffic 查看发送包数量router ospf +process-ID 激活OSPF协议network+直连网段+area+区域号发布直连网段show ip ospf 显示OSPF的进程号和ROUTER-IDencapsulation+封装格式更改封装格式no ip admain-lookup 关闭路由器的域名查找ip routing 在三层交换机上启用路由功能show user 查看SW的在线用户clear line +线路号清除线路3. 三层交换机配置命令配置一组二层端口configure terminal 进入配置状态nterface range {port-range} 进入组配置状态配置三层端口configure terminal 进入配置状态interface {{fastethernet | gigabitethernet} interface-id} | {vlan vlan-id} | {port-channel port-channel-number} 进入端口配置状态no switchport 把物理端口变成三层口ip address ip_address subnet_mask 配置IP地址和掩码no shutdown 激活端口例：Switch(config)# interface gigabitethernet0/2Switch(config-if)# no switchportSwitch(config-if)# ip addressSwitch(config-if)# no shutdown配置VLANconfigure terminal 进入配置状态vlan vlan-id 输入一个VLAN号, 然后进入vlan配态，可以输入一个新的VLAN号或旧的来进行修改。

Cisco 300 Series SwitchesCisco Small BusinessEasy-to-Use Managed Switches that Provide the Ideal Combination of Features and AffordabilityTo stay ahead in a competitive marketplace, small businesses need to make every dollar count. That means getting the most value from your technology investments, but it also means making sure that employees have fast, reliable access to the business tools and information they need. Every minute an employee waits for an unresponsive application – and every minute your network is down – has an impact on your bottom line. The importance of maintaining a strong and dependable business network only grows as your business adds more employees, applications, and network complexity.When your business needs advanced security and features but value is still a top consideration, you’re ready for the new generation of Cisco® Small Business managed switches: the Cisco 300 Series.Cisco 300 Series SwitchesThe Cisco 300 Series, part of the Cisco Small Business line of network solutions, is a portfolio of affordable managed switches that provides a reliable foundation for your business network. These switches deliver the features you need to improve the availability of your critical business applications, protect your sensitive information, and optimize your network bandwidth to deliver information and applications more effectively. Easy to set up and use, the Cisco 300 Series provides the ideal combination of affordability and capabilities for small businesses, and helps you create a more efficient, better-connected workforce.The Cisco 300 Series is broad portfolio of fixed-configuration managed Ethernet switches. Models are available with 8 to 48 ports of Fast Ethernet and 10 to 52 ports of Gigabit Ethernet connectivity, providing optimal flexibility to create exactly the right network foundation for your business. However, unlike other small business switching solutions that provide managed network capabilities only in the costliest models, all Cisco 300 Series Switches support the advanced security management capabilities and network features you need to support business-class data, voice, security, and wireless technologies. At the same time, these switches are simple to deploy and configure, allowing you to take advantage of the managed network services your business needs.Business ApplicationsWhether you need a basic high-performance network to connect employee computers or a solution to deliver data, voice, and video services, the Cisco 300 Series offers a solution to meet your needs. Possible deployment scenarios include:●Secure desktop connectivity: Cisco 300 Series Switches can simply and securely connectemployees working in small offices with each other and with all of the servers, printers, and other devices they use. High performance and reliable connectivity helps speed file transfers and data processing, improves network uptime, and keeps your employees connected and productive.●Secure Wireless connectivity: With its advanced Security features, Power over Ethernet, AutoSmartports, QoS, VLAN and Access Control features, the Cisco 300 Series Switches are the perfect foundation to add Business Grade wireless to an SMB network.●Unified communications: As a managed network solution, the Cisco 300 Series provides theperformance and advanced traffic-handling intelligence you need to deliver all communications and data over a single network. Cisco offers a complete portfolio of IP telephony and other unifiedcommunications products designed for small businesses. Cisco 300 Series Switches have been rigorously tested to help ensure easy integration and full compatibility with these and other products, providing a complete small business solution.●Highly secure guest connectivity. Cisco 300 Series Switches let you extend highly secure networkconnectivity to guests in a variety of settings, such as a hotel, an office waiting room, or any other area open to nonemployee users. Using powerful but easy-to-configure security and traffic segmentation capabilities, you can isolate your vital business traffic from guest services and keep guests’ network sessions private from each other.Features and BenefitsCisco 300 Series Switches provide security, performance, traffic management, and other capabilities –optimized and customized, and at the right price for small businesses. The Cisco 300 Series provides:●High performance and reliability: Cisco 300 Series Switches have been rigorously tested to deliverthe high availability and performance you expect from a Cisco switch. The solutions speed up file transfer times and improve slow, sluggish networks, while keeping your vital business applications available and preventing costly downtime. As a managed switching solution, the Cisco 300 Series also gives you the flexibility to manage and prioritize high-bandwidth traffic such as voice. That means you can empower your employees with state-of-the-art communication and productivity solutions, without draining the performance of your other business applications.●Fast, easy setup and configuration: Cisco 300 Series Switches are designed to be easy to use andmanage by small businesses and the partners who serve them. The included device manager software provides an intuitive, web-based interface to simplify setup, security, and quality of service (QoS) traffic prioritization, allowing even users without IT expertise to configure the switch in minutes. Cisco also provides a Cisco FindIT Network Discovery Utility. This utility that works through a simple toolbar on the user’s web browser to discover Cisco devices in the network and display basic information, such as serial numbers and IP addresses, to aid in the configuration and deployment of Cisco Small Business products. For more information, and to download the utility, please visit /go/findit.These switches use Cisco Discovery Protocol as well as Link Layer Discovery Protocol (LLDP-MED) to automatically detect all the devices connected to your network, and then automatically configure themselves for the appropriate connectivity and instructs the devices to use appropriate voice VLAN orQoS parameters. For more advanced capabilities and hands-on control, the switches supportSmartport roles which configure the ports with specific levels of Security, QoS, and availabilityaccording to the type of connected device, based on Cisco best practices and pretested configurations.The Auto Smartports feature applies the intelligence delivered through the Smartport roles and applies it automatically to the port based on the devices discovered over CDP or LLDP-MED. This facilitates zero touch deployments. Although the Cisco 300 Series is designed to be deployed without using a command-line interface (CLI), Cisco Textview is available for those who prefer to use text-based configuration. Together, these features reduce the time your staff must devote to network deployment, management, and troubleshooting.●Strong security: The Cisco 300 Series Switches provide a high level of security and give you fine-grained control to safeguard your network from unauthorized users. Advanced security featuresinclude:◦Embedded security to protect management data traveling to and from the switch and encrypt network communications.◦Extensive access control lists (ACLs) to restrict sensitive portions of the network from unauthorized users and guard against network attacks.◦Guest virtual LANs (VLANs) to let you provide Internet connectivity to nonemployee users while isolating critical business services from guest traffic.◦Support for advanced network security applications such as IEEE 802.1X port security to tightly limit access to specific segments of your network. Web based authentication provides a consistentinterface to authenticate all types of host devices and operating systems, without the complexity of deploying IEEE 802.1X clients on each endpoint.◦Time based ACLs and Port Operation restrict access to the network during predesignated times, such as business hours.◦Security mechanisms such as, Bridge Protocol Data Unit (BPDU) Guard andbroadcast/multicast/unknown unicast storm control, protect the network from invalid configurations or malicious intent.◦Secure Core Technology (SCT) helps ensure that the switch will receive and process management and protocol traffic no matter how much traffic is received.◦Advanced defense mechanisms, including Dynamic ARP Inspection (DAI), IP Source Guard, and Dynamic Host Configuration Protocol (DHCP) snooping, detect and block deliberate network attacks.Combinations of these protocols are also referred to as IPMB (IP-MAC-port binding).◦IPv6 First Hop Security extends the advanced threat protection to IPv6. This comprehensive security suite includes ND inspection, RA guard, DHCPv6 guard and neighbor binding integrity check,providing unparalleled protection against a vast range of address spoofing and man in the middle attack on IPv6 networks.◦DOS (denial-of-service) attack prevention maximizes network uptime in the presence of an attack. ◦Protection of management sessions using Radius, TACACS+ and local database authentication as well as secure management sessions over SSL, SSH, and SNMPv3.●Power over Ethernet: Cisco 300 Series Switches are available with up to 48 PoE ports of FastEthernet or Gigabit Ethernet connectivity. This capability simplifies advanced technology deployments such as IP telephony, wireless, and IP surveillance by allowing you to connect and power network endpoints over a single Ethernet cable. With no need to install separate power supplies for IP phones or wireless access points, you can take advantage of advanced communications technologies more quickly, and at a lower cost. Some models support both IEEE 802.3af PoE and IEEE 802.3at PoE+ while others support IEEE 802.3af PoE only.●IP telephony support: Cisco 300 Series Switches include embedded QoS intelligence to prioritizedelay-sensitive services such as voice and video, simplify unified communications deployments, and help ensure consistent network performance for all services. For example, automated voice VLAN capabilities let you plug any IP phone (including third-party phones) into your IP telephony network and receive an immediate dial tone. The switch automatically configures the device with the right VLAN and QoS parameters to prioritize voice traffic.●Networkwide Automatic Voice Deployment: Using a combination of CDP, LLDP-MED, AutoSmartports, and VSDP (Voice Services Discovery Protocol – a unique patent-pending Cisco protocol), customers can deploy an end-to-end voice network dynamically. The switches in the networkautomatically converge around a single voice VLAN and QoS parameters and then propagate them out to the phones on the ports where they are discovered. For example, automated voice VLAN capabilities let you plug any IP phone (including third-party phones) into your IP telephony network and receive an immediate dial tone. The switch automatically configures the device with the right VLAN and QoS parameters to prioritize voice traffic.●Advanced network management capabilities: As managed switches, the Cisco 300 Series lets youuse a variety of advanced features to control traffic over your network. Features include:◦Static routing/Layer 3 switching between VLANs: This capability allows you to segment your network into separate workgroups and communicate across VLANs without degrading applicationperformance. As a result, you can manage internal routing with your switches and dedicate your router to external traffic and security, helping your network run more efficiently.◦IPv6 support: As the IP network addressing scheme evolves to accommodate more devices, you can make sure that your network is ready. The Cisco 300 Series provides native support for IPv6, the newest version of the Internet Protocol, as well as the previous IPv4 standard. As a result, you will be able to move up to the next generation of networking applications and operating systems without an extensive equipment upgrade.◦Dual image support: With the ability to maintain dual images of your switches, you can perform software upgrades without having to take the network offline and without worrying about an outage during an upgrade.◦Dual Configuration files support: Allows configuring the device, validating that it is configured correctly and then saving this configuration to become effective after reboot. Additionally, a mirror configuration file, providing automatic back-up of the latest stable configuration file maximizesnetwork uptime.◦Remote management: Using Simple Network Management Protocol (SNMP), you can set up and manage all switches and other Cisco devices in your network remotely, instead of having to directly connect to them.◦Additional management options: The switches can be fully managed using the Web GUI or using a full command-line interface (CLI).●Optimal energy efficiency: Cisco 300 Series Switches are designed with a variety of power-savingfeatures across all models, providing the industry’s broadest portfolio of “green” s witches. These switches optimize power use to protect the environment and reduce energy costs, withoutcompromising performance. Power-saving features include:◦The latest application-specific integrated circuits (ASICs), using low-power 65-nanometer technology (these chipsets allow for lower power consumption and thinner, more efficient designs).◦Support for the Energy Efficient Ethernet (IEEE 802.3az) standard, which reduces energy consumption by monitoring the amount of traffic on an active link and putting the link into a sleep state during quiet periods.◦Automatic power shutoff on ports when a link is down.◦Embedded intelligence to adjust signal strength based on cable length.◦Fanless design in most models, which reduces power consumption, increases reliability, and provides quieter operation.◦LEDs can be turned off to conserve power.●Expansion ports: The Cisco 300 Series provides more ports per Gigabit Ethernet switch thantraditional switch models, giving you more flexibility to connect and empower your business. Gigabit Ethernet models feature 28- and 52-port switches, versus traditional devices that offer 20 or 44 ports with four shared ports giving you more value. The Cisco 300 Series also offers mini gigabit interface converter (mini-GBIC) expansion slots that give you the option to add fiber-optic or Gigabit Ethernet uplink connectivity to the switch. With the ability to increase the connectivity range of the switches, you have more flexibility to design your network around your unique business environment, and to easily connect switches on different floors or across the business.●Multiple languages: The Cisco 300 Series is available in seven languages: English, French, German,Italian, Spanish, Japanese, and simplified Chinese. All product user interfaces and documentation are translated, giving you the ability to select your preferred language.●Peace of mind and investment protection: Cisco 300 Series Switches offer the reliable performance,investment protection, and peace of mind you expect from a Cisco switch. When you invest in the Cisco 300 Series, you gain the benefit of:◦Cisco limited lifetime warranty with next business day advance replacement (where available).◦Rigorous testing to help ensure easy integration and compatibility with other Cisco networking and communications products, including the complete Cisco Small Business portfolio.●Service and Support: Cisco 300 Series Switches are backed by the Cisco Small Business SupportService, which provides affordable peace-of-mind coverage. This subscription-based service helps you protect your investment and derive maximum value from Cisco Small Business products. Delivered by Cisco and backed by your trusted partner, this comprehensive service includes software updates, access to the Cisco Small Business Support Center, and extends technical service to three years.Cisco Small Business products are supported by professionals in Cisco Small Business Support Center locations worldwide who are specifically trained to understand your needs. The Cisco Small Business Support Community, an online forum, enables you to collaborate with your peers and reach Cisco technical experts for support information.●Cisco Limited Lifetime Hardware Warranty: Cisco 300 Series Switches offer a limited lifetimehardware warranty with next business day advance replacement (where available, otherwise same day ship) and a limited lifetime warranty for fans and power supplies. In addition, Cisco offers software application updates for bug fixes for the warranty term, and telephone technical support at no charge for the first 12 months following the date of purchase. To download software updates, go to:/cisco/web/download/index.html.Product warranty terms and other information applicable to Cisco products are available at/go/warranty.Product SpecificationsTable 1 gives the product specifications for the Cisco 300 Series Switches.Table 1. Product SpecificationsStandard MIBs (continued) SNMPv2-MIBSNMPv2-SMISNMPv2-TMRMON-MIB.mydcb-raj-DCBX-MIB-1108-MIBrfc1724-MIBRFC-1212.my_for_MG-Softrfc1213-MIBrfc1757-MIBRFC-1215.mySNMPv2-CONF.mySNMPv2-TC.myrfc2674-MIBrfc2575-MIBrfc2573-MIBrfc2233-MIBrfc2013-MIB rfc1907-MIB rfc2571-MIB rfc2572-MIB rfc2574-MIB rfc2576-MIB rfc2613-MIB rfc2665-MIB rfc2668-MIB rfc2737-MIB rfc2925-MIB rfc3621-MIB rfc4668-MIB rfc4670-MIB trunk-MIB tunnel-MIB udp-MIBPrivate MIBs CISCOSB-lldp-MIBCISCOSB-brgmulticast-MIBCISCOSB-bridgemibobjects-MIBCISCOSB-bonjour-MIBCISCOSB-dhcpcl-MIBCISCOSB-MIBCISCOSB-wrandomtaildrop-MIBCISCOSB-traceroute-MIBCISCOSB-telnet-MIBCISCOSB-stormctrl-MIBCISCOSB-ssh-MIBCISCOSB-socket-MIBCISCOSB-sntp-MIBCISCOSB-smon-MIBCISCOSB-phy-MIBCISCOSB-multisessionterminal-MIBCISCOSB-mri-MIBCISCOSB-jumboframes-MIBCISCOSB-gvrp-MIBCISCOSB-endofmib-MIBCISCOSB-dot1x-MIBCISCOSB-deviceparams-MIBCISCOSB-cli-MIBCISCOSB-cdb-MIBCISCOSB-brgmacswitch-MIBCISCOSB-3sw2swtables-MIBCISCOSB-smartPorts-MIBCISCOSB-tbi-MIBCISCOSB-macbaseprio-MIBCISCOSB-policy-MIBCISCOSB-env_mibCISCOSB-sensor-MIBCISCOSB-aaa-MIBCISCOSB-application-MIBCISCOSB-bridgesecurity-MIBCISCOSB-copy-MIBCISCOSB-CpuCounters-MIBCISCOSB-Custom1BonjourService-MIB CISCOSB-ip-MIBCISCOSB-iprouter-MIB CISCOSB-ipv6-MIBCISCOSB-mnginf-MIB CISCOSB-lcli-MIBCISCOSB-localization-MIB CISCOSB-mcmngr-MIB CISCOSB-mng-MIBCISCOSB-physdescription-MIB CISCOSB-Poe-MIBCISCOSB-protectedport-MIB CISCOSB-rmon-MIBCISCOSB-rs232-MIBCISCOSB-SecuritySuite-MIB CISCOSB-snmp-MIBCISCOSB-specialbpdu-MIB CISCOSB-banner-MIB CISCOSB-syslog-MIB CISCOSB-TcpSession-MIB CISCOSB-traps-MIBCISCOSB-trunk-MIBCISCOSB-tuning-MIB CISCOSB-tunnel-MIB CISCOSB-udp-MIBCISCOSB-vlan-MIBCISCOSB-ipstdacl-MIBCISCO-SMI-MIBCISCOSB-DebugCapabilities-MIB CISCOSB-CDP-MIBCISCOSB-vlanVoice-MIB CISCOSB-EVENTS-MIB CISCOSB-sysmng-MIB CISCOSB-sct-MIBCISCO-TC-MIBCISCO-VTP-MIBCISCO-CDP-MIBCISCOSB-eee-MIBCISCOSB-ssl-MIBOrdering InformationTable 2 provides ordering information for the Cisco 300 Series Switches. Table 2. Cisco 300 Series Switches Ordering InformationEach combo mini-GBIC port has one 10/100/1000 Ethernet port and one mini-GBIC/SFP Gigabit Ethernet slot, with one port active at a time.Table 3. MFE and MGE Transceiver Ordering InformationA Powerful, Affordable Foundation for Your Small Business NetworkAs you strive to make your employees as productive and effective as possible, your business applications and information – and the network that delivers them – become an ever more vital part of your business. You need a technology foundati on that can meet your business’s needs today and in the future, and that delivers the right feature set at the right price. The Cisco 300 Series portfolio of managed switches provides the reliability, performance, security, and capabilities you need to power your business.For More InformationTo find out more about the Cisco 300 Series, visit /go/300switches.。

Data Sheet Cisco SGE2000 24-Port Gigabit SwitchCisco Small Business Managed SwitchesHigh-Performance, Reliable, Stacking Switch for Small BusinessesHighlights●24 high-speed ports optimized for the network core or to support bandwidth-intensive applications●Resilient clustering provides the ability to manage several switches as a single switch to support growingbusinesses●Basic QoS helps ensure a consistent network experience and supports networked applications includingvoice, video, and data storage●Strong security protects network traffic to keep unauthorized users off the network●Limited lifetime warrantyFigure 1. Cisco SGE2000 24-Port Gigabit SwitchProduct OverviewThe Cisco SGE2000 24-Port Gigabit Switch (Figure 1) helps maximize system availability, with fully redundant stacking and dual images for resilient firmware upgrades. The switch helps secure the network through IEEE 802.1Q VLANs, IEEE 802.1X port authentication, access control lists (ACLs), denial-of-service (DoS) prevention, and MAC-based filtering. The enhanced quality of service (QoS) and traffic-management features help ensure clear and reliable voice and video communications.The Cisco SGE2000 includes an intuitive, secure management interface, enabling you to take advantage of the comprehensive feature set for a better-optimized, more secure network.Features●Twenty-four 10/100/1000 Ethernet ports●Four Small Form-Factor Pluggable (SFP) slots (shared with four copper ports) for fiber Gigabit Ethernetexpansion●Dual images for resilient firmware upgrades●Up to 48-Gbps, nonblocking, store-and-forward switching capacity●Simplified QoS management using 802.1p, differentiated services (DiffServ), or (ToS) traffic prioritizationspecifications●Fully resilient stacking for optimized growth with simplified management●ACLs for granular security and QoS implementation●Can be configured and monitored from a standard web browser●Secure remote management of the switch via Secure Shell (SSH) and SSL encryption●802.1Q-based VLANs enable segmentation of networks for improved performance and security●Private VLAN Edge (PVE) for simplified network isolation of guest connections or autonomous networks●Automatic configuration of VLANs across multiple switches through Generic VLAN Registration Protocol(GVRP) and Generic Attribute Registration Protocol (GARP)●User/network port-level security via 802.1X authentication and MAC-based filtering●Increased bandwidth and added link redundancy with link aggregation●Enhanced rate-limiting capabilities, including back pressure, multicast, and broadcast flood control●Port mirroring for noninvasive monitoring of switch traffic●Jumbo frame support up to 10KB●Simple Network Management Protocol (SNMP) versions 1, 2c, and 3 and Remote Monitoring (RMON)support●Fully rack mountable using the included rack-mounting hardware●Simple, one-step automated installation and initial configurationSpecificationsTable 1 contains the specifications, package contents, and minimum requirements for the Cisco SGE2000 24-Port Gigabit Switch.Table 1. Specifications for the Cisco SGE2000 24-Port Gigabit SwitchFeature DescriptionSpecificationsPorts ●24 RJ-45 connectors for 10BASE-T/100BASE-TX/1000BASE-T with 4 shared Gigabit SFP slots●Console port●Auto medium dependent interface (MDI) and MDI crossover (MDI-X)●Auto negotiate/manual setting●RPS port for connecting to redundant power supply unitButtons Reset buttonCabling type ●Unshielded twisted pair (UTP) Category 5 or better for 10BASE-T/100BASE-TX●UTP Category 5 Ethernet or better for 1000BASE-TLEDs PWR, Fan, Link/Act, Speed, RPS, Master, Stack ID 1 through 8PerformanceSwitching capacity Up to 48 Gbps, nonblockingUp to 35.7 mppsForwarding rate(based on 64-byte packets)StackingStack operation ●Up to 8 units in a stack (192 ports)●Hot insertion and removal●Ring and chain stacking options●Master and backup master for resilient stack control●Auto-numbering or manual configuration of units in stackLayer 2MAC table size 8000Number of VLANs 256 active VLANs (4096 range)VLAN ●Port-based and 802.1Q tag-based VLANs●Protocol-based VLAN●Management VLAN●Private VLAN Edge (PVE)●GVRPHead-of-line (HOL) blocking HOL blocking preventionLayer 3Layer 3 options ●Static routing●Classless interdomain routing (CIDR)●128 static routes●IPv4●Forwarding in silicon – wire-speed forwarding of Layer 3 trafficIPv6IPv6 IPv6 Host ModeIPv6 over EthernetDual IPv6/IPv4 stackIPv6 Neighbor and Router Discovery (ND)IPv6 Stateless Address AutoconfigurationPath MTU DiscoveryDuplicate Address Detection (DAD)ICMPv6IPv6 over IPv4 network with ISATAP tunnel supportIPv6 QoS Prioritize IPv6 packets in hardwareIPv6 ACL Drop or Rate Limit IPv6 packets in hardwareMLD Snooping Deliver IPv6 multicast packets only to the required receiversIPv6 Applications Web/SSL, Telnet Server/SSH, Ping, Traceroute, SNTP, TFTP, Radius, Syslog, DNS ClientIPv6 RFCs Supported RFC2463 – ICMPv6RFC3513 – IPv6 Address architectureRFC 4291 – IP Version 6 Addressing ArchitectureRFC 2460 – Internet Protocol v6 (IPv6) SpecificationRFC 2461 – Neighbor Discovery for IPv6RFC 2462 – IPv6 Stateless Address Auto-configurationRFC 1981 – Path MTU DiscoveryRFC 4007 – IPv6 Scoped Address ArchitectureRFC3484 – Default address selection mechanism is described by RFC3484RFC4214 – ISATAP tunnelingRFC4293 – MIB IPv6: Textual Conventions and General GroupRFC 3595 – Textual Conventions for IPv6 Flow LabelManagementWeb user interface Built-in web user interface for easy browser-based configuration (HTTP/HTTPS)SNMP SNMP versions 1, 2c, and 3 with support for trapsSNMP MIBs RFC1213 MIB-2, RFC2863 interface MIB, RFC2665 Ether-like MIB, RFC1493 bridge MIB, RFC2674extended bridge MIB (P-bridge, Q-bridge), RFC2819 RMON MIB (groups 1, 2, 3, and 9 only), RFC2737entity MIB, RFC3621 Power Ethernet MIB, RFC 2618 RADIUS client MIB, RFC 1215 trapsRMON Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events) forenhanced traffic management, monitoring, and analysisFirmware upgrade ●Web browser upgrade (HTTP) and Trivial File Transfer Protocol (TFTP)●Dual images for resilient firmware upgradesPort mirroring Traffic on a port can be mirrored to another port for analysis with a network analyzer or RMON probeOther management ●Traceroute●Single IP management●SSL security for web user interface●SSH●RADIUS●Port mirroring●TFTP upgrade●DHCP client●BOOTP●Simple Network Time Protocol (SNTP)●Xmodem upgrade●Cable diagnostics●Ping●Syslog●Telnet client (SSH secure support)SecurityIEEE 802.1X ●802.1X – RADIUS authentication; MD5 hash●Guest VLAN●Single/multiple host modeAccess control ACLs – drop or rate limit based on:●Source and destination MAC-based●Source and destination IP address●Protocol●Port●VLAN●Differentiated services code point (DSCP)/IP precedence●TCP/User Datagram Protocol (UDP) source and destination ports●802.1p priority●Ethernet type●Internet Control Message Protocol (ICMP) packets●Internet Group Management Protocol (IGMP) packets●Up to 1018 rulesAvailabilityLink aggregation ●Link aggregation using IEEE 802.3ad Link Aggregation Control Protocol (LACP)●Up to 8 ports in up to 8 groupsStorm control Broadcast and multicast storm protectionDoS prevention DoS attack preventionSpanning Tree ●IEEE 802.1D Spanning Tree●IEEE 802.1w Rapid Spanning Tree●IEEE 802.1s Multiple Spanning Tree, Fast LinkoverIGMP snooping IGMP (versions 1 and 2) snooping limits bandwidth-intensive video traffic to only the requestors. Supports256 multicast groups.QoSPriority levels 4 hardware queuesScheduling Priority queuing and weighted round-robin (WRR)Class of service ●Port based●802.1p VLAN priority based●IPv4 IP precedence/ToS/DSCP based●DiffServ●Classification and re-marking ACLsRate limiting ●Ingress policer●Egress rate controlStandards 802.3 10BASE-T Ethernet, 802.3u 100BASE-TX Fast Ethernet, 802.3ab 1000BASE-T Gigabit Ethernet,802.3z Gigabit Ethernet, 802.3x flow control, 802.3ad LACP, 802.1d Spanning Tree Protocol (STP),802.1Q/p VLAN, 802.1w Rapid STP, 802.1s Multiple STP, 802.1x port access authenticationEnvironmental Dimensions W x D x H 17.32 x 14.70 x 1.73 in. (440 x 375 x 44 mm)Unit weight 14.09 lb (6.39 kg)Certification UL (UL 60950), CSA (CSA 22.2), CE mark, FCC Part 15 (CFR 47) Class AOperating temperature 32º to 104ºF (0º to 40ºC)Storage temperature –4º to 158ºF (–20º to 70ºC)Operating humidity 10% to 90% relative humidity, noncondensingStorage humidity 10% to 95% relative humidity, noncondensingNumber of fans 2Acoustic noise 55 dB max.Power 100–240V AC, 50–60Hz, internal, universal; also equipped with redundant power supply connector forexternal power supply 48V DCPower consumption 12V at 7.5A (90W)Package Contents●Cisco SGE2000 24-Port Gigabit Switch●Console cable●AC power cord●Rack-mounting kit●Quick installation guideMinimum Requirements●Web browser: Mozilla Firefox 1.5 or later, Internet Explorer 5.5 or later, Netscape 7.01 or later●Category 5 Ethernet network cable●TCP/IP installed on each computer within the network●Network adapter installed in each computer●Network operating systemProduct WarrantyLimited lifetime warranty with return to factory replacement, one year telephone support and software fixes for the warranty term.Service & SupportCisco Small Business switches are backed by the Cisco Small Business Support Service, which provides affordable peace-of-mind coverage. This subscription-based service helps you protect your investment and derive maximum value from Cisco Small Business products. Delivered by Cisco and backed by your trusted partner, this comprehensive service includes software updates, access to the Cisco Small Business Support Center, and expedited hardware replacement.Cisco Small Business products are supported by professionals in Cisco Small Business Support Center locations worldwide who are specifically trained to understand your needs. The Cisco Small Business Support Community, an online forum, enables you to collaborate with your peers and reach Cisco technical experts for support information.Cisco Limited Lifetime Hardware WarrantyThis Cisco Small Business product offers a limited lifetime hardware warranty with return to factory replacement and a 1-year limited warranty for fans and power supplies. In addition, Cisco offers telephone technical support at no charge for the first 12 months following the date of purchase and software bug fixes for the warranty term. To download software updates, go to: /cisco/web/download/index.html.Product warranty terms and other information applicable to Cisco products are available at/go/warranty.For More InformationFor more information on Cisco Small Business products and solutions, visit: /smallbusiness.。

Data SheetCisco SLM2024 24-Port Gigabit Smart SwitchCisco Small Business Smart SwitchesCost-Effective, Secure Switching with Simplified Management for Your Small Business Highlights●Easy-to-use web browser interface makes installation quick and effortless●High-speed conectivity supports bandwidth-intensive applications●Security down to the switch port level keeps unauthorized users off the network●Basic QoS helps ensure a consistent network experience and supports networkedapplications, including voice, video, and data storageFigure 1. Cisco SLM2024 24-Port Gigabit Smart Switch with 2 SFPsProduct OverviewCisco® Small Business Smart Switches are cost-effective switching solutions that are ideal for small businesses, the network edge, or workgroups within larger organizations. These easy-to-install, high-speed switches offer many of the same quality-of-service (QoS) and security features found in more expensive full Layer 2 managed switches, but without their complexity. The Cisco SLM2024 24-Port Gigabit Smart Switch (Figure 1) offers twenty-four 10/100/1000 Gigabit over copper ports with two shared copper or optical Small Form-Factor Pluggable (SFP) uplink interfaces for connecting the switch to the core network. The simplified user interface is an intuitive management tool, enabling you to quickly use the comprehensive feature set of the switch, for a better-optimized network.The Cisco SLM2024 includes numerous QoS features to help ensure that traffic is prioritized properly to deliver the best possible user experience for real-time applications such as voice and video or bandwidth-intensive graphic/video file uploads or downloads. With its Internet Group Management Protocol (IGMP) snooping feature, the Cisco SLM2024 limits IP multicast traffic (such as real-time presentations, videoconferences, and online gaming) to only the ports that have requested it, enabling the rest of the network to operate at peak efficiency. Additional QoS capabilities, such as IEEE 802.1p priority tagging, differentiated services code point (DSCP), and four hardware queues, also maintain quality for real-time applications such as voice and video. Network traffic can be optimized with the switch’s 802.1Q VLAN support, which enables you toquickly segregate network traffic by department or workgroup. VLANs also provide an additional layer of security by keeping sensitive data separated from other workgroups on the network.Network security is an absolute requirement for any business, and preventing unauthorized access to the company network is critical. The Cisco SLM2024 secures the network through 802.1X port authentication, which prompts end users to provide their username and password before they are permitted to pass data. User access can also be controlled through the Cisco SLM2024’s MAC-based filtering capability, which allows network access only to those devices or workstations that have been authorized as identified by their MAC address. The many-to-one or one-to-one port mirroring feature of the Cisco SLM2024 enables you to monitor the type of traffic being transmitted on the network.The Cisco SLM2024 includes features for quickly expanding and growing your network. To substantially increase network throughput speeds, especially useful for companies whose employees are routinely backing up their hard drives to a company server or storage platform, the Cisco SLM2024 supports link aggregation, which allows multiple high-bandwidth trunks between switches to be set up. Link aggregation also provides a level of availability and redundancy, as traffic will continue to flow even if one of the network links break. The Cisco SLM2024’s Spanning Tree Protocol (STP) support and storm control features help to control planned or inadvertent cable loops when switches are connected to one another. These loops can cause broadcast or multicast storms in the network, severely limiting its performance. With these features, you can confidently build a mesh of switches and quickly expand your network to support your growing workforce.Features●Twenty-four 10/100/1000 switched RJ-45 ports for up to 2000 Mbps of throughput per port● 2 mini Gigabit Interface Converter (mini-GBIC) slots for fiber and copper Gigabit Ethernetexpansion●48-Gbps nonblocking, store-and-forward switching mechanism●Simplified QoS management enabled by advanced queuing techniques using 802.1p,IPv4/v6 Differentiated Services (DiffServ)/DSCP traffic prioritization specifications●Configuration and monitoring from a standard web browser with a simplified managementinterface●802.1Q-based VLANs enable segmentation of networks for improved performance andsecurity●Port-level security via 802.1X authentication and MAC-based filtering●Increased bandwidth (up to 8x) and added link redundancy with Link Aggregation ControlProtocol (LACP)●Multicast and broadcast storm control●Port mirroring for noninvasive monitoring of switch traffic●Jumbo frame support (9 KB)●Fully rack-mountable using the included rack-mounting hardwareSpecificationsTable 1 gives the specifications, package contents, and minimum requirements for the Cisco SLM2024 24-Port Gigabit Smart Switch.Table 1. Cisco SLM2024 24-Port Gigabit Smart Switch with 2 SFPsSpecificationsPorts ●24 RJ-45 connectors for 10BASE-T/100BASE-TX/1000BASE-T, including 2 comboports with mini GBIC/SFP slots●Auto medium dependent interface (MDI) and MDI crossover (MDI-X)●Auto negotiate/manual settingButtons ResetCabling type Unshielded twisted pair (UTP) Category 5e or better for 1000BASE-TLEDs System, Gigabit Link/Act, and SpeedPerformanceSwitching capacity 48-Gbps nonblockingForwarding rate 35.71 Mpps wire-speed performanceLayer 2MAC table size 8000Number of VLANs 128 active VLANs (4096 range)VLAN ●Port-based and 802.1Q tag-based VLANs●Management VLANHead-of-line (HOL) blocking HOL blocking preventionManagementWeb user interface Built-in web UI for easy browser-based configuration (HTTP)Firmware upgrade Web browser upgrade (HTTP) and Trivial File Transfer Protocol (TFTP)Port mirroring Traffic on a port can be mirrored to another port for analysis with a network analyzer Other management ●Port mirroring●DHCP/BOOTP client●System log●Configuration upload and backup via HTTP or TFTPSecurity●802.1X-RADIUS authentication. MD5 encryption●Port security-MAC-based filtering●Management access controlAvailabilityLink aggregation ●Link aggregation using IEEE 802.3ad LACP●Up to 4 groups with up to 8 ports per groupStorm control Broadcast and multicastSpanning Tree IEEE 802.1D Spanning Tree and PortFastIGMP snooping IGMP (v1/v2) snooping provides for fast client joins and leaves of multicast streams andlimits bandwidth-intensive video traffic to only the requestors. Supports 32 multicast groups. QoSPriority levels 4 hardware queuesScheduling Priority queuing and weighted round-robin (WRR)Class of service ●Port based●802.1p VLAN priority based●IPv4/v6 IP DSCP basedStandards●802.3 10BASE-T Ethernet●802.3u 100BASE-TX Fast Ethernet●802.3ab 1000BASE-T Gigabit Ethernet ●802.3z Gigabit Ethernet●802.3x flow control●802.3ad LACP●802.1D Spanning Tree Protoocl●802.1Q/p VLAN●802.1X port access authentication EnvironmentalDimensions W x H x D 17.32 x 1.70 x 10.12 in. (440 x 43.2 x 257 mm)Weight 6.83 lb (3.1 kg)Power Internal power, 100-240VCertification FCC Part 15 Class A, CE Class A, UL, cUL, CE mark, CBOperating temperature 32° to 122°F (0° to 50°C)Storage temperature 32° to 158°F (0° to 70°C)Operating humidity 10 to 90%, noncondensingStorage humidity 10 to 90%, noncondensingPackage Contents●Cisco SLM2024 24-Port Gigabit Smart Switch with 2 combo SFPs●AC power cord●Rack-mounting kits with bracket and hardware●One CD with user guide in PDF format●online registration cardMinimum Requirements●Web-based utility: Microsoft Internet Explorer (version 5.5 or later) web browser●Category 5 Ethernet network cableProduct Warranty5-year limited hardware warranty with return to factory replacement and 90-day limited software warrantyCisco Limited Warranty for Cisco Small Business Series ProductsThis Cisco Small Business product comes with a 5-year limited hardware warranty with return to factory replacement and a 90-day limited software warranty. In addition, Cisco offers software application updates for bug fixes and telephone technical support at no charge for the first 12 months following the date of purchase. To download software updates, go to:/go/smallbiz.Product warranty terms and other information applicable to Cisco products are available at /go/warranty.For More InformationFor more information on Cisco Small Business products and solutions, visit:/smallbusiness.Printed in USA C78-500597-00 11/08。

CISCO Switch命令大全1.switch(config)# hostname hostname在基于CLI的交换机上设置主机名/系统名:switch(enable) set system name name-string2.在基于IOS的交换机上设置登录口令:switch(config)# enable password level 1 password在基于CLI的交换机上设置登录口令:switch(enable) set passwordswitch(enable) set enalbepass3.在基于IOS的交换机上设置远程访问:switch(config)# interface vlan 1switch(config-if)# ip address ip-address netmaskswitch(config-if)# ip default-gateway ip-address在基于CLI的交换机上设置远程访问:switch(enable) set interface sc0 ip-address netmask broadcast-addressswitch(enable) set interface sc0 vlanswitch(enable) set ip route default gateway4.在基于IOS的交换机上启用和浏览CDP信息:switch(config-if)# cdp enableswitch(config-if)# no cdp enable为了查看Cisco邻接设备的CDP通告信息:switch# show cdp interface [type modle/port]switch# show cdp neighbors [type module/port] [detail]在基于CLI的交换机上启用和浏览CDP信息:switch(enable) set cdp {enable|disable} module/port为了查看Cisco邻接设备的CDP通告信息:switch(enable) show cdp neighbors[module/port] [vlan|duplex|capabilities|detail] 5.基于IOS的交换机的端口描述:switch(config-if)# description description-string基于CLI的交换机的端口描述:switch(enable)set port name module/number description-string6.在基于IOS的交换机上设置端口速度:switch(config-if)# speed{10|100|auto}在基于CLI的交换机上设置端口速度:switch(enable) set port speed moudle/number {10|100|auto}switch(enable) set port speed moudle/number {4|16|auto}7.在基于IOS的交换机上设置以太网的链路模式:switch(config-if)# duplex {auto|full|half}在基于CLI的交换机上设置以太网的链路模式:switch(enable) set port duplex module/number {full|half}8.在基于IOS的交换机上配置静态VLAN:switch# vlan databaseswitch(vlan)# vlan vlan-num name vlaswitch(vlan)# exitswitch# configure teriminalswitch(config)# interface interface module/numberswitch(config-if)# switchport mode accessswitch(config-if)# switchport access vlan vlan-numswitch(config-if)# end在基于CLI的交换机上配置静态VLAN:switch(enable) set vlan vlan-num [name name]switch(enable) set vlan vlan-num mod-num/port-list9. 在基于IOS的交换机上配置VLAN中继线:switch(config)# interface interface mod/portswitch(config-if)# switchport mode trunkswitch(config-if)# switchport trunk encapsulation {isl|dotlq}switch(config-if)# switchport trunk allowed vlan remove vlan-listswitch(config-if)# switchport trunk allowed vlan add vlan-list在基于CLI的交换机上配置VLAN中继线:switch(enable) set trunk module/port [on|off|desirable|auto|nonegotiate]Vlan-range [isl|dotlq|dotl0|lane|negotiate]10.在基于IOS的交换机上配置VTP管理域:switch# vlan databaseswitch(vlan)# vtp domain domain-name在基于CLI的交换机上配置VTP管理域:switch(enable) set vtp [domain domain-name]11.在基于IOS的交换机上配置VTP 模式:switch# vlan databaseswitch(vlan)# vtp domain domain-nameswitch(vlan)# vtp {sever|cilent|transparent}switch(vlan)# vtp password password在基于CLI的交换机上配置VTP 模式:switch(enable) set vtp [domain domain-name] [mode{ sever|cilent|transparent }][password password] 12. 在基于IOS的交换机上配置VTP版本:switch# vlan databaseswitch(vlan)# vtp v2-mode在基于CLI的交换机上配置VTP版本:switch(enable) set vtp v2 enable13. 在基于IOS的交换机上启动VTP剪裁:switch# vlan databaseswitch(vlan)# vtp pruning在基于CL I 的交换机上启动VTP剪裁:switch(enable) set vtp pruning enable14.在基于IOS的交换机上配置以太信道:switch(config-if)# port group group-number [distribution {source|destination}]在基于CLI的交换机上配置以太信道:switch(enable) set port channel moudle/port-range mode{on|off|desirable|auto}15.在基于IOS的交换机上调整根路径成本:switch(config-if)# spanning-tree [vlan vlan-list] cost cost在基于CLI的交换机上调整根路径成本:switch(enable) set spantree portcost moudle/port costswitch(enable) set spantree portvlancost moudle/port [cost cost][vlan-list]16.在基于IOS的交换机上调整端口ID:switch(config-if)# spanning-tree[vlan vlan-list]port-priority port-priority在基于CLI的交换机上调整端口ID:switch(enable) set spantree portpri {mldule/port}priorityswitch(enable) set spantree portvlanpri {module/port}priority [vlans]17. 在基于IOS的交换机上修改STP时钟:switch(config)# spanning-tree [vlan vlan-list] hello-time secondsswitch(config)# spanning-tree [vlan vlan-list] forward-time seconds` switch(config)# spanning-tree [vlan vlan-list] max-age seconds在基于CLI的交换机上修改STP时钟:switch(enable) set spantree hello interval[vlan]switch(enable) set spantree fwddelay delay [vlan]switch(enable) set spantree maxage agingtiame[vlan]18. 在基于IOS的交换机端口上启用或禁用Port Fast 特征:switch(config-if)#spanning-tree portfast在基于CLI的交换机端口上启用或禁用Port Fast 特征:switch(enable) set spantree portfast {module/port}{enable|disable}19. 在基于IOS的交换机端口上启用或禁用UplinkFast 特征:switch(config)# spanning-tree uplinkfast [max-update-rate pkts-per-second]在基于CLI的交换机端口上启用或禁用UplinkFast 特征:switch(enable) set spantree uplinkfast {enable|disable}[rate update-rate] [all-protocols off|on]20. 为了将交换机配置成一个集群的命令交换机,首先要给管理接口分配一个IP地址,然后使用下列命令: switch(config)# cluster enable cluster-name21. 为了从一条中继链路上删除VLAN,可使用下列命令:switch(enable) clear trunk module/port vlan-range22. 用show vtp domain 显示管理域的VTP参数.23. 用show vtp statistics显示管理域的VTP参数.24. 在Catalyst交换机上定义TrBRF的命令如下:switch(enable) set vlan vlan-name [name name] type trbrf bridge bridge-num[stp {ieee|ibm}]25. 在Catalyst交换机上定义TrCRF的命令如下:switch (enable) set vlan vlan-num [name name] type trcrf{ring hex-ring-num|decring decimal-ring-num} parent vlan-num26. 在创建好TrBRF VLAN之后,就可以给它分配交换机端口.对于以太网交换,可以采用如下命令给VLAN分配端口:switch(enable) set vlan vlan-num mod-num/port-num27. 命令show spantree显示一个交换机端口的STP状态.28. 配置一个ELAN的LES和BUS,可以使用下列命令:ATM (config)# interface atm number.subint multiointATM(config-subif)# lane serber-bus ethernet elan-name29. 配置LECS:ATM(config)# lane database database-nameATM(lane-config-databade)# name elan1-name server-atm-address les1-nsap-addressATM(lane-config-databade)# name elan2-name server-atm-address les2-nsap-addressATM(lane-config-databade)# name …30. 创建完数据库后,必须在主接口上启动LECS.命令如下:ATM(config)# interface atm numberATM(config-if)# lane config database database-nameATM(config-if)# lane config auto-config-atm-address31. 将每个LEC配置到一个不同的ATM子接口上.命令如下:ATM(config)# interface atm number.subint multipointATM(config)# lane client ethernet vlan-num elan-num32. 用show lane server 显示LES的状态.33. 用show lane bus显示bus的状态.34. 用show lane database显示LECS数据库可内容.35. 用show lane client显示LEC的状态.36. 用show module显示已安装的模块列表.37. 用物理接口建立与VLAN的连接:router# configure terminalrouter(config)# interface media module/portrouter(config-if)# description description-stringrouter(config-if)# ip address ip-addr subnet-maskrouter(config-if)# no shutdown38. 用中继链路来建立与VLAN的连接:router(config)# interface module/port.subinterfacerouter(config-ig)# encapsulation[isl|dotlq] vlan-numberrouter(config-if)# ip address ip-address subnet-mask39. 用LANE 来建立与VLAN的连接:router(config)# interface atm module/portrouter(config-if)# no ip addressrouter(config-if)# atm pvc 1 0 5 qsaalrouter(config-if)# atm pvc 2 0 16 ilnirouter(config-if)# interface atm module/port.subinterface multipointrouter(config-if)# ip address ip-address subnet-maskrouter(config-if)# lane client ethernet elan-numrouter(config-if)# interface atm module/port.subinterface multipointrouter(config-if)# ip address ip-address subnet-namerouter(config-if)# lane client ethernet elan-namerouter(config-if)# …40. 为了在路由处理器上进行动态路由配置,可以用下列IOS命令来进行:router(config)# ip routingrouter(config)# router ip-routing-protocolrouter(config-router)# network ip-network-numberrouter(config-router)# network ip-network-number41. 配置默认路由:switch(enable) set ip route default gateway42. 为一个路由处理器分配VLANID,可在接口模式下使用下列命令:router(config)# interface interface numberrouter(config-if)# mls rp vlan-id vlan-id-num43. 在路由处理器启用MLSP:router(config)# mls rp ip44. 为了把一个外置的路由处理器接口和交换机安置在同一个VTP域中:router(config)# interface interface numberrouter(config-if)# mls rp vtp-domain domain-name45. 查看指定的VTP域的信息:router# show mls rp vtp-domain vtp domain name46. 要确定RSM或路由器上的管理接口,可以在接口模式下输入下列命令:router(config-if)#mls rp management-interface47. 要检验MLS-RP的配置情况：router# show mls rp48. 检验特定接口上的MLS配置：router# show mls rp interface interface number49. 为了在MLS-SE上设置流掩码而又不想在任一个路由处理器接口上设置访问列表：set mls flow [destination|destination-source|full]50. 为使MLS和输入访问列表可以兼容，可以在全局模式下使用下列命令：router(config)# mls rp ip input-acl[page]51. 当某个交换机的第3层交换失效时，可在交换机的特权模式下输入下列命令：switch(enable) set mls enable52. 若想改变老化时间的值，可在特权模式下输入以下命令：switch(enable) set mls agingtime agingtime53. 设置快速老化：switch(enable) set mls agingtime fast fastagingtime pkt_threshold54. 确定那些MLS-RP和MLS-SE参与了MLS，可先显示交换机引用列表中的内容再确定：switch(enable) show mls include55. 显示MLS高速缓存记录：switch(enable) show mls entry56. 用命令show in arp显示ARP高速缓存区的内容。

思科网络基础知识介绍什么是思科网络？思科网络是指由思科公司设计、开发和销售的网络设备和解决方案。

思科是全球领先的网络技术提供商，其产品和解决方案广泛应用于企业、政府和教育机构等各个领域。

基本网络概念在介绍思科网络之前，我们首先了解一些基本的网络概念。

1.网络网络是指将多个设备（如计算机、服务器、路由器等）通过物理或逻辑连接进行通信的集合。

网络可以是局域网（LAN）、城域网（MAN）或广域网（WAN）。

2.路由器路由器是一种网络设备，用于将数据包从一个网络传输到另一个网络。

它根据目的网络地址决定数据包的传输路径，并提供网络连接和通信的控制功能。

3.交换机交换机是一种用于连接多个设备的网络设备。

它可以根据MAC（媒体访问控制）地址将数据包从源设备传输到目的设备，提供高速、可靠的数据传输。

4.协议协议是网络中使用的规则和约定，用于设备之间的通信和数据交换。

常见的网络协议包括TCP/IP、HTTP、FTP等。

思科网络的特点思科网络具有以下几个特点：1.高可靠性思科网络设备经过严格的测试和验证，具有高可靠性和稳定性。

它们能够提供持续稳定的网络连接，确保数据的快速传输和可靠性。

思科网络产品提供灵活的配置和管理选项，可以根据需求进行定制和扩展。

无论是小型企业还是大型组织，都可以根据自己的需求选择适合的解决方案。

3.安全性思科网络设备提供强大的安全功能，包括防火墙、虚拟专用网络（VPN）和入侵检测系统（IDS）等。

这些功能可以保护网络免受未经授权的访问和恶意攻击。

4.性能优化思科网络产品采用先进的技术和优化算法，提供高性能的数据传输和处理能力。

无论是处理大量数据流量还是支持多媒体应用，思科网络都能够提供卓越的性能表现。

5.可扩展性思科网络解决方案具有良好的可扩展性，可以根据需求进行快速扩展和升级。

无论是增加新的用户、添加新的网络设备还是扩展网络覆盖范围，思科网络都能够灵活应对。

思科网络产品与解决方案思科网络产品和解决方案包括以下几个方面：1.路由器思科路由器（Cisco Router）是思科公司的核心产品之一。

Cisco Business 250 Series Smart Switches Quick Start GuidesCisco Business 250 Series Switches have different Quick Start Guides, depending on your product. Find your product SKU below to know which version of the Quick Start Guide to use.Quick Start Guide (Pages 2-3)Quick Start Guide (Pages 4-5)CBS250-8T-E-2G CBS250-24T-4G CBS250-48P-4G CBS250-8PP-E-2G CBS250-24PP-4G CBS250-24T-4X CBS250-8P-E-2G CBS250-24P-4G CBS250-24P-4X CBS250-8FP-E-2G CBS250-24FP-4G CBS250-24FP-4X CBS250-16T-2G CBS250-48T-4G CBS250-48T-4X CBS250-16P-2GCBS250-48PP-4GCBS250-48P-4XCBS250-8T-DCBS250-8PP-DCisco Business 250 Series Smart SwitchesThank you for choosing the Cisco 250 Series Switch.These switches are designed to be operational right out of the box as standard switches.In the default configuration, the switch forwards packets between the connected devices afterpowering up.5324What’s in the BoxCisco Business 250 Series Smart SwitchPower Cord or AdapterRack-Mount/Wall-Mount KitQuick Start GuidePointer Card with China RoHSTechnical Support ContactsQUICK START GUIDEFirst, You’ll Need...●RJ-45 Ethernet cables (Category 5e or higher)for connecting network devices●Tools for mounting the hardware●Computer with an Ethernet port (or adapter) and a web browser(Firefox, Chrome, Safari, or Edge)● A mobile device with Wi-Fi capability (to set up using the mobile app)1Get ConfiguredGet Connected©2021 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https:// /go/trademarks. Third-party trademarks mentioned are the property of their respective owners.The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)For Cisco support and additional documentation, including mounting instructions and the Administration Guide, visit https:///go/cbs250.MountingFor detailed mounting instructions, please see the “Get Support” section.Plug the power cord of the switch into an outlet.Scan the QR code here to download the app or go to /go/cbsapp and follow the installation instructions.Download the Cisco Business Mobile appGet SupportCisco Business 250 Series Smart SwitchesThank you for choosing the Cisco Business 250 Series Switch.These switches are designed to be operational right out of the box as standard switches.In the default configuration, the switch forwards packets between the connected devices afterpowering up.What’s in the Box●Cisco Business 250 Series Switch●Power Cord or Adapter●Wall-Mount Kit●Quick Start Guide●Pointer Card with China RoHS●Technical Support ContactsQUICK START GUIDEFirst, You’ll Need...●RJ-45 Ethernet cables (Category 5e or higher)for connecting network devices●Tools for mounting the hardware●Computer with an Ethernet port (or adapter) and a web browser(Firefox, Chrome, Safari, or Edge)● A mobile device with Wi-Fi capability (to set up using the mobile app)* PoE product shown. For non-PoE products there is a Gigabit LED instead of a PoE LED.Get ConfiguredGet Connected©2021 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https:// /go/trademarks. Third-party trademarks mentioned are the property of their respective owners.The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)For Cisco support and additional documentation, including mounting instructions and the Administration Guide, visit https:///go/cbs250.MountingFor detailed mounting instructions, please see the “Get Support” section.Plug the power cord of the switch into an outlet.Scan the QR code here to download the app or go to /go/cbsapp and follow the installation instructions.Download the Cisco Business Mobile appGet Support。