EasyManuals Logo

Cisco Catalyst 2950 Software Guide

Cisco Catalyst 2950
376 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #198 background imageLoading...
Page #198 background image
8-28
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-03
Chapter8 Configuring VLANs
How the VMPS Works
How the VMPS Works
A switch running this software release acts as a client to the VLAN Membership Policy Server (VMPS)
and communicates with it through the VLAN Query Protocol (VQP). When the VMPS receives a VQP
request from a client switch, it searches its database for a MAC-address-to-VLAN mapping. The server
response is based on this mapping and whether or not the server is in secure mode. Secure mode
determines whether the server shuts down the port when a VLAN is not allowed on it or just denies the
port access to the VLAN.
In response to a request, the VMPS takes one of these actions:
If the assigned VLAN is restricted to a group of ports, the VMPS verifies the requesting port against
this group and responds as follows:
If the VLAN is allowed on the port, the VMPS sends the VLAN name to the client in response.
If the VLAN is not allowed on the port, and the VMPS is not in secure mode, the VMPS sends
an access-denied response.
If the VLAN is not allowed on the port, and the VMPS is in secure mode, the VMPS sends a
port-shutdown response.
If the VLAN in the database does not match the current VLAN on the port and active hosts exist on
the port, the VMPS sends an access-denied or a port-shutdown response, depending on the secure
mode of the VMPS.
If the switch receives an access-denied response from the VMPS, it continues to block traffic from the
MAC address to or from the port. The switch continues to monitor the packets directed to the port and
sends a query to the VMPS when it identifies a new address. If the switch receives a port-shutdown
response from the VMPS, it disables the port. The port must be manually reenabled by using the CLI,
Cluster Management Suite, or SNMP.
You can also use an explicit entry in the configuration table to deny access to specific MAC addresses
for security reasons. If you enter the none keyword for the VLAN name, the VMPS sends an
access-denied or port-shutdown response.
Step 11
spanning-tree vlan 3 cost 30 Setthespanning-treepathcostto30forVLAN3.
Step 12
spanning-tree vlan 4 cost 30 Setthespanning-treepathcostto30forVLAN4.
Step 13
end Return to global configuration mode.
Step 14
RepeatSteps9through11onSwitch1interfacefastethernet0/2,
and set the spanning-tree path cost to 30 for VLANs 8, 9, and 10.
Step 15
exit Return to privileged EXEC mode.
Step 16
show running-config Verify your entries.
In the display, verify that the path costs are set correctly for
interfaces fastethernet 0/1 and fastethernet 0/2.
Command Purpose

Table of Contents

Other manuals for Cisco Catalyst 2950

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 2950 and is the answer not in the manual?

Cisco Catalyst 2950 Specifications

General IconGeneral
Forwarding Bandwidth8.8 Gbps
Switching Capacity13.6 Gbps
Forwarding Rate6.6 Mpps
Weight3.6 kg
RAM16 MB
Flash Memory8 MB
Operating Humidity10% to 85% non-condensing
Uplink Ports2 x 10/100/1000Base-T
Dimensions4.4 cm x 44.5 cm x 24.2 cm
Remote Management ProtocolSNMP, Telnet, HTTP
FeaturesQuality of Service (QoS), VLAN support
Compliant StandardsIEEE 802.3, IEEE 802.3u, IEEE 802.1D, IEEE 802.1Q, IEEE 802.1p
Status Indicatorssystem
Operating Temperature0 to 45°C
Ports24 x 10/100 Ethernet ports
MAC Address Table Size8, 192 entries
Power SupplyInternal 100-240V AC, 50-60Hz

Related product manuals