Get IT Done: Use Web-based tools to manage Cisco switches

Read about the tools Cisco offers to maximize the performance and manageability of their switches

Switches have become standard equipment in today’s demanding networked environment. Offering increased performance and added manageability, they easily beat out even the smartest hub. Clearly, one of the leading vendors of switches is Cisco Systems. In this article, we’re going to take a look at some of the Web-based tools Cisco offers to maximize the performance and manageability of their switches.

More than a pretty face
The first set of features you should become familiar with belong to Cisco’s Visual Switch Manager (VSM) and Cluster Management Suite (CMS), which are available on Catalyst 2900/3500 XL switches. These utilities are accessible through a Web browser and offer a clean graphical interface to a variety of management functions.

Through these interfaces, you can configure and monitor your standalone switches as well as your clusters. The VSM homepage displays a real-time image of the front panel of your switch, including the LEDs, as you can see in Figure A. Active ports are green and inactive ports are blue. This saves you a walk to the server room to see which ports are currently in use.

Figure A
Cisco’s Virtual Switch Manager

Individual port configuration can be done simply by right-clicking on the desired port and selecting the option you want. Many other features and protocols have menu options as well, allowing you to configure and tweak your switch. For instance, you can take a look at the Spanning Tree Protocol (STP) and see which switch in your network is the root switch and which ports are in a forwarding state, and you can enable or disable UplinkFast. Cisco has made a great timesaver with the VSM. It will definitely limit your need to access the command-line interface.

Birds of a feather
Now that you can view real-time graphical information about the switch, why not access all of your switches the same way? Clusters make this possible by allowing management of up to 16 switches through a single IP address. NAT commands are automatically placed into the running configuration to allow for this option, so don’t start worrying about change management quite yet. A cluster allows for any combination of 3500 XL, 2900 XL, 2820, and 1900 switches, but only the 3500 XL and 2900 XL can serve as the command switch.

To create the cluster, simply open VSM on the selected command switch and enter the Cluster Command Configuration. Selecting Cluster Builder will then allow you to add member switches to your newly formed cluster. By default, the command switch will attempt to locate candidates via Cisco Discovery Protocol (CDP). You can choose which switches will be part of the cluster through this menu as well as the network map. Once you choose the member switches, the cluster is automatically created and begins operating.

As any network administrator worth his or her subnet calculator will tell you, redundancy is one of the most important considerations in any design. Cisco must also realize this, since it allows for redundant clustering via the Hot Standby Router Protocol, or HSRP. For groups of Cisco switches, this is configured in much the same way as it is on Cisco routers, with the creation of a virtual IP and MAC address. When the command switch fails, the switch in the standby group containing the highest user-defined priority inherits the phantom IP and MAC. Redundant cabling is also required in this configuration, so keep that in mind when deciding upon which switches to use as backups.

Fun with VLANs
Configuring and maintaining virtual LANs (VLANs) is also made easy, thanks to the Virtual Switch Manager. As you may know, VLANs are an excellent way to logically segment your network without regard to physical topology. For information on VLANS, read ”Designing and implementing a virtual LAN,” by Todd Lammle.

Depending on your particular switch, anywhere from 64 to 250 VLANs are available. By default, all ports are configured as static-access and are assigned to VLAN 1. Along with static-access ports, which can belong to only one VLAN, there are multiple-VLAN, trunk, and dynamic access ports to choose from.

Multiple-VLAN ports may belong to up to 250 VLANs (depending on your platform), but cannot coexist with a trunk port on the same switch. A trunk is a member of every VLAN by default and passes traffic between itself and another switch or a router. They may carry the traffic for all VLANs or an access-list defined subset. This allows for the extension of VLANs across an entire network. Dynamic ports are configured by the VLAN Membership Policy Server (VMPS) and allow for dynamic VLAN assignment based on MAC address.

By enabling the VLAN Trunk Protocol (VTP) on your switch, you gain even more control over your switched network. Once you create a VTP domain, all member switches begin exchanging VTP advertisements. This enables each switch to keep an updated database of VTP and VLAN configurations. You may also configure VTP pruning, which lets you limit broadcast traffic. This will permit you to have not only separate logical collision domains, but also separate logical broadcast domains. With a separate broadcast domain, you free the local router from having to make all broadcast traffic decisions and increase general throughput on the entire network.

Cascading, also known as stacking, can be performed on modular 2900 XL and 3500 XL series switches. In order to do so, you need a Cisco Gigastack Gigabit Interface Converter, or GBIC. A single two-port GBIC allows you to cascade up to nine switches operating at 1 Gbps in half-duplex mode or two switches operating at 2 Gbps in full-duplex mode. This is an excellent way to increase port density while maintaining an independent, high-speed backplane.

Many additional options are available with the GBIC, including redundant configurations. With a second GBIC in both the top and bottom stack members, you can run a crossover cable between the two in order to achieve extreme fail-over security. Using an extra port in the GBICs on the top and bottom provides this same feature, but only in later versions.

The VSM provides a great interface for almost any change you will need to make. So does the CMS, which can also serve as a single point of contact for the management of multiple switches in a cluster. VLANs can also be managed using the VSM, and VLANs offer an excellent way to logically divide your network in separate collision domains. With the combination of VLANs and VTP, you can implement the added benefit of separate broadcast domains without the need for an additional router. For high-speed core and distribution-level needs, there is cascading with Cisco’s Gigastack Gigabit Interface Converter.

As we have seen, Cisco offers many options for configuring your switches using Web-based tools. Cisco has attempted to make sure the tools all interoperate well with each other. Having said that, it is important to check the version of IOS your switch is running and to verify with Cisco the features that are supported. For most of the configurations we’ve covered, IOS 12.0(5) XU or higher is required.

Do you have tips for working with Cisco’s VSM interface?
How do you feel about using Web-based tools to manage Cisco switches? We look forward to getting your input and hearing about your experiences regarding this topic. Join the discussion below or send the editor an e-mail.

Editor's Picks