Cisco Sg3008 Manual

							Administration: Diagnostics
Displaying Optical Module Status
88 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
7
•MGBLH1: 1000BASE-LH SFP transceiver, for single-mode fiber, 1310 nm 
wavelength, supports up to 40 km.
•MGBLX1: 1000BASE-LX SFP transceiver, for single-mode fiber, 1310 nm 
wavelength, supports up to 10 km.
•MGBSX1:1000BASE-SX SFP transceiver, for multimode fiber, 850 nm 
wavelength, supports up to 550 m.
•MGBT1: 1000BASE-T SFP transceiver for category 5 copper wire, supports 
up to 100 m.
To view the results of optical tests, click Administration > Diagnostics > Optical 
Module Status.
This page displays the following fields:
•Port—Port number on which the SFP is connected.
•Description—Description of optical transceiver.
•Serial Number—Serial number of optical transceiver.
•PID—V L A N  I D.
•VID—ID of optical transceiver.
•Te m p e r a t u r e—Temperature (Celsius) at which the SFP is operating.
•Voltage—SFPs operating voltage.
•Current—SFPs current consumption.
•Output Power—Tr a n s m i t t e d  o p t i c a l  p o w e r.
•Input Power—Received optical power.
•Transmitter Fault—Remote SFP reports signal loss. Values are True, False, 
and No Signal (N/S).
•Loss of Signal—Local SFP reports signal loss. Values are True and False.
•Data Ready—SFP is operational. Values are True and False 
						

							Administration: Diagnostics
Configuring Port and VL AN Mirroring
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  89
7
 
Configuring Port and VLAN Mirroring
Port mirroring is used on a network device to send a copy of network packets 
seen on one device port, multiple device ports, or an entire VLAN to a network 
monitoring connection on another port on the device. This is commonly used for 
network appliances that require monitoring of network traffic, such as an intrusion-
detection system. A network analyzer connected to the monitoring port processes 
the data packets for diagnosing, debugging, and performance monitoring. 
Up to eight sources can be mirrored. This can be any combination of eight 
individual ports and/or VLANs.
A packet that is received on a network port assigned to a VLAN that is subject to 
mirroring is mirrored to the analyzer port even if the packet was eventually 
trapped or discarded. Packets sent by the device are mirrored when Transmit (Tx) 
mirroring is activated.
Mirroring does not guarantee that all traffic from the source port(s) is received on 
the analyzer (destination) port. If more data is sent to the analyzer port than it can 
support, some data might be lost.
VLAN mirroring is not active on a VLAN that was not manually created. For 
example, if VLAN 23 was created by GVRP, and you manually created VLAN 34, 
and you create port mirroring that includes VLAN 23, VLAN 34, or both, and later 
on delete VLAN 34, the status in port mirroring is set to Not Ready, because the 
VLAN34 is no longer in the database and VLAN23 was not created manually. 
Only one instance of mirroring is supported system-wide. The analyzer port (or 
target port for VLAN mirroring or port mirroring) is the same for all the mirrored 
VLANs or ports.
To enable mirroring:
STEP 1Click Administration > Diagnostics > Port and VLAN Mirroring.
The following fields are displayed:
•Destination Port—Port to which traffic is to be copied; the analyzer port. 
•Source Interface—Interface, port, or VLAN from which traffic is sent to the 
analyzer port. 
•Type—Type of monitoring: incoming to the port (Rx), outgoing from the port 
(Tx), or both.
•Status— Displays one of the following values: 
						

							Administration: Diagnostics
Viewing CPU Utilization and Secure Core Technology
90 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
7
-Active—Both source and destination interfaces are up and forwarding 
traffic.
-Not Ready—Either source or destination (or both) are down or not 
forwarding traffic for some reason.
STEP  2Click Add to add a port or VLAN to be mirrored.
STEP  3Enter the parameters:
•Destination Port—Select the analyzer port to where packets are copied. A 
network analyzer, such as a PC running Wireshark, is connected to this port. 
If a port is identified as an analyzer destination port, it remains the analyzer 
destination port until all entries are removed.
•Source Interface—Select the source port or source VLAN from where 
traffic is to be mirrored. 
•Type—Select whether incoming, outgoing, or both types of traffic are 
mirrored to the analyzer port. If Port is selected, the options are: 
-Rx Only—Port mirroring on incoming packets. 
-Tx  O n l y—Port mirroring on outgoing packets.
-Tx  a n d  R x—Port mirroring on both incoming and outgoing packets.
STEP  4Click Apply. Port mirroring is added to the Running Configuration.
Viewing CPU Utilization and Secure Core Technology
This section describes the Secure Core Technology (SCT) and how to view CPU 
usage.
The device handles the following types of traffic, in addition to end-user traffic:
•Management traffic
•Protocol traffic
•Snooping traffic 
						

							Administration: Diagnostics
Viewing CPU Utilization and Secure Core Technology
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  91
7
 
Excessive traffic burdens the CPU, and might prevent normal device operation. 
The device uses the Secure Core Technology (SCT) feature to ensure that the 
device receives and processes management and protocol traffic, no matter how 
much total traffic is received
. SCT is enabled by default on the device and cannot 
be disabled. 
There are no interactions with other features.
To display CPU utilization:
STEP 1Click Administration > Diagnostics > CPU Utilization.
The CPU Utilization page appears.
The CPU Input Rate field displays the rate of input frames to the CPU per second.
The window contains a graph of the CPU utilization. The Y axis is percentage of 
usage, and the X axis is the sample number.
STEP  2Select the Refresh Rate (time period in seconds) that passes before the statistics 
are refreshed. A new sample is created for each time period 
						

							8
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  92
 
Administration: Discovery
This section provides information for configuring Discovery. 
It covers the following topics:
•Bonjour
•LLDP and CDP
•Configuring LLDP 
•Configuring CDP
Bonjour
As a Bonjour client, the device periodically broadcasts Bonjour Discovery protocol 
packets to directly-connected IP subnet(s), advertising its existence and the 
services that it provides; for example, HTTP, HTTPs, and Telnet. (Use the Security 
> TCP/UDP Services page to enable or disable the device services.) The device 
can be discovered by a network management system or other third-party 
applications. By default, Bonjour is enabled on the Management VLAN. The 
Bonjour console automatically detects the device and displays it.
Bonjour in Layer 2 System Mode
When the device is in Layer 2 system mode, Bonjour Discovery is enabled 
globally; it cannot be enabled on a per-port or per-VLAN basis. The device 
advertises all of the services that have been turned on by the administrator based 
on the configuration on the Services page. 
When Bonjour Discovery and IGMP are both enabled, the IP Multicast address of 
Bonjour appears on the Adding IP Multicast Group Address page. 
						

							Administration: Discovery
Bonjour
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  93
8
 
When Bonjour Discovery is disabled, the device stops any service type 
advertisements and does not respond to requests for service from network 
management applications.
To globally enable Bonjour when the system is in Layer 2 system mode:
STEP 1Click Administration > Discovery - Bonjour.
STEP  2Select Enable to enable Bonjour Discovery globally on the device.
STEP  3Click Apply. Bonjour is enabled or disabled on the device according to the 
selection.
Bonjour in Layer 3 System Mode
In Layer 3 system mode, each interface (VLAN, port, or LAG) can be assigned an 
IP address. When Bonjour is enabled, the device can send Bonjour Discovery 
packets on all interfaces that have IP addresses. Bonjour can individually be 
assigned on a per-port and/or per-VLAN basis. When Bonjour is enabled, the 
device can send Bonjour Discovery packets to interfaces with IP addresses that 
have been associated with Bonjour on the Bonjour Discovery Interface Control 
table. (When the device is operating in Layer 3 system mode, go to IP 
Configuration > Management and IP Interface > IPv4 Interface to configure an 
IP address to an interface.) 
If an interface, such as a VLAN, is deleted, Goodbye packets are sent to deregister 
services the device is advertising from the neighboring cache table within the 
local network. The Bonjour Discovery Interface Control Table shows interfaces 
with IP addresses that are associated with the Bonjour feature. Any Bonjour 
advertisement can only be broadcasted to interfaces listed in this table. (See the 
Bonjour Discovery Interface Control Table on the Administration > Discovery - 
Bonjour page. If the available services are changed, those changes are advertised, 
deregistering services that are turned off and registering services that are turned 
on. If an IP address is changed, that change is advertised.
If Bonjour is disabled, the device does not send Bonjour Discovery advertisements 
and it does not listen for Bonjour Discovery advertisements sent by other devices.
To configure Bonjour when the device is in Layer 3 system mode:
STEP 1Click Administration > Discovery - Bonjour.
STEP  2Select Enable to enable Bonjour discovery globally.  
						

							Administration: Discovery
LLDP and CDP
94 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
8
STEP  3Click Apply to update the Running Configuration file.
STEP  4To enable Bonjour on an interface, click Add.
STEP  5Select the interface, and click Apply. 
NOTEClick Delete to disable Bonjour on an interface (this performs the delete operation 
without any additional operation, such as Apply).
LLDP and CDP
LLDP (Link Layer Discovery Protocol) and CDP (Cisco Discovery Protocol) are link 
layer protocols for directly-connected LLDP and CDP-capable neighbors to 
advertise themselves and their capabilities to each other. By default, the device 
sends an LLDP/CDP advertisement periodically to all its interfaces and terminates 
and processes incoming LLDP and CDP packets as required by the protocols. In 
LLDP and CDP, advertisements are encoded as TLV (Type, Length, Value) in the 
packet. 
The following CDP/LLDP configuration notes apply:
•CDP/LLDP can be globally enabled or disabled and enabled/disabled per 
port. The CDP/LLDP capability of a port is relevant only if CDP/LLDP is 
globally enabled.
•If CDP/LLDP is globally enabled, the device filters out incoming CDP/LLDP 
packets from ports that are CDP/LLDP-disabled. 
•If CDP/LLDP is globally disabled, the device can be configured to discard, 
VLAN-aware flooding, or VLAN-unaware flooding of all incoming CDP/LLDP 
packets. VLAN-aware flooding floods an incoming CDP/LLDP packet to the 
VLAN where the packet is received excluding the ingress port. VLAN-
unaware flooding floods an incoming CDP/LLDP packet to all the ports 
excluding the ingress port. The default is to discard CDP/LLDP packets 
when CDP/LLDP is globally disabled. You can configure the discard/
flooding of incoming CDP and LLDP packets from the CDP Properties page 
and the LLDP Properties page respectively.
•Auto Smartport requires CDP and/or LLDP to be enabled. Auto Smartport 
automatically configures an interface based on the CDP/LLDP 
advertisement received from the interface. 
						

							Administration: Discovery
Configuring LLDP
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  95
8
 
•CDP and LLDP end devices, such as IP phones, learn the voice VLAN 
configuration from CDP and LLDP advertisements. By default, the device is 
enabled to send out CDP and LLDP advertisement based on the voice 
VLAN configured at the device. Refer to the Voice VLAN and Auto Voice 
VLAN sections for details. 
NOTECDP/LLDP does not distinguish if a port is in a LAG. If there are multiple ports in a 
LAG, CDP/LLDP transmit packets on each port without taking into account the fact 
that the ports are in a LAG.
The operation of CDP/LLDP is independent of the STP status of an interface.
If 802.1x port access control is enabled at an interface, the device transmits and 
receives CDP/LLDP packets to and from the interface only if the interface is 
authenticated and authorized. 
If a port is the target of mirroring, then according to CDP/LLDP it is considered 
down.
NOTECDP and LLDP are link layer protocols for directly-connected CDP/LLDP capable 
devices to advertise themselves and their capabilities. In deployments where the 
CDP/LLDP-capable devices are not directly connected and are separated with 
CDP/LLDP-incapable devices, the CDP/LLDP-capable devices may be able to 
receive the advertisement from other device(s) only if the CDP/LLDP-incapable 
devices flood the CDP/LLDP packets they receives. If the CDP/LLDP-incapable 
devices perform VLAN-aware flooding, then CDP/LLDP-capable devices can hear 
each other only if they are in the same VLAN. A CDP/LLDP-capable device may 
receive advertisement from more than one device if the CDP/LLDP-incapable 
devices flood the CDP/LLDP packets. 
Configuring LLDP
This section describes how to configure LLDP. It covers the following topics:
•LLDP Overview
•Setting LLDP Properties
•Editing LLDP Port Settings
•LLDP MED Network Policy
•Configuring LLDP MED Port Settings
•Displaying LLDP Port Status 
						

							Administration: Discovery
Configuring LLDP
96 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
8
•Displaying LLDP Local Information
•Displaying LLDP Neighbors Information
•Accessing LLDP Statistics
•LLDP Overloading
LLDP Overview
LLDP is a protocol that enables network managers to troubleshoot and enhance 
network management in multi-vendor environments. LLDP standardizes methods 
for network devices to advertise themselves to other systems, and to store 
discovered information. 
LLDP enables a device to advertise its identification, configuration, and 
capabilities to neighboring devices that then store the data in a Management 
Information Base (MIB). The network management system models the topology of 
the network by querying these MIB databases.
LLDP is a link layer protocol. By default, the device terminates and processes all 
incoming LLDP packets as required by the protocol. 
The LLDP protocol has an extension called LLDP Media Endpoint Discovery 
(LLDP-MED), which provides and accepts information from media endpoint 
devices such as VoIP phones and video phones. For further information about 
LLDP-MED, see LLDP MED Network Policy. 
LLDP Configuration Workflow 
Following are examples of actions that can be performed with the LLDP feature 
and in a suggested order. You can refer to the LLDP/CDP section for additional 
guidelines on LLDP configuration. LLDP configuration pages are accessible under 
the Administration > Discovery LLDP menu.
1. Enter LLDP global parameters, such as the time interval for sending LLDP 
updates using the LLDP Properties page.
2. Configure LLDP per port by using the Port Settings page. On this page, 
interfaces can be configured to receive/transmit LLDP PDUs, send SNMP 
notifications, specify which TLVs to advertise, and advertise the devices 
management address.
3. Create LLDP MED network policies by using the LLDP MED Network Policy
 
page. 
						

							Administration: Discovery
Configuring LLDP
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  97
8
 
4. Associate LLDP MED network policies and the optional LLDP-MED TLVs to the 
desired interfaces by using the LLDP MED Port Settings page.
5. If Auto Smartport is to detect the capabilities of LLDP devices, enable LLDP in 
the Smartport Properties page.
6. Display overloading information by using the LLDP Overloading page.
Setting LLDP Properties
The LLDP Properties page enables entering LLDP general parameters, such as 
enabling/disabling the feature globally and setting timers.
To enter LLDP properties:
STEP 1Click Administration > Discovery - LLDP > Properties.
STEP  2Enter the parameters.
•LLDP Status—Select to enable LLDP on the device (enabled by default).
•LLDP Frames Handling—If LLDP is not enabled, select the action to be taken 
if a packet that matches the selected criteria is received:
-
Filtering—Delete the packet.
-
Flooding—Forward the packet to all VLAN members.
•TLV Advertise Interval—Enter the rate in seconds at which LLDP 
advertisement updates are sent, or use the default. 
•Topology Change SNMP Notification Interval—Enter the minimum time 
interval between SNMP notifications. 
•Hold Multiplier—Enter the amount of time that LLDP packets are held before 
the packets are discarded, measured in multiples of the TLV Advertise 
Interval. For example, if the TLV Advertise Interval is 30 seconds, and the 
Hold Multiplier is 4, then the LLDP packets are discarded after 120 seconds.
•Reinitializing Delay—Enter the time interval in seconds that passes 
between disabling and reinitializing LLDP, following an LLDP enable/disable 
cycle. 
•Transmit D elay—Enter the amount of time in seconds that passes between 
successive LLDP frame transmissions due to changes in the LLDP local 
systems MIB.