- Preface
- Product Overview
- Command-Line Interfaces
- Configuring the Switch for the First Time
- Administering the Switch
- Configuring Virtual Switching Systems
- Configuring the Cisco IOS In-Service Software Upgrade Process
- Configuring the Cisco IOS XE In Service Software Upgrade Process
- Configuring Interfaces
- Checking Port Status and Connectivity
- Configuring Supervisor Engine Redundancy Using RPR and SSO on Supervisor Engine 6-E and Supervisor Engine 6L-E
- Configuring Supervisor Engine Redundancy Using RPR and SSO on Supervisor Engine 7-E, Supervisor Engine 7L-E, and Supervisor Engine 8-E
- Configuring Cisco NSF with SSO Supervisor Engine Redundancy
- Environmental Monitoring and Power Management
- Configuring Power over Ethernet
- Configuring the Catalyst 4500 Series Switch with Cisco Network Assistant
- Configuring VLANs, VTP, and VMPS
- Configuring IP Unnumbered Interface
- Configuring Layer 2 Ethernet Interfaces
- Configuring EVC-Lite
- Configuring Cisco IOS Auto Smartport Macros
- Configuring SmartPort Macros
- Configuring STP and MST
- Configuring Flex Links and MAC Address-Table Move Update
- Configuring Resilient Ethernet Protocol
- Configuring Optional STP Features
- Configuring EtherChannel and Link State Tracking
- Configuring IGMP Snooping and Filtering, and MVR
- Configuring IPv6 Multicast Listener Discovery Snooping
- Configuring 802.1Q Tunneling, VLAN Mapping, and Layer 2 Protocol Tunneling
- Configuring Cisco Discovery Protocol
- Configuring LLDP, LLDP-MED, and Location Service
- Configuring UDLD
- Configuring Unidirectional Ethernet
- Configuring Layer 3 Interfaces
- Configuring Cisco Express Forwarding
- Configuring Unicast Reverse Path Forwarding
- Configuring IP Multicast
- Configuring ANCP Client
- Configuring Bidirectional Forwarding Detection
- Configuring Policy-Based Routing
- Configuring VRF-lite
- Configuring Quality of Service
- Configuring Voice Interfaces
- Configuring Private VLANs
- Configuring MACsec Encryption
- Configuring 802.1X Port-Based Authentication
- Configuring the PPPoE Intermediate Agent
- Configuring Web-Based Authentication
- Configuring Wired Guest Access
- Configuring Port Security
- Configuring Auto Security
- Configuring Control Plane Policing and Layer 2 Control Packet QoS
- Configuring Dynamic ARP Inspection
- Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
- Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
- Configuring Network Security with ACLs
- Support for IPv6
- Port Unicast and Multicast Flood Blocking
- Configuring Storm Control
- Configuring SPAN and RSPAN
- Configuring Wireshark
- Configuring Enhanced Object Tracking
- Configuring System Message Logging
- Onboard Failure Logging (OBFL)
- Configuring SNMP
- Configuring NetFlow-lite
- Configuring Flexible NetFlow
- Configuring Ethernet OAM and CFM
- Configuring Y.1731 (AIS and RDI)
- Configuring Call Home
- Configuring Cisco IOS IP SLA Operations
- Configuring RMON
- Performing Diagnostics
- Configuring WCCP Version 2 Services
- Configuring MIB Support
- ROM Monitor
- Acronyms and Abbreviations
- About SmartPort Macros and Static SmartPort
- Configuring SmartPort Macros
Configuring SmartPort Macros
This chapter describes how to configure and apply SmartPort and Static SmartPort macros on your switch. This chapter consists of these sections:
- About SmartPort Macros and Static SmartPort
- Configuring SmartPort Macros
- Displaying SmartPort Macros
- Configuring Static SmartPort Macros
Note For complete syntax and usage information for the switch commands used in this chapter, see the Cisco Catalyst 4500 Series Switch Command Reference and related publications at this location:
http://www.cisco.com/en/US/products/hw/switches/ps4324/index.html
If a command is not in the Catalyst 4500 Series Switch Command Reference, you can locate it in the Cisco IOS library. See related publications at this location:
http://www.cisco.com/en/US/products/ps6350/index.html
About SmartPort Macros and Static SmartPort
SmartPort macros provide a convenient way to save and share common configurations. Use SmartPort macros to enable features and settings based on the location of a switch in the network and for mass configuration deployments across the network.
Each SmartPort macro is a set of CLI commands that you define. SmartPort macro sets do not contain new CLI commands; each SmartPort macro is a group of existing CLI commands.
When you apply a SmartPort macro on an interface, the CLI commands contained within the macro are configured on the interface. When the macro is applied to an interface, the existing interface configurations are not lost. The new commands are added to interface and are saved in the running configuration file.
In addition to SmartPort macros, static SmartPort macros provide port configuration that you manually apply based on the device connected to the port. When you apply a static SmartPort macro the CLI commands within the macro are added to the existing port configuration. When there is a link-down event on the port, the switch does not remove the static macro.
Cisco-default SmartPort macros are embedded in the switch software (see Table 21-1 ). You can display these macros and the commands they contain by using the show parser macro user EXEC command.
|
|
---|---|
Use this global configuration macro to enable rapid PVST+, loop guard, and dynamic port error recovery for link state failures. |
|
Use this interface configuration macro for increased network security and reliability when connecting a desktop device, such as a PC, to a switch port. |
|
Use this interface configuration macro when connecting a desktop device such as a PC with a Cisco IP Phone to a switch port. This macro is an extension of the cisco-desktop macro and provides the same security and resiliency features, but with the addition of dedicated voice VLANs to ensure proper treatment of delay-sensitive voice traffic. |
|
Use this interface configuration macro when connecting an access switch and a distribution switch or between access switches connected using GigaStack modules or GBICs. |
|
Use this interface configuration macro when connecting the switch and a WAN router. |
1.Cisco-default SmartPort macros vary depending on the software version running on your switch. |
Cisco also provides a collection of pretested, Cisco-recommended baseline configuration templates for Catalyst switches. The online reference guide templates provide the CLI commands that you use to create SmartPort macros based on the use of the port. Use the configuration templates to create SmartPort macros to build and deploy Cisco-recommended network designs and configurations.
Configuring SmartPort Macros
You can create a new SmartPort macro or use an existing macro as a template to create a new macro that is specific to your application. After you create the macro, you can apply it to an interface or a range of interfaces.
This section includes information about these topics:
- Passing Parameters Through the Macro
- Default SmartPort Macro Configuration
- SmartPort Macro Configuration Guidelines
- Creating SmartPort Macros
- Applying SmartPort Macros
Passing Parameters Through the Macro
Some commands might not be sufficiently generic for all the interfaces; for example, VLAN ID for Layer 2 interfaces and the IP address for Layer 3 interface. Retaining such commands in macro definitions requires that you change the value of such parameters (such as VLAN ID or IP address) before applying the macro to different interfaces. Alternatively, it requires that you create different macros for each possible value of its parameters.
The macro infrastructure can be enhanced to support accepting parameters while applying a macro. The parameters are passed as keyword-value pairs.
The CLI limits the number of keyword-value pairs to a maximum of three, where the first parameter must be the keyword, the second is its corresponding value, and the third parameter is the keyword for the second keyword-value pair. Here is an example of how to pass parameters to a command macro:
If the above macro is applied to some interface without parameters, the invalid commands fail. Instead, you should apply the macro with appropriate keyword-value pair parameters, as follows:
The above command applies the macro after replacing $VLANID with 1 and $MAXHOST with 5. Be aware that you can specify any string in the macro as a keyword.
Macro Parameter Help
It is often difficult to remember the macro keywords while applying a macro to an interface or switch. Macros can contain the definitions for mandatory keywords. If you apply a macro without those keyword values, the commands are considered invalid and they fail.
You can enhance the macro infrastructure to provide help on keywords defined in macros. While creating a macro, you can specify a help string (as a comment) to list the mandatory keywords for that macro.
The following example illustrates how to specify the help string for the keywords:
Help string can be anywhere in the macro. The following example illustrates an alternate way to specify the help string:
Default SmartPort Macro Configuration
This section illustrates the default configurations for the four supported macros. These macros can only be viewed and applied; they cannot be modified by the user.
cisco-global
This is the example for the cisco-global macro:
cisco-desktop
This is the example for the cisco-desktop macro:
cisco-phone
This is the example for the cisco-phone macro:
cisco-router
This is the example for the cisco-router macro:
cisco-switch
This is the example for the cisco-switch macro:
SmartPort Macro Configuration Guidelines
Follow these guidelines when configuring macros on your switch:
- If a command fails when you apply a macro, either due to a syntax error or to a configuration error, the macro continues to apply the remaining commands to the interface.
- cisco-global needs to be applied at the global configuration mode. We recommend that you apply this macro before any other interface level macro.
- Specific keywords are required when you apply the system-defined macros (cisco-desktop, cisco-phone, cisco-switch, and cisco-router) on an interface.
- When using the cisco-phone macro to apply port security, the port security maximum is 2 (switchport port-security maximum 2).
- At most, three keyword-value pairs are allowed per system-defined macro.
- When creating a macro, do not use the exit or end commands or change the command mode by using interface interface-id. This could cause commands that follow exit, end, or interface interface-id to execute in a different command mode.
- When creating a macro, ensure that all CLI commands are in the same configuration mode.
- When creating a macro that requires the assignment of unique values, use the parameter value keywords to designate values specific to the interface. Keyword matching is case sensitive. All matching occurrences of the keyword are replaced with the corresponding value. Any full match of a keyword, even if it is part of a larger string, is considered a match and is replaced by the corresponding value.
- Macro names are case sensitive. For example, the commands macro name Sample-Macro and macro name sample-macro result in two separate macros.
- Some macros might contain keywords that require a parameter value. Use the macro global apply macro-name ? global configuration command or the macro apply macro-name ? interface configuration command to display a list of any required values in the macro. If you apply a macro without entering the keyword values, the commands are invalid and are not applied.
- When a macro is applied globally to a switch or to a switch interface, all existing configuration on the interface is retained. it is helpful when applying an incremental configuration.
- If you modify a macro definition by adding or deleting commands, the changes are not reflected on the interface where the original macro was applied. You need to reapply the updated macro on the interface to apply the new or changed commands.
- Use the macro global trace macro-name global configuration command or the macro trace macro-name interface configuration command to apply and debug a macro to find any syntax or configuration errors. If a command fails because of a syntax error or a configuration error, the macro continues to apply the remaining commands.
- Some CLI commands are specific to certain interface types. If a macro is applied to an interface that does not accept the configuration, the macro fails the syntax check or the configuration check, and the switch returns an error message.
- Applying a macro to an interface range is the same as applying a macro to a single interface. When you use an interface range, the macro is applied sequentially to each interface within the range. If a macro command fails on one interface, it is still applied to the remaining interfaces.
- When you apply a macro to a switch or a switch interface, the macro name is automatically added to the macro description of the switch or interface. You can display the applied commands and macro names by using the show parser macro description user EXEC command.
- The user-configurable macro has a buffer that can take commands and comments up to 3000 characters. Each new line takes two characters, and empty lines are counted as is.
Cisco-default SmartPort macros are embedded in the switch software (see Table 21-1 ). You can display these macros and the commands they contain by using the show parser macro user EXEC command.
Follow these guidelines when you apply a Cisco-default SmartPort macro on an interface:
- Display all macros on the switch by using the show parser macro user EXEC command. Display the contents of a specific macro by using the show parser macro macro-name user EXEC command.
- Keywords that begin with $ mean that a unique parameter value is required. Append the Cisco-default macro with the required values by using the parameter value keywords.
The Cisco-default macros use the $ character to help identify required keywords. There is no restriction on using the $ character to define keywords when you create a macro.
Creating SmartPort Macros
To create a SmartPort macro, perform this task:
Applying SmartPort Macros
To apply a SmartPort macro, perform this task:
You can delete a global macro-applied configuration on a switch only by entering the no version of each command that is in the macro. You can delete a macro-applied configuration on an interface by entering the default interface interface-id interface configuration command.
The no form of the macro name global configuration command deletes only the macro definition. It does not affect the configuration of those interfaces on which the macro is already applied. You can delete a macro-applied configuration on an interface by entering the default interface interface-id interface configuration command. Alternatively, you can create an anti-macro for an existing macro that contains the no form of all the corresponding commands in the original macro and apply the anti-macro to the interface.
The following sections describe how to apply and display the attachments on each of the supported macros:
cisco-global
This example shows how to use the system-defined macro cisco-global:
cisco-desktop
This example shows how to use the system-defined macro cisco-desktop to assign a value of 35 to the access VLAN of the Fast Ethernet interface 2/9.
Note This macro requires the $AVID keyword, which is the access VLAN of the port.
cisco-phone
This example shows how to use the system-defined macro cisco-phone to assign a value of 35 to the access VLAN and 56 to the voice VLAN on the Fast Ethernet interface 2/9.
Note This macro requires the $AVID and $VVID keywords, which are the access and voice VLANs of the port.
cisco-switch
This example shows how to use the system-defined macro cisco-switch to assign a value of 38 to the native VLAN on the Fast Ethernet interface 2/9.
Note This macro requires the $NVID keyword, which is the native VLANs of the port.
cisco-router
This example shows how to use the system-defined macro cisco-router to assign a value of 451 to the native VLAN on the Fast Ethernet interface 2/9.
Note This macro requires the $NVID keyword, which is the native VLANs of the port.
Displaying SmartPort Macros
To display the SmartPort macros, use one or more of the privileged EXEC commands in Table 21-2 .
Configuring Static SmartPort Macros
This section describes how to configure and enable static SmartPort macros:
- Default SmartPort Macro Configuration
- SmartPort Macro Configuration Guidelines
- Applying Static SmartPort Macros
Default Static SmartPort Configuration
No static SmartPort macros are enabled on the switch.
|
|
---|---|
Use this global configuration macro to enable rapid PVST+, loop guard, and dynamic port error recovery for link state failures. |
|
Use this interface configuration macro for increased network security and reliability when connecting a desktop device, such as a PC, to a switch port. |
|
Use this interface configuration macro when connecting a desktop device such as a PC with a Cisco IP Phone to a switch port. This macro is an extension of the cisco-desktop macro and provides the same security and resiliency features, but with the addition of dedicated voice VLANs to ensure proper treatment of delay-sensitive voice traffic. |
|
Use this interface configuration macro when connecting an access switch and a distribution switch or between access switches connected by using small form-factor pluggable (SFP) modules. |
|
Use this interface configuration macro when connecting the switch and a WAN router. |
2.Cisco-default SmartPort macros vary, depending on the software version running on your switch. |
Static SmartPort Configuration Guidelines
- When a macro is applied globally to a switch or to a switch interface, all existing configuration on the interface is retained. it is helpful when applying an incremental configuration.
- If a command fails because of a syntax or a configuration error, the macro continues to apply the remaining commands. Use the macro global trace macro-name global configuration command or the macro trace macro-name interface configuration command to apply and debug a macro to find any syntax or configuration errors.
- Some CLI commands are specific to certain interface types. If you apply a macro to an interface that does not accept the configuration, the macro fails the syntax or the configuration check, and the switch returns an error message.
- Applying a macro to an interface range is the same as applying a macro to a single interface. When you use an interface range, the macro is applied sequentially to each interface within the range. If a macro command fails on one interface, it is still applied to the remaining interfaces.
- When you apply a macro to a switch or a switch interface, the macro name is automatically added to the switch or interface. You can display the applied commands and macro names by using the show running-config user EXEC command.
Applying Static SmartPort Macros
To apply a static SmartPort macro, perform these steps, beginning in privileged EXEC mode:
You can only delete a global macro-applied configuration on a switch by entering the no version of each command in the macro. You can delete a macro-applied configuration on a port by entering the default interface interface-id interface configuration command.
This example shows how to display the cisco-desktop macro, to apply the macro and to set the access VLAN ID to 25 on an interface: