Basics of Cisco Switch Administration - Part 2
In Basics of Cisco Switch Administration – Part 1, we covered some of the basics of Cisco switch administration – how to log in, how to show configuration, how to change interface speed & duplex, how to enable switch ports, and how to show switch port status. In Part 2, we will stick to the basics of switch administration by covering how to save your configuration, how to use the Cisco Network Assistant, how to speed up switch port startup, and basic VLAN commands.
How to save your switch configuration
In Part 1 of this series, we talked about how to enable/disable ports and how to change speed & duplex settings. Those are necessary administrator functions but, when you are done, you must save your configuration. Cisco switches will not automatically save your changes. If you make these changes and the switch looses power, those changes are gone. You must save your changes when you are done. The minimum that is required is to save your changes to the local switch NVRAM. There are two ways to do this, let me demonstrate:
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
The textbook method of savings your configuration is: Switch# copy running-config startup-config However, a legacy command that is short and sweet is: Switch# wr Both of these commands save your running configuration in RAM to the file NVRAM:startup-config. When the switch is powered off, the running-config is lost. The startup-config is read when the switch boots and the running-config is created. I also highly recommend that you save your configuration onto TFTP server, in case your switch’s local NVRAM is completely lost. Once you have a TFTP server running, you can easily save your configuration to it like this: Switch# copy running-config tftp
How to use the Cisco Network Assistant
The Cisco Network Assistant (CNA) is a free graphics tool included when you purchase a new switch. It is used to administer Cisco network devices. CNA is a feature-rich tool and I cannot possibly go into everything it can do in this short article. I recommend CNA to anyone who would like a graphical interface for their Cisco network devices. Basically, CNA gives you an overview screen of your Cisco devices, like this:
Once you click on Configure then Port Settings, you will see something like this:
From here, you can configure the state, duplex, speed, and other options for your switch ports. In fact, you can configure most switch features with the CNA. Keep in mind that for all Cisco switches, there is also the web-based interface. It may be more limited than what CNA offers. This interface can be accessed directly with your web browser, or it can be launched via CNA. Here is a sample screenshot of my Cisco 3550 web-based interface:
How to speed up switch port startup
Switch ports could be connected to a variety of devices – other switches, routers, trunk ports, PC’s, or VoIP phones. Each of these devices has a different configuration. When a device is connected to a switch port, the switch will attempt to negotiate settings to match this device. These negotiations include ones for the Dynamic Trunk Protocol (DTP) (to see if the connected device wants to setup a trunk) and Spanning Tree Protocol (STP) (Used to ensure that the connection will not cause a loop).
These both take time and will delay the ability of your device (such as a PC) to transmit and receive data from the network. Most of the time, you are connecting a PC to a switch and you just want to be able to use the network as soon as possible, right?
The commands I recommend enabling on all PC/laptop/printer switch ports include these (All configured in interface configuration mode):
switchport mode access: Sets the switchport into a non-trunking mode
switchport nonegotiate (optional): Disables the switchport from negotiating
spanning-tree portfast: Disables STP negotiations which speeds switchport forwarding (ensure this switchport only connects to an endpoint device)
Basic VLAN commands
Most companies today use Virtual LANs (VLANs). As an administrator, you should know how to 1) see what device is on what VLAN and 2) to change the VLAN that a device is in. As you know, if your device is in the wrong VLAN, it won’t be able to communicate with the servers that it needs to talk to and/or it may be on the wrong IP subnet. To see what VLAN a device is in, my favorite command is show vlan brief. Here is an example:
As you can see, this command shows you what VLANs exist on this switch, and what switch ports are in what VLAN. Now, say that you want to change interface/port Fa0/21 from VLAN 1 (the default) to vlan 131. Let me show you how to do that:
That’s right, you simply go into interface configuration mode on the interface you want to change the VLAN, and use the switchport access vlan XXX command. Once you are done, to verify the vlan membership, just run the show vlan brief command again, like this:
You can see from the command output that Fa0/21 is now a member of VLAN 131.
Here is what we have learned:
- How to save your switch’s configuration
- How to use the Cisco Network Assistant
- How to speed up your switch port startup
- Basic VLAN commands
For more information on switch configuration, see the Cisco Cataylst 2950 switch administration guide.