- Index
- Preface
- Overview
- Using the Command-Line Interface
- Clustering Switches
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Managing Switch Stacks
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Interface Characteristics
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring Private VLANs
- Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring LLDP, LLDP-MED, and Wired Location Service
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Embedded Event Manager
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels and Link-State Tracking
- Configuring TelePresence E911 IP Phone Support
- Configuring IP Unicast Routing
- Configuring IPv6 Routing
- Configuring IPv6 MLD Snooping
- Configuring IPv6 ACLs
- Configuring HSRP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Enhanced Object Tracking
- Configuring IP Multicast Routing
- Configuring MSDP
- Configuring Cache Services By Using WCCP
- Configuring Fallback Bridging
- Troubleshooting
- Configuring Online Diagnostics
- Configuring the Catalyst 3750G Integrated Wireless LAN Controller Switch
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(55)SE
Configuring SDM Templates
The Catalyst 3750 switch command reference has command syntax and usage information. Unless otherwise noted, the term switch refers to a standalone switch and a switch stack.
Understanding the SDM Templates
You can use SDM templates to configure system resources in the switch to optimize support for specific features, depending on how the switch is used in the network. You can select a template to provide maximum system usage for some functions or use the default template to balance resources.
To allocate ternary content addressable memory (TCAM) resources for different usages, the switch SDM templates prioritize system resources to optimize support for certain features. You can select SDM templates to optimize these features:
- Access—The access template maximizes system resources for access control lists (ACLs) to accommodate a large number of ACLs.
- Default—The default template gives balance to all functions.
- Routing—The routing template maximizes system resources for IPv4 unicast routing, typically required for a router or aggregator in the center of a network.
- VLANs—The VLAN template disables routing and supports the maximum number of unicast MAC addresses. It would typically be selected for a Layer 2 switch.
In addition, the dual IPv4 and IPv6 templates enable a dual stack environment. See the “Dual IPv4 and IPv6 SDM Templates” section.
There are two versions of each template: a desktop template and an aggregator template. The Catalyst 3750-12S switch can use the larger TCAM size available in the aggregator templates or can use the standard desktop templates. All other Catalyst 3750 switches support only the desktop templates. If you do not enter the desktop keyword on an aggregator switch, the aggregator templates are selected.
The first eight rows in the tables (unicast MAC addresses through security ACEs) represent approximate hardware boundaries set when a template is selected. If a section of a hardware resource is full, all processing overflow is sent to the CPU, seriously impacting switch performance. The last row is a guideline used to calculate hardware resource consumption related to the number of Layer 2 VLANs on the switch.
Dual IPv4 and IPv6 SDM Templates
You can select SDM templates to support IP Version 6 (IPv6). For more information about IPv6 and how to configure IPv6 routing, see Chapter38, “Configuring IP Unicast Routing”
This software release does not support Policy-Based Routing (PBR) when forwarding IPv6 traffic. The software supports IPv4 PBR only when the dual-ipv4-and-ipv6 routing template is configured.
The dual IPv4 and IPv6 templates allow the switch to be used in dual stack environments (supporting both IPv4 and IPv6). Using the dual stack templates results in less TCAM capacity allowed for each resource. Do not use them if you plan to forward only IPv4 traffic.
These SDM templates support IPv4 and IPv6 environments:
- Desktop dual IPv4 and IPv6 default template—supports Layer 2, multicast, routing, QoS, and ACLs for IPv4; and Layer 2, routing, and ACLs for IPv6 on desktop switches (all Catalyst 3750 switches except Catalyst 3750-12S).
- Desktop dual IPv4 and IPv6 routing template—supports Layer 2, multicast, routing (including policy-based routing), QoS, and ACLs for IPv4; and Layer 2, routing, and ACLs for IPv6 on desktop switches (all Catalyst 3750 switches except Catalyst 3750-12S).
- Desktop dual IPv4 and IPv6 VLAN template—supports basic Layer 2, multicast, QoS, and ACLs for IPv4, and basic Layer 2 and ACLs for IPv6 on desktop switches.
- Aggregator dual IPv4 and IPv6 default template—supports Layer 2, multicast, routing, QoS, and ACLs for IPv4, and Layer 2 and routing for IPv6 on Catalyst 3750-12S aggregator switches.
- Aggregator dual IPv4 and IPv6 routing template—supports Layer 2, multicast, routing (including policy-based routing), QoS, and ACLs for IPv4; and Layer 2, routing, and ACLs for IPv6 on Catalyst 3750-12S aggregator switches.
- Aggregator dual IPv4 and IPv6 VLAN template—supports basic Layer 2, multicast, QoS, and ACLs for IPv4,and basic Layer 2 and ACLs for IPv6 on Catalyst 3750-12S switches.
Note
An IPv4 route requires only one TCAM entry. Because of the hardware compression scheme used for IPv6, an IPv6 route can take more than one TCAM entry, reducing the number of entries forwarded in hardware. For example, for IPv6 directly connected IP addresses, the desktop template might allow less than two thousand entries.
|
|
|
|
|
|
|
|
|---|---|---|---|---|---|---|
IPv6 policy-based routing ACEs2 |
||||||
|
1.Template estimates are based on a switch with 8 routed interfaces and approximately 1000 VLANs. |
SDM Templates and Switch Stacks
All stack members use the same SDM template that is stored on the stack master. When a new switch is added to a stack, as with the switch configuration and VLAN database files, the SDM configuration that is stored on the stack master overrides the template configured on an individual switch. For more information about stacking, see Chapter5, “Managing Switch Stacks”
If the stack master is a desktop switch and a Catalyst 3750-12S running the aggregator template is added as a stack member, the stack operates with the desktop template selected on the stack master. This could result in configuration losses on the Catalyst 3750-12S if the number of TCAM entries on it exceeds desktop template sizes.
If the stack master is a Catalyst 3750-12S switch using an aggregator template and a new stack member is not a Catalyst 3750-12S, the stack member is not able to support the template that is running on the stack master. The switch attempting to join the stack goes into SDM mismatch mode, the stack master does not attempt to change the SDM template, and the switch cannot be a functioning member of the stack.
If the stack master is a Catalyst 3750-12S, changing the template can create these results:
- If you change the template from an aggregator template to a desktop template and reload the switch, the entire stack operates with the selected desktop template. This could cause configuration losses if the number of TCAM entries exceeds the desktop template sizes.
- If you change the template from a desktop template to an aggregator template and reload the switch, any desktop switches that were part of the stack go into the SDM mismatch mode. When this occurs, a syslog message is sent to the stack master indicating that a stack member has gone into the SDM mismatch mode and suggesting the steps to take to bring the switch out of the mismatch mode.
You can use the show switch privileged EXEC command to see if any stack members are in SDM mismatch mode. This example shows the output from the show switch privileged EXEC command when an SDM mismatch exists:
This is an example of a syslog message notifying the stack master that a stack member is in SDM mismatch mode:
Configuring the Switch SDM Template
Default SDM Template
The default template for desktop switches is the default desktop template. The default template for the Catalyst 3750-12S is the default aggregator template.
SDM Template Configuration Guidelines
- When you select and configure SDM templates, you must reload the switch for the configuration to take effect.
- Use the sdm prefer vlan global configuration command only on switches intended for Layer 2 switching with no routing. When you use the VLAN template, no system resources are reserved for routing entries, and any routing is done through software. This overloads the CPU and severely degrades routing performance.
- Do not use the routing template if you do not have routing enabled on your switch. The sdm prefer routing global configuration command prevents other features from using the memory allocated to unicast routing in the routing template.
- If you try to configure IPv6 features without first selecting a dual IPv4 and IPv6 template, a warning message appears.
- Using the dual stack templates results in less TCAM capacity allowed for each resource, so do not use it if you plan to forward only IPv4 traffic.
Setting the SDM Template
Beginning in privileged EXEC mode, follow these steps to use the SDM template to maximize feature usage:
After the system reboots, you can use the show sdm prefer privileged EXEC command to verify the new template configuration. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template in use and the template that becomes active after a reload.
This is an example of an output display when you have changed the template and have not reloaded the switch:
To return to the default template, use the no sdm prefer global configuration command.
This example shows how to configure a switch with the routing template (the desktop routing template for a desktop switch or the aggregator routing template for a Catalyst 3750-12S).
This example shows how to configure the desktop routing template on a Catalyst 3750-12S switch:
This example shows how to configure the IPv4-and-IPv6 default template on a desktop switch:
Displaying the SDM Templates
Use the show sdm prefer privileged EXEC command with no parameters to display the active template.
Use the show sdm prefer [ access | default | dual-ipv4-and-ipv6 { default | vlan | routing } vlan [ desktop ]] privileged EXEC command to display the resource numbers supported by the specified template.
Note The desktop keyword is available only on Catalyst 3750-12S aggregator switches.
This is an example of output from the show sdm prefer command, displaying the template in use.
This is an example of output from the show sdm prefer routing command entered on an aggregator switch:
This is an example of output from the show sdm prefer routing command entered on a desktop switch:
This is an example of output from the show sdm prefer dual-ipv4-and-ipv6 default command entered on a desktop switch:
Feedback