Assigning the Switch IP Address and Default Gateway

Information About Performing Switch Setup Configuration

Review the sections in this module before performing your initial switch configuration tasks that include IP address assignments and DHCP autoconfiguration.

Switches Information Assignment

You can assign IP information through the switch setup program, through a DHCP server, or manually.

Use the switch setup program if you want to be prompted for specific IP information. With this program, you can also configure a hostname and an enable secret password.

It gives you the option of assigning a Telnet password (to provide security during remote management) and configuring your switch as a command or member switch of a cluster or as a standalone switch.

Use a DHCP server for centralized control and automatic assignment of IP information after the server is configured.

Note
Note

If you are using DHCP, do not respond to any of the questions in the setup program until the switch receives the dynamically assigned IP address and reads the configuration file.

If you are an experienced user familiar with the switch configuration steps, manually configure the switch. Otherwise, use the setup program described in the Boot Process section.

Default Switch Information

Table 1. Default Switch Information

Feature

Default Setting

IP address and subnet mask

No IP address or subnet mask are defined.

Default gateway

No default gateway is defined.

Enable secret password

No password is defined.

Hostname

The factory-assigned default hostname is Switch.

Telnet password

No password is defined.

Cluster command switch functionality

Disabled.

Cluster name

No cluster name is defined.

DHCP-Based Autoconfiguration Overview

DHCP provides configuration information to Internet hosts and internetworking devices. This protocol consists of two components: one for delivering configuration parameters from a DHCP server to a device and an operation for allocating network addresses to devices. DHCP is built on a client-server model, in which designated DHCP servers allocate network addresses and deliver configuration parameters to dynamically configured devices. The switch can act as both a DHCP client and a DHCP server.

During DHCP-based autoconfiguration, your switch (DHCP client) is automatically configured at startup with IP address information and a configuration file.

With DHCP-based autoconfiguration, no DHCP client-side configuration is needed on your switch. However, you need to configure the DHCP server for various lease options associated with IP addresses.

If you want to use DHCP to relay the configuration file location on the network, you might also need to configure a Trivial File Transfer Protocol (TFTP) server and a Domain Name System (DNS) server.

The DHCP server for your switch can be on the same LAN or on a different LAN than the switch. If the DHCP server is running on a different LAN, you should configure a DHCP relay device between your switch and the DHCP server. A relay device forwards broadcast traffic between two directly connected LANs. A router does not forward broadcast packets, but it forwards packets based on the destination IP address in the received packet.

DHCP-based autoconfiguration replaces the BOOTP client functionality on your switch.

DHCP Client Request Process

When you boot up your switch, the DHCP client is invoked and requests configuration information from a DHCP server when the configuration file is not present on the switch. If the configuration file is present and the configuration includes the ip address dhcp interface configuration command on specific routed interfaces, the DHCP client is invoked and requests the IP address information for those interfaces.

This is the sequence of messages that are exchanged between the DHCP client and the DHCP server.

Figure 1. DHCP Client and Server Message Exchange

The client, Switch A, broadcasts a DHCPDISCOVER message to locate a DHCP server. The DHCP server offers configuration parameters (such as an IP address, subnet mask, gateway IP address, DNS IP address, a lease for the IP address, and so forth) to the client in a DHCPOFFER unicast message.

In a DHCPREQUEST broadcast message, the client returns a formal request for the offered configuration information to the DHCP server. The formal request is broadcast so that all other DHCP servers that received the DHCPDISCOVER broadcast message from the client can reclaim the IP addresses that they offered to the client.

The DHCP server confirms that the IP address has been allocated to the client by returning a DHCPACK unicast message to the client. With this message, the client and server are bound, and the client uses configuration information received from the server. The amount of information the switch receives depends on how you configure the DHCP server.

If the configuration parameters sent to the client in the DHCPOFFER unicast message are invalid (a configuration error exists), the client returns a DHCPDECLINE broadcast message to the DHCP server.

The DHCP server sends the client a DHCPNAK denial broadcast message, which means that the offered configuration parameters have not been assigned, that an error has occurred during the negotiation of the parameters, or that the client has been slow in responding to the DHCPOFFER message (the DHCP server assigned the parameters to another client).

A DHCP client might receive offers from multiple DHCP or BOOTP servers and can accept any of the offers; however, the client usually accepts the first offer it receives. The offer from the DHCP server is not a guarantee that the IP address is allocated to the client; however, the server usually reserves the address until the client has had a chance to formally request the address. If the switch accepts replies from a BOOTP server and configures itself, the switch broadcasts, instead of unicasts, TFTP requests to obtain the switch configuration file.

The DHCP hostname option allows a group of switches to obtain hostnames and a standard configuration from the central management DHCP server. A client (switch) includes in its DCHPDISCOVER message an option 12 field used to request a hostname and other configuration parameters from the DHCP server. The configuration files on all clients are identical except for their DHCP-obtained hostnames.

If a client has a default hostname (the hostname name global configuration command is not configured or the no hostname global configuration command is entered to remove the hostname), the DHCP hostname option is not included in the packet when you enter the ip address dhcp interface configuration command. In this case, if the client receives the DCHP hostname option from the DHCP interaction while acquiring an IP address for an interface, the client accepts the DHCP hostname option and sets the flag to show that the system now has a hostname configured.

DHCP-based Autoconfiguration and Image Update

You can use the DHCP image upgrade features to configure a DHCP server to download both a new image and a new configuration file to one or more switches in a network. Simultaneous image and configuration upgrade for all switches in the network helps ensure that each new switch added to a network receives the same image and configuration.

There are two types of DHCP image upgrades: DHCP autoconfiguration and DHCP auto-image update.

Restrictions for DHCP-based Autoconfiguration

  • The DHCP-based autoconfiguration with a saved configuration process stops if there is not at least one Layer 3 interface in an up state without an assigned IP address in the network.

  • Unless you configure a timeout, the DHCP-based autoconfiguration with a saved configuration feature tries indefinitely to download an IP address.

  • The auto-install process stops if a configuration file cannot be downloaded or if the configuration file is corrupted.

  • The configuration file that is downloaded from TFTP is merged with the existing configuration in the running configuration but is not saved in the NVRAM unless you enter the write memory or copy running-configuration startup-configuration privileged EXEC command. If the downloaded configuration is saved to the startup configuration, the feature is not triggered during subsequent system restarts.

DHCP Autoconfiguration

DHCP autoconfiguration downloads a configuration file to one or more switches in your network from a DHCP server. The downloaded configuration file becomes the running configuration of the switch. It does not over write the bootup configuration saved in the flash, until you reload the switch.

DHCP Auto-Image Update

You can use DHCP auto-image upgrade with DHCP autoconfiguration to download both a configuration and a new image to one or more switches in your network. The switch (or switches) downloading the new configuration and the new image can be blank (or only have a default factory configuration loaded).

If the new configuration is downloaded to a switch that already has a configuration, the downloaded configuration is appended to the configuration file stored on the switch. (Any existing configuration is not overwritten by the downloaded one.)

To enable a DHCP auto-image update on the switch, the TFTP server where the image and configuration files are located must be configured with the correct option 67 (the configuration filename), option 66 (the DHCP server hostname) option 150 (the TFTP server address), and option 125 (description of the Cisco IOS image file) settings.

After you install the switch in your network, the auto-image update feature starts. The downloaded configuration file is saved in the running configuration of the switch, and the new image is downloaded and installed on the switch. When you reboot the switch, the configuration is stored in the saved configuration on the switch.

DHCP Server Configuration Guidelines

Follow these guidelines if you are configuring a device as a DHCP server:

  • You should configure the DHCP server with reserved leases that are bound to each switch by the switch hardware address.

  • If you want the switch to receive IP address information, you must configure the DHCP server with these lease options:

    • IP address of the client (required)

    • Subnet mask of the client (required)

    • DNS server IP address (optional)

    • Router IP address (default gateway address to be used by the switch) (required)

  • If you want the switch to receive the configuration file from a TFTP server, you must configure the DHCP server with these lease options:

    • TFTP server name (required)

    • Boot filename (the name of the configuration file that the client needs) (recommended)

    • Hostname (optional)

  • Depending on the settings of the DHCP server, the switch can receive IP address information, the configuration file, or both.

  • If you do not configure the DHCP server with the lease options described previously, it replies to client requests with only those parameters that are configured. If the IP address and the subnet mask are not in the reply, the switch is not configured. If the router IP address or the TFTP server name are not found, the switch might send broadcast, instead of unicast, TFTP requests. Unavailability of other lease options does not affect autoconfiguration.

  • The switch can act as a DHCP server. By default, the Cisco IOS DHCP server and relay agent features are enabled on your switch but are not configured. (These features are not operational.)

Purpose of the TFTP Server

Based on the DHCP server configuration, the switch attempts to download one or more configuration files from the TFTP server. If you configured the DHCP server to respond to the switch with all the options required for IP connectivity to the TFTP server, and if you configured the DHCP server with a TFTP server name, address, and configuration filename, the switch attempts to download the specified configuration file from the specified TFTP server.

If you did not specify the configuration filename, the TFTP server, or if the configuration file could not be downloaded, the switch attempts to download a configuration file by using various combinations of filenames and TFTP server addresses. The files include the specified configuration filename (if any) and these files: network-config, cisconet.cfg, hostname.config, or hostname.cfg, where hostname is the switch’s current hostname. The TFTP server addresses used include the specified TFTP server address (if any) and the broadcast address (255.255.255.255).

For the switch to successfully download a configuration file, the TFTP server must contain one or more configuration files in its base directory. The files can include these files:

  • The configuration file named in the DHCP reply (the actual switch configuration file).

  • The network-confg or the cisconet.cfg file (known as the default configuration files).

  • The router-confg or the ciscortr.cfg file (These files contain commands common to all switches. Normally, if the DHCP and TFTP servers are properly configured, these files are not accessed.)

If you specify the TFTP server name in the DHCP server-lease database, you must also configure the TFTP server name-to-IP-address mapping in the DNS-server database.

If the TFTP server to be used is on a different LAN from the switch, or if it is to be accessed by the switch through the broadcast address (which occurs if the DHCP server response does not contain all the required information described previously), a relay must be configured to forward the TFTP packets to the TFTP server. The preferred solution is to configure the DHCP server with all the required information.

Purpose of the DNS Server

The DHCP server uses the DNS server to resolve the TFTP server name to an IP address. You must configure the TFTP server name-to-IP address map on the DNS server. The TFTP server contains the configuration files for the switch.

You can configure the IP addresses of the DNS servers in the lease database of the DHCP server from where the DHCP replies will retrieve them. You can enter up to two DNS server IP addresses in the lease database.

The DNS server can be on the same LAN or on a different LAN from the switch. If it is on a different LAN, the switch must be able to access it through a router.

Purpose of the Relay Device

You must configure a relay device, also referred to as a relay agent, when a switch sends broadcast packets that require a response from a host on a different LAN. Examples of broadcast packets that the switch might send are DHCP, DNS, and in some cases, TFTP packets. You must configure this relay device to forward received broadcast packets on an interface to the destination host.

If the relay device is a Cisco router, enable IP routing (ip routing global configuration command), and configure helper addresses by using the ip helper-address interface configuration command.

Examples of Configuring the Relay Device

Configure the router interfaces as follows:

On interface 10.0.0.2: 

router(config-if)# ip helper-address 20.0.0.2  
router(config-if)# ip helper-address 20.0.0.3  
router(config-if)# ip helper-address 20.0.0.4

On interface 20.0.0.1 

router(config-if)# ip helper-address 10.0.0.1
Note
Note
If the switch is acting as the relay device, configure the interface as a routed port.
Figure 2. Relay Device Used in Autoconfiguration


How to Obtain Configuration Files

Depending on the availability of the IP address and the configuration filename in the DHCP reserved lease, the switch obtains its configuration information in these ways:

  • The IP address and the configuration filename is reserved for the switch and provided in the DHCP reply (one-file read method).

    The switch receives its IP address, subnet mask, TFTP server address, and the configuration filename from the DHCP server. The switch sends a unicast message to the TFTP server to retrieve the named configuration file from the base directory of the server and upon receipt, it completes its boot up process.

  • The IP address and the configuration filename is reserved for the switch, but the TFTP server address is not provided in the DHCP reply (one-file read method).

    The switch receives its IP address, subnet mask, and the configuration filename from the DHCP server. The switch sends a broadcast message to a TFTP server to retrieve the named configuration file from the base directory of the server, and upon receipt, it completes its boot-up process.

  • Only the IP address is reserved for the switch and provided in the DHCP reply. The configuration filename is not provided (two-file read method).

    The switch receives its IP address, subnet mask, and the TFTP server address from the DHCP server. The switch sends a unicast message to the TFTP server to retrieve the network-confg or cisconet.cfg default configuration file. (If the network-confg file cannot be read, the switch reads the cisconet.cfg file.)

    The default configuration file contains the hostnames-to-IP-address mapping for the switch. The switch fills its host table with the information in the file and obtains its hostname. If the hostname is not found in the file, the switch uses the hostname in the DHCP reply. If the hostname is not specified in the DHCP reply, the switch uses the default Switch as its hostname.

    After obtaining its hostname from the default configuration file or the DHCP reply, the switch reads the configuration file that has the same name as its hostname (hostname-confg or hostname.cfg, depending on whether network-confg or cisconet.cfg was read earlier) from the TFTP server. If the cisconet.cfg file is read, the filename of the host is truncated to eight characters.

    If the switch cannot read the network-confg, cisconet.cfg, or the hostname file, it reads the router-confg file. If the switch cannot read the router-confg file, it reads the ciscortr.cfg file.

Note
Note

The switch broadcasts TFTP server requests if the TFTP server is not obtained from the DHCP replies, if all attempts to read the configuration file through unicast transmissions fail, or if the TFTP server name cannot be resolved to an IP address.

Example of DHCP-Based Autoconfiguration Network

A sample network for retrieving IP information using DHCP-based autoconfiguration.
Figure 3. DHCP-Based Autoconfiguration Network


Table 2. DHCP Server Configuration
Switch A Switch B Switch C Switch D

Binding key (hardware address)

00e0.9f1e.2001

00e0.9f1e.2002

00e0.9f1e.2003

00e0.9f1e.2004

IP address

10.0.0.21

10.0.0.22

10.0.0.23

10.0.0.24

Subnet mask

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

Router address

10.0.0.10

10.0.0.10

10.0.0.10

10.0.0.10

DNS server address

10.0.0.2

10.0.0.2

10.0.0.2

10.0.0.2

TFTP server name

tftpserver or 10.0.0.3

tftpserver or 10.0.0.3

tftpserver or 10.0.0.3

tftpserver or 10.0.0.3

Boot filename (configuration file) (optional)

switcha-confg

switchb-confg

switchc-confg

switchd-confg

Hostname (optional)

switcha

switchb

switchc

switchd

Switch A reads its configuration file as follows:

  • It obtains its IP address 10.0.0.21 from the DHCP server.
  • If no configuration filename is given in the DHCP server reply, Switch A reads the network-confg file from the base directory of the TFTP server.
  • It adds the contents of the network-confg file to its host table.
  • It reads its host table by indexing its IP address 10.0.0.21 to its hostname (switcha).
  • It reads the configuration file that corresponds to its hostname; for example, it reads switch1-confg from the TFTP server.

Switches B through D retrieve their configuration files and IP addresses in the same way.

DNS Server Configuration

The DNS server maps the TFTP server name tftpserver to IP address 10.0.0.3.

TFTP Server Configuration (on UNIX)

The TFTP server base directory is set to /tftpserver/work/. This directory contains the network-confg file used in the two-file read method. This file contains the hostname to be assigned to the switch based on its IP address. The base directory also contains a configuration file for each switch (switcha-confg, switchb-confg, and so forth) as shown in this display: 
prompt> cd /tftpserver/work/  
prompt> 1s  
network-confg
switcha-confg
switchb-confg
switchc-confg
switchd-confg
prompt> cat network-confg  
ip host switcha 10.0.0.21
ip host switchb 10.0.0.22
ip host switchc 10.0.0.23
ip host switchd 10.0.0.24

DHCP Client Configuration

No configuration file is present on Switch A through Switch D.

Configuration Explanation

In the figure, DHCP-based autoconfiguration network, the Switch A reads its configuration file as follows:

  • It obtains its IP address 10.0.0.21 from the DHCP server.
  • If no configuration filename is given in the DHCP server reply, Switch A reads the network-confg file from the base directory of the TFTP server.
  • It adds the contents of the network-confg file to its host table.
  • It reads its host table by indexing its IP address 10.0.0.21 to its hostname (switcha).
  • It reads the configuration file that corresponds to its hostname; for example, it reads switch1-confg from the TFTP server.

Switches B through D retrieve their configuration files and IP addresses in the same way.

How to Control Environment Variables

With a normally operating switch, you enter the boot loader mode only through the console connection configured for 9600 bps. Unplug the switch power cord, and press the Mode button while reconnecting the power cord. You can release the Mode button after all the amber system LEDs turn on and remain solid. The boot loader switch prompt then appears.

The switch boot loader software provides support for nonvolatile environment variables, which can be used to control how the boot loader, or any other software running on the system, operates. Boot loader environment variables are similar to environment variables that can be set on UNIX or DOS systems.

Environment variables that have values are stored in flash memory outside of the flash file system.

Each line in these files contains an environment variable name and an equal sign followed by the value of the variable. A variable has no value if it is not present; it has a value if it is listed even if the value is a null string. A variable that is set to a null string (for example, “ ”) is a variable with a value. Many environment variables are predefined and have default values.

You can change the settings of the environment variables by accessing the boot loader or by using Cisco IOS commands. Under normal circumstances, it is not necessary to alter the setting of the environment variables.

Common Environment Variables

This table describes the function of the most common environment variables.

Table 3. Common Environment Variables

Variable

Boot Loader Command

Cisco IOS Global Configuration Command

BOOT

set BOOT filesystem :/ file-url ...

A semicolon-separated list of executable files to try to load and execute when automatically booting.

boot system {filesystem : /file-url ... | switch {number | all }}

Specifies the Cisco IOS image to load during the next boot cycle and the stack members on which the image is loaded. This command changes the setting of the BOOT environment variable.

The package provisioning file, also referred to as the packages.conf file, is used by the system to determine which software packages to activate during boot up.

  • When booting in installed mode, the package provisioning file specified in the boot command is used to determine which packages to activate. For example boot flash:packages.conf .

  • When booting in bundle mode, the package provisioning file contained in the booted bundle is used to activate the packages included in the bundle. For example, boot flash:image.bin .

MANUAL_BOOT

set MANUAL_BOOT yes

Decides whether the switch automatically or manually boots.

Valid values are 1, yes, 0, and no. If it is set to no or 0, the boot loader attempts to automatically boot up the system. If it is set to anything else, you must manually boot up the switch from the boot loader mode.

boot manual

Enables manually booting the switch during the next boot cycle and changes the setting of the MANUAL_BOOT environment variable.

The next time you reboot the system, the switch is in boot loader mode. To boot up the system, use the boot flash: filesystem :/ file-url boot loader command, and specify the name of the bootable image.

CONFIG_FILE

set CONFIG_FILE flash:/ file-url

Changes the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration.

boot config-file flash:/ file-url

Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. This command changes the CONFIG_FILE environment variable.

SWITCH_NUMBER

set SWITCH_NUMBER stack-member-number

Changes the member number of a stack member.

switch current-stack-member-number renumber new-stack-member-number

Changes the member number of a stack member.

SWITCH_PRIORITY

set SWITCH_PRIORITY stack-member-number

Changes the priority value of a stack member.

switch stack-member-number priority priority-number

Changes the priority value of a stack member.

BAUD

set BAUD baud-rate

line console 0

speed speed-value

Configures the baud rate.

ENABLE_BREAK

set ENABLE_BREAK yes/no

boot enable-break switch yes/no

Enables a break to the auto-boot cycle. You have 5 seconds to enter the break command.

Environment Variables for TFTP

When the switch is connected to a PC through the Ethernet management port, you can download or upload a configuration file to the boot loader by using TFTP. Make sure the environment variables in this table are configured.

Table 4. Environment Variables for TFTP

Variable

Description

MAC_ADDR

Specifies the MAC address of the switch.

Note 

We recommend that you do not modify this variable.

However, if you modify this variable after the boot loader is up or the value is different from the saved value, enter this command before using TFTP.

IP_ADDR

Specifies the IP address and the subnet mask for the associated IP subnet of the switch.

DEFAULT_ROUTER

Specifies the IP address and subnet mask of the default gateway.

Scheduled Reload of the Software Image

You can schedule a reload of the software image to occur on the switch at a later time (for example, late at night or during the weekend when the switch is used less), or you can synchronize a reload network-wide (for example, to perform a software upgrade on all switches in the network).

You have these reload options:

  • Reload of the software to take affect in the specified minutes or hours and minutes. The reload must take place within approximately 24 hours. You can specify the reason for the reload in a string up to 255 characters in length.

  • Reload of the software to take place at the specified time (using a 24-hour clock). If you specify the month and day, the reload is scheduled to take place at the specified time and date. If you do not specify the month and day, the reload takes place at the specified time on the current day (if the specified time is later than the current time) or on the next day (if the specified time is earlier than the current time). Specifying 00:00 schedules the reload for midnight.

The reload command halts the system. If the system is not set to manually boot up, it reboots itself.

If your switch is configured for manual booting, do not reload it from a virtual terminal. This restriction prevents the switch from entering the boot loader mode and then taking it from the remote user’s control.

If you modify your configuration file, the switch prompts you to save the configuration before reloading. During the save operation, the system requests whether you want to proceed with the save if the CONFIG_FILE environment variable points to a startup configuration file that no longer exists. If you proceed in this situation, the system enters setup mode upon reload.

To cancel a previously scheduled reload, use the reload cancel privileged EXEC command.

How to Perform Switch Setup Configuration

Using DHCP to download a new image and a new configuration to a switch requires that you configure at least two switches. One switch acts as a DHCP and TFTP server and the second switch (client) is configured to download either a new configuration file or a new configuration file and a new image file.

Configuring DHCP Autoconfiguration (Only Configuration File)

This task describes how to configure DHCP autoconfiguration of the TFTP and DHCP settings on an existing switch in the network so that it can support the autoconfiguration of a new switch.

SUMMARY STEPS

  1. configure terminal
  2. ip dhcp pool poolname
  3. boot filename
  4. network network-number mask prefix-length
  5. default-router address
  6. option 150 address
  7. exit
  8. tftp-server flash :filename.text
  9. interface interface-id
  10. no switchport
  11. ip address address mask
  12. end

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:


Switch# configure terminal

Enters global configuration mode.
Step 2

ip dhcp pool poolname

Example:


Switch(config)# ip dhcp pool pool

Creates a name for the DHCP server address pool, and enters DHCP pool configuration mode.
Step 3

boot filename

Example:


Switch(dhcp-config)# boot config-boot.text

Specifies the name of the configuration file that is used as a boot image.
Step 4

network network-number mask prefix-length

Example:


Switch(dhcp-config)# network 10.10.10.0 255.255.255.0

Specifies the subnet network number and mask of the DHCP address pool.

Note 

The prefix length specifies the number of bits that comprise the address prefix. The prefix is an alternative way of specifying the network mask of the client. The prefix length must be preceded by a forward slash (/).

Step 5

default-router address

Example:


Switch(dhcp-config)# default-router 10.10.10.1

Specifies the IP address of the default router for a DHCP client.

Step 6

option 150 address

Example:


Switch(dhcp-config)# option 150 10.10.10.1

Specifies the IP address of the TFTP server.
Step 7

exit

Example:


Switch(dhcp-config)# exit

Returns to global configuration mode.
Step 8

tftp-server flash :filename.text

Example:


Switch(config)# tftp-server flash:config-boot.text

Specifies the configuration file on the TFTP server.

Step 9

interface interface-id

Example:


Switch(config)# interface gigabitethernet1/0/4

Specifies the address of the client that will receive the configuration file.
Step 10

no switchport

Example:


Switch(config-if)# no switchport

Puts the interface into Layer 3 mode.
Step 11

ip address address mask

Example:


Switch(config-if)# ip address 10.10.10.1 255.255.255.0

Specifies the IP address and mask for the interface.
Step 12

end

Example:


Switch(config-if)# end

Returns to privileged EXEC mode.

Configuring DHCP Auto-Image Update (Configuration File and Image)

This task describes DHCP autoconfiguration to configure TFTP and DHCP settings on an existing switch to support the installation of a new switch.

Before you begin

You must first create a text file (for example, autoinstall_dhcp) that will be uploaded to the switch. In the text file, put the name of the image that you want to download (forexample, c3750e-ipservices-mz.122-44.3.SE.tarc3750x-ipservices-mz.122-53.3.SE2.tar). This image must be a tar and not a bin file.

SUMMARY STEPS

  1. configure terminal
  2. ip dhcp pool poolname
  3. boot filename
  4. network network-number mask prefix-length
  5. default-router address
  6. option 150 address
  7. option 125 hex
  8. copy tftp flash filename.txt
  9. copy tftp flash imagename.bin
  10. exit
  11. tftp-server flash: config.text
  12. tftp-server flash: imagename.bin
  13. tftp-server flash: filename.txt
  14. interface interface-id
  15. no switchport
  16. ip address address mask
  17. end
  18. copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:


Switch# configure terminal

Enters global configuration mode.

Step 2

ip dhcp pool poolname

Example:


Switch(config)# ip dhcp pool pool1

Creates a name for the DHCP server address pool and enter DHCP pool configuration mode.

Step 3

boot filename

Example:


Switch(dhcp-config)# boot config-boot.text

Specifies the name of the file that is used as a boot image.

Step 4

network network-number mask prefix-length

Example:


Switch(dhcp-config)# network 10.10.10.0 255.255.255.0

Specifies the subnet network number and mask of the DHCP address pool.

Note 

The prefix length specifies the number of bits that comprise the address prefix. The prefix is an alternative way of specifying the network mask of the client. The prefix length must be preceded by a forward slash (/).

Step 5

default-router address

Example:


Switch(dhcp-config)# default-router 10.10.10.1

Specifies the IP address of the default router for a DHCP client.

Step 6

option 150 address

Example:


Switch(dhcp-config)# option 150 10.10.10.1

Specifies the IP address of the TFTP server.

Step 7

option 125 hex

Example:


Switch(dhcp-config)# option 125 hex 0000.0009.0a05.08661.7574.6f69.6e73.7461.6c6c.5f64.686370

Specifies the path to the text file that describes the path to the image file.

Step 8

copy tftp flash filename.txt

Example:


Switch(config)# copy tftp flash image.bin

Uploads the text file to the switch.

Step 9

copy tftp flash imagename.bin

Example:


Switch(config)# copy tftp flash image.bin

Uploads the tar file for the new image to the switch.

Step 10

exit

Example:


Switch(dhcp-config)# exit

Returns to global configuration mode.

Step 11

tftp-server flash: config.text

Example:


Switch(config)# tftp-server flash:config-boot.text

Specifies the Cisco IOS configuration file on the TFTP server.

Step 12

tftp-server flash: imagename.bin

Example:


Switch(config)# tftp-server flash:image.bin

Specifies the image name on the TFTP server.

Step 13

tftp-server flash: filename.txt

Example:


Switch(config)# tftp-server flash:boot-config.text

Specifies the text file that contains the name of the image file to download

Step 14

interface interface-id

Example:


Switch(config)# interface gigabitEthernet1/0/4

Specifies the address of the client that will receive the configuration file.

Step 15

no switchport

Example:


Switch(config-if)# no switchport

Puts the interface into Layer 3 mode.

Step 16

ip address address mask

Example:


Switch(config-if)# ip address 10.10.10.1 255.255.255.0

Specifies the IP address and mask for the interface.

Step 17

end

Example:


Switch(config-if)# end

Returns to privileged EXEC mode.

Step 18

copy running-config startup-config

Example:


Switch(config-if)# end

(Optional) Saves your entries in the configuration file.

Configuring the Client to Download Files from DHCP Server

Note
Note

You should only configure and enable the Layer 3 interface. Do not assign an IP address or DHCP-based autoconfiguration with a saved configuration.

SUMMARY STEPS

  1. configure terminal
  2. boot host dhcp
  3. boot host retry timeout timeout-value
  4. banner config-save ^C warning-message ^C
  5. end
  6. show boot

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:


Switch# configure terminal

Enters global configuration mode.
Step 2

boot host dhcp

Example:


Switch(conf)# boot host dhcp

Enables autoconfiguration with a saved configuration.
Step 3

boot host retry timeout timeout-value

Example:


Switch(conf)# boot host retry timeout 300

(Optional) Sets the amount of time the system tries to download a configuration file.

Note 

If you do not set a timeout, the system will try indefinitely to obtain an IP address from the DHCP server.
Step 4

banner config-save ^C warning-message ^C

Example:


Switch(conf)# banner config-save ^C Caution - Saving Configuration File 
to NVRAM May Cause You to No longer Automatically Download Configuration Files at Reboot^C

(Optional) Creates warning messages to be displayed when you try to save the configuration file to NVRAM.
Step 5

end

Example:


Switch(config-if)# end

Returns to privileged EXEC mode.
Step 6

show boot

Example:


Switch# show boot

Verifies the configuration.

Manually Assigning IP Information to Multiple SVIs

This task describes how to manually assign IP information to multiple switched virtual interfaces (SVIs):

SUMMARY STEPS

  1. configure terminal
  2. interface vlan vlan-id
  3. ip address ip-address subnet-mask
  4. exit
  5. ip default-gateway ip-address
  6. end
  7. show interfaces vlan vlan-id
  8. show ip redirects

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:


Switch# configure terminal

Enters global configuration mode.

Step 2

interface vlan vlan-id

Example:


Switch(config)# interface vlan 99

Enters interface configuration mode, and enters the VLAN to which the IP information is assigned. The range is 1 to 4094.

Step 3

ip address ip-address subnet-mask

Example:


Switch(config-vlan)# ip address 10.10.10.2 255.255.255.0

Enters the IP address and subnet mask.

Step 4

exit

Example:


Switch(config-vlan)# exit

Returns to global configuration mode.

Step 5

ip default-gateway ip-address

Example:


Switch(config)# ip default-gateway 10.10.10.1

Enters the IP address of the next-hop router interface that is directly connected to the switch where a default gateway is being configured. The default gateway receives IP packets with unresolved destination IP addresses from the switch.

Once the default gateway is configured, the switch has connectivity to the remote networks with which a host needs to communicate.

Note 

When your switch is configured to route with IP, it does not need to have a default gateway set.

Note 

The switch capwap relays on default-gateway configuration to support routed access point join the switch.

Step 6

end

Example:


Switch(config)# end

Returns to privileged EXEC mode.

Step 7

show interfaces vlan vlan-id

Example:


Switch# show interfaces vlan 99

Verifies the configured IP address.

Step 8

show ip redirects

Example:


Switch# show ip redirects

Verifies the configured default gateway.

Modifying the Switch Startup Configuration

Default Boot Configuration

Feature Default Setting
Operating system software image

The switch attempts to automatically boot up the system using information in the BOOT environment variable. If the variable is not set, the switch attempts to load and execute the first executable image it can by performing a recursive, depth-first search throughout the flash file system.

The Cisco IOS image is stored in a directory that has the same name as the image file (excluding the .bin extension).

In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory.

Configuration file

Configured switches use the config.text file stored on the system board in flash memory.

A new switch has no configuration file.

Specifying the Filename to Read and Write the System Configuration

By default, the Cisco IOS software uses the config.text file to read and write a nonvolatile copy of the system configuration. However, you can specify a different filename, which will be loaded during the next boot cycle.

Before you begin

Use a standalone switch for this task.

SUMMARY STEPS

  1. configure terminal
  2. boot flash :/file-url
  3. end
  4. show boot
  5. copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

Switch# configure terminal

Enters global configuration mode.

Step 2

boot flash :/file-url

Example:

Switch(config)# boot flash:config.text

Specifies the configuration file to load during the next boot cycle.

file-url —The path (directory) and the configuration filename.

Filenames and directory names are case-sensitive.

Step 3

end

Example:

Switch(config)# end

Returns to privileged EXEC mode.

Step 4

show boot

Example:

Switch# show boot

Verifies your entries.

The boot global configuration command changes the setting of the CONFIG_FILE environment variable.

Step 5

copy running-config startup-config

Example:

Switch# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Manually Booting the Switch

By default, the switch automatically boots up; however, you can configure it to manually boot up.

Before you begin

Use a standalone switch for this task.

SUMMARY STEPS

  1. configure terminal
  2. boot manual
  3. end
  4. show boot
  5. copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

Switch# configure terminal

Enters global configuration mode.

Step 2

boot manual

Example:

Switch(config)# boot manual

Enables the switch to manually boot up during the next boot cycle.

Step 3

end

Example:

Switch(config)# end

Returns to privileged EXEC mode.

Step 4

show boot

Example:

Switch# show boot

Verifies your entries.

The boot manual global command changes the setting of the MANUAL_BOOT environment variable.

The next time you reboot the system, the switch is in boot loader mode, shown by the switch: prompt. To boot up the system, use the boot filesystem:/file-url boot loader command.

  • filesystem :—Uses flash: for the system board flash device. 
    switch: boot flash:

  • For file-url —Specifies the path (directory) and the name of the bootable image.

Filenames and directory names are case-sensitive.

Step 5

copy running-config startup-config

Example:

Switch# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Booting a Specific Software Image On a Switch Stack

By default, the switch attempts to automatically boot up the system using information in the BOOT environment variable. If this variable is not set, the switch attempts to load and execute the first executable image it can by performing a recursive, depth-first search throughout the flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory. However, you can specify a specific image to boot up.

SUMMARY STEPS

  1. configure terminal
  2. boot system switch {number | all }
  3. end
  4. show boot system
  5. copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

Switch# configure terminal

Enters global configuration mode.

Step 2

boot system switch {number | all }

Example:

Switch(config)# boot system switch 2 flash:cat3850-universalk9.SSA.03.08.83.EMD.150-8.83.EMD.bin

(Optional) For switches in a stack, specifies the switch members on which the system image is loaded during the next boot cycle:

  • Use number to specify a stack member. (Specify only one stack member.)

  • Use all to specify all stack members.

If you enter on a Catalyst 3750-X stack master or member, you can only specify the switch image for other Catalyst 3750-X stack members.

If you enter on a Catalyst 3750-E stack master or member, you can only specify the switch image for other Catalyst 3750-E stack members.

If you want to specify the image for a Catalyst 3750 switch, enter this command on the Catalyst 3750 stack member.

Step 3

end

Example:

Switch(config)# end

Returns to privileged EXEC mode.

Step 4

show boot system

Example:

Switch# show boot system

Verifies your entries.

The boot system global command changes the setting of the BOOT environment variable.

During the next boot cycle, the switch attempts to automatically boot up the system using information in the BOOT environment variable.

Step 5

copy running-config startup-config

Example:

Switch# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Controlling Environment Variables

With a normally operating switch, you enter the boot loader mode only through a switch console connection configured for 9600 b/s. Unplug the switch power cord, and press the switch Mode button while reconnecting the power cord. You can release the Mode button a second or two after the LED above port 1 turns off. Then the boot loader switch: prompt appears.

The switch boot loader software provides support for nonvolatile environment variables, which can be used to control how the boot loader, or any other software running on the system, behaves. Boot loader environment variables are similar to environment variables that can be set on UNIX or DOS systems.

Environment variables that have values are stored in flash memory outside of the flash file system.

Each line in these files contains an environment variable name and an equal sign followed by the value of the variable. A variable has no value if it is not listed in this file; it has a value if it is listed in the file even if the value is a null string. A variable that is set to a null string (for example, " ") is a variable with a value. Many environment variables are predefined and have default values.

Environment variables store two kinds of data:

  • Data that controls code, which does not read the Cisco IOS configuration file. For example, the name of a boot loader helper file, which extends or patches the functionality of the boot loader can be stored as an environment variable.

  • Data that controls code, which is responsible for reading the Cisco IOS configuration file. For example, the name of the Cisco IOS configuration file can be stored as an environment variable.

You can change the settings of the environment variables by accessing the boot loader or by using Cisco IOS commands. Under normal circumstances, it is not necessary to alter the setting of the environment variables.

Note
Note

For complete syntax and usage information for the boot loader commands and environment variables, see the command reference for this release.

Table 5. Environment Variables
Variable Boot Loader Command Cisco IOS Global Configuration Command

BOOT

set BOOT filesystem :/ file-url ...

A semicolon-separated list of executable files to try to load and execute when automatically booting. If the BOOT environment variable is not set, the system attempts to load and execute the first executable image it can find by using a recursive, depth-first search through the flash file system. If the BOOT variable is set but the specified images cannot be loaded, the system attempts to boot the first bootable file that it can find in the flash file system.

boot system filesystem:/file-url ...

Specifies the Cisco IOS image to load during the next boot cycle. This command changes the setting of the BOOT environment variable

MANUAL_BOOT

set MANUAL_BOOT yes

Decides whether the switch automatically or manually boots up.

Valid values are 1, yes, 0, and no. If it is set to no or 0, the boot loader attempts to automatically boot up the system. If it is set to anything else, you must manually boot up the switch from the boot loader mode.

boot manual

Enables manually booting up the switch during the next boot cycle and changes the setting of the MANUAL_BOOT environment variable.

The next time you reboot the system, the switch is in boot loader mode. To boot up the system, use the boot flash: filesystem :/ file-url boot loader command, and specify the name of the bootable image.

CONFIG_FILE

set CONFIG_FILE flash: / file-url

boot config-file flash: / file-url

Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. This command changes the CONFIG_FILE environment variable.

SWITCH_NUMBER

set SWITCH_NUMBER stack-member-number

Changes the member number of a stack member.

switch current-stack-member-numberrenumber new-stack-member-number

Changes the member number of a stack member.

Note 

This command is supported only on Catalyst 3750-E Catalyst 3750-X switches.

SWITCH_PRIORITY

set SWITCH_PRIORITY stack-member-number

Changes the priority value of a stack member

switch stack-member-number priority priority- number

Changes the priority value of a stack member.

Note 

This command is supported only on Catalyst 3750-E Catalyst 3750-X switches.

Scheduling a Reload of the Software Image

You can schedule a reload of the software image to occur on the switch at a later time (for example, late at night or during the weekend when the switch is used less), or you can synchronize a reload network-wide (for example, to perform a software upgrade on all switches in the network).
Note
Note
A scheduled reload must take place within approximately 24 days.

Configuring a Scheduled Reload

To configure your switch to reload the software image at a later time, use one of these commands in privileged EXEC mode:

  • reload in [hh :]mm [text]

    This command schedules a reload of the software to take affect in the specified minutes or hours and minutes. The reload must take place within approximately 24 days. You can specify the reason for the reload in a string up to 255 characters in length.

  • reload at hh:mm [month dayI day month [text]

    This command schedules a reload of the software to take place at the specified time (using a 24-hour clock). If you specify the month and day, the reload is scheduled to take place at the specified time and date. If you do not specify the month and day, the reload takes place at the specified time on the current day (if the specified time is later than the current time) or on the next day (if the specified time is earlier than the current time). Specifying 00:00 schedules the reload for midnight.
    Note
    Note
    Use the at keyword only if the switch system clock has been set (through Network Time Protocol (NTP), the hardware calendar, or manually). The time is relative to the configured time zone on the switch. To schedule reloads across several switches to occur simultaneously, the time on each switch must be synchronized with NTP.

    The reload command halts the system. If the system is not set to manually boot up, it reboots itself. Use the reload command after you save the switch configuration information to the startup configuration (copy running-config startup-config).

    If your switch is configured for manual booting, do not reload it from a virtual terminal. This restriction prevents the switch from entering the boot loader mode and thereby taking it from the remote user's control.

If you modify your configuration file, the switch prompts you to save the configuration before reloading. During the save operation, the system requests whether you want to proceed with the save if the CONFIG_FILE environment variable points to a startup configuration file that no longer exists. If you proceed in this situation, the system enters setup mode upon reload.

This example shows how to reload the software on the switch on the current day at 7:30 p.m: 

Switch# reload at 19:30  
Reload scheduled for 19:30:00 UTC Wed Jun 5 1996 (in 2 hours and 25 minutes)
Proceed with reload? [confirm]

This example shows how to reload the software on the switch at a future time: 

Switch# reload at 02:00 jun 20  
Reload scheduled for 02:00:00 UTC Thu Jun 20 1996 (in 344 hours and 53 minutes)
Proceed with reload? [confirm]

To cancel a previously scheduled reload, use the reload cancel privileged EXEC command

Displaying Scheduled Reload Information

To display information about a previously scheduled reload or to find out if a reload has been scheduled on the switch, use the show reload privileged EXEC command.

It displays reload information including the time the reload is scheduled to occur and the reason for the reload (if it was specified when the reload was scheduled).

Boot Loader Upgrade and Image Verification for the FIPS Mode of Operation

To operate in the FIPS mode, complete these steps:

  • Enable the FIPS mode on the switch.To enable the FIPS mode, enter the fips authorization-key authorization-key global configuration command. To disable the FIPS mode, use the no version of the command.

  • Use signed and validated images. Cisco IOS Release 15.2(1)E supports an updated boot loader that can validate the Cisco IOS image signature only in the FIPS mode of operation.

Note
Note

Ensure that the power is not turned off while updating the boot loader. If the power is turned off during the update, you will have to replace the switch by using a Return Merchandise Authorization (RMA) license.

Table 4-6 describes upgrade and downgrade scenarios using different images and using the FIPS mode or non-FIPS mode:

Table 6. Upgrade and Downgrade Scenarios Relating to FIPS Certified Images
Upgrade/ Downgrade Scenario Action Status or Result

Upgrade from an image that is in the FIPS mode to a Cisco IOS Release 15.2(1)E image in the FIPS mode.

Boot with the Cisco IOS Release 15.2(1)E image.

  • The boot loader is upgraded.
  • The image signature is verified.
  • The following message appears in the boot sequence: “Image passed digital signature verification.”
Note 

If you upload a corrupt or unsigned image, the following message appears during boot up: “Image verification failed.”

Upgrade from a switch that is in the non-FIPS mode to a Cisco IOS Release 15.2(1)E image in the FIPS mode

  • Configure the fips authorization- key authorization-key global configuration command
  • Reload the switch for the FIPS key to be operational. By default, the switch automatically boots up; however, if you have configured it to boot up manually, you have to initiate the reboot.
  • After the boot loader is upgraded, boot with the Cisco IOS Release 15.2(1)E image.
  • The boot loader is upgraded.
  • The image signature is verified.
Note 

If you upload a corrupt or unsigned image, the following message appears during boot up: “Image verification failed.

Upgrade to Cisco IOS Release 15.2(1)E in the non-FIPS mode

Boot with the Cisco IOS Release 15.2(1)E image.

  • The boot loader is not updated.
  • The image signature is not verified
  • The switch works normally.

Configure an existing FIPS complaint switch running Cisco IOS Release 15.2(1)E to work in a non-FIPS mode.

  • Configure the no fips authorization- key authorization-key global configuration command.
  • Reload the switch for the configuration to take effect. By default, the switch automatically boots up; however, if you have configured it to boot up manually, you have to initiate the reboot.
  • The boot loader is not updated.
  • The switch works normally and the FIPS commands are no longer available.
  • The following message appears in the boot sequence: “Image passed digital signature verification”.
Note 
If you upload a corrupt or unsigned image, the following message appears during boot up: “WARNING: Unable to determine image authentication. Image is either unsigned or is signed but corrupted.”

Downgrade from a Cisco IOS Release 15.2(1)E image in FIPS mode to an older release.

  • Configure the no fips authorization- key authorization-key global configuration command
  • Reload the switch for the configuration to take effect. By default, the switch automatically boots up; however, if you have configured it to boot up manually, you have to initiate reboot.
  • Upload and boot the older image.
  • The boot loader is not downgraded
  • The switch work normally and the FIPS commands are no longer available.
  • The following message appears in the boot sequence: “WARNING: Unable to determine image authentication. Image is either unsigned or is signed but corrupted.”

Monitoring Switch Setup Configuration

Example: Verifying the Switch Running Configuration 


Switch# show running-config
Building configuration...

Current configuration: 1363 bytes
!
version 12.4
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Stack1
!
enable secret 5 $1$ej9.$DMUvAUnZOAmvmgqBEzIxE0
!
.
<output truncated>
.
interface gigabitethernet6/0/2
mvr type source

<output truncated>

...!
interface VLAN1
 ip address 172.20.137.50 255.255.255.0
 no ip directed-broadcast
!
ip default-gateway 172.20.137.1 !
!
snmp-server community private RW
snmp-server community public RO
snmp-server community private@es0 RW
snmp-server community public@es0 RO
snmp-server chassis-id 0x12
! 
end

Configuration Examples for Performing Switch Setup

Example: Configuring a Switch as a DHCP Server 


Switch# configure terminal
Switch(config)# ip dhcp pool pool1
Switch(dhcp-config)# network 10.10.10.0 255.255.255.0
Switch(dhcp-config)# boot config-boot.text 
Switch(dhcp-config)# default-router 10.10.10.1
Switch(dhcp-config)# option 150 10.10.10.1
Switch(dhcp-config)# exit
Switch(config)# tftp-server flash:config-boot.text
Switch(config)# interface gigabitethernet1/0/4 
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.10.1 255.255.255.0
Switch(config-if)# end

Example: Configuring DHCP Auto-Image Update

Example: Configuring a Switch to Download Configurations from a DHCP Server

This example uses a Layer 3 SVI interface on VLAN 99 to enable DHCP-based autoconfiguration with a saved configuration:


Switch# configure terminal 
Switch(config)# boot host dhcp
Switch(config)# boot host retry timeout 300
Switch(config)# banner config-save ^C Caution - Saving Configuration File to NVRAM May Cause You to No longer Automatically Download Configuration Files at Reboot^C
Switch(config)# vlan 99
Switch(config-vlan)# interface vlan 99
Switch(config-if)# no shutdown
Switch(config-if)# end
Switch# show boot
BOOT path-list:
Config file:          flash:/config.text
Private Config file:  flash:/private-config.text
Enable Break:         no
Manual Boot:          no
HELPER path-list:
NVRAM/Config file
      buffer size:    32768
Timeout for Config
          Download:    300 seconds
Config Download
       via DHCP:       enabled (next boot: enabled)
Switch#

Examples: Scheduling Software Image Reload

This example shows how to reload the software on the switch on the current day at 7:30 p.m: 


Switch# reload at 19:30
Reload scheduled for 19:30:00 UTC Wed Jun 5 2013 (in 2 hours and 25 minutes)
Proceed with reload? [confirm]

This example shows how to reload the software on the switch at a future time: 


Switch# reload at 02:00 jun 20
Reload scheduled for 02:00:00 UTC Thu Jun 20 2013 (in 344 hours and 53 minutes)
Proceed with reload? [confirm]