Cisco has been supporting the standardized 802.3af power over ethernet feature since 2004. Catalyst switches with PoE are available as 10/100 PoE or even 10/100/1000 PoE. The Power over Ethernet feature is an excellent option for deployments of Cisco IP Phones. Wireless access points and security cameras can also be powered by PoE switches. The specific technology uses the Cat5/Cat6 ethernet cable to deliver power in addition to data, thus removing the need of using power adaptors for devices.

The following Cisco Models support PoE:

• 2960
• 3750
• 3560
• 4500
• 6500

For Network Engineers, the ability to mirror switch traffic and send it to a sniffer for analysis is an essential troubleshooting technique. All Cisco Catalyst switches support the Switched Port Analyzer (SPAN) feature which copies traffic from specified switch source ports or VLANs and mirrors this traffic to a specified destination switch port (SPAN port). Then, you can connect your PC having a sniffer tool (like WireShark) on the destination SPAN port to capture all mirrored traffic. The diagram below shows this:

To utilize the switch SPAN mirroring feature configure the following on the catalyst switch:

Configuration Example – Monitoring an entire VLAN traffic
c3750(config)#monitor session 1 source vlan 5
c3750(config)#monitor session 1 destination interface fastethernet 0/3

The configuration above will capture all traffic of VLAN 5 and send it to SPAN port fastethernet 0/3.

Configuration Example – Monitoring traffic from a specific interface
c3750(config)#monitor session 1 source interface fastethernet 0/1
c3750(config)#monitor session 1 destination interface fastethernet 0/2

The configuration above will capture all traffic from interface 0/1 and send it to SPAN port fastethernet 0/2.

Use the command show monitor session 1 to verify your configuration.

In this post I will explain how to provide routing between two VLANs on a simple Layer 2 switch using a Cisco router with just one interface. This is called also Router-on-a-stick. This configuration is usually asked as a question in CCNA exams, so I hope it will be helpful for people preparing for certification. Lets see the diagram below to get us started:

A Cisco Layer 2 switch carries two VLANs (VLAN 10 – RED and VLAN 20 – GREEN) with two hosts connected on them as shown on the diagram above. The first host belongs to Network 10.10.10.0/24 (VLAN10) and the second one to 20.20.20.0/24 (VLAN20). By default, if the switch is just a normal Layer 2 switch the two hosts can not communicate between them because they belong to different VLANs and there is no routing. Thus, if we want to provide network connectivity between the two VLANs we need to have a Layer 3 engine somewhere in the network. This can be accomplished either if the switch is Layer 3 or if there is a router in place. In our example we use a router to provide Layer 3 connectivity as shown in our diagram.

The router uses just a single interface connected to a trunk port on the switch. The Router interface can be divided into two subinterfaces, with each subinterface belonging to the appropriate VLAN. The switch port connected to the router must be a trunk in order to be able to carry both VLANs towards the router port. Lets see the configuration below:

SWITCH CONFIGURATION
# conf t
(config)# vlan database
(config-vlan)# vlan 10 name RED
(config-vlan)# vlan 20 name GREEN
(config-vlan)# exit
(config)# interface FastEthernet1/0/1
(config-if)# description trunk-to-router-on-a-stick
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# exit
(config)# interface FastEthernet1/0/2
(config-if)# description connection-to-RED-VLAN
(config-if)# switchport mode access
(config-if)# switchport access vlan 10
(config-if)# exit
(config)# interface FastEthernet1/0/3
(config-if)# description connection-to-GREEN-VLAN
(config-if)# switchport mode access
(config-if)# switchport access vlan 20
(config-if)# exit
(config)# exit
# copy run start

ROUTER CONFIGURATION
# conf t
(config)# interface fastethernet 0/0.10
(config-if)# encapsulation dot1q 10
(config-if)# ip address 10.10.10.2 255.255.255.0
(config-if)# exit
(config)# interface fastethernet 0/0.20
(config-if)# encapsulation dot1q 20
(config-if)# ip address 20.20.20.2 255.255.255.0
(config-if)# exit

Now, in order for the two hosts to communicate between them, they must set as default gateway the IP address of the corresponding router subinterface address (e.g for host in VLAN 10 the gateway must be 10.10.10.2 and for host in VLAN 20 the gateway must be 20.20.20.2).