The Switch option from the Cisco Enterprise NFVIS portal allows you to configure STP/RSTP, VLAN on specified ranges, RADIUS based authentication, and port channel load balancing for various switch ports. This section describes how to configure settings on the ENCS switch portal.

You can view the Switch Interface operational data and the statistics parameters in the following table:

Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network.

The Spanning Tree option is enabled by default. You can click on edit and make the necessary settings or disable Spanning Tree if required.

The configuration of spanning tree has the following parameters when it is enabled:

This chapter describes how to configure dot1x port-based authentication on the Cisco Enterprise NFVIS portal. dot1x prevents unauthorized devices (clients) from gaining access to the network. It is a standard for media-level (Layer 2) access control, offering the capability to permit or deny network connectivity based on the identity of the end user or device. The dot1x is disabled by default. You can click on edit to enable dot1x.

The configuration of dot1x has the following parameters:

The Link Aggregation Control Protocol (LACP) enables you to bundle several physical ports together to form a single logical channel. LACP enables you to form a single Layer 2 link automatically from two or more Ethernet links. This protocol ensures that both ends of the Ethernet link are functional and are part of the aggregation group.

LACP uses the following parameters to control aggregation:

You can use virtual LANs (VLANs) to divide the network into separate logical areas. VLANs can also be considered as broadcast domains. Any switch port can belong to a VLAN, and unicast, broadcast, and multicast packets are forwarded and flooded only to end stations in that VLAN. Each VLAN is considered a logical network, and packets destined for stations that do not belong to the VLAN must be forwarded through a router.

You can configure VLANs in the range <1-2349>|<2450-4093> for a specified switch port.

You can configure general settings using the following parameters for each switch interface:

• Interface—Name of the interface

• Description—Set the description per interface

• Speed—10/100/1000 MBPS

• Dot1x Auth—802.1x, mac or both

• PoE Method—auto, never or four-pair

• PoE Limit—0-60000mW

• Admin Status—enable or disable

You can make the advanced settings using the following parameters for each switch interface:

• Mode—access, dot1q-tunnel, private-vlan, or trunk

• Access Vlan—Specifies the number of VLANs.

• Allowed Vlan—All or VLAN IDs

• Native Vlan—Specifies the VLAN ID. You can enter a value from one of the following ranges:

  • 1 to 2349

  • 2450 to 4093

• Dot1q Tunnel Vlan—Specifies the Layer 2 tunnel port.

• Community—Specifies the community number. Range: 1 to 29

• Protected Port—Yes or No

Note	The VLAN configuration takes effect only if the global VLANs are also configured with the same values in Configuring VLAN.

You can configure spanning tree for each switch interface using the following parameters:

• Spanning Tree—Enable or Disable

• Cost—Specifies the cost. Range: 1 to 200000000

• Priority—Specifies the port priority. Range: 0 to 240, default value is 128

• Link Type—point-to-point or shared

• BPDU Guard—Enable or Disable

• Root Guard—Enable or Disable

• Port Fast—auto or enable

• BPDU Filtering—Specifies that BPDU packets are filtered when the spanning tree is disabled

• BPDU Flooding—Specifies that BPDU packets are flooded when the spanning tree is disabled