/en/manuals/1625373/Table of ContentsCisco SM-X Layer 2/3 EtherSwitch Service Module Configuration Guide for Cisco 4451-X ISR1Contents2Prerequisites for the Cisco SM-X Layer 2/3 EtherSwitch Service Module2Information About the Cisco SM-X Layer 2/3 EtherSwitch Service Module2Hardware Overview3Software Features3Cisco TrustSec Encryption3IEEE 802.1x Protocol4Licensing and Software Activation4The Cisco SM-X Layer 2/3 ESM utilizes the Cisco licensing software activation mechanism for different levels of technology software packages. This mechanism is referred to as technology package licensing and leverages the universal technology package...4The Cisco SM-X Layer 2/3 ESM has a right to use (RTU) license, also known as honor-based license.4The RTU license on Cisco SM-X Layer 2/3 ESM supports the following three feature sets:4Installing and Applying an RTU License on a Switch4MACsec Encryption5Media Access Control Security (MACsec) encryption is the IEEE 802.1AE standard for authenticating and encrypting packets between two MACsec-capable devices. MACsec encryption is defined in 802.1AE to provide MAC-layer encryption over wired networks b...5The Cisco SM-X Layer 2/3 ESM supports 802.1AE encryption with MACsec Key Agreement (MKA) on downlink ports for encryption between the module and host devices. The module also supports MACsec link layer switch-to-switch security by using Cisco TrustSe...5Power over Ethernet (Plus) Features6The Cisco SM-X Layer 2/3 ESM is capable of providing power to connected Cisco pre-standard and IEEE 802.3af-compliant powered devices (PDs) from Power over Ethernet (PoE)-capable ports when the switch detects that there is no power on the circuit. Th...6The PDs and the switch negotiate power through CDP messages for an agreed power-consumption level. The negotiation allows high-power Cisco PDs to operate at their highest power mode.6The PoE plus feature enables automatic detection and power budgeting; the switch maintains a power budget, monitors, and tracks requests for power, and grants power only when it is available. See the Configuring the External PoE Service Module Power ...6Power policing allows to monitor the real-time power consumption. On a per-PoE port basis, the switch senses the total power consumption, polices the power usage, and reports the power usage. For more information on this feature, see Monitoring Real-...6Managing the Cisco SM-X Layer 2/3 ESM Using Cisco IOS Software6Using OIR to Manage the Cisco SM-X Layer 2/3 ESM6Internal Port Mapping8Managing MGF Ports for Layer 2 Features8Enabling Layer-3 Features under Ethernet-internal Interface8How to Configure the Cisco SM-X Layer 2/3 ESM on the Router9Configuration on SM-X Module Side9Accessing SM-X Module Side Through a Console Connection or Through Telnet10Understanding Interface Types on the Cisco SM-X Layer 2/3 ESMs11Using Interface Configuration Mode11To specify Gigabit Ethernet port 4 on a standalone Cisco SM-X Layer 2/3 ESM, enter this command in global configuration mode:11Configuration: Known Issues11Configuration on Host Side12Configuring BDI12Configures the second Cisco SM-X Layer 2/3 ESM (ESM1).14Configuring SVI Interface15Configuration: Known Issues15Shutting Down and Reloading the Cisco SM-X Layer 2/3 ESM15Monitoring Real-Time Power Consumption (Power Sensing)17Specifies the cut off power value for a port.19Enables the ESM to generate a syslog message while still providing power to the device.19Upgrading the Cisco SM-X Layer 2/3 ESM Software20Copying Switch Image Directly to ESM Flash Through TFTP Server20Copying Switch Image to ESM Flash Through Host Router24This section describes how to copy the switch image to the ESM flash through the host router.24Upgrading SM-X Image25Module-to-Module Communication26Cisco SM-X Layer 2/3 ESM can directly communicate with any module connected to the backplane switch of the router bypassing the router host CPU, thus, increasing the CPU performance and reducing the CPU processing. The additional GE connection with t...26Following is an example of the configuration assuming a 16 port module is configured in slot 1 and a 24 port module in slot 2:-27Configuration on the 16 port SM-X module in slot 1:27Configuration on the 24 port SM-X module in slot 2:27Troubleshooting the Cisco SM-X Layer 2/3 ESM Software27Recovering from a Corrupted Software Image Using Boot Loader27Recovering from a Lost or Forgotten Password28Related Documentation32Technical Assistance32Size: 707 KBPages: 34Language: EnglishOpen manual
/en/manuals/1625344/Table of ContentsCisco SM-X Layer 2/3 EtherSwitch Service Module (ESM) Configuration Guide for Cisco 2900 and Cisco 3900 Series ISRs1Contents2Prerequisites for the Cisco SM-X Layer 2/3 ESMs2Information About the Cisco SM-X Layer 2/3 ESMs2Maximum Number of Modules Supported on Each Platform3Hardware Overview3Software Features3Cisco Trust Sec encryption4IEEE 802.1x Protocol4Licensing and Software Activation4The Cisco SM-X Layer 2/3 ESM utilizes the Cisco licensing software activation mechanism for different levels of technology software packages. This mechanism is referred to as technology package licensing and leverages the universal technology package...4During startup, the Cisco SM-X Layer 2/3 ESM determines the highest level of license and loads the corresponding software features.4The Cisco SM-X Layer 2/3 ESM has a right to use (RTU) license, also known as honor-based license.4The RTU license on Cisco SM-X Layer 2/3 ESM supports the following three feature sets:4MACsec Encryption5Media Access Control Security (MACsec) encryption is the IEEE 802.1AE standard for authenticating and encrypting packets between two MACsec-capable devices. MACsec encyprtion is defined in 802.1AE to provide MAC-layer encryption over wired networks b...5The Cisco SM-X Layer 2/3 ESM supports 802.1AE encryption with MACsec Key Agreement (MKA) on downlink ports for encryption between the module and host devices. The module also supports MACsec link layer switch-to-switch security by using Cisco TrustSe...5Power over Ethernet (Plus) Features5The Cisco SM-X Layer 2/3 ESM is capable of providing power to connected Cisco pre-standard and IEEE 802.3af-compliant powered devices (PD) from Power over Ethernet (PoE)-capable ports when the switch detects that there is no power on the circuit.5The ESM supports IEEE 802.3at (PoE+), that increases the available power for PDs from 15.4W to 30 W per port. For more information, see the Power over Ethernet Ports. The PoE plus feature supports the cisco discovery protocol (CDP) with power consump...5The PDs and the switch negotiate through power-negotiation CDP messages for an agreed power-consumption level. The negotiation allows a high-power Cisco PDs to operate at its highest power mode.5The PoE plus feature enable automatic detection and power budgeting; the switch maintains a power budget, monitors, and tracks requests for power, and grants power only when it is available. See the Configuring the External PoE Service Module Power S...5The power policing or power sensing feature allows you to monitor the real-time power consumption. On a per-PoE port basis, the switch senses the total power consumption, polices the power usage, and reports the power usage. For more information on t...5Smart Install Support6The Cisco SM-X Layer 2/3 ESM supports the Smart Install feature. The Smart Install is a plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. You can ship a switch to a location, place it in th...6A network using Smart Install includes a group of networking devices, known as clients, that are served by a common Layer 3 switch or router that acts as a director. In a Smart Install network, you can use the Zero-Touch Installation process to insta...6Managing Cisco SM-X Layer 2/3 ESM Using Cisco IOS Software6Using OIR to Manage the Cisco SM-X Layer 2/3 ESM6Managing Backplane Switch Ports6Internal Port Mapping7How to Configure the Cisco SM-X Layer 2/3 ESM on the Router7Accessing the CLI Through a Console Connection or Through Telnet7Understanding Interface Types on the Cisco SM-X Layer 2/3 ESMs8Configuring the Cisco SM-X Layer 2/3 ESM in the Router8Examples11Shutting Down, Resetting, and Reloading the Cisco SM-X Layer 2/3 ESM13Examples13Monitoring Real-Time Power Consumption (power sensing)14Cisco SM-X Layer 2/3 ESMs’ hardware allows the ESM to accurately monitor the real-time power consumption on each port by measuring the port current as well as the voltage while the powered devices such as IP phones and wireless access points are po...14If a powered device is misbehaving by consuming more power than the actual configured value, you can take an appropriate ‘action’ by enabling the power policing or sensing feature on a port using the power inline (config-if) command. The ‘actio...14You can monitor the power drawn at the router level through show power inline command on the Cisco ISR-G2 routers. To monitor port-level power consumption use the show power inline command on the Cisco SM-X Layer 2/3 ESM in Exec mode.14Specifies the cut off power value for a port.15Enables the ESM to generate a syslog message while still providing power to the device.15Upgrading the Cisco SM-X Layer 2/3 ESM Software16Copying Switch Image Directly to ESM flash Through TFTP Server16Examples18Copying Switch Image to ESM Flash Through Host Router20This section describes how to copy the switch image to the ESM flash through the host router.20Module-to-Module Communication22Cisco SM-X Layer 2/3 ESM can directly communicate with any module connected to the backplane switch of the router bypassing the router host CPU, thus, increasing the CPU performance and reducing the CPU processing. The additional GE connection with t...22Following is an example of the configuration assuming a 16 port module is configured in slot 1 and a 24 port module in slot 2:-22Configuration on the 16 port SM-X module in slot 1:22Configuration on the 24 port SM-X module in slot 2:22You can apply the trunk port configurations if the port needs to be a trunk port.22Troubleshooting the Cisco SM-X Layer 2/3 ESM Software23Recovering from a Corrupted Software Image Using Recovery Image23Recovering from a Lost or Forgotten Password24Prerequisites24Recovering from a Lost or Forgotten Password When Password Recovery Is Disabled26Example29Related Documents31Technical Assistance31Size: 556 KBPages: 32Language: EnglishOpen manual