Cisco S49ESK9-12231SG= Manual De Usuario
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 1 of 6
Product Bulletin No. 3257
Cisco IOS Software Release 12.2(31)SG for
Cisco Catalyst 4900 Series Switches
Cisco Catalyst 4900 Series Switches
This product bulletin describes the hardware and software features supported by Cisco IOS
®
Software Release 12.2(31)SG for
the Cisco
®
Catalyst
®
4900 Series switches.
KEY FEATURE BENEFITS
•
Control Plane Policing (CoPP): Protects the supervisor CPU by rate limiting and filtering out malicious traffic in hardware.
–
Ensures network stability and availability and predictable network performance by controlling the traffic to the supervisor CPU
•
Web Content Communication Protocol (WCCPv2) Layer 2 Redirection: Transparently redirects content requests to directly connected
content engines via a L2/MAC address rewrite.
–
Improves user response time and content availability by serving content locally on the LAN instead of the WAN
•
Network Admission Control (NAC) and 802.1x Enhancements (MAC Authentication Bypass, 802.1x Inaccessible Authentication Bypass,
802.1x Unidirectional Controlled Port): Helps ensure that endpoints comply with security policies to protect networks against worms and viruses.
–
Increases flexibility of NAC and 802.1x deployments
NEW SOFTWARE FEATURES
Control Plane Policing
Control plane policing provides a unified solution to rate limit the CPU-bound control plane traffic in hardware. It enables users to install
systemwide control plane access-control lists (ACLs) to protect the CPU by rate limiting or filtering out malicious denial-of-service (DoS) attacks.
Control plane policing helps ensure network stability, availability, and packet forwarding. It prevents network outages such as loss of protocol
updates, despite an attack or heavy load on the switch. Hardware-based control plane policing is available for Cisco Catalyst 4900 switches. It
supports various Layer 2 and Layer 3 control protocols, such as Cisco Discovery Protocol (CDP), Extensible Authentication Protocol over LAN
(EAPOL), Spanning Tree Protocol, Dynamic Trunking Protocol (DTP), VLAN Trunking Protocol (VTP), Internet Control Message Protocol
(ICMP), Cisco Group Management Protocol (CGMP), Internet Group Management Protocol (IGMP), Dynamic Host Configuration Protocol
(DHCP), Routing Information Protocol Version 2 (RIPv2), Open Shortest Pat First (OSPF), Protocol Independent Multicast (PIM), Telnet, Simple
Network Management Protocol (SNMP), HTTP, and packets destined to 224.0.0.* multicast link local addresses. Predefined system policies or user-
configurable policies can be applied to those control protocols. A staged approach is recommended for implementing the control plane policing by
first understanding the traffic profile in the networks.
WCCPv2 L2 Redirection
Web Content Communication Protocol (WCCP) Version 2 Layer 2 redirection enables a Cisco Catalyst 4900 to transparently redirect content
requests to the directly connected content engines using a Layer 2/MAC address rewrite. The WCCPv2 Layer 2 redirection is accelerated in the
switching hardware and thus is more efficient than Layer 3 redirection using Generic Routing Encapsulation (GRE). The content engines in a cache
cluster transparently store frequently accessed content and then fulfill successive requests for the same content, eliminating repetitive transmissions
of identical content from the original content servers. It supports the transparent redirection of HTTP and non-HTTP traffic with well-known ports
or dynamic services, such as Web caching, HTTPS caching, File Transfer Protocol (FTP) caching, proxy caching, media caching, and streaming
services. WCCPv2 Layer 2 redirection is typically deployed for transparent caching at the network edge, such as regional or branch sites. WCCPv2