The 3550 and New Switching Philosophies for the CCIE Lab

by Chuck Larrieu

  Brief History of Cisco Switching
  New Interface Metaphors
Switches Being Replaced in the CCIE Lab
  Catalyst 5000
  Catalyst 3920
Housekeeping Commands
  Common IOS commands
    show boot
    show flash
  Commonalties with Routers
  Configuring Multiple Interfaces Simultaneously
    Securing Telnet Access to the Switch
  IOS Concessions to Set-Based Commands
The 3550 Metaphor for Interfaces
L2 Functionality with Pure Switches
  802.1x -- Port Based Authentication
  Spanning Tree Protocol (STP): IEEE 802.1D
    Uplink Fast/Backbone Fast Configuration
  VLAN Configuration
    Standard-Range VLAN Configuration
    Configuring Extended VLANs
    Verifying VLAN Configuration
    VLAN Trunk Protocol (VTP) Configuration
  Fast EtherChannel
L3 Functionality Possible with Two or More Routers with VLAN Capability
  Layer 3 -- Routing
  Hot-Standby Router Protocol (HSRP)
Service Provider-Oriented Functions
  802.1Q (VLAN) Tunneling
Switch Optimization
  Access Template
  Default Template
  Routing Template
  VLAN Template
L2 Access-Lists
  When to Use Access-Lists and VLAN-Maps
Between the Layers -- Fallback Bridging
  Case 1: Routed Interfaces
  Case 2: Interfaces in Different VLANs
Quality of Service (QoS)
  Enabling QoS on the 3550
  Using Class-Maps
    Example 1: Classify, Police, and Mark Using Policy Maps.
    Example 2: Classify, Police, and Mark Traffic Using Aggregate Policers
  Configuring DSCP Maps
A Word about IRB/CRB and L3 in general
A Word about DLSw+


It's no secret that the CCIE Lab examination continues to evolve. It's also no secret that for some time now the switching equipment present in the lab was getting a bit long in the tooth. There has been speculation among many as to how Cisco might evolve from the set-based switches to the more modern IOS-based switches without causing severe hardship to Lab candidates. With Cisco's announcement of the move to the new 3550 series switch, CCIE candidates and Cisco customers now have a clear indication of the direction that Cisco's switching architecture will take.

Do remember that the 3550 can do things that traditionally could be done only on pure switches, but also can do routing things that traditionally could be done only on routers. So, in studying, you should consider configurations where the 3550 acts as a switch to another device (typically the other 3550), or as a router, or as a hybrid.


The topic for this Study Guide is the Cisco Catalyst 3550 switch. It is written to introduce this new series switch to those who have not seen it and for those who had been concentrating their efforts on the "set-based" and Token Ring switches used in the CCIE R&S lab exam prior to November 2002. Cisco has said these earlier switches will be replaced with the 3550 in the CCIE lab (including all of Token Ring technology), but you certainly will see the older switches in the workplace.

Brief History of Cisco Switching

Cisco's switching business developed mostly through acquisition. Recognizing that there was more to networking than routing, Cisco sought out companies with products that would fit well into Cisco's plans to dominate end-to-end connectivity, in the enterprise and in the Internet. The largest of Cisco's acquisitions was Crescendo, from which Cisco launched the Catalyst 5000 and 5500 series of switches. The original Crescendo switch interface was the "set-based" command line. Generations of network engineers have lived with, and in many cases have preferred this interface because of the flexibility it offers. This is particularly true when having to configure large numbers of interfaces in an identical manner.

The 5000/5500 series switches acquired Layer 3 capabilities with the introduction of the route-switch module (RSM). The switch would "switch when it could, route when it must". Routing is the only way to communicate between end-devices that reside in different VLANs in most situations (multi-port servers can do this as well). These switches served as the basis for the development of the Catalyst 6500 and 8500 series switch product lines. The 6500 continued to increase the routing power in the box, with greater Ethernet port density than is available on higher-end switches.

High-end routers (e.g., 7500, 10000, 12000) still tend to have more sophisticated routing and congestion management. Given Cisco's recent emphasis on QoS-enabled LAN and WAN networks, especially in AVVID (Architecture for Voice, Video, and Integrated Data) environments, Cisco has created a product line with combined switching/routing devices at every layer of the Cisco architecture, from the core (85xx and 65xx) to distribution (65xx and 4xxx) and all the way to the access layer (3550 and 2950 series). This product line can meet the demands of users who require more services and network engineers who require better performance and better control. This is especially important in Cisco AVVID deployments.

Another acquisition worth mentioning is that of Kalpana, whose equipment evolved into the Catalyst 3900 line, and whose menu-based interface is most commonly known to CCIE candidates through the Catalyst 3920 Token Ring switch.

Acquisitions of other companies eventually resulted in a product line that spanned all levels of LAN switching requirements, from small home and office (SOHO) environments to those of large enterprises and ISPs. The multitude of switching product acquisitions resulted in a variety of user interfaces and command sets throughout the Catalyst product line. Add to this the popularity of the Cisco router command line interface (CLI). Competitors such as Extreme, Foundry, and Marconi all use an "IOS-like" CLI as a selling point for their own products. As derived from Cisco marketing materials, customer and partner presentations, and product and software roadmaps, Cisco is responding to their customers' desires for a single user interface and has introduced the IOS CLI into their newer switching products like the 6500 series and the 3500 series. While the popularity and demand for browser-based interfaces continues, and while Cisco in turn continues to develop its own browser-based interfaces, as evidenced in the 3550 series Cluster Management Suite (CMS), Cisco shows every sign of continuing to enhance the IOS interface for its switches. To paraphrase J. R. R. Tolkien, Cisco is working towards "one IOS to configure them all, one IOS to find them, one IOS to manage them all, and as Cisco customers bind them".

New Interface Metaphors

We want to consider the implications of multiple 3550 switches in the CCIE Lab, building on the reader's familiarity with other Cisco switches. The focus is on how it works, the metaphor used, and how it differs from the metaphor of the set-based switches. What do I mean by metaphor?

Old Catalyst switches look at only physical ports, with VLANs being a simple feature that is configured onto a port. The new metaphor is based on physical ports, but there are virtual ports that can be configured as if they were physical, and then their attributes assigned to physical ports.

It should be noted that Cisco dedicates an entire Cisco Certified Professional (CCNP/CCDP) course and test on switching. It is not the intention of this paper to rehash that material but rather to focus on the Catalyst 3550 switch and its operation.

The 3550 interface is essentially identical to that of the switch it is replacing -- the 3500 series. In the product marketplace, the 3550 is replacing the Catalyst 3508, 3512, 3524, and 3548 switches. The 3550 command set is not identical at all to the Cat 5000 and Cat 3920 of the CCIE Lab, but it is identical to the new 2950 series, 4000 and 6500 series switches. If you have good hands-on experience with those products, you will find little new here in terms of the Layer 2 interface and commands. Obviously, if you are preparing for the CCIE Lab, you are working with routers and you will realize that there is little new in terms of the L3 interface. So why the anxiety around the introduction of the new switches and the removal of the old?

It is the author of this paper's intent to provide a fundamental look at the new switch and cover the major areas that make this switch part of the Cisco strategy to deploy Quality of Service (QoS) as well as advanced L2 and now L3 functionality right down to end user devices that Cisco hopes will include Cisco IP telephones. Having gained this familiarity, CCIE Lab candidates can worry less about the equipment changes and return to the study and mastery of the configuration concepts and commands that will ensure their success. The author of this paper has no information about how the 3550 will be used in the CCIE Lab nor what features may or may not be tested, other than what has been determined from public sources. Cisco states specifically "a CCIE candidate is responsible for and may be tested on any feature of which a particular piece of equipment is capable, for the IOS version that is in use." The only official exception to this statement is that which has been specifically excluded, as published on CCO.

There are three sources for "official" information about the CCIE Lab and its contents:

  1. The CCO itself, referenced above. Candidates should regularly check there for the official word.

  2. The CCIE power session offered by Cisco at Networkers every year. Some of the topics covered in this paper were inspired by that presentation, which can be obtained from this link:


  3. The various "Ask the Proctor" forums that have appeared in various locations, including Cisco's own web site. The information found here is less informative than found elsewhere, but occasionally, there is gold to be found. Cisco's own expert forum can be found at: http://forums.cisco.com/eforum/servlet/NetProf?page=main

Switches Being Replaced in the CCIE Lab

Prior to November 2002, the two switches found in the CCIE Lab are the Catalyst 5000 and the Catalyst 3920. Let's take a quick look at each.

Catalyst 5000

The Catalyst 5000 (or "Cat 5" as it is affectionately known to many) is the granddaddy of Cisco's enterprise switches. While used primarily as an Ethernet switch, it can be equipped with blades to support Token Ring, ATM, and ATM LANE, and it can provide Layer 3 capability with the addition of the RSM. Quality of Service (QoS) functionality was introduced with release 5.1, beginning with classification and marking (CoS), with functionality gradually increased with each new release.

Switch configuration is generally easy, as long as the set-based syntax and command hierarchy is understood. Configuration commands take effect immediately and are saved to non-volatile memory (NVRAM) as soon as commands have been issued. In essence, the running-config and the startup-config are the same. On the down side, there is no command history and no means of entering partial commands when using the "?" feature to complete those commands -- an IOS functionality all Cisco router jocks depend on.

Catalyst 3920

The Catalyst 3920 is a 20-port Token Ring switch that uses a menu-based interface, which can make it difficult to configure, especially if in a hurry. Now that Cisco has announced the removal of the 3920 from the CCIE Lab, this switch is irrelevant to CCIE Lab preparation.

Figure 1. Catalyst 3920 Main Menu

Housekeeping Commands

As a matter of orientation to the 3550 command set, the following section briefly outlines commonly used housekeeping commands. Housekeeping commands are used to set system parameters when configuring switches. One also uses housekeeping commands to orient oneself when confronting an unfamiliar device. In the router world, one might use the "show version" command to find out general information or the "show flash" command to find information about the IOS file in use or the way flash itself is configured physically.

Common IOS commands

show boot

