| Layer 2 Features |
● Layer 2 hardware forwarding at 48 mpps
● Layer 2 switch ports and VLAN trunks
● IEEE 802. 1Q VLAN encapsulation
● Inter-Switch Link (ISL) VLAN encapsulation (excluding blocking ports on WS-X4418-GB)
● Dynamic Trunking Protocol (DTP)
● VLAN Trunking Protocol (VTP) and VTP domains
● Support for 2048 active VLANs and 4096 VLAN IDs per switch
● Spanning-tree PortFast and PortFast guard
● Spanning-tree UplinkFast and BackboneFast
● 802.1s
● 802.1w
● 802.3ad
● Spanning-tree root guard
● Cisco Discovery Protocol
● IGMP snooping v1, v2, and v3
● Cisco EtherChannel®
technology, Cisco Fast EtherChannel technology, and Cisco Gigabit EtherChannel
technology across line cards
● Port Aggregation Protocol (PAgP)
● Unidirectional Link Detection Protocol (UDLD) and aggressive UDLD
● Q-in-Q pass-through
● Jumbo frames (up to 9216 bytes)
● Baby giants (up to 1600 bytes)
● Unidirectional Ethernet
● Stateful switchover (S SO) in subsecond failover time
● Storm control (broadcast suppression)
● Forced 10/100 autonegotiation
● Web Content Communication Protocol (WCCP) Version 2 Layer 2 Redirect
Data Sheet
© 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 15
● Private VLAN Promiscuous Trunk
● Match class of service (CoS) for non-IPv4 traffic
● L2PT over trunk port
● Class of Service (CoS) mutation
● Per-VLAN Control Traffic Intercept |
| Layer 3 Features |
● Hardware-based IP Cisco Express Forwarding routing at 48 mpps
● Static IP routing
● Routing Information Protocol (RIP) and RIP2
● IGMP v1, v2, and v3
● IGMP filtering on access and trunk ports
● IP Multicast routing protocols (PIM, SSM, and Distance Vector Multicast Routing Protocol [DVMRP])
● Cisco Group Multicast Protocol (GMP) server
● Full Internet Control Message Protocol (ICMP) support
● ICMP Router Discovery Protocol
● IPv6 software switched
● EIGRP stub
● IP unnumbered for SVI
● SVI Autostate Exclude |
| Sophisticated QoS and Traffic Management |
● Per-port QoS configuration
● Support for four queues per port in hardware
● Strict priority queuing
● IP differentiated services code point (DSCP) and IP Precedence
● Classification and marking based on IP type of service (ToS) or DSCP
● Classification and marking based on full Layer 3 and 4 headers (IP only)
● Input and output policing based on Layer 3 and 4 headers (IP only)
● Support for 512 policers on ingress and 512 policers on egress configured as aggregate or individual
● Shaping and sharing output queue management
● DBL (congestion-avoidance feature)
● No performance penalty for granular QoS functions
● Auto-QoS command-line interface (CLI) for VoIP deployment
● Per-port, per-VLAN QoS
● Selective Dynamic Buffer Limiting |
| Predictable Performance |
64-Gbps switching fabric
● Layer 2 hardware forwarding at 48 mpps
● Layer 3 hardware-based IP Cisco Express Forwarding routing at 48 mpps
● Layer 4 TCP and UDP hardware-based filtering at 48 mpps
● No performance penalty with advanced Layer 3 and 4 services enabled
● Software-based learning at a sustained rate of 500 hosts per second
● Support for 32,768 MAC addresses
● Support for 32,000 entries in routing table (shared between unicast and multicast)
● Bandwidth aggregation up to 16 Gbps through Cisco Gigabit EtherChannel technology
● Hardware-based multicast management
● Hardware-based ACLs, router ACLs (RACLs), VLAN ACLs (VACLs) |
| Comprehensive Management |
● Manageable through Cisco Network Assistant
● Single console port and single IP address to manage all system features
● Software configuration management, including local and remote storage
● Manageable through CiscoWorks Windows network-management software on a per-port and per-switch
basis, providing a common management interface for Cisco routers, switches, and hubs
● SNMPv1, v2, and v3 instrumentation, delivering comprehensive in-band management
● CLI-based management console to provide detailed out-of-band management
● Remote Monitoring (RMON) software agent to support four RMON groups (history, statistics, alarms, and
events) for enhanced traffic management, monitoring, and analysis
● Support for all nine RMON groups through the use of a Cisco SwitchProbe®
analyzer (Switched Port Analyzer
[SPAN]) port, which permits traffic monitoring of a single port, a group of ports, or the entire switch from a
single network analyzer or RMON probe
● Analysis support, including ingress port, egress port, and VLAN SPAN
● Layer 2 traceroute
● Remote SPAN (RSPAN)
● Cisco SmartPort macros
● SPAN ACL filtering
● SPAN CPU port
● Dynamic Host Configuration Protocol (DHCP) client autoconfiguration
● Enhanced SNMP MIB support
● HTTPS
● Time Domain Reflectometry (TDR)
● MAC Address Notification |
| Advanced Security |
● TACACS+ and RADIUS, which help enable centralized control of the switch and restrict unauthorized users
from altering the configuration
● Standard and extended ACLs on all ports
● 802.1x user authentication (with VLAN assignment, voice VLAN, port security, guest VLAN, private guest
VLAN, private VLAN, and RADIUS Supplied Session Timeout extensions)
● 802.1x accounting
● 802.1x authentication failure
Data Sheet
© 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 15
● 802.1x Private VLAN assignment
● 802.1x Private Guest VLAN
● 802.1x RADIUS-supplied time out
● NAC Layer 2 802.1x
● NAC Layer 2 IP
● Trusted boundary
● Router ACLs (RACLs) on all ports (no performance penalty)
● VLAN ACLs (VACLs)
● Port ACLs (PACLs)
● Private VLANs (PVLANs) on access and trunk ports
● DHCP snooping
● DHCP Option 82
● DHCP Option 82 insertion
● DHCP Option 82 Pass Through
● Port security
● Sticky port security
● SSHv1 and SSHv2
● VLAN Management Policy Server (VMPS) client
● Unicast MAC filtering
● Unicast port flood blocking
● Dynamic Address Resolution Protocol (ARP) inspection
● IP source guard
● Community Private VLANs
● Trunk Port Security
● 802.1x Inaccessible Authentication Bypass
● MAC Authentication Bypass
● Control Plane Policing
● 802.1x Unidirectional Controlled Port
● Voice VLAN Sticky Port Security
● Secure Copy Protocol (SCP)
● EtherChannel Trunk Port security
● IP Source Guard for Static Hosts
● IEEE 802.1x Multi Domain Authentication |
| High Availability |
Stateful Switchover (SSO)
● In Service Software Upgrade (ISSU)
● SSO in subsecond failover time
● Hot Standby Router Protocol (HSRP)
● SSO-Aware HSRP
Data Sheet
© 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 15
● Virtual Router Redundancy Protocol (VRRP)
● Cisco Generic Online Diagnostics (GOLD) |
| Hardware Requirements |
● Redundant supervisor engines must match (a Cisco Catalyst 4500 Series Supervisor Engine II-Plus, IV, or V
cannot be mixed in the same Cisco Catalyst 4507R chassis, for example).
● The Cisco Catalyst 4500 Series Supervisor Engine II-Plus is not supported in a Cisco Catalyst 4510R
chassis; the Supervisor Engine V is required as a minimum for the Cisco Catalyst 4510R. |
