In troubleshooting a network problem recently, I was reminded about a feature set which is turned on by default on their Small Business and Catalyst Express Switches called Smartports Roles, and in their larger switches and routers they are called Smartport Macros (but are not enabled by default and used in the CLI). This is a love-it or hate-it feature of Cisco SMB switches. When we think of managed switches, how much feature set are we often using other than VLAN, QoS and perhaps high-throughput? The reality is that managed switches have a lot more feature and functionality to them which we often don’t configure. Cisco had made these feature also available as templates for small businesses. Which is great, unless you don’t realize they’re in-place. If you don’t know about Smartport rules you can spend hours chasing your tail.
The biggest gotcha you need to know is that by default most ports are configured in the “Desktop” role, which permits only one Mac address per port, and it disables spanning tree to permit fast network connectivity. If you connect in a switch you may notice that only the first node will actually work, and all others will fail to connect (this is port security).
In those cases you want “Switch” mode which permits multiple IPs (disabled port security) and enabled Rapid Spanning Tree (RSTP).
Here is the full list of Smartport roles:
|Desktop||Apply this role to ports that are connected to desktop devices, such as desktop PCs, workstations, notebook PCs, and other client-based hosts.
|Switch||Apply this role to ports that are connected to other switches.
|Router||Apply this role to ports that are connected to WAN devices that connect to the Internet, such as routers and Layer 3 switches with routing service capabilities, firewalls, or VPN Concentrators.
|IP Phone+Desktop||Apply this role to ports that are connected to IP phones.
A desktop device, such as a PC, can be connected to the IP phone. Both the IP phone and connected PC have access to the network and the Internet through the switch port. This role prioritizes voice traffic over data traffic to ensure clear voice reception on the IP phones.
|Access Point||Apply this role on switch ports that connect to non-Power over Ethernet (PoE) and PoE-capable wireless access points (APs). Connected to the AP are mobile devices, such as wireless laptop PCs.
Note: Functionality of Cisco Wireless Bridges are more similar to that of a switch. So, Cisco recommends the Switch Smartport role for Wireless Bridges.
|Server||Apply this role to ports that are connected to servers that provide network services, such as Exchange servers, collaborative servers, terminal servers, file servers, Dynamic Host Configuration Protocol (DHCP) servers, IP private branch exchange (PBX) servers, and so on. This role is for Gigabit or non-Gigabit ports, based on the server type to be connected.
This role prioritizes server traffic as trusted, critical, business, or standard, based on the function of the server.
|Printer||Apply this role on switch ports that connect to a printer, such as a network printer or an external print server. This role prevents printer traffic from affecting voice and critical data traffic.
|Guest||Apply this role to ports that are connected to desktop devices and to APs to provide guest wireless access.
|Other||Apply this role on switch ports if you do not want to assign a specialized role on the port.
This role can be used on connections to guest or visitor devices, printers, desktops, servers, and IP phones. It allows for flexible connectivity of non-specified devices.
|Diagnostic||Customers can connect diagnostics devices to monitor traffic on other switches (can be configured using Cisco Network Assistant only).|