Default Settings

Earlier when we were talking about the individual physical port settings, I said that although not specifically listed in the default configuration, all ports auto negotiate speed and duplex. There are many other default settings that do not show in the configuration file. If you do not configure the switch at all, the switch operates with these default settings:

• Default switch IP address, subnet mask, and default gateway is 0.0.0.0.
• Default domain name is not configured
• DHCP client is enabled, the DHCP server is enabled (only if the device acting as a DHCP server is configured and is enabled), and the DHCP relay agent is enabled (only if the device is acting as a DHCP relay agent is configured and is enabled).
• Switch stack is enabled (not configurable).
• Switch cluster is disabled.
• No passwords are defined.
• System name and prompt is Switch.
• NTP is enabled.
• DNS is enabled.
• TACACS+ is disabled.
• RADIUS is disabled.
• The standard HTTP server and Secure Socket Layer (SSL) HTTPS server are both enabled.
• IEEE 802.1x is disabled.
• Port parameters
– Operating mode is Layer 2 (switchport).
– Interface speed and duplex mode is autonegotiate.
– Auto-MDIX is enabled. Note In releases earlier than Cisco IOS Release 12.2(18)SE, the default setting for
auto-MDIX is disabled.
– Flow control is off.
– PoE is autonegotiate.
• No Smartports macros are defined.
• VLANs
– Default VLAN is VLAN 1.
– VLAN trunking setting is dynamic auto (DTP).
– Trunk encapsulation is negotiate.
– VTP mode is server.
– VTP version is Version 1.
– No private VLANs are configured.
– Voice VLAN is disabled.
• IEEE 802.1Q tunneling and Layer 2 protocol tunneling are disabled.
• For STP, PVST+ is enabled on VLAN 1.
• MSTP is disabled.
• Optional spanning-tree features are disabled.
• Flex Links are not configured.
• DHCP snooping is disabled. The DHCP snooping information option is enabled.
• IP source guard is disabled.
• Dynamic ARP inspection is disabled on all VLANs.
• IGMP snooping is enabled.
• IGMP throttling setting is deny.
• The IGMP snooping querier feature is disabled.
• MVR is disabled.
• Port-based traffic
– Broadcast, multicast, and unicast storm control is disabled.
– No protected ports are defined.
– Unicast and multicast traffic flooding is not blocked.
– No secure ports are configured.
• CDP is enabled.
• UDLD is disabled.
• SPAN and RSPAN are disabled.
• RMON is disabled.
• Syslog messages are enabled and appear on the console.
• SNMP is enabled (Version 1).
• No ACLs are configured.
• QoS is disabled.
• No EtherChannels are configured.
• IP unicast routing is disabled.
• No HSRP groups are configured.
• IP multicast routing is disabled on all interfaces.
• MSDP is disabled.
• Fallback bridging is not configured.

Most of the above items will be discussed in this document, but the more advanced options will not.