N.B. All configurations are based off the lab build seen in the introduction post. Power over Ethernet (PoE) is standardised into the the original 802.3af standard that provides up to 15.5W of power and the 802.3at standard which caters for up to 25.5W or 30W depending on which articles you read (confusing). These days many device types utilise the convenience of this technology such as CCTV, IP Clocks, Phones, PA Systems and, of course, APs. For the internal AP models 15.4W was nearly always sufficient for the needs but the later series of APs with more radios and 802.1ac need a bit more juice up to around 18-19W of power.
Power BudgetNot all switches can provide PoE so it is important to check a few datasheets prior to purchasing. Some easily overlooked considerations; whilst your switch may be PoE compatible it may not support 802.3at (PoE+) which limits you to 15.4W per port. If it does support PoE+ there will always be a power budget to consider which is the maximum amount of power the switch can provide across all ports. Should the switch exceed this it won’t provide ports in a descending port number order but this can be tweaked using a priority command should a power shortage occur.
Negotiating PoEPoE is enabled out-of-box and can be seen on all ports using the show power inline global command or per-interface with show power inline <interface>. Upon initial connection to the switch an AP will be detected by the switch, classified (see table below) and then provided power accordingly. This classification from the 802.3af/at standards with 4 for 802.3af and 5 for 802.3at. Following this, CDP packets are then exchanged between the AP and switch which may result in an adjustment of power. This won’t work for non-Cisco devices as it is proprietary but the IEEE standard 802.3AB LLDP is supported on Cisco switches to facilitate negotiation of higher power requirements.
PoE Port ModesThese modes are set at an interface level and allow you to manage which ports will provide power (if any) and at what levels. Auto – Default mode. The switch will automatically detect devices and provide power as described above. You can still alter the maximum wattage for any of the ports in auto mode and this won’t ever be exceeded. This is described in the policing section below. Static – By setting a static value the switch will pre-allocate the maximum power even with nothing connected meaning it is taken out of your overall power budget. By setting this you essentially prioritise the port to the top of the list. Never – This will ensure the port never provides power to a device.
ConsumptionThe switches track how much power they are using and then police the consumption accordingly if required. In out-of-box mode the only preset limitations are what the switches support (mine only support 802.3af/15.4W) and, if the budget is exceeded, a non-provision of power to the latter ports. There are different options available to ensure the higher priority devices are always powered and/or setting a maximum consumption on these ports. Power inline consumption default <power> is the only global command that can allows you to set a different default consumption for all your devices. For example the Cisco forum example explains that Class 3 devices are allocated 15.4W by default which is set aside for that device even if it doesn’t use it all. With this, you may have an 8W device allocated almost twice its requirement which it will never use. By issuing power inline consumption default 8000 this will override the allocation and allow many more of the 8W devices to be added before exceeding the power budget. This can be further overridden at an interface level if required. The AP connected to the switch was reloaded and has come up. Due to the consumption set, it is only being given 8W/8000 Mw of power which is not sufficient for operation of any radios. This is indicated by the LED on the AP cycling through blue, green, red and off indicating insufficient inline power. This might be fine for other devices but as the AP needs 15.4W to operate I will alter this at the interface level to permit this. The switch will show you a warning message to be careful not to break warranty by exceeding the expected power budget. conf t interface fa0/13 power inline consumption 15400 end
PolicingPolicing allows you total control over each interface and allows you to react in different ways should values be exceeded. Sometimes you may only wish to be notified of the power being exceeded but the device left powered. Other times the requirement may be stricter and so the port can enter err-disable if a device tries to exceed your parameters. This config will apply policing with a port-maximum of 10W and a shutdown (errdisable) if the device requests more than this. interface fa 0/13 power inline auto max 10000 power inline police power inline police action errdisable end I actually can’t do this on the IOS I am running there is no demonstration! Now, you may wish for the port to recover at some point and this can be altered at a global level within the errdisable parameters. First, enable errdisable recovery with errdisable recovery cause inline-power and then set your interval time in seconds with errdisable recovery interval <seconds>.
Verificationshow power inline show power inline consumption show power inline police show power inline priority show errdisable recovery
ResourcesIOS-XE 3.6E PoE Configuration Guide Cisco 1140 Config Guide
- Configure xyz ports to allow any 802.3at to device to be powered but police the rest of the ports to 802.3af standard.
- Configure policing to 802.3af standard on all ports but allow devices to exceed this and log the event.
- Configure xyz ports with 802.3af policing and set the port to shutdown if this is exceeded. Allow these ports to recover automatically.
- Do not allow 802.3at devices to be powered on Switch A.