Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide, Rel. 12.2(25)SEF1
Index
Downloads: This chapterpdf (PDF - 1.19MB) The complete bookPDF (PDF - 8.33MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

abbreviating commands 2-4

access-class command 26-17

access control entries

See ACEs

access-denied response, VMPS 10-25

access lists

See ACLs

accounting

with 802.1x 7-29

with IEEE 802.1x 7-9

with RADIUS 6-28

with TACACS+ 6-11, 6-17

ACEs

and QoS 27-7

defined 26-2

Ethernet 26-2

IP 26-2

ACLs

ACEs 26-2

any keyword 26-10

applying

time ranges to 26-15

to an interface 26-18

to QoS 27-7

classifying traffic for QoS 27-42

comments in 26-17

compiling 26-19

defined 26-1, 26-6

examples of 26-19, 27-42

extended IP

configuring for QoS classification 27-43

extended IPv4

creating 26-9

matching criteria 26-6

hardware and software handling 26-19

host keyword 26-11

IP

creating 26-6

fragments and QoS guidelines 27-32

implicit deny 26-8, 26-12, 26-14

implicit masks 26-8

matching criteria 26-6

undefined 26-18

IPv4

applying to interfaces 26-18

creating 26-6

matching criteria 26-6

named 26-13

numbers 26-7

terminal lines, setting on 26-17

unsupported features 26-5

MAC extended 26-21, 27-44

matching 26-6, 26-18

monitoring 26-30

named, IPv4 26-13

number per QoS class map 27-32

port 26-2

precedence of 26-2

QoS 27-7, 27-42

resequencing entries 26-13

standard IP, configuring for QoS classification 27-42

standard IPv4

creating 26-8

matching criteria 26-6

support for 1-6

support in hardware 26-19

time ranges 26-15

types supported 26-2

unsupported features, IPv4 26-5

VLAN maps

configuration guidelines 26-24

configuring 26-23

active links 16-1

address aliasing 18-2

addresses

displaying the MAC address table 5-26

dynamic

accelerated aging 13-8

changing the aging time 5-21

default aging 13-8

defined 5-19

learning 5-20

removing 5-22

MAC, discovering 5-26

static

adding and removing 5-24

defined 5-19

address resolution 5-26

Address Resolution Protocol

See ARP

advertisements

CDP 20-1

VTP 10-17, 11-3

aggregated ports

See EtherChannel

aggregate policers 27-57

aggregate policing 1-7

aging, accelerating 13-8

aging time

accelerated

for MSTP 14-23

for STP 13-8, 13-21

MAC address table 5-21

maximum

for MSTP 14-23, 14-24

for STP 13-21, 13-22

alarms, RMON 23-3

allowed-VLAN list 10-19

ARP

defined 1-3, 5-26

table

address resolution 5-26

managing 5-26

attributes, RADIUS

vendor-proprietary 6-31

vendor-specific 6-29

audience xxvii

authentication

local mode with AAA 6-36

NTP associations 5-4

RADIUS

key 6-21

login 6-23

TACACS+

defined 6-11

key 6-13

login 6-14

See also port-based authentication

authentication failed VLAN

See restricted VLAN

authoritative time source, described 5-2

authorization

with RADIUS 6-27

with TACACS+ 6-11, 6-16

authorized ports with IEEE 802.1x 7-7

autoconfiguration 3-3

automatic QoS

See QoS

auto-MDIX

configuring 8-16

described 8-16

autonegotiation

duplex mode 1-2

interface configuration guidelines 8-12

mismatches 29-7

autosensing, port speed 1-2

auxiliary VLAN

See voice VLAN

availability, features 1-4

B

BackboneFast

described 15-5

disabling 15-14

enabling 15-13

support for 1-4

backup interfaces

See Flex Links

backup links 16-1

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 19-6

booting

boot loader, function of 3-2

boot process 3-1

manually 3-15

specific image 3-16

boot loader

accessing 3-16

described 3-2

environment variables 3-16

prompt 3-16

trap-door mechanism 3-2

BPDU

error-disabled state 15-2

filtering 15-3

RSTP format 14-12

BPDU filtering

described 15-3

disabling 15-12

enabling 15-12

support for 1-5

BPDU guard

described 15-2

disabling 15-11

enabling 15-11

support for 1-5

bridge protocol data unit

See BPDU

broadcast storm-control command 19-4

broadcast storms 19-1

C

cables, monitoring for unidirectional links 21-1

CA trustpoint

configuring 6-45

defined 6-43

caution, described xxviii

CDP

and trusted boundary 27-38

configuring 20-2

default configuration 20-2

described 20-1

disabling for routing device20-3to 20-4

enabling and disabling

on an interface 20-4

on a switch 20-3

monitoring 20-4

overview 20-1

support for 1-4

transmission timer and holdtime, setting 20-2

updates 20-2

CGMP

as IGMP snooping learning method 18-8

joining multicast group 18-3

CipherSuites 6-44

Cisco 7960 IP Phone 12-1

Cisco Discovery Protocol

See CDP

Cisco Intelligence Engine 2100 Series Configuration Registrar

See IE2100

Cisco IOS File System

See IFS

CiscoWorks 2000 1-3, 25-4

CIST regional root

See MSTP

CIST root

See MSTP

class maps for QoS

configuring 27-45

described 27-7

displaying 27-77

class of service

See CoS

clearing interfaces 8-20

CLI

abbreviating commands 2-4

command modes 2-1

configuration logging 2-5

described 1-3

editing features

enabling and disabling 2-7

keystroke editing 2-7

wrapped lines 2-9

error messages 2-5

filtering command output 2-10

getting help 2-3

history

changing the buffer size 2-6

described 2-6

disabling 2-7

recalling commands 2-6

no and default forms of commands 2-4

client mode, VTP 11-3

clock

See system clock

clusters, switch

benefits 1-2

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-8

command-line interface

See CLI

command modes 2-1

commands

abbreviating 2-4

no and default 2-4

commands, setting privilege levels 6-8

community strings

configuring 25-8

overview 25-4

compatibility, feature 19-11

config.text 3-14

configurable leave timer, IGMP 18-5

configuration, initial

defaults 1-8

Express Setup 1-2

See also getting started guide and hardware installation guide

configuration files

clearing the startup configuration B-19

creating using a text editor B-10

default name 3-14

deleting a stored configuration B-19

described B-8

downloading

automatically 3-14

preparing B-11, B-13, B-16

reasons for B-9

using FTP B-13

using RCP B-17

using TFTP B-11

guidelines for creating and using B-9

invalid combinations when copying B-5

limiting TFTP server access 25-15

obtaining with DHCP 3-7

password recovery disable considerations 6-5

specifying the filename 3-14

system contact and location information 25-14

types and location B-10

uploading

preparing B-11, B-13, B-16

reasons for B-9

using FTP B-14

using RCP B-18

using TFTP B-12

configuration logging 2-5

configuration settings, saving 3-10

configure terminal command 8-6

config-vlan mode 2-2, 10-6

connections, secure remote 6-38

connectivity problems 29-9, 29-10, 29-12

consistency checks in VTP Version 2 11-4

console port, connecting to 2-10

conventions

command xxviii

for examples xxviii

publication xxviii

text xxviii

corrupted software, recovery steps with Xmodem 29-2

CoS

in Layer 2 frames 27-2

override priority 12-6

trust priority 12-6

CoS input queue threshold map for QoS 27-16

CoS output queue threshold map for QoS 27-19

CoS-to-DSCP map for QoS 27-59

counters, clearing interface 8-20

crashinfo file 29-18

critical authentication, IEEE 802.1x 7-33

cryptographic software image

Kerberos 6-32

SSH 6-37

SSL 6-42

D

daylight saving time 5-13

debugging

enabling all system diagnostics 29-15

enabling for a specific feature 29-15

redirecting error message output 29-16

using commands 29-14

default commands 2-4

default configuration

802.1x 7-19

auto-QoS 27-21

banners 5-17

booting 3-14

CDP 20-2

DHCP 17-6

DHCP option 82 17-7

DHCP snooping 17-7

DNS 5-16

EtherChannel 28-9

Ethernet interfaces 8-10

Flex Links 16-4

IGMP filtering 18-24

IGMP snooping 18-6

IGMP throttling 18-24

initial switch information 3-3

Layer 2 interfaces 8-10

MAC address table 5-21

MAC address-table move update 16-4

MSTP 14-14

MVR 18-19

NTP 5-4

optional spanning-tree configuration 15-9

password and privilege level 6-2

RADIUS 6-20

RMON 23-3

RSPAN 22-9

SNMP 25-6

SPAN 22-9

SSL 6-44

standard QoS 27-30

STP 13-11

system message logging 24-3

system name and prompt 5-15

TACACS+ 6-13

UDLD 21-4

VLAN, Layer 2 Ethernet interfaces 10-17

VLANs 10-7

VMPS 10-26

voice VLAN 12-3

VTP 11-6

default gateway 3-10

deleting VLANs 10-9

denial-of-service attack 19-1

description command 8-17

destination addresses, in IPv4 ACLs 26-10

destination-IP address-based forwarding, EtherChannel 28-7

destination-MAC address forwarding, EtherChannel 28-6

detecting indirect link failures, STP 15-5

device B-19

device discovery protocol 20-1

device manager

benefits 1-2

described 1-2, 1-3

in-band management 1-4

requirements xxviii

upgrading a switch B-19

DHCP

Cisco IOS server database

configuring 17-10

enabling

relay agent 17-8

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-6

relay device 3-6

server side 3-5

TFTP server 3-6

example 3-8

lease options

for IP address information 3-5

for receiving the configuration file 3-5

overview 3-3

relationship to BOOTP 3-3

relay support 1-3

support for 1-3

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption 17-5

configuration guidelines 17-7

default configuration 17-6

displaying 17-10

overview 17-3

packet format, suboption

circuit ID 17-5

remote ID 17-5

remote ID suboption 17-5

DHCP server 3-3

DHCP snooping

accepting untrusted packets form edge switch 17-3, 17-9

configuration guidelines 17-7

default configuration 17-6

displaying binding tables 17-10

message exchange process 17-4

option 82 data insertion 17-3

trusted interface 17-2

untrusted interface 17-2

untrusted messages 17-2

DHCP snooping binding database

default configuration 17-6

displaying 17-10

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS 27-2

Differentiated Services Code Point 27-2

directed unicast requests 1-3

directories

changing B-3

creating and removing B-4

displaying the working B-3

DNS

and DHCP-based autoconfiguration 3-6

default configuration 5-16

displaying the configuration 5-17

overview 5-15

setting up 5-16

support for 1-3

documentation, related xxviii

document conventions xxviii

domain names

DNS 5-15

VTP 11-8

Domain Name System

See DNS

downloading

configuration files

preparing B-11, B-13, B-16

reasons for B-9

using FTP B-13

using RCP B-17

using TFTP B-11

image files

deleting old image B-23

preparing B-21, B-25, B-29

reasons for B-19

using FTP B-26

using HTTP B-19

using RCP B-30

using TFTP B-22

using the device manager or Network Assistant B-19

DSCP 1-7, 27-2

DSCP input queue threshold map for QoS 27-16

DSCP output queue threshold map for QoS 27-19

DSCP-to-CoS map for QoS 27-62

DSCP-to-DSCP-mutation map for QoS 27-63

DSCP transparency 27-39

DTP 1-5, 10-15

dual-purpose uplinks

defined 8-4

setting the type 8-12

dynamic access ports

characteristics 10-3

configuring 10-27

defined 8-3

dynamic addresses

See addresses

dynamic auto trunking mode 10-16

dynamic desirable trunking mode 10-16

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 10-26

reconfirming 10-28

troubleshooting 10-30

types of connections 10-27

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling 2-7

keystrokes used 2-7

wrapped lines 2-9

EKEY error-disabled state 8-2

enable password 6-3

enable secret password 6-3

encryption, CipherSuite 6-44

encryption for passwords 6-3

environment variables, function of 3-17

error-disabled state

BPDU 15-2

EKEY 8-2

error messages during command entry 2-5

EtherChannel

automatic creation of 28-4, 28-5

channel groups

binding physical and logical interfaces 28-3

numbering of 28-3

configuration guidelines 28-9

default configuration 28-9

described 28-2

displaying status 28-17

forwarding methods 28-6, 28-12

IEEE 802.3ad, described 28-5

interaction

with STP 28-9

with VLANs 28-10

LACP

described 28-5

displaying status 28-17

hot-standby ports 28-14

interaction with other features 28-6

modes 28-5

port priority 28-16

system priority 28-15

load balancing 28-6, 28-12

PAgP

aggregate-port learners 28-13

compatibility with Catalyst 1900 28-13

described 28-4

displaying status 28-17

interaction with other features 28-5

learn method and priority configuration 28-13

modes 28-4

support for 1-2

port-channel interfaces

described 28-3

numbering of 28-3

port groups 8-4

support for 1-2

EtherChannel guard

described 15-7

disabling 15-14

enabling 15-14

Ethernet VLANs

adding 10-8

defaults and ranges 10-7

modifying 10-8

events, RMON 23-3

examples

conventions for xxviii

expedite queue for QoS 27-76

Express Setup 1-2

See also getting started guide

extended crashinfo file 29-18

extended-range VLANs

configuration guidelines 10-12

configuring 10-11

creating 10-12

defined 10-1

extended system ID

MSTP 14-17

STP 13-4, 13-14

Extensible Authentication Protocol over LAN 7-1

F

fa0 interface 1-3, 1-4

Fast Ethernet 0

See fa0 interface

features, incompatible 19-11

fiber-optic, detecting unidirectional links 21-1

files

basic crashinfo

description 29-18

location 29-18

copying B-4

crashinfo

description 29-18

deleting B-5

displaying the contents of B-8

extended crashinfo

description 29-18

location 29-18

tar

creating B-6

displaying the contents of B-6

extracting B-8

image file format B-20

file system

displaying available file systems B-2

displaying file information B-3

local file system names B-1

network file system names B-4

setting the default B-3

filtering

in a VLAN 26-23

non-IP traffic 26-21

show and more command output 2-10

filtering show and more command output 2-10

filters, IP

See ACLs, IP

flash device, number of B-1

Flex Links

configuration guidelines 16-4

configuring 16-5

default configuration 16-4

description 16-1

monitoring 16-8

flooded traffic, blocking 19-7

flow-based packet classification 1-7

flowcharts

QoS classification 27-6

QoS egress queueing and scheduling 27-17

QoS ingress queueing and scheduling 27-15

QoS policing and marking 27-10

flowcontrol

configuring 8-15

described 8-15

forward-delay time

MSTP 14-23

STP 13-21

FTP

accessing MIB files A-3

configuration files

downloading B-13

overview B-12

preparing the server B-13

uploading B-14

image files

deleting old image B-27

downloading B-26

preparing the server B-25

uploading B-27

G

get-bulk-request operation 25-3

get-next-request operation 25-3, 25-4

get-request operation 25-3, 25-4

get-response operation 25-3

global configuration mode 2-2

global leave, IGMP 18-12

guest VLAN and 802.1x 7-12

guide

audience xxvii

purpose of xxvii

GUIs

See device manager and Network Assistant

H

hello time

MSTP 14-22

STP 13-20

help, for the command line 2-3

hierarchical policy maps 27-8

configuration guidelines 27-32

configuring 27-51

described 27-10

history

changing the buffer size 2-6

described 2-6

disabling 2-7

recalling commands 2-6

history table, level and number of syslog messages 24-9

hosts, limit on dynamic ports 10-30

HP Onboard Administrator

DHCP server 3-3

error-disabled state 8-2

internal connection to 1-3

HP OpenView 1-3

HTTP over SSL

see HTTPS

HTTPS 6-42

configuring 6-46

self-signed certificate 6-43

HTTP secure server 6-42

I

ICMP

time-exceeded messages 29-12

traceroute and 29-12

ICMP ping

executing 29-9

overview 29-9

IDS appliances

and ingress RSPAN 22-20

and ingress SPAN 22-13

IEEE 802.1D

See STP

IEEE 802.1p 12-1

IEEE 802.1Q

and trunk ports 8-3

configuration limitations 10-16

encapsulation 10-14

native VLAN for untagged traffic 10-21

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3x flow control 8-15

ifIndex values, SNMP 25-5

IFS 1-4

IGMP

configurable leave timer

enabling 18-11

flooded multicast traffic

controlling the length of time 18-12

disabling on an interface 18-13

global leave 18-12

query solicitation 18-12

recovering from flood mode 18-12

joining multicast group 18-3

join messages 18-3

leave processing, enabling 18-10

leaving multicast group 18-5

queries 18-4

report suppression

described 18-6

disabling 18-15

supported versions 18-2

support for 1-2

IGMP filtering

configuring 18-24

default configuration 18-24

described 18-23

monitoring 18-28

support for 1-2

IGMP groups

configuring filtering 18-27

setting the maximum number 18-26

IGMP Immediate Leave

configuration guidelines 18-11

described 18-5

enabling 18-10

IGMP profile

applying 18-25

configuration mode 18-24

configuring 18-25

IGMP snooping

and address aliasing 18-2

configuring 18-6

default configuration 18-6

definition 18-1

enabling and disabling 18-7

global configuration 18-7

Immediate Leave 18-5

method 18-8

monitoring 18-15

querier

configuration guidelines 18-13

configuring 18-13

supported versions 18-2

support for 1-2

VLAN configuration 18-7

IGMP throttling

configuring 18-27

default configuration 18-24

described 18-24

displaying action 18-28

Immediate Leave, IGMP 18-5

inaccessible authentication bypass 7-14

initial configuration

defaults 1-8

Express Setup 1-2

See also getting started guide and hardware installation guide

interface

number 8-6

range macros 8-8

interface command 8-6

interface configuration mode 2-3

interfaces

auto-MDIX, configuring 8-16

configuration guidelines

duplex and speed 8-11

configuring

procedure 8-6

counters, clearing 8-20

default configuration 8-10

described 8-17

descriptive name, adding 8-17

displaying information about 8-19

flow control 8-15

management 1-3

monitoring 8-19

naming 8-17

physical, identifying 8-6

range of 8-7

restarting 8-20

shutting down 8-20

speed and duplex, configuring 8-14

status 8-19

supported 8-6

types of 8-1

interfaces range macro command 8-8

interface types 8-6

Inter-Switch Link

See ISL

Intrusion Detection System

See IDS appliances

IP ACLs

for QoS classification 27-7

implicit deny 26-8, 26-12

implicit masks 26-8

named 26-13

undefined 26-18

IP addresses

discovering 5-26

ip igmp profile command 18-24

IP information

assigned

manually 3-10

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP phones

and QoS 12-1

automatic classification and queueing 27-20

configuring 12-4

ensuring port security with QoS 27-37

trusted boundary for QoS 27-37

IP precedence 27-2

IP-precedence-to-DSCP map for QoS 27-60

IP traceroute

executing 29-13

overview 29-12

IPv4 ACLs

applying to interfaces 26-18

extended, creating 26-9

named 26-13

standard, creating 26-8

ISL

and trunk ports 8-3

encapsulation 1-5, 10-14

J

join messages, IGMP 18-3

K

KDC

described 6-32

See also Kerberos

Kerberos

authenticating to

boundary switch 6-34

KDC 6-34

network services 6-35

configuration examples 6-32

configuring 6-35

credentials 6-32

cryptographic software image 6-32

described 6-32

KDC 6-32

operation 6-34

realm 6-33

server 6-33

support for 1-6

switch as trusted third party 6-32

terms 6-33

TGT 6-34

tickets 6-32

key distribution center

See KDC

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 27-2

Layer 2 interfaces, default configuration 8-10

Layer 2 traceroute

and ARP 29-11

and CDP 29-11

broadcast traffic 29-10

described 29-10

IP addresses and subnets 29-11

MAC addresses and VLANs 29-11

multicast traffic 29-11

multiple devices on a port 29-11

unicast traffic 29-10

usage guidelines 29-11

Layer 2 trunk failover

described 28-17

Layer 3 packets, classification methods 27-2

LDAP 4-2

LEDs, switch

See hardware installation guide

lightweight directory access protocol

See LDAP

line configuration mode 2-3

Link Aggregation Control Protocol

See EtherChannel

Link Failure

detecting unidirectional 14-8

link redundancy

See Flex Links

links, unidirectional 21-1

local SPAN 22-2

login authentication

with RADIUS 6-23

with TACACS+ 6-14

login banners 5-17

log messages

See system message logging

loop guard

described 15-9

enabling 15-15

support for 1-5

M

MAC addresses

aging time 5-21

and VLAN association 5-20

building the address table 5-20

default configuration 5-21

discovering 5-26

displaying 5-26

dynamic

learning 5-20

removing 5-22

in ACLs 26-21

static

adding 5-24

allowing 5-25

characteristics of 5-24

dropping 5-25

removing 5-24

MAC address notification, support for 1-8

MAC address-table move update

configuration guidelines 16-4

configuring 16-6

default configuration 16-4

description 16-2

monitoring 16-8

MAC address-to-VLAN mapping 10-25

MAC extended access lists

applying to Layer 2 interfaces 26-22

configuring for QoS 27-44

creating 26-21

defined 26-21

for QoS classification 27-5

macros

See Smartports macros

magic packet 7-16

manageability features 1-3

management access

in-band

browser session 1-4

CLI session 1-4

device manager 1-4

SNMP 1-4

out-of-band console port connection 1-4

management options

CLI 2-1

CNS 4-1

overview 1-3

mapping tables for QoS

configuring

CoS-to-DSCP 27-59

DSCP 27-59

DSCP-to-CoS 27-62

DSCP-to-DSCP-mutation 27-63

IP-precedence-to-DSCP 27-60

policed-DSCP 27-61

described 27-12

marking

action in policy map 27-47

action with aggregate policers 27-57

described 27-4, 27-8

matching, IPv4 ACLs 26-6

maximum aging time

MSTP 14-23

STP 13-21

maximum hop count, MSTP 14-24

membership mode, VLAN port 10-3

messages, to users through banners 5-17

MIBs

accessing files with FTP A-3

location of files A-3

overview 25-1

SNMP interaction with 25-4

supported A-1

mirroring traffic for analysis 22-1

mismatches, autonegotiation 29-7

module number 8-6

monitoring

access groups 26-30

cables for unidirectional links 21-1

CDP 20-4

features 1-8

Flex Links 16-8

IGMP

filters 18-28

snooping 18-15

interfaces 8-19

IPv4 ACL configuration 26-30

MAC address-table move update 16-8

multicast router interfaces 18-16

MVR 18-23

network traffic for analysis with probe 22-2

port

blocking 19-16

protection 19-16

SFP status 8-19, 29-8

speed and duplex mode 8-14

traffic flowing among switches 23-1

traffic suppression 19-16

VLAN

filters 26-30

maps 26-30

VLANs 10-13

VMPS 10-29

VTP 11-16

MSTP

boundary ports

configuration guidelines 14-15

described 14-6

BPDU filtering

described 15-3

enabling 15-12

BPDU guard

described 15-2

enabling 15-11

CIST, described 14-3

CIST regional root 14-3

CIST root 14-5

configuration guidelines 14-15, 15-10

configuring

forward-delay time 14-23

hello time 14-22

link type for rapid convergence 14-24

maximum aging time 14-23

maximum hop count 14-24

MST region 14-16

neighbor type 14-25

path cost 14-20

port priority 14-19

root switch 14-17

secondary root switch 14-18

switch priority 14-21

CST

defined 14-3

operations between regions 14-4

default configuration 14-14

default optional feature configuration 15-9

displaying status 14-26

enabling the mode 14-16

EtherChannel guard

described 15-7

enabling 15-14

extended system ID

effects on root switch 14-17

effects on secondary root switch 14-18

unexpected behavior 14-17

IEEE 802.1s

implementation 14-6

port role naming change 14-7

terminology 14-5

instances supported 13-9

interface state, blocking to forwarding 15-2

interoperability and compatibility among modes 13-10

interoperability with IEEE 802.1D

described 14-8

restarting migration process 14-25

IST

defined 14-3

master 14-3

operations within a region 14-3

loop guard

described 15-9

enabling 15-15

mapping VLANs to MST instance 14-16

MST region

CIST 14-3

configuring 14-16

described 14-2

hop-count mechanism 14-5

IST 14-3

supported spanning-tree instances 14-2

optional features supported 1-5

overview 14-2

Port Fast

described 15-2

enabling 15-10

preventing root switch selection 15-8

root guard

described 15-8

enabling 15-15

root switch

configuring 14-17

effects of extended system ID 14-17

unexpected behavior 14-17

shutdown Port Fast-enabled port 15-2

status, displaying 14-26

multicast groups

Immediate Leave 18-5

joining 18-3

leaving 18-5

static joins 18-9

multicast router interfaces, monitoring 18-16

multicast router ports, adding 18-9

multicast storm 19-1

multicast storm-control command 19-4

multicast television application 18-18

multicast VLAN 18-17

Multicast VLAN Registration

See MVR

MVR

and address aliasing 18-20

and IGMPv3 18-20

configuration guidelines 18-20

configuring interfaces 18-21

default configuration 18-19

described 18-17

example application 18-18

modes 18-21

monitoring 18-23

multicast television application 18-18

setting global parameters 18-20

support for 1-2

N

NAC

critical authentication 7-14, 7-33

inaccessible authentication bypass 7-33

named IPv4 ACLs 26-13

NameSpace Mapper

See NSM

native VLAN

configuring 10-21

default 10-21

Network Assistant

benefits 1-2

described 1-3

network configuration examples

increasing network performance 1-10

providing network services 1-11

server aggregation and Linux server cluster 1-12

network design

performance 1-11

services 1-11

network management

CDP 20-1

RMON 23-1

SNMP 25-1

Network Time Protocol

See NTP

no commands 2-4

nonhierarchical policy maps

configuration guidelines 27-32

configuring 27-47

described 27-9

non-IP traffic filtering 26-21

nontrunking mode 10-16

normal-range VLANs 10-4

configuration guidelines 10-5

configuration modes 10-6

configuring 10-4

defined 10-1

note, described xxviii

NSM 4-3

NTP

associations

authenticating 5-4

defined 5-2

enabling broadcast messages 5-6

peer 5-5

server 5-5

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

support for 1-4

synchronizing devices 5-5

time

services 5-2

synchronizing 5-2

O

options, management 1-3

out-of-profile markdown 1-7

P

packet modification, with QoS 27-19

PAgP

See EtherChannel

passwords

default configuration 6-2

disabling recovery of 6-5

encrypting 6-3

for security 1-5

overview 6-1

recovery of 29-3

setting

enable 6-3

enable secret 6-3

Telnet 6-6

with usernames 6-6

VTP domain 11-8

path cost

MSTP 14-20

STP 13-18

performance, network design 1-10

performance features 1-2

persistent self-signed certificate 6-43

per-VLAN spanning-tree plus

See PVST+

physical ports 8-2

PIM-DVMRP, as snooping method 18-8

ping

character output description 29-10

executing 29-9

overview 29-9

policed-DSCP map for QoS 27-61

policers

configuring

for each matched traffic class 27-47

for more than one traffic class 27-57

described 27-4

displaying 27-77

number of 27-33

types of 27-9

policing

described 27-4

hierarchical

See hierarchical policy maps

token-bucket algorithm 27-9

policy maps for QoS

characteristics of 27-47

described 27-7

displaying 27-78

hierarchical 27-8

hierarchical on SVIs

configuration guidelines 27-32

configuring 27-51

described 27-10

nonhierarchical on physical ports

configuration guidelines 27-32

configuring 27-47

described 27-9

port ACLs

defined 26-2

types of 26-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 7-9

authentication server

defined 7-2

RADIUS server 7-2

client, defined 7-2

configuration guidelines 7-20

configuring

802.1x authentication 7-22

guest VLAN 7-30

host mode 7-25

inaccessible authentication bypass 7-33

manual re-authentication of a client 7-26

periodic re-authentication 7-25

quiet period 7-26

RADIUS server 7-24

RADIUS server parameters on the switch 7-23

restricted VLAN 7-31

switch-to-client frame-retransmission number 7-28, 7-29

switch-to-client retransmission time 7-27

default configuration 7-19

described 7-1

device roles 7-2

displaying statistics 7-39

EAPOL-start frame 7-5

EAP-request/identity frame 7-5

EAP-response/identity frame 7-5

encapsulation 7-3

guest VLAN

configuration guidelines 7-12, 7-13

described 7-12

host mode 7-8

inaccessible authentication bypass

configuring 7-33

described 7-14

guidelines 7-21

initiation and message exchange 7-5

magic packet 7-16

method lists 7-22

multiple-hosts mode, described 7-8

per-user ACLs

AAA authorization 7-22

configuration tasks 7-12

described 7-11

RADIUS server attributes 7-11

ports

authorization state and dot1x port-control command 7-7

authorized and unauthorized 7-7

critical 7-14

voice VLAN 7-15

port security

and voice VLAN 7-16

described 7-15

interactions 7-16

multiple-hosts mode 7-8

resetting to default values 7-38

statistics, displaying 7-39

switch

as proxy 7-3

RADIUS client 7-3

VLAN assignment

AAA authorization 7-22

characteristics 7-10

configuration tasks 7-11

described 7-10

voice VLAN

described 7-15

PVID 7-15

VVID 7-15

wake-on-LAN, described 7-16

port blocking 1-2, 19-6

port-channel

See EtherChannel

Port Fast

described 15-2

enabling 15-10

mode, spanning tree 10-26

support for 1-5

port membership modes, VLAN 10-3

port priority

MSTP 14-19

STP 13-16

ports

access 8-3

blocking 19-6

dual-purpose uplink 8-4

dynamic access 10-3

protected 19-5

static-access 10-3, 10-10

switch 8-2

trunks 10-3, 10-14

VLAN assignments 10-10

port security

aging 19-15

and QoS trusted boundary 27-37

configuring 19-11

default configuration 19-10

described 19-7

displaying 19-16

on trunk ports 19-12

sticky learning 19-8

violations 19-9

with other features 19-10

port-shutdown response, VMPS 10-25

preemption

default configuration 16-4

preemption delay

default configuration 16-4

preferential treatment of traffic

See QoS

preventing unauthorized access 6-1

primary links 16-2

priority

overriding CoS 12-6

trusting CoS 12-6

private VLAN edge ports

See protected ports

privileged EXEC mode 2-2

privilege levels

changing the default for lines 6-9

exiting 6-9

logging into 6-9

overview 6-2, 6-7

setting a command with 6-8

protected ports 1-5, 19-5

pruning, VTP

disabling

in VTP domain 11-14

on a port 10-21

enabling

in VTP domain 11-14

on a port 10-20

examples 11-5

overview 11-4

pruning-eligible list

changing 10-20

for VTP pruning 11-4

VLANs 11-14

PVST+

described 13-9

IEEE 802.1Q trunking interoperability 13-10

instances supported 13-9

Q

QoS

and MQC commands 27-1

auto-QoS

categorizing traffic 27-21

configuration and defaults display 27-29

configuration guidelines 27-25

described 27-20

disabling 27-26

displaying generated commands 27-26

displaying the initial configuration 27-29

effects on running configuration 27-25

egress queue defaults 27-21

enabling for VoIP 27-26

example configuration 27-27

ingress queue defaults 27-21

list of generated commands 27-22

basic model 27-4

classification

class maps, described 27-7

defined 27-4

DSCP transparency, described 27-39

flowchart 27-6

forwarding treatment 27-3

in frames and packets 27-3

IP ACLs, described 27-5, 27-7

MAC ACLs, described 27-5, 27-7

options for IP traffic 27-5

options for non-IP traffic 27-5

policy maps, described 27-7

trust DSCP, described 27-5

trusted CoS, described 27-5

trust IP precedence, described 27-5

class maps

configuring 27-45

displaying 27-77

configuration guidelines

auto-QoS 27-25

standard QoS 27-32

configuring

aggregate policers 27-57

auto-QoS 27-20

default port CoS value 27-37

DSCP maps 27-59

DSCP transparency 27-39

DSCP trust states bordering another domain 27-39

egress queue characteristics 27-69

ingress queue characteristics 27-65

IP extended ACLs 27-43

IP standard ACLs 27-42

MAC ACLs 27-44

policy maps, hierarchical 27-51

policy maps on physical ports 27-47

port trust states within the domain 27-35

trusted boundary 27-37

default auto configuration 27-21

default standard configuration 27-30

displaying statistics 27-77

DSCP transparency 27-39

egress queues

allocating buffer space 27-70

buffer allocation scheme, described 27-18

configuring shaped weights for SRR 27-74

configuring shared weights for SRR 27-75

described 27-4

displaying the threshold map 27-73

flowchart 27-17

mapping DSCP or CoS values 27-72

scheduling, described 27-4

setting WTD thresholds 27-70

WTD, described 27-19

enabling globally 27-34

flowcharts

classification 27-6

egress queueing and scheduling 27-17

ingress queueing and scheduling 27-15

policing and marking 27-10

implicit deny 27-7

ingress queues

allocating bandwidth 27-67

allocating buffer space 27-67

buffer and bandwidth allocation, described 27-16

configuring shared weights for SRR 27-67

configuring the priority queue 27-68

described 27-4

displaying the threshold map 27-66

flowchart 27-15

mapping DSCP or CoS values 27-66

priority queue, described 27-16

scheduling, described 27-4

setting WTD thresholds 27-66

WTD, described 27-16

IP phones

automatic classification and queueing 27-20

detection and trusted settings 27-20, 27-37

limiting bandwidth on egress interface 27-76

mapping tables

CoS-to-DSCP 27-59

displaying 27-77

DSCP-to-CoS 27-62

DSCP-to-DSCP-mutation 27-63

IP-precedence-to-DSCP 27-60

policed-DSCP 27-61

types of 27-12

marked-down actions 27-49, 27-54

marking, described 27-4, 27-8

overview 27-1

packet modification 27-19

policers

configuring 27-49, 27-54, 27-57

described 27-8

displaying 27-77

number of 27-33

types of 27-9

policies, attaching to an interface 27-8

policing

described 27-4, 27-8

token bucket algorithm 27-9

policy maps

characteristics of 27-47

displaying 27-78

hierarchical 27-8

hierarchical on SVIs 27-51

nonhierarchical on physical ports 27-47

QoS label, defined 27-4

queues

configuring egress characteristics 27-69

configuring ingress characteristics 27-65

high priority (expedite) 27-19, 27-76

location of 27-13

SRR, described 27-14

WTD, described 27-13

rewrites 27-19

support for 1-7

trust states

bordering another domain 27-39

described 27-5

trusted device 27-37

within the domain 27-35

quality of service

See QoS

queries, IGMP 18-4

query solicitation, IGMP 18-12

R

RADIUS

attributes

vendor-proprietary 6-31

vendor-specific 6-29

configuring

accounting 6-28

authentication 6-23

authorization 6-27

communication, global 6-21, 6-29

communication, per-server 6-20, 6-21

multiple UDP ports 6-21

default configuration 6-20

defining AAA server groups 6-25

displaying the configuration 6-31

identifying the server 6-20

limiting the services to the user 6-27

method list, defined 6-20

operation of 6-19

overview 6-18

suggested network environments 6-18

support for 1-6

tracking services accessed by user 6-28

range

macro 8-8

of interfaces 8-7

rapid convergence 14-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 13-9

IEEE 802.1Q trunking interoperability 13-10

instances supported 13-9

Rapid Spanning Tree Protocol

See RSTP

RCP

configuration files

downloading B-17

overview B-15

preparing the server B-16

uploading B-18

image files

deleting old image B-32

downloading B-30

preparing the server B-29

uploading B-32

reconfirmation interval, VMPS, changing 10-28

reconfirming dynamic VLAN membership 10-28

recovery procedures 29-1

redundancy

EtherChannel 28-2

STP

backbone 13-8

path cost 10-23

port priority 10-22

redundant links and UplinkFast 15-13

reloading software 3-18

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 22-2

report suppression, IGMP

described 18-6

disabling 18-15

requirements

device manager xxviii

resequencing ACL entries 26-13

resetting a UDLD-shutdown interface 21-6

restricted VLAN

configuring 7-31

described 7-13

using with IEEE 802.1x 7-13

restricting access

NTP services 5-8

overview 6-1

passwords and privilege levels 6-2

RADIUS 6-17

TACACS+ 6-10

retry count, VMPS, changing 10-29

RFC

1112, IP multicast and IGMP 18-2

1157, SNMPv1 25-2

1305, NTP 5-2

1757, RMON 23-2

1901, SNMPv2C 25-2

1902 to 1907, SNMPv2 25-2

2236, IP multicast and IGMP 18-2

2273-2275, SNMPv3 25-2

RMON

default configuration 23-3

displaying status 23-6

enabling alarms and events 23-3

groups supported 23-2

overview 23-1

statistics

collecting group Ethernet 23-5

collecting group history 23-5

support for 1-8

root guard

described 15-8

enabling 15-15

support for 1-5

root switch

MSTP 14-17

STP 13-14

RSPAN 22-2

characteristics 22-7

configuration guidelines 22-15

default configuration 22-9

destination ports 22-6

displaying status 22-23

interaction with other features 22-8

monitored ports 22-5

monitoring ports 22-6

overview 1-8, 22-1

received traffic 22-4

sessions

creating 22-16

defined 22-3

limiting source traffic to specific VLANs 22-22

specifying monitored ports 22-16

with ingress traffic enabled 22-20

source ports 22-5

transmitted traffic 22-5

VLAN-based 22-6

RSTP

active topology 14-9

BPDU

format 14-12

processing 14-13

designated port, defined 14-9

designated switch, defined 14-9

interoperability with IEEE 802.1D

described 14-8

restarting migration process 14-25

topology changes 14-13

overview 14-8

port roles

described 14-9

synchronized 14-11

proposal-agreement handshake process 14-10

rapid convergence

described 14-10

edge ports and Port Fast 14-10

point-to-point links 14-10, 14-24

root ports 14-10

root port, defined 14-9

See also MSTP

running configuration, saving 3-10

S

scheduled reloads 3-18

secure HTTP client

configuring 6-47

displaying 6-48

secure HTTP server

configuring 6-46

displaying 6-48

secure MAC addresses

deleting 19-14

maximum number of 19-9

types of 19-8

secure remote connections 6-38

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 19-7

security features 1-5

sequence numbers in log messages 24-7

server mode, VTP 11-3

service-provider network, MSTP and RSTP 14-1

set-request operation 25-4

severity levels, defining in system messages 24-8

SFPs

monitoring status of 8-19, 29-8

security and identification 29-8

status, displaying 29-8

shaped round robin

See SRR

show access-lists hw-summary command 26-19

show and more command output, filtering 2-10

show cdp traffic command 20-5

show configuration command 8-17

show forward command 29-16

show interfaces command 8-14, 8-17

show platform forward command 29-16

show running-config command

displaying ACLs 26-18, 26-25, 26-27

interface description in 8-17

shutdown command on interfaces 8-20

Simple Network Management Protocol

See SNMP

Smartports macros

applying Cisco-default macros 9-6

applying global parameter values 9-5, 9-6

applying macros 9-5

applying parameter values 9-5, 9-7

configuration guidelines 9-3

creating 9-4

default configuration 9-2

defined 9-1

displaying 9-8

tracing 9-3

website 9-2

SNAP 20-1

SNMP

accessing MIB variables with 25-4

agent

described 25-4

disabling 25-7

authentication level 25-10

community strings

configuring 25-8

overview 25-4

configuration examples 25-15

default configuration 25-6

engine ID 25-7

groups 25-6, 25-9

host 25-6

ifIndex values 25-5

in-band management 1-4

informs

and trap keyword 25-11

described 25-5

differences from traps 25-5

disabling 25-14

enabling 25-14

limiting access by TFTP servers 25-15

limiting system log messages to NMS 24-9

manager functions 1-3, 25-3

MIBs

location of A-3

supported A-1

notifications 25-5

overview 25-1, 25-4

security levels 25-3

status, displaying 25-16

system contact and location 25-14

trap manager, configuring 25-13

traps

described 25-3, 25-5

differences from informs 25-5

disabling 25-14

enabling 25-11

enabling MAC address notification 5-22

overview 25-1, 25-4

types of 25-11

users 25-6, 25-9

versions supported 25-2

SNMPv1 25-2

SNMPv2C 25-2

SNMPv3 25-2

snooping, IGMP 18-1

software images

location in flash B-20

recovery procedures 29-2

scheduling reloads 3-18

tar file format, described B-20

See also downloading and uploading

source addresses, in IPv4 ACLs 26-10

source-and-destination-IP address based forwarding, EtherChannel 28-7

source-and-destination MAC address forwarding, EtherChannel 28-6

source-IP address based forwarding, EtherChannel 28-7

source-MAC address forwarding, EtherChannel 28-6

SPAN

configuration guidelines 22-10

default configuration 22-9

destination ports 22-6

displaying status 22-23

interaction with other features 22-8

monitored ports 22-5

monitoring ports 22-6

overview 1-8, 22-1

ports, restrictions 19-11

received traffic 22-4

sessions

configuring ingress forwarding 22-14, 22-21

creating 22-10

defined 22-3

limiting source traffic to specific VLANs 22-14

removing destination (monitoring) ports 22-12

specifying monitored ports 22-10

with ingress traffic enabled 22-13

source ports 22-5

transmitted traffic 22-5

VLAN-based 22-6

spanning tree and native VLANs 10-17

Spanning Tree Protocol

See STP

SPAN traffic 22-4

SRR

configuring

shaped weights on egress queues 27-74

shared weights on egress queues 27-75

shared weights on ingress queues 27-67

described 27-14

shaped mode 27-14

shared mode 27-14

support for 1-7

SSH

configuring 6-39

cryptographic software image 6-37

described 1-4, 6-38

encryption methods 6-38

user authentication methods, supported 6-38

SSL

configuration guidelines 6-45

configuring a secure HTTP client 6-47

configuring a secure HTTP server 6-46

cryptographic software image 6-42

described 6-42

monitoring 6-48

standby links 16-2

startup configuration

booting

manually 3-15

specific image 3-16

clearing B-19

configuration file

automatically downloading 3-14

specifying the filename 3-14

default boot configuration 3-14

static access ports

assigning to VLAN 10-10

defined 8-3, 10-3

static addresses

See addresses

static MAC addressing 1-5

static VLAN membership 10-2

statistics

802.1x 7-39

CDP 20-4

interface 8-19

QoS ingress and egress 27-77

RMON group Ethernet 23-5

RMON group history 23-5

SNMP input and output 25-16

VTP 11-16

sticky learning 19-8

storm control

configuring 19-3

described 19-1

disabling 19-5

displaying 19-16

support for 1-2

thresholds 19-1

STP

accelerating root port selection 15-4

BackboneFast

described 15-5

disabling 15-14

enabling 15-13

BPDU filtering

described 15-3

disabling 15-12

enabling 15-12

BPDU guard

described 15-2

disabling 15-11

enabling 15-11

BPDU message exchange 13-3

configuration guidelines 13-12, 15-10

configuring

forward-delay time 13-21

hello time 13-20

maximum aging time 13-21

path cost 13-18

port priority 13-16

root switch 13-14

secondary root switch 13-16

spanning-tree mode 13-13

switch priority 13-19

transmit hold-count 13-22

counters, clearing 13-22

default configuration 13-11

default optional feature configuration 15-9

designated port, defined 13-3

designated switch, defined 13-3

detecting indirect link failures 15-5

disabling 13-14

displaying status 13-22

EtherChannel guard

described 15-7

disabling 15-14

enabling 15-14

extended system ID

effects on root switch 13-14

effects on the secondary root switch 13-16

overview 13-4

unexpected behavior 13-14

features supported 1-4

IEEE 802.1D and bridge ID 13-4

IEEE 802.1D and multicast addresses 13-8

IEEE 802.1t and VLAN identifier 13-4

inferior BPDU 13-3

instances supported 13-9

interface state, blocking to forwarding 15-2

interface states

blocking 13-6

disabled 13-7

forwarding 13-5, 13-6

learning 13-6

listening 13-6

overview 13-4

interoperability and compatibility among modes 13-10

limitations with IEEE 802.1Q trunks 13-10

load sharing

overview 10-21

using path costs 10-23

using port priorities 10-22

loop guard

described 15-9

enabling 15-15

modes supported 13-9

multicast addresses, effect of 13-8

optional features supported 1-5

overview 13-2

path costs 10-23, 10-24

Port Fast

described 15-2

enabling 15-10

port priorities 10-22

preventing root switch selection 15-8

protocols supported 13-9

redundant connectivity 13-8

root guard

described 15-8

enabling 15-15

root port, defined 13-3

root switch

configuring 13-14

effects of extended system ID 13-4, 13-14

election 13-3

unexpected behavior 13-14

shutdown Port Fast-enabled port 15-2

status, displaying 13-22

superior BPDU 13-3

timers, described 13-20

UplinkFast

described 15-3

enabling 15-13

stratum, NTP 5-2

success response, VMPS 10-25

summer time 5-13

SunNet Manager 1-3

switch console port 1-4

Switched Port Analyzer

See SPAN

switched ports 8-2

switchport block multicast command 19-7

switchport block unicast command 19-7

switchport protected command 19-6

switch priority

MSTP 14-21

STP 13-19

switch software features 1-1

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-1

See also NTP

system message logging

default configuration 24-3

defining error message severity levels 24-8

disabling 24-3

displaying the configuration 24-12

enabling 24-4

facility keywords, described 24-11

level keywords, described 24-9

limiting messages 24-9

message format 24-2

overview 24-1

sequence numbers, enabling and disabling 24-7

setting the display destination device 24-4

synchronizing log messages 24-5

syslog facility 1-8

time stamps, enabling and disabling 24-7

UNIX syslog servers

configuring the daemon 24-10

configuring the logging facility 24-11

facilities supported 24-11

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-14, 5-15

T

TACACS+

accounting, defined 6-11

authentication, defined 6-11

authorization, defined 6-11

configuring

accounting 6-17

authentication key 6-13

authorization 6-16

login authentication 6-14

default configuration 6-13

displaying the configuration 6-17

identifying the server 6-13

limiting the services to the user 6-16

operation of 6-12

overview 6-10

support for 1-6

tracking services accessed by user 6-17

tar files

creating B-6

displaying the contents of B-6

extracting B-8

image file format B-20

TDR 1-8

Telnet

accessing management interfaces 2-10

number of connections 1-4

setting a password 6-6

temporary self-signed certificate 6-43

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 6-6

TFTP

configuration files

downloading B-11

preparing the server B-11

uploading B-12

configuration files in base directory 3-6

configuring for autoconfiguration 3-6

image files

deleting B-23

downloading B-22

preparing the server B-21

uploading B-24

limiting access by servers 25-15

TFTP server 1-3

threshold, traffic level 19-2

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 26-15

time ranges in ACLs 26-15

time stamps in log messages 24-7

time zones 5-12

Token Ring VLANs

support for 10-5

VTP support 11-4

ToS 1-7

traceroute, Layer 2

and ARP 29-11

and CDP 29-11

broadcast traffic 29-10

described 29-10

IP addresses and subnets 29-11

MAC addresses and VLANs 29-11

multicast traffic 29-11

multiple devices on a port 29-11

unicast traffic 29-10

usage guidelines 29-11

traceroute command 29-13

See also IP traceroute

traffic

blocking flooded 19-7

fragmented 26-4

unfragmented 26-4

traffic policing 1-7

traffic suppression 19-1

transmit hold-count

see STP

transparent mode, VTP 11-3, 11-12

trap-door mechanism 3-2

traps

configuring MAC address notification 5-22

configuring managers 25-11

defined 25-3

enabling 5-22, 25-11

notification types 25-11

overview 25-1, 25-4

troubleshooting

connectivity problems 29-9, 29-10, 29-12

detecting unidirectional links 21-1

displaying crash information 29-18

setting packet forwarding 29-16

SFP security and identification 29-8

show forward command 29-16

with CiscoWorks 25-4

with debug commands 29-14

with ping 29-9

with system message logging 24-1

with traceroute 29-12

trunking encapsulation 1-5

trunk ports

configuring 10-18

defined 8-3, 10-3

encapsulation 10-18, 10-23, 10-24

trunks

allowed-VLAN list 10-19

configuring 10-18, 10-23, 10-24

ISL 10-14

load sharing

setting STP path costs 10-23

using STP port priorities 10-22

native VLAN for untagged traffic 10-21

parallel 10-23

pruning-eligible list 10-20

to non-DTP device 10-15

trusted boundary for QoS 27-37

trusted port states

between QoS domains 27-39

classification options 27-5

ensuring port security for IP phones 27-37

support for 1-7

within a QoS domain 27-35

trustpoints, CA 6-42

twisted-pair Ethernet, detecting unidirectional links 21-1

type of service

See ToS

U

UDLD

configuration guidelines 21-4

default configuration 21-4

disabling

globally 21-5

on fiber-optic interfaces 21-5

per interface 21-5

echoing detection mechanism 21-2

enabling

globally 21-5

per interface 21-5

link-detection mechanism 21-1

neighbor database 21-2

overview 21-1

resetting an interface 21-6

status, displaying 21-6

support for 1-4

unauthorized ports with IEEE 802.1x 7-7

unicast MAC address filtering 1-3

and adding static addresses 5-25

and broadcast MAC addresses 5-25

and CPU packets 5-25

and multicast addresses 5-25

and router MAC addresses 5-25

configuration guidelines 5-25

described 5-25

unicast storm 19-1

unicast storm control command 19-4

unicast traffic, blocking 19-7

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 24-10

facilities supported 24-11

message logging configuration 24-11

unrecognized Type-Length-Value (TLV) support 11-4

upgrading information

See release notes

upgrading software images

See downloading

UplinkFast

described 15-3

disabling 15-13

enabling 15-13

support for 1-4

uploading

configuration files

preparing B-11, B-13, B-16

reasons for B-9

using FTP B-14

using RCP B-18

using TFTP B-12

image files

preparing B-21, B-25, B-29

reasons for B-19

using FTP B-27

using RCP B-32

using TFTP B-24

user EXEC mode 2-2

username-based authentication 6-6

V

version-dependent transparent mode 11-4

vlan.dat file 10-4

VLAN 1, disabling on a trunk port 10-19

VLAN 1 minimization 10-19

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 10-25

VLAN configuration

at bootup 10-7

saving 10-7

VLAN configuration mode 2-2, 10-6

VLAN database

and startup configuration file 10-7

and VTP 11-1

VLAN configuration saved in 10-6

VLANs saved in 10-4

vlan database command 10-6

VLAN filtering and SPAN 22-6

vlan global configuration command 10-6

VLAN ID, discovering 5-26

VLAN management domain 11-2

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 26-24

VLAN maps

applying 26-27

common uses for 26-28

configuration guidelines 26-24

configuring 26-23

creating 26-25

defined 26-2, 26-4

denying access to a server example 26-29

denying and permitting packets 26-25

displaying 26-30

examples of ACLs and VLAN maps 26-25

removing 26-27

support for 1-6

wiring closet configuration example 26-28

VLAN membership

confirming 10-28

modes 10-3

VLAN Query Protocol

See VQP

VLANs

adding 10-8

adding to VLAN database 10-8

aging dynamic addresses 13-9

allowed on trunk 10-19

and spanning-tree instances 10-2, 10-6, 10-12

configuration guidelines, extended-range VLANs 10-12

configuration guidelines, normal-range VLANs 10-5

configuration options 10-6

configuring 10-1

configuring IDs 1006 to 4094 10-12

creating in config-vlan mode 10-8

creating in VLAN configuration mode 10-9

default configuration 10-7

deleting 10-9

described 8-2, 10-1

displaying 10-13

extended-range 10-1, 10-11

features 1-5

illustrated 10-2

limiting source traffic with RSPAN 22-22

limiting source traffic with SPAN 22-14

modifying 10-8

multicast 18-17

native, configuring 10-21

normal-range 10-1, 10-4

number supported 1-5

parameters 10-4

port membership modes 10-3

static-access ports 10-10

STP and IEEE 802.1Q trunks 13-10

supported 10-2

Token Ring 10-5

traffic between 10-2

VTP modes 11-3

VLAN Trunking Protocol

See VTP

VLAN trunks 10-14

VMPS

administering 10-29

configuration example 10-30

configuration guidelines 10-26

default configuration 10-26

description 10-25

dynamic port membership

described 10-26

reconfirming 10-28

troubleshooting 10-30

mapping MAC addresses to VLANs 10-25

monitoring 10-29

reconfirmation interval, changing 10-28

reconfirming membership 10-28

retry count, changing 10-29

voice-over-IP 12-1

voice VLAN

Cisco 7960 phone, port connections 12-1

configuration guidelines 12-3

configuring IP phones for data traffic

override CoS of incoming frame 12-6

trust CoS priority of incoming frame 12-6

configuring ports for voice traffic in

802.1p priority tagged frames 12-5

802.1Q frames 12-4

connecting to an IP phone 12-4

default configuration 12-3

described 12-1

displaying 12-6

IP phone data traffic, described 12-2

IP phone voice traffic, described 12-2

VQP 1-5, 10-25

VTP

adding a client to a domain 11-14

advertisements 10-17, 11-3

and extended-range VLANs 11-1

and normal-range VLANs 11-1

client mode, configuring 11-11

configuration

global configuration mode 11-7

guidelines 11-8

privileged EXEC mode 11-7

requirements 11-9

saving 11-7

VLAN configuration mode 11-7

configuration mode options 11-7

configuration requirements 11-9

configuration revision number

guideline 11-14

resetting 11-15

configuring

client mode 11-11

server mode 11-9

transparent mode 11-12

consistency checks 11-4

default configuration 11-6

described 11-1

disabling 11-12

domain names 11-8

domains 11-2

modes

client 11-3, 11-11

server 11-3, 11-9

transitions 11-3

transparent 11-3, 11-12

monitoring 11-16

passwords 11-8

pruning

disabling 11-14

enabling 11-14

examples 11-5

overview 11-4

support for 1-5

pruning-eligible list, changing 10-20

server mode, configuring 11-9

statistics 11-16

support for 1-5

Token Ring support 11-4

transparent mode, configuring 11-12

using 11-1

version, guidelines 11-8

Version 1 11-4

Version 2

configuration guidelines 11-8

disabling 11-13

enabling 11-13

overview 11-4

W

weighted tail drop

See WTD

WTD

described 27-13

setting thresholds

egress queue-sets 27-70

ingress queues 27-66

support for 1-7

X

Xmodem protocol 29-2