Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
Numerics
10-Gigabit Ethernet interfaces
defined 9-6
A
AAA down policy, NAC Layer 2 IP validation 1-9
abbreviating commands 2-4
access-class command 31-19
access control entries
See ACEs
access control entry (ACE) 37-2
access-denied response, VMPS 11-28
access groups
applying IPv4 ACLs to interfaces 31-20
Layer 2 31-20
Layer 3 31-20
access lists
See ACLs
access ports
and Layer 2 protocol tunneling 15-11
defined 9-3
access template 6-1
accounting
with 802.1x 8-37
with IEEE 802.1x 8-8
with RADIUS 7-28
with TACACS+ 7-11, 7-17
ACEs
and QoS 32-7
defined 31-2
Ethernet 31-2
IP 31-2
ACLs
ACEs 31-2
any keyword 31-12
applying
on routed packets 31-38
on switched packets 31-37
time ranges to 31-16
to an interface 31-19, 37-6
to IPv6 interfaces 37-6
to QoS 32-7
classifying traffic for QoS 32-43
comments in 31-18
compiling 31-21
defined 31-1, 31-7
examples of 31-21, 32-43
extended IP, configuring for QoS classification 32-44
extended IPv4
creating 31-10
matching criteria 31-7
hardware and software handling 31-21
host keyword 31-12
IP
creating 31-7
fragments and QoS guidelines 32-33
implicit deny 31-9, 31-13, 31-15
implicit masks 31-9
matching criteria 31-7
undefined 31-20
IPv4
applying to interfaces 31-19
creating 31-7
matching criteria 31-7
named 31-14
numbers 31-8
terminal lines, setting on 31-18
unsupported features 31-6
IPv6
applying to interfaces 37-6
configuring 37-3, 37-4
displaying 37-7
interactions with other features 37-3
limitations 37-2
matching criteria 37-2
named 37-2
supported 37-2
unsupported features 37-2
Layer 4 information in 31-37
logging messages 31-8
MAC extended 31-26, 32-45
matching 31-7, 31-20, 37-2
monitoring 31-38, 37-7
named, IPv4 31-14
named, IPv6 37-2
names 37-3
number per QoS class map 32-33
port 31-2, 37-1
precedence of 31-2
QoS 32-7, 32-43
resequencing entries 31-14
router 31-2, 37-1
router ACLs and VLAN map configuration guidelines 31-36
standard IP, configuring for QoS classification 32-43
standard IPv4
creating 31-9
matching criteria 31-7
support for 1-8
support in hardware 31-21
time ranges 31-16
types supported 31-2
unsupported features, IPv4 31-6
unsupported features, IPv6 37-2
using router ACLs with VLAN maps 31-36
VLAN maps
configuration guidelines 31-29
configuring 31-28
active links 19-2
active router 38-1
active traffic monitoring, IP SLAs 39-1
address aliasing 22-2
addresses
displaying the MAC address table 5-27
dynamic
accelerated aging 16-8
changing the aging time 5-21
default aging 16-8
defined 5-19
learning 5-20
removing 5-22
IPv6 35-2
MAC, discovering 5-28
static
adding and removing 5-24
defined 5-19
address resolution 5-28, 34-7
Address Resolution Protocol
See ARP
adjacency tables, with CEF 34-28
administrative distances
defined 34-35
routing protocol defaults 34-30
advertisements
CDP 24-1
LLDP 25-2
RIP 34-17
VTP 11-19, 12-3
aggregatable global unicast addresses 35-3
aggregated ports
See EtherChannel
aggregate policers 32-58
aggregate policing 1-10
aging, accelerating 16-8
aging time
accelerated
for MSTP 17-23
for STP 16-8, 16-21
MAC address table 5-21
maximum
for MSTP 17-23, 17-24
for STP 16-21, 16-22
alarms, RMON 28-3
allowed-VLAN list 11-21
ARP
configuring 34-8
defined 1-4, 5-28, 34-7
encapsulation 34-9
static cache configuration 34-8
table
address resolution 5-28
managing 5-28
asymmetrical links, and IEEE 802.1Q tunneling 15-4
attributes, RADIUS
vendor-proprietary 7-31
vendor-specific 7-29
audience xxxv
authentication
HSRP 38-10
local mode with AAA 7-36
NTP associations 5-4
RADIUS
key 7-21
login 7-23
TACACS+
defined 7-11
key 7-13
login 7-14
See also port-based authentication
authentication failed VLAN
See restricted VLAN
authentication keys, and routing protocols 34-36
authoritative time source, described 5-2
authorization
with RADIUS 7-27
with TACACS+ 7-11, 7-16
authorized ports with IEEE 802.1x 8-7
autoconfiguration 3-3
automatic QoS
See QoS
auto-MDIX
configuring 9-19
described 9-19
autonegotiation
duplex mode 1-2
interface configuration guidelines 9-16
mismatches 40-7
autosensing, port speed 1-2
autostate exclude 9-5
auxiliary VLAN
See voice VLAN
availability, features 1-5
B
BackboneFast
described 18-5
disabling 18-14
enabling 18-13
support for 1-5
backup interfaces
See Flex Links
backup links 19-2
banners
configuring
login 5-19
message-of-the-day login 5-18
default configuration 5-17
when displayed 5-17
Berkeley r-tools replacement 7-48
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 20-6
DHCP snooping database 20-6
IP source guard 20-15
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 23-8
Boolean expressions in tracked lists 38-14
booting
boot loader, function of 3-2
boot process 3-1
manually 3-19
specific image 3-19
boot loader
accessing 3-20
described 3-2
environment variables 3-20
prompt 3-20
trap-door mechanism 3-2
BPDU
error-disabled state 18-2
filtering 18-3
RSTP format 17-12
BPDU filtering
described 18-3
disabling 18-12
enabling 18-12
support for 1-5
BPDU guard
described 18-2
disabling 18-12
enabling 18-11
support for 1-5
bridge protocol data unit
See BPDU
broadcast flooding 34-15
broadcast packets
directed 34-12
flooded 34-12
broadcast storm-control command 23-4
broadcast storms 23-1, 34-12
C
cables, monitoring for unidirectional links 26-1
CA trustpoint
configuring 7-44
defined 7-42
caution, described xxxvi
CDP
and trusted boundary 32-39
configuring 24-2
default configuration 24-2
defined with LLDP 25-1
described 24-1
disabling for routing device24-3to 24-4
enabling and disabling
on an interface 24-4
on a switch 24-3
Layer 2 protocol tunneling 15-8
monitoring 24-5
overview 24-1
support for 1-4
transmission timer and holdtime, setting 24-2
updates 24-2
CEF
defined 34-28
enabling 34-29
CGMP
as IGMP snooping learning method 22-9
joining multicast group 22-3
switch support of 1-2
CipherSuites 7-43
Cisco 7960 IP Phone 13-1
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
See IFS
Cisco IOS IP SLAs 39-1
CiscoWorks 2000 1-3, 30-4
CIST regional root
See MSTP
CIST root
See MSTP
civic location 25-3
classless routing 34-6
class maps for QoS
configuring 32-46
described 32-7
displaying 32-78
class of service
See CoS
clearing interfaces 9-25
CLI
abbreviating commands 2-4
command modes 2-1
configuration logging 2-5
described 1-3
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-9
error messages 2-5
filtering command output 2-10
getting help 2-3
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
no and default forms of commands 2-4
client mode, VTP 12-3
client processes, tracking 38-12
clock
See system clock
clusters, switch
benefits 1-2
CNS
Configuration Engine
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-8
management functions 1-3
command-line interface
See CLI
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
commands, setting privilege levels 7-8
community ports 14-2
community strings
configuring 30-8
overview 30-4
community VLANs 14-2, 14-3
compatibility, feature 23-12
config.text 3-18
configurable leave timer, IGMP 22-6
configuration, initial
defaults 1-11
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration changes, logging 29-10
configuration files
archiving B-20
clearing the startup configuration B-19
creating using a text editor B-10
default name 3-18
deleting a stored configuration B-19
described B-9
downloading
automatically 3-18
preparing B-11, B-13, B-17
reasons for B-9
using FTP B-14
using RCP B-17
using TFTP B-12
guidelines for creating and using B-10
guidelines for replacing and rolling back B-21
invalid combinations when copying B-5
limiting TFTP server access 30-15
obtaining with DHCP 3-8
password recovery disable considerations 7-5
replacing a running configuration B-20
rolling back a running configuration B-20, B-21
specifying the filename 3-18
system contact and location information 30-15
types and location B-10
uploading
preparing B-11, B-13, B-17
reasons for B-9
using FTP B-15
using RCP B-18
using TFTP B-12
configuration logger 29-10
configuration logging 2-5
configuration replacement B-20
configuration rollback B-20
configuration settings, saving 3-15
configure terminal command 9-8
configuring port-based authentication violation modes8-29to 8-30
configuring small-frame arrival rate 23-5
config-vlan mode 2-2, 11-7
connections, secure remote 7-37
connectivity problems 40-10, 40-11, 40-13
consistency checks in VTP Version 2 12-4
console port, connecting to 2-10
control protocol, IP SLAs 39-3
conventions
command xxxv
for examples xxxvi
publication xxxv
text xxxv
corrupted software, recovery steps with Xmodem 40-2
CoS
in Layer 2 frames 32-2
override priority 13-6
trust priority 13-6
CoS input queue threshold map for QoS 32-16
CoS output queue threshold map for QoS 32-19
CoS-to-DSCP map for QoS 32-60
counters, clearing interface 9-25
crashinfo file 40-19
critical authentication, IEEE 802.1x 8-40
cross-stack EtherChannel
configuring
on Layer 2 interfaces 33-11
on Layer 3 physical interfaces 33-13
cryptographic software image
Kerberos 7-32
SSH 7-37
SSL 7-41
D
daylight saving time 5-13
debugging
enabling all system diagnostics 40-16
enabling for a specific feature 40-16
redirecting error message output 40-17
using commands 40-15
default commands 2-4
default configuration
802.1x 8-23
auto-QoS 32-21
banners 5-17
booting 3-18
CDP 24-2
DHCP 20-8
DHCP option 82 20-8
DHCP snooping 20-8
DHCP snooping binding database 20-8
DNS 5-16
dynamic ARP inspection 21-5
EtherChannel 33-10
Ethernet interfaces 9-13
Flex Links 19-5
HSRP 38-5
IEEE 802.1Q tunneling 15-4
IGMP filtering 22-25
IGMP snooping 22-7, 36-5, 36-6
IGMP throttling 22-25
initial switch information 3-3
IP addressing, IP routing 34-4
IP SLAs 39-5
IP source guard 20-16
IPv6 35-7
Layer 2 interfaces 9-13
Layer 2 protocol tunneling 15-11
LLDP 25-3
MAC address table 5-21
MAC address-table move update 19-5
MSTP 17-14
MVR 22-20
NTP 5-4
optional spanning-tree configuration 18-9
password and privilege level 7-2
private VLANs 14-6
RADIUS 7-20
RIP 34-18
RMON 28-3
RSPAN 27-9
SDM template 6-3
SNMP 30-6
SPAN 27-9
SSL 7-44
standard QoS 32-31
STP 16-11
system message logging 29-3
system name and prompt 5-15
TACACS+ 7-13
UDLD 26-4
VLAN, Layer 2 Ethernet interfaces 11-19
VLANs 11-8
VMPS 11-29
voice VLAN 13-3
VTP 12-6
default gateway 3-14, 34-10
default networks 34-31
default router preference
See DRP
default routes 34-31
default routing 34-2
deleting VLANs 11-10
denial-of-service attack 23-1
description command 9-20
destination addresses
in IPv6 ACLs 37-4
destination addresses, in IPv4 ACLs 31-11
destination-IP address-based forwarding, EtherChannel 33-8
destination-MAC address forwarding, EtherChannel 33-7
detecting indirect link failures, STP 18-5
device B-23
device discovery protocol 24-1, 25-1
device manager
benefits 1-2
described 1-2, 1-3
in-band management 1-4
requirements xxxvi
upgrading a switch B-23
DHCP
Cisco IOS server database
configuring 20-13
default configuration 20-8
described 20-6
enabling
relay agent 20-10
server 20-10
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-7
relay device 3-7
server side 3-6
server-side 20-10
TFTP server 3-7
example 3-9
lease options
for IP address information 3-6
for receiving the configuration file 3-6
overview 3-3
relationship to BOOTP 3-3
relay support 1-4, 1-10
support for 1-4
DHCP-based autoconfiguration and image update
configuring3-11to 3-13
understanding3-4to 3-5
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 20-5
configuration guidelines 20-8
default configuration 20-8
displaying 20-15
forwarding address, specifying 20-10
helper address 20-10
overview 20-3
packet format, suboption
circuit ID 20-5
remote ID 20-5
remote ID suboption 20-5
DHCP server 3-3
DHCP server port-based address allocation
configuration guidelines 20-19
default configuration 20-19
described 20-19
displaying 20-22
enabling 20-20
DHCP snooping
accepting untrusted packets form edge switch 20-3, 20-12
and private VLANs 20-13
binding database
See DHCP snooping binding database
configuration guidelines 20-8
default configuration 20-8
displaying binding tables 20-15
message exchange process 20-4
option 82 data insertion 20-3
trusted interface 20-2
untrusted interface 20-2
untrusted messages 20-2
DHCP snooping binding database
adding bindings 20-14
binding entries, displaying 20-15
binding file
format 20-7
location 20-6
bindings 20-6
clearing agent statistics 20-14
configuration guidelines 20-9
configuring 20-14
default configuration 20-8
deleting
binding file 20-14
bindings 20-14
database agent 20-14
described 20-6
displaying 20-15
binding entries 20-15
status and statistics 20-15
enabling 20-14
entry 20-6
renewing database 20-14
resetting
delay value 20-14
timeout value 20-14
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 32-2
Differentiated Services Code Point 32-2
directed unicast requests 1-4
directories
changing B-3
creating and removing B-4
displaying the working B-3
distance-vector protocols 34-2
distribute-list command 34-34
DNS
and DHCP-based autoconfiguration 3-7
default configuration 5-16
displaying the configuration 5-17
in IPv6 35-3
overview 5-15
setting up 5-16
support for 1-4
documentation, related xxxvi
document conventions xxxv
domain names
DNS 5-15
VTP 12-8
Domain Name System
See DNS
dot1q-tunnel switchport mode 11-18
double-tagged packets
IEEE 802.1Q tunneling 15-2
Layer 2 protocol tunneling 15-10
downloading
configuration files
preparing B-11, B-13, B-17
reasons for B-9
using FTP B-14
using RCP B-17
using TFTP B-12
image files
deleting old image B-27
preparing B-26, B-29, B-33
reasons for B-24
using FTP B-30
using HTTP B-23
using RCP B-34
using TFTP B-26
using the device manager or Network Assistant B-23
drop threshold for Layer 2 protocol packets 15-11
DRP
configuring 35-8
described 35-4
IPv6 35-4
DSCP 1-9, 32-2
DSCP input queue threshold map for QoS 32-16
DSCP output queue threshold map for QoS 32-19
DSCP-to-CoS map for QoS 32-63
DSCP-to-DSCP-mutation map for QoS 32-64
DSCP transparency 32-40
DTP 1-7, 11-17
dual-action detection 33-5
dual IPv4 and IPv6 templates 6-2, 35-5
dual protocol stacks
IPv4 and IPv6 35-5
SDM templates supporting 35-5
dual-purpose uplinks
defined 9-6
setting the type 9-14
dynamic access ports
characteristics 11-3
configuring 11-30
defined 9-3
dynamic addresses
See addresses
dynamic ARP inspection
ARP cache poisoning 21-1
ARP requests, described 21-1
ARP spoofing attack 21-1
clearing
log buffer 21-15
statistics 21-15
configuration guidelines 21-6
configuring
ACLs for non-DHCP environments 21-8
in DHCP environments 21-7
log buffer 21-13
rate limit for incoming ARP packets 21-4, 21-10
default configuration 21-5
denial-of-service attacks, preventing 21-10
described 21-1
DHCP snooping binding database 21-2
displaying
ARP ACLs 21-14
configuration and operating state 21-14
log buffer 21-15
statistics 21-15
trust state and rate limit 21-14
error-disabled state for exceeding rate limit 21-4
function of 21-2
interface trust states 21-3
log buffer
clearing 21-15
configuring 21-13
displaying 21-15
logging of dropped packets, described 21-4
man-in-the middle attack, described 21-2
network security issues and interface trust states 21-3
priority of ARP ACLs and DHCP snooping entries 21-4
rate limiting of ARP packets
configuring 21-10
described 21-4
error-disabled state 21-4
statistics
clearing 21-15
displaying 21-15
validation checks, performing 21-12
dynamic auto trunking mode 11-18
dynamic desirable trunking mode 11-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 11-28
reconfirming 11-31
troubleshooting 11-32
types of connections 11-30
dynamic routing 34-2
Dynamic Trunking Protocol
See DTP
E
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-9
EIGRP stub routing 34-26
EKEY error-disabled state 9-3
ELIN location 25-3
enable password 7-3
enable secret password 7-3
encryption, CipherSuite 7-43
encryption for passwords 7-3
Enhanced IGRP
See EIGRP
enhanced object tracking
commands 38-12
defined 38-12
HSRP 38-17
IP routing state 38-13
line-protocol state 38-13
tracked lists 38-13
environment variables, function of 3-21
equal-cost routing 1-10, 34-29
error-disabled state
BPDU 18-2
EKEY 9-3
error messages during command entry 2-5
EtherChannel
automatic creation of 33-4, 33-5
channel groups
binding physical and logical interfaces 33-3
numbering of 33-3
configuration guidelines 33-10
configuring
Layer 2 interfaces 33-11
Layer 3 physical interfaces 33-13
Layer 3 port-channel logical interfaces 33-13
default configuration 33-10
described 33-2
displaying status 33-21
forwarding methods 33-7, 33-16
IEEE 802.3ad, described 33-5
interaction
with STP 33-10
with VLANs 33-11
LACP
described 33-5
displaying status 33-21
hot-standby ports 33-18
interaction with other features 33-7
modes 33-6
port priority 33-20
system priority 33-19
Layer 3 interface 34-3
load balancing 33-7, 33-16
logical interfaces, described 33-3
PAgP
aggregate-port learners 33-17
compatibility with Catalyst 1900 33-17
described 33-4
displaying status 33-21
interaction with other features 33-5
interaction with virtual switches 33-5
learn method and priority configuration 33-17
modes 33-4
support for 1-2
with dual-action detection 33-5
port-channel interfaces
described 33-3
numbering of 33-3
port groups 9-6
support for 1-2
EtherChannel guard
described 18-7
disabling 18-14
enabling 18-14
Ethernet VLANs
adding 11-9
defaults and ranges 11-8
modifying 11-9
EUI 35-3
events, RMON 28-3
examples
conventions for xxxvi
expedite queue for QoS 32-77
Express Setup 1-2
See also getting started guide
extended crashinfo file 40-19
extended-range VLANs
configuration guidelines 11-13
configuring 11-12
creating 11-13
creating with an internal VLAN ID 11-15
defined 11-1
extended system ID
MSTP 17-17
STP 16-4, 16-14
extended universal identifier
See EUI
Extensible Authentication Protocol over LAN 8-1
F
fa0 interface 1-3, 1-5
Fast Ethernet 0
See fa0 interface
features, incompatible 23-12
FIB 34-28
fiber-optic, detecting unidirectional links 26-1
files
basic crashinfo
description 40-19
location 40-19
copying B-4
crashinfo
description 40-19
deleting B-5
displaying the contents of B-8
extended crashinfo
description 40-20
location 40-20
tar
creating B-6
displaying the contents of B-6
extracting B-8
image file format B-24
file system
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 31-28
IPv6 traffic 37-3, 37-6
non-IP traffic 31-26
show and more command output 2-10
filtering show and more command output 2-10
filters, IP
See ACLs, IP
flash device, number of B-1
Flex Links
configuration guidelines 19-5
configuring 19-6
configuring preferred VLAN 19-8
configuring VLAN load balancing 19-7
default configuration 19-5
description 19-1
link load balancing 19-2
monitoring 19-11
VLANs 19-2
flooded traffic, blocking 23-8
flow-based packet classification 1-9
flowcharts
QoS classification 32-6
QoS egress queueing and scheduling 32-17
QoS ingress queueing and scheduling 32-15
QoS policing and marking 32-10
flowcontrol
configuring 9-18
described 9-18
forward-delay time
MSTP 17-23
STP 16-21
Forwarding Information Base
See FIB
FTP
accessing MIB files A-3
configuration files
downloading B-14
overview B-13
preparing the server B-13
uploading B-15
image files
deleting old image B-31
downloading B-30
preparing the server B-29
uploading B-32
G
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-4
get-request operation 30-3, 30-4
get-response operation 30-3
global configuration mode 2-2
global leave, IGMP 22-13
guest VLAN and 802.1x 8-12
guide
audience xxxv
purpose of xxxv
GUIs
See device manager and Network Assistant
H
hardware limitations and Layer 3 interfaces 9-21
hello time
MSTP 17-22
STP 16-20
help, for the command line 2-3
hierarchical policy maps 32-8
configuration guidelines 32-33
configuring 32-52
described 32-11
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
history table, level and number of syslog messages 29-10
host ports
configuring 14-11
kinds of 14-2
hosts, limit on dynamic ports 11-32
Hot Standby Router Protocol
See HSRP
HP Onboard Administrator
DHCP server 3-3
error-disabled state 9-3
internal connection to 1-3
HP OpenView 1-3
HSRP
authentication string 38-10
command-switch redundancy 1-1, 1-5
configuring 38-5
default configuration 38-5
definition 38-1
guidelines 38-5
monitoring 38-11
object tracking 38-17
overview 38-1
priority 38-7
routing redundancy 1-10
support for ICMP redirect messages 38-11
timers 38-10
tracking 38-7
HTTP(S) Over IPv6 35-6
HTTP over SSL
see HTTPS
HTTPS 7-42
configuring 7-45
self-signed certificate 7-42
HTTP secure server 7-42
I
ICMP
IPv6 35-3
redirect messages 34-10
support for 1-10
time-exceeded messages 40-13
traceroute and 40-13
unreachable messages 31-19
unreachable messages and IPv6 37-3
unreachables and ACLs 31-21
ICMP ping
executing 40-10
overview 40-10
ICMP Router Discovery Protocol
See IRDP
ICMPv6 35-3
IDS appliances
and ingress RSPAN 27-20
and ingress SPAN 27-13
IEEE 802.1D
See STP
IEEE 802.1p 13-1
IEEE 802.1Q
and trunk ports 9-3
configuration limitations 11-19
encapsulation 11-16
native VLAN for untagged traffic 11-23
tunneling
compatibility with other features 15-6
defaults 15-4
described 15-1
tunnel ports with other features 15-6
IEEE 802.1s
See MSTP
IEEE 802.1w
See RSTP
IEEE 802.1x
See port-based authentication
IEEE 802.3ad
See EtherChannel
IEEE 802.3x flow control 9-18
ifIndex values, SNMP 30-5
IFS 1-4
IGMP
configurable leave timer
described 22-6
enabling 22-11
flooded multicast traffic
controlling the length of time 22-12
disabling on an interface 22-14
global leave 22-13
query solicitation 22-13
recovering from flood mode 22-13
joining multicast group 22-3
join messages 22-3
leave processing, enabling 22-11, 36-9
leaving multicast group 22-5
queries 22-4
report suppression
described 22-6
disabling 22-16, 36-11
supported versions 22-3
support for 1-2
IGMP filtering
configuring 22-25
default configuration 22-25
described 22-24
monitoring 22-29
support for 1-3
IGMP groups
configuring filtering 22-28
setting the maximum number 22-27
IGMP helper 1-3
IGMP Immediate Leave
configuration guidelines 22-11
described 22-6
enabling 22-11
IGMP profile
applying 22-27
configuration mode 22-25
configuring 22-26
IGMP snooping
and address aliasing 22-2
configuring 22-7
default configuration 22-7, 36-5, 36-6
definition 22-2
enabling and disabling 22-8, 36-6
global configuration 22-8
Immediate Leave 22-6
method 22-8
monitoring 22-16, 36-11
querier
configuration guidelines 22-14
configuring 22-14
supported versions 22-3
support for 1-2
VLAN configuration 22-8
IGMP throttling
configuring 22-28
default configuration 22-25
described 22-25
displaying action 22-29
Immediate Leave, IGMP 22-6
enabling 36-9
inaccessible authentication bypass 8-14
initial configuration
defaults 1-11
Express Setup 1-2
See also getting started guide and hardware installation guide
interface
number 9-8
interface command9-8to 9-9
interface configuration mode 2-3
interface range macros 9-11
interfaces
auto-MDIX, configuring 9-19
configuration guidelines
duplex and speed 9-16
configuring
procedure 9-8
counters, clearing 9-25
default configuration 9-13
described 9-20
descriptive name, adding 9-20
displaying information about 9-25
flow control 9-18
management 1-3
monitoring 9-24
naming 9-20
physical, identifying 9-8
range of 9-10
restarting 9-26
shutting down 9-26
speed and duplex, configuring 9-17
status 9-24
supported 9-8
types of 9-1
interfaces range macro command 9-11
interface types 9-8
Internet Control Message Protocol
See ICMP
Internet Protocol version 6
See IPv6
Inter-Switch Link
See ISL
inter-VLAN routing 1-10, 34-2
Intrusion Detection System
See IDS appliances
inventory-management TLV 25-6
IP ACLs
for QoS classification 32-7
implicit deny 31-9, 31-13
implicit masks 31-9
named 31-14
undefined 31-20
IP addresses
128-bit 35-2
classes of 34-5
default configuration 34-4
discovering 5-28
for IP routing 34-3
IPv6 35-2
MAC address association 34-7
monitoring 34-16
IP base image 1-1
IP broadcast address 34-14
ip cef distributed command 34-28
IP directed broadcasts 34-12
ip igmp profile command 22-25
IP information
assigned
manually 3-14
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing and IGMP snooping 22-2
IP phones
and QoS 13-1
automatic classification and queueing 32-20
configuring 13-4
ensuring port security with QoS 32-38
trusted boundary for QoS 32-38
IP precedence 32-2
IP-precedence-to-DSCP map for QoS 32-61
IP protocols
in ACLs 31-11
routing 1-10
IP routes, monitoring 34-37
IP routing
connecting interfaces with 9-7
disabling 34-17
enabling 34-17
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 39-1
IP SLAs
benefits 39-2
configuration guidelines 39-5
Control Protocol 39-3
default configuration 39-5
definition 39-1
measuring network performance 39-2
monitoring 39-7
operation 39-3
responder
described 39-3
enabling 39-6
response time 39-4
SNMP support 39-2
supported metrics 39-2
IP source guard
and 802.1x 20-17
and DHCP snooping 20-15
and EtherChannels 20-17
and port security 20-17
and private VLANs 20-17
and routed ports 20-16
and TCAM entries 20-17
and trunk interfaces 20-17
and VRF 20-17
binding configuration
automatic 20-15
manual 20-15
binding table 20-15
configuration guidelines 20-16
default configuration 20-16
described 20-15
disabling 20-18
displaying
bindings 20-18
configuration 20-18
enabling 20-17
filtering
source IP address 20-16
source IP and MAC address 20-16
source IP address filtering 20-16
source IP and MAC address filtering 20-16
static bindings
adding 20-17
deleting 20-18
IP traceroute
executing 40-14
overview 40-13
IP unicast routing
address resolution 34-7
administrative distances 34-30, 34-35
ARP 34-7
assigning IP addresses to Layer 3 interfaces 34-5
authentication keys 34-36
broadcast
address 34-14
flooding 34-15
packets 34-12
storms 34-12
classless routing 34-6
configuring static routes 34-30
default
addressing configuration 34-4
gateways 34-10
networks 34-31
routes 34-31
routing 34-2
directed broadcasts 34-12
disabling 34-17
dynamic routing 34-2
enabling 34-17
EtherChannel Layer 3 interface 34-3
inter-VLAN 34-2
IP addressing
classes 34-5
configuring 34-3
IRDP 34-11
Layer 3 interfaces 34-3
MAC address and IP address 34-7
passive interfaces 34-34
protocols, distance-vector 34-2
proxy ARP 34-7
redistribution 34-31
reverse address resolution 34-7
routed ports 34-3
static routing 34-2
steps to configure 34-3
subnet mask 34-5
subnet zero 34-5
supernet 34-6
UDP 34-14
with SVIs 34-3
See also EIGRP
See also RIP
IPv4 ACLs
applying to interfaces 31-19
extended, creating 31-10
named 31-14
standard, creating 31-9
IPv6
ACLs
displaying 37-7
limitations 37-2
matching criteria 37-2
port 37-1
router 37-1
supported 37-2
addresses 35-2
address formats 35-2
applications 35-4
assigning address 35-7
autoconfiguration 35-4
default configuration 35-7
default router preference (DRP) 35-4
defined 35-1
forwarding 35-7
ICMP 35-3
monitoring 35-11
neighbor discovery 35-3
SDM templates 6-2, 36-1, 36-6, 37-1
Stateless Autoconfiguration 35-4
supported features 35-2
understanding static routes 35-5
IPv6 traffic, filtering 37-3
IRDP
configuring 34-11
definition 34-11
support for 1-10
ISL
and trunk ports 9-3
encapsulation 1-7, 11-16
trunking with IEEE 802.1 tunneling 15-5
isolated port 14-2
isolated VLANs 14-2, 14-3
J
join messages, IGMP 22-3
K
KDC
described 7-32
See also Kerberos
Kerberos
authenticating to
boundary switch 7-34
KDC 7-34
network services 7-35
configuration examples 7-32
configuring 7-35
credentials 7-32
cryptographic software image 7-32
described 7-32
KDC 7-32
operation 7-34
realm 7-33
server 7-33
support for 1-9
switch as trusted third party 7-32
terms 7-33
TGT 7-34
tickets 7-32
key distribution center
See KDC
L
l2protocol-tunnel command 15-13
LACP
Layer 2 protocol tunneling 15-9
See EtherChannel
Layer 2 frames, classification with CoS 32-2
Layer 2 interfaces, default configuration 9-13
Layer 2 protocol tunneling
configuring 15-10
configuring for EtherChannels 15-14
default configuration 15-11
defined 15-8
guidelines 15-12
Layer 2 traceroute
and ARP 40-12
and CDP 40-12
broadcast traffic 40-11
described 40-11
IP addresses and subnets 40-12
MAC addresses and VLANs 40-12
multicast traffic 40-12
multiple devices on a port 40-12
unicast traffic 40-11
usage guidelines 40-12
Layer 2 trunk failover
described 33-21
Layer 3 features 1-10
Layer 3 interfaces
assigning IP addresses to 34-5
assigning IPv6 addresses to 35-7
changing from Layer 2 mode 34-5
types of 34-3
Layer 3 packets, classification methods 32-2
LDAP 4-2
LEDs, switch
See hardware installation guide
lightweight directory access protocol
See LDAP
line configuration mode 2-3
Link Aggregation Control Protocol
See EtherChannel
Link Failure
detecting unidirectional 17-8
Link Layer Discovery Protocol
See CDP
link local unicast addresses 35-3
link redundancy
See Flex Links
links, unidirectional 26-1
LLDP
configuring 25-3
characteristics 25-4
default configuration 25-3
disabling and enabling
globally 25-5
on an interface 25-5
monitoring and maintaining 25-7
overview 25-1
supported tlvs 25-2
transmission timer and holdtime, setting 25-4
LLDP-MED
configuring 25-3
tlvs 25-6
monitoring and maintaining 25-7
overview 25-1, 25-2
supported tlvs 25-2
LLDP Media Endpoint Discovery
See LLDP-MED
load balancing 38-4
local SPAN 27-2
location TLV 25-3, 25-6
logging messages, ACL 31-8
login authentication
with RADIUS 7-23
with TACACS+ 7-14
login banners 5-17
log messages
See system message logging
loop guard
described 18-9
enabling 18-15
support for 1-5
M
MAB aging timer 1-7
MAB inactivity timer
default setting 8-23
range 8-26
MAC addresses
aging time 5-21
and VLAN association 5-20
building the address table 5-20
default configuration 5-21
disabling learning on a VLAN 5-26
discovering 5-28
displaying 5-27
displaying in the IP source binding table 20-18
dynamic
learning 5-20
removing 5-22
in ACLs 31-26
IP address association 34-7
static
adding 5-24
allowing 5-26, 5-27
characteristics of 5-24
dropping 5-25
removing 5-24
MAC address learning 1-4
MAC address learning, disabling on a VLAN 5-26
MAC address notification, support for 1-11
MAC address-table move update
configuration guidelines 19-5
configuring 19-9
default configuration 19-5
description 19-3
monitoring 19-11
MAC address-to-VLAN mapping 11-28
MAC authentication bypass 8-9
See MAB
MAC extended access lists
applying to Layer 2 interfaces 31-27
configuring for QoS 32-45
creating 31-26
defined 31-26
for QoS classification 32-5
macros
See Smartports macros
magic packet 8-16
manageability features 1-4
management access
in-band
browser session 1-4
CLI session 1-4
device manager 1-4
SNMP 1-5
out-of-band console port connection 1-5
management options
CLI 2-1
CNS 4-1
overview 1-3
mapping tables for QoS
configuring
CoS-to-DSCP 32-60
DSCP 32-60
DSCP-to-CoS 32-63
DSCP-to-DSCP-mutation 32-64
IP-precedence-to-DSCP 32-61
policed-DSCP 32-62
described 32-12
marking
action in policy map 32-48
action with aggregate policers 32-58
described 32-4, 32-8
matching
IPv6 ACLs 37-2
matching, IPv4 ACLs 31-7
maximum aging time
MSTP 17-23
STP 16-21
maximum hop count, MSTP 17-24
maximum number of allowed devices, port-based authentication 8-26
maximum-paths command 34-29
membership mode, VLAN port 11-3
messages
to users through banners 5-17
messages, to users through banners 5-17
metric translations, between routing protocols 34-33
metro tags 15-2
MHSRP 38-4
MIBs
accessing files with FTP A-3
location of files A-3
overview 30-1
SNMP interaction with 30-4
supported A-1
mirroring traffic for analysis 27-1
mismatches, autonegotiation 40-7
module number 9-8
monitoring
access groups 31-38
cables for unidirectional links 26-1
CDP 24-5
CEF 34-29
features 1-11
Flex Links 19-11
HSRP 38-11
IEEE 802.1Q tunneling 15-18
IGMP
filters 22-29
snooping 22-16, 36-11
interfaces 9-24
IP
address tables 34-16
routes 34-37
IP SLAs operations 39-7
IPv4 ACL configuration 31-38
IPv6 35-11
IPv6 ACL configuration 37-7
Layer 2 protocol tunneling 15-18
MAC address-table move update 19-11
multicast router interfaces 22-17, 36-12
MVR 22-24
network traffic for analysis with probe 27-2
object tracking 38-18
port
blocking 23-20
protection 23-20
private VLANs 14-14
SFP status 9-25, 40-8
speed and duplex mode 9-17
traffic flowing among switches 28-1
traffic suppression 23-20
tunneling 15-18
VLAN
filters 31-39
maps 31-39
VLANs 11-16
VMPS 11-32
VTP 12-16
more 8-48
MSTP
boundary ports
configuration guidelines 17-15
described 17-6
BPDU filtering
described 18-3
enabling 18-12
BPDU guard
described 18-2
enabling 18-11
CIST, described 17-3
CIST regional root 17-3
CIST root 17-5
configuration guidelines 17-15, 18-10
configuring
forward-delay time 17-23
hello time 17-22
link type for rapid convergence 17-24
maximum aging time 17-23
maximum hop count 17-24
MST region 17-16
neighbor type 17-25
path cost 17-20
port priority 17-19
root switch 17-17
secondary root switch 17-18
switch priority 17-21
CST
defined 17-3
operations between regions 17-4
default configuration 17-14
default optional feature configuration 18-9
displaying status 17-26
enabling the mode 17-16
EtherChannel guard
described 18-7
enabling 18-14
extended system ID
effects on root switch 17-17
effects on secondary root switch 17-18
unexpected behavior 17-17
IEEE 802.1s
implementation 17-6
port role naming change 17-7
terminology 17-5
instances supported 16-9
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-10
interoperability with IEEE 802.1D
described 17-8
restarting migration process 17-25
IST
defined 17-3
master 17-3
operations within a region 17-3
loop guard
described 18-9
enabling 18-15
mapping VLANs to MST instance 17-16
MST region
CIST 17-3
configuring 17-16
described 17-2
hop-count mechanism 17-5
IST 17-3
supported spanning-tree instances 17-2
optional features supported 1-5
overview 17-2
Port Fast
described 18-2
enabling 18-10
preventing root switch selection 18-8
root guard
described 18-8
enabling 18-15
root switch
configuring 17-17
effects of extended system ID 17-17
unexpected behavior 17-17
shutdown Port Fast-enabled port 18-2
status, displaying 17-26
multicast groups
Immediate Leave 22-6
joining 22-3
leaving 22-5
static joins 22-10, 36-8
multicast packets
blocking 23-8
multicast packets, blocking 23-8
multicast router interfaces, monitoring 22-17, 36-12
multicast router ports, adding 22-9, 36-8
multicast storm 23-1
multicast storm-control command 23-4
multicast television application 22-18
multicast VLAN 22-17
Multicast VLAN Registration
See MVR
Multiple HSRP
See MHSRP
MVR
and address aliasing 22-21
and IGMPv3 22-21
configuration guidelines 22-20
configuring interfaces 22-22
default configuration 22-20
described 22-17
example application 22-18
modes 22-21
monitoring 22-24
multicast television application 22-18
setting global parameters 22-21
support for 1-3
N
NAC
AAA down policy 1-9
critical authentication 8-14, 8-40
IEEE 802.1x authentication using a RADIUS server 8-44
IEEE 802.1x validation using RADIUS server 8-44
inaccessible authentication bypass 1-9, 8-40
Layer 2 IEEE 802.1x validation 1-9, 8-44
Layer 2 IEEE802.1x validation 8-22
Layer 2 IP validation 1-9
named IPv4 ACLs 31-14
NameSpace Mapper
See NSM
native VLAN
and IEEE 802.1Q tunneling 15-4
configuring 11-23
default 11-23
neighbor discovery, IPv6 35-3
Network Admission Control
NAC
Network Admission Control Software Configuration Guide 8-46, 8-48
Network Assistant
benefits 1-2
described 1-3
network configuration examples
increasing network performance 1-14
providing network services 1-14
server aggregation and Linux server cluster 1-16
network design
performance 1-14
services 1-14
network management
CDP 24-1
RMON 28-1
SNMP 30-1
network performance, measuring with IP SLAs 39-2
network policy TLV 25-6
Network Time Protocol
See NTP
no commands 2-4
nonhierarchical policy maps
configuration guidelines 32-33
configuring 32-48
described 32-9
non-IP traffic filtering 31-26
nontrunking mode 11-18
normal-range VLANs 11-4
configuration guidelines 11-6
configuration modes 11-7
configuring 11-4
defined 11-1
no switchport command 9-4
note, described xxxvi
NSM 4-3
NTP
associations
authenticating 5-4
defined 5-2
enabling broadcast messages 5-6
peer 5-5
server 5-5
default configuration 5-4
displaying the configuration 5-11
overview 5-2
restricting access
creating an access group 5-8
disabling NTP services per interface 5-10
source IP address, configuring 5-10
stratum 5-2
support for 1-4
synchronizing devices 5-5
time
services 5-2
synchronizing 5-2
O
object tracking
HSRP 38-17
monitoring 38-18
online diagnostics
overview 41-1
running tests 41-3
understanding 41-1
optimizing system resources 6-1
options, management 1-3
out-of-profile markdown 1-10
P
packet modification, with QoS 32-19
PAgP
Layer 2 protocol tunneling 15-9
See EtherChannel
parallel paths, in routing tables 34-29
passive interfaces, configuring 34-34
passwords
default configuration 7-2
disabling recovery of 7-5
encrypting 7-3
for security 1-7
overview 7-1
recovery of 40-3
setting
enable 7-3
enable secret 7-3
Telnet 7-6
with usernames 7-6
VTP domain 12-8
path cost
MSTP 17-20
STP 16-18
percentage thresholds in tracked lists 38-16
performance, network design 1-14
performance features 1-2
persistent self-signed certificate 7-42
per-VLAN spanning-tree plus
See PVST+
physical ports 9-2
PIM
stub routing
configuration guidelines 34-24
enabling 34-24
overview 34-23
PIM-DVMRP, as snooping method 22-9
ping
character output description 40-11
executing 40-10
overview 40-10
policed-DSCP map for QoS 32-62
policers
configuring
for each matched traffic class 32-48
for more than one traffic class 32-58
described 32-4
displaying 32-78
number of 32-34
types of 32-9
policing
described 32-4
hierarchical
See hierarchical policy maps
token-bucket algorithm 32-9
policy maps for QoS
characteristics of 32-48
described 32-7
displaying 32-79
hierarchical 32-8
hierarchical on SVIs
configuration guidelines 32-33
configuring 32-52
described 32-11
nonhierarchical on physical ports
configuration guidelines 32-33
configuring 32-48
described 32-9
port ACLs
defined 31-2
types of 31-3
Port Aggregation Protocol
See EtherChannel
port-based authentication
accounting 8-8
authentication server
defined 8-3
RADIUS server 8-3
client, defined 8-2
configuration guidelines 8-24
configuring
802.1x authentication 8-30
guest VLAN 8-38
host mode 8-33
inaccessible authentication bypass 8-40
manual re-authentication of a client 8-34
periodic re-authentication 8-33
quiet period 8-34
RADIUS server 8-32
RADIUS server parameters on the switch 8-31
restricted VLAN 8-39
switch-to-client frame-retransmission number 8-36
switch-to-client retransmission time 8-35
violation mode 8-16
violation modes8-29to 8-30
default configuration 8-23
described 8-1
device roles 8-2
displaying statistics 8-49
EAPOL-start frame 8-5
EAP-request/identity frame 8-5
EAP-response/identity frame 8-5
encapsulation 8-3
guest VLAN
configuration guidelines 8-12, 8-13
described 8-12
host mode 8-7
inaccessible authentication bypass
configuring 8-40
described 8-14
guidelines 8-25
initiation and message exchange 8-5
magic packet 8-16
maximum number of allowed devices per port 8-26
method lists 8-30
multiple-hosts mode, described 8-8
per-user ACLs
AAA authorization 8-30
configuration tasks 8-11
described 8-11
RADIUS server attributes 8-11
ports
authorization state and dot1x port-control command 8-7
authorized and unauthorized 8-7
critical 8-14
voice VLAN 8-15
port security
and voice VLAN 8-16
described 8-15
interactions 8-16
multiple-hosts mode 8-8
readiness check
configuring 8-26
described 8-9, 8-26
resetting to default values 8-49
statistics, displaying 8-49
switch
as proxy 8-3
RADIUS client 8-3
VLAN assignment
AAA authorization 8-30
characteristics 8-10
configuration tasks 8-10
described 8-10
voice aware 802.1x security
configuring 8-28
described 8-19, 8-28
voice VLAN
described 8-15
PVID 8-15
VVID 8-15
wake-on-LAN, described 8-16
port blocking 1-2, 23-8
port-channel
See EtherChannel
Port Fast
described 18-2
enabling 18-10
mode, spanning tree 11-29
support for 1-5
port membership modes, VLAN 11-3
port priority
MSTP 17-19
STP 16-16
ports
access 9-3
blocking 23-8
dual-purpose uplink 9-6
dynamic access 11-3
IEEE 802.1Q tunnel 11-4
protected 23-6
routed 9-4
secure 23-9
static-access 11-3, 11-11
switch 9-2
trunks 11-3, 11-16
VLAN assignments 11-11
port security
aging 23-17
and private VLANs 23-19
and QoS trusted boundary 32-38
configuring 23-13
default configuration 23-11
described 23-9
displaying 23-20
enabling 23-19
on trunk ports 23-14
sticky learning 23-10
violations 23-10
with other features 23-11
port-shutdown response, VMPS 11-28
power-management TLV 25-6
preemption, default configuration 19-5
preemption delay, default configuration 19-5
preferential treatment of traffic
See QoS
preventing unauthorized access 7-1
primary links 19-2
primary VLANs 14-1, 14-3
priority
HSRP 38-7
overriding CoS 13-6
trusting CoS 13-6
private VLAN edge ports
See protected ports
private VLANs
across multiple switches 14-4
and SDM template 14-4
and SVIs 14-5
benefits of 14-1
community ports 14-2
community VLANs 14-2, 14-3
configuration guidelines 14-6, 14-8
configuration tasks 14-6
configuring 14-9
default configuration 14-6
end station access to 14-3
IP addressing 14-3
isolated port 14-2
isolated VLANs 14-2, 14-3
mapping 14-13
monitoring 14-14
ports
community 14-2
configuration guidelines 14-8
configuring host ports 14-11
configuring promiscuous ports 14-12
described 11-4
isolated 14-2
promiscuous 14-2
primary VLANs 14-1, 14-3
promiscuous ports 14-2
secondary VLANs 14-2
subdomains 14-1
traffic in 14-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 7-9
exiting 7-9
logging into 7-9
overview 7-2, 7-7
setting a command with 7-8
promiscuous ports
configuring 14-12
defined 14-2
protected ports 1-7, 23-6
Protocol-Independent Multicast Protocol
See PIM
proxy ARP
configuring 34-9
definition 34-7
with IP routing disabled 34-10
pruning, VTP
disabling
in VTP domain 12-14
on a port 11-23
enabling
in VTP domain 12-14
on a port 11-22
examples 12-5
overview 12-4
pruning-eligible list
changing 11-22
for VTP pruning 12-4
VLANs 12-14
PVST+
described 16-9
IEEE 802.1Q trunking interoperability 16-10
instances supported 16-9
Q
QoS
and MQC commands 32-1
auto-QoS
categorizing traffic 32-21
configuration and defaults display 32-30
configuration guidelines 32-25
described 32-20
disabling 32-27
displaying generated commands 32-27
displaying the initial configuration 32-30
effects on running configuration 32-25
egress queue defaults 32-21
enabling for VoIP 32-26
example configuration 32-28
ingress queue defaults 32-21
list of generated commands 32-22
basic model 32-4
classification
class maps, described 32-7
defined 32-4
DSCP transparency, described 32-40
flowchart 32-6
forwarding treatment 32-3
in frames and packets 32-3
IP ACLs, described 32-5, 32-7
MAC ACLs, described 32-5, 32-7
options for IP traffic 32-5
options for non-IP traffic 32-5
policy maps, described 32-7
trust DSCP, described 32-5
trusted CoS, described 32-5
trust IP precedence, described 32-5
class maps
configuring 32-46
displaying 32-78
configuration guidelines
auto-QoS 32-25
standard QoS 32-33
configuring
aggregate policers 32-58
auto-QoS 32-20
default port CoS value 32-38
DSCP maps 32-60
DSCP transparency 32-40
DSCP trust states bordering another domain 32-40
egress queue characteristics 32-70
ingress queue characteristics 32-66
IP extended ACLs 32-44
IP standard ACLs 32-43
MAC ACLs 32-45
policy maps, hierarchical 32-52
policy maps on physical ports 32-48
port trust states within the domain 32-36
trusted boundary 32-38
default auto configuration 32-21
default standard configuration 32-31
displaying statistics 32-78
DSCP transparency 32-40
egress queues
allocating buffer space 32-71
buffer allocation scheme, described 32-18
configuring shaped weights for SRR 32-75
configuring shared weights for SRR 32-76
described 32-4
displaying the threshold map 32-74
flowchart 32-17
mapping DSCP or CoS values 32-73
scheduling, described 32-4
setting WTD thresholds 32-71
WTD, described 32-19
enabling globally 32-35
flowcharts
classification 32-6
egress queueing and scheduling 32-17
ingress queueing and scheduling 32-15
policing and marking 32-10
implicit deny 32-7
ingress queues
allocating bandwidth 32-68
allocating buffer space 32-68
buffer and bandwidth allocation, described 32-16
configuring shared weights for SRR 32-68
configuring the priority queue 32-69
described 32-4
displaying the threshold map 32-67
flowchart 32-15
mapping DSCP or CoS values 32-67
priority queue, described 32-16
scheduling, described 32-4
setting WTD thresholds 32-67
WTD, described 32-16
IP phones
automatic classification and queueing 32-20
detection and trusted settings 32-20, 32-38
limiting bandwidth on egress interface 32-77
mapping tables
CoS-to-DSCP 32-60
displaying 32-78
DSCP-to-CoS 32-63
DSCP-to-DSCP-mutation 32-64
IP-precedence-to-DSCP 32-61
policed-DSCP 32-62
types of 32-12
marked-down actions 32-50, 32-55
marking, described 32-4, 32-8
overview 32-2
packet modification 32-19
policers
configuring 32-50, 32-55, 32-58
described 32-8
displaying 32-78
number of 32-34
types of 32-9
policies, attaching to an interface 32-8
policing
described 32-4, 32-8
token bucket algorithm 32-9
policy maps
characteristics of 32-48
displaying 32-79
hierarchical 32-8
hierarchical on SVIs 32-52
nonhierarchical on physical ports 32-48
QoS label, defined 32-4
queues
configuring egress characteristics 32-70
configuring ingress characteristics 32-66
high priority (expedite) 32-19, 32-77
location of 32-13
SRR, described 32-14
WTD, described 32-13
rewrites 32-19
support for 1-9
trust states
bordering another domain 32-40
described 32-5
trusted device 32-38
within the domain 32-36
quality of service
See QoS
queries, IGMP 22-4
query solicitation, IGMP 22-13
R
RADIUS
attributes
vendor-proprietary 7-31
vendor-specific 7-29
configuring
accounting 7-28
authentication 7-23
authorization 7-27
communication, global 7-21, 7-29
communication, per-server 7-20, 7-21
multiple UDP ports 7-21
default configuration 7-20
defining AAA server groups 7-25
displaying the configuration 7-31
identifying the server 7-20
limiting the services to the user 7-27
method list, defined 7-20
operation of 7-19
overview 7-18
suggested network environments 7-18
support for 1-9
tracking services accessed by user 7-28
range
macro 9-11
of interfaces 9-10
rapid convergence 17-10
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
described 16-9
IEEE 802.1Q trunking interoperability 16-10
instances supported 16-9
Rapid Spanning Tree Protocol
See RSTP
RARP 34-7
RCP
configuration files
downloading B-17
overview B-16
preparing the server B-17
uploading B-18
image files
deleting old image B-36
downloading B-34
preparing the server B-33
uploading B-36
readiness check
port-based authentication
configuring 8-26
described 8-9, 8-26
reconfirmation interval, VMPS, changing 11-31
reconfirming dynamic VLAN membership 11-31
recovery procedures 40-1
redundancy
EtherChannel 33-2
HSRP 38-1
STP
backbone 16-8
path cost 11-26
port priority 11-24
redundant links and UplinkFast 18-13
reloading software 3-21
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
remote SPAN 27-2
report suppression, IGMP
described 22-6
disabling 22-16, 36-11
requirements
device manager xxxvi
resequencing ACL entries 31-14
resetting a UDLD-shutdown interface 26-6
responder, IP SLAs
described 39-3
enabling 39-6
response time, measuring with IP SLAs 39-4
restricted VLAN
configuring 8-39
described 8-13
using with IEEE 802.1x 8-13
restricting access
NTP services 5-8
overview 7-1
passwords and privilege levels 7-2
RADIUS 7-17
TACACS+ 7-10
retry count, VMPS, changing 11-31
reverse address resolution 34-7
Reverse Address Resolution Protocol
See RARP
RFC
1058, RIP 34-17
1112, IP multicast and IGMP 22-2
1157, SNMPv1 30-2
1166, IP addresses 34-5
1305, NTP 5-2
1757, RMON 28-2
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 22-2
2273-2275, SNMPv3 30-2
RIP
advertisements 34-17
authentication 34-20
configuring 34-19
default configuration 34-18
described 34-17
hop counts 34-17
split horizon 34-21
summary addresses 34-21
support for 1-10
RMON
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
statistics
collecting group Ethernet 28-5
collecting group history 28-5
support for 1-11
root guard
described 18-8
enabling 18-15
support for 1-5
root switch
MSTP 17-17
STP 16-14
routed packets, ACLs on 31-38
routed ports
configuring 34-3
defined 9-4
IP addresses on 9-21, 34-3
router ACLs
defined 31-2
types of 31-4
routing
default 34-2
dynamic 34-2
redistribution of information 34-31
static 34-2
Routing Information Protocol
See RIP
routing protocol administrative distances 34-30
RSPAN
characteristics 27-8
configuration guidelines 27-15
default configuration 27-9
defined 27-2
destination ports 27-7
displaying status 27-23
interaction with other features 27-8
monitored ports 27-5
monitoring ports 27-7
overview 1-11, 27-1
received traffic 27-4
sessions
creating 27-16
defined 27-3
limiting source traffic to specific VLANs 27-22
specifying monitored ports 27-16
with ingress traffic enabled 27-20
source ports 27-5
transmitted traffic 27-5
VLAN-based 27-6
RSTP
active topology 17-9
BPDU
format 17-12
processing 17-13
designated port, defined 17-9
designated switch, defined 17-9
interoperability with IEEE 802.1D
described 17-8
restarting migration process 17-25
topology changes 17-13
overview 17-8
port roles
described 17-9
synchronized 17-11
proposal-agreement handshake process 17-10
rapid convergence
described 17-10
edge ports and Port Fast 17-10
point-to-point links 17-10, 17-24
root ports 17-10
root port, defined 17-9
See also MSTP
running configuration
replacing B-20
rolling back B-20, B-21
running configuration, saving 3-15
S
scheduled reloads 3-21
SCP
and SSH 7-48
configuring 7-48
SDM
described 6-1
templates
configuring 6-4
number of 6-1
SDM template 37-3
configuration guidelines 6-4
configuring 6-3
dual IPv4 and IPv6 6-2
types of 6-1
secondary VLANs 14-2
Secure Copy Protocol
See SCP
secure HTTP client
configuring 7-47
displaying 7-47
secure HTTP server
configuring 7-45
displaying 7-47
secure MAC addresses
deleting 23-16
maximum number of 23-10
types of 23-9
secure ports, configuring 23-9
secure remote connections 7-37
Secure Shell
See SSH
Secure Socket Layer
See SSL
security, port 23-9
security features 1-7
sequence numbers in log messages 29-8
server mode, VTP 12-3
service-provider network, MSTP and RSTP 17-1
service-provider networks
and customer VLANs 15-2
and IEEE 802.1Q tunneling 15-1
Layer 2 protocols across 15-8
Layer 2 protocol tunneling for EtherChannels 15-9
set-request operation 30-4
severity levels, defining in system messages 29-8
SFPs
monitoring status of 9-25, 40-8
security and identification 40-8
status, displaying 40-8
shaped round robin
See SRR
show access-lists hw-summary command 31-21
show and more command output, filtering 2-10
show cdp traffic command 24-5
show configuration command 9-20
show forward command 40-17
show interfaces command 9-17, 9-20
show l2protocol command 15-13, 15-15, 15-16
show lldp traffic command 25-7
show platform forward command 40-17
show running-config command
displaying ACLs 31-19, 31-20, 31-30, 31-33
interface description in 9-20
shutdown command on interfaces 9-26
shutdown threshold for Layer 2 protocol packets 15-11
Simple Network Management Protocol
See SNMP
small-frame arrival rate, configuring 23-5
Smartports macros
applying Cisco-default macros 10-6
applying global parameter values 10-5, 10-6
applying macros 10-5
applying parameter values 10-5, 10-7
configuration guidelines 10-2
creating 10-4
default configuration 10-2
defined 10-1
displaying 10-8
tracing 10-3
SNAP 24-1
SNMP
accessing MIB variables with 30-4
agent
described 30-4
disabling 30-7
and IP SLAs 39-2
authentication level 30-10
community strings
configuring 30-8
overview 30-4
configuration examples 30-16
default configuration 30-6
engine ID 30-7
groups 30-6, 30-9
host 30-6
ifIndex values 30-5
in-band management 1-5
informs
and trap keyword 30-11
described 30-5
differences from traps 30-5
disabling 30-15
enabling 30-15
limiting access by TFTP servers 30-15
limiting system log messages to NMS 29-10
manager functions 1-3, 30-3
MIBs
location of A-3
supported A-1
notifications 30-5
overview 30-1, 30-4
security levels 30-3
status, displaying 30-17
system contact and location 30-15
trap manager, configuring 30-13
traps
described 30-3, 30-5
differences from informs 30-5
disabling 30-15
enabling 30-11
enabling MAC address notification 5-22
overview 30-1, 30-4
types of 30-11
users 30-6, 30-9
versions supported 30-2
SNMP and Syslog Over IPv6 35-5
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 22-2
software images
location in flash B-24
recovery procedures 40-2
scheduling reloads 3-22
tar file format, described B-24
See also downloading and uploading
source addresses
in IPv6 ACLs 37-4
source addresses, in IPv4 ACLs 31-11
source-and-destination-IP address based forwarding, EtherChannel 33-8
source-and-destination MAC address forwarding, EtherChannel 33-7
source-IP address based forwarding, EtherChannel 33-8
source-MAC address forwarding, EtherChannel 33-7
SPAN
configuration guidelines 27-10
default configuration 27-9
destination ports 27-7
displaying status 27-23
interaction with other features 27-8
monitored ports 27-5
monitoring ports 27-7
overview 1-11, 27-1
ports, restrictions 23-12
received traffic 27-4
sessions
configuring ingress forwarding 27-14, 27-21
creating 27-11
defined 27-3
limiting source traffic to specific VLANs 27-14
removing destination (monitoring) ports 27-12
specifying monitored ports 27-11
with ingress traffic enabled 27-13
source ports 27-5
transmitted traffic 27-5
VLAN-based 27-6
spanning tree and native VLANs 11-19
Spanning Tree Protocol
See STP
SPAN traffic 27-4
split horizon, RIP 34-21
SRR
configuring
shaped weights on egress queues 32-75
shared weights on egress queues 32-76
shared weights on ingress queues 32-68
described 32-14
shaped mode 32-14
shared mode 32-14
support for 1-10
SSH
configuring 7-38
cryptographic software image 7-37
described 1-4, 7-37
encryption methods 7-38
user authentication methods, supported 7-38
SSL
configuration guidelines 7-44
configuring a secure HTTP client 7-47
configuring a secure HTTP server 7-45
cryptographic software image 7-41
described 7-41
monitoring 7-47
standby ip command 38-6
standby links 19-2
standby router 38-1
standby timers, HSRP 38-10
startup configuration
booting
manually 3-19
specific image 3-19
clearing B-19
configuration file
automatically downloading 3-18
specifying the filename 3-18
default boot configuration 3-18
static access ports
assigning to VLAN 11-11
defined 9-3, 11-3
static addresses
See addresses
static IP routing 1-10
static MAC addressing 1-7
static routes
understanding 35-5
static routes, configuring 34-30
static routing 34-2
static VLAN membership 11-2
statistics
802.1x 8-49
CDP 24-5
interface 9-25
LLDP 25-7
LLDP-MED 25-7
QoS ingress and egress 32-78
RMON group Ethernet 28-5
RMON group history 28-5
SNMP input and output 30-17
VTP 12-16
sticky learning 23-10
storm control
configuring 23-3
described 23-1
disabling 23-5
displaying 23-20
support for 1-2
thresholds 23-1
STP
accelerating root port selection 18-4
BackboneFast
described 18-5
disabling 18-14
enabling 18-13
BPDU filtering
described 18-3
disabling 18-12
enabling 18-12
BPDU guard
described 18-2
disabling 18-12
enabling 18-11
BPDU message exchange 16-3
configuration guidelines 16-12, 18-10
configuring
forward-delay time 16-21
hello time 16-20
maximum aging time 16-21
path cost 16-18
port priority 16-16
root switch 16-14
secondary root switch 16-16
spanning-tree mode 16-13
switch priority 16-19
transmit hold-count 16-22
counters, clearing 16-22
default configuration 16-11
default optional feature configuration 18-9
designated port, defined 16-3
designated switch, defined 16-3
detecting indirect link failures 18-5
disabling 16-14
displaying status 16-22
EtherChannel guard
described 18-7
disabling 18-14
enabling 18-14
extended system ID
effects on root switch 16-14
effects on the secondary root switch 16-16
overview 16-4
unexpected behavior 16-14
features supported 1-5
IEEE 802.1D and bridge ID 16-4
IEEE 802.1D and multicast addresses 16-8
IEEE 802.1t and VLAN identifier 16-4
inferior BPDU 16-3
instances supported 16-9
interface state, blocking to forwarding 18-2
interface states
blocking 16-5
disabled 16-7
forwarding 16-5, 16-6
learning 16-6
listening 16-6
overview 16-4
interoperability and compatibility among modes 16-10
Layer 2 protocol tunneling 15-8
limitations with IEEE 802.1Q trunks 16-10
load sharing
overview 11-24
using path costs 11-26
using port priorities 11-24
loop guard
described 18-9
enabling 18-15
modes supported 16-9
multicast addresses, effect of 16-8
optional features supported 1-5
overview 16-2
path costs 11-26
Port Fast
described 18-2
enabling 18-10
port priorities 11-25
preventing root switch selection 18-8
protocols supported 16-9
redundant connectivity 16-8
root guard
described 18-8
enabling 18-15
root port, defined 16-3
root switch
configuring 16-14
effects of extended system ID 16-4, 16-14
election 16-3
unexpected behavior 16-14
shutdown Port Fast-enabled port 18-2
status, displaying 16-22
superior BPDU 16-3
timers, described 16-20
UplinkFast
described 18-3
enabling 18-13
stratum, NTP 5-2
stub routing
PIM 34-24
stub routing, EIGRP 34-26
subdomains, private VLAN 14-1
subnet mask 34-5
subnet zero 34-5
success response, VMPS 11-28
summer time 5-13
SunNet Manager 1-3
supernet 34-6
SVI autostate exclude
configuring 9-22
defined 9-5
SVI link state 9-5
SVIs
and IP unicast routing 34-3
and router ACLs 31-4
connecting VLANs 9-7
defined 9-5
routing between VLANs 11-2
switch 35-2
switch console port 1-5
Switch Database Management
See SDM
switched packets, ACLs on 31-37
Switched Port Analyzer
See SPAN
switched ports 9-2
switchport block multicast command 23-8
switchport block unicast command 23-8
switchport command 9-13
switchport mode dot1q-tunnel command 15-6
switchport protected command 23-7
switch priority
MSTP 17-21
STP 16-19
switch software features 1-1
switch virtual interface
See SVI
syslog
See system message logging
system clock
configuring
daylight saving time 5-13
manually 5-11
summer time 5-13
time zones 5-12
displaying the time and date 5-12
overview 5-1
See also NTP
system message logging
default configuration 29-3
defining error message severity levels 29-8
disabling 29-4
displaying the configuration 29-13
enabling 29-4
facility keywords, described 29-13
level keywords, described 29-9
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
synchronizing log messages 29-6
syslog facility 1-11
time stamps, enabling and disabling 29-7
UNIX syslog servers
configuring the daemon 29-12
configuring the logging facility 29-12
facilities supported 29-13
system MTU and IEEE 802.1Q tunneling 15-5
system name
default configuration 5-15
default setting 5-15
manual configuration 5-15
See also DNS
system prompt, default setting 5-14, 5-15
system resources, optimizing 6-1
T
TACACS+
accounting, defined 7-11
authentication, defined 7-11
authorization, defined 7-11
configuring
accounting 7-17
authentication key 7-13
authorization 7-16
login authentication 7-14
default configuration 7-13
displaying the configuration 7-17
identifying the server 7-13
limiting the services to the user 7-16
operation of 7-12
overview 7-10
support for 1-9
tracking services accessed by user 7-17
tagged packets
IEEE 802.1Q 15-3
Layer 2 protocol 15-8
tar files
creating B-6
displaying the contents of B-6
extracting B-8
image file format B-24
TDR 1-11
Telnet
accessing management interfaces 2-10
number of connections 1-4
setting a password 7-6
templates, SDM 6-1
temporary self-signed certificate 7-42
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 7-6
TFTP
configuration files
downloading B-12
preparing the server B-11
uploading B-12
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
image files
deleting B-27
downloading B-26
preparing the server B-26
uploading B-28
limiting access by servers 30-15
TFTP server 1-4
threshold, traffic level 23-2
time
See NTP and system clock
Time Domain Reflector
See TDR
time-range command 31-16
time ranges in ACLs 31-16
time stamps in log messages 29-7
time zones 5-12
tlvs
defined 25-2
LLDP 25-2
LLDP-MED 25-2
Token Ring VLANs
support for 11-6
VTP support 12-4
ToS 1-9
traceroute, Layer 2
and ARP 40-12
and CDP 40-12
broadcast traffic 40-11
described 40-11
IP addresses and subnets 40-12
MAC addresses and VLANs 40-12
multicast traffic 40-12
multiple devices on a port 40-12
unicast traffic 40-11
usage guidelines 40-12
traceroute command 40-14
See also IP traceroute
tracked lists
configuring 38-13
types 38-13
tracked objects
by Boolean expression 38-14
by threshold percentage 38-16
by threshold weight 38-15
tracking interface line-protocol state 38-13
tracking IP routing state 38-13
tracking objects 38-12
tracking process 38-12
traffic
blocking flooded 23-8
fragmented 31-5
fragmented IPv6 37-2
unfragmented 31-5
traffic policing 1-10
traffic suppression 23-1
transmit hold-count
see STP
transparent mode, VTP 12-3, 12-12
trap-door mechanism 3-2
traps
configuring MAC address notification 5-22
configuring managers 30-11
defined 30-3
enabling 5-22, 30-11
notification types 30-11
overview 30-1, 30-4
troubleshooting
connectivity problems 40-10, 40-11, 40-13
detecting unidirectional links 26-1
displaying crash information 40-19
setting packet forwarding 40-17
SFP security and identification 40-8
show forward command 40-17
with CiscoWorks 30-4
with debug commands 40-15
with ping 40-10
with system message logging 29-1
with traceroute 40-13
trunking encapsulation 1-7
trunk ports
configuring 11-20
defined 9-3, 11-3
encapsulation 11-20, 11-25, 11-27
trunks
allowed-VLAN list 11-21
configuring 11-20, 11-25, 11-27
ISL 11-16
load sharing
setting STP path costs 11-26
using STP port priorities 11-24, 11-25
native VLAN for untagged traffic 11-23
parallel 11-26
pruning-eligible list 11-22
to non-DTP device 11-17
trusted boundary for QoS 32-38
trusted port states
between QoS domains 32-40
classification options 32-5
ensuring port security for IP phones 32-38
support for 1-9
within a QoS domain 32-36
trustpoints, CA 7-42
tunneling
defined 15-1
IEEE 802.1Q 15-1
Layer 2 protocol 15-8
tunnel ports
defined 11-4
described 9-4, 15-1
IEEE 802.1Q, configuring 15-6
incompatibilities with other features 15-6
twisted-pair Ethernet, detecting unidirectional links 26-1
type of service
See ToS
U
UDLD
configuration guidelines 26-4
default configuration 26-4
disabling
globally 26-5
on fiber-optic interfaces 26-5
per interface 26-5
echoing detection mechanism 26-3
enabling
globally 26-5
per interface 26-5
Layer 2 protocol tunneling 15-10
link-detection mechanism 26-1
neighbor database 26-2
overview 26-1
resetting an interface 26-6
status, displaying 26-6
support for 1-5
UDP, configuring 34-14
unauthorized ports with IEEE 802.1x 8-7
unicast MAC address filtering 1-4
and adding static addresses 5-25
and broadcast MAC addresses 5-25
and CPU packets 5-25
and multicast addresses 5-25
and router MAC addresses 5-25
configuration guidelines 5-25
described 5-25
unicast storm 23-1
unicast storm control command 23-4
unicast traffic, blocking 23-8
UniDirectional Link Detection protocol
See UDLD
UNIX syslog servers
daemon configuration 29-12
facilities supported 29-13
message logging configuration 29-12
unrecognized Type-Length-Value (TLV) support 12-4
upgrading information
See release notes
upgrading software images
See downloading
UplinkFast
described 18-3
disabling 18-13
enabling 18-13
support for 1-5
uploading
configuration files
preparing B-11, B-13, B-17
reasons for B-9
using FTP B-15
using RCP B-18
using TFTP B-12
image files
preparing B-26, B-29, B-33
reasons for B-24
using FTP B-32
using RCP B-36
using TFTP B-28
User Datagram Protocol
See UDP
user EXEC mode 2-2
username-based authentication 7-6
V
version-dependent transparent mode 12-4
virtual router 38-1, 38-2
virtual switches and PAgP 33-5
vlan.dat file 11-5
VLAN 1, disabling on a trunk port 11-22
VLAN 1 minimization 11-21
VLAN ACLs
See VLAN maps
vlan-assignment response, VMPS 11-28
VLAN configuration
at bootup 11-8
saving 11-8
VLAN configuration mode 2-2, 11-7
VLAN database
and startup configuration file 11-8
and VTP 12-1
VLAN configuration saved in 11-7
VLANs saved in 11-4
vlan database command 11-7
vlan dot1q tag native command 15-5
VLAN filtering and SPAN 27-6
vlan global configuration command 11-7
VLAN ID, discovering 5-28
VLAN link state 9-5
VLAN load balancing on flex links 19-2
configuration guidelines 19-5
VLAN management domain 12-2
VLAN Management Policy Server
See VMPS
VLAN map entries, order of 31-29
VLAN maps
applying 31-33
common uses for 31-33
configuration guidelines 31-29
configuring 31-28
creating 31-30
defined 31-2
denying access to a server example 31-35
denying and permitting packets 31-31
displaying 31-39
examples of ACLs and VLAN maps 31-31
removing 31-33
support for 1-8
wiring closet configuration example 31-34
VLAN membership
confirming 11-31
modes 11-3
VLAN Query Protocol
See VQP
VLANs
adding 11-9
adding to VLAN database 11-9
aging dynamic addresses 16-9
allowed on trunk 11-21
and spanning-tree instances 11-3, 11-6, 11-13
configuration guidelines, extended-range VLANs 11-13
configuration guidelines, normal-range VLANs 11-6
configuration options 11-7
configuring 11-1
configuring IDs 1006 to 4094 11-13
connecting through SVIs 9-7
creating in config-vlan mode 11-9
creating in VLAN configuration mode 11-10
customer numbering in service-provider networks 15-3
default configuration 11-8
deleting 11-10
described 9-2, 11-1
displaying 11-16
extended-range 11-1, 11-12
features 1-7
illustrated 11-2
internal 11-13
limiting source traffic with RSPAN 27-22
limiting source traffic with SPAN 27-14
modifying 11-9
multicast 22-17
native, configuring 11-23
normal-range 11-1, 11-4
number supported 1-7
parameters 11-5
port membership modes 11-3
static-access ports 11-11
STP and IEEE 802.1Q trunks 16-10
supported 11-2
Token Ring 11-6
traffic between 11-2
VTP modes 12-3
VLAN Trunking Protocol
See VTP
VLAN trunks 11-16
VMPS
administering 11-32
configuration example 11-33
configuration guidelines 11-29
default configuration 11-29
description 11-27
dynamic port membership
described 11-28
reconfirming 11-31
troubleshooting 11-32
mapping MAC addresses to VLANs 11-28
monitoring 11-32
reconfirmation interval, changing 11-31
reconfirming membership 11-31
retry count, changing 11-31
voice aware 802.1x security
port-based authentication
configuring 8-28
described 8-19, 8-28
voice-over-IP 13-1
voice VLAN
Cisco 7960 phone, port connections 13-1
configuration guidelines 13-3
configuring IP phones for data traffic
override CoS of incoming frame 13-6
trust CoS priority of incoming frame 13-6
configuring ports for voice traffic in
802.1p priority tagged frames 13-5
802.1Q frames 13-5
connecting to an IP phone 13-4
default configuration 13-3
described 13-1
displaying 13-7
IP phone data traffic, described 13-2
IP phone voice traffic, described 13-2
VQP 1-7, 11-27
VTP
adding a client to a domain 12-14
advertisements 11-19, 12-3
and extended-range VLANs 12-1
and normal-range VLANs 12-1
client mode, configuring 12-11
configuration
global configuration mode 12-7
guidelines 12-8
privileged EXEC mode 12-7
requirements 12-9
saving 12-7
VLAN configuration mode 12-7
configuration mode options 12-7
configuration requirements 12-9
configuration revision number
guideline 12-14
resetting 12-15
configuring
client mode 12-11
server mode 12-9
transparent mode 12-12
consistency checks 12-4
default configuration 12-6
described 12-1
disabling 12-12
domain names 12-8
domains 12-2
Layer 2 protocol tunneling 15-8
modes
client 12-3, 12-11
server 12-3, 12-9
transitions 12-3
transparent 12-3, 12-12
monitoring 12-16
passwords 12-8
pruning
disabling 12-14
enabling 12-14
examples 12-5
overview 12-4
support for 1-7
pruning-eligible list, changing 11-22
server mode, configuring 12-9
statistics 12-16
support for 1-7
Token Ring support 12-4
transparent mode, configuring 12-12
using 12-1
version, guidelines 12-8
Version 1 12-4
Version 2
configuration guidelines 12-8
disabling 12-13
enabling 12-13
overview 12-4
W
web authentication 8-9
configuring8-45to 8-48
described 1-7, 8-19
fallback for IEEE 802.1x 8-47
weighted tail drop
See WTD
weight thresholds in tracked lists 38-15
WTD
described 32-13
setting thresholds
egress queue-sets 32-71
ingress queues 32-67
support for 1-10
X
Xmodem protocol 40-2