Catalyst 2950 Desktop Switch Software Configuration Guide, 12.1(9)EA1
Index
Downloads: This chapterpdf (PDF - 0.95MB) The complete bookPDF (PDF - 6.38MB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

Numerics

802.1Q

and trunk ports9-2

configuration limitations13-20

native VLAN for untagged traffic13-25

trunk mode3-9

802.1X

authentication initiation8-3

configuring8-6

changing the quiet period8-11

default8-6

guidelines8-7

manually re-authenticating the client8-11

resetting to default values8-14

switch-to-client retransmission time8-13

switch-to-RADIUS server8-9

device roles8-2

displaying statistics and status8-14

enabling

authentication8-8

multiple hosts8-13

periodic re-authentication8-10

resetting to default values8-14

understanding8-1

802.3Z flow control9-14

A

abbreviating commands2-3

AC (command switch)6-14, 6-25

access-class command23-15

access control entries

See ACEs

access-denied response, VMPS13-30

access groups

viewing23-17

accessing

clusters, switch6-17

CMS3-29

modes3-30

command switches6-15

HTTP port3-30

member switches6-17

switch clusters6-17

access levels, CMS3-30

access lists

See ACLs

access ports

defined9-2

in switch clusters6-12

accounting

with RADIUS7-27

with TACACS+7-10, 7-16

ACEs

defined23-2

Ethernet23-2

IP23-2

Layer 3 parameters23-9

Layer 4 parameters23-9

ACLs

ACEs23-2

applying

to an interface23-15

ACLs (continued)

comments in23-14

compiling23-18

defined23-1, 23-7

displaying interface23-17

examples of23-18

extended IP

creating23-9

matching criteria23-7

guidelines for configuring23-5

IP

applying to interface23-15

creating23-7

implicit deny23-9, 23-12, 23-14

implicit masks23-9

matching criteria23-2, 23-7

named23-12

undefined23-16, 23-22

virtual terminal lines, setting on23-15

MAC extended23-20

matching23-7

monitoring23-16

named23-12

numbers23-7

protocol parameters23-9

standard IP

creating23-8

matching criteria23-7

unsupported features23-6

ACP

system-defined mask23-4

understanding23-4

user-defined mask23-4

adding

secure addresses7-58

address

count, secure17-4

resolution7-59

security violations17-4

addresses

displaying the MAC address table7-59

dynamic

accelerated aging10-9

changing the aging time7-54

default aging10-9

defined7-52

learning7-53

removing7-55

MAC

adding secure7-58

discovering7-59

multicast

STP address management10-8

secure

adding7-58

described7-58

static

adding and removing7-57

configuring (EtherChannel)7-58

defined7-52

Address Resolution Protocol (ARP)

see ARP table

address table

secure addresses

adding7-58

advertisements

CDP19-1

VTP13-21, 14-3

aging, accelerating10-9

aging time

accelerated

for MSTP11-20

for STP10-9, 10-18

MAC address table7-54

maximum

for MSTP11-21

for STP10-19

allowed-VLAN list13-23

Apply button3-28

ARP table

address resolution7-59

managing7-59

attributes, RADIUS

vendor-proprietary7-29

vendor-specific7-28

authentication

local mode with AAA7-31

NTP associations7-36

RADIUS

key7-20

login7-22

TACACS+

defined7-10

key7-12

login7-13

authoritative time source, described7-33

authorization

with RADIUS7-26

with TACACS+7-10, 7-15

authorized ports8-4

automatic discovery

adding member switches6-23

considerations

beyond a non-candidate device6-9, 6-10

brand new switches6-12

connectivity6-5

management VLANs6-9, 6-10

non-CDP-capable devices6-8

non-cluster-capable devices6-8

creating a cluster standby group6-25

in switch clusters6-5

See also CDP

automatic recovery, clusters6-14

See also HSRP

autonegotiation

connecting to devices without9-12

mismatches26-2

auxiliary VLAN

See voice VLAN

B

BackboneFast

described12-10

enabling12-19

support for1-4

bandwidth graphs3-8

banners

configuring

login7-52

message-of-the-day login7-50

default configuration7-50

when displayed7-50

booting

boot loader, function of4-1

boot process4-1

boot loader

described4-1

trap-door mechanism4-2

BPDU

error-disabled state12-3

filtering12-3

RSTP format11-5

BPDU filtering

described12-3

enabling12-16

support for1-4

BPDU guard

described12-3

enabling12-15

support for1-4

broadcast storm control

disabling17-2

enabling17-1

broadcast traffic and protected ports17-3

browser configuration3-1, 6-1

buttons, CMS3-28

C

cables, monitoring for unidirectional links18-1

Cancel button3-28

candidates

changing management VLAN for13-4

candidate switch

adding6-23

automatic discovery6-5

defined6-4

HC6-25

passwords6-23

requirements6-4

standby group6-25

See also command switch, cluster standby group, and member switch

cautionsxxiv

CC (command switch)6-25

CDP1-3

automatic discovery in switch clusters6-5

configuring19-2

default configuration19-2

described19-1

disabling for routing device16-6, 19-3, 19-4

enabling and disabling

on an interface19-4

on a switch19-3

monitoring19-5

overview19-1

transmission timer and holdtime, setting19-2

updates19-2

change notification, CMS3-31

Cisco Access Analog Trunk Gateway1-13

Cisco CallManager software1-12, 1-13

Cisco Discovery Protocol

See CDP

Cisco Intelligence Engine 2100 Series Configuration Registrar

See IE2100

Cisco IP Phones1-12

Cisco Networking Services

See IE2100

Cisco SoftPhone software1-12

CiscoWorks 20001-7, 22-3

class maps for QoS

configuring24-17

described24-5

displaying24-25

class of service

See CoS

clearing interfaces9-18

CLI1-6

abbreviating commands2-3

accessing2-9

command modes2-1

editing features

enabling and disabling2-6

keystroke editing2-6

wrapped lines2-7

error messages2-4

filtering command output2-8

getting help2-3

history

changing the buffer size2-5

described2-5

disabling2-5

recalling commands2-5

managing clusters6-28

no and default forms of commands2-4

saving changes2-10

client mode, VTP14-3

clock

See system clock

Cluster Management Suite1-6

See CMS

clusters, switch

accessing6-17

adding member switches6-23

automatic discovery6-5

automatic recovery6-14

command switch configuration6-22

compatibility6-5

creating6-21

creating a cluster standby group6-25

described6-1

LRE profile considerations6-20

management VLAN, changing13-3

managing

through CLI6-28

through SNMP6-29

planning considerations6-5

automatic discovery6-5

automatic recovery6-14

CLI6-28

host names6-18

IP addresses6-17

LRE profiles6-20

management VLAN6-20

passwords6-18

RADIUS6-19

SNMP6-18, 6-29

switch-specific features6-21

TACACS+6-19

redundancy6-25

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

troubleshooting6-27

verifying6-27

cluster standby group

automatic recovery6-17

considerations6-15

creating6-25

defined6-2

cluster standby group (continued)

requirements6-3

virtual IP address6-15

See also HSRP

cluster tree

described3-5

icons3-5

CMS

accessing3-29

access levels3-30

advantages1-7

change notification3-31

cluster tree3-5

described3-1

different versions of3-32

displaying system messages3-18

error checking3-31

features3-2

Front Panel images3-6

Front Panel view3-4

interaction modes3-25

menu bar3-14

online help3-26

privilege level3-30

requirements3-29

saving configuration changes3-31

toolbar3-20

tool tips3-26

Topology view3-9

verifying configuration changes3-31

window components3-27

wizards3-25

Coarse Wave Division Multiplexer

See CWDM GBIC modules

Collapse Cluster view3-10

command-line interface

see CLI

command modes2-1

commands

abbreviating2-3

copy running-config startup-config26-5

dir flash26-4

no and default2-4

setting privilege levels7-7

command switch

accessing6-15

active (AC)6-14, 6-25

command switch with HSRP disabled (CC)6-25

configuration conflicts26-5

defined6-2

enabling6-22

passive (PC)6-14, 6-25

password privilege levels6-28

priority6-14

recovery

from failure26-6, 26-9

from failure without HSRP26-9

from lost member connectivity26-5

recovery from command-switch failure6-14

redundant6-14, 6-25

replacing

with another switch26-8

with cluster member26-6

requirements6-3

See also candidate switch, cluster standby group, member switch, and standby command switch

standby (SC)6-14, 6-25

community strings

configuring6-18, 22-5

for cluster switches22-3

in clusters6-18

overview22-3

SNMP6-18

compatibility

feature26-2

configuration

conflicts, managing26-1, 26-5

files, saving to an external server26-4

guidelines

port9-12

saving to Flash memory26-5

configuration changes, saving3-31

CLI2-10

configuration examples, network1-8

collapsed backbone and switch cluster1-12

design concepts

cost-effective wiring closet1-9

high-performance workgroup1-9

network performance1-8

network services1-8

redundant Gigabit backbone1-9

large campus1-13

long-distance, high-bandwidth transport configuration1-16

small to medium-sized network1-10

configuration files

limiting TFTP server access22-9

obtaining with DHCP4-7

system contact and location information22-9

VMPS database13-31

configuration settings, saving4-11

configure terminal command9-5

configuring

broadcast storm control17-1

duplex9-12

management VLAN13-4

ports

protected17-3

speed9-12

static addresses (EtherChannel)7-58

TACACS+7-17

config-vlan mode13-8

conflicts, configuration26-1, 26-5

connections, secure remote7-32

consistency checks in VTP version 214-4

console port

connecting to2-9

conventions

commandxxiv

for examplesxxiv

textxxiv

copy running-config startup-config command26-5

CoS1-5

configuring24-8

configuring priority queues24-24

defining24-8

override priority15-5

trust priority15-5

CoS-to-DSCP map for QoS24-21

counters, clearing interface9-18

cross-stack UplinkFast, STP

connecting stack ports12-8

described12-5

enabling12-18

fast-convergence events12-7

Fast Uplink Transition Protocol12-6

limitations12-8

normal-convergence events12-7

Stack Membership Discovery Protocol12-6

support for1-4

crypto software image7-32

CWDM GBIC modules

network example1-16

wavelength colors on CMS3-7

D

daylight saving time7-45

debugging

enabling all system diagnostics26-12

enabling for a specific feature26-12

redirecting error message output26-13

using commands26-11

default commands2-4

default configuration

802.1X8-6

banners7-50

CDP19-2

DNS7-49

EtherChannel25-6

IGMP filtering16-19

IGMP snooping16-5

initial switch information4-3

Layer 2 interfaces9-11

MAC address table7-54

MVR16-13

NTP7-36

optional spanning-tree features12-14

password and privilege level7-3

QoS24-9

RADIUS7-19

RSTP and MSTP11-12

SNMP22-4

STP10-10

system message logging21-3

system name and prompt7-47

TACACS+7-12

UDLD18-3

VLAN, Layer 2 Ethernet interfaces13-21

VLANs13-10

VMPS13-33

voice VLAN15-2

VTP14-6

default gateway4-10

deleting VLANs13-12

description command9-15

destination addresses, in ACLs23-11

destination-based port groups7-58

detecting indirect link failures, STP12-10

device discovery protocol19-1

device icons

Front Panel view3-5

Topology view3-11

device labels3-12

Device Manager3-2

See also Switch Manager

device pop-up menu

Front Panel view3-21

Topology view3-23

DHCP1-3

Client Request Process4-3

example configuration4-8

overview4-3

DHCP-based autoconfiguration

configuring

client side4-3

DNS4-6

relay device4-6

server-side4-5

TFTP server4-5

lease options

for IP address information4-5

for receiving the configuration file4-5

relationship to BOOTP4-3

Differentiated Services architecture, QoS24-2

Differentiated Services Code Point24-2

dir flash command26-4

disabling

broadcast storm control17-2

port security17-5

discovery, clusters

See automatic discovery

display options, Topology view3-13

Disqualification Code option3-24

DNS

and DHCP-based autoconfiguration4-6

default configuration7-49

displaying the configuration7-50

overview7-48

DNS (continued)

setting up7-49

documentation, relatedxxv

domain names

DNS7-48

VTP14-8

Domain Name System

See DNS

DSCP1-5, 24-2

DSCP-to-CoS map for QoS24-22

DTP1-4, 13-19

duplex

configuration guidelines9-12

configuring9-12

dynamic access mode3-9

dynamic access ports

characteristics13-5

configuring13-34

defined9-2

dynamic addresses

See addresses

dynamic desirable trunking mode13-20

dynamic port VLAN membership13-31

reconfirming13-35

troubleshooting13-37

types of connections13-34

VMPS database configuration file13-31

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling2-6

keystrokes used2-6

wrapped lines2-7

egress port scheduling24-8

enable password7-4

enable secret password7-4

enabling

broadcast storm control17-1

port security17-3, 17-5

encapsulation24-8

encrypted software image7-32

encryption for passwords7-4

error checking, CMS3-31

error messages

during command entry2-4

setting the display destination device21-4

severity levels21-8

system message format21-2

EtherChannel

automatic creation of25-3

configuration guidelines25-7

configuring

Layer 2 interfaces25-7

default configuration25-6

displaying status25-10

forwarding methods25-5, 25-9

interaction

with STP25-7

with VLANs25-7

load balancing25-5, 25-9

overview25-1

PAgP

aggregate-port learners25-4

compatibility with Catalyst 190025-10

displaying status25-10

interaction with other features25-5

learn method and priority configuration25-10

modes25-3

overview25-3

physical learners25-4

silent mode25-4

support for1-2

port-channel interfaces25-2

port groups9-3

EtherChannel port groups

configuring static address for7-58

Ethernet VLANs

adding13-10

defaults and ranges13-10

modifying13-10

examples

conventions forxxiv

network configuration1-8

Expand Cluster view3-10

expert mode3-25

extended-range VLANs

configuration guidelines13-15

configuring13-14

creating13-15

defined13-1

extended system ID

MSTP11-14

STP10-4, 10-12

F

fallback VLAN name13-31

fan fault indication3-5

Fast Uplink Transition Protocol12-6

features

conflicting port26-1

incompatible26-2

IOS1-1

fiber-optic, detecting unidirectional links18-1

filtering show and more command output2-8

filters, IP

See ACLs, IP

Flash memory, files in26-4, 26-5

flow-based packet classification1-5

flow control9-14

forward-delay time

MSTP11-20

STP10-6, 10-18

forwarding

see also broadcast storm control

Front Panel images, CMS3-6

Front Panel view

cluster tree3-5

described3-4

pop-up menus3-21

port icons3-6

port LEDs3-8

RPS LED3-7

switch images3-6

FTP

accessing MIB filesA-2

G

GBICs

1000BASE-LX/LH module1-9

1000BASE-SX module1-9

1000BASE-ZX module1-9

CWDM GBIC security and identification26-2

CWDM module1-16

GigaStack module1-9

get-bulk-request operation22-2

get-next-request operation22-2, 22-3

get-request operation22-2, 22-3

get-response operation22-2

Gigabit Ethernet

port settings9-12

settings9-12

Gigabit Interface Converter

see GBICs

GigaStack GBIC

fast transition of redundant link12-5

global configuration mode2-2

graphs, bandwidth3-8

guide mode3-25

H

HC (candidate switch)6-25

hello time

MSTP11-19

STP10-18

help, for the command line2-3

Help button, CMS3-28

Help Contents3-26

history

changing the buffer size2-5

described2-5

disabling2-5

recalling commands2-5

history table, level and number of syslog messages21-10

host name list, CMS3-27

host names

abbreviations appended to6-25

in clusters6-18

hosts, limit on dynamic ports13-37

HP OpenView1-7

HSRP

automatic cluster recovery6-17

cluster standby group considerations6-15

See also clusters, cluster standby group, and standby command switch

HTTP access3-29, 3-30

Hypertext Transfer Protocol

See HTTP access

I

icons

cluster tree3-5

colors

cluster tree3-5

Topology view3-13

editable table cell3-28

Front Panel view3-6

icons (continued)

multilink3-22

sorting3-28

toolbar3-20

Topology view3-11

web link3-28

IE2100

CNS embedded agents

described5-5

enabling automated configuration5-6

enabling configuration agent5-9

enabling event agent5-8

Configuration Registrar

configID, deviceID, hostname5-3

configuration service5-2

described5-1

event service5-3

described1-6

support for1-3

IEEE 802.1P15-1

IGMP filtering

configuring16-19

default configuration16-19

described16-18

monitoring16-22

IGMP groups, setting the maximum number16-21

IGMP profile

applying16-20

configuration mode16-19

configuring16-19

IGMP snooping16-1

configuring16-5

configuring a multicast router port16-6

default configuration16-5

disabling16-5

enabling16-5

joining a multicast group16-2

leaving a multicast group16-4

monitoring16-10

Immediate Leave16-9

defined16-9

disable16-9

enable16-9

ingress port scheduling24-8

Intelligence Engine 2100 Series CNS Agents

See IE2100

interaction modes, CMS3-25

interface

number9-5

range macros9-9

interface command9-5

interface configuration mode2-2

interfaces

configuring9-5

counters, clearing9-18

described9-15

descriptive name, adding9-15

displaying information about9-16

flow control9-14

IOS supported1-6

monitoring9-16

naming9-15

physical, identifying9-5

range of9-7

restarting9-19

shutting down9-19

supported9-4

types of9-1

interfaces range macro command9-9

Internet Group Management Protocol

see IGMP snooping

inventory, cluster6-27

IOS command-line interface

see CLI

IP

numbered extended ACL23-9

numbered standard ACL23-8

IP ACLs

applying to an interface23-15

extended, creating23-9

implicit deny23-9, 23-12, 23-14

implicit masks23-9

named23-12

standard, creating23-8

undefined23-16, 23-22

virtual terminal lines, setting on23-15

IP addresses

candidate or member6-4, 6-17

cluster access6-2

command switch6-3, 6-15, 6-17

discovering7-59

management VLAN6-20, 13-3

redundant clusters6-15

standby command switch6-15, 6-17

See also IP information

ip igmp profile command16-19

IP information

assigned

manually4-10

through DHCP-based autoconfiguration4-3

default configuration4-3

IP multicast routing

and IGMP snooping16-5

IP phone

calls15-1

configuring15-3

IP protocols

in ACLs23-11

J

Java plug-in configuration3-1, 6-1

L

Layer 2 frames, classification with CoS24-2

Layer 2 interfaces, default configuration9-11

Layer 2 trunks13-19

Layer 3 packets, classification methods24-2

Layer 3 parameters of ACEs23-9

Layer 4 parameters of ACEs23-9

LDAP5-2

LEDs

port3-8

port modes3-8

RPS3-7

legend, CMS icons and labels3-19

lightweight directory access protocol

See LDAP

line configuration mode2-2

link icons, Topology view3-12

link labels3-12

link pop-up menu, Topology view3-22

links, unidirectional18-1

lists, CMS3-28

login authentication

with RADIUS7-22

with TACACS+7-13

login banners7-50

log messages

See system message logging

loop guard

described12-13

enabling12-20

support for1-4

LRE profiles

considerations in switch clusters6-20

M

MAC addresses

adding secure7-58

aging time7-54

and VLAN association7-53

building the address table7-53

default configuration7-54

discovering7-59

displaying7-59

dynamic

learning7-53

removing7-55

in ACLs23-20

static

adding7-57

characteristics of7-57

removing7-57

MAC address multicast entries, monitoring16-10

MAC address-to-VLAN mapping13-30

MAC extended access lists23-20

MAN

CWDM configuration example1-16

long-distance, high-bandwidth transport configuration example1-16

management options

benefits

clustering1-7

CMS1-7

CLI2-1

CMS3-1

CNS5-1

overview1-6

management VLAN

changes, understanding13-3

changing6-20, 13-3, 13-4

configuring13-4

discovery through different management VLANs6-10

discovery through same management VLAN6-9

management VLAN (continued)

IP address6-20, 13-3

switch clusters6-20

mapping tables for QoS

configuring

DSCP24-21

DSCP-to-CoS24-22

described24-7

matching, ACLs23-7

maximum aging time

MSTP11-21

STP10-19

maximum hop count, MSTP11-21

membership mode, VLAN port3-9, 13-5

member switch

adding6-23

automatic discovery6-5

defined6-2

managing6-28

passwords6-17

requirements6-4

See also candidate switch, cluster standby group, and standby command switch

member switches

recovering from lost connectivity26-5

menu bar

described3-14

variations3-14

messages

system3-18

to users through banners7-50

metropolitan-area networks

See MANs

MIBs

accessing files with FTPA-2

location of filesA-2

overview22-1

SNMP interaction with22-3

supportedA-1

mini-point-of-presence

See POP

mirroring traffic for analysis20-1

mismatches, autonegotiation26-2

Mode button3-8

modes

access to CMS3-30

port3-8

VLAN port membership3-9

Modify button3-28

monitoring

access groups23-17

ACLs23-16

cables for unidirectional links18-1

CDP19-5

IGMP filters16-22

IGMP snooping16-10

interfaces9-16

multicast router interfaces16-10

MVR16-17

network traffic for analysis with probe20-1

speed and duplex mode9-13

traffic suppression17-8

VLANs13-16

VMPS13-36

VTP14-16

MSTP

boundary ports

configuration guidelines11-12

described11-10

BPDU filtering

described12-3

enabling12-16

BPDU guard

described12-3

enabling12-15

CIST, described11-8

configuration guidelines11-12

configuring

MSTP (continued)

forward-delay time11-20

hello time11-19

link type for rapid convergence11-22

maximum aging time11-21

maximum hop count11-21

MST region11-13

path cost11-18

port priority11-17

root switch11-14

secondary root switch11-16

switch priority11-19

CST

defined11-8

operations between regions11-9

default configuration11-12

default optional feature configuration12-14

displaying status11-23

enabling the mode11-13

extended system ID

affects on root switch11-14

affects on secondary root switch11-16

unexpected behavior11-14

interface state, blocking to forwarding12-2

interoperability with 802.1D

described11-10

restarting migration process11-22

IST

defined11-8

master11-8

operations within a region11-8

loop guard

described12-13

enabling12-20

mapping VLANs to MST instance11-13

MST region

CIST11-8

configuring11-13

described11-7

MSTP (continued)

MSTP region (continued)

hop-count mechanism11-10

IST11-8

supported spanning-tree instances11-7

overview11-7

Port Fast

described12-2

enabling12-14

preventing root switch selection12-12

root guard

described12-12

enabling12-19

root switch

affects of extended system ID11-14

configuring11-14

unexpected behavior11-14

shutdown Port Fast-enabled port12-3

multicast groups

and IGMP snooping16-5

Immediate Leave16-4

joining16-2

leaving16-4

multicast router interfaces, monitoring16-10

multicast router ports, adding16-7

multicast traffic and protected ports17-3

Multicast VLAN Registration

See MVR

Multilink Decomposer window3-22

multilink icon3-22

Multiple Spanning Tree Protocol

See MSTP

MVR

configuring interfaces16-15

default configuration16-13

description16-11

modes16-14

monitoring16-17

setting global parameters16-14

N

named IP ACLs23-12

NameSpace Mapper

See NSM

native VLAN

configuring13-25

default13-25

negotiate trunk mode3-9

neighboring devices, types of3-11

network examples1-8

collapsed backbone and switch cluster1-12

design concepts

cost-effective wiring closet1-9

high-performance workgroup1-9

network performance1-8

network services1-8

redundant Gigabit backbone1-9

large campus1-13

long-distance, high-bandwidth transport configuration1-16

small to medium-sized network1-10

network management

configuring CDP19-1

configuring SNMP22-1

Network Time Protocol

See NTP

no commands2-4

nontrunking mode13-20

normal-range VLANs

configuration modes13-8

defined13-1

NSM5-3

NTP

associations

authenticating7-36

defined7-34

enabling broadcast messages7-38

peer7-37

NTP (continued)

associations (continued)

server7-37

default configuration7-36

displaying the configuration7-42

overview7-33

restricting access

creating an access group7-40

disabling NTP services per interface7-41

source IP address, configuring7-41

stratum7-33

synchronizing devices7-37

time

services7-34

synchronizing7-33

O

OK button3-28

online help3-26

out-of-profile markdown1-5

overheating indication, switch3-5

P

PAgP

See EtherChannel

passwords

default configuration7-3

encrypting7-4

in clusters6-18, 6-23

in CMS3-29

overview7-1

recovery of26-9

setting

enable7-3

enable secret7-4

Telnet7-5

Passwords (continued)

setting (continued)

with usernames7-6

VTP domain14-8

path cost

MSTP11-18

STP10-15

PC (passive command switch)6-14, 6-25

per-VLAN Spanning Tree (PVST)10-2

per-VLAN Spanning Tree+ (PVST+)10-8

physical ports9-2

planning considerations, switch clusters

LRE profiles6-20

management VLAN6-20

switch-specific features6-21

policers

configuring

for each matched traffic class24-18

described24-3

number of1-5, 24-7

types of24-6

policing1-5, 24-3

policy maps for QoS

characteristics of24-18

configuring24-18

described24-5

displaying24-25

POP1-14

Port Aggregation Protocol

See EtherChannel

See PAgP

port-channel

See EtherChannel

Port Fast

described12-2

enabling12-14

mode, spanning tree13-33

support for1-4

port groups

configuring static addresses (EtherChannel)7-58

destination-based7-58

source-based7-58

port icons, Front Panel view3-6

port LEDs3-8

DUPLX3-8

port modes3-8

SPEED3-8

STAT3-8

port membership modes, VLAN3-9, 13-5

port modes

described3-8

LEDs3-8

port pop-up menu, Front Panel view3-21

port priority

MSTP11-17

STP10-14

ports

802.1Q trunk3-9

802.1X8-8

access9-2

configuration guidelines9-12

configuring

protected17-3

dynamic access3-9, 13-5

features, conflicting26-1

Gigabit Ethernet

settings9-12

negotiate trunk3-9

priority24-8

protected17-3

secure17-4

security

described17-3

disabling17-5

enabling17-5

speed, setting and checking9-12

static-access3-9, 13-5, 13-13

ports (continued)

switch9-2

trunks13-18

VLAN assignments13-13

port scheduling24-8

port security

aging

described15-1

enabling17-6

configuring17-3

displaying17-8

port-shutdown response, VMPS13-30

preferential treatment of traffic

See QoS

preventing unauthorized access7-1

priority

overriding CoS15-5

port

described24-8

trusting CoS15-5

private VLAN edge ports

see protected ports

privileged EXEC mode2-2

privilege levels

access modes

read-only3-30

read-write3-30

changing the default for lines7-8

CMS3-30

command switch6-28

exiting7-9

logging into7-9

mapping on member switches6-28

overview7-2, 7-7

setting a command with7-7

protected ports1-2, 17-3

pruning, VTP

enabling14-14

enabling on a port13-24

examples14-5

overview14-4

pruning-eligible list

changing13-24

for VTP pruning14-4

VLANs14-14

PSTN1-13

publications, relatedxxv

PVST13-3

Q

QoS

basic model24-3

classification

class maps, described24-5

defined24-3

in frames and packets24-3

IP ACLs, described24-5

MAC ACLs, described24-5

policy maps, described24-5

port default, described24-6

trust DSCP, described24-6

trusted CoS, described24-6

types for IP traffic24-7

types for non-IP traffic24-6

class maps

configuring24-17

displaying24-25

configuration examples

common wiring closet24-26

intelligent wiring closet24-27

configuration guidelines24-10

QoS (continued)

configuring

class maps24-17

CoS and WRR24-23

default port CoS value24-13

IP extended ACLs24-15

IP standard ACLs24-14

MAC ACLs24-16

policy maps24-18

port trust states within the domain24-11

QoS policy24-13

default configuration24-9

displaying statistics24-25

egress port scheduling24-8

ingress port scheduling24-8, 24-9

mapping tables

CoS-to-DSCP24-21

displaying24-25

DSCP-to-CoS24-22

types of24-7

marked-down actions24-20

marking, described24-4, 24-6

overview24-2

policers

configuring24-20

described24-6

number of24-7

types of24-6

policing, described24-3, 24-6

policy maps

characteristics of24-18

configuring24-18

displaying24-25

queueing, defined24-4

scheduling

defined24-4

support for1-5

trust states24-6

understanding24-2

quality of service

See QoS

R

RADIUS

attributes

vendor-proprietary7-29

vendor-specific7-28

configuring

accounting7-27

authentication7-22

authorization7-26

communication, global7-20, 7-28

communication, per-server7-20

multiple UDP ports7-20

default configuration7-19

defining AAA server groups7-24

displaying the configuration7-30

identifying the server7-20

in clusters6-19

limiting the services to the user7-26

method list, defined7-19

operation of7-18

overview7-17

suggested network environments7-17

tracking services accessed by user7-27

range

macro9-9

of interfaces9-7

Rapid Spanning Tree Protocol

See RSTP

rcommand command6-28

read-only access mode3-30

read-write access mode3-30

reconfirmation interval, VMPS, changing13-35

recovery procedures26-5

redundancy

EtherChannel25-1

STP

backbone10-8

multidrop backbone12-5

path cost13-28

port priority13-26

redundant clusters

See cluster standby group

redundant links and UplinkFast12-17

redundant power system

See RPS

Refresh button3-28

Remote Authentication Dial-In User Service

See RADIUS

remote devices without autonegotiation, connecting to9-12

remote monitoring

see RMON

removing

secure addresses7-58

resetting a UDLD-shutdown interface18-4

restricting access

NTP services7-39

overview7-1

passwords and privilege levels7-2

RADIUS7-17

TACACS+7-9

retry count, VMPS, changing13-36

RFC

1157, SNMPv122-2

1305, NTP7-33

1901, SNMPv2C22-2

1902 to 1907, SNMPv222-2

root guard

described12-12

enabling12-19

support for1-4

root switch

MSTP11-14

STP10-12

RPS LED 3-7

RSTP

active topology, determining11-2

BPDU

format11-5

processing11-6

configuration guidelines11-12

designated port, defined11-2

designated switch, defined11-2

interoperability with 802.1D

described11-10

restarting migration process11-22

topology changes11-6

overview11-2

port roles

described11-2

synchronized11-4

proposal-agreement handshake process11-3

rapid convergence

edge ports and Port Fast11-3

point-to-point links11-3, 11-22

root ports11-3

root port, defined11-2

See also MSTP

running configuration, saving4-11

S

saving changes in CMS3-31

SC (standby command switch)6-14, 6-25

secure address count17-4

secure addresses

adding7-58

described7-58

secure ports

address-security violations17-4

disabling17-5

enabling17-3, 17-5

maximum secure address count17-4

secure remote connections7-32

Secure Shell

See SSH

security

port17-3

violations, address17-4

sequence numbers in log messages21-8

server mode, VTP14-3

servers, BOOTP1-3

set-request operation22-3

settings

duplex9-12

Gigabit Ethernet port9-12

speed9-12

setup program, failed command switch replacement26-6, 26-8

severity levels, defining in system messages21-8

show cdp traffic command19-5

show cluster members command6-28

show configuration command9-15

show interfaces command9-13, 9-15

show running-config command

displaying ACLs23-15, 23-16, 23-21

interface description in9-15

shutdown command on interfaces9-19

Simple Network Management Protocol

See SNMP

SNAP19-1

SNMP

accessing MIB variables with22-3

agent

described22-3

disabling22-5

SNMP (continued)

community strings

configuring22-5

for cluster switches22-3

overview22-3

configuration examples22-10

default configuration22-4

in clusters6-18

limiting access by TFTP servers22-9

limiting system log messages to NMS21-10

manager functions22-2

managing clusters with6-29

MIBs

location ofA-2

supportedA-1

overview22-1, 22-3

status, displaying22-10

system contact and location22-9

trap manager, configuring22-8

traps

described22-2

enabling22-7

enabling MAC address notification7-55

overview22-1, 22-3

types of22-7

versions supported22-2

software

recovery procedures26-11

VLAN considerations14-8

see also upgrading

source addresses, in ACLs23-11

source-based port groups7-58

SPAN

configuration guidelines20-5

destination ports20-3

displaying status20-8

interaction with other features20-4

monitored ports20-3

monitoring ports20-3

SPAN (continued)

overview20-1

ports, restrictions26-2

received traffic20-2

sessions

creating20-6

defined20-2

removing destination (monitoring) ports20-7

removing source (monitored) ports20-7

specifying monitored ports20-6

source ports20-3

transmitted traffic20-3

spanning tree and native VLANs13-20

Spanning Tree Protocol

See STP

speed, setting9-12

SSH

configuring7-32

crypto software image7-32

described7-32

displaying settings7-32

Stack Membership Discovery Protocol12-6

Standby Command Configuration window6-26

standby command switch

configuring 6-25

considerations6-15

defined6-2

priority6-14

requirements6-3

virtual IP address6-15

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

static access mode3-9

static access ports

assigning to VLAN13-13

defined9-2, 13-5

static addresses

configuring for EtherChannel port groups7-58

See addresses

static VLAN membership13-2

statistics

CDP19-5

interface9-16

QoS ingress and egress24-25

SNMP input and output22-10

VTP14-16

status bar

change notification3-31

error notification3-31

storm control

displaying17-8

STP

accelerating root port selection12-4

BackboneFast

described12-10

enabling12-19

BPDU filtering

described12-3

enabling12-16

BPDU guard

described12-3

enabling12-15

BPDU message exchange10-2

configuration guidelines10-10

configuring

forward-delay time10-18

hello time10-18

in cascaded stack10-20

maximum aging time10-19

path cost10-15

port priority10-14, 11-17

root switch10-12

secondary root switch10-13

switch priority10-17

STP (continued)

cross-stack UplinkFast

described12-5

enabling12-18

default configuration10-10

default optional feature configuration12-14

designated port, defined10-3

designated switch, defined10-3

detecting indirect link failures12-10

disabling10-11

displaying status10-21

extended system ID

affects on root switch10-12

affects on the secondary root switch10-13

overview10-4

unexpected behavior10-12

features supported1-4

inferior BPDU10-3

interface state, blocking to forwarding12-2

interface states

blocking10-7

disabled10-8

forwarding10-6, 10-7

learning10-7

listening10-7

overview10-5

limitations with 802.1Q trunks10-8

load sharing

overview13-26

using path costs13-28

using port priorities13-26

loop guard

described12-13

enabling12-20

multicast addresses, affect of10-8

overview10-2

path costs13-28

STP (continued)

Port Fast

described12-2

enabling12-14

port priorities13-27

preventing root switch selection12-12

redundant connectivity10-8

root guard

described12-12

enabling12-19

root port, defined10-3

root switch

affects of extended system ID10-4, 10-12

configuring10-12

election10-3

unexpected behavior10-12

settings in a cascaded stack10-20

shutdown Port Fast-enabled port12-3

superior BPDU10-3

supported number of spanning-tree instances10-2

timers, described10-4

UplinkFast

described12-4

enabling12-17

stratum, NTP7-33

summer time7-45

SunNet Manager1-7

switch clustering technology6-1

See clusters, switch

switched ports9-2

Switch Manager3-2, 3-32

See also Device Manager

Switch Port Analyzer

see SPAN

switch ports, configuring25-1

switch priority

MSTP11-19

STP10-17

switch-to-client frame retransmission number8-13

syslog

See system message logging

system clock

configuring

daylight saving time7-45

manually7-43

summer time7-45

time zones7-44

displaying the time and date7-43

overview7-33

See also NTP

system message logging

default configuration21-3

defining error message severity levels21-8

disabling21-4

displaying the configuration21-12

enabling21-4

facility keywords, described21-12

level keywords, described21-9

limiting messages21-10

message format21-2

overview21-1

sequence numbers, enabling and disabling21-8

setting the display destination device21-4

synchronizing log messages21-6

timestamps, enabling and disabling21-7

UNIX syslog servers

configuring the daemon21-11

configuring the logging facility21-11

facilities supported21-12

system messages on CMS3-18

system name

default configuration7-47

default setting7-47

manual configuration7-47

See also DNS

system prompt

default setting7-47

manual configuration7-48

T

tables, CMS3-28

tabs, CMS3-28

TACACS+

accounting, defined7-10

authentication, defined7-10

authorization, defined7-10

configuring7-17

accounting7-16

authentication key7-12

authorization7-15

login authentication7-13

default configuration7-12

displaying the configuration7-16

identifying the server7-12

in clusters6-19

limiting the services to the user7-15

operation of7-11

overview7-9

tracking services accessed by user7-16

Telnet

accessing management interfaces2-9

accessing the CLI1-6

from a browser2-9

setting a password7-5

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password7-5

TFTP

configuration files in base directory4-6

configuring for autoconfiguration4-5

limiting access by servers22-9

time

See NTP and system clock

timestamps in log messages21-7

time zones7-44

Token Ring VLANs

support for13-7

VTP support14-4

toolbar3-20

tool tips3-26

Topology view

Collapse Cluster view3-10

described3-9

device icons3-11, 3-13

device labels3-12

display options3-13

Expand Cluster view3-10

icons3-11

link icons3-12

link labels3-12

multilink icon3-22

neighboring devices3-11

pop-up menus3-22

TOS1-5

traffic

forwarding, and protected ports17-3

fragmented23-3

unfragmented23-3

traffic policing1-5

transparent mode, VTP14-3, 14-12

trap-door mechanism4-2

traps

configuring MAC address notification7-55

configuring managers22-7

defined22-2

enabling7-55, 22-7

notification types22-7

overview22-1, 22-3

troubleshooting26-1

CWDM GBIC security and identification26-2

detecting

unidirectional links18-1

with CiscoWorks22-3

with debug commands26-11

troubleshooting (continued)

with system message logging21-1

trunk ports

configuring13-22

defined9-2

trunks

allowed-VLAN list13-23

load sharing

setting STP path costs13-28

using STP port priorities13-26, 13-27

native VLAN for untagged traffic13-25

parallel13-28

pruning-eligible list13-24

to non-DTP device13-19

understanding13-19

twisted-pair Ethernet, detecting unidirectional links18-1

type-of-service

See TOS

U

UDLD

default configuration18-3

echoing detection mechanism18-2

enabling

globally18-3

per interface18-4

link-detection mechanism18-1

neighbor database18-2

overview18-1

resetting an interface18-4

status, displaying18-5

unauthorized ports8-4

unicast traffic and protected ports17-3

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration21-11

facilities supported21-12

message logging configuration21-11

unrecognized Type-Length-Value (TLV) support14-4

upgrading software

VLAN considerations14-8

UplinkFast

described12-4

enabling12-17

support for1-4

user EXEC mode2-2

username-based authentication7-6

V

verifying changes in CMS3-31

version-dependent transparent mode14-4

virtual IP address

cluster standby group6-15, 6-25

command switch6-15, 6-25

See also IP addresses

vlan.dat file13-6

VLAN configuration

at bootup13-9

saving13-9

VLAN configuration mode2-2, 13-8

VLAN database

and startup configuration file13-9

and VTP14-1

VLAN configuration saved in13-9

VLANs saved in13-6

vlan database command13-8

vlan global configuration command13-8

VLAN ID, discovering7-59

VLAN management domain14-2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming13-35

modes3-9, 13-5

VLAN Query Protocol (VQP)13-30

VLANs

adding13-10

adding to VLAN database13-10

aging dynamic addresses10-9

allowed on trunk13-23

and spanning-tree instances13-3, 13-8, 13-15

configuration guidelines, normal-range VLANs13-7

configuration options13-8

configuring13-1

configuring IDs 1006 to 409413-15

creating in config-vlan mode13-11

creating in VLAN configuration mode13-11

default configuration13-10

deleting13-12

described9-1, 13-1

displaying13-16

extended-range13-1, 13-14

illustrated13-2

modifying13-10

native, configuring13-25

normal-range13-1, 13-6

parameters13-6

port membership modes3-9, 13-5

static-access ports13-13

STP and 802.1Q trunks10-8

supported13-2

Token Ring13-7

VTP modes14-3

see also management VLAN

VLAN Trunking Protocol

See VTP

VLAN trunks13-18, 13-19

VMPS

administering13-36

configuration example13-37

configuration guidelines13-33

default configuration13-33

description13-30

dynamic port membership

described13-31

reconfirming13-35

troubleshooting13-37

entering server address13-34

mapping MAC addresses to VLANs13-30

monitoring13-36

reconfirmation interval, changing13-35

reconfirming membership13-35

retry count, changing13-36

voice VLAN

Cisco 7960 phone, port connections15-1

configuration guidelines15-3

configuring IP phone for data traffic

override CoS of incoming frame15-5

trust CoS priority of incoming frame15-5

configuring ports for voice traffic in

802.1P priority tagged frames15-4

802.1Q frames15-4

connecting to an IP phone15-3

default configuration15-2

described15-1

displaying15-6

VTP

adding a client to a domain14-15

advertisements13-21, 14-3

and extended-range VLANs14-1

and normal-range VLANs14-1

client mode, configuring14-11

configuration

global configuration mode14-7

guidelines14-8

privileged EXEC mode14-7

VTP (continued)

configuration (continued)

requirements14-9

saving14-7

VLAN configuration mode14-7

configuration mode options14-7

configuration requirements14-9

configuration revision number

guideline14-15

resetting14-15

configuring

client mode14-11

server mode14-9

transparent mode14-12

consistency checks14-4

default configuration14-6

described14-1

disabling14-12

domain names14-8

domains14-2

modes

client14-3, 14-11

server14-3, 14-9

transitions14-3

transparent14-3, 14-12

monitoring14-16

passwords14-8

pruning

disabling14-14

enabling14-14

examples14-5

overview14-4

pruning-eligible list, changing13-24

server mode, configuring14-9

statistics14-16

Token Ring support14-4

transparent mode, configuring14-12

using14-1

version, guidelines14-9

VTP (continued)

version 114-4

version 2

configuration guidelines14-9

disabling14-13

enabling14-13

overview14-4

W

warningsxxiv

web-based management software

See CMS

Weighted Round Robin

see WRR

window components, CMS3-27

wizards3-25

WRR

configuring24-24

defining24-8

description24-9

X

Xmodem protocol26-11