A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
A
abbreviating commands 2-4
AC (command switch) 5-9
access-denied response, VMPS 12-24
accessing
clusters, switch 5-12
command switches 5-10
member switches 5-12
switch clusters 5-12
access ports
in switch clusters 5-8
access ports, defined 10-2
accounting
with 802.1x 9-29
with IEEE 802.1x 9-8
with RADIUS 8-28
with TACACS+ 8-11, 8-17
ACEs
and QoS 28-7
ACLs
applying
to QoS 28-7
classifying traffic for QoS 28-41
examples of 28-41
extended IP, configuring for QoS classification 28-42
IP
fragments and QoS guidelines 28-32
MAC extended 28-43
number per QoS class map 28-32
QoS 28-7, 28-41
standard IP, configuring for QoS classification 28-41
support for 1-8
active traffic monitoring, IP SLAs 27-1
address aliasing 18-2
addresses
displaying the MAC address table 6-26
dynamic
accelerated aging 15-8
changing the aging time 6-21
default aging 15-8
defined 6-19
learning 6-20
removing 6-22
MAC, discovering 6-26
multicast, STP address management 15-8
static
adding and removing 6-24
defined 6-19
address resolution 6-26
Address Resolution Protocol
See ARP
advertisements
CDP 20-1
LLDP 21-2
VTP 12-16, 13-3
aggregatable global unicast addresses 29-3
aggregated ports
See EtherChannel
aggregate policers 28-49
aggregate policing 1-9
aging, accelerating 15-8
aging time
accelerated
for MSTP 16-23
for STP 15-8, 15-21
MAC address table 6-21
maximum
for MSTP 16-23, 16-24
for STP 15-21, 15-22
alarms, RMON 24-3
allowed-VLAN list 12-18
ARP
defined 1-4, 6-26
table
address resolution 6-26
managing 6-26
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-29
audience xxix
authentication
local mode with AAA 8-32
NTP associations 6-4
RADIUS
key 8-21
login 8-23
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authentication failed VLAN
See restricted VLAN
authoritative time source, described 6-2
authorization
with RADIUS 8-27
with TACACS+ 8-11, 8-16
authorized ports with IEEE 802.1x 9-7
autoconfiguration 3-3
automatic discovery
considerations
beyond a noncandidate device 5-7
brand new switches 5-8
connectivity 5-4
different VLANs 5-6
management VLANs 5-7
non-CDP-capable devices 5-6
noncluster-capable devices 5-6
in switch clusters 5-4
See also CDP
automatic QoS
See QoS
automatic recovery, clusters 5-9
See also HSRP
auto-MDIX
configuring 10-15
described 10-15
autonegotiation
duplex mode 1-2
interface configuration guidelines 10-12
mismatches 32-11
autosensing, port speed 1-2
auxiliary VLAN
See voice VLAN
availability, features 1-6
B
BackboneFast
described 17-5
disabling 17-14
enabling 17-13
support for 1-6
banners
configuring
login 6-19
message-of-the-day login 6-18
default configuration 6-17
when displayed 6-17
blocking packets 19-7
booting
boot loader, function of 3-2
boot process 3-1
manually 3-13
specific image 3-14
boot loader
accessing 3-14
described 3-2
environment variables 3-14
prompt 3-14
trap-door mechanism 3-2
BPDU
error-disabled state 17-2
filtering 17-3
RSTP format 16-12
BPDU filtering
described 17-3
disabling 17-12
enabling 17-12
support for 1-6
BPDU guard
described 17-2
disabling 17-12
enabling 17-11
support for 1-6
bridge protocol data unit
See BPDU
broadcast storm-control command 19-4
broadcast storms 19-1
C
cables, monitoring for unidirectional links 22-1
candidate switch
automatic discovery 5-4
defined 5-3
requirements 5-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 8-40
defined 8-38
caution, described xxx
CDP
and trusted boundary 28-37
automatic discovery in switch clusters 5-4
configuring 20-2
default configuration 20-2
defined with LLDP 21-1
described 20-1
disabling for routing device20-3to 20-4
enabling and disabling
on an interface 20-4
on a switch 20-3
monitoring 20-4
overview 20-1
support for 1-4
transmission timer and holdtime, setting 20-2
updates 20-2
CGMP
as IGMP snooping learning method 18-8
joining multicast group 18-3
CipherSuites 8-39
Cisco 7960 IP Phone 14-1
Cisco Discovery Protocol
See CDP
Cisco IOS File System
See IFS
Cisco IOS IP Service Level Agreements (SLAs) responder 1-3
Cisco IOS IP SLAs 27-1
Cisco Network Assistant
See Network Assistant
CiscoWorks 2000 1-4, 26-4
CIST regional root
See MSTP
CIST root
See MSTP
civic location 21-3
class maps for QoS
configuring 28-44
described 28-7
displaying 28-69
class of service
See CoS
clearing interfaces 10-19
CLI
abbreviating commands 2-4
command modes 2-1
configuration logging 2-5
described 1-4
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-9
error messages 2-5
filtering command output 2-10
getting help 2-3
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
managing clusters 5-14
no and default forms of commands 2-4
client mode, VTP 13-3
clock
See system clock
cluster requirements xxxi
clusters, switch
accessing 5-12
automatic discovery 5-4
automatic recovery 5-9
benefits 1-1
compatibility 5-4
described 5-1
LRE profile considerations 5-14
managing
through CLI 5-14
through SNMP 5-15
planning 5-4
planning considerations
automatic discovery 5-4
automatic recovery 5-9
CLI 5-14
host names 5-12
IP addresses 5-12
LRE profiles 5-14
passwords 5-13
RADIUS 5-14
SNMP 5-13, 5-15
TACACS+ 5-14
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
cluster standby group
automatic recovery 5-11
considerations 5-10
defined 5-2
requirements 5-3
virtual IP address 5-10
See also HSRP
CNS 1-4
Configuration Engine
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-8
management functions 1-4
Coarse Wave Division Multiplexer
See CWDM SFPs
command-line interface
See CLI
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
commands, setting privilege levels 8-8
command switch
accessing 5-10
active (AC) 5-9
configuration conflicts 32-11
defined 5-2
passive (PC) 5-9
password privilege levels 5-15
priority 5-9
recovery
from command-switch failure 5-9, 32-7
from lost member connectivity 32-11
redundant 5-9
replacing
with another switch 32-10
with cluster member 32-8
requirements 5-3
standby (SC) 5-9
See also candidate switch, cluster standby group, member switch, and standby command switch
community strings
configuring 5-13, 26-8
for cluster switches 26-4
in clusters 5-13
overview 26-4
SNMP 5-13
compatibility, feature 19-11
config.text 3-12
configurable leave timer, IGMP 18-5
configuration, initial
defaults 1-10
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration changes, logging 25-10
configuration conflicts, recovering from lost member connectivity 32-11
configuration examples, network 1-12
configuration files
archiving B-20
clearing the startup configuration B-19
creating using a text editor B-10
default name 3-12
deleting a stored configuration B-19
described B-8
downloading
automatically 3-12
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
guidelines for replacing and rolling back B-21
invalid combinations when copying B-5
limiting TFTP server access 26-16
obtaining with DHCP 3-7
password recovery disable considerations 8-5
replacing a running configuration B-19, B-20
rolling back a running configuration B-19, B-20
specifying the filename 3-12
system contact and location information 26-15
types and location B-10
uploading
preparing B-10, B-13, B-16
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
configuration logger 25-10
configuration logging 2-5
configuration replacement B-19
configuration rollback B-19, B-20
configuration settings, saving 3-10
configure terminal command 10-5
config-vlan mode 2-2, 12-6
conflicts, configuration 32-11
connections, secure remote 8-33
connectivity problems 32-12, 32-14, 32-15
consistency checks in VTP Version 2 13-4
console port, connecting to 2-10
control protocol, IP SLAs 27-3
conventions
command xxx
for examples xxx
publication xxx
text xxx
corrupted software, recovery steps with Xmodem 32-2
CoS
in Layer 2 frames 28-2
override priority 14-6
trust priority 14-6
CoS input queue threshold map for QoS 28-15
CoS output queue threshold map for QoS 28-18
CoS-to-DSCP map for QoS 28-52
counters, clearing interface 10-19
crashinfo file 32-21
critical authentication, IEEE 802.1x 9-33
cryptographic software image
SSH 8-33
SSL 8-37
CWDM SFPs 1-17
D
daylight saving time 6-13
debugging
enabling all system diagnostics 32-19
enabling for a specific feature 32-18
redirecting error message output 32-19
using commands 32-18
default commands 2-4
default configuration
802.1x 9-19
auto-QoS 28-20
banners 6-17
booting 3-12
CDP 20-2
DNS 6-16
EtherChannel 31-9
Ethernet interfaces 10-9
IGMP filtering 18-24
IGMP snooping 18-6, 30-5, 30-6
IGMP throttling 18-24
initial switch information 3-3
IP SLAs 27-5
IPv6 29-8
Layer 2 interfaces 10-9
LLDP 21-3
MAC address table 6-21
MSTP 16-14
MVR 18-19
NTP 6-4
optional spanning-tree configuration 17-9
password and privilege level 8-2
RADIUS 8-20
RMON 24-3
RSPAN 23-9
SDM template 7-2
SNMP 26-7
SPAN 23-9
SSL 8-40
standard QoS 28-30
STP 15-11
system message logging 25-3
system name and prompt 6-15
TACACS+ 8-13
UDLD 22-4
VLAN, Layer 2 Ethernet interfaces 12-16
VLANs 12-7
VMPS 12-25
voice VLAN 14-3
VTP 13-6
default gateway 3-10
deleting VLANs 12-9
denial-of-service attack 19-1
description command 10-16
designing your network, examples 1-12
destination-IP address-based forwarding, EtherChannel 31-7
destination-MAC address forwarding, EtherChannel 31-6
detecting indirect link failures, STP 17-5
device B-23
device discovery protocol 20-1, 21-1
device manager
benefits 1-1
described 1-2, 1-3
in-band management 1-5
requirements xxx
upgrading a switch B-23
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
TFTP server 3-6
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-3
relay support 1-4
support for 1-4
Differentiated Services architecture, QoS 28-2
Differentiated Services Code Point 28-2
directed unicast requests 1-4
directories
changing B-4
creating and removing B-4
displaying the working B-4
discovery, clusters
See automatic discovery
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-16
displaying the configuration 6-17
in IPv6 29-4
overview 6-15
setting up 6-16
support for 1-4
documentation, related xxx
document conventions xxx
domain names
DNS 6-15
VTP 13-8
Domain Name System
See DNS
downloading
configuration files
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-28
preparing B-26, B-29, B-33
reasons for B-23
using CMS 1-2
using FTP B-30
using HTTP 1-2, B-23
using RCP B-35
using TFTP B-27
using the device manager or Network Assistant B-23
DSCP 1-9, 28-2
DSCP input queue threshold map for QoS 28-15
DSCP output queue threshold map for QoS 28-18
DSCP-to-CoS map for QoS 28-55
DSCP-to-DSCP-mutation map for QoS 28-56
DSCP transparency 28-38
DTP 1-7, 12-14
Dual IPv4-and-IPv6 SDM Templates 29-7
dual IPv4 and IPv6 templates 29-1, 29-6
dual protocol stacks
IPv4 and IPv6 29-6
SDM templates supporting 29-6
dual-purpose uplinks
defined 10-4
LEDs 10-4
link selection 10-4
setting the type 10-10
dynamic access ports
characteristics 12-3
configuring 12-26
defined 10-3
dynamic addresses
See addresses
dynamic auto trunking mode 12-15
dynamic desirable trunking mode 12-15
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-24
reconfirming 12-27
troubleshooting 12-29
types of connections 12-26
Dynamic Trunking Protocol
See DTP
E
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-9
ELIN location 21-3
enable password 8-3
enable secret password 8-3
encryption, CipherSuite 8-39
encryption for passwords 8-3
environment variables, function of 3-15
error-disabled state, BPDU 17-2
error messages during command entry 2-5
EtherChannel
automatic creation of 31-4, 31-5
channel groups
binding physical and logical interfaces 31-3
numbering of 31-3
configuration guidelines 31-9
configuring Layer 2 interfaces 31-10
default configuration 31-9
described 31-2
displaying status 31-16
forwarding methods 31-6, 31-12
IEEE 802.3ad, described 31-5
interaction
with STP 31-9
with VLANs 31-10
LACP
described 31-5
displaying status 31-16
hot-standby ports 31-14
interaction with other features 31-6
modes 31-5
port priority 31-15
system priority 31-15
load balancing 31-6, 31-12
PAgP
aggregate-port learners 31-13
compatibility with Catalyst 1900 31-13
described 31-4
displaying status 31-16
interaction with other features 31-5
learn method and priority configuration 31-13
modes 31-4
support for 1-3
port-channel interfaces
described 31-3
numbering of 31-3
port groups 10-3
support for 1-3
EtherChannel guard
described 17-7
disabling 17-14
enabling 17-14
Ethernet VLANs
adding 12-8
defaults and ranges 12-7
modifying 12-8
EUI 29-3
events, RMON 24-3
examples
conventions for xxx
network configuration 1-12
expedite queue for QoS 28-68
Express Setup 1-2
See also getting started guide
extended crashinfo file 32-21
extended-range VLANs
configuration guidelines 12-12
configuring 12-11
creating 12-12
defined 12-1
extended system ID
MSTP 16-17
STP 15-4, 15-14
extended universal identifier
See EUI
Extensible Authentication Protocol over LAN 9-1
F
fa0 interface 1-5
features, incompatible 19-11
fiber-optic, detecting unidirectional links 22-1
files
basic crashinfo
description 32-21
location 32-21
copying B-5
crashinfo, description 32-21
deleting B-5
displaying the contents of B-8
extended crashinfo
description 32-22
location 32-22
tar
creating B-6
displaying the contents of B-7
extracting B-7
image file format B-24
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-5
setting the default B-3
filtering
show and more command output 2-10
filtering show and more command output 2-10
flash device, number of B-1
flooded traffic, blocking 19-7
flow-based packet classification 1-9
flowcharts
QoS classification 28-6
QoS egress queueing and scheduling 28-16
QoS ingress queueing and scheduling 28-14
QoS policing and marking 28-10
flowcontrol
configuring 10-14
described 10-14
forward-delay time
MSTP 16-23
STP 15-21
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-14
image files
deleting old image B-32
downloading B-30
preparing the server B-29
uploading B-32
G
get-bulk-request operation 26-3
get-next-request operation 26-3, 26-5
get-request operation 26-3, 26-5
get-response operation 26-3
global configuration mode 2-2
global leave, IGMP 18-12
guest VLAN and 802.1x 9-11
guide
audience xxix
purpose of xxix
guide mode 1-2
GUIs
See device manager and Network Assistant
H
hello time
MSTP 16-22
STP 15-20
help, for the command line 2-3
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
history table, level and number of syslog messages 25-10
host names, in clusters 5-12
hosts, limit on dynamic ports 12-29
HP OpenView 1-4
HSRP
automatic cluster recovery 5-11
cluster standby group considerations 5-10
See also clusters, cluster standby group, and standby command switch
HTTP over SSL
see HTTPS
HTTPS 8-38
configuring 8-41
self-signed certificate 8-38
HTTP secure server 8-38
I
ICMP
IPv6 29-4
time-exceeded messages 32-16
traceroute and 32-16
ICMP ping
executing 32-13
overview 32-13
ICMPv6 29-4
IDS appliances
and ingress RSPAN 23-20
and ingress SPAN 23-13
IEEE 802.1D
See STP
IEEE 802.1p 14-1
IEEE 802.1Q
and trunk ports 10-3
configuration limitations 12-15
encapsulation 12-14
native VLAN for untagged traffic 12-19
IEEE 802.1s
See MSTP
IEEE 802.1w
See RSTP
IEEE 802.1x
See port-based authentication
IEEE 802.3ad
See EtherChannel
IEEE 802.3x flow control 10-14
ifIndex values, SNMP 26-6
IFS 1-4
IGMP
configurable leave timer
described 18-5
enabling 18-11
flooded multicast traffic
controlling the length of time 18-12
disabling on an interface 18-13
global leave 18-12
query solicitation 18-12
recovering from flood mode 18-12
joining multicast group 18-3
join messages 18-3
leave processing, enabling 18-10, 30-9
leaving multicast group 18-5
queries 18-4
report suppression
described 18-6
disabling 18-15, 30-11
supported versions 18-2
support for 1-3
IGMP filtering
configuring 18-24
default configuration 18-24
described 18-23
monitoring 18-28
support for 1-3
IGMP groups
configuring filtering 18-27
setting the maximum number 18-26
IGMP Immediate Leave
configuration guidelines 18-11
described 18-5
enabling 18-10
IGMP profile
applying 18-25
configuration mode 18-24
configuring 18-25
IGMP snooping
and address aliasing 18-2
configuring 18-6
default configuration 18-6, 30-5, 30-6
definition 18-1
enabling and disabling 18-7, 30-6
global configuration 18-7
Immediate Leave 18-5
method 18-8
monitoring 18-15, 30-11
querier
configuration guidelines 18-14
configuring 18-14
supported versions 18-2
support for 1-3
VLAN configuration 18-7
IGMP throttling
configuring 18-27
default configuration 18-24
described 18-24
displaying action 18-28
Immediate Leave, IGMP 18-5
enabling 30-9
inaccessible authentication bypass 9-13
initial configuration
defaults 1-10
Express Setup 1-2
See also getting started guide and hardware installation guide
interface
number 10-5
range macros 10-7
interface command 10-5
interface configuration mode 2-3
interfaces
auto-MDIX, configuring 10-15
configuration guidelines
duplex and speed 10-12
configuring
procedure 10-5
counters, clearing 10-19
default configuration 10-9
described 10-16
descriptive name, adding 10-16
displaying information about 10-18
flow control 10-14
management 1-3
monitoring 10-18
naming 10-16
physical, identifying 10-5
range of 10-6
restarting 10-19
shutting down 10-19
speed and duplex, configuring 10-13
status 10-18
supported 10-4
types of 10-1
interfaces range macro command 10-7
interface types 10-5
Internet Protocol version 6
See IPv6
Intrusion Detection System
See IDS appliances
inventory management TLV 21-3, 21-6
IP ACLs
for QoS classification 28-7
IP addresses
128-bit 29-2
candidate or member 5-3, 5-12
cluster access 5-2
command switch 5-3, 5-10, 5-12
discovering 6-26
IPv6 29-2
redundant clusters 5-10
standby command switch 5-10, 5-12
See also IP information
ip igmp profile command 18-24
IP information
assigned
manually 3-10
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP phones
and QoS 14-1
automatic classification and queueing 28-19
configuring 14-4
ensuring port security with QoS 28-36
trusted boundary for QoS 28-36
IP precedence 28-2
IP-precedence-to-DSCP map for QoS 28-53
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 27-1
IP SLAs
benefits 27-2
configuration guidelines 27-5
Control Protocol 27-3
default configuration 27-5
definition 27-1
measuring network performance 27-2
monitoring 27-7
operation 27-3
responder
described 27-3
enabling 27-6
response time 27-4
SNMP support 27-2
supported metrics 27-2
IP traceroute
executing 32-16
overview 32-15
IPv4 and IPv6
differences 29-2
dual protocol stacks 29-5
IPv6
addresses 29-2
address formats 29-2
advantages 29-2
applications 29-5
autoconfiguration 29-4
configuring static routes 29-9
default configuration 29-8
defined 29-1
ICMP 29-4
ICMP rate limiting 29-8
monitoring 29-11
neighbor discovery 29-4
reasons for 29-1
SDM templates 29-6, 30-1
supported features 29-3
J
join messages, IGMP 18-3
L
LACP
See EtherChannel
Layer 2 frames, classification with CoS 28-2
Layer 2 interfaces, default configuration 10-9
Layer 2 traceroute
and ARP 32-15
and CDP 32-14
broadcast traffic 32-14
described 32-14
IP addresses and subnets 32-15
MAC addresses and VLANs 32-15
multicast traffic 32-15
multiple devices on a port 32-15
unicast traffic 32-14
usage guidelines 32-14
Layer 3 packets, classification methods 28-2
LDAP 4-2
LEDs, switch
See hardware installation guide
lightweight directory access protocol
See LDAP
line configuration mode 2-3
Link Aggregation Control Protocol
See EtherChannel
link failure, detecting unidirectional 16-8
Link Layer Discovery Protocol
See CDP
link local unicast addresses 29-3
links, unidirectional 22-1
link-state tracking
configuring 31-19
described 31-17
LLDP
configuring 21-3
characteristics 21-4
default configuration 21-3
disabling and enabling
globally 21-5
on an interface 21-5
monitoring and maintaining 21-7
overview 21-1
supported TLVs 21-2
switch stack considerations 21-2
transmission timer and holdtime, setting 21-4
LLDP-MED
configuring
procedures 21-3
TLVs 21-6
monitoring and maintaining 21-7
overview 21-1, 21-2
supported TLVs 21-2
LLDP Media Endpoint Discovery
See LLDP-MED
local SPAN 23-2
location TLV 21-3, 21-6
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-17
log messages
See system message logging
Long-Reach Ethernet (LRE) technology 1-14
loop guard
described 17-9
enabling 17-15
support for 1-6
LRE profiles, considerations in switch clusters 5-14
M
MAC/PHY configuration status TLV 21-2
MAC addresses
aging time 6-21
and VLAN association 6-20
building the address table 6-20
default configuration 6-21
discovering 6-26
displaying 6-26
dynamic
learning 6-20
removing 6-22
static
adding 6-24
allowing 6-25
characteristics of 6-24
dropping 6-25
removing 6-24
MAC address notification, support for 1-10
MAC address-to-VLAN mapping 12-24
MAC extended access lists
configuring for QoS 28-43
for QoS classification 28-5
macros
See Smartports macros
magic packet 9-15
manageability features 1-4
management access
in-band
browser session 1-5
CLI session 1-5
device manager 1-5
SNMP 1-5
out-of-band console port connection 1-5
management address TLV 21-2
management options
CLI 2-1
clustering 1-2
CNS 4-1
Network Assistant 1-2
overview 1-3
management VLAN
considerations in switch clusters 5-7
discovery through different management VLANs 5-7
mapping tables for QoS
configuring
CoS-to-DSCP 28-52
DSCP 28-51
DSCP-to-CoS 28-55
DSCP-to-DSCP-mutation 28-56
IP-precedence-to-DSCP 28-53
policed-DSCP 28-54
described 28-11
marking
action with aggregate policers 28-49
described 28-4, 28-8
maximum aging time
MSTP 16-23
STP 15-21
maximum hop count, MSTP 16-24
membership mode, VLAN port 12-3
member switch
automatic discovery 5-4
defined 5-2
managing 5-14
passwords 5-12
recovering from lost connectivity 32-11
requirements 5-3
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 6-17
MIBs
accessing files with FTP A-3
location of files A-3
overview 26-1
SNMP interaction with 26-4
supported A-1
mirroring traffic for analysis 23-1
mismatches, autonegotiation 32-11
module number 10-5
monitoring
cables for unidirectional links 22-1
CDP 20-4
features 1-10
IGMP
filters 18-28
snooping 18-15, 30-11
interfaces 10-18
IP SLAs operations 27-7
IPv6 29-11
multicast router interfaces 18-16, 30-12
MVR 18-23
network traffic for analysis with probe 23-2
port
blocking 19-18
protection 19-18
SFP status 10-18, 32-12
speed and duplex mode 10-13
traffic flowing among switches 24-1
traffic suppression 19-17
VLANs 12-13
VMPS 12-28
VTP 13-16
MSTP
boundary ports
configuration guidelines 16-15
described 16-6
BPDU filtering
described 17-3
enabling 17-12
BPDU guard
described 17-2
enabling 17-11
CIST, described 16-3
CIST regional root 16-3
CIST root 16-5
configuration guidelines 16-15, 17-10
configuring
forward-delay time 16-23
hello time 16-22
link type for rapid convergence 16-24
maximum aging time 16-23
maximum hop count 16-24
MST region 16-16
neighbor type 16-25
path cost 16-20
port priority 16-19
root switch 16-17
secondary root switch 16-18
switch priority 16-21
CST
defined 16-3
operations between regions 16-4
default configuration 16-14
default optional feature configuration 17-9
displaying status 16-26
enabling the mode 16-16
EtherChannel guard
described 17-7
enabling 17-14
extended system ID
effects on root switch 16-17
effects on secondary root switch 16-18
unexpected behavior 16-17
IEEE 802.1s
implementation 16-6
port role naming change 16-7
terminology 16-5
instances supported 15-9
interface state, blocking to forwarding 17-2
interoperability and compatibility among modes 15-10
interoperability with IEEE 802.1D
described 16-8
restarting migration process 16-25
IST
defined 16-3
master 16-3
operations within a region 16-3
loop guard
described 17-9
enabling 17-15
mapping VLANs to MST instance 16-16
MST region
CIST 16-3
configuring 16-16
described 16-2
hop-count mechanism 16-5
IST 16-3
supported spanning-tree instances 16-2
optional features supported 1-6
overview 16-2
Port Fast
described 17-2
enabling 17-10
preventing root switch selection 17-8
root guard
described 17-8
enabling 17-15
root switch
configuring 16-17
effects of extended system ID 16-17
unexpected behavior 16-17
shutdown Port Fast-enabled port 17-2
status, displaying 16-26
multicast groups
Immediate Leave 18-5
joining 18-3
leaving 18-5
static joins 18-10, 30-8
multicast router interfaces, monitoring 18-16, 30-12
multicast router ports, adding 18-9, 30-8
multicast storm 19-1
multicast storm-control command 19-4
multicast television application 18-18
multicast VLAN 18-17
Multicast VLAN Registration
See MVR
MVR
and address aliasing 18-20
and IGMPv3 18-20
configuration guidelines 18-20
configuring interfaces 18-21
default configuration 18-19
described 18-17
example application 18-18
modes 18-21
monitoring 18-23
multicast television application 18-18
setting global parameters 18-20
support for 1-3
N
NAC
critical authentication 9-13, 9-33
IEEE 802.1x authentication using a RADIUS server 9-37
IEEE 802.1x validation using RADIUS server 9-37
inaccessible authentication bypass 9-33
Layer 2 IEEE 802.1x validation 1-8, 9-37
Layer 2 IEEE802.1x validation 9-17
NameSpace Mapper
See NSM
native VLAN
configuring 12-19
default 12-19
neighbor discovery, IPv6 29-4
Network Admission Control
See NAC
Network Admission Control Software Configuration Guide 9-39, 9-40
Network Assistant
benefits 1-1
described 1-3
downloading image files 1-2
guide mode 1-2
management options 1-2
requirements xxx
upgrading a switch B-23
wizards 1-2
network configuration examples
increasing network performance 1-13
long-distance, high-bandwidth transport 1-17
providing network services 1-13
server aggregation and Linux server cluster 1-15
small to medium-sized network 1-16
network design
performance 1-13
services 1-13
network management
CDP 20-1
RMON 24-1
SNMP 26-1
network performance, measuring with IP SLAs 27-2
network policy TLV 21-2, 21-6
Network Time Protocol
See NTP
no commands 2-4
nonhierarchical policy maps
described 28-9
nontrunking mode 12-15
normal-range VLANs 12-4
configuration guidelines 12-5
configuration modes 12-6
configuring 12-4
defined 12-1
note, described xxx
NSM 4-3
NTP
associations
authenticating 6-4
defined 6-2
enabling broadcast messages 6-6
peer 6-5
server 6-5
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-8
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-4
synchronizing devices 6-5
time
services 6-2
synchronizing 6-2
O
optimizing system resources 7-1
options, management 1-3
out-of-profile markdown 1-9
P
packet modification, with QoS 28-18
PAgP
See EtherChannel
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-3
for security 1-7
in clusters 5-13
overview 8-1
recovery of 32-3
setting
enable 8-3
enable secret 8-3
Telnet 8-6
with usernames 8-6
VTP domain 13-8
path cost
MSTP 16-20
STP 15-18
PC (passive command switch) 5-9
performance, network design 1-13
performance features 1-2
persistent self-signed certificate 8-38
per-VLAN spanning-tree plus
See PVST+
physical ports 10-2
PIM-DVMRP, as snooping method 18-8
ping
character output description 32-13
executing 32-13
overview 32-13
policed-DSCP map for QoS 28-54
policers
configuring
for each matched traffic class 28-46
for more than one traffic class 28-49
described 28-4
displaying 28-69
number of 28-32
types of 28-9
policing
described 28-4
token-bucket algorithm 28-9
policy maps for QoS
characteristics of 28-46
described 28-7
displaying 28-70
nonhierarchical on physical ports
described 28-9
Port Aggregation Protocol
See EtherChannel
port-based authentication
accounting 9-8
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-20
configuring
802.1x authentication 9-22
guest VLAN 9-30
host mode 9-25
inaccessible authentication bypass 9-33
manual re-authentication of a client 9-26
periodic re-authentication 9-25
quiet period 9-26
RADIUS server 9-25
RADIUS server parameters on the switch 9-24
restricted VLAN 9-31
switch-to-client frame-retransmission number 9-28
switch-to-client retransmission time 9-27
default configuration 9-19
described 9-1
device roles 9-2
displaying statistics 9-41
EAPOL-start frame 9-5
EAP-request/identity frame 9-5
EAP-response/identity frame 9-5
encapsulation 9-3
guest VLAN
configuration guidelines 9-11, 9-12
described 9-11
host mode 9-7
inaccessible authentication bypass
configuring 9-33
described 9-13
guidelines 9-21
initiation and message exchange 9-5
magic packet 9-15
method lists 9-22
multiple-hosts mode, described 9-8
ports
authorization state and dot1x port-control command 9-7
authorized and unauthorized 9-7
critical 9-13
voice VLAN 9-14
port security
and voice VLAN 9-15
described 9-14
interactions 9-15
multiple-hosts mode 9-8
resetting to default values 9-41
statistics, displaying 9-41
switch
as proxy 9-3
RADIUS client 9-3
upgrading from a previous release 9-22
VLAN assignment
AAA authorization 9-22
characteristics 9-10
configuration tasks 9-10
described 9-9
voice VLAN
described 9-14
PVID 9-14
VVID 9-14
wake-on-LAN, described 9-15
port blocking 1-3, 19-7
port-channel
See EtherChannel
port description TLV 21-2
Port Fast
described 17-2
enabling 17-10
mode, spanning tree 12-25
support for 1-6
port membership modes, VLAN 12-3
port priority
MSTP 16-19
STP 15-16
ports
access 10-2
blocking 19-7
dual-purpose uplink 10-4
dynamic access 12-3
protected 19-5
secure 19-8
static-access 12-3, 12-10
switch 10-2
trunks 12-3, 12-14
VLAN assignments 12-10
port security
aging 19-16
and QoS trusted boundary 28-36
configuring 19-11
default configuration 19-10
described 19-8
displaying 19-18
on trunk ports 19-13
sticky learning 19-9
violations 19-9
with other features 19-10
port-shutdown response, VMPS 12-24
port VLAN ID TLV 21-2
power management TLV 21-2, 21-6
preferential treatment of traffic
See QoS
preventing unauthorized access 8-1
priority
overriding CoS 14-6
trusting CoS 14-6
private VLAN edge ports
See protected ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 5-15
exiting 8-9
logging into 8-9
mapping on member switches 5-15
overview 8-2, 8-7
setting a command with 8-8
protected ports 1-7, 19-5
pruning, VTP
disabling
in VTP domain 13-14
on a port 12-19
enabling
in VTP domain 13-14
on a port 12-19
examples 13-5
overview 13-4
pruning-eligible list
changing 12-19
for VTP pruning 13-4
VLANs 13-14
PVST+
described 15-9
IEEE 802.1Q trunking interoperability 15-10
instances supported 15-9
Q
QoS
and MQC commands 28-1
auto-QoS
categorizing traffic 28-20
configuration and defaults display 28-29
configuration guidelines 28-25
described 28-19
disabling 28-26
displaying generated commands 28-26
displaying the initial configuration 28-29
effects on running configuration 28-24
egress queue defaults 28-20
enabling for VoIP 28-25
example configuration 28-27
ingress queue defaults 28-20
list of generated commands 28-21
basic model 28-4
classification
class maps, described 28-7
defined 28-4
DSCP transparency, described 28-38
flowchart 28-6
forwarding treatment 28-3
in frames and packets 28-3
IP ACLs, described 28-5, 28-7
MAC ACLs, described 28-5, 28-7
options for IP traffic 28-5
options for non-IP traffic 28-5
policy maps, described 28-7
trust DSCP, described 28-5
trusted CoS, described 28-5
trust IP precedence, described 28-5
class maps
configuring 28-44
displaying 28-69
configuration guidelines
auto-QoS 28-25
standard QoS 28-32
configuring
aggregate policers 28-49
auto-QoS 28-19
default port CoS value 28-36
DSCP maps 28-51
DSCP transparency 28-38
DSCP trust states bordering another domain 28-38
egress queue characteristics 28-62
ingress queue characteristics 28-57
IP extended ACLs 28-42
IP standard ACLs 28-41
MAC ACLs 28-43
port trust states within the domain 28-34
trusted boundary 28-36
default auto configuration 28-20
default standard configuration 28-30
displaying statistics 28-69
DSCP transparency 28-38
egress queues
allocating buffer space 28-62
buffer allocation scheme, described 28-17
configuring shaped weights for SRR 28-66
configuring shared weights for SRR 28-67
described 28-4
displaying the threshold map 28-65
flowchart 28-16
mapping DSCP or CoS values 28-65
scheduling, described 28-4
setting WTD thresholds 28-62
WTD, described 28-18
enabling globally 28-33
flowcharts
classification 28-6
egress queueing and scheduling 28-16
ingress queueing and scheduling 28-14
policing and marking 28-10
implicit deny 28-7
ingress queues
allocating bandwidth 28-60
allocating buffer space 28-59
buffer and bandwidth allocation, described 28-15
configuring shared weights for SRR 28-60
configuring the priority queue 28-61
described 28-4
displaying the threshold map 28-59
flowchart 28-14
mapping DSCP or CoS values 28-58
priority queue, described 28-15
scheduling, described 28-4
setting WTD thresholds 28-58
WTD, described 28-15
IP phones
automatic classification and queueing 28-19
detection and trusted settings 28-19, 28-36
limiting bandwidth on egress interface 28-68
mapping tables
CoS-to-DSCP 28-52
displaying 28-69
DSCP-to-CoS 28-55
DSCP-to-DSCP-mutation 28-56
IP-precedence-to-DSCP 28-53
policed-DSCP 28-54
types of 28-11
marked-down actions 28-48
marking, described 28-4, 28-8
overview 28-1
packet modification 28-18
policers
configuring 28-48, 28-50
described 28-8
displaying 28-69
number of 28-32
types of 28-9
policies, attaching to an interface 28-8
policing
described 28-4, 28-8
token bucket algorithm 28-9
policy maps
characteristics of 28-46
displaying 28-70
nonhierarchical on physical ports 28-46
QoS label, defined 28-4
queues
configuring egress characteristics 28-62
configuring ingress characteristics 28-57
high priority (expedite) 28-18, 28-68
location of 28-12
SRR, described 28-13
WTD, described 28-12
rewrites 28-18
support for 1-9
trust states
bordering another domain 28-38
described 28-5
trusted device 28-36
within the domain 28-34
quality of service
See QoS
queries, IGMP 18-4
query solicitation, IGMP 18-12
R
RADIUS
attributes
vendor-proprietary 8-31
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-20, 8-21
multiple UDP ports 8-20
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-20
in clusters 5-14
limiting the services to the user 8-27
method list, defined 8-19
operation of 8-19
overview 8-18
suggested network environments 8-18
support for 1-8
tracking services accessed by user 8-28
range
macro 10-7
of interfaces 10-6
rapid convergence 16-10
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
described 15-9
IEEE 802.1Q trunking interoperability 15-10
instances supported 15-9
Rapid Spanning Tree Protocol
See RSTP
rcommand command 5-14
RCP
configuration files
downloading B-17
overview B-15
preparing the server B-16
uploading B-18
image files
deleting old image B-36
downloading B-35
preparing the server B-33
uploading B-37
reconfirmation interval, VMPS, changing 12-27
reconfirming dynamic VLAN membership 12-27
recovery procedures 32-1
redundancy
EtherChannel 31-3
STP
backbone 15-8
path cost 12-22
port priority 12-20
redundant links and UplinkFast 17-13
reloading software 3-16
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
remote SPAN 23-2
report suppression, IGMP
described 18-6
disabling 18-15, 30-11
requirements
cluster xxxi
device manager xxx
Network Assistant xxx
resetting a UDLD-shutdown interface 22-6
responder, IP SLAs
described 27-3
enabling 27-6
response time, measuring with IP SLAs 27-4
restricted VLAN
configuring 9-31
described 9-12
using with IEEE 802.1x 9-12
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-17
TACACS+ 8-10
retry count, VMPS, changing 12-28
RFC
1112, IP multicast and IGMP 18-2
1157, SNMPv1 26-2
1305, NTP 6-2
1757, RMON 24-2
1901, SNMPv2C 26-2
1902 to 1907, SNMPv2 26-2
2236, IP multicast and IGMP 18-2
2273-2275, SNMPv3 26-2
RMON
default configuration 24-3
displaying status 24-6
enabling alarms and events 24-3
groups supported 24-2
overview 24-1
statistics
collecting group Ethernet 24-5
collecting group history 24-5
support for 1-10
root guard
described 17-8
enabling 17-15
support for 1-6
root switch
MSTP 16-17
STP 15-14
RSPAN
characteristics 23-7
configuration guidelines 23-16
default configuration 23-9
defined 23-2
destination ports 23-6
displaying status 23-22
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-6
overview 1-10, 23-1
received traffic 23-4
sessions
creating 23-16
defined 23-3
limiting source traffic to specific VLANs 23-21
specifying monitored ports 23-16
with ingress traffic enabled 23-20
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
RSTP
active topology 16-9
BPDU
format 16-12
processing 16-13
designated port, defined 16-9
designated switch, defined 16-9
interoperability with IEEE 802.1D
described 16-8
restarting migration process 16-25
topology changes 16-13
overview 16-8
port roles
described 16-9
synchronized 16-11
proposal-agreement handshake process 16-10
rapid convergence
described 16-10
edge ports and Port Fast 16-10
point-to-point links 16-10, 16-24
root ports 16-10
root port, defined 16-9
See also MSTP
running configuration
replacing B-19, B-20
rolling back B-19, B-20
running configuration, saving 3-10
S
SC (standby command switch) 5-9
scheduled reloads 3-16
SDM
described 7-1
templates
configuring 7-2
number of 7-1
SDM template
configuration guidelines 7-2
configuring 7-2
types of 7-1
secure HTTP client
configuring 8-43
displaying 8-43
secure HTTP server
configuring 8-41
displaying 8-43
secure MAC addresses
deleting 19-15
maximum number of 19-9
types of 19-8
secure ports, configuring 19-8
secure remote connections 8-33
Secure Shell
See SSH
Secure Socket Layer
See SSL
security, port 19-8
security features 1-7
sequence numbers in log messages 25-8
server mode, VTP 13-3
service-provider network, MSTP and RSTP 16-1
set-request operation 26-5
setup program
failed command switch replacement 32-10
replacing failed command switch 32-8
severity levels, defining in system messages 25-8
SFPs
monitoring status of 10-18, 32-12
security and identification 32-12
status, displaying 32-12
shaped round robin
See SRR
show and more command output, filtering 2-10
show cdp traffic command 20-5
show cluster members command 5-14
show configuration command 10-16
show forward command 32-20
show interfaces command 10-13, 10-16
show lldp traffic command 21-8
show platform forward command 32-20
show running-config command
interface description in 10-16
shutdown command on interfaces 10-19
Simple Network Management Protocol
See SNMP
Smartports macros
applying Cisco-default macros 11-6
applying global parameter values 11-5, 11-6
applying macros 11-5
applying parameter values 11-5, 11-7
configuration guidelines 11-2
creating 11-4
default configuration 11-2
defined 11-1
displaying 11-8
tracing 11-3
website 11-2
SNAP 20-1
SNMP
accessing MIB variables with 26-4
agent
described 26-4
disabling 26-8
and IP SLAs 27-2
authentication level 26-11
community strings
configuring 26-8
for cluster switches 26-4
overview 26-4
configuration examples 26-17
default configuration 26-7
engine ID 26-7
groups 26-7, 26-10
host 26-7
ifIndex values 26-6
in-band management 1-5
in clusters 5-13
informs
and trap keyword 26-12
described 26-5
differences from traps 26-5
disabling 26-15
enabling 26-15
limiting access by TFTP servers 26-16
limiting system log messages to NMS 25-10
manager functions 1-4, 26-3
managing clusters with 5-15
MIBs
location of A-3
supported A-1
notifications 26-5
overview 26-1, 26-4
security levels 26-3
status, displaying 26-18
system contact and location 26-15
trap manager, configuring 26-14
traps
described 26-3, 26-5
differences from informs 26-5
disabling 26-15
enabling 26-12
enabling MAC address notification 6-22
overview 26-1, 26-5
types of 26-12
users 26-7, 26-10
versions supported 26-2
SNMPv1 26-2
SNMPv2C 26-2
SNMPv3 26-2
snooping, IGMP 18-1
software images
location in flash B-24
recovery procedures 32-2
scheduling reloads 3-16
tar file format, described B-24
See also downloading and uploading
source-and-destination-IP address based forwarding, EtherChannel 31-7
source-and-destination MAC address forwarding, EtherChannel 31-6
source-IP address based forwarding, EtherChannel 31-7
source-MAC address forwarding, EtherChannel 31-6
SPAN
configuration guidelines 23-10
default configuration 23-9
destination ports 23-6
displaying status 23-22
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-6
overview 1-10, 23-1
ports, restrictions 19-11
received traffic 23-4
sessions
configuring ingress forwarding 23-14, 23-21
creating 23-10
defined 23-3
limiting source traffic to specific VLANs 23-14
removing destination (monitoring) ports 23-12
specifying monitored ports 23-10
with ingress traffic enabled 23-13
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
spanning tree and native VLANs 12-15
Spanning Tree Protocol
See STP
SPAN traffic 23-4
SRR
configuring
shaped weights on egress queues 28-66
shared weights on egress queues 28-67
shared weights on ingress queues 28-60
described 28-13
shaped mode 28-13
shared mode 28-13
support for 1-9
SSH
configuring 8-34
cryptographic software image 8-33
described 1-5, 8-33
encryption methods 8-34
user authentication methods, supported 8-34
SSL
configuration guidelines 8-40
configuring a secure HTTP client 8-43
configuring a secure HTTP server 8-41
cryptographic software image 8-37
described 8-37
monitoring 8-43
standby command switch
configuring
considerations 5-10
defined 5-2
priority 5-9
requirements 5-3
virtual IP address 5-10
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
startup configuration
booting
manually 3-13
specific image 3-14
clearing B-19
configuration file
automatically downloading 3-12
specifying the filename 3-12
default boot configuration 3-12
stateless autoconfiguration 29-4
static access ports
assigning to VLAN 12-10
defined 10-3, 12-3
static addresses
See addresses
static MAC addressing 1-7
static routes
configuring for IPv6 29-9
static VLAN membership 12-2
statistics
802.1x 9-41
CDP 20-4
interface 10-18
LLDP 21-7
LLDP-MED 21-7
QoS ingress and egress 28-69
RMON group Ethernet 24-5
RMON group history 24-5
SNMP input and output 26-18
VTP 13-16
sticky learning 19-9
storm control
configuring 19-3
described 19-1
disabling 19-5
displaying 19-18
support for 1-3
thresholds 19-1
STP
accelerating root port selection 17-4
BackboneFast
described 17-5
disabling 17-14
enabling 17-13
BPDU filtering
described 17-3
disabling 17-12
enabling 17-12
BPDU guard
described 17-2
disabling 17-12
enabling 17-11
BPDU message exchange 15-3
configuration guidelines 15-12, 17-10
configuring
forward-delay time 15-21
hello time 15-20
maximum aging time 15-21
path cost 15-18
port priority 15-16
root switch 15-14
secondary root switch 15-16
spanning-tree mode 15-13
switch priority 15-19
transmit hold-count 15-22
counters, clearing 15-22
default configuration 15-11
default optional feature configuration 17-9
designated port, defined 15-3
designated switch, defined 15-3
detecting indirect link failures 17-5
disabling 15-14
displaying status 15-22
EtherChannel guard
described 17-7
disabling 17-14
enabling 17-14
extended system ID
effects on root switch 15-14
effects on the secondary root switch 15-16
overview 15-4
unexpected behavior 15-14
features supported 1-6
IEEE 802.1D and bridge ID 15-4
IEEE 802.1D and multicast addresses 15-8
IEEE 802.1t and VLAN identifier 15-4
inferior BPDU 15-3
instances supported 15-9
interface state, blocking to forwarding 17-2
interface states
blocking 15-6
disabled 15-7
forwarding 15-5, 15-6
learning 15-6
listening 15-6
overview 15-4
interoperability and compatibility among modes 15-10
limitations with IEEE 802.1Q trunks 15-10
load sharing
overview 12-20
using path costs 12-22
using port priorities 12-20
loop guard
described 17-9
enabling 17-15
modes supported 15-9
multicast addresses, effect of 15-8
optional features supported 1-6
overview 15-2
path costs 12-22
Port Fast
described 17-2
enabling 17-10
port priorities 12-21
preventing root switch selection 17-8
protocols supported 15-9
redundant connectivity 15-8
root guard
described 17-8
enabling 17-15
root port, defined 15-3
root switch
configuring 15-14
effects of extended system ID 15-4, 15-14
election 15-3
unexpected behavior 15-14
shutdown Port Fast-enabled port 17-2
status, displaying 15-22
superior BPDU 15-3
timers, described 15-20
UplinkFast
described 17-3
enabling 17-13
stratum, NTP 6-2
success response, VMPS 12-24
summer time 6-13
SunNet Manager 1-4
switch clustering technology 5-1
See also clusters, switch
switch console port 1-5
Switch Database Management
See SDM
Switched Port Analyzer
See SPAN
switched ports 10-2
switchport block multicast command 19-7
switchport block unicast command 19-7
switchport protected command 19-6
switch priority
MSTP 16-21
STP 15-19
switch software features 1-1
syslog
See system message logging
system capabilities TLV 21-2
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-1
See also NTP
system description TLV 21-2
system message logging
default configuration 25-3
defining error message severity levels 25-8
disabling 25-4
displaying the configuration 25-13
enabling 25-4
facility keywords, described 25-13
level keywords, described 25-9
limiting messages 25-10
message format 25-2
overview 25-1
sequence numbers, enabling and disabling 25-8
setting the display destination device 25-5
synchronizing log messages 25-6
syslog facility 1-10
time stamps, enabling and disabling 25-7
UNIX syslog servers
configuring the daemon 25-12
configuring the logging facility 25-12
facilities supported 25-13
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
See also DNS
system name TLV 21-2
system prompt, default setting 6-14, 6-15
system resources, optimizing 7-1
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-17
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
in clusters 5-14
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-8
tracking services accessed by user 8-17
tar files
creating B-6
displaying the contents of B-7
extracting B-7
image file format B-24
TDR 1-10
Telnet
accessing management interfaces 2-10
number of connections 1-5
setting a password 8-6
templates, SDM 7-1
temporary self-signed certificate 8-38
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-12
configuration files in base directory 3-6
configuring for autoconfiguration 3-6
image files
deleting B-28
downloading B-27
preparing the server B-26
uploading B-28
limiting access by servers 26-16
TFTP server 1-4
threshold, traffic level 19-2
time
See NTP and system clock
Time Domain Reflector
See TDR
time stamps in log messages 25-7
time zones 6-12
TLVs
defined 21-2
LLDP 21-2
LLDP-MED 21-2
Token Ring VLANs
support for 12-5
VTP support 13-4
ToS 1-9
traceroute, Layer 2
and ARP 32-15
and CDP 32-14
broadcast traffic 32-14
described 32-14
IP addresses and subnets 32-15
MAC addresses and VLANs 32-15
multicast traffic 32-15
multiple devices on a port 32-15
unicast traffic 32-14
usage guidelines 32-14
traceroute command 32-16
See also IP traceroute
traffic
blocking flooded 19-7
traffic policing 1-9
traffic suppression 19-1
transmit hold-count
see STP
transparent mode, VTP 13-3, 13-12
trap-door mechanism 3-2
traps
configuring MAC address notification 6-22
configuring managers 26-12
defined 26-3
enabling 6-22, 26-12
notification types 26-12
overview 26-1, 26-5
troubleshooting
connectivity problems 32-12, 32-14, 32-15
detecting unidirectional links 22-1
displaying crash information 32-21
setting packet forwarding 32-20
SFP security and identification 32-12
show forward command 32-20
with CiscoWorks 26-4
with debug commands 32-18
with ping 32-13
with system message logging 25-1
with traceroute 32-15
trunk failover
See link-state tracking
trunking encapsulation 1-7
trunk ports
configuring 12-17
defined 10-3, 12-3
trunks
allowed-VLAN list 12-18
load sharing
setting STP path costs 12-22
using STP port priorities 12-20, 12-21
native VLAN for untagged traffic 12-19
parallel 12-22
pruning-eligible list 12-19
to non-DTP device 12-14
trusted boundary for QoS 28-36
trusted port states
between QoS domains 28-38
classification options 28-5
ensuring port security for IP phones 28-36
support for 1-9
within a QoS domain 28-34
trustpoints, CA 8-38
twisted-pair Ethernet, detecting unidirectional links 22-1
type of service
See ToS
U
UDLD
configuration guidelines 22-4
default configuration 22-4
disabling
globally 22-5
on fiber-optic interfaces 22-5
per interface 22-5
echoing detection mechanism 22-2
enabling
globally 22-5
per interface 22-5
link-detection mechanism 22-1
neighbor database 22-2
overview 22-1
resetting an interface 22-6
status, displaying 22-6
support for 1-6
unauthorized ports with IEEE 802.1x 9-7
unicast MAC address filtering 1-4
and adding static addresses 6-25
and broadcast MAC addresses 6-25
and CPU packets 6-25
and multicast addresses 6-25
and router MAC addresses 6-25
configuration guidelines 6-25
described 6-25
unicast storm 19-1
unicast storm control command 19-4
unicast traffic, blocking 19-7
UniDirectional Link Detection protocol
See UDLD
UNIX syslog servers
daemon configuration 25-12
facilities supported 25-13
message logging configuration 25-12
unrecognized Type-Length-Value (TLV) support 13-4
upgrading a Catalyst 2950 switch
configuration compatibility issues C-1
differences in configuration commands C-1
feature behavior incompatibilities C-5
incompatible command messages C-1
recommendations C-1
upgrading information
See release notes
upgrading software images
See downloading
UplinkFast
described 17-3
disabling 17-13
enabling 17-13
support for 1-6
uploading
configuration files
preparing B-10, B-13, B-16
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
image files
preparing B-26, B-29, B-33
reasons for B-23
using FTP B-32
using RCP B-37
using TFTP B-28
user EXEC mode 2-2
username-based authentication 8-6
V
version-dependent transparent mode 13-4
virtual IP address
cluster standby group 5-10
command switch 5-10
vlan.dat file 12-4
VLAN 1, disabling on a trunk port 12-18
VLAN 1 minimization 12-18
vlan-assignment response, VMPS 12-24
VLAN configuration
at bootup 12-7
saving 12-7
VLAN configuration mode 2-2, 12-6
VLAN database
and startup configuration file 12-7
and VTP 13-1
VLAN configuration saved in 12-6
VLANs saved in 12-4
vlan database command 12-6
VLAN filtering and SPAN 23-6
vlan global configuration command 12-6
VLAN ID, discovering 6-26
VLAN management domain 13-2
VLAN Management Policy Server
See VMPS
VLAN membership
confirming 12-27
modes 12-3
VLAN Query Protocol
See VQP
VLANs
adding 12-8
adding to VLAN database 12-8
aging dynamic addresses 15-9
allowed on trunk 12-18
and spanning-tree instances 12-2, 12-6, 12-12
configuration guidelines, extended-range VLANs 12-12
configuration guidelines, normal-range VLANs 12-5
configuration options 12-6
configuring 12-1
configuring IDs 1006 to 4094 12-12
creating in config-vlan mode 12-8
creating in VLAN configuration mode 12-9
default configuration 12-7
deleting 12-9
described 10-2, 12-1
displaying 12-13
extended-range 12-1, 12-11
features 1-7
illustrated 12-2
limiting source traffic with RSPAN 23-21
limiting source traffic with SPAN 23-14
modifying 12-8
multicast 18-17
native, configuring 12-19
normal-range 12-1, 12-4
number supported 1-7
parameters 12-4
port membership modes 12-3
static-access ports 12-10
STP and IEEE 802.1Q trunks 15-10
supported 12-2
Token Ring 12-5
traffic between 12-2
VTP modes 13-3
VLAN Trunking Protocol
See VTP
VLAN trunks 12-14
VMPS
administering 12-28
configuration example 12-29
configuration guidelines 12-25
default configuration 12-25
description 12-23
dynamic port membership
described 12-24
reconfirming 12-27
troubleshooting 12-29
entering server address 12-26
mapping MAC addresses to VLANs 12-24
monitoring 12-28
reconfirmation interval, changing 12-27
reconfirming membership 12-27
retry count, changing 12-28
voice-over-IP 14-1
voice VLAN
Cisco 7960 phone, port connections 14-1
configuration guidelines 14-3
configuring IP phones for data traffic
override CoS of incoming frame 14-6
trust CoS priority of incoming frame 14-6
configuring ports for voice traffic in
802.1p priority tagged frames 14-5
802.1Q frames 14-4
connecting to an IP phone 14-4
default configuration 14-3
described 14-1
displaying 14-6
IP phone data traffic, described 14-2
IP phone voice traffic, described 14-2
VQP 1-7, 12-23
VTP
adding a client to a domain 13-14
advertisements 12-16, 13-3
and extended-range VLANs 13-1
and normal-range VLANs 13-1
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-7
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-6
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
modes
client 13-3, 13-11
server 13-3, 13-9
transitions 13-3
transparent 13-3, 13-12
monitoring 13-16
passwords 13-8
pruning
disabling 13-14
enabling 13-14
examples 13-5
overview 13-4
support for 1-7
pruning-eligible list, changing 12-19
server mode, configuring 13-9
statistics 13-16
support for 1-7
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-8
Version 1 13-4
Version 2
configuration guidelines 13-8
disabling 13-13
enabling 13-13
overview 13-4
W
web authentication
configuring9-38to 9-40
described 1-7, 9-17
fallback for IEEE 802.1x 9-39
weighted tail drop
See WTD
wizards 1-2
WTD
described 28-12
setting thresholds
egress queue-sets 28-62
ingress queues 28-58
support for 1-9
X
Xmodem protocol 32-2