Catalyst 2960 Switch Software Configuration Guide, Rel. 12.2(40)SE
Index
Downloads: This chapterpdf (PDF - 1.19MB) The complete bookPDF (PDF - 8.03MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

abbreviating commands 2-4

AC (command switch) 5-9

access-denied response, VMPS 12-24

accessing

clusters, switch 5-12

command switches 5-10

member switches 5-12

switch clusters 5-12

access ports

in switch clusters 5-8

access ports, defined 10-2

accounting

with 802.1x 9-29

with IEEE 802.1x 9-8

with RADIUS 8-28

with TACACS+ 8-11, 8-17

ACEs

and QoS 28-7

ACLs

applying

to QoS 28-7

classifying traffic for QoS 28-41

examples of 28-41

extended IP, configuring for QoS classification 28-42

IP

fragments and QoS guidelines 28-32

MAC extended 28-43

number per QoS class map 28-32

QoS 28-7, 28-41

standard IP, configuring for QoS classification 28-41

support for 1-8

active traffic monitoring, IP SLAs 27-1

address aliasing 18-2

addresses

displaying the MAC address table 6-26

dynamic

accelerated aging 15-8

changing the aging time 6-21

default aging 15-8

defined 6-19

learning 6-20

removing 6-22

MAC, discovering 6-26

multicast, STP address management 15-8

static

adding and removing 6-24

defined 6-19

address resolution 6-26

Address Resolution Protocol

See ARP

advertisements

CDP 20-1

LLDP 21-2

VTP 12-16, 13-3

aggregatable global unicast addresses 29-3

aggregated ports

See EtherChannel

aggregate policers 28-49

aggregate policing 1-9

aging, accelerating 15-8

aging time

accelerated

for MSTP 16-23

for STP 15-8, 15-21

MAC address table 6-21

maximum

for MSTP 16-23, 16-24

for STP 15-21, 15-22

alarms, RMON 24-3

allowed-VLAN list 12-18

ARP

defined 1-4, 6-26

table

address resolution 6-26

managing 6-26

attributes, RADIUS

vendor-proprietary 8-31

vendor-specific 8-29

audience xxix

authentication

local mode with AAA 8-32

NTP associations 6-4

RADIUS

key 8-21

login 8-23

TACACS+

defined 8-11

key 8-13

login 8-14

See also port-based authentication

authentication failed VLAN

See restricted VLAN

authoritative time source, described 6-2

authorization

with RADIUS 8-27

with TACACS+ 8-11, 8-16

authorized ports with IEEE 802.1x 9-7

autoconfiguration 3-3

automatic discovery

considerations

beyond a noncandidate device 5-7

brand new switches 5-8

connectivity 5-4

different VLANs 5-6

management VLANs 5-7

non-CDP-capable devices 5-6

noncluster-capable devices 5-6

in switch clusters 5-4

See also CDP

automatic QoS

See QoS

automatic recovery, clusters 5-9

See also HSRP

auto-MDIX

configuring 10-15

described 10-15

autonegotiation

duplex mode 1-2

interface configuration guidelines 10-12

mismatches 32-11

autosensing, port speed 1-2

auxiliary VLAN

See voice VLAN

availability, features 1-6

B

BackboneFast

described 17-5

disabling 17-14

enabling 17-13

support for 1-6

banners

configuring

login 6-19

message-of-the-day login 6-18

default configuration 6-17

when displayed 6-17

blocking packets 19-7

booting

boot loader, function of 3-2

boot process 3-1

manually 3-13

specific image 3-14

boot loader

accessing 3-14

described 3-2

environment variables 3-14

prompt 3-14

trap-door mechanism 3-2

BPDU

error-disabled state 17-2

filtering 17-3

RSTP format 16-12

BPDU filtering

described 17-3

disabling 17-12

enabling 17-12

support for 1-6

BPDU guard

described 17-2

disabling 17-12

enabling 17-11

support for 1-6

bridge protocol data unit

See BPDU

broadcast storm-control command 19-4

broadcast storms 19-1

C

cables, monitoring for unidirectional links 22-1

candidate switch

automatic discovery 5-4

defined 5-3

requirements 5-3

See also command switch, cluster standby group, and member switch

CA trustpoint

configuring 8-40

defined 8-38

caution, described xxx

CDP

and trusted boundary 28-37

automatic discovery in switch clusters 5-4

configuring 20-2

default configuration 20-2

defined with LLDP 21-1

described 20-1

disabling for routing device20-3to 20-4

enabling and disabling

on an interface 20-4

on a switch 20-3

monitoring 20-4

overview 20-1

support for 1-4

transmission timer and holdtime, setting 20-2

updates 20-2

CGMP

as IGMP snooping learning method 18-8

joining multicast group 18-3

CipherSuites 8-39

Cisco 7960 IP Phone 14-1

Cisco Discovery Protocol

See CDP

Cisco IOS File System

See IFS

Cisco IOS IP Service Level Agreements (SLAs) responder 1-3

Cisco IOS IP SLAs 27-1

Cisco Network Assistant

See Network Assistant

CiscoWorks 2000 1-4, 26-4

CIST regional root

See MSTP

CIST root

See MSTP

civic location 21-3

class maps for QoS

configuring 28-44

described 28-7

displaying 28-69

class of service

See CoS

clearing interfaces 10-19

CLI

abbreviating commands 2-4

command modes 2-1

configuration logging 2-5

described 1-4

editing features

enabling and disabling 2-7

keystroke editing 2-7

wrapped lines 2-9

error messages 2-5

filtering command output 2-10

getting help 2-3

history

changing the buffer size 2-6

described 2-6

disabling 2-7

recalling commands 2-6

managing clusters 5-14

no and default forms of commands 2-4

client mode, VTP 13-3

clock

See system clock

cluster requirements xxxi

clusters, switch

accessing 5-12

automatic discovery 5-4

automatic recovery 5-9

benefits 1-1

compatibility 5-4

described 5-1

LRE profile considerations 5-14

managing

through CLI 5-14

through SNMP 5-15

planning 5-4

planning considerations

automatic discovery 5-4

automatic recovery 5-9

CLI 5-14

host names 5-12

IP addresses 5-12

LRE profiles 5-14

passwords 5-13

RADIUS 5-14

SNMP 5-13, 5-15

TACACS+ 5-14

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

automatic recovery 5-11

considerations 5-10

defined 5-2

requirements 5-3

virtual IP address 5-10

See also HSRP

CNS 1-4

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-8

management functions 1-4

Coarse Wave Division Multiplexer

See CWDM SFPs

command-line interface

See CLI

command modes 2-1

commands

abbreviating 2-4

no and default 2-4

commands, setting privilege levels 8-8

command switch

accessing 5-10

active (AC) 5-9

configuration conflicts 32-11

defined 5-2

passive (PC) 5-9

password privilege levels 5-15

priority 5-9

recovery

from command-switch failure 5-9, 32-7

from lost member connectivity 32-11

redundant 5-9

replacing

with another switch 32-10

with cluster member 32-8

requirements 5-3

standby (SC) 5-9

See also candidate switch, cluster standby group, member switch, and standby command switch

community strings

configuring 5-13, 26-8

for cluster switches 26-4

in clusters 5-13

overview 26-4

SNMP 5-13

compatibility, feature 19-11

config.text 3-12

configurable leave timer, IGMP 18-5

configuration, initial

defaults 1-10

Express Setup 1-2

See also getting started guide and hardware installation guide

configuration changes, logging 25-10

configuration conflicts, recovering from lost member connectivity 32-11

configuration examples, network 1-12

configuration files

archiving B-20

clearing the startup configuration B-19

creating using a text editor B-10

default name 3-12

deleting a stored configuration B-19

described B-8

downloading

automatically 3-12

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

guidelines for creating and using B-9

guidelines for replacing and rolling back B-21

invalid combinations when copying B-5

limiting TFTP server access 26-16

obtaining with DHCP 3-7

password recovery disable considerations 8-5

replacing a running configuration B-19, B-20

rolling back a running configuration B-19, B-20

specifying the filename 3-12

system contact and location information 26-15

types and location B-10

uploading

preparing B-10, B-13, B-16

reasons for B-9

using FTP B-14

using RCP B-18

using TFTP B-12

configuration logger 25-10

configuration logging 2-5

configuration replacement B-19

configuration rollback B-19, B-20

configuration settings, saving 3-10

configure terminal command 10-5

config-vlan mode 2-2, 12-6

conflicts, configuration 32-11

connections, secure remote 8-33

connectivity problems 32-12, 32-14, 32-15

consistency checks in VTP Version 2 13-4

console port, connecting to 2-10

control protocol, IP SLAs 27-3

conventions

command xxx

for examples xxx

publication xxx

text xxx

corrupted software, recovery steps with Xmodem 32-2

CoS

in Layer 2 frames 28-2

override priority 14-6

trust priority 14-6

CoS input queue threshold map for QoS 28-15

CoS output queue threshold map for QoS 28-18

CoS-to-DSCP map for QoS 28-52

counters, clearing interface 10-19

crashinfo file 32-21

critical authentication, IEEE 802.1x 9-33

cryptographic software image

SSH 8-33

SSL 8-37

CWDM SFPs 1-17

D

daylight saving time 6-13

debugging

enabling all system diagnostics 32-19

enabling for a specific feature 32-18

redirecting error message output 32-19

using commands 32-18

default commands 2-4

default configuration

802.1x 9-19

auto-QoS 28-20

banners 6-17

booting 3-12

CDP 20-2

DNS 6-16

EtherChannel 31-9

Ethernet interfaces 10-9

IGMP filtering 18-24

IGMP snooping 18-6, 30-5, 30-6

IGMP throttling 18-24

initial switch information 3-3

IP SLAs 27-5

IPv6 29-8

Layer 2 interfaces 10-9

LLDP 21-3

MAC address table 6-21

MSTP 16-14

MVR 18-19

NTP 6-4

optional spanning-tree configuration 17-9

password and privilege level 8-2

RADIUS 8-20

RMON 24-3

RSPAN 23-9

SDM template 7-2

SNMP 26-7

SPAN 23-9

SSL 8-40

standard QoS 28-30

STP 15-11

system message logging 25-3

system name and prompt 6-15

TACACS+ 8-13

UDLD 22-4

VLAN, Layer 2 Ethernet interfaces 12-16

VLANs 12-7

VMPS 12-25

voice VLAN 14-3

VTP 13-6

default gateway 3-10

deleting VLANs 12-9

denial-of-service attack 19-1

description command 10-16

designing your network, examples 1-12

destination-IP address-based forwarding, EtherChannel 31-7

destination-MAC address forwarding, EtherChannel 31-6

detecting indirect link failures, STP 17-5

device B-23

device discovery protocol 20-1, 21-1

device manager

benefits 1-1

described 1-2, 1-3

in-band management 1-5

requirements xxx

upgrading a switch B-23

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-6

relay device 3-6

server side 3-5

TFTP server 3-6

example 3-8

lease options

for IP address information 3-5

for receiving the configuration file 3-5

overview 3-3

relationship to BOOTP 3-3

relay support 1-4

support for 1-4

Differentiated Services architecture, QoS 28-2

Differentiated Services Code Point 28-2

directed unicast requests 1-4

directories

changing B-4

creating and removing B-4

displaying the working B-4

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration 3-6

default configuration 6-16

displaying the configuration 6-17

in IPv6 29-4

overview 6-15

setting up 6-16

support for 1-4

documentation, related xxx

document conventions xxx

domain names

DNS 6-15

VTP 13-8

Domain Name System

See DNS

downloading

configuration files

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

image files

deleting old image B-28

preparing B-26, B-29, B-33

reasons for B-23

using CMS 1-2

using FTP B-30

using HTTP 1-2, B-23

using RCP B-35

using TFTP B-27

using the device manager or Network Assistant B-23

DSCP 1-9, 28-2

DSCP input queue threshold map for QoS 28-15

DSCP output queue threshold map for QoS 28-18

DSCP-to-CoS map for QoS 28-55

DSCP-to-DSCP-mutation map for QoS 28-56

DSCP transparency 28-38

DTP 1-7, 12-14

Dual IPv4-and-IPv6 SDM Templates 29-7

dual IPv4 and IPv6 templates 29-1, 29-6

dual protocol stacks

IPv4 and IPv6 29-6

SDM templates supporting 29-6

dual-purpose uplinks

defined 10-4

LEDs 10-4

link selection 10-4

setting the type 10-10

dynamic access ports

characteristics 12-3

configuring 12-26

defined 10-3

dynamic addresses

See addresses

dynamic auto trunking mode 12-15

dynamic desirable trunking mode 12-15

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 12-24

reconfirming 12-27

troubleshooting 12-29

types of connections 12-26

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling 2-7

keystrokes used 2-7

wrapped lines 2-9

ELIN location 21-3

enable password 8-3

enable secret password 8-3

encryption, CipherSuite 8-39

encryption for passwords 8-3

environment variables, function of 3-15

error-disabled state, BPDU 17-2

error messages during command entry 2-5

EtherChannel

automatic creation of 31-4, 31-5

channel groups

binding physical and logical interfaces 31-3

numbering of 31-3

configuration guidelines 31-9

configuring Layer 2 interfaces 31-10

default configuration 31-9

described 31-2

displaying status 31-16

forwarding methods 31-6, 31-12

IEEE 802.3ad, described 31-5

interaction

with STP 31-9

with VLANs 31-10

LACP

described 31-5

displaying status 31-16

hot-standby ports 31-14

interaction with other features 31-6

modes 31-5

port priority 31-15

system priority 31-15

load balancing 31-6, 31-12

PAgP

aggregate-port learners 31-13

compatibility with Catalyst 1900 31-13

described 31-4

displaying status 31-16

interaction with other features 31-5

learn method and priority configuration 31-13

modes 31-4

support for 1-3

port-channel interfaces

described 31-3

numbering of 31-3

port groups 10-3

support for 1-3

EtherChannel guard

described 17-7

disabling 17-14

enabling 17-14

Ethernet VLANs

adding 12-8

defaults and ranges 12-7

modifying 12-8

EUI 29-3

events, RMON 24-3

examples

conventions for xxx

network configuration 1-12

expedite queue for QoS 28-68

Express Setup 1-2

See also getting started guide

extended crashinfo file 32-21

extended-range VLANs

configuration guidelines 12-12

configuring 12-11

creating 12-12

defined 12-1

extended system ID

MSTP 16-17

STP 15-4, 15-14

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 9-1

F

fa0 interface 1-5

features, incompatible 19-11

fiber-optic, detecting unidirectional links 22-1

files

basic crashinfo

description 32-21

location 32-21

copying B-5

crashinfo, description 32-21

deleting B-5

displaying the contents of B-8

extended crashinfo

description 32-22

location 32-22

tar

creating B-6

displaying the contents of B-7

extracting B-7

image file format B-24

file system

displaying available file systems B-2

displaying file information B-3

local file system names B-1

network file system names B-5

setting the default B-3

filtering

show and more command output 2-10

filtering show and more command output 2-10

flash device, number of B-1

flooded traffic, blocking 19-7

flow-based packet classification 1-9

flowcharts

QoS classification 28-6

QoS egress queueing and scheduling 28-16

QoS ingress queueing and scheduling 28-14

QoS policing and marking 28-10

flowcontrol

configuring 10-14

described 10-14

forward-delay time

MSTP 16-23

STP 15-21

FTP

accessing MIB files A-3

configuration files

downloading B-13

overview B-12

preparing the server B-13

uploading B-14

FTP

image files

deleting old image B-32

downloading B-30

preparing the server B-29

uploading B-32

G

get-bulk-request operation 26-3

get-next-request operation 26-3, 26-5

get-request operation 26-3, 26-5

get-response operation 26-3

global configuration mode 2-2

global leave, IGMP 18-12

guest VLAN and 802.1x 9-11

guide

audience xxix

purpose of xxix

guide mode 1-2

GUIs

See device manager and Network Assistant

H

hello time

MSTP 16-22

STP 15-20

help, for the command line 2-3

history

changing the buffer size 2-6

described 2-6

disabling 2-7

recalling commands 2-6

history table, level and number of syslog messages 25-10

host names, in clusters 5-12

hosts, limit on dynamic ports 12-29

HP OpenView 1-4

HSRP

automatic cluster recovery 5-11

cluster standby group considerations 5-10

See also clusters, cluster standby group, and standby command switch

HTTP over SSL

see HTTPS

HTTPS 8-38

configuring 8-41

self-signed certificate 8-38

HTTP secure server 8-38

I

ICMP

IPv6 29-4

time-exceeded messages 32-16

traceroute and 32-16

ICMP ping

executing 32-13

overview 32-13

ICMPv6 29-4

IDS appliances

and ingress RSPAN 23-20

and ingress SPAN 23-13

IEEE 802.1D

See STP

IEEE 802.1p 14-1

IEEE 802.1Q

and trunk ports 10-3

configuration limitations 12-15

encapsulation 12-14

native VLAN for untagged traffic 12-19

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3x flow control 10-14

ifIndex values, SNMP 26-6

IFS 1-4

IGMP

configurable leave timer

described 18-5

enabling 18-11

flooded multicast traffic

controlling the length of time 18-12

disabling on an interface 18-13

global leave 18-12

query solicitation 18-12

recovering from flood mode 18-12

joining multicast group 18-3

join messages 18-3

leave processing, enabling 18-10, 30-9

leaving multicast group 18-5

queries 18-4

report suppression

described 18-6

disabling 18-15, 30-11

supported versions 18-2

support for 1-3

IGMP filtering

configuring 18-24

default configuration 18-24

described 18-23

monitoring 18-28

support for 1-3

IGMP groups

configuring filtering 18-27

setting the maximum number 18-26

IGMP Immediate Leave

configuration guidelines 18-11

described 18-5

enabling 18-10

IGMP profile

applying 18-25

configuration mode 18-24

configuring 18-25

IGMP snooping

and address aliasing 18-2

configuring 18-6

default configuration 18-6, 30-5, 30-6

definition 18-1

enabling and disabling 18-7, 30-6

global configuration 18-7

Immediate Leave 18-5

method 18-8

monitoring 18-15, 30-11

querier

configuration guidelines 18-14

configuring 18-14

supported versions 18-2

support for 1-3

VLAN configuration 18-7

IGMP throttling

configuring 18-27

default configuration 18-24

described 18-24

displaying action 18-28

Immediate Leave, IGMP 18-5

enabling 30-9

inaccessible authentication bypass 9-13

initial configuration

defaults 1-10

Express Setup 1-2

See also getting started guide and hardware installation guide

interface

number 10-5

range macros 10-7

interface command 10-5

interface configuration mode 2-3

interfaces

auto-MDIX, configuring 10-15

configuration guidelines

duplex and speed 10-12

configuring

procedure 10-5

counters, clearing 10-19

default configuration 10-9

described 10-16

descriptive name, adding 10-16

displaying information about 10-18

flow control 10-14

management 1-3

monitoring 10-18

naming 10-16

physical, identifying 10-5

range of 10-6

restarting 10-19

shutting down 10-19

speed and duplex, configuring 10-13

status 10-18

supported 10-4

types of 10-1

interfaces range macro command 10-7

interface types 10-5

Internet Protocol version 6

See IPv6

Intrusion Detection System

See IDS appliances

inventory management TLV 21-3, 21-6

IP ACLs

for QoS classification 28-7

IP addresses

128-bit 29-2

candidate or member 5-3, 5-12

cluster access 5-2

command switch 5-3, 5-10, 5-12

discovering 6-26

IPv6 29-2

redundant clusters 5-10

standby command switch 5-10, 5-12

See also IP information

ip igmp profile command 18-24

IP information

assigned

manually 3-10

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP phones

and QoS 14-1

automatic classification and queueing 28-19

configuring 14-4

ensuring port security with QoS 28-36

trusted boundary for QoS 28-36

IP precedence 28-2

IP-precedence-to-DSCP map for QoS 28-53

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 27-1

IP SLAs

benefits 27-2

configuration guidelines 27-5

Control Protocol 27-3

default configuration 27-5

definition 27-1

measuring network performance 27-2

monitoring 27-7

operation 27-3

responder

described 27-3

enabling 27-6

response time 27-4

SNMP support 27-2

supported metrics 27-2

IP traceroute

executing 32-16

overview 32-15

IPv4 and IPv6

differences 29-2

dual protocol stacks 29-5

IPv6

addresses 29-2

address formats 29-2

advantages 29-2

applications 29-5

autoconfiguration 29-4

configuring static routes 29-9

default configuration 29-8

defined 29-1

ICMP 29-4

ICMP rate limiting 29-8

monitoring 29-11

neighbor discovery 29-4

reasons for 29-1

SDM templates 29-6, 30-1

supported features 29-3

J

join messages, IGMP 18-3

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 28-2

Layer 2 interfaces, default configuration 10-9

Layer 2 traceroute

and ARP 32-15

and CDP 32-14

broadcast traffic 32-14

described 32-14

IP addresses and subnets 32-15

MAC addresses and VLANs 32-15

multicast traffic 32-15

multiple devices on a port 32-15

unicast traffic 32-14

usage guidelines 32-14

Layer 3 packets, classification methods 28-2

LDAP 4-2

LEDs, switch

See hardware installation guide

lightweight directory access protocol

See LDAP

line configuration mode 2-3

Link Aggregation Control Protocol

See EtherChannel

link failure, detecting unidirectional 16-8

Link Layer Discovery Protocol

See CDP

link local unicast addresses 29-3

links, unidirectional 22-1

link-state tracking

configuring 31-19

described 31-17

LLDP

configuring 21-3

characteristics 21-4

default configuration 21-3

disabling and enabling

globally 21-5

on an interface 21-5

monitoring and maintaining 21-7

overview 21-1

supported TLVs 21-2

switch stack considerations 21-2

transmission timer and holdtime, setting 21-4

LLDP-MED

configuring

procedures 21-3

TLVs 21-6

monitoring and maintaining 21-7

overview 21-1, 21-2

supported TLVs 21-2

LLDP Media Endpoint Discovery

See LLDP-MED

local SPAN 23-2

location TLV 21-3, 21-6

login authentication

with RADIUS 8-23

with TACACS+ 8-14

login banners 6-17

log messages

See system message logging

Long-Reach Ethernet (LRE) technology 1-14

loop guard

described 17-9

enabling 17-15

support for 1-6

LRE profiles, considerations in switch clusters 5-14

M

MAC/PHY configuration status TLV 21-2

MAC addresses

aging time 6-21

and VLAN association 6-20

building the address table 6-20

default configuration 6-21

discovering 6-26

displaying 6-26

dynamic

learning 6-20

removing 6-22

static

adding 6-24

allowing 6-25

characteristics of 6-24

dropping 6-25

removing 6-24

MAC address notification, support for 1-10

MAC address-to-VLAN mapping 12-24

MAC extended access lists

configuring for QoS 28-43

for QoS classification 28-5

macros

See Smartports macros

magic packet 9-15

manageability features 1-4

management access

in-band

browser session 1-5

CLI session 1-5

device manager 1-5

SNMP 1-5

out-of-band console port connection 1-5

management address TLV 21-2

management options

CLI 2-1

clustering 1-2

CNS 4-1

Network Assistant 1-2

overview 1-3

management VLAN

considerations in switch clusters 5-7

discovery through different management VLANs 5-7

mapping tables for QoS

configuring

CoS-to-DSCP 28-52

DSCP 28-51

DSCP-to-CoS 28-55

DSCP-to-DSCP-mutation 28-56

IP-precedence-to-DSCP 28-53

policed-DSCP 28-54

described 28-11

marking

action with aggregate policers 28-49

described 28-4, 28-8

maximum aging time

MSTP 16-23

STP 15-21

maximum hop count, MSTP 16-24

membership mode, VLAN port 12-3

member switch

automatic discovery 5-4

defined 5-2

managing 5-14

passwords 5-12

recovering from lost connectivity 32-11

requirements 5-3

See also candidate switch, cluster standby group, and standby command switch

messages, to users through banners 6-17

MIBs

accessing files with FTP A-3

location of files A-3

overview 26-1

SNMP interaction with 26-4

supported A-1

mirroring traffic for analysis 23-1

mismatches, autonegotiation 32-11

module number 10-5

monitoring

cables for unidirectional links 22-1

CDP 20-4

features 1-10

IGMP

filters 18-28

snooping 18-15, 30-11

interfaces 10-18

IP SLAs operations 27-7

IPv6 29-11

multicast router interfaces 18-16, 30-12

MVR 18-23

network traffic for analysis with probe 23-2

port

blocking 19-18

protection 19-18

SFP status 10-18, 32-12

speed and duplex mode 10-13

traffic flowing among switches 24-1

traffic suppression 19-17

VLANs 12-13

VMPS 12-28

VTP 13-16

MSTP

boundary ports

configuration guidelines 16-15

described 16-6

BPDU filtering

described 17-3

enabling 17-12

BPDU guard

described 17-2

enabling 17-11

CIST, described 16-3

CIST regional root 16-3

CIST root 16-5

configuration guidelines 16-15, 17-10

configuring

forward-delay time 16-23

hello time 16-22

link type for rapid convergence 16-24

maximum aging time 16-23

maximum hop count 16-24

MST region 16-16

neighbor type 16-25

path cost 16-20

port priority 16-19

root switch 16-17

secondary root switch 16-18

switch priority 16-21

CST

defined 16-3

operations between regions 16-4

default configuration 16-14

default optional feature configuration 17-9

displaying status 16-26

enabling the mode 16-16

EtherChannel guard

described 17-7

enabling 17-14

extended system ID

effects on root switch 16-17

effects on secondary root switch 16-18

unexpected behavior 16-17

IEEE 802.1s

implementation 16-6

port role naming change 16-7

terminology 16-5

instances supported 15-9

interface state, blocking to forwarding 17-2

interoperability and compatibility among modes 15-10

interoperability with IEEE 802.1D

described 16-8

restarting migration process 16-25

IST

defined 16-3

master 16-3

operations within a region 16-3

loop guard

described 17-9

enabling 17-15

mapping VLANs to MST instance 16-16

MST region

CIST 16-3

configuring 16-16

described 16-2

hop-count mechanism 16-5

IST 16-3

supported spanning-tree instances 16-2

optional features supported 1-6

overview 16-2

Port Fast

described 17-2

enabling 17-10

preventing root switch selection 17-8

root guard

described 17-8

enabling 17-15

root switch

configuring 16-17

effects of extended system ID 16-17

unexpected behavior 16-17

shutdown Port Fast-enabled port 17-2

status, displaying 16-26

multicast groups

Immediate Leave 18-5

joining 18-3

leaving 18-5

static joins 18-10, 30-8

multicast router interfaces, monitoring 18-16, 30-12

multicast router ports, adding 18-9, 30-8

multicast storm 19-1

multicast storm-control command 19-4

multicast television application 18-18

multicast VLAN 18-17

Multicast VLAN Registration

See MVR

MVR

and address aliasing 18-20

and IGMPv3 18-20

configuration guidelines 18-20

configuring interfaces 18-21

default configuration 18-19

described 18-17

example application 18-18

modes 18-21

monitoring 18-23

multicast television application 18-18

setting global parameters 18-20

support for 1-3

N

NAC

critical authentication 9-13, 9-33

IEEE 802.1x authentication using a RADIUS server 9-37

IEEE 802.1x validation using RADIUS server 9-37

inaccessible authentication bypass 9-33

Layer 2 IEEE 802.1x validation 1-8, 9-37

Layer 2 IEEE802.1x validation 9-17

NameSpace Mapper

See NSM

native VLAN

configuring 12-19

default 12-19

neighbor discovery, IPv6 29-4

Network Admission Control

See NAC

Network Admission Control Software Configuration Guide 9-39, 9-40

Network Assistant

benefits 1-1

described 1-3

downloading image files 1-2

guide mode 1-2

management options 1-2

requirements xxx

upgrading a switch B-23

wizards 1-2

network configuration examples

increasing network performance 1-13

long-distance, high-bandwidth transport 1-17

providing network services 1-13

server aggregation and Linux server cluster 1-15

small to medium-sized network 1-16

network design

performance 1-13

services 1-13

network management

CDP 20-1

RMON 24-1

SNMP 26-1

network performance, measuring with IP SLAs 27-2

network policy TLV 21-2, 21-6

Network Time Protocol

See NTP

no commands 2-4

nonhierarchical policy maps

described 28-9

nontrunking mode 12-15

normal-range VLANs 12-4

configuration guidelines 12-5

configuration modes 12-6

configuring 12-4

defined 12-1

note, described xxx

NSM 4-3

NTP

associations

authenticating 6-4

defined 6-2

enabling broadcast messages 6-6

peer 6-5

server 6-5

default configuration 6-4

displaying the configuration 6-11

overview 6-2

restricting access

creating an access group 6-8

disabling NTP services per interface 6-10

source IP address, configuring 6-10

stratum 6-2

support for 1-4

synchronizing devices 6-5

time

services 6-2

synchronizing 6-2

O

optimizing system resources 7-1

options, management 1-3

out-of-profile markdown 1-9

P

packet modification, with QoS 28-18

PAgP

See EtherChannel

passwords

default configuration 8-2

disabling recovery of 8-5

encrypting 8-3

for security 1-7

in clusters 5-13

overview 8-1

recovery of 32-3

setting

enable 8-3

enable secret 8-3

Telnet 8-6

with usernames 8-6

VTP domain 13-8

path cost

MSTP 16-20

STP 15-18

PC (passive command switch) 5-9

performance, network design 1-13

performance features 1-2

persistent self-signed certificate 8-38

per-VLAN spanning-tree plus

See PVST+

physical ports 10-2

PIM-DVMRP, as snooping method 18-8

ping

character output description 32-13

executing 32-13

overview 32-13

policed-DSCP map for QoS 28-54

policers

configuring

for each matched traffic class 28-46

for more than one traffic class 28-49

described 28-4

displaying 28-69

number of 28-32

types of 28-9

policing

described 28-4

token-bucket algorithm 28-9

policy maps for QoS

characteristics of 28-46

described 28-7

displaying 28-70

nonhierarchical on physical ports

described 28-9

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-8

authentication server

defined 9-2

RADIUS server 9-2

client, defined 9-2

configuration guidelines 9-20

configuring

802.1x authentication 9-22

guest VLAN 9-30

host mode 9-25

inaccessible authentication bypass 9-33

manual re-authentication of a client 9-26

periodic re-authentication 9-25

quiet period 9-26

RADIUS server 9-25

RADIUS server parameters on the switch 9-24

restricted VLAN 9-31

switch-to-client frame-retransmission number 9-28

switch-to-client retransmission time 9-27

default configuration 9-19

described 9-1

device roles 9-2

displaying statistics 9-41

EAPOL-start frame 9-5

EAP-request/identity frame 9-5

EAP-response/identity frame 9-5

encapsulation 9-3

guest VLAN

configuration guidelines 9-11, 9-12

described 9-11

host mode 9-7

inaccessible authentication bypass

configuring 9-33

described 9-13

guidelines 9-21

initiation and message exchange 9-5

magic packet 9-15

method lists 9-22

multiple-hosts mode, described 9-8

ports

authorization state and dot1x port-control command 9-7

authorized and unauthorized 9-7

critical 9-13

voice VLAN 9-14

port security

and voice VLAN 9-15

described 9-14

interactions 9-15

multiple-hosts mode 9-8

resetting to default values 9-41

statistics, displaying 9-41

switch

as proxy 9-3

RADIUS client 9-3

upgrading from a previous release 9-22

VLAN assignment

AAA authorization 9-22

characteristics 9-10

configuration tasks 9-10

described 9-9

voice VLAN

described 9-14

PVID 9-14

VVID 9-14

wake-on-LAN, described 9-15

port blocking 1-3, 19-7

port-channel

See EtherChannel

port description TLV 21-2

Port Fast

described 17-2

enabling 17-10

mode, spanning tree 12-25

support for 1-6

port membership modes, VLAN 12-3

port priority

MSTP 16-19

STP 15-16

ports

access 10-2

blocking 19-7

dual-purpose uplink 10-4

dynamic access 12-3

protected 19-5

secure 19-8

static-access 12-3, 12-10

switch 10-2

trunks 12-3, 12-14

VLAN assignments 12-10

port security

aging 19-16

and QoS trusted boundary 28-36

configuring 19-11

default configuration 19-10

described 19-8

displaying 19-18

on trunk ports 19-13

sticky learning 19-9

violations 19-9

with other features 19-10

port-shutdown response, VMPS 12-24

port VLAN ID TLV 21-2

power management TLV 21-2, 21-6

preferential treatment of traffic

See QoS

preventing unauthorized access 8-1

priority

overriding CoS 14-6

trusting CoS 14-6

private VLAN edge ports

See protected ports

privileged EXEC mode 2-2

privilege levels

changing the default for lines 8-9

command switch 5-15

exiting 8-9

logging into 8-9

mapping on member switches 5-15

overview 8-2, 8-7

setting a command with 8-8

protected ports 1-7, 19-5

pruning, VTP

disabling

in VTP domain 13-14

on a port 12-19

enabling

in VTP domain 13-14

on a port 12-19

examples 13-5

overview 13-4

pruning-eligible list

changing 12-19

for VTP pruning 13-4

VLANs 13-14

PVST+

described 15-9

IEEE 802.1Q trunking interoperability 15-10

instances supported 15-9

Q

QoS

and MQC commands 28-1

auto-QoS

categorizing traffic 28-20

configuration and defaults display 28-29

configuration guidelines 28-25

described 28-19

disabling 28-26

displaying generated commands 28-26

displaying the initial configuration 28-29

effects on running configuration 28-24

egress queue defaults 28-20

enabling for VoIP 28-25

example configuration 28-27

ingress queue defaults 28-20

list of generated commands 28-21

basic model 28-4

classification

class maps, described 28-7

defined 28-4

DSCP transparency, described 28-38

flowchart 28-6

forwarding treatment 28-3

in frames and packets 28-3

IP ACLs, described 28-5, 28-7

MAC ACLs, described 28-5, 28-7

options for IP traffic 28-5

options for non-IP traffic 28-5

policy maps, described 28-7

trust DSCP, described 28-5

trusted CoS, described 28-5

trust IP precedence, described 28-5

QoS

class maps

configuring 28-44

displaying 28-69

configuration guidelines

auto-QoS 28-25

standard QoS 28-32

configuring

aggregate policers 28-49

auto-QoS 28-19

default port CoS value 28-36

DSCP maps 28-51

DSCP transparency 28-38

DSCP trust states bordering another domain 28-38

egress queue characteristics 28-62

ingress queue characteristics 28-57

IP extended ACLs 28-42

IP standard ACLs 28-41

MAC ACLs 28-43

port trust states within the domain 28-34

trusted boundary 28-36

default auto configuration 28-20

default standard configuration 28-30

displaying statistics 28-69

DSCP transparency 28-38

egress queues

allocating buffer space 28-62

buffer allocation scheme, described 28-17

configuring shaped weights for SRR 28-66

configuring shared weights for SRR 28-67

described 28-4

displaying the threshold map 28-65

flowchart 28-16

mapping DSCP or CoS values 28-65

scheduling, described 28-4

setting WTD thresholds 28-62

WTD, described 28-18

enabling globally 28-33

QoS

flowcharts

classification 28-6

egress queueing and scheduling 28-16

ingress queueing and scheduling 28-14

policing and marking 28-10

implicit deny 28-7

ingress queues

allocating bandwidth 28-60

allocating buffer space 28-59

buffer and bandwidth allocation, described 28-15

configuring shared weights for SRR 28-60

configuring the priority queue 28-61

described 28-4

displaying the threshold map 28-59

flowchart 28-14

mapping DSCP or CoS values 28-58

priority queue, described 28-15

scheduling, described 28-4

setting WTD thresholds 28-58

WTD, described 28-15

IP phones

automatic classification and queueing 28-19

detection and trusted settings 28-19, 28-36

limiting bandwidth on egress interface 28-68

mapping tables

CoS-to-DSCP 28-52

displaying 28-69

DSCP-to-CoS 28-55

DSCP-to-DSCP-mutation 28-56

IP-precedence-to-DSCP 28-53

policed-DSCP 28-54

types of 28-11

marked-down actions 28-48

marking, described 28-4, 28-8

overview 28-1

packet modification 28-18

QoS

policers

configuring 28-48, 28-50

described 28-8

displaying 28-69

number of 28-32

types of 28-9

policies, attaching to an interface 28-8

policing

described 28-4, 28-8

token bucket algorithm 28-9

policy maps

characteristics of 28-46

displaying 28-70

nonhierarchical on physical ports 28-46

QoS label, defined 28-4

queues

configuring egress characteristics 28-62

configuring ingress characteristics 28-57

high priority (expedite) 28-18, 28-68

location of 28-12

SRR, described 28-13

WTD, described 28-12

rewrites 28-18

support for 1-9

trust states

bordering another domain 28-38

described 28-5

trusted device 28-36

within the domain 28-34

quality of service

See QoS

queries, IGMP 18-4

query solicitation, IGMP 18-12

R

RADIUS

attributes

vendor-proprietary 8-31

vendor-specific 8-29

configuring

accounting 8-28

authentication 8-23

authorization 8-27

communication, global 8-21, 8-29

communication, per-server 8-20, 8-21

multiple UDP ports 8-20

default configuration 8-20

defining AAA server groups 8-25

displaying the configuration 8-31

identifying the server 8-20

in clusters 5-14

limiting the services to the user 8-27

method list, defined 8-19

operation of 8-19

overview 8-18

suggested network environments 8-18

support for 1-8

tracking services accessed by user 8-28

range

macro 10-7

of interfaces 10-6

rapid convergence 16-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 15-9

IEEE 802.1Q trunking interoperability 15-10

instances supported 15-9

Rapid Spanning Tree Protocol

See RSTP

rcommand command 5-14

RCP

configuration files

downloading B-17

overview B-15

preparing the server B-16

uploading B-18

image files

deleting old image B-36

downloading B-35

preparing the server B-33

uploading B-37

reconfirmation interval, VMPS, changing 12-27

reconfirming dynamic VLAN membership 12-27

recovery procedures 32-1

redundancy

EtherChannel 31-3

STP

backbone 15-8

path cost 12-22

port priority 12-20

redundant links and UplinkFast 17-13

reloading software 3-16

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 23-2

report suppression, IGMP

described 18-6

disabling 18-15, 30-11

requirements

cluster xxxi

device manager xxx

Network Assistant xxx

resetting a UDLD-shutdown interface 22-6

responder, IP SLAs

described 27-3

enabling 27-6

response time, measuring with IP SLAs 27-4

restricted VLAN

configuring 9-31

described 9-12

using with IEEE 802.1x 9-12

restricting access

NTP services 6-8

overview 8-1

passwords and privilege levels 8-2

RADIUS 8-17

TACACS+ 8-10

retry count, VMPS, changing 12-28

RFC

1112, IP multicast and IGMP 18-2

1157, SNMPv1 26-2

1305, NTP 6-2

1757, RMON 24-2

1901, SNMPv2C 26-2

1902 to 1907, SNMPv2 26-2

2236, IP multicast and IGMP 18-2

2273-2275, SNMPv3 26-2

RMON

default configuration 24-3

displaying status 24-6

enabling alarms and events 24-3

groups supported 24-2

overview 24-1

statistics

collecting group Ethernet 24-5

collecting group history 24-5

support for 1-10

root guard

described 17-8

enabling 17-15

support for 1-6

root switch

MSTP 16-17

STP 15-14

RSPAN

characteristics 23-7

configuration guidelines 23-16

default configuration 23-9

defined 23-2

destination ports 23-6

displaying status 23-22

interaction with other features 23-8

monitored ports 23-5

monitoring ports 23-6

overview 1-10, 23-1

received traffic 23-4

sessions

creating 23-16

defined 23-3

limiting source traffic to specific VLANs 23-21

specifying monitored ports 23-16

with ingress traffic enabled 23-20

source ports 23-5

transmitted traffic 23-5

VLAN-based 23-6

RSTP

active topology 16-9

BPDU

format 16-12

processing 16-13

designated port, defined 16-9

designated switch, defined 16-9

interoperability with IEEE 802.1D

described 16-8

restarting migration process 16-25

topology changes 16-13

overview 16-8

port roles

described 16-9

synchronized 16-11

proposal-agreement handshake process 16-10

rapid convergence

described 16-10

edge ports and Port Fast 16-10

point-to-point links 16-10, 16-24

root ports 16-10

root port, defined 16-9

See also MSTP

running configuration

replacing B-19, B-20

rolling back B-19, B-20

running configuration, saving 3-10

S

SC (standby command switch) 5-9

scheduled reloads 3-16

SDM

described 7-1

templates

configuring 7-2

number of 7-1

SDM template

configuration guidelines 7-2

configuring 7-2

types of 7-1

secure HTTP client

configuring 8-43

displaying 8-43

secure HTTP server

configuring 8-41

displaying 8-43

secure MAC addresses

deleting 19-15

maximum number of 19-9

types of 19-8

secure ports, configuring 19-8

secure remote connections 8-33

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 19-8

security features 1-7

sequence numbers in log messages 25-8

server mode, VTP 13-3

service-provider network, MSTP and RSTP 16-1

set-request operation 26-5

setup program

failed command switch replacement 32-10

replacing failed command switch 32-8

severity levels, defining in system messages 25-8

SFPs

monitoring status of 10-18, 32-12

security and identification 32-12

status, displaying 32-12

shaped round robin

See SRR

show and more command output, filtering 2-10

show cdp traffic command 20-5

show cluster members command 5-14

show configuration command 10-16

show forward command 32-20

show interfaces command 10-13, 10-16

show lldp traffic command 21-8

show platform forward command 32-20

show running-config command

interface description in 10-16

shutdown command on interfaces 10-19

Simple Network Management Protocol

See SNMP

Smartports macros

applying Cisco-default macros 11-6

applying global parameter values 11-5, 11-6

applying macros 11-5

applying parameter values 11-5, 11-7

configuration guidelines 11-2

creating 11-4

default configuration 11-2

defined 11-1

displaying 11-8

tracing 11-3

website 11-2

SNAP 20-1

SNMP

accessing MIB variables with 26-4

agent

described 26-4

disabling 26-8

and IP SLAs 27-2

authentication level 26-11

community strings

configuring 26-8

for cluster switches 26-4

overview 26-4

configuration examples 26-17

default configuration 26-7

engine ID 26-7

groups 26-7, 26-10

host 26-7

ifIndex values 26-6

in-band management 1-5

in clusters 5-13

informs

and trap keyword 26-12

described 26-5

differences from traps 26-5

disabling 26-15

enabling 26-15

limiting access by TFTP servers 26-16

limiting system log messages to NMS 25-10

manager functions 1-4, 26-3

managing clusters with 5-15

MIBs

location of A-3

supported A-1

notifications 26-5

overview 26-1, 26-4

security levels 26-3

status, displaying 26-18

system contact and location 26-15

trap manager, configuring 26-14

traps

described 26-3, 26-5

differences from informs 26-5

disabling 26-15

enabling 26-12

enabling MAC address notification 6-22

overview 26-1, 26-5

types of 26-12

users 26-7, 26-10

versions supported 26-2

SNMPv1 26-2

SNMPv2C 26-2

SNMPv3 26-2

snooping, IGMP 18-1

software images

location in flash B-24

recovery procedures 32-2

scheduling reloads 3-16

tar file format, described B-24

See also downloading and uploading

source-and-destination-IP address based forwarding, EtherChannel 31-7

source-and-destination MAC address forwarding, EtherChannel 31-6

source-IP address based forwarding, EtherChannel 31-7

source-MAC address forwarding, EtherChannel 31-6

SPAN

configuration guidelines 23-10

default configuration 23-9

destination ports 23-6

displaying status 23-22

interaction with other features 23-8

monitored ports 23-5

monitoring ports 23-6

overview 1-10, 23-1

ports, restrictions 19-11

received traffic 23-4

sessions

configuring ingress forwarding 23-14, 23-21

creating 23-10

defined 23-3

limiting source traffic to specific VLANs 23-14

removing destination (monitoring) ports 23-12

specifying monitored ports 23-10

with ingress traffic enabled 23-13

source ports 23-5

transmitted traffic 23-5

VLAN-based 23-6

spanning tree and native VLANs 12-15

Spanning Tree Protocol

See STP

SPAN traffic 23-4

SRR

configuring

shaped weights on egress queues 28-66

shared weights on egress queues 28-67

shared weights on ingress queues 28-60

described 28-13

shaped mode 28-13

shared mode 28-13

support for 1-9

SSH

configuring 8-34

cryptographic software image 8-33

described 1-5, 8-33

encryption methods 8-34

user authentication methods, supported 8-34

SSL

configuration guidelines 8-40

configuring a secure HTTP client 8-43

configuring a secure HTTP server 8-41

cryptographic software image 8-37

described 8-37

monitoring 8-43

standby command switch

configuring

considerations 5-10

defined 5-2

priority 5-9

requirements 5-3

virtual IP address 5-10

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

startup configuration

booting

manually 3-13

specific image 3-14

clearing B-19

configuration file

automatically downloading 3-12

specifying the filename 3-12

default boot configuration 3-12

stateless autoconfiguration 29-4

static access ports

assigning to VLAN 12-10

defined 10-3, 12-3

static addresses

See addresses

static MAC addressing 1-7

static routes

configuring for IPv6 29-9

static VLAN membership 12-2

statistics

802.1x 9-41

CDP 20-4

interface 10-18

LLDP 21-7

LLDP-MED 21-7

QoS ingress and egress 28-69

RMON group Ethernet 24-5

RMON group history 24-5

SNMP input and output 26-18

VTP 13-16

sticky learning 19-9

storm control

configuring 19-3

described 19-1

disabling 19-5

displaying 19-18

support for 1-3

thresholds 19-1

STP

accelerating root port selection 17-4

BackboneFast

described 17-5

disabling 17-14

enabling 17-13

BPDU filtering

described 17-3

disabling 17-12

enabling 17-12

BPDU guard

described 17-2

disabling 17-12

enabling 17-11

BPDU message exchange 15-3

configuration guidelines 15-12, 17-10

STP

configuring

forward-delay time 15-21

hello time 15-20

maximum aging time 15-21

path cost 15-18

port priority 15-16

root switch 15-14

secondary root switch 15-16

spanning-tree mode 15-13

switch priority 15-19

transmit hold-count 15-22

counters, clearing 15-22

default configuration 15-11

default optional feature configuration 17-9

designated port, defined 15-3

designated switch, defined 15-3

detecting indirect link failures 17-5

disabling 15-14

displaying status 15-22

EtherChannel guard

described 17-7

disabling 17-14

enabling 17-14

extended system ID

effects on root switch 15-14

effects on the secondary root switch 15-16

overview 15-4

unexpected behavior 15-14

features supported 1-6

IEEE 802.1D and bridge ID 15-4

IEEE 802.1D and multicast addresses 15-8

IEEE 802.1t and VLAN identifier 15-4

inferior BPDU 15-3

instances supported 15-9

interface state, blocking to forwarding 17-2

STP

interface states

blocking 15-6

disabled 15-7

forwarding 15-5, 15-6

learning 15-6

listening 15-6

overview 15-4

interoperability and compatibility among modes 15-10

limitations with IEEE 802.1Q trunks 15-10

load sharing

overview 12-20

using path costs 12-22

using port priorities 12-20

loop guard

described 17-9

enabling 17-15

modes supported 15-9

multicast addresses, effect of 15-8

optional features supported 1-6

overview 15-2

path costs 12-22

Port Fast

described 17-2

enabling 17-10

port priorities 12-21

preventing root switch selection 17-8

protocols supported 15-9

redundant connectivity 15-8

root guard

described 17-8

enabling 17-15

root port, defined 15-3

root switch

configuring 15-14

effects of extended system ID 15-4, 15-14

election 15-3

unexpected behavior 15-14

STP

shutdown Port Fast-enabled port 17-2

status, displaying 15-22

superior BPDU 15-3

timers, described 15-20

UplinkFast

described 17-3

enabling 17-13

stratum, NTP 6-2

success response, VMPS 12-24

summer time 6-13

SunNet Manager 1-4

switch clustering technology 5-1

See also clusters, switch

switch console port 1-5

Switch Database Management

See SDM

Switched Port Analyzer

See SPAN

switched ports 10-2

switchport block multicast command 19-7

switchport block unicast command 19-7

switchport protected command 19-6

switch priority

MSTP 16-21

STP 15-19

switch software features 1-1

syslog

See system message logging

system capabilities TLV 21-2

system clock

configuring

daylight saving time 6-13

manually 6-11

summer time 6-13

time zones 6-12

displaying the time and date 6-12

overview 6-1

See also NTP

system description TLV 21-2

system message logging

default configuration 25-3

defining error message severity levels 25-8

disabling 25-4

displaying the configuration 25-13

enabling 25-4

facility keywords, described 25-13

level keywords, described 25-9

limiting messages 25-10

message format 25-2

overview 25-1

sequence numbers, enabling and disabling 25-8

setting the display destination device 25-5

synchronizing log messages 25-6

syslog facility 1-10

time stamps, enabling and disabling 25-7

UNIX syslog servers

configuring the daemon 25-12

configuring the logging facility 25-12

facilities supported 25-13

system name

default configuration 6-15

default setting 6-15

manual configuration 6-15

See also DNS

system name TLV 21-2

system prompt, default setting 6-14, 6-15

system resources, optimizing 7-1

T

TACACS+

accounting, defined 8-11

authentication, defined 8-11

authorization, defined 8-11

configuring

accounting 8-17

authentication key 8-13

authorization 8-16

login authentication 8-14

default configuration 8-13

displaying the configuration 8-17

identifying the server 8-13

in clusters 5-14

limiting the services to the user 8-16

operation of 8-12

overview 8-10

support for 1-8

tracking services accessed by user 8-17

tar files

creating B-6

displaying the contents of B-7

extracting B-7

image file format B-24

TDR 1-10

Telnet

accessing management interfaces 2-10

number of connections 1-5

setting a password 8-6

templates, SDM 7-1

temporary self-signed certificate 8-38

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 8-6

TFTP

configuration files

downloading B-11

preparing the server B-10

uploading B-12

configuration files in base directory 3-6

configuring for autoconfiguration 3-6

image files

deleting B-28

downloading B-27

preparing the server B-26

uploading B-28

limiting access by servers 26-16

TFTP server 1-4

threshold, traffic level 19-2

time

See NTP and system clock

Time Domain Reflector

See TDR

time stamps in log messages 25-7

time zones 6-12

TLVs

defined 21-2

LLDP 21-2

LLDP-MED 21-2

Token Ring VLANs

support for 12-5

VTP support 13-4

ToS 1-9

traceroute, Layer 2

and ARP 32-15

and CDP 32-14

broadcast traffic 32-14

described 32-14

IP addresses and subnets 32-15

MAC addresses and VLANs 32-15

multicast traffic 32-15

multiple devices on a port 32-15

unicast traffic 32-14

usage guidelines 32-14

traceroute command 32-16

See also IP traceroute

traffic

blocking flooded 19-7

traffic policing 1-9

traffic suppression 19-1

transmit hold-count

see STP

transparent mode, VTP 13-3, 13-12

trap-door mechanism 3-2

traps

configuring MAC address notification 6-22

configuring managers 26-12

defined 26-3

enabling 6-22, 26-12

notification types 26-12

overview 26-1, 26-5

troubleshooting

connectivity problems 32-12, 32-14, 32-15

detecting unidirectional links 22-1

displaying crash information 32-21

setting packet forwarding 32-20

SFP security and identification 32-12

show forward command 32-20

with CiscoWorks 26-4

with debug commands 32-18

with ping 32-13

with system message logging 25-1

with traceroute 32-15

trunk failover

See link-state tracking

trunking encapsulation 1-7

trunk ports

configuring 12-17

defined 10-3, 12-3

trunks

allowed-VLAN list 12-18

load sharing

setting STP path costs 12-22

using STP port priorities 12-20, 12-21

native VLAN for untagged traffic 12-19

parallel 12-22

pruning-eligible list 12-19

to non-DTP device 12-14

trusted boundary for QoS 28-36

trusted port states

between QoS domains 28-38

classification options 28-5

ensuring port security for IP phones 28-36

support for 1-9

within a QoS domain 28-34

trustpoints, CA 8-38

twisted-pair Ethernet, detecting unidirectional links 22-1

type of service

See ToS

U

UDLD

configuration guidelines 22-4

default configuration 22-4

disabling

globally 22-5

on fiber-optic interfaces 22-5

per interface 22-5

echoing detection mechanism 22-2

enabling

globally 22-5

per interface 22-5

link-detection mechanism 22-1

neighbor database 22-2

overview 22-1

resetting an interface 22-6

status, displaying 22-6

support for 1-6

unauthorized ports with IEEE 802.1x 9-7

unicast MAC address filtering 1-4

and adding static addresses 6-25

and broadcast MAC addresses 6-25

and CPU packets 6-25

and multicast addresses 6-25

and router MAC addresses 6-25

configuration guidelines 6-25

described 6-25

unicast storm 19-1

unicast storm control command 19-4

unicast traffic, blocking 19-7

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 25-12

facilities supported 25-13

message logging configuration 25-12

unrecognized Type-Length-Value (TLV) support 13-4

upgrading a Catalyst 2950 switch

configuration compatibility issues C-1

differences in configuration commands C-1

feature behavior incompatibilities C-5

incompatible command messages C-1

recommendations C-1

upgrading information

See release notes

upgrading software images

See downloading

UplinkFast

described 17-3

disabling 17-13

enabling 17-13

support for 1-6

uploading

configuration files

preparing B-10, B-13, B-16

reasons for B-9

using FTP B-14

using RCP B-18

using TFTP B-12

image files

preparing B-26, B-29, B-33

reasons for B-23

using FTP B-32

using RCP B-37

using TFTP B-28

user EXEC mode 2-2

username-based authentication 8-6

V

version-dependent transparent mode 13-4

virtual IP address

cluster standby group 5-10

command switch 5-10

vlan.dat file 12-4

VLAN 1, disabling on a trunk port 12-18

VLAN 1 minimization 12-18

vlan-assignment response, VMPS 12-24

VLAN configuration

at bootup 12-7

saving 12-7

VLAN configuration mode 2-2, 12-6

VLAN database

and startup configuration file 12-7

and VTP 13-1

VLAN configuration saved in 12-6

VLANs saved in 12-4

vlan database command 12-6

VLAN filtering and SPAN 23-6

vlan global configuration command 12-6

VLAN ID, discovering 6-26

VLAN management domain 13-2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming 12-27

modes 12-3

VLAN Query Protocol

See VQP

VLANs

adding 12-8

adding to VLAN database 12-8

aging dynamic addresses 15-9

allowed on trunk 12-18

and spanning-tree instances 12-2, 12-6, 12-12

configuration guidelines, extended-range VLANs 12-12

configuration guidelines, normal-range VLANs 12-5

configuration options 12-6

configuring 12-1

configuring IDs 1006 to 4094 12-12

creating in config-vlan mode 12-8

creating in VLAN configuration mode 12-9

default configuration 12-7

deleting 12-9

described 10-2, 12-1

displaying 12-13

extended-range 12-1, 12-11

features 1-7

illustrated 12-2

limiting source traffic with RSPAN 23-21

limiting source traffic with SPAN 23-14

modifying 12-8

multicast 18-17

native, configuring 12-19

normal-range 12-1, 12-4

number supported 1-7

parameters 12-4

port membership modes 12-3

static-access ports 12-10

STP and IEEE 802.1Q trunks 15-10

supported 12-2

Token Ring 12-5

traffic between 12-2

VTP modes 13-3

VLAN Trunking Protocol

See VTP

VLAN trunks 12-14

VMPS

administering 12-28

configuration example 12-29

configuration guidelines 12-25

default configuration 12-25

description 12-23

dynamic port membership

described 12-24

reconfirming 12-27

troubleshooting 12-29

entering server address 12-26

mapping MAC addresses to VLANs 12-24

monitoring 12-28

reconfirmation interval, changing 12-27

reconfirming membership 12-27

retry count, changing 12-28

voice-over-IP 14-1

voice VLAN

Cisco 7960 phone, port connections 14-1

configuration guidelines 14-3

configuring IP phones for data traffic

override CoS of incoming frame 14-6

trust CoS priority of incoming frame 14-6

configuring ports for voice traffic in

802.1p priority tagged frames 14-5

802.1Q frames 14-4

connecting to an IP phone 14-4

default configuration 14-3

described 14-1

displaying 14-6

IP phone data traffic, described 14-2

IP phone voice traffic, described 14-2

VQP 1-7, 12-23

VTP

adding a client to a domain 13-14

advertisements 12-16, 13-3

and extended-range VLANs 13-1

and normal-range VLANs 13-1

client mode, configuring 13-11

configuration

global configuration mode 13-7

guidelines 13-8

privileged EXEC mode 13-7

requirements 13-9

saving 13-7

VLAN configuration mode 13-7

configuration mode options 13-7

configuration requirements 13-9

configuration revision number

guideline 13-14

resetting 13-15

configuring

client mode 13-11

server mode 13-9

transparent mode 13-12

consistency checks 13-4

default configuration 13-6

described 13-1

disabling 13-12

domain names 13-8

domains 13-2

modes

client 13-3, 13-11

server 13-3, 13-9

transitions 13-3

transparent 13-3, 13-12

monitoring 13-16

passwords 13-8

VTP

pruning

disabling 13-14

enabling 13-14

examples 13-5

overview 13-4

support for 1-7

pruning-eligible list, changing 12-19

server mode, configuring 13-9

statistics 13-16

support for 1-7

Token Ring support 13-4

transparent mode, configuring 13-12

using 13-1

version, guidelines 13-8

Version 1 13-4

Version 2

configuration guidelines 13-8

disabling 13-13

enabling 13-13

overview 13-4

W

web authentication

configuring9-38to 9-40

described 1-7, 9-17

fallback for IEEE 802.1x 9-39

weighted tail drop

See WTD

wizards 1-2

WTD

described 28-12

setting thresholds

egress queue-sets 28-62

ingress queues 28-58

support for 1-9

X

Xmodem protocol 32-2