Catalyst 2960 Switch Software Configuration Guide, Rel. 12.2(50)SE
Index
Downloads: This chapterpdf (PDF - 1.35MB) The complete bookPDF (PDF - 14.58MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

abbreviating commands 4

AC (command switch) 9

access-class command 34

access control entries

See ACEs

access-denied response, VMPS 24

access groups, applying IPv4 ACLs to interfaces 35

accessing

clusters, switch 12

command switches 10

member switches 12

switch clusters 12

access lists

See ACLs

access ports

in switch clusters 8

access ports, defined 2

accounting

with 802.1x 46

with IEEE 802.1x 13

with RADIUS 28

with TACACS+ 11, 17

ACEs

and QoS 7

defined 20

Ethernet 20

IP 20

ACLs

ACEs 20

any keyword 27

ACLs (continued)

applying

time ranges to 32

to an interface 34

to QoS 7

classifying traffic for QoS 41

comments in 33

compiling 36

defined 19, 23

examples of 36, 41

extended IP, configuring for QoS classification 42

extended IPv4

creating 26

matching criteria 23

hardware and software handling 35

host keyword 28

IP

creating 23

fragments and QoS guidelines 32

implicit deny 25, 29, 31

implicit masks 25

matching criteria 23

undefined 35

IPv4

applying to interfaces 34

creating 23

matching criteria 23

named 30

numbers 24

terminal lines, setting on 34

unsupported features 22

MAC extended 38, 43

matching 23, 35

ACLs (continued)

monitoring 41

named, IPv4 30

number per QoS class map 32

QoS 7, 41

resequencing entries 30

standard IP, configuring for QoS classification 41

standard IPv4

creating 25

matching criteria 23

support for 9

support in hardware 35

time ranges 32

unsupported features, IPv4 22

active link 4, 5, 6

active links 2

active traffic monitoring, IP SLAs 1

address aliasing 2

addresses

displaying the MAC address table 27

dynamic

accelerated aging 8

changing the aging time 21

default aging 8

defined 19

learning 20

removing 21

IPv6 2

MAC, discovering 27

multicast, STP address management 8

static

adding and removing 24

defined 19

address resolution 27

Address Resolution Protocol

See ARP

advertisements

CDP 1

LLDP 1, 2

VTP 16, 3

aggregatable global unicast addresses 3

aggregated ports

See EtherChannel

aggregate policers 49

aggregate policing 11

aging, accelerating 8

aging time

accelerated

for MSTP 23

for STP 8, 21

MAC address table 21

maximum

for MSTP 23, 24

for STP 21, 22

alarms, RMON 3

allowed-VLAN list 18

ARP

defined 5, 27

table

address resolution 27

managing 27

attributes, RADIUS

vendor-proprietary 31

vendor-specific 29

attribute-value pairs 12, 14, 17, 18, 27

authentication

local mode with AAA 32

NTP associations 4

open1x 25

RADIUS

key 21

login 23

authentication (continued)

TACACS+

defined 11

key 13

login 14

See also port-based authentication

authentication compatibility with Catalyst 6000 switches 9

authentication failed VLAN

See restricted VLAN

authentication manager

CLI commands 9

compatibility with older 802.1x CLI commands9to 10

overview 8

authoritative time source, described 2

authorization

with RADIUS 27

with TACACS+ 11, 16

authorized ports with IEEE 802.1x 10

autoconfiguration 3

auto enablement 26

automatic discovery

considerations

beyond a noncandidate device 7

brand new switches 8

connectivity 4

different VLANs 6

management VLANs 7

non-CDP-capable devices 6

noncluster-capable devices 6

in switch clusters 4

See also CDP

automatic QoS

See QoS

automatic recovery, clusters 9

See also HSRP

auto-MDIX

configuring 20

described 20

autonegotiation

duplex mode 3

interface configuration guidelines 17

mismatches 11

autosensing, port speed 3

Auto Smartports macros

built-in macros 2, 4

configuration guidelines 3

default configuration 2

defined 1

displaying 14

enabling 3

event triggers 6

IOS shell 1, 9

mapping 4

user-defined macros 9

See also Smartports macros

auxiliary VLAN

See voice VLAN

availability, features 6

B

BackboneFast

described 5

disabling 14

enabling 13

support for 7

backup interfaces

See Flex Links

backup links 2

banners

configuring

login 18

message-of-the-day login 18

banners (continued)

default configuration 17

when displayed 17

Berkeley r-tools replacement 44

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 5

IP source guard 12

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 7

booting

boot loader, function of 2

boot process 1

manually 17

specific image 18

boot loader

accessing 18

described 2

environment variables 18

prompt 18

trap-door mechanism 2

BPDU

error-disabled state 2

filtering 3

RSTP format 12

BPDU filtering

described 3

disabling 12

enabling 12

support for 7

BPDU guard

described 2

disabling 12

enabling 11

support for 7

bridge protocol data unit

See BPDU

broadcast storm-control command 4

broadcast storms 1

C

cables, monitoring for unidirectional links 1

candidate switch

automatic discovery 4

defined 3

requirements 3

See also command switch, cluster standby group, and member switch

Catalyst 6000 switches

authentication compatibility 9

CA trustpoint

configuring 40

defined 38

CDP

and trusted boundary 36

automatic discovery in switch clusters 4

configuring 2

default configuration 2

defined with LLDP 1

described 1

disabling for routing device3to 4

enabling and disabling

on an interface 4

on a switch 3

monitoring 4

overview 1

power negotiation extensions 4

support for 5

transmission timer and holdtime, setting 2

updates 2

CGMP

as IGMP snooping learning method 8

joining multicast group 3

CipherSuites 39

Cisco 7960 IP Phone 1

Cisco Discovery Protocol

See CDP

Cisco intelligent power management 4

Cisco IOS File System

See IFS

Cisco IOS IP Service Level Agreements (SLAs) responder 4

Cisco IOS IP SLAs 1

Cisco Secure ACS

attribute-value pairs for downloadable ACLs 18

attribute-value pairs for redirect URL 17

Cisco Secure ACS configuration guide 58

CiscoWorks 2000 4

CISP 26

CIST regional root

See MSTP

CIST root

See MSTP

civic location 3

class maps for QoS

configuring 44

described 7

displaying 69

class of service

See CoS

clearing interfaces 27

CLI

abbreviating commands 4

command modes 1

configuration logging 5

described 4

editing features

enabling and disabling 7

keystroke editing 7

wrapped lines 9

error messages 5

filtering command output 10

CLI (continued)

getting help 3

history

changing the buffer size 6

described 6

disabling 7

recalling commands 6

managing clusters 14

no and default forms of commands 4

Client Information Signalling Protocol

See CISP

client mode, VTP 3

clock

See system clock

clusters, switch

accessing 12

automatic discovery 4

automatic recovery 9

benefits 2

compatibility 4

described 1

LRE profile considerations 13

managing

through CLI 14

through SNMP 14

planning 4

planning considerations

automatic discovery 4

automatic recovery 9

CLI 14

host names 12

IP addresses 12

LRE profiles 13

passwords 12

RADIUS 13

SNMP 13, 14

TACACS+ 13

clusters, switch (continued)

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

automatic recovery 11

considerations 10

defined 2

requirements 3

virtual IP address 10

See also HSRP

CNS 5

management functions 5

Coarse Wave Division Multiplexer

See CWDM SFPs

command-line interface

See CLI

command modes 1

commands

abbreviating 4

no and default 4

commands, setting privilege levels 8

command switch

accessing 10

active (AC) 9

configuration conflicts 11

defined 2

passive (PC) 9

password privilege levels 14

priority 9

recovery

from command-switch failure 9, 7

from lost member connectivity 11

redundant 9

replacing

with another switch 9

with cluster member 8

requirements 3

standby (SC) 9

command switch (continued)

See also candidate switch, cluster standby group, member switch, and standby command switch

community strings

configuring 13, 8

for cluster switches 4

in clusters 13

overview 4

SNMP 13

compatibility, feature 12

config.text 16

configurable leave timer, IGMP 5

configuration, initial

defaults 13

Express Setup 2

configuration changes, logging 10

configuration conflicts, recovering from lost member connectivity 11

configuration examples, network 16

configuration files

archiving 19

clearing the startup configuration 19

creating using a text editor 10

default name 16

deleting a stored configuration 19

described 8

downloading

automatically 16

preparing 10, 13, 16

reasons for 8

using FTP 13

using RCP 17

using TFTP 11

guidelines for creating and using 9

guidelines for replacing and rolling back 21

invalid combinations when copying 5

limiting TFTP server access 16

obtaining with DHCP 8

password recovery disable considerations 5

configuration files (continued)

replacing a running configuration 19, 20

rolling back a running configuration 19, 20

specifying the filename 16

system contact and location information 16

types and location 10

uploading

preparing 10, 13, 16

reasons for 9

using FTP 14

using RCP 18

using TFTP 12

configuration logger 10

configuration logging 5

configuration replacement 19

configuration rollback 19

configuration settings, saving 14

configure terminal command 10

configuring port-based authentication violation modes37to 38

configuring small-frame arrival rate 5

config-vlan mode 2, 6

conflicts, configuration 11

connections, secure remote 33

connectivity problems 13, 14, 16

consistency checks in VTP Version 2 4

console port, connecting to 10

control protocol, IP SLAs 4

corrupted software, recovery steps with Xmodem 2

CoS

in Layer 2 frames 2

override priority 6

trust priority 6

CoS input queue threshold map for QoS 14

CoS output queue threshold map for QoS 17

CoS-to-DSCP map for QoS 52

counters, clearing interface 27

CPU utilization, troubleshooting 23

crashinfo file 22

critical authentication, IEEE 802.1x 50

cryptographic software image

SSH 33

SSL 37

CWDM SFPs 20

D

DACL

See downloadable ACL

daylight saving time 13

debugging

enabling all system diagnostics 19

enabling for a specific feature 19

redirecting error message output 20

using commands 18

default commands 4

default configuration

802.1x 32

auto-QoS 19

banners 17

booting 16

CDP 2

DHCP 7

DHCP option 82 7

DHCP snooping 7

DHCP snooping binding database 7

DNS 16

dynamic ARP inspection 5

EtherChannel 9

Ethernet interfaces 14

Flex Links 8

IGMP filtering 24

IGMP snooping 6, 5, 6

IGMP throttling 24

initial switch information 3

IP SLAs 5

IP source guard 13

IPv6 7

default configuration (continued)

Layer 2 interfaces 14

LLDP 4

MAC address table 20

MAC address-table move update 8

MSTP 14

MVR 19

NTP 4

optional spanning-tree configuration 9

password and privilege level 2

RADIUS 20

RMON 3

RSPAN 9

SDM template 2

SNMP 6

SPAN 9

SSL 40

standard QoS 29

STP 11

system message logging 3

system name and prompt 15

TACACS+ 13

UDLD 4

VLAN, Layer 2 Ethernet interfaces 16

VLANs 7

VMPS 25

voice VLAN 3

VTP 6

default gateway 14

default router preference

See DRP

deleting VLANs 10

denial-of-service attack 1

description command 24

designing your network, examples 16

destination addresses

in IPv4 ACLs 27

destination-IP address-based forwarding, EtherChannel 7

destination-MAC address forwarding, EtherChannel 7

detecting indirect link failures, STP 5

device 23

device discovery protocol 1

device manager

benefits 2

described 2, 4

in-band management 6

upgrading a switch 23

DHCP

Cisco IOS server database

configuring 10

enabling

relay agent 9

DHCP-based autoconfiguration

client request message exchange 4

configuring

client side 3

DNS 7

relay device 7

server side 6

TFTP server 7

example 9

lease options

for IP address information 6

for receiving the configuration file 6

overview 3

relationship to BOOTP 3

relay support 5

support for 5

DHCP-based autoconfiguration and image update

configuring11to 13

understanding4to 5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption 5

configuration guidelines 7

default configuration 7

displaying 12

overview 3

packet format, suboption

circuit ID 5

remote ID 5

remote ID suboption 5

DHCP server port-based address allocation

configuration guidelines 17

default configuration 16

described 16

displaying 19

enabling 17

DHCP server port-based address assignment

support for 5

DHCP snooping

accepting untrusted packets form edge switch 3, 9

binding database

See DHCP snooping binding database

configuration guidelines 7

default configuration 7

displaying binding tables 12

message exchange process 4

option 82 data insertion 3

trusted interface 2

untrusted interface 2

untrusted messages 2

DHCP snooping binding database

adding bindings 11

binding entries, displaying 12

binding file

format 6

location 5

bindings 5

clearing agent statistics 11

configuration guidelines 8

DHCP snooping binding database (continued)

configuring 11

default configuration 7

deleting

binding file 11

bindings 11

database agent 11

described 5

displaying 12

displaying status and statistics 12

enabling 11

entry 5

renewing database 11

resetting

delay value 11

timeout value 11

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS 2

Differentiated Services Code Point 2

directed unicast requests 5

directories

changing 4

creating and removing 4

displaying the working 4

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration 7

default configuration 16

displaying the configuration 17

in IPv6 3

overview 15

setting up 16

support for 5

domain names

DNS 15

VTP 8

Domain Name System

See DNS

downloadable ACL 17, 18, 58

downloading

configuration files

preparing 10, 13, 16

reasons for 8

using FTP 13

using RCP 17

using TFTP 11

image files

deleting old image 27

preparing 25, 29, 33

reasons for 23

using CMS 2

using FTP 30

using HTTP 2, 23

using RCP 34

using TFTP 26

using the device manager or Network Assistant 23

DRP

configuring 9

described 4

IPv6 4

support for 12

DSCP 11, 2

DSCP input queue threshold map for QoS 14

DSCP output queue threshold map for QoS 17

DSCP-to-CoS map for QoS 55

DSCP-to-DSCP-mutation map for QoS 56

DSCP transparency 37

DTP 8, 14

dual-action detection 5

dual IPv4 and IPv6 templates 5

dual protocol stacks

IPv4 and IPv6 5

SDM templates supporting 5

dual-purpose uplinks

defined 4

LEDs 4

link selection 4, 15

setting the type 15

dynamic access ports

characteristics 3

configuring 26

defined 3

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 1

ARP requests, described 1

ARP spoofing attack 1

clearing

log buffer 14

statistics 14

configuration guidelines 6

configuring

ACLs for non-DHCP environments 8

in DHCP environments 7

log buffer 12

rate limit for incoming ARP packets 4, 10

default configuration 5

denial-of-service attacks, preventing 10

described 1

DHCP snooping binding database 2

displaying

ARP ACLs 14

configuration and operating state 14

log buffer 14

statistics 14

trust state and rate limit 14

error-disabled state for exceeding rate limit 4

function of 2

interface trust states 3

dynamic ARP inspection (continued)

log buffer

clearing 14

configuring 12

displaying 14

logging of dropped packets, described 4

man-in-the middle attack, described 2

network security issues and interface trust states 3

priority of ARP ACLs and DHCP snooping entries 4

rate limiting of ARP packets

configuring 10

described 4

error-disabled state 4

statistics

clearing 14

displaying 14

validation checks, performing 11

dynamic auto trunking mode 15

dynamic desirable trunking mode 15

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 24

reconfirming 27

troubleshooting 29

types of connections 26

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling 7

keystrokes used 7

wrapped lines 9

ELIN location 3

enable password 3

enable secret password 3

encryption, CipherSuite 39

encryption for passwords 3

environment variables, function of 19

error-disabled state, BPDU 2

error messages during command entry 5

EtherChannel

automatic creation of 4, 5

channel groups

binding physical and logical interfaces 3

numbering of 3

configuration guidelines 9

configuring Layer 2 interfaces 10

default configuration 9

described 2

displaying status 17

forwarding methods 7, 13

IEEE 802.3ad, described 5

interaction

with STP 10

with VLANs 10

LACP

described 5

displaying status 17

hot-standby ports 15

interaction with other features 6

modes 6

port priority 16

system priority 16

load balancing 7, 13

PAgP

aggregate-port learners 14

compatibility with Catalyst 1900 14

described 4

displaying status 17

interaction with other features 5

interaction with virtual switches 5

learn method and priority configuration 14

modes 4

support for 3

with dual-action detection 5

EtherChannel (continued)

port-channel interfaces

described 3

numbering of 3

port groups 3

support for 3

EtherChannel guard

described 7

disabling 14

enabling 14

Ethernet VLANs

adding 8

defaults and ranges 7

modifying 8

EUI 3

events, RMON 3

examples

network configuration 16

expedite queue for QoS 68

Express Setup 2

See also getting started guide

extended crashinfo file 22

extended-range VLANs

configuration guidelines 12

configuring 11

creating 13

defined 1

extended system ID

MSTP 17

STP 4, 14

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 1

F

fa0 interface 6

Fast Convergence 3

features, incompatible 12

fiber-optic, detecting unidirectional links 1

files

basic crashinfo

description 22

location 22

copying 5

crashinfo, description 22

deleting 5

displaying the contents of 8

extended crashinfo

description 22

location 22

tar

creating 6

displaying the contents of 7

extracting 7

image file format 24

file system

displaying available file systems 2

displaying file information 3

local file system names 1

network file system names 5

setting the default 3

filtering

non-IP traffic 38

show and more command output 10

filtering show and more command output 10

filters, IP

See ACLs, IP

flash device, number of 1

flexible authentication ordering

configuring 60

overview 25

Flex Link Multicast Fast Convergence 3

Flex Links

configuration guidelines 8

configuring 9

configuring preferred VLAN 12

configuring VLAN load balancing 11

Flex Links (continued)

default configuration 8

description 2

link load balancing 2

monitoring 14

VLANs 2

flooded traffic, blocking 8

flow-based packet classification 11

flowcharts

QoS classification 6

QoS egress queueing and scheduling 16

QoS ingress queueing and scheduling 13

QoS policing and marking 10

flowcontrol

configuring 19

described 19

forward-delay time

MSTP 23

STP 21

FTP

accessing MIB files 3

configuration files

downloading 13

overview 12

preparing the server 13

uploading 14

image files

deleting old image 31

downloading 30

preparing the server 29

uploading 31

G

general query 5

Generating IGMP Reports 4

get-bulk-request operation 3

get-next-request operation 3, 4

get-request operation 3, 4

get-response operation 3

global configuration mode 2

global leave, IGMP 12

guest VLAN and 802.1x 18

guide mode 2

GUIs

See device manager and Network Assistant

H

hello time

MSTP 22

STP 20

help, for the command line 3

history

changing the buffer size 6

described 6

disabling 7

recalling commands 6

history table, level and number of syslog messages 10

host names, in clusters 12

hosts, limit on dynamic ports 29

HP OpenView 4

HSRP

automatic cluster recovery 11

cluster standby group considerations 10

See also clusters, cluster standby group, and standby command switch

HTTP over SSL

see HTTPS

HTTPS 38

configuring 41

self-signed certificate 38

HTTP secure server 38

I

ICMP

IPv6 3

time-exceeded messages 16

traceroute and 16

ICMP ping

executing 13

overview 13

ICMPv6 3

IDS appliances

and ingress RSPAN 20

and ingress SPAN 13

IEEE 802.1D

See STP

IEEE 802.1p 1

IEEE 802.1Q

and trunk ports 3

configuration limitations 15

encapsulation 14

native VLAN for untagged traffic 19

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3af

See PoE

IEEE 802.3x flow control 19

ifIndex values, SNMP 5

IFS 5

IGMP

configurable leave timer

described 5

enabling 10

IGMP (continued)

flooded multicast traffic

controlling the length of time 11

disabling on an interface 12

global leave 12

query solicitation 12

recovering from flood mode 12

joining multicast group 3

join messages 3

leave processing, enabling 10, 9

leaving multicast group 5

queries 4

report suppression

described 6

disabling 15, 11

supported versions 2

support for 3

IGMP filtering

configuring 24

default configuration 24

described 23

monitoring 28

support for 4

IGMP groups

configuring filtering 27

setting the maximum number 26

IGMP Immediate Leave

configuration guidelines 10

described 5

enabling 10

IGMP profile

applying 25

configuration mode 24

configuring 25

IGMP snooping

and address aliasing 2

configuring 6

default configuration 6, 5, 6

definition 1

IGMP snooping (continued)

enabling and disabling 7, 6

global configuration 7

Immediate Leave 5

method 8

monitoring 15, 11

querier

configuration guidelines 13

configuring 13

supported versions 2

support for 3

VLAN configuration 7

IGMP throttling

configuring 27

default configuration 24

described 24

displaying action 28

Immediate Leave, IGMP 5

enabling 9

inaccessible authentication bypass 20

initial configuration

defaults 13

Express Setup 2

interface

number 9

range macros 12

interface command9to 10

interface configuration mode 3

interfaces

auto-MDIX, configuring 20

configuration guidelines

duplex and speed 17

configuring

procedure 10

counters, clearing 27

default configuration 14

described 24

descriptive name, adding 24

displaying information about 26

interfaces (continued)

flow control 19

management 4

monitoring 26

naming 24

physical, identifying 9

range of 10

restarting 28

shutting down 28

speed and duplex, configuring 18

status 26

supported 9

types of 1

interfaces range macro command 12

interface types 9

Internet Protocol version 6

See IPv6

Intrusion Detection System

See IDS appliances

inventory management TLV 3, 7

IOS shell

See Auto Smartports macros

IP ACLs

for QoS classification 7

implicit deny 25, 29

implicit masks 25

named 30

undefined 35

IP addresses

128-bit 2

candidate or member 3, 12

cluster access 2

command switch 3, 10, 12

discovering 27

IPv6 2

redundant clusters 10

standby command switch 10, 12

See also IP information

ip igmp profile command 24

IP information

assigned

manually 14

through DHCP-based autoconfiguration 3

default configuration 3

IP phones

and QoS 1

automatic classification and queueing 19

configuring 4

ensuring port security with QoS 36

trusted boundary for QoS 36

IP precedence 2

IP-precedence-to-DSCP map for QoS 53

IP protocols in ACLs 27

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 1

IP SLAs

benefits 2

configuration guidelines 5

Control Protocol 4

default configuration 5

definition 1

measuring network performance 3

monitoring 6

operation 3

responder

described 4

enabling 6

response time 4

SNMP support 2

supported metrics 2

IP source guard

and 802.1x 14

and DHCP snooping 12

and EtherChannels 14

and port security 14

and private VLANs 14

and routed ports 14

IP source guard (continued)

and TCAM entries 14

and trunk interfaces 14

and VRF 14

binding configuration

automatic 12

manual 12

binding table 12

configuration guidelines 14

default configuration 13

described 12

disabling 15

displaying

bindings 16

configuration 16

enabling 14

filtering

source IP address 13

source IP and MAC address 13

source IP address filtering 13

source IP and MAC address filtering 13

static bindings

adding 14

deleting 15

IP traceroute

executing 17

overview 16

IPv4 ACLs

applying to interfaces 34

extended, creating 26

named 30

standard, creating 25

IPv4 and IPv6

dual protocol stacks 5

IPv6

addresses 2

address formats 2

applications 4

assigning address 7

IPv6 (continued)

autoconfiguration 4

configuring static routes 11

default configuration 7

default router preference (DRP) 4

defined 1

forwarding 7

ICMP 3

monitoring 12

neighbor discovery 3

SDM templates 1

Stateless Autoconfiguration 4

supported features 2

understanding static routes 5

J

join messages, IGMP 3

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 2

Layer 2 interfaces, default configuration 14

Layer 2 traceroute

and ARP 15

and CDP 15

broadcast traffic 14

described 14

IP addresses and subnets 15

MAC addresses and VLANs 15

multicast traffic 15

multiple devices on a port 15

unicast traffic 14

usage guidelines 15

Layer 3 features 12

Layer 3 interfaces

assigning IPv6 addresses to 7

Layer 3 packets, classification methods 2

Leaking IGMP Reports 4

LEDs, switch

See hardware installation guide

line configuration mode 3

Link Aggregation Control Protocol

See EtherChannel

link failure, detecting unidirectional 7

Link Layer Discovery Protocol

See CDP

link local unicast addresses 3

link redundancy

See Flex Links

links, unidirectional 1

link-state tracking

configuring 20

described 18

LLDP

configuring 4

characteristics 6

default configuration 4

enabling 5

monitoring and maintaining 10

overview 1

supported TLVs 2

switch stack considerations 2

transmission timer and holdtime, setting 6

LLDP-MED

configuring

procedures 4

TLVs 6

monitoring and maintaining 10

overview 1, 2

supported TLVs 2

LLDP Media Endpoint Discovery

See LLDP-MED

local SPAN 2

location TLV 3, 7

login authentication

with RADIUS 23

with TACACS+ 14

login banners 17

log messages

See system message logging

Long-Reach Ethernet (LRE) technology 17

loop guard

described 9

enabling 15

support for 7

LRE profiles, considerations in switch clusters 13

M

MAB

See MAC authentication bypass

MAB inactivity timer

default setting 32

range 35

MAC/PHY configuration status TLV 2

MAC addresses

aging time 21

and VLAN association 20

building the address table 20

default configuration 20

disabling learning on a VLAN 26

discovering 27

displaying 27

displaying in the IP source binding table 16

dynamic

learning 20

removing 21

in ACLs 38

MAC addresses (continued)

static

adding 24

allowing 25, 27

characteristics of 24

dropping 25

removing 24

MAC address learning 5

MAC address learning, disabling on a VLAN 26

MAC address notification, support for 13

MAC address-table move update

configuration guidelines 8

configuring 12

default configuration 8

description 6

monitoring 14

MAC address-to-VLAN mapping 24

MAC authentication bypass 35

configuring 54

overview 15

MAC extended access lists

applying to Layer 2 interfaces 40

configuring for QoS 43

creating 38

defined 38

for QoS classification 5

macros

See Auto Smartports macros

See Smartports macros

magic packet 23

manageability features 5

management access

in-band

browser session 6

CLI session 6

device manager 6

SNMP 6

out-of-band console port connection 6

management address TLV 2

management options

CLI 1

clustering 3

Network Assistant 2

overview 4

management VLAN

considerations in switch clusters 7

discovery through different management VLANs 7

mapping tables for QoS

configuring

CoS-to-DSCP 52

DSCP 51

DSCP-to-CoS 55

DSCP-to-DSCP-mutation 56

IP-precedence-to-DSCP 53

policed-DSCP 54

described 10

marking

action with aggregate policers 49

described 4, 8

matching, IPv4 ACLs 23

maximum aging time

MSTP 23

STP 21

maximum hop count, MSTP 24

maximum number of allowed devices, port-based authentication 35

MDA

configuration guidelines12to 13

described 9, 12

exceptions with authentication process 6

membership mode, VLAN port 3

member switch

automatic discovery 4

defined 2

managing 14

passwords 12

recovering from lost connectivity 11

requirements 3

member switch (continued)

See also candidate switch, cluster standby group, and standby command switch

messages, to users through banners 17

MIBs

accessing files with FTP 3

location of files 3

overview 1

SNMP interaction with 4

supported 1

mirroring traffic for analysis 1

mismatches, autonegotiation 11

module number 9

monitoring

access groups 41

cables for unidirectional links 1

CDP 4

features 13

Flex Links 14

IGMP

filters 28

snooping 15, 11

interfaces 26

IP SLAs operations 6

IPv4 ACL configuration 41

IPv6 12

MAC address-table move update 14

multicast router interfaces 16, 11

MVR 23

network traffic for analysis with probe 2

port

blocking 18

protection 18

SFP status 27, 13

speed and duplex mode 18

traffic flowing among switches 1

traffic suppression 18

VLANs 14

monitoring (continued)

VMPS 28

VTP 16

mrouter Port 3

mrouter port 5

MSTP

boundary ports

configuration guidelines 15

described 6

BPDU filtering

described 3

enabling 12

BPDU guard

described 2

enabling 11

CIST, described 3

CIST regional root 3

CIST root 5

configuration guidelines 14, 10

configuring

forward-delay time 23

hello time 22

link type for rapid convergence 24

maximum aging time 23

maximum hop count 24

MST region 15

neighbor type 25

path cost 20

port priority 19

root switch 17

secondary root switch 18

switch priority 21

CST

defined 3

operations between regions 3

default configuration 14

default optional feature configuration 9

displaying status 26

enabling the mode 15

MSTP (continued)

EtherChannel guard

described 7

enabling 14

extended system ID

effects on root switch 17

effects on secondary root switch 18

unexpected behavior 17

IEEE 802.1s

implementation 6

port role naming change 6

terminology 5

instances supported 9

interface state, blocking to forwarding 2

interoperability and compatibility among modes 10

interoperability with IEEE 802.1D

described 8

restarting migration process 25

IST

defined 2

master 3

operations within a region 3

loop guard

described 9

enabling 15

mapping VLANs to MST instance 16

MST region

CIST 3

configuring 15

described 2

hop-count mechanism 5

IST 2

supported spanning-tree instances 2

optional features supported 7

overview 2

Port Fast

described 2

enabling 10

preventing root switch selection 8

MSTP (continued)

root guard

described 8

enabling 15

root switch

configuring 17

effects of extended system ID 17

unexpected behavior 17

shutdown Port Fast-enabled port 2

status, displaying 26

multiauth mode

See multiple-authentication mode

multicast groups

Immediate Leave 5

joining 3

leaving 5

static joins 9, 7

multicast router interfaces, monitoring 16, 11

multicast router ports, adding 9, 8

multicast storm 1

multicast storm-control command 4

multicast television application 17

multicast VLAN 16

Multicast VLAN Registration

See MVR

multidomain authentication

See MDA

multiple authentication 13

multiple authentication mode

configuring 41

MVR

and address aliasing 20

and IGMPv3 20

configuration guidelines 19

configuring interfaces 21

default configuration 19

described 16

example application 17

modes 20

MVR (continued)

monitoring 23

multicast television application 17

setting global parameters 20

support for 4

N

NAC

critical authentication 20, 50

IEEE 802.1x authentication using a RADIUS server 55

IEEE 802.1x validation using RADIUS server 55

inaccessible authentication bypass 50

Layer 2 IEEE 802.1x validation 10, 25, 55

named IPv4 ACLs 30

native VLAN

configuring 19

default 19

NEAT

configuring 56

overview 26

neighbor discovery, IPv6 3

Network Admission Control

See NAC

Network Admission Control Software Configuration Guide 63, 64

Network Assistant

benefits 2

described 4

downloading image files 2

guide mode 2

management options 2

upgrading a switch 23

wizards 2

network configuration examples

increasing network performance 16

long-distance, high-bandwidth transport 20

providing network services 16

network configuration examples (continued)

server aggregation and Linux server cluster 18

small to medium-sized network 19

network design

performance 16

services 16

Network Edge Access Toplogy

See NEAT

network management

CDP 1

RMON 1

SNMP 1

network performance, measuring with IP SLAs 3

network policy TLV 2, 7

Network Time Protocol

See NTP

no commands 4

nonhierarchical policy maps

described 9

non-IP traffic filtering 38

nontrunking mode 15

normal-range VLANs 4

configuration guidelines 5

configuration modes 6

configuring 4

defined 1

NTP

associations

authenticating 4

defined 2

enabling broadcast messages 6

peer 5

server 5

default configuration 4

displaying the configuration 11

overview 2

restricting access

creating an access group 8

disabling NTP services per interface 10

NTP (continued)

source IP address, configuring 10

stratum 2

support for 5

synchronizing devices 5

time

services 2

synchronizing 2

O

open1x

configuring 61

open1x authentication

overview 25

optimizing system resources 1

options, management 4

out-of-profile markdown 11

P

packet modification, with QoS 18

PAgP

See EtherChannel

passwords

default configuration 2

disabling recovery of 5

encrypting 3

for security 8

in clusters 12

overview 1

recovery of 3

setting

enable 3

enable secret 3

Telnet 6

with usernames 6

VTP domain 8

path cost

MSTP 20

STP 18

PC (passive command switch) 9

performance, network design 16

performance features 3

persistent self-signed certificate 38

per-user ACLs and Filter-Ids 9

per-VLAN spanning-tree plus

See PVST+

physical ports 2

PIM-DVMRP, as snooping method 8

ping

character output description 14

executing 13

overview 13

PoE

auto mode 6

CDP with power consumption, described 4

CDP with power negotiation, described 4

Cisco intelligent power management 4

configuring 21

cutoff power

determining 7

cutoff-power

support for 7

devices supported 4

high-power devices operating in low-power mode 5

IEEE power classification levels 5

monitoring 7

monitoring power 23

policing power consumption 23

policing power usage 7

power budgeting 22

power consumption 8, 22

powered-device detection and initial power allocation 5

power management modes 6

power monitoring 7

PoE (continued)

power negotiation extensions to CDP 4

power sensing 7

standards supported 4

static mode 6

total available power 8

troubleshooting 11

policed-DSCP map for QoS 54

policers

configuring

for each matched traffic class 46

for more than one traffic class 49

described 4

displaying 69

number of 32

types of 9

policing

described 4

token-bucket algorithm 9

policy maps for QoS

characteristics of 46

described 7

displaying 70

nonhierarchical on physical ports

described 9

port ACLs, described 20

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 13

authentication server

defined 3

RADIUS server 3

client, defined 3

configuration guidelines 33

port-based authentication (continued)

configuring

802.1x authentication 38

guest VLAN 47

host mode 41

inaccessible authentication bypass 50

manual re-authentication of a client 43

periodic re-authentication 42

quiet period 44

RADIUS server 41

RADIUS server parameters on the switch 40

restricted VLAN 48

switch-to-client frame-retransmission number 45, 46

switch-to-client retransmission time 44

violation modes37to 38

default configuration 32

described 1

device roles 3

displaying statistics 66

downloadable ACLs and redirect URLs

configuring58to 60

overview17to 18

EAPOL-start frame 6

EAP-request/identity frame 6

EAP-response/identity frame 6

encapsulation 3

flexible authentication ordering

configuring 60

overview 25

guest VLAN

configuration guidelines 19, 20

described 18

host mode 11

inaccessible authentication bypass

configuring 50

described 20

guidelines 34

initiation and message exchange 6

port-based authentication (continued)

magic packet 23

maximum number of allowed devices per port 35

method lists 38

multiple authentication 13

ports

authorization state and dot1x port-control command 10

authorized and unauthorized 10

critical 20

voice VLAN 21

port security

and voice VLAN 23

described 22

interactions 22

multiple-hosts mode 11

readiness check

configuring 35

described 15, 35

resetting to default values 66

statistics, displaying 66

switch

as proxy 3

RADIUS client 3

switch supplicant

configuring 56

overview 26

VLAN assignment

AAA authorization 38

characteristics 16

configuration tasks 16

described 15

voice aware 802.1x security

configuring 36

described 26, 36

voice VLAN

described 21

PVID 21

VVID 21

port-based authentication (continued)

wake-on-LAN, described 23

with ACLs and RADIUS Filter-Id attribute 30

port-based authentication methods, supported 8

port blocking 3, 7

port-channel

See EtherChannel

port description TLV 2

Port Fast

described 2

enabling 10

mode, spanning tree 25

support for 7

port membership modes, VLAN 3

port priority

MSTP 19

STP 16

ports

access 2

blocking 7

dual-purpose uplink 4

dynamic access 3

protected 6

secure 8

static-access 3, 10

switch 2

trunks 3, 14

VLAN assignments 10

port security

aging 17

and QoS trusted boundary 36

configuring 12

default configuration 11

described 8

displaying 18

on trunk ports 14

sticky learning 9

violations 10

with other features 11

port-shutdown response, VMPS 24

port VLAN ID TLV 2

power management TLV 2, 7

Power over Ethernet

See PoE

preemption, default configuration 8

preemption delay, default configuration 8

preferential treatment of traffic

See QoS

preventing unauthorized access 1

primary links 2

priority

overriding CoS 6

trusting CoS 6

private VLAN edge ports

See protected ports

privileged EXEC mode 2

privilege levels

changing the default for lines 9

command switch 14

exiting 9

logging into 9

mapping on member switches 14

overview 2, 7

setting a command with 8

protected ports 9, 6

proxy reports 4

pruning, VTP

disabling

in VTP domain 14

on a port 19

enabling

in VTP domain 14

on a port 19

examples 5

overview 4

pruning-eligible list

changing 19

for VTP pruning 4

VLANs 14

PVST+

described 9

IEEE 802.1Q trunking interoperability 10

instances supported 9

Q

QoS

and MQC commands 1

auto-QoS

categorizing traffic 19

configuration and defaults display 28

configuration guidelines 24

described 19

disabling 26

displaying generated commands 26

displaying the initial configuration 28

effects on running configuration 24

egress queue defaults 20

enabling for VoIP 25

example configuration 27

ingress queue defaults 20

list of generated commands 21

basic model 4

classification

class maps, described 7

defined 4

DSCP transparency, described 37

flowchart 6

forwarding treatment 3

in frames and packets 3

IP ACLs, described 5, 7

MAC ACLs, described 5, 7

options for IP traffic 5

options for non-IP traffic 5

QoS (continued)

policy maps, described 7

trust DSCP, described 5

trusted CoS, described 5

trust IP precedence, described 5

class maps

configuring 44

displaying 69

configuration guidelines

auto-QoS 24

standard QoS 32

configuring

aggregate policers 49

auto-QoS 19

default port CoS value 35

DSCP maps 51

DSCP transparency 37

DSCP trust states bordering another domain 38

egress queue characteristics 62

ingress queue characteristics 57

IP extended ACLs 42

IP standard ACLs 41

MAC ACLs 43

port trust states within the domain 34

trusted boundary 36

default auto configuration 19

default standard configuration 29

displaying statistics 69

DSCP transparency 37

egress queues

allocating buffer space 62

buffer allocation scheme, described 16

configuring shaped weights for SRR 66

configuring shared weights for SRR 67

described 4

displaying the threshold map 65

flowchart 16

mapping DSCP or CoS values 65

scheduling, described 4

QoS (continued)

setting WTD thresholds 62

WTD, described 17

enabling globally 33

flowcharts

classification 6

egress queueing and scheduling 16

ingress queueing and scheduling 13

policing and marking 10

implicit deny 7

ingress queues

allocating bandwidth 60

allocating buffer space 59

buffer and bandwidth allocation, described 14

configuring shared weights for SRR 60

configuring the priority queue 61

described 4

displaying the threshold map 59

flowchart 13

mapping DSCP or CoS values 58

priority queue, described 14

scheduling, described 4

setting WTD thresholds 58

WTD, described 14

IP phones

automatic classification and queueing 19

detection and trusted settings 19, 36

limiting bandwidth on egress interface 68

mapping tables

CoS-to-DSCP 52

displaying 69

DSCP-to-CoS 55

DSCP-to-DSCP-mutation 56

IP-precedence-to-DSCP 53

policed-DSCP 54

types of 10

marked-down actions 48

marking, described 4, 8

overview 2

QoS (continued)

packet modification 18

policers

configuring 48, 50

described 8

displaying 69

number of 32

types of 9

policies, attaching to an interface 8

policing

described 4, 8

token bucket algorithm 9

policy maps

characteristics of 46

displaying 70

nonhierarchical on physical ports 46

QoS label, defined 4

queues

configuring egress characteristics 62

configuring ingress characteristics 57

high priority (expedite) 18, 68

location of 11

SRR, described 12

WTD, described 12

rewrites 18

support for 11

trust states

bordering another domain 38

described 5

trusted device 36

within the domain 34

quality of service

See QoS

queries, IGMP 4

query solicitation, IGMP 12

R

RADIUS

attributes

vendor-proprietary 31

vendor-specific 29

configuring

accounting 28

authentication 23

authorization 27

communication, global 21, 29

communication, per-server 20, 21

multiple UDP ports 20

default configuration 20

defining AAA server groups 25

displaying the configuration 32

identifying the server 20

in clusters 13

limiting the services to the user 27

method list, defined 19

operation of 19

overview 18

server load balancing 31

suggested network environments 18

support for 10

tracking services accessed by user 28

range

macro 12

of interfaces 11

rapid convergence 9

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 9

IEEE 802.1Q trunking interoperability 10

instances supported 9

Rapid Spanning Tree Protocol

See RSTP

rcommand command 14

RCP

configuration files

downloading 17

overview 15

preparing the server 16

uploading 18

image files

deleting old image 36

downloading 34

preparing the server 33

uploading 36

readiness check

port-based authentication

configuring 35

described 15, 35

reconfirmation interval, VMPS, changing 27

reconfirming dynamic VLAN membership 27

recovery procedures 1

redirect URL 17, 58

redundancy

EtherChannel 3

STP

backbone 8

path cost 22

port priority 20

redundant links and UplinkFast 13

reloading software 20

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 2

report suppression, IGMP

described 6

disabling 15, 11

resequencing ACL entries 30

resetting a UDLD-shutdown interface 6

responder, IP SLAs

described 4

enabling 6

response time, measuring with IP SLAs 4

restricted VLAN

configuring 48

described 19

using with IEEE 802.1x 19

restricting access

NTP services 8

overview 1

passwords and privilege levels 2

RADIUS 17

TACACS+ 10

retry count, VMPS, changing 28

RFC

1112, IP multicast and IGMP 2

1157, SNMPv1 2

1305, NTP 2

1757, RMON 2

1901, SNMPv2C 2

1902 to 1907, SNMPv2 2

2236, IP multicast and IGMP 2

2273-2275, SNMPv3 2

RMON

default configuration 3

displaying status 6

enabling alarms and events 3

groups supported 2

overview 1

statistics

collecting group Ethernet 5

collecting group history 5

support for 13

root guard

described 8

enabling 15

support for 7

root switch

MSTP 17

STP 14

RSPAN

characteristics 7

configuration guidelines 16

default configuration 9

defined 2

destination ports 6

displaying status 23

interaction with other features 8

monitored ports 5

monitoring ports 6

overview 13, 1

received traffic 4

sessions

creating 17

defined 3

limiting source traffic to specific VLANs 22

specifying monitored ports 17

with ingress traffic enabled 20

source ports 5

transmitted traffic 5

VLAN-based 6

RSTP

active topology 9

BPDU

format 12

processing 12

designated port, defined 9

designated switch, defined 9

interoperability with IEEE 802.1D

described 8

restarting migration process 25

topology changes 13

RSTP (continued)

overview 8

port roles

described 9

synchronized 11

proposal-agreement handshake process 10

rapid convergence

described 9

edge ports and Port Fast 9

point-to-point links 10, 24

root ports 10

root port, defined 9

See also MSTP

running configuration

replacing 19, 20

rolling back 19, 20

running configuration, saving 14

S

SC (standby command switch) 9

scheduled reloads 20

SCP

and SSH 44

configuring 44

SDM

described 1

templates

configuring 3

number of 1

SDM template

configuration guidelines 2

configuring 2

types of 1

Secure Copy Protocol

secure HTTP client

configuring 43

displaying 44

secure HTTP server

configuring 42

displaying 44

secure MAC addresses

deleting 16

maximum number of 9

types of 9

secure ports, configuring 8

secure remote connections 33

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 8

security features 8

See SCP

sequence numbers in log messages 8

server mode, VTP 3

service-provider network, MSTP and RSTP 1

set-request operation 4

setup program

failed command switch replacement 9

replacing failed command switch 8

severity levels, defining in system messages 8

SFPs

monitoring status of 27, 13

security and identification 12

status, displaying 13

shaped round robin

See SRR

Shell functions

See Auto Smartports macros

Shell triggers

See Auto Smartports macros

show access-lists hw-summary command 35

show and more command output, filtering 10

show cdp traffic command 5

show cluster members command 14

show configuration command 24

show forward command 20

show interfaces command 18, 24

show interfaces switchport 4

show lldp traffic command 11

show platform forward command 20

show running-config command

displaying ACLs 34, 35

interface description in 24

shutdown command on interfaces 28

Simple Network Management Protocol

See SNMP

small-frame arrival rate, configuring 5

Smartports macros

applying Cisco-default macros 12

applying global parameter values 13

configuration guidelines 12

default configuration 11

defined 1

displaying 14

tracing 12

SNAP 1

SNMP

accessing MIB variables with 4

agent

described 3

disabling 7

and IP SLAs 2

authentication level 10

community strings

configuring 8

for cluster switches 4

overview 4

configuration examples 17

default configuration 6

engine ID 7

groups 6, 9

host 6

ifIndex values 5

in-band management 6

SNMP (continued)

in clusters 13

informs

and trap keyword 11

described 5

differences from traps 5

disabling 15

enabling 15

limiting access by TFTP servers 16

limiting system log messages to NMS 10

manager functions 4, 3

managing clusters with 14

MIBs

location of 3

supported 1

notifications 5

overview 1, 4

security levels 3

setting CPU threshold notification 15

status, displaying 18

system contact and location 16

trap manager, configuring 13

traps

described 3, 5

differences from informs 5

disabling 15

enabling 11

enabling MAC address notification 21

overview 1, 4

types of 11

users 6, 9

versions supported 2

SNMP and Syslog Over IPv6 5

SNMPv1 2

SNMPv2C 2

SNMPv3 2

snooping, IGMP 1

software images

location in flash 24

recovery procedures 2

scheduling reloads 20

tar file format, described 24

See also downloading and uploading

source addresses

in IPv4 ACLs 27

source-and-destination-IP address based forwarding, EtherChannel 7

source-and-destination MAC address forwarding, EtherChannel 7

source-IP address based forwarding, EtherChannel 7

source-MAC address forwarding, EtherChannel 7

SPAN

configuration guidelines 10

default configuration 9

destination ports 6

displaying status 23

interaction with other features 8

monitored ports 5

monitoring ports 6

overview 13, 1

ports, restrictions 12

received traffic 4

sessions

configuring ingress forwarding 14, 21

creating 10

defined 3

limiting source traffic to specific VLANs 15

removing destination (monitoring) ports 12

specifying monitored ports 10

with ingress traffic enabled 13

source ports 5

transmitted traffic 5

VLAN-based 6

spanning tree and native VLANs 15

Spanning Tree Protocol

See STP

SPAN traffic 4

SRR

configuring

shaped weights on egress queues 66

shared weights on egress queues 67

shared weights on ingress queues 60

described 12

shaped mode 13

shared mode 13

support for 12

SSH

configuring 34

cryptographic software image 33

described 6, 33

encryption methods 34

user authentication methods, supported 34

SSL

configuration guidelines 40

configuring a secure HTTP client 43

configuring a secure HTTP server 41

cryptographic software image 37

described 37

monitoring 44

standby command switch

configuring

considerations 10

defined 2

priority 9

requirements 3

virtual IP address 10

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

standby links 2

startup configuration

booting

manually 17

specific image 18

clearing 19

startup configuration (continued)

configuration file

automatically downloading 16

specifying the filename 16

default boot configuration 16

static access ports

assigning to VLAN 10

defined 3

static addresses

See addresses

static MAC addressing 9

static routes

configuring for IPv6 11

understanding 5

static VLAN membership 2

statistics

802.1x 66

CDP 4

interface 27

LLDP 10

LLDP-MED 10

NMSP 10

QoS ingress and egress 69

RMON group Ethernet 5

RMON group history 5

SNMP input and output 18

VTP 16

sticky learning 9

storm control

configuring 3

described 1

disabling 5

displaying 18

support for 3

thresholds 1

STP

accelerating root port selection 4

BackboneFast

described 5

disabling 14

enabling 13

BPDU filtering

described 3

disabling 12

enabling 12

BPDU guard

described 2

disabling 12

enabling 11

BPDU message exchange 3

configuration guidelines 12, 10

configuring

forward-delay time 21

hello time 20

maximum aging time 21

path cost 18

port priority 16

root switch 14

secondary root switch 16

spanning-tree mode 13

switch priority 19

transmit hold-count 22

counters, clearing 22

default configuration 11

default optional feature configuration 9

designated port, defined 3

designated switch, defined 3

detecting indirect link failures 5

disabling 14

displaying status 22

EtherChannel guard

described 7

disabling 14

enabling 14

STP (continued)

extended system ID

effects on root switch 14

effects on the secondary root switch 16

overview 4

unexpected behavior 14

features supported 6

IEEE 802.1D and bridge ID 4

IEEE 802.1D and multicast addresses 8

IEEE 802.1t and VLAN identifier 4

inferior BPDU 3

instances supported 9

interface state, blocking to forwarding 2

interface states

blocking 5

disabled 7

forwarding 5, 6

learning 6

listening 6

overview 4

interoperability and compatibility among modes 10

limitations with IEEE 802.1Q trunks 10

load sharing

overview 20

using path costs 22

using port priorities 20

loop guard

described 9

enabling 15

modes supported 9

multicast addresses, effect of 8

optional features supported 7

overview 2

path costs 22

Port Fast

described 2

enabling 10

port priorities 21

preventing root switch selection 8

STP (continued)

protocols supported 9

redundant connectivity 8

root guard

described 8

enabling 15

root port, defined 3

root switch

configuring 14

effects of extended system ID 4, 14

election 3

unexpected behavior 14

shutdown Port Fast-enabled port 2

status, displaying 22

superior BPDU 3

timers, described 20

UplinkFast

described 3

enabling 13

stratum, NTP 2

success response, VMPS 24

summer time 13

SunNet Manager 4

supported port-based authentication methods 8

Smartports macros

See also Auto Smartports macros

switch 2

switch clustering technology 1

See also clusters, switch

switch console port 6

Switch Database Management

See SDM

Switched Port Analyzer

See SPAN

switched ports 2

switchport backup interface 4, 5

switchport block multicast command 8

switchport block unicast command 8

switchport protected command 7

switch priority

MSTP 21

STP 19

switch software features 1

syslog

See system message logging

system capabilities TLV 2

system clock

configuring

daylight saving time 13

manually 11

summer time 13

time zones 12

displaying the time and date 12

overview 1

See also NTP

system description TLV 2

system message logging

default configuration 3

defining error message severity levels 8

disabling 4

displaying the configuration 13

enabling 4

facility keywords, described 13

level keywords, described 9

limiting messages 10

message format 2

overview 1

sequence numbers, enabling and disabling 8

setting the display destination device 5

synchronizing log messages 6

syslog facility 13

time stamps, enabling and disabling 7

UNIX syslog servers

configuring the daemon 12

configuring the logging facility 12

facilities supported 13

system name

default configuration 15

default setting 15

manual configuration 15

See also DNS

system name TLV 2

system prompt, default setting 14, 15

system resources, optimizing 1

T

TACACS+

accounting, defined 11

authentication, defined 11

authorization, defined 11

configuring

accounting 17

authentication key 13

authorization 16

login authentication 14

default configuration 13

displaying the configuration 17

identifying the server 13

in clusters 13

limiting the services to the user 16

operation of 12

overview 10

support for 10

tracking services accessed by user 17

tar files

creating 6

displaying the contents of 7

extracting 7

image file format 24

TDR 13

Telnet

accessing management interfaces 10

number of connections 6

setting a password 6

templates, SDM 1

temporary self-signed certificate 38

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 6

TFTP

configuration files

downloading 11

preparing the server 10

uploading 12

configuration files in base directory 7

configuring for autoconfiguration 7

image files

deleting 27

downloading 26

preparing the server 25

uploading 28

limiting access by servers 16

TFTP server 5

threshold, traffic level 2

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32

time ranges in ACLs 32

time stamps in log messages 7

time zones 12

TLVs

defined 1

LLDP 2

LLDP-MED 2

Token Ring VLANs

support for 5

VTP support 4

ToS 11

traceroute, Layer 2

and ARP 15

and CDP 15

broadcast traffic 14

described 14

IP addresses and subnets 15

MAC addresses and VLANs 15

multicast traffic 15

multiple devices on a port 15

unicast traffic 14

usage guidelines 15

traceroute command 17

See also IP traceroute

traffic

blocking flooded 8

fragmented 21

unfragmented 21

traffic policing 11

traffic suppression 1

transmit hold-count

see STP

transparent mode, VTP 3, 12

trap-door mechanism 2

traps

configuring MAC address notification 21

configuring managers 11

defined 3

enabling 21, 11

notification types 11

overview 1, 4

troubleshooting

connectivity problems 13, 14, 16

CPU utilization 23

detecting unidirectional links 1

displaying crash information 22

setting packet forwarding 20

SFP security and identification 12

show forward command 20

with CiscoWorks 4

troubleshooting (continued)

with debug commands 18

with ping 13

with system message logging 1

with traceroute 16

trunk failover

See link-state tracking

trunking encapsulation 8

trunk ports

configuring 17

defined 3

trunks

allowed-VLAN list 18

load sharing

setting STP path costs 22

using STP port priorities 20, 21

native VLAN for untagged traffic 19

parallel 22

pruning-eligible list 19

to non-DTP device 14

trusted boundary for QoS 36

trusted port states

between QoS domains 38

classification options 5

ensuring port security for IP phones 36

support for 11

within a QoS domain 34

trustpoints, CA 38

twisted-pair Ethernet, detecting unidirectional links 1

type of service

See ToS

U

UDLD

configuration guidelines 4

default configuration 4

disabling

globally 5

on fiber-optic interfaces 5

per interface 5

echoing detection mechanism 2

enabling

globally 5

per interface 5

link-detection mechanism 1

neighbor database 2

overview 1

resetting an interface 6

status, displaying 6

support for 6

unauthorized ports with IEEE 802.1x 10

unicast MAC address filtering 5

and adding static addresses 25

and broadcast MAC addresses 25

and CPU packets 25

and multicast addresses 25

and router MAC addresses 25

configuration guidelines 25

described 25

unicast storm 1

unicast storm control command 4

unicast traffic, blocking 8

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 12

facilities supported 13

message logging configuration 12

unrecognized Type-Length-Value (TLV) support 4

upgrading a Catalyst 2950 switch

configuration compatibility issues 1

differences in configuration commands 1

feature behavior incompatibilities 5

incompatible command messages 1

recommendations 1

upgrading software images

See downloading

UplinkFast

described 3

disabling 13

enabling 13

support for 7

uploading

configuration files

preparing 10, 13, 16

reasons for 9

using FTP 14

using RCP 18

using TFTP 12

image files

preparing 25, 29, 33

reasons for 23

using FTP 31

using RCP 36

using TFTP 28

user EXEC mode 2

username-based authentication 6

V

version-dependent transparent mode 4

virtual IP address

cluster standby group 10

command switch 10

virtual switches and PAgP 5

vlan.dat file 4

VLAN 1, disabling on a trunk port 18

VLAN 1 minimization 18

vlan-assignment response, VMPS 24

VLAN configuration

at bootup 7

saving 7

VLAN configuration mode 2, 6

VLAN database

and startup configuration file 7

and VTP 1

VLAN configuration saved in 7

VLANs saved in 4

vlan database command 6

VLAN filtering and SPAN 6

vlan global configuration command 6

VLAN ID, discovering 27

VLAN load balancing on flex links 2

configuration guidelines 8

VLAN management domain 2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming 27

modes 3

VLAN Query Protocol

See VQP

VLANs

adding 8

adding to VLAN database 8

aging dynamic addresses 9

allowed on trunk 18

and spanning-tree instances 2, 6, 12

configuration guidelines, extended-range VLANs 12

configuration guidelines, normal-range VLANs 5

configuration options 6

configuring 1

configuring IDs 1006 to 4094 12

creating in config-vlan mode 8

creating in VLAN configuration mode 9

default configuration 7

deleting 10

VLANs (continued)

described 2, 1

displaying 14

extended-range 1, 11

features 7

illustrated 2

limiting source traffic with RSPAN 22

limiting source traffic with SPAN 15

modifying 8

multicast 16

native, configuring 19

normal-range 1, 4

number supported 7

parameters 4

port membership modes 3

static-access ports 10

STP and IEEE 802.1Q trunks 10

supported 2

Token Ring 5

traffic between 2

VTP modes 3

VLAN Trunking Protocol

See VTP

VLAN trunks 14

VMPS

administering 28

configuration example 29

configuration guidelines 25

default configuration 25

description 23

dynamic port membership

described 24

reconfirming 27

troubleshooting 29

entering server address 26

mapping MAC addresses to VLANs 24

monitoring 28

reconfirmation interval, changing 27

reconfirming membership 27

VMPS (continued)

retry count, changing 28

voice aware 802.1x security

port-based authentication

configuring 36

described 26, 36

voice-over-IP 1

voice VLAN

Cisco 7960 phone, port connections 1

configuration guidelines 3

configuring IP phones for data traffic

override CoS of incoming frame 6

trust CoS priority of incoming frame 6

configuring ports for voice traffic in

802.1p priority tagged frames 5

802.1Q frames 5

connecting to an IP phone 4

default configuration 3

described 1

displaying 7

IP phone data traffic, described 2

IP phone voice traffic, described 2

VQP 8, 23

VTP

adding a client to a domain 14

advertisements 16, 3

and extended-range VLANs 2

and normal-range VLANs 2

client mode, configuring 11

configuration

global configuration mode 7

guidelines 8

privileged EXEC mode 7

requirements 9

saving 7

VLAN configuration mode 7

configuration mode options 7

configuration requirements 9

VTP (continued)

configuration revision number

guideline 14

resetting 15

configuring

client mode 11

server mode 9

transparent mode 12

consistency checks 4

default configuration 6

described 1

disabling 12

domain names 8

domains 2

modes

client 3, 11

server 3, 9

transitions 3

transparent 3, 12

monitoring 16

passwords 8

pruning

disabling 14

enabling 14

examples 5

overview 4

support for 8

pruning-eligible list, changing 19

server mode, configuring 9

statistics 16

support for 8

Token Ring support 4

transparent mode, configuring 12

using 1

version, guidelines 8

Version 1 4

VTP (continued)

Version 2

configuration guidelines 8

disabling 13

enabling 13

overview 4

W

web authentication 15

configuring62to64, 65to ??

described 8, 27

fallback for IEEE 802.1x 63

weighted tail drop

See WTD

wired location service

configuring 9

displaying 10

location TLV 3

understanding 3

wizards 2

WTD

described 12

setting thresholds

egress queue-sets 62

ingress queues 58

support for 11, 12

X

Xmodem protocol 2