Catalyst 2960 Switch Software Configuration Guide, Release 12.2(52)SE
Index
Downloads: This chapterpdf (PDF - 1.37MB) The complete bookPDF (PDF - 14.63MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

abbreviating commands 4

AC (command switch) 9

access-class command 34

access control entries

See ACEs

access-denied response, VMPS 23

access groups, applying IPv4 ACLs to interfaces 35

accessing

clusters, switch 12

command switches 10

member switches 12

switch clusters 12

access lists

See ACLs

access ports

in switch clusters 8

access ports, defined 2

accounting

with 802.1x 47

with IEEE 802.1x 15

with RADIUS 33

with TACACS+ 11, 17

ACEs

and QoS 7

defined 20

Ethernet 20

IP 20

ACLs

ACEs 20

any keyword 27

applying

time ranges to 32

to an interface 34

to QoS 7

classifying traffic for QoS 40

comments in 33

compiling 37

defined 19, 23

examples of 37, 40

extended IP, configuring for QoS classification 41

extended IPv4

creating 26

matching criteria 23

hardware and software handling 36

host keyword 28

IP

creating 23

fragments and QoS guidelines 31

implicit deny 25, 29, 31

implicit masks 25

matching criteria 23

undefined 35

IPv4

applying to interfaces 34

creating 23

matching criteria 23

named 30

numbers 24

terminal lines, setting on 34

unsupported features 22

MAC extended 39, 42

matching 23, 35

monitoring 42

named, IPv4 30

number per QoS class map 31

QoS 7, 40

resequencing entries 30

standard IP, configuring for QoS classification 40

standard IPv4

creating 25

matching criteria 23

support for 10

support in hardware 36

time ranges 32

unsupported features, IPv4 22

active link 4, 5, 6

active links 2

active traffic monitoring, IP SLAs 1

address aliasing 2

addresses

displaying the MAC address table 29

dynamic

accelerated aging 8

changing the aging time 21

default aging 8

defined 19

learning 20

removing 21

IPv6 2

MAC, discovering 30

multicast, STP address management 8

static

adding and removing 26

defined 19

address resolution 30

Address Resolution Protocol

See ARP

advertisements

CDP 1

LLDP 1, 2

VTP 15, 3, 4

aggregatable global unicast addresses 3

aggregated ports

See EtherChannel

aggregate policers 48

aggregate policing 13

aging, accelerating 8

aging time

accelerated

for MSTP 23

for STP 8, 21

MAC address table 21

maximum

for MSTP 23, 24

for STP 21, 22

alarms, RMON 3

allowed-VLAN list 16

ARP

defined 5, 30

table

address resolution 30

managing 30

attributes, RADIUS

vendor-proprietary 36

vendor-specific 34

attribute-value pairs 13, 15, 19, 20

authentication

local mode with AAA 38

NTP associations 4

open1x 29

RADIUS

key 26

login 28

TACACS+

defined 11

key 13

login 14

See also port-based authentication

authentication compatibility with Catalyst 6000 switches 9

authentication failed VLAN

See restricted VLAN

authentication manager

CLI commands 10

compatibility with older 802.1x CLI commands10to ??

overview 8

authoritative time source, described 2

authorization

with RADIUS 32

with TACACS+ 11, 16

authorized ports with IEEE 802.1x 11

autoconfiguration 3

auto enablement 30

automatic discovery

considerations

beyond a noncandidate device 7

brand new switches 8

connectivity 4

different VLANs 6

management VLANs 7

non-CDP-capable devices 6

noncluster-capable devices 6

in switch clusters 4

See also CDP

automatic QoS

See QoS

automatic recovery, clusters 9

See also HSRP

auto-MDIX

configuring 20

described 20

autonegotiation

duplex mode 3

interface configuration guidelines 17

mismatches 11

autosensing, port speed 3

Auto Smartports macros

built-in macros 3, 9

Cisco Medianet 2

configuration guidelines 4

default configuration 3

defined 1

displaying 19

enabling 5, 8

event triggers 12

IOS shell 1, 15

LLDP 1

mapping 9

user-defined macros 15

See also Smartports macros

auxiliary VLAN

See voice VLAN

availability, features 7

B

BackboneFast

described 5

disabling 14

enabling 13

support for 7

backup interfaces

See Flex Links

backup links 2

banners

configuring

login 18

message-of-the-day login 18

default configuration 17

when displayed 17

Berkeley r-tools replacement 50

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 6

IP source guard 13

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 7

booting

boot loader, function of 2

boot process 1

manually 17

specific image 18

boot loader

accessing 18

described 2

environment variables 18

prompt 18

trap-door mechanism 2

BPDU

error-disabled state 2

filtering 3

RSTP format 12

BPDU filtering

described 3

disabling 12

enabling 12

support for 8

BPDU guard

described 2

disabling 12

enabling 11

support for 8

bridge protocol data unit

See BPDU

broadcast storm-control command 4

broadcast storms 1

C

cables, monitoring for unidirectional links 1

candidate switch

automatic discovery 4

defined 3

requirements 3

See also command switch, cluster standby group, and member switch

Catalyst 6000 switches

authentication compatibility 9

CA trustpoint

configuring 47

defined 45

CDP

and trusted boundary 35

automatic discovery in switch clusters 4

configuring 2

default configuration 2

defined with LLDP 1

described 1

disabling for routing device3to 4

enabling and disabling

on an interface 4

on a switch 3

monitoring 4

overview 1

power negotiation extensions 4

support for 5

transmission timer and holdtime, setting 2

updates 2

CGMP

as IGMP snooping learning method 8

joining multicast group 3

CipherSuites 46

Cisco 7960 IP Phone 1

Cisco Discovery Protocol

See CDP

Cisco intelligent power management 4

Cisco IOS File System

See IFS

Cisco IOS IP Service Level Agreements (SLAs) responder 4

Cisco IOS IP SLAs 1

Cisco Medianet

See Auto Smartports macros

Cisco Secure ACS

attribute-value pairs for downloadable ACLs 20

attribute-value pairs for redirect URL 19

Cisco Secure ACS configuration guide 59

CiscoWorks 2000 5, 4

CISP 30

CIST regional root

See MSTP

CIST root

See MSTP

civic location 3

class maps for QoS

configuring 43

described 7

displaying 68

class of service

See CoS

clearing interfaces 28

CLI

abbreviating commands 4

command modes 1

configuration logging 5

described 5

editing features

enabling and disabling 7

keystroke editing 7

wrapped lines 9

error messages 5

filtering command output 9

getting help 3

history

changing the buffer size 6

described 5

disabling 6

recalling commands 6

managing clusters 14

no and default forms of commands 4

Client Information Signalling Protocol

See CISP

client mode, VTP 3

clock

See system clock

clusters, switch

accessing 12

automatic discovery 4

automatic recovery 9

benefits 2

compatibility 4

described 1

LRE profile considerations 13

managing

through CLI 14

through SNMP 14

planning 4

planning considerations

automatic discovery 4

automatic recovery 9

CLI 14

host names 12

IP addresses 12

LRE profiles 13

passwords 12

RADIUS 13

SNMP 13, 14

TACACS+ 13

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

automatic recovery 11

considerations 10

defined 2

requirements 3

virtual IP address 10

See also HSRP

CNS 5

management functions 5

CoA Request Commands 23

Coarse Wave Division Multiplexer

See CWDM SFPs

command-line interface

See CLI

command modes 1

commands

abbreviating 4

no and default 4

commands, setting privilege levels 8

command switch

accessing 10

active (AC) 9

configuration conflicts 11

defined 2

passive (PC) 9

password privilege levels 14

priority 9

recovery

from command-switch failure 9, 7

from lost member connectivity 11

redundant 9

replacing

with another switch 9

with cluster member 8

requirements 3

standby (SC) 9

See also candidate switch, cluster standby group, member switch, and standby command switch

community strings

configuring 13, 8

for cluster switches 4

in clusters 13

overview 4

SNMP 13

compatibility, feature 12

config.text 16

configurable leave timer, IGMP 5

configuration, initial

defaults 14

Express Setup 2

configuration changes, logging 10

configuration conflicts, recovering from lost member connectivity 11

configuration examples, network 17

configuration files

archiving 19

clearing the startup configuration 19

creating using a text editor 10

default name 16

deleting a stored configuration 19

described 8

downloading

automatically 16

preparing 10, 13, 16

reasons for 8

using FTP 13

using RCP 17

using TFTP 11

guidelines for creating and using 9

guidelines for replacing and rolling back 20

invalid combinations when copying 5

limiting TFTP server access 16

obtaining with DHCP 8

password recovery disable considerations 5

replacing a running configuration 19, 20

rolling back a running configuration 19, 20

specifying the filename 16

system contact and location information 16

types and location 9

uploading

preparing 10, 13, 16

reasons for 8

using FTP 14

using RCP 18

using TFTP 11

configuration logger 10

configuration logging 5

configuration replacement 19

configuration rollback 19

configuration settings, saving 15

configure terminal command 10

configuring 802.1x user distribution 54

configuring port-based authentication violation modes 38

configuring small-frame arrival rate 5

config-vlan mode 2

conflicts, configuration 11

connections, secure remote 40

connectivity problems 13, 14, 16

consistency checks in VTP Version 2 5

console port, connecting to 10

control protocol, IP SLAs 4

corrupted software, recovery steps with Xmodem 2

CoS

in Layer 2 frames 2

override priority 6

trust priority 6

CoS input queue threshold map for QoS 14

CoS output queue threshold map for QoS 17

CoS-to-DSCP map for QoS 51

counters, clearing interface 28

CPU utilization, troubleshooting 23

crashinfo file 22

critical authentication, IEEE 802.1x 51

critical VLAN 22

cryptographic software image

SSH 39

SSL 44

customjzeable web pages, web-based authentication 6

CWDM SFPs 22

D

DACL

See downloadable ACL

daylight saving time 13

debugging

enabling all system diagnostics 19

enabling for a specific feature 19

redirecting error message output 20

using commands 18

default commands 4

default configuration

802.1x 32

auto-QoS 19

banners 17

booting 16

CDP 2

DHCP 7

DHCP option 82 8

DHCP snooping 8

DHCP snooping binding database 8

DNS 16

dynamic ARP inspection 5

EtherChannel 9

Ethernet interfaces 14

Flex Links 8

IGMP filtering 24

IGMP snooping 6, 5, 6

IGMP throttling 24

initial switch information 3

IP SLAs 5

IP source guard 15

IPv6 6

Layer 2 interfaces 14

LLDP 5

MAC address table 20

MAC address-table move update 8

MSTP 14

MVR 19

NTP 4

optional spanning-tree configuration 9

password and privilege level 2

RADIUS 26

RMON 3

RSPAN 9

SDM template 2

SNMP 6

SPAN 9

SSL 46

standard QoS 28

STP 11

system message logging 3

system name and prompt 15

TACACS+ 13

UDLD 4

VLAN, Layer 2 Ethernet interfaces 14

VLANs 7

VMPS 24

voice VLAN 3

VTP 8

default gateway 14

default web-based authentication configuration

802.1X 9

deleting VLANs 9

denial-of-service attack 1

description command 25

designing your network, examples 17

destination addresses

in IPv4 ACLs 27

destination-IP address-based forwarding, EtherChannel 7

destination-MAC address forwarding, EtherChannel 7

detecting indirect link failures, STP 5

device 23

device discovery protocol 1

device manager

benefits 2

described 2, 4

in-band management 6

upgrading a switch 23

DHCP

Cisco IOS server database

configuring 12

enabling

relay agent 9

DHCP-based autoconfiguration

client request message exchange 4

configuring

client side 3

DNS 7

relay device 8

server side 6

TFTP server 7

example 9

lease options

for IP address information 6

for receiving the configuration file 6

overview 3

relationship to BOOTP 3

relay support 5

support for 5

DHCP-based autoconfiguration and image update

configuring11to 13

understanding 5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption 5

configuration guidelines 8

default configuration 7

displaying 13

overview 3

packet format, suboption

circuit ID 5

remote ID 5

remote ID suboption 5

DHCP server port-based address allocation

configuration guidelines 22

default configuration 22

described 21

displaying 24

enabling 22

reserved addresses 22

DHCP server port-based address assignment

support for 5

DHCP snooping

accepting untrusted packets form edge switch 3, 10

binding database

See DHCP snooping binding database

configuration guidelines 8

default configuration 7

displaying binding tables 13

message exchange process 4

option 82 data insertion 3

trusted interface 3

untrusted interface 3

untrusted messages 2

DHCP snooping binding database

adding bindings 12

binding entries, displaying 13

binding file

format 6

location 6

bindings 6

clearing agent statistics 13

configuration guidelines 9

configuring 12

default configuration 7, 8

deleting

binding file 12

bindings 13

database agent 12

described 6

displaying 13

displaying status and statistics 13

enabling 12

entry 6

renewing database 13

resetting

delay value 12

timeout value 12

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS 2

Differentiated Services Code Point 2

directed unicast requests 5

directories

changing 3

creating and removing 4

displaying the working 3

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration 7

default configuration 16

displaying the configuration 17

in IPv6 3

overview 15

setting up 16

support for 5

domain names

DNS 15

VTP 8

Domain Name System

See DNS

downloadable ACL 19, 20, 59

downloading

configuration files

preparing 10, 13, 16

reasons for 8

using FTP 13

using RCP 17

using TFTP 11

image files

deleting old image 27

preparing 25, 28, 32

reasons for 23

using CMS 2

using FTP 29

using HTTP 2, 23

using RCP 33

using TFTP 25

using the device manager or Network Assistant 23

DRP

support for 13

DSCP 12, 2

DSCP input queue threshold map for QoS 14

DSCP output queue threshold map for QoS 17

DSCP-to-CoS map for QoS 54

DSCP-to-DSCP-mutation map for QoS 55

DSCP transparency 36

DTP 8, 13

dual-action detection 5

dual IPv4 and IPv6 templates 5

dual protocol stacks

IPv4 and IPv6 5

SDM templates supporting 5

dual-purpose uplinks

defined 4

LEDs 4

link selection 4, 15

setting the type 15

dynamic access ports

characteristics 4

configuring 25

defined 3

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 1

ARP requests, described 1

ARP spoofing attack 1

clearing

log buffer 15

statistics 14

configuration guidelines 6

configuring

ACLs for non-DHCP environments 8

in DHCP environments 7

log buffer 12

rate limit for incoming ARP packets 4, 10

default configuration 5

denial-of-service attacks, preventing 10

described 1

DHCP snooping binding database 2

displaying

ARP ACLs 14

configuration and operating state 14

log buffer 15

statistics 14

trust state and rate limit 14

error-disabled state for exceeding rate limit 4

function of 2

interface trust states 3

log buffer

clearing 15

configuring 12

displaying 15

logging of dropped packets, described 4

man-in-the middle attack, described 2

network security issues and interface trust states 3

priority of ARP ACLs and DHCP snooping entries 4

rate limiting of ARP packets

configuring 10

described 4

error-disabled state 4

statistics

clearing 14

displaying 14

validation checks, performing 11

dynamic auto trunking mode 13

dynamic desirable trunking mode 13

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 23

reconfirming 26

troubleshooting 28

types of connections 25

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling 7

keystrokes used 7

wrapped lines 9

ELIN location 3

enable password 3

enable secret password 3

encryption, CipherSuite 46

encryption for passwords 3

environment variables, function of 19

error-disabled state, BPDU 2

error messages during command entry 5

EtherChannel

automatic creation of 4, 5

channel groups

binding physical and logical interfaces 3

numbering of 3

configuration guidelines 9

configuring Layer 2 interfaces 10

default configuration 9

described 2

displaying status 17

forwarding methods 7, 12

IEEE 802.3ad, described 5

interaction

with STP 10

with VLANs 10

LACP

described 5

displaying status 17

hot-standby ports 15

interaction with other features 6

modes 6

port priority 16

system priority 15

load balancing 7, 12

PAgP

aggregate-port learners 13

compatibility with Catalyst 1900 14

described 4

displaying status 17

interaction with other features 5

interaction with virtual switches 5

learn method and priority configuration 13

modes 4

support for 3

with dual-action detection 5

port-channel interfaces

described 3

numbering of 3

port groups 3

support for 3

EtherChannel guard

described 7

disabling 14

enabling 14

Ethernet VLANs

adding 7

defaults and ranges 7

modifying 7

EUI 3

events, RMON 3

examples

network configuration 17

expedite queue for QoS 67

Express Setup 2

See also getting started guide

extended crashinfo file 22

extended-range VLANs

configuration guidelines 11

configuring 10

creating 11

defined 1

extended system ID

MSTP 17

STP 4, 14

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 1

F

fa0 interface 6

Fast Convergence 3

features, incompatible 12

fiber-optic, detecting unidirectional links 1

files

basic crashinfo

description 22

location 22

copying 4

crashinfo, description 22

deleting 5

displaying the contents of 8

extended crashinfo

description 22

location 22

tar

creating 6

displaying the contents of 6

extracting 7

image file format 24

file system

displaying available file systems 2

displaying file information 3

local file system names 1

network file system names 4

setting the default 3

filtering

non-IP traffic 39

show and more command output 9

filtering show and more command output 9

filters, IP

See ACLs, IP

flash device, number of 1

flexible authentication ordering

configuring 62

overview 28

Flex Link Multicast Fast Convergence 3

Flex Links

configuration guidelines 8

configuring 9

configuring preferred VLAN 12

configuring VLAN load balancing 11

default configuration 8

description 2

link load balancing 2

monitoring 14

VLANs 2

flooded traffic, blocking 8

flow-based packet classification 12

flowcharts

QoS classification 6

QoS egress queueing and scheduling 16

QoS ingress queueing and scheduling 13

QoS policing and marking 10

flowcontrol

configuring 19

described 19

forward-delay time

MSTP 23

STP 21

FTP

accessing MIB files 3

configuration files

downloading 13

overview 12

preparing the server 13

uploading 14

image files

deleting old image 31

downloading 29

preparing the server 28

uploading 31

G

general query 5

Generating IGMP Reports 4

get-bulk-request operation 3

get-next-request operation 3, 4

get-request operation 3, 4

get-response operation 3

global configuration mode 2

global leave, IGMP 12

guest VLAN and 802.1x 20

guide mode 2

GUIs

See device manager and Network Assistant

H

hello time

MSTP 22

STP 20

help, for the command line 3

history

changing the buffer size 6

described 5

disabling 6

recalling commands 6

history table, level and number of syslog messages 10

host names, in clusters 12

hosts, limit on dynamic ports 28

HP OpenView 5

HSRP

automatic cluster recovery 11

cluster standby group considerations 10

See also clusters, cluster standby group, and standby command switch

HTTP over SSL

see HTTPS

HTTPS 44

configuring 48

self-signed certificate 45

HTTP secure server 44

I

ICMP

IPv6 3

time-exceeded messages 16

traceroute and 16

ICMP ping

executing 13

overview 13

ICMPv6 3

IDS appliances

and ingress RSPAN 20

and ingress SPAN 13

IEEE 802.1D

See STP

IEEE 802.1p 1

IEEE 802.1Q

and trunk ports 3

configuration limitations 14

encapsulation 13

native VLAN for untagged traffic 18

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3af

See PoE

IEEE 802.3x flow control 19

ifIndex values, SNMP 5

IFS 6

IGMP

configurable leave timer

described 5

enabling 10

flooded multicast traffic

controlling the length of time 11

disabling on an interface 12

global leave 12

query solicitation 12

recovering from flood mode 12

joining multicast group 3

join messages 3

leave processing, enabling 10, 9

leaving multicast group 5

queries 4

report suppression

described 6

disabling 15, 11

supported versions 2

support for 4

IGMP filtering

configuring 24

default configuration 24

described 23

monitoring 28

support for 4

IGMP groups

configuring filtering 27

setting the maximum number 26

IGMP Immediate Leave

configuration guidelines 10

described 5

enabling 10

IGMP profile

applying 25

configuration mode 24

configuring 25

IGMP snooping

and address aliasing 2

configuring 6

default configuration 6, 5, 6

definition 1

enabling and disabling 7, 6

global configuration 7

Immediate Leave 5

method 8

monitoring 15, 11

querier

configuration guidelines 13

configuring 13

supported versions 2

support for 4

VLAN configuration 7

IGMP throttling

configuring 27

default configuration 24

described 24

displaying action 28

Immediate Leave, IGMP 5

enabling 9

inaccessible authentication bypass 22

support for multiauth ports 23

initial configuration

defaults 14

Express Setup 2

interface

number 9

range macros 12

interface command9to 10

interface configuration mode 3

interfaces

auto-MDIX, configuring 20

configuration guidelines

duplex and speed 17

configuring

procedure 10

counters, clearing 28

default configuration 14

described 25

descriptive name, adding 25

displaying information about 27

flow control 19

management 4

monitoring 27

naming 25

physical, identifying 9

range of 10

restarting 28

shutting down 28

speed and duplex, configuring 18

status 27

supported 9

types of 1

interfaces range macro command 12

interface types 9

Internet Protocol version 6

See IPv6

Intrusion Detection System

See IDS appliances

inventory management TLV 3, 8

IOS shell

See Auto Smartports macros

IP ACLs

for QoS classification 7

implicit deny 25, 29

implicit masks 25

named 30

undefined 35

IP addresses

128-bit 2

candidate or member 3, 12

cluster access 2

command switch 3, 10, 12

discovering 30

IPv6 2

redundant clusters 10

standby command switch 10, 12

See also IP information

ip igmp profile command 24

IP information

assigned

manually 14

through DHCP-based autoconfiguration 3

default configuration 3

IP phones

and QoS 1

automatic classification and queueing 19

configuring 4

ensuring port security with QoS 35

trusted boundary for QoS 35

IP Port Security for Static Hosts

on a Layer 2 access port 17

IP precedence 2

IP-precedence-to-DSCP map for QoS 52

IP protocols in ACLs 27

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 1

IP SLAs

benefits 2

configuration guidelines 5

Control Protocol 4

default configuration 5

definition 1

measuring network performance 3

monitoring 6

operation 3

responder

described 4

enabling 6

response time 4

SNMP support 2

supported metrics 2

IP source guard

and 802.1x 16

and DHCP snooping 13

and EtherChannels 16

and port security 16

and private VLANs 16

and routed ports 15

and TCAM entries 16

and trunk interfaces 15

and VRF 16

binding configuration

automatic 13

manual 13

binding table 13

configuration guidelines 15

default configuration 15

described 13

disabling 17

displaying

active IP or MAC bindings 21

bindings 21

configuration 21

enabling 16, 17

filtering

source IP address 14

source IP and MAC address 14

source IP address filtering 14

source IP and MAC address filtering 14

static bindings

adding 16, 17

deleting 17

static hosts 17

IP traceroute

executing 17

overview 16

IPv4 ACLs

applying to interfaces 34

extended, creating 26

named 30

standard, creating 25

IPv4 and IPv6

dual protocol stacks 4

IPv6

addresses 2

address formats 2

applications 4

assigning address 6

autoconfiguration 4

configuring static routes 10

default configuration 6

defined 1

forwarding 6

ICMP 3

monitoring 11

neighbor discovery 3

SDM templates 1

Stateless Autoconfiguration 4

supported features 2

understanding static routes 5

J

join messages, IGMP 3

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 2

Layer 2 interfaces, default configuration 14

Layer 2 traceroute

and ARP 15

and CDP 15

broadcast traffic 14

described 14

IP addresses and subnets 15

MAC addresses and VLANs 15

multicast traffic 15

multiple devices on a port 15

unicast traffic 14

usage guidelines 15

Layer 3 features 13

Layer 3 interfaces

assigning IPv6 addresses to 7

Layer 3 packets, classification methods 2

Leaking IGMP Reports 4

LEDs, switch

See hardware installation guide

line configuration mode 3

Link Aggregation Control Protocol

See EtherChannel

link failure, detecting unidirectional 7

Link Layer Discovery Protocol

See CDP

link local unicast addresses 3

link redundancy

See Flex Links

links, unidirectional 1

link-state tracking

configuring 20

described 17

LLDP

configuring 5

characteristics 7

default configuration 5

enabling 6

monitoring and maintaining 11

overview 1

supported TLVs 2

switch stack considerations 2

transmission timer and holdtime, setting 7

LLDP-MED

configuring

procedures 5

TLVs 7

monitoring and maintaining 11

overview 1, 2

supported TLVs 2

LLDP Media Endpoint Discovery

See LLDP-MED

local SPAN 2

location TLV 3, 8

login authentication

with RADIUS 28

with TACACS+ 14

login banners 17

log messages

See system message logging

Long-Reach Ethernet (LRE) technology 19

loop guard

described 9

enabling 15

support for 8

LRE profiles, considerations in switch clusters 13

M

MAB

See MAC authentication bypass

MAB inactivity timer

default setting 33

range 35

MAC/PHY configuration status TLV 2

MAC addresses

aging time 21

and VLAN association 20

building the address table 20

default configuration 20

disabling learning on a VLAN 29

discovering 30

displaying 29

displaying in the IP source binding table 21

dynamic

learning 20

removing 21

in ACLs 39

static

adding 26

allowing 28, 29

characteristics of 26

dropping 28

removing 27

MAC address learning 5

MAC address learning, disabling on a VLAN 29

MAC address notification, support for 14

MAC address-table move update

configuration guidelines 8

configuring 12

default configuration 8

description 6

monitoring 14

MAC address-to-VLAN mapping 22

MAC authentication bypass 35

configuring 54

overview 16

MAC extended access lists

applying to Layer 2 interfaces 40

configuring for QoS 42

creating 39

defined 39

for QoS classification 5

macros

See Auto Smartports macros

See Smartports macros

magic packet 25

manageability features 5

management access

in-band

browser session 6

CLI session 6

device manager 6

SNMP 6

out-of-band console port connection 6

management address TLV 2

management options

CLI 1

clustering 3

Network Assistant 2

overview 4

management VLAN

considerations in switch clusters 7

discovery through different management VLANs 7

mapping tables for QoS

configuring

CoS-to-DSCP 51

DSCP 50

DSCP-to-CoS 54

DSCP-to-DSCP-mutation 55

IP-precedence-to-DSCP 52

policed-DSCP 53

described 10

marking

action with aggregate policers 48

described 4, 8

matching, IPv4 ACLs 23

maximum aging time

MSTP 23

STP 21

maximum hop count, MSTP 24

maximum number of allowed devices, port-based authentication 35

MDA

configuration guidelines 13

described 10, 12

exceptions with authentication process 6

Medianet

See Auto Smartports macros

membership mode, VLAN port 3

member switch

automatic discovery 4

defined 2

managing 14

passwords 12

recovering from lost connectivity 11

requirements 3

See also candidate switch, cluster standby group, and standby command switch

messages, to users through banners 17

MIBs

accessing files with FTP 3

location of files 3

overview 1

SNMP interaction with 4

supported 1

mirroring traffic for analysis 1

mismatches, autonegotiation 11

module number 9

monitoring

access groups 42

cables for unidirectional links 1

CDP 4

features 14

Flex Links 14

IGMP

filters 28

snooping 15, 11

interfaces 27

IP SLAs operations 6

IPv4 ACL configuration 42

IPv6 11

MAC address-table move update 14

multicast router interfaces 16, 11

MVR 23

network traffic for analysis with probe 2

port

blocking 18

protection 18

SFP status 27, 13

speed and duplex mode 18

traffic flowing among switches 1

traffic suppression 18

VLANs 12

VMPS 27

VTP 16

mrouter Port 3

mrouter port 5

MSTP

boundary ports

configuration guidelines 15

described 6

BPDU filtering

described 3

enabling 12

BPDU guard

described 2

enabling 11

CIST, described 3

CIST regional root 3

CIST root 5

configuration guidelines 14, 10

configuring

forward-delay time 23

hello time 22

link type for rapid convergence 24

maximum aging time 23

maximum hop count 24

MST region 15

neighbor type 25

path cost 20

port priority 19

root switch 17

secondary root switch 18

switch priority 21

CST

defined 3

operations between regions 3

default configuration 14

default optional feature configuration 9

displaying status 26

enabling the mode 15

EtherChannel guard

described 7

enabling 14

extended system ID

effects on root switch 17

effects on secondary root switch 18

unexpected behavior 17

IEEE 802.1s

implementation 6

port role naming change 6

terminology 5

instances supported 9

interface state, blocking to forwarding 2

interoperability and compatibility among modes 10

interoperability with IEEE 802.1D

described 8

restarting migration process 25

IST

defined 2

master 3

operations within a region 3

loop guard

described 9

enabling 15

mapping VLANs to MST instance 16

MST region

CIST 3

configuring 15

described 2

hop-count mechanism 5

IST 2

supported spanning-tree instances 2

optional features supported 8

overview 2

Port Fast

described 2

enabling 10

preventing root switch selection 8

root guard

described 8

enabling 15

root switch

configuring 17

effects of extended system ID 17

unexpected behavior 17

shutdown Port Fast-enabled port 2

status, displaying 26

multiauth

support for inaccessible authentication bypass 23

multiauth mode

See multiple-authentication mode

multicast groups

Immediate Leave 5

joining 3

leaving 5

static joins 9, 7

multicast router interfaces, monitoring 16, 11

multicast router ports, adding 9, 8

multicast storm 1

multicast storm-control command 4

multicast television application 17

multicast VLAN 16

Multicast VLAN Registration

See MVR

multidomain authentication

See MDA

multiple authentication 14

multiple authentication mode

configuring 41

MVR

and address aliasing 20

and IGMPv3 20

configuration guidelines 19

configuring interfaces 21

default configuration 19

described 16

example application 17

modes 20

monitoring 23

multicast television application 17

setting global parameters 20

support for 4

N

NAC

critical authentication 22, 51

IEEE 802.1x authentication using a RADIUS server 57

IEEE 802.1x validation using RADIUS server 57

inaccessible authentication bypass 51

Layer 2 IEEE 802.1x validation 11, 28, 57

named IPv4 ACLs 30

native VLAN

configuring 18

default 18

NEAT

configuring 58

overview 29

neighbor discovery, IPv6 3

Network Admission Control

See NAC

Network Assistant

benefits 2

described 4

downloading image files 2

guide mode 2

management options 2

upgrading a switch 23

wizards 2

network configuration examples

increasing network performance 18

long-distance, high-bandwidth transport 22

providing network services 18

server aggregation and Linux server cluster 20

small to medium-sized network 21

network design

performance 18

services 18

Network Edge Access Topology

See NEAT

network management

CDP 1

RMON 1

SNMP 1

network performance, measuring with IP SLAs 3

network policy TLV 2, 8

Network Time Protocol

See NTP

no commands 4

nonhierarchical policy maps

described 9

non-IP traffic filtering 39

nontrunking mode 13

normal-range VLANs 4

configuration guidelines 6

configuring 4

defined 1

NTP

associations

authenticating 4

defined 2

enabling broadcast messages 6

peer 5

server 5

default configuration 4

displaying the configuration 11

overview 2

restricting access

creating an access group 8

disabling NTP services per interface 10

source IP address, configuring 10

stratum 2

support for 6

synchronizing devices 5

time

services 2

synchronizing 2

O

off mode, VTP 3

open1x

configuring 63

open1x authentication

overview 29

optimizing system resources 1

options, management 4

out-of-profile markdown 13

P

packet modification, with QoS 18

PAgP

See EtherChannel

passwords

default configuration 2

disabling recovery of 5

encrypting 3

for security 9

in clusters 12

overview 1

recovery of 3

setting

enable 3

enable secret 3

Telnet 6

with usernames 6

VTP domain 9

path cost

MSTP 20

STP 18

PC (passive command switch) 9

performance, network design 18

performance features 3

persistent self-signed certificate 45

per-user ACLs and Filter-Ids 9

per-VLAN spanning-tree plus

See PVST+

physical ports 2

PIM-DVMRP, as snooping method 8

ping

character output description 14

executing 13

overview 13

PoE

auto mode 6

CDP with power consumption, described 4

CDP with power negotiation, described 4

Cisco intelligent power management 4

configuring 21

cutoff power

determining 7

cutoff-power

support for 7

devices supported 4

high-power devices operating in low-power mode 5

IEEE power classification levels 5

monitoring 7

monitoring power 24

policing power consumption 24

policing power usage 7

power budgeting 22

power consumption 8, 22

powered-device detection and initial power allocation 5

power management modes 6

power monitoring 7

power negotiation extensions to CDP 4

power sensing 7

standards supported 4

static mode 6

total available power 8

troubleshooting 11

policed-DSCP map for QoS 53

policers

configuring

for each matched traffic class 45

for more than one traffic class 48

described 4

displaying 68

number of 31

types of 9

policing

described 4

token-bucket algorithm 9

policy maps for QoS

characteristics of 45

described 7

displaying 69

nonhierarchical on physical ports

described 9

port ACLs, described 20

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 15

authentication server

defined 3, 2

RADIUS server 3

client, defined 3, 2

configuration guidelines 33, 9

configuring

802.1x authentication 39

guest VLAN 48

host mode 41

inaccessible authentication bypass 51

manual re-authentication of a client 44

periodic re-authentication 43

quiet period 44

RADIUS server 41, 13

RADIUS server parameters on the switch 40, 11

restricted VLAN 49

switch-to-client frame-retransmission number 45, 46

switch-to-client retransmission time 45

violation modes 38

default configuration 32, 9

described 1

device roles 3, 2

displaying statistics 64, 17

downloadable ACLs and redirect URLs

configuring59to61, ??to 62

overview19to 20

EAPOL-start frame 6

EAP-request/identity frame 6

EAP-response/identity frame 6

enabling

802.1X authentication 11

encapsulation 3

flexible authentication ordering

configuring 62

overview 28

guest VLAN

configuration guidelines 21, 22

described 20

host mode 12

inaccessible authentication bypass

configuring 51

described 22

guidelines 34

initiation and message exchange 6

magic packet 25

maximum number of allowed devices per port 35

method lists 39

multiple authentication 14

per-user ACLs

configuration tasks 19

described 18

RADIUS server attributes 18

ports

authorization state and dot1x port-control command 11

authorized and unauthorized 11

voice VLAN 24

port security

and voice VLAN 25

described 24

interactions 25

multiple-hosts mode 12

readiness check

configuring 35

described 16, 35

resetting to default values 64

statistics, displaying 64

switch

as proxy 3, 2

RADIUS client 3

switch supplicant

configuring 58

overview 29

user distribution

guidelines 27

overview 27

VLAN assignment

AAA authorization 39

characteristics 17

configuration tasks 17

described 16

voice aware 802.1x security

configuring 36

described 29, 36

voice VLAN

described 24

PVID 24

VVID 24

wake-on-LAN, described 25

with ACLs and RADIUS Filter-Id attribute 31

port-based authentication methods, supported 8

port blocking 3, 7

port-channel

See EtherChannel

port description TLV 2

Port Fast

described 2

enabling 10

mode, spanning tree 24

support for 8

port membership modes, VLAN 3

port priority

MSTP 19

STP 16

ports

access 2

blocking 7

dual-purpose uplink 4

dynamic access 4

protected 6

secure 8

static-access 3, 9

switch 2

trunks 3, 13

VLAN assignments 9

port security

aging 17

and QoS trusted boundary 35

configuring 12

default configuration 11

described 8

displaying 18

on trunk ports 14

sticky learning 9

violations 10

with other features 11

port-shutdown response, VMPS 23

port VLAN ID TLV 2

power management TLV 2, 8

Power over Ethernet

See PoE

preemption, default configuration 8

preemption delay, default configuration 8

preferential treatment of traffic

See QoS

preventing unauthorized access 1

primary links 2

priority

overriding CoS 6

trusting CoS 6

private VLAN edge ports

See protected ports

privileged EXEC mode 2

privilege levels

changing the default for lines 9

command switch 14

exiting 9

logging into 9

mapping on member switches 14

overview 2, 7

setting a command with 8

protected ports 9, 6

proxy reports 4

pruning, VTP

disabling

in VTP domain 15

on a port 18

enabling

in VTP domain 14

on a port 17

examples 6

overview 6

pruning-eligible list

changing 17

for VTP pruning 6

VLANs 15

PVST+

described 9

IEEE 802.1Q trunking interoperability 10

instances supported 9

Q

QoS

and MQC commands 1

auto-QoS

categorizing traffic 19

configuration and defaults display 27

configuration guidelines 24

described 19

disabling 25

displaying generated commands 25

displaying the initial configuration 27

effects on running configuration 24

egress queue defaults 20

enabling for VoIP 25

example configuration 26

ingress queue defaults 20

list of generated commands 21

basic model 4

classification

class maps, described 7

defined 4

DSCP transparency, described 36

flowchart 6

forwarding treatment 3

in frames and packets 3

IP ACLs, described 5, 7

MAC ACLs, described 5, 7

options for IP traffic 5

options for non-IP traffic 5

policy maps, described 7

trust DSCP, described 5

trusted CoS, described 5

trust IP precedence, described 5

class maps

configuring 43

displaying 68

configuration guidelines

auto-QoS 24

standard QoS 31

configuring

aggregate policers 48

auto-QoS 19

default port CoS value 34

DSCP maps 50

DSCP transparency 36

DSCP trust states bordering another domain 37

egress queue characteristics 60

ingress queue characteristics 56

IP extended ACLs 41

IP standard ACLs 40

MAC ACLs 42

port trust states within the domain 33

trusted boundary 35

default auto configuration 19

default standard configuration 28

displaying statistics 68

DSCP transparency 36

egress queues

allocating buffer space 61

buffer allocation scheme, described 16

configuring shaped weights for SRR 65

configuring shared weights for SRR 66

described 4

displaying the threshold map 64

flowchart 16

mapping DSCP or CoS values 63

scheduling, described 4

setting WTD thresholds 61

WTD, described 17

enabling globally 32

flowcharts

classification 6

egress queueing and scheduling 16

ingress queueing and scheduling 13

policing and marking 10

implicit deny 7

ingress queues

allocating bandwidth 58

allocating buffer space 58

buffer and bandwidth allocation, described 14

configuring shared weights for SRR 58

configuring the priority queue 59

described 4

displaying the threshold map 57

flowchart 13

mapping DSCP or CoS values 57

priority queue, described 14

scheduling, described 4

setting WTD thresholds 57

WTD, described 14

IP phones

automatic classification and queueing 19

detection and trusted settings 19, 35

limiting bandwidth on egress interface 67

mapping tables

CoS-to-DSCP 51

displaying 68

DSCP-to-CoS 54

DSCP-to-DSCP-mutation 55

IP-precedence-to-DSCP 52

policed-DSCP 53

types of 10

marked-down actions 47

marking, described 4, 8

overview 2

packet modification 18

policers

configuring 47, 49

described 8

displaying 68

number of 31

types of 9

policies, attaching to an interface 8

policing

described 4, 8

token bucket algorithm 9

policy maps

characteristics of 45

displaying 69

nonhierarchical on physical ports 45

QoS label, defined 4

queues

configuring egress characteristics 60

configuring ingress characteristics 56

high priority (expedite) 18, 67

location of 11

SRR, described 12

WTD, described 12

rewrites 18

support for 12

trust states

bordering another domain 37

described 5

trusted device 35

within the domain 33

quality of service

See QoS

queries, IGMP 4

query solicitation, IGMP 12

R

RADIUS

attributes

vendor-proprietary 36

vendor-specific 34

configuring

accounting 33

authentication 28

authorization 32

communication, global 26, 34

communication, per-server 26

multiple UDP ports 26

default configuration 26

defining AAA server groups 30

displaying the configuration 38

identifying the server 26

in clusters 13

limiting the services to the user 32

method list, defined 25

operation of 19

overview 18

server load balancing 38

suggested network environments 18

support for 11

tracking services accessed by user 33

RADIUS Change of Authorization 19

range

macro 12

of interfaces 11

rapid convergence 9

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 9

IEEE 802.1Q trunking interoperability 10

instances supported 9

Rapid Spanning Tree Protocol

See RSTP

rcommand command 14

RCP

configuration files

downloading 17

overview 15

preparing the server 16

uploading 18

image files

deleting old image 35

downloading 33

preparing the server 32

uploading 35

readiness check

port-based authentication

configuring 35

described 16, 35

reconfirmation interval, VMPS, changing 26

reconfirming dynamic VLAN membership 26

recovery procedures 1

redirect URL 19, 59

redundancy

EtherChannel 3

STP

backbone 8

path cost 21

port priority 19

redundant links and UplinkFast 13

reloading software 20

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 2

report suppression, IGMP

described 6

disabling 15, 11

resequencing ACL entries 30

reserved addresses in DHCP pools 22

resetting a UDLD-shutdown interface 6

responder, IP SLAs

described 4

enabling 6

response time, measuring with IP SLAs 4

restricted VLAN

configuring 49

described 21

using with IEEE 802.1x 21

restricting access

NTP services 8

overview 1

passwords and privilege levels 2

RADIUS 17

TACACS+ 10

retry count, VMPS, changing 27

RFC

1112, IP multicast and IGMP 2

1157, SNMPv1 2

1305, NTP 2

1757, RMON 2

1901, SNMPv2C 2

1902 to 1907, SNMPv2 2

2236, IP multicast and IGMP 2

2273-2275, SNMPv3 2

RFC 5176 Compliance 20

RMON

default configuration 3

displaying status 6

enabling alarms and events 3

groups supported 2

overview 1

statistics

collecting group Ethernet 5

collecting group history 5

support for 14

root guard

described 8

enabling 15

support for 8

root switch

MSTP 17

STP 14

RSPAN

characteristics 7

configuration guidelines 16

default configuration 9

defined 2

destination ports 6

displaying status 23

interaction with other features 8

monitored ports 5

monitoring ports 6

overview 14, 1

received traffic 4

sessions

creating 17

defined 3

limiting source traffic to specific VLANs 22

specifying monitored ports 17

with ingress traffic enabled 20

source ports 5

transmitted traffic 5

VLAN-based 6

RSTP

active topology 9

BPDU

format 12

processing 12

designated port, defined 9

designated switch, defined 9

interoperability with IEEE 802.1D

described 8

restarting migration process 25

topology changes 13

overview 8

port roles

described 9

synchronized 11

proposal-agreement handshake process 10

rapid convergence

described 9

edge ports and Port Fast 9

point-to-point links 10, 24

root ports 10

root port, defined 9

See also MSTP

running configuration

replacing 19, 20

rolling back 19, 20

running configuration, saving 15

S

SC (standby command switch) 9

scheduled reloads 20

SCP

and SSH 51

configuring 51

SDM

templates

configuring 3

number of 1

SDM template

configuration guidelines 2

configuring 2

types of 1

Secure Copy Protocol

secure HTTP client

configuring 49

displaying 50

secure HTTP server

configuring 48

displaying 50

secure MAC addresses

deleting 16

maximum number of 10

types of 9

secure ports, configuring 8

secure remote connections 40

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 8

security features 9

See SCP

sequence numbers in log messages 8

server mode, VTP 3

service-provider network, MSTP and RSTP 1

set-request operation 4

setup program

failed command switch replacement 9

replacing failed command switch 8

severity levels, defining in system messages 8

SFPs

monitoring status of 27, 13

security and identification 12

status, displaying 13

shaped round robin

See SRR

Shell functions

See Auto Smartports macros

Shell triggers

See Auto Smartports macros

show access-lists hw-summary command 36

show and more command output, filtering 9

show cdp traffic command 5

show cluster members command 14

show configuration command 25

show forward command 20

show interfaces command 18, 25

show interfaces switchport 4

show lldp traffic command 12

show platform forward command 20

show running-config command

displaying ACLs 34, 35

interface description in 25

shutdown command on interfaces 28

Simple Network Management Protocol

See SNMP

small-frame arrival rate, configuring 5

Smartports macros

applying Cisco-default macros 18

applying global parameter values 18

configuration guidelines 17

default configuration 17

defined 1

displaying 19

tracing 17

SNAP 1

SNMP

accessing MIB variables with 4

agent

described 4

disabling 7

and IP SLAs 2

authentication level 10

community strings

configuring 8

for cluster switches 4

overview 4

configuration examples 17

default configuration 6

engine ID 7

groups 7, 9

host 7

ifIndex values 5

in-band management 6

in clusters 13

informs

and trap keyword 11

described 5

differences from traps 5

disabling 15

enabling 15

limiting access by TFTP servers 16

limiting system log messages to NMS 10

manager functions 5, 3

managing clusters with 14

MIBs

location of 3

supported 1

notifications 5

overview 1, 4

security levels 3

setting CPU threshold notification 15

status, displaying 18

system contact and location 16

trap manager, configuring 13

traps

described 3, 5

differences from informs 5

disabling 15

enabling 11

enabling MAC address notification 21, 23, 25

overview 1, 4

types of 12

users 7, 9

versions supported 2

SNMP and Syslog Over IPv6 5

SNMPv1 2

SNMPv2C 2

SNMPv3 2

snooping, IGMP 1

software images

location in flash 23

recovery procedures 2

scheduling reloads 20

tar file format, described 24

See also downloading and uploading

source addresses

in IPv4 ACLs 27

source-and-destination-IP address based forwarding, EtherChannel 7

source-and-destination MAC address forwarding, EtherChannel 7

source-IP address based forwarding, EtherChannel 7

source-MAC address forwarding, EtherChannel 7

SPAN

configuration guidelines 10

default configuration 9

destination ports 6

displaying status 23

interaction with other features 8

monitored ports 5

monitoring ports 6

overview 14, 1

ports, restrictions 12

received traffic 4

sessions

configuring ingress forwarding 14, 21

creating 10

defined 3

limiting source traffic to specific VLANs 15

removing destination (monitoring) ports 12

specifying monitored ports 10

with ingress traffic enabled 13

source ports 5

transmitted traffic 5

VLAN-based 6

spanning tree and native VLANs 14

Spanning Tree Protocol

See STP

SPAN traffic 4

SRR

configuring

shaped weights on egress queues 65

shared weights on egress queues 66

shared weights on ingress queues 58

described 12

shaped mode 13

shared mode 13

support for 13

SSH

configuring 41

cryptographic software image 39

described 6, 40

encryption methods 40

user authentication methods, supported 40

SSL

configuration guidelines 47

configuring a secure HTTP client 49

configuring a secure HTTP server 48

cryptographic software image 44

described 44

monitoring 50

standby command switch

configuring

considerations 10

defined 2

priority 9

requirements 3

virtual IP address 10

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

standby links 2

startup configuration

booting

manually 17

specific image 18

clearing 19

configuration file

automatically downloading 16

specifying the filename 16

default boot configuration 16

static access ports

assigning to VLAN 9

defined 3

static addresses

See addresses

static MAC addressing 9

static routes

configuring for IPv6 10

understanding 5

static VLAN membership 2

statistics

802.1X 17

802.1x 64

CDP 4

interface 27

LLDP 11

LLDP-MED 11

NMSP 11

QoS ingress and egress 68

RMON group Ethernet 5

RMON group history 5

SNMP input and output 18

VTP 16

sticky learning 9

storm control

configuring 3

described 1

disabling 5

displaying 18

support for 3

thresholds 1

STP

accelerating root port selection 4

BackboneFast

described 5

disabling 14

enabling 13

BPDU filtering

described 3

disabling 12

enabling 12

BPDU guard

described 2

disabling 12

enabling 11

BPDU message exchange 3

configuration guidelines 12, 10

configuring

forward-delay time 21

hello time 20

maximum aging time 21

path cost 18

port priority 16

root switch 14

secondary root switch 16

spanning-tree mode 13

switch priority 19

transmit hold-count 22

counters, clearing 22

default configuration 11

default optional feature configuration 9

designated port, defined 3

designated switch, defined 3

detecting indirect link failures 5

disabling 14

displaying status 22

EtherChannel guard

described 7

disabling 14

enabling 14

extended system ID

effects on root switch 14

effects on the secondary root switch 16

overview 4

unexpected behavior 14

features supported 7

IEEE 802.1D and bridge ID 4

IEEE 802.1D and multicast addresses 8

IEEE 802.1t and VLAN identifier 4

inferior BPDU 3

instances supported 9

interface state, blocking to forwarding 2

interface states

blocking 5

disabled 7

forwarding 5, 6

learning 6

listening 6

overview 4

interoperability and compatibility among modes 10

limitations with IEEE 802.1Q trunks 10

load sharing

overview 19

using path costs 21

using port priorities 19

loop guard

described 9

enabling 15

modes supported 9

multicast addresses, effect of 8

optional features supported 8

overview 2

path costs 21

Port Fast

described 2

enabling 10

port priorities 20

preventing root switch selection 8

protocols supported 9

redundant connectivity 8

root guard

described 8

enabling 15

root port, defined 3

root switch

configuring 14

effects of extended system ID 4, 14

election 3

unexpected behavior 14

shutdown Port Fast-enabled port 2

status, displaying 22

superior BPDU 3

timers, described 20

UplinkFast

described 3

enabling 13

stratum, NTP 2

success response, VMPS 23

summer time 13

SunNet Manager 5

supported port-based authentication methods 8

Smartports macros

See also Auto Smartports macros

switch 2

switch clustering technology 1

See also clusters, switch

switch console port 6

Switch Database Management

See SDM

Switched Port Analyzer

See SPAN

switched ports 2

switchport backup interface 4, 5

switchport block multicast command 8

switchport block unicast command 8

switchport protected command 7

switch priority

MSTP 21

STP 19

switch software features 1

syslog

See system message logging

system capabilities TLV 2

system clock

configuring

daylight saving time 13

manually 11

summer time 13

time zones 12

displaying the time and date 12

overview 1

See also NTP

system description TLV 2

system message logging

default configuration 3

defining error message severity levels 8

disabling 4

displaying the configuration 13

enabling 4

facility keywords, described 13

level keywords, described 9

limiting messages 10

message format 2

overview 1

sequence numbers, enabling and disabling 8

setting the display destination device 5

synchronizing log messages 6

syslog facility 14

time stamps, enabling and disabling 7

UNIX syslog servers

configuring the daemon 12

configuring the logging facility 12

facilities supported 13

system name

default configuration 15

default setting 15

manual configuration 15

See also DNS

system name TLV 2

system prompt, default setting 14, 15

system resources, optimizing 1

T

TACACS+

accounting, defined 11

authentication, defined 11

authorization, defined 11

configuring

accounting 17

authentication key 13

authorization 16

login authentication 14

default configuration 13

displaying the configuration 17

identifying the server 13

in clusters 13

limiting the services to the user 16

operation of 12

overview 10

support for 11

tracking services accessed by user 17

tar files

creating 6

displaying the contents of 6

extracting 7

image file format 24

TDR 14

Telnet

accessing management interfaces 10

number of connections 6

setting a password 6

temporary self-signed certificate 45

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 6

TFTP

configuration files

downloading 11

preparing the server 10

uploading 11

configuration files in base directory 7

configuring for autoconfiguration 7

image files

deleting 27

downloading 25

preparing the server 25

uploading 27

limiting access by servers 16

TFTP server 5

threshold, traffic level 2

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32

time ranges in ACLs 32

time stamps in log messages 7

time zones 12

TLVs

defined 1

LLDP 2

LLDP-MED 2

Token Ring VLANs

support for 5

VTP support 4

ToS 12

traceroute, Layer 2

and ARP 15

and CDP 15

broadcast traffic 14

described 14

IP addresses and subnets 15

MAC addresses and VLANs 15

multicast traffic 15

multiple devices on a port 15

unicast traffic 14

usage guidelines 15

traceroute command 17

See also IP traceroute

traffic

blocking flooded 8

fragmented 21

unfragmented 21

traffic policing 13

traffic suppression 1

transmit hold-count

see STP

transparent mode, VTP 3

trap-door mechanism 2

traps

configuring MAC address notification 21, 23, 25

configuring managers 11

defined 3

enabling 21, 23, 25, 11

notification types 12

overview 1, 4

troubleshooting

connectivity problems 13, 14, 16

CPU utilization 23

detecting unidirectional links 1

displaying crash information 22

setting packet forwarding 20

SFP security and identification 12

show forward command 20

with CiscoWorks 4

with debug commands 18

with ping 13

with system message logging 1

with traceroute 16

trunk failover

See link-state tracking

trunking encapsulation 8

trunk ports

configuring 15

defined 3

trunks

allowed-VLAN list 16

load sharing

setting STP path costs 21

using STP port priorities 19, 20

native VLAN for untagged traffic 18

parallel 21

pruning-eligible list 17

to non-DTP device 13

trusted boundary for QoS 35

trusted port states

between QoS domains 37

classification options 5

ensuring port security for IP phones 35

support for 12

within a QoS domain 33

trustpoints, CA 44

twisted-pair Ethernet, detecting unidirectional links 1

type of service

See ToS

U

UDLD

configuration guidelines 4

default configuration 4

disabling

globally 5

on fiber-optic interfaces 5

per interface 5

echoing detection mechanism 2

enabling

globally 5

per interface 5

link-detection mechanism 1

neighbor database 2

overview 1

resetting an interface 6

status, displaying 6

support for 7

unauthorized ports with IEEE 802.1x 11

unicast MAC address filtering 5

and adding static addresses 27

and broadcast MAC addresses 27

and CPU packets 27

and multicast addresses 27

and router MAC addresses 27

configuration guidelines 27

described 27

unicast storm 1

unicast storm control command 4

unicast traffic, blocking 8

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 12

facilities supported 13

message logging configuration 12

unrecognized Type-Length-Value (TLV) support 4

upgrading a Catalyst 2950 switch

configuration compatibility issues 1

differences in configuration commands 1

feature behavior incompatibilities 5

incompatible command messages 1

recommendations 1

upgrading software images

See downloading

UplinkFast

described 3

disabling 13

enabling 13

support for 7

uploading

configuration files

preparing 10, 13, 16

reasons for 8

using FTP 14

using RCP 18

using TFTP 11

image files

preparing 25, 28, 32

reasons for 23

using FTP 31

using RCP 35

using TFTP 27

user EXEC mode 2

username-based authentication 6

V

version-dependent transparent mode 4

virtual IP address

cluster standby group 10

command switch 10

virtual switches and PAgP 5

vlan.dat file 4

VLAN 1, disabling on a trunk port 17

VLAN 1 minimization 16

vlan-assignment response, VMPS 23

VLAN configuration

at bootup 7

saving 7

VLAN configuration mode 2

VLAN database

and startup configuration file 7

and VTP 1

VLAN configuration saved in 6

VLANs saved in 4

VLAN filtering and SPAN 6

vlan global configuration command 6

VLAN ID, discovering 30

VLAN load balancing on flex links 2

configuration guidelines 8

VLAN management domain 2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming 26

modes 3

VLAN Query Protocol

See VQP

VLANs

adding 7

adding to VLAN database 7

aging dynamic addresses 9

allowed on trunk 16

and spanning-tree instances 3, 6, 11

configuration guidelines, extended-range VLANs 11

configuration guidelines, normal-range VLANs 6

configuring 1

configuring IDs 1006 to 4094 11

creating 8

default configuration 7

deleting 9

described 2, 1

displaying 12

extended-range 1, 10

features 8

illustrated 2

limiting source traffic with RSPAN 22

limiting source traffic with SPAN 15

modifying 7

multicast 16

native, configuring 18

normal-range 1, 4

number supported 8

parameters 5

port membership modes 3

static-access ports 9

STP and IEEE 802.1Q trunks 10

supported 2

Token Ring 5

traffic between 2

VTP modes 3

VLAN Trunking Protocol

See VTP

VLAN trunks 13

VMPS

administering 27

configuration example 28

configuration guidelines 24

default configuration 24

description 22

dynamic port membership

described 23

reconfirming 26

troubleshooting 28

entering server address 25

mapping MAC addresses to VLANs 22

monitoring 27

reconfirmation interval, changing 26

reconfirming membership 26

retry count, changing 27

voice aware 802.1x security

port-based authentication

configuring 36

described 29, 36

voice-over-IP 1

voice VLAN

Cisco 7960 phone, port connections 1

configuration guidelines 3

configuring IP phones for data traffic

override CoS of incoming frame 6

trust CoS priority of incoming frame 6

configuring ports for voice traffic in

802.1p priority tagged frames 5

802.1Q frames 5

connecting to an IP phone 4

default configuration 3

described 1

displaying 7

IP phone data traffic, described 2

IP phone voice traffic, described 2

VQP 8, 22

VTP

adding a client to a domain 15

advertisements 15, 4

and extended-range VLANs 2

and normal-range VLANs 2

client mode, configuring 12

configuration

guidelines 8

requirements 10

saving 8

configuration requirements 10

configuration revision number

guideline 15

resetting 16

consistency checks 5

default configuration 8

described 1

domain names 8

domains 2

modes

client 3

off 3

server 3

transitions 3

transparent 3

monitoring 16

passwords 9

pruning

disabling 15

enabling 14

examples 6

overview 6

support for 8

pruning-eligible list, changing 17

server mode, configuring 10, 13

statistics 16

support for 8

Token Ring support 4

transparent mode, configuring 10

using 1

Version

enabling 13

version, guidelines 9

Version 1 4

Version 2

configuration guidelines 9

overview 4

Version 3

overview 5

W

web authentication 16

configuring16to ??

described 9

web-based authentication

customizeable web pages 6

description 1

web-based authentication, interactions with other features 7

weighted tail drop

See WTD

wired location service

configuring 10

displaying 11

location TLV 3

understanding 3

wizards 2

WTD

described 12

setting thresholds

egress queue-sets 61

ingress queues 57

support for 13

X

Xmodem protocol 2