Catalyst 2960 and 2960-S Software Configuration Guide, 12.2(53)SE1
Index
Downloads: This chapterpdf (PDF - 1.47MB) The complete bookPDF (PDF - 16.51MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

abbreviating commands 4

AC (command switch) 10

access-class command 18

access control entries

See ACEs

access-denied response, VMPS 24

access groups, applying IPv4 ACLs to interfaces 19

accessing

clusters, switch 13

command switches 11

member switches 13

switch clusters 13

accessing stack members 22

access lists

See ACLs

access ports

in switch clusters 9

access ports, defined 3

accounting

with 802.1x 48

with IEEE 802.1x 15

with RADIUS 35

with TACACS+ 11, 17

ACEs

and QoS 8

defined 2

Ethernet 2

IP 2

ACLs

ACEs 2

any keyword 11

applying

time ranges to 15

to an interface 18

to QoS 8

classifying traffic for QoS 43

comments in 17

compiling 21

defined 2, 7

examples of 21, 43

extended IP, configuring for QoS classification 44

extended IPv4

creating 9

matching criteria 7

hardware and software handling 19

host keyword 11

IP

creating 7

fragments and QoS guidelines 34

implicit deny 9, 13, 15

implicit masks 9

matching criteria 7

undefined 19

IPv4

applying to interfaces 18

creating 7

matching criteria 7

named 13

numbers 7

terminal lines, setting on 18

unsupported features 6

MAC extended 23, 45

matching 7, 19

monitoring 25

named, IPv4 13

number per QoS class map 34

QoS 8, 43

resequencing entries 13

standard IP, configuring for QoS classification 43

standard IPv4

creating 8

matching criteria 7

support for 10

support in hardware 19

time ranges 15

unsupported features, IPv4 6

active link 4, 5, 6

active links 2

active traffic monitoring, IP SLAs 1

address aliasing 2

addresses

displaying the MAC address table 30

dynamic

accelerated aging 9

changing the aging time 22

default aging 9

defined 20

learning 21

removing 23

IPv6 2

MAC, discovering 31

multicast, STP address management 9

static

adding and removing 27

defined 20

address resolution 31

Address Resolution Protocol

See ARP

advertisements

CDP 1

LLDP 2

VTP 16, 3, 4

aggregatable global unicast addresses 3

aggregated ports

See EtherChannel

aggregate policers 52

aggregate policing 13

aging, accelerating 9

aging time

accelerated

for MSTP 25

for STP 9, 23

MAC address table 22

maximum

for MSTP 26

for STP 23, 24

alarms, RMON 4

allowed-VLAN list 18

ARP

defined 6, 31

table

address resolution 31

managing 31

attributes, RADIUS

vendor-proprietary 38

vendor-specific 36

attribute-value pairs 13, 16, 20

authentication

local mode with AAA 40

NTP associations 6

open1x 30

RADIUS

key 28

login 30

TACACS+

defined 11

key 13

login 14

See also port-based authentication

authentication compatibility with Catalyst 6000 switches 9

authentication failed VLAN

See restricted VLAN

authentication manager

CLI commands 10

compatibility with older 802.1x CLI commands10to ??

overview 8

authoritative time source, described 3

authorization

with RADIUS 34

with TACACS+ 11, 16

authorized ports with IEEE 802.1x 11

autoconfiguration 4

auto enablement 31

automatic advise (auto-advise) in switch stacks 11

automatic copy (auto-copy) in switch stacks 11

automatic discovery

considerations

beyond a noncandidate device 8

brand new switches 9

connectivity 5

different VLANs 7

management VLANs 8

non-CDP-capable devices 7

noncluster-capable devices 7

in switch clusters 5

See also CDP

automatic extraction (auto-extract) in switch stacks 11

automatic QoS

See QoS

automatic recovery, clusters 10

See also HSRP

automatic upgrades (auto-upgrade) in switch stacks 11

auto-MDIX

configuring 29

described 29

autonegotiation

duplex mode 4

interface configuration guidelines 26

mismatches 13

autosensing, port speed 4

Auto Smartports macros

built-in macros 3, 9

Cisco Medianet 2

configuration guidelines 4

default configuration 3

defined 1

displaying 20

enabling 5, 8

event triggers 12

IOS shell 1, 15

LLDP 2

mapping 9

user-defined macros 15

See also Smartports macros

auxiliary VLAN

See voice VLAN

availability, features 8

B

BackboneFast

described 7

disabling 17

enabling 17

support for 8

backup interfaces

See Flex Links

backup links 2

banners

configuring

login 20

message-of-the-day login 19

default configuration 18

when displayed 18

Berkeley r-tools replacement 53

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 7

IP source guard 15

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 8

booting

boot loader, function of 2

boot process 2

manually 19

specific image 20

boot loader

accessing 21

described 2

environment variables 21

prompt 21

trap-door mechanism 2

BPDU

error-disabled state 3

filtering 3

RSTP format 13

BPDU filtering

described 3

disabling 15

enabling 15

support for 8

BPDU guard

described 2

disabling 14

enabling 14

support for 8

bridge protocol data unit

See BPDU

broadcast storm-control command 4

broadcast storms 2

C

cables, monitoring for unidirectional links 1

candidate switch

automatic discovery 5

defined 4

requirements 4

See also command switch, cluster standby group, and member switch

Catalyst 6000 switches

authentication compatibility 9

CA trustpoint

configuring 50

defined 47

CDP

and trusted boundary 38

automatic discovery in switch clusters 5

configuring 2

default configuration 2

defined with LLDP 1

described 1

disabling for routing device 4

enabling and disabling

on an interface 4

on a switch 4

monitoring 5

overview 1

power negotiation extensions 5

support for 6

switch stack considerations 2

transmission timer and holdtime, setting 3

updates 3

CGMP

as IGMP snooping learning method 9

joining multicast group 3

CipherSuites 48

Cisco 7960 IP Phone 1

Cisco Discovery Protocol

See CDP

Cisco intelligent power management 5

Cisco IOS File System

See IFS

Cisco IOS IP Service Level Agreements (SLAs) responder 5

Cisco IOS IP SLAs 2

Cisco Medianet

See Auto Smartports macros

Cisco Secure ACS

attribute-value pairs for downloadable ACLs 20

attribute-value pairs for redirect URL 20

Cisco Secure ACS configuration guide 60

CiscoWorks 2000 5

CISP 31

CIST regional root

See MSTP

CIST root

See MSTP

civic location 3

class maps for QoS

configuring 46

described 8

displaying 73

class of service

See CoS

clearing interfaces 38

CLI

abbreviating commands 4

command modes 1

configuration logging 5

described 5

editing features

enabling and disabling 7

keystroke editing 8

wrapped lines 9

error messages 5

filtering command output 10

getting help 3

history

changing the buffer size 6

described 6

disabling 7

recalling commands 6

managing clusters 17

no and default forms of commands 4

Client Information Signalling Protocol

See CISP

client mode, VTP 3

clock

See system clock

clusters, switch

accessing 13

automatic discovery 5

automatic recovery 10

benefits 2

compatibility 5

described 1

LRE profile considerations 16

managing

through CLI 17

through SNMP 18

planning 5

planning considerations

automatic discovery 5

automatic recovery 10

CLI 17

host names 14

IP addresses 13

LRE profiles 16

passwords 14

RADIUS 16

SNMP 14, 18

switch stacks 15

TACACS+ 16

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

automatic recovery 13

considerations 11

defined 2

requirements 3

virtual IP address 11

See also HSRP

CNS 6

Configuration Engine

configID, deviceID, hostname 3

configuration service 2

described 1

event service 3

embedded agents

described 5

enabling automated configuration 6

enabling configuration agent 9

enabling event agent 7

management functions 5

CoA Request Commands 23

Coarse Wave Division Multiplexer

See CWDM SFPs

command-line interface

See CLI

command modes 1

commands

abbreviating 4

no and default 4

commands, setting privilege levels 8

command switch

accessing 11

active (AC) 10

configuration conflicts 12

defined 2

passive (PC) 10

password privilege levels 17

priority 10

recovery

from command-switch failure 10, 9

from lost member connectivity 12

redundant 10

replacing

with another switch 11

with cluster member 9

requirements 3

standby (SC) 10

See also candidate switch, cluster standby group, member switch, and standby command switch

community strings

configuring 14, 8

for cluster switches 4

in clusters 14

overview 4

SNMP 14

compatibility, feature 13

compatibility, software

See stacks, switch

config.text 17

configurable leave timer, IGMP 6

configuration, initial

defaults 16

Express Setup 2

configuration changes, logging 11

configuration conflicts, recovering from lost member connectivity 12

configuration examples, network 18

configuration files

archiving 21

clearing the startup configuration 20

creating using a text editor 11

default name 17

deleting a stored configuration 20

described 9

downloading

automatically 18

preparing 11, 14, 17

reasons for 9

using FTP 14

using RCP 18

using TFTP 12

guidelines for creating and using 10

guidelines for replacing and rolling back 22

invalid combinations when copying 5

limiting TFTP server access 17

obtaining with DHCP 9

password recovery disable considerations 5

replacing a running configuration 20, 21

rolling back a running configuration 20, 22

specifying the filename 18

system contact and location information 17

types and location 10

uploading

preparing 11, 14, 17

reasons for 9

using FTP 16

using RCP 19

using TFTP 13

configuration logger 11

configuration logging 5

configuration replacement 20

configuration rollback 20, 21

configuration settings, saving 16

configure terminal command 16

configuring 802.1x user distribution 56

configuring port-based authentication violation modes 39

configuring small-frame arrival rate 5

config-vlan mode 2

conflicts, configuration 12

connections, secure remote 42

connectivity problems 15, 16, 18

consistency checks in VTP Version 2 5

console port, connecting to 11

control protocol, IP SLAs 4

corrupted software, recovery steps with Xmodem 2

CoS

in Layer 2 frames 2

override priority 6

trust priority 6

CoS input queue threshold map for QoS 16

CoS output queue threshold map for QoS 19

CoS-to-DSCP map for QoS 55

counters, clearing interface 38

CPU utilization, troubleshooting 27

crashinfo file 24

critical authentication, IEEE 802.1x 52

critical VLAN 23

cross-stack EtherChannel

configuration guidelines 13

described 3

illustration 4

support for 8

cross-stack UplinkFast, STP

described 5

disabling 17

enabling 17

fast-convergence events 7

Fast Uplink Transition Protocol 6

normal-convergence events 7

support for 8

cryptographic software image

SSH 41

SSL 46

switch stack considerations 15

customjzeable web pages, web-based authentication 6

CWDM SFPs 23

D

DACL

See downloadable ACL

daylight saving time 14

debugging

enabling all system diagnostics 22

enabling for a specific feature 21

redirecting error message output 22

using commands 21

default commands 4

default configuration

802.1x 33

auto-QoS 21

banners 18

booting 17

CDP 2

DHCP 9

DHCP option 82 9

DHCP snooping 9

DHCP snooping binding database 9

DNS 17

dynamic ARP inspection 5

EtherChannel 11

Ethernet interfaces 23

Flex Links 8

IGMP filtering 26

IGMP snooping 7, 6

IGMP throttling 26

initial switch information 3

IP SLAs 5

IP source guard 17

IPv6 7

Layer 2 interfaces 23

LLDP 5

MAC address table 22

MAC address-table move update 8

MSTP 16

MVR 21

NTP 5

optional spanning-tree configuration 12

password and privilege level 3

RADIUS 27

RMON 3

RSPAN 11

SDM template 2

SNMP 7

SPAN 11

SSL 49

standard QoS 31

STP 13

switch stacks 17

system message logging 4

system name and prompt 16

TACACS+ 13

UDLD 4

VLAN, Layer 2 Ethernet interfaces 15

VLANs 7

VMPS 25

voice VLAN 3

VTP 9

default gateway 15

default web-based authentication configuration

802.1X 9

deleting VLANs 9

denial-of-service attack 2

description command 35

designing your network, examples 18

destination addresses

in IPv4 ACLs 10

destination-IP address-based forwarding, EtherChannel 9

destination-MAC address forwarding, EtherChannel 9

detecting indirect link failures, STP 8

device 25

device discovery protocol 1

device manager

benefits 2

described 2, 5

in-band management 6

upgrading a switch 25

DHCP

enabling

relay agent 11

DHCP-based autoconfiguration

client request message exchange 4

configuring

client side 4

DNS 8

relay device 9

server side 7

TFTP server 8

example 10

lease options

for IP address information 7

for receiving the configuration file 7

overview 4

relationship to BOOTP 4

relay support 6

support for 6

DHCP-based autoconfiguration and image update

configuring12to 15

understanding5to 6

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption 5

configuration guidelines 9

default configuration 9

displaying 14

overview 4

packet format, suboption

circuit ID 5

remote ID 5

remote ID suboption 5

DHCP server port-based address allocation

configuration guidelines 24

default configuration 24

described 23

displaying 26

enabling 24

reserved addresses 24

DHCP server port-based address assignment

support for 6

DHCP snooping

accepting untrusted packets form edge switch 3, 12

binding database

See DHCP snooping binding database

configuration guidelines 9

default configuration 9

displaying binding tables 14

message exchange process 4

option 82 data insertion 4

trusted interface 3

untrusted interface 3

untrusted messages 3

DHCP snooping binding database

adding bindings 13

binding entries, displaying 14

binding file

format 7

location 7

bindings 7

clearing agent statistics 14

configuration guidelines 10

configuring 13

default configuration 9

deleting

binding file 14

bindings 14

database agent 14

described 7

displaying 14

displaying status and statistics 14

enabling 13

entry 7

renewing database 14

resetting

delay value 14

timeout value 14

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS 2

Differentiated Services Code Point 2

directed unicast requests 6

directories

changing 4

creating and removing 4

displaying the working 4

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration 8

default configuration 17

displaying the configuration 18

in IPv6 3

overview 16

setting up 17

support for 6

domain names

DNS 16

VTP 10

Domain Name System

See DNS

downloadable ACL 19, 20, 60

downloading

configuration files

preparing 11, 14, 17

reasons for 9

using FTP 14

using RCP 18

using TFTP 12

image files

deleting old image 29

preparing 27, 31, 35

reasons for 25

using CMS 2

using FTP 32

using HTTP 2, 25

using RCP 36

using TFTP 28

using the device manager or Network Assistant 25

DRP

support for 14

DSCP 13, 2

DSCP input queue threshold map for QoS 16

DSCP output queue threshold map for QoS 19

DSCP-to-CoS map for QoS 58

DSCP-to-DSCP-mutation map for QoS 59

DSCP transparency 39

DTP 9, 14

dual-action detection 6

dual IPv4 and IPv6 templates 5

dual protocol stacks

IPv4 and IPv6 5

SDM templates supporting 5

dual-purpose uplinks

defined 4

LEDs 4

link selection 4, 24

setting the type 24

dynamic access ports

characteristics 4

configuring 27

defined 3

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 1

ARP requests, described 1

ARP spoofing attack 1

clearing

log buffer 16

statistics 16

configuration guidelines 6

configuring

ACLs for non-DHCP environments 9

in DHCP environments 7

log buffer 13

rate limit for incoming ARP packets 4, 11

default configuration 5

denial-of-service attacks, preventing 11

described 1

DHCP snooping binding database 2

displaying

ARP ACLs 15

configuration and operating state 15

log buffer 16

statistics 16

trust state and rate limit 15

error-disabled state for exceeding rate limit 4

function of 2

interface trust states 3

log buffer

clearing 16

configuring 13

displaying 16

logging of dropped packets, described 5

man-in-the middle attack, described 2

network security issues and interface trust states 3

priority of ARP ACLs and DHCP snooping entries 4

rate limiting of ARP packets

configuring 11

described 4

error-disabled state 4

statistics

clearing 16

displaying 16

validation checks, performing 12

dynamic auto trunking mode 14

dynamic desirable trunking mode 14

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 25

reconfirming 27

troubleshooting 29

types of connections 27

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling 7

keystrokes used 8

wrapped lines 9

elections

See stack master

ELIN location 3

enable password 4

enable secret password 4

encryption, CipherSuite 48

encryption for passwords 4

environment variables, function of 22

error-disabled state, BPDU 3

error messages during command entry 5

EtherChannel

automatic creation of 5, 7

channel groups

binding physical and logical interfaces 4

numbering of 4

configuration guidelines 12

configuring Layer 2 interfaces 13

default configuration 11

described 2

displaying status 20

forwarding methods 8, 15

IEEE 802.3ad, described 7

interaction

with STP 12

with VLANs 13

LACP

described 7

displaying status 20

hot-standby ports 18

interaction with other features 8

modes 7

port priority 19

system priority 18

load balancing 8, 15

PAgP

aggregate-port learners 16

compatibility with Catalyst 1900 17

described 5

displaying status 20

interaction with other features 7

interaction with virtual switches 6

learn method and priority configuration 16

modes 6

support for 4

with dual-action detection 6

port-channel interfaces

described 4

numbering of 4

port groups 4

stack changes, effects of 10

support for 4

EtherChannel guard

described 10

disabling 18

enabling 18

Ethernet management port

active link 20

and routing 21

and TFTP 22

configuring 22

default setting 21

described 20

for network management 20

specifying 22

supported features 21

unsupported features 21

Ethernet management port, internal

and routing 21

unsupported features 21

Ethernet VLANs

adding 8

defaults and ranges 7

modifying 8

EUI 3

events, RMON 4

examples

network configuration 18

expedite queue for QoS 72

Express Setup 2

See also getting started guide

extended crashinfo file 24

extended-range VLANs

configuration guidelines 11

configuring 11

creating 12

defined 1

extended system ID

MSTP 19

STP 5, 16

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 1

F

fa0 interface 6

Fa0 port

See Ethernet management port

failover support 8

Fast Convergence 3

fastethernet0 port

See Ethernet management port

Fast Uplink Transition Protocol 6

features, incompatible 13

fiber-optic, detecting unidirectional links 1

files

basic crashinfo

description 24

location 24

copying 5

crashinfo, description 24

deleting 6

displaying the contents of 8

extended crashinfo

description 25

location 25

tar

creating 6

displaying the contents of 7

extracting 8

image file format 26

file system

displaying available file systems 2

displaying file information 3

local file system names 1

network file system names 5

setting the default 3

filtering

non-IP traffic 23

show and more command output 10

filtering show and more command output 10

filters, IP

See ACLs, IP

flash device, number of 1

flexible authentication ordering

configuring 63

overview 29

Flex Link Multicast Fast Convergence 3

Flex Links

configuration guidelines 8

configuring 9, 10

configuring preferred VLAN 12

configuring VLAN load balancing 11

default configuration 8

description 2

link load balancing 3

monitoring 15

VLANs 3

flooded traffic, blocking 8

flow-based packet classification 13

flowcharts

QoS classification 7

QoS egress queueing and scheduling 18

QoS ingress queueing and scheduling 15

QoS policing and marking 11

flowcontrol

configuring 28

described 28

forward-delay time

MSTP 25

STP 23

FTP

accessing MIB files 4

configuration files

downloading 14

overview 13

preparing the server 14

uploading 16

image files

deleting old image 33

downloading 32

preparing the server 31

uploading 34

G

general query 5

Generating IGMP Reports 4

get-bulk-request operation 4

get-next-request operation 4, 5

get-request operation 4, 5

get-response operation 4

Gigabit modules

See SFPs

global configuration mode 2

global leave, IGMP 13

guest VLAN and 802.1x 21

guide mode 2

GUIs

See device manager and Network Assistant

H

hello time

MSTP 25

STP 22

help, for the command line 3

history

changing the buffer size 6

described 6

disabling 7

recalling commands 6

history table, level and number of syslog messages 10

host names, in clusters 14

hosts, limit on dynamic ports 29

HP OpenView 5

HSRP

automatic cluster recovery 13

cluster standby group considerations 11

See also clusters, cluster standby group, and standby command switch

HTTP over SSL

see HTTPS

HTTPS 47

configuring 51

self-signed certificate 47

HTTP secure server 47

I

ICMP

IPv6 4

time-exceeded messages 18

traceroute and 18

ICMP ping

executing 15

overview 15

ICMPv6 4

IDS appliances

and ingress RSPAN 21

and ingress SPAN 14

IEEE 802.1D

See STP

IEEE 802.1p 1

IEEE 802.1Q

and trunk ports 3

configuration limitations 15

encapsulation 14

native VLAN for untagged traffic 20

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ad, PoE+ 14, 5

IEEE 802.3af

See PoE

IEEE 802.3x flow control 28

ifIndex values, SNMP 6

IFS 6

IGMP

configurable leave timer

described 6

enabling 12

flooded multicast traffic

controlling the length of time 13

disabling on an interface 14

global leave 13

query solicitation 13

recovering from flood mode 13

joining multicast group 3

join messages 3

leave processing, enabling 11, 9

leaving multicast group 5

queries 4

report suppression

described 6

disabling 16, 11

supported versions 3

support for 4

IGMP filtering

configuring 26

default configuration 26

described 25

monitoring 30

support for 4

IGMP groups

configuring filtering 29

setting the maximum number 28

IGMP Immediate Leave

configuration guidelines 12

described 6

enabling 11

IGMP profile

applying 27

configuration mode 26

configuring 27

IGMP snooping

and address aliasing 2

and stack changes 7

configuring 7

default configuration 7, 6

definition 2

enabling and disabling 8, 7

global configuration 8

Immediate Leave 6

in the switch stack 7

method 9

monitoring 17, 12

querier

configuration guidelines 15

configuring 15

supported versions 3

support for 4

VLAN configuration 8

IGMP throttling

configuring 29

default configuration 26

described 25

displaying action 30

Immediate Leave, IGMP 6

enabling 9

inaccessible authentication bypass 23

support for multiauth ports 23

initial configuration

defaults 16

Express Setup 2

interface

number 15

range macros 18

interface command15to??, 15to 16

interface configuration mode 3

interfaces

auto-MDIX, configuring 29

configuration guidelines

duplex and speed 26

configuring

procedure 16

counters, clearing 38

default configuration 23

described 35

descriptive name, adding 35

displaying information about 37

flow control 28

management 5

monitoring 37

naming 35

physical, identifying 14, 15

range of 16

restarting 38

shutting down 38

speed and duplex, configuring 27

status 37

supported 14

types of 1

interfaces range macro command 18

interface types 15

Internet Protocol version 6

See IPv6

Intrusion Detection System

See IDS appliances

inventory management TLV 3, 8

IOS shell

See Auto Smartports macros

IP ACLs

for QoS classification 8

implicit deny 9, 13

implicit masks 9

named 13

undefined 19

IP addresses

128-bit 2

candidate or member 4, 13

cluster access 2

command switch 3, 11, 13

discovering 31

IPv6 2

redundant clusters 11

standby command switch 11, 13

See also IP information

ip igmp profile command 26

IP information

assigned

manually 15

through DHCP-based autoconfiguration 4

default configuration 3

IP phones

and QoS 1

automatic classification and queueing 21

configuring 5

ensuring port security with QoS 38

trusted boundary for QoS 38

IP Port Security for Static Hosts

on a Layer 2 access port 19

IP precedence 2

IP-precedence-to-DSCP map for QoS 56

IP protocols in ACLs 10

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 1

IP SLAs

benefits 2

configuration guidelines 5

Control Protocol 4

default configuration 5

definition 1

measuring network performance 3

monitoring 6

operation 3

responder

described 4

enabling 6

response time 4

SNMP support 2

supported metrics 2

IP source guard

and 802.1x 17

and DHCP snooping 15

and EtherChannels 17

and port security 17

and private VLANs 17

and routed ports 17

and TCAM entries 18

and trunk interfaces 17

and VRF 17

binding configuration

automatic 15

manual 15

binding table 15

configuration guidelines 17

default configuration 17

described 15

disabling 19

displaying

active IP or MAC bindings 23

bindings 23

configuration 23

enabling 18, 19

filtering

source IP address 15

source IP and MAC address 15

on provisioned switches 18

source IP address filtering 15

source IP and MAC address filtering 15

static bindings

adding 18, 19

deleting 19

static hosts 19

IP traceroute

executing 19

overview 18

IPv4 ACLs

applying to interfaces 18

extended, creating 9

named 13

standard, creating 8

IPv4 and IPv6

dual protocol stacks 4

IPv6

addresses 2

address formats 2

and switch stacks 6

applications 4

assigning address 7

autoconfiguration 4

configuring static routes 10

default configuration 7

defined 2

forwarding 7

ICMP 4

monitoring 11

neighbor discovery 4

SDM templates 1

stack master functions 6

Stateless Autoconfiguration 4

supported features 3

J

join messages, IGMP 3

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 2

Layer 2 interfaces, default configuration 23

Layer 2 traceroute

and ARP 17

and CDP 17

broadcast traffic 16

described 16

IP addresses and subnets 17

MAC addresses and VLANs 17

multicast traffic 17

multiple devices on a port 17

unicast traffic 16

usage guidelines 17

Layer 3 features 14

Layer 3 interfaces

assigning IPv6 addresses to 8

Layer 3 packets, classification methods 2

LDAP 2

Leaking IGMP Reports 4

LEDs, switch

See hardware installation guide

lightweight directory access protocol

See LDAP

line configuration mode 3

Link Aggregation Control Protocol

See EtherChannel

link failure, detecting unidirectional 8

Link Layer Discovery Protocol

See CDP

link local unicast addresses 3

link redundancy

See Flex Links

links, unidirectional 1

link-state tracking

configuring 23

described 20

LLDP

configuring 5

characteristics 7

default configuration 5

enabling 6

monitoring and maintaining 12

overview 1

supported TLVs 2

switch stack considerations 2

transmission timer and holdtime, setting 7

LLDP-MED

configuring

procedures 5

TLVs 8

monitoring and maintaining 12

overview 1, 2

supported TLVs 2

LLDP Media Endpoint Discovery

See LLDP-MED

local SPAN 2

location TLV 3, 8

login authentication

with RADIUS 30

with TACACS+ 14

login banners 18

log messages

See system message logging

Long-Reach Ethernet (LRE) technology 20

loop guard

described 11

enabling 19

support for 8

LRE profiles, considerations in switch clusters 16

M

MAB

See MAC authentication bypass

MAB inactivity timer

default setting 34

range 36

MAC/PHY configuration status TLV 2

MAC addresses

aging time 22

and VLAN association 21

building the address table 21

default configuration 22

disabling learning on a VLAN 30

discovering 31

displaying 30

displaying in the IP source binding table 23

dynamic

learning 21

removing 23

in ACLs 23

static

adding 27

allowing 29, 30

characteristics of 27

dropping 29

removing 28

MAC address learning 6

MAC address learning, disabling on a VLAN 30

MAC address notification, support for 15

MAC address-table move update

configuration guidelines 8

configuring 13

default configuration 8

description 6

monitoring 15

MAC address-to-VLAN mapping 24

MAC authentication bypass 36

configuring 56

overview 17

MAC extended access lists

applying to Layer 2 interfaces 24

configuring for QoS 45

creating 23

defined 23

for QoS classification 6

macros

See Auto Smartports macros

See Smartports macros

magic packet 26

manageability features 6

management access

in-band

browser session 6

CLI session 6

device manager 6

SNMP 6

out-of-band console port connection 6

management address TLV 2

management options

CLI 1

clustering 3

CNS 1

Network Assistant 2

overview 5

management VLAN

considerations in switch clusters 8

discovery through different management VLANs 8

mapping tables for QoS

configuring

CoS-to-DSCP 55

DSCP 54

DSCP-to-CoS 58

DSCP-to-DSCP-mutation 59

IP-precedence-to-DSCP 56

policed-DSCP 57

described 11

marking

action with aggregate policers 52

described 4, 9

matching, IPv4 ACLs 7

maximum aging time

MSTP 26

STP 23

maximum hop count, MSTP 26

maximum number of allowed devices, port-based authentication 36

MDA

configuration guidelines13to 14

described 11, 13

exceptions with authentication process 6

Medianet

See Auto Smartports macros

membership mode, VLAN port 3

member switch

automatic discovery 5

defined 2

managing 17

passwords 13

recovering from lost connectivity 12

requirements 4

See also candidate switch, cluster standby group, and standby command switch

messages, to users through banners 18

MIBs

accessing files with FTP 4

location of files 4

overview 1

SNMP interaction with 5

supported 1

mirroring traffic for analysis 1

mismatches, autonegotiation 13

module number 15

monitoring

access groups 25

cables for unidirectional links 1

CDP 5

features 15

Flex Links 15

IGMP

filters 30

snooping 17, 12

interfaces 37

IP SLAs operations 6

IPv4 ACL configuration 25

IPv6 11

MAC address-table move update 15

multicast router interfaces 17, 12

MVR 24

network traffic for analysis with probe 2

port

blocking 19

protection 19

SFP status 37, 14

speed and duplex mode 27

traffic flowing among switches 2

traffic suppression 19

VLANs 13

VMPS 28

VTP 18

mrouter Port 3

mrouter port 5

MSTP

boundary ports

configuration guidelines 17

described 6

BPDU filtering

described 3

enabling 15

BPDU guard

described 2

enabling 14

CIST, described 3

CIST regional root 3

CIST root 5

configuration guidelines 16, 12

configuring

forward-delay time 25

hello time 25

link type for rapid convergence 27

maximum aging time 26

maximum hop count 26

MST region 17

neighbor type 27

path cost 23

port priority 21

root switch 19

secondary root switch 20

switch priority 24

CST

defined 3

operations between regions 4

default configuration 16

default optional feature configuration 12

displaying status 28

enabling the mode 17

EtherChannel guard

described 10

enabling 18

extended system ID

effects on root switch 19

effects on secondary root switch 20

unexpected behavior 19

IEEE 802.1s

implementation 7

port role naming change 7

terminology 5

instances supported 10

interface state, blocking to forwarding 2

interoperability and compatibility among modes 11

interoperability with IEEE 802.1D

described 9

restarting migration process 28

IST

defined 3

master 3

operations within a region 3

loop guard

described 11

enabling 19

mapping VLANs to MST instance 17

MST region

CIST 3

configuring 17

described 2

hop-count mechanism 6

IST 3

supported spanning-tree instances 2

optional features supported 8

overview 2

Port Fast

described 2

enabling 13

preventing root switch selection 10

root guard

described 10

enabling 18

root switch

configuring 19

effects of extended system ID 19

unexpected behavior 19

shutdown Port Fast-enabled port 2

stack changes, effects of 9

status, displaying 28

multiauth

support for inaccessible authentication bypass 23

multiauth mode

See multiple-authentication mode

multicast groups

Immediate Leave 6

joining 3

leaving 5

static joins 10, 8

multicast router interfaces, monitoring 17, 12

multicast router ports, adding 10, 8

multicast storm 2

multicast storm-control command 4

multicast television application 19

multicast VLAN 18

Multicast VLAN Registration

See MVR

multidomain authentication

See MDA

multiple authentication 14

multiple authentication mode

configuring 42

MVR

and address aliasing 21

and IGMPv3 21

configuration guidelines 21

configuring interfaces 23

default configuration 21

described 18

example application 19

modes 22

monitoring 24

multicast television application 19

setting global parameters 21

support for 4

N

NAC

critical authentication 23, 52

IEEE 802.1x authentication using a RADIUS server 58

IEEE 802.1x validation using RADIUS server 58

inaccessible authentication bypass 52

Layer 2 IEEE 802.1x validation 12, 29, 58

named IPv4 ACLs 13

NameSpace Mapper

See NSM

native VLAN

configuring 20

default 20

NEAT

configuring 59

overview 30

neighbor discovery, IPv6 4

Network Admission Control

See NAC

Network Assistant

benefits 2

described 5

downloading image files 2

guide mode 2

management options 2

managing switch stacks 2, 15

upgrading a switch 25

wizards 2

network configuration examples

increasing network performance 19

long-distance, high-bandwidth transport 23

providing network services 19

server aggregation and Linux server cluster 21

small to medium-sized network 22

network design

performance 19

services 19

Network Edge Access Topology

See NEAT

network management

CDP 1

RMON 1

SNMP 1

network performance, measuring with IP SLAs 3

network policy TLV 2, 8

Network Time Protocol

See NTP

no commands 4

nonhierarchical policy maps

described 10

non-IP traffic filtering 23

nontrunking mode 14

normal-range VLANs 4

configuration guidelines 6

configuring 4

defined 1

NSM 3

NTP

associations

authenticating 6

defined 3

enabling broadcast messages 8

peer 7

server 7

default configuration 5

displaying the configuration 12

overview 3

restricting access

creating an access group 10

disabling NTP services per interface 11

source IP address, configuring 11

stratum 3

support for 6

synchronizing devices 7

time

services 3

synchronizing 3

O

OBFL

configuring 26

described 25

displaying 27

offline configuration for switch stacks 7

off mode, VTP 4

on-board failure logging

See OBFL

online diagnostics

overview 1

running tests 3

understanding 1

open1x

configuring 64

open1x authentication

overview 30

optimizing system resources 1

options, management 5

out-of-profile markdown 14

P

packet modification, with QoS 20

PAgP

See EtherChannel

passwords

default configuration 3

disabling recovery of 5

encrypting 4

for security 10

in clusters 14

overview 1

recovery of 4

setting

enable 3

enable secret 4

Telnet 6

with usernames 7

VTP domain 10

path cost

MSTP 23

STP 20

PC (passive command switch) 10

performance, network design 19

performance features 4

persistent self-signed certificate 47

per-user ACLs and Filter-Ids 9

per-VLAN spanning-tree plus

See PVST+

physical ports 2

PIM-DVMRP, as snooping method 9

ping

character output description 16

executing 15

overview 15

PoE

auto mode 7

CDP with power consumption, described 5

CDP with power negotiation, described 5

Cisco intelligent power management 5

configuring 30

cutoff power

determining 8

cutoff-power

support for 8

devices supported 5

high-power devices operating in low-power mode 5

IEEE power classification levels 6

monitoring 8

monitoring power 33

policing power consumption 33

policing power usage 8

power budgeting 31

power consumption 9, 31

powered-device detection and initial power allocation 6

power management modes 7

power monitoring 8

power negotiation extensions to CDP 5

power sensing 8

standards supported 5

static mode 7

total available power 9

troubleshooting 13

PoE+ 14, 5, 6, 30

policed-DSCP map for QoS 57

policers

configuring

for each matched traffic class 48

for more than one traffic class 52

described 4

displaying 73

number of 34

types of 10

policing

described 4

token-bucket algorithm 10

policy maps for QoS

characteristics of 48

described 8

displaying 74

nonhierarchical on physical ports

described 10

port ACLs, described 3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 15

authentication server

defined 3, 2

RADIUS server 3

client, defined 3, 2

configuration guidelines 34, 9

configuring

802.1x authentication 40

guest VLAN 49

host mode 42

inaccessible authentication bypass 52

manual re-authentication of a client 45

periodic re-authentication 44

quiet period 45

RADIUS server 42, 13

RADIUS server parameters on the switch 41, 11

restricted VLAN 50

switch-to-client frame-retransmission number 46, 47

switch-to-client retransmission time 46

violation modes 39

default configuration 33, 9

described 1

device roles 3, 2

displaying statistics 66, 17

downloadable ACLs and redirect URLs

configuring60to62, ??to 63

overview19to 20

EAPOL-start frame 6

EAP-request/identity frame 6

EAP-response/identity frame 6

enabling

802.1X authentication 11

encapsulation 3

flexible authentication ordering

configuring 63

overview 29

guest VLAN

configuration guidelines 22, 23

described 21

host mode 12

inaccessible authentication bypass

configuring 52

described 23

guidelines 35

initiation and message exchange 6

magic packet 26

maximum number of allowed devices per port 36

method lists 40

multiple authentication 14

per-user ACLs

configuration tasks 19

described 18

RADIUS server attributes 19

ports

authorization state and dot1x port-control command 11

authorized and unauthorized 11

voice VLAN 25

port security

and voice VLAN 26

described 25

interactions 25

multiple-hosts mode 12

readiness check

configuring 36

described 17, 36

resetting to default values 65

stack changes, effects of 12

statistics, displaying 66

switch

as proxy 3, 2

RADIUS client 3

switch supplicant

configuring 59

overview 30

user distribution

guidelines 28

overview 28

VLAN assignment

AAA authorization 40

characteristics 17

configuration tasks 18

described 17

voice aware 802.1x security

configuring 38

described 30, 38

voice VLAN

described 25

PVID 25

VVID 25

wake-on-LAN, described 26

with ACLs and RADIUS Filter-Id attribute 32

port-based authentication methods, supported 8

port blocking 4, 8

port-channel

See EtherChannel

port description TLV 2

Port Fast

described 2

enabling 13

mode, spanning tree 25

support for 8

port membership modes, VLAN 3

port priority

MSTP 21

STP 18

ports

access 3

blocking 8

dual-purpose uplink 4

dynamic access 4

protected 6

secure 9

static-access 3, 10

switch 2

trunks 3, 14

VLAN assignments 10

port security

aging 18

and QoS trusted boundary 38

and stacking 19

configuring 13

default configuration 12

described 9

displaying 19

on trunk ports 15

sticky learning 10

violations 11

with other features 12

port-shutdown response, VMPS 24

port VLAN ID TLV 2

power management TLV 3, 8

Power over Ethernet

See PoE

preemption, default configuration 8

preemption delay, default configuration 8

preferential treatment of traffic

See QoS

preventing unauthorized access 1

primary links 2

priority

overriding CoS 6

trusting CoS 6

private VLAN edge ports

See protected ports

privileged EXEC mode 2

privilege levels

changing the default for lines 9

command switch 17

exiting 10

logging into 10

mapping on member switches 17

overview 2, 8

setting a command with 8

protected ports 10, 6

provisioned switches and IP source guard 18

provisioning new members for a switch stack 7

proxy reports 4

pruning, VTP

disabling

in VTP domain 16

on a port 19

enabling

in VTP domain 16

on a port 19

examples 7

overview 6

pruning-eligible list

changing 19

for VTP pruning 6

VLANs 16

PVST+

described 10

IEEE 802.1Q trunking interoperability 11

instances supported 10

Q

QoS

and MQC commands 1

auto-QoS

categorizing traffic 21

configuration and defaults display 30

configuration guidelines 27

described 21

disabling 28

displaying generated commands 28

displaying the initial configuration 30

effects on running configuration 26

egress queue defaults 22

enabling for VoIP 28

example configuration 29

ingress queue defaults 22

list of generated commands 23

basic model 4

classification

class maps, described 8

defined 4

DSCP transparency, described 39

flowchart 7

forwarding treatment 3

in frames and packets 3

IP ACLs, described 6, 8

MAC ACLs, described 6, 8

options for IP traffic 6

options for non-IP traffic 6

policy maps, described 8

trust DSCP, described 6

trusted CoS, described 6

trust IP precedence, described 6

class maps

configuring 46

displaying 73

configuration guidelines

auto-QoS 27

standard QoS 34

configuring

aggregate policers 52

auto-QoS 21

default port CoS value 37

DSCP maps 54

DSCP transparency 39

DSCP trust states bordering another domain 40

egress queue characteristics 66

ingress queue characteristics 61

IP extended ACLs 44

IP standard ACLs 43

MAC ACLs 45

port trust states within the domain 36

trusted boundary 38

default auto configuration 21

default standard configuration 31

displaying statistics 73

DSCP transparency 39

egress queues

allocating buffer space 66

buffer allocation scheme, described 18

configuring shaped weights for SRR 70

configuring shared weights for SRR 71

described 5

displaying the threshold map 69

flowchart 18

mapping DSCP or CoS values 68

scheduling, described 5

setting WTD thresholds 66

WTD, described 19

enabling globally 35

flowcharts

classification 7

egress queueing and scheduling 18

ingress queueing and scheduling 15

policing and marking 11

implicit deny 8

ingress queues

allocating bandwidth 64

allocating buffer space 63

buffer and bandwidth allocation, described 16

configuring shared weights for SRR 64

configuring the priority queue 65

described 4

displaying the threshold map 62

flowchart 15

mapping DSCP or CoS values 61

priority queue, described 17

scheduling, described 4

setting WTD thresholds 61

WTD, described 16

IP phones

automatic classification and queueing 21

detection and trusted settings 21, 38

limiting bandwidth on egress interface 72

mapping tables

CoS-to-DSCP 55

displaying 74

DSCP-to-CoS 58

DSCP-to-DSCP-mutation 59

IP-precedence-to-DSCP 56

policed-DSCP 57

types of 11

marked-down actions 51

marking, described 4, 9

overview 2

packet modification 20

policers

configuring 51, 53

described 9

displaying 73

number of 34

types of 10

policies, attaching to an interface 9

policing

described 4, 9

token bucket algorithm 10

policy maps

characteristics of 48

displaying 74

nonhierarchical on physical ports 48

QoS label, defined 4

queues

configuring egress characteristics 66

configuring ingress characteristics 61

high priority (expedite) 20, 72

location of 12

SRR, described 14

WTD, described 13

rewrites 20

support for 13

trust states

bordering another domain 40

described 6

trusted device 38

within the domain 36

quality of service

See QoS

queries, IGMP 4

query solicitation, IGMP 13

R

RADIUS

attributes

vendor-proprietary 38

vendor-specific 36

configuring

accounting 35

authentication 30

authorization 34

communication, global 28, 36

communication, per-server 28

multiple UDP ports 28

default configuration 27

defining AAA server groups 32

displaying the configuration 40

identifying the server 28

in clusters 16

limiting the services to the user 34

method list, defined 27

operation of 19

overview 18

server load balancing 40

suggested network environments 18

support for 12

tracking services accessed by user 35

RADIUS Change of Authorization 20

range

macro 18

of interfaces 17

rapid convergence 11

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 10

IEEE 802.1Q trunking interoperability 11

instances supported 10

Rapid Spanning Tree Protocol

See RSTP

rcommand command 17

RCP

configuration files

downloading 18

overview 17

preparing the server 17

uploading 19

image files

deleting old image 38

downloading 36

preparing the server 35

uploading 38

readiness check

port-based authentication

configuring 36

described 17, 36

reconfirmation interval, VMPS, changing 27

reconfirming dynamic VLAN membership 27

recovery procedures 1

redirect URL 19, 20, 60

redundancy

EtherChannel 3

STP

backbone 9

multidrop backbone 5

path cost 22

port priority 21

redundant links and UplinkFast 16

reloading software 23

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 3

report suppression, IGMP

described 6

disabling 16, 11

resequencing ACL entries 13

reserved addresses in DHCP pools 24

resetting a UDLD-shutdown interface 6

responder, IP SLAs

described 4

enabling 6

response time, measuring with IP SLAs 4

restricted VLAN

configuring 50

described 22

using with IEEE 802.1x 22

restricting access

NTP services 9

overview 1

passwords and privilege levels 2

RADIUS 18

TACACS+ 10

retry count, VMPS, changing 28

RFC

1112, IP multicast and IGMP 2

1157, SNMPv1 2

1305, NTP 3

1757, RMON 2

1901, SNMPv2C 2

1902 to 1907, SNMPv2 2

2236, IP multicast and IGMP 2

2273-2275, SNMPv3 2

RFC 5176 Compliance 21

RMON

default configuration 3

displaying status 7

enabling alarms and events 3

groups supported 2

overview 2

statistics

collecting group Ethernet 6

collecting group history 5

support for 15

root guard

described 10

enabling 18

support for 8

root switch

MSTP 19

STP 16

RSPAN

and stack changes 10

characteristics 9

configuration guidelines 17

default configuration 11

defined 3

destination ports 8

displaying status 24

in a switch stack 3

interaction with other features 9

monitored ports 6

monitoring ports 8

overview 15, 1

received traffic 5

sessions

creating 18

defined 4

limiting source traffic to specific VLANs 23

specifying monitored ports 18

with ingress traffic enabled 21

source ports 6

transmitted traffic 6

VLAN-based 7

RSTP

active topology 10

BPDU

format 13

processing 14

designated port, defined 10

designated switch, defined 10

interoperability with IEEE 802.1D

described 9

restarting migration process 28

topology changes 14

overview 10

port roles

described 10

synchronized 12

proposal-agreement handshake process 11

rapid convergence

cross-stack rapid convergence 11

described 11

edge ports and Port Fast 11

point-to-point links 11, 27

root ports 11

root port, defined 10

See also MSTP

running configuration

replacing 20, 21

rolling back 20, 22

running configuration, saving 16

S

SC (standby command switch) 10

scheduled reloads 23

SCP

and SSH 53

configuring 54

SDM

templates

configuring 3

number of 1

SDM template

configuration guidelines 3

configuring 2

types of 1

Secure Copy Protocol

secure HTTP client

configuring 52

displaying 53

secure HTTP server

configuring 51

displaying 53

secure MAC addresses

and switch stacks 19

deleting 17

maximum number of 10

types of 10

secure ports

and switch stacks 19

secure ports, configuring 9

secure remote connections 42

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 9

security features 10

See SCP

sequence numbers in log messages 8

server mode, VTP 3

service-provider network, MSTP and RSTP 1

set-request operation 5

setup program

failed command switch replacement 11

replacing failed command switch 9

severity levels, defining in system messages 9

SFPs

monitoring status of 37, 14

security and identification 14

status, displaying 14

shaped round robin

See SRR

Shell functions

See Auto Smartports macros

Shell triggers

See Auto Smartports macros

show access-lists hw-summary command 19

show and more command output, filtering 10

show cdp traffic command 5

show cluster members command 17

show configuration command 35

show forward command 23

show interfaces command 27, 35

show interfaces switchport 4

show lldp traffic command 12

show platform forward command 23

show running-config command

displaying ACLs 18, 19

interface description in 35

shutdown command on interfaces 38

Simple Network Management Protocol

See SNMP

small form-factor pluggable modules

See SFPs

small-frame arrival rate, configuring 5

Smartports macros

applying Cisco-default macros 18

applying global parameter values 18

configuration guidelines 17

default configuration 17

defined 1

displaying 20

tracing 17

SNAP 1

SNMP

accessing MIB variables with 5

agent

described 4

disabling 8

and IP SLAs 2

authentication level 11

community strings

configuring 8

for cluster switches 4

overview 4

configuration examples 18

default configuration 7

engine ID 7

groups 7, 10

host 7

ifIndex values 6

in-band management 6

in clusters 14

informs

and trap keyword 13

described 5

differences from traps 5

disabling 16

enabling 16

limiting access by TFTP servers 17

limiting system log messages to NMS 10

manager functions 5, 4

managing clusters with 18

MIBs

location of 4

supported 1

notifications 5

overview 1, 5

security levels 3

setting CPU threshold notification 16

status, displaying 19

system contact and location 17

trap manager, configuring 14

traps

described 4, 5

differences from informs 5

disabling 16

enabling 13

enabling MAC address notification 23, 25, 26

overview 1, 5

types of 13

users 7, 10

versions supported 2

SNMP and Syslog Over IPv6 5

SNMPv1 2

SNMPv2C 3

SNMPv3 3

snooping, IGMP 2

software compatibility

See stacks, switch

software images

location in flash 26

recovery procedures 2

scheduling reloads 23

tar file format, described 26

See also downloading and uploading

source addresses

in IPv4 ACLs 10

source-and-destination-IP address based forwarding, EtherChannel 9

source-and-destination MAC address forwarding, EtherChannel 9

source-IP address based forwarding, EtherChannel 9

source-MAC address forwarding, EtherChannel 8

SPAN

and stack changes 10

configuration guidelines 11

default configuration 11

destination ports 8

displaying status 24

interaction with other features 9

monitored ports 6

monitoring ports 8

overview 15, 1

ports, restrictions 13

received traffic 5

sessions

configuring ingress forwarding 15, 22

creating 12

defined 4

limiting source traffic to specific VLANs 16

removing destination (monitoring) ports 13

specifying monitored ports 12

with ingress traffic enabled 14

source ports 6

transmitted traffic 6

VLAN-based 7

spanning tree and native VLANs 15

Spanning Tree Protocol

See STP

SPAN traffic 5

SRR

configuring

shaped weights on egress queues 70

shared weights on egress queues 71

shared weights on ingress queues 64

described 14

shaped mode 14

shared mode 14

support for 14

SSH

configuring 43

cryptographic software image 41

described 6, 42

encryption methods 42

switch stack considerations 15

user authentication methods, supported 42

SSL

configuration guidelines 49

configuring a secure HTTP client 52

configuring a secure HTTP server 51

cryptographic software image 46

described 46

monitoring 53

stack, switch

MAC address of 6, 18

stack changes, effects on

802.1x port-based authentication 12

ACL configuration 5

CDP 2

cross-stack EtherChannel 13

EtherChannel 10

IGMP snooping 7

MAC address tables 22

MSTP 9

MVR 18

port security 19

SNMP 2

SPAN and RSPAN 10

STP 12

switch clusters 15

system message log 2

VLANs 6

VTP 8

stack master

bridge ID (MAC address) 6

defined 1

election 5

IPv6 6

See also stacks, switch

stack member

accessing CLI of specific member 22

configuring

member number 20

priority value 21

defined 1

displaying information of 23

number 6

priority value 7

provisioning a new member 21

replacing 14

See also stacks, switch

stack member number 15

stack protocol version 10

stacks, switch

accessing CLI of specific member 22

assigning information

member number 20

priority value 21

provisioning a new member 21

auto-advise 11

auto-copy 11

auto-extract 11

auto-upgrade 11

bridge ID 6

CDP considerations 2

compatibility, software 9

configuration file 14

configuration scenarios 16

copying an image file from one member to another 39

default configuration 17

description of 1

displaying information of 23

enabling persistent MAC address timer 18

in clusters 15

incompatible software and image upgrades 13, 39

IPv6 on 6

MAC address considerations 22

management connectivity 15

managing 1

membership 3

merged 3

MSTP instances supported 10

offline configuration

described 7

effects of adding a provisioned switch 8

effects of removing a provisioned switch 9

effects of replacing a provisioned switch 9

provisioned configuration, defined 7

provisioned switch, defined 7

provisioning a new member 21

partitioned 3, 9

provisioned switch

adding 8

removing 9

replacing 9

replacing a failed member 14

software compatibility 9

software image version 9

stack protocol version 10

STP

bridge ID 3

instances supported 10

root port selection 3

stack root switch election 3

system messages

hostnames in the display 1

remotely monitoring 2

system prompt consideration 15

system-wide configuration considerations 14

upgrading 39

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 11

examples 12

manual upgrades with auto-advise 11

upgrades with auto-extract 11

version-mismatch mode

described 10

See also stack master and stack member

standby command switch

configuring

considerations 11

defined 2

priority 10

requirements 3

virtual IP address 11

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

standby links 2

startup configuration

booting

manually 19

specific image 20

clearing 20

configuration file

automatically downloading 18

specifying the filename 18

default boot configuration 17

static access ports

assigning to VLAN 10

defined 3

static addresses

See addresses

static MAC addressing 10

static routes

configuring for IPv6 10

static VLAN membership 2

statistics

802.1X 17

802.1x 66

CDP 5

interface 37

LLDP 12

LLDP-MED 12

NMSP 12

QoS ingress and egress 73

RMON group Ethernet 6

RMON group history 5

SNMP input and output 19

VTP 18

sticky learning 10

storm control

configuring 3

described 2

disabling 5

displaying 19

support for 4

thresholds 2

STP

accelerating root port selection 4

BackboneFast

described 7

disabling 17

enabling 17

BPDU filtering

described 3

disabling 15

enabling 15

BPDU guard

described 2

disabling 14

enabling 14

BPDU message exchange 3

configuration guidelines 13, 12

configuring

forward-delay time 23

hello time 22

maximum aging time 23

path cost 20

port priority 18

root switch 16

secondary root switch 18

spanning-tree mode 15

switch priority 21

transmit hold-count 24

counters, clearing 24

cross-stack UplinkFast

described 5

enabling 17

default configuration 13

default optional feature configuration 12

designated port, defined 4

designated switch, defined 4

detecting indirect link failures 8

disabling 16

displaying status 24

EtherChannel guard

described 10

disabling 18

enabling 18

extended system ID

effects on root switch 16

effects on the secondary root switch 18

overview 5

unexpected behavior 16

features supported 8

IEEE 802.1D and bridge ID 5

IEEE 802.1D and multicast addresses 9

IEEE 802.1t and VLAN identifier 5

inferior BPDU 3

instances supported 10

interface state, blocking to forwarding 2

interface states

blocking 7

disabled 8

forwarding 6, 7

learning 7

listening 7

overview 5

interoperability and compatibility among modes 11

limitations with IEEE 802.1Q trunks 11

load sharing

overview 20

using path costs 22

using port priorities 21

loop guard

described 11

enabling 19

modes supported 10

multicast addresses, effect of 9

optional features supported 8

overview 2

path costs 22, 23

Port Fast

described 2

enabling 13

port priorities 21

preventing root switch selection 10

protocols supported 10

redundant connectivity 9

root guard

described 10

enabling 18

root port, defined 3

root port selection on a switch stack 3

root switch

configuring 16

effects of extended system ID 5, 16

election 3

unexpected behavior 16

shutdown Port Fast-enabled port 2

stack changes, effects of 12

status, displaying 24

superior BPDU 3

timers, described 22

UplinkFast

described 3

enabling 16

stratum, NTP 3

success response, VMPS 24

summer time 14

SunNet Manager 5

supported port-based authentication methods 8

Smartports macros

See also Auto Smartports macros

switch 2

switch clustering technology 1

See also clusters, switch

switch console port 6

Switch Database Management

See SDM

Switched Port Analyzer

See SPAN

switched ports 2

switchport backup interface 4, 5

switchport block multicast command 8

switchport block unicast command 8

switchport protected command 7

switch priority

MSTP 24

STP 21

switch software features 1

syslog

See system message logging

system capabilities TLV 2

system clock

configuring

daylight saving time 14

manually 12

summer time 14

time zones 13

displaying the time and date 13

overview 2

See also NTP

system description TLV 2

system message logging

default configuration 4

defining error message severity levels 9

disabling 4

displaying the configuration 14

enabling 5

facility keywords, described 14

level keywords, described 10

limiting messages 10

message format 2

overview 1

sequence numbers, enabling and disabling 8

setting the display destination device 5

stack changes, effects of 2

synchronizing log messages 7

syslog facility 15

time stamps, enabling and disabling 8

UNIX syslog servers

configuring the daemon 13

configuring the logging facility 13

facilities supported 14

system name

default configuration 16

default setting 16

manual configuration 16

See also DNS

system name TLV 2

system prompt, default setting 15, 16

system resources, optimizing 1

T

TACACS+

accounting, defined 11

authentication, defined 11

authorization, defined 11

configuring

accounting 17

authentication key 13

authorization 16

login authentication 14

default configuration 13

displaying the configuration 18

identifying the server 13

in clusters 16

limiting the services to the user 16

operation of 12

overview 10

support for 12

tracking services accessed by user 17

tar files

creating 6

displaying the contents of 7

extracting 8

image file format 26

TDR 15

Telnet

accessing management interfaces 11

number of connections 6

setting a password 6

temporary self-signed certificate 47

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 6

TFTP

configuration files

downloading 12

preparing the server 11

uploading 13

configuration files in base directory 8

configuring for autoconfiguration 8

image files

deleting 29

downloading 28

preparing the server 27

uploading 30

limiting access by servers 17

TFTP server 6

threshold, traffic level 3

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 15

time ranges in ACLs 15

time stamps in log messages 8

time zones 13

TLVs

defined 2

LLDP 2

LLDP-MED 2

Token Ring VLANs

support for 5

VTP support 5

ToS 13

traceroute, Layer 2

and ARP 17

and CDP 17

broadcast traffic 16

described 16

IP addresses and subnets 17

MAC addresses and VLANs 17

multicast traffic 17

multiple devices on a port 17

unicast traffic 16

usage guidelines 17

traceroute command 19

See also IP traceroute

traffic

blocking flooded 8

fragmented 4

unfragmented 4

traffic policing 13

traffic suppression 2

transmit hold-count

see STP

transparent mode, VTP 4

trap-door mechanism 2

traps

configuring MAC address notification 23, 25, 26

configuring managers 13

defined 4

enabling 23, 25, 26, 13

notification types 13

overview 1, 5

troubleshooting

connectivity problems 15, 16, 18

CPU utilization 27

detecting unidirectional links 1

displaying crash information 24

setting packet forwarding 23

SFP security and identification 14

show forward command 23

with CiscoWorks 5

with debug commands 21

with ping 15

with system message logging 1

with traceroute 18

trunk failover

See link-state tracking

trunking encapsulation 9

trunk ports

configuring 17

defined 3

trunks

allowed-VLAN list 18

load sharing

setting STP path costs 22

using STP port priorities 21

native VLAN for untagged traffic 20

parallel 22

pruning-eligible list 19

to non-DTP device 14

trusted boundary for QoS 38

trusted port states

between QoS domains 40

classification options 6

ensuring port security for IP phones 38

support for 13

within a QoS domain 36

trustpoints, CA 47

twisted-pair Ethernet, detecting unidirectional links 1

type of service

See ToS

U

UDLD

configuration guidelines 4

default configuration 4

disabling

globally 5

on fiber-optic interfaces 5

per interface 6

echoing detection mechanism 3

enabling

globally 5

per interface 6

link-detection mechanism 1

neighbor database 2

overview 1

resetting an interface 6

status, displaying 7

support for 8

unauthorized ports with IEEE 802.1x 11

unicast MAC address filtering 6

and adding static addresses 28

and broadcast MAC addresses 28

and CPU packets 28

and multicast addresses 28

and router MAC addresses 28

configuration guidelines 28

described 28

unicast storm 2

unicast storm control command 4

unicast traffic, blocking 8

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 13

facilities supported 14

message logging configuration 13

unrecognized Type-Length-Value (TLV) support 5

upgrading a Catalyst 2950 switch

configuration compatibility issues 1

differences in configuration commands 1

feature behavior incompatibilities 5

incompatible command messages 1

recommendations 1

upgrading software images

See downloading

UplinkFast

described 3

disabling 16

enabling 16

support for 8

uploading

configuration files

preparing 11, 14, 17

reasons for 9

using FTP 16

using RCP 19

using TFTP 13

image files

preparing 27, 31, 35

reasons for 25

using FTP 34

using RCP 38

using TFTP 30

USB mini-Type B console port 10

USB Type A port 7

user EXEC mode 2

username-based authentication 7

V

version-dependent transparent mode 5

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 11

manual upgrades with auto-advise 11

upgrades with auto-extract 11

version-mismatch mode

described 10

virtual IP address

cluster standby group 11

command switch 11

virtual switches and PAgP 6

vlan.dat file 4

VLAN 1, disabling on a trunk port 18

VLAN 1 minimization 18

vlan-assignment response, VMPS 24

VLAN configuration

at bootup 7

saving 7

VLAN configuration mode 2

VLAN database

and startup configuration file 7

and VTP 1

VLAN configuration saved in 7

VLANs saved in 4

VLAN filtering and SPAN 7

vlan global configuration command 7

VLAN ID, discovering 31

VLAN load balancing on flex links 3

configuration guidelines 8

VLAN management domain 2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming 27

modes 3

VLAN Query Protocol

See VQP

VLANs

adding 8

adding to VLAN database 8

aging dynamic addresses 10

allowed on trunk 18

and spanning-tree instances 3, 6, 12

configuration guidelines, extended-range VLANs 11

configuration guidelines, normal-range VLANs 6

configuring 1

configuring IDs 1006 to 4094 11

creating 8

default configuration 7

deleting 9

described 2, 1

displaying 13

extended-range 1, 11

features 9

illustrated 2

in the switch stack 6

limiting source traffic with RSPAN 23

limiting source traffic with SPAN 16

modifying 8

multicast 18

native, configuring 20

normal-range 1, 4

number supported 9

parameters 5

port membership modes 3

static-access ports 10

STP and IEEE 802.1Q trunks 11

supported 2

Token Ring 5

traffic between 2

VTP modes 3

VLAN Trunking Protocol

See VTP

VLAN trunks 14

VMPS

administering 28

configuration example 29

configuration guidelines 25

default configuration 25

description 24

dynamic port membership

described 25

reconfirming 27

troubleshooting 29

entering server address 26

mapping MAC addresses to VLANs 24

monitoring 28

reconfirmation interval, changing 27

reconfirming membership 27

retry count, changing 28

voice aware 802.1x security

port-based authentication

configuring 38

described 30, 38

voice-over-IP 1

voice VLAN

Cisco 7960 phone, port connections 1

configuration guidelines 3

configuring IP phones for data traffic

override CoS of incoming frame 6

trust CoS priority of incoming frame 6

configuring ports for voice traffic in

802.1p priority tagged frames 5

802.1Q frames 5

connecting to an IP phone 5

default configuration 3

described 1

displaying 7

IP phone data traffic, described 3

IP phone voice traffic, described 2

VQP 9, 24

VTP

adding a client to a domain 17

advertisements 16, 4

and extended-range VLANs 2

and normal-range VLANs 2

client mode, configuring 13

configuration

guidelines 9

requirements 11

saving 9

configuration requirements 11

configuration revision number

guideline 17

resetting 18

consistency checks 5

default configuration 9

described 1

domain names 10

domains 2

modes

client 3

off 4

server 3

transitions 3

transparent 4

monitoring 18

passwords 10

pruning

disabling 16

enabling 16

examples 7

overview 6

support for 9

pruning-eligible list, changing 19

server mode, configuring 11, 14

statistics 18

support for 9

Token Ring support 5

transparent mode, configuring 12

using 1

Version

enabling 15

version, guidelines 10

Version 1 5

Version 2

configuration guidelines 10

overview 5

Version 3

overview 5

W

web authentication 17

configuring16to ??

described 10

web-based authentication

customizeable web pages 6

description 1

web-based authentication, interactions with other features 7

weighted tail drop

See WTD

wired location service

configuring 10

displaying 12

location TLV 3

understanding 3

wizards 2

WTD

described 13

setting thresholds

egress queue-sets 66

ingress queues 61

support for 14

X

Xmodem protocol 2