Catalyst 2960 and 2960-S Software Configuration Guide, 12.2(55)SE
Index
Downloads: This chapterpdf (PDF - 1.18MB) The complete bookPDF (PDF - 17.16MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

abbreviating commands 2-3

AC (command switch) 6-10

access-class command 31-17

access control entries

See ACEs

access-denied response, VMPS 13-23

access groups

Layer 3 31-19

access groups, applying IPv4 ACLs to interfaces 31-18

accessing

clusters, switch 6-13

command switches 6-11

member switches 6-13

switch clusters 6-13

accessing stack members 7-21

access lists

See ACLs

access ports

in switch clusters 6-9

access ports, defined 12-3

accounting

with 802.1x 10-53

with IEEE 802.1x 10-17

with RADIUS 9-35

with TACACS+ 9-11, 9-17

ACEs

and QoS 33-8

defined 31-2

Ethernet 31-2

IP 31-2

ACLs

ACEs 31-2

any keyword 31-11

applying

time ranges to 31-15

to an interface 31-18

to QoS 33-8

classifying traffic for QoS 33-48

comments in 31-16

compiling 31-20

defined 31-1, 31-7

examples of 31-20, 33-48

extended IP, configuring for QoS classification 33-49

extended IPv4

creating 31-9

matching criteria 31-7

hardware and software handling 31-19

host keyword 31-11

IP

creating 31-7

fragments and QoS guidelines 33-38

implicit deny 31-9, 31-12, 31-14

implicit masks 31-9

matching criteria 31-7

undefined 31-19

IPv4

applying to interfaces 31-18

creating 31-7

matching criteria 31-7

named 31-13

numbers 31-7

terminal lines, setting on 31-17

unsupported features 31-6

MAC extended 31-22, 33-50

matching 31-7, 31-19

monitoring 31-24

named, IPv4 31-13

number per QoS class map 33-38

port 31-2

precedence of 31-2

QoS 33-8, 33-48

resequencing entries 31-13

router 31-2

standard IP, configuring for QoS classification 33-48

standard IPv4

creating 31-8

matching criteria 31-7

support for 1-10

support in hardware 31-19

time ranges 31-15

types supported 31-2

unsupported features, IPv4 31-6

active link 19-4, 19-5, 19-6

active links 19-2

active traffic monitoring, IP SLAs 32-1

address aliasing 22-2

addresses

displaying the MAC address table 5-30

dynamic

accelerated aging 16-9

changing the aging time 5-22

default aging 16-9

defined 5-20

learning 5-21

removing 5-23

IPv6 35-2

MAC, discovering 5-31

multicast, STP address management 16-9

static

adding and removing 5-27

defined 5-20

address resolution 5-31

Address Resolution Protocol

See ARP

advertisements

CDP 25-1

LLDP 26-2

VTP 13-15, 14-3, 14-4

aggregatable global unicast addresses 35-3

aggregated ports

See EtherChannel

aggregate policers 33-58

aggregate policing 1-14

aging, accelerating 16-9

aging time

accelerated

for MSTP 17-25

for STP 16-9, 16-23

MAC address table 5-22

maximum

for MSTP 17-26

for STP 16-23, 16-24

alarms, RMON 28-3

allowed-VLAN list 13-17

ARP

defined 1-6, 5-31

table

address resolution 5-31

managing 5-31

attributes, RADIUS

vendor-proprietary 9-38

vendor-specific 9-36

attribute-value pairs 10-14, 10-17, 10-23

authentication

local mode with AAA 9-40

NTP associations 5-5

open1x 10-33

RADIUS

key 9-28

login 9-30

TACACS+

defined 9-11

key 9-13

login 9-14

See also port-based authentication

authentication compatibility with Catalyst 6000 switches 10-9

authentication failed VLAN

See restricted VLAN

authentication manager

CLI commands 10-10

compatibility with older 802.1x CLI commands10-10to ??

overview 10-8

authoritative time source, described 5-3

authorization

with RADIUS 9-34

with TACACS+ 9-11, 9-16

authorized ports with IEEE 802.1x 10-11

autoconfiguration 3-3

auto enablement 10-34

automatic advise (auto-advise) in switch stacks 7-11

automatic copy (auto-copy) in switch stacks 7-10

automatic discovery

considerations

beyond a noncandidate device 6-8

brand new switches 6-9

connectivity 6-5

different VLANs 6-7

management VLANs 6-8

non-CDP-capable devices 6-7

noncluster-capable devices 6-7

in switch clusters 6-5

See also CDP

automatic extraction (auto-extract) in switch stacks 7-10

automatic QoS

See QoS

automatic recovery, clusters 6-10

See also HSRP

automatic upgrades (auto-upgrade) in switch stacks 7-10

auto-MDIX

configuring 12-30

described 12-29

autonegotiation

duplex mode 1-4

interface configuration guidelines 12-27

mismatches 38-12

Auto-QoS video devices 1-14

autosensing, port speed 1-4

auxiliary VLAN

See voice VLAN

availability, features 1-8

B

BackboneFast

described 18-7

disabling 18-17

enabling 18-17

support for 1-8

backup interfaces

See Flex Links

backup links 19-2

banners

configuring

login 5-20

message-of-the-day login 5-19

default configuration 5-18

when displayed 5-18

Berkeley r-tools replacement 9-52

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-7

IP source guard 20-14

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-7

booting

boot loader, function of 3-2

boot process 3-2

manually 3-19

specific image 3-20

boot loader

accessing 3-21

described 3-2

environment variables 3-21

prompt 3-21

trap-door mechanism 3-2

BPDU

error-disabled state 18-3

filtering 18-3

RSTP format 17-13

BPDU filtering

described 18-3

disabling 18-15

enabling 18-15

support for 1-8

BPDU guard

described 18-2

disabling 18-14

enabling 18-14

support for 1-8

bridge protocol data unit

See BPDU

broadcast storm-control command 23-4

broadcast storms 23-1

C

cables, monitoring for unidirectional links 24-1

candidate switch

automatic discovery 6-5

defined 6-4

requirements 6-4

See also command switch, cluster standby group, and member switch

Catalyst 6000 switches

authentication compatibility 10-9

CA trustpoint

configuring 9-49

defined 9-47

CDP

and trusted boundary 33-43

automatic discovery in switch clusters 6-5

configuring 25-2

default configuration 25-2

defined with LLDP 26-1

described 25-1

disabling for routing device 25-4

enabling and disabling

on an interface 25-4

on a switch 25-4

monitoring 25-5

overview 25-1

power negotiation extensions 12-5

support for 1-6

switch stack considerations 25-2

transmission timer and holdtime, setting 25-3

updates 25-3

CGMP

as IGMP snooping learning method 22-9

joining multicast group 22-3

CipherSuites 9-48

Cisco 7960 IP Phone 15-1

Cisco Discovery Protocol

See CDP

Cisco intelligent power management 12-5

Cisco IOS File System

See IFS

Cisco IOS IP Service Level Agreements (SLAs) responder 1-5

Cisco IOS IP SLAs 32-2

Cisco Secure ACS

attribute-value pairs for downloadable ACLs 10-23

attribute-value pairs for redirect URL 10-23

Cisco Secure ACS configuration guide 10-65

CiscoWorks 2000 1-5, 30-4

CISP 10-34

CIST regional root

See MSTP

CIST root

See MSTP

civic location 26-3

class maps for QoS

configuring 33-51

described 33-8

displaying 33-79

class of service

See CoS

clearing interfaces 12-38

CLI

abbreviating commands 2-3

command modes 2-1

configuration logging 2-4

described 1-5

editing features

enabling and disabling 2-6

keystroke editing 2-7

wrapped lines 2-8

error messages 2-4

filtering command output 2-9

getting help 2-3

history

changing the buffer size 2-5

described 2-5

disabling 2-6

recalling commands 2-6

managing clusters 6-16

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client mode, VTP 14-3

clock

See system clock

clusters, switch

accessing 6-13

automatic discovery 6-5

automatic recovery 6-10

benefits 1-2

compatibility 6-5

described 6-1

LRE profile considerations 6-16

managing

through CLI 6-16

through SNMP 6-17

planning 6-5

planning considerations

automatic discovery 6-5

automatic recovery 6-10

CLI 6-16

host names 6-13

IP addresses 6-13

LRE profiles 6-16

passwords 6-13

RADIUS 6-16

SNMP 6-14, 6-17

switch stacks 6-14

TACACS+ 6-16

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

automatic recovery 6-12

considerations 6-11

defined 6-2

requirements 6-3

virtual IP address 6-11

See also HSRP

CNS 1-6

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-7

management functions 1-6

CoA Request Commands 9-23

Coarse Wave Division Multiplexer

See CWDM SFPs

command-line interface

See CLI

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 9-8

command switch

accessing 6-11

active (AC) 6-10

configuration conflicts 38-12

defined 6-2

passive (PC) 6-10

password privilege levels 6-17

priority 6-10

recovery

from command-switch failure 6-10, 38-8

from lost member connectivity 38-12

redundant 6-10

replacing

with another switch 38-11

with cluster member 38-9

requirements 6-3

standby (SC) 6-10

See also candidate switch, cluster standby group, member switch, and standby command switch

community strings

configuring 6-14, 30-8

for cluster switches 30-4

in clusters 6-14

overview 30-4

SNMP 6-14

compatibility, feature 23-12

compatibility, software

See stacks, switch

config.text 3-18

configurable leave timer, IGMP 22-6

configuration, initial

defaults 1-16

Express Setup 1-2

configuration changes, logging 29-11

configuration conflicts, recovering from lost member connectivity 38-12

configuration examples, network 1-18

configuration files

archiving A-20

clearing the startup configuration A-19

creating using a text editor A-10

default name 3-18

deleting a stored configuration A-19

described A-8

downloading

automatically 3-18

preparing A-11, A-13, A-16

reasons for A-9

using FTP A-13

using RCP A-17

using TFTP A-11

guidelines for creating and using A-9

guidelines for replacing and rolling back A-21

invalid combinations when copying A-5

limiting TFTP server access 30-16

obtaining with DHCP 3-9

password recovery disable considerations 9-5

replacing a running configuration A-19, A-20

rolling back a running configuration A-19, A-20

specifying the filename 3-18

system contact and location information 30-16

types and location A-10

uploading

preparing A-11, A-13, A-16

reasons for A-9

using FTP A-15

using RCP A-18

using TFTP A-12

configuration logger 29-11

configuration logging 2-4

configuration replacement A-19

configuration rollback A-19, A-20

configuration settings, saving 3-15

configure terminal command 12-16

configuring 802.1x user distribution 10-61

configuring port-based authentication violation modes 10-43

configuring small-frame arrival rate 23-5

conflicts, configuration 38-12

connections, secure remote 9-42

connectivity problems 38-14, 38-15, 38-17

consistency checks in VTP Version 2 14-5

console port, connecting to 2-10

control protocol, IP SLAs 32-4

corrupted software, recovery steps with Xmodem 38-2

CoS

in Layer 2 frames 33-2

override priority 15-6

trust priority 15-6

CoS input queue threshold map for QoS 33-16

CoS output queue threshold map for QoS 33-19

CoS-to-DSCP map for QoS 33-61

counters, clearing interface 12-38

CPU utilization, troubleshooting 38-28

crashinfo file 38-23

critical authentication, IEEE 802.1x 10-57

critical VLAN 10-26

cross-stack EtherChannel

configuration guidelines 37-13

described 37-3

illustration 37-4

support for 1-8

cross-stack UplinkFast, STP

described 18-5

disabling 18-17

enabling 18-17

fast-convergence events 18-7

Fast Uplink Transition Protocol 18-6

normal-convergence events 18-7

support for 1-8

cryptographic software image

SSH 9-41

SSL 9-46

switch stack considerations 7-14

customjzeable web pages, web-based authentication 11-6

CWDM SFPs 1-23

D

DACL

See downloadable ACL

daylight saving time 5-14

debugging

enabling all system diagnostics 38-21

enabling for a specific feature 38-20

redirecting error message output 38-21

using commands 38-20

default commands 2-4

default configuration

802.1x 10-37

auto-QoS 33-22

banners 5-18

booting 3-18

CDP 25-2

DHCP 20-9

DHCP option 82 20-9

DHCP snooping 20-9

DHCP snooping binding database 20-9

DNS 5-17

dynamic ARP inspection 21-5

EtherChannel 37-11

Ethernet interfaces 12-23

Flex Links 19-8

IGMP filtering 22-24

IGMP snooping 22-7, 36-6

IGMP throttling 22-24

initial switch information 3-3

IP SLAs 32-5

IP source guard 20-16

IPv6 35-6

Layer 2 interfaces 12-23

LLDP 26-5

MAC address table 5-22

MAC address-table move update 19-8

MSTP 17-16

MVR 22-19

NTP 5-5

optional spanning-tree configuration 18-12

password and privilege level 9-2

RADIUS 9-27

RMON 28-3

RSPAN 27-11

SDM template 8-3

SNMP 30-6

SPAN 27-11

SSL 9-48

standard QoS 33-36

STP 16-13

switch stacks 7-17

system message logging 29-4

system name and prompt 5-16

TACACS+ 9-13

UDLD 24-4

VLAN, Layer 2 Ethernet interfaces 13-15

VLANs 13-7

VMPS 13-24

voice VLAN 15-3

VTP 14-9

default gateway 3-15

default web-based authentication configuration

802.1X 11-9

deleting VLANs 13-9

denial-of-service attack 23-1

description command 12-34

designing your network, examples 1-18

destination addresses

in IPv4 ACLs 31-10

destination-IP address-based forwarding, EtherChannel 37-9

destination-MAC address forwarding, EtherChannel 37-9

detecting indirect link failures, STP 18-8

device A-23

device discovery protocol 25-1, 26-1

device manager

benefits 1-2

described 1-2, 1-5

in-band management 1-7

upgrading a switch A-23

DHCP

enabling

relay agent 20-11

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-8

relay device 3-8

server side 3-6

TFTP server 3-7

example 3-10

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-4

relay support 1-6

support for 1-6

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding3-5to 3-6

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-9

default configuration 20-9

displaying 20-14

overview 20-4

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP server port-based address allocation

configuration guidelines 20-23

default configuration 20-23

described 20-22

displaying 20-25

enabling 20-23

reserved addresses 20-23

DHCP server port-based address assignment

support for 1-6

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-11

binding database

See DHCP snooping binding database

configuration guidelines 20-9

default configuration 20-9

displaying binding tables 20-14

message exchange process 20-4

option 82 data insertion 20-4

trusted interface 20-3

untrusted interface 20-3

untrusted messages 20-3

DHCP snooping binding database

adding bindings 20-13

binding entries, displaying 20-14

binding file

format 20-8

location 20-7

bindings 20-7

clearing agent statistics 20-13

configuration guidelines 20-10

configuring 20-13

default configuration 20-9

deleting

binding file 20-13

bindings 20-13

database agent 20-13

described 20-7

displaying 20-14

displaying status and statistics 20-14

enabling 20-13

entry 20-7

renewing database 20-13

resetting

delay value 20-13

timeout value 20-13

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS 33-2

Differentiated Services Code Point 33-2

directed unicast requests 1-6

directories

changing A-4

creating and removing A-4

displaying the working A-4

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration 3-8

default configuration 5-17

displaying the configuration 5-18

in IPv6 35-3

overview 5-16

setting up 5-17

support for 1-6

domain names

DNS 5-16

VTP 14-10

Domain Name System

See DNS

downloadable ACL 10-21, 10-23, 10-65

downloading

configuration files

preparing A-11, A-13, A-16

reasons for A-9

using FTP A-13

using RCP A-17

using TFTP A-11

image files

deleting old image A-27

preparing A-25, A-29, A-33

reasons for A-23

using CMS 1-2

using FTP A-30

using HTTP 1-2, A-23

using RCP A-34

using TFTP A-26

using the device manager or Network Assistant A-23

DRP

support for 1-15

DSCP 1-13, 33-2

DSCP input queue threshold map for QoS 33-16

DSCP output queue threshold map for QoS 33-19

DSCP-to-CoS map for QoS 33-64

DSCP-to-DSCP-mutation map for QoS 33-65

DSCP transparency 33-44

DTP 1-9, 13-13

dual-action detection 37-6

dual IPv4 and IPv6 templates 35-4, 35-5

dual protocol stacks

IPv4 and IPv6 35-4

SDM templates supporting 35-5

dual-purpose uplinks

defined 12-4

LEDs 12-5

link selection 12-5, 12-25

setting the type 12-25

dynamic access ports

characteristics 13-4

configuring 13-25

defined 12-3

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 21-1

ARP requests, described 21-1

ARP spoofing attack 21-1

clearing

log buffer 21-16

statistics 21-16

configuration guidelines 21-6

configuring

ACLs for non-DHCP environments 21-9

in DHCP environments 21-7

log buffer 21-13

rate limit for incoming ARP packets 21-4, 21-11

default configuration 21-5

denial-of-service attacks, preventing 21-11

described 21-1

DHCP snooping binding database 21-2

displaying

ARP ACLs 21-15

configuration and operating state 21-15

log buffer 21-16

statistics 21-16

trust state and rate limit 21-15

error-disabled state for exceeding rate limit 21-4

function of 21-2

interface trust states 21-3

log buffer

clearing 21-16

configuring 21-13

displaying 21-16

logging of dropped packets, described 21-5

man-in-the middle attack, described 21-2

network security issues and interface trust states 21-3

priority of ARP ACLs and DHCP snooping entries 21-4

rate limiting of ARP packets

configuring 21-11

described 21-4

error-disabled state 21-4

statistics

clearing 21-16

displaying 21-16

validation checks, performing 21-12

dynamic auto trunking mode 13-14

dynamic desirable trunking mode 13-14

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 13-23

reconfirming 13-26

troubleshooting 13-28

types of connections 13-25

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling 2-6

keystrokes used 2-7

wrapped lines 2-8

elections

See stack master

ELIN location 26-3

enable password 9-3

enable secret password 9-3

encryption, CipherSuite 9-48

encryption for passwords 9-3

environment variables, function of 3-21

error-disabled state, BPDU 18-3

error messages during command entry 2-4

EtherChannel

automatic creation of 37-5, 37-7

channel groups

binding physical and logical interfaces 37-4

numbering of 37-4

configuration guidelines 37-12

configuring Layer 2 interfaces 37-13

default configuration 37-11

described 37-2

displaying status 37-20

forwarding methods 37-8, 37-15

IEEE 802.3ad, described 37-7

interaction

with STP 37-12

with VLANs 37-13

LACP

described 37-7

displaying status 37-20

hot-standby ports 37-18

interaction with other features 37-8

modes 37-7

port priority 37-19

system priority 37-18

load balancing 37-8, 37-15

PAgP

aggregate-port learners 37-16

compatibility with Catalyst 1900 37-17

described 37-5

displaying status 37-20

interaction with other features 37-7

interaction with virtual switches 37-6

learn method and priority configuration 37-16

modes 37-6

support for 1-4

with dual-action detection 37-6

port-channel interfaces

described 37-4

numbering of 37-4

port groups 12-4

stack changes, effects of 37-10

support for 1-4

EtherChannel guard

described 18-10

disabling 18-18

enabling 18-18

Ethernet management port

active link 12-21

and routing 12-21

and TFTP 12-22

configuring 12-22

default setting 12-21

described 12-21

for network management 12-21

specifying 12-22

supported features 12-21

unsupported features 12-22

Ethernet management port, internal

and routing 12-21

unsupported features 12-22

Ethernet VLANs

adding 13-8

defaults and ranges 13-7

modifying 13-8

EUI 35-3

events, RMON 28-3

examples

network configuration 1-18

expedite queue for QoS 33-78

Express Setup 1-2

See also getting started guide

extended crashinfo file 38-23

extended-range VLANs

configuration guidelines 13-11

configuring 13-10

creating 13-11

defined 13-1

extended system ID

MSTP 17-19

STP 16-4, 16-16

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 10-1

F

fa0 interface 1-7

Fa0 port

See Ethernet management port

failover support 1-8

Fast Convergence 19-3

fastethernet0 port

See Ethernet management port

Fast Uplink Transition Protocol 18-6

features, incompatible 23-12

fiber-optic, detecting unidirectional links 24-1

files

basic crashinfo

description 38-23

location 38-23

copying A-5

crashinfo, description 38-23

deleting A-5

displaying the contents of A-8

extended crashinfo

description 38-24

location 38-24

tar

creating A-6

displaying the contents of A-7

extracting A-7

image file format A-24

file system

displaying available file systems A-2

displaying file information A-3

local file system names A-1

network file system names A-5

setting the default A-3

filtering

non-IP traffic 31-22

show and more command output 2-9

filtering show and more command output 2-9

filters, IP

See ACLs, IP

flash device, number of A-1

flexible authentication ordering

configuring 10-68

overview 10-32

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-9, 19-10

configuring preferred VLAN 19-12

configuring VLAN load balancing 19-11

default configuration 19-8

description 19-2

link load balancing 19-3

monitoring 19-14

VLANs 19-3

flooded traffic, blocking 23-8

flow-based packet classification 1-13

flowcharts

QoS classification 33-7

QoS egress queueing and scheduling 33-18

QoS ingress queueing and scheduling 33-15

QoS policing and marking 33-11

flowcontrol

configuring 12-29

described 12-28

forward-delay time

MSTP 17-25

STP 16-23

FTP

accessing MIB files B-4

configuration files

downloading A-13

overview A-12

preparing the server A-13

uploading A-15

image files

deleting old image A-31

downloading A-30

preparing the server A-29

uploading A-32

G

general query 19-5

Generating IGMP Reports 19-4

get-bulk-request operation 30-3

get-next-request operation 30-3, 30-4

get-request operation 30-3, 30-4

get-response operation 30-3

Gigabit modules

See SFPs

global configuration mode 2-2

global leave, IGMP 22-13

guest VLAN and 802.1x 10-24

guide mode 1-2

GUIs

See device manager and Network Assistant

H

hello time

MSTP 17-25

STP 16-22

help, for the command line 2-3

HFTM space 38-26

history

changing the buffer size 2-5

described 2-5

disabling 2-6

recalling commands 2-6

history table, level and number of syslog messages 29-10

host names, in clusters 6-13

hosts, limit on dynamic ports 13-28

HP OpenView 1-5

HQATM space 38-26

HSRP

automatic cluster recovery 6-12

cluster standby group considerations 6-11

See also clusters, cluster standby group, and standby command switch

HTTP over SSL

see HTTPS

HTTPS 9-46

configuring 9-50

self-signed certificate 9-47

HTTP secure server 9-46

Hulc Forwarding TCAM Manager

See HFTM space

Hulc QoS/ACL TCAM Manager

See HQATM space

I

ICMP

IPv6 35-3

time-exceeded messages 38-17

traceroute and 38-17

ICMP ping

executing 38-15

overview 38-14

ICMPv6 35-3

IDS appliances

and ingress RSPAN 27-21

and ingress SPAN 27-14

IEEE 802.1D

See STP

IEEE 802.1p 15-1

IEEE 802.1Q

and trunk ports 12-3

configuration limitations 13-14

encapsulation 13-13

native VLAN for untagged traffic 13-18

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ad, PoE+ 1-15, 12-6

IEEE 802.3af

See PoE

IEEE 802.3x flow control 12-28

ifIndex values, SNMP 30-5

IFS 1-6

IGMP

configurable leave timer

described 22-6

enabling 22-11

flooded multicast traffic

controlling the length of time 22-12

disabling on an interface 22-13

global leave 22-13

query solicitation 22-13

recovering from flood mode 22-13

joining multicast group 22-3

join messages 22-3

leave processing, enabling 22-10, 36-9

leaving multicast group 22-5

queries 22-4

report suppression

described 22-6

disabling 22-15, 36-11

supported versions 22-3

support for 1-4

IGMP filtering

configuring 22-24

default configuration 22-24

described 22-23

monitoring 22-28

support for 1-4

IGMP groups

configuring filtering 22-27

setting the maximum number 22-26

IGMP Immediate Leave

configuration guidelines 22-11

described 22-5

enabling 22-10

IGMP profile

applying 22-25

configuration mode 22-24

configuring 22-25

IGMP snooping

and address aliasing 22-2

and stack changes 22-6

configuring 22-7

default configuration 22-7, 36-6

definition 22-2

enabling and disabling 22-7, 36-7

global configuration 22-7

Immediate Leave 22-5

in the switch stack 22-6

method 22-8

monitoring 22-16, 36-12

querier

configuration guidelines 22-14

configuring 22-14

supported versions 22-3

support for 1-4

VLAN configuration 22-8

IGMP throttling

configuring 22-27

default configuration 22-24

described 22-24

displaying action 22-28

Immediate Leave, IGMP 22-5

enabling 36-9

inaccessible authentication bypass 10-26

support for multiauth ports 10-26

initial configuration

defaults 1-16

Express Setup 1-2

interface

number 12-16

range macros 12-19

interface command12-16to ??, 12-16

interface configuration mode 2-2

interfaces

auto-MDIX, configuring 12-29

configuration guidelines

duplex and speed 12-26

configuring

procedure 12-16

counters, clearing 12-38

default configuration 12-23

described 12-34

descriptive name, adding 12-34

displaying information about 12-38

flow control 12-28

management 1-5

monitoring 12-37

naming 12-34

physical, identifying 12-15, 12-16

range of 12-17

restarting 12-39

shutting down 12-39

speed and duplex, configuring 12-27

status 12-37

supported 12-15

types of 12-1

interfaces range macro command 12-19

interface types 12-16

Internet Protocol version 6

See IPv6

inter-VLAN routing 34-1

Intrusion Detection System

See IDS appliances

inventory management TLV 26-3, 26-7

IP ACLs

for QoS classification 33-8

implicit deny 31-9, 31-12

implicit masks 31-9

named 31-13

undefined 31-19

IP addresses

128-bit 35-2

candidate or member 6-4, 6-13

classes of 34-4

cluster access 6-2

command switch 6-3, 6-11, 6-13

discovering 5-31

for IP routing 34-4

IPv6 35-2

redundant clusters 6-11

standby command switch 6-11, 6-13

See also IP information

ip igmp profile command 22-24

IP information

assigned

manually 3-15

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP phones

and QoS 15-1

automatic classification and queueing 33-21

configuring 15-4

ensuring port security with QoS 33-43

trusted boundary for QoS 33-43

IP Port Security for Static Hosts

on a Layer 2 access port 20-18

IP precedence 33-2

IP-precedence-to-DSCP map for QoS 33-62

IP protocols in ACLs 31-10

IP routing

disabling 34-4

enabling 34-4

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 32-1

IP SLAs

benefits 32-2

configuration guidelines 32-5

Control Protocol 32-4

default configuration 32-5

definition 32-1

measuring network performance 32-3

monitoring 32-6

operation 32-3

responder

described 32-4

enabling 32-6

response time 32-4

SNMP support 32-2

supported metrics 32-2

IP source guard

and 802.1x 20-17

and DHCP snooping 20-14

and EtherChannels 20-17

and port security 20-17

and private VLANs 20-17

and routed ports 20-16

and TCAM entries 20-17

and trunk interfaces 20-16

and VRF 20-17

binding configuration

automatic 20-14

manual 20-14

binding table 20-14

configuration guidelines 20-16

default configuration 20-16

described 20-14

disabling 20-18

displaying

active IP or MAC bindings 20-22

bindings 20-22

configuration 20-22

enabling 20-17, 20-18

filtering

source IP address 20-15

source IP and MAC address 20-15

on provisioned switches 20-17

source IP address filtering 20-15

source IP and MAC address filtering 20-15

static bindings

adding 20-17, 20-18

deleting 20-18

static hosts 20-18

IP traceroute

executing 38-18

overview 38-17

IP unicast routing

assigning IP addresses to Layer 3 interfaces 34-4

configuring static routes 34-5

disabling 34-4

enabling 34-4

inter-VLAN 34-1

IP addressing

classes 34-4

configuring 34-4

steps to configure 34-3

subnet mask 34-4

with SVIs 34-3

IPv4 ACLs

applying to interfaces 31-18

extended, creating 31-9

named 31-13

standard, creating 31-8

IPv4 and IPv6

dual protocol stacks 35-4

IPv6

addresses 35-2

address formats 35-2

and switch stacks 35-6

applications 35-4

assigning address 35-7

autoconfiguration 35-4

configuring static routes 35-10

default configuration 35-6

defined 35-1

forwarding 35-7

ICMP 35-3

monitoring 35-11

neighbor discovery 35-3

SDM templates 36-1

stack master functions 35-6

Stateless Autoconfiguration 35-4

supported features 35-2

J

join messages, IGMP 22-3

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 33-2

Layer 2 interfaces, default configuration 12-23

Layer 2 traceroute

and ARP 38-16

and CDP 38-16

broadcast traffic 38-16

described 38-16

IP addresses and subnets 38-16

MAC addresses and VLANs 38-16

multicast traffic 38-16

multiple devices on a port 38-17

unicast traffic 38-16

usage guidelines 38-16

Layer 3 features 1-15

Layer 3 interfaces

assigning IP addresses to 34-4

assigning IPv6 addresses to 35-7

changing from Layer 2 mode 34-4

Layer 3 packets, classification methods 33-2

LDAP 4-2

Leaking IGMP Reports 19-4

LEDs, switch

See hardware installation guide

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

link failure, detecting unidirectional 17-8

Link Layer Discovery Protocol

See CDP

link local unicast addresses 35-3

link redundancy

See Flex Links

links, unidirectional 24-1

link-state tracking

configuring 37-23

described 37-20

LLDP

configuring 26-5

characteristics 26-6

default configuration 26-5

enabling 26-6

monitoring and maintaining 26-11

overview 26-1

supported TLVs 26-2

switch stack considerations 26-2

transmission timer and holdtime, setting 26-6

LLDP-MED

configuring

procedures 26-5

TLVs 26-7

monitoring and maintaining 26-11

overview 26-1, 26-2

supported TLVs 26-2

LLDP Media Endpoint Discovery

See LLDP-MED

local SPAN 27-2

location TLV 26-3, 26-7

login authentication

with RADIUS 9-30

with TACACS+ 9-14

login banners 5-18

log messages

See system message logging

Long-Reach Ethernet (LRE) technology 1-20

loop guard

described 18-11

enabling 18-19

support for 1-9

LRE profiles, considerations in switch clusters 6-16

M

MAB

See MAC authentication bypass

MAB inactivity timer

default setting 10-37

range 10-40

MAC/PHY configuration status TLV 26-2

MAC addresses

aging time 5-22

and VLAN association 5-21

building the address table 5-21

default configuration 5-22

disabling learning on a VLAN 5-30

discovering 5-31

displaying 5-30

displaying in the IP source binding table 20-22

dynamic

learning 5-21

removing 5-23

in ACLs 31-22

static

adding 5-27

allowing 5-29, 5-30

characteristics of 5-27

dropping 5-29

removing 5-28

MAC address learning 1-6

MAC address learning, disabling on a VLAN 5-30

MAC address notification, support for 1-15

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-8

description 19-6

monitoring 19-14

MAC address-to-VLAN mapping 13-23

MAC authentication bypass 10-40

configuring 10-61

overview 10-18

MAC extended access lists

applying to Layer 2 interfaces 31-23

configuring for QoS 33-50

creating 31-22

defined 31-22

for QoS classification 33-5

magic packet 10-29

manageability features 1-6

management access

in-band

browser session 1-7

CLI session 1-7

device manager 1-7

SNMP 1-7

out-of-band console port connection 1-7

management address TLV 26-2

management options

CLI 2-1

clustering 1-3

CNS 4-1

Network Assistant 1-2

overview 1-5

management VLAN

considerations in switch clusters 6-8

discovery through different management VLANs 6-8

mapping tables for QoS

configuring

CoS-to-DSCP 33-61

DSCP 33-61

DSCP-to-CoS 33-64

DSCP-to-DSCP-mutation 33-65

IP-precedence-to-DSCP 33-62

policed-DSCP 33-63

described 33-11

marking

action with aggregate policers 33-58

described 33-4, 33-9

matching, IPv4 ACLs 31-7

maximum aging time

MSTP 17-26

STP 16-23

maximum hop count, MSTP 17-26

maximum number of allowed devices, port-based authentication 10-40

MDA

configuration guidelines10-13to 10-14

described 1-11, 10-13

exceptions with authentication process 10-6

membership mode, VLAN port 13-3

member switch

automatic discovery 6-5

defined 6-2

managing 6-16

passwords 6-13

recovering from lost connectivity 38-12

requirements 6-4

See also candidate switch, cluster standby group, and standby command switch

memory consistency check errors

displaying 38-27

example 38-27

memory consistency check routines 1-5, 38-26

memory consistency integrity 1-5, 38-26

messages, to users through banners 5-18

MIBs

accessing files with FTP B-4

location of files B-4

overview 30-1

SNMP interaction with 30-4

supported B-1

mirroring traffic for analysis 27-1

mismatches, autonegotiation 38-12

module number 12-16

monitoring

access groups 31-24

cables for unidirectional links 24-1

CDP 25-5

features 1-15

Flex Links 19-14

IGMP

filters 22-28

snooping 22-16, 36-12

interfaces 12-37

IP SLAs operations 32-6

IPv4 ACL configuration 31-24

IPv6 35-11

MAC address-table move update 19-14

multicast router interfaces 22-16, 36-12

MVR 22-23

network traffic for analysis with probe 27-2

port

blocking 23-18

protection 23-18

SFP status 12-38, 38-14

speed and duplex mode 12-28

traffic flowing among switches 28-1

traffic suppression 23-18

VLANs 13-13

VMPS 13-27

VTP 14-18

mrouter Port 19-3

mrouter port 19-5

MSTP

boundary ports

configuration guidelines 17-17

described 17-6

BPDU filtering

described 18-3

enabling 18-15

BPDU guard

described 18-2

enabling 18-14

CIST, described 17-3

CIST regional root 17-3

CIST root 17-5

configuration guidelines 17-16, 18-12

configuring

forward-delay time 17-25

hello time 17-25

link type for rapid convergence 17-27

maximum aging time 17-26

maximum hop count 17-26

MST region 17-17

neighbor type 17-27

path cost 17-23

port priority 17-21

root switch 17-19

secondary root switch 17-20

switch priority 17-24

CST

defined 17-3

operations between regions 17-4

default configuration 17-16

default optional feature configuration 18-12

displaying status 17-28

enabling the mode 17-17

EtherChannel guard

described 18-10

enabling 18-18

extended system ID

effects on root switch 17-19

effects on secondary root switch 17-20

unexpected behavior 17-19

IEEE 802.1s

implementation 17-7

port role naming change 17-7

terminology 17-5

instances supported 16-10

interface state, blocking to forwarding 18-2

interoperability and compatibility among modes 16-11

interoperability with IEEE 802.1D

described 17-9

restarting migration process 17-28

IST

defined 17-3

master 17-3

operations within a region 17-3

loop guard

described 18-11

enabling 18-19

mapping VLANs to MST instance 17-18

MST region

CIST 17-3

configuring 17-17

described 17-2

hop-count mechanism 17-6

IST 17-3

supported spanning-tree instances 17-2

optional features supported 1-8

overview 17-2

Port Fast

described 18-2

enabling 18-13

preventing root switch selection 18-10

root guard

described 18-10

enabling 18-18

root switch

configuring 17-19

effects of extended system ID 17-19

unexpected behavior 17-19

shutdown Port Fast-enabled port 18-2

stack changes, effects of 17-9

status, displaying 17-28

multiauth

support for inaccessible authentication bypass 10-26

multiauth mode

See multiple-authentication mode

multicast groups

Immediate Leave 22-5

joining 22-3

leaving 22-5

static joins 22-10, 36-8

multicast router interfaces, monitoring 22-16, 36-12

multicast router ports, adding 22-9, 36-8

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 22-18

multicast VLAN 22-17

Multicast VLAN Registration

See MVR

multidomain authentication

See MDA

multiple authentication 10-15

multiple authentication mode

configuring 10-46

MVR

and address aliasing 22-20

and IGMPv3 22-20

configuration guidelines 22-20

configuring interfaces 22-21

default configuration 22-19

described 22-17

example application 22-18

modes 22-21

monitoring 22-23

multicast television application 22-18

setting global parameters 22-20

support for 1-4

N

NAC

critical authentication 10-26, 10-57

IEEE 802.1x authentication using a RADIUS server 10-63

IEEE 802.1x validation using RADIUS server 10-63

inaccessible authentication bypass 10-57

Layer 2 IEEE 802.1x validation 1-12, 10-32, 10-63

named IPv4 ACLs 31-13

NameSpace Mapper

See NSM

native VLAN

configuring 13-18

default 13-18

NEAT

configuring 10-64

overview 10-33

neighbor discovery, IPv6 35-3

Network Admission Control

See NAC

Network Assistant

benefits 1-2

described 1-5

downloading image files 1-2

guide mode 1-2

management options 1-2

managing switch stacks 7-2, 7-14

upgrading a switch A-23

wizards 1-2

network configuration examples

increasing network performance 1-19

long-distance, high-bandwidth transport 1-23

providing network services 1-19

server aggregation and Linux server cluster 1-21

small to medium-sized network 1-22

network design

performance 1-19

services 1-19

Network Edge Access Topology

See NEAT

network management

CDP 25-1

RMON 28-1

SNMP 30-1

network performance, measuring with IP SLAs 32-3

network policy TLV 26-2, 26-7

Network Time Protocol

See NTP

no commands 2-4

nonhierarchical policy maps

described 33-10

non-IP traffic filtering 31-22

nontrunking mode 13-14

normal-range VLANs 13-4

configuration guidelines 13-6

configuring 13-4

defined 13-1

NSM 4-3

NTP

associations

authenticating 5-5

defined 5-3

enabling broadcast messages 5-7

peer 5-6

server 5-6

default configuration 5-5

displaying the configuration 5-12

overview 5-3

restricting access

creating an access group 5-9

disabling NTP services per interface 5-11

source IP address, configuring 5-11

stratum 5-3

support for 1-6

synchronizing devices 5-6

time

services 5-3

synchronizing 5-3

O

OBFL

configuring 38-25

described 38-24

displaying 38-26

offline configuration for switch stacks 7-7

off mode, VTP 14-4

on-board failure logging

See OBFL

online diagnostics

overview 39-1

running tests 39-3

understanding 39-1

open1x

configuring 10-69

open1x authentication

overview 10-33

optimizing system resources 8-1

options, management 1-5

out-of-profile markdown 1-14

P

packet modification, with QoS 33-20

PAgP

See EtherChannel

passwords

default configuration 9-2

disabling recovery of 9-5

encrypting 9-3

for security 1-10

in clusters 6-13

overview 9-1

recovery of 38-3

setting

enable 9-3

enable secret 9-3

Telnet 9-6

with usernames 9-7

VTP domain 14-10

path cost

MSTP 17-23

STP 16-20

PC (passive command switch) 6-10

performance, network design 1-19

performance features 1-4

persistent self-signed certificate 9-47

per-user ACLs and Filter-Ids 10-9

per-VLAN spanning-tree plus

See PVST+

physical ports 12-2

PIM-DVMRP, as snooping method 22-8

ping

character output description 38-15

executing 38-15

overview 38-14

PoE

auto mode 12-7

CDP with power consumption, described 12-5

CDP with power negotiation, described 12-5

Cisco intelligent power management 12-5

configuring 12-30

cutoff power

determining 12-8

cutoff-power

support for 12-8

devices supported 12-5

high-power devices operating in low-power mode 12-6

IEEE power classification levels 12-6

monitoring 12-8

monitoring power 12-33

policing power consumption 12-33

policing power usage 12-8

power budgeting 12-31

power consumption 12-9, 12-31

powered-device detection and initial power allocation 12-6

power management modes 12-7

power monitoring 12-8

power negotiation extensions to CDP 12-5

power sensing 12-8

standards supported 12-5

static mode 12-7

total available power 12-10

troubleshooting 38-13

PoE+ 1-15, 12-5, 12-6, 12-30

policed-DSCP map for QoS 33-63

policers

configuring

for each matched traffic class 33-53

for more than one traffic class 33-58

described 33-4

displaying 33-79

number of 33-39

types of 33-10

policing

described 33-4

token-bucket algorithm 33-10

policy maps for QoS

characteristics of 33-53

described 33-8

displaying 33-80

nonhierarchical on physical ports

described 33-10

port ACLs

defined 31-2

types of 31-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 10-17

authentication server

defined 10-3, 11-2

RADIUS server 10-3

client, defined 10-3, 11-2

configuration guidelines 10-38, 11-9

configuring

802.1x authentication 10-44

guest VLAN 10-54

host mode 10-46

inaccessible authentication bypass 10-57

manual re-authentication of a client 10-49

periodic re-authentication 10-48

quiet period 10-49

RADIUS server 10-46, 11-13

RADIUS server parameters on the switch 10-45, 11-11

restricted VLAN 10-55

switch-to-client frame-retransmission number 10-50, 10-51

switch-to-client retransmission time 10-50

violation modes 10-43

default configuration 10-37, 11-9

described 10-1

device roles 10-3, 11-2

displaying statistics 10-71, 11-17

downloadable ACLs and redirect URLs

configuring10-65to10-67, ??to 10-68

overview10-21to 10-23

EAPOL-start frame 10-6

EAP-request/identity frame 10-6

EAP-response/identity frame 10-6

enabling

802.1X authentication 11-11

encapsulation 10-3

flexible authentication ordering

configuring 10-68

overview 10-32

guest VLAN

configuration guidelines 10-24, 10-25

described 10-24

host mode 10-13

inaccessible authentication bypass

configuring 10-57

described 10-26

guidelines 10-39

initiation and message exchange 10-6

magic packet 10-29

maximum number of allowed devices per port 10-40

method lists 10-44

multiple authentication 10-15

per-user ACLs

configuration tasks 10-21

described 10-20

RADIUS server attributes 10-20

ports

authorization state and dot1x port-control command 10-11

authorized and unauthorized 10-11

voice VLAN 10-27

port security

and voice VLAN 10-29

described 10-28

interactions 10-28

multiple-hosts mode 10-13

readiness check

configuring 10-40

described 10-18, 10-40

resetting to default values 10-70

stack changes, effects of 10-12

statistics, displaying 10-71

switch

as proxy 10-3, 11-2

RADIUS client 10-3

switch supplicant

configuring 10-64

overview 10-33

user distribution

guidelines 10-31

overview 10-31

VLAN assignment

AAA authorization 10-44

characteristics 10-19

configuration tasks 10-20

described 10-19

voice aware 802.1x security

configuring 10-41

described 10-33, 10-41

voice VLAN

described 10-27

PVID 10-27

VVID 10-27

wake-on-LAN, described 10-29

with ACLs and RADIUS Filter-Id attribute 10-35

port-based authentication methods, supported 10-8

port blocking 1-4, 23-7

port-channel

See EtherChannel

port description TLV 26-2

Port Fast

described 18-2

enabling 18-13

mode, spanning tree 13-24

support for 1-8

port membership modes, VLAN 13-3

port priority

MSTP 17-21

STP 16-18

ports

access 12-3

blocking 23-7

dual-purpose uplink 12-4

dynamic access 13-4

protected 23-6

secure 23-9

static-access 13-3, 13-9

switch 12-2

trunks 13-3, 13-13

VLAN assignments 13-9

port security

aging 23-17

and QoS trusted boundary 33-43

and stacking 23-18

configuring 23-13

default configuration 23-11

described 23-8

displaying 23-18

on trunk ports 23-14

sticky learning 23-9

violations 23-10

with other features 23-11

port-shutdown response, VMPS 13-23

port VLAN ID TLV 26-2

power management TLV 26-3, 26-7

Power over Ethernet

See PoE

preemption, default configuration 19-8

preemption delay, default configuration 19-8

preferential treatment of traffic

See QoS

preventing unauthorized access 9-1

primary links 19-2

priority

overriding CoS 15-6

trusting CoS 15-6

private VLAN edge ports

See protected ports

privileged EXEC mode 2-2

privilege levels

changing the default for lines 9-9

command switch 6-17

exiting 9-10

logging into 9-10

mapping on member switches 6-17

overview 9-2, 9-8

setting a command with 9-8

protected ports 1-10, 23-6

provisioned switches and IP source guard 20-17

provisioning new members for a switch stack 7-7

proxy reports 19-4

pruning, VTP

disabling

in VTP domain 14-16

on a port 13-18

enabling

in VTP domain 14-16

on a port 13-18

examples 14-7

overview 14-6

pruning-eligible list

changing 13-18

for VTP pruning 14-6

VLANs 14-16

PVST+

described 16-10

IEEE 802.1Q trunking interoperability 16-11

instances supported 16-10

Q

QoS

and MQC commands 33-1

auto-QoS

categorizing traffic 33-22

configuration and defaults display 33-35

configuration guidelines 33-32

described 33-21

disabling 33-34

displaying generated commands 33-34

displaying the initial configuration 33-35

effects on running configuration 33-32

list of generated commands 33-25

basic model 33-4

classification

class maps, described 33-8

defined 33-4

DSCP transparency, described 33-44

flowchart 33-7

forwarding treatment 33-3

in frames and packets 33-3

IP ACLs, described 33-6, 33-8

MAC ACLs, described 33-5, 33-8

options for IP traffic 33-6

options for non-IP traffic 33-5

policy maps, described 33-8

trust DSCP, described 33-5

trusted CoS, described 33-5

trust IP precedence, described 33-5

class maps

configuring 33-51

displaying 33-79

configuration guidelines

auto-QoS 33-32

standard QoS 33-38

configuring

aggregate policers 33-58

auto-QoS 33-21

default port CoS value 33-42

DSCP maps 33-61

DSCP transparency 33-44

DSCP trust states bordering another domain 33-45

egress queue characteristics 33-72

ingress queue characteristics 33-67

IP extended ACLs 33-49

IP standard ACLs 33-48

MAC ACLs 33-50

port trust states within the domain 33-40

trusted boundary 33-43

default auto configuration 33-22

default standard configuration 33-36

displaying statistics 33-79

DSCP transparency 33-44

egress queues

allocating buffer space 33-72

buffer allocation scheme, described 33-18

configuring shaped weights for SRR 33-76

configuring shared weights for SRR 33-77

described 33-4

displaying the threshold map 33-75

flowchart 33-18

mapping DSCP or CoS values 33-74

scheduling, described 33-4

setting WTD thresholds 33-72

WTD, described 33-19

enabling globally 33-40

flowcharts

classification 33-7

egress queueing and scheduling 33-18

ingress queueing and scheduling 33-15

policing and marking 33-11

implicit deny 33-8

ingress queues

allocating bandwidth 33-70

allocating buffer space 33-69

buffer and bandwidth allocation, described 33-16

configuring shared weights for SRR 33-70

configuring the priority queue 33-71

described 33-4

displaying the threshold map 33-68

flowchart 33-15

mapping DSCP or CoS values 33-67

priority queue, described 33-17

scheduling, described 33-4

setting WTD thresholds 33-67

WTD, described 33-16

IP phones

automatic classification and queueing 33-21

detection and trusted settings 33-21, 33-43

limiting bandwidth on egress interface 33-78

mapping tables

CoS-to-DSCP 33-61

displaying 33-80

DSCP-to-CoS 33-64

DSCP-to-DSCP-mutation 33-65

IP-precedence-to-DSCP 33-62

policed-DSCP 33-63

types of 33-11

marked-down actions 33-56

marking, described 33-4, 33-9

overview 33-2

packet modification 33-20

policers

configuring 33-56, 33-59

described 33-9

displaying 33-79

number of 33-39

types of 33-10

policies, attaching to an interface 33-9

policing

described 33-4, 33-9

token bucket algorithm 33-10

policy maps

characteristics of 33-53

displaying 33-80

nonhierarchical on physical ports 33-53

QoS label, defined 33-4

queues

configuring egress characteristics 33-72

configuring ingress characteristics 33-67

high priority (expedite) 33-20, 33-78

location of 33-12

SRR, described 33-14

WTD, described 33-13

rewrites 33-20

support for 1-13

trust states

bordering another domain 33-45

described 33-5

trusted device 33-43

within the domain 33-40

quality of service

See QoS

queries, IGMP 22-4

query solicitation, IGMP 22-13

R

RADIUS

attributes

vendor-proprietary 9-38

vendor-specific 9-36

configuring

accounting 9-35

authentication 9-30

authorization 9-34

communication, global 9-28, 9-36

communication, per-server 9-27, 9-28

multiple UDP ports 9-28

default configuration 9-27

defining AAA server groups 9-32

displaying the configuration 9-40

identifying the server 9-27

in clusters 6-16

limiting the services to the user 9-34

method list, defined 9-27

operation of 9-20

overview 9-18

server load balancing 9-40

suggested network environments 9-19

support for 1-12

tracking services accessed by user 9-35

RADIUS Change of Authorization 9-20

range

macro 12-19

of interfaces 12-17

rapid convergence 17-11

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 16-10

IEEE 802.1Q trunking interoperability 16-11

instances supported 16-10

Rapid Spanning Tree Protocol

See RSTP

rcommand command 6-16

RCP

configuration files

downloading A-17

overview A-15

preparing the server A-16

uploading A-18

image files

deleting old image A-36

downloading A-34

preparing the server A-33

uploading A-36

readiness check

port-based authentication

configuring 10-40

described 10-18, 10-40

reconfirmation interval, VMPS, changing 13-26

reconfirming dynamic VLAN membership 13-26

recovery procedures 38-1

redirect URL 10-21, 10-23, 10-65

redundancy

EtherChannel 37-3

STP

backbone 16-8

multidrop backbone 18-5

path cost 13-21

port priority 13-19

redundant links and UplinkFast 18-16

reloading software 3-22

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-3

report suppression, IGMP

described 22-6

disabling 22-15, 36-11

resequencing ACL entries 31-13

reserved addresses in DHCP pools 20-23

resetting a UDLD-shutdown interface 24-6

responder, IP SLAs

described 32-4

enabling 32-6

response time, measuring with IP SLAs 32-4

restricted VLAN

configuring 10-55

described 10-25

using with IEEE 802.1x 10-25

restricting access

NTP services 5-9

overview 9-1

passwords and privilege levels 9-2

RADIUS 9-18

TACACS+ 9-10

retry count, VMPS, changing 13-27

RFC

1112, IP multicast and IGMP 22-2

1157, SNMPv1 30-2

1166, IP addresses 34-4

1305, NTP 5-3

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 22-2

2273-2275, SNMPv3 30-2

RFC 5176 Compliance 9-21

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-5

collecting group history 28-5

support for 1-15

root guard

described 18-10

enabling 18-18

support for 1-8

root switch

MSTP 17-19

STP 16-16

router ACLs

defined 31-2

types of 31-4

RSPAN

and stack changes 27-10

characteristics 27-9

configuration guidelines 27-17

default configuration 27-11

defined 27-3

destination ports 27-8

displaying status 27-24

in a switch stack 27-3

interaction with other features 27-9

monitored ports 27-6

monitoring ports 27-8

overview 1-15, 27-1

received traffic 27-5

sessions

creating 27-18

defined 27-4

limiting source traffic to specific VLANs 27-23

specifying monitored ports 27-18

with ingress traffic enabled 27-21

source ports 27-6

transmitted traffic 27-6

VLAN-based 27-7

RSTP

active topology 17-10

BPDU

format 17-13

processing 17-14

designated port, defined 17-10

designated switch, defined 17-10

interoperability with IEEE 802.1D

described 17-9

restarting migration process 17-28

topology changes 17-14

overview 17-10

port roles

described 17-10

synchronized 17-12

proposal-agreement handshake process 17-11

rapid convergence

cross-stack rapid convergence 17-11

described 17-11

edge ports and Port Fast 17-11

point-to-point links 17-11, 17-27

root ports 17-11

root port, defined 17-10

See also MSTP

running configuration

replacing A-19, A-20

rolling back A-19, A-20

running configuration, saving 3-15

S

SC (standby command switch) 6-10

scheduled reloads 3-22

SCP

and SSH 9-52

configuring 9-53

SDM

templates

configuring 8-4

number of 8-1

SDM template

configuration guidelines 8-3

configuring 8-3

types of 8-1

Secure Copy Protocol

secure HTTP client

configuring 9-51

displaying 9-52

secure HTTP server

configuring 9-50

displaying 9-52

secure MAC addresses

and switch stacks 23-18

deleting 23-16

maximum number of 23-10

types of 23-9

secure ports

and switch stacks 23-18

secure ports, configuring 23-9

secure remote connections 9-42

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 23-8

security features 1-10

See SCP

sequence numbers in log messages 29-8

server mode, VTP 14-3

service-provider network, MSTP and RSTP 17-1

set-request operation 30-4

setup program

failed command switch replacement 38-11

replacing failed command switch 38-9

severity levels, defining in system messages 29-9

SFPs

monitoring status of 12-38, 38-14

security and identification 38-13

status, displaying 38-14

shaped round robin

See SRR

show access-lists hw-summary command 31-19

show and more command output, filtering 2-9

show cdp traffic command 25-5

show cluster members command 6-16

show configuration command 12-34

show forward command 38-22

show interfaces command 12-28, 12-34

show interfaces switchport 19-4

show lldp traffic command 26-11

show platform forward command 38-22

show platform tcam command 38-26, 38-27

show running-config command

displaying ACLs 31-17, 31-18

interface description in 12-34

shutdown command on interfaces 12-39

Simple Network Management Protocol

See SNMP

small form-factor pluggable modules

See SFPs

small-frame arrival rate, configuring 23-5

SNAP 25-1

SNMP

accessing MIB variables with 30-4

agent

described 30-4

disabling 30-7

and IP SLAs 32-2

authentication level 30-10

community strings

configuring 30-8

for cluster switches 30-4

overview 30-4

configuration examples 30-17

default configuration 30-6

engine ID 30-7

groups 30-7, 30-9

host 30-7

ifIndex values 30-5

in-band management 1-7

in clusters 6-14

informs

and trap keyword 30-12

described 30-5

differences from traps 30-5

disabling 30-15

enabling 30-15

limiting access by TFTP servers 30-16

limiting system log messages to NMS 29-10

manager functions 1-5, 30-3

managing clusters with 6-17

MIBs

location of B-4

supported B-1

notifications 30-5

overview 30-1, 30-4

security levels 30-3

setting CPU threshold notification 30-15

status, displaying 30-18

system contact and location 30-16

trap manager, configuring 30-13

traps

described 30-3, 30-5

differences from informs 30-5

disabling 30-15

enabling 30-12

enabling MAC address notification 5-23, 5-25, 5-26

overview 30-1, 30-4

types of 30-12

users 30-7, 30-9

versions supported 30-2

SNMP and Syslog Over IPv6 35-5

SNMPv1 30-2

SNMPv2C 30-2

SNMPv3 30-2

snooping, IGMP 22-2

software compatibility

See stacks, switch

software images

location in flash A-24

recovery procedures 38-2

scheduling reloads 3-23

tar file format, described A-24

See also downloading and uploading

source addresses

in IPv4 ACLs 31-10

source-and-destination-IP address based forwarding, EtherChannel 37-9

source-and-destination MAC address forwarding, EtherChannel 37-9

source-IP address based forwarding, EtherChannel 37-9

source-MAC address forwarding, EtherChannel 37-8

SPAN

and stack changes 27-10

configuration guidelines 27-11

default configuration 27-11

destination ports 27-8

displaying status 27-24

interaction with other features 27-9

monitored ports 27-6

monitoring ports 27-8

overview 1-15, 27-1

ports, restrictions 23-12

received traffic 27-5

sessions

configuring ingress forwarding 27-15, 27-22

creating 27-12

defined 27-4

limiting source traffic to specific VLANs 27-16

removing destination (monitoring) ports 27-13

specifying monitored ports 27-12

with ingress traffic enabled 27-14

source ports 27-6

transmitted traffic 27-6

VLAN-based 27-7

spanning tree and native VLANs 13-14

Spanning Tree Protocol

See STP

SPAN traffic 27-5

SRR

configuring

shaped weights on egress queues 33-76

shared weights on egress queues 33-77

shared weights on ingress queues 33-70

described 33-14

shaped mode 33-14

shared mode 33-14

support for 1-14

SSH

configuring 9-43

cryptographic software image 9-41

described 1-7, 9-42

encryption methods 9-42

switch stack considerations 7-14

user authentication methods, supported 9-42

SSL

configuration guidelines 9-49

configuring a secure HTTP client 9-51

configuring a secure HTTP server 9-50

cryptographic software image 9-46

described 9-46

monitoring 9-52

stack, switch

MAC address of 7-6, 7-17

stack changes, effects on

802.1x port-based authentication 10-12

ACL configuration 31-6

CDP 25-2

cross-stack EtherChannel 37-13

EtherChannel 37-10

IGMP snooping 22-6

IP routing 34-3

MAC address tables 5-22

MSTP 17-9

MVR 22-17

port security 23-18

SDM template selection 8-2

SNMP 30-1

SPAN and RSPAN 27-10

STP 16-12

switch clusters 6-14

system message log 29-2

VLANs 13-6

VTP 14-8

stack master

bridge ID (MAC address) 7-6

defined 7-1

election 7-5

IPv6 35-6

See also stacks, switch

stack member

accessing CLI of specific member 7-21

configuring

member number 7-19

priority value 7-20

defined 7-1

displaying information of 7-22

number 7-6

priority value 7-7

provisioning a new member 7-20

replacing 7-13

See also stacks, switch

stack member number 12-16

stack protocol version 7-9

stacks, switch

accessing CLI of specific member 7-21

assigning information

member number 7-19

priority value 7-20

provisioning a new member 7-20

auto-advise 7-11

auto-copy 7-10

auto-extract 7-10

auto-upgrade 7-10

bridge ID 7-6

CDP considerations 25-2

compatibility, software 7-9

configuration file 7-13

configuration scenarios 7-15

copying an image file from one member to another A-37

default configuration 7-17

description of 7-1

displaying information of 7-22

enabling persistent MAC address timer 7-17

in clusters 6-14

incompatible software and image upgrades 7-13, A-37

IPv6 on 35-6

MAC address considerations 5-22

management connectivity 7-14

managing 7-1

membership 7-3

merged 7-3

MSTP instances supported 16-10

offline configuration

described 7-7

effects of adding a provisioned switch 7-7

effects of removing a provisioned switch 7-9

effects of replacing a provisioned switch 7-9

provisioned configuration, defined 7-7

provisioned switch, defined 7-7

provisioning a new member 7-20

partitioned 7-3, 38-8

provisioned switch

adding 7-7

removing 7-9

replacing 7-9

replacing a failed member 7-13

software compatibility 7-9

software image version 7-9

stack protocol version 7-9

STP

bridge ID 16-3

instances supported 16-10

root port selection 16-3

stack root switch election 16-3

system messages

hostnames in the display 29-1

remotely monitoring 29-2

system prompt consideration 5-15

system-wide configuration considerations 7-13

upgrading A-37

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 7-10

examples 7-11

manual upgrades with auto-advise 7-11

upgrades with auto-extract 7-10

version-mismatch mode

described 7-10

See also stack master and stack member

standby command switch

configuring

considerations 6-11

defined 6-2

priority 6-10

requirements 6-3

virtual IP address 6-11

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

standby links 19-2

startup configuration

booting

manually 3-19

specific image 3-20

clearing A-19

configuration file

automatically downloading 3-18

specifying the filename 3-18

default boot configuration 3-18

static access ports

assigning to VLAN 13-9

defined 12-3, 13-3

static addresses

See addresses

static MAC addressing 1-10

static routes

configuring 34-5

configuring for IPv6 35-10

static VLAN membership 13-2

statistics

802.1X 11-17

802.1x 10-71

CDP 25-5

interface 12-38

LLDP 26-11

LLDP-MED 26-11

NMSP 26-11

QoS ingress and egress 33-79

RMON group Ethernet 28-5

RMON group history 28-5

SNMP input and output 30-18

VTP 14-18

sticky learning 23-9

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-18

support for 1-4

thresholds 23-2

STP

accelerating root port selection 18-4

BackboneFast

described 18-7

disabling 18-17

enabling 18-17

BPDU filtering

described 18-3

disabling 18-15

enabling 18-15

BPDU guard

described 18-2

disabling 18-14

enabling 18-14

BPDU message exchange 16-3

configuration guidelines 16-13, 18-12

configuring

forward-delay time 16-23

hello time 16-22

maximum aging time 16-23

path cost 16-20

port priority 16-18

root switch 16-16

secondary root switch 16-18

spanning-tree mode 16-15

switch priority 16-21

transmit hold-count 16-24

counters, clearing 16-24

cross-stack UplinkFast

described 18-5

enabling 18-17

default configuration 16-13

default optional feature configuration 18-12

designated port, defined 16-4

designated switch, defined 16-4

detecting indirect link failures 18-8

disabling 16-16

displaying status 16-24

EtherChannel guard

described 18-10

disabling 18-18

enabling 18-18

extended system ID

effects on root switch 16-16

effects on the secondary root switch 16-18

overview 16-4

unexpected behavior 16-16

features supported 1-8

IEEE 802.1D and bridge ID 16-4

IEEE 802.1D and multicast addresses 16-9

IEEE 802.1t and VLAN identifier 16-5

inferior BPDU 16-3

instances supported 16-10

interface state, blocking to forwarding 18-2

interface states

blocking 16-6

disabled 16-7

forwarding 16-6, 16-7

learning 16-7

listening 16-7

overview 16-5

interoperability and compatibility among modes 16-11

limitations with IEEE 802.1Q trunks 16-11

load sharing

overview 13-19

using path costs 13-21

using port priorities 13-19

loop guard

described 18-11

enabling 18-19

modes supported 16-10

multicast addresses, effect of 16-9

optional features supported 1-8

overview 16-2

path costs 13-21, 13-22

Port Fast

described 18-2

enabling 18-13

port priorities 13-20

preventing root switch selection 18-10

protocols supported 16-10

redundant connectivity 16-8

root guard

described 18-10

enabling 18-18

root port, defined 16-3

root port selection on a switch stack 16-3

root switch

configuring 16-16

effects of extended system ID 16-4, 16-16

election 16-3

unexpected behavior 16-16

shutdown Port Fast-enabled port 18-2

stack changes, effects of 16-12

status, displaying 16-24

superior BPDU 16-3

timers, described 16-22

UplinkFast

described 18-3

enabling 18-16

stratum, NTP 5-3

subnet mask 34-4

success response, VMPS 13-23

summer time 5-14

SunNet Manager 1-5

supported port-based authentication methods 10-8

SVIs

and IP unicast routing 34-3

and router ACLs 31-4

connecting VLANs 12-10

defined 12-4

switch 35-2

switch clustering technology 6-1

See also clusters, switch

switch console port 1-7

Switch Database Management

See SDM

Switched Port Analyzer

See SPAN

switched ports 12-2

switchport backup interface 19-4, 19-5

switchport block multicast command 23-8

switchport block unicast command 23-8

switchport protected command 23-7

switch priority

MSTP 17-24

STP 16-21

switch software features 1-1

switch virtual interface

See SVI

syslog

See system message logging

system capabilities TLV 26-2

system clock

configuring

daylight saving time 5-14

manually 5-12

summer time 5-14

time zones 5-13

displaying the time and date 5-13

overview 5-2

See also NTP

system description TLV 26-2

system message logging

default configuration 29-4

defining error message severity levels 29-9

disabling 29-4

displaying the configuration 29-14

enabling 29-5

facility keywords, described 29-14

level keywords, described 29-10

limiting messages 29-10

message format 29-2

overview 29-1

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

stack changes, effects of 29-2

synchronizing log messages 29-6

syslog facility 1-15

time stamps, enabling and disabling 29-8

UNIX syslog servers

configuring the daemon 29-13

configuring the logging facility 29-13

facilities supported 29-14

system name

default configuration 5-16

default setting 5-16

manual configuration 5-16

See also DNS

system name TLV 26-2

system prompt, default setting 5-15, 5-16

system resources, optimizing 8-1

T

TACACS+

accounting, defined 9-11

authentication, defined 9-11

authorization, defined 9-11

configuring

accounting 9-17

authentication key 9-13

authorization 9-16

login authentication 9-14

default configuration 9-13

displaying the configuration 9-18

identifying the server 9-13

in clusters 6-16

limiting the services to the user 9-16

operation of 9-12

overview 9-10

support for 1-12

tracking services accessed by user 9-17

tar files

creating A-6

displaying the contents of A-7

extracting A-7

image file format A-24

TCAM

memory consistency check errors

displaying 38-27

example 38-27

memory consistency check routines 1-5, 38-26

memory consistency integrity 1-5, 38-26

portions 38-27

space

HFTM 38-26

HQATM 38-26

unassigned 38-26

TDR 1-16

Telnet

accessing management interfaces 2-10

number of connections 1-7

setting a password 9-6

temporary self-signed certificate 9-47

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 9-6

ternary content addressable memory

See TCAM

TFTP

configuration files

downloading A-11

preparing the server A-11

uploading A-12

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting A-27

downloading A-26

preparing the server A-25

uploading A-28

limiting access by servers 30-16

TFTP server 1-6

threshold, traffic level 23-2

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 31-15

time ranges in ACLs 31-15

time stamps in log messages 29-8

time zones 5-13

TLVs

defined 26-2

LLDP 26-2

LLDP-MED 26-2

Token Ring VLANs

support for 13-5

VTP support 14-5

ToS 1-13

traceroute, Layer 2

and ARP 38-16

and CDP 38-16

broadcast traffic 38-16

described 38-16

IP addresses and subnets 38-16

MAC addresses and VLANs 38-16

multicast traffic 38-16

multiple devices on a port 38-17

unicast traffic 38-16

usage guidelines 38-16

traceroute command 38-18

See also IP traceroute

traffic

blocking flooded 23-8

fragmented 31-4

unfragmented 31-4

traffic policing 1-14

traffic suppression 23-2

transmit hold-count

see STP

transparent mode, VTP 14-4

trap-door mechanism 3-2

traps

configuring MAC address notification 5-23, 5-25, 5-26

configuring managers 30-12

defined 30-3

enabling 5-23, 5-25, 5-26, 30-12

notification types 30-12

overview 30-1, 30-4

troubleshooting

connectivity problems 38-14, 38-15, 38-17

CPU utilization 38-28

detecting unidirectional links 24-1

displaying crash information 38-23

setting packet forwarding 38-22

SFP security and identification 38-13

show forward command 38-22

with CiscoWorks 30-4

with debug commands 38-20

with ping 38-14

with system message logging 29-1

with traceroute 38-17

trunk failover

See link-state tracking

trunking encapsulation 1-9

trunk ports

configuring 13-16

defined 12-3, 13-3

trunks

allowed-VLAN list 13-17

load sharing

setting STP path costs 13-21

using STP port priorities 13-19, 13-20

native VLAN for untagged traffic 13-18

parallel 13-21

pruning-eligible list 13-18

to non-DTP device 13-13

trusted boundary for QoS 33-43

trusted port states

between QoS domains 33-45

classification options 33-5

ensuring port security for IP phones 33-43

support for 1-13

within a QoS domain 33-40

trustpoints, CA 9-46

twisted-pair Ethernet, detecting unidirectional links 24-1

type of service

See ToS

U

UDLD

configuration guidelines 24-4

default configuration 24-4

disabling

globally 24-5

on fiber-optic interfaces 24-5

per interface 24-6

echoing detection mechanism 24-3

enabling

globally 24-5

per interface 24-6

link-detection mechanism 24-1

neighbor database 24-2

overview 24-1

resetting an interface 24-6

status, displaying 24-7

support for 1-8

unauthorized ports with IEEE 802.1x 10-11

unicast MAC address filtering 1-6

and adding static addresses 5-28

and broadcast MAC addresses 5-28

and CPU packets 5-28

and multicast addresses 5-28

and router MAC addresses 5-28

configuration guidelines 5-28

described 5-28

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-8

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 29-13

facilities supported 29-14

message logging configuration 29-13

unrecognized Type-Length-Value (TLV) support 14-5

upgrading a Catalyst 2950 switch

configuration compatibility issues D-1

differences in configuration commands D-1

feature behavior incompatibilities D-5

incompatible command messages D-1

recommendations D-1

upgrading software images

See downloading

UplinkFast

described 18-3

disabling 18-16

enabling 18-16

support for 1-8

uploading

configuration files

preparing A-11, A-13, A-16

reasons for A-9

using FTP A-15

using RCP A-18

using TFTP A-12

image files

preparing A-25, A-29, A-33

reasons for A-23

using FTP A-32

using RCP A-36

using TFTP A-28

USB mini-Type B console port 12-11

USB Type A port 1-8

user EXEC mode 2-2

username-based authentication 9-7

V

version-dependent transparent mode 14-5

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 7-10

manual upgrades with auto-advise 7-11

upgrades with auto-extract 7-10

version-mismatch mode

described 7-10

virtual IP address

cluster standby group 6-11

command switch 6-11

virtual switches and PAgP 37-6

vlan.dat file 13-4

VLAN 1, disabling on a trunk port 13-17

VLAN 1 minimization 13-17

vlan-assignment response, VMPS 13-23

VLAN configuration

at bootup 13-7

saving 13-7

VLAN configuration mode 2-2

VLAN database

and startup configuration file 13-7

and VTP 14-1

VLAN configuration saved in 13-7

VLANs saved in 13-4

VLAN filtering and SPAN 27-7

vlan global configuration command 13-6

VLAN ID, discovering 5-31

VLAN load balancing on flex links 19-3

configuration guidelines 19-8

VLAN management domain 14-2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming 13-26

modes 13-3

VLAN Query Protocol

See VQP

VLANs

adding 13-8

adding to VLAN database 13-8

aging dynamic addresses 16-9

allowed on trunk 13-17

and spanning-tree instances 13-3, 13-6, 13-11

configuration guidelines, extended-range VLANs 13-11

configuration guidelines, normal-range VLANs 13-6

configuring 13-1

configuring IDs 1006 to 4094 13-11

connecting through SVIs 12-10

creating 13-8

default configuration 13-7

deleting 13-9

described 12-2, 13-1

displaying 13-13

extended-range 13-1, 13-10

features 1-9

illustrated 13-2

in the switch stack 13-6

limiting source traffic with RSPAN 27-23

limiting source traffic with SPAN 27-16

modifying 13-8

multicast 22-17

native, configuring 13-18

normal-range 13-1, 13-4

number supported 1-9

parameters 13-5

port membership modes 13-3

static-access ports 13-9

STP and IEEE 802.1Q trunks 16-11

supported 13-2

Token Ring 13-5

traffic between 13-2

VTP modes 14-3

VLAN Trunking Protocol

See VTP

VLAN trunks 13-13

VMPS

administering 13-27

configuration example 13-28

configuration guidelines 13-24

default configuration 13-24

description 13-22

dynamic port membership

described 13-23

reconfirming 13-26

troubleshooting 13-28

entering server address 13-25

mapping MAC addresses to VLANs 13-23

monitoring 13-27

reconfirmation interval, changing 13-26

reconfirming membership 13-26

retry count, changing 13-27

voice aware 802.1x security

port-based authentication

configuring 10-41

described 10-33, 10-41

voice-over-IP 15-1

voice VLAN

Cisco 7960 phone, port connections 15-1

configuration guidelines 15-3

configuring IP phones for data traffic

override CoS of incoming frame 15-6

trust CoS priority of incoming frame 15-6

configuring ports for voice traffic in

802.1p priority tagged frames 15-5

802.1Q frames 15-5

connecting to an IP phone 15-4

default configuration 15-3

described 15-1

displaying 15-7

IP phone data traffic, described 15-2

IP phone voice traffic, described 15-2

VQP 1-9, 13-22

VTP

adding a client to a domain 14-17

advertisements 13-15, 14-4

and extended-range VLANs 13-2, 14-2

and normal-range VLANs 13-2, 14-2

client mode, configuring 14-13

configuration

guidelines 14-9

requirements 14-11

saving 14-9

configuration requirements 14-11

configuration revision number

guideline 14-17

resetting 14-17

consistency checks 14-5

default configuration 14-9

described 14-1

domain names 14-10

domains 14-2

modes

client 14-3

off 14-4

server 14-3

transitions 14-3

transparent 14-4

monitoring 14-18

passwords 14-10

pruning

disabling 14-16

enabling 14-16

examples 14-7

overview 14-6

support for 1-9

pruning-eligible list, changing 13-18

server mode, configuring 14-11, 14-14

statistics 14-18

support for 1-9

Token Ring support 14-5

transparent mode, configuring 14-12

using 14-1

Version

enabling 14-15

version, guidelines 14-10

Version 1 14-5

Version 2

configuration guidelines 14-10

overview 14-5

Version 3

overview 14-5

W

web authentication 10-18

configuring11-16to ??

described 1-10

web-based authentication

customizeable web pages 11-6

description 11-1

web-based authentication, interactions with other features 11-7

weighted tail drop

See WTD

wired location service

configuring 26-9

displaying 26-11

location TLV 26-3

understanding 26-3

wizards 1-2

WTD

described 33-13

setting thresholds

egress queue-sets 33-72

ingress queues 33-67

support for 1-14

X

Xmodem protocol 38-2