Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
Index
Downloads: This chapterpdf (PDF - 1.49MB) The complete bookPDF (PDF - 10.76MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

abbreviating commands 2-3

AC (command switch) 6-9

access-class command 31-18

access control entries

See ACEs

access control entry (ACE) 37-3

access-denied response, VMPS 13-24

access groups

Layer 3 31-19

access groups, applying IPv4 ACLs to interfaces 31-19

accessing

clusters, switch 6-12

command switches 6-10

member switches 6-12

switch clusters 6-12

accessing stack members 7-22

access lists

See ACLs

access ports

in switch clusters 6-8

access ports, defined 12-3

accounting

with 802.1x 10-51

with IEEE 802.1x 10-16

with RADIUS 9-35

with TACACS+ 9-11, 9-17

ACEs

and QoS 33-8

defined 31-2

Ethernet 31-2

IP 31-2

ACLs

ACEs 31-2

any keyword 31-10

applying

time ranges to 31-15

to an interface 31-18, 37-7

to IPv6 interfaces 37-7

to QoS 33-8

classifying traffic for QoS 33-50

comments in 31-17

compiling 31-21

defined 31-1, 31-7

examples of 31-21, 33-50

extended IP, configuring for QoS classification 33-51

extended IPv4

creating 31-9

matching criteria 31-7

hardware and software handling 31-20

host keyword 31-11

IP

creating 31-7

fragments and QoS guidelines 33-40

implicit deny 31-9, 31-13, 31-14

implicit masks 31-9

matching criteria 31-7

undefined 31-19

IPv4

applying to interfaces 31-18

creating 31-7

matching criteria 31-7

named 31-13

numbers 31-7

terminal lines, setting on 31-18

unsupported features 31-6

IPv6

applying to interfaces 37-7

configuring 37-3, 37-4

displaying 37-8

interactions with other features 37-4

limitations 37-2, 37-3

matching criteria 37-3

named 37-2

precedence of 37-2

supported 37-2

unsupported features 37-3

MAC extended 31-23, 33-52

matching 31-7, 31-19, 37-3

monitoring 31-26, 37-8

named, IPv4 31-13

named, IPv6 37-2

names 37-4

number per QoS class map 33-40

port 31-2, 37-1

precedence of 31-2

QoS 33-8, 33-50

resequencing entries 31-13

router 31-2, 37-1

standard IP, configuring for QoS classification 33-50

standard IPv4

creating 31-8

matching criteria 31-7

support for 1-10

support in hardware 31-20

time ranges 31-15

types supported 31-2

unsupported features, IPv4 31-6

unsupported features, IPv6 37-3

active link 19-4, 19-5, 19-6

active links 19-2

active traffic monitoring, IP SLAs 32-1

address aliasing 21-2

addresses

displaying the MAC address table 5-24

dynamic

accelerated aging 16-9

changing the aging time 5-15

default aging 16-9

defined 5-13

learning 5-14

removing 5-16

IPv6 35-2

MAC, discovering 5-24

multicast, STP address management 16-9

static

adding and removing 5-20

defined 5-13

address resolution 5-24

Address Resolution Protocol

See ARP

advertisements

CDP 25-1

LLDP 26-2

VTP 13-15, 14-3, 14-4

aggregatable global unicast addresses 35-3

aggregated ports

See EtherChannel

aggregate policers 33-60

aggregate policing 1-14

aging, accelerating 16-9

aging time

accelerated

for MSTP 17-24

for STP 16-9, 16-23

MAC address table 5-15

maximum

for MSTP 17-25

for STP 16-23, 16-24

alarms, RMON 28-4

allowed-VLAN list 13-17

ARP

defined 1-6, 5-24

table

address resolution 5-24

managing 5-24

attributes, RADIUS

vendor-proprietary 9-38

vendor-specific 9-37

attribute-value pairs 10-13, 10-16, 10-21, 10-22

authentication

local mode with AAA 9-41

open1x 10-31

RADIUS

key 9-27

login 9-30

TACACS+

defined 9-11

key 9-13

login 9-14

See also port-based authentication

authentication compatibility with Catalyst 6000 switches 10-8

authentication failed VLAN

See restricted VLAN

authentication manager

CLI commands 10-9

compatibility with older 802.1x CLI commands10-9to ??

overview 10-7

authoritative time source, described 5-3

authorization

with RADIUS 9-34

with TACACS+ 9-11, 9-16

authorized ports with IEEE 802.1x 10-10

autoconfiguration 3-3

auto enablement 10-32

automatic advise (auto-advise) in switch stacks 7-11

automatic copy (auto-copy) in switch stacks 7-11

automatic discovery

considerations

beyond a noncandidate device 6-8

brand new switches 6-8

connectivity 6-5

different VLANs 6-7

management VLANs 6-7

non-CDP-capable devices 6-6

noncluster-capable devices 6-6

in switch clusters 6-5

See also CDP

automatic extraction (auto-extract) in switch stacks 7-11

automatic QoS

See QoS

automatic recovery, clusters 6-9

See also HSRP

automatic upgrades (auto-upgrade) in switch stacks 7-11

auto-MDIX

configuring 12-30

described 12-30

autonegotiation

duplex mode 1-4

interface configuration guidelines 12-27

mismatches 39-12

Auto-QoS video devices 1-14

autosensing, port speed 1-4

auxiliary VLAN

See voice VLAN

availability, features 1-8

B

BackboneFast

described 18-7

disabling 18-17

enabling 18-17

support for 1-8

backup interfaces

See Flex Links

backup links 19-2

banners

configuring

login 5-13

message-of-the-day login 5-12

default configuration 5-11

when displayed 5-11

Berkeley r-tools replacement 9-52

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-6

IP source guard 20-13

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-7

booting

boot loader, function of 3-1

boot process 3-1

manually 3-19

specific image 3-20

boot loader

accessing 3-21

described 3-1

environment variables 3-21

prompt 3-21

trap-door mechanism 3-2

BPDU

error-disabled state 18-2

filtering 18-3

RSTP format 17-12

BPDU filtering

described 18-3

disabling 18-15

enabling 18-14

support for 1-8

BPDU guard

described 18-2

disabling 18-14

enabling 18-13

support for 1-8

bridge protocol data unit

See BPDU

broadcast storm-control command 23-4

broadcast storms 23-1

C

cables, monitoring for unidirectional links 24-1

candidate switch

automatic discovery 6-5

defined 6-4

requirements 6-4

See also command switch, cluster standby group, and member switch

Catalyst 6000 switches

authentication compatibility 10-8

CA trustpoint

configuring 9-49

defined 9-47

CDP

and trusted boundary 33-45

automatic discovery in switch clusters 6-5

configuring 25-2

default configuration 25-2

defined with LLDP 26-1

described 25-1

disabling for routing device 25-4

enabling and disabling

on an interface 25-4

on a switch 25-4

monitoring 25-5

overview 25-1

power negotiation extensions 12-5

support for 1-6

switch stack considerations 25-2

transmission timer and holdtime, setting 25-3

updates 25-3

CGMP

as IGMP snooping learning method 21-9

joining multicast group 21-3

CipherSuites 9-48

Cisco 7960 IP Phone 15-1

Cisco Discovery Protocol

See CDP

Cisco intelligent power management 12-5

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 32-1

Cisco Secure ACS

attribute-value pairs for downloadable ACLs 10-22

attribute-value pairs for redirect URL 10-21

Cisco Secure ACS configuration guide 10-61

CiscoWorks 2000 1-5, 30-5

CISP 10-32

CIST regional root

See MSTP

CIST root

See MSTP

civic location 26-3

class maps for QoS

configuring 33-53

described 33-8

displaying 33-81

class of service

See CoS

clearing interfaces 12-41

CLI

abbreviating commands 2-3

command modes 2-1

configuration logging 2-4

described 1-5

editing features

enabling and disabling 2-6

keystroke editing 2-7

wrapped lines 2-8

error messages 2-4

filtering command output 2-9

getting help 2-3

history

changing the buffer size 2-5

described 2-5

disabling 2-6

recalling commands 2-6

managing clusters 6-15

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client mode, VTP 14-3

clock

See system clock

clusters, switch

accessing 6-12

automatic discovery 6-5

automatic recovery 6-9

benefits 1-1

compatibility 6-4

described 6-1

LRE profile considerations 6-15

managing

through CLI 6-15

through SNMP 6-16

planning 6-4

planning considerations

automatic discovery 6-5

automatic recovery 6-9

CLI 6-15

host names 6-12

IP addresses 6-12

LRE profiles 6-15

passwords 6-13

RADIUS 6-15

SNMP 6-13, 6-16

switch stacks 6-13

TACACS+ 6-15

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

automatic recovery 6-11

considerations 6-10

defined 6-2

requirements 6-3

virtual IP address 6-10

See also HSRP

CNS 1-6

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-7

management functions 1-6

CoA Request Commands 9-23

Coarse Wave Division Multiplexer

See CWDM SFPs

command-line interface

See CLI

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 9-8

command switch

accessing 6-10

active (AC) 6-9

configuration conflicts 39-12

defined 6-2

passive (PC) 6-9

password privilege levels 6-16

priority 6-9

recovery

from command-switch failure 6-9, 39-8

from lost member connectivity 39-12

redundant 6-9

replacing

with another switch 39-11

with cluster member 39-9

requirements 6-3

standby (SC) 6-9

See also candidate switch, cluster standby group, member switch, and standby command switch

community strings

configuring 6-13, 30-8

for cluster switches 30-4

in clusters 6-13

overview 30-4

SNMP 6-13

compatibility, feature 23-12

compatibility, software

See stacks, switch

config.text 3-18

configurable leave timer, IGMP 21-6

configuration, initial

defaults 1-16

Express Setup 1-1

configuration changes, logging 29-11

configuration conflicts, recovering from lost member connectivity 39-12

configuration examples, network 1-18

configuration files

archiving A-20

clearing the startup configuration A-19

creating using a text editor A-10

default name 3-18

deleting a stored configuration A-19

described A-8

downloading

automatically 3-18

preparing A-11, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

guidelines for creating and using A-9

guidelines for replacing and rolling back A-21

invalid combinations when copying A-5

limiting TFTP server access 30-17

obtaining with DHCP 3-8

password recovery disable considerations 9-5

replacing a running configuration A-19, A-20

rolling back a running configuration A-19, A-21

specifying the filename 3-18

system contact and location information 30-17

types and location A-10

uploading

preparing A-11, A-13, A-16

reasons for A-9

using FTP A-15

using RCP A-18

using TFTP A-12

configuration logger 29-11

configuration logging 2-4

configuration replacement A-19

configuration rollback A-19, A-20

configuration settings, saving 3-15

configure terminal command 12-17

configuring 802.1x user distribution 10-57

configuring port-based authentication violation modes 10-41

configuring small-frame arrival rate 23-5

conflicts, configuration 39-12

connections, secure remote 9-42

connectivity problems 39-14, 39-15, 39-17

consistency checks in VTP Version 2 14-5

console port, connecting to 2-10

control protocol, IP SLAs 32-4

corrupted software, recovery steps with Xmodem 39-2

CoS

in Layer 2 frames 33-2

override priority 15-6

trust priority 15-6

CoS input queue threshold map for QoS 33-16

CoS output queue threshold map for QoS 33-19

CoS-to-DSCP map for QoS 33-63

counters, clearing interface 12-41

CPU utilization, troubleshooting 39-28

crashinfo file 39-23

critical authentication, IEEE 802.1x 10-54

critical VLAN 10-24

critical voice VLAN

configuring 10-54

cross-stack EtherChannel

configuration guidelines 38-13

described 38-3

illustration 38-4

support for 1-8

cross-stack UplinkFast, STP

described 18-5

disabling 18-16

enabling 18-16

fast-convergence events 18-7

Fast Uplink Transition Protocol 18-6

normal-convergence events 18-7

support for 1-8

cryptographic software image

SSH 9-42

SSL 9-46

switch stack considerations 7-15

customjzeable web pages, web-based authentication 11-6

CWDM SFPs 1-24

D

DACL

See downloadable ACL

daylight saving time 5-7

debugging

enabling all system diagnostics 39-21

enabling for a specific feature 39-20

redirecting error message output 39-21

using commands 39-20

default commands 2-4

default configuration

802.1x 10-35

auto-QoS 33-22

banners 5-11

CDP 25-2

DHCP 20-8

DHCP option 82 20-8

DHCP snooping 20-8

DHCP snooping binding database 20-8

DNS 5-10

dynamic ARP inspection 22-5

EtherChannel 38-11

Ethernet interfaces 12-24

Flex Links 19-8

IGMP filtering 21-25

IGMP snooping 21-7, 36-6

IGMP throttling 21-25

initial switch information 3-3

IP SLAs 32-5

IP source guard 20-15

IPv6 35-7

Layer 2 interfaces 12-24

LLDP 26-5

MAC address table 5-15

MAC address-table move update 19-8

MSTP 17-14

MVR 21-20

optional spanning-tree configuration 18-12

password and privilege level 9-2

RADIUS 9-27

RMON 28-3

RSPAN 27-10

SDM template 8-4

SNMP 30-7

SPAN 27-10

SSL 9-49

standard QoS 33-38

STP 16-13

switch stacks 7-17

system message logging 29-4

system name and prompt 5-9

TACACS+ 9-13

UDLD 24-4

VLAN, Layer 2 Ethernet interfaces 13-15

VLANs 13-7

VMPS 13-25

voice VLAN 15-3

VTP 14-9

default gateway 3-14

default web-based authentication configuration

802.1X 11-9

deleting VLANs 13-9

denial-of-service attack 23-1

description command 12-37

designing your network, examples 1-18

destination addresses

in IPv4 ACLs 31-10

in IPv6 ACLs 37-5

destination-IP address-based forwarding, EtherChannel 38-9

destination-MAC address forwarding, EtherChannel 38-9

detecting indirect link failures, STP 18-8

device A-24

device discovery protocol 25-1, 26-1

device manager

benefits 1-1

described 1-2, 1-5

in-band management 1-7

upgrading a switch A-24

DHCP

enabling

relay agent 20-9

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-7

server side 3-6

TFTP server 3-7

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-6

support for 1-6

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-8

default configuration 20-8

displaying 20-12

overview 20-3

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP server port-based address allocation

configuration guidelines 20-21

default configuration 20-21

described 20-21

displaying 20-24

enabling 20-21

reserved addresses 20-22

DHCP server port-based address assignment

support for 1-6

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-10

binding database

See DHCP snooping binding database

configuration guidelines 20-8

default configuration 20-8

displaying binding tables 20-12

message exchange process 20-4

option 82 data insertion 20-3

trusted interface 20-2

untrusted interface 20-2

untrusted messages 20-2

DHCP snooping binding database

adding bindings 20-11

binding entries, displaying 20-12

binding file

format 20-6

location 20-6

bindings 20-6

clearing agent statistics 20-12

configuration guidelines 20-9

configuring 20-11

default configuration 20-8

deleting

binding file 20-12

bindings 20-12

database agent 20-12

described 20-6

displaying 20-12

displaying status and statistics 20-12

enabling 20-11

entry 20-6

renewing database 20-12

resetting

delay value 20-12

timeout value 20-12

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS 33-2

Differentiated Services Code Point 33-2

directed unicast requests 1-6

directories

changing A-4

creating and removing A-4

displaying the working A-4

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-10

displaying the configuration 5-11

in IPv6 35-3

overview 5-9

setting up 5-10

support for 1-6

domain names

DNS 5-9

VTP 14-10

Domain Name System

See DNS

downloadable ACL 10-20, 10-22, 10-61

downloading

configuration files

preparing A-11, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

image files

deleting old image A-28

preparing A-26, A-30, A-34

reasons for A-24

using CMS 1-2

using FTP A-31

using HTTP 1-2, A-24

using RCP A-35

using TFTP A-27

using the device manager or Network Assistant A-24

DRP

support for 1-15

DSCP 1-13, 33-2

DSCP input queue threshold map for QoS 33-16

DSCP output queue threshold map for QoS 33-19

DSCP-to-CoS map for QoS 33-66

DSCP-to-DSCP-mutation map for QoS 33-67

DSCP transparency 33-46

DTP 1-9, 13-14

dual-action detection 38-6

dual IPv4 and IPv6 templates 35-5

dual protocol stacks

IPv4 and IPv6 35-5

SDM templates supporting 35-5

dual-purpose uplinks

defined 12-4

LEDs 12-5

link selection 12-4, 12-25

setting the type 12-25

dynamic access ports

characteristics 13-4

configuring 13-26

defined 12-3

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 22-1

ARP requests, described 22-1

ARP spoofing attack 22-1

clearing

log buffer 22-16

statistics 22-16

configuration guidelines 22-6

configuring

ACLs for non-DHCP environments 22-9

in DHCP environments 22-7

log buffer 22-13

rate limit for incoming ARP packets 22-4, 22-11

default configuration 22-5

denial-of-service attacks, preventing 22-11

described 22-1

DHCP snooping binding database 22-2

displaying

ARP ACLs 22-15

configuration and operating state 22-15

log buffer 22-16

statistics 22-16

trust state and rate limit 22-15

error-disabled state for exceeding rate limit 22-4

function of 22-2

interface trust states 22-3

log buffer

clearing 22-16

configuring 22-13

displaying 22-16

logging of dropped packets, described 22-5

man-in-the middle attack, described 22-2

network security issues and interface trust states 22-3

priority of ARP ACLs and DHCP snooping entries 22-4

rate limiting of ARP packets

configuring 22-11

described 22-4

error-disabled state 22-4

statistics

clearing 22-16

displaying 22-16

validation checks, performing 22-12

dynamic auto trunking mode 13-14

dynamic desirable trunking mode 13-14

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 13-24

reconfirming 13-27

troubleshooting 13-29

types of connections 13-26

Dynamic Trunking Protocol

See DTP

E

editing features

enabling and disabling 2-6

keystrokes used 2-7

wrapped lines 2-8

elections

See stack master

ELIN location 26-3

enable password 9-3

enable secret password 9-3

encryption, CipherSuite 9-48

encryption for passwords 9-3

environment variables, function of 3-22

error-disabled state, BPDU 18-2

error messages during command entry 2-4

EtherChannel

automatic creation of 38-5, 38-7

channel groups

binding physical and logical interfaces 38-4

numbering of 38-4

configuration guidelines 38-12

configuring Layer 2 interfaces 38-13

default configuration 38-11

described 38-2

displaying status 38-21

forwarding methods 38-8, 38-16

IEEE 802.3ad, described 38-7

interaction

with STP 38-12

with VLANs 38-12

LACP

described 38-7

displaying status 38-21

hot-standby ports 38-18

interaction with other features 38-8

modes 38-7

port priority 38-19

system priority 38-19

load balancing 38-8, 38-16

PAgP

aggregate-port learners 38-16

compatibility with Catalyst 1900 38-17

described 38-5

displaying status 38-21

interaction with other features 38-7

interaction with virtual switches 38-6

learn method and priority configuration 38-16

modes 38-6

support for 1-4

with dual-action detection 38-6

port-channel interfaces

described 38-4

numbering of 38-4

port groups 12-4

stack changes, effects of 38-10

support for 1-4

EtherChannel guard

described 18-10

disabling 18-17

enabling 18-17

Ethernet management port

active link 12-22

and routing 12-22

and TFTP 12-23

configuring 12-23

default setting 12-22

described 12-21

for network management 12-21

specifying 12-23

supported features 12-22

unsupported features 12-23

Ethernet management port, internal

and routing 12-22

unsupported features 12-23

Ethernet VLANs

adding 13-8

defaults and ranges 13-8

modifying 13-8

EUI 35-3

events, RMON 28-4

examples

network configuration 1-18

expedite queue for QoS 33-80

Express Setup 1-1

See also getting started guide

extended crashinfo file 39-23

extended-range VLANs

configuration guidelines 13-11

configuring 13-11

creating 13-12

defined 13-1

extended system ID

MSTP 17-18

STP 16-4, 16-16

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 10-1

F

fa0 interface 1-7

Fa0 port

See Ethernet management port

failover support 1-8

Fast Convergence 19-3

fastethernet0 port

See Ethernet management port

Fast Uplink Transition Protocol 18-6

features, incompatible 23-12

fiber-optic, detecting unidirectional links 24-1

files

basic crashinfo

description 39-23

location 39-23

copying A-5

crashinfo, description 39-23

deleting A-5

displaying the contents of A-8

extended crashinfo

description 39-24

location 39-24

tar

creating A-6

displaying the contents of A-7

extracting A-7

image file format A-25

file system

displaying available file systems A-2

displaying file information A-3

local file system names A-1

network file system names A-5

setting the default A-3

filtering

IPv6 traffic 37-3, 37-7

non-IP traffic 31-23

show and more command output 2-9

filtering show and more command output 2-9

filters, IP

See ACLs, IP

flash device, number of A-1

flexible authentication ordering

configuring 10-64

overview 10-30

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-9

configuring preferred VLAN 19-12

configuring VLAN load balancing 19-11

default configuration 19-8

description 19-2

link load balancing 19-3

monitoring 19-14

VLANs 19-3

flooded traffic, blocking 23-8

flow-based packet classification 1-13

flowcharts

QoS classification 33-7

QoS egress queueing and scheduling 33-18

QoS ingress queueing and scheduling 33-15

QoS policing and marking 33-11

flowcontrol

configuring 12-29

described 12-29

forward-delay time

MSTP 17-24

STP 16-23

FTP

configuration files

downloading A-13

overview A-12

preparing the server A-13

uploading A-15

image files

deleting old image A-32

downloading A-31

preparing the server A-30

uploading A-32

G

general query 19-5

Generating IGMP Reports 19-4

get-bulk-request operation 30-4

get-next-request operation 30-3, 30-5

get-request operation 30-3, 30-4, 30-5

get-response operation 30-4

Gigabit modules

See SFPs

global configuration mode 2-2

global leave, IGMP 21-13

guest VLAN and 802.1x 10-22

guide mode 1-2

GUIs

See device manager and Network Assistant

H

hello time

MSTP 17-24

STP 16-22

help, for the command line 2-3

HFTM space 39-26

history

changing the buffer size 2-5

described 2-5

disabling 2-6

recalling commands 2-6

history table, level and number of syslog messages 29-10

host names, in clusters 6-12

hosts, limit on dynamic ports 13-29

HP OpenView 1-5

HQATM space 39-26

HSRP

automatic cluster recovery 6-11

cluster standby group considerations 6-10

See also clusters, cluster standby group, and standby command switch

HTTP over SSL

see HTTPS

HTTPS 9-46

configuring 9-50

self-signed certificate 9-47

HTTP secure server 9-46

Hulc Forwarding TCAM Manager

See HFTM space

Hulc QoS/ACL TCAM Manager

See HQATM space

I

ICMP

IPv6 35-3

time-exceeded messages 39-17

traceroute and 39-17

unreachable messages and IPv6 37-4

ICMP ping

executing 39-15

overview 39-14

ICMPv6 35-3

IDS appliances

and ingress RSPAN 27-21

and ingress SPAN 27-14

IEEE 802.1D

See STP

IEEE 802.1p 15-1

IEEE 802.1Q

and trunk ports 12-3

configuration limitations 13-15

encapsulation 13-14

native VLAN for untagged traffic 13-19

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ad, PoE+ 1-15, 12-6

IEEE 802.3af

See PoE

IEEE 802.3x flow control 12-29

ifIndex values, SNMP 30-6

IFS 1-6

IGMP

configurable leave timer

described 21-6

enabling 21-11

flooded multicast traffic

controlling the length of time 21-12

disabling on an interface 21-13

global leave 21-13

query solicitation 21-13

recovering from flood mode 21-13

joining multicast group 21-3

join messages 21-3

leave processing, enabling 21-10, 36-9

leaving multicast group 21-5

queries 21-4

report suppression

described 21-6

disabling 21-16, 36-11

supported versions 21-3

support for 1-4

IGMP filtering

configuring 21-25

default configuration 21-25

described 21-24

monitoring 21-29

support for 1-5

IGMP groups

configuring filtering 21-28

setting the maximum number 21-27

IGMP Immediate Leave

configuration guidelines 21-11

described 21-5

enabling 21-10

IGMP profile

applying 21-26

configuration mode 21-25

configuring 21-26

IGMP snooping

and address aliasing 21-2

and stack changes 21-6

configuring 21-7

default configuration 21-7, 36-6

definition 21-2

enabling and disabling 21-7, 36-7

global configuration 21-7

Immediate Leave 21-5

in the switch stack 21-6

method 21-8

monitoring 21-16, 36-11

querier

configuration guidelines 21-14

configuring 21-14

supported versions 21-3

support for 1-4

VLAN configuration 21-8

IGMP throttling

configuring 21-28

default configuration 21-25

described 21-24

displaying action 21-29

Immediate Leave, IGMP 21-5

enabling 36-9

inaccessible authentication bypass 10-24

support for multiauth ports 10-25

initial configuration

defaults 1-16

Express Setup 1-1

interface

number 12-16

range macros 12-19

interface command12-16to??, 12-16to 12-17

interface configuration mode 2-2

interfaces

auto-MDIX, configuring 12-30

configuration guidelines

duplex and speed 12-27

configuring

procedure 12-17

counters, clearing 12-41

default configuration 12-24

described 12-37

descriptive name, adding 12-37

displaying information about 12-40

flow control 12-29

management 1-5

monitoring 12-40

naming 12-37

physical, identifying 12-16

range of 12-18

restarting 12-41

shutting down 12-41

speed and duplex, configuring 12-28

status 12-40

supported 12-16

types of 12-1

interfaces range macro command 12-19

interface types 12-16

Internet Protocol version 6

See IPv6

inter-VLAN routing 34-1

Intrusion Detection System

See IDS appliances

inventory management TLV 26-3, 26-7

IP ACLs

for QoS classification 33-8

implicit deny 31-9, 31-13

implicit masks 31-9

named 31-13

undefined 31-19

IP addresses

128-bit 35-2

candidate or member 6-4, 6-12

classes of 34-4

cluster access 6-2

command switch 6-3, 6-10, 6-12

discovering 5-24

for IP routing 34-4

IPv6 35-2

redundant clusters 6-10

standby command switch 6-10, 6-12

See also IP information

ip igmp profile command 21-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP phones

and QoS 15-1

automatic classification and queueing 33-21

configuring 15-4

ensuring port security with QoS 33-45

trusted boundary for QoS 33-45

IP Port Security for Static Hosts

on a Layer 2 access port 20-17

IP precedence 33-2

IP-precedence-to-DSCP map for QoS 33-64

IP protocols in ACLs 31-10

IP routing

disabling 34-4

enabling 34-4

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 32-1

IP SLAs

benefits 32-2

configuration guidelines 32-5

Control Protocol 32-4

default configuration 32-5

definition 32-1

measuring network performance 32-3

monitoring 32-6

operation 32-3

responder

described 32-4

enabling 32-6

response time 32-4

SNMP support 32-2

supported metrics 32-2

IP source guard

and 802.1x 20-15

and DHCP snooping 20-13

and EtherChannels 20-15

and port security 20-15

and private VLANs 20-15

and routed ports 20-15

and TCAM entries 20-15

and trunk interfaces 20-15

and VRF 20-15

binding configuration

automatic 20-13

manual 20-13

binding table 20-13

configuration guidelines 20-15

default configuration 20-15

described 20-13

disabling 20-16

displaying

active IP or MAC bindings 20-20

bindings 20-20

configuration 20-20

enabling 20-16, 20-17

filtering

source IP address 20-13

source IP and MAC address 20-13

on provisioned switches 20-15

source IP address filtering 20-13

source IP and MAC address filtering 20-13

static bindings

adding 20-16, 20-17

deleting 20-16

static hosts 20-17

IP traceroute

executing 39-18

overview 39-17

IP unicast routing

assigning IP addresses to Layer 3 interfaces 34-4

configuring static routes 34-5

disabling 34-4

enabling 34-4

inter-VLAN 34-1

IP addressing

classes 34-4

configuring 34-4

steps to configure 34-3

subnet mask 34-4

with SVIs 34-3

IPv4 ACLs

applying to interfaces 31-18

extended, creating 31-9

named 31-13

standard, creating 31-8

IPv4 and IPv6

dual protocol stacks 35-4

IPv6

ACLs

displaying 37-8

limitations 37-2

matching criteria 37-3

port 37-1

precedence 37-2

router 37-1

supported 37-2

addresses 35-2

address formats 35-2

and switch stacks 35-6

applications 35-4

assigning address 35-7

autoconfiguration 35-4

configuring static routes 35-10

default configuration 35-7

defined 35-1

forwarding 35-7

ICMP 35-3

monitoring 35-11

neighbor discovery 35-4

SDM templates 36-1, 37-1

stack master functions 35-6

Stateless Autoconfiguration 35-4

supported features 35-2

IPv6 traffic, filtering 37-3

J

join messages, IGMP 21-3

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 33-2

Layer 2 interfaces, default configuration 12-24

Layer 2 traceroute

and ARP 39-16

and CDP 39-16

broadcast traffic 39-16

described 39-16

IP addresses and subnets 39-16

MAC addresses and VLANs 39-16

multicast traffic 39-16

multiple devices on a port 39-17

unicast traffic 39-16

usage guidelines 39-16

Layer 3 features 1-15

Layer 3 interfaces

assigning IP addresses to 34-4

assigning IPv6 addresses to 35-7

changing from Layer 2 mode 34-4

Layer 3 packets, classification methods 33-2

LDAP 4-2

Leaking IGMP Reports 19-4

LEDs, switch

See hardware installation guide

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

link failure, detecting unidirectional 17-8

Link Layer Discovery Protocol

See CDP

link local unicast addresses 35-3

link redundancy

See Flex Links

links, unidirectional 24-1

link-state tracking

configuring 38-23

described 38-21

LLDP

configuring 26-5

characteristics 26-6

default configuration 26-5

enabling 26-6

monitoring and maintaining 26-11

overview 26-1

supported TLVs 26-2

switch stack considerations 26-2

transmission timer and holdtime, setting 26-6

LLDP-MED

configuring

procedures 26-5

TLVs 26-7

monitoring and maintaining 26-11

overview 26-1, 26-2

supported TLVs 26-2

LLDP Media Endpoint Discovery

See LLDP-MED

local SPAN 27-2

location TLV 26-3, 26-7

login authentication

with RADIUS 9-30

with TACACS+ 9-14

login banners 5-11

log messages

See system message logging

Long-Reach Ethernet (LRE) technology 1-20

loop guard

described 18-11

enabling 18-18

support for 1-9

LRE profiles, considerations in switch clusters 6-15

M

MAB

See MAC authentication bypass

MAB inactivity timer

default setting 10-36

range 10-38

MAC/PHY configuration status TLV 26-2

MAC addresses

aging time 5-15

and VLAN association 5-14

building the address table 5-14

default configuration 5-15

disabling learning on a VLAN 5-23

discovering 5-24

displaying 5-24

displaying in the IP source binding table 20-20

dynamic

learning 5-14

removing 5-16

in ACLs 31-23

static

adding 5-21

allowing 5-22, 5-23

characteristics of 5-20

dropping 5-22

removing 5-21

MAC address learning 1-6

MAC address learning, disabling on a VLAN 5-23

MAC address notification, support for 1-15

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-8

description 19-6

monitoring 19-14

MAC address-to-VLAN mapping 13-23

MAC authentication bypass 10-38

configuring 10-57

overview 10-17

MAC extended access lists

applying to Layer 2 interfaces 31-24

configuring for QoS 33-52

creating 31-23

defined 31-23

for QoS classification 33-5

magic packet 10-27

manageability features 1-6

management access

in-band

browser session 1-7

CLI session 1-7

device manager 1-7

SNMP 1-7

out-of-band console port connection 1-7

management address TLV 26-2

management options

CLI 2-1

clustering 1-3

CNS 4-1

Network Assistant 1-2

overview 1-5

management VLAN

considerations in switch clusters 6-7

discovery through different management VLANs 6-7

mapping tables for QoS

configuring

CoS-to-DSCP 33-63

DSCP 33-63

DSCP-to-CoS 33-66

DSCP-to-DSCP-mutation 33-67

IP-precedence-to-DSCP 33-64

policed-DSCP 33-65

described 33-11

marking

action with aggregate policers 33-60

described 33-4, 33-9

matching

IPv6 ACLs 37-3

matching, IPv4 ACLs 31-7

maximum aging time

MSTP 17-25

STP 16-23

maximum hop count, MSTP 17-25

maximum number of allowed devices, port-based authentication 10-38

MDA

configuration guidelines 10-13

described 1-11, 10-12

exceptions with authentication process 10-5

membership mode, VLAN port 13-3

member switch

automatic discovery 6-5

defined 6-2

managing 6-15

passwords 6-12

recovering from lost connectivity 39-12

requirements 6-4

See also candidate switch, cluster standby group, and standby command switch

memory consistency check errors

example 39-27

memory consistency check routines 1-5, 39-26

memory consistency integrity 1-5, 39-26

messages, to users through banners 5-11

MIBs

overview 30-1

SNMP interaction with 30-5

mirroring traffic for analysis 27-1

mismatches, autonegotiation 39-12

module number 12-16

monitoring

access groups 31-26

cables for unidirectional links 24-1

CDP 25-5

features 1-15

Flex Links 19-14

IGMP

filters 21-29

snooping 21-16, 36-11

interfaces 12-40

IP SLAs operations 32-6

IPv4 ACL configuration 31-26

IPv6 35-11

IPv6 ACL configuration 37-8

MAC address-table move update 19-14

multicast router interfaces 21-17, 36-12

MVR 21-23

network traffic for analysis with probe 27-2

port

blocking 23-20

protection 23-20

SFP status 12-40, 39-14

speed and duplex mode 12-28

traffic flowing among switches 28-1

traffic suppression 23-20

VLANs 13-13

VMPS 13-28

VTP 14-18

mrouter Port 19-3

mrouter port 19-5

MSTP

boundary ports

configuration guidelines 17-15

described 17-6

BPDU filtering

described 18-3

enabling 18-14

BPDU guard

described 18-2

enabling 18-13

CIST, described 17-3

CIST regional root 17-3

CIST root 17-5

configuration guidelines 17-15, 18-12

configuring

forward-delay time 17-24

hello time 17-24

link type for rapid convergence 17-25

maximum aging time 17-25

maximum hop count 17-25

MST region 17-16

neighbor type 17-26

path cost 17-22

port priority 17-20

root switch 17-18

secondary root switch 17-19

switch priority 17-23

CST

defined 17-3

operations between regions 17-4

default configuration 17-14

default optional feature configuration 18-12

displaying status 17-27

enabling the mode 17-16

EtherChannel guard

described 18-10

enabling 18-17

extended system ID

effects on root switch 17-18

effects on secondary root switch 17-19

unexpected behavior 17-18

IEEE 802.1s

implementation 17-6

port role naming change 17-7

terminology 17-5

instances supported 16-10

interface state, blocking to forwarding 18-2

interoperability and compatibility among modes 16-11

interoperability with IEEE 802.1D

described 17-9

restarting migration process 17-27

IST

defined 17-3

master 17-3

operations within a region 17-3

loop guard

described 18-11

enabling 18-18

mapping VLANs to MST instance 17-16

MST region

CIST 17-3

configuring 17-16

described 17-2

hop-count mechanism 17-5

IST 17-3

supported spanning-tree instances 17-2

optional features supported 1-8

overview 17-2

Port Fast

described 18-2

enabling 18-12

preventing root switch selection 18-10

root guard

described 18-10

enabling 18-18

root switch

configuring 17-18

effects of extended system ID 17-18

unexpected behavior 17-18

shutdown Port Fast-enabled port 18-2

stack changes, effects of 17-8

status, displaying 17-27

multiauth

support for inaccessible authentication bypass 10-25

multiauth mode

See multiple-authentication mode

multicast groups

Immediate Leave 21-5

joining 21-3

leaving 21-5

static joins 21-10, 36-8

multicast router interfaces, monitoring 21-17, 36-12

multicast router ports, adding 21-9, 36-8

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 21-18

multicast VLAN 21-17

Multicast VLAN Registration

See MVR

multidomain authentication

See MDA

multiple authentication 10-14

multiple authentication mode

configuring 10-44

MVR

and address aliasing 21-20

and IGMPv3 21-21

configuration guidelines 21-20

configuring interfaces 21-22

default configuration 21-20

described 21-17

example application 21-18

modes 21-21

monitoring 21-23

multicast television application 21-18

setting global parameters 21-21

support for 1-4

N

NAC

critical authentication 10-24, 10-54

IEEE 802.1x authentication using a RADIUS server 10-58

IEEE 802.1x validation using RADIUS server 10-58

inaccessible authentication bypass 10-54

Layer 2 IEEE 802.1x validation 1-12, 10-30, 10-58

named IPv4 ACLs 31-13

NameSpace Mapper

See NSM

native VLAN

configuring 13-19

default 13-19

NEAT

configuring 10-59

overview 10-31

neighbor discovery, IPv6 35-4

Network Admission Control

See NAC

Network Assistant

benefits 1-1

described 1-5

downloading image files 1-2

guide mode 1-2

management options 1-2

managing switch stacks 7-2, 7-15

upgrading a switch A-24

wizards 1-2

network configuration examples

cost-effective wiring closet 1-20

increasing network performance 1-19

long-distance, high-bandwidth transport 1-24

providing network services 1-19

server aggregation and Linux server cluster 1-22

small to medium-sized network 1-23

network design

performance 1-19

services 1-19

Network Edge Access Topology

See NEAT

network management

CDP 25-1

RMON 28-1

SNMP 30-1

network performance, measuring with IP SLAs 32-3

network policy TLV 26-2, 26-7

Network Time Protocol

See NTP

no commands 2-4

nonhierarchical policy maps

described 33-10

non-IP traffic filtering 31-23

nontrunking mode 13-14

normal-range VLANs 13-4

configuration guidelines 13-6

configuring 13-4

defined 13-1

NSM 4-3

NTP

associations

defined 5-3

overview 5-3

stratum 5-3

support for 1-6

time

services 5-3

synchronizing 5-3

O

OBFL

configuring 39-25

described 39-24

displaying 39-26

offline configuration for switch stacks 7-7

off mode, VTP 14-4

on-board failure logging

See OBFL

online diagnostics

overview 40-1

running tests 40-3

understanding 40-1

open1x

configuring 10-64

open1x authentication

overview 10-31

optimizing system resources 8-1

options, management 1-5

out-of-profile markdown 1-14

P

packet modification, with QoS 33-20

PAgP

See EtherChannel

passwords

default configuration 9-2

disabling recovery of 9-5

encrypting 9-3

for security 1-10

in clusters 6-13

overview 9-1

recovery of 39-3

setting

enable 9-3

enable secret 9-3

Telnet 9-6

with usernames 9-6

VTP domain 14-10

path cost

MSTP 17-22

STP 16-20

PC (passive command switch) 6-9

performance, network design 1-19

performance features 1-4

persistent self-signed certificate 9-47

per-user ACLs and Filter-Ids 10-8

per-VLAN spanning-tree plus

See PVST+

physical ports 12-2

PIM-DVMRP, as snooping method 21-8

ping

character output description 39-15

executing 39-15

overview 39-14

PoE

auto mode 12-7

CDP with power consumption, described 12-5

CDP with power negotiation, described 12-5

Cisco intelligent power management 12-5

configuring 12-31

cutoff power

determining 12-8

cutoff-power

support for 12-8

devices supported 12-5

high-power devices operating in low-power mode 12-5

IEEE power classification levels 12-6

monitoring 12-8

monitoring power 12-34

policing power consumption 12-34

policing power usage 12-8

power budgeting 12-32

power consumption 12-9, 12-32

powered-device detection and initial power allocation 12-6

power management modes 12-7

power monitoring 12-8

power negotiation extensions to CDP 12-5

power sensing 12-8

standards supported 12-5

static mode 12-7

total available power 12-10

troubleshooting 39-13

PoE+ 1-15, 12-5, 12-6, 12-31

policed-DSCP map for QoS 33-65

policers

configuring

for each matched traffic class 33-55

for more than one traffic class 33-60

described 33-4

displaying 33-81

number of 33-41

types of 33-10

policing

described 33-4

token-bucket algorithm 33-10

policy maps for QoS

characteristics of 33-55

described 33-8

displaying 33-82

nonhierarchical on physical ports

described 33-10

port ACLs

defined 31-2

types of 31-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 10-16

authentication server

defined 10-3, 11-2

RADIUS server 10-3

client, defined 10-3, 11-2

configuration guidelines 10-36, 11-9

configuring

802.1x authentication 10-42

guest VLAN 10-52

host mode 10-44

inaccessible authentication bypass 10-54

manual re-authentication of a client 10-47

periodic re-authentication 10-46

quiet period 10-47

RADIUS server 10-44, 11-13

RADIUS server parameters on the switch 10-43, 11-11

restricted VLAN 10-53

switch-to-client frame-retransmission number 10-48, 10-49

switch-to-client retransmission time 10-47

violation modes 10-41

default configuration 10-35, 11-9

described 10-1

device roles 10-3, 11-2

displaying statistics 10-66, 11-17

downloadable ACLs and redirect URLs

configuring10-61to10-63, ??to 10-63

overview10-20to 10-22

EAPOL-start frame 10-5

EAP-request/identity frame 10-5

EAP-response/identity frame 10-5

enabling

802.1X authentication 11-11

encapsulation 10-3

flexible authentication ordering

configuring 10-64

overview 10-30

guest VLAN

configuration guidelines 10-23, 10-24

described 10-22

host mode 10-12

inaccessible authentication bypass

configuring 10-54

described 10-24

guidelines 10-37

initiation and message exchange 10-5

magic packet 10-27

maximum number of allowed devices per port 10-38

method lists 10-42

multiple authentication 10-14

per-user ACLs

configuration tasks 10-20

described 10-19

RADIUS server attributes 10-19

ports

authorization state and dot1x port-control command 10-11

authorized and unauthorized 10-10

voice VLAN 10-27

port security

described 10-27

readiness check

configuring 10-38

described 10-17, 10-38

resetting to default values 10-66

stack changes, effects of 10-11

statistics, displaying 10-66

switch

as proxy 10-3, 11-2

RADIUS client 10-3

switch supplicant

configuring 10-59

overview 10-31

user distribution

guidelines 10-29

overview 10-29

VLAN assignment

AAA authorization 10-42

characteristics 10-18

configuration tasks 10-18

described 10-17

voice aware 802.1x security

configuring 10-39

described 10-31, 10-39

voice VLAN

described 10-27

PVID 10-27

VVID 10-27

wake-on-LAN, described 10-27

with ACLs and RADIUS Filter-Id attribute 10-33

port-based authentication methods, supported 10-7

port blocking 1-4, 23-7

port-channel

See EtherChannel

port description TLV 26-2

Port Fast

described 18-2

enabling 18-12

mode, spanning tree 13-25

support for 1-8

port membership modes, VLAN 13-3

port priority

MSTP 17-20

STP 16-18

ports

access 12-3

blocking 23-7

dual-purpose uplink 12-4

dynamic access 13-4

protected 23-6

secure 23-9

static-access 13-3, 13-10

switch 12-2

trunks 13-3, 13-14

VLAN assignments 13-10

port security

aging 23-17

and QoS trusted boundary 33-45

and stacking 23-18

configuring 23-12

default configuration 23-11

described 23-8

displaying 23-20

on trunk ports 23-14

sticky learning 23-9

violations 23-10

with other features 23-11

port-shutdown response, VMPS 13-24

port VLAN ID TLV 26-2

power management TLV 26-3, 26-7

Power over Ethernet

See PoE

preemption, default configuration 19-8

preemption delay, default configuration 19-8

preferential treatment of traffic

See QoS

preventing unauthorized access 9-1

primary links 19-2

priority

overriding CoS 15-6

trusting CoS 15-6

private VLAN edge ports

See protected ports

privileged EXEC mode 2-2

privilege levels

changing the default for lines 9-9

command switch 6-16

exiting 9-9

logging into 9-9

mapping on member switches 6-16

overview 9-2, 9-7

setting a command with 9-8

protected ports 1-10, 23-6

protocol storm protection 23-18

provisioned switches and IP source guard 20-15

provisioning new members for a switch stack 7-7

proxy reports 19-4

pruning, VTP

disabling

in VTP domain 14-16

on a port 13-19

enabling

in VTP domain 14-16

on a port 13-18

examples 14-7

overview 14-6

pruning-eligible list

changing 13-18

for VTP pruning 14-6

VLANs 14-16

PVST+

described 16-10

IEEE 802.1Q trunking interoperability 16-11

instances supported 16-10

Q

QoS

and MQC commands 33-1

auto-QoS

categorizing traffic 33-22

configuration and defaults display 33-37

configuration guidelines 33-34

described 33-21

disabling 33-36

displaying generated commands 33-36

displaying the initial configuration 33-37

effects on running configuration 33-34

list of generated commands 33-25, 33-29

basic model 33-4

classification

class maps, described 33-8

defined 33-4

DSCP transparency, described 33-46

flowchart 33-7

forwarding treatment 33-3

in frames and packets 33-3

IP ACLs, described 33-6, 33-8

MAC ACLs, described 33-5, 33-8

options for IP traffic 33-6

options for non-IP traffic 33-5

policy maps, described 33-8

trust DSCP, described 33-5

trusted CoS, described 33-5

trust IP precedence, described 33-5

class maps

configuring 33-53

displaying 33-81

configuration guidelines

auto-QoS 33-34

standard QoS 33-40

configuring

aggregate policers 33-60

auto-QoS 33-21

default port CoS value 33-44

DSCP maps 33-63

DSCP transparency 33-46

DSCP trust states bordering another domain 33-47

egress queue characteristics 33-74

ingress queue characteristics 33-69

IP extended ACLs 33-51

IP standard ACLs 33-50

MAC ACLs 33-52

port trust states within the domain 33-42

trusted boundary 33-45

default auto configuration 33-22

default standard configuration 33-38

displaying statistics 33-81

DSCP transparency 33-46

egress queues

allocating buffer space 33-74

buffer allocation scheme, described 33-18

configuring shaped weights for SRR 33-78

configuring shared weights for SRR 33-79

described 33-4

displaying the threshold map 33-77

flowchart 33-18

mapping DSCP or CoS values 33-76

scheduling, described 33-4

setting WTD thresholds 33-74

WTD, described 33-19

enabling globally 33-42

flowcharts

classification 33-7

egress queueing and scheduling 33-18

ingress queueing and scheduling 33-15

policing and marking 33-11

implicit deny 33-8

ingress queues

allocating bandwidth 33-72

allocating buffer space 33-71

buffer and bandwidth allocation, described 33-16

configuring shared weights for SRR 33-72

configuring the priority queue 33-73

described 33-4

displaying the threshold map 33-70

flowchart 33-15

mapping DSCP or CoS values 33-69

priority queue, described 33-17

scheduling, described 33-4

setting WTD thresholds 33-69

WTD, described 33-16

IP phones

automatic classification and queueing 33-21

detection and trusted settings 33-21, 33-45

limiting bandwidth on egress interface 33-80

mapping tables

CoS-to-DSCP 33-63

displaying 33-81

DSCP-to-CoS 33-66

DSCP-to-DSCP-mutation 33-67

IP-precedence-to-DSCP 33-64

policed-DSCP 33-65

types of 33-11

marked-down actions 33-58

marking, described 33-4, 33-9

overview 33-2

packet modification 33-20

policers

configuring 33-58, 33-61

described 33-9

displaying 33-81

number of 33-41

types of 33-10

policies, attaching to an interface 33-9

policing

described 33-4, 33-9

token bucket algorithm 33-10

policy maps

characteristics of 33-55

displaying 33-82

nonhierarchical on physical ports 33-55

QoS label, defined 33-4

queues

configuring egress characteristics 33-74

configuring ingress characteristics 33-69

high priority (expedite) 33-20, 33-80

location of 33-12

SRR, described 33-14

WTD, described 33-13

rewrites 33-20

support for 1-13

trust states

bordering another domain 33-47

described 33-5

trusted device 33-45

within the domain 33-42

quality of service

See QoS

queries, IGMP 21-4

query solicitation, IGMP 21-13

R

RADIUS

attributes

vendor-proprietary 9-38

vendor-specific 9-37

configuring

accounting 9-35

authentication 9-30

authorization 9-34

communication, global 9-27, 9-36

communication, per-server 9-27

multiple UDP ports 9-27

default configuration 9-27

defining AAA server groups 9-32

displaying the configuration 9-41

identifying the server 9-27

in clusters 6-15

limiting the services to the user 9-34

method list, defined 9-26

operation of 9-19

overview 9-18

server load balancing 9-40

suggested network environments 9-18

support for 1-12

tracking services accessed by user 9-35

RADIUS Change of Authorization 9-20

range

macro 12-19

of interfaces 12-18

rapid convergence 17-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 16-10

IEEE 802.1Q trunking interoperability 16-11

instances supported 16-10

Rapid Spanning Tree Protocol

See RSTP

rcommand command 6-15

RCP

configuration files

downloading A-17

overview A-16

preparing the server A-16

uploading A-18

image files

deleting old image A-37

downloading A-35

preparing the server A-34

uploading A-37

readiness check

port-based authentication

configuring 10-38

described 10-17, 10-38

reconfirmation interval, VMPS, changing 13-27

reconfirming dynamic VLAN membership 13-27

recovery procedures 39-1

redirect URL 10-20, 10-21, 10-61

redundancy

EtherChannel 38-3

STP

backbone 16-8

multidrop backbone 18-5

path cost 13-22

port priority 13-20

redundant links and UplinkFast 18-15

reloading software 3-22

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-3

report suppression, IGMP

described 21-6

disabling 21-16, 36-11

resequencing ACL entries 31-13

reserved addresses in DHCP pools 20-22

resetting a UDLD-shutdown interface 24-6

responder, IP SLAs

described 32-4

enabling 32-6

response time, measuring with IP SLAs 32-4

restricted VLAN

configuring 10-53

described 10-23

using with IEEE 802.1x 10-23

restricting access

overview 9-1

passwords and privilege levels 9-2

RADIUS 9-17

TACACS+ 9-10

retry count, VMPS, changing 13-28

RFC

1112, IP multicast and IGMP 21-2

1157, SNMPv1 30-2

1166, IP addresses 34-4

1305, NTP 5-3

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 21-2

2273-2275, SNMPv3 30-2

RFC 5176 Compliance 9-21

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-6

collecting group history 28-5

support for 1-15

root guard

described 18-10

enabling 18-18

support for 1-9

root switch

MSTP 17-18

STP 16-16

router ACLs

defined 31-2

types of 31-4

RSPAN

and stack changes 27-10

characteristics 27-9

configuration guidelines 27-17

default configuration 27-10

defined 27-3

destination ports 27-8

displaying status 27-23

in a switch stack 27-2

interaction with other features 27-9

monitored ports 27-6

monitoring ports 27-8

overview 1-15, 27-1

received traffic 27-5

sessions

creating 27-18

defined 27-4

limiting source traffic to specific VLANs 27-22

specifying monitored ports 27-18

with ingress traffic enabled 27-21

source ports 27-6

transmitted traffic 27-6

VLAN-based 27-7

RSTP

active topology 17-10

BPDU

format 17-12

processing 17-13

designated port, defined 17-9

designated switch, defined 17-9

interoperability with IEEE 802.1D

described 17-9

restarting migration process 17-27

topology changes 17-13

overview 17-9

port roles

described 17-9

synchronized 17-11

proposal-agreement handshake process 17-10

rapid convergence

cross-stack rapid convergence 17-11

described 17-10

edge ports and Port Fast 17-10

point-to-point links 17-10, 17-25

root ports 17-10

root port, defined 17-9

See also MSTP

running configuration

replacing A-19, A-20

rolling back A-19, A-21

running configuration, saving 3-15

S

SC (standby command switch) 6-9

scheduled reloads 3-22

SCP

and SSH 9-53

configuring 9-53

SDM

templates

configuring 8-5

number of 8-1

SDM template 37-3

configuration guidelines 8-4

configuring 8-4

types of 8-1

Secure Copy Protocol

secure HTTP client

configuring 9-51

displaying 9-52

secure HTTP server

configuring 9-50

displaying 9-52

secure MAC addresses

and switch stacks 23-18

deleting 23-16

maximum number of 23-10

types of 23-9

secure ports

and switch stacks 23-18

secure ports, configuring 23-9

secure remote connections 9-42

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 23-8

security features 1-10

See SCP

sequence numbers in log messages 29-8

server mode, VTP 14-3

service-provider network, MSTP and RSTP 17-1

set-request operation 30-5

setup program

failed command switch replacement 39-11

replacing failed command switch 39-9

severity levels, defining in system messages 29-9

SFPs

monitoring status of 12-40, 39-14

security and identification 39-13

status, displaying 39-14

shaped round robin

See SRR

show access-lists hw-summary command 31-20

show and more command output, filtering 2-9

show cdp traffic command 25-5

show cluster members command 6-15

show configuration command 12-37

show forward command 39-22

show interfaces command 12-28, 12-37

show interfaces switchport 19-4

show lldp traffic command 26-11

show platform forward command 39-22

show platform tcam command 39-26, 39-27

show running-config command

displaying ACLs 31-18, 31-19

interface description in 12-37

shutdown command on interfaces 12-41

Simple Network Management Protocol

See SNMP

small form-factor pluggable modules

See SFPs

small-frame arrival rate, configuring 23-5

SNAP 25-1

SNMP

accessing MIB variables with 30-5

agent

described 30-4

disabling 30-8

and IP SLAs 32-2

authentication level 30-11

community strings

configuring 30-8

for cluster switches 30-4

overview 30-4

configuration examples 30-18

default configuration 30-7

engine ID 30-7

groups 30-7, 30-10

host 30-7

ifIndex values 30-6

in-band management 1-7

in clusters 6-13

informs

and trap keyword 30-13

described 30-5

differences from traps 30-5

disabling 30-16

enabling 30-16

limiting access by TFTP servers 30-17

limiting system log messages to NMS 29-10

manager functions 1-5, 30-3

managing clusters with 6-16

notifications 30-5

overview 30-1, 30-5

security levels 30-3

setting CPU threshold notification 30-16

status, displaying 30-19

system contact and location 30-17

trap manager, configuring 30-14

traps

described 30-4, 30-5

differences from informs 30-5

disabling 30-16

enabling 30-13

enabling MAC address notification 5-16, 5-18, 5-19

overview 30-1, 30-5

types of 30-13

users 30-7, 30-10

versions supported 30-2

SNMP and Syslog Over IPv6 35-5

SNMPv1 30-2

SNMPv2C 30-3

SNMPv3 30-3

snooping, IGMP 21-2

software compatibility

See stacks, switch

software images

location in flash A-25

recovery procedures 39-2

scheduling reloads 3-23

tar file format, described A-25

See also downloading and uploading

source addresses

in IPv4 ACLs 31-10

in IPv6 ACLs 37-5

source-and-destination-IP address based forwarding, EtherChannel 38-9

source-and-destination MAC address forwarding, EtherChannel 38-9

source-IP address based forwarding, EtherChannel 38-9

source-MAC address forwarding, EtherChannel 38-8

SPAN

and stack changes 27-10

configuration guidelines 27-11

default configuration 27-10

destination ports 27-8

displaying status 27-23

interaction with other features 27-9

monitored ports 27-6

monitoring ports 27-8

overview 1-15, 27-1

ports, restrictions 23-12

received traffic 27-5

sessions

configuring ingress forwarding 27-15, 27-22

creating 27-12

defined 27-4

limiting source traffic to specific VLANs 27-16

removing destination (monitoring) ports 27-13

specifying monitored ports 27-12

with ingress traffic enabled 27-14

source ports 27-6

transmitted traffic 27-6

VLAN-based 27-7

spanning tree and native VLANs 13-15

Spanning Tree Protocol

See STP

SPAN traffic 27-5

SRR

configuring

shaped weights on egress queues 33-78

shared weights on egress queues 33-79

shared weights on ingress queues 33-72

described 33-14

shaped mode 33-14

shared mode 33-14

support for 1-14

SSH

configuring 9-43

cryptographic software image 9-42

described 1-7, 9-42

encryption methods 9-43

switch stack considerations 7-15

user authentication methods, supported 9-43

SSL

configuration guidelines 9-49

configuring a secure HTTP client 9-51

configuring a secure HTTP server 9-50

cryptographic software image 9-46

described 9-46

monitoring 9-52

stack, switch

MAC address of 7-6, 7-17

stack changes, effects on

802.1x port-based authentication 10-11

ACL configuration 31-6

CDP 25-2

cross-stack EtherChannel 38-13

EtherChannel 38-10

IGMP snooping 21-6

IP routing 34-2

MAC address tables 5-15

MSTP 17-8

MVR 21-18

port security 23-18

SDM template selection 8-3

SNMP 30-2

SPAN and RSPAN 27-10

STP 16-12

switch clusters 6-13

system message log 29-2

VLANs 13-7

VTP 14-8

stack master

bridge ID (MAC address) 7-6

defined 7-1

election 7-5

IPv6 35-6

See also stacks, switch

stack member

accessing CLI of specific member 7-22

configuring

member number 7-20

priority value 7-21

defined 7-1

displaying information of 7-23

number 7-6

priority value 7-7

provisioning a new member 7-21

replacing 7-14

See also stacks, switch

stack member number 12-16

stack protocol version 7-10

stacks, switch

accessing CLI of specific member 7-22

assigning information

member number 7-20

priority value 7-21

provisioning a new member 7-21

auto-advise 7-11

auto-copy 7-11

auto-extract 7-11

auto-upgrade 7-11

bridge ID 7-6

CDP considerations 25-2

compatibility, software 7-9

configuration file 7-14

configuration scenarios 7-16

copying an image file from one member to another A-38

default configuration 7-17

description of 7-1

displaying information of 7-23

enabling persistent MAC address timer 7-17

in clusters 6-13

incompatible software and image upgrades 7-13, A-38

IPv6 on 35-6

MAC address considerations 5-15

management connectivity 7-15

managing 7-1

membership 7-3

merged 7-3

MSTP instances supported 16-10

offline configuration

described 7-7

effects of adding a provisioned switch 7-8

effects of removing a provisioned switch 7-9

effects of replacing a provisioned switch 7-9

provisioned configuration, defined 7-7

provisioned switch, defined 7-7

provisioning a new member 7-21

partitioned 7-3, 39-8

provisioned switch

adding 7-8

removing 7-9

replacing 7-9

replacing a failed member 7-14

software compatibility 7-9

software image version 7-9

stack protocol version 7-10

STP

bridge ID 16-3

root port selection 16-3

stack root switch election 16-3

system messages

hostnames in the display 29-1

remotely monitoring 29-2

system prompt consideration 5-8

system-wide configuration considerations 7-14

upgrading A-38

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 7-11

examples 7-12

manual upgrades with auto-advise 7-11

upgrades with auto-extract 7-11

version-mismatch mode

described 7-10

See also stack master and stack member

standby command switch

configuring

considerations 6-10

defined 6-2

priority 6-9

requirements 6-3

virtual IP address 6-10

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

standby links 19-2

startup configuration

booting

manually 3-19

specific image 3-20

clearing A-19

configuration file

automatically downloading 3-18

specifying the filename 3-18

static access ports

assigning to VLAN 13-10

defined 12-3, 13-3

static addresses

See addresses

static MAC addressing 1-10

static routes

configuring 34-5

configuring for IPv6 35-10

static VLAN membership 13-2

statistics

802.1X 11-17

802.1x 10-66

CDP 25-5

interface 12-40

LLDP 26-11

LLDP-MED 26-11

NMSP 26-11

QoS ingress and egress 33-81

RMON group Ethernet 28-6

RMON group history 28-5

SNMP input and output 30-19

VTP 14-18

sticky learning 23-9

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-20

support for 1-4

thresholds 23-2

STP

accelerating root port selection 18-4

BackboneFast

described 18-7

disabling 18-17

enabling 18-17

BPDU filtering

described 18-3

disabling 18-15

enabling 18-14

BPDU guard

described 18-2

disabling 18-14

enabling 18-13

BPDU message exchange 16-3

configuration guidelines 16-13, 18-12

configuring

forward-delay time 16-23

hello time 16-22

maximum aging time 16-23

path cost 16-20

port priority 16-18

root switch 16-16

secondary root switch 16-18

spanning-tree mode 16-15

switch priority 16-21

transmit hold-count 16-24

counters, clearing 16-24

cross-stack UplinkFast

described 18-5

enabling 18-16

default configuration 16-13

default optional feature configuration 18-12

designated port, defined 16-4

designated switch, defined 16-4

detecting indirect link failures 18-8

disabling 16-16

displaying status 16-24

EtherChannel guard

described 18-10

disabling 18-17

enabling 18-17

extended system ID

effects on root switch 16-16

effects on the secondary root switch 16-18

overview 16-4

unexpected behavior 16-16

features supported 1-8

IEEE 802.1D and bridge ID 16-4

IEEE 802.1D and multicast addresses 16-9

IEEE 802.1t and VLAN identifier 16-5

inferior BPDU 16-3

instances supported 16-10

interface state, blocking to forwarding 18-2

interface states

blocking 16-6

disabled 16-7

forwarding 16-6, 16-7

learning 16-7

listening 16-7

overview 16-5

interoperability and compatibility among modes 16-11

limitations with IEEE 802.1Q trunks 16-11

load sharing

overview 13-20

using path costs 13-22

using port priorities 13-20

loop guard

described 18-11

enabling 18-18

modes supported 16-10

multicast addresses, effect of 16-9

optional features supported 1-8

overview 16-2

path costs 13-22

Port Fast

described 18-2

enabling 18-12

port priorities 13-21

preventing root switch selection 18-10

protocols supported 16-10

redundant connectivity 16-8

root guard

described 18-10

enabling 18-18

root port, defined 16-3

root port selection on a switch stack 16-3

root switch

configuring 16-16

effects of extended system ID 16-4, 16-16

election 16-3

unexpected behavior 16-16

shutdown Port Fast-enabled port 18-2

stack changes, effects of 16-12

status, displaying 16-24

superior BPDU 16-3

timers, described 16-22

UplinkFast

described 18-3

enabling 18-15

stratum, NTP 5-3

subnet mask 34-4

success response, VMPS 13-24

summer time 5-7

SunNet Manager 1-5

supported port-based authentication methods 10-7

SVIs

and IP unicast routing 34-3

and router ACLs 31-4

connecting VLANs 12-11

defined 12-3

switch 35-2

switch clustering technology 6-1

See also clusters, switch

switch console port 1-7

Switch Database Management

See SDM

Switched Port Analyzer

See SPAN

switched ports 12-2

switchport backup interface 19-4, 19-5

switchport block multicast command 23-8

switchport block unicast command 23-8

switchport protected command 23-7

switch priority

MSTP 17-23

STP 16-21

switch software features 1-1

switch virtual interface

See SVI

syslog

See system message logging

system capabilities TLV 26-2

system clock

configuring

daylight saving time 5-7

manually 5-5

summer time 5-7

time zones 5-6

displaying the time and date 5-6

overview 5-2

See also NTP

system description TLV 26-2

system message logging

default configuration 29-4

defining error message severity levels 29-9

disabling 29-4

displaying the configuration 29-14

enabling 29-5

facility keywords, described 29-14

level keywords, described 29-10

limiting messages 29-10

message format 29-2

overview 29-1

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

stack changes, effects of 29-2

synchronizing log messages 29-6

syslog facility 1-15

time stamps, enabling and disabling 29-8

UNIX syslog servers

configuring the daemon 29-13

configuring the logging facility 29-13

facilities supported 29-14

system name

default configuration 5-9

default setting 5-9

manual configuration 5-9

See also DNS

system name TLV 26-2

system prompt, default setting 5-8, 5-9

system resources, optimizing 8-1

T

TACACS+

accounting, defined 9-11

authentication, defined 9-11

authorization, defined 9-11

configuring

accounting 9-17

authentication key 9-13

authorization 9-16

login authentication 9-14

default configuration 9-13

displaying the configuration 9-17

identifying the server 9-13

in clusters 6-15

limiting the services to the user 9-16

operation of 9-12

overview 9-10

support for 1-12

tracking services accessed by user 9-17

tar files

creating A-6

displaying the contents of A-7

extracting A-7

image file format A-25

TCAM

memory consistency check errors

example 39-27

memory consistency check routines 1-5, 39-26

memory consistency integrity 1-5, 39-26

space

HFTM 39-26

HQATM 39-26

unassigned 39-26

TDR 1-16

Telnet

accessing management interfaces 2-10

number of connections 1-7

setting a password 9-6

temporary self-signed certificate 9-47

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 9-6

ternary content addressable memory

See TCAM

TFTP

configuration files

downloading A-11

preparing the server A-11

uploading A-12

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting A-28

downloading A-27

preparing the server A-26

uploading A-29

limiting access by servers 30-17

TFTP server 1-6

threshold, traffic level 23-2

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 31-15

time ranges in ACLs 31-15

time stamps in log messages 29-8

time zones 5-6

TLVs

defined 26-2

LLDP 26-2

LLDP-MED 26-2

Token Ring VLANs

support for 13-6

VTP support 14-5

ToS 1-13

traceroute, Layer 2

and ARP 39-16

and CDP 39-16

broadcast traffic 39-16

described 39-16

IP addresses and subnets 39-16

MAC addresses and VLANs 39-16

multicast traffic 39-16

multiple devices on a port 39-17

unicast traffic 39-16

usage guidelines 39-16

traceroute command 39-18

See also IP traceroute

traffic

blocking flooded 23-8

fragmented 31-4

fragmented IPv6 37-2

unfragmented 31-4

traffic policing 1-14

traffic suppression 23-2

transmit hold-count

see STP

transparent mode, VTP 14-4

trap-door mechanism 3-2

traps

configuring MAC address notification 5-16, 5-18, 5-19

configuring managers 30-13

defined 30-4

enabling 5-16, 5-18, 5-19, 30-13

notification types 30-13

overview 30-1, 30-5

troubleshooting

connectivity problems 39-14, 39-15, 39-17

CPU utilization 39-28

detecting unidirectional links 24-1

displaying crash information 39-23

setting packet forwarding 39-22

SFP security and identification 39-13

show forward command 39-22

with CiscoWorks 30-5

with debug commands 39-20

with ping 39-14

with system message logging 29-1

with traceroute 39-17

trunk failover

See link-state tracking

trunking encapsulation 1-9

trunk ports

configuring 13-16

defined 12-3, 13-3

trunks

allowed-VLAN list 13-17

load sharing

setting STP path costs 13-22

using STP port priorities 13-20, 13-21

native VLAN for untagged traffic 13-19

parallel 13-22

pruning-eligible list 13-18

to non-DTP device 13-14

trusted boundary for QoS 33-45

trusted port states

between QoS domains 33-47

classification options 33-5

ensuring port security for IP phones 33-45

support for 1-13

within a QoS domain 33-42

trustpoints, CA 9-47

twisted-pair Ethernet, detecting unidirectional links 24-1

type of service

See ToS

U

UDLD

configuration guidelines 24-4

default configuration 24-4

disabling

globally 24-5

on fiber-optic interfaces 24-5

per interface 24-6

echoing detection mechanism 24-3

enabling

globally 24-5

per interface 24-6

link-detection mechanism 24-1

neighbor database 24-2

overview 24-1

resetting an interface 24-6

status, displaying 24-7

support for 1-8

unauthorized ports with IEEE 802.1x 10-10

unicast MAC address filtering 1-6

and adding static addresses 5-22

and broadcast MAC addresses 5-21

and CPU packets 5-21

and multicast addresses 5-21

and router MAC addresses 5-21

configuration guidelines 5-21

described 5-21

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-8

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 29-13

facilities supported 29-14

message logging configuration 29-13

unrecognized Type-Length-Value (TLV) support 14-5

upgrading a Catalyst 2950 switch

configuration compatibility issues C-1

differences in configuration commands C-1

feature behavior incompatibilities C-5

incompatible command messages C-1

recommendations C-1

upgrading software images

See downloading

UplinkFast

described 18-3

disabling 18-16

enabling 18-15

support for 1-8

uploading

configuration files

preparing A-11, A-13, A-16

reasons for A-9

using FTP A-15

using RCP A-18

using TFTP A-12

image files

preparing A-26, A-30, A-34

reasons for A-24

using FTP A-32

using RCP A-37

using TFTP A-29

USB mini-Type B console port 12-12

USB Type A port 1-8

user EXEC mode 2-2

username-based authentication 9-6

V

version-dependent transparent mode 14-5

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 7-11

manual upgrades with auto-advise 7-11

upgrades with auto-extract 7-11

version-mismatch mode

described 7-10

virtual IP address

cluster standby group 6-10

command switch 6-10

virtual switches and PAgP 38-6

vlan.dat file 13-5

VLAN 1, disabling on a trunk port 13-17

VLAN 1 minimization 13-17

vlan-assignment response, VMPS 13-23

VLAN configuration

at bootup 13-7

saving 13-7

VLAN configuration mode 2-2

VLAN database

and startup configuration file 13-7

and VTP 14-1

VLAN configuration saved in 13-7

VLANs saved in 13-4

VLAN filtering and SPAN 27-7

vlan global configuration command 13-7

VLAN ID, discovering 5-24

VLAN load balancing on flex links 19-3

configuration guidelines 19-8

VLAN management domain 14-2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming 13-27

modes 13-3

VLAN Query Protocol

See VQP

VLANs

adding 13-8

adding to VLAN database 13-8

aging dynamic addresses 16-9

allowed on trunk 13-17

and spanning-tree instances 13-3, 13-6, 13-12

configuration guidelines, extended-range VLANs 13-11

configuration guidelines, normal-range VLANs 13-6

configuring 13-1

configuring IDs 1006 to 4094 13-11

connecting through SVIs 12-11

creating 13-8

default configuration 13-7

deleting 13-9

described 12-2, 13-1

displaying 13-13

extended-range 13-1, 13-11

features 1-9

illustrated 13-2

in the switch stack 13-7

limiting source traffic with RSPAN 27-22

limiting source traffic with SPAN 27-16

modifying 13-8

multicast 21-17

native, configuring 13-19

normal-range 13-1, 13-4

number supported 1-9

parameters 13-5

port membership modes 13-3

static-access ports 13-10

STP and IEEE 802.1Q trunks 16-11

supported 13-2

Token Ring 13-6

traffic between 13-2

VTP modes 14-3

VLAN Trunking Protocol

See VTP

VLAN trunks 13-14

VMPS

administering 13-28

configuration example 13-29

configuration guidelines 13-25

default configuration 13-25

description 13-23

dynamic port membership

described 13-24

reconfirming 13-27

troubleshooting 13-29

entering server address 13-26

mapping MAC addresses to VLANs 13-23

monitoring 13-28

reconfirmation interval, changing 13-27

reconfirming membership 13-27

retry count, changing 13-28

voice aware 802.1x security

port-based authentication

configuring 10-39

described 10-31, 10-39

voice-over-IP 15-1

voice VLAN

Cisco 7960 phone, port connections 15-1

configuration guidelines 15-3

configuring IP phones for data traffic

override CoS of incoming frame 15-6

trust CoS priority of incoming frame 15-6

configuring ports for voice traffic in

802.1p priority tagged frames 15-5

802.1Q frames 15-5

connecting to an IP phone 15-4

default configuration 15-3

described 15-1

displaying 15-7

IP phone data traffic, described 15-2

IP phone voice traffic, described 15-2

VQP 1-9, 13-23

VTP

adding a client to a domain 14-17

advertisements 13-15, 14-4

and extended-range VLANs 13-2, 14-2

and normal-range VLANs 13-2, 14-2

client mode, configuring 14-13

configuration

guidelines 14-9

requirements 14-11

saving 14-9

configuration requirements 14-11

configuration revision number

guideline 14-17

resetting 14-17

consistency checks 14-5

default configuration 14-9

described 14-1

domain names 14-10

domains 14-2

modes

client 14-3

off 14-4

server 14-3

transitions 14-3

transparent 14-4

monitoring 14-18

passwords 14-10

pruning

disabling 14-16

enabling 14-16

examples 14-7

overview 14-6

support for 1-9

pruning-eligible list, changing 13-18

server mode, configuring 14-11, 14-14

statistics 14-18

support for 1-9

Token Ring support 14-5

transparent mode, configuring 14-12

using 14-1

Version

enabling 14-15

version, guidelines 14-10

Version 1 14-5

Version 2

configuration guidelines 14-10

overview 14-5

Version 3

overview 14-5

W

web authentication 10-17

configuring11-16to ??

described 1-10

web-based authentication

customizeable web pages 11-6

description 11-1

web-based authentication, interactions with other features 11-7

weighted tail drop

See WTD

wired location service

configuring 26-9

displaying 26-11

location TLV 26-3

understanding 26-4

wizards 1-2

WTD

described 33-13

setting thresholds

egress queue-sets 33-74

ingress queues 33-69

support for 1-14

X

Xmodem protocol 39-2