Catalyst 2960 , 2960-S, and 2960-P Switch Software Configuration Guide, Cisco IOS Release 15.0(2)EZ
Index
Downloads: This chapterpdf (PDF - 1.48MB) The complete bookPDF (PDF - 10.96MB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

Numerics

802.1AE Tagging 7-2

A

abbreviating commands 2-3

AC (command switch) 8-9

access-class command 33-19

access control entries

See ACEs

access control entry (ACE) 38-3

access-denied response, VMPS 14-24

access groups

Layer 3 33-20

access groups, applying IPv4 ACLs to interfaces 33-20

accessing

clusters, switch 8-13

command switches 8-11

member switches 8-13

switch clusters 8-13

accessing stack members 9-22

access lists

See ACLs

access ports

in switch clusters 8-8

access ports, defined 13-3

accounting

with 802.1x 12-52

with IEEE 802.1x 12-16

with RADIUS 11-35

with TACACS+ 11-12, 11-17

ACEs

and QoS 34-8

defined 33-2

Ethernet 33-2

IP 33-2

ACLs

ACEs 33-2

any keyword 33-11

applying

time ranges to 33-16

to an interface 33-19, 38-7

to IPv6 interfaces 38-7

to QoS 34-8

classifying traffic for QoS 34-47

comments in 33-18

compiling 33-22

defined 33-2, 33-7

examples of 33-22, 34-47

extended IP, configuring for QoS classification 34-49

extended IPv4

creating 33-10

matching criteria 33-7

hardware and software handling 33-21

host keyword 33-12

IP

creating 33-7

fragments and QoS guidelines 34-38

implicit deny 33-9, 33-14, 33-15

implicit masks 33-9

matching criteria 33-7

undefined 33-21

IPv4

applying to interfaces 33-19

creating 33-7

matching criteria 33-7

named 33-14

numbers 33-8

terminal lines, setting on 33-19

unsupported features 33-6

IPv6

applying to interfaces 38-7

configuring 38-3, 38-4

displaying 38-8

interactions with other features 38-4

limitations 38-2, 38-3

matching criteria 38-3

named 38-2

precedence of 38-2

supported 38-2

unsupported features 38-3

MAC extended 33-24, 34-52

matching 33-7, 33-20, 38-3

monitoring 33-27, 38-8

named, IPv4 33-14

named, IPv6 38-2

names 38-4

number per QoS class map 34-38

port 33-2, 38-1

precedence of 33-3

QoS 34-8, 34-47

resequencing entries 33-14

router 33-2, 38-1

standard IP, configuring for QoS classification 34-48, 34-50

standard IPv4

creating 33-9

matching criteria 33-7

support for 1-11

support in hardware 33-21

time ranges 33-16

types supported 33-2

unsupported features, IPv4 33-6

unsupported features, IPv6 38-3

active link 20-4, 20-5, 20-6

active links 20-2

active traffic monitoring, IP SLAs 32-1

address aliasing 23-2

addresses

displaying the MAC address table 5-24

dynamic

accelerated aging 17-9

changing the aging time 5-16

default aging 17-9

defined 5-14

learning 5-15

removing 5-17

IPv6 36-2

MAC, discovering 5-25

multicast, STP address management 17-9

static

adding and removing 5-21

defined 5-14

address resolution 5-25

Address Resolution Protocol

See ARP

advertisements

CDP 26-1

LLDP 27-2

VTP 14-16, 15-3, 15-4

aggregatable global unicast addresses 36-3

aggregated ports

See EtherChannel

aggregate policers 34-62

aggregate policing 1-15

aging, accelerating 17-9

aging time

accelerated

for MSTP 18-24

for STP 17-9, 17-23

MAC address table 5-16

maximum

for MSTP 18-25

for STP 17-23, 17-24

alarms, RMON 29-4

allowed-VLAN list 14-18

ARP

defined 1-6, 5-25

table

address resolution 5-25

managing 5-25

attributes, RADIUS

vendor-proprietary 11-38

vendor-specific 11-36

attribute-value pairs 12-13, 12-16, 12-22

authentication

local mode with AAA 11-40

open1x 12-31

RADIUS

key 11-28

login 11-30

TACACS+

defined 11-11

key 11-13

login 11-14

See also port-based authentication

authentication compatibility with Catalyst 6000 switches 12-8

authentication failed VLAN

See restricted VLAN

authentication manager

CLI commands 12-9

compatibility with older 802.1x CLI commands12-9to ??

overview 12-7

authoritative time source, described 5-3

authorization

with RADIUS 11-34

with TACACS+ 11-12, 11-16

authorized ports with IEEE 802.1x 12-10

autoconfiguration 3-3

auto enablement 12-33

automatic advise (auto-advise) in switch stacks 9-11

automatic copy (auto-copy) in switch stacks 9-11

automatic discovery

considerations

beyond a noncandidate device 8-8

brand new switches 8-8

connectivity 8-5

different VLANs 8-7

management VLANs 8-7

non-CDP-capable devices 8-6

noncluster-capable devices 8-6

in switch clusters 8-5

See also CDP

automatic extraction (auto-extract) in switch stacks 9-11

automatic QoS

See QoS

automatic recovery, clusters 8-9

See also HSRP

automatic upgrades (auto-upgrade) in switch stacks 9-11

auto-MDIX

configuring 13-31

described 13-31

autonegotiation

duplex mode 1-4

interface configuration guidelines 13-28

mismatches 40-12

Auto-QoS video devices 1-15

autosensing, port speed 1-4

auxiliary VLAN

See voice VLAN

availability, features 1-8

B

BackboneFast

described 19-8

disabling 19-17

enabling 19-17

support for 1-8

backup interfaces

See Flex Links

backup links 20-2

banners

configuring

login 5-14

message-of-the-day login 5-13

default configuration 5-12

when displayed 5-12

Berkeley r-tools replacement 11-52

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 21-6

IP source guard 21-13

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 24-7

booting

boot loader, function of 3-1

boot process 3-1

manually 3-19

specific image 3-19

boot loader

accessing 3-20

described 3-1

environment variables 3-20

prompt 3-20

trap-door mechanism 3-2

Boot Loader Upgrade and Image Verification for the FIPS Mode of Operation 3-23

BPDU

error-disabled state 19-2

filtering 19-3

RSTP format 18-12

BPDU filtering

described 19-3

disabling 19-15

enabling 19-15

support for 1-9

BPDU guard

described 19-2

disabling 19-14

enabling 19-14

support for 1-9

bridge protocol data unit

See BPDU

broadcast storm-control command 24-4

broadcast storms 24-1

C

cables, monitoring for unidirectional links 25-1

candidate switch

automatic discovery 8-5

defined 8-4

requirements 8-4

See also command switch, cluster standby group, and member switch

Catalyst 6000 switches

authentication compatibility 12-8

CA trustpoint

configuring 11-49

defined 11-47

CDP

and trusted boundary 34-44

automatic discovery in switch clusters 8-5

configuring 26-2

default configuration 26-2

defined with LLDP 27-1

described 26-1

disabling for routing device 26-4

enabling and disabling

on an interface 26-4

on a switch 26-4

monitoring 26-5

overview 26-1

power negotiation extensions 13-5

support for 1-6

switch stack considerations 26-2

transmission timer and holdtime, setting 26-3

updates 26-3

CGMP

as IGMP snooping learning method 23-9

joining multicast group 23-3

CipherSuites 11-48

Cisco 7960 IP Phone 16-1

Cisco Discovery Protocol

See CDP

Cisco intelligent power management 13-5

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 32-1

Cisco Secure ACS

attribute-value pairs for downloadable ACLs 12-22

attribute-value pairs for redirect URL 12-22

Cisco Secure ACS configuration guide 12-63

CiscoWorks 2000 1-6, 31-5

CISP 12-33

CIST regional root

See MSTP

CIST root

See MSTP

civic location 27-3

class maps for QoS

configuring 34-53

described 34-8

displaying 34-83

class of service

See CoS

clearing interfaces 13-43

CLI

abbreviating commands 2-3

command modes 2-1

configuration logging 2-4

described 1-5

editing features

enabling and disabling 2-6

keystroke editing 2-7

wrapped lines 2-8

error messages 2-4

filtering command output 2-9

getting help 2-3

history

changing the buffer size 2-5

described 2-5

disabling 2-6

recalling commands 2-6

managing clusters 8-16

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client mode, VTP 15-3

clock

See system clock

clusters, switch

accessing 8-13

automatic discovery 8-5

automatic recovery 8-9

benefits 1-2

compatibility 8-4

described 8-1

LRE profile considerations 8-16

managing

through CLI 8-16

through SNMP 8-17

planning 8-4

planning considerations

automatic discovery 8-5

automatic recovery 8-9

CLI 8-16

host names 8-13

IP addresses 8-13

LRE profiles 8-16

passwords 8-13

RADIUS 8-16

SNMP 8-14, 8-17

switch stacks 8-14

TACACS+ 8-16

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

automatic recovery 8-12

considerations 8-11

defined 8-2

requirements 8-3

virtual IP address 8-11

See also HSRP

CNS 1-6

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-8

management functions 1-6

CoA Request Commands 11-23

Coarse Wave Division Multiplexer

See CWDM SFPs

command-line interface

See CLI

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 11-8

command switch

accessing 8-11

active (AC) 8-9

configuration conflicts 40-12

defined 8-2

passive (PC) 8-9

password privilege levels 8-17

priority 8-9

recovery

from command-switch failure 8-9, 40-8

from lost member connectivity 40-12

redundant 8-9

replacing

with another switch 40-11

with cluster member 40-9

requirements 8-3

standby (SC) 8-9

See also candidate switch, cluster standby group, member switch, and standby command switch

community strings

configuring 8-14, 31-8

for cluster switches 31-4

in clusters 8-14

overview 31-4

SNMP 8-14

compatibility, feature 24-12

compatibility, software

See stacks, switch

config.text 3-18

configurable leave timer, IGMP 23-6

configuration, initial

defaults 1-17

Express Setup 1-2

configuration changes, logging 30-11

configuration conflicts, recovering from lost member connectivity 40-12

configuration examples, network 1-19

configuration files

archiving A-20

clearing the startup configuration A-19

creating using a text editor A-10

default name 3-18

deleting a stored configuration A-19

described A-8

downloading

automatically 3-18

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

guidelines for creating and using A-9

guidelines for replacing and rolling back A-21

invalid combinations when copying A-5

limiting TFTP server access 31-17

obtaining with DHCP 3-8

password recovery disable considerations 11-5

replacing a running configuration A-19, A-20

rolling back a running configuration A-19, A-21

specifying the filename 3-18

system contact and location information 31-17

types and location A-10

uploading

preparing A-10, A-13, A-16

reasons for A-9

using FTP A-15

using RCP A-18

using TFTP A-12

configuration logger 30-11

configuration logging 2-4

configuration replacement A-19

configuration rollback A-19, A-20

configuration settings, saving 3-15

configure terminal command 13-18

configuring 802.1x user distribution 12-58

configuring port-based authentication violation modes 12-42

configuring small-frame arrival rate 24-5

conflicts, configuration 40-12

connections, secure remote 11-42

connectivity problems 40-14, 40-15, 40-17

consistency checks in VTP Version 2 15-5

console port, connecting to 2-10

control protocol, IP SLAs 32-4

corrupted software, recovery steps with Xmodem 40-2

CoS

in Layer 2 frames 34-2

override priority 16-6

trust priority 16-6

CoS input queue threshold map for QoS 34-15

CoS output queue threshold map for QoS 34-18

CoS-to-DSCP map for QoS 34-65

counters, clearing interface 13-43

CPU utilization, troubleshooting 40-28

crashinfo file 40-23

critical authentication, IEEE 802.1x 12-55

critical VLAN 12-25

critical voice VLAN

configuring 12-55

cross-stack EtherChannel

configuration guidelines 39-13

described 39-3

illustration 39-4

support for 1-8

cross-stack UplinkFast, STP

described 19-5

disabling 19-17

enabling 19-17

fast-convergence events 19-7

Fast Uplink Transition Protocol 19-6

normal-convergence events 19-7

support for 1-8

cryptographic software image

SSH 11-41

SSL 11-46

switch stack considerations 9-15

customjzeable web pages, web-based authentication 6-6

CWDM SFPs 1-25

D

DACL

See downloadable ACL

data address gleaning 36-6

daylight saving time 5-8

debugging

enabling all system diagnostics 40-21

enabling for a specific feature 40-20

redirecting error message output 40-21

using commands 40-20

default commands 2-4

default configuration

802.1x 12-36

auto-QoS 34-20

banners 5-12

CDP 26-2

DHCP 21-8

DHCP option 82 21-8

DHCP snooping 21-8

DHCP snooping binding database 21-8

DNS 5-11

dynamic ARP inspection 22-5

EtherChannel 39-11

Ethernet interfaces 13-25

Flex Links 20-8

IGMP filtering 23-24

IGMP snooping 23-7, 37-6

IGMP throttling 23-24

initial switch information 3-3

IP SLAs 32-5

IP source guard 21-15

IPv6 36-11

Layer 2 interfaces 13-25

LLDP 27-5

MAC address table 5-16

MAC address-table move update 20-8

MSTP 18-14

MVR 23-19

optional spanning-tree configuration 19-12

password and privilege level 11-2

RADIUS 11-27

RMON 29-3

RSPAN 28-10

SDM template 10-4

SNMP 31-7

SPAN 28-10

SSL 11-48

standard QoS 34-35

STP 17-13

switch stacks 9-17

system message logging 30-4

system name and prompt 5-10

TACACS+ 11-13

UDLD 25-4

VLAN, Layer 2 Ethernet interfaces 14-15

VLANs 14-8

VMPS 14-25

voice VLAN 16-3

VTP 15-9

default gateway 3-14

default web-based authentication configuration

802.1X 6-9

deleting VLANs 14-9

denial-of-service attack 24-1

description command 13-39

designing your network, examples 1-19

destination addresses

in IPv4 ACLs 33-11

in IPv6 ACLs 38-5

destination-IP address-based forwarding, EtherChannel 39-9

destination-MAC address forwarding, EtherChannel 39-9

detecting indirect link failures, STP 19-8

device A-24

device discovery protocol 26-1, 27-1

device manager

benefits 1-2

described 1-2, 1-5

in-band management 1-7

upgrading a switch A-24

device tracking 36-7

DHCP

enabling

relay agent 21-9

DHCP address gleaning 36-5

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-7

server side 3-6

TFTP server 3-7

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-6

support for 1-6

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP Guard 36-7, 36-15

DHCP option 82

circuit ID suboption 21-5

configuration guidelines 21-8

default configuration 21-8

displaying 21-12

overview 21-3

packet format, suboption

circuit ID 21-5

remote ID 21-5

remote ID suboption 21-5

DHCP server port-based address allocation

configuration guidelines 21-22

default configuration 21-22

described 21-22

displaying 21-25

enabling 21-23

reserved addresses 21-23

DHCP server port-based address assignment

support for 1-6

DHCP snooping

accepting untrusted packets form edge switch 21-3, 21-10

binding database

See DHCP snooping binding database

configuration guidelines 21-8

default configuration 21-8

displaying binding tables 21-12

message exchange process 21-4

option 82 data insertion 21-3

trusted interface 21-2

untrusted interface 21-2

untrusted messages 21-2

DHCP snooping binding database

adding bindings 21-11

binding entries, displaying 21-12

binding file

format 21-6

location 21-6

bindings 21-6

clearing agent statistics 21-12

configuration guidelines 21-9

configuring 21-11

default configuration 21-8

deleting

binding file 21-12

bindings 21-12

database agent 21-12

described 21-6

displaying 21-12

displaying status and statistics 21-12

enabling 21-11

entry 21-6

renewing database 21-12

resetting

delay value 21-12

timeout value 21-12

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS 34-2

Differentiated Services Code Point 34-2

directed unicast requests 1-6

directories

changing A-4

creating and removing A-4

displaying the working A-4

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-11

displaying the configuration 5-12

in IPv6 36-3

overview 5-10

setting up 5-11

support for 1-6

domain names

DNS 5-10

VTP 15-10

Domain Name System

See DNS

downloadable ACL 12-20, 12-22, 12-63

downloading

configuration files

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

image files

deleting old image A-28

preparing A-26, A-30, A-34

reasons for A-24

using CMS 1-2

using FTP A-31

using HTTP 1-2, A-24

using RCP A-35

using TFTP A-27

using the device manager or Network Assistant A-24

DRP

support for 1-15

DSCP 1-14, 34-2

DSCP input queue threshold map for QoS 34-15

DSCP output queue threshold map for QoS 34-18

DSCP-to-CoS map for QoS 34-68

DSCP-to-DSCP-mutation map for QoS 34-69

DSCP transparency 34-45

DTP 1-9, 14-14

dual-action detection 39-6

dual IPv4 and IPv6 templates 36-9

dual protocol stacks

IPv4 and IPv6 36-9

SDM templates supporting 36-9

dual-purpose uplinks

defined 13-4

LEDs 13-5

link selection 13-4, 13-26

setting the type 13-26

dynamic access ports

characteristics 14-4

configuring 14-27

defined 13-3

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 22-1

ARP requests, described 22-1

ARP spoofing attack 22-1

clearing

log buffer 22-16

statistics 22-16

configuration guidelines 22-6

configuring

ACLs for non-DHCP environments 22-9

in DHCP environments 22-7

log buffer 22-14

rate limit for incoming ARP packets 22-4, 22-11

default configuration 22-5

denial-of-service attacks, preventing 22-11

described 22-1

DHCP snooping binding database 22-2

displaying

ARP ACLs 22-15

configuration and operating state 22-15

log buffer 22-16

statistics 22-16

trust state and rate limit 22-15

error-disabled state for exceeding rate limit 22-4

function of 22-2

interface trust states 22-3

log buffer

clearing 22-16

configuring 22-14

displaying 22-16

logging of dropped packets, described 22-5

man-in-the middle attack, described 22-2

network security issues and interface trust states 22-3

priority of ARP ACLs and DHCP snooping entries 22-4

rate limiting of ARP packets

configuring 22-11

described 22-4

error-disabled state 22-4

statistics

clearing 22-16

displaying 22-16

validation checks, performing 22-13

dynamic auto trunking mode 14-14

dynamic desirable trunking mode 14-14

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 14-25

reconfirming 14-28

troubleshooting 14-29

types of connections 14-27

Dynamic Trunking Protocol

See DTP

E

EAC 7-2

editing features

enabling and disabling 2-6

keystrokes used 2-7

wrapped lines 2-8

elections

See stack master

ELIN location 27-3

enable password 11-3

enable secret password 11-3

Enable the FIPS mode 3-23

encryption, CipherSuite 11-48

encryption for passwords 11-3

Endpoint Admission Control (EAC) 7-2

environment variables, function of 3-21

error-disabled state, BPDU 19-2

error messages during command entry 2-4

EtherChannel

automatic creation of 39-5, 39-7

channel groups

binding physical and logical interfaces 39-4

numbering of 39-4

configuration guidelines 39-11

configuring Layer 2 interfaces 39-13

default configuration 39-11

described 39-2

displaying status 39-21

forwarding methods 39-8, 39-15

IEEE 802.3ad, described 39-7

interaction

with STP 39-12

with VLANs 39-12

LACP

described 39-7

displaying status 39-21

hot-standby ports 39-18

interaction with other features 39-8

modes 39-7

port priority 39-19

system priority 39-18

load balancing 39-8, 39-15

PAgP

aggregate-port learners 39-16

compatibility with Catalyst 1900 39-17

described 39-5

displaying status 39-21

interaction with other features 39-7

interaction with virtual switches 39-6

learn method and priority configuration 39-16

modes 39-6

support for 1-4

with dual-action detection 39-6

port-channel interfaces

described 39-4

numbering of 39-4

port groups 13-4

stack changes, effects of 39-10

support for 1-4

EtherChannel guard

described 19-10

disabling 19-18

enabling 19-17

Ethernet management port

active link 13-23

and routing 13-23

and TFTP 13-24

configuring 13-24

default setting 13-23

described 13-22

for network management 13-22

specifying 13-24

supported features 13-23

unsupported features 13-24

Ethernet management port, internal

and routing 13-23

unsupported features 13-24

Ethernet VLANs

adding 14-8

defaults and ranges 14-8

modifying 14-8

EUI 36-3

events, RMON 29-4

examples

network configuration 1-19

expedite queue for QoS 34-82

Express Setup 1-2

See also getting started guide

extended crashinfo file 40-23

extended-range VLANs

configuration guidelines 14-11

configuring 14-11

creating 14-12

defined 14-1

extended system ID

MSTP 18-18

STP 17-4, 17-16

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 12-1

F

fa0 interface 1-7

Fa0 port

See Ethernet management port

failover support 1-8

Fast Convergence 20-3

fastethernet0 port

See Ethernet management port

Fast Uplink Transition Protocol 19-6

features, incompatible 24-12

fiber-optic, detecting unidirectional links 25-1

files

basic crashinfo

description 40-23

location 40-23

copying A-5

crashinfo, description 40-23

deleting A-5

displaying the contents of A-8

extended crashinfo

description 40-25

location 40-25

tar

creating A-6

displaying the contents of A-7

extracting A-7

image file format A-25

file system

displaying available file systems A-2

displaying file information A-3

local file system names A-1

network file system names A-5

setting the default A-3

filtering

IPv6 traffic 38-3, 38-7

non-IP traffic 33-24

show and more command output 2-9

filtering show and more command output 2-9

filters, IP

See ACLs, IP

First Hop Security 36-16

flash device, number of A-1

flexible authentication ordering

configuring 12-65

overview 12-31

Flex Link Multicast Fast Convergence 20-3

Flex Links

configuration guidelines 20-8

configuring 20-9

configuring preferred VLAN 20-12

configuring VLAN load balancing 20-11

default configuration 20-8

description 20-2

link load balancing 20-3

monitoring 20-15

VLANs 20-3

flooded traffic, blocking 24-8

flow-based packet classification 1-14

flowcharts

QoS classification 34-7

QoS egress queueing and scheduling 34-16

QoS ingress queueing and scheduling 34-14

QoS policing and marking 34-11

flowcontrol

configuring 13-30

described 13-30

forward-delay time

MSTP 18-24

STP 17-23

FTP

configuration files

downloading A-13

overview A-12

preparing the server A-13

uploading A-15

image files

deleting old image A-32

downloading A-31

preparing the server A-30

uploading A-32

G

general query 20-5

Generating IGMP Reports 20-4

get-bulk-request operation 31-4

get-next-request operation 31-3, 31-5

get-request operation 31-3, 31-4, 31-5

get-response operation 31-4

Gigabit modules

See SFPs

global configuration mode 2-2

global leave, IGMP 23-13

guest VLAN and 802.1x 12-23

guide mode 1-2

GUIs

See device manager and Network Assistant

H

hello time

MSTP 18-24

STP 17-22

help, for the command line 2-3

HFTM space 40-27

history

changing the buffer size 2-5

described 2-5

disabling 2-6

recalling commands 2-6

history table, level and number of syslog messages 30-10

host names, in clusters 8-13

hosts, limit on dynamic ports 14-29

HP OpenView 1-6

HQATM space 40-27

HSRP

automatic cluster recovery 8-12

cluster standby group considerations 8-11

See also clusters, cluster standby group, and standby command switch

HTTP over SSL

see HTTPS

HTTPS 11-46

configuring 11-50

self-signed certificate 11-47

HTTP secure server 11-46

Hulc Forwarding TCAM Manager

See HFTM space

Hulc QoS/ACL TCAM Manager

See HQATM space

I

ICMP

IPv6 36-3

time-exceeded messages 40-17

traceroute and 40-17

unreachable messages and IPv6 38-4

ICMP ping

executing 40-15

overview 40-14

ICMPv6 36-3

IDS appliances

and ingress RSPAN 28-20

and ingress SPAN 28-14

IEEE 802.1D

See STP

IEEE 802.1p 16-1

IEEE 802.1Q

and trunk ports 13-3

configuration limitations 14-15

encapsulation 14-14

native VLAN for untagged traffic 14-20

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ad, PoE+ 1-16, 13-6

IEEE 802.3af

See PoE

IEEE 802.3x flow control 13-30

ifIndex values, SNMP 31-6

IFS 1-7

IGMP

configurable leave timer

described 23-6

enabling 23-11

flooded multicast traffic

controlling the length of time 23-12

disabling on an interface 23-13

global leave 23-13

query solicitation 23-13

recovering from flood mode 23-13

joining multicast group 23-3

join messages 23-3

leave processing, enabling 23-10, 37-9

leaving multicast group 23-5

queries 23-4

report suppression

described 23-6

disabling 23-15, 37-11

supported versions 23-3

support for 1-4

IGMP filtering

configuring 23-24

default configuration 23-24

described 23-23

monitoring 23-28

support for 1-5

IGMP groups

configuring filtering 23-27

setting the maximum number 23-26

IGMP Immediate Leave

configuration guidelines 23-11

described 23-5

enabling 23-10

IGMP profile

applying 23-26

configuration mode 23-24

configuring 23-25

IGMP snooping

and address aliasing 23-2

and stack changes 23-6

configuring 23-7

default configuration 23-7, 37-6

definition 23-2

enabling and disabling 23-7, 37-7

global configuration 23-7

Immediate Leave 23-5

in the switch stack 23-6

method 23-8

monitoring 23-16, 37-12

querier

configuration guidelines 23-14

configuring 23-14

supported versions 23-3

support for 1-4

VLAN configuration 23-8

IGMP throttling

configuring 23-27

default configuration 23-24

described 23-24

displaying action 23-28

Immediate Leave, IGMP 23-5

enabling 37-9

inaccessible authentication bypass 12-25

support for multiauth ports 12-25

initial configuration

defaults 1-17

Express Setup 1-2

interface

number 13-17

range macros 13-20

interface command13-17to??, 13-17to 13-18

interface configuration mode 2-2

interfaces

auto-MDIX, configuring 13-31

configuration guidelines

duplex and speed 13-28

configuring

procedure 13-18

counters, clearing 13-43

default configuration 13-25

described 13-39

descriptive name, adding 13-39

displaying information about 13-42

flow control 13-30

management 1-5

monitoring 13-42

naming 13-39

physical, identifying 13-17

range of 13-19

restarting 13-43

shutting down 13-43

speed and duplex, configuring 13-29

status 13-42

supported 13-17

types of 13-1

interfaces range macro command 13-20

interface types 13-17

Internet Protocol version 6

See IPv6

inter-VLAN routing 35-1

Intrusion Detection System

See IDS appliances

inventory management TLV 27-3, 27-7

IP ACLs

for QoS classification 34-8

implicit deny 33-9, 33-14

implicit masks 33-9

named 33-14

undefined 33-21

IP addresses

128-bit 36-2

candidate or member 8-4, 8-13

classes of 35-4

cluster access 8-2

command switch 8-3, 8-11, 8-13

discovering 5-25

for IP routing 35-4

IPv6 36-2

redundant clusters 8-11

standby command switch 8-11, 8-13

See also IP information

ip igmp profile command 23-24

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP phones

and QoS 16-1

automatic classification and queueing 34-19

configuring 16-4

ensuring port security with QoS 34-43

trusted boundary for QoS 34-43

IP Port Security for Static Hosts

on a Layer 2 access port 21-17

IP precedence 34-2

IP-precedence-to-DSCP map for QoS 34-66

IP protocols in ACLs 33-11

IP routing

disabling 35-4

enabling 35-3

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 32-1

IP SLAs

benefits 32-2

configuration guidelines 32-5

Control Protocol 32-4

default configuration 32-5

definition 32-1

measuring network performance 32-3

monitoring 32-6

operation 32-3

responder

described 32-4

enabling 32-6

response time 32-4

SNMP support 32-2

supported metrics 32-2

IP source guard

and 802.1x 21-16

and DHCP snooping 21-13

and port security 21-16

and private VLANs 21-16

and routed ports 21-16

and TCAM entries 21-16

and trunk interfaces 21-16

and VRF 21-16

binding configuration

automatic 21-13

manual 21-13

binding table 21-13

configuration guidelines 21-16

default configuration 21-15

described 21-13

disabling 21-17

displaying

active IP or MAC bindings 21-21

bindings 21-21

configuration 21-21

enabling 21-16, 21-18

filtering

source IP address 21-13

source IP and MAC address 21-13

on provisioned switches 21-16

source IP address filtering 21-13

source IP and MAC address filtering 21-13

static bindings

adding 21-16, 21-18

deleting 21-17

static hosts 21-18

IP traceroute

executing 40-18

overview 40-17

IP unicast routing

assigning IP addresses to Layer 3 interfaces 35-4

configuring static routes 35-5

disabling 35-4

enabling 35-3

inter-VLAN 35-1

IP addressing

classes 35-4

configuring 35-4

steps to configure 35-3

subnet mask 35-4

with SVIs 35-3

IPv4 ACLs

applying to interfaces 33-19

extended, creating 33-10

named 33-14

standard, creating 33-9

IPv4 and IPv6

dual protocol stacks 36-8

IPv6

ACLs

displaying 38-8

limitations 38-2

matching criteria 38-3

port 38-1

precedence 38-2

router 38-1

supported 38-2

addresses 36-2

address formats 36-2

and switch stacks 36-10

applications 36-8

assigning address 36-11

autoconfiguration 36-8

configuring static routes 36-20

default configuration 36-11

defined 36-1

forwarding 36-11

ICMP 36-3

monitoring 36-21

neighbor discovery 36-3

SDM templates 37-1, 38-1

stack master functions 36-10

Stateless Autoconfiguration 36-8

supported features 36-2

IPv6 Snooping 36-13

IPv6 traffic, filtering 38-3

J

join messages, IGMP 23-3

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS 34-2

Layer 2 interfaces, default configuration 13-25

Layer 2 traceroute

and ARP 40-16

and CDP 40-16

broadcast traffic 40-16

described 40-16

IP addresses and subnets 40-16

MAC addresses and VLANs 40-16

multicast traffic 40-16

multiple devices on a port 40-17

unicast traffic 40-16

usage guidelines 40-16

Layer 3 features 1-15

Layer 3 interfaces

assigning IP addresses to 35-4

assigning IPv6 addresses to 36-11

changing from Layer 2 mode 35-4

Layer 3 packets, classification methods 34-2

LDAP 4-2

Leaking IGMP Reports 20-4

LEDs, switch

See hardware installation guide

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

link failure, detecting unidirectional 18-8

Link Layer Discovery Protocol

See CDP

link local unicast addresses 36-3

link redundancy

See Flex Links

links, unidirectional 25-1

link-state tracking

configuring 39-23

described 39-21

LLDP

configuring 27-5

characteristics 27-6

default configuration 27-5

enabling 27-6

monitoring and maintaining 27-11

overview 27-1

supported TLVs 27-2

switch stack considerations 27-2

transmission timer and holdtime, setting 27-6

LLDP-MED

configuring

procedures 27-5

TLVs 27-7

monitoring and maintaining 27-11

overview 27-1, 27-2

supported TLVs 27-2

LLDP Media Endpoint Discovery

See LLDP-MED

local SPAN 28-2

location TLV 27-3, 27-7

login authentication

with RADIUS 11-30

with TACACS+ 11-14

login banners 5-12

log messages

See system message logging

Long-Reach Ethernet (LRE) technology 1-21

loop guard

described 19-11

enabling 19-19

support for 1-9

LRE profiles, considerations in switch clusters 8-16

M

MAB

See MAC authentication bypass

MAB inactivity timer

default setting 12-37

range 12-39

MAC/PHY configuration status TLV 27-2

MAC addresses

aging time 5-16

and VLAN association 5-15

building the address table 5-15

default configuration 5-16

disabling learning on a VLAN 5-24

discovering 5-25

displaying 5-24

displaying in the IP source binding table 21-21

dynamic

learning 5-15

removing 5-17

in ACLs 33-24

static

adding 5-21

allowing 5-23, 5-24

characteristics of 5-21

dropping 5-23

removing 5-22

MAC address learning 1-6

MAC address learning, disabling on a VLAN 5-24

MAC address notification, support for 1-16

MAC address-table move update

configuration guidelines 20-8

configuring 20-13

default configuration 20-8

description 20-6

monitoring 20-15

MAC address-to-VLAN mapping 14-24

MAC authentication bypass 12-39

configuring 12-58

overview 12-17

MAC extended access lists

applying to Layer 2 interfaces 33-25

configuring for QoS 34-52

creating 33-24

defined 33-24

for QoS classification 34-5

MACSec 7-2

magic packet 12-28

manageability features 1-6

management access

in-band

browser session 1-7

CLI session 1-7

device manager 1-7

SNMP 1-7

out-of-band console port connection 1-7

management address TLV 27-2

management options

CLI 2-1

clustering 1-3

CNS 4-1

Network Assistant 1-2

overview 1-5

management VLAN

considerations in switch clusters 8-7

discovery through different management VLANs 8-7

mapping tables for QoS

configuring

CoS-to-DSCP 34-65

DSCP 34-65

DSCP-to-CoS 34-68

DSCP-to-DSCP-mutation 34-69

IP-precedence-to-DSCP 34-66

policed-DSCP 34-67

described 34-11

marking

action with aggregate policers 34-62

described 34-4, 34-9

matching

IPv6 ACLs 38-3

matching, IPv4 ACLs 33-7

maximum aging time

MSTP 18-25

STP 17-23

maximum hop count, MSTP 18-25

maximum number of allowed devices, port-based authentication 12-39

MDA

configuration guidelines12-13to 12-14

described 1-11, 12-13

exceptions with authentication process 12-5

membership mode, VLAN port 14-4

member switch

automatic discovery 8-5

defined 8-2

managing 8-16

passwords 8-13

recovering from lost connectivity 40-12

requirements 8-4

See also candidate switch, cluster standby group, and standby command switch

memory consistency check errors

example 40-27

memory consistency check routines 1-5, 40-27

memory consistency integrity 1-5, 40-27

messages, to users through banners 5-12

MIBs

overview 31-1

SNMP interaction with 31-5

mirroring traffic for analysis 28-1

mismatches, autonegotiation 40-12

module number 13-17

monitoring

access groups 33-27

cables for unidirectional links 25-1

CDP 26-5

features 1-16

Flex Links 20-15

IGMP

filters 23-28

snooping 23-16, 37-12

interfaces 13-42

IP SLAs operations 32-6

IPv4 ACL configuration 33-27

IPv6 36-21

IPv6 ACL configuration 38-8

MAC address-table move update 20-15

multicast router interfaces 23-16, 37-12

MVR 23-23

network traffic for analysis with probe 28-2

port

blocking 24-21

protection 24-21

SFP status 13-42, 40-14

speed and duplex mode 13-29

traffic flowing among switches 29-2

traffic suppression 24-21

VLANs 14-13

VMPS 14-29

VTP 15-18

mrouter Port 20-3

mrouter port 20-5

MSTP

boundary ports

configuration guidelines 18-15

described 18-6

BPDU filtering

described 19-3

enabling 19-15

BPDU guard

described 19-2

enabling 19-14

CIST, described 18-3

CIST regional root 18-3

CIST root 18-5

configuration guidelines 18-15, 19-12

configuring

forward-delay time 18-24

hello time 18-24

link type for rapid convergence 18-26

maximum aging time 18-25

maximum hop count 18-25

MST region 18-16

neighbor type 18-26

path cost 18-22

port priority 18-20

root switch 18-18

secondary root switch 18-19

switch priority 18-23

CST

defined 18-3

operations between regions 18-4

default configuration 18-14

default optional feature configuration 19-12

displaying status 18-27

enabling the mode 18-16

EtherChannel guard

described 19-10

enabling 19-17

extended system ID

effects on root switch 18-18

effects on secondary root switch 18-19

unexpected behavior 18-18

IEEE 802.1s

implementation 18-6

port role naming change 18-7

terminology 18-5

instances supported 17-10

interface state, blocking to forwarding 19-2

interoperability and compatibility among modes 17-11

interoperability with IEEE 802.1D

described 18-9

restarting migration process 18-27

IST

defined 18-3

master 18-3

operations within a region 18-3

loop guard

described 19-11

enabling 19-19

mapping VLANs to MST instance 18-16

MST region

CIST 18-3

configuring 18-16

described 18-2

hop-count mechanism 18-5

IST 18-3

supported spanning-tree instances 18-2

optional features supported 1-9

overview 18-2

Port Fast

described 19-2

enabling 19-13

preventing root switch selection 19-10

root guard

described 19-10

enabling 19-18

root switch

configuring 18-18

effects of extended system ID 18-18

unexpected behavior 18-18

shutdown Port Fast-enabled port 19-2

stack changes, effects of 18-8

status, displaying 18-27

multiauth

support for inaccessible authentication bypass 12-25

multiauth mode

See multiple-authentication mode

multicast groups

Immediate Leave 23-5

joining 23-3

leaving 23-5

static joins 23-10, 37-8

multicast router interfaces, monitoring 23-16, 37-12

multicast router ports, adding 23-9, 37-8

multicast storm 24-1

multicast storm-control command 24-4

multicast television application 23-18

multicast VLAN 23-17

Multicast VLAN Registration

See MVR

multidomain authentication

See MDA

multiple authentication 12-14

multiple authentication mode

configuring 12-45

MVR

and address aliasing 23-20

and IGMPv3 23-20

configuration guidelines 23-20

configuring interfaces 23-21

default configuration 23-19

described 23-17

example application 23-18

modes 23-21

monitoring 23-23

multicast television application 23-18

setting global parameters 23-20

support for 1-5

N

NAC

critical authentication 12-25, 12-55

IEEE 802.1x authentication using a RADIUS server 12-60

IEEE 802.1x validation using RADIUS server 12-60

inaccessible authentication bypass 12-55

Layer 2 IEEE 802.1x validation 1-12, 12-31, 12-60

named IPv4 ACLs 33-14

NameSpace Mapper

See NSM

native VLAN

configuring 14-20

default 14-20

NDAC 7-2

NDP address gleaning 36-5

NEAT

configuring 12-61

overview 12-32

neighbor discovery, IPv6 36-3

Network Admission Control

See NAC

Network Assistant

benefits 1-2

described 1-5

downloading image files 1-2

guide mode 1-2

management options 1-2

managing switch stacks 9-2, 9-15

upgrading a switch A-24

wizards 1-2

network configuration examples

cost-effective wiring closet 1-21

increasing network performance 1-20

long-distance, high-bandwidth transport 1-25

providing network services 1-20

server aggregation and Linux server cluster 1-23

small to medium-sized network 1-24

network design

performance 1-20

services 1-20

Network Device Admission Control (NDAC) 7-2

Network Edge Access Topology

See NEAT

network management

CDP 26-1

RMON 29-1

SNMP 31-1

network performance, measuring with IP SLAs 32-3

network policy TLV 27-2, 27-7

Network Time Protocol

See NTP

no commands 2-4

nonhierarchical policy maps

described 34-10

non-IP traffic filtering 33-24

nontrunking mode 14-14

normal-range VLANs 14-5

configuration guidelines 14-6

configuring 14-5

defined 14-1

NSM 4-3

NTP

associations

defined 5-3

overview 5-3

stratum 5-3

support for 1-7

time

services 5-3

synchronizing 5-3

O

OBFL

configuring 40-26

described 40-25

displaying 40-26

offline configuration for switch stacks 9-7

off mode, VTP 15-4

on-board failure logging

See OBFL

online diagnostics

overview 41-1

running tests 41-3

understanding 41-1

open1x

configuring 12-66

open1x authentication

overview 12-31

optimizing system resources 10-1

options, management 1-5

out-of-profile markdown 1-15

P

packet modification, with QoS 34-18

PACL 36-7

PAgP

See EtherChannel

passwords

default configuration 11-2

disabling recovery of 11-5

encrypting 11-3

for security 1-11

in clusters 8-13

overview 11-1

recovery of 40-3

setting

enable 11-3

enable secret 11-3

Telnet 11-6

with usernames 11-7

VTP domain 15-10

path cost

MSTP 18-22

STP 17-20

PC (passive command switch) 8-9

performance, network design 1-20

performance features 1-4

persistent self-signed certificate 11-47

per-user ACLs and Filter-Ids 12-8

per-VLAN spanning-tree plus

See PVST+

physical ports 13-2

PIM-DVMRP, as snooping method 23-8

ping

character output description 40-15

executing 40-15

overview 40-14

PoE

auto mode 13-7

CDP with power consumption, described 13-5

CDP with power negotiation, described 13-5

Cisco intelligent power management 13-5

configuring 13-32

cutoff power

determining 13-8

cutoff-power

support for 13-8

devices supported 13-5

high-power devices operating in low-power mode 13-5

IEEE power classification levels 13-6

monitoring 13-8

monitoring power 13-35

policing power consumption 13-35

policing power usage 13-8

power budgeting 13-33

power consumption 13-9, 13-33

powered-device detection and initial power allocation 13-6

power management modes 13-7

power monitoring 13-8

power negotiation extensions to CDP 13-5

power sensing 13-8

standards supported 13-5

static mode 13-7

total available power 13-10

troubleshooting 40-13

PoE+ 1-16, 13-5, 13-6, 13-32

policed-DSCP map for QoS 34-67

policers

configuring

for each matched traffic class 34-57

for more than one traffic class 34-62

described 34-4

displaying 34-83

number of 34-39

types of 34-10

policing

described 34-4

token-bucket algorithm 34-10

policy maps for QoS

characteristics of 34-57

described 34-8

displaying 34-84

nonhierarchical on physical ports

described 34-10

port ACLs

defined 33-2

types of 33-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 12-16

authentication server

defined 6-2, 12-3

RADIUS server 12-3

client, defined 6-2, 12-3

configuration guidelines 6-9, 12-37

configuring

802.1x authentication 12-43

guest VLAN 12-53

host mode 12-45

inaccessible authentication bypass 12-55

manual re-authentication of a client 12-48

periodic re-authentication 12-47

quiet period 12-48

RADIUS server 6-13, 12-45

RADIUS server parameters on the switch 6-11, 12-44

restricted VLAN 12-54

switch-to-client frame-retransmission number 12-49, 12-50

switch-to-client retransmission time 12-48

violation modes 12-42

default configuration 6-9, 12-36

described 12-1

device roles 6-2, 12-3

displaying statistics 6-17, 12-68

downloadable ACLs and redirect URLs

configuring12-63to12-65, ??to 12-65

overview12-20to 12-22

EAPOL-start frame 12-5

EAP-request/identity frame 12-5

EAP-response/identity frame 12-5

enabling

802.1X authentication 6-11

encapsulation 12-3

flexible authentication ordering

configuring 12-65

overview 12-31

guest VLAN

configuration guidelines 12-23, 12-24

described 12-23

host mode 12-12

inaccessible authentication bypass

configuring 12-55

described 12-25

guidelines 12-38

initiation and message exchange 12-5

magic packet 12-28

maximum number of allowed devices per port 12-39

method lists 12-43

multiple authentication 12-14

per-user ACLs

configuration tasks 12-20

described 12-19

RADIUS server attributes 12-19

ports

authorization state and dot1x port-control command 12-11

authorized and unauthorized 12-10

voice VLAN 12-27

port security

described 12-28

readiness check

configuring 12-39

described 12-17, 12-39

resetting to default values 12-67

stack changes, effects of 12-11

statistics, displaying 12-68

switch

as proxy 6-2, 12-3

RADIUS client 12-3

switch supplicant

configuring 12-61

overview 12-32

user distribution

guidelines 12-30

overview 12-30

VLAN assignment

AAA authorization 12-43

characteristics 12-18

configuration tasks 12-19

described 12-18

voice aware 802.1x security

configuring 12-40

described 12-32, 12-40

voice VLAN

described 12-27

PVID 12-27

VVID 12-27

wake-on-LAN, described 12-28

with ACLs and RADIUS Filter-Id attribute 12-34

port-based authentication methods, supported 12-7

port blocking 1-4, 24-7

port-channel

See EtherChannel

port description TLV 27-2

Port Fast

described 19-2

enabling 19-13

mode, spanning tree 14-26

support for 1-9

port membership modes, VLAN 14-4

port priority

MSTP 18-20

STP 17-18

ports

access 13-3

blocking 24-7

dual-purpose uplink 13-4

dynamic access 14-4

protected 24-6

secure 24-9

static-access 14-4, 14-10

switch 13-2

trunks 14-4, 14-14

VLAN assignments 14-10

port security

aging 24-17

and QoS trusted boundary 34-43

and stacking 24-19

configuring 24-12

default configuration 24-11

described 24-8

displaying 24-21

on trunk ports 24-14

sticky learning 24-9

violations 24-10

with other features 24-11

port-shutdown response, VMPS 14-24

port VLAN ID TLV 27-2

power management TLV 27-3, 27-7

Power over Ethernet

See PoE

preemption, default configuration 20-8

preemption delay, default configuration 20-8

preferential treatment of traffic

See QoS

preventing unauthorized access 11-1

primary links 20-2

priority

overriding CoS 16-6

trusting CoS 16-6

private VLAN edge ports

See protected ports

privileged EXEC mode 2-2

privilege levels

changing the default for lines 11-9

command switch 8-17

exiting 11-10

logging into 11-10

mapping on member switches 8-17

overview 11-2, 11-8

setting a command with 11-8

protected ports 1-11, 24-6

protocol storm protection 24-19

provisioned switches and IP source guard 21-16

provisioning new members for a switch stack 9-7

proxy reports 20-4

pruning, VTP

disabling

in VTP domain 15-16

on a port 14-19

enabling

in VTP domain 15-16

on a port 14-19

examples 15-7

overview 15-6

pruning-eligible list

changing 14-19

for VTP pruning 15-6

VLANs 15-16

PVST+

described 17-10

IEEE 802.1Q trunking interoperability 17-11

instances supported 17-10

Q

QoS

and MQC commands 34-1

auto-QoS

categorizing traffic 34-20

configuration and defaults display 34-34

configuration guidelines 34-32

described 34-19

disabling 34-34

displaying generated commands 34-34

displaying the initial configuration 34-34

effects on running configuration 34-31

list of generated commands 34-22, 34-26

basic model 34-4

classification

class maps, described 34-8

defined 34-4

DSCP transparency, described 34-45

flowchart 34-7

forwarding treatment 34-3

in frames and packets 34-3

IP ACLs, described 34-8

MAC ACLs, described 34-5, 34-8

options for IP traffic 34-6

options for non-IP traffic 34-5

policy maps, described 34-8

trust DSCP, described 34-5

trusted CoS, described 34-5

trust IP precedence, described 34-5

class maps

configuring 34-53

displaying 34-83

configuration guidelines

auto-QoS 34-32

standard QoS 34-37

configuring

aggregate policers 34-62

auto-QoS 34-19

default port CoS value 34-43

DSCP maps 34-65

DSCP transparency 34-45

DSCP trust states bordering another domain 34-45

egress queue characteristics 34-75

ingress queue characteristics 34-71

IP extended ACLs 34-49

IP standard ACLs 34-47

MAC ACLs 34-52

port trust states within the domain 34-41

trusted boundary 34-43

default auto configuration 34-20

default standard configuration 34-35

displaying statistics 34-83

DSCP transparency 34-45

egress queues

allocating buffer space 34-76

buffer allocation scheme, described 34-17

configuring shaped weights for SRR 34-80

configuring shared weights for SRR 34-81

described 34-4

displaying the threshold map 34-79

flowchart 34-16

mapping DSCP or CoS values 34-78

scheduling, described 34-4

setting WTD thresholds 34-76

WTD, described 34-18

enabling globally 34-40

flowcharts

classification 34-7

egress queueing and scheduling 34-16

ingress queueing and scheduling 34-14

policing and marking 34-11

implicit deny 34-8

ingress queues

allocating bandwidth 34-73

allocating buffer space 34-73

buffer and bandwidth allocation, described 34-15

configuring shared weights for SRR 34-73

configuring the priority queue 34-74

described 34-4

displaying the threshold map 34-72

flowchart 34-14

mapping DSCP or CoS values 34-71

priority queue, described 34-15

scheduling, described 34-4

setting WTD thresholds 34-71

WTD, described 34-15

IP phones

automatic classification and queueing 34-19

detection and trusted settings 34-19, 34-43

limiting bandwidth on egress interface 34-82

mapping tables

CoS-to-DSCP 34-65

displaying 34-83

DSCP-to-CoS 34-68

DSCP-to-DSCP-mutation 34-69

IP-precedence-to-DSCP 34-66

policed-DSCP 34-67

types of 34-11

marked-down actions 34-60

marking, described 34-4, 34-9

overview 34-2

packet modification 34-18

policers

configuring 34-60, 34-63

described 34-9

displaying 34-83

number of 34-39

types of 34-10

policies, attaching to an interface 34-9

policing

described 34-4, 34-9

token bucket algorithm 34-10

policy maps

characteristics of 34-57

displaying 34-84

nonhierarchical on physical ports 34-57

QoS label, defined 34-4

queues

configuring egress characteristics 34-75

configuring ingress characteristics 34-71

high priority (expedite) 34-18, 34-82

location of 34-12

SRR, described 34-13

WTD, described 34-12

rewrites 34-18

support for 1-14

trust states

bordering another domain 34-45

described 34-5

trusted device 34-43

within the domain 34-41

quality of service

See QoS

queries, IGMP 23-4

query solicitation, IGMP 23-13

R

RADIUS

attributes

vendor-proprietary 11-38

vendor-specific 11-36

configuring

accounting 11-35

authentication 11-30

authorization 11-34

communication, global 11-28, 11-36

communication, per-server 11-28

multiple UDP ports 11-28

default configuration 11-27

defining AAA server groups 11-32

displaying the configuration 11-40

identifying the server 11-28

in clusters 8-16

limiting the services to the user 11-34

method list, defined 11-27

operation of 11-20

overview 11-18

server load balancing 11-40

suggested network environments 11-19

support for 1-13

tracking services accessed by user 11-35

RADIUS Change of Authorization 11-20

RA Guard 36-7

range

macro 13-20

of interfaces 13-19

rapid convergence 18-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

described 17-10

IEEE 802.1Q trunking interoperability 17-11

instances supported 17-10

Rapid Spanning Tree Protocol

See RSTP

rcommand command 8-16

RCP

configuration files

downloading A-17

overview A-16

preparing the server A-16

uploading A-18

image files

deleting old image A-37

downloading A-35

preparing the server A-34

uploading A-37

readiness check

port-based authentication

configuring 12-39

described 12-17, 12-39

reconfirmation interval, VMPS, changing 14-28

reconfirming dynamic VLAN membership 14-28

recovery procedures 40-1

redirect URL 12-20, 12-22, 12-63

redundancy

EtherChannel 39-3

STP

backbone 17-9

multidrop backbone 19-5

path cost 14-23

port priority 14-21

redundant links and UplinkFast 19-16

reloading software 3-21

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 28-3

report suppression, IGMP

described 23-6

disabling 23-15, 37-11

resequencing ACL entries 33-14

reserved addresses in DHCP pools 21-23

resetting a UDLD-shutdown interface 25-6

responder, IP SLAs

described 32-4

enabling 32-6

response time, measuring with IP SLAs 32-4

restricted VLAN

configuring 12-54

described 12-24

using with IEEE 802.1x 12-24

restricting access

overview 11-1

passwords and privilege levels 11-2

RADIUS 11-18

TACACS+ 11-10

retry count, VMPS, changing 14-28

RFC

1112, IP multicast and IGMP 23-2

1157, SNMPv1 31-2

1166, IP addresses 35-4

1305, NTP 5-3

1757, RMON 29-2

1901, SNMPv2C 31-2

1902 to 1907, SNMPv2 31-2

2236, IP multicast and IGMP 23-2

2273-2275, SNMPv3 31-2

RFC 5176 Compliance 11-21

RMON

default configuration 29-3

displaying status 29-6

enabling alarms and events 29-3

groups supported 29-2

overview 29-2

statistics

collecting group Ethernet 29-6

collecting group history 29-5

support for 1-16

root guard

described 19-10

enabling 19-18

support for 1-9

root switch

MSTP 18-18

STP 17-16

router ACLs

defined 33-2

types of 33-4

RSPAN

and stack changes 28-10

characteristics 28-8

configuration guidelines 28-16

default configuration 28-10

defined 28-3

destination ports 28-7

displaying status 28-23

in a switch stack 28-2

interaction with other features 28-9

monitored ports 28-6

monitoring ports 28-7

overview 1-16, 28-1

received traffic 28-5

sessions

creating 28-17

defined 28-4

limiting source traffic to specific VLANs 28-22

specifying monitored ports 28-17

with ingress traffic enabled 28-20

source ports 28-6

transmitted traffic 28-6

VLAN-based 28-7

RSTP

active topology 18-10

BPDU

format 18-12

processing 18-13

designated port, defined 18-9

designated switch, defined 18-9

interoperability with IEEE 802.1D

described 18-9

restarting migration process 18-27

topology changes 18-13

overview 18-9

port roles

described 18-9

synchronized 18-11

proposal-agreement handshake process 18-10

rapid convergence

cross-stack rapid convergence 18-11

described 18-10

edge ports and Port Fast 18-10

point-to-point links 18-10, 18-26

root ports 18-10

root port, defined 18-9

See also MSTP

running configuration

replacing A-19, A-20

rolling back A-19, A-21

running configuration, saving 3-15

S

SC (standby command switch) 8-9

scheduled reloads 3-21

SCP

and SSH 11-52

configuring 11-53

SDM

templates

configuring 10-5

number of 10-1

SDM template 38-3

configuration guidelines 10-4

configuring 10-4

types of 10-1

Secure Copy Protocol

secure HTTP client

configuring 11-51

displaying 11-52

secure HTTP server

configuring 11-50

displaying 11-52

secure MAC addresses

and switch stacks 24-19

deleting 24-15

maximum number of 24-10

types of 24-9

secure ports

and switch stacks 24-19

secure ports, configuring 24-9

secure remote connections 11-42

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port 24-8

Security Exchange Protocol (SXP) 7-2

security features 1-10

Security Group Access Control List (SGACL) 7-2

Security Group Tag (SGT) 7-2

See SCP

sequence numbers in log messages 30-8

server mode, VTP 15-3

service-provider network, MSTP and RSTP 18-1

set-request operation 31-5

setup program

failed command switch replacement 40-11

replacing failed command switch 40-9

severity levels, defining in system messages 30-9

SFPs

monitoring status of 13-42, 40-14

security and identification 40-13

status, displaying 40-14

SGACL 7-2

SGT 7-2

shaped round robin

See SRR

show access-lists hw-summary command 33-21

show and more command output, filtering 2-9

show cdp traffic command 26-5

show cluster members command 8-16

show configuration command 13-39

show forward command 40-22

show interfaces command 13-29, 13-39

show interfaces switchport 20-4

show lldp traffic command 27-11

show platform forward command 40-22

show platform tcam command 40-27

show running-config command

displaying ACLs 33-19, 33-20

interface description in 13-39

shutdown command on interfaces 13-43

Simple Network Management Protocol

See SNMP

small form-factor pluggable modules

See SFPs

small-frame arrival rate, configuring 24-5

SNAP 26-1

SNMP

accessing MIB variables with 31-5

agent

described 31-4

disabling 31-8

and IP SLAs 32-2

authentication level 31-11

community strings

configuring 31-8

for cluster switches 31-4

overview 31-4

configuration examples 31-18

default configuration 31-7

engine ID 31-7

groups 31-7, 31-10

host 31-7

ifIndex values 31-6

in-band management 1-7

in clusters 8-14

informs

and trap keyword 31-13

described 31-5

differences from traps 31-5

disabling 31-16

enabling 31-16

limiting access by TFTP servers 31-17

limiting system log messages to NMS 30-10

manager functions 1-6, 31-3

managing clusters with 8-17

notifications 31-5

overview 31-1, 31-5

security levels 31-3

setting CPU threshold notification 31-16

status, displaying 31-19

system contact and location 31-17

trap manager, configuring 31-14

traps

described 31-4, 31-5

differences from informs 31-5

disabling 31-16

enabling 31-13

enabling MAC address notification 5-17, 5-19, 5-20

overview 31-1, 31-5

types of 31-13

users 31-7, 31-10

versions supported 31-2

SNMP and Syslog Over IPv6 36-9

SNMPv1 31-2

SNMPv2C 31-3

SNMPv3 31-3

snooping, IGMP 23-2

software compatibility

See stacks, switch

software images

location in flash A-25

recovery procedures 40-2

scheduling reloads 3-22

tar file format, described A-25

See also downloading and uploading

source addresses

in IPv4 ACLs 33-11

in IPv6 ACLs 38-5

source-and-destination-IP address based forwarding, EtherChannel 39-9

source-and-destination MAC address forwarding, EtherChannel 39-9

Source Guard 36-7, 36-16

source-IP address based forwarding, EtherChannel 39-9

source-MAC address forwarding, EtherChannel 39-8

SPAN

and stack changes 28-10

configuration guidelines 28-11

default configuration 28-10

destination ports 28-7

displaying status 28-23

interaction with other features 28-9

monitored ports 28-6

monitoring ports 28-7

overview 1-16, 28-1

ports, restrictions 24-12

received traffic 28-5

sessions

configuring ingress forwarding 28-15, 28-21

creating 28-11

defined 28-4

limiting source traffic to specific VLANs 28-15

removing destination (monitoring) ports 28-13

specifying monitored ports 28-11

with ingress traffic enabled 28-14

source ports 28-6

transmitted traffic 28-6

VLAN-based 28-7

spanning tree and native VLANs 14-15

Spanning Tree Protocol

See STP

SPAN traffic 28-5

SRR

configuring

shaped weights on egress queues 34-80

shared weights on egress queues 34-81

shared weights on ingress queues 34-73

described 34-13

shaped mode 34-13

shared mode 34-13

support for 1-15

SSH

configuring 11-43

cryptographic software image 11-41

described 1-7, 11-42

encryption methods 11-42

switch stack considerations 9-15

user authentication methods, supported 11-42

SSL

configuration guidelines 11-49

configuring a secure HTTP client 11-51

configuring a secure HTTP server 11-50

cryptographic software image 11-46

described 11-46

monitoring 11-52

stack, switch

MAC address of 9-6, 9-18

stack changes, effects on

802.1x port-based authentication 12-11

ACL configuration 33-6

CDP 26-2

cross-stack EtherChannel 39-13

EtherChannel 39-10

IGMP snooping 23-6

IP routing 35-2

MAC address tables 5-16

MSTP 18-8

MVR 23-17

port security 24-19

SDM template selection 10-3

SNMP 31-2

SPAN and RSPAN 28-10

STP 17-12

switch clusters 8-14

system message log 30-2

VLANs 14-7

VTP 15-8

stack master

bridge ID (MAC address) 9-6

defined 9-1

election 9-5

IPv6 36-10

See also stacks, switch

stack member

accessing CLI of specific member 9-22

configuring

member number 9-20

priority value 9-20

defined 9-1

displaying information of 9-22

number 9-6

priority value 9-7

provisioning a new member 9-21

replacing 9-14

See also stacks, switch

stack member number 13-17

stack protocol version 9-10

stacks, switch

accessing CLI of specific member 9-22

assigning information

member number 9-20

priority value 9-20

provisioning a new member 9-21

auto-advise 9-11

auto-copy 9-11

auto-extract 9-11

auto-upgrade 9-11

bridge ID 9-6

CDP considerations 26-2

compatibility, software 9-9

configuration file 9-14

configuration scenarios 9-16

copying an image file from one member to another A-38

default configuration 9-17

description of 9-1

displaying information of 9-22

enabling persistent MAC address timer 9-18

in clusters 8-14

incompatible software and image upgrades 9-13, A-38

IPv6 on 36-10

MAC address considerations 5-16

management connectivity 9-15

managing 9-1

membership 9-3

merged 9-3

MSTP instances supported 17-10

offline configuration

described 9-7

effects of adding a provisioned switch 9-8

effects of removing a provisioned switch 9-9

effects of replacing a provisioned switch 9-9

provisioned configuration, defined 9-7

provisioned switch, defined 9-7

provisioning a new member 9-21

partitioned 9-3, 40-8

provisioned switch

adding 9-8

removing 9-9

replacing 9-9

replacing a failed member 9-14

software compatibility 9-9

software image version 9-9

stack protocol version 9-10

STP

bridge ID 17-3

root port selection 17-3

stack root switch election 17-3

system messages

hostnames in the display 30-1

remotely monitoring 30-2

system prompt consideration 5-9

system-wide configuration considerations 9-14

upgrading A-38

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 9-11

examples 9-12

manual upgrades with auto-advise 9-11

upgrades with auto-extract 9-11

version-mismatch mode

described 9-10

See also stack master and stack member

standby command switch

configuring

considerations 8-11

defined 8-2

priority 8-9

requirements 8-3

virtual IP address 8-11

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

standby links 20-2

startup configuration

booting

manually 3-19

specific image 3-19

clearing A-19

configuration file

automatically downloading 3-18

specifying the filename 3-18

static access ports

assigning to VLAN 14-10

defined 13-3, 14-4

static addresses

See addresses

static MAC addressing 1-11

static routes

configuring 35-5

configuring for IPv6 36-20

static VLAN membership 14-2

statistics

802.1X 6-17

802.1x 12-68

CDP 26-5

interface 13-42

LLDP 27-11

LLDP-MED 27-11

NMSP 27-11

QoS ingress and egress 34-83

RMON group Ethernet 29-6

RMON group history 29-5

SNMP input and output 31-19

VTP 15-18

sticky learning 24-9

storm control

configuring 24-3

described 24-1

disabling 24-5

displaying 24-21

support for 1-4

thresholds 24-2

STP

accelerating root port selection 19-4

BackboneFast

described 19-8

disabling 19-17

enabling 19-17

BPDU filtering

described 19-3

disabling 19-15

enabling 19-15

BPDU guard

described 19-2

disabling 19-14

enabling 19-14

BPDU message exchange 17-3

configuration guidelines 17-14, 19-12

configuring

forward-delay time 17-23

hello time 17-22

maximum aging time 17-23

path cost 17-20

port priority 17-18

root switch 17-16

secondary root switch 17-18

spanning-tree mode 17-15

switch priority 17-21

transmit hold-count 17-24

counters, clearing 17-24

cross-stack UplinkFast

described 19-5

enabling 19-17

default configuration 17-13

default optional feature configuration 19-12

designated port, defined 17-4

designated switch, defined 17-4

detecting indirect link failures 19-8

disabling 17-16

displaying status 17-24

EtherChannel guard

described 19-10

disabling 19-18

enabling 19-17

extended system ID

effects on root switch 17-16

effects on the secondary root switch 17-18

overview 17-4

unexpected behavior 17-16

features supported 1-8

IEEE 802.1D and bridge ID 17-4

IEEE 802.1D and multicast addresses 17-9

IEEE 802.1t and VLAN identifier 17-5

inferior BPDU 17-3

instances supported 17-10

interface state, blocking to forwarding 19-2

interface states

blocking 17-6

disabled 17-8

forwarding 17-6, 17-7

learning 17-7

listening 17-7

overview 17-5

interoperability and compatibility among modes 17-11

limitations with IEEE 802.1Q trunks 17-11

load sharing

overview 14-20

using path costs 14-23

using port priorities 14-21

loop guard

described 19-11

enabling 19-19

modes supported 17-10

multicast addresses, effect of 17-9

optional features supported 1-9

overview 17-2

path costs 14-23

Port Fast

described 19-2

enabling 19-13

port priorities 14-22

preventing root switch selection 19-10

protocols supported 17-10

redundant connectivity 17-9

root guard

described 19-10

enabling 19-18

root port, defined 17-3

root port selection on a switch stack 17-3

root switch

configuring 17-16

effects of extended system ID 17-4, 17-16

election 17-3

unexpected behavior 17-16

shutdown Port Fast-enabled port 19-2

stack changes, effects of 17-12

status, displaying 17-24

superior BPDU 17-3

timers, described 17-22

UplinkFast

described 19-4

enabling 19-16

stratum, NTP 5-3

subnet mask 35-4

success response, VMPS 14-25

summer time 5-8

SunNet Manager 1-6

supported port-based authentication methods 12-7

SVIs

and IP unicast routing 35-3

and router ACLs 33-4

connecting VLANs 13-11

defined 13-3

switch 36-2

switch clustering technology 8-1

See also clusters, switch

switch console port 1-7

Switch Database Management

See SDM

Switched Port Analyzer

See SPAN

switched ports 13-2

switchport backup interface 20-4, 20-5

switchport block multicast command 24-8

switchport block unicast command 24-8

switchport protected command 24-7

switch priority

MSTP 18-23

STP 17-21

switch software features 1-1

switch virtual interface

See SVI

SXP 7-2

syslog

See system message logging

system capabilities TLV 27-2

system clock

configuring

daylight saving time 5-8

manually 5-6

summer time 5-8

time zones 5-7

displaying the time and date 5-6

overview 5-2

See also NTP

system description TLV 27-2

system message logging

default configuration 30-4

defining error message severity levels 30-9

disabling 30-4

displaying the configuration 30-14

enabling 30-5

facility keywords, described 30-14

level keywords, described 30-10

limiting messages 30-10

message format 30-2

overview 30-1

sequence numbers, enabling and disabling 30-8

setting the display destination device 30-5

stack changes, effects of 30-2

synchronizing log messages 30-6

syslog facility 1-16

time stamps, enabling and disabling 30-8

UNIX syslog servers

configuring the daemon 30-13

configuring the logging facility 30-13

facilities supported 30-14

system name

default configuration 5-10

default setting 5-10

manual configuration 5-10

See also DNS

system name TLV 27-2

system prompt, default setting 5-9, 5-10

system resources, optimizing 10-1

T

TACACS+

accounting, defined 11-12

authentication, defined 11-11

authorization, defined 11-12

configuring

accounting 11-17

authentication key 11-13

authorization 11-16

login authentication 11-14

default configuration 11-13

displaying the configuration 11-18

identifying the server 11-13

in clusters 8-16

limiting the services to the user 11-16

operation of 11-12

overview 11-10

support for 1-13

tracking services accessed by user 11-17

tar files

creating A-6

displaying the contents of A-7

extracting A-7

image file format A-25

TCAM

memory consistency check errors

example 40-27

memory consistency check routines 1-5, 40-27

memory consistency integrity 1-5, 40-27

space

HFTM 40-27

HQATM 40-27

unassigned 40-27

TDR 1-16

Telnet

accessing management interfaces 2-10

number of connections 1-7

setting a password 11-6

temporary self-signed certificate 11-47

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 11-6

ternary content addressable memory

See TCAM

TFTP

configuration files

downloading A-11

preparing the server A-10

uploading A-12

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting A-28

downloading A-27

preparing the server A-26

uploading A-29

limiting access by servers 31-17

TFTP server 1-6

threshold, traffic level 24-2

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 33-16

time ranges in ACLs 33-16

time stamps in log messages 30-8

time zones 5-7

TLVs

defined 27-2

LLDP 27-2

LLDP-MED 27-2

Token Ring VLANs

support for 14-6

VTP support 15-5

ToS 1-14

traceroute, Layer 2

and ARP 40-16

and CDP 40-16

broadcast traffic 40-16

described 40-16

IP addresses and subnets 40-16

MAC addresses and VLANs 40-16

multicast traffic 40-16

multiple devices on a port 40-17

unicast traffic 40-16

usage guidelines 40-16

traceroute command 40-18

See also IP traceroute

traffic

blocking flooded 24-8

fragmented 33-5

fragmented IPv6 38-2

unfragmented 33-5

traffic policing 1-14

traffic suppression 24-2

transmit hold-count

see STP

transparent mode, VTP 15-4

trap-door mechanism 3-2

traps

configuring MAC address notification 5-17, 5-19, 5-20

configuring managers 31-13

defined 31-4

enabling 5-17, 5-19, 5-20, 31-13

notification types 31-13

overview 31-1, 31-5

troubleshooting

connectivity problems 40-14, 40-15, 40-17

CPU utilization 40-28

detecting unidirectional links 25-1

displaying crash information 40-23

setting packet forwarding 40-22

SFP security and identification 40-13

show forward command 40-22

with CiscoWorks 31-5

with debug commands 40-20

with ping 40-14

with system message logging 30-1

with traceroute 40-17

trunk failover

See link-state tracking

trunking encapsulation 1-9

trunk ports

configuring 14-17

defined 13-3, 14-4

trunks

allowed-VLAN list 14-18

load sharing

setting STP path costs 14-23

using STP port priorities 14-21, 14-22

native VLAN for untagged traffic 14-20

parallel 14-23

pruning-eligible list 14-19

to non-DTP device 14-14

trusted boundary for QoS 34-43

trusted port states

between QoS domains 34-45

classification options 34-5

ensuring port security for IP phones 34-43

support for 1-14

within a QoS domain 34-41

trustpoints, CA 11-46

twisted-pair Ethernet, detecting unidirectional links 25-1

type of service

See ToS

U

UDLD

configuration guidelines 25-4

default configuration 25-4

disabling

globally 25-5

on fiber-optic interfaces 25-5

per interface 25-6

echoing detection mechanism 25-3

enabling

globally 25-5

per interface 25-6

link-detection mechanism 25-1

neighbor database 25-2

overview 25-1

resetting an interface 25-6

status, displaying 25-7

support for 1-8

unauthorized ports with IEEE 802.1x 12-10

unicast MAC address filtering 1-6

and adding static addresses 5-22

and broadcast MAC addresses 5-22

and CPU packets 5-22

and multicast addresses 5-22

and router MAC addresses 5-22

configuration guidelines 5-22

described 5-22

unicast storm 24-1

unicast storm control command 24-4

unicast traffic, blocking 24-8

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration 30-13

facilities supported 30-14

message logging configuration 30-13

unrecognized Type-Length-Value (TLV) support 15-5

upgrading a Catalyst 2950 switch

configuration compatibility issues C-1

differences in configuration commands C-1

feature behavior incompatibilities C-5

incompatible command messages C-1

recommendations C-1

upgrading software images

See downloading

UplinkFast

described 19-4

disabling 19-16

enabling 19-16

support for 1-8

uploading

configuration files

preparing A-10, A-13, A-16

reasons for A-9

using FTP A-15

using RCP A-18

using TFTP A-12

image files

preparing A-26, A-30, A-34

reasons for A-24

using FTP A-32

using RCP A-37

using TFTP A-29

USB mini-Type B console port 13-12

USB Type A port 1-8

user EXEC mode 2-2

username-based authentication 11-7

V

version-dependent transparent mode 15-5

version-mismatch (VM) mode

automatic upgrades with auto-upgrade 9-11

manual upgrades with auto-advise 9-11

upgrades with auto-extract 9-11

version-mismatch mode

described 9-10

virtual IP address

cluster standby group 8-11

command switch 8-11

virtual switches and PAgP 39-6

vlan.dat file 14-5

VLAN 1, disabling on a trunk port 14-18

VLAN 1 minimization 14-18

vlan-assignment response, VMPS 14-24

VLAN configuration

at bootup 14-7

saving 14-7

VLAN configuration mode 2-2

VLAN database

and startup configuration file 14-7

and VTP 15-1

VLAN configuration saved in 14-7

VLANs saved in 14-5

VLAN filtering and SPAN 28-7

vlan global configuration command 14-7

VLAN ID, discovering 5-25

VLAN load balancing on flex links 20-3

configuration guidelines 20-8

VLAN management domain 15-2

VLAN Management Policy Server

See VMPS

VLAN membership

confirming 14-28

modes 14-4

VLAN Query Protocol

See VQP

VLANs

adding 14-8

adding to VLAN database 14-8

aging dynamic addresses 17-10

allowed on trunk 14-18

and spanning-tree instances 14-3, 14-7, 14-12

configuration guidelines, extended-range VLANs 14-11

configuration guidelines, normal-range VLANs 14-6

configuring 14-1

configuring IDs 1006 to 4094 14-11

connecting through SVIs 13-11

creating 14-9

default configuration 14-8

deleting 14-9

described 13-2, 14-1

displaying 14-13

extended-range 14-1, 14-11

features 1-9

illustrated 14-2

in the switch stack 14-7

limiting source traffic with RSPAN 28-22

limiting source traffic with SPAN 28-15

modifying 14-8

multicast 23-17

native, configuring 14-20

normal-range 14-1, 14-5

number supported 1-9

parameters 14-5

port membership modes 14-4

static-access ports 14-10

STP and IEEE 802.1Q trunks 17-11

supported 14-3

Token Ring 14-6

traffic between 14-2

VTP modes 15-3

VLAN Trunking Protocol

See VTP

VLAN trunks 14-14

VMPS

administering 14-29

configuration example 14-29

configuration guidelines 14-26

default configuration 14-25

description 14-24

dynamic port membership

described 14-25

reconfirming 14-28

troubleshooting 14-29

entering server address 14-26

mapping MAC addresses to VLANs 14-24

monitoring 14-29

reconfirmation interval, changing 14-28

reconfirming membership 14-28

retry count, changing 14-28

voice aware 802.1x security

port-based authentication

configuring 12-40

described 12-32, 12-40

voice-over-IP 16-1

voice VLAN

Cisco 7960 phone, port connections 16-1

configuration guidelines 16-3

configuring IP phones for data traffic

override CoS of incoming frame 16-6

trust CoS priority of incoming frame 16-6

configuring ports for voice traffic in

802.1p priority tagged frames 16-5

802.1Q frames 16-5

connecting to an IP phone 16-4

default configuration 16-3

described 16-1

displaying 16-7

IP phone data traffic, described 16-2

IP phone voice traffic, described 16-2

VQP 1-9, 14-24

VTP

adding a client to a domain 15-17

advertisements 14-16, 15-4

and extended-range VLANs 14-3, 15-2

and normal-range VLANs 14-3, 15-2

client mode, configuring 15-13

configuration

guidelines 15-9

requirements 15-11

saving 15-9

configuration requirements 15-11

configuration revision number

guideline 15-17

resetting 15-17

consistency checks 15-5

default configuration 15-9

described 15-1

domain names 15-10

domains 15-2

modes

client 15-3

off 15-4

server 15-3

transitions 15-3

transparent 15-4

monitoring 15-18

passwords 15-10

pruning

disabling 15-16

enabling 15-16

examples 15-7

overview 15-6

support for 1-9

pruning-eligible list, changing 14-19

server mode, configuring 15-11, 15-14

statistics 15-18

support for 1-9

Token Ring support 15-5

transparent mode, configuring 15-12

using 15-1

Version

enabling 15-15

version, guidelines 15-10

Version 1 15-5

Version 2

configuration guidelines 15-10

overview 15-5

Version 3

overview 15-5

W

web authentication 12-17

configuring6-16to ??

described 1-10

web-based authentication

customizeable web pages 6-6

description 6-1

web-based authentication, interactions with other features 6-7

weighted tail drop

See WTD

wired location service

configuring 27-9

displaying 27-11

location TLV 27-3

understanding 27-4

wizards 1-2

WTD

described 34-12

setting thresholds

egress queue-sets 34-76

ingress queues 34-71

support for 1-15

X

Xmodem protocol 40-2