Catalyst 3550 Multilayer Switch Software Configuration Guide, Rel. 12.2(25)SE
Index
Downloads: This chapterpdf (PDF - 1.54MB) The complete bookPDF (PDF - 10.6MB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

Numerics

144-bit Layer 3 TCAM     6-28, 30-63

802.1D

See STP

802.1Q

and trunk ports     9-3

configuration limitations     11-18

encapsulation     11-16

native VLAN for untagged traffic     11-23

tunneling

compatibility with other features     14-5

defaults     14-4

described     14-1

tunnel ports and ACLs     27-3

tunnel ports with other features     14-6

802.1s

See MSTP

802.1w

See RSTP

802.1x

See port-based authentication

802.3af

See PoE

802.3z flow control     9-18

A

abbreviating commands     2-3

ABRs     30-24

access-class command     27-20

access control entries

See ACEs

access-denied response, VMPS     11-27

access groups

IP     27-21

Layer 3     27-21

access lists

See ACLs

access ports

and Layer 2 protocol tunneling     14-10

defined     9-3

accounting

with 802.1x     8-5, 8-23

with RADIUS     7-28

with TACACS+     7-11, 7-17

ACEs

and QoS     28-7

defined     27-2

Ethernet     27-2

IP     27-2

ACLs

ACEs     27-2

and logging     27-7

any keyword     27-13

applying

on bridged packets     27-38

on multicast packets     27-39

on routed packets     27-38

on switched packets     27-37

time ranges to     27-17

to Layer 2 and Layer 3 interfaces     27-20

to QoS     28-7

classifying traffic for QoS     28-37

comments in     27-19

compatibility on the same switch     27-2

ACLs (continued)

compiling     27-21

configuration conflict examples     27-43

configuring with VLAN maps     27-36

defined     27-1

examples, not fitting in hardware     27-44

examples of     27-21, 28-37

extended IP

configuring for QoS classification     28-38

creating     27-11

matching criteria     27-8

feature manager     27-42

hardware and software handling     27-6

hardware support for     27-6

host keyword     27-13

IP

applying to interface     27-19

creating     27-8

defined     27-8

fragments and QoS guidelines     28-28

implicit deny     27-10, 27-14, 27-16

implicit masks     27-10

matching criteria     27-8

matching criteria for port ACLs     27-4

matching criteria for router ACLs     27-3

named     27-15

options and QoS guidelines     28-28

undefined     27-21

violations, logging     27-16

virtual terminal lines, setting on     27-19

limiting actions     27-37

logging messages     27-10

log keyword     27-16

MAC extended     27-26, 28-39

matching     27-8, 27-21, 27-28

merge failure examples     27-45

monitoring     27-40

named     27-15

not fitting in hardware     27-44

ACLs (continued)

number per QoS class map     28-28

numbers     27-8

policy maps and QoS classification     28-28

port

and voice VLAN     27-4

defined     27-2

limitations     27-4

QoS     28-7, 28-37

resequencing entries     27-15

router     27-2

standard IP

configuring for QoS classification     28-37

creating     27-9

matching criteria     27-8

support for     1-5

time ranges     27-17

undefined     27-28

unsupported features     27-7

using router ACLs with VLAN maps     27-36

VLAN maps

configuration guidelines     27-30

configuring     27-29

defined     27-4

active router     31-1

addresses

displaying the MAC address table     6-27

dynamic

accelerated aging     15-8

changing the aging time     6-22

default aging     15-8

defined     6-20

learning     6-21

preventing frame forwarding     35-5

removing     6-23

filtering frames by MAC address     35-6

MAC, discovering     6-30

addresses (continued)

multicast

group address range     33-1, 33-3

STP address management     15-8

static

adding and removing     6-25

defined     6-20

address resolution     6-30, 30-8

Address Resolution Protocol

See ARP

See ARP table

adjacency tables, with CEF     30-70

administrative distances

defined     30-80

OSPF     30-29

routing protocol defaults     30-72

advertisements

CDP     21-1

RIP     30-19

VTP     11-19, 12-3

aggregate addresses, BGP     30-55

aggregated ports

See EtherChannel

aggregate policers     28-50

aggregate policing     1-6

aging, accelerating     15-8

aging time

accelerated

for MSTP     16-20

for STP     15-8, 15-22

bridge table for fallback bridging     35-6

MAC address table     6-22

maximum

for MSTP     16-21

for STP     15-22

alarms, RMON     24-3

allowed-VLAN list     11-21

area border routers

See ABRs

ARP

configuring     30-9

defined     30-8

encapsulation     30-10

static cache configuration     30-9

support for     1-3

ARP table

address resolution     6-30

managing     6-30

ASBRs     30-24

AS-path filters, BGP     30-49

asymmetrical links, and 802.1Q tunneling     14-4

attributes, RADIUS

vendor-proprietary     7-31

vendor-specific     7-29

audience     xxxv

authentication

EIGRP     30-37

HSRP     31-8

local mode with AAA     7-36

NTP associations     6-5

RADIUS

defined     7-18

key     7-21

login     7-23

TACACS+

defined     7-11

key     7-13

login     7-14

See also port-based authentication

authentication keys, and routing protocols     30-81

authoritative time source, described     6-2

authorization

with RADIUS     7-27

with TACACS+     7-11, 7-16

authorized ports with 802.1x     8-4

autoconfiguration     3-3

automatic QoS

See QoS

autonegotiation

duplex mode     1-2

interface configuration guidelines     9-16

mismatches     36-10

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP     30-43

Auto-RP, described     33-5

autosensing, port speed     1-2

auxiliary VLAN

See voice VLAN

B

BackboneFast

described     17-9

enabling     17-18

support for     1-4

bandwidth for QoS

allocating     28-64

described     28-13

banners

configuring

login     6-20

message-of-the-day login     6-19

default configuration     6-18

when displayed     6-18

BGP

aggregate addresses     30-55

aggregate routes, configuring     30-55

CIDR     30-55

clear commands     30-58

community filtering     30-51

configuring neighbors     30-53

default configuration     30-41

described     30-40

enabling     30-43

monitoring     30-58

multipath support     30-46

BGP (continued)

neighbors, types of     30-43

path selection     30-46

peers, configuring     30-53

prefix filtering     30-50

resetting sessions     30-45

route dampening     30-57

route maps     30-48

route reflectors     30-56

routing domain confederation     30-55

routing session with multi-VRF CE     30-65

show commands     30-58

supernets     30-55

support for     1-7

Version 4     30-40

binding cluster group and HSRP group     31-10

binding database, DHCP snooping

See DHCP snooping binding database

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets     20-6

booting

boot loader, function of     3-2

boot process     3-1

manually     3-12

specific image     3-13

boot loader

accessing     3-14

described     3-2

environment variables     3-14

prompt     3-14

trap-door mechanism     3-2

bootstrap router (BSR), described     33-5

Border Gateway Protocol

See BGP

BPDU

error-disabled state     17-2

filtering     17-3

RSTP format     16-9

BPDU filtering

described     17-3

enabling     17-15

support for     1-4

BPDU guard

described     17-2

enabling     17-15

support for     1-4

bridged packets, ACLs on     27-38

bridge groups

See fallback bridging

bridge protocol data unit

See BPDU

broadcast flooding     30-16

broadcast packets

directed     30-13

flooded     30-13

broadcast storm control

See storm control

broadcast storm-control command     20-4

broadcast storms     30-13

C

cables, monitoring for unidirectional links     22-1

cache engines, redirecting traffic to     32-1

CAMs, ACLs not loading in     27-44

candidate switch

defined     5-3

requirements     5-3

See also command switch, cluster standby group, and member switch

CA trustpoint

configuring     7-44

defined     7-42

caution, described     xxxvi

CDP

and trusted boundary     28-33

configuring     21-2

default configuration     21-2

described     21-1

disabling for routing device     21-3, 21-4

enabling and disabling

on an interface     21-4

on a switch     21-3

Layer 2 protocol tunneling     14-7

monitoring     21-5

overview     21-1

power negotiation extensions     9-6

support for     1-3

transmission timer and holdtime, setting     21-2

updates     21-2

CEF     30-70

CGMP

as IGMP snooping learning method     19-8

clearing cached group entries     33-52

enabling server support     33-32

joining multicast group     19-3

overview     33-8

server support only     33-8

switch support of     1-2

CIDR     30-55

CipherSuites     7-43

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco Group Management Protocol

See CGMP

Cisco Intelligence Engine 2100 Series Configuration Registrar

See IE2100

Cisco intelligent power management     9-6

Cisco IOS File System

See IFS

Cisco Network Assistant

See Network Assistant

Cisco Networking Services

See IE2100

CiscoWorks 2000     1-9, 26-4

classless interdomain routing

See CIDR

classless routing     30-7

class maps for QoS

configuring per physical port     28-40

configuring per-port per-VLAN     28-42

described     28-7

displaying     28-70

class of service

See CoS

clearing interfaces     9-22

CLI

abbreviating commands     2-3

command modes     2-1

described     1-8

editing features

enabling and disabling     2-6

keystroke editing     2-6

wrapped lines     2-7

error messages     2-4

filtering command output     2-8

getting help     2-3

history

changing the buffer size     2-4

described     2-4

disabling     2-5

recalling commands     2-5

managing clusters     5-3

no and default forms of commands     2-3

client mode, VTP     12-3

clock

See system clock

clusters, switch

benefits     1-9

described     5-1

managing

through CLI     5-3

through SNMP     5-4

planning considerations

CLI     5-3

SNMP     5-4

cluster standby group

and HSRP group     31-10

requirements     5-2

Coarse Wave Division Multiplexer GBIC modules

See CWDM GBIC modules

command-line interface

See CLI

command modes     2-1

commands

abbreviating     2-3

no and default     2-3

setting privilege levels     7-8

command switch

configuration conflicts     36-10

defined     5-1

password privilege levels     5-4

recovery

from failure     36-6

from lost member connectivity     36-10

replacing

with another switch     36-9

with cluster member     36-7

requirements     5-2

See also candidate switch, cluster standby group, member switch, and standby command switch

community list, BGP     30-52

community strings

configuring     26-7

for cluster switches     26-4

overview     26-4

config.text     3-11

configuration conflicts

ACL, displaying     27-43

recovering from lost member connectivity     36-10

configuration examples, network     1-10

configuration files

clearing the startup configuration     B-18

creating using a text editor     B-9

default name     3-11

deleting a stored configuration     B-18

described     B-7

downloading

automatically     3-12

preparing     B-10, B-12, B-15

reasons for     B-7

using FTP     B-12

using RCP     B-16

using TFTP     B-10

guidelines for creating and using     B-8

invalid combinations when copying     B-5

limiting TFTP server access     26-15

obtaining with DHCP     3-7

password recovery disable considerations     7-5

specifying the filename     3-12

system contact and location information     26-15

types and location     B-9

uploading

preparing     B-10, B-12, B-15

reasons for     B-8

using FTP     B-13

using RCP     B-17

using TFTP     B-11

VMPS database     11-28

configuration guidelines, multi-VRF CE     30-62

configuration settings, saving     3-11

configure terminal command     9-10

configuring PoE     9-17

config-vlan mode     2-2, 11-6

conflicts, configuration     36-10

congestion-avoidance techniques     28-12

congestion-management techniques     28-12, 28-15

connections, secure remote     7-38

connectivity problems     36-11

consistency checks in VTP version 2     12-4

console port, connecting to     2-9

content-routing technology

See WCCP

conventions

command     xxxvi

for examples     xxxvi

publication     xxxvi

text     xxxvi

CoS

in Layer 2 frames     28-2

override priority     13-5

trust priority     13-6

CoS-to-DSCP map for QoS     28-53

CoS-to-egress-queue map     28-59

counters, clearing interface     9-22

CPU q, in show forward command output     36-20

crashinfo file     36-21

cross-stack UplinkFast, STP

connecting stack ports     17-7

described     17-5

enabling     17-17

fast-convergence events     17-7

Fast Uplink Transition Protocol     17-6

limitations     17-7

normal-convergence events     17-7

Stack Membership Discovery Protocol     17-6

support for     1-4

cryptographic software image

Kerberos     7-32

SSL     7-41

customer edge devices     30-60

CWDM GBIC modules, network example     1-18

CWDM OADM modules     1-18

D

daylight saving time     6-13

debugging

enabling all system diagnostics     36-18

enabling for a specific feature     36-17

redirecting error message output     36-18

using commands     36-17

default commands     2-3

default configuration

802.1Q tunneling     14-4

802.1x     8-10

auto-QoS     28-18

banners     6-18

BGP     30-41

booting     3-11

CDP     21-2

DHCP     18-6

DHCP option 82     18-6

DHCP snooping     18-6

DNS     6-17

EIGRP     30-34

EtherChannel     29-8

fallback bridging     35-3

HSRP     31-4

IGMP     33-26

IGMP filtering     19-20

IGMP snooping     19-7

IGMP throttling     19-20

initial switch information     3-3

IP addressing, IP routing     30-4

IP multicast routing     33-8

Layer 2 interfaces     9-14

Layer 2 protocol tunneling     14-10

MAC address table     6-22

MSDP     34-4

MSTP     16-12

multi-VRF CE     30-62

MVR     19-15

default configuration (continued)

NTP     6-4

optional spanning-tree features     17-13

OSPF     30-25

password and privilege level     7-2

port security     20-9

RADIUS     7-20

RIP     30-19

RMON     24-3

RSPAN     23-8

SNMP     26-6

SPAN     23-8

SSL     7-44

standard QoS     28-26

storm control     20-3

STP     15-11

system message logging     25-3

system name and prompt     6-15

TACACS+     7-13

UDLD     22-4

VLAN, Layer 2 Ethernet interfaces     11-19

VLANs     11-7

VMPS     11-29

voice VLAN     13-2

VTP     12-6

WCCP     32-5

default gateway     3-10, 30-11

default networks     30-73

default routes     30-73

default routing     30-2

deleting VLANs     11-10

description command     9-19

designing your network, examples     1-10

destination addresses, in ACLs     27-12

detecting indirect link failures, STP     17-9

device     B-18

device discovery protocol     21-1

device manager

described     1-1, 1-8

upgrading a switch     B-18

DHCP-based autoconfiguration

client request message exchange     3-4

configuring

client side     3-3

DNS     3-6

relay device     3-6

server-side     3-5, 18-8

TFTP server     3-6

example     3-8

lease options

for IP address information     3-5

for receiving the configuration file     3-5

overview     3-3

relationship to BOOTP     3-3

relay support     1-7

support for     1-3

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption     18-4

configuration guidelines     18-6

default configuration     18-6

displaying     18-13

enabling

relay agent     18-8

relay agent information option     18-8

forwarding address, specifying     18-10

helper address     18-10

overview     18-3

packet format

circuit ID suboption     18-4

remote ID suboption     18-4

policy for reforwarding     18-9

reforwarding policy     18-9

DHCP option 82 (continued)

remote ID suboption     18-4

support for     1-3

validating     18-9

DHCP relay agent     18-8

DHCP server     18-8

DHCP snooping

binding database

See DHCP snooping binding database

configuration guidelines     18-6

default configuration     18-6

displaying binding tables     18-13

displaying configuration     18-13

message exchange process     18-4

option 82 data insertion     18-3

trusted interface     18-2

untrusted interface     18-2

untrusted messages     18-2

DHCP snooping binding database

described     18-2

displaying     18-13

entries     18-2

DHCP snooping binding table

See DHCP snooping binding database

Differentiated Services architecture, QoS     28-2

Differentiated Services Code Point     28-2

Diffusing Update Algorithm (DUAL)     30-33

directed unicast requests     1-3

directories

changing     B-3

creating and removing     B-4

displaying the working     B-3

Distance Vector Multicast Routing Protocol

See DVMRP

distance-vector protocols     30-2

distribute-list command     30-80

DNS

and DHCP-based autoconfiguration     3-6

default configuration     6-17

displaying the configuration     6-18

overview     6-16

setting up     6-17

support for     1-3

documentation, related     xxxvii

document conventions     xxxvi

domain names

DNS     6-16

VTP     12-8

Domain Name System

See DNS

dot1q-tunnel switchport mode     11-17

double-tagged packets

802.1Q tunneling     14-2

Layer 2 protocol tunneling     14-9

downloading

configuration files

preparing     B-10, B-12, B-15

reasons for     B-7

using FTP     B-12

using RCP     B-16

using TFTP     B-10

image files

deleting old image     B-22

preparing     B-20, B-23, B-27

reasons for     B-18

using CMS     1-2

using FTP     B-24

using HTTP     1-2, B-18

using Network Assistant     1-2

using RCP     B-28

using TFTP     B-21

using the device manager or Network Assistant     B-18

drop threshold for Layer 2 protocol packets     14-10

DSCP     1-6, 28-2

DSCP-to-CoS map for QoS     28-55

DSCP-to-DSCP-mutation map for QoS     28-57

DSCP-to-threshold map for QoS     28-61

DTP     1-4, 11-16

DUAL finite state machine, EIGRP     30-33

duplex mode, configuring     9-15

DVMRP

autosummarization

configuring a summary address     33-48

disabling     33-50

connecting PIM domain to DVMRP router     33-40

enabling unicast routing     33-44

interoperability

with Cisco devices     33-38

with IOS software     33-7

mrinfo requests, responding to     33-43

neighbors

advertising the default route to     33-42

discovery with Probe messages     33-38

displaying information     33-43

prevent peering with nonpruning     33-46

rejecting nonpruning     33-45

overview     33-7

routes

adding a metric offset     33-50

advertising all     33-50

advertising the default route to neighbors     33-42

caching DVMRP routes learned in report messages     33-44

changing the threshold for syslog messages     33-47

deleting     33-52

displaying     33-52

favoring one over another     33-50

limiting the number injected into MBONE     33-47

limiting unicast route advertisements     33-38

routing table     33-8

source distribution tree, building     33-8

support for     1-7

DVMRP (continued)

tunnels

configuring     33-40

displaying neighbor information     33-43

dynamic access ports

characteristics     11-3

configuring     11-30

defined     9-3

dynamic addresses

See addresses

dynamic desirable trunking mode     11-17

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described     11-28

reconfirming     11-31

troubleshooting     11-33

types of connections     11-30

VMPS database configuration file     11-28

dynamic routing     30-2

Dynamic Trunking Protocol

See DTP

E

EBGP     30-39

editing features

enabling and disabling     2-6

keystrokes used     2-6

wrapped lines     2-7

egress q, in show forward command output     36-20

EIGRP

authentication     30-37

components     30-33

configuring     30-35

default configuration     30-34

definition     30-33

interface parameters, configuring     30-36

EIGRP (continued)

monitoring     30-38

support for     1-7

enable password     7-4

enable secret password     7-4

encryption, CipherSuite     7-43

encryption for passwords     7-4

Enhanced IGRP

See EIGRP

environment variables

function of     3-15

location in Flash     3-14

equal-cost routing     1-7, 30-71

error messages

during command entry     2-4

setting the display destination device     25-4

severity levels     25-8

system message format     25-2

EtherChannel

automatic creation of     29-3

channel groups

binding physical and logical interfaces     29-2

numbering of     29-3

configuration guidelines     29-8

configuring

Layer 2 interfaces     29-9

Layer 3 physical interfaces     29-12

Layer 3 port-channel logical interfaces     29-11

default configuration     29-8

destination MAC address forwarding     29-6

displaying status     29-18

forwarding methods     29-14

interaction

with STP     29-8

with VLANs     29-9

LACP, support for     1-2

Layer 3 interface     30-3

load balancing     29-6, 29-14

logical interfaces, described     29-2

EtherChannel (continued)

number of interfaces per     29-2

overview     29-1

PAgP

aggregate-port learners     29-5

compatibility with Catalyst 1900     29-15

displaying status     29-18

interaction with other features     29-6

learn method and priority configuration     29-15

modes     29-4

overview     29-3

silent mode     29-4

support for     1-2

port-channel interfaces

described     29-2

numbering of     29-3

port groups     9-5

source MAC address forwarding     29-6

support for     1-2

EtherChannel guard

described     17-11

enabling     17-19

Ethernet VLANs

adding     11-8

defaults and ranges     11-8

modifying     11-8

events, RMON     24-3

examples

conventions for     xxxvi

network configuration     1-10

expedite queue for QoS

10/100 Ethernet ports

allocating bandwidth     28-68

configuring     28-68

described     28-15

Gigabit-capable Ethernet ports

allocating bandwidth     28-64

configuring     28-64

described     28-12

Express Setup

overview     1-1

See also getting started guide

extended-range VLANs

configuration guidelines     11-12

configuring     11-11

creating     11-12, 11-13

defined     11-1

extended system ID

MSTP     16-14

STP     15-3, 15-14

Extensible Authentication Protocol over LAN     8-1

external BGP

See EBGP

external neighbors, BGP     30-43

F

fallback bridging

and protected ports     35-4

bridge groups

creating     35-4

described     35-2

displaying     35-12

function of     35-2

number supported     35-4

removing     35-4

bridge table

changing the aging time     35-6

clearing     35-12

displaying     35-12

configuration guidelines     35-3

connecting interfaces with     9-9

default configuration     35-3

described     35-1

fallback bridging (continued)

frame forwarding

filtering by MAC address     35-6

flooding packets     35-2

for static addresses     35-5

forwarding packets     35-2

preventing for dynamically learned stations     35-5

to static addresses     35-5

overview     35-1

protocol, unsupported     35-3

STP

disabling on an interface     35-12

forward-delay interval     35-10

hello BPDU interval     35-10

interface priority     35-8

maximum-idle interval     35-11

path cost     35-9

switch priority     35-8

VLAN-bridge STP     35-1, 35-2

support for     1-7

SVIs and routed ports     35-1

unsupported protocols     35-3

VLAN-bridge STP     15-10

fallback VLAN name     11-28

Fast Uplink Transition Protocol     17-6

feature manager, ACL     27-42

FIB     30-70

fiber-optic, detecting unidirectional links     22-1

files

copying     B-4

crashinfo

description     36-21

displaying the contents of     36-21

location     36-21

deleting     B-5

displaying the contents of     B-7

files (continued)

tar

creating     B-5

displaying the contents of     B-6

extracting     B-7

image file format     B-19

file system

displaying available file systems     B-2

displaying file information     B-3

local file system names     B-1

network file system names     B-4

setting the default     B-3

filtering

in a VLAN     27-29

non-IP traffic     27-26

show and more command output     2-8

with fallback bridging     35-6

filters, IP

See ACLs, IP

flash device, number of     B-1

flooded traffic, blocking     20-6

flow-based packet classification     1-6

flowcharts

QoS classification     28-6

QoS policing and marking     28-10

QoS queueing and scheduling

10/100 ports     28-15

Gigabit-capable ports     28-12

flow control     1-2, 9-18

forward-delay time

MSTP     16-20

STP     15-5, 15-22

Forwarding Information Base

See FIB

forwarding non-routable protocols     35-1

FTP

accessing MIB files     A-2

configuration files

downloading     B-12

overview     B-11

preparing the server     B-12

uploading     B-13

image files

deleting old image     B-26

downloading     B-24

preparing the server     B-23

uploading     B-26

G

GBIC modules

See GBICs

GBICs

1000BASE-LX/LH module     1-13

1000BASE-SX module     1-13

1000BASE-T module     1-13

1000BASE-ZX module     1-13

CWDM module     1-18

GigaStack module     1-11

security and identification     36-11

get-bulk-request operation     26-3

get-next-request operation     26-3, 26-4

get-request operation     26-3, 26-4

get-response operation     26-3

Gigabit Interface Converters

See GBICs

GigaStack GBIC

fast transition of redundant link     17-5

See also GBICs

global configuration mode     2-2

guide

audience     xxxv

purpose of     xxxv

guide mode     1-9

GUIs

See device manager and Network Assistant     1-8

H

hardware, determining ACL configuration fit     27-44

hello time

MSTP     16-19

STP     15-21

help, for the command line     2-3

history

changing the buffer size     2-4

described     2-4

disabling     2-5

recalling commands     2-5

history table, level and number of syslog messages     25-10

hosts, limit on dynamic ports     11-33

Hot Standby Router Protocol

See HSRP

HP OpenView     1-9

HSRP

authentication string     31-8

binding to cluster group     31-10

command-switch redundancy     1-3

default configuration     31-4

definition     31-1

monitoring     31-10

overview     31-1

priority     31-6

routing redundancy     1-7

timers     31-8

tracking     31-7

HTTP over SSL

see HTTPS

HTTPS     7-42

configuring     7-45

self-signed certificate     7-42

HTTP secure server     7-42

I

IBPG     30-39

ICMP

redirect messages     30-11

support for     1-7

time exceeded messages     36-13

traceroute and     36-13

unreachable messages     27-6

unreachables and ACLs     27-7

ICMP ping

executing     36-12

overview     36-11

ICMP Router Discovery Protocol

See IRDP

IDS, using with SPAN and RSPAN     23-2

IE2100

CNS embedded agents

described     4-5

enabling automated configuration     4-6

enabling configuration agent     4-9

enabling event agent     4-8

Configuration Registrar

configID, deviceID, hostname     4-3

configuration service     4-2

described     4-1

event service     4-3

described     1-8

support for     1-3

IEEE 802.1p     13-1

IFS     1-3

IGMP

configuring the switch

as a member of a group     33-26

statically connected member     33-31

controlling access to groups     33-27

default configuration     33-26

deleting cache entries     33-52

displaying groups     33-52

IGMP (continued)

fast switching     33-31

host-query interval, modifying     33-29

joining multicast group     19-3

join messages     19-3

leave processing, enabling     19-10

leaving multicast group     19-5

multicast reachability     33-26

overview     33-3

queries     19-3

report suppression

described     19-5

disabling     19-11

support for     1-2

throttling action     19-20

Version 1

changing to Version 2     33-28

described     33-3

Version 2

changing to Version 1     33-28

described     33-3

maximum query response time value     33-30

pruning groups     33-30

query timeout value     33-29

IGMP filtering

configuring     19-20

default configuration     19-20

described     19-19

monitoring     19-25

IGMP groups

configuring the throttling action     19-23

setting the maximum number     19-23

IGMP profile

applying     19-22

configuration mode     19-20

configuring     19-21

IGMP snooping

configuring     19-6

default configuration     19-7

definition     19-2

enabling and disabling     19-7

global configuration     19-7

Immediate Leave     19-5

method     19-8

monitoring     19-12

support for     1-2

VLAN configuration     19-7

IGMP throttling

configuring     19-23

default configuration     19-20

described     19-20

displaying action     19-25

IGP     30-24

Immediate-Leave, IGMP     19-5

Intelligence Engine 2100 Series CNS Agents

See IE2100

interface

number     9-9

range macros     9-12

interface command     9-9, 9-10

interface configuration mode     2-2

interfaces

configuration guidelines     9-16

configuring     9-10

configuring duplex mode     9-15

configuring speed     9-15

counters, clearing     9-22

described     9-19

descriptive name, adding     9-19

displaying information about     9-21

flow control     9-18

management     1-8

monitoring     9-21

naming     9-19

physical, identifying     9-9

interfaces (continued)

range of     9-10

restarting     9-23

shutting down     9-23

supported     9-9

types of     9-1

interfaces range macro command     9-12

Interior Gateway Protocol

See IGP

internal BGP

See IBGP

internal neighbors, BGP     30-43

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Inter-Switch Link

See ISL

inter-VLAN routing     1-7, 30-2

Intrusion Detection System

See IDS

IOS File System

See IFS

ip access-group command     27-21

IP ACLs

applying to an interface     27-19

extended, creating     27-11

for QoS classification     28-7

implicit deny     27-10, 27-14, 27-16

implicit masks     27-10

logging     27-16

named     27-15

standard, creating     27-9

undefined     27-21

virtual terminal lines, setting on     27-19

IP addresses

candidate or member     5-3

classes of     30-5

command switch     5-2

default configuration     30-4

discovering     6-30

for IP routing     30-4

MAC address association     30-8

monitoring     30-17

See also IP information

IP broadcast address     30-15

ip cef command     30-70

IP directed broadcasts     30-13

ip igmp profile command     19-20

IP information

assigned

manually     3-10

through DHCP-based autoconfiguration     3-3

default configuration     3-3

IP multicast routing

addresses

all-hosts     33-1, 33-3

all-multicast-routers     33-1, 33-3

host group address range     33-1, 33-3

administratively-scoped boundaries, described     33-36

and IGMP snooping     19-2, 19-6

Auto-RP

adding to an existing sparse-mode cloud     33-14

benefits of     33-13

clearing the cache     33-52

configuration guidelines     33-10

filtering incoming RP announcement messages     33-16

overview     33-5

preventing candidate RP spoofing     33-16

preventing join messages to false RPs     33-15

setting up in a new internetwork     33-14

using with BSR     33-21

IP multicast routing (continued)

bootstrap router

configuration guidelines     33-10

configuring candidate BSRs     33-19

configuring candidate RPs     33-20

defining the IP multicast boundary     33-18

defining the PIM domain border     33-17

overview     33-5

using with Auto-RP     33-21

Cisco implementation     33-2

configuring

basic multicast routing     33-10

IP multicast boundary     33-36

TTL threshold     33-34

default configuration     33-8

enabling

multicast forwarding     33-11

PIM mode     33-11

group-to-RP mappings

Auto-RP     33-5

BSR     33-5

MBONE

deleting sdr cache entries     33-52

described     33-33

displaying sdr cache     33-53

enabling sdr listener support     33-33

limiting DVMRP routes advertised     33-47

limiting sdr cache entry lifetime     33-33

SAP packets for conference session announcement     33-33

Session Directory (sdr) tool, described     33-33

monitoring

packet rate loss     33-53

peering devices     33-53

tracing a path     33-53

multicast forwarding, described     33-6

PIMv1 and PIMv2 interoperability     33-9

protocol interaction     33-2

reverse path check (RPF)     33-6

IP multicast routing (continued)

routing table

deleting     33-52

displaying     33-52

RP

assigning manually     33-12

configuring Auto-RP     33-13

configuring PIMv2 BSR     33-17

monitoring mapping information     33-22

using Auto-RP and BSR     33-21

statistics, displaying system and network     33-52

TTL thresholds, described     33-34

See also CGMP

See also DVMRP

See also IGMP

See also PIM

IP phones

and 802.1x authentication     8-7

and QoS     13-1

automatic classification and queueing     28-17

configuring     13-3

trusted boundary for QoS     28-33

IP precedence     28-2

IP-precedence-to-DSCP map for QoS     28-54

IP protocols

in ACLs     27-12

routing     1-7

IP routes, monitoring     30-82

IP routing

connecting interfaces with     9-9

enabling     30-18

IP traceroute

executing     36-13

overview     36-13

IP unicast routing

address resolution     30-8

administrative distances     30-72, 30-80

ARP     30-8

assigning IP addresses to Layer 3 interfaces     30-6

authentication keys     30-81

broadcast

address     30-15

flooding     30-16

packets     30-13

storms     30-13

classless routing     30-7

configuring static routes     30-72

default

addressing configuration     30-4

gateways     30-11

networks     30-73

routes     30-73

routing     30-2

directed broadcasts     30-13

dynamic routing     30-2

enabling     30-18

EtherChannel Layer 3 interface     30-3

IGP     30-24

inter-VLAN     30-2

IP addressing

classes     30-5

configuring     30-4

IRDP     30-12

Layer 3 interfaces     30-3

MAC address and IP address     30-8

passive interfaces     30-79

protocols

distance-vector     30-2

dynamic     30-2

link-state     30-2

proxy ARP     30-8

redistribution     30-74

reverse address resolution     30-8

IP unicast routing (continued)

routed ports     30-3

static routing     30-2

steps to configure     30-3

subnet mask     30-5

subnet zero     30-6

supernet     30-7

UDP     30-15

with SVIs     30-3

See also BGP

See also EIGRP

See also OSPF

See also RIP

ip unreachables command     27-6

IRDP

configuring     30-12

definition     30-12

support for     1-7

ISL

and trunk ports     9-3

encapsulation     1-4, 11-16

trunking with 802.1 tunneling     14-4

J

join messages, IGMP     19-3

K

KDC

described     7-32

See also Kerberos

Kerberos

authenticating to

boundary switch     7-34

KDC     7-34

network services     7-35

configuration examples     7-32

Kerberos (continued)

configuring     7-35

credentials     7-32

cryptographic software image     7-32

described     7-32

KDC     7-32

operation     7-34

realm     7-33

server     7-33

switch as trusted third party     7-32

terms     7-33

TGT     7-34

tickets     7-32

key distribution center

See KDC

L

l2protocol-tunnel command     14-11

LACP

Layer 2 protocol tunneling     14-9

See EtherChannel

Layer 2 frames, classification with CoS     28-2

Layer 2 interfaces, default configuration     9-14

Layer 2 protocol tunneling

configuring     14-9

configuring for EtherChannels     14-13

default configuration     14-10

defined     14-7

guidelines     14-10

Layer 2 traceroute

and ARP     36-15

and CDP     36-15

described     36-14

IP addresses and subnets     36-15

MAC addresses and VLANs     36-15

multicast traffic     36-15

multiple devices on a port     36-15

Layer 2 traceroute (continued)

unicast traffic     36-14

usage guidelines     36-15

Layer 3 features     1-7

Layer 3 interfaces

assigning IP addresses to     30-6

changing from Layer 2 mode     30-6

types of     30-3

Layer 3 packets, classification methods     28-2

LDAP     4-2

leave processing, IGMP     19-10

lightweight directory access protocol

See LDAP

line configuration mode     2-2

Link Aggregation Control Protocol

See EtherChannel

links, unidirectional     22-1

link state advertisements (LSAs)     30-28

link-state protocols     30-2

logging messages, ACL     27-10

login authentication

with RADIUS     7-23

with TACACS+     7-14

login banners     6-18

log messages

See system message logging

long-distance, high-bandwidth transport configuration example     1-18

Long-Reach Ethernet (LRE) technology     1-11

loop guard

described     17-12

enabling     17-20

support for     1-4

M

mac access-group command     27-28

MAC ACLs and Layer 2 interfaces     27-28

MAC addresses

aging time     6-22

and VLAN association     6-21

building the address table     6-21

default configuration     6-22

discovering     6-30

displaying     6-27

displaying in DHCP snooping binding table     18-13

dynamic

learning     6-21

removing     6-23

in ACLs     27-26

IP address association     30-8

static

adding     6-25

allowing     6-27

characteristics of     6-25

dropping     6-26

removing     6-25

sticky secure, adding     20-8

MAC address multicast entries, monitoring     19-12

MAC address-to-VLAN mapping     11-27

MAC extended access lists     27-26, 28-5, 28-39

macros

See Smartports macros

manageability features     1-3

management options

benefits

clustering     1-9

Network Assistant     1-9

CLI     2-1

CNS     4-1

overview     1-8

MANs

CWDM configuration example     1-18

long-distance, high-bandwidth transport configuration example     1-18

mapping tables for QoS

configuring

CoS-to-DSCP     28-53

CoS-to-egress-queue     28-59

DSCP     28-52

DSCP-to-CoS     28-55

DSCP-to-DSCP-mutation     28-57

DSCP-to-threshold     28-61

IP-precedence-to-DSCP     28-54

policed-DSCP     28-55

described     28-10

marking

action in policy map     28-44

action with aggregate policers     28-50

described     28-4, 28-8

matching, ACLs     27-8

maximum aging time

MSTP     16-21

STP     15-22

maximum hop count, MSTP     16-21

maximum-paths command     30-46, 30-71

membership mode, VLAN port     11-3

member switch

defined     5-1

managing     5-3

recovering from lost connectivity     36-10

requirements     5-3

See also candidate switch, cluster standby group, and standby command switch

memory, optimizing     6-27

messages

logging ACL violations     27-16

to users through banners     6-18

metrics, in BGP     30-47

metric translations, between routing protocols     30-76

metropolitan-area networks

See MANs

metro tags     14-2

MIBs

accessing files with FTP     A-2

location of files     A-2

overview     26-1

SNMP interaction with     26-4

supported     A-1

minimum-reserve levels

assigning to a queue     28-15, 28-67

configuring the buffer size     28-16, 28-67

default size     28-15

mini-point-of-presence

See POP

mirroring traffic for analysis     23-1

mismatches, autonegotiation     36-10

modules, GBIC

1000BASE-LX/LH     1-13

1000BASE-SX     1-13

1000BASE-T     1-13

1000BASE-ZX     1-13

CWDM     1-18

GigaStack     1-11

monitoring

802.1Q tunneling     14-17

access groups     27-40

ACL

configuration     27-40

configuration conflicts     27-43

fit in hardware     27-44

information     27-40

BGP     30-58

cables for unidirectional links     22-1

CDP     21-5

CEF     30-71

EIGRP     30-38

fallback bridging     35-12

features     1-7

HSRP     31-10

monitoring (continued)

IGMP

filters     19-25

snooping     19-12

interfaces     9-21

IP

address tables     30-17

multicast routing     33-51

routes     30-82

Layer 2 protocol tunneling     14-17

MSDP peers     34-19

multicast router ports     19-12

multi-VRF CE     30-69

MVR     19-19

network traffic for analysis with probe     23-1

OSPF     30-32

port blocking     20-15

port protection     20-15

RP mapping information     33-22

source-active messages     34-19

speed and duplex mode     9-17

traffic flowing among switches     24-1

traffic suppression     20-15

tunneling     14-17

VLAN

filters     27-41

maps     27-41

VLANs     11-15

VMPS     11-32

VTP     12-16

MSDP

and dense-mode regions

sending SA messages to     34-17

specifying the originating address     34-18

benefits of     34-3

clearing MSDP connections and statistics     34-19

MSDP (continued)

controlling source information

forwarded by switch     34-12

originated by switch     34-8

received by switch     34-14

default configuration     34-4

filtering

incoming SA messages     34-14

SA messages to a peer     34-12

SA requests from a peer     34-11

join latency, defined     34-6

meshed groups

configuring     34-16

defined     34-16

originating address, changing     34-18

overview     34-1

peer-RPF flooding     34-2

peers

configuring a default     34-4

monitoring     34-19

peering relationship, overview     34-1

requesting source information from     34-8

shutting down     34-16

source-active messages

caching     34-6

clearing cache entries     34-19

defined     34-2

filtering from a peer     34-11

filtering incoming     34-14

filtering to a peer     34-12

limiting data with TTL     34-14

monitoring     34-19

restricting advertised sources     34-9

MSTP

boundary ports

configuration guidelines     16-13

described     16-5

BPDU filtering

described     17-3

enabling     17-15

BPDU guard

described     17-2

enabling     17-15

CIST, described     16-3

configuration guidelines     16-12, 17-13

configuring

forward-delay time     16-20

hello time     16-19

link type for rapid convergence     16-22

maximum aging time     16-21

maximum hop count     16-21

MST region     16-13

path cost     16-18

port priority     16-17

root switch     16-14

secondary root switch     16-16

switch priority     16-19

CST

defined     16-3

operations between regions     16-3

default configuration     16-12

default optional feature configuration     17-13

described     16-2

displaying status     16-23

enabling the mode     16-13

EtherChannel guard

described     17-11

enabling     17-19

extended system ID

effects on root switch     16-14

effects on secondary root switch     16-16

unexpected behavior     16-15

MSTP (continued)

instances supported     15-9

interface state, blocking to forwarding     17-2

interoperability and compatibility among modes     15-10

interoperability with 802.1D

described     16-5

restarting migration process     16-22

IST

defined     16-2

master     16-3

operations within a region     16-3

loop guard

described     17-12

enabling     17-20

mapping VLANs to MST instance     16-13

MST region

described     16-2

hop-count mechanism     16-4

supported spanning-tree instances     16-2

optional features supported     1-4

Port Fast

described     17-2

enabling     17-14

preventing root switch selection     17-11

root guard

described     17-11

enabling     17-19

root switch

configuring     16-15

effects of extended system ID     16-14

unexpected behavior     16-15

shutdown Port Fast-enabled port     17-2

multicast groups

and IGMP snooping     19-6

Immediate Leave     19-5

joining     19-3

leaving     19-5

static joins     19-10

multicast packets

ACLs on     27-39

blocking     20-6

multicast router ports

monitoring     19-12

adding     19-9

Multicast Source Discovery Protocol

See MSDP

multicast storm control

See storm control

multicast storm-control command     20-4

Multicast VLAN Registration

See MVR

Multiple Spanning Tree Protocol

See MSTP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example     30-65

configuration guidelines     30-62

configuring     30-62

default configuration     30-62

defined     30-59

displaying     30-69

monitoring     30-69

network components     30-62

packet-forwarding process     30-61

support for     1-7

MVR

configuring interfaces     19-17

default configuration     19-15

described     19-13

modes     19-17

monitoring     19-19

setting global parameters     19-16

support for     1-2

N

named IP ACLs     27-15

NameSpace Mapper

See NSM

native VLAN

and 802.1Q tunneling     14-4

configuring     11-23

default     11-23

neighbor discovery/recovery, EIGRP     30-33

neighbors, BGP     30-53

Network Assistant

described     1-2, 1-8

downloading image files     1-2

upgrading a switch     B-18

network configuration examples

increasing network performance     1-10

large network     1-15

long-distance, high-bandwidth transport     1-18

providing network services     1-11

small to medium-sized network     1-13

network design

performance     1-10

services     1-11

network management

CDP     21-1

RMON     24-1

SNMP     26-1

Network Time Protocol

See NTP

no commands     2-3

non-IP traffic filtering     27-26

nontrunking mode     11-17

normal-range VLANs

configuration modes     11-6

defined     11-1

no switchport command     9-5

note, described     xxxvi

not-so-stubby areas

See NSSA

NSM     4-3

NSSA, OSPF     30-28

NTP

associations

authenticating     6-5

defined     6-2

enabling broadcast messages     6-7

peer     6-6

server     6-6

default configuration     6-4

displaying the configuration     6-11

overview     6-2

restricting access

creating an access group     6-9

disabling NTP services per interface     6-10

source IP address, configuring     6-10

stratum     6-2

support for     1-3

synchronizing devices     6-6

time

services     6-2

synchronizing     6-2

O

OADM modules

See CWDM OADM modules

Open Shortest Path First

See OSPF

optical add/drop multiplexer modules

See CWDM OADM modules

optimizing system resources     6-27

options, management     1-8

OSPF

area parameters, configuring     30-28

configuring     30-26

default configuration

metrics     30-29

route     30-29

settings     30-25

described     30-24

interface parameters, configuring     30-27

LSA group pacing     30-31

monitoring     30-32

router IDs     30-31

route summarization     30-29

support for     1-7

virtual links     30-29

out-of-profile markdown     1-6

output interface, getting information about     36-20

P

packet modification, with QoS     28-17

PAgP

Layer 2 protocol tunneling     14-9

See EtherChannel

parallel paths, in routing tables     30-71

passive interfaces

configuring     30-79

OSPF     30-29

pass-through mode     28-34

passwords

default configuration     7-2

disabling recovery of     7-5

encrypting     7-4

for security     1-5

overview     7-1

passwords (continued)

setting

enable     7-3

enable secret     7-4

Telnet     7-6

with usernames     7-7

VTP domain     12-8

path cost

MSTP     16-18

STP     15-18

PBR

defined     30-77

enabling     30-78

fast-switched policy-based routing     30-78

local policy-based routing     30-78

support for     1-7

peers, BGP     30-53

performance, network design     1-10

performance features     1-2

persistent self-signed certificate     7-42

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring     30-65

physical ports     9-2

PIM

default configuration     33-8

dense mode

overview     33-4

rendezvous point (RP), described     33-5

RPF lookups     33-7

displaying neighbors     33-53

enabling a mode     33-11

overview     33-4

router-query message interval, modifying     33-25

shared tree and source tree, overview     33-23

shortest path tree, delaying the use of     33-24

PIM (continued)

sparse mode

join messages and shared tree     33-5

overview     33-5

prune messages     33-5

RPF lookups     33-7

support for     1-7

versions

interoperability     33-9

troubleshooting interoperability problems     33-22

v2 improvements     33-4

PIM-DVMRP, as snooping method     19-8

ping

character output description     36-12

executing     36-12

overview     36-11

PoE

auto mode     9-7

CDP with power consumption, described     9-6

CDP with power negotiation, described     9-6

Cisco intelligent power management     9-6

configuring     9-17

devices supported     9-5

high-power devices operating in low-power mode     9-6

powered-device detection and initial power allocation     9-6

power management modes     9-7

power negotiation extensions to CDP     9-6

standards supported     9-6

troubleshooting     36-16

policed-DSCP map for QoS     28-55

policers

configuring

for each matched traffic class     28-44

for more than one traffic class     28-50

described     28-4

displaying     28-70

number of     1-6, 28-9

types of     28-8

policing

described     28-4

token bucket algorithm     28-8

policy-based routing

See PBR

policy maps for QoS

characteristics of     28-44

configuring     28-44

described     28-7

displaying     28-70

POP     1-16

port ACLs

and voice VLAN     27-4

defined     27-2

limitations     27-4

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting     8-5

accounting services     1-5

authentication server

defined     8-2

RADIUS server     8-2

client, defined     8-2

configuration guidelines     8-11

configuring

802.1x accounting     8-23

802.1x authentication     8-13, 8-21

guest VLAN     8-19

host mode     8-19

manual re-authentication of a client     8-16

periodic re-authentication     8-15

quiet period     8-16

RADIUS server     8-15

RADIUS server parameters on the switch     8-14

switch-to-client frame-retransmission number     8-17, 8-18

switch-to-client retransmission time     8-17

default configuration     8-10

port-based authentication (continued)

described     8-1

device roles     8-2

displaying statistics     8-24

EAPOL-start frame     8-3

EAP-request/identity frame     8-3

EAP-response/identity frame     8-3

enabling

802.1x with guest VLAN     8-8

802.1x with per-user ACLs     8-9, 8-13

802.1x with port security     8-6

802.1x with VLAN assignment     8-7, 8-13

802.1x with voice VLAN     8-7

encapsulation     8-3

guest VLAN, configuration guidelines     8-8

host mode     8-5

initiation and message exchange     8-3

method lists     8-13, 8-21

multiple-hosts mode, described     8-5

per-user ACLs, AAA authorization     8-21

ports

authorization state and dot1x port-control command     8-4

authorized and unauthorized     8-4

port security, multiple-hosts mode     8-5

resetting to default values     8-21

software upgrade changes     8-12

support for     1-5

switch

as proxy     8-2

RADIUS client     8-2

upgrading from a previous release     28-22

VLAN assignment, AAA authorization     8-21

port blocking     1-2, 20-6

port-channel

See EtherChannel

Port Fast

described     17-2

enabling     17-14

mode, spanning tree     11-29

support for     1-4

port membership modes, VLAN     11-3

port priority

MSTP     16-17

STP     15-17

ports

802.1Q tunnel     11-3

access     9-3

blocking     20-6

dynamic access     11-3

forwarding, resuming     20-7

protected     20-5

routed     9-4

secure     20-7

static-access     11-3, 11-11

switch     9-2

trunks     11-3, 11-16

VLAN assignments     11-11

port security

aging     20-13

and QoS trusted boundary     28-33

and trunk ports     20-10

configuration guidelines     20-9

configuring     20-10

default configuration     20-9

described     20-7

displaying     20-15

sticky learning     20-8

violations     20-8

with other features     20-9

port-shutdown response, VMPS     11-27

Power over Ethernet

See PoE

preferential treatment of traffic

See QoS

prefix lists, BGP     30-50

preventing unauthorized access     7-1

priority

HSRP     31-6

overriding CoS     13-5

trusting CoS     13-6

private VLAN edge ports

See protected ports

privileged EXEC mode     2-2

privilege levels

changing the default for lines     7-9

command switch     5-4

exiting     7-10

logging into     7-10

mapping on member switches     5-4

overview     7-2, 7-8

setting a command with     7-8

protected ports     1-5, 20-5

protocol-dependent modules, EIGRP     30-34

Protocol-Independent Multicast Protocol

See PIM

provider edge devices     30-60

proxy ARP

configuring     30-10

definition     30-8

with IP routing disabled     30-11

pruning, VTP

enabling     12-14

enabling on a port     11-22

examples     12-5

overview     12-4

pruning-eligible list

changing     11-22

for VTP pruning     12-4

VLANs     12-14

publications, related     xxxvii

PVST+

802.1Q trunking interoperability     15-10

described     15-9

instances supported     15-9

Q

QoS

and MQC commands     28-1

auto-QoS

categorizing traffic     28-18

configuration and defaults display     28-23

configuration guidelines     28-21

described     28-17

displaying     28-23

effects on NVRAM configuration     28-21

egress queue defaults     28-18

enabling for VoIP     28-22

generated commands     28-19

basic model     28-4

classification

class maps, described     28-7

defined     28-4

flowchart     28-6

forwarding treatment     28-3

in frames and packets     28-3

IP ACLs, described     28-5, 28-7

MAC ACLs, described     28-5, 28-7

pass-through mode, described     28-34

per physical port     28-40

per-port per-VLAN     28-42

policy maps, described     28-7

port default, described     28-5

trust DSCP, described     28-5

trusted CoS, described     28-5

trust IP precedence, described     28-5

types for IP traffic     28-5

types for non-IP traffic     28-5

QoS (continued)

class maps

configuring per physical port     28-40

configuring per-port per-VLAN     28-42

displaying     28-70

configuration examples

distribution layer     28-73

existing wiring closet     28-71

intelligent wiring closet     28-72

configuration guidelines

auto-QoS     28-21

standard QoS     28-27

configuring

aggregate policers     28-50

auto-QoS     28-17

default port CoS value     28-32

DSCP maps     28-52

DSCP trust states bordering another domain     28-35

egress queues on 10/100 Ethernet ports     28-65

egress queues on Gigabit-capable Ethernet ports     28-58

IP extended ACLs     28-38

IP standard ACLs     28-37

MAC ACLs     28-39

pass-through mode     28-34

policy maps     28-44

port trust states within the domain     28-30

trusted boundary     28-33

default auto configuration     28-18

default standard configuration     28-26

displaying statistics     28-70

enabling globally     28-29

flowcharts

classification     28-6

policing and marking     28-10

queueing and scheduling     28-12, 28-15

implicit deny     28-7

QoS (continued)

IP phones

automatic classification and queueing     28-17

detection and trusted settings     28-17, 28-33

mapping tables

CoS-to-DSCP     28-53

CoS-to-egress-queue     28-59

displaying     28-70

DSCP-to-CoS     28-55

DSCP-to-DSCP-mutation     28-57

DSCP-to-threshold     28-61

IP-precedence-to-DSCP     28-54

policed-DSCP     28-55

types of     28-10

marked-down actions     28-47

marking, described     28-4, 28-8

overview     28-2

packet modification     28-17

pass-through mode     28-34

policers

configuring     28-47, 28-50

described     28-8

displaying     28-70

number of     28-9

types of     28-8

policies, attaching to an interface     28-9

policing

described     28-4, 28-8

token bucket algorithm     28-8

policy maps

characteristics of     28-44

configuring     28-44

displaying     28-70

queueing, defined     28-4

QoS (continued)

queues

CoS-to-egress-queue map     28-59

for 10/100 Ethernet ports     28-15

high priority (expedite)     28-13, 28-64

minimum-reserve levels     28-67

serviced by WRR     28-13, 28-16

size of     28-12, 28-15

size ratios     28-60

tail-drop threshold percentages     28-13, 28-60

WRED drop-percentage thresholds     28-13, 28-62

WRR scheduling     28-64

scheduling

allocating bandwidth on 10/100 Ethernet ports     28-68

allocating bandwidth on Gigabit-capable ports     28-64

defined     28-4

support for     1-6

tail drop

configuring drop threshold percentages     28-60

described     28-13

trust states

bordering another domain     28-35

described     28-5

trusted device     28-33

within the domain     28-30

WRED

configuring drop-percentage thresholds     28-62

described     28-14

WRR scheduling     28-64

quality of service

See QoS

queries, IGMP     19-3

R

RADIUS

attributes

vendor-proprietary     7-31

vendor-specific     7-29

configuring

accounting     7-28

authentication     7-23

authorization     7-27

communication, global     7-21, 7-29

communication, per-server     7-20, 7-21

multiple UDP ports     7-21

default configuration     7-20

defining AAA server groups     7-25

described     7-18

displaying the configuration     7-31

identifying the server     7-20

limiting the services to the user     7-27

method list, defined     7-20

operation of     7-19

suggested network environments     7-18

tracking services accessed by user     7-28

Random Early Detection, described     28-14

range

macro     9-12

of interfaces     9-11

rapid convergence     16-7

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability     15-10

described     15-9

instances supported     15-9

support for     11-2

Rapid Spanning Tree Protocol

See RSTP

RARP     30-8

rcommand command     5-3

RCP

configuration files

downloading     B-16

overview     B-14

preparing the server     B-15

uploading     B-17

image files

deleting old image     B-30

downloading     B-28

preparing the server     B-27

uploading     B-30

reconfirmation interval, VMPS, changing     11-31

recovery procedures     36-1

redundancy

EtherChannel     29-2

features     1-3

HSRP     31-1

STP

backbone     15-7

multidrop backbone     17-5

path cost     11-25

port priority     11-24

redundant links and UplinkFast     17-16

reliable transport protocol, EIGRP     30-33

reloading software     3-16

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

report suppression, IGMP

described     19-5

disabling     19-11

resequencing ACL entries     27-15

resets, in BGP     30-45

resetting a UDLD-shutdown interface     22-6

restricting access

NTP services     6-8

overview     7-1

passwords and privilege levels     7-2

RADIUS     7-17

TACACS+     7-10

retry count, VMPS, changing     11-32

reverse address resolution     30-8

Reverse Address Resolution Protocol

See RARP

RFC

1058, RIP     30-19

1112, IP multicast and IGMP     19-2

1157, SNMPv1     26-2

1163, BGP     30-39

1166, IP addresses     30-5

1253, OSPF     30-24

1267, BGP     30-39

1305, NTP     6-2

1587, NSSAs     30-24

1757, RMON     24-2

1771, BGP     30-39

1901, SNMPv2C     26-2

1902 to 1907, SNMPv2     26-2

2236, IP multicast and IGMP     19-2

2273-2275, SNMPv3     26-2

RIP

advertisements     30-19

authentication     30-22

configuring     30-20

default configuration     30-19

described     30-19

hop counts     30-19

split horizon     30-22

summary addresses     30-22

support for     1-7

RMON

default configuration     24-3

displaying status     24-6

enabling alarms and events     24-3

groups supported     24-2

overview     24-1

statistics

collecting group Ethernet     24-5

collecting group history     24-5

support for     1-7

root guard

described     17-11

enabling     17-19

support for     1-4

root switch

MSTP     16-14

STP     15-14

route calculation timers, OSPF     30-30

route dampening, BGP     30-57

routed packets, ACLs on     27-38

routed ports

configuring     30-3

defined     9-4

IP addresses on     9-20, 30-3

route-map command for policy-based routing     30-78

route maps

policy-based routing, defined     30-77

BGP     30-48

router ACLs     27-2

route reflectors, BGP     30-56

router ID, OSPF     30-31

route selection, BGP     30-46

route summarization, OSPF     30-29

route targets, VPN     30-62

routing

default     30-2

dynamic     30-2

redistribution of information     30-74

static     30-2

routing domain confederation, BGP     30-55

Routing Information Protocol

See RIP

routing protocol administrative distances     30-72

RSPAN

configuration guidelines     23-16

default configuration     23-8

destination ports     23-5

displaying status     23-24

IDS     23-2

interaction with other features     23-6

monitored ports     23-4

monitoring ports     23-5

overview     1-7, 23-1

received traffic     23-3

reflector port     23-5

session limits     23-8

sessions

creating     23-17

defined     23-3

limiting source traffic to specific VLANs     23-23

monitoring VLANs     23-22

removing source (monitored) ports     23-21

specifying monitored ports     23-17

source ports     23-4

transmitted traffic     23-4

VLAN-based     23-6

RSTP

active topology, determining     16-6

BPDU

format     16-9

processing     16-10

designated port, defined     16-6

designated switch, defined     16-6

RSTP (continued)

interoperability with 802.1D

described     16-5

restarting migration process     16-22

topology changes     16-10

overview     16-6

port roles

described     16-6

synchronized     16-8

proposal-agreement handshake process     16-7

rapid convergence

described     16-7

edge ports and Port Fast     16-7

point-to-point links     16-7, 16-22

root ports     16-7

root port, defined     16-6

See also MSTP

running configuration, saving     3-11

S

scheduled reloads     3-16

SDM

configuring     6-30

described     6-27

templates

number of     6-27

resources used for Fast Ethernet switches     6-29

resources used for Gigabit Ethernet switches     6-28

sdm prefer extended-match command     30-63

secure HTTP client

configuring     7-47

displaying     7-47

secure HTTP server

configuring     7-45

displaying     7-47

secure ports, configuring     20-7

secure remote connections     7-38

Secure Shell

See SSH

Secure Socket Layer

See SSL

security, port     20-7

security features     1-5

sequence numbers in log messages     25-8

server mode, VTP     12-3

service-provider networks

and 802.1Q tunneling     14-1

and customer VLANs     14-2

Layer 2 protocols across     14-7

Layer 2 protocol tunneling for EtherChannels     14-9

MSTP and RSTP     16-1

set-request operation     26-4

setup program, failed command switch replacement     36-7, 36-9

severity levels, defining in system messages     25-8

show access-lists hw-summary command     27-7

show cdp traffic command     21-5

show cluster members command     5-3

show configuration command     9-19

show fm command     27-42

show forward command     36-19

show interfaces command     9-17, 9-19

show l2protocol command     14-12, 14-14, 14-15

show mac access-group command     27-28

show running-config command

displaying ACLs     27-20, 27-21, 27-30, 27-33

interface description in     9-19

show tcam command     27-42

shutdown command on interfaces     9-23

shutdown threshold for Layer 2 protocol packets     14-10

Simple Network Management Protocol

See SNMP

Smartports macros

applying Cisco-default macros     10-6

applying global parameter values     10-5, 10-6

applying macros     10-5

applying parameter values     10-5, 10-7

configuration guidelines     10-3

creating     10-4

default configuration     10-2

defined     10-1

displaying     10-8

tracing     10-3

website     10-2

SNAP     21-1

SNMP

accessing MIB variables with     26-4

agent

described     26-4

disabling     26-7

community strings

configuring     26-7

for cluster switches     26-4

overview     26-4

configuration examples     26-16

default configuration     26-6

groups     26-9

in-band management     1-3

informs

and trap keyword     26-11

described     26-5

differences from traps     26-5

enabling     26-14

limiting access by TFTP servers     26-15

limiting system log messages to NMS     25-10

manager functions     1-9, 26-3

managing clusters with     5-4

MIBs

location of     A-2

supported     A-1

notifications     26-5

SNMP (continued)

overview     26-1, 26-4

status, displaying     26-17

system contact and location     26-15

trap manager, configuring     26-13, 26-14

traps

described     26-3, 26-5

differences from informs     26-5

enabling     26-11, 26-14

enabling MAC address notification     6-23

overview     26-1, 26-4

types of     26-11

users     26-9

versions supported     26-2

snooping, IGMP     19-2

software images

location in flash     B-19

recovery procedures     36-2

scheduling reloads     3-16

tar file format, described     B-19

See also downloading and uploading

source addresses, in ACLs     27-12

SPAN

configuration guidelines     23-8

default configuration     23-8

destination ports     23-5

displaying status     23-24

IDS     23-2

interaction with other features     23-6

monitored ports     23-4

monitoring ports     23-5

overview     1-7, 23-1

ports, restrictions     20-10

received traffic     23-3

session limits     23-8

SPAN (continued)

sessions

creating     23-9

defined     23-3

limiting source traffic to specific VLANs     23-15

monitoring VLANs     23-14

removing destination (monitoring) ports     23-13

removing source (monitored) ports     23-13

specifying monitored ports     23-9

source ports     23-4

transmitted traffic     23-4

VLAN-based     23-6

spanning tree and native VLANs     11-18

Spanning Tree Protocol

See STP

speed, configuring on interfaces     9-15

split horizon, RIP     30-22

SSH

configuring     7-39

cryptographic software image     7-37

described     7-38

encryption methods     7-38

user authentication methods, supported     7-38

SSL

configuration guidelines     7-44

configuring a secure HTTP client     7-47

configuring a secure HTTP server     7-45

cryptographic software image     7-41

described     7-41

monitoring     7-47

Stack Membership Discovery Protocol     17-6

standby command switch, requirements     5-2

standby ip command     31-5

standby router     31-1

standby timers, HSRP     31-8

startup configuration

booting

manually     3-12

specific image     3-13

clearing     B-18

configuration file

automatically downloading     3-12

specifying the filename     3-12

default boot configuration     3-11

static access ports

assigning to VLAN     11-11

defined     9-3, 11-3

static addresses

See addresses

static IP routing     1-7

static MAC addressing     1-5

static routes, configuring     30-72

static routing     30-2

static VLAN membership     11-2

statistics

802.1x     8-24

CDP     21-5

interface     9-21

IP multicast routing     33-52

OSPF     30-32

QoS ingress and egress     28-70

RMON group Ethernet     24-5

RMON group history     24-5

SNMP input and output     26-17

VTP     12-16

sticky learning

configuration file     20-8

defined     20-8

disabling     20-8

enabling     20-8

saving addresses     20-8

storm control

configuring     20-3

default configuration     20-3

described     20-1

disabling     20-4

displaying     20-15

thresholds     20-1

STP

accelerating root port selection     17-4

BackboneFast

described     17-9

enabling     17-18

BPDU filtering

described     17-3

enabling     17-15

BPDU guard

described     17-2

enabling     17-15

BPDU message exchange     15-2

configuration guidelines     15-12, 17-13

configuring

forward-delay time     15-22

hello time     15-21

in cascaded stack     15-23

maximum aging time     15-22

path cost     15-18

port priority     15-17

root switch     15-14

secondary root switch     15-16

spanning-tree mode     15-13

switch priority     15-20

counters, clearing     15-24

cross-stack UplinkFast

described     17-5

enabling     17-17

default configuration     15-11

default optional feature configuration     17-13

designated port, defined     15-3

designated switch, defined     15-3

STP (continued)

detecting indirect link failures     17-9

disabling     15-14

displaying status     15-24

EtherChannel guard

described     17-11

enabling     17-19

extended system ID

affects on root switch     15-14

affects on the secondary root switch     15-16

overview     15-3

unexpected behavior     15-15

features supported     1-4

inferior BPDU     15-3

instances supported     15-9

interface state, blocking to forwarding     17-2

interface states

blocking     15-5

disabled     15-6

forwarding     15-5, 15-6

learning     15-6

listening     15-6

overview     15-4

interoperability and compatibility among modes     15-10

Layer 2 protocol tunneling     14-7

limitations with 802.1Q trunks     15-10

load sharing

overview     11-23

using path costs     11-25

using port priorities     11-24

loop guard

described     17-12

enabling     17-20

modes supported     15-9

multicast addresses, affect of     15-8

optional features supported     1-4

overview     15-2

path costs     11-25, 11-26

STP (continued)

Port Fast

described     17-2

enabling     17-14

port priorities     11-24

preventing root switch selection     17-11

protocols supported     15-9

redundant connectivity     15-7

root guard

described     17-11

enabling     17-19

root port, defined     15-3

root switch

affects of extended system ID     15-3, 15-14

configuring     15-14

election     15-3

unexpected behavior     15-15

settings in a cascaded stack     15-23

shutdown Port Fast-enabled port     17-2

superior BPDU     15-3

timers, described     15-20

UplinkFast

described     17-3

enabling     17-16

VLAN-bridge     15-10

stratum, NTP     6-2

stub areas, OSPF     30-28

subnet mask     30-5

subnet zero     30-6

summer time     6-13

SunNet Manager     1-9

supernet     30-7

SVIs

and IP unicast routing     30-3

and router ACLs     27-3

connecting VLANs     9-8

defined     9-4

routing between VLANs     11-2

switch clustering technology

See clusters, switch

switch console port     1-3

switched packets, ACLs on     27-37

switched ports     9-2

switchport block multicast command     20-6

switchport block unicast command     20-6

switchport command     9-14

switchport mode dot1q-tunnel command     14-6

switchport protected command     20-5

switch priority

MSTP     16-19

STP     15-20

switch software features     1-1

switch virtual interfaces

See SVIs

synchronization, BGP     30-43

syslog

See system message logging

system clock

configuring

daylight saving time     6-13

manually     6-11

summer time     6-13

time zones     6-12

displaying the time and date     6-12

overview     6-1

See also NTP

System Database Management

See SDM

system message logging

default configuration     25-3

defining error message severity levels     25-8

disabling     25-4

displaying the configuration     25-12

enabling     25-4

facility keywords, described     25-12

level keywords, described     25-9

limiting messages     25-10

system message logging (continued)

message format     25-2

overview     25-1

sequence numbers, enabling and disabling     25-8

setting the display destination device     25-4

synchronizing log messages     25-6

syslog facility     1-7

timestamps, enabling and disabling     25-7

UNIX syslog servers

configuring the daemon     25-11

configuring the logging facility     25-11

facilities supported     25-12

system MTU

802.1Q tunneling     14-5

maximums     14-5

system name

default configuration     6-15

default setting     6-15

manual configuration     6-15

See also DNS

system prompt

default setting     6-15

manual configuration     6-16

system resource templates     6-27

T

TACACS+

accounting, defined     7-11

authentication, defined     7-11

authorization, defined     7-11

configuring

accounting     7-17

authentication key     7-13

authorization     7-16

login authentication     7-14

default configuration     7-13

displaying the configuration     7-17

identifying the server     7-13

TACACS+ (continued)

limiting the services to the user     7-16

operation of     7-12

overview     7-10

tracking services accessed by user     7-17

tagged packets

802.1Q     14-3

Layer 2 protocol     14-7

tail drop

described     28-13

support for     1-6

tar files

creating     B-5

displaying the contents of     B-6

extracting     B-7

image file format     B-19

TCAMs

ACL regions     27-46

ACLs not loading in     27-44

allocations, monitoring     27-47

monitoring usage     27-46

Telnet

accessing management interfaces     2-9

number of connections     1-3

setting a password     7-6

templates, system resources     6-27

temporary self-signed certificate     7-42

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password     7-6

ternary content addressable memory

See TCAM

TFTP

configuration files

downloading     B-10

preparing the server     B-10

uploading     B-11

configuration files in base directory     3-6

configuring for autoconfiguration     3-6

TFTP (continued)

image files

deleting     B-22

downloading     B-21

preparing the server     B-20

uploading     B-22

limiting access by servers     26-15

TFTP server     1-3

threshold, traffic level     20-2

time

See NTP and system clock

time-range command     27-17

time ranges in ACLs     27-17

timestamps in log messages     25-7

time zones     6-12

Token Ring VLANs

support for     11-5

VTP support     12-4

TOS     1-6

traceroute, Layer 2

and ARP     36-15

and CDP     36-15

described     36-14

IP addresses and subnets     36-15

MAC addresses and VLANs     36-15

multicast traffic     36-15

multiple devices on a port     36-15

unicast traffic     36-14

usage guidelines     36-15

traceroute command     36-13

See also IP traceroute

traffic

blocking flooded     20-6

fragmented     27-5

unfragmented     27-5

traffic policing     1-6

traffic suppression     20-1

transparent mode, VTP     12-3, 12-12

trap-door mechanism     3-2

traps

configuring MAC address notification     6-23

configuring managers     26-11, 26-14

defined     26-3

enabling     6-23, 26-11, 26-14

notification types     26-11

overview     26-1, 26-4

troubleshooting

connectivity problems     36-11

detecting unidirectional links     22-1

determining packet disposition     36-19

displaying crash information     36-21

GBIC security and identification     36-11

PIMv1 and PIMv2 interoperability problems     33-22

PoE ports     36-16

show forward command     36-19

with CiscoWorks     26-4

with debug commands     36-17

with ping     36-11

with system message logging     25-1

with traceroute     36-13

trunking encapsulation     1-4

trunk ports

configuring     11-20

defined     9-3, 11-3

encapsulation     11-20, 11-25, 11-26

trunks

allowed-VLAN list     11-21

configuring     11-20, 11-25, 11-26

ISL     11-16

load sharing

setting STP path costs     11-25

using STP port priorities     11-24

native VLAN for untagged traffic     11-23

parallel     11-25

pruning-eligible list     11-22

to non-DTP device     11-16

VLAN 1 minimization     11-21

trusted boundary for QoS     28-33

trustpoints, CA     7-42

tunneling

802.1Q     14-1

defined     14-1

Layer 2 protocol     14-7

tunnel ports

802.1Q, configuring     14-6

802.1Q and ACLs     27-3

defined     11-3

described     9-4, 14-1

incompatibilities with other features     14-5

twisted-pair Ethernet, detecting unidirectional links     22-1

type of service

See TOS

U

UDLD

default configuration     22-4

echoing detection mechanism     22-3

enabling

globally     22-5

per interface     22-5

Layer 2 protocol tunneling     14-9

link-detection mechanism     22-1

neighbor database     22-2

overview     22-1

resetting an interface     22-6

status, displaying     22-7

support for     1-3

UDP, configuring     30-15

unauthorized ports with 802.1x     8-4

unicast MAC address filtering

and adding static addresses     6-26

and broadcast MAC addresses     6-26

and CPU packets     6-26

and multicast addresses     6-26

and router MAC addresses     6-26

unicast MAC address filtering (continued)

configuration guidelines     6-26

described     6-26

unicast storm control

See storm control

unicast storm control command     20-4

unicast traffic, blocking     20-6

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration     25-11

facilities supported     25-12

message logging configuration     25-11

unrecognized Type-Length-Value (TLV) support     12-4

upgrading software images

See downloading

UplinkFast

described     17-3

enabling     17-16

support for     1-4

uploading

configuration files

preparing     B-10, B-12, B-15

reasons for     B-8

using FTP     B-13

using RCP     B-17

using TFTP     B-11

image files

preparing     B-20, B-23, B-27

reasons for     B-18

using FTP     B-26

using RCP     B-30

using TFTP     B-22

User Datagram Protocol

See UDP

user EXEC mode     2-2

username-based authentication     7-7

V

version-dependent transparent mode     12-4

Virtual Private Network

See VPN

virtual router     31-1, 31-3

vlan.dat file     11-4

VLAN 1 minimization, support for     1-4

VLAN ACLs

See VLAN maps

VLAN configuration

at bootup     11-7

saving     11-7

VLAN configuration mode     2-2, 11-6

VLAN database

and startup configuration file     11-7

and VTP     12-1

VLAN configuration saved in     11-7

VLANs saved in     11-4

vlan database command     11-6

vlan dot1q tag native command     14-4

vlan global configuration command     11-6

VLAN ID, discovering     6-30

VLAN management domain     12-2

VLAN Management Policy Server

See VMPS

VLAN map entries, order of     27-30

VLAN maps

applying     27-33

common uses for     27-33

configuration example     27-34

configuration guidelines     27-30

configuring     27-29

creating     27-30

defined     27-2

denying access example     27-35

denying and permitting packets     27-31

displaying     27-41

examples     27-35

VLAN maps (continued)

support for     1-5

usage     27-4

VLAN membership

confirming     11-31

modes     11-3

VLAN Query Protocol

See VQP

VLANs

adding     11-8

adding to VLAN database     11-8

aging dynamic addresses     15-8

allowed on trunk     11-21

and spanning-tree instances     11-2, 11-6, 11-12

configuration guidelines, normal-range VLANs     11-5

configuration options     11-6

configuring     11-1

configuring IDs 1006 to 4094     11-12

connecting through SVIs     9-8

creating in config-vlan mode     11-8

creating in VLAN configuration mode     11-9

customer numbering in service-provider networks     14-3

default configuration     11-7

deleting     11-10

described     9-2, 11-1

displaying     11-15

extended-range     11-1, 11-11

features     1-4

illustrated     11-2

internal     11-13

limiting source traffic with RSPAN     23-23

limiting source traffic with SPAN     23-15

modifying     11-8

monitoring with RSPAN     23-22

monitoring with SPAN     23-14

native, configuring     11-23

normal-range     11-1, 11-4

number supported     1-4

parameters     11-4

VLANs (continued)

port membership modes     11-3

static-access ports     11-11

STP and 802.1Q trunks     15-10

supported     11-2

Token Ring     11-5

traffic between     11-2

trunks, VLAN 1 minimization     11-21

VLAN-bridge STP     15-10, 35-1

VTP modes     12-3

VLAN Trunking Protocol

See VTP

VLAN trunks     11-16

VMPS

administering     11-32

configuration example     11-33

configuration guidelines     11-29

default configuration     11-29

description     11-27

dynamic port membership

described     11-28

reconfirming     11-31

troubleshooting     11-33

entering server address     11-30

mapping MAC addresses to VLANs     11-27

monitoring     11-32

reconfirmation interval, changing     11-31

reconfirming membership     11-31

retry count, changing     11-32

voice VLAN

Cisco 7960 phone, port connections     13-1

configuration guidelines     13-3

configuring IP phones for data traffic

override CoS of incoming frame     13-5

trust CoS priority of incoming frame     13-6

configuring ports for voice traffic in

802.1p priority tagged frames     13-4

802.1Q frames     13-4

connecting to an IP phone     13-3

voice VLAN (continued)

default configuration     13-2

described     13-1

displaying     13-6

VPN

configuring routing in     30-64

forwarding     30-62

in service provider networks     30-59

routes     30-60

VPN routing and forwarding table

See VRF

VQP     1-4, 11-27

VRF

defining     30-62

tables     30-59

VTP

adding a client to a domain     12-14

advertisements     11-19, 12-3

and extended-range VLANs     12-1

and normal-range VLANs     12-1

client mode, configuring     12-11

configuration

global configuration mode     12-7

guidelines     12-8

privileged EXEC mode     12-7

requirements     12-9

saving     12-7

VLAN configuration mode     12-7

configuration mode options     12-7

configuration requirements     12-9

configuration revision number

guideline     12-14

resetting     12-15

configuring

client mode     12-11

server mode     12-9

transparent mode     12-12

consistency checks     12-4

default configuration     12-6

VTP (continued)

described     12-1

disabling     12-12

domain names     12-8

domains     12-2

Layer 2 protocol tunneling     14-7

modes

client     12-3, 12-11

server     12-3, 12-9

transitions     12-3

transparent     12-3, 12-12

monitoring     12-16

passwords     12-8

pruning

disabling     12-14

enabling     12-14

examples     12-5

overview     12-4

support for     1-4

pruning-eligible list, changing     11-22

server mode, configuring     12-9

statistics     12-16

support for     1-4

Token Ring support     12-4

transparent mode, configuring     12-12

using     12-1

version, guidelines     12-8

version 1     12-4

version 2

configuration guidelines     12-8

disabling     12-13

enabling     12-13

overview     12-4

W

WCCP

authentication     32-4

configuration guidelines     32-5

default configuration     32-5

described     32-2

displaying     32-9

enabling     32-6

features unsupported     32-4

forwarding method     32-3

Layer-2 header rewrite     32-3

MD5 security     32-4

message exchange     32-3

monitoring and maintaining     32-9

negotiation     32-3

packet redirection     32-4

packet-return method     32-3

redirecting traffic received from a client     32-6

setting the password     32-6

unsupported WCCPv2 features     32-4

Web Cache Communication Protocol

See WCCP

Weighted Random Early Detection

See WRED

Weighted Round Robin

See WRR

weighted round robin, described     28-4

wizards     1-9

WRED     1-6, 28-14

WRR     1-6, 28-4

X

Xmodem protocol     36-2