Catalyst 3560 Switch Software Configuration Guide, Rel. 12.1(19)EA1
Index
Downloads: This chapterpdf (PDF - 1.5MB) The complete bookPDF (PDF - 10.12MB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

Numerics

802.1D

See STP

802.1Q

and trunk ports     10-3

configuration limitations     12-18

encapsulation     12-16

native VLAN for untagged traffic     12-23

802.1S

See MSTP

802.1W

See RSTP

802.1X

See port-based authentication

802.3AD

See EtherChannel

802.3af

See PoE     1-8

802.3Z flow control     10-14

A

abbreviating commands     2-3

ABRs     30-29

AC (command switch)     5-10, 5-19

access-class command     27-19

access control entries

See ACEs

access-denied response, VMPS     12-28

access groups

applying ACLs to interfaces     27-20

IP     27-20

Layer 2     27-20

Layer 3     27-20

accessing

clusters, switch     5-13

command switches     5-11

member switches     5-13

switch clusters     5-13

access lists

See ACLs

access ports

defined     10-2

in switch clusters     5-9

accounting

with RADIUS     8-28

with TACACS+     8-11, 8-17

ACEs

and QoS     28-7

defined     27-2

Ethernet     27-2

IP     27-2

ACLs

ACEs     27-2

any keyword     27-12

applying

on bridged packets     27-38

on multicast packets     27-39

on routed packets     27-38

ACLs (continued)

on switched packets     27-37

time ranges to     27-16

to an interface     27-19

to QoS     28-7

classifying traffic for QoS     28-37

comments in     27-18

compiling     27-21

configuring with VLAN maps     27-36

defined     27-1, 27-7

examples of     27-21, 28-37

extended IP

configuring for QoS classification     28-38

creating     27-10

matching criteria     27-7

hardware and software handling     27-21

host keyword     27-12

IP

applying to interface     27-19

applying to interfaces     27-19

creating     27-7

fragments and QoS guidelines     28-29

implicit deny     27-9, 27-13, 27-15

implicit masks     27-9

matching criteria     27-7

named     27-14

terminal lines, setting on     27-18

undefined     27-20

violations, logging     27-15

limiting actions     27-37

logging messages     27-9

log keyword     27-15

MAC extended     27-26, 28-39

matching     27-7, 27-20

monitoring     27-40

named     27-14

number per QoS class map     28-29

numbers     27-7

ACLs (continued)

port     27-2

precedence of     27-2

QoS     28-7, 28-37

router     27-2

standard IP

configuring for QoS classification     28-37

creating     27-8

matching criteria     27-7

supported features     27-21

support for     1-6

time ranges     27-16

unsupported features     27-6

using router ACLs with VLAN maps     27-36

VLAN maps

configuration guidelines     27-29

configuring     27-29

active router     31-1

address aliasing     19-2

addresses

displaying the MAC address table     6-28

dynamic

accelerated aging     15-8

changing the aging time     6-22

default aging     15-8

defined     6-21

learning     6-21

removing     6-23

MAC, discovering     6-28

multicast

group address range     32-3

STP address management     15-8

static

adding and removing     6-25

defined     6-21

address resolution     6-28, 30-8

Address Resolution Protocol

See ARP

adjacency tables, with CEF     30-64

administrative distances

defined     30-75

OSPF     30-34

routing protocol defaults     30-66

advertisements

CDP     21-1

IGRP     30-23

RIP     30-19

VTP     12-19, 13-3

aggregate addresses, BGP     30-59

aggregated ports

See EtherChannel

aggregate policers     28-45

aggregate policing     1-7

aging, accelerating     15-8

aging time

accelerated

for MSTP     16-20

for STP     15-8, 15-21

MAC address table     6-22

maximum

for MSTP     16-21

for STP     15-21

alarms, RMON     24-3

allowed-VLAN list     12-21

alternate routes, IGRP     30-25

area border routers

See ABRs

ARP

configuring     30-9

defined     1-4, 6-28, 30-8

encapsulation     30-10

static cache configuration     30-9

table

address resolution     6-28

managing     6-28

ASBRs     30-29

AS-path filters, BGP     30-53

attributes, RADIUS

vendor-proprietary     8-31

vendor-specific     8-29

audience     xxxiii

authentication

EIGRP     30-41

HSRP     31-8

local mode with AAA     8-36

NTP associations     6-5

RADIUS

key     8-21

login     8-23

See also port-based authentication

TACACS+

defined     8-11

key     8-13

login     8-14

authentication keys, and routing protocols     30-76

authoritative time source, described     6-2

authorization

with RADIUS     8-27

with TACACS+     8-11, 8-16

authorized ports with 802.1X     9-4

autoconfiguration     4-3

automatic discovery

adding member switches     5-17

considerations

beyond a non-candidate device     5-8

brand new switches     5-9

connectivity     5-5

different VLANs     5-7

management VLANs     5-7

non-CDP-capable devices     5-6

non-cluster-capable devices     5-6

routed ports     5-8

creating a cluster standby group     5-19

in switch clusters     5-5

See also CDP

automatic QoS

See QoS

automatic recovery, clusters     5-10

See also HSRP

autonegotiation

duplex mode     1-3

interface configuration guidelines     10-13

mismatches     35-12

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP     30-47

Auto-RP, described     32-5

autosensing, port speed     1-3

auxiliary VLAN

See voice VLAN

availability, features     1-5

B

BackboneFast

described     17-5

enabling     17-13

support for     1-5

banners

configuring

login     6-20

message-of-the-day login     6-19

default configuration     6-18

when displayed     6-18

BGP

aggregate addresses     30-59

aggregate routes, configuring     30-59

CIDR     30-59

clear commands     30-62

community filtering     30-55

configuring neighbors     30-57

BGP (continued)

default configuration     30-45

described     30-44

enabling     30-47

monitoring     30-62

multipath support     30-50

neighbors, types of     30-47

path selection     30-50

peers, configuring     30-57

prefix filtering     30-54

resetting sessions     30-49

route dampening     30-61

route maps     30-52

route reflectors     30-60

routing domain confederation     30-59

show commands     30-62

supernets     30-59

support for     1-8

Version 4     30-44

binding cluster group and HSRP group     31-9

blocking packets     20-6

booting

boot loader, function of     4-2

boot process     4-1

manually     4-13

specific image     4-13

boot loader

accessing     4-14

described     4-2

environment variables     4-14

prompt     4-14

trap-door mechanism     4-2

bootstrap router (BSR), described     32-5

Border Gateway Protocol

See BGP

BPDU

error-disabled state     17-3

filtering     17-3

RSTP format     16-9

BPDU filtering

described     17-3

enabling     17-12

support for     1-5

BPDU guard

described     17-3

enabling     17-11

support for     1-5

bridged packets, ACLs on     27-38

bridge groups

See fallback bridging

bridge protocol data unit

See BPDU

broadcast flooding     30-16

broadcast packets

directed     30-13

flooded     30-13

broadcast storm-control command     20-3

broadcast storms     20-2, 30-13

C

cables, monitoring for unidirectional links     22-1

candidate switch

adding     5-17

automatic discovery     5-5

defined     5-4

HC     5-19

passwords     5-17

requirements     5-4

standby group     5-19

See also command switch, cluster standby group, and member switch

caution, described     xxxiv

CC (command switch)     5-19

CDP

and trusted boundary     28-34

automatic discovery in switch clusters     5-5

configuring     21-2

default configuration     21-2

described     21-1

disabling for routing device     21-3, 21-4

enabling and disabling

on an interface     21-4

on a switch     21-3

monitoring     21-5

overview     21-1

support for     1-4

transmission timer and holdtime, setting     21-2

updates     21-2

CEF     30-63

CGMP

as IGMP snooping learning method     19-8

clearing cached group entries     32-50

enabling server support     32-32

joining multicast group     19-3

overview     32-7

server support only     32-7

switch support of     1-3

CIDR     30-59

Cisco 7960 IP Phone     14-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco Group Management Protocol

See CGMP

Cisco IOS File System

See IFS

CiscoWorks 2000     1-4, 26-5

classless interdomain routing

See CIDR

classless routing     30-6

class maps for QoS

configuring     28-40

described     28-7

displaying     28-64

class of service

See CoS

clearing interfaces     10-23

CLI

abbreviating commands     2-3

command modes     2-1

described     1-4

editing features

enabling and disabling     2-6

keystroke editing     2-6

wrapped lines     2-8

error messages     2-4

filtering command output     2-8

getting help     2-3

history

changing the buffer size     2-5

described     2-4

disabling     2-5

recalling commands     2-5

managing clusters     5-21

no and default forms of commands     2-4

client mode, VTP     13-3

clock

See system clock

Cluster Management Suite

See CMS

cluster requirements

See release notes     xxxv

clusters, switch

accessing     5-13

adding member switches     5-17

automatic discovery     5-5

automatic recovery     5-10

clusters, switch (continued)

benefits     1-2

command switch configuration     5-16

compatibility     5-4

creating     5-16

creating a cluster standby group     5-19

described     5-1

LRE profile considerations     5-15

managing

through CLI     5-21

through SNMP     5-22

planning     5-4

planning considerations

automatic discovery     5-5

automatic recovery     5-10

CLI     5-21

host names     5-13

IP addresses     5-13

LRE profiles     5-15

passwords     5-14

RADIUS     5-14

SNMP     5-14, 5-22

switch-specific features     5-15

TACACS+     5-14

redundancy     5-19

troubleshooting     5-21

verifying     5-20

See also candidate switch, command switch, cluster standby group, member switch, and standby command switch

cluster standby group

and HSRP group     31-9

automatic recovery     5-12

considerations     5-11

creating     5-19

defined     5-2

requirements     5-3

virtual IP address     5-11

See also HSRP

CMS

benefits     1-2

configuration modes     3-5

described     1-2, 1-4

Front Panel view

described     3-2

operating systems and supported browsers     3-9

privilege levels     3-7

requirements     3-8 to  3-9

Topology view     3-15

wizards     3-6

CMS requirements

See switch software configuration guide     xxxv

Coarse Wave Division Multiplexer

See CWDM

command-line interface

See CLI

command modes     2-1

commands

abbreviating     2-3

no and default     2-4

setting privilege levels     8-8

command switch

accessing     5-11

active (AC)     5-10, 5-19

command switch with HSRP disabled (CC)     5-19

configuration conflicts     35-11

defined     5-2

enabling     5-16

passive (PC)     5-10, 5-19

password privilege levels     5-22

priority     5-10

recovery

from command-switch failure     5-10

from failure     35-8

from lost member connectivity     35-11

redundant     5-10, 5-19

command switch (continued)

replacing

with another switch     35-10

with cluster member     35-8

requirements     5-3

standby (SC)     5-10, 5-19

See also candidate switch, cluster standby group, member switch, and standby command switch

community list, BGP     30-56

community strings

configuring     5-14, 26-8

for cluster switches     26-4

in clusters     5-14

overview     26-4

SNMP     5-14

config.text     4-12

configuration, initial

defaults     1-9

Express Setup     1-9

See also hardware installation guide

setup (CLI) program     1-9

configuration conflicts, recovering from lost member connectivity     35-11

configuration examples, network     1-11

configuration files

clearing the startup configuration     B-19

creating using a text editor     B-10

default name     4-12

deleting a stored configuration     B-19

described     B-8

downloading

automatically     4-12

preparing     B-10, B-13, B-16

reasons for     B-8

using FTP     B-13

using RCP     B-17

using TFTP     B-11

guidelines for creating and using     B-9

invalid combinations when copying     B-5

configuration files (continued)

limiting TFTP server access     26-15

obtaining with DHCP     4-7

password recovery disable considerations     8-5

specifying the filename     4-12

system contact and location information     26-14

types and location     B-9

uploading

preparing     B-10, B-13, B-16

reasons for     B-8

using FTP     B-15

using RCP     B-18

using TFTP     B-11

configuration modes, CMS     3-5

configuration settings, saving     4-10

configure terminal command     10-7

config-vlan mode     2-2, 12-7

conflicts, configuration     35-11

connections, secure remote     8-38

connectivity problems     35-13, 35-14, 35-16

consistency checks in VTP version 2     13-4

console port, connecting to     2-9

conventions

command     xxxiv

for examples     xxxiv

publication     xxxiv

text     xxxiv

corrupted software, recovery steps with XMODEM     35-2

CoS

in Layer 2 frames     28-2

override priority     14-5

trust priority     14-5

CoS input queue threshold map for QoS     28-14

CoS output queue threshold map for QoS     28-17

CoS-to-DSCP map for QoS     28-47

counters, clearing interface     10-23

crashinfo file     35-22

cryptographic software image

Kerberos     8-32

SSH     8-37

CWDM     1-16

CWDM SFPs     1-16

D

daylight saving time     6-13

debugging

enabling all system diagnostics     35-19

enabling for a specific feature     35-18

redirecting error message output     35-19

using commands     35-18

default commands     2-4

default configuration

802.1X     9-10

auto-QoS     28-18

banners     6-18

BGP     30-45

booting     4-12

CDP     21-2

DHCP     18-3

DNS     6-17

EIGRP     30-38

EtherChannel     29-9

fallback bridging     34-3

HSRP     31-4

IGMP     32-26

IGMP filtering     19-21

IGMP snooping     19-7

IGMP throttling     19-21

IGRP     30-24

initial switch information     4-3

IP addressing, IP routing     30-4

IP multicast routing     32-8

default configuration (continued)

Layer 2 interfaces     10-11

MAC address table     6-22

MSDP     33-4

MSTP     16-12

MVR     19-16

NTP     6-4

optional spanning-tree features     17-9

OSPF     30-29

password and privilege level     8-2

RADIUS     8-20

RIP     30-19

RMON     24-3

RSPAN     23-9

SNMP     26-7

SPAN     23-9

standard QoS     28-27

STP     15-11

system message logging     25-3

system name and prompt     6-15

TACACS+     8-13

UDLD     22-4

VLAN, Layer 2 Ethernet interfaces     12-19

VLANs     12-8

VMPS     12-29

voice VLAN     14-3

VTP     13-6

default gateway     4-10, 30-11

default networks     30-66

default routes     30-66

default routing     30-2

deleting VLANs     12-10

description command     10-18

designing your network, examples     1-11

destination addresses, in ACLs     27-11

destination-IP address based forwarding, EtherChannel     29-7

destination-MAC address forwarding, EtherChannel     29-7

detecting indirect link failures, STP     17-6

device discovery protocol     21-1

Device Manager     3-15

See also Switch Manager

DHCP-based autoconfiguration

client request message exchange     4-4

configuring

client side     4-3

DNS     4-6

relay device     4-6

server-side     4-5

TFTP server     4-5

example     4-8

lease options

for IP address information     4-5

for receiving the configuration file     4-5

overview     4-3

relationship to BOOTP     4-3

relay support     1-4, 1-8

support for     1-4

DHCP option 82

configuration guidelines     18-3

default configuration     18-3

displaying     18-5

overview     18-2

DHCP snooping

configuration guidelines     18-3

default configuration     18-3

displaying binding tables     18-5

displaying configuration     18-6

message exchange process     18-2

option 82 data insertion     18-2

Differentiated Services architecture, QoS     28-1

Differentiated Services Code Point     28-2

Diffusing Update Algorithm (DUAL)     30-37

directed unicast requests     1-4

directories

changing     B-3

creating and removing     B-4

displaying the working     B-3

discovery, clusters

See automatic discovery

Distance Vector Multicast Routing Protocol

See DVMRP

distance-vector protocols     30-3

distribute-list command     30-75

DNS

and DHCP-based autoconfiguration     4-6

default configuration     6-17

displaying the configuration     6-18

overview     6-16

setting up     6-17

support for     1-4

documentation

feedback     xxxvi

obtaining

CD-ROM     xxxvi

world wide web     xxxv

ordering     xxxvi

related     xxxv

document conventions     xxxiv

domain names

DNS     6-16

VTP     13-8

Domain Name System

See DNS

downloading

configuration files

preparing     B-10, B-13, B-16

reasons for     B-8

using FTP     B-13

using RCP     B-17

using TFTP     B-11

image files

deleting old image     B-24

preparing     B-22, B-25, B-29

reasons for     B-20

downloading (continued)

using FTP     B-26

using RCP     B-31

using TFTP     B-23

DSCP     1-7, 28-2

DSCP input queue threshold map for QoS     28-14

DSCP output queue threshold map for QoS     28-17

DSCP-to-CoS map for QoS     28-50

DSCP-to-DSCP-mutation map for QoS     28-51

DTP     1-6, 12-17

DUAL finite state machine, EIGRP     30-37

duplex mode, configuring     10-12

DVMRP

autosummarization

configuring a summary address     32-46

disabling     32-48

connecting PIM domain to DVMRP router     32-38

enabling unicast routing     32-42

interoperability

with Cisco devices     32-36

with IOS software     32-7

mrinfo requests, responding to     32-41

neighbors

advertising the default route to     32-40

discovery with Probe messages     32-36

displaying information     32-41

prevent peering with nonpruning     32-44

rejecting nonpruning     32-42

overview     32-7

routes

adding a metric offset     32-48

advertising all     32-48

advertising the default route to neighbors     32-40

caching DVMRP routes learned in report messages     32-42

changing the threshold for syslog messages     32-45

deleting     32-50

DVMRP (continued)

displaying     32-50

favoring one over another     32-48

limiting the number injected into MBONE     32-45

limiting unicast route advertisements     32-36

routing table     32-7

source distribution tree, building     32-7

support for     1-8

tunnels

configuring     32-38

displaying neighbor information     32-41

dynamic access ports

characteristics     12-4

configuring     12-30

defined     10-3

dynamic addresses

See addresses

dynamic auto trunking mode     12-17

dynamic desirable trunking mode     12-18

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described     12-28

reconfirming     12-31

troubleshooting     12-33

types of connections     12-30

dynamic routing     30-3

Dynamic Trunking Protocol

See DTP

E

EBGP     30-43

editing features

enabling and disabling     2-6

keystrokes used     2-6

wrapped lines     2-8

EIGRP

and IGRP     30-39

authentication     30-41

components     30-37

configuring     30-39

default configuration     30-38

definition     30-37

interface parameters, configuring     30-40

monitoring     30-42

support for     1-8

enable password     8-4

enable secret password     8-4

encryption for passwords     8-4

Enhanced IGRP

See EIGRP

environment variables

function of     4-15

equal-cost routing     1-8, 30-64

error messages during command entry     2-4

EtherChannel

802.3AD, described     29-5

automatic creation of     29-4, 29-5

channel groups

binding physical and logical interfaces     29-3

numbering of     29-3

configuration guidelines     29-9

configuring

Layer 2 interfaces     29-10

Layer 3 physical interfaces     29-13

Layer 3 port-channel logical interfaces     29-12

configuring Layer 2 interfaces     29-10

default configuration     29-9

described     29-2

displaying status     29-20

forwarding methods     29-6, 29-15

interaction

with STP     29-9

with VLANs     29-10

EtherChannel (continued)

LACP

described     29-5

displaying status     29-20

hot-standby ports     29-17

interaction with other features     29-6

modes     29-6

port priority     29-19

system priority     29-18

LACP, support for     1-3

Layer 3 interface     30-3

load balancing     29-6, 29-15

logical interfaces, described     29-3

PAgP

aggregate-port learners     29-16

compatibility with Catalyst 1900     29-16

described     29-4

displaying status     29-20

interaction with other features     29-5

learn method and priority configuration     29-16

modes     29-4

silent mode     29-5

support for     1-3

port-channel interfaces

described     29-3

numbering of     29-3

port groups     10-5

support for     1-3

Ethernet VLANs

adding     12-8

defaults and ranges     12-8

modifying     12-8

events, RMON     24-3

examples

conventions for     xxxiv

network configuration     1-11

expedite queue for QoS

configuring     28-63

expert mode     3-6

Express Setup     1-9, 3-12

See also hardware installation guide

extended-range VLANs

configuration guidelines     12-13

configuring     12-12

creating     12-13, 12-14

defined     12-1

extended system ID

MSTP     16-14

STP     15-4, 15-14

Extensible Authentication Protocol over LAN     9-1

exterior routes, IGRP     30-23

external BGP

See EBGP

external neighbors, BGP     30-47

F

fallback bridging

and protected ports     34-3

bridge groups

creating     34-3

described     34-1

displaying     34-10

function of     34-2

number supported     34-4

removing     34-4

bridge table

clearing     34-10

displaying     34-10

configuration guidelines     34-3

connecting interfaces with     10-6

default configuration     34-3

described     34-1

frame forwarding

flooding packets     34-2

forwarding packets     34-2

overview     34-1

fallback bridging (continued)

STP

disabling on an interface     34-10

forward-delay interval     34-9

hello BPDU interval     34-8

interface priority     34-6

maximum-idle interval     34-9

path cost     34-7

VLAN-bridge spanning-tree priority     34-6

VLAN-bridge STP     34-2

support for     1-8

SVIs and routed ports     34-1

VLAN-bridge STP     15-11, 34-1

FIB     30-63

fiber-optic, detecting unidirectional links     22-1

files

copying     B-4

crashinfo

description     35-22

displaying the contents of     35-22

location     35-22

deleting     B-5

displaying the contents of     B-8

tar

creating     B-6

displaying the contents of     B-6

extracting     B-7

image file format     B-21

file system

displaying available file systems     B-2

displaying file information     B-3

local file system names     B-1

network file system names     B-4

setting the default     B-3

filtering

in a VLAN     27-29

non-IP traffic     27-26

show and more command output     2-8

filtering show and more command output     2-8

filters, IP

See ACLs, IP

Flash device, number of     B-1

Flash updates, IGRP     30-25

flooded traffic, blocking     20-6

flow-based packet classification     1-7

flowcharts

QoS classification     28-6

QoS egress queueing and scheduling     28-15

QoS ingress queueing and scheduling     28-13

QoS policing and marking     28-9

flow control     1-3, 10-14

forward-delay time

MSTP     16-20

STP     15-21

Forwarding Information Base

See FIB

forwarding non-routable protocols     34-1

FTP

accessing MIB files     A-3

configuration files

downloading     B-13

overview     B-12

preparing the server     B-13

uploading     B-15

image files

deleting old image     B-28

downloading     B-26

preparing the server     B-25

uploading     B-28

G

get-bulk-request operation     26-3

get-next-request operation     26-3, 26-5

get-request operation     26-3, 26-5

get-response operation     26-3

global configuration mode     2-2

guest VLAN and 802.1X     9-8

guide

audience     xxxiii

purpose of     xxxiii

guide mode     1-2, 3-5

H

hardware limitations and Layer 3 interfaces     10-19

HC (candidate switch)     5-19

hello time

MSTP     16-19

STP     15-20

help, for the command line     2-3

history

changing the buffer size     2-5

described     2-4

disabling     2-5

recalling commands     2-5

history table, level and number of syslog messages     25-9

host names

abbreviations appended to     5-19

in clusters     5-13

hosts, limit on dynamic ports     12-33

Hot Standby Router Protocol

See HSRP

HP OpenView     1-4

HSRP

authentication string     31-8

automatic cluster recovery     5-12

binding to cluster group     31-9

cluster standby group considerations     5-11

command-switch redundancy     1-1, 1-5

configuring     31-3

default configuration     31-4

definition     31-1

guidelines     31-4

monitoring     31-10

overview     31-1

priority     31-6

HSRP (continued)

routing redundancy     1-8

timers     31-8

tracking     31-6

See also clusters, cluster standby group, and standby command switch

I

IBPG     30-43

ICMP

redirect messages     30-11

support for     1-8

time exceeded messages     35-16

traceroute and     35-16

unreachable messages     27-19

unreachables and ACLs     27-21

ICMP ping

executing     35-13

overview     35-13

ICMP Router Discovery Protocol

See IRDP

IDS appliances

and ingress RSPAN     23-20

and ingress SPAN     23-13

IEEE 802.1P     14-1

ifIndex values, SNMP     26-6

IFS     1-4

IGMP

configuring the switch

as a member of a group     32-26

statically connected member     32-31

controlling access to groups     32-27

default configuration     32-26

deleting cache entries     32-50

displaying groups     32-50

fast switching     32-31

host-query interval, modifying     32-29

joining multicast group     19-3

IGMP (continued)

join messages     19-3

leave processing, enabling     19-10

leaving multicast group     19-5

multicast reachability     32-26

overview     32-2

queries     19-4

report suppression

described     19-6

disabling     19-11

support for     1-3

Version 1

changing to Version 2     32-28

described     32-3

Version 2

changing to Version 1     32-28

described     32-3

maximum query response time value     32-30

pruning groups     32-30

query timeout value     32-30

IGMP filtering

configuring     19-22

default configuration     19-21

described     19-20

monitoring     19-26

support for     1-3

IGMP groups

configuring the filtering action     19-24

setting the maximum number     19-24

IGMP profile

applying     19-23

configuration mode     19-22

configuring     19-22

IGMP snooping

and address aliasing     19-2

configuring     19-6

default configuration     19-7

definition     19-2

enabling and disabling     19-7

IGMP snooping (continued)

global configuration     19-7

Immediate Leave     19-6

method     19-8

monitoring     19-12

support for     1-3

VLAN configuration     19-7

IGMP throttling

configuring     19-24

default configuration     19-21

described     19-21

displaying action     19-26

IGP     30-28

IGRP

advertisements     30-23

alternate routes     30-25

configuring     30-26

default configuration     30-24

described     30-23

exterior routes     30-23

Flash updates     30-25

interior routes     30-23

load balancing     30-25

poison-reverse updates     30-25

split horizon     30-27

support for     1-8

system routes     30-23

traffic sharing     30-25

unequal-cost load balancing     30-25

Immediate-Leave, IGMP     19-6

initial configuration

defaults     1-9

Express Setup     1-9

See also hardware installation guide

setup (CLI) program     1-9

interface

number     10-7

range macros     10-9

interface command     10-7

interface configuration mode     2-2

interfaces

configuration guidelines     10-13

configuring     10-7

configuring duplex mode     10-12

configuring speed     10-12

counters, clearing     10-23

described     10-18

descriptive name, adding     10-18

displaying information about     10-22

flow control     10-14

management     1-4

monitoring     10-22

naming     10-18

physical, identifying     10-6, 10-7

range of     10-8

restarting     10-23

shutting down     10-23

supported     10-6

types of     10-1

interfaces range macro command     10-9

interface types     10-7

Interior Gateway Protocol

See IGP

Interior Gateway Routing Protocol

See IGRP

interior routes, IGRP     30-23

internal BGP

See IBGP

internal neighbors, BGP     30-47

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Inter-Switch Link

See ISL

inter-VLAN routing     1-8, 30-2

Intrusion Detection System

See IDS

inventory, cluster     5-20

IOS File System

See IFS

ip access group command     27-20

IP ACLs

applying to an interface     27-19

extended, creating     27-10

for QoS classification     28-7

implicit deny     27-9, 27-13, 27-15

implicit masks     27-9

logging     27-15

named     27-14

standard, creating     27-8

undefined     27-20

virtual terminal lines, setting on     27-18

IP addresses

candidate or member     5-4, 5-13

classes of     30-5

cluster access     5-2

command switch     5-3, 5-11, 5-13

default configuration     30-4

discovering     6-28

for IP routing     30-4

MAC address association     30-8

monitoring     30-17

redundant clusters     5-11

standby command switch     5-11, 5-13

See also IP information

IP broadcast address     30-15

ip cef distributed command     30-64

IP directed broadcasts     30-13

ip igmp profile command     19-22

IP information

assigned

manually     4-9

through DHCP-based autoconfiguration     4-3

default configuration     4-3

IP multicast routing

addresses

all-hosts     32-3

all-multicast-routers     32-3

host group address range     32-3

administratively-scoped boundaries, described     32-34

and IGMP snooping     19-2

Auto-RP

adding to an existing sparse-mode cloud     32-13

benefits of     32-13

clearing the cache     32-50

configuration guidelines     32-9

filtering incoming RP announcement messages     32-16

overview     32-5

preventing candidate RP spoofing     32-16

preventing join messages to false RPs     32-15

setting up in a new internetwork     32-13

using with BSR     32-21

bootstrap router

configuration guidelines     32-9

configuring candidate BSRs     32-19

configuring candidate RPs     32-20

defining the IP multicast boundary     32-18

defining the PIM domain border     32-17

overview     32-5

using with Auto-RP     32-21

Cisco implementation     32-2

configuring

basic multicast routing     32-10

IP multicast boundary     32-34

default configuration     32-8

enabling

multicast forwarding     32-10

PIM mode     32-11

group-to-RP mappings

Auto-RP     32-5

BSR     32-5

IP multicast routing (continued)

MBONE

deleting sdr cache entries     32-50

described     32-33

displaying sdr cache     32-51

enabling sdr listener support     32-33

limiting DVMRP routes advertised     32-45

limiting sdr cache entry lifetime     32-34

SAP packets for conference session announcement     32-33

Session Directory (sdr) tool, described     32-33

monitoring

packet rate loss     32-51

peering devices     32-51

tracing a path     32-51

multicast forwarding, described     32-6

PIMv1 and PIMv2 interoperability     32-8

protocol interaction     32-2

reverse path check (RPF)     32-6

routing table

deleting     32-50

displaying     32-51

RP

assigning manually     32-11

configuring Auto-RP     32-13

configuring PIMv2 BSR     32-17

monitoring mapping information     32-22

using Auto-RP and BSR     32-21

statistics, displaying system and network     32-50

See also CGMP

See also DVMRP

See also IGMP

See also PIM

IP phones

and QoS     14-1

automatic classification and queueing     28-18

configuring     14-4

ensuring port security with QoS     28-34

trusted boundary for QoS     28-34

IP precedence     28-2

IP-precedence-to-DSCP map for QoS     28-48

IP protocols

in ACLs     27-11

routing     1-8

IP routes, monitoring     30-77

IP routing

connecting interfaces with     10-6

enabling     30-18

IP traceroute

executing     35-17

overview     35-16

IP unicast routing

address resolution     30-8

administrative distances     30-66, 30-75

ARP     30-8

assigning IP addresses to Layer 3 interfaces     30-5

authentication keys     30-76

broadcast

address     30-15

flooding     30-16

packets     30-13

storms     30-13

classless routing     30-6

configuring static routes     30-65

default

addressing configuration     30-4

gateways     30-11

networks     30-66

routes     30-66

routing     30-2

directed broadcasts     30-13

dynamic routing     30-3

enabling     30-18

EtherChannel Layer 3 interface     30-3

IGP     30-28

inter-VLAN     30-2

IP unicast routing (continued)

IP addressing

classes     30-5

configuring     30-4

IRDP     30-12

Layer 3 interfaces     30-3

MAC address and IP address     30-8

passive interfaces     30-74

protocols

distance-vector     30-3

dynamic     30-3

link-state     30-3

proxy ARP     30-8

redistribution     30-67

reverse address resolution     30-8

routed ports     30-3

static routing     30-2

steps to configure     30-4

subnet mask     30-5

subnet zero     30-6

supernet     30-6

UDP     30-15

with SVIs     30-3

See also BGP

See also EIGRP

See also IGRP

See also OSPF

See also RIP

IRDP

configuring     30-12

definition     30-12

support for     1-8

ISL

and trunk ports     10-3

encapsulation     1-6, 12-16

J

join messages, IGMP     19-3

K

KDC

described     8-32

See also Kerberos

Kerberos

authenticating to

boundary switch     8-35

KDC     8-35

network services     8-35

configuration examples     8-32

configuring     8-36

credentials     8-32

cryptographic software image     8-32

described     8-32

KDC     8-32

operation     8-34

realm     8-33

server     8-33

support for     1-7

switch as trusted third party     8-32

terms     8-33

TGT     8-34

tickets     8-32

key distribution center

See KDC

L

LACP

See EtherChannel

Layer 2 frames, classification with CoS     28-2

Layer 2 interfaces, default configuration     10-11

Layer 2 traceroute

and ARP     35-15

and CDP     35-15

described     35-14

IP addresses and subnets     35-15

MAC addresses and VLANs     35-15

multicast traffic     35-15

multiple devices on a port     35-15

unicast traffic     35-14

usage guidelines     35-15

Layer 2 trunks     12-17

Layer 3 features     1-8

Layer 3 interfaces

assigning IP addresses to     30-5

changing from Layer 2 mode     30-5

types of     30-3

Layer 3 packets, classification methods     28-2

leave processing, IGMP     19-10

LEDs, switch

See hardware installation guide

line configuration mode     2-2

Link Aggregation Control Protocol

See EtherChannel

See LACP

links, unidirectional     22-1

link state advertisements (LSAs)     30-32

link-state protocols     30-3

load balancing, IGRP     30-25

logging messages, ACL     27-9

login authentication

with RADIUS     8-23

with TACACS+     8-14

login banners     6-18

log messages

See system message logging

Long-Reach Ethernet (LRE) technology     1-13

loop guard

described     17-8

enabling     17-15

support for     1-5

LRE profiles, considerations in switch clusters     5-15

M

MAC addresses

aging time     6-22

and VLAN association     6-22

building the address table     6-21

default configuration     6-22

discovering     6-28

displaying     6-28

displaying in DHCP snooping binding table     18-6

dynamic

learning     6-21

removing     6-23

in ACLs     27-26

IP address association     30-8

static

adding     6-26

allowing     6-27

characteristics of     6-25

dropping     6-27

removing     6-26

MAC address notification, support for     1-9

MAC address-to-VLAN mapping     12-27

MAC extended access lists

applying to Layer 2 interfaces     27-28

configuring for QoS     28-39

creating     27-26

defined     27-26

for QoS classification     28-5

macros

See SmartPort macros

manageability features     1-4

management access

in-band

browser session     1-4

CLI session     1-4

SNMP     1-5

out-of-band console port connection     1-5

management options

benefits

clustering     1-3

CMS     1-2

CLI     2-1

overview     1-4

management VLAN

considerations in switch clusters     5-7

discovery through different management VLANs     5-7

mapping tables for QoS

configuring

CoS-to-DSCP     28-47

DSCP     28-47

DSCP-to-CoS     28-50

DSCP-to-DSCP-mutation     28-51

IP-precedence-to-DSCP     28-48

policed-DSCP     28-49

described     28-10

marking

action in policy map     28-42

action with aggregate policers     28-45

described     28-3, 28-8

matching, ACLs     27-7

maximum aging time

MSTP     16-21

STP     15-21

maximum hop count, MSTP     16-21

maximum-paths command     30-50, 30-64

membership mode, VLAN port     12-3

member switch

adding     5-17

automatic discovery     5-5

defined     5-2

member switch (continued)

managing     5-21

passwords     5-13

recovering from lost connectivity     35-11

requirements     5-4

See also candidate switch, cluster standby group, and standby command switch

menu bar

variations     3-4

messages

logging ACL violations     27-15

to users through banners     6-18

metrics, in BGP     30-51

metric translations, between routing protocols     30-70

MIBs

accessing files with FTP     A-3

location of files     A-3

overview     26-1

SNMP interaction with     26-5

supported     A-1

mirroring traffic for analysis     23-1

mismatches, autonegotiation     35-12

module number     10-7

monitoring

access groups     27-40

ACL configuration     27-40

BGP     30-62

cables for unidirectional links     22-1

CDP     21-5

CEF     30-64

EIGRP     30-42

fallback bridging     34-10

features     1-9

HSRP     31-10

IGMP

filters     19-26

snooping     19-12

interfaces     10-22

monitoring (continued)

IP

address tables     30-17

multicast routing     32-49

routes     30-77

MSDP peers     33-19

multicast router interfaces     19-12

MVR     19-20

network traffic for analysis with probe     23-2

OSPF     30-36

port

blocking     20-15

protection     20-15

RP mapping information     32-22

source-active messages     33-19

speed and duplex mode     10-14

traffic flowing among switches     24-1

traffic suppression     20-15

VLAN

filters     27-40

maps     27-40

VLANs     12-16

VMPS     12-32

VTP     13-15

MSDP

benefits of     33-3

clearing MSDP connections and statistics     33-19

controlling source information

forwarded by switch     33-12

originated by switch     33-9

received by switch     33-14

default configuration     33-4

dense-mode regions

sending SA messages to     33-17

specifying the originating address     33-18

filtering

incoming SA messages     33-14

SA messages to a peer     33-12

SA requests from a peer     33-11

MSDP (continued)

join latency, defined     33-6

meshed groups

configuring     33-16

defined     33-16

originating address, changing     33-18

overview     33-1

peer-RPF flooding     33-2

peers

configuring a default     33-4

monitoring     33-19

peering relationship, overview     33-1

requesting source information from     33-8

shutting down     33-16

source-active messages

caching     33-6

clearing cache entries     33-19

defined     33-2

filtering from a peer     33-11

filtering incoming     33-14

filtering to a peer     33-12

limiting data with TTL     33-14

monitoring     33-19

restricting advertised sources     33-9

support for     1-8

MSTP

boundary ports

configuration guidelines     16-13

described     16-5

BPDU filtering

described     17-3

enabling     17-12

BPDU guard

described     17-3

enabling     17-11

CIST, described     16-3

configuration guidelines     16-12, 17-9

MSTP (continued)

configuring

forward-delay time     16-20

hello time     16-19

link type for rapid convergence     16-22

maximum aging time     16-21

maximum hop count     16-21

MST region     16-13

path cost     16-18

port priority     16-17

root switch     16-14

secondary root switch     16-16

switch priority     16-19

CST

defined     16-3

operations between regions     16-4

default configuration     16-12

default optional feature configuration     17-9

displaying status     16-23

enabling the mode     16-13

extended system ID

effects on root switch     16-14

effects on secondary root switch     16-16

unexpected behavior     16-15

instances supported     15-9

interface state, blocking to forwarding     17-2

interoperability and compatibility among modes     15-10

interoperability with 802.1D

described     16-5

restarting migration process     16-22

IST

defined     16-3

master     16-3

operations within a region     16-3

loop guard

described     17-8

enabling     17-15

mapping VLANs to MST instance     16-13

MSTP (continued)

MST region

CIST     16-3

configuring     16-13

described     16-2

hop-count mechanism     16-5

IST     16-3

supported spanning-tree instances     16-2

optional features supported     1-5

overview     16-2

Port Fast

described     17-2

enabling     17-10

preventing root switch selection     17-7

root guard

described     17-7

enabling     17-14

root switch

configuring     16-15

effects of extended system ID     16-14

unexpected behavior     16-15

shutdown Port Fast-enabled port     17-3

status, displaying     16-23

multicast groups

Immediate Leave     19-6

joining     19-3

leaving     19-5

static joins     19-10

multicast packets

ACLs on     27-39

blocking     20-6

multicast router interfaces, monitoring     19-12

multicast router ports, adding     19-9

Multicast Source Discovery Protocol

See MSDP

multicast storm-control command     20-4

multicast storms     20-2

Multicast VLAN Registration

See MVR

Multiple Spanning Tree Protocol

See MSTP

MVR

and address aliasing     19-16

configuring interfaces     19-18

default configuration     19-16

described     19-13

modes     19-17

monitoring     19-20

setting global parameters     19-17

support for     1-3

N

named IP ACLs     27-14

native VLAN

configuring     12-23

default     12-23

neighbor discovery/recovery, EIGRP     30-37

neighbors, BGP     30-57

network configuration examples

increasing network performance     1-11

large network     1-14

long-distance, high-bandwidth transport     1-16

providing network services     1-12

small to medium-sized network     1-13

network design

performance     1-12

services     1-12

network management

CDP     21-1

RMON     24-1

SNMP     26-1

Network Time Protocol

See NTP

no commands     2-4

non-IP traffic filtering     27-26

nontrunking mode     12-17

normal-range VLANs

configuration modes     12-6

defined     12-1

no switchport command     10-3

note, described     xxxiv

not-so-stubby areas

See NSSA

NSSA, OSPF     30-32

NTP

associations

authenticating     6-5

defined     6-2

enabling broadcast messages     6-7

peer     6-6

server     6-6

default configuration     6-4

displaying the configuration     6-11

overview     6-2

restricting access

creating an access group     6-9

disabling NTP services per interface     6-10

source IP address, configuring     6-10

stratum     6-2

support for     1-4

synchronizing devices     6-6

time

services     6-2

synchronizing     6-2

O

Open Shortest Path First

See OSPF

optimizing system resources     7-1

options, management     1-4

OSPF

area parameters, configuring     30-32

configuring     30-30

default configuration

OSPF (continued)

metrics     30-34

route     30-34

settings     30-29

described     30-28

interface parameters, configuring     30-31

LSA group pacing     30-35

monitoring     30-36

router IDs     30-35

route summarization     30-33

support for     1-8

virtual links     30-33

out-of-profile markdown     1-7

P

packet modification, with QoS     28-17

PAgP

See EtherChannel

parallel paths, in routing tables     30-64

passive interfaces

configuring     30-74

OSPF     30-34

passwords

default configuration     8-2

disabling recovery of     8-5

encrypting     8-4

for security     1-6

in clusters     5-14, 5-17

overview     8-1

recovery of     35-4

setting

enable     8-3

enable secret     8-4

Telnet     8-6

with usernames     8-7

VTP domain     13-8

path cost

MSTP     16-18

STP     15-18

PBR

defined     30-71

enabling     30-72

fast-switched policy-based routing     30-73

local policy-based routing     30-73

PC (passive command switch)     5-10, 5-19

peers, BGP     30-57

performance, network design     1-11

performance features     1-3

per-VLAN spanning-tree plus

See PVST+

physical ports     10-2

PIM

default configuration     32-8

dense mode

overview     32-4

rendezvous point (RP), described     32-4

RPF lookups     32-7

displaying neighbors     32-51

enabling a mode     32-11

overview     32-3

router-query message interval, modifying     32-25

shared tree and source tree, overview     32-22

shortest path tree, delaying the use of     32-24

sparse mode

join messages and shared tree     32-4

overview     32-4

prune messages     32-5

RPF lookups     32-7

support for     1-8

versions

interoperability     32-8

troubleshooting interoperability problems     32-22

v2 improvements     32-4

PIM-DVMRP, as snooping method     19-8

ping

character output description     35-14

executing     35-13

overview     35-13

PoE

configuring     10-16

support for     1-8

troubleshooting     35-12

poison-reverse updates, IGRP     30-25

policed-DSCP map for QoS     28-49

policers

configuring

for each matched traffic class     28-42

for more than one traffic class     28-45

described     28-3

displaying     28-64

number of     28-29

types of     28-8

policing

described     28-3

token-bucket algorithm     28-9

policy-based routing

See PBR

policy maps for QoS

characteristics of     28-42

configuring     28-42

described     28-7

displaying     28-65

port ACLs

defined     27-2

types of     27-3

Port Aggregation Protocol

See EtherChannel

See PAgP

port-based authentication

authentication server

defined     9-2

RADIUS server     9-2

client, defined     9-2

configuration guidelines     9-11

configuring

802.1X authentication     9-11

guest VLAN     9-18

host mode     9-17

manual re-authentication of a client     9-14

periodic re-authentication     9-14

quiet period     9-15

RADIUS server     9-14

RADIUS server parameters on the switch     9-13

switch-to-client frame-retransmission number     9-16

switch-to-client retransmission time     9-15

default configuration     9-10

described     9-1

device roles     9-2

displaying statistics     9-19

EAPOL-start frame     9-3

EAP-request/identity frame     9-3

EAP-response/identity frame     9-3

encapsulation     9-2

guest VLAN

configuration guidelines     9-8

described     9-8

initiation and message exchange     9-3

method lists     9-11

multiple-hosts mode, described     9-17

per-user ACLs

AAA authorization     9-11

configuration tasks     9-9

described     9-8

RADIUS server attributes     9-8

port-based authentication (continued)

ports

authorization state and dot1x port-control command     9-4

authorized and unauthorized     9-4

voice VLAN     9-6

port security

and voice VLAN     9-6

described     9-5

interactions     9-5

multiple-hosts mode     9-17

resetting to default values     9-18

statistics, displaying     9-19

switch

as proxy     9-2

RADIUS client     9-2

topologies, supported     9-4

VLAN assignment

AAA authorization     9-11

characteristics     9-7

configuration tasks     9-7

described     9-6

voice VLAN

described     9-6

PVID     9-6

VVID     9-6

port blocking     1-3, 20-6

port-channel

See EtherChannel

Port Fast

described     17-2

enabling     17-10

mode, spanning tree     12-29

support for     1-5

port membership modes, VLAN     12-3

port priority

MSTP     16-17

STP     15-17

ports

access     10-2

blocking     20-6

dynamic access     12-4

protected     20-5

routed     10-3

secure     20-7

static-access     12-3, 12-11

switch     10-2

trunks     12-3, 12-16

VLAN assignments     12-11

port security

aging     20-14

and QoS trusted boundary     28-34

configuring     20-11

default configuration     20-10

described     20-7

displaying     20-15

on trunk ports     20-12

sticky learning     20-8

violations     20-9

with other features     20-10

port-shutdown response, VMPS     12-28

Power over Ethernet

See PoE

preferential treatment of traffic

See QoS

prefix lists, BGP     30-54

preventing unauthorized access     8-1

priority

HSRP     31-6

overriding CoS     14-5

trusting CoS     14-5

private VLAN edge ports

See protected ports

privileged EXEC mode     2-2

privilege levels

changing the default for lines     8-9

command switch     5-22

privilege levels (continued)

exiting     8-10

in CMS     3-7

logging into     8-10

mapping on member switches     5-22

overview     8-2, 8-8

setting a command with     8-8

protected ports     1-6, 20-5

protocol-dependent modules, EIGRP     30-38

Protocol-Independent Multicast Protocol

See PIM

proxy ARP

configuring     30-10

definition     30-8

with IP routing disabled     30-11

pruning, VTP

enabling     13-13

enabling on a port     12-22

examples     13-5

overview     13-4

pruning-eligible list

changing     12-22

for VTP pruning     13-4

VLANs     13-14

PVST+

802.1Q trunking interoperability     15-10

described     15-9

instances supported     15-9

Q

QoS

auto-QoS

categorizing traffic     28-18

configuration and defaults display     28-26

configuration guidelines     28-22

described     28-18

disabling     28-23

displaying generated commands     28-23

QoS (continued)

displaying the initial configuration     28-26

effects on running configuration     28-22

egress queue defaults     28-19

enabling for VoIP     28-23

example configuration     28-24

ingress queue defaults     28-19

list of generated commands     28-20

basic model     28-3

classification

class maps, described     28-7

defined     28-3

flowchart     28-6

forwarding treatment     28-3

in frames and packets     28-2

IP ACLs, described     28-5, 28-7

MAC ACLs, described     28-5, 28-7

options for IP traffic     28-5

options for non-IP traffic     28-5

policy maps, described     28-7

trust DSCP, described     28-5

trusted CoS, described     28-5

trust IP precedence, described     28-5

class maps

configuring     28-40

displaying     28-64

configuration guidelines

auto-QoS     28-22

standard QoS     28-29

configuring

aggregate policers     28-45

auto-QoS     28-18

default port CoS value     28-33

DSCP maps     28-47

DSCP trust states bordering another domain     28-35

egress queue characteristics     28-57

ingress queue characteristics     28-52

IP extended ACLs     28-38

IP standard ACLs     28-37

QoS (continued)

MAC ACLs     28-39

policy maps     28-42

port trust states within the domain     28-31

trusted boundary     28-34

default auto configuration     28-18

default standard configuration     28-27

displaying statistics     28-64

egress queues

allocating buffer space     28-57

buffer allocation scheme, described     28-16

configuring shaped weights for SRR     28-60

configuring shared weights for SRR     28-62

described     28-4

displaying the threshold map     28-60

flowchart     28-15

mapping DSCP or CoS values     28-59

scheduling, described     28-4

setting WTD thresholds     28-57

WTD, described     28-17

enabling globally     28-30

flowcharts

classification     28-6

egress queueing and scheduling     28-15

ingress queueing and scheduling     28-13

policing and marking     28-9

implicit deny     28-7

ingress queues

allocating bandwidth     28-55

allocating buffer space     28-54

buffer and bandwidth allocation, described     28-14

configuring shared weights for SRR     28-55

configuring the priority queue     28-56

described     28-3

displaying the threshold map     28-53

flowchart     28-13

mapping DSCP or CoS values     28-53

priority queue, described     28-14

scheduling, described     28-3

QoS (continued)

setting WTD thresholds     28-53

WTD, described     28-14

IP phones

automatic classification and queueing     28-18

detection and trusted settings     28-18, 28-34

limiting bandwidth on egress interface     28-63

mapping tables

CoS-to-DSCP     28-47

displaying     28-64

DSCP-to-CoS     28-50

DSCP-to-DSCP-mutation     28-51

IP-precedence-to-DSCP     28-48

policed-DSCP     28-49

types of     28-10

marked-down actions     28-43

marking, described     28-3, 28-8

overview     28-1

packet modification     28-17

policers

configuring     28-43, 28-45

described     28-8

displaying     28-64

number of     28-29

types of     28-8

policies, attaching to an interface     28-9

policing

described     28-3, 28-8

token bucket algorithm     28-9

policy maps

characteristics of     28-42

configuring     28-42

displaying     28-65

QoS label, defined     28-3

queues

configuring egress characteristics     28-57

configuring ingress characteristics     28-52

high priority (expedite)     28-17, 28-63

location of     28-11

QoS (continued)

SRR, described     28-12

WTD, described     28-11

rewrites     28-17

support for     1-7

trust states

bordering another domain     28-35

described     28-5

trusted device     28-34

within the domain     28-31

quality of service

See QoS

queries, IGMP     19-4

R

RADIUS

attributes

vendor-proprietary     8-31

vendor-specific     8-29

configuring

accounting     8-28

authentication     8-23

authorization     8-27

communication, global     8-21, 8-29

communication, per-server     8-21

multiple UDP ports     8-21

default configuration     8-20

defining AAA server groups     8-25

displaying the configuration     8-31

identifying the server     8-21

in clusters     5-14

limiting the services to the user     8-27

method list, defined     8-20

operation of     8-19

overview     8-18

suggested network environments     8-18

support for     1-7

tracking services accessed by user     8-28

range

macro     10-9

of interfaces     10-8

rapid convergence     16-7

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability     15-10

described     15-9

instances supported     15-9

Rapid Spanning Tree Protocol

See RSTP

RARP     30-8

rcommand command     5-21

RCP

configuration files

downloading     B-17

overview     B-16

preparing the server     B-16

uploading     B-18

image files

deleting old image     B-32

downloading     B-31

preparing the server     B-29

uploading     B-33

reconfirmation interval, VMPS, changing     12-31

recovery procedures     35-1

redundancy

EtherChannel     29-2

HSRP     31-1

STP

backbone     15-8

path cost     12-26

port priority     12-24

redundant clusters

See cluster standby group

redundant links and UplinkFast     17-13

reliable transport protocol, EIGRP     30-37

reloading software     4-16

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

report suppression, IGMP

described     19-6

disabling     19-11

requirements

cluster

See release notes     xxxv

CMS

See switch software configuration guide     xxxv

resets, in BGP     30-49

resetting a UDLD-shutdown interface     22-6

restricting access

NTP services     6-8

overview     8-1

passwords and privilege levels     8-2

RADIUS     8-18

TACACS+     8-10

retry count, VMPS, changing     12-32

reverse address resolution     30-8

Reverse Address Resolution Protocol

See RARP

RFC

1058, RIP     30-19

1112, IP multicast and IGMP     19-2

1157, SNMPv1     26-2

1163, BGP     30-43

1166, IP addresses     30-5

1253, OSPF     30-28

1267, BGP     30-43

1305, NTP     6-2

1587, NSSAs     30-28

1757, RMON     24-2

RFC (continued)

1771, BGP     30-43

1901, SNMPv2C     26-2

1902 to 1907, SNMPv2     26-2

2236, IP multicast and IGMP     19-2

2273-2275, SNMPv3     26-2

RIP

advertisements     30-19

authentication     30-21

configuring     30-20

default configuration     30-19

described     30-19

hop counts     30-19

split horizon     30-22

summary addresses     30-22

support for     1-8

RMON

default configuration     24-3

displaying status     24-6

enabling alarms and events     24-3

groups supported     24-2

overview     24-1

statistics

collecting group Ethernet     24-6

collecting group history     24-5

support for     1-9

root guard

described     17-7

enabling     17-14

support for     1-5

root switch

MSTP     16-14

STP     15-14

route calculation timers, OSPF     30-34

route dampening, BGP     30-61

routed packets, ACLs on     27-38

routed ports

configuring     30-3

defined     10-3

in switch clusters     5-8

IP addresses on     10-19, 30-3

route-map command     30-73

route maps

BGP     30-52

policy-based routing     30-71

router ACLs

defined     27-2

types of     27-4

route reflectors, BGP     30-60

router ID, OSPF     30-35

route selection, BGP     30-50

route summarization, OSPF     30-33

routing

default     30-2

dynamic     30-3

redistribution of information     30-67

static     30-2

routing domain confederation, BGP     30-59

Routing Information Protocol

See RIP

routing protocol administrative distances     30-66

RSPAN

characteristics     23-8

configuration guidelines     23-16

default configuration     23-9

destination ports     23-7

displaying status     23-23

interaction with other features     23-8

monitored ports     23-5

monitoring ports     23-7

overview     1-9, 23-1

received traffic     23-4

RSPAN (continued)

session limits     23-10

sessions

creating     23-17

defined     23-3

limiting source traffic to specific VLANs     23-22

specifying monitored ports     23-17

with ingress traffic enabled     23-20

source ports     23-5

transmitted traffic     23-5

VLAN-based     23-6

RSTP

active topology, determining     16-6

BPDU

format     16-9

processing     16-10

designated port, defined     16-6

designated switch, defined     16-6

interoperability with 802.1D

described     16-5

restarting migration process     16-22

topology changes     16-10

overview     16-6

port roles

described     16-6

synchronized     16-8

proposal-agreement handshake process     16-7

rapid convergence

described     16-7

edge ports and Port Fast     16-7

point-to-point links     16-7, 16-22

root ports     16-7

root port, defined     16-6

See also MSTP

running configuration, saving     4-10

S

SC (standby command switch)     5-10, 5-19

scheduled reloads     4-16

SDM

described     7-1

templates

configuring     7-3

number of     7-1

SDM template

configuring     7-2

secure MAC addresses

deleting     20-13

maximum number of     20-8

types of     20-8

secure ports

configuring     20-7

secure remote connections     8-38

Secure Shell

See SSH

security, port     20-7

security features     1-6

sequence numbers in log messages     25-7

server mode, VTP     13-3

service-provider network

MSTP and RSTP     16-1

set-request operation     26-5

setup (CLI) program     1-9

See also hardware installation guide

setup program

failed command switch replacement     35-8, 35-10

severity levels, defining in system messages     25-8

SFPs

security and identification     35-12

shaped round robin

See SRR

show access-lists hw-summary command     27-21

show and more command output, filtering     2-8

show cdp traffic command     21-5

show cluster members command     5-21

show configuration command     10-18

show forward command     35-19

show interfaces command     10-14, 10-18

show platform forward command     35-19

show running-config command

displaying ACLs     27-19, 27-20, 27-30, 27-33

interface description in     10-18

shutdown command on interfaces     10-23

Simple Network Management Protocol

See SNMP

SmartPort macros

configuration guidelines     11-2

creating and applying     11-3

default configuration     11-2

defined     11-1

displaying     11-4

tracing     11-2

SNAP     21-1

SNMP

accessing MIB variables with     26-5

agent

described     26-4

disabling     26-8

authentication level     26-10

community strings

configuring     26-8

for cluster switches     26-4

overview     26-4

configuration examples     26-15

default configuration     26-7

engine ID     26-7

groups     26-7, 26-9

host     26-7

ifIndex values     26-6

in-band management     1-5

in clusters     5-14

informs

and trap keyword     26-11

SNMP (continued)

described     26-5

differences from traps     26-5

enabling     26-14

limiting access by TFTP servers     26-15

limiting system log messages to NMS     25-9

manager functions     1-4, 26-3

managing clusters with     5-22

MIBs

location of     A-3

supported     A-1

notifications     26-5

overview     26-1, 26-5

security levels     26-3

status, displaying     26-16

system contact and location     26-14

trap manager, configuring     26-13

traps

described     26-3, 26-5

differences from informs     26-5

enabling     26-11

enabling MAC address notification     6-23

overview     26-1, 26-5

types of     26-11

users     26-7, 26-9

versions supported     26-2

SNMPv1     26-2

SNMPv2C     26-2

SNMPv3     26-2

snooping, IGMP     19-2

software images

location in Flash     B-20

recovery procedures     35-2

scheduling reloads     4-16

tar file format, described     B-21

See also downloading and uploading

source addresses, in ACLs     27-11

source-and-destination-IP address based forwarding, EtherChannel     29-7

source-and-destination MAC address forwarding, EtherChannel     29-7

source-IP address based forwarding, EtherChannel     29-7

source-MAC address forwarding, EtherChannel     29-7

SPAN

configuration guidelines     23-10

default configuration     23-9

destination ports     23-7

displaying status     23-23

interaction with other features     23-8

monitored ports     23-5

monitoring ports     23-7

overview     1-9, 23-1

received traffic     23-4

session limits     23-10

sessions

configuring ingress forwarding     23-14, 23-21

creating     23-11

defined     23-3

limiting source traffic to specific VLANs     23-15

removing destination (monitoring) ports     23-12

specifying monitored ports     23-11

with ingress traffic enabled     23-13

source ports     23-5

transmitted traffic     23-5

VLAN-based     23-6

spanning tree and native VLANs     12-19

Spanning Tree Protocol

See STP

SPAN traffic     23-4

speed, configuring on interfaces     10-12

split horizon

IGRP     30-27

RIP     30-22

SRR

configuring

shaped weights on egress queues     28-60

shared weights on egress queues     28-62

shared weights on ingress queues     28-55

SRR (continued)

described     28-12

shaped mode     28-12

shared mode     28-12

support for     1-7

SSH

configuring     8-39

cryptographic software image     8-37

described     1-4, 8-38

encryption methods     8-38

user authentication methods, supported     8-38

Standby Command Configuration window     5-20

standby command switch

configuring      5-19

considerations     5-11

defined     5-2

priority     5-10

requirements     5-3

virtual IP address     5-11

See also cluster standby group and HSRP

standby group, cluster

See cluster standby group and HSRP

standby ip command     31-5

standby router     31-1

standby timers, HSRP     31-8

startup configuration

booting

manually     4-13

specific image     4-13

clearing     B-19

configuration file

automatically downloading     4-12

specifying the filename     4-12

default boot configuration     4-12

static access ports

assigning to VLAN     12-11

defined     10-3, 12-3

static addresses

See addresses

static IP routing     1-8

static MAC addressing     1-6

static routes, configuring     30-65

static routing     30-2

static VLAN membership     12-2

statistics

802.1X     9-19

CDP     21-5

interface     10-22

IP multicast routing     32-50

OSPF     30-36

QoS ingress and egress     28-64

RMON group Ethernet     24-6

RMON group history     24-5

SNMP input and output     26-16

VTP     13-15

sticky learning     20-8

storm control

configuring     20-3

described     20-2

displaying     20-15

support for     1-3

thresholds     20-2

STP

802.1D and bridge ID     15-4

802.1D and multicast addresses     15-8

802.1T and VLAN identifier     15-4

accelerating root port selection     17-4

BackboneFast

described     17-5

enabling     17-13

BPDU filtering

described     17-3

enabling     17-12

BPDU guard

described     17-3

enabling     17-11

BPDU message exchange     15-3

configuration guidelines     15-12, 17-9

STP (continued)

configuring

forward-delay time     15-21

hello time     15-20

maximum aging time     15-21

path cost     15-18

port priority     15-17

root switch     15-14

secondary root switch     15-16

spanning-tree mode     15-13

switch priority     15-19

counters, clearing     15-22

default configuration     15-11

default optional feature configuration     17-9

designated port, defined     15-3

designated switch, defined     15-3

detecting indirect link failures     17-6

disabling     15-14

displaying status     15-22

extended system ID

effects on root switch     15-14

effects on the secondary root switch     15-16

overview     15-4

unexpected behavior     15-15

features supported     1-5

inferior BPDU     15-3

instances supported     15-9

interface state, blocking to forwarding     17-2

interface states

blocking     15-6

disabled     15-7

forwarding     15-5, 15-6

learning     15-6

listening     15-6

overview     15-4

interoperability and compatibility among modes     15-10

limitations with 802.1Q trunks     15-10

load sharing

overview     12-24

STP (continued)

using path costs     12-26

using port priorities     12-24

loop guard

described     17-8

enabling     17-15

modes supported     15-9

multicast addresses, effect of     15-8

optional features supported     1-5

overview     15-2

path costs     12-26

Port Fast

described     17-2

enabling     17-10

port priorities     12-25

preventing root switch selection     17-7

protocols supported     15-9

redundant connectivity     15-8

root guard

described     17-7

enabling     17-14

root port, defined     15-3

root switch

configuring     15-15

effects of extended system ID     15-4, 15-14

election     15-3

unexpected behavior     15-15

shutdown Port Fast-enabled port     17-3

status, displaying     15-22

superior BPDU     15-3

timers, described     15-20

UplinkFast

described     17-4

enabling     17-13

VLAN-bridge     15-11

stratum, NTP     6-2

stub areas, OSPF     30-32

subnet mask     30-5

subnet zero     30-6

success response, VMPS     12-28

summer time     6-13

SunNet Manager     1-4

supernet     30-6

SVIs

and IP unicast routing     30-3

and router ACLs     27-4

connecting VLANs     10-5

defined     10-4

routing between VLANs     12-2

switch clustering technology     5-1

See also clusters, switch     1-3

See clusters, switch

switch console port     1-5

Switch Database Management

See SDM

switched packets, ACLs on     27-37

Switched Port Analyzer

See SPAN

switched ports     10-2

Switch Manager     3-15

See also Device Manager

switchport block multicast command     20-6

switchport block unicast command     20-6

switchport command     10-11

switchport protected command     20-5

switch priority

MSTP     16-19

STP     15-19

switch software features     1-1

switch virtual interface

See SVI

synchronization, BGP     30-47

syslog

See system message logging

system clock

configuring

daylight saving time     6-13

manually     6-11

summer time     6-13

time zones     6-12

displaying the time and date     6-12

overview     6-2

See also NTP

system message logging

default configuration     25-3

defining error message severity levels     25-8

disabling     25-4

displaying the configuration     25-12

enabling     25-4

facility keywords, described     25-12

level keywords, described     25-8

limiting messages     25-9

message format     25-2

overview     25-1

sequence numbers, enabling and disabling     25-7

setting the display destination device     25-4

synchronizing log messages     25-5

syslog facility     1-9

time stamps, enabling and disabling     25-7

UNIX syslog servers

configuring the daemon     25-10

configuring the logging facility     25-11

facilities supported     25-12

system name

default configuration     6-15

default setting     6-15

manual configuration     6-15

See also DNS

system prompt

default setting     6-15

manual configuration     6-16

system resources, optimizing     7-1

system routes, IGRP     30-23

T

TACACS+

accounting, defined     8-11

authentication, defined     8-11

authorization, defined     8-11

configuring

accounting     8-17

authentication key     8-13

authorization     8-16

login authentication     8-14

default configuration     8-13

displaying the configuration     8-17

identifying the server     8-13

in clusters     5-14

limiting the services to the user     8-16

operation of     8-12

overview     8-10

support for     1-6

tracking services accessed by user     8-17

tar files

creating     B-6

displaying the contents of     B-6

extracting     B-7

image file format     B-21

Telnet

accessing management interfaces     2-9

from a browser     2-9

number of connections     1-4

setting a password     8-6

templates, SDM     7-1

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password     8-6

TFTP

configuration files

downloading     B-11

preparing the server     B-10

uploading     B-11

TFTP (continued)

configuration files in base directory     4-6

configuring for autoconfiguration     4-5

image files

deleting     B-24

downloading     B-23

preparing the server     B-22

uploading     B-24

limiting access by servers     26-15

TFTP server     1-4

threshold, traffic level     20-2

time

See NTP and system clock

time-range command     27-16

time ranges in ACLs     27-16

time stamps in log messages     25-7

time zones     6-12

Token Ring VLANs

support for     12-5

VTP support     13-4

Topology view

described     3-2, 3-15

TOS     1-7

traceroute, Layer 2

and ARP     35-15

and CDP     35-15

described     35-14

IP addresses and subnets     35-15

MAC addresses and VLANs     35-15

multicast traffic     35-15

multiple devices on a port     35-15

unicast traffic     35-14

usage guidelines     35-15

traceroute command     35-17

See also IP traceroute

traffic

blocking flooded     20-6

fragmented     27-5

unfragmented     27-5

traffic policing     1-7

traffic suppression     20-2

transparent mode, VTP     13-3, 13-12

trap-door mechanism     4-2

traps

configuring MAC address notification     6-23

configuring managers     26-11

defined     26-3

enabling     6-23, 26-11

notification types     26-11

overview     26-1, 26-5

troubleshooting

connectivity problems     35-13, 35-14, 35-16

detecting unidirectional links     22-1

determining packet forwarding     35-19

displaying crash information     35-22

PIMv1 and PIMv2 interoperability problems     32-22

SFP security and identification     35-12

show forward command     35-19

with CiscoWorks     26-5

with debug commands     35-18

with ping     35-13

with system message logging     25-1

with traceroute     35-16

trunking encapsulation     1-6

trunk ports

configuring     12-20

defined     10-3, 12-3

encapsulation     12-20, 12-25, 12-26

secure MAC addresses on     20-11

trunks

allowed-VLAN list     12-21

configuring     12-20, 12-25, 12-26

ISL     12-16

load sharing

setting STP path costs     12-26

using STP port priorities     12-24, 12-25

native VLAN for untagged traffic     12-23

parallel     12-26

trunks (continued)

pruning-eligible list     12-22

to non-DTP device     12-17

understanding     12-17

trusted boundary for QoS     28-34

trusted port states

between QoS domains     28-35

classification options     28-5

ensuring port security for IP phones     28-34

support for     1-7

within a QoS domain     28-31

twisted-pair Ethernet, detecting unidirectional links     22-1

type of service

See TOS

U

UDLD

default configuration     22-4

echoing detection mechanism     22-3

enabling

globally     22-5

per interface     22-6

link-detection mechanism     22-1

neighbor database     22-2

overview     22-1

resetting an interface     22-6

status, displaying     22-7

support for     1-5

UDP, configuring     30-15

unauthorized ports with 802.1X     9-4

unequal-cost load balancing, IGRP     30-25

unicast MAC address filtering     1-4

and adding static addresses     6-27

and broadcast MAC addresses     6-26

and CPU packets     6-26

unicast MAC address filtering (continued)

and multicast addresses     6-26

and router MAC addresses     6-26

configuration guidelines     6-26

described     6-26

unicast storm control command     20-4

unicast storms     20-2

unicast traffic, blocking     20-6

UniDirectional Link Detection protocol

See UDLD

UNIX syslog servers

daemon configuration     25-10

facilities supported     25-12

message logging configuration     25-11

unrecognized Type-Length-Value (TLV) support     13-4

upgrading information

See release notes     xxxv

upgrading software images

See downloading

UplinkFast

described     17-4

enabling     17-13

support for     1-5

uploading

configuration files

preparing     B-10, B-13, B-16

reasons for     B-8

using FTP     B-15

using RCP     B-18

using TFTP     B-11

image files

preparing     B-22, B-25, B-29

reasons for     B-20

using FTP     B-28

using RCP     B-33

using TFTP     B-24

User Datagram Protocol

See UDP

user EXEC mode     2-2

username-based authentication     8-7

V

version-dependent transparent mode     13-4

virtual IP address

cluster standby group     5-11, 5-19

command switch     5-11, 5-19

See also IP addresses

virtual router     31-1, 31-2

vlan.dat file     12-4

VLAN 1, disabling on a trunk port     12-21

VLAN 1 minimization     12-21

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS     12-28

VLAN configuration

at bootup     12-7

saving     12-7

VLAN configuration mode     2-2, 12-7

VLAN database

and startup configuration file     12-7

and VTP     13-1

VLAN configuration saved in     12-7

VLANs saved in     12-4

vlan database command     12-7

VLAN filtering, and SPAN     23-6

vlan global configuration command     12-7

VLAN ID, discovering     6-28

VLAN management domain     13-2

VLAN Management Policy Server

See VMPS

VLAN map entries, order of     27-29

VLAN maps

applying     27-33

common uses for     27-33

configuration example     27-34

configuration guidelines     27-29

configuring     27-29

creating     27-30

defined     27-2

denying access example     27-35

denying and permitting packets     27-31

displaying     27-40

examples     27-35

support for     1-6

with router ACLs     27-40

VLAN membership

confirming     12-31

modes     12-3

VLAN Query Protocol

See VQP

VLANs

adding     12-8

adding to VLAN database     12-8

aging dynamic addresses     15-9

allowed on trunk     12-21

and spanning-tree instances     12-3, 12-6, 12-13

configuration guidelines, extended-range VLANs     12-13

configuration guidelines, normal-range VLANs     12-6

configuration options     12-6

configuring     12-1

configuring IDs 1006 to 4094     12-13

connecting through SVIs     10-5

creating in config-vlan mode     12-9

creating in VLAN configuration mode     12-10

default configuration     12-8

deleting     12-10

described     10-2, 12-1

displaying     12-16

extended-range     12-1, 12-12

features     1-5

VLANs (continued)

illustrated     12-2

internal     12-13

limiting source traffic with RSPAN     23-22

limiting source traffic with SPAN     23-15

modifying     12-8

native, configuring     12-23

normal-range     12-1, 12-4

number supported     1-5

parameters     12-5

port membership modes     12-3

static-access ports     12-11

STP and 802.1Q trunks     15-10

supported     12-3

Token Ring     12-5

traffic between     12-2

VLAN-bridge STP     15-11, 34-1

VTP modes     13-3

VLAN Trunking Protocol

See VTP

VLAN trunks     12-16, 12-17

VMPS

administering     12-32

configuration example     12-33

configuration guidelines     12-29

default configuration     12-29

description     12-27

dynamic port membership

described     12-28

reconfirming     12-31

troubleshooting     12-33

entering server address     12-30

mapping MAC addresses to VLANs     12-27

monitoring     12-32

reconfirmation interval, changing     12-31

reconfirming membership     12-31

retry count, changing     12-32

voice-over-IP     14-1

voice VLAN

Cisco 7960 phone, port connections     14-1

configuration guidelines     7-2, 14-3

configuring IP phones for data traffic

override CoS of incoming frame     14-5

trust CoS priority of incoming frame     14-5

configuring ports for voice traffic in

802.1P priority tagged frames     14-5

802.1Q frames     14-4

connecting to an IP phone     14-4

default configuration     14-3

described     14-1

displaying     14-6

VQP     1-5, 12-27

VTP

adding a client to a domain     13-14

advertisements     12-19, 13-3

and extended-range VLANs     13-1

and normal-range VLANs     13-2

client mode, configuring     13-11

configuration

global configuration mode     13-7

guidelines     13-8

privileged EXEC mode     13-7

requirements     13-9

saving     13-7

VLAN configuration mode     13-7

configuration mode options     13-7

configuration requirements     13-9

configuration revision number

guideline     13-14

resetting     13-15

configuring

client mode     13-11

server mode     13-9

transparent mode     13-12

consistency checks     13-4

default configuration     13-6

VTP (continued)

described     13-1

disabling     13-12

domain names     13-8

domains     13-2

modes

client     13-3, 13-11

server     13-3, 13-9

transitions     13-3

transparent     13-3, 13-12

monitoring     13-15

passwords     13-8

pruning

disabling     13-14

enabling     13-13

examples     13-5

overview     13-4

support for     1-6

pruning-eligible list, changing     12-22

server mode, configuring     13-9

statistics     13-15

support for     1-6

Token Ring support     13-4

transparent mode, configuring     13-12

using     13-1

version, guidelines     13-9

version 1     13-4

version 2

configuration guidelines     13-9

disabling     13-13

enabling     13-13

overview     13-4

W

weighted tail drop

See WTD

wizards     1-2, 3-6

WTD

described     28-11

setting thresholds

egress queue-sets     28-57

ingress queues     28-53

support for     1-7

X

XMODEM protocol     35-2