A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
A
aaa accounting dot1x command 2-1
aaa authentication dot1x command 2-3
aaa authorization network command 2-5
AAA methods 2-3
abort command 2-567
access control entries
See ACEs
access control lists
See ACLs
access groups
IP 2-152
MAC, displaying 2-398
access list, IPv6 2-218
access map configuration mode 2-274
access mode 2-509
access ports 2-509
ACEs 2-91, 2-343
ACLs
deny 2-89
displaying 2-272
for non-IP protocols 2-254
IP 2-152
matching 2-274
on Layer 2 interfaces 2-152
permit 2-341
action command 2-6
address aliasing 2-323
aggregate-port learner 2-329
allowed VLANs 2-529
apply command 2-567
archive copy-sw command 2-8
archive download-sw command 2-11
archive tar command 2-15
archive upload-sw command 2-18
arp access-list command 2-20
audience xix
authentication failed VLAN
See dot1x auth-fail vlan
auth-fail max-attempts
See dot1x auth-fail max-attempts
auth-fail vlan
See dot1x auth-fail vlan
authorization state of controlled port 2-125
autonegotiation of duplex mode 2-134
auto qos voip command 2-22
B
BackboneFast, for STP 2-435
backup interfaces
configuring 2-504
displaying 2-340
boot (boot loader) command A-2
boot auto-copy-sw command 2-27
boot auto-download-sw command 2-28
boot boothlpr command 2-30
boot config-file command 2-31
boot enable-break command 2-32
boot helper command 2-33
boot helper-config file command 2-34
booting
Cisco IOS image 2-37
displaying environment variables 2-281
interrupting 2-28, 2-32
manually 2-35
boot loader
accessing A-1
booting
Cisco IOS image A-2
helper image 2-33
directories
creating A-16
displaying a list of A-7
removing A-20
displaying
available commands A-12
memory heap utilization A-14
version A-27
environment variables
described A-21
displaying settings A-21
location of A-22
setting A-21
unsetting A-25
files
copying A-5
deleting A-6
displaying a list of A-7
displaying the contents of A-4, A-17, A-24
renaming A-18
file system
formatting A-10
initializing flash A-9
running a consistency check A-11
loading helper images A-13
prompt A-1
resetting the system A-19
boot manual command 2-35
boot private-config-file command 2-36
boot system command 2-37
BPDU filtering, for spanning tree 2-436, 2-471
BPDU guard, for spanning tree 2-438, 2-471
broadcast storm control 2-492
C
candidate switches
See clusters
cat (boot loader) command A-4
Catalyst 3750G Integrated Wireless LAN Controller Switch 2-263
caution, description xx
CDP, enabling protocol tunneling for 2-237
channel-group command 2-39
channel-protocol command 2-43
Cisco Network Assistant
See Network Assistant xx
Cisco SoftPhone
auto-QoS configuration 2-22
trusting packets sent from 2-314
class command 2-44
class-map command 2-46
class maps
creating 2-46
defining the match criteria 2-276
displaying 2-286
class of service
See CoS
clear dot1x command 2-48
clear eap sessions command 2-49
clear ip arp inspection log command 2-50
clear ip arp inspection statistics command 2-51
clear ipc command 2-53
clear ip dhcp snooping database command 2-52
clear l2protocol-tunnel counters command 2-54
clear lacp command 2-55
clear mac address-table command 2-56, 2-58
clear pagp command 2-59
clear port-security command 2-60
clear spanning-tree counters command 2-62
clear spanning-tree detected-protocols command 2-63
clear vmps statistics command 2-64
clear vtp counters command 2-65
cluster commander-address command 2-66
cluster discovery hop-count command 2-68
cluster enable command 2-69
cluster holdtime command 2-70
cluster member command 2-71
cluster outside-interface command 2-73
cluster requirements xx
cluster run command 2-74
clusters
adding candidates 2-71
binding to HSRP group 2-75
building manually 2-71
communicating with
devices outside the cluster 2-73
members by using Telnet 2-370
debug messages, display B-5
displaying
candidate switches 2-289
debug messages B-5
member switches 2-291
status 2-287
hop-count limit for extended discovery 2-68
HSRP standby groups 2-75
redundancy 2-75
SNMP trap 2-425
cluster standby-group command 2-75
cluster timer command 2-77
command modes defined 1-2
commands changed in Cisco IOS Release 12.2(18)SE 1-6
command switch
See clusters
configuration, initial
See getting started guide and hardware installation guide
configuration files
password recovery disable considerations A-1
specifying the name 2-31, 2-36
configuring multiple interfaces 2-147
config-vlan mode
commands 2-553
description 1-4
entering 2-552
summary 1-3
controller, wireless 2-263
conventions
command xx
for examples xx
publication xx
text xx
copy (boot loader) command A-5
CoS
assigning default value to incoming packets 2-284
assigning to Layer 2 protocol packets 2-240
overriding the incoming value 2-284
CoS-to-DSCP map 2-288
CPU ASIC statistics, displaying 2-293
crashinfo files 2-140
D
debug auto qos command B-2
debug backup command B-4
debug cluster command B-5
debug dot1x command B-7
debug dtp command B-9
debug eap command B-10
debug etherchannel command B-12
debug ilpower command B-14
debug interface command B-17
debug ip dhcp snooping command B-15
debug ip igmp filter command B-19
debug ip igmp max-groups command B-20
debug ip igmp snooping command B-21
debug ip verify source packet command B-16
debug lacp command B-22
debug mac-notification command B-23
debug matm command B-24
debug matm move update command B-25
debug monitor command B-26
debug mvrdbg command B-28
debug nvram command B-29
debug pagp command B-30
debug platform acl command B-31
debug platform backup interface command B-32
debug platform cli-redirection main command B-33
debug platform configuration command B-34, B-42
debug platform cpu-queues command B-35
debug platform device-manager command B-37
debug platform dot1x command B-38
debug platform etherchannel command B-39
debug platform fallback-bridging command B-40
debug platform forw-tcam command B-41
debug platform ip arp inspection command B-44
debug platform ipc command B-52
debug platform ip dhcp command B-45
debug platform ip igmp snooping command B-46
debug platform ip multicast command B-48
debug platform ip unicast command B-50
debug platform led command B-53
debug platform matm command B-54
debug platform messaging application command B-56
debug platform phy command B-58
debug platform pm command B-60
debug platform port-asic command B-62
debug platform port-security command B-63
debug platform qos-acl-tcam command B-64
debug platform remote-commands command B-65
debug platform resource-manager command B-66
debug platform snmp command B-67
debug platform span command B-68
debug platform stack-manager command B-69
debug platform supervisor-asic command B-70
debug platform sw-bridge command B-71
debug platform tcam command B-72
debug platform udld command B-75
debug platform vlan command B-76
debug platform wireless-controller B-102
debug pm command B-77
debug port-security command B-79
debug qos-manager command B-80
debug spanning-tree backbonefast command B-83
debug spanning-tree bpdu command B-84
debug spanning-tree bpdu-opt command B-85
debug spanning-tree command B-81
debug spanning-tree mstp command B-86
debug spanning-tree switch command B-88
debug spanning-tree uplinkfast command B-90
debug sw-vlan command B-91
debug sw-vlan ifs command B-93
debug sw-vlan notification command B-95
debug sw-vlan vtp command B-97
debug udld command B-99
debug vqpc command B-101
define interface-range command 2-79
delete (boot loader) command A-6
delete command 2-81
deny (ARP access-list configuration) command 2-82
deny (IPv6) command 2-84
deny command 2-89
detect mechanism, causes 2-135
device manager requirements xx
DHCP snooping
accepting untrusted packets from edge switch 2-180
enabling
on a VLAN 2-187
option 82 2-178, 2-180
trust on an interface 2-185
error recovery timer 2-137
rate limiting 2-184
DHCP snooping binding database
binding file, configuring 2-176
bindings
adding 2-174
deleting 2-174
displaying 2-357
clearing database agent statistics 2-52
database agent, configuring 2-176
displaying
binding entries 2-357
database agent status 2-359
renewing 2-377
dir (boot loader) command A-7
directories, deleting 2-81
documentation, related xx
document conventions xx
domain name, VTP 2-578, 2-582
dot1x auth-fail max-attempts 2-101
dot1x auth-fail vlan 2-103
dot1x command 2-99
dot1x control-direction command 2-105
dot1x critical global configuration command 2-107
dot1x critical interface configuration command 2-109
dot1x default command 2-111
dot1x fallback command 2-112
dot1x guest-vlan command 2-113
dot1x host-mode command 2-116
dot1x initialize command 2-118
dot1x mac-auth-bypass command 2-119
dot1x max-reauth-req command 2-121
dot1x max-req command 2-122
dot1x multiple-hosts command 2-123
dot1x pae command 2-124
dot1x port-control command 2-125
dot1x re-authenticate command 2-127
dot1x re-authentication command 2-128
dot1x reauthentication command 2-129
dot1x timeout command 2-130
dropping packets, with ACL matches 2-6
drop threshold, Layer 2 protocol tunneling 2-237
DSCP-to-CoS map 2-288
DSCP-to-DSCP-mutation map 2-288
DTP 2-510
DTP flap
error detection for 2-135
error recovery timer 2-137
DTP negotiation 2-514
dual IPv4 and IPv6 templates 2-335
duplex command 2-133
dynamic-access ports
configuring 2-502
restrictions 2-503
dynamic ARP inspection
ARP ACLs
apply to a VLAN 2-160
define 2-20
deny packets 2-82
display 2-276
permit packets 2-333
clear
log buffer 2-50
statistics 2-51
display
ARP ACLs 2-276
configuration and operating state 2-353
log buffer 2-353
statistics 2-353
trust state and rate limit 2-353
enable per VLAN 2-170
error detection for 2-135
error recovery timer 2-137
log buffer
clear 2-50
configure 2-164
display 2-353
rate-limit incoming ARP packets 2-162
statistics
clear 2-51
display 2-353
trusted interface state 2-166
type of packet logged 2-171
validation checks 2-168
dynamic auto VLAN membership mode 2-509
dynamic desirable VLAN membership mode 2-509
Dynamic Host Configuration Protocol (DHCP)
See DHCP snooping
Dynamic Trunking Protocol
See DTP
E
EAP-request/identity frame
maximum number to send 2-122
response time before retransmitting 2-130
encapsulation methods 2-529
environment variables, displaying 2-281
errdisable detect cause command 2-135
errdisable recovery command 2-137
error conditions, displaying 2-328
error disable detection 2-135
error-disabled interfaces, displaying 2-340
EtherChannel
assigning Ethernet interface to channel group 2-39
creating port-channel logical interface 2-145
debug EtherChannel/PAgP, display B-12
debug platform-specific events, display B-39
displaying 2-332
enabling Layer 2 protocol tunneling for
LACP 2-238
PAgP 2-238
UDLD 2-238
interface information, displaying 2-340
LACP
clearing channel-group information 2-55
debug messages, display B-22
displaying 2-392
modes 2-39
port priority for hot-standby ports 2-241
restricting a protocol 2-43
system priority 2-243
load-distribution methods 2-351
PAgP
aggregate-port learner 2-329
clearing channel-group information 2-59
debug messages, display B-30
displaying 2-442
error detection for 2-135
error recovery timer 2-137
learn method 2-329
modes 2-39
physical-port learner 2-329
priority of interface for transmitted traffic 2-331
Ethernet controller, internal register display 2-295
Ethernet statistics, collecting 2-253
examples, conventions for xx
exception crashinfo command 2-140
exit command 2-567
extended discovery of candidate switches 2-68
extended-range VLANs
and allowed VLAN list 2-529
and pruning-eligible list 2-529
configuring 2-552
extended system ID for STP 2-444
F
fallback profile command 2-141
fan information, displaying 2-323
file name, VTP 2-578
files, deleting 2-81
flash_init (boot loader) command A-9
Flex Links
configuring 2-504
displaying 2-340
flowcontrol command 2-143
format (boot loader) command A-10
forwarding packets, with ACL matches 2-6
forwarding results, display C-6
frame forwarding information, displaying C-6
front-end controller
counter and status information C-8
fsck (boot loader) command A-11
G
global configuration mode 1-2, 1-4
H
hardware ACL statistics 2-272
health monitoring diagnostic tests
configuring 2-92
help (boot loader) command A-12
hierarchical policy maps 2-349
hop-count limit for clusters 2-68
host connection, port configuration 2-508
host ports, private VLANs 2-512
Hot Standby Router Protocol
See HSRP
HSRP
binding HSRP group to cluster 2-75
standby group 2-75
I
IEEE 802.1Q trunk ports and native VLANs 2-569
IEEE 802.1Q tunnel ports
configuring 2-509
displaying 2-312
limitations 2-510
IEEE 802.1x
and switchport modes 2-510
violation error recovery 2-137
See also port-based authentication
IEEE 802.1X Port Based Authentication
enabling guest VLAN supplicant 2-102, 2-112, 2-142
IGMP filters
applying 2-190
debug messages, display B-19
IGMP groups, setting maximum 2-191
IGMP maximum groups, debugging B-20
IGMP profiles
creating 2-193
displaying 2-361
IGMP snooping
adding ports as a static member of a group 2-210
displaying 2-362, 2-367, 2-369
enabling 2-195
enabling the configurable-leave timer 2-197
enabling the Immediate-Leave feature 2-206
flooding query count 2-203
interface topology change notification behavior 2-205
multicast table 1-6, 2-365
querier 2-199
query solicitation 2-203
report suppression 2-201
switch topology change notification behavior 2-203
images
See software images
Immediate-Leave feature, MVR 2-325
Immediate-Leave processing
IPv6 2-233
immediate-leave processing 2-206
initial configuration
See getting started guide and hardware installation guide
interface configuration mode 1-2, 1-4
interface port-channel command 2-145
interface range command 2-147
interface-range macros 2-79
interfaces
assigning Ethernet interface to channel group 2-39
configuring 2-133
configuring multiple 2-147
creating port-channel logical 2-145
debug messages, display B-17
disabling 2-423
displaying the MAC address table 2-410
restarting 2-423
interface speed, configuring 2-481
interface vlan command 2-150
internal registers, displaying 2-295, 2-305
Internet Group Management Protocol
See IGMP
invalid GBIC
error detection for 2-135
error recovery timer 2-137
ip access-group command 2-152
ip address command 2-155
IP addresses, setting 2-155
IP address matching 2-274
ip admission command 2-157
ip admission name proxy http command 2-158
ip arp inspection filter vlan command 2-160
ip arp inspection limit command 2-162
ip arp inspection log-buffer command 2-164
ip arp inspection trust command 2-166
ip arp inspection validate command 2-168
ip arp inspection vlan command 2-170
ip arp inspection vlan logging command 2-171
IP DHCP snooping
See DHCP snooping
ip dhcp snooping binding command 2-174
ip dhcp snooping command 2-173
ip dhcp snooping database command 2-176
ip dhcp snooping information option allow-untrusted command 2-180
ip dhcp snooping information option command 2-178
ip dhcp snooping information option format remote-id command 2-182
ip dhcp snooping limit rate command 2-184
ip dhcp snooping trust command 2-185
ip dhcp snooping verify command 2-186
ip dhcp snooping vlan command 2-187
ip dhcp snooping vlan information option format-type circuit-id string command 2-188
ip igmp filter command 2-190
ip igmp max-groups command 2-191
ip igmp profile command 2-193
ip igmp snooping command 2-195
ip igmp snooping last-member-query-interval command 2-197
ip igmp snooping querier command 2-199
ip igmp snooping report-suppression command 2-201
ip igmp snooping tcn command 2-203
ip igmp snooping tcn flood command 2-205
ip igmp snooping vlan immediate-leave command 2-206
ip igmp snooping vlan mrouter command 2-208
ip igmp snooping vlan static command 2-210
IP multicast addresses 2-322
IP phones
auto-QoS configuration 2-22
trusting packets sent from 2-314
IP-precedence-to-DSCP map 2-288
ip snap forwarding command 2-212
ip source binding command 2-213
IP source guard
disabling 2-217
displaying
binding entries 2-371
configuration 2-373
dynamic binding entries only 2-357
enabling 2-217
static IP source bindings 2-213
ip ssh command 2-215
IPv6 access list
deny conditions 2-84
ipv6 access-list command 2-218
ipv6 mld snooping command 2-221
ipv6 mld snooping last-listener-query count command 2-223
ipv6 mld snooping last-listener-query-interval command 2-225
ipv6 mld snooping listener-message-suppression command 2-227
ipv6 mld snooping robustness-variable command 2-229
ipv6 mld snooping tcn command 2-231
ipv6 mld snooping vlan command 2-233
IPv6 SDM template 2-254
ipv6 traffic-filter command 2-235
ip verify source command 2-217
J
jumbo frames
See MTU
L
l2protocol-tunnel command 2-237
l2protocol-tunnel cos command 2-240
LACP
See EtherChannel
lacp port-priority command 2-241
lacp system-priority command 2-243
Layer 2 mode, enabling 2-500
Layer 2 protocol ports, displaying 2-389
Layer 2 protocol-tunnel
error detection for 2-135
error recovery timer 2-137
Layer 2 protocol tunnel counters 2-54
Layer 2 protocol tunneling error recovery 2-238
Layer 2 traceroute
IP addresses 2-543
MAC addresses 2-540
Layer 3 mode, enabling 2-500
line configuration mode 1-3, 1-5
Link Aggregation Control Protocol
See EtherChannel
link flap
error detection for 2-135
error recovery timer 2-137
link state group command 2-245
link state track command 2-247
load_helper (boot loader) command A-13
load-distribution methods for EtherChannel 2-351
logging event command 2-248
logging event power-inline-status command 2-249
logging file command 2-250
logical interface 2-145
loopback error
detection for 2-135
recovery timer 2-137
loop guard, for spanning tree 2-446, 2-450
M
mac access-group command 2-252
MAC access-groups, displaying 2-398
MAC access list configuration mode 2-254
mac access-list extended command 2-254
MAC access lists 2-89
MAC addresses
displaying
aging time 2-404
all 2-402
dynamic 2-408
MAC address-table move updates 2-412
notification settings 2-414
number of addresses in a VLAN 2-406
per interface 2-410
per VLAN 2-418
static 2-416
static and dynamic entries 2-400
dynamic
aging time 2-256
deleting 2-56
displaying 2-408
enabling MAC address notification 2-259
enabling MAC address-table move update 2-257
matching 2-274
persistent stack 2-489
static
adding and removing 2-261
displaying 2-416
dropping on an interface 2-262
tables 2-402
MAC address notification, debugging B-23
mac address-table aging-time 2-252, 2-274
mac address-table aging-time command 2-256
mac address-table move update command 2-257
mac address-table notification command 2-259
mac address-table static command 2-261
mac address-table static drop command 2-262
macro apply command 2-264
macro description command 2-267
macro global command 2-268
macro global description command 2-271
macro name command 2-272
macros
adding a description 2-267
adding a global description 2-271
applying 2-268
creating 2-272
displaying 2-444
interface range 2-79, 2-147
specifying parameter values 2-268
tracing 2-268
manual
audience xix
purpose of xix
maps
QoS
defining 2-288
displaying 2-428
VLAN
creating 2-564
defining 2-274
displaying 2-483
match (access-map configuration) command 2-274
match (class-map configuration) command 2-276
maximum transmission unit
See MTU
mdix auto command 2-278
MDL snooping
displaying 2-383
member switches
See clusters
memory (boot loader) command A-14
mkdir (boot loader) command A-16
MLD snooping
configuring 2-227, 2-229
configuring queries 2-223, 2-225
configuring topology change notification 2-231
displaying 2-381, 2-385, 2-387
enabling 2-221
MLD snooping on a VLAN
enabling 2-233
mls qos aggregate-policer command 2-282
mls qos command 2-280
mls qos cos command 2-284
mls qos dscp-mutation command 2-286
mls qos map command 2-288
mls qos queue-set output buffers command 2-292
mls qos queue-set output threshold command 2-294
mls qos rewrite ip dscp command 2-296
mls qos srr-queue input bandwidth command 2-298
mls qos srr-queue input buffers command 2-300
mls qos-srr-queue input cos-map command 2-302
mls qos srr-queue input dscp-map command 2-304
mls qos srr-queue input priority-queue command 2-306
mls qos srr-queue input threshold command 2-308
mls qos-srr-queue output cos-map command 2-310
mls qos srr-queue output dscp-map command 2-312
mls qos trust command 2-314
mls qos vlan-based command 2-316
mode, MVR 2-322
Mode button, and password recovery 2-258
modes, commands 1-2
monitor session command 2-317
more (boot loader) command A-17
MSTP
displaying 2-460, 2-461, 2-462
interoperability 2-63
link type 2-448
MST region
aborting changes 2-454
applying changes 2-454
configuration name 2-454
configuration revision number 2-454
current or pending display 2-454
displaying 2-460, 2-461, 2-462
MST configuration mode 2-454
VLANs-to-instance mapping 2-454
path cost 2-456
protocol mode 2-452
restart protocol migration process 2-63
root port
loop guard 2-446
preventing from becoming designated 2-446
restricting which can be root 2-446
root guard 2-446
root switch
affects of extended system ID 2-444
hello-time 2-459, 2-467
interval between BDPU messages 2-460
interval between hello BPDU messages 2-459, 2-467
max-age 2-460
maximum hop count before discarding BPDU 2-461
port priority for selection of 2-463
primary or secondary 2-467
switch priority 2-466
state changes
blocking to forwarding state 2-473
enabling BPDU filtering 2-436, 2-471
enabling BPDU guard 2-438, 2-471
enabling Port Fast 2-471, 2-473
forward-delay time 2-458
length of listening and learning states 2-458
rapid transition to forwarding 2-448
shutting down Port Fast-enabled ports 2-471
state information display 2-459
MTU
configuring size 2-537
displaying global setting 2-472
Multicase Listener Discovery
See MLD
multicast group address, MVR 2-325
multicast groups, MVR 2-323
Multicast Listener Discovery
See MLD
multicast router learning method 2-208
multicast router ports
IPv6 2-233
multicast router ports, configuring 2-208
multicast storm control 2-492
multicast VLAN, MVR 2-322
multicast VLAN registration
See MVR
Multiple Spanning Tree Protocol
See MSTP
MVR
and address aliasing 2-323
configuring 2-322
configuring interfaces 2-325
debug messages, display B-28
displaying 2-436
displaying interface information 2-438
members, displaying 2-440
mvr (global configuration) command 2-322
mvr (interface configuration) command 2-325
mvr vlan group command 2-326
N
native VLANs 2-529
native VLAN tagging 2-569
Network Assistant requirements xx
nonegotiate
DTP messaging 2-514
nonegotiate, speed 2-481
non-IP protocols
denying 2-89
forwarding 2-341
non-IP traffic access lists 2-254
non-IP traffic forwarding
denying 2-89
permitting 2-341
non-stop forwarding 2-328
normal-range VLANs 2-552, 2-558
note, description xx
no vlan command 2-552, 2-562
nsf command 2-328
O
online diagnostics
configuring
health monitoring diagnostic tests 2-92
displaying
configured boot-up coverage level 2-309
current scheduled tasks 2-309
event logs 2-309
supported test suites 2-309
test ID 2-309
test results 2-309
test statistics 2-309
enabling
scheduling 2-95
syslog messages 2-92
global configuration mode
clearing health monitoring diagnostic test schedule 2-92
clearing test-based testing schedule 2-95
setting health monitoring diagnostic testing 2-92
setting test-based testing 2-95
setting up health monitoring diagnostic test schedule 2-92
setting up test-based testing 2-95
removing
scheduling 2-95
scheduled switchover
disabling 2-95
enabling 2-95
setting
test interval 2-95
specifying
health monitoring diagnostic tests 2-92
starting testing 2-97
P
PAgP
See EtherChannel
pagp learn-method command 2-329
pagp port-priority command 2-331
password, VTP 2-578, 2-582
password-recovery mechanism, enabling and disabling 2-258
permit (ARP access-list configuration) command 2-333
permit (IPv6) command 2-335
permit (MAC access-list configuration) command 2-341
per-VLAN spanning-tree plus
See STP
physical-port learner 2-329
PID, displaying 2-352
PIM-DVMRP, as multicast router learning method 2-208
PoE
configuring the power budget 2-356
configuring the power management mode 2-353
displaying controller register values 2-303
displaying power management information 2-452
logging of status 2-249
police aggregate command 2-346
police command 2-344
policed-DSCP map 2-288
policy-map command 2-348
policy maps
applying to an interface 2-260, 2-267
creating 2-348
displaying 2-447
hierarchical 2-349
policers
displaying 2-421
for a single class 2-344
for multiple classes 2-282, 2-346
policed-DSCP map 2-288
traffic classification
defining the class 2-44
defining trust states 2-545
setting DSCP or IP precedence values 2-265
Port Aggregation Protocol
See EtherChannel
port-based authentication
AAA method list 2-3
debug messages, display B-7
enabling IEEE 802.1x
globally 2-99
per interface 2-125
guest VLAN 2-113
host modes 2-116
IEEE 802.1x AAA accounting methods 2-1
initialize an interface 2-118
MAC authentication bypass 2-119
manual control of authorization state 2-125
PAE as authenticator 2-124
periodic re-authentication
enabling 2-129
time between attempts 2-130
quiet period between failed authentication exchanges 2-130
re-authenticating IEEE 802.1x-enabled ports 2-127
resetting configurable IEEE 802.1x parameters 2-111
switch-to-authentication server retransmission time 2-130
switch-to-client frame-retransmission number2-121to 2-122
switch-to-client retransmission time 2-130
port-channel load-balance command 2-351
Port Fast, for spanning tree 2-473
port ranges, defining 2-79
ports, debugging B-77
ports, protected 2-527
port security
aging 2-521
debug messages, display B-79
enabling 2-516
violation error recovery 2-137
port trust states for QoS 2-314
port types, MVR 2-325
power information, displaying 2-323
power inline command 2-353
power inline consumption command 2-356
Power over Ethernet
See PoE
priority-queue command 2-358
priority value, stack member 2-469, 2-495
private-vlan command 2-360
private-vlan mapping command 2-363
private VLANs
association 2-525
configuring 2-360
configuring ports 2-512
displaying 2-478
host ports 2-512
mapping
configuring 2-525
displaying 2-340
promiscuous ports 2-512
privileged EXEC mode 1-2, 1-3
product identification information, displaying 2-352
promiscuous ports, private VLANs 2-512
protected ports, displaying 2-346
pruning
VLANs 2-529
VTP
displaying interface information 2-340
enabling 2-578, 2-582
pruning-eligible VLAN list 2-531
PVST+
See STP
Q
QoS
auto-QoS
configuring 2-22
debug messages, display 1-6, B-2
displaying 2-277
class maps
creating 2-46
defining the match criteria 2-276
displaying 2-286
defining the CoS value for an incoming packet 2-284
displaying configuration information 2-277, 2-420
DSCP transparency 2-296
DSCP trusted ports
applying DSCP-to-DSCP-mutation map to 2-286
defining DSCP-to-DSCP-mutation map 2-288
egress queues
allocating buffers 2-292
defining the CoS output queue threshold map 2-310
defining the DSCP output queue threshold map 2-312
displaying buffer allocations 2-424
displaying CoS output queue threshold map 2-428
displaying DSCP output queue threshold map 2-428
displaying queueing strategy 2-424
displaying queue-set settings 2-431
enabling bandwidth shaping and scheduling 2-485
enabling bandwidth sharing and scheduling 2-487
limiting the maximum output on a port 2-483
mapping a port to a queue-set 2-365
mapping CoS values to a queue and threshold 2-310
mapping DSCP values to a queue and threshold 2-312
setting maximum and reserved memory allocations 2-294
setting WTD thresholds 2-294
enabling 2-280
ingress queues
allocating buffers 2-300
assigning SRR scheduling weights 2-298
defining the CoS input queue threshold map 2-302
defining the DSCP input queue threshold map 2-304
displaying buffer allocations 2-424
displaying CoS input queue threshold map 2-428
displaying DSCP input queue threshold map 2-428
displaying queueing strategy 2-424
displaying settings for 2-422
enabling the priority queue 2-306
mapping CoS values to a queue and threshold 2-302
mapping DSCP values to a queue and threshold 2-304
setting WTD thresholds 2-308
maps
defining 2-288, 2-302, 2-304, 2-310, 2-312
displaying 2-428
policy maps
applying an aggregate policer 2-346
applying to an interface 2-260, 2-267
creating 2-348
defining policers 2-282, 2-344
displaying policers 2-421
displaying policy maps 2-447
hierarchical 2-349
policed-DSCP map 2-288
setting DSCP or IP precedence values 2-265
traffic classifications 2-44
trust states 2-545
port trust states 2-314
queues, enabling the expedite 2-358
statistics
in-profile and out-of-profile packets 2-424
packets enqueued or dropped 2-424
sent and received CoS values 2-424
sent and received DSCP values 2-424
trusted boundary for IP phones 2-314
VLAN-based 2-316
quality of service
See QoS
querytime, MVR 2-322
queue-set command 2-365
R
radius-server dead-criteria command 2-366
radius-server host command 2-368
rapid per-VLAN spanning-tree plus
See STP
rapid PVST+
See STP
rcommand command 2-370
re-authenticating IEEE 802.1x-enabled ports 2-127
re-authentication
periodic 2-129
time between attempts 2-130
receiver ports, MVR 2-325
receiving flow-control packets 2-143
recovery mechanism
causes 2-137
display 2-283, 2-326, 2-330
timer interval 2-138
redundancy for cluster switches 2-75
reload command 2-372
remote command 2-374
remote-span command 2-375
Remote Switched Port Analyzer
See RSPAN
rename (boot loader) command A-18
renew ip dhcp snooping database command 2-377
requirements
cluster xx
device manager xx
Network Assistant xx
reset (boot loader) command A-19
reset command 2-567
resource templates, displaying 2-455
restricted VLAN
See dot1x auth-fail vlan
rmdir (boot loader) command A-20
rmon collection stats command 2-253
root guard, for spanning tree 2-446
routed ports
IP addresses on 2-156
number supported 2-156
RSPAN
configuring 2-317
displaying 2-434
filter RSPAN traffic 2-317
remote-span command 2-375
sessions
add interfaces to 2-317
displaying 2-434
start new 2-317
S
scheduled switchover
disabling 2-95
enabling 2-95
SDM mismatch mode 2-255, 2-470
sdm prefer command 2-254
SDM templates
allowed resources 2-256
and stacking 2-255
displaying 2-455
dual IPv4 and IPv6 2-254
secure ports, limitations 2-518
sending flow-control packets 2-143
service password-recovery command 2-258
service-policy command 2-260
session command 2-263
set (boot loader) command A-21
set command 2-265
setup command 2-267
setup express command 2-270
show access-lists command 2-272
show archive status command 2-275
show arp access-list command 2-276
show auto qos command 2-277
show boot command 2-281
show cable-diagnostics tdr command 2-283
show changes command 2-567
show class-map command 2-286
show cluster candidates command 2-289
show cluster command 2-287
show cluster members command 2-291
show controllers cpu-interface command 2-293
show controllers ethernet-controller command 2-295
show controllers power inline command 2-303
show controllers tcam command 2-305
show controller utilization command 2-307
show current command 2-567
show dot1q-tunnel command 2-312
show dot1x command 2-313
show dtp 2-318
show eap command 2-320
show env command 2-323
show errdisable detect command 2-326
show errdisable flap-values command 2-328
show errdisable recovery command 2-330
show etherchannel command 2-332
show flowcontrol command 2-335
show idprom command 2-337
show interfaces command 2-340
show interfaces counters command 2-349
show inventory command 2-352
show ip arp inspection command 2-353
show ipc command 2-375
show ip dhcp snooping binding command 2-357
show ip dhcp snooping command 2-356
show ip dhcp snooping database command 2-359
show ip igmp profile command 2-361
show ip igmp snooping address command 2-383
show ip igmp snooping command 2-362, 2-381
show ip igmp snooping groups command 2-365
show ip igmp snooping mrouter command 2-367, 2-385
show ip igmp snooping querier command 2-369, 2-387
show ip source binding command 2-371
show ipv6 access-list command 2-379
show ip verify source command 2-373
show l2protocol-tunnel command 2-389
show lacp command 2-392
show link state group command 2-396
show mac access-group command 2-398
show mac address-table address command 2-402
show mac address-table aging time command 2-404
show mac address-table command 2-400
show mac address-table count command 2-406
show mac address-table dynamic command 2-408
show mac address-table interface command 2-410
show mac address-table move update command 2-412
show mac address-table notification command 2-58, 2-414, B-25
show mac address-table static command 2-416
show mac address-table vlan command 2-418
show mls qos aggregate-policer command 2-421
show mls qos command 2-420
show mls qos input-queue command 2-422
show mls qos interface command 2-424
show mls qos maps command 2-428
show mls qos queue-set command 2-431
show mls qos vlan command 2-433
show monitor command 2-434
show mvr command 2-436
show mvr interface command 2-438
show mvr members command 2-440
show pagp command 2-442
show parser macro command 2-444
show platform acl command C-2
show platform backup interface command C-3
show platform configuration command C-4
show platform etherchannel command C-5
show platform forward command C-6
show platform frontend-controller command C-8
show platform igmp snooping command C-9
show platform ipc trace command C-16
show platform ip multicast command C-11
show platform ip unicast command C-12
show platform ipv6 unicast command C-17
show platform layer4op command C-19
show platform mac-address-table command C-20
show platform messaging command C-21
show platform monitor command C-22
show platform mvr table command C-23
show platform pm command C-24
show platform port-asic command C-25
show platform port-security command C-30
show platform qos command C-31
show platform resource-manager command C-32
show platform snmp counters command C-34
show platform spanning-tree command C-35
show platform stack-manager command C-37
show platform stp-instance command C-36
show platform tb command C-39
show platform tcam command C-41
show platform vlan command C-44
show policy-map command 2-447
show port security command 2-449
show power inline command 2-452
show proposed command 2-567
show sdm prefer command 2-455
show setup express command 2-458
show spanning-tree command 2-459
show storm-control command 2-467
show switch command 2-469
show system mtu command 2-472
show trust command 2-545
show udld command 2-473
show version command 2-476
show vlan access-map command 2-483
show vlan command 2-478
show vlan command, fields 2-480
show vlan filter command 2-484
show vmps command 2-485
show vtp command 2-488
shutdown command 2-423
shutdown threshold, Layer 2 protocol tunneling 2-237
shutdown vlan command 2-424
Smartports macros
See macros
SNMP host, specifying 2-429
SNMP informs, enabling the sending of 2-425
snmp-server enable traps command 2-425
snmp-server host command 2-429
snmp trap mac-notification command 2-433
SNMP traps
enabling MAC address notification trap 2-433
enabling the MAC address notification feature 2-259
enabling the sending of 2-425
SoftPhone
See Cisco SoftPhone
software images
copying 2-8
deleting 2-81
downloading 2-11
upgrading 2-8, 2-11
uploading 2-18
software version, displaying 2-476
source ports, MVR 2-325
SPAN
configuring 2-317
debug messages, display B-26
displaying 2-434
filter SPAN traffic 2-317
sessions
add interfaces to 2-317
displaying 2-434
start new 2-317
spanning 2-475
spanning-tree backbonefast command 2-435
spanning-tree bpdufilter command 2-436
spanning-tree bpduguard command 2-438
spanning-tree cost command 2-440
spanning-tree etherchannel command 2-442
spanning-tree extend system-id command 2-444
spanning-tree guard command 2-446
spanning-tree link-type command 2-448
spanning-tree loopguard default command 2-450
spanning-tree mode command 2-452
spanning-tree mst configuration command 2-454
spanning-tree mst cost command 2-456
spanning-tree mst forward-time command 2-458
spanning-tree mst hello-time command 2-459
spanning-tree mst max-age command 2-460
spanning-tree mst max-hops command 2-461
spanning-tree mst port-priority command 2-463
spanning-tree mst pre-standard command 2-465
spanning-tree mst priority command 2-466
spanning-tree mst root command 2-467
spanning-tree portfast (global configuration) command 2-471
spanning-tree portfast (interface configuration) command 2-473
spanning-tree port-priority command 2-469
Spanning Tree Protocol
See STP
spanning-tree transmit hold-count command 2-475
spanning-tree uplinkfast command 2-476
spanning-tree vlan command 2-478
speed command 2-481
srr-queue bandwidth limit command 2-483
srr-queue bandwidth shape command 2-485
srr-queue bandwidth share command 2-487
SSH, configuring version 2-215
stack-mac persistent timer command 2-489
stack member
access 2-263
number 2-469, 2-498
priority value 2-495
provisioning 2-496
reloading 2-372
stacks, switch
MAC address 2-489
provisioning a new member 2-496
reloading 2-372
stack member access 2-263
stack member number 2-469, 2-498
stack member priority value 2-469, 2-495
static-access ports, configuring 2-502
statistics, Ethernet group 2-253
sticky learning, enabling 2-516
storm-control command 2-492
STP
BackboneFast 2-435
counters, clearing 2-62
debug messages, display
BackboneFast events B-83
MSTP B-86
optimized BPDUs handling B-85
spanning-tree activity B-81
switch shim B-88
transmitted and received BPDUs B-84
UplinkFast B-90
detection of indirect link failures 2-435
enabling protocol tunneling for 2-237
EtherChannel misconfiguration 2-442
extended system ID 2-444
path cost 2-440
protocol modes 2-452
root port
accelerating choice of new 2-476
loop guard 2-446
preventing from becoming designated 2-446
restricting which can be root 2-446
root guard 2-446
UplinkFast 2-476
root switch
affects of extended system ID 2-444, 2-479
hello-time 2-478
interval between BDPU messages 2-478
interval between hello BPDU messages 2-478
max-age 2-478
port priority for selection of 2-469
primary or secondary 2-478
switch priority 2-478
state changes
blocking to forwarding state 2-473
enabling BPDU filtering 2-436, 2-471
enabling BPDU guard 2-438, 2-471
enabling Port Fast 2-471, 2-473
enabling timer to recover from error state 2-137
forward-delay time 2-478
length of listening and learning states 2-478
shutting down Port Fast-enabled ports 2-471
state information display 2-459
VLAN options 2-466, 2-478
SVIs, creating 2-150
Switched Port Analyzer
See SPAN
switching characteristics
modifying 2-500
returning to interfaces 2-500
switchport access command 2-502
switchport backup interface command 2-504
switchport block command 2-507
switchport command 2-500
switchport host command 2-508
switchport mode command 2-509
switchport mode private-vlan command 2-512
switchport nonegotiate command 2-514
switchport port-security aging command 2-521
switchport port-security command 2-516
switchport priority extend command 2-523
switchport private-vlan command 2-525
switchport protected command 2-527
switchports, displaying 2-340
switchport trunk command 2-529
switchport voice vlan command 2-533
switch priority command 2-495
switch provision command 2-496
switch renumber command 2-498
system env temperature threshold yellow command 2-535
system message logging 2-249
system message logging, save message to flash 2-250
system mtu command 2-537
system resource templates 2-254
T
tar files, creating, listing, and extracting 2-15
TDR, running 2-539
Telnet, using to communicate to cluster switches 2-370
temperature information, displaying 2-323
templates, system resources 2-254
test cable-diagnostics tdr command 2-539
traceroute mac command 2-540
traceroute mac ip command 2-543
trunking, VLAN mode 2-509
trunk mode 2-509
trunk ports 2-509
trunks, to non-DTP device 2-510
trusted boundary for QoS 2-314
trusted port states for QoS 2-314
tunnel ports, Layer 2 protocol, displaying 2-389
type (boot loader) command A-24
U
UDLD
aggressive mode 2-547, 2-549
debug messages, display B-99
enable globally 2-547
enable per interface 2-549
error recovery timer 2-137
message timer 2-547
normal mode 2-547, 2-549
reset a shutdown interface 2-551
status 2-473
udld command 2-547
udld port command 2-549
udld reset command 2-551
unicast storm control 2-492
UniDirectional Link Detection
See UDLD
unknown multicast traffic, preventing 2-507
unknown unicast traffic, preventing 2-507
unset (boot loader) command A-25
upgrading
software images 2-8, 2-11
monitoring status of 2-275
upgrading information
See release notes
UplinkFast, for STP 2-476
user EXEC mode 1-2, 1-3
V
version (boot loader) command A-27
version mismatch mode 2-470
vlan (global configuration) command 2-552
vlan (VLAN configuration) command 2-558
vlan access-map command 2-564
VLAN access map configuration mode 2-564
VLAN access maps
actions 2-6
displaying 2-483
VLAN-based QoS 2-316
VLAN configuration
rules 2-555, 2-560
saving 2-552, 2-562
VLAN configuration mode
commands
VLAN 2-558
VTP 2-582
description 1-5
entering 2-566
summary 1-3
vlan database command 2-566
vlan dot1q tag native command 2-569
vlan filter command 2-571
VLAN filters, displaying 2-484
VLAN ID range 2-552, 2-558
VLAN maps
applying 2-571
creating 2-564
defining 2-274
displaying 2-483
VLAN Query Protocol
See VQP
VLANs
adding 2-552
configuring 2-552, 2-558
debug messages, display
ISL B-95
VLAN IOS file system error tests B-93
VLAN manager activity B-91
VTP B-97
displaying configurations 2-478
enabling guest VLAN supplicant 2-102, 2-112, 2-142
extended-range 2-552
MAC addresses
displaying 2-418
number of 2-406
media types 2-555, 2-560
normal-range 2-552, 2-558
private 2-512
configuring 2-360
displaying 2-478
See also private VLANs
restarting 2-424
saving the configuration 2-552
shutting down 2-424
SNMP traps for VTP 2-427, 2-430
suspending 2-424
variables 2-558
VLAN Trunking Protocol
See VTP
VM mode 2-470
VMPS
configuring servers 2-576
displaying 2-485
error recovery timer 2-138
reconfirming dynamic VLAN assignments 2-573
vmps reconfirm (global configuration) command 2-574
vmps reconfirm (privileged EXEC) command 2-573
vmps retry command 2-575
vmps server command 2-576
voice VLAN
configuring 2-533
setting port priority 2-523
VQP
and dynamic-access ports 2-503
clearing client statistics 2-64
displaying information 2-485
per-server retry count 2-575
reconfirmation interval 2-574
reconfirming dynamic VLAN assignments 2-573
VTP
changing characteristics 2-578
clearing pruning counters 2-65
configuring
domain name 2-578, 2-582
file name 2-578
mode 2-578, 2-582
password 2-578, 2-582
counters display fields 2-489
displaying information 2-488
enabling
pruning 2-578, 2-582
tunneling for 2-237
Version 2 2-578, 2-582
mode 2-578, 2-582
pruning 2-578, 2-582
saving the configuration 2-552, 2-562
statistics 2-488
status 2-488
status display fields 2-490
vtp (global configuration) command 2-578
vtp (VLAN configuration) command 2-582
W
wireless controller, accessing 2-263
wireless controller switch. B-102
X
XENPAK module serial EERPOM information 2-299, 2-337