Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
authentication (continued)
automatic discovery (continued)
Catalyst 3750G wireless LAN controller switch (continued)
clusters, switch (continued)
configuration files (continued)
default configuration (continued)
DHCP snooping (continued)
fallback bridging (continued)
IP multicast routing (continued)
IP multicast routing (continued)
IP source guard (continued)
IP unicast routing (continued)
mapping tables for QoS (continued)
port-based authentication (continued)
port-based authentication (continued)
private VLANs (continued)
stacks, switch (continued)
stacks, switch (continued)
system message logging (continued)
VRF-aware services (continued)
Numerics
10-Gigabit Ethernet interfaces
configuration guidelines 12-17
defined 12-6
3750G integrated wireless LAN controller switch
configuring the switch A-4
controller and switch interaction A-3
internal ports
configuring A-4
reconfiguring A-5
A
AAA down policy, NAC Layer 2 IP validation 1-11
abbreviating commands 2-4
ABRs 38-25
AC (command switch) 7-10
access-class command 35-20
access control entries
See ACEs
access control entry (ACE) 41-3
access-denied response, VMPS 14-28
access groups
applying IPv4 ACLs to interfaces 35-21
Layer 2 35-21
Layer 3 35-21
accessing
clusters, switch 7-13
command switches 7-11
member switches 7-13
switch clusters 7-13
accessing stack members 6-23
access lists
See ACLs
access ports
and Layer 2 protocol tunneling 18-11
defined 12-3
in switch clusters 7-9
access template 9-1
accounting
with 802.1x 11-46
with IEEE 802.1x 11-13
with RADIUS 10-28
with TACACS+ 10-11, 10-17
ACEs
and QoS 36-7
defined 35-2
Ethernet 35-2
IP 35-2
ACLs
ACEs 35-2
any keyword 35-13
applying
on bridged packets 35-39
on multicast packets 35-41
on routed packets 35-40
on switched packets 35-39
time ranges to 35-17
to an interface 35-20, 41-7
to IPv6 interfaces 41-7
to QoS 36-7
classifying traffic for QoS 36-43
comments in 35-19
compiling 35-23
defined 35-1, 35-8
examples of 35-23, 36-43
extended IP, configuring for QoS classification 36-44
extended IPv4
creating 35-11
matching criteria 35-8
hardware and software handling 35-22
host keyword 35-13
IP
creating 35-8
fragments and QoS guidelines 36-33
implicit deny 35-10, 35-14, 35-16
implicit masks 35-10
matching criteria 35-8
undefined 35-21
IPv4
applying to interfaces 35-20
creating 35-8
matching criteria 35-8
named 35-15
numbers 35-8
terminal lines, setting on 35-19
unsupported features 35-7
IPv6
and stacking 41-3
applying to interfaces 41-7
configuring 41-4, 41-5
displaying 41-8
interactions with other features 41-4
limitations 41-3
matching criteria 41-3
named 41-3
precedence of 41-2
supported 41-2
unsupported features 41-3
Layer 4 information in 35-38
logging messages 35-9
MAC extended 35-28, 36-45
matching 35-8, 35-21, 41-3
monitoring 35-41, 41-8
named, IPv4 35-15
named, IPv6 41-3
names 41-4
number per QoS class map 36-33
port 35-2, 41-1
precedence of 35-2
QoS 36-7, 36-43
resequencing entries 35-15
router 35-2, 41-1
router ACLs and VLAN map configuration guidelines 35-38
standard IP, configuring for QoS classification 36-43
standard IPv4
creating 35-10
matching criteria 35-8
support for 1-9
support in hardware 35-22
time ranges 35-17
types supported 35-2
unsupported features, IPv4 35-7
unsupported features, IPv6 41-3
using router ACLs with VLAN maps 35-37
VLAN maps
configuration guidelines 35-31
configuring 35-30
active link 22-4, 22-5, 22-6
active links 22-2
active router 42-1
active traffic monitoring, IP SLAs 43-1
address aliasing 25-2
addresses
displaying the MAC address table 8-27
dynamic
accelerated aging 19-9
changing the aging time 8-21
default aging 19-9
defined 8-19
learning 8-20
removing 8-22
IPv6 39-2
MAC, discovering 8-28
multicast
group address range 46-3
STP address management 19-9
static
adding and removing 8-24
defined 8-19
address resolution 8-28, 38-9
Address Resolution Protocol
See ARP
adjacency tables, with CEF 38-89
administrative distances
defined 38-102
OSPF 38-32
routing protocol defaults 38-91
advertisements
CDP 27-1
LLDP 28-1, 28-2
RIP 38-20
VTP 14-19, 15-3
aggregatable global unicast addresses 39-3
aggregate addresses, BGP 38-60
aggregated ports
See EtherChannel
aggregate policers 36-59
aggregate policing 1-12
aggregator template 6-9, 9-2
aging, accelerating 19-9
aging time
accelerated
for MSTP 20-23
for STP 19-9, 19-23
MAC address table 8-21
maximum
for MSTP 20-24
for STP 19-23, 19-24
alarms, RMON 31-3
allowed-VLAN list 14-21
application engines, redirecting traffic to 45-1
area border routers
See ABRs
area routing
IS-IS 38-64
ISO IGRP 38-64
ARP
configuring 38-10
defined 1-6, 8-28, 38-9
encapsulation 38-11
static cache configuration 38-10
table
address resolution 8-28
managing 8-28
ASBRs 38-25
AS-path filters, BGP 38-54
asymmetrical links, and IEEE 802.1Q tunneling 18-4
attributes, RADIUS
vendor-proprietary 10-31
vendor-specific 10-29
attribute-value pairs 11-12, 11-13, 11-17, 11-18, 11-27
authentication
EIGRP 38-40
HSRP 42-10
local mode with AAA 10-36
NTP associations 8-4
open1x 11-25
RADIUS
key 10-21
login 10-23
TACACS+
defined 10-11
key 10-13
login 10-14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 11-8
authentication failed VLAN
See restricted VLAN
authentication keys, and routing protocols 38-102
authentication manager
CLI commands 11-8
compatibility with older 802.1x CLI commands11-8to 11-9
overview 11-7
authoritative time source, described 8-2
authorization
with RADIUS 10-27
with TACACS+ 10-11, 10-16
authorized ports with IEEE 802.1x 11-9
autoconfiguration 3-3
auto enablement 11-26
automatic advise (auto-advise) in switch stacks 6-11
automatic copy (auto-copy) in switch stacks 6-10
automatic discovery
considerations
beyond a noncandidate device 7-8
brand new switches 7-9
connectivity 7-5
different VLANs 7-7
management VLANs 7-7
non-CDP-capable devices 7-6
noncluster-capable devices 7-6
routed ports 7-8
in switch clusters 7-5
See also CDP
automatic extraction (auto-extract) in switch stacks 6-11
automatic QoS
See QoS
automatic recovery, clusters 7-10
See also HSRP
automatic upgrades (auto-upgrade) in switch stacks 6-10
auto-MDIX
configuring 12-21
described 12-21
autonegotiation
duplex mode 1-4
interface configuration guidelines 12-18
mismatches 49-12
autonomous system boundary routers
See ASBRs
autonomous systems, in BGP 38-48
Auto-RP, described 46-6
autosensing, port speed 1-4
Auto Smartports macros
built-in macros 13-2, 13-4
configuration guidelines 13-3
default configuration 13-2
defined 13-1
displaying 13-14
enabling 13-3
event triggers 13-6
IOS shell 13-1, 13-9
mapping 13-4
user-defined macros 13-9
autostate exclude 12-6
Auto Smartports macros
See also Smartports macros
auxiliary VLAN
See voice VLAN
availability, features 1-7
B
BackboneFast
described 21-7
disabling 21-17
enabling 21-16
support for 1-8
backup interfaces
See Flex Links
backup links 22-2
backup static routing, configuring 44-12
banners
configuring
login 8-18
message-of-the-day login 8-18
default configuration 8-17
when displayed 8-17
Berkeley r-tools replacement 10-49
BGP
aggregate addresses 38-60
aggregate routes, configuring 38-60
CIDR 38-60
clear commands 38-63
community filtering 38-57
configuring neighbors 38-58
default configuration 38-45
described 38-44
enabling 38-48
monitoring 38-63
multipath support 38-52
neighbors, types of 38-48
path selection 38-52
peers, configuring 38-58
prefix filtering 38-56
resetting sessions 38-50
route dampening 38-62
route maps 38-54
route reflectors 38-61
routing domain confederation 38-61
routing session with multi-VRF CE 38-84
show commands 38-63
supernets 38-60
support for 1-13
Version 4 38-45
binding cluster group and HSRP group 42-12
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 23-6
DHCP snooping database 23-6
IP source guard 23-16
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 26-7
Boolean expressions in tracked lists 44-4
booting
boot loader, function of 3-2
boot process 3-2
manually 3-18
specific image 3-19
boot loader
accessing 3-19
described 3-2
environment variables 3-19
prompt 3-19
trap-door mechanism 3-2
bootstrap router (BSR), described 46-7
Border Gateway Protocol
See BGP
BPDU
error-disabled state 21-2
filtering 21-3
RSTP format 20-12
BPDU filtering
described 21-3
disabling 21-15
enabling 21-14
support for 1-8
BPDU guard
described 21-2
disabling 21-14
enabling 21-13
support for 1-8
bridged packets, ACLs on 35-39
bridge groups
See fallback bridging
bridge protocol data unit
See BPDU
broadcast flooding 38-17
broadcast packets
directed 38-14
flooded 38-14
broadcast storm-control command 26-4
broadcast storms 26-1, 38-14
C
cables, monitoring for unidirectional links 29-1
candidate switch
automatic discovery 7-5
defined 7-4
requirements 7-4
See also command switch, cluster standby group, and member switch
Catalyst 3750G wireless LAN controller switch
accessing the controller A-6
displaying controller information A-7
features A-2
interaction with the controller A-3
internal port configuration A-4
internal port EtherChannel A-4
internal ports A-3
internal VLAN A-3
reconfiguring the internal ports A-5
switch stacks A-2
Catalyst 6000 switches
authentication compatibility 11-8
CA trustpoint
configuring 10-45
defined 10-43
CDP
and trusted boundary 36-39
automatic discovery in switch clusters 7-5
configuring 27-2
default configuration 27-2
defined with LLDP 28-1
described 27-1
disabling for routing device27-3to 27-4
enabling and disabling
on an interface 27-4
on a switch 27-3
Layer 2 protocol tunneling 18-7
monitoring 27-5
overview 27-1
power negotiation extensions 12-7
support for 1-6
switch stack considerations 27-2
transmission timer and holdtime, setting 27-2
updates 27-2
CEF
defined 38-89
distributed 38-89
enabling 38-90
IPv6 39-18
CGMP
as IGMP snooping learning method 25-9
clearing cached group entries 46-61
enabling server support 46-44
joining multicast group 25-3
overview 46-9
server support only 46-9
switch support of 1-4
CIDR 38-60
CipherSuites 10-44
Cisco 7960 IP Phone 16-1
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco intelligent power management 12-7
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
See IFS
Cisco IOS IP SLAs 43-1
Cisco Secure ACS
attribute-value pairs for downloadable ACLs 11-18
attribute-value pairs for redirect URL 11-17
Cisco Secure ACS configuration guide 11-57
Cisco StackWise technology 1-3
See also stacks, switch
CiscoWorks 2000 1-5, 33-4
CISP 11-26
CIST regional root
See MSTP
CIST root
See MSTP
civic location 28-3
classless interdomain routing
See CIDR
classless routing 38-8
class maps for QoS
configuring 36-46
described 36-7
displaying 36-79
class of service
See CoS
clearing interfaces 12-30
CLI
abbreviating commands 2-4
command modes 2-1
configuration logging 2-5
described 1-5
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-9
error messages 2-5
filtering command output 2-10
getting help 2-3
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
managing clusters 7-16
no and default forms of commands 2-4
Client Information Signalling Protocol
See CISP
client mode, VTP 15-3
client processes, tracking 44-1
CLNS
See ISO CLNS
clock
See system clock
clusters, switch
accessing 7-13
automatic discovery 7-5
automatic recovery 7-10
benefits 1-2
compatibility 7-4
described 7-1
LRE profile considerations 7-16
managing
through CLI 7-16
through SNMP 7-17
planning 7-4
planning considerations
automatic discovery 7-5
automatic recovery 7-10
CLI 7-16
host names 7-13
IP addresses 7-13
LRE profiles 7-16
passwords 7-13
RADIUS 7-16
SNMP 7-14, 7-17
switch stacks 7-14
TACACS+ 7-16
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
cluster standby group
and HSRP group 42-12
automatic recovery 7-12
considerations 7-11
defined 7-2
requirements 7-3
virtual IP address 7-11
See also HSRP
CNS 1-5
Configuration Engine
configID, deviceID, hostname 5-3
configuration service 5-2
described 5-1
event service 5-3
embedded agents
described 5-5
enabling automated configuration 5-6
enabling configuration agent 5-9
enabling event agent 5-7
management functions 1-5
Coarse Wave Division Multiplexer
See CWDM SFPs
command-line interface
See CLI
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
commands, setting privilege levels 10-8
command switch
accessing 7-11
active (AC) 7-10
configuration conflicts 49-12
defined 7-2
passive (PC) 7-10
password privilege levels 7-17
priority 7-10
recovery
from command-switch failure 7-10, 49-8
from lost member connectivity 49-12
redundant 7-10
replacing
with another switch 49-11
with cluster member 49-9
requirements 7-3
standby (SC) 7-10
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 38-57
community ports 17-2
community strings
configuring 7-14, 33-8
for cluster switches 33-4
in clusters 7-14
overview 33-4
SNMP 7-14
community VLANs 17-2, 17-3
compatibility, feature 26-12
compatibility, software
See stacks, switch
config.text 3-17
configurable leave timer, IGMP 25-6
configuration, initial
defaults 1-15
Express Setup 1-2
configuration changes, logging 32-11
configuration conflicts, recovering from lost member connectivity 49-12
configuration examples, network 1-17
configuration files
archiving C-19
clearing the startup configuration C-19
creating using a text editor C-10
default name 3-17
deleting a stored configuration C-19
described C-8
downloading
automatically 3-17
preparing C-10, C-13, C-16
reasons for C-8
using FTP C-13
using RCP C-17
using TFTP C-11
guidelines for creating and using C-9
guidelines for replacing and rolling back C-21
invalid combinations when copying C-5
limiting TFTP server access 33-17
obtaining with DHCP 3-9
password recovery disable considerations 10-5
replacing a running configuration C-19, C-20
rolling back a running configuration C-19, C-20
specifying the filename 3-17
system contact and location information 33-17
types and location C-10
uploading
preparing C-10, C-13, C-16
reasons for C-9
using FTP C-14
using RCP C-18
using TFTP C-12
configuration guidelines, multi-VRF CE 38-77
configuration logger 32-11
configuration logging 2-5
configuration replacement C-19
configuration rollback C-19
configuration settings, saving 3-15
configure terminal command 12-11
configuring port-based authentication violation modes 11-37
configuring small-frame arrival rate 26-5
config-vlan mode 2-2, 14-7
conflicts, configuration 49-12
connections, secure remote 10-38
connectivity problems 49-14, 49-16, 49-17
consistency checks in VTP Version 2 15-4
console port, connecting to 2-11
content-routing technology
See WCCP
control protocol, IP SLAs 43-4
corrupted software, recovery steps with Xmodem 49-2
CoS
in Layer 2 frames 36-2
override priority 16-6
trust priority 16-6
CoS input queue threshold map for QoS 36-16
CoS output queue threshold map for QoS 36-18
CoS-to-DSCP map for QoS 36-61
counters, clearing interface 12-30
CPU utilization, troubleshooting 49-25
crashinfo file 49-24
critical authentication, IEEE 802.1x 11-50
cross-stack EtherChannel
configuration guidelines 37-13
configuring
on Layer 2 interfaces 37-13
on Layer 3 physical interfaces 37-16
described 37-3
illustration 37-4
support for 1-7
cross-stack UplinkFast, STP
described 21-5
disabling 21-16
enabling 21-16
fast-convergence events 21-7
Fast Uplink Transition Protocol 21-6
normal-convergence events 21-7
support for 1-8
cryptographic software image
Kerberos 10-32
SSH 10-37
SSL 10-42
switch stack considerations 6-2, 6-15, 10-38
customer edge devices 38-75
CWDM SFPs 1-27
D
DACL
See downloadable ACL
daylight saving time 8-13
dCEF, in the switch stack 38-89
debugging
enabling all system diagnostics 49-21
enabling for a specific feature 49-20
redirecting error message output 49-21
using commands 49-20
default commands 2-4
default configuration
802.1x 11-31
auto-QoS 36-20
banners 8-17
BGP 38-45
booting 3-17
CDP 27-2
DHCP 23-8
DHCP option 82 23-8
DHCP snooping 23-8
DHCP snooping binding database 23-9
DNS 8-16
dynamic ARP inspection 24-5
EIGRP 38-36
EtherChannel 37-11
Ethernet interfaces 12-16
fallback bridging 48-3
Flex Links 22-7, 22-8
HSRP 42-5
IEEE 802.1Q tunneling 18-4
IGMP 46-39
IGMP filtering 25-25
IGMP snooping 25-7, 40-5, 40-6
IGMP throttling 25-25
initial switch information 3-3
IP addressing, IP routing 38-6
IP multicast routing 46-10
IP SLAs 43-6
IP source guard 23-17
IPv6 39-10
IS-IS 38-66
Layer 2 interfaces 12-16
Layer 2 protocol tunneling 18-11
LLDP 28-4
MAC address table 8-21
MAC address-table move update 22-8
MSDP 47-4
MSTP 20-15
multi-VRF CE 38-76
MVR 25-20
NTP 8-4
optional spanning-tree configuration 21-12
OSPF 38-26
password and privilege level 10-2
PIM 46-10
private VLANs 17-6
RADIUS 10-20
RIP 38-20
RMON 31-3
RSPAN 30-11
SDM template 9-5
SNMP 33-7
SPAN 30-11
SSL 10-45
standard QoS 36-30
STP 19-13
switch stacks 6-18
system message logging 32-4
system name and prompt 8-15
TACACS+ 10-13
UDLD 29-4
VLAN, Layer 2 Ethernet interfaces 14-19
VLANs 14-8
VMPS 14-29
voice VLAN 16-3
VTP 15-7
WCCP 45-5
default gateway 3-15, 38-12
default networks 38-92
default router preference
See DRP
default routes 38-92
default routing 38-3
deleting VLANs 14-10
denial-of-service attack 26-1
description command 12-24
designing your network, examples 1-17
desktop template 6-9, 9-2
destination addresses
in IPv4 ACLs 35-12
in IPv6 ACLs 41-5
destination-IP address-based forwarding, EtherChannel 37-9
destination-MAC address forwarding, EtherChannel 37-9
detecting indirect link failures, STP 21-8
device C-23
device discovery protocol 27-1, 28-1
device manager
benefits 1-2
described 1-2, 1-5
in-band management 1-6
upgrading a switch C-23
DHCP
Cisco IOS server database
configuring 23-14
default configuration 23-9
described 23-6
DHCP for IPv6
See DHCPv6
enabling
relay agent 23-11
server 23-10
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-4
DNS 3-7
relay device 3-8
server side 3-6
server-side 23-10
TFTP server 3-7
example 3-10
lease options
for IP address information 3-6
for receiving the configuration file 3-7
overview 3-3
relationship to BOOTP 3-4
relay support 1-5, 1-13
support for 1-5
DHCP-based autoconfiguration and image update
configuring3-11to 3-14
understanding3-5to 3-6
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 44-11
DHCP option 82
circuit ID suboption 23-5
configuration guidelines 23-9
default configuration 23-8
displaying 23-16
forwarding address, specifying 23-11
helper address 23-11
overview 23-3
packet format, suboption
circuit ID 23-5
remote ID 23-5
remote ID suboption 23-5
DHCP server port-based address allocation
configuration guidelines 23-21
default configuration 23-20
described 23-20
displaying 23-23
enabling 23-21
DHCP server port-based address assignment
support for 1-6
DHCP snooping
accepting untrusted packets form edge switch 23-3, 23-13
and private VLANs 23-14
binding database
See DHCP snooping binding database
configuration guidelines 23-9
default configuration 23-8
displaying binding tables 23-16
message exchange process 23-4
option 82 data insertion 23-3
trusted interface 23-2
untrusted interface 23-2
untrusted messages 23-2
DHCP snooping binding database
adding bindings 23-15
binding file
format 23-7
location 23-6
bindings 23-6
clearing agent statistics 23-15
configuration guidelines 23-10
configuring 23-15
default configuration 23-8, 23-9
deleting
binding file 23-15
bindings 23-16
database agent 23-15
described 23-6
displaying 23-16
binding entries 23-16
status and statistics 23-16
enabling 23-15
entry 23-6
renewing database 23-15
resetting
delay value 23-15
timeout value 23-15
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 39-15
default configuration 39-15
described 39-6
enabling client function 39-17
enabling DHCPv6 server function 39-15
support for 1-13
Differentiated Services architecture, QoS 36-2
Differentiated Services Code Point 36-2
Diffusing Update Algorithm (DUAL) 38-35
directed unicast requests 1-6
directories
changing C-4
creating and removing C-4
displaying the working C-4
discovery, clusters
See automatic discovery
Distance Vector Multicast Routing Protocol
See DVMRP
distance-vector protocols 38-3
distribute-list command 38-101
DNS
and DHCP-based autoconfiguration 3-7
default configuration 8-16
displaying the configuration 8-17
in IPv6 39-4
overview 8-15
setting up 8-16
support for 1-5
DNS-based SSM mapping 46-18, 46-20
domain names
DNS 8-15
VTP 15-8
Domain Name System
See DNS
domains, ISO IGRP routing 38-64
dot1q-tunnel switchport mode 14-18
double-tagged packets
IEEE 802.1Q tunneling 18-2
Layer 2 protocol tunneling 18-10
downloadable ACL 11-17, 11-18, 11-57
downloading
configuration files
preparing C-10, C-13, C-16
reasons for C-8
using FTP C-13
using RCP C-17
using TFTP C-11
image files
deleting old image C-27
preparing C-26, C-29, C-34
reasons for C-23
using CMS 1-3
using FTP C-30
using HTTP 1-3, C-23
using RCP C-35
using TFTP C-26
using the device manager or Network Assistant C-23
drop threshold for Layer 2 protocol packets 18-11
DRP
configuring 39-13
described 39-4
IPv6 39-4
support for 1-13
DSCP 1-11, 36-2
DSCP input queue threshold map for QoS 36-16
DSCP output queue threshold map for QoS 36-18
DSCP-to-CoS map for QoS 36-65
DSCP-to-DSCP-mutation map for QoS 36-66
DSCP transparency 36-40
DTP 1-8, 14-17
dual-action detection 37-6
DUAL finite state machine, EIGRP 38-35
dual IPv4 and IPv6 templates 9-2, 39-5, 39-6
dual protocol stacks
IPv4 and IPv6 39-5
SDM templates supporting 39-6
DVMRP
autosummarization
configuring a summary address 46-58
disabling 46-60
connecting PIM domain to DVMRP router 46-51
enabling unicast routing 46-54
interoperability
with Cisco devices 46-49
with Cisco IOS software 46-9
mrinfo requests, responding to 46-53
neighbors
advertising the default route to 46-52
discovery with Probe messages 46-49
displaying information 46-53
prevent peering with nonpruning 46-56
rejecting nonpruning 46-55
overview 46-8
routes
adding a metric offset 46-60
advertising all 46-60
advertising the default route to neighbors 46-52
caching DVMRP routes learned in report messages 46-54
changing the threshold for syslog messages 46-57
deleting 46-61
displaying 46-62
favoring one over another 46-60
limiting the number injected into MBONE 46-57
limiting unicast route advertisements 46-49
routing table 46-9
source distribution tree, building 46-9
support for 1-13
tunnels
configuring 46-51
displaying neighbor information 46-53
dynamic access ports
characteristics 14-3
configuring 14-31
defined 12-3
dynamic addresses
See addresses
dynamic ARP inspection
ARP cache poisoning 24-1
ARP requests, described 24-1
ARP spoofing attack 24-1
clearing
log buffer 24-16
statistics 24-15
configuration guidelines 24-6
configuring
ACLs for non-DHCP environments 24-8
in DHCP environments 24-7
log buffer 24-13
rate limit for incoming ARP packets 24-4, 24-11
default configuration 24-5
denial-of-service attacks, preventing 24-11
described 24-1
DHCP snooping binding database 24-2
displaying
ARP ACLs 24-15
configuration and operating state 24-15
log buffer 24-16
statistics 24-15
trust state and rate limit 24-15
error-disabled state for exceeding rate limit 24-4
function of 24-2
interface trust states 24-3
log buffer
clearing 24-16
configuring 24-13
displaying 24-16
logging of dropped packets, described 24-5
man-in-the middle attack, described 24-2
network security issues and interface trust states 24-3
priority of ARP ACLs and DHCP snooping entries 24-4
rate limiting of ARP packets
configuring 24-11
described 24-4
error-disabled state 24-4
statistics
clearing 24-15
displaying 24-15
validation checks, performing 24-12
dynamic auto trunking mode 14-18
dynamic desirable trunking mode 14-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 14-29
reconfirming 14-31
troubleshooting 14-33
types of connections 14-31
dynamic routing 38-3
ISO CLNS 38-64
Dynamic Trunking Protocol
See DTP
E
EBGP 38-43
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-9
EIGRP
authentication 38-40
components 38-35
configuring 38-39
default configuration 38-36
definition 38-35
interface parameters, configuring 38-40
monitoring 38-42
stub routing 38-41
elections
See stack master
ELIN location 28-3
embedded event manager
actions 34-4
configuring 34-1, 34-5
displaying information 34-7
environmental variables 34-4
event detectors 34-2
policies 34-4
registering and defining an applet 34-5
registering and defining a TCL script 34-6
understanding 34-1
enable password 10-3
enable secret password 10-3
encryption, CipherSuite 10-44
encryption for passwords 10-3
Enhanced IGRP
See EIGRP
enhanced object tracking
backup static routing 44-12
commands 44-1
defined 44-1
DHCP primary interface 44-11
HSRP 44-7
IP routing state 44-2
IP SLAs 44-9
line-protocol state 44-2
network monitoring with IP SLAs 44-11
routing policy, configuring 44-12
static route primary interface 44-10
tracked lists 44-3
enhanced object tracking static routing 44-10
environmental variables, embedded event manager 34-4
environment variables, function of 3-20
equal-cost routing 1-13, 38-90
error-disabled state, BPDU 21-2
error messages during command entry 2-5
EtherChannel
automatic creation of 37-5, 37-7
channel groups
binding physical and logical interfaces 37-4
numbering of 37-4
configuration guidelines 37-12
configuring
Layer 2 interfaces 37-13
Layer 3 physical interfaces 37-16
Layer 3 port-channel logical interfaces 37-15
default configuration 37-11
described 37-2
displaying status 37-23
forwarding methods 37-8, 37-18
IEEE 802.3ad, described 37-7
interaction
with STP 37-12
with VLANs 37-12
LACP
described 37-7
displaying status 37-23
hot-standby ports 37-20
interaction with other features 37-8
modes 37-7
port priority 37-22
system priority 37-21
Layer 3 interface 38-5
load balancing 37-8, 37-18
logical interfaces, described 37-4
PAgP
aggregate-port learners 37-19
compatibility with Catalyst 1900 37-19
described 37-5
displaying status 37-23
interaction with other features 37-7
interaction with virtual switches 37-6
learn method and priority configuration 37-19
modes 37-6
support for 1-4
with dual-action detection 37-6
port-channel interfaces
described 37-4
numbering of 37-4
port groups 12-6
stack changes, effects of 37-10
support for 1-4
EtherChannel guard
described 21-10
disabling 21-17
enabling 21-17
Ethernet VLANs
adding 14-9
defaults and ranges 14-8
modifying 14-9
EUI 39-3
event detectors, embedded event manager 34-2
events, RMON 31-3
examples
network configuration 1-17
expedite queue for QoS 36-78
Express Setup 1-2
See also getting started guide
extended crashinfo file 49-24
extended-range VLANs
configuration guidelines 14-13
configuring 14-12
creating 14-14
creating with an internal VLAN ID 14-15
defined 14-1
extended system ID
MSTP 20-17
STP 19-4, 19-16
extended universal identifier
See EUI
Extensible Authentication Protocol over LAN 11-1
external BGP
See EBGP
external neighbors, BGP 38-48
F
fa0 interface 1-6
failover support 1-7
fallback bridging
and protected ports 48-4
bridge groups
creating 48-4
described 48-2
displaying 48-11
function of 48-2
number supported 48-5
removing 48-5
bridge table
clearing 48-11
displaying 48-11
configuration guidelines 48-4
connecting interfaces with 12-10
default configuration 48-3
described 48-1
frame forwarding
flooding packets 48-2
forwarding packets 48-2
overview 48-1
protocol, unsupported 48-4
stack changes, effects of 48-3
STP
disabling on an interface 48-10
forward-delay interval 48-9
hello BPDU interval 48-8
interface priority 48-7
keepalive messages 19-2
maximum-idle interval 48-9
path cost 48-7
VLAN-bridge spanning-tree priority 48-6
VLAN-bridge STP 48-2
support for 1-13
SVIs and routed ports 48-1
unsupported protocols 48-4
VLAN-bridge STP 19-11
Fast Convergence 22-3
Fast Uplink Transition Protocol 21-6
features, incompatible 26-12
FIB 38-89
fiber-optic, detecting unidirectional links 29-1
files
basic crashinfo
description 49-24
location 49-24
copying C-5
crashinfo, description 49-24
deleting C-5
displaying the contents of C-8
extended crashinfo
description 49-24
location 49-24
tar
creating C-6
displaying the contents of C-7
extracting C-7
image file format C-24
file system
displaying available file systems C-2
displaying file information C-3
local file system names C-1
network file system names C-5
setting the default C-3
filtering
in a VLAN 35-30
IPv6 traffic 41-4, 41-7
non-IP traffic 35-28
show and more command output 2-10
filtering show and more command output 2-10
filters, IP
See ACLs, IP
flash device, number of C-1
flexible authentication ordering
configuring 11-59
overview 11-25
Flex Link Multicast Fast Convergence 22-3
Flex Links
configuration guidelines 22-8
configuring 22-8, 22-9
configuring preferred VLAN 22-11
configuring VLAN load balancing 22-10
default configuration 22-7
description 22-1
link load balancing 22-2
monitoring 22-14
VLANs 22-2
flooded traffic, blocking 26-8
flow-based packet classification 1-11
flowcharts
QoS classification 36-6
QoS egress queueing and scheduling 36-17
QoS ingress queueing and scheduling 36-15
QoS policing and marking 36-10
flowcontrol
configuring 12-20
described 12-20
forward-delay time
MSTP 20-23
STP 19-23
Forwarding Information Base
See FIB
forwarding nonroutable protocols 48-1
FTP
accessing MIB files B-3
configuration files
downloading C-13
overview C-12
preparing the server C-13
uploading C-14
image files
deleting old image C-32
downloading C-30
preparing the server C-29
uploading C-32
G
general query 22-5
Generating IGMP Reports 22-3
get-bulk-request operation 33-3
get-next-request operation 33-3, 33-5
get-request operation 33-3, 33-5
get-response operation 33-3
Gigabit modules
See SFPs
global configuration mode 2-2
global leave, IGMP 25-13
guest VLAN and 802.1x 11-18
guide mode 1-2
GUIs
See device manager and Network Assistant
H
hardware limitations and Layer 3 interfaces 12-26
hello time
MSTP 20-22
STP 19-22
help, for the command line 2-3
hierarchical policy maps 36-8
configuration guidelines 36-33
configuring 36-52
described 36-11
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
history table, level and number of syslog messages 32-10
host names, in clusters 7-13
host ports
configuring 17-11
kinds of 17-2
hosts, limit on dynamic ports 14-33
Hot Standby Router Protocol
See HSRP
HP OpenView 1-5
HSRP
authentication string 42-10
automatic cluster recovery 7-12
binding to cluster group 42-12
cluster standby group considerations 7-11
command-switch redundancy 1-1, 1-7
configuring 42-5
default configuration 42-5
definition 42-1
guidelines 42-6
monitoring 42-13
object tracking 44-7
overview 42-1
priority 42-8
routing redundancy 1-12
support for ICMP redirect messages 42-12
switch stack considerations 42-5
timers 42-11
tracking 42-8
See also clusters, cluster standby group, and standby command switch
HSRP for IPv6
configuring 39-24
guidelines 39-23
HTTP over SSL
see HTTPS
HTTPS 10-43
configuring 10-46
self-signed certificate 10-43
HTTP secure server 10-43
I
IBPG 38-43
ICMP
IPv6 39-4
redirect messages 38-12
support for 1-13
time-exceeded messages 49-18
traceroute and 49-18
unreachable messages 35-20
unreachable messages and IPv6 41-4
unreachables and ACLs 35-22
ICMP Echo operation
configuring 43-12
IP SLAs 43-11
ICMP ping
executing 49-15
overview 49-14
ICMP Router Discovery Protocol
See IRDP
ICMPv6 39-4
IDS appliances
and ingress RSPAN 30-22
and ingress SPAN 30-15
IEEE 802.1D
See STP
IEEE 802.1p 16-1
IEEE 802.1Q
and trunk ports 12-3
configuration limitations 14-19
encapsulation 14-16
native VLAN for untagged traffic 14-23
tunneling
compatibility with other features 18-6
defaults 18-4
described 18-1
tunnel ports with other features 18-6
IEEE 802.1s
See MSTP
IEEE 802.1w
See RSTP
IEEE 802.1x
See port-based authentication
IEEE 802.3ad
See EtherChannel
IEEE 802.3af
See PoE
IEEE 802.3x flow control 12-20
ifIndex values, SNMP 33-6
IFS 1-6
IGMP
configurable leave timer
described 25-6
enabling 25-11
configuring the switch
as a member of a group 46-39
statically connected member 46-43
controlling access to groups 46-40
default configuration 46-39
deleting cache entries 46-62
displaying groups 46-62
fast switching 46-43
flooded multicast traffic
controlling the length of time 25-12
disabling on an interface 25-13
global leave 25-13
query solicitation 25-13
recovering from flood mode 25-13
host-query interval, modifying 46-41
joining multicast group 25-3
join messages 25-3
leave processing, enabling 25-11, 40-9
leaving multicast group 25-5
multicast reachability 46-39
overview 46-3
queries 25-4
report suppression
described 25-6
disabling 25-16, 40-11
supported versions 25-3
support for 1-4
Version 1
changing to Version 2 46-41
described 46-3
Version 2
changing to Version 1 46-41
described 46-3
maximum query response time value 46-43
pruning groups 46-43
query timeout value 46-42
IGMP filtering
configuring 25-25
default configuration 25-25
described 25-24
monitoring 25-29
support for 1-4
IGMP groups
configuring filtering 25-28
setting the maximum number 25-27
IGMP helper 1-4, 46-6
IGMP Immediate Leave
configuration guidelines 25-11
described 25-5
enabling 25-11
IGMP profile
applying 25-27
configuration mode 25-25
configuring 25-26
IGMP snooping
and address aliasing 25-2
and stack changes 25-6
configuring 25-7
default configuration 25-7, 40-5, 40-6
definition 25-2
enabling and disabling 25-7, 40-6
global configuration 25-7
Immediate Leave 25-5
in the switch stack 25-6
method 25-8
monitoring 25-16, 40-11
querier
configuration guidelines 25-14
configuring 25-14
supported versions 25-3
support for 1-4
VLAN configuration 25-8
IGMP throttling
configuring 25-28
default configuration 25-25
described 25-25
displaying action 25-29
IGP 38-25
Immediate Leave, IGMP 25-5
enabling 40-9
inaccessible authentication bypass 11-20
initial configuration
defaults 1-15
Express Setup 1-2
integrated wireless LAN controller switch
see 3750G integrated wireless LAN controller switch
interface
number 12-11
range macros 12-14
interface command12-10to 12-12
interface configuration mode 2-3
interfaces
auto-MDIX, configuring 12-21
configuration guidelines
10-Gigabit Ethernet 12-17
duplex and speed 12-18
configuring
procedure 12-11
counters, clearing 12-30
default configuration 12-16
described 12-24
descriptive name, adding 12-24
displaying information about 12-29
flow control 12-20
management 1-5
monitoring 12-29
naming 12-24
physical, identifying 12-10
range of 12-12
restarting 12-31
shutting down 12-31
speed and duplex, configuring 12-18
status 12-29
supported 12-10
types of 12-1
interfaces range macro command 12-14
interface types 12-10
Interior Gateway Protocol
See IGP
internal BGP
See IBGP
internal neighbors, BGP 38-48
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Internet Protocol version 6
See IPv6
Inter-Switch Link
See ISL
inter-VLAN routing 1-13, 38-2
Intrusion Detection System
See IDS appliances
inventory management TLV 28-2, 28-6
IOS shell
See Auto Smartports macros
IP ACLs
for QoS classification 36-7
implicit deny 35-10, 35-14
implicit masks 35-10
named 35-15
undefined 35-21
IP addresses
128-bit 39-2
candidate or member 7-4, 7-13
classes of 38-7
cluster access 7-2
command switch 7-3, 7-11, 7-13
default configuration 38-6
discovering 8-28
for IP routing 38-5
IPv6 39-2
MAC address association 38-9
monitoring 38-18
redundant clusters 7-11
standby command switch 7-11, 7-13
See also IP information
IP base image 1-1
IP broadcast address 38-16
ip cef distributed command 38-89
IP directed broadcasts 38-14
ip igmp profile command 25-25
IP information
assigned
manually 3-14
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing
addresses
all-hosts 46-3
all-multicast-routers 46-3
host group address range 46-3
administratively-scoped boundaries, described 46-46
and IGMP snooping 25-2
Auto-RP
adding to an existing sparse-mode cloud 46-26
benefits of 46-26
clearing the cache 46-62
configuration guidelines 46-12
filtering incoming RP announcement messages 46-29
overview 46-6
preventing candidate RP spoofing 46-29
preventing join messages to false RPs 46-28
setting up in a new internetwork 46-26
using with BSR 46-34
bootstrap router
configuration guidelines 46-12
configuring candidate BSRs 46-32
configuring candidate RPs 46-33
defining the IP multicast boundary 46-31
defining the PIM domain border 46-30
overview 46-7
using with Auto-RP 46-34
Cisco implementation 46-2
configuring
basic multicast routing 46-12
IP multicast boundary 46-46
default configuration 46-10
enabling
multicast forwarding 46-13
PIM mode 46-13
group-to-RP mappings
Auto-RP 46-6
BSR 46-7
MBONE
deleting sdr cache entries 46-62
described 46-45
displaying sdr cache 46-63
enabling sdr listener support 46-46
limiting DVMRP routes advertised 46-57
limiting sdr cache entry lifetime 46-46
SAP packets for conference session announcement 46-45
Session Directory (sdr) tool, described 46-45
monitoring
packet rate loss 46-63
peering devices 46-63
tracing a path 46-63
multicast forwarding, described 46-7
PIMv1 and PIMv2 interoperability 46-11
protocol interaction 46-2
reverse path check (RPF) 46-7
routing table
deleting 46-62
displaying 46-62
RP
assigning manually 46-24
configuring Auto-RP 46-26
configuring PIMv2 BSR 46-30
monitoring mapping information 46-34
using Auto-RP and BSR 46-34
stacking
stack master functions 46-9
stack member functions 46-9
statistics, displaying system and network 46-62
See also CGMP
See also DVMRP
See also IGMP
See also PIM
IP phones
and QoS 16-1
automatic classification and queueing 36-20
configuring 16-4
ensuring port security with QoS 36-38
trusted boundary for QoS 36-38
IP precedence 36-2
IP-precedence-to-DSCP map for QoS 36-63
IP protocols
in ACLs 35-12
routing 1-12
IP routes, monitoring 38-103
IP routing
connecting interfaces with 12-10
disabling 38-19
enabling 38-19
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 43-1
IP services image 1-1
IP SLAs
benefits 43-2
configuration guidelines 43-6
configuring object tracking 44-9
Control Protocol 43-4
default configuration 43-6
definition 43-1
ICMP echo operation 43-11
measuring network performance 43-3
monitoring 43-13
multioperations scheduling 43-5
object tracking 44-9
operation 43-3
reachability tracking 44-9
responder
described 43-4
enabling 43-8
response time 43-4
scheduling 43-5
SNMP support 43-2
supported metrics 43-2
threshold monitoring 43-6
track object monitoring agent, configuring 44-11
track state 44-9
UDP jitter operation 43-9
IP source guard
and 802.1x 23-18
and DHCP snooping 23-16
and EtherChannels 23-18
and port security 23-18
and private VLANs 23-18
and routed ports 23-18
and TCAM entries 23-18
and trunk interfaces 23-18
and VRF 23-18
binding configuration
automatic 23-16
manual 23-16
binding table 23-16
configuration guidelines 23-17
default configuration 23-17
described 23-16
disabling 23-19
displaying
bindings 23-20
configuration 23-20
enabling 23-18
filtering
source IP address 23-17
source IP and MAC address 23-17
on provisioned switches 23-18
source IP address filtering 23-17
source IP and MAC address filtering 23-17
static bindings
adding 23-18
deleting 23-19
IP traceroute
executing 49-18
overview 49-17
IP unicast routing
address resolution 38-9
administrative distances 38-91, 38-102
ARP 38-9
assigning IP addresses to Layer 3 interfaces 38-7
authentication keys 38-102
broadcast
address 38-16
flooding 38-17
packets 38-14
storms 38-14
classless routing 38-8
configuring static routes 38-91
default
addressing configuration 38-6
gateways 38-12
networks 38-92
routes 38-92
routing 38-3
directed broadcasts 38-14
disabling 38-19
dynamic routing 38-3
enabling 38-19
EtherChannel Layer 3 interface 38-5
IGP 38-25
inter-VLAN 38-2
IP addressing
classes 38-7
configuring 38-5
IPv6 39-3
IRDP 38-12
Layer 3 interfaces 38-5
MAC address and IP address 38-9
passive interfaces 38-100
protocols
distance-vector 38-3
dynamic 38-3
link-state 38-3
proxy ARP 38-9
redistribution 38-93
reverse address resolution 38-9
routed ports 38-5
static routing 38-3
steps to configure 38-5
subnet mask 38-7
subnet zero 38-7
supernet 38-8
UDP 38-15
with SVIs 38-5
See also BGP
See also EIGRP
See also OSPF
See also RIP
IPv4 ACLs
applying to interfaces 35-20
extended, creating 35-11
named 35-15
standard, creating 35-10
IPv4 and IPv6
dual protocol stacks 39-5
IPv6
ACLs
displaying 41-8
limitations 41-3
matching criteria 41-3
port 41-1
precedence 41-2
router 41-1
supported 41-2
addresses 39-2
address formats 39-2
and switch stacks 39-9
applications 39-5
assigning address 39-11
autoconfiguration 39-5
CEFv6 39-18
configuring static routes 39-19
default configuration 39-10
default router preference (DRP) 39-4
defined 39-1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 39-7
EIGRP IPv6 Commands 39-7
Router ID 39-7
feature limitations 39-8
features not supported 39-8
forwarding 39-11
ICMP 39-4
monitoring 39-26
neighbor discovery 39-4
OSPF 39-6
path MTU discovery 39-4
SDM templates 9-2, 40-1, 41-1
stack master functions 39-9
Stateless Autoconfiguration 39-5
supported features 39-2
switch limitations 39-8
understanding static routes 39-6
IPv6 traffic, filtering 41-4
IRDP
configuring 38-13
definition 38-12
support for 1-13
IS-IS
addresses 38-64
area routing 38-64
default configuration 38-66
monitoring 38-73
show commands 38-73
system routing 38-64
ISL
and IPv6 39-3
and trunk ports 12-3
encapsulation 1-8, 14-16
trunking with IEEE 802.1 tunneling 18-4
ISO CLNS
clear commands 38-73
dynamic routing protocols 38-64
monitoring 38-73
NETs 38-64
NSAPs 38-64
OSI standard 38-64
ISO IGRP
area routing 38-64
system routing 38-64
isolated port 17-2
isolated VLANs 17-2, 17-3
J
join messages, IGMP 25-3
K
KDC
described 10-32
See also Kerberos
keepalive messages 19-2
Kerberos
authenticating to
boundary switch 10-35
KDC 10-35
network services 10-35
configuration examples 10-32
configuring 10-35
credentials 10-32
cryptographic software image 10-32
described 10-32
KDC 10-32
operation 10-34
realm 10-34
server 10-34
support for 1-11
switch as trusted third party 10-32
terms 10-33
TGT 10-34
tickets 10-32
key distribution center
See KDC
L
l2protocol-tunnel command 18-13
LACP
Layer 2 protocol tunneling 18-9
See EtherChannel
Layer 2 frames, classification with CoS 36-2
Layer 2 interfaces, default configuration 12-16
Layer 2 protocol tunneling
configuring 18-10
configuring for EtherChannels 18-14
default configuration 18-11
defined 18-8
guidelines 18-12
Layer 2 traceroute
and ARP 49-17
and CDP 49-16
broadcast traffic 49-16
described 49-16
IP addresses and subnets 49-17
MAC addresses and VLANs 49-16
multicast traffic 49-16
multiple devices on a port 49-17
unicast traffic 49-16
usage guidelines 49-16
Layer 3 features 1-12
Layer 3 interfaces
assigning IP addresses to 38-7
assigning IPv4 and IPv6 addresses to 39-14
assigning IPv6 addresses to 39-11
changing from Layer 2 mode 38-7, 38-81
types of 38-5
Layer 3 packets, classification methods 36-2
LDAP 5-2
Leaking IGMP Reports 22-4
LEDs, switch
See hardware installation guide
lightweight directory access protocol
See LDAP
line configuration mode 2-3
Link Aggregation Control Protocol
See EtherChannel
link failure, detecting unidirectional 20-8
Link Layer Discovery Protocol
See CDP
link local unicast addresses 39-3
link redundancy
See Flex Links
links, unidirectional 29-1
link state advertisements (LSAs) 38-30
link-state protocols 38-3
link-state tracking
configuring 37-25
described 37-23
LLDP
configuring 28-4
characteristics 28-5
default configuration 28-4
enabling 28-5
monitoring and maintaining 28-10
overview 28-1
supported TLVs 28-2
switch stack considerations 28-2
transmission timer and holdtime, setting 28-5
LLDP-MED
configuring
procedures 28-4
TLVs 28-6
monitoring and maintaining 28-10
overview 28-1, 28-2
supported TLVs 28-2
LLDP Media Endpoint Discovery
See LLDP-MED
load balancing 42-4
local SPAN 30-2
location TLV 28-3, 28-6
logging messages, ACL 35-9
login authentication
with RADIUS 10-23
with TACACS+ 10-14
login banners 8-17
log messages
See system message logging
Long-Reach Ethernet (LRE) technology 1-19, 1-25
loop guard
described 21-11
enabling 21-18
support for 1-8
LRE profiles, considerations in switch clusters 7-16
M
MAB
See MAC authentication bypass
MAB aging timer 1-9
MAB inactivity timer
default setting 11-32
range 11-34
MAC/PHY configuration status TLV 28-2
MAC addresses
aging time 8-21
and VLAN association 8-20
building the address table 8-20
default configuration 8-21
disabling learning on a VLAN 8-27
discovering 8-28
displaying 8-27
displaying in the IP source binding table 23-20
dynamic
learning 8-20
removing 8-22
in ACLs 35-28
IP address association 38-9
static
adding 8-24
allowing 8-26, 8-27
characteristics of 8-24
dropping 8-25
removing 8-24
MAC address learning 1-6
MAC address learning, disabling on a VLAN 8-27
MAC address notification, support for 1-14
MAC address-table move update
configuration guidelines 22-8
configuring 22-12
default configuration 22-8
description 22-6
monitoring 22-14
MAC address-to-VLAN mapping 14-28
MAC authentication bypass 11-34
configuring 11-53
overview 11-14
See MAB
MAC extended access lists
applying to Layer 2 interfaces 35-29
configuring for QoS 36-45
creating 35-28
defined 35-28
for QoS classification 36-5
macros
See Auto Smartports macros
See Smartports macros
magic packet 11-23
manageability features 1-5
management access
in-band
browser session 1-6
CLI session 1-6
device manager 1-6
SNMP 1-6
out-of-band console port connection 1-6
management address TLV 28-2
management options
CLI 2-1
clustering 1-3
CNS 5-1
Network Assistant 1-2
overview 1-5
switch stacks 1-3
management VLAN
considerations in switch clusters 7-7
discovery through different management VLANs 7-7
mapping tables for QoS
configuring
CoS-to-DSCP 36-61
DSCP 36-61
DSCP-to-CoS 36-65
DSCP-to-DSCP-mutation 36-66
IP-precedence-to-DSCP 36-63
policed-DSCP 36-64
described 36-12
marking
action with aggregate policers 36-59
described 36-4, 36-8
matching
IPv6 ACLs 41-3
matching, IPv4 ACLs 35-8
maximum aging time
MSTP 20-24
STP 19-23
maximum hop count, MSTP 20-24
maximum number of allowed devices, port-based authentication 11-34
maximum-paths command 38-52, 38-90
MDA
configuration guidelines11-11to 11-12
described 1-10, 11-11
exceptions with authentication process 11-5
membership mode, VLAN port 14-3
member switch
automatic discovery 7-5
defined 7-2
managing 7-16
passwords 7-13
recovering from lost connectivity 49-12
requirements 7-4
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 8-17
metrics, in BGP 38-52
metric translations, between routing protocols 38-96
metro tags 18-2
MHSRP 42-4
MIBs
accessing files with FTP B-3
location of files B-3
overview 33-1
SNMP interaction with 33-4
supported B-1
mini-point-of-presence
See POP
mirroring traffic for analysis 30-1
mismatches, autonegotiation 49-12
module number 12-11
monitoring
access groups 35-41
BGP 38-63
cables for unidirectional links 29-1
CDP 27-5
CEF 38-90
EIGRP 38-42
fallback bridging 48-11
features 1-14
Flex Links 22-14
HSRP 42-13
IEEE 802.1Q tunneling 18-18
IGMP
filters 25-29
snooping 25-16, 40-11
interfaces 12-29
IP
address tables 38-18
multicast routing 46-61
routes 38-103
IP SLAs operations 43-13
IPv4 ACL configuration 35-41
IPv6 39-26
IPv6 ACL configuration 41-8
IS-IS 38-73
ISO CLNS 38-73
Layer 2 protocol tunneling 18-18
MAC address-table move update 22-14
MSDP peers 47-18
multicast router interfaces 25-17, 40-12
multi-VRF CE 38-88
MVR 25-24
network traffic for analysis with probe 30-2
object tracking 44-12
OSPF 38-34
port
blocking 26-19
protection 26-19
private VLANs 17-14
RP mapping information 46-34
SFP status 12-30, 49-14
source-active messages 47-18
speed and duplex mode 12-19
SSM mapping 46-22
traffic flowing among switches 31-1
traffic suppression 26-19
tunneling 18-18
VLAN
filters 35-42
maps 35-42
VLANs 14-16
VMPS 14-32
VTP 15-16
mrouter Port 22-3
mrouter port 22-5
MSDP
benefits of 47-3
clearing MSDP connections and statistics 47-18
controlling source information
forwarded by switch 47-11
originated by switch 47-8
received by switch 47-13
default configuration 47-4
dense-mode regions
sending SA messages to 47-16
specifying the originating address 47-17
filtering
incoming SA messages 47-14
SA messages to a peer 47-12
SA requests from a peer 47-10
join latency, defined 47-6
meshed groups
configuring 47-15
defined 47-15
originating address, changing 47-17
overview 47-1
peer-RPF flooding 47-2
peers
configuring a default 47-4
monitoring 47-18
peering relationship, overview 47-1
requesting source information from 47-8
shutting down 47-15
source-active messages
caching 47-6
clearing cache entries 47-18
defined 47-2
filtering from a peer 47-10
filtering incoming 47-14
filtering to a peer 47-12
limiting data with TTL 47-13
monitoring 47-18
restricting advertised sources 47-9
support for 1-13
MSTP
boundary ports
configuration guidelines 20-16
described 20-6
BPDU filtering
described 21-3
enabling 21-14
BPDU guard
described 21-2
enabling 21-13
CIST, described 20-3
CIST regional root 20-3
CIST root 20-5
configuration guidelines 20-15, 21-12
configuring
forward-delay time 20-23
hello time 20-22
link type for rapid convergence 20-24
maximum aging time 20-24
maximum hop count 20-24
MST region 20-16
neighbor type 20-25
path cost 20-21
port priority 20-20
root switch 20-17
secondary root switch 20-19
switch priority 20-22
CST
defined 20-3
operations between regions 20-4
default configuration 20-15
default optional feature configuration 21-12
displaying status 20-26
enabling the mode 20-16
EtherChannel guard
described 21-10
enabling 21-17
extended system ID
effects on root switch 20-17
effects on secondary root switch 20-19
unexpected behavior 20-18
IEEE 802.1s
implementation 20-6
port role naming change 20-7
terminology 20-5
instances supported 19-10
interface state, blocking to forwarding 21-2
interoperability and compatibility among modes 19-11
interoperability with IEEE 802.1D
described 20-9
restarting migration process 20-26
IST
defined 20-3
master 20-3
operations within a region 20-3
loop guard
described 21-11
enabling 21-18
mapping VLANs to MST instance 20-16
MST region
CIST 20-3
configuring 20-16
described 20-2
hop-count mechanism 20-5
IST 20-3
supported spanning-tree instances 20-2
optional features supported 1-8
overview 20-2
Port Fast
described 21-2
enabling 21-12
preventing root switch selection 21-10
root guard
described 21-10
enabling 21-18
root switch
configuring 20-18
effects of extended system ID 20-17
unexpected behavior 20-18
shutdown Port Fast-enabled port 21-2
stack changes, effects of 20-8
status, displaying 20-26
multiauth mode
See multiple-authentication mode
multicast groups
Immediate Leave 25-5
joining 25-3
leaving 25-5
static joins 25-10, 40-8
multicast packets
ACLs on 35-41
blocking 26-8
multicast router interfaces, monitoring 25-17, 40-12
multicast router ports, adding 25-9, 40-8
Multicast Source Discovery Protocol
See MSDP
multicast storm 26-1
multicast storm-control command 26-4
multicast television application 25-18
multicast VLAN 25-17
Multicast VLAN Registration
See MVR
multidomain authentication
See MDA
multioperations scheduling, IP SLAs 43-5
multiple authentication 11-12
multiple authentication mode
configuring 11-41
Multiple HSRP
See MHSRP
multiple VPN routing/forwarding in customer edge devices
See multi-VRF CE
multi-VRF CE
configuration example 38-84
configuration guidelines 38-77
configuring 38-76
default configuration 38-76
defined 38-74
displaying 38-88
monitoring 38-88
network components 38-76
packet-forwarding process 38-76
support for 1-13
MVR
and address aliasing 25-21
and IGMPv3 25-21
configuration guidelines 25-20
configuring interfaces 25-22
default configuration 25-20
described 25-17
example application 25-18
in the switch stack 25-20
modes 25-21
monitoring 25-24
multicast television application 25-18
setting global parameters 25-21
support for 1-4
N
NAC
AAA down policy 1-11
critical authentication 11-20, 11-50
IEEE 802.1x authentication using a RADIUS server 11-54
IEEE 802.1x validation using RADIUS server 11-54
inaccessible authentication bypass 1-11, 11-50
Layer 2 IEEE 802.1x validation 1-11, 11-25, 11-54
Layer 2 IP validation 1-11
named IPv4 ACLs 35-15
NameSpace Mapper
See NSM
native VLAN
and IEEE 802.1Q tunneling 18-4
configuring 14-23
default 14-23
NEAT
configuring 11-55
overview 11-26
neighbor discovery, IPv6 39-4
neighbor discovery/recovery, EIGRP 38-35
neighbors, BGP 38-58
Network Admission Control
NAC
Network Admission Control Software Configuration Guide 11-62, 11-63
Network Assistant
benefits 1-2
described 1-5
downloading image files 1-3
guide mode 1-2
management options 1-2
managing switch stacks 6-2, 6-15
upgrading a switch C-23
wizards 1-3
network configuration examples
cost-effective wiring closet 1-19
high-performance wiring closet 1-20
increasing network performance 1-18
large network 1-24
long-distance, high-bandwidth transport 1-27
multidwelling network 1-25
providing network services 1-18
redundant Gigabit backbone 1-20
server aggregation and Linux server cluster 1-21
small to medium-sized network 1-23
network design
performance 1-18
services 1-18
Network Edge Access Topology
See NEAT
network management
CDP 27-1
RMON 31-1
SNMP 33-1
network performance, measuring with IP SLAs 43-3
network policy TLV 28-2, 28-7
Network Time Protocol
See NTP
no commands 2-4
nonhierarchical policy maps
configuration guidelines 36-33
described 36-9
non-IP traffic filtering 35-28
nontrunking mode 14-18
normal-range VLANs 14-4
configuration guidelines 14-6
configuration modes 14-7
configuring 14-4
defined 14-1
no switchport command 12-4
not-so-stubby areas
See NSSA
NSAPs, as ISO IGRP addresses 38-64
NSF Awareness
IS-IS 38-66
NSM 5-3
NSSA, OSPF 38-30
NTP
associations
authenticating 8-4
defined 8-2
enabling broadcast messages 8-6
peer 8-5
server 8-5
default configuration 8-4
displaying the configuration 8-11
overview 8-2
restricting access
creating an access group 8-8
disabling NTP services per interface 8-10
source IP address, configuring 8-10
stratum 8-2
support for 1-6
synchronizing devices 8-5
time
services 8-2
synchronizing 8-2
O
object tracking
HSRP 44-7
IP SLAs 44-9
IP SLAs, configuring 44-9
monitoring 44-12
offline configuration for switch stacks 6-6
online diagnostics
overview 50-1
running tests 50-3
understanding 50-1
open1x
configuring 11-59
open1x authentication
overview 11-25
Open Shortest Path First
See OSPF
optimizing system resources 9-1
options, management 1-5
OSPF
area parameters, configuring 38-30
configuring 38-28
default configuration
metrics 38-32
route 38-31
settings 38-26
described 38-25
for IPv6 39-6
interface parameters, configuring 38-29
LSA group pacing 38-33
monitoring 38-34
router IDs 38-33
route summarization 38-31
support for 1-12
virtual links 38-31
out-of-profile markdown 1-12
P
packet modification, with QoS 36-19
PAgP
Layer 2 protocol tunneling 18-9
See EtherChannel
parallel paths, in routing tables 38-90
passive interfaces
configuring 38-100
OSPF 38-32
passwords
default configuration 10-2
disabling recovery of 10-5
encrypting 10-3
for security 1-9
in clusters 7-13
overview 10-1
recovery of 49-3
setting
enable 10-3
enable secret 10-3
Telnet 10-6
with usernames 10-6
VTP domain 15-8
path cost
MSTP 20-21
STP 19-20
path MTU discovery 39-4
PBR
defined 38-97
enabling 38-98
fast-switched policy-based routing 38-100
local policy-based routing 38-100
PC (passive command switch) 7-10
peers, BGP 38-58
percentage thresholds in tracked lists 44-6
performance, network design 1-18
performance features 1-4
persistent self-signed certificate 10-43
per-user ACLs and Filter-Ids 11-8
per-VLAN spanning-tree plus
See PVST+
PE to CE routing, configuring 38-84
physical ports 12-2
PIM
default configuration 46-10
dense mode
overview 46-4
rendezvous point (RP), described 46-5
RPF lookups 46-8
displaying neighbors 46-62
enabling a mode 46-13
overview 46-4
router-query message interval, modifying 46-37
shared tree and source tree, overview 46-35
shortest path tree, delaying the use of 46-36
sparse mode
join messages and shared tree 46-5
overview 46-5
prune messages 46-5
RPF lookups 46-8
stub routing
configuration guidelines 46-22
displaying 46-62
enabling 46-23
overview 46-5
support for 1-13
versions
interoperability 46-11
troubleshooting interoperability problems 46-35
v2 improvements 46-4
PIM-DVMRP, as snooping method 25-8
ping
character output description 49-15
executing 49-15
overview 49-14
PoE
auto mode 12-8
CDP with power consumption, described 12-7
CDP with power negotiation, described 12-7
Cisco intelligent power management 12-7
configuring 12-22
devices supported 12-7
high-power devices operating in low-power mode 12-7
IEEE power classification levels 12-8
power budgeting 12-23
power consumption 12-23
powered-device detection and initial power allocation 12-7
power management modes 12-8
power negotiation extensions to CDP 12-7
standards supported 12-7
static mode 12-9
troubleshooting 49-13
policed-DSCP map for QoS 36-64
policers
configuring
for each matched traffic class 36-48
for more than one traffic class 36-59
described 36-4
displaying 36-79
number of 36-34
types of 36-9
policing
described 36-4
hierarchical
See hierarchical policy maps
token-bucket algorithm 36-9
policy-based routing
See PBR
policy maps for QoS
characteristics of 36-48
described 36-7
displaying 36-80
hierarchical 36-8
hierarchical on SVIs
configuration guidelines 36-33
configuring 36-52
described 36-11
nonhierarchical on physical ports
configuration guidelines 36-33
described 36-9
POP 1-25
port ACLs
defined 35-2
types of 35-3
Port Aggregation Protocol
See EtherChannel
port-based authentication
accounting 11-13
authentication server
defined 11-3
RADIUS server 11-3
client, defined 11-3
configuration guidelines 11-32
configuring
802.1x authentication 11-38
guest VLAN 11-47
host mode 11-41
inaccessible authentication bypass 11-50
manual re-authentication of a client 11-43
periodic re-authentication 11-42
quiet period 11-43
RADIUS server 11-40
RADIUS server parameters on the switch 11-39
restricted VLAN 11-48
switch-to-client frame-retransmission number 11-45
switch-to-client retransmission time 11-44
violation modes 11-37
default configuration 11-31
described 11-1
device roles 11-2
displaying statistics 11-65
downloadable ACLs and redirect URLs
configuring11-57to 11-59
overview11-17to 11-18
EAPOL-start frame 11-5
EAP-request/identity frame 11-5
EAP-response/identity frame 11-5
encapsulation 11-3
flexible authentication ordering
configuring 11-59
overview 11-25
guest VLAN
configuration guidelines 11-19, 11-20
described 11-18
host mode 11-11
inaccessible authentication bypass
configuring 11-50
described 11-20
guidelines 11-33
initiation and message exchange 11-5
magic packet 11-23
maximum number of allowed devices per port 11-34
method lists 11-38
multiple authentication 11-12
per-user ACLs
AAA authorization 11-38
configuration tasks 11-17
described 11-16
RADIUS server attributes 11-16
ports
authorization state and dot1x port-control command 11-9
authorized and unauthorized 11-9
critical 11-20
voice VLAN 11-21
port security
and voice VLAN 11-23
described 11-22
interactions 11-22
multiple-hosts mode 11-11
readiness check
configuring 11-35
described 11-14, 11-35
resetting to default values 11-64
stack changes, effects of 11-10
statistics, displaying 11-65
switch
as proxy 11-3
RADIUS client 11-3
switch supplicant
configuring 11-55
overview 11-26
upgrading from a previous release 36-26
VLAN assignment
AAA authorization 11-38
characteristics 11-15
configuration tasks 11-16
described 11-15
voice aware 802.1x security
configuring 11-36
described 11-26, 11-36
voice VLAN
described 11-21
PVID 11-21
VVID 11-21
wake-on-LAN, described 11-23
port-based authentication methods, supported 11-7
port blocking 1-4, 26-7
port-channel
See EtherChannel
port description TLV 28-2
Port Fast
described 21-2
enabling 21-12
mode, spanning tree 14-29
support for 1-8
port membership modes, VLAN 14-3
port priority
MSTP 20-20
STP 19-18
ports
10-Gigabit Ethernet module 12-6
access 12-3
blocking 26-7
dynamic access 14-3
IEEE 802.1Q tunnel 14-4
protected 26-6
routed 12-4
secure 26-8
static-access 14-3, 14-11
switch 12-2
trunks 14-3, 14-16
VLAN assignments 14-11
port security
aging 26-17
and private VLANs 26-18
and QoS trusted boundary 36-38
and stacking 26-18
configuring 26-13
default configuration 26-11
described 26-8
displaying 26-19
enabling 26-18
on trunk ports 26-14
sticky learning 26-9
violations 26-10
with other features 26-11
port-shutdown response, VMPS 14-28
port VLAN ID TLV 28-2
power management TLV 28-2, 28-7
Power over Ethernet
See PoE
preemption, default configuration 22-7
preemption delay, default configuration 22-8
preferential treatment of traffic
See QoS
prefix lists, BGP 38-56
preventing unauthorized access 10-1
primary interface for object tracking, DHCP, configuring 44-11
primary interface for static routing, configuring 44-10
primary links 22-2
primary VLANs 17-1, 17-3
priority
HSRP 42-8
overriding CoS 16-6
trusting CoS 16-6
private VLAN edge ports
See protected ports
private VLANs
across multiple switches 17-4
and SDM template 17-4
and SVIs 17-5
and switch stacks 17-5
benefits of 17-1
community ports 17-2
community VLANs 17-2, 17-3
configuration guidelines 17-7, 17-8
configuration tasks 17-6
configuring 17-9
default configuration 17-6
end station access to 17-3
IP addressing 17-3
isolated port 17-2
isolated VLANs 17-2, 17-3
mapping 17-13
monitoring 17-14
ports
community 17-2
configuration guidelines 17-8
configuring host ports 17-11
configuring promiscuous ports 17-12
described 14-4
isolated 17-2
promiscuous 17-2
primary VLANs 17-1, 17-3
promiscuous ports 17-2
secondary VLANs 17-2
subdomains 17-1
traffic in 17-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 10-9
command switch 7-17
exiting 10-9
logging into 10-9
mapping on member switches 7-17
overview 10-2, 10-7
setting a command with 10-8
promiscuous ports
configuring 17-12
defined 17-2
protected ports 1-9, 26-6
protocol-dependent modules, EIGRP 38-36
Protocol-Independent Multicast Protocol
See PIM
provider edge devices 38-75
provisioned switches and IP source guard 23-18
provisioning new members for a switch stack 6-6
proxy ARP
configuring 38-11
definition 38-9
with IP routing disabled 38-12
proxy reports 22-3
pruning, VTP
disabling
in VTP domain 15-14
on a port 14-23
enabling
in VTP domain 15-14
on a port 14-23
examples 15-5
overview 15-4
pruning-eligible list
changing 14-23
for VTP pruning 15-5
VLANs 15-14
PVST+
described 19-10
IEEE 802.1Q trunking interoperability 19-11
instances supported 19-10
Q
QoS
and MQC commands 36-1
auto-QoS
categorizing traffic 36-20
configuration and defaults display 36-29
configuration guidelines 36-25
described 36-20
disabling 36-27
displaying generated commands 36-27
displaying the initial configuration 36-29
effects on running configuration 36-25
egress queue defaults 36-21
enabling for VoIP 36-27
example configuration 36-28
ingress queue defaults 36-21
list of generated commands 36-22
basic model 36-4
classification
class maps, described 36-7
defined 36-4
DSCP transparency, described 36-40
flowchart 36-6
forwarding treatment 36-3
in frames and packets 36-3
IP ACLs, described 36-5, 36-7
MAC ACLs, described 36-5, 36-7
options for IP traffic 36-5
options for non-IP traffic 36-5
policy maps, described 36-7
trust DSCP, described 36-5
trusted CoS, described 36-5
trust IP precedence, described 36-5
class maps
configuring 36-46
displaying 36-79
configuration guidelines
auto-QoS 36-25
standard QoS 36-33
configuring
aggregate policers 36-59
auto-QoS 36-20
default port CoS value 36-38
DSCP maps 36-61
DSCP transparency 36-40
DSCP trust states bordering another domain 36-40
egress queue characteristics 36-71
ingress queue characteristics 36-67
IP extended ACLs 36-44
IP standard ACLs 36-43
MAC ACLs 36-45
policy maps, hierarchical 36-52
port trust states within the domain 36-36
trusted boundary 36-38
default auto configuration 36-20
default standard configuration 36-30
displaying statistics 36-79
DSCP transparency 36-40
egress queues
allocating buffer space 36-72
buffer allocation scheme, described 36-17
configuring shaped weights for SRR 36-75
configuring shared weights for SRR 36-77
described 36-4
displaying the threshold map 36-75
flowchart 36-17
mapping DSCP or CoS values 36-74
scheduling, described 36-4
setting WTD thresholds 36-72
WTD, described 36-18
enabling globally 36-35
flowcharts
classification 36-6
egress queueing and scheduling 36-17
ingress queueing and scheduling 36-15
policing and marking 36-10
implicit deny 36-7
ingress queues
allocating bandwidth 36-69
allocating buffer space 36-69
buffer and bandwidth allocation, described 36-16
configuring shared weights for SRR 36-69
configuring the priority queue 36-70
described 36-4
displaying the threshold map 36-68
flowchart 36-15
mapping DSCP or CoS values 36-68
priority queue, described 36-16
scheduling, described 36-4
setting WTD thresholds 36-68
WTD, described 36-16
IP phones
automatic classification and queueing 36-20
detection and trusted settings 36-20, 36-38
limiting bandwidth on egress interface 36-78
mapping tables
CoS-to-DSCP 36-61
displaying 36-79
DSCP-to-CoS 36-65
DSCP-to-DSCP-mutation 36-66
IP-precedence-to-DSCP 36-63
policed-DSCP 36-64
types of 36-12
marked-down actions 36-50, 36-56
marking, described 36-4, 36-8
overview 36-2
packet modification 36-19
policers
configuring 36-50, 36-56, 36-59
described 36-8
displaying 36-79
number of 36-34
types of 36-9
policies, attaching to an interface 36-8
policing
described 36-4, 36-8
token bucket algorithm 36-9
policy maps
characteristics of 36-48
displaying 36-80
hierarchical 36-8
hierarchical on SVIs 36-52
nonhierarchical on physical ports 36-48
QoS label, defined 36-4
queues
configuring egress characteristics 36-71
configuring ingress characteristics 36-67
high priority (expedite) 36-19, 36-78
location of 36-13
SRR, described 36-14
WTD, described 36-13
rewrites 36-19
support for 1-11
trust states
bordering another domain 36-40
described 36-5
trusted device 36-38
within the domain 36-36
quality of service
See QoS
queries, IGMP 25-4
query solicitation, IGMP 25-13
R
RADIUS
attributes
vendor-proprietary 10-31
vendor-specific 10-29
configuring
accounting 10-28
authentication 10-23
authorization 10-27
communication, global 10-21, 10-29
communication, per-server 10-20, 10-21
multiple UDP ports 10-20
default configuration 10-20
defining AAA server groups 10-25
displaying the configuration 10-32
identifying the server 10-20
in clusters 7-16
limiting the services to the user 10-27
method list, defined 10-19
operation of 10-19
overview 10-18
server load balancing 10-31
suggested network environments 10-18
support for 1-11
tracking services accessed by user 10-28
range
macro 12-14
of interfaces 12-12
rapid convergence 20-10
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
described 19-10
IEEE 802.1Q trunking interoperability 19-11
instances supported 19-10
Rapid Spanning Tree Protocol
See RSTP
RARP 38-9
rcommand command 7-16
RCP
configuration files
downloading C-17
overview C-15
preparing the server C-16
uploading C-18
image files
deleting old image C-36
downloading C-35
preparing the server C-34
uploading C-36
reachability, tracking IP SLAs IP host 44-9
readiness check
port-based authentication
configuring 11-35
described 11-14, 11-35
reconfirmation interval, VMPS, changing 14-31
reconfirming dynamic VLAN membership 14-31
recovery procedures 49-1
redirect URL 11-17, 11-57
redundancy
EtherChannel 37-3
HSRP 42-1
STP
backbone 19-8
multidrop backbone 21-5
path cost 14-26
port priority 14-24
redundant links and UplinkFast 21-15
reliable transport protocol, EIGRP 38-35
reloading software 3-21
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
remote SPAN 30-3
report suppression, IGMP
described 25-6
disabling 25-16, 40-11
resequencing ACL entries 35-15
resets, in BGP 38-50
resetting a UDLD-shutdown interface 29-6
responder, IP SLAs
described 43-4
enabling 43-8
response time, measuring with IP SLAs 43-4
restricted VLAN
configuring 11-48
described 11-19
using with IEEE 802.1x 11-19
restricting access
NTP services 8-8
overview 10-1
passwords and privilege levels 10-2
RADIUS 10-17
TACACS+ 10-10
retry count, VMPS, changing 14-32
reverse address resolution 38-9
Reverse Address Resolution Protocol
See RARP
RFC
1058, RIP 38-19
1112, IP multicast and IGMP 25-2
1157, SNMPv1 33-2
1163, BGP 38-43
1166, IP addresses 38-7
1253, OSPF 38-25
1267, BGP 38-43
1305, NTP 8-2
1587, NSSAs 38-25
1757, RMON 31-2
1771, BGP 38-43
1901, SNMPv2C 33-2
1902 to 1907, SNMPv2 33-2
2236, IP multicast and IGMP 25-2
2273-2275, SNMPv3 33-2
RIP
advertisements 38-20
authentication 38-22
configuring 38-21
default configuration 38-20
described 38-20
for IPv6 39-6
hop counts 38-20
split horizon 38-23
summary addresses 38-23
support for 1-12
RMON
default configuration 31-3
displaying status 31-6
enabling alarms and events 31-3
groups supported 31-2
overview 31-1
statistics
collecting group Ethernet 31-5
collecting group history 31-5
support for 1-14
root guard
described 21-10
enabling 21-18
support for 1-8
root switch
MSTP 20-17
STP 19-16
route calculation timers, OSPF 38-32
route dampening, BGP 38-62
routed packets, ACLs on 35-40
routed ports
configuring 38-5
defined 12-4
in switch clusters 7-8
IP addresses on 12-26, 38-5
route-map command 38-99
route maps
BGP 38-54
policy-based routing 38-97
router ACLs
defined 35-2
types of 35-4
route reflectors, BGP 38-61
router ID, OSPF 38-33
route selection, BGP 38-52
route summarization, OSPF 38-31
route targets, VPN 38-76
routing
default 38-3
dynamic 38-3
redistribution of information 38-93
static 38-3
routing domain confederation, BGP 38-61
Routing Information Protocol
See RIP
routing protocol administrative distances 38-91
RSPAN
and stack changes 30-10
characteristics 30-9
configuration guidelines 30-18
default configuration 30-11
defined 30-3
destination ports 30-8
displaying status 30-25
in a switch stack 30-2
interaction with other features 30-9
monitored ports 30-6
monitoring ports 30-8
overview 1-14, 30-1
received traffic 30-5
session limits 30-11
sessions
creating 30-19
defined 30-4
limiting source traffic to specific VLANs 30-24
specifying monitored ports 30-19
with ingress traffic enabled 30-22
source ports 30-6
transmitted traffic 30-6
VLAN-based 30-7
RSTP
active topology 20-10
BPDU
format 20-12
processing 20-13
designated port, defined 20-9
designated switch, defined 20-9
interoperability with IEEE 802.1D
described 20-9
restarting migration process 20-26
topology changes 20-13
overview 20-9
port roles
described 20-9
synchronized 20-11
proposal-agreement handshake process 20-10
rapid convergence
cross-stack rapid convergence 20-11
described 20-10
edge ports and Port Fast 20-10
point-to-point links 20-10, 20-24
root ports 20-10
root port, defined 20-9
See also MSTP
running configuration
replacing C-19, C-20
rolling back C-19, C-20
running configuration, saving 3-15
S
SC (standby command switch) 7-10
scheduled reloads 3-21
scheduling, IP SLAs operations 43-5
SCP
and SSH 10-49
configuring 10-49
SDM
described 9-1
switch stack consideration 6-9
templates
configuring 9-6
number of 9-1
SDM mismatch mode 6-9, 9-4
SDM template 41-4
aggregator 9-2
configuration guidelines 9-5
configuring 9-4
desktop 9-2
dual IPv4 and IPv6 9-2
types of 9-1
secondary VLANs 17-2
Secure Copy Protocol
secure HTTP client
configuring 10-48
displaying 10-49
secure HTTP server
configuring 10-47
displaying 10-49
secure MAC addresses
and switch stacks 26-18
deleting 26-16
maximum number of 26-10
types of 26-9
secure ports
and switch stacks 26-18
configuring 26-8
secure remote connections 10-38
Secure Shell
See SSH
Secure Socket Layer
See SSL
security, port 26-8
security features 1-9
See SCP
sequence numbers in log messages 32-8
server mode, VTP 15-3
service-provider network, MSTP and RSTP 20-1
service-provider networks
and customer VLANs 18-2
and IEEE 802.1Q tunneling 18-1
Layer 2 protocols across 18-8
Layer 2 protocol tunneling for EtherChannels 18-9
set-request operation 33-5
setup program
failed command switch replacement 49-11
replacing failed command switch 49-9
severity levels, defining in system messages 32-9
SFPs
monitoring status of 12-30, 49-14
numbering of 12-11
security and identification 49-13
status, displaying 49-14
shaped round robin
See SRR
Shell functions
See Auto Smartports macros
Shell triggers
See Auto Smartports macros
show access-lists hw-summary command 35-22
show and more command output, filtering 2-10
show cdp traffic command 27-5
show cluster members command 7-16
show configuration command 12-24
show forward command 49-22
show interfaces command 12-19, 12-24
show interfaces switchport 22-4
show l2protocol command 18-13, 18-15, 18-16
show lldp traffic command 28-11
show platform forward command 49-22
show running-config command
displaying ACLs 35-20, 35-21, 35-32, 35-35
interface description in 12-24
shutdown command on interfaces 12-31
shutdown threshold for Layer 2 protocol packets 18-11
Simple Network Management Protocol
See SNMP
small form-factor pluggable modules
See SFPs
small-frame arrival rate, configuring 26-5
Smartports macros
applying Cisco-default macros 13-12
applying global parameter values 13-13
configuration guidelines 13-12
default configuration 13-11
defined 13-1
displaying 13-14
tracing 13-12
SNAP 27-1
SNMP
accessing MIB variables with 33-4
agent
described 33-4
disabling 33-8
and IP SLAs 43-2
authentication level 33-11
community strings
configuring 33-8
for cluster switches 33-4
overview 33-4
configuration examples 33-18
default configuration 33-7
engine ID 33-7
groups 33-7, 33-10
host 33-7
ifIndex values 33-6
in-band management 1-6
in clusters 7-14
informs
and trap keyword 33-12
described 33-5
differences from traps 33-5
disabling 33-16
enabling 33-16
limiting access by TFTP servers 33-17
limiting system log messages to NMS 32-10
manager functions 1-5, 33-3
managing clusters with 7-17
MIBs
location of B-3
supported B-1
notifications 33-5
overview 33-1, 33-4
security levels 33-3
setting CPU threshold notification 33-16
status, displaying 33-19
system contact and location 33-17
trap manager, configuring 33-14
traps
described 33-3, 33-5
differences from informs 33-5
disabling 33-16
enabling 33-12
enabling MAC address notification 8-22
overview 33-1, 33-5
types of 33-12
users 33-7, 33-10
versions supported 33-2
SNMP and Syslog Over IPv6 39-7
SNMPv1 33-2
SNMPv2C 33-2
SNMPv3 33-3
snooping, IGMP 25-2
software compatibility
See stacks, switch
software images
location in flash C-24
recovery procedures 49-2
scheduling reloads 3-21
tar file format, described C-24
See also downloading and uploading
source addresses
in IPv4 ACLs 35-12
in IPv6 ACLs 41-5
source-and-destination-IP address based forwarding, EtherChannel 37-9
source-and-destination MAC address forwarding, EtherChannel 37-9
source-IP address based forwarding, EtherChannel 37-9
source-MAC address forwarding, EtherChannel 37-8
Source-specific multicast
See SSM
SPAN
and stack changes 30-10
configuration guidelines 30-11
default configuration 30-11
destination ports 30-8
displaying status 30-25
interaction with other features 30-9
monitored ports 30-6
monitoring ports 30-8
overview 1-14, 30-1
ports, restrictions 26-12
received traffic 30-5
session limits 30-11
sessions
configuring ingress forwarding 30-16, 30-23
creating 30-12
defined 30-4
limiting source traffic to specific VLANs 30-17
removing destination (monitoring) ports 30-14
specifying monitored ports 30-12
with ingress traffic enabled 30-15
source ports 30-6
transmitted traffic 30-6
VLAN-based 30-7
spanning tree and native VLANs 14-19
Spanning Tree Protocol
See STP
SPAN traffic 30-5
split horizon, RIP 38-23
SRR
configuring
shaped weights on egress queues 36-75
shared weights on egress queues 36-77
shared weights on ingress queues 36-69
described 36-14
shaped mode 36-14
shared mode 36-14
support for 1-12
SSH
configuring 10-39
cryptographic software image 10-37
described 1-6, 10-38
encryption methods 10-38
switch stack considerations 6-15, 10-38
user authentication methods, supported 10-39
SSL
configuration guidelines 10-45
configuring a secure HTTP client 10-48
configuring a secure HTTP server 10-46
cryptographic software image 10-42
described 10-42
monitoring 10-49
SSM
address management restrictions 46-16
CGMP limitations 46-16
components 46-14
configuration guidelines 46-15
configuring 46-14, 46-16
differs from Internet standard multicast 46-14
IGMP snooping 46-16
IGMPv3 46-14
IGMPv3 Host Signalling 46-15
IP address range 46-15
monitoring 46-16
operations 46-15
PIM 46-14
state maintenance limitations 46-16
SSM mapping 46-17
configuration guidelines 46-17
configuring 46-17, 46-19
DNS-based 46-18, 46-20
monitoring 46-22
overview 46-18
restrictions 46-18
static 46-18, 46-20
static traffic forwarding 46-21
stack, switch
MAC address of 6-5, 6-18
stack changes
effects on
IPv6 routing 39-9
stack changes, effects on
802.1x port-based authentication 11-10
ACL configuration 35-7
CDP 27-2
cross-stack EtherChannel 37-13
EtherChannel 37-10
fallback bridging 48-3
HSRP 42-5
IGMP snooping 25-6
IP routing 38-4
IPv6 ACLs 41-3
MAC address tables 8-21
MSTP 20-8
multicast routing 46-10
MVR 25-18
port security 26-18
SDM template selection 9-3
SNMP 33-1
SPAN and RSPAN 30-10
STP 19-12
switch clusters 7-14
system message log 32-2
VLANs 14-6
VTP 15-6
stack master
bridge ID (MAC address) 6-5
defined 6-1
election 6-4
IPv6 39-9
See also stacks, switch
stack member
accessing CLI of specific member 6-23
configuring
member number 6-20
priority value 6-21
defined 6-1
displaying information of 6-23
IPv6 39-10
number 6-5
priority value 6-6
provisioning a new member 6-21
replacing 6-14
See also stacks, switch
stack member number 12-11
stack protocol version 6-9
stacks, switch
accessing CLI of specific member 6-23
assigning information
member number 6-20
priority value 6-21
provisioning a new member 6-21
auto-advise 6-11
auto-copy 6-10
auto-extract 6-11
auto-upgrade 6-10
benefits 1-2
bridge ID 6-5
CDP considerations 27-2
compatibility, software 6-9
configuration file 6-14
configuration scenarios 6-16
copying an image file from one member to another C-37
default configuration 6-18
description of 6-1
displaying information of 6-23
enabling persistent MAC address timer 6-18
hardware compatibility and SDM mismatch mode 6-9
HSRP considerations 42-5
in clusters 7-14
incompatible software and image upgrades 6-13, C-37
IPv6 on 39-9
MAC address considerations 8-21
management connectivity 6-15
managing 6-1
membership 6-3
merged 6-3
MSTP instances supported 19-10
multicast routing, stack master and member roles 46-9
offline configuration
described 6-6
effects of adding a provisioned switch 6-7
effects of removing a provisioned switch 6-9
effects of replacing a provisioned switch 6-9
provisioned configuration, defined 6-6
provisioned switch, defined 6-6
provisioning a new member 6-21
partitioned 6-3, 49-8
provisioned switch
adding 6-7
removing 6-9
replacing 6-9
replacing a failed member 6-14
software compatibility 6-9
software image version 6-9
stack protocol version 6-9
STP
bridge ID 19-3
instances supported 19-10
root port selection 19-3
stack root switch election 19-3
system messages
hostnames in the display 32-1
remotely monitoring 32-2
system prompt consideration 8-14
system-wide configuration considerations 6-14
upgrading C-37
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 6-10
examples 6-11
manual upgrades with auto-advise 6-11
upgrades with auto-extract 6-11
version-mismatch mode
described 6-10
See also stack master and stack member
StackWise technology, Cisco 1-3
See also stacks, switch
standby command switch
configuring
considerations 7-11
defined 7-2
priority 7-10
requirements 7-3
virtual IP address 7-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 42-6
standby links 22-2
standby router 42-1
standby timers, HSRP 42-11
startup configuration
booting
manually 3-18
specific image 3-19
clearing C-19
configuration file
automatically downloading 3-17
specifying the filename 3-17
default boot configuration 3-17
static access ports
assigning to VLAN 14-11
defined 12-3, 14-3
static addresses
See addresses
static IP routing 1-13
static MAC addressing 1-9
static route primary interface,configuring 44-10
static routes
configuring 38-91
configuring for IPv6 39-19
understanding 39-6
static routing 38-3
static routing support, enhanced object tracking 44-10
static SSM mapping 46-18, 46-20
static traffic forwarding 46-21
static VLAN membership 14-2
statistics
802.1x 11-65
CDP 27-5
interface 12-29
IP multicast routing 46-62
LLDP 28-10
LLDP-MED 28-10
NMSP 28-10
OSPF 38-34
QoS ingress and egress 36-79
RMON group Ethernet 31-5
RMON group history 31-5
SNMP input and output 33-19
VTP 15-16
sticky learning 26-9
storm control
configuring 26-3
described 26-1
disabling 26-5
displaying 26-19
support for 1-4
thresholds 26-1
STP
accelerating root port selection 21-4
BackboneFast
described 21-7
disabling 21-17
enabling 21-16
BPDU filtering
described 21-3
disabling 21-15
enabling 21-14
BPDU guard
described 21-2
disabling 21-14
enabling 21-13
BPDU message exchange 19-3
configuration guidelines 19-13, 21-12
configuring
forward-delay time 19-23
hello time 19-22
maximum aging time 19-23
path cost 19-20
port priority 19-18
root switch 19-16
secondary root switch 19-18
spanning-tree mode 19-15
switch priority 19-21
transmit hold-count 19-24
counters, clearing 19-24
cross-stack UplinkFast
described 21-5
enabling 21-16
default configuration 19-13
default optional feature configuration 21-12
designated port, defined 19-4
designated switch, defined 19-4
detecting indirect link failures 21-8
disabling 19-16
displaying status 19-24
EtherChannel guard
described 21-10
disabling 21-17
enabling 21-17
extended system ID
effects on root switch 19-16
effects on the secondary root switch 19-18
overview 19-4
unexpected behavior 19-16
features supported 1-7
IEEE 802.1D and bridge ID 19-4
IEEE 802.1D and multicast addresses 19-9
IEEE 802.1t and VLAN identifier 19-5
inferior BPDU 19-3
instances supported 19-10
interface state, blocking to forwarding 21-2
interface states
blocking 19-6
disabled 19-7
forwarding 19-6, 19-7
learning 19-7
listening 19-7
overview 19-5
interoperability and compatibility among modes 19-11
keepalive messages 19-2
Layer 2 protocol tunneling 18-7
limitations with IEEE 802.1Q trunks 19-11
load sharing
overview 14-24
using path costs 14-26
using port priorities 14-24
loop guard
described 21-11
enabling 21-18
modes supported 19-10
multicast addresses, effect of 19-9
optional features supported 1-8
overview 19-2
path costs 14-26, 14-27
Port Fast
described 21-2
enabling 21-12
port priorities 14-25
preventing root switch selection 21-10
protocols supported 19-10
redundant connectivity 19-8
root guard
described 21-10
enabling 21-18
root port, defined 19-3
root port selection on a switch stack 19-3
root switch
configuring 19-16
effects of extended system ID 19-4, 19-16
election 19-3
unexpected behavior 19-16
shutdown Port Fast-enabled port 21-2
stack changes, effects of 19-12
status, displaying 19-24
superior BPDU 19-3
timers, described 19-22
UplinkFast
described 21-3
enabling 21-15
VLAN-bridge 19-11
stratum, NTP 8-2
stub areas, OSPF 38-30
stub routing, EIGRP 38-41
subdomains, private VLAN 17-1
subnet mask 38-7
subnet zero 38-7
success response, VMPS 14-28
summer time 8-13
SunNet Manager 1-5
supernet 38-8
supported port-based authentication methods 11-7
Smartports macros
See also Auto Smartports macros
SVI autostate exclude
configuring 12-27
defined 12-6
SVI link state 12-6
SVIs
and IP unicast routing 38-5
and router ACLs 35-4
connecting VLANs 12-9
defined 12-5
routing between VLANs 14-2
switch 39-2
switch clustering technology 7-1
See also clusters, switch
switch console port 1-6
Switch Database Management
See SDM
switched packets, ACLs on 35-39
Switched Port Analyzer
See SPAN
switched ports 12-2
switchport backup interface 22-4, 22-5
switchport block multicast command 26-8
switchport block unicast command 26-8
switchport command 12-16
switchport mode dot1q-tunnel command 18-6
switchport protected command 26-7
switch priority
MSTP 20-22
STP 19-21
switch software features 1-1
switch stacks
Catalyst 3750G wireless LAN controller switch A-2
switch virtual interface
See SVI
synchronization, BGP 38-48
syslog
See system message logging
system capabilities TLV 28-2
system clock
configuring
daylight saving time 8-13
manually 8-11
summer time 8-13
time zones 8-12
displaying the time and date 8-12
overview 8-1
See also NTP
system description TLV 28-2
system message logging
default configuration 32-4
defining error message severity levels 32-9
disabling 32-4
displaying the configuration 32-14
enabling 32-5
facility keywords, described 32-14
level keywords, described 32-10
limiting messages 32-10
message format 32-2
overview 32-1
sequence numbers, enabling and disabling 32-8
setting the display destination device 32-5
stack changes, effects of 32-2
synchronizing log messages 32-6
syslog facility 1-14
time stamps, enabling and disabling 32-8
UNIX syslog servers
configuring the daemon 32-12
configuring the logging facility 32-13
facilities supported 32-14
system MTU
and IS-IS LSPs 38-69
system MTU and IEEE 802.1Q tunneling 18-5
system name
default configuration 8-15
default setting 8-15
manual configuration 8-15
See also DNS
system name TLV 28-2
system prompt, default setting 8-14, 8-15
system resources, optimizing 9-1
system routing
IS-IS 38-64
ISO IGRP 38-64
T
TACACS+
accounting, defined 10-11
authentication, defined 10-11
authorization, defined 10-11
configuring
accounting 10-17
authentication key 10-13
authorization 10-16
login authentication 10-14
default configuration 10-13
displaying the configuration 10-17
identifying the server 10-13
in clusters 7-16
limiting the services to the user 10-16
operation of 10-12
overview 10-10
support for 1-11
tracking services accessed by user 10-17
tagged packets
IEEE 802.1Q 18-3
Layer 2 protocol 18-7
tar files
creating C-6
displaying the contents of C-7
extracting C-7
image file format C-24
TCL script, registering and defining with embedded event manager 34-6
TDR 1-14
Telnet
accessing management interfaces 2-11
number of connections 1-6
setting a password 10-6
templates, SDM 9-2
temporary self-signed certificate 10-43
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 10-6
TFTP
configuration files
downloading C-11
preparing the server C-10
uploading C-12
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
image files
deleting C-27
downloading C-26
preparing the server C-26
uploading C-28
limiting access by servers 33-17
TFTP server 1-5
threshold, traffic level 26-2
threshold monitoring, IP SLAs 43-6
time
See NTP and system clock
Time Domain Reflector
See TDR
time-range command 35-17
time ranges in ACLs 35-17
time stamps in log messages 32-8
time zones 8-12
TLVs
defined 28-1
LLDP 28-2
LLDP-MED 28-2
Token Ring VLANs
support for 14-6
VTP support 15-4
ToS 1-11
traceroute, Layer 2
and ARP 49-17
and CDP 49-16
broadcast traffic 49-16
described 49-16
IP addresses and subnets 49-17
MAC addresses and VLANs 49-16
multicast traffic 49-16
multiple devices on a port 49-17
unicast traffic 49-16
usage guidelines 49-16
traceroute command 49-18
See also IP traceroute
tracked lists
configuring 44-3
types 44-3
tracked objects
by Boolean expression 44-4
by threshold percentage 44-6
by threshold weight 44-5
tracking interface line-protocol state 44-2
tracking IP routing state 44-2
tracking objects 44-1
tracking process 44-1
track state, tracking IP SLAs 44-9
traffic
blocking flooded 26-8
fragmented 35-5
fragmented IPv6 41-2
unfragmented 35-5
traffic policing 1-12
traffic suppression 26-1
transmit hold-count
see STP
transparent mode, VTP 15-3, 15-12
trap-door mechanism 3-2
traps
configuring MAC address notification 8-22
configuring managers 33-12
defined 33-3
enabling 8-22, 33-12
notification types 33-12
overview 33-1, 33-5
troubleshooting
connectivity problems 49-14, 49-16, 49-17
CPU utilization 49-25
detecting unidirectional links 29-1
displaying crash information 49-24
PIMv1 and PIMv2 interoperability problems 46-35
setting packet forwarding 49-22
SFP security and identification 49-13
show forward command 49-22
with CiscoWorks 33-4
with debug commands 49-20
with ping 49-14
with system message logging 32-1
with traceroute 49-17
trunk failover
See link-state tracking
trunking encapsulation 1-8
trunk ports
configuring 14-20
defined 12-3, 14-3
encapsulation 14-21, 14-25, 14-27
trunks
allowed-VLAN list 14-21
configuring 14-21, 14-25, 14-27
ISL 14-16
load sharing
setting STP path costs 14-26
using STP port priorities 14-24, 14-25
native VLAN for untagged traffic 14-23
parallel 14-26
pruning-eligible list 14-23
to non-DTP device 14-17
trusted boundary for QoS 36-38
trusted port states
between QoS domains 36-40
classification options 36-5
ensuring port security for IP phones 36-38
support for 1-12
within a QoS domain 36-36
trustpoints, CA 10-43
tunneling
defined 18-1
IEEE 802.1Q 18-1
Layer 2 protocol 18-8
tunnel ports
defined 14-4
described 12-4, 18-1
IEEE 802.1Q, configuring 18-6
incompatibilities with other features 18-6
twisted-pair Ethernet, detecting unidirectional links 29-1
type of service
See ToS
U
UDLD
configuration guidelines 29-4
default configuration 29-4
disabling
globally 29-5
on fiber-optic interfaces 29-5
per interface 29-6
echoing detection mechanism 29-3
enabling
globally 29-5
per interface 29-6
Layer 2 protocol tunneling 18-10
link-detection mechanism 29-1
neighbor database 29-2
overview 29-1
resetting an interface 29-6
status, displaying 29-7
support for 1-7
UDP, configuring 38-15
UDP jitter, configuring 43-9
UDP jitter operation, IP SLAs 43-9
unauthorized ports with IEEE 802.1x 11-9
unicast MAC address filtering 1-6
and adding static addresses 8-25
and broadcast MAC addresses 8-25
and CPU packets 8-25
and multicast addresses 8-25
and router MAC addresses 8-25
configuration guidelines 8-25
described 8-25
unicast storm 26-1
unicast storm control command 26-4
unicast traffic, blocking 26-8
UniDirectional Link Detection protocol
See UDLD
UNIX syslog servers
daemon configuration 32-12
facilities supported 32-14
message logging configuration 32-13
unrecognized Type-Length-Value (TLV) support 15-4
upgrading software images
See downloading
UplinkFast
described 21-3
disabling 21-16
enabling 21-15
support for 1-8
uploading
configuration files
preparing C-10, C-13, C-16
reasons for C-9
using FTP C-14
using RCP C-18
using TFTP C-12
image files
preparing C-26, C-29, C-34
reasons for C-23
using FTP C-32
using RCP C-36
using TFTP C-28
User Datagram Protocol
See UDP
user EXEC mode 2-2
username-based authentication 10-6
V
version-dependent transparent mode 15-4
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 6-10
manual upgrades with auto-advise 6-11
upgrades with auto-extract 6-11
version-mismatch mode
described 6-10
virtual IP address
cluster standby group 7-11
command switch 7-11
Virtual Private Network
See VPN
virtual router 42-1, 42-2
virtual switches and PAgP 37-6
vlan.dat file 14-5
VLAN 1, disabling on a trunk port 14-22
VLAN 1 minimization 14-22
VLAN ACLs
See VLAN maps
vlan-assignment response, VMPS 14-28
VLAN configuration
at bootup 14-8
saving 14-8
VLAN configuration mode 2-2, 14-7
VLAN database
and startup configuration file 14-8
and VTP 15-1
VLAN configuration saved in 14-7
VLANs saved in 14-4
vlan database command 14-7
vlan dot1q tag native command 18-5
VLAN filtering and SPAN 30-7
vlan global configuration command 14-7
VLAN ID, discovering 8-28
VLAN link state 12-5
VLAN load balancing on flex links 22-2
configuration guidelines 22-8
VLAN management domain 15-2
VLAN Management Policy Server
See VMPS
VLAN map entries, order of 35-31
VLAN maps
applying 35-35
common uses for 35-35
configuration guidelines 35-31
configuring 35-30
creating 35-32
defined 35-2
denying access to a server example 35-36
denying and permitting packets 35-32
displaying 35-42
examples of ACLs and VLAN maps 35-33
removing 35-35
support for 1-9
wiring closet configuration example 35-36
VLAN membership
confirming 14-31
modes 14-3
VLAN Query Protocol
See VQP
VLANs
adding 14-9
adding to VLAN database 14-9
aging dynamic addresses 19-9
allowed on trunk 14-21
and spanning-tree instances 14-3, 14-6, 14-13
configuration guidelines, extended-range VLANs 14-13
configuration guidelines, normal-range VLANs 14-6
configuration options 14-7
configuring 14-1
configuring IDs 1006 to 4094 14-13
connecting through SVIs 12-9
creating in config-vlan mode 14-9
creating in VLAN configuration mode 14-10
customer numbering in service-provider networks 18-3
default configuration 14-8
deleting 14-10
described 12-2, 14-1
displaying 14-16
extended-range 14-1, 14-12
features 1-8
illustrated 14-2
internal 14-13
in the switch stack 14-6
limiting source traffic with RSPAN 30-24
limiting source traffic with SPAN 30-17
modifying 14-9
multicast 25-17
native, configuring 14-23
normal-range 14-1, 14-4
number supported 1-8
parameters 14-5
port membership modes 14-3
static-access ports 14-11
STP and IEEE 802.1Q trunks 19-11
supported 14-2
Token Ring 14-6
traffic between 14-2
VLAN-bridge STP 19-11, 48-2
VTP modes 15-3
VLAN Trunking Protocol
See VTP
VLAN trunks 14-16
VMPS
administering 14-32
configuration example 14-33
configuration guidelines 14-29
default configuration 14-29
description 14-28
dynamic port membership
described 14-29
reconfirming 14-31
troubleshooting 14-33
entering server address 14-30
mapping MAC addresses to VLANs 14-28
monitoring 14-32
reconfirmation interval, changing 14-31
reconfirming membership 14-31
retry count, changing 14-32
voice aware 802.1x security
port-based authentication
configuring 11-36
described 11-26, 11-36
voice-over-IP 16-1
voice VLAN
Cisco 7960 phone, port connections 16-1
configuration guidelines 16-3
configuring IP phones for data traffic
override CoS of incoming frame 16-6
trust CoS priority of incoming frame 16-6
configuring ports for voice traffic in
802.1p priority tagged frames 16-5
802.1Q frames 16-5
connecting to an IP phone 16-4
default configuration 16-3
described 16-1
displaying 16-7
IP phone data traffic, described 16-2
IP phone voice traffic, described 16-2
VPN
configuring routing in 38-83
forwarding 38-76
in service provider networks 38-74
routes 38-75
VPN routing and forwarding table
See VRF
VQP 1-8, 14-28
VRF
defining 38-76
tables 38-74
VRF-aware services
ARP 38-80
configuring 38-79
ftp 38-82
HSRP 38-81
ping 38-80
SNMP 38-80
syslog 38-82
tftp 38-82
traceroute 38-82
uRPF 38-81
VTP
adding a client to a domain 15-14
advertisements 14-19, 15-3
and extended-range VLANs 15-2
and normal-range VLANs 15-2
client mode, configuring 15-11
configuration
global configuration mode 15-7
guidelines 15-8
privileged EXEC mode 15-7
requirements 15-9
saving 15-7
VLAN configuration mode 15-8
configuration mode options 15-7
configuration requirements 15-9
configuration revision number
guideline 15-14
resetting 15-15
configuring
client mode 15-11
server mode 15-9
transparent mode 15-12
consistency checks 15-4
default configuration 15-7
described 15-1
disabling 15-12
domain names 15-8
domains 15-2
Layer 2 protocol tunneling 18-8
modes
client 15-3, 15-11
server 15-3, 15-9
transitions 15-3
transparent 15-3, 15-12
monitoring 15-16
passwords 15-8
pruning
disabling 15-14
enabling 15-14
examples 15-5
overview 15-4
support for 1-8
pruning-eligible list, changing 14-23
server mode, configuring 15-9
statistics 15-16
support for 1-8
Token Ring support 15-4
transparent mode, configuring 15-12
using 15-1
version, guidelines 15-9
Version 1 15-4
Version 2
configuration guidelines 15-9
disabling 15-13
enabling 15-13
overview 15-4
W
WCCP
authentication 45-3
configuration guidelines 45-5
default configuration 45-5
described 45-1
displaying 45-9
dynamic service groups 45-3
enabling 45-6
features unsupported 45-5
forwarding method 45-3
Layer-2 header rewrite 45-3
MD5 security 45-3
message exchange 45-2
monitoring and maintaining 45-9
negotiation 45-3
packet redirection 45-3
packet-return method 45-3
redirecting traffic received from a client 45-6
setting the password 45-7
unsupported WCCPv2 features 45-5
web authentication 11-14
configuring11-60to11-63, 11-63to ??
described 1-9, 11-27
fallback for IEEE 802.1x 11-62
Web Cache Communication Protocol
See WCCP
weighted tail drop
See WTD
weight thresholds in tracked lists 44-5
wired location service
configuring 28-9
displaying 28-10
location TLV 28-3
understanding 28-3
wireless LAN controller A-1, A-3
wizards 1-3
WTD
described 36-13
setting thresholds
egress queue-sets 36-72
ingress queues 36-68
support for 1-12
X
Xmodem protocol 49-2