Index A
aaa accounting dot1x command 2-1
aaa authentication dot1x command 2-3, 2-846
aaa authorization network command 2-5, 2-24, 2-30, 2-32, 2-34, 2-36, 2-38, 2-148, 2-316, 2-485, B-7, B-34
AAA methods 2-3, 2-846
access control entries
See ACEs
access control lists
See ACLs
access groups
IP 2-203
MAC, displaying 2-613
access list, IPv6 2-273
access map configuration mode 2-332
access mode 2-803
access ports 2-803
ACEs 2-133, 2-409
ACLs
deny 2-131
displaying 2-466
for non-IP protocols 2-320
IP 2-203
matching 2-332
on Layer 2 interfaces 2-203
permit 2-407
action command 2-6
address aliasing 2-380
aggregate-port learner 2-395
allowed VLANs 2-823
archive copy-sw command 2-8
archive download-sw command 2-11
archive tar command 2-15
archive upload-sw command 2-18
arp access-list command 2-20
authentication command bounce-port ignore 2-22
authentication command disable-port ignore 2-23
authentication control-direction command 2-24
authentication event command 2-26
authentication failed VLAN
See dot1x auth-fail vlan
authentication fallback command 2-30
authentication host-mode command 2-32
authentication mac-move permit command 2-34
authentication open command 2-36
authentication order command 2-38
authentication periodic command 2-40
authentication port-control command 2-42
authentication priority command 2-44
authentication timer command 2-46
authentication violation command 2-48
auth-fail max-attempts
See dot1x auth-fail max-attempts
auth-fail vlan
See dot1x auth-fail vlan
auth open command 2-36
auth order command 2-38
authorization state of controlled port 2-168
auth timer command 2-46
autonegotiation of duplex mode 2-181
auto qos classify command 2-50
auto qos trust command 2-53
auto qos voip command 2-56
B
BackboneFast, for STP 2-724
backup interfaces
configuring 2-796
displaying 2-543
boot (boot loader) command A-2
boot auto-copy-sw command 2-62
boot auto-download-sw command 2-63
boot config-file command 2-66
boot enable-break command 2-67
boot helper command 2-68
boot helper-config file command 2-69
booting
Cisco IOS image 2-72
displaying environment variables 2-479
interrupting 2-63, 2-67
manually 2-70
boot loader
accessing A-1
booting
Cisco IOS image A-2
helper image 2-68
directories
creating A-15
displaying a list of A-7
removing A-19
displaying
available commands A-12
memory heap utilization A-13
version A-26
environment variables
described A-20
displaying settings A-20
location of A-21
setting A-20
unsetting A-24
boot loader (continued)
files
copying A-5
deleting A-6
displaying a list of A-7
displaying the contents of A-4, A-16, A-23
renaming A-17
file system
formatting A-10
initializing flash A-9
running a consistency check A-11
prompt A-1
resetting the system A-18
boot manual command 2-70
boot private-config-file command 2-71
boot system command 2-72
BPDU filtering, for spanning tree 2-725, 2-759
BPDU guard, for spanning tree 2-727, 2-759
broadcast storm control 2-780
C
candidate switches
See clusters
cat (boot loader) command A-4
Catalyst 3750G Integrated Wireless LAN Controller Switch 2-457
CDP, enabling protocol tunneling for 2-297
channel-group command 2-75
channel-protocol command 2-79
Cisco SoftPhone
auto-QoS configuration 2-56
trusting packets sent from 2-371
CISP
See Client Information Signalling Protocol
cisp
debug platform cisp command B-34
cisp enable command 2-80
class command 2-81
class-map command 2-84
class maps
creating 2-84
defining the match criteria 2-334
displaying 2-486
class of service
See CoS
clear dot1x command 2-86
clear eap sessions command 2-87
clear errdisable interface 2-88
clear ip arp inspection log command 2-89
clear ip arp inspection statistics command 2-90
clear ipc command 2-93
clear ip dhcp snooping database command 2-91
clear ipv6 dhcp conflict command 2-94
clear l2protocol-tunnel counters command 2-95
clear lacp command 2-96
clear mac address-table command 2-97, 2-99
clear nmsp statistics command 2-100
clear pagp command 2-101
clear port-security command 2-102
clear spanning-tree counters command 2-104
clear spanning-tree detected-protocols command 2-105
clear vmps statistics command 2-106
clear vtp counters command 2-107
Client Information Signalling Protocol 2-80, 2-148, 2-485, B-7, B-34
cluster commander-address command 2-108
cluster discovery hop-count command 2-110
cluster enable command 2-111
cluster holdtime command 2-112
cluster member command 2-113
cluster outside-interface command 2-115
cluster run command 2-116
clusters
adding candidates 2-113
binding to HSRP group 2-117
building manually 2-113
communicating with
devices outside the cluster 2-115
members by using Telnet 2-437
debug messages, display B-8
displaying
candidate switches 2-489
debug messages B-8
member switches 2-491
status 2-487
hop-count limit for extended discovery 2-110
HSRP standby groups 2-117
redundancy 2-117
SNMP trap 2-713
cluster standby-group command 2-117
cluster timer command 2-119
command modes defined 1-2
command switch
See clusters
configuration files
password recovery disable considerations A-1
specifying the name 2-66, 2-71
configuring multiple interfaces 2-199
controller, wireless 2-457
copy (boot loader) command A-5
CoS
assigning default value to incoming packets 2-341
assigning to Layer 2 protocol packets 2-300
overriding the incoming value 2-341
CoS-to-DSCP map 2-345
CPU ASIC statistics, displaying 2-493
crashinfo files 2-192
critical VLAN 2-27
D
debug authentication B-2
debug auto qos command B-4
debug backup command B-6
debug cisp command B-7
debug cluster command B-8
debug dot1x command B-10
debug dtp command B-12
debug eap command B-13
debug etherchannel command B-14
debug ilpower command B-15
debug interface command B-16
debug ip dhcp snooping command B-17
debug ip igmp filter command B-19
debug ip igmp max-groups command B-20
debug ip igmp snooping command B-21
debug ip verify source packet command B-18
debug lacp command B-22
debug lldp packets command B-23
debug mac-notification command B-24
debug matm command B-25
debug matm move update command B-26
debug monitor command B-27
debug mvrdbg command B-28
debug nmsp command B-29
debug nvram command B-30
debug pagp command B-31
debug platform acl command B-32
debug platform backup interface command B-33
debug platform cisp command B-34
debug platform cli-redirection main command B-35
debug platform configuration command B-36, B-44
debug platform cpu-queues command B-37
debug platform device-manager command B-39
debug platform dot1x command B-40
debug platform etherchannel command B-41
debug platform fallback-bridging command B-42
debug platform forw-tcam command B-43
debug platform ip arp inspection command B-45
debug platform ipc command B-56
debug platform ip dhcp command B-46
debug platform ip igmp snooping command B-47
debug platform ip multicast command B-49
debug platform ip source-guard command B-52
debug platform ip unicast command B-53
debug platform ip wccp command B-55
debug platform led command B-57
debug platform matm command B-58
debug platform messaging application command B-59
debug platform phy command B-60
debug platform pm command B-62
debug platform port-asic command B-64
debug platform port-security command B-65
debug platform qos-acl-tcam command B-66
debug platform remote-commands command B-67
debug platform resource-manager command B-68
debug platform snmp command B-69
debug platform span command B-70
debug platform stack-manager command B-71
debug platform supervisor-asic command B-72
debug platform sw-bridge command B-73
debug platform tcam command B-74
debug platform udld command B-77
debug platform vlan command B-78
debug platform wireless-controller B-103
debug pm command B-79
debug port-security command B-81
debug qos-manager command B-82
debug spanning-tree backbonefast command B-85
debug spanning-tree bpdu command B-86
debug spanning-tree bpdu-opt command B-87
debug spanning-tree command B-83
debug spanning-tree mstp command B-88
debug spanning-tree switch command B-90
debug spanning-tree uplinkfast command B-92
debug sw-vlan command B-93
debug sw-vlan ifs command B-95
debug sw-vlan notification command B-96
debug sw-vlan vtp command B-98
debug udld command B-100
debug vqpc command B-102
define interface-range command 2-120
delete (boot loader) command A-6
delete command 2-122
deny (ARP access-list configuration) command 2-124
deny (IPv6) command 2-126
deny command 2-131
detect mechanism, causes 2-183
DHCP snooping
accepting untrusted packets from edge switch 2-234
enabling
on a VLAN 2-240
option 82 2-232, 2-234
trust on an interface 2-238
error recovery timer 2-189
rate limiting 2-237
DHCP snooping binding database
binding file, configuring 2-230
bindings
adding 2-228
deleting 2-228
displaying 2-563
clearing database agent statistics 2-91
database agent, configuring 2-230
displaying
binding entries 2-563
database agent status 2-565, 2-567
renewing 2-444
dir (boot loader) command A-7
directories, deleting 2-122
domain name, VTP 2-860
dot1x auth-fail max-attempts 2-142
dot1x auth-fail vlan 2-144
dot1x command 2-140
dot1x control-direction command 2-146
dot1x credentials (global configuration) command 2-148
dot1x critical global configuration command 2-149
dot1x critical interface configuration command 2-151
dot1x default command 2-153
dot1x fallback command 2-154
dot1x guest-vlan command 2-155
dot1x host-mode command 2-158
dot1x initialize command 2-160
dot1x mac-auth-bypass command 2-161
dot1x max-reauth-req command 2-163
dot1x max-req command 2-165
dot1x multiple-hosts command 2-166
dot1x pae command 2-167
dot1x port-control command 2-168
dot1x re-authenticate command 2-170
dot1x re-authentication command 2-171
dot1x reauthentication command 2-172
dot1x supplicant force-multicast command 2-173
dot1x test eapol-capable command 2-174
dot1x test timeout command 2-175
dot1x timeout command 2-176
dot1x violation-mode command 2-179
dropping packets, with ACL matches 2-6
drop threshold, Layer 2 protocol tunneling 2-297
DSCP-to-CoS map 2-345
DSCP-to-DSCP-mutation map 2-345
DTP 2-804
DTP flap
error detection for 2-183
error recovery timer 2-189
DTP negotiation 2-808
dual-purpose uplink ports
displaying configurable options 2-546
duplex command 2-180
dynamic-access ports
configuring 2-792
restrictions 2-793
dynamic ARP inspection
ARP ACLs
apply to a VLAN 2-211
define 2-20
deny packets 2-124
display 2-470
permit packets 2-399
clear
log buffer 2-89
statistics 2-90
display
ARP ACLs 2-470
configuration and operating state 2-558
log buffer 2-558
statistics 2-558
trust state and rate limit 2-558
enable per VLAN 2-221
error detection for 2-183
error recovery timer 2-189
log buffer
clear 2-89
configure 2-215
display 2-558
rate-limit incoming ARP packets 2-213
statistics
clear 2-90
display 2-558
trusted interface state 2-217
type of packet logged 2-222
validation checks 2-219
dynamic auto VLAN membership mode 2-803
dynamic desirable VLAN membership mode 2-803
Dynamic Host Configuration Protocol (DHCP)
See DHCP snooping
Dynamic Trunking Protocol
See DTP
E
EAP-request/identity frame
maximum number to send 2-165
response time before retransmitting 2-176
encapsulation methods 2-823
environment variables, displaying 2-479
epm access-control open 2-182
errdisable detect cause command 2-183
errdisable detect cause small-frame comand 2-186
errdisable recovery cause small-frame 2-188
errdisable recovery command 2-189
error conditions, displaying 2-529
error disable detection 2-183
error-disabled interfaces, displaying 2-543
EtherChannel
assigning Ethernet interface to channel group 2-75
creating port-channel logical interface 2-197
debug EtherChannel/PAgP, display B-14
debug platform-specific events, display B-41
displaying 2-533
enabling Layer 2 protocol tunneling for
LACP 2-298
PAgP 2-298
UDLD 2-298
interface information, displaying 2-543
LACP
clearing channel-group information 2-96
debug messages, display B-22
displaying 2-603
modes 2-75
port priority for hot-standby ports 2-301
restricting a protocol 2-79
system priority 2-303
load-distribution methods 2-417
EtherChannel (continued)
PAgP
aggregate-port learner 2-395
clearing channel-group information 2-101
debug messages, display B-31
displaying 2-662
error detection for 2-183
error recovery timer 2-189
learn method 2-395
modes 2-75
physical-port learner 2-395
priority of interface for transmitted traffic 2-397
Ethernet controller, internal register display 2-495
Ethernet statistics, collecting 2-447
exception crashinfo command 2-192
extended discovery of candidate switches 2-110
extended-range VLANs
and allowed VLAN list 2-823
and pruning-eligible list 2-823
extended system ID for STP 2-733
F
fallback profile command 2-193
fallback profiles, displaying 2-536
fan information, displaying 2-523
file name, VTP 2-860
files, deleting 2-122
flash_init (boot loader) command A-9
flexible authentication ordering 2-38
Flex Links
configuring 2-796
configuring preferred VLAN 2-799
displaying 2-543
flowcontrol command 2-195
format (boot loader) command A-10
forwarding packets, with ACL matches 2-6
forwarding results, display C-6
frame forwarding information, displaying C-6
front-end controller, counter and status information C-8
fsck (boot loader) command A-11
G
global configuration mode 1-2, 1-4
H
hardware ACL statistics 2-466
help (boot loader) command A-12
hierarchical policy maps 2-415
hop-count limit for clusters 2-110
host connection, port configuration 2-802
host ports, private VLANs 2-806
Hot Standby Router Protocol
See HSRP
HSRP
binding HSRP group to cluster 2-117
standby group 2-117
I
IEEE 802.1Q trunk ports and native VLANs 2-852
IEEE 802.1Q tunnel ports
configuring 2-803
displaying 2-512
limitations 2-804
IEEE 802.1x
and switchport modes 2-804
violation error recovery 2-189
See also port-based authentication
IEEE 802.1X Port Based Authentication
enabling guest VLAN supplicant 2-143, 2-154, 2-194
IGMP filters
applying 2-243
debug messages, display B-19
IGMP groups, setting maximum 2-244
IGMP maximum groups, debugging B-20
IGMP profiles
creating 2-246
displaying 2-570
IGMP snooping
adding ports as a static member of a group 2-262
displaying 2-571, 2-576, 2-578
enabling 2-248
enabling the configurable-leave timer 2-250
enabling the Immediate-Leave feature 2-259
flooding query count 2-256
interface topology change notification behavior 2-258
multicast table 2-574
querier 2-252
query solicitation 2-256
report suppression 2-254
switch topology change notification behavior 2-256
images
See software images
Immediate-Leave feature, MVR 2-382
immediate-leave processing 2-259
Immediate-Leave processing, IPv6 2-293
interface configuration mode 1-2, 1-4
interface port-channel command 2-197
interface range command 2-199
interface-range macros 2-120
interfaces
assigning Ethernet interface to channel group 2-75
configuring 2-180
configuring multiple 2-199
creating port-channel logical 2-197
debug messages, display B-16
disabling 2-709
displaying the MAC address table 2-625
restarting 2-709
interface speed, configuring 2-769
interface vlan command 2-201
internal registers, displaying 2-495, 2-505
Internet Group Management Protocol
See IGMP
invalid GBIC
error detection for 2-183
error recovery timer 2-189
ip access-group command 2-203
ip address command 2-206
IP addresses, setting 2-206
IP address matching 2-332
ip admission command 2-208
ip admission name proxy http command 2-209
ip arp inspection filter vlan command 2-211
ip arp inspection limit command 2-213
ip arp inspection log-buffer command 2-215
ip arp inspection trust command 2-217
ip arp inspection validate command 2-219
ip arp inspection vlan command 2-221
ip arp inspection vlan logging command 2-222
ip device tracking command 2-226
ip device tracking probe command 2-224
IP DHCP snooping
See DHCP snooping
ip dhcp snooping binding command 2-228
ip dhcp snooping command 2-227
ip dhcp snooping database command 2-230
ip dhcp snooping information option allow-untrusted command 2-234
ip dhcp snooping information option command 2-232
ip dhcp snooping information option format remote-id command 2-236
ip dhcp snooping limit rate command 2-237
ip dhcp snooping trust command 2-238
ip dhcp snooping verify command 2-239
ip dhcp snooping vlan command 2-240
ip dhcp snooping vlan information option format-type circuit-id string command 2-241
ip igmp filter command 2-243
ip igmp max-groups command 2-244, 2-268, 2-270
ip igmp profile command 2-246
ip igmp snooping command 2-248
ip igmp snooping last-member-query-interval command 2-250
ip igmp snooping querier command 2-252
ip igmp snooping report-suppression command 2-254
ip igmp snooping tcn command 2-256
ip igmp snooping tcn flood command 2-258
ip igmp snooping vlan immediate-leave command 2-259
ip igmp snooping vlan mrouter command 2-260
ip igmp snooping vlan static command 2-262
IP multicast addresses 2-379
IP phones
auto-QoS configuration 2-56
trusting packets sent from 2-371
IP-precedence-to-DSCP map 2-345
ip snap forwarding command 2-264
ip source binding command 2-265
IP source guard
disabling 2-272
displaying
binding entries 2-580
configuration 2-581
dynamic binding entries only 2-563
enabling 2-272
static IP source bindings 2-265
ip ssh command 2-267
IPv6 access list, deny conditions 2-126
ipv6 access-list command 2-273
ipv6 address dhcp command 2-275
ipv6 dhcp client request vendor command 2-276
ipv6 dhcp ping packets command 2-277
ipv6 dhcp pool command 2-278
ipv6 dhcp server command 2-280
ipv6 mld snooping command 2-282
ipv6 mld snooping last-listener-query count command 2-284
ipv6 mld snooping last-listener-query-interval command 2-286
ipv6 mld snooping listener-message-suppression command 2-288
ipv6 mld snooping robustness-variable command 2-289
ipv6 mld snooping tcn command 2-291
ipv6 mld snooping vlan command 2-293
IPv6 SDM template 2-448
ipv6 traffic-filter command 2-295
ip verify source command 2-272
J
jumbo frames
See MTU
L
l2protocol-tunnel command 2-297
l2protocol-tunnel cos command 2-300
LACP
See EtherChannel
lacp port-priority command 2-301
lacp system-priority command 2-303
Layer 2 mode, enabling 2-790
Layer 2 protocol ports, displaying 2-600
Layer 2 protocol-tunnel
error detection for 2-183
error recovery timer 2-189
Layer 2 protocol tunnel counters 2-95
Layer 2 protocol tunneling error recovery 2-298
Layer 2 traceroute
IP addresses 2-837
MAC addresses 2-834
Layer 3 mode, enabling 2-790
line configuration mode 1-3, 1-5
Link Aggregation Control Protocol
See EtherChannel
link flap
error detection for 2-183
error recovery timer 2-189
link state group command 2-305
link state track command 2-307
load-distribution methods for EtherChannel 2-417
location (global configuration) command 2-308
location (interface configuration) command 2-310
logging event command 2-312
logging event power-inline-status command 2-313
logging file command 2-314
logical interface 2-197
loopback error
detection for 2-183
recovery timer 2-189
loop guard, for spanning tree 2-735, 2-739
M
mab request format attribute 32 command 2-316
mac access-group command 2-318
MAC access-groups, displaying 2-613
MAC access list configuration mode 2-320
mac access-list extended command 2-320
MAC access lists 2-131
MAC addresses
disabling MAC address learning per VLAN 2-323
displaying
aging time 2-619
all 2-617
dynamic 2-623
MAC address-table move updates 2-628
notification settings 2-627, 2-630
number of addresses in a VLAN 2-621
per interface 2-625
per VLAN 2-634
static 2-632
static and dynamic entries 2-615
dynamic
aging time 2-322
deleting 2-97
displaying 2-623
enabling MAC address notification 2-327
enabling MAC address-table move update 2-325
MAC addresses (continued)
matching 2-332
persistent stack 2-777
static
adding and removing 2-329
displaying 2-632
dropping on an interface 2-330
tables 2-617
MAC address notification, debugging B-24
mac address-table aging-time 2-318, 2-332
mac address-table aging-time command 2-322
mac address-table learning command 2-323
mac address-table move update command 2-325
mac address-table notification command 2-327
mac address-table static command 2-329
mac address-table static drop command 2-330
macros
interface range 2-120, 2-199
maps
QoS
defining 2-345
displaying 2-644
VLAN
creating 2-849
defining 2-332
displaying 2-700
match (access-map configuration) command 2-332
match (class-map configuration) command 2-334
maximum transmission unit
See MTU
mdix auto command 2-336
member switches
See clusters
memory (boot loader) command A-13
mkdir (boot loader) command A-15
MLD snooping
configuring 2-288, 2-289
configuring queries 2-284, 2-286
configuring topology change notification 2-291
displaying 2-590, 2-592, 2-594, 2-596
enabling 2-282
MLD snooping on a VLAN, enabling 2-293
mls qos aggregate-policer command 2-339
mls qos command 2-337
mls qos cos command 2-341
mls qos dscp-mutation command 2-343
mls qos map command 2-345
mls qos queue-set output buffers command 2-349
mls qos queue-set output threshold command 2-351
mls qos rewrite ip dscp command 2-353
mls qos srr-queue input bandwidth command 2-355
mls qos srr-queue input buffers command 2-357
mls qos-srr-queue input cos-map command 2-359
mls qos srr-queue input dscp-map command 2-361
mls qos srr-queue input priority-queue command 2-363
mls qos srr-queue input threshold command 2-365
mls qos-srr-queue output cos-map command 2-367
mls qos srr-queue output dscp-map command 2-369
mls qos trust command 2-371
mls qos vlan-based command 2-373
mode, MVR 2-379
Mode button, and password recovery 2-452
modes, commands 1-2
monitor session command 2-374
more (boot loader) command A-16
MSTP
displaying 2-677
interoperability 2-105
link type 2-737
MSTP (continued)
MST region
aborting changes 2-742
applying changes 2-742
configuration name 2-742
configuration revision number 2-742
current or pending display 2-742
displaying 2-677
MST configuration mode 2-742
VLANs-to-instance mapping 2-742
path cost 2-744
protocol mode 2-740
restart protocol migration process 2-105
root port
loop guard 2-735
preventing from becoming designated 2-735
restricting which can be root 2-735
root guard 2-735
root switch
affects of extended system ID 2-733
hello-time 2-747, 2-755
interval between BDPU messages 2-748
interval between hello BPDU messages 2-747, 2-755
max-age 2-748
maximum hop count before discarding BPDU 2-749
port priority for selection of 2-751
primary or secondary 2-755
switch priority 2-754
state changes
blocking to forwarding state 2-761
enabling BPDU filtering 2-725, 2-759
enabling BPDU guard 2-727, 2-759
enabling Port Fast 2-759, 2-761
forward-delay time 2-746
length of listening and learning states 2-746
rapid transition to forwarding 2-737
shutting down Port Fast-enabled ports 2-759
MSTP (continued)
state information display 2-676
MTU
configuring size 2-831
displaying global setting 2-689
Multicase Listener Discovery
See MLD
multicast group address, MVR 2-382
multicast groups, MVR 2-380
Multicast Listener Discovery
See MLD
multicast router learning method 2-260
multicast router ports, configuring 2-260
multicast router ports, IPv6 2-293
multicast storm control 2-780
multicast VLAN, MVR 2-379
multicast VLAN registration
See MVR
Multiple Spanning Tree Protocol
See MSTP
MVR
and address aliasing 2-380
configuring 2-379
configuring interfaces 2-382
debug messages, display B-28
displaying 2-652
displaying interface information 2-654
members, displaying 2-656
mvr (global configuration) command 2-379
mvr (interface configuration) command 2-382
mvr vlan group command 2-383
N
native VLANs 2-823
native VLAN tagging 2-852
network-policy (global configuration) command 2-386
network-policy command 2-385
network-policy profile (network-policy configuration) command 2-387
nmsp attachment suppress command 2-390
nmsp command 2-389
no authentication logging verbose 2-391
no dot1x logging verbose 2-392
no mab logging verbose 2-393
nonegotiate, speed 2-769
nonegotiating DTP messaging 2-808
non-IP protocols
denying 2-131
forwarding 2-407
non-IP traffic access lists 2-320
non-IP traffic forwarding
denying 2-131
permitting 2-407
non-stop forwarding 2-394
normal-range VLANs 2-848
nsf command 2-394
O
online diagnostics
displaying
configured boot-up coverage level 2-509
current scheduled tasks 2-509
event logs 2-509
supported test suites 2-509
test ID 2-509
test results 2-509
test statistics 2-509
global configuration mode
clearing health monitoring diagnostic test schedule 2-89
clearing test-based testing schedule 2-136
setting health monitoring diagnostic testing 2-89
setting test-based testing 2-136
setting up health monitoring diagnostic test schedule 2-89
online diagnostics (continued)
global configuration mode
setting up test-based testing 2-136
health monitoring diagnostic tests, configuring 2-134
scheduled switchover
disabling 2-136
enabling 2-136
scheduling
enabling 2-136
removing 2-136
testing, starting 2-138
test interval, setting 2-136
P
PAgP
See EtherChannel
pagp learn-method command 2-395
pagp port-priority command 2-397
password, VTP 2-861
password-recovery mechanism, enabling and disabling 2-452
permit (ARP access-list configuration) command 2-399
permit (IPv6) command 2-401
permit (MAC access-list configuration) command 2-407
per-VLAN spanning-tree plus
See STP
physical-port learner 2-395
PID, displaying 2-557
PIM-DVMRP, as multicast router learning method 2-260
PoE
configuring the power budget 2-421
configuring the power management mode 2-418
displaying controller register values 2-503
displaying power management information 2-669
logging of status 2-313
police aggregate command 2-412
police command 2-410
policed-DSCP map 2-345
policy-map command 2-414
policy maps
applying to an interface 2-454, 2-461
creating 2-414
displaying 2-664
hierarchical 2-415
policers
displaying 2-637
for a single class 2-410
for multiple classes 2-339, 2-412
policed-DSCP map 2-345
traffic classification
defining the class 2-81
defining trust states 2-839
setting DSCP or IP precedence values 2-459
Port Aggregation Protocol
See EtherChannel
port-based authentication
AAA method list 2-3, 2-846
configuring violation modes 2-179
debug messages, display B-10
enabling IEEE 802.1x
globally 2-140
per interface 2-168
guest VLAN 2-155
host modes 2-158
IEEE 802.1x AAA accounting methods 2-1
initialize an interface 2-160, 2-175
MAC authentication bypass 2-161
manual control of authorization state 2-168
PAE as authenticator 2-167
periodic re-authentication
enabling 2-172
time between attempts 2-176
quiet period between failed authentication exchanges 2-176
re-authenticating IEEE 802.1x-enabled ports 2-170
resetting configurable IEEE 802.1x parameters 2-153
port-based authentication (continued)
switch-to-authentication server retransmission time 2-176
switch-to-client frame-retransmission number 2-163 to 2-165
switch-to-client retransmission time 2-176
test for IEEE 802.1x readiness 2-174
port-channel load-balance command 2-417
Port Fast, for spanning tree 2-761
port ranges, defining 2-120
ports, debugging B-79
ports, protected 2-821
port security
aging 2-815
debug messages, display B-81
enabling 2-810
violation error recovery 2-189
port trust states for QoS 2-371
port types, MVR 2-382
power information, displaying 2-523
power inline command 2-418
power inline consumption command 2-421
Power over Ethernet
See PoE
power rps command (user EXEC) 2-423
priority-queue command 2-425
priority value, stack member 2-684, 2-785
private-vlan command 2-427
private-vlan mapping command 2-430
private VLANs
association 2-819
configuring 2-427
configuring ports 2-806
displaying 2-695
host ports 2-806
mapping
configuring 2-819
displaying 2-543
promiscuous ports 2-806
privileged EXEC mode 1-2, 1-3
product identification information, displaying 2-557
promiscuous ports, private VLANs 2-806
protected ports, displaying 2-549
pruning
VLANs 2-823
VTP
displaying interface information 2-543
enabling 2-861
pruning-eligible VLAN list 2-825
PVST+
See STP
Q
QoS
auto-QoS
configuring 2-56
debug messages, display B-4
displaying 2-475
auto-QoS trust
configuring 2-53
class maps
creating 2-84
defining the match criteria 2-334
displaying 2-486
defining the CoS value for an incoming packet 2-341
displaying configuration information 2-475, 2-636
DSCP transparency 2-353
DSCP trusted ports
applying DSCP-to-DSCP-mutation map to 2-343
defining DSCP-to-DSCP-mutation map 2-345
QoS (continued)
egress queues
allocating buffers 2-349
defining the CoS output queue threshold map 2-367
defining the DSCP output queue threshold map 2-369
displaying buffer allocations 2-640
displaying CoS output queue threshold map 2-644
displaying DSCP output queue threshold map 2-644
displaying queueing strategy 2-640
displaying queue-set settings 2-647
enabling bandwidth shaping and scheduling 2-773
enabling bandwidth sharing and scheduling 2-775
limiting the maximum output on a port 2-771
mapping a port to a queue-set 2-432
mapping CoS values to a queue and threshold 2-367
mapping DSCP values to a queue and threshold 2-369
setting maximum and reserved memory allocations 2-351
setting WTD thresholds 2-351
enabling 2-337
ingress queues
allocating buffers 2-357
assigning SRR scheduling weights 2-355
defining the CoS input queue threshold map 2-359
defining the DSCP input queue threshold map 2-361
displaying buffer allocations 2-640
displaying CoS input queue threshold map 2-644
displaying DSCP input queue threshold map 2-644
displaying queueing strategy 2-640
displaying settings for 2-638
enabling the priority queue 2-363
QoS (continued)
ingress queues
mapping CoS values to a queue and threshold 2-359
mapping DSCP values to a queue and threshold 2-361
setting WTD thresholds 2-365
maps
defining 2-345, 2-359, 2-361, 2-367, 2-369
displaying 2-644
policy maps
applying an aggregate policer 2-412
applying to an interface 2-454, 2-461
creating 2-414
defining policers 2-339, 2-410
displaying policers 2-637
displaying policy maps 2-664
hierarchical 2-415
policed-DSCP map 2-345
setting DSCP or IP precedence values 2-459
traffic classifications 2-81
trust states 2-839
port trust states 2-371
queues, enabling the expedite 2-425
statistics
in-profile and out-of-profile packets 2-640
packets enqueued or dropped 2-640
sent and received CoS values 2-640
sent and received DSCP values 2-640
trusted boundary for IP phones 2-371
VLAN-based 2-373
quality of service
See QoS
querytime, MVR 2-379
queue-set command 2-432
R
radius-server dead-criteria command 2-433
radius-server host command 2-435
rapid per-VLAN spanning-tree plus
See STP
rapid PVST+
See STP
rcommand command 2-437
re-authenticating IEEE 802.1x-enabled ports 2-170
re-authentication
periodic 2-172
time between attempts 2-176
receiver ports, MVR 2-382
receiving flow-control packets 2-195
recovery mechanism
causes 2-189
display 2-88, 2-481, 2-527, 2-531
timer interval 2-190
redundancy for cluster switches 2-117
redundant power supply
See RPS
reload command 2-439
remote command 2-441
remote-span command 2-442
Remote Switched Port Analyzer
See RSPAN
rename (boot loader) command A-17
renew ip dhcp snooping database command 2-444
reset (boot loader) command A-18
resource templates, displaying 2-672
restricted VLAN
See dot1x auth-fail vlan
rmdir (boot loader) command A-19
rmon collection stats command 2-447
root guard, for spanning tree 2-735
routed ports
IP addresses on 2-207
number supported 2-207
RPS 2300
configuring 2-423
managing 2-423
RSPAN
configuring 2-374
displaying 2-650
filter RSPAN traffic 2-374
remote-span command 2-442
sessions
displaying 2-650
S
scheduled switchover
disabling 2-136
enabling 2-136
SDM mismatch mode 2-449, 2-685
sdm prefer command 2-448
SDM templates
allowed resources 2-450
and stacking 2-449
displaying 2-672
dual IPv4 and IPv6 2-448
secure ports, limitations 2-812
sending flow-control packets 2-195
service password-recovery command 2-452
service-policy command 2-454
session command 2-457
set (boot loader) command A-20
set command 2-459
setup command 2-461
setup express command 2-464
show access-lists command 2-466
show archive status command 2-469
show arp access-list command 2-470
show authentication command 2-471
show auto qos command 2-475
show boot command 2-479
show cable-diagnostics tdr command 2-481
show cisp command 2-485
show class-map command 2-486
show cluster candidates command 2-489
show cluster command 2-487
show cluster members command 2-491
show controllers cpu-interface command 2-493
show controllers ethernet-controller command 2-495
show controllers power inline command 2-503
show controllers tcam command 2-505
show controller utilization command 2-507
show dot1q-tunnel command 2-512
show dot1x command 2-513
show dtp 2-518
show eap command 2-520
show env command 2-523
show errdisable detect command 2-527
show errdisable flap-values command 2-529
show errdisable recovery command 2-531
show etherchannel command 2-533
show fallback profile command 2-536
show flowcontrol command 2-538
show idprom command 2-540
show interfaces command 2-543
show interfaces counters command 2-554
show inventory command 2-557
show ip arp inspection command 2-558
show ipc command 2-583
show ip dhcp snooping binding command 2-563
show ip dhcp snooping command 2-562
show ip dhcp snooping database command 2-565, 2-567
show ip igmp profile command 2-570
show ip igmp snooping address command 2-592
show ip igmp snooping command 2-571, 2-590
show ip igmp snooping groups command 2-574
show ip igmp snooping mrouter command 2-576, 2-594
show ip igmp snooping querier command 2-578, 2-596
show ip source binding command 2-580
show ipv6 access-list command 2-587
show ipv6 dhcp conflict command 2-589
show ipv6 route updated 2-598
show ip verify source command 2-581
show l2protocol-tunnel command 2-600
show lacp command 2-603
show link state group command 2-611
show lldp command 2-607
show location 2-608
show mac access-group command 2-613
show mac address-table address command 2-617
show mac address-table aging time command 2-619
show mac address-table command 2-615
show mac address-table count command 2-621
show mac address-table dynamic command 2-623
show mac address-table interface command 2-625
show mac address-table learning command 2-627
show mac address-table move update command 2-628
show mac address-table notification command 2-99, 2-630, B-26
show mac address-table static command 2-632
show mac address-table vlan command 2-634
show mls qos aggregate-policer command 2-637
show mls qos command 2-636
show mls qos input-queue command 2-638
show mls qos interface command 2-640
show mls qos maps command 2-644
show mls qos queue-set command 2-647
show mls qos vlan command 2-649
show monitor command 2-650
show mvr command 2-652
show mvr interface command 2-654
show mvr members command 2-656
show network-policy profile command 2-658
show nmsp command 2-659
show pagp command 2-662
show platform acl command C-2
show platform backup interface command C-3
show platform configuration command C-4
show platform etherchannel command C-5
show platform forward command C-6
show platform frontend-controller command C-8
show platform igmp snooping command C-9
show platform ipc trace command C-17
show platform ip multicast command C-11
show platform ip unicast command C-12
show platform ipv6 unicast command C-18
show platform ip wccp command C-16
show platform layer4op command C-20
show platform mac-address-table command C-21
show platform messaging command C-22
show platform monitor command C-23
show platform mvr table command C-24
show platform pm command C-25
show platform port-asic command C-26
show platform port-security command C-31
show platform qos command C-32
show platform resource-manager command C-33
show platform snmp counters command C-35
show platform spanning-tree command C-36
show platform stack manager command C-38
show platform stp-instance command C-37
show platform tb command C-42
show platform tcam command C-44
show platform vlan command C-47
show policy-map command 2-664
show port security command 2-666
show power inline command 2-669
show sdm prefer command 2-672
show setup express command 2-675
show spanning-tree command 2-676
show storm-control command 2-682
show switch command 2-684
show system mtu command 2-689
show trust command 2-839
show udld command 2-690
show version command 2-693
show vlan access-map command 2-700
show vlan command 2-695
show vlan command, fields 2-697
show vlan filter command 2-701
show vmps command 2-702
show vtp command 2-704
shutdown command 2-709
shutdown threshold, Layer 2 protocol tunneling 2-297
shutdown vlan command 2-710
small violation-rate command 2-711
SNMP host, specifying 2-718
SNMP informs, enabling the sending of 2-713
snmp-server enable traps command 2-713
snmp-server host command 2-718
snmp trap mac-notification change command 2-722
SNMP traps
enabling MAC address notification trap 2-722
enabling the MAC address notification feature 2-327
enabling the sending of 2-713
SoftPhone
See Cisco SoftPhone
software images
copying 2-8
deleting 2-122
downloading 2-11
upgrading 2-8, 2-11
uploading 2-18
software version, displaying 2-693
source ports, MVR 2-382
SPAN
configuring 2-374
debug messages, display B-27
displaying 2-650
filter SPAN traffic 2-374
sessions
add interfaces to 2-374
displaying 2-650
start new 2-374
spanning-tree backbonefast command 2-724
spanning-tree bpdufilter command 2-725
spanning-tree bpduguard command 2-727
spanning-tree cost command 2-729
spanning-tree etherchannel command 2-731
spanning-tree extend system-id command 2-733
spanning-tree guard command 2-735
spanning-tree link-type command 2-737
spanning-tree loopguard default command 2-739
spanning-tree mode command 2-740
spanning-tree mst configuration command 2-742
spanning-tree mst cost command 2-744
spanning-tree mst forward-time command 2-746
spanning-tree mst hello-time command 2-747
spanning-tree mst max-age command 2-748
spanning-tree mst max-hops command 2-749
spanning-tree mst port-priority command 2-751
spanning-tree mst pre-standard command 2-753
spanning-tree mst priority command 2-754
spanning-tree mst root command 2-755
spanning-tree portfast (global configuration) command 2-759
spanning-tree portfast (interface configuration) command 2-761
spanning-tree port-priority command 2-757
Spanning Tree Protocol
See STP
spanning-tree transmit hold-count command 2-763
spanning-tree uplinkfast command 2-764
spanning-tree vlan command 2-766
speed command 2-769
srr-queue bandwidth limit command 2-771
srr-queue bandwidth share command 2-775
SSH, configuring version 2-267
stack-mac persistent timer command 2-777
stack member
access 2-457
number 2-684, 2-788
priority value 2-785
provisioning 2-786
reloading 2-439
stacks, switch
disabling a member 2-783
enabling a member 2-783
MAC address 2-777
provisioning a new member 2-786
reloading 2-439
stack member access 2-457
stack member number 2-684, 2-788
stack member priority value 2-684, 2-785
static-access ports, configuring 2-792
statistics, Ethernet group 2-447
sticky learning, enabling 2-810
storm-control command 2-780
STP
BackboneFast 2-724
counters, clearing 2-104
debug messages, display
BackboneFast events B-85
MSTP B-88
optimized BPDUs handling B-87
spanning-tree activity B-83
switch shim B-90
transmitted and received BPDUs B-86
UplinkFast B-92
detection of indirect link failures 2-724
enabling protocol tunneling for 2-297
EtherChannel misconfiguration 2-731
extended system ID 2-733
path cost 2-729
protocol modes 2-740
root port
accelerating choice of new 2-764
loop guard 2-735
preventing from becoming designated 2-735
restricting which can be root 2-735
root guard 2-735
UplinkFast 2-764
STP (continued)
root switch
affects of extended system ID 2-733, 2-767
hello-time 2-766
interval between BDPU messages 2-766
interval between hello BPDU messages 2-766
max-age 2-766
port priority for selection of 2-757
primary or secondary 2-766
switch priority 2-766
state changes
blocking to forwarding state 2-761
enabling BPDU filtering 2-725, 2-759
enabling BPDU guard 2-727, 2-759
enabling Port Fast 2-759, 2-761
enabling timer to recover from error state 2-189
forward-delay time 2-766
length of listening and learning states 2-766
shutting down Port Fast-enabled ports 2-759
state information display 2-676
VLAN options 2-754, 2-766
SVIs, creating 2-201
SVI status calculation 2-794
Switched Port Analyzer
See SPAN
switching characteristics
modifying 2-790
returning to interfaces 2-790
switchport access command 2-792
switchport autostate exclude command 2-794
switchport backup interface command 2-796
switchport block command 2-800
switchport command 2-790
switchport host command 2-802
switchport mode command 2-803
switchport mode private-vlan command 2-806
switchport nonegotiate command 2-808
switchport port-security aging command 2-815
switchport port-security command 2-810
switchport priority extend command 2-817
switchport private-vlan command 2-819
switchport protected command 2-821
switchports, displaying 2-543
switchport trunk command 2-823
switchport voice vlan command 2-826, 2-827
switch priority command 2-783, 2-785
switch provision command 2-786
switch renumber command 2-788
system env temperature threshold yellow command 2-829
system message logging 2-313
system message logging, save message to flash 2-314
system mtu command 2-831
system resource templates 2-448
T
tar files, creating, listing, and extracting 2-15
TDR, running 2-833
Telnet, using to communicate to cluster switches 2-437
temperature information, displaying 2-523
templates, system resources 2-448
test cable-diagnostics tdr command 2-833
traceroute mac command 2-834
traceroute mac ip command 2-837
trunking, VLAN mode 2-803
trunk mode 2-803
trunk ports 2-803
trunks, to non-DTP device 2-804
trusted boundary for QoS 2-371
trusted port states for QoS 2-371
tunnel ports, Layer 2 protocol, displaying 2-600
type (boot loader) command A-23
U
UDLD
aggressive mode 2-841, 2-843
debug messages, display B-100
enable globally 2-841
enable per interface 2-843
error recovery timer 2-189
message timer 2-841
normal mode 2-841, 2-843
reset a shutdown interface 2-845
status 2-690
udld command 2-841
udld port command 2-843
udld reset command 2-845
unicast storm control 2-780
UniDirectional Link Detection
See UDLD
unknown multicast traffic, preventing 2-800
unknown unicast traffic, preventing 2-800
unset (boot loader) command A-24
upgrading
software images
copying 2-8
downloading 2-11
monitoring status of 2-469
UplinkFast, for STP 2-764
user EXEC mode 1-2, 1-3
V
version (boot loader) command A-26
version mismatch mode 2-685, C-39
vlan access-map command 2-849
VLAN access map configuration mode 2-849
VLAN access maps
actions 2-6
displaying 2-700
VLAN-based QoS 2-373
VLAN configuration mode
commands
VLAN 2-848
VTP 2-866
description 1-4
entering 2-851
summary 1-3
vlan dot1q tag native command 2-852
vlan filter command 2-853
VLAN filters, displaying 2-701
VLAN maps
applying 2-853
creating 2-849
defining 2-332
displaying 2-700
VLAN Query Protocol
See VQP
VLANs
configuring 2-848
debug messages, display
ISL B-96
VLAN IOS file system error tests B-95
VLAN manager activity B-93
VTP B-98
displaying configurations 2-695
enabling guest VLAN supplicant 2-143, 2-154, 2-194
MAC addresses
displaying 2-634
number of 2-621
normal-range 2-848
private 2-806
configuring 2-427
displaying 2-695
See also private VLANs
restarting 2-710
shutting down 2-710
SNMP traps for VTP 2-716, 2-719
suspending 2-710
VLAN Trunking Protocol
See VTP
VM mode 2-685, C-39
VMPS
configuring servers 2-858
displaying 2-702
error recovery timer 2-190
reconfirming dynamic VLAN assignments 2-855
vmps reconfirm (global configuration) command 2-856
vmps reconfirm (privileged EXEC) command 2-855
vmps retry command 2-857
vmps server command 2-858
voice VLAN
configuring 2-826, 2-827
setting port priority 2-817
VQP
and dynamic-access ports 2-793
clearing client statistics 2-106
displaying information 2-702
per-server retry count 2-857
reconfirmation interval 2-856
reconfirming dynamic VLAN assignments 2-855
VTP
changing characteristics 2-860
clearing pruning counters 2-107
configuring
domain name 2-860
file name 2-860
mode 2-860
password 2-861
counters display fields 2-705
displaying information 2-704
enabling
pruning 2-861
tunneling for 2-297
Version 2 2-861
enabling per port 2-865
mode 2-860
pruning 2-861
VTP (continued)
statistics 2-704
status 2-704
status display fields 2-707
vtp (global configuration) command 2-860
vtp interface configuration) command 2-865
vtp primary command 2-867
W
wireless controller, accessing 2-457
wireless controller switch. B-103
X
XENPAK module serial EERPOM information 2-499, 2-540
Index
A
aaa accounting dot1x command 2-1
aaa authentication dot1x command 2-3, 2-846
aaa authorization network command 2-5, 2-24, 2-30, 2-32, 2-34, 2-36, 2-38, 2-148, 2-316, 2-485, B-7, B-34
AAA methods 2-3, 2-846
access control entries
See ACEs
access control lists
See ACLs
access groups
IP 2-203
MAC, displaying 2-613
access list, IPv6 2-273
access map configuration mode 2-332
access mode 2-803
access ports 2-803
ACEs 2-133, 2-409
ACLs
deny 2-131
displaying 2-466
for non-IP protocols 2-320
IP 2-203
matching 2-332
on Layer 2 interfaces 2-203
permit 2-407
action command 2-6
address aliasing 2-380
aggregate-port learner 2-395
allowed VLANs 2-823
archive copy-sw command 2-8
archive download-sw command 2-11
archive tar command 2-15
archive upload-sw command 2-18
arp access-list command 2-20
authentication command bounce-port ignore 2-22
authentication command disable-port ignore 2-23
authentication control-direction command 2-24
authentication event command 2-26
authentication failed VLAN
See dot1x auth-fail vlan
authentication fallback command 2-30
authentication host-mode command 2-32
authentication mac-move permit command 2-34
authentication open command 2-36
authentication order command 2-38
authentication periodic command 2-40
authentication port-control command 2-42
authentication priority command 2-44
authentication timer command 2-46
authentication violation command 2-48
auth-fail max-attempts
See dot1x auth-fail max-attempts
auth-fail vlan
See dot1x auth-fail vlan
auth open command 2-36
auth order command 2-38
authorization state of controlled port 2-168
auth timer command 2-46
autonegotiation of duplex mode 2-181
auto qos classify command 2-50
auto qos trust command 2-53
auto qos voip command 2-56
B
BackboneFast, for STP 2-724
backup interfaces
configuring 2-796
displaying 2-543
boot (boot loader) command A-2
boot auto-copy-sw command 2-62
boot auto-download-sw command 2-63
boot config-file command 2-66
boot enable-break command 2-67
boot helper command 2-68
boot helper-config file command 2-69
booting
Cisco IOS image 2-72
displaying environment variables 2-479
interrupting 2-63, 2-67
manually 2-70
boot loader
accessing A-1
booting
Cisco IOS image A-2
helper image 2-68
directories
creating A-15
displaying a list of A-7
removing A-19
displaying
available commands A-12
memory heap utilization A-13
version A-26
environment variables
described A-20
displaying settings A-20
location of A-21
setting A-20
unsetting A-24
boot loader (continued)
files
copying A-5
deleting A-6
displaying a list of A-7
displaying the contents of A-4, A-16, A-23
renaming A-17
file system
formatting A-10
initializing flash A-9
running a consistency check A-11
prompt A-1
resetting the system A-18
boot manual command 2-70
boot private-config-file command 2-71
boot system command 2-72
BPDU filtering, for spanning tree 2-725, 2-759
BPDU guard, for spanning tree 2-727, 2-759
broadcast storm control 2-780
C
candidate switches
See clusters
cat (boot loader) command A-4
Catalyst 3750G Integrated Wireless LAN Controller Switch 2-457
CDP, enabling protocol tunneling for 2-297
channel-group command 2-75
channel-protocol command 2-79
Cisco SoftPhone
auto-QoS configuration 2-56
trusting packets sent from 2-371
CISP
See Client Information Signalling Protocol
cisp
debug platform cisp command B-34
cisp enable command 2-80
class command 2-81
class-map command 2-84
class maps
creating 2-84
defining the match criteria 2-334
displaying 2-486
class of service
See CoS
clear dot1x command 2-86
clear eap sessions command 2-87
clear errdisable interface 2-88
clear ip arp inspection log command 2-89
clear ip arp inspection statistics command 2-90
clear ipc command 2-93
clear ip dhcp snooping database command 2-91
clear ipv6 dhcp conflict command 2-94
clear l2protocol-tunnel counters command 2-95
clear lacp command 2-96
clear mac address-table command 2-97, 2-99
clear nmsp statistics command 2-100
clear pagp command 2-101
clear port-security command 2-102
clear spanning-tree counters command 2-104
clear spanning-tree detected-protocols command 2-105
clear vmps statistics command 2-106
clear vtp counters command 2-107
Client Information Signalling Protocol 2-80, 2-148, 2-485, B-7, B-34
cluster commander-address command 2-108
cluster discovery hop-count command 2-110
cluster enable command 2-111
cluster holdtime command 2-112
cluster member command 2-113
cluster outside-interface command 2-115
cluster run command 2-116
clusters
adding candidates 2-113
binding to HSRP group 2-117
building manually 2-113
communicating with
devices outside the cluster 2-115
members by using Telnet 2-437
debug messages, display B-8
displaying
candidate switches 2-489
debug messages B-8
member switches 2-491
status 2-487
hop-count limit for extended discovery 2-110
HSRP standby groups 2-117
redundancy 2-117
SNMP trap 2-713
cluster standby-group command 2-117
cluster timer command 2-119
command modes defined 1-2
command switch
See clusters
configuration files
password recovery disable considerations A-1
specifying the name 2-66, 2-71
configuring multiple interfaces 2-199
controller, wireless 2-457
copy (boot loader) command A-5
CoS
assigning default value to incoming packets 2-341
assigning to Layer 2 protocol packets 2-300
overriding the incoming value 2-341
CoS-to-DSCP map 2-345
CPU ASIC statistics, displaying 2-493
crashinfo files 2-192
critical VLAN 2-27
D
debug authentication B-2
debug auto qos command B-4
debug backup command B-6
debug cisp command B-7
debug cluster command B-8
debug dot1x command B-10
debug dtp command B-12
debug eap command B-13
debug etherchannel command B-14
debug ilpower command B-15
debug interface command B-16
debug ip dhcp snooping command B-17
debug ip igmp filter command B-19
debug ip igmp max-groups command B-20
debug ip igmp snooping command B-21
debug ip verify source packet command B-18
debug lacp command B-22
debug lldp packets command B-23
debug mac-notification command B-24
debug matm command B-25
debug matm move update command B-26
debug monitor command B-27
debug mvrdbg command B-28
debug nmsp command B-29
debug nvram command B-30
debug pagp command B-31
debug platform acl command B-32
debug platform backup interface command B-33
debug platform cisp command B-34
debug platform cli-redirection main command B-35
debug platform configuration command B-36, B-44
debug platform cpu-queues command B-37
debug platform device-manager command B-39
debug platform dot1x command B-40
debug platform etherchannel command B-41
debug platform fallback-bridging command B-42
debug platform forw-tcam command B-43
debug platform ip arp inspection command B-45
debug platform ipc command B-56
debug platform ip dhcp command B-46
debug platform ip igmp snooping command B-47
debug platform ip multicast command B-49
debug platform ip source-guard command B-52
debug platform ip unicast command B-53
debug platform ip wccp command B-55
debug platform led command B-57
debug platform matm command B-58
debug platform messaging application command B-59
debug platform phy command B-60
debug platform pm command B-62
debug platform port-asic command B-64
debug platform port-security command B-65
debug platform qos-acl-tcam command B-66
debug platform remote-commands command B-67
debug platform resource-manager command B-68
debug platform snmp command B-69
debug platform span command B-70
debug platform stack-manager command B-71
debug platform supervisor-asic command B-72
debug platform sw-bridge command B-73
debug platform tcam command B-74
debug platform udld command B-77
debug platform vlan command B-78
debug platform wireless-controller B-103
debug pm command B-79
debug port-security command B-81
debug qos-manager command B-82
debug spanning-tree backbonefast command B-85
debug spanning-tree bpdu command B-86
debug spanning-tree bpdu-opt command B-87
debug spanning-tree command B-83
debug spanning-tree mstp command B-88
debug spanning-tree switch command B-90
debug spanning-tree uplinkfast command B-92
debug sw-vlan command B-93
debug sw-vlan ifs command B-95
debug sw-vlan notification command B-96
debug sw-vlan vtp command B-98
debug udld command B-100
debug vqpc command B-102
define interface-range command 2-120
delete (boot loader) command A-6
delete command 2-122
deny (ARP access-list configuration) command 2-124
deny (IPv6) command 2-126
deny command 2-131
detect mechanism, causes 2-183
DHCP snooping
accepting untrusted packets from edge switch 2-234
enabling
on a VLAN 2-240
option 82 2-232, 2-234
trust on an interface 2-238
error recovery timer 2-189
rate limiting 2-237
DHCP snooping binding database
binding file, configuring 2-230
bindings
adding 2-228
deleting 2-228
displaying 2-563
clearing database agent statistics 2-91
database agent, configuring 2-230
displaying
binding entries 2-563
database agent status 2-565, 2-567
renewing 2-444
dir (boot loader) command A-7
directories, deleting 2-122
domain name, VTP 2-860
dot1x auth-fail max-attempts 2-142
dot1x auth-fail vlan 2-144
dot1x command 2-140
dot1x control-direction command 2-146
dot1x credentials (global configuration) command 2-148
dot1x critical global configuration command 2-149
dot1x critical interface configuration command 2-151
dot1x default command 2-153
dot1x fallback command 2-154
dot1x guest-vlan command 2-155
dot1x host-mode command 2-158
dot1x initialize command 2-160
dot1x mac-auth-bypass command 2-161
dot1x max-reauth-req command 2-163
dot1x max-req command 2-165
dot1x multiple-hosts command 2-166
dot1x pae command 2-167
dot1x port-control command 2-168
dot1x re-authenticate command 2-170
dot1x re-authentication command 2-171
dot1x reauthentication command 2-172
dot1x supplicant force-multicast command 2-173
dot1x test eapol-capable command 2-174
dot1x test timeout command 2-175
dot1x timeout command 2-176
dot1x violation-mode command 2-179
dropping packets, with ACL matches 2-6
drop threshold, Layer 2 protocol tunneling 2-297
DSCP-to-CoS map 2-345
DSCP-to-DSCP-mutation map 2-345
DTP 2-804
DTP flap
error detection for 2-183
error recovery timer 2-189
DTP negotiation 2-808
dual-purpose uplink ports
displaying configurable options 2-546
duplex command 2-180
dynamic-access ports
configuring 2-792
restrictions 2-793
dynamic ARP inspection
ARP ACLs
apply to a VLAN 2-211
define 2-20
deny packets 2-124
display 2-470
permit packets 2-399
clear
log buffer 2-89
statistics 2-90
display
ARP ACLs 2-470
configuration and operating state 2-558
log buffer 2-558
statistics 2-558
trust state and rate limit 2-558
enable per VLAN 2-221
error detection for 2-183
error recovery timer 2-189
log buffer
clear 2-89
configure 2-215
display 2-558
rate-limit incoming ARP packets 2-213
statistics
clear 2-90
display 2-558
trusted interface state 2-217
type of packet logged 2-222
validation checks 2-219
dynamic auto VLAN membership mode 2-803
dynamic desirable VLAN membership mode 2-803
Dynamic Host Configuration Protocol (DHCP)
See DHCP snooping
Dynamic Trunking Protocol
See DTP
E
EAP-request/identity frame
maximum number to send 2-165
response time before retransmitting 2-176
encapsulation methods 2-823
environment variables, displaying 2-479
epm access-control open 2-182
errdisable detect cause command 2-183
errdisable detect cause small-frame comand 2-186
errdisable recovery cause small-frame 2-188
errdisable recovery command 2-189
error conditions, displaying 2-529
error disable detection 2-183
error-disabled interfaces, displaying 2-543
EtherChannel
assigning Ethernet interface to channel group 2-75
creating port-channel logical interface 2-197
debug EtherChannel/PAgP, display B-14
debug platform-specific events, display B-41
displaying 2-533
enabling Layer 2 protocol tunneling for
LACP 2-298
PAgP 2-298
UDLD 2-298
interface information, displaying 2-543
LACP
clearing channel-group information 2-96
debug messages, display B-22
displaying 2-603
modes 2-75
port priority for hot-standby ports 2-301
restricting a protocol 2-79
system priority 2-303
load-distribution methods 2-417
EtherChannel (continued)
PAgP
aggregate-port learner 2-395
clearing channel-group information 2-101
debug messages, display B-31
displaying 2-662
error detection for 2-183
error recovery timer 2-189
learn method 2-395
modes 2-75
physical-port learner 2-395
priority of interface for transmitted traffic 2-397
Ethernet controller, internal register display 2-495
Ethernet statistics, collecting 2-447
exception crashinfo command 2-192
extended discovery of candidate switches 2-110
extended-range VLANs
and allowed VLAN list 2-823
and pruning-eligible list 2-823
extended system ID for STP 2-733
F
fallback profile command 2-193
fallback profiles, displaying 2-536
fan information, displaying 2-523
file name, VTP 2-860
files, deleting 2-122
flash_init (boot loader) command A-9
flexible authentication ordering 2-38
Flex Links
configuring 2-796
configuring preferred VLAN 2-799
displaying 2-543
flowcontrol command 2-195
format (boot loader) command A-10
forwarding packets, with ACL matches 2-6
forwarding results, display C-6
frame forwarding information, displaying C-6
front-end controller, counter and status information C-8
fsck (boot loader) command A-11
G
global configuration mode 1-2, 1-4
H
hardware ACL statistics 2-466
help (boot loader) command A-12
hierarchical policy maps 2-415
hop-count limit for clusters 2-110
host connection, port configuration 2-802
host ports, private VLANs 2-806
Hot Standby Router Protocol
See HSRP
HSRP
binding HSRP group to cluster 2-117
standby group 2-117
I
IEEE 802.1Q trunk ports and native VLANs 2-852
IEEE 802.1Q tunnel ports
configuring 2-803
displaying 2-512
limitations 2-804
IEEE 802.1x
and switchport modes 2-804
violation error recovery 2-189
See also port-based authentication
IEEE 802.1X Port Based Authentication
enabling guest VLAN supplicant 2-143, 2-154, 2-194
IGMP filters
applying 2-243
debug messages, display B-19
IGMP groups, setting maximum 2-244
IGMP maximum groups, debugging B-20
IGMP profiles
creating 2-246
displaying 2-570
IGMP snooping
adding ports as a static member of a group 2-262
displaying 2-571, 2-576, 2-578
enabling 2-248
enabling the configurable-leave timer 2-250
enabling the Immediate-Leave feature 2-259
flooding query count 2-256
interface topology change notification behavior 2-258
multicast table 2-574
querier 2-252
query solicitation 2-256
report suppression 2-254
switch topology change notification behavior 2-256
images
See software images
Immediate-Leave feature, MVR 2-382
immediate-leave processing 2-259
Immediate-Leave processing, IPv6 2-293
interface configuration mode 1-2, 1-4
interface port-channel command 2-197
interface range command 2-199
interface-range macros 2-120
interfaces
assigning Ethernet interface to channel group 2-75
configuring 2-180
configuring multiple 2-199
creating port-channel logical 2-197
debug messages, display B-16
disabling 2-709
displaying the MAC address table 2-625
restarting 2-709
interface speed, configuring 2-769
interface vlan command 2-201
internal registers, displaying 2-495, 2-505
Internet Group Management Protocol
See IGMP
invalid GBIC
error detection for 2-183
error recovery timer 2-189
ip access-group command 2-203
ip address command 2-206
IP addresses, setting 2-206
IP address matching 2-332
ip admission command 2-208
ip admission name proxy http command 2-209
ip arp inspection filter vlan command 2-211
ip arp inspection limit command 2-213
ip arp inspection log-buffer command 2-215
ip arp inspection trust command 2-217
ip arp inspection validate command 2-219
ip arp inspection vlan command 2-221
ip arp inspection vlan logging command 2-222
ip device tracking command 2-226
ip device tracking probe command 2-224
IP DHCP snooping
See DHCP snooping
ip dhcp snooping binding command 2-228
ip dhcp snooping command 2-227
ip dhcp snooping database command 2-230
ip dhcp snooping information option allow-untrusted command 2-234
ip dhcp snooping information option command 2-232
ip dhcp snooping information option format remote-id command 2-236
ip dhcp snooping limit rate command 2-237
ip dhcp snooping trust command 2-238
ip dhcp snooping verify command 2-239
ip dhcp snooping vlan command 2-240
ip dhcp snooping vlan information option format-type circuit-id string command 2-241
ip igmp filter command 2-243
ip igmp max-groups command 2-244, 2-268, 2-270
ip igmp profile command 2-246
ip igmp snooping command 2-248
ip igmp snooping last-member-query-interval command 2-250
ip igmp snooping querier command 2-252
ip igmp snooping report-suppression command 2-254
ip igmp snooping tcn command 2-256
ip igmp snooping tcn flood command 2-258
ip igmp snooping vlan immediate-leave command 2-259
ip igmp snooping vlan mrouter command 2-260
ip igmp snooping vlan static command 2-262
IP multicast addresses 2-379
IP phones
auto-QoS configuration 2-56
trusting packets sent from 2-371
IP-precedence-to-DSCP map 2-345
ip snap forwarding command 2-264
ip source binding command 2-265
IP source guard
disabling 2-272
displaying
binding entries 2-580
configuration 2-581
dynamic binding entries only 2-563
enabling 2-272
static IP source bindings 2-265
ip ssh command 2-267
IPv6 access list, deny conditions 2-126
ipv6 access-list command 2-273
ipv6 address dhcp command 2-275
ipv6 dhcp client request vendor command 2-276
ipv6 dhcp ping packets command 2-277
ipv6 dhcp pool command 2-278
ipv6 dhcp server command 2-280
ipv6 mld snooping command 2-282
ipv6 mld snooping last-listener-query count command 2-284
ipv6 mld snooping last-listener-query-interval command 2-286
ipv6 mld snooping listener-message-suppression command 2-288
ipv6 mld snooping robustness-variable command 2-289
ipv6 mld snooping tcn command 2-291
ipv6 mld snooping vlan command 2-293
IPv6 SDM template 2-448
ipv6 traffic-filter command 2-295
ip verify source command 2-272
J
jumbo frames
See MTU
L
l2protocol-tunnel command 2-297
l2protocol-tunnel cos command 2-300
LACP
See EtherChannel
lacp port-priority command 2-301
lacp system-priority command 2-303
Layer 2 mode, enabling 2-790
Layer 2 protocol ports, displaying 2-600
Layer 2 protocol-tunnel
error detection for 2-183
error recovery timer 2-189
Layer 2 protocol tunnel counters 2-95
Layer 2 protocol tunneling error recovery 2-298
Layer 2 traceroute
IP addresses 2-837
MAC addresses 2-834
Layer 3 mode, enabling 2-790
line configuration mode 1-3, 1-5
Link Aggregation Control Protocol
See EtherChannel
link flap
error detection for 2-183
error recovery timer 2-189
link state group command 2-305
link state track command 2-307
load-distribution methods for EtherChannel 2-417
location (global configuration) command 2-308
location (interface configuration) command 2-310
logging event command 2-312
logging event power-inline-status command 2-313
logging file command 2-314
logical interface 2-197
loopback error
detection for 2-183
recovery timer 2-189
loop guard, for spanning tree 2-735, 2-739
M
mab request format attribute 32 command 2-316
mac access-group command 2-318
MAC access-groups, displaying 2-613
MAC access list configuration mode 2-320
mac access-list extended command 2-320
MAC access lists 2-131
MAC addresses
disabling MAC address learning per VLAN 2-323
displaying
aging time 2-619
all 2-617
dynamic 2-623
MAC address-table move updates 2-628
notification settings 2-627, 2-630
number of addresses in a VLAN 2-621
per interface 2-625
per VLAN 2-634
static 2-632
static and dynamic entries 2-615
dynamic
aging time 2-322
deleting 2-97
displaying 2-623
enabling MAC address notification 2-327
enabling MAC address-table move update 2-325
MAC addresses (continued)
matching 2-332
persistent stack 2-777
static
adding and removing 2-329
displaying 2-632
dropping on an interface 2-330
tables 2-617
MAC address notification, debugging B-24
mac address-table aging-time 2-318, 2-332
mac address-table aging-time command 2-322
mac address-table learning command 2-323
mac address-table move update command 2-325
mac address-table notification command 2-327
mac address-table static command 2-329
mac address-table static drop command 2-330
macros
interface range 2-120, 2-199
maps
QoS
defining 2-345
displaying 2-644
VLAN
creating 2-849
defining 2-332
displaying 2-700
match (access-map configuration) command 2-332
match (class-map configuration) command 2-334
maximum transmission unit
See MTU
mdix auto command 2-336
member switches
See clusters
memory (boot loader) command A-13
mkdir (boot loader) command A-15
MLD snooping
configuring 2-288, 2-289
configuring queries 2-284, 2-286
configuring topology change notification 2-291
displaying 2-590, 2-592, 2-594, 2-596
enabling 2-282
MLD snooping on a VLAN, enabling 2-293
mls qos aggregate-policer command 2-339
mls qos command 2-337
mls qos cos command 2-341
mls qos dscp-mutation command 2-343
mls qos map command 2-345
mls qos queue-set output buffers command 2-349
mls qos queue-set output threshold command 2-351
mls qos rewrite ip dscp command 2-353
mls qos srr-queue input bandwidth command 2-355
mls qos srr-queue input buffers command 2-357
mls qos-srr-queue input cos-map command 2-359
mls qos srr-queue input dscp-map command 2-361
mls qos srr-queue input priority-queue command 2-363
mls qos srr-queue input threshold command 2-365
mls qos-srr-queue output cos-map command 2-367
mls qos srr-queue output dscp-map command 2-369
mls qos trust command 2-371
mls qos vlan-based command 2-373
mode, MVR 2-379
Mode button, and password recovery 2-452
modes, commands 1-2
monitor session command 2-374
more (boot loader) command A-16
MSTP
displaying 2-677
interoperability 2-105
link type 2-737
MSTP (continued)
MST region
aborting changes 2-742
applying changes 2-742
configuration name 2-742
configuration revision number 2-742
current or pending display 2-742
displaying 2-677
MST configuration mode 2-742
VLANs-to-instance mapping 2-742
path cost 2-744
protocol mode 2-740
restart protocol migration process 2-105
root port
loop guard 2-735
preventing from becoming designated 2-735
restricting which can be root 2-735
root guard 2-735
root switch
affects of extended system ID 2-733
hello-time 2-747, 2-755
interval between BDPU messages 2-748
interval between hello BPDU messages 2-747, 2-755
max-age 2-748
maximum hop count before discarding BPDU 2-749
port priority for selection of 2-751
primary or secondary 2-755
switch priority 2-754
state changes
blocking to forwarding state 2-761
enabling BPDU filtering 2-725, 2-759
enabling BPDU guard 2-727, 2-759
enabling Port Fast 2-759, 2-761
forward-delay time 2-746
length of listening and learning states 2-746
rapid transition to forwarding 2-737
shutting down Port Fast-enabled ports 2-759
MSTP (continued)
state information display 2-676
MTU
configuring size 2-831
displaying global setting 2-689
Multicase Listener Discovery
See MLD
multicast group address, MVR 2-382
multicast groups, MVR 2-380
Multicast Listener Discovery
See MLD
multicast router learning method 2-260
multicast router ports, configuring 2-260
multicast router ports, IPv6 2-293
multicast storm control 2-780
multicast VLAN, MVR 2-379
multicast VLAN registration
See MVR
Multiple Spanning Tree Protocol
See MSTP
MVR
and address aliasing 2-380
configuring 2-379
configuring interfaces 2-382
debug messages, display B-28
displaying 2-652
displaying interface information 2-654
members, displaying 2-656
mvr (global configuration) command 2-379
mvr (interface configuration) command 2-382
mvr vlan group command 2-383
N
native VLANs 2-823
native VLAN tagging 2-852
network-policy (global configuration) command 2-386
network-policy command 2-385
network-policy profile (network-policy configuration) command 2-387
nmsp attachment suppress command 2-390
nmsp command 2-389
no authentication logging verbose 2-391
no dot1x logging verbose 2-392
no mab logging verbose 2-393
nonegotiate, speed 2-769
nonegotiating DTP messaging 2-808
non-IP protocols
denying 2-131
forwarding 2-407
non-IP traffic access lists 2-320
non-IP traffic forwarding
denying 2-131
permitting 2-407
non-stop forwarding 2-394
normal-range VLANs 2-848
nsf command 2-394
O
online diagnostics
displaying
configured boot-up coverage level 2-509
current scheduled tasks 2-509
event logs 2-509
supported test suites 2-509
test ID 2-509
test results 2-509
test statistics 2-509
global configuration mode
clearing health monitoring diagnostic test schedule 2-89
clearing test-based testing schedule 2-136
setting health monitoring diagnostic testing 2-89
setting test-based testing 2-136
setting up health monitoring diagnostic test schedule 2-89
online diagnostics (continued)
global configuration mode
setting up test-based testing 2-136
health monitoring diagnostic tests, configuring 2-134
scheduled switchover
disabling 2-136
enabling 2-136
scheduling
enabling 2-136
removing 2-136
testing, starting 2-138
test interval, setting 2-136
P
PAgP
See EtherChannel
pagp learn-method command 2-395
pagp port-priority command 2-397
password, VTP 2-861
password-recovery mechanism, enabling and disabling 2-452
permit (ARP access-list configuration) command 2-399
permit (IPv6) command 2-401
permit (MAC access-list configuration) command 2-407
per-VLAN spanning-tree plus
See STP
physical-port learner 2-395
PID, displaying 2-557
PIM-DVMRP, as multicast router learning method 2-260
PoE
configuring the power budget 2-421
configuring the power management mode 2-418
displaying controller register values 2-503
displaying power management information 2-669
logging of status 2-313
police aggregate command 2-412
police command 2-410
policed-DSCP map 2-345
policy-map command 2-414
policy maps
applying to an interface 2-454, 2-461
creating 2-414
displaying 2-664
hierarchical 2-415
policers
displaying 2-637
for a single class 2-410
for multiple classes 2-339, 2-412
policed-DSCP map 2-345
traffic classification
defining the class 2-81
defining trust states 2-839
setting DSCP or IP precedence values 2-459
Port Aggregation Protocol
See EtherChannel
port-based authentication
AAA method list 2-3, 2-846
configuring violation modes 2-179
debug messages, display B-10
enabling IEEE 802.1x
globally 2-140
per interface 2-168
guest VLAN 2-155
host modes 2-158
IEEE 802.1x AAA accounting methods 2-1
initialize an interface 2-160, 2-175
MAC authentication bypass 2-161
manual control of authorization state 2-168
PAE as authenticator 2-167
periodic re-authentication
enabling 2-172
time between attempts 2-176
quiet period between failed authentication exchanges 2-176
re-authenticating IEEE 802.1x-enabled ports 2-170
resetting configurable IEEE 802.1x parameters 2-153
port-based authentication (continued)
switch-to-authentication server retransmission time 2-176
switch-to-client frame-retransmission number 2-163 to 2-165
switch-to-client retransmission time 2-176
test for IEEE 802.1x readiness 2-174
port-channel load-balance command 2-417
Port Fast, for spanning tree 2-761
port ranges, defining 2-120
ports, debugging B-79
ports, protected 2-821
port security
aging 2-815
debug messages, display B-81
enabling 2-810
violation error recovery 2-189
port trust states for QoS 2-371
port types, MVR 2-382
power information, displaying 2-523
power inline command 2-418
power inline consumption command 2-421
Power over Ethernet
See PoE
power rps command (user EXEC) 2-423
priority-queue command 2-425
priority value, stack member 2-684, 2-785
private-vlan command 2-427
private-vlan mapping command 2-430
private VLANs
association 2-819
configuring 2-427
configuring ports 2-806
displaying 2-695
host ports 2-806
mapping
configuring 2-819
displaying 2-543
promiscuous ports 2-806
privileged EXEC mode 1-2, 1-3
product identification information, displaying 2-557
promiscuous ports, private VLANs 2-806
protected ports, displaying 2-549
pruning
VLANs 2-823
VTP
displaying interface information 2-543
enabling 2-861
pruning-eligible VLAN list 2-825
PVST+
See STP
Q
QoS
auto-QoS
configuring 2-56
debug messages, display B-4
displaying 2-475
auto-QoS trust
configuring 2-53
class maps
creating 2-84
defining the match criteria 2-334
displaying 2-486
defining the CoS value for an incoming packet 2-341
displaying configuration information 2-475, 2-636
DSCP transparency 2-353
DSCP trusted ports
applying DSCP-to-DSCP-mutation map to 2-343
defining DSCP-to-DSCP-mutation map 2-345
QoS (continued)
egress queues
allocating buffers 2-349
defining the CoS output queue threshold map 2-367
defining the DSCP output queue threshold map 2-369
displaying buffer allocations 2-640
displaying CoS output queue threshold map 2-644
displaying DSCP output queue threshold map 2-644
displaying queueing strategy 2-640
displaying queue-set settings 2-647
enabling bandwidth shaping and scheduling 2-773
enabling bandwidth sharing and scheduling 2-775
limiting the maximum output on a port 2-771
mapping a port to a queue-set 2-432
mapping CoS values to a queue and threshold 2-367
mapping DSCP values to a queue and threshold 2-369
setting maximum and reserved memory allocations 2-351
setting WTD thresholds 2-351
enabling 2-337
ingress queues
allocating buffers 2-357
assigning SRR scheduling weights 2-355
defining the CoS input queue threshold map 2-359
defining the DSCP input queue threshold map 2-361
displaying buffer allocations 2-640
displaying CoS input queue threshold map 2-644
displaying DSCP input queue threshold map 2-644
displaying queueing strategy 2-640
displaying settings for 2-638
enabling the priority queue 2-363
QoS (continued)
ingress queues
mapping CoS values to a queue and threshold 2-359
mapping DSCP values to a queue and threshold 2-361
setting WTD thresholds 2-365
maps
defining 2-345, 2-359, 2-361, 2-367, 2-369
displaying 2-644
policy maps
applying an aggregate policer 2-412
applying to an interface 2-454, 2-461
creating 2-414
defining policers 2-339, 2-410
displaying policers 2-637
displaying policy maps 2-664
hierarchical 2-415
policed-DSCP map 2-345
setting DSCP or IP precedence values 2-459
traffic classifications 2-81
trust states 2-839
port trust states 2-371
queues, enabling the expedite 2-425
statistics
in-profile and out-of-profile packets 2-640
packets enqueued or dropped 2-640
sent and received CoS values 2-640
sent and received DSCP values 2-640
trusted boundary for IP phones 2-371
VLAN-based 2-373
quality of service
See QoS
querytime, MVR 2-379
queue-set command 2-432
R
radius-server dead-criteria command 2-433
radius-server host command 2-435
rapid per-VLAN spanning-tree plus
See STP
rapid PVST+
See STP
rcommand command 2-437
re-authenticating IEEE 802.1x-enabled ports 2-170
re-authentication
periodic 2-172
time between attempts 2-176
receiver ports, MVR 2-382
receiving flow-control packets 2-195
recovery mechanism
causes 2-189
display 2-88, 2-481, 2-527, 2-531
timer interval 2-190
redundancy for cluster switches 2-117
redundant power supply
See RPS
reload command 2-439
remote command 2-441
remote-span command 2-442
Remote Switched Port Analyzer
See RSPAN
rename (boot loader) command A-17
renew ip dhcp snooping database command 2-444
reset (boot loader) command A-18
resource templates, displaying 2-672
restricted VLAN
See dot1x auth-fail vlan
rmdir (boot loader) command A-19
rmon collection stats command 2-447
root guard, for spanning tree 2-735
routed ports
IP addresses on 2-207
number supported 2-207
RPS 2300
configuring 2-423
managing 2-423
RSPAN
configuring 2-374
displaying 2-650
filter RSPAN traffic 2-374
remote-span command 2-442
sessions
displaying 2-650
S
scheduled switchover
disabling 2-136
enabling 2-136
SDM mismatch mode 2-449, 2-685
sdm prefer command 2-448
SDM templates
allowed resources 2-450
and stacking 2-449
displaying 2-672
dual IPv4 and IPv6 2-448
secure ports, limitations 2-812
sending flow-control packets 2-195
service password-recovery command 2-452
service-policy command 2-454
session command 2-457
set (boot loader) command A-20
set command 2-459
setup command 2-461
setup express command 2-464
show access-lists command 2-466
show archive status command 2-469
show arp access-list command 2-470
show authentication command 2-471
show auto qos command 2-475
show boot command 2-479
show cable-diagnostics tdr command 2-481
show cisp command 2-485
show class-map command 2-486
show cluster candidates command 2-489
show cluster command 2-487
show cluster members command 2-491
show controllers cpu-interface command 2-493
show controllers ethernet-controller command 2-495
show controllers power inline command 2-503
show controllers tcam command 2-505
show controller utilization command 2-507
show dot1q-tunnel command 2-512
show dot1x command 2-513
show dtp 2-518
show eap command 2-520
show env command 2-523
show errdisable detect command 2-527
show errdisable flap-values command 2-529
show errdisable recovery command 2-531
show etherchannel command 2-533
show fallback profile command 2-536
show flowcontrol command 2-538
show idprom command 2-540
show interfaces command 2-543
show interfaces counters command 2-554
show inventory command 2-557
show ip arp inspection command 2-558
show ipc command 2-583
show ip dhcp snooping binding command 2-563
show ip dhcp snooping command 2-562
show ip dhcp snooping database command 2-565, 2-567
show ip igmp profile command 2-570
show ip igmp snooping address command 2-592
show ip igmp snooping command 2-571, 2-590
show ip igmp snooping groups command 2-574
show ip igmp snooping mrouter command 2-576, 2-594
show ip igmp snooping querier command 2-578, 2-596
show ip source binding command 2-580
show ipv6 access-list command 2-587
show ipv6 dhcp conflict command 2-589
show ipv6 route updated 2-598
show ip verify source command 2-581
show l2protocol-tunnel command 2-600
show lacp command 2-603
show link state group command 2-611
show lldp command 2-607
show location 2-608
show mac access-group command 2-613
show mac address-table address command 2-617
show mac address-table aging time command 2-619
show mac address-table command 2-615
show mac address-table count command 2-621
show mac address-table dynamic command 2-623
show mac address-table interface command 2-625
show mac address-table learning command 2-627
show mac address-table move update command 2-628
show mac address-table notification command 2-99, 2-630, B-26
show mac address-table static command 2-632
show mac address-table vlan command 2-634
show mls qos aggregate-policer command 2-637
show mls qos command 2-636
show mls qos input-queue command 2-638
show mls qos interface command 2-640
show mls qos maps command 2-644
show mls qos queue-set command 2-647
show mls qos vlan command 2-649
show monitor command 2-650
show mvr command 2-652
show mvr interface command 2-654
show mvr members command 2-656
show network-policy profile command 2-658
show nmsp command 2-659
show pagp command 2-662
show platform acl command C-2
show platform backup interface command C-3
show platform configuration command C-4
show platform etherchannel command C-5
show platform forward command C-6
show platform frontend-controller command C-8
show platform igmp snooping command C-9
show platform ipc trace command C-17
show platform ip multicast command C-11
show platform ip unicast command C-12
show platform ipv6 unicast command C-18
show platform ip wccp command C-16
show platform layer4op command C-20
show platform mac-address-table command C-21
show platform messaging command C-22
show platform monitor command C-23
show platform mvr table command C-24
show platform pm command C-25
show platform port-asic command C-26
show platform port-security command C-31
show platform qos command C-32
show platform resource-manager command C-33
show platform snmp counters command C-35
show platform spanning-tree command C-36
show platform stack manager command C-38
show platform stp-instance command C-37
show platform tb command C-42
show platform tcam command C-44
show platform vlan command C-47
show policy-map command 2-664
show port security command 2-666
show power inline command 2-669
show sdm prefer command 2-672
show setup express command 2-675
show spanning-tree command 2-676
show storm-control command 2-682
show switch command 2-684
show system mtu command 2-689
show trust command 2-839
show udld command 2-690
show version command 2-693
show vlan access-map command 2-700
show vlan command 2-695
show vlan command, fields 2-697
show vlan filter command 2-701
show vmps command 2-702
show vtp command 2-704
shutdown command 2-709
shutdown threshold, Layer 2 protocol tunneling 2-297
shutdown vlan command 2-710
small violation-rate command 2-711
SNMP host, specifying 2-718
SNMP informs, enabling the sending of 2-713
snmp-server enable traps command 2-713
snmp-server host command 2-718
snmp trap mac-notification change command 2-722
SNMP traps
enabling MAC address notification trap 2-722
enabling the MAC address notification feature 2-327
enabling the sending of 2-713
SoftPhone
See Cisco SoftPhone
software images
copying 2-8
deleting 2-122
downloading 2-11
upgrading 2-8, 2-11
uploading 2-18
software version, displaying 2-693
source ports, MVR 2-382
SPAN
configuring 2-374
debug messages, display B-27
displaying 2-650
filter SPAN traffic 2-374
sessions
add interfaces to 2-374
displaying 2-650
start new 2-374
spanning-tree backbonefast command 2-724
spanning-tree bpdufilter command 2-725
spanning-tree bpduguard command 2-727
spanning-tree cost command 2-729
spanning-tree etherchannel command 2-731
spanning-tree extend system-id command 2-733
spanning-tree guard command 2-735
spanning-tree link-type command 2-737
spanning-tree loopguard default command 2-739
spanning-tree mode command 2-740
spanning-tree mst configuration command 2-742
spanning-tree mst cost command 2-744
spanning-tree mst forward-time command 2-746
spanning-tree mst hello-time command 2-747
spanning-tree mst max-age command 2-748
spanning-tree mst max-hops command 2-749
spanning-tree mst port-priority command 2-751
spanning-tree mst pre-standard command 2-753
spanning-tree mst priority command 2-754
spanning-tree mst root command 2-755
spanning-tree portfast (global configuration) command 2-759
spanning-tree portfast (interface configuration) command 2-761
spanning-tree port-priority command 2-757
Spanning Tree Protocol
See STP
spanning-tree transmit hold-count command 2-763
spanning-tree uplinkfast command 2-764
spanning-tree vlan command 2-766
speed command 2-769
srr-queue bandwidth limit command 2-771
srr-queue bandwidth share command 2-775
SSH, configuring version 2-267
stack-mac persistent timer command 2-777
stack member
access 2-457
number 2-684, 2-788
priority value 2-785
provisioning 2-786
reloading 2-439
stacks, switch
disabling a member 2-783
enabling a member 2-783
MAC address 2-777
provisioning a new member 2-786
reloading 2-439
stack member access 2-457
stack member number 2-684, 2-788
stack member priority value 2-684, 2-785
static-access ports, configuring 2-792
statistics, Ethernet group 2-447
sticky learning, enabling 2-810
storm-control command 2-780
STP
BackboneFast 2-724
counters, clearing 2-104
debug messages, display
BackboneFast events B-85
MSTP B-88
optimized BPDUs handling B-87
spanning-tree activity B-83
switch shim B-90
transmitted and received BPDUs B-86
UplinkFast B-92
detection of indirect link failures 2-724
enabling protocol tunneling for 2-297
EtherChannel misconfiguration 2-731
extended system ID 2-733
path cost 2-729
protocol modes 2-740
root port
accelerating choice of new 2-764
loop guard 2-735
preventing from becoming designated 2-735
restricting which can be root 2-735
root guard 2-735
UplinkFast 2-764
STP (continued)
root switch
affects of extended system ID 2-733, 2-767
hello-time 2-766
interval between BDPU messages 2-766
interval between hello BPDU messages 2-766
max-age 2-766
port priority for selection of 2-757
primary or secondary 2-766
switch priority 2-766
state changes
blocking to forwarding state 2-761
enabling BPDU filtering 2-725, 2-759
enabling BPDU guard 2-727, 2-759
enabling Port Fast 2-759, 2-761
enabling timer to recover from error state 2-189
forward-delay time 2-766
length of listening and learning states 2-766
shutting down Port Fast-enabled ports 2-759
state information display 2-676
VLAN options 2-754, 2-766
SVIs, creating 2-201
SVI status calculation 2-794
Switched Port Analyzer
See SPAN
switching characteristics
modifying 2-790
returning to interfaces 2-790
switchport access command 2-792
switchport autostate exclude command 2-794
switchport backup interface command 2-796
switchport block command 2-800
switchport command 2-790
switchport host command 2-802
switchport mode command 2-803
switchport mode private-vlan command 2-806
switchport nonegotiate command 2-808
switchport port-security aging command 2-815
switchport port-security command 2-810
switchport priority extend command 2-817
switchport private-vlan command 2-819
switchport protected command 2-821
switchports, displaying 2-543
switchport trunk command 2-823
switchport voice vlan command 2-826, 2-827
switch priority command 2-783, 2-785
switch provision command 2-786
switch renumber command 2-788
system env temperature threshold yellow command 2-829
system message logging 2-313
system message logging, save message to flash 2-314
system mtu command 2-831
system resource templates 2-448
T
tar files, creating, listing, and extracting 2-15
TDR, running 2-833
Telnet, using to communicate to cluster switches 2-437
temperature information, displaying 2-523
templates, system resources 2-448
test cable-diagnostics tdr command 2-833
traceroute mac command 2-834
traceroute mac ip command 2-837
trunking, VLAN mode 2-803
trunk mode 2-803
trunk ports 2-803
trunks, to non-DTP device 2-804
trusted boundary for QoS 2-371
trusted port states for QoS 2-371
tunnel ports, Layer 2 protocol, displaying 2-600
type (boot loader) command A-23
U
UDLD
aggressive mode 2-841, 2-843
debug messages, display B-100
enable globally 2-841
enable per interface 2-843
error recovery timer 2-189
message timer 2-841
normal mode 2-841, 2-843
reset a shutdown interface 2-845
status 2-690
udld command 2-841
udld port command 2-843
udld reset command 2-845
unicast storm control 2-780
UniDirectional Link Detection
See UDLD
unknown multicast traffic, preventing 2-800
unknown unicast traffic, preventing 2-800
unset (boot loader) command A-24
upgrading
software images
copying 2-8
downloading 2-11
monitoring status of 2-469
UplinkFast, for STP 2-764
user EXEC mode 1-2, 1-3
V
version (boot loader) command A-26
version mismatch mode 2-685, C-39
vlan access-map command 2-849
VLAN access map configuration mode 2-849
VLAN access maps
actions 2-6
displaying 2-700
VLAN-based QoS 2-373
VLAN configuration mode
commands
VLAN 2-848
VTP 2-866
description 1-4
entering 2-851
summary 1-3
vlan dot1q tag native command 2-852
vlan filter command 2-853
VLAN filters, displaying 2-701
VLAN maps
applying 2-853
creating 2-849
defining 2-332
displaying 2-700
VLAN Query Protocol
See VQP
VLANs
configuring 2-848
debug messages, display
ISL B-96
VLAN IOS file system error tests B-95
VLAN manager activity B-93
VTP B-98
displaying configurations 2-695
enabling guest VLAN supplicant 2-143, 2-154, 2-194
MAC addresses
displaying 2-634
number of 2-621
normal-range 2-848
private 2-806
configuring 2-427
displaying 2-695
See also private VLANs
restarting 2-710
shutting down 2-710
SNMP traps for VTP 2-716, 2-719
suspending 2-710
VLAN Trunking Protocol
See VTP
VM mode 2-685, C-39
VMPS
configuring servers 2-858
displaying 2-702
error recovery timer 2-190
reconfirming dynamic VLAN assignments 2-855
vmps reconfirm (global configuration) command 2-856
vmps reconfirm (privileged EXEC) command 2-855
vmps retry command 2-857
vmps server command 2-858
voice VLAN
configuring 2-826, 2-827
setting port priority 2-817
VQP
and dynamic-access ports 2-793
clearing client statistics 2-106
displaying information 2-702
per-server retry count 2-857
reconfirmation interval 2-856
reconfirming dynamic VLAN assignments 2-855
VTP
changing characteristics 2-860
clearing pruning counters 2-107
configuring
domain name 2-860
file name 2-860
mode 2-860
password 2-861
counters display fields 2-705
displaying information 2-704
enabling
pruning 2-861
tunneling for 2-297
Version 2 2-861
enabling per port 2-865
mode 2-860
pruning 2-861
VTP (continued)
statistics 2-704
status 2-704
status display fields 2-707
vtp (global configuration) command 2-860
vtp interface configuration) command 2-865
vtp primary command 2-867
W
wireless controller, accessing 2-457
wireless controller switch. B-103
X
XENPAK module serial EERPOM information 2-499, 2-540