Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.2(25)SG
Index
Downloads: This chapterpdf (PDF - 906.0KB) The complete bookPDF (PDF - 7.29MB) | Feedback

Index         

Table Of Contents

         

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V -

Index         

Numerics

10/100 autonegotiation feature, forced4-8

10-Gigabit Ethernet port

deploy with Gigabit Ethernet SFP ports4-6

802.10 SAID (default)10-4

802.1Q

trunks13-6

tunneling

compatibility with other features18-5

defaults18-4

described18-2

tunnel ports with other features18-6

802.1Q VLANs

encapsulation11-3

trunk restrictions11-5

802.1s

See MST

802.1w

See MST

802.1X

See port-based authentication

802.1X authentication

for guest VLANs29-6

RADIUS accounting29-10

with port security29-8

with VLAN assignment29-5

with voice VLAN ports29-12

802.3ad

See LACP

A

abbreviating commands2-5

access control entries

See ACEs

access list filtering, SPAN enhancement37-13

access ports

and Layer 2 protocol tunneling18-9

configuring11-8

access VLANs11-6

accounting

configuring for 802.1X29-19

ACEs

ACLs33-2

Ethernet33-2

IP33-2

Layer 4 operation restrictions33-8

ACLs

ACEs33-2

and SPAN37-5

and TCAM programming33-6

applying on routed packets33-21

applying on switched packets33-20

compatibility on the same switch33-3

configuring with VLAN maps33-20

CPU impact33-9

hardware and software support33-5

IP, matching criteria for port ACLs33-4

MAC extended33-11

matching criteria for router ACLs33-3

port

and voice VLAN33-4

defined33-2

limitations33-4

processing33-9

types supported33-2

acronyms, list ofA-1

active queue management27-14

adding members to a community9-10

addresses

See MAC addresses

adjacency tables

description23-2

displaying statistics23-9

advertisements, VTP

See VTP advertisements

alarms

major7-2

minor7-2

asymmetrical links, and 802.1Q tunneling18-4

audiencexxiii

authentication

See also port-based authentication

authentication server

defined29-3

RADIUS server29-3

authorized and unauthorized ports29-4

authorized ports with 802.1X29-4

autoconfiguration3-2

automatic discovery

considerations9-9

automatic QoS

See QoS

autonegotiation feature

forced 10/100Mbps4-8

Auto-QoS

configuring27-17

auto-sync command6-8

B

BackboneFast

adding a switch (figure)14-3

and MST15-2

configuring14-15

link failure (figure)14-13, 14-14

not supported MST15-2

understanding14-12

See also STP

BGP1-8

routing session with multi-VRF CE26--6

blocking packets35-1

blocking state (STP)

RSTP comparisons (table)15-4

boot bootldr command3-24

boot command3-21

boot fields

See configuration register boot fields

boot system command3-19, 3-24

boot system flash command3-21

Border Gateway Protocol

See BGP

boundary ports

description15-6

BPDU Guard

and MST15-2

configuring14-15

overview14-7

BPDUs

and media speed13-2

pseudobridges and15-5

what they contain13-3

bridge ID

See STP bridge ID

bridge priority (STP)13-16

bridge protocol data units

See BPDUs

broadcast storm control

disabling36-4

BSR

configuration example24-21

burst rate27-50

burst size27-28

C

candidates

automatic discovery9-9

candidate switch, cluster

defined9-14

requirements9-14

cautions for passwords

encrypting3-16

TACACS+3-15

CDP

and trusted boundary27-26

configuration19-2

displaying configuration19-3

enabling on interfaces19-3

Layer 2 protocol tunneling18-7

maintaining19-3

monitoring19-3

overview1-2, 19-1

CDP, automatic discovery in communities9-9

cdp enable command19-3

CEF

adjacency tables23-2

configuring load balancing23-7

displaying statistics23-8

enabling23-6

hardware switching23-4

load balancing23-6

overview23-1

software switching23-4

CGMP

overview17-1

channel-group group command16-7, 16-10

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco Group Management Protocol

See CGMP

Cisco IOS NSF-awareness support6-2

Cisco IP Phones

configuring28-2

Cisco IP phones

sound quality28-1

CIST

description15-2

class-map command27-29

class of service

See CoS

clear cdp counters command19-4

clear cdp table command19-3

clear counters command4-14

clearing

IP multicast table entries24-20

clear ip flow stats command38-9

CLI

accessing2-1

backing out one level2-5

getting commands2-5

history substitution2-3

managing clusters9-14

modes2-5

monitoring environments37-1

ROM monitor2-6

software basics2-4

clients

in 802.1X authentication29-2

clustering switches

command switch characteristics9-13, 9-14

and VTY9-13

convert to a community9-11

managing

through CLI9-14

overview9-13

planning considerations

CLI9-14

passwords9-10

command-line processing2-3

command modes2-5

commands

listing2-5

command switch, cluster

requirements9-13

common and internal spanning tree

See CIST

common spanning tree

See CST

community of switches

access modes in Network Assistant9-10

adding devices9-10

candidate characterisitcs9-8

communication protocols9-10

community name9-9

configuration information9-10

converting from a cluster9-11

host name9-10

passwords9-10

community ports

description34-1

community VLANs

and SPAN features34-4

configure as a PVLAN34-5

description34-1

config-register command3-22

config terminal command3-9

configuration files

obtaining with DHCP3-6

saving3-10

configuration register

boot fields

listing value3-22

modifying3-21

changing settings3-21to 3-22

configuring3-19

settings at startup3-20

configure terminal command3-22, 4-2

console configuration mode2-5

console port

disconnecting user sessions5-6

monitoring user sessions5-6

copy running-config startup-config command3-10

copy system:running-config nvram:startup-config command3-24

CoS

configuring port value27-47

definition27-3

figure27-2

overriding on Cisco IP Phones28-4

priority28-4

CoS-to-DSCP maps27-51

counters

clearing MFIB24-20

clearing on interfaces4-14

CPU port sniffing37-10

CST

description15-5

IST and15-2

MST and15-2

customer edge devices26--2

D

default configuration

802.1X29-14

auto-QoS27-17

IGMP filtering17-17

Layer 2 protocol tunneling18-9

multi-VRF CE26--3

SPAN and RSPAN37-6

default gateway

configuring3-11

verifying configuration3-11

default ports

and support for 802.1X authentication29-15

default settings, erase commad3-25

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports4-6

description command4-10

detecting unidirectional links20-1

DHCP-based autoconfiguration

client request message exchange3-3

configuring

client side3-2

DNS3-5

relay device3-5

server-side3-4

TFTP server3-4

example3-7

lease options

for IP address information3-4

for receiving the configuration file3-4

overview3-2

relationship to BOOTP3-3

DHCP snooping

configuring31-3

default configuration31-3

displaying binding tables31-10

displaying configuration31-11

enabling31-4

enabling on private VLAN31-6

enabling the database agent31-6

monitoring31-10, 31-13, 31-14

overview31-1

Snooping database agent31-2

DHCP Snooping Database Agent

adding to the database (example)31-9

enabling (example)31-7

overview31-2

reading from a TFTP file (example)31-8

Diagnostics

online17

troubleshooting18

Power-On-Self-Test

causes of failure28

how it works19

overview19

Power-On-Self-Test for Supervisor Engine V-10GE23

Differentiated Services Code Point values

See DSCP values

DiffServ architecture, QoS27-2

disabled state

RSTP comparisons (table)15-4

disabling

broadcast storm control36-4

disconnect command5-6

discovery, clusters

See automatic discovery

DNS

and DHCP-based autoconfiguration3-5

documentation

organizationxxiii

relatedxxv

double-tagged packets

802.1Q tunneling18-2

Layer 2 protocol tunneling18-9

drop threshold for Layer 2 protocol packets18-9

DSCP maps27-51

DSCP-to-CoS maps

configuring27-53

DSCP values

configuring maps27-51

configuring port value27-47

definition27-4

IP precedence27-2

mapping markdown27-24

mapping to transmit queues27-48

DTP

VLAN trunks and11-3

duplex command4-9

duplex mode

configuring interface4-7

dynamic ARP inspection

ARP cache poisoning32-2

configuring

ACLs for non-DHCP environments32-10

in DHCP environments32-5

log buffer32-14

rate limit for incoming ARP packets32-16

denial-of-service attacks, preventing32-16

interface trust state, security coverage32-3

log buffer

configuring32-14

logging of dropped packets32-4

logging of dropped packets, described32-4

overview32-1

port channels, their behavior32-4

priority of static bindings32-4

purpose of32-2

rate limiting of ARP packets32-4

configuring32-16

validation checks, performing32-18

Dynamic Host Configuration Protocol snooping

See DHCP snooping

dynamic port VLAN membership

example10-26

limit on hosts10-25

reconfirming10-23

troubleshooting10-25

Dynamic Trunking Protocol

See DTP

E

EAP frame

request/identity29-3

response/identity29-3

EAP frames

changing retransmission time29-26

exchanging (figure)29-4

setting retransmission number29-27

EAPOL frames

802.1X authentication and29-2

OTP authentication, example (figure)29-4

start29-3

edge ports

description15-7

EGP

overview1-8

EIGRP

overview1-7

Embedded CiscoView

displaying information9-24

installing and configuring9-21

overview9-21

enable command3-9, 3-21

enable mode2-5

encapsulation types11-3

Enhanced Interior Gateway Routing Protocol

See EIGRP

environmental monitoring

LED indications7-2

SNMP traps7-2

supervisor engine7-2

switching modules7-2

using CLI commands7-1

EtherChannel

channel-group group command16-7, 16-10

configuration guidelines16-5

configuring16-6to 16-14

configuring Layer 216-9

configuring Layer 316-6

interface port-channel command16-7

lacp system-priority

command example16-12

modes16-3

overview16-1

PAgP

Understanding16-3

physical interface configuration16-7

port-channel interfaces16-2

port-channel load-balance command16-12

ports, 802.1X authentication not supported in29-15

removing16-14

removing interfaces16-13

explicit host tracking

enabling17-8

extended range VLANs

See VLANs

Extensible Authentication Protocol over LAN29-1

Exterior Gateway Protocol

See EGP

F

FastDrop

clearing entries24-20

displaying entries24-19

overview24-10

FIB

description23-2

See also MFIB

filtering

in a VLAN33-12

non-IP traffic33-11

flags24-11

Flash memory

configuring router to boot from3-24

loading system images from3-23

security precautions3-23

flooded traffic, blocking35-2

forward-delay time (STP)

configuring13-18

forwarding information base

See FIB

G

gateway

See default gateway

Gigabit Ethernet SFP ports

deploy with 10-Gigabit Ethernet4-6

global configuration mode2-5

Guest-VLANs

configure with 802.1X29-20, 29-22, 29-24

H

hardware and software ACL support33-5

hardware switching23-5

hello time (STP)

configuring13-17

history

CLI2-3

hop counts

configuring MST bridges15-7

host

configuring host statically17-8

limit on dynamic port10-25

Hot Standby Routing Protocol

See HSRP

HSRP

description1-6

hw-module module num power command7-19

I

ICMP

enabling5-12

ping5-7

running IP traceroute5-8

time exceeded messages5-8

IDS

using with SPAN and RSPAN37-2

IEEE 802.1s

See MST

IEEE 802.1w

See MST

IEEE 802.3ad

See LACP

IGMP

description24-3

enabling24-13

explicit host tracking17-3, 17-8

immediate-leave processing17-3

overview17-1

IGMP filtering

configuring17-17

default configuration17-17

described17-16

monitoring17-20

IGMP groups

setting the maximum number17-19

IGMP profile

applying17-18

configuration mode17-17

configuring17-17

IGMP snooping

configuration guidelines17-4

enabling17-5

IP multicast and24-4

monitoring17-11

overview17-1

IGRP

description1-7

immediate-leave processing

enabling17-7

IGMP

See fast-leave processing

ingress packets, SPAN enhancement37-12

inline power

configuring on Cisco IP phones28-4

insufficient inline power handling for Supervisor Engine II-TS7-10

Intelligent Power Management8-5

interface command3-9, 4-1

interface port-channel command16-7

interface range command4-4

interface range macro command4-5

interfaces

adding descriptive name4-10

clearing counters4-14

configuring4-2

configuring ranges4-4

displaying information about4-14

Layer 2 modes11-4

maintaining4-13

monitoring4-13

naming4-10

numbers4-2

overview4-1

restarting4-15

See also Layer 2 interfaces

Interior Gateway Routing Protocol

See IGRP

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Inter-Switch Link encapsulation

See ISL encapsulation

Intrusion Detection System

See IDS

IP

configuring default gateway3-11

configuring static routes3-11

displaying statistics23-8

flow switching cache38-9

IP addresses

cluster candidate or member9-14

cluster command switch9-13

ip cef command23-6

ip flow-aggregation cache destination-prefix command38-11

ip flow-aggregation cache prefix command38-11

ip flow-aggregation cache source-prefix command38-12

ip flow-export command38-9

ip icmp rate-limit unreachable command5-12

ip igmp profile command17-17

ip igmp snooping tcn flood command17-10

ip igmp snooping tcn flood query count command17-10

ip igmp snooping tcn query solicit command17-11

IP information

assigned

through DHCP-based autoconfiguration3-2

ip load-sharing per-destination command23-7

ip local policy route-map command25-5

ip mask-reply command5-13

IP multicast

clearing table entries24-20

configuring24-12

default configuration24-13

displaying PIM information24-15

displaying the routing table information24-16

enabling24-13

enabling dense-mode PIM24-14

enabling sparse-mode24-14

features not supported24-12

hardware forwarding24-8

IGMP snooping and17-4, 24-4

monitoring24-15

overview24-1

routing protocols24-2

software forwarding24-8

See also Auto-RP; IGMP; PIM; RP; RPF

ip multicast-routing command24-13

IP phones

automatic classification and queueing27-17

configuring voice ports28-2

See Cisco IP Phones28-1

trusted boundary for QoS27-26

ip pim command24-14

ip pim dense-mode command24-14

ip pim sparse-dense-mode command24-15

ip policy route-map command25-4

ip redirects command5-12

ip route-cache flow command38-7

IP routing tables

deleting entries24-20

IP Source Guard

configuring31-12

configuring on private VLANs31-13

displaying31-13, 31-14

overview31-11

IP statistics

displaying23-8

IP traceroute

executing5-9

overview5-8

IP unicast

displaying statistics23-8

ip unreachables command5-12

IPX

redistribution of route information with EIGRP1-7

ISL

encapsulation11-3

trunking with 802.1Q tunneling18-4

isolated ports

description34-1

isolated VLANs

description34-1

IST

description15-2

master15-7

MST regions and15-2

J

jumbo frames

and ethernet ports4-11

configuring MTU sizes for4-12

ports and linecards that support4-10

VLAN interfaces4-12

K

keyboard shortcuts2-3

L

l2protocol-tunnel command18-11

labels

definition27-3

LACP

system ID16-4

Layer 2 access ports11-8

Layer 2 frames

classification with CoS27-2

Layer 2 interfaces

assigning VLANs10-8

configuring11-5

configuring as PVLAN host ports34-8

configuring as PVLAN promiscuous ports34-7

configuring as PVLAN trunk ports34-9

defaults11-5

disabling configuration11-9

modes11-4

show interfaces command11-7

Layer 2 interface type

resetting34-12

setting34-12

Layer 2 protocol tunneling

configuring18-9

default configuration18-9

defined18-7

guidelines18-10

Layer 2 switching

overview11-1

Layer 2 Traceroute

and ARP5-10

and CDP5-9

host-to-host paths5-9

IP addresses and subnets5-10

MAC addresses and VLANs5-10

multicast traffic5-10

multiple devices on a port5-10

unicast traffic1-15, 5-9

usage guidelines5-9

Layer 2 trunks

configuring11-6

overview11-3

Layer 3 packets

classification methods27-2

Layer 4 port operations

configuration guidelines33-8

restrictions33-8

LEDs

description (table)7-2

listening state (STP)

RSTP comparisons (table)15-4

load balancing

configuring for CEF23-7

configuring for EtherChannel16-12

overview16-5, 23-6

per-destination23-7

login timer

changing5-6

logoutwarning command5-6

loop guard

and MST15-2

configuring14-4

overview14-3

M

MAC addresses

allocating13-5

building tables11-2

convert dynamic to sticky secure30-2

displaying5-3

displaying in DHCP snooping binding table31-11

in ACLs33-11

sticky30-2

sticky secure, adding30-2

MAC extended access lists33-11

macros

See SmartPort macros

main-cpu command6-8

mapping

DSCP markdown values27-24

DSCP values to transmit queues27-48

mapping tables

configuring DSCP27-51

described27-14

mask destination command38-11

mask source command38-11, 38-12

match ip address command25-3

maximum aging time (STP)

configuring13-18

members

automatic discovery9-9

member switch

managing9-14

member switch, cluster

defined9-13

requirements9-14

metro tags18-2

MFIB

CEF24-5

displaying24-18

overview24-11

modules

checking status5-1

powering down7-19

monitoring

802.1Q tunneling18-12

ACL information33-28

IGMP filters17-20

IGMP snooping17-11

Layer 2 protocol tunneling18-12

multi-VRF CE26--11

tunneling18-12

VLAN filters33-19

VLAN maps33-19

M-record15-2

MST

and multiple spanning trees1-3, 15-2

boundary ports15-6

BPDUs15-2

configuration parameters15-5

configuring15-9

displaying configurations15-13

edge ports15-7

enabling15-9

hop count15-7

instances

configuring parameters15-12

description15-2

number supported15-5

interoperability with PVST+15-2

link type15-7

master15-7

message age15-7

regions15-5, 15-6

restrictions15-8

to-SST interoperability15-4

MSTP

M-record15-2

M-tree15-2

M-tree15-2

MTU size

configuring4-12, 4-16

default10-4

multicast

See IP multicast

multicast packets

blocking35-2

multicast routers

displaying routing tables24-16

flood suppression17-9

Multicast Storm Control

overview36-6

suppression on WS-X401436-7

suppression on WS-X401636-6

multiple forwarding paths1-3, 15-2

Multiple Spanning Tree

See MST

multiple VPN routing/forwarding

See multi-VRF CE

multi-VRF CE

components26--3

configuration example26--7

default configuration26--3

defined26--1

displaying26--11

monitoring26--11

network components26--3

packet-forwarding process26--3

N

native VLAN

and 802.1Q tunneling18-4

specifying11-6

NetFlow

aggregation

minimum mask,default value38-11

destination-prefix aggregation

configuration (example)38-16

minimum mask, configuring38-11

IP

flow switching cache38-9

prefix aggregation

configuration (example)38-14

minimum mask, configuring38-11

source-prefix aggregation

minimum mask, configuring38-11

switching

checking for required hardware38-6

configuration (example)38-13

configuring switched IP flows38-8

enabling Collection38-7

exporting cache entries38-9

statistics38-9

NetFlow statistics

caveats on supervisor38-6

checking for required hardware38-6

configuring collection38-6

enabling Collection38-7

exporting cache entries38-9

overview of collection38-1

switched/bridged IP flows38-8

Network Assistant

and VTY9-13

configure

enable communication with switch9-15, 9-18

connect to a device9-7

default configuration9-4

installation requirements9-2

installing9-5

launch9-6

overview of CLI commands9-4

software and hardware requirements9-2

network fault tolerance1-3, 15-2

network management

configuring19-1

New Software Features in Release 7.7

TDR5-3

Next Hop Resolution Protocol

See NHRP

NFFC/NFFC II

IGMP snooping and17-4

NHRP

support1-8

non-IP traffic filtering33-11

non-RPF traffic

description24-9

in redundant configurations (figure)24-10

nonvolatile random-access memory

See NVRAM

normal-range VLANs

See VLANs

NSF-awareness support6-2

NVRAM

saving settings3-10

O

OIR

overview4-13

Online Diagnostics17

online insertion and removal

See OIR

Open Shortest Path First

See OSPF

operating system images

See system images

OSPF

area concept1-7

description1-6

P

packets

modifying27-16

software processed

and QoS27-16

packet type filtering

overview37-14

SPAN enhancement37-14

PAgP

understanding16-3

passwords

configuring enable password3-14

configuring enable secret password3-14

encrypting3-15

recovering lost enable password3-18

setting line password3-14

setting TACACS+3-15

passwords in clusters9-10

PBR (policy-based routing)

configuration (example)25-5

enabling25-3

features25-2

overview25-1

route maps25-2

when to use25-2

per-port and VLAN Access Control List31-11

per-port per-VLAN QoS

enabling27-41

overview27-16

Per-VLAN Rapid Spanning Tree13-6

enabling13-20

overview13-6

PE to CE routing, configuring26--6

PIM

configuring dense mode24-14

configuring sparse mode24-14

displaying information24-15

displaying statistics24-20

enabling sparse-dense mode24-14, 24-15

overview24-3

PIM-DM24-3

PIM-SM24-3

ping

executing5-7

overview5-7

ping command5-7, 24-15

PoE8-7

configuring power consumption for single device8-4

configuring power consumption for switch8-4

power consumption for powered devices

Intelligent Power Management8-5

overview8-3

supported cabling topology8-5

powering down a module7-19

power management modes8-2

show interface status8-6

point-to-point

in 802.1X authentication (figure)29-2, 29-10

police command27-33

policed-DSCP map27-52

policers

description27-5

types of27-10

policies

See QoS policies

policing

See QoS policing

policy-map command27-30, 27-32

policy maps

attaching to interfaces27-35

configuring27-31

port ACLs

and voice VLAN33-4

defined33-2

limitations33-4

Port Aggregation Protocol

see PAgP

port-based authentication

802.1X with voice VLAN29-12

changing the quiet period29-25

client, defined29-2

configuration guidelines29-15

configure 802.1X accounting29-19

configure switch-to-RADIUS server communication29-17

configure with Guest-VLANs29-20, 29-22, 29-24

configuring Guest-VLAN29-17

configuring manual re-authentication of a client29-25

controlling authorization state29-4

default configuration29-14

described29-1

device roles29-2

disabling29-17

displaying statistics29-28

enabling29-16

enabling multiple hosts29-27

enabling periodic re-authentication29-24

encapsulation29-2

initiation and message exchange29-3

method lists29-16

ports not supported29-4

resetting to default values29-28

setting retransmission number29-27

setting retransmission time29-26

topologies, supported29-13

using with port security29-8

with VLAN assignment29-5

port-based QoS features

See QoS

port-channel interfaces

See also EtherChannel

creating16-6

overview16-2

port-channel load-balance

command16-12

command example16-12

port-channel load-balance command16-12

port cost (STP)

configuring13-15

PortFast

and MST15-2

BPDU filter, configuring14-8

configuring or enabling14-15

overview14-5

PortFast BPDU filtering

and MST15-2

enabling14-8

overview14-8

port priority

configuring MST instances15-12

configuring STP13-13

ports

blocking35-1

checking status5-2

community34-1

dynamic VLAN membership

example10-26

reconfirming10-23

forwarding, resuming35-3

isolated34-1

PVLAN types34-1

secure30-1

See also interfaces

port security

aging30-9

and QoS trusted boundary27-26

configuring30-4

configuring trunk port security30-7

default configuration30-3

described30-1

displaying30-11

RADIUS accounting29-10

sticky learning30-2

using with 802.1X29-8

violations30-2

with other features30-3

port states

description13-5

port trust state

See trust states

power

inline28-4

power dc input command7-13

power handling for Supervisor Engine II-TS8-11

power inline command8-2

power inline consumption command8-4

power management

1+1 redundancy mode7-16

2+1 redundancy mode7-16

Catalyst 4006 switch7-16

Catalyst 4500 series7-4

Catalyst 4500 Series power supplies7-12

Catalyst 4948 series7-3

combined mode7-5

configuring combined mode7-9

configuring redundant mode7-8

overview7-1

redundancy7-16

redundant mode7-5

Power-On-Self-Test Diagnostics19

Power-On-Self-Test diagnostics28

Power-On-Self-Test for Supervisor Engine V-10GE23

power redundancy

setting on Catalyst 40067-18

power redundancy-mode command7-8

power supplies

fixed7-4

variable7-3, 7-4

power supplies required command7-18

primary VLANs

associating with secondary VLANs34-6

configuring as a PVLAN34-5

description34-1

priority

overriding CoS of incoming frames28-4

privileged EXEC mode2-5

privileges

changing default3-17

configuring levels3-16

exiting3-17

logging in3-17

promiscuous ports

configuring PVLAN34-7

description34-1

setting mode34-12

protocol timers13-4

provider edge devices26--2

pruning, VTP

See VTP pruning

pseudobridges

description15-5

PVACL31-11

PVID (port VLAN ID)

and 802.1X with voice VLAN ports29-12

PVLANs

802.1q support34-5

configuration guidelines34-3

configuring34-3

configuring a VLAN34-5

configuring promiscuous ports34-7

host ports

configuring a Layer 2 interface34-8

setting34-12

isolated VLANs34-1

overview34-1

permitting routing, example34-11

promiscuous mode

setting34-12

setting

interface mode34-12

Q

QoS

allocating bandwidth27-49

and software processed packets27-16

auto-QoS

configuration and defaults display27-20

configuration guidelines27-18

described27-17

displaying27-20

effects on NVRAM configuration27-18

enabling for VoIP27-19

basic model27-5

burst size27-28

classification27-6to 27-10

configuration guidelines27-25

auto-QoS27-18

configuring

auto-QoS27-17

DSCP maps27-51

traffic shaping27-50

trusted boundary27-26

VLAN-based27-45

configuring UBRL27-36

creating policing rules27-29

default auto configuration27-17

default configuration27-23

definitions27-3

disabling on interfaces27-35

enabling and disabling27-44

enabling on interfaces27-35

enabling per-port per-VLAN27-41

flowcharts27-8, 27-12

IP phones

automatic classification and queueing27-17

detection and trusted settings27-17, 27-26

overview27-1

overview of per-port per-VLAN27-16

packet modification27-16

port-based27-45

priority27-15

traffic shaping27-15

transmit rate27-50

trust states

trusted device27-26

VLAN-based27-45

See also COS; DSCP values; transmit queues

QoS active queue management

tracking queue length27-14

QoS labels

definition27-3

QoS mapping tables

CoS-to-DSCP27-51

DSCP-to-CoS27-53

policed-DSCP27-52

types27-14

QoS marking

description27-5

QoS policers

burst size27-28

types of27-10

QoS policing

definition27-5

described27-5, 27-10

QoS policy

attaching to interfaces27-11

overview of configuration27-29

QoS transmit queues

allocating bandwidth27-49

burst27-15

configuring27-48

configuring traffic shaping27-50

mapping DHCP values to27-48

maximum rate27-15

overview27-14

sharing link bandwidth27-15

Quality of service

See QoS

queueing27-5, 27-14

R

RADIUS server

configure to-Switch communication29-17

configuring settings29-18

parameters on the switch29-17

range command4-4

range macros

defining4-5

ranges of interfaces

configuring4-4

Rapid Spanning Tree

See RSTP

rcommand command9-14

re-authentication of a client

configuring manual29-25

enabling periodic29-24

reduced MAC address13-2

redundancy

configuring6-8

guidelines and restrictions6-7

changes made through SNMP6-8, 6-11

NSF-awareness support6-2

overview6-3

redundancy command6-8

understanding synchronization6-6

redundancy(RPR)

route processor redundancy6-4

synchronization6-6

redundancy(SSO)

route processor redundancy6-4

synchronization6-7

related documentationxxv

reload command3-21, 3-22

replication

description24-8

reserved-range VLANs

See VLANs

resetting a switch to defaults3-25

retransmission number

setting in 802.1X authentication29-27

retransmission time

changing in 802.1X authentication29-26

RIP

description1-6

ROM monitor

boot process and3-19

CLI2-6

root bridge

configuring13-9

selecting in MST15-2

root guard

and MST15-2

enabling14-2

overview14-2

routed packets

ACLs33-21

route-map (IP) command25-3

route maps

defining25-3

PBR25-2

router ACLs

description33-2

using with VLAN maps33-20

route targets

VPN26--3

Routing Information Protocol

See RIP

RSPAN

configuration guidelines37-16

destination ports37-5

IDS37-2

monitored ports37-4

monitoring ports37-5

received traffic37-3

sessions

creating37-17

defined37-3

limiting source traffic to specific VLANs37-23

monitoring VLANs37-22

removing source (monitored) ports37-21

specifying monitored ports37-17

source ports37-4

transmitted traffic37-4

VLAN-based37-5

RSTP

compatibility15-3

description15-2

port roles15-3

port states15-4

S

SAID

See 802.10 SAID

scheduling27-14

defined27-5

overview27-6

secondary root switch13-12

secondary VLANs

associating with primary34-6

description34-2

permitting routing34-11

secure ports, configuring30-1

Security Association Identifier

See 802.10 SAID

servers, VTP

See VTP servers

service-policy command27-30

service-policy input command21-2, 27-35

service-provider networks

and customer VLANs18-2

Layer 2 protocols across18-7

set default interface command25-4

set interface command25-4

set ip default next-hop command25-4

set ip next-hop command25-4

show adjacency command23-9

show boot command3-24

show catalyst4000 chassis-mac-address command13-3

show cdp command19-2, 19-3

show cdp entry command19-4

show cdp interface command19-3

show cdp neighbors command19-4

show cdp traffic command19-4

show ciscoview package command9-24

show ciscoview version command9-24

show cluster members command9-14

show configuration command4-10

show debugging command19-4

show environment command7-2

show history command2-4

show interfaces command4-12, 4-14, 4-16

show interfaces status command5-2

show ip cache flow aggregation destination-prefix command38-12

show ip cache flow aggregation prefix command38-12

show ip cache flow aggregation source-prefix command38-12

show ip cache flow command38-9

show ip cef command23-8

show ip interface command24-15

show ip local policy command25-5

show ip mroute command24-15

show ip pim interface command24-15

show l2protocol command18-11

show mac-address-table address command5-3

show mac-address-table interface command5-3

show mls entry command23-8

show module command5-1, 13-5

show PoE consumed8-7

show power command7-18

show power inline command8-6

show power inline consumption command8-4

show power supplies command7-8

show protocols command4-14

show running-config command

adding description for an interface4-10

checking your settings3-9

displaying ACLs33-14, 33-16, 33-23, 33-24

show startup-config command3-10

show users command5-6

show version command3-22

shutdown, command4-15

shutdown threshold for Layer 2 protocol packets18-9

shutting down

interfaces4-15

single spanning tree

See SST

slot numbers, description4-2

SmartPort macros

configuration guidelines12-4

configuring12-2

creating and applying12-4

default configuration12-2

defined12-1

displaying12-8

tracing12-4

SNMP

documentation1-11

support1-11

software

upgrading6-12

software configuration register3-19

software switching

description23-5

interfaces23-6

key data structures used24-7

SPAN

and ACLs37-5

configuration guidelines37-7

configuring37-6to 37-10

destination ports37-5

IDS37-2

monitored port, defined37-4

monitoring port, defined37-5

received traffic37-3

sessions

defined37-3

source ports37-4

transmitted traffic37-4

VLAN-based37-5

SPAN and RSPAN

concepts and terminology37-3

default configuration37-6

displaying status37-24

overview37-1

session limits37-6

SPAN destination ports

802.1X authentication not supported29-15

SPAN enhancements

access list filtering37-13

configuration example37-15

CPU port sniffing37-10

encapsulation configuration37-12

ingress packets37-12

packet type filtering37-14

spanning-tree backbonefast command14-15

spanning-tree cost command13-15

spanning-tree guard root command14-2

spanning-tree portfast bpdu-guard command14-7

spanning-tree portfast command14-6

spanning-tree port-priority command13-13

spanning-tree uplinkfast command14-11

spanning-tree vlan

command13-9

command example13-9

spanning-tree vlan command13-8

spanning-tree vlan cost command13-15

spanning-tree vlan forward-time command13-19

spanning-tree vlan hello-time command13-17

spanning-tree vlan max-age command13-18

spanning-tree vlan port-priority command13-13

spanning-tree vlan priority command13-17

spanning-tree vlan root primary command13-10

spanning-tree vlan root secondary command13-12

speed

configuring interface4-7

speed command4-8

SST

description15-2

interoperability15-4

static routes

configuring3-11

verifying3-12

statistics

displaying 802.1X29-28

displaying PIM24-20

NetFlow accounting38-9

sticky learning

configuration file30-2

defined30-2

disabling30-2

enabling30-2

saving addresses30-2

sticky MAC addresses

configuring30-4

defined30-2

Storm Control

disabling36-4

displaying36-4

enabling36-3

hardware-based, implementing36-2

overview36-1

STP

bridge ID13-2

configuring13-7to 13-20

creating topology13-4

defaults13-6

disabling13-19

enabling13-7

enabling extended system ID13-8

enabling Per-VLAN Rapid Spanning Tree13-20

forward-delay time13-18

hello time13-17

Layer 2 protocol tunneling18-7

maximum aging time13-18

overview13-1, 13-3

per-VLAN rapid spanning tree13-6

port cost13-15

port priority13-13

root bridge13-9

supervisor engine

accessing the redundant6-14

configuring3-8to 3-13

copying files to standby6-14

default configuration3-1

default gateways3-11

environmental monitoring7-1

ROM monitor3-19

startup configuration3-18

static routes3-11

synchronizing configurations6-10

Supervisor Engine II-TS

insufficient inline power handling7-10, 8-11

SVIs

and router ACLs33-3

switched packets

and ACLs33-20

Switched Port Analyzer

See SPAN

switching, NetFlow

checking for required hardware38-6

configuration (example)38-13

configuring switched IP flows38-8

enabling Collection38-7

exporting cache entries38-9

switchport

show interfaces4-12, 4-16

switchport access vlan command11-6, 11-8

switchport block multicast command35-2

switchport block unicast command35-2

switchport mode access command11-8

switchport mode dot1q-tunnel command18-6

switchport mode dynamic command11-6

switchport mode trunk command11-6

switch ports

See access ports

switchport trunk allowed vlan command11-6

switchport trunk encapsulation command11-6

switchport trunk encapsulation dot1q command11-3

switchport trunk encapsulation isl command11-3

switchport trunk encapsulation negotiate command11-3

switchport trunk native vlan command11-6

switchport trunk pruning vlan command11-6

switch-to-RADIUS server communication

configuring29-17

syslog messages7-2

system

reviewing configuration3-10

settings at startup3-20

system images

loading from Flash memory3-23

modifying boot field3-20

specifying3-23

system MTU

802.1Q tunneling18-5

maximums18-5

T

TACACS+

setting passwords3-15

tagged packets

802.1Q18-3

Layer 2 protocol18-7

TCAM programming and ACLs33-6

TDR

checking cable connectivity5-3

enabling and disabling test5-3

guidelines5-3

Telnet

accessing CLI2-2

disconnecting user sessions5-6

executing5-5

monitoring user sessions5-6

telnet command5-5

TFTP

configuration files in base directory3-5

configuring for autoconfiguration3-4

Time Domain Reflectometer

See TDR

time exceeded messages5-8

timer

See login timer

Token Ring

media not supported (note)10-4, 10-10

TOS

description27-4

trace command5-9

traceroute

See IP traceroute

See Layer 2 Traceroute

traceroute mac command5-10

traceroute mac ip command5-11

traffic

blocking flooded35-2

traffic control

using ACLs (figure)33-4

using VLAN maps (figure)33-5

traffic shaping27-15

translational bridge numbers (defaults)10-4

transmit queues

See QoS transmit queues

transmit rate27-50

troubleshooting

with traceroute5-8

trunk ports

802.1X authentication not supported on29-15

configuring PVLAN34-9to 34-11

trunk port security

configuring30-7

trunks

802.1Q restrictions11-5

configuring11-6

configuring access VLANs11-6

configuring allowed VLANs11-6

default interface configuration11-6

different VTP domains11-3

enabling to non-DTP device11-4

encapsulation11-3

specifying native VLAN11-6

understanding11-3

trusted boundary for QoS27-26

trust states

configuring27-46

tunneling

defined18-1

Layer 2 protocol18-7

tunnel ports

802.1Q, configuring18-6

described18-2

incompatibilities with other features18-5

type of service

See TOS

U

UDLD

default configuration20-2

disabling20-3

enabling20-3

overview20-1

unauthorized ports with 802.1X29-4

unicast

See IP unicast

unicast flood blocking

configuring35-1

unicast traffic

blocking35-2

unidirectional ethernet

enabling21-2

example of setting21-2

overview21-1

UniDirectional Link Detection Protocol

See UDLD

UplinkFast

and MST15-2

enabling14-15

MST and15-3

overview14-10

User Based Rate Limiting

configuring27-36

overview27-36

user EXEC mode2-5

user sessions

disconnecting5-6

monitoring5-6

V

VACLs

Layer 4 port operations33-7

virtual LANs

See VLANs

Virtual Private Network

See VPN

VLAN ACLs

See VLAN maps

vlan command10-6, 10-7

vlan database command10-7

vlan dot1q tag native command18-4

VLAN Management Policy Server

See VMPS

VLAN maps

applying33-16, 33-24

common uses for33-16

configuration example33-17

configuration guidelines33-13

configuring33-12

creating entries33-13

defined33-3

denying access example33-18

denying packets33-14

displaying33-19

examples33-18

order of entries33-13

permitting packets33-14

router ACLs and33-20

using (figure)33-5

VLANs

allowed on trunk11-6

configuration guidelines10-3

configuring10-4

customer numbering in service-provider networks18-3

default configuration10-4

description1-5

extended range10-3

IDs (default)10-4

interface assignment10-8

limiting source traffic with RSPAN37-23

monitoring with RSPAN37-22

name (default)10-4

normal range10-3

overview10-1

reserved range10-3

See also PVLANs

VLAN Trunking Protocol

See VTP

VLAN trunks

overview11-3

VMPS

configuration file example10-29

configuring dynamic access ports on client10-22

configuring retry interval10-24

database configuration file10-29

dynamic port membership

example10-26

reconfirming10-23

reconfirming assignments10-23

reconfirming membership interval10-23

server overview10-17

VMPS client

administering and monitoring10-24

configure switch

configure reconfirmation interval10-23

dynamic ports10-22

entering IP VMPS address10-21

reconfirmation interval10-24

reconfirm VLAM membership10-23

default configuration10-21

dynamic VLAN membership overview10-20

troubleshooting dynamic port VLAN membership10-25

VMPS server

fall-back VLAN10-19

illegal VMPS client requests10-20

overview10-17

security modes

multiple10-19

open10-18

secure10-19

voice interfaces

configuring28-1

Voice over IP

configuring28-1

voice ports

configuring VVID28-2

voice traffic8-1, 28-4

voice VLAN ports

using 802.1X29-12

VPN

configuring routing in26--5

forwarding26--3

in service provider networks26--1

routes26--2

routing and forwarding table

See VRF

VRF

defining26--3

tables26--1

VTP

configuration guidelines10-12

configuring10-13to 10-17

configuring transparent mode10-16

default configuration10-12

disabling10-16

Layer 2 protocol tunneling18-7

monitoring10-16

overview10-8

See also VTP version 2

VTP advertisements

description10-9

VTP clients

configuring10-15

VTP domains

description10-9

VTP modes10-9

VTP pruning

enabling10-13

overview10-10

VTP servers

configuring10-14

VTP statistics

displaying10-16

VTP version 2

enabling10-14

overview10-10

See also VTP

VTY and Network Assistant9-13

VVID (voice VLAN ID)

and 802.1X authentication29-12

configuring28-2