Catalyst 4500 Series Switch Software Configuration Guide, 12.2(44)SG
Index
Downloads: This chapterpdf (PDF - 1.46MB) The complete bookPDF (PDF - 25.52MB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

ACLs

applying IPv6 ACLs to a Layer 3 interface 42-21

Numerics

10/100 autonegotiation feature, forced 6-13

10-Gigabit Ethernet or Gigabit Ethernet ports

deploy on WS-X4606-10GE-E and Sup 6-E 6-9

10-Gigabit Ethernet port

deploy with Gigabit Ethernet SFP ports 6-7

1400 W DC Power supply

special considerations 10-16

1400 W DC SP Triple Input power supply

special considerations 10-17

802.10 SAID (default) 12-4

802.1Q

trunks 16-6

tunneling

compatibility with other features 23-5

defaults 23-4

described 23-2

tunnel ports with other features 23-6

802.1Q VLANs

encapsulation 14-3

trunk restrictions 14-5

802.1s

See MST

802.1w

See MST

802.1X

See port-based authentication

802.1X authentication

for Critical Authentication 37-12

for guest VLANs 37-8

for MAC Authentication Bypass 37-9

for Wake-on-LAN 37-12

RADIUS accounting 37-16

with port security 37-15

with VLAN assignment 37-7

with voice VLAN ports 37-18

802.3ad

See LACP

A

AAA 39-1

abbreviating commands 2-5

access control entries

See ACEs

access control entries and lists 39-1

access-group mode, configuring on Layer 2 interface 42-34

access-group mode, using PACL with 42-34

access list filtering, SPAN enhancement 45-13

access lists

using with WCCP 52-7

access ports

and Layer 2 protocol tunneling 23-9

configure port security 38-6, 38-21

configuring 14-8

access VLANs 14-6

accounting

configuring for 802.1X 37-32

with TACACS+ 3-16, 3-21

ACEs

ACLs 42-2

IP 42-2

Layer 4 operation restrictions 42-15

ACEs and ACLs 39-1

ACLs

ACEs 42-2

and SPAN 45-5

and TCAM programming for Sup 6-E 42-15

and TCAM programming for Sup II-Plus thru V-10GE 42-6

applying on routed packets 42-31

applying on switched packets 42-30

chaning the TCAM programming algorithm 42-9

compatibility on the same switch 42-3

configuring with VLAN maps 42-30

CPU impact 42-17

hardware and software support 42-5

IP, matching criteria for port ACLs 42-4

MAC extended 42-19

matching criteria for router ACLs 42-3

port

and voice VLAN 42-4

defined 42-3

limitations 42-5

processing 42-17

resize the TCAM regions 42-10

selecting mode of capturing control packets 42-12

TCAM programming algorithm 42-7

troubleshooting high CPU 42-12

types supported 42-3

understanding 42-2

VLAN maps 42-5

ACLs and VLAN maps, examples 42-24

acronyms, list of A-1

action drivers, marking 34-76

active queue management 34-14

active queue management via DBL, QoS on Sup 6-E 34-89

active traffic monitoring, IP SLAs 49-1

adding members to a community 11-8

addresses

displaying the MAC address table 4-30

dynamic

changing the aging time 4-21

defined 4-19

learning 4-20

removing 4-22

MAC, discovering 4-30

See MAC addresses

static

adding and removing 4-27

defined 4-19

address resolution 4-30

adjacency tables

description 29-3

displaying statistics 29-10

administrative VLAN

REP, configuring 18-8

administrative VLAN, REP 18-7

advertisements

LLDP 1-3, 25-2

advertisements, VTP

See VTP advertisements

aggregation switch, enabling DHCP snooping 40-9

aging time

MAC address table 4-21

applying IPv6 ACLs to a Layer 3 interface 42-21

AQM via DBL, QoS on Sup 6-E 34-89

ARP

defined 4-30

table

address resolution 4-30

managing 4-30

asymmetrical links, and 802.1Q tunneling 23-4

authentication

NTP associations 4-4

See also port-based authentication

TACACS+

defined 3-16

key 3-18

login 3-19

Authentication, Authorization, and Accounting (AAA) 39-1

Authentication Failed VLAN assignment

configure with 802.1X 37-40

authentication server

defined 37-3

RADIUS server 37-3

authoritative time source, described 4-2

authorization

with TACACS+ 3-16, 3-21

authorized and unauthorized ports 37-4

authorized ports with 802.1X 37-4

autoconfiguration 3-2

automatic discovery

considerations 11-7

automatic QoS

See QoS

Auto-MDIX on a port

configuring 6-24

displaying the configuration 6-25

overview 6-23

autonegotiation feature

forced 10/100Mbps 6-13

Auto-QoS

configuring 34-17

auto-sync command 8-8

B

Baby Giants

interacting with 6-21

BackboneFast

adding a switch (figure) 19-4

and MST 16-23

configuring 19-16

link failure (figure) 19-14, 19-15

not supported MST 16-23

understanding 19-14

See also STP

banners

configuring

login 4-19

message-of-the-day login 4-18

default configuration 4-18

when displayed 4-17

b command 54-3

b flash command 54-3

BGP 1-8

routing session with multi-VRF CE 33-7

blocking packets 43-1

blocking state (STP)

RSTP comparisons (table) 16-24

boot bootldr command 3-31

boot command 3-28

boot commands 54-3

boot fields

See configuration register boot fields

bootstrap program

See ROM monitor

boot system command 3-26, 3-31

boot system flash command 3-28

Border Gateway Protocol

See BGP

boundary ports

description 16-27

BPDU Guard

and MST 16-23

configuring 19-16

overview 19-8

BPDUs

and media speed 16-2

pseudobridges and 16-25

what they contain 16-3

bridge ID

See STP bridge ID

bridge priority (STP) 16-16

bridge protocol data units

See BPDUs

Broadcast Storm Control

disabling 44-6

enabling 44-3

BSR

configuration example 31-21

burst rate 34-57

burst size 34-32

C

cache engine clusters 52-1

cache engines 52-1

cache farms

See cache engine clusters

candidates

automatic discovery 11-7

candidate switch, cluster

defined 11-12

requirements 11-12

Capturing control packets

selecting mode 42-12

cautions

Unicast RPF

BGP optional attributes 30-5

cautions for passwords

encrypting 3-22

CDP

and trusted boundary 34-27

automatic discovery in communities 11-7

configuration 24-2

defined with LLDP 25-1

displaying configuration 24-3

enabling on interfaces 24-3

Layer 2 protocol tunneling 23-7

maintaining 24-3

monitoring 24-3

overview 1-2, 24-1

cdp enable command 24-3

CEF

adjacency tables 29-3

and NSF with SSO 9-5

configuring load balancing 29-8

displaying statistics 29-9

enabling 29-7

hardware switching 29-5

load balancing 29-7

overview 29-2

software switching 29-5

CGMP

overview 21-1

channel-group group command 20-7, 20-10

Cisco 7600 series Internet router

enabling SNMP 53-16

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco Group Management Protocol

See CGMP

Cisco IOS IP SLAs 49-1

Cisco IOS NSF-aware

support 9-2

Cisco IOS NSF-capable support 9-2

Cisco IP Phones

configuring 35-3

sound quality 35-1

CiscoWorks 2000 47-4

CIST

description 16-22

class level, configure in a service policy 34-86

class-map command 34-34

class of service

See CoS

clear cdp counters command 24-4

clear cdp table command 24-3

clear counters command 6-27

clearing

IP multicast table entries 31-20

clear ip eigrp neighbors command 28-18

clear ip flow stats command 48-9

CLI

accessing 2-1

backing out one level 2-5

getting commands 2-5

history substitution 2-4

managing clusters 11-12

modes 2-5

monitoring environments 45-1

ROM monitor 2-7

software basics 2-4

clients

in 802.1X authentication 37-2

clock

See system clock

clustering switches

command switch characteristics 11-11, 11-12

and VTY 11-11

convert to a community 11-9

managing

through CLI 11-12

overview 11-10

planning considerations

CLI 11-12

passwords 11-8

command-line processing 2-3

command modes 2-5

commands

b 54-3

b flash 54-3

boot 54-3

confreg 54-3

dev 54-3

dir device 54-3

frame 54-5

i 54-3

listing 2-5

meminfo 54-5

reset 54-3

ROM monitor54-2to 54-3

ROM monitor debugging 54-5

SNMP 53-16

sysret 54-5

command switch, cluster

requirements 11-11

common and internal spanning tree

See CIST

common spanning tree

See CST

community of switches

access modes in Network Assistant 11-8

adding devices 11-8

candidate characterisitcs 11-6

communication protocols 11-8

community name 11-7

configuration information 11-8

converting from a cluster 11-9

host name 11-7

passwords 11-8

community ports 36-4

community strings

configuring 47-7

overview 47-4

community VLANs 36-3, 36-4

and SPAN features 36-12

configure as a PVLAN 36-13

compiling MIBs 53-16

config-register command 3-29

config terminal command 3-9

configurable leave timer,IGMP 21-4

configuration examples

SNMP 47-16

configuration files

limiting TFTP server access 47-15

obtaining with DHCP 3-6

saving 3-10

system contact and location information 47-15

configuration guidelines

REP 18-6

SNMP 47-6

configuration register

boot fields

listing value 3-29

modifying 3-28

changing from ROM monitor 54-3

changing settings3-28to 3-29

configuring 3-26

settings at startup 3-27

configure class-level queue-limit in a service policy 34-86

configure terminal command 3-28, 6-2

configuring access-group mode on Layer 2 interface 42-34

configuring flow control 6-16

configuring interface link and trunk status envents 6-28

configuring named IPv6 ACLs 42-20

configuring named MAC extended ACLs 42-19

configuring unicast MAC address filtering 42-19

configuring VLAN maps 42-22

confreg command 54-3

console configuration mode 2-5

console download54-4to 54-5

console port

disconnecting user sessions 7-6

monitoring user sessions 7-6

control plane policing

See CoPP

control protocol, IP SLAs 49-4

convergence

REP 18-3

CoPP

applying QoS service policy to control plane 39-4

configuring

ACLs to match traffic 39-4

enabling MLS QoS 39-4

packet classification criteria 39-4

service-policy map 39-4

control plane configuration mode

entering 39-4

displaying

dynamic information 39-8

number of conforming bytes and packets 39-8

rate information 39-8

entering control plane configuration mode 39-4

monitoring statistics 39-8

overview 39-2

copy running-config startup-config command 3-10

copy system:running-config nvram:startup-config command 3-31

CoS

definition 34-3

figure 34-2

overriding on Cisco IP Phones 35-5

priority 35-5

CoS Mutation

configuring 34-41

CoS-to-DSCP maps 34-58

CoS value, configuring for an interface 34-53

counters

clearing MFIB 31-21

clearing on interfaces 6-27

CPU, impact of ACL processing 42-17

CPU port sniffing 45-10

Critical Authentication

configure with 802.1X 37-36

CST

description 16-25

IST and 16-22

MST and 16-22

customer edge devices 33-2

D

database agent

configuration examples 40-12

enabling the DHCP Snooping 40-12

daylight saving time 4-13

debug commands, ROM monitor 54-5

default configuration

802.1X 37-22

auto-QoS 34-18

banners 4-18

DNS 4-16

IGMP filtering 21-18

IGMP snooping 22-5, 22-6

IP SLAs 49-6

Layer 2 protocol tunneling 23-9

LLDP 25-3

MAC address table 4-21

multi-VRF CE 33-4

NTP 4-4

private VLANs 36-11

REP 18-6

resetting the interface 6-30

RMON 50-3

SNMP 47-6

SPAN and RSPAN 45-6

system message logging 46-3

system name and prompt 4-15

TACACS+ 3-18

default gateway

configuring 3-11

verifying configuration 3-11

default settings, erase commad 3-31

denial-of-service attacks

IP address spoofing, mitigating 30-5

Unicast RPF, deploying 30-5

denying access to a server on another VLAN 42-28

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 6-7

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 6-9

description command 6-15

detecting unidirectional links 26-1

dev command 54-3

device discovery protocol 25-1

DHCP-based autoconfiguration

client request message exchange 3-3

configuring

client side 3-3

DNS 3-5

relay device 3-5

server-side 3-4

TFTP server 3-4

example 3-7

lease options

for IP address information 3-4

for receiving the configuration file 3-4

overview 3-2

relationship to BOOTP 3-3

DHCP option 82

overview 40-4

DHCP Snooping

enabling, and Option 82 40-9

DHCP snooping

accepting untrusted packets form edge switch 40-10

configuring 40-6

default configuration 40-7

displaying binding tables 40-16

displaying configuration 40-16

displaying information 40-16

enabling 40-7

enabling on private VLAN 40-11

enabling on the aggregation switch 40-9

enabling the database agent 40-12

message exchange process 40-4

monitoring 40-20

option 82 data insertion 40-4

overview 40-1

Snooping database agent 40-2

DHCP Snooping Database Agent

adding to the database (example) 40-15

enabling (example) 40-13

overview 40-2

reading from a TFTP file (example) 40-14

Diagnostics

online 51-1

troubleshooting 51-2

Power-On-Self-Test

causes of failure 51-14

how it works 51-3

overview 51-3

Power-On-Self-Test for Supervisor Engine V-10GE 51-8

Differentiated Services Code Point values

See DSCP values

DiffServ architecture, QoS 34-2

Digital optical monitoring transceiver support 6-12

dir device command 54-3

disabled state

RSTP comparisons (table) 16-24

disabling

broadcast storm control 44-6

disabling multicast storm control 44-7

disconnect command 7-6

discovery, clusters

See automatic discovery

displaying EtherChannel to a Virtual Switch System 20-15

displaying storm control 44-7

DNS

and DHCP-based autoconfiguration 3-5

default configuration 4-16

displaying the configuration 4-17

overview 4-15

setting up 4-16

domain names

DNS 4-15

Domain Name System

See DNS

double-tagged packets

802.1Q tunneling 23-2

Layer 2 protocol tunneling 23-9

downloading MIBs 53-14, 53-15

drop threshold for Layer 2 protocol packets 23-10

DSCP maps 34-58

DSCP-to-CoS maps

configuring 34-60

DSCP values

configuring maps 34-58

definition 34-4

IP precedence 34-2

mapping markdown 34-24

mapping to transmit queues 34-55

DSCP values, configuring port value 34-54

DTP

VLAN trunks and 14-3

duplex command 6-14

duplex mode

configuring interface 6-13

dynamic 12-17

dynamic ARP inspection

ARP cache poisoning 41-2

configuring

ACLs for non-DHCP environments 41-11

in DHCP environments 41-5

log buffer 41-14

rate limit for incoming ARP packets 41-16

denial-of-service attacks, preventing 41-16

interface trust state, security coverage 41-3

log buffer

configuring 41-14

logging of dropped packets 41-4

overview 41-1

port channels, their behavior 41-5

priority of static bindings 41-4

purpose of 41-2

rate limiting of ARP packets 41-4

configuring 41-16

validation checks, performing 41-19

dynamic buffer limiting

globally 34-28

on specific CoS values 34-30

on specific IP DSCP values 34-29

Dynamic Host Configuration Protocol snooping

See DHCP snooping

dynamic port VLAN membership

example 12-25

limit on hosts 12-25

reconfirming 12-23

troubleshooting 12-25

Dynamic Trunking Protocol

See DTP

E

EAP frames

changing retransmission time 37-45

exchanging (figure) 37-4, 37-6, 37-11

request/identity 37-3

response/identity 37-3

setting retransmission number 37-46

EAPOL frames

802.1X authentication and 37-3

OTP authentication, example (figure) 37-4, 37-11

start 37-3

edge ports

description 16-27

EGP

overview 1-8

EIGRP

configuration examples 28-19

monitoring and maintaining 28-18

EIGRP (Enhanced IGRP)

stub routing

benefits 28-17

configuration tasks 28-17

configuring 28-13

overview 28-13

restrictions 28-17

verifying 28-18

EIGRP (enhanced IGRP)

overview 1-8

eigrp stub command 28-18

EIGRP stub routing, configuring 28-12

Embedded CiscoView

displaying information 4-33

installing and configuring 4-31

overview 4-31

emergency alarms on Sup Engine 6-E systems 10-3

enable command 3-9, 3-28

enable mode 2-5

enabling or disabling QOS on an interface 34-51

enabling SNMP 53-16

encapsulation types 14-3

Enhanced Interior Gateway Routing Protocol

See EIGRP

Enhanced PoE support on E-series 10-12

environmental conditions

Sup Engine 6-E 10-3

Sup Engines II-Plus to V-10GE 10-2

Supervisor Engine 6-E 10-3

Supervisor Engines II-Plus to V-10GE 10-2

environmental monitoring

using CLI commands 10-1

EtherChannel

channel-group group command 20-7, 20-10

configuration guidelines 20-5

configuring20-6to 20-14

configuring Layer 2 20-9

configuring Layer 3 20-6

displaying to a virtual switch system 20-15

interface port-channel command 20-7

lacp system-priority

command example 20-12

modes 20-3

overview 20-1

PAgP

Understanding 20-3

physical interface configuration 20-7

port-channel interfaces 20-2

port-channel load-balance command 20-13

removing 20-14

removing interfaces 20-14

EtherChannel guard

disabling 19-7

enabling 19-6

overview 19-6

explicit host tracking

enabling 21-10

extended range VLANs

See VLANs

Extensible Authentication Protocol over LAN 37-1

Exterior Gateway Protocol

See EGP

F

FastDrop

clearing entries 31-20

displaying entries 31-19

overview 31-10

FIB

description 29-3

See also MFIB

filtering

in a VLAN 42-22

non-IP traffic 42-19

flags 31-11

Flash memory

configuring router to boot from 3-30

loading system images from 3-30

security precautions 3-30

flooded traffic, blocking 43-2

flowchart, traffic marking procedure 34-76

flow control, configuring 6-16

forward-delay time (STP)

configuring 16-18

forwarding information base

See FIB

frame command 54-5

G

gateway

See default gateway

get-bulk-request operation 47-3

get-next-request operation 47-3, 47-4

get-request operation 47-3, 47-4

get-response operation 47-3

Gigabit Ethernet SFP ports

deploy with 10-Gigabit Ethernet 6-7

global configuration mode 2-5

Guest-VLANs

configure with 802.1X 37-32, 37-41

H

hardware and software ACL support 42-5

hardware switching 29-6

hello time (STP)

configuring 16-17

hierarchical policers, configuring 34-46

hierarchical policies, QoS on Sup 6-E 34-90

high CPU due to ACLs, troubleshooting 42-12

history

CLI 2-4

history table, level and number of syslog messages 46-10

hop counts

configuring MST bridges 16-28

host

configuring host statically 21-10

limit on dynamic port 12-25

host ports

kinds of 36-5

Hot Standby Routing Protocol

See HSRP

HSRP

description 1-7

http

//www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html 49-1, 49-3, 49-5, 49-6

//www.cisco.com/en/US/docs/ios/fundamentals/command reference/cf_book.html 46-1

hw-module module num power command 10-20

I

ICMP

enabling 7-11

ping 7-7

running IP traceroute 7-8

time exceeded messages 7-8

ICMP Echo operation

configuring 49-12

IP SLAs 49-11

i command 54-3

IDS

using with SPAN and RSPAN 45-2

IEEE 802.1s

See MST

IEEE 802.1w

See MST

IEEE 802.3ad

See LACP

IGMP

configurable leave timer

enabling 21-8

configurable-leave timer 21-4

description 31-3

enabling 31-13

explicit host tracking 21-4, 21-10

immediate-leave processing 21-3

leave processing, enabling 22-8

overview 21-1

report suppression

disabling 22-11

IGMP filtering

configuring 21-18

default configuration 21-18

described 21-18

monitoring 21-21

IGMP groups

setting the maximum number 21-20

IGMP Immediate Leave

configuration guidelines 21-8

IGMP profile

applying 21-19

configuration mode 21-18

configuring 21-19

IGMP snooping

configuration guidelines 21-5

default configuration 22-5, 22-6

enabling 21-5, 21-6

enabling and disabling 22-6

IP multicast and 31-4

monitoring 21-13, 22-11

overview 21-1

IGRP

description 1-9

Immediate Leave, IGMP

enabling 22-8

immediate-leave processing

enabling 21-8

IGMP

See fast-leave processing

Ingress Packets, SPAN enhancement 45-12

ingress packets, SPAN enhancement 45-12

inline power

configuring on Cisco IP phones 35-5

insufficient inline power handling for Supervisor Engine II-TS 10-18

Intelligent Power Management 10-4

interacting with Baby Giants 6-21

interface command 3-9, 6-2

interface configuration

REP 18-9

interface link and trunk status events

configuring 6-28

interface port-channel command 20-7

interface range command 6-5

interface range macro command 6-6

interfaces

adding descriptive name 6-15

clearing counters 6-27

configuring 6-2

configuring ranges 6-5

displaying information about 6-26

Layer 2 modes 14-4

maintaining 6-26

monitoring 6-26

naming 6-15

numbers 6-2

overview 6-2

restarting 6-27, 6-28

See also Layer 2 interfaces

Interior Gateway Routing Protocol

See IGRP

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Inter-Switch Link encapsulation

See ISL encapsulation

Intrusion Detection System

See IDS

inventory management TLV 25-3, 25-6

IP

configuring default gateway 3-11

configuring static routes 3-11

displaying statistics 29-9

flow switching cache 48-9

IP addresses

cluster candidate or member 11-12

cluster command switch 11-11

discovering 4-30

ip cef command 29-7

IP Enhanced IGRP

interfaces, displaying 28-18

ip flow-aggregation cache destination-prefix command 48-11

ip flow-aggregation cache prefix command 48-11

ip flow-aggregation cache source-prefix command 48-12

ip flow-export command 48-9

ip icmp rate-limit unreachable command 7-12

ip igmp profile command 21-18

ip igmp snooping tcn flood command 21-12

ip igmp snooping tcn flood query count command 21-12

ip igmp snooping tcn query solicit command 21-13

IP information

assigned

through DHCP-based autoconfiguration 3-2

ip load-sharing per-destination command 29-8

ip local policy route-map command 32-5

ip mask-reply command 7-13

IP MTU sizes, configuring 28-8

IP MTU sizes,configuring 28-8

IP multicast

clearing table entries 31-20

configuring 31-12

default configuration 31-13

displaying PIM information 31-16

displaying the routing table information 31-16

enabling 31-13

enabling dense-mode PIM 31-14

enabling sparse-mode 31-14

features not supported 31-12

hardware forwarding 31-8

IGMP snooping and 21-4, 31-4

monitoring 31-15

overview 31-1

routing protocols 31-2

software forwarding 31-8

See also Auto-RP; IGMP; PIM; RP; RPF

ip multicast-routing command 31-13

IP phones

automatic classification and queueing 34-17

configuring voice ports 35-3

See Cisco IP Phones 35-1

trusted boundary for QoS 34-26

ip pim command 31-14

ip pim dense-mode command 31-14

ip pim sparse-dense-mode command 31-15

ip policy route-map command 32-4

IP Port Security for Static Hosts

on a Layer 2 access port 40-22

on a PVLAN host port 40-25

overview 40-21

ip redirects command 7-12

ip route-cache flow command 48-7

IP routing tables

deleting entries 31-20

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 49-1

IP SLAs

benefits 49-2

Control Protocol 49-4

default configuration 49-6

definition 49-1

ICMP echo operation 49-11

measuring network performance 49-3

monitoring 49-14

multioperations scheduling 49-5

operation 49-3

responder

described 49-4

enabling 49-8

response time 49-4

scheduling 49-5

SNMP support 49-2

supported metrics 49-2

threshold monitoring 49-6

UDP jitter operation 49-8

IP Source Guard

configuring 40-18

configuring on private VLANs 40-19

displaying 40-19, 40-20

overview 40-17

IP statistics

displaying 29-9

IP traceroute

executing 7-8

overview 7-8

IP unicast

displaying statistics 29-9

IP Unnumbered support

configuring on a range of Ethernet VLANs 13-5

configuring on LAN and VLAN interfaces 13-4

configuring with connected host polling 13-6

DHCP Option 82 13-2

displaying settings 13-7

format of agent remote ID suboptions 13-3

troubleshooting 13-8

with conected host polling 13-3

with DHCP server and Relay agent 13-2

ip unreachables command 7-11

IPX

redistribution of route information with EIGRP 1-8

ISL

encapsulation 14-3

trunking with 802.1Q tunneling 23-4

isolated port 36-5

isolated VLANs 36-3, 36-4, 36-5

ISSU

compatibility matrix 5-13

compatiblity verification using Cisco Feature Navigator 5-14

NSF overview 5-4

perform the process

aborting a software upgrade 5-26

configuring the rollback timer as a safeguard 5-27

displaying a compatibility matrix 5-29

loading the new software on the new standby 5-24

stopping the rollback timer 5-23

switching to the standby 5-20

verify the ISSU state 5-17

verify the redundancy mode 5-15

verify the software installation 5-15

vload the new software on standby 5-17

prerequisites 5-2

process overview 5-7

restrictions 5-2

SNMP support 5-13

SSO overview 5-4

versioning capability in software to support 5-12

IST

and MST regions 16-22

description 16-22

master 16-27

J

jumbo frames

and ethernet ports 6-20

configuring MTU sizes for 6-20

ports and linecards that support 6-18

understanding MTUs 6-19

understanding support 6-19

VLAN interfaces 6-20

K

keyboard shortcuts 2-3

L

l2protocol-tunnel command 23-11

labels, definition 34-3

LACP

system ID 20-4

Layer 2 access ports 14-8

Layer 2 Control Packet QoS

feature interaction 34-65

overview 34-61

usage guidelines 34-64

Layer 2 frames

classification with CoS 34-2

Layer 2 interface, configuring access-mode mode on 42-34

Layer 2 interfaces

assigning VLANs 12-8

configuring 14-5

configuring as PVLAN host ports 36-16

configuring as PVLAN promiscuous ports 36-15

configuring as PVLAN trunk ports 36-17

defaults 14-5

disabling configuration 14-9

modes 14-4

show interfaces command 14-7

Layer 2 interface type

resetting 36-22

setting 36-22

Layer 2 protocol tunneling

default configuration 23-9

guidelines 23-10

Layer 2 switching

overview 14-1

Layer 2 Traceroute

and ARP 7-10

and CDP 7-9

host-to-host paths 7-9

IP addresses and subnets 7-10

MAC addresses and VLANs 7-10

multicast traffic 7-10

multiple devices on a port 7-10

unicast traffic 1-21, 7-9

usage guidelines 7-9

Layer 2 trunks

configuring 14-6

overview 14-3

Layer 3 interface, applying IPv6 ACLs 42-21

Layer 3 interface counters,configuring 28-10

Layer 3 interface counters,understanding 28-4

Layer 3 interfaces

configuration guidelines 28-5

overview 28-1

logical 28-2

physical 28-2

VLANs as interfaces 28-7

Layer 3 packets

classification methods 34-2

Layer 4 port operations

configuration guidelines 42-16

restrictions 42-15

limitations on using a TwinGig Convertor 6-10

link and trunk status events

configuring interface 6-28

link integrity, verifying with REP 18-3

Link Layer Discovery Protocol

See CDP

listening state (STP)

RSTP comparisons (table) 16-24

LLDP

configuring 25-3

characteristics 25-3

default configuration 25-3

disabling and enabling

globally 25-5

on an interface 25-5

monitoring and maintaining 25-7

overview 25-1

transmission timer and holdtime, setting 25-3

LLDP-MED

configuring

procedures 25-3

TLVs 25-6

monitoring and maintaining 25-7

overview 25-1

supported TLVs 25-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing

configuring for CEF 29-8

configuring for EtherChannel 20-13

overview 20-5, 29-7

per-destination 29-8

location TLV 25-6

Logical Layer 3 interfaces

configuring 28-5

login authentication

with TACACS+ 3-19

login banners 4-17

login timer

changing 7-5

logoutwarning command 7-6

loop guard

and MST 16-23

configuring 19-5

overview 19-3

M

MAC/PHY configuration status TLV 25-2

MAC addresses

aging time 4-21

allocating 16-5

and VLAN association 4-20

building tables 4-20, 14-2

convert dynamic to sticky secure 38-5

default configuration 4-21

discovering 4-30

displaying 4-30, 7-3

displaying in DHCP snooping binding table 40-16

dynamic

learning 4-20

removing 4-22

in ACLs 42-19

static

adding 4-28

allowing 4-29

characteristics of 4-27

dropping 4-29

removing 4-28

sticky 38-4

sticky secure, adding 38-5

MAC Authentication Bypass

configure with 802.1X 37-35

MAC extended access lists 42-19

macros

See Smartports macros

main-cpu command 8-8

management address TLV 25-2

management options

SNMP 47-1

manual preemption, REP, configuring 18-11

mapping

DSCP markdown values 34-24

DSCP values to transmit queues 34-55

mapping tables

configuring DSCP 34-58

described 34-14

marking

hardware capabilities 34-78

marking action drivers 34-76

marking network traffic 34-73

marking support, multi-attribute 34-77

mask destination command 48-11

mask source command 48-11, 48-12

Match CoS for non-IPV4 traffic

configuring 34-36

match ip address command 32-3

maximum aging time (STP)

configuring 16-18

MDA

configuration 37-28

configuration guidelines37-19to 37-20

described 37-19

members

automatic discovery 11-7

member switch

managing 11-12

member switch, cluster

defined 11-11

requirements 11-12

meminfo command 54-5

messages, to users through banners 4-17

metro tags 23-2

MFIB

CEF 31-5

displaying 31-18

displaying fast drop entries 31-19

flags supported 31-11

overview 31-11

MIBs

compiling 53-16

downloading 53-14, 53-15

overview 47-1

related information 53-15

SNMP interaction with 47-4

MLD Done messages and Immediate-leave 22-4

MLD messages 22-2

MLD queries 22-3

MLD reports 22-4

MLD Snooping

MLD Done messages and Immediate-leave 22-4

MLD messages 22-2

MLD queries 22-3

MLD reports 22-4

Multicast client aging robustness 22-3

Multicast router discovery 22-3

overview 22-1

Mode of capturing control packets, selecting 42-12

module, displaying PoE consumed 10-8

modules

checking status 7-2

powering down 10-20

monitoring

802.1Q tunneling 23-12

ACL information 42-38

IGMP

snooping 22-11

IGMP filters 21-21

IGMP snooping 21-13

IP SLAs operations 49-14

Layer 2 protocol tunneling 23-12

multicast router interfaces 22-11

multi-VRF CE 33-12

REP 18-12

traffic flowing among switches 50-1

tunneling 23-12

VLAN filters 42-29

VLAN maps 42-29

M-record 16-23

MST

and multiple spanning trees 1-3, 16-22

boundary ports 16-27

BPDUs 16-23

configuration parameters 16-26

configuring 16-29

displaying configurations 16-33

edge ports 16-27

enabling 16-29

hop count 16-28

instances

configuring parameters 16-32

description 16-22

number supported 16-26

interoperability with PVST+ 16-23

link type 16-28

master 16-27

message age 16-28

regions 16-26

restrictions 16-29

to-SST interoperability 16-24

MSTP

EtherChannel guard

enabling 19-6

M-record 16-23

M-tree 16-23

M-tree 16-23

MTUS

understanding 6-19

MTU size

configuring 6-20, 6-22, 6-29

default 12-4

multicast

See IP multicast

Multicast client aging robustness 22-3

multicast groups

static joins 22-7

multicast packets

blocking 43-2

Multicast router discovery 22-3

multicast router interfaces, monitoring 22-11

multicast router ports, adding 22-8

multicast routers

displaying routing tables 31-16

flood suppression 21-10

Multicast Storm Control

enabling 44-4

disabling 44-7

suppression on Sup 6-E 44-4

suppression on WS-X4014 44-5

suppression on WS-X4016 44-5

WS-X4515, WS-X4014, and WS-X4013+ Sup Engs 44-5

WS-X4516 Sup Eng 44-5

multidomain authentication

See MDA

multioperations scheduling, IP SLAs 49-5

Multiple Domain Authentication

configuring 37-28

overview of Host Mode 37-6

multiple forwarding paths 1-3, 16-22

Multiple Spanning Tree

See MST

multiple VPN routing/forwarding

See multi-VRF CE

multi-VRF CE

components 33-4

configuration example 33-8

default configuration 33-4

defined 33-1

displaying 33-12

monitoring 33-12

network components 33-4

packet-forwarding process 33-4

N

named aggregate policers, creating 34-31

named IPv6 ACLs, configuring

ACLs

configuring named IPv6 ACLs 42-20

named MAC extended ACLs

ACLs

configuring named MAC extended 42-19

native VLAN

and 802.1Q tunneling 23-4

specifying 14-6

neighbor offset numbers, REP 18-4

NetFlow

aggregation

minimum mask,default value 48-11

destination-prefix aggregation

configuration (example) 48-16

minimum mask, configuring 48-11

IP

flow switching cache 48-9

prefix aggregation

configuration (example) 48-14

minimum mask, configuring 48-11

source-prefix aggregation

minimum mask, configuring 48-11

switching

checking for required hardware 48-6

configuration (example) 48-13

configuring switched IP flows 48-8

enabling Collection 48-7

exporting cache entries 48-9

statistics 48-9

NetFlow statistics

caveats on supervisor 48-6

checking for required hardware 48-6

configuring collection 48-6

enabling Collection 48-7

exporting cache entries 48-9

overview of collection 48-2

switched/bridged IP flows 48-8

Network Assistant

and VTY 11-11

configure

enable communication with switch 11-13, 11-17

default configuration 11-2

overview of CLI commands 11-2

network fault tolerance 1-3, 16-22

network management

configuring 24-1

RMON 50-1

SNMP 47-1

network performance, measuring with IP SLAs 49-3

network policy TLV 25-2, 25-6

Network Time Protocol

See NTP

network traffic, marking 34-73

New Software Features in Release 7.7

TDR 7-3

Next Hop Resolution Protocol

See NHRP

NFFC/NFFC II

IGMP snooping and 21-5

NHRP

support 1-9

non-IP traffic filtering 42-19

non-RPF traffic

description 31-9

in redundant configurations (figure) 31-10

Nonstop Forwarding

See NSF

nonvolatile random-access memory

See NVRAM

normal-range VLANs

See VLANs

NSF

defined 9-1

guidelines and restrictions 9-9

operation 9-5

NSF-aware

supervisor engines 9-3

support 9-2

NSF-capable

supervisor engines 9-3

support 9-2

NSF with SSO supervisor engine redundancy

and CEF 9-5

overview 9-4

SSO operation 9-4

NTP

associations

authenticating 4-4

defined 4-2

enabling broadcast messages 4-7

peer 4-6

server 4-6

default configuration 4-4

displaying the configuration 4-11

overview 4-2

restricting access

creating an access group 4-9

disabling NTP services per interface 4-10

source IP address, configuring 4-10

stratum 4-2

synchronizing devices 4-6

time

services 4-2

synchronizing 4-2

NVRAM

saving settings 3-10

O

OIR

overview 6-26

Online Diagnostics 51-1

online insertion and removal

See OIR

Open Shortest Path First

See OSPF

operating system images

See system images

Option 82

enabling DHCP Snooping 40-9

OSPF

area concept 1-10

description 1-10

P

packets

modifying 34-16

software processed

and QoS 34-16

packet type filtering

overview 45-15

SPAN enhancement 45-15

PACL, using with access-group mode 42-34

PACL with VLAN maps and router ACLs 42-36

PAgP

understanding 20-3

passwords

configuring enable password 3-13

configuring enable secret password 3-13

encrypting 3-22

in clusters 11-8

recovering lost enable password 3-25

setting line password 3-14

PBR (policy-based routing)

configuration (example) 32-5

enabling 32-3

features 32-2

overview 32-1, 32-2

route maps 32-2

when to use 32-2

per-port and VLAN Access Control List 40-17

per-port per-VLAN QoS

enabling 34-48

overview 34-16

Per-VLAN Rapid Spanning Tree 16-6

enabling 16-20

overview 16-6

PE to CE routing, configuring 33-7

Physical Layer 3 interfaces, configuring 28-11

PIM

configuring dense mode 31-14

configuring sparse mode 31-14

displaying information 31-15

displaying statistics 31-20

enabling sparse-dense mode 31-14, 31-15

overview 31-3

PIM-DM 31-3

PIM-SM 31-3

ping

executing 7-7

overview 7-7

ping command 7-7, 31-16

PoE

configuring power consumption for single device 10-6

configuring power consumption for switch 10-5

displaying PoE consumed by a module 10-8

Enhanced support on E-series 10-12

power consumption for powered devices

Intelligent Power Management 10-4

powering down a module 10-20

power management modes 10-2

show interface status 10-7

point-to-point

in 802.1X authentication (figure) 37-2, 37-17

police command 34-38

policed-DSCP map 34-59

policers

description 34-5

types of 34-10

policies

See QoS policies

policing

how to implement 34-73

See QoS policing

policy associations, QoS on Sup 6-E 34-92

policy-map command 34-34, 34-36

policy map marking action, configuring 34-78

policy maps

attaching to interfaces 34-40

configuring 34-36

port ACLs

and voice VLAN 42-4

defined 42-3

limitations 42-5

Port Aggregation Protocol

see PAgP

port-based authentication

802.1X with voice VLAN 37-18

changing the quiet period 37-44

client, defined 37-2

configuration guidelines 37-23

configure 802.1X accounting 37-32

configure switch-to-RADIUS server communication 37-26

configure with Authentication Failed VLAN assignment 37-40

configure with Critical Authentication 37-36

configure with Guest-VLANs 37-32, 37-41

configure with MAC Authentication Bypass 37-35

configure with Wake-on-LAN 37-39

configuring

Multiple Domain Authentication 37-28

configuring Guest-VLAN 37-26

configuring manual re-authentication of a client 37-47

controlling authorization state 37-5

default configuration 37-22

described 37-1

device roles 37-2

displaying statistics 37-48

enabling 37-23

enabling multiple hosts 37-43

enabling periodic re-authentication 37-42

encapsulation 37-3

host mode 37-6

initiation and message exchange 37-3

method lists 37-23

multidomain authentication 37-19

multiple-hosts mode, described 37-6

port security

multiple-hosts mode 37-7

ports not supported 37-4

resetting to default values 37-48

setting retransmission number 37-46

setting retransmission time 37-45

topologies, supported 37-21

using with port security 37-15

with Critical Authentication 37-12

with Guest VLANs 37-8

with MAC Authentication Bypass 37-9

with VLAN assignment 37-7

port-based QoS features

See QoS

port-channel interfaces

See also EtherChannel

creating 20-6

overview 20-2

port-channel load-balance

command 20-12

command example 20-12

port-channel load-balance command 20-13

port cost (STP)

configuring 16-15

port description TLV 25-2

PortFast

and MST 16-23

BPDU filter, configuring 19-10

configuring or enabling 19-16

overview 19-7

PortFast BPDU filtering

and MST 16-23

enabling 19-10

overview 19-9

port numbering with TwinGig Convertors 6-9

port priority

configuring MST instances 16-32

configuring STP 16-13

ports

blocking 43-1

checking status 7-2

dynamic VLAN membership

example 12-25

reconfirming 12-23

forwarding, resuming 43-3

REP 18-5

See also interfaces

port security

aging 38-5

and QoS trusted boundary 34-26

configuring 38-7

displaying 38-27

guidelines and restrictions 38-32

on access ports 38-6, 38-21

on private VLAN 38-13

host 38-14

over Layer 2 EtherChannel 38-32

promiscuous 38-15

topology 38-14, 38-17, 38-32

on trunk port 38-16

guidelines and restrictions 38-14, 38-17, 38-20, 38-32

port mode changes 38-21

on voice ports 38-21

RADIUS accounting 37-16

sticky learning 38-5

using with 802.1X 37-15

violations 38-6

with 802.1X Authentication 38-31

with DHCP and IP Source Guard 38-30

with other features 38-32

port states

description 16-5

port trust state

See trust states

port VLAN ID TLV 25-2

power

inline 35-5

power dc input command 10-17

power handling for Supervisor Engine II-TS 10-12

power inline command 10-3

power inline consumption command 10-5, 10-6

power management

Catalyst 4500 series 10-6

Catalyst 4500 Switch power supplies 10-13

Catalyst 4948 series 10-20

configuring combined mode 10-12

configuring redundant mode 10-11

overview 10-1

redundancy 10-6

power management for Catalyst 4500 Switch

combined mode 10-8

redundant mode 10-8

power management limitations in Catalyst 4500 Switch 10-9

power management mode

selecting 10-8

power management TLV 25-2, 25-6

Power-On-Self-Test diagnostics 51-3, 51-14

Power-On-Self-Test for Supervisor Engine V-10GE 51-8

power redundancy-mode command 10-11

power supplies

available power for Catalyst 4500 Switch 10-13

fixed 10-7

variable 10-7, 10-20

preempt delay time, REP 18-5

primary edge port, REP 18-4

primary VLANs 36-3, 36-5

associating with secondary VLANs 36-14

configuring as a PVLAN 36-13

priority

overriding CoS of incoming frames 35-5

priority queuing, QoS on Sup 6-E 34-85

private VLAN

configure port security 38-14

enabling DHCP Snooping 40-11

private VLANs

across multiple switches 36-5

and SVIs 36-10

benefits of 36-3

community ports 36-4

community VLANs 36-3, 36-4

default configuration 36-11

end station access to 36-3

isolated port 36-5

isolated VLANs 36-3, 36-4, 36-5

ports

community 36-4

isolated 36-5

promiscuous 36-5

primary VLANs 36-3, 36-5

promiscuous ports 36-5

secondary VLANs 36-3

subdomains 36-3

traffic in 36-9

privileged EXEC mode 2-5

privileges

changing default 3-23

configuring levels 3-23

exiting 3-24

logging in 3-24

promiscuous ports

configuring PVLAN 36-15

defined 36-5

setting mode 36-22

protocol timers 16-4

provider edge devices 33-2

pruning, VTP

See VTP pruning

pseudobridges

description 16-25

PVACL 40-17

PVID (port VLAN ID)

and 802.1X with voice VLAN ports 37-18

PVLAN promiscuous trunk port

configuring 36-2, 36-15, 36-19

PVLANs

802.1q support 36-12

across multiple switches 36-6

configuration guidelines 36-11

configure port security 38-13, 38-15, 38-17

configure port security in a wireless setting 38-32

configure port security over Layer 2 EtherChannel 38-32

configuring 36-10

configuring a VLAN 36-13

configuring promiscuous ports 36-15

host ports

configuring a Layer 2 interface 36-16

setting 36-22

overview 36-1

permitting routing, example 36-21

promiscuous mode

setting 36-22

setting

interface mode 36-22

Q

QoS

allocating bandwidth 34-56

and software processed packets 34-16

auto-QoS

configuration and defaults display 34-20

configuration guidelines 34-19

described 34-17

displaying 34-20

effects on NVRAM configuration 34-19

enabling for VoIP 34-19

basic model 34-5

burst size 34-32

classification34-6to 34-10

configuration guidelines 34-25

auto-QoS 34-19

configuring

auto-QoS 34-17

DSCP maps 34-58

dynamic buffer limiting 34-28

traffic shaping 34-57

trusted boundary 34-26

configuring Layer 2 Control Packet QoS, feature interaction 34-65

configuring Layer 2 Control Packet QoS, guidelines 34-64

configuring Layer 2 Control Packet QoS, overview 34-61

configuring UBRL 34-42

configuring VLAN-based on Layer 2 interfaces 34-52

creating named aggregate policers 34-31

creating policing rules 34-33

default auto configuration 34-18

default configuration 34-24

definitions 34-3

disabling on interfaces 34-40

enabling and disabling 34-51

enabling hierarchical policers 34-46

enabling on interfaces 34-40

enabling per-port per-VLAN 34-48

flowcharts 34-8, 34-12

IP phones

automatic classification and queueing 34-17

detection and trusted settings 34-17, 34-26

overview 34-2

overview of per-port per-VLAN 34-16

packet modification 34-16

port-based 34-52

priority 34-15

traffic shaping 34-16

transmit rate 34-57

trust states

trusted device 34-26

VLAN-based 34-52

See also COS; DSCP values; transmit queues

QoS active queue management

tracking queue length 34-14

QoS labels

definition 34-3

QoS mapping tables

CoS-to-DSCP 34-58

DSCP-to-CoS 34-60

policed-DSCP 34-59

types 34-14

QoS marking

description 34-5

QoS on Sup 6-E

Active Queue management via DBL 34-89

active queue management via DBL 34-82, 34-89

classification 34-72

configuring 34-68

configuring the policy map marking action 34-78

hardware capabilities for marking 34-78

hierarchical policies 34-90

how to implement policing 34-73

marking action drivers 34-76

marking network traffic 34-73

MQC-based QoS configuration 34-68

multi-attribute marking support 34-77

platform hardware capabilities 34-71

platform restrictions 34-73

platform-supported classification criteria and QoS features 34-68, 34-70

policing 34-72

policy associations 34-92

prerequisites for applying a service policy 34-71

priority queuing 34-85

queue-limiting 34-86

restrictions for applying a service policy 34-71

shaping 34-80

sharing(bandwidth) 34-82

sharing(blandwidth), shapring, and priority queuing 34-80

software QoS 34-93

traffic marking procedure flowchart 34-76

QoS policers

burst size 34-32

types of 34-10

QoS policing

definition 34-5

described 34-5, 34-10

QoS policy

attaching to interfaces 34-11

overview of configuration 34-33

QoS service policy

prerequisites 34-71

restrictions for applying 34-71

QoS transmit queues

allocating bandwidth 34-56

burst 34-16

configuring traffic shaping 34-57

mapping DHCP values to 34-55

maximum rate 34-16

overview 34-14

sharing link bandwidth 34-15

QoS transmit queues, configuring 34-55

Quality of service

See QoS

queueing 34-6, 34-14

queue-limiting, QoS on Sup 6-E 34-86

R

RADIUS server

configure to-Switch communication 37-26

configuring settings 37-28

parameters on the switch 37-26

range command 6-5

range macros

defining 6-6

ranges of interfaces

configuring 6-5

Rapid Spanning Tree

See RSTP

rcommand command 11-12

re-authentication of a client

configuring manual 37-47

enabling periodic 37-42

reconfirming dynamic VLAN membership 12-23

reduced MAC address 16-2

redundancy

configuring 8-8

guidelines and restrictions 8-6

changes made through SNMP 8-11

NSF-aware support 9-2

NSF-capable support 9-2

overview 8-2

redundancy command 8-8

understanding synchronization 8-5

redundancy (NSF) 9-1

configuring

BGP 9-11

CEF 9-11

EIGRP 9-16

IS-IS 9-14

OSPF 9-13

routing protocols 9-5

redundancy (RPR)

route processor redundancy 8-3

synchronization 8-5

redundancy (SSO)

redundancy command 9-10

route processor redundancy 8-3

synchronization 8-5

reload command 3-28, 3-29

Remote Network Monitoring

See RMON

REP

administrative VLAN 18-7

administrative VLAN, configuring 18-8

and STP 18-5

configuration guidelines 18-6

configuring interfaces 18-9

convergence 18-3

default configuration 18-6

manual preemption, configuring 18-11

monitoring 18-12

neighbor offset numbers 18-4

open segment 18-2

ports 18-5

preempt delay time 18-5

primary edge port 18-4

ring segment 18-2

secondary edge port 18-4

segments 18-1

characteristics 18-2

SNMP traps, configuring 18-12

supported interfaces 18-1

triggering VLAN load balancing 18-5

verifying link integrity 18-3

VLAN blocking 18-11

VLAN load balancing 18-4

replication

description 31-8

report suppression, IGMP

disabling 22-11

reserved-range VLANs

See VLANs

reset command 54-3

resetting an interface to default configuration 6-30

resetting a switch to defaults 3-31

Resilient Ethernet ProtocolLSee REP

responder, IP SLAs

described 49-4

enabling 49-8

response time, measuring with IP SLAs 49-4

restricting access

NTP services 4-8

TACACS+ 3-15

retransmission number

setting in 802.1X authentication 37-46

retransmission time

changing in 802.1X authentication 37-45

RFC

1157, SNMPv1 47-2

1305, NTP 4-2

1757, RMON 50-2

1901, SNMPv2C 47-2

1902 to 1907, SNMPv2 47-2

2273-2275, SNMPv3 47-2

RIP

description 1-10

RMON

default configuration 50-3

displaying status 50-7

enabling alarms and events 50-4

groups supported 50-2

overview 50-1

ROM monitor

boot process and 3-26

CLI 2-7

commands54-2to 54-3

debug commands 54-5

entering 54-2

exiting 54-6

overview 54-1

root bridge

configuring 16-9

selecting in MST 16-22

root guard

and MST 16-23

enabling 19-2

overview 19-2

routed packets

ACLs 42-31

route-map (IP) command 32-3

route maps

defining 32-3

PBR 32-2

router ACLs

description 42-3

using with VLAN maps 42-30

router ACLs, using PACL with VLAN maps 42-36

route targets

VPN 33-4

Routing Information Protocol

See RIP

RPF

<Emphasis>See Unicast RPF

RSPAN

configuration guidelines 45-16

destination ports 45-5

IDS 45-2

monitored ports 45-4

monitoring ports 45-5

received traffic 45-3

sessions

creating 45-17

defined 45-3

limiting source traffic to specific VLANs 45-23

monitoring VLANs 45-22

removing source (monitored) ports 45-21

specifying monitored ports 45-17

source ports 45-4

transmitted traffic 45-4

VLAN-based 45-5

RSTP

compatibility 16-23

description 16-22

port roles 16-24

port states 16-24

S

SAID

See 802.10 SAID

scheduling 34-14

defined 34-5

overview 34-6

scheduling, IP SLAs operations 49-5

secondary edge port, REP 18-4

secondary root switch 16-12

secondary VLANs 36-3

associating with primary 36-14

permitting routing 36-21

security

configuring 39-1

Security Association Identifier

See 802.10 SAID

selecting a power management mode 10-8

selecting X2/TwinGig Convertor Mode 6-10

sequence numbers in log messages 46-8

servers, VTP

See VTP servers

service policy, configure class-level queue-limit 34-86

service-policy command 34-34

service-policy input command 27-2, 34-40

service-provider networks

and customer VLANs 23-2

set default interface command 32-4

set interface command 32-4

set ip default next-hop command 32-4

set ip next-hop command 32-3

set-request operation 47-4

severity levels, defining in system messages 46-9

shaping, QoS on Sup 6-E 34-80

sharing(bandwidth), QoS on Sup 6-E 34-82

show adjacency command 29-10

show boot command 3-31

show catalyst4000 chassis-mac-address command 16-3

show cdp command 24-2, 24-3

show cdp entry command 24-4

show cdp interface command 24-3

show cdp neighbors command 24-4

show cdp traffic command 24-4

show ciscoview package command 4-33

show ciscoview version command 4-33

show cluster members command 11-12

show configuration command 6-15

show debugging command 24-4

show environment command 10-2

show history command 2-4

show interfaces command 6-20, 6-22, 6-27, 6-29

show interfaces status command 7-2

show ip cache flow aggregation destination-prefix command 48-12

show ip cache flow aggregation prefix command 48-12

show ip cache flow aggregation source-prefix command 48-12

show ip cache flow command 48-9

show ip cef command 29-9

show ip eigrp interfaces command 28-18

show ip eigrp neighbors command 28-18

show ip eigrp topology command 28-18

show ip eigrp traffic command 28-18

show ip interface command 31-16

show ip local policy command 32-5

show ip mroute command 31-16

show ip pim interface command 31-16

show l2protocol command 23-12

show lldp traffic command 25-8

show mac-address-table address command 7-3

show mac-address-table interface command 7-3

show mls entry command 29-9

show module command 7-2, 16-5

show power inline command 10-7

show power inline consumption command 10-5

show power supplies command 10-11

show protocols command 6-27

show running-config command

adding description for an interface 6-15

checking your settings 3-9

displaying ACLs 42-24, 42-26, 42-33, 42-34

show startup-config command 3-10

show users command 7-6

show version command 3-29

shutdown, command 6-28

shutdown threshold for Layer 2 protocol packets 23-9

shutting down

interfaces 6-27

Simple Network Management Protocol

See SNMP

single spanning tree

See SST

slot numbers, description 6-2

Smartports macros

applying global parameter values 15-8

applying macros 15-8

applying parameter values 15-8

configuration guidelines 15-6

configuring 15-2

creating 15-7

default configuration 15-3

defined 15-1

displaying 15-13

tracing 15-6

SNMP

accessing MIB variables with 47-4

agent

described 47-4

disabling 47-7

and IP SLAs 49-2

authentication level 47-10

community strings 47-4

configuring 47-7

overview 47-4

configuration examples 47-16

configuration guidelines 47-6

default configuration 47-6

enabling 53-16

engine ID 47-6

groups 47-6, 47-9

host 47-6

informs

and trap keyword 47-11

described 47-5

differences from traps 47-5

enabling 47-14

limiting access by TFTP servers 47-15

limiting system log messages to NMS 46-10

manager functions 47-3

notifications 47-5

overview 47-1, 47-4

security levels 47-3

status, displaying 47-17

system contact and location 47-15

trap manager, configuring 47-13

traps

described 47-3, 47-5

differences from informs 47-5

enabling 47-11

enabling MAC address notification 4-22

enabling MAC move notification 4-24

enabling MAC threshold notification 4-26

overview 47-1, 47-4

types of 47-11

users 47-6, 47-9

versions supported 47-2

SNMP commands 53-16

SNMP traps

REP 18-12

SNMPv1 47-2

SNMPv2C 47-2

SNMPv3 47-2

software

upgrading 8-13

software configuration register 3-26

software QoS, on Sup 6-E 34-93

software switching

description 29-6

interfaces 29-7

key data structures used 31-7

SPAN

and ACLs 45-5

configuration guidelines 45-7

configuring45-6to 45-10

destination ports 45-5

IDS 45-2

monitored port, defined 45-4

monitoring port, defined 45-5

received traffic 45-3

sessions

defined 45-3

source ports 45-4

transmitted traffic 45-4

VLAN-based 45-5

SPAN and RSPAN

concepts and terminology 45-3

default configuration 45-6

displaying status 45-25

overview 45-1

session limits 45-6

SPAN enhancements

access list filtering 45-13

configuration example 45-16

CPU port sniffing 45-10

encapsulation configuration 45-12

ingress packets 45-12

packet type filtering 45-15

spanning-tree backbonefast command 19-16

spanning-tree cost command 16-15

spanning-tree guard root command 19-2

spanning-tree portfast bpdu-guard command 19-9

spanning-tree portfast command 19-7

spanning-tree port-priority command 16-13

spanning-tree uplinkfast command 19-13

spanning-tree vlan

command 16-9

command example 16-9

spanning-tree vlan command 16-8

spanning-tree vlan cost command 16-15

spanning-tree vlan forward-time command 16-19

spanning-tree vlan hello-time command 16-17

spanning-tree vlan max-age command 16-18

spanning-tree vlan port-priority command 16-13

spanning-tree vlan priority command 16-17

spanning-tree vlan root primary command 16-10

spanning-tree vlan root secondary command 16-12

speed

configuring interface 6-13

speed command 6-13

SSO

configuring 9-10

SSO operation 9-4

SST

description 16-22

interoperability 16-24

static addresses

See addresses

static routes

configuring 3-11

verifying 3-12

statistics

displaying 802.1X 37-48

displaying PIM 31-20

LLDP 25-7

LLDP-MED 25-7

NetFlow accounting 48-9

SNMP input and output 47-17

sticky learning

configuration file 38-5

defined 38-5

disabling 38-5

enabling 38-5

saving addresses 38-5

sticky MAC addresses

configuring 38-7

defined 38-4

Storm Control

displaying 44-7

enabling Broadcast 44-3

enabling Multicast 44-4

hardware-based, implementing 44-2

overview 44-1

software-based, implementing 44-3

STP

and REP 18-5

bridge ID 16-2

configuring16-7to 16-20

creating topology 16-4

defaults 16-6

disabling 16-19

enabling 16-7

enabling extended system ID 16-8

enabling Per-VLAN Rapid Spanning Tree 16-20

EtherChannel guard

disabling 19-7

forward-delay time 16-18

hello time 16-17

Layer 2 protocol tunneling 23-7

maximum aging time 16-18

overview 16-2, 16-3

per-VLAN rapid spanning tree 16-6

port cost 16-15

port priority 16-13

root bridge 16-9

stratum, NTP 4-2

stub routing (EIGRP)

benefits 28-17

configuration tasks 28-17

configuring 28-13

overview 28-12, 28-13

restrictions 28-17

verifying 28-18

subdomains, private VLAN 36-3

summer time 4-13

supervisor engine

accessing the redundant 8-15

configuring3-8to 3-13

copying files to standby 8-15

default configuration 3-1

default gateways 3-11

environmental monitoring 10-1

redundancy 9-1

ROM monitor 3-26

startup configuration 3-25

static routes 3-11

synchronizing configurations 8-11

Supervisor Engine II-TS

insufficient inline power handling 10-18, 10-12

SVI Autostate Exclude

understanding 28-3

SVI Autostate exclude

configuring 28-7

switched packets

and ACLs 42-30

Switched Port Analyzer

See SPAN

switching, NetFlow

checking for required hardware 48-6

configuration (example) 48-13

configuring switched IP flows 48-8

enabling Collection 48-7

exporting cache entries 48-9

switchport

show interfaces 6-20, 6-22, 6-29

switchport access vlan command 14-6, 14-8

switchport block multicast command 43-2

switchport block unicast command 43-2

switchport mode access command 14-8

switchport mode dot1q-tunnel command 23-6

switchport mode dynamic command 14-6

switchport mode trunk command 14-6

switch ports

See access ports

switchport trunk allowed vlan command 14-6

switchport trunk encapsulation command 14-6

switchport trunk encapsulation dot1q command 14-3

switchport trunk encapsulation isl command 14-3

switchport trunk encapsulation negotiate command 14-3

switchport trunk native vlan command 14-6

switchport trunk pruning vlan command 14-7

switch-to-RADIUS server communication

configuring 37-26

sysret command 54-5

system

reviewing configuration 3-10

settings at startup 3-27

system alarms

on Sup 2+ to V-10GE 10-5

on Sup 6-E 10-5

overview 10-4

system capabilities TLV 25-2

system clock

configuring

daylight saving time 4-13

manually 4-11

summer time 4-13

time zones 4-12

displaying the time and date 4-12

overview 4-2

See also NTP

system description TLV 25-2

system image

specifying the startup 3-30

system images

loading from Flash memory 3-30

modifying boot field 3-27

specifying 3-30

system message logging

default configuration 46-3

defining error message severity levels 46-9

disabling 46-5

displaying the configuration 46-13

enabling 46-5

facility keywords, described 46-13

level keywords, described 46-9

limiting messages 46-10

message format 46-2

overview 46-1

sequence numbers, enabling and disabling 46-8

setting the display destination device 46-5

synchronizing log messages 46-6

timestamps, enabling and disabling 46-8

UNIX syslog servers

configuring the daemon 46-11

configuring the logging facility 46-12

facilities supported 46-13

system MTU

802.1Q tunneling 23-5

maximums 23-5

system name

default configuration 4-15

default setting 4-15

manual configuration 4-15

See also DNS

system name TLV 25-2

system prompt, default setting 4-14, 4-15

T

TACACS+ 39-1

accounting, defined 3-16

authentication, defined 3-16

authorization, defined 3-16

configuring

accounting 3-21

authentication key 3-18

authorization 3-21

login authentication 3-19

default configuration 3-18

displaying the configuration 3-22

identifying the server 3-18

limiting the services to the user 3-21

operation of 3-17

overview 3-15

tracking services accessed by user 3-21

tagged packets

802.1Q 23-3

Layer 2 protocol 23-7

TCAM programming algorithm

changing 42-9

TCAM programming algorithm, overview 42-7

TCAM programming and ACLs 42-10, 42-12

for Sup II-Plust thru V-10GE 42-6

TCAM programming and ACLs for Sup 6-E 42-15

TCAM region, changing the algorithm 42-9

TCAM region, resizing 42-10

TDR

checking cable connectivity 7-3

enabling and disabling test 7-3

guidelines 7-3

Telnet

accessing CLI 2-2

disconnecting user sessions 7-6

executing 7-5

monitoring user sessions 7-6

telnet command 7-5

Terminal Access Controller Access Control System Plus

See TACACS+

TFTP

configuration files in base directory 3-5

configuring for autoconfiguration 3-4

limiting access by servers 47-15

TFTP download

See also console download

threshold monitoring, IP SLAs 49-6

time

See NTP and system clock

Time Domain Reflectometer

See TDR

time exceeded messages 7-8

timer

See login timer

timestamps in log messages 46-8

time zones 4-12

TLVs

defined 1-3, 25-2

LLDP-MED 25-2

Token Ring

media not supported (note) 12-5, 12-10

Topology change notification processing

MLD Snooping

Topology change notification processing 22-5

TOS

description 34-4

trace command 7-9

traceroute

See IP traceroute

See Layer 2 Traceroute

traceroute mac command 7-10

traceroute mac ip command 7-10

traffic

blocking flooded 43-2

traffic control

using ACLs (figure) 42-4

using VLAN maps (figure) 42-5

traffic marking procedure flowchart 34-76

traffic shaping 34-16

translational bridge numbers (defaults) 12-4

transmit queues

See QoS transmit queues

transmit rate 34-57

traps

configuring MAC address notification 4-22

configuring MAC move notification 4-24

configuring MAC threshold notification 4-26

configuring managers 47-11

defined 47-3

enabling 4-22, 4-24, 4-26, 47-11

notification types 47-11

overview 47-1, 47-4

troubleshooting

with CiscoWorks 47-4

with system message logging 46-1

with traceroute 7-8

troubleshooting high CPU due to ACLs 42-12

trunk ports

configure port security 38-16

configuring PVLAN36-17to 36-19

trunks

802.1Q restrictions 14-5

configuring 14-6

configuring access VLANs 14-6

configuring allowed VLANs 14-6

default interface configuration 14-6

different VTP domains 14-3

enabling to non-DTP device 14-4

encapsulation 14-3

specifying native VLAN 14-6

understanding 14-3

trusted boundary for QoS 34-26

Trust State of interfaces, configuring

trust states

configuring 34-53

tunneling

defined 23-1

tunnel ports

802.1Q, configuring 23-6

described 23-2

incompatibilities with other features 23-5

TwinGig Convertors

limitations on using 6-10

port numbering 6-9

selecting X2/TwinGig Convertor mode 6-10

type of service

See TOS

U

UDLD

default configuration 26-2

disabling 26-4, 26-5

enabling 26-4

UDP jitter, configuring 49-9

UDP jitter operation, IP SLAs 49-8

unauthorized ports with 802.1X 37-4

Understanding Spanning-Tree Protocol 16-2

Understanding VLANS 12-1

Understanding VTP 12-8

unicast

See IP unicast

unicast flood blocking

configuring 43-1

unicast MAC address filtering

and adding static addresses 4-29

and broadcast MAC addresses 4-28

and CPU packets 4-29

and multicast addresses 4-28

and router MAC addresses 4-28

configuration guidelines 4-28

described 4-28

unicast MAC address filtering, configuring

ACLs

configuring unicast MAC address filtering 42-19

Unicast RPF (Unicast Reverse Path Forwarding)

applying 30-5

BGP attributes

caution 30-5

CEF

requirement 30-2

tables 30-7

configuring 30-9

(examples)??to 30-12

BOOTP 30-8

DHCP 30-8

enterprise network (figure) 30-6

prerequisites 30-9

routing table requirements 30-7

tasks 30-9

verifying 30-10

deploying 30-5

description 30-2

disabling 30-11

enterprise network (figure) 30-6

FIB 30-2

implementing 30-4

maintaining 30-10

monitoring 30-10

packets, dropping (figure) 30-4

prerequisites 30-9

restrictions

basic 30-8

routing asymmetry 30-7

routing asymmetry (figure) 30-8

routing table requirements 30-7

security policy

applying 30-5

attacks, mitigating 30-5

deploying 30-5

tunneling 30-5

source addresses, validating 30-3

(figure) 30-3, 30-4

failure 30-3

traffic filtering 30-5

tunneling 30-5

validation

failure 30-3, 30-4

packets, dropping 30-3

source addresses 30-3

verifying 30-10

unicast traffic

blocking 43-2

unidirectional ethernet

enabling 27-2

example of setting 27-2

overview 27-1

UniDirectional Link Detection Protocol

See UDLD

UNIX syslog servers

daemon configuration 46-11

facilities supported 46-13

message logging configuration 46-12

UplinkFast

and MST 16-23

enabling 19-16

MST and 16-23

overview 19-11

User Based Rate Limiting

configuring 34-43

overview 34-42

user EXEC mode 2-5

user sessions

disconnecting 7-6

monitoring 7-6

using PACL with access-group mode 42-34

V

VACLs

Layer 4 port operations 42-15

virtual configuration register 54-3

virtual LANs

See VLANs

Virtual Private Network

See VPN

Virtual Switch System(VSS), displaying EtherChannel to 20-15

VLAN ACLs

See VLAN maps

VLAN-based QoS on Layer 2 interfaces, configuring 34-52

VLAN blocking, REP 18-11

vlan command 12-7

vlan dot1q tag native command 23-4

VLAN ID, discovering 4-30

VLAN load balancing

REP 18-4

VLAN load balancing, triggering 18-5

VLAN Management Policy Server

See VMPS

VLAN maps

applying to a VLAN 42-26

configuration example 42-27

configuration guidelines 42-23

configuring 42-22

creating and deleting entries 42-23

defined 42-3

denying access example 42-28

denying packets 42-24

displaying 42-29

order of entries 42-23

permitting packets 42-24

router ACLs and 42-30

using (figure) 42-5

using in your network 42-26

VLAN maps, PACL and Router ACLs 42-36

VLANs

allowed on trunk 14-6

configuration guidelines 12-3

configuring 12-5

customer numbering in service-provider networks 23-3

default configuration 12-4

description 1-6

extended range 12-3

IDs (default) 12-4

interface assignment 12-8

limiting source traffic with RSPAN 45-23

monitoring with RSPAN 45-22

name (default) 12-4

normal range 12-3

overview 12-1

reserved range 12-3

See also PVLANs

VLAN Trunking Protocol

See VTP

VLAN trunks

overview 14-3

VMPS

configuration file example 12-28

configuring dynamic access ports on client 12-22

configuring retry interval 12-23

database configuration file 12-28

dynamic port membership

example 12-25

reconfirming 12-23

reconfirming assignments 12-23

reconfirming membership interval 12-23

server overview 12-17

VMPS client

administering and monitoring 12-24

configure switch

configure reconfirmation interval 12-23

dynamic ports 12-22

entering IP VMPS address 12-21

reconfirmation interval 12-23

reconfirm VLAM membership 12-23

default configuration 12-20

dynamic VLAN membership overview 12-20

troubleshooting dynamic port VLAN membership 12-25

VMPS server

fall-back VLAN 12-19

illegal VMPS client requests 12-19

overview 12-17

security modes

multiple 12-19

open 12-18

secure 12-18

voice interfaces

configuring 35-1

Voice over IP

configuring 35-1

voice ports

configuring VVID 35-3

voice traffic 10-2, 35-5

voice VLAN

IP phone data traffic, described 35-2

IP phone voice traffic, described 35-2

voice VLAN ports

using 802.1X 37-18

VPN

configuring routing in 33-6

forwarding 33-4

in service provider networks 33-1

routes 33-2

routing and forwarding table

See VRF

VRF

defining 33-4

tables 33-1

VTP

configuration guidelines 12-12

configuring12-12to 12-17

configuring transparent mode 12-16

default configuration 12-12

disabling 12-16

Layer 2 protocol tunneling 23-7

monitoring 12-16

overview 12-8

See also VTP version 2

VTP advertisements

description 12-9

VTP clients

configuring 12-15

VTP domains

description 12-9

VTP modes 12-9

VTP pruning

enabling 12-13

overview 12-10

VTP servers

configuring 12-14

VTP statistics

displaying 12-16

VTP version 2

enabling 12-14

overview 12-10

See also VTP

VTY and Network Assistant 11-11

VVID (voice VLAN ID)

and 802.1X authentication 37-18

configuring 35-3

W

Wake-on-LAN

configure with 802.1X 37-39

WCCP

configuration examples 52-8

configuring on a router 52-1, 52-10

features 52-4

restrictions 52-5

service groups 52-6

Web Cache Communication Protocol

See WCCP 52-1

web caches

See cache engines

web cache services

description 52-4

web caching

See web cache services

See also WCCP