Catalyst 4500 Series Switch Software Configuration Guide, 12.2(50)SG
Index
Downloads: This chapterpdf (PDF - 1.29MB) The complete bookPDF (PDF - 30.32MB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

ACLs

applying IPv6 ACLs to a Layer 3 interface 46-21

Numerics

10/100 autonegotiation feature, forced 6-17

10-Gigabit Ethernet or Gigabit Ethernet ports

deploy on WS-X4606-10GE-E and Sup 6-E 6-12

10-Gigabit Ethernet port

deploy with Gigabit Ethernet SFP ports 6-11, 6-12

1400 W DC Power supply

special considerations 10-17

1400 W DC SP Triple Input power supply

special considerations 10-18

802.10 SAID (default) 13-4

802.1Q

trunks 17-6

tunneling

compatibility with other features 24-5

defaults 24-3

described 24-2

tunnel ports with other features 24-6

802.1Q VLANs

encapsulation 15-3

trunk restrictions 15-5

802.1s

See MST

802.1w

See MST

802.1X

See port-based authentication

802.1X authentication

for Critical Authentication 39-13

for guest VLANs 39-10

for MAC Authentication Bypass 39-11

for Wake-on-LAN 39-13

web-based authentication 39-13

with port security 39-16

with VLAN assignment 39-9

with voice VLAN ports 39-19

802.1X Host Mode 39-6

multiauthentication mode 39-8

multidomain authentication mode 39-7

single-host 39-7

802.3ad

See LACP

A

AAA 43-1

fail policy 41-4

AAA (authentication, authorization, and accounting). See also port-based authentication. 41-1

abbreviating commands 2-5

access control entries

See ACEs

access control entries and lists 43-1

access-group mode, configuring on Layer 2 interface 46-34

access-group mode, using PACL with 46-34

access list filtering, SPAN enhancement 49-13

access lists

using with WCCP 58-7

access ports

and Layer 2 protocol tunneling 24-9

configure port security 42-6, 42-21

configuring 15-8

access VLANs 15-6

accounting

with TACACS+ 3-16, 3-21

ACEs

ACLs 46-2

IP 46-2

Layer 4 operation restrictions 46-15

ACEs and ACLs 43-1

ACL assignments, port-based authentication 39-17

ACLs

ACEs 46-2

and SPAN 49-5

and TCAM programming for Sup 6-E 46-15

and TCAM programming for Sup II-Plus thru V-10GE 46-6

applying on routed packets 46-31

applying on switched packets 46-30

chaning the TCAM programming algorithm 46-9

compatibility on the same switch 46-3

configuring with VLAN maps 46-29

CPU impact 46-17

downloadable 41-7

hardware and software support 46-5

IP, matching criteria for port ACLs 46-4

MAC extended 46-19

matching criteria for router ACLs 46-3

port

and voice VLAN 46-4

defined 46-3

limitations 46-5

processing 46-17

resize the TCAM regions 46-10

selecting mode of capturing control packets 46-12

TCAM programming algorithm 46-7

troubleshooting high CPU 46-12

types supported 46-3

understanding 46-2

VLAN maps 46-5

ACLs and VLAN maps, examples 46-24

acronyms, list of A-1

action drivers, marking 36-75

active queue management 36-15

active queue management via DBL, QoS on Sup 6-E 36-88

active traffic monitoring, IP SLAs 55-1

adding members to a community 12-8

addresses

displaying the MAC address table 4-30

dynamic

changing the aging time 4-21

defined 4-19

learning 4-20

removing 4-22

MAC, discovering 4-30

See MAC addresses

static

adding and removing 4-27

defined 4-19

address resolution 4-30

adjacency tables

description 30-2

displaying statistics 30-9

administrative VLAN

REP, configuring 19-8

administrative VLAN, REP 19-7

advertisements

LLDP 1-4, 26-2

advertisements, VTP

See VTP advertisements

aggregation switch, enabling DHCP snooping 44-9

aging time

MAC address table 4-21

ANCP client

enabling and configuring 33-2

guidelines and restrictions 33-5

identify a port with DHCP option 82 33-4

identify a port with protocol 33-2

overview 33-1

ANCP protocol

identifying a port with 33-2

applying IPv6 ACLs to a Layer 3 interface 46-21

AQM via DBL, QoS on Sup 6-E 36-88

archiving crashfiles information 2-8

ARP

defined 4-30

table

address resolution 4-30

managing 4-30

asymmetrical links, and 802.1Q tunneling 24-3

authentication

NTP associations 4-4

See also port-based authentication

TACACS+

defined 3-16

key 3-18

login 3-19

Authentication, Authorization, and Accounting (AAA) 43-1

Authentication Failed VLAN assignment

configure with 802.1X 39-51

authentication open comand 39-8

authentication proxy web pages 41-4

authentication server

defined 39-3

RADIUS server 39-3

authoritative time source, described 4-2

authorization

with TACACS+ 3-16, 3-21

authorized and unauthorized ports 39-4

authorized ports with 802.1X 39-4

autoconfiguration 3-2

automatic discovery

considerations 12-6

automatic QoS

See QoS

Auto-MDIX on a port

configuring 6-27

displaying the configuration 6-28

overview 6-27

autonegotiation feature

forced 10/100Mbps 6-17

Auto-QoS

configuring 36-60

auto-sync command 8-8

B

Baby Giants

interacting with 6-25

BackboneFast

adding a switch (figure) 20-3

and MST 17-22

configuring 20-15

link failure (figure) 20-14, 20-15

not supported MST 17-22

understanding 20-13

See also STP

banners

configuring

login 4-19

message-of-the-day login 4-18

default configuration 4-18

when displayed 4-17

b command 59-3

b flash command 59-3

BGP 1-9

routing session with multi-VRF CE 35-11

blocking packets 47-1

blocking state (STP)

RSTP comparisons (table) 17-24

boot bootldr command 3-31

boot command 3-28

boot commands 59-3

boot fields

See configuration register boot fields

bootstrap program

See ROM monitor

boot system command 3-26, 3-31

boot system flash command 3-28

Border Gateway Protocol

See BGP

boundary ports

description 17-26

BPDU Guard

and MST 17-22

configuring 20-15

overview 20-8

BPDUs

and media speed 17-2

pseudobridges and 17-25

what they contain 17-3

bridge ID

See STP bridge ID

bridge priority (STP) 17-16

bridge protocol data units

See BPDUs

Broadcast Storm Control

disabling 48-6

enabling 48-3

burst rate 36-51

burst size 36-27

C

cache engine clusters 58-1

cache engines 58-1

cache farms

See cache engine clusters

candidates

automatic discovery 12-6

candidate switch, cluster

defined 12-12

requirements 12-12

Capturing control packets

selecting mode 46-12

cautions

Unicast RPF

BGP optional attributes 31-5

cautions for passwords

encrypting 3-22

CDP

and trusted boundary 36-21

automatic discovery in communities 12-6

configuration 25-2

defined with LLDP 26-1

displaying configuration 25-3

enabling on interfaces 25-2

host presence detection 39-8

Layer 2 protocol tunneling 24-7

maintaining 25-3

monitoring 25-3

overview 1-2, 25-1

cdp enable command 25-3

CEF

adjacency tables 30-2

and NSF with SSO 9-5

configuring load balancing 30-7

displaying statistics 30-8

enabling 30-6

hardware switching 30-4

load balancing 30-6

overview 30-1

software switching 30-4

CFM

and Ethernet OAM interaction 53-35

configuration guidelines 53-9, 54-4

configuring crosscheck for VLANs 53-12

configuring over VLANs 53-10

crosscheck 53-7

default configuration 53-8

defined 53-2

disabling on a port 53-9

EtherChannel support 53-9, 54-4

IP SLAs support for 53-8

IP SLAs with endpoint discovers 53-15

maintenance domain 53-3

maintenance point 53-4

manually configuring IP SLAs ping or jitter 53-13

measuring network performance 53-8

monitoring 53-19

on EtherChannel port channels 53-9

sample configuration 53-17

SNMP traps 53-7

types of messages 53-7

CGMP

overview 22-1

channel-group group command 21-7, 21-10

Cisco 7600 series Internet router

enabling SNMP 60-4

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco Group Management Protocol

See CGMP

Cisco IOS IP SLAs 55-2

Cisco IOS NSF-aware

support 9-1

Cisco IOS NSF-capable support 9-1

Cisco IP Phones

configuring 37-2

sound quality 37-1

CiscoWorks 2000 51-4

CIST

description 17-22

civic location 26-3

class level, configure in a service policy 36-85

class-map command 36-28

class of service

See CoS

clear cdp counters command 25-4

clear cdp table command 25-3

clear counters command 6-30

clearing

IP multicast table entries 32-27

clear ip eigrp neighbors command 29-17

clear ip flow stats command 52-9

CLI

accessing 2-1

backing out one level 2-5

getting commands 2-5

history substitution 2-3

managing clusters 12-12

modes 2-5

monitoring environments 49-1

ROM monitor 2-7

software basics 2-4

clients

in 802.1X authentication 39-2

clock

See system clock

clustering switches

command switch characteristics 12-11, 12-12

and VTY 12-11

convert to a community 12-9

managing

through CLI 12-12

overview 12-10

planning considerations

CLI 12-12

passwords 12-7

command-line processing 2-3

command modes 2-5

commands

b 59-3

b flash 59-3

boot 59-3

confreg 59-3

dev 59-3

dir device 59-3

frame 59-5

i 59-3

listing 2-5

meminfo 59-5

reset 59-3

ROM monitor59-2to 59-3

ROM monitor debugging 59-5

SNMP 60-4

sysret 59-5

command switch, cluster

requirements 12-11

common and internal spanning tree

See CIST

common spanning tree

See CST

community of switches

access modes in Network Assistant 12-8

adding devices 12-8

candidate characterisitcs 12-6

communication protocols 12-8

community name 12-7

configuration information 12-8

converting from a cluster 12-9

host name 12-7

passwords 12-7

community ports 38-4

community strings

configuring 51-7

overview 51-4

community VLANs 38-3, 38-4

and SPAN features 38-12

configure as a PVLAN 38-13

compiling MIBs 60-4

config-register command 3-29

config terminal command 3-9

configurable leave timer,IGMP 22-3

configuration examples

SNMP 51-16

configuration files

limiting TFTP server access 51-15

obtaining with DHCP 3-6

saving 3-10

system contact and location information 51-15

configuration guidelines

CFM 53-9, 54-4

Ethernet OAM 53-21

REP 19-6

SNMP 51-6

configuration register

boot fields

listing value 3-29

modifying 3-28

changing from ROM monitor 59-3

changing settings3-28to 3-29

configuring 3-26

settings at startup 3-27

configure class-level queue-limit in a service policy 36-85

configure terminal command 3-28, 6-2

configuring access-group mode on Layer 2 interface 46-34

configuring flow control 6-20

configuring interface link and trunk status envents 6-31

configuring named IPv6 ACLs 46-20

configuring named MAC extended ACLs 46-19

configuring unicast MAC address filtering 46-19

configuring VLAN maps 46-22

confreg command 59-3

Connectivity Fault Management

See CFM

console configuration mode 2-5

console download59-4to 59-5

console port

disconnecting user sessions 7-6

monitoring user sessions 7-6

control plane policing

See CoPP

control protocol, IP SLAs 55-4

convergence

REP 19-3

CoPP

applying QoS service policy to control plane 43-4

configuring

ACLs to match traffic 43-4

enabling MLS QoS 43-4

packet classification criteria 43-4

service-policy map 43-4

control plane configuration mode

entering 43-4

displaying

dynamic information 43-8

number of conforming bytes and packets 43-8

rate information 43-8

entering control plane configuration mode 43-4

monitoring statistics 43-8

overview 43-1

copy running-config startup-config command 3-10

copy system:running-config nvram:startup-config command 3-31

CoS

definition 36-3

figure 36-2

overriding on Cisco IP Phones 37-4

priority 37-4

CoS Mutation

configuring 36-36

CoS-to-DSCP maps 36-53

CoS value, configuring for an interface 36-48

counters

clearing MFIB 32-27

clearing on interfaces 6-30

CPU, impact of ACL processing 46-17

CPU port sniffing 49-10

crashfiles information, archiving 2-8

Critical Authentication

configure with 802.1X 39-46

crosscheck, CFM 53-7, 53-12

CST

description 17-25

IST and 17-22

MST and 17-22

customer edge devices 35-2

D

database agent

configuration examples 44-12

enabling the DHCP Snooping 44-12

daylight saving time 4-13

debug commands, ROM monitor 59-5

default configuration

802.1X 39-22

auto-QoS 36-61

banners 4-18

CFM 53-8

DNS 4-16

Ethernet OAM 53-21

IGMP filtering 22-20

IGMP snooping 23-5, 23-6

IP SLAs 55-7

Layer 2 protocol tunneling 24-9

LLDP 26-3

MAC address table 4-21

multi-VRF CE 35-3

NTP 4-4

private VLANs 38-11

REP 19-6

resetting the interface 6-33

RMON 56-3

SNMP 51-5

SPAN and RSPAN 49-6

system message logging 50-3

system name and prompt 4-15

TACACS+ 3-18

default gateway

configuring 3-11

verifying configuration 3-11

default settings, erase commad 3-31

default web-based authentication configuration

802.1X 41-6

denial-of-service attacks

IP address spoofing, mitigating 31-5

Unicast RPF, deploying 31-5

denying access to a server on another VLAN 46-27

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 6-11, 6-12

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 6-12

description command 6-19

detecting unidirectional links 27-1

dev command 59-3

device discovery protocol 26-1

DHCP-based autoconfiguration

client request message exchange 3-3

configuring

client side 3-2

DNS 3-5

relay device 3-5

server-side 3-3

TFTP server 3-4

example 3-7

lease options

for IP address information 3-3

for receiving the configuration file 3-4

overview 3-2

relationship to BOOTP 3-2

DHCP option 82

identifying a port with 33-4

overview 44-3

DHCP Snooping

enabling, and Option 82 44-9

DHCP snooping

accepting untrusted packets form edge switch 44-10

configuring 44-6

default configuration 44-7

displaying binding tables 44-16

displaying configuration 44-16

displaying information 44-16

enabling 44-7

enabling on private VLAN 44-11

enabling on the aggregation switch 44-9

enabling the database agent 44-12

message exchange process 44-4

monitoring 44-20

option 82 data insertion 44-3

overview 44-1

Snooping database agent 44-2

DHCP Snooping Database Agent

adding to the database (example) 44-15

enabling (example) 44-13

overview 44-2

reading from a TFTP file (example) 44-14

Diagnostics

online 57-1

troubleshooting 57-2

Power-On-Self-Test

causes of failure 57-14

how it works 57-3

overview 57-3

Power-On-Self-Test for Supervisor Engine V-10GE 57-8

Differentiated Services Code Point values

See DSCP values

DiffServ architecture, QoS 36-2

Digital optical monitoring transceiver support 6-16

dir device command 59-3

disabled state

RSTP comparisons (table) 17-24

disabling

broadcast storm control 48-6

disabling multicast storm control 48-7

disconnect command 7-6

discovery, clusters

See automatic discovery

discovery, Ethernet OAM 53-20

displaying EtherChannel to a Virtual Switch System 21-14

displaying storm control 48-8

display PoE consumed by a module 11-8

DNS

and DHCP-based autoconfiguration 3-5

default configuration 4-16

displaying the configuration 4-17

overview 4-15

setting up 4-16

domain names

DNS 4-15

Domain Name System

See DNS

double-tagged packets

802.1Q tunneling 24-2

Layer 2 protocol tunneling 24-9

downloading MIBs 60-2, 60-3

drop threshold for Layer 2 protocol packets 24-10

DSCP maps 36-52

DSCP-to-CoS maps

configuring 36-54

DSCP values

configuring maps 36-52

definition 36-4

IP precedence 36-2

mapping markdown 36-19

mapping to transmit queues 36-50

DSCP values, configuring port value 36-49

DTP

VLAN trunks and 15-3

duplex command 6-18

duplex mode

configuring interface 6-17

dynamic ARP inspection

ARP cache poisoning 45-2

configuring

ACLs for non-DHCP environments 45-11

in DHCP environments 45-5

log buffer 45-14

rate limit for incoming ARP packets 45-16

denial-of-service attacks, preventing 45-16

interface trust state, security coverage 45-3

log buffer

configuring 45-14

logging of dropped packets 45-4

overview 45-1

port channels, their behavior 45-5

priority of static bindings 45-4

purpose of 45-2

rate limiting of ARP packets 45-4

configuring 45-16

validation checks, performing 45-19

dynamic buffer limiting

globally 36-23

on specific CoS values 36-25

on specific IP DSCP values 36-24

Dynamic Host Configuration Protocol snooping

See DHCP snooping

dynamic port VLAN membership

example 13-29

limit on hosts 13-28

reconfirming 13-26

troubleshooting 13-28

Dynamic Trunking Protocol

See DTP

E

EAP frames

changing retransmission time 39-62

exchanging (figure) 39-4, 39-6, 39-12

request/identity 39-3

response/identity 39-3

setting retransmission number 39-63

EAPOL frames

802.1X authentication and 39-3

OTP authentication, example (figure) 39-4, 39-12

start 39-3

edge ports

description 17-27

EGP

overview 1-9

EIGRP

configuration examples 29-18

monitoring and maintaining 29-17

EIGRP (Enhanced IGRP)

stub routing

benefits 29-16

configuration tasks 29-16

configuring 29-12

overview 29-12

restrictions 29-16

verifying 29-17

EIGRP (enhanced IGRP)

overview 1-10

eigrp stub command 29-17

EIGRP stub routing, configuring 29-11

ELIN location 26-3

Embedded CiscoView

displaying information 4-33

installing and configuring 4-31

overview 4-31

emergency alarms on Sup Engine 6-E systems 10-3

enable command 3-9, 3-28

enable mode 2-5

enabling or disabling QOS on an interface 36-45

enabling SNMP 60-4

encapsulation types 15-3

Enhanced Interior Gateway Routing Protocol

See EIGRP

Enhanced PoE support on E-series 11-16

environmental conditions

Sup Engine 6-E 10-2

Sup Engines II-Plus to V-10GE 10-2

environmental monitoring

using CLI commands 10-1

EtherChannel

channel-group group command 21-7, 21-10

configuration guidelines 21-5

configuring21-6to 21-14

configuring Layer 2 21-9

configuring Layer 3 21-6

displaying to a virtual switch system 21-14

interface port-channel command 21-7

lacp system-priority

command example 21-12

modes 21-3

overview 21-1

PAgP

Understanding 21-3

physical interface configuration 21-7

port-channel interfaces 21-2

port-channel load-balance command 21-12

removing 21-14

removing interfaces 21-13

EtherChannel guard

disabling 20-6

enabling 20-6

overview 20-5

Ethernet infrastructure 53-1

Ethernet management port

and routing 6-6

and routing protocols 6-6

configuring 6-10

default setting 6-6

described 1-16, 6-6

for network management 1-16, 6-6

specifying 6-10

supported features 6-9

unsupported features 6-9

Ethernet management port, internal

and routing protocols 6-6

Ethernet Management Port, using 6-5

Ethernet OAM 53-20

and CFM interaction 53-35

configuration guidelines 53-21

default configuration 53-21

discovery 53-20

enabling 53-22

link monitoring 53-20, 53-25

manager 53-1

messages 53-21

protocol

defined 53-20

monitoring 53-33

remote failure indications 53-20

remote loopback 53-21, 53-23

templates 53-30

Ethernet OAM protocol CFM notifications 53-35

Ethernet operation, administration, and maintenance

See Ethernet OAM

explicit host tracking

enabling 22-11

extended range VLANs

See VLANs

Extensible Authentication Protocol over LAN 39-1

Exterior Gateway Protocol

See EGP

F

Fa0 port

See Ethernet management port

Fallback Authentication

configure with 802.1X 39-54

FastDrop

overview 32-10

fastethernet0 port

See Ethernet management port

FIB

description 30-2

See also MFIB

filtering

in a VLAN 46-22

non-IP traffic 46-19

flags 32-11

Flash memory

configuring router to boot from 3-30

loading system images from 3-30

security precautions 3-30

Flex Links

configuration guidelines 18-5

configuring 18-6, 18-7

configuring preferred VLAN 18-9

configuring VLAN load balancing 18-8

monitoring 18-11

flooded traffic, blocking 47-2

flowchart, traffic marking procedure 36-75

flow control, configuring 6-20

For 11-14

forward-delay time (STP)

configuring 17-18

forwarding information base

See FIB

frame command 59-5

G

gateway

See default gateway

get-bulk-request operation 51-3

get-next-request operation 51-3, 51-4

get-request operation 51-3, 51-4

get-response operation 51-3

Gigabit Ethernet SFP ports

deploy with 10-Gigabit Ethernet 6-11, 6-12

global configuration mode 2-5

Guest-VLANs

configure with 802.1X 39-41, 39-53

H

hardware and software ACL support 46-5

hardware switching 30-5

hello time (STP)

configuring 17-17

hierarchical policers, configuring 36-41

high CPU due to ACLs, troubleshooting 46-12

history

CLI 2-3

history table, level and number of syslog messages 50-9

hop counts

configuring MST bridges 17-27

host

limit on dynamic port 13-28

host ports

kinds of 38-4

host presence CDP message 39-8

Hot Standby Routing Protocol

See HSRP

HSRP

description 1-9

http

//www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html 55-1, 55-4, 55-6, 55-7

//www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcr/tcf_r/index.htm 25-1, 50-1, 51-1, 56-1

hw-module module num power command 10-20

I

ICMP

enabling 7-11

ping 7-7

running IP traceroute 7-8

time exceeded messages 7-8

ICMP Echo operation

configuring 55-12

IP SLAs 55-12

i command 59-3

IDS

using with SPAN and RSPAN 49-2

IEEE 802.1ag 53-2

IEEE 802.1s

See MST

IEEE 802.1w

See MST

IEEE 802.3ad

See LACP

IEEE 802.3ah Ethernet OAM discovery 53-1

IGMP

configurable-leave timer 22-3

description 32-3

enabling 32-13

explicit host tracking 22-4

immediate-leave processing 22-3

leave processing, enabling 23-8

overview 22-1

report suppression

disabling 23-10

IGMP filtering

configuring 22-20

default configuration 22-20

described 22-20

monitoring 22-23

IGMP groups

setting the maximum number 22-22

IGMP Immediate Leave

configuration guidelines 22-9

IGMP profile

applying 22-21

configuration mode 22-20

configuring 22-21

IGMP Snooping

configure

leave timer 22-9

configuring

Learning Methods 22-7

static connection to a multicast router 22-7

configuring host statically 22-11

enabling

Immediate-Leave processing

explicit host tracking 22-11

suppressing multicast flooding 22-11

IGMP snooping

configuration guidelines 22-5

default configuration 23-5, 23-6

enabling

globally 22-5

on a VLAN 22-6

enabling and disabling 23-6

IP multicast and 32-4

monitoring 22-14, 23-11

overview 22-1

IGMP Snooping, displaying

group 22-16

hot membership 22-15

how to 22-14

MAC address entries 22-17

multicast router interfaces 22-17

on a VLAN interface 22-18

Querier information 22-19

IGMPSnooping Querier, configuring 22-10

IGRP

description 1-11

Immediate Leave, IGMP

enabling 23-8

immediate-leave processing

enabling 22-8

IGMP

See fast-leave processing

ingress packets, SPAN enhancement 49-12

inline power

configuring on Cisco IP phones 37-5

insufficient inline power handling for Supervisor Engine II-TS 10-18

Intelligent Power Management 11-4

interacting with Baby Giants 6-25

interface command 3-9, 6-2

interface configuration

REP 19-9

interface link and trunk status events

configuring 6-31

interface port-channel command 21-7

interface range command 6-4

interface range macro command 6-10

interfaces

adding descriptive name 6-19

clearing counters 6-30

configuring 6-2

configuring ranges 6-4

displaying information about 6-30

Layer 2 modes 15-4

maintaining 6-29

monitoring 6-29

naming 6-19

numbers 6-2

overview 6-1

restarting 6-31

See also Layer 2 interfaces

using the Ethernet Management Port 6-5

Interior Gateway Routing Protocol

See IGRP

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Inter-Switch Link encapsulation

See ISL encapsulation

Intrusion Detection System

See IDS

inventory management TLV 26-3, 26-7

IP

configuring default gateway 3-11

configuring static routes 3-11

displaying statistics 30-8

flow switching cache 52-9

IP addresses

cluster candidate or member 12-12

cluster command switch 12-11

discovering 4-30

ip cef command 30-6

IP Enhanced IGRP

interfaces, displaying 29-17

ip flow-aggregation cache destination-prefix command 52-11

ip flow-aggregation cache prefix command 52-11

ip flow-aggregation cache source-prefix command 52-12

ip flow-export command 52-9

ip icmp rate-limit unreachable command 7-12

ip igmp profile command 22-20

ip igmp snooping tcn flood command 22-13

ip igmp snooping tcn flood query count command 22-13

ip igmp snooping tcn query solicit command 22-14

IP information

assigned

through DHCP-based autoconfiguration 3-2

ip load-sharing per-destination command 30-7

ip local policy route-map command 34-4

ip mask-reply command 7-13

IP MTU sizes, configuring 29-8

IP MTU sizes,configuring 29-8

IP multicast

clearing table entries 32-27

configuring 32-12

default configuration 32-12

displaying PIM information 32-23

displaying the routing table information 32-23

enabling dense-mode PIM 32-14

enabling sparse-mode 32-14

features not supported 32-12

hardware forwarding 32-8

IGMP snooping and 22-4, 32-4

overview 32-1

routing protocols 32-2

software forwarding 32-8

See also Auto-RP; IGMP; PIM; RP; RPF

IP multicast routing

enabling 32-13

monitoring and maintaining 32-22

ip multicast-routing command 32-13

IP phones

automatic classification and queueing 36-61

configuring voice ports 37-3

See Cisco IP Phones 37-1

trusted boundary for QoS 36-21

ip pim command 32-14

ip pim dense-mode command 32-14

ip pim sparse-dense-mode command 32-15

ip policy route-map command 34-4

IP Port Security for Static Hosts

on a Layer 2 access port 44-22

on a PVLAN host port 44-25

overview 44-21

ip redirects command 7-12

ip route-cache flow command 52-7

IP routing tables

deleting entries 32-27

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 55-1

IP SLAs

benefits 55-3

CFM endpoint discovery 53-15

Control Protocol 55-4

default configuration 55-7

definition 55-1

ICMP echo operation 55-12

manually configuring CFM ping or jitter 53-13

measuring network performance 55-3

monitoring 55-14

operation 55-3

responder

described 55-4

enabling 55-8

response time 55-5

SNMP support 55-3

supported metrics 55-2

threshold monitoring 55-7

UDP jitter operation 55-9

IP Source Guard

configuring 44-17

configuring on private VLANs 44-19

displaying 44-19, 44-20

overview 44-17

IP statistics

displaying 30-8

IP traceroute

executing 7-8

overview 7-8

IP unicast

displaying statistics 30-8

IP Unnumbered support

configuring on a range of Ethernet VLANs 14-6

configuring on LAN and VLAN interfaces 14-5

configuring with connected host polling 14-7

DHCP Option 82 14-3

displaying settings 14-8

format of agent remote ID suboptions 14-3

troubleshooting 14-9

with conected host polling 14-4

with DHCP server and Relay agent 14-2

ip unreachables command 7-11

IPX

redistribution of route information with EIGRP 1-10

ISL

encapsulation 15-3

trunking with 802.1Q tunneling 24-4

isolated port 38-4

isolated VLANs 38-3, 38-4

ISSU

compatibility matrix 5-12

compatiblity verification using Cisco Feature Navigator 5-13

NSF overview 5-3

perform the process

aborting a software upgrade 5-25

configuring the rollback timer as a safeguard 5-26

displaying a compatibility matrix 5-28

loading the new software on the new standby 5-23

stopping the rollback timer 5-22

switching to the standby 5-19

verify the ISSU state 5-16

verify the redundancy mode 5-14

verify the software installation 5-14

vload the new software on standby 5-16

prerequisites 5-2

process overview 5-6

restrictions 5-2

SNMP support 5-12

SSO overview 5-3

versioning capability in software to support 5-11

IST

and MST regions 17-22

description 17-22

master 17-27

J

jumbo frames

and ethernet ports 6-24

configuring MTU sizes for 6-24

ports and linecards that support 6-22

understanding MTUs 6-23

understanding support 6-23

VLAN interfaces 6-24

K

keyboard shortcuts 2-3

L

l2protocol-tunnel command 24-11

labels, definition 36-3

LACP

system ID 21-4

Layer 2 access ports 15-8

Layer 2 Control Packet QoS

feature interaction 36-59

overview 36-55

usage guidelines 36-59

Layer 2 frames

classification with CoS 36-2

Layer 2 interface, configuring access-mode mode on 46-34

Layer 2 interfaces

assigning VLANs 13-7

configuring 15-5

configuring as PVLAN host ports 38-16

configuring as PVLAN promiscuous ports 38-15

configuring as PVLAN trunk ports 38-17

defaults 15-5

disabling configuration 15-9

modes 15-4

show interfaces command 15-7

Layer 2 interface type

resetting 38-22

setting 38-22

Layer 2 protocol tunneling

default configuration 24-9

guidelines 24-10

Layer 2 switching

overview 15-1

Layer 2 Traceroute

and ARP 7-10

and CDP 7-9

host-to-host paths 7-9

IP addresses and subnets 7-10

MAC addresses and VLANs 7-10

multicast traffic 7-10

multiple devices on a port 7-10

unicast traffic 1-24, 7-9

usage guidelines 7-9

Layer 2 trunks

configuring 15-6

overview 15-3

Layer 3 interface, applying IPv6 ACLs 46-21

Layer 3 interface counters,configuring 29-9

Layer 3 interface counters,understanding 29-3

Layer 3 interfaces

changing from Layer 2 mode 35-7

configuration guidelines 29-4

overview 29-1

logical 29-2

physical 29-2

VLANs as interfaces 29-6

Layer 3 packets

classification methods 36-2

Layer 4 port operations

configuration guidelines 46-16

restrictions 46-15

Leave timer, enabling 22-9

limitations on using a TwinGig Convertor 6-13

link and trunk status events

configuring interface 6-31

link integrity, verifying with REP 19-3

Link Layer Discovery Protocol

See CDP

link monitoring, Ethernet OAM 53-20, 53-25

listening state (STP)

RSTP comparisons (table) 17-24

LLDP

configuring 26-3

characteristics 26-4

default configuration 26-3

disabling and enabling

globally 26-5

on an interface 26-5

monitoring and maintaining 26-7

overview 26-1

transmission timer and holdtime, setting 26-4

LLDP-MED

configuring

procedures 26-3

TLVs 26-6

monitoring and maintaining 26-7

overview 26-1

supported TLVs 26-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing

configuring for CEF 30-7

configuring for EtherChannel 21-12

overview 21-5, 30-6

per-destination 30-7

location TLV 26-3, 26-7

Logical Layer 3 interfaces

configuring 29-5

login authentication

with TACACS+ 3-19

login banners 4-17

login timer

changing 7-5

logoutwarning command 7-6

loop guard

and MST 17-23

configuring 20-4

overview 20-3

M

MAC/PHY configuration status TLV 26-2

MAC addresses

aging time 4-21

allocating 17-5

and VLAN association 4-20

building tables 4-20, 15-2

convert dynamic to sticky secure 42-5

default configuration 4-21

discovering 4-30

displaying 4-30, 7-3

displaying in DHCP snooping binding table 44-16

dynamic

learning 4-20

removing 4-22

in ACLs 46-19

static

adding 4-28

allowing 4-29

characteristics of 4-27

dropping 4-29

removing 4-28

sticky 42-4

sticky secure, adding 42-5

MAC address-table move update

configuration guidelines 18-6

configuring 18-9

description 18-3

monitoring 18-11

MAC Authentication Bypass

configure with 802.1X 39-44

MAC extended access lists 46-19

macros

See Smartports macros

main-cpu command 8-8

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

management address TLV 26-2

management options

SNMP 51-1

Management Port, Ethernet 6-5

manual preemption, REP, configuring 19-11

mapping

DSCP markdown values 36-19

DSCP values to transmit queues 36-50

mapping tables

configuring DSCP 36-52

described 36-15

marking

hardware capabilities 36-77

marking action drivers 36-75

marking network traffic 36-72

marking support, multi-attribute 36-76

mask destination command 52-11

mask source command 52-11, 52-12

Match CoS for non-IPV4 traffic

configuring 36-30

match ip address command 34-3

maximum aging time (STP)

configuring 17-18

MDA

configuration guidelines39-20to 39-21

described 39-20

members

automatic discovery 12-6

member switch

managing 12-12

member switch, cluster

defined 12-11

requirements 12-12

meminfo command 59-5

MEPs

defined 53-4

messages, Ethernet OAM 53-21

messages, to users through banners 4-17

Metro features

Ethernet CFM, introduction 1-3

Ethernet OAM Protocol, introduction 1-3

Flex Link and MAC Address-Table Move Update, introduction 1-3

Y.1731 (AIS and RDI), introduction 1-8

metro tags 24-2

MFIB

CEF 32-5

overview 32-11

MFIB, IP

displaying 32-25

MIBs

compiling 60-4

downloading 60-2, 60-3

overview 51-1

related information 60-3

SNMP interaction with 51-4

MIPs

defined 53-5

MLD Done messages and Immediate-leave 23-4

MLD messages 23-2

MLD queries 23-3

MLD reports 23-4

MLD Snooping

MLD Done messages and Immediate-leave 23-4

MLD messages 23-2

MLD queries 23-3

MLD reports 23-4

Multicast client aging robustness 23-3

Multicast router discovery 23-3

overview 23-1

Mode of capturing control packets, selecting 46-12

modules

checking status 7-1

powering down 10-20

monitoring

802.1Q tunneling 24-12

ACL information 46-38

Ethernet CFM 53-19

Ethernet OAM 53-33

Ethernet OAM protocol 53-33

Flex Links 18-11

IGMP

snooping 23-11

IGMP filters 22-23

IGMP snooping 22-14

IP SLAs operations 55-14

Layer 2 protocol tunneling 24-12

MAC address-table move update 18-11

multicast router interfaces 23-11

multi-VRF CE 35-16

REP 19-12

traffic flowing among switches 56-1

tunneling 24-12

VLAN filters 46-28

VLAN maps 46-28

M-record 17-22

MST

and multiple spanning trees 1-4, 17-22

boundary ports 17-26

BPDUs 17-22

configuration parameters 17-25

configuring 17-29

displaying configurations 17-32

edge ports 17-27

enabling 17-29

hop count 17-27

instances

configuring parameters 17-31

description 17-22

number supported 17-25

interoperability with PVST+ 17-22

link type 17-27

master 17-27

message age 17-27

regions 17-25, 17-26

restrictions 17-28

to-SST interoperability 17-24

MSTP

EtherChannel guard

enabling 20-6

M-record 17-22

M-tree 17-22

M-tree 17-22

MTUS

understanding 6-23

MTU size

configuring 6-24, 6-26, 6-32

default 13-5

multiauthentication mode 39-8

multicast

See IP multicast

Multicast client aging robustness 23-3

multicast groups

static joins 23-7

multicast packets

blocking 47-2

Multicast router discovery 23-3

multicast router interfaces, displaying 22-17

multicast router interfaces, monitoring 23-11

multicast router ports, adding 23-8

multicast routers

flood suppression 22-11

multicast router table

displaying 32-23

Multicast Storm Control

enabling 48-4

disabling 48-7

suppression on Sup 6-E 48-4

suppression on WS-X4014 48-5

suppression on WS-X4016 48-5

WS-X4515, WS-X4014, and WS-X4013+ Sup Engs 48-5

WS-X4516 Sup Eng 48-5

multidomain authentication

See MDA

multidomain authentication mode 39-7

Multiple AuthorizationAuthentication

configuring 39-29

Multiple Domain Authentication 39-29

multiple forwarding paths 1-4, 17-22

multiple-hosts mode 39-7

Multiple Spanning Tree

See MST

multiple VPN routing/forwarding

See multi-VRF CE

multi-VRF CE

components 35-3

configuration example 35-12

default configuration 35-3

defined 35-1

displaying 35-16

monitoring 35-16

network components 35-3

packet-forwarding process 35-3

N

named aggregate policers, creating 36-26

named IPv6 ACLs, configuring

ACLs

configuring named IPv6 ACLs 46-20

named MAC extended ACLs

ACLs

configuring named MAC extended 46-19

native VLAN

and 802.1Q tunneling 24-4

specifying 15-6

neighbor offset numbers, REP 19-4

NetFlow

aggregation

minimum mask,default value 52-11

destination-prefix aggregation

configuration (example) 52-16

minimum mask, configuring 52-11

IP

flow switching cache 52-9

prefix aggregation

configuration (example) 52-14

minimum mask, configuring 52-11

source-prefix aggregation

minimum mask, configuring 52-11

switching

checking for required hardware 52-6

configuration (example) 52-12

configuring switched IP flows 52-8

enabling Collection 52-7

exporting cache entries 52-9

statistics 52-9

NetFlow statistics

caveats on supervisor 52-6

checking for required hardware 52-6

configuring collection 52-6

enabling Collection 52-7

exporting cache entries 52-9

overview of collection 52-1

switched/bridged IP flows 52-8

Network Assistant

and VTY 12-11

configure

enable communication with switch 12-13, 12-17

default configuration 12-2

overview of CLI commands 12-2

network fault tolerance 1-4, 17-22

network management

configuring 25-1

RMON 56-1

SNMP 51-1

network performance, measuring with IP SLAs 55-3

network policy TLV 26-2, 26-7

Network Time Protocol

See NTP

network traffic, marking 36-72

New Software Features in Release 7.7

TDR 7-3

Next Hop Resolution Protocol

See NHRP

NHRP

support 1-10

non-IP traffic filtering 46-19

non-RPF traffic

description 32-9

in redundant configurations (figure) 32-10

Nonstop Forwarding

See NSF

nonvolatile random-access memory

See NVRAM

normal-range VLANs

See VLANs

NSF

defined 9-1

guidelines and restrictions 9-9

operation 9-5

NSF-aware

supervisor engines 9-3

support 9-1

NSF-capable

supervisor engines 9-3

support 9-1

NSF with SSO supervisor engine redundancy

and CEF 9-5

overview 9-4

SSO operation 9-4

NTP

associations

authenticating 4-4

defined 4-2

enabling broadcast messages 4-7

peer 4-6

server 4-6

default configuration 4-4

displaying the configuration 4-11

overview 4-2

restricting access

creating an access group 4-9

disabling NTP services per interface 4-10

source IP address, configuring 4-10

stratum 4-2

synchronizing devices 4-6

time

services 4-2

synchronizing 4-2

NVRAM

saving settings 3-10

O

OAM

client 53-20

features 53-20

sublayer 53-20

OAM manager

with CFM and Ethernet OAM 53-35

OAM PDUs 53-22

OAM protocol data units 53-20

OIR

overview 6-29

Online Diagnostics 57-1

online insertion and removal

See OIR

Open Shortest Path First

See OSPF

operating system images

See system images

Option 82

enabling DHCP Snooping 44-9

OSPF

area concept 1-11

description 1-11

P

packets

modifying 36-17

software processed

and QoS 36-17

packet type filtering

overview 49-15

SPAN enhancement 49-15

PACL, using with access-group mode 46-34

PACL with VLAN maps and router ACLs 46-36

PAgP

understanding 21-3

passwords

configuring enable password 3-13

configuring enable secret password 3-13

encrypting 3-22

in clusters 12-7

recovering lost enable password 3-25

setting line password 3-14

PBR (policy-based routing)

configuration (example) 34-5

enabling 34-3

features 34-2

overview 34-1

route maps 34-2

when to use 34-2

per-port and VLAN Access Control List 44-17

per-port per-VLAN QoS

enabling 36-43

overview 36-17

Per-VLAN Rapid Spanning Tree 17-6

enabling 17-20

overview 17-6

PE to CE routing, configuring 35-11

Physical Layer 3 interfaces, configuring 29-10

PIM

configuring dense mode 32-14

configuring sparse mode 32-14

displaying information 32-22

displaying statistics 32-26

enabling sparse-dense mode 32-14, 32-15

overview 32-3

PIM-DM 32-3

PIM on an interface, enabling 32-13

PIM-SM 32-3

PIM-SSM mapping, enabling 32-16

ping

executing 7-7

overview 7-7

ping command 7-7, 32-22

PoE 11-8

configuring power consumption for single device 11-5

configuring power consumption for switch 11-5

Enhanced PoE support on E-series 11-16

policing and monitoring 11-13

power consumption for powered devices

Intelligent Power Management 11-4

overview 11-5

supported cabling topology 11-6

powering down a module 10-20

power management modes 11-2

show interface status 11-7

PoE policing

configuring errdisable recovery 11-15

configuring on an interface 11-13

displaying on an interface 11-15

power modes 11-13

point-to-point

in 802.1X authentication (figure) 39-2

police command 36-33

policed-DSCP map 36-53

policers

description 36-5

types of 36-10

policies

See QoS policies

policing

how to implement 36-71

See QoS policing

policing, PoE 11-13

policy associations, QoS on Sup 6-E 36-89

policy-map command 36-28, 36-31

policy map marking action, configuring 36-77

policy maps

attaching to interfaces 36-35

configuring 36-30

port ACLs

and voice VLAN 46-4

defined 46-3

limitations 46-5

Port Aggregation Protocol

see PAgP

port-based authentication

802.1X with voice VLAN 39-19

authentication server

defined 41-2

changing the quiet period 39-61

client, defined 39-2, 41-2

configuration guidelines 39-23, 41-7

configure switch-to-RADIUS server communication 39-27

configure with Authentication Failed VLAN assignment 39-51

configure with Critical Authentication 39-46

configure with Guest-VLANs 39-41, 39-53

configure with MAC Authentication Bypass 39-44

configure with Wake-on-LAN 39-49

configuring

Multiple Domain Authentication and Multiple Authorization 39-29

RADIUS server 41-10

RADIUS server parameters on the switch 41-9

configuring Fallback Authentication 39-54

configuring Guest-VLAN 39-27

configuring manual re-authentication of a client 39-65

controlling authorization state 39-5

default configuration 39-22, 41-6

described 39-1

device roles 39-2, 41-2

displaying statistics 39-66, 41-15

enabling 39-24

802.1X authentication 41-9

enabling multiple hosts 39-60

enabling periodic re-authentication 39-58

encapsulation 39-3

host mode 39-6

initiation and message exchange 39-3

method lists 39-24

modes 39-6

multidomain authentication 39-20

multiple-hosts mode, described 39-7

port security

multiple-hosts mode 39-7

ports not supported 39-4

pre-authentication open access 39-8

resetting to default values 39-65

setting retransmission number 39-63

setting retransmission time 39-62

switch

as proxy 41-2

topologies, supported 39-21

using with ACL assignments and redirect URLs 39-17

using with port security 39-16

with Critical Authentication 39-13

with Guest VLANs 39-10

with MAC Authentication Bypass 39-11

with VLAN assignment 39-9

port-based QoS features

See QoS

port-channel interfaces

See also EtherChannel

creating 21-6

overview 21-2

port-channel load-balance

command 21-12

command example 21-12

port-channel load-balance command 21-12

port cost (STP)

configuring 17-15

port description TLV 26-2

PortFast

and MST 17-22

BPDU filter, configuring 20-9

configuring or enabling 20-15

overview 20-6

PortFast BPDU filtering

and MST 17-22

enabling 20-9

overview 20-9

port numbering with TwinGig Convertors 6-13

port priority

configuring MST instances 17-31

configuring STP 17-12

ports

blocking 47-1

checking status 7-2

dynamic VLAN membership

example 13-29

reconfirming 13-26

forwarding, resuming 47-2

REP 19-5

See also interfaces

port security

aging 42-5

and QoS trusted boundary 36-21

configuring 42-7

displaying 42-26

guidelines and restrictions 42-32

on access ports 42-6, 42-21

on private VLAN 42-13

host 42-14

over Layer 2 EtherChannel 42-31

promiscuous 42-15

topology 42-14, 42-17, 42-31

on trunk port 42-16

guidelines and restrictions 42-14, 42-17, 42-20, 42-31

port mode changes 42-21

on voice ports 42-21

sticky learning 42-5

using with 802.1X 39-16

violations 42-6

with 802.1X Authentication 42-30

with DHCP and IP Source Guard 42-30

with other features 42-32

port states

description 17-5

port trust state

See trust states

port VLAN ID TLV 26-2

power

inline 37-5

power dc input command 10-17

power handling for Supervisor Engine II-TS 11-12

power inline command 11-3

power inline consumption command 11-5

power management

Catalyst 4500 series 10-6

Catalyst 4500 Switch power supplies 10-13

Catalyst 4948 series 10-20

configuring combined mode 10-12

configuring redundant mode 10-11

overview 10-1

redundancy 10-6

power management for Catalyst 4500 Switch

combined mode 10-8

redundant mode 10-8

power management limitations in Catalyst 4500 Switch 10-9

power management mode

selecting 10-8

power management TLV 26-2, 26-7

Power-On-Self-Test diagnostics 57-3, 57-14

Power-On-Self-Test for Supervisor Engine V-10GE 57-8

power redundancy-mode command 10-11

power supplies

available power for Catalyst 4500 Switch 10-13

fixed 10-7

variable 10-7, 10-20

pre-authentication open access 39-8

pre-authentication open access. See port-based authentication.

preempt delay time, REP 19-5

primary edge port, REP 19-4

primary VLANs 38-2, 38-5

associating with secondary VLANs 38-14

configuring as a PVLAN 38-13

priority

overriding CoS of incoming frames 37-4

priority queuing, QoS on Sup 6-E 36-84

private VLAN

configure port security 42-14

enabling DHCP Snooping 44-11

private VLANs

across multiple switches 38-5

and SVIs 38-9

benefits of 38-2

community ports 38-4

community VLANs 38-3, 38-4

default configuration 38-11

end station access to 38-3

isolated port 38-4

isolated VLANs 38-3, 38-4

ports

community 38-4

isolated 38-4

promiscuous 38-5

primary VLANs 38-2, 38-5

promiscuous ports 38-5

secondary VLANs 38-3

subdomains 38-2

traffic in 38-9

privileged EXEC mode 2-5

privileges

changing default 3-23

configuring levels 3-23

exiting 3-24

logging in 3-24

promiscuous ports

configuring PVLAN 38-15

defined 38-5

setting mode 38-22

protocol timers 17-4

provider edge devices 35-2

pruning, VTP

See VTP pruning

pseudobridges

description 17-25

PVACL 44-17

PVID (port VLAN ID)

and 802.1X with voice VLAN ports 39-19

PVLAN promiscuous trunk port

configuring 38-2, 38-15, 38-19

PVLANs

802.1q support 38-12

across multiple switches 38-5

configuration guidelines 38-11

configure port security 42-13, 42-15, 42-17

configure port security in a wireless setting 42-31

configure port security over Layer 2 EtherChannel 42-31

configuring 38-10

configuring a VLAN 38-13

configuring promiscuous ports 38-15

host ports

configuring a Layer 2 interface 38-16

setting 38-22

overview 38-1

permitting routing, example 38-21

promiscuous mode

setting 38-22

setting

interface mode 38-22

Q

QoS

allocating bandwidth 36-50

and software processed packets 36-17

auto-QoS

configuration and defaults display 36-64

configuration guidelines 36-62

described 36-60

displaying 36-64

effects on NVRAM configuration 36-62

enabling for VoIP 36-63

basic model 36-5

burst size 36-27

classification36-6to 36-10

configuration guidelines 36-20

auto-QoS 36-62

configuring

auto-QoS 36-60

DSCP maps 36-52

dynamic buffer limiting 36-22

traffic shaping 36-51

trusted boundary 36-21

configuring Layer 2 Control Packet QoS, feature interaction 36-59

configuring Layer 2 Control Packet QoS, guidelines 36-59

configuring Layer 2 Control Packet QoS, overview 36-55

configuring UBRL 36-37

configuring VLAN-based on Layer 2 interfaces 36-46

creating named aggregate policers 36-26

creating policing rules 36-28

default auto configuration 36-61

default configuration 36-19

definitions 36-3

disabling on interfaces 36-35

enabling and disabling 36-45

enabling hierarchical policers 36-41

enabling on interfaces 36-35

enabling per-port per-VLAN 36-43

flowcharts 36-8, 36-13

IP phones

automatic classification and queueing 36-61

detection and trusted settings 36-21, 36-61

overview 36-2

overview of per-port per-VLAN 36-17

packet modification 36-17

port-based 36-46

priority 36-16

traffic shaping 36-17

transmit rate 36-51

trust states

trusted device 36-21

VLAN-based 36-46

See also COS; DSCP values; transmit queues

QoS active queue management

tracking queue length 36-15

QoS labels

definition 36-3

QoS mapping tables

CoS-to-DSCP 36-53

DSCP-to-CoS 36-54

policed-DSCP 36-53

types 36-15

QoS marking

description 36-5

QoS on Sup 6-E

Active Queue management via DBL 36-88

active queue management via DBL 36-81, 36-88

classification 36-70

configuring 36-66

configuring the policy map marking action 36-77

hardware capabilities for marking 36-77

how to implement policing 36-71

marking action drivers 36-75

marking network traffic 36-72

MQC-based QoS configuration 36-67

multi-attribute marking support 36-76

platform hardware capabilities 36-69

platform restrictions 36-71

platform-supported classification criteria and QoS features 36-67, 36-68

policing 36-70

policy associations 36-89

prerequisites for applying a service policy 36-70

priority queuing 36-84

queue-limiting 36-85

restrictions for applying a service policy 36-70

shaping 36-79

sharing(bandwidth) 36-81

sharing(blandwidth), shapring, and priority queuing 36-79

software QoS 36-91

traffic marking procedure flowchart 36-75

QoS policers

burst size 36-27

types of 36-10

QoS policing

definition 36-5

described 36-5, 36-10

QoS policy

attaching to interfaces 36-12

overview of configuration 36-28

QoS service policy

prerequisites 36-70

restrictions for applying 36-70

QoS transmit queues

allocating bandwidth 36-50

burst 36-17

configuring traffic shaping 36-51

mapping DHCP values to 36-50

maximum rate 36-17

overview 36-15

sharing link bandwidth 36-16

QoS transmit queues, configuring 36-49

Quality of service

See QoS

queueing 36-6, 36-15

queue-limiting, QoS on Sup 6-E 36-85

R

RADIUS server

configure to-Switch communication 39-27

configuring settings 39-29

parameters on the switch 39-27

range command 6-4

range macros

defining 6-10

ranges of interfaces

configuring 6-4

Rapid Spanning Tree

See RSTP

rcommand command 12-12

re-authentication of a client

configuring manual 39-65

enabling periodic 39-58

redirect URLs, port-based authentication 39-17

reduced MAC address 17-2

redundancy

configuring 8-7

guidelines and restrictions 8-5

changes made through SNMP 8-11

NSF-aware support 9-1

NSF-capable support 9-1

overview 8-2

redundancy command 8-8

understanding synchronization 8-4

redundancy (NSF) 9-1

configuring

BGP 9-11

CEF 9-11

EIGRP 9-16

IS-IS 9-14

OSPF 9-13

routing protocols 9-5

redundancy (RPR)

route processor redundancy 8-3

synchronization 8-5

redundancy (SSO)

redundancy command 9-10

route processor redundancy 8-3

synchronization 8-5

reload command 3-28, 3-29

remote failure indications 53-20

remote loopback, Ethernet OAM 53-21, 53-23

Remote Network Monitoring

See RMON

rendezvous point, configuring 32-16

rendezvous point, configuring single static 32-20

REP

administrative VLAN 19-7

administrative VLAN, configuring 19-8

and STP 19-5

configuration guidelines 19-6

configuring interfaces 19-9

convergence 19-3

default configuration 19-6

manual preemption, configuring 19-11

monitoring 19-12

neighbor offset numbers 19-4

open segment 19-2

ports 19-5

preempt delay time 19-5

primary edge port 19-4

ring segment 19-2

secondary edge port 19-4

segments 19-1

characteristics 19-2

SNMP traps, configuring 19-12

supported interfaces 19-1

triggering VLAN load balancing 19-5

verifying link integrity 19-3

VLAN blocking 19-11

VLAN load balancing 19-4

replication

description 32-8

report suppression, IGMP

disabling 23-10

reserved-range VLANs

See VLANs

reset command 59-3

resetting an interface to default configuration 6-33

resetting a switch to defaults 3-31

Resilient Ethernet ProtocolLSee REP

responder, IP SLAs

described 55-4

enabling 55-8

response time, measuring with IP SLAs 55-5

restricting access

NTP services 4-8

TACACS+ 3-15

retransmission number

setting in 802.1X authentication 39-63

retransmission time

changing in 802.1X authentication 39-62

RFC

1157, SNMPv1 51-2

1305, NTP 4-2

1757, RMON 56-2

1901, SNMPv2C 51-2

1902 to 1907, SNMPv2 51-2

2273-2275, SNMPv3 51-2

RIP

description 1-12

RMON

default configuration 56-3

displaying status 56-6

enabling alarms and events 56-3

groups supported 56-2

overview 56-1

ROM monitor

boot process and 3-26

CLI 2-7

commands59-2to 59-3

debug commands 59-5

entering 59-2

exiting 59-6

overview 59-1

root bridge

configuring 17-9

selecting in MST 17-22

root guard

and MST 17-23

enabling 20-2

overview 20-2

routed packets

ACLs 46-31

route-map (IP) command 34-3

route maps

defining 34-3

PBR 34-2

router ACLs

description 46-3

using with VLAN maps 46-29

router ACLs, using PACL with VLAN maps 46-36

route targets

VPN 35-3

Routing Information Protocol

See RIP

RPF

<Emphasis>See Unicast RPF

RSPAN

configuration guidelines 49-16

destination ports 49-5

IDS 49-2

monitored ports 49-4

monitoring ports 49-5

received traffic 49-3

sessions

creating 49-17

defined 49-3

limiting source traffic to specific VLANs 49-23

monitoring VLANs 49-22

removing source (monitored) ports 49-21

specifying monitored ports 49-17

source ports 49-4

transmitted traffic 49-4

VLAN-based 49-5

RSTP

compatibility 17-23

description 17-22

port roles 17-23

port states 17-24

S

SAID

See 802.10 SAID

scheduling 36-15

defined 36-5

overview 36-6

secondary edge port, REP 19-4

secondary root switch 17-11

secondary VLANs 38-3

associating with primary 38-14

permitting routing 38-21

security

configuring 43-1

Security Association Identifier

See 802.10 SAID

selecting a power management mode 10-8

selecting X2/TwinGig Convertor Mode 6-13

sequence numbers in log messages 50-7

service policy, configure class-level queue-limit 36-85

service-policy command 36-28

service-policy input command 28-2, 36-35

service-provider networks

and customer VLANs 24-2

set default interface command 34-4

set interface command 34-3

set ip default next-hop command 34-4

set ip next-hop command 34-3

set-request operation 51-4

severity levels, defining in system messages 50-8

shaping, QoS on Sup 6-E 36-79

sharing(bandwidth), QoS on Sup 6-E 36-81

show adjacency command 30-9

show boot command 3-31

show catalyst4000 chassis-mac-address command 17-3

show cdp command 25-2, 25-3

show cdp entry command 25-3

show cdp interface command 25-3

show cdp neighbors command 25-4

show cdp traffic command 25-4

show ciscoview package command 4-33

show ciscoview version command 4-33

show cluster members command 12-12

show configuration command 6-19

show debugging command 25-4

show environment command 10-2

show history command 2-4

show interfaces command 6-24, 6-26, 6-30, 6-32

show interfaces status command 7-2

show ip cache flow aggregation destination-prefix command 52-12

show ip cache flow aggregation prefix command 52-12

show ip cache flow aggregation source-prefix command 52-12

show ip cache flow command 52-9

show ip cef command 30-8

show ip eigrp interfaces command 29-17

show ip eigrp neighbors command 29-17

show ip eigrp topology command 29-17

show ip eigrp traffic command 29-17

show ip interface command 32-23

show ip local policy command 34-4

show ip mroute command 32-22

show ip pim interface command 32-23

show l2protocol command 24-12

show lldp traffic command 26-8

show mac-address-table address command 7-3

show mac-address-table interface command 7-3

show mls entry command 30-8

show module command 7-1, 17-5

show PoE consumed 11-8

show power inline command 11-7

show power inline consumption command 11-5

show power supplies command 10-11

show protocols command 6-30

show running-config command

adding description for an interface 6-19

checking your settings 3-9

displaying ACLs 46-24, 46-26, 46-33, 46-34

show startup-config command 3-10

show users command 7-6

show version command 3-29

shutdown, command 6-31

shutdown threshold for Layer 2 protocol packets 24-9

shutting down

interfaces 6-31

Simple Network Management Protocol

See SNMP

single-host mode 39-7

single spanning tree

See SST

single static RP, configuring 32-20

slot numbers, description 6-2

Smartports macros

applying global parameter values 16-8

applying macros 16-8

applying parameter values 16-9

configuration guidelines 16-6

configuring 16-2

creating 16-7

default configuration 16-4

defined 16-1

displaying 16-13

tracing 16-7

website 16-2

SMNP traps, and CFM 53-7

SNMP

accessing MIB variables with 51-4

agent

described 51-4

disabling 51-7

and IP SLAs 55-3

authentication level 51-10

community strings

configuring 51-7

overview 51-4

configuration examples 51-16

configuration guidelines 51-6

default configuration 51-5

enabling 60-4

engine ID 51-6

groups 51-6, 51-9

host 51-6

informs

and trap keyword 51-11

described 51-5

differences from traps 51-5

enabling 51-14

limiting access by TFTP servers 51-15

limiting system log messages to NMS 50-9

manager functions 51-3

notifications 51-5

overview 51-1, 51-4

status, displaying 51-17

system contact and location 51-15

trap manager, configuring 51-13

traps

described 51-3, 51-5

differences from informs 51-5

enabling 51-11

enabling MAC address notification 4-22

enabling MAC move notification 4-24

enabling MAC threshold notification 4-26

overview 51-1, 51-4

types of 51-11

users 51-6, 51-9

versions supported 51-2

SNMP commands 60-4

SNMP traps

REP 19-12

SNMPv1 51-2

SNMPv2C 51-2

SNMPv3 51-2

software

upgrading 8-13

software configuration register 3-26

software QoS, on Sup 6-E 36-91

software switching

description 30-5

interfaces 30-6

key data structures used 32-7

SPAN

and ACLs 49-5

configuration guidelines 49-7

configuring49-6to 49-10

destination ports 49-5

IDS 49-2

monitored port, defined 49-4

monitoring port, defined 49-5

received traffic 49-3

sessions

defined 49-3

source ports 49-4

transmitted traffic 49-4

VLAN-based 49-5

SPAN and RSPAN

concepts and terminology 49-3

default configuration 49-6

displaying status 49-24

overview 49-1

session limits 49-6

SPAN enhancements

access list filtering 49-13

configuration example 49-16

CPU port sniffing 49-10

encapsulation configuration 49-12

ingress packets 49-12

packet type filtering 49-15

spanning-tree backbonefast command 20-16

spanning-tree cost command 17-15

spanning-tree guard root command 20-2

spanning-tree portfast bpdu-guard command 20-8

spanning-tree portfast command 20-7

spanning-tree port-priority command 17-13

spanning-tree uplinkfast command 20-12

spanning-tree vlan

command 17-9

command example 17-9

spanning-tree vlan command 17-8

spanning-tree vlan cost command 17-15

spanning-tree vlan forward-time command 17-19

spanning-tree vlan hello-time command 17-17

spanning-tree vlan max-age command 17-18

spanning-tree vlan port-priority command 17-13

spanning-tree vlan priority command 17-17

spanning-tree vlan root primary command 17-10

spanning-tree vlan root secondary command 17-12

speed

configuring interface 6-17

speed command 6-17

SSO

configuring 9-10

SSO operation 9-4

SST

description 17-22

interoperability 17-24

static addresses

See addresses

static routes

configuring 3-11

verifying 3-12

statistics

802.1X 41-15

displaying 802.1X 39-66

displaying PIM 32-26

LLDP 26-7

LLDP-MED 26-7

NetFlow accounting 52-9

SNMP input and output 51-17

sticky learning

configuration file 42-5

defined 42-5

disabling 42-5

enabling 42-5

saving addresses 42-5

sticky MAC addresses

configuring 42-7

defined 42-4

Storm Control

displaying 48-8

enabling Broadcast 48-3

enabling Multicast 48-4

hardware-based, implementing 48-2

overview 48-1

software-based, implementing 48-2

STP

and REP 19-5

bridge ID 17-2

configuring17-7to 17-20

creating topology 17-4

defaults 17-6

disabling 17-19

enabling 17-7

enabling extended system ID 17-8

enabling Per-VLAN Rapid Spanning Tree 17-20

EtherChannel guard

disabling 20-6

forward-delay time 17-18

hello time 17-17

Layer 2 protocol tunneling 24-7

maximum aging time 17-18

overview 17-1, 17-3

per-VLAN rapid spanning tree 17-6

port cost 17-15

port priority 17-12

root bridge 17-9

stratum, NTP 4-2

stub routing (EIGRP)

benefits 29-16

configuration tasks 29-16

configuring 29-12

overview 29-11, 29-12

restrictions 29-16

verifying 29-17

subdomains, private VLAN 38-2

summer time 4-13

supervisor engine

accessing the redundant 8-14

configuring3-8to 3-13

copying files to standby 8-14

default configuration 3-1

default gateways 3-11

environmental monitoring 10-1

redundancy 9-1

ROM monitor 3-26

startup configuration 3-25

static routes 3-11

synchronizing configurations 8-11

Supervisor Engine II-TS

insufficient inline power handling 10-18, 11-12

SVI Autostate Exclude

understanding 29-3

SVI Autostate exclude

configuring 29-6

switched packets

and ACLs 46-30

Switched Port Analyzer

See SPAN

switching, NetFlow

checking for required hardware 52-6

configuration (example) 52-12

configuring switched IP flows 52-8

enabling Collection 52-7

exporting cache entries 52-9

switchport

show interfaces 6-24, 6-26, 6-32

switchport access vlan command 15-6, 15-8

switchport block multicast command 47-2

switchport block unicast command 47-2

switchport mode access command 15-8

switchport mode dot1q-tunnel command 24-6

switchport mode dynamic command 15-6

switchport mode trunk command 15-6

switch ports

See access ports

switchport trunk allowed vlan command 15-6

switchport trunk encapsulation command 15-6

switchport trunk encapsulation dot1q command 15-3

switchport trunk encapsulation isl command 15-3

switchport trunk encapsulation negotiate command 15-3

switchport trunk native vlan command 15-6

switchport trunk pruning vlan command 15-7

switch-to-RADIUS server communication

configuring 39-27

sysret command 59-5

system

reviewing configuration 3-10

settings at startup 3-27

system alarms

on Sup 2+ to V-10GE 10-5

on Sup 6-E 10-5

overview 10-4

system and network statistics, displaying 32-22

system capabilities TLV 26-2

system clock

configuring

daylight saving time 4-13

manually 4-11

summer time 4-13

time zones 4-12

displaying the time and date 4-12

overview 4-2

See also NTP

system description TLV 26-2

system images

loading from Flash memory 3-30

modifying boot field 3-27

specifying 3-30

system message logging

default configuration 50-3

defining error message severity levels 50-8

disabling 50-4

displaying the configuration 50-12

enabling 50-4

facility keywords, described 50-12

level keywords, described 50-8

limiting messages 50-9

message format 50-2

overview 50-1

sequence numbers, enabling and disabling 50-7

setting the display destination device 50-4

synchronizing log messages 50-5

timestamps, enabling and disabling 50-7

UNIX syslog servers

configuring the daemon 50-10

configuring the logging facility 50-11

facilities supported 50-12

system MTU

802.1Q tunneling 24-5

maximums 24-5

system name

default configuration 4-15

default setting 4-15

manual configuration 4-15

See also DNS

system name TLV 26-2

system prompt, default setting 4-14, 4-15

T

TACACS+ 43-1

accounting, defined 3-16

authentication, defined 3-16

authorization, defined 3-16

configuring

accounting 3-21

authentication key 3-18

authorization 3-21

login authentication 3-19

default configuration 3-18

displaying the configuration 3-22

identifying the server 3-18

limiting the services to the user 3-21

operation of 3-17

overview 3-15

tracking services accessed by user 3-21

tagged packets

802.1Q 24-3

Layer 2 protocol 24-7

TCAM programming algorithm

changing 46-9

TCAM programming algorithm, overview 46-7

TCAM programming and ACLs 46-10, 46-12

for Sup II-Plust thru V-10GE 46-6

TCAM programming and ACLs for Sup 6-E 46-15

TCAM region, changing the algorithm 46-9

TCAM region, resizing 46-10

TDR

checking cable connectivity 7-3

enabling and disabling test 7-3

guidelines 7-3

Telnet

accessing CLI 2-2

disconnecting user sessions 7-6

executing 7-5

monitoring user sessions 7-6

telnet command 7-5

templates, Ethernet OAM 53-30

Terminal Access Controller Access Control System Plus

See TACACS+

TFTP

configuration files in base directory 3-4

configuring for autoconfiguration 3-4

limiting access by servers 51-15

TFTP download

See also console download

threshold monitoring, IP SLAs 55-7

time

See NTP and system clock

Time Domain Reflectometer

See TDR

time exceeded messages 7-8

timer

See login timer

timestamps in log messages 50-7

time zones 4-12

TLV

host presence detection 39-8

TLVs

defined 1-4, 26-2

LLDP-MED 26-2

Token Ring

media not supported (note) 13-5, 13-9

Topology change notification processing

MLD Snooping

Topology change notification processing 23-5

TOS

description 36-4

trace command 7-9

traceroute

See IP traceroute

See Layer 2 Traceroute

traceroute mac command 7-10

traceroute mac ip command 7-10

traffic

blocking flooded 47-2

traffic control

using ACLs (figure) 46-4

using VLAN maps (figure) 46-5

traffic marking procedure flowchart 36-75

traffic shaping 36-17

translational bridge numbers (defaults) 13-5

transmit queues

See QoS transmit queues

transmit rate 36-51

traps

configuring MAC address notification 4-22

configuring MAC move notification 4-24

configuring MAC threshold notification 4-26

configuring managers 51-11

defined 51-3

enabling 4-22, 4-24, 4-26, 51-11

notification types 51-11

overview 51-1, 51-4

troubleshooting

with CiscoWorks 51-4

with system message logging 50-1

with traceroute 7-8

troubleshooting high CPU due to ACLs 46-12

trunk ports

configure port security 42-16

configuring PVLAN38-17to 38-19

trunks

802.1Q restrictions 15-5

configuring 15-6

configuring access VLANs 15-6

configuring allowed VLANs 15-6

default interface configuration 15-6

different VTP domains 15-3

enabling to non-DTP device 15-4

encapsulation 15-3

specifying native VLAN 15-6

understanding 15-3

trusted boundary for QoS 36-21

Trust State of interfaces, configuring

trust states

configuring 36-47

tunneling

defined 24-1

tunnel ports

802.1Q, configuring 24-6

described 24-2

incompatibilities with other features 24-5

TwinGig Convertors

limitations on using 6-13

port numbering 6-13

selecting X2/TwinGig Convertor mode 6-13

type length value

See TLV

type of service

See TOS

U

UDLD

default configuration 27-2

disabling 27-4, 27-5

enabling 27-3

overview 27-1

UDP jitter, configuring 55-10

UDP jitter operation, IP SLAs 55-9

unauthorized ports with 802.1X 39-4

unicast

See IP unicast

unicast flood blocking

configuring 47-1

unicast MAC address filtering

and adding static addresses 4-29

and broadcast MAC addresses 4-28

and CPU packets 4-29

and multicast addresses 4-28

and router MAC addresses 4-28

configuration guidelines 4-28

described 4-28

unicast MAC address filtering, configuring

ACLs

configuring unicast MAC address filtering 46-19

Unicast RPF (Unicast Reverse Path Forwarding)

applying 31-5

BGP attributes

caution 31-5

CEF

requirement 31-2

tables 31-7

configuring 31-9

(examples)??to 31-12

BOOTP 31-8

DHCP 31-8

enterprise network (figure) 31-6

prerequisites 31-9

routing table requirements 31-7

tasks 31-9

verifying 31-10

deploying 31-5

description 31-2

disabling 31-11

enterprise network (figure) 31-6

FIB 31-2

implementing 31-4

maintaining 31-10

monitoring 31-10

packets, dropping (figure) 31-4

prerequisites 31-9

restrictions

basic 31-8

routing asymmetry 31-7

routing asymmetry (figure) 31-8

routing table requirements 31-7

security policy

applying 31-5

attacks, mitigating 31-5

deploying 31-5

tunneling 31-5

source addresses, validating 31-3

(figure) 31-3, 31-4

failure 31-3

traffic filtering 31-5

tunneling 31-5

validation

failure 31-3, 31-4

packets, dropping 31-3

source addresses 31-3

verifying 31-10

unicast traffic

blocking 47-2

unidirectional ethernet

enabling 28-1

example of setting 28-2

overview 28-1

UniDirectional Link Detection Protocol

See UDLD

UNIX syslog servers

daemon configuration 50-10

facilities supported 50-12

message logging configuration 50-11

UplinkFast

and MST 17-22

enabling 20-15

MST and 17-23

overview 20-11

User Based Rate Limiting

configuring 36-37

overview 36-37

user EXEC mode 2-5

user sessions

disconnecting 7-6

monitoring 7-6

using PACL with access-group mode 46-34

V

VACLs

Layer 4 port operations 46-15

virtual configuration register 59-3

virtual LANs

See VLANs

Virtual Private Network

See VPN

Virtual Switch System(VSS), displaying EtherChannel to 21-14

VLAN ACLs

See VLAN maps

VLAN-based QoS on Layer 2 interfaces, configuring 36-46

VLAN blocking, REP 19-11

vlan command 13-6

vlan dot1q tag native command 24-4

VLAN ID, discovering 4-30

VLAN load balancing

REP 19-4

VLAN load balancing, triggering 19-5

VLAN load balancing on flex links 18-2

configuration guidelines 18-6

VLAN Management Policy Server

See VMPS

VLAN maps

applying to a VLAN 46-26

configuration example 46-27

configuration guidelines 46-23

configuring 46-22

creating and deleting entries 46-23

defined 46-3

denying access example 46-28

denying packets 46-24

displaying 46-28

order of entries 46-23

permitting packets 46-24

router ACLs and 46-29

using (figure) 46-5

using in your network 46-26

VLAN maps, PACL and Router ACLs 46-36

VLANs

allowed on trunk 15-6

configuration guidelines 13-3

configuring 13-5

customer numbering in service-provider networks 24-3

default configuration 13-4

description 1-7

extended range 13-3

IDs (default) 13-4

interface assignment 13-7

limiting source traffic with RSPAN 49-23

monitoring with RSPAN 49-22

name (default) 13-4

normal range 13-3

overview 13-1

reserved range 13-3

See also PVLANs

VLAN Trunking Protocol

See VTP

VLAN trunks

overview 15-3

VMPS

configuration file example 13-32

configuring dynamic access ports on client 13-25

configuring retry interval 13-27

database configuration file 13-32

dynamic port membership

example 13-29

reconfirming 13-26

reconfirming assignments 13-26

reconfirming membership interval 13-26

server overview 13-21

VMPS client

administering and monitoring 13-27

configure switch

configure reconfirmation interval 13-26

dynamic ports 13-25

entering IP VMPS address 13-24

reconfirmation interval 13-27

reconfirm VLAM membership 13-26

default configuration 13-24

dynamic VLAN membership overview 13-23

troubleshooting dynamic port VLAN membership 13-28

VMPS server

fall-back VLAN 13-22

illegal VMPS client requests 13-23

overview 13-21

security modes

multiple 13-22

open 13-21

secure 13-22

voice interfaces

configuring 37-1

Voice over IP

configuring 37-1

voice ports

configuring VVID 37-3

voice traffic 11-2, 37-5

voice VLAN

IP phone data traffic, described 37-2

IP phone voice traffic, described 37-2

voice VLAN ports

using 802.1X 39-19

VPN

configuring routing in 35-10

forwarding 35-3

in service provider networks 35-1

routes 35-2

routing and forwarding table

See VRF

VRF

defining 35-3

tables 35-1

VRF-aware services

ARP 35-6, 35-9

configuring 35-5

ftp 35-8

ping 35-6

SNMP 35-6

syslog 35-7

tftp 35-8

traceroute 35-8

uRPF 35-7

VTP

client, configuring 13-16

configuration guidelines 13-12

default configuration 13-13

disabling 13-16

Layer 2 protocol tunneling 24-7

monitoring 13-19

overview 13-7

pruning

configuring 13-15

See also VTP version 2

server, configuring 13-16

statistics 13-19

transparent mode, configuring 13-16

version 2

enabling 13-15

VTP advertisements

description 13-9

VTP domains

description 13-8

VTP modes 13-8

VTP pruning

overview 13-11

VTP versions 2 and 3

overview 13-9

See also VTP

VTY and Network Assistant 12-11

VVID (voice VLAN ID)

and 802.1X authentication 39-19

configuring 37-3

W

Wake-on-LAN

configure with 802.1X 39-49

WCCP

configuration examples 58-9

configuring on a router 58-2, 58-10

features 58-4

restrictions 58-5

service groups 58-6

web-based authentication

AAA fail policy 41-4

authentication proxy web pages 41-4

description 1-24, 39-13, 41-1

web-based authentication, interactions with other features 41-4

Web Cache Communication Protocol

See WCCP 58-1

web caches

See cache engines

web cache services

description 58-4

web caching

See web cache services

See also WCCP

web scaling 58-1