Cisco ME3400 Ethernet Access Switch Software Configuration Guide, Rel 12.2(60)EZ
Index
Downloads: This chapterpdf (PDF - 1.85MB) The complete bookPDF (PDF - 13.71MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y -

Index

A

abbreviating commands 2-3

ABRs 36-23

access-class command 32-18

access control entries

See ACEs

access-denied response, VMPS 12-24

access groups

applying IPv4 ACLs to interfaces 32-19

Layer 2 32-19

Layer 3 32-20

access lists

See ACLs

access ports

and Layer 2 protocol tunneling 14-11

defined 10-4

accounting

with IEEE 802.1x 9-5, 9-22

with RADIUS 6-28

with TACACS+ 6-11, 6-16

ACEs

defined 32-2

Ethernet 32-2

IP 32-2

ACL classification, QoS 34-10

ACLs

ACEs 32-2

any keyword 32-12, 34-36

applying

on multicast packets 32-41

on routed packets 32-40

on switched packets 32-39

time ranges to 32-16

to an interface 32-19, 39-7

to IPv6 interfaces 39-7

applying to QoS 34-10

classifying traffic for QoS 34-34

comments in 32-18

compiling 32-22

defined 32-1, 32-7

examples of 32-22

extended IPv4

creating 32-10

matching criteria 32-7

hardware and software handling 32-20

host keyword 32-12, 34-36

IP

creating 32-7

implicit deny 32-9, 32-13, 32-15

implicit masks 32-9

matching criteria 32-7

undefined 32-20

IPv4

applying to interfaces 32-19

creating 32-7

matching criteria 32-7

named 32-14

numbers 32-8

terminal lines, setting on 32-18

unsupported features 32-6

IPv6

applying to interfaces 39-7

configuring 39-3, 39-4, 40-4, 40-9

displaying 39-8

interactions with other features 39-3

limitations 39-2

matching criteria 39-2

named 39-2

precedence of 39-2

supported 39-2

unsupported features 39-2

Layer 4 information in 32-39

logging messages 32-8

MAC extended 32-27

matching 32-7, 32-20

monitoring 32-41, 39-8

named

IPv6 39-2

named, IPv4 32-14

names 39-3

port 32-2, 39-1

precedence of 32-2

QoS 34-10

resequencing entries 32-14

router 32-2, 39-1

router ACLs and VLAN map configuration guidelines 32-38

standard IPv4

creating 32-9

matching criteria 32-7

support for 1-8

support in hardware 32-20

time ranges 32-16

types supported 32-2

unsupported features

IPv6 39-2

unsupported features, IPv4 32-6

using router ACLs with VLAN maps 32-38

VLAN maps

configuration guidelines 32-30

configuring 32-29

ACLs, QoS, configuring 34-34

active link 19-4, 19-5, 19-6

active links 19-2

active router 41-2

active traffic monitoring, IP SLAs 42-1

address aliasing 22-2

addresses

displaying the MAC address table 5-31

dynamic

accelerated aging 15-9

changing the aging time 5-22

default aging 15-9

defined 5-20

learning 5-21

removing 5-23

IPv6 37-2

MAC, discovering 5-31

multicast

group address range 46-2

STP address management 15-9

static

adding and removing 5-27

defined 5-20

address resolution 5-31, 36-7

Address Resolution Protocol

See ARP

adjacency tables, with CEF 36-96

administrative distances

defined 36-108

OSPF 36-31

routing protocol defaults 36-98

administrative VLAN

REP, configuring 18-8

administrative VLAN, REP 18-8

advertisements

CDP 24-1

LLDP 25-1

RIP 36-18

age timer, REP 18-8

aggregatable global unicast addresses 37-3

aggregate addresses, BGP 36-58

aggregated ports

See EtherChannel

aggregate policers

configuration guidelines 34-47

configuring 34-47

described 34-16

aging, accelerating 15-9

aging time

accelerated

for MSTP 16-23

for STP 15-9, 15-22

MAC address table 5-22

maximum

for MSTP 16-24

for STP 15-22

alarms, RMON 28-3

allowed-VLAN list 12-17

area border routers

See ABRs

area routing

IS-IS 36-63

ISO IGRP 36-63

ARP

configuring 36-8

defined 1-4, 5-31, 36-7

encapsulation 36-9

static cache configuration 36-8

table

address resolution 5-31

managing 5-31

ASBRs 36-23

AS-path filters, BGP 36-53

assured forwarding, DSCP 34-8

asymmetrical links, and IEEE 802.1Q tunneling 14-4

attributes, RADIUS

vendor-proprietary 6-30

vendor-specific 6-29

authentication

EIGRP 36-39

HSRP 41-10

local mode with AAA 6-36

NTP associations 5-4

RADIUS

key 6-21

login 6-23

TACACS+

defined 6-11

key 6-13

login 6-14

See also port-based authentication

authentication keys, and routing protocols 36-108

authentication manager

single session ID 9-10

authoritative time source, described 5-2

authorization

with RADIUS 6-27

with TACACS+ 6-11, 6-16

authorized ports with 802.1x 9-4

autoconfiguration 3-3

auto enablement 9-9

autonegotiation

duplex mode 1-2

interface configuration guidelines 10-16

mismatches 48-8

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP 36-46

Auto-RP, described 46-6

autosensing, port speed 1-2

availability, features 1-5

B

backup interfaces

See Flex Links

backup links 19-2

backup static routing, configuring 43-11

bandwidth, QoS, configuring 34-58

bandwidth command

for CBWFQ 34-23

QoS, configuring 34-58

QoS, described 34-26

with police command 34-28

bandwidth remaining percent command 34-28

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

Berkeley r-tools replacement 6-41

best-effort packet delivery 34-1

BGP

aggregate addresses 36-58

aggregate routes, configuring 36-58

CIDR 36-58

clear commands 36-62

community filtering 36-55

configuring neighbors 36-57

default configuration 36-44, 36-74, 36-75

described 36-43

enabling 36-46

monitoring 36-62

multipath support 36-50

neighbors, types of 36-46

path selection 36-50

peers, configuring 36-57

prefix filtering 36-54

resetting sessions 36-49

route dampening 36-61

route maps 36-52

route reflectors 36-60

routing domain confederation 36-59

routing session with multi-VRF CE 36-90

show commands 36-62

supernets 36-58

support for 1-10

Version 4 36-43

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-6

IP source guard 20-19

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-7

Boolean expressions in tracked lists 43-4

booting

boot loader, function of 3-2

boot process 3-1

manually 3-19

specific image 3-20

boot loader

accessing 3-21

described 3-2

environment variables 3-21

prompt 3-21

trap-door mechanism 3-2

bootstrap router (BSR), described 46-6

Border Gateway Protocol

See BGP

BPDU

error-disabled state 17-3

filtering 17-3

RSTP format 16-12

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

support for 1-6

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

support for 1-6

broadcast flooding 36-15

broadcast packets

directed 36-12

flooded 36-12

broadcast storm-control command 23-4

broadcast storms 23-1, 36-12

bulk statistics

defined 30-6

file 30-6

object list, configuring 30-18

object list, described 30-6

schema, configuring 30-18

schema, described 30-6

transfer 30-19

bulkstat object-list 30-18

bulkstat schema 30-18

C

cables, monitoring for unidirectional links 26-1

CBWFQ

and bandwidth command 34-26, 34-58

configuration guidelines 34-58

QoS scheduling 34-23

CDP

configuring 24-2

default configuration 24-2

defined with LLDP 25-1

described 24-1

disabling for routing device24-3to 24-4

enabling and disabling

on an interface 24-4

on a switch 24-3

Layer 2 protocol tunneling 14-7

monitoring 24-5

overview 24-1

support for 1-4

transmission timer and holdtime, setting 24-2

updates 24-2

CEF

defined 36-95

enabling 36-96

IPv6 37-20

CFM

and Ethernet OAM, configuring 44-51

and Ethernet OAM interaction 44-50

and OAM manager 44-43

and other features 44-8

and tunnels 44-8

clearing 44-30

configuration errors 44-5

configuration guidelines 44-7

configuring crosscheck 44-11

configuring fault alarms 44-16

configuring port MEP 44-14

configuring static remote MEP 44-12

configuring the network 44-8

continuity check messages 44-5

crosscheck 44-5

default configuration 44-7

defined 44-2

down MEPs 44-4

draft 1 44-4

draft 8.1 44-4

EtherChannel support 44-7

fault alarms

configuring 44-16

defined 44-5

IEEE 802.1ag 44-2

IP SLAs support for 44-6

IP SLAs with endpoint discovers 44-19

loopback messages 44-5

maintenance association 44-3

maintenance domain 44-2

maintenance point 44-3

manually configuring IP SLAs ping or jitter 44-17

measuring network performance 44-6

messages

continuity check 44-5

loopback 44-5

traceroute 44-5

monitoring 44-30, 44-32

on EtherChannel port channels 44-7

port MEP, configuring 44-14

remote MEPs 44-5

SNMP traps 44-5

static RMEP, configuring 44-12

static RMEP check 44-5

traceroute messages 44-5

types of messages 44-5

UNIs 44-4

up MEPs 44-4

version interoperability 44-6

Y.1731

described 44-23

child policies, QoS 34-12, 34-25

CIDR 36-58

Cisco Configuration Engine 1-3

Cisco Data Collection MIB 30-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 42-2

Cisco Process MIB 30-1

CiscoWorks 2000 1-3, 30-4

CISP 9-9

CIST regional root

See MSTP

CIST root

See MSTP

civic location 25-2

class-based priority queuing, QoS 34-17

class-based shaping

configuration guidelines 34-60

configuring 34-60

for QoS 34-24

Class-Based-Weighted-Fair-Queuing

See CBWFQ

classification

based on ACL lookup 34-10

in packet headers 34-5

per-port per VLAN 34-12, 34-51

QoS comparisons 34-9

QoS group 34-10

classless interdomain routing

See CIDR

classless routing 36-6

class map

match-all option 34-7

match-any option 34-7

class-map command 34-3

class maps, QoS

configuring 34-38, 40-9

described 34-7

class of service

See CoS

class selectors, DSCP 34-8

clearing

Ethernet CFM 44-30

clearing interfaces 10-28

CLI

abbreviating commands 2-3

command modes 2-1

described 1-3

editing features

enabling and disabling 2-6

keystroke editing 2-6

wrapped lines 2-8

error messages 2-4

filtering command output 2-8

getting help 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client processes, tracking 43-1

CLNS

See ISO CLNS

clock

See system clock

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-7

for upgrading 4-14

command-line interface

See CLI

command macros

applying global parameter values 11-4

applying macros 11-4

applying parameter values 11-4

configuration guidelines 11-2

creating 11-3

default configuration 11-2

defined 11-1

displaying 11-5

tracing 11-2

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 6-8

common session ID

see single session ID 9-10

community list, BGP 36-56

community ports 13-3

community strings

configuring 30-8

overview 30-4

community VLANs 13-2, 13-3

compatibility, feature 23-12

config.text 3-18

configurable leave timer, IGMP 22-5

configuration, initial

defaults 1-12

configuration examples

network 1-15

policy maps 34-75

QoS

adding customers 34-78

adding or deleting a class 34-81

adding or deleting classification criteria 34-78, 34-79

adding or deleting configured actions 34-80

changing queuing or scheduling parameters 34-79

initial 34-76

QoS marking and queuing, CPU-generated traffic 34-71

configuration files

archiving A-19

clearing the startup configuration A-18

creating using a text editor A-9

default name 3-18

deleting a stored configuration A-18

described A-8

downloading

automatically 3-18

preparing A-10, A-12, A-15

reasons for A-8

using FTP A-13

using RCP A-16

using TFTP A-11

guidelines for creating and using A-9

guidelines for replacing and rolling back A-20

invalid combinations when copying A-5

limiting TFTP server access 30-17, 30-18, 30-19, 30-20

obtaining with DHCP 3-8

password recovery disable considerations 6-5

replacing a running configuration A-18, A-19

rolling back a running configuration A-18, A-19

specifying the filename 3-19

system contact and location information 30-17

types and location A-9

uploading

preparing A-10, A-12, A-15

reasons for A-8

using FTP A-14

using RCP A-17

using TFTP A-11

configuration guidelines

aggregate policers 34-47

CBWFQ 34-58

CFM 44-7

class-based shaping 34-60

EtherChannel 35-10

Ethernet OAM 44-34

HSRP 41-5

individual policers 34-43

input policy maps 34-42

link-state tracking 35-24

marking in policy maps 34-49

multi-VRF CE 36-85

OAM manager 44-44

output policy maps 34-56

per-port, per-VLAN QoS 34-51

PIM stub routing 46-12

port security 23-11

QoS, general 34-32

QoS ACLs 34-34

QoS class maps 34-38

QoS table maps 34-40

REP 18-7

rollback and replacement A-20

SSM 46-15

SSM mapping 46-17

strict priority queuing 34-62

unconditional priority policing 34-64

UNI VLANs 12-12

VLANs 12-8

WTD 34-67

configuration replacement A-18

configuration rollback A-18, A-19

configuration settings, saving 3-15

configure terminal command 10-8

Configure the VACL logging parameters 32-37

configuring 45-4

configuring marking in input policy maps 34-49

configuring port-based authentication violation modes 9-17

configuring small-frame arrival rate 23-5

Configuring VACL Logging 32-36

conform and exceed actions 34-47

congestion avoidance, QoS 34-2, 34-29

congestion management, QoS 34-2, 34-23

connections, secure remote 6-37

Connectivity Fault Management

See CFM

connectivity problems 48-9, 48-12, 48-14

console port, connecting to 2-9

control packets

and control-plane security 33-2

dropping and rate-limiting 33-2

control-plane security

configuring 33-6

control packets 33-2

monitoring 33-7

policers 33-3

policing 33-2

purpose of 33-1

control protocol, IP SLAs 42-4

convergence

REP 18-4

corrupted software, recovery steps with Xmodem 48-2

CoS

classification 34-8

values 34-6

counters, clearing interface 10-28

CPU-generated traffic

marking and queuing 34-69

CPU overload, protection from 33-1

CPU policers 33-5

CPU protection 33-3

CPU threshold notification 30-21

CPU threshold table 30-1, 30-20

CPU utilization statistics 30-20

crashinfo file 48-21

crosscheck, CFM 44-5, 44-11

cryptographic software image

Kerberos 6-32

SSH 6-37

customer edge devices 1-18, 36-83

D

data collection, bulk statistics 30-20

daylight saving time 5-13

debugging

enabling all system diagnostics 48-18

enabling for a specific feature 48-17

redirecting error message output 48-18

using commands 48-17

default

policer configuration

ENIs and UNIs 33-4

NNIs 33-5

default actions, table maps 34-13

default commands 2-4

default configuration

banners 5-17

BGP 36-44, 36-74, 36-75

booting 3-18

CDP 24-2

CFM 44-7

DHCP 20-8

DHCP option 82 20-8

DHCP snooping 20-8

DHCP snooping binding database 20-8

DNS 5-16

dynamic ARP inspection 21-5

EIGRP 36-36

E-LMI and OAM 44-44

EtherChannel 35-10

Ethernet OAM 44-34

Flex Links 19-7

HSRP 41-5

IEEE 802.1Q tunneling 14-4

IEEE 802.1x 9-11

IGMP 46-36

IGMP filtering 22-24

IGMP snooping 22-6, 38-5, 38-6

IGMP throttling 22-24

initial switch information 3-3

IP addressing, IP routing 36-4

IP multicast routing 46-8

IP SLAs 42-6

IP source guard 20-20

IPv6 37-11

IS-IS 36-64

Layer 2 interfaces 10-12

Layer 2 protocol tunneling 14-11

LLDP 25-3

MAC address table 5-22

MAC address-table move update 19-7

MSDP 47-3

MSTP 16-14

multi-VRF CE 36-84

MVR 22-18

NTP 5-4

optional spanning-tree configuration 17-5

OSPF 36-24

password and privilege level 6-2

PIM 46-8

private VLANs 13-6

QoS 34-32

RADIUS 6-20

REP 18-7

RIP 36-18

RMON 28-3

RSPAN 27-9

SDM template 7-3

SNMP 30-7

SPAN 27-9

STP 15-11

system message logging 29-3

system name and prompt 5-15

TACACS+ 6-13

UDLD 26-4

VLAN, Layer 2 Ethernet interfaces 12-16

VLANs 12-7

VMPS 12-25

Y.1731 44-26

default gateway 3-15, 36-10

default networks 36-99

default router preference

See DRP

default routes 36-98

default routing 36-2

default service, DSCP 34-8

default template 7-1

denial-of-service attacks, preventing 33-1

description command 10-22

designing your network, examples 1-15

destination addresses

in IPv6 ACLs 39-5, 40-3, 40-5

destination addresses, in IPv4 ACLs 32-11

destination-IP address-based forwarding, EtherChannel 35-8

destination-MAC address forwarding, EtherChannel 35-7

device discovery protocol 24-1, 25-1

DHCP

DHCP for IPv6

See DHCPv6

DHCP, enabling the relay agent 20-10

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-8

server side 3-6

TFTP server 3-7

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-4, 1-11

support for 1-4

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP object tracking, configuring primary interface 43-10

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-8

default configuration 20-8

displaying 20-15

forwarding address, specifying 20-10

helper address 20-10

overview 20-3

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP server port-based address allocation

configuration guidelines 20-16

default configuration 20-16

described 20-15

displaying 20-18

enabling 20-16

reserved addresses 20-16

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-12

and private VLANs 20-13

binding database

See DHCP snooping binding database

configuration guidelines 20-8

default configuration 20-8

displaying binding tables 20-15

message exchange process 20-4

option 82 data insertion 20-3

trusted interface 20-2

untrusted interface 20-2

untrusted messages 20-2

DHCP snooping binding database

adding bindings 20-13

binding entries, displaying 20-15

binding file

format 20-7

location 20-6

bindings 20-6

clearing agent statistics 20-14

configuration guidelines 20-9

configuring 20-13

default configuration 20-8

deleting

binding file 20-14

bindings 20-14

database agent 20-14

described 20-6

displaying 20-15

binding entries 20-15

status and statistics 20-15

enabling 20-13

entry 20-6

renewing database 20-14

resetting

delay value 20-14

timeout value 20-14

DHCP snooping binding table

See DHCP snooping binding database

DHCPv6

configuration guidelines 37-16

default configuration 37-16

described 37-6

enabling client function 37-19

enabling DHCPv6 server function 37-17

Differentiated Services Code Point

See DSCP

Diffusing Update Algorithm (DUAL) 36-34

Digital Optical Monitoring

see DoM

directed unicast requests 1-4

directories

changing A-3

creating and removing A-4

displaying the working A-3

discovery, Ethernet OAM 44-33

distribute-list command 36-107

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-16

displaying the configuration 5-17

in IPv6 37-3

overview 5-15

setting up 5-16

support for 1-4

DNS-based SSM mapping 46-18, 46-20

DoM

displaying supported transceivers 10-28

domain names, DNS 5-15

Domain Name System

See DNS

domains, ISO IGRP routing 36-63

dot1q-tunnel switchport mode 12-15

double-tagged packets

IEEE 802.1Q tunneling 14-2

Layer 2 protocol tunneling 14-10

downloading

configuration files

preparing A-10, A-12, A-15

reasons for A-8

using FTP A-13

using RCP A-16

using TFTP A-11

image files

deleting old image A-26

preparing A-24, A-27, A-31

reasons for A-22

using FTP A-28

using RCP A-32

using TFTP A-25

using the device manager or Network Assistant A-22

drop threshold for Layer 2 protocol packets 14-11

DRP

configuring 37-14

described 37-4

IPv6 37-4

DSCP

assured forwarding 34-8

classification 34-8

class selectors 34-8

default service 34-8

expedited forwarding 34-8

values 34-6

DUAL finite state machine, EIGRP 36-35

dual IPv4 and IPv6 templates 7-2, 37-5

dual protocol stacks

IPv4 and IPv6 37-5

SDM templates supporting 37-6

dual-purpose ports

default port type 10-7

defaults 10-18

defined 10-6

frame size 10-18

LEDs 10-7

setting the type 10-18

duplex mode, configuring 10-15

dynamic access ports

characteristics 12-5

configuring 12-26

defined 10-4

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 21-1

ARP requests, described 21-1

ARP spoofing attack 21-1

clearing

log buffer 21-15

statistics 21-15

configuration guidelines 21-6

configuring

ACLs for non-DHCP environments 21-8

in DHCP environments 21-7

log buffer 21-12

rate limit for incoming ARP packets 21-4, 21-10

default configuration 21-5

denial-of-service attacks, preventing 21-10

described 21-1

DHCP snooping binding database 21-2

displaying

ARP ACLs 21-14

configuration and operating state 21-14

log buffer 21-15

statistics 21-15

trust state and rate limit 21-14

error-disabled state for exceeding rate limit 21-4

function of 21-2

interface trust states 21-3

log buffer

clearing 21-15

configuring 21-12

displaying 21-15

logging of dropped packets, described 21-4

man-in-the middle attack, described 21-2

network security issues and interface trust states 21-3

priority of ARP ACLs and DHCP snooping entries 21-4

rate limiting of ARP packets

configuring 21-10

described 21-4

error-disabled state 21-4

statistics

clearing 21-15

displaying 21-15

validation checks, performing 21-11

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

types of connections 12-26

dynamic routing

ISO CLNS 36-63

protocols 36-2

E

EBGP 36-42

editing features

enabling and disabling 2-6

keystrokes used 2-6

wrapped lines 2-8

EEM 3.2 31-5

EIGRP

authentication 36-39

components 36-35

configuring 36-37

default configuration 36-36

definition 36-34

interface parameters, configuring 36-38

monitoring 36-41

stub routing 36-40

support for 1-10

EIGRP IPv6 37-7

ELIN location 25-2

E-LMI

and OAM Manager 44-43

CE device configuration 44-49

configuration guidelines 44-44

configuring a CE device 44-47

configuring a PE device 44-47

default configuration 44-44

defined 44-42

enabling 44-47

information 44-43

monitoring 44-49

PE device configuration 44-48

embedded event manager

3.2 31-5

actions 31-4

configuring 31-1, 31-5

displaying information 31-7

environmental variables 31-4

event detectors 31-2

policies 31-4

registering and defining an applet 31-6

registering and defining a TCL script 31-7

understanding 31-1

enable password 6-3

enable secret password 6-3

encryption for passwords 6-3

Enhanced IGRP

See EIGRP

enhanced network interface

See ENI

enhanced object tracking

backup static routing 43-11

commands 43-1

defined 43-1

DHCP primary interface 43-10

HSRP 43-7

IP routing state 43-2

IP SLAs 43-9

line-protocol state 43-2

network monitoring with IP SLAs 43-11

routing policy, configuring 43-11

static route primary interface 43-10

tracked lists 43-3

ENI

configuring 10-14

described 10-2

protocol control packets on 33-1

environmental variables, embedded event manager 31-4

environment variables, function of 3-22

equal-cost routing 1-11, 36-97

error messages during command entry 2-4

EtherChannel

802.3ad, described 35-6

automatic creation of 35-4, 35-6

channel groups

binding physical and logical interfaces 35-3

numbering of 35-3

configuration guidelines 35-10

configuring

Layer 2 interfaces 35-11

Layer 3 physical interfaces 35-15

Layer 3 port-channel logical interfaces 35-14

default configuration 35-10

described 35-2

displaying status 35-22

forwarding methods 35-7, 35-17

interaction

with STP 35-10

with VLANs 35-11

LACP

described 35-6

displaying status 35-22

hot-standby ports 35-19

interaction with other features 35-7

modes 35-6

port priority 35-21

system priority 35-20

Layer 3 interface 36-3

load balancing 35-7, 35-17

logical interfaces, described 35-3

PAgP

aggregate-port learners 35-17

compatibility with Catalyst 1900 35-18

described 35-4

displaying status 35-22

interaction with other features 35-5

learn method and priority configuration 35-17

modes 35-5

support for 1-2

port-channel interfaces

described 35-3

numbering of 35-3

port groups 10-6

support for 1-2

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

Ethernet Frame Delay 42-13

Ethernet frame delay measurement

ETH-DM 45-2

Ethernet infrastructure 44-1

Ethernet Link Management Interface

See E-LMI

Ethernet Locked Signal (ETH-LCK) 44-25

Ethernet OAM 44-33

and CFM interaction 44-50

configuration guidelines 44-34

configuring with CFM 44-51

default configuration 44-34

discovery 44-33

enabling 44-34, 44-52

link monitoring 44-33, 44-36

manager 44-1

messages 44-33

protocol

defined 44-32

monitoring 44-42

remote failure indications 44-33, 44-39

remote loopback 44-33, 44-35

templates 44-39

Ethernet OAM protocol 44-1

Ethernet OAM protocol CFM notifications 44-50

Ethernet operation, administration, and maintenance

See Ethernet OAM

Ethernet Remote Defect Indication (ETH-RDI) 44-24

Ethernet virtual connections

See EVCs

Ethernet VLANs

adding 12-9

defaults and ranges 12-7

modifying 12-9

EUI 37-3

EVCs

configuring 44-45

in CFM domains 44-42

event detectors, embedded event manager 31-2

events, RMON 28-3

example, configuration 45-5

examples

network configuration 1-15

expedited forwarding, DSCP 34-8

extended-range VLANs

creating with an internal VLAN ID 12-11

defined 12-1

extended system ID

MSTP 16-17

STP 15-4, 15-15

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 9-1

external BGP

See EBGP

external neighbors, BGP 36-46

F

Fast Convergence 19-3

features, incompatible 23-12

FIB 36-96

fiber-optic, detecting unidirectional links 26-1

files

copying A-4

crashinfo

description 48-21

displaying the contents of 48-21

location 48-21

deleting A-5

displaying the contents of A-7

tar

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-23

file system

displaying available file systems A-2

displaying file information A-3

local file system names A-1

network file system names A-4

setting the default A-3

filtering

in a VLAN 32-29

IPv6 traffic 39-3, 39-7

non-IP traffic 32-27

show and more command output 2-8

filtering show and more command output 2-8

filters, IP

See ACLs, IP

flash device, number of A-1

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-8, 19-9

configuring preferred VLAN 19-11

configuring VLAN load balancing 19-10

default configuration 19-7

description 19-1

link load balancing 19-2

monitoring 19-13

VLANs 19-2

flooded traffic, blocking 23-8

flow control 1-2, 10-20

forward-delay time

MSTP 16-23

STP 15-22

Forwarding Information Base

See FIB

FTP

configuration files

downloading A-13

overview A-12

preparing the server A-12

uploading A-14

image files

deleting old image A-30

downloading A-28

preparing the server A-27

uploading A-30

G

general query 19-5

Generating IGMP Reports 19-3

get-bulk-request operation 30-3

get-next-request operation 30-3, 30-4

get-request operation 30-3, 30-4

get-response operation 30-3

global configuration mode 2-2

global leave, IGMP 22-11

H

hardware limitations and Layer 3 interfaces 10-23

hello time

MSTP 16-23

STP 15-21

help, for the command line 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

history table, level and number of syslog messages 29-10

host ports

configuring 13-11

kinds of 13-2

hosts, limit on dynamic ports 12-28

Hot Standby Router Protocol

See HSRP

HP OpenView 1-3

HSRP

authentication string 41-10

command-switch redundancy 1-6

configuration guidelines 41-5

configuring 41-5

default configuration 41-5

definition 41-1

monitoring 41-12

object tracking 43-7

overview 41-1

priority 41-7

routing redundancy 1-10

support for ICMP redirect messages 41-12

timers 41-10

tracking 41-8

HTTP(S) Over IPv6 37-8

I

IBPG 36-42

ICMP

IPv6 37-4

redirect messages 36-10

support for 1-11

time-exceeded messages 48-15

traceroute 48-15

unreachable messages 32-19

unreachable messages and IPv6 39-3

unreachables and ACLs 32-20

ICMP Echo operation

configuring 42-11

IP SLAs 42-11

ICMP ping

executing 48-10

overview 48-10

ICMP Router Discovery Protocol

See IRDP

ICMPv6 37-4

IDS appliances

and ingress RSPAN 27-20

and ingress SPAN 27-13

IEEE 802.1ag 44-2

IEEE 802.1D

See STP

IEEE 802.1Q

and trunk ports 10-4

configuration limitations 12-15

encapsulation 12-14

native VLAN for untagged traffic 12-19

tunneling

compatibility with other features 14-5

defaults 14-4

described 14-1

tunnel ports with other features 14-6

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ah Ethernet OAM discovery 44-1

IEEE 802.3z flow control 10-20

ifIndex values, SNMP 30-5

IFS 1-4

IGMP

configurable leave timer, described 22-5

configurable leave timer, procedures 22-9

configuring the switch

as a member of a group 46-36

statically connected member 46-41

controlling access to groups 46-37

default configuration 46-36

deleting cache entries 46-45

displaying groups 46-46

fast switching 46-41

flooded multicast traffic

controlling flooding time 22-10

disabling on an interface 22-11

global leave 22-11

query solicitation 22-11

recovering from flood mode 22-11

host-query interval, modifying 46-39

joining multicast group 22-3

join messages 22-3

leave processing, enabling 22-9, 38-9

leaving multicast group 22-5

multicast reachability 46-36

overview 46-2

queries 22-3

report suppression

described 22-6

disabling 22-14, 38-11

supported versions 22-2

support for 1-2

Version 1

changing to Version 2 46-38

described 46-3

Version 2

changing to Version 1 46-38

described 46-3

maximum query response time value 46-40

pruning groups 46-40

query timeout value 46-40

IGMP configurable leave timer 22-5

IGMP filtering

configuring 22-25

default configuration 22-24

described 22-24

monitoring 22-29

support for 1-3

IGMP groups

configuring filtering 22-27

setting the maximum number 22-26

IGMP helper 46-5

IGMP leave timer, configuring 22-9

IGMP profile

applying 22-26

configuration mode 22-25

configuring 22-25

IGMP snooping

and address aliasing 22-2

configuring 22-6

default configuration 22-6, 38-5, 38-6

definition 22-1

enabling and disabling 22-7, 38-6

global configuration 22-7

Immediate Leave 22-5

monitoring 22-14, 38-11

querier

configuration guidelines 22-12

configuring 22-12

supported versions 22-2

support for 1-2

VLAN configuration 22-7

IGMP throttling

configuring 22-27

default configuration 22-24

described 22-24

displaying action 22-28

IGP 36-22

Immediate Leave, IGMP

configuration guidelines 22-9

described 22-5

enabling 22-9, 38-9

individual policers

configuration guidelines 34-43

configuring 34-43

initial configuration

defaults 1-12

input policy maps

classification criteria 34-4

configuration guidelines 34-42

configuring 34-42

displaying statistics 34-75

interface

number 10-8

range macros 10-10

interface command 10-8

interface configuration, REP 18-9

interface configuration mode 2-2

interfaces 45-3

configuration guidelines, duplex and speed 10-15

configuring

duplex mode 10-15

procedure 10-8

speed 10-15

counters, clearing 10-28

described 10-22

descriptive name, adding 10-22

displaying information about 10-27

flow control 10-20

management 1-3

monitoring 10-27

naming 10-22

physical, identifying 10-8

range of 10-9

restarting 10-29

shutting down 10-29

status 10-27

supported 10-8

types of 10-1

interfaces range macro command 10-10

interface types 10-8

ENI 10-2

NNI 10-2

UNI 10-2

Interior Gateway Protocol

See IGP

Intermediate System-to-Intermediate System

See IS-IS

internal BGP

See IBGP

internal neighbors, BGP 36-46

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

inter-VLAN routing 1-10, 36-2

Intrusion Detection System

See IDS appliances

inventory management TLV 25-6

IP ACLs

for QoS classification 34-10

implicit deny 32-9, 32-13

implicit masks 32-9

named 32-14

undefined 32-20

IP addresses

128-bit 37-2

classes of 36-5

default configuration 36-4

discovering 5-31

for IP routing 36-3

IPv6 37-2

MAC address association 36-7

monitoring 36-16

virtual 41-13

IP broadcast address 36-14

ip cef distributed command 36-96

IP directed broadcasts 36-12

ip igmp profile command 22-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP multicast routing

addresses

all-hosts 46-2

all-multicast-routers 46-2

host group address range 46-2

administratively-scoped boundaries, described 46-43

and IGMP snooping 22-1

Auto-RP

adding to an existing sparse-mode cloud 46-24

benefits of 46-23

clearing the cache 46-45

configuration guidelines 46-10

filtering incoming RP announcement messages 46-26

overview 46-6

preventing candidate RP spoofing 46-26

preventing join messages to false RPs 46-25

setting up in a new internetwork 46-23

using with BSR 46-31

bootstrap router

configuration guidelines 46-10

configuring candidate BSRs 46-29

configuring candidate RPs 46-30

defining the IP multicast boundary 46-28

defining the PIM domain border 46-27

overview 46-6

using with Auto-RP 46-31

Cisco implementation 46-1

configuring

basic multicast routing 46-10

IP multicast boundary 46-43

default configuration 46-8

enabling

multicast forwarding 46-11

PIM mode 46-11

group-to-RP mappings

Auto-RP 46-6

BSR 46-6

MBONE

deleting sdr cache entries 46-45

described 46-42

displaying sdr cache 46-46

enabling sdr listener support 46-42

limiting sdr cache entry lifetime 46-43

SAP packets for conference session announcement 46-42

Session Directory (sdr) tool, described 46-42

monitoring

packet rate loss 46-46

peering devices 46-46

tracing a path 46-46

multicast forwarding, described 46-7

PIMv1 and PIMv2 interoperability 46-9

reverse path check (RPF) 46-7

routing table

deleting 46-45

displaying 46-46

RP

assigning manually 46-22

configuring Auto-RP 46-23

configuring PIMv2 BSR 46-27

monitoring mapping information 46-32

using Auto-RP and BSR 46-31

statistics, displaying system and network 46-45

See also IGMP

See also PIM

IP packets, classification 34-6

IP Port Security for Static Hosts

on a Layer 2 access port 20-22

on a PVLAN host port 20-26

IP precedence

classification 34-8

values 34-6

IP protocols

in ACLs 32-11

routing 1-10

IP routes, monitoring 36-109

IP routing

connecting interfaces with 10-7

disabling 36-17

enabling 36-17

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 42-1

IP SLAs

benefits 42-2

CFM endpoint discovery 44-19

configuration guidelines 42-6

configuring object tracking 43-9

Control Protocol 42-4

default configuration 42-6

definition 42-1

ICMP echo operation 42-11

manually configuring CFM ping or jitter 44-17

measuring network performance 42-3

monitoring 42-13

multioperations scheduling 42-5

object tracking 43-9

operation 42-3

reachability tracking 43-9

responder

described 42-4

enabling 42-8

response time 42-4

scheduling 42-5

SNMP support 42-2

supported metrics 42-2

threshold monitoring 42-6

track object monitoring agent, configuring 43-11

track state 43-9

UDP jitter operation 42-8

IP source guard

and 802.1x 20-21

and DHCP snooping 20-18

and EtherChannels 20-21

and port security 20-21

and private VLANs 20-21

and routed ports 20-21

and TCAM entries 20-21

and trunk interfaces 20-21

and VRF 20-21

binding configuration

automatic 20-19

manual 20-19

binding table 20-19

configuration guidelines 20-21

default configuration 20-20

described 20-18

disabling 20-22

displaying

bindings 20-28

configuration 20-28

enabling 20-21, 20-23

filtering

source IP address 20-19

source IP and MAC address 20-19

source IP address filtering 20-19

source IP and MAC address filtering 20-19

static bindings

adding 20-21, 20-23

deleting 20-22

static hosts 20-23

IP traceroute

executing 48-15

overview 48-14

IP unicast routing

address resolution 36-7

administrative distances 36-98, 36-108

ARP 36-7

assigning IP addresses to Layer 3 interfaces 36-5

authentication keys 36-108

broadcast

address 36-14

flooding 36-15

packets 36-12

storms 36-12

classless routing 36-6

configuring static routes 36-97

default

addressing configuration 36-4

gateways 36-10

networks 36-99

routes 36-98

routing 36-2

directed broadcasts 36-12

disabling 36-17

dynamic routing 36-2

enabling 36-17

EtherChannel Layer 3 interface 36-3

IGP 36-22

inter-VLAN 36-2

IP addressing

classes 36-5

configuring 36-3

IPv6 37-2

IRDP 36-10

Layer 3 interfaces 36-3

MAC address and IP address 36-7

passive interfaces 36-106

proxy ARP 36-7

redistribution 36-99

reverse address resolution 36-7

routed ports 36-3

static routing 36-2

steps to configure 36-3

subnet mask 36-5

subnet zero 36-5

supernet 36-6

UDP 36-13

with SVIs 36-3

See also BGP

See also EIGRP

See also IS-IS

See also OSPF

See also RIP

IPv4 ACLs

applying to interfaces 32-19

extended, creating 32-10

named 32-14

standard, creating 32-9

IPv6

ACLs

displaying 39-8

limitations 39-2

matching criteria 39-2

port 39-1

precedence 39-2

router 39-1

supported 39-2

addresses 37-2

address formats 37-2

applications 37-5

assigning address 37-11

autoconfiguration 37-4

CEFv6 37-20

default configuration 37-11

default router preference (DRP) 37-4

defined 37-1

Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 37-7

Router ID 37-7

feature limitations 37-10

features not supported 37-9

forwarding 37-11

ICMP 37-4

Integrated Intermediate System-to-Intermediate System (IS-IS) 37-7

neighbor discovery 37-4

OSPF 37-7

path MTU discovery 37-4

SDM templates 7-2, 38-1, 39-1

Stateless Autoconfiguration 37-4

supported features 37-2

switch limitations 37-10

understanding static routes 37-6

IPv6 traffic, filtering 39-3

IRDP

configuring 36-11

definition 36-10

support for 1-11

IS-IS

addresses 36-63

area routing 36-63

default configuration 36-64

monitoring 36-72

show commands 36-72

support for 1-10

system routing 36-63

ISL trunking with IEEE 802.1 tunneling 14-4

ISO CLNS

clear commands 36-72

dynamic routing protocols 36-63

monitoring 36-72

NETs 36-63

NSAPs 36-63

OSI standard 36-63

ISO IGRP

area routing 36-63

system routing 36-63

isolated port 13-2

isolated VLANs 13-2, 13-3

ITU-T Y.1731

See Y.1731

J

join messages, IGMP 22-3

K

KDC

described 6-32

See also Kerberos

keepalive command 10-14

keepalive messages 15-3

keepalive messages, default 10-14

Kerberos

authenticating to

boundary switch 6-34

KDC 6-34

network services 6-35

configuration examples 6-32

configuring 6-35

credentials 6-32

cryptographic software image 6-32

described 6-32

KDC 6-32

operation 6-34

realm 6-33

server 6-33

support for 1-8

switch as trusted third party 6-32

terms 6-33

TGT 6-34

tickets 6-32

key distribution center

See KDC

L

l2protocol-tunnel command 14-13

LACP

Layer 2 protocol tunneling 14-9

See EtherChannel

Layer 2 interfaces, default configuration 10-12

Layer 2 packets, classification 34-6

Layer 2 protocol packets, and control-plane security 33-2

Layer 2 protocol tunneling

configuring 14-10

configuring for EtherChannels 14-14

default configuration 14-11

defined 14-8

layer-2 template 7-1

Layer 2 traceroute

and ARP 48-14

and CDP 48-13

broadcast traffic 48-13

described 48-13

IP addresses and subnets 48-14

MAC addresses and VLANs 48-13

multicast traffic 48-13

multiple devices on a port 48-14

unicast traffic 48-13

usage guidelines 48-13

Layer 3 features 1-10

Layer 3 interfaces

assigning IP addresses to 36-5

assigning IPv4 and IPv6 addresses to 37-15

assigning IPv6 addresses to 37-12

changing from Layer 2 mode 36-5, 36-88

types of 36-3

LDAP 4-2

Leaking IGMP Reports 19-4

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

Link Failure, detecting unidirectional 16-8

link integrity, verifying with REP 18-3

Link Layer Discovery Protocol

See CDP

link local unicast addresses 37-3

link monitoring, Ethernet OAM 44-33, 44-36

link redundancy

See Flex Links

links, unidirectional 26-1

link state advertisements (LSAs) 36-29

link-state tracking

configuration guidelines 35-24

configuring 35-24

described 35-22

LLDP

configuring 25-3

characteristics 25-3

default configuration 25-3

disabling and enabling

globally 25-4

on an interface 25-5

monitoring and maintaining 25-7

overview 25-1

supported TLVs 25-2

transmission timer and holdtime, setting 25-3

LLDP-MED

configuring 25-3

configuring TLVs 25-6

monitoring and maintaining 25-7

overview 25-1, 25-2

supported TLVs 25-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing 41-4, 41-13

local SPAN 27-2

location TLV 25-2, 25-6

logging messages, ACL 32-8

login authentication

with RADIUS 6-23

with TACACS+ 6-14

login banners 5-17

log messages

See system message logging

loop guard

described 17-5

enabling 17-10

support for 1-6

M

MAC addresses

aging time 5-22

and VLAN association 5-21

building the address table 5-21

default configuration 5-22

disabling learning on a VLAN 5-30

discovering 5-31

displaying 5-31

displaying in the IP source binding table 20-28

dynamic

learning 5-21

removing 5-23

in ACLs 32-27

IP address association 36-7

static

adding 5-28

allowing 5-29, 5-30

characteristics of 5-27

dropping 5-29

removing 5-28

virtual 41-13

MAC address learning, disabling on a VLAN 5-30

MAC address notification, support for 1-11

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-7

description 19-6

monitoring 19-13

MAC address-to-VLAN mapping 12-23

MAC extended access lists

applying to Layer 2 interfaces 32-28

configuring for QoS 34-37

creating 32-27

defined 32-27

macros

See command macros

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

manageability features 1-4

management access

in-band

CLI session 1-4

SNMP 1-5

out-of-band console port connection 1-5

management options

CLI 2-1

CNS 4-1

overview 1-3

manual preemption, REP, configuring 18-13

marking

action with aggregate policers 34-47

described 34-2, 34-14

match command, QoS

for classification 34-3, 34-7

guidelines 34-38

matching, IPv4 ACLs 32-7

matching classifications, QoS 34-7

maximum aging time

MSTP 16-24

STP 15-22

maximum hop count, MSTP 16-24

maximum number of allowed devices, port-based authentication 9-13

maximum-paths command 36-50, 36-97

media-type command 10-18

membership mode, VLAN port 12-5

MEPs

and STP 44-4

defined 44-3

messages

Ethernet OAM 44-33

to users through banners 5-17

metrics, in BGP 36-51

metric translations, between routing protocols 36-102

metro tags 14-2

MHSRP 41-4

MIBs

overview 30-1

SNMP interaction with 30-4

MIPs

and STP 44-4

defined 44-4

mirroring traffic for analysis 27-1

mismatches, autonegotiation 48-8

modular QoS command-line interface

See MQC

module number 10-8

monitoring

access groups 32-41

BGP 36-62

cables for unidirectional links 26-1

CDP 24-5

CEF 36-96

control-plane security 33-7

EIGRP 36-41

E-LMI 44-49

Ethernet CFM 44-30, 44-32

Ethernet OAM 44-42

Ethernet OAM protocol 44-42

features 1-11

Flex Links 19-13

HSRP 41-12

IEEE 802.1Q tunneling 14-17

IGMP

filters 22-29

snooping 22-14, 38-11

interfaces 10-27

IP

address tables 36-16

multicast routing 46-45

routes 36-109

IP SLAs operations 42-13

IPv4 ACL configuration 32-41

IPv6 ACL configuration 39-8

IS-IS 36-72

ISO CLNS 36-72

Layer 2 protocol tunneling 14-17

MAC address-table move update 19-13

MSDP peers 47-17

multicast router interfaces 22-15, 38-12

multi-VRF CE 36-95

MVR 22-23

network traffic for analysis with probe 27-2

OAM manager 44-49

object tracking 43-12

OSPF 36-34

port

blocking 23-18

protection 23-18

private VLANs 13-14

QoS 34-75

REP 18-14

RP mapping information 46-32

SFPs

status 10-28

SFP status 1-12, 10-28, 48-9

source-active messages 47-17

speed and duplex mode 10-17

SSM mapping 46-21

traffic flowing among switches 28-1

traffic suppression 23-18

tunneling 14-17

VLAN

filters 32-42

maps 32-42

VLANs 12-14

VMPS 12-28

MQC

process 34-3

steps to configure 34-3

mrouter Port 19-3

mrouter port 19-5

MSDP

benefits of 47-3

clearing MSDP connections and statistics 47-17

controlling source information

forwarded by switch 47-10

originated by switch 47-8

received by switch 47-12

default configuration 47-3

dense-mode regions

sending SA messages to 47-15

specifying the originating address 47-16

filtering

incoming SA messages 47-13

SA messages to a peer 47-11

SA requests from a peer 47-9

join latency, defined 47-6

meshed groups

configuring 47-14

defined 47-14

originating address, changing 47-16

overview 47-1

peer-RPF flooding 47-2

peers

configuring a default 47-3

monitoring 47-17

peering relationship, overview 47-1

requesting source information from 47-7

shutting down 47-14

source-active messages

caching 47-6

clearing cache entries 47-17

defined 47-2

filtering from a peer 47-9

filtering incoming 47-13

filtering to a peer 47-11

limiting data with TTL 47-12

monitoring 47-17

restricting advertised sources 47-8

support for 1-11

MSTP

boundary ports

configuration guidelines 16-15

described 16-6

BPDU filtering

described 17-3

enabling 17-8

BPDU guard

described 17-3

enabling 17-7

CIST, described 16-3

CIST regional root

CIST root 16-5

configuration guidelines 16-15, 17-6

configuring

forward-delay time 16-23

hello time 16-23

link type for rapid convergence 16-25

maximum aging time 16-24

maximum hop count 16-24

MST region 16-16

neighbor type 16-25

path cost 16-21

port priority 16-19

root switch 16-17

secondary root switch 16-19

switch priority 16-22

CST

defined 16-3

operations between regions 16-3

default configuration 16-14

default optional feature configuration 17-5

displaying status 16-27

enabling the mode 16-16

EtherChannel guard

described 17-3

enabling 17-9

extended system ID

effects on root switch 16-17

effects on secondary root switch 16-19

unexpected behavior 16-18

IEEE 802.1s

implementation 16-6

port role naming change 16-7

instances supported 15-10

interface state, blocking to forwarding 17-2

interoperability and compatibility among modes 15-10

interoperability with 802.1D

described 16-8

restarting migration process 16-26

IST

defined 16-2

master 16-3

operations within a region 16-3

loop guard

described 17-5

enabling 17-10

mapping VLANs to MST instance 16-16

MST region

CIST 16-3

configuring 16-16

described 16-2

hop-count mechanism 16-5

IST 16-2

supported spanning-tree instances 16-2

optional features supported 1-6

overview 16-2

Port Fast

described 17-2

enabling 17-6

preventing root switch selection 17-4

root guard

described 17-4

enabling 17-10

root switch

configuring 16-18

effects of extended system ID 16-17

unexpected behavior 16-18

shutdown Port Fast-enabled port 17-3

status, displaying 16-27

multicast Ethernet loopback (ETH-LB) 44-25

multicast Ethernet loopback, using 44-30

multicast groups

Immediate Leave 22-5

leaving 22-5

static joins 22-8, 38-8

multicast packets

ACLs on 32-41

blocking 23-8

multicast router interfaces, monitoring 22-15, 38-12

multicast router ports, adding 22-7, 38-8

Multicast Source Discovery Protocol

See MSDP

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 22-16

multicast VLAN 22-15

Multicast VLAN Registration

See MVR

multioperations scheduling, IP SLAs 42-5

Multiple HSRP

See MHSRP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example 36-91

configuration guidelines 36-85

configuring 36-84

default configuration 36-84

defined 1-18, 36-82

displaying 36-95

monitoring 36-95

network components 36-84

packet-forwarding process 36-84

support for 1-11

MVR

and address aliasing 22-19

and IGMPv3 22-19

configuration guidelines 22-18

configuring interfaces 22-21

default configuration 22-18

described 22-15

example application 22-16

in the switch stack 22-18

modes 22-20

monitoring 22-23

multicast television application 22-16

setting global parameters 22-19

support for 1-3

MVRoT, guidelines 22-18

MVR over trunk ports

See MVRoT

N

named IPv4 ACLs 32-14

named IPv6 ACLs 39-2

NameSpace Mapper

See NSM

native VLAN

and IEEE 802.1Q tunneling 14-4

configuring 12-19

default 12-19

NEAT

configuring 9-24

overview 9-9

neighbor discovery, IPv6 37-4

neighbor discovery/recovery, EIGRP 36-35

neighbor offset numbers, REP 18-4

neighbors, BGP 36-57

Network Edge Access Topology

See NEAT

network management

CDP 24-1

RMON 28-1

SNMP 30-1

network node interface

See NNI

network performance, measuring with IP SLAs 42-3

network policy TLV 25-6

Network Time Protocol

See NTP

NNI

configuring 10-14

described 10-2

protocol control packets on 33-1

no commands 2-4

non-IP traffic filtering 32-27

Nonstop Forwarding Awareness

See NSF Awareness

nontrunking mode 12-15

no power-supply dual command 5-19

normal-range VLANs

characteristics 12-3

configuring 12-7

defined 12-1

no switchport command 10-5

not-so-stubby areas

See NSSA

NSAPs, as ISO IGRP addresses 36-63

NSF Awareness

BGP 36-46

EIGRP 36-37

IS-IS 36-65

OSPF 36-25

NSM 4-3

NSSA, OSPF 36-29

NTP

associations

authenticating 5-4

defined 5-2

enabling broadcast messages 5-6

peer 5-5

server 5-5

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

support for 1-4

synchronizing devices 5-5

time

services 5-2

synchronizing 5-2

O

OAM

client 44-32

features 44-33

sublayer 44-32

OAM manager

and E-LMI 44-43

configuration guidelines 44-44

configuring 44-45, 44-51

monitoring 44-49

purpose of 44-43

with CFM 44-43

with CFM and Ethernet OAM 44-50

OAM PDUs 44-34

OAM protocol data units 44-32

object tracking

HSRP 43-7

IP SLAs 43-9

IP SLAs, configuring 43-9

monitoring 43-12

Open Shortest Path First

See OSPF

optimizing system resources 7-1

options, management 1-3

OSPF

area parameters, configuring 36-29

configuring 36-25

default configuration

metrics 36-31

route 36-31

settings 36-24

described 36-22

for IPv6 37-7

interface parameters, configuring 36-26

LSA group pacing 36-32

monitoring 36-34

network types, configuring 36-28

router IDs 36-33

route summarization 36-31

support for 1-10

virtual links 36-31

output policies 34-5

output policy maps

classification criteria 34-5

configuration guidelines 34-56

configuring 34-56

displaying statistics 34-75

P

packet classification

defined 34-5

to organize traffic 34-2

packet marking

configuring 34-49

defined 34-18

packet policing, for QoS 34-2

PAgP

Layer 2 protocol tunneling 14-9

See EtherChannel

parallel paths, in routing tables 36-97

parent policies, QoS 34-12, 34-25

passive interfaces

configuring 36-106

OSPF 36-31

passwords

default configuration 6-2

disabling recovery of 6-5

encrypting 6-3

for security 1-8

overview 6-1

recovery of 48-3

setting

enable 6-3

enable secret 6-3

Telnet 6-6

with usernames 6-6

path cost

MSTP 16-21

STP 15-19

path MTU discovery 37-4

PBR

defined 36-103

enabling 36-104

fast-switched policy-based routing 36-105

local policy-based routing 36-106

peers, BGP 36-57

percentage thresholds in tracked lists 43-6

performance features 1-2

periodic data collection and transfer mechanism 30-6

per-port, per-VLAN policy maps, configuration guidelines 34-51

per-port per VLAN policing 34-12, 34-51

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring 36-90

physical ports 10-3

PIM

default configuration 46-8

dense mode

overview 46-4

rendezvous point (RP), described 46-4

RPF lookups 46-8

displaying neighbors 46-46

enabling a mode 46-11

overview 46-3

router-query message interval, modifying 46-35

shared tree and source tree, overview 46-32

shortest path tree, delaying the use of 46-34

sparse mode

join messages and shared tree 46-4

overview 46-4

prune messages 46-4

RPF lookups 46-8

stub routing

configuration guidelines 46-12

enabling 46-12

overview 46-5

support for 1-11

versions

interoperability 46-9

troubleshooting interoperability problems 46-32

v2 improvements 46-3

ping

executing 48-10

overview 48-10

police aggregate command 34-48

police command, with individual policers 34-43, 34-54

policer aggregate command 34-47

policer configuration

default for ENIs and UNIs 33-4

default for NNIs 33-5

policers

configuring for more than one traffic class 34-47

described 34-2

number supported per port 34-4

policing

aggregate in input policy maps 34-16

described 34-2

individual in input policy maps 34-15

priority in output policy maps 34-17

QoS 34-14

policy-based routing

See PBR

policy-map command 34-3

policy-map marking, configuration guidelines 34-49

policy maps

attaching 34-3, 34-41

configuration examples 34-75

described 34-15

input

configuring 34-42

described 34-4

output

configuring 34-56

described 34-4

port ACLs

defined 32-2

types of 32-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-5

authentication server

defined 9-2

RADIUS server 9-3

client, defined 9-2

configuration guidelines 9-12

configuring

802.1x authentication 9-13

host mode 9-21

manual re-authentication of a client 9-18

periodic re-authentication 9-17

quiet period 9-18

RADIUS server 9-15

RADIUS server parameters on the switch 9-14

switch-to-client frame-retransmission number 9-20

switch-to-client retransmission time 9-19

violation modes 9-17

default configuration 9-11

described 9-1

device roles 9-2

displaying statistics 9-26

EAPOL-start frame 9-3

EAP-request/identity frame 9-3

EAP-response/identity frame 9-3

encapsulation 9-3

host mode 9-6

initiation and message exchange 9-3

maximum number of allowed devices per port 9-13

method lists 9-13

multiple-hosts mode, described 9-6

ports

authorization state and dot1x port-control command 9-4

authorized and unauthorized 9-4

port security

described 9-7

readiness check

configuring 9-16

described 9-7, 9-16

resetting to default values 9-22

statistics, displaying 9-26

switch

as proxy 9-3

RADIUS client 9-3

switch supplicant

configuring 9-24

overview 9-9

user distribution

guidelines 9-8

overview 9-8

VLAN assignment

AAA authorization 9-13

characteristics 9-7

configuration tasks 9-8

described 9-7

port blocking 1-2, 23-7

port-channel

See EtherChannel

Port Fast

described 17-2

enabling 17-6

support for 1-6

port membership modes, VLAN 12-4

port priority

MSTP 16-19

STP 15-17

ports

access 10-4

blocking 23-7

dual-purpose 10-6

dynamic access 12-5

IEEE 802.1Q tunnel 12-5

protected 23-6

REP 18-6

routed 10-5

secure 23-9

static-access 12-5, 12-11

switch 10-3

trunks 12-5, 12-14

VLAN assignments 12-11

port security

aging 23-16

and private VLANs 23-17

configuration guidelines 23-11

configuring 23-12

default configuration 23-11

described 23-9

displaying 23-18

enabling 23-17

on trunk ports 23-13

sticky learning 23-10

violations 23-10

with other features 23-11

port shaping

configuring 34-61

described 34-25

port-shutdown response, VMPS 12-24

port types 10-2

power 25-6

power management TLV 25-6

power supplies, dual in Cisco ME 3400G-12CS 5-19

power supply alarm, suppressing 5-19

PPPoE IA

clearing counters 8-12

configuring

interface 8-5

switch 8-2

vlan 8-9

debugging 8-12

displaying configuration 8-11

etherchannel 8-2

overview 8-1

restrictions 8-2

troubleshooting 8-13

preempt delay time, REP 18-5

preemption, default configuration 19-7

preemption delay, default configuration 19-7

preferential treatment of traffic

See QoS

prefix lists, BGP 36-54

preventing unauthorized access 6-1

primary edge port, REP 18-4

primary interface for object tracking, DHCP, configuring 43-10

primary interface for static routing, configuring 43-10

primary links 19-2

primary VLANs 13-1, 13-3

priority

HSRP 41-7

priority command 34-17

configuring strict priority queuing 34-62

for QoS scheduling 34-23

for strict priority queuing 34-27

priority policing, described 34-17

priority queues

configuring 34-62

described 34-27

for QoS scheduling 34-23

priority with police 34-28

commands 34-18

configuring 34-64

described 34-27

priority with unconditional policing, QoS 34-24

private VLANs

across multiple switches 13-4

and SVIs 13-5

and UNI VLANs 12-12

benefits of 13-1

community ports 13-3

community VLANs 13-2, 13-3

configuration guidelines 13-6, 13-8

configuration tasks 13-6

configuring 13-9

default configuration 13-6

end station access to 13-3

IP addressing 13-4

isolated port 13-2

isolated VLANs 13-2, 13-3

mapping 13-13

monitoring 13-14

ports

community 13-3

configuration guidelines 13-8

configuring host ports 13-11

configuring promiscuous ports 13-12

described 12-5

isolated 13-2

promiscuous 13-2

primary VLANs 13-1, 13-3

promiscuous ports 13-2

secondary VLANs 13-2

subdomains 13-1

traffic in 13-5

privileged EXEC mode 2-2

privilege levels

changing the default for lines 6-9

exiting 6-9

logging into 6-9

overview 6-2, 6-7

setting a command with 6-8

promiscuous ports

configuring 13-12

defined 13-2

protected ports 23-6

protocol control packets 33-1

protocol-dependent modules, EIGRP 36-35

Protocol-Independent Multicast Protocol

See PIM

provider edge devices 1-18, 36-83

proxy ARP

configuring 36-9

definition 36-7

with IP routing disabled 36-10

proxy reports 19-3

PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Q

QinQ

See IEEE 802.1Q tunneling

QoS

aggregate policers 34-16

and MQC 34-1

basic model 34-2

CBWFQ 34-26

CBWFQ, configuring 34-58

CIR bandwidth 34-27

class-based shaping, described 34-24

classification

ACL lookup 34-10

based on CoS value 34-8

based on DSCP 34-8

based on IP precedence 34-8

based on QoS group 34-10

based on VLAN IDs 34-12, 34-51

class maps, described 34-7

comparisons 34-9

criteria 34-5

in frames and packets 34-6

policy maps, described 34-15

class maps, configuration guidelines 34-38

class maps, configuring 34-38

configuration examples

adding customers 34-78

adding or deleting a class 34-81

adding or deleting classification criteria 34-78, 34-79

adding or deleting configured actions 34-80

changing queuing or scheduling parameters 34-79

configuration guidelines

aggregate policers 34-47

CBWFQ 34-58

class-based shaping 34-60

class maps 34-38

general 34-32

individual policers 34-43

input policy maps 34-42

marking 34-49

output policy maps 34-56

unconditional priority policing 34-64

WTD 34-67

configuring

aggregate policers 34-47

class-based shaping 34-60

classification with IP ACLs 34-34

class maps 34-38, 40-9

individual policers 34-43

individual policing 34-43, 34-54

input policy maps with marking 34-49

IP ACLs 34-34

MAC ACLs 34-37

output policy maps 34-56

port shaping 34-61

priority queues 34-62

queue size 34-29

requirements 34-32

service policies 34-41

strict priority queuing 34-62

table maps 34-40

unconditional priority policing 34-64

WTD 34-66, 34-67

congestion avoidance 34-2, 34-29

congestion management 34-2, 34-23

CPU-generated traffic

configuring output policy classification criteria 34-5

configuring QoS group number 34-11

configuring queue-limit 34-67

output remarking 34-6

default configuration 34-32

initial configuration example 34-76

input policy maps

configuring 34-42

described 34-4

IP packet classification 34-6

Layer 2 packet classification 34-6

Layer 3 packet classification 34-6

marking, described 34-2

match command 34-7

output policy maps

configuring 34-57

described 34-5

overview 34-1

packet classification 34-2

packet marking 34-18

packet policing 34-2

parent-child hierarchy 34-12, 34-25

per-port, per-VLAN hierarchical policy maps

configuring 34-51

described 34-12

policers

configuring 34-44, 34-48, 34-65

described 34-14

policing

aggregate 34-16

described 34-2, 34-14

individual 34-15

priority 34-17

policy maps

attaching 34-41

attaching to an interface 34-17

displaying statistics 34-75

port shaping, described 34-25

preconfiguration 34-32

priority policing, described 34-17

priority with police 34-27

queue size 34-29

scheduling 34-23

CBWFQ 34-23

priority queuing 34-23

traffic shaping 34-23

strict priority queuing 34-27

support for 1-9

table maps 34-13

traffic shaping, described 34-24

unconditional priority policing 34-28

WTD 34-29

QoS ACL

configuration guidelines 34-34

QoS ACLs

configuring IP extended 34-36

configuring IP standard 34-34

configuring MAC 34-37

QoS groups

classification 34-10, 34-12, 34-51

described 34-5, 34-10

QoS information, displaying 34-75

quality of service

See QoS

queries, IGMP 22-3

query solicitation, IGMP 22-11

queue bandwidth and queue size, relationship 34-31

queue-limit command, QoS 34-29, 34-30, 34-66

queue size, QoS, managing 34-29

R

RADIUS

attributes

vendor-proprietary 6-30

vendor-specific 6-29

configuring

accounting 6-28

authentication 6-23

authorization 6-27

communication, global 6-21, 6-29

communication, per-server 6-20, 6-21

multiple UDP ports 6-20

default configuration 6-20

defining AAA server groups 6-25

displaying the configuration 6-31

identifying the server 6-20

limiting the services to the user 6-27

method list, defined 6-19

operation of 6-19

overview 6-18

server load balancing 6-31

suggested network environments 6-18

support for 1-8

tracking services accessed by user 6-28

range

macro 10-10

of interfaces 10-9

rapid convergence 16-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Rapid Spanning Tree Protocol

See RSTP

RARP 36-7

rate-limiting threshold, CPU protection 33-6

RCP

configuration files

downloading A-16

overview A-15

preparing the server A-15

uploading A-17

image files

deleting old image A-34

downloading A-32

preparing the server A-31

uploading A-34

reachability, tracking IP SLAs IP host 43-9

readiness check

port-based authentication

configuring 9-16

described 9-7, 9-16

reconfirmation interval, VMPS, changing 12-27

reconfirming dynamic VLAN membership 12-27

recovery procedures 48-1

redundancy

EtherChannel 35-3

GLBP 41-13

HSRP 41-1

STP

backbone 15-8

path cost 12-21

port priority 12-20

reliable transport protocol, EIGRP 36-35

reloading software 3-22

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

remote failure indications 44-33

remote failure indications, Ethernet OAM 44-39

remote loopback, Ethernet OAM 44-33, 44-35

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-2

REP

administrative VLAN 18-8

administrative VLAN, configuring 18-8

age timer 18-8

and STP 18-6

configuration guidelines 18-7

configuring interfaces 18-9

convergence 18-4

default configuration 18-7

manual preemption, configuring 18-13

monitoring 18-14

neighbor offset numbers 18-4

open segment 18-2

ports 18-6

preempt delay time 18-5

primary edge port 18-4

ring segment 18-2

secondary edge port 18-4

segments 18-1

characteristics 18-2

SNMP traps, configuring 18-13

supported interfaces 18-1

triggering VLAN load balancing 18-5

verifying link integrity 18-3

VLAN blocking 18-12

VLAN load balancing 18-4

report suppression, IGMP

described 22-6

disabling 22-14, 38-11

resequencing ACL entries 32-14

reserved addresses in DHCP pools 20-16

resets, in BGP 36-49

resetting a UDLD-shutdown interface 26-6

Resilient Ethernet Protocol

See REP

responder, IP SLAs

described 42-4

enabling 42-8

response time, measuring with IP SLAs 42-4

restricting access

NTP services 5-8

overview 6-1

passwords and privilege levels 6-2

RADIUS 6-17

TACACS+ 6-9

restrictions 45-3

retry count, VMPS, changing 12-27

reverse address resolution 36-7

Reverse Address Resolution Protocol

See RARP

RFC

1112, IP multicast and IGMP 22-2

1157, SNMPv1 30-2

1305, NTP 5-2

1587, NSSAs 36-23

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 22-2

2273-2275, SNMPv3 30-2

2475, DSCP 34-9

2597, AF per-hop behavior 34-9

2598, EF 34-9

RIP

advertisements 36-18

authentication 36-20

configuring 36-19

default configuration 36-18

described 36-18

for IPv6 37-7

hop counts 36-18

summary addresses 36-21

support for 1-10

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-5

collecting group history 28-5

support for 1-12

root guard

described 17-4

enabling 17-10

support for 1-6

root switch

MSTP 16-17

STP 15-15

route calculation timers, OSPF 36-31

route dampening, BGP 36-61

routed packets, ACLs on 32-40

routed ports

configuring 36-3

defined 10-5

IP addresses on 10-23, 36-3

route-map command 36-105

route maps

BGP 36-52

policy-based routing 36-103

router ACLs

defined 32-2

types of 32-4

route reflectors, BGP 36-60

router ID, OSPF 36-33

route selection, BGP 36-50

route summarization, OSPF 36-31

route targets, VPN 36-84

routing

default 36-2

dynamic 36-2

IPv6 traffic 37-2

redistribution of information 36-99

static 36-2

routing domain confederation, BGP 36-59

Routing Information Protocol

See RIP

routing protocol administrative distances 36-98

RSPAN

characteristics 27-7

configuration guidelines 27-16

default configuration 27-9

defined 27-2

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-11, 27-1

received traffic 27-4

session limits 27-10

sessions

creating 27-16

defined 27-3

limiting source traffic to specific VLANs 27-21

specifying monitored ports 27-16

with ingress traffic enabled 27-20

source ports 27-5

transmitted traffic 27-5

VLAN-based 27-6

RSPAN VLANs, and UNI VLANs 12-13

RSTP

active topology 16-9

BPDU

format 16-12

processing 16-13

designated port, defined 16-9

designated switch, defined 16-9

interoperability with 802.1D

described 16-8

restarting migration process 16-26

topology changes 16-13

overview 16-8

port roles

described 16-9

synchronized 16-11

proposal-agreement handshake process 16-10

rapid convergence

described 16-10

edge ports and Port Fast 16-10

point-to-point links 16-10, 16-25

root ports 16-10

root port, defined 16-9

See also MSTP

running configuration

replacing A-18, A-19

rolling back A-18, A-19

running configuration, saving 3-15

S

scheduled reloads 3-22

scheduling, IP SLAs operations 42-5

scheduling, QoS 34-23

SCP

and SSH 6-41

configuring 6-41

SDM

described 7-1

templates

configuring 7-4

number of 7-1

SDM template

configuration guidelines 7-4

configuring 7-3

default 7-1

dual IPv4 and IPv6 7-2

layer 2 7-1

types of 7-1

secondary edge port, REP 18-4

secondary VLANs 13-2

Secure Copy Protocol

secure MAC addresses

deleting 23-15

maximum number of 23-10

types of 23-9

secure ports, configuring 23-9

secure remote connections 6-37

Secure Shell

See SSH

security, port 23-9

security features 1-7

See SCP

sequence numbers in log messages 29-8

service-policy command

attaching policy maps 34-3

guidelines 34-57

using 34-41

service-provider network, MSTP and RSTP 16-1

service-provider networks

and customer VLANs 14-2

and IEEE 802.1Q tunneling 14-1

Layer 2 protocols across 14-8

Layer 2 protocol tunneling for EtherChannels 14-9

set command

for QoS marking 34-18

guidelines 34-49

set-request operation 30-4

severity levels, defining in system messages 29-8

SFPs

monitoring status of 1-12, 10-28, 48-9

security and identification 48-8

status, displaying 1-12

shape average command, QoS 34-23, 34-25, 34-60

shaped round robin

See SRR

show access-lists hw-summary command 32-21

show and more command output, filtering 2-8

show cdp traffic command 24-5

show configuration command 10-22

show forward command 48-18

show interfaces command 10-17, 10-22

show interfaces switchport 19-4

show l2protocol command 14-13, 14-15, 14-16

show lldp traffic command 25-8

show platform forward command 48-18

show running-config command

displaying ACLs 32-19, 32-20, 32-31, 32-34

interface description in 10-22

shutdown command on interfaces 10-29

shutdown threshold for Layer 2 protocol packets 14-11

Simple Network Management Protocol

See SNMP

single session ID 9-10

small-frame arrival rate, configuring 23-5

SMNP traps, and CFM 44-5

SNAP 24-1

SNMP

accessing MIB variables with 30-4

agent

described 30-4

disabling 30-8

and IP SLAs 42-2

authentication level 30-11

community strings

configuring 30-8

overview 30-4

configuration examples 30-21

default configuration 30-7

engine ID 30-7

groups 30-7, 30-10

host 30-7

ifIndex values 30-5

in-band management 1-5

informs

and trap keyword 30-12

described 30-5

differences from traps 30-5

disabling 30-16

enabling 30-16

limiting access by TFTP servers 30-17

limiting system log messages to NMS 29-10

manager functions 1-3, 30-3

notifications 30-5

overview 30-1, 30-4

security levels 30-3

setting CPU threshold notification 30-16

status, displaying 30-22

system contact and location 30-17

trap manager, configuring 30-14

traps

described 30-4, 30-5

differences from informs 30-5

disabling 30-16

enabling 30-12

enabling MAC address notification 5-23, 5-24, 5-26

overview 30-1, 30-4

types of 30-13

users 30-7, 30-10

versions supported 30-2

SNMP and Syslog Over IPv6 37-8

SNMP traps

REP 18-13

SNMPv1 30-2

SNMPv2C 30-2

SNMPv3 30-3

snooping, IGMP 22-1

software images

location in flash A-23

recovery procedures 48-2

scheduling reloads 3-22

tar file format, described A-23

See also downloading and uploading

source addresses

in IPv6 ACLs 39-5, 40-5

source addresses, in IPv4 ACLs 32-11

source-and-destination-IP address based forwarding, EtherChannel 35-8

source-and-destination MAC address forwarding, EtherChannel 35-7

source-IP address based forwarding, EtherChannel 35-8

source-MAC address forwarding, EtherChannel 35-7

Source-specific multicast

See SSM

SPAN

configuration guidelines 27-10

default configuration 27-9

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-11, 27-1

ports, restrictions 23-12

received traffic 27-4

session limits 27-10

sessions

configuring ingress forwarding 27-14, 27-21

creating 27-11

defined 27-3

limiting source traffic to specific VLANs 27-15

removing destination (monitoring) ports 27-12

specifying monitored ports 27-11

with ingress traffic enabled 27-13

source ports 27-5

traffic 27-4

transmitted traffic 27-5

VLAN-based 27-6

spanning tree and native VLANs 12-16

Spanning Tree Protocol

See STP

speed, configuring on interfaces 10-15

SRR, support for 1-9

SSH

configuring 6-38

cryptographic software image 6-37

described 1-4, 6-37

encryption methods 6-37

user authentication methods, supported 6-37

SSM

address management restrictions 46-15

CGMP limitations 46-15

components 46-13

configuration guidelines 46-15

configuring 46-13, 46-16

differs from Internet standard multicast 46-14

IGMP snooping 46-15

IGMPv3 46-14

IGMPv3 Host Signalling 46-15

IP address range 46-14

monitoring 46-16

operations 46-14

PIM 46-13

state maintenance limitations 46-16

SSM mapping

configuration guidelines 46-17

configuring 46-16, 46-19

defined 46-16

DNS-based 46-18, 46-20

monitoring 46-21

overview 46-17

restrictions 46-17

static 46-18, 46-19

static traffic forwarding 46-20

standby ip command 41-6

standby links 19-2

standby router 41-2

standby timers, HSRP 41-10

startup configuration

booting

manually 3-19

specific image 3-20

clearing A-18

configuration file

automatically downloading 3-18

specifying the filename 3-19

default boot configuration 3-18

static access ports

assigning to VLAN 12-11

defined 10-4, 12-5

static addresses

See addresses

static IP routing 1-11

static MAC addressing 1-8

static route primary interface, configuring 43-10

static routes

understanding 37-6

static routes, configuring 36-97

static routing 36-2

static SSM mapping 46-18, 46-19

static traffic forwarding 46-20

static VLAN membership 12-2

statistics

802.1x 9-26

CDP 24-5

interface 10-27

IP multicast routing 46-45

LLDP 25-7

LLDP-MED 25-7

OSPF 36-34

RMON group Ethernet 28-5

RMON group history 28-5

SNMP input and output 30-22

sticky learning 23-10

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-18

support for 1-2

thresholds 23-1

STP

and REP 18-6

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

BPDU message exchange 15-3

configuration guidelines 15-12, 17-6

configuring

forward-delay time 15-22

hello time 15-21

maximum aging time 15-22

path cost 15-19

port priority 15-17

root switch 15-15

secondary root switch 15-17

spanning-tree mode 15-14

switch priority 15-20

counters, clearing 15-23

default configuration 15-11

default optional feature configuration 17-5

designated port, defined 15-4

designated switch, defined 15-4

disabling 15-15

displaying status 15-23

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

extended system ID

effects on root switch 15-15

effects on the secondary root switch 15-17

overview 15-4

unexpected behavior 15-16

features supported 1-5

IEEE 802.1D and bridge ID 15-4

IEEE 802.1D and multicast addresses 15-9

IEEE 802.1t and VLAN identifier 15-4

inferior BPDU 15-3

instances supported 15-10

interface state, blocking to forwarding 17-2

interface states

blocking 15-6

disabled 15-7

forwarding 15-6, 15-7

learning 15-6

listening 15-6

overview 15-4

interoperability and compatibility among modes 15-10

keepalive messages 15-3

Layer 2 protocol tunneling 14-8

limitations with 802.1Q trunks 15-11

load sharing

overview 12-19

using path costs 12-21

using port priorities 12-20

loop guard

described 17-5

enabling 17-10

modes supported 15-9

multicast addresses, effect of 15-9

optional features supported 1-6

overview 15-2

path costs 12-21, 12-22

Port Fast

described 17-2

enabling 17-6

port priorities 12-20

preventing root switch selection 17-4

protocols supported 15-9

redundant connectivity 15-8

root guard

described 17-4

enabling 17-10

root port, defined 15-3

root switch

configuring 15-15

effects of extended system ID 15-4, 15-15

election 15-3

unexpected behavior 15-16

status, displaying 15-23

superior BPDU 15-3

timers, described 15-21

stratum, NTP 5-2

strict priority queuing 34-62

configuration guidelines 34-62

configuring 34-63

defined 34-27

QoS 34-27

stub areas, OSPF 36-29

stub routing, EIGRP 36-40

subdomains, private VLAN 13-1

subnet mask 36-5

subnet zero 36-5

success response, VMPS 12-24

summer time 5-13

SunNet Manager 1-3

supernet 36-6

SVIs

and IP unicast routing 36-3

and router ACLs 32-4

connecting VLANs 10-7

defined 10-5

routing between VLANs 12-2

switch 37-2

switch console port 1-5

Switch Database Management

See SDM

switched packets, ACLs on 32-39

Switched Port Analyzer

See SPAN

switched ports 10-3

switchport backup interface 19-4, 19-5

switchport block multicast command 23-8

switchport block unicast command 23-8

switchport command 10-12

switchport mode dot1q-tunnel command 14-6

switchport protected command 23-7

switch priority

MSTP 16-22

STP 15-20

switch software features 1-1

switch virtual interface

See SVI

synchronization, BGP 36-46

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-1

See also NTP

system message logging

default configuration 29-3

defining error message severity levels 29-8

disabling 29-4

displaying the configuration 29-13

enabling 29-4

facility keywords, described 29-13

level keywords, described 29-9

limiting messages 29-10

message format 29-2

overview 29-1

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

synchronizing log messages 29-6

syslog facility 1-12

time stamps, enabling and disabling 29-7

UNIX syslog servers

configuring the daemon 29-12

configuring the logging facility 29-12

facilities supported 29-13

system MTU

and IEEE 802.1Q tunneling 14-5

and IS-IS LSPs 36-67

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-15

system resources, optimizing 7-1

system routing

IS-IS 36-63

ISO IGRP 36-63

System-to-Intermediate System Protocol

See IS-IS

T

table maps

default actions 34-13

described 34-13

for QoS marking 34-18

QoS

configuration guidelines 34-40

configuring QoS table maps 34-40

supported table maps 34-14, 34-40

QoS, configuring 34-40

TACACS+

accounting, defined 6-11

authentication, defined 6-11

authorization, defined 6-11

configuring

accounting 6-16

authentication key 6-13

authorization 6-16

login authentication 6-14

default configuration 6-13

displaying the configuration 6-17

identifying the server 6-13

limiting the services to the user 6-16

operation of 6-12

overview 6-10

support for 1-8

tracking services accessed by user 6-16

tagged packets

IEEE 802.1Q 14-3

Layer 2 protocol 14-7

tar files

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-23

TCL script, registering and defining with embedded event manager 31-7

TDR 1-12

Telnet

accessing management interfaces 2-9

number of connections 1-4

setting a password 6-6

templates

Ethernet OAM 44-39

SDM 7-2

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 6-6

TFTP

configuration files

downloading A-11

preparing the server A-10

uploading A-11

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting A-26

downloading A-25

preparing the server A-24

uploading A-26

limiting access by servers 30-17

TFTP server 1-4

threshold, traffic level 23-2

threshold monitoring, IP SLAs 42-6

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32-16

time ranges in ACLs 32-16

time stamps in log messages 29-7

time-to-live 36-15

time zones 5-12

TLVs

defined 25-1

LLDP 25-2

LLDP-MED 25-2

traceroute, Layer 2

and ARP 48-14

and CDP 48-13

broadcast traffic 48-13

described 48-13

IP addresses and subnets 48-14

MAC addresses and VLANs 48-13

multicast traffic 48-13

multiple devices on a port 48-14

unicast traffic 48-13

usage guidelines 48-13

traceroute command 48-15

See also IP traceroute

tracked lists

configuring 43-3

types 43-3

tracked objects

by Boolean expression 43-4

by threshold percentage 43-6

by threshold weight 43-5

tracking interface line-protocol state 43-2

tracking IP routing state 43-2

tracking objects 43-1

tracking process 43-1

track state, tracking IP SLAs 43-9

traffic

blocking flooded 23-8

fragmented 32-5

fragmented IPv6 39-2

unfragmented 32-5

traffic class, defined 34-3

traffic classification, typical values 34-9

traffic marking 34-18

traffic policies, elements in 34-3

traffic shaping

for QoS scheduling 34-23

QoS traffic control 34-24

traffic suppression 23-1

trap-door mechanism 3-2

traps

configuring MAC address notification 5-23, 5-24, 5-26

configuring managers 30-12

defined 30-4

enabling 5-23, 5-24, 5-26, 30-12

notification types 30-13

overview 30-1, 30-4

troubleshooting 45-17

connectivity problems 48-9, 48-12, 48-14

detecting unidirectional links 26-1

displaying crash information 48-21

PIMv1 and PIMv2 interoperability problems 46-32

setting packet forwarding 48-18

SFP security and identification 48-8

show forward command 48-18

with CiscoWorks 30-4

with debug commands 48-17

with ping 48-10

with system message logging 29-1

with traceroute 48-14

trunk failover

See link-state tracking

trunking encapsulation 1-7

trunk ports

configuring 12-17

defined 10-4, 12-5

trunks

allowed-VLAN list 12-17

load sharing

setting STP path costs 12-21

using STP port priorities 12-20

native VLAN for untagged traffic 12-19

parallel 12-21

tunneling

defined 14-1

IEEE 802.1Q 14-1

Layer 2 protocol 14-8

tunnel ports

defined 12-5

described 10-4, 14-1

IEEE 802.1Q, configuring 14-6

incompatibilities with other features 14-6

twisted-pair Ethernet, detecting unidirectional links 26-1

two-way ETH-DM 45-3

U

UDLD

configuration guidelines 26-4

default configuration 26-4

disabling

globally 26-5

on fiber-optic interfaces 26-5

per interface 26-5

echoing detection mechanism 26-2

enabling

globally 26-5

per interface 26-5

Layer 2 protocol tunneling 14-10

link-detection mechanism 26-1

neighbor database 26-2

overview 26-1

resetting an interface 26-6

status, displaying 26-6

support for 1-5

UDP

datagrams 36-15

defined

forwarding 36-13

UDP, configuring 36-13

UDP jitter, configuring 42-9

UDP jitter operation, IP SLAs 42-8

unauthorized ports with 802.1x 9-4

unconditional priority policing

configuration guidelines 34-64

priority with police 34-28

UN-ENI VLANs

defined 12-5

UNI

configuring 10-14

described 10-2

protocol control packets on 33-1

unicast MAC address filtering

and adding static addresses 5-29

and broadcast MAC addresses 5-28

and CPU packets 5-28

and multicast addresses 5-28

and router MAC addresses 5-28

configuration guidelines 5-28

described 5-28

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-8

UNI community VLAN 12-6

UniDirectional Link Detection protocol

See UDLD

UNI isolated VLAN 12-6

UNIs, remote (CFM) 44-43

UNI VLANs

and private VLANs 12-12

and RSPAN VLANs 12-13

configuration guidelines 12-12

configuring 12-13

UNIX syslog servers

daemon configuration 29-12

facilities supported 29-13

message logging configuration 29-12

upgrading software images

See downloading

upgrading with CNS 4-14

uploading

configuration files

preparing A-10, A-12, A-15

reasons for A-8

using FTP A-14

using RCP A-17

using TFTP A-11

image files

preparing A-24, A-27, A-31

reasons for A-22

using FTP A-30

using RCP A-34

using TFTP A-26

usage guidelines

Layer 2 traceroute 48-13

User Datagram Protocol

See UDP

user EXEC mode 2-2

username-based authentication 6-6

user network interface

See UNI

V

VACLs

logging

configuration example 32-38

verifying frame delay 45-13

Virtual Private Network

See VPN

virtual router 41-2, 41-13

vlan.dat file 12-3

VLAN 1

disabling on a trunk port 12-18

minimization 12-18

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 12-24

VLAN blocking, REP 18-12

VLAN configuration mode 2-2

VLAN database

VLAN configuration saved in 12-9

VLANs saved in 12-3

vlan dot1q tag native command 14-4

VLAN filtering and SPAN 27-6

vlan global configuration command 12-7, 12-9

VLAN ID

discovering 5-31

VLAN load balancing

configuration guidelines on flex links 19-8

on flex links 19-2

REP 18-4

triggering 18-5

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 32-30

VLAN maps

applying 32-34

common uses for 32-34

configuration guidelines 32-30

configuring 32-29

creating 32-31

defined 32-2, 32-5

denying access to a server example 32-35

denying and permitting packets 32-32

displaying 32-42

examples of ACLs and VLAN maps 32-32

removing 32-34

support for 1-8

wiring closet configuration example 32-35

with router ACLs 32-41

VLAN membership

confirming 12-27

modes 12-5

VLAN Query Protocol

See VQP

VLANs

adding 12-9

aging dynamic addresses 15-9

allowed on trunk 12-17

and spanning-tree instances 12-3, 12-8

configuration guidelines 12-8

configuration guidelines, normal-range VLANs 12-8

configuring 12-1

connecting through SVIs 10-7

customer numbering in service-provider networks 14-3

default configuration 12-7

described 10-2, 12-1

displaying 12-14

extended-range 12-1

features 1-7

illustrated 12-2

internal 12-9

limiting source traffic with RSPAN 27-21

limiting source traffic with SPAN 27-15

modifying 12-9

multicast 22-15

native, configuring 12-19

normal-range 12-1, 12-3

number supported 1-7

parameters 12-3

port membership modes 12-4

static-access ports 12-11

STP and 802.1Q trunks 15-11

supported 12-3

traffic between 12-2

UNI 12-5

UNI community 12-6

UNI isolated 12-6

VLAN trunks 12-14

VMPS

administering 12-28

configuration example 12-28

configuration guidelines 12-25

default configuration 12-25

description 12-23

dynamic port membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

mapping MAC addresses to VLANs 12-23

monitoring 12-28

reconfirmation interval, changing 12-27

reconfirming membership 12-27

retry count, changing 12-27

VPN

configuring routing in 36-90

forwarding 36-84

in service provider networks 36-82

routes 1-18, 36-83

VPN routing and forwarding table

See VRF

VQP 1-7, 12-23

VRF

defining 36-84

tables 1-18, 36-82

VRF-aware services

ARP 36-87

configuring 36-86

ftp 36-89

HSRP 36-88

ping 36-87

RADIUS 36-89

SNMP 36-87

syslog 36-88

tftp 36-89

traceroute 36-89

VTP Layer 2 protocol tunneling 14-8

W

weighted tail drop

See WTD

weight thresholds in tracked lists 43-5

WTD

configuration guidelines 34-67

configuring 34-66, 34-67

described 34-29

support for 1-9

X

Xmodem protocol 48-2

Y

Y.1731

default configuration 44-26

described 44-23

ETH-AIS

configuring 44-26

Ethernet Alarm Signal function (ETH-AIS) 44-24

ETH-LCK 44-25

configuring 44-28

ETH-RDI 44-24

multicast Ethernet loopback 44-30

multicast ETH-LB 44-25

terminology 44-23

Y.1731 Performance Monitoring 45-1, 45-2, 45-3, 45-4, 45-5, 45-13, 45-17