Cisco ME 3400E Ethernet Access Switch Software Configuration Guide, Release 12.2(52)SE
Index
Downloads: This chapterpdf (PDF - 1.78MB) The complete bookPDF (PDF - 34.13MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - Y -

Index

ACLs (continued)
ACLs (continued)
ACLs (continued)
BGP (continued)
CFM (continued)
default configuration (continued)
default configuration (continued)
DHCP snooping (continued)
dual-purpose ports (continued)
EIGRP (continued)
EtherChannel (continued)
ICMP (continued)
IGMP (continued)
interfaces (continued)
IP multicast routing (continued)
IP multicast routing (continued)
IP SLAs (continued)
IP source guard(continued)
IP unicast routing(continued)
Kerberos (continued)
Layer 2 traceroute (continued)
LLDP (continued)
MAC addresses (continued)
MIBs (continued)
monitoring (continued)
MSTP (continued)
MSTP (continued)
multi-VRF CE (continued)
PIM(continued)
port-based authentication (continued)
private VLANs (continued)
QoS (continued)
QoS (continued)
QoS (continued)
SNMP (continued)
SPAN (continued)
STP (continued)
STP (continued)
STP (continued)
system message logging (continued)
TACACS+ (continued)
TFTP (continued)
troubleshooting (continued)
UDLD (continued)
VLANs (continued)
VMPS (continued)

A

abbreviating commands 2-3

ABRs 36-23

access-class command 32-18

access control entries

See ACEs

access-denied response, VMPS 12-24

access groups

applying IPv4 ACLs to interfaces 32-19

Layer 2 32-19

Layer 3 32-20

access lists

See ACLs

access ports

and Layer 2 protocol tunneling 14-16

defined 10-4

accounting

with IEEE 802.1x 9-5, 9-23

with RADIUS 8-28

with TACACS+ 8-11, 8-16

ACEs

defined 32-2

Ethernet 32-2

IP 32-2

ACL classification, QoS 34-11

ACLs

ACEs 32-2

any keyword 32-12, 34-38

applying

on multicast packets 32-38

on routed packets 32-37

on switched packets 32-37

time ranges to 32-16

to an interface 32-19, 39-7

to IPv6 interfaces 39-7

to QoS 34-11

classifying traffic for QoS 34-37

comments in 32-18

compiling 32-22

defined 32-1, 32-7

examples of 32-22

extended IPv4

creating 32-10

matching criteria 32-7

hardware and software handling 32-20

host keyword 32-12, 34-38

IP

creating 32-7

implicit deny 32-9, 32-13, 32-15

implicit masks 32-9

matching criteria 32-7

undefined 32-20

IPv4

applying to interfaces 32-19

creating 32-7

matching criteria 32-7

named 32-14

numbers 32-8

terminal lines, setting on 32-18

unsupported features 32-6

IPv6

applying to interfaces 39-7

configuring 39-3, 39-4

displaying 39-8

interactions with other features 39-4

limitations 39-3

matching criteria 39-3

named 39-3

precedence of 39-2

supported 39-2

unsupported features 39-3

Layer 4 information in 32-36

logging messages 32-8

MAC extended 32-26

matching 32-7, 32-20

monitoring 32-39, 39-8

named

IPv6 39-3

named, IPv4 32-14

names 39-4

port 32-2, 39-2

precedence of 32-2

QoS 34-11

resequencing entries 32-14

router 32-2, 39-2

router ACLs and VLAN map configuration guidelines 32-36

standard IPv4

creating 32-9

matching criteria 32-7

support for 1-8

support in hardware 32-20

time ranges 32-16

types supported 32-2

unsupported features

IPv6 39-3

unsupported features, IPv4 32-6

using router ACLs with VLAN maps 32-35

VLAN maps

configuration guidelines 32-29

configuring 32-29

active link 19-4, 19-5, 19-6

active links 19-2

active router 40-1

active traffic monitoring, IP SLAs 41-1

address aliasing 22-2

addresses

displaying the MAC address table 5-31

dynamic

accelerated aging 15-9

changing the aging time 5-21

default aging 15-9

defined 5-19

learning 5-20

removing 5-22

IPv6 37-2

MAC, discovering 5-31

multicast

group address range 44-2

STP address management 15-9

static

adding and removing 5-27

defined 5-19

address resolution 5-31, 36-7

Address Resolution Protocol

See ARP

adjacency tables, with CEF 36-95

administrative distances

defined 36-107

OSPF 36-31

routing protocol defaults 36-97

administrative VLAN

REP, configuring 18-8

administrative VLAN, REP 18-8

advertisements

CDP 24-1

LLDP 25-1

RIP 36-18

age timer, REP 18-8

aggregatable global unicast addresses 37-3

aggregate addresses, BGP 36-58

aggregated ports

See EtherChannel

aggregate policers

configuration guidelines 34-51

configuring 34-51

described 34-17

aging, accelerating 15-9

aging time

accelerated

for MSTP 16-23

for STP 15-9, 15-22

MAC address table 5-21

maximum

for MSTP 16-24

for STP 15-22

alarms, RMON 28-3

allowed-VLAN list 12-18

area border routers

See ABRs

area routing

IS-IS 36-62

ISO IGRP 36-62

ARP

configuring 36-8

defined 1-4, 5-31, 36-7

encapsulation 36-9

static cache configuration 36-8

table

address resolution 5-31

managing 5-31

ASBRs 36-23

AS-path filters, BGP 36-52

assured forwarding, DSCP 34-8

asymmetrical links, and IEEE 802.1Q tunneling 14-4

attributes, RADIUS

vendor-proprietary 8-30

vendor-specific 8-29

authentication

EIGRP 36-39

HSRP 40-10

local mode with AAA 8-36

NTP associations 5-4

RADIUS

key 8-21

login 8-23

TACACS+

defined 8-11

key 8-13

login 8-14

See also port-based authentication

authentication keys, and routing protocols 36-108

authentication manager

single session ID 9-11

authoritative time source, described 5-2

authorization

with RADIUS 8-27

with TACACS+ 8-11, 8-16

authorized ports with 802.1x 9-4

autoconfiguration 3-3

auto enablement 9-10

autonegotiation

duplex mode 1-2

interface configuration guidelines 10-18

mismatches 46-8

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP 36-46

Auto-RP, described 44-6

autosensing, port speed 1-2

availability, features 1-5

B

backup interfaces

See Flex Links

backup links 19-2

backup static routing, configuring 42-12

bandwidth, QoS, configuring 34-63

bandwidth command

for CBWFQ 34-26

QoS, configuring 34-63

QoS, described 34-28

with police command 34-30

bandwidth remaining percent command 34-30

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

Berkeley r-tools replacement 8-41

best-effort packet delivery 34-1

BGP

aggregate addresses 36-58

aggregate routes, configuring 36-58

CIDR 36-58

clear commands 36-61

community filtering 36-55

configuring neighbors 36-56

default configuration 36-44, 36-74

described 36-43

enabling 36-46

monitoring 36-61

multipath support 36-50

neighbors, types of 36-46

path selection 36-50

peers, configuring 36-56

prefix filtering 36-54

resetting sessions 36-49

route dampening 36-60

route maps 36-52

route reflectors 36-59

routing domain confederation 36-59

routing session with multi-VRF CE 36-90

show commands 36-61

supernets 36-58

support for 1-10

Version 4 36-43

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-6

IP source guard 20-19

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-6

Boolean expressions in tracked lists 42-3

booting

boot loader, function of 3-2

boot process 3-1

manually 3-19

specific image 3-19

boot loader

accessing 3-20

described 3-2

environment variables 3-20

prompt 3-20

trap-door mechanism 3-2

bootstrap router (BSR), described 44-6

Border Gateway Protocol

See BGP

BPDU

error-disabled state 17-3

filtering 17-3

RSTP format 16-12

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

support for 1-5

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

support for 1-5

broadcast flooding 36-15

broadcast packets

directed 36-12

flooded 36-12

broadcast storm-control command 23-4

broadcast storms 23-1, 36-12

bulk statistics

defined 30-6

file 30-6

object list, configuring 30-18

object list, described 30-6

schema, configuring 30-18

schema, described 30-6

transfer 30-19

bulkstat object-list 30-18

bulkstat schema 30-18

C

cables, monitoring for unidirectional links 26-1

CBWFQ

and bandwidth command 34-28, 34-63

configuration guidelines 34-63

QoS scheduling 34-26

CDP

configuring 24-2

default configuration 24-2

defined with LLDP 25-1

described 24-1

disabling for routing device24-3to 24-4

enabling and disabling

on an interface 24-4

on a switch 24-3

Layer 2 protocol tunneling 14-13

monitoring 24-5

overview 24-1

support for 1-4

transmission timer and holdtime, setting 24-2

updates 24-2

CEF

defined 36-95

enabling 36-96

IPv6 37-18

CFM

and Ethernet OAM, configuring 43-53

and Ethernet OAM interaction 43-52

and OAM manager 43-46

and other features 43-8

and tunnels 43-8

clearing 43-29

configuration errors 43-6

configuration guidelines 43-7

configuring crosscheck 43-11

configuring fault alarms 43-16

configuring port MEP 43-14

configuring static remote MEP 43-12

configuring the network 43-8

continuity check messages 43-5

crosscheck 43-5

default configuration 43-7

defined 43-2

down MEPs 43-4

draft 1 43-4

draft 8.1 43-4

EtherChannel support 43-7

fault alarms

configuring 43-16

defined 43-5

IEEE 802.1ag 43-2

IP SLAs support for 43-6

IP SLAs with endpoint discovers 43-19

loopback messages 43-5

maintenance association 43-3

maintenance domain 43-2

maintenance point 43-3

manually configuring IP SLAs ping or jitter 43-17

measuring network performance 43-6

messages

continuity check 43-5

loopback 43-5

traceroute 43-5

monitoring 43-29, 43-30

on EtherChannel port channels 43-7

port MEP, configuring 43-14

remote MEPs 43-5

SNMP traps 43-5

static RMEP, configuring 43-12

static RMEP check 43-5

traceroute messages 43-5

types of messages 43-5

UNIs 43-4

up MEPs 43-4

version interoperability 43-6

Y.1731

described 43-21

child policies, QoS 34-13, 34-28

CIDR 36-58

Cisco Configuration Engine 1-3

Cisco Data Collection MIB 30-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 41-2

Cisco Process MIB 30-1

CiscoWorks 2000 1-3, 30-4

CISP 9-10

CIST regional root

See MSTP

CIST root

See MSTP

civic location 25-3

class-based priority queuing, QoS 34-20

class-based shaping

configuration guidelines 34-65

configuring 34-65

for QoS 34-27

Class-Based-Weighted-Fair-Queuing

See CBWFQ

classification

based on ACL lookup 34-11

in packet headers 34-6

per-port per VLAN 34-12, 34-57

QoS comparisons 34-10

QoS group 34-11

classless interdomain routing

See CIDR

classless routing 36-6

class map

match-all option 34-7

match-any option 34-7

class-map command 34-3

class maps, QoS

configuring 34-40, 34-41

described 34-7

class of service

See CoS

class selectors, DSCP 34-9

clearing

Ethernet CFM 43-29

clearing interfaces 10-30

CLI

abbreviating commands 2-3

command modes 2-1

described 1-3

editing features

enabling and disabling 2-6

keystroke editing 2-6

wrapped lines 2-8

error messages 2-4

filtering command output 2-8

getting help 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client processes, tracking 42-1

CLNS

See ISO CLNS

clock

See system clock

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-7

for upgrading 4-14

command-line interface

See CLI

command macros

applying global parameter values 11-4

applying macros 11-4

applying parameter values 11-4

configuration guidelines 11-2

creating 11-3

default configuration 11-2

defined 11-1

displaying 11-5

tracing 11-2

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 8-8

common session ID

see single session ID 9-11

community list, BGP 36-55

community ports 13-3

community strings

configuring 30-8

overview 30-4

community VLANs 13-2, 13-3

compatibility, feature 23-11

config.text 3-18

configurable leave timer, IGMP 22-5

configuration, initial

defaults 1-12

configuration examples

network 1-15

policy maps 34-81

QoS

adding customers 34-83

adding or deleting a class 34-86

adding or deleting classification criteria 34-83, 34-84

adding or deleting configured actions 34-85

changing queuing or scheduling parameters 34-84

initial 34-81

configuration files

archiving B-19

clearing the startup configuration B-19

creating using a text editor B-10

default name 3-18

deleting a stored configuration B-19

described B-8

downloading

automatically 3-18

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

guidelines for creating and using B-9

guidelines for replacing and rolling back B-20

invalid combinations when copying B-5

limiting TFTP server access 30-17, 30-18, 30-19, 30-20

obtaining with DHCP 3-8

password recovery disable considerations 8-5

replacing a running configuration B-19, B-20

rolling back a running configuration B-19, B-20

specifying the filename 3-18

system contact and location information 30-17

types and location B-9

uploading

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-14

using RCP B-18

using TFTP B-11

configuration guidelines

aggregate policers 34-51

CBWFQ 34-63

CFM 43-7

class-based shaping 34-65

EtherChannel 35-10

Ethernet OAM 43-33

HSRP 40-5

individual policers 34-45

input policy maps 34-44

link-state tracking 35-24

marking in policy maps 34-55

multi-VRF CE 36-84

OAM manager 43-46

output policy maps 34-62

per-port, per-VLAN QoS 34-57

PIM stub routing 44-12

port security 23-10

QoS, general 34-35

QoS class maps 34-40

REP 18-7

rollback and replacement B-20

SSM 44-16

SSM mapping 44-18

strict priority queuing 34-67

unconditional priority policing 34-69

UNI VLANs 12-12

VLAN mapping 14-9

VLANs 12-8

WTD 34-72

configuration replacement B-19

configuration rollback B-19

configuration settings, saving 3-15

configure terminal command 10-8

configuring marking in input policy maps 34-55

configuring port-based authentication violation modes9-15to 9-16

congestion avoidance, QoS 34-2, 34-32

congestion management, QoS 34-2, 34-26

connections, secure remote 8-37

Connectivity Fault Management

See CFM

connectivity problems 46-9, 46-13, 46-14

console port, connecting to 2-9

control packets

and control-plane security 33-2

dropping and rate-limiting 33-2

control-plane security

configuring 33-6

control packets 33-2

monitoring 33-7

policers 33-4

policing 33-2

purpose of 33-1

control protocol, IP SLAs 41-4

convergence

REP 18-4

corrupted software, recovery steps with Xmodem 46-2

CoS

classification 34-8

values 34-6

counters, clearing interface 10-30

CPU overload, protection from 33-1

CPU policers 33-6

CPU protection 33-4

CPU threshold notification 30-21

CPU threshold table 30-1, 30-20

CPU utilization statistics 30-20

crashinfo file 46-21

crosscheck, CFM 43-5, 43-11

cryptographic software image

Kerberos 8-32

SSH 8-37

customer edge devices 1-17, 36-82

C-VLAN 14-7

D

data collection, bulk statistics 30-20

daylight saving time 5-13

debugging

enabling all system diagnostics 46-18

enabling for a specific feature 46-17

redirecting error message output 46-18

using commands 46-17

default

policer configuration

ENIs and UNIs 33-4

NNIs 33-6

default actions, table maps 34-14

default commands 2-4

default configuration

banners 5-17

BGP 36-44, 36-74

booting 3-18

CDP 24-2

CFM 43-7

DHCP 20-8

DHCP option 82 20-8

DHCP snooping 20-8

DHCP snooping binding database 20-8

DNS 5-16

dynamic ARP inspection 21-5

EIGRP 36-36

E-LMI and OAM 43-46

EtherChannel 35-10

Ethernet OAM 43-32

Flex Links 19-7

HSRP 40-5

IEEE 802.1Q tunneling 14-4

IEEE 802.1x 9-12

IGMP 44-38

IGMP filtering 22-24

IGMP snooping 22-6, 38-5, 38-6

IGMP throttling 22-24

initial switch information 3-3

IP addressing, IP routing 36-4

IP multicast routing 44-8

IP SLAs 41-6

IP source guard 20-21

IPv6 37-9

IS-IS 36-63

Layer 2 interfaces 10-15

Layer 2 protocol tunneling 14-16

LLDP 25-3

MAC address table 5-21

MAC address-table move update 19-7

MSDP 45-3

MSTP 16-14

multi-VRF CE 36-84

MVR 22-18

NTP 5-4

optional spanning-tree configuration 17-5

OSPF 36-24

password and privilege level 8-2

PIM 44-8

private VLANs 13-6

QoS 34-35

RADIUS 8-20

REP 18-7

RIP 36-18

RMON 28-3

RSPAN 27-9

SDM template 7-3

SNMP 30-7

SPAN 27-9

STP 15-11

system message logging 29-3

system name and prompt 5-15

TACACS+ 8-13

UDLD 26-4

VLAN, Layer 2 Ethernet interfaces 12-16

VLAN mapping 14-9

VLANs 12-7

VMPS 12-25

Y.1731 43-24

default gateway 3-15, 36-10

default networks 36-98

default router preference

See DRP

default routes 36-98

default routing 36-2

default service, DSCP 34-8

default template 7-1

denial-of-service attacks, preventing 33-1

description command 10-24

designing your network, examples 1-15

destination addresses

in IPv6 ACLs 39-5

destination addresses, in IPv4 ACLs 32-11

destination-IP address-based forwarding, EtherChannel 35-8

destination-MAC address forwarding, EtherChannel 35-7

device discovery protocol 24-1, 25-1

DHCP

DHCP for IPv6

See DHCPv6

DHCP, enabling the relay agent 20-10

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-8

server side 3-6

TFTP server 3-7

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-4, 1-10

support for 1-3

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP object tracking, configuring primary interface 42-11

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-8

default configuration 20-8

displaying 20-15

forwarding address, specifying 20-10

helper address 20-10

overview 20-3

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP server port-based address allocation

configuration guidelines 20-16

default configuration 20-16

described 20-15

displaying 20-18

enabling 20-16

reserved addresses 20-17

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-12

and private VLANs 20-13

binding database

See DHCP snooping binding database

configuration guidelines 20-8

default configuration 20-8

displaying binding tables 20-15

message exchange process 20-4

option 82 data insertion 20-3

trusted interface 20-2

untrusted interface 20-2

untrusted messages 20-2

DHCP snooping binding database

adding bindings 20-14

binding entries, displaying 20-15

binding file

format 20-7

location 20-6

bindings 20-6

clearing agent statistics 20-15

configuration guidelines 20-9

configuring 20-14

default configuration 20-8

deleting

binding file 20-14

bindings 20-15

database agent 20-14

described 20-6

displaying 20-15

binding entries 20-15

status and statistics 20-15

enabling 20-14

entry 20-6

renewing database 20-15

resetting

delay value 20-14

timeout value 20-14

DHCP snooping binding table

See DHCP snooping binding database

DHCPv6

configuration guidelines 37-14

default configuration 37-14

described 37-6

enabling client function 37-17

enabling DHCPv6 server function 37-15

diagnostic schedule command 47-2

Differentiated Services Code Point

See DSCP

Diffusing Update Algorithm (DUAL) 36-34

Digital Optical Monitoring

see DoM

directed unicast requests 1-4

directories

changing B-3

creating and removing B-4

displaying the working B-3

discovery, Ethernet OAM 43-31

distribute-list command 36-106

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-16

displaying the configuration 5-17

in IPv6 37-3

overview 5-15

setting up 5-16

support for 1-3

DNS-based SSM mapping 44-19, 44-21

DoM

displaying supported transceivers 10-29

domain names, DNS 5-15

Domain Name System

See DNS

domains, ISO IGRP routing 36-62

dot1q-tunnel switchport mode 12-15

double-tagged packets

IEEE 802.1Q tunneling 14-2

Layer 2 protocol tunneling 14-15

downloading

configuration files

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

image files

deleting old image B-27

preparing B-25, B-28, B-32

reasons for B-23

using FTP B-29

using RCP B-33

using TFTP B-26

using the device manager or Network Assistant B-23

drop threshold for Layer 2 protocol packets 14-16

DRP

configuring 37-12

described 37-4

IPv6 37-4

DSCP

assured forwarding 34-8

classification 34-8

class selectors 34-9

default service 34-8

expedited forwarding 34-9

values 34-6

DUAL finite state machine, EIGRP 36-35

dual IPv4 and IPv6 templates 7-2, 37-5

dual protocol stacks

IPv4 and IPv6 37-5

SDM templates supporting 37-6

dual-purpose ports

default port type 10-7

defaults 10-20

defined 10-6

frame size 10-20

LEDs 10-7

setting the type 10-20

duplex mode, configuring 10-18

dynamic access ports

characteristics 12-5

configuring 12-26

defined 10-4

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 21-1

ARP requests, described 21-1

ARP spoofing attack 21-1

clearing

log buffer 21-15

statistics 21-15

configuration guidelines 21-6

configuring

ACLs for non-DHCP environments 21-8

in DHCP environments 21-7

log buffer 21-13

rate limit for incoming ARP packets 21-4, 21-10

default configuration 21-5

denial-of-service attacks, preventing 21-10

described 21-1

DHCP snooping binding database 21-2

displaying

ARP ACLs 21-14

configuration and operating state 21-14

log buffer 21-15

statistics 21-15

trust state and rate limit 21-14

error-disabled state for exceeding rate limit 21-4

function of 21-2

interface trust states 21-3

log buffer

clearing 21-15

configuring 21-13

displaying 21-15

logging of dropped packets, described 21-4

man-in-the middle attack, described 21-2

network security issues and interface trust states 21-3

priority of ARP ACLs and DHCP snooping entries 21-4

rate limiting of ARP packets

configuring 21-10

described 21-4

error-disabled state 21-4

statistics

clearing 21-15

displaying 21-15

validation checks, performing 21-12

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

types of connections 12-26

dynamic routing

ISO CLNS 36-62

protocols 36-2

E

EBGP 36-42

editing features

enabling and disabling 2-6

keystrokes used 2-6

wrapped lines 2-8

EEM 3.2 31-5

EIGRP

authentication 36-39

components 36-35

configuring 36-37

default configuration 36-36

definition 36-34

interface parameters, configuring 36-38

monitoring 36-41

stub routing 36-40

support for 1-10

EIGRP IPv6 37-6

ELIN location 25-3

E-LMI

and OAM Manager 43-45

CE device configuration 43-51

configuration guidelines 43-46

configuring a CE device 43-49

configuring a PE device 43-49

default configuration 43-46

defined 43-45

enabling 43-49

information 43-45

monitoring 43-51

PE device configuration 43-50

embedded event manager

3.2 31-5

actions 31-4

configuring 31-1, 31-5

displaying information 31-7

environmental variables 31-4

event detectors 31-2

policies 31-4

registering and defining an applet 31-6

registering and defining a TCL script 31-7

understanding 31-1

enable password 8-3

enable secret password 8-3

encryption for passwords 8-3

Enhanced IGRP

See EIGRP

enhanced network interface

See ENI

enhanced object tracking

backup static routing 42-12

defined 42-1

DHCP primary interface 42-11

HSRP 42-7

IP routing state 42-2

IP SLAs 42-9

line-protocol state 42-2

network monitoring with IP SLAs 42-11

routing policy, configuring 42-12

static route primary interface 42-10

tracked lists 42-3

ENI

configuring 10-17

described 10-2

protocol control packets on 33-1

environmental variables, embedded event manager 31-4

environment variables, function of 3-21

equal-cost routing 1-10, 36-96

error messages during command entry 2-4

EtherChannel

802.3ad, described 35-6

automatic creation of 35-4, 35-6

channel groups

binding physical and logical interfaces 35-3

numbering of 35-3

configuration guidelines 35-10

configuring

Layer 2 interfaces 35-11

Layer 3 physical interfaces 35-15

Layer 3 port-channel logical interfaces 35-14

default configuration 35-10

described 35-2

displaying status 35-22

forwarding methods 35-7, 35-17

interaction

with STP 35-10

with VLANs 35-11

LACP

described 35-6

displaying status 35-22

hot-standby ports 35-19

interaction with other features 35-7

modes 35-6

port priority 35-21

system priority 35-20

Layer 3 interface 36-3

load balancing 35-7, 35-17

logical interfaces, described 35-3

PAgP

aggregate-port learners 35-18

compatibility with Catalyst 1900 35-18

described 35-4

displaying status 35-22

interaction with other features 35-5

learn method and priority configuration 35-18

modes 35-5

support for 1-2

port-channel interfaces

described 35-3

numbering of 35-3

port groups 10-6

support for 1-2

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

Ethernet infrastructure 43-1

Ethernet Link Management Interface

See E-LMI

Ethernet Locked Signal (ETH-LCK) 43-23

Ethernet loopback

characteristics 43-42

Ethernet management port

and routing 10-13

and routing protocols 10-13

and TFTP 10-14

configuring 10-14

default setting 10-13

described 10-5, 10-12

for network management 10-5, 10-12

specifying 10-14

supported features 10-13

unsupported features 10-14

Ethernet management port, internal

and routing 10-13

and routing protocols 10-13

unsupported features 10-14

Ethernet OAM 43-32

and CFM interaction 43-52

configuration guidelines 43-33

configuring with CFM 43-53

default configuration 43-32

discovery 43-31

enabling 43-33, 43-54

link monitoring 43-31, 43-35

manager 43-1

messages 43-32

protocol

defined 43-31

monitoring 43-41

remote failure indications 43-32, 43-37

remote loopback 43-32, 43-34

templates 43-38

Ethernet OAM protocol 43-1

Ethernet OAM protocol CFM notifications 43-52

Ethernet operation, administration, and maintenance

See Ethernet OAM

Ethernet Remote Defect Indication (ETH-RDI) 43-23

Ethernet terminal loopback 34-80

Ethernet virtual connections

See EVCs

Ethernet VLANs

adding 12-9

defaults and ranges 12-8

modifying 12-9

EUI 37-3

EVCs

configuring 43-47

in CFM domains 43-45

event detectors, embedded event manager 31-2

events, RMON 28-3

examples

network configuration 1-15

expedited forwarding, DSCP 34-9

extended-range VLANs

creating with an internal VLAN ID 12-12

defined 12-1

extended system ID

MSTP 16-17

STP 15-4, 15-15

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 9-1

external BGP

See EBGP

external neighbors, BGP 36-46

F

Fa0 port

See Ethernet management port

Fast Convergence 19-3

fastethernet0 port

See Ethernet management port

features, incompatible 23-11

FIB 36-95

fiber-optic, detecting unidirectional links 26-1

files

copying B-4

crashinfo

description 46-21

displaying the contents of 46-21

location 46-21

deleting B-5

displaying the contents of B-8

tar

creating B-6

displaying the contents of B-6

extracting B-7

image file format B-24

file system

displaying available file systems B-2

displaying file information B-3

local file system names B-1

network file system names B-4

setting the default B-3

filtering

in a VLAN 32-29

IPv6 traffic 39-3, 39-7

non-IP traffic 32-26

show and more command output 2-8

filtering show and more command output 2-8

filters, IP

See ACLs, IP

flash device, number of B-1

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-8, 19-9

configuring preferred VLAN 19-11

configuring VLAN load balancing 19-10

default configuration 19-7

description 19-1

link load balancing 19-2

monitoring 19-14

VLANs 19-2

flooded traffic, blocking 23-7

flow control 1-2, 10-22

forward-delay time

MSTP 16-23

STP 15-22

Forwarding Information Base

See FIB

FTP

accessing MIB files A-3

configuration files

downloading B-13

overview B-12

preparing the server B-13

uploading B-14

image files

deleting old image B-31

downloading B-29

preparing the server B-28

uploading B-31

G

general query 19-5

Generating IGMP Reports 19-3

get-bulk-request operation 30-3

get-next-request operation 30-3, 30-4

get-request operation 30-3, 30-4

get-response operation 30-3

global configuration mode 2-2

global leave, IGMP 22-11

H

hardware limitations and Layer 3 interfaces 10-25

hello time

MSTP 16-23

STP 15-21

help, for the command line 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

history table, level and number of syslog messages 29-10

host ports

configuring 13-11

kinds of 13-2

hosts, limit on dynamic ports 12-28

Hot Standby Router Protocol

See HSRP

HP OpenView 1-3

HSRP

authentication string 40-10

command-switch redundancy 1-6

configuration guidelines 40-5

configuring 40-5

default configuration 40-5

definition 40-1

monitoring 40-12

object tracking 42-7

overview 40-1

priority 40-7

routing redundancy 1-9

support for ICMP redirect messages 40-12

timers 40-10

tracking 40-8

HTTP(S) Over IPv6 37-7

I

IBPG 36-42

ICMP

IPv6 37-4

redirect messages 36-10

support for 1-10

time-exceeded messages 46-15

traceroute 46-15

unreachable messages 32-19

unreachable messages and IPv6 39-4

unreachables and ACLs 32-20

ICMP Echo operation

configuring 41-11

IP SLAs 41-11

ICMP ping

executing 46-10

overview 46-10

ICMP Router Discovery Protocol

See IRDP

ICMPv6 37-4

IDS appliances

and ingress RSPAN 27-20

and ingress SPAN 27-13

IEEE 802.1ag 43-2

IEEE 802.1D

See STP

IEEE 802.1Q

and trunk ports 10-4

configuration limitations 12-15

encapsulation 12-15

native VLAN for untagged traffic 12-19

tunneling

compatibility with other features 14-5

defaults 14-4

described 14-1

tunnel ports with other features 14-6

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ah Ethernet OAM discovery 43-1

IEEE 802.3z flow control 10-22

ifIndex values, SNMP 30-5

IFS 1-4

IGMP

configurable leave timer, described 22-5

configurable leave timer, procedures 22-9

configuring the switch

as a member of a group 44-38

statically connected member 44-43

controlling access to groups 44-39

default configuration 44-38

deleting cache entries 44-47

displaying groups 44-48

fast switching 44-43

flooded multicast traffic

controlling flooding time 22-10

disabling on an interface 22-11

global leave 22-11

query solicitation 22-11

recovering from flood mode 22-11

host-query interval, modifying 44-41

joining multicast group 22-3

join messages 22-3

leave processing, enabling 22-9, 38-9

leaving multicast group 22-5

multicast reachability 44-38

overview 44-2

queries 22-3

report suppression

described 22-6

disabling 22-14, 38-12

supported versions 22-2

support for 1-2

Version 1

changing to Version 2 44-40

described 44-3

Version 2

changing to Version 1 44-40

described 44-3

maximum query response time value 44-42

pruning groups 44-42

query timeout value 44-42

IGMP configurable leave timer 22-5

IGMP filtering

configuring 22-25

default configuration 22-24

described 22-24

monitoring 22-29

support for 1-3

IGMP groups

configuring filtering 22-27

setting the maximum number 22-26

IGMP helper 44-5

IGMP leave timer, configuring 22-9

IGMP profile

applying 22-26

configuration mode 22-25

configuring 22-25

IGMP snooping

and address aliasing 22-2

configuring 22-6

default configuration 22-6, 38-5, 38-6

definition 22-1

enabling and disabling 22-7, 38-6

global configuration 22-7

Immediate Leave 22-5

monitoring 22-14, 38-12

querier

configuration guidelines 22-12

configuring 22-12

supported versions 22-2

support for 1-2

VLAN configuration 22-7

IGMP throttling

configuring 22-27

default configuration 22-24

described 22-24

displaying action 22-28

IGP 36-23

Immediate Leave, IGMP

configuration guidelines 22-9

described 22-5

enabling 22-9, 38-9

individual policers

configuration guidelines 34-45

configuring 34-45

initial configuration

defaults 1-12

input policy maps

classification criteria 34-5

configuration guidelines 34-44

configuring 34-44

displaying statistics 34-80

interface

number 10-8

range macros 10-10

interface command 10-8

interface configuration, REP 18-9

interface configuration mode 2-2

interfaces

configuration guidelines, duplex and speed 10-18

configuring

duplex mode 10-18

procedure 10-8

speed 10-18

counters, clearing 10-30

described 10-24

descriptive name, adding 10-24

displaying information about 10-28

flow control 10-22

management 1-3

monitoring 10-28

naming 10-24

physical, identifying 10-8

range of 10-9

restarting 10-30

shutting down 10-30

status 10-28

supported 10-8

types of 10-1

interfaces range macro command 10-10

interface types 10-8

ENI 10-2

NNI 10-2

UNI 10-2

Interior Gateway Protocol

See IGP

Intermediate System-to-Intermediate System

See IS-IS

internal BGP

See IBGP

internal neighbors, BGP 36-46

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

inter-VLAN routing 1-10, 36-2

Intrusion Detection System

See IDS appliances

inventory management TLV 25-6

IP ACLs

for QoS classification 34-11

implicit deny 32-9, 32-13

implicit masks 32-9

named 32-14

undefined 32-20

IP addresses

128-bit 37-2

classes of 36-5

default configuration 36-4

discovering 5-31

for IP routing 36-3

IPv6 37-2

MAC address association 36-7

monitoring 36-16

IP broadcast address 36-14

ip cef distributed command 36-95

IP directed broadcasts 36-12

ip igmp profile command 22-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP multicast routing

addresses

all-hosts 44-2

all-multicast-routers 44-2

host group address range 44-2

administratively-scoped boundaries, described 44-45

and IGMP snooping 22-1

Auto-RP

adding to an existing sparse-mode cloud 44-25

benefits of 44-25

clearing the cache 44-47

configuration guidelines 44-10

filtering incoming RP announcement messages 44-28

overview 44-6

preventing candidate RP spoofing 44-28

preventing join messages to false RPs 44-27

setting up in a new internetwork 44-25

using with BSR 44-33

bootstrap router

configuration guidelines 44-10

configuring candidate BSRs 44-31

configuring candidate RPs 44-32

defining the IP multicast boundary 44-30

defining the PIM domain border 44-29

overview 44-6

using with Auto-RP 44-33

Cisco implementation 44-1

configuring

basic multicast routing 44-10

IP multicast boundary 44-45

default configuration 44-8

enabling

multicast forwarding 44-11

PIM mode 44-12

group-to-RP mappings

Auto-RP 44-6

BSR 44-6

MBONE

deleting sdr cache entries 44-47

described 44-44

displaying sdr cache 44-48

enabling sdr listener support 44-44

limiting sdr cache entry lifetime 44-45

SAP packets for conference session announcement 44-44

Session Directory (sdr) tool, described 44-44

monitoring

packet rate loss 44-48

peering devices 44-48

tracing a path 44-48

multicast forwarding, described 44-7

PIMv1 and PIMv2 interoperability 44-9

reverse path check (RPF) 44-7

routing table

deleting 44-47

displaying 44-48

RP

assigning manually 44-23

configuring Auto-RP 44-25

configuring PIMv2 BSR 44-29

monitoring mapping information 44-34

using Auto-RP and BSR 44-33

statistics, displaying system and network 44-47

See also IGMP

See also PIM

IP packets, classification 34-6

IP Port Security for Static Hosts

on a Layer 2 access port 20-23

on a PVLAN host port 20-26

IP precedence

classification 34-8

values 34-6

IP protocols

routing 1-10

IP routes, monitoring 36-109

IP routing

connecting interfaces with 10-7

disabling 36-17

enabling 36-17

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 41-1

IP SLAs

benefits 41-2

CFM endpoint discovery 43-19

configuration guidelines 41-6

configuring object tracking 42-9

Control Protocol 41-4

default configuration 41-6

definition 41-1

ICMP echo operation 41-11

manually configuring CFM ping or jitter 43-17

measuring network performance 41-3

monitoring 41-13

multioperations scheduling 41-5

object tracking 42-9

operation 41-3

reachability tracking 42-9

responder

described 41-4

enabling 41-7

response time 41-4

scheduling 41-5

SNMP support 41-2

supported metrics 41-2

threshold monitoring 41-6

track object monitoring agent, configuring 42-11

track state 42-9

UDP jitter operation 41-8

IP source guard

and 802.1x 20-21

and DHCP snooping 20-19

and EtherChannels 20-21

and port security 20-21

and private VLANs 20-21

and routed ports 20-21

and TCAM entries 20-21

and trunk interfaces 20-21

and VRF 20-21

binding configuration

automatic 20-19

manual 20-19

binding table 20-19

configuration guidelines 20-21

default configuration 20-21

described 20-19

disabling 20-22

displaying

bindings 20-28

configuration 20-28

enabling 20-21, 20-23

filtering

source IP address 20-19

source IP and MAC address 20-20

source IP address filtering 20-19

source IP and MAC address filtering 20-20

static bindings

adding 20-21, 20-23

deleting 20-22

static hosts 20-23

IP traceroute

executing 46-15

overview 46-14

IP unicast routing

address resolution 36-7

administrative distances 36-97, 36-107

ARP 36-7

assigning IP addresses to Layer 3 interfaces 36-5

authentication keys 36-108

broadcast

address 36-14

flooding 36-15

packets 36-12

storms 36-12

classless routing 36-6

configuring static routes 36-97

default

addressing configuration 36-4

gateways 36-10

networks 36-98

routes 36-98

routing 36-2

directed broadcasts 36-12

disabling 36-17

dynamic routing 36-2

enabling 36-17

EtherChannel Layer 3 interface 36-3

IGP 36-23

inter-VLAN 36-2

IP addressing

classes 36-5

configuring 36-3

IPv6 37-2

IRDP 36-10

Layer 3 interfaces 36-3

MAC address and IP address 36-7

passive interfaces 36-106

proxy ARP 36-7

redistribution 36-99

reverse address resolution 36-7

routed ports 36-3

static routing 36-2

steps to configure 36-3

subnet mask 36-5

subnet zero 36-5

supernet 36-6

UDP 36-13

with SVIs 36-3

See also BGP

See also EIGRP

See also IS-IS

See also OSPF

See also RIP

IPv4 ACLs

applying to interfaces 32-19

extended, creating 32-10

named 32-14

standard, creating 32-9

IPv6

ACLs

displaying 39-8

limitations 39-3

matching criteria 39-3

port 39-2

precedence 39-2

router 39-2

supported 39-2

addresses 37-2

address formats 37-2

applications 37-5

assigning address 37-10

autoconfiguration 37-4

CEFv6 37-18

default configuration 37-9

default router preference (DRP) 37-4

defined 37-1

Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 37-6

Router ID 37-6

feature limitations 37-8

features not supported 37-8

forwarding 37-10

ICMP 37-4

neighbor discovery 37-4

OSPF 37-6

path MTU discovery 37-4

SDM templates 7-2, 38-1, 39-1

Stateless Autoconfiguration 37-4

supported features 37-2

switch limitations 37-8

understanding static routes 37-6

IPv6 traffic, filtering 39-3

IRDP

configuring 36-11

definition 36-10

support for 1-10

IS-IS

addresses 36-62

area routing 36-62

default configuration 36-63

monitoring 36-71

show commands 36-71

support for 1-10

system routing 36-62

ISL trunking with IEEE 802.1 tunneling 14-4

ISO CLNS

clear commands 36-71

dynamic routing protocols 36-62

monitoring 36-71

NETs 36-62

NSAPs 36-62

OSI standard 36-62

ISO IGRP

area routing 36-62

system routing 36-62

isolated port 13-2

isolated VLANs 13-2, 13-3

ITU-T Y.1731

See Y.1731

J

join messages, IGMP 22-3

K

KDC

described 8-32

See also Kerberos

keepalive command 10-17

keepalive messages 15-3

keepalive messages, default 10-17

Kerberos

authenticating to

boundary switch 8-34

KDC 8-34

network services 8-35

configuration examples 8-32

configuring 8-35

credentials 8-32

cryptographic software image 8-32

described 8-32

KDC 8-32

operation 8-34

realm 8-33

server 8-33

support for 1-8

switch as trusted third party 8-32

terms 8-33

TGT 8-34

tickets 8-32

key distribution center

See KDC

L

l2protocol-tunnel command 14-18

LACP

Layer 2 protocol tunneling 14-14

See EtherChannel

Layer 2 interfaces, default configuration 10-15

Layer 2 packets, classification 34-6

Layer 2 protocol packets, and control-plane security 33-2

Layer 2 protocol tunneling

configuring 14-15

configuring for EtherChannels 14-19

default configuration 14-16

defined 14-13

guidelines 14-16

layer-2 template 7-1

Layer 2 traceroute

and ARP 46-14

and CDP 46-13

broadcast traffic 46-13

described 46-13

IP addresses and subnets 46-14

MAC addresses and VLANs 46-13

multicast traffic 46-13

multiple devices on a port 46-14

unicast traffic 46-13

usage guidelines 46-13

Layer 3 features 1-9

Layer 3 interfaces

assigning IP addresses to 36-5

assigning IPv4 and IPv6 addresses to 37-13

assigning IPv6 addresses to 37-10

changing from Layer 2 mode 36-5, 36-87

types of 36-3

LDAP 4-2

Leaking IGMP Reports 19-4

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

Link Failure, detecting unidirectional 16-8

link integrity, verifying with REP 18-3

Link Layer Discovery Protocol

See CDP

link local unicast addresses 37-3

link monitoring, Ethernet OAM 43-31, 43-35

link redundancy

See Flex Links

links, unidirectional 26-1

link state advertisements (LSAs) 36-29

link-state tracking

configuration guidelines 35-24

configuring 35-24

described 35-22

LLDP

configuring 25-3

characteristics 25-4

default configuration 25-3

disabling and enabling

globally 25-5

on an interface 25-5

monitoring and maintaining 25-8

overview 25-1

supported TLVs 25-2

transmission timer and holdtime, setting 25-4

LLDP-MED

configuring 25-3

configuring TLVs 25-6

monitoring and maintaining 25-8

overview 25-1, 25-2

supported TLVs 25-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing 40-4

local SPAN 27-2

location TLV 25-3, 25-6

logging messages, ACL 32-8

login authentication

with RADIUS 8-23

with TACACS+ 8-14

login banners 5-17

log messages

See system message logging

loop guard

described 17-5

enabling 17-10

support for 1-6

M

MAC addresses

aging time 5-21

and VLAN association 5-20

building the address table 5-20

default configuration 5-21

disabling learning on a VLAN 5-30

discovering 5-31

displaying 5-31

displaying in the IP source binding table 20-28

dynamic

learning 5-20

removing 5-22

in ACLs 32-26

IP address association 36-7

static

adding 5-28

allowing 5-29, 5-30

characteristics of 5-27

dropping 5-29

removing 5-28

MAC address learning, disabling on a VLAN 5-30

MAC address notification, support for 1-11

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-7

description 19-6

monitoring 19-14

MAC address-to-VLAN mapping 12-23

MAC extended access lists

applying to Layer 2 interfaces 32-28

configuring for QoS 34-39

creating 32-26

defined 32-26

macros

See command macros

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

manageability features 1-3

management access

in-band

CLI session 1-4

SNMP 1-4

out-of-band console port connection 1-4

management options

CLI 2-1

CNS 4-1

overview 1-3

manual preemption, REP, configuring 18-13

marking

action with aggregate policers 34-51

described 34-2, 34-15

match command, QoS

for classification 34-3, 34-7

guidelines 34-40

matching, IPv4 ACLs 32-7

matching classifications, QoS 34-7

maximum aging time

MSTP 16-24

STP 15-22

maximum hop count, MSTP 16-24

maximum number of allowed devices, port-based authentication 9-14

maximum-paths command 36-50, 36-96

ME 34000EG-2CS switch policers 33-4

ME 3400E-24TS switch policers 33-4

ME 3400EG-12CS switch policers 33-4

media-type command 10-20

membership mode, VLAN port 12-5

MEPs

and STP 43-4

defined 43-3

messages

Ethernet OAM 43-32

to users through banners 5-17

metrics, in BGP 36-50

metric translations, between routing protocols 36-102

metro tags 14-2

MHSRP 40-4

MIBs

accessing files with FTP A-3

location of files A-3

overview 30-1

SNMP interaction with 30-4

supported A-1

MIPs

and STP 43-4

defined 43-4

mirroring traffic for analysis 27-1

mismatches, autonegotiation 46-8

modular QoS command-line interface

See MQC

module number 10-8

monitoring

access groups 32-39

BGP 36-61

cables for unidirectional links 26-1

CDP 24-5

CEF 36-96

control-plane security 33-7

EIGRP 36-41

E-LMI 43-51

Ethernet CFM 43-29, 43-30

Ethernet OAM 43-41

Ethernet OAM protocol 43-41

features 1-11

Flex Links 19-14

HSRP 40-12

IEEE 802.1Q tunneling 14-23

IGMP

filters 22-29

snooping 22-14, 38-12

interfaces 10-28

IP

address tables 36-16

multicast routing 44-47

routes 36-109

IP SLAs operations 41-13

IPv4 ACL configuration 32-39

IPv6 ACL configuration 39-8

IS-IS 36-71

ISO CLNS 36-71

Layer 2 protocol tunneling 14-23

MAC address-table move update 19-14

MSDP peers 45-17

multicast router interfaces 22-15, 38-12

multi-VRF CE 36-94

MVR 22-23

network traffic for analysis with probe 27-2

OAM manager 43-51

object tracking 42-12

OSPF 36-34

port

blocking 23-17

protection 23-17

private VLANs 13-14

QoS 34-80

REP 18-14

RP mapping information 44-34

SFPs

status 10-29

SFP status 1-11, 46-9

source-active messages 45-17

speed and duplex mode 10-20

SSM mapping 44-23

traffic flowing among switches 28-1

traffic suppression 23-17

tunneling 14-23

VLAN

filters 32-39

maps 32-39

VLANs 12-14

VMPS 12-28

MQC

process 34-3

steps to configure 34-3

mrouter Port 19-3

mrouter port 19-5

MSDP

benefits of 45-3

clearing MSDP connections and statistics 45-17

controlling source information

forwarded by switch 45-11

originated by switch 45-8

received by switch 45-13

default configuration 45-3

dense-mode regions

sending SA messages to 45-15

specifying the originating address 45-16

filtering

incoming SA messages 45-13

SA messages to a peer 45-11

SA requests from a peer 45-10

join latency, defined 45-6

meshed groups

configuring 45-14

defined 45-14

originating address, changing 45-16

overview 45-1

peer-RPF flooding 45-2

peers

configuring a default 45-4

monitoring 45-17

peering relationship, overview 45-1

requesting source information from 45-7

shutting down 45-15

source-active messages

caching 45-6

clearing cache entries 45-18

defined 45-2

filtering from a peer 45-10

filtering incoming 45-13

filtering to a peer 45-11

limiting data with TTL 45-12

monitoring 45-17

restricting advertised sources 45-8

support for 1-10

MSTP

boundary ports

configuration guidelines 16-15

described 16-6

BPDU filtering

described 17-3

enabling 17-8

BPDU guard

described 17-3

enabling 17-7

CIST, described 16-3

CIST regional root

CIST root 16-5

configuration guidelines 16-15, 17-6

configuring

forward-delay time 16-23

hello time 16-23

link type for rapid convergence 16-25

maximum aging time 16-24

maximum hop count 16-24

MST region 16-16

neighbor type 16-25

path cost 16-21

port priority 16-19

root switch 16-17

secondary root switch 16-18

switch priority 16-22

CST

defined 16-3

operations between regions 16-3

default configuration 16-14

default optional feature configuration 17-5

displaying status 16-27

enabling the mode 16-16

EtherChannel guard

described 17-3

enabling 17-9

extended system ID

effects on root switch 16-17

effects on secondary root switch 16-18

unexpected behavior 16-17

IEEE 802.1s

implementation 16-6

port role naming change 16-7

instances supported 15-10

interface state, blocking to forwarding 17-2

interoperability and compatibility among modes 15-10

interoperability with 802.1D

described 16-8

restarting migration process 16-26

IST

defined 16-2

master 16-3

operations within a region 16-3

loop guard

described 17-5

enabling 17-10

mapping VLANs to MST instance 16-16

MST region

CIST 16-3

configuring 16-16

described 16-2

hop-count mechanism 16-5

IST 16-2

supported spanning-tree instances 16-2

optional features supported 1-5

overview 16-2

Port Fast

described 17-2

enabling 17-6

preventing root switch selection 17-4

root guard

described 17-4

enabling 17-10

root switch

configuring 16-17

effects of extended system ID 16-17

unexpected behavior 16-17

shutdown Port Fast-enabled port 17-3

status, displaying 16-27

multicast Ethernet loopback (ETH-LB) 43-23

multicast Ethernet loopback, using 43-28

multicast groups

Immediate Leave 22-5

leaving 22-5

static joins 22-8, 38-8

multicast packets

ACLs on 32-38

multicast router interfaces, monitoring 22-15, 38-12

multicast router ports, adding 22-7, 38-9

Multicast Source Discovery Protocol

See MSDP

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 22-16

multicast VLAN 22-15

Multicast VLAN Registration

See MVR

multioperations scheduling, IP SLAs 41-5

Multiple HSRP

See MHSRP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example 36-90

configuration guidelines 36-84

configuring 36-83

default configuration 36-84

defined 1-17, 36-81

displaying 36-94

monitoring 36-94

network components 36-83

packet-forwarding process 36-83

support for 1-10

MVR

and address aliasing 22-19

and IGMPv3 22-19

configuration guidelines 22-18

configuring interfaces 22-21

default configuration 22-18

described 22-15

example application 22-16

in the switch stack 22-18

modes 22-20

monitoring 22-23

multicast television application 22-16

setting global parameters 22-19

support for 1-3

MVRoT, guidelines 22-18

MVR over trunk ports

See MVRoT

N

named IPv4 ACLs 32-14

named IPv6 ACLs 39-3

NameSpace Mapper

See NSM

native VLAN

and IEEE 802.1Q tunneling 14-4

configuring 12-19

default 12-19

NEAT

configuring 9-25

overview 9-10

neighbor discovery, IPv6 37-4

neighbor discovery/recovery, EIGRP 36-35

neighbor offset numbers, REP 18-4

neighbors, BGP 36-56

Network Edge Access Topology

See NEAT

network management

CDP 24-1

RMON 28-1

SNMP 30-1

network node interface

See NNI

network performance, measuring with IP SLAs 41-3

network policy TLV 25-7

Network Time Protocol

See NTP

NNI

configuring 10-17

described 10-2

protocol control packets on 33-1

no commands 2-4

non-IP traffic filtering 32-26

Nonstop Forwarding Awareness

See NSF Awareness

nontrunking mode 12-15

normal-range VLANs

characteristics 12-3

configuring 12-7

defined 12-1

no switchport command 10-5

not-so-stubby areas

See NSSA

NSAPs, as ISO IGRP addresses 36-62

NSF Awareness

BGP 36-46

EIGRP 36-37

IS-IS 36-64

OSPF 36-25

NSM 4-3

NSSA, OSPF 36-29

NTP

associations

authenticating 5-4

defined 5-2

enabling broadcast messages 5-6

peer 5-5

server 5-5

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

support for 1-4

synchronizing devices 5-5

time

services 5-2

synchronizing 5-2

O

OAM

client 43-31

features 43-31

sublayer 43-31

OAM manager

and E-LMI 43-45

configuration guidelines 43-46

configuring 43-47, 43-53

monitoring 43-51

purpose of 43-45

with CFM 43-46

with CFM and Ethernet OAM 43-52

OAM PDUs 43-33

OAM protocol data units 43-31

OBFL

configuring 46-22

described 46-22

displaying 46-23

object tracking

HSRP 42-7

IP SLAs 42-9

IP SLAs, configuring 42-9

monitoring 42-12

on-board failure logging

See OBFL

online diagnostics

described 47-1

overview 47-1

running tests 47-5

Open Shortest Path First

See OSPF

optimizing system resources 7-1

options, management 1-3

OSPF

area parameters, configuring 36-29

configuring 36-25

default configuration

metrics 36-31

route 36-31

settings 36-24

described 36-23

for IPv6 37-6

interface parameters, configuring 36-26

LSA group pacing 36-32

monitoring 36-34

network types, configuring 36-28

router IDs 36-33

route summarization 36-31

support for 1-10

virtual links 36-31

output policies 34-5

output policy maps

classification criteria 34-5

configuration guidelines 34-62

configuring 34-62

displaying statistics 34-80

P

packet classification

defined 34-6

to organize traffic 34-2

packet marking

configuring 34-55

defined 34-21

packet policing, for QoS 34-2

PAgP

Layer 2 protocol tunneling 14-14

See EtherChannel

parallel paths, in routing tables 36-96

parent policies, QoS 34-13, 34-28

passive interfaces

configuring 36-106

OSPF 36-31

passwords

default configuration 8-2

disabling recovery of 8-5

encrypting 8-3

for security 1-7

overview 8-1

recovery of 46-3

setting

enable 8-3

enable secret 8-3

Telnet 8-6

with usernames 8-6

path cost

MSTP 16-21

STP 15-19

path MTU discovery 37-4

PBR

defined 36-102

enabling 36-104

fast-switched policy-based routing 36-105

local policy-based routing 36-105

peers, BGP 36-56

percentage thresholds in tracked lists 42-6

performance features 1-2

periodic data collection and transfer mechanism 30-6

per-port, per-VLAN policy maps, configuration guidelines 34-57

per-port facility loopback

defined 43-41

per-port per VLAN policing 34-12, 34-57

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring 36-90

physical ports 10-3

PIM

default configuration 44-8

dense mode

overview 44-4

rendezvous point (RP), described 44-4

RPF lookups 44-8

displaying neighbors 44-48

enabling a mode 44-12

overview 44-3

router-query message interval, modifying 44-37

shared tree and source tree, overview 44-34

shortest path tree, delaying the use of 44-36

sparse mode

join messages and shared tree 44-4

overview 44-4

prune messages 44-4

RPF lookups 44-8

stub routing

configuration guidelines 44-12

enabling 44-13

overview 44-5

support for 1-1, 1-10

versions

interoperability 44-9

troubleshooting interoperability problems 44-34

v2 improvements 44-3

ping

executing 46-10

overview 46-10

police aggregate command 34-54

police command, with individual policers 34-45, 34-59

policer aggregate command 34-51

policer configuration

default for ENIs and UNIs 33-4

default for NNIs 33-6

policers

configuring for more than one traffic class 34-51

described 34-2

policing

aggregate in input policy maps 34-17

described 34-2

individual in input policy maps 34-16

priority in output policy maps 34-20

QoS 34-15

policy-based routing

See PBR

policy-map command 34-3

policy-map marking, configuration guidelines 34-55

policy maps

attaching 34-4, 34-44

configuration examples 34-81

described 34-16

input

configuring 34-44

described 34-4

output

configuring 34-62

described 34-4

port ACLs

defined 32-2

types of 32-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-5

authentication server

defined 9-3

RADIUS server 9-3

client, defined 9-2

configuration guidelines 9-13

configuring

802.1x authentication 9-16

host mode 9-22

manual re-authentication of a client 9-19

periodic re-authentication 9-18

quiet period 9-19

RADIUS server 9-18

RADIUS server parameters on the switch 9-17

switch-to-client frame-retransmission number 9-21

switch-to-client retransmission time 9-20

violation mode 9-8

violation modes9-15to 9-16

default configuration 9-12

described 9-1

device roles 9-2

displaying statistics 9-27

EAPOL-start frame 9-3

EAP-request/identity frame 9-3

EAP-response/identity frame 9-3

encapsulation 9-3

host mode 9-6

initiation and message exchange 9-3

maximum number of allowed devices per port 9-14

method lists 9-16

multiple-hosts mode, described 9-6

ports

authorization state and dot1x port-control command 9-4

authorized and unauthorized 9-4

port security

described 9-7

interactions 9-7

multiple-hosts mode 9-6

readiness check

configuring 9-14

described 9-7, 9-14

resetting to default values 9-23

statistics, displaying 9-27

switch

as proxy 9-3

RADIUS client 9-3

switch supplicant

configuring 9-25

overview 9-10

user distribution

guidelines 9-9

overview 9-9

VLAN assignment

AAA authorization 9-16

characteristics 9-8

configuration tasks 9-9

described 9-8

port blocking 1-2, 23-6

port-channel

See EtherChannel

Port Fast

described 17-2

enabling 17-6

support for 1-5

port membership modes, VLAN 12-4

port priority

MSTP 16-19

STP 15-17

ports

access 10-4

blocking 23-6

dual-purpose 10-6

dynamic access 12-5

IEEE 802.1Q tunnel 12-5

protected 23-5

REP 18-6

routed 10-5

secure 23-8

static-access 12-5, 12-11

switch 10-3

trunks 12-5, 12-15

VLAN assignments 12-11

port security

aging 23-15

and private VLANs 23-16

configuration guidelines 23-10

configuring 23-11

default configuration 23-10

described 23-8

displaying 23-17

enabling 23-16

on trunk ports 23-12

sticky learning 23-9

violations 23-9

with other features 23-10

port shaping

configuring 34-66

described 34-27

port-shutdown response, VMPS 12-24

port types 10-2

power 25-7

power management TLV 25-7

preempt delay time, REP 18-5

preemption, default configuration 19-7

preemption delay, default configuration 19-7

preferential treatment of traffic

See QoS

prefix lists, BGP 36-54

preventing unauthorized access 8-1

primary edge port, REP 18-4

primary interface for object tracking, DHCP, configuring 42-11

primary interface for static routing, configuring 42-10

primary links 19-2

primary VLANs 13-1, 13-3

priority

HSRP 40-7

priority command 34-20

configuring strict priority queuing 34-67

for QoS scheduling 34-26

for strict priority queuing 34-30

priority policing, described 34-20

priority queues

configuring 34-67

described 34-30

for QoS scheduling 34-26

priority with police

commands 34-20

configuring 34-69

described 34-30

priority with unconditional policing, QoS 34-26

private VLANs

across multiple switches 13-4

and SVIs 13-5

and UNI VLANs 12-13

benefits of 13-1

community ports 13-3

community VLANs 13-2, 13-3

configuration guidelines 13-6, 13-7, 13-8

configuration tasks 13-6

configuring 13-9

default configuration 13-6

end station access to 13-3

IP addressing 13-4

isolated port 13-2

isolated VLANs 13-2, 13-3

mapping 13-13

monitoring 13-14

ports

community 13-3

configuration guidelines 13-8

configuring host ports 13-11

configuring promiscuous ports 13-12

described 12-5

isolated 13-2

promiscuous 13-2

primary VLANs 13-1, 13-3

promiscuous ports 13-2

secondary VLANs 13-2

subdomains 13-1

traffic in 13-5

privileged EXEC mode 2-2

privilege levels

changing the default for lines 8-9

exiting 8-9

logging into 8-9

overview 8-2, 8-7

setting a command with 8-8

promiscuous ports

configuring 13-12

defined 13-2

protected ports 23-5

protocol control packets 33-1

protocol-dependent modules, EIGRP 36-35

Protocol-Independent Multicast Protocol

See PIM

provider edge devices 1-17, 36-82

proxy ARP

configuring 36-9

definition 36-7

with IP routing disabled 36-10

proxy reports 19-3

PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Q

QinQ

See IEEE 802.1Q tunneling

QoS

aggregate policers 34-17

and MQC 34-1

basic model 34-2

CBWFQ 34-28

CBWFQ, configuring 34-63

class-based shaping, described 34-27

classification

ACL lookup 34-11

based on CoS value 34-8

based on DSCP 34-8

based on IP precedence 34-8

based on QoS group 34-11

based on VLAN IDs 34-12, 34-57

class maps, described 34-7

comparisons 34-10

criteria 34-6

in frames and packets 34-6

policy maps, described 34-16

class maps, configuration guidelines 34-40

class maps, configuring 34-40

configuration examples

adding customers 34-83

adding or deleting a class 34-86

adding or deleting classification criteria 34-83, 34-84

adding or deleting configured actions 34-85

changing queuing or scheduling parameters 34-84

configuration guidelines

aggregate policers 34-51

CBWFQ 34-63

class-based shaping 34-65

class maps 34-40

general 34-35

individual policers 34-45

input policy maps 34-44

marking 34-55

output policy maps 34-62

unconditional priority policing 34-69

WTD 34-72

configuring

aggregate policers 34-51

class-based shaping 34-65

classification with IP ACLs 34-37

class maps 34-40, 34-41

individual policers 34-46

individual policing 34-45, 34-59

input policy maps with marking 34-55

IP ACLs 34-37

MAC ACLs 34-39

output policy maps 34-62

port shaping 34-66

priority queues 34-67

queue size 34-32

requirements 34-35

service policies 34-44

strict priority queuing 34-67

table maps 34-43

unconditional priority policing 34-69

WTD 34-71, 34-72

congestion avoidance 34-2, 34-32

congestion management 34-2, 34-26

CPU-generated traffic

configuring output policy classification criteria 34-5

configuring QoS group number 34-12

configuring queue-limit 34-72

output remarking 34-6

default configuration 34-35

initial configuration example 34-81

input policy maps

configuring 34-44

described 34-5

IP packet classification 34-6

Layer 2 packet classification 34-6

Layer 3 packet classification 34-6

marking, described 34-2

match command 34-7

output policy maps

configuring 34-63

described 34-5

overview 34-1

packet classification 34-2

packet marking 34-21

packet policing 34-2

parent-child hierarchy 34-13, 34-28

per-port, per-VLAN hierarchical policy maps

described 34-12

policers

configuring 34-47, 34-53, 34-70

described 34-15

policing

aggregate 34-17

described 34-2, 34-15

individual 34-16

priority 34-20

policy maps

attaching 34-44

attaching to an interface 34-19

displaying statistics 34-80

port shaping, described 34-27

preconfiguration 34-35

priority policing, described 34-20

priority with police 34-30

queue size 34-32

scheduling 34-26

CBWFQ 34-26

priority queuing 34-26

traffic shaping 34-26

strict priority queuing 34-30

supported table maps 34-15

support for 1-8

table maps 34-14

testing 34-80

traffic shaping, described 34-26

unconditional priority policing 34-30

WTD 34-32

QoS groups

classification 34-11, 34-12, 34-57

described 34-5, 34-11

QoS information, displaying 34-80

quality of service

See QoS

queries, IGMP 22-3

query solicitation, IGMP 22-11

queue bandwidth and queue size, relationship 34-34

queue-limit command, QoS 34-32, 34-33, 34-71

queue size, QoS, managing 34-32

R

RADIUS

attributes

vendor-proprietary 8-30

vendor-specific 8-29

configuring

accounting 8-28

authentication 8-23

authorization 8-27

communication, global 8-21, 8-29

communication, per-server 8-20, 8-21

multiple UDP ports 8-21

default configuration 8-20

defining AAA server groups 8-25

displaying the configuration 8-31

identifying the server 8-20

limiting the services to the user 8-27

method list, defined 8-20

operation of 8-19

overview 8-17

server load balancing 8-31

suggested network environments 8-18

support for 1-8

tracking services accessed by user 8-28

range

macro 10-10

of interfaces 10-9

rapid convergence 16-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Rapid Spanning Tree Protocol

See RSTP

RARP 36-7

rate-limiting threshold, CPU protection 33-6

RCP

configuration files

downloading B-17

overview B-15

preparing the server B-16

uploading B-18

image files

deleting old image B-35

downloading B-33

preparing the server B-32

uploading B-35

reachability, tracking IP SLAs IP host 42-9

readiness check

port-based authentication

configuring 9-14

described 9-7, 9-14

reconfirmation interval, VMPS, changing 12-27

reconfirming dynamic VLAN membership 12-27

recovery procedures 46-1

redundancy

EtherChannel 35-3

HSRP 40-1

STP

backbone 15-8

path cost 12-21

port priority 12-20

reliable transport protocol, EIGRP 36-35

reloading software 3-22

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

remote failure indications 43-32

remote failure indications, Ethernet OAM 43-37

remote loopback, Ethernet OAM 43-32, 43-34

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-2

REP

administrative VLAN 18-8

administrative VLAN, configuring 18-8

age timer 18-8

and STP 18-6

configuration guidelines 18-7

configuring interfaces 18-9

convergence 18-4

default configuration 18-7

manual preemption, configuring 18-13

monitoring 18-14

neighbor offset numbers 18-4

open segment 18-2

ports 18-6

preempt delay time 18-5

primary edge port 18-4

ring segment 18-2

secondary edge port 18-4

segments 18-1

characteristics 18-2

SNMP traps, configuring 18-13

supported interfaces 18-1

triggering VLAN load balancing 18-5

verifying link integrity 18-3

VLAN blocking 18-12

VLAN load balancing 18-4

report suppression, IGMP

described 22-6

disabling 22-14, 38-12

resequencing ACL entries 32-14

reserved addresses in DHCP pools 20-17

resets, in BGP 36-49

resetting a UDLD-shutdown interface 26-6

Resilient Ethernet Protocol

See REP

responder, IP SLAs

described 41-4

enabling 41-7

response time, measuring with IP SLAs 41-4

restricting access

NTP services 5-8

overview 8-1

passwords and privilege levels 8-2

RADIUS 8-17

TACACS+ 8-10

retry count, VMPS, changing 12-27

reverse address resolution 36-7

Reverse Address Resolution Protocol

See RARP

RFC

1112, IP multicast and IGMP 22-2

1157, SNMPv1 30-2

1305, NTP 5-2

1587, NSSAs 36-23

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 22-2

2273-2275, SNMPv3 30-2

2475, DSCP 34-9

2597, AF per-hop behavior 34-9

2598, EF 34-9

RIP

advertisements 36-18

authentication 36-20

configuring 36-19

default configuration 36-18

described 36-18

for IPv6 37-6

hop counts 36-18

summary addresses 36-21

support for 1-10

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-5

collecting group history 28-5

support for 1-11

root guard

described 17-4

enabling 17-10

support for 1-6

root switch

MSTP 16-17

STP 15-15

route calculation timers, OSPF 36-31

route dampening, BGP 36-60

routed packets, ACLs on 32-37

routed ports

configuring 36-3

defined 10-5

IP addresses on 10-25, 36-3

route-map command 36-104

route maps

BGP 36-52

policy-based routing 36-103

router ACLs

defined 32-2

types of 32-4

route reflectors, BGP 36-59

router ID, OSPF 36-33

route selection, BGP 36-50

route summarization, OSPF 36-31

route targets, VPN 36-83

routing

default 36-2

dynamic 36-2

IPv6 traffic 37-2

redistribution of information 36-99

static 36-2

routing domain confederation, BGP 36-59

Routing Information Protocol

See RIP

routing protocol administrative distances 36-97

RSPAN

characteristics 27-7

configuration guidelines 27-16

default configuration 27-9

defined 27-2

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-11, 27-1

received traffic 27-4

session limits 27-10

sessions

creating 27-17

defined 27-3

limiting source traffic to specific VLANs 27-21

specifying monitored ports 27-17

with ingress traffic enabled 27-20

source ports 27-5

transmitted traffic 27-5

VLAN-based 27-6

RSPAN VLANs, and UNI VLANs 12-13

RSTP

active topology 16-9

BPDU

format 16-12

processing 16-13

designated port, defined 16-9

designated switch, defined 16-9

interoperability with 802.1D

described 16-8

restarting migration process 16-26

topology changes 16-13

overview 16-8

port roles

described 16-9

synchronized 16-11

proposal-agreement handshake process 16-10

rapid convergence

described 16-10

edge ports and Port Fast 16-10

point-to-point links 16-10, 16-25

root ports 16-10

root port, defined 16-9

See also MSTP

running configuration

replacing B-19, B-20

rolling back B-19, B-20

running configuration, saving 3-15

S

scheduled reloads 3-22

scheduling, IP SLAs operations 41-5

scheduling, QoS 34-26

SCP

and SSH 8-41

configuring 8-41

SDM

described 7-1

templates

configuring 7-4

number of 7-1

SDM template

configuration guidelines 7-4

configuring 7-3

default 7-1

dual IPv4 and IPv6 7-2

layer 2 7-1

types of 7-1

secondary edge port, REP 18-4

secondary VLANs 13-2

Secure Copy Protocol

secure MAC addresses

deleting 23-14

maximum number of 23-9

types of 23-8

secure ports, configuring 23-8

secure remote connections 8-37

Secure Shell

See SSH

security, port 23-8

security features 1-7

See SCP

sequence numbers in log messages 29-8

service-policy command

attaching policy maps 34-4

guidelines 34-62

using 34-44

service-provider network, MSTP and RSTP 16-1

service-provider networks

and customer VLANs 14-2

and IEEE 802.1Q tunneling 14-1

Layer 2 protocols across 14-13

Layer 2 protocol tunneling for EtherChannels 14-14

set command

for QoS marking 34-21

guidelines 34-55

set-request operation 30-4

severity levels, defining in system messages 29-8

SFPs

monitoring status of 1-11, 10-29, 46-9

security and identification 46-8

status, displaying 1-11

shape average command, QoS 34-26, 34-27, 34-65

shaped round robin

See SRR

show access-lists hw-summary command 32-21

show and more command output, filtering 2-8

show cdp traffic command 24-5

show configuration command 10-24

show forward command 46-19

show interfaces command 10-20, 10-24

show interfaces switchport 19-4

show l2protocol command 14-18, 14-20, 14-21

show lldp traffic command 25-8

show platform forward command 46-19

show running-config command

displaying ACLs 32-19, 32-31, 32-33

interface description in 10-24

shutdown command on interfaces 10-30

shutdown threshold for Layer 2 protocol packets 14-16

Simple Network Management Protocol

See SNMP

single session ID 9-11

SMNP traps, and CFM 43-5

SNAP 24-1

SNMP

accessing MIB variables with 30-4

agent

described 30-4

disabling 30-8

and IP SLAs 41-2

authentication level 30-11

community strings

configuring 30-8

overview 30-4

configuration examples 30-21

default configuration 30-7

engine ID 30-7

groups 30-7, 30-10

host 30-7

ifIndex values 30-5

in-band management 1-4

informs

and trap keyword 30-12

described 30-5

differences from traps 30-5

disabling 30-16

enabling 30-16

limiting access by TFTP servers 30-17

limiting system log messages to NMS 29-10

manager functions 1-3, 30-3

MIBs

location of A-3

supported A-1

notifications 30-5

overview 30-1, 30-4

security levels 30-3

setting CPU threshold notification 30-16

status, displaying 30-23

system contact and location 30-17

trap manager, configuring 30-14

traps

described 30-4, 30-5

differences from informs 30-5

disabling 30-16

enabling 30-12

enabling MAC address notification 5-22, 5-24, 5-26

overview 30-1, 30-4

types of 30-13

users 30-7, 30-10

versions supported 30-2

SNMP and Syslog Over IPv6 37-7

SNMP traps

REP 18-13

SNMPv1 30-2

SNMPv2C 30-2

SNMPv3 30-3

snooping, IGMP 22-1

software images

location in flash B-23

recovery procedures 46-2

scheduling reloads 3-22

tar file format, described B-24

See also downloading and uploading

source addresses

in IPv6 ACLs 39-5

source addresses, in IPv4 ACLs 32-11

source-and-destination-IP address based forwarding, EtherChannel 35-8

source-and-destination MAC address forwarding, EtherChannel 35-8

source-IP address based forwarding, EtherChannel 35-8

source-MAC address forwarding, EtherChannel 35-7

Source-specific multicast

See SSM

SPAN

configuration guidelines 27-10

default configuration 27-9

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-11, 27-1

ports, restrictions 23-11

received traffic 27-4

session limits 27-10

sessions

configuring ingress forwarding 27-14, 27-21

creating 27-11

defined 27-3

limiting source traffic to specific VLANs 27-15

removing destination (monitoring) ports 27-12

specifying monitored ports 27-11

with ingress traffic enabled 27-13

source ports 27-5

traffic 27-4

transmitted traffic 27-5

VLAN-based 27-6

spanning tree and native VLANs 12-16

Spanning Tree Protocol

See STP

speed, configuring on interfaces 10-18

SRR, support for 1-9

SSH

configuring 8-38

cryptographic software image 8-37

described 1-4, 8-37

encryption methods 8-38

user authentication methods, supported 8-38

SSM

address management restrictions 44-17

CGMP limitations 44-17

components 44-15

configuration guidelines 44-16

configuring 44-14, 44-17

differs from Internet standard multicast 44-15

IGMP snooping 44-17

IGMPv3 44-15

IGMPv3 Host Signalling 44-16

IP address range 44-15

monitoring 44-17

operations 44-15

PIM 44-15

state maintenance limitations 44-17

SSM mapping

configuration guidelines 44-18

configuring 44-18, 44-20

defined 44-18

DNS-based 44-19, 44-21

monitoring 44-23

overview 44-19

restrictions 44-18

static 44-19, 44-21

static traffic forwarding 44-22

standby ip command 40-6

standby links 19-2

standby router 40-1

standby timers, HSRP 40-10

startup configuration

booting

manually 3-19

specific image 3-19

clearing B-19

configuration file

automatically downloading 3-18

specifying the filename 3-18

default boot configuration 3-18

static access ports

assigning to VLAN 12-11

defined 10-4, 12-5

static addresses

See addresses

static IP routing 1-10

static MAC addressing 1-8

static route primary interface, configuring 42-10

static routes

understanding 37-6

static routes, configuring 36-97

static routing 36-2

static SSM mapping 44-19, 44-21

static traffic forwarding 44-22

static VLAN membership 12-2

statistics

802.1x 9-27

CDP 24-5

interface 10-29

IP multicast routing 44-47

LLDP 25-8

LLDP-MED 25-8

OSPF 36-34

RMON group Ethernet 28-5

RMON group history 28-5

SNMP input and output 30-23

sticky learning 23-9

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-17

support for 1-2

thresholds 23-1

STP

and REP 18-6

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

BPDU message exchange 15-3

configuration guidelines 15-12, 17-6

configuring

forward-delay time 15-22

hello time 15-21

maximum aging time 15-22

path cost 15-19

port priority 15-17

root switch 15-15

secondary root switch 15-17

spanning-tree mode 15-14

switch priority 15-20

counters, clearing 15-23

default configuration 15-11

default optional feature configuration 17-5

designated port, defined 15-4

designated switch, defined 15-4

disabling 15-15

displaying status 15-23

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

extended system ID

effects on root switch 15-15

effects on the secondary root switch 15-17

overview 15-4

unexpected behavior 15-16

features supported 1-5

IEEE 802.1D and bridge ID 15-4

IEEE 802.1D and multicast addresses 15-9

IEEE 802.1t and VLAN identifier 15-4

inferior BPDU 15-3

instances supported 15-10

interface state, blocking to forwarding 17-2

interface states

blocking 15-6

disabled 15-7

forwarding 15-6, 15-7

learning 15-7

listening 15-6

overview 15-4

interoperability and compatibility among modes 15-10

keepalive messages 15-3

Layer 2 protocol tunneling 14-13

limitations with 802.1Q trunks 15-11

load sharing

overview 12-19

using path costs 12-21

using port priorities 12-20

loop guard

described 17-5

enabling 17-10

modes supported 15-9

multicast addresses, effect of 15-9

optional features supported 1-5

overview 15-2

path costs 12-21, 12-22

Port Fast

described 17-2

enabling 17-6

port priorities 12-20

preventing root switch selection 17-4

protocols supported 15-9

redundant connectivity 15-8

root guard

described 17-4

enabling 17-10

root port, defined 15-3

root switch

configuring 15-15

effects of extended system ID 15-4, 15-15

election 15-3

unexpected behavior 15-16

status, displaying 15-23

superior BPDU 15-3

timers, described 15-21

stratum, NTP 5-2

strict priority queuing 34-67

configuration guidelines 34-67

configuring 34-68

defined 34-30

QoS 34-30

stub areas, OSPF 36-29

stub routing, EIGRP 36-40

subdomains, private VLAN 13-1

subnet mask 36-5

subnet zero 36-5

success response, VMPS 12-24

summer time 5-13

SunNet Manager 1-3

supernet 36-6

SVIs

and IP unicast routing 36-3

and router ACLs 32-4

connecting VLANs 10-7

defined 10-5

routing between VLANs 12-2

S-VLAN 14-7

switch 37-2

switch console port 1-4

Switch Database Management

See SDM

switched packets, ACLs on 32-37

Switched Port Analyzer

See SPAN

switched ports 10-3

switchport backup interface 19-4, 19-5

switchport block multicast command 23-7

switchport block unicast command 23-7

switchport command 10-15

switchport mode dot1q-tunnel command 14-6

switchport protected command 23-6

switch priority

MSTP 16-22

STP 15-20

switch software features 1-1

switch virtual interface

See SVI

synchronization, BGP 36-46

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-2

See also NTP

system message logging

default configuration 29-3

defining error message severity levels 29-8

disabling 29-4

displaying the configuration 29-13

enabling 29-4

facility keywords, described 29-13

level keywords, described 29-9

limiting messages 29-10

message format 29-2

overview 29-1

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

synchronizing log messages 29-6

syslog facility 1-11

time stamps, enabling and disabling 29-7

UNIX syslog servers

configuring the daemon 29-12

configuring the logging facility 29-12

facilities supported 29-13

system MTU

and IEEE 802.1Q tunneling 14-5

and IS-IS LSPs 36-67

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-15

system resources, optimizing 7-1

system routing

IS-IS 36-62

ISO IGRP 36-62

System-to-Intermediate System Protocol

See IS-IS

T

table maps

default actions 34-14

described 34-14

for QoS marking 34-21

QoS, configuring 34-43

types of 34-15

TACACS+

accounting, defined 8-11

authentication, defined 8-11

authorization, defined 8-11

configuring

accounting 8-16

authentication key 8-13

authorization 8-16

login authentication 8-14

default configuration 8-13

displaying the configuration 8-17

identifying the server 8-13

limiting the services to the user 8-16

operation of 8-12

overview 8-10

support for 1-8

tracking services accessed by user 8-16

tagged packets

IEEE 802.1Q 14-3

Layer 2 protocol 14-13

tar files

creating B-6

displaying the contents of B-6

extracting B-7

image file format B-24

TCL script, registering and defining with embedded event manager 31-7

TDR 1-11

Telnet

accessing management interfaces 2-9

number of connections 1-4

setting a password 8-6

templates

Ethernet OAM 43-38

SDM 7-2

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 8-6

terminal loopback

defined 43-41

TFTP

configuration files

downloading B-11

preparing the server B-10

uploading B-11

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting B-27

downloading B-26

preparing the server B-25

uploading B-27

limiting access by servers 30-17

TFTP server 1-3

threshold, traffic level 23-2

threshold monitoring, IP SLAs 41-6

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32-16

time ranges in ACLs 32-16

time stamps in log messages 29-7

time-to-live 36-15

time zones 5-12

TLVs

defined 25-1

LLDP 25-2

LLDP-MED 25-2

traceroute, Layer 2

and ARP 46-14

and CDP 46-13

broadcast traffic 46-13

described 46-13

IP addresses and subnets 46-14

MAC addresses and VLANs 46-13

multicast traffic 46-13

multiple devices on a port 46-14

unicast traffic 46-13

usage guidelines 46-13

traceroute command 46-15

See also IP traceroute

tracked lists

configuring 42-3

types 42-3

tracked objects

by Boolean expression 42-3

by threshold percentage 42-6

by threshold weight 42-5

tracking interface line-protocol state 42-2

tracking IP routing state 42-2

tracking objects 42-1

tracking process 42-1

track state, tracking IP SLAs 42-9

traffic

blocking flooded 23-7

fragmented 32-5

fragmented IPv6 39-2

unfragmented 32-5

traffic class, defined 34-3

traffic classification, typical values 34-10

traffic marking 34-21

traffic policies, elements in 34-3

traffic shaping

for QoS scheduling 34-26

QoS traffic control 34-26

traffic suppression 23-1

trap-door mechanism 3-2

traps

configuring MAC address notification 5-22, 5-24, 5-26

configuring managers 30-12

defined 30-4

enabling 5-22, 5-24, 5-26, 30-12

notification types 30-13

overview 30-1, 30-4

troubleshooting

connectivity problems 46-9, 46-13, 46-14

detecting unidirectional links 26-1

displaying crash information 46-21

PIMv1 and PIMv2 interoperability problems 44-34

setting packet forwarding 46-19

SFP security and identification 46-8

show forward command 46-19

with CiscoWorks 30-4

with debug commands 46-17

with ping 46-10

with system message logging 29-1

with traceroute 46-14

trunk failover

See link-state tracking

trunking encapsulation 1-6

trunk ports

configuring 12-17

defined 10-4, 12-5

trunks

allowed-VLAN list 12-18

load sharing

setting STP path costs 12-21

using STP port priorities 12-20

native VLAN for untagged traffic 12-19

parallel 12-21

tunneling

defined 14-1

IEEE 802.1Q 14-1

Layer 2 protocol 14-13

tunnel ports

defined 12-5

described 10-4, 14-1

IEEE 802.1Q, configuring 14-6

incompatibilities with other features 14-6

twisted-pair Ethernet, detecting unidirectional links 26-1

U

UDLD

configuration guidelines 26-4

default configuration 26-4

disabling

globally 26-5

on fiber-optic interfaces 26-5

per interface 26-5

echoing detection mechanism 26-2

enabling

globally 26-5

per interface 26-5

Layer 2 protocol tunneling 14-15

link-detection mechanism 26-1

neighbor database 26-2

overview 26-1

resetting an interface 26-6

status, displaying 26-6

support for 1-5

UDP

datagrams 36-15

defined

forwarding 36-13

UDP, configuring 36-13

UDP jitter, configuring 41-9

UDP jitter operation, IP SLAs 41-8

unauthorized ports with 802.1x 9-4

unconditional priority policing

configuration guidelines 34-69

priority with police 34-30

UN-ENI VLANs

defined 12-5

UNI

configuring 10-17

described 10-2

protocol control packets on 33-1

unicast MAC address filtering

and adding static addresses 5-29

and broadcast MAC addresses 5-28

and CPU packets 5-28

and multicast addresses 5-28

and router MAC addresses 5-28

configuration guidelines 5-28

described 5-28

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-7

UNI community VLAN 12-6

UniDirectional Link Detection protocol

See UDLD

UNI isolated VLAN 12-6

UNIs, remote (CFM) 43-45

UNI VLANs

and private VLANs 12-13

and RSPAN VLANs 12-13

configuration guidelines 12-12

configuring 12-13

UNIX syslog servers

daemon configuration 29-12

facilities supported 29-13

message logging configuration 29-12

upgrading software images

See downloading

upgrading with CNS 4-14

uploading

configuration files

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-14

using RCP B-18

using TFTP B-11

image files

preparing B-25, B-28, B-32

reasons for B-23

using FTP B-31

using RCP B-35

using TFTP B-27

usage guidelines

Layer 2 traceroute 46-13

User Datagram Protocol

See UDP

user EXEC mode 2-2

username-based authentication 8-6

user network interface

See UNI

V

Virtual Private Network

See VPN

virtual router 40-1, 40-2

vlan.dat file 12-3

VLAN 1

disabling on a trunk port 12-18

minimization 12-18

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 12-24

VLAN blocking, REP 18-12

VLAN configuration mode 2-2

VLAN database

VLAN configuration saved in 12-10

VLANs saved in 12-3

vlan dot1q tag native command 14-4

VLAN filtering and SPAN 27-6

vlan global configuration command 12-7, 12-9

VLAN ID

discovering 5-31

service provider 14-8

VLAN ID translation

See VLAN mapping

VLAN load balancing

configuration guidelines on flex links 19-8

on flex links 19-2

REP 18-4

triggering 18-5

VLAN loopback

defined 43-41

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 32-29

VLAN mapping

1-to-1 14-8

1-to-1, configuring 14-10

configuration guidelines 14-9

configuring 14-10

configuring on a trunk port 14-10

default 14-9

described 14-7

selective QinQ 14-8

selective Q-in-Q, configuring 14-12

traditional QinQ 14-8

traditional Q-in-Q, configuring 14-11

types of 14-8

VLAN maps

applying 32-33

common uses for 32-33

configuration guidelines 32-29

configuring 32-29

creating 32-30

defined 32-2, 32-5

denying access to a server example 32-34

denying and permitting packets 32-31

displaying 32-39

examples of ACLs and VLAN maps 32-31

removing 32-33

support for 1-8

wiring closet configuration example 32-34

with router ACLs 32-39

VLAN membership

confirming 12-27

modes 12-5

VLAN Query Protocol

See VQP

VLANs

adding 12-9

aging dynamic addresses 15-9

allowed on trunk 12-18

and spanning-tree instances 12-3, 12-9

configuration guidelines 12-8

configuration guidelines, normal-range VLANs 12-8

configuring 12-1

connecting through SVIs 10-7

customer numbering in service-provider networks 14-3

default configuration 12-7

described 10-2, 12-1

displaying 12-14

extended-range 12-1

features 1-6

illustrated 12-2

internal 12-9

limiting source traffic with RSPAN 27-21

limiting source traffic with SPAN 27-15

modifying 12-9

multicast 22-15

native, configuring 12-19

normal-range 12-1, 12-3

number supported 1-6

parameters 12-3

port membership modes 12-4

static-access ports 12-11

STP and 802.1Q trunks 15-11

supported 12-3

traffic between 12-2

UNI 12-5

UNI community 12-6

UNI isolated 12-6

VLAN trunks 12-15

VMPS

administering 12-28

configuration example 12-28

configuration guidelines 12-25

default configuration 12-25

description 12-23

dynamic port membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

mapping MAC addresses to VLANs 12-23

monitoring 12-28

reconfirmation interval, changing 12-27

reconfirming membership 12-27

retry count, changing 12-27

VPN

configuring routing in 36-89

forwarding 36-84

in service provider networks 36-81

routes 1-17, 36-82

VPN routing and forwarding table

See VRF

VQP 1-6, 12-23

VRF

defining 36-83

tables 1-17, 36-81

VRF-aware services

ARP 36-86

configuring 36-86

ftp 36-88

HSRP 36-87

ping 36-86

SNMP 36-87

syslog 36-88

tftp 36-88

traceroute 36-88

VTP Layer 2 protocol tunneling 14-13

W

weighted tail drop

See WTD

weight thresholds in tracked lists 42-5

WTD

configuration guidelines 34-72

configuring 34-71, 34-72

described 34-32

support for 1-9

Y

Y.1731

default configuration 43-24

described 43-21

ETH-AIS

configuring 43-24

Ethernet Alarm Signal function (ETH-AIS)

     1

ETH-LCK 43-23

configuring 43-26

ETH-RDI 43-23

multicast Ethernet loopback 43-28

multicast ETH-LB 43-23

terminology 43-22