-
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide, Rel. 12.2(25)SEF1
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Assigning the Switch IP Address and Default Gateway
-
Configuring Cisco IOS CNS Agents
-
Administering the Switch
-
Configuring Switch-Based Authentication
-
Configuring IEEE 802.1x Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring Smartports Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Voice VLAN
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Flex Links and the MAC Address-Table Move Update Feature
-
Configuring DHCP Features
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels and Layer 2 Trunk Failover and Link-State Tracking
-
Troubleshooting
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(25)SEF
-
Feedback
Table Of Contents
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
A
abbreviating commands 2-4
access-class command 26-17
access control entries
access-denied response, VMPS 10-25
access lists
accounting
with 802.1x 7-29
with IEEE 802.1x 7-9
with RADIUS 6-28
ACEs
and QoS 27-7
defined 26-2
Ethernet 26-2
IP 26-2
ACLs
ACEs 26-2
any keyword 26-10
applying
time ranges to 26-15
to an interface 26-18
to QoS 27-7
classifying traffic for QoS 27-42
comments in 26-17
compiling 26-19
extended IP
configuring for QoS classification 27-43
extended IPv4
creating 26-9
matching criteria 26-6
hardware and software handling 26-19
host keyword 26-11
IP
creating 26-6
fragments and QoS guidelines 27-32
implicit deny 26-8, 26-12, 26-14
implicit masks 26-8
matching criteria 26-6
undefined 26-18
IPv4
applying to interfaces 26-18
creating 26-6
matching criteria 26-6
named 26-13
numbers 26-7
terminal lines, setting on 26-17
unsupported features 26-5
monitoring 26-30
named, IPv4 26-13
number per QoS class map 27-32
port 26-2
precedence of 26-2
resequencing entries 26-13
standard IP, configuring for QoS classification 27-42
standard IPv4
creating 26-8
matching criteria 26-6
support for 1-6
support in hardware 26-19
time ranges 26-15
types supported 26-2
unsupported features, IPv4 26-5
VLAN maps
configuration guidelines 26-24
configuring 26-23
active links 16-1
address aliasing 18-2
addresses
displaying the MAC address table 5-26
dynamic
accelerated aging 13-8
changing the aging time 5-21
default aging 13-8
defined 5-19
learning 5-20
removing 5-22
MAC, discovering 5-26
static
adding and removing 5-24
defined 5-19
address resolution 5-26
Address Resolution Protocol
advertisements
CDP 20-1
aggregated ports
aggregate policers 27-57
aggregate policing 1-7
aging, accelerating 13-8
aging time
accelerated
for MSTP 14-23
MAC address table 5-21
maximum
alarms, RMON 23-3
allowed-VLAN list 10-19
ARP
table
address resolution 5-26
managing 5-26
attributes, RADIUS
vendor-proprietary 6-31
vendor-specific 6-29
audience xxvii
authentication
local mode with AAA 6-36
NTP associations 5-4
RADIUS
key 6-21
login 6-23
TACACS+
defined 6-11
key 6-13
login 6-14
See also port-based authentication
authentication failed VLAN
authoritative time source, described 5-2
authorization
with RADIUS 6-27
authorized ports with IEEE 802.1x 7-7
autoconfiguration 3-3
automatic QoS
auto-MDIX
configuring 8-16
described 8-16
autonegotiation
duplex mode 1-2
interface configuration guidelines 8-12
mismatches 29-7
autosensing, port speed 1-2
auxiliary VLAN
availability, features 1-4
B
BackboneFast
described 15-5
disabling 15-14
enabling 15-13
support for 1-4
backup interfaces
backup links 16-1
banners
configuring
login 5-19
message-of-the-day login 5-18
default configuration 5-17
when displayed 5-17
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 19-6
booting
boot loader, function of 3-2
boot process 3-1
manually 3-15
specific image 3-16
boot loader
accessing 3-16
described 3-2
environment variables 3-16
prompt 3-16
trap-door mechanism 3-2
BPDU
error-disabled state 15-2
filtering 15-3
RSTP format 14-12
BPDU filtering
described 15-3
disabling 15-12
enabling 15-12
support for 1-5
BPDU guard
described 15-2
disabling 15-11
enabling 15-11
support for 1-5
bridge protocol data unit
broadcast storm-control command 19-4
broadcast storms 19-1
C
cables, monitoring for unidirectional links 21-1
CA trustpoint
configuring 6-45
defined 6-43
caution, described xxviii
CDP
and trusted boundary 27-38
configuring 20-2
default configuration 20-2
described 20-1
disabling for routing device20-3to 20-4
enabling and disabling
on an interface 20-4
on a switch 20-3
monitoring 20-4
overview 20-1
support for 1-4
transmission timer and holdtime, setting 20-2
updates 20-2
CGMP
as IGMP snooping learning method 18-8
joining multicast group 18-3
CipherSuites 6-44
Cisco 7960 IP Phone 12-1
Cisco Discovery Protocol
Cisco Intelligence Engine 2100 Series Configuration Registrar
Cisco IOS File System
CIST regional root
CIST root
class maps for QoS
configuring 27-45
described 27-7
displaying 27-77
class of service
clearing interfaces 8-20
CLI
abbreviating commands 2-4
command modes 2-1
configuration logging 2-5
described 1-3
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-9
error messages 2-5
filtering command output 2-10
getting help 2-3
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
no and default forms of commands 2-4
client mode, VTP 11-3
clock
clusters, switch
benefits 1-2
CNS
Configuration Engine
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-8
command-line interface
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
commands, setting privilege levels 6-8
community strings
configuring 25-8
overview 25-4
compatibility, feature 19-11
config.text 3-14
configurable leave timer, IGMP 18-5
configuration, initial
defaults 1-8
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 3-14
deleting a stored configuration B-19
described B-8
downloading
automatically 3-14
reasons for B-9
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 25-15
obtaining with DHCP 3-7
password recovery disable considerations 6-5
specifying the filename 3-14
system contact and location information 25-14
types and location B-10
uploading
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
configuration logging 2-5
configuration settings, saving 3-10
configure terminal command 8-6
connections, secure remote 6-38
connectivity problems 29-9, 29-10, 29-12
consistency checks in VTP Version 2 11-4
console port, connecting to 2-10
conventions
command xxviii
for examples xxviii
publication xxviii
text xxviii
corrupted software, recovery steps with Xmodem 29-2
CoS
in Layer 2 frames 27-2
override priority 12-6
trust priority 12-6
CoS input queue threshold map for QoS 27-16
CoS output queue threshold map for QoS 27-19
CoS-to-DSCP map for QoS 27-59
counters, clearing interface 8-20
crashinfo file 29-18
critical authentication, IEEE 802.1x 7-33
cryptographic software image
Kerberos 6-32
SSH 6-37
SSL 6-42
D
daylight saving time 5-13
debugging
enabling all system diagnostics 29-15
enabling for a specific feature 29-15
redirecting error message output 29-16
using commands 29-14
default commands 2-4
default configuration
802.1x 7-19
auto-QoS 27-21
banners 5-17
booting 3-14
CDP 20-2
DHCP 17-6
DHCP option 82 17-7
DHCP snooping 17-7
DNS 5-16
EtherChannel 28-9
Ethernet interfaces 8-10
Flex Links 16-4
IGMP filtering 18-24
IGMP snooping 18-6
IGMP throttling 18-24
initial switch information 3-3
Layer 2 interfaces 8-10
MAC address table 5-21
MAC address-table move update 16-4
MSTP 14-14
MVR 18-19
NTP 5-4
optional spanning-tree configuration 15-9
password and privilege level 6-2
RADIUS 6-20
RMON 23-3
RSPAN 22-9
SNMP 25-6
SPAN 22-9
SSL 6-44
standard QoS 27-30
STP 13-11
system message logging 24-3
system name and prompt 5-15
TACACS+ 6-13
UDLD 21-4
VLAN, Layer 2 Ethernet interfaces 10-17
VLANs 10-7
VMPS 10-26
voice VLAN 12-3
VTP 11-6
default gateway 3-10
deleting VLANs 10-9
denial-of-service attack 19-1
description command 8-17
destination addresses, in IPv4 ACLs 26-10
destination-IP address-based forwarding, EtherChannel 28-7
destination-MAC address forwarding, EtherChannel 28-6
detecting indirect link failures, STP 15-5
device B-19
device discovery protocol 20-1
device manager
benefits 1-2
in-band management 1-4
requirements xxviii
upgrading a switch B-19
DHCP
Cisco IOS server database
configuring 17-10
enabling
relay agent 17-8
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
TFTP server 3-6
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-3
relay support 1-3
support for 1-3
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 17-5
configuration guidelines 17-7
default configuration 17-6
displaying 17-10
overview 17-3
packet format, suboption
circuit ID 17-5
remote ID 17-5
remote ID suboption 17-5
DHCP server 3-3
DHCP snooping
accepting untrusted packets form edge switch 17-3, 17-9
configuration guidelines 17-7
default configuration 17-6
displaying binding tables 17-10
message exchange process 17-4
option 82 data insertion 17-3
trusted interface 17-2
untrusted interface 17-2
untrusted messages 17-2
DHCP snooping binding database
default configuration 17-6
displaying 17-10
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 27-2
Differentiated Services Code Point 27-2
directed unicast requests 1-3
directories
changing B-3
creating and removing B-4
displaying the working B-3
DNS
and DHCP-based autoconfiguration 3-6
default configuration 5-16
displaying the configuration 5-17
overview 5-15
setting up 5-16
support for 1-3
documentation, related xxviii
document conventions xxviii
domain names
DNS 5-15
VTP 11-8
Domain Name System
downloading
configuration files
reasons for B-9
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-23
reasons for B-19
using FTP B-26
using HTTP B-19
using RCP B-30
using TFTP B-22
using the device manager or Network Assistant B-19
DSCP input queue threshold map for QoS 27-16
DSCP output queue threshold map for QoS 27-19
DSCP-to-CoS map for QoS 27-62
DSCP-to-DSCP-mutation map for QoS 27-63
DSCP transparency 27-39
dual-purpose uplinks
defined 8-4
setting the type 8-12
dynamic access ports
characteristics 10-3
configuring 10-27
defined 8-3
dynamic addresses
dynamic auto trunking mode 10-16
dynamic desirable trunking mode 10-16
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 10-26
reconfirming 10-28
troubleshooting 10-30
types of connections 10-27
Dynamic Trunking Protocol
E
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-9
EKEY error-disabled state 8-2
enable password 6-3
enable secret password 6-3
encryption, CipherSuite 6-44
encryption for passwords 6-3
environment variables, function of 3-17
error-disabled state
BPDU 15-2
EKEY 8-2
error messages during command entry 2-5
EtherChannel
automatic creation of 28-4, 28-5
channel groups
binding physical and logical interfaces 28-3
numbering of 28-3
configuration guidelines 28-9
default configuration 28-9
described 28-2
displaying status 28-17
forwarding methods 28-6, 28-12
IEEE 802.3ad, described 28-5
interaction
with STP 28-9
with VLANs 28-10
LACP
described 28-5
displaying status 28-17
hot-standby ports 28-14
interaction with other features 28-6
modes 28-5
port priority 28-16
system priority 28-15
PAgP
aggregate-port learners 28-13
compatibility with Catalyst 1900 28-13
described 28-4
displaying status 28-17
interaction with other features 28-5
learn method and priority configuration 28-13
modes 28-4
support for 1-2
port-channel interfaces
described 28-3
numbering of 28-3
port groups 8-4
support for 1-2
EtherChannel guard
described 15-7
disabling 15-14
enabling 15-14
Ethernet VLANs
adding 10-8
defaults and ranges 10-7
modifying 10-8
events, RMON 23-3
examples
conventions for xxviii
expedite queue for QoS 27-76
Express Setup 1-2
See also getting started guide
extended crashinfo file 29-18
extended-range VLANs
configuration guidelines 10-12
configuring 10-11
creating 10-12
defined 10-1
extended system ID
MSTP 14-17
Extensible Authentication Protocol over LAN 7-1
F
Fast Ethernet 0
features, incompatible 19-11
fiber-optic, detecting unidirectional links 21-1
files
basic crashinfo
description 29-18
location 29-18
copying B-4
crashinfo
description 29-18
deleting B-5
displaying the contents of B-8
extended crashinfo
description 29-18
location 29-18
tar
creating B-6
displaying the contents of B-6
extracting B-8
image file format B-20
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 26-23
non-IP traffic 26-21
show and more command output 2-10
filtering show and more command output 2-10
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 16-4
configuring 16-5
default configuration 16-4
description 16-1
monitoring 16-8
flooded traffic, blocking 19-7
flow-based packet classification 1-7
flowcharts
QoS classification 27-6
QoS egress queueing and scheduling 27-17
QoS ingress queueing and scheduling 27-15
QoS policing and marking 27-10
flowcontrol
configuring 8-15
described 8-15
forward-delay time
MSTP 14-23
STP 13-21
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-14
image files
deleting old image B-27
downloading B-26
preparing the server B-25
uploading B-27
G
get-bulk-request operation 25-3
get-next-request operation 25-3, 25-4
get-request operation 25-3, 25-4
get-response operation 25-3
global configuration mode 2-2
global leave, IGMP 18-12
guest VLAN and 802.1x 7-12
guide
audience xxvii
purpose of xxvii
GUIs
See device manager and Network Assistant
H
hello time
MSTP 14-22
STP 13-20
help, for the command line 2-3
hierarchical policy maps 27-8
configuration guidelines 27-32
configuring 27-51
described 27-10
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
history table, level and number of syslog messages 24-9
hosts, limit on dynamic ports 10-30
HP Onboard Administrator
DHCP server 3-3
error-disabled state 8-2
internal connection to 1-3
HP OpenView 1-3
HTTP over SSL
HTTPS 6-42
configuring 6-46
self-signed certificate 6-43
HTTP secure server 6-42
I
ICMP
time-exceeded messages 29-12
traceroute and 29-12
ICMP ping
executing 29-9
overview 29-9
IDS appliances
and ingress RSPAN 22-20
and ingress SPAN 22-13
IEEE 802.1D
IEEE 802.1p 12-1
IEEE 802.1Q
and trunk ports 8-3
configuration limitations 10-16
encapsulation 10-14
native VLAN for untagged traffic 10-21
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3x flow control 8-15
ifIndex values, SNMP 25-5
IFS 1-4
IGMP
configurable leave timer
enabling 18-11
flooded multicast traffic
controlling the length of time 18-12
disabling on an interface 18-13
global leave 18-12
query solicitation 18-12
recovering from flood mode 18-12
joining multicast group 18-3
join messages 18-3
leave processing, enabling 18-10
leaving multicast group 18-5
queries 18-4
report suppression
described 18-6
disabling 18-15
supported versions 18-2
support for 1-2
IGMP filtering
configuring 18-24
default configuration 18-24
described 18-23
monitoring 18-28
support for 1-2
IGMP groups
configuring filtering 18-27
setting the maximum number 18-26
IGMP Immediate Leave
configuration guidelines 18-11
described 18-5
enabling 18-10
IGMP profile
applying 18-25
configuration mode 18-24
configuring 18-25
IGMP snooping
and address aliasing 18-2
configuring 18-6
default configuration 18-6
definition 18-1
enabling and disabling 18-7
global configuration 18-7
Immediate Leave 18-5
method 18-8
monitoring 18-15
querier
configuration guidelines 18-13
configuring 18-13
supported versions 18-2
support for 1-2
VLAN configuration 18-7
IGMP throttling
configuring 18-27
default configuration 18-24
described 18-24
displaying action 18-28
Immediate Leave, IGMP 18-5
inaccessible authentication bypass 7-14
initial configuration
defaults 1-8
Express Setup 1-2
See also getting started guide and hardware installation guide
interface
number 8-6
range macros 8-8
interface command 8-6
interface configuration mode 2-3
interfaces
auto-MDIX, configuring 8-16
configuration guidelines
duplex and speed 8-11
configuring
procedure 8-6
counters, clearing 8-20
default configuration 8-10
described 8-17
descriptive name, adding 8-17
displaying information about 8-19
flow control 8-15
management 1-3
monitoring 8-19
naming 8-17
physical, identifying 8-6
range of 8-7
restarting 8-20
shutting down 8-20
speed and duplex, configuring 8-14
status 8-19
supported 8-6
types of 8-1
interfaces range macro command 8-8
interface types 8-6
Inter-Switch Link
Intrusion Detection System
IP ACLs
for QoS classification 27-7
implicit masks 26-8
named 26-13
undefined 26-18
IP addresses
discovering 5-26
ip igmp profile command 18-24
IP information
assigned
manually 3-10
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP phones
and QoS 12-1
automatic classification and queueing 27-20
configuring 12-4
ensuring port security with QoS 27-37
trusted boundary for QoS 27-37
IP precedence 27-2
IP-precedence-to-DSCP map for QoS 27-60
IP traceroute
executing 29-13
overview 29-12
IPv4 ACLs
applying to interfaces 26-18
extended, creating 26-9
named 26-13
standard, creating 26-8
ISL
and trunk ports 8-3
J
join messages, IGMP 18-3
K
KDC
described 6-32
Kerberos
authenticating to
boundary switch 6-34
KDC 6-34
network services 6-35
configuration examples 6-32
configuring 6-35
credentials 6-32
cryptographic software image 6-32
described 6-32
KDC 6-32
operation 6-34
realm 6-33
server 6-33
support for 1-6
switch as trusted third party 6-32
terms 6-33
TGT 6-34
tickets 6-32
key distribution center
L
LACP
Layer 2 frames, classification with CoS 27-2
Layer 2 interfaces, default configuration 8-10
Layer 2 traceroute
and ARP 29-11
and CDP 29-11
broadcast traffic 29-10
described 29-10
IP addresses and subnets 29-11
MAC addresses and VLANs 29-11
multicast traffic 29-11
multiple devices on a port 29-11
unicast traffic 29-10
usage guidelines 29-11
Layer 2 trunk failover
described 28-17
Layer 3 packets, classification methods 27-2
LDAP 4-2
LEDs, switch
See hardware installation guide
lightweight directory access protocol
line configuration mode 2-3
Link Aggregation Control Protocol
Link Failure
detecting unidirectional 14-8
link redundancy
links, unidirectional 21-1
local SPAN 22-2
login authentication
with RADIUS 6-23
with TACACS+ 6-14
login banners 5-17
log messages
loop guard
described 15-9
enabling 15-15
support for 1-5
M
MAC addresses
aging time 5-21
and VLAN association 5-20
building the address table 5-20
default configuration 5-21
discovering 5-26
displaying 5-26
dynamic
learning 5-20
removing 5-22
in ACLs 26-21
static
adding 5-24
allowing 5-25
characteristics of 5-24
dropping 5-25
removing 5-24
MAC address notification, support for 1-8
MAC address-table move update
configuration guidelines 16-4
configuring 16-6
default configuration 16-4
description 16-2
monitoring 16-8
MAC address-to-VLAN mapping 10-25
MAC extended access lists
applying to Layer 2 interfaces 26-22
configuring for QoS 27-44
creating 26-21
defined 26-21
for QoS classification 27-5
macros
magic packet 7-16
manageability features 1-3
management access
in-band
browser session 1-4
CLI session 1-4
device manager 1-4
SNMP 1-4
out-of-band console port connection 1-4
management options
CLI 2-1
CNS 4-1
overview 1-3
mapping tables for QoS
configuring
CoS-to-DSCP 27-59
DSCP 27-59
DSCP-to-CoS 27-62
DSCP-to-DSCP-mutation 27-63
IP-precedence-to-DSCP 27-60
policed-DSCP 27-61
described 27-12
marking
action in policy map 27-47
action with aggregate policers 27-57
matching, IPv4 ACLs 26-6
maximum aging time
MSTP 14-23
STP 13-21
maximum hop count, MSTP 14-24
membership mode, VLAN port 10-3
messages, to users through banners 5-17
MIBs
accessing files with FTP A-3
location of files A-3
overview 25-1
SNMP interaction with 25-4
supported A-1
mirroring traffic for analysis 22-1
mismatches, autonegotiation 29-7
module number 8-6
monitoring
access groups 26-30
cables for unidirectional links 21-1
CDP 20-4
features 1-8
Flex Links 16-8
IGMP
filters 18-28
snooping 18-15
interfaces 8-19
IPv4 ACL configuration 26-30
MAC address-table move update 16-8
multicast router interfaces 18-16
MVR 18-23
network traffic for analysis with probe 22-2
port
blocking 19-16
protection 19-16
speed and duplex mode 8-14
traffic flowing among switches 23-1
traffic suppression 19-16
VLAN
filters 26-30
maps 26-30
VLANs 10-13
VMPS 10-29
VTP 11-16
MSTP
boundary ports
configuration guidelines 14-15
described 14-6
BPDU filtering
described 15-3
enabling 15-12
BPDU guard
described 15-2
enabling 15-11
CIST, described 14-3
CIST root 14-5
configuration guidelines 14-15, 15-10
configuring
forward-delay time 14-23
hello time 14-22
link type for rapid convergence 14-24
maximum aging time 14-23
maximum hop count 14-24
MST region 14-16
neighbor type 14-25
path cost 14-20
port priority 14-19
root switch 14-17
secondary root switch 14-18
switch priority 14-21
CST
defined 14-3
operations between regions 14-4
default configuration 14-14
default optional feature configuration 15-9
displaying status 14-26
enabling the mode 14-16
EtherChannel guard
described 15-7
enabling 15-14
extended system ID
effects on root switch 14-17
effects on secondary root switch 14-18
unexpected behavior 14-17
IEEE 802.1s
implementation 14-6
port role naming change 14-7
terminology 14-5
instances supported 13-9
interface state, blocking to forwarding 15-2
interoperability and compatibility among modes 13-10
interoperability with IEEE 802.1D
described 14-8
restarting migration process 14-25
IST
defined 14-3
master 14-3
operations within a region 14-3
loop guard
described 15-9
enabling 15-15
mapping VLANs to MST instance 14-16
MST region
CIST 14-3
configuring 14-16
described 14-2
hop-count mechanism 14-5
IST 14-3
supported spanning-tree instances 14-2
optional features supported 1-5
overview 14-2
Port Fast
described 15-2
enabling 15-10
preventing root switch selection 15-8
root guard
described 15-8
enabling 15-15
root switch
configuring 14-17
effects of extended system ID 14-17
unexpected behavior 14-17
shutdown Port Fast-enabled port 15-2
status, displaying 14-26
multicast groups
Immediate Leave 18-5
joining 18-3
leaving 18-5
static joins 18-9
multicast router interfaces, monitoring 18-16
multicast router ports, adding 18-9
multicast storm 19-1
multicast storm-control command 19-4
multicast television application 18-18
multicast VLAN 18-17
Multicast VLAN Registration
MVR
and address aliasing 18-20
and IGMPv3 18-20
configuration guidelines 18-20
configuring interfaces 18-21
default configuration 18-19
described 18-17
example application 18-18
modes 18-21
monitoring 18-23
multicast television application 18-18
setting global parameters 18-20
support for 1-2
N
NAC
critical authentication 7-14, 7-33
inaccessible authentication bypass 7-33
named IPv4 ACLs 26-13
NameSpace Mapper
native VLAN
configuring 10-21
default 10-21
Network Assistant
benefits 1-2
described 1-3
network configuration examples
increasing network performance 1-10
providing network services 1-11
server aggregation and Linux server cluster 1-12
network design
performance 1-11
services 1-11
network management
CDP 20-1
RMON 23-1
SNMP 25-1
Network Time Protocol
no commands 2-4
nonhierarchical policy maps
configuration guidelines 27-32
configuring 27-47
described 27-9
non-IP traffic filtering 26-21
nontrunking mode 10-16
normal-range VLANs 10-4
configuration guidelines 10-5
configuration modes 10-6
configuring 10-4
defined 10-1
note, described xxviii
NSM 4-3
NTP
associations
authenticating 5-4
defined 5-2
enabling broadcast messages 5-6
peer 5-5
server 5-5
default configuration 5-4
displaying the configuration 5-11
overview 5-2
restricting access
creating an access group 5-8
disabling NTP services per interface 5-10
source IP address, configuring 5-10
stratum 5-2
support for 1-4
synchronizing devices 5-5
time
services 5-2
synchronizing 5-2
O
options, management 1-3
out-of-profile markdown 1-7
P
packet modification, with QoS 27-19
PAgP
passwords
default configuration 6-2
disabling recovery of 6-5
encrypting 6-3
for security 1-5
overview 6-1
recovery of 29-3
setting
enable 6-3
enable secret 6-3
Telnet 6-6
with usernames 6-6
VTP domain 11-8
path cost
MSTP 14-20
STP 13-18
performance, network design 1-10
performance features 1-2
persistent self-signed certificate 6-43
per-VLAN spanning-tree plus
physical ports 8-2
PIM-DVMRP, as snooping method 18-8
ping
character output description 29-10
executing 29-9
overview 29-9
policed-DSCP map for QoS 27-61
policers
configuring
for each matched traffic class 27-47
for more than one traffic class 27-57
described 27-4
displaying 27-77
number of 27-33
types of 27-9
policing
described 27-4
hierarchical
token-bucket algorithm 27-9
policy maps for QoS
characteristics of 27-47
described 27-7
displaying 27-78
hierarchical 27-8
hierarchical on SVIs
configuration guidelines 27-32
configuring 27-51
described 27-10
nonhierarchical on physical ports
configuration guidelines 27-32
configuring 27-47
described 27-9
port ACLs
defined 26-2
types of 26-3
Port Aggregation Protocol
port-based authentication
accounting 7-9
authentication server
defined 7-2
RADIUS server 7-2
client, defined 7-2
configuration guidelines 7-20
configuring
802.1x authentication 7-22
guest VLAN 7-30
host mode 7-25
inaccessible authentication bypass 7-33
manual re-authentication of a client 7-26
periodic re-authentication 7-25
quiet period 7-26
RADIUS server 7-24
RADIUS server parameters on the switch 7-23
restricted VLAN 7-31
switch-to-client frame-retransmission number 7-28, 7-29
switch-to-client retransmission time 7-27
default configuration 7-19
described 7-1
device roles 7-2
displaying statistics 7-39
EAPOL-start frame 7-5
EAP-request/identity frame 7-5
EAP-response/identity frame 7-5
encapsulation 7-3
guest VLAN
configuration guidelines 7-12, 7-13
described 7-12
host mode 7-8
inaccessible authentication bypass
configuring 7-33
described 7-14
guidelines 7-21
initiation and message exchange 7-5
magic packet 7-16
method lists 7-22
multiple-hosts mode, described 7-8
per-user ACLs
AAA authorization 7-22
configuration tasks 7-12
described 7-11
RADIUS server attributes 7-11
ports
authorization state and dot1x port-control command 7-7
authorized and unauthorized 7-7
critical 7-14
voice VLAN 7-15
port security
and voice VLAN 7-16
described 7-15
interactions 7-16
multiple-hosts mode 7-8
resetting to default values 7-38
statistics, displaying 7-39
switch
as proxy 7-3
RADIUS client 7-3
VLAN assignment
AAA authorization 7-22
characteristics 7-10
configuration tasks 7-11
described 7-10
voice VLAN
described 7-15
PVID 7-15
VVID 7-15
wake-on-LAN, described 7-16
port-channel
Port Fast
described 15-2
enabling 15-10
mode, spanning tree 10-26
support for 1-5
port membership modes, VLAN 10-3
port priority
MSTP 14-19
STP 13-16
ports
access 8-3
blocking 19-6
dual-purpose uplink 8-4
dynamic access 10-3
protected 19-5
switch 8-2
VLAN assignments 10-10
port security
aging 19-15
and QoS trusted boundary 27-37
configuring 19-11
default configuration 19-10
described 19-7
displaying 19-16
on trunk ports 19-12
sticky learning 19-8
violations 19-9
with other features 19-10
port-shutdown response, VMPS 10-25
preemption
default configuration 16-4
preemption delay
default configuration 16-4
preferential treatment of traffic
preventing unauthorized access 6-1
primary links 16-2
priority
overriding CoS 12-6
trusting CoS 12-6
private VLAN edge ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 6-9
exiting 6-9
logging into 6-9
setting a command with 6-8
pruning, VTP
disabling
in VTP domain 11-14
on a port 10-21
enabling
in VTP domain 11-14
on a port 10-20
examples 11-5
overview 11-4
pruning-eligible list
changing 10-20
for VTP pruning 11-4
VLANs 11-14
PVST+
described 13-9
IEEE 802.1Q trunking interoperability 13-10
instances supported 13-9
Q
QoS
and MQC commands 27-1
auto-QoS
categorizing traffic 27-21
configuration and defaults display 27-29
configuration guidelines 27-25
described 27-20
disabling 27-26
displaying generated commands 27-26
displaying the initial configuration 27-29
effects on running configuration 27-25
egress queue defaults 27-21
enabling for VoIP 27-26
example configuration 27-27
ingress queue defaults 27-21
list of generated commands 27-22
basic model 27-4
classification
class maps, described 27-7
defined 27-4
DSCP transparency, described 27-39
flowchart 27-6
forwarding treatment 27-3
in frames and packets 27-3
MAC ACLs, described 27-5, 27-7
options for IP traffic 27-5
options for non-IP traffic 27-5
policy maps, described 27-7
trust DSCP, described 27-5
trusted CoS, described 27-5
trust IP precedence, described 27-5
class maps
configuring 27-45
displaying 27-77
configuration guidelines
auto-QoS 27-25
standard QoS 27-32
configuring
aggregate policers 27-57
auto-QoS 27-20
default port CoS value 27-37
DSCP maps 27-59
DSCP transparency 27-39
DSCP trust states bordering another domain 27-39
egress queue characteristics 27-69
ingress queue characteristics 27-65
IP extended ACLs 27-43
IP standard ACLs 27-42
MAC ACLs 27-44
policy maps, hierarchical 27-51
policy maps on physical ports 27-47
port trust states within the domain 27-35
trusted boundary 27-37
default auto configuration 27-21
default standard configuration 27-30
displaying statistics 27-77
DSCP transparency 27-39
egress queues
allocating buffer space 27-70
buffer allocation scheme, described 27-18
configuring shaped weights for SRR 27-74
configuring shared weights for SRR 27-75
described 27-4
displaying the threshold map 27-73
flowchart 27-17
mapping DSCP or CoS values 27-72
scheduling, described 27-4
setting WTD thresholds 27-70
WTD, described 27-19
enabling globally 27-34
flowcharts
classification 27-6
egress queueing and scheduling 27-17
ingress queueing and scheduling 27-15
policing and marking 27-10
implicit deny 27-7
ingress queues
allocating bandwidth 27-67
allocating buffer space 27-67
buffer and bandwidth allocation, described 27-16
configuring shared weights for SRR 27-67
configuring the priority queue 27-68
described 27-4
displaying the threshold map 27-66
flowchart 27-15
mapping DSCP or CoS values 27-66
priority queue, described 27-16
scheduling, described 27-4
setting WTD thresholds 27-66
WTD, described 27-16
IP phones
automatic classification and queueing 27-20
detection and trusted settings 27-20, 27-37
limiting bandwidth on egress interface 27-76
mapping tables
CoS-to-DSCP 27-59
displaying 27-77
DSCP-to-CoS 27-62
DSCP-to-DSCP-mutation 27-63
IP-precedence-to-DSCP 27-60
policed-DSCP 27-61
types of 27-12
marked-down actions 27-49, 27-54
overview 27-1
packet modification 27-19
policers
configuring 27-49, 27-54, 27-57
described 27-8
displaying 27-77
number of 27-33
types of 27-9
policies, attaching to an interface 27-8
policing
token bucket algorithm 27-9
policy maps
characteristics of 27-47
displaying 27-78
hierarchical 27-8
hierarchical on SVIs 27-51
nonhierarchical on physical ports 27-47
QoS label, defined 27-4
queues
configuring egress characteristics 27-69
configuring ingress characteristics 27-65
high priority (expedite) 27-19, 27-76
location of 27-13
SRR, described 27-14
WTD, described 27-13
rewrites 27-19
support for 1-7
trust states
bordering another domain 27-39
described 27-5
trusted device 27-37
within the domain 27-35
quality of service
queries, IGMP 18-4
query solicitation, IGMP 18-12
R
RADIUS
attributes
vendor-proprietary 6-31
vendor-specific 6-29
configuring
accounting 6-28
authentication 6-23
authorization 6-27
communication, global 6-21, 6-29
communication, per-server 6-20, 6-21
multiple UDP ports 6-21
default configuration 6-20
defining AAA server groups 6-25
displaying the configuration 6-31
identifying the server 6-20
limiting the services to the user 6-27
method list, defined 6-20
operation of 6-19
overview 6-18
suggested network environments 6-18
support for 1-6
tracking services accessed by user 6-28
range
macro 8-8
of interfaces 8-7
rapid convergence 14-10
rapid per-VLAN spanning-tree plus
rapid PVST+
described 13-9
IEEE 802.1Q trunking interoperability 13-10
instances supported 13-9
Rapid Spanning Tree Protocol
RCP
configuration files
downloading B-17
overview B-15
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-30
preparing the server B-29
uploading B-32
reconfirmation interval, VMPS, changing 10-28
reconfirming dynamic VLAN membership 10-28
recovery procedures 29-1
redundancy
EtherChannel 28-2
STP
backbone 13-8
path cost 10-23
port priority 10-22
redundant links and UplinkFast 15-13
reloading software 3-18
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
remote SPAN 22-2
report suppression, IGMP
described 18-6
disabling 18-15
requirements
device manager xxviii
resequencing ACL entries 26-13
resetting a UDLD-shutdown interface 21-6
restricted VLAN
configuring 7-31
described 7-13
using with IEEE 802.1x 7-13
restricting access
NTP services 5-8
overview 6-1
passwords and privilege levels 6-2
RADIUS 6-17
TACACS+ 6-10
retry count, VMPS, changing 10-29
RFC
1112, IP multicast and IGMP 18-2
1157, SNMPv1 25-2
1305, NTP 5-2
1757, RMON 23-2
1901, SNMPv2C 25-2
1902 to 1907, SNMPv2 25-2
2236, IP multicast and IGMP 18-2
2273-2275, SNMPv3 25-2
RMON
default configuration 23-3
displaying status 23-6
enabling alarms and events 23-3
groups supported 23-2
overview 23-1
statistics
collecting group Ethernet 23-5
collecting group history 23-5
support for 1-8
root guard
described 15-8
enabling 15-15
support for 1-5
root switch
MSTP 14-17
STP 13-14
RSPAN 22-2
characteristics 22-7
configuration guidelines 22-15
default configuration 22-9
destination ports 22-6
displaying status 22-23
interaction with other features 22-8
monitored ports 22-5
monitoring ports 22-6
received traffic 22-4
sessions
creating 22-16
defined 22-3
limiting source traffic to specific VLANs 22-22
specifying monitored ports 22-16
with ingress traffic enabled 22-20
source ports 22-5
transmitted traffic 22-5
VLAN-based 22-6
RSTP
active topology 14-9
BPDU
format 14-12
processing 14-13
designated port, defined 14-9
designated switch, defined 14-9
interoperability with IEEE 802.1D
described 14-8
restarting migration process 14-25
topology changes 14-13
overview 14-8
port roles
described 14-9
synchronized 14-11
proposal-agreement handshake process 14-10
rapid convergence
described 14-10
edge ports and Port Fast 14-10
point-to-point links 14-10, 14-24
root ports 14-10
root port, defined 14-9
running configuration, saving 3-10
S
scheduled reloads 3-18
secure HTTP client
configuring 6-47
displaying 6-48
secure HTTP server
configuring 6-46
displaying 6-48
secure MAC addresses
deleting 19-14
maximum number of 19-9
types of 19-8
secure remote connections 6-38
Secure Socket Layer
security, port 19-7
security features 1-5
sequence numbers in log messages 24-7
server mode, VTP 11-3
service-provider network, MSTP and RSTP 14-1
set-request operation 25-4
severity levels, defining in system messages 24-8
SFPs
monitoring status of 8-19, 29-8
security and identification 29-8
status, displaying 29-8
shaped round robin
show access-lists hw-summary command 26-19
show and more command output, filtering 2-10
show cdp traffic command 20-5
show configuration command 8-17
show forward command 29-16
show interfaces command 8-14, 8-17
show platform forward command 29-16
show running-config command
displaying ACLs 26-18, 26-25, 26-27
interface description in 8-17
shutdown command on interfaces 8-20
Simple Network Management Protocol
Smartports macros
applying Cisco-default macros 9-6
applying global parameter values 9-5, 9-6
applying macros 9-5
applying parameter values 9-5, 9-7
configuration guidelines 9-3
creating 9-4
default configuration 9-2
defined 9-1
displaying 9-8
tracing 9-3
website 9-2
SNAP 20-1
SNMP
accessing MIB variables with 25-4
agent
described 25-4
disabling 25-7
authentication level 25-10
community strings
configuring 25-8
overview 25-4
configuration examples 25-15
default configuration 25-6
engine ID 25-7
host 25-6
ifIndex values 25-5
in-band management 1-4
informs
and trap keyword 25-11
described 25-5
differences from traps 25-5
disabling 25-14
enabling 25-14
limiting access by TFTP servers 25-15
limiting system log messages to NMS 24-9
MIBs
location of A-3
supported A-1
notifications 25-5
security levels 25-3
status, displaying 25-16
system contact and location 25-14
trap manager, configuring 25-13
traps
differences from informs 25-5
disabling 25-14
enabling 25-11
enabling MAC address notification 5-22
types of 25-11
versions supported 25-2
SNMPv1 25-2
SNMPv2C 25-2
SNMPv3 25-2
snooping, IGMP 18-1
software images
location in flash B-20
recovery procedures 29-2
scheduling reloads 3-18
tar file format, described B-20
See also downloading and uploading
source addresses, in IPv4 ACLs 26-10
source-and-destination-IP address based forwarding, EtherChannel 28-7
source-and-destination MAC address forwarding, EtherChannel 28-6
source-IP address based forwarding, EtherChannel 28-7
source-MAC address forwarding, EtherChannel 28-6
SPAN
configuration guidelines 22-10
default configuration 22-9
destination ports 22-6
displaying status 22-23
interaction with other features 22-8
monitored ports 22-5
monitoring ports 22-6
ports, restrictions 19-11
received traffic 22-4
sessions
configuring ingress forwarding 22-14, 22-21
creating 22-10
defined 22-3
limiting source traffic to specific VLANs 22-14
removing destination (monitoring) ports 22-12
specifying monitored ports 22-10
with ingress traffic enabled 22-13
source ports 22-5
transmitted traffic 22-5
VLAN-based 22-6
spanning tree and native VLANs 10-17
Spanning Tree Protocol
SPAN traffic 22-4
SRR
configuring
shaped weights on egress queues 27-74
shared weights on egress queues 27-75
shared weights on ingress queues 27-67
described 27-14
shaped mode 27-14
shared mode 27-14
support for 1-7
SSH
configuring 6-39
cryptographic software image 6-37
encryption methods 6-38
user authentication methods, supported 6-38
SSL
configuration guidelines 6-45
configuring a secure HTTP client 6-47
configuring a secure HTTP server 6-46
cryptographic software image 6-42
described 6-42
monitoring 6-48
standby links 16-2
startup configuration
booting
manually 3-15
specific image 3-16
clearing B-19
configuration file
automatically downloading 3-14
specifying the filename 3-14
default boot configuration 3-14
static access ports
assigning to VLAN 10-10
static addresses
static MAC addressing 1-5
static VLAN membership 10-2
statistics
802.1x 7-39
CDP 20-4
interface 8-19
QoS ingress and egress 27-77
RMON group Ethernet 23-5
RMON group history 23-5
SNMP input and output 25-16
VTP 11-16
sticky learning 19-8
storm control
configuring 19-3
described 19-1
disabling 19-5
displaying 19-16
support for 1-2
thresholds 19-1
STP
accelerating root port selection 15-4
BackboneFast
described 15-5
disabling 15-14
enabling 15-13
BPDU filtering
described 15-3
disabling 15-12
enabling 15-12
BPDU guard
described 15-2
disabling 15-11
enabling 15-11
BPDU message exchange 13-3
configuration guidelines 13-12, 15-10
configuring
forward-delay time 13-21
hello time 13-20
maximum aging time 13-21
path cost 13-18
port priority 13-16
root switch 13-14
secondary root switch 13-16
spanning-tree mode 13-13
switch priority 13-19
transmit hold-count 13-22
counters, clearing 13-22
default configuration 13-11
default optional feature configuration 15-9
designated port, defined 13-3
designated switch, defined 13-3
detecting indirect link failures 15-5
disabling 13-14
displaying status 13-22
EtherChannel guard
described 15-7
disabling 15-14
enabling 15-14
extended system ID
effects on root switch 13-14
effects on the secondary root switch 13-16
overview 13-4
unexpected behavior 13-14
features supported 1-4
IEEE 802.1D and bridge ID 13-4
IEEE 802.1D and multicast addresses 13-8
IEEE 802.1t and VLAN identifier 13-4
inferior BPDU 13-3
instances supported 13-9
interface state, blocking to forwarding 15-2
interface states
blocking 13-6
disabled 13-7
learning 13-6
listening 13-6
overview 13-4
interoperability and compatibility among modes 13-10
limitations with IEEE 802.1Q trunks 13-10
load sharing
overview 10-21
using path costs 10-23
using port priorities 10-22
loop guard
described 15-9
enabling 15-15
modes supported 13-9
multicast addresses, effect of 13-8
optional features supported 1-5
overview 13-2
Port Fast
described 15-2
enabling 15-10
port priorities 10-22
preventing root switch selection 15-8
protocols supported 13-9
redundant connectivity 13-8
root guard
described 15-8
enabling 15-15
root port, defined 13-3
root switch
configuring 13-14
effects of extended system ID 13-4, 13-14
election 13-3
unexpected behavior 13-14
shutdown Port Fast-enabled port 15-2
status, displaying 13-22
superior BPDU 13-3
timers, described 13-20
UplinkFast
described 15-3
enabling 15-13
stratum, NTP 5-2
success response, VMPS 10-25
summer time 5-13
SunNet Manager 1-3
switch console port 1-4
Switched Port Analyzer
switched ports 8-2
switchport block multicast command 19-7
switchport block unicast command 19-7
switchport protected command 19-6
switch priority
MSTP 14-21
STP 13-19
switch software features 1-1
syslog
system clock
configuring
daylight saving time 5-13
manually 5-11
summer time 5-13
time zones 5-12
displaying the time and date 5-12
overview 5-1
system message logging
default configuration 24-3
defining error message severity levels 24-8
disabling 24-3
displaying the configuration 24-12
enabling 24-4
facility keywords, described 24-11
level keywords, described 24-9
limiting messages 24-9
message format 24-2
overview 24-1
sequence numbers, enabling and disabling 24-7
setting the display destination device 24-4
synchronizing log messages 24-5
syslog facility 1-8
time stamps, enabling and disabling 24-7
UNIX syslog servers
configuring the daemon 24-10
configuring the logging facility 24-11
facilities supported 24-11
system name
default configuration 5-15
default setting 5-15
manual configuration 5-15
system prompt, default setting 5-14, 5-15
T
TACACS+
accounting, defined 6-11
authentication, defined 6-11
authorization, defined 6-11
configuring
accounting 6-17
authentication key 6-13
authorization 6-16
login authentication 6-14
default configuration 6-13
displaying the configuration 6-17
identifying the server 6-13
limiting the services to the user 6-16
operation of 6-12
overview 6-10
support for 1-6
tracking services accessed by user 6-17
tar files
creating B-6
displaying the contents of B-6
extracting B-8
image file format B-20
TDR 1-8
Telnet
accessing management interfaces 2-10
number of connections 1-4
setting a password 6-6
temporary self-signed certificate 6-43
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 6-6
TFTP
configuration files
downloading B-11
preparing the server B-11
uploading B-12
configuration files in base directory 3-6
configuring for autoconfiguration 3-6
image files
deleting B-23
downloading B-22
preparing the server B-21
uploading B-24
limiting access by servers 25-15
TFTP server 1-3
threshold, traffic level 19-2
time
Time Domain Reflector
time-range command 26-15
time ranges in ACLs 26-15
time stamps in log messages 24-7
time zones 5-12
Token Ring VLANs
support for 10-5
VTP support 11-4
ToS 1-7
traceroute, Layer 2
and ARP 29-11
and CDP 29-11
broadcast traffic 29-10
described 29-10
IP addresses and subnets 29-11
MAC addresses and VLANs 29-11
multicast traffic 29-11
multiple devices on a port 29-11
unicast traffic 29-10
usage guidelines 29-11
traceroute command 29-13
traffic
blocking flooded 19-7
fragmented 26-4
unfragmented 26-4
traffic policing 1-7
traffic suppression 19-1
transmit hold-count
transparent mode, VTP 11-3, 11-12
trap-door mechanism 3-2
traps
configuring MAC address notification 5-22
configuring managers 25-11
defined 25-3
notification types 25-11
troubleshooting
connectivity problems 29-9, 29-10, 29-12
detecting unidirectional links 21-1
displaying crash information 29-18
setting packet forwarding 29-16
SFP security and identification 29-8
show forward command 29-16
with CiscoWorks 25-4
with debug commands 29-14
with ping 29-9
with system message logging 24-1
with traceroute 29-12
trunking encapsulation 1-5
trunk ports
configuring 10-18
encapsulation 10-18, 10-23, 10-24
trunks
allowed-VLAN list 10-19
configuring 10-18, 10-23, 10-24
ISL 10-14
load sharing
setting STP path costs 10-23
using STP port priorities 10-22
native VLAN for untagged traffic 10-21
parallel 10-23
pruning-eligible list 10-20
to non-DTP device 10-15
trusted boundary for QoS 27-37
trusted port states
between QoS domains 27-39
classification options 27-5
ensuring port security for IP phones 27-37
support for 1-7
within a QoS domain 27-35
trustpoints, CA 6-42
twisted-pair Ethernet, detecting unidirectional links 21-1
type of service
U
UDLD
configuration guidelines 21-4
default configuration 21-4
disabling
globally 21-5
on fiber-optic interfaces 21-5
per interface 21-5
echoing detection mechanism 21-2
enabling
globally 21-5
per interface 21-5
link-detection mechanism 21-1
neighbor database 21-2
overview 21-1
resetting an interface 21-6
status, displaying 21-6
support for 1-4
unauthorized ports with IEEE 802.1x 7-7
unicast MAC address filtering 1-3
and adding static addresses 5-25
and broadcast MAC addresses 5-25
and CPU packets 5-25
and multicast addresses 5-25
and router MAC addresses 5-25
configuration guidelines 5-25
described 5-25
unicast storm 19-1
unicast storm control command 19-4
unicast traffic, blocking 19-7
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 24-10
facilities supported 24-11
message logging configuration 24-11
unrecognized Type-Length-Value (TLV) support 11-4
upgrading information
upgrading software images
UplinkFast
described 15-3
disabling 15-13
enabling 15-13
support for 1-4
uploading
configuration files
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
image files
reasons for B-19
using FTP B-27
using RCP B-32
using TFTP B-24
user EXEC mode 2-2
username-based authentication 6-6
V
version-dependent transparent mode 11-4
vlan.dat file 10-4
VLAN 1, disabling on a trunk port 10-19
VLAN 1 minimization 10-19
VLAN ACLs
vlan-assignment response, VMPS 10-25
VLAN configuration
at bootup 10-7
saving 10-7
VLAN configuration mode 2-2, 10-6
VLAN database
and startup configuration file 10-7
and VTP 11-1
VLAN configuration saved in 10-6
VLANs saved in 10-4
vlan database command 10-6
VLAN filtering and SPAN 22-6
vlan global configuration command 10-6
VLAN ID, discovering 5-26
VLAN management domain 11-2
VLAN Management Policy Server
VLAN map entries, order of 26-24
VLAN maps
applying 26-27
common uses for 26-28
configuration guidelines 26-24
configuring 26-23
creating 26-25
denying access to a server example 26-29
denying and permitting packets 26-25
displaying 26-30
examples of ACLs and VLAN maps 26-25
removing 26-27
support for 1-6
wiring closet configuration example 26-28
VLAN membership
confirming 10-28
modes 10-3
VLAN Query Protocol
VLANs
adding 10-8
adding to VLAN database 10-8
aging dynamic addresses 13-9
allowed on trunk 10-19
and spanning-tree instances 10-2, 10-6, 10-12
configuration guidelines, extended-range VLANs 10-12
configuration guidelines, normal-range VLANs 10-5
configuration options 10-6
configuring 10-1
configuring IDs 1006 to 4094 10-12
creating in config-vlan mode 10-8
creating in VLAN configuration mode 10-9
default configuration 10-7
deleting 10-9
displaying 10-13
features 1-5
illustrated 10-2
limiting source traffic with RSPAN 22-22
limiting source traffic with SPAN 22-14
modifying 10-8
multicast 18-17
native, configuring 10-21
number supported 1-5
parameters 10-4
port membership modes 10-3
static-access ports 10-10
STP and IEEE 802.1Q trunks 13-10
supported 10-2
Token Ring 10-5
traffic between 10-2
VTP modes 11-3
VLAN Trunking Protocol
VLAN trunks 10-14
VMPS
administering 10-29
configuration example 10-30
configuration guidelines 10-26
default configuration 10-26
description 10-25
dynamic port membership
described 10-26
reconfirming 10-28
troubleshooting 10-30
mapping MAC addresses to VLANs 10-25
monitoring 10-29
reconfirmation interval, changing 10-28
reconfirming membership 10-28
retry count, changing 10-29
voice-over-IP 12-1
voice VLAN
Cisco 7960 phone, port connections 12-1
configuration guidelines 12-3
configuring IP phones for data traffic
override CoS of incoming frame 12-6
trust CoS priority of incoming frame 12-6
configuring ports for voice traffic in
802.1p priority tagged frames 12-5
802.1Q frames 12-4
connecting to an IP phone 12-4
default configuration 12-3
described 12-1
displaying 12-6
IP phone data traffic, described 12-2
IP phone voice traffic, described 12-2
VTP
adding a client to a domain 11-14
and extended-range VLANs 11-1
and normal-range VLANs 11-1
client mode, configuring 11-11
configuration
global configuration mode 11-7
guidelines 11-8
privileged EXEC mode 11-7
requirements 11-9
saving 11-7
VLAN configuration mode 11-7
configuration mode options 11-7
configuration requirements 11-9
configuration revision number
guideline 11-14
resetting 11-15
configuring
client mode 11-11
server mode 11-9
transparent mode 11-12
consistency checks 11-4
default configuration 11-6
described 11-1
disabling 11-12
domain names 11-8
domains 11-2
modes
transitions 11-3
monitoring 11-16
passwords 11-8
pruning
disabling 11-14
enabling 11-14
examples 11-5
overview 11-4
support for 1-5
pruning-eligible list, changing 10-20
server mode, configuring 11-9
statistics 11-16
support for 1-5
Token Ring support 11-4
transparent mode, configuring 11-12
using 11-1
version, guidelines 11-8
Version 1 11-4
Version 2
configuration guidelines 11-8
disabling 11-13
enabling 11-13
overview 11-4
W
weighted tail drop
WTD
described 27-13
setting thresholds
egress queue-sets 27-70
ingress queues 27-66
support for 1-7
X
Xmodem protocol 29-2