Table Of Contents
A - B - C - D - E - F - G - H - I - J - L - M - N - P - Q - R - S - T - U - V - W -
Index
A
aaa authentication command 2-1
abort command 2-355
access control entries
access control lists
Access Control Parameters
access groups
IP 2-78
MAC
applying ACL to interface 2-94
displaying 2-193
access-list (IP extended) command 2-3
access-list (IP standard) command 2-6
access-list configuration mode
deny 2-47
entering 2-80
permit 2-128
access ports 2-313
ACLs
IP
applying to interface 2-78
deny 2-47
permit 2-128
MAC
applying to interface 2-94
deny 2-50
displaying 2-149
permit 2-131
ACPs, displaying 2-202
aggregate-port learner 2-125
alarm command A-6
alarm facility fcs-hysteresis command A-2
alarm facility power-supply command A-3
alarm facility temperature command A-4
alarm profile
attaching to a port A-8
creating A-6
displaying A-12
alarm profile (global configuration) command A-6
alarm profile (interface configuration) command A-8
alarm profile configuration mode A-6
allowed VLANs, setting 2-324
apply command 2-355
audience xi
autonegotiation of duplex mode 2-63
auto qos voip command 2-8
B
BackboneFast, for STP 2-263
booting, displaying environment variables 2-153
boot private-config-file command 2-11
BPDU filtering, for spanning tree 2-264, 2-296
BPDU guard, for spanning tree 2-266, 2-296
broadcast suppression level
configuring 2-309
displaying 2-232
broadcast traffic counters 2-182
C
caution, description xiii
channel-group command 2-12
channel-protocol command 2-15
class command 2-17
class-map command 2-19
class maps
creating 2-19
defining the match criteria 2-104
displaying 2-155
class of service
clear interface command 2-21
clear lacp command 2-22
clear mac address-table command 2-23
clear pagp command 2-25
clear port-security dynamic command 2-26
clear port-security sticky command 2-27
clear spanning-tree detected-protocols command 2-29
clear vmps statistics command 2-30
clear vtp counters command 2-31
cluster commander-address command 2-32
cluster discovery hop-count command 2-34
cluster enable command 2-35
cluster holdtime command 2-36
cluster management-vlan command 2-37
cluster member command 2-38
cluster run command 2-40
clusters
adding candidates 2-38
binding to HSRP 2-41
building manually 2-38
communicating with members by using Telnet 2-139
displaying
candidate switches 2-159
member switches 2-161
status 2-157
heartbeat messages
duration after which switch declared down 2-36
interval between 2-43
hop-count limit for extended discovery 2-34
HSRP standby groups 2-41
redundancy 2-41
SNMP trap 2-256
cluster standby-group command 2-41
cluster timer command 2-43
command modes defined 1-2
command switch
configuration files, private 2-11
configuring multiple interfaces 2-76 to 2-77
config-vlan mode
commands 2-343
description 1-4
entering 2-342
summary 1-2
conventions
command xii
for examples xiii
publication xii
text xii
CoS
default value, assigning to incoming packets 2-106
incoming value, overriding 2-106
priority queue, assigning values to 2-374
priority queue mapping, displaying 2-253
WRR bandwidth allocation, displaying 2-252
WRR weights, assigning to CoS priority queues 2-372
CoS-to-DSCP map
default 2-108
defining 2-108
cross-stack UplinkFast, for STP 2-300
D
debug autoqos command B-2
debug dot1x command B-4
debug etherchannel command B-5
debug pagp command B-6
debug pm command B-7
debug spanning-tree backbonefast command B-11
debug spanning-tree bpdu command B-12
debug spanning-tree bpdu-opt command B-13
debug spanning-tree command B-9
debug spanning-tree mstp command B-14
debug spanning-tree switch command B-16
debug spanning-tree uplinkfast command B-18
debug sw-vlan command B-19
debug sw-vlan ifs command B-21
debug sw-vlan notification command B-22
debug sw-vlan vtp command B-23
debug udld command B-25
define interface-range command 2-44
delete command 2-46
deny (access-list configuration) command 2-47
deny (MAC access-list configuration) command 2-50
documentation
related xiii
document conventions xii
dot1x default command 2-53
dot1x max-req command 2-54
dot1x multiple-hosts command 2-55
dot1x port-control command 2-56
dot1x re-authenicate command 2-58
dot1x re-authenication command 2-59
dot1x timeout quiet-period command 2-60
dot1x timeout re-authperiod command 2-61
dot1x timeout tx-period command 2-62
DSCP-to-CoS map
default 2-108
defining 2-108
DTP 2-314
DTP flap, error recovery timer 2-67
duplex command 2-63
dynamic-access ports, configuring 2-311
Dynamic Trunking Protocol
E
EAP-request/identity frame 2-54, 2-62
environmental alarms, displaying A-14
environment variables, displaying 2-153
errdisable detect command 2-65
errdisable recovery command 2-67
EtherChannel
assigning Ethernet interface to channel group 2-12
creating port-channel logical interface 2-75
debug messages, displaying B-5 to B-6
displaying 2-170
LACP, modes 2-12
load-distribution methods 2-137
PAgP
aggregate-port learner 2-125
clearing channel-group information 2-22, 2-25
debug messages, displaying B-6
error recovery timer 2-67
learn method 2-125
modes 2-12
priority of interface for transmitted traffic 2-127
Ethernet statistics, collecting 2-143
examples, conventions for xiii
exit command 2-355
expedite queue, QoS 2-372
extended discovery of candidate switches 2-34
extended-range VLANs
and allowed VLAN list 2-324
and pruning-eligible list 2-324
configuring 2-342
extended system ID for STP 2-270
Extensible Authentication Protocol-request/identity frame
See EAP-request/identity frame
F
facility alarm relays, displaying A-18
facility alarm status, displaying A-19
fan information, displaying 2-167
FCS bit error rate
fluctuation threshold A-2
FCS bit error rate, displaying A-20
FCS bit error rate, setting A-9
FCS hysteresis threshold A-2
fcs-threshold command A-9
file name, VTP 2-362
files, deleting 2-46
flowcontrol command 2-69
flow-control packets
receiving 2-69
sending 2-69
frame check sequence. See FCS.
G
global configuration mode 1-2, 1-4
H
heartbeat messages
duration after which switch declared dead 2-36
interval between 2-43
holdtime for clusters 2-36
hop-count limit for clusters 2-34
Hot Standby Router Protocol
HSRP
binding HSRP group to cluster 2-41
standby group 2-41
I
IEEE 802.1X commands
authentication methods 2-1
debugging B-4
displaying settings 2-163
EAP-request/identity frame
response time 2-62
sending 2-54
manual control 2-56
multiple hosts 2-55
quiet state, setting 2-60
re-authenticaton
initiating 2-58
periodic 2-59
re-authenticaton attempts, interval between 2-61
resetting parameters 2-53
IGMP snooping
adding ports statically 2-90
configuration, displaying 2-187
enabling 2-83
Immediate-Leave processing 2-87
MAC address tables 2-198
multicast router ports, displaying 2-189
multicast routers 2-88
per VLAN 2-86
source-only-learning 2-84
Immediate-Leave feature, MVR 2-119
Immediate-Leave processing 2-87
interface command 2-73
interface configuration mode 1-2, 1-4
interface port-channel command 2-75
interface range command 2-76
interface-range macros 2-44
interfaces
assigning Ethernet interface to channel group 2-12
configuring 2-63
configuring multiple 2-76 to 2-77
creating port-channel logical 2-75
disabling 2-254
restarting 2-254
invalid GBIC
error detection for 2-65
error recovery timer 2-67
ip access-group command 2-78
ip access-list command 2-80
ip address command 2-82
ip addresses, setting 2-82
ip igmp snooping command 2-83
ip igmp snooping source-only-learning command 2-84
ip igmp snooping vlan command 2-86
ip igmp snooping vlan immediate-leave command 2-87
ip igmp snooping vlan mrouter command 2-88
ip igmp snooping vlan static command 2-90
IP multicast addresses 2-116
J
jumbo frames
displaying setting 2-235
setting switch for 2-329
L
LACP
lacp port-priority command 2-92
lacp system-priority command 2-93
Layer 2 protocol-tunnel
error recovery timer 2-67
Layer 2 traceroute
IP addresses 2-334
MAC addresses 2-331
line configuration mode 1-3, 1-5
Link Aggregation Control Protocol
link flap
enable error detection for 2-65
enable timer to recover from error state 2-67
load-distribution methods for EtherChannel 2-137
logical interface 2-75
loop guard, for spanning tree 2-272, 2-275
M
mac access-group command 2-94
MAC access-list configuration mode
deny 2-50
entering 2-96
permit 2-131
mac access-list extended command 2-96
MAC ACLs
deny 2-50
permit 2-131
MAC addresses
and port security 2-317
clearing notification global counters 2-23
displaying
aging time 2-195
dynamic 2-195
multicast entries 2-198
notification setting 2-200
number of addresses 2-195
per interface 2-195
per VLAN 2-195
secure 2-220
static 2-195
dynamic
aging time 2-98
deleting 2-23
displaying 2-195
enabling MAC address notification 2-100
secure
adding 2-317
displaying 2-220
static
adding 2-102
displaying 2-195
sticky
configuring manually 2-317
enabling sticky learning 2-317
learning dynamically 2-317
mac address-table aging-time command 2-98
mac address-table notification command 2-100
mac address-table static command 2-102
MAC-named extended ACLs 2-96
MAC notification feature
clearing global counters 2-23
configuring 2-100
enabling 2-100
macros, interface range 2-44
manual
audience xi
organization of xii
purpose of xi
maps, QoS
defining 2-108
displaying 2-206
masks
match (class-map configuration) command 2-104
maximum transmission unit
member switches
mls qos cos command 2-106
mls qos map command 2-108
mls qos trust command 2-110
mode, MVR 2-116
monitor session command 2-113
MSTP
displaying 2-228
interoperability 2-29
link type 2-274
MST region
aborting changes 2-278
applying changes 2-278
configuration name 2-278
configuration revision number 2-278
current or pending display 2-278
displaying 2-228
MST configuration mode 2-278
VLANs-to-instance mapping 2-278
path cost 2-280
protocol mode 2-277
restart protocol migration process 2-29
root port
loop guard 2-272
preventing from becoming designated 2-272
restricting which can be root 2-272
root guard 2-272
root switch
affects of extended system ID 2-270
interval between BDPU messages 2-285
interval between hello BPDU messages 2-283, 2-292
max-age 2-285
maximum hop count before discarding BPDU 2-287
port priority for selection of 2-289
primary or secondary 2-292
switch priority 2-291
state changes
blocking to forwarding state 2-298
enabling BPDU filtering 2-264, 2-296
enabling BPDU guard 2-266, 2-296
enabling Port Fast 2-296, 2-298
forward-delay time 2-282
length of listening and learning states 2-282
rapid transition to forwarding 2-274
shutting down Port Fast-enabled ports 2-296
state information display 2-227
MTU
configuring size 2-329
displaying global setting 2-235
multicast groups
multicast groups, MVR 2-117
multicast router learning method 2-88
multicast router ports, configuring 2-88
multicast suppression level
configuring 2-309
displaying 2-232
enabling 2-309
multicast traffic counters 2-182
multicast VLAN, MVR 2-117
multicast VLAN registration
Multiple Spanning Tree Protocol
MVR
configuring 2-116
configuring interfaces 2-121
displaying 2-210
Immediate Leave feature 2-119
receiver port 2-121
source port 2-121
mvr command 2-116
mvr group command 2-117
mvr immediate command 2-119
mvr type command 2-121
mvr vlan group command 2-123
N
native VLANs, configuring 2-324
nonegotiate, speed 2-307
normal-range VLANs 2-342, 2-348
note, description xiii
notifies command A-6
P
PAgP
pagp learn-method command 2-125
pagp port-priority command 2-127
password, VTP 2-362, 2-366, 2-368
permit (access-list configuration) command 2-128
permit (MAC access-list configuration) command 2-131
PIM-DVMRP, as multicast router learning method 2-88
police command 2-133
policy-map command 2-135
policy maps
applying to an interface 2-145
creating 2-135
displaying 2-218
policers
displaying 2-204
for a single class 2-133
traffic classification
defining the class 2-17
defining the trust states 2-110
setting DSCP values 2-147
Port Aggregation Protocol
port-channel load-balance command 2-137
Port Fast, for spanning tree 2-298
port ranges, defining 2-44
ports, debug messages, display B-7
port security
aging 2-320
displaying 2-220
enabling 2-317
violation error recovery timer 2-67
port trust states for QoS 2-110
power supply alarms, setting A-3
power-supply dual command A-10
power-supply mode A-10
primary temperature alarm A-4
private configuration files 2-11
privileged EXEC mode 1-2 to 1-3
protected ports
displaying 2-180
enabling 2-323
pruning
VLANs 2-324
VTP
displaying interface information 2-176
publications, related xiii
Q
QoS
ACPs, displaying 2-202
automatic configuration 2-8
class maps
creating 2-19
defining the match criteria 2-104
displaying 2-155
configuration information, displaying 2-204
defining the CoS value for an incoming packet 2-106
displaying configuration information 2-151
maps
defining 2-108
displaying 2-206
policers, displaying 2-204
policy maps
applying to an interface 2-145
creating 2-135
defining policers 2-133
displaying policy maps 2-218
setting DSCP values 2-147
traffic classifications 2-17
port trust states 2-110
queues
CoS-to-egress-queue map 2-374
expedite 2-372
WRR weights 2-372
quality of service
querytime, MVR 2-116
R
rcommand command 2-139
receiver port, MVR 2-121
receiving flow-control packets 2-69
recovery mechanism
causes 2-67
displaying 2-168
timer interval 2-67
redundancy for cluster switches 2-41
relay-major command A-6
relay-minor command A-6
remote-span command 2-141
Remote Switched Port Analyzer
reset command 2-355
rmon collection stats command 2-143
root guard, for spanning tree 2-272
RPS status display 2-223
RSPAN
configuring 2-113
displaying 2-208
filter RSPAN traffic 2-113
remote-span command 2-141
sessions
add interfaces to 2-113
displaying 2-208
start new 2-113
S
secondary temperature alarm A-4
sending flow-control packets 2-69
service-policy command 2-145
set command 2-147
show access-lists command 2-149
show alarm description port command A-11
show alarm profile command A-12
show alarm settings command A-14
show auto qos command 2-151
show boot command 2-153
show changes command 2-355
show class-map command 2-155
show cluster candidates command 2-159
show cluster command 2-157
show cluster members command 2-161
show current command 2-355
show dot1x command 2-163
show env command 2-167
show env power command A-16
show env temperature command A-16
show errdisable recovery command 2-168
show etherchannel command 2-170
show facility-alarm relay command A-18
show facility-alarm status command A-19
show fcs threhsold command A-20
show file command 2-173
show interfaces command 2-176
show interfaces counters command 2-182
show ip access-list command 2-185
show ip igmp snooping command 2-187
show ip igmp snooping mrouter command 2-189
show lacp command 2-191
show mac access-group command 2-193
show mac-address-table command 2-195
show mac-address-table multicast command 2-198
show mac-address-table notification command 2-200
show mls masks 2-202
show mls qos interface command 2-204
show mls qos maps command 2-206
show monitor command 2-208
show mvr command 2-210
show mvr interface command 2-212
show mvr members command 2-214
show pagp command 2-216
show policy-map command 2-218
show port-security command 2-220
show proposed command 2-355
show rps command 2-223
show running-config vlan command 2-225
show spanning-tree command 2-227
show storm-control command 2-232
show system mtu command 2-235
show udld command 2-236
show version command 2-239
show vlan command 2-240
show vlan command fields 2-241
show vmps command 2-244
show vtp command 2-247
show wrr-queue bandwidth command 2-252
show wrr-queue cos-map command 2-253
shutdown command 2-254
shutdown vlan command 2-255
SNMP host, specifying 2-258
snmp-server enable traps command 2-256
snmp-server host command 2-258
snmp trap mac-notification command 2-261
SNMP traps
enabling MAC address notification 2-100
enabling MAC address notification traps 2-256, 2-261
enabling the sending of traps 2-256
software images, deleting 2-46
software version, displaying 2-239
source ports, MVR 2-121
SPAN
configuring 2-113
displaying 2-208
filter SPAN traffic 2-113
sessions
add interfaces to 2-113
displaying 2-208
start new 2-113
spanning-tree backbonefast command 2-263
spanning-tree bpdufilter command 2-264
spanning-tree bpduguard command 2-266
spanning-tree cost command 2-268
spanning-tree extend system-id command 2-270
spanning-tree guard command 2-272
spanning-tree link-type command 2-274
spanning-tree loopguard default command 2-275
spanning-tree mode command 2-277
spanning-tree mst configuration command 2-278
spanning-tree mst cost command 2-280
spanning-tree mst forward-time command 2-282
spanning-tree mst hello-time command 2-283
spanning-tree mst max-age command 2-285
spanning-tree mst max-hops command 2-287
spanning-tree mst port-priority command 2-289
spanning-tree mst priority command 2-291
spanning-tree mst root command 2-292
spanning-tree portfast (global configuration) command 2-296
spanning-tree portfast (interface configuration) command 2-298
spanning-tree port-priority command 2-294
Spanning Tree Protocol
spanning-tree stack-port command 2-300
spanning-tree uplinkfast command 2-302
spanning-tree vlan command 2-304
speed command 2-307
static-access ports, configuring 2-311
statistics, Ethernet group 2-143
sticky learning, enabling 2-317
storm control
broadcast, enabling 2-309
displaying 2-232
multicast, enabling 2-309
unicast, enabling 2-309
storm-control command 2-309
STP
BackboneFast 2-263
debug message display
BackboneFast events B-11
MSTP B-14
optimized BPDUs handling B-13
spanning-tree activity B-9
switch shim B-16
transmitted and received BPDUs B-12
UplinkFast B-18
detection of indirect link failures 2-263
extended system ID 2-270
path cost 2-268
protocol mode 2-277
root port
accelerating choice of new 2-302
accelerating choice of new root in a stack 2-300
cross-stack UplinkFast 2-300
loop guard 2-272
preventing from becoming designated 2-272
restricting which can be root 2-272
root guard 2-272
UplinkFast 2-302
root switch
affects of extended system ID 2-270, 2-305
hello-time 2-304
interval between BDPU messages 2-304
interval between hello BPDU messages 2-304
max-age 2-304
port priority for selection of 2-294
primary or secondary 2-304
switch priority 2-304
state changes
blocking to forwarding state 2-298
enabling BPDU filtering 2-264, 2-296
enabling BPDU guard 2-266, 2-296
enabling Port Fast 2-296, 2-298
enabling timer to recover from error state 2-67
forward-delay time 2-304
length of listening and learning states 2-304
shutting down Port Fast-enabled ports 2-296
state information display 2-227
Switched Port Analyzer
switching characteristics
modifying 2-315
returning to interfaces 2-315
switchport access command 2-311
switchport mode command 2-313
switchport nonegotiate command 2-315
switchport port-security aging command 2-320
switchport port-security command 2-317
switchport priority extend command 2-322
switchport protected command 2-323
switchports, displaying 2-176
switchport trunk command 2-324
switchport voice vlan command 2-327
syslog command A-6
system mtu command 2-329
T
Telnetting to cluster switches 2-139
temperature alarms, setting A-4
test relay command A-21
tips, description xiii
traceroute, Layer 2
See Layer 2 traceroute 2-331
traceroute mac command 2-331
traceroute mac ip command 2-334
trunk ports, configuring 2-313
trunks, to non-DTP device 2-314
trusted boundary for QoS 2-110
U
UDLD
debug messages, displaying B-25
enabling globally 2-337
enabling per interface 2-339
error recovery timer 2-67
message timer 2-337
resetting shutdown interfaces 2-341
status 2-236
udld (global interface) command 2-337
udld (interface configuration) command 2-339
udld reset command 2-341
unicast suppression level
configuring 2-309
displaying 2-232
enabling 2-309
unicast traffic counters 2-182
UniDirectional Link Detection
UplinkFast, for STP 2-302
V
vlan (global configuration) command 2-342
vlan (VLAN configuration) command 2-348
VLAN configuration
VLAN configuration mode
commands
VLAN 2-348
VTP 2-368
entering 2-354
summary 1-3
vlan database command 2-354
VLAN Query Protocol
VLANs
adding 2-342
debug message display
ISL B-22
VLAN IOS file system error tests B-21
VLAN manager activity B-19
VTP B-23
displaying configurations 2-240
extended-range 2-342
MAC addresses
displaying 2-195
number of 2-195
saving the configuration 2-342
shutting down 2-255
SNMP traps for VTP 2-256, 2-259
variables 2-348
VMPS
configuring servers 2-360
reconfirming dynamic VLAN assignments 2-358
vmps reconfirm (global configuration) command 2-357
vmps reconfirm (privileged EXEC) command 2-358
vmps retry command 2-359
vmps server command 2-360
voice VLAN
configuring 2-327
setting port priority 2-322
VQP
and dynamic-access ports 2-312
clearing client statistics 2-30
displaying information 2-244
per-server retry count 2-359
reconfirmation interval 2-357
reconfirming dynamic VLAN assignments 2-358
VTP
changing characteristics 2-362
clearing pruning counters 2-31
clearing VTP counters 2-31
configuring
file name 2-362
counters display fields 2-248
displaying information 2-247
enabling
saving the configuration 2-343, 2-352
status display fields 2-249
vtp (global configuration) command 2-362
vtp (privileged EXEC) command 2-366
vtp (VLAN configuration) command 2-368
W
WRR, assigning weights to egress queues 2-372
wrr-queue bandwidth command 2-372
wrr-queue cos-map command 2-374