-
Catalyst 2970 Switch Software Configuration Guide, 12.1(11)AX
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Getting Started with CMS
-
Assigning the Switch IP Address and Default Gateway
-
Clustering Switches
-
Administering the Switch
-
Configuring 802.1X Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring VLANs
-
Configuring VTP
-
Configuring Voice VLAN
-
Configuring STP
-
Configuring Optional Spanning-Tree Features
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Troubleshooting
-
Supported MIBs
-
Working with the IOS File System, Configuration Files, and Software Images
-
Unsupported CLI Commands in Release 12.1(11)AX
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
802.1D
802.1Q
and trunk ports 8-3
configuration limitations 9-17
encapsulation 9-15
native VLAN for untagged traffic 9-21
trunk mode 3-8
802.1X
802.3Z flow control 8-11
A
abbreviating commands 2-4
AC (command switch) 5-10, 5-18
access-class command 22-15
access control entries
access-denied response, VMPS 9-26
accessing
clusters, switch 5-13
CMS 3-26
command switches 5-11
HTTP port 3-28
member switches 5-13
switch clusters 5-13
access lists
access ports
defined 8-3
in switch clusters 5-9
accounting
with RADIUS 6-28
ACEs
and QoS 23-7
defined 22-1
Ethernet 22-2
IP 22-2
ACLs
ACEs 22-1
any keyword 22-8
applying
time ranges to 22-13
to QoS 23-7
classifying traffic for QoS 23-28
comments in 22-15
examples of 23-28
extended IP
configuring for QoS classification 23-29
creating 22-7
matching criteria 22-4
host keyword 22-9
IP
creating 22-4
fragments and QoS guidelines 23-21
implicit deny 22-6, 22-10, 22-12
implicit masks 22-6
ACLs (continued)
matching criteria 22-4
named 22-11
virtual terminal lines, setting on 22-15
matching 22-4
monitoring 22-25
named 22-11
number per QoS class map 23-21
numbers 22-5
standard IP
configuring for QoS classification 23-28
creating 22-6
matching criteria 22-4
support for 1-5
time ranges 22-13
unsupported features 22-4
VLAN maps
configuration guidelines 22-17
configuring 22-16
defined 22-2
address aliasing 14-2
addresses
displaying the MAC address table 6-58
dynamic
accelerated aging 12-9
changing the aging time 6-54
default aging 12-9
defined 6-53
learning 6-53
removing 6-55
multicast, STP address management 12-8
static
adding and removing 6-57
defined 6-53
Address Resolution Protocol
advertisements
CDP 16-1
aggregated ports
aggregate policers 23-36
aggregate policing 1-5
aging, accelerating 12-9
aging time
accelerated for STP 12-9, 12-18
MAC address table 6-54
maximum for STP 12-19
alarms, RMON 19-3
allowed-VLAN list 9-19
Apply button 3-26
ARP
support for 1-3
attributes, RADIUS
vendor-proprietary 6-30
vendor-specific 6-29
audience xxiii
authentication
local mode with AAA 6-32
NTP associations 6-36
RADIUS
key 6-21
login 6-23
See also port-based authentication
TACACS+
defined 6-11
key 6-13
login 6-14
authoritative time source, described 6-34
authorization
with RADIUS 6-27
authorized ports with 802.1X 7-4
autoconfiguration 4-3
automatic discovery
adding member switches 5-16
considerations
beyond a non-candidate device 5-8
brand new switches 5-9
connectivity 5-5
different VLANs 5-7
management VLANs 5-8
non-CDP-capable devices 5-6
non-cluster-capable devices 5-6
creating a cluster standby group 5-18
in switch clusters 5-5
automatic recovery, clusters 5-10
autonegotiation
duplex mode 1-2
interface configuration guidelines 8-10
mismatches 25-12
autosensing, port speed 1-2
auxiliary VLAN
availability, features 1-4
B
BackboneFast
described 13-5
enabling 13-13
support for 1-4
bandwidth graphs 3-7
banners
configuring
login 6-52
message-of-the-day login 6-51
default configuration 6-50
when displayed 6-50
blocking packets 15-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-14
boot loader
accessing 4-15
described 4-2
environment variables 4-15
prompt 4-15
trap-door mechanism 4-2
BPDU
error-disabled state 13-3
filtering 13-3
BPDU filtering
described 13-3
enabling 13-11
BPDU guard
described 13-3
enabling 13-10
support for 1-4
bridge protocol data unit
broadcast storm-control command 15-3
broadcast storms 15-1
browser configuration 3-1
buttons, CMS 3-26
C
cables, monitoring for unidirectional links 17-1
Cancel button 3-26
candidate switch
adding 5-16
automatic discovery 5-5
defined 5-4
HC 5-18
passwords 5-16
candidate switch (continued)
requirements 5-4
standby group 5-18
See also command switch, cluster standby group, and member switch
caution, described xxiv
CC (command switch) 5-18
CDP
automatic discovery in switch clusters 5-5
configuring 16-2
default configuration 16-2
described 16-1
disabling for routing device 16-3, 16-4
enabling and disabling
on an interface 16-4
on a switch 16-3
monitoring 16-5
overview 16-1
support for 1-3
transmission timer and holdtime, setting 16-2
updates 16-2
CGMP
as IGMP snooping learning method 14-7
joining multicast group 14-3
change notification, CMS 3-29
Cisco 7960 IP Phone 11-1
Cisco Discovery Protocol
Cisco Technical Assistance Center xxvii
class maps for QoS
configuring 23-31
described 23-7
displaying 23-55
class of service
clearing interfaces 8-14
CLI
abbreviating commands 2-4
command modes 2-1
described 1-3
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-9
error messages 2-5
filtering command output 2-9
getting help 2-3
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 5-21
no and default forms of commands 2-4
client mode, VTP 10-3
clock
Cluster Management Suite
clusters, switch
accessing 5-13
adding member switches 5-16
automatic discovery 5-5
automatic recovery 5-10
benefits 1-1
command switch configuration 5-15
compatibility 5-4
creating 5-15
creating a cluster standby group 5-18
described 5-1
managing
through CLI 5-21
through SNMP 5-22
clusters, switch (continued)
planning 5-4
planning considerations
automatic discovery 5-5
automatic recovery 5-10
CLI 5-21
host names 5-13
IP addresses 5-13
passwords 5-13
RADIUS 5-14
switch-specific features 5-15
TACACS+ 5-14
redundancy 5-18
troubleshooting 5-20
verifying 5-19
cluster standby group
automatic recovery 5-12
considerations 5-11
creating 5-18
defined 5-2
requirements 5-3
virtual IP address 5-11
cluster tree
described 3-5
icons 3-5
CMS
accessing 3-26
benefits 1-1
change notification 3-29
cluster tree 3-5
different versions of 3-30
displaying system messages 3-16
error checking 3-29
CMS (continued)
features 3-2
Front Panel images 3-5
Front Panel view 3-4
interaction modes 3-22
menu bar 3-14
online help 3-23
requirements 3-26
saving configuration changes 3-29
toolbar 3-17
tool tips 3-23
Topology view 3-9
verifying configuration changes 3-29
window components 3-25
wizards 3-23
collapsed cluster view 3-11
command-line interface
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
setting privilege levels 6-8
command switch
accessing 5-11
command switch with HSRP disabled (CC) 5-18
configuration conflicts 25-12
defined 5-2
enabling 5-15
password privilege levels 5-21
priority 5-10
recovery
from command-switch failure 5-10
from failure 25-8
from lost member connectivity 25-12
command switch (continued)
replacing
with another switch 25-11
with cluster member 25-9
requirements 5-3
See also candidate switch, cluster standby group, member switch, and standby command switch
community strings
for cluster switches 21-4
in clusters 5-14
overview 21-3
SNMP 5-14
config.text 4-12
configuration, switch, saving changes 3-29
configuration conflicts, recovering from lost member connectivity 25-12
configuration examples, network 1-9
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 4-12
deleting a stored configuration B-19
described B-8
downloading
automatically 4-12
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 21-10
obtaining with DHCP 4-7
password recovery disable considerations 6-5
specifying the filename 4-13
system contact and location information 21-10
configuration files (continued)
types and location B-9
uploading
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
configuration settings, saving 4-10
configure terminal command 8-5
conflicts, configuration 25-12
connectivity problems 25-13
consistency checks in VTP version 2 10-4
console port, connecting to 2-10
conventions
command xxiv
for examples xxiv
publication xxiv
text xxiv
corrupted software, recovery steps with XMODEM 25-2
CoS
in Layer 2 frames 23-2
override priority 11-5
trust priority 11-5
CoS input queue threshold map for QoS 23-14
CoS output queue threshold map for QoS 23-16
CoS-to-DSCP map for QoS 23-38
counters, clearing interface 8-14
crashinfo file 25-19
CWDM GBIC modules, wavelength colors on CMS 3-6
D
daylight saving time 6-45
debugging
enabling all system diagnostics 25-17
debugging (continued)
enabling for a specific feature 25-16
redirecting error message output 25-17
using commands 25-16
default commands 2-4
default configuration
802.1X 7-6
banners 6-50
booting 4-12
CDP 16-2
DNS 6-49
EtherChannel 24-7
IGMP filtering 14-18
IGMP snooping 14-5
initial switch information 4-3
Layer 2 interfaces 8-9
MAC address table 6-54
MVR 14-14
NTP 6-36
optional spanning-tree features 13-9
password and privilege level 6-2
QoS 23-18
RADIUS 6-20
RMON 19-3
RSPAN 18-9
SNMP 21-5
SPAN 18-9
STP 12-10
system message logging 20-3
system name and prompt 6-47
TACACS+ 6-13
UDLD 17-3
VLAN, Layer 2 Ethernet interfaces 9-17
VLANs 9-7
VMPS 9-27
voice VLAN 11-3
VTP 10-6
default gateway 4-10
deleting VLANs 9-10
description command 8-12
designing your network, examples 1-9
destination addresses, in ACLs 22-8
destination-IP address based forwarding, EtherChannel 24-6
destination-MAC address forwarding, EtherChannel 24-5
detecting indirect link failures, STP 13-5
device discovery protocol 16-1
device icons, Front Panel view 3-5
device information 3-12
Device Manager 3-2
device pop-up menu
Front Panel view 3-18
Topology view 3-20
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-6
relay device 4-6
server-side 4-5
TFTP server 4-5
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
overview 4-3
relationship to BOOTP 4-3
relay support 1-3
support for 1-3
Differentiated Services architecture, QoS 23-1
Differentiated Services Code Point 23-2
directed unicast requests 1-3
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, clusters
display options, Topology view 3-13
Disqualification Code option 3-22
DNS
and DHCP-based autoconfiguration 4-6
default configuration 6-49
displaying the configuration 6-50
overview 6-48
setting up 6-49
support for 1-3
documentation
feedback xxvi
obtaining
CD-ROM xxv
world wide web xxv
ordering xxvi
related xxv
document conventions xxiv
domain names
DNS 6-48
VTP 10-8
Domain Name System
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-24
reasons for B-20
using FTP B-26
using RCP B-31
using TFTP B-23
DSCP input queue threshold map for QoS 23-14
DSCP output queue threshold map for QoS 23-16
DSCP-to-CoS map for QoS 23-41
DSCP-to-DSCP-mutation map for QoS 23-42
dynamic access mode 3-8
dynamic access ports
characteristics 9-3
configuring 9-29
defined 8-3
dynamic addresses
dynamic auto trunking mode 9-16
dynamic desirable trunking mode 9-16
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 9-27
troubleshooting 9-31
types of connections 9-29
Dynamic Trunking Protocol
E
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-9
enable password 6-4
enable secret password 6-4
encryption for passwords 6-4
environment variables
function of 4-16
error checking, CMS 3-29
error messages during command entry 2-5
EtherChannel
automatic creation of 24-3
channel groups
binding physical and logical interfaces 24-3
numbering of 24-3
configuration guidelines 24-8
configuring Layer 2 interfaces 24-8
default configuration 24-7
described 24-2
displaying status 24-13
forwarding methods 24-5, 24-10
interaction
with STP 24-8
with VLANs 24-8
number of interfaces per 24-2
PAgP
aggregate-port learners 24-11
compatibility with Catalyst 1900 24-11
described 24-3
displaying status 24-13
interaction with other features 24-5
learn method and priority configuration 24-11
modes 24-4
silent mode 24-5
support for 1-2
port-channel interfaces
described 24-3
numbering of 24-3
port groups 8-4
support for 1-2
Ethernet VLANs
adding 9-8
defaults and ranges 9-7
modifying 9-8
events, RMON 19-3
examples
conventions for xxiv
network configuration 1-9
expanded cluster view 3-10
expert mode 3-22
extended-range VLANs
configuration guidelines 9-12
configuring 9-12
defined 9-1
extended system ID for STP 12-4, 12-12
Extensible Authentication Protocol over LAN 7-1
F
fan fault indication 3-5
feedback to Cisco Systems, web xxvi
fiber-optic, detecting unidirectional links 17-1
files
copying B-4
crashinfo
description 25-19
displaying the contents of 25-19
location 25-19
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 22-16
non-IP traffic 22-17
show and more command output 2-9
filtering show and more command output 2-9
filters, IP
Flash device, number of B-1
flooded traffic, blocking 15-6
flow-based packet classification 1-5
flowcharts
QoS classification 23-6
QoS egress queueing and scheduling 23-15
QoS ingress queueing and scheduling 23-13
QoS policing and marking 23-9
forward-delay time, STP 12-18
Front Panel images, CMS 3-5
Front Panel view
cluster tree 3-5
command switch 3-4
described 3-4
pop-up menus 3-18
port icons 3-6
port LEDs 3-7
RPS LED 3-7
switch images 3-5
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-15
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 21-3
get-next-request operation 21-3, 21-4
get-request operation 21-3, 21-4
get-response operation 21-3
global configuration mode 2-2
graphs, bandwidth 3-7
guide
audience xxiii
purpose of xxiii
H
HC (candidate switch) 5-18
hello time, STP 12-17
help, for the command line 2-3
Help button, CMS 3-26
Help Contents 3-23
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 20-9
host name list, CMS 3-25
host names
abbreviations appended to 5-18
in clusters 5-13
hosts, limit on dynamic ports 9-31
HP OpenView 1-3
HSRP
automatic cluster recovery 5-12
cluster standby group considerations 5-11
See also clusters, cluster standby group, and standby command switch
Hypertext Transfer Protocol
I
ICMP
time exceeded messages 25-14
traceroute and 25-14
ICMP ping
executing 25-13
overview 25-13
icons
cluster tree 3-5
colors
cluster tree 3-5
Topology view 3-12
Front Panel view 3-6
toolbar 3-17
Topology view 3-11
IEEE 802.1P 11-1
IFS 1-3
IGMP
joining multicast group 14-3
join messages 14-3
leave processing, enabling 14-10
leaving multicast group 14-4
queries 14-3
support for 1-2
IGMP filtering
configuring 14-18
default configuration 14-18
described 14-18
monitoring 14-21
support for 1-2
IGMP groups, setting the maximum number 14-21
IGMP profile
applying 14-20
configuration mode 14-18
configuring 14-19
IGMP snooping
and address aliasing 14-2
configuring 14-5
default configuration 14-5
definition 14-2
enabling and disabling 14-6
global configuration 14-6
Immediate Leave 14-5
method 14-6
monitoring 14-11
support for 1-2
VLAN configuration 14-6
Immediate-Leave, IGMP 14-5
initial configuration
defaults 1-7
See also hardware installation guide
interaction modes, CMS 3-22
interface
number 8-5
range macros 8-7
interface command 8-5
interface configuration mode 2-3
interfaces
configuration guidelines 8-10
configuring 8-5
configuring speed 8-10
counters, clearing 8-14
described 8-12
descriptive name, adding 8-12
displaying information about 8-14
flow control 8-11
management 1-3
monitoring 8-14
naming 8-12
physical, identifying 8-5
range of 8-6
interfaces (continued)
restarting 8-15
shutting down 8-15
supported 8-5
types of 8-1
interfaces range macro command 8-7
interface types 8-5
Inter-Switch Link
inventory, cluster 5-19
IOS File System
IP ACLs
extended, creating 22-7
for QoS classification 23-7
implicit deny 22-6, 22-10, 22-12
implicit masks 22-6
named 22-11
standard, creating 22-6
virtual terminal lines, setting on 22-15
IP addresses
cluster access 5-2
command switch 5-3, 5-11, 5-13
redundant clusters 5-11
standby command switch 5-11, 5-13
ip igmp profile command 14-18
IP information
assigned
manually 4-9
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP phones
and QoS 11-1
configuring 11-4
IP precedence 23-2
IP-precedence-to-DSCP map for QoS 23-39
IP protocols in ACLs 22-8
IP traceroute
executing 25-15
overview 25-14
ISL
and trunk ports 8-3
trunk mode 3-8
J
Java plug-in configuration 3-1
join messages, IGMP 14-3
L
Layer 2 frames, classification with CoS 23-2
Layer 2 interfaces, default configuration 8-9
Layer 2 trunks 9-15
Layer 3 packets, classification methods 23-2
leave processing, IGMP 14-10
LEDs
port modes 3-7
RPS 3-7
legend, CMS icons and labels 3-17
line configuration mode 2-3
link information 3-12
link pop-up menu, Topology view 3-19
links, unidirectional 17-1
lists, CMS 3-26
Logical Link Content window 3-20
login authentication
with RADIUS 6-23
with TACACS+ 6-14
login banners 6-50
log messages
Long-Reach Ethernet (LRE) technology 1-10
loop guard
described 13-8
enabling 13-14
M
MAC addresses
aging time 6-54
and VLAN association 6-54
building the address table 6-53
default configuration 6-54
displaying 6-58
dynamic
learning 6-53
removing 6-55
in ACLs 22-17
static
adding 6-58
characteristics of 6-57
removing 6-58
MAC address notification, support for 1-6
MAC address-to-VLAN mapping 9-26
MAC extended access lists 22-17, 23-5, 23-30
manageability features 1-3
management access
in-band
browser session 1-3
CLI session 1-3
SNMP 1-3
out-of-band console port connection 1-3
management options
benefits 1-1
clustering 1-2
CMS 1-1
CLI 2-1
CMS 3-1
overview 1-3
management VLAN
considerations in switch clusters 5-8
discovery through different management VLANs 5-8
mapping tables for QoS
configuring
CoS-to-DSCP 23-38
DSCP 23-38
DSCP-to-CoS 23-41
DSCP-to-DSCP-mutation 23-42
IP-precedence-to-DSCP 23-39
policed-DSCP 23-40
described 23-10
marking
action in policy map 23-33
action with aggregate policers 23-36
matching, ACLs 22-4
maximum aging time, STP 12-19
membership mode, VLAN port 3-8, 9-3
member switch
adding 5-16
automatic discovery 5-5
defined 5-2
managing 5-21
passwords 5-13
recovering from lost connectivity 25-12
requirements 5-4
See also candidate switch, cluster standby group, and standby command switch
menu bar
described 3-14
variations 3-14
messages
system 3-16
to users through banners 6-50
MIBs
accessing files with FTP A-3
location of files A-3
overview 21-1
SNMP interaction with 21-4
supported A-1
mirroring traffic for analysis 18-1
mismatches, autonegotiation 25-12
Mode button 3-7
modes
port 3-7
VLAN port membership 3-8
Modify button 3-26
module number 8-5
monitoring
ACL configuration 22-25
cables for unidirectional links 17-1
CDP 16-5
features 1-6
IGMP
filters 14-21
snooping 14-11
interfaces 8-14
multicast router interfaces 14-11
MVR 14-17
network traffic for analysis with probe 18-2
port
blocking 15-12
protection 15-12
speed and duplex mode 8-10
traffic flowing among switches 19-1
traffic suppression 15-12
VLAN
filters 22-25
maps 22-25
VLANs 9-14
VMPS 9-30
VTP 10-16
multicast groups
Immediate Leave 14-5
joining 14-3
leaving 14-4
static joins 14-9
multicast packets, blocking 15-6
multicast router interfaces, monitoring 14-11
multicast router ports, adding 14-8
multicast storm-control command 15-3
multicast storms 15-1
Multicast VLAN Registration
multiple links in Topology view 3-20
MVR
and address aliasing 14-15
configuring interfaces 14-16
default configuration 14-14
described 14-12
modes 14-15
monitoring 14-17
setting global parameters 14-15
support for 1-2
N
named IP ACLs 22-11
native VLAN
configuring 9-21
default 9-21
negotiate trunk mode 3-8
neighboring devices, types of 3-11
network configuration examples
increasing network performance 1-9
providing network services 1-10
small to medium-sized network 1-13
network design
performance 1-9
services 1-10
network management
CDP 16-1
RMON 19-1
SNMP 21-1
Network Time Protocol
no commands 2-4
non-IP traffic filtering 22-17
nontrunking mode 9-16
normal-range VLANs
configuration modes 9-6
defined 9-1
note, described xxiv
NTP
associations
authenticating 6-36
defined 6-34
enabling broadcast messages 6-38
peer 6-37
server 6-37
default configuration 6-36
displaying the configuration 6-42
overview 6-34
restricting access
creating an access group 6-40
disabling NTP services per interface 6-41
source IP address, configuring 6-41
stratum 6-34
support for 1-3
synchronizing devices 6-37
time
services 6-34
synchronizing 6-34
O
OK button 3-26
online help 3-23
options, management 1-3
out-of-profile markdown 1-5
overheating indication, switch 3-5
P
packet modification, with QoS 23-17
PAgP
passwords
default configuration 6-2
disabling recovery of 6-5
encrypting 6-4
for security 1-4
in CMS 3-26
overview 6-1
recovery of 25-4
setting
enable 6-3
enable secret 6-4
Telnet 6-6
with usernames 6-7
VTP domain 10-8
path cost, STP 12-16
PC (passive command switch) 5-10, 5-18
performance, network design 1-9
performance features 1-2
per-VLAN Spanning Tree (PVST) 12-8
per-VLAN spanning tree plus (PVST+) 12-8
physical ports 8-2
PIM-DVMRP, as snooping method 14-7
ping
character output description 25-14
executing 25-13
overview 25-13
policed-DSCP map for QoS 23-40
policers
configuring
for each matched traffic class 23-33
for more than one traffic class 23-36
described 23-3
displaying 23-55
number of 23-21
types of 23-8
policing
described 23-3
token-bucket algorithm 23-9
policy maps for QoS
characteristics of 23-33
configuring 23-33
described 23-7
displaying 23-55
Port Aggregation Protocol
port-based authentication
authentication server
defined 7-2
RADIUS server 7-2
client, defined 7-2
configuration guidelines 7-7
configuring
manual re-authentication of a client 7-11
quiet period 7-11
RADIUS server 7-9
RADIUS server parameters on the switch 7-8
switch-to-client frame-retransmission number 7-12
switch-to-client retransmission time 7-12
default configuration 7-6
described 7-1
device roles 7-2
displaying statistics 7-14
EAPOL-start frame 7-3
EAP-request/identity frame 7-3
port-based authentication (continued)
EAP-response/identity frame 7-3
enabling
802.1X authentication 7-7
periodic re-authentication 7-10
encapsulation 7-2
initiation and message exchange 7-3
method lists 7-7
ports
authorization state and dot1x port-control command 7-4
authorized and unauthorized 7-4
resetting to default values 7-14
switch
as proxy 7-2
RADIUS client 7-2
topologies, supported 7-5
port-channel
Port Fast
described 13-2
enabling 13-9
mode, spanning tree 9-27
support for 1-4
port icons, Front Panel view 3-6
port LEDs
described 3-8
DUPLX 3-7
port modes 3-7
SPEED 3-7
STAT 3-7
port membership modes, VLAN 3-8, 9-3
port modes
described 3-7
LEDs 3-7
port pop-up menu, Front Panel view 3-19
port priority, STP 12-15
ports
802.1Q trunk 3-8
access 8-3
blocking 15-6
ISL trunk 3-8
negotiate trunk 3-8
protected 15-4
secure 15-7
switch 8-2
VLAN assignments 9-11
port security
aging 15-11
configuring 15-9
default configuration 15-8
described 15-7
displaying 15-12
violations 15-8
with other features 15-9
port-shutdown response, VMPS 9-26
preferential treatment of traffic
preventing unauthorized access 6-1
priority
overriding CoS 11-5
trusting CoS 11-5
private VLAN edge ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 6-9
command switch 5-21
exiting 6-10
logging into 6-10
mapping on member switches 5-21
setting a command with 6-8
pruning, VTP
enabling 10-14
enabling on a port 9-20
examples 10-5
overview 10-4
pruning-eligible list
changing 9-20
for VTP pruning 10-4
VLANs 10-14
publications for products, technologies, and network solutions xxviii
PVST 9-2
Q
QoS
basic model 23-3
classification
class maps, described 23-7
defined 23-3
flowchart 23-6
forwarding treatment 23-3
in frames and packets 23-2
MAC ACLs, described 23-5, 23-7
options for IP traffic 23-5
options for non-IP traffic 23-5
policy maps, described 23-7
trust DSCP, described 23-5
trusted CoS, described 23-5
trust IP precedence, described 23-5
class maps
configuring 23-31
displaying 23-55
configuration guidelines 23-21
QoS (continued)
configuring
aggregate policers 23-36
default port CoS value 23-25
DSCP maps 23-38
DSCP trust states bordering another domain 23-26
egress queue characteristics 23-48
ingress queue characteristics 23-43
IP extended ACLs 23-29
IP standard ACLs 23-28
MAC ACLs 23-30
policy maps 23-33
port trust states within the domain 23-23
default configuration 23-18
displaying statistics 23-55
egress queues
allocating buffer space 23-48
buffer allocation scheme, described 23-15
configuring shaped weights for SRR 23-52
configuring shared weights for SRR 23-53
described 23-4
displaying the threshold map 23-51
flowchart 23-15
mapping DSCP or CoS values 23-50
scheduling, described 23-4
setting WTD thresholds 23-48
WTD, described 23-16
enabling globally 23-22
flowcharts
classification 23-6
egress queueing and scheduling 23-15
ingress queueing and scheduling 23-13
policing and marking 23-9
implicit deny 23-7
QoS (continued)
ingress queues
allocating bandwidth 23-46
allocating buffer space 23-45
buffer and bandwidth allocation, described 23-14
configuring shared weights for SRR 23-46
configuring the priority queue 23-47
described 23-3
displaying the threshold map 23-44
flowchart 23-13
mapping DSCP or CoS values 23-44
priority queue, described 23-14
scheduling, described 23-3
setting WTD thresholds 23-44
WTD, described 23-14
limiting bandwidth on egress interface 23-54
mapping tables
CoS-to-DSCP 23-38
displaying 23-55
DSCP-to-CoS 23-41
DSCP-to-DSCP-mutation 23-42
IP-precedence-to-DSCP 23-39
policed-DSCP 23-40
types of 23-10
marked-down actions 23-34
overview 23-1
packet modification 23-17
policers
described 23-8
displaying 23-55
number of 23-21
types of 23-8
QoS (continued)
policies, attaching to an interface 23-9
policing
token bucket algorithm 23-9
policy maps
characteristics of 23-33
configuring 23-33
displaying 23-55
QoS label, defined 23-3
queues
configuring egress characteristics 23-48
configuring ingress characteristics 23-43
location of 23-11
SRR, described 23-12
WTD, described 23-11
rewrites 23-17
support for 1-5
trust states
bordering another domain 23-26
described 23-5
within the domain 23-23
quality of service
queries, IGMP 14-3
R
RADIUS
attributes
vendor-proprietary 6-30
vendor-specific 6-29
configuring
accounting 6-28
authentication 6-23
authorization 6-27
communication, global 6-21, 6-29
communication, per-server 6-21
multiple UDP ports 6-21
RADIUS (continued)
default configuration 6-20
defining AAA server groups 6-25
displaying the configuration 6-31
identifying the server 6-21
in clusters 5-14
limiting the services to the user 6-27
method list, defined 6-20
operation of 6-19
overview 6-18
suggested network environments 6-18
support for 1-5
tracking services accessed by user 6-28
range
macro 8-7
of interfaces 8-6
rcommand command 5-21
RCP
configuration files
downloading B-17
overview B-16
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-31
preparing the server B-29
uploading B-33
reconfirmation interval, VMPS, changing 9-30
recovery procedures 25-1
redundancy
EtherChannel 24-2
STP
backbone 12-9
path cost 9-24
port priority 9-22
redundant clusters
redundant links and UplinkFast 13-12
redundant power system
Refresh button 3-26
reloading software 4-17
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
resetting a UDLD-shutdown interface 17-5
restricting access
NTP services 6-39
overview 6-1
passwords and privilege levels 6-2
RADIUS 6-18
TACACS+ 6-10
retry count, VMPS, changing 9-30
RFC
1112, IP multicast and IGMP 14-2
1157, SNMPv1 21-2
1305, NTP 6-34
1757, RMON 19-2
1901, SNMPv2C 21-2
1902 to 1907, SNMPv2 21-2
2236, IP multicast and IGMP 14-2
RMON
default configuration 19-3
displaying status 19-6
enabling alarms and events 19-3
groups supported 19-2
overview 19-1
statistics
collecting group Ethernet 19-6
collecting group history 19-5
support for 1-6
root guard
described 13-7
enabling 13-13
support for 1-4
root switch, STP 12-12
RSPAN
configuration guidelines 18-15
default configuration 18-9
destination ports 18-7
displaying status 18-20
interaction with other features 18-8
monitored ports 18-5
monitoring ports 18-7
received traffic 18-4
session limits 18-10
sessions
creating 18-16
defined 18-3
limiting source traffic to specific VLANs 18-19
specifying monitored ports 18-16
source ports 18-5
transmitted traffic 18-5
VLAN-based 18-6
running configuration, saving 4-10
S
SC (standby command switch) 5-10, 5-18
scheduled reloads 4-17
secure ports, configuring 15-7
security, port 15-7
security features 1-4
sequence numbers in log messages 20-7
server mode, VTP 10-3
set-request operation 21-4
setup program, failed command switch replacement 25-9, 25-11
severity levels, defining in system messages 20-8
SFPs
security and identification 25-13
shaped round robin
show and more command output, filtering 2-9
show cdp traffic command 16-5
show cluster members command 5-21
show configuration command 8-12
show forward command 25-18
show interfaces command 8-10, 8-12
show platform forward command 25-18
show running-config command
displaying ACLs 22-16, 22-19, 22-22
interface description in 8-12
shutdown command on interfaces 8-15
Simple Network Management Protocol
SNAP 16-1
SNMP
accessing MIB variables with 21-4
agent
described 21-3
disabling 21-6
community strings
configuring 21-6
for cluster switches 21-4
overview 21-3
configuration examples 21-11
default configuration 21-5
in-band management 1-3
in clusters 5-14
informs
and trap keyword 21-7
described 21-4
differences from traps 21-5
enabling 21-9
limiting access by TFTP servers 21-10
limiting system log messages to NMS 20-9
SNMP (continued)
managing clusters with 5-22
MIBs
location of A-3
supported A-1
notifications 21-4
status, displaying 21-12
system contact and location 21-10
trap manager, configuring 21-9
traps
differences from informs 21-5
enabling 21-7
enabling MAC address notification 6-55
types of 21-7
versions supported 21-2
snooping, IGMP 14-2
software images
location in Flash B-20
recovery procedures 25-2
scheduling reloads 4-17
tar file format, described B-21
See also downloading and uploading
source addresses, in ACLs 22-8
source-and-destination-IP address based forwarding, EtherChannel 24-6
source-and-destination MAC address forwarding, EtherChannel 24-5
source-IP address based forwarding, EtherChannel 24-5
source-MAC address forwarding, EtherChannel 24-5
SPAN
configuration guidelines 18-10
default configuration 18-9
destination ports 18-7
displaying status 18-20
interaction with other features 18-8
SPAN (continued)
monitored ports 18-5
monitoring ports 18-7
received traffic 18-4
session limits 18-10
sessions
creating 18-10
defined 18-3
limiting source traffic to specific VLANs 18-14
removing destination (monitoring) ports 18-13
specifying monitored ports 18-10
source ports 18-5
transmitted traffic 18-5
VLAN-based 18-6
spanning tree and native VLANs 9-17
Spanning Tree Protocol
speed, configuring on interfaces 8-10
SRR
configuring
shaped weights on egress queues 23-52
shared weights on egress queues 23-53
shared weights on ingress queues 23-46
described 23-12
shaped mode 23-12
shared mode 23-12
Standby Command Configuration window 5-19
standby command switch
considerations 5-11
defined 5-2
priority 5-10
requirements 5-3
virtual IP address 5-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
startup configuration
booting
manually 4-13
specific image 4-14
clearing B-19
configuration file
automatically downloading 4-12
specifying the filename 4-13
default boot configuration 4-12
static access mode 3-8
static access ports
assigning to VLAN 9-11
static addresses
static MAC addressing 1-4
static VLAN membership 9-2
statistics
802.1X 7-14
CDP 16-5
interface 8-14
QoS ingress and egress 23-55
RMON group Ethernet 19-6
RMON group history 19-5
SNMP input and output 21-12
VTP 10-16
status bar
change notification 3-29
error notification 3-29
storm control
configuring 15-3
described 15-1
displaying 15-12
support for 1-2
thresholds 15-1
STP
802.1D and bridge ID 12-4
802.1D and multicast addresses 12-8
802.1T and VLAN identifier 12-4
accelerating root port selection 13-4
BackboneFast
described 13-5
enabling 13-13
BPDU filtering
described 13-3
enabling 13-11
BPDU guard
described 13-3
enabling 13-10
BPDU message exchange 12-2
configuration guidelines 12-11
configuring
disable 12-12
forward-delay time 12-18
hello time 12-17
maximum aging time 12-19
path cost 12-16
port priority 12-15
root switch 12-12
secondary root switch 12-14
switch priority 12-17
default configuration 12-10
default optional feature configuration 13-9
designated port, defined 12-3
designated switch, defined 12-3
detecting indirect link failures 13-5
displaying status 12-19
extended system ID
affects on root switch 12-12
affects on the secondary root switch 12-14
overview 12-4
unexpected behavior 12-12
features supported 1-4
inferior BPDU 12-3
STP (continued)
interface state, blocking to forwarding 13-2
interface states
blocking 12-7
disabled 12-8
learning 12-7
listening 12-7
overview 12-5
limitations with 802.1Q trunks 12-8
load sharing
overview 9-22
using path costs 9-24
using port priorities 9-22
loop guard
described 13-8
enabling 13-14
multicast addresses, affect of 12-8
optional features supported 1-4
overview 12-2
path costs 9-24
Port Fast
described 13-2
enabling 13-9
port priorities 9-22
preventing root switch selection 13-7
redundant connectivity 12-9
root guard
described 13-7
enabling 13-13
root port, defined 12-3
root switch
affects of extended system ID 12-4, 12-12
configuring 12-12
election 12-3
unexpected behavior 12-12
shutdown Port Fast-enabled port 13-3
superior BPDU 12-3
supported number of spanning-tree instances 12-8
STP (continued)
timers, described 12-4
UplinkFast
described 13-4
enabling 13-12
stratum, NTP 6-34
success response, VMPS 9-26
summer time 6-45
SunNet Manager 1-3
switch clustering technology 5-1
See also clusters, switch 1-2
switch console port 1-3
switched ports 8-2
Switch Manager 3-30
switchport block multicast command 15-6
switchport block unicast command 15-6
switchport protected command 15-5
switch priority, STP 12-17
switch software features 1-1
syslog
system clock
configuring
daylight saving time 6-45
manually 6-43
summer time 6-45
time zones 6-44
displaying the time and date 6-43
overview 6-33
system message logging
default configuration 20-3
defining error message severity levels 20-8
disabling 20-3
system message logging (continued)
displaying the configuration 20-12
enabling 20-4
facility keywords, described 20-12
level keywords, described 20-9
limiting messages 20-9
message format 20-2
overview 20-1
sequence numbers, enabling and disabling 20-7
setting the display destination device 20-4
synchronizing log messages 20-5
syslog facility 1-6
timestamps, enabling and disabling 20-7
UNIX syslog servers
configuring the daemon 20-10
configuring the logging facility 20-11
facilities supported 20-12
system messages on CMS 3-16
system name
default configuration 6-47
default setting 6-47
manual configuration 6-47
system prompt
default setting 6-47
manual configuration 6-48
T
tables, CMS 3-26
tabs, CMS 3-26
TAC
inquiries xxvii
toll-free telephone numbers xxviii
website xxvii
TACACS+
accounting, defined 6-11
authentication, defined 6-11
authorization, defined 6-11
configuring
accounting 6-17
authentication key 6-13
authorization 6-16
login authentication 6-14
default configuration 6-13
displaying the configuration 6-17
identifying the server 6-13
in clusters 5-14
limiting the services to the user 6-16
operation of 6-12
overview 6-10
support for 1-5
tracking services accessed by user 6-17
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
technical assistance
Cisco.com xxvi
TAC xxvii
TAC website xxvii
toll-free telephone numbers xxviii
Telnet
accessing management interfaces 2-10
from a browser 2-10
number of connections 1-3
setting a password 6-6
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 6-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-11
configuration files in base directory 4-6
configuring for autoconfiguration 4-5
image files
deleting B-24
downloading B-23
preparing the server B-22
uploading B-24
limiting access by servers 21-10
TFTP server 1-3
threshold, traffic level 15-2
time
time-range command 22-13
time ranges in ACLs 22-13
timestamps in log messages 20-7
time zones 6-44
Token Ring VLANs
support for 9-5
VTP support 10-4
toolbar 3-17
tool tips 3-23
Topology view
collapsed cluster view 3-11
device icons 3-12
device information 3-12
display options 3-13
expanded cluster view 3-10
icons 3-11
link information 3-12
multiple links 3-20
neighboring devices 3-11
pop-up menus 3-19
TOS 1-5
traceroute command 25-15
traffic
blocking flooded 15-6
fragmented 22-3
unfragmented 22-3
traffic policing 1-5
traffic suppression 15-1
transparent mode, VTP 10-3, 10-12
trap-door mechanism 4-2
traps
configuring MAC address notification 6-55
configuring managers 21-7
defined 21-3
notification types 21-7
troubleshooting
connectivity problems 25-13
detecting unidirectional links 17-1
determining packet forwarding 25-18
displaying crash information 25-19
SFP security and identification 25-13
show forward command 25-18
with CiscoWorks 21-4
with debug commands 25-16
with ping 25-13
with system message logging 20-1
with traceroute 25-14
trunking encapsulation 1-4
trunk ports
configuring 9-18
encapsulation 9-18, 9-23, 9-24
trunks
allowed-VLAN list 9-19
ISL 9-15
trunks (continued)
load sharing
setting STP path costs 9-24
using STP port priorities 9-22
native VLAN for untagged traffic 9-21
parallel 9-24
pruning-eligible list 9-20
to non-DTP device 9-15
understanding 9-15
trusted port states
between QoS domains 23-26
classification options 23-5
support for 1-5
within a QoS domain 23-23
twisted-pair Ethernet, detecting unidirectional links 17-1
type-of-service
U
UDLD
default configuration 17-3
echoing detection mechanism 17-2
enabling
globally 17-4
per interface 17-4
link-detection mechanism 17-1
neighbor database 17-2
overview 17-1
resetting an interface 17-5
status, displaying 17-5
support for 1-4
unauthorized ports with 802.1X 7-4
unicast storm control command 15-3
unicast storms 15-1
unicast traffic, blocking 15-6
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 20-10
facilities supported 20-12
message logging configuration 20-11
unrecognized Type-Length-Value (TLV) support 10-4
upgrading software images
UplinkFast
described 13-4
enabling 13-12
support for 1-4
uploading
configuration files
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
image files
reasons for B-20
using FTP B-28
using RCP B-33
using TFTP B-24
user EXEC mode 2-2
username-based authentication 6-7
V
verifying changes in CMS 3-29
version-dependent transparent mode 10-4
virtual IP address
cluster standby group 5-11, 5-18
vlan.dat file 9-4
VLAN ACLs
vlan-assignment response, VMPS 9-26
VLAN configuration
at bootup 9-7
saving 9-7
VLAN configuration mode 2-2, 9-6
VLAN database
and startup configuration file 9-7
and VTP 10-1
VLAN configuration saved in 9-7
VLANs saved in 9-4
vlan database command 9-6
vlan global configuration command 9-6
VLAN management domain 10-2
VLAN Management Policy Server
VLAN map entries, order of 22-17
VLAN maps
applying 22-22
common uses for 22-22
configuration example 22-23
configuration guidelines 22-17
configuring 22-16
creating 22-19
defined 22-2
denying access example 22-24
denying and permitting packets 22-19
displaying 22-25
examples 22-24
support for 1-5
usage 22-2
with router ACLs 22-25
VLAN membership
confirming 9-29
VLAN Query Protocol
VLANs
adding 9-8
adding to VLAN database 9-8
aging dynamic addresses 12-9
VLANs (continued)
allowed on trunk 9-19
and spanning-tree instances 9-2, 9-13
configuration guidelines, normal-range VLANs 9-5
configuration options 9-6
configuring 9-1
configuring IDs 1006 to 4094 9-12
creating in config-vlan mode 9-8
creating in VLAN configuration mode 9-9
default configuration 9-7
deleting 9-10
displaying 9-14
features 1-4
illustrated 9-2
limiting source traffic with RSPAN 18-19
limiting source traffic with SPAN 18-14
modifying 9-8
native, configuring 9-21
number supported 1-4
parameters 9-4
port membership modes 3-8, 9-3
static-access ports 9-11
STP and 802.1Q trunks 12-8
supported 9-2
Token Ring 9-5
traffic between 9-2
VTP modes 10-3
VLAN Trunking Protocol
VLAN trunks 9-15
VMPS
administering 9-30
configuration example 9-31
configuration guidelines 9-27
default configuration 9-27
description 9-26
VMPS (continued)
dynamic port membership
described 9-27
reconfirming 9-30
troubleshooting 9-31
entering server address 9-28
mapping MAC addresses to VLANs 9-26
monitoring 9-30
reconfirmation interval, changing 9-30
reconfirming membership 9-29
retry count, changing 9-30
voice-over-IP 11-1
voice VLAN
Cisco 7960 phone, port connections 11-1
configuration guidelines 11-3
configuring IP phones for data traffic
override CoS of incoming frame 11-5
trust CoS priority of incoming frame 11-5
configuring ports for voice traffic in
802.1P priority tagged frames 11-5
802.1Q frames 11-4
connecting to an IP phone 11-4
default configuration 11-3
described 11-1
displaying 11-6
VTP
adding a client to a domain 10-15
and extended-range VLANs 10-1
and normal-range VLANs 10-2
client mode, configuring 10-11
configuration
global configuration mode 10-7
guidelines 10-8
privileged EXEC mode 10-7
requirements 10-9
saving 10-7
VLAN configuration mode 10-7
VTP (continued)
configuration mode options 10-7
configuration requirements 10-9
configuration revision number
guideline 10-15
resetting 10-15
configuring
client mode 10-11
server mode 10-9
transparent mode 10-12
consistency checks 10-4
default configuration 10-6
described 10-1
disabling 10-12
domain names 10-8
domains 10-2
modes
transitions 10-3
monitoring 10-16
passwords 10-8
pruning
disabling 10-14
enabling 10-14
examples 10-5
overview 10-4
support for 1-4
pruning-eligible list, changing 9-20
server mode, configuring 10-9
VTP (continued)
statistics 10-16
support for 1-4
Token Ring support 10-4
transparent mode, configuring 10-12
using 10-1
version, guidelines 10-8
version 1 10-4
version 2
configuration guidelines 10-8
disabling 10-13
enabling 10-13
overview 10-4
W
web-based management software
weighted tail drop
window components, CMS 3-25
WTD
described 23-11
setting thresholds
egress queue-sets 23-48
ingress queues 23-44
X
XMODEM protocol 25-2