-
Catalyst 2970 Switch Software Configuration Guide, 12.2(20)SE
-
Index
-
Catalyst 2970 Switch Software Configuration Guide (full book in PDF format)
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Getting Started with CMS
-
Assigning the Switch IP Address and Default Gateway
-
Clustering Switches
-
Administering the Switch
-
Configuring Switch-Based Authentication
-
Configuring 802.1X Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring SmartPort Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Voice VLAN
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Flex Links
-
Configuring DHCP Features
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Troubleshooting
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(20)SE
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
802.1D
802.1Q
and trunk ports 9-3
configuration limitations 11-16
encapsulation 11-14
native VLAN for untagged traffic 11-21
802.1s
802.1w
802.1x
802.3ad
802.3z flow control 9-12
A
abbreviating commands 2-3
access-class command 27-18
access control entries
access-denied response, VMPS 11-25
access groups
applying ACLs to interfaces 27-19
IP 27-19
accessing
clusters, switch 5-12
command switches 5-10
member switches 5-12
switch clusters 5-12
access lists
access ports
defined 9-2
in switch clusters 5-8
accounting
with RADIUS 7-28
ACEs
and QoS 28-7
defined 27-2
Ethernet 27-2
IP 27-2
ACLs
ACEs 27-2
any keyword 27-10
applying
time ranges to 27-15
to an interface 27-18
to QoS 28-7
classifying traffic for QoS 28-38
comments in 27-17
compiling 27-19
ACLs (continued)extended IP
configuring for QoS classification 28-40
creating 27-8
matching criteria 27-6
hardware and software handling 27-19
host keyword 27-11
IP
applying to an interface 27-18
applying to interfaces 27-18
creating 27-6
fragments and QoS guidelines 28-31
implicit deny 27-8, 27-12, 27-14
implicit masks 27-8
matching criteria 27-6
named 27-13
terminal lines, setting on 27-17
undefined 27-19
monitoring 27-30
named 27-13
number per QoS class map 28-31
numbers 27-6
port 27-2
precedence of 27-2
resequencing entries 27-13
standard IP
configuring for QoS classification 28-39
creating 27-7
matching criteria 27-6
supported features 27-19
support for 1-5
time ranges 27-15
unsupported features 27-5
VLAN maps
configuration guidelines 27-24
configuring 27-24
active links 17-1
address aliasing 19-2
addresses
displaying the MAC address table 6-27
dynamic
accelerated aging 14-8
changing the aging time 6-22
default aging 14-8
defined 6-20
learning 6-21
removing 6-22
MAC, discovering 6-27
multicast, STP address management 14-8
static
adding and removing 6-24
defined 6-20
address resolution 6-27
Address Resolution Protocol
advertisements
CDP 21-1
aggregated ports
aggregate policers 28-47
aggregate policing 1-6
aging, accelerating 14-8
aging time
accelerated
for MSTP 15-20
MAC address table 6-22
maximum
for MSTP 15-21
for STP 14-21
alarms, RMON 24-3
allowed-VLAN list 11-19
ARP
table
address resolution 6-27
managing 6-27
attributes, RADIUS
vendor-proprietary 7-31
vendor-specific 7-29
audience xxvii
authentication
local mode with AAA 7-36
NTP associations 6-4
RADIUS
key 7-21
login 7-23
See also port-based authentication
TACACS+
defined 7-11
key 7-13
login 7-14
authoritative time source, described 6-2
authorization
with RADIUS 7-27
authorized ports with 802.1x 8-4
autoconfiguration 4-3
automatic discovery
adding member switches 5-16
considerations
beyond a noncandidate device 5-8
brand new switches 5-8
connectivity 5-5
different VLANs 5-7
management VLANs 5-7
non-CDP-capable devices 5-6
noncluster-capable devices 5-6
creating a cluster standby group 5-17
in switch clusters 5-5
automatic QoS
automatic recovery, clusters 5-9
autonegotiation
duplex mode 1-2
interface configuration guidelines 9-10
mismatches 30-12
autosensing, port speed 1-2
auxiliary VLAN
availability, features 1-4
B
BackboneFast
described 16-5
disabling 16-14
enabling 16-13
support for 1-4
backup interfaces
backup links 17-1
banners
configuring
login 6-20
message-of-the-day login 6-19
default configuration 6-18
when displayed 6-18
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 20-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-13
boot loader
accessing 4-14
described 4-2
environment variables 4-14
prompt 4-14
trap-door mechanism 4-2
BPDU
error-disabled state 16-2
filtering 16-3
RSTP format 15-9
BPDU filtering
described 16-3
disabling 16-12
enabling 16-12
support for 1-4
BPDU guard
described 16-2
disabling 16-11
enabling 16-11
support for 1-4
bridge protocol data unit
broadcast storm-control command 20-3
broadcast storms 20-2
C
cables, monitoring for unidirectional links 22-1
candidate switch
adding 5-16
automatic discovery 5-5
defined 5-4
HC 5-18
passwords 5-16
requirements 5-4
standby group 5-17
See also command switch, cluster standby group, and member switch
caution, described xxviii
CC (command switch) 5-18
CDP
and trusted boundary 28-36
automatic discovery in switch clusters 5-5
configuring 21-2
default configuration 21-2
described 21-1
disabling for routing device 21-3 to 21-4
enabling and disabling
on an interface 21-4
on a switch 21-3
monitoring 21-5
overview 21-1
support for 1-4
transmission timer and holdtime, setting 21-2
updates 21-2
CGMP
as IGMP snooping learning method 19-7
joining multicast group 19-3
Cisco 7960 IP Phone 13-1
Cisco Discovery Protocol
Cisco IOS File System
class maps for QoS
configuring 28-42
described 28-7
displaying 28-66
class of service
clearing interfaces 9-17
CLI
abbreviating commands 2-3
command modes 2-1
described 1-3
CLI (continued)editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 5-20
no and default forms of commands 2-4
client mode, VTP 12-3
clock
Cluster Management Suite
cluster requirements
clusters, switch
accessing 5-12
adding member switches 5-16
automatic discovery 5-5
automatic recovery 5-9
benefits 1-2
command switch configuration 5-15
compatibility 5-4
creating 5-15
creating a cluster standby group 5-17
described 5-1
LRE profile considerations 5-14
managing
through CLI 5-20
through SNMP 5-21
planning 5-4
clusters, switch (continued)planning considerations
automatic discovery 5-5
automatic recovery 5-9
CLI 5-20
host names 5-13
IP addresses 5-12
LRE profiles 5-14
passwords 5-13
RADIUS 5-14
switch-specific features 5-14
TACACS+ 5-14
redundancy 5-17
troubleshooting 5-20
verifying 5-19
cluster standby group
automatic recovery 5-11
considerations 5-10
creating 5-17
defined 5-2
requirements 5-3
virtual IP address 5-10
CMS
benefits 1-2
configuration modes 3-5
downloading image files 1-2, 3-16, B-19
Front Panel view, described 3-2
operating systems and supported browsers 3-9
privilege levels 3-7
Topology view 3-15
wizards 3-6
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 7-8
command switch
accessing 5-10
command switch with HSRP disabled (CC) 5-18
configuration conflicts 30-11
defined 5-2
enabling 5-15
password privilege levels 5-21
priority 5-9
recovery
from command-switch failure 5-9, 30-8
from lost member connectivity 30-11
replacing
with another switch 30-10
with cluster member 30-8
requirements 5-3
See also candidate switch, cluster standby group, member switch, and standby command switch
community strings
for cluster switches 26-4
in clusters 5-13
overview 26-4
SNMP 5-13
config.text 4-12
configuration, initial
defaults 1-7
setup (CLI) program 1-7
See also hardware installation guide
configuration conflicts, recovering from lost member connectivity 30-11
configuration examples, network 1-10
configuration files
clearing the startup configuration B-18
creating using a text editor B-9
default name 4-12
deleting a stored configuration B-18
described B-8
downloading
automatically 4-12
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-10
guidelines for creating and using B-8
invalid combinations when copying B-5
limiting TFTP server access 26-16
obtaining with DHCP 4-7
password recovery disable considerations 7-5
specifying the filename 4-12
system contact and location information 26-15
types and location B-9
uploading
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
configuration modes, CMS 3-5
configuration settings, saving 4-10
configure terminal command 9-5
conflicts, configuration 30-11
connections, secure remote 7-37
connectivity problems 30-13, 30-14, 30-16
consistency checks in VTP Version 2 12-4
console port, connecting to 2-9
conventions
command xxviii
for examples xxviii
publication xxviii
text xxviii
corrupted software, recovery steps with Xmodem 30-2
CoS
in Layer 2 frames 28-2
override priority 13-6
trust priority 13-6
CoS input queue threshold map for QoS 28-14
CoS output queue threshold map for QoS 28-17
CoS-to-DSCP map for QoS 28-49
counters, clearing interface 9-17
crashinfo file 30-23
cryptographic software image
Kerberos 7-32
SSH 7-37
CWDM SFPs 1-14
D
daylight saving time 6-13
debugging
enabling all system diagnostics 30-21
enabling for a specific feature 30-20
redirecting error message output 30-21
using commands 30-20
default commands 2-4
default configuration
802.1x 8-10
auto-QoS 28-18
banners 6-18
booting 4-11
default configuration (continued)CDP 21-2
DHCP 18-5
DHCP option 82 18-5
DHCP snooping 18-5
DNS 6-17
EtherChannel 29-8
Flex Links 17-2
IGMP filtering 19-19
IGMP snooping 19-6
IGMP throttling 19-19
initial switch information 4-3
Layer 2 interfaces 9-9
MAC address table 6-21
MSTP 15-12
MVR 19-14
NTP 6-4
optional spanning-tree configuration 16-9
password and privilege level 7-2
RADIUS 7-20
RMON 24-3
RSPAN 23-9
SNMP 26-7
SPAN 23-9
standard QoS 28-29
STP 14-11
system message logging 25-3
system name and prompt 6-15
TACACS+ 7-13
UDLD 22-4
VLAN, Layer 2 Ethernet interfaces 11-17
VLANs 11-7
VMPS 11-26
voice VLAN 13-3
VTP 12-6
default gateway 4-10
deleting VLANs 11-10
description command 9-14
designing your network, examples 1-10
destination addresses, in ACLs 27-10
destination-IP address-based forwarding, EtherChannel 29-7
destination-MAC address forwarding, EtherChannel 29-6
detecting indirect link failures, STP 16-5
device discovery protocol 21-1
Device Manager 3-9
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-6
relay device 4-6
server side 4-5
TFTP server 4-5
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
overview 4-3
relationship to BOOTP 4-3
relay support 1-3
support for 1-3
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 18-4
configuration guidelines 18-6
default configuration 18-5
displaying 18-8
overview 18-3
packet format, suboption
circuit ID 18-4
remote ID 18-4
remote ID suboption 18-4
DHCP snooping
configuration guidelines 18-6
default configuration 18-5
displaying binding database 18-8
DHCP snooping (continued)displaying configuration 18-8
message exchange process 18-4
option 82 data insertion 18-3
trusted interface 18-2
untrusted interface 18-2
untrusted messages 18-2
DHCP snooping binding database
binding entries, displaying 18-8
default configuration 18-5
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 28-1
Differentiated Services Code Point 28-2
directed unicast requests 1-3
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, clusters
DNS
and DHCP-based autoconfiguration 4-6
default configuration 6-17
displaying the configuration 6-18
overview 6-16
setting up 6-17
support for 1-3
documentation, related xxix
document conventions xxviii
domain names
DNS 6-16
VTP 12-8
Domain Name System
downloading
configuration files
reasons for B-8
downloading (continued)using FTP B-13
using RCP B-16
using TFTP B-10
image files
deleting old image B-23
reasons for B-19
using FTP B-25
using RCP B-30
using TFTP B-22
DSCP input queue threshold map for QoS 28-14
DSCP output queue threshold map for QoS 28-17
DSCP-to-CoS map for QoS 28-51
DSCP-to-DSCP-mutation map for QoS 28-53
dynamic access ports
characteristics 11-3
configuring 11-28
defined 9-3
dynamic addresses
dynamic auto trunking mode 11-15
dynamic desirable trunking mode 11-16
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 11-26
reconfirming 11-28
troubleshooting 11-30
types of connections 11-28
Dynamic Trunking Protocol
E
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
enable password 7-4
enable secret password 7-4
encryption for passwords 7-4
environment variables, function of 4-15
error messages during command entry 2-4
EtherChannel
802.3ad, described 29-5
automatic creation of 29-3, 29-5
channel groups
binding physical and logical interfaces 29-3
numbering of 29-3
configuration guidelines 29-9
configuring Layer 2 interfaces 29-10
default configuration 29-8
described 29-2
displaying status 29-17
forwarding methods 29-6, 29-12
interaction
with STP 29-9
with VLANs 29-9
LACP
described 29-5
displaying status 29-17
hot-standby ports 29-14
interaction with other features 29-6
modes 29-5
port priority 29-16
system priority 29-15
PAgP
aggregate-port learners 29-13
compatibility with Catalyst 1900 29-13
described 29-3
PAgP (continued)displaying status 29-17
interaction with other features 29-5
learn method and priority configuration 29-13
modes 29-4
support for 1-3
port-channel interfaces
described 29-3
numbering of 29-3
port groups 9-3
support for 1-3
EtherChannel guard
described 16-7
disabling 16-14
enabling 16-14
Ethernet VLANs
adding 11-8
defaults and ranges 11-7
modifying 11-8
events, RMON 24-3
examples
conventions for xxviii
network configuration 1-10
expedite queue for QoS 28-65
expert mode 3-6
See also hardware installation guide
extended-range VLANs
configuration guidelines 11-12
configuring 11-11
creating 11-12
defined 11-1
extended system ID
MSTP 15-14
Extensible Authentication Protocol over LAN 8-1
F
fallback bridging
STP
keepalive messages 14-2
fiber-optic, detecting unidirectional links 22-1
files
copying B-4
crashinfo
description 30-23
displaying the contents of 30-23
location 30-23
deleting B-5
displaying the contents of B-7
tar
creating B-5
displaying the contents of B-6
extracting B-7
image file format B-20
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 27-24
non-IP traffic 27-21
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 17-2
configuring 17-3
default configuration 17-2
description 17-1
monitoring 17-3
flooded traffic, blocking 20-6
flow-based packet classification 1-6
flowcharts
QoS classification 28-6
QoS egress queueing and scheduling 28-15
QoS ingress queueing and scheduling 28-13
QoS policing and marking 28-9
forward-delay time
MSTP 15-20
STP 14-21
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-11
preparing the server B-12
uploading B-14
image files
deleting old image B-27
downloading B-25
preparing the server B-24
uploading B-27
G
get-bulk-request operation 26-3
get-next-request operation 26-3, 26-4
get-request operation 26-3, 26-4
get-response operation 26-3
global configuration mode 2-2
guest VLAN and 802.1x 8-8
guide
audience xxvii
purpose of xxvii
H
HC (candidate switch) 5-18
hello time
MSTP 15-19
STP 14-20
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 25-9
host names
abbreviations appended to 5-18
in clusters 5-13
hosts, limit on dynamic ports 11-30
HP OpenView 1-3
HSRP
automatic cluster recovery 5-11
cluster standby group considerations 5-10
See also clusters, cluster standby group, and standby command switch
I
ICMP
time-exceeded messages 30-16
traceroute and 30-16
ICMP ping
executing 30-13
overview 30-13
IDS appliances
and ingress RSPAN 23-20
and ingress SPAN 23-13
IEEE 802.1p 13-1
ifIndex values, SNMP 26-5
IFS 1-4
IGMP
joining multicast group 19-3
join messages 19-3
leave processing, enabling 19-10
leaving multicast group 19-4
queries 19-3
report suppression
described 19-5
disabling 19-10
support for 1-3
IGMP filtering
configuring 19-20
default configuration 19-19
described 19-18
monitoring 19-24
support for 1-3
IGMP groups
configuring filtering 19-22
setting the maximum number 19-22
IGMP profile
applying 19-21
configuration mode 19-20
configuring 19-20
IGMP snooping
and address aliasing 19-2
configuring 19-5
default configuration 19-6
definition 19-1
enabling and disabling 19-6
global configuration 19-6
Immediate Leave 19-5
method 19-7
monitoring 19-11
support for 1-3
VLAN configuration 19-6
IGMP throttling
configuring 19-22
default configuration 19-19
IGMP throttling (continued)described 19-19
displaying action 19-24
Immediate Leave, IGMP
described 19-5
enabling 19-10
initial configuration
defaults 1-7
setup (CLI) program 1-7
See also hardware installation guide
interface
number 9-4
range macros 9-7
interface configuration mode 2-2
interfaces
configuration guidelines
duplex and speed 9-10
configuring
procedure 9-5
speed 9-10
counters, clearing 9-17
described 9-14
descriptive name, adding 9-14
displaying information about 9-16
flow control 9-12
management 1-3
monitoring 9-16
naming 9-14
physical, identifying 9-4
range of 9-5
restarting 9-17
shutting down 9-17
status 9-16
supported 9-4
types of 9-1
interfaces range macro command 9-7
interface types 9-4
Inter-Switch Link
Intrusion Detection System
inventory, cluster 5-19
ip access group command 27-19
IP ACLs
applying to an interface 27-18
extended, creating 27-8
for QoS classification 28-7
implicit deny 27-8, 27-12, 27-14
implicit masks 27-8
named 27-13
standard, creating 27-7
undefined 27-19
virtual terminal lines, setting on 27-17
IP addresses
cluster access 5-2
command switch 5-3, 5-10, 5-12
discovering 6-27
redundant clusters 5-10
standby command switch 5-10, 5-12
ip igmp profile command 19-20
IP information
assigned
manually 4-9
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP phones
and QoS 13-1
automatic classification and queueing 28-18
configuring 13-4
ensuring port security with QoS 28-35
trusted boundary for QoS 28-35
IP precedence 28-2
IP-precedence-to-DSCP map for QoS 28-50
IP protocols in ACLs 27-10
IP traceroute
executing 30-17
overview 30-16
ISL
and trunk ports 9-3
J
join messages, IGMP 19-3
K
KDC
described 7-32
keepalive messages 14-2
Kerberos
authenticating to
boundary switch 7-34
KDC 7-34
network services 7-35
configuration examples 7-32
configuring 7-35
credentials 7-32
cryptographic software image 7-32
described 7-32
KDC 7-32
operation 7-34
realm 7-33
server 7-33
support for 1-6
switch as trusted third party 7-32
terms 7-33
TGT 7-34
tickets 7-32
key distribution center
L
LACP
Layer 2 frames, classification with CoS 28-2
Layer 2 interfaces, default configuration 9-9
Layer 2 traceroute
and ARP 30-15
and CDP 30-15
broadcast traffic 30-14
described 30-14
IP addresses and subnets 30-15
MAC addresses and VLANs 30-15
multicast traffic 30-15
multiple devices on a port 30-15
unicast traffic 30-14
usage guidelines 30-15
Layer 2 trunks 11-15
Layer 3 packets, classification methods 28-2
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
link redundancy
links, unidirectional 22-1
login authentication
with RADIUS 7-23
with TACACS+ 7-14
login banners 6-18
log messages
Long-Reach Ethernet (LRE) technology 1-11
loop guard
described 16-9
enabling 16-15
support for 1-5
LRE profiles, considerations in switch clusters 5-14
M
MAC addresses
aging time 6-22
and VLAN association 6-21
building the address table 6-21
default configuration 6-21
discovering 6-27
displaying 6-27
displaying in DHCP snooping binding database 18-8
dynamic
learning 6-21
removing 6-22
in ACLs 27-21
static
adding 6-25
allowing 6-26
characteristics of 6-24
dropping 6-26
removing 6-25
MAC address notification, support for 1-7
MAC address-to-VLAN mapping 11-25
MAC extended access lists
applying to Layer 2 interfaces 27-23
configuring for QoS 28-41
creating 27-21
defined 27-21
for QoS classification 28-5
macros
manageability features 1-3
management access
in-band
browser session 1-4
CLI session 1-4
CMS 1-4
SNMP 1-4
out-of-band console port connection 1-4
management options
CLI 2-1
clustering 1-2
CMS 1-2
overview 1-3
management VLAN
considerations in switch clusters 5-7
discovery through different management VLANs 5-7
mapping tables for QoS
configuring
CoS-to-DSCP 28-49
DSCP 28-49
DSCP-to-CoS 28-51
DSCP-to-DSCP-mutation 28-53
IP-precedence-to-DSCP 28-50
policed-DSCP 28-51
described 28-10
marking
action in policy map 28-44
action with aggregate policers 28-47
matching, ACLs 27-6
maximum aging time
MSTP 15-21
STP 14-21
maximum hop count, MSTP 15-21
membership mode, VLAN port 11-3
member switch
adding 5-16
automatic discovery 5-5
defined 5-2
managing 5-20
passwords 5-12
recovering from lost connectivity 30-11
requirements 5-4
See also candidate switch, cluster standby group, and standby command switch
menu bar variations 3-4
messages
to users through banners 6-18
MIBs
accessing files with FTP A-3
location of files A-3
overview 26-1
SNMP interaction with 26-4
supported A-1
mirroring traffic for analysis 23-1
mismatches, autonegotiation 30-12
module number 9-4
monitoring
access groups 27-31
ACL configuration 27-30
cables for unidirectional links 22-1
CDP 21-5
features 1-7
Flex Links 17-3
IGMP
filters 19-24
snooping 19-11
interfaces 9-16
multicast router interfaces 19-11
MVR 19-18
network traffic for analysis with probe 23-2
port
blocking 20-14
protection 20-14
speed and duplex mode 9-11
traffic flowing among switches 24-1
traffic suppression 20-14
VLAN
filters 27-31
maps 27-31
VLANs 11-13
VMPS 11-29
VTP 12-15
MSTP
boundary ports
configuration guidelines 15-12
described 15-5
BPDU filtering
described 16-3
enabling 16-12
BPDU guard
described 16-2
enabling 16-11
CIST, described 15-3
configuration guidelines 15-12, 16-10
configuring
forward-delay time 15-20
hello time 15-19
link type for rapid convergence 15-22
maximum aging time 15-21
maximum hop count 15-21
MST region 15-13
path cost 15-18
port priority 15-17
root switch 15-14
secondary root switch 15-16
switch priority 15-19
CST
defined 15-3
operations between regions 15-3
default configuration 15-12
default optional feature configuration 16-9
displaying status 15-23
enabling the mode 15-13
EtherChannel guard
described 16-7
enabling 16-14
extended system ID
effects on root switch 15-14
effects on secondary root switch 15-16
unexpected behavior 15-15
instances supported 14-9
MSTP (continued)interface state, blocking to forwarding 16-2
interoperability and compatibility among modes 14-10
interoperability with 802.1D
described 15-5
restarting migration process 15-22
IST
defined 15-2
master 15-3
operations within a region 15-3
loop guard
described 16-9
enabling 16-15
mapping VLANs to MST instance 15-13
MST region
CIST 15-3
configuring 15-13
described 15-2
hop-count mechanism 15-4
IST 15-2
supported spanning-tree instances 15-2
optional features supported 1-4
overview 15-2
Port Fast
described 16-2
enabling 16-10
preventing root switch selection 16-8
root guard
described 16-8
enabling 16-14
root switch
configuring 15-15
effects of extended system ID 15-14
unexpected behavior 15-15
shutdown Port Fast-enabled port 16-2
status, displaying 15-23
multicast groups
Immediate Leave 19-5
joining 19-3
multicast groups (continued)leaving 19-4
static joins 19-9
multicast packets, blocking 20-6
multicast router interfaces, monitoring 19-11
multicast router ports, adding 19-8
multicast storm 20-2
multicast storm-control command 20-4
Multicast VLAN Registration
Multiple Spanning Tree Protocol
MVR
and address aliasing 19-15
configuring interfaces 19-16
default configuration 19-14
described 19-12
modes 19-15
monitoring 19-18
setting global parameters 19-15
support for 1-3
N
named IP ACLs 27-13
native VLAN
configuring 11-21
default 11-21
network configuration examples
increasing network performance 1-10
long-distance, high-bandwidth transport 1-14
providing network services 1-11
server aggregation and Linux server cluster 1-12
small to medium-sized network 1-13
network design
performance 1-10
services 1-11
network management
CDP 21-1
RMON 24-1
SNMP 26-1
Network Time Protocol
no commands 2-4
non-IP traffic filtering 27-21
nontrunking mode 11-15
normal-range VLANs
configuration modes 11-6
defined 11-1
note, described xxviii
NTP
associations
authenticating 6-4
defined 6-2
enabling broadcast messages 6-7
peer 6-6
server 6-6
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-9
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-4
synchronizing devices 6-6
time
services 6-2
synchronizing 6-2
O
options, management 1-3
out-of-profile markdown 1-6
P
packet modification, with QoS 28-17
PAgP
passwords
default configuration 7-2
disabling recovery of 7-5
encrypting 7-4
for security 1-5
overview 7-1
recovery of 30-4
setting
enable 7-3
enable secret 7-4
Telnet 7-6
with usernames 7-7
VTP domain 12-8
path cost
MSTP 15-18
STP 14-17
PC (passive command switch) 5-9, 5-18
performance, network design 1-10
performance features 1-2
per-VLAN spanning-tree plus
physical ports 9-2
PIM-DVMRP, as snooping method 19-7
ping
character output description 30-14
executing 30-13
overview 30-13
policed-DSCP map for QoS 28-51
policers
configuring
for each matched traffic class 28-44
for more than one traffic class 28-47
described 28-3
policers (continued)displaying 28-66
number of 28-31
types of 28-8
policing
described 28-3
token-bucket algorithm 28-9
policy maps for QoS
characteristics of 28-44
configuring 28-44
described 28-7
displaying 28-67
port ACLs
defined 27-2
types of 27-2
Port Aggregation Protocol
port-based authentication
accounting 8-5
authentication server
defined 8-2
RADIUS server 8-2
client, defined 8-2
configuration guidelines 8-11
configuring
802.1x authentication 8-13
guest VLAN 8-20
host mode 8-19
manual re-authentication of a client 8-16
periodic re-authentication 8-16
quiet period 8-16
RADIUS server 8-15
RADIUS server parameters on the switch 8-14
switch-to-client frame-retransmission number 8-18
switch-to-client retransmission time 8-17
default configuration 8-10
described 8-1
device roles 8-2
displaying statistics 8-22
port-based authentication (continued)EAPOL-start frame 8-3
EAP-request/identity frame 8-3
EAP-response/identity frame 8-3
encapsulation 8-3
guest VLAN
configuration guidelines 8-9
described 8-8
initiation and message exchange 8-3
method lists 8-13
multiple-hosts mode, described 8-19
per-user ACLs
AAA authorization 8-13
configuration tasks 8-9
described 8-9
RADIUS server attributes 8-9
ports
authorization state and dot1x port-control command 8-4
authorized and unauthorized 8-4
voice VLAN 8-7
port security
and voice VLAN 8-6
described 8-6
interactions 8-6
multiple-hosts mode 8-19
resetting to default values 8-21
statistics, displaying 8-22
switch
as proxy 8-2
RADIUS client 8-2
topologies, supported 8-5
upgrading from a previous release 8-12, 28-23
VLAN assignment
AAA authorization 8-13
characteristics 8-8
configuration tasks 8-8
described 8-7
port-based authentication (continued)voice VLAN
described 8-7
PVID 8-7
VVID 8-7
port-channel
Port Fast
described 16-2
enabling 16-10
mode, spanning tree 11-26
support for 1-4
port membership modes, VLAN 11-3
port priority
MSTP 15-17
STP 14-16
ports
access 9-2
blocking 20-6
dynamic access 11-3
protected 20-5
secure 20-7
switch 9-2
VLAN assignments 11-10
port security
aging 20-13
and QoS trusted boundary 28-35
configuring 20-10
default configuration 20-9
described 20-7
displaying 20-14
on trunk ports 20-11
sticky learning 20-8
violations 20-8
with other features 20-10
port-shutdown response, VMPS 11-25
preferential treatment of traffic
preventing unauthorized access 7-1
primary links 17-1
priority
overriding CoS 13-6
trusting CoS 13-6
private VLAN edge ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 7-9
command switch 5-21
exiting 7-10
in CMS 3-7
logging into 7-10
mapping on member switches 5-21
setting a command with 7-8
pruning, VTP
disabling
in VTP domain 12-14
on a port 11-21
enabling
in VTP domain 12-13
on a port 11-20
examples 12-5
overview 12-4
pruning-eligible list
changing 11-20
for VTP pruning 12-4
VLANs 12-14
PVST+
802.1Q trunking interoperability 14-10
described 14-9
instances supported 14-9
Q
QoS
and MQC commands 28-1
auto-QoS
categorizing traffic 28-18
configuration and defaults display 28-28
configuration guidelines 28-23
described 28-18
disabling 28-25
displaying generated commands 28-24
displaying the initial configuration 28-28
effects on running configuration 28-23
egress queue defaults 28-19
enabling for VoIP 28-24
example configuration 28-26
ingress queue defaults 28-19
list of generated commands 28-20
basic model 28-3
classification
class maps, described 28-7
defined 28-3
flowchart 28-6
forwarding treatment 28-3
in frames and packets 28-2
MAC ACLs, described 28-5, 28-7
options for IP traffic 28-5
options for non-IP traffic 28-5
policy maps, described 28-7
trust DSCP, described 28-5
trusted CoS, described 28-5
trust IP precedence, described 28-5
class maps
configuring 28-42
displaying 28-66
configuration guidelines
auto-QoS 28-23
standard QoS 28-31
QoS (continued)configuring
aggregate policers 28-47
auto-QoS 28-18
default port CoS value 28-34
DSCP maps 28-49
DSCP trust states bordering another domain 28-36
egress queue characteristics 28-59
ingress queue characteristics 28-54
IP extended ACLs 28-40
IP standard ACLs 28-38
MAC ACLs 28-41
policy maps 28-44
port trust states within the domain 28-32
trusted boundary 28-35
default auto configuration 28-18
default standard configuration 28-29
displaying statistics 28-66
egress queues
allocating buffer space 28-59
buffer allocation scheme, described 28-16
configuring shaped weights for SRR 28-63
configuring shared weights for SRR 28-64
described 28-4
displaying the threshold map 28-62
flowchart 28-15
mapping DSCP or CoS values 28-61
scheduling, described 28-4
setting WTD thresholds 28-59
WTD, described 28-17
enabling globally 28-32
flowcharts
classification 28-6
egress queueing and scheduling 28-15
ingress queueing and scheduling 28-13
policing and marking 28-9
implicit deny 28-7
QoS (continued)ingress queues
allocating bandwidth 28-57
allocating buffer space 28-56
buffer and bandwidth allocation, described 28-14
configuring shared weights for SRR 28-57
configuring the priority queue 28-58
described 28-3
displaying the threshold map 28-55
flowchart 28-13
mapping DSCP or CoS values 28-55
priority queue, described 28-14
scheduling, described 28-3
setting WTD thresholds 28-55
WTD, described 28-14
IP phones
automatic classification and queueing 28-18
detection and trusted settings 28-18, 28-35
limiting bandwidth on egress interface 28-65
mapping tables
CoS-to-DSCP 28-49
displaying 28-66
DSCP-to-CoS 28-51
DSCP-to-DSCP-mutation 28-53
IP-precedence-to-DSCP 28-50
policed-DSCP 28-51
types of 28-10
marked-down actions 28-45
overview 28-1
packet modification 28-17
policers
described 28-8
displaying 28-66
number of 28-31
types of 28-8
policies, attaching to an interface 28-9
QoS (continued)policing
token bucket algorithm 28-9
policy maps
characteristics of 28-44
configuring 28-44
displaying 28-67
QoS label, defined 28-3
queues
configuring egress characteristics 28-59
configuring ingress characteristics 28-54
high priority (expedite) 28-17, 28-65
location of 28-11
SRR, described 28-12
WTD, described 28-11
rewrites 28-17
support for 1-6
trust states
bordering another domain 28-36
described 28-5
trusted device 28-35
within the domain 28-32
quality of service
queries, IGMP 19-3
R
RADIUS
attributes
vendor-proprietary 7-31
vendor-specific 7-29
RADIUS (continued)configuring
accounting 7-28
authentication 7-23
authorization 7-27
communication, global 7-21, 7-29
communication, per-server 7-20, 7-21
multiple UDP ports 7-21
default configuration 7-20
defining AAA server groups 7-25
displaying the configuration 7-31
identifying the server 7-20
in clusters 5-14
limiting the services to the user 7-27
method list, defined 7-20
operation of 7-19
overview 7-18
suggested network environments 7-18
support for 1-6
tracking services accessed by user 7-28
range
macro 9-7
of interfaces 9-6
rapid convergence 15-7
rapid per-VLAN spanning-tree plus
rapid PVST+
802.1Q trunking interoperability 14-10
described 14-9
instances supported 14-9
Rapid Spanning Tree Protocol
rcommand command 5-20
RCP
configuration files
downloading B-16
overview B-15
preparing the server B-15
uploading B-17
image files
deleting old image B-31
downloading B-30
preparing the server B-28
uploading B-32
reconfirmation interval, VMPS, changing 11-28
recovery procedures 30-1
redundancy
EtherChannel 29-2
STP
backbone 14-8
path cost 11-23
port priority 11-22
redundant clusters
redundant links and UplinkFast 16-12
reloading software 4-15
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
report suppression, IGMP
described 19-5
disabling 19-10
requirements
cluster
resequencing ACL entries 27-13
resetting a UDLD-shutdown interface 22-6
restricting access
NTP services 6-8
overview 7-1
passwords and privilege levels 7-2
RADIUS 7-18
TACACS+ 7-10
retry count, VMPS, changing 11-29
RFC
1112, IP multicast and IGMP 19-2
1157, SNMPv1 26-2
1305, NTP 6-2
1757, RMON 24-2
1901, SNMPv2C 26-2
1902 to 1907, SNMPv2 26-2
2236, IP multicast and IGMP 19-2
2273-2275, SNMPv3 26-2
RMON
default configuration 24-3
displaying status 24-6
enabling alarms and events 24-3
groups supported 24-2
overview 24-1
statistics
collecting group Ethernet 24-6
collecting group history 24-5
support for 1-7
root guard
described 16-8
enabling 16-14
support for 1-5
root switch
MSTP 15-14
STP 14-14
RSPAN
characteristics 23-8
configuration guidelines 23-16
default configuration 23-9
destination ports 23-7
displaying status 23-23
RSPAN (continued)interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-7
received traffic 23-4
session limits 23-10
sessions
creating 23-17
defined 23-3
limiting source traffic to specific VLANs 23-22
specifying monitored ports 23-17
with ingress traffic enabled 23-20
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
RSTP
active topology 15-6
BPDU
format 15-9
processing 15-10
designated port, defined 15-6
designated switch, defined 15-6
interoperability with 802.1D
described 15-5
restarting migration process 15-22
topology changes 15-10
overview 15-6
port roles
described 15-6
synchronized 15-8
proposal-agreement handshake process 15-7
rapid convergence
described 15-7
edge ports and Port Fast 15-7
point-to-point links 15-7, 15-22
root ports 15-7
root port, defined 15-6
running configuration, saving 4-10
S
SC (standby command switch) 5-9, 5-18
scheduled reloads 4-15
secure MAC addresses
deleting 20-12
maximum number of 20-8
types of 20-8
secure ports, configuring 20-7
secure remote connections 7-37
security, port 20-7
security features 1-5
sequence numbers in log messages 25-7
server mode, VTP 12-3
service-provider network, MSTP and RSTP 15-1
set-request operation 26-4
setup (CLI) program 1-7
See also hardware installation guide
setup program
failed command switch replacement 30-10
replacing failed command switch 30-8
severity levels, defining in system messages 25-8
SFPs
monitoring status of 1-7, 9-16, 30-13
security and identification 30-12
shaped round robin
show access-lists hw-summary command 27-19
show and more command output, filtering 2-8
show cdp traffic command 21-5
show cluster members command 5-20
show configuration command 9-14
show forward command 30-21
show interfaces command 9-11, 9-14
show platform forward command 30-21
show running-config command
displaying ACLs 27-18, 27-25, 27-28
interface description in 9-14
shutdown command on interfaces 9-17
Simple Network Management Protocol
Smartports macros
applying Cisco-default macros 10-6
applying global parameter values 10-5, 10-6
applying macros 10-5
applying parameter values 10-5, 10-7
configuration guidelines 10-3
creating 10-4
default configuration 10-2
defined 10-1
displaying 10-8
tracing 10-3
website 10-2
SNAP 21-1
SNMP
accessing MIB variables with 26-4
agent
described 26-4
disabling 26-8
authentication level 26-11
community strings
configuring 26-8
for cluster switches 26-4
overview 26-4
configuration examples 26-16
default configuration 26-7
engine ID 26-7
host 26-7
ifIndex values 26-5
in-band management 1-4
in clusters 5-13
SNMP (continued)informs
and trap keyword 26-12
described 26-5
differences from traps 26-5
disabling 26-15
enabling 26-15
limiting access by TFTP servers 26-16
limiting system log messages to NMS 25-9
managing clusters with 5-21
MIBs
location of A-3
supported A-1
notifications 26-5
security levels 26-3
status, displaying 26-17
system contact and location 26-15
trap manager, configuring 26-14
traps
differences from informs 26-5
disabling 26-15
enabling 26-12
enabling MAC address notification 6-23
types of 26-12
versions supported 26-2
SNMPv1 26-2
SNMPv2C 26-2
SNMPv3 26-2
snooping, IGMP 19-1
software images
location in flash B-19
recovery procedures 30-2
scheduling reloads 4-16
software images (continued)tar file format, described B-20
See also downloading and uploading
source addresses, in ACLs 27-10
source-and-destination-IP address based forwarding, EtherChannel 29-7
source-and-destination MAC address forwarding, EtherChannel 29-6
source-IP address based forwarding, EtherChannel 29-6
source-MAC address forwarding, EtherChannel 29-6
SPAN
configuration guidelines 23-10
default configuration 23-9
destination ports 23-7
displaying status 23-23
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-7
received traffic 23-4
session limits 23-10
sessions
configuring ingress forwarding 23-14, 23-21
creating 23-11
defined 23-3
limiting source traffic to specific VLANs 23-15
removing destination (monitoring) ports 23-12
specifying monitored ports 23-11
with ingress traffic enabled 23-13
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
spanning tree and native VLANs 11-16
Spanning Tree Protocol
SPAN traffic 23-4
speed, configuring on interfaces 9-10
SRR
configuring
shaped weights on egress queues 28-63
shared weights on egress queues 28-64
shared weights on ingress queues 28-57
described 28-12
shaped mode 28-12
shared mode 28-12
support for 1-7
SSH
configuring 7-38
cryptographic software image 7-37
encryption methods 7-38
user authentication methods, supported 7-38
Standby Command Configuration window 5-19
standby command switch
considerations 5-10
defined 5-2
priority 5-9
requirements 5-3
virtual IP address 5-10
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby links 17-1
startup configuration
booting
manually 4-13
specific image 4-13
clearing B-18
configuration file
automatically downloading 4-12
specifying the filename 4-12
default boot configuration 4-11
static access ports
assigning to VLAN 11-10
static addresses
static MAC addressing 1-5
static VLAN membership 11-2
statistics
802.1x 8-22
CDP 21-5
interface 9-16
QoS ingress and egress 28-66
RMON group Ethernet 24-6
RMON group history 24-5
SNMP input and output 26-17
VTP 12-15
sticky learning 20-8
storm control
configuring 20-3
described 20-2
displaying 20-14
support for 1-3
thresholds 20-2
STP
802.1D and bridge ID 14-4
802.1D and multicast addresses 14-8
802.1t and VLAN identifier 14-4
accelerating root port selection 16-4
BackboneFast
described 16-5
disabling 16-14
enabling 16-13
BPDU filtering
described 16-3
disabling 16-12
enabling 16-12
BPDU guard
described 16-2
disabling 16-11
enabling 16-11
BPDU message exchange 14-3
configuration guidelines 14-11, 16-10
STP (continued)configuring
forward-delay time 14-21
hello time 14-20
maximum aging time 14-21
path cost 14-17
port priority 14-16
root switch 14-14
secondary root switch 14-15
spanning-tree mode 14-12
switch priority 14-18
counters, clearing 14-22
default configuration 14-11
default optional feature configuration 16-9
designated port, defined 14-3
designated switch, defined 14-3
detecting indirect link failures 16-5
disabling 14-13
displaying status 14-22
EtherChannel guard
described 16-7
disabling 16-14
enabling 16-14
extended system ID
effects on root switch 14-14
effects on the secondary root switch 14-15
overview 14-4
unexpected behavior 14-14
features supported 1-4
inferior BPDU 14-3
instances supported 14-9
interface state, blocking to forwarding 16-2
STP (continued)interface states
blocking 14-6
disabled 14-7
learning 14-6
listening 14-6
overview 14-4
interoperability and compatibility among modes 14-10
keepalive messages 14-2
limitations with 802.1Q trunks 14-10
load sharing
overview 11-21
using path costs 11-23
using port priorities 11-22
loop guard
described 16-9
enabling 16-15
modes supported 14-9
multicast addresses, effect of 14-8
optional features supported 1-4
overview 14-2
Port Fast
described 16-2
enabling 16-10
port priorities 11-22
preventing root switch selection 16-8
protocols supported 14-9
redundant connectivity 14-8
root guard
described 16-8
enabling 16-14
root port, defined 14-3
root switch
configuring 14-14
effects of extended system ID 14-4, 14-14
election 14-3
unexpected behavior 14-14
STP (continued)shutdown Port Fast-enabled port 16-2
status, displaying 14-22
superior BPDU 14-3
timers, described 14-20
UplinkFast
described 16-3
enabling 16-12
stratum, NTP 6-2
success response, VMPS 11-25
summer time 6-13
SunNet Manager 1-3
switch clustering technology 5-1
switch console port 1-4
Switched Port Analyzer
switched ports 9-2
Switch Manager 3-10
switchport block multicast command 20-6
switchport block unicast command 20-6
switchport protected command 20-5
switch priority
MSTP 15-19
STP 14-18
switch software features 1-1
syslog
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-1
system message logging
default configuration 25-3
defining error message severity levels 25-8
disabling 25-3
displaying the configuration 25-12
enabling 25-4
facility keywords, described 25-12
level keywords, described 25-8
limiting messages 25-9
message format 25-2
overview 25-1
sequence numbers, enabling and disabling 25-7
setting the display destination device 25-4
synchronizing log messages 25-5
syslog facility 1-7
time stamps, enabling and disabling 25-7
UNIX syslog servers
configuring the daemon 25-11
configuring the logging facility 25-11
facilities supported 25-12
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
system prompt
manual configuration 6-16
T
TACACS+
accounting, defined 7-11
authentication, defined 7-11
authorization, defined 7-11
TACACS+ (continued)configuring
accounting 7-17
authentication key 7-13
authorization 7-16
login authentication 7-14
default configuration 7-13
displaying the configuration 7-17
identifying the server 7-13
in clusters 5-14
limiting the services to the user 7-16
operation of 7-12
overview 7-10
support for 1-6
tracking services accessed by user 7-17
tar files
creating B-5
displaying the contents of B-6
extracting B-7
image file format B-20
TDR 1-7
Telnet
accessing management interfaces 2-9
from a browser 2-9
number of connections 1-4
setting a password 7-6
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 7-6
TFTP
configuration files
downloading B-10
preparing the server B-10
uploading B-11
configuration files in base directory 4-6
configuring for autoconfiguration 4-5
TFTP (continued)image files
deleting B-23
downloading B-22
preparing the server B-21
uploading B-23
limiting access by servers 26-16
TFTP server 1-3
threshold, traffic level 20-2
time
Time Domain Reflector
time-range command 27-15
time ranges in ACLs 27-15
time stamps in log messages 25-7
time zones 6-12
Token Ring VLANs
support for 11-5
VTP support 12-4
Topology view, described 3-2, 3-15
ToS 1-6
traceroute, Layer 2
and ARP 30-15
and CDP 30-15
broadcast traffic 30-14
described 30-14
IP addresses and subnets 30-15
MAC addresses and VLANs 30-15
multicast traffic 30-15
multiple devices on a port 30-15
unicast traffic 30-14
usage guidelines 30-15
traceroute command 30-17
traffic
blocking flooded 20-6
fragmented 27-4
unfragmented 27-4
traffic policing 1-6
traffic suppression 20-2
transparent mode, VTP 12-3, 12-12
trap-door mechanism 4-2
traps
configuring MAC address notification 6-23
configuring managers 26-12
defined 26-3
notification types 26-12
troubleshooting
connectivity problems 30-13, 30-14, 30-16
detecting unidirectional links 22-1
displaying crash information 30-23
setting packet forwarding 30-21
SFP security and identification 30-12
show forward command 30-21
with CiscoWorks 26-4
with debug commands 30-20
with ping 30-13
with system message logging 25-1
with traceroute 30-16
trunking encapsulation 1-5
trunk ports
configuring 11-18
encapsulation 11-18, 11-23, 11-24
secure MAC addresses on 20-11
trunks
allowed-VLAN list 11-19
configuring 11-18, 11-23, 11-24
ISL 11-14
load sharing
setting STP path costs 11-23
using STP port priorities 11-22
native VLAN for untagged traffic 11-21
parallel 11-23
pruning-eligible list 11-20
trunks (continued)to non-DTP device 11-15
understanding 11-15
trusted boundary for QoS 28-35
trusted port states
between QoS domains 28-36
classification options 28-5
ensuring port security for IP phones 28-35
support for 1-6
within a QoS domain 28-32
twisted-pair Ethernet, detecting unidirectional links 22-1
type of service
U
UDLD
default configuration 22-4
disabling
fiber-optic interfaces 22-5
globally 22-5
per interface 22-6
echoing detection mechanism 22-2
enabling
globally 22-5
per interface 22-6
link-detection mechanism 22-1
neighbor database 22-2
overview 22-1
resetting an interface 22-6
status, displaying 22-7
support for 1-4
unauthorized ports with 802.1x 8-4
unicast MAC address filtering 1-4
and adding static addresses 6-26
and broadcast MAC addresses 6-25
and CPU packets 6-25
and multicast addresses 6-25
and router MAC addresses 6-25
unicast MAC address filtering (continued)configuration guidelines 6-25
described 6-25
unicast storm 20-2
unicast storm control command 20-4
unicast traffic, blocking 20-6
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 25-11
facilities supported 25-12
message logging configuration 25-11
unrecognized Type-Length-Value (TLV) support 12-4
upgrading information
upgrading software images
UplinkFast
described 16-3
disabling 16-13
enabling 16-12
support for 1-4
uploading
configuration files
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
image files
reasons for B-19
using FTP B-27
using RCP B-32
using TFTP B-23
user EXEC mode 2-2
username-based authentication 7-7
V
version-dependent transparent mode 12-4
virtual IP address
cluster standby group 5-10, 5-18
vlan.dat file 11-4
VLAN 1, disabling on a trunk port 11-19
VLAN 1 minimization 11-19
VLAN ACLs
vlan-assignment response, VMPS 11-25
VLAN configuration
at bootup 11-7
saving 11-7
VLAN configuration mode 2-2, 11-6
VLAN database
and startup configuration file 11-7
and VTP 12-1
VLAN configuration saved in 11-7
VLANs saved in 11-4
vlan database command 11-6
VLAN filtering and SPAN 23-6
vlan global configuration command 11-6
VLAN ID, discovering 6-27
VLAN management domain 12-2
VLAN Management Policy Server
VLAN map entries, order of 27-24
VLAN maps
applying 27-28
common uses for 27-28
configuration example 27-29
configuration guidelines 27-24
configuring 27-24
creating 27-25
denying access example 27-30
VLAN maps (continued)denying and permitting packets 27-25
displaying 27-31
examples 27-30
removing 27-28
support for 1-6
with router ACLs 27-30
VLAN membership
confirming 11-28
modes 11-3
VLAN Query Protocol
VLANs
adding 11-8
adding to VLAN database 11-8
aging dynamic addresses 14-9
allowed on trunk 11-19
and spanning-tree instances 11-2, 11-6, 11-12
configuration guidelines, extended-range VLANs 11-12
configuration guidelines, normal-range VLANs 11-5
configuration options 11-6
configuring 11-1
configuring IDs 1006 to 4094 11-12
creating in config-vlan mode 11-8
creating in VLAN configuration mode 11-9
default configuration 11-7
deleting 11-10
displaying 11-13
features 1-5
illustrated 11-2
limiting source traffic with RSPAN 23-22
limiting source traffic with SPAN 23-15
modifying 11-8
native, configuring 11-21
number supported 1-5
parameters 11-4
VLANs (continued)port membership modes 11-3
static-access ports 11-10
STP and 802.1Q trunks 14-10
supported 11-2
Token Ring 11-5
traffic between 11-2
VTP modes 12-3
VLAN Trunking Protocol
VMPS
administering 11-29
configuration example 11-30
configuration guidelines 11-26
default configuration 11-26
description 11-25
dynamic port membership
described 11-26
reconfirming 11-28
troubleshooting 11-30
entering server address 11-27
mapping MAC addresses to VLANs 11-25
monitoring 11-29
reconfirmation interval, changing 11-28
reconfirming membership 11-28
retry count, changing 11-29
voice-over-IP 13-1
voice VLAN
Cisco 7960 phone, port connections 13-1
configuration guidelines 13-3
configuring IP phones for data traffic
override CoS of incoming frame 13-6
trust CoS priority of incoming frame 13-6
configuring ports for voice traffic in
802.1p priority tagged frames 13-5
802.1Q frames 13-4
connecting to an IP phone 13-4
default configuration 13-3
voice VLAN (continued)described 13-1
displaying 13-6
VTP
adding a client to a domain 12-14
and extended-range VLANs 12-1
and normal-range VLANs 12-2
client mode, configuring 12-11
configuration
global configuration mode 12-7
guidelines 12-8
privileged EXEC mode 12-7
requirements 12-9
saving 12-7
VLAN configuration mode 12-7
configuration mode options 12-7
configuration requirements 12-9
configuration revision number
guideline 12-14
resetting 12-15
configuring
client mode 12-11
server mode 12-9
transparent mode 12-12
consistency checks 12-4
default configuration 12-6
described 12-1
disabling 12-12
domain names 12-8
domains 12-2
modes
transitions 12-3
monitoring 12-15
passwords 12-8
VTP (continued)pruning
disabling 12-14
enabling 12-13
examples 12-5
overview 12-4
support for 1-5
pruning-eligible list, changing 11-20
server mode, configuring 12-9
statistics 12-15
support for 1-5
Token Ring support 12-4
transparent mode, configuring 12-12
using 12-1
version, guidelines 12-8
Version 1 12-4
Version 2
configuration guidelines 12-8
disabling 12-13
enabling 12-12
overview 12-4
W
weighted tail drop
WTD
described 28-11
setting thresholds
egress queue-sets 28-59
ingress queues 28-55
support for 1-7
X
Xmodem protocol 30-2