-
Catalyst 3550 Multilayer Switch Software Configuration Guide, Rel. 12.2(25)SEE
-
Catalyst 3550 Switch Software Configuration Guide (full book in PDF format)
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Assigning the Switch IP Address and Default Gateway
-
Configuring Cisco IOS CNS Agents
-
Clustering Switches
-
Administering the Switch
-
Configuring Switch-Based Authentication
-
Configuring IEEE 802.1x Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring Smartports Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Voice VLAN
-
Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring DHCP Features and IP Source Guard
-
Configuring Dynamic ARP Inspection
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Configuring IP Unicast Routing
-
Configuring HSRP
-
Configuring Web Cache Services By Using WCCP
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(25)SEE
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
144-bit Layer 3 TCAM 6-27, 31-65
A
AAA down policy, NAC Layer 2 IP validation 1-6
abbreviating commands 2-4
ABRs 31-24
AC (command switch) 5-10
access-class command 28-21
access control entries
access-denied response, VMPS 11-27
access groups
IP 28-22
Layer 3 28-22
accessing
clusters, switch 5-13
command switches 5-11
member switches 5-13
switch clusters 5-13
access lists
access ports
and Layer 2 protocol tunneling 14-10
defined 9-3
in switch clusters 5-8
accounting
with RADIUS 7-28
ACEs
and QoS 29-7
defined 28-2
Ethernet 28-2
IP 28-2
ACLs
ACEs 28-2
and logging 28-7
any keyword 28-14
applying
on bridged packets 28-39
on multicast packets 28-40
on routed packets 28-39
on switched packets 28-38
time ranges to 28-18
to Layer 2 and Layer 3 interfaces 28-21
to QoS 29-7
classifying traffic for QoS 29-37
comments in 28-19
compatibility on the same switch 28-3
compiling 28-22
configuration conflict examples 28-44
configuring with VLAN maps 28-37
defined 28-2
examples, not fitting in hardware 28-45
extended IP
configuring for QoS classification 29-38
creating 28-11
matching criteria 28-9
feature manager 28-43
hardware and software handling 28-7
hardware support for 28-7
ACLs (continued)host keyword 28-14
input router ACL configuration guidelines 28-8
IP
applying to interface 28-20
creating 28-8
defined 28-8
fragments and QoS guidelines 29-28
implicit deny 28-11, 28-15, 28-17
implicit masks 28-11
matching criteria 28-9
matching criteria for port ACLs 28-4
matching criteria for router ACLs 28-3
named 28-16
options and QoS guidelines 29-28
undefined 28-22
violations, logging 28-17
virtual terminal lines, setting on 28-20
limiting actions 28-38
logging messages 28-11
log keyword 28-17
merge failure examples 28-46
monitoring 28-41
named 28-16
not fitting in hardware 28-45
number per QoS class map 29-28
numbers 28-9
policy maps and QoS classification 29-28
port
and voice VLAN 28-4
defined 28-2
limitations 28-4
preventing excessive TCAM usage 28-8
resequencing entries 28-16
router 28-2
ACLs (continued)standard IP
configuring for QoS classification 29-37
creating 28-10
matching criteria 28-9
support for 1-5
time ranges 28-18
undefined 28-29
unsupported features 28-8
using router ACLs with VLAN maps 28-37
VLAN maps
configuration guidelines 28-31
configuring 28-30
defined 28-5
active links 18-2
active router 32-1
addresses
displaying the MAC address table 6-26
dynamic
accelerated aging 15-8
changing the aging time 6-21
default aging 15-8
defined 6-19
learning 6-20
preventing frame forwarding 36-5
removing 6-21
filtering frames by MAC address 36-6
MAC, discovering 6-29
multicast
group address range 34-1, 34-3
STP address management 15-8
static
adding and removing 6-24
defined 6-19
Address Resolution Protocol
adjacency tables, with CEF 31-73
administrative distances
defined 31-83
OSPF 31-30
routing protocol defaults 31-75
advertisements
CDP 22-1
RIP 31-19
aggregate addresses, BGP 31-57
aggregated ports
aggregate policers 29-50
aggregate policing 1-7
aging, accelerating 15-8
aging time
accelerated
for MSTP 16-23
bridge table for fallback bridging 36-6
MAC address table 6-21
maximum
for MSTP 16-24
alarms, RMON 25-3
allowed-VLAN list 11-21
area border routers
ARP
configuring 31-9
defined 31-8
encapsulation 31-10
static cache configuration 31-9
support for 1-3
ARP table
address resolution 6-29
managing 6-29
ASBRs 31-24
AS-path filters, BGP 31-52
asymmetrical links, and IEEE 802.1Q tunneling 14-4
attributes, RADIUS
vendor-proprietary 7-31
vendor-specific 7-29
audience iii
authentication
EIGRP 31-39
HSRP 32-8
local mode with AAA 7-36
NTP associations 6-4
RADIUS
defined 7-18
key 7-21
login 7-23
TACACS+
defined 7-11
key 7-13
login 7-14
See also port-based authentication
authentication failed VLAN
authentication keys, and routing protocols 31-84
authoritative time source, described 6-2
authorization
with RADIUS 7-27
authorized ports with IEEE 802.1x 8-7
autoconfiguration 3-3
automatic discovery
considerations
beyond a noncandidate device 5-7
brand new switches 5-8
connectivity 5-4
different VLANs 5-6
management VLANs 5-7
non-CDP-capable devices 5-5
noncluster-capable devices 5-5
routed ports 5-7
in switch clusters 5-4
automatic QoS
automatic recovery, clusters 5-10
autonegotiation
duplex mode 1-2
interface configuration guidelines 9-15
mismatches 37-10
autonomous system boundary routers
autonomous systems, in BGP 31-45
Auto-RP, described 34-5
autosensing, port speed 1-2
auxiliary VLAN
B
BackboneFast
described 17-9
enabling 17-19
support for 1-4
backup interfaces
backup links 18-2
bandwidth for QoS
allocating 29-65
described 29-13
banners
configuring
login 6-19
message-of-the-day login 6-17
default configuration 6-17
when displayed 6-17
BGP
aggregate addresses 31-57
aggregate routes, configuring 31-57
CIDR 31-57
clear commands 31-61
BGP (continued)community filtering 31-54
configuring neighbors 31-55
default configuration 31-43
described 31-42
enabling 31-45
monitoring 31-61
multipath support 31-49
neighbors, types of 31-45
path selection 31-49
peers, configuring 31-55
prefix filtering 31-53
resetting sessions 31-48
route dampening 31-60
route maps 31-51
route reflectors 31-59
routing domain confederation 31-58
routing session with multi-VRF CE 31-67
show commands 31-61
supernets 31-57
support for 1-7
Version 4 31-42
binding cluster group and HSRP group 32-10
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
binding database, DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 18-7
DHCP snooping database 18-7
IP source guard 18-19
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 21-6
booting
boot loader, function of 3-2
boot process 3-1
manually 3-12
specific image 3-13
boot loader
accessing 3-14
described 3-2
environment variables 3-14
prompt 3-14
trap-door mechanism 3-2
bootstrap router (BSR), described 34-5
Border Gateway Protocol
BPDU
error-disabled state 17-2
filtering 17-3
RSTP format 16-12
BPDU filtering
described 17-3
enabling 17-16
support for 1-4
BPDU guard
described 17-2
enabling 17-15
support for 1-4
bridged packets, ACLs on 28-39
bridge groups
bridge protocol data unit
broadcast flooding 31-16
broadcast packets
directed 31-13
flooded 31-13
broadcast storm control
broadcast storm-control command 21-4
broadcast storms 31-13
C
cables, monitoring for unidirectional links 23-1
cache engines, redirecting traffic to 33-1
CAMs, ACLs not loading in 28-45
candidate switch
automatic discovery 5-4
defined 5-3
requirements 5-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 7-45
defined 7-42
caution, described iv
CDP
and trusted boundary 29-33
automatic discovery in switch clusters 5-4
configuring 22-2
default configuration 22-2
described 22-1
disabling for routing device 22-3, 22-4
enabling and disabling
on an interface 22-4
on a switch 22-3
Layer 2 protocol tunneling 14-7
monitoring 22-4
overview 22-1
power negotiation extensions 9-6
support for 1-3
transmission timer and holdtime, setting 22-2
updates 22-2
CEF 31-72
CGMP
as IGMP snooping learning method 20-8
clearing cached group entries 34-52
enabling server support 34-32
joining multicast group 20-3
overview 34-8
CGMP (continued)server support only 34-8
switch support of 1-2
CIDR 31-57
CipherSuites 7-43
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco Intelligence Engine 2100 Series Configuration Registrar
Cisco intelligent power management 9-6
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco Network Assistant
classless interdomain routing
classless routing 31-7
class maps for QoS
configuring per physical port 29-40
configuring per-port per-VLAN 29-42
described 29-7
displaying 29-71
class of service
clearing interfaces 9-21
CLI
abbreviating commands 2-4
command modes 2-1
configuration logging 2-5
described 1-9
editing features
CLI (continued)enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-8
error messages 2-5
filtering command output 2-9
getting help 2-3
history
changing the buffer size 2-6
described 2-5
disabling 2-6
recalling commands 2-6
no and default forms of commands 2-4
client mode, VTP 12-3
clock
clusters, switch
accessing 5-13
automatic discovery 5-4
automatic recovery 5-10
benefits 1-10
compatibility 5-4
described 5-1
managing
through SNMP 5-15
planning 5-4
planning considerations
automatic discovery 5-4
automatic recovery 5-10
host names 5-13
IP addresses 5-13
passwords 5-13
RADIUS 5-14
TACACS+ 5-14
cluster standby group
and HSRP group 32-10
automatic recovery 5-12
considerations 5-11
defined 5-2
requirements 5-3
virtual IP address 5-11
CNS
Configuration Engine
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-8
for upgrading 4-12
Coarse Wave Division Multiplexer GBIC modules
command-line interface
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
setting privilege levels 7-8
command switch
accessing 5-11
active (AC) 5-10
configuration conflicts 37-10
defined 5-2
passive (PC) 5-10
password privilege levels 5-14
priority 5-10
recovery
from command-switch failure 5-10
command switch (continued)
from failure 37-6
from lost member connectivity 37-10
redundant 5-10
replacing
with another switch 37-8
with cluster member 37-7
requirements 5-2
standby (SC) 5-10
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 31-54
community strings
for cluster switches 27-4
in clusters 5-14
overview 27-4
SNMP 5-14
config.text 3-11
configurable leave timer, IGMP 20-5
configuration conflicts
ACL, displaying 28-44
recovering from lost member connectivity 37-10
configuration examples, network 1-10
configuration files
clearing the startup configuration B-18
creating using a text editor B-9
default name 3-11
deleting a stored configuration B-18
described B-7
downloading
automatically 3-11
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-10
guidelines for creating and using B-8
invalid combinations when copying B-5
configuration files (continued)
limiting TFTP server access 27-15
obtaining with DHCP 3-7
password recovery disable considerations 7-5
specifying the filename 3-12
system contact and location information 27-15
types and location B-9
uploading
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
VMPS database 11-28
configuration guidelines, multi-VRF CE 31-65
configuration logging 2-5
configuration settings, saving 3-10
configure terminal command 9-9
Configuring a Restricted VLAN 8-32
configuring PoE 9-16
conflicts, configuration 37-10
congestion-avoidance techniques 29-12
congestion-management techniques 29-12, 29-15
connections, secure remote 7-38
connectivity problems 37-11
consistency checks in VTP version 2 12-4
console port, connecting to 2-10
content-routing technology
conventions
command iv
for examples iv
publication iv
text iv
CoS
in Layer 2 frames 29-2
override priority 13-5
trust priority 13-6
CoS-to-DSCP map for QoS 29-54
CoS-to-egress-queue map 29-60
counters, clearing interface 9-21
CPU q, in show forward command output 37-20
crashinfo file 37-21
critical authentication, IEEE 802.1x 8-33
cross-stack UplinkFast, STP
connecting stack ports 17-8
described 17-5
enabling 17-18
fast-convergence events 17-7
Fast Uplink Transition Protocol 17-6
limitations 17-8
normal-convergence events 17-7
Stack Membership Discovery Protocol 17-6
support for 1-4
cryptographic software image
Kerberos 7-32
SSL 7-41
customer edge devices 31-62
CWDM GBIC modules, network example 1-19
CWDM OADM modules 1-19
D
daylight saving time 6-13
debugging
enabling all system diagnostics 37-18
enabling for a specific feature 37-17
redirecting error message output 37-18
using commands 37-17
default commands 2-4
default configuration
auto-QoS 29-18
banners 6-17
BGP 31-43
booting 3-11
CDP 22-2
DHCP 18-9
default configuration (continued)
DHCP option 82 18-9
DHCP snooping 18-9
DHCP snooping binding database 18-9
DNS 6-16
dynamic ARP inspection 19-5
EIGRP 31-35
EtherChannel 30-8
fallback bridging 36-3
Flex Links 18-4
HSRP 32-4
IEEE 802.1Q tunneling 14-4
IEEE 802.1x 8-19
IGMP 34-27
IGMP filtering 20-22
IGMP snooping 20-7
IGMP throttling 20-23
initial switch information 3-3
IP addressing, IP routing 31-4
IP multicast routing 34-9
IP source guard 18-20
Layer 2 interfaces 9-14
Layer 2 protocol tunneling 14-10
MAC address table 6-21
MAC address-table move update 18-4
MSDP 35-4
MSTP 16-15
multi-VRF CE 31-64
MVR 20-18
NTP 6-4
optional spanning-tree features 17-14
OSPF 31-25
password and privilege level 7-2
port security 21-9
RADIUS 7-20
RIP 31-19
RMON 25-3
RSPAN 24-8
SNMP 27-6
default configuration (continued)
SPAN 24-8
SSL 7-44
standard QoS 29-26
storm control 21-3
STP 15-11
system message logging 26-3
system name and prompt 6-15
TACACS+ 7-13
UDLD 23-4
VLAN, Layer 2 Ethernet interfaces 11-19
VLANs 11-7
VMPS 11-29
voice VLAN 13-2
VTP 12-6
WCCP 33-4
default networks 31-75
default routes 31-75
default routing 31-2
deleting VLANs 11-10
denial-of-service attack 21-1
description command 9-18
designing your network, examples 1-10
destination addresses, in ACLs 28-13
detecting indirect link failures, STP 17-10
device B-18
device discovery protocol 22-1
device manager
upgrading a switch B-18
DHCP
Cisco IOS server database
configuring 18-17
default configuration 18-9
described 18-7
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
DHCP-based autoconfiguration (continued)
client side 3-3
DNS 3-6
relay device 3-6
TFTP server 3-6
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-4
relay support 1-8
support for 1-3
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 18-5
configuration guidelines 18-9
default configuration 18-9
displaying 18-18
enabling
relay agent 18-11
relay agent information option 18-11
forwarding address, specifying 18-13
helper address 18-13
overview 18-3
packet format
circuit ID suboption 18-5
remote ID suboption 18-5
policy for reforwarding 18-12
reforwarding policy 18-12
remote ID suboption 18-5
support for 1-3
validating 18-12
DHCP relay agent 18-11
DHCP server 18-11
DHCP snooping
accepting untrusted packets form edge switch 18-3, 18-15
and private VLANs 18-16
binding database
See DHCP snooping binding database
configuration guidelines 18-9
default configuration 18-9
displaying binding tables 18-18
displaying configuration 18-18
message exchange process 18-4
option 82 data insertion 18-3
trusted interface 18-2
untrusted interface 18-2
untrusted messages 18-2
DHCP snooping binding database
adding bindings 18-17
binding file
format 18-7
bindings 18-7
clearing agent statistics 18-18
configuring 18-17
default configuration 18-9
deleting
binding file 18-18
bindings 18-18
database agent 18-18
displaying 18-18
status and statistics 18-18
enabling 18-17
entries 18-2
entry 18-7
renewing database 18-18
resetting
delay value 18-18
timeout value 18-18
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 29-2
Differentiated Services Code Point 29-2
Diffusing Update Algorithm (DUAL) 31-34
directed unicast requests 1-3
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, clusters
Distance Vector Multicast Routing Protocol
distance-vector protocols 31-2
distribute-list command 31-83
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-16
displaying the configuration 6-17
overview 6-15
setting up 6-16
support for 1-3
documentation, related v
document conventions iv
domain names
DNS 6-15
VTP 12-8
Domain Name System
dot1q-tunnel switchport mode