-
Catalyst 3560 Switch Software Configuration Guide, Rel. 12.2(25)SEA
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Assigning the Switch IP Address and Default Gateway
-
Configuring IE2100 CNS Agents
-
Clustering Switches
-
Administering the Switch
-
Configuring SDM Templates
-
Configuring Switch-Based Authentication
-
Configuring 802.1x Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring Smartports Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Private VLANs
-
Configuring Voice VLAN
-
Configuring 802.1Q and Layer 2 Protocol Tunneling
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Flex Links
-
Configuring DHCP Features and IP Source Guard
-
Configuring Dynamic ARP Inspection
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Configuring IP Unicast Routing
-
Configuring IPv6 Unicast Routing
-
Configuring HSRP
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(25)SEA
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
802.1D
802.1Q
and trunk ports 10-3
configuration limitations 12-19
encapsulation 12-16
native VLAN for untagged traffic 12-23
tunneling
compatibility with other features 16-6
defaults 16-4
described 16-1
tunnel ports with other features 16-6
802.1s
802.1w
802.1x
802.3ad
802.3af
802.3z flow control 10-18
A
abbreviating commands 2-3
ABRs 34-24
access-class command 31-20
access control entries
access-denied response, VMPS 12-28
access groups
applying ACLs to interfaces 31-21
IP 31-21
Layer 2 31-21
Layer 3 31-21
access lists
access ports
and Layer 2 protocol tunneling 16-11
defined 10-3
accounting
with RADIUS 8-28
ACEs
and QoS 32-7
defined 31-2
Ethernet 31-2
IP 31-2
ACLs
ACEs 31-2
any keyword 31-13
applying
on bridged packets 31-39
on multicast packets 31-40
on routed packets 31-39
on switched packets 31-38
time ranges to 31-17
to an interface 31-20
to QoS 32-7
classifying traffic for QoS 32-43
comments in 31-19
ACLs (continued)compiling 31-22
configuring with VLAN maps 31-37
extended IP
configuring for QoS classification 32-45
creating 31-10
matching criteria 31-7
hardware and software handling 31-22
host keyword 31-13
IP
applying to interfaces 31-20
creating 31-7
fragments and QoS guidelines 32-34
implicit deny 31-9, 31-14, 31-16
implicit masks 31-9
matching criteria 31-7
named 31-15
terminal lines, setting on 31-20
undefined 31-21
violations, logging 31-16
limiting actions 31-38
logging messages 31-10
log keyword 31-16
monitoring 31-41
named 31-15
number per QoS class map 32-34
numbers 31-7
port 31-2
precedence of 31-2
resequencing entries 31-15
router 31-2
ACLs (continued)standard IP
configuring for QoS classification 32-44
creating 31-9
matching criteria 31-7
supported features 31-22
support for 1-6
time ranges 31-17
unsupported features 31-6
using router ACLs with VLAN maps 31-37
VLAN maps
configuration guidelines 31-31
configuring 31-30
active links 20-1
active router 36-1
address aliasing 23-2
addresses
displaying the MAC address table 6-27
dynamic
accelerated aging 17-8
changing the aging time 6-21
default aging 17-8
defined 6-20
learning 6-20
removing 6-22
MAC, discovering 6-27
multicast
group address range 37-3
STP address management 17-8
static
adding and removing 6-24
defined 6-20
Address Resolution Protocol
adjacency tables, with CEF 34-60
administrative distances
defined 34-71
OSPF 34-30
routing protocol defaults 34-62
advanced IP services image 1-1, 35-1
advertisements
CDP 25-1
RIP 34-19
aggregatable global unicast addresses 35-3
aggregate addresses, BGP 34-54
aggregated ports
aggregate policers 32-58
aggregate policing 1-8
aging, accelerating 17-8
aging time
accelerated
for MSTP 18-20
MAC address table 6-21
maximum
for MSTP 18-21
for STP 17-21
alarms, RMON 28-3
allowed-VLAN list 12-21
area border routers
ARP
configuring 34-8
encapsulation 34-10
static cache configuration 34-8
table
address resolution 6-27
managing 6-27
ASBRs 34-24
AS-path filters, BGP 34-49
asymmetrical links, and 802.1Q tunneling 16-4
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-29
audience xxxvii
authentication
EIGRP 34-37
HSRP 36-9
local mode with AAA 8-36
NTP associations 6-5
RADIUS
key 8-21
login 8-23
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authentication keys, and routing protocols 34-72
authoritative time source, described 6-2
authorization
with RADIUS 8-27
authorized ports with 802.1x 9-4
autoconfiguration 3-3
automatic QoS
autonegotiation
duplex mode 1-3
interface configuration guidelines 10-16
mismatches 40-11
autonomous system boundary routers
autonomous systems, in BGP 34-43
Auto-RP, described 37-5
autosensing, port speed 1-3
auxiliary VLAN
availability, features 1-5
B
BackboneFast
described 19-5
disabling 19-14
enabling 19-13
support for 1-5
backup interfaces
backup links 20-1
banners
configuring
login 6-19
message-of-the-day login 6-18
default configuration 6-18
when displayed 6-18
BGP
aggregate addresses 34-54
aggregate routes, configuring 34-54
CIDR 34-54
clear commands 34-58
community filtering 34-51
configuring neighbors 34-53
default configuration 34-41
described 34-40
enabling 34-43
monitoring 34-58
multipath support 34-46
neighbors, types of 34-43
path selection 34-46
peers, configuring 34-53
prefix filtering 34-50
resetting sessions 34-45
route dampening 34-57
route maps 34-48
route reflectors 34-56
routing domain confederation 34-55
show commands 34-58
supernets 34-54
BGP (continued)support for 1-8
Version 4 34-40
binding cluster group and HSRP group 36-11
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 21-5
DHCP snooping database 21-6
IP source guard 21-14
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-6
booting
boot loader, function of 3-2
boot process 3-2
manually 3-13
specific image 3-13
boot loader
accessing 3-14
described 3-2
environment variables 3-14
prompt 3-14
trap-door mechanism 3-2
bootstrap router (BSR), described 37-5
Border Gateway Protocol
BPDU
error-disabled state 19-2
filtering 19-3
RSTP format 18-9
BPDU filtering
described 19-3
disabling 19-12
enabling 19-12
support for 1-5
BPDU guard
described 19-2
disabling 19-11
enabling 19-11
support for 1-5
bridged packets, ACLs on 31-39
bridge groups
bridge protocol data unit
broadcast flooding 34-16
broadcast packets
directed 34-13
flooded 34-13
broadcast storm-control command 24-4
C
cables, monitoring for unidirectional links 26-1
candidate switch
defined 5-3
requirements 5-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 8-44
defined 8-42
caution, described xxxviii
CDP
and trusted boundary 32-40
configuring 25-2
default configuration 25-2
described 25-1
disabling for routing device 25-3 to 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
Layer 2 protocol tunneling 16-8
CDP (continued)monitoring 25-5
overview 25-1
power negotiation extensions 10-6
support for 1-4
transmission timer and holdtime, setting 25-2
updates 25-2
CEF
defined 34-59
enabling 34-60
IPv6 35-14
CGMP
as IGMP snooping learning method 23-8
clearing cached group entries 37-49
enabling server support 37-32
joining multicast group 23-3
overview 37-7
server support only 37-7
switch support of 1-3
CIDR 34-54
CipherSuites 8-43
Cisco 7960 IP Phone 15-1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco intelligent power management 10-6
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco Network Assistant
Cisco Networking Services
classless interdomain routing
classless routing 34-6
class maps for QoS
configuring 32-47
described 32-7
displaying 32-78
class of service
clearing interfaces 10-25
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 5-3
no and default forms of commands 2-4
client mode, VTP 13-3
clock
cluster requirements xxxix
clusters, switch
benefits 1-2
described 5-1
managing
through CLI 5-3
through SNMP 5-4
clusters, switch (continued)planning considerations
CLI 5-3
SNMP 5-4
See also Getting Started with Cisco Network Assistant
cluster standby group
and HSRP group 36-11
requirements 5-2
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 8-8
command switch
configuration conflicts 40-11
defined 5-2
password privilege levels 5-4
recovery
from command-switch failure 40-7
from lost member connectivity 40-11
replacing
with another switch 40-10
with cluster member 40-8
requirements 5-2
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 34-52
community ports 14-2
community strings
configuring 30-8
for cluster switches 30-4
overview 30-4
compatibility, feature 24-11
config.text 3-12
configuration, initial
defaults 1-10
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration conflicts, recovering from lost member connectivity 40-11
configuration examples, network 1-12
configuration files
clearing the startup configuration B-18
creating using a text editor B-9
default name 3-12
deleting a stored configuration B-18
described B-8
downloading
automatically 3-12
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-10
guidelines for creating and using B-8
invalid combinations when copying B-5
limiting TFTP server access 30-15
obtaining with DHCP 3-7
password recovery disable considerations 8-5
specifying the filename 3-12
system contact and location information 30-14
types and location B-9
uploading
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
configuration settings, saving 3-10
configure terminal command 10-10
conflicts, configuration 40-11
connections, secure remote 8-38
connectivity problems 40-13, 40-15, 40-16
consistency checks in VTP Version 2 13-4
console port, connecting to 2-9
conventions
command xxxviii
for examples xxxviii
publication xxxviii
text xxxviii
corrupted software, recovery steps with Xmodem 40-2
CoS
in Layer 2 frames 32-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 32-17
CoS output queue threshold map for QoS 32-20
CoS-to-DSCP map for QoS 32-60
counters, clearing interface 10-25
crashinfo file 40-23
cryptographic software image
Kerberos 8-32
SSH 8-37
SSL 8-41
CWDM SFPs 1-17
D
daylight saving time 6-13
debugging
enabling all system diagnostics 40-20
enabling for a specific feature 40-19
redirecting error message output 40-20
using commands 40-19
default commands 2-4
default configuration
802.1Q tunneling 16-4
802.1x 9-10
auto-QoS 32-21
banners 6-18
default configuration (continued)BGP 34-41
booting 3-12
CDP 25-2
DHCP 21-7
DHCP option 82 21-7
DHCP snooping 21-7
DHCP snooping binding database 21-8
DNS 6-16
dynamic ARP inspection 22-5
EIGRP 34-34
EtherChannel 33-8
fallback bridging 39-3
Flex Links 20-2
HSRP 36-5
IGMP 37-26
IGMP filtering 23-21
IGMP snooping 23-6
IGMP throttling 23-21
initial switch information 3-3
IP addressing, IP routing 34-4
IP multicast routing 37-8
IP source guard 21-15
IPv6 35-9
Layer 2 interfaces 10-14
Layer 2 protocol tunneling 16-11
MAC address table 6-21
MSDP 38-4
MSTP 18-12
MVR 23-16
NTP 6-4
optional spanning-tree configuration 19-9
OSPF 34-25
password and privilege level 8-2
PIM 37-8
private VLANs 14-6
RADIUS 8-20
RIP 34-20
RMON 28-3
default configuration (continued)
RSPAN 27-9
SDM template 7-3
SNMP 30-6
SPAN 27-9
SSL 8-44
standard QoS 32-32
STP 17-11
system message logging 29-3
system name and prompt 6-15
TACACS+ 8-13
UDLD 26-4
VLAN, Layer 2 Ethernet interfaces 12-19
VLANs 12-8
VMPS 12-29
voice VLAN 15-3
VTP 13-6
default networks 34-62
default routes 34-62
default routing 34-2
deleting VLANs 12-10
description command 10-21
designing your network, examples 1-12
destination addresses, in ACLs 31-12
destination-IP address-based forwarding, EtherChannel 33-7
destination-MAC address forwarding, EtherChannel 33-6
detecting indirect link failures, STP 19-5
device B-18
device discovery protocol 25-1
device manager
benefits 1-2
in-band management 1-5
requirements xxxviii
upgrading a switch B-18
DHCP
Cisco IOS server database
configuring 21-12
default configuration 21-7
described 21-5
enabling
relay agent 21-9
server 21-9
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
server-side 21-9
TFTP server 3-5
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-4
support for 1-4
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 21-5
configuration guidelines 21-8
default configuration 21-7
displaying 21-14
forwarding address, specifying 21-10
helper address 21-10
overview 21-3
DHCP option 82 (continued)packet format, suboption
circuit ID 21-5
remote ID 21-5
remote ID suboption 21-5
DHCP snooping
accepting untrusted packets form edge switch 21-3, 21-11
and private VLANs 21-12
binding database
See DHCP snooping binding database
configuration guidelines 21-8
default configuration 21-7
displaying binding tables 21-14
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-13
binding file
format 21-6
location 21-6
bindings 21-6
clearing agent statistics 21-13
configuration guidelines 21-9
configuring 21-13
default configuration 21-7, 21-8
deleting
binding file 21-13
bindings 21-13
database agent 21-13
described 21-5
displaying 21-14
binding entries 21-14
status and statistics 21-14
enabling 21-13
entry 21-6
DHCP snooping binding database (continued)renewing database 21-13
resetting
delay value 21-13
timeout value 21-13
updating process 21-6
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 32-2
Differentiated Services Code Point 32-2
Diffusing Update Algorithm (DUAL) 34-33
directed unicast requests 1-4
directories
changing B-3
creating and removing B-4
displaying the working B-3
Distance Vector Multicast Routing Protocol
distance-vector protocols 34-3
distribute-list command 34-70
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-16
displaying the configuration 6-17
in IPv6 35-4
overview 6-16
setting up 6-17
support for 1-4
documentation, related xxxviii
document conventions xxxviii
domain names
DNS 6-16
VTP 13-8
Domain Name System
dot1q-tunnel switchport mode 12-18
double-tagged packets
802.1Q tunneling 16-2
Layer 2 protocol tunneling 16-10
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-10
image files
deleting old image B-22
reasons for B-19
using CMS 1-2
using FTP B-25
using Network Assistant 1-2
using RCP B-30
using TFTP B-21
using the device manager or Network Assistant B-18
drop threshold for Layer 2 protocol packets 16-11
DSCP input queue threshold map for QoS 32-17
DSCP output queue threshold map for QoS 32-20
DSCP-to-CoS map for QoS 32-63
DSCP-to-DSCP-mutation map for QoS 32-64
DSCP transparency 32-40
DUAL finite state machine, EIGRP 34-33
dual IPv4 and IPv6 templates 7-2, 35-7
dual protocol stacks
configuring 35-12
IPv4 and IPv6 35-7
SDM templates supporting 35-8
duplex mode, configuring 10-15
DVMRP
autosummarization
configuring a summary address 37-46
disabling 37-48
connecting PIM domain to DVMRP router 37-38
enabling unicast routing 37-42
DVMRP (continued)interoperability
with Cisco devices 37-36
with Cisco IOS software 37-7
mrinfo requests, responding to 37-41
neighbors
advertising the default route to 37-40
discovery with Probe messages 37-36
displaying information 37-41
prevent peering with nonpruning 37-44
rejecting nonpruning 37-42
overview 37-7
routes
adding a metric offset 37-48
advertising all 37-48
advertising the default route to neighbors 37-40
caching DVMRP routes learned in report messages 37-42
changing the threshold for syslog messages 37-45
deleting 37-49
displaying 37-50
favoring one over another 37-48
limiting the number injected into MBONE 37-45
limiting unicast route advertisements 37-36
routing table 37-7
source distribution tree, building 37-7
support for 1-9
tunnels
configuring 37-38