-
Catalyst 3750 Switch Software Configuration Guide, 12.2(20)SE
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Getting Started with CMS
-
Assigning the Switch IP Address and Default Gateway
-
Managing Switch Stacks
-
Clustering Switches
-
Administering the Switch
-
Configuring SDM Templates
-
Configuring Switch-Based Authentication
-
Configuring 802.1x Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring Smartports Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Private VLANs
-
Configuring Voice VLAN
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Flex Links
-
Configuring DHCP Features and IP Source Guard
-
Configuring Dynamic ARP Inspection
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Configuring IP Unicast Routing
-
Configuring HSRP
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(20)SE
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
10-Gigabit Ethernet interfaces
configuration guidelines 11-14
defined 11-4
802.1D
802.1Q
and trunk ports 11-3
configuration limitations 13-19
encapsulation 13-17
native VLAN for untagged traffic 13-23
802.1s
802.1w
802.1x
802.3ad
802.3af
802.3z flow control 11-17
A
abbreviating commands 2-3
ABRs 34-25
AC (command switch) 6-10, 6-20
access-class command 31-20
access control entries
access-denied response, VMPS 13-28
access groups
applying ACLs to interfaces 31-21
IP 31-21
Layer 2 31-21
Layer 3 31-21
accessing
clusters, switch 6-13
command switches 6-11
member switches 6-13
stack members 5-19
switch clusters 6-13
access lists
access ports
defined 11-3
in switch clusters 6-9
accounting
with RADIUS 9-28
ACEs
and QoS 32-7
defined 31-2
Ethernet 31-2
IP 31-2
ACLs
ACEs 31-2
any keyword 31-13
ACLs (continued)applying
on bridged packets 31-38
on multicast packets 31-40
on routed packets 31-39
on switched packets 31-38
time ranges to 31-17
to an interface 31-20
to QoS 32-7
classifying traffic for QoS 32-38
comments in 31-19
compiling 31-22
configuring with VLAN maps 31-37
extended IP
configuring for QoS classification 32-40
creating 31-11
matching criteria 31-7
hardware and software handling 31-22
host keyword 31-13
IP
applying to an interface 31-20
applying to interfaces 31-20
creating 31-7
fragments and QoS guidelines 32-31
implicit deny 31-10, 31-14, 31-16
implicit masks 31-10
matching criteria 31-7
named 31-15
terminal lines, setting on 31-19
undefined 31-21
violations, logging 31-16
limiting actions 31-38
logging messages 31-10
log keyword 31-16
monitoring 31-40
ACLs (continued)named 31-15
number per QoS class map 32-31
numbers 31-7
port 31-2
precedence of 31-2
resequencing entries 31-15
router 31-2
standard IP
configuring for QoS classification 32-39
creating 31-9
matching criteria 31-7
supported features 31-22
support for 1-7
time ranges 31-17
unsupported features 31-6
using router ACLs with VLAN maps 31-37
VLAN maps
configuration guidelines 31-30
configuring 31-30
active links 20-1
active router 35-1
address aliasing 23-2
addresses
displaying the MAC address table 7-28
dynamic
accelerated aging 17-9
changing the aging time 7-22
default aging 17-9
defined 7-20
learning 7-21
removing 7-23
MAC, discovering 7-28
multicast
group address range 36-3
STP address management 17-9
addresses (continued)static
adding and removing 7-25
defined 7-20
Address Resolution Protocol
adjacency tables, with CEF 34-61
administrative distances
defined 34-72
OSPF 34-31
routing protocol defaults 34-63
advertisements
CDP 25-1
RIP 34-20
aggregate addresses, BGP 34-56
aggregated ports
aggregate policers 32-47
aggregate policing 1-8
aging, accelerating 17-9
aging time
accelerated
for MSTP 18-21
MAC address table 7-22
maximum
for MSTP 18-22
for STP 17-23
alarms, RMON 28-3
allowed-VLAN list 13-21
area border routers
ARP
configuring 34-10
encapsulation 34-11
static cache configuration 34-10
table
address resolution 7-28
managing 7-28
ASBRs 34-25
AS-path filters, BGP 34-50
attributes, RADIUS
vendor-proprietary 9-31
vendor-specific 9-29
audience xxxv
authentication
EIGRP 34-38
HSRP 35-9
local mode with AAA 9-36
NTP associations 7-5
RADIUS
key 9-21
login 9-23
See also port-based authentication
TACACS+
defined 9-11
key 9-13
login 9-14
authentication keys, and routing protocols 34-73
authoritative time source, described 7-2
authorization
with RADIUS 9-27
authorized ports with 802.1x 10-4
autoconfiguration 4-3
automatic discovery
adding member switches 6-18
considerations
beyond a noncandidate device 6-8
brand new switches 6-9
connectivity 6-5
different VLANs 6-7
management VLANs 6-7
non-CDP-capable devices 6-6
noncluster-capable devices 6-6
routed ports 6-8
creating a cluster standby group 6-20
in switch clusters 6-5
automatic QoS
automatic recovery, clusters 6-10
autonegotiation
duplex mode 1-3
interface configuration guidelines 11-15
mismatches 39-13
autonomous system boundary routers
autonomous systems, in BGP 34-44
Auto-RP, described 36-5
autosensing, port speed 1-3
auxiliary VLAN
availability, features 1-5
B
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
support for 1-5
backup interfaces
backup links 20-1
banners
configuring
login 7-20
message-of-the-day login 7-19
default configuration 7-18
when displayed 7-18
BGP
aggregate addresses 34-56
aggregate routes, configuring 34-56
CIDR 34-56
clear commands 34-59
community filtering 34-52
configuring neighbors 34-54
default configuration 34-42
described 34-41
enabling 34-44
monitoring 34-59
multipath support 34-47
neighbors, types of 34-44
path selection 34-47
peers, configuring 34-54
prefix filtering 34-51
resetting sessions 34-46
route dampening 34-58
route maps 34-49
route reflectors 34-57
routing domain confederation 34-56
show commands 34-59
supernets 34-56
support for 1-8
Version 4 34-41
binding cluster group and HSRP group 35-11
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 21-5
DHCP snooping database 21-5
IP source guard 21-15
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-13
boot loader
accessing 4-14
described 4-2
environment variables 4-14
prompt 4-14
trap-door mechanism 4-2
bootstrap router (BSR), described 36-5
Border Gateway Protocol
BPDU
error-disabled state 19-3
filtering 19-3
RSTP format 18-10
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
support for 1-6
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
support for 1-6
bridged packets, ACLs on 31-38
bridge groups
bridge protocol data unit
broadcast flooding 34-17
broadcast packets
directed 34-14
flooded 34-14
broadcast storm-control command 24-3
C
cables, monitoring for unidirectional links 26-1
candidate switch
adding 6-18
automatic discovery 6-5
defined 6-4
HC 6-21
passwords 6-19
requirements 6-4
standby group 6-20
See also command switch, cluster standby group, and member switch
caution, described xxxvi
CC (command switch) 6-21
CDP
and trusted boundary 32-36
automatic discovery in switch clusters 6-5
configuring 25-2
default configuration 25-2
CDP (continued)described 25-1
disabling for routing device 25-3 to 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
monitoring 25-5
overview 25-1
support for 1-5
switch stack considerations 25-2
transmission timer and holdtime, setting 25-2
updates 25-2
CEF 34-60
CGMP
as IGMP snooping learning method 23-8
clearing cached group entries 36-51
enabling server support 36-33
joining multicast group 23-3
overview 36-7
server support only 36-7
switch support of 1-4
CIDR 34-56
Cisco 7960 IP Phone 16-1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco StackWise technology 1-3
classless interdomain routing
classless routing 34-7
class maps for QoS
configuring 32-42
described 32-7
displaying 32-67
class of service
clearing interfaces 11-25
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 6-23
no and default forms of commands 2-4
client mode, VTP 14-3
clock
Cluster Management Suite
cluster requirements
clusters, switch
accessing 6-13
adding member switches 6-18
automatic discovery 6-5
automatic recovery 6-10
benefits 1-2
command switch configuration 6-17
clusters, switch (continued)compatibility 6-4
creating 6-17
creating a cluster standby group 6-20
described 6-1
LRE profile considerations 6-17
managing
through CLI 6-23
through SNMP 6-24
planning 6-4
planning considerations
automatic discovery 6-5
automatic recovery 6-10
CLI 6-23
host names 6-13
IP addresses 6-13
LRE profiles 6-17
passwords 6-14
RADIUS 6-16
switch-specific features 6-17
switch stacks 6-14
TACACS+ 6-16
redundancy 6-20
troubleshooting 6-22
verifying 6-22
cluster standby group
and HSRP group 35-11
automatic recovery 6-12
considerations 6-11
creating 6-20
defined 6-2
requirements 6-3
virtual IP address 6-11
CMS
benefits 1-2
configuration modes 3-5
downloading image files 1-2, 3-16, B-20
Front Panel view, described 3-2
operating systems and supported browsers 3-9
privilege levels 3-7
Topology view 3-15
wizards 3-6
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 9-8
command switch
accessing 6-11
command switch with HSRP disabled (CC) 6-21
configuration conflicts 39-12
defined 6-2
enabling 6-17
password privilege levels 6-23
priority 6-10
recovery
from command-switch failure 6-10, 39-9
from lost member connectivity 39-12
replacing
with another switch 39-11
with cluster member 39-9
command switch (continued)requirements 6-3
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 34-53
community ports 15-2
community strings
for cluster switches 30-4
in clusters 6-14
overview 30-4
SNMP 6-14
compatibility, software
config.text 4-12
configuration, initial
defaults 1-10
setup (CLI) program 1-10
See also hardware installation guide
configuration conflicts, recovering from lost member connectivity 39-12
configuration examples, network 1-12
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 4-12
deleting a stored configuration B-19
described B-8
downloading
automatically 4-12
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
configuration files (continued)guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 30-16
obtaining with DHCP 4-7
password recovery disable considerations 9-5
specifying the filename 4-12
system contact and location information 30-15
types and location B-9
uploading
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
configuration modes, CMS 3-5
configuration settings, saving 4-10
configure terminal command 11-8
conflicts, configuration 39-12
connections, secure remote 9-38
connectivity problems 39-14, 39-16, 39-17
consistency checks in VTP Version 2 14-4
console port, connecting to 2-9
conventions
command xxxvi
for examples xxxvi
publication xxxvi
text xxxvi
corrupted software, recovery steps with Xmodem 39-2
CoS
in Layer 2 frames 32-2
override priority 16-6
trust priority 16-6
CoS input queue threshold map for QoS 32-14
CoS output queue threshold map for QoS 32-17
CoS-to-DSCP map for QoS 32-50
counters, clearing interface 11-25
crashinfo file 39-25
cross-stack EtherChannel
configuration guidelines 33-12
configuring
on Layer 2 interfaces 33-12
on Layer 3 physical interfaces 33-16
described 33-2
illustration 33-3
support for 1-5
cross-stack UplinkFast, STP
described 19-5
disabling 19-16
enabling 19-16
fast-convergence events 19-7
Fast Uplink Transition Protocol 19-6
normal-convergence events 19-7
support for 1-5
cryptographic software image
Kerberos 9-32
SSH 9-37
switch stack considerations 5-2, 5-14, 9-38
CWDM SFPs 1-22
D
daylight saving time 7-13
debugging
enabling all system diagnostics 39-22
enabling for a specific feature 39-22
redirecting error message output 39-22
using commands 39-21
default commands 2-4
default configuration
802.1x 10-11
auto-QoS 32-18
banners 7-18
default configuration (continued)BGP 34-42
booting 4-12
CDP 25-2
DHCP 21-7
DHCP option 82 21-7
DHCP snooping 21-7
DHCP snooping binding database 21-7
DNS 7-17
dynamic ARP inspection 22-5
EIGRP 34-35
EtherChannel 33-10
fallback bridging 38-4
Flex Links 20-2
HSRP 35-4
IGMP 36-27
IGMP filtering 23-20
IGMP snooping 23-6
IGMP throttling 23-20
initial switch information 4-3
IP addressing, IP routing 34-5
IP multicast routing 36-8
IP source guard 21-16
Layer 2 interfaces 11-12
MAC address table 7-22
MSDP 37-4
MSTP 18-13
MVR 23-15
NTP 7-4
optional spanning-tree configuration 19-12
OSPF 34-26
password and privilege level 9-2
PIM 36-8
private VLANs 15-7
RADIUS 9-20
RIP 34-20
RMON 28-3
default configuration (continued)RSPAN 27-11
SNMP 30-7
SPAN 27-11
standard QoS 32-29
STP 17-13
switch stacks 5-17
system message logging 29-4
system name and prompt 7-15
TACACS+ 9-13
UDLD 26-4
VLAN, Layer 2 Ethernet interfaces 13-19
VLANs 13-8
VMPS 13-29
voice VLAN 16-3
VTP 14-7
default networks 34-64
default routes 34-63
default routing 34-2
deleting VLANs 13-11
description command 11-20
designing your network, examples 1-12
destination addresses, in ACLs 31-12
destination-IP address-based forwarding, EtherChannel 33-8
destination-MAC address forwarding, EtherChannel 33-8
detecting indirect link failures, STP 19-8
device discovery protocol 25-1
Device Manager 3-9
DHCP
Cisco IOS server database
configuring 21-12
default configuration 21-7
described 21-5
enabling
relay agent 21-9
server 21-8
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-6
relay device 4-6
server side 4-5
server-side 21-8
TFTP server 4-5
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
overview 4-3
relationship to BOOTP 4-4
support for 1-4
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 21-4
configuration guidelines 21-8
default configuration 21-7
displaying 21-14
forwarding address, specifying 21-9
helper address 21-9
overview 21-3
packet format, suboption
circuit ID 21-4
remote ID 21-4
remote ID suboption 21-4
DHCP snooping
and private VLANs 21-12
binding database
See DHCP snooping binding database
configuration guidelines 21-8
default configuration 21-7
DHCP snooping (continued)displaying binding database 21-14
displaying configuration 21-14
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-12
binding file
format 21-6
location 21-5
bindings 21-5
clearing agent statistics 21-13
configuration guidelines 21-8
configuring 21-12
default configuration 21-7
deleting
binding file 21-13
bindings 21-13
database agent 21-13
described 21-5
displaying
binding entries 21-14
status and statistics 21-15
enabling 21-12
entry 21-5
renewing database 21-13
resetting
delay value 21-13
timeout value 21-13
updating process 21-6
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 32-2
Differentiated Services Code Point 32-2
Diffusing Update Algorithm (DUAL) 34-34
directed unicast requests 1-4
directories
changing B-4
creating and removing B-4
displaying the working B-4
discovery, clusters
Distance Vector Multicast Routing Protocol
distance-vector protocols 34-3
distribute-list command 34-72
DNS
and DHCP-based autoconfiguration 4-6
default configuration 7-17
displaying the configuration 7-18
overview 7-16
setting up 7-17
support for 1-4
documentation, related xxxvii
document conventions xxxvi
domain names
DNS 7-16
VTP 14-8
Domain Name System
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
downloading (continued)image files
deleting old image B-24
reasons for B-20
using FTP B-26
using RCP B-31
using TFTP B-23
DSCP input queue threshold map for QoS 32-14
DSCP output queue threshold map for QoS 32-17
DSCP-to-CoS map for QoS 32-52
DSCP-to-DSCP-mutation map for QoS 32-53
DUAL finite state machine, EIGRP 34-34
duplex mode, configuring 11-14
DVMRP
autosummarization
configuring a summary address 36-47
disabling 36-49
connecting PIM domain to DVMRP router 36-39
enabling unicast routing 36-43
interoperability
with Cisco devices 36-37
with Cisco IOS software 36-7
mrinfo requests, responding to 36-42
neighbors
advertising the default route to 36-41
discovery with Probe messages 36-37
displaying information 36-42
prevent peering with nonpruning 36-45
rejecting nonpruning 36-43
overview 36-7
DVMRP (continued)routes
adding a metric offset 36-49
advertising all 36-49
advertising the default route to neighbors 36-41
caching DVMRP routes learned in report messages 36-43
changing the threshold for syslog messages 36-46
deleting 36-51
displaying 36-51
favoring one over another 36-49
limiting the number injected into MBONE 36-46
limiting unicast route advertisements 36-37
routing table 36-7
source distribution tree, building 36-7
support for 1-9
tunnels
configuring 36-39
displaying neighbor information 36-42
dynamic access ports
characteristics 13-4
configuring 13-30
defined 11-3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
clearing
log buffer 22-15
statistics 22-15
configuration guidelines 22-6
configuring
ACLs for non-DHCP environments 22-8
in DHCP environments 22-7
log buffer 22-12
rate limit for incoming ARP packets 22-4, 22-10
dynamic ARP inspection (continued)default configuration 22-5
denial-of-service attacks, preventing 22-10
described 22-1
DHCP snooping binding database 22-2
displaying
ARP ACLs 22-14
configuration and operating state 22-14
log buffer 22-15
statistics 22-15
trust state and rate limit 22-14
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
log buffer
clearing 22-15
configuring 22-12
displaying 22-15
logging of dropped packets, described 22-4
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
rate limiting of ARP packets
configuring 22-10
described 22-4
error-disabled state 22-4
statistics
clearing 22-15
displaying 22-15
validation checks, performing 22-11
dynamic auto trunking mode 13-18
dynamic desirable trunking mode 13-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 13-28
reconfirming 13-31
troubleshooting 13-33
types of connections 13-30
dynamic routing 34-3
Dynamic Trunking Protocol
E
EBGP 34-40
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EIGRP
and IGRP 34-36
authentication 34-38
components 34-34
configuring 34-36
default configuration 34-35
definition 34-34
interface parameters, configuring 34-37
monitoring 34-39
support for 1-8
elections
enable password 9-4
enable secret password 9-4
encryption for passwords 9-4
Enhanced IGRP
environment variables, function of 4-15
error messages during command entry 2-4
EtherChannel
802.3ad, described 33-6
automatic creation of 33-5, 33-6
channel groups
binding physical and logical interfaces 33-4
numbering of 33-4
configuration guidelines 33-11
configuring
Layer 2 interfaces 33-12
Layer 3 physical interfaces 33-16
Layer 3 port-channel logical interfaces 33-15
default configuration 33-10
described 33-2
displaying status 33-23
forwarding methods 33-7, 33-18
interaction
with STP 33-11
with VLANs 33-12
LACP
described 33-6
displaying status 33-23
hot-standby ports 33-20
interaction with other features 33-7
modes 33-7
port priority 33-22
system priority 33-21
Layer 3 interface 34-4
logical interfaces, described 33-4
PAgP
aggregate-port learners 33-19
compatibility with Catalyst 1900 33-19
described 33-5
displaying status 33-23
interaction with other features 33-6
learn method and priority configuration 33-19
modes 33-5
support for 1-3
EtherChannel (continued)port-channel interfaces
described 33-4
numbering of 33-4
port groups 11-5
stack changes, effects of 33-9
support for 1-3
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
Ethernet VLANs
adding 13-9
defaults and ranges 13-8
modifying 13-9
events, RMON 28-3
examples
conventions for xxxvi
network configuration 1-12
expedite queue for QoS 32-66
expert mode 3-6
See also hardware installation guide
extended-range VLANs
configuration guidelines 13-13
configuring 13-12
creating 13-14
defined 13-1
extended system ID
MSTP 18-15
Extensible Authentication Protocol over LAN 10-1
external BGP
external neighbors, BGP 34-44
F
failover support 1-5
fallback bridging
and protected ports 38-4
bridge groups
creating 38-4
described 38-2
displaying 38-11
function of 38-2
number supported 38-5
removing 38-5
bridge table
clearing 38-11
displaying 38-11
configuration guidelines 38-4
connecting interfaces with 11-7
default configuration 38-4
described 38-1
frame forwarding
flooding packets 38-2
forwarding packets 38-2
overview 38-1
protocol, unsupported 38-4
stack changes, effects of 38-3
STP
disabling on an interface 38-11
forward-delay interval 38-10
hello BPDU interval 38-9
interface priority 38-7
keepalive messages 17-2
maximum-idle interval 38-10
path cost 38-8
VLAN-bridge spanning-tree priority 38-7
VLAN-bridge STP 38-2
support for 1-8
SVIs and routed ports 38-1
unsupported protocols 38-4
VLAN-bridge STP 17-12
Fast Uplink Transition Protocol 19-6
FIB 34-60
fiber-optic, detecting unidirectional links 26-1
files
copying B-5
crashinfo
description 39-25
displaying the contents of 39-25
location 39-25
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-5
setting the default B-3
filtering
in a VLAN 31-30
non-IP traffic 31-27
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 20-2
configuring 20-3
default configuration 20-2
description 20-1
monitoring 20-3
flooded traffic, blocking 24-6
flow-based packet classification 1-7
flowcharts
QoS classification 32-6
QoS egress queueing and scheduling 32-15
QoS ingress queueing and scheduling 32-13
QoS policing and marking 32-9
forward-delay time
MSTP 18-21
STP 17-23
Forwarding Information Base
forwarding nonroutable protocols 38-1
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-15
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-5
get-request operation 30-3, 30-5
get-response operation 30-3
Gigabit modules
global configuration mode 2-2
guest VLAN and 802.1x 10-8
guide
audience xxxv
purpose of xxxv
H
hardware limitations and Layer 3 interfaces 11-21
HC (candidate switch) 6-21
hello time
MSTP 18-20
STP 17-22
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 29-10
host names
abbreviations appended to 6-20
in clusters 6-13
host ports
configuring 15-11
kinds of 15-2
hosts, limit on dynamic ports 13-33
Hot Standby Router Protocol
HP OpenView 1-4
HSRP
authentication string 35-9
automatic cluster recovery 6-12
binding to cluster group 35-11
cluster standby group considerations 6-11
command-switch redundancy 1-1, 1-5
configuring 35-3
default configuration 35-4
definition 35-1
guidelines 35-4
monitoring 35-11
overview 35-1
priority 35-6
routing redundancy 1-8
support for ICMP redirect messages 35-10 to 35-11
HSRP (continued)switch stack considerations 35-2
timers 35-9
tracking 35-6
See also clusters, cluster standby group, and standby command switch
I
IBPG 34-40
ICMP
redirect messages 34-12
support for 1-9
time-exceeded messages 39-18
traceroute and 39-18
unreachable messages 31-20
unreachables and ACLs 31-22
ICMP ping
executing 39-15
overview 39-14
ICMP Router Discovery Protocol
IDS appliances
and ingress RSPAN 27-21
and ingress SPAN 27-15
IEEE 802.1p 16-1
ifIndex values, SNMP 30-6
IFS 1-5
IGMP
configuring the switch
as a member of a group 36-27
statically connected member 36-32
controlling access to groups 36-28
default configuration 36-27
deleting cache entries 36-51
displaying groups 36-51
fast switching 36-32
host-query interval, modifying 36-30
joining multicast group 23-3
IGMP (continued)join messages 23-3
leave processing, enabling 23-11
leaving multicast group 23-5
multicast reachability 36-27
overview 36-2
queries 23-4
report suppression
described 23-5
disabling 23-11
support for 1-4
Version 1
changing to Version 2 36-29
described 36-3
Version 2
changing to Version 1 36-29
described 36-3
maximum query response time value 36-31
pruning groups 36-31
query timeout value 36-31
IGMP filtering
configuring 23-21
default configuration 23-20
described 23-19
monitoring 23-25
support for 1-4
IGMP groups
configuring filtering 23-23
setting the maximum number 23-23
IGMP profile
applying 23-22
configuration mode 23-21
configuring 23-21
IGMP snooping
and address aliasing 23-2
and stack changes 23-6
configuring 23-6
default configuration 23-6
definition 23-1
IGMP snooping (continued)enabling and disabling 23-7
global configuration 23-7
Immediate Leave 23-5
in the switch stack 23-6
method 23-7
monitoring 23-12
support for 1-4
VLAN configuration 23-7
IGMP throttling
configuring 23-23
default configuration 23-20
described 23-20
displaying action 23-25
IGP 34-25
IGRP
split horizon 34-24
support for 1-8
Immediate Leave, IGMP
described 23-5
enabling 23-11
initial configuration
defaults 1-10
setup (CLI) program 1-10
See also hardware installation guide
interface
number 11-7
range macros 11-10
interface command 11-7 to 11-8
interface configuration mode 2-2
interfaces
configuration guidelines
10-Gigabit Ethernet 11-14
duplex and speed 11-15
configuring
duplex mode 11-14
procedure 11-8
speed 11-14
interfaces (continued)counters, clearing 11-25
described 11-20
descriptive name, adding 11-20
displaying information about 11-24
flow control 11-17
management 1-4
monitoring 11-24
naming 11-20
physical, identifying 11-7
range of 11-9
restarting 11-25
shutting down 11-25
status 11-24
supported 11-7
types of 11-1
interfaces range macro command 11-10
interface types 11-7
Interior Gateway Protocol
Interior Gateway Routing Protocol
internal BGP
internal neighbors, BGP 34-44
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link
Intrusion Detection System
inventory, cluster 6-22
ip access group command 31-21
IP ACLs
applying to an interface 31-20
extended, creating 31-11
for QoS classification 32-7
implicit deny 31-10, 31-14, 31-16
implicit masks 31-10
logging 31-16
named 31-15
standard, creating 31-9
undefined 31-21
virtual terminal lines, setting on 31-19
IP addresses
classes of 34-6
cluster access 6-2
command switch 6-3, 6-11, 6-13
default configuration 34-5
discovering 7-28
for IP routing 34-5
MAC address association 34-9
monitoring 34-18
redundant clusters 6-11
standby command switch 6-11, 6-13
IP broadcast address 34-16
ip cef distributed command 34-61
IP directed broadcasts 34-14
ip igmp profile command 23-21
IP information
assigned
manually 4-10
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP multicast routing
addresses
all-hosts 36-3
all-multicast-routers 36-3
host group address range 36-3
administratively-scoped boundaries, described 36-35
IP multicast routing (continued)and IGMP snooping 23-1
Auto-RP
adding to an existing sparse-mode cloud 36-14
benefits of 36-14
clearing the cache 36-51
configuration guidelines 36-10
filtering incoming RP announcement messages 36-17
overview 36-5
preventing candidate RP spoofing 36-17
preventing join messages to false RPs 36-16
setting up in a new internetwork 36-14
using with BSR 36-22
bootstrap router
configuration guidelines 36-10
configuring candidate BSRs 36-20
configuring candidate RPs 36-21
defining the IP multicast boundary 36-19
defining the PIM domain border 36-18
overview 36-5
using with Auto-RP 36-22
Cisco implementation 36-2
configuring
basic multicast routing 36-10
IP multicast boundary 36-35
default configuration 36-8
enabling
multicast forwarding 36-11
PIM mode 36-11
group-to-RP mappings
Auto-RP 36-5
BSR 36-5
MBONE
deleting sdr cache entries 36-51
described 36-34
displaying sdr cache 36-52
enabling sdr listener support 36-34
limiting DVMRP routes advertised 36-46
limiting sdr cache entry lifetime 36-35
IP multicast routing (continued)SAP packets for conference session announcement 36-34
Session Directory (sdr) tool, described 36-34
monitoring
packet rate loss 36-52
peering devices 36-52
tracing a path 36-52
multicast forwarding, described 36-6
PIMv1 and PIMv2 interoperability 36-9
protocol interaction 36-2
reverse path check (RPF) 36-6
routing table
deleting 36-51
displaying 36-52
RP
assigning manually 36-12
configuring Auto-RP 36-14
configuring PIMv2 BSR 36-18
monitoring mapping information 36-23
using Auto-RP and BSR 36-22
stacking
stack master functions 36-8
stack member functions 36-8
statistics, displaying system and network 36-51
IP phones
and QoS 16-1
automatic classification and queueing 32-18
configuring 16-4
ensuring port security with QoS 32-35
trusted boundary for QoS 32-35
IP precedence 32-2
IP-precedence-to-DSCP map for QoS 32-50
IP protocols
in ACLs 31-12
routing 1-8
IP routes, monitoring 34-74
IP routing
connecting interfaces with 11-7
disabling 34-19
enabling 34-19
IP source guard
and 802.1x 21-17
and DHCP snooping 21-15
and EtherChannels 21-17
and port security 21-17
and routed ports 21-17
and TCAM entries 21-17
and trunk interfaces 21-17
and VRF 21-17
binding configuration
automatic 21-15
manual 21-15
binding table 21-15
configuration guidelines 21-17
default configuration 21-16
described 21-15
disabling 21-18
displaying
bindings 21-19
configuration 21-19
enabling 21-17
filtering
source IP address 21-16
source IP and MAC address 21-16
source IP address filtering 21-16
source IP and MAC address filtering 21-16
static bindings
adding 21-17
deleting 21-18
IP traceroute
executing 39-18
overview 39-17
IP unicast routing
address resolution 34-9
administrative distances 34-63, 34-72
ARP 34-9
assigning IP addresses to Layer 3 interfaces 34-6
authentication keys 34-73
broadcast
address 34-16
flooding 34-17
packets 34-14
storms 34-14
classless routing 34-7
configuring static routes 34-62
default
addressing configuration 34-5
gateways 34-12
networks 34-64
routes 34-63
routing 34-2
directed broadcasts 34-14
disabling 34-19
dynamic routing 34-3
enabling 34-19
EtherChannel Layer 3 interface 34-4
IGP 34-25
inter-VLAN 34-2
IP addressing
classes 34-6
configuring 34-5
IRDP 34-13
Layer 3 interfaces 34-4
MAC address and IP address 34-9
passive interfaces 34-71
IP unicast routing (continued)protocols
distance-vector 34-3
dynamic 34-3
link-state 34-3
proxy ARP 34-9
redistribution 34-64
reverse address resolution 34-9
routed ports 34-4
static routing 34-2
steps to configure 34-5
subnet mask 34-6
subnet zero 34-7
supernet 34-7
UDP 34-16
with SVIs 34-4
IRDP
configuring 34-13
definition 34-13
support for 1-9
ISL
and trunk ports 11-3
isolated port 15-2
J
join messages, IGMP 23-3
K
KDC
described 9-32
keepalive messages 17-2
Kerberos
authenticating to
boundary switch 9-35
KDC 9-35
network services 9-35
configuration examples 9-32
configuring 9-36
credentials 9-32
cryptographic software image 9-32
described 9-32
KDC 9-32
operation 9-34
realm 9-33
server 9-33
support for 1-7
switch as trusted third party 9-32
terms 9-33
TGT 9-34
tickets 9-32
key distribution center
L
LACP
Layer 2 frames, classification with CoS 32-2
Layer 2 interfaces, default configuration 11-12
Layer 2 traceroute
and ARP 39-17
and CDP 39-16
broadcast traffic 39-16
described 39-16
Layer 2 traceroute (continued)IP addresses and subnets 39-17
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
Layer 2 trunks 13-17
Layer 3 features 1-8
Layer 3 interfaces
assigning IP addresses to 34-6
changing from Layer 2 mode 34-6
types of 34-4
Layer 3 packets, classification methods 32-2
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
link redundancy
links, unidirectional 26-1
link state advertisements (LSAs) 34-29
link-state protocols 34-3
load balancing 35-6
logging messages, ACL 31-10
login authentication
with RADIUS 9-23
with TACACS+ 9-14
login banners 7-18
log messages
Long-Reach Ethernet (LRE) technology 1-14, 1-21
loop guard
described 19-11
enabling 19-18
support for 1-6
LRE profiles, considerations in switch clusters 6-17
M
MAC addresses
aging time 7-22
and VLAN association 7-21
building the address table 7-21
default configuration 7-22
discovering 7-28
displaying 7-28
displaying in DHCP snooping binding database 21-14
displaying in the IP source binding table 21-19
dynamic
learning 7-21
removing 7-23
in ACLs 31-27
IP address association 34-9
static
adding 7-26
allowing 7-27
characteristics of 7-25
dropping 7-27
removing 7-26
MAC address notification, support for 1-9
MAC address-to-VLAN mapping 13-28
MAC extended access lists
applying to Layer 2 interfaces 31-29
configuring for QoS 32-41
creating 31-27
defined 31-27
for QoS classification 32-5
macros
manageability features 1-4
management access
in-band
browser session 1-5
CLI session 1-5
CMS 1-5
SNMP 1-5
out-of-band console port connection 1-5
management options
CLI 2-1
clustering 1-3
CMS 1-2
overview 1-4
switch stacks 1-3
management VLAN
considerations in switch clusters 6-7
discovery through different management VLANs 6-7
mapping tables for QoS
configuring
CoS-to-DSCP 32-50
DSCP 32-49
DSCP-to-CoS 32-52
DSCP-to-DSCP-mutation 32-53
IP-precedence-to-DSCP 32-50
policed-DSCP 32-51
described 32-10
marking
action in policy map 32-44
action with aggregate policers 32-47
matching, ACLs 31-7
maximum aging time
MSTP 18-22
STP 17-23
maximum hop count, MSTP 18-22
maximum-paths command 34-47, 34-62
membership mode, VLAN port 13-3
member switch
adding 6-18
automatic discovery 6-5
defined 6-2
managing 6-23
passwords 6-13
recovering from lost connectivity 39-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
menu bar variations 3-4
messages
logging ACL violations 31-16
to users through banners 7-18
metrics, in BGP 34-48
metric translations, between routing protocols 34-68
MHSRP 35-7
MIBs
accessing files with FTP A-3
location of files A-3
overview 30-1
SNMP interaction with 30-5
supported A-1
mini-point-of-presence
mirroring traffic for analysis 27-1
mismatches, autonegotiation 39-13
module number 11-7
monitoring
access groups 31-40
ACL configuration 31-40
BGP 34-59
cables for unidirectional links 26-1
CDP 25-5
monitoring (continued)CEF 34-61
EIGRP 34-39
fallback bridging 38-11
features 1-9
Flex Links 20-3
HSRP 35-11
IGMP
filters 23-25
snooping 23-12
interfaces 11-24
IP
address tables 34-18
multicast routing 36-50
routes 34-74
MSDP peers 37-19
multicast router interfaces 23-12
MVR 23-19
network traffic for analysis with probe 27-2
OSPF 34-33
port
blocking 24-16
protection 24-16
private VLANs 15-15
RP mapping information 36-23
SFPs
SFP status 1-9
source-active messages 37-19
speed and duplex mode 11-16
traffic flowing among switches 28-1
traffic suppression 24-16
VLAN
filters 31-41
maps 31-41
VLANs 13-16
VMPS 13-32
VTP 14-16
MSDP
benefits of 37-3
clearing MSDP connections and statistics 37-19
controlling source information
forwarded by switch 37-12
originated by switch 37-9
received by switch 37-14
default configuration 37-4
dense-mode regions
sending SA messages to 37-17
specifying the originating address 37-18
filtering
incoming SA messages 37-14
SA messages to a peer 37-12
SA requests from a peer 37-11
join latency, defined 37-6
meshed groups
configuring 37-16
defined 37-16
originating address, changing 37-18
overview 37-1
peer-RPF flooding 37-2
peers
configuring a default 37-4
monitoring 37-19
peering relationship, overview 37-1
requesting source information from 37-8
shutting down 37-16
source-active messages
caching 37-6
clearing cache entries 37-19
defined 37-2
filtering from a peer 37-11
filtering incoming 37-14
filtering to a peer 37-12
limiting data with TTL 37-14
monitoring 37-19
restricting advertised sources 37-9
support for 1-9
MSTP
boundary ports
configuration guidelines 18-14
described 18-5
BPDU filtering
described 19-3
enabling 19-14
BPDU guard
described 19-3
enabling 19-13
CIST, described 18-3
configuration guidelines 18-13, 19-12
configuring
forward-delay time 18-21
hello time 18-20
link type for rapid convergence 18-23
maximum aging time 18-22
maximum hop count 18-22
MST region 18-14
path cost 18-19
port priority 18-18
root switch 18-15
secondary root switch 18-17
switch priority 18-20
CST
defined 18-3
operations between regions 18-4
default configuration 18-13
default optional feature configuration 19-12
displaying status 18-24
enabling the mode 18-14
EtherChannel guard
described 19-10
enabling 19-17
extended system ID
effects on root switch 18-15
effects on secondary root switch 18-17
unexpected behavior 18-16
instances supported 17-10
MSTP (continued)interface state, blocking to forwarding 19-2
interoperability and compatibility among modes 17-11
interoperability with 802.1D
described 18-6
restarting migration process 18-23
IST
defined 18-3
master 18-3
operations within a region 18-3
loop guard
described 19-11
enabling 19-18
mapping VLANs to MST instance 18-14
MST region
CIST 18-3
configuring 18-14
described 18-2
hop-count mechanism 18-5
IST 18-3
supported spanning-tree instances 18-2
optional features supported 1-6
overview 18-2
Port Fast
described 19-2
enabling 19-12
preventing root switch selection 19-10
root guard
described 19-10
enabling 19-17
root switch
configuring 18-16
effects of extended system ID 18-15
unexpected behavior 18-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 18-6
status, displaying 18-24
multicast groups
Immediate Leave 23-5
joining 23-3
leaving 23-5
static joins 23-10
multicast packets
ACLs on 31-40
blocking 24-6
multicast router interfaces, monitoring 23-12
multicast router ports, adding 23-9
Multicast Source Discovery Protocol
multicast storm 24-2
multicast storm-control command 24-4
Multicast VLAN Registration
Multiple HSRP
Multiple Spanning Tree Protocol
MVR
and address aliasing 23-16
configuring interfaces 23-17
default configuration 23-15
described 23-13
in the switch stack 23-15
modes 23-17
monitoring 23-19
setting global parameters 23-16
support for 1-4
N
named IP ACLs 31-15
native VLAN
configuring 13-23
default 13-23
neighbor discovery/recovery, EIGRP 34-34
neighbors, BGP 34-54
network configuration examples
cost-effective wiring closet 1-14
high-performance wiring closet 1-14
increasing network performance 1-12
large network 1-18
long-distance, high-bandwidth transport 1-22
multidwelling network 1-21
providing network services 1-13
redundant Gigabit backbone 1-15
server aggregation and Linux server cluster 1-15
small to medium-sized network 1-17
network design
performance 1-13
services 1-13
network management
CDP 25-1
RMON 28-1
SNMP 30-1
Network Time Protocol
no commands 2-4
non-IP traffic filtering 31-27
nontrunking mode 13-18
normal-range VLANs
configuration modes 13-7
defined 13-1
no switchport command 11-4
note, described xxxvi
not-so-stubby areas
NSSA, OSPF 34-29
NTP
associations
authenticating 7-5
defined 7-2
enabling broadcast messages 7-7
peer 7-6
server 7-6
default configuration 7-4
NTP (continued)displaying the configuration 7-11
overview 7-2
restricting access
creating an access group 7-9
disabling NTP services per interface 7-10
source IP address, configuring 7-10
stratum 7-2
support for 1-5
synchronizing devices 7-6
time
services 7-2
synchronizing 7-2
O
offline configuration for switch stacks 5-7
Open Shortest Path First
optimizing system resources 8-1
options, management 1-4
OSPF
area parameters, configuring 34-29
configuring 34-27
default configuration
metrics 34-31
route 34-31
settings 34-26
described 34-25
interface parameters, configuring 34-28
LSA group pacing 34-32
monitoring 34-33
router IDs 34-32
route summarization 34-30
support for 1-8
virtual links 34-30
out-of-profile markdown 1-8
P
packet modification, with QoS 32-17
PAgP
parallel paths, in routing tables 34-62
passive interfaces
configuring 34-71
OSPF 34-31
passwords
default configuration 9-2
disabling recovery of 9-5
encrypting 9-4
for security 1-6
overview 9-1
recovery of 39-4
setting
enable 9-3
enable secret 9-4
Telnet 9-6
with usernames 9-7
VTP domain 14-9
path cost
MSTP 18-19
STP 17-20
PBR
defined 34-68
enabling 34-69
fast-switched policy-based routing 34-70
local policy-based routing 34-70
PC (passive command switch) 6-10, 6-21
peers, BGP 34-54
performance, network design 1-12
performance features 1-3
per-VLAN spanning-tree plus
physical ports 11-2
PIM
default configuration 36-8
dense mode
overview 36-4
rendezvous point (RP), described 36-4
RPF lookups 36-7
displaying neighbors 36-52
enabling a mode 36-11
overview 36-3
router-query message interval, modifying 36-26
shared tree and source tree, overview 36-23
shortest path tree, delaying the use of 36-25
sparse mode
join messages and shared tree 36-4
overview 36-4
prune messages 36-5
RPF lookups 36-7
support for 1-9
versions
interoperability 36-9
troubleshooting interoperability problems 36-23
v2 improvements 36-4
PIM-DVMRP, as snooping method 23-8
ping
character output description 39-15
executing 39-15
overview 39-14
PoE
configuring 11-19
support for 1-9
troubleshooting 39-13
policed-DSCP map for QoS 32-51
policers
configuring
for each matched traffic class 32-44
for more than one traffic class 32-47
described 32-3
displaying 32-67
policers (continued)number of 32-31
types of 32-8
policing
described 32-3
token-bucket algorithm 32-9
policy-based routing
policy maps for QoS
characteristics of 32-44
configuring 32-44
described 32-7
displaying 32-68
POP 1-21
port ACLs
defined 31-2
types of 31-3
Port Aggregation Protocol
port-based authentication
accounting 10-5
authentication server
defined 10-2
RADIUS server 10-2
client, defined 10-2
configuration guidelines 10-12
configuring
802.1x authentication 10-13
guest VLAN 10-20
host mode 10-19
manual re-authentication of a client 10-16
periodic re-authentication 10-16
quiet period 10-17
RADIUS server 10-16
RADIUS server parameters on the switch 10-15
switch-to-client frame-retransmission number 10-18
switch-to-client retransmission time 10-17
default configuration 10-11
described 10-1
port-based authentication (continued)device roles 10-2
displaying statistics 10-22
EAPOL-start frame 10-3
EAP-request/identity frame 10-3
EAP-response/identity frame 10-3
encapsulation 10-3
guest VLAN
configuration guidelines 10-9
described 10-8
initiation and message exchange 10-3
method lists 10-13
multiple-hosts mode, described 10-19
per-user ACLs
AAA authorization 10-13
configuration tasks 10-10
described 10-9
RADIUS server attributes 10-9
ports
authorization state and dot1x port-control command 10-4
authorized and unauthorized 10-4
voice VLAN 10-7
port security
and voice VLAN 10-6
described 10-6
interactions 10-6
multiple-hosts mode 10-19
resetting to default values 10-21
stack changes, effects of 10-10
statistics, displaying 10-22
switch
as proxy 10-2
RADIUS client 10-2
topologies, supported 10-5
upgrading from a previous release 10-13, 32-24
port-based authentication (continued)VLAN assignment
AAA authorization 10-13
characteristics 10-8
configuration tasks 10-8
described 10-7
voice VLAN
described 10-7
PVID 10-7
VVID 10-7
port-channel
Port Fast
described 19-2
enabling 19-12
mode, spanning tree 13-29
support for 1-6
port membership modes, VLAN 13-3
port priority
MSTP 18-18
STP 17-18
ports
10-Gigabit Ethernet module 11-4
access 11-3
blocking 24-6
dynamic access 13-4
protected 24-5
routed 11-3
secure 24-7
switch 11-2
VLAN assignments 13-11
port security
aging 24-14
and QoS trusted boundary 32-35
and stacking 24-15
configuring 24-10
default configuration 24-9
described 24-7
displaying 24-16
sticky learning 24-8
violations 24-8
with other features 24-10
port-shutdown response, VMPS 13-28
Power over Ethernet
preferential treatment of traffic
prefix lists, BGP 34-51
preventing unauthorized access 9-1
primary links 20-1
priority
HSRP 35-6
overriding CoS 16-6
trusting CoS 16-6
private VLAN edge ports
private VLANs
across multiple switches 15-4
and SDM template 15-4
and SVIs 15-5
and switch stacks 15-5
benefits of 15-1
community ports 15-2
private VLANs (continued)configuration guidelines 15-7, 15-8
configuration tasks 15-6
configuring 15-10
default configuration 15-7
end station access to 15-3
IP addressing 15-3
isolated port 15-2
mapping 15-14
monitoring 15-15
ports
community 15-2
configuration guidelines 15-8
configuring host ports 15-11
configuring promiscuous ports 15-13
described 13-4
isolated 15-2
promiscuous 15-2
promiscuous ports 15-2
secondary VLANs 15-2
subdomains 15-1
traffic in 15-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 9-9
command switch 6-23
exiting 9-10
in CMS 3-7
logging into 9-10
mapping on member switches 6-23
setting a command with 9-8
promiscuous ports
configuring 15-13
defined 15-2
protocol-dependent modules, EIGRP 34-35
Protocol-Independent Multicast Protocol
provisioning new members for a switch stack 5-7
proxy ARP
configuring 34-11
definition 34-9
with IP routing disabled 34-12
pruning, VTP
disabling
in VTP domain 14-14
on a port 13-23
enabling
in VTP domain 14-14
on a port 13-22
examples 14-5
overview 14-5
pruning-eligible list
changing 13-22
for VTP pruning 14-5
VLANs 14-15
PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Q
QoS
and MQC commands 32-1
auto-QoS
categorizing traffic 32-18
configuration and defaults display 32-28
configuration guidelines 32-23
described 32-18
disabling 32-25
displaying generated commands 32-25
displaying the initial configuration 32-28
effects on running configuration 32-23
egress queue defaults 32-19
QoS (continued)auto-QoS (continued)
enabling for VoIP 32-24
example configuration 32-26
ingress queue defaults 32-19
list of generated commands 32-20
basic model 32-3
classification
class maps, described 32-7
defined 32-3
flowchart 32-6
forwarding treatment 32-3
in frames and packets 32-2
MAC ACLs, described 32-5, 32-7
options for IP traffic 32-5
options for non-IP traffic 32-5
policy maps, described 32-7
trust DSCP, described 32-5
trusted CoS, described 32-5
trust IP precedence, described 32-5
class maps
configuring 32-42
displaying 32-67
configuration guidelines
auto-QoS 32-23
standard QoS 32-31
configuring
aggregate policers 32-47
auto-QoS 32-18
default port CoS value 32-34
DSCP maps 32-49
DSCP trust states bordering another domain 32-36
egress queue characteristics 32-60
ingress queue characteristics 32-55
IP extended ACLs 32-40
IP standard ACLs 32-38
MAC ACLs 32-41
policy maps 32-44
QoS (continued)configuring (continued)
port trust states within the domain 32-32
trusted boundary 32-35
default auto configuration 32-18
default standard configuration 32-29
displaying statistics 32-67
egress queues
allocating buffer space 32-60
buffer allocation scheme, described 32-16
configuring shaped weights for SRR 32-64
configuring shared weights for SRR 32-65
described 32-4
displaying the threshold map 32-63
flowchart 32-15
mapping DSCP or CoS values 32-62
scheduling, described 32-4
setting WTD thresholds 32-60
WTD, described 32-17
enabling globally 32-32
flowcharts
classification 32-6
egress queueing and scheduling 32-15
ingress queueing and scheduling 32-13
policing and marking 32-9
implicit deny 32-7
ingress queues
allocating bandwidth 32-58
allocating buffer space 32-57
buffer and bandwidth allocation, described 32-14
configuring shared weights for SRR 32-58
configuring the priority queue 32-59
described 32-3
displaying the threshold map 32-56
flowchart 32-13
mapping DSCP or CoS values 32-56
priority queue, described 32-14
scheduling, described 32-3
QoS (continued)ingress queues (continued)
setting WTD thresholds 32-56
WTD, described 32-14
IP phones
automatic classification and queueing 32-18
detection and trusted settings 32-18, 32-35
limiting bandwidth on egress interface 32-66
mapping tables
CoS-to-DSCP 32-50
displaying 32-67
DSCP-to-CoS 32-52
DSCP-to-DSCP-mutation 32-53
IP-precedence-to-DSCP 32-50
policed-DSCP 32-51
types of 32-10
marked-down actions 32-46
overview 32-1
packet modification 32-17
policers
described 32-8
displaying 32-67
number of 32-31
types of 32-8
policies, attaching to an interface 32-9
policing
token bucket algorithm 32-9
policy maps
characteristics of 32-44
configuring 32-44
displaying 32-68
QoS label, defined 32-3
QoS (continued)queues
configuring egress characteristics 32-60
configuring ingress characteristics 32-55
high priority (expedite) 32-17, 32-66
location of 32-11
SRR, described 32-12
WTD, described 32-11
rewrites 32-17
support for 1-7
trust states
bordering another domain 32-36
described 32-5
trusted device 32-35
within the domain 32-32
quality of service
queries, IGMP 23-4
R
RADIUS
attributes
vendor-proprietary 9-31
vendor-specific 9-29
configuring
accounting 9-28
authentication 9-23
authorization 9-27
communication, global 9-21, 9-29
communication, per-server 9-21
multiple UDP ports 9-21
default configuration 9-20
defining AAA server groups 9-25
displaying the configuration 9-31
identifying the server 9-21
RADIUS (continued)in clusters 6-16
limiting the services to the user 9-27
method list, defined 9-20
operation of 9-19
overview 9-18
suggested network environments 9-18
support for 1-7
tracking services accessed by user 9-28
range
macro 11-10
of interfaces 11-9
rapid convergence 18-8
rapid per-VLAN spanning-tree plus
rapid PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Rapid Spanning Tree Protocol
RARP 34-9
rcommand command 6-23
RCP
configuration files
downloading B-17
overview B-16
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-31
preparing the server B-29
uploading B-33
reconfirmation interval, VMPS, changing 13-31
recovery procedures 39-1
redundancy
EtherChannel 33-2
HSRP 35-1
STP
backbone 17-9
multidrop backbone 19-5
path cost 13-26
port priority 13-24
redundant clusters
redundant links and UplinkFast 19-15
reliable transport protocol, EIGRP 34-34
reloading software 4-16
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
report suppression, IGMP
described 23-5
disabling 23-11
requirements
cluster
resequencing ACL entries 31-15
resets, in BGP 34-46
resetting a UDLD-shutdown interface 26-6
restricting access
NTP services 7-8
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-18
TACACS+ 9-10
retry count, VMPS, changing 13-32
reverse address resolution 34-9
Reverse Address Resolution Protocol
RFC
1058, RIP 34-20
1112, IP multicast and IGMP 23-2
1157, SNMPv1 30-2
1163, BGP 34-40
1166, IP addresses 34-6
1253, OSPF 34-25
1267, BGP 34-40
1305, NTP 7-2
1587, NSSAs 34-25
1757, RMON 28-2
1771, BGP 34-40
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 23-2
2273-2275, SNMPv3 30-2
RIP
advertisements 34-20
authentication 34-23
configuring 34-21
default configuration 34-20
described 34-20
hop counts 34-20
split horizon 34-23
summary addresses 34-23
support for 1-8
RMON
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
statistics
collecting group Ethernet 28-6
collecting group history 28-5
support for 1-9
root guard
described 19-10
enabling 19-17
support for 1-6
root switch
MSTP 18-15
STP 17-16
route calculation timers, OSPF 34-31
route dampening, BGP 34-58
routed packets, ACLs on 31-39
routed ports
configuring 34-4
defined 11-3
in switch clusters 6-8
route-map command 34-70
route maps
BGP 34-49
policy-based routing 34-68
router ACLs
defined 31-2
types of 31-4
route reflectors, BGP 34-57
router ID, OSPF 34-32
route selection, BGP 34-47
route summarization, OSPF 34-30
routing
default 34-2
dynamic 34-3
redistribution of information 34-64
static 34-2
routing domain confederation, BGP 34-56
Routing Information Protocol
routing protocol administrative distances 34-63
RSPAN
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-11
destination ports 27-8
displaying status 27-24
in a switch stack 27-2
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
received traffic 27-5
session limits 27-11
sessions
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-23
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
RSTP
active topology 18-7
BPDU
format 18-10
processing 18-11
designated port, defined 18-7
designated switch, defined 18-7
interoperability with 802.1D
described 18-6
restarting migration process 18-23
topology changes 18-11
overview 18-6
port roles
described 18-7
synchronized 18-9
proposal-agreement handshake process 18-8
RSPAN (continued)rapid convergence
cross-stack rapid convergence 18-8
described 18-8
edge ports and Port Fast 18-8
point-to-point links 18-8, 18-23
root ports 18-8
root port, defined 18-7
running configuration, saving 4-10
S
SC (standby command switch) 6-10, 6-20
scheduled reloads 4-16
SDM
described 8-1
switch stack consideration 5-10
templates
configuring 8-4
number of 8-1
SDM template
aggregator 8-1
configuring 8-3
desktop 8-1
types of 8-1
secondary VLANs 15-2
secure MAC addresses
and switch stacks 24-16
deleting 24-13
maximum number of 24-8
types of 24-8
secure ports
and switch stacks 24-15
configuring 24-7
secure remote connections 9-38
security, port 24-7
security features 1-6
sequence numbers in log messages 29-8
server mode, VTP 14-3
service-provider network, MSTP and RSTP 18-1
set-request operation 30-5
setup (CLI) program 1-10
See also hardware installation guide
setup program
failed command switch replacement 39-11
replacing failed command switch 39-9
severity levels, defining in system messages 29-9
SFPs
monitoring status of 1-9, 11-24, 39-14
numbering of 11-8
security and identification 39-13
status
displaying 1-9
shaped round robin
show access-lists hw-summary command 31-22
show and more command output, filtering 2-8
show cdp traffic command 25-5
show cluster members command 6-23
show configuration command 11-20
show forward command 39-23
show interfaces command 11-16, 11-20
show platform forward command 39-23
show running-config command
displaying ACLs 31-20, 31-21, 31-32, 31-34
interface description in 11-20
shutdown command on interfaces 11-25
Simple Network Management Protocol
small form-factor pluggable modules
Smartports macros
applying Cisco-default macros 12-6
applying global parameter values 12-5, 12-6
applying macros 12-5
applying parameter values 12-5, 12-7
configuration guidelines 12-3
creating 12-4
default configuration 12-2
defined 12-1
displaying 12-8
tracing 12-3
website 12-2
SNAP 25-1
SNMP
accessing MIB variables with 30-5
agent
described 30-4
disabling 30-8
authentication level 30-11
community strings
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-16
default configuration 30-7
engine ID 30-7
host 30-7
ifIndex values 30-6
in-band management 1-5
in clusters 6-14
informs
and trap keyword 30-12
described 30-5
differences from traps 30-5
disabling 30-15
enabling 30-15
SNMP (continued)limiting access by TFTP servers 30-16
limiting system log messages to NMS 29-10
managing clusters with 6-24
MIBs
location of A-3
supported A-1
notifications 30-5
security levels 30-3
status, displaying 30-17
system contact and location 30-15
trap manager, configuring 30-14
traps
differences from informs 30-5
disabling 30-15
enabling 30-12
enabling MAC address notification 7-23
types of 30-12
versions supported 30-2
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 23-1
software compatibility
software images
location in flash B-20
recovery procedures 39-2
scheduling reloads 4-16
tar file format, described B-21
See also downloading and uploading
source addresses, in ACLs 31-12
source-and-destination-IP address based forwarding, EtherChannel 33-8
source-and-destination MAC address forwarding, EtherChannel 33-8
source-IP address based forwarding, EtherChannel 33-8
source-MAC address forwarding, EtherChannel 33-8
SPAN
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-11
destination ports 27-8
displaying status 27-24
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
received traffic 27-5
session limits 27-11
sessions
configuring ingress forwarding 27-16, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-14
specifying monitored ports 27-12
with ingress traffic enabled 27-15
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 13-19
Spanning Tree Protocol
SPAN traffic 27-5
speed, configuring on interfaces 11-14
split horizon
IGRP 34-24
RIP 34-23
SRR
configuring
shaped weights on egress queues 32-64
shared weights on egress queues 32-65
shared weights on ingress queues 32-58
described 32-12
shaped mode 32-12
shared mode 32-12
support for 1-8
SSH
configuring 9-39
cryptographic software image 9-37
encryption methods 9-38
switch stack considerations 5-14, 9-38
user authentication methods, supported 9-38
stack changes, effects on
802.1x port-based authentication 10-10
ACL configuration 31-6
CDP 25-2
cross-stack EtherChannel 33-12
EtherChannel 33-9
fallback bridging 38-3
HSRP 35-2
IGMP snooping 23-6
IP routing 34-3
MAC address tables 7-22
MSTP 18-6
multicast routing 36-8
MVR 23-13
port security 24-15
SDM template selection 8-2
SNMP 30-1
SPAN and RSPAN 27-10
STP 17-12
switch clusters 6-14
system message log 29-2
VLANs 13-7
VTP 14-6
stack master
bridge ID (MAC address) 5-5
defined 5-1
election 5-4
re-election 5-4
stack member
accessing CLI of specific member 5-19
configuring
member number 5-17
priority value 5-18
defined 5-1
displaying information of 5-20
number 5-6
priority value 5-7
provisioning a new member 5-18
replacing 5-13
stack member number 11-7
stack protocol version 5-11
stacks, switch
accessing CLI of specific member 5-19
assigning information
member number 5-17
priority value 5-18
provisioning a new member 5-18
benefits 1-2
bridge ID 5-5
CDP considerations 25-2
compatibility, software 5-10
configuration file 5-12
configuration scenarios 5-15
copying an image file from one member to another B-34
default configuration 5-17
description of 5-1
displaying information of 5-20
HSRP considerations 35-2
in clusters 6-14
incompatible software and image upgrades 5-11, B-34
stacks, switch (continued)MAC address considerations 7-22
management connectivity 5-14
managing 5-1
membership 5-3
merged 5-3
MSTP instances supported 17-10
multicast routing, stack master and member roles 36-8
offline configuration
described 5-7
effects of adding a provisioned switch 5-8
effects of removing a provisioned switch 5-10
effects of replacing a provisioned switch 5-10
provisioned configuration, defined 5-7
provisioned switch, defined 5-7
provisioning a new member 5-18
provisioned switch
adding 5-8
removing 5-10
replacing 5-10
replacing a failed member 5-13
See also stack master and stack member
software compatibility 5-10
software image version 5-11
stack protocol version 5-11
STP
bridge ID 17-3
instances supported 17-10
root port selection 17-3
stack root switch election 17-3
system messages
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 7-14
system-wide configuration considerations 5-13
upgrading B-34
StackWise technology, Cisco 1-3
Standby Command Configuration window 6-21
standby command switch
considerations 6-11
defined 6-2
priority 6-10
requirements 6-3
virtual IP address 6-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 35-4
standby links 20-1
standby router 35-1
standby timers, HSRP 35-9
startup configuration
booting
manually 4-13
specific image 4-13
clearing B-19
configuration file
automatically downloading 4-12
specifying the filename 4-12
default boot configuration 4-12
static access ports
assigning to VLAN 13-11
static addresses
static IP routing 1-8
static MAC addressing 1-6
static routes, configuring 34-62
static routing 34-2
static VLAN membership 13-2
statistics
802.1x 10-22
CDP 25-5
interface 11-24
IP multicast routing 36-51
OSPF 34-33
QoS ingress and egress 32-67
RMON group Ethernet 28-6
RMON group history 28-5
SNMP input and output 30-17
VTP 14-16
sticky learning 24-8
storm control
configuring 24-3
described 24-2
displaying 24-16
support for 1-3
thresholds 24-2
STP
802.1D and bridge ID 17-4
802.1D and multicast addresses 17-9
802.1t and VLAN identifier 17-4
accelerating root port selection 19-4
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
BPDU message exchange 17-3
configuration guidelines 17-13, 19-12
STP (continued)configuring
forward-delay time 17-23
hello time 17-22
maximum aging time 17-23
path cost 17-20
port priority 17-18
root switch 17-16
secondary root switch 17-17
spanning-tree mode 17-14
switch priority 17-21
counters, clearing 17-24
cross-stack UplinkFast
described 19-5
enabling 19-16
default configuration 17-13
default optional feature configuration 19-12
designated port, defined 17-4
designated switch, defined 17-4
detecting indirect link failures 19-8
disabling 17-15
displaying status 17-24
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
extended system ID
effects on root switch 17-16
effects on the secondary root switch 17-17
overview 17-4
unexpected behavior 17-16
features supported 1-5
inferior BPDU 17-3
instances supported 17-10
interface state, blocking to forwarding 19-2
STP (continued)interface states
blocking 17-7
disabled 17-8
learning 17-7
listening 17-7
overview 17-5
interoperability and compatibility among modes 17-11
keepalive messages 17-2
limitations with 802.1Q trunks 17-11
load sharing
overview 13-24
using path costs 13-26
using port priorities 13-24
loop guard
described 19-11
enabling 19-18
modes supported 17-10
multicast addresses, effect of 17-9
optional features supported 1-6
overview 17-2
Port Fast
described 19-2
enabling 19-12
port priorities 13-25
preventing root switch selection 19-10
protocols supported 17-10
redundant connectivity 17-9
root guard
described 19-10
enabling 19-17
root port, defined 17-3
root port selection on a switch stack 17-3
STP (continued)root switch
configuring 17-16
effects of extended system ID 17-4, 17-16
election 17-3
unexpected behavior 17-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 17-12
status, displaying 17-24
superior BPDU 17-3
timers, described 17-22
UplinkFast
described 19-4
enabling 19-15
VLAN-bridge 17-12
stratum, NTP 7-2
stub areas, OSPF 34-29
subdomains, private VLAN 15-1
subnet mask 34-6
subnet zero 34-7
success response, VMPS 13-28
summer time 7-13
SunNet Manager 1-4
supernet 34-7
SVIs
and IP unicast routing 34-4
and router ACLs 31-4
connecting VLANs 11-6
defined 11-4
routing between VLANs 13-2
switch clustering technology 6-1
switch console port 1-5
Switch Database Management
switched packets, ACLs on 31-38
Switched Port Analyzer
switched ports 11-2
Switch Manager 3-10
switchport block multicast command 24-6
switchport block unicast command 24-6
switchport command 11-13
switchport protected command 24-5
switch priority
MSTP 18-20
STP 17-21
switch software features 1-1
switch virtual interface
synchronization, BGP 34-44
syslog
system clock
configuring
daylight saving time 7-13
manually 7-11
summer time 7-13
time zones 7-12
displaying the time and date 7-12
overview 7-2
system message logging
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-13
enabling 29-5
facility keywords, described 29-13
level keywords, described 29-9
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
system message logging (continued)stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-9
time stamps, enabling and disabling 29-7
UNIX syslog servers
configuring the daemon 29-11
configuring the logging facility 29-12
facilities supported 29-13
system name
default configuration 7-15
default setting 7-15
manual configuration 7-15
system prompt
manual configuration 7-16
system resources, optimizing 8-1
T
TACACS+
accounting, defined 9-11
authentication, defined 9-11
authorization, defined 9-11
configuring
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-17
identifying the server 9-13
in clusters 6-16
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-7
tracking services accessed by user 9-17
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
TDR 1-9
Telnet
accessing management interfaces 2-9
from a browser 2-10
number of connections 1-5
setting a password 9-6
templates, SDM 8-1
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 9-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-11
configuration files in base directory 4-6
configuring for autoconfiguration 4-5
image files
deleting B-24
downloading B-23
preparing the server B-22
uploading B-24
limiting access by servers 30-16
TFTP server 1-4
threshold, traffic level 24-2
time
Time Domain Reflector
time-range command 31-17
time ranges in ACLs 31-17
time stamps in log messages 29-7
time zones 7-12
Token Ring VLANs
support for 13-6
VTP support 14-4
Topology view, described 3-2, 3-15
ToS 1-7
traceroute, Layer 2
and ARP 39-17
and CDP 39-16
broadcast traffic 39-16
described 39-16
IP addresses and subnets 39-17
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
traceroute command 39-18
traffic
blocking flooded 24-6
fragmented 31-5
unfragmented 31-5
traffic policing 1-8
traffic suppression 24-2
transparent mode, VTP 14-3, 14-12
trap-door mechanism 4-2
traps
configuring MAC address notification 7-23
configuring managers 30-12
defined 30-3
notification types 30-12
troubleshooting
connectivity problems 39-14, 39-16, 39-17
detecting unidirectional links 26-1
displaying crash information 39-25
PIMv1 and PIMv2 interoperability problems 36-23
setting packet forwarding 39-23
troubleshooting (continued)SFP security and identification 39-13
show forward command 39-23
with CiscoWorks 30-5
with debug commands 39-21
with ping 39-14
with system message logging 29-1
with traceroute 39-17
trunking encapsulation 1-6
trunk ports
configuring 13-20
encapsulation 13-20, 13-25, 13-27
secure MAC addresses on 24-11, 24-12
trunks
allowed-VLAN list 13-21
configuring 13-20, 13-25, 13-27
ISL 13-17
load sharing
setting STP path costs 13-26
using STP port priorities 13-24, 13-25
native VLAN for untagged traffic 13-23
parallel 13-26
pruning-eligible list 13-22
to non-DTP device 13-17
understanding 13-17
trusted boundary for QoS 32-35
trusted port states
between QoS domains 32-36
classification options 32-5
ensuring port security for IP phones 32-35
support for 1-8
within a QoS domain 32-32
twisted-pair Ethernet, detecting unidirectional links 26-1
type of service
U
UDLD
default configuration 26-4
disabling
fiber-optic interfaces 26-5
globally 26-5
per interface 26-6
echoing detection mechanism 26-3
enabling
globally 26-5
per interface 26-6
link-detection mechanism 26-1
neighbor database 26-2
overview 26-1
resetting an interface 26-6
status, displaying 26-7
support for 1-5
UDP, configuring 34-16
unauthorized ports with 802.1x 10-4
unicast MAC address filtering 1-4
and adding static addresses 7-27
and broadcast MAC addresses 7-26
and CPU packets 7-26
and multicast addresses 7-26
and router MAC addresses 7-26
configuration guidelines 7-26
described 7-26
unicast storm 24-2
unicast storm control command 24-4
unicast traffic, blocking 24-6
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 29-11
facilities supported 29-13
message logging configuration 29-12
unrecognized Type-Length-Value (TLV) support 14-4
upgrading information
upgrading software images
UplinkFast
described 19-4
disabling 19-16
enabling 19-15
support for 1-5
uploading
configuration files
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
image files
reasons for B-20
using FTP B-28
using RCP B-33
using TFTP B-24
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 9-7
V
version-dependent transparent mode 14-4
version mismatch (VM) mode 5-12
virtual IP address
cluster standby group 6-11, 6-21
vlan.dat file 13-5
VLAN 1, disabling on a trunk port 13-22
VLAN 1 minimization 13-21
VLAN ACLs
vlan-assignment response, VMPS 13-28
VLAN configuration
at bootup 13-8
saving 13-8
VLAN configuration mode 2-2, 13-7
VLAN database
and startup configuration file 13-8
and VTP 14-1
VLAN configuration saved in 13-8
VLANs saved in 13-5
vlan database command 13-7
VLAN filtering and SPAN 27-7
vlan global configuration command 13-7
VLAN ID, discovering 7-28
VLAN management domain 14-2
VLAN Management Policy Server
VLAN map entries, order of 31-30
VLAN maps
applying 31-34
common uses for 31-34
configuration example 31-35
configuration guidelines 31-30
configuring 31-30
creating 31-31
defined 31-2
denying access example 31-36
denying and permitting packets 31-32
displaying 31-41
examples 31-36
removing 31-34
support for 1-7
with router ACLs 31-40
VLAN membership
confirming 13-31
modes 13-3
VLAN Query Protocol
VLANs
adding 13-9
adding to VLAN database 13-9
aging dynamic addresses 17-10
allowed on trunk 13-21
and spanning-tree instances 13-3, 13-7, 13-13
configuration guidelines, extended-range VLANs 13-13
configuration guidelines, normal-range VLANs 13-6
configuration options 13-7
configuring 13-1
configuring IDs 1006 to 4094 13-13
connecting through SVIs 11-6
creating in config-vlan mode 13-9
creating in VLAN configuration mode 13-10
default configuration 13-8
deleting 13-11
displaying 13-16
features 1-6
illustrated 13-2
internal 13-13
in the switch stack 13-7
limiting source traffic with RSPAN 27-23
limiting source traffic with SPAN 27-16
modifying 13-9
native, configuring 13-23
number supported 1-6
parameters 13-5
port membership modes 13-3
static-access ports 13-11
STP and 802.1Q trunks 17-11
supported 13-3
VLANs (continued)Token Ring 13-6
traffic between 13-2
VTP modes 14-3
VLAN Trunking Protocol
VLAN trunks 13-17
VMPS
administering 13-32
configuration example 13-33
configuration guidelines 13-29
default configuration 13-29
description 13-27
dynamic port membership
described 13-28
reconfirming 13-31
troubleshooting 13-33
entering server address 13-30
mapping MAC addresses to VLANs 13-28
monitoring 13-32
reconfirmation interval, changing 13-31
reconfirming membership 13-31
retry count, changing 13-32
voice-over-IP 16-1
voice VLAN
Cisco 7960 phone, port connections 16-1
configuration guidelines 8-4, 16-3
configuring IP phones for data traffic
override CoS of incoming frame 16-6
trust CoS priority of incoming frame 16-6
configuring ports for voice traffic in
802.1p priority tagged frames 16-5
802.1Q frames 16-4
connecting to an IP phone 16-4
default configuration 16-3
described 16-1
displaying 16-6
VTP
adding a client to a domain 14-15
advertisements 13-19, 14-3, 14-4
and extended-range VLANs 14-2
and normal-range VLANs 14-2
client mode, configuring 14-11
configuration
global configuration mode 14-7
guidelines 14-8
privileged EXEC mode 14-7
requirements 14-9
saving 14-8
VLAN configuration mode 14-8
configuration mode options 14-7
configuration requirements 14-9
configuration revision number
guideline 14-15
<