-
Catalyst 3750-E and 3560-E Switch Software Configuration Guide, 12.2(50)SE
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Assigning the Switch IP Address and Default Gateway
-
Configuring Cisco EnergyWise
-
Configuring Cisco IOS Configuration Engine
-
Managing Switch Stacks
-
Clustering Switches
-
Administering the Switch
-
Configuring SDM Templates
-
Configuring Switch-Based Authentication
-
Configuring IEEE 802.1x Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring Auto Smartports Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Voice VLANs
-
Configuring Private VLANs
-
Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Flex Links
-
Configuring DHCP Features and IP Source Guard
-
Configuring Dynamic ARP Inspection
-
Configuring IGMP Snooping and MVR
-
Configuring IPv6 MLD Snooping
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring LLDP, LLDP-MED, and Wired Location Service
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Embedded Event Manager
-
Configuring Network Security with ACLs
-
Configuring IPv6 ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Configuring IP Unicast Routing
-
Configuring IPv6 Unicast Routing
-
Configuring HSRP
-
Configuring Cisco IOS IP SLAs Operations
-
Configuring Enhanced Object Tracking
-
Configuring WCCP
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Configuring Online Diagnostics
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(50)SE
-
Feedback
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -
Index
Numerics
10-Gigabit Ethernet interfaces 12-6
A
AAA down policy, NAC Layer 2 IP validation 1-11
abbreviating commands 2-4
ABRs 40-26
AC (command switch) 7-11
access
templates 9-1
access-class command 36-20
access control entries
access-denied response, VMPS 14-28
access groups
applying IPv4 ACLs to interfaces 36-21
Layer 2 36-21
Layer 3 36-21
access groups, applying IPv4 ACLs to interfaces 36-21
accessing
clusters, switch 7-14
command switches 7-12
member switches 7-14
switch clusters 7-14
accessing stack members 6-24
access lists
access ports
and Layer 2 protocol tunneling 18-11
defined 12-3
in switch clusters 7-10
access template 9-1
accounting
with 802.1x 11-46
with IEEE 802.1x 11-12
with RADIUS 10-28
ACEs
and QoS 38-7
defined 36-2
Ethernet 36-2
IP 36-2
ACLs
ACEs 36-2
any keyword 36-13
applying
on bridged packets 36-39
on multicast packets 36-41
on routed packets 36-40
on switched packets 36-39
time ranges to 36-17
to IPv6 interfaces 37-8
to QoS 38-7
classifying traffic for QoS 38-45
comments in 36-19
compiling 36-23
extended IP, configuring for QoS classification 38-46
extended IPv4
creating 36-11
matching criteria 36-8
hardware and software handling 36-22
ACLs (continued)host keyword 36-13
IP
creating 36-8
fragments and QoS guidelines 38-35
implicit deny 36-10, 36-14, 36-17
implicit masks 36-10
matching criteria 36-8
undefined 36-21
IPv4
applying to interfaces 36-20
creating 36-8
matching criteria 36-8
named 36-15
numbers 36-8
terminal lines, setting on 36-19
unsupported features 36-7
IPv6
and stacking 37-3
applying to interfaces 37-8
displaying 37-9
interactions with other features 37-4
limitations 37-3
matching criteria 37-3
named 37-3
precedence of 37-2
supported 37-2
unsupported features 37-3
Layer 4 information in 36-38
logging messages 36-9
named
IPv4 36-15
IPv6 37-3
names 37-4
number per QoS class map 38-35
ACLs (continued)precedence of 36-2
resequencing entries 36-15
router ACLs and VLAN map configuration guidelines 36-38
standard IP, configuring for QoS classification 38-45
standard IPv4
creating 36-10
matching criteria 36-8
support for 1-10
support in hardware 36-22
time ranges 36-17
types supported 36-2
unsupported features
IPv4 36-7
IPv6 37-3
using router ACLs with VLAN maps 36-37
VLAN maps
configuration guidelines 36-31
configuring 36-30
active links 22-2
active router 42-1
active traffic monitoring, IP SLAs 43-1
address aliasing 25-2
addresses
displaying the MAC address table 8-28
dynamic
accelerated aging 19-9
changing the aging time 8-21
default aging 19-9
defined 8-19
learning 8-20
removing 8-22
IPv6 41-2
MAC, discovering 8-28
addresses (continued)multicast
group address range 46-3
STP address management 19-9
static
adding and removing 8-24
defined 8-19
Address Resolution Protocol
adjacency tables, with CEF 40-91
administrative distances
defined 40-104
OSPF 40-33
routing protocol defaults 40-94
advertisements
CDP 28-1
RIP 40-20
aggregatable global unicast addresses 41-3
aggregate addresses, BGP 40-61
aggregated ports
aggregate policers 38-60
aggregate policing 1-12
aging, accelerating 19-9
aging time
accelerated
for MSTP 20-23
MAC address table 8-21
maximum
for MSTP 20-24
alarms, RMON 32-3
allowed-VLAN list 14-21
AP1250 (wireless access point) 1-14
application engines, redirecting traffic to 45-1
area border routers
area routing
IS-IS 40-66
ISO IGRP 40-66
ARP
configuring 40-10
encapsulation 40-11
static cache configuration 40-10
table
address resolution 8-28
managing 8-28
ASBRs 40-26
AS-path filters, BGP 40-55
asymmetrical links, and IEEE 802.1Q tunneling 18-4
attributes, RADIUS
vendor-proprietary 10-30
vendor-specific 10-29
attribute-value pairs 11-16, 11-17
audience xlv
authentication
EIGRP 40-42
HSRP 42-11
local mode with AAA 10-36
NTP associations 8-4
open1x 11-24
RADIUS
key 10-21
login 10-23
TACACS+
defined 10-11
key 10-13
login 10-14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 11-8
authentication failed VLAN
authentication keys, and routing protocols 40-105
authentication manager
CLI commands 11-8
compatibility with older 802.1x CLI commands11-8to 11-9
overview 11-7
authoritative time source, described 8-2
authorization
with RADIUS 10-27
authorized ports with IEEE 802.1x 11-9
autoconfiguration 3-3
auto enablement 11-26
automatic advise (auto-advise) in switch stacks 6-12
automatic copy (auto-copy) in switch stacks 6-12
automatic discovery
considerations
beyond a noncandidate device 7-8
brand new switches 7-10
connectivity 7-5
different VLANs 7-7
management VLANs 7-8
non-CDP-capable devices 7-6
noncluster-capable devices 7-6
routed ports 7-9
in switch clusters 7-5
automatic extraction (auto-extract) in switch stacks 6-12
automatic QoS
automatic recovery, clusters 7-11
automatic upgrades (auto-upgrade) in switch stacks 6-12
auto-MDIX
configuring 12-27
described 12-26
autonegotiation
duplex mode 1-4
interface configuration guidelines 12-24
mismatches 49-12
autonomous system boundary routers
autonomous systems, in BGP 40-49
Auto-RP, described 46-6
autosensing, port speed 1-4
Auto Smartports macros
configuration guidelines 13-3
default configuration 13-2
defined 13-1
displaying 13-14
enabling 13-4
event triggers 13-6
mapping 13-4
user-defined macros 13-9
autostate exclude 12-6
Auto Smartports macros
auxiliary VLAN
availability, features 1-8
B
BackboneFast
described 21-7
disabling 21-17
enabling 21-16
support for 1-8
backup interfaces
backup links 22-2
backup static routing, configuring 44-12
banners
configuring
login 8-19
message-of-the-day login 8-18
default configuration 8-17
when displayed 8-17
Berkeley r-tools replacement 10-49
BGP
aggregate addresses 40-61
aggregate routes, configuring 40-61
CIDR 40-61
clear commands 40-64
community filtering 40-58
configuring neighbors 40-59
default configuration 40-46
described 40-46
enabling 40-49
monitoring 40-64
multipath support 40-53
neighbors, types of 40-49
path selection 40-53
peers, configuring 40-59
prefix filtering 40-57
resetting sessions 40-51
route dampening 40-63
route maps 40-55
route reflectors 40-62
routing domain confederation 40-62
routing session with multi-VRF CE 40-85
show commands 40-64
supernets 40-61
support for 1-13
Version 4 40-46
binding cluster group and HSRP group 42-12
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 23-6
DHCP snooping database 23-7
IP source guard 23-16
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 27-7
Boolean expressions in tracked lists 44-4
booting
boot loader, function of 3-2
boot process 3-2
manually 3-18
specific image 3-18
boot loader
accessing 3-19
described 3-2
environment variables 3-19
prompt 3-19
trap-door mechanism 3-2
bootstrap router (BSR), described 46-7
Border Gateway Protocol
BPDU
error-disabled state 21-2
filtering 21-3
RSTP format 20-12
BPDU filtering
described 21-3
disabling 21-15
enabling 21-14
support for 1-8
BPDU guard
described 21-2
disabling 21-14
enabling 21-13
support for 1-8
bridged packets, ACLs on 36-39
bridge groups
bridge protocol data unit
broadcast flooding 40-17
broadcast packets
directed 40-14
flooded 40-14
broadcast storm-control command 27-4
C
cables, monitoring for unidirectional links 30-1
candidate switch
automatic discovery 7-5
defined 7-4
requirements 7-4
See also command switch, cluster standby group, and member switch
Catalyst 6000 switches
authentication compatibility 11-8
CA trustpoint
configuring 10-45
defined 10-43
caution, described xlvi
CDP
and trusted boundary 38-41
automatic discovery in switch clusters 7-5
configuring 28-2
default configuration 28-2
defined with LLDP 29-1
described 28-1
disabling for routing device28-3to 28-4
enabling and disabling
on an interface 28-4
on a switch 28-3
Layer 2 protocol tunneling 18-8
monitoring 28-5
overview 28-1
power negotiation extensions 12-7
CDP (continued)support for 1-6
switch stack considerations 28-2
transmission timer and holdtime, setting 28-2
updates 28-2
CEF
defined 40-91
distributed 40-91
IPv6 41-19
CGMP
as IGMP snooping learning method 25-9
clearing cached group entries 46-62
enabling server support 46-44
joining multicast group 25-3
overview 46-9
server support only 46-9
switch support of 1-4
CIDR 40-61
CipherSuites 10-44
Cisco 7960 IP Phone 16-1
Cisco AP1250 (wireless access point) 1-14
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco intelligent power management 12-7
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco IOS IP SLAs 43-1
Cisco Network Assistant
Cisco Redundant Power System 2300
configuring 12-37
managing 12-37
Cisco Secure ACS
attribute-value pairs for downloadable ACLs 11-17
attribute-value pairs for redirect URL 11-16
Cisco Secure ACS configuration guide 11-58
Cisco StackWise Plus technology 1-3
CISP 11-26
CIST regional root
CIST root
civic location 29-3
classless interdomain routing
classless routing 40-8
class maps for QoS
configuring 38-48
described 38-7
displaying 38-80
class of service
clearing interfaces 12-41
CLI
abbreviating commands 2-4
command modes 2-1
configuration logging 2-5
described 1-5
editing features
enabling and disabling 2-7
keystroke editing 2-8
wrapped lines 2-9
error messages 2-5
filtering command output 2-10
getting help 2-3
CLI (continued)history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
managing clusters 7-17
no and default forms of commands 2-4
Client Information Signalling Protocol
client mode, VTP 15-3
client processes, tracking 44-1
CLNS
clock
cluster requirements xlvi
clusters, switch
accessing 7-14
automatic discovery 7-5
automatic recovery 7-11
benefits 1-2
compatibility 7-4
described 7-1
LRE profile considerations 7-17
managing
through CLI 7-17
through SNMP 7-18
planning 7-4
planning considerations
automatic discovery 7-5
automatic recovery 7-11
CLI 7-17
host names 7-14
IP addresses 7-14
LRE profiles 7-17
passwords 7-15
RADIUS 7-17
clusters, switch (continued)switch stacks 7-15
TACACS+ 7-17
cluster standby group
and HSRP group 42-12
automatic recovery 7-13
considerations 7-12
defined 7-2
requirements 7-3
virtual IP address 7-12
CNS
Configuration Engine
configID, deviceID, hostname 5-3
configuration service 5-2
described 5-1
event service 5-3
embedded agents
described 5-5
enabling automated configuration 5-6
enabling configuration agent 5-9
enabling event agent 5-8
management functions 1-6
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
commands, setting privilege levels 10-8
command switch
accessing 7-12
active (AC) 7-11
configuration conflicts 49-12
command switch (continued)defined 7-2
passive (PC) 7-11
password privilege levels 7-18
priority 7-11
recovery
from command-switch failure 7-11, 49-9
from lost member connectivity 49-12
redundant 7-11
replacing
with another switch 49-11
with cluster member 49-9
requirements 7-3
standby (SC) 7-11
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 40-58
community ports 17-2
community strings
for cluster switches 34-4
in clusters 7-15
overview 34-4
SNMP 7-15
compatibility, feature 27-12
compatibility, software
config.text 3-17
configurable leave timer, IGMP 25-6
configuration, initial
defaults 1-16
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration conflicts, recovering from lost member connectivity 49-12
configuration examples, network 1-18
configuration files
archiving B-20
clearing the startup configuration B-20
creating and using, guidelines for B-10
creating using a text editor B-11
default name 3-17
deleting a stored configuration B-20
described B-9
downloading
automatically 3-17
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
invalid combinations when copying B-6
limiting TFTP server access 34-17
obtaining with DHCP 3-9
password recovery disable considerations 10-5
replacing and rolling back, guidelines for B-21
replacing a running configuration B-20, B-21
rolling back a running configuration B-20, B-21
specifying the filename 3-17
system contact and location information 34-17
types and location B-10
uploading
reasons for B-9
using FTP B-15
using RCP B-19
using TFTP B-12
configuration guidelines, multi-VRF CE 40-78
configuration logging 2-5
configuration replacement B-20
configuration rollback B-20
configuration settings, saving 3-15
configure terminal command 12-13
configuring multicast VRFs 40-84
configuring port-based authentication violation modes11-37to 11-38
configuring small-frame arrival rate 27-5
conflicts, configuration 49-12
connections, secure remote 10-38
connectivity problems 49-14, 49-16, 49-17
consistency checks in VTP Version 2 15-4
console port, connecting to 2-11
content-routing technology
control protocol, IP SLAs 43-4
conventions
command xlv
for examples xlvi
publication xlv
text xlv
corrupted software, recovery steps with Xmodem 49-2
CoS
in Layer 2 frames 38-2
override priority 16-6
trust priority 16-6
CoS input queue threshold map for QoS 38-17
CoS output queue threshold map for QoS 38-21
CoS-to-DSCP map for QoS 38-62
counters, clearing interface 12-41
CPU utilization, troubleshooting 49-28
crashinfo file 49-25
critical authentication, IEEE 802.1x 11-50
cross-stack EtherChannel
configuration guidelines 39-13
configuring
on Layer 2 interfaces 39-13
on Layer 3 physical interfaces 39-16
described 39-3
illustration 39-4
support for 1-8
cross-stack UplinkFast, STP
described 21-5
disabling 21-16
enabling 21-16
fast-convergence events 21-7
Fast Uplink Transition Protocol 21-6
normal-convergence events 21-7
support for 1-8
cryptographic software image
Kerberos 10-32
SSH 10-37
SSL 10-42
switch stack considerations 6-2, 6-17, 10-38
customer edge devices 40-76
CWDM SFPs 1-32
D
DACL
daylight saving time 8-13
dCEF in the switch stack 40-91
debugging
enabling all system diagnostics 49-21
enabling for a specific feature 49-21
redirecting error message output 49-22
using commands 49-20
default commands 2-4
default configuration
802.1x 11-31
auto-QoS 38-23
banners 8-17
BGP 40-46
booting 3-17
CDP 28-2
DHCP 23-8
DHCP option 82 23-8
DHCP snooping 23-8
DHCP snooping binding database 23-9
default configuration (continued)DNS 8-16
dynamic ARP inspection 24-5
EIGRP 40-38
EtherChannel 39-11
Ethernet interfaces 12-22
fallback bridging 48-4
Flex Links 22-8
HSRP 42-5
IEEE 802.1Q tunneling 18-4
IGMP 46-39
IGMP filtering 25-25
IGMP throttling 25-25
initial switch information 3-3
IP addressing, IP routing 40-6
IP multicast routing 46-11
IP SLAs 43-6
IP source guard 23-17
IPv6 41-10
IS-IS 40-67
Layer 2 interfaces 12-22
Layer 2 protocol tunneling 18-11
LLDP 29-4
MAC address table 8-21
MAC address-table move update 22-8
MSDP 47-4
MSTP 20-15
multi-VRF CE 40-78
MVR 25-20
NTP 8-4
optional spanning-tree configuration 21-12
OSPF 40-27
password and privilege level 10-2
PIM 46-11
private VLANs 17-6
RADIUS 10-20
RIP 40-21
RMON 32-3
default configuration (continued)RSPAN 31-12
SDM template 9-4
SNMP 34-7
SPAN 31-12
SSL 10-45
standard QoS 38-33
STP 19-13
switch stacks 6-20
system message logging 33-4
system name and prompt 8-15
TACACS+ 10-13
UDLD 30-4
VLAN, Layer 2 Ethernet interfaces 14-19
VLANs 14-8
VMPS 14-29
voice VLAN 16-3
VTP 15-7
WCCP 45-5
default networks 40-94
default router preference
default routes 40-94
default routing 40-3
deleting VLANs 14-10
denial-of-service attack 27-1
description command 12-31
designing your network, examples 1-18
destination addresses
in IPv4 ACLs 36-12
in IPv6 ACLs 37-6
destination-IP address-based forwarding, EtherChannel 39-9
destination-MAC address forwarding, EtherChannel 39-9
detecting indirect link failures, STP 21-8
device discovery protocol 28-1, 29-1
device manager
benefits 1-2
in-band management 1-7
requirements xlvi
DHCP
Cisco IOS server database
configuring 23-14
default configuration 23-9
described 23-6
DHCP for IPv6
enabling
relay agent 23-11
server 23-10
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-4
DNS 3-7
relay device 3-8
server side 3-6
server-side 23-10
TFTP server 3-7
example 3-10
lease options
for IP address information 3-6
for receiving the configuration file 3-7
overview 3-3
relationship to BOOTP 3-4
support for 1-6
DHCP-based autoconfiguration and image update
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 44-11
DHCP option 82
circuit ID suboption 23-5
configuration guidelines 23-9
default configuration 23-8
displaying 23-16
forwarding address, specifying 23-11
helper address 23-11
overview 23-3
packet format, suboption
circuit ID 23-5
remote ID 23-5
remote ID suboption 23-5
DHCP server port-based address allocation
configuration guidelines 23-21
default configuration 23-20
described 23-20
displaying 23-23
enabling 23-21
DHCP snooping
accepting untrusted packets form edge switch 23-3, 23-13
and private VLANs 23-14
binding database
See DHCP snooping binding database
configuration guidelines 23-9
default configuration 23-8
displaying binding tables 23-16
message exchange process 23-4
option 82 data insertion 23-3
trusted interface 23-2
untrusted interface 23-2
untrusted messages 23-2
DHCP snooping binding database
adding bindings 23-14
binding entries, displaying 23-16
DHCP snooping binding database (continued)binding file
format 23-7
location 23-7
bindings 23-7
clearing agent statistics 23-15
configuration guidelines 23-10
configuring 23-14
default configuration 23-8, 23-9
deleting
binding file 23-15
bindings 23-15
database agent 23-15
described 23-6
displaying 23-16
binding entries 23-16
status and statistics 23-16
displaying status and statistics 23-16
enabling 23-14
entry 23-7
renewing database 23-15
resetting
delay value 23-15
timeout value 23-15
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 41-15
default configuration 41-15
described 41-6
enabling client function 41-17
enabling DHCPv6 server function 41-15
diagnostic schedule command 50-2
Differentiated Services architecture, QoS 38-2
Differentiated Services Code Point 38-2
Diffusing Update Algorithm (DUAL) 40-36
Digital Optical Monitoring (DOM) 12-41
directed unicast requests 1-6
directories
changing B-4
creating and removing B-5
displaying the working B-4
discovery, clusters
Distance Vector Multicast Routing Protocol
distance-vector protocols 40-3
distribute-list command 40-103
DNS
and DHCP-based autoconfiguration 3-7
default configuration 8-16
displaying the configuration 8-17
in IPv6 41-4
overview 8-15
setting up 8-16
support for 1-6
DNS-based SSM mapping 46-19, 46-21
documentation, related xlvi
document conventions xlv
DOM (Digital Optical Monitoring) 12-41
domain names
DNS 8-15
VTP 15-8
Domain Name System
domains, ISO IGRP routing 40-66
dot1q-tunnel switchport mode 14-18
double-tagged packets
IEEE 802.1Q tunneling 18-2
Layer 2 protocol tunneling 18-10
downloadable ACL 11-16, 11-17, 11-58
downloading
configuration files
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
image files
deleting old image B-29
reasons for B-24
using CMS 1-3
using FTP B-31
using RCP B-36
using TFTP B-27
using the device manager or Network Assistant B-24
drop threshold for Layer 2 protocol packets 18-11
DRP
configuring 41-13
described 41-4
IPv6 41-4
DSCP input queue threshold map for QoS 38-17
DSCP output queue threshold map for QoS 38-21
DSCP-to-CoS map for QoS 38-65
DSCP-to-DSCP-mutation map for QoS 38-66
DSCP transparency 38-41
dual-action detection 39-6
DUAL finite state machine, EIGRP 40-37
dual IPv4 and IPv6 templates 9-2, 41-5, 41-6
dual protocol stacks
IPv4 and IPv6 41-6
SDM templates supporting 41-6
DVMRP
autosummarization
configuring a summary address 46-58
disabling 46-60
connecting PIM domain to DVMRP router 46-51
enabling unicast routing 46-54
interoperability
with Cisco devices 46-49
with Cisco IOS software 46-9
mrinfo requests, responding to 46-53
neighbors
advertising the default route to 46-52
discovery with Probe messages 46-49
displaying information 46-53
prevent peering with nonpruning 46-56
rejecting nonpruning 46-55
overview 46-9
routes
adding a metric offset 46-61
advertising all 46-60
advertising the default route to neighbors 46-52
caching DVMRP routes learned in report messages 46-54
changing the threshold for syslog messages 46-57
deleting 46-62
displaying 46-62
favoring one over another 46-61
limiting the number injected into MBONE 46-57
limiting unicast route advertisements 46-49
routing table 46-9
source distribution tree, building 46-9
support for 1-14
tunnels
configuring 46-51
displaying neighbor information 46-53
dynamic access ports
characteristics 14-4
configuring 14-31
defined 12-3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 24-1
ARP requests, described 24-1
ARP spoofing attack 24-1
clearing
log buffer 24-16
statistics 24-16
configuration guidelines 24-6
configuring
ACLs for non-DHCP environments 24-8
in DHCP environments 24-7
log buffer 24-13
rate limit for incoming ARP packets 24-4, 24-11
default configuration 24-5
denial-of-service attacks, preventing 24-11
described 24-1
DHCP snooping binding database 24-2
displaying
ARP ACLs 24-15
configuration and operating state 24-15
log buffer 24-16
statistics 24-16
trust state and rate limit 24-15
error-disabled state for exceeding rate limit 24-4
function of 24-2
interface trust states 24-3
log buffer
clearing 24-16
configuring 24-13
displaying 24-16
logging of dropped packets, described 24-5
man-in-the middle attack, described 24-2
network security issues and interface trust states 24-3
priority of ARP ACLs and DHCP snooping entries 24-4
dynamic ARP inspection (continued)rate limiting of ARP packets
configuring 24-11
described 24-4
error-disabled state 24-4
statistics
clearing 24-16
displaying 24-16
validation checks, performing 24-12
dynamic auto trunking mode 14-18
dynamic desirable trunking mode 14-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 14-29
reconfirming 14-31
troubleshooting 14-33
types of connections 14-31
dynamic routing 40-3
ISO CLNS 40-65
Dynamic Trunking Protocol
E
EBGP 40-45
editing features
enabling and disabling 2-7
keystrokes used 2-8
wrapped lines 2-9
EIGRP
authentication 40-42
components 40-37
configuring 40-40
default configuration 40-38
definition 40-36
interface parameters, configuring 40-41
monitoring 40-44
EIGRP (continued)stub routing 40-43
support for 1-13
EIGRP IPv6 41-7
elections
ELIN location 29-3
embedded event manager
actions 35-4
displaying information 35-7
environmental variables 35-5
event detectors 35-2
policies 35-4
registering and defining an applet 35-5
registering and defining a TCL script 35-6
understanding 35-1
enable password 10-3
enable secret password 10-3
encryption, CipherSuite 10-44
encryption for passwords 10-3
Enhanced IGRP
enhanced object tracking
backup static routing 44-12
commands 44-1
defined 44-1
DHCP primary interface 44-11
HSRP 44-7
IP routing state 44-2
IP SLAs 44-9
line-protocol state 44-2
network monitoring with IP SLAs 44-11
routing policy, configuring 44-12
static route primary interface 44-10
tracked lists 44-3
enhanced object tracking static routing 44-10
enhanced PoE 1-14, 12-7, 12-30
environmental variables, embedded event manager 35-5
environment variables, function of 3-20
equal-cost routing 1-13, 40-92
error-disabled state, BPDU 21-2
error messages during command entry 2-5
EtherChannel
automatic creation of 39-5, 39-7
channel groups
binding physical and logical interfaces 39-4
numbering of 39-4
configuration guidelines 39-12
configuring
Layer 2 interfaces 39-13
Layer 3 physical interfaces 39-16
Layer 3 port-channel logical interfaces 39-15
default configuration 39-11
described 39-2
displaying status 39-23
forwarding methods 39-8, 39-18
IEEE 802.3ad, described 39-7
interaction
with STP 39-12
with VLANs 39-12
LACP
described 39-7
displaying status 39-23
hot-standby ports 39-20
interaction with other features 39-8
modes 39-7
port priority 39-22
system priority 39-21
Layer 3 interface 40-5
logical interfaces, described 39-4
PAgP
aggregate-port learners 39-19
compatibility with Catalyst 1900 39-19
described 39-5
displaying status 39-23
interaction with other features 39-7
EtherChannel (continued)interaction with virtual switches 39-6
learn method and priority configuration 39-19
modes 39-6
support for 1-4
with dual-action detection 39-6
port-channel interfaces
described 39-4
numbering of 39-4
port groups 12-6
stack changes, effects of 39-10
support for 1-4
EtherChannel guard
described 21-10
disabling 21-17
enabling 21-17
Ethernet management port
active link 12-19
and routing 12-19
and routing protocols 12-19
and TFTP 12-21
configuring 12-21
connecting to 2-11
default setting 12-19
described 12-18
for network management 12-18
specifying 12-21
supported features 12-20
unsupported features 12-21
Ethernet management port, internal
and routing 12-19
and routing protocols 12-19
unsupported features 12-21
Ethernet VLANs
adding 14-9
defaults and ranges 14-8
modifying 14-9
EUI 41-3
event detectors, embedded event manager 35-2
events, RMON 32-3
examples
conventions for xlvi
network configuration 1-18
expedite queue for QoS 38-78
Express Setup 1-2
See also getting started guide
extended crashinfo file 49-25
extended-range VLANs
configuration guidelines 14-13
configuring 14-12
creating 14-14
creating with an internal VLAN ID 14-15
defined 14-1
extended system ID
MSTP 20-18
extended universal identifier
Extensible Authentication Protocol over LAN 11-1
external BGP
external neighbors, BGP 40-49
F
Fa0 port
failover support 1-8
fallback bridging
and protected ports 48-4
bridge groups
creating 48-4
described 48-2
displaying 48-11
function of 48-2
number supported 48-5
removing 48-5
fallback bridging (continued)bridge table
clearing 48-11
displaying 48-11
configuration guidelines 48-4
connecting interfaces with 12-12
default configuration 48-4
described 48-1
frame forwarding
flooding packets 48-2
forwarding packets 48-2
overview 48-1
protocol, unsupported 48-4
stack changes, effects of 48-3
STP
disabling on an interface 48-10
forward-delay interval 48-9
hello BPDU interval 48-9
interface priority 48-7
keepalive messages 19-2
maximum-idle interval 48-10
path cost 48-8
VLAN-bridge spanning-tree priority 48-6
VLAN-bridge STP 48-2
support for 1-13
SVIs and routed ports 48-2
unsupported protocols 48-4
VLAN-bridge STP 19-11
Fast Convergence 22-3
fastethernet0 port
Fast Uplink Transition Protocol 21-6
features, incompatible 27-12
FIB 40-91
fiber-optic, detecting unidirectional links 30-1
files
basic crashinfo
description 49-25
location 49-25
files (continued)copying B-5
crashinfo, description 49-25
deleting B-6
displaying the contents of B-8
extended crashinfo
description 49-25
location 49-25
tar
creating B-7
displaying the contents of B-7
extracting B-8
image file format B-25
file system
displaying available file systems B-2
displaying file information B-4
local file system names B-1
network file system names B-5
setting the default B-3
filtering
in a VLAN 36-30
non-IP traffic 36-28
show and more command output 2-10
filtering show and more command output 2-10
filters, IP
flash device, number of B-1
flexible authentication ordering
configuring 11-60
overview 11-24
Flex Link Multicast Fast Convergence 22-3
Flex Links
configuration guidelines 22-8
configuring preferred VLAN 22-12
configuring VLAN load balancing 22-11
default configuration 22-8
description 22-2
Flex Links (continued)link load balancing 22-3
monitoring 22-14
VLANs 22-3
flooded traffic, blocking 27-8
flow-based packet classification 1-12
flowcharts
QoS classification 38-6
QoS egress queueing and scheduling 38-18
QoS ingress queueing and scheduling 38-15
QoS policing and marking 38-10
flowcontrol
configuring 12-26
described 12-25
forward-delay time
MSTP 20-23
STP 19-23
Forwarding Information Base
forwarding nonroutable protocols 48-1
FTP
accessing MIB files A-4
configuration files
downloading B-14
overview B-13
preparing the server B-14
uploading B-15
image files
deleting old image B-33
downloading B-31
preparing the server B-30
uploading B-33
G
general query 22-5
Generating IGMP Reports 22-4
get-bulk-request operation 34-3
get-next-request operation 34-3, 34-5
get-request operation 34-3, 34-5
get-response operation 34-3
Gigabit modules
global configuration mode 2-2
global leave, IGMP 25-13
guest VLAN and IEEE 802.1x 11-17
guide
audience xlv
purpose of xlv
guide mode 1-3
GUIs
See device manager and Network Assistant
H
hardware limitations and Layer 3 interfaces 12-33
hello time
MSTP 20-22
STP 19-22
help, for the command line 2-3
hierarchical policy maps 38-8
configuration guidelines 38-35
configuring 38-54
described 38-11
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
history table, level and number of syslog messages 33-10
host names in clusters 7-14
host ports
configuring 17-11
kinds of 17-2
hosts, limit on dynamic ports 14-33
Hot Standby Router Protocol
HP OpenView 1-6
HSRP
authentication string 42-11
automatic cluster recovery 7-13
binding to cluster group 42-12
cluster standby group considerations 7-12
command-switch redundancy 1-1, 1-8
configuring 42-5
default configuration 42-5
definition 42-1
guidelines 42-6
monitoring 42-13
object tracking 44-7
overview 42-1
priority 42-8
routing redundancy 1-13
support for ICMP redirect messages 42-12
switch stack considerations 42-5
timers 42-11
tracking 42-8
See also clusters, cluster standby group, and standby command switch
HSRP for IPv6
configuring 41-25
guidelines 41-24
HTTP(S) Over IPv6 41-8
HTTP over SSL
HTTPS
configuring 10-46
described 10-43
self-signed certificate 10-43
HTTP secure server 10-43
I
IBPG 40-45
ICMP
IPv6 41-4
redirect messages 40-12
support for 1-13
time-exceeded messages 49-18
traceroute and 49-18
unreachable messages 36-20
unreachable messages and IPv6 37-4
unreachables and ACLs 36-22
ICMP Echo operation
configuring 43-12
IP SLAs 43-11
ICMP ping
executing 49-15
overview 49-15
ICMP Router Discovery Protocol
ICMPv6 41-4
IDS appliances
and ingress RSPAN 31-25
and ingress SPAN 31-16
IEEE 802.1D
IEEE 802.1p 16-1
IEEE 802.1Q
and trunk ports 12-3
configuration limitations 14-19
encapsulation 14-16
native VLAN for untagged traffic 14-23
tunneling
compatibility with other features 18-6
defaults 18-4
described 18-1
tunnel ports with other features 18-6
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3af
IEEE 802.3x flow control 12-25
ifIndex values, SNMP 34-6
IFS 1-6
IGMP
configurable leave timer
described 25-6
enabling 25-12
configuring the switch
as a member of a group 46-39
statically connected member 46-43
controlling access to groups 46-40
default configuration 46-39
deleting cache entries 46-62
displaying groups 46-63
fast switching 46-44
flooded multicast traffic
controlling the length of time 25-13
disabling on an interface 25-14
global leave 25-13
query solicitation 25-13
recovering from flood mode 25-13
host-query interval, modifying 46-41
joining multicast group 25-3
join messages 25-3
leave processing, enabling 25-11, 26-9
leaving multicast group 25-5
multicast reachability 46-39
overview 46-3
queries 25-4
IGMP (continued)report suppression
described 25-6
supported versions 25-3
support for 1-4
Version 1
changing to Version 2 46-41
described 46-3
Version 2
changing to Version 1 46-41
described 46-3
maximum query response time value 46-43
pruning groups 46-43
query timeout value 46-42
IGMP filtering
configuring 25-25
default configuration 25-25
described 25-24
monitoring 25-29
support for 1-5
IGMP groups
configuring filtering 25-28
setting the maximum number 25-27
IGMP helper 46-6
IGMP Immediate Leave
configuration guidelines 25-12
described 25-6
enabling 25-11
IGMP profile
applying 25-26
configuration mode 25-25
configuring 25-26
IGMP snooping
and address aliasing 25-2
and stack changes 25-7
configuring 25-7
default configuration 25-7, 26-6
definition 25-2
IGMP snooping (continued)enabling and disabling 25-8, 26-7
global configuration 25-8
Immediate Leave 25-6
in the switch stack 25-7
method 25-9
querier
configuration guidelines 25-15
configuring 25-15
supported versions 25-3
support for 1-4
VLAN configuration 25-8
IGMP throttling
configuring 25-28
default configuration 25-25
described 25-25
displaying action 25-29
IGP 40-25
Immediate Leave, IGMP
described 25-6
enabling 26-9
inaccessible authentication bypass 11-19
initial configuration
defaults 1-16
Express Setup 1-2
See also getting started guide and hardware installation guide
interface
number 12-13
range macros 12-16
interface command12-13to 12-14
interface configuration mode 2-3
interfaces
auto-MDIX, configuring 12-26
configuring
procedure 12-13
counters, clearing 12-41
default configuration 12-22
interfaces (continued)described 12-31
descriptive name, adding 12-31
displaying information about 12-40
duplex and speed configuration guidelines 12-23
flow control 12-25
management 1-5
monitoring 12-40
naming 12-31
physical, identifying 12-12, 12-13
range of 12-14
restarting 12-42
shutting down 12-42
speed and duplex, configuring 12-24
status 12-40
supported 12-12
types of 12-1
interfaces range macro command 12-16
interface types 12-13
Interior Gateway Protocol
internal BGP
internal neighbors, BGP 40-49
internal power supplies
Internet Control Message Protocol
Internet Group Management Protocol
Internet Protocol version 6
Inter-Switch Link
Intrusion Detection System
inventory management TLV 29-2, 29-6
IOS shell
IP ACLs
for QoS classification 38-7
implicit masks 36-10
named 36-15
undefined 36-21
IP addresses
128-bit 41-2
classes of 40-7
cluster access 7-2
command switch 7-3, 7-12, 7-14
default configuration 40-6
discovering 8-28
for IP routing 40-5
IPv6 41-2
MAC address association 40-9
monitoring 40-18
redundant clusters 7-12
standby command switch 7-12, 7-14
IP base feature set 1-1
IP broadcast address 40-17
ip cef distributed command 40-91
IP directed broadcasts 40-15
ip igmp profile command 25-25
IP information
assigned
manually 3-14
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing
addresses
all-hosts 46-3
all-multicast-routers 46-3
host group address range 46-3
administratively-scoped boundaries, described 46-47
IP multicast routing (continued)and IGMP snooping 25-2
Auto-RP
adding to an existing sparse-mode cloud 46-27
benefits of 46-26
clearing the cache 46-62
configuration guidelines 46-12
filtering incoming RP announcement messages 46-28
overview 46-6
preventing candidate RP spoofing 46-28
preventing join messages to false RPs 46-28
setting up in a new internetwork 46-26
using with BSR 46-34
bootstrap router
configuration guidelines 46-12
configuring candidate BSRs 46-32
configuring candidate RPs 46-33
defining the IP multicast boundary 46-31
defining the PIM domain border 46-30
overview 46-7
using with Auto-RP 46-34
Cisco implementation 46-2
configuring
basic multicast routing 46-12
IP multicast boundary 46-47
default configuration 46-11
enabling
multicast forwarding 46-13
PIM mode 46-14
group-to-RP mappings
Auto-RP 46-6
BSR 46-7
MBONE
deleting sdr cache entries 46-62
described 46-45
displaying sdr cache 46-63
enabling sdr listener support 46-46
limiting DVMRP routes advertised 46-57
IP multicast routing (continued)limiting sdr cache entry lifetime 46-46
SAP packets for conference session announcement 46-45
Session Directory (sdr) tool, described 46-45
monitoring
packet rate loss 46-63
peering devices 46-63
tracing a path 46-63
multicast forwarding, described 46-8
PIMv1 and PIMv2 interoperability 46-11
protocol interaction 46-2
reverse path check (RPF) 46-8
routing table
deleting 46-62
displaying 46-63
RP
assigning manually 46-25
configuring Auto-RP 46-26
configuring PIMv2 BSR 46-30
monitoring mapping information 46-35
using Auto-RP and BSR 46-34
stacking
stack master functions 46-10
stack member functions 46-10
statistics, displaying system and network 46-62
IP phones
and QoS 16-1
automatic classification and queueing 38-22
configuring 16-4
ensuring port security with QoS 38-40
trusted boundary for QoS 38-40
IP precedence 38-2
IP-precedence-to-DSCP map for QoS 38-63
IP protocols
in ACLs 36-12
routing 1-13
IP protocols in ACLs 36-12
IP routes, monitoring 40-106
IP routing
connecting interfaces with 12-12
disabling 40-19
enabling 40-19
IP Service Level Agreements
IP service levels, analyzing 43-1
IP services feature set 1-2
IP SLAs
benefits 43-2
configuration guidelines 43-6
configuring object tracking 44-9
Control Protocol 43-4
default configuration 43-6
definition 43-1
ICMP echo operation 43-11
measuring network performance 43-3
monitoring 43-14
multioperations scheduling 43-5
object tracking 44-9
operation 43-3
reachability tracking 44-9
responder
described 43-4
enabling 43-8
response time 43-4
scheduling 43-5
SNMP support 43-2
supported metrics 43-2
threshold monitoring 43-6
track object monitoring agent, configuring 44-11
track state 44-9
UDP jitter operation 43-8
IP source guard
and DHCP snooping 23-16
and EtherChannels 23-18
and hardware entries 23-18
and IEEE 802.1x 23-18
and port security 23-18
and private VLANs 23-18
and routed ports 23-17
and trunk interfaces 23-18
and VRF 23-18
binding configuration
automatic 23-16
manual 23-16
binding table 23-16
configuration guidelines 23-17
default configuration 23-17
described 23-16
disabling 23-19
displaying
bindings 23-20
configuration 23-20
enabling 23-18
filtering
source IP address 23-17
source IP and MAC address 23-17
source IP address filtering 23-17
source IP and MAC address filtering 23-17
static bindings
adding 23-18
deleting 23-19
IP traceroute
executing 49-18
overview 49-18
IP unicast routing
address resolution 40-9
administrative distances 40-94, 40-104
ARP 40-10
assigning IP addresses to Layer 3 interfaces 40-7
authentication keys 40-105
IP unicast routing (continued)broadcast
address 40-17
flooding 40-17
packets 40-14
storms 40-14
classless routing 40-8
configuring static routes 40-93
default
addressing configuration 40-6
gateways 40-12
networks 40-94
routes 40-94
routing 40-3
directed broadcasts 40-15
disabling 40-19
dynamic routing 40-3
enabling 40-19
EtherChannel Layer 3 interface 40-5
IGP 40-25
inter-VLAN 40-2
IP addressing
classes 40-7
configuring 40-5
IPv6 41-3
IRDP 40-13
Layer 3 interfaces 40-5
MAC address and IP address 40-9
passive interfaces 40-103
protocols
distance-vector 40-3
dynamic 40-3
link-state 40-3
proxy ARP 40-10
redistribution 40-95
reverse address resolution 40-9
routed ports 40-5
static routing 40-3
steps to configure 40-5
IP unicast routing (continued)subnet mask 40-7
subnet zero 40-7
supernet 40-8
UDP 40-16
unicast reverse path forwarding 1-14, 40-90
with SVIs 40-5
IPv4 ACLs
applying to interfaces 36-20
extended, creating 36-11
named 36-15
standard, creating 36-10
IPv4 and IPv6
IPv6
ACLs
displaying 37-9
limitations 37-3
matching criteria 37-3
port 37-2
precedence 37-2
router 37-2
supported 37-2
addresses 41-2
address formats 41-2
and switch stacks 41-9
applications 41-5
assigning address 41-11
autoconfiguration 41-5
CEFv6 41-19
default configuration 41-10
default router preference (DRP) 41-4
defined 41-1
IPv6 (continued)Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 41-7
EIGRP IPv6 Commands 41-7
Router ID 41-7
feature limitations 41-8
features not supported 41-8
forwarding 41-11
ICMP 41-4
monitoring 41-27
neighbor discovery 41-4
OSPF 41-6
path MTU discovery 41-4
stack master functions 41-9
Stateless Autoconfiguration 41-5
supported features 41-2
switch limitations 41-8
understanding static routes 41-6
IPv6 traffic, filtering 37-4
IRDP
configuring 40-13
definition 40-13
support for 1-13
IS-IS
addresses 40-66
area routing 40-66
default configuration 40-67
monitoring 40-75
show commands 40-75
system routing 40-66
ISL
and IPv6 41-3
and trunk ports 12-3
trunking with IEEE 802.1 tunneling 18-5
ISO CLNS
clear commands 40-75
dynamic routing protocols 40-65
monitoring 40-75
NETs 40-65
NSAPs 40-65
OSI standard 40-65
ISO IGRP
area routing 40-66
system routing 40-66
isolated port 17-2
J
join messages, IGMP 25-3
K
KDC
described 10-32
keepalive messages 19-2
Kerberos
authenticating to
boundary switch 10-34
KDC 10-34
network services 10-35
configuration examples 10-32
configuring 10-35
credentials 10-32
cryptographic software image 10-32
described 10-32
KDC 10-32
operation 10-34
realm 10-33
server 10-33
support for 1-11
Kerberos (continued)switch as trusted third party 10-32
terms 10-33
TGT 10-34
tickets 10-32
key distribution center
L
l2protocol-tunnel command 18-13
LACP
Layer 2 protocol tunneling 18-9
Layer 2 frames, classification with CoS 38-2
Layer 2 interfaces, default configuration 12-22
Layer 2 protocol tunneling
configuring 18-10
configuring for EtherChannels 18-14
default configuration 18-11
defined 18-8
guidelines 18-12
Layer 2 traceroute
and ARP 49-17
and CDP 49-16
broadcast traffic 49-16
described 49-16
IP addresses and subnets 49-17
MAC addresses and VLANs 49-17
multicast traffic 49-17
multiple devices on a port 49-17
unicast traffic 49-16
usage guidelines 49-16
Layer 3 features 1-13
Layer 3 interfaces
assigning IP addresses to 40-7
assigning IPv4 and IPv6 addresses to 41-14
assigning IPv6 addresses to 41-11
Layer 3 interfaces (continued)changing from Layer 2 mode 40-7, 40-82
types of 40-5
Layer 3 packets, classification methods 38-2
LDAP 5-2
Leaking IGMP Reports 22-4
LEDs, switch
See hardware installation guide
Lightweight Directory Access Protocol
line configuration mode 2-3
Link Aggregation Control Protocol
Link Failure, detecting unidirectional 20-8
Link Layer Discovery Protocol
link local unicast addresses 41-3
link redundancy
links, unidirectional 30-1
link state advertisements (LSAs) 40-31
link-state protocols 40-3
link-state tracking
configuring 39-26
described 39-23
LLDP
configuring 29-4
characteristics 29-5
default configuration 29-4
enabling 29-5
monitoring and maintaining 29-10
overview 29-1
supported TLVs 29-1
switch stack considerations 29-2
transmission timer and holdtime, setting 29-5
LLDP-MED
configuring
procedures 29-4
TLVs 29-6
LLDP-MED (continued)monitoring and maintaining 29-10
supported TLVs 29-2
LLDP Media Endpoint Discovery
load balancing 42-4
local SPAN 31-2
logging messages, ACL 36-9
login authentication
with RADIUS 10-23
with TACACS+ 10-14
login banners 8-17
log messages
Long-Reach Ethernet (LRE) technology 1-20, 1-31
loop guard
described 21-11
enabling 21-18
support for 1-8
LRE profiles, considerations in switch clusters 7-17
M
MAC/PHY configuration status TLV 29-2
MAC addresses
aging time 8-21
and VLAN association 8-20
building the address table 8-20
default configuration 8-21
disabling learning on a VLAN 8-27
discovering 8-28
displaying 8-28
displaying in the IP source binding table 23-20
dynamic
learning 8-20
removing 8-22
in ACLs 36-28
MAC addresses (continued)IP address association 40-9
static
adding 8-25
characteristics of 8-24
dropping 8-26
removing 8-25
MAC address learning 1-6
MAC address learning, disabling on a VLAN 8-27
MAC address notification, support for 1-15
MAC address-table move update
configuration guidelines 22-8
configuring 22-12
default configuration 22-8
description 22-6
monitoring 22-14
MAC address-to-VLAN mapping 14-28
MAC authentication bypass 11-13
MAC extended access lists
applying to Layer 2 interfaces 36-29
configuring for QoS 38-47
creating 36-28
defined 36-28
for QoS classification 38-5
macros
magic packet 11-22
manageability features 1-6
management access
in-band
browser session 1-7
CLI session 1-7
device manager 1-7
SNMP 1-7
out-of-band console port connection 1-7
management address TLV 29-2
management options
CLI 2-1
clustering 1-4
CNS 5-1
Network Assistant 1-3
overview 1-5
switch stacks 1-3
management VLAN
considerations in switch clusters 7-8
discovery through different management VLANs 7-8
mapping tables for QoS
configuring
CoS-to-DSCP 38-62
DSCP 38-62
DSCP-to-CoS 38-65
DSCP-to-DSCP-mutation 38-66
IP-precedence-to-DSCP 38-63
policed-DSCP 38-64
described 38-12
marking
action in policy map 38-50
action with aggregate policers 38-60
matching IPv4 ACLs 36-8
maximum aging time
MSTP 20-24
STP 19-23
maximum hop count, MSTP 20-24
maximum number of allowed devices, port-based authentication 11-35
maximum-paths command 40-53, 40-93
MDA
configuration guidelines11-25to 11-26
exceptions with authentication process 11-4
membership mode, VLAN port 14-3
member switch
automatic discovery 7-5
defined 7-2
managing 7-17
passwords 7-14
recovering from lost connectivity 49-12
requirements 7-4
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 8-17
metrics, in BGP 40-53
metric translations, between routing protocols 40-98
metro tags 18-2
MHSRP 42-4
MIBs
accessing files with FTP A-4
location of files A-4
overview 34-1
SNMP interaction with 34-4
supported A-1
mini-point-of-presence
mirroring traffic for analysis 31-1
mismatches, autonegotiation 49-12
module number 12-13
monitoring
access groups 36-41
BGP 40-64
cables for unidirectional links 30-1
CDP 28-5
CEF 40-92
EIGRP 40-44
fallback bridging 48-11
features 1-15
Flex Links 22-14
HSRP 42-13
monitoring (continued)IEEE 802.1Q tunneling 18-18
IGMP
filters 25-29
interfaces 12-40
IP
address tables 40-18
multicast routing 46-62
routes 40-106
IP SLAs operations 43-14
IPv4 ACL configuration 36-41
IPv6 41-27
IPv6 ACL configuration 37-9
IS-IS 40-75
ISO CLNS 40-75
Layer 2 protocol tunneling 18-18
MAC address-table move update 22-14
MSDP peers 47-19
multicast router interfaces 25-17, 26-12
multi-VRF CE 40-90
MVR 25-24
network traffic for analysis with probe 31-2
object tracking 44-12
OSPF 40-36
port
blocking 27-19
protection 27-19
private VLANs 17-15
RP mapping information 46-35
source-active messages 47-19
speed and duplex mode 12-25
SSM mapping 46-22
traffic flowing among switches 32-1
traffic suppression 27-19
tunneling 18-18
monitoring (continued)VLAN
filters 36-42
maps 36-42
VLANs 14-16
VMPS 14-32
VTP 15-16
mrouter Port 22-3
mrouter port 22-5
MSDP
benefits of 47-3
clearing MSDP connections and statistics 47-19
controlling source information
forwarded by switch 47-12
originated by switch 47-8
received by switch 47-14
default configuration 47-4
dense-mode regions
sending SA messages to 47-17
specifying the originating address 47-18
filtering
incoming SA messages 47-14
SA messages to a peer 47-12
SA requests from a peer 47-11
join latency, defined 47-6
meshed groups
configuring 47-16
defined 47-16
originating address, changing 47-18
overview 47-1
peer-RPF flooding 47-2
peers
configuring a default 47-4
monitoring 47-19
peering relationship, overview 47-1
requesting source information from 47-8
shutting down 47-16
MSDP (continued)source-active messages
caching 47-6
clearing cache entries 47-19
defined 47-2
filtering from a peer 47-11
filtering incoming 47-14
filtering to a peer 47-12
limiting data with TTL 47-14
monitoring 47-19
restricting advertised sources 47-9
support for 1-14
MSTP
boundary ports
configuration guidelines 20-16
described 20-6
BPDU filtering
described 21-3
enabling 21-14
BPDU guard
described 21-2
enabling 21-13
CIST, described 20-3
CIST root 20-5
configuration guidelines 20-15, 21-12
configuring
forward-delay time 20-23
hello time 20-22
link type for rapid convergence 20-24
maximum aging time 20-24
maximum hop count 20-24
MST region 20-16
neighbor type 20-25
path cost 20-21
port priority 20-20
root switch 20-17
secondary root switch 20-19
switch priority 20-22
MSTP (continued)CST
defined 20-3
operations between regions 20-4
default configuration 20-15
default optional feature configuration 21-12
displaying status 20-26
enabling the mode 20-16
EtherChannel guard
described 21-10
enabling 21-17
extended system ID
effects on root switch 20-18
effects on secondary root switch 20-19
unexpected behavior 20-18
IEEE 802.1s
implementation 20-6
port role naming change 20-7
terminology 20-5
instances supported 19-10
interface state, blocking to forwarding 21-2
interoperability and compatibility among modes 19-11
interoperability with IEEE 802.1D
described 20-9
restarting migration process 20-26
IST
defined 20-3
master 20-3
operations within a region 20-3
loop guard
described 21-11
enabling 21-18
mapping VLANs to MST instance 20-16
MSTP (continued)MST region
CIST 20-3
configuring 20-16
described 20-2
hop-count mechanism 20-5
IST 20-3
supported spanning-tree instances 20-2
optional features supported 1-8
overview 20-2
Port Fast
described 21-2
enabling 21-12
preventing root switch selection 21-10
root guard
described 21-10
enabling 21-18
root switch
configuring 20-18
effects of extended system ID 20-18
unexpected behavior 20-18
shutdown Port Fast-enabled port 21-2
stack changes, effects of 20-8
status, displaying 20-26
MTU
system 12-35
system jumbo 12-34
system routing 12-35
multiauth mode
See multiple-authentication mode
multicast groups
Immediate Leave 25-6
joining 25-3
leaving 25-5
multicast packets
ACLs on 36-41
blocking 27-8
multicast router interfaces, monitoring 25-17, 26-12
multicast router ports, adding 25-10, 26-8
Multicast Source Discovery Protocol
multicast storm 27-1
multicast storm-control command 27-4
multicast television application 25-19
multicast VLAN 25-18
Multicast VLAN Registration
multidomain authentication
multioperations scheduling, IP SLAs 43-5
multiple authentication 11-11
Multiple HSRP
multiple VPN routing/forwarding in customer edge devices
multi-VRF CE
configuration example 40-86
configuration guidelines 40-78
configuring 40-78
default configuration 40-78
defined 40-76
displaying 40-90
monitoring 40-90
network components 40-78
packet-forwarding process 40-77
support for 1-13
MVR
and address aliasing 25-21
and IGMPv3 25-21
configuration guidelines 25-21
configuring interfaces 25-22
default configuration 25-20
described 25-18
example application 25-19
in the switch stack 25-20
modes 25-22
MVR (continued)monitoring 25-24
multicast television application 25-19
setting global parameters 25-21
support for 1-5
N
NAC
AAA down policy 1-11
critical authentication 11-19, 11-50
IEEE 802.1x authentication using a RADIUS server 11-55
IEEE 802.1x validation using RADIUS server 11-55
inaccessible authentication bypass 1-11, 11-50
Layer 2 IEEE 802.1x validation 1-11, 11-55
Layer 2 IEEE802.1x validation 11-24
Layer 2 IP validation 1-11
named IPv4 ACLs 36-15
named IPv6 ACLs 37-3
NameSpace Mapper
native VLAN
and IEEE 802.1Q tunneling 18-4
configuring 14-23
default 14-23
NEAT
configuring 11-56
overview 11-26
neighbor discovery, IPv6 41-4
neighbor discovery/recovery, EIGRP 40-37
neighbors, BGP 40-59
Network Admission Control
Network Assistant
benefits 1-2
described 1-5
downloading image files 1-3
guide mode 1-3
Network Assistan (continued)tmanagement options 1-3
managing switch stacks 6-2, 6-16
requirements xlvi
upgrading a switch B-24
wizards 1-3
network configuration examples
cost-effective wiring closet 1-21
high-performance wiring closet 1-22
increasing network performance 1-19
large network 1-28
long-distance, high-bandwidth transport 1-32
multidwelling network 1-31
providing network services 1-19
redundant Gigabit backbone 1-24
server aggregation and Linux server cluster 1-24
small to medium-sized network 1-26
network design
performance 1-19
services 1-19
Network Edge Access Topology
network management
CDP 28-1
RMON 32-1
SNMP 34-1
network performance, measuring with IP SLAs 43-3
Network Time Protocol
no commands 2-4
nonhierarchical policy maps
configuration guidelines 38-35
configuring 38-50
described 38-9
non-IP traffic filtering 36-28
nontrunking mode 14-18
normal-range VLANs 14-4
configuration guidelines 14-6
configuration modes 14-7
configuring 14-4
defined 14-1
no switchport command 12-4
note, described xlvi
not-so-stubby areas
NSAPs, as ISO IGRP addresses 40-66
NSF Awareness
IS-IS 40-68
NSM 5-3
NSSA, OSPF 40-31
NTP
associations
authenticating 8-4
defined 8-2
enabling broadcast messages 8-6
peer 8-5
server 8-5
default configuration 8-4
displaying the configuration 8-11
overview 8-2
restricting access
creating an access group 8-8
disabling NTP services per interface 8-10
source IP address, configuring 8-10
stratum 8-2
support for 1-6
synchronizing devices 8-5
time
services 8-2
synchronizing 8-2
O
OBFL
configuring 49-27
described 49-26
displaying 49-27
object tracking
HSRP 44-7
IP SLAs 44-9
IP SLAs, configuring 44-9
monitoring 44-12
offline configuration for switch stacks 6-8
on-board failure logging
online diagnostics
described 50-1
overview 50-1
running tests 50-5
open1x
configuring 11-60
open1x authentication
overview 11-24
Open Shortest Path First
optimizing system resources 9-1
options, management 1-5
OSPF
area parameters, configuring 40-31
configuring 40-29
default configuration
metrics 40-33
route 40-33
settings 40-27
described 40-25
for IPv6 41-6
interface parameters, configuring 40-30
LSA group pacing 40-35
monitoring 40-36
router IDs 40-35
OSPF (continued)route summarization 40-32
support for 1-13
virtual links 40-33
out-of-profile markdown 1-12
P
packet modification, with QoS 38-21
PAgP
Layer 2 protocol tunneling 18-9
parallel paths, in routing tables 40-92
passive interfaces
configuring 40-103
OSPF 40-33
passwords
default configuration 10-2
disabling recovery of 10-5
encrypting 10-3
for security 1-9
in clusters 7-15
overview 10-1
recovery of 49-3
setting
enable 10-3
enable secret 10-3
Telnet 10-6
with usernames 10-6
VTP domain 15-8
path cost
MSTP 20-21
STP 19-20
path MTU discovery 41-4
PBR
defined 40-99
enabling 40-101
fast-switched policy-based routing 40-102
local policy-based routing 40-102
PC (passive command switch) 7-11
peers, BGP 40-59
percentage thresholds in tracked lists 44-6
performance, network design 1-19
performance features 1-4
persistent self-signed certificate 10-43
per-user ACLs and Filter-Ids 11-8
per-VLAN spanning-tree plus
PE to CE routing, configuring 40-85
physical ports 12-2
PIM
default configuration 46-11
dense mode
overview 46-4
rendezvous point (RP), described 46-5
RPF lookups 46-8
displaying neighbors 46-63
enabling a mode 46-14
overview 46-4
router-query message interval, modifying 46-38
shared tree and source tree, overview 46-35
shortest path tree, delaying the use of 46-37
sparse mode
join messages and shared tree 46-5
overview 46-5
prune messages 46-5
RPF lookups 46-9
stub routing
configuration guidelines 46-23
enabling 46-23
overview 46-5
support for 1-13
versions
interoperability 46-11
troubleshooting interoperability problems 46-35
v2 improvements 46-4
PIM-DVMRP, as snooping method 25-9
ping
character output description 49-16
executing 49-15
overview 49-15
PoE
auto mode 12-9
CDP with power consumption, described 12-7
CDP with power negotiation, described 12-7
Cisco intelligent power management 12-7
configuring 12-27
devices supported 12-6
high-power devices operating in low-power mode 12-7
IEEE power classification levels 12-8
monitoring 12-10
monitoring power 12-30
policing power consumption 12-30
policing power usage 12-10
power budgeting 12-28
power consumption 12-28
powered-device detection and initial power allocation 12-7
power management modes 12-9
power negotiation extensions to CDP 12-7
standards supported 12-7
static mode 12-9
supported watts per port 12-7
troubleshooting 49-13
policed-DSCP map for QoS 38-64
policers
configuring
for each matched traffic class 38-50
for more than one traffic class 38-60
described 38-4
displaying 38-80
number of 38-36
types of 38-9
policing
described 38-4
hierarchical
token-bucket algorithm 38-9
policy-based routing
policy maps for QoS
characteristics of 38-50
described 38-7
displaying 38-80
hierarchical 38-8
hierarchical on SVIs
configuration guidelines 38-35
configuring 38-54
described 38-11
nonhierarchical on physical ports
configuration guidelines 38-35
configuring 38-50
described 38-9
POP 1-31
port ACLs
defined 36-2
types of 36-3
Port Aggregation Protocol
port-based authentication
accounting 11-12
authentication server
defined 11-3
RADIUS server 11-3
client, defined 11-3
configuration guidelines 11-33
port-based authentication (continued)configuring
802.1x authentication 11-38
guest VLAN 11-47
host mode 11-41
inaccessible authentication bypass 11-50
manual re-authentication of a client 11-43
periodic re-authentication 11-42
quiet period 11-43
RADIUS server 11-40
RADIUS server parameters on the switch 11-39
restricted VLAN 11-48
switch-to-client frame-retransmission number 11-44, 11-46
switch-to-client retransmission time 11-44
violation mode 11-22
default configuration 11-31
described 11-1
device roles 11-2
displaying statistics 11-66
downloadable ACLs and redirect URLs
EAPOL-start frame 11-5
EAP-request/identity frame 11-5
EAP-response/identity frame 11-5
encapsulation 11-3
flexible authentication ordering
configuring 11-60
overview 11-24
guest VLAN
configuration guidelines 11-18, 11-19
described 11-17
host mode 11-11
inaccessible authentication bypass
configuring 11-50
described 11-19
guidelines 11-34
port-based authentication (continued)initiation and message exchange 11-5
magic packet 11-22
maximum number of allowed devices per port 11-35
method lists 11-38
multiple authentication 11-11
multiple-hosts mode, described 11-11
per-user ACLs
AAA authorization 11-38
configuration tasks 11-16
described 11-15
RADIUS server attributes 11-15
ports
authorization state and dot1x port-control command 11-9
authorized and unauthorized 11-9
critical 11-19
voice VLAN 11-20
port security
and voice VLAN 11-22
described 11-21
interactions 11-21
multiple-hosts mode 11-11
readiness check
configuring 11-35
resetting to default values 11-65
stack changes, effects of 11-10
statistics, displaying 11-66
switch
as proxy 11-3
RADIUS client 11-3
switch supplicant
configuring 11-56
overview 11-26
port-based authentication (continued)VLAN assignment
AAA authorization 11-38
characteristics 11-14
configuration tasks 11-14
described 11-13
voice aware 802.1x security
configuring 11-36
voice VLAN
described 11-20
PVID 11-20
VVID 11-20
wake-on-LAN, described 11-22
port-based authentication methods, supported 11-7
port-based trust
port-channel
port description TLV 29-2
Port Fast
described 21-2
enabling 21-12
mode, spanning tree 14-29
support for 1-8
port membership modes, VLAN 14-3
port priority
MSTP 20-20
STP 19-18
ports
10-Gigabit Ethernet 12-6
access 12-3
blocking 27-7
dynamic access 14-4
protected 27-6
routed 12-4
secure 27-8
ports (continued)switch 12-2
VLAN assignments 14-11
port security
aging 27-17
and private VLANs 27-18
and QoS trusted boundary 38-40
and stacking 27-18
configuring 27-13
default configuration 27-11
described 27-8
displaying 27-19
enabling 27-18
on trunk ports 27-14
sticky learning 27-9
violations 27-10
with other features 27-11
port-shutdown response, VMPS 14-28
port VLAN ID TLV 29-2
power management TLV 29-2, 29-6
Power over Ethernet
power supply
configuring 12-39
managing 12-39
preemption, default configuration 22-8
preemption delay, default configuration 22-8
preferential treatment of traffic
prefix lists, BGP 40-57
preventing unauthorized access 10-1
primary interface for object tracking, DHCP, configuring 44-11
primary interface for static routing, configuring 44-10
primary links 22-2
priority
HSRP 42-8
overriding CoS 16-6
trusting CoS 16-6
private VLAN edge ports
private VLANs
across multiple switches 17-4
and SDM template 17-4
and SVIs 17-5
and switch stacks 17-5
benefits of 17-1
community ports 17-2
configuration guidelines 17-7, 17-8
configuration tasks 17-6
configuring 17-10
default configuration 17-6
end station access to 17-3
IP addressing 17-3
isolated port 17-2
mapping 17-14
monitoring 17-15
ports
community 17-2
configuration guidelines 17-8
configuring host ports 17-11
configuring promiscuous ports 17-13
isolated 17-2
promiscuous 17-2
promiscuous ports 17-2
secondary VLANs 17-2
subdomains 17-1
traffic in 17-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 10-9
command switch 7-18
exiting 10-9
logging into 10-9
mapping on member switches 7-18
setting a command with 10-8
promiscuous ports
configuring 17-13
defined 17-2
protocol-dependent modules, EIGRP 40-37
Protocol-Independent Multicast Protocol
provider edge devices 40-76
provisioning new members for a switch stack 6-8
proxy ARP
configuring 40-12
definition 40-10
with IP routing disabled 40-12
proxy reports 22-4
pruning, VTP
disabling
in VTP domain 15-14
on a port 14-23
enabling
in VTP domain 15-14
on a port 14-22
examples 15-5
overview 15-4
pruning-eligible list
changing 14-22
for VTP pruning 15-5
VLANs 15-14
PVST+
described 19-10
IEEE 802.1Q trunking interoperability 19-11
instances supported 19-10
Q
QoS
and MQC commands 38-1
auto-QoS
categorizing traffic 38-23
configuration and defaults display 38-32
configuration guidelines 38-27
described 38-22
disabling 38-29
displaying generated commands 38-29
displaying the initial configuration 38-32
effects on running configuration 38-27
egress queue defaults 38-23
enabling for VoIP 38-28
example configuration 38-30
ingress queue defaults 38-23
list of generated commands 38-24
basic model 38-4
classification
class maps, described 38-7
defined 38-4
DSCP transparency, described 38-41
flowchart 38-6
forwarding treatment 38-3
in frames and packets 38-3
MAC ACLs, described 38-5, 38-7
options for IP traffic 38-5
options for non-IP traffic 38-5
policy maps, described 38-7
trust DSCP, described 38-5
trusted CoS, described 38-5
trust IP precedence, described 38-5
class maps
configuring 38-48
displaying 38-80
QoS (continued)configuration guidelines
auto-QoS 38-27
standard QoS 38-35
configuring
aggregate policers 38-60
auto-QoS 38-22
default port CoS value 38-39
DSCP maps 38-62
DSCP transparency 38-41
DSCP trust states bordering another domain 38-42
egress queue characteristics 38-72
ingress queue characteristics 38-68
IP extended ACLs 38-46
IP standard ACLs 38-45
MAC ACLs 38-47
policy maps, hierarchical 38-54
policy maps on physical ports 38-50
port trust states within the domain 38-38
trusted boundary 38-40
default auto configuration 38-23
default standard configuration 38-33
displaying statistics 38-80
DSCP transparency 38-41
egress queues
allocating buffer space 38-73
buffer allocation scheme, described 38-19
configuring shaped weights for SRR 38-77
configuring shared weights for SRR 38-78
described 38-4
displaying the threshold map 38-76
flowchart 38-18
mapping DSCP or CoS values 38-75
scheduling, described 38-4
setting WTD thresholds 38-73
WTD, described 38-21
enabling globally 38-37
QoS (continued)flowcharts
classification 38-6
egress queueing and scheduling 38-18
ingress queueing and scheduling 38-15
policing and marking 38-10
implicit deny 38-7
ingress queues
allocating bandwidth 38-70
allocating buffer space 38-70
buffer and bandwidth allocation, described 38-17
configuring shared weights for SRR 38-70
configuring the priority queue 38-71
described 38-4
displaying the threshold map 38-69
flowchart 38-15
mapping DSCP or CoS values 38-69
priority queue, described 38-17
scheduling, described 38-4
setting WTD thresholds 38-69
WTD, described 38-17
IP phones
automatic classification and queueing 38-22
detection and trusted settings 38-22, 38-40
limiting bandwidth on egress interface 38-79
mapping tables
CoS-to-DSCP 38-62
displaying 38-80
DSCP-to-CoS 38-65
DSCP-to-DSCP-mutation 38-66
IP-precedence-to-DSCP 38-63
policed-DSCP 38-64
types of 38-12
marked-down actions 38-52, 38-57
overview 38-2
packet modification 38-21
QoS (continued)policers
configuring 38-52, 38-57, 38-60
described 38-8
displaying 38-80
number of 38-36
types of 38-9
policies, attaching to an interface 38-8
policing
token bucket algorithm 38-9
policy maps
characteristics of 38-50
displaying 38-80
hierarchical 38-8
hierarchical on SVIs 38-54
nonhierarchical on physical ports 38-50
QoS label, defined 38-4
queues
configuring egress characteristics 38-72
configuring ingress characteristics 38-68
high priority (expedite) 38-21, 38-78
location of 38-13
SRR, described 38-14
WTD, described 38-14
rewrites 38-21
support for 1-12
trust states
bordering another domain 38-42
described 38-5
trusted device 38-40
within the domain 38-38
quality of service
queries, IGMP 25-4
query solicitation, IGMP 25-13
R
RADIUS
attributes
vendor-proprietary 10-30
vendor-specific 10-29
configuring
accounting 10-28
authentication 10-23
authorization 10-27
communication, global 10-21, 10-29
communication, per-server 10-20, 10-21
multiple UDP ports 10-21
default configuration 10-20
defining AAA server groups 10-25
displaying the configuration 10-31
identifying the server 10-20
in clusters 7-17
limiting the services to the user 10-27
method list, defined 10-20
operation of 10-19
overview 10-18
server load balancing 10-31
suggested network environments 10-18
support for 1-11
tracking services accessed by user 10-28
range
macro 12-16
of interfaces 12-15
rapid convergence 20-10
rapid per-VLAN spanning-tree plus
rapid PVST+
described 19-10
IEEE 802.1Q trunking interoperability 19-11
instances supported 19-10
Rapid Spanning Tree Protocol
RARP 40-10
rcommand command 7-17
RCP
configuration files
downloading B-18
overview B-16
preparing the server B-17
uploading B-19
image files
deleting old image B-38
downloading B-36
preparing the server B-35
uploading B-38
reachability, tracking IP SLAs IP host 44-9
readiness check
port-based authentication
configuring 11-35
reconfirmation interval, VMPS, changing 14-31
reconfirming dynamic VLAN membership 14-31
recovery procedures 49-1
redundancy
EtherChannel 39-3
HSRP 42-1
STP
backbone 19-8
multidrop backbone 21-5
path cost 14-26
port priority 14-24
redundant links and UplinkFast 21-15
redundant power system
See Cisco Redundant Power System 2300
reliable transport protocol, EIGRP 40-37
reloading software 3-21
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
remote SPAN 31-3
report suppression, IGMP
described 25-6
requirements
cluster xlvi
device manager xlvi
Network Assistant xlvi
resequencing ACL entries 36-15
resets, in BGP 40-51
resetting a UDLD-shutdown interface 30-6
responder, IP SLAs
described 43-4
enabling 43-8
response time, measuring with IP SLAs 43-4
restricted VLAN
configuring 11-48
described 11-18
using with IEEE 802.1x 11-18
restricting access
NTP services 8-8
overview 10-1
passwords and privilege levels 10-2
RADIUS 10-17
TACACS+ 10-10
retry count, VMPS, changing 14-32
reverse address resolution 40-9
Reverse Address Resolution Protocol
RFC
1058, RIP 40-20
1112, IP multicast and IGMP 25-2
1157, SNMPv1 34-2
1163, BGP 40-44
1166, IP addresses 40-7
RFC (continued)1253, OSPF 40-25
1267, BGP 40-44
1305, NTP 8-2
1587, NSSAs 40-26
1757, RMON 32-2
1771, BGP 40-44
1901, SNMPv2C 34-2
1902 to 1907, SNMPv2 34-2
2236, IP multicast and IGMP 25-2
2273-2275, SNMPv3 34-2
RIP
advertisements 40-20
authentication 40-23
configuring 40-21
default configuration 40-21
described 40-20
for IPv6 41-6
hop counts 40-20
split horizon 40-23
summary addresses 40-24
support for 1-13
RMON
default configuration 32-3
displaying status 32-6
enabling alarms and events 32-3
groups supported 32-2
overview 32-1
statistics
collecting group Ethernet 32-5
collecting group history 32-5
support for 1-15
root guard
described 21-10
enabling 21-18
support for 1-8
root switch
MSTP 20-17
STP 19-16
route calculation timers, OSPF 40-33
route dampening, BGP 40-63
routed packets, ACLs on 36-40
routed ports
configuring 40-5
defined 12-4
in switch clusters 7-9
route-map command 40-101
route maps
BGP 40-55
policy-based routing 40-99
router ACLs
defined 36-2
types of 36-4
route reflectors, BGP 40-62
router ID, OSPF 40-35
route selection, BGP 40-53
route summarization, OSPF 40-32
route targets, VPN 40-78
routing
default 40-3
dynamic 40-3
redistribution of information 40-95
static 40-3
routing domain confederation, BGP 40-62
Routing Information Protocol
routing protocol administrative distances 40-94
RPS
See Cisco Redundant Power System 2300
RPS 2300
See Cisco Redundant Power System 2300
RSPAN 31-3
and stack changes 31-11
characteristics 31-9
configuration guidelines 31-19
default configuration 31-12
destination ports 31-8
RSPAN (continued) 31-3displaying status 31-31
in a switch stack 31-2
interaction with other features 31-10
monitored ports 31-7
monitoring ports 31-8
received traffic 31-6
session limits 31-13
sessions
creating 31-20
defined 31-4
limiting source traffic to specific VLANs 31-22
specifying monitored ports 31-20
with ingress traffic enabled 31-25
source ports 31-7
transmitted traffic 31-6
VLAN-based 31-7
RSTP
active topology 20-10
BPDU
format 20-12
processing 20-13
designated port, defined 20-9
designated switch, defined 20-9
interoperability with IEEE 802.1D
described 20-9
restarting migration process 20-26
topology changes 20-13
overview 20-9
port roles
described 20-9
synchronized 20-11
proposal-agreement handshake process 20-10
RSTP (continued)rapid convergence
cross-stack rapid convergence 20-11
described 20-10
edge ports and Port Fast 20-10
point-to-point links 20-10, 20-24
root ports 20-10
root port, defined 20-9
running configuration
saving 3-15
S
SC (standby command switch) 7-11
scheduled reloads 3-21
scheduling, IP SLAs operations 43-5
SCP
and SSH 10-49
configuring 10-49
SDM
described 9-1
switch stack consideration 6-10
templates
configuring 9-5
number of 9-1
SDM template
configuring 9-4
dual IPv4 and IPv6 9-2
types of 9-1
secondary VLANs 17-2
secure HTTP client
configuring 10-48
displaying 10-49
secure HTTP server
configuring 10-46
displaying 10-49
secure MAC addresses
and switch stacks 27-18
deleting 27-16
maximum number of 27-10
types of 27-9
secure ports
and switch stacks 27-18
configuring 27-8
secure remote connections 10-38
Secure Socket Layer
security, port 27-8
security features 1-9
sequence numbers in log messages 33-8
server mode, VTP 15-3
service-provider network, MSTP and RSTP 20-1
service-provider networks
and customer VLANs 18-2
and IEEE 802.1Q tunneling 18-1
Layer 2 protocols across 18-8
Layer 2 protocol tunneling for EtherChannels 18-9
set-request operation 34-5
setup program
failed command switch replacement 49-11
replacing failed command switch 49-9
severity levels, defining in system messages 33-9
SFPs
monitoring status of 12-41, 49-14
numbering of 12-13
security and identification 49-13
status, displaying 49-14
shaped round robin
Shell functions
Shell triggers
show access-lists hw-summary command 36-22
show and more command output, filtering 2-10
show cdp traffic command 28-5
show cluster members command 7-17
show configuration command 12-31
show forward command 49-22
show interfaces command 12-25, 12-31
show interfaces switchport 22-4
show l2protocol command 18-13, 18-15, 18-16
show lldp traffic command 29-11
show platform forward command 49-22
show running-config command
displaying ACLs 36-20, 36-21, 36-32, 36-35
interface description in 12-31
shutdown command on interfaces 12-42
shutdown threshold for Layer 2 protocol packets 18-11
Simple Network Management Protocol
small form-factor pluggable modules
small-frame arrival rate, configuring 27-5
Smartports macros
applying Cisco-default macros 13-13
applying global parameter values 13-13
configuration guidelines 13-12
default configuration 13-12
defined 13-1
displaying 13-14
tracing 13-12
SNAP 28-1
SNMP
accessing MIB variables with 34-4
agent
described 34-4
disabling 34-8
SNMP (continued)and IP SLAs 43-2
authentication level 34-11
community strings
configuring 34-8
for cluster switches 34-4
overview 34-4
configuration examples 34-18
default configuration 34-7
engine ID 34-7
host 34-7
ifIndex values 34-6
in-band management 1-7
in clusters 7-15
informs
and trap keyword 34-12
described 34-5
differences from traps 34-5
disabling 34-16
enabling 34-16
limiting access by TFTP servers 34-17
limiting system log messages to NMS 33-10
managing clusters with 7-18
MIBs
location of A-4
supported A-1
notifications 34-5
security levels 34-3
setting CPU threshold notification 34-16
status, displaying 34-19
system contact and location 34-17
trap manager, configuring 34-14
SNMP (continued)traps
differences from informs 34-5
disabling 34-16
enabling 34-12
enabling MAC address notification 8-22
types of 34-12
versions supported 34-2
SNMP and Syslog Over IPv6 41-7
SNMPv1 34-2
SNMPv2C 34-2
SNMPv3 34-2
snooping, IGMP 25-2
software compatibility
software images
location in flash B-25
recovery procedures 49-2
scheduling reloads 3-22
tar file format, described B-25
See also downloading and uploading
software images in mixed stacks
See the Cisco Software Activation and Compatibility Document
source addresses
in IPv4 ACLs 36-12
in IPv6 ACLs 37-6
source-and-destination-IP address based forwarding, EtherChannel 39-9
source-and-destination MAC address forwarding, EtherChannel 39-9
source-IP address based forwarding, EtherChannel 39-9
source-MAC address forwarding, EtherChannel 39-8
Source-specific multicast
SPAN
and stack changes 31-11
configuration guidelines 31-13
default configuration 31-12
destination ports 31-8
displaying status 31-31
interaction with other features 31-10
monitored ports 31-7
monitoring ports 31-8
ports, restrictions 27-12
received traffic 31-6
session limits 31-13
sessions
configuring ingress forwarding 31-17, 31-26
defined 31-4
limiting source traffic to specific VLANs 31-18
removing destination (monitoring) ports 31-15
specifying monitored ports 31-14, 31-28
with ingress traffic enabled 31-16
source ports 31-7
transmitted traffic 31-6
VLAN-based 31-7
spanning tree and native VLANs 14-19
Spanning Tree Protocol
SPAN traffic 31-6
split horizon, RIP 40-23
SRR
configuring
shaped weights on egress queues 38-77
shared weights on egress queues 38-78
shared weights on ingress queues 38-70
described 38-14
shaped mode 38-14
shared mode 38-15
SSH
configuring 10-39
cryptographic software image 10-37
encryption methods 10-38
switch stack considerations 6-17, 10-38
user authentication methods, supported 10-39
SSL
configuration guidelines 10-45
configuring a secure HTTP client 10-48
configuring a secure HTTP server 10-46
cryptographic software image 10-42
described 10-42
monitoring 10-49
SSM
address management restrictions 46-16
CGMP limitations 46-16
components 46-14
configuration guidelines 46-16
differs from Internet standard multicast 46-15
IGMP snooping 46-16
IGMPv3 46-14
IGMPv3 Host Signalling 46-16
IP address range 46-15
monitoring 46-17
operations 46-15
PIM 46-14
state maintenance limitations 46-17
SSM mapping 46-17
configuration guidelines 46-18
monitoring 46-22
overview 46-18
restrictions 46-18
static traffic forwarding 46-21
stack changes
effects on
IPv6 routing 41-9
stack changes, effects on
ACL configuration 36-7
CDP 28-2
cross-stack EtherChannel 39-13
EtherChannel 39-10
fallback bridging 48-3
HSRP 42-5
IEEE 802.1x port-based authentication 11-10
IGMP snooping 25-7
IP routing 40-4
IPv6 ACLs 37-3
MAC address tables 8-21
MSTP 20-8
multicast routing 46-10
MVR 25-18
port security 27-18
SDM template selection 9-3
SNMP 34-1
SPAN and RSPAN 31-11
STP 19-12
switch clusters 7-15
system message log 33-2
VLANs 14-6
VTP 15-6
stack master
bridge ID (MAC address) 6-6
defined 6-2
election 6-5
IPv6 41-9
re-election 6-5
stack member
accessing CLI of specific member 6-24
configuring
member number 6-22
priority value 6-22
defined 6-2
displaying information of 6-25
IPv6 41-10
number 6-6
priority value 6-7
provisioning a new member 6-23
replacing 6-15
stack member number 12-13
stack protocol version 6-11
stacks, switch
accessing CLI of specific member 6-24
assigning information
member number 6-22
priority value 6-22
provisioning a new member 6-23
auto-advise 6-12
auto-copy 6-12
auto-extract 6-12
auto-upgrade 6-12
bridge ID 6-6
Catalyst 3750-E-only 6-1
CDP considerations 28-2
compatibility, software 6-10
configuration file 6-15
configuration scenarios 6-18
copying an image file from one member to another B-39
default configuration 6-20
description of 6-1
displaying information of 6-25
enabling persistent MAC address timer 6-20
hardware compatibility and SDM mismatch mode 6-10
stacks, switch (continued)HSRP considerations 42-5
in clusters 7-15
incompatible software and image upgrades 6-15, B-39
IPv6 on 41-9
MAC address considerations 8-21
MAC address of 6-20
management connectivity 6-16
managing 6-1
managing mixed
See Catalyst 3750-E and 3750 Switch Stacking Compatibility Guide
membership 6-3
merged 6-4
mixed
hardware 6-1
hardware and software 6-2
software 6-2
with Catalyst 3750-E and 3750 switches 6-1
mixed software images
See Cisco Software Activation and Compatibility Document
MSTP instances supported 19-10
multicast routing, stack master and member roles 46-10
offline configuration
described 6-8
effects of adding a provisioned switch 6-8
effects of removing a provisioned switch 6-10
effects of replacing a provisioned switch 6-10
provisioned configuration, defined 6-8
provisioned switch, defined 6-8
provisioning a new member 6-23
provisioned switch
adding 6-8
removing 6-10
replacing 6-10
replacing a failed member 6-15
software compatibility 6-10
stacks, switch (continued)software image version 6-10
stack protocol version 6-11
STP
bridge ID 19-3
instances supported 19-10
root port selection 19-3
stack root switch election 19-3
system messages
hostnames in the display 33-1
remotely monitoring 33-2
system prompt consideration 8-14
system-wide configuration considerations 6-16
upgrading B-39
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 6-12
described 6-11
examples 6-13
manual upgrades with auto-advise 6-12
upgrades with auto-extract 6-12
See also stack master and stack member
StackWise Plus technology, Cisco 1-3
standby command switch
considerations 7-12
defined 7-2
priority 7-11
requirements 7-3
virtual IP address 7-12
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 42-7
standby links 22-2
standby router 42-1
standby timers, HSRP 42-11
startup configuration
booting
manually 3-18
specific image 3-18
clearing B-20
configuration file
automatically downloading 3-17
specifying the filename 3-17
default boot configuration 3-17
static access ports
assigning to VLAN 14-11
static addresses
static IP routing 1-13
static MAC addressing 1-9
static route primary interface, configuring 44-10
static routes
configuring 40-93
understanding 41-6
static routing 40-3
static routing support, enhanced object tracking 44-10
static SSM mapping 46-19, 46-20
static traffic forwarding 46-21
static VLAN membership 14-2
statistics
CDP 28-5
IEEE 802.1x 11-66
interface 12-40
IP multicast routing 46-62
LLDP 29-10
LLDP-MED 29-10
NMSP 29-10
OSPF 40-36
QoS ingress and egress 38-80
RMON group Ethernet 32-5
RMON group history 32-5
SNMP input and output 34-19
VTP 15-16
sticky learning 27-9
storm control
configuring 27-3
described 27-1
disabling 27-5
displaying 27-19
support for 1-4
thresholds 27-2
STP
accelerating root port selection 21-4
BackboneFast
described 21-7
disabling 21-17
enabling 21-16
BPDU filtering
described 21-3
disabling 21-15
enabling 21-14
BPDU guard
described 21-2
disabling 21-14
enabling 21-13
BPDU message exchange 19-3
configuration guidelines 19-13, 21-12
configuring
forward-delay time 19-23
hello time 19-22
maximum aging time 19-23
path cost 19-20
port priority 19-18
root switch 19-16
secondary root switch 19-18
spanning-tree mode 19-15
switch priority 19-21
transmit hold-count 19-24
counters, clearing 19-24
cross-stack UplinkFast
described 21-5
enabling 21-16
STP (continued)default configuration 19-13
default optional feature configuration 21-12
designated port, defined 19-4
designated switch, defined 19-4
detecting indirect link failures 21-8
disabling 19-16
displaying status 19-24
EtherChannel guard
described 21-10
disabling 21-17
enabling 21-17
extended system ID
effects on root switch 19-16
effects on the secondary root switch 19-18
overview 19-4
unexpected behavior 19-16
features supported 1-8
IEEE 802.1D and bridge ID 19-4
IEEE 802.1D and multicast addresses 19-9
IEEE 802.1t and VLAN identifier 19-5
inferior BPDU 19-3
instances supported 19-10
interface state, blocking to forwarding 21-2
interface states
blocking 19-6
disabled 19-7
learning 19-7
listening 19-7
overview 19-5
interoperability and compatibility among modes 19-11
keepalive messages 19-2
Layer 2 protocol tunneling 18-8
limitations with IEEE 802.1Q trunks 19-11
STP (continued)load sharing
overview 14-24
using path costs 14-26
using port priorities 14-24
loop guard
described 21-11
enabling 21-18
modes supported 19-10
multicast addresses, effect of 19-9
optional features supported 1-8
overview 19-2
Port Fast
described 21-2
enabling 21-12
port priorities 14-25
preventing root switch selection 21-10
protocols supported 19-10
redundant connectivity 19-8
root guard
described 21-10
enabling 21-18
root port, defined 19-3
root port selection on a switch stack 19-3
root switch
configuring 19-16
effects of extended system ID 19-4, 19-16
election 19-3
unexpected behavior 19-16
shutdown Port Fast-enabled port 21-2
stack changes, effects of 19-12
status, displaying 19-24
superior BPDU 19-3
timers, described 19-22
UplinkFast
described 21-3
enabling 21-15
VLAN-bridge 19-11
stratum, NTP 8-2
stub areas, OSPF 40-31
stub routing, EIGRP 40-43
subdomains, private VLAN 17-1
subnet mask 40-7
subnet zero 40-7
success response, VMPS 14-28
summer time 8-13
SunNet Manager 1-6
supernet 40-8
supported port-based authentication methods 11-7
Smartports macros
See also Auto Smartports macros
SVI autostate exclude
configuring 12-34
defined 12-6
SVI link state 12-6
SVIs
and IP unicast routing 40-5
and router ACLs 36-4
connecting VLANs 12-12
defined 12-5
routing between VLANs 14-2
switch 41-2
switch clustering technology 7-1
switch console port 1-7
Switch Database Management
switched packets, ACLs on 36-39
Switched Port Analyzer
switched ports 12-2
switchport backup interface 22-4, 22-5
switchport block multicast command 27-8
switchport block unicast command 27-8
switchport command 12-22
switchport mode dot1q-tunnel command 18-7
switchport protected command 27-7
switch priority
MSTP 20-22
STP 19-21
switch software features 1-1
switch virtual interface
synchronization, BGP 40-49
syslog
system capabilities TLV 29-2
system clock
configuring
daylight saving time 8-13
manually 8-11
summer time 8-13
time zones 8-12
displaying the time and date 8-12
overview 8-1
system description TLV 29-2
system message logging
default configuration 33-4
defining error message severity levels 33-9
disabling 33-4
displaying the configuration 33-14
enabling 33-5
facility keywords, described 33-14
level keywords, described 33-10
limiting messages 33-10
message format 33-2
overview 33-1
sequence numbers, enabling and disabling 33-8
setting the display destination device 33-5
stack changes, effects of 33-2
synchronizing log messages 33-6
syslog facility 1-15
time stamps, enabling and disabling 33-8
system message logging (continued)UNIX syslog servers
configuring the daemon 33-12
configuring the logging facility 33-13
facilities supported 33-14
system MTU
and IS-IS LSPs 40-70
system MTU and IEEE 802.1Q tunneling 18-5
system name
default configuration 8-15
default setting 8-15
manual configuration 8-15
system name TLV 29-2
system prompt, default setting 8-14, 8-15
system resources, optimizing 9-1
system routing
IS-IS 40-66
ISO IGRP 40-66
T
TACACS+
accounting, defined 10-11
authentication, defined 10-11
authorization, defined 10-11
configuring
accounting 10-17
authentication key 10-13
authorization 10-16
login authentication 10-14
default configuration 10-13
displaying the configuration 10-17
identifying the server 10-13
in clusters 7-17
limiting the services to the user 10-16
operation of 10-12
overview 10-10
TACACS+ (continued)support for 1-11
tracking services accessed by user 10-17
tagged packets
IEEE 802.1Q 18-3
Layer 2 protocol 18-8
tar files
creating B-7
displaying the contents of B-7
extracting B-8
image file format B-25
TCL script, registering and defining with embedded event manager 35-6
TDR 1-15
Telnet
accessing management interfaces 2-11
number of connections 1-7
setting a password 10-6
templates, SDM 9-1
temporary self-signed certificate 10-43
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 10-6
TFTP
configuration files
downloading B-12
preparing the server B-11
uploading B-12
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
image files
deleting B-29
downloading B-27
preparing the server B-26
uploading B-29
limiting access by servers 34-17
TFTP server 1-6
threshold, traffic level 27-2
threshold monitoring, IP SLAs 43-6
time
Time Domain Reflector
time-range command 36-17
time ranges in ACLs 36-17
time stamps in log messages 33-8
time zones 8-12
TLVs
defined 29-1
LLDP 29-1
LLDP-MED 29-2
Token Ring VLANs
support for 14-6
VTP support 15-4
ToS 1-12
traceroute, Layer 2
and ARP 49-17
and CDP 49-16
broadcast traffic 49-16
described 49-16
IP addresses and subnets 49-17
MAC addresses and VLANs 49-17
multicast traffic 49-17
multiple devices on a port 49-17
unicast traffic 49-16
usage guidelines 49-16
traceroute command 49-18
tracked lists
configuring 44-3
types 44-3
tracked objects
by Boolean expression 44-4
by threshold percentage 44-6
by threshold weight 44-5
tracking interface line-protocol state 44-2
tracking IP routing state 44-2
tracking objects 44-1
tracking process 44-1
track state, tracking IP SLAs 44-9
traffic
blocking flooded 27-8
fragmented 36-5
fragmented IPv6 37-2
unfragmented 36-5
traffic policing 1-12
traffic suppression 27-2
transmit hold-count
transparent mode, VTP 15-3, 15-12
trap-door mechanism 3-2
traps
configuring MAC address notification 8-22
configuring managers 34-12
defined 34-3
notification types 34-12
troubleshooting
connectivity problems 49-14, 49-16, 49-17
CPU utilization 49-28
detecting unidirectional links 30-1
displaying crash information 49-25
PIMv1 and PIMv2 interoperability problems 46-35
setting packet forwarding 49-22
SFP security and identification 49-13
show forward command 49-22
with CiscoWorks 34-4
with debug commands 49-20
with ping 49-15
with system message logging 33-1
with traceroute 49-18
trunk failover
trunking encapsulation 1-9
trunk ports
configuring 14-20
encapsulation 14-20, 14-25, 14-27
trunks
allowed-VLAN list 14-21
configuring 14-20, 14-25, 14-27
ISL 14-16
load sharing
setting STP path costs 14-26
using STP port priorities 14-24, 14-25
native VLAN for untagged traffic 14-23
parallel 14-26
pruning-eligible list 14-22
to non-DTP device 14-17
trusted boundary for QoS 38-40
trusted port states
between QoS domains 38-42
classification options 38-5
ensuring port security for IP phones 38-40
support for 1-12
within a QoS domain 38-38
trustpoints, CA 10-43
tunneling
defined 18-1
IEEE 802.1Q 18-1
Layer 2 protocol 18-8
tunnel ports
IEEE 802.1Q, configuring 18-7
incompatibilities with other features 18-6
twisted-pair Ethernet, detecting unidirectional links 30-1
type of service
U
UDLD
configuration guidelines 30-4
default configuration 30-4
disabling
globally 30-5
on fiber-optic interfaces 30-5
per interface 30-6
echoing detection mechanism 30-3
enabling
globally 30-5
per interface 30-6
Layer 2 protocol tunneling 18-10
link-detection mechanism 30-1
neighbor database 30-2
overview 30-1
resetting an interface 30-6
status, displaying 30-7
support for 1-8
UDP, configuring 40-16
UDP jitter, configuring 43-9
UDP jitter operation, IP SLAs 43-8
unauthorized ports with IEEE 802.1x 11-9
unicast MAC address filtering 1-6
and adding static addresses 8-26
and broadcast MAC addresses 8-25
and CPU packets 8-25
and multicast addresses 8-25
and router MAC addresses 8-25
configuration guidelines 8-25
described 8-25
unicast storm 27-1
unicast storm control command 27-4
unicast traffic, blocking 27-8
UniDirectional Link Detection protocol
universal software image
cryptographic 1-1
feature set
IP base 1-1
IP services 1-2
noncryptographic 1-1
UNIX syslog servers
daemon configuration 33-12
facilities supported 33-14
message logging configuration 33-13
unrecognized Type-Length-Value (TLV) support 15-4
upgrading information
upgrading software images
UplinkFast
described 21-3
disabling 21-16
enabling 21-15
support for 1-8
uploading
configuration files
reasons for B-9
using FTP B-15
using RCP B-19
using TFTP B-12
image files
reasons for B-24
using FTP B-33
using RCP B-38
using TFTP B-29
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 10-6
V
version-dependent transparent mode 15-4
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 6-12
described 6-11
displaying 6-11
manual upgrades with auto-advise 6-12
upgrades with auto-extract 6-12
virtual IP address
cluster standby group 7-12
command switch 7-12
Virtual Private Network
virtual switches and PAgP 39-6
vlan.dat file 14-5
VLAN 1
disabling on a trunk port 14-22
minimization 14-21
VLAN ACLs
vlan-assignment response, VMPS 14-28
VLAN configuration
at bootup 14-8
saving 14-8
VLAN configuration mode 2-2, 14-7
VLAN database
and startup configuration file 14-8
VLAN configuration saved in 14-7
VLANs saved in 14-4
vlan database command 14-7
vlan dot1q tag native command 18-5
VLAN filtering and SPAN 31-8
vlan global configuration command 14-7
VLAN ID, discovering 8-28
VLAN link state 12-5
VLAN load balancing on flex links
configuration guidelines 22-8
described 22-3
VLAN management domain 15-2
VLAN Management Policy Server
VLAN map entries, order of 36-31
VLAN maps
applying 36-35
common uses for 36-35
configuration guidelines 36-31
configuring 36-30
creating 36-32
defined 36-2
denying access to a server example 36-36
denying and permitting packets 36-32
displaying 36-42
examples of ACLs and VLAN maps 36-33
removing 36-35
support for 1-10
wiring closet configuration example 36-36
VLAN membership
confirming 14-31
modes 14-3
VLAN Query Protocol
VLANs
adding 14-9
adding to VLAN database 14-9
aging dynamic addresses 19-9
allowed on trunk 14-21
and spanning-tree instances 14-3, 14-6, 14-13
configuration guidelines, extended-range VLANs 14-13
configuration guidelines, normal-range VLANs 14-6
configuration options 14-7
configuring 14-1
configuring IDs 1006 to 4094 14-13
connecting through SVIs 12-12
VLANs (continued)creating in config-vlan mode 14-9
creating in VLAN configuration mode 14-10
customer numbering in service-provider networks 18-3
default configuration 14-8
deleting 14-10
displaying 14-16
features 1-9
illustrated 14-2
internal 14-13
in the switch stack 14-6
limiting source traffic with RSPAN 31-22
limiting source traffic with SPAN 31-18
modifying 14-9
multicast 25-18
native, configuring 14-23
number supported 1-9
parameters 14-5
port membership modes 14-3
static-access ports 14-11
STP and IEEE 802.1Q trunks 19-11
supported 14-2
Token Ring 14-6
traffic between 14-2
VTP modes 15-3
VLAN Trunking Protocol
VLAN trunks 14-16
VMPS
administering 14-32
configuration example 14-33
configuration guidelines 14-29
default configuration 14-29
description 14-28
VMPS (continued)dynamic port membership
described 14-29
reconfirming 14-31
troubleshooting 14-33
entering server address 14-30
mapping MAC addresses to VLANs 14-28
monitoring 14-32
reconfirmation interval, changing 14-31
reconfirming membership 14-31
retry count, changing 14-32
voice aware 802.1x security
port-based authentication
configuring 11-36
voice-over-IP 16-1
voice VLAN
Cisco 7960 phone, port connections 16-1
configuration guidelines 16-3
configuring IP phones for data traffic
override CoS of incoming frame 16-6
trust CoS priority of incoming frame 16-6
configuring ports for voice traffic in
IEEE 802.1p priority tagged frames 16-5
IEEE 802.1Q frames 16-5
connecting to an IP phone 16-4
default configuration 16-3
described 16-1
displaying 16-7
IP phone data traffic, described 16-2
IP phone voice traffic, described 16-2
VPN
configuring routing in 40-84
forwarding 40-78
in service provider networks 40-76
routes 40-76
VPN routing and forwarding table
VRF
defining 40-78
tables 40-76
VRF-aware services
ARP 40-81
configuring 40-80
ftp 40-83
HSRP 40-81
ping 40-81
SNMP 40-81
syslog 40-82
tftp 40-83
traceroute 40-83
uRPF 40-82
VRFs, configuring multicast 40-84
VTP
adding a client to a domain 15-14
and extended-range VLANs 15-2
and normal-range VLANs 15-2
client mode, configuring 15-11
configuration
global configuration mode 15-7
guidelines 15-8
privileged EXEC mode 15-7
requirements 15-9
saving 15-7
VLAN configuration mode 15-8
configuration mode options 15-7
configuration requirements 15-9
configuration revision number
guideline 15-14
resetting 15-15
configuring
client mode 15-11
server mode 15-9
transparent mode 15-12
consistency checks 15-4
default configuration 15-7
VTP (continued)described 15-1
disabling 15-12
domain names 15-8
domains 15-2
Layer 2 protocol tunneling 18-8
modes
transitions 15-3
monitoring 15-16
passwords 15-8
pruning
disabling 15-14
enabling 15-14
examples 15-5
overview 15-4
support for 1-9
pruning-eligible list, changing 14-22
server mode, configuring 15-9
statistics 15-16
support for 1-9
Token Ring support 15-4
transparent mode, configuring 15-12
using 15-1
version, guidelines 15-9
Version 1 15-4
Version 2
configuration guidelines 15-9
disabling 15-13
enabling 15-13
overview 15-4
W
WCCP
authentication 45-3
configuration guidelines 45-5
default configuration 45-5
described 45-1
displaying 45-9
dynamic service groups 45-3
enabling 45-6
features unsupported 45-5
forwarding method 45-3
Layer-2 header rewrite 45-3
MD5 security 45-3
message exchange 45-2
monitoring and maintaining 45-9
negotiation 45-3
packet redirection 45-3
packet-return method 45-3
redirecting traffic received from a client 45-6
setting the password 45-7
unsupported WCCPv2 features 45-5
web authentication 11-13
fallback for IEEE 802.1x 11-63
Web Cache Communication Protocol
weighted tail drop
weight thresholds in tracked lists 44-5
wired location service
configuring 29-9
displaying 29-10
location TLV 29-2
understanding 29-3
wizards 1-3
WTD
described 38-14
setting thresholds
egress queue-sets 38-73
ingress queues 38-69
support for 1-12