-
Catalyst 3750-E and Catalyst 3560-E Switch Software Configuration Guide, Cisco IOS Release 15.0(2)SE and Later
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Assigning the Switch IP Address and Default Gateway
-
Configuring Cisco IOS Configuration Engine
-
Managing Switch Stacks
-
Clustering Switches
-
Administering the Switch
-
Configuring SDM Templates
-
Configuring Switch-Based Authentication
-
Configuring IEEE 802.1x Port-Based Authentication
-
Configuring Web-Based Authentication
-
Configuring Interface Characteristics
-
Configuring VLANs
-
Configuring VTP
-
Configuring Voice VLANs
-
Configuring Private VLANs
-
Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Resilient Ethernet Protocol
-
Configuring Flex Links
-
Configuring DHCP Features and IP Source Guard
-
Configuring Dynamic ARP Inspection
-
Configuring IGMP Snooping and MVR
-
Configuring IPv6 MLD Snooping
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring LLDP, LLDP-MED, and Wired Location Service
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging and Smart Logging
-
Configuring SNMP
-
Configuring Embedded Event Manager
-
Configuring Network Security with ACLs
-
Configuring IPv6 ACLs
-
Configuring QoS
-
Configuring EtherChannels and Link-State Tracking
-
Configuring TelePresence E911 IP Phone Support
-
Configuring IP Unicast Routing
-
Configuring IPv6 Unicast Routing
-
Implementing IPv6 Multicast
-
Configuring HSRP and VRRP
-
Configuring Cisco IOS IP SLAs Operations
-
Configuring Enhanced Object Tracking
-
Configuring WCCP
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Configuring Online Diagnostics
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 15.0(2)SE
-
Feedback
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -
Index
Numerics
10-Gigabit Ethernet interfaces 13-6
802.1AE Tagging 12-2
A
AAA down policy, NAC Layer 2 IP validation 1-12
abbreviating commands 2-3
ABRs 42-26
AC (command switch) 6-10
access control entries
access-denied response, VMPS 14-27
access groups
applying IPv4 ACLs to interfaces 37-21
Layer 3 37-21
access groups, applying IPv4 ACLs to interfaces 37-21
accessing
clusters, switch 6-13
command switches 6-11
member switches 6-13
switch clusters 6-13
accessing stack members 5-30
access lists
access ports
and Layer 2 protocol tunneling 18-12
defined 13-3
in switch clusters 6-9
access template 8-1
accounting
with 802.1x 10-52
with IEEE 802.1x 10-14
with RADIUS 9-36
ACEs
and QoS 38-8
defined 37-2
Ethernet 37-2
IP 37-2
ACLs
ACEs 37-2
applying
on bridged packets 37-41
on multicast packets 37-42
on routed packets 37-42
on switched packets 37-40
time ranges to 37-17
to QoS 38-7
classifying traffic for QoS 38-51
comments in 37-19
compiling 37-24
extended IP, configuring for QoS classification 38-52
extended IPv4
creating 37-11
matching criteria 37-8
hardware and software handling 37-22
IP
creating 37-8
fragments and QoS guidelines 38-40
implicit deny 37-10, 37-14, 37-17
implicit masks 37-10
matching criteria 37-8
undefined 37-22
IPv4
applying to interfaces 37-20
creating 37-8
matching criteria 37-8
named 37-15
numbers 37-8
terminal lines, setting on 37-19
unsupported features 37-7
IPv6
and stacking 39-4
applying to interfaces 39-8
displaying 39-9
interactions with other features 39-5
limitations 39-3
matching criteria 39-3
named 39-3
precedence of 39-2
supported 39-3
unsupported features 39-3
Layer 4 information in 37-40
logging messages 37-9
named
IPv4 37-15
IPv6 39-3
names 39-5
number per QoS class map 38-40
precedence of 37-3
resequencing entries 37-15
router ACLs and VLAN map configuration guidelines 37-39
standard IP, configuring for QoS classification 38-51, 38-53
standard IPv4
creating 37-10
matching criteria 37-8
support for 1-11
support in hardware 37-22
time ranges 37-17
types supported 37-2
unsupported features
IPv4 37-7
IPv6 39-3
using router ACLs with VLAN maps 37-39
VLAN maps
configuration guidelines 37-32
configuring 37-31
active links 23-2
active router 45-2
active traffic monitoring, IP SLAs 46-1
address aliasing 26-2
addresses
displaying the MAC address table 7-25
dynamic
accelerated aging 19-9
changing the aging time 7-15
default aging 19-9
defined 7-13
learning 7-14
removing 7-16
IPv6 43-2
MAC, discovering 7-25
multicast
group address range 49-3
STP address management 19-9
static
adding and removing 7-21
defined 7-13
address resolution 7-25, 42-10
Address Resolution Protocol
adjacency tables, with CEF 42-91
administrative distances
defined 42-103
OSPF 42-34
routing protocol defaults 42-94
administrative VLAN
REP, configuring 22-8
administrative VLAN, REP 22-8
advertisements
CDP 28-1
LLDP 30-2
RIP 42-21
age timer, REP 22-8
aggregatable global unicast addresses 43-3
aggregate addresses, BGP 42-61
aggregated ports
aggregate policers 38-73
aggregate policing 1-14
aging, accelerating 19-9
aging time
accelerated
for MSTP 20-25
MAC address table 7-15
maximum
for MSTP 20-26
alarms, RMON 33-4
allowed-VLAN list 14-20
AP1250 (wireless access point) 1-16
application engines, redirecting traffic to 48-1
area border routers
area routing
IS-IS 42-66
ISO IGRP 42-66
ARP
configuring 42-11
encapsulation 42-11
static cache configuration 42-11
table
address resolution 7-25
managing 7-25
ASBRs 42-26
AS-path filters, BGP 42-55
asymmetrical links, and IEEE 802.1Q tunneling 18-4
attributes, RADIUS
vendor-proprietary 9-39
vendor-specific 9-37
attribute-value pairs 10-20
authentication
EIGRP 42-42
HSRP 45-10
local mode with AAA 9-46
open1x 10-31
RADIUS
key 9-29
login 9-31
TACACS+
defined 9-11
key 9-13
login 9-14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 10-8
authentication failed VLAN
authentication keys, and routing protocols 42-104
authentication manager
CLI commands 10-9
compatibility with older 802.1x CLI commands10-9to 10-10
overview 10-7
single session ID 10-35
authoritative time source, described 7-2
authorization
with RADIUS 9-35
authorized ports with IEEE 802.1x 10-10
autoconfiguration 4-3
auto enablement 10-34
automatic advise (auto-advise) in switch stacks 5-12
automatic copy (auto-copy) in switch stacks 5-12
automatic discovery
considerations
beyond a noncandidate device 6-8
brand new switches 6-9
connectivity 6-5
different VLANs 6-7
management VLANs 6-7
non-CDP-capable devices 6-6
noncluster-capable devices 6-6
routed ports 6-8
in switch clusters 6-5
automatic extraction (auto-extract) in switch stacks 5-12
automatic QoS
automatic recovery, clusters 6-10
automatic upgrades (auto-upgrade) in switch stacks 5-12
auto-MDIX
configuring 13-26
described 13-26
autonegotiation
duplex mode 1-4
interface configuration guidelines 13-23
mismatches 52-13
autonomous system boundary routers
autonomous systems, in BGP 42-49
Auto-RP, described 49-7
autosensing, port speed 1-4
autostate exclude 13-6
auxiliary VLAN
availability, features 1-9
B
BackboneFast
described 21-7
disabling 21-17
enabling 21-17
support for 1-9
backup interfaces
backup links 23-2
backup static routing, configuring 47-12
banners
configuring
login 7-13
message-of-the-day login 7-12
default configuration 7-11
when displayed 7-11
Berkeley r-tools replacement 9-58
BGP
aggregate addresses 42-61
aggregate routes, configuring 42-61
CIDR 42-61
clear commands 42-64
community filtering 42-58
configuring neighbors 42-59
default configuration 42-46
described 42-46
enabling 42-49
monitoring 42-64
multipath support 42-53
neighbors, types of 42-49
path selection 42-53
peers, configuring 42-59
prefix filtering 42-57
resetting sessions 42-51
route dampening 42-63
route maps 42-55
route reflectors 42-62
routing domain confederation 42-62
routing session with multi-VRF CE 42-85
show commands 42-64
supernets 42-61
support for 1-15
Version 4 42-46
binding cluster group and HSRP group 45-12
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 24-6
DHCP snooping database 24-6
IP source guard 24-16
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 29-7
Boolean expressions in tracked lists 47-4
booting
boot loader, function of 4-2
boot process 4-2
manually 4-19
specific image 4-20
boot loader
accessing 4-21
described 4-2
environment variables 4-21
prompt 4-21
trap-door mechanism 4-2
bootstrap router (BSR), described 49-7
Border Gateway Protocol
BPDU
error-disabled state 21-2
filtering 21-3
RSTP format 20-12
BPDU filtering
described 21-3
disabling 21-15
enabling 21-15
support for 1-9
BPDU guard
described 21-2
disabling 21-14
enabling 21-14
support for 1-9
bridged packets, ACLs on 37-41
bridge groups
bridge protocol data unit
broadcast flooding 42-18
broadcast packets
directed 42-15
flooded 42-15
broadcast storm-control command 29-4
C
cables, monitoring for unidirectional links 31-1
candidate switch
automatic discovery 6-5
defined 6-4
requirements 6-4
See also command switch, cluster standby group, and member switch
Catalyst 6000 switches, authentication compatibility 10-8
CA trustpoint
configuring 9-54
defined 9-52
CDP
and trusted boundary 38-47
automatic discovery in switch clusters 6-5
configuring 28-2
default configuration 28-2
defined with LLDP 30-1
described 28-1
disabling for routing device 28-4
enabling and disabling
on an interface 28-4
on a switch 28-4
Layer 2 protocol tunneling 18-8
monitoring 28-5
overview 28-1
power negotiation extensions 13-7
support for 1-7
switch stack considerations 28-2
transmission timer and holdtime, setting 28-3
updates 28-3
CEF
defined 42-91
distributed 42-91
IPv6 43-30
CGMP
as IGMP snooping learning method 26-9
enabling server support 49-45
joining multicast group 26-3
overview 49-9
server support only 49-9
switch support of 1-5
CIDR 42-61
CipherSuites 9-53
Cisco 7960 IP Phone 16-1
Cisco AP1250 (wireless access point) 1-16
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco intelligent power management 13-7
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco IOS IP SLAs 46-2
Cisco Redundant Power System 2300
configuring 13-38
managing 13-38
Cisco Secure ACS
attribute-value pairs for downloadable ACLs 10-20
attribute-value pairs for redirect URL 10-20
Cisco StackWise Plus technology 1-3
CISP 10-33
CIST regional root
CIST root
civic location 30-3
classless interdomain routing
classless routing 42-8
class maps for QoS
configuring 38-56
described 38-8
class of service
clearing interfaces 13-41
CLI
abbreviating commands 2-3
command modes 2-1
configuration logging 2-5
described 1-6
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-8
error messages 2-4
filtering command output 2-9
getting help 2-3
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 6-16
no and default forms of commands 2-4
Client Information Signalling Protocol
client mode, VTP 15-3
client processes, tracking 47-1
CLNS
clock
clusters, switch
accessing 6-13
automatic discovery 6-5
automatic recovery 6-10
benefits 1-2
compatibility 6-4
described 6-1
LRE profile considerations 6-16
managing
through CLI 6-16
through SNMP 6-17
planning 6-4
planning considerations
automatic discovery 6-5
automatic recovery 6-10
CLI 6-16
host names 6-13
IP addresses 6-13
LRE profiles 6-16
passwords 6-14
RADIUS 6-16
switch stacks 6-14
TACACS+ 6-16
cluster standby group
and HSRP group 45-12
automatic recovery 6-12
considerations 6-11
defined 6-2
requirements 6-3
virtual IP address 6-11
CNS
Configuration Engine
configID, deviceID, hostname 3-3
configuration service 3-2
described 3-1
event service 3-3
embedded agents
described 3-5
enabling automated configuration 3-6
enabling configuration agent 3-9
enabling event agent 3-8
management functions 1-6
CoA Request Commands 9-24
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 9-8
command switch
accessing 6-11
active (AC) 6-10
configuration conflicts 52-12
defined 6-2
passive (PC) 6-10
password privilege levels 6-17
priority 6-10
recovery
from command-switch failure 6-10, 52-9
from lost member connectivity 52-12
redundant 6-10
replacing
with another switch 52-11
with cluster member 52-9
requirements 6-3
standby (SC) 6-10
See also candidate switch, cluster standby group, member switch, and standby command switch
common session ID
see single session ID 10-35
community list, BGP 42-58
community ports 17-2
community strings
for cluster switches 35-4
in clusters 6-14
overview 35-4
SNMP 6-14
compatibility, feature 29-12
compatibility, software
configurable leave timer, IGMP 26-6
configuration, initial
defaults 1-19
Express Setup 1-2
configuration conflicts, recovering from lost member connectivity 52-12
configuration examples, network 1-21
configuration files
archiving A-21
clearing the startup configuration A-20
creating and using, guidelines for A-10
creating using a text editor A-11
deleting a stored configuration A-20
described A-9
downloading
automatically 4-18
reasons for A-9
using FTP A-14
using RCP A-18
using TFTP A-12
invalid combinations when copying A-6
limiting TFTP server access 35-18
obtaining with DHCP 4-9
password recovery disable considerations 9-5
replacing and rolling back, guidelines for A-22
replacing a running configuration A-21
rolling back a running configuration A-21, A-22
specifying the filename 4-19
system contact and location information 35-17
types and location A-10
uploading
reasons for A-9
using FTP A-16
using RCP A-19
using TFTP A-13
configuration guidelines
REP 22-7
configuration guidelines, multi-VRF CE 42-78
configuration logging 2-5
configuration replacement A-21
configuration rollback A-21
configuration settings, saving 4-16
configure terminal command 13-13
Configuring First Hop Security in IPv6 43-5, 43-19
Configuring IPv6 Source Guard 43-22
configuring multicast VRFs 42-84
configuring port-based authentication violation modes 10-43
configuring small-frame arrival rate 29-5
Configuring VACL Logging 37-38
conflicts, configuration 52-12
connections, secure remote 9-47
connectivity problems 52-15, 52-16, 52-18
consistency checks in VTP Version 2 15-5
console port, connecting to 2-10
content-routing technology
control protocol, IP SLAs 46-4
convergence
REP 22-4
corrupted software, recovery steps with Xmodem 52-2
CoS
in Layer 2 frames 38-2
override priority 16-7
trust priority 16-7
CoS input queue threshold map for QoS 38-18
CoS output queue threshold map for QoS 38-21
CoS-to-DSCP map for QoS 38-75
counters, clearing interface 13-41
CPU utilization, troubleshooting 52-30
crashinfo file 52-25
critical authentication, IEEE 802.1x 10-56
critical VLAN 10-23
cross-stack EtherChannel
configuration guidelines 40-13
configuring
on Layer 2 interfaces 40-13
on Layer 3 physical interfaces 40-16
described 40-3
illustration 40-4
support for 1-9
cross-stack UplinkFast, STP
described 21-5
disabling 21-17
enabling 21-17
fast-convergence events 21-7
Fast Uplink Transition Protocol 21-6
normal-convergence events 21-7
support for 1-9
cryptographic software image
switch stack considerations 5-2, 5-17
customer edge devices 42-76
customizeable web pages, web-based authentication 11-6
CWDM SFPs 1-35
D
DACL
daylight saving time 7-7
dCEF in the switch stack 42-91
debugging
enabling all system diagnostics 52-22
enabling for a specific feature 52-21
redirecting error message output 52-22
using commands 52-21
default commands 2-4
default configuration
802.1x 10-36
auto-QoS 38-24
banners 7-11
BGP 42-46
booting 4-18
CDP 28-2
DHCP 24-8
DHCP option 82 24-8
DHCP snooping 24-8
DHCP snooping binding database 24-9
DNS 7-10
dynamic ARP inspection 25-5
EIGRP 42-38
EtherChannel 40-11
Ethernet interfaces 13-22
fallback bridging 51-3
Flex Links 23-8
HSRP 45-5
IEEE 802.1Q tunneling 18-4
IGMP 49-39
IGMP filtering 26-25
IGMP throttling 26-25
initial switch information 4-3
IP addressing, IP routing 42-6
IP multicast routing 49-11
IP SLAs 46-6
IP source guard 24-18
IPv6 43-16
IS-IS 42-67
Layer 2 interfaces 13-22
Layer 2 protocol tunneling 18-12
LLDP 30-5
MAC address table 7-15
MAC address-table move update 23-8
MSDP 50-4
MSTP 20-15
multi-VRF CE 42-78
MVR 26-20
optional spanning-tree configuration 21-12
OSPF 42-27
password and privilege level 9-2
PIM 49-11
private VLANs 17-7
RADIUS 9-28
REP 22-7
RIP 42-21
RMON 33-3
RSPAN 32-12
SDM template 8-4
SNMP 35-6
SPAN 32-12
SSL 9-54
standard QoS 38-37
STP 19-13
switch stacks 5-24
system message logging 34-4
system name and prompt 7-9
TACACS+ 9-13
UDLD 31-4
VLAN, Layer 2 Ethernet interfaces 14-17
VLANs 14-7
VMPS 14-28
voice VLAN 16-3
VTP 15-8
WCCP 48-5
default networks 42-94
default router preference
default routes 42-94
default routing 42-3
default web-based authentication configuration
802.1X 11-9
deleting VLANs 14-9
denial-of-service attack 29-1
description command 13-31
designing your network, examples 1-21
desktop template 5-10
destination-IP address-based forwarding, EtherChannel 40-9
destination-MAC address forwarding, EtherChannel 40-9
detecting indirect link failures, STP 21-8
device discovery protocol 28-1, 30-1
device manager
benefits 1-2
in-band management 1-8
DHCP
Cisco IOS server database
configuring 24-14
default configuration 24-9
described 24-6
DHCP for IPv6
enabling
relay agent 24-11
server 24-10
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-4
DNS 4-8
relay device 4-8
server side 4-7
server-side 24-10
TFTP server 4-7
example 4-10
lease options
for IP address information 4-7
for receiving the configuration file 4-7
overview 4-3
relationship to BOOTP 4-4
support for 1-7
DHCP-based autoconfiguration and image update
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 47-11
DHCP option 82
circuit ID suboption 24-5
configuration guidelines 24-9
default configuration 24-8
displaying 24-16
forwarding address, specifying 24-11
helper address 24-11
overview 24-3
packet format, suboption
circuit ID 24-5
remote ID 24-5
remote ID suboption 24-5
DHCP server port-based address allocation
configuration guidelines 24-27
default configuration 24-27
described 24-26
enabling 24-27
reserved addresses 24-28
DHCP snooping
accepting untrusted packets form edge switch 24-3, 24-13
and private VLANs 24-14
binding database
See DHCP snooping binding database
configuration guidelines 24-9
default configuration 24-8
message exchange process 24-4
option 82 data insertion 24-3
trusted interface 24-2
untrusted interface 24-2
untrusted messages 24-2
DHCP snooping binding database
adding bindings 24-15
binding file
format 24-7
location 24-6
bindings 24-6
clearing agent statistics 24-15
configuration guidelines 24-9
configuring 24-15
default configuration 24-8, 24-9
deleting
binding file 24-15
bindings 24-15
database agent 24-15
described 24-6
enabling 24-15
entry 24-6
renewing database 24-15
resetting
delay value 24-15
timeout value 24-15
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 43-26
default configuration 43-26
described 43-10
enabling client function 43-29
enabling DHCPv6 server function 43-27
diagnostic schedule command 53-2
Differentiated Services architecture, QoS 38-2
Differentiated Services Code Point 38-2
Diffusing Update Algorithm (DUAL) 42-36
directed unicast requests 1-7
directories
changing A-4
creating and removing A-5
displaying the working A-4
discovery, clusters
Distance Vector Multicast Routing Protocol
distance-vector protocols 42-3
distribute-list command 42-103
DNS
and DHCP-based autoconfiguration 4-8
default configuration 7-10
displaying the configuration 7-11
in IPv6 43-4
overview 7-9
setting up 7-10
support for 1-7
DNS-based SSM mapping 49-19, 49-20
domain names
DNS 7-9
VTP 15-9
Domain Name System
domains, ISO IGRP routing 42-66
dot1q-tunnel switchport mode 14-16
double-tagged packets
IEEE 802.1Q tunneling 18-2
Layer 2 protocol tunneling 18-11
downloadable ACL 10-18, 10-20, 10-64
downloading
configuration files
reasons for A-9
using FTP A-14
using RCP A-18
using TFTP A-12
image files
deleting old image A-30
reasons for A-25
using CMS 1-3
using FTP A-32
using RCP A-37
using TFTP A-28
using the device manager or Network Assistant A-25
drop threshold for Layer 2 protocol packets 18-12
DRP
configuring 43-24
described 43-9
IPv6 43-9
DSCP input queue threshold map for QoS 38-18
DSCP output queue threshold map for QoS 38-21
DSCP-to-CoS map for QoS 38-78
DSCP-to-DSCP-mutation map for QoS 38-79
DSCP transparency 38-48
dual-action detection 40-6
DUAL finite state machine, EIGRP 42-37
dual IPv4 and IPv6 templates 8-2, 43-10
dual protocol stacks
IPv4 and IPv6 43-10
SDM templates supporting 43-10
DVMRP
autosummarization
configuring a summary address 49-59
disabling 49-61
connecting PIM domain to DVMRP router 49-51
enabling unicast routing 49-55
interoperability
with Cisco devices 49-49
with Cisco IOS software 49-9
mrinfo requests, responding to 49-54
neighbors
advertising the default route to 49-53
discovery with Probe messages 49-49
displaying information 49-54
prevent peering with nonpruning 49-57
rejecting nonpruning 49-56
overview 49-9
routes
adding a metric offset 49-62
advertising all 49-61
advertising the default route to neighbors 49-53
caching DVMRP routes learned in report messages 49-55
changing the threshold for syslog messages 49-58
favoring one over another 49-62
limiting the number injected into MBONE 49-58
limiting unicast route advertisements 49-49
routing table 49-9
source distribution tree, building 49-9
support for 1-16
tunnels
configuring 49-51
displaying neighbor information 49-54
dynamic access ports
characteristics 14-3
configuring 14-29
defined 13-3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 25-1
ARP requests, described 25-1
ARP spoofing attack 25-1
clearing
log buffer 25-15
statistics 25-15
configuration guidelines 25-6
configuring
ACLs for non-DHCP environments 25-9
in DHCP environments 25-7
log buffer 25-13
rate limit for incoming ARP packets 25-4, 25-10
default configuration 25-5
denial-of-service attacks, preventing 25-10
described 25-1
DHCP snooping binding database 25-2
displaying
statistics 25-15
error-disabled state for exceeding rate limit 25-4
function of 25-2
interface trust states 25-3
log buffer
clearing 25-15
configuring 25-13
logging of dropped packets, described 25-5
man-in-the middle attack, described 25-2
network security issues and interface trust states 25-3
priority of ARP ACLs and DHCP snooping entries 25-4
rate limiting of ARP packets
configuring 25-10
described 25-4
error-disabled state 25-4
statistics
clearing 25-15
displaying 25-15
validation checks, performing 25-12
dynamic auto trunking mode 14-16
dynamic desirable trunking mode 14-16
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 14-27
reconfirming 14-30
troubleshooting 14-32
types of connections 14-29
dynamic routing 42-3
ISO CLNS 42-65
Dynamic Trunking Protocol
E
EAC 12-2
EBGP 42-45
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-8
EEM 3.2 36-5
EIGRP
authentication 42-42
components 42-37
configuring 42-40
default configuration 42-38
definition 42-36
interface parameters, configuring 42-41
monitoring 42-44
stub routing 42-43
support for 1-15
EIGRP IPv6 43-12
elections
ELIN location 30-3
embedded event manager
3.2 36-5
actions 36-4
displaying information 36-8
environmental variables 36-5
event detectors 36-3
policies 36-4
registering and defining an applet 36-6
registering and defining a TCL script 36-7
understanding 36-1
enable password 9-3
enable secret password 9-3
encryption, CipherSuite 9-53
encryption for passwords 9-3
Endpoint Admission Control (EAC) 12-2
Enhanced IGRP
enhanced object tracking
backup static routing 47-12
defined 47-1
DHCP primary interface 47-11
HSRP 47-7
IP routing state 47-2
IP SLAs 47-9
line-protocol state 47-2
network monitoring with IP SLAs 47-11
routing policy, configuring 47-12
static route primary interface 47-10
tracked lists 47-3
enhanced object tracking static routing 47-10
enhanced PoE 1-16, 13-7, 13-30
environmental variables, embedded event manager 36-5
environment variables, function of 4-22
equal-cost routing 1-15, 42-93
error-disabled state, BPDU 21-2
error messages during command entry 2-4
EtherChannel
automatic creation of 40-5, 40-7
channel groups
binding physical and logical interfaces 40-4
numbering of 40-4
configuration guidelines 40-12
configuring
Layer 2 interfaces 40-13
Layer 3 physical interfaces 40-16
Layer 3 port-channel logical interfaces 40-15
default configuration 40-11
described 40-2
displaying status 40-23
forwarding methods 40-8, 40-18
IEEE 802.3ad, described 40-7
interaction
with STP 40-12
with VLANs 40-12
LACP
described 40-7
displaying status 40-23
hot-standby ports 40-21
interaction with other features 40-8
modes 40-7
port priority 40-22
system priority 40-21
Layer 3 interface 42-5
logical interfaces, described 40-4
PAgP
aggregate-port learners 40-19
described 40-5
displaying status 40-23
interaction with other features 40-7
interaction with virtual switches 40-6
learn method and priority configuration 40-19
modes 40-6
support for 1-5
with dual-action detection 40-6
port-channel interfaces
described 40-4
numbering of 40-4
port groups 13-6
stack changes, effects of 40-10
support for 1-5
EtherChannel guard
described 21-10
disabling 21-18
enabling 21-17
Ethernet management port
active link 13-18
and routing 13-19
and routing protocols 13-19
and TFTP 13-21
configuring 13-20
connecting to 2-10
default setting 13-19
described 13-18
for network management 13-18
specifying 13-20
supported features 13-20
unsupported features 13-20
Ethernet management port, internal
and routing 13-19
and routing protocols 13-19
unsupported features 13-20
Ethernet VLANs
adding 14-8
defaults and ranges 14-7
modifying 14-8
EUI 43-4
event detectors, embedded event manager 36-3
events, RMON 33-4
examples
network configuration 1-21
expedite queue for QoS 38-91
Express Setup 1-2
See also getting started guide
extended crashinfo file 52-25
extended-range VLANs
configuration guidelines 14-11
configuring 14-10
creating 14-12
creating with an internal VLAN ID 14-13
defined 14-1
extended system ID
MSTP 20-19
extended universal identifier
Extensible Authentication Protocol over LAN 10-2
external BGP
external neighbors, BGP 42-49
F
Fa0 port
failover support 1-9
fallback bridging
and protected ports 51-4
bridge groups
creating 51-4
described 51-2
function of 51-2
number supported 51-4
removing 51-5
configuration guidelines 51-4
connecting interfaces with 13-12
default configuration 51-3
described 51-1
frame forwarding
flooding packets 51-2
forwarding packets 51-2
overview 51-1
protocol, unsupported 51-4
stack changes, effects of 51-3
STP
disabling on an interface 51-9
forward-delay interval 51-8
hello BPDU interval 51-8
interface priority 51-6
keepalive messages 19-2
maximum-idle interval 51-9
path cost 51-7
VLAN-bridge spanning-tree priority 51-6
VLAN-bridge STP 51-2
support for 1-15
SVIs and routed ports 51-1
unsupported protocols 51-4
VLAN-bridge STP 19-11
Fast Convergence 23-3
fastethernet0 port
Fast Uplink Transition Protocol 21-6
features, incompatible 29-12
FIB 42-91
fiber-optic, detecting unidirectional links 31-1
files
basic crashinfo
description 52-26
location 52-26
copying A-5
crashinfo, description 52-25
deleting A-6
displaying the contents of A-8
extended crashinfo
description 52-26
location 52-26
tar
creating A-7
displaying the contents of A-7
extracting A-8
image file format A-26
file system
displaying available file systems A-2
displaying file information A-4
local file system names A-1
network file system names A-5
setting the default A-3
filtering
in a VLAN 37-31
non-IP traffic 37-29
show and more command output 2-9
filtering show and more command output 2-9
filters, IP
flash device, number of A-1
flexible authentication ordering
configuring 10-67
overview 10-31
Flex Link Multicast Fast Convergence 23-3
Flex Links
configuring 23-9
configuring preferred VLAN 23-12
configuring VLAN load balancing 23-11
default configuration 23-8
description 23-2
link load balancing 23-2
monitoring 23-14
VLANs 23-2
flooded traffic, blocking 29-8
flow-based packet classification 1-14
flowcharts
QoS classification 38-7
QoS egress queueing and scheduling 38-19
QoS ingress queueing and scheduling 38-16
QoS policing and marking 38-11
flowcontrol
configuring 13-25
described 13-25
forward-delay time
MSTP 20-25
STP 19-23
Forwarding Information Base
forwarding nonroutable protocols 51-1
FTP
configuration files
downloading A-14
overview A-13
preparing the server A-14
uploading A-16
image files
deleting old image A-34
downloading A-32
preparing the server A-31
uploading A-34
G
general query 23-5
Generating IGMP Reports 23-3
get-next-request operation 35-4
get-request operation 35-4
Gigabit modules
global leave, IGMP 26-13
guest VLAN and IEEE 802.1x 10-21
guide mode 1-3
GUIs
See device manager and Network Assistant
H
hardware limitations and Layer 3 interfaces 13-32
hello time
MSTP 20-24
STP 19-22
help, for the command line 2-3
hierarchical policy maps 38-9
configuration guidelines 38-40
configuring 38-65
described 38-12
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 34-10
host names in clusters 6-13
host ports
configuring 17-11
kinds of 17-2
hosts, limit on dynamic ports 14-32
Hot Standby Router Protocol
HP OpenView 1-6
HSRP
authentication string 45-10
automatic cluster recovery 6-12
binding to cluster group 45-12
cluster standby group considerations 6-11
command-switch redundancy 1-1, 1-9
configuring 45-5
default configuration 45-5
definition 45-1
guidelines 45-6
monitoring 45-13
object tracking 47-7
overview 45-1
priority 45-8
routing redundancy 1-15
support for ICMP redirect messages 45-12
switch stack considerations 45-5
timers 45-10
tracking 45-8
See also clusters, cluster standby group, and standby command switch
HSRP for IPv6
configuring 43-37
guidelines 43-36
HTTP(S) Over IPv6 43-14
HTTP over SSL
HTTPS
configuring 9-55
described 9-51
self-signed certificate 9-52
HTTP secure server 9-51
I
IBPG 42-45
ICMP
IPv6 43-4
redirect messages 42-13
support for 1-15
time-exceeded messages 52-18
traceroute and 52-18
unreachable messages 37-21
unreachable messages and IPv6 39-5
unreachables and ACLs 37-22
ICMP Echo operation
configuring 46-11
IP SLAs 46-11
ICMP ping
executing 52-15
overview 52-15
ICMP Router Discovery Protocol
ICMPv6 43-4
IDS appliances
and ingress RSPAN 32-25
and ingress SPAN 32-16
IEEE 802.1D
IEEE 802.1p 16-1
IEEE 802.1Q
and trunk ports 13-3
configuration limitations 14-17
encapsulation 14-15
native VLAN for untagged traffic 14-22
tunneling
compatibility with other features 18-6
defaults 18-4
described 18-1
tunnel ports with other features 18-6
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3af
IEEE 802.3x flow control 13-25
ifIndex values, SNMP 35-5
IFS 1-7
IGMP
configurable leave timer
described 26-6
enabling 26-12
configuring the switch
as a member of a group 49-39
statically connected member 49-44
controlling access to groups 49-40
default configuration 49-39
fast switching 49-44
flooded multicast traffic
controlling the length of time 26-13
disabling on an interface 26-14
global leave 26-13
query solicitation 26-13
recovering from flood mode 26-13
host-query interval, modifying 49-42
joining multicast group 26-3
join messages 26-3
leave processing, enabling 26-11, 27-9
leaving multicast group 26-5
multicast reachability 49-39
overview 49-3
queries 26-4
report suppression
described 26-6
supported versions 26-3
support for 1-5
Version 1
changing to Version 2 49-41
described 49-3
Version 2
changing to Version 1 49-41
described 49-3
maximum query response time value 49-43
pruning groups 49-43
query timeout value 49-43
IGMP filtering
configuring 26-25
default configuration 26-25
described 26-24
support for 1-5
IGMP groups
configuring filtering 26-28
setting the maximum number 26-27
IGMP helper 49-6
IGMP Immediate Leave
configuration guidelines 26-12
described 26-6
enabling 26-11
IGMP profile
applying 26-26
configuration mode 26-25
configuring 26-26
IGMP snooping
and address aliasing 26-2
and stack changes 26-7
configuring 26-7
default configuration 26-7, 27-6
definition 26-2
enabling and disabling 26-8, 27-7
global configuration 26-8
Immediate Leave 26-6
in the switch stack 26-7
method 26-8
querier
configuration guidelines 26-15
configuring 26-15
supported versions 26-3
support for 1-5
VLAN configuration 26-8
IGMP throttling
configuring 26-28
default configuration 26-25
described 26-25
displaying action 26-29
IGP 42-26
Immediate Leave, IGMP
described 26-6
enabling 27-9
inaccessible authentication bypass
802.1x 10-23
support for multiauth ports 10-23
initial configuration
defaults 1-19
Express Setup 1-2
interface
number 13-13
range macros 13-16
interface command13-12to 13-14
interface configuration
REP 22-9
interfaces
auto-MDIX, configuring 13-26
configuring
procedure 13-13
counters, clearing 13-41
default configuration 13-22
described 13-31
descriptive name, adding 13-31
displaying information about 13-40
duplex and speed configuration guidelines 13-23
flow control 13-25
management 1-6
monitoring 13-40
naming 13-31
physical, identifying 13-12
range of 13-14
restarting 13-42
shutting down 13-42
speed and duplex, configuring 13-24
status 13-40
supported 13-12
types of 13-1
interfaces range macro command 13-16
interface types 13-12
Interior Gateway Protocol
internal BGP
internal neighbors, BGP 42-49
internal power supplies
Internet Control Message Protocol
Internet Group Management Protocol
Internet Protocol version 6
Inter-Switch Link
Intrusion Detection System
inventory management TLV 30-3
IP ACLs
for QoS classification 38-7
implicit masks 37-10
named 37-15
undefined 37-22
IP addresses
128-bit 43-2
classes of 42-7
cluster access 6-2
command switch 6-3, 6-11, 6-13
default configuration 42-6
discovering 7-25
for IP routing 42-6
IPv6 43-2
MAC address association 42-10
monitoring 42-19
redundant clusters 6-11
standby command switch 6-11, 6-13
IP base feature set 1-1
IP broadcast address 42-17
ip cef distributed command 42-91
IP directed broadcasts 42-15
ip igmp profile command 26-25
IP information
assigned
manually 4-15
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP multicast routing
addresses
all-hosts 49-3
all-multicast-routers 49-3
host group address range 49-3
administratively-scoped boundaries, described 49-47
and IGMP snooping 26-2
Auto-RP
adding to an existing sparse-mode cloud 49-26
benefits of 49-26
configuration guidelines 49-12
filtering incoming RP announcement messages 49-28
overview 49-7
preventing candidate RP spoofing 49-28
preventing join messages to false RPs 49-28
setting up in a new internetwork 49-26
using with BSR 49-34
bootstrap router
configuration guidelines 49-12
configuring candidate BSRs 49-32
configuring candidate RPs 49-33
defining the IP multicast boundary 49-31
defining the PIM domain border 49-30
overview 49-7
using with Auto-RP 49-34
Cisco implementation 49-2
configuring
basic multicast routing 49-12
IP multicast boundary 49-47
default configuration 49-11
enabling
PIM mode 49-13
group-to-RP mappings
Auto-RP 49-7
BSR 49-7
MBONE
described 49-46
enabling sdr listener support 49-46
limiting DVMRP routes advertised 49-58
limiting sdr cache entry lifetime 49-46
SAP packets for conference session announcement 49-46
Session Directory (sdr) tool, described 49-46
multicast forwarding, described 49-8
PIMv1 and PIMv2 interoperability 49-11
protocol interaction 49-2
reverse path check (RPF) 49-8
RP
assigning manually 49-24
configuring Auto-RP 49-26
configuring PIMv2 BSR 49-30
monitoring mapping information 49-35
using Auto-RP and BSR 49-34
stacking
stack master functions 49-10
stack member functions 49-10
statistics, displaying system and network 49-63
IP phones
and QoS 16-1
automatic classification and queueing 38-23
configuring 16-4
ensuring port security with QoS 38-46
trusted boundary for QoS 38-46
IP Port Security for Static Hosts
on a Layer 2 access port 24-21
on a PVLAN host port 24-24
IP precedence 38-2
IP-precedence-to-DSCP map for QoS 38-76
IP protocols
routing 1-15
IP routes, monitoring 42-106
IP routing
connecting interfaces with 13-12
disabling 42-20
enabling 42-20
IP Service Level Agreements
IP service levels, analyzing 46-1
IP services feature set 1-1
IP SLAs
benefits 46-2
configuration guidelines 46-6
configuring object tracking 47-9
Control Protocol 46-4
default configuration 46-6
definition 46-1
ICMP echo operation 46-11
measuring network performance 46-3
monitoring 46-13
multioperations scheduling 46-5
object tracking 47-9
operation 46-3
reachability tracking 47-9
responder
described 46-4
enabling 46-7
response time 46-4
scheduling 46-5
SNMP support 46-2
supported metrics 46-2
threshold monitoring 46-6
track object monitoring agent, configuring 47-11
track state 47-9
UDP jitter operation 46-8
IP source guard
and 802.1x 24-19
and DHCP snooping 24-16
and port security 24-19
and private VLANs 24-19
and routed ports 24-18
and TCAM entries 24-19
and trunk interfaces 24-18
and VRF 24-19
binding configuration
automatic 24-16
manual 24-16
binding table 24-16
configuration guidelines 24-18
default configuration 24-18
described 24-16
disabling 24-20
displaying
bindings 24-26
configuration 24-26
filtering
source IP address 24-17
source IP and MAC address 24-17
source IP address filtering 24-17
source IP and MAC address filtering 24-17
static bindings
deleting 24-20
static hosts 24-21
IP traceroute
executing 52-18
overview 52-18
IP unicast routing
address resolution 42-10
administrative distances 42-94, 42-103
ARP 42-10
assigning IP addresses to Layer 3 interfaces 42-7
authentication keys 42-104
broadcast
address 42-17
flooding 42-18
packets 42-15
storms 42-15
classless routing 42-8
configuring static routes 42-93
default
addressing configuration 42-6
gateways 42-13
networks 42-94
routes 42-94
routing 42-3
directed broadcasts 42-15
disabling 42-20
dynamic routing 42-3
enabling 42-20
EtherChannel Layer 3 interface 42-5
IGP 42-26
inter-VLAN 42-2
IP addressing
classes 42-7
configuring 42-6
IPv6 43-3
IRDP 42-13
Layer 3 interfaces 42-5
MAC address and IP address 42-10
passive interfaces 42-102
protocols
distance-vector 42-3
dynamic 42-3
link-state 42-3
proxy ARP 42-10
redistribution 42-95
reverse address resolution 42-10
routed ports 42-5
static routing 42-3
steps to configure 42-5
subnet mask 42-7
subnet zero 42-8
supernet 42-8
UDP 42-16
unicast reverse path forwarding 1-16, 42-90
with SVIs 42-5
IPv4 ACLs
applying to interfaces 37-20
extended, creating 37-11
named 37-15
standard, creating 37-10
IPv4 and IPv6
port-based trust 8-2
IPv6
ACLs
displaying 39-9
limitations 39-3
matching criteria 39-3
port 39-2
precedence 39-2
router 39-2
supported 39-3
addresses 43-2
address formats 43-2
and switch stacks 43-15
applications 43-9
assigning address 43-17
autoconfiguration 43-9
CEFv6 43-30
default configuration 43-16
default router preference (DRP) 43-9
defined 43-2
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 43-12
EIGRP IPv6 Commands 43-13
Router ID 43-12
feature limitations 43-14
features not supported 43-14
forwarding 43-17
ICMP 43-4
monitoring 43-39
neighbor discovery 43-4
OSPF 43-11
path MTU discovery 43-4
stack master functions 43-15
Stateless Autoconfiguration 43-9
supported features 43-3
switch limitations 43-14
understanding static routes 43-11
IPv6 traffic, filtering 39-4
IRDP
configuring 42-14
definition 42-13
support for 1-15
IS-IS
addresses 42-66
area routing 42-66
default configuration 42-67
monitoring 42-75
show commands 42-75
system routing 42-66
ISL
and IPv6 43-3
and trunk ports 13-3
trunking with IEEE 802.1 tunneling 18-5
ISO CLNS
clear commands 42-75
dynamic routing protocols 42-65
monitoring 42-75
NETs 42-65
NSAPs 42-65
OSI standard 42-65
ISO IGRP
area routing 42-66
system routing 42-66
isolated port 17-2
J
join messages, IGMP 26-3
K
KDC
described 9-42
keepalive messages 19-2
Kerberos
authenticating to
boundary switch 9-44
KDC 9-44
network services 9-45
configuration examples 9-41
configuring 9-45
credentials 9-42
described 9-42
KDC 9-42
operation 9-44
realm 9-43
server 9-43
support for 1-13
switch as trusted third party 9-41
terms 9-42
TGT 9-43
tickets 9-42
key distribution center
L
l2protocol-tunnel command 18-14
LACP
Layer 2 protocol tunneling 18-10
Layer 2 frames, classification with CoS 38-2
Layer 2 interfaces, default configuration 13-22
Layer 2 protocol tunneling
configuring 18-11
configuring for EtherChannels 18-15
default configuration 18-12
defined 18-8
guidelines 18-13
Layer 2 traceroute
and ARP 52-17
and CDP 52-17
broadcast traffic 52-16
described 52-16
IP addresses and subnets 52-17
MAC addresses and VLANs 52-17
multicast traffic 52-17
multiple devices on a port 52-17
unicast traffic 52-16
usage guidelines 52-17
Layer 3 features 1-15
Layer 3 interfaces
assigning IP addresses to 42-7
assigning IPv4 and IPv6 addresses to 43-25
assigning IPv6 addresses to 43-17
changing from Layer 2 mode 42-82
types of 42-5
Layer 3 packets, classification methods 38-2
LDAP 3-2
Leaking IGMP Reports 23-4
LEDs, switch
See hardware installation guide
Lightweight Directory Access Protocol
Link Aggregation Control Protocol
Link Failure, detecting unidirectional 20-7
link integrity, verifying with REP 22-3
Link Layer Discovery Protocol
link local unicast addresses 43-4
link redundancy
links, unidirectional 31-1
link state advertisements (LSAs) 42-32
link-state protocols 42-3
link-state tracking
configuring 40-25
described 40-23
LLDP
configuring 30-5
characteristics 30-7
default configuration 30-5
enabling 30-6
monitoring and maintaining 30-11
overview 30-1
supported TLVs 30-2
switch stack considerations 30-2
transmission timer and holdtime, setting 30-7
LLDP-MED
configuring
procedures 30-5
TLVs 30-8
monitoring and maintaining 30-11
supported TLVs 30-2
LLDP Media Endpoint Discovery
load balancing 45-4
local SPAN 32-2
location TLV 30-3
logging messages, ACL 37-9
login authentication
with RADIUS 9-31
with TACACS+ 9-14
login banners 7-11
log messages
Long-Reach Ethernet (LRE) technology 1-34
loop guard
described 21-11
enabling 21-19
support for 1-9
LRE profiles, considerations in switch clusters 6-16
M
MAC/PHY configuration status TLV 30-2
MAC addresses
aging time 7-15
and VLAN association 7-14
building the address table 7-14
default configuration 7-15
disabling learning on a VLAN 7-24
discovering 7-25
displaying 7-25
displaying in the IP source binding table 24-26
dynamic
learning 7-14
removing 7-16
in ACLs 37-29
IP address association 42-10
static
adding 7-21
characteristics of 7-21
dropping 7-23
removing 7-22
MAC address learning 1-7
MAC address learning, disabling on a VLAN 7-24
MAC address notification, support for 1-17
MAC address-table move update
configuration guidelines 23-8
configuring 23-12
default configuration 23-8
description 23-6
monitoring 23-14
MAC address-to-VLAN mapping 14-26
MAC authentication bypass 10-16
MAC extended access lists
applying to Layer 2 interfaces 37-30
configuring for QoS 38-55
creating 37-29
defined 37-29
for QoS classification 38-5
MACSec 12-2
magic packet 10-29
manageability features 1-7
management access
in-band
browser session 1-8
CLI session 1-8
device manager 1-8
SNMP 1-8
out-of-band console port connection 1-8
management address TLV 30-2
management options
CLI 2-1
clustering 1-4
CNS 3-1
Network Assistant 1-3
overview 1-6
switch stacks 1-3
management VLAN
considerations in switch clusters 6-7
discovery through different management VLANs 6-7
manual preemption, REP, configuring 22-13
mapping tables for QoS
configuring
CoS-to-DSCP 38-75
DSCP 38-75
DSCP-to-CoS 38-78
DSCP-to-DSCP-mutation 38-79
IP-precedence-to-DSCP 38-76
policed-DSCP 38-77
described 38-13
marking
action in policy map 38-60
action with aggregate policers 38-73
matching IPv4 ACLs 37-8
maximum aging time
MSTP 20-26
STP 19-23
maximum hop count, MSTP 20-26
maximum number of allowed devices, port-based authentication 10-40
maximum-paths command 42-53, 42-93
MDA
configuration guidelines10-32to 10-33
exceptions with authentication process 10-4
membership mode, VLAN port 14-3
member switch
automatic discovery 6-5
defined 6-2
managing 6-16
passwords 6-13
recovering from lost connectivity 52-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 7-11
metrics, in BGP 42-53
metric translations, between routing protocols 42-98
metro tags 18-2
MHSRP 45-4
MIBs
overview 35-1
SNMP interaction with 35-4
mini-point-of-presence
mirroring traffic for analysis 32-1
mismatches, autonegotiation 52-13
module number 13-13
monitoring
access groups 37-43
BGP 42-64
cables for unidirectional links 31-1
CDP 28-5
CEF 42-92
EIGRP 42-44
fallback bridging 51-10
features 1-17
Flex Links 23-14
HSRP 45-13
IEEE 802.1Q tunneling 18-19
IGMP
interfaces 13-40
IP
address tables 42-19
multicast routing 49-63
routes 42-106
IP SLAs operations 46-13
IPv4 ACL configuration 37-43
IPv6 43-39
IPv6 ACL configuration 39-9
IS-IS 42-75
ISO CLNS 42-75
Layer 2 protocol tunneling 18-19
MAC address-table move update 23-14
MSDP peers 50-19
multicast router interfaces 26-17
multi-VRF CE 42-90
network traffic for analysis with probe 32-2
object tracking 47-13
OSPF 42-36
private VLANs 17-15
REP 22-14
RP mapping information 49-35
SFP status 52-14
source-active messages 50-19
speed and duplex mode 13-24
SSM mapping 49-22
traffic flowing among switches 33-1
traffic suppression 29-21
tunneling 18-19
VLAN
filters 37-44
maps 37-44
VLANs 14-14
VMPS 14-31
VTP 15-17
mrouter Port 23-3
mrouter port 23-5
MSDP
benefits of 50-3
clearing MSDP connections and statistics 50-19
controlling source information
forwarded by switch 50-12
originated by switch 50-8
received by switch 50-14
default configuration 50-4
dense-mode regions
sending SA messages to 50-17
specifying the originating address 50-18
filtering
incoming SA messages 50-14
SA messages to a peer 50-12
SA requests from a peer 50-11
join latency, defined 50-6
meshed groups
configuring 50-16
defined 50-16
originating address, changing 50-18
overview 50-1
peer-RPF flooding 50-2
peers
configuring a default 50-4
monitoring 50-19
peering relationship, overview 50-1
requesting source information from 50-8
shutting down 50-16
source-active messages
caching 50-6
defined 50-2
filtering from a peer 50-11
filtering incoming 50-14
filtering to a peer 50-12
limiting data with TTL 50-14
restricting advertised sources 50-9
support for 1-16
MSTP
boundary ports
configuration guidelines 20-16
described 20-6
BPDU filtering
described 21-3
enabling 21-15
BPDU guard
described 21-2
enabling 21-14
CIST, described 20-3
CIST root 20-5
configuration guidelines 20-15, 21-12
configuring
forward-delay time 20-25
hello time 20-24
link type for rapid convergence 20-27
maximum aging time 20-26
maximum hop count 20-26
MST region 20-17
neighbor type 20-27
path cost 20-23
port priority 20-21
root switch 20-19
secondary root switch 20-20
switch priority 20-24
CST
defined 20-3
operations between regions 20-4
default configuration 20-15
default optional feature configuration 21-12
displaying status 20-28
enabling the mode 20-17
EtherChannel guard
described 21-10
enabling 21-17
extended system ID
effects on root switch 20-19
effects on secondary root switch 20-20
unexpected behavior 20-19
IEEE 802.1s
implementation 20-6
port role naming change 20-6
terminology 20-5
instances supported 19-10
interface state, blocking to forwarding 21-2
interoperability and compatibility among modes 19-11
interoperability with IEEE 802.1D
described 20-8
restarting migration process 20-28
IST
defined 20-2
master 20-3
operations within a region 20-3
loop guard
described 21-11
enabling 21-19
mapping VLANs to MST instance 20-17
MST region
CIST 20-3
configuring 20-17
described 20-2
hop-count mechanism 20-5
IST 20-2
supported spanning-tree instances 20-2
optional features supported 1-9
overview 20-2
Port Fast
described 21-2
enabling 21-13
preventing root switch selection 21-10
root guard
described 21-10
enabling 21-18
root switch
configuring 20-19
effects of extended system ID 20-19
unexpected behavior 20-19
shutdown Port Fast-enabled port 21-2
stack changes, effects of 20-8
status, displaying 20-28
MTU
system 13-35
system jumbo 13-35
system routing 13-35
multiauth
support for inaccessible authentication bypass 10-23
multiauth mode
See multiple-authentication mode
multicast groups
Immediate Leave 26-6
joining 26-3
leaving 26-5
multicast packets
ACLs on 37-42
blocking 29-8
multicast router interfaces, monitoring 26-17
multicast router ports, adding 26-10, 27-8
Multicast Source Discovery Protocol
multicast storm 29-1
multicast storm-control command 29-4
multicast television application 26-19
multicast VLAN 26-18
Multicast VLAN Registration
multidomain authentication
multioperations scheduling, IP SLAs 46-5
multiple authentication 10-12
Multiple HSRP
multiple VPN routing/forwarding in customer edge devices
multi-VRF CE
configuration example 42-86
configuration guidelines 42-78
configuring 42-78
default configuration 42-78
defined 42-75
displaying 42-90
monitoring 42-90
network components 42-78
packet-forwarding process 42-77
support for 1-15
MVR
and address aliasing 26-21
and IGMPv3 26-21
configuring interfaces 26-22
default configuration 26-20
described 26-18
example application 26-19
in the switch stack 26-20
modes 26-22
multicast television application 26-19
setting global parameters 26-21
support for 1-5
N
NAC
AAA down policy 1-12
critical authentication 10-23, 10-56
IEEE 802.1x authentication using a RADIUS server 10-61
IEEE 802.1x validation using RADIUS server 10-61
inaccessible authentication bypass 1-12, 10-56
Layer 2 IEEE 802.1x validation 1-12, 10-61
Layer 2 IEEE802.1x validation 10-30
Layer 2 IP validation 1-12
named IPv4 ACLs 37-15
named IPv6 ACLs 39-3
NameSpace Mapper
native VLAN
and IEEE 802.1Q tunneling 18-4
configuring 14-22
default 14-22
NDAC 12-2
NEAT
configuring 10-62
overview 10-33
neighbor discovery, IPv6 43-4
neighbor discovery/recovery, EIGRP 42-37
neighbor offset numbers, REP 22-4
neighbors, BGP 42-59
Network Admission Control
Network Assistant
benefits 1-2
described 1-6
downloading image files 1-3
guide mode 1-3
management options 1-3
managing switch stacks 5-3, 5-17
upgrading a switch A-25
wizards 1-3
network configuration examples
cost-effective wiring closet 1-23
high-performance wiring closet 1-24
increasing network performance 1-22
large network 1-31
long-distance, high-bandwidth transport 1-35
multidwelling network 1-34
providing network services 1-22
redundant Gigabit backbone 1-27
server aggregation and Linux server cluster 1-27
small to medium-sized network 1-29
network design
performance 1-22
services 1-22
Network Device Admission Control (NDAC) 12-2
Network Edge Access Topology
network management
CDP 28-1
RMON 33-1
SNMP 35-1
network performance, measuring with IP SLAs 46-3
network policy TLV 30-2
Network Time Protocol
no commands 2-4
nonhierarchical policy maps
configuration guidelines 38-40
configuring 38-60
described 38-10
non-IP traffic filtering 37-29
nontrunking mode 14-16
normal-range VLANs 14-4
configuration guidelines 14-5
configuring 14-4
defined 14-1
no switchport command 13-4
not-so-stubby areas
NSAPs, as ISO IGRP addresses 42-66
NSF Awareness
IS-IS 42-68
NSM 3-3
NSSA, OSPF 42-32
NTP
associations
defined 7-2
overview 7-2
stratum 7-2
support for 1-7
time
services 7-2
synchronizing 7-2
O
OBFL
configuring 52-28
described 52-28
displaying 52-29
object tracking
HSRP 47-7
IP SLAs 47-9
IP SLAs, configuring 47-9
monitoring 47-13
offline configuration for switch stacks 5-8
off mode, VTP 15-3
on-board failure logging
online diagnostics
described 53-1
overview 53-1
running tests 53-5
open1x
configuring 10-67
open1x authentication
overview 10-31
Open Shortest Path First
optimizing system resources 8-1
options, management 1-6
OSPF
area parameters, configuring 42-32
configuring 42-30
default configuration
metrics 42-33
route 42-33
settings 42-27
described 42-26
for IPv6 43-11
interface parameters, configuring 42-31
LSA group pacing 42-35
monitoring 42-36
router IDs 42-35
route summarization 42-33
support for 1-15
virtual links 42-33
out-of-profile markdown 1-14
P
packet modification, with QoS 38-22
PAgP
Layer 2 protocol tunneling 18-10
parallel paths, in routing tables 42-93
passive interfaces
configuring 42-102
OSPF 42-34
passwords
default configuration 9-2
disabling recovery of 9-5
encrypting 9-3
for security 1-10
in clusters 6-14
overview 9-1
recovery of 52-3
setting
enable 9-3
enable secret 9-3
Telnet 9-6
with usernames 9-7
VTP domain 15-9
path cost
MSTP 20-23
STP 19-20
path MTU discovery 43-4
PBR
defined 42-98
enabling 42-100
fast-switched policy-based routing 42-101
local policy-based routing 42-101
PC (passive command switch) 6-10
peers, BGP 42-59
percentage thresholds in tracked lists 47-6
performance, network design 1-22
performance features 1-4
persistent self-signed certificate 9-52
per-user ACLs and Filter-Ids 10-8
per-VLAN spanning-tree plus
PE to CE routing, configuring 42-85
physical ports 13-2
PIM
default configuration 49-11
dense mode
overview 49-4
rendezvous point (RP), described 49-5
RPF lookups 49-9
enabling a mode 49-13
overview 49-4
router-query message interval, modifying 49-38
shared tree and source tree, overview 49-36
shortest path tree, delaying the use of 49-37
sparse mode
join messages and shared tree 49-5
overview 49-5
prune messages 49-5
RPF lookups 49-9
stub routing
configuration guidelines 49-22
enabling 49-23
overview 49-5
support for 1-16
versions
interoperability 49-11
troubleshooting interoperability problems 49-35
v2 improvements 49-4
PIM-DVMRP, as snooping method 26-9
ping
character output description 52-16
executing 52-15
overview 52-15
PoE
auto mode 13-9
CDP with power consumption, described 13-7
CDP with power negotiation, described 13-7
Cisco intelligent power management 13-7
configuring 13-27
devices supported 13-7
high-power devices operating in low-power mode 13-7
IEEE power classification levels 13-8
monitoring 13-10
monitoring power 13-30
policing power consumption 13-30
policing power usage 13-10
power budgeting 13-28
power consumption 13-28
powered-device detection and initial power allocation 13-8
power management modes 13-9
power negotiation extensions to CDP 13-7
standards supported 13-7
static mode 13-9
supported watts per port 13-7
troubleshooting 52-13
policed-DSCP map for QoS 38-77
policers
configuring
for each matched traffic class 38-60
for more than one traffic class 38-73
described 38-4
number of 38-41
types of 38-10
policing
described 38-4
hierarchical
token-bucket algorithm 38-10
policy-based routing
policy maps for QoS
characteristics of 38-60
described 38-8
hierarchical 38-9
hierarchical on SVIs
configuration guidelines 38-40
configuring 38-65
described 38-12
nonhierarchical on physical ports
configuration guidelines 38-40
configuring 38-60
described 38-10
POP 1-34
port ACLs
defined 37-2
types of 37-3
Port Aggregation Protocol
port-based authentication
accounting 10-14
authentication server
RADIUS server 10-3
configuration guidelines 10-38, 11-9
configuring
802.1x authentication 10-43
guest VLAN 10-53
host mode 10-46
inaccessible authentication bypass 10-56
manual re-authentication of a client 10-48
periodic re-authentication 10-47
quiet period 10-49
RADIUS server parameters on the switch 10-45, 11-12
restricted VLAN 10-55
switch-to-client frame-retransmission number 10-50, 10-51
switch-to-client retransmission time 10-49
violation modes 10-43
default configuration 10-36, 11-9
described 10-1
displaying statistics 10-69, 11-17
downloadable ACLs and redirect URLs
configuring10-64to10-66, ??to 10-66
EAPOL-start frame 10-6
EAP-request/identity frame 10-6
EAP-response/identity frame 10-6
enabling
802.1X authentication 11-12
encapsulation 10-3
flexible authentication ordering
configuring 10-67
overview 10-31
guest VLAN
configuration guidelines 10-22, 10-23
described 10-21
host mode 10-12
inaccessible authentication bypass
configuring 10-56
described 10-23
guidelines 10-39
initiation and message exchange 10-6
magic packet 10-29
maximum number of allowed devices per port 10-40
method lists 10-43
multiple authentication 10-12
multiple-hosts mode, described 10-12
per-user ACLs
AAA authorization 10-43
configuration tasks 10-18
described 10-17
RADIUS server attributes 10-18
ports
authorization state and dot1x port-control command 10-11
authorized and unauthorized 10-10
voice VLAN 10-28
port security
described 10-28
readiness check
configuring 10-40
resetting to default values 10-69
stack changes, effects of 10-11
statistics, displaying 10-69
switch
RADIUS client 10-3
switch supplicant
configuring 10-62
overview 10-33
user distribution
guidelines 10-27
overview 10-27
VLAN assignment
AAA authorization 10-43
characteristics 10-16
configuration tasks 10-17
described 10-16
voice aware 802.1x security
configuring 10-41
voice VLAN
described 10-28
PVID 10-28
VVID 10-28
wake-on-LAN, described 10-29
port-based authentication methods, supported 10-8
port-based trust
IPv4 and IPv6 8-2
port-channel
port description TLV 30-2
Port Fast
described 21-2
enabling 21-13
mode, spanning tree 14-28
support for 1-9
port membership modes, VLAN 14-3
port priority
MSTP 20-21
STP 19-18
ports
10-Gigabit Ethernet 13-6
access 13-3
blocking 29-7
dynamic access 14-3
protected 29-6
REP 22-6
routed 13-4
secure 29-9
switch 13-2
VLAN assignments 14-9
port security
aging 29-17
and other features 29-11
and private VLANs 29-18
and QoS trusted boundary 38-46
and stacking 29-18
configuration guidelines 29-11
configuring 29-13
default configuration 29-11
described 29-8
on trunk ports 29-14
sticky learning 29-9
violations 29-10
port-shutdown response, VMPS 14-27
port VLAN ID TLV 30-2
power management TLV 30-3
Power over Ethernet
power supply
configuring 13-37
managing 13-37
preempt delay time, REP 22-5
preemption, default configuration 23-8
preemption delay, default configuration 23-8
preferential treatment of traffic
prefix lists, BGP 42-57
preventing unauthorized access 9-1
primary edge port, REP 22-4
primary interface for object tracking, DHCP, configuring 47-11
primary interface for static routing, configuring 47-10
primary links 23-2
priority
HSRP 45-8
overriding CoS 16-7
trusting CoS 16-7
private VLAN edge ports
private VLANs
across multiple switches 17-4
and SDM template 17-4
and SVIs 17-5
and switch stacks 17-6
benefits of 17-1
community ports 17-2
configuration guidelines 17-7, 17-8
configuration tasks 17-6
configuring 17-10
default configuration 17-7
end station access to 17-3
IP addressing 17-3
isolated port 17-2
mapping 17-14
monitoring 17-15
ports
community 17-2
configuration guidelines 17-8
configuring host ports 17-11
configuring promiscuous ports 17-13
isolated 17-2
promiscuous 17-2
promiscuous ports 17-2
secondary VLANs 17-2
subdomains 17-1
traffic in 17-5
privilege levels
changing the default for lines 9-9
command switch 6-17
exiting 9-10
logging into 9-10
mapping on member switches 6-17
setting a command with 9-8
promiscuous ports
configuring 17-13
defined 17-2
protocol-dependent modules, EIGRP 42-37
Protocol-Independent Multicast Protocol
protocol storm protection 29-19
provider edge devices 42-76
provisioning new members for a switch stack 5-8
proxy ARP
configuring 42-12
definition 42-10
with IP routing disabled 42-13
proxy reports 23-4
pruning, VTP
disabling
in VTP domain 15-15
on a port 14-21
enabling
in VTP domain 15-15
on a port 14-21
examples 15-7
overview 15-6
pruning-eligible list
changing 14-21
for VTP pruning 15-6
VLANs 15-15
PVST+
described 19-10
IEEE 802.1Q trunking interoperability 19-11
instances supported 19-10
Q
QoS
and MQC commands 38-1
auto-QoS
categorizing traffic 38-24
configuration and defaults display 38-36
configuration guidelines 38-33
described 38-23
disabling 38-36
displaying generated commands 38-36
displaying the initial configuration 38-36
effects on running configuration 38-33
egress queue defaults 38-25
list of generated commands 38-26
basic model 38-4
classification
class maps, described 38-8
defined 38-4
DSCP transparency, described 38-48
flowchart 38-7
forwarding treatment 38-3
in frames and packets 38-3
MAC ACLs, described 38-5, 38-8
options for IP traffic 38-6
options for non-IP traffic 38-5
policy maps, described 38-8
trust DSCP, described 38-5
trusted CoS, described 38-5
trust IP precedence, described 38-5
class maps
configuring 38-56
configuration guidelines
auto-QoS 38-33
standard QoS 38-39
configuring
aggregate policers 38-73
auto-QoS 38-23
default port CoS value 38-46
DSCP maps 38-75
DSCP transparency 38-48
DSCP trust states bordering another domain 38-48
egress queue characteristics 38-85
ingress queue characteristics 38-81
IP extended ACLs 38-52
IP standard ACLs 38-51
MAC ACLs 38-55
policy maps, hierarchical 38-65
policy maps on physical ports 38-60
port trust states within the domain 38-44
trusted boundary 38-46
default auto configuration 38-24
default standard configuration 38-37
DSCP transparency 38-48
egress queues
allocating buffer space 38-86
buffer allocation scheme, described 38-20
configuring shaped weights for SRR 38-90
configuring shared weights for SRR 38-91
described 38-4
displaying the threshold map 38-89
flowchart 38-19
mapping DSCP or CoS values 38-88
scheduling, described 38-4
setting WTD thresholds 38-86
WTD, described 38-22
enabling globally 38-42
flowcharts
classification 38-7
egress queueing and scheduling 38-19
ingress queueing and scheduling 38-16
policing and marking 38-11
implicit deny 38-8
ingress queues
allocating bandwidth 38-83
allocating buffer space 38-83
buffer and bandwidth allocation, described 38-18
configuring shared weights for SRR 38-83
configuring the priority queue 38-84
described 38-4
displaying the threshold map 38-82
flowchart 38-16
mapping DSCP or CoS values 38-82
priority queue, described 38-18
scheduling, described 38-4
setting WTD thresholds 38-82
WTD, described 38-18
IP phones
automatic classification and queueing 38-23
detection and trusted settings 38-23, 38-46
limiting bandwidth on egress interface 38-92
mapping tables
CoS-to-DSCP 38-75
DSCP-to-CoS 38-78
DSCP-to-DSCP-mutation 38-79
IP-precedence-to-DSCP 38-76
policed-DSCP 38-77
types of 38-13
marked-down actions 38-63
overview 38-2
packet modification 38-22
policers
described 38-9
number of 38-41
types of 38-10
policies, attaching to an interface 38-9
policing
token bucket algorithm 38-10
policy maps
characteristics of 38-60
hierarchical 38-9
hierarchical on SVIs 38-65
nonhierarchical on physical ports 38-60
QoS label, defined 38-4
queues
configuring egress characteristics 38-85
configuring ingress characteristics 38-81
high priority (expedite) 38-22, 38-91
location of 38-14
SRR, described 38-15
WTD, described 38-15
rewrites 38-22
support for 1-14
trust states
bordering another domain 38-48
described 38-5
trusted device 38-46
within the domain 38-44
quality of service
queries, IGMP 26-4
query solicitation, IGMP 26-13
R
RADIUS
attributes
vendor-proprietary 9-39
vendor-specific 9-37
configuring
accounting 9-36
authentication 9-31
authorization 9-35
communication, global 9-29, 9-37
communication, per-server 9-28, 9-29
multiple UDP ports 9-29
default configuration 9-28
defining AAA server groups 9-33
displaying the configuration 9-41
identifying the server 9-28
in clusters 6-16
limiting the services to the user 9-35
method list, defined 9-28
operation of 9-20
overview 9-19
server load balancing 9-41
suggested network environments 9-19
support for 1-13
tracking services accessed by user 9-36
RADIUS Change of Authorization 9-21
range
macro 13-16
of interfaces 13-14
rapid convergence 20-10
rapid per-VLAN spanning-tree plus
rapid PVST+
described 19-10
IEEE 802.1Q trunking interoperability 19-11
instances supported 19-10
Rapid Spanning Tree Protocol
RARP 42-10
rcommand command 6-16
RCP
configuration files
downloading A-18
overview A-17
preparing the server A-17
uploading A-19
image files
deleting old image A-38
downloading A-37
preparing the server A-36
uploading A-38
reachability, tracking IP SLAs IP host 47-9
readiness check
port-based authentication
configuring 10-40
reconfirmation interval, VMPS, changing 14-30
reconfirming dynamic VLAN membership 14-30
redirect URL 10-18, 10-20, 10-64
redundancy
EtherChannel 40-3
HSRP 45-1
STP
backbone 19-9
multidrop backbone 21-5
path cost 14-25
port priority 14-23
redundant links and UplinkFast 21-16
redundant power system
See Cisco Redundant Power System 2300
reliable transport protocol, EIGRP 42-37
reloading software 4-24
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
remote SPAN 32-3
REP
administrative VLAN 22-8
administrative VLAN, configuring 22-8
age timer 22-8
and STP 22-6
configuration guidelines 22-7
configuring interfaces 22-9
convergence 22-4
default configuration 22-7
manual preemption, configuring 22-13
monitoring 22-14
neighbor offset numbers 22-4
open segment 22-2
ports 22-6
preempt delay time 22-5
primary edge port 22-4
ring segment 22-2
secondary edge port 22-4
segments 22-1
characteristics 22-2
SNMP traps, configuring 22-13
supported interfaces 22-1
triggering VLAN load balancing 22-5
verifying link integrity 22-3
VLAN blocking 22-12
VLAN load balancing 22-4
report suppression, IGMP
described 26-6
resequencing ACL entries 37-15
reserved addresses in DHCP pools 24-28
resets, in BGP 42-51
resetting a UDLD-shutdown interface 31-6
Resilient Ethernet Protocol
responder, IP SLAs
described 46-4
enabling 46-7
response time, measuring with IP SLAs 46-4
restricted VLAN
configuring 10-55
described 10-22
using with IEEE 802.1x 10-22
restricting access
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-18
TACACS+ 9-10
retry count, VMPS, changing 14-31
reverse address resolution 42-10
Reverse Address Resolution Protocol
RFC
1058, RIP 42-21
1112, IP multicast and IGMP 26-2
1157, SNMPv1 35-2
1163, BGP 42-44
1166, IP addresses 42-7
1253, OSPF 42-26
1267, BGP 42-44
1305, NTP 7-2
1587, NSSAs 42-26
1757, RMON 33-2
1771, BGP 42-44
1901, SNMPv2C 35-2
1902 to 1907, SNMPv2 35-2
2236, IP multicast and IGMP 26-2
2273-2275, SNMPv3 35-2
RFC 5176 Compliance 9-22
RIP
advertisements 42-21
authentication 42-24
configuring 42-22
default configuration 42-21
described 42-21
for IPv6 43-11
hop counts 42-21
split horizon 42-24
summary addresses 42-24
support for 1-15
RMON
default configuration 33-3
displaying status 33-7
enabling alarms and events 33-3
groups supported 33-2
overview 33-1
statistics
collecting group Ethernet 33-6
collecting group history 33-5
support for 1-17
root guard
described 21-10
enabling 21-18
support for 1-9
root switch
MSTP 20-19
STP 19-16
route calculation timers, OSPF 42-34
route dampening, BGP 42-63
routed packets, ACLs on 37-42
routed ports
configuring 42-5
defined 13-4
in switch clusters 6-8
route-map command 42-101
route maps
BGP 42-55
policy-based routing 42-99
router ACLs
defined 37-2
types of 37-4
route reflectors, BGP 42-62
router ID, OSPF 42-35
route selection, BGP 42-53
route summarization, OSPF 42-33
route targets, VPN 42-78
routing
default 42-3
dynamic 42-3
redistribution of information 42-95
static 42-3
routing domain confederation, BGP 42-62
Routing Information Protocol
routing protocol administrative distances 42-94
RPS
See Cisco Redundant Power System 2300
RPS 2300
See Cisco Redundant Power System 2300
RSPAN 32-3
and stack changes 32-11
characteristics 32-9
configuration guidelines 32-19
default configuration 32-12
destination ports 32-8
displaying status 32-31
in a switch stack 32-3
interaction with other features 32-10
monitored ports 32-7
monitoring ports 32-8
received traffic 32-6
session limits 32-13
sessions
creating 32-20
defined 32-4
limiting source traffic to specific VLANs 32-22
specifying monitored ports 32-20
with ingress traffic enabled 32-25
source ports 32-7
transmitted traffic 32-6
VLAN-based 32-7
RSTP
active topology 20-9
BPDU
format 20-12
processing 20-13
designated port, defined 20-9
designated switch, defined 20-9
interoperability with IEEE 802.1D
described 20-8
restarting migration process 20-28
topology changes 20-13
overview 20-9
port roles
described 20-9
synchronized 20-11
proposal-agreement handshake process 20-10
rapid convergence
cross-stack rapid convergence 20-11
described 20-10
edge ports and Port Fast 20-10
point-to-point links 20-10, 20-27
root ports 20-10
root port, defined 20-9
running configuration
replacing A-21
saving 4-16
S
SC (standby command switch) 6-10
scheduled reloads 4-24
scheduling, IP SLAs operations 46-5
SCP
and SSH 9-58
configuring 9-58
SDM
described 8-1
switch stack consideration 5-10
templates
configuring 8-5
number of 8-1
SDM template
configuring 8-4
dual IPv4 and IPv6 8-2
types of 8-1
secondary edge port, REP 22-4
secondary VLANs 17-2
secure HTTP client
configuring 9-57
displaying 9-57
secure HTTP server
configuring 9-55
displaying 9-57
secure MAC addresses
and switch stacks 29-18
deleting 29-16
maximum number of 29-10
types of 29-9
secure ports
and switch stacks 29-18
configuring 29-9
secure remote connections 9-47
Secure Socket Layer
security, port 29-8
Security Exchange Protocol (SXP) 12-2
security features 1-10
Security Group Access Control List (SGACL) 12-2
Security Group Tag (SGT) 12-2
sequence numbers in log messages 34-8
server mode, VTP 15-3
service-provider network, MSTP and RSTP 20-1
service-provider networks
and customer VLANs 18-2
and IEEE 802.1Q tunneling 18-1
Layer 2 protocols across 18-8
Layer 2 protocol tunneling for EtherChannels 18-10
set-request operation 35-4
setup program
failed command switch replacement 52-11
replacing failed command switch 52-9
severity levels, defining in system messages 34-9
SFPs
monitoring status of 52-14
numbering of 13-13
security and identification 52-14
status, displaying 52-14
SGACL 12-2
SGT 12-2
shaped round robin
show access-lists hw-summary command 37-22
show and more command output, filtering 2-9
show cluster members command 6-16
show configuration command 13-31
show forward command 52-23
show interfaces command 13-24, 13-31
show interfaces switchport 23-4
show l2protocol command 18-14, 18-16, 18-17
show platform forward command 52-23
show running-config command
interface description in 13-31
shutdown command on interfaces 13-42
shutdown threshold for Layer 2 protocol packets 18-12
Simple Network Management Protocol
single session ID 10-35
small form-factor pluggable modules
small-frame arrival rate, configuring 29-5
SNAP 28-1
SNMP
accessing MIB variables with 35-4
agent
described 35-4
disabling 35-7
and IP SLAs 46-2
authentication level 35-11
community strings
configuring 35-8
for cluster switches 35-4
overview 35-4
configuration examples 35-19
default configuration 35-6
engine ID 35-7
host 35-7
ifIndex values 35-5
in-band management 1-8
in clusters 6-14
informs
and trap keyword 35-13
described 35-5
differences from traps 35-5
disabling 35-16
enabling 35-16
limiting access by TFTP servers 35-18
limiting system log messages to NMS 34-10
managing clusters with 6-17
notifications 35-5
security levels 35-3
setting CPU threshold notification 35-17
status, displaying 35-20
system contact and location 35-17
trap manager, configuring 35-15
traps
described 35-5
differences from informs 35-5
disabling 35-16
enabling 35-13
enabling MAC address notification 7-16, 7-18, 7-20
types of 35-13
versions supported 35-2
SNMP and Syslog Over IPv6 43-13
SNMP traps
REP 22-13
SNMPv1 35-2
SNMPv2C 35-2
SNMPv3 35-2
snooping, IGMP 26-2
software compatibility
software images
location in flash A-26
recovery procedures 52-2
scheduling reloads 4-24
tar file format, described A-26
See also downloading and uploading
software images in mixed stacks
See the Cisco Software Activation and Compatibility Document
source-and-destination-IP address based forwarding, EtherChannel 40-9
source-and-destination MAC address forwarding, EtherChannel 40-9
source-IP address based forwarding, EtherChannel 40-9
source-MAC address forwarding, EtherChannel 40-8
Source-specific multicast
SPAN
and stack changes 32-11
configuration guidelines 32-13
default configuration 32-12
destination ports 32-8
displaying status 32-31
interaction with other features 32-10
monitored ports 32-7
monitoring ports 32-8
ports, restrictions 29-12
received traffic 32-6
session limits 32-13
sessions
configuring ingress forwarding 32-17, 32-26
defined 32-4
limiting source traffic to specific VLANs 32-18
removing destination (monitoring) ports 32-15
specifying monitored ports 32-14, 32-28
with ingress traffic enabled 32-16
source ports 32-7
transmitted traffic 32-6
VLAN-based 32-7
spanning tree and native VLANs 14-17
Spanning Tree Protocol
SPAN traffic 32-6
split horizon, RIP 42-24
SRR
configuring
shaped weights on egress queues 38-90
shared weights on egress queues 38-91
shared weights on ingress queues 38-83
described 38-15
shaped mode 38-15
shared mode 38-16
SSH
configuring 9-48
encryption methods 9-47
switch stack considerations 5-17
user authentication methods, supported 9-48
SSL
configuration guidelines 9-54
configuring a secure HTTP client 9-57
configuring a secure HTTP server 9-55
described 9-51
monitoring 9-57
SSM
address management restrictions 49-16
CGMP limitations 49-16
components 49-14
configuration guidelines 49-16
differs from Internet standard multicast 49-14
IGMP snooping 49-16
IGMPv3 49-14
IGMPv3 Host Signalling 49-15
IP address range 49-15
monitoring 49-17
operations 49-15
PIM 49-14
state maintenance limitations 49-16
SSM mapping 49-17
configuration guidelines 49-17
monitoring 49-22
overview 49-18
restrictions 49-18
static traffic forwarding 49-21
stack changes
effects on
IPv6 routing 43-15
stack changes, effects on
ACL configuration 37-7
CDP 28-2
cross-stack EtherChannel 40-13
EtherChannel 40-10
fallback bridging 51-3
HSRP 45-5
IEEE 802.1x port-based authentication 10-11
IGMP snooping 26-7
IP routing 42-4
IPv6 ACLs 39-4
MAC address tables 7-15
MSTP 20-8
multicast routing 49-10
MVR 26-18
port security 29-18
SDM template selection 8-3
SNMP 35-1
SPAN and RSPAN 32-11
STP 19-12
switch clusters 6-14
system message log 34-2
VLANs 14-6
VTP 15-7
stack master
bridge ID (MAC address) 5-6
defined 5-2
election 5-5
IPv6 43-15
re-election 5-5
stack member
accessing CLI of specific member 5-30
configuring
member number 5-26
priority value 5-26
defined 5-2
displaying information of 5-30
IPv6 43-16
number 5-7
priority value 5-7
provisioning a new member 5-27
replacing 5-16
stack member number 13-13
stack protocol version 5-11
stacks, switch
accessing CLI of specific member 5-30
assigning information
member number 5-26
priority value 5-26
provisioning a new member 5-27
auto-advise 5-12
auto-copy 5-12
auto-extract 5-12
auto-upgrade 5-12
bridge ID 5-6
Catalyst 3750-E-only 5-1
CDP considerations 28-2
compatibility, software 5-11
configuration file 5-15
configuration scenarios 5-18
copying an image file from one member to another A-40
default configuration 5-24
description of 5-1
displaying information of 5-30
enabling persistent MAC address timer 5-24
hardware compatibility and SDM mismatch mode 5-10
HSRP considerations 45-5
in clusters 6-14
incompatible software and image upgrades 5-15, A-40
IPv6 on 43-15
MAC address considerations 7-15
MAC address of 5-24
management connectivity 5-17
managing 5-1
managing mixed
See Catalyst 3750-E and 3750 Switch Stacking Compatibility Guide
membership 5-4
merged 5-4
mixed
hardware 5-1
hardware and software 5-2
software 5-2
with Catalyst 3750-E and 3750 switches 5-1
mixed software images
See Cisco Software Activation and Compatibility Document
MSTP instances supported 19-10
multicast routing, stack master and member roles 49-10
offline configuration
described 5-8
effects of adding a provisioned switch 5-8
effects of removing a provisioned switch 5-10
effects of replacing a provisioned switch 5-10
provisioned configuration, defined 5-8
provisioned switch, defined 5-8
provisioning a new member 5-27
provisioned switch
adding 5-8
removing 5-10
replacing 5-10
replacing a failed member 5-16
software compatibility 5-11
software image version 5-11
stack protocol version 5-11
STP
bridge ID 19-3
instances supported 19-10
root port selection 19-3
stack root switch election 19-3
system messages
hostnames in the display 34-1
remotely monitoring 34-2
system prompt consideration 7-8
system-wide configuration considerations 5-16
upgrading A-40
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 5-12
described 5-11
examples 5-13
manual upgrades with auto-advise 5-12
upgrades with auto-extract 5-12
See also stack master and stack member
StackWise Plus technology, Cisco 1-3
standby command switch
considerations 6-11
defined 6-2
priority 6-10
requirements 6-3
virtual IP address 6-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 45-6
standby links 23-2
standby router 45-2
standby timers, HSRP 45-10
startup configuration
booting
manually 4-19
specific image 4-20
clearing A-20
configuration file
automatically downloading 4-18
specifying the filename 4-19
default boot configuration 4-18
static access ports
assigning to VLAN 14-9
static addresses
static IP routing 1-15
static MAC addressing 1-11
static route primary interface, configuring 47-10
static routes
configuring 42-93
understanding 43-11
static routing 42-3
static routing support, enhanced object tracking 47-10
static SSM mapping 49-18, 49-20
static traffic forwarding 49-21
static VLAN membership 14-2
statistics
802.1X 11-17
CDP 28-5
IEEE 802.1x 10-69
interface 13-40
IP multicast routing 49-63
OSPF 42-36
RMON group Ethernet 33-6
RMON group history 33-5
SNMP input and output 35-20
VTP 15-17
sticky learning 29-9
storm control
configuring 29-3
described 29-1
disabling 29-5
support for 1-5
thresholds 29-1
STP
accelerating root port selection 21-4
and REP 22-6
BackboneFast
described 21-7
disabling 21-17
enabling 21-17
BPDU filtering
described 21-3
disabling 21-15
enabling 21-15
BPDU guard
described 21-2
disabling 21-14
enabling 21-14
BPDU message exchange 19-3
configuration guidelines 19-14, 21-12
configuring
forward-delay time 19-23
hello time 19-22
maximum aging time 19-23
path cost 19-20
port priority 19-18
root switch 19-16
secondary root switch 19-18
spanning-tree mode 19-15
switch priority 19-21
transmit hold-count 19-24
counters, clearing 19-24
cross-stack UplinkFast
described 21-5
enabling 21-17
default configuration 19-13
default optional feature configuration 21-12
designated port, defined 19-4
designated switch, defined 19-4
detecting indirect link failures 21-8
disabling 19-16
displaying status 19-24
EtherChannel guard
described 21-10
disabling 21-18
enabling 21-17
extended system ID
effects on root switch 19-16
effects on the secondary root switch 19-18
overview 19-5
unexpected behavior 19-16
features supported 1-9
IEEE 802.1D and bridge ID 19-5
IEEE 802.1D and multicast addresses 19-9
IEEE 802.1t and VLAN identifier 19-5
inferior BPDU 19-3
instances supported 19-10
interface state, blocking to forwarding 21-2
interface states
blocking 19-7
disabled 19-8
learning 19-7
listening 19-7
overview 19-5
interoperability and compatibility among modes 19-11
keepalive messages 19-2
Layer 2 protocol tunneling 18-8
limitations with IEEE 802.1Q trunks 19-11
load sharing
overview 14-22
using path costs 14-25
using port priorities 14-23
loop guard
described 21-11
enabling 21-19
modes supported 19-10
multicast addresses, effect of 19-9
optional features supported 1-9
overview 19-2
path costs 14-25
Port Fast
described 21-2
enabling 21-13
port priorities 14-23
preventing root switch selection 21-10
protocols supported 19-10
redundant connectivity 19-9
root guard
described 21-10
enabling 21-18
root port, defined 19-3
root port selection on a switch stack 19-3
root switch
configuring 19-16
effects of extended system ID 19-5, 19-16
election 19-3
unexpected behavior 19-16
shutdown Port Fast-enabled port 21-2
stack changes, effects of 19-12
status, displaying 19-24
superior BPDU 19-3
timers, described 19-22
UplinkFast
described 21-4
enabling 21-16
VLAN-bridge 19-11
stratum, NTP 7-2
stub areas, OSPF 42-32
stub routing, EIGRP 42-43
subdomains, private VLAN 17-1
subnet mask 42-7
subnet zero 42-8
success response, VMPS 14-27
summer time 7-7
SunNet Manager 1-6
supernet 42-8
supported port-based authentication methods 10-8
SVI autostate exclude
configuring 13-34
defined 13-6
SVI link state 13-6
SVIs
and IP unicast routing 42-5
and router ACLs 37-4
connecting VLANs 13-11
defined 13-5
routing between VLANs 14-2
switch 43-2
switch clustering technology 6-1
switch console port 1-8
Switch Database Management
switched packets, ACLs on 37-40
Switched Port Analyzer
switched ports 13-2
switchport backup interface 23-4, 23-5
switchport block multicast command 29-8
switchport block unicast command 29-8
switchport command 13-22
switchport mode dot1q-tunnel command 18-7
switchport protected command 29-7
switch priority
MSTP 20-24
STP 19-21
switch software features 1-1
switch virtual interface
SXP 12-2
synchronization, BGP 42-49
syslog
system capabilities TLV 30-2
system clock
configuring
daylight saving time 7-7
manually 7-5
summer time 7-7
time zones 7-6
displaying the time and date 7-5
overview 7-2
system description TLV 30-2
system message logging
default configuration 34-4
defining error message severity levels 34-9
disabling 34-4
displaying the configuration 34-18
enabling 34-5
facility keywords, described 34-15
level keywords, described 34-10
limiting messages 34-10
message format 34-2
overview 34-1
sequence numbers, enabling and disabling 34-8
setting the display destination device 34-5
stack changes, effects of 34-2
synchronizing log messages 34-6
syslog facility 1-17
time stamps, enabling and disabling 34-8
UNIX syslog servers
configuring the daemon 34-13
configuring the logging facility 34-14
facilities supported 34-15
system MTU
and IS-IS LSPs 42-70
system MTU and IEEE 802.1Q tunneling 18-5
system name
default configuration 7-9
default setting 7-9
manual configuration 7-9
system name TLV 30-2
system prompt, default setting 7-8, 7-9
system resources, optimizing 8-1
system routing
IS-IS 42-66
ISO IGRP 42-66
T
TACACS+
accounting, defined 9-12
authentication, defined 9-11
authorization, defined 9-11
configuring
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-18
identifying the server 9-13
in clusters 6-16
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-12
tracking services accessed by user 9-17
tagged packets
IEEE 802.1Q 18-3
Layer 2 protocol 18-8
tar files
creating A-7
displaying the contents of A-7
extracting A-8
image file format A-26
TCL script, registering and defining with embedded event manager 36-7
TDR 1-17
Telnet
accessing management interfaces 2-10
number of connections 1-8
setting a password 9-6
templates, SDM 8-1
temporary self-signed certificate 9-52
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 9-6
ternary content addressable memory 52-27
TFTP
configuration files
downloading A-12
preparing the server A-11
uploading A-13
configuration files in base directory 4-8
configuring for autoconfiguration 4-7
image files
deleting A-30
downloading A-28
preparing the server A-28
uploading A-30
limiting access by servers 35-18
TFTP server 1-7
threshold, traffic level 29-2
threshold monitoring, IP SLAs 46-6
time
Time Domain Reflector
time-range command 37-17
time ranges in ACLs 37-17
time stamps in log messages 34-8
time zones 7-6
TLVs
defined 30-2
LLDP 30-2
LLDP-MED 30-2
Token Ring VLANs
support for 14-5
VTP support 15-4
ToS 1-14
traceroute, Layer 2
and ARP 52-17
and CDP 52-17
broadcast traffic 52-16
described 52-16
IP addresses and subnets 52-17
MAC addresses and VLANs 52-17
multicast traffic 52-17
multiple devices on a port 52-17
unicast traffic 52-16
usage guidelines 52-17
traceroute command
tracked lists
configuring 47-3
types 47-3
tracked objects
by Boolean expression 47-4
by threshold percentage 47-6
by threshold weight 47-5
tracking interface line-protocol state 47-2
tracking IP routing state 47-2
tracking objects 47-1
tracking process 47-1
track state, tracking IP SLAs 47-9
traffic
blocking flooded 29-8
fragmented 37-5
fragmented IPv6 39-3
unfragmented 37-5
traffic policing 1-14
traffic suppression 29-1
transmit hold-count
transparent mode, VTP 15-3
trap-door mechanism 4-2
traps
configuring MAC address notification 7-16, 7-18, 7-20
configuring managers 35-13
enabling 7-16, 7-18, 7-20, 35-13
notification types 35-13
troubleshooting
connectivity problems 52-15, 52-16, 52-18
CPU utilization 52-30
detecting unidirectional links 31-1
displaying crash information 52-25
PIMv1 and PIMv2 interoperability problems 49-35
setting packet forwarding 52-23
SFP security and identification 52-14
show forward command 52-23
with CiscoWorks 35-4
with debug commands 52-21
with ping 52-15
with system message logging 34-1
with traceroute 52-18
trunk failover
trunking encapsulation 1-10
trunk ports
configuring 14-19
trunks
allowed-VLAN list 14-20
ISL 14-15
load sharing
setting STP path costs 14-25
using STP port priorities 14-23
native VLAN for untagged traffic 14-22
parallel 14-25
pruning-eligible list 14-21
to non-DTP device 14-15
trusted boundary for QoS 38-46
trusted port states
between QoS domains 38-48
classification options 38-5
ensuring port security for IP phones 38-46
support for 1-14
within a QoS domain 38-44
trustpoints, CA 9-52
tunneling
defined 18-1
IEEE 802.1Q 18-1
Layer 2 protocol 18-8
tunnel ports
IEEE 802.1Q, configuring 18-7
incompatibilities with other features 18-6
twisted-pair Ethernet, detecting unidirectional links 31-1
type of service
U
UDLD
configuration guidelines 31-4
default configuration 31-4
disabling
globally 31-5
on fiber-optic interfaces 31-5
per interface 31-6
echoing detection mechanism 31-3
enabling
globally 31-5
per interface 31-6
Layer 2 protocol tunneling 18-11
link-detection mechanism 31-1
neighbor database 31-2
overview 31-1
resetting an interface 31-6
status, displaying 31-7
support for 1-9
UDP, configuring 42-16
UDP jitter, configuring 46-9
UDP jitter operation, IP SLAs 46-8
unauthorized ports with IEEE 802.1x 10-10
unicast MAC address filtering 1-7
and adding static addresses 7-22
and broadcast MAC addresses 7-22
and CPU packets 7-22
and multicast addresses 7-22
and router MAC addresses 7-22
configuration guidelines 7-22
described 7-22
unicast storm 29-1
unicast storm control command 29-4
unicast traffic, blocking 29-8
UniDirectional Link Detection protocol
universal software image
cryptographic 1-1
feature set
IP base 1-1
IP services 1-1
noncryptographic 1-1
UNIX syslog servers
daemon configuration 34-13
facilities supported 34-15
message logging configuration 34-14
unrecognized Type-Length-Value (TLV) support 15-4
upgrading software images
UplinkFast
described 21-4
disabling 21-16
enabling 21-16
support for 1-9
uploading
configuration files
reasons for A-9
using FTP A-16
using RCP A-19
using TFTP A-13
image files
reasons for A-25
using FTP A-34
using RCP A-38
using TFTP A-30
User Datagram Protocol
username-based authentication 9-7
Using Memory Consistency Check Routines 52-27
V
VACLs
logging
configuration example 37-39
version-dependent transparent mode 15-4
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 5-12
described 5-11
displaying 5-11
manual upgrades with auto-advise 5-12
upgrades with auto-extract 5-12
virtual IP address
cluster standby group 6-11
command switch 6-11
Virtual Private Network
virtual switches and PAgP 40-6
vlan.dat file 14-4
VLAN 1
disabling on a trunk port 14-20
minimization 14-20
VLAN ACLs
vlan-assignment response, VMPS 14-27
VLAN blocking, REP 22-12
VLAN configuration
at bootup 14-7
saving 14-7
VLAN database
and startup configuration file 14-7
and VTP 15-1
VLAN configuration saved in 14-7
VLANs saved in 14-4
vlan dot1q tag native command 18-5
VLAN filtering and SPAN 32-8
vlan global configuration command 14-6
VLAN ID, discovering 7-25
VLAN link state 13-6
VLAN load balancing
REP 22-4
VLAN load balancing, triggering 22-5
VLAN load balancing on flex links
configuration guidelines 23-8
described 23-2
VLAN management domain 15-2
VLAN Management Policy Server
VLAN map entries, order of 37-32
VLAN maps
applying 37-35
common uses for 37-35
configuration guidelines 37-32
configuring 37-31
creating 37-33
defined 37-2
denying access to a server example 37-37
denying and permitting packets 37-33
displaying 37-44
examples of ACLs and VLAN maps 37-33
removing 37-35
support for 1-11
wiring closet configuration example 37-36
VLAN membership
confirming 14-30
modes 14-3
VLAN Query Protocol
VLANs
adding 14-8
adding to VLAN database 14-8
aging dynamic addresses 19-10
allowed on trunk 14-20
and spanning-tree instances 14-3, 14-6, 14-11
configuration guidelines, extended-range VLANs 14-11
configuration guidelines, normal-range VLANs 14-5
configuring 14-1
configuring IDs 1006 to 4094 14-11
connecting through SVIs 13-11
customer numbering in service-provider networks 18-3
default configuration 14-7
deleting 14-9
displaying 14-14
features 1-10
illustrated 14-2
internal 14-11
in the switch stack 14-6
limiting source traffic with RSPAN 32-22
limiting source traffic with SPAN 32-18
modifying 14-8
multicast 26-18
native, configuring 14-22
number supported 1-10
parameters 14-4
port membership modes 14-3
static-access ports 14-9
STP and IEEE 802.1Q trunks 19-11
supported 14-2
Token Ring 14-5
traffic between 14-2
VTP modes 15-3
VLAN Trunking Protocol
VLAN trunks 14-15
VMPS
administering 14-31
configuration example 14-32
configuration guidelines 14-28
default configuration 14-28
description 14-26
dynamic port membership
described 14-27
reconfirming 14-30
troubleshooting 14-32
entering server address 14-29
mapping MAC addresses to VLANs 14-26
monitoring 14-31
reconfirmation interval, changing 14-30
reconfirming membership 14-30
retry count, changing 14-31
voice aware 802.1x security
port-based authentication
configuring 10-41
voice-over-IP 16-1
voice VLAN
Cisco 7960 phone, port connections 16-1
configuration guidelines 16-3
configuring IP phones for data traffic
override CoS of incoming frame 16-7
trust CoS priority of incoming frame 16-7
configuring ports for voice traffic in
802.1p priority tagged frames 16-5
IEEE 802.1Q frames 16-5
connecting to an IP phone 16-4
default configuration 16-3
described 16-1
displaying 16-7
IP phone data traffic, described 16-2
IP phone voice traffic, described 16-2
VPN
configuring routing in 42-85
forwarding 42-78
in service provider networks 42-75
routes 42-76
VPN routing and forwarding table
VRF
defining 42-78
tables 42-75
VRF-aware services
ARP 42-81
configuring 42-80
ftp 42-83
HSRP 42-82
ping 42-81
RADIUS 42-82
SNMP 42-81
syslog 42-83
tftp 42-83
traceroute 42-83
uRPF 42-82
VRFs, configuring multicast 42-84
VTP
adding a client to a domain 15-16
and extended-range VLANs 14-2, 15-2
and normal-range VLANs 14-2, 15-2
client mode, configuring 15-13
configuration
requirements 15-11
saving 15-9
configuration requirements 15-11
configuration revision number
guideline 15-16
resetting 15-17
consistency checks 15-5
default configuration 15-8
described 15-1
domain names 15-9
domains 15-2
Layer 2 protocol tunneling 18-8
modes
client 15-3
off 15-3
server 15-3
transitions 15-3
transparent 15-3
monitoring 15-17
passwords 15-9
pruning
disabling 15-15
enabling 15-15
examples 15-7
overview 15-6
support for 1-10
pruning-eligible list, changing 14-21
server mode, configuring 15-11, 15-14
statistics 15-17
support for 1-10
Token Ring support 15-4
transparent mode, configuring 15-11
using 15-1
Version
enabling 15-14
version, guidelines 15-10
Version 1 15-4
Version 2
configuration guidelines 15-10
overview 15-4
Version 3
overview 15-5
W
WCCP
authentication 48-3
configuration guidelines 48-5
default configuration 48-5
described 48-2
displaying 48-10
dynamic service groups 48-3
enabling 48-6
features unsupported 48-5
forwarding method 48-3
Layer-2 header rewrite 48-3
MD5 security 48-3
message exchange 48-2
monitoring and maintaining 48-10
negotiation 48-3
packet redirection 48-3
packet-return method 48-3
redirecting traffic received from a client 48-6
setting the password 48-7
unsupported WCCPv2 features 48-5
web authentication 10-16
configuring11-16to ??
described 1-10
web-based authentication
customizeable web pages 11-6
description 11-1
web-based authentication, interactions with other features 11-7
Web Cache Communication Protocol
weighted tail drop
weight thresholds in tracked lists 47-5
wired location service
configuring 30-10
displaying 30-11
location TLV 30-3
understanding 30-3
wizards 1-3
WTD
described 38-15
setting thresholds
egress queue-sets 38-86
ingress queues 38-82
support for 1-14