-
Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.1E
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch for the First Time
-
Configuring Interfaces
-
Checking Port Status and Connectivity
-
Configuring Layer 2 Ethernet Interfaces
-
Understanding and Configuring VLANs
-
Configuring Private VLANs
-
Understanding and Configuring VTP
-
Understanding and Configuring STP
-
Configuring STP Features
-
Understanding and Configuring Multiple Spanning Trees
-
Understanding and Configuring IGMP Snooping and Filtering
-
Understanding and Configuring CDP
-
Understanding and Configuring EtherChannel
-
Understanding and Configuring UDLD
-
Configuring DHCP Snooping and IP Source Guard
-
Configuring Layer 3 Interfaces
-
Configuring Cisco Express Forwarding
-
Understanding and Configuring IP Multicast
-
Configuring Network Security with ACLs
-
Configuring 802.1x Port-Based Authentication
-
Configuring QoS
-
Configuring SPAN
-
Environmental Monitoring and Power Management
-
Configuring Supervisor Engine Redundancy on the Catalyst 4507R and Catalyst 4510R Switches
-
Configuring Voice Interfaces
-
Acronyms
-
Index file
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V -
Index
Numerics
802.10 SAID (default)7-4
802.1Q trunks10-6
802.1Q VLANs
encapsulation6-3
trunk restrictions6-5
802.1s
802.1w
802.1X
A
AAA
disabling22-7
enabling22-7
abbreviating commands2-5
access control entries
access ports, configuring6-8
access VLANs6-6
ACEs
ACLs21-2
Ethernet21-2
IP21-2
Layer 4 operation restrictions21-5
ACLs
ACEs21-2
applying on routed packets21-16
applying on switched packets21-16
compatibility on the same switch21-2
configuring with VLAN maps21-15
CPU impact21-6
MAC extended21-8
matching criteria for router ACLs21-2
processing21-6
types supported21-2
acronyms, list ofA-1
addresses
adjacency tables
description19-2
displaying statistics19-10
advertisements, VTP
alarms
major25-2
minor25-2
audiencexv
authentication
See also port-based authentication
authentication server
defined22-2
RADIUS server22-2
authorized and unauthorized ports22-4
authorized ports with 802.1X22-4
Auto-RP
configuring20-15
groups covered20-16
mapping agent20-16
See also RPs20-15
B
BackboneFast
adding a switch (figure)11-2
and MST12-2
configuring11-15
link failure (figure)11-7, 11-8
not supported MST12-2
understanding11-6
BGP1-6
blocking state (STP)
RSTP comparisons (table)12-4
boot bootldr command3-18, 3-19
boot command3-14
boot fields
See configuration register boot fields
BOOTLDR environment variables
configuring3-19
description3-18
setting3-18
boot loader image
setting3-19
bootstrap router
boot system flash command3-15
Border Gateway Protocol
boundary ports
description12-6
BPDU Guard
and MST12-2
configuring11-12
overview11-4
BPDUs
and media speed10-2
pseudobridges and12-5
what they contain10-3
bridge ID
bridge priority (STP)10-16
bridge protocol data units
BSR
configuration considerations20-18
configuration example20-33
configuring20-20
PIM version 2 and20-17
using with Auto-RP20-21
burst rate23-31
burst size23-18
C
cautions for passwords
encrypting3-9
TACACS+3-9
CDP
configuration14-1
displaying configuration14-3
enabling on interfaces14-2
maintaining14-3
monitoring14-3
cdp enable command14-2
CEF
adjacency tables19-2
configuring load balancing19-7
disabling per-destination load balancing19-8
display statistics19-9
enabling19-7
hardware switching19-4
load balancing19-6
overview19-1
software switching19-4
CGMP
overview13-1
channel-group group command15-5
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IP Phones
configuring27-1
sound quality27-1
CIST
description12-2
class-map command23-19
class of service
clear cdp counters command14-3
clear cdp table command14-3
clear counters command4-10
clearing
IP multicast table entries20-32
CLI
accessing2-1
backing out one level2-5
getting commands2-5
history substitution2-3
modes2-5
monitoring environments24-1
ROM monitor2-6
software basics2-4
clients
in 802.1x authentication22-2
command-line processing2-3
command modes2-4
commands
listing2-5
common and internal spanning tree
common spanning tree
community ports
description8-1
community VLANs
description8-2
config-register command3-15
config terminal command3-2
configuration files
saving3-3
configuration register
configuring3-13
settings at startup3-14
configuration register boot fields
listing value3-16
modifying3-15
configure terminal command3-15, 4-2
configuring
inline power25-14
console configuration mode2-5
console port
disconnecting user sessions5-5
monitoring user sessions5-4
copy running-config startup-config command3-3
copy system:running-config nvram:startup-config command3-18
CoS
configuring port value23-28
definition23-3
figure23-1
overriding on Cisco IP Phones27-3
priority27-3
CoS-to-DSCP maps23-32
counters
clearing MFIB20-32
clearing on interfaces4-10
CST
description12-5
IST and12-2
MST and12-2
D
default configuration
802.1X22-6
IGMP filtering13-11
default gateway
configuring3-4
verifying configuration3-5
default ports
802.1x authentication not supported on22-7
description command4-8
detecting unidirectional links16-1
DHCP snooping
configuration guidelines17-2
configuring17-2
default configuration17-2
displaying binding tables17-4
displaying configuration17-4
enabling17-3
monitoring17-4
overview17-1
Differentiated Services Code Point values
DiffServ architecture, QoS23-1
dir command3-19
disabled state
RSTP comparisons (table)12-4
disconnect command5-5
documentation
organizationxv
relatedxvii
DSCP maps23-32
DSCP-to-CoS maps
configuring23-34
DSCP values
configuring maps23-32
configuring port value23-29
definition23-3
IP precedence23-2
mapping markdown23-15
mapping to transmit queues23-30
DTP
VLAN trunks and6-3
duplex command4-7
duplex mode
configuring interface4-6
Dynamic Host Configuration Protocol snooping
Dynamic Trunking Protocol
E
EAP
request/identity frame22-3
response/identity frame22-3
EAP frames
changing retransmission time22-11
exchanging (figure)22-3
setting retransmission number22-12
EAPOL frames
802.1x authentication and22-2
OTP authentication, example (figure)22-3
EAPOL-start frame22-3
edge ports
description12-7
EGP
overview1-6
EIGRP
overview1-6
eleases11-4
enable mode2-4
encapsulation types6-3
Enhanced Interior Gateway Routing Protocol
environmental monitoring
LED indications25-2
SNMP traps25-2
supervisor engine25-3
switching modules25-3
using CLI commands25-1
environment variables
See BOOTLDR environment variables; CONFIG_FILE environment variables
EtherChannel
channel-group group command15-5
configuration guidelines15-3
configuring Layer 215-7
configuring Layer 315-4
interface port-channel command15-5
modes15-2
overview15-1
physical interface configuration15-5
port-channel interfaces15-2
port-channel load-balance command15-10
removing15-11
removing interfaces15-10
EtherChannel ports
802.1x authentication not supported in22-7
extended range VLANs
Extensible Authentication Protocol over LAN22-1
Exterior Gateway Protocol
F
FastDrop
clearing entries20-32
displaying entries20-31
overview20-10
fast-leave processing
enabling13-6
FIB
description19-2
filtering
in a VLAN21-9
non-IP traffic21-8
flags20-10
Flash memory
configuring router to boot from3-17
loading system images from3-17
security precautions3-17
forward-delay time (STP)
configuring10-18
forwarding information base
G
gateway
generic routing encapsulation tunneling
global configuration mode2-4
GRE tunneling
alternative to IP multicast routing20-26
group-to-RP mapping
displaying20-22
verifying20-16
verifying PIM version 220-22
H
hardware switching19-5
hello time (STP)
configuring10-17
history
CLI2-3
hop counts
configuring MST bridges12-7
Hot Standby Routing Protocol
HSRP
description1-5
I
ICMP
enabling5-8
ping5-5
running IP traceroute5-7
time exceeded messages5-7
IEEE 802.1s
IEEE 802.1w
IGMP
description20-2
enabling20-13
fast-leave processing13-2
overview13-1
IGMP filtering
configuring13-12
default configuration13-11
described13-11
monitoring13-15
IGMP groups, setting the maximum number13-14
IGMP profile
applying13-13
configuration mode13-12
configuring13-12
IGMP snooping
configuration guidelines13-3
enabling13-4
IP multicast and20-3
monitoring13-9
overview13-1
IGRP
description1-6
inline power
configuring on Cisco IP phones27-3
interface port-channel command15-5
interface range command4-4
interface range macro command4-5
interfaces
adding descriptive name4-8
clearing counters4-10
configuring4-2
configuring ranges4-4
displaying information about4-9
Layer 2 modes6-4
maintaining4-9
monitoring4-9
naming4-8
numbers4-2
overview4-1
Interior Gateway Routing Protocol
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link encapsulation
IP
configuring default gateway3-4
configuring static routes3-5
displaying statistics19-9
ip cef command19-7
ip icmp rate-limit unreachable command5-8
ip igmp profile command13-12
ip igmp snooping tcn flood command13-8
ip igmp snooping tcn flood query count command13-9
ip igmp snooping tcn query solicit command13-9
ip load-sharing per-destination command19-8
ip mask-reply comand5-9
ip mroute command20-27
IP multicast
clearing table entries20-32
configuring static routes20-26
default configuration20-12
displaying group-to-RP mapping20-16
displaying PIM information20-27
enabling20-13
enabling dense-mode PIM20-13
enabling sparse-mode20-13
features not supported20-11
hardware forwarding20-7
monitoring20-27
mroute20-26
overview20-1
prune messages20-3
routing protocols20-2
shared tree20-23
software forwarding20-7
source tree20-23
See also Auto-RP; IGMP; PIM; RP; RPF
ip multicast-routing command20-13
IP multicat
displaying the routing table information20-28
IP Phones
configuring voice ports27-2
See Cisco IP Phones27-1
ip pim accept-rp command20-25
ip pim border command20-20
ip pim command20-13
ip pim dense-mode command20-13
ip pim query-interval command20-25
ip pim rp-address command20-25
ip pim rp-announce-filter command20-17
ip pim rpr-candidate command20-21
ip pim send-rp-announce command20-16
ip pim send-rp-discovery command20-16
ip pim sparse-dense-mode command20-14
ip pim spt-threshold command20-24
ip pim version command20-19
ip redirects command5-8
IP routing tables
deleting entries20-32
IP statistics
displaying19-9
IP traceroute
executing5-7
overview5-6
IP unicast
displaying statistics19-9
ip unreachables command5-8
IPX
redistribution of route information with EIGRP1-6
ISL encapsulation6-3
isolated ports
description8-1
isolated VLANs
description8-2
IST
description12-2
MST regions and12-2
IST master
description12-7
J
join message20-3
K
keyboard shortcuts2-3
L
labels
definition23-3
Layer 2 access ports6-8
Layer 2 frames, classification with CoS23-1
Layer 2 interfaces
assigning VLANs7-8
configuring6-5
configuring as PVLAN host ports8-8
configuring as PVLAN promiscuous ports8-7
configuring as PVLAN trunk ports8-9
defaults6-5
disabling configuration6-9
modes6-4
show interfaces command6-7
Layer 2 interface type
resetting8-11
setting8-11
Layer 2 switching
overview6-1
Layer 2 trunks
configuring6-6
overview6-3
Layer 3 packets, classification methods23-2
Layer 4 port operations
configuration guidelines21-5
restrictions21-5
leave processing, IGMP
LEDs
description (table)25-3
listening state (STP)
RSTP comparisons (table)12-4
load balancing
configuring for CEF19-7
configuring for EtherChannel15-9
per-destination19-7
login timer
changing5-4
logoutwarning command5-4
loop guard
and MST12-2
configuring11-10
overview11-2
M
MAC addresses
allocating10-5
building tables6-2
displaying5-2
displaying in DHCP snooping binding table17-4
in ACLs21-8
MAC extended access lists21-8
mapping
DSCP markdown values23-15
DSCP values to transmit queues23-30
mapping tables
configuring DSCP23-32
described23-12
maximum aging time (STP)
configuring10-18
MFIB
CEF and20-5
displaying20-30
overview20-10
modules
checking status5-1
monitoring
ACL information21-17
IGMP filters13-15
IGMP snooping13-9
VLAN
maps21-17
VLAN filters21-17
M-record12-2
mroute20-26
MST
and multiple spanning trees1-3, 12-2
boundary ports12-6
BPDUs12-2
configuration12-5
configuring12-9
displaying configurations12-12
edge ports12-7
enabling12-9
hop count12-7
instances12-5
interoperability12-4
interoperability with PVST+12-2
link type12-7
master12-7
message age12-7
restrictions12-8
MST instances
configuring parameters12-11
description12-2
number supported12-5
MSTP
M-record12-2
M-tree12-2
M-tree12-2
MTU size (default)7-4
multicast
multicast routers
displaying routing tables20-28
flood supression13-7
specifying port for13-6
multiple forwarding paths1-3, 12-2
Multiple Spanning Tree
N
native VLAN
specifing6-6
network fault tolerance1-3, 12-2
network management
configuring14-1
Next Hop Resolution Protocol
NFFC/NFFC II
IGMP snooping and13-3
NHRP
support1-6
non-IP traffic filtering21-8
non-RPF traffic
description20-9
in redundant configurations (figure)20-9
nonvolatile random-access memory
normal-range VLANs
NVRAM
saving settings3-3
O
OIR
overview4-9
online insertion and removal
Open Shortest Path First
operating system images
OSPF
area concept1-6
description1-5
P
packets
modifying23-14
PAgP
overview15-2
passwords
configuring enable password3-7
configuring enable secret password3-7
encrypting3-9
recovering lost enable password3-11
setting line password3-8
setting TACACS+3-8
PIM
configuring dense mode20-13
configuring sparse mode20-13
delaying use of shortest path tree20-24
designated routers20-25
displaying informaiton20-27
displaying statistics20-31
enabling sparse-dense mode20-14
modifying router-query messages20-25
overview20-3
setting version20-19
PIM-DM20-3
PIM-SM20-3
PIM version 2
border20-20
defining domain border20-20
enabling sparse-dense mode20-20
prerequisites20-18
setting version20-19
troubleshooting20-22
ping
executing5-6
overview5-5
point-to-point
in 802.1x authentication (figure)22-2
police command23-23
policed-DSCP map23-33
policers
description23-5
number of23-9
types of23-9
policies
policing
policy-map command23-19, 23-21
policy maps
attaching to interfaces23-25
configuring23-21
Port Aggregation Protocol
port-based authentication
client, defined22-2
configuration guidelines22-7
configuring
quiet period22-10
configuring manual re-authentication of a client22-10
controlling authorization state22-4
default configuration22-6
described22-1
device roles22-2
disabling22-8
displaying statistics22-14
enabling22-7
enabling multiple hosts22-12
enabling periodic re-authentication22-9
encapsulation22-2
initiation and message exchange22-3
method lists22-7
ports not supported22-4
resetting to default values22-13
setting retransmission number22-12
setting retransmission time22-11
switch as proxy22-2
switch as RADIUS client22-2
topologies, supported22-4
port-based QoS features
port-channel interfaces
creating15-4
overview15-2
port-channel load-balance command15-10
port cost (STP)
configuring10-15
PortFast
and MST12-2
BPDU filter
configuring11-12
configuring or enabling11-11
overview11-3
PortFast BPDU filtering
overview11-4
Portfast BPDU filtering
and MST12-2
enabling11-12
port priority
configuring MST instances12-11
port priority (STP)10-12
ports
checking status5-2
community8-1
isolated8-1
PVLAN types8-1
port states
description10-5
port trust state
power inline command25-14
power management
1+1 redundancy mode25-9
2+1 redundancy mode25-9
Catalyst 4006 switch25-8
Catalyst 4500 series25-3
Catalyst 4500 Series power supplies25-8
combined mode25-4
configuring combined mode25-7
configuring redundant mode25-6
overview25-1
redundancy25-8
power managment
redundant mode25-4
power redundancy
setting on Catalyst 400625-11
power redundancy-mode comand25-7
power supplies required command25-11
primary VLANs
associating with secondary VLANs8-6
description8-1
priority
overriding27-3
privileged EXEC mode2-4
privileges
changing default3-10
configuring levels3-9
exiting3-10
logging in3-10
promiscuous ports
configuring PVLAN8-7
description8-1
setting mode8-11
protocol timers10-4
prune message20-3
pruning, VTP
pseudobridges
description12-5
PVLANs
802.1q support8-3
configuration guidelines8-4
configuring8-4
configuring promiscuous ports8-7
host ports
setting8-11
isolated VLANs8-2
overview8-1
permitting routing, example8-10
promiscuous mode
setting8-11
setting
interface mode8-11
Q
QoS
allocating bandwidth23-31
basic model23-5
burst size23-18
configuration guidelines23-16
configuring DSCP maps23-32
configuring traffic shaping23-31
configuring VLAN-based23-26
creating policing rules23-19
default configuration23-15
definitions23-3
disabling on interfaces23-25
enabling on interfaces23-25
overview23-1
packet modification23-14
priority23-13
traffic shaping23-14
transmit rate23-31
VLAN-based23-26
See also COS; DSCP values; transmit queues
QoS labels
definition23-3
QoS mapping tables
CoS-to-DSCP23-32
DSCP-to-CoS23-34
policed-DSCP23-33
types23-12
QoS marking
description23-4
QoS policers
burst size23-18
numbers of23-9
types of23-9
QoS policies
attaching to interfaces23-10
overview23-19
QoS policing
definition23-4
QoS transmit queues
allocating bandwidth23-31
burst23-14
configuring23-29
configuring traffic shaping23-31
mapping DHCP values to23-30
maximum rate23-14
overview23-13
sharing link bandwidth23-13
Quality of service
R
RADIUS server
configuring settings22-9
parameters on the switch22-8
range command4-4
range macros
defining4-5
ranges of interfaces
configuring4-4
Rapid Spanning Tree
re-authentication
configuring manual22-10
enabling periodic22-9
reduced MAC address10-2
redundancy (RPR)
configuring26-4
route processor redundancy26-2
supervisor engine and Cisco IOS software26-3
related documentationxvii
rendezvous points
replication
description20-8
reserved-range VLANs
retransmission number
setting in 802.1x authentication22-12
retransmission time
changing in 802.1x authentication22-11
reverse path forwarding
RIP
description1-5
rommon, command3-16
ROM monitor
boot process and3-12
CLI2-6
root bridge
selecting in MST12-2
root bridge (STP)
configuring10-9
root guard
and MST12-2
enabling11-9
overview11-2
routed packets, ACLs on21-16
route processor redundancy
router ACLs
description21-2
using with VLAN maps21-15
routers, multicast
Routing Information Protocol
RPF
description20-24
RPR+
RPs
adding default20-15
assigning to a group20-25
configuring addresses20-15
configuring candidate20-21
filtering RP announcements20-17
monitoring mapping20-22
verifying mapping20-16
RSTP
compatibility12-3
description12-2
port roles12-3
port states12-4
S
SAID
scheduling23-13
defined23-4
overview23-5
secondary root switch10-11
secondary VLANs
associating with primary8-6
description8-2
permitting routing8-10
Security Association Identifier
servers, VTP
service-policy command23-19
service-policy input command23-25
shared tree
configuring thresholds20-24
figure20-23
overview20-23
shortest path tree
show adjacency command19-10
show boot command3-18
show bootvar command3-19
show catalyst4000 chassis-mac-address command10-3
show cdp entry command14-3
show cdp interface command14-3
show cdp neighbors command14-3
show cdp traffic command14-4
show configuration command4-8
show debugging command14-4
show environment command25-1
show history command2-3
show inlinepower command25-14
show interfaces command4-9
show interfaces status command5-2
show ip cef command19-8
show ip interface command20-27
show ip mroute command20-27
show ip pim bsr command20-22
show ip pim interface command20-27
show ip pim rp command20-16
show ip pim rp-hash command20-22
show mac-address-table address command5-2
show mac-address-table interface command5-2
show mls entry command19-9
show power command25-11
show power supplies command25-7
show protocols command4-10
show running-config command
adding description for an interface4-8
checking your settings3-3
show startup-config command3-4
show users command5-4
show version command3-15
shutdown, command4-11
shutting down
interfaces4-10
single spanning tree