-
Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.1(19)EW
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch for the First Time
-
Configuring Interfaces
-
Checking Port Status and Connectivity
-
Configuring Layer 2 Ethernet Interfaces
-
Configuring Unidirectional Ethernet
-
Understanding and Configuring VLANs
-
Configuring Dynamic VLAN Membership
-
Configuring Private VLANs
-
Understanding and Configuring VTP
-
Understanding and Configuring STP
-
Configuring STP Features
-
Understanding and Configuring Multiple Spanning Trees
-
Understanding and Configuring IGMP Snooping and Filtering
-
Understanding and Configuring CDP
-
Understanding and Configuring EtherChannel
-
Understanding and Configuring UDLD
-
Configuring DHCP Snooping and IP Source Guard
-
Configuring Layer 3 Interfaces
-
Configuring Cisco Express Forwarding
-
Configuring Policy-Based Routing
-
Understanding and Configuring IP Multicast
-
Configuring Network Security with ACLs
-
Configuring Port Security
-
Configuring 802.1x Port-Based Authentication
-
Port Unicast and Multicast Flood Blocking
-
Configuring Port-Based Traffic Control
-
Understanding and Configuring QoS
-
Configuring NetFlow Statistics Collection
-
Configuring Dynamic ARP Inspection
-
Configuring SPAN
-
Environmental Monitoring and Power Management
-
Configuring Supervisor Engine Redundancy on the Catalyst 4507R
-
Configuring Voice Interfaces
-
Acronyms
-
Configuration Guide Index
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V -
Index
Numerics
802.10 SAID (default)8-4
802.1Q trunks12-6
802.1Q VLANs
encapsulation6-3
trunk restrictions6-5
802.1s
802.1w
802.1X
802.1x authentication
support for guest VLANs26-5
802.3ad
A
AAA
disabling26-8
enabling26-8
abbreviating commands2-5
access control entries
access ports, configuring6-8
access VLANs6-6
ACEs
ACLs24-2
Ethernet24-2
IP24-2
Layer 4 operation restrictions24-6
ACLs
ACEs24-2
applying on routed packets24-19
applying on switched packets24-19
compatibility on the same switch24-3
configuring with VLAN maps24-18
CPU impact24-8
IP
matching criteria for port ACLs24-4
MAC extended24-9
matching criteria for router ACLs24-3
port
and voice VLAN24-4
defined24-2
limitations24-4
processing24-8
types supported24-2
acronyms, list ofA-1
active queue management29-13
addresses
adjacency tables
description21-2
displaying statistics21-10
advertisements, VTP
alarms
major33-2
minor33-2
audiencexix
authentication
See also port-based authentication
authentication server
defined26-2
RADIUS server26-2
authorized and unauthorized ports26-4
authorized ports with 802.1X26-4
automatic QoS
Auto-QoS
configuring29-15
B
BackboneFast
adding a switch (figure)13-2
and MST14-2
configuring13-15
link failure (figure)13-7, 13-8
not supported MST14-2
understanding13-6
BGP1-8
blocking packets27-1
blocking state (STP)
RSTP comparisons (table)14-4
boot bootldr command3-18
boot command3-15
boot fields
See configuration register boot fields
boot system flash command3-15
Border Gateway Protocol
boundary ports
description14-6
BPDU Guard
and MST14-2
configuring13-12
overview13-4
BPDUs
and media speed12-2
pseudobridges and14-5
what they contain12-3
bridge ID
bridge priority (STP)12-16
bridge protocol data units
broadcast storm control
disabling28-4
BSR
configuration example23-21
burst rate29-39
burst size29-26
C
cautions for passwords
encrypting3-9
TACACS+3-9
CDP
and trusted boundary29-24
configuration16-1
displaying configuration16-3
enabling on interfaces16-2
maintaining16-3
monitoring16-3
cdp enable command16-2
CEF
adjacency tables21-2
configuring load balancing21-7
disabling per-destination load balancing21-7
display statistics21-9
enabling21-7
hardware switching21-4
load balancing21-6
overview21-1
software switching21-4
CGMP
overview15-1
channel-group group command17-7, 17-9
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IP Phones
configuring35-2
sound quality35-1
CIST
description14-2
class-map command29-28
class of service
clear cdp counters command16-3
clear cdp table command16-3
clear counters command4-13
clearing
IP multicast table entries23-20
clear ip flow stats command30-6
CLI
accessing2-1
backing out one level2-5
getting commands2-5
history substitution2-3
modes2-5
monitoring environments32-1
ROM monitor2-6
software basics2-4
clients
in 802.1x authentication26-2
command-line processing2-3
command modes2-5
commands
listing2-5
command switches
in VMPS9-1
common and internal spanning tree
common spanning tree
community ports
description10-1
community VLANs
description10-2
config-register command3-16
config terminal command3-2
configuration
802.1X with Guest-VLAN26-10
configuration example, SPAN enhancement32-9
configuration files
saving3-3
configuration guidelines
for VMPS9-3
configuration register
configuring3-13
settings at startup3-14
configuration register boot fields
listing value3-16
modifying3-15
configure terminal command3-15, 4-2
configuring
inline power33-16
console configuration mode2-5
console port
disconnecting user sessions5-5
monitoring user sessions5-4
copy running-config startup-config command3-3
copy system:running-config nvram:startup-config command3-18
CoS
configuring port value29-36
definition29-3
figure29-2
overriding on Cisco IP Phones35-3
priority35-3
CoS-to-DSCP maps29-40
counters
clearing MFIB23-20
clearing on interfaces4-13
CPU port sniffing, SPAN enhancement32-7
CST
description14-5
IST and14-2
MST and14-2
D
default configuration
802.1X26-7
auto-QoS29-15
IGMP filtering15-12
default gateway
configuring3-4
verifying configuration3-5
default ports
802.1x authentication not supported on26-8
description command4-8
detecting unidirectional links18-1
DHCP snooping
configuration guidelines19-3
configuring19-3
default configuration19-3
displaying binding tables19-9
displaying configuration19-10
enabling19-4
enabling on private VLAN19-5
enabling the database agent19-5
overview19-1
Snooping database agent19-2
DHCP Snooping Database Agent
adding to the database (example)19-9
enabling (example)19-6
overview19-2
reading from a TFTP file (example)19-7
Differentiated Services Code Point values
DiffServ architecture, QoS29-2
disabled state
RSTP comparisons (table)14-4
disabling
broadcast storm control28-4
disconnect command5-5
documentation
organizationxix
relatedxxi
DSCP maps29-40
DSCP-to-CoS maps
configuring29-42
DSCP values
configuring maps29-40
configuring port value29-37
definition29-3
IP precedence29-2
mapping markdown29-22
mapping to transmit queues29-38
DTP
VLAN trunks and6-3
duplex command4-7
duplex mode
configuring interface4-6
Dynamic Host Configuration Protocol snooping
dynamic port VLAN membership
configuring9-5
example9-9
overview9-2
reconfirming9-7
troubleshooting9-8
Dynamic Trunking Protocol
E
EAP
request/identity frame26-3
response/identity frame26-3
EAP frames
changing retransmission time26-13
exchanging (figure)26-3
setting retransmission number26-14
EAPOL frames
802.1x authentication and26-2
OTP authentication, example (figure)26-3
EAPOL-start frame26-3
edge ports
description14-7
EGP
overview1-8
EIGRP
overview1-7
enable mode2-5
encapsulation configuration, SPAN enhancements32-7
encapsulation types6-3
Enhanced Interior Gateway Routing Protocol
environmental monitoring
LED indications33-2
SNMP traps33-2
supervisor engine33-2
switching modules33-2
using CLI commands33-1
EtherChannel
channel-group group command17-7, 17-9
configuration guidelines17-5
configuring Layer 217-9
configuring Layer 317-6
interface port-channel command17-7
lacp system-priority
command example17-12
modes17-3
overview17-1
PAgP
Understanding17-3
physical interface configuration17-7
port-channel interfaces17-2
port-channel load-balance
command17-11
port-channel load-balance command17-12
removing17-13
removing interfaces17-13
EtherChannel ports
802.1x authentication not supported in26-8
extended range VLANs
Extensible Authentication Protocol over LAN26-1
Exterior Gateway Protocol
F
FastDrop
clearing entries23-20
displaying entries23-19
overview23-10
fast-leave processing
enabling15-6
FIB
description21-2
filtering
in a VLAN24-10
non-IP traffic24-9
flags23-11
Flash memory
configuring router to boot from3-18
loading system images from3-17
security precautions3-17
flooded traffic, blocking27-2
forward-delay time (STP)
configuring12-18
forwarding information base
G
gateway
global configuration mode2-5
H
hardware switching21-5
hello time (STP)
configuring12-17
history
CLI2-3
hop counts
configuring MST bridges14-7
hosts, limit on dynamic port9-8
Hot Standby Routing Protocol
HSRP
description1-6
I
ICMP
enabling5-10
ping5-5
running IP traceroute5-7
time exceeded messages5-7
IEEE 802.1s
IEEE 802.1w
IEEE 802.3ad
IGMP
description23-3
enabling23-13
immediate-leave processing15-2
overview15-1
IGMP filtering
configuring15-12
default configuration15-12
described15-12
monitoring15-16
IGMP groups, setting the maximum number15-14
IGMP profile
applying15-13
configuration mode15-12
configuring15-13
IGMP snooping
configuration guidelines15-3
enabling15-4
IP multicast and23-4
monitoring15-10
overview15-1
IGRP
description1-7
ingress packets, SPAN enhancement32-7
inline power
configuring on Cisco IP phones35-4
interface port-channel command17-6, 17-7
interface range command4-4
interface range macro command4-5
interfaces
adding descriptive name4-8
clearing counters4-13
configuring4-2
configuring ranges4-4
displaying information about4-12
Layer 2 modes6-4
maintaining4-12
monitoring4-12
naming4-8
numbers4-2
overview4-1
restarting4-13
Interior Gateway Routing Protocol
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link encapsulation
IP
configuring default gateway3-4
configuring static routes3-5
displaying statistics21-8
flow switching cache30-6
ip cef command21-7
ip flow-aggregation cache destination-prefix command30-8
ip flow-aggregation cache prefix command30-8
ip flow-aggregation cache source-prefix command30-8
ip flow-export command30-6
ip icmp rate-limit unreachable command5-11
ip igmp profile command15-12
ip igmp snooping tcn flood command15-9
ip igmp snooping tcn flood query count command15-9
ip igmp snooping tcn query solicit command15-10
ip load-sharing per-destination command21-7, 21-8
ip local policy route-map command22-4
ip mask-reply command5-12
IP multicast
clearing table entries23-20
configuring23-12
default configuration23-13
displaying PIM information23-15
displaying the routing table information23-16
enabling23-13
enabling dense-mode PIM23-14
enabling sparse-mode23-14
features not supported23-12
hardware forwarding23-8
monitoring23-15
overview23-1
routing protocols23-2
software forwarding23-8
See also Auto-RP; IGMP; PIM; RP; RPF
ip multicast-routing command23-13
IP Phones
configuring voice ports35-2
See Cisco IP Phones35-1
IP phones
automatic classification and queueing29-15
trusted boundary for QoS29-23
ip pim command23-14
ip pim dense-mode command23-14
ip pim sparse-dense-mode command23-15
ip policy route-map command22-3
ip redirects command5-11
ip route-cache flow command30-5
IP routing tables
deleting entries23-20
IP Source Guard
configuring19-11
configuring on private VLANs19-12
overview19-10
IP statistics
displaying21-9
IP traceroute
executing5-7
overview5-7
IP unicast
displaying statistics21-9
ip unreachables command5-10
IPX
redistribution of route information with EIGRP1-7
ISL encapsulation6-3
isolated ports
description10-1
isolated VLANs
description10-2
IST
description14-2
MST regions and14-2
IST master
description14-7
J
jumbo frames
and ethernet ports4-10
configuring MTU sizes for4-11
ports and linecards that support4-9
understanding4-9
VLAN interfaces4-10
K
keyboard shortcuts2-3
L
labels
definition29-3
LACP
system ID17-4
Layer 2
show interfaces4-11
Layer 2 access ports6-8
Layer 2 frames, classification with CoS29-2
Layer 2 interfaces
assigning VLANs8-8
configuring6-5
configuring as PVLAN host ports10-8
configuring as PVLAN promiscuous ports10-7
configuring as PVLAN trunk ports10-9
defaults6-5
disabling configuration6-9
modes6-4
show interfaces command6-7
Layer 2 interface type
resetting10-11
setting10-11
Layer 2 switching
overview6-1
Layer 2 Traceroute
and ARP5-9
and CDP5-8
described5-8
host-to-host paths5-8
IP addresses and subnets5-9
MAC addresses and VLANs5-9
multicast traffic5-9
multiple devices on a port5-9
usage guidelines5-8
Layer 2 trunks
configuring6-6
overview6-3
Layer 3 packets, classification methods29-2
Layer 4 port operations
configuration guidelines24-6
restrictions24-6
leave processing, IGMP
LEDs
description (table)33-2
limit of hosts on dynamic ports9-8
listening state (STP)
RSTP comparisons (table)14-4
load balancing
configuring for CEF21-7
configuring for EtherChannel17-12
per-destination21-7
login timer
changing5-4
logoutwarning command5-4
loop guard
and MST14-2
configuring13-9
overview13-2
M
MAC addresses
allocating12-5
building tables6-2
displaying5-3
displaying in DHCP snooping binding table19-10
in ACLs24-9
MAC extended access lists24-9
mapping
DSCP markdown values29-22
DSCP values to transmit queues29-38
mapping tables
configuring DSCP29-40
described29-12
mask destination command30-8
mask source command30-8
match ip address command22-3
maximum aging time (STP)
configuring12-18
member switches
in VMPS9-1
MFIB
CEF and23-5
displaying23-18
overview23-11
modules
checking status5-1
monitoring
ACL information24-26
IGMP filters15-16
IGMP snooping15-10
VLAN
maps24-17
VLAN filters24-17
M-record14-2
MST
and multiple spanning trees1-3, 14-2
boundary ports14-6
BPDUs14-2
configuration14-5
configuring14-9
displaying configurations14-13
edge ports14-7
enabling14-9
hop count14-7
instances14-5
interoperability14-4
interoperability with PVST+14-2
link type14-7
master14-7
message age14-7
restrictions14-8
MST instances
configuring parameters14-11
description14-2
number supported14-5
MSTP
M-record14-2
M-tree14-2
M-tree14-2
MTU size (default)8-4
multicast
multicast packets
blocking27-2
multicast routers
displaying routing tables23-16
flood suppression15-7
specifying port for15-7
Multicast Storm Control, enabling28-6
multiple forwarding paths1-3, 14-2
Multiple Spanning Tree
N
native VLAN
specifying6-6
NetFlow
destination-prefix aggregation
configuration (example)30-12
minimum mask, configuring30-8
IP
flow switching cache30-6
prefix aggregation
configuration (example)30-10
minimum mask, configuring30-8
source-prefix aggregation
minimum mask, configuring30-8
switching
configuration (example)30-9
configuring30-5
exporting cache entries30-5
statistics30-6
NetFlow aggregation
minimum mask
default value30-7
NetFlow statistics
caveats on supervisor30-4
configuring collection30-4
implementing collection30-4
overview of collection30-1
network fault tolerance1-3, 14-2
network management
configuring16-1
Next Hop Resolution Protocol
NFFC/NFFC II
IGMP snooping and15-3
NHRP
support1-7
non-IP traffic filtering24-9
non-RPF traffic
description23-9
in redundant configurations (figure)23-10
nonvolatile random-access memory
normal-range VLANs
NVRAM
saving settings3-3
O
OIR
overview4-12
online insertion and removal
Open Shortest Path First
operating system images
OSPF
area concept1-7
description1-6
overview of NetFlow statistics collection30-1
P
packets
modifying29-14
packet type filtering, SPAN enhancement32-8
PAgP
understanding17-3
passwords
configuring enable password3-7
configuring enable secret password3-7
encrypting3-9
recovering lost enable password3-12
setting line password3-8
setting TACACS+3-8
PBR (policy-based routing)
configuration (example)22-4
enabling22-2
features22-1
overview22-1
route maps22-2
when to use22-2
Per-VLAN Rapid Spanning Tree12-6
enabling12-20
PIM
configuring dense mode23-14
configuring sparse mode23-14
displaying information23-15
displaying statistics23-20
enabling sparse-dense mode23-14, 23-15
overview23-3
PIM-DM23-3
PIM-SM23-3
ping
executing5-6
overview5-5
point-to-point
in 802.1x authentication (figure)26-2
police command29-31
policed-DSCP map29-41
policers
description29-5
number of29-10
types of29-9
policies
policing
policy-map command29-28, 29-30
policy maps
attaching to interfaces29-33
configuring29-29
port ACLs
and voice VLAN24-4
defined24-2
limitations24-4
Port Aggregation Protocol
port-based authentication
client, defined26-2
configuration guidelines26-8
configuring
quiet period26-12
configuring Guest-VLAN26-10
configuring manual re-authentication of a client26-12
controlling authorization state26-4
default configuration26-7
described26-1
device roles26-2
disabling26-9
displaying statistics26-16
enabling26-8
enabling multiple hosts26-15
enabling periodic re-authentication26-11
encapsulation26-2
initiation and message exchange26-3
method lists26-8
ports not supported26-4
resetting to default values26-15
setting retransmission number26-14
setting retransmission time26-13
switch as proxy26-2
switch as RADIUS client26-2
topologies, supported26-6
with VLAN assignment26-4
port-based QoS features
port-channel interfaces
creating17-6
overview17-2
port-channel load-balance
command17-11
command example17-12
port-channel load-balance command17-12
port cost (STP)
configuring12-15
PortFast
and MST14-2
BPDU filter
configuring13-12
configuring or enabling13-11
overview13-3
PortFast BPDU filtering
overview13-4
Portfast BPDU filtering
and MST14-2
enabling13-12
PortFast STP parameter9-3
port priority
configuring MST instances14-11
port priority (STP)12-13
ports
blocking27-1
checking status5-2
community10-1
dynamic VLAN membership
configuring9-5
example9-9
overview9-2
reconfirming9-7
forwarding, resuming27-3
isolated10-1
PVLAN types10-1
secure25-1
port security
aging25-5
and QoS trusted boundary29-23
configuring25-3
default configuration25-2
described25-1
displaying25-7
violations25-2
with other features25-3
port states
description12-5
port trust state
power dc input command33-10
power inline command33-17
power management
1+1 redundancy mode33-10
2+1 redundancy mode33-10
Catalyst 4006 switch33-10
Catalyst 4500 series33-3
Catalyst 4500 Series power supplies33-8
combined mode33-4
configuring combined mode33-7
configuring redundant mode33-6
overview33-1
redundancy33-10
redundant mode33-4
power redundancy
setting on Catalyst 400633-13
power redundancy-mode comand33-7
power supplies
fixed33-3
variable33-3
power supplies required command33-13
primary VLANs
associating with secondary VLANs10-6
description10-1
priority
overriding35-3
privileged EXEC mode2-5
privileges
changing default3-10
configuring levels3-10
exiting3-11
logging in3-11
promiscuous ports
configuring PVLAN10-7
description10-1
setting mode10-11
protocol timers12-4
pruning, VTP
pseudobridges
description14-5
PVLANs
802.1q support10-3
configuration guidelines10-4
configuring10-4
configuring promiscuous ports10-7
host ports
setting10-11
isolated VLANs10-2
overview10-1
permitting routing, example10-10
promiscuous mode
setting10-11
setting
interface mode10-11
Q
QoS
allocating bandwidth29-39
auto-QoS
configuration and defaults display29-18
configuration guidelines29-16
described29-15
displaying29-18
effects on NVRAM configuration29-16
enabling for VoIP29-17
basic model29-5
burst size29-26
configuration guidelines29-22
auto-QoS29-16
configuring
auto-QoS29-15
trusted boundary29-23
configuring DSCP maps29-40
configuring traffic shaping29-39
configuring VLAN-based29-34
creating policing rules29-27
default auto configuration29-15
default configuration29-21
definitions29-3
disabling on interfaces29-33
enabling on interfaces29-33
IP phones
automatic classification and queueing29-15
detection and trusted settings29-15, 29-23
overview29-1
packet modification29-14
port-based29-34
priority29-14
traffic shaping29-14
transmit rate29-39
trust states
trusted device29-23
VLAN-based29-34
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length29-13
QoS labels
definition29-3
QoS mapping tables
CoS-to-DSCP29-40
DSCP-to-CoS29-42
policed-DSCP29-41
types29-12
QoS marking
description29-4
QoS policers
burst size29-26
numbers of29-10
types of29-9
QoS policies
attaching to interfaces29-10
overview29-27
QoS policing
definition29-4
QoS transmit queues
allocating bandwidth29-39
burst29-14
configuring29-37
configuring traffic shaping29-39
mapping DHCP values to29-38
maximum rate29-14
overview29-13
sharing link bandwidth29-13
Quality of service