-
Catalyst 4500 Series Switch SW Configuration Guide, Release IOS-XE 3.2.0SG
-
Index file
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch for the First Time
-
Administering the Switch
-
Configuring Supervisor Engine Redundancy Using RPR and SSO
-
Configuring the Cisco IOS XE In Service Software Upgrade Process
-
Configuring Interfaces
-
Checking Port Status and Connectivity
-
Configuring Cisco NSF with SSO Supervisor Engine Redundancy
-
Environmental Monitoring and Power Management
-
Configuring Power over Ethernet
-
netasist.fm
-
Configuring VLANs, VTP, and VMPS
-
Configuring IP Unnumbered Interface
-
Configuring Layer 2 Ethernet Interfaces
-
Configuring SmartPort Macros
-
Configuring STP and MST
-
Configuring Optional STP Features
-
Configuring EtherChannel
-
Configuring CDP
-
Configuring IGMP Snooping and Filtering
-
Configuring IPv6 MLD Snooping
-
Configuring LLDP, and LLDP-MED
-
Configuring UDLD
-
Configuring Unidirectional Ethernet
-
Configuring Layer 3 Interfaces
-
Configuring Cisco Express Forwarding
-
Configuring Unicast Reverse Path Forwarding
-
Configuring IP Multicast
-
Configuring Policy-Based Routing
-
Configuring VRF-lite
-
Configuring Flexible NetFlow
-
Configuring Quality of Service
-
Configuring Voice Interfaces
-
Configuring Private VLANs
-
Configuring 802.1X Port-Based Authentication
-
Configuring Web-based Authentication
-
Configuring Port Security
-
Configuring Control Plane Policing
-
Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
-
Configuring Dynamic ARP Inspection
-
Configuring Network Security with ACLs
-
Support for IPv6
-
Port Unicast and Multicast Flood Blocking
-
Configuring CFM
-
Configuring Y.1731 (AIS and BDI)
-
Configuring Cisco IOS IP SLAs Operations
-
Configuring Storm Control
-
Configuring SPAN and RSPAN
-
Configuring System Message Logging
-
Configuring OBFL
-
Configuring SNMP
-
Configuring RMON
-
Configuring Call Home
-
Performing Diagnostics
-
ROM Monitor
-
Configuring MIB Support
-
Acronyms
-
Feedback
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - Y -
Index
ACLs
applying IPv6 ACLs to a Layer 3 interface 42-16, 42-17
Numerics
10/100 autonegotiation feature, forced 7-13
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 7-7
10-Gigabit Ethernet port
deploy with Gigabit Ethernet SFP ports 7-7
1400 W DC Power supply
special considerations 11-16
1400 W DC SP Triple Input power supply
special considerations 11-17
802.10 SAID (default) 13-5
802.1Q
trunks 17-6
802.1Q VLANs
encapsulation 15-3
trunk restrictions 15-5
802.1s
802.1w
802.1X
802.1X authentication
for Critical Authentication 36-13
for guest VLANs 36-10
for MAC Authentication Bypass 36-11
for Wake-on-LAN 36-14
web-based authentication 36-13
with port security 36-17
with VLAN assignment 36-9
with voice VLAN ports 36-20
802.1X Host Mode 36-6
multiauthentication mode 36-8
multidomain authentication mode 36-7
single-host 36-7
802.3ad
A
AAA 39-1
AAA (authentication, authorization, and accounting). See also port-based authentication. 37-1
abbreviating commands 2-5
access control entries
access control entries and lists 39-1
access-group mode, configuring on Layer 2 interface 42-31
access-group mode, using PACL with 42-30
access list filtering, SPAN enhancement 49-13
access ports
configure port security 38-7, 38-22
configuring 15-8
access VLANs 15-6
accounting
ACEs
ACLs 42-2
IP 42-2
Layer 4 operation restrictions 42-9
ACEs and ACLs 39-1
ACL assignments, port-based authentication 36-18
ACL assignments and redirect URLs, configure 36-33
ACLs
ACEs 42-2
and SPAN 49-5
and TCAM programming for Sup II-Plus thru V-10GE 42-6
applying on routed packets 42-27
applying on switched packets 42-26
compatibility on the same switch 42-3
configuring with VLAN maps 42-25
CPU impact 42-11
downloadable 37-7
hardware and software support 42-5
IP, matching criteria for port ACLs 42-4
MAC extended 42-13
matching criteria for router ACLs 42-3
port
and voice VLAN 42-4
defined 42-3
limitations 42-5
processing 42-11
selecting mode of capturing control packets 42-7
troubleshooting high CPU 42-6
types supported 42-3
understanding 42-2
VLAN maps 42-5
ACLs and VLAN maps, examples 42-20
acronyms, list of A-1
action drivers, marking 33-20
active queue management 33-9
active queue management via DBL, QoS on Sup 6-E 33-33
active traffic monitoring, IP SLAs 47-1
adding members to a community 12-8
addresses
displaying the MAC address table 4-32
dynamic
changing the aging time 4-23
defined 4-21
learning 4-21
removing 4-24
IPv6 43-2
MAC, discovering 4-32
static
adding and removing 4-29
defined 4-21
address resolution 4-32
adjacency tables
description 27-2
displaying statistics 27-9
advertisements
advertisements, VTP
aggregation switch, enabling DHCP snooping 40-9
aging time
MAC address table 4-23
All Auth manager sessions, displaying summary 36-69
All Auth manager sessions on the switch authorized for a specified authentication method 36-69
applying IPv6 ACLs to a Layer 3 interface 42-16, 42-17
AQM via DBL, QoS on Sup 6-E 33-33
ARP
defined 4-32
table
address resolution 4-32
managing 4-32
authentication
NTP associations 4-4
See also port-based authentication
TACACS+
defined 3-16
key 3-18
login 3-19
Authentication, Authorization, and Accounting (AAA) 39-1
Authentication Failed VLAN assignment
configure with 802.1X 36-54
Authentication methods registered with the Auth manager, determining 36-69
authentication open comand 36-8
authentication proxy web pages 37-4
authentication server
defined 36-3
RADIUS server 36-3
Auth manager session for an interface, verifying 36-70
Auth manager summary, displaying 36-69
authoritative time source, described 4-2
authorization
authorized and unauthorized ports 36-4
authorized ports with 802.1X 36-4
autoconfiguration 3-2
automatic discovery
considerations 12-7
Auto-MDIX on a port
configuring 7-23
displaying the configuration 7-24
overview 7-22
autonegotiation feature
forced 10/100Mbps 7-13
auto-sync command 5-8
B
Baby Giants
interacting with 7-21
BackboneFast
adding a switch (figure) 18-4
and MST 17-23
configuring 18-16
link failure (figure) 18-14, 18-15
not supported MST 17-23
understanding 18-14
banners
configuring
login 4-20
message-of-the-day login 4-18
default configuration 4-18
when displayed 4-17
b command 53-3
BGP 1-11
routing session with multi-VRF CE 31-11
blocking packets 44-1
blocking state (STP)
RSTP comparisons (table) 17-24
boot bootldr command 3-31
boot command 3-28
boot commands 53-3
boot fields
See configuration register boot fields
boot system command 3-26, 3-31
boot system flash command 3-28
Border Gateway Protocol
boundary ports
description 17-27
BPDU Guard
and MST 17-23
configuring 18-16
overview 18-8
BPDUs
and media speed 17-2
pseudobridges and 17-25
what they contain 17-3
bridge ID
bridge priority (STP) 17-16
bridge protocol data units
Broadcast Storm Control
disabling 48-5
enabling 48-3
C
Call Home
message format options 53-2
messages
format options 53-2
call home 53-1
alert groups 53-6
configuring e-mail options 53-9
contact information 53-4
default settings 53-19
destination profiles 53-5
displaying information 53-14
mail-server priority 53-10
pattern matching 53-9
periodic notification 53-8
rate limit messages 53-9
severity threshold 53-8
smart call home feature 53-2
SMTP server 53-9
testing communications 53-11
call home alert groups
configuring 53-6
description 53-6
subscribing 53-7
call home contacts
assigning information 53-4
call home destination profiles
attributes 53-5
configuring 53-5
description 53-5
displaying 53-17
call home notifications
full-txt format for syslog 53-26
XML format for syslog 53-35
candidates
automatic discovery 12-7
candidate switch, cluster
defined 12-12
requirements 12-12
Capturing control packets
selecting mode 42-7
cautions
Unicast RPF
BGP optional attributes 28-5
cautions for passwords
encrypting 3-22
CDP
automatic discovery in communities 12-7
configuration 20-2
defined with LLDP 23-1
displaying configuration 20-3
enabling on interfaces 20-3
host presence detection 36-8
maintaining 20-3
monitoring 20-3
cdp enable command 20-3
CEF
adjacency tables 27-2
and NSF with SSO 9-4
configuring load balancing 27-7
displaying statistics 27-8
hardware switching 27-4
load balancing 27-6
overview 27-2
software switching 27-4
certificate authority (CA) 53-3
CFM
clearing 45-30
configuration guidelines 45-7, 46-4
configuring crosscheck for VLANs 45-11
configuring fault alarms 45-16
configuring port MEP 45-14
configuring static remote MEP 45-12, 45-13, 45-16, 45-17
crosscheck 45-5
defined 45-2
EtherChannel support 45-7, 46-4
fault alarms
configuring 45-16
IP SLAs support for 45-6
IP SLAs with endpoint discovers 45-21
maintenance domain 45-2
manually configuring IP SLAs ping or jitter 45-18
measuring network performance 45-6
port MEP, configuring 45-14
remote MEPs 45-5
static RMEP, configuring 45-12, 45-13, 45-16, 45-17
static RMEP check 45-5
Y.1731
described 45-26
CGMP
overview 21-1
channel-group group command 19-8, 19-10
Cisco 7600 series Internet router
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IOS IP SLAs 47-2
Cisco IOS NSF-aware
support 9-2
Cisco IOS NSF-capable support 9-2
Cisco IP Phones
configuring 34-3
sound quality 34-1
CiscoWorks 2000 51-4
CIST
description 17-22
civic location 23-3
class level, configure in a service policy 33-30
class of service
clear cdp counters command 20-4
clear cdp table command 20-3
clear counters command 7-26
clearing
Ethernet CFM 45-30
IP multicast table entries 29-26
clear ip eigrp neighbors command 26-18
CLI
accessing 2-2
backing out one level 2-5
getting commands 2-5
history substitution 2-4
managing clusters 12-12
modes 2-5
monitoring environments 49-1
ROM monitor 2-7
software basics 2-4
clients
in 802.1X authentication 36-3
clock
clustering switches
command switch characteristics 12-11, 12-12
and VTY 12-11
convert to a community 12-9
managing
through CLI 12-12
overview 12-11
planning considerations
CLI 12-12
passwords 12-8
command-line processing 2-3
command modes 2-5
commands
b 53-3
boot 53-3
dev 53-3
dir device 53-3
i 53-3
listing 2-5
reset 53-3
ROM monitor53-2to ??
SNMP 56-4
command switch, cluster
requirements 12-11
common and internal spanning tree
common spanning tree
community of switches
access modes in Network Assistant 12-8
adding devices 12-8
candidate characterisitcs 12-6
communication protocols 12-8
community name 12-7
configuration information 12-8
converting from a cluster 12-9
host name 12-7
passwords 12-8
community ports 35-3
community strings
configuring 51-7
overview 51-4
and SPAN features 35-13
configure as a PVLAN 35-15
compiling MIBs 56-4
config-register command 3-29
config terminal command 3-9
configurable leave timer,IGMP 21-4
configuration examples
SNMP 51-16
configuration files
limiting TFTP server access 51-15
obtaining with DHCP 3-6
saving 3-10
system contact and location information 51-15
configuration guidelines
SNMP 51-6
configuration register
boot fields
listing value 3-29
modifying 3-28
changing from ROM monitor 53-3
configuring 3-26
settings at startup 3-27
configure class-level queue-limit in a service policy 33-30
configure terminal command 3-29, 7-2
configuring access-group mode on Layer 2 interface 42-31
configuring flow control 7-15
configuring interface link and trunk status envents 7-27
configuring named IPv6 ACLs 42-15
configuring named MAC extended ACLs 42-13, 42-14
configuring unicast MAC address filtering 42-13
configuring VLAN maps 42-18
Connectivity Fault Management
console configuration mode 2-5
console port
disconnecting user sessions 8-7
monitoring user sessions 8-6
contact information
assigning for call home 53-4
control plane policing
control protocol, IP SLAs 47-4
CoPP
applying QoS service policy to control plane 39-3
configuring
ACLs to match traffic 39-3
enabling MLS QoS 39-3
packet classification criteria 39-3
service-policy map 39-3
control plane configuration mode
entering 39-3
displaying
dynamic information 39-7
number of conforming bytes and packets 39-7
rate information 39-7
entering control plane configuration mode 39-3
monitoring statistics 39-7
overview 39-2
copy running-config startup-config command 3-10
copy system:running-config nvram:startup-config command 3-31
CoS
definition 33-3
figure 33-2
overriding on Cisco IP Phones 34-5
priority 34-5
counters
clearing MFIB 29-26
clearing on interfaces 7-26
CPU, impact of ACL processing 42-11
CPU port sniffing 49-10
crashinfo
kernel file 3-34
process core dump file 3-34
process file 3-33
crashinfo, configuring
commands 3-35
default 3-35
determining the process that crashed 3-39
enabling generation of process core dump 3-38
saving files to a secondary device 3-39
show commands 3-36
Critical Authentication
configure with 802.1X 36-51
CST
description 17-25
IST and 17-22
MST and 17-22
customer edge devices 31-2
D
database agent
configuration examples 40-15
enabling the DHCP Snooping 40-12
daylight saving time 4-13
default configuration
802.1X 36-24
banners 4-18
DNS 4-16
IGMP filtering 21-20
IP SLAs 47-7
IPv6 43-7
LLDP 23-3
MAC address table 4-23
multi-VRF CE 31-3
NTP 4-4
private VLANs 35-12
resetting the interface 7-29
RMON 52-3
SNMP 51-5
SPAN and RSPAN 49-6
system message logging 50-3
TACACS+ 3-18
Y.1731 45-28
default gateway
configuring 3-11
verifying configuration 3-11
default settings, erase commad 3-32
default web-based authentication configuration
802.1X 37-6
denial-of-service attacks
IP address spoofing, mitigating 28-5
Unicast RPF, deploying 28-5
denying access to a server on another VLAN 42-24
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 7-7
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 7-7
description command 7-15
detecting unidirectional links 24-1
dev command 53-3
device discovery protocol 23-1
device IDs
DHCP
configuring
rate limit for incoming packets 40-13
denial-of-service attacks, preventing 40-13
rate limiting of packets
configuring 40-13
DHCP-based autoconfiguration
client request message exchange 3-3
configuring
client side 3-3
DNS 3-5
relay device 3-5
server-side 3-4
TFTP server 3-4
example 3-7
lease options
for IP address information 3-4
for receiving the configuration file 3-4
overview 3-2
relationship to BOOTP 3-3
DHCP option 82
overview 40-3
DHCP Snooping
enabling, and Option 82 40-10
DHCP snooping
accepting untrusted packets form edge switch 40-10
configuring 40-6
default configuration 40-7
displaying binding tables 40-18
displaying configuration 40-19
displaying information 40-18
enabling 40-7
enabling on private VLAN 40-11
enabling on the aggregation switch 40-9
enabling the database agent 40-12
message exchange process 40-4
monitoring 40-23
option 82 data insertion 40-3
overview 40-1
Snooping database agent 40-2
DHCP Snooping Database Agent
adding to the database (example) 40-18
enabling (example) 40-15
overview 40-2
reading from a TFTP file (example) 40-16
Diagnostics
online 54-1
troubleshooting 54-7
Power-On-Self-Test
causes of failure 54-18
how it works 54-9
overview 54-9
Power-On-Self-Test for Supervisor Engine V-10GE 54-12
Differentiated Services Code Point values
DiffServ architecture, QoS 33-2
Digital optical monitoring transceiver support 7-11
Digital Signing 53-6
dir device command 53-3
disabled state
RSTP comparisons (table) 17-24
disabling
broadcast storm control 48-5
disabling multicast storm control 48-6
disconnect command 8-7
discovery, clusters
display dection and removal events 10-7
displaying
Auth Manager sumary for an interface 36-69
MAB details 36-71
summary of all Auth manager sessions 36-69
summary of all Auth manager sessions on the switch authorized for a specified authentication method 36-69
displaying EtherChannel to a Virtual Switch System 19-16
displaying storm control 48-6
display PoE consumed by a module 10-8
display PoE detection and removal events 10-7
DNS
and DHCP-based autoconfiguration 3-5
default configuration 4-16
displaying the configuration 4-17
overview 4-15
setting up 4-16
domain names
DNS 4-15
Domain Name System
downloading MIBs 56-2, 56-3, 56-4
DSCP values
definition 33-4
IP precedence 33-2
DTP
VLAN trunks and 15-3
duplex command 7-14
duplex mode
configuring interface 7-12
dynamic ARP inspection
ARP cache poisoning 41-2
configuring
ACLs for non-DHCP environments 41-11
in DHCP environments 41-5
log buffer 41-14
rate limit for incoming ARP packets 41-16
denial-of-service attacks, preventing 41-16
interface trust state, security coverage 41-3
log buffer
configuring 41-14
logging of dropped packets 41-4
overview 41-1
port channels, their behavior 41-5
priority of static bindings 41-4
purpose of 41-2
rate limiting of ARP packets 41-4
configuring 41-16
validation checks, performing 41-19
Dynamic Host Configuration Protocol snooping
dynamic port VLAN membership
example 13-29
limit on hosts 13-29
reconfirming 13-26
troubleshooting 13-29
Dynamic Trunking Protocol
E
EAP frames
changing retransmission time 36-65
exchanging (figure) 36-4, 36-6, 36-12
request/identity 36-3
response/identity 36-3
setting retransmission number 36-66
EAPOL frames
802.1X authentication and 36-3
OTP authentication, example (figure) 36-4, 36-12
start 36-4
edge ports
description 17-27
EGP
overview 1-11
EIGRP
configuration examples 26-18
monitoring and maintaining 26-18
EIGRP (Enhanced IGRP)
stub routing
benefits 26-16
configuration tasks 26-17
configuring 26-13
overview 26-13
restrictions 26-17
verifying 26-17
EIGRP (enhanced IGRP)
overview 1-11
eigrp stub command 26-17
EIGRP stub routing, configuring 26-12
ELIN location 23-3
e-mail addresses
assigning for call home 53-4
e-mail notifications
Embedded CiscoView
displaying information 4-35
installing and configuring 4-33
overview 4-33
emergency alarms on Sup Engine 6-E systems 11-3
enable mode 2-5
encapsulation types 15-3
Enhanced Interior Gateway Routing Protocol
Enhanced PoE support on E-series 10-15
Enhanced PoE support on E-series,configuring Universal PoE 10-16
environmental monitoring
using CLI commands 11-1
EPM logging 36-72
errdisable recovery
configuring 10-14
EtherChannel
channel-group group command 19-8, 19-10
configuration guidelines 19-5
configuring Layer 2 19-10
configuring Layer 3 19-6
displaying to a virtual switch system 19-16
interface port-channel command 19-7
lacp system-priority
command example 19-13
modes 19-3
overview 19-1
PAgP
Understanding 19-3
physical interface configuration 19-7
port-channel interfaces 19-2
port-channel load-balance command 19-14
removing 19-15
removing interfaces 19-15
EtherChannel guard
disabling 18-7
enabling 18-6
overview 18-6
Ethernet Remote Defect Indication (ETH-RDI) 45-27
explicit host tracking
enabling 21-11
extended range VLANs
Extensible Authentication Protocol over LAN 36-2
Exterior Gateway Protocol
F
Fallback Authentication
configure with 802.1X 36-58
FastDrop
overview 29-10
FIB
description 27-2
Filter-ID ACL and Per-User ACL, configureport-based authentication
configure Per-User ACL and Filter-ID ACL 36-39
filtering
in a VLAN 42-18
flags 29-11
Flash memory
configuring router to boot from 3-31
loading system images from 3-30
security precautions 3-31
Flexible NetFlow
caveats 32-1
flooded traffic, blocking 44-2
flowchart, traffic marking procedure 33-20
flow control, configuring 7-15
For 10-13
forward-delay time (STP)
configuring 17-18
forwarding information base
G
gateway
get-bulk-request operation 51-3
get-next-request operation 51-3, 51-4
get-request operation 51-3, 51-4
get-response operation 51-3
Gigabit Ethernet SFP ports
deploy with 10-Gigabit Ethernet 7-7
global configuration mode 2-5
Guest-VLANs
configure with 802.1X 36-47, 36-56
H
hardware and software ACL support 42-5
hardware switching 27-5
hello time (STP)
configuring 17-17
high CPU due to ACLs, troubleshooting 42-6
history
CLI 2-4
history table, level and number of syslog messages 50-9
hop counts
configuring MST bridges 17-28
host
limit on dynamic port 13-29
host ports
kinds of 35-4
host presence CDP message 36-8
Hot Standby Routing Protocol
HSRP
description 1-9
http
//www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html 47-1, 47-4
//www.cisco.com/en/US/docs/ios/fnetflow/configuration/guide/12_4t/fnf_12_4t_book.html 32-1
//www.cisco.com/en/US/docs/ios/fundamentals/command reference/cf_book.html 50-1, 51-1, 52-1
hw-module module num power command 11-18
I
ICMP
enabling 8-12
ping 8-8
running IP traceroute 8-9
time exceeded messages 8-9
ICMP Echo operation
configuring 47-12
IP SLAs 47-11
i command 53-3
IDS
using with SPAN and RSPAN 49-3
IEEE 802.1ag 45-2
IEEE 802.1s
IEEE 802.1w
IEEE 802.3ad
IGMP
configurable-leave timer 21-4
description 29-3
enabling 29-13
explicit host tracking 21-4
immediate-leave processing 21-3
leave processing, enabling 22-8
overview 21-1
report suppression
disabling 22-10
IGMP filtering
configuring 21-21
default configuration 21-20
described 21-20
monitoring 21-24
IGMP groups
setting the maximum number 21-23
IGMP Immediate Leave
configuration guidelines 21-9
IGMP profile
applying 21-22
configuration mode 21-21
configuring 21-21
IGMP Snooping
configure
leave timer 21-9
configuring
Learning Methods 21-7
static connection to a multicast router 21-8
configuring host statically 21-11
enabling
explicit host tracking 21-11
suppressing multicast flooding 21-12
IGMP snooping
configuration guidelines 21-5
default configuration 22-5, 22-6
enabling
globally 21-6
on a VLAN 21-6
enabling and disabling 22-6
IP multicast and 29-4
overview 21-1
IGMP Snooping, displaying
group 21-16
hot membership 21-15
how to 21-15
MAC address entries 21-18
multicast router interfaces 21-17
on a VLAN interface 21-18
Querier information 21-19
IGMPSnooping Querier, configuring 21-10
Immediate Leave, IGMP
enabling 22-8
immediate-leave processing
enabling 21-8
IGMP
ingress packets, SPAN enhancement 49-12
inline power
configuring on Cisco IP phones 34-5
Intelligent Power Management 10-4
interacting with Baby Giants 7-21
interface
displaying operational status 10-6
interface link and trunk status events
configuring 7-27
interface port-channel command 19-7
interface range command 7-5
interface range macro command 7-6
interfaces
adding descriptive name 7-15
clearing counters 7-26
configuring 7-2
configuring ranges 7-4
displaying information about 7-25
Layer 2 modes 15-4
maintaining 7-25
monitoring 7-25
naming 7-15
numbers 7-2
overview 7-2
Internet Control Message Protocol
Internet Group Management Protocol
Internet Protocol version 6
Inter-Switch Link encapsulation
Intrusion Detection System
inventory management TLV 23-2, 23-7
IP
configuring default gateway 3-11
configuring static routes 3-11
displaying statistics 27-8
IP addresses
128-bit 43-2
cluster candidate or member 12-12
cluster command switch 12-11
discovering 4-32
IPv6 43-2
IP Enhanced IGRP
interfaces, displaying 26-18
ip icmp rate-limit unreachable command 8-13
ip igmp profile command 21-21
ip igmp snooping tcn flood command 21-13
ip igmp snooping tcn flood query count command 21-14
ip igmp snooping tcn query solicit command 21-14
IP information
assigned
through DHCP-based autoconfiguration 3-2
ip load-sharing per-destination command 27-7
ip local policy route-map command 30-8
ip mask-reply command 8-14
IP MTU sizes, configuring 26-8
IP MTU sizes,configuring 26-8
IP multicast
clearing table entries 29-26
configuring 29-12
default configuration 29-12
displaying PIM information 29-21
displaying the routing table information 29-22
enabling dense-mode PIM 29-14
enabling sparse-mode 29-14
features not supported 29-12
hardware forwarding 29-8
overview 29-1
routing protocols 29-2
software forwarding 29-8
See also Auto-RP; IGMP; PIM; RP; RPF
IP multicast routing
enabling 29-13
monitoring and maintaining 29-21
ip multicast-routing command 29-13
IP phones
configuring voice ports 34-3
See Cisco IP Phones 34-1
ip pim command 29-14
ip pim dense-mode command 29-14
ip pim sparse-dense-mode command 29-15
ip policy route-map command 30-7
ip redirects command 8-13
IP routing tables
deleting entries 29-26
IP Service Level Agreements
IP service levels, analyzing 47-1
IP SLAs
benefits 47-3
CFM endpoint discovery 45-21
Control Protocol 47-4
default configuration 47-7
definition 47-1
ICMP echo operation 47-11
manually configuring CFM ping or jitter 45-18
measuring network performance 47-3
monitoring 47-13
multioperations scheduling 47-6
operation 47-4
responder
described 47-4
enabling 47-8
response time 47-5
scheduling 47-6
SNMP support 47-3
supported metrics 47-3
threshold monitoring 47-6
UDP jitter operation 47-9
IP Source Guard
configuring 40-20
configuring on private VLANs 40-21
overview 40-19
IP statistics
displaying 27-8
IP traceroute
executing 8-9
overview 8-9
IP unicast
displaying statistics 27-8
IP Unnumbered support
configuring on a range of Ethernet VLANs 14-6
configuring on LAN and VLAN interfaces 14-5
configuring with connected host polling 14-7
DHCP Option 82 14-3
displaying settings 14-8
format of agent remote ID suboptions 14-3
troubleshooting 14-9
with conected host polling 14-4
with DHCP server and Relay agent 14-2
ip unreachables command 8-12
IPv6
addresses 43-2
default configuration 43-7
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 43-6
Router ID 43-6
OSPF 43-5
IPX
redistribution of route information with EIGRP 1-11
ISL
encapsulation 15-3
isolated port 35-4
isolated VLANs 35-2, 35-3, 35-4
ISSU
compatibility matrix 6-13
compatiblity verification using Cisco Feature Navigator 6-14
NSF overview 6-3
perform the process
aborting a software upgrade 6-31
configuring the rollback timer as a safeguard 6-32
displaying a compatibility matrix 6-34
loading the new software on the new standby 6-24
stopping the rollback timer 6-23
switching to the standby 6-21
verify the ISSU state 6-17
verify the redundancy mode 6-16
verify the software installation 6-15
vload the new software on standby 6-18
prerequisites 6-2
process overview 6-6
restrictions 6-2
SNMP support 6-14
SSO overview 6-3
IST
and MST regions 17-22
description 17-22
master 17-27
ITU-T Y.1731
J
jumbo frames
and ethernet ports 7-19
configuring MTU sizes for 7-20
ports and linecards that support 7-18
understanding MTUs 7-19
understanding support 7-18
VLAN interfaces 7-20
K
keyboard shortcuts 2-3
L
labels, definition 33-3
LACP
system ID 19-4
Layer 2 access ports 15-8
Layer 2 frames
classification with CoS 33-2
Layer 2 interface, configuring access-mode mode on 42-31
Layer 2 interfaces
assigning VLANs 13-7
configuring 15-5
configuring as PVLAN host ports 35-18
configuring as PVLAN promiscuous ports 35-17
configuring as PVLAN trunk ports 35-19
defaults 15-5
disabling configuration 15-9
modes 15-4
show interfaces command 15-7
Layer 2 interface type
resetting 35-23
setting 35-23
Layer 2 switching
overview 15-1
Layer 2 Traceroute
and ARP 8-11
and CDP 8-10
host-to-host paths 8-10
IP addresses and subnets 8-11
MAC addresses and VLANs 8-10
multicast traffic 8-10
multiple devices on a port 8-11
usage guidelines 8-10
Layer 2 trunks
configuring 15-6
overview 15-3
Layer 3 interface, applying IPv6 ACLs 42-16, 42-17
Layer 3 interface counters,configuring 26-10
Layer 3 interface counters,understanding 26-3
Layer 3 interfaces
changing from Layer 2 mode 31-7
configuration guidelines 26-5
overview 26-1
logical 26-2
physical 26-2
VLANs as interfaces 26-7
Layer 3 packets
classification methods 33-2
Layer 4 port operations
configuration guidelines 42-10
restrictions 42-9
Leave timer, enabling 21-9
link and trunk status events
configuring interface 7-27
Link Layer Discovery Protocol
listening state (STP)
RSTP comparisons (table) 17-24
LLDP
configuring 23-3
characteristics 23-4
default configuration 23-3
disabling and enabling
globally 23-5
on an interface 23-6
monitoring and maintaining 23-10
overview 23-1
transmission timer and holdtime, setting 23-4
LLDP-MED
configuring
procedures 23-3
monitoring and maintaining 23-10
overview 23-1
supported TLVs 23-2
load balancing
configuring for CEF 27-7
configuring for EtherChannel 19-14
per-destination 27-7
location service
configuring 23-9
logging, EPM 36-72
Logical Layer 3 interfaces
configuring 26-6
login authentication
with TACACS+ 3-19
login banners 4-17
login timer
changing 8-6
logoutwarning command 8-6
loop guard
and MST 17-23
configuring 18-5
overview 18-3
M
MAC/PHY configuration status TLV 23-2
MAC addresses
aging time 4-23
allocating 17-5
and VLAN association 4-22
convert dynamic to sticky secure 38-5
default configuration 4-23
discovering 4-32
displaying in DHCP snooping binding table 40-19
dynamic
learning 4-21
removing 4-24
in ACLs 42-13
static
adding 4-30
allowing 4-31
characteristics of 4-29
dropping 4-31
removing 4-30
sticky 38-4
sticky secure, adding 38-5
MAC Authentication Bypass
configure with 802.1X 36-49
MAC details, displaying 36-71
MAC extended access lists 42-13
macros
main-cpu command 5-8
management address TLV 23-2
management options
SNMP 51-1
marking
hardware capabilities 33-22
marking action drivers 33-20
marking network traffic 33-17
marking support, multi-attribute 33-21
match ip address command 30-6
maximum aging time (STP)
configuring 17-18
MDA
configuration guidelines36-21to 36-22
described 36-21
members
automatic discovery 12-7
member switch
managing 12-12
member switch, cluster
defined 12-11
requirements 12-12
messages, to users through banners 4-17
MFIB
CEF 29-5
overview 29-11
MFIB, IP
displaying 29-24
MIBs
compiling 56-4
overview 51-1
SNMP interaction with 51-4
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
MLD Snooping
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
Multicast client aging robustness 22-3
Multicast router discovery 22-3
overview 22-1
Mode of capturing control packets, selecting 42-7
modules
checking status 8-2
monitoring
ACL information 42-35
IGMP
snooping 22-11
IGMP filters 21-24
IGMP snooping 21-14
IP SLAs operations 47-13
multicast router interfaces 22-11
multi-VRF CE 31-16
traffic flowing among switches 52-1
VLAN filters 42-25
VLAN maps 42-25
M-record 17-22
MST
and multiple spanning trees 1-5, 17-22
boundary ports 17-27
BPDUs 17-22
configuration parameters 17-26
configuring 17-29
displaying configurations 17-33
edge ports 17-27
enabling 17-29
hop count 17-28
instances
configuring parameters 17-32
description 17-22
number supported 17-26
interoperability with PVST+ 17-23
link type 17-28
master 17-27
message age 17-28
regions 17-26
restrictions 17-29
to-SST interoperability 17-24
MSTP
EtherChannel guard
enabling 18-6
M-record 17-22
M-tree 17-22
M-tree 17-22
MTUS
understanding 7-19
MTU size
default 13-5
multiauthentication mode 36-8
multicast
Multicast client aging robustness 22-3
multicast Ethernet loopback (ETH-LB) 45-28
multicast Ethernet loopback, using 45-30
multicast groups
static joins 22-7
multicast packets
blocking 44-2
Multicast router discovery 22-3
multicast router interfaces, displaying 21-17
multicast router interfaces, monitoring 22-11
multicast router ports, adding 22-7
multicast routers
flood suppression 21-12
multicast router table
displaying 29-22
Multicast Storm Control
enabling 48-4
disabling 48-6
multidomain authentication
multidomain authentication mode 36-7
multioperations scheduling, IP SLAs 47-6
Multiple Authentication
described 36-21
Multiple AuthorizationAuthentication
configuring 36-30
Multiple Domain Authentication 36-30
multiple forwarding paths 1-5, 17-22
multiple-hosts mode 36-7
Multiple Spanning Tree
multiple VPN routing/forwarding
multi-VRF CE
components 31-3
configuration example 31-12
default configuration 31-3
defined 31-1
displaying 31-16
monitoring 31-16
network components 31-3
packet-forwarding process 31-3
N
named IPv6 ACLs, configuring
ACLs
configuring named IPv6 ACLs 42-15
named MAC extended ACLs
ACLs
configuring named MAC extended 42-13, 42-14
native VLAN
specifying 15-6
Network Assistant
and VTY 12-11
configure
enable communication with switch 12-13, 12-17
default configuration 12-2
overview of CLI commands 12-2
network fault tolerance 1-5, 17-22
network management
configuring 20-1
RMON 52-1
SNMP 51-1
network performance, measuring with IP SLAs 47-3
Network Time Protocol
network traffic, marking 33-17
New Software Features in Release 7.7
TDR 8-3
Next Hop Resolution Protocol
NHRP
support 1-12
non-IP traffic filtering 42-13, 42-14
non-RPF traffic
description 29-9
in redundant configurations (figure) 29-10
Nonstop Forwarding
nonvolatile random-access memory
normal-range VLANs
NSF
defined 9-1
guidelines and restrictions 9-7
operation 9-4
NSF-aware
support 9-2
NSF-capable
supervisor engines 9-2
support 9-2
NSF with SSO supervisor engine redundancy
and CEF 9-4
overview 9-3
SSO operation 9-3
NTP
associations
authenticating 4-4
defined 4-2
enabling broadcast messages 4-7
peer 4-6
server 4-6
default configuration 4-4
displaying the configuration 4-11
overview 4-2
restricting access
creating an access group 4-9
disabling NTP services per interface 4-10
source IP address, configuring 4-10
stratum 4-2
synchronizing devices 4-6
time
services 4-2
synchronizing 4-2
NVRAM
saving settings 3-10
O
OIR
overview 7-25
Online Diagnostics 54-1
online insertion and removal
Open Shortest Path First
operating system images
Option 82
enabling DHCP Snooping 40-10
OSPF
area concept 1-13
description 1-12
for IPv6 43-5
P
packets
modifying 33-10
packet type filtering
overview 49-14
SPAN enhancement 49-14
PACL, using with access-group mode 42-30
PACL with VLAN maps and router ACLs 42-32
PAgP
understanding 19-3
passwords
configuring enable password 3-14
configuring enable secret password 3-14
encrypting 3-22
in clusters 12-8
recovering lost enable password 3-25
setting line password 3-14
PBR (policy-based routing)
configuration (example) 30-8
enabling 30-6
features 30-2
overview 30-1
route-map processing logic 30-3
route-map processing logic example 30-4
route maps 30-2
when to use 30-5
per-port and VLAN Access Control List 40-19
per-port per-VLAN QoS
enabling 33-35
overview 33-10
Per-User ACL and Filter-ID ACL, configure 36-39
Per-VLAN Rapid Spanning Tree 17-6
enabling 17-20
overview 17-6
PE to CE routing, configuring 31-11
Physical Layer 3 interfaces, configuring 26-11
PIM
configuring dense mode 29-14
configuring sparse mode 29-14
displaying information 29-21
displaying statistics 29-25
enabling sparse-dense mode 29-14, 29-15
overview 29-3
PIM-DM 29-3
PIM on an interface, enabling 29-13
PIM-SM 29-4
PIM-SSM mapping, enabling 29-16
ping
executing 8-8
overview 8-8
configuring power consumption, powered devices 10-5
configuring power consumption for single device 10-5, 10-16
displaying operational status for an interface 10-6
Enhanced PoE support on E-series 10-15
policing and monitoring 10-12
power consumption for powered devices
Intelligent Power Management 10-4
power management modes 10-3
PoE policing
configuring errdisable recovery 10-14
configuring on an interface 10-12
displaying on an interface 10-14
power modes 10-12
point-to-point
in 802.1X authentication (figure) 36-2
policing
how to implement 33-17
policing, PoE 10-12
policy associations, QoS on Sup 6-E 33-38
policy-map command 33-15
policy map marking action, configuring 33-22
port ACLs
and voice VLAN 42-4
defined 42-3
limitations 42-5
Port Aggregation Protocol
port-based authentication
802.1X with voice VLAN 36-20
authentication server
defined 37-2
changing the quiet period 36-64
configuration guidelines 36-25, 37-6
configure ACL assignments and redirect URLs 36-33
configure switch-to-RADIUS server communication 36-28
configure with Authentication Failed VLAN assignment 36-54
configure with Critical Authentication 36-51
configure with Guest-VLANs 36-47, 36-56
configure with MAC Authentication Bypass 36-49
configure with Wake-on-LAN 36-53
configuring
Multiple Domain Authentication and Multiple Authorization 36-30
RADIUS server 37-10
RADIUS server parameters on the switch 37-9
configuring Fallback Authentication 36-58
configuring Guest-VLAN 36-28
configuring manual re-authentication of a client 36-67
controlling authorization state 36-5
default configuration 36-24, 37-6
described 36-1
displaying statistics 36-68, 37-13
enabling 36-25
802.1X authentication 37-9
enabling multiple hosts 36-63
enabling periodic re-authentication 36-62
encapsulation 36-3
host mode 36-6
how 802.1X fails on a port 36-22
initiation and message exchange 36-3
method lists 36-25
modes 36-6
multidomain authentication 36-21
multiple-hosts mode, described 36-7
port security
multiple-hosts mode 36-7
ports not supported 36-4
pre-authentication open access 36-8
resetting to default values 36-68
setting retransmission number 36-66
setting retransmission time 36-65
switch
as proxy 37-2
topologies, supported 36-22
using with ACL assignments and redirect URLs 36-18
using with port security 36-17
with Critical Authentication 36-13
with Guest VLANs 36-10
with MAC Authentication Bypass 36-11
with VLAN assignment 36-9
port-channel interfaces
creating 19-7
overview 19-2
port-channel load-balance
command 19-13
command example 19-13
port-channel load-balance command 19-14
port cost (STP)
configuring 17-15
port description TLV 23-2
PortFast
and MST 17-23
BPDU filter, configuring 18-10
configuring or enabling 18-16
overview 18-7
PortFast BPDU filtering
and MST 17-23
enabling 18-10
overview 18-9
port numbering with TwinGig Convertors 7-7
port priority
configuring MST instances 17-32
configuring STP 17-13
ports
blocking 44-1
checking status 8-2
dynamic VLAN membership
example 13-29
reconfirming 13-26
forwarding, resuming 44-3
port security
aging 38-5
configuring 38-7
displaying 38-28
guidelines and restrictions 38-33
on private VLAN 38-14
host 38-14
promiscuous 38-16
on trunk port 38-17
guidelines and restrictions 38-15, 38-18, 38-21, 38-32
port mode changes 38-22
on voice ports 38-22
sticky learning 38-5
using with 802.1X 36-17
violations 38-6
with 802.1X Authentication 38-32
with DHCP and IP Source Guard 38-31
with other features 38-33
port states
description 17-5
port VLAN ID TLV 23-2
power
inline 34-5
power dc input command 11-17
powered devices, configuring power consumption 10-5
power handling for Supervisor Engine II-TS 10-11
power inline command 10-3
power inline consumption command 10-5
power management
Catalyst 4500 series 11-5
Catalyst 4500 Switch power supplies 11-12
configuring combined mode 11-11
configuring redundant mode 11-10
overview 11-1
redundancy 11-5
power management for Catalyst 4500 Switch
combined mode 11-7
redundant mode 11-7
power management limitations in Catalyst 4500 Switch 11-8
power management mode
selecting 11-7
power management TLV 23-2, 23-7
power negotiation
through LLDP 23-8
Power-On-Self-Test diagnostics 54-9, 54-18
Power-On-Self-Test for Supervisor Engine V-10GE 54-12
power policing, displaying on an interface 10-14
power redundancy-mode command 11-10
power supplies
available power for Catalyst 4500 Switch 11-12
fixed 11-6
variable 11-6
pre-authentication open access 36-8
pre-authentication open access. See port-based authentication.
associating with secondary VLANs 35-16
configuring as a PVLAN 35-15
priority
overriding CoS of incoming frames 34-5
priority queuing, QoS on Sup 6-E 33-29
private VLAN
configure port security 38-14, 38-15
enabling DHCP Snooping 40-11
private VLANs
across multiple switches 35-5
and SVIs 35-10
benefits of 35-2
community ports 35-3
default configuration 35-12
end station access to 35-3
isolated port 35-4
isolated VLANs 35-2, 35-3, 35-4
ports
community 35-3
isolated 35-4
promiscuous 35-4
promiscuous ports 35-4
secondary VLANs 35-2
subdomains 35-2
traffic in 35-9
privileged EXEC mode 2-5
privileges
changing default 3-23
configuring levels 3-23
exiting 3-24
logging in 3-24
promiscuous ports
configuring PVLAN 35-17
defined 35-4
setting mode 35-23
protocol timers 17-4
provider edge devices 31-2
pruning, VTP
pseudobridges
description 17-25
PVACL 40-19
PVID (port VLAN ID)
and 802.1X with voice VLAN ports 36-20
PVLAN promiscuous trunk port
configuring 35-11, 35-17, 35-21
PVLANs
802.1q support 35-14
across multiple switches 35-5
configuration guidelines 35-12
configure port security 38-14, 38-16, 38-18
configure port security in a wireless setting 38-32
configuring 35-11
configuring a VLAN 35-15
configuring promiscuous ports 35-17
host ports
configuring a Layer 2 interface 35-18
setting 35-23
overview 35-1
permitting routing, example 35-22
promiscuous mode
setting 35-23
setting
interface mode 35-23
Q
QoS
classification33-6to ??
definitions 33-3
enabling per-port per-VLAN 33-35
overview 33-1
overview of per-port per-VLAN 33-10
packet modification 33-10
traffic shaping 33-9
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length 33-9
QoS labels
definition 33-3
QoS marking
description 33-5
QoS on Sup 6-E
Active Queue management via DBL 33-33
active queue management via DBL 33-26, 33-33
classification 33-14
configuring 33-12
configuring the policy map marking action 33-22
hardware capabilities for marking 33-22
how to implement policing 33-17
marking action drivers 33-20
marking network traffic 33-17
MQC-based QoS configuration 33-12
multi-attribute marking support 33-21
platform hardware capabilities 33-14
platform restrictions 33-17
platform-supported classification criteria and QoS features 33-12, 33-13
policing 33-16
policy associations 33-38
prerequisites for applying a service policy 33-14
priority queuing 33-29
queue-limiting 33-30
restrictions for applying a service policy 33-14
shaping 33-24
sharing(bandwidth) 33-26
sharing(blandwidth), shapring, and priority queuing 33-24
software QoS 33-39
traffic marking procedure flowchart 33-20
QoS policing
definition 33-5
described 33-8
QoS policy
attaching to interfaces 33-9
QoS service policy
prerequisites 33-14
restrictions for applying 33-14
QoS transmit queues
burst 33-9
maximum rate 33-9
sharing link bandwidth 33-9
Quality of service
queueing 33-9
queue-limiting, QoS on Sup 6-E 33-30
R
RADIUS server
configure to-Switch communication 36-28
configuring settings 36-30
parameters on the switch 36-28
range command 7-5
range macros
defining 7-6
ranges of interfaces
configuring 7-4
Rapid Spanning Tree
rcommand command 12-12
re-authentication of a client
configuring manual 36-67
enabling periodic 36-62
redirect URLs, port-based authentication 36-18
reduced MAC address 17-2
redundancy
configuring 5-7
guidelines and restrictions 5-6
changes made through SNMP 5-11
NSF-aware support 9-2
NSF-capable support 9-2
overview 5-2
redundancy command 5-8
understanding synchronization 5-5
redundancy (NSF) 9-1
configuring
BGP 9-9
CEF 9-9
EIGRP 9-12
OSPF 9-11
routing protocols 9-5
redundancy (RPR)
route processor redundancy 5-3
synchronization 5-5
redundancy (SSO)
redundancy command 9-8
route processor redundancy 5-3
synchronization 5-6
reload command 3-28, 3-29, 3-40
Remote Network Monitoring
rendezvous point, configuring 29-16
rendezvous point, configuring single static 29-19
replication
description 29-8
report suppression, IGMP
disabling 22-10
reserved-range VLANs
reset command 53-3
resetting an interface to default configuration 7-29
resetting a switch to defaults 3-32
responder, IP SLAs
described 47-4
enabling 47-8
response time, measuring with IP SLAs 47-5
restricting access
NTP services 4-8
TACACS+ 3-15
retransmission number
setting in 802.1X authentication 36-66
retransmission time
changing in 802.1X authentication 36-65
RFC
1157, SNMPv1 51-2
1305, NTP 4-2
1757, RMON 52-2
1901, SNMPv2C 51-2
1902 to 1907, SNMPv2 51-2
2273-2275, SNMPv3 51-2
RIP
description 1-13
for IPv6 43-5
RMON
default configuration 52-3
displaying status 52-6
enabling alarms and events 52-3
groups supported 52-2
overview 52-1
ROM monitor
boot process and 3-26
CLI 2-7
commands53-2to ??
exiting 53-5
root bridge
configuring 17-9
selecting in MST 17-22
root guard
and MST 17-23
enabling 18-2
overview 18-2
routed packets
ACLs 42-27
route-map (IP) command 30-6
route maps
defining 30-6
PBR 30-2
router ACLs
description 42-3
using with VLAN maps 42-25
router ACLs, using PACL with VLAN maps 42-32
route targets
VPN 31-3
Routing Information Protocol
RSPAN
configuration guidelines 49-16
destination ports 49-5
IDS 49-3
monitored ports 49-4
monitoring ports 49-5
received traffic 49-3
sessions
creating 49-17
defined 49-3
limiting source traffic to specific VLANs 49-23
monitoring VLANs 49-22
removing source (monitored) ports 49-21
specifying monitored ports 49-17
source ports 49-4
transmitted traffic 49-4
VLAN-based 49-5
RSTP
compatibility 17-23
description 17-22
port roles 17-23
port states 17-24
S
SAID
scheduling 33-9
scheduling, IP SLAs operations 47-6
secondary root switch 17-12
secondary VLANs 35-2
associating with primary 35-16
permitting routing 35-22
security
configuring 39-1
Security Association Identifier
selecting a power management mode 11-7
selecting X2/TwinGig Convertor Mode 7-8
sequence numbers in log messages 50-7
server IDs
description 53-24
service policy, configure class-level queue-limit 33-30
service-policy input command 25-2
set default interface command 30-7
set interface command 30-7
set ip default next-hop command 30-7
set ip next-hop command 30-6
set-request operation 51-4
severity levels, defining in system messages 50-8
shaping, QoS on Sup 6-E 33-24
sharing(bandwidth), QoS on Sup 6-E 33-26
show adjacency command 27-9
show boot command 3-31
show catalyst4000 chassis-mac-address command 17-3
show cdp entry command 20-3
show cdp interface command 20-3
show cdp neighbors command 20-4
show cdp traffic command 20-4
show ciscoview package command 4-35
show ciscoview version command 4-35
show cluster members command 12-12
show configuration command 7-15
show debugging command 20-4
show environment command 11-2
show history command 2-4
show interfaces command 7-20, 7-21, 7-26, 7-28
show interfaces status command 8-2
show ip cef command 27-8
show ip eigrp interfaces command 26-18
show ip eigrp neighbors command 26-18
show ip eigrp topology command 26-18
show ip eigrp traffic command 26-18
show ip interface command 29-21
show ip local policy command 30-8
show ip mroute command 29-21
show ip pim interface command 29-21
show lldp traffic command 23-10
show mac-address-table address command 8-3
show mac-address-table interface command 8-3
show mls entry command 27-8
show PoE consumed 10-8
show power inline command 10-6
show power supplies command 11-10
show protocols command 7-26
show running-config command
adding description for an interface 7-15
checking your settings 3-9
displaying ACLs 42-19, 42-22, 42-29, 42-30, 42-31
show startup-config command 3-10
show users command 8-7
show version command 3-29
shutdown, command 7-27
shutting down
interfaces 7-26
Simple Network Management Protocol
single-host mode 36-7
single spanning tree
single static RP, configuring 29-19
slot numbers, description 7-2
smart call home 53-1
description 53-2
destination profile (note) 53-5
registration requirements 53-3
service contract requirements 53-3
Transport Gateway (TG) aggregation point 53-2
SMARTnet
smart call home registration 53-3
Smartports macros
applying global parameter values 16-8
applying macros 16-8
applying parameter values 16-8
configuration guidelines 16-6
configuring 16-2
creating 16-7
default configuration 16-3
defined 16-1
displaying 16-12
tracing 16-6
SNMP
accessing MIB variables with 51-4
agent
described 51-4
disabling 51-7
and IP SLAs 47-3
authentication level 51-10
community strings
configuring 51-7
overview 51-4
configuration examples 51-16
configuration guidelines 51-6
default configuration 51-5
engine ID 51-6
host 51-6
informs
and trap keyword 51-11
described 51-5
differences from traps 51-5
enabling 51-15
limiting access by TFTP servers 51-15
limiting system log messages to NMS 50-9
manager functions 51-3
notifications 51-5
status, displaying 51-17
system contact and location 51-15
trap manager, configuring 51-13
traps
differences from informs 51-5
enabling 51-11
enabling MAC address notification 4-24
enabling MAC move notification 4-26
enabling MAC threshold notification 4-28
types of 51-11
versions supported 51-2
SNMP commands 56-4
SNMPv1 51-2
SNMPv2C 51-2
SNMPv3 51-2
software
upgrading 5-13
software configuration register 3-26
software QoS, on Sup 6-E 33-39
software switching
description 27-5
interfaces 27-6
key data structures used 29-7
source IDs
call home event format 53-23
SPAN
and ACLs 49-5
configuration guidelines 49-7
destination ports 49-5
IDS 49-3
monitored port, defined 49-4
monitoring port, defined 49-5
received traffic 49-3
sessions
defined 49-3
source ports 49-4
transmitted traffic 49-4
VLAN-based 49-5
SPAN and RSPAN
concepts and terminology 49-3
default configuration 49-6
displaying status 49-24
overview 49-2
session limits 49-6
SPAN enhancements
access list filtering 49-13
configuration example 49-15
CPU port sniffing 49-10
encapsulation configuration 49-12
ingress packets 49-12
packet type filtering 49-14
spanning-tree backbonefast command 18-16
spanning-tree cost command 17-15
spanning-tree guard root command 18-2
spanning-tree portfast bpdu-guard command 18-9
spanning-tree portfast command 18-7
spanning-tree port-priority command 17-13
spanning-tree uplinkfast command 18-13
spanning-tree vlan
command 17-9
command example 17-9
spanning-tree vlan command 17-8
spanning-tree vlan cost command 17-15
spanning-tree vlan forward-time command 17-19
spanning-tree vlan hello-time command 17-17
spanning-tree vlan max-age command 17-18
spanning-tree vlan port-priority command 17-13
spanning-tree vlan priority command 17-17
spanning-tree vlan root primary command 17-10
spanning-tree vlan root secondary command 17-12
speed
configuring interface 7-12
speed command 7-13
SSO
configuring 9-8
SSO operation 9-3
SST
description 17-22
interoperability 17-24
static addresses
static routes
configuring 3-11
verifying 3-12
statistics
802.1X 37-13
displaying 802.1X 36-68
displaying PIM 29-25
LLDP 23-10
LLDP-MED 23-10
SNMP input and output 51-17
sticky learning
configuration file 38-5
defined 38-5
disabling 38-5
enabling 38-5
saving addresses 38-5
sticky MAC addresses
configuring 38-7
defined 38-4
Storm Control
displaying 48-6
enabling Broadcast 48-3
enabling Multicast 48-4
hardware-based, implementing 48-2
overview 48-1
software-based, implementing 48-2
STP
bridge ID 17-2
creating topology 17-4
defaults 17-6
disabling 17-19
enabling 17-7
enabling extended system ID 17-8
enabling Per-VLAN Rapid Spanning Tree 17-20
EtherChannel guard
disabling 18-7
forward-delay time 17-18
hello time 17-17
maximum aging time 17-18
per-VLAN rapid spanning tree 17-6
port cost 17-15
port priority 17-13
root bridge 17-9
stratum, NTP 4-2
stub routing (EIGRP)
benefits 26-16
configuration tasks 26-17
configuring 26-13
restrictions 26-17
verifying 26-17
subdomains, private VLAN 35-2
summer time 4-13
supervisor engine
accessing the redundant 5-14
copying files to standby 5-14
default configuration 3-1
default gateways 3-11
environmental monitoring 11-1
redundancy 9-1
ROM monitor 3-26
startup configuration 3-25
static routes 3-11
synchronizing configurations 5-11
Supervisor Engine II-TS
insufficient inline power handling 10-11
SVI Autostate Exclude
understanding 26-3
SVI Autostate exclude
configuring 26-7
switch 43-2
switched packets
and ACLs 42-26
Switched Port Analyzer
switchport
show interfaces 7-20, 7-21, 7-28
switchport access vlan command 15-6, 15-8
switchport block multicast command 44-2
switchport block unicast command 44-2
switchport mode access command 15-8
switchport mode dynamic command 15-6
switchport mode trunk command 15-6
switch ports
switchport trunk allowed vlan command 15-6
switchport trunk encapsulation command 15-6
switchport trunk encapsulation dot1q command 15-3
switchport trunk encapsulation isl command 15-3
switchport trunk encapsulation negotiate command 15-3
switchport trunk native vlan command 15-6
switchport trunk pruning vlan command 15-7
switch-to-RADIUS server communication
configuring 36-28
system
reviewing configuration 3-10
settings at startup 3-27
system alarms
on Sup 2+ to V-10GE 11-4
overview 11-4
system and network statistics, displaying 29-21
system capabilities TLV 23-2
system clock
configuring
daylight saving time 4-13
manually 4-11
summer time 4-13
time zones 4-12
displaying the time and date 4-12
overview 4-2
system description TLV 23-2
system images
loading from Flash memory 3-30
modifying boot field 3-27
specifying 3-30
system message logging
default configuration 50-3
defining error message severity levels 50-8
disabling 50-4
displaying the configuration 50-12
enabling 50-4
facility keywords, described 50-12
level keywords, described 50-9
limiting messages 50-9
message format 50-2
overview 50-1
sequence numbers, enabling and disabling 50-7
setting the display destination device 50-5
synchronizing log messages 50-6
timestamps, enabling and disabling 50-7
UNIX syslog servers
configuring the daemon 50-10
configuring the logging facility 50-11
facilities supported 50-12
system name
manual configuration 4-15
system name TLV 23-2
system prompt, default setting 4-14
T
TACACS+ 39-1
accounting, defined 3-16
authentication, defined 3-16
authorization, defined 3-16
configuring
accounting 3-21
authentication key 3-18
authorization 3-21
login authentication 3-19
default configuration 3-18
displaying the configuration 3-22
identifying the server 3-18
limiting the services to the user 3-21
operation of 3-17
overview 3-15
tracking services accessed by user 3-21
TCAM programming and ACLs 42-7
for Sup II-Plust thru V-10GE 42-6
TDR
checking cable connectivity 8-3
enabling and disabling test 8-3
guidelines 8-3
Telnet
accessing CLI 2-2
disconnecting user sessions 8-7
executing 8-6
monitoring user sessions 8-6
telnet command 8-6
Terminal Access Controller Access Control System Plus
TFTP
configuration files in base directory 3-5
configuring for autoconfiguration 3-4
limiting access by servers 51-15
threshold monitoring, IP SLAs 47-6
time
Time Domain Reflectometer
time exceeded messages 8-9
timer
timestamps in log messages 50-7
time zones 4-12
TLV
host presence detection 36-8
TLVs
LLDP-MED 23-2
Token Ring
media not supported (note) 13-5, 13-9
Topology change notification processing
MLD Snooping
Topology change notification processing 22-4
TOS
description 33-4
trace command 8-9
traceroute
traceroute mac command 8-11
traceroute mac ip command 8-11
traffic
blocking flooded 44-2
traffic control
using ACLs (figure) 42-4
using VLAN maps (figure) 42-5
traffic marking procedure flowchart 33-20
traffic shaping 33-9
translational bridge numbers (defaults) 13-5
traps
configuring MAC address notification 4-24
configuring MAC move notification 4-26
configuring MAC threshold notification 4-28
configuring managers 51-11
defined 51-3
enabling 4-24, 4-26, 4-28, 51-11
notification types 51-11
troubleshooting
with CiscoWorks 51-4
with system message logging 50-1
with traceroute 8-9
troubleshooting high CPU due to ACLs 42-6
trunk ports
configure port security 38-17
configuring PVLAN35-19to 35-20
trunks
802.1Q restrictions 15-5
configuring 15-6
configuring access VLANs 15-6
configuring allowed VLANs 15-6
default interface configuration 15-6
different VTP domains 15-3
enabling to non-DTP device 15-4
encapsulation 15-3
specifying native VLAN 15-6
understanding 15-3
trustpoint 53-3
TwinGig Convertors
port numbering 7-7
selecting X2/TwinGig Convertor mode 7-8
type length value
type of service
U
UDLD
default configuration 24-2
disabling 24-5
enabling 24-4
overview 24-1
UDP jitter, configuring 47-9
UDP jitter operation, IP SLAs 47-9
unauthorized ports with 802.1X 36-4
unicast
unicast flood blocking
configuring 44-1
unicast MAC address filtering
and adding static addresses 4-31
and broadcast MAC addresses 4-30
and CPU packets 4-31
and multicast addresses 4-30
and router MAC addresses 4-30
configuration guidelines 4-30
described 4-30
unicast MAC address filtering, configuring
ACLs
configuring unicast MAC address filtering 42-13
Unicast RPF (Unicast Reverse Path Forwarding)
applying 28-5
BGP attributes
caution 28-5
CEF
requirement 28-2
tables 28-7
configuring 28-9
(examples)??to 28-12
BOOTP 28-8
DHCP 28-8
enterprise network (figure) 28-6
prerequisites 28-9
routing table requirements 28-7
tasks 28-9
verifying 28-10
deploying 28-5
disabling 28-11
enterprise network (figure) 28-6
FIB 28-2
implementing 28-4
maintaining 28-11
monitoring 28-11
packets, dropping (figure) 28-4
prerequisites 28-9
restrictions
basic 28-8
routing asymmetry 28-7
routing asymmetry (figure) 28-8
routing table requirements 28-7
security policy
applying 28-5
attacks, mitigating 28-5
deploying 28-5
tunneling 28-5
source addresses, validating 28-3
failure 28-3
traffic filtering 28-5
tunneling 28-5
validation
packets, dropping 28-3
source addresses 28-3
verifying 28-10
unicast traffic
blocking 44-2
unidirectional ethernet
enabling 25-2
example of setting 25-2
overview 25-1
UniDirectional Link Detection Protocol
Universal PoE, configuring 10-16
UNIX syslog servers
daemon configuration 50-10
facilities supported 50-12
message logging configuration 50-11
UplinkFast
and MST 17-23
enabling 18-16
MST and 17-23
overview 18-11
user EXEC mode 2-5
user sessions
disconnecting 8-7
monitoring 8-6
using PACL with access-group mode 42-30
V
VACLs
Layer 4 port operations 42-9
virtual configuration register 53-3
virtual LANs
Virtual Private Network
Virtual Switch System(VSS), displaying EtherChannel to 19-16
VLAN ACLs
vlan command 13-6
VLAN ID, discovering 4-32
VLAN Management Policy Server
VLAN maps
applying to a VLAN 42-22
configuration example 42-23
configuration guidelines 42-18
configuring 42-18
creating and deleting entries 42-19
defined 42-3
denying access example 42-24
denying packets 42-20
displaying 42-25
order of entries 42-19
permitting packets 42-20
router ACLs and 42-25
using (figure) 42-5
using in your network 42-22
VLAN maps, PACL and Router ACLs 42-32
VLANs
allowed on trunk 15-6
configuration guidelines 13-3
configuring 13-5
default configuration 13-4
description 1-7
extended range 13-3
IDs (default) 13-5
interface assignment 13-7
limiting source traffic with RSPAN 49-23
monitoring with RSPAN 49-22
name (default) 13-5
normal range 13-3
overview 13-1
reserved range 13-3
VLAN Trunking Protocol
VLAN trunks
overview 15-3
VMPS
configuration file example 13-32
configuring dynamic access ports on client 13-25
configuring retry interval 13-27
database configuration file 13-32
dynamic port membership
example 13-29
reconfirming 13-26
reconfirming assignments 13-26
reconfirming membership interval 13-26
server overview 13-21
VMPS client
administering and monitoring 13-28
configure switch
configure reconfirmation interval 13-26
dynamic ports 13-25
entering IP VMPS address 13-24
reconfirmation interval 13-27
reconfirm VLAM membership 13-26
default configuration 13-24
dynamic VLAN membership overview 13-23
troubleshooting dynamic port VLAN membership 13-29
VMPS server
fall-back VLAN 13-23
illegal VMPS client requests 13-23
overview 13-21
security modes
multiple 13-22
open 13-22
secure 13-22
voice interfaces
configuring 34-1
Voice over IP
configuring 34-1
voice ports
configuring VVID 34-3
voice VLAN
IP phone data traffic, described 34-2
IP phone voice traffic, described 34-2
voice VLAN ports
using 802.1X 36-20
VPN
configuring routing in 31-11
forwarding 31-3
in service provider networks 31-1
routes 31-2
routing and forwarding table
VRF
defining 31-3
tables 31-1
VRF-aware services
configuring 31-6
ftp 31-8
ping 31-7
SNMP 31-7
syslog 31-8
tftp 31-8
traceroute 31-8
uRPF 31-7
VTP
client, configuring 13-16
configuration guidelines 13-12
default configuration 13-13
disabling 13-16
monitoring 13-19
overview 13-8
pruning
configuring 13-15
server, configuring 13-16
statistics 13-19
transparent mode, configuring 13-16
version 2
enabling 13-15
VTP advertisements
description 13-9
VTP domains
description 13-8
VTP modes 13-9
VTP pruning
overview 13-11
VTP versions 2 and 3
overview 13-9
VTY and Network Assistant 12-11
VVID (voice VLAN ID)
and 802.1X authentication 36-20
configuring 34-3
W
Wake-on-LAN
configure with 802.1X 36-53
web-based authentication
authentication proxy web pages 37-4
web-based authentication, interactions with other features 37-4
Y
Y.1731
default configuration 45-28
described 45-26
ETH-AIS
Ethernet Alarm Signal function (ETH-AIS)
ETH-RDI 45-27
multicast Ethernet loopback 45-30
multicast ETH-LB 45-28
terminology 45-26