-
Catalyst 6500 Series Software Configuration Guide, 8.7
-
Catalyst 6500 Series Switch Software Configuration Guide (Full-book PDF)
-
Index
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch IP Address and Default Gateway
-
Configuring Ethernet, Fast Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet Switching
-
Configuring Ethernet VLAN Trunks
-
Configuring EtherChannel
-
Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling
-
Configuring Spanning Tree
-
Configuring Spanning Tree PortFast, UplinkFast, BackboneFast, and Loop Guard
-
Configuring VTP
-
Configuring VLANs
-
Configuring InterVLAN Routing
-
Configuring CEF for PFC2/PFC3
-
Configuring MLS
-
Configuring Access Control
-
Configuring NDE
-
Configuring GVRP
-
Configuring MVRP
-
Configuring Dynamic Port VLAN Membership with VMPS
-
Checking Status and Connectivity
-
Configuring Online Diagnostics
-
Administering the Switch
-
Configuring Redundancy
-
Configuring NSF with SSO MSFC Redundancy
-
Modifying the Switch Boot Configuration
-
Working with the Flash File System
-
Working with System Software Images
-
Working with Configuration Files
-
Configuring System Message Logging
-
Configuring DNS
-
Configuring CDP
-
Configuring UDLD
-
Configuring DHCP Snooping and IP Source Guard
-
Configuring NTP
-
Configuring Broadcast Suppression
-
Configuring Layer 3 Protocol Filtering
-
Configuring the IP Permit List
-
Configuring Port Security
-
Configuring Switch Access Using AAA
-
Configuring 802.1x Authentication
-
Configuring MAC Authentication Bypass
-
Configuring Web-Based Proxy Authentication
-
Tracking Host Aging
-
Configuring Network Admission Control
-
Configuring Unicast Flood Blocking
-
Configuring SNMP
-
Configuring RMON
-
Configuring SPAN, RSPAN and the Mini Protocol Analyzer
-
Using Switch TopN Reports
-
Configuring Multicast Services
-
Configuring QoS
-
Configuring Automatic QoS
-
Configuring ASLB
-
Configuring the Switch Fabric Module
-
Configuring a VoIP Network
-
Configuring aCEF
-
Configuring MSFC IOS Features
-
Acronyms
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y -
Index
Numerics
10/100-Mbps port speeds, setting 4-6
1000BASE-T (copper) GBIC
port negotiation limitation 4-2
10-Gigabit Ethernet Switching Module
default configuration 4-3
setting the flow control 4-8
supported encapsulation types 5-2
24-port FXS analog interface module
configuring 55-28
description 55-5
802.1ak
802.1Q
configuring 5-7
example configuration 5-18
mapping VLANs to ISL 11-9
overview 5-1
restrictions 5-4
VLAN mapping 11-9
802.1Q Ethertype
specifying custom 5-12
specifying default 5-13
802.1Q tagging
disabling on specific ports 5-11
802.1Q tunneling
configuration guidelines 8-2
configuring 8-4
Layer 2 protocol tunneling 8-6
rate limiters 8-7
understanding 8-1
802.1Q tunnel ports
CoS-to-CoS maps
configuring 51-60
802.1X authentication 40-23, 40-24
authentication failure VLAN, configuring 40-38
authentication server
defined 40-3
client, defined 40-3
configuring 802.1X with ACL assignments 40-26
configuring a unidirectional controlled port 40-25
configuring authenticated identity-to-port description mappings 40-37
configuring DNS resolution for a RADIUS server configuration 40-37
configuring user distribution 40-32
configuring with private VLANs 40-41
disabling multiple hosts 40-19
EAP-request frames
setting retransmit time 40-20
enabling and disabling 802.1X RADIUS accounting and tracking 40-34
enabling automatic reauthentication 40-17
enabling multiple hosts 40-18
global
disabling 40-14
enabling 40-14
identity frames
setting retransmit time 40-20
inaccessible authentication bypass, configuring 40-15
individual ports
enabling 40-15
initializing 40-15
overview 40-2
RADIUS server failure, configuring 40-40
rate limiting 40-13
returning to default values 40-22
setting automatic reauthentication 40-17
setting idle time 40-19
setting reauthentication manually 40-18
setting retransmission number 40-21
supplicant
automatic reauthentication 40-17
manual reauthentication 40-18
support for DHCP relay agent 40-8
support for guest VLANs 40-9
transport layer packets
setting retransmission time 40-21
using a RADIUS server for VLAN assignment 40-7
with ARP traffic inspection 40-11
with auxiliary VLANs 40-8
with port security 40-10
802.1x authentication
manual reauthentication 40-18
802.3ah Ethernet OAM, configuring 20-26
8-port T1/E1 PSTN interface module
configuring 55-27
description 55-6
A
abbreviating commands 2-9
Accelerated Server Load Balancing
access control entries
access control lists
access control subsystem
SNMP entity 46-7
accessing the MSFC
console port 2-4
Telnet session 2-4
accounting
configuration guidelines 39-54
creating accounting records 39-52
default configuration 39-54
disabling 39-56
enabling 39-55
events 39-51
example configuration 39-57
overview 39-51
specifying RADIUS servers 39-52
suppressing accounting 39-53
updating the server 39-53
ACE
ACL
ACL compiler optimization, enabling 15-82
ACLs, downloadable 15-116
ACL statistics, clearing 15-85
ACL statistics, displaying 15-86
ACL statistics on a per-ACE basis, enabling 15-84
ACL statistics on a per-ACL basis, enabling 15-83
ACL statistics on a per-VLAN basis, enabling 15-84
acronyms, list of A-1
adding hosts 40-24
addresses
Address Recognition Protocol
address resolution protocol
address table and switching 4-2
adjacency table 13-7
administering the switch 22-1, 30-1
advertisements, VTP 10-3
aggregate policing rule
aging-time
CEF 13-12
MLS 14-19
PFC2 NetFlow statistics 13-29
alarms, major and minor 22-15
aliases
creating for commands 22-6
IP
creating 22-7
designating 2-6
AppleTalk, configuring interVLAN routing 12-4
ARP
configuring permanent and static entries 15-39, 22-9
inspecting ARP traffic using VACLs 15-30
restricting ARP traffic using VACLs 15-29
ASLB
cabling guidelines 53-7
configuration examples 53-18
configuring ASLB on the switch 53-7
configuring the LocalDirector interfaces 53-7
data forwarding 53-4
hardware and software requirements 53-1
Layer 2 operation 53-3
Layer 3 operation 53-3
audience 1-xxxvii
auditing agentless hosts 41-14
Auth 42-8
authentication
login
overview 39-2
password 39-13
login lockout enhancement 39-2
NTP and 34-4
overview 39-2
recovering password 39-15
See also
authorization
overview 39-43
See also
authorized ports with 802.1X 40-4
automatic module shutdown
configuring 4-14
unsupported modules 4-14
automatic QoS
CLI interface 52-13
configuration guidelines and restrictions 52-4
configuration statements 52-18
CoS and DSCP values 52-2
global automatic QoS macro 52-6
how to use 52-28
macros 52-3
overview 52-1
port-specific automatic QoS macro 52-9
summary of features 52-27
syslogs 52-25
warnings and error conditions 52-23
auto-MDI/MDIX 4-7
autonegotiation
duplex 4-6
speed 4-6
trunks 5-2
auto state
disabling 12-9
autostate
configuring
exclude mode 12-7
track mode 12-8
displaying configuration 12-8
overview 12-6
exclude mode 12-6
normal mode 12-6
track mode 12-7
auxiliary VLANs
configuring 55-20
disabling auxiliary VLANs until an IP phone is detected 55-22
dynamic port VLAN membership 19-14
overview 55-8
with 802.1X authentication 40-8
B
BackboneFast 9-4
disabling 9-19
displaying statistics 9-18
enabling 9-18
figure
after indirect link failure 9-5
before indirect link failure 9-5
multiple spanning tree 7-17
back-end authenticator-to-supplicant 40-21
backplane
threshold detection 20-20
banner
blocking transitions 20-24
BOOT environment variables
default 25-5
displaying 25-12
boot field
overview 25-3
setting 25-6
boot image and switch 23-3
booting
configuration register, setting value 25-10
from Melody Compact Flash 3-5
ignoring NVRAM 25-9
booting the MSFC for the first time 3-4
BOOTP and in-band (sc0) interface 3-10
Bootstrap Protocol
BPDU
skewing 7-60
overview 7-24
BPDU Filter
multiple spanning tree 7-17
BPDU guard
multiple spanning tree 7-17
note 9-11
BPDU overview 7-3
BPDU skewing
monitoring 20-24
Break key (note) 2-1
bridged flow statistics 14-28, 16-3
bridge ID and MAC addresses 7-14
bridge ID priority, PVST+ 7-27
bridge protocol data units
broadcast suppression 35-1
disabling 35-4
enabling 35-3
enabling errdisable state 35-4
suppressing multicast traffic 50-7
suppressing unicast traffic 35-2
bundling
C
cache
IP MLS, displaying entries 14-24
MLS, overview 14-5
cache engine clusters 57-2
cache engines 57-2
cache farms
CAM, IP MLS 14-22
CAM table, duplicate MAC entries 20-5
capturing traffic flows 15-57
CDP
default configuration 31-2
disabling
globally 31-2
on ports 31-3
displaying neighbor information 31-5
enabling
globally 31-2
on ports 31-3
holdtime, setting 31-4
message interval, setting 31-4
overview 31-1
adjacency table 13-7
aging 13-12
configuration guidelines for multicast 13-14
IP multicast 13-18
MSFC2 13-16
supervisor engine 13-15
displaying information 13-15
examples 13-10
FIB 13-6
flow masks 13-12
destination-ip 13-12
destination-ipx 13-12
full flow 13-12
modes 13-12
source-destination-ip 13-12
source-destination-vlan 13-12
Layer 3 switching 13-2
overview 13-5
packet rewrite 13-2
restrictions for multicast 13-14
CEF for PFC2
CGMP
leaving multicast group 50-5
channel modes, EtherChannel (table)
LACP 6-13
PAgP 6-6
channels, clearing and restoring channel counters 6-20
checksum, verifying Flash file 26-9
CIDR, configuring static routes 22-8
Cisco CallManager, overview 55-5
Cisco Discovery Protocol
Cisco Group Management Protocol
Cisco IP Phone 7960 55-2
Cisco VG200 55-7
CIST 7-17
classless interdomain routing
clear boot system flash command 25-11
clearing the configuration 28-9
clear mls entry command 13-34, 14-29
clear mls entry ipx command 14-29
clear mls statistics command 13-36, 14-31
CLI
backing out one level 2-9
configuration mode 2-8
console configuration mode 2-9
getting list of commands 2-10
global configuration mode 2-9
interface configuration mode (IOS) 2-9
levels of access 2-8
privileged EXEC mode 2-9
ROM monitor 2-1
software basics 2-8
switch
accessing 2-2
console port 2-2
designating addresses and aliases 2-6
designating modules, ports, VLANs 2-5
editing 2-7
help 2-8
history substitution 2-7
normal mode 2-5
operating 2-5
overview 2-2
port ranges 2-6
ports, designating 2-5
privileged mode 2-5
shortcuts 2-7
Telnet 2-3
VLANs, designating 2-5
clock, setting 22-4
command aliases, creating 22-6
command-line interface
commands, getting list of 2-10
committing ACLs
Common and Internal Spanning Tree
See also CIST 7-17
Common Open Policy Service
Common Spanning Tree
community ports 11-20
Compact Flash memory 3-5
CONFIG_FILE variable, setting recurrence 25-7
configuration
clearing (switch) 28-9
configuration files
clearing using rcp 28-9
copying using rcp 28-6
creating 28-2
downloading
from Flash device 28-4
preparation 28-3
rcp 28-7
via TFTP 28-4
guidelines for creating 28-2
profile files
lockdown profile 28-16
running configuration
downloading via rcp 28-7
downloading via TFTP 28-4
uploading via rcp 28-8
uploading via TFTP 28-6
uploading
to rcp server 28-8
to TFTP server 28-6
uploading using rcp or SCP
preparation 28-8
configuration mode 2-8
configuration register
boot field, setting switch 25-6
CONFIG_FILE recurrence, setting 25-7
default setting 25-5
ignoring NVRAM at boot 25-9
overview 25-2
ROM monitor console port baud rate 25-6
setting 25-10
congestion avoidance
console configuration mode 2-9
console port
accessing MSFC 2-4
downloading software images
example PC download 27-31
example UNIX download 27-32
PC procedure 27-29
preparing for 27-28
UNIX procedure 27-30
ROM monitor baud rate 25-6
SLIP and 3-9
system message logging settings 29-5
user sessions
disconnecting 20-15
monitoring 20-14
contact, setting 22-3
content-addressable memory
convergence
improving 7-47
COPS
communications parameters 51-84
configuring 51-79
domain name 51-84
deleting 51-84
PDP server configuration
deleting 51-83
port ASICs 51-80
QoS policy source 51-80
roles 51-81
deleting 51-83
removing 51-82
selecting locally configured QoS policy 51-81
CoS
CoS-to-CoS maps
configuring 51-60
counters, configuring for IOS ACLs, PACLs, and VACLs 15-81
CRAM feature 15-87
critical recovery delay, setting 40-21
crypto image
uploading
using RCP 27-26
common spanning tree 7-21
D
DAI 15-39
database, VMPS
downloading 19-7
example configuration file 19-10
date, setting 22-4
daughter cards
power efficiency 55-15
daylight saving time
disabling adjustment 34-7
enabling adjustment 34-6
default gateway
configuring 3-8
removing 3-9
deficit weighted round robin 51-66
designated MSFC 23-24
DES key
clearing 39-40
defining 39-40
destination-based QoS
destination flow masks 14-6
destination-ip flow masks 13-12
destination-ipx flow masks 13-12
detection
BPDU skewing 7-61
DHCP
in-band (sc0) interface and 3-10
options 3-3
releasing lease 3-12
renewing lease 3-12
DHCP snooping
configuration guidelines 33-3
configuring on a VLAN 33-2
default configuration 33-3
displaying binding tables 33-11
displaying configuration 33-12
enabling 33-3
enabling (example) 33-6
enabling Host Tracking Information Option 33-4
enabling on private VLAN 33-4
MAC address matching 33-5
overview 33-1
DHCP snooping for an MSFC
enabling (example) 33-7
differentiated services codepoint
Digital Optical Monitoring 20-48
directed broadcasts 13-36
disabling 40-24
disabling MLS
on MSFC interfaces 14-16
on the supervisor engine (note) 14-19
DISL
dispatcher
SNMP entity 46-7
DNS
default configuration 30-2
disabling 30-4
domain name
clearing 30-3
setting 30-2
enabling 30-2
overview 30-1
server
clearing 30-3
specifying 30-2
setting up 30-2
system name and 22-2
system prompt and 22-2
documentation
conventions 1-xl
related 1-xl
document organization 1-xxxvii
DOM
See Digital Optical Monitoring
domain name
clearing 30-3
setting 30-2
Domain Name System
dot1x
disabling multiple hosts 40-19
EAP-request frames
setting retransmit time 40-20
enabling automatic reauthentication 40-17
enabling multiple hosts 40-18
global
disabling 40-14
disabling web-based proxy authentication 42-10
enabling 40-14
enabling web-based proxy authentication 42-10
identity frames
setting retransmit time 40-20
manual reauthentication 40-18
returning to default values 40-22
setting idle time 40-19
setting retransmission number 40-21
transport layer packets
setting retransmission time 40-21
downloading
configuration files
from Flash device 28-4
preparation 28-3
using rcp or SCP 28-7
via TFTP 28-4
software images
example, multiple module 27-13, 27-20
example, single module 27-12, 27-20
example, supervisor engine 27-9, 27-18
overview 27-5
preparation 27-16
supervisor engine 27-7, 27-16, 27-23
Xmodem or Ymodem 27-33
drop thresholds
DSCP
DTP
non-Cisco devices and 5-4
overview 5-2
duplex, Ethernet 4-6
DWRR 51-66
dynamic ARP inspection
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol snooping
dynamic interswitch link (DISL) protocol
dynamic port VLAN membership
configuring 19-5
default configuration 19-2
example 19-12
for auxiliary VLANs 19-14
overview 19-1
reconfirming 19-7
troubleshooting 19-10
Dynamic Trunking Protocol
E
efficiency
PoE daughter cards 55-15
enable mode 2-9
enable password
recovering lost 39-15
setting 39-14
enabling 40-23
MLS, on MSFC interfaces 14-16
enabling IP MMLS
on MSFC interfaces 13-20, 14-33
encapsulation type descriptions, trunks (table) 5-3
environmental monitoring
LED indications 22-15
SNMP traps 22-15
supervisor engine and switching modules 22-15
syslog messages 22-15
using CLI commands 22-14
environment variables
See BOOT environment variables
EPLD images, upgrading 27-2
errdisable state, using with broadcast suppression 35-4
errdisable timeout, configuring 4-12
error detection, configuring 4-16
error messages
system message logging (syslog) 29-1
VMPS (table) 19-9
EtherChannel
administrative groups 6-7
bundling 6-2
channel modes (table)
LACP 6-13
PAgP 6-6
clearing and restoring channel counters 6-20
configuration guidelines 6-3
configuring
port modes 6-8
port path cost 6-9
VLAN cost 6-10
configuring link error handling 20-25
configuring manually or using PAgP 6-7
example configuration 5-16, 5-18
frame distribution 6-2
IDs 6-7
maximum number of channels supported 6-2, 6-5
modes, using LACP 6-13
overview 6-2
PAgP and 6-6
PAgP modes 6-6
port aggregation protocol 6-6
port VLAN cost 6-10
Ethernet
autonegotiation, speed 4-6
checking connectivity 4-21
configuring 4-1
default configuration 4-3
flow control keywords (table) 4-8
overview 4-1
port duplex, setting 4-6
port enable state 4-9
port name, setting 4-5
port negotiation 4-9
port speed, setting 4-6
setting port duplex 4-10
switching frames 4-2
timeout periods 4-12
Ethernet ingress port
ACLs 51-17
QoS ACLs 51-17
Ethernet OAM, configuring 20-26
EtherTypes 51-17
extended range VLANs
extended trust for CDP devices (trusted boundary feature) 55-33
F
fast aging-time 14-21
PFC2 statistics 13-30
Fast EtherChannel
Fast Ethernet
FIB 13-6
fiber-optic, detecting unidirectional links 32-1
file transfer protocols, comparison of 27-5
filtering syntax for QoS 51-46
filters
filters, NDE
Firewall Services Module, configuring VLANs for 11-37
Flash file system
checksum 26-9
files
copying 26-6
deleting 26-8
listing 26-5
restoring 26-8
setting default 26-2
formatting device 26-9
overview 26-1
setting configuration modes 26-2
Flash memory
Melody Compact Flash 3-5
storing ACLs 15-64
Flash PC cards, formatting 26-9
Flash synchronization
examples 23-15
overview 23-4
flex links, configuring 4-17
flowcharts, QoS 51-3
flow control 4-8
configuring 4-8
keywords (table) 4-8
flow masks
CEF 13-12
destination-ip 13-12
destination-ipx 13-12
full flow 13-12
source-destination-ip 13-12
source-destination-vlan 13-12
IP MLS entries 14-9
IP MLS full flow 14-6
IPX MLS 14-6
minimum 14-21
PFC2 statistics 13-31
MLS
destination 14-6
source-destination-ip 14-6
source-destination-vlan 14-6
modes 14-6
CEF 13-12
overview 14-6
flows
IP MMLS
completely and partially switched 13-9, 14-10
MLS 14-4
multicast
completely and partially switched 14-10
for DHCP relay agent 40-23, 40-24
formatting Flash devices 26-9
forwarding information base (FIB) 13-6
frame retransmission number 40-21
FTP
uploading software images 27-15
full flow flow mask 13-12, 14-6
full vlan flow mask 13-12
G
GARP Multicast Registration Protocol
GARP timers, setting 17-7, 50-24
GARP VLAN Registration Protocol
General Attribute Registration Protocol
Gigabit Ethernet
Gigabit Ethernet trunks
global configuration mode 2-9
GMRP
default configuration 50-19
disabling
globally 50-26
per-port 50-21
enabling
globally 50-20
per-port 50-20
forward-all option
disabling 50-22
enabling 50-21
hardware and software requirements 50-19
overview 50-6
registration
fixed 50-23
forbidden 50-23
normal 50-22
statistics
clearing 50-25
viewing 50-25
timers 50-24
guest VLAN 40-24
GVRP
configuration guidelines 17-2
declarations from blocking ports 17-6
default configuration 17-2
disabling
globally 17-9
on 802.1Q ports 17-8
enabling
dynamic VLAN creation 17-4
globally 17-3
on 802.1Q ports 17-3
registration
fixed 17-5
forbidden 17-6
normal 17-5
setting GARP timers 17-7
statistics
clearing 17-8
viewing 17-8
timers 17-7
H
he 54-12
high availability
configuring 23-12
downloading different image on standby supervisor engine 23-14
overview 23-9
supported features 23-10
versioning overview 23-11
with the integrated 720-Gbps switch fabric 54-2
history, switch CLI 2-7
Hot Standby Routing Protocol
HSRP
ACLs
IOS ACL configuration 23-24
reflexive and dynamic ACLs (note) 23-24
configuration examples 23-30
configuration requirements 23-22
configuring 23-28
designated MSFC 23-24
failure scenarios 23-26
hardware and software requirements 23-21, 23-50
overview 23-21
routing protocol peering 23-23
I
I-BPDU 7-17
ICMP
ping
executing 20-16
overview 20-15
testing connectivity with 4-21
time exceeded messages 20-19
traceroute and 20-19
IGMP
configuration guidelines 50-9
disabling 50-18
enabling 50-10
joining multicast group 50-4
leave processing
disabling 50-18
enabling 50-12
leaving multicast group 50-5
multicast group
clearing 50-28
multicast router ports
clearing 50-28
specifying 50-26
overview 50-2
statistics, viewing 50-17
IGMP version 3
enabling 50-12
fast-block processing 50-5
enabling 50-14
images
inaccessible authentication bypass, configuring 44-24
in-band (sc0) interface
DHCP and 3-10
RARP and 3-10
VLAN assignment 11-2
in-band (sc0 and sc1) interface
configuring 3-7
feature comparison 3-7
IP address, assigning 3-7
inferior BPDU, BackboneFast and 9-4
inline power
efficiency 55-15
interface configuration mode 2-9
interfaces
in-band (sc0) 11-2
in-band (sc0 and sc1) 3-4, 3-7
Internal Sub Tree Protocol
See ISTP 7-16
Internet Group Management Protocol
Internet Protocol