-
Catalyst 6500 Release 12.2SXF and Rebuilds Software Configuration Guide
-
Index
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch for the First Time
-
Configuring a Supervisor Engine 720
-
Configuring a Supervisor Engine 32
-
Configuring the Supervisor Engine 2 and the Switch Fabric Module
-
Configuring NSF with SSO Supervisor Engine Redundancy
-
Configuring RPR and RPR+ Supervisor Engine Redundancy
-
Configuring Interfaces
-
Configuring Layer 2 Ethernet Interfaces
-
Configuring Flex Links
-
Configuring Layer 3 and Layer 2 EtherChannel
-
Configuring VLAN Trunking Protocol (VTP)
-
Configuring VLANs
-
Configuring Private VLANs (PVLANs)
-
Configuring Cisco IP Phone Support
-
Configuring IEEE 802.1Q Tunneling
-
Configuring Layer 2 Protocol Tunneling (L2PT)
-
Configuring Standard-Compliant IEEE MST
-
Configuring STP and IEEE 802.1s MST
-
Configuring STP Features
-
Configuring Layer 3 Interfaces
-
Configuring UDE and UDLR
-
Configuring PFC3BXL and PFC3B Multiprotocol Label Switching (MPLS)
-
Configuring IPv4 Multicast VPN Support
-
Configuring IP Unicast Layer 3 Switching
-
Configuring IPv6 Multicast Layer 3 Switching
-
Configuring IPv4 Multicast Layer 3 Switching
-
Configuring IGMP Snooping
-
Configuring PIM Snooping
-
Configuring MLDv2 Snooping
-
Configuring Router-Port Group Management Protocol (RGMP)
-
Configuring Network Security
-
Understanding Cisco IOS ACL Support
-
Configuring VLAN ACLs (VACLs)
-
Configuring Denial of Service (DoS) Protection
-
Configuring DHCP Snooping
-
Configuring Dynamic ARP Inspection (DAI)
-
Configuring Traffic-Storm Control
-
Configuring Unknown Unicast Flood Blocking (UUFB)
-
Configuring PFC QoS
-
Configuring PFC3BXL or PFC3B Mode MPLS QoS
-
Configuring PFC QoS Statistics Data Export
-
Configuring the Cisco IOS Firewall Feature Set
-
Configuring Network Admission Control (NAC)
-
Configuring 802.1X Port-Based Authentication
-
Configuring Port Security
-
Configuring Cisco Discovery Protocol (CDP)
-
Configuring UniDirectional Link Detection (UDLD)
-
Configuring the NetFlow Table
-
Configuring NetFlow Data Export (NDE)
-
Configuring Local SPAN, Remote SPAN (RSPAN), and Encapsulated RSPAN
-
Configuring SNMP IfIndex Persistence
-
Power Management and Environmental Monitoring
-
Configuring Online Diagnostics
-
Configuring Web Cache Communication Protocol (WCCP)
-
Configuring Top N Utility Reports
-
Using the Layer 2 Traceroute Utility
-
Online Diagnostic Tests
-
Acronyms
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
4K VLANs (support for 4,096 VLANs) 2
802.10 SAID (default) 6
802.1Q
encapsulation 3
Layer 2 protocol tunneling
See Layer 2 protocol tunneling
trunks 2
restrictions 5
tunneling
configuration guidelines 3
configuring tunnel ports 6
overview 1
802.1Q Ethertype
specifying custom 15
802.1s
802.1w
802.1X
802.3ad
802.3x Flow Control 13
A
AAA 1
abbreviating commands 5
access control entries and lists 1
access-enable host timeout (not supported) 2
access lists
using with WCCP 10
access port, configuring 14
ACEs and ACLs 1
acronyms, list of 1
addresses
advertisements, VTP 3
aggregate policing
aging time
accelerated
for MSTP 25
maximum
for MSTP 26
aging-time
IP MLS 8
alarms
major 12
minor 12
Allow DHCP Option 82 on Untrusted Port
configuring 10
understanding 3
any transport over MPLS (AToM) 13
compatibility with previous releases of AToM 15
Ethernet over MPLS 16
ARP ACL 69
ARP spoofing 1
AToM 13
audience 30
authentication
See also port-based authentication
Authentication, Authorization, and Accounting
Authentication, Authorization, and Accounting (AAA) 1
authorized ports with 802.1X 4
auto-sync command 7
auxiliary VLAN
B
BackboneFast
backup interfaces
binding database, DHCP snooping
See DHCP snooping binding database
binding table, DHCP snooping
See DHCP snooping binding database
blocking floods 1
blocking state, STP 8
boot bootldr command 26
boot command 22
boot config command 26
boot system flash command 22
BPDU
RSTP format 13
BPDU guard
bridge groups 2
bridge ID
bridge priority, STP 30
bridge protocol data units
bridging 2
broadcast storms
C
cache engine clusters 1
cache engines 1
cache farms
cautions for passwords
encrypting 17
TACACS+ 17
CDP
configuration task lists 1
enabling on an interface 2
monitoring and maintaining 3
overview 1
cdp enable command 2
CEF 1
configuring
MSFC2 5
supervisor engine 4
examples 3
Layer 3 switching 2
packet rewrite 2
CEF for PFC2
CGMP 8
channel-group group
command example 8
checking
configuration, system 10
Cisco Cache Engines 2
Cisco Discovery Protocol
Cisco Express Forwarding 3
Cisco Group Management Protocol
Cisco IOS Unicast Reverse Path Forwarding 2
CiscoView 2
CIST 15
CIST regional root
CIST root
class command 74
class-map command 66
class map configuration 70
clear cdp counters command 3
clear cdp table command 3
clear counters command 17
clear interface command 18
clear mls ip multicast statistics command
clears IP MMLS statistics 26
CLI
accessing 1
backing out one level 5
console configuration mode 5
getting list of commands 5
global configuration mode 5
history substitution 3
interface configuration mode 5
privileged EXEC mode 5
ROM monitor 6
software basics 4
command line processing 3
commands, getting list of 5
Committed Access Rate (CAR), not supported 2
Common and Internal Spanning Tree
See also CIST 15
Common Spanning Tree
See CST 15
community ports 3
Concurrent routing and bridging (CRB) 2
CONFIG_FILE environment variable
description 25
config-register command 23
config terminal command 10
configuration
file, saving 11
register
changing settings 23
settings at startup 22
configuration example
EoMPLS VLAN mode 17
configuration register boot field
listing value 24
modification tasks 23
configure command 9
configure terminal command 23, 2
configuring 73
global parameters
procedure 3
using configuration mode 10
console configuration mode 5
control plane policing
CoPP
applying QoS service policy to control plane 29
configuring
ACLs to match traffic 29
enabling MLS QoS 29
packet classification criteria 29
service-policy map 29
control plane configuration mode
entering 29
displaying
dynamic information 30
number of conforming bytes and packets 30
rate information 30
entering control plane configuration mode 29
monitoring statistics 30
overview 27
packet classification guidelines 30
traffic classification
defining 31
guidelines 33
overview 31
sample ACLs 33
sample classes 31
copy running-config startup-config command 11
copy system
running-config nvram
startup-config command 26
CoS
counters
CST 15
common spanning tree 18
D
debug commands
IP MMLS 26
DEC spanning-tree protocol 2
default configuration
802.1X 5
dynamic ARP inspection 5
Flex Links 2
IP MMLS 7
MSTP 16
supervisor engine 1
UDLD 3
voice VLAN 4
VTP 5
default gateway, configuring 11
default NDE configuration 8
default VLAN 10
deficit weighted round robin 108
denial of service protection
description command 16
destination-ip flow mask 3
destination-source-ip flow mask 3
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 5
overview 3
packet format, suboption
circuit ID 5
remote ID 5
remote ID suboption 5
DHCP option 82 allow on untrusted port 10
DHCP snooping
binding database
See DHCP snooping binding database
configuration guidelines 6
configuring 9
default configuration 6
displaying binding tables 18
enabling 9, 10, 11, 12, 13, 14
enabling the database agent 14
message exchange process 4
option 82 data insertion 3
overview 1
Snooping database agent 5
DHCP snooping binding database
described 2
entries 2
DHCP snooping binding table
See DHCP snooping binding database
DHCP Snooping Database Agent
adding to the database (example) 18
enabling (example) 15
overview 5
reading from a TFTP file (example) 17
DHCP snooping increased bindings limit 7, 15
differentiated services codepoint
DiffServ
configuring short pipe mode 35
configuring uniform mode 40
short pipe mode 32
uniform mode 33
DiffServ tunneling modes 4
Disabling PIM Snooping Designated Router Flooding 6
distributed Cisco Express Forwarding
documentation, related 33
document organization 30
DoS protection
monitoring packet drop statistics 7
using monitor session commands 24
using VACL capture 26
Supervisor Engine 2
ARP throttling 5
configuration guidelines and restrictions 22
FIB rate limiting 4
QoS ACLs 3
recommendations 2
security ACLs 2
traffic storm control 5
Supervisor Engine 720 10
default configurations 21
egress ACL bridget packet rate limiters 8, 15
FIB glean rate limiters 17
FIB receive rate limiters 9, 17
ICMP redirect rate limiters 18
IGMP unreachable rate limiters 16
ingress ACL bridget packet rate limiters 8, 15
IP errors rate limiters 10, 19
IPv4 multicast rate limiters 10, 19
IPv6 multicast rate limiters 20
Layer 2 PDU rate limiters 10, 19
Layer 2 protocol tunneling rate limiters 10, 19
MTU failure rate limiters 18
multicast directyly connected rate limiters 20
multicast FIB miss rate limiters 19
multicast IGMP snooping rate limiters 10, 18
network under SYN attack 13
QoS ACLs 11
security ACLs 11
traffic storm control 12
TTL failure rate limiter 16
uRPF check 12
uRPF failure rate limiters 16
Supervisor Engine 720Layer 3 security features rate limiters 9, 17
understanding how it works 2
DSCP
DSCP-based queue mapping 99
duplex mode
configuring interface 7
DWRR 108
dynamic ARP inspection
ARP cache poisoning 2
ARP requests, described 1
ARP spoofing attack 2
clearing
log buffer 16
statistics 15
configuration guidelines 5
configuring
logging system messages 13
rate limit for incoming ARP packets 4, 9
default configuration 5
denial-of-service attacks, preventing 9
described 1
DHCP snooping binding database 3
displaying
ARP ACLs 15
configuration and operating state 15
log buffer 16
statistics 15
trust state and rate limit 15
error-disabled state for exceeding rate limit 4
function of 2
interface trust states 3
log buffer
clearing 16
displaying 16
logging of dropped packets, described 4
logging system messages
configuring 13
man-in-the middle attack, described 2
network security issues and interface trust states 3
priority of ARP ACLs and DHCP snooping entries 4
rate limiting of ARP packets
configuring 9
described 4
error-disabled state 4
statistics
clearing 15
displaying 15
validation checks, performing 11
Dynamic Host Configuration Protocol snooping
E
Egress ACL support for remarked DSCP 14
egress ACL support for remarked DSCP 61
egress replication performance improvement 13
Embedded CiscoView 2
enable mode 5
enable sticky secure MAC address 9
enabling
IP MMLS
on router interfaces 11
encapsulation 3
enhanced interface range command 4
environmental monitoring
LED indications 12
SNMP traps 12
supervisor engine and switching modules 12
Syslog messages 12
using CLI commands 10
environment variables
CONFIG_FILE 25
controlling 26
viewing 26
EoMPLS 14
configuring 16
configuring VLAN mode 16
guidelines and restrictions 14
port mode 16
port mode configuration guidelines 20
VLAN mode 16
erase startup-config command
configuration files cleared with 14
ERSPAN 1
EtherChannel
channel-group group
command example 8
configuration guidelines 5
configuring
Layer 2 8
configuring (tasks) 6
DFC restriction, see CSCdt27074 in the Release Notes
interface port-channel
command example 7
interface port-channel (command) 7
lacp system-priority
command example 10
Layer 2
configuring 8
load balancing
configuring 11
understanding 5
modes 2
PAgP
Understanding 3
port-channel interfaces 4
port-channel load-balance
command example 11
STP 4
switchport trunk encapsulation dot1q 5
understanding 1
EtherChannel Guard
EtherChannel Min-Links 12
Ethernet
setting port duplex 14
Ethernet over MPLS (EoMPLS) configuration
EoMPLS port mode 20
EoMPLS VLAN mode 17
examples
configuration
software configuration register21to 24
configuring global parameters 3
EXP mutation 4
extended range VLANs 2
extended system ID
MSTP 19
Extensible Authentication Protocol over LAN 1
F
fabric switching mode
fabric switching-mode allow dcef-only command on Supervisor Engine 720 2, 4
fall-back bridging 2
fastethernet 2
fiber-optic, detecting unidirectional links 1
FIB TCAM 2
filters, NDE
destination host filter, specifying 16
destination TCP/UDP port, specifying 15
protocol 16
source host and destination TCP/UDP port 15
Flash memory
configuration process 25
configuring router to boot from 25
loading system image from 24
security precautions 25
write protection 25
Flex Links 1
configuration guidelines 2
configuring 3
default configuration 2
description 1
monitoring 3
flood blocking 1
flow control 13
flow masks
IP MLS
destination-ip 3
destination-source-ip 3
interface-destination-source-ip 3
ip-full 3
ip-interface-full 3
minimum 7
overview 3
flows
IP MMLS
completely and partially switched 3
forward-delay time
MSTP 25
forward-delay time, STP 32
frame distribution
See EtherChannel load balancing
G
gateway, configuring 11
generic online diagnostics 1
global configuration mode 5
global parameters, configuring 3
GOLD 1
H
hardware Layer 3 switching
guidelines 4
hello time
MSTP 24
hello time, STP 31
High Capacity Power Supply Support 4
history
CLI 3
host ports
kinds of 3
I
I-BPDU 16
ICMP unreachable messages 1
IEEE 802.10 SAID (default) 6
IEEE 802.1Q
IEEE 802.1Q Ethertype
specifying custom 15
IEEE 802.1s
IEEE 802.1w
IEEE 802.3ad
IEEE 802.3x Flow Control 13
IEEE bridging protocol 2
IGMP
enabling 10
Internet Group Management Protocol 1
join messages 2
leave processing
enabling 12
queries 3
query interval
configuring 11
snooping
fast leave 5
joining multicast group 2
leaving multicast group 4
understanding 2
snooping querier
enabling 9
understanding 2
IGMPv3 9
IGMP v3lite 9
ignore port trust 10, 18, 57, 75
IGRP, configuring 7
Integrated routing and bridging (IRB) 2
interface
command 10
configuration mode 5
Layer 2 modes 4
number 2
parameters, configuring 8
interface-destination-source-ip flow mask 3
interface port-channel
command example 7
interface port-channel (command) 7
interfaces
configuring 2
configuring, duplex mode 7
configuring, speed 7
configururing, overview 1
descriptive name, adding 15
displaying information about 17
maintaining 16
monitoring 16
naming 15
range of 4
restarting 18
shutting down
task 18
interfaces range command 4
interfaces range macro command 5
Interior Gateway Routing Protocol
Internal Sub Tree Protocol
See ISTP 15
Internet Group Management Protocol
IP
default gateway, configuring 11
static routes 12
IP accounting, IP MMLS and 8
IP addresses
assigned by BOOTP protocol 13
set to default 14
IP CEF
topology (figure) 3
ip flow-export destination command 12
ip flow-export source command 12, 13, 3, 4
ip-full flow mask 3
ip http server 1
ip-interface-full flow mask 3
IP MLS
aging-time 8
flow masks
destination-ip 3
destination-source-ip 3
interface-destination-source-ip 3
ip-full 3
ip-interface-full 3
minimum 7
overview 3
IP MMLS
cache, overview 2
configuration guideline 8
debug commands 26
default configuration 7
enabling
on router interfaces 11
flows
completely and partially switched 3
Layer 3 MLS cache 2
overview 2
packet rewrite 3
router
enabling globally 9
enabling on interfaces 11
multicast routing table, displaying 20
PIM, enabling 10
switch
statistics, clearing 26
unsupported features 8
IP multicast
IGMP snooping and 9
MLDv2 snooping and 10
overview 1
IP multicast MLS
ip multicast-routing command
enabling IP multicast 10
IP phone
configuring 5
ip pim command
IPsec 2
IP unnumbered 1
IPv4 Multicast over Point-to-Point GRE Tunnels 5
IPv4 Multicast VPN 1
IPv6 Multicast PFC3 and DFC3 Layer 3 Switching 1
IPv6 QoS 52
ip wccp version command 8
ISL encapsulation 3
ISL trunks 2
isolated port 3
ISTP 15
J
join messages, IGMP 2
jumbo frames 10
K
keyboard shortcuts 3
L
label edge router 2
label switched path 16
LACP
system ID 4
Layer 2
configuring interfaces 6
access port 14
trunk 7
defaults 5
interface modes 4
switching
understanding 1
trunks
understanding 2
VLAN
interface assignment 12
Layer 2 Interfaces
configuring 1
Layer 2 protocol tunneling
configuring Layer 2 tunnels 2
overview 1
Layer 2 remarking 17
Layer 2 Traceroute 1
Layer 2 traceroute
and ARP 2
and CDP 1
described 1
IP addresses and subnets 2
MAC addresses and VLANs 2
multicast traffic 2
multiple devices on a port 2
unicast traffic 1
usage guidelines 1
Layer 3
IP MMLS and MLS cache 2
Layer 3 switched packet rewrite
CEF 2
Layer 3 switching
CEF 2
Layer 4 port operations (ACLs) 7
leave processing, IGMP
enabling 12
leave processing, MLDv2
enabling 13
Link Failure
detecting unidirectional 8
link negotiation 8
link redundancy
Load Balancing 7
load balancing 15
Local Egress Replication 13
logical operation unit
loop guard
LOU
description 8
determining maximum number of 8
M
MAC address
adding to BOOTP configuration file 14
MAC address-based blocking 1
MAC move (port security) 2
main-cpu command 7
mapping 802.1Q VLANs to ISL VLANs 13, 16
markdown
match protocol 52
maximum aging time
MSTP 26
maximum aging time, STP 32
maximum hop count, MSTP 26
microflow policing rule
Min-Links 12
MLD
report 4
MLD snooping
query interval
configuring 12
MLDv2 1
enabling 10
leave processing
enabling 13
queries 5
snooping
fast leave 7
joining multicast group 4
leaving multicast group 6
understanding 1
snooping querier
enabling 9
understanding 1
MLDv2 Snooping 1
MLS
configuring threshold 14
MSFC
threshold 14
mls aging command
configuring IP MLS 8
mls flow command
mls ip multicast command
enabling IP MMLS 11, 12, 14, 15, 16, 17, 22, 23
mls nde flow command
configuring a host and port filter 15
configuring a host flow filter 16
configuring a port filter 15
configuring a protocol flow filter 16
mls nde sender command 9
monitoring
Flex Links 3
private VLANs 17
MPLS 2
aggregate label 2
any transport over MPLS 13
basic configuration 8
core 3
DiffServ Tunneling Modes 31
egress 3
experimental field 3
guidelines and restrictions 7
ingress 3
IP to MPLS path 3
labels 2
Layer 2 VPN load balancing 8
MPLS to IP path 3
MPLS to MPLS path 3
nonaggregate lable 2
QoS default configuration 15
VPN 12
VPN guidelines and restrictions 11
mpls l2 transport route command 15
MPLS QoS
Classification 2
Class of Service 2
commands 16
configuring a class map 20
configuring a policy map 23
configuring egress EXP mutation 29
configuring EXP Value Maps 30
Differentiated Services Code Point 2
displaying a policy map 28
E-LSP 2
enabling QoS globally 18
EXP bits 2
features 3
IP Precedence 2
QoS Tags 2
queueing-only mode 19
MPLS QoS configuration
class map to classify MPLS packets 20
MPLS VPN
limitations and restrictions 11
MQC 1
not supported
CAR 2
queuing 2
supported
policy maps 3
MST 15
boundary ports 19
configuration 18
configuring 33
edge ports 20
enabling 34
hop count 20
instances 18
interoperability 16
interoperability with PVST+ 16
link type 20
master 20
message age 20
MSTP
boundary ports
configuration guidelines 16
described 6
CIST, described 3
CIST root 5
configuration guidelines 16
configuring
forward-delay time 25
hello time 24
link type for rapid convergence 26
maximum aging time 26
maximum hop count 26
MST region 17
neighbor type 27
path cost 22
port priority 21
root switch 19
secondary root switch 20
switch priority 23
CST
defined 3
operations between regions 4
default configuration 16
displaying status 28
enabling the mode 17
extended system ID
effects on root switch 19
effects on secondary root switch 20
unexpected behavior 19
IEEE 802.1s
implementation 7
port role naming change 7
terminology 5
interoperability with IEEE 802.1D
described