-
Catalyst 3750 Metro Switch Software Configuration Guide, 12.2(25)SEG
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Assigning the Switch IP Address and Default Gateway
-
Clustering Switches
-
Configuring Cisco IOS CNS Agents
-
Administering the Switch
-
Configuring SDM Templates
-
Configuring Switch-Based Authentication
-
Configuring 802.1X Port-Based Authentication
-
Configuring Interface Characteristics
-
Configurint Smartports Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Private VLANs
-
Configuring Voice VLAN
-
Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Flex Links
-
Configuring DHCP Features and IP Source Guard
-
Configuring Dynamic ARP Inspection
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Configuring IP Unicast Routing
-
Configuring HSRP
-
Configuring Ethernet CFM and E-LMI
-
Configuring MPLS and EoMPLS
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(25)SEG
-
Table Of Contents
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
A
abbreviating commands 2-4
ABRs 34-23
access-class command 31-19
access control entries
access-denied response, VMPS 12-29
access groups
applying ACLs to interfaces 31-20
IP 31-20
Layer 2 31-20
Layer 3 31-20
access lists
access ports
and Layer 2 protocol tunneling 16-15
defined 10-2
accounting
with RADIUS 8-28
ACEs
and QoS 32-9
defined 31-2
Ethernet 31-2
IP 31-2
ACLs
ACEs 31-2
any keyword 31-12
applying
on bridged packets 31-38
on multicast packets 31-39
on routed packets 31-38
on switched packets 31-37
time ranges to 31-16
to an interface 31-19
to QoS 32-9
classifying traffic for QoS 32-56
comments in 31-18
compiling 31-21
configuring with VLAN maps 31-36
extended IP
configuring for QoS classification 32-57
creating 31-10
matching criteria 31-7
hardware and software handling 31-21
host keyword 31-12
IP
applying to interfaces 31-19
creating 31-7
fragments and QoS guidelines 32-46
implicit deny 31-9, 31-13, 31-15
implicit masks 31-9
matching criteria 31-7
named 31-14
terminal lines, setting on 31-18
IP
undefined 31-20
violations, logging 31-15
limiting actions 31-37
logging messages 31-9
log keyword 31-15
monitoring 31-40
named 31-14
number per QoS class map 32-46
numbers 31-7
port 31-2
precedence of 31-2
resequencing entries 31-14
router 31-2
standard IP
configuring for QoS classification 32-56
creating 31-8
matching criteria 31-7
supported features 31-21
time ranges 31-16
unsupported features 31-6
using router ACLs with VLAN maps 31-36
VLAN maps
configuration guidelines 31-29
configuring 31-29
active links 20-1
active router 35-1
address aliasing 23-2
addresses
displaying the MAC address table 6-27
dynamic
accelerated aging 17-8
changing the aging time 6-21
default aging 17-8
defined 6-19
learning 6-20
removing 6-22
MAC, discovering 6-28
multicast
group address range 38-3
STP address management 17-8
static
adding and removing 6-24
defined 6-19
Address Resolution Protocol
adjacency tables, with CEF 34-83
administrative distances
defined 34-94
OSPF 34-31
routing protocol defaults 34-85
advertisements
CDP 25-1
RIP 34-18
aggregate addresses, BGP 34-57
aggregated ports
aggregate policers 32-70
aging, accelerating 17-8
aging time
accelerated
for MSTP 18-23
MAC address table 6-21
maximum
for MSTP 18-24
for STP 17-21
alarms, RMON 28-3
allowed-VLAN list 12-22
Any Transport over MPLS
area border routers
area routing
IS-IS 34-62
ISO IGRP 34-62
ARP
configuring 34-8
encapsulation 34-9
static cache configuration 34-8
ARP table
address resolution 6-28
managing 6-28
ASBRs 34-23
AS-path filters, BGP 34-52
asymmetrical links, and 802.1Q tunneling 16-4
AToM 37-12
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-29
audience xxxix
authentication
EIGRP 34-39
HSRP 35-8
Kerberos 8-32
local mode with AAA 8-36
NTP associations 6-5
RADIUS
key 8-21
login 8-23
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authentication failed VLAN
authentication keys, and routing protocols 34-94
authoritative time source, described 6-2
authorization
with RADIUS 8-27
authorized ports with IEEE 802.1x 9-4
autoconfiguration 3-3
automatic QoS
autonegotiation
interface configuration guidelines 10-13
mismatches 41-7
autonomous system boundary routers
autonomous systems, in BGP 34-45
Auto-RP, described 38-5
auxiliary VLAN
availability features 1-4
B
BackboneFast
described 19-5
enabling 19-14
backup interfaces
backup links 20-1
banners
configuring
login 6-19
message-of-the-day login 6-18
default configuration 6-17
when displayed 6-17
BGP
aggregate addresses 34-57
aggregate routes, configuring 34-57
CIDR 34-57
clear commands 34-61
community filtering 34-54
configuring neighbors 34-56
configuring routing sessions 37-9
default configuration 34-43
described 34-42
enabling 34-45
monitoring 34-61
multipath support 34-49
neighbors, types of 34-45
path selection 34-49
peers, configuring 34-56
prefix filtering 34-53
resetting sessions 34-48
route dampening 34-60
route maps 34-51
route reflectors 34-59
routing domain confederation 34-58
routing session with multi-VRF CE 34-77
show commands 34-61
supernets 34-57
Version 4 34-42
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 21-6
DHCP snooping database 21-6
IP source guard 21-15
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-6
booting
boot loader, function of 3-2
boot process 3-1
manually 3-12
specific image 3-12
boot loader
accessing 3-13
described 3-2
environment variables 3-13
prompt 3-13
trap-door mechanism 3-2
bootstrap router (BSR), described 38-5
Border Gateway Protocol
BPDU
error-disabled state 19-3
filtering 19-3
RSTP format 18-12
BPDU filtering
described 19-3
enabling 19-12
BPDU guard
described 19-3
enabling 19-11
bridged packets, ACLs on 31-38
bridge groups
bridge protocol data unit
broadcast flooding 34-15
broadcast packets
directed 34-12
flooded 34-12
broadcast storm-control command 24-4
bypass mode, Layer 2 protocol-tunneling 16-12, 16-16
C
cables, monitoring for unidirectional links 26-1
candidate switch
defined 4-3
requirements 4-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 8-44
defined 8-42
caution, described xl
CBWFQ
configuring
with DSCP-based WRED 32-105
with IP precedence-based WRED 32-109
with tail drop 32-102
described 32-32
CDP
and trusted boundary 32-52
configuring 25-2
default configuration 25-2
described 25-1
disabling for routing device 25-3, 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
Layer 2 protocol tunneling 16-12
monitoring 25-5
overview 25-1
transmission timer and holdtime, setting 25-2
updates 25-2
CEF 34-82
CFM
and OAM manager 36-9
configuration guidelines 36-4
configuring crosscheck 36-7
configuring service 36-6
configuring the network 36-5
crosscheck 36-4
default configuration 36-4
defined 36-1
maintenance domain 36-2
maintenance point 36-3
monitoring 36-8
SNMP traps 36-4
types of messages 36-3
CGMP
as IGMP snooping learning method 23-8
clearing cached group entries 38-50
enabling server support 38-33
joining multicast group 23-3
overview 38-8
server support only 38-8
CIDR 34-57
CipherSuites 8-43
Cisco 7960 IP Phone 15-1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System 1-3
CIST regional root
CIST root
class-based weighted fair queueing
classless interdomain routing
classless routing 34-6
class maps for QoS
configuring
hierarchical 32-93
ingress 32-59
class of service
clearing interfaces 10-22
CLI
abbreviating commands 2-4
command modes 2-1
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-8
error messages 2-5
filtering command output 2-9
getting help 2-3
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 4-3
no and default forms of commands 2-4
client mode, VTP 13-3
CLNS
clock
clusters, switch
described 4-1
managing
through CLI 4-3
through SNMP 4-4
planning considerations
CLI 4-3
SNMP 4-4
See also Getting Started with Cisco Network Assistant
cluster standby group requirements 4-2
CNS
Configuration Engine
configID, deviceID, hostname 513
configuration service 512
described 511
event service 513
embedded agents
described 515
enabling automated configuration 516
enabling configuration agent 519
enabling event agent 518
for upgrading 5112
command-line interface
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
setting privilege levels 8-8
command switch
defined 4-2
password privilege levels 4-4
requirements 4-2
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 34-54
community ports 14-2
community strings
configuring 30-7
overview 30-4
config.text 3-11
configuration, initial
See hardware installation guide
configuration examples
ACLs and VLAN maps 31-31
IP ACLs 31-21
multi-VRF-CE 34-77
network 1-13
SNMP 30-14
VLAN maps 31-33
VMPS 12-30
configuration files
clearing the startup configuration B-18
creating using a text editor B-9
default name 3-11
deleting a stored configuration B-19
described B-8
downloading
automatically 3-11
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-11
guidelines for creating and using B-8
invalid combinations when copying B-5
limiting TFTP server access 30-14
obtaining with DHCP 3-7
password recovery disable considerations 8-5
specifying the filename 3-11
system contact and location information 30-13
types and location B-9
uploading
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
configuration guidelines
applying ACLs 31-19
applying MAC ACLs 31-28
auto-QoS 32-38
Auto-RP and BSR 38-10
CFM 36-4
EtherChannel 33-9
fallback bridging 40-3
hierarchical QoS 32-91
HSRP
authentication and timers 35-8
interfaces 35-4
priority 35-6
IEEE 802.1Q trunks 12-19
interface speed and duplex mode 10-13
IP multicast routing 38-9
multi-VRF CE 34-75
named ACLs 31-14
OAM manager 36-10
port-based authentication 9-12
port security 24-10
protected ports 24-5
router ACLs and VLAN maps 31-36
RSPAN 27-16
SDM templates 7-3
SNMP 30-6
SPAN 27-10
standard QoS 32-46
UDLD 26-4
VLAN maps 31-29
VLANs
extended-range 12-13
normal-range 12-6
VMPS 12-30
voice VLAN 15-3
VTP 13-8
configuration settings, saving 3-10
configure terminal command 10-7
congestion-avoidance mechanisms
congestion management for QoS 32-31
connectionless service, and VPNs 37-3
connections, secure remote 8-37
Connectivity Fault Management
connectivity problems 41-8, 41-10, 41-11
consistency checks in VTP version 2 13-4
console port, connecting to 2-10
conventions
command xl
for examples xl
publication xl
text xl
corrupted software, recovery steps with XMODEM 41-2
CoS
configuring the default port value 32-51
in Layer 2 frames 32-2
override priority 15-5
trust priority 15-5
CoS input queue threshold map for QoS 32-19
CoS output queue threshold map for QoS 32-22
CoS-to-DSCP map for QoS 32-72
counters, clearing interface 10-22
crashinfo file 41-17
cryptographic software image
Kerberos 8-32
SSH 8-37
SSL 8-41
customer edge devices
and Multi-VFR CE 34-72
D
daylight saving time 6-13
debugging
enabling all system diagnostics 41-14
enabling for a specific feature 41-13
redirecting error message output 41-14
using commands 41-13
default commands 2-4
default configuration
auto-QoS 32-34
banners 6-17
BGP 34-43
booting 3-11
CDP 25-2
CFM 36-4
DHCP 21-8
DHCP option 82 21-8
DHCP snooping 21-8
DHCP snooping binding database 21-8
DNS 6-16
dynamic ARP inspection 22-5
EIGRP 34-36
E-LMI and OAM 36-10
EoMPLS 37-15
EtherChannel 33-9
fallback bridging 40-3
Flex Links 20-4
hierarchical QoS 32-91
HSRP 35-4
IEEE 802.1Q tunneling 16-4
IEEE 802.1x 9-11
IGMP 38-27
IGMP filtering 23-21
IGMP snooping 23-6
IGMP throttling 23-22
initial switch information 3-3
IP addressing, IP routing 34-4
IP multicast routing 38-8
IP source guard 21-16
IS-IS 34-63
Layer 2 interfaces 10-11
Layer 2 protocol tunneling 16-15
MAC address table 6-21
MAC address-table move update 20-4
MPLS 37-6
MPLS QoS 37-20
MSDP 39-4
MSTP 18-15
multi-VRF CE 34-74
MVR 23-16
NTP 6-4
optional spanning-tree features 19-9
OSPF 34-24
password and privilege level 8-2
private VLANs 14-6
RADIUS 8-20
RIP 34-18
RMON 28-3
RSPAN 27-9
SNMP 30-6
SPAN 27-9
SSL 8-44
standard QoS 32-44
STP 17-11
system message logging 29-3
system name and prompt 6-15
TACACS+ 8-13
UDLD 26-4
VLAN, Layer 2 Ethernet interfaces 12-20
VLAN mapping 16-8
VLANs 12-8
VMPS 12-30
voice VLAN 15-3
VTP 13-6
default networks 34-85
default routes 34-85
default routing 34-2
deleting VLANs 12-11
denial-of-service attack 24-1
description command 10-17
designing your network, examples 1-13
destination addresses, in ACLs 31-11
destination-IP address based forwarding, EtherChannel 33-7
destination-MAC address forwarding, EtherChannel 33-7
detecting indirect link failures, STP 19-5
device discovery protocol 25-1
DHCP
Cisco IOS server database
configuring 21-13
default configuration 21-8
described 21-6
enabling
relay agent 21-10
server 21-10
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
server-side 21-10
TFTP server 3-5
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-3
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 21-5
configuration guidelines 21-9
default configuration 21-8
displaying 21-15
forwarding address, specifying 21-10
helper address 21-10
overview 21-3
packet format, suboption
circuit ID 21-5
remote ID 21-5
remote ID suboption 21-5
support for 1-3
DHCP snooping
accepting untrusted packets from edge switch 21-3, 21-12
and private VLANs 21-13
binding database
See DHCP snooping binding database
configuration guidelines 21-9
default configuration 21-8
displaying binding tables 21-15
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-14
binding file
format 21-7
location 21-6
bindings 21-6
clearing agent statistics 21-14
configuration guidelines 21-9
configuring 21-14
default configuration 21-8
deleting
binding file 21-14
bindings 21-14
database agent 21-14
described 21-6
displaying 21-15
status and statistics 21-15
enabling 21-14
entry 21-6
renewing database 21-14
resetting
delay value 21-14
timeout value 21-14
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 32-2
Differentiated Services Code Point
Diffusing Update Algorithm (DUAL) 34-35
directories
changing B-3
creating and removing B-4
displaying the working B-3
Distance Vector Multicast Routing Protocol
distance-vector protocols 34-2
distribute-list command 34-93
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-16
displaying the configuration 6-17
overview 6-15
setting up 6-16
documentation, related xl
document conventions xl
domain names
DNS 6-15
VTP 13-8
Domain Name System
domains, ISO IGRP routing 34-62
dot1q-tunnel switchport mode 12-18
double-tagged packets
802.1Q tunneling 16-3
Layer 2 protocol tunneling 16-14
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-11
image files
deleting old image B-23
reasons for B-19
using FTP B-25
using HTTP B-19
using RCP B-29
using TFTP B-22
drop threshold for Layer 2 protocol packets 16-15
DSCP 32-3
DSCP input queue threshold map for QoS 32-19
DSCP output queue threshold map for QoS 32-22
DSCP-to-CoS map for QoS 32-75
DSCP-to-DSCP-mutation map for QoS 32-76
DSCP transparency 32-53
DTP 12-17
DUAL finite state machine, EIGRP 34-35
dual-level policy maps
configuring 32-64
described 32-14
duplex mode, configuring 10-13
DVMRP
autosummarization
configuring a summary address 38-47
disabling 38-49
connecting PIM domain to DVMRP router 38-39
enabling unicast routing 38-43
interoperability
with Cisco devices 38-37
with IOS software 38-7
mrinfo requests, responding to 38-42
neighbors
advertising the default route to 38-41
discovery with Probe messages 38-37
displaying information 38-42
prevent peering with nonpruning 38-45
rejecting nonpruning 38-44
overview 38-7
routes
adding a metric offset 38-49
advertising all 38-49
advertising the default route to neighbors 38-41
caching DVMRP routes learned in report messages 38-43
changing the threshold for syslog messages 38-46
deleting 38-50
displaying 38-51
favoring one over another 38-49
limiting the number injected into MBONE 38-46
limiting unicast route advertisements 38-37
routing table 38-8
source distribution tree, building 38-8
tunnels
configuring 38-39
displaying neighbor information 38-42
dynamic access ports
characteristics 12-4
configuring 12-31
defined 10-3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
clearing
log buffer 22-15
statistics 22-15
configuration guidelines 22-6
configuring
ACLs for non-DHCP environments 22-8
in DHCP environments 22-7
log buffer 22-13
rate limit for incoming ARP packets 22-4, 22-10
default configuration 22-5
denial-of-service attacks, preventing 22-10
described 22-1
DHCP snooping binding database 22-2
displaying
ARP ACLs 22-14
configuration and operating state 22-14
log buffer 22-15
statistics 22-15
trust state and rate limit 22-14
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
log buffer
clearing 22-15
configuring 22-13
displaying 22-15
logging of dropped packets, described 22-4
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
rate limiting of ARP packets
configuring 22-10
described 22-4
error-disabled state 22-4
statistics
clearing 22-15
displaying 22-15
validation checks, performing 22-12
dynamic auto trunking mode 12-18
dynamic desirable trunking mode 12-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-29
reconfirming 12-32
troubleshooting 12-34
types of connections 12-31
dynamic routing
ISO CLNS 34-62
protocols 34-2
Dynamic Trunking Protocol
E
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-8
EIGRP
and IGRP 34-37
authentication 34-39
components 34-35
configuring 34-38
default configuration 34-36
definition 34-35
interface parameters, configuring 34-38
monitoring 34-40
E-LMI
and OAM Manager 36-9
default configuration 36-10
defined 36-8
enabling 36-12
information 36-8
monitoring 36-13
enable password 8-3
enable secret password 8-3
encryption, CipherSuite 8-43
encryption for passwords 8-3
Enhanced IGRP
enhanced-services interfaces
environment variables, function of 3-14
EoMPLS
and 802.1Q tunneling 37-13
and Layer 2 protocol tunneling 37-14
and QoS 37-14
configuring 37-16
default configuration 37-15
limitations 37-14
monitoring 37-22
packet flow 37-17
QoS 37-18
equal-cost routing 34-84
error messages during command entry 2-5
ES interfaces 10-3, 10-7, 37-1
EtherChannel
802.3ad, described 33-5
automatic creation of 33-4, 33-5
channel groups
binding physical and logical interfaces 33-3
numbering of 33-3
configuration guidelines 33-9
configuring
Layer 3 physical interfaces 33-14
Layer 3 port-channel logical interfaces 33-13
configuring Layer 2 interfaces 33-10
default configuration 33-9
described 33-2
displaying status 33-20
forwarding methods 33-6, 33-16
interaction
with STP 33-9
with VLANs 33-10
LACP
described 33-5
displaying status 33-20
hot-standby ports 33-18
interaction with other features 33-6
modes 33-5
port priority 33-19
system priority 33-19
Layer 3 interface 34-3
logical interfaces, described 33-3
number of interfaces per 33-2
PAgP
aggregate-port learners 33-17
compatibility with Catalyst 1900 33-17
described 33-4
displaying status 33-20
interaction with other features 33-5
learn method and priority configuration 33-17
modes 33-4
silent mode 33-5
port-channel interfaces
described 33-3
numbering of 33-3
port groups 10-5
EtherChannel guard
described 19-7
disabling 19-14
enabling 19-14
Ethernet infrastructure 36-1
Ethernet Link Management Interface
Ethernet OAM manager 36-1
Ethernet operation, administration, and maintenance
Ethernet over MPLS
Ethernet virtual connections
Ethernet VLANs
creating 12-9
defaults and ranges 12-8
modifying 12-9
EVCs
configuring 36-10
in CFM domains 36-8
events, RMON 28-3
examples
conventions for xl
network configuration 1-13
experimental bits, setting MPLS priority with 37-20
extended-range VLANs
configuration guidelines 12-13
configuring 12-12
defined 12-1
extended system ID
MSTP 18-17
Extensible Authentication Protocol over LAN 9-1
external BGP
external neighbors, BGP 34-45
F
fallback bridging
and protected ports 40-3
bridge groups
creating 40-3
described 40-1
displaying 40-10
function of 40-2
number supported 40-4
removing 40-4
bridge table
clearing 40-10
displaying 40-10
configuration guidelines 40-3
connecting interfaces with 10-7
default configuration 40-3
described 40-1
frame forwarding
flooding packets 40-2
forwarding packets 40-2
overview 40-1
protocol, unsupported 40-3
STP
disabling on an interface 40-10
forward-delay interval 40-9
hello BPDU interval 40-8
interface priority 40-6
keepalive messages 17-2
maximum-idle interval 40-9
path cost 40-7
VLAN-bridge spanning-tree priority 40-5
VLAN-bridge STP 40-2
SVIs and routed ports 40-1
unsupported protocols 40-3
features
availability 1-4
Layer 2 VPN services 1-5
Layer 3 1-9
Layer 3 VPN services 1-6
manageability 1-3
management options 1-2
monitoring 1-9
performance 1-2
QoS 1-7
security 1-6
VLAN 1-5
FIB 34-82
fiber-optic, detecting unidirectional links 26-1
files
copying B-4
crashinfo
description 41-17
displaying the contents of 41-17
location 41-17
deleting B-5
displaying the contents of B-7
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-20
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 31-29
non-IP traffic 31-26
show and more command output 2-9
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 20-4
configuring 20-5
default configuration 20-4
description 20-1
monitoring 20-8
flooded traffic, blocking 24-7
flowcharts
QoS egress queue-set queueing and scheduling 32-20
QoS hierarchical queues queueing and scheduling 32-30
QoS hierarchical two-rate policing and marking 32-28
QoS ingress, single-rate policing and marking 32-13
QoS ingress classification 32-8
QoS ingress queueing and scheduling 32-18
flow control 10-14
forward-delay time
MSTP 18-23
STP 17-21
forwarding equivalence classes 37-2
Forwarding Information Base
forwarding non-routable protocols 40-1
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-12
uploading B-14
image files
deleting old image B-27
downloading B-25
preparing the server B-24
uploading B-27
G
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-4
get-request operation 30-3, 30-4
get-response operation 30-3
global configuration mode 2-2
guest VLAN and IEEE 802.1x 9-8
guide
audience xxxix
purpose of xxxix
H
hardware limitations and Layer 3 interfaces 10-18
hello time
MSTP 18-22
STP 17-20
help, for the command line 2-3
hierarchical policy maps on SVIs 32-10
configuring 32-64
described 32-14
hierarchical QoS
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 29-9
host ports
configuring 14-11
kinds of 14-2
hosts, limit on dynamic ports 12-34
Hot Standby Router Protocol
HP OpenView 1-3
HSRP
authentication string 35-8
configuring 35-3
default configuration 35-4
definition 35-1
enabling 35-5
guidelines 35-4
monitoring 35-10
overview 35-1
priority 35-6
timers 35-8
tracking 35-6
HTTP over SSL
HTTPS 8-41
configuring 8-45
self-signed certificate 8-42
HTTP secure server 8-41
I
ICMP
redirect messages 34-10
time exceeded messages 41-12
traceroute and 41-12
unreachable messages 31-19
unreachables and ACLs 31-21
ICMP ping
executing 41-9
overview 41-8
ICMP Router Discovery Protocol
IDS appliances
and ingress RSPAN 27-20
and ingress SPAN 27-13
IEEE 802.1ag 36-1
IEEE 802.1D
IEEE 802.1p 15-1
IEEE 802.1Q
and trunk ports 10-3
configuration limitations 12-19
encapsulation 12-17
native VLAN for untagged traffic 12-24
tunneling
compatibility with other features 16-6
defaults 16-4
described 16-2
tunnel ports with other features 16-6
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.1x accounting 9-23
IEEE 802.3ad
IEEE 802.3x flow control 10-14
IGMP
configuring the switch
as a member of a group 38-27
statically connected member 38-32
controlling access to groups 38-28
default configuration 38-27
deleting cache entries 38-51
displaying groups 38-51
fast switching 38-32
host-query interval, modifying 38-30
joining multicast group 23-3
join messages 23-3
leave processing, enabling 23-10
leaving multicast group 23-5
multicast reachability 38-27
overview 38-3
queries 23-4
report suppression
described 23-5
disabling 23-12
Version 1
changing to Version 2 38-29
described 38-3
Version 2
changing to Version 1 38-29
described 38-3
maximum query response time value 38-31
pruning groups 38-31
query timeout value 38-31
IGMP filtering
configuring 23-22
default configuration 23-21
described 23-21
monitoring 23-26
IGMP groups
configuring filtering 23-24
setting the maximum number 23-24
IGMP profile
applying 23-23
configuration mode 23-22
configuring 23-22
IGMP snooping
and address aliasing 23-2
configuring 23-6
default configuration 23-6
definition 23-2
enabling and disabling 23-7
global configuration 23-7
Immediate Leave 23-5
method 23-7
monitoring 23-12
querier
configuration guidelines 23-10
configuring 23-10
VLAN configuration 23-7
IGMP throttling
configuring 23-24
default configuration 23-22
described 23-21
displaying action 23-26
IGP 34-23
IGRP
split horizon 34-22
Immediate Leave, IGMP 23-5
initial configuration
defaults 1-10
See also hardware installation guide
interface
number 10-7
range macros 10-10
interface command 10-7
interface configuration mode 2-3
interfaces
configuration guidelines 10-13
configuring 10-7
configuring duplex mode 10-13
configuring speed 10-13
counters, clearing 10-22
described 10-17
descriptive name, adding 10-17
displaying information about 10-21
flow control 10-14
management 1-2
monitoring 10-21
naming 10-17
physical, identifying 10-7
range of 10-8
restarting 10-22
shutting down 10-22
supported 10-7
types of 10-1
interfaces range macro command 10-10
interface types 10-7
Interior Gateway Protocol
Interior Gateway Routing Protocol
Intermediate-System-to-Intermediate-System protocol
internal BGP
internal neighbors, BGP 34-45
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link
inter-VLAN routing 34-2
Intrusion Detection System
ip access group command 31-20
IP ACLs
extended, creating 31-10
for QoS classification 32-9
implicit deny 31-9, 31-13, 31-15
implicit masks 31-9
logging 31-15
named 31-14
standard, creating 31-8
undefined 31-20
virtual terminal lines, setting on 31-18
IP addresses
candidate or member 4-3
classes of 34-5
command switch 4-2
default configuration 34-4
discovering 6-28
for IP routing 34-4
MAC address association 34-7
monitoring 34-16
IP broadcast address 34-15
IP directed broadcasts 34-13
ip igmp profile command 23-22
IP information
assigned
manually 3-9
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing
addresses
all-hosts 38-3
all-multicast-routers 38-3
host group address range 38-3
administratively-scoped boundaries, described 38-35
and IGMP snooping 23-2
Auto-RP
adding to an existing sparse-mode cloud 38-14
benefits of 38-14
clearing the cache 38-51
configuration guidelines 38-10
filtering incoming RP announcement messages 38-17
overview 38-5
preventing candidate RP spoofing 38-17
preventing join messages to false RPs 38-16
setting up in a new internetwork 38-14
using with BSR 38-22
bootstrap router
configuration guidelines 38-10
configuring candidate BSRs 38-20
configuring candidate RPs 38-21
defining the IP multicast boundary 38-19
defining the PIM domain border 38-18
overview 38-5
using with Auto-RP 38-22
Cisco implementation 38-2
configuring
basic multicast routing 38-10
IP multicast boundary 38-35
default configuration 38-8
enabling
multicast forwarding 38-11
PIM mode 38-11
group-to-RP mappings
Auto-RP 38-5
BSR 38-5
MBONE
deleting sdr cache entries 38-51
described 38-34
displaying sdr cache 38-52
enabling sdr listener support 38-34
limiting DVMRP routes advertised 38-46
limiting sdr cache entry lifetime 38-35
SAP packets for conference session announcement 38-34
Session Directory (sdr) tool, described 38-34
monitoring
packet rate loss 38-52
peering devices 38-52
tracing a path 38-52
multicast forwarding, described 38-6
PIMv1 and PIMv2 interoperability 38-9
protocol interaction 38-2
reverse path check (RPF) 38-6
routing table
deleting 38-51
displaying 38-51
RP
assigning manually 38-12
configuring Auto-RP 38-14
configuring PIMv2 BSR 38-18
monitoring mapping information 38-23
using Auto-RP and BSR 38-22
statistics, displaying system and network 38-51
IP phones
and QoS 15-1
automatic classification and queueing 32-33
configuring 15-4
ensuring port security with QoS 32-52
trusted boundary for QoS 32-52
IP precedence 32-3
IP-precedence-to-DSCP map for QoS 32-73
IP protocols in ACLs 31-11
IP routes, monitoring 34-96
IP routing
connecting interfaces with 10-6
enabling 34-17
IP source guard
and DHCP snooping 21-15
and EtherChannels 21-17
and IEEE 802.1x 21-17
and port security 21-17
and private VLANs 21-17
and routed ports 21-16
and TCAM entries 21-17
and trunk interfaces 21-16
and VRF 21-17
binding configuration
automatic 21-15
manual 21-15
binding table 21-15
configuration guidelines 21-16
default configuration 21-16
described 21-15
disabling 21-17
displaying
bindings 21-18
configuration 21-18
enabling 21-17
filtering
source IP address 21-15
source IP and MAC address 21-16
source IP address filtering 21-15
source IP and MAC address filtering 21-16
static bindings
adding 21-17
deleting 21-18
IP traceroute
executing 41-12
overview 41-11
IP unicast routing
address resolution 34-7
administrative distances 34-85, 34-94
ARP 34-8
assigning IP addresses to Layer 3 interfaces 34-5
authentication keys 34-94
broadcast
address 34-15
flooding 34-15
packets 34-12
storms 34-12
classless routing 34-6
configuring static routes 34-84
default
addressing configuration 34-4
gateways 34-10
networks 34-85
routes 34-85
routing 34-2
directed broadcasts 34-13
dynamic routing protocols 34-2
enabling 34-17
EtherChannel Layer 3 interface 34-3
IGP 34-23
inter-VLAN 34-2
IP addressing
classes 34-5
configuring 34-4
IRDP 34-11
Layer 3 interfaces 34-3
MAC address and IP address 34-7
passive interfaces 34-92
protocols
distance-vector 34-2
dynamic 34-2
link-state 34-2
proxy ARP 34-8
redistribution 34-86
reverse address resolution 34-7
routed ports 34-3
static routing 34-2
steps to configure 34-3
subnet mask 34-5
subnet zero 34-6
supernet 34-6
UDP 34-14
with SVIs 34-3
IRDP
configuring 34-11
definition 34-11
IS-IS
addresses 34-62
area routing 34-62
default configuration 34-63
monitoring 34-71
show commands 34-71
system routing 34-62
ISL and trunk ports 10-3
ISO CLNS
clear commands 34-71
dynamic routing protocols 34-62
monitoring 34-71
NETs 34-62
NSAPs 34-62
OSI standard 34-62
ISO IGRP
area routing 34-62
system routing 34-62
isolated port 14-2
J
join messages, IGMP 23-3
K
keepalive messages 17-2
Kerberos
authenticating to
boundary switch 8-34
KDC 8-34
network services 8-35
configuration examples 8-32
configuring 8-35
credentials 8-32
cryptographic software image 8-32
described 8-32
KDC 8-32
operation 8-34
realm 8-33
server 8-33
switch as trusted third party 8-32
terms 8-33
TGT 8-34
tickets 8-32
key distribution center
L
l2protocol-tunnel command 16-17
label binding 37-2
label distribution protocol
labels, MPLS 37-2
label switching router
LACP
Layer 2 protocol tunneling 16-13
Layer 2 frames, classification with CoS 32-2
Layer 2 interfaces, default configuration 10-11
Layer 2 protocol tunneling
configuring 16-14
configuring for EtherChannels 16-18
default configuration 16-15
defined 16-12
guidelines 16-15
Layer 2 traceroute
and ARP 41-11
and CDP 41-10
described 41-10
IP addresses and subnets 41-11
MAC addresses and VLANs 41-10
multicast traffic 41-10
multiple devices on a port 41-11
unicast traffic 41-10
usage guidelines 41-10
Layer 2 trunks 12-17
Layer 3 features 1-9
Layer 3 interfaces
assigning IP addresses to 34-5
changing from Layer 2 mode 34-5
types of 34-3
Layer 3 packets, classification methods 32-3
LDAP 512
LDP 37-6
leave processing, IGMP 23-10
lightweight directory access protocol
line configuration mode 2-3
Link Aggregation Control Protocol
Link Failure
detecting unidirectional 18-7
link redundancy
links, unidirectional 26-1
link state advertisements (LSAs) 34-30
link-state protocols 34-2
link-state tracking
configuring 33-22
described 33-21
LLQ
described 32-33
enabling 32-113
interaction with the egress priority queue 32-113
logging messages, ACL 31-9
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-17
log messages
Long-Reach Ethernet (LRE) technology 1-13
loop guard
described 19-9
enabling 19-15
low-latency queueing
LSR 37-2
M
MAC addresses
aging time 6-21
and VLAN association 6-20
building the address table 6-20
default configuration 6-21
disabling learning on a VLAN 6-27
discovering 6-28
displaying 6-27
displaying in the IP source binding table 21-18
dynamic
learning 6-20
removing 6-22
in ACLs 31-26
IP address association 34-7
static
adding 6-25
characteristics of 6-24
dropping 6-26
removing 6-25
MAC address learning, disabling on a VLAN 6-27
MAC address-table move update
configuration guidelines 20-4
configuring 20-6
default configuration 20-4
description 20-2
monitoring 20-8
MAC address-to-VLAN mapping 12-29
MAC extended access lists
applying to Layer 2 interfaces 31-28
configuring for QoS 32-58
creating 31-26
defined 31-26
for QoS classification 32-7
macros
Maintenance end points
Maintenance intermediate points
manageability features 1-3
management options
CLI 2-1
SNMP 30-1
mapping tables for QoS
configuring
CoS-to-DSCP 32-72
DSCP 32-72
DSCP-to-CoS 32-75
DSCP-to-DSCP-mutation 32-76
IP-precedence-to-DSCP 32-73
policed-DSCP 32-74
described 32-15
marking
action in
hierarchical policy map 32-97, 32-100
ingress policy map 32-61, 32-70
described
matching, ACLs 31-7
maximum aging time
MSTP 18-24
STP 17-21
maximum hop count, MSTP 18-24
maximum-paths command 34-49, 34-84
membership mode, VLAN port 12-3
member switch
defined 4-2
managing 4-3
requirements 4-3
See also candidate switch, cluster standby group, and standby command switch
MEPs
and STP 36-3
defined 36-3
messages
logging ACL violations 31-15
to users through banners 6-17
metrics, in BGP 34-49
metric translations, between routing protocols 34-89
metro tags 16-2
MIBs
accessing files with FTP A-3
location of files A-3
overview 30-1
SNMP interaction with 30-4
supported A-1
MIPs
and STP 36-3
defined 36-3
mirroring traffic for analysis 27-1
mismatches, autonegotiation 41-7
module number 10-7
monitoring
802.1Q tunneling 16-22
access groups 31-40
ACL configuration 31-40
BGP 34-61
cables for unidirectional links 26-1
CDP 25-5
CEF 34-83
EIGRP 34-40
E-LMI 36-13
EoMPLS 37-22
Ethernet CFM 36-8
fallback bridging 40-10
features 1-9
Flex Links 20-8
HSRP 35-10
IGMP
filters 23-26
snooping 23-12
interfaces 10-21
IP
address tables 34-16
multicast routing 38-50
routes 34-96
IS-IS 34-71
ISO CLNS 34-71
Layer 2 protocol tunneling 16-22
MAC address-table move update 20-8
MPLS 37-22
MSDP peers 39-19
multicast router interfaces 23-13
multi-VRF CE 34-82
MVR 23-20
network traffic for analysis with probe 27-2
OAM manager 36-13
OSPF 34-34
port
blocking 24-15
protection 24-15
private VLANs 14-15
RP mapping information 38-23
SFPs
SFPs status 1-10
source-active messages 39-19
speed and duplex mode 10-14
traffic flowing among switches 28-1
traffic suppression 24-15
tunneling 16-22
VLAN
filters 31-40
maps 31-40
VLANs 12-16
VMPS 12-33
VTP 13-16
MP-BGP 37-12
MPLS
configuring 37-7
default configuration 37-6
experimental field 37-19
label 37-2
monitoring 37-22
QoS
configuring 37-20
default configuration 37-20
experimental bits 37-19
uses 37-18
VPN
labels 37-3
packet flow 37-11
MSDP
benefits of 39-3
clearing MSDP connections and statistics 39-19
controlling source information
forwarded by switch 39-12
originated by switch 39-8
received by switch 39-14
default configuration 39-4
dense-mode regions
sending SA messages to 39-17
specifying the originating address 39-18
filtering
incoming SA messages 39-14
SA messages to a peer 39-12
SA requests from a peer 39-11
join latency, defined 39-6
meshed groups
configuring 39-16
defined 39-16
originating address, changing 39-18
overview 39-1
peer-RPF flooding 39-2
peers
configuring a default 39-4
monitoring 39-19
peering relationship, overview 39-1
requesting source information from 39-8
shutting down 39-16
source-active messages
caching 39-6
clearing cache entries 39-19
defined 39-2
filtering from a peer 39-11
filtering incoming 39-14
filtering to a peer 39-12
limiting data with TTL 39-14
monitoring 39-19
restricting advertised sources 39-9
MSTP
boundary ports
configuration guidelines 18-15
described 18-6
BPDU filtering
described 19-3
enabling 19-12
BPDU guard
described 19-3
enabling 19-11
CIST, described 18-3
CIST root 18-5
configuration guidelines 18-15, 19-10
configuring
forward-delay time 18-23
hello time 18-22
link type for rapid convergence 18-25
maximum aging time 18-24
maximum hop count 18-24
MST region 18-16
neighbor type 18-25
path cost 18-21
port priority 18-20
root switch 18-17
secondary root switch 18-19
switch priority 18-22
CST
defined 18-3
operations between regions 18-4
default configuration 18-15
default optional feature configuration 19-9
displaying status 18-26
enabling the mode 18-16
EtherChannel guard
described 19-7
enabling 19-14
extended system ID
effects on root switch 18-17
effects on secondary root switch 18-19
unexpected behavior 18-18
IEEE 802.1s
implementation 18-6
port role naming change 18-6
instances supported 17-10
interface state, blocking to forwarding 19-2
interoperability and compatibility among modes 17-10
interoperability with 802.1D
described 18-8
restarting migration process 18-26
IST
defined 18-2
master 18-3
operations within a region 18-3
loop guard
described 19-9
enabling 19-15
mapping VLANs to MST instance 18-16
MST region
CIST 18-3
configuring 18-16
described 18-2
hop-count mechanism 18-5
IST 18-2
supported spanning-tree instances 18-2
overview 18-2
Port Fast
described 19-2
enabling 19-10
preventing root switch selection 19-8
root guard
described 19-8
enabling 19-15
root switch
configuring 18-18
effects of extended system ID 18-17
unexpected behavior 18-18
shutdown Port Fast-enabled port 19-3
stack changes, effects of 18-8
status, displaying 18-26
multicast groups
Immediate Leave 23-5
joining 23-3
leaving 23-5
static joins 23-9
multicast packets
ACLs on 31-39
blocking 24-7
multicast router interfaces, monitoring 23-13
multicast router ports, adding 23-8
Multicast Source Discovery Protocol
multicast storm-control command 24-4
multicast storms 24-1
Multicast VLAN Registration
Multiple Spanning Tree Protocol
multiple VPN routing/forwarding, customer edge devices
multiple VPN routing/forwarding in customer edge devices
multiprotocol label switching
multi-VRF CE
configuration example 34-77
configuration guidelines 34-75
configuring 34-74
default configuration 34-74
defined 34-72
displaying 34-82
monitoring 34-82
network components 34-74
packet-forwarding process 34-74
support for 1-9
MVR
and address aliasing 23-17
configuring interfaces 23-18
default configuration 23-16
described 23-14
modes 23-17
monitoring 23-20
setting global parameters 23-17
N
named IP ACLs 31-14
NameSpace Mapper
native VLAN
and 802.1Q tunneling 16-4
configuring 12-24
default 12-24
neighbor discovery/recovery, EIGRP 34-35
neighbors, BGP 34-56
network management
CDP 25-1
RMON 28-1
SNMP 30-1
Network Time Protocol
no commands 2-4
nonhierarchical policy maps 32-11
non-IP traffic filtering 31-26
Nonstop Forwarding Awareness
nontrunking mode 12-18
normal-range VLANs
configuration modes 12-7
defined 12-1
no switchport command 10-4
note, described xl
not-so-stubby areas
NSAPs, as ISO IGRP addresses 34-62
NSF Awareness
BGP 34-45
EIGRP 34-37
IS-IS 34-64
OSPF 34-25
NSM 513
NSSA, OSPF 34-30
NTP
and ACL time ranges 31-16
associations
authenticating 6-5
defined 6-2
enabling broadcast messages 6-7
peer 6-6
server 6-6
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-9
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
synchronizing devices 6-6
time
services 6-2
synchronizing 6-2
NTP access group keywords, scanning order 6-9
O
OAM manager
and E-LMI 36-9
configuration guidelines 36-10
configuring 36-10
monitoring 36-13
purpose of 36-8
with CFM 36-9
Open Shortest Path First
optimizing system resources 7-1
options, management 1-2
OSPF
area parameters, configuring 34-30
configuring 34-26
default configuration
metrics 34-31
route 34-31
settings 34-24
described 34-23
interface parameters, configuring 34-26
LSA group pacing 34-33
monitoring 34-34
network types, configuring 34-29
router IDs 34-33
route summarization 34-31
virtual links 34-31
P
packet modification, with QoS 32-47
PAgP
Layer 2 protocol tunneling 16-13
parallel paths, in routing tables 34-84
passive interfaces
configuring 34-92
OSPF 34-31
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-3
overview 8-1
recovery of 41-3
setting
enable 8-3
enable secret 8-3
Telnet 8-6
with usernames 8-6
VTP domain 13-8
path cost
MSTP 18-21
STP 17-18
PBR
defined 34-89
enabling 34-91
fast-switched policy-based routing 34-92
local policy-based routing 34-92
peers, BGP 34-56
performance features 1-2
persistent self-signed certificate 8-42
per-VLAN spanning-tree plus
PE to CE routing, configuring 34-77
physical ports 10-2
PIM
default configuration 38-8
dense mode
overview 38-4
rendezvous point (RP), described 38-5
RPF lookups 38-7
displaying neighbors 38-51
enabling a mode 38-11
overview 38-4
router-query message interval, modifying 38-26
shared tree and source tree, overview 38-23
shortest path tree, delaying the use of 38-25
sparse mode
join messages and shared tree 38-5
overview 38-5
prune messages 38-5
RPF lookups 38-7
versions
interoperability 38-9
troubleshooting interoperability problems 38-23
v2 improvements 38-4
PIM-DVMRP, as snooping method 23-8
ping
character output description 41-9
executing 41-9
overview 41-8
policed-DSCP map for QoS 32-74
policers
configuring
for each matched traffic class 32-61
for more than one traffic class 32-70
hierarchical, two-rate 32-96
displaying aggregate 32-90
hierarchical, two-rate 32-27
ingress, single-rate 32-12
types of 32-11
types of ingress 32-11
policing
hierarchical, described 32-27
hierarchical dual-level on SVIs
ingress, described 32-10
token-bucket algorithm 32-12, 32-27
policy-based routing
policy maps
dual-level 32-10
hierarchical on SVIs 32-10
nonhierarchical and single-level 32-10
policy maps for QoS
characteristics of ingress 32-61
dual-level
configuring 32-64
described 32-14
hierarchical on SVIs
configuring 32-64
described 32-14
nonhierarchical and single-level
configuring 32-61
described 32-11
port ACLs
defined 31-2
types of 31-4
Port Aggregation Protocol
port-based authentication
accounting 9-5
configuring 9-23
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-12
configuring
guest VLAN 9-20
host mode 9-19
IEEE 802.1x authentication 9-13
manual re-authentication of a client 9-16
periodic re-authentication 9-16
quiet period 9-17
RADIUS server 9-16
RADIUS server parameters on the switch 9-15
restricted VLAN 9-21
switch-to-client frame-retransmission number 9-18, 9-19
switch-to-client retransmission time 9-17
default configuration 9-11
described 9-1
device roles 9-2
displaying statistics 9-24
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-3
guest VLAN
configuration guidelines 9-9, 9-10
described 9-8
initiation and message exchange 9-3
method lists 9-13
multiple-hosts mode, described 9-19
per-user ACLs
AAA authorization 9-13
configuration tasks 9-10
described 9-10
RADIUS server attributes 9-10
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
voice VLAN 9-7
port security
and voice VLAN 9-6
described 9-6
interactions 9-6
multiple-hosts mode 9-19
resetting to default values 9-22
statistics, displaying 9-24
switch
as proxy 9-2
RADIUS client 9-2
topologies, supported 9-5
upgrading from a previous release 32-39
VLAN assignment
AAA authorization 9-13
characteristics 9-7
configuration tasks 9-8
described 9-7
voice VLAN
described 9-7
PVID 9-7
VVID 9-7
port blocking 24-6
port-channel
Port Fast
described 19-2
enabling 19-10
mode, spanning tree 12-30
port membership modes, VLAN 12-3
port priority
MSTP 18-20
STP 17-17
ports
access 10-2
blocking 24-6
configuring 10-7
dynamic access 12-4
enhanced services (ES) 10-3, 10-7
identifying 10-7
IEEE 802.1Q tunnel 12-4
numbering 10-7
protected 24-5
routed 10-4
secure 24-7
switch 10-2
VLAN assignments 12-11
port security
aging 24-14
and QoS trusted boundary 32-52
configuration guidelines 24-10
configuring 24-11
default configuration 24-10
described 24-7
displaying 24-15
on trunk ports 24-12
sticky learning 24-8
violations 24-9
port-shutdown response, VMPS 12-29
preemption, default configuration 20-4
preemption delay, default configuration 20-4
preferential treatment of traffic
prefix lists, BGP 34-53
preventing unauthorized access 8-1
primary links 20-2
priority
HSRP 35-6
overriding CoS 15-5
trusting CoS 15-5
priority queues for QoS
egress on a standard port 32-22
ingress 32-81
LLQ on an ES port 32-113
private VLAN edge ports
private VLANs
across multiple switches 14-4
and SDM template 14-4
and SVIs 14-5
benefits of 14-1
community ports 14-2
configuration guidelines 14-7, 14-8
configuration tasks 14-6
configuring 14-10
default configuration 14-6
end station access to 14-3
IP addressing 14-3
isolated port 14-2
mapping 14-14
monitoring 14-15
ports
community 14-2
configuration guidelines 14-8
configuring host ports 14-11
configuring promiscuous ports 14-13
described 12-4
isolated 14-2
promiscuous 14-2
promiscuous ports 14-2
secondary VLANs 14-2
subdomains 14-1
traffic in 14-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 4-4
exiting 8-10
logging into 8-10
mapping on member switches 4-4
setting a command with 8-8
promiscuous ports
configuring 14-13
defined 14-2
protected ports 24-5
protocol-dependent modules, EIGRP 34-36
Protocol-Independent Multicast Protocol
provider edge devices
and MPLS 37-7
and MPLS labels 37-3
in VPNs 37-5
using multi-VRF CE 34-72
proxy ARP
configuring 34-10
definition 34-8
with IP routing disabled 34-10
pruning, VTP
enabling 13-14
enabling on a port 12-23
examples 13-5
overview 13-4
pruning-eligible list
changing 12-23
for VTP pruning 13-4
VLANs 13-14
PVST+
described 17-9
IEEE 802.1Q trunking interoperability 17-10
instances supported 17-10
Q
QoS
ACLs
IP extended 32-57
IP standard 32-56
MAC 32-58
aggregate policers, configuring 32-70
and 802.1Q tunneling 32-91
and IEEE 802.1Q tunneling 32-50, 32-91
auto-QoS
categorizing traffic 32-34
configuration and defaults display 32-43
configuration guidelines 32-38
described 32-33
disabling 32-40
effects on running configuration 32-38
egress queue-set defaults 32-34
enabling for VoIP 32-39
example configuration 32-41
generated commands, displaying 32-40
ingress queue defaults 32-34
initial configuration, displaying 32-43
list of generated commands 32-35
basic model 32-4
classification
class maps, described 32-9, 32-26
DSCP transparency, described 32-53
flowchart, ingress 32-8
forwarding treatment 32-3
hierarchical, defined 32-5
in frames and packets 32-3
ingress, defined 32-5
MAC ACLs, described 32-7, 32-9
options for IP traffic 32-7
options for non-IP traffic 32-6
trust DSCP, described 32-7
classification
trusted CoS, described 32-7
trust IP precedence, described 32-7
class maps
configuring hierarchical 32-93
configuring ingress 32-59
configuration guidelines
auto-QoS 32-38
hierarchical QoS 32-91
standard QoS 32-46
configuring
DSCP transparency 32-53
policy maps, dual level 32-64
policy maps, hierarchical on SVIs 32-64
default configuration
auto-QoS 32-34
hierarchical QoS 32-91
standard QoS 32-44
displaying statistics 32-90
DSCP maps 32-72
DSCP transparency 32-53
egress queue-sets
allocating buffer space 32-83
buffer allocation scheme, described 32-21
characteristics 32-82
configuring shaped weights for SRR 32-86
configuring shared weights for SRR 32-87
described 32-5
displaying the threshold map 32-85
flowchart 32-20
mapping DSCP or CoS values 32-85
priority queueing 32-47, 32-88
scheduling, described 32-5
setting WTD thresholds 32-83
WTD, described 32-22
enabling globally 32-48
flowcharts
egress queue-set queueing and scheduling 32-20
hierarchical queues queueing and scheduling 32-30
hierarchical two-rate policing and marking 32-28
ingress, single-rate policing and marking 32-13
ingress classification 32-8
ingress queueing and scheduling 32-18
hierarchical levels
class level, described 32-23
physical interface level, described 32-25
supported number of class-level classes 32-23
supported number of VLAN-level classes 32-24
VLAN level, described 32-24
hierarchical QoS
CBWFQ 32-32
CBWFQ and DSCP-based WRED 32-105
CBWFQ and IP precedence-based WRED 32-109
CBWFQ and tail drop 32-102
child policy 32-24
classification based on class maps 32-26, 32-93
configuration guidelines 32-91
congestion avoidance 32-31
congestion management 32-31
default class 32-27
default configuration 32-91
displaying 32-117
matching criteria 32-26
policing, described 32-27
tail drop 32-31
traffic policies, described 32-26
two-rate traffic policer 32-27, 32-96
WRED 32-32
See also QoS, hierarchical levels
See also QoS, hierarchical queues
hierarchical queues
average queue size calculation 32-32
bandwidth limited stream 32-23
CBWFQ 32-32
congestion control 32-31
default queue 32-31
LLQ 32-33
number of queues supported 32-31
queue creation 32-26
scheduling 32-6
tail drop 32-31
WRED 32-32
See also QoS, hierarchical QoS
implicit deny 32-9
ingress queues
allocating bandwidth 32-80
allocating buffer space 32-80
buffer and bandwidth allocation, described 32-19
characteristics 32-78
configuring shared weights for SRR 32-80
configuring the priority queue 32-81
described 32-5
displaying the threshold map 32-79
flowchart 32-18
mapping DSCP or CoS values 32-78
priority queue, described 32-19
scheduling, described 32-5
setting WTD thresholds 32-78
WTD, described 32-19
in MPLS networks 37-18
IP phones
automatic classification and queueing 32-33
detection and trusted settings 32-33, 32-52
limiting bandwidth on egress interface 32-89
mapping tables
CoS-to-DSCP 32-72
displaying 32-90
DSCP-to-CoS 32-75
DSCP-to-DSCP-mutation 32-76
IP-precedence-to-DSCP 32-73
policed-DSCP 32-74
types of 32-15
marked-down actions 32-63, 32-67, 32-97, 32-100
marking
described, hierarchical 32-6, 32-27
described, ingress 32-5, 32-12
overview 32-2
packet modification 32-47
policers
configuring 32-63, 32-67, 32-70
displaying aggregate 32-90
hierarchical, two-rate 32-27
ingress, single-rate 32-12
types of 32-11
types of ingress 32-11
policies, attaching to an interface 32-12, 32-29
policing
described 32-5
hierarchical, described 32-27
ingress, described 32-10
token-bucket algorithm 32-12
policy maps
characteristics of ingress 32-61
configuring 32-61
hierarchical on SVIs 32-10, 32-13
nonhierarchical and single-level 32-10
QoS label, defined 32-5
queues
configuring egress queue-set characteristics 32-82
configuring ingress characteristics 32-78
location of 32-15
SRR, described 32-17
WTD, described 32-17
See also QoS, egress queue-sets
See also QoS, hierarchical queues
rewrites 32-47
trusted boundary, configuring 32-52
trust states
bordering another domain 32-54
described 32-6
trusted device 32-52
within the domain 32-49
QoS features 1-7
quality of service
queries, IGMP 23-4
R
RADIUS
attributes
vendor-proprietary 8-31
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-20, 8-21
multiple UDP ports 8-21
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-20
limiting the services to the user 8-27
method list, defined 8-20
operation of 8-19
overview 8-18
suggested network environments 8-18
tracking services accessed by user 8-28
range
macro 10-10
of interfaces 10-8
rapid convergence 18-10
rapid per-VLAN spanning-tree plus
rapid PVST+
described 17-9
IEEE 802.1Q trunking interoperability 17-10
instances supported 17-10
Rapid Spanning Tree Protocol
RARP 34-8
rcommand command 4-3
RCP
configuration files
downloading B-16
overview B-15
preparing the server B-16
uploading B-17
image files
deleting old image B-31
downloading B-29
preparing the server B-28
uploading B-31
reconfirmation interval, VMPS, changing 12-32
recovery procedures 41-1
redundancy
EtherChannel 33-3
HSRP 35-1
STP
backbone 17-8
path cost 12-27
port priority 12-25
redundant links and UplinkFast 19-13
reliable transport protocol, EIGRP 34-35
reloading software 3-15
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
report suppression, IGMP
described 23-5
disabling 23-12
resequencing ACL entries 31-14
resets, in BGP 34-48
resetting a UDLD-shutdown interface 26-6
restricted VLAN
configuring 9-21
described 9-9
using with IEEE 802.1x 9-9
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-17
TACACS+ 8-10
retry count, VMPS, changing 12-33
reverse address resolution 34-7
Reverse Address Resolution Protocol
RFC
1058, RIP 34-18
1112, IP multicast and IGMP 23-2
1157, SNMPv1 30-2
1163, BGP 34-41
1166, IP addresses 34-5
1253, OSPF 34-23
1267, BGP 34-41
1305, NTP 6-2
1587, NSSAs 34-23
1757, RMON 28-2
1771, BGP 34-41
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 23-2
2273-2275, SNMPv3 30-2
RIP
advertisements 34-18
authentication 34-21
configuring 34-19
default configuration 34-18
described 34-18
hop counts 34-18
split horizon 34-21
summary addresses 34-21
RMON
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
statistics
collecting group Ethernet 28-6
collecting group history 28-5
root guard
described 19-8
enabling 19-15
root switch
MSTP 18-17
STP 17-14
route calculation timers, OSPF 34-32
route dampening, BGP 34-60
routed packets, ACLs on 31-38
routed ports
configuring 34-3
defined 10-4
route-map command 34-91
route maps
BGP 34-51
policy-based routing 34-90
router ACLs
defined 31-2
types of 31-3
route reflectors, BGP 34-59
router ID, OSPF 34-33
route selection, BGP 34-49
route summarization, OSPF 34-31
route targets, VPN 34-74
routing
default 34-2
dynamic 34-2
redistribution of information 34-86
static 34-2
routing domain confederation, BGP 34-58
Routing Information Protocol
routing protocol administrative distances 34-85
RSPAN
characteristics 27-8
configuration guidelines 27-16
default configuration 27-9
destination ports 27-7
displaying status 27-23
interaction with other features 27-8
monitored ports 27-5
monitoring ports 27-7
overview 27-1
received traffic 27-4
session limits 27-10
sessions
creating 27-16
defined 27-3
limiting source traffic to specific VLANs 27-22
specifying monitored ports 27-16
with ingress traffic enabled 27-20
source ports 27-5
transmitted traffic 27-5
VLAN-based 27-6
RSTP
active topology, determining 18-9
BPDU
format 18-12
processing 18-13
designated port, defined 18-9
designated switch, defined 18-9
interoperability with 802.1D
described 18-8
restarting migration process 18-26
topology changes 18-13
overview 18-9
port roles
described 18-9
synchronized 18-11
proposal-agreement handshake process 18-10
rapid convergence
described 18-10
edge ports and Port Fast 18-10
point-to-point links 18-10, 18-25
root ports 18-10
root port, defined 18-9
running configuration, saving 3-10
S
scheduled reloads 3-15
scheduling
egress queue-sets
priority queueing 32-88
shaped or shared mode 32-22
shaped weights 32-86
shared weights 32-87
SRR and priority queueing interaction 32-47
hierarchical queues
ingress queues
priority queueing 32-19, 32-81
SDM
described 7-1
templates
configuration guidelines 7-3
number of 7-1
secondary VLANs 14-2
secure HTTP client
configuring 8-46
displaying 8-47
secure HTTP server
configuring 8-45
displaying 8-47
secure MAC addresses
deleting 24-13
maximum number of 24-9
types of 24-8
secure ports, configuring 24-7
secure remote connections 8-37
Secure Shell
Secure Socket Layer
security, port 24-7
security features 1-6
sequence numbers in log messages 29-7
server mode, VTP 13-3
service-provider network
and 802.1Q tunneling 16-2
and customer VLANs 16-2
and EoMPLS 37-12
and MPLS 37-2
configuring MPLS VPNs 37-6
Layer 2 protocols across 16-12
Layer 2 protocol tunneling for EtherChannels 16-13
MSTP and RSTP 18-1
VPNs in 37-3
set-request operation 30-4
severity levels, defining in system messages 29-8
SFPs
interface numbering 10-7
monitoring status of 1-10, 10-21, 41-8
security and identification 41-8
status, displaying 1-10
shaped round robin
shaping, average-rate
configuring 32-115
described 32-33
show access-lists hw-summary command 31-21
show and more command output, filtering 2-9
show cdp traffic command 25-5
show cluster members command 4-3
show configuration command 10-17
show forward command 41-15
show interfaces command 10-14, 10-17
show l2protocol command 16-18, 16-19, 16-20
show platform forward command 41-15
show running-config command
interface description in 10-17
shutdown command on interfaces 10-22
shutdown threshold for Layer 2 protocol packets 16-15
Simple Network Management Protocol
Smartports macros
applying Cisco-default macros 11-6
applying global parameter values 11-5, 11-6
applying macros 11-5
applying parameter values 11-5, 11-7
configuration guidelines 11-3
creating 11-4
default configuration 11-2
defined 11-1
displaying 11-8
tracing 11-3
website 11-2
SMNP traps, and CFM 36-4
SNAP 25-1
SNMP
accessing MIB variables with 30-4
agent
described 30-4
disabling 30-7
authentication level 30-9
community strings
configuring 30-7
overview 30-4
configuration examples 30-14
configuration guidelines 30-6
default configuration 30-6
engine ID 30-6
host 30-6
informs
and trap keyword 30-10
described 30-5
differences from traps 30-5
enabling 30-13
limiting access by TFTP servers 30-14
limiting system log messages to NMS 29-9
manager functions 30-3
managing clusters with 4-4
MIBs
location of A-3
supported A-1
notifications 30-5
status, displaying 30-15
system contact and location 30-13
trap manager, configuring 30-12
traps
differences from informs 30-5
enabling 30-10
enabling MAC address notification 6-22
types of 30-10
versions supported 30-2
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 23-2
software images
location in flash memory B-20
recovery procedures 41-2
scheduling reloads 3-15
tar file format, described B-20
See also downloading and uploading
source addresses, in ACLs 31-11
source-and-destination-IP address based forwarding, EtherChannel 33-7
source-and-destination MAC address forwarding, EtherChannel 33-7
source-IP address based forwarding, EtherChannel 33-7
source-MAC address forwarding, EtherChannel 33-6
SPAN
configuration guidelines 27-10
default configuration 27-9
destination ports 27-7
displaying status 27-23
interaction with other features 27-8
monitored ports 27-5
monitoring ports 27-7
overview 27-1
received traffic 27-4
session limits 27-10
sessions
configuring ingress forwarding 27-14, 27-21
creating 27-11
defined 27-3
limiting source traffic to specific VLANs 27-14
removing destination (monitoring) ports 27-12
specifying monitored ports 27-11
with ingress traffic enabled 27-13
source ports 27-5
transmitted traffic 27-5
VLAN-based 27-6
spanning tree and native VLANs 12-19
Spanning Tree Protocol
SPAN traffic 27-4
speed, configuring on interfaces 10-13
split horizon
IGRP 34-22
RIP 34-21
SRR
and priority queueing interaction 32-47
configuring
shaped weights on egress queue-sets 32-86
shared weights on egress queue-sets 32-87
shared weights on ingress queues 32-80
described 32-17
shaped mode 32-17
shared mode 32-18
SSH
configuring 8-38
cryptographic software image 8-37
described 8-37
encryption methods 8-38
user authentication methods, supported 8-38
SSL
configuration guidelines 8-44
configuring a secure HTTP client 8-46
configuring a secure HTTP server 8-45
cryptographic software image 8-41
described 8-41
monitoring 8-47
stack changes, effects on
MSTP 18-8
standby command switch, requirements 4-2
standby ip command 35-5
standby links 20-2
standby router 35-1
standby timers, HSRP 35-8
startup configuration
booting
manually 3-12
specific image 3-12
clearing B-18
configuration file
automatically downloading 3-11
specifying the filename 3-11
default boot configuration 3-11
static access ports
assigning to VLAN 12-11
static addresses
static routes, configuring 34-84
static routing 34-2
static VLAN membership 12-2
statistics
CDP 25-5
IEEE 802.1x 9-24
interface 10-21
IP multicast routing 38-51
OSPF 34-34
QoS ingress and egress 32-90
RMON group Ethernet 28-6
RMON group history 28-5
SNMP input and output 30-15
VTP 13-16
sticky secure MAC address learning 24-8
storm control
configuring 24-3
described 24-1
disabling 24-5
displaying 24-15
STP
accelerating root port selection 19-4
BackboneFast
described 19-5
enabling 19-14
BPDU filtering
described 19-3
enabling 19-12
BPDU guard
described 19-3
enabling 19-11
BPDU message exchange 17-3
configuration guidelines 17-12, 19-10
configuring
forward-delay time 17-21
hello time 17-20
maximum aging time 17-21
path cost 17-18
port priority 17-17
root switch 17-14
secondary root switch 17-16
spanning-tree mode 17-13
switch priority 17-19
counters, clearing 17-22
default configuration 17-11
default optional feature configuration 19-9
designated port, defined 17-3
designated switch, defined 17-3
detecting indirect link failures 19-5
disabling 17-14
displaying status 17-22
EtherChannel guard
described 19-7
disabling 19-14
enabling 19-14
extended system ID
effects on root switch 17-14
effects on the secondary root switch 17-16
overview 17-4
unexpected behavior 17-15
IEEE 802.1D and bridge ID 17-4
IEEE 802.1D and multicast addresses 17-8
IEEE 802.1t and VLAN identifier 17-4
inferior BPDU 17-3
instances supported 17-10
interface state, blocking to forwarding 19-2
interface states
blocking 17-5
disabled 17-7
learning 17-6
listening 17-6
overview 17-4
interoperability and compatibility among modes 17-10
keepalive messages 17-2
Layer 2 protocol tunneling 16-12
limitations with IEEE 802.1Q trunks 17-10
load sharing
overview 12-25
using path costs 12-27
using port priorities 12-25
loop guard
described 19-9
enabling 19-15
modes supported 17-9
multicast addresses, effect of 17-8
overview 17-2
path costs 12-27
Port Fast
described 19-2
enabling 19-10
port priorities 12-26
preventing root switch selection 19-8
protocols supported 17-9
redundant connectivity 17-8
root guard
described 19-8
enabling 19-15
root port, defined 17-3
root switch
configuring 17-15
effects of extended system ID 17-4, 17-14
election 17-3
unexpected behavior 17-15
shutdown Port Fast-enabled port 19-3
status, displaying 17-22
superior BPDU 17-3
timers, described 17-20
UplinkFast
described 19-4
enabling 19-13
VLAN-bridge 17-11
stratum, NTP 6-2
stub areas, OSPF 34-30
subdomains, private VLAN 14-1
subnet mask 34-5
subnet zero 34-6
success response, VMPS 12-29
summer time 6-13
SunNet Manager 1-3
supernet 34-6
SVI 32-64
SVIs
and IP unicast routing 34-3
and router ACLs 31-3
connecting VLANs 10-6
defined 10-4
routing between VLANs 12-2
switch clustering technology 4-1
switch console port 1-4
Switch Database Management
switched packets, ACLs on 31-37
Switched Port Analyzer
switched ports 10-2
switchport block multicast command 24-7
switchport block unicast command 24-7
switchport command 10-11
switchport mode dot1q-tunnel command 16-7
switchport protected command 24-6
switch priority
MSTP 18-22
STP 17-19
switch software features 1-1
switch virtual interface
synchronization, BGP 34-45
syslog
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-2
system message logging
default configuration 29-3
defining error message severity levels 29-8
disabling 29-4
displaying the configuration 29-12
enabling 29-4
facility keywords, described 29-12
level keywords, described 29-8
limiting messages 29-9
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-7
setting the display destination device 29-4
synchronizing log messages 29-5
timestamps, enabling and disabling 29-7
UNIX syslog servers
configuring the daemon 29-10
configuring the logging facility 29-11
facilities supported 29-12
system MTU
and EoMPLS 37-14
and IEEE 802.1Q tunneling 16-5
and IS-IS LSPs 34-66
configuring 10-19
maximum size supported 10-19
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
system prompt
system resources, optimizing 7-1
system routing
IS-IS 34-62
ISO IGRP 34-62
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-16
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
limiting the services to the user 8-16
operation of 8-12
overview 8-10
tracking services accessed by user 8-16
tag distribution protocol
tagged packets
IEEE 802.1Q 16-3
Layer 2 protocol 16-12
tail drop
configuring 32-102
described 32-31
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-20
TDP 37-6
Telnet
accessing management interfaces 2-10
number of connections 1-3
setting a password 8-6
templates, SDM 7-2
temporary self-signed certificate 8-42
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-11
configuration files in base directory 3-6
configuring for autoconfiguration 3-5
image files
deleting B-23
downloading B-22
preparing the server B-21
uploading B-23
limiting access by servers 30-14
threshold, traffic level 24-2
time
time-range command 31-16
time ranges in ACLs 31-16
timestamps in log messages 29-7
time zones 6-12
Token Ring VLANs
support for 12-6
VTP support 13-4
traceroute, Layer 2
and ARP 41-11
and CDP 41-10
described 41-10
IP addresses and subnets 41-11
MAC addresses and VLANs 41-10
multicast traffic 41-10
multiple devices on a port 41-11
unicast traffic 41-10
usage guidelines 41-10
traceroute command 41-12
traffic
blocking flooded 24-7
fragmented 31-5
unfragmented 31-5
traffic shaping
transparent mode, VTP 13-3, 13-12
trap-door mechanism 3-2
traps
configuring MAC address notification 6-22
configuring managers 30-10
defined 30-3
notification types 30-10
troubleshooting
connectivity problems 41-8, 41-10, 41-11
detecting unidirectional links 26-1
determining packet forwarding 41-15
displaying crash information 41-17
PIMv1 and PIMv2 interoperability problems 38-23
SFP security and identification 41-8
show forward command 41-15
with CiscoWorks 30-4
with debug commands 41-13
with ping 41-8
with system message logging 29-1
with traceroute 41-11
trunk failover
trunk ports
and Layer 2 protocol tunneling 16-15
configuring 12-21
encapsulation 12-21, 12-26, 12-27
secure MAC addresses on 24-11
trunks
allowed-VLAN list 12-22
configuring 12-21, 12-26, 12-27
load sharing
setting STP path costs 12-27
using STP port priorities 12-25, 12-26
native VLAN for untagged traffic 12-24
parallel 12-27
pruning-eligible list 12-23
to non-DTP device 12-17
understanding 12-17
trusted boundary for QoS 32-52
trusted port states
between QoS domains 32-54
classification options 32-6
ensuring port security for IP phones 32-52
within a QoS domain 32-49
trustpoints, CA 8-41
tunneling
defined 16-1
IEEE 802.1Q 16-2
Layer 2 protocol 16-12
tunnel ports
defined 12-4
IEEE 802.1Q, configuring 16-7
incompatibilities with other features 16-6
twisted-pair Ethernet, detecting unidirectional links 26-1
type of service 1-7
U
UDLD
aggressive mode, described 26-1
and autonegotiation 26-1
configuration guidelines 26-4
default configuration 26-4
echoing detection mechanism 26-3
enabling
globally 26-5
per interface 26-5
Layer 2 protocol tunneling 16-14
link-detection mechanism 26-1
modes of operation 26-1
neighbor database 26-2
normal mode, described 26-1
overview 26-1
resetting an interface 26-6
status, displaying 26-6
unidirectional link, defined 26-2
UDP, configuring 34-14
unauthorized ports with IEEE 802.1x 9-4
unicast MAC address filtering 1-3
and adding static addresses 6-25
and broadcast MAC addresses 6-25
and CPU packets 6-25
and multicast addresses 6-25
and router MAC addresses 6-25
configuration guidelines 6-25
described 6-25
unicast storm control command 24-4
unicast storms 24-1
unicast traffic, blocking 24-7
UniDirectional Link Detection protocol
UNIs
remote (CFM) 36-9
UNIX syslog servers
daemon configuration 29-10
facilities supported 29-12
message logging configuration 29-11
unrecognized Type-Length-Value (TLV) support 13-4
upgrading software images
See release notes xl
upgrading with CNS 5112
UplinkFast
described 19-4
enabling 19-13
uploading
configuration files
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
image files
reasons for B-19
using FTP B-27
using RCP B-31
using TFTP B-23
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 8-6
V
VCs 37-12
version-dependent transparent mode 13-4
virtual connections
virtual private LAN service
Virtual Private Networks
vlan.dat file 12-5
VLAN 1, disabling on a trunk port 12-22
VLAN 1 minimization 12-22
VLAN ACLs
vlan-assignment response, VMPS 12-29
VLAN configuration
at bootup 12-8
saving 12-8
VLAN configuration mode 2-2, 12-7
VLAN database
and startup configuration file 12-8
and VTP 13-1
VLAN configuration saved in 12-8
VLANs saved in 12-5
vlan database command 12-7
VLAN filtering, and SPAN 27-6
vlan global configuration command 12-7
VLAN ID
customer-side 16-8
discovering 6-28
mapping 16-8
service provider 16-8
VLAN IDs, number supported 1-5
VLAN ID translation
VLAN management domain 13-2
VLAN Management Policy Server
VLAN map entries, order of 31-29
VLAN mapping
802.1Q traffic 16-10
configuring 16-9
described 16-8
VLAN maps
applying 31-33
common uses for 31-33
configuration example 31-34
configuration guidelines 31-29
configuring 31-29
creating 31-30
defined 31-2
denying access example 31-35
denying and permitting packets 31-31
displaying 31-40
examples 31-35
with router ACLs 31-40
VLAN membership
confirming 12-32
modes 12-3
VLAN Query Protocol
VLANs
adding to VLAN database 12-9
aging dynamic addresses 17-9
allowed on trunk 12-22
and spanning-tree instances 12-3, 12-7, 12-13
configuration guidelines
extended-range VLANs 12-13
normal-range VLANs 12-6
configuration options 12-7
configuring 12-1
configuring IDs 1006 to 4094 12-13
connecting through SVIs 10-6
creating 12-9
creating in config-vlan mode 12-9
creating in VLAN configuration mode 12-10
customer numbering in service-provider networks 16-3
default configuration 12-8
deleting 12-11
displaying 12-16
features 1-5
illustrated 12-2
internal 12-13
limiting source traffic
with RSPAN 27-22
with SPAN 27-14
modifying 12-9
native, configuring 12-24
number supported 1-5
parameters 12-5
port membership modes 12-3
static-access ports 12-11
STP and IEEE 802.1Q trunks 17-10
supported 12-3
Token Ring 12-6
traffic between 12-2
VTP modes 13-3
VLAN Trunking Protocol
VLAN trunks 12-17
VMPS
administering 12-33
configuration example 12-34
configuration guidelines 12-30
default configuration 12-30
description 12-28
dynamic port membership
described 12-29
reconfirming 12-32
troubleshooting 12-34
entering server address 12-31
mapping MAC addresses to VLANs 12-29
monitoring 12-33
reconfirmation interval, changing 12-32
reconfirming membership 12-32
retry count, changing 12-33
voice-over-IP 15-1
voice VLAN
Cisco 7960 phone, port connections 15-1
configuration guidelines 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-5
trust CoS priority of incoming frame 15-5
configuring ports for voice traffic in
802.1P priority tagged frames 15-5
802.1Q frames 15-4
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-6
VPN routing and forwarding table
VPNs
and multi-VRF CE 34-76
benefits 37-3
configuring 37-8
configuring routing sessions 34-76
described 37-3
forwarding in 34-74
in service provider networks 34-72
IPv4 prefix 37-5
MPLS 37-6
number supported 37-6
VPN services
Layer 2 1-5
Layer 3 1-6
VQP 12-28
VRF
configuration 37-8
defining 34-74
elements 37-3
in MPLS VPNs 37-3
tables 34-72
VTP
adding a client to a domain 13-14
and extended-range VLANs 13-1
and normal-range VLANs 13-2
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-7
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-6
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
Layer 2 protocol tunneling 16-12
modes
transitions 13-3
monitoring 13-16
passwords 13-8
pruning
disabling 13-14
enabling 13-14
examples 13-5
overview 13-4
pruning-eligible list, changing 12-23
server mode, configuring 13-9
statistics 13-16
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-8
version 1 13-4
version 2
configuration guidelines 13-8
disabling 13-13
enabling 13-13
overview 13-4
W
Weighted Random Early Detection
weighted tail drop
WRED
configuring DSCP-based 32-105
configuring IP precedence-based 32-109
described 32-32
WTD
described 32-17
setting thresholds
egress queue-sets 32-83
ingress queues 32-78
X
XMODEM protocol 41-2