-
Catalyst 3750 Metro Switch Software Configuration Guide, 12.2(52)SE
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Assigning the Switch IP Address and Default Gateway
-
Configuring Cisco IOS Configuration Engine
-
Administering the Switch
-
Configuring SDM Templates
-
Configuring Switch-Based Authentication
-
Configuring IEEE 802.1x Port-Based Authentication
-
Configuring Interface Characteristics
-
Configuring Smartports Macros
-
Configuring VLANs
-
Configuring VTP
-
Configuring Private VLANs
-
Configuring Voice VLAN
-
Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
-
Configuring STP
-
Configuring MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring Resilient Ethernet Protocol
-
Configuring Flex Links and the MAC Address-Table Move Update Feature
-
Configuring DHCP Features and IP Source Guard
-
Configuring Dynamic ARP Inspection
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring LLDP and LLDP-MED
-
Configuring UDLD
-
Configuring SPAN and RSPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Embedded Event Manager
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels and Link State Tracking
-
Configuring IP Unicast Routing
-
Configuring IPv6 Unicast Routing
-
Configuring IPv6 MLD Snooping
-
Configuring IPv6 ACLs
-
Configuring HSRP
-
Configuring Cisco IOS IP SLAs Operations
-
Configuring Enhanced Object Tracking
-
Configuring Ethernet CFM, E-LMI, and OAM
-
Configuring MPLS, MPLS OAM, MPLS VPN, and EoMPLS
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Supported MIBs
-
Working with the Cisco IOS File System, Configuration Files, and Software Images
-
Unsupported Commands in Cisco IOS Release 12.2(52)SE
-
Feedback
Table Of Contents
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y -
Index
A
abbreviating commands 2-3
ABRs 36-23
access-class command 33-19
access control entries
access control entry (ACE) 39-3
access-denied response, VMPS 11-27
access groups
applying ACLs to interfaces 33-20
IP 33-20
Layer 2 33-20
Layer 3 33-20
access lists
access ports
and Layer 2 protocol tunneling 15-15
defined 9-2
accounting
with RADIUS 7-27
ACEs
and QoS 34-11
defined 33-2
Ethernet 33-2
IP 33-2
ACLs
ACEs 33-2
any keyword 33-12
applying
on bridged packets 33-38
on multicast packets 33-40
on routed packets 33-39
on switched packets 33-38
time ranges to 33-16
to IPv6 interfaces 39-7
to QoS 34-11
classifying traffic for QoS 34-63
comments in 33-18
compiling 33-22
configuring with VLAN maps 33-37
extended IP
configuring for QoS classification 34-65
creating 33-9
matching criteria 33-7
hardware and software handling 33-21
host keyword 33-12
IP
applying to interfaces 33-19
creating 33-7
fragments and QoS guidelines 34-53
implicit deny 33-9, 33-13, 33-15
implicit masks 33-9
matching criteria 33-7
named 33-14
terminal lines, setting on 33-18
undefined 33-20
violations, logging 33-15
IPv6
applying to interfaces 39-7
displaying 39-8
interactions with other features 39-4
limitations 39-3
matching criteria 39-3
named 39-3
precedence of 39-2
supported 39-2
unsupported features 39-3
limiting actions 33-37
logging messages 33-9
log keyword 33-15
named 33-14
named, IPv6 39-3
names 39-4
number per QoS class map 34-53
numbers 33-7
precedence of 33-2
resequencing entries 33-14
standard IP
configuring for QoS classification 34-64
creating 33-8
matching criteria 33-7
supported features 33-21
time ranges 33-16
unsupported features 33-6
unsupported features, IPv6 39-3
using router ACLs with VLAN maps 33-36
VLAN maps
configuration guidelines 33-30
configuring 33-29
active links 20-2
active router 40-1
active traffic monitoring, IP SLAs 41-1
address aliasing 23-2
addresses
displaying the MAC address table 5-30
dynamic
accelerated aging 16-8
changing the aging time 5-21
default aging 16-8
defined 5-19
learning 5-20
removing 5-22
IPv6 37-2
MAC, discovering 5-31
multicast
group address range 45-3
STP address management 16-8
static
adding and removing 5-27
defined 5-19
Address Resolution Protocol
adjacency tables, with CEF 36-96
administrative distances
defined 36-108
OSPF 36-31
routing protocol defaults 36-99
administrative VLAN
REP, configuring 19-9
administrative VLAN, REP 19-8
advertisements
CDP 25-1
LLDP 26-2
RIP 36-18
age timer, REP 19-8
aggregatable global unicast addresses 37-3
aggregate addresses, BGP 36-58
aggregated ports
aggregate policers 34-78
aging, accelerating 16-8
aging time
accelerated
for MSTP 17-23
MAC address table 5-21
maximum
for STP 16-21
alarms, RMON 29-3
allowed-VLAN list 11-20
Any Transport over MPLS
area border routers
area routing
IS-IS 36-63
ISO IGRP 36-63
ARP
configuring 36-8
encapsulation 36-9
static cache configuration 36-8
ARP table
address resolution 5-31
managing 5-31
ASBRs 36-23
AS-path filters, BGP 36-53
asymmetrical links, and 802.1Q tunneling 15-4
AToM 44-40
AToM VCCV
components 44-24
configuring 44-29
described 44-24
attributes, RADIUS
vendor-proprietary 7-29
vendor-specific 7-28
authentication
EIGRP 36-39
HSRP 40-9
Kerberos 7-31
local mode with AAA 7-35
NTP associations 5-4
RADIUS
key 7-20
login 7-22
TACACS+
defined 7-11
key 7-12
login 7-13
See also port-based authentication
authentication failed VLAN
authentication keys, and routing protocols 36-109
authoritative time source, described 5-2
authorization
with RADIUS 7-26
authorized ports with IEEE 802.1x 8-4
autoconfiguration 3-3
auto enablement 8-13
automatic QoS
autonegotiation
interface configuration guidelines 9-13
mismatches 48-7
autonomous system boundary routers
autonomous systems, in BGP 36-46
Auto-RP, described 45-6
auxiliary VLAN
availability features 1-4
B
BackboneFast
described 18-5
enabling 18-13
backup interfaces
backup links 20-2
backup static routing, configuring 42-12
banners
configuring
login 5-19
message-of-the-day login 5-18
default configuration 5-17
when displayed 5-17
Berkeley r-tools replacement 7-47
BGP
aggregate addresses 36-58
aggregate routes, configuring 36-58
CIDR 36-58
clear commands 36-62
community filtering 36-55
configuring neighbors 36-57
configuring routing sessions 44-9
default configuration 36-44, 36-74
described 36-43
enabling 36-46
monitoring 36-62
multipath support 36-50
neighbors, types of 36-46
path selection 36-50
peers, configuring 36-57
prefix filtering 36-54
resetting sessions 36-49
route dampening 36-61
route maps 36-52
route reflectors 36-60
routing domain confederation 36-59
routing session with multi-VRF CE 36-91
show commands 36-62
supernets 36-58
Version 4 36-43
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 21-6
DHCP snooping database 21-6
IP source guard 21-16
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-7
Boolean expressions in tracked lists 42-4
booting
boot loader, function of 3-2
boot process 3-1
manually 3-16
specific image 3-17
boot loader
accessing 3-18
described 3-2
environment variables 3-18
prompt 3-18
trap-door mechanism 3-2
bootstrap router (BSR), described 45-7
Border Gateway Protocol
BPDU
error-disabled state 18-2
filtering 18-3
RSTP format 17-11
BPDU filtering
described 18-3
enabling 18-12
BPDU guard
described 18-2
enabling 18-11
bridged packets, ACLs on 33-38
bridge groups
bridge protocol data unit
broadcast flooding 36-15
broadcast packets
directed 36-12
flooded 36-12
broadcast storm-control command 24-4
bulk statistics
file 31-6
object list, configuring 31-19
object list, described 31-6
schema, configuring 31-19
schema, described 31-6
transfer 31-21
bulk-statistics
defined 31-6
bulkstat object-list 31-19
bulkstat schema 31-20
bypass mode, Layer 2 protocol-tunneling 15-12, 15-16
C
cables, monitoring for unidirectional links 27-1
CA trustpoint
configuring 7-43
defined 7-41
CBWFQ
configuring
with DSCP-based WRED 34-117
with IP precedence-based WRED 34-121
with tail drop 34-114
described 34-39
CDP
and trusted boundary 34-60
configuring 25-2
default configuration 25-2
defined with LLDP 26-1
described 25-1
disabling for routing device 25-3, 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
Layer 2 protocol tunneling 15-12
monitoring 25-4
overview 25-1
transmission timer and holdtime, setting 25-2
updates 25-2
CEF 36-96
IPv6 37-18
CFM
and Ethernet OAM, configuring 43-51
and Ethernet OAM interaction 43-50
and OAM manager 43-43
and other features 43-8
and tunnels 43-8
clearing 43-29
configuration errors 43-6
configuration guidelines 43-7
configuring crosscheck 43-11
configuring fault alarms 43-16
configuring port MEP 43-14
configuring static remote MEP 43-12
configuring the network 43-8
continuity check messages 43-5
crosscheck 43-5
default configuration 43-7
defined 43-2
down MEPs 43-4
draft 1 43-4
draft 8.1 43-4
EtherChannel support 43-7
fault alarms
configuring 43-16
defined 43-5
IP SLAs support for 43-6
IP SLAs with endpoint discovers 43-20
loopback messages 43-5
maintenance association 43-3
maintenance domain 43-2
maintenance point 43-3
manually configuring IP SLAs ping or jitter 43-18
measuring network performance 43-6
messages
continuity check 43-5
loopback 43-5
traceroute 43-5
on EtherChannel port channels 43-7
port MEP, configuring 43-14
remote MEPs 43-5
SNMP traps 43-5
static RMEP, configuring 43-12
static RMEP check 43-5
traceroute messages 43-5
types of messages 43-5
up MEPs 43-4
version interoperability 43-6
Y.1731
described 43-21
CGMP
as IGMP snooping learning method 23-7
clearing cached group entries 45-61
enabling server support 45-44
joining multicast group 23-3
overview 45-9
server support only 45-9
CIDR 36-58
CipherSuites 7-42
Cisco 7960 IP Phone 14-1
Cisco Data Collection MIB 31-2
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System 1-4
Cisco IOS IP SLAs 41-1
Cisco Process MIB 31-2
CISP 8-13
CIST regional root
CIST root
civic location 26-3
class-based weighted fair queueing
classless interdomain routing
classless routing 36-6
class maps for QoS
configuring
hierarchical 34-105
ingress 34-67
class of service
clearing
Ethernet CFM 43-29
clearing interfaces 9-22
CLI
abbreviating commands 2-3
command modes 2-1
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
no and default forms of commands 2-4
Client Information Signalling Protocol
client mode, VTP 12-3
client processes, tracking 42-1
CLNS
clock
CNS
Configuration Engine
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-7
for upgrading 4-14
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 7-8
community list, BGP 36-55
community ports 13-2
community strings
configuring 31-8
overview 31-4
config.text 3-15
configuration examples
ACLs and VLAN maps 33-32
IP ACLs 33-22
multi-VRF-CE 36-92
network 1-14
SNMP 31-23
VLAN maps 33-34
VMPS 11-28
configuration files
archiving B-18
clearing the startup configuration B-18
creating using a text editor B-9
default name 3-15
deleting a stored configuration B-18
described B-7
downloading
automatically 3-16
reasons for B-8
using FTP B-12
using RCP B-16
using TFTP B-10
guidelines for creating and using B-8
guidelines for replacing and rolling back B-19
invalid combinations when copying B-5
limiting TFTP server access 31-18, 31-19, 31-21, 31-22
obtaining with DHCP 3-8
password recovery disable considerations 7-5
replacing a running configuration B-18, B-19
rolling back a running configuration B-18, B-19
specifying the filename 3-16
system contact and location information 31-17
types and location B-9
uploading
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
configuration guidelines
applying ACLs 33-19
applying MAC ACLs 33-28
auto-QoS 34-45
Auto-RP and BSR 45-11
CFM 43-7
EtherChannel 35-9
Ethernet OAM 43-33
fallback bridging 47-3
hierarchical QoS 34-101
HSRP
authentication and timers 40-9
interfaces 40-4
priority 40-6
IEEE 802.1Q trunks 11-17
interface speed and duplex mode 9-13
IP multicast routing 45-10
MPLS OAM 44-25
MPLS TE and fast reroute 44-15
MPLS VPN 44-7
multi-VRF CE 36-85
named ACLs 33-14
OAM manager 43-44
port-based authentication 8-15
port security 24-11
protected ports 24-6
pseudowire redundancy 44-47
REP 19-7
router ACLs and VLAN maps 33-37
RSPAN 28-16
SDM templates 6-4
SNMP 31-7
SPAN 28-10
standard QoS 34-53
UDLD 27-4
VLAN maps 33-30
VLANs
extended-range 11-11
normal-range 11-6
VMPS 11-28
voice VLAN 14-3
VTP 12-7
configuration replacement B-18
configuration rollback B-18
configuration settings, saving 3-15
configure terminal command 9-7
configuring multicast VRFs 36-90
configuring port-based authentication violation modes8-17to 8-18
configuring small-frame arrival rate 24-5
congestion-avoidance mechanisms
congestion management for QoS 34-38
connectionless service, and VPNs 44-4
connections, secure remote 7-36
Connectivity Fault Management
connectivity problems 48-8, 48-9, 48-11
consistency checks in VTP version 2 12-4
console port, connecting to 2-9
control protocol, IP SLAs 41-4
convergence
REP 19-4
corrupted software, recovery steps with XMODEM 48-1
CoS
configuring the default port value 34-59
in Layer 2 frames 34-2
override priority 14-5
trust priority 14-5
CoS input queue threshold map for QoS 34-21
CoS output queue threshold map for QoS 34-25
CoS-to-DSCP map for QoS 34-80
counters, clearing interface 9-22
CPU threshold notification 31-23
CPU threshold table 31-2, 31-22
CPU utilization, troubleshooting 48-17
CPU utilization statistics 31-22
crashinfo file 48-17
cryptographic software image
Kerberos 7-31
SSH 7-36
SSL 7-40
customer edge devices
and Multi-VFR CE 36-83
customer-edge devices
MPLS 44-5
D
data collection, bulk statistics 31-21
daylight saving time 5-13
debugging
enabling all system diagnostics 48-14
enabling for a specific feature 48-13
redirecting error message output 48-14
using commands 48-13
default commands 2-4
default configuration
auto-QoS 34-41
banners 5-17
booting 3-15
CDP 25-2
CFM 43-7
DHCP 21-8
DHCP option 82 21-8
DHCP snooping 21-8
DHCP snooping binding database 21-8
DNS 5-16
dynamic ARP inspection 22-5
EIGRP 36-36
E-LMI and OAM 43-44
EoMPLS 44-43
EtherChannel 35-9
Ethernet OAM 43-33
fallback bridging 47-3
Flex Links 20-8
hierarchical QoS 34-101
HSRP 40-4
IEEE 802.1Q tunneling 15-4
IEEE 802.1x 8-14
IGMP 45-38
IGMP filtering 23-22
IGMP snooping 23-6, 38-5, 38-6
IGMP throttling 23-22
initial switch information 3-3
IP addressing, IP routing 36-4
IP multicast routing 45-10
IP SLAs 41-6
IP source guard 21-17
IPv6 37-9
IS-IS 36-64
Layer 2 interfaces 9-11
Layer 2 protocol tunneling 15-15
LLDP 26-3
MAC address table 5-21
MAC address-table move update 20-8
MPLS 44-7
MPLS OAM 44-25
MPLS QoS 44-53
MPLS TE and fast reroute 44-15
MSDP 46-4
MSTP 17-14
multi-VRF CE 36-84
MVR 23-16
NTP 5-4
optional spanning-tree features 18-9
OSPF 36-24
password and privilege level 7-2
private VLANs 13-6
RADIUS 7-19
REP 19-7
RIP 36-18
RMON 29-3
RSPAN 28-9
SNMP 31-7
SPAN 28-9
SSL 7-43
standard QoS 34-50
STP 16-11
system message logging 30-3
system name and prompt 5-15
TACACS+ 7-12
UDLD 27-4
VLAN, Layer 2 Ethernet interfaces 11-17
VLAN mapping 15-8
VLANs 11-7
VMPS 11-28
voice VLAN 14-3
VTP 12-6
Y.1731 43-24
default networks 36-99
default router preference
default routes 36-99
deleting VLANs 11-9
denial-of-service attack 24-1
description command 9-17
designing your network, examples 1-14
destination addresses
in IPv6 ACLs 39-5
destination addresses, in ACLs 33-11
destination-IP address based forwarding, EtherChannel 35-7
destination-MAC address forwarding, EtherChannel 35-7
detecting indirect link failures, STP 18-5
device discovery protocol 25-1, 26-1
DHCP
Cisco IOS server database
configuring 21-14
default configuration 21-8
described 21-6
DHCP for IPv6
enabling
relay agent 21-10
server 21-10
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-7
relay device 3-8
server side 3-6
server-side 21-10
TFTP server 3-7
example 3-9
lease options
for IP address information 3-6
for receiving the configuration file 3-6
overview 3-3
relationship to BOOTP 3-3
DHCP-based autoconfiguration and image update
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 42-11
DHCP option 82
circuit ID suboption 21-5
configuration guidelines 21-9
default configuration 21-8
displaying 21-15
forwarding address, specifying 21-11
helper address 21-11
overview 21-3
packet format, suboption
circuit ID 21-5
remote ID 21-5
remote ID suboption 21-5
support for 1-3
DHCP server port-based address allocation
configuration guidelines 21-26
default configuration 21-26
described 21-25
displaying 21-29
enabling 21-26
reserved addresses 21-27
DHCP snooping
accepting untrusted packets from edge switch 21-3, 21-12
and private VLANs 21-13
binding database
See DHCP snooping binding database
configuration guidelines 21-9
default configuration 21-8
displaying binding tables 21-15
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-14
binding file
format 21-7
location 21-6
bindings 21-6
clearing agent statistics 21-15
configuration guidelines 21-9
configuring 21-14
default configuration 21-8
deleting
binding file 21-15
bindings 21-15
database agent 21-15
described 21-6
displaying 21-15
status and statistics 21-15
enabling 21-14
entry 21-6
renewing database 21-15
resetting
delay value 21-15
timeout value 21-15
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 37-14
default configuration 37-14
described 37-6
enabling client function 37-17
enabling DHCPv6 server function 37-15
Differentiated Services architecture, QoS 34-2
Differentiated Services Code Point
Diffusing Update Algorithm (DUAL) 36-34
Digital Optical Monitoring
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, Ethernet OAM 43-32
Distance Vector Multicast Routing Protocol
distribute-list command 36-108
DNS
and DHCP-based autoconfiguration 3-7
default configuration 5-16
displaying the configuration 5-17
in IPv6 37-3
overview 5-15
setting up 5-16
DNS-based SSM mapping 45-19, 45-21
DoM
displaying supported transceivers 9-22
domain names
DNS 5-15
VTP 12-7
Domain Name System
domains, ISO IGRP routing 36-63
dot1q-tunnel switchport mode 11-16
double-tagged packets
802.1Q tunneling 15-2
Layer 2 protocol tunneling 15-14
downloading
configuration files
reasons for B-8
using FTP B-12
using RCP B-16
using TFTP B-10
image files
deleting old image B-26
reasons for B-22
using FTP B-28
using HTTP B-22
using RCP B-32
using TFTP B-25
drop threshold for Layer 2 protocol packets 15-15
DRP
configuring 37-12
described 37-4
IPv6 37-4
DSCP 34-3
DSCP input queue threshold map for QoS 34-21
DSCP output queue threshold map for QoS 34-25
DSCP-to-CoS map for QoS 34-83
DSCP-to-DSCP-mutation map for QoS 34-84
DSCP transparency 34-61
DTP 11-15
DUAL finite state machine, EIGRP 36-35
dual IPv4 and IPv6 templates 6-2, 37-5
dual-level policy maps
configuring 34-72
described 34-15
dual protocol stacks
IPv4 and IPv6 37-5
SDM templates supporting 37-6
duplex mode, configuring 9-13
DVMRP
autosummarization
configuring a summary address 45-58
disabling 45-60
connecting PIM domain to DVMRP router 45-50
enabling unicast routing 45-54
interoperability
with Cisco devices 45-48
with IOS software 45-8
mrinfo requests, responding to 45-53
neighbors
advertising the default route to 45-52
discovery with Probe messages 45-48
displaying information 45-53
prevent peering with nonpruning 45-56
rejecting nonpruning 45-54
overview 45-8
routes
adding a metric offset 45-60
advertising all 45-60
advertising the default route to neighbors 45-52
caching DVMRP routes learned in report messages 45-54
changing the threshold for syslog messages 45-57
deleting 45-61
displaying 45-62
favoring one over another 45-60
limiting the number injected into MBONE 45-57
limiting unicast route advertisements 45-48
routing table 45-9
source distribution tree, building 45-9
tunnels
configuring 45-50
displaying neighbor information 45-53
dynamic access ports
characteristics 11-3
configuring 11-29
defined 9-3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
clearing
log buffer 22-15
statistics 22-15
configuration guidelines 22-6
configuring
ACLs for non-DHCP environments 22-8
in DHCP environments 22-7
log buffer 22-12
rate limit for incoming ARP packets 22-4, 22-10
default configuration 22-5
denial-of-service attacks, preventing 22-10
described 22-1
DHCP snooping binding database 22-2
displaying
ARP ACLs 22-14
configuration and operating state 22-14
log buffer 22-15
statistics 22-15
trust state and rate limit 22-14
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
log buffer
clearing 22-15
configuring 22-12
displaying 22-15
logging of dropped packets, described 22-4
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
rate limiting of ARP packets
configuring 22-10
described 22-4
error-disabled state 22-4
statistics
clearing 22-15
displaying 22-15
validation checks, performing 22-11
dynamic auto trunking mode 11-15
dynamic desirable trunking mode 11-15
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 11-27
reconfirming 11-30
troubleshooting 11-32
types of connections 11-29
dynamic routing
ISO CLNS 36-63
protocols 36-2
Dynamic Trunking Protocol
E
ECMP tree trace 44-25
ECMP tree trace, configuring 44-37
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EEM 3.2 32-5
EIGRP
and IGRP 36-37
authentication 36-39
components 36-35
configuring 36-37
default configuration 36-36
definition 36-34
interface parameters, configuring 36-38
monitoring 36-41
stub routing 36-40
ELIN location 26-3
E-LMI
and OAM Manager 43-43
CE device configuration 43-49
configuration guidelines 43-44
configuring a CE device 43-47
configuring a PE device 43-47
default configuration 43-44
defined 43-42
enabling 43-47
information 43-43
monitoring 43-49
PE device configuration 43-48
embedded event manager
3.2 32-5
actions 32-4
displaying information 32-7
environmental variables 32-5
event detectors 32-3
policies 32-4
registering and defining an applet 32-6
registering and defining a TCL script 32-7
understanding 32-1
enable password 7-3
enable secret password 7-3
encapsulation, in pseudowire redundancy 44-48
encryption, CipherSuite 7-42
encryption for passwords 7-3
Enhanced IGRP
enhanced object tracking
backup static routing 42-12
commands 42-1
defined 42-1
DHCP primary interface 42-11
HSRP 42-7
IP routing state 42-2
IP SLAs 42-9
line-protocol state 42-2
network monitoring with IP SLAs 42-11
routing policy, configuring 42-12
static route primary interface 42-10
tracked lists 42-3
enhanced object tracking static routing 42-10
enhanced-services interfaces
environmental variables, embedded event manager 32-5
environment variables, function of 3-19
EoMPLS
and 802.1Q tunneling 44-41
and Layer 2 protocol tunneling 44-42
and QoS 44-42
configuring 44-44
default configuration 44-43
limitations 44-42
monitoring 44-55
packet flow 44-45
QoS 44-51
equal cost multipath tree trace
equal-cost routing 36-97
error messages during command entry 2-4
EtherChannel
802.3ad, described 35-5
automatic creation of 35-4, 35-5
channel groups
binding physical and logical interfaces 35-3
numbering of 35-3
configuration guidelines 35-9
configuring
Layer 3 physical interfaces 35-14
Layer 3 port-channel logical interfaces 35-13
configuring Layer 2 interfaces 35-10
default configuration 35-9
described 35-2
displaying status 35-20
forwarding methods 35-6, 35-16
interaction
with STP 35-9
with VLANs 35-10
LACP
described 35-5
displaying status 35-20
hot-standby ports 35-18
interaction with other features 35-6
modes 35-5
port priority 35-19
system priority 35-19
Layer 3 interface 36-3
logical interfaces, described 35-3
number of interfaces per 35-2
PAgP
aggregate-port learners 35-17
compatibility with Catalyst 1900 35-17
described 35-4
displaying status 35-20
interaction with other features 35-5
learn method and priority configuration 35-17
modes 35-4
silent mode 35-5
port-channel interfaces
described 35-3
numbering of 35-3
port groups 9-5
EtherChannel guard
described 18-7
disabling 18-14
enabling 18-14
Ethernet infrastructure 43-1
Ethernet Link Management Interface
Ethernet Locked Signal (ETH-LCK) 43-23
Ethernet OAM 43-32
and CFM interaction 43-50
configuration guidelines 43-33
configuring with CFM 43-51
default configuration 43-33
discovery 43-32
manager 43-1
messages 43-32
protocol
defined 43-31
monitoring 43-42
remote failure indications 43-32, 43-39
templates 43-39
Ethernet OAM protocol 43-1
Ethernet OAM protocol CFM notifications 43-50
Ethernet operation, administration, and maintenance
Ethernet over MPLS
Ethernet Remote Defect Indication (ETH-RDI) 43-23
Ethernet virtual connections
Ethernet VLANs
creating 11-8
defaults and ranges 11-7
modifying 11-8
EUI 37-3
EVCs
configuring 43-45
in CFM domains 43-42
event detectors, embedded event manager 32-3
events, RMON 29-3
examples
network configuration 1-14
experimental bits, setting MPLS priority with 44-53
extended-range VLANs
configuration guidelines 11-11
configuring 11-10
defined 11-1
extended system ID
MSTP 17-17
extended universal identifier
Extensible Authentication Protocol over LAN 8-1
external BGP
external neighbors, BGP 36-46
F
fallback bridging
and protected ports 47-3
bridge groups
creating 47-3
described 47-1
displaying 47-10
function of 47-2
number supported 47-4
removing 47-4
bridge table
clearing 47-10
displaying 47-10
configuration guidelines 47-3
connecting interfaces with 9-7
default configuration 47-3
described 47-1
frame forwarding
flooding packets 47-2
forwarding packets 47-2
overview 47-1
protocol, unsupported 47-3
STP
disabling on an interface 47-9
forward-delay interval 47-8
hello BPDU interval 47-8
interface priority 47-6
keepalive messages 16-2
maximum-idle interval 47-9
path cost 47-7
VLAN-bridge spanning-tree priority 47-5
VLAN-bridge STP 47-2
SVIs and routed ports 47-1
unsupported protocols 47-3
Fast Convergence 20-3
features
availability 1-4
Layer 2 VPN services 1-6
Layer 3 1-10
Layer 3 VPN services 1-6
manageability 1-3
management options 1-3
monitoring 1-11
performance 1-2
QoS 1-8
security 1-7
VLAN 1-5
FEC 44-2
FIB 36-96
fiber-optic, detecting unidirectional links 27-1
files
copying B-4
crashinfo
description 48-17
displaying the contents of 48-17
location 48-17
deleting B-5
displaying the contents of B-7
tar
creating B-5
displaying the contents of B-6
extracting B-7
image file format B-23
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 33-29
non-IP traffic 33-27
show and more command output 2-8
filters, IP
flash device, number of B-1
Flex Link Multicast Fast Convergence 20-3
Flex Links
configuration guidelines 20-8
configuring 20-9
configuring preferred VLAN 20-12
configuring VLAN load balancing 20-11
default configuration 20-8
description 20-1
link load balancing 20-2
monitoring 20-14
VLANs 20-2
flooded traffic, blocking 24-8
flowcharts
QoS egress queue-set queueing and scheduling 34-23
QoS hierarchical queues queueing and scheduling 34-37
QoS hierarchical two-rate policing and marking 34-35
QoS ingress, single-rate policing and marking 34-15
QoS ingress classification 34-11
QoS ingress queueing and scheduling 34-20
flow control 9-14
forward-delay time
MSTP 17-23
STP 16-21
forwarding-equivalence class
forwarding equivalence classes 44-3
Forwarding Information Base
forwarding non-routable protocols 47-1
FTP
accessing MIB files A-3
configuration files
downloading B-12
overview B-11
preparing the server B-12
uploading B-13
image files
deleting old image B-30
downloading B-28
preparing the server B-27
uploading B-30
G
general query 20-5
Generating IGMP Reports 20-3
get-bulk-request operation 31-4
get-next-request operation 31-4, 31-5
get-request operation 31-4, 31-5
get-response operation 31-4
global configuration mode 2-2
guest VLAN and IEEE 802.1x 8-9
H
hardware limitations and Layer 3 interfaces 9-18
hello time
MSTP 17-22
STP 16-20
help, for the command line 2-3
Hierarchical policies 34-40
hierarchical policy maps on SVIs 34-13
configuring 34-72
described 34-15
hierarchical QoS
Hierarchical QoS, and EtherChannels 34-101
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 30-9
host ports
configuring 13-11
kinds of 13-2
hosts, limit on dynamic ports 11-32
Hot Standby Router Protocol
HP OpenView 1-3
HSRP
authentication string 40-9
configuring 40-4
default configuration 40-4
definition 40-1
enabling 40-5
guidelines 40-4
monitoring 40-10
object tracking 42-7
overview 40-1
priority 40-6
routing redundancy 1-10
timers 40-9
tracking 40-7
HTTP over SSL
HTTPS 7-41
configuring 7-44
self-signed certificate 7-41
HTTP secure server 7-41
I
ICMP
IPv6 37-4
redirect messages 36-10
time exceeded messages 48-11
traceroute and 48-11
unreachable messages 33-19
unreachable messages and IPv6 39-4
unreachables and ACLs 33-21
ICMP Echo operation
configuring 41-11
IP SLAs 41-11
ICMP ping
executing 48-8
overview 48-8
ICMP Router Discovery Protocol
ICMPv6 37-4
IDS appliances
and ingress RSPAN 28-20
and ingress SPAN 28-13
IEEE 802.1ag 43-2
IEEE 802.1D
IEEE 802.1p 14-1
IEEE 802.1Q
and trunk ports 9-3
configuration limitations 11-17
encapsulation 11-14
native VLAN for untagged traffic 11-22
tunneling
compatibility with other features 15-6
defaults 15-4
described 15-2
tunnel ports with other features 15-6
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.1x accounting 8-28
IEEE 802.3ad
IEEE 802.3ah Ethernet OAM discovery 43-1
IEEE 802.3x flow control 9-14
ifIndex values, SNMP 31-6
IGMP
configuring the switch
as a member of a group 45-38
statically connected member 45-43
controlling access to groups 45-39
default configuration 45-38
deleting cache entries 45-62
displaying groups 45-62
fast switching 45-43
host-query interval, modifying 45-41
joining multicast group 23-3
join messages 23-3
leave processing, enabling 23-10, 38-8
leaving multicast group 23-4
multicast reachability 45-38
overview 45-2
queries 23-3
report suppression
described 23-5
Version 1
changing to Version 2 45-40
described 45-3
Version 2
changing to Version 1 45-40
described 45-3
maximum query response time value 45-42
pruning groups 45-42
query timeout value 45-42
IGMP filtering
configuring 23-22
default configuration 23-22
described 23-21
monitoring 23-26
IGMP groups
configuring filtering 23-25
setting the maximum number 23-24
IGMP profile
applying 23-23
configuration mode 23-22
configuring 23-23
IGMP snooping
and address aliasing 23-2
configuring 23-5
default configuration 23-6, 38-5, 38-6
definition 23-1
enabling and disabling 23-6, 38-6
global configuration 23-6
Immediate Leave 23-5
method 23-7
querier
configuration guidelines 23-10
configuring 23-10
VLAN configuration 23-7
IGMP throttling
configuring 23-25
default configuration 23-22
described 23-22
displaying action 23-26
IGP 36-23
IGRP, split horizon 36-22
Immediate Leave, IGMP 23-5
enabling 38-8
initial configuration
defaults 1-11
interface
number 9-7
range macros 9-10
interface command 9-7
interface configuration
REP 19-10
interface configuration mode 2-2
interfaces
configuration guidelines 9-13
configuring 9-7
configuring duplex mode 9-13
configuring speed 9-13
counters, clearing 9-22
described 9-17
descriptive name, adding 9-17
displaying information about 9-21
flow control 9-14
management 1-3
monitoring 9-21
naming 9-17
physical, identifying 9-7
range of 9-8
restarting 9-23
shutting down 9-23
supported 9-7
types of 9-1
interfaces range macro command 9-10
interface types 9-7
Interior Gateway Protocol
internal BGP
internal neighbors, BGP 36-46
Internet Control Message Protocol
Internet Group Management Protocol
Internet Protocol version 6
Inter-Switch Link
inter-VLAN routing 36-2
Intrusion Detection System
inventory management TLV 26-6
ip access group command 33-20
IP ACLs
extended, creating 33-9
for QoS classification 34-11
implicit deny 33-9, 33-13, 33-15
implicit masks 33-9
logging 33-15
named 33-14
standard, creating 33-8
undefined 33-20
virtual terminal lines, setting on 33-18
IP addresses
128-bit 37-2
classes of 36-4
default configuration 36-4
discovering 5-31
for IP routing 36-3
IPv6 37-2
MAC address association 36-7
monitoring 36-16
IP broadcast address 36-14
IP directed broadcasts 36-12
ip igmp profile command 23-22
IP information
assigned
manually 3-14
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing
addresses
all-hosts 45-3
all-multicast-routers 45-3
host group address range 45-3
administratively-scoped boundaries, described 45-46
and IGMP snooping 23-1
Auto-RP
adding to an existing sparse-mode cloud 45-25
benefits of 45-25
clearing the cache 45-62
configuration guidelines 45-11
filtering incoming RP announcement messages 45-28
overview 45-6
preventing candidate RP spoofing 45-28
preventing join messages to false RPs 45-27
setting up in a new internetwork 45-25
using with BSR 45-33
bootstrap router
configuration guidelines 45-11
configuring candidate BSRs 45-31
configuring candidate RPs 45-32
defining the IP multicast boundary 45-30
defining the PIM domain border 45-29
overview 45-7
using with Auto-RP 45-33
Cisco implementation 45-1
configuring
basic multicast routing 45-11
IP multicast boundary 45-46
default configuration 45-10
enabling
multicast forwarding 45-12
PIM mode 45-12
group-to-RP mappings
Auto-RP 45-6
BSR 45-7
MBONE
deleting sdr cache entries 45-62
described 45-45
displaying sdr cache 45-63
enabling sdr listener support 45-45
limiting DVMRP routes advertised 45-57
limiting sdr cache entry lifetime 45-45
SAP packets for conference session announcement 45-45
Session Directory (sdr) tool, described 45-45
monitoring
packet rate loss 45-63
peering devices 45-63
tracing a path 45-63
multicast forwarding, described 45-7
PIMv1 and PIMv2 interoperability 45-10
protocol interaction 45-2
reverse path check (RPF) 45-7
routing table
deleting 45-62
displaying 45-62
RP
assigning manually 45-23
configuring Auto-RP 45-25
configuring PIMv2 BSR 45-29
monitoring mapping information 45-34
using Auto-RP and BSR 45-33
statistics, displaying system and network 45-62
IP phones
and QoS 14-1
automatic classification and queueing 34-41
configuring 14-4
ensuring port security with QoS 34-60
trusted boundary for QoS 34-60
IP Port Security for Static Hosts
on a Layer 2 access port 21-19
on a PVLAN host port 21-23
IP precedence 34-3
IP-precedence-to-DSCP map for QoS 34-81
IP protocols in ACLs 33-11
IP routes, monitoring 36-110
IP routing
connecting interfaces with 9-6
enabling 36-17
IP Service Level Agreements
IP Service Level Agreements
See IP SLAs 44-22
IP service levels, analyzing 41-1
IP SLAs
benefits 41-2
CFM endpoint discovery 43-20
configuration guidelines 41-6
configuring manually 44-30
configuring object tracking 42-9
Control Protocol 41-4
default configuration 41-6
defined 44-1
definition 41-1
ECMP tree trace, configuring 44-37
Health Monitor 44-24
ICMP echo operation 41-11
LSP Health Monitor
configuring 44-31
described 44-25
LSP Health Monitor, configuring 44-31
manually configuring CFM ping or jitter 43-18
manually configuring LSP ping 44-34
manually configuring LSP traceroute 44-34
measuring network performance 41-3
monitoring 41-13
monitoring MPLS LSP 44-30
MPLS 44-22
MPLS LSP 44-24
MPLS parameters, configuring 44-31
multioperations scheduling 41-5
object tracking 42-9
operation 41-3
reachability tracking 42-9
responder
described 41-4
enabling 41-7
response time 41-4
scheduling 41-5
SNMP support 41-2
supported metrics 41-2
threshold monitoring 41-6
track object monitoring agent, configuring 42-11
track state 42-9
UDP jitter operation 41-8
IP source guard
and DHCP snooping 21-15
and EtherChannels 21-18
and IEEE 802.1x 21-18
and port security 21-18
and private VLANs 21-18
and routed ports 21-18
and TCAM entries 21-18
and trunk interfaces 21-18
and VRF 21-18
binding configuration
automatic 21-16
manual 21-16
binding table 21-16
configuration guidelines 21-18
default configuration 21-17
described 21-15
disabling 21-19
displaying
bindings 21-25
configuration 21-25
filtering
source IP address 21-16
source IP and MAC address 21-16
source IP address filtering 21-16
source IP and MAC address filtering 21-16
static bindings
deleting 21-19
static hosts 21-20
IP traceroute
executing 48-12
overview 48-11
IP unicast routing
address resolution 36-7
administrative distances 36-99, 36-108
ARP 36-7
assigning IP addresses to Layer 3 interfaces 36-5
authentication keys 36-109
broadcast
address 36-14
flooding 36-15
packets 36-12
storms 36-12
classless routing 36-6
configuring static routes 36-98
default
addressing configuration 36-4
gateways 36-10
networks 36-99
routes 36-99
directed broadcasts 36-12
dynamic routing 36-2
enabling 36-17
EtherChannel Layer 3 interface 36-3
IGP 36-23
inter-VLAN 36-2
IP addressing
classes 36-4
configuring 36-3
IPv6 37-3
IRDP 36-11
Layer 3 interfaces 36-3
MAC address and IP address 36-7
passive interfaces 36-107
proxy ARP 36-7
redistribution 36-100
reverse address resolution 36-7
routed ports 36-3
static routing 36-2
steps to configure 36-3
subnet mask 36-5
subnet zero 36-5
supernet 36-6
UDP 36-14
with SVIs 36-3
IPv4 and IPv6
dual protocol stacks 37-5
IPv6
ACLs
displaying 39-8
limitations 39-3
matching criteria 39-3
port 39-1
precedence 39-2
router 39-1
supported 39-2
addresses 37-2
address formats 37-2
applications 37-5
assigning address 37-10
autoconfiguration 37-4
CEFv6 37-18
configuring static routes 37-19
default configuration 37-9
default router preference (DRP) 37-4
defined 37-1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 37-6
Router ID 37-6
feature limitations 37-8
features not supported 37-8
forwarding 37-10
ICMP 37-4
monitoring 37-24
neighbor discovery 37-4
OSPF 37-6
path MTU discovery 37-4
Stateless Autoconfiguration 37-4
supported features 37-2
switch limitations 37-8
understanding static routes 37-6
IPv6 traffic, filtering 39-3
IRDP
configuring 36-11
definition 36-11
IS-IS
addresses 36-63
area routing 36-63
default configuration 36-64
monitoring 36-72
show commands 36-72
system routing 36-63
ISL
and IPv6 37-3
ISL and trunk ports 9-3
ISO CLNS
clear commands 36-72
dynamic routing protocols 36-63
monitoring 36-72
NETs 36-63
NSAPs 36-63
OSI standard 36-63
ISO IGRP
area routing 36-63
system routing 36-63
isolated port 13-2
ITU-T Y.1731
J
join messages, IGMP 23-3
K
keepalive messages 16-2
Kerberos
authenticating to
boundary switch 7-33
KDC 7-33
network services 7-34
configuration examples 7-31
configuring 7-34
credentials 7-31
cryptographic software image 7-31
described 7-31
KDC 7-31
operation 7-33
realm 7-32
server 7-32
switch as trusted third party 7-31
terms 7-32
TGT 7-33
tickets 7-31
key distribution center
L
l2protocol-tunnel command 15-17
L2VPN interworking 44-48
L2VPN pseudowire redundancy 44-46
label binding 44-2
label distribution protocol
labels, MPLS 44-2
label switching router
LACP
Layer 2 protocol tunneling 15-13
Layer 2 frames, classification with CoS 34-2
Layer 2 interfaces, default configuration 9-11
Layer 2 protocol tunneling
configuring 15-14
configuring for EtherChannels 15-18
default configuration 15-15
defined 15-12
guidelines 15-15
Layer 2 traceroute
and ARP 48-10
and CDP 48-10
described 48-10
IP addresses and subnets 48-10
MAC addresses and VLANs 48-10
multicast traffic 48-10
multiple devices on a port 48-11
unicast traffic 48-10
usage guidelines 48-10
Layer 2 trunks 11-15
Layer 3 features 1-10
Layer 3 interfaces
assigning IP addresses to 36-5
assigning IPv4 and IPv6 addresses to 37-13
assigning IPv6 addresses to 37-10
changing from Layer 2 mode 36-5, 36-88
types of 36-3
Layer 3 packets, classification methods 34-3
LDAP 4-2
LDP 44-7
Leaking IGMP Reports 20-4
leave processing, IGMP 23-10
lightweight directory access protocol
line configuration mode 2-2
Link Aggregation Control Protocol
Link Failure
detecting unidirectional 17-7
link integrity, verifying with REP 19-3
Link Layer Discovery Protocol
link local unicast addresses 37-3
link monitoring, Ethernet OAM 43-32, 43-35
link redundancy
links, unidirectional 27-1
link state advertisements (LSAs) 36-29
link-state tracking
configuring 35-22
described 35-21
LLDP
configuring 26-3
characteristics 26-4
default configuration 26-3
disabling and enabling
globally 26-5
on an interface 26-5
monitoring and maintaining 26-7
overview 26-1
supported TLVs 26-2
switch stack considerations 26-2
transmission timer and holdtime, setting 26-4
LLDP-MED
configuring 26-3
TLVs 26-6
monitoring and maintaining 26-7
supported TLVs 26-2
LLDP Media Endpoint Discovery
LLQ
described 34-40
enabling 34-125
interaction with the egress priority queue 34-125
logging messages, ACL 33-9
login authentication
with RADIUS 7-22
with TACACS+ 7-13
login banners 5-17
log messages
Long-Reach Ethernet (LRE) technology 1-14
loop guard
described 18-9
enabling 18-15
low-latency queueing
LSP Health Monitor
configuring 44-31
described 44-30
LSP multipath tree trace 44-24
LSP ping
configuring 44-26
described 44-23
over pseudowire
configuring 44-29
described 44-24
LSP traceroute
configuring 44-28
described 44-23
LSP tree trace
defined 44-36
manually configuring 44-36
LSR 44-2
M
MAC addresses
aging time 5-21
and VLAN association 5-20
building the address table 5-20
default configuration 5-21
disabling learning on a VLAN 5-30
discovering 5-31
displaying 5-30
displaying in the IP source binding table 21-25
dynamic
learning 5-20
removing 5-22
in ACLs 33-27
IP address association 36-7
static
adding 5-27
characteristics of 5-27
dropping 5-29
removing 5-28
MAC address learning, disabling on a VLAN 5-30
MAC address-table move update
configuration guidelines 20-8
configuring 20-12
default configuration 20-8
description 20-6
monitoring 20-14
MAC address-to-VLAN mapping 11-27
MAC extended access lists
applying to Layer 2 interfaces 33-28
configuring for QoS 34-66
creating 33-27
defined 33-27
for QoS classification 34-9
macros
Maintenance end points
Maintenance intermediate points
manageability features 1-3
management options
CLI 2-1
SNMP 31-1
manual preemption, REP, configuring 19-13
mapping tables for QoS
configuring
CoS-to-DSCP 34-80
DSCP 34-79
DSCP-to-CoS 34-83
DSCP-to-DSCP-mutation 34-84
IP-precedence-to-DSCP 34-81
policed-DSCP 34-82
described 34-17
marking
action in
hierarchical policy map 34-109, 34-112
ingress policy map 34-69, 34-78
described
matching
IPv6 ACLs 39-3
matching, ACLs 33-7
maximum aging time
MSTP 17-23
STP 16-21
maximum hop count, MSTP 17-24
maximum number of allowed devices, port-based authentication 8-16
maximum-paths command 36-50, 36-97
membership mode, VLAN port 11-3
MEPs
and STP 43-4
defined 43-3
messages
logging ACL violations 33-15
to users through banners 5-17
messages, Ethernet OAM 43-32
metrics, in BGP 36-50
metric translations, between routing protocols 36-104
metro tags 15-2
MIBs
accessing files with FTP A-3
location of files A-3
overview 31-1
SNMP interaction with 31-5
supported A-1
MIPs
and STP 43-4
defined 43-4
mirroring traffic for analysis 28-1
mismatches, autonegotiation 48-7
module number 9-7
monitoring
802.1Q tunneling 15-22
access groups 33-40
ACL configuration 33-40
BGP 36-62
cables for unidirectional links 27-1
CDP 25-4
EIGRP 36-41
E-LMI 43-49
EoMPLS 44-55
Ethernet OAM 43-42
Ethernet OAM protocol 43-42
fallback bridging 47-10
features 1-11
Flex Links 20-14
HSRP 40-10
IGMP
filters 23-26
interfaces 9-21
IP
address tables 36-16
multicast routing 45-61
routes 36-110
IP SLAs operations 41-13
IPv6 37-24
IPv6 ACL configuration 39-8
IS-IS 36-72
ISO CLNS 36-72
Layer 2 protocol tunneling 15-22
MAC address-table move update 20-14
MPLS 44-55
MSDP peers 46-17
multicast router interfaces 23-13, 38-11
multi-VRF CE 36-95
MVR 23-21
network traffic for analysis with probe 28-2
OAM manager 43-49
object tracking 42-13
OSPF 36-33
port
blocking 24-17
protection 24-17
private VLANs 13-14
pseudowire redundancy 44-51
REP 19-14
RP mapping information 45-34
SFPs
SFPs status 1-11
source-active messages 46-17
speed and duplex mode 9-14
SSM mapping 45-23
traffic flowing among switches 29-1
traffic suppression 24-17
tunneling 15-22
VLAN
filters 33-41
maps 33-41
VLANs 11-14
VMPS 11-31
VTP 12-13
MP-BGP 44-12
MPLS
configuring 44-7
default configuration 44-7
experimental field 44-52
fast link change detection 44-14
fast reroute
configuration guidelines 44-15
IP SLAs
ping 44-30
trace 44-30
IP SLAs LSP
ping 44-24
traceroute 44-24
label 44-2
LSP Health Monitor 44-23, 44-30
LSP ping 44-23
LSP traceroute 44-23
monitoring 44-55
network monitoring 44-24
QoS
configuring 44-53
default configuration 44-53
experimental bits 44-52
uses 44-51
RSVP hello messages 44-14
TE
autotunnel, configuring 44-20
backup autotunnel 44-15
configuration guidelines 44-15
configuring 44-16
described 44-13
fast reroute
configuring 1
described 1
failure detection 1
primary autotunnel 44-15
protected links 44-19
routing protocol, configuring 44-17
supported features 44-13
tunnel, configuring 44-16
unsupported features 44-14
VPN
configuration guidelines 44-7
labels 44-4
packet flow 44-12
VPN QoS 44-55
MPLS OAM
configuration guidelines 44-25
default configuration 44-25
described 44-21
MPLS Operations, Administration, and Maintenance
MPLS traffic engineering
mrouter Port 20-3
mrouter port 20-5
MSDP
benefits of 46-3
clearing MSDP connections and statistics 46-18
controlling source information
forwarded by switch 46-11
originated by switch 46-8
received by switch 46-13
default configuration 46-4
dense-mode regions
sending SA messages to 46-16
specifying the originating address 46-17
filtering
incoming SA messages 46-13
SA messages to a peer 46-12
SA requests from a peer 46-10
join latency, defined 46-6
meshed groups
configuring 46-15
defined 46-15
originating address, changing 46-17
overview 46-1
peer-RPF flooding 46-2
peers
configuring a default 46-4
monitoring 46-17
peering relationship, overview 46-1
requesting source information from 46-8
shutting down 46-15
source-active messages
caching 46-6
clearing cache entries 46-18
defined 46-2
filtering from a peer 46-10
filtering incoming 46-13
filtering to a peer 46-12
limiting data with TTL 46-13
monitoring 46-17
restricting advertised sources 46-9
MSTP
boundary ports
configuration guidelines 17-15
described 17-6
BPDU filtering
described 18-3
enabling 18-12
BPDU guard
described 18-2
enabling 18-11
CIST, described 17-3
CIST root 17-5
configuration guidelines 17-14, 18-10
configuring
forward-delay time 17-23
hello time 17-22
link type for rapid convergence 17-24
maximum aging time 17-23
maximum hop count 17-24
MST region 17-15
neighbor type 17-25
path cost 17-20
port priority 17-19
root switch 17-17
secondary root switch 17-18
switch priority 17-21
CST
defined 17-3
operations between regions 17-3
default configuration 17-14
default optional feature configuration 18-9
displaying status 17-26
enabling the mode 17-15
EtherChannel guard
described 18-7
enabling 18-14
extended system ID
effects on root switch 17-17
effects on secondary root switch 17-18
unexpected behavior 17-17
IEEE 802.1s
implementation 17-6
port role naming change 17-6
instances supported 16-9
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-10
interoperability with 802.1D
described 17-8
restarting migration process 17-25
IST
defined 17-2
master 17-3
operations within a region 17-3
loop guard
described 18-9
enabling 18-15
mapping VLANs to MST instance 17-16
MST region
CIST 17-3
configuring 17-15
described 17-2
hop-count mechanism 17-5
IST 17-2
supported spanning-tree instances 17-2
overview 17-2
Port Fast
described 18-2
enabling 18-10
preventing root switch selection 18-8
root guard
described 18-8
enabling 18-15
root switch
configuring 17-17
effects of extended system ID 17-17
unexpected behavior 17-17
shutdown Port Fast-enabled port 18-2
stack changes, effects of 17-8
status, displaying 17-26
multicast Ethernet loopback (ETH-LB) 43-23
multicast Ethernet loopback, using 43-28
multicast groups
Immediate Leave 23-5
joining 23-3
leaving 23-4
multicast packets
ACLs on 33-40
blocking 24-8
multicast router interfaces, monitoring 23-13, 38-11
multicast router ports, adding 23-8, 38-8
Multicast Source Discovery Protocol
multicast storm-control command 24-4
multicast storms 24-1
Multicast VLAN Registration
multioperations scheduling, IP SLAs 41-5
Multiple Spanning Tree Protocol
multiple VPN routing/forwarding, customer edge devices
multiple VPN routing/forwarding in customer edge devices
multiprotocol label switching
multi-VRF CE
configuration example 36-92
configuration guidelines 36-85
configuring 36-84
default configuration 36-84
defined 36-82
displaying 36-95
monitoring 36-95
network components 36-84
packet-forwarding process 36-84
support for 1-10
MVR
and address aliasing 23-17
configuring interfaces 23-18
default configuration 23-16
described 23-13
modes 23-18
monitoring 23-21
setting global parameters 23-17
MVRoT, guidelines 23-16
MVR over trunk ports
N
named IP ACLs 33-14
NameSpace Mapper
native VLAN
and 802.1Q tunneling 15-4
configuring 11-22
default 11-22
NEAT
configuring 8-30
overview 8-12
neighbor discovery, IPv6 37-4
neighbor discovery/recovery, EIGRP 36-35
neighbor offset numbers, REP 19-4
neighbors, BGP 36-57
Network Edge Access Topology
network management
CDP 25-1
RMON 29-1
SNMP 31-1
network performance, measuring with IP SLAs 41-3
network policy TLV 26-6
Network Time Protocol
no commands 2-4
nonhierarchical policy maps 34-13
non-IP traffic filtering 33-27
Nonstop Forwarding Awareness
nontrunking mode 11-15
normal-range VLANs
defined 11-1
no switchport command 9-4
not-so-stubby areas
NSAPs, as ISO IGRP addresses 36-63
NSF Awareness
BGP 36-46
EIGRP 36-37
IS-IS 36-65
OSPF 36-25
NSM 4-3
NSSA, OSPF 36-29
NTP
and ACL time ranges 33-16
associations
authenticating 5-4
defined 5-2
enabling broadcast messages 5-6
peer 5-5
server 5-5
default configuration 5-4
displaying the configuration 5-10
overview 5-2
restricting access
creating an access group 5-8
disabling NTP services per interface 5-9
source IP address, configuring 5-10
stratum 5-2
synchronizing devices 5-5
time
services 5-2
synchronizing 5-2
NTP access group keywords, scanning order 5-9
O
OAM
client 43-31
features 43-32
sublayer 43-31
OAM manager
and E-LMI 43-43
configuration guidelines 43-44
monitoring 43-49
purpose of 43-43
with CFM 43-43
with CFM and Ethernet OAM 43-50
OAM PDUs 43-33
OAM protocol data units 43-31
object tracking
HSRP 42-7
IP SLAs 42-9
IP SLAs, configuring 42-9
monitoring 42-13
Open Shortest Path First
optimizing system resources 6-1
options, management 1-3
OSPF
area parameters, configuring 36-29
configuring 36-25
default configuration
metrics 36-31
route 36-31
settings 36-24
described 36-23
for IPv6 37-6
interface parameters, configuring 36-26
LSA group pacing 36-32
monitoring 36-33
network types, configuring 36-28
router IDs 36-33
route summarization 36-31
virtual links 36-31
P
packet modification, with QoS 34-55
PAgP
Layer 2 protocol tunneling 15-13
parallel paths, in routing tables 36-97
passive interfaces
configuring 36-107
OSPF 36-31
passwords
default configuration 7-2
disabling recovery of 7-5
encrypting 7-3
overview 7-1
recovery of 48-3
setting
enable 7-3
enable secret 7-3
Telnet 7-6
with usernames 7-6
VTP domain 12-7
path cost
MSTP 17-20
STP 16-18
path MTU discovery 37-4
PBR
defined 36-104
enabling 36-105
fast-switched policy-based routing 36-106
local policy-based routing 36-106
peers, BGP 36-57
percentage thresholds in tracked lists 42-6
performance features 1-2
periodic data collection and transfer mechanism 31-6
persistent self-signed certificate 7-41
per-VLAN spanning-tree plus
PE to CE routing, configuring 36-91
physical ports 9-2
PIM
default configuration 45-10
dense mode
overview 45-4
rendezvous point (RP), described 45-5
RPF lookups 45-8
displaying neighbors 45-62
enabling a mode 45-12
overview 45-3
router-query message interval, modifying 45-37
shared tree and source tree, overview 45-34
shortest path tree, delaying the use of 45-36
sparse mode
join messages and shared tree 45-5
overview 45-5
prune messages 45-5
RPF lookups 45-8
stub routing
configuration guidelines 45-13
enabling 45-13
overview 45-5
versions
interoperability 45-10
troubleshooting interoperability problems 45-34
v2 improvements 45-4
PIM-DVMRP, as snooping method 23-7
ping
character output description 48-9
executing 48-8
overview 48-8
ping, LSP 44-23
ping mpls ipv4 command 44-26
ping mpls pseudowire command 44-29
policed-DSCP map for QoS 34-82
policers
configuring
for each matched traffic class 34-69
for more than one traffic class 34-78
hierarchical, two-rate 34-108
displaying aggregate 34-100
hierarchical, two-rate 34-34
ingress, single-rate 34-14
number supported 34-53, 34-102
types of 34-13
types of ingress 34-13
policies, hierarchical, described 34-34
policing
hierarchical dual-level on SVIs
ingress, described 34-13
token-bucket algorithm 34-14, 34-34
policy-based routing
policy maps
dual-level 34-13
hierarchical on SVIs 34-13
policy maps for QoS
characteristics of ingress 34-69
dual-level
configuring 34-72
described 34-15
hierarchical on SVIs
configuring 34-72
described 34-15
nonhierarchical and single-level
configuring 34-69
described 34-13
port ACLs
defined 33-2
types of 33-4
Port Aggregation Protocol
port-based authentication
accounting 8-5
configuring 8-28
authentication server
defined 8-2
RADIUS server 8-2
client, defined 8-2
configuration guidelines 8-15
configuring
guest VLAN 8-25
host mode 8-24
IEEE 802.1x authentication 8-18
manual re-authentication of a client 8-21
periodic re-authentication 8-21
quiet period 8-22
RADIUS server 8-21
RADIUS server parameters on the switch 8-20
restricted VLAN 8-26
switch-to-client frame-retransmission number 8-23, 8-24
switch-to-client retransmission time 8-22
violation mode 8-7
default configuration 8-14
described 8-1
device roles 8-2
displaying statistics 8-32
EAPOL-start frame 8-3
EAP-request/identity frame 8-3
EAP-response/identity frame 8-3
encapsulation 8-3
guest VLAN
configuration guidelines 8-9, 8-10
described 8-9
initiation and message exchange 8-3
maximum number of allowed devices per port 8-16
method lists 8-18
multiple-hosts mode, described 8-24
per-user ACLs
AAA authorization 8-18
configuration tasks 8-11
described 8-11
RADIUS server attributes 8-11
ports
authorization state and dot1x port-control command 8-4
authorized and unauthorized 8-4
voice VLAN 8-7
port security
and voice VLAN 8-7
described 8-6
interactions 8-6
multiple-hosts mode 8-24
readiness check
configuring 8-16
resetting to default values 8-28
statistics, displaying 8-32
switch
as proxy 8-3
RADIUS client 8-3
switch supplicant
configuring 8-30
overview 8-12
topologies, supported 8-5
upgrading from a previous release 34-46
user distribution
guidelines 8-12
overview 8-12
VLAN assignment
AAA authorization 8-18
characteristics 8-8
configuration tasks 8-8
described 8-8
voice VLAN
described 8-7
PVID 8-7
VVID 8-7
port blocking 24-7
port-channel
Port Fast
described 18-2
enabling 18-10
mode, spanning tree 11-28
port membership modes, VLAN 11-3
port priority
MSTP 17-19
STP 16-16
ports
access 9-2
blocking 24-7
configuring 9-7
dynamic access 11-3
enhanced services (ES) 9-3, 9-7
identifying 9-7
IEEE 802.1Q tunnel 11-4
numbering 9-7
protected 24-6
REP 19-6
routed 9-4
secure 24-8
switch 9-2
VLAN assignments 11-9
port security
aging 24-15
and private VLANs 24-16
and QoS trusted boundary 34-60
configuration guidelines 24-11
configuring 24-12
default configuration 24-11
described 24-8
displaying 24-17
enabling 24-16
on trunk ports 24-13
sticky learning 24-9
violations 24-10
port-shutdown response, VMPS 11-27
power management TLV 26-6
preempt delay time, REP 19-5
preemption, default configuration 20-8
preemption delay, default configuration 20-8
preferential treatment of traffic
prefix lists, BGP 36-54
preventing unauthorized access 7-1
primary edge port, REP 19-4
primary interface for object tracking, DHCP, configuring 42-11
primary interface for static routing, configuring 42-10
primary links 20-2
primary pseudowire 44-47
priority
HSRP 40-6
overriding CoS 14-5
trusting CoS 14-5
priority queues for QoS
egress on a standard port 34-25
ingress 34-89
LLQ on an enhanced services port 34-125
private VLAN edge ports
private VLANs
across multiple switches 13-4
and SDM template 13-4
and SVIs 13-5
benefits of 13-1
community ports 13-2
configuration guidelines 13-7, 13-8
configuration tasks 13-6
configuring 13-9
default configuration 13-6
end station access to 13-3
IP addressing 13-3
isolated port 13-2
mapping 13-13
monitoring 13-14
ports
community 13-2
configuration guidelines 13-8
configuring host ports 13-11
configuring promiscuous ports 13-12
described 11-4
isolated 13-2
promiscuous 13-2
promiscuous ports 13-2
secondary VLANs 13-2
subdomains 13-1
traffic in 13-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 7-9
exiting 7-9
logging into 7-9
setting a command with 7-8
promiscuous ports
configuring 13-12
defined 13-2
protected ports 24-6
protocol-dependent modules, EIGRP 36-35
Protocol-Independent Multicast Protocol
provider edge devices
and MPLS 44-7
and MPLS labels 44-3
in VPNs 44-6
using multi-VRF CE 36-83
proxy ARP
configuring 36-9
definition 36-7
with IP routing disabled 36-10
proxy reports 20-3
pruning, VTP
enabling 12-12
enabling on a port 11-21
examples 12-5
overview 12-4
pruning-eligible list
changing 11-21
for VTP pruning 12-4
VLANs 12-12
pseudowire
L2VPN interworking 44-48
pseudowire class 44-48
pseudowire redundancy 44-46
configuration guidelines 44-47
monitoring 44-51
pseudowires, defined 44-46
pseudowire switchover, manually configuring 44-50
PVST+
described 16-9
IEEE 802.1Q trunking interoperability 16-10
instances supported 16-9
Q
QoS
ACLs
IP extended 34-65
IP standard 34-63
MAC 34-66
aggregate policers, configuring 34-78
and 802.1Q tunneling 34-102
and EtherChannels 34-100, 34-101
and IEEE 802.1Q tunneling 34-58, 34-101
auto-QoS
categorizing traffic 34-41
configuration and defaults display 34-49
configuration guidelines 34-45
described 34-40
disabling 34-47
effects on running configuration 34-45
egress queue-set defaults 34-42
enabling for VoIP 34-46
example configuration 34-48
generated commands, displaying 34-47
ingress queue defaults 34-41
initial configuration, displaying 34-49
list of generated commands 34-43
basic model 34-4
classification
class maps, described 34-12, 34-33
DSCP transparency, described 34-61
flowchart, ingress 34-11
forwarding treatment 34-3
hierarchical, defined 34-6
in frames and packets 34-3
ingress, defined 34-6
IP ACLs, described 34-10, 34-11
MAC ACLs, described 34-9, 34-11
options for IP traffic 34-10
options for non-IP traffic 34-9
trust DSCP, described 34-9
trusted CoS, described 34-9
trust IP precedence, described 34-9
class maps
configuring hierarchical 34-105
configuring ingress 34-67
configuration guidelines
auto-QoS 34-45
hierarchical QoS 34-101
standard QoS 34-53
configuring
DSCP transparency 34-61
policy maps, dual level 34-72
policy maps, hierarchical on SVIs 34-72
CPU-generated traffic
configuring QoS parameters 34-42
cpu traffic qos command 34-68
default marking 34-54
marking and queuing 34-17, 34-68
mls qos srr-queue output cpu-queue command 34-17, 34-69
queue and threshold values 34-21, 34-25
show cpu traffic qos command 34-50
default configuration
auto-QoS 34-41
hierarchical QoS 34-101
standard QoS 34-50
displaying statistics 34-100
DSCP maps 34-79
DSCP transparency 34-61
egress queue-sets
allocating buffer space 34-90
buffer allocation scheme, described 34-24
characteristics 34-90
configuring shaped weights for SRR 34-93
configuring shared weights for SRR 34-95
described 34-6
displaying the threshold map 34-93
flowchart 34-23
mapping DSCP or CoS values 34-92
priority queueing 34-54, 34-95
scheduling, described 34-6
setting WTD thresholds 34-90
WTD, described 34-25
enabling globally 34-56
flowcharts
egress queue-set queueing and scheduling 34-23
hierarchical queues queueing and scheduling 34-37
hierarchical two-rate policing and marking 34-35
ingress, single-rate policing and marking 34-15
ingress classification 34-11
ingress queueing and scheduling 34-20
hierarchical levels
class level, described 34-30
physical interface level, described 34-32
supported number of class-level classes 34-31
supported number of VLAN-level classes 34-31
VLAN level, described 34-31
hierarchical QoS
CBWFQ 34-39
CBWFQ and DSCP-based WRED 34-117
CBWFQ and IP precedence-based WRED 34-121
CBWFQ and tail drop 34-114
child policy 34-31
classification based on class maps 34-33, 34-105
configuration guidelines 34-101
congestion avoidance 34-38
congestion management 34-38
default class 34-34
default configuration 34-101
displaying 34-129
matching criteria 34-33
policing, described 34-34
tail drop 34-38
traffic policies, described 34-33
two-rate traffic policer 34-34, 34-108
WRED 34-39
See also QoS, hierarchical levels
See also QoS, hierarchical queues
hierarchical queues
average queue size calculation 34-39
bandwidth limited stream 34-30
CBWFQ 34-39
congestion control 34-38
default queue 34-38
LLQ 34-40
number of queues supported 34-38
queue creation 34-33
scheduling 34-7
tail drop 34-38
WRED 34-39
See also QoS, hierarchical QoS
implicit deny 34-12
ingress queues
allocating bandwidth 34-88
allocating buffer space 34-87
buffer and bandwidth allocation, described 34-21
characteristics 34-85
configuring shared weights for SRR 34-88
configuring the priority queue 34-89
described 34-6
displaying the threshold map 34-87
flowchart 34-20
mapping DSCP or CoS values 34-86
priority queue, described 34-22
scheduling, described 34-6
setting WTD thresholds 34-86
WTD, described 34-21
in MPLS networks 44-51
IP phones
automatic classification and queueing 34-41
detection and trusted settings 34-41, 34-60
limiting bandwidth on egress interface 34-96
mapping tables
CoS-to-DSCP 34-80
displaying 34-100
DSCP-to-CoS 34-83
DSCP-to-DSCP-mutation 34-84
IP-precedence-to-DSCP 34-81
policed-DSCP 34-82
types of 34-17
marked-down actions 34-71, 34-75, 34-109, 34-112
marking
described, hierarchical 34-6, 34-34
described, ingress 34-6, 34-14
MPLS VPN 44-55
overview 34-2
packet modification 34-55
policers
configuring 34-71, 34-75, 34-78
displaying aggregate 34-100
hierarchical, two-rate 34-34
ingress, single-rate 34-14
number supported 34-53, 34-102
types of 34-13
types of ingress 34-13
policies, attaching to an interface 34-14, 34-36
policing
described 34-6
hierarchical, described 34-34
ingress, described 34-13
token-bucket algorithm 34-14
policy maps
characteristics of ingress 34-69
configuring 34-69
hierarchical on SVIs 34-13, 34-15
QoS label, defined 34-6
queues
configuring egress queue-set characteristics 34-90
configuring ingress characteristics 34-85
location of 34-17
SRR, described 34-19
WTD, described 34-19
See also QoS, egress queue-sets
See also QoS, hierarchical queues
rewrites 34-55
trusted boundary, configuring 34-60
trust states
bordering another domain 34-61
described 34-9
trusted device 34-60
within the domain 34-56
VRF 44-55
QoS features 1-8
quality of service
queries, IGMP 23-3
R
RADIUS
attributes
vendor-proprietary 7-29
vendor-specific 7-28
configuring
accounting 7-27
authentication 7-22
authorization 7-26
communication, global 7-20, 7-28
communication, per-server 7-19, 7-20
multiple UDP ports 7-20
default configuration 7-19
defining AAA server groups 7-24
displaying the configuration 7-30
identifying the server 7-19
limiting the services to the user 7-26
method list, defined 7-19
operation of 7-18
overview 7-17
server load balancing 7-30
suggested network environments 7-17
tracking services accessed by user 7-27
range
macro 9-10
of interfaces 9-8
rapid convergence 17-9
rapid per-VLAN spanning-tree plus
rapid PVST+
described 16-9
IEEE 802.1Q trunking interoperability 16-10
instances supported 16-9
Rapid Spanning Tree Protocol
RARP 36-7
RCP
configuration files
downloading B-16
overview B-14
preparing the server B-15
uploading B-17
image files
deleting old image B-34
downloading B-32
preparing the server B-31
uploading B-34
reachability, tracking IP SLAs IP host 42-9
readiness check
port-based authentication
configuring 8-16
reconfirmation interval, VMPS, changing 11-30
recovery procedures 48-1
redundancy
EtherChannel 35-3
HSRP 40-1
pseudowire 44-46
STP
backbone 16-8
path cost 11-25
port priority 11-23
redundant links and UplinkFast 18-13
redundant peer 44-50
redundant pseudowires 44-47
reliable transport protocol, EIGRP 36-35
reloading software 3-19
Remote Authentication Dial-In User Service
Remote Copy Protocol
remote failure indications 43-32
remote failure indications, Ethernet OAM 43-39
remote loopback, Ethernet OAM 43-32, 43-34
Remote Network Monitoring
Remote SPAN
REP
administrative VLAN 19-8
administrative VLAN, configuring 19-9
age timer 19-8
and STP 19-6
configuration guidelines 19-7
configuring interfaces 19-10
convergence 19-4
default configuration 19-7
manual preemption, configuring 19-13
monitoring 19-14
neighbor offset numbers 19-4
open segment 19-2
ports 19-6
preempt delay time 19-5
primary edge port 19-4
ring segment 19-2
secondary edge port 19-4
segments 19-1
characteristics 19-2
SNMP traps, configuring 19-14
supported interfaces 19-1
triggering VLAN load balancing 19-5
verifying link integrity 19-3
VLAN blocking 19-12
VLAN load balancing 19-4
report suppression, IGMP
described 23-5
resequencing ACL entries 33-14
reserved addresses in DHCP pools 21-27
resets, in BGP 36-49
resetting a UDLD-shutdown interface 27-6
Resilient Ethernet ProtocolLSee REP
responder, IP SLAs
described 41-4
enabling 41-7
response time, measuring with IP SLAs 41-4
restricted VLAN
configuring 8-26
described 8-10
using with IEEE 802.1x 8-10
restricting access
NTP services 5-8
overview 7-1
passwords and privilege levels 7-2
RADIUS 7-16
TACACS+ 7-9
retry count, VMPS, changing 11-31
reverse address resolution 36-7
Reverse Address Resolution Protocol
RFC
1058, RIP 36-17
1112, IP multicast and IGMP 23-2
1157, SNMPv1 31-2
1163, BGP 36-42
1166, IP addresses 36-4
1253, OSPF 36-23
1267, BGP 36-42
1305, NTP 5-2
1587, NSSAs 36-23
1757, RMON 29-2
1771, BGP 36-42
1901, SNMPv2C 31-2
1902 to 1907, SNMPv2 31-2
2236, IP multicast and IGMP 23-2
2273-2275, SNMPv3 31-2
RFC4379 44-22
RIP
advertisements 36-18
authentication 36-20
configuring 36-19
default configuration 36-18
described 36-18
for IPv6 37-6
hop counts 36-18
split horizon 36-21
summary addresses 36-21
RMON
default configuration 29-3
displaying status 29-6
enabling alarms and events 29-3
groups supported 29-2
overview 29-1
statistics
collecting group Ethernet 29-5
collecting group history 29-4
root guard
described 18-8
enabling 18-15
root switch
MSTP 17-17
STP 16-14
route calculation timers, OSPF 36-31
route dampening, BGP 36-61
routed packets, ACLs on 33-39
routed ports
configuring 36-3
defined 9-4
route-map command 36-106
route maps
BGP 36-52
policy-based routing 36-104
router ACLs
defined 33-2
types of 33-3
route reflectors, BGP 36-60
router ID, OSPF 36-33
route selection, BGP 36-50
route summarization, OSPF 36-31
route targets, VPN 36-84
routing
dynamic 36-2
redistribution of information 36-100
static 36-2
routing domain confederation, BGP 36-59
Routing Information Protocol
routing protocol administrative distances 36-99
RSPAN
characteristics 28-8
configuration guidelines 28-16
default configuration 28-9
destination ports 28-7
displaying status 28-23
interaction with other features 28-8
monitored ports 28-5
monitoring ports 28-7
overview 28-1
received traffic 28-4
session limits 28-10
sessions
creating 28-16
defined 28-3
limiting source traffic to specific VLANs 28-22
specifying monitored ports 28-16
with ingress traffic enabled 28-20
source ports 28-5
transmitted traffic 28-5
VLAN-based 28-6
RSTP
active topology, determining 17-9
BPDU
format 17-11
processing 17-12
designated port, defined 17-9
designated switch, defined 17-9
interoperability with 802.1D
described 17-8
restarting migration process 17-25
topology changes 17-13
overview 17-8
port roles
described 17-9
synchronized 17-11
proposal-agreement handshake process 17-10
rapid convergence
described 17-9
edge ports and Port Fast 17-9
point-to-point links 17-10, 17-24
root ports 17-10
root port, defined 17-9
running configuration
running configuration, saving 3-15
S
scheduled reloads 3-19
scheduling
egress queue-sets
priority queueing 34-95
shaped or shared mode 34-25
shaped weights 34-93
shared weights 34-95
SRR and priority queueing interaction 34-54
hierarchical queues
ingress queues
priority queueing 34-22, 34-89
scheduling, IP SLAs operations 41-5
SCP
and SSH 7-47
configuring 7-47
SDM
described 6-1
templates
configuration guidelines 6-4
number of 6-1
SDM template 39-3
dual IPv4 and IPv6 6-2
secondary edge port, REP 19-4
secondary VLANs 13-2
Secure Copy Protocol
secure HTTP client
configuring 7-46
displaying 7-47
secure HTTP server
configuring 7-45
displaying 7-47
secure MAC addresses
deleting 24-14
maximum number of 24-10
types of 24-9
secure ports, configuring 24-8
secure remote connections 7-36
Secure Shell
Secure Socket Layer
security, port 24-8
security features 1-7
sequence numbers in log messages 30-7
server mode, VTP 12-3
service-provider network
and 802.1Q tunneling 15-2
and customer VLANs 15-2
and EoMPLS 44-40
and MPLS 44-3
configuring MPLS VPNs 44-6
Layer 2 protocols across 15-12
Layer 2 protocol tunneling for EtherChannels 15-13
MSTP and RSTP 17-1
set-request operation 31-5
severity levels, defining in system messages 30-8
SFPs
interface numbering 9-7
monitoring status of 1-11, 9-22, 48-8
security and identification 48-7
status, displaying 1-11
shaped round robin
shaping, average-rate
configuring 34-127
described 34-40
show access-lists hw-summary command 33-21
show and more command output, filtering 2-8
show cdp traffic command 25-5
show configuration command 9-17
show cpu traffic qos 34-100
show forward command 48-14
show interfaces command 9-14, 9-17
show interfaces switchport 20-4
show l2protocol command 15-18, 15-19, 15-20
show lldp traffic command 26-8
show platform forward command 48-14
show running-config command
interface description in 9-17
shutdown command on interfaces 9-23
shutdown threshold for Layer 2 protocol packets 15-15
Simple Network Management Protocol
small-frame arrival rate, configuring 24-5
Smartports macros
applying Cisco-default macros 10-6
applying global parameter values 10-5, 10-6
applying macros 10-5
applying parameter values 10-5, 10-7
configuration guidelines 10-2
creating 10-4
default configuration 10-2
defined 10-1
displaying 10-8
tracing 10-3
SMNP traps, and CFM 43-5
SNAP 25-1
SNMP
accessing MIB variables with 31-5
agent
described 31-4
disabling 31-8
and IP SLAs 41-2
authentication level 31-11
community strings
configuring 31-8
overview 31-4
configuration examples 31-23
configuration guidelines 31-7
default configuration 31-7
engine ID 31-8
host 31-7
ifIndex values 31-6
informs
and trap keyword 31-12
described 31-5
differences from traps 31-5
enabling 31-17
limiting access by TFTP servers 31-18
limiting system log messages to NMS 30-9
manager functions 31-4
MIBs
location of A-3
supported A-1
notifications 31-5
setting CPU threshold notification 31-18
status, displaying 31-24
system contact and location 31-17
trap manager, configuring 31-15
traps
differences from informs 31-5
enabling 31-12
enabling MAC address notification 5-22, 5-24, 5-26
types of 31-14
versions supported 31-2
SNMP and Syslog Over IPv6 37-7
SNMP traps
REP 19-14
SNMPv1 31-2
SNMPv2C 31-3
SNMPv3 31-3
snooping, IGMP 23-1
software images
location in flash memory B-22
recovery procedures 48-1
scheduling reloads 3-19
tar file format, described B-23
See also downloading and uploading
source addresses
in IPv6 ACLs 39-5
source addresses, in ACLs 33-11
source-and-destination-IP address based forwarding, EtherChannel 35-7
source-and-destination MAC address forwarding, EtherChannel 35-7
source-IP address based forwarding, EtherChannel 35-7
source-MAC address forwarding, EtherChannel 35-6
Source-specific multicast
SPAN
configuration guidelines 28-10
default configuration 28-9
destination ports 28-7
displaying status 28-23
interaction with other features 28-8
monitored ports 28-5
monitoring ports 28-7
overview 28-1
received traffic 28-4
session limits 28-10
sessions
configuring ingress forwarding 28-14, 28-21
creating 28-11
defined 28-3
limiting source traffic to specific VLANs 28-14
removing destination (monitoring) ports 28-12
specifying monitored ports 28-11
with ingress traffic enabled 28-13
source ports 28-5
transmitted traffic 28-5
VLAN-based 28-6
spanning tree and native VLANs 11-17
Spanning Tree Protocol
SPAN traffic 28-4
speed, configuring on interfaces 9-13
split horizon
IGRP 36-22
RIP 36-21
SRR
and priority queueing interaction 34-54
configuring
shaped weights on egress queue-sets 34-93
shared weights on egress queue-sets 34-95
shared weights on ingress queues 34-88
described 34-19
shaped mode 34-19
shared mode 34-20
SSH
configuring 7-37
cryptographic software image 7-36
described 7-36
encryption methods 7-37
user authentication methods, supported 7-37
SSL
configuration guidelines 7-43
configuring a secure HTTP client 7-46
configuring a secure HTTP server 7-44
cryptographic software image 7-40
described 7-40
monitoring 7-47
SSM
address management restrictions 45-16
CGMP limitations 45-17
components 45-15
configuration guidelines 45-16
differs from Internet standard multicast 45-15
IGMP snooping 45-17
IGMPv3 45-15
IGMPv3 Host Signalling 45-16
IP address range 45-15
monitoring 45-17
operations 45-15
PIM 45-15
state maintenance limitations 45-17
SSM mapping 45-18
configuration guidelines 45-18
monitoring 45-23
overview 45-18
restrictions 45-18
static traffic forwarding 45-22
stack changes, effects on, MSTP 17-8
standby ip command 40-5
standby links 20-2
standby router 40-1
standby timers, HSRP 40-9
startup configuration
booting
manually 3-16
specific image 3-17
clearing B-18
configuration file
automatically downloading 3-16
specifying the filename 3-16
default boot configuration 3-15
static access ports
assigning to VLAN 11-9
static addresses
static route primary interface, configuring 42-10
static routes
configuring for IPv6 37-19
understanding 37-6
static routes, configuring 36-98
static routing 36-2
static routing support, enhanced object tracking 42-10
static SSM mapping 45-19, 45-21
static traffic forwarding 45-22
static VLAN membership 11-2
statistics
CDP 25-4
IEEE 802.1x 8-32
interface 9-21
IP multicast routing 45-62
LLDP 26-7
LLDP-MED 26-7
OSPF 36-33
QoS ingress and egress 34-100
RMON group Ethernet 29-5
RMON group history 29-4
SNMP input and output 31-24
VTP 12-13
sticky secure MAC address learning 24-9
storm control
configuring 24-3
described 24-1
disabling 24-5
displaying 24-17
STP
accelerating root port selection 18-4
and REP 19-6
BackboneFast
described 18-5
enabling 18-13
BPDU filtering
described 18-3
enabling 18-12
BPDU guard
described 18-2
enabling 18-11
BPDU message exchange 16-3
configuration guidelines 16-12, 18-10
configuring
forward-delay time 16-21
hello time 16-20
maximum aging time 16-21
path cost 16-18
port priority 16-16
root switch 16-14
secondary root switch 16-16
spanning-tree mode 16-13
switch priority 16-19
counters, clearing 16-22
default configuration 16-11
default optional feature configuration 18-9
designated port, defined 16-3
designated switch, defined 16-3
detecting indirect link failures 18-5
disabling 16-14
displaying status 16-22
EtherChannel guard
described 18-7
disabling 18-14
enabling 18-14
extended system ID
effects on root switch 16-14
effects on the secondary root switch 16-16
overview 16-4
unexpected behavior 16-15
IEEE 802.1D and bridge ID 16-4
IEEE 802.1D and multicast addresses 16-8
IEEE 802.1t and VLAN identifier 16-4
inferior BPDU 16-3
instances supported 16-9
interface state, blocking to forwarding 18-2
interface states
blocking 16-5
disabled 16-7
learning 16-6
listening 16-6
overview 16-4
interoperability and compatibility among modes 16-10
keepalive messages 16-2
Layer 2 protocol tunneling 15-12
limitations with IEEE 802.1Q trunks 16-10
load sharing
overview 11-22
using path costs 11-25
using port priorities 11-23
loop guard
described 18-9
enabling 18-15
modes supported 16-9
multicast addresses, effect of 16-8
overview 16-2
path costs 11-25
Port Fast
described 18-2
enabling 18-10
port priorities 11-23
preventing root switch selection 18-8
protocols supported 16-9
redundant connectivity 16-8
root guard
described 18-8
enabling 18-15
root port, defined 16-3
root switch
configuring 16-14
effects of extended system ID 16-4, 16-14
election 16-3
unexpected behavior 16-15
shutdown Port Fast-enabled port 18-2
status, displaying 16-22
superior BPDU 16-3
timers, described 16-20
UplinkFast
described 18-3
enabling 18-13
VLAN-bridge 16-10
stratum, NTP 5-2
stub areas, OSPF 36-29
stub routing, EIGRP 36-40
subdomains, private VLAN 13-1
subnet mask 36-5
subnet zero 36-5
success response, VMPS 11-27
summer time 5-13
SunNet Manager 1-3
supernet 36-6
SVI 34-72
SVIs
and IP unicast routing 36-3
and router ACLs 33-3
connecting VLANs 9-6
defined 9-4
routing between VLANs 11-2
switch 37-2
switch console port 1-4
Switch Database Management
switched packets, ACLs on 33-38
Switched Port Analyzer
switched ports 9-2
switchport backup interface 20-4, 20-5
switchport block multicast command 24-8
switchport block unicast command 24-8
switchport command 9-11
switchport mode dot1q-tunnel command 15-7
switchport protected command 24-7
switch priority
MSTP 17-21
STP 16-19
switch software features 1-1
switch virtual interface
synchronization, BGP 36-46
syslog
system clock
configuring
daylight saving time 5-13
manually 5-11
summer time 5-13
time zones 5-12
displaying the time and date 5-11
overview 5-1
system message logging
default configuration 30-3
defining error message severity levels 30-8
disabling 30-4
displaying the configuration 30-13
enabling 30-4
facility keywords, described 30-13
level keywords, described 30-9
limiting messages 30-9
message format 30-2
overview 30-1
sequence numbers, enabling and disabling 30-7
setting the display destination device 30-4
synchronizing log messages 30-5
timestamps, enabling and disabling 30-7
UNIX syslog servers
configuring the daemon 30-11
configuring the logging facility 30-12
facilities supported 30-13
system MTU
and EoMPLS 44-42
and IEEE 802.1Q tunneling 15-5
and IS-IS LSPs 36-67
configuring 9-19
maximum size supported 9-19
system name
default configuration 5-15
default setting 5-15
manual configuration 5-15
system prompt, default setting 5-14, 5-15
system resources, optimizing 6-1
system routing
IS-IS 36-63
ISO IGRP 36-63
System-to-Intermediate System Protocol
T
TACACS+
accounting, defined 7-11
authentication, defined 7-11
authorization, defined 7-11
configuring
accounting 7-16
authentication key 7-12
authorization 7-15
login authentication 7-13
default configuration 7-12
displaying the configuration 7-16
identifying the server 7-12
limiting the services to the user 7-15
operation of 7-11
overview 7-10
tracking services accessed by user 7-16
tag distribution protocol
tagged packets
IEEE 802.1Q 15-3
Layer 2 protocol 15-12
tail drop
configuring 34-114
described 34-38
tar files
creating B-5
displaying the contents of B-6
extracting B-7
image file format B-23
TCL script, registering and defining with embedded event manager 32-7
TDP 44-7
Telnet
accessing management interfaces 2-9
number of connections 1-4
setting a password 7-6
templates, Ethernet OAM 43-39
templates, SDM 6-1
temporary self-signed certificate 7-41
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 7-6
TFTP
configuration files
downloading B-10
preparing the server B-10
uploading B-11
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
image files
deleting B-26
downloading B-25
preparing the server B-24
uploading B-26
limiting access by servers 31-18
threshold, traffic level 24-2
threshold monitoring, IP SLAs 41-6
time
time-range command 33-16
time ranges in ACLs 33-16
timestamps in log messages 30-7
time zones 5-12
TLVs
defined 26-2
LLDP 26-2
LLDP-MED 26-2
Token Ring VLANs
support for 11-5
VTP support 12-4
traceroute, Layer 2
and ARP 48-10
and CDP 48-10
described 48-10
IP addresses and subnets 48-10
MAC addresses and VLANs 48-10
multicast traffic 48-10
multiple devices on a port 48-11
unicast traffic 48-10
usage guidelines 48-10
traceroute, LSP 44-23
traceroute command 48-12
traceroute mpls ipv4 command 44-28, 44-36
tracked lists
configuring 42-3
types 42-3
tracked objects
by Boolean expression 42-4
by threshold percentage 42-6
by threshold weight 42-5
tracking interface line-protocol state 42-2
tracking IP routing state 42-2
tracking objects 42-1
tracking process 42-1
track state, tracking IP SLAs 42-9
traffic
blocking flooded 24-8
fragmented 33-5
fragmented IPv6 39-2
unfragmented 33-5
traffic shaping
transparent mode, VTP 12-3, 12-10
trap-door mechanism 3-2
traps
configuring MAC address notification 5-22, 5-24, 5-26
configuring managers 31-12
defined 31-4
enabling 5-22, 5-24, 5-26, 31-12
notification types 31-14
troubleshooting
connectivity problems 48-8, 48-9, 48-11
CPU utilization 48-17
detecting unidirectional links 27-1
determining packet forwarding 48-14
displaying crash information 48-17
PIMv1 and PIMv2 interoperability problems 45-34
SFP security and identification 48-7
show forward command 48-14
with CiscoWorks 31-5
with debug commands 48-13
with ping 48-8
with system message logging 30-1
with traceroute 48-11
trunk failover
trunk ports
and Layer 2 protocol tunneling 15-15
configuring 11-19
encapsulation 11-19, 11-24, 11-25
secure MAC addresses on 24-12
trunks
allowed-VLAN list 11-20
configuring 11-19, 11-24, 11-25
load sharing
setting STP path costs 11-25
using STP port priorities 11-23
native VLAN for untagged traffic 11-22
parallel 11-25
pruning-eligible list 11-21
to non-DTP device 11-15
understanding 11-15
trusted boundary for QoS 34-60
trusted port states
between QoS domains 34-61
classification options 34-9
ensuring port security for IP phones 34-60
within a QoS domain 34-56
trustpoints, CA 7-41
tunneling
defined 15-1
IEEE 802.1Q 15-2
Layer 2 protocol 15-12
tunnel ports
defined 11-4
IEEE 802.1Q, configuring 15-6
incompatibilities with other features 15-6
twisted-pair Ethernet, detecting unidirectional links 27-1
type of service 1-8
U
UDLD
aggressive mode, described 27-1
and autonegotiation 27-1
configuration guidelines 27-4
default configuration 27-4
echoing detection mechanism 27-3
enabling
globally 27-5
per interface 27-5
Layer 2 protocol tunneling 15-14
link-detection mechanism 27-1
modes of operation 27-1
neighbor database 27-2
normal mode, described 27-1
overview 27-1
resetting an interface 27-6
status, displaying 27-6
unidirectional link, defined 27-2
UDP, configuring 36-14
UDP jitter, configuring 41-9
UDP jitter operation, IP SLAs 41-8
unauthorized ports with IEEE 802.1x 8-4
unicast MAC address filtering 1-3
and adding static addresses 5-28
and broadcast MAC addresses 5-28
and CPU packets 5-28
and multicast addresses 5-28
and router MAC addresses 5-28
configuration guidelines 5-28
described 5-28
unicast storm control command 24-4
unicast storms 24-1
unicast traffic, blocking 24-8
UniDirectional Link Detection protocol
UNIs, remote (CFM) 43-43
UNIX syslog servers
daemon configuration 30-11
facilities supported 30-13
message logging configuration 30-12
unrecognized Type-Length-Value (TLV) support 12-4
upgrading software images
upgrading with CNS 4-14
UplinkFast
described 18-3
enabling 18-13
uploading
configuration files
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
reasons for B-22
using FTP B-30
using RCP B-34
using TFTP B-26
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 7-6
V
VCs 44-40
version-dependent transparent mode 12-4
virtual connections
virtual private LAN service
Virtual Private Networks
vlan.dat file 11-5
VLAN 1, disabling on a trunk port 11-20
VLAN 1 minimization 11-20
VLAN ACLs
vlan-assignment response, VMPS 11-27
VLAN blocking, REP 19-12
VLAN configuration
at bootup 11-7
saving 11-7
VLAN configuration mode 2-2
VLAN database
and startup configuration file 11-7
and VTP 12-1
VLAN configuration saved in 11-7
VLANs saved in 11-4
VLAN filtering, and SPAN 28-6
vlan global configuration command 11-6
VLAN ID
customer-side 15-7
discovering 5-31
mapping 15-7
service provider 15-8
VLAN IDs, number supported 1-5
VLAN ID translation
VLAN load balancing
REP 19-4
VLAN load balancing, triggering 19-5
VLAN load balancing on flex links 20-2
configuration guidelines 20-8
VLAN management domain 12-2
VLAN Management Policy Server
VLAN map entries, order of 33-30
VLAN mapping
802.1Q traffic 15-10
configuring 15-9
described 15-7
VLAN maps
applying 33-34
common uses for 33-34
configuration example 33-35
configuration guidelines 33-30
configuring 33-29
creating 33-31
defined 33-2
denying access example 33-36
denying and permitting packets 33-31
displaying 33-41
examples 33-35
with router ACLs 33-40
VLAN membership
confirming 11-30
modes 11-3
VLAN Query Protocol
VLANs
adding to VLAN database 11-8
aging dynamic addresses 16-9
allowed on trunk 11-20
and spanning-tree instances 11-3, 11-6, 11-11
configuration guidelines
extended-range VLANs 11-11
normal-range VLANs 11-6
configuring 11-1
configuring IDs 1006 to 4094 11-11
connecting through SVIs 9-6
creating 11-8
customer numbering in service-provider networks 15-3
default configuration 11-7
deleting 11-9
displaying 11-14
features 1-5
illustrated 11-2
internal 11-11
limiting source traffic
with RSPAN 28-22
with SPAN 28-14
modifying 11-8
native, configuring 11-22
number supported 1-5
parameters 11-5
port membership modes 11-3
static-access ports 11-9
STP and IEEE 802.1Q trunks 16-10
supported 11-2
Token Ring 11-5
traffic between 11-2
VTP modes 12-3
VLAN Trunking Protocol
VMPS
administering 11-31
configuration example 11-32
configuration guidelines 11-28
default configuration 11-28
description 11-26
dynamic port membership
described 11-27
reconfirming 11-30
troubleshooting 11-32
entering server address 11-29
mapping MAC addresses to VLANs 11-27
monitoring 11-31
reconfirmation interval, changing 11-30
reconfirming membership 11-30
retry count, changing 11-31
voice-over-IP 14-1
voice VLAN
Cisco 7960 phone, port connections 14-1
configuration guidelines 14-3
configuring IP phones for data traffic
override CoS of incoming frame 14-5
trust CoS priority of incoming frame 14-5
configuring ports for voice traffic in
802.1P priority tagged frames 14-5
802.1Q frames 14-4
connecting to an IP phone 14-4
default configuration 14-3
described 14-1
displaying 14-6
VPN routing and forwarding table
VPNs
and multi-VRF CE 36-90
benefits 44-4
configuring 44-8
configuring routing sessions 36-90
described 44-3
forwarding in 36-84
in service provider networks 36-82
IPv4 prefix 44-6
MPLS 44-6
number supported 44-7
VPN services
Layer 2 1-6
Layer 3 1-6
VQP 11-26
VRF
configuration 44-8
defining 36-84
elements 44-3
in MPLS VPNs 44-3
tables 36-82
VRF-aware services
ARP 36-87
configuring 36-86
ftp 36-89
HSRP 36-88
ping 36-87
SNMP 36-87
syslog 36-88
tftp 36-89
traceroute 36-89
VRF QoS 44-55
VRFs
configuring multicast 36-90
VTP
adding a client to a domain 12-12
and extended-range VLANs 12-1
and normal-range VLANs 12-2
client mode, configuring 12-9
configuration
guidelines 12-6
requirements 12-8
saving 12-7
configuration requirements 12-8
configuration revision number
guideline 12-12
resetting 12-13
configuring
client mode 12-9
server mode 12-8
transparent mode 12-10
consistency checks 12-4
default configuration 12-6
described 12-1
disabling 12-10
domain names 12-7
domains 12-2
Layer 2 protocol tunneling 15-12
modes
transitions 12-3
monitoring 12-13
passwords 12-7
pruning
disabling 12-12
enabling 12-12
examples 12-5
overview 12-4
pruning-eligible list, changing 11-21
server mode, configuring 12-8
statistics 12-13
Token Ring support 12-4
transparent mode, configuring 12-10
using 12-1
version, guidelines 12-8
version 1 12-4
version 2
configuration guidelines 12-8
disabling 12-11
enabling 12-11
overview 12-4
W
Weighted Random Early Detection
weighted tail drop
weight thresholds in tracked lists 42-5
WRED
configuring DSCP-based 34-117
configuring IP precedence-based 34-121
described 34-39
WTD
described 34-19
setting thresholds
egress queue-sets 34-90
ingress queues 34-86
X
xconnect command 44-49
XMODEM protocol 48-2
Y
Y.1731
default configuration 43-24
described 43-21
ETH-AIS
Ethernet Alarm Signal function (ETH-AIS)
ETH-LCK 43-23
configuring 43-26
ETH-RDI 43-23
multicast Ethernet loopback 43-28
multicast ETH-LB 43-23
terminology 43-22