- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Administering the Switch
- Configuring Web-Based Authentication
- Clustering Switches
- Managing Switch Stacks
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Interface Characteristics
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring UDLD
- Configuring CDP
- Configuring LLDP, LLDP-MED, and Wired Location Service
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring Static IP Unicast Routing
- Configuring IPv6 Host
- Configuring IPv6 MLD Snooping
- Configuring EtherChannels and Link-State Tracking
- Troubleshooting
- Configuring Online Diagnostics
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Supported MIBs
- Unsupported Commands in Cisco IOS Release 12.2(55)SE
- Recommendations for Upgrading a Catalyst 2950 Switch to a Catalyst 2960 Switch
Index
abbreviating commands 2-3
AC (command switch) 6-10
access-class command 31-17
access-denied response, VMPS 13-23
Layer 3 31-19
access groups, applying IPv4 ACLs to interfaces 31-18
clusters, switch 6-13
command switches 6-11
member switches 6-13
switch clusters 6-13
accessing stack members 7-21
in switch clusters 6-9
access ports, defined 12-3
with 802.1x 10-55
with IEEE 802.1x 10-17
with RADIUS 9-35
with TACACS+ 9-11, 9-17
and QoS 33-8
defined 31-2
Ethernet 31-2
IP 31-2
ACEs 31-2
any keyword 31-11
time ranges to 31-15
to an interface 31-18
to QoS 33-8
classifying traffic for QoS 33-48
comments in 31-16
compiling 31-20
defined 31-1, 31-7
examples of 31-20, 33-48
extended IP, configuring for QoS classification 33-49
creating 31-9
matching criteria 31-7
hardware and software handling 31-19
host keyword 31-11
creating 31-7
fragments and QoS guidelines 33-38
implicit deny 31-9, 31-12, 31-14
implicit masks 31-9
matching criteria 31-7
undefined 31-19
applying to interfaces 31-18
creating 31-7
matching criteria 31-7
named 31-13
numbers 31-7
terminal lines, setting on 31-17
unsupported features 31-6
MAC extended 31-22, 33-50
matching 31-7, 31-19
monitoring 31-25
named, IPv4 31-13
number per QoS class map 33-38
port 31-2
precedence of 31-2
QoS 33-8, 33-48
resequencing entries 31-13
router 31-2
standard IP, configuring for QoS classification 33-48
creating 31-8
matching criteria 31-7
support for 1-10
support in hardware 31-19
time ranges 31-15
types supported 31-2
unsupported features, IPv4 31-6
active link 19-4, 19-5, 19-6
active links 19-2
active traffic monitoring, IP SLAs 32-1
address aliasing 22-2
displaying the MAC address table 5-30
accelerated aging 16-9
changing the aging time 5-22
default aging 16-9
defined 5-20
learning 5-21
removing 5-23
IPv6 35-2
MAC, discovering 5-31
multicast, STP address management 16-9
adding and removing 5-27
defined 5-20
address resolution 5-31
CDP 25-1
LLDP 26-2
aggregatable global unicast addresses 35-3
aggregate policers 33-58
aggregate policing 1-14
aging, accelerating 16-9
for MSTP 17-25
for STP 16-9, 16-23
MAC address table 5-22
for MSTP 17-26
for STP 16-23, 16-24
alarms, RMON 28-3
allowed-VLAN list 13-17
defined 1-6, 5-31
address resolution 5-31
managing 5-31
vendor-proprietary 9-38
vendor-specific 9-36
attribute-value pairs 10-14, 10-17, 10-22, 10-23
local mode with AAA 9-40
NTP associations 5-5
open1x 10-33
key 9-28
login 9-30
defined 9-11
key 9-13
login 9-14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 10-9
CLI commands 10-10
compatibility with older 802.1x CLI commands 10-10 to ??
overview 10-8
authoritative time source, described 5-3
with RADIUS 9-34
with TACACS+ 9-11, 9-16
authorized ports with IEEE 802.1x 10-11
autoconfiguration 3-3
auto enablement 10-34
automatic advise (auto-advise) in switch stacks 7-11
automatic copy (auto-copy) in switch stacks 7-10
beyond a noncandidate device 6-8
brand new switches 6-9
connectivity 6-5
different VLANs 6-7
management VLANs 6-8
non-CDP-capable devices 6-7
noncluster-capable devices 6-7
in switch clusters 6-5
automatic extraction (auto-extract) in switch stacks 7-10
automatic recovery, clusters 6-10
automatic upgrades (auto-upgrade) in switch stacks 7-10
configuring 12-30
described 12-29
duplex mode 1-4
interface configuration guidelines 12-27
mismatches 38-12
Auto-QoS video devices 1-14
autosensing, port speed 1-4
availability, features 1-8
described 18-7
disabling 18-17
enabling 18-17
support for 1-8
backup links 19-2
login 5-20
message-of-the-day login 5-19
default configuration 5-18
when displayed 5-18
Berkeley r-tools replacement 9-52
See DHCP snooping binding database
DHCP snooping database 20-7
IP source guard 20-14
See DHCP snooping binding database
blocking packets 23-7
boot loader, function of 3-2
boot process 3-2
manually 3-19
specific image 3-20
accessing 3-21
described 3-2
environment variables 3-21
prompt 3-21
trap-door mechanism 3-2
error-disabled state 18-3
filtering 18-3
RSTP format 17-13
described 18-3
disabling 18-15
enabling 18-15
support for 1-8
described 18-2
disabling 18-14
enabling 18-14
support for 1-8
broadcast storm-control command 23-4
broadcast storms 23-1
cables, monitoring for unidirectional links 24-1
automatic discovery 6-5
defined 6-4
requirements 6-4
See also command switch, cluster standby group, and member switch
authentication compatibility 10-9
configuring 9-49
defined 9-47
and trusted boundary 33-43
automatic discovery in switch clusters 6-5
configuring 25-2
default configuration 25-2
defined with LLDP 26-1
described 25-1
disabling for routing device 25-4
on an interface 25-4
on a switch 25-4
monitoring 25-5
overview 25-1
power negotiation extensions 12-5
support for 1-6
switch stack considerations 25-2
transmission timer and holdtime, setting 25-3
updates 25-3
as IGMP snooping learning method 22-9
joining multicast group 22-3
CipherSuites 9-48
Cisco 7960 IP Phone 15-1
Cisco intelligent power management 12-5
Cisco IOS IP Service Level Agreements (SLAs) responder 1-5
Cisco IOS IP SLAs 32-2
attribute-value pairs for downloadable ACLs 10-23
attribute-value pairs for redirect URL 10-22
Cisco Secure ACS configuration guide 10-67
CiscoWorks 2000 1-5, 30-4
CISP 10-34
civic location 26-3
configuring 33-51
described 33-8
displaying 33-79
clearing interfaces 12-38
abbreviating commands 2-3
command modes 2-1
configuration logging 2-4
described 1-5
enabling and disabling 2-6
keystroke editing 2-7
wrapped lines 2-8
error messages 2-4
filtering command output 2-9
getting help 2-3
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 6-16
no and default forms of commands 2-4
Client Information Signalling Protocol
client mode, VTP 14-3
accessing 6-13
automatic discovery 6-5
automatic recovery 6-10
benefits 1-2
compatibility 6-5
described 6-1
LRE profile considerations 6-16
through CLI 6-16
through SNMP 6-17
planning 6-5
automatic discovery 6-5
automatic recovery 6-10
CLI 6-16
host names 6-13
IP addresses 6-13
LRE profiles 6-16
passwords 6-13
RADIUS 6-16
SNMP 6-14, 6-17
switch stacks 6-14
TACACS+ 6-16
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
automatic recovery 6-12
considerations 6-11
defined 6-2
requirements 6-3
virtual IP address 6-11
CNS 1-6
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-7
management functions 1-6
CoA Request Commands 9-23
Coarse Wave Division Multiplexer
command modes 2-1
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 9-8
accessing 6-11
active (AC) 6-10
configuration conflicts 38-12
defined 6-2
passive (PC) 6-10
password privilege levels 6-17
priority 6-10
from command-switch failure 6-10, 38-8
from lost member connectivity 38-12
redundant 6-10
with another switch 38-11
with cluster member 38-9
requirements 6-3
standby (SC) 6-10
See also candidate switch, cluster standby group, member switch, and standby command switch
configuring 6-14, 30-8
for cluster switches 30-4
in clusters 6-14
overview 30-4
SNMP 6-14
compatibility, feature 23-12
config.text 3-18
configurable leave timer, IGMP 22-6
defaults 1-16
Express Setup 1-2
configuration changes, logging 29-11
configuration conflicts, recovering from lost member connectivity 38-12
configuration examples, network 1-18
archiving A-20
clearing the startup configuration A-19
creating using a text editor A-10
default name 3-18
deleting a stored configuration A-19
described A-8
automatically 3-18
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-13
using RCP A-17
using TFTP A-11
guidelines for creating and using A-9
guidelines for replacing and rolling back A-21
invalid combinations when copying A-5
limiting TFTP server access 30-16
obtaining with DHCP 3-9
password recovery disable considerations 9-5
replacing a running configuration A-19, A-20
rolling back a running configuration A-19, A-20
specifying the filename 3-18
system contact and location information 30-16
types and location A-10
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
configuration logger 29-11
configuration logging 2-4
configuration replacement A-19
configuration rollback A-19, A-20
configuration settings, saving 3-15
configure terminal command 12-16
configuring 802.1x user distribution 10-63
configuring port-based authentication violation modes 10-44
configuring small-frame arrival rate 23-5
conflicts, configuration 38-12
connections, secure remote 9-42
connectivity problems 38-14, 38-15, 38-17
consistency checks in VTP Version 2 14-5
console port, connecting to 2-10
control protocol, IP SLAs 32-4
corrupted software, recovery steps with Xmodem 38-2
in Layer 2 frames 33-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 33-16
CoS output queue threshold map for QoS 33-19
CoS-to-DSCP map for QoS 33-61
counters, clearing interface 12-38
CPU utilization, troubleshooting 38-28
crashinfo file 38-23
critical authentication, IEEE 802.1x 10-60
critical VLAN 10-26
configuring 10-60
configuration guidelines 37-13
described 37-3
illustration 37-4
support for 1-8
described 18-5
disabling 18-17
enabling 18-17
fast-convergence events 18-7
Fast Uplink Transition Protocol 18-6
normal-convergence events 18-7
support for 1-8
SSH 9-41
SSL 9-46
switch stack considerations 7-14
customjzeable web pages, web-based authentication 11-6
CWDM SFPs 1-23
daylight saving time 5-14
enabling all system diagnostics 38-21
enabling for a specific feature 38-20
redirecting error message output 38-21
using commands 38-20
default commands 2-4
802.1x 10-37
auto-QoS 33-22
banners 5-18
booting 3-18
CDP 25-2
DHCP 20-9
DHCP option 82 20-9
DHCP snooping 20-9
DHCP snooping binding database 20-9
DNS 5-17
dynamic ARP inspection 21-5
EtherChannel 37-11
Ethernet interfaces 12-23
Flex Links 19-8
IGMP filtering 22-24
IGMP snooping 22-7, 36-6
IGMP throttling 22-24
initial switch information 3-3
IP SLAs 32-5
IP source guard 20-16
IPv6 35-6
Layer 2 interfaces 12-23
LLDP 26-5
MAC address table 5-22
MAC address-table move update 19-8
MSTP 17-16
MVR 22-19
NTP 5-5
optional spanning-tree configuration 18-12
password and privilege level 9-2
RADIUS 9-27
RMON 28-3
RSPAN 27-11
SDM template 8-3
SNMP 30-6
SPAN 27-11
SSL 9-48
standard QoS 33-36
STP 16-13
switch stacks 7-17
system message logging 29-4
system name and prompt 5-16
TACACS+ 9-13
UDLD 24-4
VLAN, Layer 2 Ethernet interfaces 13-15
VLANs 13-7
VMPS 13-24
voice VLAN 15-3
VTP 14-9
default gateway 3-15
default web-based authentication configuration
802.1X 11-9
deleting VLANs 13-9
denial-of-service attack 23-1
description command 12-34
designing your network, examples 1-18
in IPv4 ACLs 31-10
destination-IP address-based forwarding, EtherChannel 37-9
destination-MAC address forwarding, EtherChannel 37-9
detecting indirect link failures, STP 18-8
device A-23
device discovery protocol 25-1, 26-1
benefits 1-2
described 1-2, 1-5
in-band management 1-7
upgrading a switch A-23
relay agent 20-11
client request message exchange 3-4
client side 3-3
DNS 3-8
relay device 3-8
server side 3-6
TFTP server 3-7
example 3-10
for IP address information 3-6
for receiving the configuration file 3-6
overview 3-3
relationship to BOOTP 3-4
relay support 1-6
support for 1-6
DHCP-based autoconfiguration and image update
configuring 3-11 to 3-14
understanding 3-5 to 3-6
See DHCP snooping binding database
See DHCP snooping binding database
circuit ID suboption 20-5
configuration guidelines 20-9
default configuration 20-9
displaying 20-14
overview 20-4
circuit ID 20-5
remote ID 20-5
remote ID suboption 20-5
DHCP server port-based address allocation
configuration guidelines 20-23
default configuration 20-23
described 20-22
displaying 20-25
enabling 20-23
reserved addresses 20-23
DHCP server port-based address assignment
support for 1-6
accepting untrusted packets form edge switch 20-3, 20-11
See DHCP snooping binding database
configuration guidelines 20-9
default configuration 20-9
displaying binding tables 20-14
message exchange process 20-4
option 82 data insertion 20-4
trusted interface 20-3
untrusted interface 20-3
untrusted messages 20-3
DHCP snooping binding database
adding bindings 20-13
binding entries, displaying 20-14
format 20-8
location 20-7
bindings 20-7
clearing agent statistics 20-13
configuration guidelines 20-10
configuring 20-13
default configuration 20-9
binding file 20-13
bindings 20-13
database agent 20-13
described 20-7
displaying 20-14
displaying status and statistics 20-14
enabling 20-13
entry 20-7
renewing database 20-13
delay value 20-13
timeout value 20-13
See DHCP snooping binding database
Differentiated Services architecture, QoS 33-2
Differentiated Services Code Point 33-2
directed unicast requests 1-6
changing A-4
creating and removing A-4
displaying the working A-4
and DHCP-based autoconfiguration 3-8
default configuration 5-17
displaying the configuration 5-18
in IPv6 35-3
overview 5-16
setting up 5-17
support for 1-6
DNS 5-16
VTP 14-10
downloadable ACL 10-21, 10-23, 10-67
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-13
using RCP A-17
using TFTP A-11
deleting old image A-27
preparing A-25, A-29, A-33
reasons for A-23
using CMS 1-2
using FTP A-30
using HTTP 1-2, A-23
using RCP A-34
using TFTP A-26
using the device manager or Network Assistant A-23
support for 1-15
DSCP 1-13, 33-2
DSCP input queue threshold map for QoS 33-16
DSCP output queue threshold map for QoS 33-19
DSCP-to-CoS map for QoS 33-64
DSCP-to-DSCP-mutation map for QoS 33-65
DSCP transparency 33-44
DTP 1-9, 13-13
dual-action detection 37-6
dual IPv4 and IPv6 templates 35-4, 35-5
IPv4 and IPv6 35-4
SDM templates supporting 35-5
defined 12-4
LEDs 12-5
link selection 12-5, 12-25
setting the type 12-25
characteristics 13-4
configuring 13-25
defined 12-3
ARP cache poisoning 21-1
ARP requests, described 21-1
ARP spoofing attack 21-1
log buffer 21-16
statistics 21-16
configuration guidelines 21-6
ACLs for non-DHCP environments 21-9
in DHCP environments 21-7
log buffer 21-13
rate limit for incoming ARP packets 21-4, 21-11
default configuration 21-5
denial-of-service attacks, preventing 21-11
described 21-1
DHCP snooping binding database 21-2
ARP ACLs 21-15
configuration and operating state 21-15
log buffer 21-16
statistics 21-16
trust state and rate limit 21-15
error-disabled state for exceeding rate limit 21-4
function of 21-2
interface trust states 21-3
clearing 21-16
configuring 21-13
displaying 21-16
logging of dropped packets, described 21-5
man-in-the middle attack, described 21-2
network security issues and interface trust states 21-3
priority of ARP ACLs and DHCP snooping entries 21-4
configuring 21-11
described 21-4
error-disabled state 21-4
clearing 21-16
displaying 21-16
validation checks, performing 21-12
dynamic auto trunking mode 13-14
dynamic desirable trunking mode 13-14
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
described 13-23
reconfirming 13-26
troubleshooting 13-28
types of connections 13-25
enabling and disabling 2-6
keystrokes used 2-7
wrapped lines 2-8
ELIN location 26-3
enable password 9-3
enable secret password 9-3
encryption, CipherSuite 9-48
encryption for passwords 9-3
environment variables, function of 3-21
error-disabled state, BPDU 18-3
error messages during command entry 2-4
automatic creation of 37-5, 37-7
binding physical and logical interfaces 37-4
numbering of 37-4
configuration guidelines 37-12
configuring Layer 2 interfaces 37-13
default configuration 37-11
described 37-2
displaying status 37-20
forwarding methods 37-8, 37-15
IEEE 802.3ad, described 37-7
with STP 37-12
with VLANs 37-13
described 37-7
displaying status 37-20
hot-standby ports 37-18
interaction with other features 37-8
modes 37-7
port priority 37-19
system priority 37-18
load balancing 37-8, 37-15
aggregate-port learners 37-16
compatibility with Catalyst 1900 37-17
described 37-5
displaying status 37-20
interaction with other features 37-7
interaction with virtual switches 37-6
learn method and priority configuration 37-16
modes 37-6
support for 1-4
with dual-action detection 37-6
described 37-4
numbering of 37-4
port groups 12-4
stack changes, effects of 37-10
support for 1-4
described 18-10
disabling 18-18
enabling 18-18
active link 12-21
and routing 12-21
and TFTP 12-22
configuring 12-22
default setting 12-21
described 12-21
for network management 12-21
specifying 12-22
supported features 12-21
unsupported features 12-22
Ethernet management port, internal
and routing 12-21
unsupported features 12-22
adding 13-8
defaults and ranges 13-7
modifying 13-8
EUI 35-3
events, RMON 28-3
network configuration 1-18
expedite queue for QoS 33-78
Express Setup 1-2
See also getting started guide
extended crashinfo file 38-23
configuration guidelines 13-11
configuring 13-10
creating 13-11
defined 13-1
MSTP 17-19
STP 16-4, 16-16
Extensible Authentication Protocol over LAN 10-1
fa0 interface 1-7
failover support 1-8
Fast Convergence 19-3
Fast Uplink Transition Protocol 18-6
features, incompatible 23-12
fiber-optic, detecting unidirectional links 24-1
description 38-23
location 38-23
copying A-5
crashinfo, description 38-23
deleting A-5
displaying the contents of A-8
description 38-24
location 38-24
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-24
displaying available file systems A-2
displaying file information A-3
local file system names A-1
network file system names A-5
setting the default A-3
non-IP traffic 31-22
show and more command output 2-9
filtering show and more command output 2-9
flash device, number of A-1
flexible authentication ordering
configuring 10-70
overview 10-33
Flex Link Multicast Fast Convergence 19-3
configuration guidelines 19-8
configuring 19-9, 19-10
configuring preferred VLAN 19-12
configuring VLAN load balancing 19-11
default configuration 19-8
description 19-2
link load balancing 19-3
monitoring 19-14
VLANs 19-3
flooded traffic, blocking 23-8
flow-based packet classification 1-13
QoS classification 33-7
QoS egress queueing and scheduling 33-18
QoS ingress queueing and scheduling 33-15
QoS policing and marking 33-11
configuring 12-29
described 12-28
MSTP 17-25
STP 16-23
accessing MIB files B-4
downloading A-13
overview A-12
preparing the server A-13
uploading A-15
deleting old image A-31
downloading A-30
preparing the server A-29
uploading A-32
general query 19-5
Generating IGMP Reports 19-4
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-4
get-request operation 30-3, 30-4
get-response operation 30-3
global configuration mode 2-2
global leave, IGMP 22-13
guest VLAN and 802.1x 10-24
guide mode 1-2
See device manager and Network Assistant
MSTP 17-25
STP 16-22
help, for the command line 2-3
HFTM space 38-26
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 29-10
host names, in clusters 6-13
hosts, limit on dynamic ports 13-28
HP OpenView 1-5
HQATM space 38-26
automatic cluster recovery 6-12
cluster standby group considerations 6-11
See also clusters, cluster standby group, and standby command switch
HTTPS 9-46
configuring 9-50
self-signed certificate 9-47
HTTP secure server 9-46
IPv6 35-3
time-exceeded messages 38-17
traceroute and 38-17
executing 38-14
overview 38-14
ICMPv6 35-3
and ingress RSPAN 27-21
and ingress SPAN 27-14
IEEE 802.1p 15-1
and trunk ports 12-3
configuration limitations 13-14
encapsulation 13-13
native VLAN for untagged traffic 13-18
IEEE 802.3ad, PoE+ 1-15, 12-6
IEEE 802.3x flow control 12-28
ifIndex values, SNMP 30-5
IFS 1-6
described 22-6
enabling 22-11
controlling the length of time 22-12
disabling on an interface 22-13
global leave 22-13
query solicitation 22-13
recovering from flood mode 22-13
joining multicast group 22-3
join messages 22-3
leave processing, enabling 22-10, 36-9
leaving multicast group 22-5
queries 22-4
described 22-6
disabling 22-15, 36-11
supported versions 22-3
support for 1-4
configuring 22-24
default configuration 22-24
described 22-23
monitoring 22-28
support for 1-4
configuring filtering 22-27
setting the maximum number 22-26
configuration guidelines 22-11
described 22-5
enabling 22-10
applying 22-25
configuration mode 22-24
configuring 22-25
and address aliasing 22-2
and stack changes 22-6
configuring 22-7
default configuration 22-7, 36-6
definition 22-2
enabling and disabling 22-7, 36-7
global configuration 22-7
Immediate Leave 22-5
in the switch stack 22-6
method 22-8
monitoring 22-16, 36-12
configuration guidelines 22-14
configuring 22-14
supported versions 22-3
support for 1-4
VLAN configuration 22-8
configuring 22-27
default configuration 22-24
described 22-24
displaying action 22-28
Immediate Leave, IGMP 22-5
enabling 36-9
inaccessible authentication bypass 10-26
support for multiauth ports 10-26
defaults 1-16
Express Setup 1-2
number 12-16
range macros 12-19
interface command 12-16 to ??, 12-16
interface configuration mode 2-2
auto-MDIX, configuring 12-29
duplex and speed 12-26
procedure 12-16
counters, clearing 12-38
default configuration 12-23
described 12-34
descriptive name, adding 12-34
displaying information about 12-38
flow control 12-28
management 1-5
monitoring 12-37
naming 12-34
physical, identifying 12-15, 12-16
range of 12-17
restarting 12-39
shutting down 12-39
speed and duplex, configuring 12-27
status 12-37
supported 12-15
types of 12-1
interfaces range macro command 12-19
interface types 12-16
inter-VLAN routing 34-1
inventory management TLV 26-3, 26-7
for QoS classification 33-8
implicit deny 31-9, 31-12
implicit masks 31-9
named 31-13
undefined 31-19
128-bit 35-2
candidate or member 6-4, 6-13
classes of 34-4
cluster access 6-2
command switch 6-3, 6-11, 6-13
discovering 5-31
for IP routing 34-4
IPv6 35-2
redundant clusters 6-11
standby command switch 6-11, 6-13
ip igmp profile command 22-24
manually 3-15
through DHCP-based autoconfiguration 3-3
default configuration 3-3
and QoS 15-1
automatic classification and queueing 33-21
configuring 15-4
ensuring port security with QoS 33-43
trusted boundary for QoS 33-43
IP Port Security for Static Hosts
on a Layer 2 access port 20-18
IP precedence 33-2
IP-precedence-to-DSCP map for QoS 33-62
IP protocols in ACLs 31-10
disabling 34-4
enabling 34-4
IP service levels, analyzing 32-1
benefits 32-2
configuration guidelines 32-5
Control Protocol 32-4
default configuration 32-5
definition 32-1
measuring network performance 32-3
monitoring 32-6
operation 32-3
described 32-4
enabling 32-6
response time 32-4
SNMP support 32-2
supported metrics 32-2
and 802.1x 20-17
and DHCP snooping 20-14
and EtherChannels 20-17
and port security 20-17
and private VLANs 20-17
and routed ports 20-16
and TCAM entries 20-17
and trunk interfaces 20-16
and VRF 20-17
automatic 20-14
manual 20-14
binding table 20-14
configuration guidelines 20-16
default configuration 20-16
described 20-14
disabling 20-18
active IP or MAC bindings 20-22
bindings 20-22
configuration 20-22
enabling 20-17, 20-18
source IP address 20-15
source IP and MAC address 20-15
on provisioned switches 20-17
source IP address filtering 20-15
source IP and MAC address filtering 20-15
adding 20-17, 20-18
deleting 20-18
static hosts 20-18
executing 38-18
overview 38-17
assigning IP addresses to Layer 3 interfaces 34-4
configuring static routes 34-5
disabling 34-4
enabling 34-4
inter-VLAN 34-1
classes 34-4
configuring 34-4
steps to configure 34-3
subnet mask 34-4
with SVIs 34-3
applying to interfaces 31-18
extended, creating 31-9
named 31-13
standard, creating 31-8
dual protocol stacks 35-4
addresses 35-2
address formats 35-2
and switch stacks 35-6
applications 35-4
assigning address 35-7
autoconfiguration 35-4
configuring static routes 35-10
default configuration 35-6
defined 35-1
forwarding 35-7
ICMP 35-3
monitoring 35-11
neighbor discovery 35-3
SDM templates 36-1
stack master functions 35-6
Stateless Autoconfiguration 35-4
supported features 35-2
join messages, IGMP 22-3
Layer 2 frames, classification with CoS 33-2
Layer 2 interfaces, default configuration 12-23
and ARP 38-16
and CDP 38-16
broadcast traffic 38-15
described 38-15
IP addresses and subnets 38-16
MAC addresses and VLANs 38-16
multicast traffic 38-16
multiple devices on a port 38-16
unicast traffic 38-15
usage guidelines 38-16
Layer 3 features 1-15
assigning IP addresses to 34-4
assigning IPv6 addresses to 35-7
changing from Layer 2 mode 34-4
Layer 3 packets, classification methods 33-2
LDAP 4-2
Leaking IGMP Reports 19-4
See hardware installation guide
lightweight directory access protocol
line configuration mode 2-2
Link Aggregation Control Protocol
link failure, detecting unidirectional 17-8
link local unicast addresses 35-3
links, unidirectional 24-1
configuring 37-23
described 37-20
configuring 26-5
characteristics 26-6
default configuration 26-5
enabling 26-6
monitoring and maintaining 26-11
overview 26-1
supported TLVs 26-2
switch stack considerations 26-2
transmission timer and holdtime, setting 26-6
procedures 26-5
TLVs 26-7
monitoring and maintaining 26-11
overview 26-1, 26-2
supported TLVs 26-2
local SPAN 27-2
location TLV 26-3, 26-7
with RADIUS 9-30
with TACACS+ 9-14
login banners 5-18
Long-Reach Ethernet (LRE) technology 1-20
described 18-11
enabling 18-19
support for 1-9
LRE profiles, considerations in switch clusters 6-16
default setting 10-38
range 10-40
MAC/PHY configuration status TLV 26-2
aging time 5-22
and VLAN association 5-21
building the address table 5-21
default configuration 5-22
disabling learning on a VLAN 5-30
discovering 5-31
displaying 5-30
displaying in the IP source binding table 20-22
learning 5-21
removing 5-23
in ACLs 31-22
adding 5-27
allowing 5-29, 5-30
characteristics of 5-27
dropping 5-29
removing 5-28
MAC address learning 1-6
MAC address learning, disabling on a VLAN 5-30
MAC address notification, support for 1-15
configuration guidelines 19-8
configuring 19-12
default configuration 19-8
description 19-6
monitoring 19-14
MAC address-to-VLAN mapping 13-23
MAC authentication bypass 10-40
configuring 10-63
overview 10-18
applying to Layer 2 interfaces 31-24
configuring for QoS 33-50
creating 31-22
defined 31-22
for QoS classification 33-5
magic packet 10-30
manageability features 1-6
browser session 1-7
CLI session 1-7
device manager 1-7
SNMP 1-7
out-of-band console port connection 1-7
management address TLV 26-2
CLI 2-1
clustering 1-3
CNS 4-1
Network Assistant 1-2
overview 1-5
considerations in switch clusters 6-8
discovery through different management VLANs 6-8
CoS-to-DSCP 33-61
DSCP 33-61
DSCP-to-CoS 33-64
DSCP-to-DSCP-mutation 33-65
IP-precedence-to-DSCP 33-62
policed-DSCP 33-63
described 33-11
action with aggregate policers 33-58
described 33-4, 33-9
matching, IPv4 ACLs 31-7
MSTP 17-26
STP 16-23
maximum hop count, MSTP 17-26
maximum number of allowed devices, port-based authentication 10-40
configuration guidelines 10-13 to 10-14
described 1-11, 10-13
exceptions with authentication process 10-6
membership mode, VLAN port 13-3
automatic discovery 6-5
defined 6-2
managing 6-16
passwords 6-13
recovering from lost connectivity 38-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
memory consistency check errors
displaying 38-27
example 38-27
memory consistency check routines 1-5, 38-26
memory consistency integrity 1-5, 38-26
messages, to users through banners 5-18
accessing files with FTP B-4
location of files B-4
overview 30-1
SNMP interaction with 30-4
supported B-1
mirroring traffic for analysis 27-1
mismatches, autonegotiation 38-12
module number 12-16
access groups 31-25
cables for unidirectional links 24-1
CDP 25-5
features 1-15
Flex Links 19-14
filters 22-28
snooping 22-16, 36-12
interfaces 12-37
IP SLAs operations 32-6
IPv4 ACL configuration 31-25
IPv6 35-11
MAC address-table move update 19-14
multicast router interfaces 22-16, 36-12
MVR 22-23
network traffic for analysis with probe 27-2
blocking 23-18
protection 23-18
SFP status 12-38, 38-14
speed and duplex mode 12-28
traffic flowing among switches 28-1
traffic suppression 23-18
VLANs 13-13
VMPS 13-27
VTP 14-18
mrouter Port 19-3
mrouter port 19-5
configuration guidelines 17-17
described 17-6
described 18-3
enabling 18-15
described 18-2
enabling 18-14
CIST, described 17-3
CIST root 17-5
configuration guidelines 17-16, 18-12
forward-delay time 17-25
hello time 17-25
link type for rapid convergence 17-27
maximum aging time 17-26
maximum hop count 17-26
MST region 17-17
neighbor type 17-27
path cost 17-23
port priority 17-21
root switch 17-19
secondary root switch 17-20
switch priority 17-24
defined 17-3
operations between regions 17-4
default configuration 17-16
default optional feature configuration 18-12
displaying status 17-28
enabling the mode 17-17
described 18-10
enabling 18-18
effects on root switch 17-19
effects on secondary root switch 17-20
unexpected behavior 17-19
implementation 17-7
port role naming change 17-7
terminology 17-5
instances supported 16-10
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-11
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-28
defined 17-3
master 17-3
operations within a region 17-3
described 18-11
enabling 18-19
mapping VLANs to MST instance 17-18
CIST 17-3
configuring 17-17
described 17-2
hop-count mechanism 17-6
IST 17-3
supported spanning-tree instances 17-2
optional features supported 1-8
overview 17-2
described 18-2
enabling 18-13
preventing root switch selection 18-10
described 18-10
enabling 18-18
configuring 17-19
effects of extended system ID 17-19
unexpected behavior 17-19
shutdown Port Fast-enabled port 18-2
stack changes, effects of 17-9
status, displaying 17-28
support for inaccessible authentication bypass 10-26
See multiple-authentication mode
Immediate Leave 22-5
joining 22-3
leaving 22-5
static joins 22-10, 36-8
multicast router interfaces, monitoring 22-16, 36-12
multicast router ports, adding 22-9, 36-8
multicast storm 23-1
multicast storm-control command 23-4
multicast television application 22-18
multicast VLAN 22-17
multiple authentication 10-15
configuring 10-48
and address aliasing 22-20
and IGMPv3 22-20
configuration guidelines 22-20
configuring interfaces 22-21
default configuration 22-19
described 22-17
example application 22-18
modes 22-21
monitoring 22-23
multicast television application 22-18
setting global parameters 22-20
support for 1-4
critical authentication 10-26, 10-60
IEEE 802.1x authentication using a RADIUS server 10-65
IEEE 802.1x validation using RADIUS server 10-65
inaccessible authentication bypass 10-60
Layer 2 IEEE 802.1x validation 1-12, 10-32, 10-65
named IPv4 ACLs 31-13
configuring 13-18
default 13-18
configuring 10-66
overview 10-34
neighbor discovery, IPv6 35-3
benefits 1-2
described 1-5
downloading image files 1-2
guide mode 1-2
management options 1-2
managing switch stacks 7-2, 7-14
upgrading a switch A-23
wizards 1-2
network configuration examples
increasing network performance 1-19
long-distance, high-bandwidth transport 1-23
providing network services 1-19
server aggregation and Linux server cluster 1-21
small to medium-sized network 1-22
performance 1-19
services 1-19
CDP 25-1
RMON 28-1
SNMP 30-1
network performance, measuring with IP SLAs 32-3
network policy TLV 26-2, 26-7
no commands 2-4
described 33-10
non-IP traffic filtering 31-22
nontrunking mode 13-14
normal-range VLANs 13-4
configuration guidelines 13-6
configuring 13-4
defined 13-1
NSM 4-3
authenticating 5-5
defined 5-3
enabling broadcast messages 5-7
peer 5-6
server 5-6
default configuration 5-5
displaying the configuration 5-12
overview 5-3
creating an access group 5-9
disabling NTP services per interface 5-11
source IP address, configuring 5-11
stratum 5-3
support for 1-6
synchronizing devices 5-6
services 5-3
synchronizing 5-3
configuring 38-25
described 38-24
displaying 38-26
offline configuration for switch stacks 7-7
off mode, VTP 14-4
overview 39-1
running tests 39-3
understanding 39-1
configuring 10-71
overview 10-33
optimizing system resources 8-1
options, management 1-5
out-of-profile markdown 1-14
packet modification, with QoS 33-20
default configuration 9-2
disabling recovery of 9-5
encrypting 9-3
for security 1-10
in clusters 6-13
overview 9-1
recovery of 38-3
enable 9-3
enable secret 9-3
Telnet 9-6
with usernames 9-7
VTP domain 14-10
MSTP 17-23
STP 16-20
PC (passive command switch) 6-10
performance, network design 1-19
performance features 1-4
persistent self-signed certificate 9-47
per-user ACLs and Filter-Ids 10-9
physical ports 12-2
PIM-DVMRP, as snooping method 22-8
character output description 38-15
executing 38-14
overview 38-14
auto mode 12-7
CDP with power consumption, described 12-5
CDP with power negotiation, described 12-5
Cisco intelligent power management 12-5
configuring 12-30
determining 12-8
support for 12-8
devices supported 12-5
high-power devices operating in low-power mode 12-6
IEEE power classification levels 12-6
monitoring 12-8
monitoring power 12-33
policing power consumption 12-33
policing power usage 12-8
power budgeting 12-31
power consumption 12-9, 12-31
powered-device detection and initial power allocation 12-6
power management modes 12-7
power monitoring 12-8
power negotiation extensions to CDP 12-5
power sensing 12-8
standards supported 12-5
static mode 12-7
total available power 12-10
troubleshooting 38-13
policed-DSCP map for QoS 33-63
for each matched traffic class 33-53
for more than one traffic class 33-58
described 33-4
displaying 33-79
number of 33-39
types of 33-10
described 33-4
token-bucket algorithm 33-10
characteristics of 33-53
described 33-8
displaying 33-80
nonhierarchical on physical ports
described 33-10
defined 31-2
types of 31-3
accounting 10-17
defined 10-3, 11-2
RADIUS server 10-3
client, defined 10-3, 11-2
configuration guidelines 10-38, 11-9
802.1x authentication 10-45
guest VLAN 10-57
host mode 10-48
inaccessible authentication bypass 10-60
manual re-authentication of a client 10-50
periodic re-authentication 10-49
quiet period 10-51
RADIUS server 10-47, 11-13
RADIUS server parameters on the switch 10-46, 11-11
restricted VLAN 10-58
switch-to-client frame-retransmission number 10-53, 10-54
switch-to-client retransmission time 10-51
violation modes 10-44
default configuration 10-37, 11-9
described 10-1
device roles 10-3, 11-2
displaying statistics 10-73, 11-17
downloadable ACLs and redirect URLs
configuring 10-67 to 10-69, ?? to 10-70
overview 10-21 to 10-23
EAPOL-start frame 10-6
EAP-request/identity frame 10-6
EAP-response/identity frame 10-6
802.1X authentication 11-11
encapsulation 10-3
flexible authentication ordering
configuring 10-70
overview 10-33
configuration guidelines 10-24, 10-25
described 10-24
host mode 10-13
inaccessible authentication bypass
configuring 10-60
described 10-26
guidelines 10-39
initiation and message exchange 10-6
magic packet 10-30
maximum number of allowed devices per port 10-40
method lists 10-45
multiple authentication 10-15
configuration tasks 10-21
described 10-20
RADIUS server attributes 10-20
authorization state and dot1x port-control command 10-11
authorized and unauthorized 10-11
voice VLAN 10-28
and voice VLAN 10-29
described 10-29
interactions 10-29
multiple-hosts mode 10-13
configuring 10-40
described 10-18, 10-40
resetting to default values 10-72
stack changes, effects of 10-12
statistics, displaying 10-73
as proxy 10-3, 11-2
RADIUS client 10-3
configuring 10-66
overview 10-34
guidelines 10-32
overview 10-31
AAA authorization 10-45
characteristics 10-19
configuration tasks 10-20
described 10-19
configuring 10-42
described 10-33, 10-42
described 10-28
PVID 10-28
VVID 10-28
wake-on-LAN, described 10-30
with ACLs and RADIUS Filter-Id attribute 10-35
port-based authentication methods, supported 10-8
port blocking 1-4, 23-7
port description TLV 26-2
described 18-2
enabling 18-13
mode, spanning tree 13-24
support for 1-8
port membership modes, VLAN 13-3
MSTP 17-21
STP 16-18
access 12-3
blocking 23-7
dual-purpose uplink 12-4
dynamic access 13-4
protected 23-6
secure 23-9
static-access 13-3, 13-9
switch 12-2
trunks 13-3, 13-13
VLAN assignments 13-9
aging 23-16
and QoS trusted boundary 33-43
and stacking 23-18
configuring 23-13
default configuration 23-11
described 23-8
displaying 23-18
on trunk ports 23-14
sticky learning 23-9
violations 23-10
with other features 23-11
port-shutdown response, VMPS 13-23
port VLAN ID TLV 26-2
power management TLV 26-3, 26-7
preemption, default configuration 19-8
preemption delay, default configuration 19-8
preferential treatment of traffic
preventing unauthorized access 9-1
primary links 19-2
overriding CoS 15-6
trusting CoS 15-6
privileged EXEC mode 2-2
changing the default for lines 9-9
command switch 6-17
exiting 9-10
logging into 9-10
mapping on member switches 6-17
overview 9-2, 9-8
setting a command with 9-8
protected ports 1-10, 23-6
provisioned switches and IP source guard 20-17
provisioning new members for a switch stack 7-7
proxy reports 19-4
in VTP domain 14-16
on a port 13-18
in VTP domain 14-16
on a port 13-18
examples 14-7
overview 14-6
changing 13-18
for VTP pruning 14-6
VLANs 14-16
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
and MQC commands 33-1
categorizing traffic 33-22
configuration and defaults display 33-35
configuration guidelines 33-32
described 33-21
disabling 33-34
displaying generated commands 33-34
displaying the initial configuration 33-35
effects on running configuration 33-32
list of generated commands 33-25
basic model 33-4
class maps, described 33-8
defined 33-4
DSCP transparency, described 33-44
flowchart 33-7
forwarding treatment 33-3
in frames and packets 33-3
IP ACLs, described 33-6, 33-8
MAC ACLs, described 33-5, 33-8
options for IP traffic 33-6
options for non-IP traffic 33-5
policy maps, described 33-8
trust DSCP, described 33-5
trusted CoS, described 33-5
trust IP precedence, described 33-5
configuring 33-51
displaying 33-79
auto-QoS 33-32
standard QoS 33-38
aggregate policers 33-58
auto-QoS 33-21
default port CoS value 33-42
DSCP maps 33-61
DSCP transparency 33-44
DSCP trust states bordering another domain 33-45
egress queue characteristics 33-72
ingress queue characteristics 33-67
IP extended ACLs 33-49
IP standard ACLs 33-48
MAC ACLs 33-50
port trust states within the domain 33-40
trusted boundary 33-43
default auto configuration 33-22
default standard configuration 33-36
displaying statistics 33-79
DSCP transparency 33-44
allocating buffer space 33-72
buffer allocation scheme, described 33-18
configuring shaped weights for SRR 33-76
configuring shared weights for SRR 33-77
described 33-4
displaying the threshold map 33-75
flowchart 33-18
mapping DSCP or CoS values 33-74
scheduling, described 33-4
setting WTD thresholds 33-72
WTD, described 33-19
enabling globally 33-40
classification 33-7
egress queueing and scheduling 33-18
ingress queueing and scheduling 33-15
policing and marking 33-11
implicit deny 33-8
allocating bandwidth 33-70
allocating buffer space 33-69
buffer and bandwidth allocation, described 33-16
configuring shared weights for SRR 33-70
configuring the priority queue 33-71
described 33-4
displaying the threshold map 33-68
flowchart 33-15
mapping DSCP or CoS values 33-67
priority queue, described 33-17
scheduling, described 33-4
setting WTD thresholds 33-67
WTD, described 33-16
automatic classification and queueing 33-21
detection and trusted settings 33-21, 33-43
limiting bandwidth on egress interface 33-78
CoS-to-DSCP 33-61
displaying 33-80
DSCP-to-CoS 33-64
DSCP-to-DSCP-mutation 33-65
IP-precedence-to-DSCP 33-62
policed-DSCP 33-63
types of 33-11
marked-down actions 33-56
marking, described 33-4, 33-9
overview 33-2
packet modification 33-20
configuring 33-56, 33-59
described 33-9
displaying 33-79
number of 33-39
types of 33-10
policies, attaching to an interface 33-9
described 33-4, 33-9
token bucket algorithm 33-10
characteristics of 33-53
displaying 33-80
nonhierarchical on physical ports 33-53
QoS label, defined 33-4
configuring egress characteristics 33-72
configuring ingress characteristics 33-67
high priority (expedite) 33-20, 33-78
location of 33-12
SRR, described 33-14
WTD, described 33-13
rewrites 33-20
support for 1-13
bordering another domain 33-45
described 33-5
trusted device 33-43
within the domain 33-40
queries, IGMP 22-4
query solicitation, IGMP 22-13
vendor-proprietary 9-38
vendor-specific 9-36
accounting 9-35
authentication 9-30
authorization 9-34
communication, global 9-28, 9-36
communication, per-server 9-27, 9-28
multiple UDP ports 9-28
default configuration 9-27
defining AAA server groups 9-32
displaying the configuration 9-40
identifying the server 9-27
in clusters 6-16
limiting the services to the user 9-34
method list, defined 9-27
operation of 9-20
overview 9-18
server load balancing 9-40
suggested network environments 9-19
support for 1-12
tracking services accessed by user 9-35
RADIUS Change of Authorization 9-20
macro 12-19
of interfaces 12-17
rapid convergence 17-11
rapid per-VLAN spanning-tree plus
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
rcommand command 6-16
downloading A-17
overview A-15
preparing the server A-16
uploading A-18
deleting old image A-36
downloading A-34
preparing the server A-33
uploading A-36
configuring 10-40
described 10-18, 10-40
reconfirmation interval, VMPS, changing 13-26
reconfirming dynamic VLAN membership 13-26
recovery procedures 38-1
redirect URL 10-21, 10-22, 10-67
EtherChannel 37-3
backbone 16-8
multidrop backbone 18-5
path cost 13-21
port priority 13-19
redundant links and UplinkFast 18-16
reloading software 3-22
Remote Authentication Dial-In User Service
remote SPAN 27-3
described 22-6
disabling 22-15, 36-11
resequencing ACL entries 31-13
reserved addresses in DHCP pools 20-23
resetting a UDLD-shutdown interface 24-6
described 32-4
enabling 32-6
response time, measuring with IP SLAs 32-4
configuring 10-58
described 10-25
using with IEEE 802.1x 10-25
NTP services 5-9
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-18
TACACS+ 9-10
retry count, VMPS, changing 13-27
1112, IP multicast and IGMP 22-2
1157, SNMPv1 30-2
1166, IP addresses 34-4
1305, NTP 5-3
1757, RMON 28-2
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 22-2
2273-2275, SNMPv3 30-2
RFC 5176 Compliance 9-21
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
collecting group Ethernet 28-5
collecting group history 28-5
support for 1-15
described 18-10
enabling 18-18
support for 1-8
MSTP 17-19
STP 16-16
defined 31-2
types of 31-4
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-11
defined 27-3
destination ports 27-8
displaying status 27-24
in a switch stack 27-3
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
received traffic 27-5
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-23
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
active topology 17-10
format 17-13
processing 17-14
designated port, defined 17-10
designated switch, defined 17-10
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-28
topology changes 17-14
overview 17-10
described 17-10
synchronized 17-12
proposal-agreement handshake process 17-11
cross-stack rapid convergence 17-11
described 17-11
edge ports and Port Fast 17-11
point-to-point links 17-11, 17-27
root ports 17-11
root port, defined 17-10
replacing A-19, A-20
rolling back A-19, A-20
running configuration, saving 3-15
SC (standby command switch) 6-10
scheduled reloads 3-22
and SSH 9-52
configuring 9-53
configuring 8-4
number of 8-1
configuration guidelines 8-3
configuring 8-3
types of 8-1
configuring 9-51
displaying 9-52
configuring 9-50
displaying 9-52
and switch stacks 23-18
deleting 23-15
maximum number of 23-10
types of 23-9
and switch stacks 23-18
secure ports, configuring 23-9
secure remote connections 9-42
security, port 23-8
security features 1-10
sequence numbers in log messages 29-8
server mode, VTP 14-3
service-provider network, MSTP and RSTP 17-1
set-request operation 30-4
failed command switch replacement 38-11
replacing failed command switch 38-9
severity levels, defining in system messages 29-9
monitoring status of 12-38, 38-14
security and identification 38-13
status, displaying 38-14
show access-lists hw-summary command 31-19
show and more command output, filtering 2-9
show cdp traffic command 25-6
show cluster members command 6-16
show configuration command 12-34
show forward command 38-22
show interfaces command 12-28, 12-34
show interfaces switchport 19-4
show lldp traffic command 26-11
show platform forward command 38-22
show platform tcam command 38-26, 38-27
displaying ACLs 31-17, 31-18
interface description in 12-34
shutdown command on interfaces 12-39
Simple Network Management Protocol
small form-factor pluggable modules
small-frame arrival rate, configuring 23-5
SNAP 25-1
accessing MIB variables with 30-4
described 30-4
disabling 30-7
and IP SLAs 32-2
authentication level 30-10
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-17
default configuration 30-6
engine ID 30-7
groups 30-7, 30-9
host 30-7
ifIndex values 30-5
in-band management 1-7
in clusters 6-14
and trap keyword 30-12
described 30-5
differences from traps 30-5
disabling 30-15
enabling 30-15
limiting access by TFTP servers 30-16
limiting system log messages to NMS 29-10
manager functions 1-5, 30-3
managing clusters with 6-17
location of B-4
supported B-1
notifications 30-5
overview 30-1, 30-4
security levels 30-3
setting CPU threshold notification 30-15
status, displaying 30-18
system contact and location 30-16
trap manager, configuring 30-13
described 30-3, 30-5
differences from informs 30-5
disabling 30-15
enabling 30-12
enabling MAC address notification 5-23, 5-25, 5-26
overview 30-1, 30-4
types of 30-12
users 30-7, 30-9
versions supported 30-2
SNMP and Syslog Over IPv6 35-5
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 22-2
location in flash A-24
recovery procedures 38-2
scheduling reloads 3-23
tar file format, described A-24
See also downloading and uploading
in IPv4 ACLs 31-10
source-and-destination-IP address based forwarding, EtherChannel 37-9
source-and-destination MAC address forwarding, EtherChannel 37-9
source-IP address based forwarding, EtherChannel 37-9
source-MAC address forwarding, EtherChannel 37-8
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-11
destination ports 27-8
displaying status 27-24
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
ports, restrictions 23-12
received traffic 27-5
configuring ingress forwarding 27-15, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-13
specifying monitored ports 27-12
with ingress traffic enabled 27-14
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 13-14
SPAN traffic 27-5
shaped weights on egress queues 33-76
shared weights on egress queues 33-77
shared weights on ingress queues 33-70
described 33-14
shaped mode 33-14
shared mode 33-14
support for 1-14
configuring 9-43
cryptographic software image 9-41
described 1-7, 9-42
encryption methods 9-42
switch stack considerations 7-14
user authentication methods, supported 9-42
configuration guidelines 9-49
configuring a secure HTTP client 9-51
configuring a secure HTTP server 9-50
cryptographic software image 9-46
described 9-46
monitoring 9-52
MAC address of 7-6, 7-17
802.1x port-based authentication 10-12
ACL configuration 31-6
CDP 25-2
cross-stack EtherChannel 37-13
EtherChannel 37-10
IGMP snooping 22-6
IP routing 34-3
MAC address tables 5-22
MSTP 17-9
MVR 22-17
port security 23-18
SDM template selection 8-2
SNMP 30-1
SPAN and RSPAN 27-10
STP 16-12
switch clusters 6-14
system message log 29-2
VLANs 13-6
VTP 14-8
bridge ID (MAC address) 7-6
defined 7-1
election 7-5
IPv6 35-6
accessing CLI of specific member 7-21
member number 7-19
priority value 7-20
defined 7-1
displaying information of 7-22
number 7-6
priority value 7-7
provisioning a new member 7-20
replacing 7-13
stack member number 12-16
stack protocol version 7-9
accessing CLI of specific member 7-21
member number 7-19
priority value 7-20
provisioning a new member 7-20
auto-advise 7-11
auto-copy 7-10
auto-extract 7-10
auto-upgrade 7-10
bridge ID 7-6
CDP considerations 25-2
compatibility, software 7-9
configuration file 7-13
configuration scenarios 7-15
copying an image file from one member to another A-37
default configuration 7-17
description of 7-1
displaying information of 7-22
enabling persistent MAC address timer 7-17
in clusters 6-14
incompatible software and image upgrades 7-13, A-37
IPv6 on 35-6
MAC address considerations 5-22
management connectivity 7-14
managing 7-1
membership 7-3
merged 7-3
MSTP instances supported 16-10
described 7-7
effects of adding a provisioned switch 7-7
effects of removing a provisioned switch 7-9
effects of replacing a provisioned switch 7-9
provisioned configuration, defined 7-7
provisioned switch, defined 7-7
provisioning a new member 7-20
partitioned 7-3, 38-8
adding 7-7
removing 7-9
replacing 7-9
replacing a failed member 7-13
software compatibility 7-9
software image version 7-9
stack protocol version 7-9
bridge ID 16-3
instances supported 16-10
root port selection 16-3
stack root switch election 16-3
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 5-15
system-wide configuration considerations 7-13
upgrading A-37
automatic upgrades with auto-upgrade 7-10
examples 7-11
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-10
described 7-10
See also stack master and stack member
considerations 6-11
defined 6-2
priority 6-10
requirements 6-3
virtual IP address 6-11
See also cluster standby group and HSRP
See cluster standby group and HSRP
standby links 19-2
manually 3-19
specific image 3-20
clearing A-19
automatically downloading 3-18
specifying the filename 3-18
default boot configuration 3-18
assigning to VLAN 13-9
defined 12-3, 13-3
static MAC addressing 1-10
configuring 34-5
configuring for IPv6 35-10
static VLAN membership 13-2
802.1X 11-17
802.1x 10-73
CDP 25-5
interface 12-38
LLDP 26-11
LLDP-MED 26-11
NMSP 26-11
QoS ingress and egress 33-79
RMON group Ethernet 28-5
RMON group history 28-5
SNMP input and output 30-18
VTP 14-18
sticky learning 23-9
configuring 23-3
described 23-1
disabling 23-5
displaying 23-18
support for 1-4
thresholds 23-2
accelerating root port selection 18-4
described 18-7
disabling 18-17
enabling 18-17
described 18-3
disabling 18-15
enabling 18-15
described 18-2
disabling 18-14
enabling 18-14
BPDU message exchange 16-3
configuration guidelines 16-13, 18-12
forward-delay time 16-23
hello time 16-22
maximum aging time 16-23
path cost 16-20
port priority 16-18
root switch 16-16
secondary root switch 16-18
spanning-tree mode 16-15
switch priority 16-21
transmit hold-count 16-24
counters, clearing 16-24
described 18-5
enabling 18-17
default configuration 16-13
default optional feature configuration 18-12
designated port, defined 16-4
designated switch, defined 16-4
detecting indirect link failures 18-8
disabling 16-16
displaying status 16-24
described 18-10
disabling 18-18
enabling 18-18
effects on root switch 16-16
effects on the secondary root switch 16-18
overview 16-4
unexpected behavior 16-16
features supported 1-8
IEEE 802.1D and bridge ID 16-4
IEEE 802.1D and multicast addresses 16-9
IEEE 802.1t and VLAN identifier 16-5
inferior BPDU 16-3
instances supported 16-10
interface state, blocking to forwarding 18-2
blocking 16-6
disabled 16-7
forwarding 16-6, 16-7
learning 16-7
listening 16-7
overview 16-5
interoperability and compatibility among modes 16-11
limitations with IEEE 802.1Q trunks 16-11
overview 13-19
using path costs 13-21
using port priorities 13-19
described 18-11
enabling 18-19
modes supported 16-10
multicast addresses, effect of 16-9
optional features supported 1-8
overview 16-2
path costs 13-21, 13-22
described 18-2
enabling 18-13
port priorities 13-20
preventing root switch selection 18-10
protocols supported 16-10
redundant connectivity 16-8
described 18-10
enabling 18-18
root port, defined 16-3
root port selection on a switch stack 16-3
configuring 16-16
effects of extended system ID 16-4, 16-16
election 16-3
unexpected behavior 16-16
shutdown Port Fast-enabled port 18-2
stack changes, effects of 16-12
status, displaying 16-24
superior BPDU 16-3
timers, described 16-22
described 18-3
enabling 18-16
stratum, NTP 5-3
subnet mask 34-4
success response, VMPS 13-23
summer time 5-14
SunNet Manager 1-5
supported port-based authentication methods 10-8
and IP unicast routing 34-3
and router ACLs 31-4
connecting VLANs 12-10
defined 12-4
switch 35-2
switch clustering technology 6-1
switch console port 1-7
switched ports 12-2
switchport backup interface 19-4, 19-5
switchport block multicast command 23-8
switchport block unicast command 23-8
switchport protected command 23-7
MSTP 17-24
STP 16-21
switch software features 1-1
system capabilities TLV 26-2
daylight saving time 5-14
manually 5-12
summer time 5-14
time zones 5-13
displaying the time and date 5-13
overview 5-2
system description TLV 26-2
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-14
enabling 29-5
facility keywords, described 29-14
level keywords, described 29-10
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-15
time stamps, enabling and disabling 29-8
configuring the daemon 29-13
configuring the logging facility 29-13
facilities supported 29-14
default configuration 5-16
default setting 5-16
manual configuration 5-16
system name TLV 26-2
system prompt, default setting 5-15, 5-16
system resources, optimizing 8-1
accounting, defined 9-11
authentication, defined 9-11
authorization, defined 9-11
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-18
identifying the server 9-13
in clusters 6-16
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-12
tracking services accessed by user 9-17
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-24
memory consistency check errors
displaying 38-27
example 38-27
memory consistency check routines 1-5, 38-26
memory consistency integrity 1-5, 38-26
portions 38-27
HFTM 38-26
HQATM 38-26
unassigned 38-26
TDR 1-16
accessing management interfaces 2-10
number of connections 1-7
setting a password 9-6
temporary self-signed certificate 9-47
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 9-6
ternary content addressable memory
downloading A-11
preparing the server A-11
uploading A-12
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
deleting A-27
downloading A-26
preparing the server A-25
uploading A-28
limiting access by servers 30-16
TFTP server 1-6
threshold, traffic level 23-2
time-range command 31-15
time ranges in ACLs 31-15
time stamps in log messages 29-8
time zones 5-13
defined 26-2
LLDP 26-2
LLDP-MED 26-2
support for 13-5
VTP support 14-5
ToS 1-13
and ARP 38-16
and CDP 38-16
broadcast traffic 38-15
described 38-15
IP addresses and subnets 38-16
MAC addresses and VLANs 38-16
multicast traffic 38-16
multiple devices on a port 38-16
unicast traffic 38-15
usage guidelines 38-16
traceroute command 38-18
blocking flooded 23-8
fragmented 31-4
unfragmented 31-4
traffic policing 1-14
traffic suppression 23-2
transparent mode, VTP 14-4
trap-door mechanism 3-2
configuring MAC address notification 5-23, 5-25, 5-26
configuring managers 30-12
defined 30-3
enabling 5-23, 5-25, 5-26, 30-12
notification types 30-12
overview 30-1, 30-4
connectivity problems 38-14, 38-15, 38-17
CPU utilization 38-28
detecting unidirectional links 24-1
displaying crash information 38-23
setting packet forwarding 38-22
SFP security and identification 38-13
show forward command 38-22
with CiscoWorks 30-4
with debug commands 38-20
with ping 38-14
with system message logging 29-1
with traceroute 38-17
trunking encapsulation 1-9
configuring 13-16
defined 12-3, 13-3
allowed-VLAN list 13-17
setting STP path costs 13-21
using STP port priorities 13-19, 13-20
native VLAN for untagged traffic 13-18
parallel 13-21
pruning-eligible list 13-18
to non-DTP device 13-13
trusted boundary for QoS 33-43
between QoS domains 33-45
classification options 33-5
ensuring port security for IP phones 33-43
support for 1-13
within a QoS domain 33-40
trustpoints, CA 9-46
twisted-pair Ethernet, detecting unidirectional links 24-1
configuration guidelines 24-4
default configuration 24-4
globally 24-5
on fiber-optic interfaces 24-5
per interface 24-6
echoing detection mechanism 24-3
globally 24-5
per interface 24-6
link-detection mechanism 24-1
neighbor database 24-2
overview 24-1
resetting an interface 24-6
status, displaying 24-7
support for 1-8
unauthorized ports with IEEE 802.1x 10-11
unicast MAC address filtering 1-6
and adding static addresses 5-28
and broadcast MAC addresses 5-28
and CPU packets 5-28
and multicast addresses 5-28
and router MAC addresses 5-28
configuration guidelines 5-28
described 5-28
unicast storm 23-1
unicast storm control command 23-4
unicast traffic, blocking 23-8
UniDirectional Link Detection protocol
daemon configuration 29-13
facilities supported 29-14
message logging configuration 29-13
unrecognized Type-Length-Value (TLV) support 14-5
upgrading a Catalyst 2950 switch
configuration compatibility issues D-1
differences in configuration commands D-1
feature behavior incompatibilities D-5
incompatible command messages D-1
recommendations D-1
described 18-3
disabling 18-16
enabling 18-16
support for 1-8
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
preparing A-25, A-29, A-33
reasons for A-23
using FTP A-32
using RCP A-36
using TFTP A-28
USB mini-Type B console port 12-11
USB Type A port 1-8
user EXEC mode 2-2
username-based authentication 9-7
version-dependent transparent mode 14-5
automatic upgrades with auto-upgrade 7-10
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-10
described 7-10
cluster standby group 6-11
command switch 6-11
virtual switches and PAgP 37-6
vlan.dat file 13-4
VLAN 1, disabling on a trunk port 13-17
VLAN 1 minimization 13-17
vlan-assignment response, VMPS 13-23
at bootup 13-7
saving 13-7
VLAN configuration mode 2-2
and startup configuration file 13-7
and VTP 14-1
VLAN configuration saved in 13-7
VLANs saved in 13-4
VLAN filtering and SPAN 27-7
vlan global configuration command 13-6
VLAN ID, discovering 5-31
VLAN load balancing on flex links 19-3
configuration guidelines 19-8
VLAN management domain 14-2
confirming 13-26
modes 13-3
adding 13-8
adding to VLAN database 13-8
aging dynamic addresses 16-9
allowed on trunk 13-17
and spanning-tree instances 13-3, 13-6, 13-11
configuration guidelines, extended-range VLANs 13-11
configuration guidelines, normal-range VLANs 13-6
configuring 13-1
configuring IDs 1006 to 4094 13-11
connecting through SVIs 12-10
creating 13-8
default configuration 13-7
deleting 13-9
described 12-2, 13-1
displaying 13-13
extended-range 13-1, 13-10
features 1-9
illustrated 13-2
in the switch stack 13-6
limiting source traffic with RSPAN 27-23
limiting source traffic with SPAN 27-16
modifying 13-8
multicast 22-17
native, configuring 13-18
normal-range 13-1, 13-4
number supported 1-9
parameters 13-5
port membership modes 13-3
static-access ports 13-9
STP and IEEE 802.1Q trunks 16-11
supported 13-2
Token Ring 13-5
traffic between 13-2
VTP modes 14-3
VLAN trunks 13-13
administering 13-27
configuration example 13-28
configuration guidelines 13-24
default configuration 13-24
description 13-22
described 13-23
reconfirming 13-26
troubleshooting 13-28
entering server address 13-25
mapping MAC addresses to VLANs 13-23
monitoring 13-27
reconfirmation interval, changing 13-26
reconfirming membership 13-26
retry count, changing 13-27
configuring 10-42
described 10-33, 10-42
voice-over-IP 15-1
Cisco 7960 phone, port connections 15-1
configuration guidelines 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-6
trust CoS priority of incoming frame 15-6
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-5
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-7
IP phone data traffic, described 15-2
IP phone voice traffic, described 15-2
VQP 1-9, 13-22
adding a client to a domain 14-17
advertisements 13-15, 14-4
and extended-range VLANs 13-2, 14-2
and normal-range VLANs 13-2, 14-2
client mode, configuring 14-13
guidelines 14-9
requirements 14-11
saving 14-9
configuration requirements 14-11
guideline 14-17
resetting 14-17
consistency checks 14-5
default configuration 14-9
described 14-1
domain names 14-10
domains 14-2
client 14-3
off 14-4
server 14-3
transitions 14-3
transparent 14-4
monitoring 14-18
passwords 14-10
disabling 14-16
enabling 14-16
examples 14-7
overview 14-6
support for 1-9
pruning-eligible list, changing 13-18
server mode, configuring 14-11, 14-14
statistics 14-18
support for 1-9
Token Ring support 14-5
transparent mode, configuring 14-12
using 14-1
enabling 14-15
version, guidelines 14-10
Version 1 14-5
configuration guidelines 14-10
overview 14-5
overview 14-5
web authentication 10-18
configuring 11-16 to ??
described 1-10
customizeable web pages 11-6
description 11-1
web-based authentication, interactions with other features 11-7
configuring 26-9
displaying 26-11
location TLV 26-3
understanding 26-3
wizards 1-2
described 33-13
egress queue-sets 33-72
ingress queues 33-67
support for 1-14
Xmodem protocol 38-2
Index
abbreviating commands 2-3
AC (command switch) 6-10
access-class command 31-17
access-denied response, VMPS 13-23
Layer 3 31-19
access groups, applying IPv4 ACLs to interfaces 31-18
clusters, switch 6-13
command switches 6-11
member switches 6-13
switch clusters 6-13
accessing stack members 7-21
in switch clusters 6-9
access ports, defined 12-3
with 802.1x 10-55
with IEEE 802.1x 10-17
with RADIUS 9-35
with TACACS+ 9-11, 9-17
and QoS 33-8
defined 31-2
Ethernet 31-2
IP 31-2
ACEs 31-2
any keyword 31-11
time ranges to 31-15
to an interface 31-18
to QoS 33-8
classifying traffic for QoS 33-48
comments in 31-16
compiling 31-20
defined 31-1, 31-7
examples of 31-20, 33-48
extended IP, configuring for QoS classification 33-49
creating 31-9
matching criteria 31-7
hardware and software handling 31-19
host keyword 31-11
creating 31-7
fragments and QoS guidelines 33-38
implicit deny 31-9, 31-12, 31-14
implicit masks 31-9
matching criteria 31-7
undefined 31-19
applying to interfaces 31-18
creating 31-7
matching criteria 31-7
named 31-13
numbers 31-7
terminal lines, setting on 31-17
unsupported features 31-6
MAC extended 31-22, 33-50
matching 31-7, 31-19
monitoring 31-25
named, IPv4 31-13
number per QoS class map 33-38
port 31-2
precedence of 31-2
QoS 33-8, 33-48
resequencing entries 31-13
router 31-2
standard IP, configuring for QoS classification 33-48
creating 31-8
matching criteria 31-7
support for 1-10
support in hardware 31-19
time ranges 31-15
types supported 31-2
unsupported features, IPv4 31-6
active link 19-4, 19-5, 19-6
active links 19-2
active traffic monitoring, IP SLAs 32-1
address aliasing 22-2
displaying the MAC address table 5-30
accelerated aging 16-9
changing the aging time 5-22
default aging 16-9
defined 5-20
learning 5-21
removing 5-23
IPv6 35-2
MAC, discovering 5-31
multicast, STP address management 16-9
adding and removing 5-27
defined 5-20
address resolution 5-31
CDP 25-1
LLDP 26-2
aggregatable global unicast addresses 35-3
aggregate policers 33-58
aggregate policing 1-14
aging, accelerating 16-9
for MSTP 17-25
for STP 16-9, 16-23
MAC address table 5-22
for MSTP 17-26
for STP 16-23, 16-24
alarms, RMON 28-3
allowed-VLAN list 13-17
defined 1-6, 5-31
address resolution 5-31
managing 5-31
vendor-proprietary 9-38
vendor-specific 9-36
attribute-value pairs 10-14, 10-17, 10-22, 10-23
local mode with AAA 9-40
NTP associations 5-5
open1x 10-33
key 9-28
login 9-30
defined 9-11
key 9-13
login 9-14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 10-9
CLI commands 10-10
compatibility with older 802.1x CLI commands 10-10 to ??
overview 10-8
authoritative time source, described 5-3
with RADIUS 9-34
with TACACS+ 9-11, 9-16
authorized ports with IEEE 802.1x 10-11
autoconfiguration 3-3
auto enablement 10-34
automatic advise (auto-advise) in switch stacks 7-11
automatic copy (auto-copy) in switch stacks 7-10
beyond a noncandidate device 6-8
brand new switches 6-9
connectivity 6-5
different VLANs 6-7
management VLANs 6-8
non-CDP-capable devices 6-7
noncluster-capable devices 6-7
in switch clusters 6-5
automatic extraction (auto-extract) in switch stacks 7-10
automatic recovery, clusters 6-10
automatic upgrades (auto-upgrade) in switch stacks 7-10
configuring 12-30
described 12-29
duplex mode 1-4
interface configuration guidelines 12-27
mismatches 38-12
Auto-QoS video devices 1-14
autosensing, port speed 1-4
availability, features 1-8
described 18-7
disabling 18-17
enabling 18-17
support for 1-8
backup links 19-2
login 5-20
message-of-the-day login 5-19
default configuration 5-18
when displayed 5-18
Berkeley r-tools replacement 9-52
See DHCP snooping binding database
DHCP snooping database 20-7
IP source guard 20-14
See DHCP snooping binding database
blocking packets 23-7
boot loader, function of 3-2
boot process 3-2
manually 3-19
specific image 3-20
accessing 3-21
described 3-2
environment variables 3-21
prompt 3-21
trap-door mechanism 3-2
error-disabled state 18-3
filtering 18-3
RSTP format 17-13
described 18-3
disabling 18-15
enabling 18-15
support for 1-8
described 18-2
disabling 18-14
enabling 18-14
support for 1-8
broadcast storm-control command 23-4
broadcast storms 23-1
cables, monitoring for unidirectional links 24-1
automatic discovery 6-5
defined 6-4
requirements 6-4
See also command switch, cluster standby group, and member switch
authentication compatibility 10-9
configuring 9-49
defined 9-47
and trusted boundary 33-43
automatic discovery in switch clusters 6-5
configuring 25-2
default configuration 25-2
defined with LLDP 26-1
described 25-1
disabling for routing device 25-4
on an interface 25-4
on a switch 25-4
monitoring 25-5
overview 25-1
power negotiation extensions 12-5
support for 1-6
switch stack considerations 25-2
transmission timer and holdtime, setting 25-3
updates 25-3
as IGMP snooping learning method 22-9
joining multicast group 22-3
CipherSuites 9-48
Cisco 7960 IP Phone 15-1
Cisco intelligent power management 12-5
Cisco IOS IP Service Level Agreements (SLAs) responder 1-5
Cisco IOS IP SLAs 32-2
attribute-value pairs for downloadable ACLs 10-23
attribute-value pairs for redirect URL 10-22
Cisco Secure ACS configuration guide 10-67
CiscoWorks 2000 1-5, 30-4
CISP 10-34
civic location 26-3
configuring 33-51
described 33-8
displaying 33-79
clearing interfaces 12-38
abbreviating commands 2-3
command modes 2-1
configuration logging 2-4
described 1-5
enabling and disabling 2-6
keystroke editing 2-7
wrapped lines 2-8
error messages 2-4
filtering command output 2-9
getting help 2-3
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 6-16
no and default forms of commands 2-4
Client Information Signalling Protocol
client mode, VTP 14-3
accessing 6-13
automatic discovery 6-5
automatic recovery 6-10
benefits 1-2
compatibility 6-5
described 6-1
LRE profile considerations 6-16
through CLI 6-16
through SNMP 6-17
planning 6-5
automatic discovery 6-5
automatic recovery 6-10
CLI 6-16
host names 6-13
IP addresses 6-13
LRE profiles 6-16
passwords 6-13
RADIUS 6-16
SNMP 6-14, 6-17
switch stacks 6-14
TACACS+ 6-16
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
automatic recovery 6-12
considerations 6-11
defined 6-2
requirements 6-3
virtual IP address 6-11
CNS 1-6
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-7
management functions 1-6
CoA Request Commands 9-23
Coarse Wave Division Multiplexer
command modes 2-1
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 9-8
accessing 6-11
active (AC) 6-10
configuration conflicts 38-12
defined 6-2
passive (PC) 6-10
password privilege levels 6-17
priority 6-10
from command-switch failure 6-10, 38-8
from lost member connectivity 38-12
redundant 6-10
with another switch 38-11
with cluster member 38-9
requirements 6-3
standby (SC) 6-10
See also candidate switch, cluster standby group, member switch, and standby command switch
configuring 6-14, 30-8
for cluster switches 30-4
in clusters 6-14
overview 30-4
SNMP 6-14
compatibility, feature 23-12
config.text 3-18
configurable leave timer, IGMP 22-6
defaults 1-16
Express Setup 1-2
configuration changes, logging 29-11
configuration conflicts, recovering from lost member connectivity 38-12
configuration examples, network 1-18
archiving A-20
clearing the startup configuration A-19
creating using a text editor A-10
default name 3-18
deleting a stored configuration A-19
described A-8
automatically 3-18
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-13
using RCP A-17
using TFTP A-11
guidelines for creating and using A-9
guidelines for replacing and rolling back A-21
invalid combinations when copying A-5
limiting TFTP server access 30-16
obtaining with DHCP 3-9
password recovery disable considerations 9-5
replacing a running configuration A-19, A-20
rolling back a running configuration A-19, A-20
specifying the filename 3-18
system contact and location information 30-16
types and location A-10
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
configuration logger 29-11
configuration logging 2-4
configuration replacement A-19
configuration rollback A-19, A-20
configuration settings, saving 3-15
configure terminal command 12-16
configuring 802.1x user distribution 10-63
configuring port-based authentication violation modes 10-44
configuring small-frame arrival rate 23-5
conflicts, configuration 38-12
connections, secure remote 9-42
connectivity problems 38-14, 38-15, 38-17
consistency checks in VTP Version 2 14-5
console port, connecting to 2-10
control protocol, IP SLAs 32-4
corrupted software, recovery steps with Xmodem 38-2
in Layer 2 frames 33-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 33-16
CoS output queue threshold map for QoS 33-19
CoS-to-DSCP map for QoS 33-61
counters, clearing interface 12-38
CPU utilization, troubleshooting 38-28
crashinfo file 38-23
critical authentication, IEEE 802.1x 10-60
critical VLAN 10-26
configuring 10-60
configuration guidelines 37-13
described 37-3
illustration 37-4
support for 1-8
described 18-5
disabling 18-17
enabling 18-17
fast-convergence events 18-7
Fast Uplink Transition Protocol 18-6
normal-convergence events 18-7
support for 1-8
SSH 9-41
SSL 9-46
switch stack considerations 7-14
customjzeable web pages, web-based authentication 11-6
CWDM SFPs 1-23
daylight saving time 5-14
enabling all system diagnostics 38-21
enabling for a specific feature 38-20
redirecting error message output 38-21
using commands 38-20
default commands 2-4
802.1x 10-37
auto-QoS 33-22
banners 5-18
booting 3-18
CDP 25-2
DHCP 20-9
DHCP option 82 20-9
DHCP snooping 20-9
DHCP snooping binding database 20-9
DNS 5-17
dynamic ARP inspection 21-5
EtherChannel 37-11
Ethernet interfaces 12-23
Flex Links 19-8
IGMP filtering 22-24
IGMP snooping 22-7, 36-6
IGMP throttling 22-24
initial switch information 3-3
IP SLAs 32-5
IP source guard 20-16
IPv6 35-6
Layer 2 interfaces 12-23
LLDP 26-5
MAC address table 5-22
MAC address-table move update 19-8
MSTP 17-16
MVR 22-19
NTP 5-5
optional spanning-tree configuration 18-12
password and privilege level 9-2
RADIUS 9-27
RMON 28-3
RSPAN 27-11
SDM template 8-3
SNMP 30-6
SPAN 27-11
SSL 9-48
standard QoS 33-36
STP 16-13
switch stacks 7-17
system message logging 29-4
system name and prompt 5-16
TACACS+ 9-13
UDLD 24-4
VLAN, Layer 2 Ethernet interfaces 13-15
VLANs 13-7
VMPS 13-24
voice VLAN 15-3
VTP 14-9
default gateway 3-15
default web-based authentication configuration
802.1X 11-9
deleting VLANs 13-9
denial-of-service attack 23-1
description command 12-34
designing your network, examples 1-18
in IPv4 ACLs 31-10
destination-IP address-based forwarding, EtherChannel 37-9
destination-MAC address forwarding, EtherChannel 37-9
detecting indirect link failures, STP 18-8
device A-23
device discovery protocol 25-1, 26-1
benefits 1-2
described 1-2, 1-5
in-band management 1-7
upgrading a switch A-23
relay agent 20-11
client request message exchange 3-4
client side 3-3
DNS 3-8
relay device 3-8
server side 3-6
TFTP server 3-7
example 3-10
for IP address information 3-6
for receiving the configuration file 3-6
overview 3-3
relationship to BOOTP 3-4
relay support 1-6
support for 1-6
DHCP-based autoconfiguration and image update
configuring 3-11 to 3-14
understanding 3-5 to 3-6
See DHCP snooping binding database
See DHCP snooping binding database
circuit ID suboption 20-5
configuration guidelines 20-9
default configuration 20-9
displaying 20-14
overview 20-4
circuit ID 20-5
remote ID 20-5
remote ID suboption 20-5
DHCP server port-based address allocation
configuration guidelines 20-23
default configuration 20-23
described 20-22
displaying 20-25
enabling 20-23
reserved addresses 20-23
DHCP server port-based address assignment
support for 1-6
accepting untrusted packets form edge switch 20-3, 20-11
See DHCP snooping binding database
configuration guidelines 20-9
default configuration 20-9
displaying binding tables 20-14
message exchange process 20-4
option 82 data insertion 20-4
trusted interface 20-3
untrusted interface 20-3
untrusted messages 20-3
DHCP snooping binding database
adding bindings 20-13
binding entries, displaying 20-14
format 20-8
location 20-7
bindings 20-7
clearing agent statistics 20-13
configuration guidelines 20-10
configuring 20-13
default configuration 20-9
binding file 20-13
bindings 20-13
database agent 20-13
described 20-7
displaying 20-14
displaying status and statistics 20-14
enabling 20-13
entry 20-7
renewing database 20-13
delay value 20-13
timeout value 20-13
See DHCP snooping binding database
Differentiated Services architecture, QoS 33-2
Differentiated Services Code Point 33-2
directed unicast requests 1-6
changing A-4
creating and removing A-4
displaying the working A-4
and DHCP-based autoconfiguration 3-8
default configuration 5-17
displaying the configuration 5-18
in IPv6 35-3
overview 5-16
setting up 5-17
support for 1-6
DNS 5-16
VTP 14-10
downloadable ACL 10-21, 10-23, 10-67
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-13
using RCP A-17
using TFTP A-11
deleting old image A-27
preparing A-25, A-29, A-33
reasons for A-23
using CMS 1-2
using FTP A-30
using HTTP 1-2, A-23
using RCP A-34
using TFTP A-26
using the device manager or Network Assistant A-23
support for 1-15
DSCP 1-13, 33-2
DSCP input queue threshold map for QoS 33-16
DSCP output queue threshold map for QoS 33-19
DSCP-to-CoS map for QoS 33-64
DSCP-to-DSCP-mutation map for QoS 33-65
DSCP transparency 33-44
DTP 1-9, 13-13
dual-action detection 37-6
dual IPv4 and IPv6 templates 35-4, 35-5
IPv4 and IPv6 35-4
SDM templates supporting 35-5
defined 12-4
LEDs 12-5
link selection 12-5, 12-25
setting the type 12-25
characteristics 13-4
configuring 13-25
defined 12-3
ARP cache poisoning 21-1
ARP requests, described 21-1
ARP spoofing attack 21-1
log buffer 21-16
statistics 21-16
configuration guidelines 21-6
ACLs for non-DHCP environments 21-9
in DHCP environments 21-7
log buffer 21-13
rate limit for incoming ARP packets 21-4, 21-11
default configuration 21-5
denial-of-service attacks, preventing 21-11
described 21-1
DHCP snooping binding database 21-2
ARP ACLs 21-15
configuration and operating state 21-15
log buffer 21-16
statistics 21-16
trust state and rate limit 21-15
error-disabled state for exceeding rate limit 21-4
function of 21-2
interface trust states 21-3
clearing 21-16
configuring 21-13
displaying 21-16
logging of dropped packets, described 21-5
man-in-the middle attack, described 21-2
network security issues and interface trust states 21-3
priority of ARP ACLs and DHCP snooping entries 21-4
configuring 21-11
described 21-4
error-disabled state 21-4
clearing 21-16
displaying 21-16
validation checks, performing 21-12
dynamic auto trunking mode 13-14
dynamic desirable trunking mode 13-14
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
described 13-23
reconfirming 13-26
troubleshooting 13-28
types of connections 13-25
enabling and disabling 2-6
keystrokes used 2-7
wrapped lines 2-8
ELIN location 26-3
enable password 9-3
enable secret password 9-3
encryption, CipherSuite 9-48
encryption for passwords 9-3
environment variables, function of 3-21
error-disabled state, BPDU 18-3
error messages during command entry 2-4
automatic creation of 37-5, 37-7
binding physical and logical interfaces 37-4
numbering of 37-4
configuration guidelines 37-12
configuring Layer 2 interfaces 37-13
default configuration 37-11
described 37-2
displaying status 37-20
forwarding methods 37-8, 37-15
IEEE 802.3ad, described 37-7
with STP 37-12
with VLANs 37-13
described 37-7
displaying status 37-20
hot-standby ports 37-18
interaction with other features 37-8
modes 37-7
port priority 37-19
system priority 37-18
load balancing 37-8, 37-15
aggregate-port learners 37-16
compatibility with Catalyst 1900 37-17
described 37-5
displaying status 37-20
interaction with other features 37-7
interaction with virtual switches 37-6
learn method and priority configuration 37-16
modes 37-6
support for 1-4
with dual-action detection 37-6
described 37-4
numbering of 37-4
port groups 12-4
stack changes, effects of 37-10
support for 1-4
described 18-10
disabling 18-18
enabling 18-18
active link 12-21
and routing 12-21
and TFTP 12-22
configuring 12-22
default setting 12-21
described 12-21
for network management 12-21
specifying 12-22
supported features 12-21
unsupported features 12-22
Ethernet management port, internal
and routing 12-21
unsupported features 12-22
adding 13-8
defaults and ranges 13-7
modifying 13-8
EUI 35-3
events, RMON 28-3
network configuration 1-18
expedite queue for QoS 33-78
Express Setup 1-2
See also getting started guide
extended crashinfo file 38-23
configuration guidelines 13-11
configuring 13-10
creating 13-11
defined 13-1
MSTP 17-19
STP 16-4, 16-16
Extensible Authentication Protocol over LAN 10-1
fa0 interface 1-7
failover support 1-8
Fast Convergence 19-3
Fast Uplink Transition Protocol 18-6
features, incompatible 23-12
fiber-optic, detecting unidirectional links 24-1
description 38-23
location 38-23
copying A-5
crashinfo, description 38-23
deleting A-5
displaying the contents of A-8
description 38-24
location 38-24
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-24
displaying available file systems A-2
displaying file information A-3
local file system names A-1
network file system names A-5
setting the default A-3
non-IP traffic 31-22
show and more command output 2-9
filtering show and more command output 2-9
flash device, number of A-1
flexible authentication ordering
configuring 10-70
overview 10-33
Flex Link Multicast Fast Convergence 19-3
configuration guidelines 19-8
configuring 19-9, 19-10
configuring preferred VLAN 19-12
configuring VLAN load balancing 19-11
default configuration 19-8
description 19-2
link load balancing 19-3
monitoring 19-14
VLANs 19-3
flooded traffic, blocking 23-8
flow-based packet classification 1-13
QoS classification 33-7
QoS egress queueing and scheduling 33-18
QoS ingress queueing and scheduling 33-15
QoS policing and marking 33-11
configuring 12-29
described 12-28
MSTP 17-25
STP 16-23
accessing MIB files B-4
downloading A-13
overview A-12
preparing the server A-13
uploading A-15
deleting old image A-31
downloading A-30
preparing the server A-29
uploading A-32
general query 19-5
Generating IGMP Reports 19-4
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-4
get-request operation 30-3, 30-4
get-response operation 30-3
global configuration mode 2-2
global leave, IGMP 22-13
guest VLAN and 802.1x 10-24
guide mode 1-2
See device manager and Network Assistant
MSTP 17-25
STP 16-22
help, for the command line 2-3
HFTM space 38-26
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 29-10
host names, in clusters 6-13
hosts, limit on dynamic ports 13-28
HP OpenView 1-5
HQATM space 38-26
automatic cluster recovery 6-12
cluster standby group considerations 6-11
See also clusters, cluster standby group, and standby command switch
HTTPS 9-46
configuring 9-50
self-signed certificate 9-47
HTTP secure server 9-46
IPv6 35-3
time-exceeded messages 38-17
traceroute and 38-17
executing 38-14
overview 38-14
ICMPv6 35-3
and ingress RSPAN 27-21
and ingress SPAN 27-14
IEEE 802.1p 15-1
and trunk ports 12-3
configuration limitations 13-14
encapsulation 13-13
native VLAN for untagged traffic 13-18
IEEE 802.3ad, PoE+ 1-15, 12-6
IEEE 802.3x flow control 12-28
ifIndex values, SNMP 30-5
IFS 1-6
described 22-6
enabling 22-11
controlling the length of time 22-12
disabling on an interface 22-13
global leave 22-13
query solicitation 22-13
recovering from flood mode 22-13
joining multicast group 22-3
join messages 22-3
leave processing, enabling 22-10, 36-9
leaving multicast group 22-5
queries 22-4
described 22-6
disabling 22-15, 36-11
supported versions 22-3
support for 1-4
configuring 22-24
default configuration 22-24
described 22-23
monitoring 22-28
support for 1-4
configuring filtering 22-27
setting the maximum number 22-26
configuration guidelines 22-11
described 22-5
enabling 22-10
applying 22-25
configuration mode 22-24
configuring 22-25
and address aliasing 22-2
and stack changes 22-6
configuring 22-7
default configuration 22-7, 36-6
definition 22-2
enabling and disabling 22-7, 36-7
global configuration 22-7
Immediate Leave 22-5
in the switch stack 22-6
method 22-8
monitoring 22-16, 36-12
configuration guidelines 22-14
configuring 22-14
supported versions 22-3
support for 1-4
VLAN configuration 22-8
configuring 22-27
default configuration 22-24
described 22-24
displaying action 22-28
Immediate Leave, IGMP 22-5
enabling 36-9
inaccessible authentication bypass 10-26
support for multiauth ports 10-26
defaults 1-16
Express Setup 1-2
number 12-16
range macros 12-19
interface command 12-16 to ??, 12-16
interface configuration mode 2-2
auto-MDIX, configuring 12-29
duplex and speed 12-26
procedure 12-16
counters, clearing 12-38
default configuration 12-23
described 12-34
descriptive name, adding 12-34
displaying information about 12-38
flow control 12-28
management 1-5
monitoring 12-37
naming 12-34
physical, identifying 12-15, 12-16
range of 12-17
restarting 12-39
shutting down 12-39
speed and duplex, configuring 12-27
status 12-37
supported 12-15
types of 12-1
interfaces range macro command 12-19
interface types 12-16
inter-VLAN routing 34-1
inventory management TLV 26-3, 26-7
for QoS classification 33-8
implicit deny 31-9, 31-12
implicit masks 31-9
named 31-13
undefined 31-19
128-bit 35-2
candidate or member 6-4, 6-13
classes of 34-4
cluster access 6-2
command switch 6-3, 6-11, 6-13
discovering 5-31
for IP routing 34-4
IPv6 35-2
redundant clusters 6-11
standby command switch 6-11, 6-13
ip igmp profile command 22-24
manually 3-15
through DHCP-based autoconfiguration 3-3
default configuration 3-3
and QoS 15-1
automatic classification and queueing 33-21
configuring 15-4
ensuring port security with QoS 33-43
trusted boundary for QoS 33-43
IP Port Security for Static Hosts
on a Layer 2 access port 20-18
IP precedence 33-2
IP-precedence-to-DSCP map for QoS 33-62
IP protocols in ACLs 31-10
disabling 34-4
enabling 34-4
IP service levels, analyzing 32-1
benefits 32-2
configuration guidelines 32-5
Control Protocol 32-4
default configuration 32-5
definition 32-1
measuring network performance 32-3
monitoring 32-6
operation 32-3
described 32-4
enabling 32-6
response time 32-4
SNMP support 32-2
supported metrics 32-2
and 802.1x 20-17
and DHCP snooping 20-14
and EtherChannels 20-17
and port security 20-17
and private VLANs 20-17
and routed ports 20-16
and TCAM entries 20-17
and trunk interfaces 20-16
and VRF 20-17
automatic 20-14
manual 20-14
binding table 20-14
configuration guidelines 20-16
default configuration 20-16
described 20-14
disabling 20-18
active IP or MAC bindings 20-22
bindings 20-22
configuration 20-22
enabling 20-17, 20-18
source IP address 20-15
source IP and MAC address 20-15
on provisioned switches 20-17
source IP address filtering 20-15
source IP and MAC address filtering 20-15
adding 20-17, 20-18
deleting 20-18
static hosts 20-18
executing 38-18
overview 38-17
assigning IP addresses to Layer 3 interfaces 34-4
configuring static routes 34-5
disabling 34-4
enabling 34-4
inter-VLAN 34-1
classes 34-4
configuring 34-4
steps to configure 34-3
subnet mask 34-4
with SVIs 34-3
applying to interfaces 31-18
extended, creating 31-9
named 31-13
standard, creating 31-8
dual protocol stacks 35-4
addresses 35-2
address formats 35-2
and switch stacks 35-6
applications 35-4
assigning address 35-7
autoconfiguration 35-4
configuring static routes 35-10
default configuration 35-6
defined 35-1
forwarding 35-7
ICMP 35-3
monitoring 35-11
neighbor discovery 35-3
SDM templates 36-1
stack master functions 35-6
Stateless Autoconfiguration 35-4
supported features 35-2
join messages, IGMP 22-3
Layer 2 frames, classification with CoS 33-2
Layer 2 interfaces, default configuration 12-23
and ARP 38-16
and CDP 38-16
broadcast traffic 38-15
described 38-15
IP addresses and subnets 38-16
MAC addresses and VLANs 38-16
multicast traffic 38-16
multiple devices on a port 38-16
unicast traffic 38-15
usage guidelines 38-16
Layer 3 features 1-15
assigning IP addresses to 34-4
assigning IPv6 addresses to 35-7
changing from Layer 2 mode 34-4
Layer 3 packets, classification methods 33-2
LDAP 4-2
Leaking IGMP Reports 19-4
See hardware installation guide
lightweight directory access protocol
line configuration mode 2-2
Link Aggregation Control Protocol
link failure, detecting unidirectional 17-8
link local unicast addresses 35-3
links, unidirectional 24-1
configuring 37-23
described 37-20
configuring 26-5
characteristics 26-6
default configuration 26-5
enabling 26-6
monitoring and maintaining 26-11
overview 26-1
supported TLVs 26-2
switch stack considerations 26-2
transmission timer and holdtime, setting 26-6
procedures 26-5
TLVs 26-7
monitoring and maintaining 26-11
overview 26-1, 26-2
supported TLVs 26-2
local SPAN 27-2
location TLV 26-3, 26-7
with RADIUS 9-30
with TACACS+ 9-14
login banners 5-18
Long-Reach Ethernet (LRE) technology 1-20
described 18-11
enabling 18-19
support for 1-9
LRE profiles, considerations in switch clusters 6-16
default setting 10-38
range 10-40
MAC/PHY configuration status TLV 26-2
aging time 5-22
and VLAN association 5-21
building the address table 5-21
default configuration 5-22
disabling learning on a VLAN 5-30
discovering 5-31
displaying 5-30
displaying in the IP source binding table 20-22
learning 5-21
removing 5-23
in ACLs 31-22
adding 5-27
allowing 5-29, 5-30
characteristics of 5-27
dropping 5-29
removing 5-28
MAC address learning 1-6
MAC address learning, disabling on a VLAN 5-30
MAC address notification, support for 1-15
configuration guidelines 19-8
configuring 19-12
default configuration 19-8
description 19-6
monitoring 19-14
MAC address-to-VLAN mapping 13-23
MAC authentication bypass 10-40
configuring 10-63
overview 10-18
applying to Layer 2 interfaces 31-24
configuring for QoS 33-50
creating 31-22
defined 31-22
for QoS classification 33-5
magic packet 10-30
manageability features 1-6
browser session 1-7
CLI session 1-7
device manager 1-7
SNMP 1-7
out-of-band console port connection 1-7
management address TLV 26-2
CLI 2-1
clustering 1-3
CNS 4-1
Network Assistant 1-2
overview 1-5
considerations in switch clusters 6-8
discovery through different management VLANs 6-8
CoS-to-DSCP 33-61
DSCP 33-61
DSCP-to-CoS 33-64
DSCP-to-DSCP-mutation 33-65
IP-precedence-to-DSCP 33-62
policed-DSCP 33-63
described 33-11
action with aggregate policers 33-58
described 33-4, 33-9
matching, IPv4 ACLs 31-7
MSTP 17-26
STP 16-23
maximum hop count, MSTP 17-26
maximum number of allowed devices, port-based authentication 10-40
configuration guidelines 10-13 to 10-14
described 1-11, 10-13
exceptions with authentication process 10-6
membership mode, VLAN port 13-3
automatic discovery 6-5
defined 6-2
managing 6-16
passwords 6-13
recovering from lost connectivity 38-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
memory consistency check errors
displaying 38-27
example 38-27
memory consistency check routines 1-5, 38-26
memory consistency integrity 1-5, 38-26
messages, to users through banners 5-18
accessing files with FTP B-4
location of files B-4
overview 30-1
SNMP interaction with 30-4
supported B-1
mirroring traffic for analysis 27-1
mismatches, autonegotiation 38-12
module number 12-16
access groups 31-25
cables for unidirectional links 24-1
CDP 25-5
features 1-15
Flex Links 19-14
filters 22-28
snooping 22-16, 36-12
interfaces 12-37
IP SLAs operations 32-6
IPv4 ACL configuration 31-25
IPv6 35-11
MAC address-table move update 19-14
multicast router interfaces 22-16, 36-12
MVR 22-23
network traffic for analysis with probe 27-2
blocking 23-18
protection 23-18
SFP status 12-38, 38-14
speed and duplex mode 12-28
traffic flowing among switches 28-1
traffic suppression 23-18
VLANs 13-13
VMPS 13-27
VTP 14-18
mrouter Port 19-3
mrouter port 19-5
configuration guidelines 17-17
described 17-6
described 18-3
enabling 18-15
described 18-2
enabling 18-14
CIST, described 17-3
CIST root 17-5
configuration guidelines 17-16, 18-12
forward-delay time 17-25
hello time 17-25
link type for rapid convergence 17-27
maximum aging time 17-26
maximum hop count 17-26
MST region 17-17
neighbor type 17-27
path cost 17-23
port priority 17-21
root switch 17-19
secondary root switch 17-20
switch priority 17-24
defined 17-3
operations between regions 17-4
default configuration 17-16
default optional feature configuration 18-12
displaying status 17-28
enabling the mode 17-17
described 18-10
enabling 18-18
effects on root switch 17-19
effects on secondary root switch 17-20
unexpected behavior 17-19
implementation 17-7
port role naming change 17-7
terminology 17-5
instances supported 16-10
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-11
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-28
defined 17-3
master 17-3
operations within a region 17-3
described 18-11
enabling 18-19
mapping VLANs to MST instance 17-18
CIST 17-3
configuring 17-17
described 17-2
hop-count mechanism 17-6
IST 17-3
supported spanning-tree instances 17-2
optional features supported 1-8
overview 17-2
described 18-2
enabling 18-13
preventing root switch selection 18-10
described 18-10
enabling 18-18
configuring 17-19
effects of extended system ID 17-19
unexpected behavior 17-19
shutdown Port Fast-enabled port 18-2
stack changes, effects of 17-9
status, displaying 17-28
support for inaccessible authentication bypass 10-26
See multiple-authentication mode
Immediate Leave 22-5
joining 22-3
leaving 22-5
static joins 22-10, 36-8
multicast router interfaces, monitoring 22-16, 36-12
multicast router ports, adding 22-9, 36-8
multicast storm 23-1
multicast storm-control command 23-4
multicast television application 22-18
multicast VLAN 22-17
multiple authentication 10-15
configuring 10-48
and address aliasing 22-20
and IGMPv3 22-20
configuration guidelines 22-20
configuring interfaces 22-21
default configuration 22-19
described 22-17
example application 22-18
modes 22-21
monitoring 22-23
multicast television application 22-18
setting global parameters 22-20
support for 1-4
critical authentication 10-26, 10-60
IEEE 802.1x authentication using a RADIUS server 10-65
IEEE 802.1x validation using RADIUS server 10-65
inaccessible authentication bypass 10-60
Layer 2 IEEE 802.1x validation 1-12, 10-32, 10-65
named IPv4 ACLs 31-13
configuring 13-18
default 13-18
configuring 10-66
overview 10-34
neighbor discovery, IPv6 35-3
benefits 1-2
described 1-5
downloading image files 1-2
guide mode 1-2
management options 1-2
managing switch stacks 7-2, 7-14
upgrading a switch A-23
wizards 1-2
network configuration examples
increasing network performance 1-19
long-distance, high-bandwidth transport 1-23
providing network services 1-19
server aggregation and Linux server cluster 1-21
small to medium-sized network 1-22
performance 1-19
services 1-19
CDP 25-1
RMON 28-1
SNMP 30-1
network performance, measuring with IP SLAs 32-3
network policy TLV 26-2, 26-7
no commands 2-4
described 33-10
non-IP traffic filtering 31-22
nontrunking mode 13-14
normal-range VLANs 13-4
configuration guidelines 13-6
configuring 13-4
defined 13-1
NSM 4-3
authenticating 5-5
defined 5-3
enabling broadcast messages 5-7
peer 5-6
server 5-6
default configuration 5-5
displaying the configuration 5-12
overview 5-3
creating an access group 5-9
disabling NTP services per interface 5-11
source IP address, configuring 5-11
stratum 5-3
support for 1-6
synchronizing devices 5-6
services 5-3
synchronizing 5-3
configuring 38-25
described 38-24
displaying 38-26
offline configuration for switch stacks 7-7
off mode, VTP 14-4
overview 39-1
running tests 39-3
understanding 39-1
configuring 10-71
overview 10-33
optimizing system resources 8-1
options, management 1-5
out-of-profile markdown 1-14
packet modification, with QoS 33-20
default configuration 9-2
disabling recovery of 9-5
encrypting 9-3
for security 1-10
in clusters 6-13
overview 9-1
recovery of 38-3
enable 9-3
enable secret 9-3
Telnet 9-6
with usernames 9-7
VTP domain 14-10
MSTP 17-23
STP 16-20
PC (passive command switch) 6-10
performance, network design 1-19
performance features 1-4
persistent self-signed certificate 9-47
per-user ACLs and Filter-Ids 10-9
physical ports 12-2
PIM-DVMRP, as snooping method 22-8
character output description 38-15
executing 38-14
overview 38-14
auto mode 12-7
CDP with power consumption, described 12-5
CDP with power negotiation, described 12-5
Cisco intelligent power management 12-5
configuring 12-30
determining 12-8
support for 12-8
devices supported 12-5
high-power devices operating in low-power mode 12-6
IEEE power classification levels 12-6
monitoring 12-8
monitoring power 12-33
policing power consumption 12-33
policing power usage 12-8
power budgeting 12-31
power consumption 12-9, 12-31
powered-device detection and initial power allocation 12-6
power management modes 12-7
power monitoring 12-8
power negotiation extensions to CDP 12-5
power sensing 12-8
standards supported 12-5
static mode 12-7
total available power 12-10
troubleshooting 38-13
policed-DSCP map for QoS 33-63
for each matched traffic class 33-53
for more than one traffic class 33-58
described 33-4
displaying 33-79
number of 33-39
types of 33-10
described 33-4
token-bucket algorithm 33-10
characteristics of 33-53
described 33-8
displaying 33-80
nonhierarchical on physical ports
described 33-10
defined 31-2
types of 31-3
accounting 10-17
defined 10-3, 11-2
RADIUS server 10-3
client, defined 10-3, 11-2
configuration guidelines 10-38, 11-9
802.1x authentication 10-45
guest VLAN 10-57
host mode 10-48
inaccessible authentication bypass 10-60
manual re-authentication of a client 10-50
periodic re-authentication 10-49
quiet period 10-51
RADIUS server 10-47, 11-13
RADIUS server parameters on the switch 10-46, 11-11
restricted VLAN 10-58
switch-to-client frame-retransmission number 10-53, 10-54
switch-to-client retransmission time 10-51
violation modes 10-44
default configuration 10-37, 11-9
described 10-1
device roles 10-3, 11-2
displaying statistics 10-73, 11-17
downloadable ACLs and redirect URLs
configuring 10-67 to 10-69, ?? to 10-70
overview 10-21 to 10-23
EAPOL-start frame 10-6
EAP-request/identity frame 10-6
EAP-response/identity frame 10-6
802.1X authentication 11-11
encapsulation 10-3
flexible authentication ordering
configuring 10-70
overview 10-33
configuration guidelines 10-24, 10-25
described 10-24
host mode 10-13
inaccessible authentication bypass
configuring 10-60
described 10-26
guidelines 10-39
initiation and message exchange 10-6
magic packet 10-30
maximum number of allowed devices per port 10-40
method lists 10-45
multiple authentication 10-15
configuration tasks 10-21
described 10-20
RADIUS server attributes 10-20
authorization state and dot1x port-control command 10-11
authorized and unauthorized 10-11
voice VLAN 10-28
and voice VLAN 10-29
described 10-29
interactions 10-29
multiple-hosts mode 10-13
configuring 10-40
described 10-18, 10-40
resetting to default values 10-72
stack changes, effects of 10-12
statistics, displaying 10-73
as proxy 10-3, 11-2
RADIUS client 10-3
configuring 10-66
overview 10-34
guidelines 10-32
overview 10-31
AAA authorization 10-45
characteristics 10-19
configuration tasks 10-20
described 10-19
configuring 10-42
described 10-33, 10-42
described 10-28
PVID 10-28
VVID 10-28
wake-on-LAN, described 10-30
with ACLs and RADIUS Filter-Id attribute 10-35
port-based authentication methods, supported 10-8
port blocking 1-4, 23-7
port description TLV 26-2
described 18-2
enabling 18-13
mode, spanning tree 13-24
support for 1-8
port membership modes, VLAN 13-3
MSTP 17-21
STP 16-18
access 12-3
blocking 23-7
dual-purpose uplink 12-4
dynamic access 13-4
protected 23-6
secure 23-9
static-access 13-3, 13-9
switch 12-2
trunks 13-3, 13-13
VLAN assignments 13-9
aging 23-16
and QoS trusted boundary 33-43
and stacking 23-18
configuring 23-13
default configuration 23-11
described 23-8
displaying 23-18
on trunk ports 23-14
sticky learning 23-9
violations 23-10
with other features 23-11
port-shutdown response, VMPS 13-23
port VLAN ID TLV 26-2
power management TLV 26-3, 26-7
preemption, default configuration 19-8
preemption delay, default configuration 19-8
preferential treatment of traffic
preventing unauthorized access 9-1
primary links 19-2
overriding CoS 15-6
trusting CoS 15-6
privileged EXEC mode 2-2
changing the default for lines 9-9
command switch 6-17
exiting 9-10
logging into 9-10
mapping on member switches 6-17
overview 9-2, 9-8
setting a command with 9-8
protected ports 1-10, 23-6
provisioned switches and IP source guard 20-17
provisioning new members for a switch stack 7-7
proxy reports 19-4
in VTP domain 14-16
on a port 13-18
in VTP domain 14-16
on a port 13-18
examples 14-7
overview 14-6
changing 13-18
for VTP pruning 14-6
VLANs 14-16
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
and MQC commands 33-1
categorizing traffic 33-22
configuration and defaults display 33-35
configuration guidelines 33-32
described 33-21
disabling 33-34
displaying generated commands 33-34
displaying the initial configuration 33-35
effects on running configuration 33-32
list of generated commands 33-25
basic model 33-4
class maps, described 33-8
defined 33-4
DSCP transparency, described 33-44
flowchart 33-7
forwarding treatment 33-3
in frames and packets 33-3
IP ACLs, described 33-6, 33-8
MAC ACLs, described 33-5, 33-8
options for IP traffic 33-6
options for non-IP traffic 33-5
policy maps, described 33-8
trust DSCP, described 33-5
trusted CoS, described 33-5
trust IP precedence, described 33-5
configuring 33-51
displaying 33-79
auto-QoS 33-32
standard QoS 33-38
aggregate policers 33-58
auto-QoS 33-21
default port CoS value 33-42
DSCP maps 33-61
DSCP transparency 33-44
DSCP trust states bordering another domain 33-45
egress queue characteristics 33-72
ingress queue characteristics 33-67
IP extended ACLs 33-49
IP standard ACLs 33-48
MAC ACLs 33-50
port trust states within the domain 33-40
trusted boundary 33-43
default auto configuration 33-22
default standard configuration 33-36
displaying statistics 33-79
DSCP transparency 33-44
allocating buffer space 33-72
buffer allocation scheme, described 33-18
configuring shaped weights for SRR 33-76
configuring shared weights for SRR 33-77
described 33-4
displaying the threshold map 33-75
flowchart 33-18
mapping DSCP or CoS values 33-74
scheduling, described 33-4
setting WTD thresholds 33-72
WTD, described 33-19
enabling globally 33-40
classification 33-7
egress queueing and scheduling 33-18
ingress queueing and scheduling 33-15
policing and marking 33-11
implicit deny 33-8
allocating bandwidth 33-70
allocating buffer space 33-69
buffer and bandwidth allocation, described 33-16
configuring shared weights for SRR 33-70
configuring the priority queue 33-71
described 33-4
displaying the threshold map 33-68
flowchart 33-15
mapping DSCP or CoS values 33-67
priority queue, described 33-17
scheduling, described 33-4
setting WTD thresholds 33-67
WTD, described 33-16
automatic classification and queueing 33-21
detection and trusted settings 33-21, 33-43
limiting bandwidth on egress interface 33-78
CoS-to-DSCP 33-61
displaying 33-80
DSCP-to-CoS 33-64
DSCP-to-DSCP-mutation 33-65
IP-precedence-to-DSCP 33-62
policed-DSCP 33-63
types of 33-11
marked-down actions 33-56
marking, described 33-4, 33-9
overview 33-2
packet modification 33-20
configuring 33-56, 33-59
described 33-9
displaying 33-79
number of 33-39
types of 33-10
policies, attaching to an interface 33-9
described 33-4, 33-9
token bucket algorithm 33-10
characteristics of 33-53
displaying 33-80
nonhierarchical on physical ports 33-53
QoS label, defined 33-4
configuring egress characteristics 33-72
configuring ingress characteristics 33-67
high priority (expedite) 33-20, 33-78
location of 33-12
SRR, described 33-14
WTD, described 33-13
rewrites 33-20
support for 1-13
bordering another domain 33-45
described 33-5
trusted device 33-43
within the domain 33-40
queries, IGMP 22-4
query solicitation, IGMP 22-13
vendor-proprietary 9-38
vendor-specific 9-36
accounting 9-35
authentication 9-30
authorization 9-34
communication, global 9-28, 9-36
communication, per-server 9-27, 9-28
multiple UDP ports 9-28
default configuration 9-27
defining AAA server groups 9-32
displaying the configuration 9-40
identifying the server 9-27
in clusters 6-16
limiting the services to the user 9-34
method list, defined 9-27
operation of 9-20
overview 9-18
server load balancing 9-40
suggested network environments 9-19
support for 1-12
tracking services accessed by user 9-35
RADIUS Change of Authorization 9-20
macro 12-19
of interfaces 12-17
rapid convergence 17-11
rapid per-VLAN spanning-tree plus
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
rcommand command 6-16
downloading A-17
overview A-15
preparing the server A-16
uploading A-18
deleting old image A-36
downloading A-34
preparing the server A-33
uploading A-36
configuring 10-40
described 10-18, 10-40
reconfirmation interval, VMPS, changing 13-26
reconfirming dynamic VLAN membership 13-26
recovery procedures 38-1
redirect URL 10-21, 10-22, 10-67
EtherChannel 37-3
backbone 16-8
multidrop backbone 18-5
path cost 13-21
port priority 13-19
redundant links and UplinkFast 18-16
reloading software 3-22
Remote Authentication Dial-In User Service
remote SPAN 27-3
described 22-6
disabling 22-15, 36-11
resequencing ACL entries 31-13
reserved addresses in DHCP pools 20-23
resetting a UDLD-shutdown interface 24-6
described 32-4
enabling 32-6
response time, measuring with IP SLAs 32-4
configuring 10-58
described 10-25
using with IEEE 802.1x 10-25
NTP services 5-9
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-18
TACACS+ 9-10
retry count, VMPS, changing 13-27
1112, IP multicast and IGMP 22-2
1157, SNMPv1 30-2
1166, IP addresses 34-4
1305, NTP 5-3
1757, RMON 28-2
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 22-2
2273-2275, SNMPv3 30-2
RFC 5176 Compliance 9-21
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
collecting group Ethernet 28-5
collecting group history 28-5
support for 1-15
described 18-10
enabling 18-18
support for 1-8
MSTP 17-19
STP 16-16
defined 31-2
types of 31-4
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-11
defined 27-3
destination ports 27-8
displaying status 27-24
in a switch stack 27-3
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
received traffic 27-5
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-23
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
active topology 17-10
format 17-13
processing 17-14
designated port, defined 17-10
designated switch, defined 17-10
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-28
topology changes 17-14
overview 17-10
described 17-10
synchronized 17-12
proposal-agreement handshake process 17-11
cross-stack rapid convergence 17-11
described 17-11
edge ports and Port Fast 17-11
point-to-point links 17-11, 17-27
root ports 17-11
root port, defined 17-10
replacing A-19, A-20
rolling back A-19, A-20
running configuration, saving 3-15
SC (standby command switch) 6-10
scheduled reloads 3-22
and SSH 9-52
configuring 9-53
configuring 8-4
number of 8-1
configuration guidelines 8-3
configuring 8-3
types of 8-1
configuring 9-51
displaying 9-52
configuring 9-50
displaying 9-52
and switch stacks 23-18
deleting 23-15
maximum number of 23-10
types of 23-9
and switch stacks 23-18
secure ports, configuring 23-9
secure remote connections 9-42
security, port 23-8
security features 1-10
sequence numbers in log messages 29-8
server mode, VTP 14-3
service-provider network, MSTP and RSTP 17-1
set-request operation 30-4
failed command switch replacement 38-11
replacing failed command switch 38-9
severity levels, defining in system messages 29-9
monitoring status of 12-38, 38-14
security and identification 38-13
status, displaying 38-14
show access-lists hw-summary command 31-19
show and more command output, filtering 2-9
show cdp traffic command 25-6
show cluster members command 6-16
show configuration command 12-34
show forward command 38-22
show interfaces command 12-28, 12-34
show interfaces switchport 19-4
show lldp traffic command 26-11
show platform forward command 38-22
show platform tcam command 38-26, 38-27
displaying ACLs 31-17, 31-18
interface description in 12-34
shutdown command on interfaces 12-39
Simple Network Management Protocol
small form-factor pluggable modules
small-frame arrival rate, configuring 23-5
SNAP 25-1
accessing MIB variables with 30-4
described 30-4
disabling 30-7
and IP SLAs 32-2
authentication level 30-10
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-17
default configuration 30-6
engine ID 30-7
groups 30-7, 30-9
host 30-7
ifIndex values 30-5
in-band management 1-7
in clusters 6-14
and trap keyword 30-12
described 30-5
differences from traps 30-5
disabling 30-15
enabling 30-15
limiting access by TFTP servers 30-16
limiting system log messages to NMS 29-10
manager functions 1-5, 30-3
managing clusters with 6-17
location of B-4
supported B-1
notifications 30-5
overview 30-1, 30-4
security levels 30-3
setting CPU threshold notification 30-15
status, displaying 30-18
system contact and location 30-16
trap manager, configuring 30-13
described 30-3, 30-5
differences from informs 30-5
disabling 30-15
enabling 30-12
enabling MAC address notification 5-23, 5-25, 5-26
overview 30-1, 30-4
types of 30-12
users 30-7, 30-9
versions supported 30-2
SNMP and Syslog Over IPv6 35-5
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 22-2
location in flash A-24
recovery procedures 38-2
scheduling reloads 3-23
tar file format, described A-24
See also downloading and uploading
in IPv4 ACLs 31-10
source-and-destination-IP address based forwarding, EtherChannel 37-9
source-and-destination MAC address forwarding, EtherChannel 37-9
source-IP address based forwarding, EtherChannel 37-9
source-MAC address forwarding, EtherChannel 37-8
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-11
destination ports 27-8
displaying status 27-24
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
ports, restrictions 23-12
received traffic 27-5
configuring ingress forwarding 27-15, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-13
specifying monitored ports 27-12
with ingress traffic enabled 27-14
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 13-14
SPAN traffic 27-5
shaped weights on egress queues 33-76
shared weights on egress queues 33-77
shared weights on ingress queues 33-70
described 33-14
shaped mode 33-14
shared mode 33-14
support for 1-14
configuring 9-43
cryptographic software image 9-41
described 1-7, 9-42
encryption methods 9-42
switch stack considerations 7-14
user authentication methods, supported 9-42
configuration guidelines 9-49
configuring a secure HTTP client 9-51
configuring a secure HTTP server 9-50
cryptographic software image 9-46
described 9-46
monitoring 9-52
MAC address of 7-6, 7-17
802.1x port-based authentication 10-12
ACL configuration 31-6
CDP 25-2
cross-stack EtherChannel 37-13
EtherChannel 37-10
IGMP snooping 22-6
IP routing 34-3
MAC address tables 5-22
MSTP 17-9
MVR 22-17
port security 23-18
SDM template selection 8-2
SNMP 30-1
SPAN and RSPAN 27-10
STP 16-12
switch clusters 6-14
system message log 29-2
VLANs 13-6
VTP 14-8
bridge ID (MAC address) 7-6
defined 7-1
election 7-5
IPv6 35-6
accessing CLI of specific member 7-21
member number 7-19
priority value 7-20
defined 7-1
displaying information of 7-22
number 7-6
priority value 7-7
provisioning a new member 7-20
replacing 7-13
stack member number 12-16
stack protocol version 7-9
accessing CLI of specific member 7-21
member number 7-19
priority value 7-20
provisioning a new member 7-20
auto-advise 7-11
auto-copy 7-10
auto-extract 7-10
auto-upgrade 7-10
bridge ID 7-6
CDP considerations 25-2
compatibility, software 7-9
configuration file 7-13
configuration scenarios 7-15
copying an image file from one member to another A-37
default configuration 7-17
description of 7-1
displaying information of 7-22
enabling persistent MAC address timer 7-17
in clusters 6-14
incompatible software and image upgrades 7-13, A-37
IPv6 on 35-6
MAC address considerations 5-22
management connectivity 7-14
managing 7-1
membership 7-3
merged 7-3
MSTP instances supported 16-10
described 7-7
effects of adding a provisioned switch 7-7
effects of removing a provisioned switch 7-9
effects of replacing a provisioned switch 7-9
provisioned configuration, defined 7-7
provisioned switch, defined 7-7
provisioning a new member 7-20
partitioned 7-3, 38-8
adding 7-7
removing 7-9
replacing 7-9
replacing a failed member 7-13
software compatibility 7-9
software image version 7-9
stack protocol version 7-9
bridge ID 16-3
instances supported 16-10
root port selection 16-3
stack root switch election 16-3
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 5-15
system-wide configuration considerations 7-13
upgrading A-37
automatic upgrades with auto-upgrade 7-10
examples 7-11
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-10
described 7-10
See also stack master and stack member
considerations 6-11
defined 6-2
priority 6-10
requirements 6-3
virtual IP address 6-11
See also cluster standby group and HSRP
See cluster standby group and HSRP
standby links 19-2
manually 3-19
specific image 3-20
clearing A-19
automatically downloading 3-18
specifying the filename 3-18
default boot configuration 3-18
assigning to VLAN 13-9
defined 12-3, 13-3
static MAC addressing 1-10
configuring 34-5
configuring for IPv6 35-10
static VLAN membership 13-2
802.1X 11-17
802.1x 10-73
CDP 25-5
interface 12-38
LLDP 26-11
LLDP-MED 26-11
NMSP 26-11
QoS ingress and egress 33-79
RMON group Ethernet 28-5
RMON group history 28-5
SNMP input and output 30-18
VTP 14-18
sticky learning 23-9
configuring 23-3
described 23-1
disabling 23-5
displaying 23-18
support for 1-4
thresholds 23-2
accelerating root port selection 18-4
described 18-7
disabling 18-17
enabling 18-17
described 18-3
disabling 18-15
enabling 18-15
described 18-2
disabling 18-14
enabling 18-14
BPDU message exchange 16-3
configuration guidelines 16-13, 18-12
forward-delay time 16-23
hello time 16-22
maximum aging time 16-23
path cost 16-20
port priority 16-18
root switch 16-16
secondary root switch 16-18
spanning-tree mode 16-15
switch priority 16-21
transmit hold-count 16-24
counters, clearing 16-24
described 18-5
enabling 18-17
default configuration 16-13
default optional feature configuration 18-12
designated port, defined 16-4
designated switch, defined 16-4
detecting indirect link failures 18-8
disabling 16-16
displaying status 16-24
described 18-10
disabling 18-18
enabling 18-18
effects on root switch 16-16
effects on the secondary root switch 16-18
overview 16-4
unexpected behavior 16-16
features supported 1-8
IEEE 802.1D and bridge ID 16-4
IEEE 802.1D and multicast addresses 16-9
IEEE 802.1t and VLAN identifier 16-5
inferior BPDU 16-3
instances supported 16-10
interface state, blocking to forwarding 18-2
blocking 16-6
disabled 16-7
forwarding 16-6, 16-7
learning 16-7
listening 16-7
overview 16-5
interoperability and compatibility among modes 16-11
limitations with IEEE 802.1Q trunks 16-11
overview 13-19
using path costs 13-21
using port priorities 13-19
described 18-11
enabling 18-19
modes supported 16-10
multicast addresses, effect of 16-9
optional features supported 1-8
overview 16-2
path costs 13-21, 13-22
described 18-2
enabling 18-13
port priorities 13-20
preventing root switch selection 18-10
protocols supported 16-10
redundant connectivity 16-8
described 18-10
enabling 18-18
root port, defined 16-3
root port selection on a switch stack 16-3
configuring 16-16
effects of extended system ID 16-4, 16-16
election 16-3
unexpected behavior 16-16
shutdown Port Fast-enabled port 18-2
stack changes, effects of 16-12
status, displaying 16-24
superior BPDU 16-3
timers, described 16-22
described 18-3
enabling 18-16
stratum, NTP 5-3
subnet mask 34-4
success response, VMPS 13-23
summer time 5-14
SunNet Manager 1-5
supported port-based authentication methods 10-8
and IP unicast routing 34-3
and router ACLs 31-4
connecting VLANs 12-10
defined 12-4
switch 35-2
switch clustering technology 6-1
switch console port 1-7
switched ports 12-2
switchport backup interface 19-4, 19-5
switchport block multicast command 23-8
switchport block unicast command 23-8
switchport protected command 23-7
MSTP 17-24
STP 16-21
switch software features 1-1
system capabilities TLV 26-2
daylight saving time 5-14
manually 5-12
summer time 5-14
time zones 5-13
displaying the time and date 5-13
overview 5-2
system description TLV 26-2
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-14
enabling 29-5
facility keywords, described 29-14
level keywords, described 29-10
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-15
time stamps, enabling and disabling 29-8
configuring the daemon 29-13
configuring the logging facility 29-13
facilities supported 29-14
default configuration 5-16
default setting 5-16
manual configuration 5-16
system name TLV 26-2
system prompt, default setting 5-15, 5-16
system resources, optimizing 8-1
accounting, defined 9-11
authentication, defined 9-11
authorization, defined 9-11
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-18
identifying the server 9-13
in clusters 6-16
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-12
tracking services accessed by user 9-17
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-24
memory consistency check errors
displaying 38-27
example 38-27
memory consistency check routines 1-5, 38-26
memory consistency integrity 1-5, 38-26
portions 38-27
HFTM 38-26
HQATM 38-26
unassigned 38-26
TDR 1-16
accessing management interfaces 2-10
number of connections 1-7
setting a password 9-6
temporary self-signed certificate 9-47
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 9-6
ternary content addressable memory
downloading A-11
preparing the server A-11
uploading A-12
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
deleting A-27
downloading A-26
preparing the server A-25
uploading A-28
limiting access by servers 30-16
TFTP server 1-6
threshold, traffic level 23-2
time-range command 31-15
time ranges in ACLs 31-15
time stamps in log messages 29-8
time zones 5-13
defined 26-2
LLDP 26-2
LLDP-MED 26-2
support for 13-5
VTP support 14-5
ToS 1-13
and ARP 38-16
and CDP 38-16
broadcast traffic 38-15
described 38-15
IP addresses and subnets 38-16
MAC addresses and VLANs 38-16
multicast traffic 38-16
multiple devices on a port 38-16
unicast traffic 38-15
usage guidelines 38-16
traceroute command 38-18
blocking flooded 23-8
fragmented 31-4
unfragmented 31-4
traffic policing 1-14
traffic suppression 23-2
transparent mode, VTP 14-4
trap-door mechanism 3-2
configuring MAC address notification 5-23, 5-25, 5-26
configuring managers 30-12
defined 30-3
enabling 5-23, 5-25, 5-26, 30-12
notification types 30-12
overview 30-1, 30-4
connectivity problems 38-14, 38-15, 38-17
CPU utilization 38-28
detecting unidirectional links 24-1
displaying crash information 38-23
setting packet forwarding 38-22
SFP security and identification 38-13
show forward command 38-22
with CiscoWorks 30-4
with debug commands 38-20
with ping 38-14
with system message logging 29-1
with traceroute 38-17
trunking encapsulation 1-9
configuring 13-16
defined 12-3, 13-3
allowed-VLAN list 13-17
setting STP path costs 13-21
using STP port priorities 13-19, 13-20
native VLAN for untagged traffic 13-18
parallel 13-21
pruning-eligible list 13-18
to non-DTP device 13-13
trusted boundary for QoS 33-43
between QoS domains 33-45
classification options 33-5
ensuring port security for IP phones 33-43
support for 1-13
within a QoS domain 33-40
trustpoints, CA 9-46
twisted-pair Ethernet, detecting unidirectional links 24-1
configuration guidelines 24-4
default configuration 24-4
globally 24-5
on fiber-optic interfaces 24-5
per interface 24-6
echoing detection mechanism 24-3
globally 24-5
per interface 24-6
link-detection mechanism 24-1
neighbor database 24-2
overview 24-1
resetting an interface 24-6
status, displaying 24-7
support for 1-8
unauthorized ports with IEEE 802.1x 10-11
unicast MAC address filtering 1-6
and adding static addresses 5-28
and broadcast MAC addresses 5-28
and CPU packets 5-28
and multicast addresses 5-28
and router MAC addresses 5-28
configuration guidelines 5-28
described 5-28
unicast storm 23-1
unicast storm control command 23-4
unicast traffic, blocking 23-8
UniDirectional Link Detection protocol
daemon configuration 29-13
facilities supported 29-14
message logging configuration 29-13
unrecognized Type-Length-Value (TLV) support 14-5
upgrading a Catalyst 2950 switch
configuration compatibility issues D-1
differences in configuration commands D-1
feature behavior incompatibilities D-5
incompatible command messages D-1
recommendations D-1
described 18-3
disabling 18-16
enabling 18-16
support for 1-8
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
preparing A-25, A-29, A-33
reasons for A-23
using FTP A-32
using RCP A-36
using TFTP A-28
USB mini-Type B console port 12-11
USB Type A port 1-8
user EXEC mode 2-2
username-based authentication 9-7
version-dependent transparent mode 14-5
automatic upgrades with auto-upgrade 7-10
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-10
described 7-10
cluster standby group 6-11
command switch 6-11
virtual switches and PAgP 37-6
vlan.dat file 13-4
VLAN 1, disabling on a trunk port 13-17
VLAN 1 minimization 13-17
vlan-assignment response, VMPS 13-23
at bootup 13-7
saving 13-7
VLAN configuration mode 2-2
and startup configuration file 13-7
and VTP 14-1
VLAN configuration saved in 13-7
VLANs saved in 13-4
VLAN filtering and SPAN 27-7
vlan global configuration command 13-6
VLAN ID, discovering 5-31
VLAN load balancing on flex links 19-3
configuration guidelines 19-8
VLAN management domain 14-2
confirming 13-26
modes 13-3
adding 13-8
adding to VLAN database 13-8
aging dynamic addresses 16-9
allowed on trunk 13-17
and spanning-tree instances 13-3, 13-6, 13-11
configuration guidelines, extended-range VLANs 13-11
configuration guidelines, normal-range VLANs 13-6
configuring 13-1
configuring IDs 1006 to 4094 13-11
connecting through SVIs 12-10
creating 13-8
default configuration 13-7
deleting 13-9
described 12-2, 13-1
displaying 13-13
extended-range 13-1, 13-10
features 1-9
illustrated 13-2
in the switch stack 13-6
limiting source traffic with RSPAN 27-23
limiting source traffic with SPAN 27-16
modifying 13-8
multicast 22-17
native, configuring 13-18
normal-range 13-1, 13-4
number supported 1-9
parameters 13-5
port membership modes 13-3
static-access ports 13-9
STP and IEEE 802.1Q trunks 16-11
supported 13-2
Token Ring 13-5
traffic between 13-2
VTP modes 14-3
VLAN trunks 13-13
administering 13-27
configuration example 13-28
configuration guidelines 13-24
default configuration 13-24
description 13-22
described 13-23
reconfirming 13-26
troubleshooting 13-28
entering server address 13-25
mapping MAC addresses to VLANs 13-23
monitoring 13-27
reconfirmation interval, changing 13-26
reconfirming membership 13-26
retry count, changing 13-27
configuring 10-42
described 10-33, 10-42
voice-over-IP 15-1
Cisco 7960 phone, port connections 15-1
configuration guidelines 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-6
trust CoS priority of incoming frame 15-6
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-5
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-7
IP phone data traffic, described 15-2
IP phone voice traffic, described 15-2
VQP 1-9, 13-22
adding a client to a domain 14-17
advertisements 13-15, 14-4
and extended-range VLANs 13-2, 14-2
and normal-range VLANs 13-2, 14-2
client mode, configuring 14-13
guidelines 14-9
requirements 14-11
saving 14-9
configuration requirements 14-11
guideline 14-17
resetting 14-17
consistency checks 14-5
default configuration 14-9
described 14-1
domain names 14-10
domains 14-2
client 14-3
off 14-4
server 14-3
transitions 14-3
transparent 14-4
monitoring 14-18
passwords 14-10
disabling 14-16
enabling 14-16
examples 14-7
overview 14-6
support for 1-9
pruning-eligible list, changing 13-18
server mode, configuring 14-11, 14-14
statistics 14-18
support for 1-9
Token Ring support 14-5
transparent mode, configuring 14-12
using 14-1
enabling 14-15
version, guidelines 14-10
Version 1 14-5
configuration guidelines 14-10
overview 14-5
overview 14-5
web authentication 10-18
configuring 11-16 to ??
described 1-10
customizeable web pages 11-6
description 11-1
web-based authentication, interactions with other features 11-7
configuring 26-9
displaying 26-11
location TLV 26-3
understanding 26-3
wizards 1-2
described 33-13
egress queue-sets 33-72
ingress queues 33-67
support for 1-14
Xmodem protocol 38-2
Feedback