- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Administering the Switch
- Configuring Web-Based Authentication
- Clustering Switches
- Managing Switch Stacks
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Interface Characteristics
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring UDLD
- Configuring CDP
- Configuring LLDP, LLDP-MED, and Wired Location Service
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging and Smart Logging
- Configuring SNMP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring Static IP Routing
- Configuring IPv6 Routing
- Configuring IPv6 MLD Snooping
- Configuring IPv6 ACLs
- Configuring EtherChannels and Link-State Tracking
- Troubleshooting
- Configuring Online Diagnostics
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(58)SE
- Recommendations for Upgrading a Catalyst 2950 Switch to a Catalyst 2960 Switch
Index
abbreviating commands 2-3
AC (command switch) 6-9
access-class command 31-18
access control entry (ACE) 37-3
access-denied response, VMPS 13-24
Layer 3 31-19
access groups, applying IPv4 ACLs to interfaces 31-19
clusters, switch 6-12
command switches 6-10
member switches 6-12
switch clusters 6-12
accessing stack members 7-22
in switch clusters 6-8
access ports, defined 12-3
with 802.1x 10-51
with IEEE 802.1x 10-16
with RADIUS 9-35
with TACACS+ 9-11, 9-17
and QoS 33-8
defined 31-2
Ethernet 31-2
IP 31-2
ACEs 31-2
any keyword 31-10
time ranges to 31-15
to an interface 31-18, 37-7
to IPv6 interfaces 37-7
to QoS 33-8
classifying traffic for QoS 33-50
comments in 31-17
compiling 31-21
defined 31-1, 31-7
examples of 31-21, 33-50
extended IP, configuring for QoS classification 33-51
creating 31-9
matching criteria 31-7
hardware and software handling 31-20
host keyword 31-11
creating 31-7
fragments and QoS guidelines 33-40
implicit deny 31-9, 31-13, 31-14
implicit masks 31-9
matching criteria 31-7
undefined 31-19
applying to interfaces 31-18
creating 31-7
matching criteria 31-7
named 31-13
numbers 31-7
terminal lines, setting on 31-18
unsupported features 31-6
applying to interfaces 37-7
configuring 37-3, 37-4
displaying 37-8
interactions with other features 37-4
limitations 37-2, 37-3
matching criteria 37-3
named 37-2
precedence of 37-2
supported 37-2
unsupported features 37-3
MAC extended 31-23, 33-52
matching 31-7, 31-19, 37-3
monitoring 31-26, 37-8
named, IPv4 31-13
named, IPv6 37-2
names 37-4
number per QoS class map 33-40
port 31-2, 37-1
precedence of 31-2
QoS 33-8, 33-50
resequencing entries 31-13
router 31-2, 37-1
standard IP, configuring for QoS classification 33-50
creating 31-8
matching criteria 31-7
support for 1-10
support in hardware 31-20
time ranges 31-15
types supported 31-2
unsupported features, IPv4 31-6
unsupported features, IPv6 37-3
active link 19-4, 19-5, 19-6
active links 19-2
active traffic monitoring, IP SLAs 32-1
address aliasing 21-2
displaying the MAC address table 5-24
accelerated aging 16-9
changing the aging time 5-15
default aging 16-9
defined 5-13
learning 5-14
removing 5-16
IPv6 35-2
MAC, discovering 5-24
multicast, STP address management 16-9
adding and removing 5-20
defined 5-13
address resolution 5-24
CDP 25-1
LLDP 26-2
aggregatable global unicast addresses 35-3
aggregate policers 33-60
aggregate policing 1-14
aging, accelerating 16-9
for MSTP 17-24
for STP 16-9, 16-23
MAC address table 5-15
for MSTP 17-25
for STP 16-23, 16-24
alarms, RMON 28-4
allowed-VLAN list 13-17
defined 1-6, 5-24
address resolution 5-24
managing 5-24
vendor-proprietary 9-38
vendor-specific 9-37
attribute-value pairs 10-13, 10-16, 10-21, 10-22
local mode with AAA 9-41
open1x 10-31
key 9-27
login 9-30
defined 9-11
key 9-13
login 9-14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 10-8
CLI commands 10-9
compatibility with older 802.1x CLI commands 10-9 to ??
overview 10-7
authoritative time source, described 5-3
with RADIUS 9-34
with TACACS+ 9-11, 9-16
authorized ports with IEEE 802.1x 10-10
autoconfiguration 3-3
auto enablement 10-32
automatic advise (auto-advise) in switch stacks 7-11
automatic copy (auto-copy) in switch stacks 7-11
beyond a noncandidate device 6-8
brand new switches 6-8
connectivity 6-5
different VLANs 6-7
management VLANs 6-7
non-CDP-capable devices 6-6
noncluster-capable devices 6-6
in switch clusters 6-5
automatic extraction (auto-extract) in switch stacks 7-11
automatic recovery, clusters 6-9
automatic upgrades (auto-upgrade) in switch stacks 7-11
configuring 12-30
described 12-30
duplex mode 1-4
interface configuration guidelines 12-27
mismatches 39-12
Auto-QoS video devices 1-14
autosensing, port speed 1-4
availability, features 1-8
described 18-7
disabling 18-17
enabling 18-17
support for 1-8
backup links 19-2
login 5-13
message-of-the-day login 5-12
default configuration 5-11
when displayed 5-11
Berkeley r-tools replacement 9-52
See DHCP snooping binding database
DHCP snooping database 20-6
IP source guard 20-13
See DHCP snooping binding database
blocking packets 23-7
boot loader, function of 3-1
boot process 3-1
manually 3-19
specific image 3-20
accessing 3-21
described 3-1
environment variables 3-21
prompt 3-21
trap-door mechanism 3-2
error-disabled state 18-2
filtering 18-3
RSTP format 17-12
described 18-3
disabling 18-15
enabling 18-14
support for 1-8
described 18-2
disabling 18-14
enabling 18-13
support for 1-8
broadcast storm-control command 23-4
broadcast storms 23-1
cables, monitoring for unidirectional links 24-1
automatic discovery 6-5
defined 6-4
requirements 6-4
See also command switch, cluster standby group, and member switch
authentication compatibility 10-8
configuring 9-49
defined 9-47
and trusted boundary 33-45
automatic discovery in switch clusters 6-5
configuring 25-2
default configuration 25-2
defined with LLDP 26-1
described 25-1
disabling for routing device 25-4
on an interface 25-4
on a switch 25-4
monitoring 25-5
overview 25-1
power negotiation extensions 12-5
support for 1-6
switch stack considerations 25-2
transmission timer and holdtime, setting 25-3
updates 25-3
as IGMP snooping learning method 21-9
joining multicast group 21-3
CipherSuites 9-48
Cisco 7960 IP Phone 15-1
Cisco intelligent power management 12-5
Cisco IOS IP SLAs 32-1
attribute-value pairs for downloadable ACLs 10-22
attribute-value pairs for redirect URL 10-21
Cisco Secure ACS configuration guide 10-61
CiscoWorks 2000 1-5, 30-5
CISP 10-32
civic location 26-3
configuring 33-53
described 33-8
displaying 33-81
clearing interfaces 12-41
abbreviating commands 2-3
command modes 2-1
configuration logging 2-4
described 1-5
enabling and disabling 2-6
keystroke editing 2-7
wrapped lines 2-8
error messages 2-4
filtering command output 2-9
getting help 2-3
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 6-15
no and default forms of commands 2-4
Client Information Signalling Protocol
client mode, VTP 14-3
accessing 6-12
automatic discovery 6-5
automatic recovery 6-9
benefits 1-1
compatibility 6-4
described 6-1
LRE profile considerations 6-15
through CLI 6-15
through SNMP 6-16
planning 6-4
automatic discovery 6-5
automatic recovery 6-9
CLI 6-15
host names 6-12
IP addresses 6-12
LRE profiles 6-15
passwords 6-13
RADIUS 6-15
SNMP 6-13, 6-16
switch stacks 6-13
TACACS+ 6-15
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
automatic recovery 6-11
considerations 6-10
defined 6-2
requirements 6-3
virtual IP address 6-10
CNS 1-6
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-7
management functions 1-6
CoA Request Commands 9-23
Coarse Wave Division Multiplexer
command modes 2-1
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 9-8
accessing 6-10
active (AC) 6-9
configuration conflicts 39-12
defined 6-2
passive (PC) 6-9
password privilege levels 6-16
priority 6-9
from command-switch failure 6-9, 39-8
from lost member connectivity 39-12
redundant 6-9
with another switch 39-11
with cluster member 39-9
requirements 6-3
standby (SC) 6-9
See also candidate switch, cluster standby group, member switch, and standby command switch
configuring 6-13, 30-8
for cluster switches 30-4
in clusters 6-13
overview 30-4
SNMP 6-13
compatibility, feature 23-12
config.text 3-18
configurable leave timer, IGMP 21-6
defaults 1-16
Express Setup 1-1
configuration changes, logging 29-11
configuration conflicts, recovering from lost member connectivity 39-12
configuration examples, network 1-18
archiving A-20
clearing the startup configuration A-19
creating using a text editor A-10
default name 3-18
deleting a stored configuration A-19
described A-8
automatically 3-18
preparing A-11, A-13, A-16
reasons for A-8
using FTP A-13
using RCP A-17
using TFTP A-11
guidelines for creating and using A-9
guidelines for replacing and rolling back A-21
invalid combinations when copying A-5
limiting TFTP server access 30-17
obtaining with DHCP 3-8
password recovery disable considerations 9-5
replacing a running configuration A-19, A-20
rolling back a running configuration A-19, A-21
specifying the filename 3-18
system contact and location information 30-17
types and location A-10
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
configuration logger 29-11
configuration logging 2-4
configuration replacement A-19
configuration rollback A-19, A-20
configuration settings, saving 3-15
configure terminal command 12-17
configuring 802.1x user distribution 10-57
configuring port-based authentication violation modes 10-41
configuring small-frame arrival rate 23-5
conflicts, configuration 39-12
connections, secure remote 9-42
connectivity problems 39-14, 39-15, 39-17
consistency checks in VTP Version 2 14-5
console port, connecting to 2-10
control protocol, IP SLAs 32-4
corrupted software, recovery steps with Xmodem 39-2
in Layer 2 frames 33-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 33-16
CoS output queue threshold map for QoS 33-19
CoS-to-DSCP map for QoS 33-63
counters, clearing interface 12-41
CPU utilization, troubleshooting 39-28
crashinfo file 39-23
critical authentication, IEEE 802.1x 10-54
critical VLAN 10-24
configuring 10-54
configuration guidelines 38-13
described 38-3
illustration 38-4
support for 1-8
described 18-5
disabling 18-16
enabling 18-16
fast-convergence events 18-7
Fast Uplink Transition Protocol 18-6
normal-convergence events 18-7
support for 1-8
SSH 9-42
SSL 9-46
switch stack considerations 7-15
customjzeable web pages, web-based authentication 11-6
CWDM SFPs 1-24
daylight saving time 5-7
enabling all system diagnostics 39-21
enabling for a specific feature 39-20
redirecting error message output 39-21
using commands 39-20
default commands 2-4
802.1x 10-35
auto-QoS 33-22
banners 5-11
CDP 25-2
DHCP 20-8
DHCP option 82 20-8
DHCP snooping 20-8
DHCP snooping binding database 20-8
DNS 5-10
dynamic ARP inspection 22-5
EtherChannel 38-11
Ethernet interfaces 12-24
Flex Links 19-8
IGMP filtering 21-25
IGMP snooping 21-7, 36-6
IGMP throttling 21-25
initial switch information 3-3
IP SLAs 32-5
IP source guard 20-15
IPv6 35-7
Layer 2 interfaces 12-24
LLDP 26-5
MAC address table 5-15
MAC address-table move update 19-8
MSTP 17-14
MVR 21-20
optional spanning-tree configuration 18-12
password and privilege level 9-2
RADIUS 9-27
RMON 28-3
RSPAN 27-10
SDM template 8-4
SNMP 30-7
SPAN 27-10
SSL 9-49
standard QoS 33-38
STP 16-13
switch stacks 7-17
system message logging 29-4
system name and prompt 5-9
TACACS+ 9-13
UDLD 24-4
VLAN, Layer 2 Ethernet interfaces 13-15
VLANs 13-7
VMPS 13-25
voice VLAN 15-3
VTP 14-9
default gateway 3-14
default web-based authentication configuration
802.1X 11-9
deleting VLANs 13-9
denial-of-service attack 23-1
description command 12-37
designing your network, examples 1-18
in IPv4 ACLs 31-10
in IPv6 ACLs 37-5
destination-IP address-based forwarding, EtherChannel 38-9
destination-MAC address forwarding, EtherChannel 38-9
detecting indirect link failures, STP 18-8
device A-24
device discovery protocol 25-1, 26-1
benefits 1-1
described 1-2, 1-5
in-band management 1-7
upgrading a switch A-24
relay agent 20-9
client request message exchange 3-4
client side 3-3
DNS 3-7
relay device 3-7
server side 3-6
TFTP server 3-7
example 3-9
for IP address information 3-6
for receiving the configuration file 3-6
overview 3-3
relationship to BOOTP 3-3
relay support 1-6
support for 1-6
DHCP-based autoconfiguration and image update
configuring 3-11 to 3-14
understanding 3-5
See DHCP snooping binding database
See DHCP snooping binding database
circuit ID suboption 20-5
configuration guidelines 20-8
default configuration 20-8
displaying 20-12
overview 20-3
circuit ID 20-5
remote ID 20-5
remote ID suboption 20-5
DHCP server port-based address allocation
configuration guidelines 20-21
default configuration 20-21
described 20-21
displaying 20-24
enabling 20-21
reserved addresses 20-22
DHCP server port-based address assignment
support for 1-6
accepting untrusted packets form edge switch 20-3, 20-10
See DHCP snooping binding database
configuration guidelines 20-8
default configuration 20-8
displaying binding tables 20-12
message exchange process 20-4
option 82 data insertion 20-3
trusted interface 20-2
untrusted interface 20-2
untrusted messages 20-2
DHCP snooping binding database
adding bindings 20-11
binding entries, displaying 20-12
format 20-6
location 20-6
bindings 20-6
clearing agent statistics 20-12
configuration guidelines 20-9
configuring 20-11
default configuration 20-8
binding file 20-12
bindings 20-12
database agent 20-12
described 20-6
displaying 20-12
displaying status and statistics 20-12
enabling 20-11
entry 20-6
renewing database 20-12
delay value 20-12
timeout value 20-12
See DHCP snooping binding database
Differentiated Services architecture, QoS 33-2
Differentiated Services Code Point 33-2
directed unicast requests 1-6
changing A-4
creating and removing A-4
displaying the working A-4
and DHCP-based autoconfiguration 3-7
default configuration 5-10
displaying the configuration 5-11
in IPv6 35-3
overview 5-9
setting up 5-10
support for 1-6
DNS 5-9
VTP 14-10
downloadable ACL 10-20, 10-22, 10-61
preparing A-11, A-13, A-16
reasons for A-8
using FTP A-13
using RCP A-17
using TFTP A-11
deleting old image A-28
preparing A-26, A-30, A-34
reasons for A-24
using CMS 1-2
using FTP A-31
using HTTP 1-2, A-24
using RCP A-35
using TFTP A-27
using the device manager or Network Assistant A-24
support for 1-15
DSCP 1-13, 33-2
DSCP input queue threshold map for QoS 33-16
DSCP output queue threshold map for QoS 33-19
DSCP-to-CoS map for QoS 33-66
DSCP-to-DSCP-mutation map for QoS 33-67
DSCP transparency 33-46
DTP 1-9, 13-14
dual-action detection 38-6
dual IPv4 and IPv6 templates 35-5
IPv4 and IPv6 35-5
SDM templates supporting 35-5
defined 12-4
LEDs 12-5
link selection 12-4, 12-25
setting the type 12-25
characteristics 13-4
configuring 13-26
defined 12-3
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
log buffer 22-16
statistics 22-16
configuration guidelines 22-6
ACLs for non-DHCP environments 22-9
in DHCP environments 22-7
log buffer 22-13
rate limit for incoming ARP packets 22-4, 22-11
default configuration 22-5
denial-of-service attacks, preventing 22-11
described 22-1
DHCP snooping binding database 22-2
ARP ACLs 22-15
configuration and operating state 22-15
log buffer 22-16
statistics 22-16
trust state and rate limit 22-15
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
clearing 22-16
configuring 22-13
displaying 22-16
logging of dropped packets, described 22-5
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
configuring 22-11
described 22-4
error-disabled state 22-4
clearing 22-16
displaying 22-16
validation checks, performing 22-12
dynamic auto trunking mode 13-14
dynamic desirable trunking mode 13-14
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
described 13-24
reconfirming 13-27
troubleshooting 13-29
types of connections 13-26
enabling and disabling 2-6
keystrokes used 2-7
wrapped lines 2-8
ELIN location 26-3
enable password 9-3
enable secret password 9-3
encryption, CipherSuite 9-48
encryption for passwords 9-3
environment variables, function of 3-22
error-disabled state, BPDU 18-2
error messages during command entry 2-4
automatic creation of 38-5, 38-7
binding physical and logical interfaces 38-4
numbering of 38-4
configuration guidelines 38-12
configuring Layer 2 interfaces 38-13
default configuration 38-11
described 38-2
displaying status 38-21
forwarding methods 38-8, 38-16
IEEE 802.3ad, described 38-7
with STP 38-12
with VLANs 38-12
described 38-7
displaying status 38-21
hot-standby ports 38-18
interaction with other features 38-8
modes 38-7
port priority 38-19
system priority 38-19
load balancing 38-8, 38-16
aggregate-port learners 38-16
compatibility with Catalyst 1900 38-17
described 38-5
displaying status 38-21
interaction with other features 38-7
interaction with virtual switches 38-6
learn method and priority configuration 38-16
modes 38-6
support for 1-4
with dual-action detection 38-6
described 38-4
numbering of 38-4
port groups 12-4
stack changes, effects of 38-10
support for 1-4
described 18-10
disabling 18-17
enabling 18-17
active link 12-22
and routing 12-22
and TFTP 12-23
configuring 12-23
default setting 12-22
described 12-21
for network management 12-21
specifying 12-23
supported features 12-22
unsupported features 12-23
Ethernet management port, internal
and routing 12-22
unsupported features 12-23
adding 13-8
defaults and ranges 13-8
modifying 13-8
EUI 35-3
events, RMON 28-4
network configuration 1-18
expedite queue for QoS 33-80
Express Setup 1-1
See also getting started guide
extended crashinfo file 39-23
configuration guidelines 13-11
configuring 13-11
creating 13-12
defined 13-1
MSTP 17-18
STP 16-4, 16-16
Extensible Authentication Protocol over LAN 10-1
fa0 interface 1-7
failover support 1-8
Fast Convergence 19-3
Fast Uplink Transition Protocol 18-6
features, incompatible 23-12
fiber-optic, detecting unidirectional links 24-1
description 39-23
location 39-23
copying A-5
crashinfo, description 39-23
deleting A-5
displaying the contents of A-8
description 39-24
location 39-24
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-25
displaying available file systems A-2
displaying file information A-3
local file system names A-1
network file system names A-5
setting the default A-3
IPv6 traffic 37-3, 37-7
non-IP traffic 31-23
show and more command output 2-9
filtering show and more command output 2-9
flash device, number of A-1
flexible authentication ordering
configuring 10-64
overview 10-30
Flex Link Multicast Fast Convergence 19-3
configuration guidelines 19-8
configuring 19-9
configuring preferred VLAN 19-12
configuring VLAN load balancing 19-11
default configuration 19-8
description 19-2
link load balancing 19-3
monitoring 19-14
VLANs 19-3
flooded traffic, blocking 23-8
flow-based packet classification 1-13
QoS classification 33-7
QoS egress queueing and scheduling 33-18
QoS ingress queueing and scheduling 33-15
QoS policing and marking 33-11
configuring 12-29
described 12-29
MSTP 17-24
STP 16-23
downloading A-13
overview A-12
preparing the server A-13
uploading A-15
deleting old image A-32
downloading A-31
preparing the server A-30
uploading A-32
general query 19-5
Generating IGMP Reports 19-4
get-bulk-request operation 30-4
get-next-request operation 30-3, 30-5
get-request operation 30-3, 30-4, 30-5
get-response operation 30-4
global configuration mode 2-2
global leave, IGMP 21-13
guest VLAN and 802.1x 10-22
guide mode 1-2
See device manager and Network Assistant
MSTP 17-24
STP 16-22
help, for the command line 2-3
HFTM space 39-26
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 29-10
host names, in clusters 6-12
hosts, limit on dynamic ports 13-29
HP OpenView 1-5
HQATM space 39-26
automatic cluster recovery 6-11
cluster standby group considerations 6-10
See also clusters, cluster standby group, and standby command switch
HTTPS 9-46
configuring 9-50
self-signed certificate 9-47
HTTP secure server 9-46
IPv6 35-3
time-exceeded messages 39-17
traceroute and 39-17
unreachable messages and IPv6 37-4
executing 39-15
overview 39-14
ICMPv6 35-3
and ingress RSPAN 27-21
and ingress SPAN 27-14
IEEE 802.1p 15-1
and trunk ports 12-3
configuration limitations 13-15
encapsulation 13-14
native VLAN for untagged traffic 13-19
IEEE 802.3ad, PoE+ 1-15, 12-6
IEEE 802.3x flow control 12-29
ifIndex values, SNMP 30-6
IFS 1-6
described 21-6
enabling 21-11
controlling the length of time 21-12
disabling on an interface 21-13
global leave 21-13
query solicitation 21-13
recovering from flood mode 21-13
joining multicast group 21-3
join messages 21-3
leave processing, enabling 21-10, 36-9
leaving multicast group 21-5
queries 21-4
described 21-6
disabling 21-16, 36-11
supported versions 21-3
support for 1-4
configuring 21-25
default configuration 21-25
described 21-24
monitoring 21-29
support for 1-5
configuring filtering 21-28
setting the maximum number 21-27
configuration guidelines 21-11
described 21-5
enabling 21-10
applying 21-26
configuration mode 21-25
configuring 21-26
and address aliasing 21-2
and stack changes 21-6
configuring 21-7
default configuration 21-7, 36-6
definition 21-2
enabling and disabling 21-7, 36-7
global configuration 21-7
Immediate Leave 21-5
in the switch stack 21-6
method 21-8
monitoring 21-16, 36-11
configuration guidelines 21-14
configuring 21-14
supported versions 21-3
support for 1-4
VLAN configuration 21-8
configuring 21-28
default configuration 21-25
described 21-24
displaying action 21-29
Immediate Leave, IGMP 21-5
enabling 36-9
inaccessible authentication bypass 10-24
support for multiauth ports 10-25
defaults 1-16
Express Setup 1-1
number 12-16
range macros 12-19
interface command 12-16 to ??, 12-16 to 12-17
interface configuration mode 2-2
auto-MDIX, configuring 12-30
duplex and speed 12-27
procedure 12-17
counters, clearing 12-41
default configuration 12-24
described 12-37
descriptive name, adding 12-37
displaying information about 12-40
flow control 12-29
management 1-5
monitoring 12-40
naming 12-37
physical, identifying 12-16
range of 12-18
restarting 12-41
shutting down 12-41
speed and duplex, configuring 12-28
status 12-40
supported 12-16
types of 12-1
interfaces range macro command 12-19
interface types 12-16
inter-VLAN routing 34-1
inventory management TLV 26-3, 26-7
for QoS classification 33-8
implicit deny 31-9, 31-13
implicit masks 31-9
named 31-13
undefined 31-19
128-bit 35-2
candidate or member 6-4, 6-12
classes of 34-4
cluster access 6-2
command switch 6-3, 6-10, 6-12
discovering 5-24
for IP routing 34-4
IPv6 35-2
redundant clusters 6-10
standby command switch 6-10, 6-12
ip igmp profile command 21-25
manually 3-14
through DHCP-based autoconfiguration 3-3
default configuration 3-3
and QoS 15-1
automatic classification and queueing 33-21
configuring 15-4
ensuring port security with QoS 33-45
trusted boundary for QoS 33-45
IP Port Security for Static Hosts
on a Layer 2 access port 20-17
IP precedence 33-2
IP-precedence-to-DSCP map for QoS 33-64
IP protocols in ACLs 31-10
disabling 34-4
enabling 34-4
IP service levels, analyzing 32-1
benefits 32-2
configuration guidelines 32-5
Control Protocol 32-4
default configuration 32-5
definition 32-1
measuring network performance 32-3
monitoring 32-6
operation 32-3
described 32-4
enabling 32-6
response time 32-4
SNMP support 32-2
supported metrics 32-2
and 802.1x 20-15
and DHCP snooping 20-13
and EtherChannels 20-15
and port security 20-15
and private VLANs 20-15
and routed ports 20-15
and TCAM entries 20-15
and trunk interfaces 20-15
and VRF 20-15
automatic 20-13
manual 20-13
binding table 20-13
configuration guidelines 20-15
default configuration 20-15
described 20-13
disabling 20-16
active IP or MAC bindings 20-20
bindings 20-20
configuration 20-20
enabling 20-16, 20-17
source IP address 20-13
source IP and MAC address 20-13
on provisioned switches 20-15
source IP address filtering 20-13
source IP and MAC address filtering 20-13
adding 20-16, 20-17
deleting 20-16
static hosts 20-17
executing 39-18
overview 39-17
assigning IP addresses to Layer 3 interfaces 34-4
configuring static routes 34-5
disabling 34-4
enabling 34-4
inter-VLAN 34-1
classes 34-4
configuring 34-4
steps to configure 34-3
subnet mask 34-4
with SVIs 34-3
applying to interfaces 31-18
extended, creating 31-9
named 31-13
standard, creating 31-8
dual protocol stacks 35-4
displaying 37-8
limitations 37-2
matching criteria 37-3
port 37-1
precedence 37-2
router 37-1
supported 37-2
addresses 35-2
address formats 35-2
and switch stacks 35-6
applications 35-4
assigning address 35-7
autoconfiguration 35-4
configuring static routes 35-10
default configuration 35-7
defined 35-1
forwarding 35-7
ICMP 35-3
monitoring 35-11
neighbor discovery 35-4
SDM templates 36-1, 37-1
stack master functions 35-6
Stateless Autoconfiguration 35-4
supported features 35-2
IPv6 traffic, filtering 37-3
join messages, IGMP 21-3
Layer 2 frames, classification with CoS 33-2
Layer 2 interfaces, default configuration 12-24
and ARP 39-16
and CDP 39-16
broadcast traffic 39-16
described 39-16
IP addresses and subnets 39-16
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
Layer 3 features 1-15
assigning IP addresses to 34-4
assigning IPv6 addresses to 35-7
changing from Layer 2 mode 34-4
Layer 3 packets, classification methods 33-2
LDAP 4-2
Leaking IGMP Reports 19-4
See hardware installation guide
lightweight directory access protocol
line configuration mode 2-2
Link Aggregation Control Protocol
link failure, detecting unidirectional 17-8
link local unicast addresses 35-3
links, unidirectional 24-1
configuring 38-23
described 38-21
configuring 26-5
characteristics 26-6
default configuration 26-5
enabling 26-6
monitoring and maintaining 26-11
overview 26-1
supported TLVs 26-2
switch stack considerations 26-2
transmission timer and holdtime, setting 26-6
procedures 26-5
TLVs 26-7
monitoring and maintaining 26-11
overview 26-1, 26-2
supported TLVs 26-2
local SPAN 27-2
location TLV 26-3, 26-7
with RADIUS 9-30
with TACACS+ 9-14
login banners 5-11
Long-Reach Ethernet (LRE) technology 1-20
described 18-11
enabling 18-18
support for 1-9
LRE profiles, considerations in switch clusters 6-15
default setting 10-36
range 10-38
MAC/PHY configuration status TLV 26-2
aging time 5-15
and VLAN association 5-14
building the address table 5-14
default configuration 5-15
disabling learning on a VLAN 5-23
discovering 5-24
displaying 5-24
displaying in the IP source binding table 20-20
learning 5-14
removing 5-16
in ACLs 31-23
adding 5-21
allowing 5-22, 5-23
characteristics of 5-20
dropping 5-22
removing 5-21
MAC address learning 1-6
MAC address learning, disabling on a VLAN 5-23
MAC address notification, support for 1-15
configuration guidelines 19-8
configuring 19-12
default configuration 19-8
description 19-6
monitoring 19-14
MAC address-to-VLAN mapping 13-23
MAC authentication bypass 10-38
configuring 10-57
overview 10-17
applying to Layer 2 interfaces 31-24
configuring for QoS 33-52
creating 31-23
defined 31-23
for QoS classification 33-5
magic packet 10-27
manageability features 1-6
browser session 1-7
CLI session 1-7
device manager 1-7
SNMP 1-7
out-of-band console port connection 1-7
management address TLV 26-2
CLI 2-1
clustering 1-3
CNS 4-1
Network Assistant 1-2
overview 1-5
considerations in switch clusters 6-7
discovery through different management VLANs 6-7
CoS-to-DSCP 33-63
DSCP 33-63
DSCP-to-CoS 33-66
DSCP-to-DSCP-mutation 33-67
IP-precedence-to-DSCP 33-64
policed-DSCP 33-65
described 33-11
action with aggregate policers 33-60
described 33-4, 33-9
IPv6 ACLs 37-3
matching, IPv4 ACLs 31-7
MSTP 17-25
STP 16-23
maximum hop count, MSTP 17-25
maximum number of allowed devices, port-based authentication 10-38
configuration guidelines 10-13
described 1-11, 10-12
exceptions with authentication process 10-5
membership mode, VLAN port 13-3
automatic discovery 6-5
defined 6-2
managing 6-15
passwords 6-12
recovering from lost connectivity 39-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
memory consistency check errors
example 39-27
memory consistency check routines 1-5, 39-26
memory consistency integrity 1-5, 39-26
messages, to users through banners 5-11
overview 30-1
SNMP interaction with 30-5
mirroring traffic for analysis 27-1
mismatches, autonegotiation 39-12
module number 12-16
access groups 31-26
cables for unidirectional links 24-1
CDP 25-5
features 1-15
Flex Links 19-14
filters 21-29
snooping 21-16, 36-11
interfaces 12-40
IP SLAs operations 32-6
IPv4 ACL configuration 31-26
IPv6 35-11
IPv6 ACL configuration 37-8
MAC address-table move update 19-14
multicast router interfaces 21-17, 36-12
MVR 21-23
network traffic for analysis with probe 27-2
blocking 23-20
protection 23-20
SFP status 12-40, 39-14
speed and duplex mode 12-28
traffic flowing among switches 28-1
traffic suppression 23-20
VLANs 13-13
VMPS 13-28
VTP 14-18
mrouter Port 19-3
mrouter port 19-5
configuration guidelines 17-15
described 17-6
described 18-3
enabling 18-14
described 18-2
enabling 18-13
CIST, described 17-3
CIST root 17-5
configuration guidelines 17-15, 18-12
forward-delay time 17-24
hello time 17-24
link type for rapid convergence 17-25
maximum aging time 17-25
maximum hop count 17-25
MST region 17-16
neighbor type 17-26
path cost 17-22
port priority 17-20
root switch 17-18
secondary root switch 17-19
switch priority 17-23
defined 17-3
operations between regions 17-4
default configuration 17-14
default optional feature configuration 18-12
displaying status 17-27
enabling the mode 17-16
described 18-10
enabling 18-17
effects on root switch 17-18
effects on secondary root switch 17-19
unexpected behavior 17-18
implementation 17-6
port role naming change 17-7
terminology 17-5
instances supported 16-10
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-11
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-27
defined 17-3
master 17-3
operations within a region 17-3
described 18-11
enabling 18-18
mapping VLANs to MST instance 17-16
CIST 17-3
configuring 17-16
described 17-2
hop-count mechanism 17-5
IST 17-3
supported spanning-tree instances 17-2
optional features supported 1-8
overview 17-2
described 18-2
enabling 18-12
preventing root switch selection 18-10
described 18-10
enabling 18-18
configuring 17-18
effects of extended system ID 17-18
unexpected behavior 17-18
shutdown Port Fast-enabled port 18-2
stack changes, effects of 17-8
status, displaying 17-27
support for inaccessible authentication bypass 10-25
See multiple-authentication mode
Immediate Leave 21-5
joining 21-3
leaving 21-5
static joins 21-10, 36-8
multicast router interfaces, monitoring 21-17, 36-12
multicast router ports, adding 21-9, 36-8
multicast storm 23-1
multicast storm-control command 23-4
multicast television application 21-18
multicast VLAN 21-17
multiple authentication 10-14
configuring 10-44
and address aliasing 21-20
and IGMPv3 21-21
configuration guidelines 21-20
configuring interfaces 21-22
default configuration 21-20
described 21-17
example application 21-18
modes 21-21
monitoring 21-23
multicast television application 21-18
setting global parameters 21-21
support for 1-4
critical authentication 10-24, 10-54
IEEE 802.1x authentication using a RADIUS server 10-58
IEEE 802.1x validation using RADIUS server 10-58
inaccessible authentication bypass 10-54
Layer 2 IEEE 802.1x validation 1-12, 10-30, 10-58
named IPv4 ACLs 31-13
configuring 13-19
default 13-19
configuring 10-59
overview 10-31
neighbor discovery, IPv6 35-4
benefits 1-1
described 1-5
downloading image files 1-2
guide mode 1-2
management options 1-2
managing switch stacks 7-2, 7-15
upgrading a switch A-24
wizards 1-2
network configuration examples
cost-effective wiring closet 1-20
increasing network performance 1-19
long-distance, high-bandwidth transport 1-24
providing network services 1-19
server aggregation and Linux server cluster 1-22
small to medium-sized network 1-23
performance 1-19
services 1-19
CDP 25-1
RMON 28-1
SNMP 30-1
network performance, measuring with IP SLAs 32-3
network policy TLV 26-2, 26-7
no commands 2-4
described 33-10
non-IP traffic filtering 31-23
nontrunking mode 13-14
normal-range VLANs 13-4
configuration guidelines 13-6
configuring 13-4
defined 13-1
NSM 4-3
defined 5-3
overview 5-3
stratum 5-3
support for 1-6
services 5-3
synchronizing 5-3
configuring 39-25
described 39-24
displaying 39-26
offline configuration for switch stacks 7-7
off mode, VTP 14-4
overview 40-1
running tests 40-3
understanding 40-1
configuring 10-64
overview 10-31
optimizing system resources 8-1
options, management 1-5
out-of-profile markdown 1-14
packet modification, with QoS 33-20
default configuration 9-2
disabling recovery of 9-5
encrypting 9-3
for security 1-10
in clusters 6-13
overview 9-1
recovery of 39-3
enable 9-3
enable secret 9-3
Telnet 9-6
with usernames 9-6
VTP domain 14-10
MSTP 17-22
STP 16-20
PC (passive command switch) 6-9
performance, network design 1-19
performance features 1-4
persistent self-signed certificate 9-47
per-user ACLs and Filter-Ids 10-8
physical ports 12-2
PIM-DVMRP, as snooping method 21-8
character output description 39-15
executing 39-15
overview 39-14
auto mode 12-7
CDP with power consumption, described 12-5
CDP with power negotiation, described 12-5
Cisco intelligent power management 12-5
configuring 12-31
determining 12-8
support for 12-8
devices supported 12-5
high-power devices operating in low-power mode 12-5
IEEE power classification levels 12-6
monitoring 12-8
monitoring power 12-34
policing power consumption 12-34
policing power usage 12-8
power budgeting 12-32
power consumption 12-9, 12-32
powered-device detection and initial power allocation 12-6
power management modes 12-7
power monitoring 12-8
power negotiation extensions to CDP 12-5
power sensing 12-8
standards supported 12-5
static mode 12-7
total available power 12-10
troubleshooting 39-13
policed-DSCP map for QoS 33-65
for each matched traffic class 33-55
for more than one traffic class 33-60
described 33-4
displaying 33-81
number of 33-41
types of 33-10
described 33-4
token-bucket algorithm 33-10
characteristics of 33-55
described 33-8
displaying 33-82
nonhierarchical on physical ports
described 33-10
defined 31-2
types of 31-3
accounting 10-16
defined 10-3, 11-2
RADIUS server 10-3
client, defined 10-3, 11-2
configuration guidelines 10-36, 11-9
802.1x authentication 10-42
guest VLAN 10-52
host mode 10-44
inaccessible authentication bypass 10-54
manual re-authentication of a client 10-47
periodic re-authentication 10-46
quiet period 10-47
RADIUS server 10-44, 11-13
RADIUS server parameters on the switch 10-43, 11-11
restricted VLAN 10-53
switch-to-client frame-retransmission number 10-48, 10-49
switch-to-client retransmission time 10-47
violation modes 10-41
default configuration 10-35, 11-9
described 10-1
device roles 10-3, 11-2
displaying statistics 10-66, 11-17
downloadable ACLs and redirect URLs
configuring 10-61 to 10-63, ?? to 10-63
overview 10-20 to 10-22
EAPOL-start frame 10-5
EAP-request/identity frame 10-5
EAP-response/identity frame 10-5
802.1X authentication 11-11
encapsulation 10-3
flexible authentication ordering
configuring 10-64
overview 10-30
configuration guidelines 10-23, 10-24
described 10-22
host mode 10-12
inaccessible authentication bypass
configuring 10-54
described 10-24
guidelines 10-37
initiation and message exchange 10-5
magic packet 10-27
maximum number of allowed devices per port 10-38
method lists 10-42
multiple authentication 10-14
configuration tasks 10-20
described 10-19
RADIUS server attributes 10-19
authorization state and dot1x port-control command 10-11
authorized and unauthorized 10-10
voice VLAN 10-27
described 10-27
configuring 10-38
described 10-17, 10-38
resetting to default values 10-66
stack changes, effects of 10-11
statistics, displaying 10-66
as proxy 10-3, 11-2
RADIUS client 10-3
configuring 10-59
overview 10-31
guidelines 10-29
overview 10-29
AAA authorization 10-42
characteristics 10-18
configuration tasks 10-18
described 10-17
configuring 10-39
described 10-31, 10-39
described 10-27
PVID 10-27
VVID 10-27
wake-on-LAN, described 10-27
with ACLs and RADIUS Filter-Id attribute 10-33
port-based authentication methods, supported 10-7
port blocking 1-4, 23-7
port description TLV 26-2
described 18-2
enabling 18-12
mode, spanning tree 13-25
support for 1-8
port membership modes, VLAN 13-3
MSTP 17-20
STP 16-18
access 12-3
blocking 23-7
dual-purpose uplink 12-4
dynamic access 13-4
protected 23-6
secure 23-9
static-access 13-3, 13-10
switch 12-2
trunks 13-3, 13-14
VLAN assignments 13-10
aging 23-17
and QoS trusted boundary 33-45
and stacking 23-18
configuring 23-12
default configuration 23-11
described 23-8
displaying 23-20
on trunk ports 23-14
sticky learning 23-9
violations 23-10
with other features 23-11
port-shutdown response, VMPS 13-24
port VLAN ID TLV 26-2
power management TLV 26-3, 26-7
preemption, default configuration 19-8
preemption delay, default configuration 19-8
preferential treatment of traffic
preventing unauthorized access 9-1
primary links 19-2
overriding CoS 15-6
trusting CoS 15-6
privileged EXEC mode 2-2
changing the default for lines 9-9
command switch 6-16
exiting 9-9
logging into 9-9
mapping on member switches 6-16
overview 9-2, 9-7
setting a command with 9-8
protected ports 1-10, 23-6
protocol storm protection 23-18
provisioned switches and IP source guard 20-15
provisioning new members for a switch stack 7-7
proxy reports 19-4
in VTP domain 14-16
on a port 13-19
in VTP domain 14-16
on a port 13-18
examples 14-7
overview 14-6
changing 13-18
for VTP pruning 14-6
VLANs 14-16
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
and MQC commands 33-1
categorizing traffic 33-22
configuration and defaults display 33-37
configuration guidelines 33-34
described 33-21
disabling 33-36
displaying generated commands 33-36
displaying the initial configuration 33-37
effects on running configuration 33-34
list of generated commands 33-25, 33-29
basic model 33-4
class maps, described 33-8
defined 33-4
DSCP transparency, described 33-46
flowchart 33-7
forwarding treatment 33-3
in frames and packets 33-3
IP ACLs, described 33-6, 33-8
MAC ACLs, described 33-5, 33-8
options for IP traffic 33-6
options for non-IP traffic 33-5
policy maps, described 33-8
trust DSCP, described 33-5
trusted CoS, described 33-5
trust IP precedence, described 33-5
configuring 33-53
displaying 33-81
auto-QoS 33-34
standard QoS 33-40
aggregate policers 33-60
auto-QoS 33-21
default port CoS value 33-44
DSCP maps 33-63
DSCP transparency 33-46
DSCP trust states bordering another domain 33-47
egress queue characteristics 33-74
ingress queue characteristics 33-69
IP extended ACLs 33-51
IP standard ACLs 33-50
MAC ACLs 33-52
port trust states within the domain 33-42
trusted boundary 33-45
default auto configuration 33-22
default standard configuration 33-38
displaying statistics 33-81
DSCP transparency 33-46
allocating buffer space 33-74
buffer allocation scheme, described 33-18
configuring shaped weights for SRR 33-78
configuring shared weights for SRR 33-79
described 33-4
displaying the threshold map 33-77
flowchart 33-18
mapping DSCP or CoS values 33-76
scheduling, described 33-4
setting WTD thresholds 33-74
WTD, described 33-19
enabling globally 33-42
classification 33-7
egress queueing and scheduling 33-18
ingress queueing and scheduling 33-15
policing and marking 33-11
implicit deny 33-8
allocating bandwidth 33-72
allocating buffer space 33-71
buffer and bandwidth allocation, described 33-16
configuring shared weights for SRR 33-72
configuring the priority queue 33-73
described 33-4
displaying the threshold map 33-70
flowchart 33-15
mapping DSCP or CoS values 33-69
priority queue, described 33-17
scheduling, described 33-4
setting WTD thresholds 33-69
WTD, described 33-16
automatic classification and queueing 33-21
detection and trusted settings 33-21, 33-45
limiting bandwidth on egress interface 33-80
CoS-to-DSCP 33-63
displaying 33-81
DSCP-to-CoS 33-66
DSCP-to-DSCP-mutation 33-67
IP-precedence-to-DSCP 33-64
policed-DSCP 33-65
types of 33-11
marked-down actions 33-58
marking, described 33-4, 33-9
overview 33-2
packet modification 33-20
configuring 33-58, 33-61
described 33-9
displaying 33-81
number of 33-41
types of 33-10
policies, attaching to an interface 33-9
described 33-4, 33-9
token bucket algorithm 33-10
characteristics of 33-55
displaying 33-82
nonhierarchical on physical ports 33-55
QoS label, defined 33-4
configuring egress characteristics 33-74
configuring ingress characteristics 33-69
high priority (expedite) 33-20, 33-80
location of 33-12
SRR, described 33-14
WTD, described 33-13
rewrites 33-20
support for 1-13
bordering another domain 33-47
described 33-5
trusted device 33-45
within the domain 33-42
queries, IGMP 21-4
query solicitation, IGMP 21-13
vendor-proprietary 9-38
vendor-specific 9-37
accounting 9-35
authentication 9-30
authorization 9-34
communication, global 9-27, 9-36
communication, per-server 9-27
multiple UDP ports 9-27
default configuration 9-27
defining AAA server groups 9-32
displaying the configuration 9-41
identifying the server 9-27
in clusters 6-15
limiting the services to the user 9-34
method list, defined 9-26
operation of 9-19
overview 9-18
server load balancing 9-40
suggested network environments 9-18
support for 1-12
tracking services accessed by user 9-35
RADIUS Change of Authorization 9-20
macro 12-19
of interfaces 12-18
rapid convergence 17-10
rapid per-VLAN spanning-tree plus
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
rcommand command 6-15
downloading A-17
overview A-16
preparing the server A-16
uploading A-18
deleting old image A-37
downloading A-35
preparing the server A-34
uploading A-37
configuring 10-38
described 10-17, 10-38
reconfirmation interval, VMPS, changing 13-27
reconfirming dynamic VLAN membership 13-27
recovery procedures 39-1
redirect URL 10-20, 10-21, 10-61
EtherChannel 38-3
backbone 16-8
multidrop backbone 18-5
path cost 13-22
port priority 13-20
redundant links and UplinkFast 18-15
reloading software 3-22
Remote Authentication Dial-In User Service
remote SPAN 27-3
described 21-6
disabling 21-16, 36-11
resequencing ACL entries 31-13
reserved addresses in DHCP pools 20-22
resetting a UDLD-shutdown interface 24-6
described 32-4
enabling 32-6
response time, measuring with IP SLAs 32-4
configuring 10-53
described 10-23
using with IEEE 802.1x 10-23
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-17
TACACS+ 9-10
retry count, VMPS, changing 13-28
1112, IP multicast and IGMP 21-2
1157, SNMPv1 30-2
1166, IP addresses 34-4
1305, NTP 5-3
1757, RMON 28-2
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 21-2
2273-2275, SNMPv3 30-2
RFC 5176 Compliance 9-21
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
collecting group Ethernet 28-6
collecting group history 28-5
support for 1-15
described 18-10
enabling 18-18
support for 1-9
MSTP 17-18
STP 16-16
defined 31-2
types of 31-4
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-10
defined 27-3
destination ports 27-8
displaying status 27-23
in a switch stack 27-2
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
received traffic 27-5
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-22
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
active topology 17-10
format 17-12
processing 17-13
designated port, defined 17-9
designated switch, defined 17-9
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-27
topology changes 17-13
overview 17-9
described 17-9
synchronized 17-11
proposal-agreement handshake process 17-10
cross-stack rapid convergence 17-11
described 17-10
edge ports and Port Fast 17-10
point-to-point links 17-10, 17-25
root ports 17-10
root port, defined 17-9
replacing A-19, A-20
rolling back A-19, A-21
running configuration, saving 3-15
SC (standby command switch) 6-9
scheduled reloads 3-22
and SSH 9-53
configuring 9-53
configuring 8-5
number of 8-1
SDM template 37-3
configuration guidelines 8-4
configuring 8-4
types of 8-1
configuring 9-51
displaying 9-52
configuring 9-50
displaying 9-52
and switch stacks 23-18
deleting 23-16
maximum number of 23-10
types of 23-9
and switch stacks 23-18
secure ports, configuring 23-9
secure remote connections 9-42
security, port 23-8
security features 1-10
sequence numbers in log messages 29-8
server mode, VTP 14-3
service-provider network, MSTP and RSTP 17-1
set-request operation 30-5
failed command switch replacement 39-11
replacing failed command switch 39-9
severity levels, defining in system messages 29-9
monitoring status of 12-40, 39-14
security and identification 39-13
status, displaying 39-14
show access-lists hw-summary command 31-20
show and more command output, filtering 2-9
show cdp traffic command 25-5
show cluster members command 6-15
show configuration command 12-37
show forward command 39-22
show interfaces command 12-28, 12-37
show interfaces switchport 19-4
show lldp traffic command 26-11
show platform forward command 39-22
show platform tcam command 39-26, 39-27
displaying ACLs 31-18, 31-19
interface description in 12-37
shutdown command on interfaces 12-41
Simple Network Management Protocol
small form-factor pluggable modules
small-frame arrival rate, configuring 23-5
SNAP 25-1
accessing MIB variables with 30-5
described 30-4
disabling 30-8
and IP SLAs 32-2
authentication level 30-11
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-18
default configuration 30-7
engine ID 30-7
groups 30-7, 30-10
host 30-7
ifIndex values 30-6
in-band management 1-7
in clusters 6-13
and trap keyword 30-13
described 30-5
differences from traps 30-5
disabling 30-16
enabling 30-16
limiting access by TFTP servers 30-17
limiting system log messages to NMS 29-10
manager functions 1-5, 30-3
managing clusters with 6-16
notifications 30-5
overview 30-1, 30-5
security levels 30-3
setting CPU threshold notification 30-16
status, displaying 30-19
system contact and location 30-17
trap manager, configuring 30-14
described 30-4, 30-5
differences from informs 30-5
disabling 30-16
enabling 30-13
enabling MAC address notification 5-16, 5-18, 5-19
overview 30-1, 30-5
types of 30-13
users 30-7, 30-10
versions supported 30-2
SNMP and Syslog Over IPv6 35-5
SNMPv1 30-2
SNMPv2C 30-3
SNMPv3 30-3
snooping, IGMP 21-2
location in flash A-25
recovery procedures 39-2
scheduling reloads 3-23
tar file format, described A-25
See also downloading and uploading
in IPv4 ACLs 31-10
in IPv6 ACLs 37-5
source-and-destination-IP address based forwarding, EtherChannel 38-9
source-and-destination MAC address forwarding, EtherChannel 38-9
source-IP address based forwarding, EtherChannel 38-9
source-MAC address forwarding, EtherChannel 38-8
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-10
destination ports 27-8
displaying status 27-23
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
ports, restrictions 23-12
received traffic 27-5
configuring ingress forwarding 27-15, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-13
specifying monitored ports 27-12
with ingress traffic enabled 27-14
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 13-15
SPAN traffic 27-5
shaped weights on egress queues 33-78
shared weights on egress queues 33-79
shared weights on ingress queues 33-72
described 33-14
shaped mode 33-14
shared mode 33-14
support for 1-14
configuring 9-43
cryptographic software image 9-42
described 1-7, 9-42
encryption methods 9-43
switch stack considerations 7-15
user authentication methods, supported 9-43
configuration guidelines 9-49
configuring a secure HTTP client 9-51
configuring a secure HTTP server 9-50
cryptographic software image 9-46
described 9-46
monitoring 9-52
MAC address of 7-6, 7-17
802.1x port-based authentication 10-11
ACL configuration 31-6
CDP 25-2
cross-stack EtherChannel 38-13
EtherChannel 38-10
IGMP snooping 21-6
IP routing 34-2
MAC address tables 5-15
MSTP 17-8
MVR 21-18
port security 23-18
SDM template selection 8-3
SNMP 30-2
SPAN and RSPAN 27-10
STP 16-12
switch clusters 6-13
system message log 29-2
VLANs 13-7
VTP 14-8
bridge ID (MAC address) 7-6
defined 7-1
election 7-5
IPv6 35-6
accessing CLI of specific member 7-22
member number 7-20
priority value 7-21
defined 7-1
displaying information of 7-23
number 7-6
priority value 7-7
provisioning a new member 7-21
replacing 7-14
stack member number 12-16
stack protocol version 7-10
accessing CLI of specific member 7-22
member number 7-20
priority value 7-21
provisioning a new member 7-21
auto-advise 7-11
auto-copy 7-11
auto-extract 7-11
auto-upgrade 7-11
bridge ID 7-6
CDP considerations 25-2
compatibility, software 7-9
configuration file 7-14
configuration scenarios 7-16
copying an image file from one member to another A-38
default configuration 7-17
description of 7-1
displaying information of 7-23
enabling persistent MAC address timer 7-17
in clusters 6-13
incompatible software and image upgrades 7-13, A-38
IPv6 on 35-6
MAC address considerations 5-15
management connectivity 7-15
managing 7-1
membership 7-3
merged 7-3
MSTP instances supported 16-10
described 7-7
effects of adding a provisioned switch 7-8
effects of removing a provisioned switch 7-9
effects of replacing a provisioned switch 7-9
provisioned configuration, defined 7-7
provisioned switch, defined 7-7
provisioning a new member 7-21
partitioned 7-3, 39-8
adding 7-8
removing 7-9
replacing 7-9
replacing a failed member 7-14
software compatibility 7-9
software image version 7-9
stack protocol version 7-10
bridge ID 16-3
root port selection 16-3
stack root switch election 16-3
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 5-8
system-wide configuration considerations 7-14
upgrading A-38
automatic upgrades with auto-upgrade 7-11
examples 7-12
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-11
described 7-10
See also stack master and stack member
considerations 6-10
defined 6-2
priority 6-9
requirements 6-3
virtual IP address 6-10
See also cluster standby group and HSRP
See cluster standby group and HSRP
standby links 19-2
manually 3-19
specific image 3-20
clearing A-19
automatically downloading 3-18
specifying the filename 3-18
assigning to VLAN 13-10
defined 12-3, 13-3
static MAC addressing 1-10
configuring 34-5
configuring for IPv6 35-10
static VLAN membership 13-2
802.1X 11-17
802.1x 10-66
CDP 25-5
interface 12-40
LLDP 26-11
LLDP-MED 26-11
NMSP 26-11
QoS ingress and egress 33-81
RMON group Ethernet 28-6
RMON group history 28-5
SNMP input and output 30-19
VTP 14-18
sticky learning 23-9
configuring 23-3
described 23-1
disabling 23-5
displaying 23-20
support for 1-4
thresholds 23-2
accelerating root port selection 18-4
described 18-7
disabling 18-17
enabling 18-17
described 18-3
disabling 18-15
enabling 18-14
described 18-2
disabling 18-14
enabling 18-13
BPDU message exchange 16-3
configuration guidelines 16-13, 18-12
forward-delay time 16-23
hello time 16-22
maximum aging time 16-23
path cost 16-20
port priority 16-18
root switch 16-16
secondary root switch 16-18
spanning-tree mode 16-15
switch priority 16-21
transmit hold-count 16-24
counters, clearing 16-24
described 18-5
enabling 18-16
default configuration 16-13
default optional feature configuration 18-12
designated port, defined 16-4
designated switch, defined 16-4
detecting indirect link failures 18-8
disabling 16-16
displaying status 16-24
described 18-10
disabling 18-17
enabling 18-17
effects on root switch 16-16
effects on the secondary root switch 16-18
overview 16-4
unexpected behavior 16-16
features supported 1-8
IEEE 802.1D and bridge ID 16-4
IEEE 802.1D and multicast addresses 16-9
IEEE 802.1t and VLAN identifier 16-5
inferior BPDU 16-3
instances supported 16-10
interface state, blocking to forwarding 18-2
blocking 16-6
disabled 16-7
forwarding 16-6, 16-7
learning 16-7
listening 16-7
overview 16-5
interoperability and compatibility among modes 16-11
limitations with IEEE 802.1Q trunks 16-11
overview 13-20
using path costs 13-22
using port priorities 13-20
described 18-11
enabling 18-18
modes supported 16-10
multicast addresses, effect of 16-9
optional features supported 1-8
overview 16-2
path costs 13-22
described 18-2
enabling 18-12
port priorities 13-21
preventing root switch selection 18-10
protocols supported 16-10
redundant connectivity 16-8
described 18-10
enabling 18-18
root port, defined 16-3
root port selection on a switch stack 16-3
configuring 16-16
effects of extended system ID 16-4, 16-16
election 16-3
unexpected behavior 16-16
shutdown Port Fast-enabled port 18-2
stack changes, effects of 16-12
status, displaying 16-24
superior BPDU 16-3
timers, described 16-22
described 18-3
enabling 18-15
stratum, NTP 5-3
subnet mask 34-4
success response, VMPS 13-24
summer time 5-7
SunNet Manager 1-5
supported port-based authentication methods 10-7
and IP unicast routing 34-3
and router ACLs 31-4
connecting VLANs 12-11
defined 12-3
switch 35-2
switch clustering technology 6-1
switch console port 1-7
switched ports 12-2
switchport backup interface 19-4, 19-5
switchport block multicast command 23-8
switchport block unicast command 23-8
switchport protected command 23-7
MSTP 17-23
STP 16-21
switch software features 1-1
system capabilities TLV 26-2
daylight saving time 5-7
manually 5-5
summer time 5-7
time zones 5-6
displaying the time and date 5-6
overview 5-2
system description TLV 26-2
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-14
enabling 29-5
facility keywords, described 29-14
level keywords, described 29-10
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-15
time stamps, enabling and disabling 29-8
configuring the daemon 29-13
configuring the logging facility 29-13
facilities supported 29-14
default configuration 5-9
default setting 5-9
manual configuration 5-9
system name TLV 26-2
system prompt, default setting 5-8, 5-9
system resources, optimizing 8-1
accounting, defined 9-11
authentication, defined 9-11
authorization, defined 9-11
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-17
identifying the server 9-13
in clusters 6-15
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-12
tracking services accessed by user 9-17
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-25
memory consistency check errors
example 39-27
memory consistency check routines 1-5, 39-26
memory consistency integrity 1-5, 39-26
HFTM 39-26
HQATM 39-26
unassigned 39-26
TDR 1-16
accessing management interfaces 2-10
number of connections 1-7
setting a password 9-6
temporary self-signed certificate 9-47
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 9-6
ternary content addressable memory
downloading A-11
preparing the server A-11
uploading A-12
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
deleting A-28
downloading A-27
preparing the server A-26
uploading A-29
limiting access by servers 30-17
TFTP server 1-6
threshold, traffic level 23-2
time-range command 31-15
time ranges in ACLs 31-15
time stamps in log messages 29-8
time zones 5-6
defined 26-2
LLDP 26-2
LLDP-MED 26-2
support for 13-6
VTP support 14-5
ToS 1-13
and ARP 39-16
and CDP 39-16
broadcast traffic 39-16
described 39-16
IP addresses and subnets 39-16
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
traceroute command 39-18
blocking flooded 23-8
fragmented 31-4
fragmented IPv6 37-2
unfragmented 31-4
traffic policing 1-14
traffic suppression 23-2
transparent mode, VTP 14-4
trap-door mechanism 3-2
configuring MAC address notification 5-16, 5-18, 5-19
configuring managers 30-13
defined 30-4
enabling 5-16, 5-18, 5-19, 30-13
notification types 30-13
overview 30-1, 30-5
connectivity problems 39-14, 39-15, 39-17
CPU utilization 39-28
detecting unidirectional links 24-1
displaying crash information 39-23
setting packet forwarding 39-22
SFP security and identification 39-13
show forward command 39-22
with CiscoWorks 30-5
with debug commands 39-20
with ping 39-14
with system message logging 29-1
with traceroute 39-17
trunking encapsulation 1-9
configuring 13-16
defined 12-3, 13-3
allowed-VLAN list 13-17
setting STP path costs 13-22
using STP port priorities 13-20, 13-21
native VLAN for untagged traffic 13-19
parallel 13-22
pruning-eligible list 13-18
to non-DTP device 13-14
trusted boundary for QoS 33-45
between QoS domains 33-47
classification options 33-5
ensuring port security for IP phones 33-45
support for 1-13
within a QoS domain 33-42
trustpoints, CA 9-47
twisted-pair Ethernet, detecting unidirectional links 24-1
configuration guidelines 24-4
default configuration 24-4
globally 24-5
on fiber-optic interfaces 24-5
per interface 24-6
echoing detection mechanism 24-3
globally 24-5
per interface 24-6
link-detection mechanism 24-1
neighbor database 24-2
overview 24-1
resetting an interface 24-6
status, displaying 24-7
support for 1-8
unauthorized ports with IEEE 802.1x 10-10
unicast MAC address filtering 1-6
and adding static addresses 5-22
and broadcast MAC addresses 5-21
and CPU packets 5-21
and multicast addresses 5-21
and router MAC addresses 5-21
configuration guidelines 5-21
described 5-21
unicast storm 23-1
unicast storm control command 23-4
unicast traffic, blocking 23-8
UniDirectional Link Detection protocol
daemon configuration 29-13
facilities supported 29-14
message logging configuration 29-13
unrecognized Type-Length-Value (TLV) support 14-5
upgrading a Catalyst 2950 switch
configuration compatibility issues C-1
differences in configuration commands C-1
feature behavior incompatibilities C-5
incompatible command messages C-1
recommendations C-1
described 18-3
disabling 18-16
enabling 18-15
support for 1-8
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
preparing A-26, A-30, A-34
reasons for A-24
using FTP A-32
using RCP A-37
using TFTP A-29
USB mini-Type B console port 12-12
USB Type A port 1-8
user EXEC mode 2-2
username-based authentication 9-6
version-dependent transparent mode 14-5
automatic upgrades with auto-upgrade 7-11
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-11
described 7-10
cluster standby group 6-10
command switch 6-10
virtual switches and PAgP 38-6
vlan.dat file 13-5
VLAN 1, disabling on a trunk port 13-17
VLAN 1 minimization 13-17
vlan-assignment response, VMPS 13-23
at bootup 13-7
saving 13-7
VLAN configuration mode 2-2
and startup configuration file 13-7
and VTP 14-1
VLAN configuration saved in 13-7
VLANs saved in 13-4
VLAN filtering and SPAN 27-7
vlan global configuration command 13-7
VLAN ID, discovering 5-24
VLAN load balancing on flex links 19-3
configuration guidelines 19-8
VLAN management domain 14-2
confirming 13-27
modes 13-3
adding 13-8
adding to VLAN database 13-8
aging dynamic addresses 16-9
allowed on trunk 13-17
and spanning-tree instances 13-3, 13-6, 13-12
configuration guidelines, extended-range VLANs 13-11
configuration guidelines, normal-range VLANs 13-6
configuring 13-1
configuring IDs 1006 to 4094 13-11
connecting through SVIs 12-11
creating 13-8
default configuration 13-7
deleting 13-9
described 12-2, 13-1
displaying 13-13
extended-range 13-1, 13-11
features 1-9
illustrated 13-2
in the switch stack 13-7
limiting source traffic with RSPAN 27-22
limiting source traffic with SPAN 27-16
modifying 13-8
multicast 21-17
native, configuring 13-19
normal-range 13-1, 13-4
number supported 1-9
parameters 13-5
port membership modes 13-3
static-access ports 13-10
STP and IEEE 802.1Q trunks 16-11
supported 13-2
Token Ring 13-6
traffic between 13-2
VTP modes 14-3
VLAN trunks 13-14
administering 13-28
configuration example 13-29
configuration guidelines 13-25
default configuration 13-25
description 13-23
described 13-24
reconfirming 13-27
troubleshooting 13-29
entering server address 13-26
mapping MAC addresses to VLANs 13-23
monitoring 13-28
reconfirmation interval, changing 13-27
reconfirming membership 13-27
retry count, changing 13-28
configuring 10-39
described 10-31, 10-39
voice-over-IP 15-1
Cisco 7960 phone, port connections 15-1
configuration guidelines 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-6
trust CoS priority of incoming frame 15-6
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-5
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-7
IP phone data traffic, described 15-2
IP phone voice traffic, described 15-2
VQP 1-9, 13-23
adding a client to a domain 14-17
advertisements 13-15, 14-4
and extended-range VLANs 13-2, 14-2
and normal-range VLANs 13-2, 14-2
client mode, configuring 14-13
guidelines 14-9
requirements 14-11
saving 14-9
configuration requirements 14-11
guideline 14-17
resetting 14-17
consistency checks 14-5
default configuration 14-9
described 14-1
domain names 14-10
domains 14-2
client 14-3
off 14-4
server 14-3
transitions 14-3
transparent 14-4
monitoring 14-18
passwords 14-10
disabling 14-16
enabling 14-16
examples 14-7
overview 14-6
support for 1-9
pruning-eligible list, changing 13-18
server mode, configuring 14-11, 14-14
statistics 14-18
support for 1-9
Token Ring support 14-5
transparent mode, configuring 14-12
using 14-1
enabling 14-15
version, guidelines 14-10
Version 1 14-5
configuration guidelines 14-10
overview 14-5
overview 14-5
web authentication 10-17
configuring 11-16 to ??
described 1-10
customizeable web pages 11-6
description 11-1
web-based authentication, interactions with other features 11-7
configuring 26-9
displaying 26-11
location TLV 26-3
understanding 26-4
wizards 1-2
described 33-13
egress queue-sets 33-74
ingress queues 33-69
support for 1-14
Xmodem protocol 39-2
Index
abbreviating commands 2-3
AC (command switch) 6-9
access-class command 31-18
access control entry (ACE) 37-3
access-denied response, VMPS 13-24
Layer 3 31-19
access groups, applying IPv4 ACLs to interfaces 31-19
clusters, switch 6-12
command switches 6-10
member switches 6-12
switch clusters 6-12
accessing stack members 7-22
in switch clusters 6-8
access ports, defined 12-3
with 802.1x 10-51
with IEEE 802.1x 10-16
with RADIUS 9-35
with TACACS+ 9-11, 9-17
and QoS 33-8
defined 31-2
Ethernet 31-2
IP 31-2
ACEs 31-2
any keyword 31-10
time ranges to 31-15
to an interface 31-18, 37-7
to IPv6 interfaces 37-7
to QoS 33-8
classifying traffic for QoS 33-50
comments in 31-17
compiling 31-21
defined 31-1, 31-7
examples of 31-21, 33-50
extended IP, configuring for QoS classification 33-51
creating 31-9
matching criteria 31-7
hardware and software handling 31-20
host keyword 31-11
creating 31-7
fragments and QoS guidelines 33-40
implicit deny 31-9, 31-13, 31-14
implicit masks 31-9
matching criteria 31-7
undefined 31-19
applying to interfaces 31-18
creating 31-7
matching criteria 31-7
named 31-13
numbers 31-7
terminal lines, setting on 31-18
unsupported features 31-6
applying to interfaces 37-7
configuring 37-3, 37-4
displaying 37-8
interactions with other features 37-4
limitations 37-2, 37-3
matching criteria 37-3
named 37-2
precedence of 37-2
supported 37-2
unsupported features 37-3
MAC extended 31-23, 33-52
matching 31-7, 31-19, 37-3
monitoring 31-26, 37-8
named, IPv4 31-13
named, IPv6 37-2
names 37-4
number per QoS class map 33-40
port 31-2, 37-1
precedence of 31-2
QoS 33-8, 33-50
resequencing entries 31-13
router 31-2, 37-1
standard IP, configuring for QoS classification 33-50
creating 31-8
matching criteria 31-7
support for 1-10
support in hardware 31-20
time ranges 31-15
types supported 31-2
unsupported features, IPv4 31-6
unsupported features, IPv6 37-3
active link 19-4, 19-5, 19-6
active links 19-2
active traffic monitoring, IP SLAs 32-1
address aliasing 21-2
displaying the MAC address table 5-24
accelerated aging 16-9
changing the aging time 5-15
default aging 16-9
defined 5-13
learning 5-14
removing 5-16
IPv6 35-2
MAC, discovering 5-24
multicast, STP address management 16-9
adding and removing 5-20
defined 5-13
address resolution 5-24
CDP 25-1
LLDP 26-2
aggregatable global unicast addresses 35-3
aggregate policers 33-60
aggregate policing 1-14
aging, accelerating 16-9
for MSTP 17-24
for STP 16-9, 16-23
MAC address table 5-15
for MSTP 17-25
for STP 16-23, 16-24
alarms, RMON 28-4
allowed-VLAN list 13-17
defined 1-6, 5-24
address resolution 5-24
managing 5-24
vendor-proprietary 9-38
vendor-specific 9-37
attribute-value pairs 10-13, 10-16, 10-21, 10-22
local mode with AAA 9-41
open1x 10-31
key 9-27
login 9-30
defined 9-11
key 9-13
login 9-14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 10-8
CLI commands 10-9
compatibility with older 802.1x CLI commands 10-9 to ??
overview 10-7
authoritative time source, described 5-3
with RADIUS 9-34
with TACACS+ 9-11, 9-16
authorized ports with IEEE 802.1x 10-10
autoconfiguration 3-3
auto enablement 10-32
automatic advise (auto-advise) in switch stacks 7-11
automatic copy (auto-copy) in switch stacks 7-11
beyond a noncandidate device 6-8
brand new switches 6-8
connectivity 6-5
different VLANs 6-7
management VLANs 6-7
non-CDP-capable devices 6-6
noncluster-capable devices 6-6
in switch clusters 6-5
automatic extraction (auto-extract) in switch stacks 7-11
automatic recovery, clusters 6-9
automatic upgrades (auto-upgrade) in switch stacks 7-11
configuring 12-30
described 12-30
duplex mode 1-4
interface configuration guidelines 12-27
mismatches 39-12
Auto-QoS video devices 1-14
autosensing, port speed 1-4
availability, features 1-8
described 18-7
disabling 18-17
enabling 18-17
support for 1-8
backup links 19-2
login 5-13
message-of-the-day login 5-12
default configuration 5-11
when displayed 5-11
Berkeley r-tools replacement 9-52
See DHCP snooping binding database
DHCP snooping database 20-6
IP source guard 20-13
See DHCP snooping binding database
blocking packets 23-7
boot loader, function of 3-1
boot process 3-1
manually 3-19
specific image 3-20
accessing 3-21
described 3-1
environment variables 3-21
prompt 3-21
trap-door mechanism 3-2
error-disabled state 18-2
filtering 18-3
RSTP format 17-12
described 18-3
disabling 18-15
enabling 18-14
support for 1-8
described 18-2
disabling 18-14
enabling 18-13
support for 1-8
broadcast storm-control command 23-4
broadcast storms 23-1
cables, monitoring for unidirectional links 24-1
automatic discovery 6-5
defined 6-4
requirements 6-4
See also command switch, cluster standby group, and member switch
authentication compatibility 10-8
configuring 9-49
defined 9-47
and trusted boundary 33-45
automatic discovery in switch clusters 6-5
configuring 25-2
default configuration 25-2
defined with LLDP 26-1
described 25-1
disabling for routing device 25-4
on an interface 25-4
on a switch 25-4
monitoring 25-5
overview 25-1
power negotiation extensions 12-5
support for 1-6
switch stack considerations 25-2
transmission timer and holdtime, setting 25-3
updates 25-3
as IGMP snooping learning method 21-9
joining multicast group 21-3
CipherSuites 9-48
Cisco 7960 IP Phone 15-1
Cisco intelligent power management 12-5
Cisco IOS IP SLAs 32-1
attribute-value pairs for downloadable ACLs 10-22
attribute-value pairs for redirect URL 10-21
Cisco Secure ACS configuration guide 10-61
CiscoWorks 2000 1-5, 30-5
CISP 10-32
civic location 26-3
configuring 33-53
described 33-8
displaying 33-81
clearing interfaces 12-41
abbreviating commands 2-3
command modes 2-1
configuration logging 2-4
described 1-5
enabling and disabling 2-6
keystroke editing 2-7
wrapped lines 2-8
error messages 2-4
filtering command output 2-9
getting help 2-3
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 6-15
no and default forms of commands 2-4
Client Information Signalling Protocol
client mode, VTP 14-3
accessing 6-12
automatic discovery 6-5
automatic recovery 6-9
benefits 1-1
compatibility 6-4
described 6-1
LRE profile considerations 6-15
through CLI 6-15
through SNMP 6-16
planning 6-4
automatic discovery 6-5
automatic recovery 6-9
CLI 6-15
host names 6-12
IP addresses 6-12
LRE profiles 6-15
passwords 6-13
RADIUS 6-15
SNMP 6-13, 6-16
switch stacks 6-13
TACACS+ 6-15
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
automatic recovery 6-11
considerations 6-10
defined 6-2
requirements 6-3
virtual IP address 6-10
CNS 1-6
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-7
management functions 1-6
CoA Request Commands 9-23
Coarse Wave Division Multiplexer
command modes 2-1
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 9-8
accessing 6-10
active (AC) 6-9
configuration conflicts 39-12
defined 6-2
passive (PC) 6-9
password privilege levels 6-16
priority 6-9
from command-switch failure 6-9, 39-8
from lost member connectivity 39-12
redundant 6-9
with another switch 39-11
with cluster member 39-9
requirements 6-3
standby (SC) 6-9
See also candidate switch, cluster standby group, member switch, and standby command switch
configuring 6-13, 30-8
for cluster switches 30-4
in clusters 6-13
overview 30-4
SNMP 6-13
compatibility, feature 23-12
config.text 3-18
configurable leave timer, IGMP 21-6
defaults 1-16
Express Setup 1-1
configuration changes, logging 29-11
configuration conflicts, recovering from lost member connectivity 39-12
configuration examples, network 1-18
archiving A-20
clearing the startup configuration A-19
creating using a text editor A-10
default name 3-18
deleting a stored configuration A-19
described A-8
automatically 3-18
preparing A-11, A-13, A-16
reasons for A-8
using FTP A-13
using RCP A-17
using TFTP A-11
guidelines for creating and using A-9
guidelines for replacing and rolling back A-21
invalid combinations when copying A-5
limiting TFTP server access 30-17
obtaining with DHCP 3-8
password recovery disable considerations 9-5
replacing a running configuration A-19, A-20
rolling back a running configuration A-19, A-21
specifying the filename 3-18
system contact and location information 30-17
types and location A-10
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
configuration logger 29-11
configuration logging 2-4
configuration replacement A-19
configuration rollback A-19, A-20
configuration settings, saving 3-15
configure terminal command 12-17
configuring 802.1x user distribution 10-57
configuring port-based authentication violation modes 10-41
configuring small-frame arrival rate 23-5
conflicts, configuration 39-12
connections, secure remote 9-42
connectivity problems 39-14, 39-15, 39-17
consistency checks in VTP Version 2 14-5
console port, connecting to 2-10
control protocol, IP SLAs 32-4
corrupted software, recovery steps with Xmodem 39-2
in Layer 2 frames 33-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 33-16
CoS output queue threshold map for QoS 33-19
CoS-to-DSCP map for QoS 33-63
counters, clearing interface 12-41
CPU utilization, troubleshooting 39-28
crashinfo file 39-23
critical authentication, IEEE 802.1x 10-54
critical VLAN 10-24
configuring 10-54
configuration guidelines 38-13
described 38-3
illustration 38-4
support for 1-8
described 18-5
disabling 18-16
enabling 18-16
fast-convergence events 18-7
Fast Uplink Transition Protocol 18-6
normal-convergence events 18-7
support for 1-8
SSH 9-42
SSL 9-46
switch stack considerations 7-15
customjzeable web pages, web-based authentication 11-6
CWDM SFPs 1-24
daylight saving time 5-7
enabling all system diagnostics 39-21
enabling for a specific feature 39-20
redirecting error message output 39-21
using commands 39-20
default commands 2-4
802.1x 10-35
auto-QoS 33-22
banners 5-11
CDP 25-2
DHCP 20-8
DHCP option 82 20-8
DHCP snooping 20-8
DHCP snooping binding database 20-8
DNS 5-10
dynamic ARP inspection 22-5
EtherChannel 38-11
Ethernet interfaces 12-24
Flex Links 19-8
IGMP filtering 21-25
IGMP snooping 21-7, 36-6
IGMP throttling 21-25
initial switch information 3-3
IP SLAs 32-5
IP source guard 20-15
IPv6 35-7
Layer 2 interfaces 12-24
LLDP 26-5
MAC address table 5-15
MAC address-table move update 19-8
MSTP 17-14
MVR 21-20
optional spanning-tree configuration 18-12
password and privilege level 9-2
RADIUS 9-27
RMON 28-3
RSPAN 27-10
SDM template 8-4
SNMP 30-7
SPAN 27-10
SSL 9-49
standard QoS 33-38
STP 16-13
switch stacks 7-17
system message logging 29-4
system name and prompt 5-9
TACACS+ 9-13
UDLD 24-4
VLAN, Layer 2 Ethernet interfaces 13-15
VLANs 13-7
VMPS 13-25
voice VLAN 15-3
VTP 14-9
default gateway 3-14
default web-based authentication configuration
802.1X 11-9
deleting VLANs 13-9
denial-of-service attack 23-1
description command 12-37
designing your network, examples 1-18
in IPv4 ACLs 31-10
in IPv6 ACLs 37-5
destination-IP address-based forwarding, EtherChannel 38-9
destination-MAC address forwarding, EtherChannel 38-9
detecting indirect link failures, STP 18-8
device A-24
device discovery protocol 25-1, 26-1
benefits 1-1
described 1-2, 1-5
in-band management 1-7
upgrading a switch A-24
relay agent 20-9
client request message exchange 3-4
client side 3-3
DNS 3-7
relay device 3-7
server side 3-6
TFTP server 3-7
example 3-9
for IP address information 3-6
for receiving the configuration file 3-6
overview 3-3
relationship to BOOTP 3-3
relay support 1-6
support for 1-6
DHCP-based autoconfiguration and image update
configuring 3-11 to 3-14
understanding 3-5
See DHCP snooping binding database
See DHCP snooping binding database
circuit ID suboption 20-5
configuration guidelines 20-8
default configuration 20-8
displaying 20-12
overview 20-3
circuit ID 20-5
remote ID 20-5
remote ID suboption 20-5
DHCP server port-based address allocation
configuration guidelines 20-21
default configuration 20-21
described 20-21
displaying 20-24
enabling 20-21
reserved addresses 20-22
DHCP server port-based address assignment
support for 1-6
accepting untrusted packets form edge switch 20-3, 20-10
See DHCP snooping binding database
configuration guidelines 20-8
default configuration 20-8
displaying binding tables 20-12
message exchange process 20-4
option 82 data insertion 20-3
trusted interface 20-2
untrusted interface 20-2
untrusted messages 20-2
DHCP snooping binding database
adding bindings 20-11
binding entries, displaying 20-12
format 20-6
location 20-6
bindings 20-6
clearing agent statistics 20-12
configuration guidelines 20-9
configuring 20-11
default configuration 20-8
binding file 20-12
bindings 20-12
database agent 20-12
described 20-6
displaying 20-12
displaying status and statistics 20-12
enabling 20-11
entry 20-6
renewing database 20-12
delay value 20-12
timeout value 20-12
See DHCP snooping binding database
Differentiated Services architecture, QoS 33-2
Differentiated Services Code Point 33-2
directed unicast requests 1-6
changing A-4
creating and removing A-4
displaying the working A-4
and DHCP-based autoconfiguration 3-7
default configuration 5-10
displaying the configuration 5-11
in IPv6 35-3
overview 5-9
setting up 5-10
support for 1-6
DNS 5-9
VTP 14-10
downloadable ACL 10-20, 10-22, 10-61
preparing A-11, A-13, A-16
reasons for A-8
using FTP A-13
using RCP A-17
using TFTP A-11
deleting old image A-28
preparing A-26, A-30, A-34
reasons for A-24
using CMS 1-2
using FTP A-31
using HTTP 1-2, A-24
using RCP A-35
using TFTP A-27
using the device manager or Network Assistant A-24
support for 1-15
DSCP 1-13, 33-2
DSCP input queue threshold map for QoS 33-16
DSCP output queue threshold map for QoS 33-19
DSCP-to-CoS map for QoS 33-66
DSCP-to-DSCP-mutation map for QoS 33-67
DSCP transparency 33-46
DTP 1-9, 13-14
dual-action detection 38-6
dual IPv4 and IPv6 templates 35-5
IPv4 and IPv6 35-5
SDM templates supporting 35-5
defined 12-4
LEDs 12-5
link selection 12-4, 12-25
setting the type 12-25
characteristics 13-4
configuring 13-26
defined 12-3
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
log buffer 22-16
statistics 22-16
configuration guidelines 22-6
ACLs for non-DHCP environments 22-9
in DHCP environments 22-7
log buffer 22-13
rate limit for incoming ARP packets 22-4, 22-11
default configuration 22-5
denial-of-service attacks, preventing 22-11
described 22-1
DHCP snooping binding database 22-2
ARP ACLs 22-15
configuration and operating state 22-15
log buffer 22-16
statistics 22-16
trust state and rate limit 22-15
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
clearing 22-16
configuring 22-13
displaying 22-16
logging of dropped packets, described 22-5
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
configuring 22-11
described 22-4
error-disabled state 22-4
clearing 22-16
displaying 22-16
validation checks, performing 22-12
dynamic auto trunking mode 13-14
dynamic desirable trunking mode 13-14
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
described 13-24
reconfirming 13-27
troubleshooting 13-29
types of connections 13-26
enabling and disabling 2-6
keystrokes used 2-7
wrapped lines 2-8
ELIN location 26-3
enable password 9-3
enable secret password 9-3
encryption, CipherSuite 9-48
encryption for passwords 9-3
environment variables, function of 3-22
error-disabled state, BPDU 18-2
error messages during command entry 2-4
automatic creation of 38-5, 38-7
binding physical and logical interfaces 38-4
numbering of 38-4
configuration guidelines 38-12
configuring Layer 2 interfaces 38-13
default configuration 38-11
described 38-2
displaying status 38-21
forwarding methods 38-8, 38-16
IEEE 802.3ad, described 38-7
with STP 38-12
with VLANs 38-12
described 38-7
displaying status 38-21
hot-standby ports 38-18
interaction with other features 38-8
modes 38-7
port priority 38-19
system priority 38-19
load balancing 38-8, 38-16
aggregate-port learners 38-16
compatibility with Catalyst 1900 38-17
described 38-5
displaying status 38-21
interaction with other features 38-7
interaction with virtual switches 38-6
learn method and priority configuration 38-16
modes 38-6
support for 1-4
with dual-action detection 38-6
described 38-4
numbering of 38-4
port groups 12-4
stack changes, effects of 38-10
support for 1-4
described 18-10
disabling 18-17
enabling 18-17
active link 12-22
and routing 12-22
and TFTP 12-23
configuring 12-23
default setting 12-22
described 12-21
for network management 12-21
specifying 12-23
supported features 12-22
unsupported features 12-23
Ethernet management port, internal
and routing 12-22
unsupported features 12-23
adding 13-8
defaults and ranges 13-8
modifying 13-8
EUI 35-3
events, RMON 28-4
network configuration 1-18
expedite queue for QoS 33-80
Express Setup 1-1
See also getting started guide
extended crashinfo file 39-23
configuration guidelines 13-11
configuring 13-11
creating 13-12
defined 13-1
MSTP 17-18
STP 16-4, 16-16
Extensible Authentication Protocol over LAN 10-1
fa0 interface 1-7
failover support 1-8
Fast Convergence 19-3
Fast Uplink Transition Protocol 18-6
features, incompatible 23-12
fiber-optic, detecting unidirectional links 24-1
description 39-23
location 39-23
copying A-5
crashinfo, description 39-23
deleting A-5
displaying the contents of A-8
description 39-24
location 39-24
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-25
displaying available file systems A-2
displaying file information A-3
local file system names A-1
network file system names A-5
setting the default A-3
IPv6 traffic 37-3, 37-7
non-IP traffic 31-23
show and more command output 2-9
filtering show and more command output 2-9
flash device, number of A-1
flexible authentication ordering
configuring 10-64
overview 10-30
Flex Link Multicast Fast Convergence 19-3
configuration guidelines 19-8
configuring 19-9
configuring preferred VLAN 19-12
configuring VLAN load balancing 19-11
default configuration 19-8
description 19-2
link load balancing 19-3
monitoring 19-14
VLANs 19-3
flooded traffic, blocking 23-8
flow-based packet classification 1-13
QoS classification 33-7
QoS egress queueing and scheduling 33-18
QoS ingress queueing and scheduling 33-15
QoS policing and marking 33-11
configuring 12-29
described 12-29
MSTP 17-24
STP 16-23
downloading A-13
overview A-12
preparing the server A-13
uploading A-15
deleting old image A-32
downloading A-31
preparing the server A-30
uploading A-32
general query 19-5
Generating IGMP Reports 19-4
get-bulk-request operation 30-4
get-next-request operation 30-3, 30-5
get-request operation 30-3, 30-4, 30-5
get-response operation 30-4
global configuration mode 2-2
global leave, IGMP 21-13
guest VLAN and 802.1x 10-22
guide mode 1-2
See device manager and Network Assistant
MSTP 17-24
STP 16-22
help, for the command line 2-3
HFTM space 39-26
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 29-10
host names, in clusters 6-12
hosts, limit on dynamic ports 13-29
HP OpenView 1-5
HQATM space 39-26
automatic cluster recovery 6-11
cluster standby group considerations 6-10
See also clusters, cluster standby group, and standby command switch
HTTPS 9-46
configuring 9-50
self-signed certificate 9-47
HTTP secure server 9-46
IPv6 35-3
time-exceeded messages 39-17
traceroute and 39-17
unreachable messages and IPv6 37-4
executing 39-15
overview 39-14
ICMPv6 35-3
and ingress RSPAN 27-21
and ingress SPAN 27-14
IEEE 802.1p 15-1
and trunk ports 12-3
configuration limitations 13-15
encapsulation 13-14
native VLAN for untagged traffic 13-19
IEEE 802.3ad, PoE+ 1-15, 12-6
IEEE 802.3x flow control 12-29
ifIndex values, SNMP 30-6
IFS 1-6
described 21-6
enabling 21-11
controlling the length of time 21-12
disabling on an interface 21-13
global leave 21-13
query solicitation 21-13
recovering from flood mode 21-13
joining multicast group 21-3
join messages 21-3
leave processing, enabling 21-10, 36-9
leaving multicast group 21-5
queries 21-4
described 21-6
disabling 21-16, 36-11
supported versions 21-3
support for 1-4
configuring 21-25
default configuration 21-25
described 21-24
monitoring 21-29
support for 1-5
configuring filtering 21-28
setting the maximum number 21-27
configuration guidelines 21-11
described 21-5
enabling 21-10
applying 21-26
configuration mode 21-25
configuring 21-26
and address aliasing 21-2
and stack changes 21-6
configuring 21-7
default configuration 21-7, 36-6
definition 21-2
enabling and disabling 21-7, 36-7
global configuration 21-7
Immediate Leave 21-5
in the switch stack 21-6
method 21-8
monitoring 21-16, 36-11
configuration guidelines 21-14
configuring 21-14
supported versions 21-3
support for 1-4
VLAN configuration 21-8
configuring 21-28
default configuration 21-25
described 21-24
displaying action 21-29
Immediate Leave, IGMP 21-5
enabling 36-9
inaccessible authentication bypass 10-24
support for multiauth ports 10-25
defaults 1-16
Express Setup 1-1
number 12-16
range macros 12-19
interface command 12-16 to ??, 12-16 to 12-17
interface configuration mode 2-2
auto-MDIX, configuring 12-30
duplex and speed 12-27
procedure 12-17
counters, clearing 12-41
default configuration 12-24
described 12-37
descriptive name, adding 12-37
displaying information about 12-40
flow control 12-29
management 1-5
monitoring 12-40
naming 12-37
physical, identifying 12-16
range of 12-18
restarting 12-41
shutting down 12-41
speed and duplex, configuring 12-28
status 12-40
supported 12-16
types of 12-1
interfaces range macro command 12-19
interface types 12-16
inter-VLAN routing 34-1
inventory management TLV 26-3, 26-7
for QoS classification 33-8
implicit deny 31-9, 31-13
implicit masks 31-9
named 31-13
undefined 31-19
128-bit 35-2
candidate or member 6-4, 6-12
classes of 34-4
cluster access 6-2
command switch 6-3, 6-10, 6-12
discovering 5-24
for IP routing 34-4
IPv6 35-2
redundant clusters 6-10
standby command switch 6-10, 6-12
ip igmp profile command 21-25
manually 3-14
through DHCP-based autoconfiguration 3-3
default configuration 3-3
and QoS 15-1
automatic classification and queueing 33-21
configuring 15-4
ensuring port security with QoS 33-45
trusted boundary for QoS 33-45
IP Port Security for Static Hosts
on a Layer 2 access port 20-17
IP precedence 33-2
IP-precedence-to-DSCP map for QoS 33-64
IP protocols in ACLs 31-10
disabling 34-4
enabling 34-4
IP service levels, analyzing 32-1
benefits 32-2
configuration guidelines 32-5
Control Protocol 32-4
default configuration 32-5
definition 32-1
measuring network performance 32-3
monitoring 32-6
operation 32-3
described 32-4
enabling 32-6
response time 32-4
SNMP support 32-2
supported metrics 32-2
and 802.1x 20-15
and DHCP snooping 20-13
and EtherChannels 20-15
and port security 20-15
and private VLANs 20-15
and routed ports 20-15
and TCAM entries 20-15
and trunk interfaces 20-15
and VRF 20-15
automatic 20-13
manual 20-13
binding table 20-13
configuration guidelines 20-15
default configuration 20-15
described 20-13
disabling 20-16
active IP or MAC bindings 20-20
bindings 20-20
configuration 20-20
enabling 20-16, 20-17
source IP address 20-13
source IP and MAC address 20-13
on provisioned switches 20-15
source IP address filtering 20-13
source IP and MAC address filtering 20-13
adding 20-16, 20-17
deleting 20-16
static hosts 20-17
executing 39-18
overview 39-17
assigning IP addresses to Layer 3 interfaces 34-4
configuring static routes 34-5
disabling 34-4
enabling 34-4
inter-VLAN 34-1
classes 34-4
configuring 34-4
steps to configure 34-3
subnet mask 34-4
with SVIs 34-3
applying to interfaces 31-18
extended, creating 31-9
named 31-13
standard, creating 31-8
dual protocol stacks 35-4
displaying 37-8
limitations 37-2
matching criteria 37-3
port 37-1
precedence 37-2
router 37-1
supported 37-2
addresses 35-2
address formats 35-2
and switch stacks 35-6
applications 35-4
assigning address 35-7
autoconfiguration 35-4
configuring static routes 35-10
default configuration 35-7
defined 35-1
forwarding 35-7
ICMP 35-3
monitoring 35-11
neighbor discovery 35-4
SDM templates 36-1, 37-1
stack master functions 35-6
Stateless Autoconfiguration 35-4
supported features 35-2
IPv6 traffic, filtering 37-3
join messages, IGMP 21-3
Layer 2 frames, classification with CoS 33-2
Layer 2 interfaces, default configuration 12-24
and ARP 39-16
and CDP 39-16
broadcast traffic 39-16
described 39-16
IP addresses and subnets 39-16
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
Layer 3 features 1-15
assigning IP addresses to 34-4
assigning IPv6 addresses to 35-7
changing from Layer 2 mode 34-4
Layer 3 packets, classification methods 33-2
LDAP 4-2
Leaking IGMP Reports 19-4
See hardware installation guide
lightweight directory access protocol
line configuration mode 2-2
Link Aggregation Control Protocol
link failure, detecting unidirectional 17-8
link local unicast addresses 35-3
links, unidirectional 24-1
configuring 38-23
described 38-21
configuring 26-5
characteristics 26-6
default configuration 26-5
enabling 26-6
monitoring and maintaining 26-11
overview 26-1
supported TLVs 26-2
switch stack considerations 26-2
transmission timer and holdtime, setting 26-6
procedures 26-5
TLVs 26-7
monitoring and maintaining 26-11
overview 26-1, 26-2
supported TLVs 26-2
local SPAN 27-2
location TLV 26-3, 26-7
with RADIUS 9-30
with TACACS+ 9-14
login banners 5-11
Long-Reach Ethernet (LRE) technology 1-20
described 18-11
enabling 18-18
support for 1-9
LRE profiles, considerations in switch clusters 6-15
default setting 10-36
range 10-38
MAC/PHY configuration status TLV 26-2
aging time 5-15
and VLAN association 5-14
building the address table 5-14
default configuration 5-15
disabling learning on a VLAN 5-23
discovering 5-24
displaying 5-24
displaying in the IP source binding table 20-20
learning 5-14
removing 5-16
in ACLs 31-23
adding 5-21
allowing 5-22, 5-23
characteristics of 5-20
dropping 5-22
removing 5-21
MAC address learning 1-6
MAC address learning, disabling on a VLAN 5-23
MAC address notification, support for 1-15
configuration guidelines 19-8
configuring 19-12
default configuration 19-8
description 19-6
monitoring 19-14
MAC address-to-VLAN mapping 13-23
MAC authentication bypass 10-38
configuring 10-57
overview 10-17
applying to Layer 2 interfaces 31-24
configuring for QoS 33-52
creating 31-23
defined 31-23
for QoS classification 33-5
magic packet 10-27
manageability features 1-6
browser session 1-7
CLI session 1-7
device manager 1-7
SNMP 1-7
out-of-band console port connection 1-7
management address TLV 26-2
CLI 2-1
clustering 1-3
CNS 4-1
Network Assistant 1-2
overview 1-5
considerations in switch clusters 6-7
discovery through different management VLANs 6-7
CoS-to-DSCP 33-63
DSCP 33-63
DSCP-to-CoS 33-66
DSCP-to-DSCP-mutation 33-67
IP-precedence-to-DSCP 33-64
policed-DSCP 33-65
described 33-11
action with aggregate policers 33-60
described 33-4, 33-9
IPv6 ACLs 37-3
matching, IPv4 ACLs 31-7
MSTP 17-25
STP 16-23
maximum hop count, MSTP 17-25
maximum number of allowed devices, port-based authentication 10-38
configuration guidelines 10-13
described 1-11, 10-12
exceptions with authentication process 10-5
membership mode, VLAN port 13-3
automatic discovery 6-5
defined 6-2
managing 6-15
passwords 6-12
recovering from lost connectivity 39-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
memory consistency check errors
example 39-27
memory consistency check routines 1-5, 39-26
memory consistency integrity 1-5, 39-26
messages, to users through banners 5-11
overview 30-1
SNMP interaction with 30-5
mirroring traffic for analysis 27-1
mismatches, autonegotiation 39-12
module number 12-16
access groups 31-26
cables for unidirectional links 24-1
CDP 25-5
features 1-15
Flex Links 19-14
filters 21-29
snooping 21-16, 36-11
interfaces 12-40
IP SLAs operations 32-6
IPv4 ACL configuration 31-26
IPv6 35-11
IPv6 ACL configuration 37-8
MAC address-table move update 19-14
multicast router interfaces 21-17, 36-12
MVR 21-23
network traffic for analysis with probe 27-2
blocking 23-20
protection 23-20
SFP status 12-40, 39-14
speed and duplex mode 12-28
traffic flowing among switches 28-1
traffic suppression 23-20
VLANs 13-13
VMPS 13-28
VTP 14-18
mrouter Port 19-3
mrouter port 19-5
configuration guidelines 17-15
described 17-6
described 18-3
enabling 18-14
described 18-2
enabling 18-13
CIST, described 17-3
CIST root 17-5
configuration guidelines 17-15, 18-12
forward-delay time 17-24
hello time 17-24
link type for rapid convergence 17-25
maximum aging time 17-25
maximum hop count 17-25
MST region 17-16
neighbor type 17-26
path cost 17-22
port priority 17-20
root switch 17-18
secondary root switch 17-19
switch priority 17-23
defined 17-3
operations between regions 17-4
default configuration 17-14
default optional feature configuration 18-12
displaying status 17-27
enabling the mode 17-16
described 18-10
enabling 18-17
effects on root switch 17-18
effects on secondary root switch 17-19
unexpected behavior 17-18
implementation 17-6
port role naming change 17-7
terminology 17-5
instances supported 16-10
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-11
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-27
defined 17-3
master 17-3
operations within a region 17-3
described 18-11
enabling 18-18
mapping VLANs to MST instance 17-16
CIST 17-3
configuring 17-16
described 17-2
hop-count mechanism 17-5
IST 17-3
supported spanning-tree instances 17-2
optional features supported 1-8
overview 17-2
described 18-2
enabling 18-12
preventing root switch selection 18-10
described 18-10
enabling 18-18
configuring 17-18
effects of extended system ID 17-18
unexpected behavior 17-18
shutdown Port Fast-enabled port 18-2
stack changes, effects of 17-8
status, displaying 17-27
support for inaccessible authentication bypass 10-25
See multiple-authentication mode
Immediate Leave 21-5
joining 21-3
leaving 21-5
static joins 21-10, 36-8
multicast router interfaces, monitoring 21-17, 36-12
multicast router ports, adding 21-9, 36-8
multicast storm 23-1
multicast storm-control command 23-4
multicast television application 21-18
multicast VLAN 21-17
multiple authentication 10-14
configuring 10-44
and address aliasing 21-20
and IGMPv3 21-21
configuration guidelines 21-20
configuring interfaces 21-22
default configuration 21-20
described 21-17
example application 21-18
modes 21-21
monitoring 21-23
multicast television application 21-18
setting global parameters 21-21
support for 1-4
critical authentication 10-24, 10-54
IEEE 802.1x authentication using a RADIUS server 10-58
IEEE 802.1x validation using RADIUS server 10-58
inaccessible authentication bypass 10-54
Layer 2 IEEE 802.1x validation 1-12, 10-30, 10-58
named IPv4 ACLs 31-13
configuring 13-19
default 13-19
configuring 10-59
overview 10-31
neighbor discovery, IPv6 35-4
benefits 1-1
described 1-5
downloading image files 1-2
guide mode 1-2
management options 1-2
managing switch stacks 7-2, 7-15
upgrading a switch A-24
wizards 1-2
network configuration examples
cost-effective wiring closet 1-20
increasing network performance 1-19
long-distance, high-bandwidth transport 1-24
providing network services 1-19
server aggregation and Linux server cluster 1-22
small to medium-sized network 1-23
performance 1-19
services 1-19
CDP 25-1
RMON 28-1
SNMP 30-1
network performance, measuring with IP SLAs 32-3
network policy TLV 26-2, 26-7
no commands 2-4
described 33-10
non-IP traffic filtering 31-23
nontrunking mode 13-14
normal-range VLANs 13-4
configuration guidelines 13-6
configuring 13-4
defined 13-1
NSM 4-3
defined 5-3
overview 5-3
stratum 5-3
support for 1-6
services 5-3
synchronizing 5-3
configuring 39-25
described 39-24
displaying 39-26
offline configuration for switch stacks 7-7
off mode, VTP 14-4
overview 40-1
running tests 40-3
understanding 40-1
configuring 10-64
overview 10-31
optimizing system resources 8-1
options, management 1-5
out-of-profile markdown 1-14
packet modification, with QoS 33-20
default configuration 9-2
disabling recovery of 9-5
encrypting 9-3
for security 1-10
in clusters 6-13
overview 9-1
recovery of 39-3
enable 9-3
enable secret 9-3
Telnet 9-6
with usernames 9-6
VTP domain 14-10
MSTP 17-22
STP 16-20
PC (passive command switch) 6-9
performance, network design 1-19
performance features 1-4
persistent self-signed certificate 9-47
per-user ACLs and Filter-Ids 10-8
physical ports 12-2
PIM-DVMRP, as snooping method 21-8
character output description 39-15
executing 39-15
overview 39-14
auto mode 12-7
CDP with power consumption, described 12-5
CDP with power negotiation, described 12-5
Cisco intelligent power management 12-5
configuring 12-31
determining 12-8
support for 12-8
devices supported 12-5
high-power devices operating in low-power mode 12-5
IEEE power classification levels 12-6
monitoring 12-8
monitoring power 12-34
policing power consumption 12-34
policing power usage 12-8
power budgeting 12-32
power consumption 12-9, 12-32
powered-device detection and initial power allocation 12-6
power management modes 12-7
power monitoring 12-8
power negotiation extensions to CDP 12-5
power sensing 12-8
standards supported 12-5
static mode 12-7
total available power 12-10
troubleshooting 39-13
policed-DSCP map for QoS 33-65
for each matched traffic class 33-55
for more than one traffic class 33-60
described 33-4
displaying 33-81
number of 33-41
types of 33-10
described 33-4
token-bucket algorithm 33-10
characteristics of 33-55
described 33-8
displaying 33-82
nonhierarchical on physical ports
described 33-10
defined 31-2
types of 31-3
accounting 10-16
defined 10-3, 11-2
RADIUS server 10-3
client, defined 10-3, 11-2
configuration guidelines 10-36, 11-9
802.1x authentication 10-42
guest VLAN 10-52
host mode 10-44
inaccessible authentication bypass 10-54
manual re-authentication of a client 10-47
periodic re-authentication 10-46
quiet period 10-47
RADIUS server 10-44, 11-13
RADIUS server parameters on the switch 10-43, 11-11
restricted VLAN 10-53
switch-to-client frame-retransmission number 10-48, 10-49
switch-to-client retransmission time 10-47
violation modes 10-41
default configuration 10-35, 11-9
described 10-1
device roles 10-3, 11-2
displaying statistics 10-66, 11-17
downloadable ACLs and redirect URLs
configuring 10-61 to 10-63, ?? to 10-63
overview 10-20 to 10-22
EAPOL-start frame 10-5
EAP-request/identity frame 10-5
EAP-response/identity frame 10-5
802.1X authentication 11-11
encapsulation 10-3
flexible authentication ordering
configuring 10-64
overview 10-30
configuration guidelines 10-23, 10-24
described 10-22
host mode 10-12
inaccessible authentication bypass
configuring 10-54
described 10-24
guidelines 10-37
initiation and message exchange 10-5
magic packet 10-27
maximum number of allowed devices per port 10-38
method lists 10-42
multiple authentication 10-14
configuration tasks 10-20
described 10-19
RADIUS server attributes 10-19
authorization state and dot1x port-control command 10-11
authorized and unauthorized 10-10
voice VLAN 10-27
described 10-27
configuring 10-38
described 10-17, 10-38
resetting to default values 10-66
stack changes, effects of 10-11
statistics, displaying 10-66
as proxy 10-3, 11-2
RADIUS client 10-3
configuring 10-59
overview 10-31
guidelines 10-29
overview 10-29
AAA authorization 10-42
characteristics 10-18
configuration tasks 10-18
described 10-17
configuring 10-39
described 10-31, 10-39
described 10-27
PVID 10-27
VVID 10-27
wake-on-LAN, described 10-27
with ACLs and RADIUS Filter-Id attribute 10-33
port-based authentication methods, supported 10-7
port blocking 1-4, 23-7
port description TLV 26-2
described 18-2
enabling 18-12
mode, spanning tree 13-25
support for 1-8
port membership modes, VLAN 13-3
MSTP 17-20
STP 16-18
access 12-3
blocking 23-7
dual-purpose uplink 12-4
dynamic access 13-4
protected 23-6
secure 23-9
static-access 13-3, 13-10
switch 12-2
trunks 13-3, 13-14
VLAN assignments 13-10
aging 23-17
and QoS trusted boundary 33-45
and stacking 23-18
configuring 23-12
default configuration 23-11
described 23-8
displaying 23-20
on trunk ports 23-14
sticky learning 23-9
violations 23-10
with other features 23-11
port-shutdown response, VMPS 13-24
port VLAN ID TLV 26-2
power management TLV 26-3, 26-7
preemption, default configuration 19-8
preemption delay, default configuration 19-8
preferential treatment of traffic
preventing unauthorized access 9-1
primary links 19-2
overriding CoS 15-6
trusting CoS 15-6
privileged EXEC mode 2-2
changing the default for lines 9-9
command switch 6-16
exiting 9-9
logging into 9-9
mapping on member switches 6-16
overview 9-2, 9-7
setting a command with 9-8
protected ports 1-10, 23-6
protocol storm protection 23-18
provisioned switches and IP source guard 20-15
provisioning new members for a switch stack 7-7
proxy reports 19-4
in VTP domain 14-16
on a port 13-19
in VTP domain 14-16
on a port 13-18
examples 14-7
overview 14-6
changing 13-18
for VTP pruning 14-6
VLANs 14-16
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
and MQC commands 33-1
categorizing traffic 33-22
configuration and defaults display 33-37
configuration guidelines 33-34
described 33-21
disabling 33-36
displaying generated commands 33-36
displaying the initial configuration 33-37
effects on running configuration 33-34
list of generated commands 33-25, 33-29
basic model 33-4
class maps, described 33-8
defined 33-4
DSCP transparency, described 33-46
flowchart 33-7
forwarding treatment 33-3
in frames and packets 33-3
IP ACLs, described 33-6, 33-8
MAC ACLs, described 33-5, 33-8
options for IP traffic 33-6
options for non-IP traffic 33-5
policy maps, described 33-8
trust DSCP, described 33-5
trusted CoS, described 33-5
trust IP precedence, described 33-5
configuring 33-53
displaying 33-81
auto-QoS 33-34
standard QoS 33-40
aggregate policers 33-60
auto-QoS 33-21
default port CoS value 33-44
DSCP maps 33-63
DSCP transparency 33-46
DSCP trust states bordering another domain 33-47
egress queue characteristics 33-74
ingress queue characteristics 33-69
IP extended ACLs 33-51
IP standard ACLs 33-50
MAC ACLs 33-52
port trust states within the domain 33-42
trusted boundary 33-45
default auto configuration 33-22
default standard configuration 33-38
displaying statistics 33-81
DSCP transparency 33-46
allocating buffer space 33-74
buffer allocation scheme, described 33-18
configuring shaped weights for SRR 33-78
configuring shared weights for SRR 33-79
described 33-4
displaying the threshold map 33-77
flowchart 33-18
mapping DSCP or CoS values 33-76
scheduling, described 33-4
setting WTD thresholds 33-74
WTD, described 33-19
enabling globally 33-42
classification 33-7
egress queueing and scheduling 33-18
ingress queueing and scheduling 33-15
policing and marking 33-11
implicit deny 33-8
allocating bandwidth 33-72
allocating buffer space 33-71
buffer and bandwidth allocation, described 33-16
configuring shared weights for SRR 33-72
configuring the priority queue 33-73
described 33-4
displaying the threshold map 33-70
flowchart 33-15
mapping DSCP or CoS values 33-69
priority queue, described 33-17
scheduling, described 33-4
setting WTD thresholds 33-69
WTD, described 33-16
automatic classification and queueing 33-21
detection and trusted settings 33-21, 33-45
limiting bandwidth on egress interface 33-80
CoS-to-DSCP 33-63
displaying 33-81
DSCP-to-CoS 33-66
DSCP-to-DSCP-mutation 33-67
IP-precedence-to-DSCP 33-64
policed-DSCP 33-65
types of 33-11
marked-down actions 33-58
marking, described 33-4, 33-9
overview 33-2
packet modification 33-20
configuring 33-58, 33-61
described 33-9
displaying 33-81
number of 33-41
types of 33-10
policies, attaching to an interface 33-9
described 33-4, 33-9
token bucket algorithm 33-10
characteristics of 33-55
displaying 33-82
nonhierarchical on physical ports 33-55
QoS label, defined 33-4
configuring egress characteristics 33-74
configuring ingress characteristics 33-69
high priority (expedite) 33-20, 33-80
location of 33-12
SRR, described 33-14
WTD, described 33-13
rewrites 33-20
support for 1-13
bordering another domain 33-47
described 33-5
trusted device 33-45
within the domain 33-42
queries, IGMP 21-4
query solicitation, IGMP 21-13
vendor-proprietary 9-38
vendor-specific 9-37
accounting 9-35
authentication 9-30
authorization 9-34
communication, global 9-27, 9-36
communication, per-server 9-27
multiple UDP ports 9-27
default configuration 9-27
defining AAA server groups 9-32
displaying the configuration 9-41
identifying the server 9-27
in clusters 6-15
limiting the services to the user 9-34
method list, defined 9-26
operation of 9-19
overview 9-18
server load balancing 9-40
suggested network environments 9-18
support for 1-12
tracking services accessed by user 9-35
RADIUS Change of Authorization 9-20
macro 12-19
of interfaces 12-18
rapid convergence 17-10
rapid per-VLAN spanning-tree plus
described 16-10
IEEE 802.1Q trunking interoperability 16-11
instances supported 16-10
rcommand command 6-15
downloading A-17
overview A-16
preparing the server A-16
uploading A-18
deleting old image A-37
downloading A-35
preparing the server A-34
uploading A-37
configuring 10-38
described 10-17, 10-38
reconfirmation interval, VMPS, changing 13-27
reconfirming dynamic VLAN membership 13-27
recovery procedures 39-1
redirect URL 10-20, 10-21, 10-61
EtherChannel 38-3
backbone 16-8
multidrop backbone 18-5
path cost 13-22
port priority 13-20
redundant links and UplinkFast 18-15
reloading software 3-22
Remote Authentication Dial-In User Service
remote SPAN 27-3
described 21-6
disabling 21-16, 36-11
resequencing ACL entries 31-13
reserved addresses in DHCP pools 20-22
resetting a UDLD-shutdown interface 24-6
described 32-4
enabling 32-6
response time, measuring with IP SLAs 32-4
configuring 10-53
described 10-23
using with IEEE 802.1x 10-23
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-17
TACACS+ 9-10
retry count, VMPS, changing 13-28
1112, IP multicast and IGMP 21-2
1157, SNMPv1 30-2
1166, IP addresses 34-4
1305, NTP 5-3
1757, RMON 28-2
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 21-2
2273-2275, SNMPv3 30-2
RFC 5176 Compliance 9-21
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
collecting group Ethernet 28-6
collecting group history 28-5
support for 1-15
described 18-10
enabling 18-18
support for 1-9
MSTP 17-18
STP 16-16
defined 31-2
types of 31-4
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-10
defined 27-3
destination ports 27-8
displaying status 27-23
in a switch stack 27-2
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
received traffic 27-5
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-22
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
active topology 17-10
format 17-12
processing 17-13
designated port, defined 17-9
designated switch, defined 17-9
interoperability with IEEE 802.1D
described 17-9
restarting migration process 17-27
topology changes 17-13
overview 17-9
described 17-9
synchronized 17-11
proposal-agreement handshake process 17-10
cross-stack rapid convergence 17-11
described 17-10
edge ports and Port Fast 17-10
point-to-point links 17-10, 17-25
root ports 17-10
root port, defined 17-9
replacing A-19, A-20
rolling back A-19, A-21
running configuration, saving 3-15
SC (standby command switch) 6-9
scheduled reloads 3-22
and SSH 9-53
configuring 9-53
configuring 8-5
number of 8-1
SDM template 37-3
configuration guidelines 8-4
configuring 8-4
types of 8-1
configuring 9-51
displaying 9-52
configuring 9-50
displaying 9-52
and switch stacks 23-18
deleting 23-16
maximum number of 23-10
types of 23-9
and switch stacks 23-18
secure ports, configuring 23-9
secure remote connections 9-42
security, port 23-8
security features 1-10
sequence numbers in log messages 29-8
server mode, VTP 14-3
service-provider network, MSTP and RSTP 17-1
set-request operation 30-5
failed command switch replacement 39-11
replacing failed command switch 39-9
severity levels, defining in system messages 29-9
monitoring status of 12-40, 39-14
security and identification 39-13
status, displaying 39-14
show access-lists hw-summary command 31-20
show and more command output, filtering 2-9
show cdp traffic command 25-5
show cluster members command 6-15
show configuration command 12-37
show forward command 39-22
show interfaces command 12-28, 12-37
show interfaces switchport 19-4
show lldp traffic command 26-11
show platform forward command 39-22
show platform tcam command 39-26, 39-27
displaying ACLs 31-18, 31-19
interface description in 12-37
shutdown command on interfaces 12-41
Simple Network Management Protocol
small form-factor pluggable modules
small-frame arrival rate, configuring 23-5
SNAP 25-1
accessing MIB variables with 30-5
described 30-4
disabling 30-8
and IP SLAs 32-2
authentication level 30-11
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-18
default configuration 30-7
engine ID 30-7
groups 30-7, 30-10
host 30-7
ifIndex values 30-6
in-band management 1-7
in clusters 6-13
and trap keyword 30-13
described 30-5
differences from traps 30-5
disabling 30-16
enabling 30-16
limiting access by TFTP servers 30-17
limiting system log messages to NMS 29-10
manager functions 1-5, 30-3
managing clusters with 6-16
notifications 30-5
overview 30-1, 30-5
security levels 30-3
setting CPU threshold notification 30-16
status, displaying 30-19
system contact and location 30-17
trap manager, configuring 30-14
described 30-4, 30-5
differences from informs 30-5
disabling 30-16
enabling 30-13
enabling MAC address notification 5-16, 5-18, 5-19
overview 30-1, 30-5
types of 30-13
users 30-7, 30-10
versions supported 30-2
SNMP and Syslog Over IPv6 35-5
SNMPv1 30-2
SNMPv2C 30-3
SNMPv3 30-3
snooping, IGMP 21-2
location in flash A-25
recovery procedures 39-2
scheduling reloads 3-23
tar file format, described A-25
See also downloading and uploading
in IPv4 ACLs 31-10
in IPv6 ACLs 37-5
source-and-destination-IP address based forwarding, EtherChannel 38-9
source-and-destination MAC address forwarding, EtherChannel 38-9
source-IP address based forwarding, EtherChannel 38-9
source-MAC address forwarding, EtherChannel 38-8
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-10
destination ports 27-8
displaying status 27-23
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-15, 27-1
ports, restrictions 23-12
received traffic 27-5
configuring ingress forwarding 27-15, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-13
specifying monitored ports 27-12
with ingress traffic enabled 27-14
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 13-15
SPAN traffic 27-5
shaped weights on egress queues 33-78
shared weights on egress queues 33-79
shared weights on ingress queues 33-72
described 33-14
shaped mode 33-14
shared mode 33-14
support for 1-14
configuring 9-43
cryptographic software image 9-42
described 1-7, 9-42
encryption methods 9-43
switch stack considerations 7-15
user authentication methods, supported 9-43
configuration guidelines 9-49
configuring a secure HTTP client 9-51
configuring a secure HTTP server 9-50
cryptographic software image 9-46
described 9-46
monitoring 9-52
MAC address of 7-6, 7-17
802.1x port-based authentication 10-11
ACL configuration 31-6
CDP 25-2
cross-stack EtherChannel 38-13
EtherChannel 38-10
IGMP snooping 21-6
IP routing 34-2
MAC address tables 5-15
MSTP 17-8
MVR 21-18
port security 23-18
SDM template selection 8-3
SNMP 30-2
SPAN and RSPAN 27-10
STP 16-12
switch clusters 6-13
system message log 29-2
VLANs 13-7
VTP 14-8
bridge ID (MAC address) 7-6
defined 7-1
election 7-5
IPv6 35-6
accessing CLI of specific member 7-22
member number 7-20
priority value 7-21
defined 7-1
displaying information of 7-23
number 7-6
priority value 7-7
provisioning a new member 7-21
replacing 7-14
stack member number 12-16
stack protocol version 7-10
accessing CLI of specific member 7-22
member number 7-20
priority value 7-21
provisioning a new member 7-21
auto-advise 7-11
auto-copy 7-11
auto-extract 7-11
auto-upgrade 7-11
bridge ID 7-6
CDP considerations 25-2
compatibility, software 7-9
configuration file 7-14
configuration scenarios 7-16
copying an image file from one member to another A-38
default configuration 7-17
description of 7-1
displaying information of 7-23
enabling persistent MAC address timer 7-17
in clusters 6-13
incompatible software and image upgrades 7-13, A-38
IPv6 on 35-6
MAC address considerations 5-15
management connectivity 7-15
managing 7-1
membership 7-3
merged 7-3
MSTP instances supported 16-10
described 7-7
effects of adding a provisioned switch 7-8
effects of removing a provisioned switch 7-9
effects of replacing a provisioned switch 7-9
provisioned configuration, defined 7-7
provisioned switch, defined 7-7
provisioning a new member 7-21
partitioned 7-3, 39-8
adding 7-8
removing 7-9
replacing 7-9
replacing a failed member 7-14
software compatibility 7-9
software image version 7-9
stack protocol version 7-10
bridge ID 16-3
root port selection 16-3
stack root switch election 16-3
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 5-8
system-wide configuration considerations 7-14
upgrading A-38
automatic upgrades with auto-upgrade 7-11
examples 7-12
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-11
described 7-10
See also stack master and stack member
considerations 6-10
defined 6-2
priority 6-9
requirements 6-3
virtual IP address 6-10
See also cluster standby group and HSRP
See cluster standby group and HSRP
standby links 19-2
manually 3-19
specific image 3-20
clearing A-19
automatically downloading 3-18
specifying the filename 3-18
assigning to VLAN 13-10
defined 12-3, 13-3
static MAC addressing 1-10
configuring 34-5
configuring for IPv6 35-10
static VLAN membership 13-2
802.1X 11-17
802.1x 10-66
CDP 25-5
interface 12-40
LLDP 26-11
LLDP-MED 26-11
NMSP 26-11
QoS ingress and egress 33-81
RMON group Ethernet 28-6
RMON group history 28-5
SNMP input and output 30-19
VTP 14-18
sticky learning 23-9
configuring 23-3
described 23-1
disabling 23-5
displaying 23-20
support for 1-4
thresholds 23-2
accelerating root port selection 18-4
described 18-7
disabling 18-17
enabling 18-17
described 18-3
disabling 18-15
enabling 18-14
described 18-2
disabling 18-14
enabling 18-13
BPDU message exchange 16-3
configuration guidelines 16-13, 18-12
forward-delay time 16-23
hello time 16-22
maximum aging time 16-23
path cost 16-20
port priority 16-18
root switch 16-16
secondary root switch 16-18
spanning-tree mode 16-15
switch priority 16-21
transmit hold-count 16-24
counters, clearing 16-24
described 18-5
enabling 18-16
default configuration 16-13
default optional feature configuration 18-12
designated port, defined 16-4
designated switch, defined 16-4
detecting indirect link failures 18-8
disabling 16-16
displaying status 16-24
described 18-10
disabling 18-17
enabling 18-17
effects on root switch 16-16
effects on the secondary root switch 16-18
overview 16-4
unexpected behavior 16-16
features supported 1-8
IEEE 802.1D and bridge ID 16-4
IEEE 802.1D and multicast addresses 16-9
IEEE 802.1t and VLAN identifier 16-5
inferior BPDU 16-3
instances supported 16-10
interface state, blocking to forwarding 18-2
blocking 16-6
disabled 16-7
forwarding 16-6, 16-7
learning 16-7
listening 16-7
overview 16-5
interoperability and compatibility among modes 16-11
limitations with IEEE 802.1Q trunks 16-11
overview 13-20
using path costs 13-22
using port priorities 13-20
described 18-11
enabling 18-18
modes supported 16-10
multicast addresses, effect of 16-9
optional features supported 1-8
overview 16-2
path costs 13-22
described 18-2
enabling 18-12
port priorities 13-21
preventing root switch selection 18-10
protocols supported 16-10
redundant connectivity 16-8
described 18-10
enabling 18-18
root port, defined 16-3
root port selection on a switch stack 16-3
configuring 16-16
effects of extended system ID 16-4, 16-16
election 16-3
unexpected behavior 16-16
shutdown Port Fast-enabled port 18-2
stack changes, effects of 16-12
status, displaying 16-24
superior BPDU 16-3
timers, described 16-22
described 18-3
enabling 18-15
stratum, NTP 5-3
subnet mask 34-4
success response, VMPS 13-24
summer time 5-7
SunNet Manager 1-5
supported port-based authentication methods 10-7
and IP unicast routing 34-3
and router ACLs 31-4
connecting VLANs 12-11
defined 12-3
switch 35-2
switch clustering technology 6-1
switch console port 1-7
switched ports 12-2
switchport backup interface 19-4, 19-5
switchport block multicast command 23-8
switchport block unicast command 23-8
switchport protected command 23-7
MSTP 17-23
STP 16-21
switch software features 1-1
system capabilities TLV 26-2
daylight saving time 5-7
manually 5-5
summer time 5-7
time zones 5-6
displaying the time and date 5-6
overview 5-2
system description TLV 26-2
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-14
enabling 29-5
facility keywords, described 29-14
level keywords, described 29-10
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-15
time stamps, enabling and disabling 29-8
configuring the daemon 29-13
configuring the logging facility 29-13
facilities supported 29-14
default configuration 5-9
default setting 5-9
manual configuration 5-9
system name TLV 26-2
system prompt, default setting 5-8, 5-9
system resources, optimizing 8-1
accounting, defined 9-11
authentication, defined 9-11
authorization, defined 9-11
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-17
identifying the server 9-13
in clusters 6-15
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-12
tracking services accessed by user 9-17
creating A-6
displaying the contents of A-7
extracting A-7
image file format A-25
memory consistency check errors
example 39-27
memory consistency check routines 1-5, 39-26
memory consistency integrity 1-5, 39-26
HFTM 39-26
HQATM 39-26
unassigned 39-26
TDR 1-16
accessing management interfaces 2-10
number of connections 1-7
setting a password 9-6
temporary self-signed certificate 9-47
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 9-6
ternary content addressable memory
downloading A-11
preparing the server A-11
uploading A-12
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
deleting A-28
downloading A-27
preparing the server A-26
uploading A-29
limiting access by servers 30-17
TFTP server 1-6
threshold, traffic level 23-2
time-range command 31-15
time ranges in ACLs 31-15
time stamps in log messages 29-8
time zones 5-6
defined 26-2
LLDP 26-2
LLDP-MED 26-2
support for 13-6
VTP support 14-5
ToS 1-13
and ARP 39-16
and CDP 39-16
broadcast traffic 39-16
described 39-16
IP addresses and subnets 39-16
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
traceroute command 39-18
blocking flooded 23-8
fragmented 31-4
fragmented IPv6 37-2
unfragmented 31-4
traffic policing 1-14
traffic suppression 23-2
transparent mode, VTP 14-4
trap-door mechanism 3-2
configuring MAC address notification 5-16, 5-18, 5-19
configuring managers 30-13
defined 30-4
enabling 5-16, 5-18, 5-19, 30-13
notification types 30-13
overview 30-1, 30-5
connectivity problems 39-14, 39-15, 39-17
CPU utilization 39-28
detecting unidirectional links 24-1
displaying crash information 39-23
setting packet forwarding 39-22
SFP security and identification 39-13
show forward command 39-22
with CiscoWorks 30-5
with debug commands 39-20
with ping 39-14
with system message logging 29-1
with traceroute 39-17
trunking encapsulation 1-9
configuring 13-16
defined 12-3, 13-3
allowed-VLAN list 13-17
setting STP path costs 13-22
using STP port priorities 13-20, 13-21
native VLAN for untagged traffic 13-19
parallel 13-22
pruning-eligible list 13-18
to non-DTP device 13-14
trusted boundary for QoS 33-45
between QoS domains 33-47
classification options 33-5
ensuring port security for IP phones 33-45
support for 1-13
within a QoS domain 33-42
trustpoints, CA 9-47
twisted-pair Ethernet, detecting unidirectional links 24-1
configuration guidelines 24-4
default configuration 24-4
globally 24-5
on fiber-optic interfaces 24-5
per interface 24-6
echoing detection mechanism 24-3
globally 24-5
per interface 24-6
link-detection mechanism 24-1
neighbor database 24-2
overview 24-1
resetting an interface 24-6
status, displaying 24-7
support for 1-8
unauthorized ports with IEEE 802.1x 10-10
unicast MAC address filtering 1-6
and adding static addresses 5-22
and broadcast MAC addresses 5-21
and CPU packets 5-21
and multicast addresses 5-21
and router MAC addresses 5-21
configuration guidelines 5-21
described 5-21
unicast storm 23-1
unicast storm control command 23-4
unicast traffic, blocking 23-8
UniDirectional Link Detection protocol
daemon configuration 29-13
facilities supported 29-14
message logging configuration 29-13
unrecognized Type-Length-Value (TLV) support 14-5
upgrading a Catalyst 2950 switch
configuration compatibility issues C-1
differences in configuration commands C-1
feature behavior incompatibilities C-5
incompatible command messages C-1
recommendations C-1
described 18-3
disabling 18-16
enabling 18-15
support for 1-8
preparing A-11, A-13, A-16
reasons for A-9
using FTP A-15
using RCP A-18
using TFTP A-12
preparing A-26, A-30, A-34
reasons for A-24
using FTP A-32
using RCP A-37
using TFTP A-29
USB mini-Type B console port 12-12
USB Type A port 1-8
user EXEC mode 2-2
username-based authentication 9-6
version-dependent transparent mode 14-5
automatic upgrades with auto-upgrade 7-11
manual upgrades with auto-advise 7-11
upgrades with auto-extract 7-11
described 7-10
cluster standby group 6-10
command switch 6-10
virtual switches and PAgP 38-6
vlan.dat file 13-5
VLAN 1, disabling on a trunk port 13-17
VLAN 1 minimization 13-17
vlan-assignment response, VMPS 13-23
at bootup 13-7
saving 13-7
VLAN configuration mode 2-2
and startup configuration file 13-7
and VTP 14-1
VLAN configuration saved in 13-7
VLANs saved in 13-4
VLAN filtering and SPAN 27-7
vlan global configuration command 13-7
VLAN ID, discovering 5-24
VLAN load balancing on flex links 19-3
configuration guidelines 19-8
VLAN management domain 14-2
confirming 13-27
modes 13-3
adding 13-8
adding to VLAN database 13-8
aging dynamic addresses 16-9
allowed on trunk 13-17
and spanning-tree instances 13-3, 13-6, 13-12
configuration guidelines, extended-range VLANs 13-11
configuration guidelines, normal-range VLANs 13-6
configuring 13-1
configuring IDs 1006 to 4094 13-11
connecting through SVIs 12-11
creating 13-8
default configuration 13-7
deleting 13-9
described 12-2, 13-1
displaying 13-13
extended-range 13-1, 13-11
features 1-9
illustrated 13-2
in the switch stack 13-7
limiting source traffic with RSPAN 27-22
limiting source traffic with SPAN 27-16
modifying 13-8
multicast 21-17
native, configuring 13-19
normal-range 13-1, 13-4
number supported 1-9
parameters 13-5
port membership modes 13-3
static-access ports 13-10
STP and IEEE 802.1Q trunks 16-11
supported 13-2
Token Ring 13-6
traffic between 13-2
VTP modes 14-3
VLAN trunks 13-14
administering 13-28
configuration example 13-29
configuration guidelines 13-25
default configuration 13-25
description 13-23
described 13-24
reconfirming 13-27
troubleshooting 13-29
entering server address 13-26
mapping MAC addresses to VLANs 13-23
monitoring 13-28
reconfirmation interval, changing 13-27
reconfirming membership 13-27
retry count, changing 13-28
configuring 10-39
described 10-31, 10-39
voice-over-IP 15-1
Cisco 7960 phone, port connections 15-1
configuration guidelines 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-6
trust CoS priority of incoming frame 15-6
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-5
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-7
IP phone data traffic, described 15-2
IP phone voice traffic, described 15-2
VQP 1-9, 13-23
adding a client to a domain 14-17
advertisements 13-15, 14-4
and extended-range VLANs 13-2, 14-2
and normal-range VLANs 13-2, 14-2
client mode, configuring 14-13
guidelines 14-9
requirements 14-11
saving 14-9
configuration requirements 14-11
guideline 14-17
resetting 14-17
consistency checks 14-5
default configuration 14-9
described 14-1
domain names 14-10
domains 14-2
client 14-3
off 14-4
server 14-3
transitions 14-3
transparent 14-4
monitoring 14-18
passwords 14-10
disabling 14-16
enabling 14-16
examples 14-7
overview 14-6
support for 1-9
pruning-eligible list, changing 13-18
server mode, configuring 14-11, 14-14
statistics 14-18
support for 1-9
Token Ring support 14-5
transparent mode, configuring 14-12
using 14-1
enabling 14-15
version, guidelines 14-10
Version 1 14-5
configuration guidelines 14-10
overview 14-5
overview 14-5
web authentication 10-17
configuring 11-16 to ??
described 1-10
customizeable web pages 11-6
description 11-1
web-based authentication, interactions with other features 11-7
configuring 26-9
displaying 26-11
location TLV 26-3
understanding 26-4
wizards 1-2
described 33-13
egress queue-sets 33-74
ingress queues 33-69
support for 1-14
Xmodem protocol 39-2
Feedback