- Preface
- Using the Command-Line Interface
-
- Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
- Configuring Spanning Tree Protocol
- Configuring Multiple Spanning-Tree Protocol
- Configuring Optional Spanning-Tree Features
- Configuring Bidirection Forwarding Detection
- Configuring EtherChannels
- Configuring Link-State Tracking
- Configuring Resilient Ethernet Protocol
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring UniDirectional Link Detection
-
- Configuring Cisco IOS Configuration Engine
- Configuring the Cisco Discovery Protocol
- Configuring Simple Network Management Protocol
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring Embedded Event Manager
- Configuring NetFlow Lite
- Configuring Cache Services Using the Web Cache Communication Protocol
-
- Security Features Overview
- Preventing Unauthorized Access
- Controlling Switch Access with Passwords and Privilege Levels
- Configuring TACACS+
- Configuring RADIUS
- Configuring Kerberos
- Configuring Local Authentication and Authorization
- Configuring Secure Shell (SSH)
- Configuring Secure Socket Layer HTTP
- Configuring IPv4 ACLs
- Configuring IPv6 ACLs
- Configuring DHCP
- Configuring IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Port-Based Traffic Control
- Configuring IPv6 First Hop Security
- Configuring FIPS
- Important Notice
- Index
Contents
* - 1 - 8 - < - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z
Index
*
NTPtime1
128-bit 18
802.1x 1<
<$nopage>HTTP over SSLsee HTTPS 1<$nopage>IEEE 802.3adSee EtherChannel 1<$nopage>PAgPSee EtherChannel 1<$nopage>Port Aggregation ProtocolSee EtherChannel 1<$nopage>Secure Copy Protocol 1A
ABRs 1access control entriesSee ACEs 1access groupsLayer 3 1access groups, applying IPv4 ACLs to interfaces 1access listsSee ACLs 1with RADIUS 1accounting, defined 1ACEsEthernet 1IP 1ACLACLIPv4 1IP extended 1IP standard 1IPv4 1IPv6 1Layer 2 MAC 1ACLsapplyingon bridged packets 1on multicast packets 1on routed packets 1on switched packets 1time ranges to 1to an interface 1to QoS 1classifying traffic for QoS 1comments in 1compiling 1defined 1extended IPv4creating 1matching criteria 1guidelines 1interface 1IPfragments and QoS guidelines 1implicit deny 1implicit masks 1matching criteria 1undefined 1IPv4applying to interfaces 1creating 1interfaces 1matching criteria 1numbers 1terminal lines, setting on 1unsupported features 1Layer 4 information in 1logging messages 1matching 1monitoring 1number per QoS class map 1port 1precedence of 1router 1router ACLs and VLAN map configuration guidelines 1standard IPv4creating 1matching criteria 1support in hardware 1time ranges to 1types supported 1unsupported featuresIPv4 1using router ACLs with VLAN maps 1VLAN mapsconfiguration guidelines 1configuring 1activation, AP-count 1activation, base 1active links 1address aliasing 1address formats 1address resolution 1Address Resolution ProtocolSee ARP 1addresses 1dynamicaccelerated aging 1default aging 1defined 1learning 1globally scoped 1GLOP 1IP multicast class D 1IPv6 1layer 2 multicast 1limited scope 1MAC, discovering 1multicast 1STP address management 1reserved link-local 1SSM 1staticadding and removing 1adjacency tables, with CEF 1administrative distancesdefined 1OSPF 1aggregatable global unicast addresses 1aggregate-port learners 1aging timeacceleratedfor MSTP 1for STP 1MAC address table 1alternateport 1and ARP 1and CDP 1and IPv6 1and SSH 1applications 1area border routersSee ABRs 1ARPdefined 1encapsulation 1static cache configuration 1tableaddress resolution 1assigning address 1assigning IPv6 addresses to 1attributesvendor-proprietary 1vendor-specific 1attributes, RADIUSvendor-specific 1authenticating toboundary switch 1KDC 1network services 1authentication 1EIGRP 1local mode with AAA 1RADIUSkey 1login 1TACACS+defined 1key 1login 1authentication key 1authentication keys, and routing protocols 1authentication, defined 1authoritative time source, described 1with RADIUS 1authorization, defined 1auto mode 1auto-MDIXconfiguring 1described 1auto-MDIX, configuring 1auto-QoS 1Auto-Qosmonitoring 1Auto-QoSconfiguration migration 1enhanced 1Generated Configuration For Enhanced Video, Trust, and Classify Devices 1Generated configuration for VoIP devices 1Global Configuration 1Auto-RP 1autoconfiguration 1automatic 1automatic QoSSee QoS 1autonegotiationmismatches 1B
BackboneFastdescribed 1enabling 1backupport 1backup interfacesSee Flex Links 1bannersconfiguringlogin 1message-of-the-day login 1default configuration 1Berkeley r-tools replacement 1binding configurationautomatic 1manual 1binding databaseaddress, DHCP serverSee DHCP, Cisco IOS server database 1binding physical and logical interfaces 1binding table 1bindingsaddress, Cisco IOS DHCP server 1IP source guard 1BIP multicast routing 1blockingstate 1bootstrap router 1boundary switch 1BPDU 1contents 1filtering 1RSTP format 1bridge identifier (bridge ID) 1bridge protocol data units 1bridged NetFlow 1bridged packets, ACLs on 1broadcast flooding 1broadcast packetsdirected 1flooded 1broadcast storms 1broadcast traffic 1BSRscandidate 1Budgeting Power: Example command 1C
CA trustpointconfiguring 1defined 1Caching Source-Active State: Example command 1CDPdefined with LLDP 1power negotiation extensions 1CDP with power consumption, described 1CDP with power negotiation, described 1CEFdistributed 1IPv6 1CEFv6 1CGMPenabling server support 1server support only 1changing the default for lines 1channel groupsbinding physical and logical interfaces 1numbering of 1CipherSuites 1Cisco 7960 IP Phone 1Cisco Discovery Protocol (CDP) 1Cisco Express ForwardingSee CEF 1Cisco intelligent power management 1Cisco IOS DHCP serverSee DHCP, Cisco IOS DHCP server 1Cisco IOS IP SLAs 1Cisco IP Phone Data Traffic 1Cisco IP Phone Voice Traffic 1Cisco Networking Services 1CIST regional rootCIST rootSee MSTP 1civic location 1Class D addresses 1class maps for QoSclassification overview 1classless routing 1clearingcaches 1databases 1tables 1clockSee system clock 1CNS 1CoA Request Commands 1collect parameters 1commands, setting privilege levels 1communication, per-server 1compatible mode 1configurable leave timer, IGMP 1Configuration Enginerestrictions 1configuration examples 1Configuration Examples command 1Configuration Examples for Configuring EtherChannels command 1Configuration Examples for Configuring MLD Snooping Queries command 1Configuration Examples for Configuring MSDP command 1Configuration Examples for Configuring PoE command 1Configuration Examples for Configuring SDM Templates command 1Configuration Examples for Setting Passwords and Privilege Levels command 1configuration files 1password recovery disable considerations 1authentication 1authentication key 1communication, per-server 1Layer 2 interfaces 1login authentication 1multiple UDP ports 1on Layer 2 interfaces 1Configuring a Default MDSP Peer: Example command 1Configuring a Multicast Router Port: Example command 1configuring a secure HTTP client 1configuring a secure HTTP server 1Configuring a Static Multicast Group: Example command 1Configuring Default Router Preference: Example command 1Configuring IPv6 Addressing and Enabling IPv6 Routing: Example command 1Configuring IPv6 ICMP Rate Limiting: Example command 1Configuring Layer 2 EtherChannels: Examples command 1Configuring Link-State Tracking: Example 1Configuring MLD Snooping Queries: Example command 1configuring ports for voice traffic in802.1p priority tagged frames 1Configuring RIP for IPv6: Example command 1Configuring SDM templates: Examples: command 1Configuring Static Routing for IPv6: Example command 1Configuring the Switch for Vendor-Proprietary RADIUS Server Communication: Example command 1Configuring the Switch to Use Vendor-Specific RADIUS Attributes: Examples command 1confirming 1Controlling Source Information that Your Switch Forwards: Example command 1Controlling Source Information that Your Switch Originates: Example command 1Controlling Source Information that Your Switch Receives: Example command 1CoSin Layer 2 frames 1override priority 1CoS output queue threshold map for QoS 1credentials 1configuringon Layer 2 interfaces 1described 1illustration 1customer edge devices 1customizeable web pages, web-based authentication 1D
daylight saving time 1debuggingenabling all system diagnostics 1redirecting error message output 1using commands 1auto-QoS 1banners 1DNS 1EtherChannel 1Flex Links 1IGMP 1IGMP filtering 1IGMP throttling 1IPv6 1LLDP 1MAC address table 1MAC address-table move update 1MSTP 1MVR 1password and privilege level 1PIM 1RADIUS 1RSPAN 1SPAN 1SSL 1STP 1TACACS+ 1UDLD 1default Ethernet VLAN configuration 1default gateway 1default networks 1default router preferenceSee DRP 1default router preference (DRP) 1default routes 1default settings 1default VLAN configuration 1default web-based authentication configuration802.1X 1Event Service 1NameSpace Mapper 1defining AAA server groups 1definitionVLAN 1deletionVLAN 1dense mode 1designatedport 1switch 1destination-IP address-based forwarding 1destination-IP address-based forwarding, EtherChannel 1destination-MAC address forwarding 1destination-MAC address forwarding, EtherChannel 1detecting indirect link failures,STP 1deviceroot 1device priorityMSTP 1STP 1DHCPDHCP for IPv6See DHCPv6 1enablingrelay agent 1server 1DHCP for IPv6See DHCPv6 1DHCP option 82displaying 1forwarding address, specifying 1helper address 1overview 1DHCP server port-based address allocationdefault configuration 1enabling 1DHCP snooping 1accepting untrusted packets form edge switch 1option 82 data insertion 1trusted interface 1untrusted messages 1DHCP snooping binding databaseadding bindings 1binding fileformat 1location 1configuration guidelines 1configuring 1described 1enabling 1DHCPv6configuration guidelines 1default configuration 1described 1enabling client function 1enabling DHCPv6 server function 1Differentiated Services (Diff-Serv) architecture 1Differentiated Services Code Point 1Diffusing Update Algorithm (DUAL) 1disabledstate 1disabling 1disabling recovery of 1disclaimer 1Displaying IPv6: Example command 1distribute-list command 1DNSdefault configuration 1in IPv6 1overview 1setting up 1Domain Name SystemSee DNS 1domain names 1DNS 1DRPconfiguring 1described 1IPv6 1DSCP 1DSCP maps 1DSCP-to-CoS map for QoS 1DSCP-to-DSCP-mutation map for QoS 1DUAL finite state machine, EIGRP 1dual-action detection 1DVMRP (Distance Vector Multicast Routing Protocol)See IP multicast routing, DVMRP 1dynamic access portsconfiguring 1dynamic addressesSee addresses 1dynamic mode 1dynamic port membershipdescribed 1reconfirming 1troubleshooting 1dynamic port VLAN membershipdescribed 1troubleshooting 1types of connections 1dynamic VLAN assignments 1E
egress expedite queue 1EIGRPauthentication 1components 1definition 1interface parameters, configuring 1monitoring 1stub routing 1EIGRP IPv6 1EIGRP IPv6 Commands 1ELIN location 1enable password 1enable secret 1enable secret password 1enabling all system diagnostics 1Enabling an HSRP Group for IPv6: Example command 1enabling and disabling 1enabling client function 1Enabling DHCPv6 Client Function: Example command 1enabling DHCPv6 server function 1Enabling DHCPv6 Server Function: Example command 1Enabling MLD Immediate Leave: Example command 1encrypting 1encryption for passwords 1encryption methods 1encryption, CipherSuite 1Enhanced IGRPSee EIGRP 1Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 1EIGRP IPv6 Commands 1Router ID 1entering server address 1channel groupsbinding physical and logical interfaces 1numbering of 1configuration guidelines 1configuringLayer 2 interfaces 1default configuration 1IEEE 802.3ad, described 1interactionwith STP 1LACPhot-standby ports 1interaction with other features 1min links 1modes 1port priority 1system priority 1Layer 3 interface 1logical interfaces, described 1PAgPabout aggregate-port learners 1about learn method and priority 1aggregate-port learners 1described 1interaction with other features 1interaction with virtual switches 1learn method and priority configuration 1modes 1with dual-action detection 1port-channel interfacesnumbering of 1EtherChannel failover 1EtherChannel guarddescribed 1enabling 1EtherChannel | interactionwith VLANs 1Ethernet VLAN 1EUI 1Event Service 1exampleACLs 1class maps 1classifying, policing, marking traffic on physical ports 1configuring egress queue 1configuring port to DSCP-trusted state 1modifying DSCP-DSCP mutation map 1Example for Configuring Auto-MDIX command 1Example for Performing a Traceroute to an IP Host command 1Example for Pinging an IP Host command 1Example of Configuring NVRAM Buffer Size command 1Examples for Configuring the System MTU command 1Examples for controlling switch access with RADIUS 1exiting 1expedite queueegress queuesSRR weights 1guidelines 1expedite queue for QoS 1extended system IDMSTP 1extended universal identifierSee EUI 1extended-range VLAN 1extended-range VLAN configuration guidelines 1F
fallback bridgingSTPkeepalive messages 1VLAN-bridge STP 1false RPs 1feature limitations 1features not supported 1fiber-optic, detecting unidirectional links 1filteringnon-IP traffic 1filters, IPSee ACLs, IP [filtersIPflash memory 1Flex Linksconfiguring VLAN load balancing 1default configuration 1description 1link load balancing 1monitoring 1preemption scheme 1preferred VLAN example 1switchport backup exampleforced preemption mode example 1VLAN load balancing examples 1Flex Links failover 1flow exporter 1flow monitor 1forward-delay timeMSTP 1STP 1forwarding 1state 1G
general query 1Generating IGMP Reports 1global leave, IGMP 1globally scoped addresses 1GLOP addresses 1guidelines 1H
hello timeMSTP 1STP 1high-power devices operating in low-power mode 1host signalling 1hosts, limit on dynamic ports 1hot-standby ports 1HSRP for IPv6configuring 1guidelines 1HTTP secure server 1HTTP(S) Over IPv6 1HTTPSconfiguring 1described 1self-signed certificate 1I
ICMP 1IPv6 1time-exceeded messages 1traceroute and 1unreachable messages 1unreachables and ACLs 1ICMP Echo operationconfiguring 1IP SLAs 1ICMP pingexecuting 1overview 1ICMP Router Discovery ProtocolSee IRDP 1ICMPv6 1Identifying the RADIUS Server Host: Examples command 1IEEE 802.1Qprotocol 1IEEE 802.1Q tagging 1IEEE 802.1Q tunneling 1IEEE 802.1Q Tunnelingdefault 1IEEE 802.1sSee MSTP 1IEEE 802.3ad, described 1IEEE power classification levels 1IGMP 1configurable leave timerdescribed 1enabling 1configuring the switchas a member of a group 1statically connected member 1default configuration 1flooded multicast trafficcontrolling the length of time 1disabling on an interface 1global leave 1recovering from flood mode 1host-query interval, modifying 1join messages 1join process 1leave process 1leave processing, enabling 1leaving multicast group 1maximum query response time value 1multicast addresses 1multicast reachability 1pruning groups 1queries 1query timeoutquery timeout 1report suppressiondescribed 1role 1snooping 1Version 1 1Version 2 1Version 3 1version differences 1IGMP filteringdefault configuration 1described 1IGMP groupsconfiguring filtering 1setting the maximum number 1IGMP helper 1IGMP Immediate Leave 1enabling 1IGMP profileapplying 1configuration mode 1IGMP report suppression 1and address aliasing 1definition 1global configuration 1Immediate Leave 1monitoring 1querierconfiguration guidelines 1configuring 1VLAN configuration 1IGMP throttlingconfiguring 1default configuration 1described 1displaying action 1IGMP Throttling Actionconfiguration guidelines 1IGMP version 1IGMPv3 1Immediate Leave, IGMPdescribed 1enabling 1in IPv6 1Inter-Switch LinkSee ISL 1inter-VLAN routing 1interaction with virtual switches 1interface 1interface configuration 1interfacesauto-MDIX, configuring 1Interior Gateway ProtocolSee IGP 1Internet Protocol version 6See IPv6 1Intrusion Detection SystemSee IDS appliances 1inventory management TLV 1IPPIMSee IP multicast routing, PIM 1IP ACLsfor QoS classification 1named 1IP addresses128-bit 1classes of 1discovering 1for IP routing 1IPv6 1monitoring 1IP addresses and subnets 1IP broadcast address 1IP directed broadcasts 1IP multicastdelivery modesany source multicast 1group addressing 1role in information delivery 1IP multicast routingDVMRPdefinition 1enablingPIM mode 1IGMPpurpose 1MBONE 1described 1SAP packets for conference session announcement 1PIMv1 and PIMv2 interoperability 1RPconfiguring PIMv2 BSR 1monitoring mapping information 1statistics, displaying system and network 1IP phonesautomatic classification and queueing 1IP precedence 1IP routingenabling 1IP SLAconfiguration guidelines 1monitoring 1responderdescribed 1enabling 1threshold monitoring 1IP SLAsbenefits 1configuration 1ICMP echo operation 1measuring network performance 1multi-operations scheduling 1response time 1SNMP support 1supported metrics 1802.1x 1binding configurationautomatic 1manual 1binding table 1configuration guidelines 1described 1DHCP snooping 1EtherChannels 1port security 1routed ports 1static bindingsstatic hosts 1TCAM entries 1trunk interfaces 1VRF 1IP tracerouteexecuting 1overview 1IP unicast routingadministrative distances 1authentication keys 1broadcastaddress 1flooding 1packets 1storms 1classless routing 1configuring static routes 1defaultgateways 1networks 1routes 1directed broadcasts 1enabling 1EtherChannel Layer 3 interface 1inter-VLAN 1IP addressingclasses 1configuring 1IPv6 1IRDP 1Layer 3 interfaces 1MAC address and IP address 1passive interfaces 1proxy ARP 1redistribution 1routed ports 1steps to configure 1subnet mask 1subnet zero 1unicast reverse path forwarding 1with SVIs 1IPv4 ACLsapplying to interfaces 1extended, creating 1interfaces 1named 1standard, creating 1address formats 1addresses 1applications 1assigning address 1autoconfiguration 1CEFv6 1default configuration 1default router preference (DRP) 1defined 1Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 1EIGRP IPv6 Commands 1Router ID 1feature limitations 1features not supported 1forwarding 1ICMP 1neighbor discovery 1OSPF 1path MTU discovery 1SDM templates 1Stateless Autoconfiguration 1supported features 1switch limitations 1understanding static routes 1IRDPconfiguring 1definition 1ISLand IPv6 1J
join messages, IGMP 1K
described 1See also Kerberos<$nopage>[KDCzzz] 1keepalive messages 1Kerberosauthenticating toboundary switch 1KDC 1network services 1configuration examples 1configuring 1credentials 1described 1KDC 1operation 1realm 1server 1switch as trusted third party 1terms 1TGT 1tickets 1key distribution centerSee KDC<$nopage> 1L
hot-standby ports 1interaction with other features 1min links 1modes 1port priority 1system priority 1Layer 2protocol 1Layer 2 EtherChannel configuration guidelines 1Layer 2 interface modes 1Layer 2 interfaces 1Layer 2 NetFlow 1default 1Layer 2 tracerouteand ARP 1and CDP 1broadcast traffic 1described 1IP addresses and subnets 1MAC addresses and VLANs 1multicast traffic 1multiple devices on a port 1unicast traffic 1usage guidelines 1Layer 2 TunnelingEtherChannels 1Layer 3 interfacesassigning IPv6 addresses to 1changing from Layer 2 mode 1types of 1Layer 3 packets, classification methods 1Leaking IGMP Reports 1learn method and priority configuration 1leave processing, enabling 1license ap-count activation 1license base image activation 1limited scope addresses 1Link Failure, detecting unidirectional 1link local unicast addresses 1link redundancySee Flex Links 1link-state trackingdescription 1listeningstate 1LLDPconfiguringdefault configuration 1enabling 1overview 1switch stack considerations 1transmission timer and holdtime, setting 1LLDP-MEDconfiguringTLVs 1overview 1supported TLVs 1load balancing advantages 1trunk ports 1local mode with AAA 1local SPAN 1location TLV 1logging into 1logging messages, ACL 1logical interfaces, described 1login authentication 1with RADIUS 1with TACACS+ 1login banners 1M
MAC address-table move updateconfiguration guidelines 1configuring 1default configuration 1description 1obtain and process messages 1MAC addressesaging time 1and VLAN association 1building the address table 1default configuration 1discovering 1dynamiclearning 1IP address association 1staticcharacteristics of 1MAC addresses and VLANs 1MAC extended access listsMAC/PHY configuration status TLV 1management address TLV 1manual 1mapping tabledefault configuration 1mapping tables for QoSconfiguringDSCP 1DSCP-to-CoS 1DSCP-to-DSCP-mutation 1policed-DSCP 1described 1mapping VLANs 1markingaction in policy map 1matchdatalink 1flow 1interface 1ipv4 1ipv6 1transport 1match parameters 1maximum aging timeMSTP 1STP 1maximum hop count, MSTP 1maximum-paths command 1MBONE 1MBONE (multicast backbone) 1memory allocation 1messages, to users through banners 1metric translations, between routing protocols 1min links 1mirroring traffic for analysis 1mismatches 1mismatches, autonegotiation 1MLD Messages 1MLD Queries 1MLD Reports 1MLD Snooping 1MLDv1 Done message 1access groups 1BSR information 1CEF 1EIGRP 1Flex Links 1IGMP 1snooping 1IPaddress tables 1multicast routing 1IP SLA operations 1IPv4 ACL configuration 1multicast router interfaces 1network traffic for analysis with probe 1OSPF 1private VLAN 1RP mapping information 1SFP status 1SSM mapping 1tunneling status 1voice VLAN 1VTP 1monitoring power 1monitoring private VLANs 1monitoring status of 1mrouter Port 1MST mode 1MSTPboundary portsconfiguration guidelines 1described 1BPDU filteringdescribed 1enabling 1BPDU guarddescribed 1enabling 1CIST root 1CIST, described 1configuration guidelines 1configuringdevice priority 1forward-delay time 1hello time 1link type for rapid convergence 1maximum aging time 1maximum hop count 1MST region 1neighbor type 1path cost 1port priority 1root device 1secondary root device 1CSToperations between regions 1default configuration 1displaying status 1enabling the mode 1EtherChannel guarddescribed 1enabling 1extended system IDeffects on root device 1effects on secondary root device 1unexpected behavior 1IEEE 802.1simplementation 1port role naming change 1terminology 1instances supported 1interface state, blocking to forwarding 1interoperability with IEEE 802.1Ddescribed 1restarting migration process 1ISToperations within a region 1loop guarddescribed 1enabling 1mapping VLANs to MST instance 1MST regionCIST 1configuring 1described 1hop-count mechanism 1IST 1supported spanning-tree instances 1PortFastdescribed 1enabling 1preventing root switch selection 1root deviceconfiguring 1effects of extended system ID 1unexpected behavior 1root guarddescribed 1enabling 1shutdown Port Fast-enabled port 1status, displaying 1MTUsystem 1multi-operations scheduling, IP SLAs 1multi-VRF CEnetwork components 1packet-forwarding process 1Multicast Client Aging Robustness 1multicast forwarding 1multicast group transmission scheme 1multicast groupsjoining 1leaving 1multicast multimedia sessions, advertising 1multicast packetsACLs on 1Multicast Pingsconfiguring routers 1pinging routers 1Multicast Router Discovery 1multicast router interfaces, monitoring 1multicast router ports, adding 1multicast television application 1multicast traffic 1multiple devices on a port 1multiple UDP ports 1multiple VPN routing/forwarding in customer edge devicesMVRdefault configuration 1described 1MVR interfaces 1MVR parameters 1N
NameSpace Mapper 1native VLAN 1Native VLANs 1neighbor discovery 1neighbor discovery, IPv6 1neighbor discovery/recovery, EIGRP 1Network Load SharingSTP path cost 1STP priorities 1network performance, measuring with IP SLAs 1network policy TLV 1network services 1non-IP traffic filtering 1nonhierarchical policy mapsconfiguring 1normal-rangeVLAN configuration guidelines 1NTPassociationsdefined 1overview 1numbering of 1O
OBFLconfiguring 1described 1displaying 1on Layer 2 interfaces 1on-board failure logging 1online diagnosticsdescribed 1overview 1operation 1OSPF 1area parameters, configuring 1configuring 1default configurationmetrics 1route 1for IPv6 1LSA group pacing 1monitoring 1route summarization 1router IDs 1virtual links 1P
packet modification, with QoS 1PaGP 1PAgP 1aggregate-port learners 1described 1interaction with other features 1interaction with virtual switches 1learn method and priority configuration 1modes 1with dual-action detection 1parallel paths, in routing tables 1passive interfacesconfiguring 1OSPF 1password 1password and privilege level 1password recovery disable considerations 1passwordsdefault configuration 1disabling recovery of 1encrypting 1overview 1recovery of 1settingenable 1enable secret 1Telnet 1with usernames 1path cost 1MSTP 1STP 1path MTU discovery 1PBRdefined 1fast-switched policy-based routing 1local policy-based routing 1persistent self-signed certificate 1PIMdefault configuration 1enabling a mode 1monitoring 1router-query message interval, modifying 1shortest path tree, delaying the use of 1versionsinteroperability 1troubleshooting interoperability problems 1v2 improvements 1PIM dense mode 1PIM shared tree 1PIM source tree 1PIM-SSM 1pingcharacter output description 1executing 1overview 1PoEauto mode 1CDP with power consumption, described 1CDP with power negotiation, described 1Cisco intelligent power management 1high-power devices operating in low-power mode 1IEEE power classification levels 1monitoring 1monitoring power 1policing power consumption 1policing power usage 1power management modes 1power negotiation extensions to CDP 1powered-device detection and initial power allocation 1standards supported 1static mode 1PoE ports 1policed-DSCP map for QoS 1policersconfiguringfor more than one traffic class 1types of 1policingtoken-bucket algorithm 1policing power consumption 1policing power usage 1policy maps for QoSnonhierarchical on physical portsconfiguring 1policy-based routingSee PBR 1portpriority 1root 1port ACLsdefined 1types of 1port description TLV 1port priority 1MSTP 1STP 1port security 1port VLAN ID TLV 1port-based authenticationconfiguration guidelines 1configuringRADIUS server 1RADIUS server parameters on the switch 1default configuration 1device roles 1displaying statistics 1enabling802.1X authentication 1switchas proxy 1port-channel interfacesnumbering of 1portscommunity 1isolated 1promiscuous 1power management modes 1power management TLV 1power negotiation extensions 1power negotiation extensions to CDP 1powered-device detection and initial power allocation 1preemption delay, default configuration 1preemption, default configuration 1auto-QoS 1CGMP 1IGMP snooping 1QoS 1SSM 1tunneling 1VLAN trunks 1VMPS 1preventing unauthorized access 1primary VLAN configuration 1prioritization 1priorityoverriding CoS 1private VLAN 1configuring Layer 2 interface 1configuring promiscuous port 1mapping secondary VLANs 1port configuration 1private VLAN domains 1private VLANsbroadcast 1multicast 1multiple switches 1unicast 1private-VLANconfiguring 1privilege levelschanging the default for lines 1exiting 1logging into 1overview 1setting a command with 1Protecting Enable and Enable Secret Passwords with Encryption: Example command 1Protocol Independent Multicast 1protocol-dependent modules, EIGRP 1provider edge devices 1proxy ARPdefinition 1with IP routing disabled 1proxy reports 1pruning-eligible list 1PVST mode 1PVST+described 1IEEE 802.1Q trunking interoperability 1instances supported 1Q
QoSauto-QoScategorizing traffic 1configuration guidelines 1described 1disabling 1effects on running configuration 1basic model 1class mapsclassificationforwarding treatment 1IP ACLs, described 1options for IP traffic 1trusted CoS, described 1configuration guidelinesauto-QoS 1configuringauto-QoS 1DSCP maps 1egress queue characteristics 1IP standard ACLs 1policy maps on physical ports 1default auto configuration 1default configuration 1egress queuesconfiguring shaped weights for SRR 1configuring shared weights for SRR 1displaying the threshold map 1mapping DSCP or CoS values 1WTD, described 1enabling globally 1implicit deny 1IP phonesautomatic classification and queueing 1detection and trusted settings 1limiting bandwidth on egress interface 1mapping tablesDSCP-CoS 1DSCP-to-CoS 1DSCP-to-DSCP-mutation 1policed-DSCP 1types of 1marked-down actions 1marking, described 1packet modification 1policersconfiguring 1types of 1policingtoken bucket algorithm 1policing, described 1QoSclassificationqueuesconfiguring egress characteristics 1location of 1SRR, described 1WTD, described 1rewrites 1QoS policy 1queries, IGMP 1queueing 1R
attributesvendor-specific 1configuringaccounting 1authentication 1authorization 1communication, per-server 1multiple UDP ports 1default configuration 1defining AAA server groups 1identifying the server 1key 1limiting the services to the user 1login 1operation of 1overview 1suggested network environments 1tracking services accessed by user 1RADIUS Change of Authorization 1rapid convergence 1Rapid Spanning Tree ProtocolSee RSTP 1realm 1reconfirmation interval, changing 1reconfirmation interval, VMPS, changing 1reconfirming dynamic VLAN membership 1reconfirming membership 1recovery of 1redirecting error message output 1redundancyEtherChannel 1STPbackbone 1reference 1referencesauto-QoS 1reliable transport protocol, EIGRP 1Remote Authentication Dial-In User ServiceSee RADIUS 1remote SPAN 1rendezvous point 1report suppressiondisabling 1report suppression, IGMPdescribed 1Requesting Source Information from an MSDP Peer: Example command 1reserved link-local addresses 1responder, IP SLAdescribed 1enabling 1response time, measuring with IP SLAs 1restricting accessoverview 1RADIUS 1TACACS+ 1CGMP 1Configuration Engine 1IGMP 1IGMP snooping 1MSTP 1Optional Spanning-Tree Features 1private VLAN 1SSM 1STP 1voice VLANs 1VTP 1retry count, changing 1retry count, VMPS, changing 1Reverse Address Resolution ProtocolSee RARP 1RFC1058, RIP 11112, IP multicast and IGMP 11305, NTP 11587, NSSAs 1RFC 5176 Compliance 1Right-To-UseAP-count activation 1base image activation 1evaluation license 1image based licenses 1license overview 1license states 1permanent license 1restrictions 1RIPauthentication 1configuring 1described 1for IPv6 1hop counts 1split horizon 1summary addresses 1roleport 1rootport 1root deviceMSTP 1STP 1route calculation timers, OSPF 1route mapspolicy-based routing 1route summarization, OSPF 1route targets, VPN 1route-map command 1routed packets, ACLs on 1routed ports 1configuring 1IP addresses on 1router ACLsdefined 1types of 1Router ID 1router ID, OSPF 1routingredistribution of information 1RP 1sparse-mode cloud 1RP announcement messages 1RPF 1RPF check fails (figure) 1RPF check succeeds (figure) 1RPscandidate 1RSPAN 1characteristics 1configuration guidelines 1default configuration 1destination ports 1in a device stack 1interaction with other features 1monitored ports 1monitoring ports 1overview 1received traffic 1session limits 1sessionscreating 1defined 1limiting source traffic to specific VLANs 1specifying monitored ports 1with ingress traffic enabled 1source ports 1transmitted traffic 1VLAN-based 1RSTPactive topology 1BPDUformat 1processing 1designated port, defined 1designated switch, defined 1interoperability with IEEE 802.1Ddescribed 1restarting migration process 1topology changes 1overview 1port rolesdescribed 1synchronized 1rapid convergencecross-stack rapid convergence 1described 1edge ports and Port Fast 1root ports 1root port, defined 1RTCbenefits 1defined 1S
sampler 1SAP listener 1scheduling 1SCPand SSH 1configuring 1SDMtemplatesconfiguring 1SDM templates 1sdr 1secondary VLAN configuration 1secondary VLANs 1secure HTTP clientconfiguring 1displaying 1secure HTTP serverconfiguring 1displaying 1Secure Shell 1security and identification 1See also IP traceroute 1See also Kerberos<$nopage>[KDCzzz] 1See DHCPv6 1See DRP 1See EUI 1see HTTPS 1See IPv6 1See KDC<$nopage> 1See RADIUS 1See SCP 1See TACACS+<$nopage> 1self-signed certificate 1server 1service-provider network, MSTP and RSTP 1servicesnetworking 1settingenable 1enable secret 1Telnet 1with usernames 1setting a command with 1setting a password 1Setting a Telnet Password for a Terminal Line: Example command 1Setting or Changing a Static Enable Password: Example command 1setting packet forwarding 1Setting the Privilege Level for a Command: Example command 1SFP security and identification 1SFP status 1SFPsmonitoring status of 1security and identification 1status, displaying 1shaped mode 1shared mode 1shared tree 1advantage 1show access-lists hw-summary command 1show forward command 1show interfaces switchport 1show platform forward command 1Simple Network Management Protocol (SNMP) 1single-switch EtherChannel 1SNMPand IP SLAs 1trapsSNMP and Syslog Over IPv6 1snooping 1source specific multicast 1source treeadvantage 1source-and-destination MAC address forwarding, EtherChannel 1source-and-destination-IP address based forwarding, EtherChannel 1source-IP address based forwarding, EtherChannel 1source-IP address-based forwarding 1source-MAC address forwarding 1source-MAC address forwarding, EtherChannel 1SPANconfiguration guidelines 1default configuration 1destination ports 1interaction with other features 1monitored ports 1monitoring ports 1overview 1received traffic 1session limits 1sessionsdefined 1limiting source traffic to specific VLANs 1removing destination (monitoring) ports 1with ingress traffic enabled 1source ports 1transmitted traffic 1VLAN-based 1SPAN traffic 1Spanning Treestates 1spanning-treeport priority 1sparse mode 1with static RP 1sparse-dense mode 1split horizon, RIP 1SRRdescribed 1shaped mode 1shared mode 1SSH 1encryption methods 1user authentication methods, supported 1SSH server 1SSL 1configuration guidelines 1configuring a secure HTTP client 1configuring a secure HTTP server 1monitoring 1SSMaddresses 1configuring 1IGMPv3 host signalling 1overview 1SSM (Source Specific Multicast)differences from ISM 1operations 1SSM mapping 1DNS-based SSM mapping 1monitoring 1overview 1static SSM mapping 1static traffic forwarding 1SSM Mappingverifying configuration and operation 1SSM, ISM and IGMPv3 1stack changes, effects oncross-stack EtherChannel 1stacks,MSTP instances supported 1STPbridge ID 1switch 1stacks, switchsystem prompt consideration 1standards supported 1Stateless Autoconfiguration 1static addressesSee addresses 1static bindingsstatic hosts 1static joins 1static mode 1static routesconfiguring 1understanding 1static-access ports 1statistics802.1X 1interface 1IP multicast routing 1OSPF 1status, displaying 1STPaccelerating root port selection 1BackboneFastdescribed 1enabling 1BPDU message exchange 1configuringdevice priority 1forward-delay time 1hello time 1maximum aging time 1path cost 1port priority 1root device 1secondary root device 1spanning-tree mode 1transmit hold-count 1default configuration 1designated ,definedswitch 1designated port,defined 1detecting indirect link failures 1disabling 1displaying status 1EtherChannel guarddescribed 1enabling 1extended system IDeffects on root device 1effects on the secondary root device 1overview 1unexpected behavior 1IEEE 802.1D and bridge ID 1IEEE 802.1D and multicast addresses 1IEEE 802.1t and VLAN identifier 1instances supported 1interface states 1blocking 1disabled 1learning 1listening 1keepalive messages 1limitations with IEEE 802.1Q trunks 1modes supported 1overview 1protocols supported 1redundant connectivity 1rootelection 1unexpected behavior 1root deviceconfiguring 1root port, defined 1status, displaying 1UplinkFastdescribed 1disabling 1enabling 1VLAN-bridge 1STP path cost 1STP port priorities 1stratum, NTP 1stub routing, EIGRP 1subnet mask 1subnet zero 1Subnetwork Access Protocol (SNAP) 1suggested network environments 1summer time 1supported features 1SVIsand IP unicast routing 1and router ACLs 1Switch Accessdisplaying 1switch as trusted third party 1switch limitations 1switch stack 1switched packets, ACLs on 1switchport backup interface 1system 1system capabilities TLV 1system clock 1configuringdaylight saving time 1manually 1summer time 1time zones 1overview 1system description TLV 1System MTU 1system name 1default configuration 1manual configuration 1system name TLV 1system priority 1system prompt, default setting 1T
accounting, defined 1authentication, defined 1authorization, defined 1configuringaccounting 1authentication key 1authorization 1login authentication 1default configuration 1defined 1displaying 1identifying the server 1key 1limiting the services to the user 1login 1operation of 1overview 1tracking services accessed by user 1TCAM entries 1Telnet 1setting a password 1templatesconfiguring 1temporary self-signed certificate 1Terminal Access Controller Access Control System PlusSee TACACS+<$nopage> 1terminal lines, setting a password 1terms 1TGT 1threshold monitoring, IP SLA 1tickets 1timeSee NTP and system clock 1time zones 1time-exceeded messages 1time-range command 1TLVsdefined 1Token Rings 1Topology Change Notification Processing 1traceroute and 1traceroute commandSee also IP traceroute 1traceroute, Layer 2and ARP 1and CDP 1broadcast traffic 1described 1IP addresses and subnets 1MAC addresses and VLANs 1multicast traffic 1multiple devices on a port 1unicast traffic 1usage guidelines 1traffictrapstroubleshooting 1auto-QoS 1PIMv1 and PIMv2 interoperability problems 1setting packet forwarding 1SFP security and identification 1show forward command 1with debug commands 1with ping 1with traceroute 1Troubleshooting Examples command 1trunk 1configuration 1trunk failover 1trunk interfaces 1trunk port 1trunking 1trunking modes 1trunksallowed VLANs 1trusted port statesclassification options 1trustpoints, CA 1twisted-pair, detecting unidirectional links 1types of connections 1U
UDLDaggressive modemessage time 1default configuration 1disablingper interface 1enablingglobally 1per interface 1fiber-optic links 1neighbor database 1neighbor database maintenance 1normal 1normal mode 1overview 1restrictions 1twisted-pair links 1UDP jitter, configuring 1understanding 1understanding static routes 1unicast MAC address filteringconfiguration 1unicast traffic 1UplinkFastdescribed 1disabling 1enabling 1usage guidelines 1user authentication methods, supported 1User Datagram Protocolusername-based authentication 1using commands 1V
vendor-proprietary 1vendor-specific 1Verifying multicast operationslast hop router 1Virtual Private Networkvirtual switches and PAgP 1VLANdefinition 1VLAN ACLsSee VLAN maps 1VLAN filtering and SPAN 1VLAN ID, discovering 1VLAN load balancing on Flex Linksconfiguration guidelines 1described 1VLAN map entries, order of 1VLAN mapsapplying 1common uses for 1configuration guidelines 1configuring 1creating 1defined 1denying access to a server example 1VLAN membershipconfirming 1VLAN monitoring commands 1VLAN port membership modes 1VLANsaging dynamic addresses 1limiting source traffic with RSPAN 1limiting source traffic with SPAN 1STP and IEEE 802.1Q trunks 1VLAN-bridge STP 1VMPS 1dynamic port membershipdescribed 1reconfirming 1troubleshooting 1entering server address 1reconfirmation interval, changing 1reconfirming membership 1retry count, changing 1VMPS client configurationdefault 1VMPS Configuration Example command 1voice VLANconfiguration guidelines 1configuring IP phones for data trafficoverride CoS of incoming frame 1VoIP device specifics 1VPNforwarding 1VRF 1VRF-aware servicesHSRP 1RADIUS 1SNMP 1syslog 1traceroute 1uRPF 1VTP 1configuration requirements 1version 1VTP advertisements 1VTP mode 1VTP modes 1VTP password 1VTP primary 1VTP settings 1VTP version 1VTP version 2 1VTP version 3 1W
web-based authenticationcustomizeable web pages 1description 1web-based authentication, interactions with other features 1wired location serviceconfiguring 1location TLV 1understanding 1with debug commands 1with dual-action detection 1with ping 1with STP 1with traceroute 1with usernames 1WTDsetting thresholdsegress queue-sets 1Z
zzz] 1