- Preface
- Using the Command-Line Interface
-
- Configuring Spanning Tree Protocol
- Configuring Multiple Spanning-Tree Protocol
- Configuring Optional Spanning-Tree Features
- Configuring EtherChannels
- Configuring Link-State Tracking
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring UniDirectional Link Detection
- Configuring Resilient Ethernet Protocol
-
- Security Features Overview
- Preventing Unauthorized Access
- Controlling Switch Access with Passwords and Privilege Levels
- Configuring TACACS+
- Configuring RADIUS
- Configuring Kerberos
- Configuring Local Authentication and Authorization
- Configuring Secure Shell (SSH)
- Configuring Secure Socket Layer HTTP
- Configuring IPv4 ACLs
- Configuring IPv6 ACLs
- Configuring DHCP
- Configuring IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Port-Based Traffic Control
- Configuring IPv6 First Hop Security
- Configuring Cisco TrustSec
- Configuring FIPS
- Index
Contents
1 - 8 - < - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z -Index
1
128-bit 18
802.1x 1<
<$nopage>HTTP over SSL
see HTTPS 1
<$nopage>IEEE 802.3ad
See EtherChannel 1
<$nopage>PAgP
See EtherChannel 1
<$nopage>Port Aggregation Protocol
See EtherChannel 1
<$nopage>Secure Copy Protocol 1A
ABRs 1
access control entries
See ACEs 1
access groups
Layer 3 1
access groups, applying IPv4 ACLs to interfaces 1
access lists
See ACLs 1
accounting 1 2
with RADIUS 1
with TACACS+ 1 2
accounting, defined 1
ACEs
Ethernet 1
IP 1
ACL
ACL
IPv4 1
IP extended 1
IP standard 1
IPv4 1
IPv6 1
Layer 2 MAC 1
ACLs 1
applying
on bridged packets 1
on multicast packets 1
on routed packets 1
on switched packets 1
time ranges to 1
to an interface 1
to QoS 1
classifying traffic for QoS 1
comments in 1
compiling 1
defined 1
examples of 1 2
extended IPv4
creating 1
matching criteria 1
guidelines 1
interface 1
IP
fragments and QoS guidelines 1
implicit deny 1
implicit masks 1
matching criteria 1
undefined 1
IPv4
applying to interfaces 1
creating 1
interfaces 1
matching criteria 1
numbers 1
terminal lines, setting on 1
unsupported features 1
Layer 4 information in 1
logging messages 1
matching 1
monitoring 1
number per QoS class map 1
port 1
precedence of 1
QoS 1 2
router 1
router ACLs and VLAN map configuration guidelines 1
standard IPv4
creating 1
matching criteria 1
support in hardware 1
time ranges to 1
types supported 1
unsupported features
IPv4 1
using router ACLs with VLAN maps 1
VLAN maps
configuration guidelines 1
configuring 1
active link 1 2 3
active links 1
adding 1 2
address formats 1
Address Resolution Protocol
See ARP 1
addresses 1
dynamic
accelerated aging 1
default aging 1
IPv6 1
multicast
STP address management 1
adjacency tables, with CEF 1
administrative distances
defined 1
OSPF 1
aggregatable global unicast addresses 1
aggregate policers 1 2 3
aggregate-port learners 1
aging time
accelerated
for MSTP 1
for STP 1
alternate
port 1
and ARP 1
and CDP 1
and IPv6 1
and routing 1
and routing protocols 1
and SSH 1
and switch stacks 1
applications 1
area border routers
See ABRs 1
ARP
encapsulation 1
static cache configuration 1
assigning address 1
assigning information
member number 1
priority value 1
provisioning a new member 1
assigning IPv6 addresses to 1
attributes
vendor-proprietary 1
vendor-specific 1
attributes, RADIUS
vendor-proprietary 1 2
vendor-specific 1
authenticating to
boundary switch 1
KDC 1
network services 1
authentication 1
local mode with AAA 1
RADIUS
key 1
login 1
TACACS+
defined 1
key 1
login 1
authentication key 1
authentication keys, and routing protocols 1
authentication, defined 1
authorization 1 2
with RADIUS 1
with TACACS+ 1 2
authorization, defined 1
auto-advise 1
auto-copy 1
auto-extract 1
auto-QoS 1
Auto-Qos
monitoring 1
Auto-QoS
Generated Configuration For Enhanced Video, Trust, and Classify Devices 1
Global Configuration 1
auto-upgrade 1
autoconfiguration 1
automatic 1
automatic advise (auto-advise) in switch stacks 1
automatic copy (auto-copy) in switch stacks 1
automatic creation of 1 2
automatic extraction (auto-extract) in switch stacks 1
automatic QoS
See QoS 1
automatic upgrades (auto-upgrade) in switch stacks 1
automatic upgrades with auto-upgrade 1
autonegotiation
mismatches 1B
backup
port 1
backup interfaces
See Flex Links 1
Berkeley r-tools replacement 1
binding configuration
automatic 1
manual 1
binding database
address, DHCP server
See DHCP, Cisco IOS server database 1
binding physical and logical interfaces 1
binding table 1
bindings
address, Cisco IOS DHCP server 1
IP source guard 1
blocking
state 1
boundary switch 1
BPDU 1
contents 1
RSTP format 1
bridge identifier (bridge ID) 1
bridge protocol data units 1
bridged packets, ACLs on 1
broadcast flooding 1
broadcast packets
directed 1
flooded 1
broadcast storms 1
broadcast traffic 1
buffer allocation 1 2C
CA trustpoint
configuring 1
defined 1
CDP
and trusted boundary 1
defined with LLDP 1
CEF
distributed 1
changing the default for lines 1
channel groups
binding physical and logical interfaces 1
numbering of 1
CipherSuites 1
Cisco 7960 IP Phone 1
Cisco Discovery Protocol (CDP) 1
Cisco Express Forwarding
See CEF 1
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server 1
Cisco IP Phone Data Traffic 1
Cisco IP Phone Voice Traffic 1
Cisco Networking Services 1
CIST regional root
See MSTP 1 2
CIST root
See MSTP 1
civic location 1
class maps for QoS
configuring 1 2
classification overview 1
classless routing 1
CNS 1
CoA Request Commands 1
commands, setting privilege levels 1
communication, global 1 2
communication, per-server 1
Configuration Engine
restrictions 1
configuration examples 1
Configuration Examples command 1
Configuration Examples for Configuring EtherChannels command 1
Configuration Examples for Configuring MLD Snooping Queries command 1
Configuration Examples for Configuring SDM Templates command 1
Configuration Examples for Setting Passwords and Privilege Levels command 1
configuration files
password recovery disable considerations 1
configuration guidelines 1 2
configuring 1 2 3 4 5 6 7 8
accounting 1 2
authentication 1
authentication key 1
authorization 1 2
communication, global 1 2
communication, per-server 1
Layer 2 interfaces 1
Layer 3 physical interfaces 1
Layer 3 port-channel logical interfaces 1
login authentication 1
member number 1
multiple UDP ports 1
on Layer 2 interfaces 1
on Layer 3 physical interfaces 1
priority value 1
Configuring a Multicast Router Port: Example command 1
configuring a secure HTTP client 1
configuring a secure HTTP server 1
Configuring a Static Multicast Group: Example command 1
Configuring EtherChannel Physical Interfaces: Examples command 1
Configuring IPv6 Addressing and Enabling IPv6 Routing: Example command 1
Configuring IPv6 ICMP Rate Limiting: Example command 1
Configuring Layer 2 EtherChannels: Examples command 1
Configuring Link-State Tracking: Example 1
Configuring MLD Snooping Queries: Example command 1
Configuring Port-Channel Logical Interfaces: Example command 1
Configuring SDM templates: Examples: command 1
Configuring Static Routing for IPv6: Example command 1
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication: Example command 1
Configuring the Switch to Use Vendor-Specific RADIUS Attributes: Examples command 1
Configuring VACL Logging 1
confirming 1
CoS
in Layer 2 frames 1
override priority 1
CoS output queue threshold map for QoS 1
CoS-to-DSCP map for QoS 1 2
credentials 1
cross-stack EtherChannel 1 2
configuring
on Layer 2 interfaces 1
on Layer 3 physical interfaces 1
described 1
illustration 1
customizeable web pages, web-based authentication 1D
debugging
enabling all system diagnostics 1
redirecting error message output 1
using commands 1
default configuration 1 2 3 4 5 6 7 8
auto-QoS 1
EtherChannel 1
Flex Links 1
IGMP snooping 1 2
IPv6 1
LLDP 1
MAC address-table move update 1
MSTP 1
password and privilege level 1
RADIUS 1
RSPAN 1
SPAN 1
SSL 1
STP 1
TACACS+ 1
UDLD 1
default gateway 1
Default Layer 2 Ethernet Interface VLAN Configuration 1
default networks 1
default private VLAN configuration 1
default routes 1
default routing 1
default setting 1
default web-based authentication configuration
802.1X 1
defined 1 2 3 4
Event Service 1
NameSpace Mapper 1
defining AAA server groups 1
described 1 2 3 4 5 6 7 8 9 10 11
designated
port 1
switch 1
desktop template 1
destination-IP address-based forwarding 1
destination-IP address-based forwarding, EtherChannel 1
destination-MAC address forwarding 1
destination-MAC address forwarding, EtherChannel 1
device
root 1
device priority
MSTP 1
STP 1
device stack 1
devices supported 1
DHCP
enabling
relay agent 1
server 1
DHCP option 82
displaying 1
forwarding address, specifying 1
helper address 1
overview 1
DHCP server port-based address allocation
default configuration 1
enabling 1
DHCP snooping 1
accepting untrusted packets form edge switch 1
option 82 data insertion 1
trusted interface 1
untrusted messages 1
DHCP snooping binding database
adding bindings 1
binding file
format 1
location 1
configuration guidelines 1
configuring 1
described 1
enabling 1
Differentiated Services (Diff-Serv) architecture 1
Differentiated Services Code Point 1
Diffusing Update Algorithm (DUAL) 1
disabled
state 1
disabling 1
disabling recovery of 1
displaying 1 2 3
Displaying IPv6: Example command 1
distance-vector protocols 1
distribute-list command 1
DNS
in IPv6 1
domain names 1
DSCP 1
DSCP maps 1
DSCP-to-CoS map for QoS 1
DSCP-to-DSCP-mutation map for QoS 1
dual IPv4 and IPv6 templates 1
dual protocol stacks
IPv4 and IPv6 1
SDM templates supporting 1
dual-action detection 1
dynamic access ports
configuring 1
dynamic addresses
See addresses 1
dynamic port membership
described 1
reconfirming 1
troubleshooting 1
dynamic port VLAN membership
described 1
reconfirming 1 2
troubleshooting 1
types of connections 1
dynamic routing 1
dynamic VLAN assignments 1E
effects on
IPv6 routing 1
egress expedite queue 1
egress queue 1 2 3
egress queues 1 2
EIGRP
definition 1
stub routing 1 2
ELIN location 1
enable 1 2
enable password 1
enable secret 1
enable secret password 1
enabling 1 2 3
enabling all system diagnostics 1
enabling and disabling 1
Enabling MLD Immediate Leave: Example command 1
encrypting 1
encryption for passwords 1
encryption methods 1
encryption, CipherSuite 1
Enhanced IGRP
See EIGRP 1
entering server address 1
EtherChannel 1 2 3
automatic creation of 1 2
channel groups
binding physical and logical interfaces 1
numbering of 1
configuration guidelines 1
configuring
Layer 2 interfaces 1
Layer 3 physical interfaces 1
Layer 3 port-channel logical interfaces 1
default configuration 1
forwarding methods 1 2
IEEE 802.3ad, described 1
interaction
with STP 1
LACP
hot-standby ports 1
interaction with other features 1
modes 1
port priority 1
system priority 1
Layer 3 interface 1
load balancing 1 2
logical interfaces, described 1
PAgP
about aggregate-port learners 1
about learn method and priority 1
aggregate-port learners 1
described 1
interaction with other features 1
interaction with virtual switches 1
learn method and priority configuration 1
modes 1
with dual-action detection 1
port-channel interfaces
numbering of 1
stack changes, effects of 1
EtherChannel failover 1
EtherChannel | interaction
with VLANs 1
EtherChannels 1 2 3
Ethernet management port 1 2 3
active link 1
and routing 1
and routing protocols 1
default setting 1
described 1
for network management 1
supported features 1
unsupported features 1
Ethernet management port configuration 1
Ethernet management port, internal
and routing 1
and routing protocols 1
unsupported features 1
EUI 1
Event Service 1
example
ACLs 1
classifying, policing, marking traffic on physical ports 1
classifying, policing, marking traffic on SVI 1
class maps 1
configuring egress queue 1
configuring port to DSCP-trusted state 1
modifying DSCP-DSCP mutation map 1
Example for Configuring Layer 3 Interfaces command 1
Example for Performing a Traceroute to an IP Host command 1
Example for Pinging an IP Host command 1
Example of Configuring NVRAM Buffer Size command 1
Examples for Configuring the System MTU command 1
Examples for controlling switch access with RADIUS 1
executing 1 2
exiting 1
expedite queue
egress queues
SRR weights 1
guidelines 1
expedite queue for QoS 1
extended system ID
MSTP 1
STP 1 2
extended universal identifier
See EUI 1F
Fa0 port
See Ethernet management port<$nopage> 1
fallback bridging
STP
keepalive messages 1
VLAN-bridge STP 1
fastethernet0 port
See Ethernet management port<$nopage> 1
feature information
VLAN trunks 1
voice VLAN 1
VTP 1
fiber-optic, detecting unidirectional links 1
filtering
non-IP traffic 1
filters, IP
See ACLs, IP [filters
IP 1
flash memory 1
Flex Links
configuring 1 2
configuring VLAN load balancing 1
default configuration 1
description 1
link load balancing 1
monitoring 1
preemption scheme 1
preferred VLAN example 1
switchport backup example
forced preemption mode example 1
VLAN load balancing examples 1
Flex Links failover 1
for network management 1
forward-delay time
MSTP 1
STP 1
forwarding 1
state 1
forwarding methods 1 2G
general query 1
Generating IGMP Reports 1H
hello time
MSTP 1
STP 1
hierarchical policy maps
configuring 1
hosts, limit on dynamic ports 1
hot-standby ports 1
HTTP secure server 1
HTTP(S) Over IPv6 1
HTTPS
configuring 1
described 1
self-signed certificate 1
hub 1I
ICMP 1
IPv6 1
time-exceeded messages 1
traceroute and 1
unreachable messages 1
ICMP ping
executing 1
overview 1
ICMP Router Discovery Protocol
See IRDP 1
ICMPv6 1
Identifying the RADIUS Server Host: Examples command 1
identifying the server 1 2
IEEE 802.1Q
protocol 1
IEEE 802.1Q tagging 1
IEEE 802.1Q tunneling 1
IEEE 802.1Q Tunneling
default 1
IEEE 802.1s
See MSTP 1
IEEE 802.3ad, described 1
IGMP
leave processing, enabling 1
report suppression
disabling 1
snooping 1
IGMP snooping 1 2
default configuration 1 2
enabling and disabling 1
monitoring 1
Immediate Leave, IGMP
enabling 1
in IPv6 1
Inter-Switch Link
See ISL 1
inter-VLAN routing 1
interaction with other features 1 2
interaction with virtual switches 1
interface 1
Interior Gateway Protocol
See IGP 1
internal power supplies
See power supplies<$nopage> 1
Internet Protocol version 6
See IPv6 1
Intrusion Detection System
See IDS appliances 1
inventory management TLV 1
IP ACLs
for QoS classification 1
named 1
IP addresses
128-bit 1
classes of 1
for IP routing 1
IPv6 1
monitoring 1
IP addresses and subnets 1
IP broadcast address 1
IP directed broadcasts 1
IP phones
automatic classification and queueing 1
ensuring port security with QoS 1
trusted boundary for QoS 1
IP precedence 1
IP routing
enabling 1
IP source guard 1 2
802.1x 1
binding configuration
automatic 1
manual 1
binding table 1
configuration guidelines 1
described 1
DHCP snooping 1
enabling 1 2
EtherChannels 1
port security 1
routed ports 1
static bindings
adding 1 2
static hosts 1
TCAM entries 1
trunk interfaces 1
VRF 1
IP traceroute
executing 1
overview 1
IP unicast routing
administrative distances 1
authentication keys 1
broadcast
address 1
flooding 1
packets 1
storms 1
classless routing 1
configuring static routes 1
default
gateways 1
networks 1
routes 1
routing 1
directed broadcasts 1
dynamic routing 1
enabling 1
EtherChannel Layer 3 interface 1
inter-VLAN 1
IP addressing
classes 1
configuring 1
IPv6 1
IRDP 1
Layer 3 interfaces 1
MAC address and IP address 1
passive interfaces 1
protocols
distance-vector 1
link-state 1
proxy ARP 1
redistribution 1
routed ports 1
See also RIP[IP unicast routing
zzz] 1
static routing 1
steps to configure 1
subnet mask 1
subnet zero 1
unicast reverse path forwarding 1
with SVIs 1
IP-precedence-to-DSCP map for QoS 1 2
IPv4 ACLs
applying to interfaces 1
extended, creating 1
interfaces 1
named 1
standard, creating 1
IPv4 and IPv6 1
IPv6 1 2 3 4 5 6
ACL 1
addresses 1
address formats 1
and switch stacks 1
applications 1
assigning address 1
autoconfiguration 1
default configuration 1
defined 1
forwarding 1
ICMP 1
monitoring 1
neighbor discovery 1
SDM templates 1
stack master functions 1
Stateless Autoconfiguration 1
supported features 1
IPv6 on 1
IPv6 routing 1
IRDP
configuring 1
definition 1
ISL
and IPv6 1K
KDC 1 2
described 1
See also Kerberos<$nopage>[KDC
zzz] 1
keepalive messages 1
Kerberos
authenticating to
boundary switch 1
KDC 1
network services 1
configuration examples 1
configuring 1
credentials 1
described 1
KDC 1
operation 1
realm 1
server 1
switch as trusted third party 1
terms 1
TGT 1
tickets 1
key 1 2
key distribution center
See KDC<$nopage> 1L
LACP 1 2
hot-standby ports 1
interaction with other features 1
modes 1
port priority 1
system priority 1
Layer 2
protocol 1
Layer 2 EtherChannel configuration guidelines 1
Layer 2 interface modes 1
Layer 2 interfaces 1
Layer 2 Protocol Tunneling 1 2
default 1
Layer 2 traceroute
and ARP 1
and CDP 1
broadcast traffic 1
described 1
IP addresses and subnets 1
MAC addresses and VLANs 1
multicast traffic 1
multiple devices on a port 1
unicast traffic 1
usage guidelines 1
Layer 2 Tunneling
EtherChannels 1
Layer 3 EtherChannel configuration guidelines 1
Layer 3 interfaces
assigning IPv6 addresses to 1
types of 1
Layer 3 packets, classification methods 1
Layer 3 physical interfaces 1
Layer 3 port-channel logical interfaces 1
Leaking IGMP Reports 1
learn method and priority configuration 1
leave processing, enabling 1
limiting the services to the user 1 2
Link Failure, detecting unidirectional 1
link local unicast addresses 1
link redundancy
See Flex Links 1
link-state protocols 1
link-state tracking
description 1
listening
state 1
LLDP
configuring
default configuration 1
enabling 1
overview 1
switch stack considerations 1
transmission timer and holdtime, setting 1
LLDP-MED
configuring
TLVs 1
overview 1
supported TLVs 1
load balancing 1 2
load balancing advantages 1
load sharing 1 2
trunk ports 1
local mode with AAA 1
local SPAN 1
location TLV 1
logging into 1
logging messages, ACL 1
logical interfaces, described 1
login 1 2
login authentication 1
with RADIUS 1
with TACACS+ 1M
MAC address of 1
MAC address-table move update
configuration guidelines 1
configuring 1
default configuration 1
description 1
obtain and process messages 1
MAC addresses
IP address association 1
MAC addresses and VLANs 1
MAC extended access lists
applying to Layer 2 interfaces 1 2
MAC/PHY configuration status TLV 1
management address TLV 1
managing 1
managing switch stacks 1
manual 1
manual upgrades with auto-advise 1
mapping table
default configuration 1
mapping tables for QoS
configuring
CoS-to-DSCP 1 2
DSCP 1
DSCP-to-CoS 1
DSCP-to-DSCP-mutation 1
IP-precedence-to-DSCP 1 2
policed-DSCP 1
described 1
mapping VLANs 1
marking
action in policy map 1
action with aggregate policers 1 2 3
maximum aging time
MSTP 1
STP 1
maximum hop count, MSTP 1
maximum-paths command 1
member number 1
memory allocation 1
merged 1
metric translations, between routing protocols 1
mirroring traffic for analysis 1
mismatches 1
mismatches, autonegotiation 1
MLD Messages 1
MLD Queries 1
MLD Reports 1
MLD Snooping 1
MLDv1 Done message 1
modes 1 2
monitoring 1 2 3 4
access groups 1
CEF 1
Flex Links 1
IGMP
snooping 1
IP
address tables 1
IPv4 ACL configuration 1
IPv6 1
network traffic for analysis with probe 1
OSPF 1
private VLAN 1
SFP status 1
tunneling status 1
VLAN
filters 1
maps 1
voice VLAN 1
VTP 1
monitoring private VLANs 1
monitoring status of 1
mrouter Port 1
MST mode 1
MSTP
boundary ports
configuration guidelines 1
described 1
CIST, described 1
CIST regional root 1 2
CIST root 1
configuration guidelines 1
configuring
device priority 1
forward-delay time 1
hello time 1
link type for rapid convergence 1
maximum aging time 1
maximum hop count 1
MST region 1
neighbor type 1
path cost 1
port priority 1
root device 1
secondary root device 1
CST
operations between regions 1
default configuration 1
displaying status 1
enabling the mode 1
extended system ID
effects on root device 1
effects on secondary root device 1
unexpected behavior 1
IEEE 802.1s
implementation 1
port role naming change 1
terminology 1
instances supported 1
interoperability and compatibility among modes 1 2
interoperability with IEEE 802.1D
described 1
restarting migration process 1
IST
operations within a region 1
mapping VLANs to MST instance 1
MST region
CIST 1
configuring 1
described 1
hop-count mechanism 1
IST 1
supported spanning-tree instances 1
root device
configuring 1
effects of extended system ID 1
unexpected behavior 1
stack changes, effects of 1
status, displaying 1
MTU
system 1 2
system jumbo 1
system routing 1
Multicast Client Aging Robustness 1
Multicast Fast Convergence 1 2
multicast groups
static joins 1
multicast packets
ACLs on 1
Multicast Router Discovery 1
multicast traffic 1
multiple devices on a port 1
multiple UDP ports 1N
NameSpace Mapper 1
native VLAN 1
Native VLANs 1
neighbor discovery 1
neighbor discovery, IPv6 1
NetFlow 1
Network Assistant
managing switch stacks 1
Network Load Sharing
STP path cost 1
STP priorities 1
network policy TLV 1
network services 1
non-IP traffic filtering 1
nonhierarchical policy maps
configuring 1
numbering of 1O
OBFL
configuring 1
described 1
displaying 1
offline configuration
provisioned configuration, defined 1
provisioned switch, defined 1
provisioning a new member 1
on Layer 2 interfaces 1
on Layer 3 physical interfaces 1
on-board failure logging 1
online diagnostics
described 1
overview 1
operation 1
operation of 1 2
OSPF
area parameters, configuring 1
configuring 1
default configuration
metrics 1
route 1
LSA group pacing 1
monitoring 1
router IDs 1
route summarization 1
virtual links 1
overview 1 2 3 4 5 6 7P
packet modification, with QoS 1
PaGP 1
PAgP 1
aggregate-port learners 1
described 1
interaction with other features 1
interaction with virtual switches 1
learn method and priority configuration 1
modes 1
with dual-action detection 1
parallel paths, in routing tables 1
partitioned 1 2
passive interfaces
configuring 1
OSPF 1
password 1 2
password and privilege level 1
password recovery disable considerations 1
passwords
default configuration 1
disabling recovery of 1
encrypting 1
overview 1
recovery of 1
setting
enable 1
enable secret 1
Telnet 1
with usernames 1
path cost 1
MSTP 1
STP 1
PBR
defined 1
fast-switched policy-based routing 1
local policy-based routing 1
persistent self-signed certificate 1
ping
character output description 1
executing 1
overview 1
PoE
devices supported 1
supported watts per port 1
PoE ports 1
policed-DSCP map for QoS 1
policers
configuring
for more than one traffic class 1
types of 1
policing
hierarchical
See hierarchical policy maps 1
token-bucket algorithm 1
policy maps for QoS
hierarchical on SVIs
configuring 1
nonhierarchical on physical ports
configuring 1
policy-based routing
See PBR 1
port
priority 1
root 1
port ACLs
defined 1
types of 1
port description TLV 1
port priority 1
MSTP 1
STP 1
port security 1
and QoS trusted boundary 1
port VLAN ID TLV 1
port-based authentication
configuration guidelines 1
configuring
RADIUS server 1
RADIUS server parameters on the switch 1
default configuration 1
device roles 1
displaying statistics 1
enabling
802.1X authentication 1
switch
as proxy 1
port-channel interfaces
numbering of 1
ports
community 1
isolated 1
promiscuous 1
power management TLV 1
power supply
configuring 1
managing 1
preemption delay, default configuration 1
preemption, default configuration 1
prerequisites 1
auto-QoS 1
private VLANs 1
QoS 1
tunneling 1
VLAN trunks 1
Voice VLAN 1
VTP 1
preventing unauthorized access 1
primary server 1
primary VLAN configuration 1
prioritization 1
priority
overriding CoS 1
priority value 1
private VLAN
configuring Layer 2 interface 1
configuring promiscuous port 1
mapping secondary VLANs 1
port configuration 1
private VLAN domains 1
private VLANs
broadcast 1
limitations 1
multicast 1
multiple switches 1
unicast 1
private-VLAN
configuring 1
privilege levels
changing the default for lines 1
exiting 1
logging into 1
overview 1
setting a command with 1
Protecting Enable and Enable Secret Passwords with Encryption: Example command 1
provisioned configuration, defined 1
provisioned switch, defined 1
provisioning a new member 1
provisioning new members for a switch stack 1
proxy ARP
definition 1
with IP routing disabled 1
proxy reports 1
pruning-eligible list 1
PVST mode 1
PVST+
described 1
IEEE 802.1Q trunking interoperability 1
instances supported 1Q
QoS
auto-QoS
categorizing traffic 1
described 1
disabling 1
effects on running configuration 1
basic model 1
classification
DSCP transparency, described 1
forwarding treatment 1
IP ACLs, described 1
MAC ACLs, described 1 2
options for IP traffic 1
trusted CoS, described 1
class maps
configuring 1 2
configuring
aggregate policers 1 2 3
auto-QoS 1
default port CoS value 1
DSCP maps 1
DSCP transparency 1
DSCP trust states bordering another domain 1
egress queue characteristics 1
IP standard ACLs 1
policy maps, hierarchical 1
policy maps on physical ports 1
port trust states within the domain 1
trusted boundary 1
default auto configuration 1
default configuration 1
egress queues
configuring shaped weights for SRR 1
configuring shared weights for SRR 1
displaying the threshold map 1
mapping DSCP or CoS values 1
WTD, described 1
enabling globally 1
enabling VLAN-based on physical ports 1
implicit deny 1
IP phones
automatic classification and queueing 1
detection and trusted settings 1 2
limiting bandwidth on egress interface 1
mapping tables
CoS-to-DSCP 1 2
DSCP-CoS 1
DSCP-to-CoS 1
DSCP-to-DSCP-mutation 1
IP-precedence-to-DSCP 1 2
policed-DSCP 1
types of 1
marked-down actions 1
packet modification 1
policers
configuring 1
types of 1
policing
token bucket algorithm 1
QoS
classification 1
queues
configuring egress characteristics 1
high priority (expedite) 1 2
location of 1
SRR, described 1
WTD, described 1
rewrites 1
trust states
bordering another domain 1
trusted device 1
within the domain 1
QoS policy 1
queueing 1R
RADIUS 1 2
attributes
vendor-proprietary 1 2
vendor-specific 1
configuring
accounting 1
authentication 1
authorization 1
communication, global 1 2
communication, per-server 1
multiple UDP ports 1
default configuration 1
defining AAA server groups 1
identifying the server 1
key 1
limiting the services to the user 1
login 1
operation of 1
overview 1
server load balancing 1
suggested network environments 1
tracking services accessed by user 1
RADIUS Change of Authorization 1
rapid convergence 1
Rapid Spanning Tree Protocol
See RSTP 1
realm 1
reconfirmation interval, changing 1
reconfirmation interval, VMPS, changing 1
reconfirming 1 2
reconfirming dynamic VLAN membership 1
reconfirming membership 1
recovery of 1
redirecting error message output 1
redundancy
EtherChannel 1
STP
backbone 1
reference 1
references
auto-QoS 1
Remote Authentication Dial-In User Service
See RADIUS 1
remote SPAN 1
removing a provisioned member 1
replacing 1
replacing a failed member 1
report suppression
disabling 1
report suppression, IGMP
disabling 1
restricting access
overview 1
RADIUS 1
TACACS+ 1
restrictions 1
Configuration Engine 1
MSTP 1
STP 1
VLAN trunks 1
voice VLANs 1
retry count, changing 1
retry count, VMPS, changing 1
Reverse Address Resolution Protocol
See RARP 1
RFC
1058, RIP 1
1587, NSSAs 1
RFC 5176 Compliance 1
RIP
authentication 1
configuring 1
described 1
hop counts 1
split horizon 1
summary addresses 1
role
port 1
root
port 1
switch 1 2
root device
MSTP 1
STP 1
route calculation timers, OSPF 1
route maps
policy-based routing 1
route summarization, OSPF 1
route-map command 1
routed packets, ACLs on 1
routed ports 1
configuring 1
IP addresses on 1
router ACLs
defined 1
types of 1
router ID, OSPF 1
routing 1
default 1
dynamic 1
redistribution of information 1
static 1
Routing Information Protocol
See RIP 1
RSPAN 1
and stack changes 1
characteristics 1
configuration guidelines 1
default configuration 1
destination ports 1
in a device stack 1
interaction with other features 1
monitored ports 1
monitoring ports 1
overview 1
received traffic 1
session limits 1
sessions
creating 1
defined 1
limiting source traffic to specific VLANs 1
specifying monitored ports 1
with ingress traffic enabled 1
source ports 1
transmitted traffic 1
VLAN-based 1
RSTP
active topology 1
BPDU
format 1
processing 1
designated port, defined 1
designated switch, defined 1
interoperability with IEEE 802.1D
described 1
restarting migration process 1
topology changes 1
overview 1
port roles
described 1
synchronized 1
rapid convergence
cross-stack rapid convergence 1
described 1
edge ports and Port Fast 1
point-to-point links 1 2
root ports 1
root port, defined 1S
scheduling 1
SCP
and SSH 1
configuring 1
SDM
switch stack consideration 1
templates
configuring 1
SDM templates 1
SDM templates supporting 1
secondary VLAN configuration 1
secondary VLANs 1
secure HTTP client
configuring 1
displaying 1
secure HTTP server
configuring 1
displaying 1
Secure Shell 1
security and identification 1
See also IP traceroute 1
See also Kerberos<$nopage>[KDC
zzz] 1
See EtherChannel 1 2
See Ethernet management port<$nopage> 1
See EUI 1
see HTTPS 1
See IPv6 1
See KDC<$nopage> 1
See power supplies<$nopage> 1
See RADIUS 1
See SCP 1
See TACACS+<$nopage> 1
self-signed certificate 1
server 1
server load balancing 1
service-provider network, MSTP and RSTP 1
services
networking 1
setting
enable 1
enable secret 1
Telnet 1
with usernames 1
setting a command with 1
setting a password 1
Setting a Telnet Password for a Terminal Line: Example command 1
Setting or Changing a Static Enable Password: Example command 1
setting packet forwarding 1
Setting the Privilege Level for a Command: Example command 1
SFP security and identification 1
SFP status 1
SFPs
monitoring status of 1
security and identification 1
status, displaying 1
shaped mode 1
shared mode 1
show access-lists hw-summary command 1
show forward command 1
show interfaces switchport 1
show platform forward command 1
Simple Network Management Protocol (SNMP) 1
single-switch EtherChannel 1
smart logging
enabling 1
DHCP 1
Dynamic ARP 1
IP Source Guard 1
overview 1
SNMP and Syslog Over IPv6 1
snooping 1
source-and-destination MAC address forwarding, EtherChannel 1
source-and-destination-IP address based forwarding, EtherChannel 1
source-IP address based forwarding, EtherChannel 1
source-IP address-based forwarding 1
source-MAC address forwarding 1
source-MAC address forwarding, EtherChannel 1
SPAN
and stack changes 1
configuration guidelines 1
default configuration 1
destination ports 1
interaction with other features 1
monitored ports 1
monitoring ports 1
overview 1
received traffic 1
session limits 1
sessions
creating 1 2
defined 1
limiting source traffic to specific VLANs 1
removing destination (monitoring) ports 1
specifying monitored ports 1 2
with ingress traffic enabled 1
source ports 1
transmitted traffic 1
VLAN-based 1
SPAN traffic 1
Spanning Tree
states 1
spanning-tree
port priority 1
split horizon, RIP 1
SRR
described 1
shaped mode 1
shared mode 1
SSH 1
encryption methods 1
user authentication methods, supported 1
SSH server 1
SSL 1
configuration guidelines 1
configuring a secure HTTP client 1
configuring a secure HTTP server 1
monitoring 1
stack changes
effects on
IPv6 routing 1
stack changes, effects of 1
stack changes, effects on
ACL configuration 1
cross-stack EtherChannel 1
EtherChannel 1
IP routing 1
SPAN and RSPAN 1
STP 1
stack changes,effects on
MSTP 1
stack master
IPv6 1
stack master functions 1
stack member
configuring
member number 1
priority value 1
IPv6 1
provisioning a new member 1
removing a provisioned member 1
replacing 1
stacks switch
replacing a failed member 1
stacks,
MSTP instances supported 1
STP
bridge ID 1
switch 1
stacks, switch
assigning information
priority value 1
provisioning a new member 1
auto-advise 1
auto-extract 1
auto-upgrade 1
IPv6 on 1
MAC address of 1
offline configuration
provisioned configuration, defined 1
provisioned switch, defined 1
provisioning a new member 1
partitioned 1
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 1
described 1
upgrades with auto-extract 1
stacks, switch version-mismatch (VM) mode
manual upgrades with auto-advise 1
stacks,switch
assigning information
member number 1
auto-copy 1
merged 1
offline configuration
removing a provisioned member 1
partitioned 1
Stateless Autoconfiguration 1
static bindings
adding 1 2
static hosts 1
static joins 1
static routes
configuring 1
static routing 1
statistics
802.1X 1
interface 1
OSPF 1
status, displaying 1
STP
BPDU message exchange 1
configuring
device priority 1
forward-delay time 1
hello time 1
maximum aging time 1
path cost 1
port priority 1
root device 1
secondary root device 1
spanning-tree mode 1
transmit hold-count 1
default configuration 1
designated ,defined
switch 1
designated port,defined 1
disabling 1
displaying status 1
extended system ID
effects on root device 1
effects on the secondary root device 1
overview 1
unexpected behavior 1
IEEE 802.1D and bridge ID 1
IEEE 802.1D and multicast addresses 1
IEEE 802.1t and VLAN identifier 1
instances supported 1
interface states 1
blocking 1
disabled 1
forwarding 1 2
learning 1
listening 1
interoperability and compatibility among modes 1 2
keepalive messages 1
limitations with IEEE 802.1Q trunks 1
modes supported 1
overview 1
protocols supported 1
redundant connectivity 1
root
election 1
switch 1 2
unexpected behavior 1
root device
configuring 1
effects of extended system ID 1 2
root port, defined 1
stack changes, effects of 1
status, displaying 1
VLAN-bridge 1
STP path cost 1
STP port priorities 1
stub routing, EIGRP 1 2
subnet mask 1
subnet zero 1
Subnetwork Access Protocol (SNAP) 1
suggested network environments 1
supported features 1 2
supported watts per port 1
SVIs
and IP unicast routing 1
and router ACLs 1
Switch Access
displaying 1
switch as trusted third party 1
switch stack 1
switch stack consideration 1
switch stacks 1 2
switched packets, ACLs on 1
switchport backup interface 1
system 1 2
system capabilities TLV 1
system description TLV 1
system jumbo 1
system MTU 1
System MTU 1
system name TLV 1
system priority 1
system routing 1T
TACACS+ 1 2
accounting, defined 1
authentication, defined 1
authorization, defined 1
configuring
accounting 1
authentication key 1
authorization 1
login authentication 1
default configuration 1
defined 1
displaying 1
identifying the server 1
key 1
limiting the services to the user 1
login 1
operation of 1
overview 1
tracking services accessed by user 1
TCAM entries 1
Telnet 1
setting a password 1
templates
configuring 1
temporary self-signed certificate 1
Terminal Access Controller Access Control System Plus
See TACACS+<$nopage> 1
terminal lines, setting a password 1
terms 1
TGT 1
tickets 1
time ranges in ACLs 1 2
time-exceeded messages 1
time-range command 1
TLVs
defined 1
Token Rings 1
Topology Change Notification Processing 1
traceroute and 1
traceroute command
See also IP traceroute 1
traceroute, Layer 2
and ARP 1
and CDP 1
broadcast traffic 1
described 1
IP addresses and subnets 1
MAC addresses and VLANs 1
multicast traffic 1
multiple devices on a port 1
unicast traffic 1
usage guidelines 1
tracking services accessed by user 1 2
traffic
fragmented 1 2
troubleshooting 1
auto-QoS 1
setting packet forwarding 1
SFP security and identification 1
show forward command 1
with debug commands 1
with ping 1
with traceroute 1
Troubleshooting Examples command 1
trunk
configuration 1
trunk failover 1
trunk interfaces 1
trunk port 1
trunking 1
trunking modes 1
trunks
allowed VLANs 1
trust states 1
trusted boundary for QoS 1
trusted port states
between QoS domains 1
classification options 1
ensuring port security for IP phones 1
within a QoS domain 1
trustpoints, CA 1
twisted-pair, detecting unidirectional links 1
types of connections 1U
UDLD
aggressive 1 2
aggressive mode
message time 1
default configuration 1
disabling
per interface 1
echoing detection mechanism 1 2
enabling
globally 1
per interface 1
fiber-optic links 1
neighbor database 1
neighbor database maintenance 1
normal 1
normal mode 1
overview 1
restrictions 1
twisted-pair links 1
unicast traffic 1
unsupported features 1
upgrades with auto-extract 1
usage guidelines 1
user authentication methods, supported 1
User Datagram Protocol
See UDP 1 2
username-based authentication 1
using commands 1V
vendor-proprietary 1
vendor-specific 1
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 1
described 1
displaying 1
manual upgrades with auto-advise 1
upgrades with auto-extract 1
virtual switches and PAgP 1
VLAN ACLs
See VLAN maps 1
VLAN filtering and SPAN 1
VLAN load balancing on Flex Links
configuration guidelines 1
described 1
VLAN map entries, order of 1
VLAN maps
applying 1
common uses for 1
configuration guidelines 1
configuring 1
creating 1
defined 1
denying access to a server example 1
denying and permitting packets 1 2
displaying 1
VLAN membership
confirming 1
VLANs
aging dynamic addresses 1
limiting source traffic with RSPAN 1
limiting source traffic with SPAN 1
STP and IEEE 802.1Q trunks 1
VLAN-bridge STP 1
VMPS
dynamic port membership
described 1
reconfirming 1
troubleshooting 1
entering server address 1
reconfirmation interval, changing 1
reconfirming membership 1
retry count, changing 1
VMPS client configuration
default 1
VMPS Configuration Example command 1
voice VLAN
configuration guidelines 1
configuring IP phones for data traffic
override CoS of incoming frame 1
configuring ports for voice traffic in
802.1p priority tagged frames 1
voice VLANs 1
VRF 1
VTP 1
configuration requirements 1
version 1
VTP advertisements 1
VTP domain 1 2
VTP mode 1
VTP modes 1
VTP password 1
VTP primary 1
VTP pruning 1 2
VTP settings 1
VTP version 1
VTP version 2 1
VTP version 3 1W
web-based authentication
customizeable web pages 1
description 1
web-based authentication, interactions with other features 1
wired location service
configuring 1
location TLV 1
understanding 1
with debug commands 1
with dual-action detection 1
with ping 1
with RADIUS 1 2 3
with STP 1
with TACACS+ 1 2 3 4
with traceroute 1
with usernames 1
WTD
setting thresholds
egress queue sets 1Z
zzz] 1
Feedback