Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
Numerics
802.1D
See STP
802.1Q
and trunk ports 10-3
configuration limitations 12-18
encapsulation 12-16
native VLAN for untagged traffic 12-23
802.1S
See MSTP
802.1W
See RSTP
802.1X
See port-based authentication
802.3AD
See EtherChannel
802.3af
See PoE 1-8
802.3Z flow control 10-14
A
abbreviating commands 2-3
ABRs 30-29
AC (command switch) 5-10, 5-19
access-class command 27-19
access control entries
See ACEs
access-denied response, VMPS 12-28
access groups
applying ACLs to interfaces 27-20
IP 27-20
Layer 2 27-20
Layer 3 27-20
accessing
clusters, switch 5-13
command switches 5-11
member switches 5-13
switch clusters 5-13
access lists
See ACLs
access ports
defined 10-2
in switch clusters 5-9
accounting
with RADIUS 8-28
with TACACS+ 8-11, 8-17
ACEs
and QoS 28-7
defined 27-2
Ethernet 27-2
IP 27-2
ACLs
ACEs 27-2
any keyword 27-12
applying
on bridged packets 27-38
on multicast packets 27-39
on routed packets 27-38
on switched packets 27-37
time ranges to 27-16
to an interface 27-19
to QoS 28-7
classifying traffic for QoS 28-37
comments in 27-18
compiling 27-21
configuring with VLAN maps 27-36
defined 27-1, 27-7
examples of 27-21, 28-37
extended IP
configuring for QoS classification 28-38
creating 27-10
matching criteria 27-7
hardware and software handling 27-21
host keyword 27-12
IP
applying to interface 27-19
applying to interfaces 27-19
creating 27-7
fragments and QoS guidelines 28-29
implicit deny 27-9, 27-13, 27-15
implicit masks 27-9
matching criteria 27-7
named 27-14
terminal lines, setting on 27-18
undefined 27-20
violations, logging 27-15
limiting actions 27-37
logging messages 27-9
log keyword 27-15
MAC extended 27-26, 28-39
matching 27-7, 27-20
monitoring 27-40
named 27-14
number per QoS class map 28-29
numbers 27-7
port 27-2
precedence of 27-2
QoS 28-7, 28-37
router 27-2
standard IP
configuring for QoS classification 28-37
creating 27-8
matching criteria 27-7
supported features 27-21
support for 1-6
time ranges 27-16
unsupported features 27-6
using router ACLs with VLAN maps 27-36
VLAN maps
configuration guidelines 27-29
configuring 27-29
active router 31-1
address aliasing 19-2
addresses
displaying the MAC address table 6-28
dynamic
accelerated aging 15-8
changing the aging time 6-22
default aging 15-8
defined 6-21
learning 6-21
removing 6-23
MAC, discovering 6-28
multicast
group address range 32-3
STP address management 15-8
static
adding and removing 6-25
defined 6-21
address resolution 6-28, 30-8
Address Resolution Protocol
See ARP
adjacency tables, with CEF 30-64
administrative distances
defined 30-75
OSPF 30-34
routing protocol defaults 30-66
advertisements
CDP 21-1
IGRP 30-23
RIP 30-19
VTP 12-19, 13-3
aggregate addresses, BGP 30-59
aggregated ports
See EtherChannel
aggregate policers 28-45
aggregate policing 1-7
aging, accelerating 15-8
aging time
accelerated
for MSTP 16-20
for STP 15-8, 15-21
MAC address table 6-22
maximum
for MSTP 16-21
for STP 15-21
alarms, RMON 24-3
allowed-VLAN list 12-21
alternate routes, IGRP 30-25
area border routers
See ABRs
ARP
configuring 30-9
defined 1-4, 6-28, 30-8
encapsulation 30-10
static cache configuration 30-9
table
address resolution 6-28
managing 6-28
ASBRs 30-29
AS-path filters, BGP 30-53
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-29
audience xxxiii
authentication
EIGRP 30-41
HSRP 31-8
local mode with AAA 8-36
NTP associations 6-5
RADIUS
key 8-21
login 8-23
See also port-based authentication
TACACS+
defined 8-11
key 8-13
login 8-14
authentication keys, and routing protocols 30-76
authoritative time source, described 6-2
authorization
with RADIUS 8-27
with TACACS+ 8-11, 8-16
authorized ports with 802.1X 9-4
autoconfiguration 4-3
automatic discovery
adding member switches 5-17
considerations
beyond a non-candidate device 5-8
brand new switches 5-9
connectivity 5-5
different VLANs 5-7
management VLANs 5-7
non-CDP-capable devices 5-6
non-cluster-capable devices 5-6
routed ports 5-8
creating a cluster standby group 5-19
in switch clusters 5-5
See also CDP
automatic QoS
See QoS
automatic recovery, clusters 5-10
See also HSRP
autonegotiation
duplex mode 1-3
interface configuration guidelines 10-13
mismatches 35-12
autonomous system boundary routers
See ASBRs
autonomous systems, in BGP 30-47
Auto-RP, described 32-5
autosensing, port speed 1-3
auxiliary VLAN
See voice VLAN
availability, features 1-5
B
BackboneFast
described 17-5
enabling 17-13
support for 1-5
banners
configuring
login 6-20
message-of-the-day login 6-19
default configuration 6-18
when displayed 6-18
BGP
aggregate addresses 30-59
aggregate routes, configuring 30-59
CIDR 30-59
clear commands 30-62
community filtering 30-55
configuring neighbors 30-57
default configuration 30-45
described 30-44
enabling 30-47
monitoring 30-62
multipath support 30-50
neighbors, types of 30-47
path selection 30-50
peers, configuring 30-57
prefix filtering 30-54
resetting sessions 30-49
route dampening 30-61
route maps 30-52
route reflectors 30-60
routing domain confederation 30-59
show commands 30-62
supernets 30-59
support for 1-8
Version 4 30-44
binding cluster group and HSRP group 31-9
blocking packets 20-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-13
boot loader
accessing 4-14
described 4-2
environment variables 4-14
prompt 4-14
trap-door mechanism 4-2
bootstrap router (BSR), described 32-5
Border Gateway Protocol
See BGP
BPDU
error-disabled state 17-3
filtering 17-3
RSTP format 16-9
BPDU filtering
described 17-3
enabling 17-12
support for 1-5
BPDU guard
described 17-3
enabling 17-11
support for 1-5
bridged packets, ACLs on 27-38
bridge groups
See fallback bridging
bridge protocol data unit
See BPDU
broadcast flooding 30-16
broadcast packets
directed 30-13
flooded 30-13
broadcast storm-control command 20-3
broadcast storms 20-2, 30-13
C
cables, monitoring for unidirectional links 22-1
candidate switch
adding 5-17
automatic discovery 5-5
defined 5-4
HC 5-19
passwords 5-17
requirements 5-4
standby group 5-19
See also command switch, cluster standby group, and member switch
caution, described xxxiv
CC (command switch) 5-19
CDP
and trusted boundary 28-34
automatic discovery in switch clusters 5-5
configuring 21-2
default configuration 21-2
described 21-1
disabling for routing device 21-3, 21-4
enabling and disabling
on an interface 21-4
on a switch 21-3
monitoring 21-5
overview 21-1
support for 1-4
transmission timer and holdtime, setting 21-2
updates 21-2
CEF 30-63
CGMP
as IGMP snooping learning method 19-8
clearing cached group entries 32-50
enabling server support 32-32
joining multicast group 19-3
overview 32-7
server support only 32-7
switch support of 1-3
CIDR 30-59
Cisco 7960 IP Phone 14-1
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS File System
See IFS
CiscoWorks 2000 1-4, 26-5
classless interdomain routing
See CIDR
classless routing 30-6
class maps for QoS
configuring 28-40
described 28-7
displaying 28-64
class of service
See CoS
clearing interfaces 10-23
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 5-21
no and default forms of commands 2-4
client mode, VTP 13-3
clock
See system clock
Cluster Management Suite
See CMS
cluster requirements
See release notes xxxv
clusters, switch
accessing 5-13
adding member switches 5-17
automatic discovery 5-5
automatic recovery 5-10
clusters, switch (continued)
benefits 1-2
command switch configuration 5-16
compatibility 5-4
creating 5-16
creating a cluster standby group 5-19
described 5-1
LRE profile considerations 5-15
managing
through CLI 5-21
through SNMP 5-22
planning 5-4
planning considerations
automatic discovery 5-5
automatic recovery 5-10
CLI 5-21
host names 5-13
IP addresses 5-13
LRE profiles 5-15
passwords 5-14
RADIUS 5-14
SNMP 5-14, 5-22
switch-specific features 5-15
TACACS+ 5-14
redundancy 5-19
troubleshooting 5-21
verifying 5-20
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
cluster standby group
and HSRP group 31-9
automatic recovery 5-12
considerations 5-11
creating 5-19
defined 5-2
requirements 5-3
virtual IP address 5-11
See also HSRP
CMS
benefits 1-2
configuration modes 3-5
described 1-2, 1-4
Front Panel view
described 3-2
operating systems and supported browsers 3-9
privilege levels 3-7
requirements 3-8 to 3-9
Topology view 3-15
wizards 3-6
CMS requirements
See switch software configuration guide xxxv
Coarse Wave Division Multiplexer
See CWDM
command-line interface
See CLI
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 8-8
command switch
accessing 5-11
active (AC) 5-10, 5-19
command switch with HSRP disabled (CC) 5-19
configuration conflicts 35-11
defined 5-2
enabling 5-16
passive (PC) 5-10, 5-19
password privilege levels 5-22
priority 5-10
recovery
from command-switch failure 5-10
from failure 35-8
from lost member connectivity 35-11
redundant 5-10, 5-19
command switch (continued)
replacing
with another switch 35-10
with cluster member 35-8
requirements 5-3
standby (SC) 5-10, 5-19
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 30-56
community strings
configuring 5-14, 26-8
for cluster switches 26-4
in clusters 5-14
overview 26-4
SNMP 5-14
config.text 4-12
configuration, initial
defaults 1-9
Express Setup 1-9
See also hardware installation guide
setup (CLI) program 1-9
configuration conflicts, recovering from lost member connectivity 35-11
configuration examples, network 1-11
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 4-12
deleting a stored configuration B-19
described B-8
downloading
automatically 4-12
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
invalid combinations when copying B-5
configuration files (continued)
limiting TFTP server access 26-15
obtaining with DHCP 4-7
password recovery disable considerations 8-5
specifying the filename 4-12
system contact and location information 26-14
types and location B-9
uploading
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
configuration modes, CMS 3-5
configuration settings, saving 4-10
configure terminal command 10-7
config-vlan mode 2-2, 12-7
conflicts, configuration 35-11
connections, secure remote 8-38
connectivity problems 35-13, 35-14, 35-16
consistency checks in VTP version 2 13-4
console port, connecting to 2-9
conventions
command xxxiv
for examples xxxiv
publication xxxiv
text xxxiv
corrupted software, recovery steps with XMODEM 35-2
CoS
in Layer 2 frames 28-2
override priority 14-5
trust priority 14-5
CoS input queue threshold map for QoS 28-14
CoS output queue threshold map for QoS 28-17
CoS-to-DSCP map for QoS 28-47
counters, clearing interface 10-23
crashinfo file 35-22
cryptographic software image
Kerberos 8-32
SSH 8-37
CWDM 1-16
CWDM SFPs 1-16
D
daylight saving time 6-13
debugging
enabling all system diagnostics 35-19
enabling for a specific feature 35-18
redirecting error message output 35-19
using commands 35-18
default commands 2-4
default configuration
802.1X 9-10
auto-QoS 28-18
banners 6-18
BGP 30-45
booting 4-12
CDP 21-2
DHCP 18-3
DNS 6-17
EIGRP 30-38
EtherChannel 29-9
fallback bridging 34-3
HSRP 31-4
IGMP 32-26
IGMP filtering 19-21
IGMP snooping 19-7
IGMP throttling 19-21
IGRP 30-24
initial switch information 4-3
IP addressing, IP routing 30-4
IP multicast routing 32-8
default configuration (continued)
Layer 2 interfaces 10-11
MAC address table 6-22
MSDP 33-4
MSTP 16-12
MVR 19-16
NTP 6-4
optional spanning-tree features 17-9
OSPF 30-29
password and privilege level 8-2
RADIUS 8-20
RIP 30-19
RMON 24-3
RSPAN 23-9
SNMP 26-7
SPAN 23-9
standard QoS 28-27
STP 15-11
system message logging 25-3
system name and prompt 6-15
TACACS+ 8-13
UDLD 22-4
VLAN, Layer 2 Ethernet interfaces 12-19
VLANs 12-8
VMPS 12-29
voice VLAN 14-3
VTP 13-6
default gateway 4-10, 30-11
default networks 30-66
default routes 30-66
default routing 30-2
deleting VLANs 12-10
description command 10-18
designing your network, examples 1-11
destination addresses, in ACLs 27-11
destination-IP address based forwarding, EtherChannel 29-7
destination-MAC address forwarding, EtherChannel 29-7
detecting indirect link failures, STP 17-6
device discovery protocol 21-1
Device Manager 3-15
See also Switch Manager
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-6
relay device 4-6
server-side 4-5
TFTP server 4-5
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
overview 4-3
relationship to BOOTP 4-3
relay support 1-4, 1-8
support for 1-4
DHCP option 82
configuration guidelines 18-3
default configuration 18-3
displaying 18-5
overview 18-2
DHCP snooping
configuration guidelines 18-3
default configuration 18-3
displaying binding tables 18-5
displaying configuration 18-6
message exchange process 18-2
option 82 data insertion 18-2
Differentiated Services architecture, QoS 28-1
Differentiated Services Code Point 28-2
Diffusing Update Algorithm (DUAL) 30-37
directed unicast requests 1-4
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, clusters
See automatic discovery
Distance Vector Multicast Routing Protocol
See DVMRP
distance-vector protocols 30-3
distribute-list command 30-75
DNS
and DHCP-based autoconfiguration 4-6
default configuration 6-17
displaying the configuration 6-18
overview 6-16
setting up 6-17
support for 1-4
documentation
feedback xxxvi
obtaining
CD-ROM xxxvi
world wide web xxxv
ordering xxxvi
related xxxv
document conventions xxxiv
domain names
DNS 6-16
VTP 13-8
Domain Name System
See DNS
downloading
configuration files
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-24
preparing B-22, B-25, B-29
reasons for B-20
using FTP B-26
using RCP B-31
using TFTP B-23
DSCP 1-7, 28-2
DSCP input queue threshold map for QoS 28-14
DSCP output queue threshold map for QoS 28-17
DSCP-to-CoS map for QoS 28-50
DSCP-to-DSCP-mutation map for QoS 28-51
DTP 1-6, 12-17
DUAL finite state machine, EIGRP 30-37
duplex mode, configuring 10-12
DVMRP
autosummarization
configuring a summary address 32-46
disabling 32-48
connecting PIM domain to DVMRP router 32-38
enabling unicast routing 32-42
interoperability
with Cisco devices 32-36
with IOS software 32-7
mrinfo requests, responding to 32-41
neighbors
advertising the default route to 32-40
discovery with Probe messages 32-36
displaying information 32-41
prevent peering with nonpruning 32-44
rejecting nonpruning 32-42
overview 32-7
routes
adding a metric offset 32-48
advertising all 32-48
advertising the default route to neighbors 32-40
caching DVMRP routes learned in report messages 32-42
changing the threshold for syslog messages 32-45
deleting 32-50
displaying 32-50
favoring one over another 32-48
limiting the number injected into MBONE 32-45
limiting unicast route advertisements 32-36
routing table 32-7
source distribution tree, building 32-7
support for 1-8
tunnels
configuring 32-38
displaying neighbor information 32-41
dynamic access ports
characteristics 12-4
configuring 12-30
defined 10-3
dynamic addresses
See addresses
dynamic auto trunking mode 12-17
dynamic desirable trunking mode 12-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
types of connections 12-30
dynamic routing 30-3
Dynamic Trunking Protocol
See DTP
E
EBGP 30-43
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EIGRP
and IGRP 30-39
authentication 30-41
components 30-37
configuring 30-39
default configuration 30-38
definition 30-37
interface parameters, configuring 30-40
monitoring 30-42
support for 1-8
enable password 8-4
enable secret password 8-4
encryption for passwords 8-4
Enhanced IGRP
See EIGRP
environment variables
function of 4-15
equal-cost routing 1-8, 30-64
error messages during command entry 2-4
EtherChannel
802.3AD, described 29-5
automatic creation of 29-4, 29-5
channel groups
binding physical and logical interfaces 29-3
numbering of 29-3
configuration guidelines 29-9
configuring
Layer 2 interfaces 29-10
Layer 3 physical interfaces 29-13
Layer 3 port-channel logical interfaces 29-12
configuring Layer 2 interfaces 29-10
default configuration 29-9
described 29-2
displaying status 29-20
forwarding methods 29-6, 29-15
interaction
with STP 29-9
with VLANs 29-10
LACP
described 29-5
displaying status 29-20
hot-standby ports 29-17
interaction with other features 29-6
modes 29-6
port priority 29-19
system priority 29-18
LACP, support for 1-3
Layer 3 interface 30-3
load balancing 29-6, 29-15
logical interfaces, described 29-3
PAgP
aggregate-port learners 29-16
compatibility with Catalyst 1900 29-16
described 29-4
displaying status 29-20
interaction with other features 29-5
learn method and priority configuration 29-16
modes 29-4
silent mode 29-5
support for 1-3
port-channel interfaces
described 29-3
numbering of 29-3
port groups 10-5
support for 1-3
Ethernet VLANs
adding 12-8
defaults and ranges 12-8
modifying 12-8
events, RMON 24-3
examples
conventions for xxxiv
network configuration 1-11
expedite queue for QoS
configuring 28-63
expert mode 3-6
Express Setup 1-9, 3-12
See also hardware installation guide
extended-range VLANs
configuration guidelines 12-13
configuring 12-12
creating 12-13, 12-14
defined 12-1
extended system ID
MSTP 16-14
STP 15-4, 15-14
Extensible Authentication Protocol over LAN 9-1
exterior routes, IGRP 30-23
external BGP
See EBGP
external neighbors, BGP 30-47
F
fallback bridging
and protected ports 34-3
bridge groups
creating 34-3
described 34-1
displaying 34-10
function of 34-2
number supported 34-4
removing 34-4
bridge table
clearing 34-10
displaying 34-10
configuration guidelines 34-3
connecting interfaces with 10-6
default configuration 34-3
described 34-1
frame forwarding
flooding packets 34-2
forwarding packets 34-2
overview 34-1
fallback bridging (continued)
STP
disabling on an interface 34-10
forward-delay interval 34-9
hello BPDU interval 34-8
interface priority 34-6
maximum-idle interval 34-9
path cost 34-7
VLAN-bridge spanning-tree priority 34-6
VLAN-bridge STP 34-2
support for 1-8
SVIs and routed ports 34-1
VLAN-bridge STP 15-11, 34-1
FIB 30-63
fiber-optic, detecting unidirectional links 22-1
files
copying B-4
crashinfo
description 35-22
displaying the contents of 35-22
location 35-22
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 27-29
non-IP traffic 27-26
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
See ACLs, IP
Flash device, number of B-1
Flash updates, IGRP 30-25
flooded traffic, blocking 20-6
flow-based packet classification 1-7
flowcharts
QoS classification 28-6
QoS egress queueing and scheduling 28-15
QoS ingress queueing and scheduling 28-13
QoS policing and marking 28-9
flow control 1-3, 10-14
forward-delay time
MSTP 16-20
STP 15-21
Forwarding Information Base
See FIB
forwarding non-routable protocols 34-1
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-15
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 26-3
get-next-request operation 26-3, 26-5
get-request operation 26-3, 26-5
get-response operation 26-3
global configuration mode 2-2
guest VLAN and 802.1X 9-8
guide
audience xxxiii
purpose of xxxiii
guide mode 1-2, 3-5
H
hardware limitations and Layer 3 interfaces 10-19
HC (candidate switch) 5-19
hello time
MSTP 16-19
STP 15-20
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 25-9
host names
abbreviations appended to 5-19
in clusters 5-13
hosts, limit on dynamic ports 12-33
Hot Standby Router Protocol
See HSRP
HP OpenView 1-4
HSRP
authentication string 31-8
automatic cluster recovery 5-12
binding to cluster group 31-9
cluster standby group considerations 5-11
command-switch redundancy 1-1, 1-5
configuring 31-3
default configuration 31-4
definition 31-1
guidelines 31-4
monitoring 31-10
overview 31-1
priority 31-6
routing redundancy 1-8
timers 31-8
tracking 31-6
See also clusters, cluster standby group, and standby command switch
I
IBPG 30-43
ICMP
redirect messages 30-11
support for 1-8
time exceeded messages 35-16
traceroute and 35-16
unreachable messages 27-19
unreachables and ACLs 27-21
ICMP ping
executing 35-13
overview 35-13
ICMP Router Discovery Protocol
See IRDP
IDS appliances
and ingress RSPAN 23-20
and ingress SPAN 23-13
IEEE 802.1P 14-1
ifIndex values, SNMP 26-6
IFS 1-4
IGMP
configuring the switch
as a member of a group 32-26
statically connected member 32-31
controlling access to groups 32-27
default configuration 32-26
deleting cache entries 32-50
displaying groups 32-50
fast switching 32-31
host-query interval, modifying 32-29
joining multicast group 19-3
join messages 19-3
leave processing, enabling 19-10
leaving multicast group 19-5
multicast reachability 32-26
overview 32-2
queries 19-4
report suppression
described 19-6
disabling 19-11
support for 1-3
Version 1
changing to Version 2 32-28
described 32-3
Version 2
changing to Version 1 32-28
described 32-3
maximum query response time value 32-30
pruning groups 32-30
query timeout value 32-30
IGMP filtering
configuring 19-22
default configuration 19-21
described 19-20
monitoring 19-26
support for 1-3
IGMP groups
configuring the filtering action 19-24
setting the maximum number 19-24
IGMP profile
applying 19-23
configuration mode 19-22
configuring 19-22
IGMP snooping
and address aliasing 19-2
configuring 19-6
default configuration 19-7
definition 19-2
enabling and disabling 19-7
IGMP snooping (continued)
global configuration 19-7
Immediate Leave 19-6
method 19-8
monitoring 19-12
support for 1-3
VLAN configuration 19-7
IGMP throttling
configuring 19-24
default configuration 19-21
described 19-21
displaying action 19-26
IGP 30-28
IGRP
advertisements 30-23
alternate routes 30-25
configuring 30-26
default configuration 30-24
described 30-23
exterior routes 30-23
Flash updates 30-25
interior routes 30-23
load balancing 30-25
poison-reverse updates 30-25
split horizon 30-27
support for 1-8
system routes 30-23
traffic sharing 30-25
unequal-cost load balancing 30-25
Immediate-Leave, IGMP 19-6
initial configuration
defaults 1-9
Express Setup 1-9
See also hardware installation guide
setup (CLI) program 1-9
interface
number 10-7
range macros 10-9
interface command 10-7
interface configuration mode 2-2
interfaces
configuration guidelines 10-13
configuring 10-7
configuring duplex mode 10-12
configuring speed 10-12
counters, clearing 10-23
described 10-18
descriptive name, adding 10-18
displaying information about 10-22
flow control 10-14
management 1-4
monitoring 10-22
naming 10-18
physical, identifying 10-6, 10-7
range of 10-8
restarting 10-23
shutting down 10-23
supported 10-6
types of 10-1
interfaces range macro command 10-9
interface types 10-7
Interior Gateway Protocol
See IGP
Interior Gateway Routing Protocol
See IGRP
interior routes, IGRP 30-23
internal BGP
See IBGP
internal neighbors, BGP 30-47
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Inter-Switch Link
See ISL
inter-VLAN routing 1-8, 30-2
Intrusion Detection System
See IDS
inventory, cluster 5-20
IOS File System
See IFS
ip access group command 27-20
IP ACLs
applying to an interface 27-19
extended, creating 27-10
for QoS classification 28-7
implicit deny 27-9, 27-13, 27-15
implicit masks 27-9
logging 27-15
named 27-14
standard, creating 27-8
undefined 27-20
virtual terminal lines, setting on 27-18
IP addresses
candidate or member 5-4, 5-13
classes of 30-5
cluster access 5-2
command switch 5-3, 5-11, 5-13
default configuration 30-4
discovering 6-28
for IP routing 30-4
MAC address association 30-8
monitoring 30-17
redundant clusters 5-11
standby command switch 5-11, 5-13
See also IP information
IP broadcast address 30-15
ip cef distributed command 30-64
IP directed broadcasts 30-13
ip igmp profile command 19-22
IP information
assigned
manually 4-9
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP multicast routing
addresses
all-hosts 32-3
all-multicast-routers 32-3
host group address range 32-3
administratively-scoped boundaries, described 32-34
and IGMP snooping 19-2
Auto-RP
adding to an existing sparse-mode cloud 32-13
benefits of 32-13
clearing the cache 32-50
configuration guidelines 32-9
filtering incoming RP announcement messages 32-16
overview 32-5
preventing candidate RP spoofing 32-16
preventing join messages to false RPs 32-15
setting up in a new internetwork 32-13
using with BSR 32-21
bootstrap router
configuration guidelines 32-9
configuring candidate BSRs 32-19
configuring candidate RPs 32-20
defining the IP multicast boundary 32-18
defining the PIM domain border 32-17
overview 32-5
using with Auto-RP 32-21
Cisco implementation 32-2
configuring
basic multicast routing 32-10
IP multicast boundary 32-34
default configuration 32-8
enabling
multicast forwarding 32-10
PIM mode 32-11
group-to-RP mappings
Auto-RP 32-5
BSR 32-5
IP multicast routing (continued)
MBONE
deleting sdr cache entries 32-50
described 32-33
displaying sdr cache 32-51
enabling sdr listener support 32-33
limiting DVMRP routes advertised 32-45
limiting sdr cache entry lifetime 32-34
SAP packets for conference session announcement 32-33
Session Directory (sdr) tool, described 32-33
monitoring
packet rate loss 32-51
peering devices 32-51
tracing a path 32-51
multicast forwarding, described 32-6
PIMv1 and PIMv2 interoperability 32-8
protocol interaction 32-2
reverse path check (RPF) 32-6
routing table
deleting 32-50
displaying 32-51
RP
assigning manually 32-11
configuring Auto-RP 32-13
configuring PIMv2 BSR 32-17
monitoring mapping information 32-22
using Auto-RP and BSR 32-21
statistics, displaying system and network 32-50
See also CGMP
See also DVMRP
See also IGMP
See also PIM
IP phones
and QoS 14-1
automatic classification and queueing 28-18
configuring 14-4
ensuring port security with QoS 28-34
trusted boundary for QoS 28-34
IP precedence 28-2
IP-precedence-to-DSCP map for QoS 28-48
IP protocols
in ACLs 27-11
routing 1-8
IP routes, monitoring 30-77
IP routing
connecting interfaces with 10-6
enabling 30-18
IP traceroute
executing 35-17
overview 35-16
IP unicast routing
address resolution 30-8
administrative distances 30-66, 30-75
ARP 30-8
assigning IP addresses to Layer 3 interfaces 30-5
authentication keys 30-76
broadcast
address 30-15
flooding 30-16
packets 30-13
storms 30-13
classless routing 30-6
configuring static routes 30-65
default
addressing configuration 30-4
gateways 30-11
networks 30-66
routes 30-66
routing 30-2
directed broadcasts 30-13
dynamic routing 30-3
enabling 30-18
EtherChannel Layer 3 interface 30-3
IGP 30-28
inter-VLAN 30-2
IP unicast routing (continued)
IP addressing
classes 30-5
configuring 30-4
IRDP 30-12
Layer 3 interfaces 30-3
MAC address and IP address 30-8
passive interfaces 30-74
protocols
distance-vector 30-3
dynamic 30-3
link-state 30-3
proxy ARP 30-8
redistribution 30-67
reverse address resolution 30-8
routed ports 30-3
static routing 30-2
steps to configure 30-4
subnet mask 30-5
subnet zero 30-6
supernet 30-6
UDP 30-15
with SVIs 30-3
See also BGP
See also EIGRP
See also IGRP
See also OSPF
See also RIP
IRDP
configuring 30-12
definition 30-12
support for 1-8
ISL
and trunk ports 10-3
encapsulation 1-6, 12-16
J
join messages, IGMP 19-3
K
KDC
described 8-32
See also Kerberos
Kerberos
authenticating to
boundary switch 8-35
KDC 8-35
network services 8-35
configuration examples 8-32
configuring 8-36
credentials 8-32
cryptographic software image 8-32
described 8-32
KDC 8-32
operation 8-34
realm 8-33
server 8-33
support for 1-7
switch as trusted third party 8-32
terms 8-33
TGT 8-34
tickets 8-32
key distribution center
See KDC
L
LACP
See EtherChannel
Layer 2 frames, classification with CoS 28-2
Layer 2 interfaces, default configuration 10-11
Layer 2 traceroute
and ARP 35-15
and CDP 35-15
described 35-14
IP addresses and subnets 35-15
MAC addresses and VLANs 35-15
multicast traffic 35-15
multiple devices on a port 35-15
unicast traffic 35-14
usage guidelines 35-15
Layer 2 trunks 12-17
Layer 3 features 1-8
Layer 3 interfaces
assigning IP addresses to 30-5
changing from Layer 2 mode 30-5
types of 30-3
Layer 3 packets, classification methods 28-2
leave processing, IGMP 19-10
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
See EtherChannel
See LACP
links, unidirectional 22-1
link state advertisements (LSAs) 30-32
link-state protocols 30-3
load balancing, IGRP 30-25
logging messages, ACL 27-9
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-18
log messages
See system message logging
Long-Reach Ethernet (LRE) technology 1-13
loop guard
described 17-8
enabling 17-15
support for 1-5
LRE profiles, considerations in switch clusters 5-15
M
MAC addresses
aging time 6-22
and VLAN association 6-22
building the address table 6-21
default configuration 6-22
discovering 6-28
displaying 6-28
displaying in DHCP snooping binding table 18-6
dynamic
learning 6-21
removing 6-23
in ACLs 27-26
IP address association 30-8
static
adding 6-26
allowing 6-27
characteristics of 6-25
dropping 6-27
removing 6-26
MAC address notification, support for 1-9
MAC address-to-VLAN mapping 12-27
MAC extended access lists
applying to Layer 2 interfaces 27-28
configuring for QoS 28-39
creating 27-26
defined 27-26
for QoS classification 28-5
macros
See SmartPort macros
manageability features 1-4
management access
in-band
browser session 1-4
CLI session 1-4
SNMP 1-5
out-of-band console port connection 1-5
management options
benefits
clustering 1-3
CMS 1-2
CLI 2-1
overview 1-4
management VLAN
considerations in switch clusters 5-7
discovery through different management VLANs 5-7
mapping tables for QoS
configuring
CoS-to-DSCP 28-47
DSCP 28-47
DSCP-to-CoS 28-50
DSCP-to-DSCP-mutation 28-51
IP-precedence-to-DSCP 28-48
policed-DSCP 28-49
described 28-10
marking
action in policy map 28-42
action with aggregate policers 28-45
described 28-3, 28-8
matching, ACLs 27-7
maximum aging time
MSTP 16-21
STP 15-21
maximum hop count, MSTP 16-21
maximum-paths command 30-50, 30-64
membership mode, VLAN port 12-3
member switch
adding 5-17
automatic discovery 5-5
defined 5-2
member switch (continued)
managing 5-21
passwords 5-13
recovering from lost connectivity 35-11
requirements 5-4
See also candidate switch, cluster standby group, and standby command switch
menu bar
variations 3-4
messages
logging ACL violations 27-15
to users through banners 6-18
metrics, in BGP 30-51
metric translations, between routing protocols 30-70
MIBs
accessing files with FTP A-3
location of files A-3
overview 26-1
SNMP interaction with 26-5
supported A-1
mirroring traffic for analysis 23-1
mismatches, autonegotiation 35-12
module number 10-7
monitoring
access groups 27-40
ACL configuration 27-40
BGP 30-62
cables for unidirectional links 22-1
CDP 21-5
CEF 30-64
EIGRP 30-42
fallback bridging 34-10
features 1-9
HSRP 31-10
IGMP
filters 19-26
snooping 19-12
interfaces 10-22
IP
address tables 30-17
multicast routing 32-49
routes 30-77
MSDP peers 33-19
multicast router interfaces 19-12
MVR 19-20
network traffic for analysis with probe 23-2
OSPF 30-36
port
blocking 20-15
protection 20-15
RP mapping information 32-22
source-active messages 33-19
speed and duplex mode 10-14
traffic flowing among switches 24-1
traffic suppression 20-15
VLAN
filters 27-40
maps 27-40
VLANs 12-16
VMPS 12-32
VTP 13-15
MSDP
benefits of 33-3
clearing MSDP connections and statistics 33-19
controlling source information
forwarded by switch 33-12
originated by switch 33-9
received by switch 33-14
default configuration 33-4
dense-mode regions
sending SA messages to 33-17
specifying the originating address 33-18
filtering
incoming SA messages 33-14
SA messages to a peer 33-12
SA requests from a peer 33-11
join latency, defined 33-6
meshed groups
configuring 33-16
defined 33-16
originating address, changing 33-18
overview 33-1
peer-RPF flooding 33-2
peers
configuring a default 33-4
monitoring 33-19
peering relationship, overview 33-1
requesting source information from 33-8
shutting down 33-16
source-active messages
caching 33-6
clearing cache entries 33-19
defined 33-2
filtering from a peer 33-11
filtering incoming 33-14
filtering to a peer 33-12
limiting data with TTL 33-14
monitoring 33-19
restricting advertised sources 33-9
support for 1-8
MSTP
boundary ports
configuration guidelines 16-13
described 16-5
BPDU filtering
described 17-3
enabling 17-12
BPDU guard
described 17-3
enabling 17-11
CIST, described 16-3
configuration guidelines 16-12, 17-9
configuring
forward-delay time 16-20
hello time 16-19
link type for rapid convergence 16-22
maximum aging time 16-21
maximum hop count 16-21
MST region 16-13
path cost 16-18
port priority 16-17
root switch 16-14
secondary root switch 16-16
switch priority 16-19
CST
defined 16-3
operations between regions 16-4
default configuration 16-12
default optional feature configuration 17-9
displaying status 16-23
enabling the mode 16-13
extended system ID
effects on root switch 16-14
effects on secondary root switch 16-16
unexpected behavior 16-15
instances supported 15-9
interface state, blocking to forwarding 17-2
interoperability and compatibility among modes 15-10
interoperability with 802.1D
described 16-5
restarting migration process 16-22
IST
defined 16-3
master 16-3
operations within a region 16-3
loop guard
described 17-8
enabling 17-15
mapping VLANs to MST instance 16-13
MST region
CIST 16-3
configuring 16-13
described 16-2
hop-count mechanism 16-5
IST 16-3
supported spanning-tree instances 16-2
optional features supported 1-5
overview 16-2
Port Fast
described 17-2
enabling 17-10
preventing root switch selection 17-7
root guard
described 17-7
enabling 17-14
root switch
configuring 16-15
effects of extended system ID 16-14
unexpected behavior 16-15
shutdown Port Fast-enabled port 17-3
status, displaying 16-23
multicast groups
Immediate Leave 19-6
joining 19-3
leaving 19-5
static joins 19-10
multicast packets
ACLs on 27-39
blocking 20-6
multicast router interfaces, monitoring 19-12
multicast router ports, adding 19-9
Multicast Source Discovery Protocol
See MSDP
multicast storm-control command 20-4
multicast storms 20-2
Multicast VLAN Registration
See MVR
Multiple Spanning Tree Protocol
See MSTP
MVR
and address aliasing 19-16
configuring interfaces 19-18
default configuration 19-16
described 19-13
modes 19-17
monitoring 19-20
setting global parameters 19-17
support for 1-3
N
named IP ACLs 27-14
native VLAN
configuring 12-23
default 12-23
neighbor discovery/recovery, EIGRP 30-37
neighbors, BGP 30-57
network configuration examples
increasing network performance 1-11
large network 1-14
long-distance, high-bandwidth transport 1-16
providing network services 1-12
small to medium-sized network 1-13
network design
performance 1-12
services 1-12
network management
CDP 21-1
RMON 24-1
SNMP 26-1
Network Time Protocol
See NTP
no commands 2-4
non-IP traffic filtering 27-26
nontrunking mode 12-17
normal-range VLANs
configuration modes 12-6
defined 12-1
no switchport command 10-3
note, described xxxiv
not-so-stubby areas
See NSSA
NSSA, OSPF 30-32
NTP
associations
authenticating 6-5
defined 6-2
enabling broadcast messages 6-7
peer 6-6
server 6-6
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-9
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-4
synchronizing devices 6-6
time
services 6-2
synchronizing 6-2
O
Open Shortest Path First
See OSPF
optimizing system resources 7-1
options, management 1-4
OSPF
area parameters, configuring 30-32
configuring 30-30
default configuration
metrics 30-34
route 30-34
settings 30-29
described 30-28
interface parameters, configuring 30-31
LSA group pacing 30-35
monitoring 30-36
router IDs 30-35
route summarization 30-33
support for 1-8
virtual links 30-33
out-of-profile markdown 1-7
P
packet modification, with QoS 28-17
PAgP
See EtherChannel
parallel paths, in routing tables 30-64
passive interfaces
configuring 30-74
OSPF 30-34
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-4
for security 1-6
in clusters 5-14, 5-17
overview 8-1
recovery of 35-4
setting
enable 8-3
enable secret 8-4
Telnet 8-6
with usernames 8-7
VTP domain 13-8
path cost
MSTP 16-18
STP 15-18
PBR
defined 30-71
enabling 30-72
fast-switched policy-based routing 30-73
local policy-based routing 30-73
PC (passive command switch) 5-10, 5-19
peers, BGP 30-57
performance, network design 1-11
performance features 1-3
per-VLAN spanning-tree plus
See PVST+
physical ports 10-2
PIM
default configuration 32-8
dense mode
overview 32-4
rendezvous point (RP), described 32-4
RPF lookups 32-7
displaying neighbors 32-51
enabling a mode 32-11
overview 32-3
router-query message interval, modifying 32-25
shared tree and source tree, overview 32-22
shortest path tree, delaying the use of 32-24
sparse mode
join messages and shared tree 32-4
overview 32-4
prune messages 32-5
RPF lookups 32-7
support for 1-8
versions
interoperability 32-8
troubleshooting interoperability problems 32-22
v2 improvements 32-4
PIM-DVMRP, as snooping method 19-8
ping
character output description 35-14
executing 35-13
overview 35-13
PoE
configuring 10-16
support for 1-8
troubleshooting 35-12
poison-reverse updates, IGRP 30-25
policed-DSCP map for QoS 28-49
policers
configuring
for each matched traffic class 28-42
for more than one traffic class 28-45
described 28-3
displaying 28-64
number of 28-29
types of 28-8
policing
described 28-3
token-bucket algorithm 28-9
policy-based routing
See PBR
policy maps for QoS
characteristics of 28-42
configuring 28-42
described 28-7
displaying 28-65
port ACLs
defined 27-2
types of 27-3
Port Aggregation Protocol
See EtherChannel
See PAgP
port-based authentication
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-11
configuring
802.1X authentication 9-11
guest VLAN 9-18
host mode 9-17
manual re-authentication of a client 9-14
periodic re-authentication 9-14
quiet period 9-15
RADIUS server 9-14
RADIUS server parameters on the switch 9-13
switch-to-client frame-retransmission number 9-16
switch-to-client retransmission time 9-15
default configuration 9-10
described 9-1
device roles 9-2
displaying statistics 9-19
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-2
guest VLAN
configuration guidelines 9-8
described 9-8
initiation and message exchange 9-3
method lists 9-11
multiple-hosts mode, described 9-17
per-user ACLs
AAA authorization 9-11
configuration tasks 9-9
described 9-8
RADIUS server attributes 9-8
port-based authentication (continued)
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
voice VLAN 9-6
port security
and voice VLAN 9-6
described 9-5
interactions 9-5
multiple-hosts mode 9-17
resetting to default values 9-18
statistics, displaying 9-19
switch
as proxy 9-2
RADIUS client 9-2
topologies, supported 9-4
VLAN assignment
AAA authorization 9-11
characteristics 9-7
configuration tasks 9-7
described 9-6
voice VLAN
described 9-6
PVID 9-6
VVID 9-6
port blocking 1-3, 20-6
port-channel
See EtherChannel
Port Fast
described 17-2
enabling 17-10
mode, spanning tree 12-29
support for 1-5
port membership modes, VLAN 12-3
port priority
MSTP 16-17
STP 15-17
ports
access 10-2
blocking 20-6
dynamic access 12-4
protected 20-5
routed 10-3
secure 20-7
static-access 12-3, 12-11
switch 10-2
trunks 12-3, 12-16
VLAN assignments 12-11
port security
aging 20-14
and QoS trusted boundary 28-34
configuring 20-11
default configuration 20-10
described 20-7
displaying 20-15
on trunk ports 20-12
sticky learning 20-8
violations 20-9
with other features 20-10
port-shutdown response, VMPS 12-28
Power over Ethernet
See PoE
preferential treatment of traffic
See QoS
prefix lists, BGP 30-54
preventing unauthorized access 8-1
priority
HSRP 31-6
overriding CoS 14-5
trusting CoS 14-5
private VLAN edge ports
See protected ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 5-22
privilege levels (continued)
exiting 8-10
in CMS 3-7
logging into 8-10
mapping on member switches 5-22
overview 8-2, 8-8
setting a command with 8-8
protected ports 1-6, 20-5
protocol-dependent modules, EIGRP 30-38
Protocol-Independent Multicast Protocol
See PIM
proxy ARP
configuring 30-10
definition 30-8
with IP routing disabled 30-11
pruning, VTP
enabling 13-13
enabling on a port 12-22
examples 13-5
overview 13-4
pruning-eligible list
changing 12-22
for VTP pruning 13-4
VLANs 13-14
PVST+
802.1Q trunking interoperability 15-10
described 15-9
instances supported 15-9
Q
QoS
auto-QoS
categorizing traffic 28-18
configuration and defaults display 28-26
configuration guidelines 28-22
described 28-18
disabling 28-23
displaying generated commands 28-23
displaying the initial configuration 28-26
effects on running configuration 28-22
egress queue defaults 28-19
enabling for VoIP 28-23
example configuration 28-24
ingress queue defaults 28-19
list of generated commands 28-20
basic model 28-3
classification
class maps, described 28-7
defined 28-3
flowchart 28-6
forwarding treatment 28-3
in frames and packets 28-2
IP ACLs, described 28-5, 28-7
MAC ACLs, described 28-5, 28-7
options for IP traffic 28-5
options for non-IP traffic 28-5
policy maps, described 28-7
trust DSCP, described 28-5
trusted CoS, described 28-5
trust IP precedence, described 28-5
class maps
configuring 28-40
displaying 28-64
configuration guidelines
auto-QoS 28-22
standard QoS 28-29
configuring
aggregate policers 28-45
auto-QoS 28-18
default port CoS value 28-33
DSCP maps 28-47
DSCP trust states bordering another domain 28-35
egress queue characteristics 28-57
ingress queue characteristics 28-52
IP extended ACLs 28-38
IP standard ACLs 28-37
MAC ACLs 28-39
policy maps 28-42
port trust states within the domain 28-31
trusted boundary 28-34
default auto configuration 28-18
default standard configuration 28-27
displaying statistics 28-64
egress queues
allocating buffer space 28-57
buffer allocation scheme, described 28-16
configuring shaped weights for SRR 28-60
configuring shared weights for SRR 28-62
described 28-4
displaying the threshold map 28-60
flowchart 28-15
mapping DSCP or CoS values 28-59
scheduling, described 28-4
setting WTD thresholds 28-57
WTD, described 28-17
enabling globally 28-30
flowcharts
classification 28-6
egress queueing and scheduling 28-15
ingress queueing and scheduling 28-13
policing and marking 28-9
implicit deny 28-7
ingress queues
allocating bandwidth 28-55
allocating buffer space 28-54
buffer and bandwidth allocation, described 28-14
configuring shared weights for SRR 28-55
configuring the priority queue 28-56
described 28-3
displaying the threshold map 28-53
flowchart 28-13
mapping DSCP or CoS values 28-53
priority queue, described 28-14
scheduling, described 28-3
setting WTD thresholds 28-53
WTD, described 28-14
IP phones
automatic classification and queueing 28-18
detection and trusted settings 28-18, 28-34
limiting bandwidth on egress interface 28-63
mapping tables
CoS-to-DSCP 28-47
displaying 28-64
DSCP-to-CoS 28-50
DSCP-to-DSCP-mutation 28-51
IP-precedence-to-DSCP 28-48
policed-DSCP 28-49
types of 28-10
marked-down actions 28-43
marking, described 28-3, 28-8
overview 28-1
packet modification 28-17
policers
configuring 28-43, 28-45
described 28-8
displaying 28-64
number of 28-29
types of 28-8
policies, attaching to an interface 28-9
policing
described 28-3, 28-8
token bucket algorithm 28-9
policy maps
characteristics of 28-42
configuring 28-42
displaying 28-65
QoS label, defined 28-3
queues
configuring egress characteristics 28-57
configuring ingress characteristics 28-52
high priority (expedite) 28-17, 28-63
location of 28-11
SRR, described 28-12
WTD, described 28-11
rewrites 28-17
support for 1-7
trust states
bordering another domain 28-35
described 28-5
trusted device 28-34
within the domain 28-31
quality of service
See QoS
queries, IGMP 19-4
R
RADIUS
attributes
vendor-proprietary 8-31
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-21
multiple UDP ports 8-21
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-21
in clusters 5-14
limiting the services to the user 8-27
method list, defined 8-20
operation of 8-19
overview 8-18
suggested network environments 8-18
support for 1-7
tracking services accessed by user 8-28
range
macro 10-9
of interfaces 10-8
rapid convergence 16-7
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
802.1Q trunking interoperability 15-10
described 15-9
instances supported 15-9
Rapid Spanning Tree Protocol
See RSTP
RARP 30-8
rcommand command 5-21
RCP
configuration files
downloading B-17
overview B-16
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-31
preparing the server B-29
uploading B-33
reconfirmation interval, VMPS, changing 12-31
recovery procedures 35-1
redundancy
EtherChannel 29-2
HSRP 31-1
STP
backbone 15-8
path cost 12-26
port priority 12-24
redundant clusters
See cluster standby group
redundant links and UplinkFast 17-13
reliable transport protocol, EIGRP 30-37
reloading software 4-16
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
report suppression, IGMP
described 19-6
disabling 19-11
requirements
cluster
See release notes xxxv
CMS
See switch software configuration guide xxxv
resets, in BGP 30-49
resetting a UDLD-shutdown interface 22-6
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-18
TACACS+ 8-10
retry count, VMPS, changing 12-32
reverse address resolution 30-8
Reverse Address Resolution Protocol
See RARP
RFC
1058, RIP 30-19
1112, IP multicast and IGMP 19-2
1157, SNMPv1 26-2
1163, BGP 30-43
1166, IP addresses 30-5
1253, OSPF 30-28
1267, BGP 30-43
1305, NTP 6-2
1587, NSSAs 30-28
1757, RMON 24-2
1771, BGP 30-43
1901, SNMPv2C 26-2
1902 to 1907, SNMPv2 26-2
2236, IP multicast and IGMP 19-2
2273-2275, SNMPv3 26-2
RIP
advertisements 30-19
authentication 30-21
configuring 30-20
default configuration 30-19
described 30-19
hop counts 30-19
split horizon 30-22
summary addresses 30-22
support for 1-8
RMON
default configuration 24-3
displaying status 24-6
enabling alarms and events 24-3
groups supported 24-2
overview 24-1
statistics
collecting group Ethernet 24-6
collecting group history 24-5
support for 1-9
root guard
described 17-7
enabling 17-14
support for 1-5
root switch
MSTP 16-14
STP 15-14
route calculation timers, OSPF 30-34
route dampening, BGP 30-61
routed packets, ACLs on 27-38
routed ports
configuring 30-3
defined 10-3
in switch clusters 5-8
IP addresses on 10-19, 30-3
route-map command 30-73
route maps
BGP 30-52
policy-based routing 30-71
router ACLs
defined 27-2
types of 27-4
route reflectors, BGP 30-60
router ID, OSPF 30-35
route selection, BGP 30-50
route summarization, OSPF 30-33
routing
default 30-2
dynamic 30-3
redistribution of information 30-67
static 30-2
routing domain confederation, BGP 30-59
Routing Information Protocol
See RIP
routing protocol administrative distances 30-66
RSPAN
characteristics 23-8
configuration guidelines 23-16
default configuration 23-9
destination ports 23-7
displaying status 23-23
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-7
overview 1-9, 23-1
received traffic 23-4
session limits 23-10
sessions
creating 23-17
defined 23-3
limiting source traffic to specific VLANs 23-22
specifying monitored ports 23-17
with ingress traffic enabled 23-20
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
RSTP
active topology, determining 16-6
BPDU
format 16-9
processing 16-10
designated port, defined 16-6
designated switch, defined 16-6
interoperability with 802.1D
described 16-5
restarting migration process 16-22
topology changes 16-10
overview 16-6
port roles
described 16-6
synchronized 16-8
proposal-agreement handshake process 16-7
rapid convergence
described 16-7
edge ports and Port Fast 16-7
point-to-point links 16-7, 16-22
root ports 16-7
root port, defined 16-6
See also MSTP
running configuration, saving 4-10
S
SC (standby command switch) 5-10, 5-19
scheduled reloads 4-16
SDM
described 7-1
templates
configuring 7-3
number of 7-1
SDM template
configuring 7-2
secure MAC addresses
deleting 20-13
maximum number of 20-8
types of 20-8
secure ports
configuring 20-7
secure remote connections 8-38
Secure Shell
See SSH
security, port 20-7
security features 1-6
sequence numbers in log messages 25-7
server mode, VTP 13-3
service-provider network
MSTP and RSTP 16-1
set-request operation 26-5
setup (CLI) program 1-9
See also hardware installation guide
setup program
failed command switch replacement 35-8, 35-10
severity levels, defining in system messages 25-8
SFPs
security and identification 35-12
shaped round robin
See SRR
show access-lists hw-summary command 27-21
show and more command output, filtering 2-8
show cdp traffic command 21-5
show cluster members command 5-21
show configuration command 10-18
show forward command 35-19
show interfaces command 10-14, 10-18
show platform forward command 35-19
show running-config command
displaying ACLs 27-19, 27-20, 27-30, 27-33
interface description in 10-18
shutdown command on interfaces 10-23
Simple Network Management Protocol
See SNMP
SmartPort macros
configuration guidelines 11-2
creating and applying 11-3
default configuration 11-2
defined 11-1
displaying 11-4
tracing 11-2
SNAP 21-1
SNMP
accessing MIB variables with 26-5
agent
described 26-4
disabling 26-8
authentication level 26-10
community strings
configuring 26-8
for cluster switches 26-4
overview 26-4
configuration examples 26-15
default configuration 26-7
engine ID 26-7
groups 26-7, 26-9
host 26-7
ifIndex values 26-6
in-band management 1-5
in clusters 5-14
informs
and trap keyword 26-11
described 26-5
differences from traps 26-5
enabling 26-14
limiting access by TFTP servers 26-15
limiting system log messages to NMS 25-9
manager functions 1-4, 26-3
managing clusters with 5-22
MIBs
location of A-3
supported A-1
notifications 26-5
overview 26-1, 26-5
security levels 26-3
status, displaying 26-16
system contact and location 26-14
trap manager, configuring 26-13
traps
described 26-3, 26-5
differences from informs 26-5
enabling 26-11
enabling MAC address notification 6-23
overview 26-1, 26-5
types of 26-11
users 26-7, 26-9
versions supported 26-2
SNMPv1 26-2
SNMPv2C 26-2
SNMPv3 26-2
snooping, IGMP 19-2
software images
location in Flash B-20
recovery procedures 35-2
scheduling reloads 4-16
tar file format, described B-21
See also downloading and uploading
source addresses, in ACLs 27-11
source-and-destination-IP address based forwarding, EtherChannel 29-7
source-and-destination MAC address forwarding, EtherChannel 29-7
source-IP address based forwarding, EtherChannel 29-7
source-MAC address forwarding, EtherChannel 29-7
SPAN
configuration guidelines 23-10
default configuration 23-9
destination ports 23-7
displaying status 23-23
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-7
overview 1-9, 23-1
received traffic 23-4
session limits 23-10
sessions
configuring ingress forwarding 23-14, 23-21
creating 23-11
defined 23-3
limiting source traffic to specific VLANs 23-15
removing destination (monitoring) ports 23-12
specifying monitored ports 23-11
with ingress traffic enabled 23-13
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
spanning tree and native VLANs 12-19
Spanning Tree Protocol
See STP
SPAN traffic 23-4
speed, configuring on interfaces 10-12
split horizon
IGRP 30-27
RIP 30-22
SRR
configuring
shaped weights on egress queues 28-60
shared weights on egress queues 28-62
shared weights on ingress queues 28-55
described 28-12
shaped mode 28-12
shared mode 28-12
support for 1-7
SSH
configuring 8-39
cryptographic software image 8-37
described 1-4, 8-38
encryption methods 8-38
user authentication methods, supported 8-38
Standby Command Configuration window 5-20
standby command switch
configuring 5-19
considerations 5-11
defined 5-2
priority 5-10
requirements 5-3
virtual IP address 5-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 31-5
standby router 31-1
standby timers, HSRP 31-8
startup configuration
booting
manually 4-13
specific image 4-13
clearing B-19
configuration file
automatically downloading 4-12
specifying the filename 4-12
default boot configuration 4-12
static access ports
assigning to VLAN 12-11
defined 10-3, 12-3
static addresses
See addresses
static IP routing 1-8
static MAC addressing 1-6
static routes, configuring 30-65
static routing 30-2
static VLAN membership 12-2
statistics
802.1X 9-19
CDP 21-5
interface 10-22
IP multicast routing 32-50
OSPF 30-36
QoS ingress and egress 28-64
RMON group Ethernet 24-6
RMON group history 24-5
SNMP input and output 26-16
VTP 13-15
sticky learning 20-8
storm control
configuring 20-3
described 20-2
displaying 20-15
support for 1-3
thresholds 20-2
STP
802.1D and bridge ID 15-4
802.1D and multicast addresses 15-8
802.1T and VLAN identifier 15-4
accelerating root port selection 17-4
BackboneFast
described 17-5
enabling 17-13
BPDU filtering
described 17-3
enabling 17-12
BPDU guard
described 17-3
enabling 17-11
BPDU message exchange 15-3
configuration guidelines 15-12, 17-9
configuring
forward-delay time 15-21
hello time 15-20
maximum aging time 15-21
path cost 15-18
port priority 15-17
root switch 15-14
secondary root switch 15-16
spanning-tree mode 15-13
switch priority 15-19
counters, clearing 15-22
default configuration 15-11
default optional feature configuration 17-9
designated port, defined 15-3
designated switch, defined 15-3
detecting indirect link failures 17-6
disabling 15-14
displaying status 15-22
extended system ID
effects on root switch 15-14
effects on the secondary root switch 15-16
overview 15-4
unexpected behavior 15-15
features supported 1-5
inferior BPDU 15-3
instances supported 15-9
interface state, blocking to forwarding 17-2
interface states
blocking 15-6
disabled 15-7
forwarding 15-5, 15-6
learning 15-6
listening 15-6
overview 15-4
interoperability and compatibility among modes 15-10
limitations with 802.1Q trunks 15-10
load sharing
overview 12-24
using path costs 12-26
using port priorities 12-24
loop guard
described 17-8
enabling 17-15
modes supported 15-9
multicast addresses, effect of 15-8
optional features supported 1-5
overview 15-2
path costs 12-26
Port Fast
described 17-2
enabling 17-10
port priorities 12-25
preventing root switch selection 17-7
protocols supported 15-9
redundant connectivity 15-8
root guard
described 17-7
enabling 17-14
root port, defined 15-3
root switch
configuring 15-15
effects of extended system ID 15-4, 15-14
election 15-3
unexpected behavior 15-15
shutdown Port Fast-enabled port 17-3
status, displaying 15-22
superior BPDU 15-3
timers, described 15-20
UplinkFast
described 17-4
enabling 17-13
VLAN-bridge 15-11
stratum, NTP 6-2
stub areas, OSPF 30-32
subnet mask 30-5
subnet zero 30-6
success response, VMPS 12-28
summer time 6-13
SunNet Manager 1-4
supernet 30-6
SVIs
and IP unicast routing 30-3
and router ACLs 27-4
connecting VLANs 10-5
defined 10-4
routing between VLANs 12-2
switch clustering technology 5-1
See also clusters, switch 1-3
See clusters, switch
switch console port 1-5
Switch Database Management
See SDM
switched packets, ACLs on 27-37
Switched Port Analyzer
See SPAN
switched ports 10-2
Switch Manager 3-15
See also Device Manager
switchport block multicast command 20-6
switchport block unicast command 20-6
switchport command 10-11
switchport protected command 20-5
switch priority
MSTP 16-19
STP 15-19
switch software features 1-1
switch virtual interface
See SVI
synchronization, BGP 30-47
syslog
See system message logging
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-2
See also NTP
system message logging
default configuration 25-3
defining error message severity levels 25-8
disabling 25-4
displaying the configuration 25-12
enabling 25-4
facility keywords, described 25-12
level keywords, described 25-8
limiting messages 25-9
message format 25-2
overview 25-1
sequence numbers, enabling and disabling 25-7
setting the display destination device 25-4
synchronizing log messages 25-5
syslog facility 1-9
time stamps, enabling and disabling 25-7
UNIX syslog servers
configuring the daemon 25-10
configuring the logging facility 25-11
facilities supported 25-12
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
See also DNS
system prompt
default setting 6-15
manual configuration 6-16
system resources, optimizing 7-1
system routes, IGRP 30-23
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-17
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
in clusters 5-14
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-6
tracking services accessed by user 8-17
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
Telnet
accessing management interfaces 2-9
from a browser 2-9
number of connections 1-4
setting a password 8-6
templates, SDM 7-1
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-11
configuration files in base directory 4-6
configuring for autoconfiguration 4-5
image files
deleting B-24
downloading B-23
preparing the server B-22
uploading B-24
limiting access by servers 26-15
TFTP server 1-4
threshold, traffic level 20-2
time
See NTP and system clock
time-range command 27-16
time ranges in ACLs 27-16
time stamps in log messages 25-7
time zones 6-12
Token Ring VLANs
support for 12-5
VTP support 13-4
Topology view
described 3-2, 3-15
TOS 1-7
traceroute, Layer 2
and ARP 35-15
and CDP 35-15
described 35-14
IP addresses and subnets 35-15
MAC addresses and VLANs 35-15
multicast traffic 35-15
multiple devices on a port 35-15
unicast traffic 35-14
usage guidelines 35-15
traceroute command 35-17
See also IP traceroute
traffic
blocking flooded 20-6
fragmented 27-5
unfragmented 27-5
traffic policing 1-7
traffic suppression 20-2
transparent mode, VTP 13-3, 13-12
trap-door mechanism 4-2
traps
configuring MAC address notification 6-23
configuring managers 26-11
defined 26-3
enabling 6-23, 26-11
notification types 26-11
overview 26-1, 26-5
troubleshooting
connectivity problems 35-13, 35-14, 35-16
detecting unidirectional links 22-1
determining packet forwarding 35-19
displaying crash information 35-22
PIMv1 and PIMv2 interoperability problems 32-22
SFP security and identification 35-12
show forward command 35-19
with CiscoWorks 26-5
with debug commands 35-18
with ping 35-13
with system message logging 25-1
with traceroute 35-16
trunking encapsulation 1-6
trunk ports
configuring 12-20
defined 10-3, 12-3
encapsulation 12-20, 12-25, 12-26
secure MAC addresses on 20-11
trunks
allowed-VLAN list 12-21
configuring 12-20, 12-25, 12-26
ISL 12-16
load sharing
setting STP path costs 12-26
using STP port priorities 12-24, 12-25
native VLAN for untagged traffic 12-23
parallel 12-26
pruning-eligible list 12-22
to non-DTP device 12-17
understanding 12-17
trusted boundary for QoS 28-34
trusted port states
between QoS domains 28-35
classification options 28-5
ensuring port security for IP phones 28-34
support for 1-7
within a QoS domain 28-31
twisted-pair Ethernet, detecting unidirectional links 22-1
type of service
See TOS
U
UDLD
default configuration 22-4
echoing detection mechanism 22-3
enabling
globally 22-5
per interface 22-6
link-detection mechanism 22-1
neighbor database 22-2
overview 22-1
resetting an interface 22-6
status, displaying 22-7
support for 1-5
UDP, configuring 30-15
unauthorized ports with 802.1X 9-4
unequal-cost load balancing, IGRP 30-25
unicast MAC address filtering 1-4
and adding static addresses 6-27
and broadcast MAC addresses 6-26
and CPU packets 6-26
unicast MAC address filtering (continued)
and multicast addresses 6-26
and router MAC addresses 6-26
configuration guidelines 6-26
described 6-26
unicast storm control command 20-4
unicast storms 20-2
unicast traffic, blocking 20-6
UniDirectional Link Detection protocol
See UDLD
UNIX syslog servers
daemon configuration 25-10
facilities supported 25-12
message logging configuration 25-11
unrecognized Type-Length-Value (TLV) support 13-4
upgrading information
See release notes xxxv
upgrading software images
See downloading
UplinkFast
described 17-4
enabling 17-13
support for 1-5
uploading
configuration files
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
image files
preparing B-22, B-25, B-29
reasons for B-20
using FTP B-28
using RCP B-33
using TFTP B-24
User Datagram Protocol
See UDP
user EXEC mode 2-2
username-based authentication 8-7
V
version-dependent transparent mode 13-4
virtual IP address
cluster standby group 5-11, 5-19
command switch 5-11, 5-19
See also IP addresses
virtual router 31-1, 31-2
vlan.dat file 12-4
VLAN 1, disabling on a trunk port 12-21
VLAN 1 minimization 12-21
VLAN ACLs
See VLAN maps
vlan-assignment response, VMPS 12-28
VLAN configuration
at bootup 12-7
saving 12-7
VLAN configuration mode 2-2, 12-7
VLAN database
and startup configuration file 12-7
and VTP 13-1
VLAN configuration saved in 12-7
VLANs saved in 12-4
vlan database command 12-7
VLAN filtering, and SPAN 23-6
vlan global configuration command 12-7
VLAN ID, discovering 6-28
VLAN management domain 13-2
VLAN Management Policy Server
See VMPS
VLAN map entries, order of 27-29
VLAN maps
applying 27-33
common uses for 27-33
configuration example 27-34
configuration guidelines 27-29
configuring 27-29
creating 27-30
defined 27-2
denying access example 27-35
denying and permitting packets 27-31
displaying 27-40
examples 27-35
support for 1-6
with router ACLs 27-40
VLAN membership
confirming 12-31
modes 12-3
VLAN Query Protocol
See VQP
VLANs
adding 12-8
adding to VLAN database 12-8
aging dynamic addresses 15-9
allowed on trunk 12-21
and spanning-tree instances 12-3, 12-6, 12-13
configuration guidelines, extended-range VLANs 12-13
configuration guidelines, normal-range VLANs 12-6
configuration options 12-6
configuring 12-1
configuring IDs 1006 to 4094 12-13
connecting through SVIs 10-5
creating in config-vlan mode 12-9
creating in VLAN configuration mode 12-10
default configuration 12-8
deleting 12-10
described 10-2, 12-1
displaying 12-16
extended-range 12-1, 12-12
features 1-5
illustrated 12-2
internal 12-13
limiting source traffic with RSPAN 23-22
limiting source traffic with SPAN 23-15
modifying 12-8
native, configuring 12-23
normal-range 12-1, 12-4
number supported 1-5
parameters 12-5
port membership modes 12-3
static-access ports 12-11
STP and 802.1Q trunks 15-10
supported 12-3
Token Ring 12-5
traffic between 12-2
VLAN-bridge STP 15-11, 34-1
VTP modes 13-3
VLAN Trunking Protocol
See VTP
VLAN trunks 12-16, 12-17
VMPS
administering 12-32
configuration example 12-33
configuration guidelines 12-29
default configuration 12-29
description 12-27
dynamic port membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
entering server address 12-30
mapping MAC addresses to VLANs 12-27
monitoring 12-32
reconfirmation interval, changing 12-31
reconfirming membership 12-31
retry count, changing 12-32
voice-over-IP 14-1
voice VLAN
Cisco 7960 phone, port connections 14-1
configuration guidelines 7-2, 14-3
configuring IP phones for data traffic
override CoS of incoming frame 14-5
trust CoS priority of incoming frame 14-5
configuring ports for voice traffic in
802.1P priority tagged frames 14-5
802.1Q frames 14-4
connecting to an IP phone 14-4
default configuration 14-3
described 14-1
displaying 14-6
VQP 1-5, 12-27
VTP
adding a client to a domain 13-14
advertisements 12-19, 13-3
and extended-range VLANs 13-1
and normal-range VLANs 13-2
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-7
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-6
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
modes
client 13-3, 13-11
server 13-3, 13-9
transitions 13-3
transparent 13-3, 13-12
monitoring 13-15
passwords 13-8
pruning
disabling 13-14
enabling 13-13
examples 13-5
overview 13-4
support for 1-6
pruning-eligible list, changing 12-22
server mode, configuring 13-9
statistics 13-15
support for 1-6
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-9
version 1 13-4
version 2
configuration guidelines 13-9
disabling 13-13
enabling 13-13
overview 13-4
W
weighted tail drop
See WTD
wizards 1-2, 3-6
WTD
described 28-11
setting thresholds
egress queue-sets 28-57
ingress queues 28-53
support for 1-7
X
XMODEM protocol 35-2