- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Interface Characteristics
- Configuring Auto Smartports Macros
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring Private VLANs
- Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring LLDP, LLDP-MED, and Wired Location Service
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Embedded Event Manager
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels and Link-State Tracking
- Configuring IP Unicast Routing
- Configuring IPv6 Unicast Routing
- Configuring IPv6 MLD Snooping
- Configuring IPv6 ACLs
- Configuring HSRP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Enhanced Object Tracking
- Configuring Web Cache Services By Using WCCP
- Configuring IP Multicast Routing
- Configuring MSDP
- Configuring Fallback Bridging
- Troubleshooting
- Configuring Online Diagnostics
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(50)SE
Index
A
AAA down policy, NAC Layer 2 IP validation 11
abbreviating commands 4
ABRs 24
AC (command switch) 10
access-class command 19
access control entries
access control entry (ACE) 3
access-denied response, VMPS 26
access groups
applying IPv4 ACLs to interfaces 20
Layer 2 20
Layer 3 20
accessing
clusters, switch 13
command switches 11
member switches 13
switch clusters 13
access lists
access ports
and Layer 2 protocol tunneling 11
defined 3
in switch clusters 9
access template 1
accounting
with 802.1x 46
with IEEE 802.1x 14
with RADIUS 33
ACEs
and QoS 7
defined 2
Ethernet 2
IP 2
ACLs
ACEs 2
any keyword 12
applying
on bridged packets 38
on multicast packets 40
on routed packets 39
on switched packets 38
time ranges to 16
to IPv6 interfaces 7
to QoS 7
classifying traffic for QoS 43
comments in 18
compiling 22
extended IP, configuring for QoS classification 44
extended IPv4
creating 10
matching criteria 7
hardware and software handling 21
host keyword 12
IP
creating 7
fragments and QoS guidelines 33
implicit masks 9
matching criteria 7
undefined 20
IPv4
applying to interfaces 19
creating 7
matching criteria 7
named 14
numbers 8
terminal lines, setting on 18
unsupported features 7
IPv6
applying to interfaces 7
displaying 8
interactions with other features 4
limitations 3
matching criteria 3
named 3
precedence of 2
supported 2
unsupported features 3
Layer 4 information in 37
logging messages 8
named, IPv4 14
named, IPv6 3
names 4
number per QoS class map 33
precedence of 2
resequencing entries 14
router ACLs and VLAN map configuration guidelines 37
standard IP, configuring for QoS classification 43
standard IPv4
creating 9
matching criteria 7
support for 9
support in hardware 21
time ranges 16
types supported 2
unsupported features, IPv4 7
unsupported features, IPv6 3
using router ACLs with VLAN maps 36
VLAN maps
configuration guidelines 30
configuring 29
active links 2
active router 1
active traffic monitoring, IP SLAs 1
address aliasing 2
addresses
displaying the MAC address table 30
dynamic
accelerated aging 8
changing the aging time 21
default aging 8
defined 19
learning 20
removing 22
IPv6 2
MAC, discovering 30
multicast
group address range 3
STP address management 8
static
adding and removing 26
defined 19
Address Resolution Protocol
adjacency tables, with CEF 86
administrative distances
defined 99
OSPF 30
routing protocol defaults 88
advertisements
CDP 1
RIP 19
aggregatable global unicast addresses 3
aggregate addresses, BGP 57
aggregated ports
aggregate policers 58
aggregate policing 12
aging, accelerating 8
aging time
accelerated
for MSTP 23
MAC address table 21
maximum
alarms, RMON 3
allowed-VLAN list 20
application engines, redirecting traffic to 1
area border routers
area routing
IS-IS 61
ISO IGRP 61
ARP
configuring 9
encapsulation 10
static cache configuration 9
table
address resolution 30
managing 30
ASBRs 24
AS-path filters, BGP 51
asymmetrical links, and IEEE 802.1Q tunneling 4
attributes, RADIUS
vendor-proprietary 36
vendor-specific 34
attribute-value pairs 12, 14, 18
authentication
EIGRP 38
HSRP 10
local mode with AAA 43
NTP associations 4
open1x 27
RADIUS
key 26
login 28
TACACS+
defined 11
key 13
login 14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 8
authentication failed VLAN
authentication keys, and routing protocols 99
authentication manager
CLI commands 9
compatibility with older 802.1x CLI commands9to ??
overview 7
authoritative time source, described 2
authorization
with RADIUS 32
authorized ports with IEEE 802.1x 10
autoconfiguration 3
auto enablement 28
automatic discovery
considerations
beyond a noncandidate device 7
brand new switches 9
connectivity 4
different VLANs 6
management VLANs 7
non-CDP-capable devices 6
noncluster-capable devices 6
routed ports 8
in switch clusters 4
automatic QoS
automatic recovery, clusters 10
auto-MDIX
configuring 21
described 20
autonegotiation
duplex mode 3
interface configuration guidelines 18
mismatches 11
autonomous system boundary routers
autonomous systems, in BGP 45
Auto-RP, described 6
autosensing, port speed 3
Auto Smartports macros
Cisco Medianet 2
configuration guidelines 4
default configuration 3
defined 1
displaying 19
event triggers 12
LLDP 1
mapping 9
user-defined macros 15
autostate exclude 6
Auto Smartports macros
auxiliary VLAN
availability, features 7
B
BackboneFast
described 5
disabling 14
enabling 13
support for 7
backup interfaces
backup links 2
backup static routing, configuring 12
banners
configuring
login 18
message-of-the-day login 18
default configuration 17
when displayed 17
Berkeley r-tools replacement 55
BGP
aggregate addresses 57
aggregate routes, configuring 57
CIDR 57
clear commands 60
community filtering 54
configuring neighbors 55
default configuration 42
described 41
enabling 45
monitoring 60
multipath support 49
neighbors, types of 45
path selection 49
peers, configuring 55
prefix filtering 53
resetting sessions 48
route dampening 59
route maps 51
route reflectors 58
routing domain confederation 58
routing session with multi-VRF CE 81
show commands 60
supernets 57
support for 13
Version 4 42
binding cluster group and HSRP group 12
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 6
DHCP snooping database 6
IP source guard 15
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 7
Boolean expressions in tracked lists 4
booting
boot loader, function of 2
boot process 2
manually 17
specific image 18
boot loader
accessing 18
described 2
environment variables 18
prompt 18
trap-door mechanism 2
bootstrap router (BSR), described 7
Border Gateway Protocol
BPDU
error-disabled state 2
filtering 3
RSTP format 12
BPDU filtering
described 3
disabling 12
enabling 12
support for 7
BPDU guard
described 2
disabling 12
enabling 11
support for 7
bridged packets, ACLs on 38
bridge groups
bridge protocol data unit
broadcast flooding 16
broadcast packets
directed 13
flooded 13
broadcast storm-control command 4
C
cables, monitoring for unidirectional links 1
candidate switch
automatic discovery 4
defined 3
requirements 3
See also command switch, cluster standby group, and member switch
Catalyst 6000 switches
authentication compatibility 8
CA trustpoint
configuring 51
defined 49
CDP
and trusted boundary 39
automatic discovery in switch clusters 4
configuring 2
default configuration 2
defined with LLDP 1
described 1
disabling for routing device3to 4
enabling and disabling
on an interface 4
on a switch 3
Layer 2 protocol tunneling 7
monitoring 4
overview 1
power negotiation extensions 7
support for 6
transmission timer and holdtime, setting 2
updates 2
CEF
defined 86
enabling 87
IPv6 18
CGMP
as IGMP snooping learning method 8
clearing cached group entries 61
enabling server support 44
joining multicast group 3
overview 9
server support only 9
switch support of 4
CIDR 57
CipherSuites 50
Cisco 7960 IP Phone 1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco intelligent power management 7
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco IOS IP SLAs 1
Cisco Medianet
Cisco Redundant Power System 2300
configuring 29
managing 29
Cisco Secure ACS
attribute-value pairs for downloadable ACLs 18
attribute-value pairs for redirect URL 18
Cisco Secure ACS configuration guide 57
CISP 28
CIST regional root
CIST root
civic location 3
classless interdomain routing
classless routing 6
class maps for QoS
configuring 46
described 7
displaying 78
class of service
clearing interfaces 31
CLI
abbreviating commands 4
command modes 1
configuration logging 5
described 5
editing features
enabling and disabling 7
keystroke editing 7
wrapped lines 9
error messages 5
filtering command output 9
getting help 3
history
changing the buffer size 6
described 5
disabling 6
recalling commands 6
managing clusters 14
no and default forms of commands 4
Client Information Signalling Protocol
client mode, VTP 3
client processes, tracking 1
CLNS
clock
clusters, switch
accessing 13
automatic discovery 4
automatic recovery 10
benefits 2
compatibility 4
described 1
LRE profile considerations 14
managing
through CLI 14
through SNMP 15
planning 4
planning considerations
automatic discovery 4
automatic recovery 10
CLI 14
host names 13
IP addresses 13
LRE profiles 14
passwords 13
RADIUS 14
TACACS+ 14
cluster standby group
and HSRP group 12
automatic recovery 12
considerations 11
defined 2
requirements 3
virtual IP address 11
CNS 5
Configuration Engine
configID, deviceID, hostname 3
configuration service 2
described 1
event service 3
embedded agents
described 5
enabling automated configuration 6
enabling configuration agent 9
enabling event agent 7
management functions 5
CoA Request Commands 23
Coarse Wave Division Multiplexer
command-line interface
command modes 1
commands
abbreviating 4
no and default 4
commands, setting privilege levels 8
command switch
accessing 11
active (AC) 10
configuration conflicts 11
defined 2
passive (PC) 10
password privilege levels 15
priority 10
recovery
from command-switch failure 10, 7
from lost member connectivity 11
redundant 10
replacing
with another switch 9
with cluster member 8
requirements 3
standby (SC) 10
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 54
community ports 2
community strings
for cluster switches 4
in clusters 14
overview 4
SNMP 14
compatibility, feature 12
config.text 16
configurable leave timer, IGMP 6
configuration, initial
defaults 15
Express Setup 2
configuration changes, logging 10
configuration conflicts, recovering from lost member connectivity 11
configuration examples, network 18
configuration files
archiving 19
clearing the startup configuration 18
creating using a text editor 9
default name 16
deleting a stored configuration 18
described 8
downloading
automatically 16
reasons for 8
using FTP 13
using RCP 16
using TFTP 11
guidelines for creating and using 8
guidelines for replacing and rolling back 20
invalid combinations when copying 5
limiting TFTP server access 16
obtaining with DHCP 8
password recovery disable considerations 5
replacing a running configuration 18, 19
rolling back a running configuration 18, 20
specifying the filename 16
system contact and location information 16
types and location 9
uploading
reasons for 8
using FTP 14
using RCP 17
using TFTP 11
configuration guidelines, multi-VRF CE 74
configuration logger 10
configuration logging 5
configuration replacement 18
configuration settings, saving 15
configure terminal command 11
configuring 802.1x user distribution 53
configuring port-based authentication violation modes36to 37
configuring small-frame arrival rate 5
config-vlan mode 2
conflicts, configuration 11
connections, secure remote 44
connectivity problems 13, 14, 16
consistency checks in VTP Version 2 4
console port, connecting to 10
content-routing technology
control protocol, IP SLAs 4
corrupted software, recovery steps with Xmodem 2
CoS
in Layer 2 frames 2
override priority 6
trust priority 6
CoS input queue threshold map for QoS 16
CoS output queue threshold map for QoS 18
CoS-to-DSCP map for QoS 60
counters, clearing interface 31
CPU utilization, troubleshooting 24
crashinfo file 23
critical authentication, IEEE 802.1x 50
critical VLAN 21
cryptographic software image
Kerberos 38
SSH 44
SSL 48
customer edge devices 72
customjzeable web pages, web-based authentication 6
CWDM SFPs 24
D
DACL
daylight saving time 13
debugging
enabling all system diagnostics 20
enabling for a specific feature 19
redirecting error message output 20
using commands 19
default commands 4
default configuration
802.1x 31
auto-QoS 20
banners 17
BGP 42
booting 16
CDP 2
DHCP 8
DHCP option 82 8
DHCP snooping 8
DHCP snooping binding database 8
DNS 16
dynamic ARP inspection 5
EIGRP 34
EtherChannel 9
Ethernet interfaces 15
fallback bridging 3
Flex Links 8
HSRP 5
IEEE 802.1Q tunneling 4
IGMP 39
IGMP filtering 24
IGMP throttling 24
initial switch information 3
IP addressing, IP routing 4
IP multicast routing 10
IP SLAs 6
IP source guard 17
IPv6 10
IS-IS 63
Layer 2 interfaces 15
Layer 2 protocol tunneling 11
LLDP 4
MAC address table 21
MAC address-table move update 8
MSDP 4
MSTP 14
multi-VRF CE 74
MVR 19
NTP 4
optional spanning-tree configuration 9
OSPF 25
password and privilege level 2
PIM 10
private VLANs 6
RADIUS 26
RIP 19
RMON 3
RSPAN 9
SDM template 3
SNMP 6
SPAN 9
SSL 51
standard QoS 30
STP 11
system message logging 3
system name and prompt 15
TACACS+ 13
UDLD 4
VLAN, Layer 2 Ethernet interfaces 17
VLANs 7
VMPS 27
voice VLAN 3
VTP 7
WCCP 5
default networks 89
default router preference
default routes 89
default routing 2
default web-based authentication configuration
802.1X 9
deleting VLANs 9
denial-of-service attack 1
description command 24
designing your network, examples 18
destination addresses
in IPv4 ACLs 11
in IPv6 ACLs 5
destination-IP address-based forwarding, EtherChannel 7
destination-MAC address forwarding, EtherChannel 7
detecting indirect link failures, STP 5
device 22
device discovery protocol 1
device manager
benefits 2
in-band management 6
upgrading a switch 22
DHCP
Cisco IOS server database
configuring 13
default configuration 8
described 6
DHCP for IPv6
enabling
relay agent 10
DHCP-based autoconfiguration
client request message exchange 4
configuring
client side 3
DNS 7
relay device 8
server side 6
TFTP server 7
example 9
lease options
for IP address information 6
for receiving the configuration file 6
overview 3
relationship to BOOTP 3
support for 5
DHCP-based autoconfiguration and image update
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 11
DHCP option 82
circuit ID suboption 5
configuration guidelines 8
default configuration 8
displaying 15
forwarding address, specifying 10
helper address 10
overview 3
packet format, suboption
circuit ID 5
remote ID 5
remote ID suboption 5
DHCP server port-based address allocation
configuration guidelines 26
default configuration 25
described 25
displaying 28
enabling 26
reserved addresses 26
DHCP server port-based address assignment
support for 5
DHCP snooping
accepting untrusted packets form edge switch 3, 12
and private VLANs 13
binding database
See DHCP snooping binding database
configuration guidelines 8
default configuration 8
displaying binding tables 15
message exchange process 4
option 82 data insertion 3
trusted interface 2
untrusted interface 2
untrusted messages 2
DHCP snooping binding database
adding bindings 14
binding file
format 7
location 6
bindings 6
clearing agent statistics 14
configuration guidelines 9
configuring 14
default configuration 8
deleting
binding file 14
bindings 14
database agent 14
described 6
displaying 15
binding entries 15
status and statistics 15
enabling 14
entry 6
renewing database 14
resetting
delay value 14
timeout value 14
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 14
default configuration 14
described 6
enabling client function 17
enabling DHCPv6 server function 15
support for 13
Differentiated Services architecture, QoS 2
Differentiated Services Code Point 2
Diffusing Update Algorithm (DUAL) 33
directed unicast requests 5
directories
changing 3
creating and removing 4
displaying the working 3
discovery, clusters
Distance Vector Multicast Routing Protocol
distance-vector protocols 3
distribute-list command 98
DNS
and DHCP-based autoconfiguration 7
default configuration 16
displaying the configuration 17
in IPv6 4
overview 15
setting up 16
support for 5
domain names
DNS 15
VTP 8
Domain Name System
domains, ISO IGRP routing 61
dot1q-tunnel switchport mode 16
double-tagged packets
IEEE 802.1Q tunneling 2
Layer 2 protocol tunneling 10
downloading
configuration files
reasons for 8
using FTP 13
using RCP 16
using TFTP 11
image files
deleting old image 27
reasons for 22
using CMS 2
using FTP 29
using RCP 34
using TFTP 25
using the device manager or Network Assistant 22
drop threshold for Layer 2 protocol packets 11
DRP
configuring 12
described 4
IPv6 4
support for 13
DSCP input queue threshold map for QoS 16
DSCP output queue threshold map for QoS 18
DSCP-to-CoS map for QoS 63
DSCP-to-DSCP-mutation map for QoS 64
DSCP transparency 40
dual-action detection 5
DUAL finite state machine, EIGRP 34
dual IPv4 and IPv6 templates 2, 5, 6
dual protocol stacks
IPv4 and IPv6 5
SDM templates supporting 6
dual-purpose uplinks
defined 6
LEDs 6
setting the type 16
DVMRP
autosummarization
configuring a summary address 58
disabling 60
connecting PIM domain to DVMRP router 51
enabling unicast routing 54
interoperability
with Cisco devices 49
with Cisco IOS software 9
mrinfo requests, responding to 53
neighbors
advertising the default route to 52
discovery with Probe messages 49
displaying information 53
prevent peering with nonpruning 56
rejecting nonpruning 55
overview 9
routes
adding a metric offset 60
advertising all 60
advertising the default route to neighbors 52
caching DVMRP routes learned in report messages 54
changing the threshold for syslog messages 57
deleting 61
displaying 62
favoring one over another 60
limiting the number injected into MBONE 57
limiting unicast route advertisements 49
routing table 9
source distribution tree, building 9
support for 13
tunnels
configuring 51
displaying neighbor information 53
dynamic access ports
characteristics 3
configuring 28
defined 3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 1
ARP requests, described 1
ARP spoofing attack 1
clearing
log buffer 15
statistics 14
configuration guidelines 6
configuring
ACLs for non-DHCP environments 8
in DHCP environments 7
log buffer 13
rate limit for incoming ARP packets 4, 10
default configuration 5
denial-of-service attacks, preventing 10
described 1
DHCP snooping binding database 2
displaying
ARP ACLs 14
configuration and operating state 14
log buffer 15
statistics 14
trust state and rate limit 14
error-disabled state for exceeding rate limit 4
function of 2
interface trust states 3
log buffer
clearing 15
configuring 13
displaying 15
logging of dropped packets, described 4
man-in-the middle attack, described 2
network security issues and interface trust states 3
priority of ARP ACLs and DHCP snooping entries 4
rate limiting of ARP packets
configuring 10
described 4
error-disabled state 4
statistics
clearing 14
displaying 14
validation checks, performing 12
dynamic auto trunking mode 16
dynamic desirable trunking mode 16
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 26
reconfirming 29
troubleshooting 31
types of connections 28
dynamic routing 3
ISO CLNS 61
Dynamic Trunking Protocol
E
EBGP 41
editing features
enabling and disabling 7
keystrokes used 7
wrapped lines 9
EEM 3.2 5
EIGRP
authentication 38
components 33
configuring 36
default configuration 34
definition 33
interface parameters, configuring 37
monitoring 40
stub routing 39
ELIN location 3
embedded event manager
3.2 5
actions 4
displaying information 7
environmental variables 4
event detectors 2
policies 4
registering and defining an applet 6
registering and defining a TCL script 6
understanding 1
enable password 3
enable secret password 3
encryption, CipherSuite 50
encryption for passwords 3
Enhanced IGRP
enhanced object tracking
backup static routing 12
commands 1
defined 1
DHCP primary interface 11
HSRP 7
IP routing state 2
IP SLAs 9
line-protocol state 2
network monitoring with IP SLAs 11
routing policy, configuring 12
static route primary interface 10
tracked lists 3
enhanced object tracking static routing 10
environmental variables, embedded event manager 4
environment variables, function of 19
error-disabled state, BPDU 2
error messages during command entry 5
EtherChannel
channel groups
binding physical and logical interfaces 3
numbering of 3
configuration guidelines 9
configuring
Layer 2 interfaces 10
Layer 3 physical interfaces 13
Layer 3 port-channel logical interfaces 12
default configuration 9
described 2
displaying status 19
IEEE 802.3ad, described 5
interaction
with STP 10
with VLANs 10
LACP
described 5
displaying status 19
hot-standby ports 17
interaction with other features 6
modes 6
port priority 18
system priority 18
Layer 3 interface 3
logical interfaces, described 3
PAgP
aggregate-port learners 16
compatibility with Catalyst 1900 16
described 4
displaying status 19
interaction with other features 5
interaction with virtual switches 5
learn method and priority configuration 16
modes 4
support for 3
with dual-action detection 5
port-channel interfaces
described 3
numbering of 3
port groups 6
support for 3
EtherChannel guard
described 7
disabling 14
enabling 14
Ethernet VLANs
adding 8
defaults and ranges 7
modifying 8
EUI 3
event detectors, embedded event manager 2
events, RMON 3
examples
network configuration 18
expedite queue for QoS 77
Express Setup 2
See also getting started guide
extended crashinfo file 23
extended-range VLANs
configuration guidelines 11
configuring 10
creating 12
creating with an internal VLAN ID 13
defined 1
extended system ID
MSTP 17
extended universal identifier
Extensible Authentication Protocol over LAN 1
external BGP
external neighbors, BGP 45
F
fa0 interface 6
fallback bridging
and protected ports 3
bridge groups
creating 3
described 1
displaying 10
function of 2
number supported 4
removing 4
bridge table
clearing 10
displaying 10
configuration guidelines 3
connecting interfaces with 10
default configuration 3
described 1
frame forwarding
flooding packets 2
forwarding packets 2
overview 1
protocol, unsupported 3
STP
disabling on an interface 9
forward-delay interval 8
hello BPDU interval 7
interface priority 6
maximum-idle interval 8
path cost 6
VLAN-bridge spanning-tree priority 5
VLAN-bridge STP 2
support for 13
SVIs and routed ports 1
unsupported protocols 3
VLAN-bridge STP 10
Fast Convergence 3
features, incompatible 12
FIB 86
fiber-optic, detecting unidirectional links 1
files
basic crashinfo
description 23
location 23
copying 4
crashinfo, description 23
deleting 5
displaying the contents of 7
extended crashinfo
description 23
location 23
tar
creating 6
displaying the contents of 6
extracting 7
image file format 23
file system
displaying available file systems 2
displaying file information 3
local file system names 1
network file system names 4
setting the default 3
filtering
in a VLAN 29
non-IP traffic 27
show and more command output 9
filtering show and more command output 9
filters, IP
flash device, number of 1
flexible authentication ordering
configuring 60
overview 27
Flex Link Multicast Fast Convergence 3
Flex Links
configuration guidelines 8
configuring 9
configuring preferred VLAN 12
configuring VLAN load balancing 11
default configuration 8
description 1
link load balancing 2
monitoring 14
VLANs 2
flooded traffic, blocking 8
flow-based packet classification 12
flowcharts
QoS classification 6
QoS egress queueing and scheduling 17
QoS ingress queueing and scheduling 15
QoS policing and marking 10
flowcontrol
configuring 20
described 19
forward-delay time
MSTP 23
STP 21
Forwarding Information Base
forwarding nonroutable protocols 1
FTP
accessing MIB files 3
configuration files
downloading 13
overview 12
preparing the server 12
uploading 14
image files
deleting old image 31
downloading 29
preparing the server 28
uploading 31
G
general query 5
Generating IGMP Reports 3
get-bulk-request operation 3
get-next-request operation 3, 4
get-response operation 3
global configuration mode 2
global leave, IGMP 13
guest VLAN and 802.1x 19
guide mode 2
GUIs
See device manager and Network Assistant
H
hardware limitations and Layer 3 interfaces 25
hello time
MSTP 22
STP 20
help, for the command line 3
hierarchical policy maps 8
configuration guidelines 33
configuring 52
described 11
history
changing the buffer size 6
described 5
disabling 6
recalling commands 6
history table, level and number of syslog messages 10
host names, in clusters 13
host ports
configuring 11
kinds of 2
hosts, limit on dynamic ports 31
Hot Standby Router Protocol
HP OpenView 5
HSRP
authentication string 10
automatic cluster recovery 12
binding to cluster group 12
cluster standby group considerations 11
command-switch redundancy 1, 7
configuring 4
default configuration 5
definition 1
guidelines 5
monitoring 13
object tracking 7
overview 1
priority 7
routing redundancy 13
support for ICMP redirect messages 12
timers 10
tracking 8
See also clusters, cluster standby group, and standby command switch
HSRP for IPv6
configuring 24
guidelines 23
HTTP over SSL
HTTPS 49
configuring 52
self-signed certificate 49
HTTP secure server 49
I
IBPG 41
ICMP
IPv6 4
redirect messages 11
support for 13
time-exceeded messages 16
traceroute and 16
unreachable messages 19
unreachable messages and IPv6 4
unreachables and ACLs 21
ICMP Echo operation
configuring 12
IP SLAs 11
ICMP ping
executing 13
overview 13
ICMP Router Discovery Protocol
ICMPv6 4
IDS appliances
and ingress RSPAN 20
and ingress SPAN 13
IEEE 802.1D
IEEE 802.1p 1
IEEE 802.1Q
and trunk ports 3
configuration limitations 17
encapsulation 15
native VLAN for untagged traffic 21
tunneling
compatibility with other features 6
defaults 4
described 1
tunnel ports with other features 6
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3af
IEEE 802.3x flow control 19
ifIndex values, SNMP 5
IFS 6
IGMP
configurable leave timer
described 6
enabling 11
configuring the switch
as a member of a group 39
statically connected member 43
controlling access to groups 40
default configuration 39
deleting cache entries 62
displaying groups 62
fast switching 43
flooded multicast traffic
controlling the length of time 12
disabling on an interface 13
global leave 13
query solicitation 13
recovering from flood mode 13
host-query interval, modifying 41
joining multicast group 3
join messages 3
leave processing, enabling 10, 8
leaving multicast group 5
multicast reachability 39
overview 3
queries 4
report suppression
described 6
supported versions 3
support for 4
Version 1
changing to Version 2 41
described 3
Version 2
changing to Version 1 41
described 3
maximum query response time value 43
pruning groups 43
query timeout value 42
IGMP filtering
configuring 24
default configuration 24
described 23
monitoring 28
support for 4
IGMP groups
configuring filtering 27
setting the maximum number 26
IGMP Immediate Leave
configuration guidelines 11
described 5
enabling 10
IGMP profile
applying 26
configuration mode 24
configuring 25
IGMP snooping
and address aliasing 2
configuring 6
definition 2
global configuration 7
Immediate Leave 5
method 8
querier
configuration guidelines 14
configuring 14
supported versions 3
support for 4
VLAN configuration 8
IGMP throttling
configuring 27
default configuration 24
described 24
displaying action 28
IGP 24
Immediate Leave, IGMP 5
enabling 8
inaccessible authentication bypass 21
support for multiauth ports 21
initial configuration
defaults 15
Express Setup 2
interface
number 11
range macros 13
interface command 11
interface configuration mode 3
interfaces
auto-MDIX, configuring 20
configuration guidelines
duplex and speed 18
configuring
procedure 11
counters, clearing 31
default configuration 15
described 24
descriptive name, adding 24
displaying information about 30
flow control 19
management 5
monitoring 30
naming 24
range of 12
restarting 32
shutting down 32
speed and duplex, configuring 18
status 30
supported 10
types of 1
interfaces range macro command 13
interface types 11
Interior Gateway Protocol
internal BGP
internal neighbors, BGP 45
Internet Control Message Protocol
Internet Group Management Protocol
Internet Protocol version 6
Inter-Switch Link
Intrusion Detection System
IOS shell
IP ACLs
for QoS classification 7
implicit masks 9
named 14
undefined 20
IP addresses
128-bit 2
classes of 5
cluster access 2
default configuration 4
discovering 30
for IP routing 4
IPv6 2
MAC address association 8
monitoring 17
redundant clusters 11
IP base image 1
IP broadcast address 15
ip cef distributed command 86
IP directed broadcasts 13
ip igmp profile command 24
IP information
assigned
manually 14
through DHCP-based autoconfiguration 3
default configuration 3
IP multicast routing
addresses
all-hosts 3
all-multicast-routers 3
host group address range 3
administratively-scoped boundaries, described 46
and IGMP snooping 2
Auto-RP
adding to an existing sparse-mode cloud 26
benefits of 26
clearing the cache 62
configuration guidelines 11
filtering incoming RP announcement messages 29
overview 6
preventing candidate RP spoofing 29
preventing join messages to false RPs 28
setting up in a new internetwork 26
using with BSR 34
bootstrap router
configuration guidelines 11
configuring candidate BSRs 32
configuring candidate RPs 33
defining the IP multicast boundary 31
defining the PIM domain border 30
overview 7
using with Auto-RP 34
Cisco implementation 2
configuring
basic multicast routing 12
IP multicast boundary 46
default configuration 10
enabling
multicast forwarding 12
PIM mode 13
group-to-RP mappings
Auto-RP 6
BSR 7
MBONE
deleting sdr cache entries 62
described 45
displaying sdr cache 63
enabling sdr listener support 46
limiting DVMRP routes advertised 57
limiting sdr cache entry lifetime 46
SAP packets for conference session announcement 45
Session Directory (sdr) tool, described 45
monitoring
packet rate loss 63
peering devices 63
tracing a path 63
multicast forwarding, described 7
PIMv1 and PIMv2 interoperability 10
protocol interaction 2
reverse path check (RPF) 7
routing table
deleting 62
displaying 62
RP
assigning manually 24
configuring Auto-RP 26
configuring PIMv2 BSR 30
monitoring mapping information 34
using Auto-RP and BSR 34
statistics, displaying system and network 62
IP phones
and QoS 1
automatic classification and queueing 20
configuring 4
ensuring port security with QoS 38
trusted boundary for QoS 38
IP Port Security for Static Hosts
on a Layer 2 access port 19
on a PVLAN host port 23
IP precedence 2
IP-precedence-to-DSCP map for QoS 61
IP protocols
in ACLs 11
routing 13
IP routes, monitoring 100
IP routing
connecting interfaces with 10
disabling 18
enabling 18
IP Service Level Agreements
IP service levels, analyzing 1
IP services image 1
IP SLAs
benefits 2
configuration guidelines 6
configuring object tracking 9
Control Protocol 4
default configuration 6
definition 1
ICMP echo operation 11
measuring network performance 3
monitoring 13
multioperations scheduling 5
object tracking 9
operation 3
reachability tracking 9
responder
described 4
enabling 8
response time 4
scheduling 5
SNMP support 2
supported metrics 2
threshold monitoring 6
track object monitoring agent, configuring 11
track state 9
UDP jitter operation 9
IP source guard
and 802.1x 18
and DHCP snooping 15
and EtherChannels 18
and port security 18
and private VLANs 18
and routed ports 17
and TCAM entries 18
and trunk interfaces 17
and VRF 18
binding configuration
automatic 15
manual 15
binding table 15
configuration guidelines 17
default configuration 17
described 15
disabling 19
displaying
active IP or MAC bindings 25
bindings 25
configuration 25
filtering
source IP address 16
source IP and MAC address 16
source IP address filtering 16
source IP and MAC address filtering 16
static bindings
deleting 19
static hosts 19
IP traceroute
executing 17
overview 16
IP unicast routing
address resolution 8
administrative distances 88, 99
ARP 8
assigning IP addresses to Layer 3 interfaces 5
authentication keys 99
broadcast
address 15
flooding 16
packets 13
storms 13
classless routing 6
configuring static routes 88
default
addressing configuration 4
gateways 11
networks 89
routes 89
routing 2
directed broadcasts 13
disabling 18
dynamic routing 3
enabling 18
EtherChannel Layer 3 interface 3
IGP 24
inter-VLAN 2
IP addressing
classes 5
configuring 4
IPv6 3
IRDP 11
Layer 3 interfaces 3
MAC address and IP address 8
passive interfaces 97
protocols
distance-vector 3
dynamic 3
link-state 3
proxy ARP 8
redistribution 90
reverse address resolution 8
routed ports 3
static routing 3
steps to configure 4
subnet mask 5
subnet zero 6
supernet 6
UDP 14
with SVIs 3
IPv4 ACLs
applying to interfaces 19
extended, creating 10
named 14
standard, creating 9
IPv4 and IPv6
dual protocol stacks 5
IPv6
ACLs
displaying 8
limitations 3
matching criteria 3
port 1
precedence 2
router 1
supported 2
addresses 2
address formats 2
applications 5
assigning address 10
autoconfiguration 5
CEFv6 18
configuring static routes 19
default configuration 10
default router preference (DRP) 4
defined 1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 7
EIGRP IPv6 Commands 7
Router ID 7
feature limitations 8
features not supported 8
forwarding 10
ICMP 4
monitoring 26
neighbor discovery 4
OSPF 6
path MTU discovery 4
Stateless Autoconfiguration 5
supported features 2
switch limitations 8
understanding static routes 6
IPv6 traffic, filtering 3
IRDP
configuring 12
definition 11
support for 13
IS-IS
addresses 61
area routing 61
default configuration 63
monitoring 70
show commands 70
system routing 61
ISL
and IPv6 3
and trunk ports 3
trunking with IEEE 802.1 tunneling 4
ISO CLNS
clear commands 70
dynamic routing protocols 61
monitoring 70
NETs 61
NSAPs 61
OSI standard 61
ISO IGRP
area routing 61
system routing 61
isolated port 2
J
join messages, IGMP 3
K
KDC
described 39
Kerberos
authenticating to
boundary switch 41
KDC 41
network services 42
configuration examples 38
configuring 42
credentials 39
cryptographic software image 38
described 39
KDC 39
operation 41
realm 40
server 40
support for 11
switch as trusted third party 39
terms 39
TGT 40
tickets 39
key distribution center
L
l2protocol-tunnel command 13
LACP
Layer 2 protocol tunneling 9
Layer 2 frames, classification with CoS 2
Layer 2 interfaces, default configuration 15
Layer 2 protocol tunneling
configuring 10
configuring for EtherChannels 14
default configuration 11
defined 8
guidelines 11
Layer 2 traceroute
and ARP 15
and CDP 15
broadcast traffic 15
described 15
IP addresses and subnets 15
MAC addresses and VLANs 15
multicast traffic 15
multiple devices on a port 16
unicast traffic 15
usage guidelines 15
Layer 3 features 13
Layer 3 interfaces
assigning IP addresses to 5
assigning IPv4 and IPv6 addresses to 13
assigning IPv6 addresses to 11
changing from Layer 2 mode 5, 78
types of 3
Layer 3 packets, classification methods 2
LDAP 2
Leaking IGMP Reports 4
LEDs, switch
See hardware installation guide
lightweight directory access protocol
line configuration mode 3
Link Aggregation Control Protocol
link failure, detecting unidirectional 7
Link Layer Discovery Protocol
link local unicast addresses 3
link redundancy
links, unidirectional 1
link state advertisements (LSAs) 28
link-state protocols 3
link-state tracking
configuring 22
described 20
LLDP
configuring 4
characteristics 6
default configuration 4
enabling 5
monitoring and maintaining 10
overview 1
supported TLVs 1
switch stack considerations 2
transmission timer and holdtime, setting 6
LLDP-MED
configuring
procedures 4
TLVs 7
monitoring and maintaining 10
supported TLVs 2
LLDP Media Endpoint Discovery
load balancing 4
local SPAN 2
logging messages, ACL 8
login authentication
with RADIUS 28
with TACACS+ 14
login banners 17
log messages
Long-Reach Ethernet (LRE) technology 19
loop guard
described 9
enabling 15
support for 7
LRE profiles, considerations in switch clusters 14
M
MAB
MAB aging timer 9
MAB inactivity timer
default setting 31
range 34
MAC/PHY configuration status TLV 2
MAC addresses
aging time 21
and VLAN association 20
building the address table 20
default configuration 21
disabling learning on a VLAN 29
discovering 30
displaying 30
displaying in the IP source binding table 24
dynamic
learning 20
removing 22
in ACLs 27
IP address association 8
static
adding 27
characteristics of 26
dropping 28
removing 27
MAC address learning 5
MAC address learning, disabling on a VLAN 29
MAC address notification, support for 14
MAC address-table move update
configuration guidelines 8
configuring 12
default configuration 8
description 6
monitoring 14
MAC address-to-VLAN mapping 26
MAC authentication bypass 34
configuring 53
overview 15
MAC extended access lists
applying to Layer 2 interfaces 28
configuring for QoS 45
creating 27
defined 27
for QoS classification 5
macros
magic packet 24
manageability features 5
management access
in-band
browser session 6
CLI session 6
device manager 6
SNMP 6
out-of-band console port connection 6
management address TLV 2
management options
CLI 1
clustering 3
CNS 1
Network Assistant 2
overview 5
management VLAN
considerations in switch clusters 7
discovery through different management VLANs 7
mapping tables for QoS
configuring
CoS-to-DSCP 60
DSCP 60
DSCP-to-CoS 63
DSCP-to-DSCP-mutation 64
IP-precedence-to-DSCP 61
policed-DSCP 62
described 12
marking
action with aggregate policers 58
matching
IPv6 ACLs 3
matching, IPv4 ACLs 7
maximum aging time
MSTP 23
STP 21
maximum hop count, MSTP 24
maximum number of allowed devices, port-based authentication 34
MDA
configuration guidelines 12
exceptions with authentication process 5
Medianet
membership mode, VLAN port 3
member switch
automatic discovery 4
defined 2
managing 14
passwords 13
recovering from lost connectivity 11
requirements 3
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 17
metrics, in BGP 49
metric translations, between routing protocols 93
metro tags 2
MHSRP 4
MIBs
accessing files with FTP 3
location of files 3
overview 1
SNMP interaction with 4
supported 1
mirroring traffic for analysis 1
mismatches, autonegotiation 11
module number 11
monitoring
access groups 40
BGP 60
cables for unidirectional links 1
CDP 4
CEF 87
EIGRP 40
fallback bridging 10
features 14
Flex Links 14
HSRP 13
IEEE 802.1Q tunneling 18
IGMP
filters 28
interfaces 30
IP
address tables 17
multicast routing 61
routes 100
IP SLAs operations 13
IPv4 ACL configuration 40
IPv6 26
IPv6 ACL configuration 8
IS-IS 70
ISO CLNS 70
Layer 2 protocol tunneling 18
MAC address-table move update 14
MSDP peers 18
multicast router interfaces 16, 11
multi-VRF CE 85
MVR 23
network traffic for analysis with probe 2
object tracking 12
OSPF 32
port
blocking 19
protection 19
private VLANs 14
RP mapping information 34
source-active messages 18
speed and duplex mode 19
SSM mapping 21
traffic flowing among switches 1
traffic suppression 19
tunneling 18
VLAN
filters 41
maps 41
VLANs 14
VMPS 30
VTP 16
mrouter Port 3
mrouter port 5
MSDP
benefits of 3
clearing MSDP connections and statistics 18
controlling source information
forwarded by switch 11
originated by switch 8
received by switch 13
default configuration 4
dense-mode regions
sending SA messages to 16
specifying the originating address 17
filtering
incoming SA messages 14
SA messages to a peer 12
SA requests from a peer 10
join latency, defined 6
meshed groups
configuring 15
defined 15
originating address, changing 17
overview 1
peer-RPF flooding 2
peers
configuring a default 4
monitoring 18
peering relationship, overview 1
requesting source information from 8
shutting down 15
source-active messages
caching 6
clearing cache entries 18
defined 2
filtering from a peer 10
filtering incoming 14
filtering to a peer 12
limiting data with TTL 13
monitoring 18
restricting advertised sources 9
support for 13
MSTP
boundary ports
configuration guidelines 15
described 6
BPDU filtering
described 3
enabling 12
BPDU guard
described 2
enabling 11
CIST, described 3
CIST root 5
configuration guidelines 14, 10
configuring
forward-delay time 23
hello time 22
link type for rapid convergence 24
maximum aging time 23
maximum hop count 24
MST region 15
neighbor type 25
path cost 20
port priority 19
root switch 17
secondary root switch 18
switch priority 21
CST
defined 3
operations between regions 3
default configuration 14
default optional feature configuration 9
displaying status 26
enabling the mode 15
EtherChannel guard
described 7
enabling 14
extended system ID
effects on root switch 17
effects on secondary root switch 18
unexpected behavior 17
IEEE 802.1s
implementation 6
port role naming change 6
terminology 5
instances supported 9
interface state, blocking to forwarding 2
interoperability and compatibility among modes 10
interoperability with IEEE 802.1D
described 8
restarting migration process 25
IST
defined 2
master 3
operations within a region 3
loop guard
described 9
enabling 15
mapping VLANs to MST instance 16
MST region
CIST 3
configuring 15
described 2
hop-count mechanism 5
IST 2
supported spanning-tree instances 2
optional features supported 7
overview 2
Port Fast
described 2
enabling 10
preventing root switch selection 8
root guard
described 8
enabling 15
root switch
configuring 17
effects of extended system ID 17
unexpected behavior 17
shutdown Port Fast-enabled port 2
status, displaying 26
multiauth
support for inaccessible authentication bypass 21
multiauth mode
See multiple-authentication mode
multicast groups
Immediate Leave 5
joining 3
leaving 5
multicast packets
ACLs on 40
blocking 8
multicast router interfaces, monitoring 16, 11
multicast router ports, adding 9, 8
Multicast Source Discovery Protocol
multicast storm 1
multicast storm-control command 4
multicast television application 17
multicast VLAN 17
Multicast VLAN Registration
multidomain authentication
multioperations scheduling, IP SLAs 5
multiple authentication 13
multiple authentication mode
configuring 40
Multiple HSRP
multiple VPN routing/forwarding in customer edge devices
multi-VRF CE
configuration example 81
configuration guidelines 74
configuring 73
default configuration 74
defined 71
displaying 85
monitoring 85
network components 73
packet-forwarding process 73
support for 13
MVR
and address aliasing 20
and IGMPv3 20
configuration guidelines 19
configuring interfaces 21
default configuration 19
described 17
example application 17
modes 20
monitoring 23
multicast television application 17
setting global parameters 20
support for 4
N
NAC
AAA down policy 11
critical authentication 21, 50
IEEE 802.1x authentication using a RADIUS server 55
IEEE 802.1x validation using RADIUS server 55
inaccessible authentication bypass 10, 50
Layer 2 IEEE 802.1x validation 10, 26, 55
Layer 2 IP validation 10
named IPv4 ACLs 14
NameSpace Mapper
native VLAN
and IEEE 802.1Q tunneling 4
configuring 21
default 21
NEAT
configuring 56
overview 28
neighbor discovery, IPv6 4
neighbor discovery/recovery, EIGRP 33
neighbors, BGP 55
Network Admission Control
Network Assistant
benefits 2
described 5
downloading image files 2
guide mode 2
management options 2
upgrading a switch 22
wizards 2
network configuration examples
increasing network performance 18
large network 22
long-distance, high-bandwidth transport 24
providing network services 18
server aggregation and Linux server cluster 20
small to medium-sized network 21
network design
performance 18
services 18
Network Edge Access Topology
network management
CDP 1
RMON 1
SNMP 1
network performance, measuring with IP SLAs 3
Network Time Protocol
no commands 4
nonhierarchical policy maps
configuration guidelines 33
described 9
non-IP traffic filtering 27
nontrunking mode 16
normal-range VLANs 4
configuration guidelines 6
configuring 4
defined 1
no switchport command 4
not-so-stubby areas
NSAPs, as ISO IGRP addresses 61
NSF Awareness
IS-IS 63
NSM 3
NSSA, OSPF 28
NTP
associations
authenticating 4
defined 2
enabling broadcast messages 6
peer 5
server 5
default configuration 4
displaying the configuration 11
overview 2
restricting access
creating an access group 8
disabling NTP services per interface 10
source IP address, configuring 10
stratum 2
support for 6
synchronizing devices 5
time
services 2
synchronizing 2
O
object tracking
HSRP 7
IP SLAs 9
IP SLAs, configuring 9
monitoring 12
off mode, VTP 3
online diagnostics
overview 1
running tests 3
understanding 1
open1x
configuring 61
open1x authentication
overview 27
Open Shortest Path First
optimizing system resources 1
options, management 5
OSPF
area parameters, configuring 28
configuring 26
default configuration
metrics 30
route 30
settings 25
described 24
for IPv6 6
interface parameters, configuring 27
LSA group pacing 31
monitoring 32
router IDs 32
route summarization 29
support for 13
virtual links 30
out-of-profile markdown 12
P
packet modification, with QoS 19
PAgP
Layer 2 protocol tunneling 9
parallel paths, in routing tables 87
passive interfaces
configuring 97
OSPF 30
passwords
default configuration 2
disabling recovery of 5
encrypting 3
for security 9
in clusters 13
overview 1
recovery of 3
setting
enable 3
enable secret 3
Telnet 6
with usernames 6
VTP domain 8
path cost
MSTP 20
STP 18
path MTU discovery 4
PBR
defined 94
enabling 95
fast-switched policy-based routing 97
local policy-based routing 97
PC (passive command switch) 10
peers, BGP 55
percentage thresholds in tracked lists 6
performance, network design 18
performance features 3
persistent self-signed certificate 49
per-user ACLs and Filter-Ids 8
per-VLAN spanning-tree plus
PE to CE routing, configuring 81
physical ports 2
PIM
default configuration 10
dense mode
overview 4
rendezvous point (RP), described 5
RPF lookups 8
displaying neighbors 62
enabling a mode 13
overview 4
router-query message interval, modifying 37
shared tree and source tree, overview 35
shortest path tree, delaying the use of 36
sparse mode
join messages and shared tree 5
overview 5
prune messages 5
RPF lookups 8
stub routing
configuration guidelines 22
displaying 62
enabling 23
overview 5
support for 13
versions
interoperability 10
troubleshooting interoperability problems 35
v2 improvements 4
PIM-DVMRP, as snooping method 8
ping
character output description 14
executing 13
overview 13
PoE
auto mode 8
CDP with power consumption, described 7
CDP with power negotiation, described 7
Cisco intelligent power management 7
configuring 21
devices supported 7
high-power devices operating in low-power mode 7
IEEE power classification levels 8
power budgeting 23
power consumption 23
powered-device detection and initial power allocation 8
power management modes 8
power negotiation extensions to CDP 7
standards supported 7
static mode 9
troubleshooting 11
policed-DSCP map for QoS 62
policers
configuring
for each matched traffic class 48
for more than one traffic class 58
described 4
displaying 78
number of 34
types of 9
policing
described 4
hierarchical
token-bucket algorithm 9
policy-based routing
policy maps for QoS
characteristics of 48
described 7
displaying 79
hierarchical 8
hierarchical on SVIs
configuration guidelines 33
configuring 52
described 11
nonhierarchical on physical ports
configuration guidelines 33
described 9
port ACLs
defined 2
types of 3
Port Aggregation Protocol
port-based authentication
accounting 14
authentication server
RADIUS server 3
configuration guidelines 32, 9
configuring
802.1x authentication 37
guest VLAN 47
host mode 40
inaccessible authentication bypass 50
manual re-authentication of a client 42
periodic re-authentication 41
quiet period 43
RADIUS server parameters on the switch 39, 11
restricted VLAN 48
switch-to-client frame-retransmission number 44, 45
switch-to-client retransmission time 43
described 1
device roles 2
downloadable ACLs and redirect URLs
EAPOL-start frame 5
EAP-request/identity frame 5
EAP-response/identity frame 5
enabling
802.1X authentication 11
encapsulation 3
flexible authentication ordering
configuring 60
overview 27
guest VLAN
configuration guidelines 20, 21
described 19
host mode 11
inaccessible authentication bypass
configuring 50
described 21
guidelines 33
initiation and message exchange 5
magic packet 24
maximum number of allowed devices per port 34
method lists 37
multiple authentication 13
per-user ACLs
AAA authorization 37
configuration tasks 17
described 17
RADIUS server attributes 17
ports
authorization state and dot1x port-control command 10
authorized and unauthorized 10
voice VLAN 23
port security
and voice VLAN 24
described 23
interactions 23
multiple-hosts mode 11
readiness check
configuring 34
resetting to default values 62
statistics, displaying 62
switch
RADIUS client 3
switch supplicant
configuring 56
overview 28
upgrading from a previous release 26
user distribution
guidelines 26
overview 26
VLAN assignment
AAA authorization 37
characteristics 15
configuration tasks 16
described 15
voice aware 802.1x security
configuring 35
voice VLAN
described 23
PVID 23
VVID 23
wake-on-LAN, described 24
with ACLs and RADIUS Filter-Id attribute 29
port-based authentication methods, supported 7
port-channel
port description TLV 1
Port Fast
described 2
enabling 10
mode, spanning tree 27
support for 7
port membership modes, VLAN 3
port priority
MSTP 19
STP 17
ports
access 3
blocking 7
dual-purpose uplink 6
dynamic access 3
IEEE 802.1Q tunnel 4
protected 6
routed 4
secure 8
switch 2
VLAN assignments 9
port security
aging 17
and private VLANs 18
and QoS trusted boundary 38
configuring 13
default configuration 11
described 8
displaying 19
enabling 18
on trunk ports 14
sticky learning 9
violations 10
with other features 11
port-shutdown response, VMPS 26
port VLAN ID TLV 2
Power over Ethernet
preemption, default configuration 8
preemption delay, default configuration 8
preferential treatment of traffic
prefix lists, BGP 53
preventing unauthorized access 1
primary interface for object tracking, DHCP, configuring 11
primary interface for static routing, configuring 10
primary links 2
priority
HSRP 7
overriding CoS 6
trusting CoS 6
private VLAN edge ports
private VLANs
across multiple switches 4
and SDM template 4
and SVIs 5
benefits of 1
community ports 2
configuration guidelines 6, 7, 8
configuration tasks 6
configuring 9
default configuration 6
end station access to 3
IP addressing 3
isolated port 2
mapping 13
monitoring 14
ports
community 2
configuration guidelines 8
configuring host ports 11
configuring promiscuous ports 12
described 4
isolated 2
promiscuous 2
promiscuous ports 2
secondary VLANs 2
subdomains 1
traffic in 5
privileged EXEC mode 2
privilege levels
changing the default for lines 9
command switch 15
exiting 9
logging into 9
mapping on member switches 15
setting a command with 8
promiscuous ports
configuring 12
defined 2
protocol-dependent modules, EIGRP 34
Protocol-Independent Multicast Protocol
provider edge devices 72
proxy ARP
configuring 10
definition 8
with IP routing disabled 11
proxy reports 3
pruning, VTP
disabling
in VTP domain 14
on a port 21
enabling
in VTP domain 14
on a port 21
examples 6
overview 5
pruning-eligible list
changing 21
for VTP pruning 5
VLANs 14
PVST+
described 9
IEEE 802.1Q trunking interoperability 10
instances supported 9
Q
QoS
and MQC commands 1
auto-QoS
categorizing traffic 20
configuration and defaults display 29
configuration guidelines 25
described 20
disabling 27
displaying generated commands 27
displaying the initial configuration 29
effects on running configuration 25
egress queue defaults 21
enabling for VoIP 27
example configuration 28
ingress queue defaults 21
list of generated commands 22
basic model 4
classification
class maps, described 7
defined 4
DSCP transparency, described 40
flowchart 6
forwarding treatment 3
in frames and packets 3
options for IP traffic 5
options for non-IP traffic 5
policy maps, described 7
trust DSCP, described 5
trusted CoS, described 5
trust IP precedence, described 5
class maps
configuring 46
displaying 78
configuration guidelines
auto-QoS 25
standard QoS 33
configuring
aggregate policers 58
auto-QoS 20
default port CoS value 38
DSCP maps 60
DSCP transparency 40
DSCP trust states bordering another domain 40
egress queue characteristics 70
ingress queue characteristics 66
IP extended ACLs 44
IP standard ACLs 43
MAC ACLs 45
policy maps, hierarchical 52
port trust states within the domain 36
trusted boundary 38
default auto configuration 20
default standard configuration 30
displaying statistics 78
DSCP transparency 40
egress queues
allocating buffer space 71
buffer allocation scheme, described 17
configuring shaped weights for SRR 75
configuring shared weights for SRR 76
described 4
displaying the threshold map 74
flowchart 17
mapping DSCP or CoS values 73
scheduling, described 4
setting WTD thresholds 71
WTD, described 18
enabling globally 35
flowcharts
classification 6
egress queueing and scheduling 17
ingress queueing and scheduling 15
policing and marking 10
implicit deny 7
ingress queues
allocating bandwidth 68
allocating buffer space 68
buffer and bandwidth allocation, described 16
configuring shared weights for SRR 68
configuring the priority queue 69
described 4
displaying the threshold map 67
flowchart 15
mapping DSCP or CoS values 66
priority queue, described 16
scheduling, described 4
setting WTD thresholds 66
WTD, described 16
IP phones
automatic classification and queueing 20
detection and trusted settings 20, 38
limiting bandwidth on egress interface 77
mapping tables
CoS-to-DSCP 60
displaying 78
DSCP-to-CoS 63
DSCP-to-DSCP-mutation 64
IP-precedence-to-DSCP 61
policed-DSCP 62
types of 12
overview 2
packet modification 19
policers
described 8
displaying 78
number of 34
types of 9
policies, attaching to an interface 8
policing
token bucket algorithm 9
policy maps
characteristics of 48
displaying 79
hierarchical 8
hierarchical on SVIs 52
nonhierarchical on physical ports 48
QoS label, defined 4
queues
configuring egress characteristics 70
configuring ingress characteristics 66
high priority (expedite) 19, 77
location of 13
SRR, described 14
WTD, described 13
rewrites 19
support for 12
trust states
bordering another domain 40
described 5
trusted device 38
within the domain 36
quality of service
queries, IGMP 4
query solicitation, IGMP 13
R
RADIUS
attributes
vendor-proprietary 36
vendor-specific 34
configuring
accounting 33
authentication 28
authorization 32
communication, per-server 26
multiple UDP ports 26
default configuration 26
defining AAA server groups 30
displaying the configuration 38
identifying the server 26
in clusters 14
limiting the services to the user 32
method list, defined 25
operation of 19
overview 18
server load balancing 38
suggested network environments 18
support for 11
tracking services accessed by user 33
RADIUS Change of Authorization 19
range
macro 13
of interfaces 12
rapid convergence 9
rapid per-VLAN spanning-tree plus
rapid PVST+
described 9
IEEE 802.1Q trunking interoperability 10
instances supported 9
Rapid Spanning Tree Protocol
RARP 8
rcommand command 14
RCP
configuration files
downloading 16
overview 15
preparing the server 15
uploading 17
image files
deleting old image 35
downloading 34
preparing the server 33
uploading 35
reachability, tracking IP SLAs IP host 9
readiness check
port-based authentication
configuring 34
reconfirmation interval, VMPS, changing 29
reconfirming dynamic VLAN membership 29
recovery procedures 1
redundancy
EtherChannel 3
HSRP 1
STP
backbone 8
path cost 24
port priority 22
redundant links and UplinkFast 13
redundant power system
See Cisco Redundant Power System 2300
reliable transport protocol, EIGRP 33
reloading software 20
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
remote SPAN 2
report suppression, IGMP
described 6
resequencing ACL entries 14
reserved addresses in DHCP pools 26
resets, in BGP 48
resetting a UDLD-shutdown interface 6
responder, IP SLAs
described 4
enabling 8
response time, measuring with IP SLAs 4
restricted VLAN
configuring 48
described 20
using with IEEE 802.1x 20
restricting access
NTP services 8
overview 1
passwords and privilege levels 2
RADIUS 17
TACACS+ 10
retry count, VMPS, changing 30
reverse address resolution 8
Reverse Address Resolution Protocol
RFC
1058, RIP 18
1112, IP multicast and IGMP 2
1157, SNMPv1 2
1163, BGP 40
1166, IP addresses 5
1253, OSPF 24
1267, BGP 40
1305, NTP 2
1587, NSSAs 24
1757, RMON 2
1771, BGP 40
1901, SNMPv2C 2
1902 to 1907, SNMPv2 2
2236, IP multicast and IGMP 2
2273-2275, SNMPv3 2
RFC 5176 Compliance 20
RIP
advertisements 19
authentication 21
configuring 20
default configuration 19
described 19
for IPv6 6
hop counts 19
split horizon 22
summary addresses 22
support for 13
RMON
default configuration 3
displaying status 6
enabling alarms and events 3
groups supported 2
overview 1
statistics
collecting group Ethernet 5
collecting group history 5
support for 14
root guard
described 8
enabling 15
support for 7
root switch
MSTP 17
STP 14
route calculation timers, OSPF 30
route dampening, BGP 59
routed packets, ACLs on 39
routed ports
configuring 3
defined 4
in switch clusters 8
route-map command 96
route maps
BGP 51
policy-based routing 94
router ACLs
defined 2
types of 4
route reflectors, BGP 58
router ID, OSPF 32
route selection, BGP 49
route summarization, OSPF 29
route targets, VPN 73
routing
default 2
dynamic 3
redistribution of information 90
static 3
routing domain confederation, BGP 58
Routing Information Protocol
routing protocol administrative distances 88
RPS
See Cisco Redundant Power System 2300
RPS 2300
See Cisco Redundant Power System 2300
RSPAN
characteristics 8
configuration guidelines 15
default configuration 9
defined 2
destination ports 7
displaying status 22
interaction with other features 8
monitored ports 5
monitoring ports 7
received traffic 4
sessions
creating 16
defined 3
limiting source traffic to specific VLANs 21
specifying monitored ports 16
with ingress traffic enabled 20
source ports 5
transmitted traffic 5
VLAN-based 6
RSTP
active topology 9
BPDU
format 12
processing 12
designated port, defined 9
designated switch, defined 9
interoperability with IEEE 802.1D
described 8
restarting migration process 25
topology changes 13
overview 8
port roles
described 9
synchronized 11
proposal-agreement handshake process 10
rapid convergence
described 9
edge ports and Port Fast 9
root ports 10
root port, defined 9
running configuration
running configuration, saving 15
S
SC (standby command switch) 10
scheduled reloads 20
scheduling, IP SLAs operations 5
SCP
and SSH 55
configuring 55
SDM
templates
configuring 4
number of 1
SDM template 3
configuration guidelines 3
configuring 3
dual IPv4 and IPv6 2
types of 1
secondary VLANs 2
secure HTTP client
configuring 54
displaying 54
secure HTTP server
configuring 52
displaying 54
secure MAC addresses
deleting 16
maximum number of 10
types of 9
secure ports, configuring 8
secure remote connections 44
Secure Socket Layer
security, port 8
security features 9
sequence numbers in log messages 8
server mode, VTP 3
service-provider network, MSTP and RSTP 1
service-provider networks
and customer VLANs 2
and IEEE 802.1Q tunneling 1
Layer 2 protocols across 8
Layer 2 protocol tunneling for EtherChannels 9
set-request operation 4
setup program
failed command switch replacement 9
replacing failed command switch 8
severity levels, defining in system messages 8
SFPs
security and identification 12
status, displaying 13
shaped round robin
Shell functions
Shell triggers
show access-lists hw-summary command 21
show and more command output, filtering 9
show cdp traffic command 5
show cluster members command 14
show configuration command 24
show forward command 20
show interfaces command 19, 24
show interfaces switchport 4
show l2protocol command 13, 15, 16
show lldp traffic command 11
show platform forward command 20
show running-config command
displaying ACLs 19, 20, 31, 34
interface description in 24
shutdown command on interfaces 32
shutdown threshold for Layer 2 protocol packets 11
Simple Network Management Protocol
small-frame arrival rate, configuring 5
Smartports macros
applying Cisco-default macros 18
applying global parameter values 18
configuration guidelines 17
default configuration 17
defined 1
displaying 19
tracing 17
SNAP 1
SNMP
accessing MIB variables with 4
agent
described 4
disabling 7
and IP SLAs 2
authentication level 10
community strings
configuring 8
for cluster switches 4
overview 4
configuration examples 17
default configuration 6
engine ID 7
host 7
ifIndex values 5
in-band management 6
in clusters 14
informs
and trap keyword 11
described 5
differences from traps 5
disabling 15
enabling 15
limiting access by TFTP servers 16
limiting system log messages to NMS 10
managing clusters with 15
MIBs
location of 3
supported 1
notifications 5
security levels 3
setting CPU threshold notification 15
status, displaying 18
system contact and location 16
trap manager, configuring 13
traps
differences from informs 5
disabling 15
enabling 11
enabling MAC address notification 22, 24, 25
types of 12
versions supported 2
SNMP and Syslog Over IPv6 7
SNMPv1 2
SNMPv2C 2
SNMPv3 2
snooping, IGMP 2
software images
location in flash 23
recovery procedures 2
scheduling reloads 20
tar file format, described 23
See also downloading and uploading
source addresses
in IPv4 ACLs 11
in IPv6 ACLs 5
source-and-destination-IP address based forwarding, EtherChannel 7
source-and-destination MAC address forwarding, EtherChannel 7
source-IP address based forwarding, EtherChannel 7
source-MAC address forwarding, EtherChannel 7
Source-specific multicast
SPAN
configuration guidelines 10
default configuration 9
destination ports 7
displaying status 22
interaction with other features 8
monitored ports 5
monitoring ports 7
ports, restrictions 12
received traffic 4
sessions
configuring ingress forwarding 14, 21
creating 11
defined 3
limiting source traffic to specific VLANs 14
removing destination (monitoring) ports 12
specifying monitored ports 11
with ingress traffic enabled 13
source ports 5
transmitted traffic 5
VLAN-based 6
spanning tree and native VLANs 17
Spanning Tree Protocol
SPAN traffic 4
split horizon, RIP 22
SRR
configuring
shaped weights on egress queues 75
shared weights on egress queues 76
shared weights on ingress queues 68
described 14
shaped mode 14
shared mode 14
support for 12
SSH
configuring 45
cryptographic software image 44
encryption methods 44
user authentication methods, supported 45
SSL
configuration guidelines 51
configuring a secure HTTP client 54
configuring a secure HTTP server 52
cryptographic software image 48
described 48
monitoring 54
SSM
address management restrictions 15
CGMP limitations 16
components 14
configuration guidelines 15
differs from Internet standard multicast 14
IGMP snooping 16
IGMPv3 14
IGMPv3 Host Signalling 15
IP address range 14
monitoring 16
operations 14
PIM 14
state maintenance limitations 16
SSM mapping 17
configuration guidelines 17
monitoring 21
overview 18
restrictions 17
static traffic forwarding 21
standby command switch
considerations 11
defined 2
priority 10
requirements 3
virtual IP address 11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 6
standby links 2
standby router 1
standby timers, HSRP 10
startup configuration
booting
manually 17
specific image 18
clearing 18
configuration file
automatically downloading 16
specifying the filename 16
default boot configuration 16
static access ports
assigning to VLAN 9
defined 3
static addresses
static IP routing 13
static MAC addressing 9
static route primary interface,configuring 10
static routes
configuring 88
configuring for IPv6 19
understanding 6
static routing 3
static routing support, enhanced object tracking 10
static traffic forwarding 21
static VLAN membership 2
statistics
802.1X 17
802.1x 62
CDP 4
interface 31
IP multicast routing 62
LLDP 10
LLDP-MED 10
NMSP 10
OSPF 32
QoS ingress and egress 78
RMON group Ethernet 5
RMON group history 5
SNMP input and output 18
VTP 16
sticky learning 9
storm control
configuring 3
described 1
disabling 5
displaying 19
support for 4
thresholds 1
STP
accelerating root port selection 4
BackboneFast
described 5
disabling 14
enabling 13
BPDU filtering
described 3
disabling 12
enabling 12
BPDU guard
described 2
disabling 12
enabling 11
BPDU message exchange 3
configuration guidelines 12, 10
configuring
forward-delay time 21
hello time 20
maximum aging time 21
path cost 18
port priority 17
root switch 14
secondary root switch 16
spanning-tree mode 13
switch priority 19
transmit hold-count 22
counters, clearing 22
default configuration 11
default optional feature configuration 9
designated port, defined 3
designated switch, defined 3
detecting indirect link failures 5
disabling 14
displaying status 22
EtherChannel guard
described 7
disabling 14
enabling 14
extended system ID
effects on root switch 14
effects on the secondary root switch 16
overview 4
unexpected behavior 15
features supported 7
IEEE 802.1D and bridge ID 4
IEEE 802.1D and multicast addresses 8
IEEE 802.1t and VLAN identifier 4
inferior BPDU 3
instances supported 9
interface state, blocking to forwarding 2
interface states
blocking 5
disabled 7
learning 6
listening 6
overview 4
interoperability and compatibility among modes 10
Layer 2 protocol tunneling 8
limitations with IEEE 802.1Q trunks 10
load sharing
overview 22
using path costs 24
using port priorities 22
loop guard
described 9
enabling 15
modes supported 9
multicast addresses, effect of 8
optional features supported 7
overview 2
Port Fast
described 2
enabling 10
port priorities 23
preventing root switch selection 8
protocols supported 9
redundant connectivity 8
root guard
described 8
enabling 15
root port, defined 3
root switch
configuring 15
effects of extended system ID 4, 14
election 3
unexpected behavior 15
shutdown Port Fast-enabled port 2
status, displaying 22
superior BPDU 3
timers, described 20
UplinkFast
described 3
enabling 13
VLAN-bridge 10
stratum, NTP 2
stub areas, OSPF 28
stub routing, EIGRP 39
subdomains, private VLAN 1
subnet mask 5
subnet zero 6
success response, VMPS 26
summer time 13
SunNet Manager 5
supernet 6
supported port-based authentication methods 7
Smartports macros
See also Auto Smartports macros
SVI autostate exclude
configuring 27
defined 6
SVI link state 6
SVIs
and IP unicast routing 3
and router ACLs 4
connecting VLANs 9
defined 5
routing between VLANs 2
switch 2
switch clustering technology 1
switch console port 6
Switch Database Management
switched packets, ACLs on 38
Switched Port Analyzer
switched ports 2
switchport backup interface 4, 5
switchport block multicast command 8
switchport block unicast command 8
switchport command 15
switchport mode dot1q-tunnel command 6
switchport protected command 7
switch priority
MSTP 21
STP 19
switch software features 1
switch virtual interface
synchronization, BGP 45
syslog
system capabilities TLV 2
system clock
configuring
daylight saving time 13
manually 11
summer time 13
time zones 12
displaying the time and date 12
overview 1
system description TLV 2
system message logging
default configuration 3
defining error message severity levels 8
disabling 4
displaying the configuration 13
enabling 4
facility keywords, described 13
level keywords, described 9
limiting messages 10
message format 2
overview 1
sequence numbers, enabling and disabling 8
setting the display destination device 5
synchronizing log messages 6
syslog facility 14
time stamps, enabling and disabling 7
UNIX syslog servers
configuring the daemon 12
configuring the logging facility 12
facilities supported 13
system MTU
and IS-IS LSPs 66
system MTU and IEEE 802.1Q tunneling 5
system name
default configuration 15
default setting 15
manual configuration 15
system name TLV 2
system prompt, default setting 14, 15
system resources, optimizing 1
system routing
IS-IS 61
ISO IGRP 61
T
TACACS+
accounting, defined 11
authentication, defined 11
authorization, defined 11
configuring
accounting 17
authentication key 13
authorization 16
login authentication 14
default configuration 13
displaying the configuration 17
identifying the server 13
in clusters 14
limiting the services to the user 16
operation of 12
overview 10
support for 11
tracking services accessed by user 17
tagged packets
IEEE 802.1Q 3
Layer 2 protocol 7
tar files
creating 6
displaying the contents of 6
extracting 7
image file format 23
TCL script, registering and defining with embedded event manager 6
TDR 15
Telnet
accessing management interfaces 10
number of connections 6
setting a password 6
temporary self-signed certificate 49
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 6
TFTP
configuration files
downloading 11
preparing the server 10
uploading 11
configuration files in base directory 7
configuring for autoconfiguration 7
image files
deleting 27
downloading 25
preparing the server 25
uploading 27
limiting access by servers 16
TFTP server 5
threshold, traffic level 2
threshold monitoring, IP SLAs 6
time
Time Domain Reflector
time-range command 16
time ranges in ACLs 16
time stamps in log messages 7
time zones 12
TLVs
defined 1
LLDP 1
LLDP-MED 2
Token Ring VLANs
support for 6
VTP support 4
ToS 12
traceroute, Layer 2
and ARP 15
and CDP 15
broadcast traffic 15
described 15
IP addresses and subnets 15
MAC addresses and VLANs 15
multicast traffic 15
multiple devices on a port 16
unicast traffic 15
usage guidelines 15
traceroute command 17
tracked lists
configuring 3
types 3
tracked objects
by Boolean expression 4
by threshold percentage 6
by threshold weight 5
tracking interface line-protocol state 2
tracking IP routing state 2
tracking objects 1
tracking process 1
track state, tracking IP SLAs 9
traffic
blocking flooded 8
fragmented 5
fragmented IPv6 2
unfragmented 5
traffic policing 12
traffic suppression 1
transmit hold-count
transparent mode, VTP 3
trap-door mechanism 2
traps
configuring MAC address notification 22, 24, 25
configuring managers 11
defined 3
notification types 12
troubleshooting
connectivity problems 13, 14, 16
CPU utilization 24
detecting unidirectional links 1
displaying crash information 23
PIMv1 and PIMv2 interoperability problems 35
setting packet forwarding 20
SFP security and identification 12
show forward command 20
with CiscoWorks 4
with debug commands 19
with ping 13
with system message logging 1
with traceroute 16
trunk failover
trunking encapsulation 8
trunk ports
configuring 19
defined 3
trunks
allowed-VLAN list 20
ISL 15
load sharing
setting STP path costs 24
using STP port priorities 22, 23
native VLAN for untagged traffic 21
parallel 24
pruning-eligible list 21
to non-DTP device 15
trusted boundary for QoS 38
trusted port states
between QoS domains 40
classification options 5
ensuring port security for IP phones 38
support for 12
within a QoS domain 36
trustpoints, CA 49
tunneling
defined 1
IEEE 802.1Q 1
Layer 2 protocol 8
tunnel ports
defined 4
IEEE 802.1Q, configuring 6
incompatibilities with other features 6
twisted-pair Ethernet, detecting unidirectional links 1
type of service
U
UDLD
configuration guidelines 4
default configuration 4
disabling
globally 5
on fiber-optic interfaces 5
per interface 5
echoing detection mechanism 2
enabling
globally 5
per interface 5
Layer 2 protocol tunneling 10
link-detection mechanism 1
neighbor database 2
overview 1
resetting an interface 6
status, displaying 6
support for 7
UDP, configuring 14
UDP jitter, configuring 9
UDP jitter operation, IP SLAs 9
unauthorized ports with IEEE 802.1x 10
unicast MAC address filtering 5
and adding static addresses 28
and broadcast MAC addresses 27
and CPU packets 27
and multicast addresses 27
and router MAC addresses 27
configuration guidelines 27
described 27
unicast storm 1
unicast storm control command 4
unicast traffic, blocking 8
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 12
facilities supported 13
message logging configuration 12
unrecognized Type-Length-Value (TLV) support 4
upgrading software images
UplinkFast
described 3
disabling 13
enabling 13
support for 7
uploading
configuration files
reasons for 8
using FTP 14
using RCP 17
using TFTP 11
image files
reasons for 23
using FTP 31
using RCP 35
using TFTP 27
User Datagram Protocol
user EXEC mode 2
username-based authentication 6
V
version-dependent transparent mode 4
virtual IP address
cluster standby group 11
command switch 11
Virtual Private Network
virtual switches and PAgP 5
vlan.dat file 5
VLAN 1, disabling on a trunk port 20
VLAN 1 minimization 20
VLAN ACLs
vlan-assignment response, VMPS 26
VLAN configuration
at bootup 7
saving 7
VLAN configuration mode 2
VLAN database
and startup configuration file 7
and VTP 1
VLAN configuration saved in 7
VLANs saved in 4
vlan dot1q tag native command 5
VLAN filtering and SPAN 6
vlan global configuration command 7
VLAN ID, discovering 30
VLAN link state 5
VLAN load balancing on flex links 2
configuration guidelines 8
VLAN management domain 2
VLAN Management Policy Server
VLAN map entries, order of 30
VLAN maps
applying 34
common uses for 34
configuration guidelines 30
configuring 29
creating 31
defined 2
denying access to a server example 35
denying and permitting packets 31
displaying 41
examples of ACLs and VLAN maps 32
removing 34
support for 9
wiring closet configuration example 35
VLAN membership
confirming 29
modes 3
VLAN Query Protocol
VLANs
adding 8
adding to VLAN database 8
aging dynamic addresses 9
allowed on trunk 20
and spanning-tree instances 3, 6, 11
configuration guidelines, extended-range VLANs 11
configuration guidelines, normal-range VLANs 6
configuring 1
configuring IDs 1006 to 4094 11
connecting through SVIs 9
creating 8
customer numbering in service-provider networks 3
default configuration 7
deleting 9
displaying 14
features 8
illustrated 2