Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
Numerics
10-Gigabit Ethernet interfaces
configuration guidelines 11-14
defined 11-4
802.1D
See STP
802.1Q
and trunk ports 11-3
configuration limitations 13-19
encapsulation 13-17
native VLAN for untagged traffic 13-23
802.1s
See MSTP
802.1w
See RSTP
802.1x
See port-based authentication
802.3ad
See EtherChannel
802.3af
See PoE
802.3z flow control 11-17
A
abbreviating commands 2-3
ABRs 34-25
AC (command switch) 6-10, 6-20
access-class command 31-20
access control entries
See ACEs
access-denied response, VMPS 13-28
access groups
applying ACLs to interfaces 31-21
IP 31-21
Layer 2 31-21
Layer 3 31-21
accessing
clusters, switch 6-13
command switches 6-11
member switches 6-13
stack members 5-19
switch clusters 6-13
access lists
See ACLs
access ports
defined 11-3
in switch clusters 6-9
accounting
with 802.1x 10-5, 10-21
with RADIUS 9-28
with TACACS+ 9-11, 9-17
ACEs
and QoS 32-7
defined 31-2
Ethernet 31-2
IP 31-2
ACLs
ACEs 31-2
any keyword 31-13
applying
on bridged packets 31-38
on multicast packets 31-40
on routed packets 31-39
on switched packets 31-38
time ranges to 31-17
to an interface 31-20
to QoS 32-7
classifying traffic for QoS 32-38
comments in 31-19
compiling 31-22
configuring with VLAN maps 31-37
defined 31-1, 31-7
examples of 31-22, 32-38
extended IP
configuring for QoS classification 32-40
creating 31-11
matching criteria 31-7
hardware and software handling 31-22
host keyword 31-13
IP
applying to an interface 31-20
applying to interfaces 31-20
creating 31-7
fragments and QoS guidelines 32-31
implicit deny 31-10, 31-14, 31-16
implicit masks 31-10
matching criteria 31-7
named 31-15
terminal lines, setting on 31-19
undefined 31-21
violations, logging 31-16
limiting actions 31-38
logging messages 31-10
log keyword 31-16
MAC extended 31-27, 32-41
matching 31-7, 31-21
monitoring 31-40
named 31-15
number per QoS class map 32-31
numbers 31-7
port 31-2
precedence of 31-2
QoS 32-7, 32-38
resequencing entries 31-15
router 31-2
standard IP
configuring for QoS classification 32-39
creating 31-9
matching criteria 31-7
supported features 31-22
support for 1-7
time ranges 31-17
unsupported features 31-6
using router ACLs with VLAN maps 31-37
VLAN maps
configuration guidelines 31-30
configuring 31-30
active links 20-1
active router 35-1
address aliasing 23-2
addresses
displaying the MAC address table 7-28
dynamic
accelerated aging 17-9
changing the aging time 7-22
default aging 17-9
defined 7-20
learning 7-21
removing 7-23
MAC, discovering 7-28
multicast
group address range 36-3
STP address management 17-9
static
adding and removing 7-25
defined 7-20
address resolution 7-28, 34-9
Address Resolution Protocol
See ARP
adjacency tables, with CEF 34-61
administrative distances
defined 34-72
OSPF 34-31
routing protocol defaults 34-63
advertisements
CDP 25-1
RIP 34-20
VTP 13-19, 14-3, 14-4
aggregate addresses, BGP 34-56
aggregated ports
See EtherChannel
aggregate policers 32-47
aggregate policing 1-8
aggregator template 5-10, 8-1
aging, accelerating 17-9
aging time
accelerated
for MSTP 18-21
for STP 17-9, 17-23
MAC address table 7-22
maximum
for MSTP 18-22
for STP 17-23
alarms, RMON 28-3
allowed-VLAN list 13-21
area border routers
See ABRs
ARP
configuring 34-10
defined 1-4, 7-28, 34-9
encapsulation 34-11
static cache configuration 34-10
table
address resolution 7-28
managing 7-28
ASBRs 34-25
AS-path filters, BGP 34-50
attributes, RADIUS
vendor-proprietary 9-31
vendor-specific 9-29
audience xxxv
authentication
EIGRP 34-38
HSRP 35-9
local mode with AAA 9-36
NTP associations 7-5
RADIUS
key 9-21
login 9-23
See also port-based authentication
TACACS+
defined 9-11
key 9-13
login 9-14
authentication keys, and routing protocols 34-73
authoritative time source, described 7-2
authorization
with RADIUS 9-27
with TACACS+ 9-11, 9-16
authorized ports with 802.1x 10-4
autoconfiguration 4-3
automatic discovery
adding member switches 6-18
considerations
beyond a noncandidate device 6-8
brand new switches 6-9
connectivity 6-5
different VLANs 6-7
management VLANs 6-7
non-CDP-capable devices 6-6
noncluster-capable devices 6-6
routed ports 6-8
creating a cluster standby group 6-20
in switch clusters 6-5
See also CDP
automatic QoS
See QoS
automatic recovery, clusters 6-10
See also HSRP
autonegotiation
duplex mode 1-3
interface configuration guidelines 11-15
mismatches 39-13
autonomous system boundary routers
See ASBRs
autonomous systems, in BGP 34-44
Auto-RP, described 36-5
autosensing, port speed 1-3
auxiliary VLAN
See voice VLAN
availability, features 1-5
B
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
support for 1-5
backup interfaces
See Flex Links
backup links 20-1
banners
configuring
login 7-20
message-of-the-day login 7-19
default configuration 7-18
when displayed 7-18
BGP
aggregate addresses 34-56
aggregate routes, configuring 34-56
CIDR 34-56
clear commands 34-59
community filtering 34-52
configuring neighbors 34-54
default configuration 34-42
described 34-41
enabling 34-44
monitoring 34-59
multipath support 34-47
neighbors, types of 34-44
path selection 34-47
peers, configuring 34-54
prefix filtering 34-51
resetting sessions 34-46
route dampening 34-58
route maps 34-49
route reflectors 34-57
routing domain confederation 34-56
show commands 34-59
supernets 34-56
support for 1-8
Version 4 34-41
binding cluster group and HSRP group 35-11
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 21-5
DHCP snooping database 21-5
IP source guard 21-15
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-13
boot loader
accessing 4-14
described 4-2
environment variables 4-14
prompt 4-14
trap-door mechanism 4-2
bootstrap router (BSR), described 36-5
Border Gateway Protocol
See BGP
BPDU
error-disabled state 19-3
filtering 19-3
RSTP format 18-10
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
support for 1-6
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
support for 1-6
bridged packets, ACLs on 31-38
bridge groups
See fallback bridging
bridge protocol data unit
See BPDU
broadcast flooding 34-17
broadcast packets
directed 34-14
flooded 34-14
broadcast storm-control command 24-3
broadcast storms 24-2, 34-14
C
cables, monitoring for unidirectional links 26-1
candidate switch
adding 6-18
automatic discovery 6-5
defined 6-4
HC 6-21
passwords 6-19
requirements 6-4
standby group 6-20
See also command switch, cluster standby group, and member switch
caution, described xxxvi
CC (command switch) 6-21
CDP
and trusted boundary 32-36
automatic discovery in switch clusters 6-5
configuring 25-2
default configuration 25-2
described 25-1
disabling for routing device 25-3 to 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
monitoring 25-5
overview 25-1
support for 1-5
switch stack considerations 25-2
transmission timer and holdtime, setting 25-2
updates 25-2
CEF 34-60
CGMP
as IGMP snooping learning method 23-8
clearing cached group entries 36-51
enabling server support 36-33
joining multicast group 23-3
overview 36-7
server support only 36-7
switch support of 1-4
CIDR 34-56
Cisco 7960 IP Phone 16-1
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
See IFS
Cisco StackWise technology 1-3
See also stacks, switch
CiscoWorks 2000 1-4, 30-5
classless interdomain routing
See CIDR
classless routing 34-7
class maps for QoS
configuring 32-42
described 32-7
displaying 32-67
class of service
See CoS
clearing interfaces 11-25
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 6-23
no and default forms of commands 2-4
client mode, VTP 14-3
clock
See system clock
Cluster Management Suite
See CMS
cluster requirements
See release notes
clusters, switch
accessing 6-13
adding member switches 6-18
automatic discovery 6-5
automatic recovery 6-10
benefits 1-2
command switch configuration 6-17
clusters, switch (continued)
compatibility 6-4
creating 6-17
creating a cluster standby group 6-20
described 6-1
LRE profile considerations 6-17
managing
through CLI 6-23
through SNMP 6-24
planning 6-4
planning considerations
automatic discovery 6-5
automatic recovery 6-10
CLI 6-23
host names 6-13
IP addresses 6-13
LRE profiles 6-17
passwords 6-14
RADIUS 6-16
SNMP 6-14, 6-24
switch-specific features 6-17
switch stacks 6-14
TACACS+ 6-16
redundancy 6-20
troubleshooting 6-22
verifying 6-22
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
cluster standby group
and HSRP group 35-11
automatic recovery 6-12
considerations 6-11
creating 6-20
defined 6-2
requirements 6-3
virtual IP address 6-11
See also HSRP
CMS
benefits 1-2
configuration modes 3-5
described 1-2, 1-4
downloading image files 1-2, 3-16, B-20
Front Panel view, described 3-2
operating systems and supported browsers 3-9
privilege levels 3-7
requirements 3-8 to 3-9
Topology view 3-15
wizards 3-6
Coarse Wave Division Multiplexer
See CWDM SFPs
command-line interface
See CLI
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 9-8
command switch
accessing 6-11
active (AC) 6-10, 6-20
command switch with HSRP disabled (CC) 6-21
configuration conflicts 39-12
defined 6-2
enabling 6-17
passive (PC) 6-10, 6-21
password privilege levels 6-23
priority 6-10
recovery
from command-switch failure 6-10, 39-9
from lost member connectivity 39-12
redundant 6-10, 6-20
replacing
with another switch 39-11
with cluster member 39-9
command switch (continued)
requirements 6-3
standby (SC) 6-10, 6-20
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 34-53
community ports 15-2
community strings
configuring 6-14, 30-8
for cluster switches 30-4
in clusters 6-14
overview 30-4
SNMP 6-14
community VLANs 15-2, 15-3
compatibility, software
See stacks, switch
config.text 4-12
configuration, initial
defaults 1-10
Express Setup 1-2, 1-10, 3-12
setup (CLI) program 1-10
See also hardware installation guide
configuration conflicts, recovering from lost member connectivity 39-12
configuration examples, network 1-12
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 4-12
deleting a stored configuration B-19
described B-8
downloading
automatically 4-12
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
configuration files (continued)
guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 30-16
obtaining with DHCP 4-7
password recovery disable considerations 9-5
specifying the filename 4-12
system contact and location information 30-15
types and location B-9
uploading
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
configuration modes, CMS 3-5
configuration settings, saving 4-10
configure terminal command 11-8
config-vlan mode 2-2, 13-7
conflicts, configuration 39-12
connections, secure remote 9-38
connectivity problems 39-14, 39-16, 39-17
consistency checks in VTP Version 2 14-4
console port, connecting to 2-9
conventions
command xxxvi
for examples xxxvi
publication xxxvi
text xxxvi
corrupted software, recovery steps with Xmodem 39-2
CoS
in Layer 2 frames 32-2
override priority 16-6
trust priority 16-6
CoS input queue threshold map for QoS 32-14
CoS output queue threshold map for QoS 32-17
CoS-to-DSCP map for QoS 32-50
counters, clearing interface 11-25
crashinfo file 39-25
cross-stack EtherChannel
configuration guidelines 33-12
configuring
on Layer 2 interfaces 33-12
on Layer 3 physical interfaces 33-16
described 33-2
illustration 33-3
support for 1-5
cross-stack UplinkFast, STP
described 19-5
disabling 19-16
enabling 19-16
fast-convergence events 19-7
Fast Uplink Transition Protocol 19-6
normal-convergence events 19-7
support for 1-5
cryptographic software image
Kerberos 9-32
SSH 9-37
switch stack considerations 5-2, 5-14, 9-38
CWDM SFPs 1-22
D
daylight saving time 7-13
debugging
enabling all system diagnostics 39-22
enabling for a specific feature 39-22
redirecting error message output 39-22
using commands 39-21
default commands 2-4
default configuration
802.1x 10-11
auto-QoS 32-18
banners 7-18
default configuration (continued)
BGP 34-42
booting 4-12
CDP 25-2
DHCP 21-7
DHCP option 82 21-7
DHCP snooping 21-7
DHCP snooping binding database 21-7
DNS 7-17
dynamic ARP inspection 22-5
EIGRP 34-35
EtherChannel 33-10
fallback bridging 38-4
Flex Links 20-2
HSRP 35-4
IGMP 36-27
IGMP filtering 23-20
IGMP snooping 23-6
IGMP throttling 23-20
initial switch information 4-3
IP addressing, IP routing 34-5
IP multicast routing 36-8
IP source guard 21-16
Layer 2 interfaces 11-12
MAC address table 7-22
MSDP 37-4
MSTP 18-13
MVR 23-15
NTP 7-4
optional spanning-tree configuration 19-12
OSPF 34-26
password and privilege level 9-2
PIM 36-8
private VLANs 15-7
RADIUS 9-20
RIP 34-20
RMON 28-3
default configuration (continued)
RSPAN 27-11
SNMP 30-7
SPAN 27-11
standard QoS 32-29
STP 17-13
switch stacks 5-17
system message logging 29-4
system name and prompt 7-15
TACACS+ 9-13
UDLD 26-4
VLAN, Layer 2 Ethernet interfaces 13-19
VLANs 13-8
VMPS 13-29
voice VLAN 16-3
VTP 14-7
default gateway 4-10, 34-12
default networks 34-64
default routes 34-63
default routing 34-2
deleting VLANs 13-11
description command 11-20
designing your network, examples 1-12
desktop template 5-10, 8-1
destination addresses, in ACLs 31-12
destination-IP address-based forwarding, EtherChannel 33-8
destination-MAC address forwarding, EtherChannel 33-8
detecting indirect link failures, STP 19-8
device discovery protocol 25-1
Device Manager 3-9
DHCP
Cisco IOS server database
configuring 21-12
default configuration 21-7
described 21-5
enabling
relay agent 21-9
server 21-8
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-6
relay device 4-6
server side 4-5
server-side 21-8
TFTP server 4-5
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
overview 4-3
relationship to BOOTP 4-4
relay support 1-4, 1-9
support for 1-4
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 21-4
configuration guidelines 21-8
default configuration 21-7
displaying 21-14
forwarding address, specifying 21-9
helper address 21-9
overview 21-3
packet format, suboption
circuit ID 21-4
remote ID 21-4
remote ID suboption 21-4
DHCP snooping
and private VLANs 21-12
binding database
See DHCP snooping binding database
configuration guidelines 21-8
default configuration 21-7
DHCP snooping (continued)
displaying binding database 21-14
displaying configuration 21-14
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-12
binding file
format 21-6
location 21-5
bindings 21-5
clearing agent statistics 21-13
configuration guidelines 21-8
configuring 21-12
default configuration 21-7
deleting
binding file 21-13
bindings 21-13
database agent 21-13
described 21-5
displaying
binding entries 21-14
status and statistics 21-15
enabling 21-12
entry 21-5
renewing database 21-13
resetting
delay value 21-13
timeout value 21-13
updating process 21-6
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 32-2
Differentiated Services Code Point 32-2
Diffusing Update Algorithm (DUAL) 34-34
directed unicast requests 1-4
directories
changing B-4
creating and removing B-4
displaying the working B-4
discovery, clusters
See automatic discovery
Distance Vector Multicast Routing Protocol
See DVMRP
distance-vector protocols 34-3
distribute-list command 34-72
DNS
and DHCP-based autoconfiguration 4-6
default configuration 7-17
displaying the configuration 7-18
overview 7-16
setting up 7-17
support for 1-4
documentation, related xxxvii
document conventions xxxvi
domain names
DNS 7-16
VTP 14-8
Domain Name System
See DNS
downloading
configuration files
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-24
preparing B-22, B-25, B-29
reasons for B-20
using CMS 1-2, 3-16, B-20
using FTP B-26
using HTTP 1-2, 3-16, B-20
using RCP B-31
using TFTP B-23
DSCP 1-7, 32-2
DSCP input queue threshold map for QoS 32-14
DSCP output queue threshold map for QoS 32-17
DSCP-to-CoS map for QoS 32-52
DSCP-to-DSCP-mutation map for QoS 32-53
DTP 1-6, 13-17
DUAL finite state machine, EIGRP 34-34
duplex mode, configuring 11-14
DVMRP
autosummarization
configuring a summary address 36-47
disabling 36-49
connecting PIM domain to DVMRP router 36-39
enabling unicast routing 36-43
interoperability
with Cisco devices 36-37
with Cisco IOS software 36-7
mrinfo requests, responding to 36-42
neighbors
advertising the default route to 36-41
discovery with Probe messages 36-37
displaying information 36-42
prevent peering with nonpruning 36-45
rejecting nonpruning 36-43
overview 36-7
routes
adding a metric offset 36-49
advertising all 36-49
advertising the default route to neighbors 36-41
caching DVMRP routes learned in report messages 36-43
changing the threshold for syslog messages 36-46
deleting 36-51
displaying 36-51
favoring one over another 36-49
limiting the number injected into MBONE 36-46
limiting unicast route advertisements 36-37
routing table 36-7
source distribution tree, building 36-7
support for 1-9
tunnels
configuring 36-39
displaying neighbor information 36-42
dynamic access ports
characteristics 13-4
configuring 13-30
defined 11-3
dynamic addresses
See addresses
dynamic ARP inspection
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
clearing
log buffer 22-15
statistics 22-15
configuration guidelines 22-6
configuring
ACLs for non-DHCP environments 22-8
in DHCP environments 22-7
log buffer 22-12
rate limit for incoming ARP packets 22-4, 22-10
dynamic ARP inspection (continued)
default configuration 22-5
denial-of-service attacks, preventing 22-10
described 22-1
DHCP snooping binding database 22-2
displaying
ARP ACLs 22-14
configuration and operating state 22-14
log buffer 22-15
statistics 22-15
trust state and rate limit 22-14
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
log buffer
clearing 22-15
configuring 22-12
displaying 22-15
logging of dropped packets, described 22-4
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
rate limiting of ARP packets
configuring 22-10
described 22-4
error-disabled state 22-4
statistics
clearing 22-15
displaying 22-15
validation checks, performing 22-11
dynamic auto trunking mode 13-18
dynamic desirable trunking mode 13-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 13-28
reconfirming 13-31
troubleshooting 13-33
types of connections 13-30
dynamic routing 34-3
Dynamic Trunking Protocol
See DTP
E
EBGP 34-40
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EIGRP
and IGRP 34-36
authentication 34-38
components 34-34
configuring 34-36
default configuration 34-35
definition 34-34
interface parameters, configuring 34-37
monitoring 34-39
support for 1-8
elections
See stack master
enable password 9-4
enable secret password 9-4
encryption for passwords 9-4
Enhanced IGRP
See EIGRP
environment variables, function of 4-15
equal-cost routing 1-9, 34-62
error messages during command entry 2-4
EtherChannel
802.3ad, described 33-6
automatic creation of 33-5, 33-6
channel groups
binding physical and logical interfaces 33-4
numbering of 33-4
configuration guidelines 33-11
configuring
Layer 2 interfaces 33-12
Layer 3 physical interfaces 33-16
Layer 3 port-channel logical interfaces 33-15
default configuration 33-10
described 33-2
displaying status 33-23
forwarding methods 33-7, 33-18
interaction
with STP 33-11
with VLANs 33-12
LACP
described 33-6
displaying status 33-23
hot-standby ports 33-20
interaction with other features 33-7
modes 33-7
port priority 33-22
system priority 33-21
Layer 3 interface 34-4
load balancing 33-7, 33-18
logical interfaces, described 33-4
PAgP
aggregate-port learners 33-19
compatibility with Catalyst 1900 33-19
described 33-5
displaying status 33-23
interaction with other features 33-6
learn method and priority configuration 33-19
modes 33-5
support for 1-3
port-channel interfaces
described 33-4
numbering of 33-4
port groups 11-5
stack changes, effects of 33-9
support for 1-3
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
Ethernet VLANs
adding 13-9
defaults and ranges 13-8
modifying 13-9
events, RMON 28-3
examples
conventions for xxxvi
network configuration 1-12
expedite queue for QoS 32-66
expert mode 3-6
Express Setup 1-2, 1-10, 3-12
See also hardware installation guide
extended-range VLANs
configuration guidelines 13-13
configuring 13-12
creating 13-14
defined 13-1
extended system ID
MSTP 18-15
STP 17-4, 17-16
Extensible Authentication Protocol over LAN 10-1
external BGP
See EBGP
external neighbors, BGP 34-44
F
failover support 1-5
fallback bridging
and protected ports 38-4
bridge groups
creating 38-4
described 38-2
displaying 38-11
function of 38-2
number supported 38-5
removing 38-5
bridge table
clearing 38-11
displaying 38-11
configuration guidelines 38-4
connecting interfaces with 11-7
default configuration 38-4
described 38-1
frame forwarding
flooding packets 38-2
forwarding packets 38-2
overview 38-1
protocol, unsupported 38-4
stack changes, effects of 38-3
STP
disabling on an interface 38-11
forward-delay interval 38-10
hello BPDU interval 38-9
interface priority 38-7
keepalive messages 17-2
maximum-idle interval 38-10
path cost 38-8
VLAN-bridge spanning-tree priority 38-7
VLAN-bridge STP 38-2
support for 1-8
SVIs and routed ports 38-1
unsupported protocols 38-4
VLAN-bridge STP 17-12
Fast Uplink Transition Protocol 19-6
FIB 34-60
fiber-optic, detecting unidirectional links 26-1
files
copying B-5
crashinfo
description 39-25
displaying the contents of 39-25
location 39-25
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-5
setting the default B-3
filtering
in a VLAN 31-30
non-IP traffic 31-27
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
See ACLs, IP
flash device, number of B-1
Flex Links
configuration guidelines 20-2
configuring 20-3
default configuration 20-2
description 20-1
monitoring 20-3
flooded traffic, blocking 24-6
flow-based packet classification 1-7
flowcharts
QoS classification 32-6
QoS egress queueing and scheduling 32-15
QoS ingress queueing and scheduling 32-13
QoS policing and marking 32-9
flow control 1-3, 11-17
forward-delay time
MSTP 18-21
STP 17-23
Forwarding Information Base
See FIB
forwarding nonroutable protocols 38-1
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-15
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-5
get-request operation 30-3, 30-5
get-response operation 30-3
Gigabit modules
See SFPs
global configuration mode 2-2
guest VLAN and 802.1x 10-8
guide
audience xxxv
purpose of xxxv
guide mode 1-2, 3-5
H
hardware limitations and Layer 3 interfaces 11-21
HC (candidate switch) 6-21
hello time
MSTP 18-20
STP 17-22
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 29-10
host names
abbreviations appended to 6-20
in clusters 6-13
host ports
configuring 15-11
kinds of 15-2
hosts, limit on dynamic ports 13-33
Hot Standby Router Protocol
See HSRP
HP OpenView 1-4
HSRP
authentication string 35-9
automatic cluster recovery 6-12
binding to cluster group 35-11
cluster standby group considerations 6-11
command-switch redundancy 1-1, 1-5
configuring 35-3
default configuration 35-4
definition 35-1
guidelines 35-4
monitoring 35-11
overview 35-1
priority 35-6
routing redundancy 1-8
support for ICMP redirect messages 35-10 to 35-11
switch stack considerations 35-2
timers 35-9
tracking 35-6
See also clusters, cluster standby group, and standby command switch
I
IBPG 34-40
ICMP
redirect messages 34-12
support for 1-9
time-exceeded messages 39-18
traceroute and 39-18
unreachable messages 31-20
unreachables and ACLs 31-22
ICMP ping
executing 39-15
overview 39-14
ICMP Router Discovery Protocol
See IRDP
IDS appliances
and ingress RSPAN 27-21
and ingress SPAN 27-15
IEEE 802.1p 16-1
ifIndex values, SNMP 30-6
IFS 1-5
IGMP
configuring the switch
as a member of a group 36-27
statically connected member 36-32
controlling access to groups 36-28
default configuration 36-27
deleting cache entries 36-51
displaying groups 36-51
fast switching 36-32
host-query interval, modifying 36-30
joining multicast group 23-3
join messages 23-3
leave processing, enabling 23-11
leaving multicast group 23-5
multicast reachability 36-27
overview 36-2
queries 23-4
report suppression
described 23-5
disabling 23-11
support for 1-4
Version 1
changing to Version 2 36-29
described 36-3
Version 2
changing to Version 1 36-29
described 36-3
maximum query response time value 36-31
pruning groups 36-31
query timeout value 36-31
IGMP filtering
configuring 23-21
default configuration 23-20
described 23-19
monitoring 23-25
support for 1-4
IGMP groups
configuring filtering 23-23
setting the maximum number 23-23
IGMP profile
applying 23-22
configuration mode 23-21
configuring 23-21
IGMP snooping
and address aliasing 23-2
and stack changes 23-6
configuring 23-6
default configuration 23-6
definition 23-1
IGMP snooping (continued)
enabling and disabling 23-7
global configuration 23-7
Immediate Leave 23-5
in the switch stack 23-6
method 23-7
monitoring 23-12
support for 1-4
VLAN configuration 23-7
IGMP throttling
configuring 23-23
default configuration 23-20
described 23-20
displaying action 23-25
IGP 34-25
IGRP
split horizon 34-24
support for 1-8
Immediate Leave, IGMP
described 23-5
enabling 23-11
initial configuration
defaults 1-10
Express Setup 1-2, 1-10, 3-12
setup (CLI) program 1-10
See also hardware installation guide
interface
number 11-7
range macros 11-10
interface command 11-7 to 11-8
interface configuration mode 2-2
interfaces
configuration guidelines
10-Gigabit Ethernet 11-14
duplex and speed 11-15
configuring
duplex mode 11-14
procedure 11-8
speed 11-14
counters, clearing 11-25
described 11-20
descriptive name, adding 11-20
displaying information about 11-24
flow control 11-17
management 1-4
monitoring 11-24
naming 11-20
physical, identifying 11-7
range of 11-9
restarting 11-25
shutting down 11-25
status 11-24
supported 11-7
types of 11-1
interfaces range macro command 11-10
interface types 11-7
Interior Gateway Protocol
See IGP
Interior Gateway Routing Protocol
See IGRP
internal BGP
See IBGP
internal neighbors, BGP 34-44
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Inter-Switch Link
See ISL
inter-VLAN routing 1-8, 34-2
Intrusion Detection System
See IDS appliances
inventory, cluster 6-22
ip access group command 31-21
IP ACLs
applying to an interface 31-20
extended, creating 31-11
for QoS classification 32-7
implicit deny 31-10, 31-14, 31-16
implicit masks 31-10
logging 31-16
named 31-15
standard, creating 31-9
undefined 31-21
virtual terminal lines, setting on 31-19
IP addresses
candidate or member 6-4, 6-13
classes of 34-6
cluster access 6-2
command switch 6-3, 6-11, 6-13
default configuration 34-5
discovering 7-28
for IP routing 34-5
MAC address association 34-9
monitoring 34-18
redundant clusters 6-11
standby command switch 6-11, 6-13
See also IP information
IP broadcast address 34-16
ip cef distributed command 34-61
IP directed broadcasts 34-14
ip igmp profile command 23-21
IP information
assigned
manually 4-10
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP multicast routing
addresses
all-hosts 36-3
all-multicast-routers 36-3
host group address range 36-3
administratively-scoped boundaries, described 36-35
IP multicast routing (continued)
and IGMP snooping 23-1
Auto-RP
adding to an existing sparse-mode cloud 36-14
benefits of 36-14
clearing the cache 36-51
configuration guidelines 36-10
filtering incoming RP announcement messages 36-17
overview 36-5
preventing candidate RP spoofing 36-17
preventing join messages to false RPs 36-16
setting up in a new internetwork 36-14
using with BSR 36-22
bootstrap router
configuration guidelines 36-10
configuring candidate BSRs 36-20
configuring candidate RPs 36-21
defining the IP multicast boundary 36-19
defining the PIM domain border 36-18
overview 36-5
using with Auto-RP 36-22
Cisco implementation 36-2
configuring
basic multicast routing 36-10
IP multicast boundary 36-35
default configuration 36-8
enabling
multicast forwarding 36-11
PIM mode 36-11
group-to-RP mappings
Auto-RP 36-5
BSR 36-5
MBONE
deleting sdr cache entries 36-51
described 36-34
displaying sdr cache 36-52
enabling sdr listener support 36-34
limiting DVMRP routes advertised 36-46
limiting sdr cache entry lifetime 36-35
IP multicast routing (continued)
SAP packets for conference session announcement 36-34
Session Directory (sdr) tool, described 36-34
monitoring
packet rate loss 36-52
peering devices 36-52
tracing a path 36-52
multicast forwarding, described 36-6
PIMv1 and PIMv2 interoperability 36-9
protocol interaction 36-2
reverse path check (RPF) 36-6
routing table
deleting 36-51
displaying 36-52
RP
assigning manually 36-12
configuring Auto-RP 36-14
configuring PIMv2 BSR 36-18
monitoring mapping information 36-23
using Auto-RP and BSR 36-22
stacking
stack master functions 36-8
stack member functions 36-8
statistics, displaying system and network 36-51
See also CGMP
See also DVMRP
See also IGMP
See also PIM
IP phones
and QoS 16-1
automatic classification and queueing 32-18
configuring 16-4
ensuring port security with QoS 32-35
trusted boundary for QoS 32-35
IP precedence 32-2
IP-precedence-to-DSCP map for QoS 32-50
IP protocols
in ACLs 31-12
routing 1-8
IP routes, monitoring 34-74
IP routing
connecting interfaces with 11-7
disabling 34-19
enabling 34-19
IP source guard
and 802.1x 21-17
and DHCP snooping 21-15
and EtherChannels 21-17
and port security 21-17
and routed ports 21-17
and TCAM entries 21-17
and trunk interfaces 21-17
and VRF 21-17
binding configuration
automatic 21-15
manual 21-15
binding table 21-15
configuration guidelines 21-17
default configuration 21-16
described 21-15
disabling 21-18
displaying
bindings 21-19
configuration 21-19
enabling 21-17
filtering
source IP address 21-16
source IP and MAC address 21-16
source IP address filtering 21-16
source IP and MAC address filtering 21-16
static bindings
adding 21-17
deleting 21-18
IP traceroute
executing 39-18
overview 39-17
IP unicast routing
address resolution 34-9
administrative distances 34-63, 34-72
ARP 34-9
assigning IP addresses to Layer 3 interfaces 34-6
authentication keys 34-73
broadcast
address 34-16
flooding 34-17
packets 34-14
storms 34-14
classless routing 34-7
configuring static routes 34-62
default
addressing configuration 34-5
gateways 34-12
networks 34-64
routes 34-63
routing 34-2
directed broadcasts 34-14
disabling 34-19
dynamic routing 34-3
enabling 34-19
EtherChannel Layer 3 interface 34-4
IGP 34-25
inter-VLAN 34-2
IP addressing
classes 34-6
configuring 34-5
IRDP 34-13
Layer 3 interfaces 34-4
MAC address and IP address 34-9
passive interfaces 34-71
IP unicast routing (continued)
protocols
distance-vector 34-3
dynamic 34-3
link-state 34-3
proxy ARP 34-9
redistribution 34-64
reverse address resolution 34-9
routed ports 34-4
static routing 34-2
steps to configure 34-5
subnet mask 34-6
subnet zero 34-7
supernet 34-7
UDP 34-16
with SVIs 34-4
See also BGP
See also EIGRP
See also OSPF
See also RIP
IRDP
configuring 34-13
definition 34-13
support for 1-9
ISL
and trunk ports 11-3
encapsulation 1-6, 13-17
isolated port 15-2
isolated VLANs 15-2, 15-3
J
join messages, IGMP 23-3
K
KDC
described 9-32
See also Kerberos
keepalive messages 17-2
Kerberos
authenticating to
boundary switch 9-35
KDC 9-35
network services 9-35
configuration examples 9-32
configuring 9-36
credentials 9-32
cryptographic software image 9-32
described 9-32
KDC 9-32
operation 9-34
realm 9-33
server 9-33
support for 1-7
switch as trusted third party 9-32
terms 9-33
TGT 9-34
tickets 9-32
key distribution center
See KDC
L
LACP
See EtherChannel
Layer 2 frames, classification with CoS 32-2
Layer 2 interfaces, default configuration 11-12
Layer 2 traceroute
and ARP 39-17
and CDP 39-16
broadcast traffic 39-16
described 39-16
Layer 2 traceroute (continued)
IP addresses and subnets 39-17
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
Layer 2 trunks 13-17
Layer 3 features 1-8
Layer 3 interfaces
assigning IP addresses to 34-6
changing from Layer 2 mode 34-6
types of 34-4
Layer 3 packets, classification methods 32-2
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
See EtherChannel
link redundancy
See Flex Links
links, unidirectional 26-1
link state advertisements (LSAs) 34-29
link-state protocols 34-3
load balancing 35-6
logging messages, ACL 31-10
login authentication
with RADIUS 9-23
with TACACS+ 9-14
login banners 7-18
log messages
See system message logging
Long-Reach Ethernet (LRE) technology 1-14, 1-21
loop guard
described 19-11
enabling 19-18
support for 1-6
LRE profiles, considerations in switch clusters 6-17
M
MAC addresses
aging time 7-22
and VLAN association 7-21
building the address table 7-21
default configuration 7-22
discovering 7-28
displaying 7-28
displaying in DHCP snooping binding database 21-14
displaying in the IP source binding table 21-19
dynamic
learning 7-21
removing 7-23
in ACLs 31-27
IP address association 34-9
static
adding 7-26
allowing 7-27
characteristics of 7-25
dropping 7-27
removing 7-26
MAC address notification, support for 1-9
MAC address-to-VLAN mapping 13-28
MAC extended access lists
applying to Layer 2 interfaces 31-29
configuring for QoS 32-41
creating 31-27
defined 31-27
for QoS classification 32-5
macros
See Smartports macros
manageability features 1-4
management access
in-band
browser session 1-5
CLI session 1-5
CMS 1-5
SNMP 1-5
out-of-band console port connection 1-5
management options
CLI 2-1
clustering 1-3
CMS 1-2
overview 1-4
switch stacks 1-3
management VLAN
considerations in switch clusters 6-7
discovery through different management VLANs 6-7
mapping tables for QoS
configuring
CoS-to-DSCP 32-50
DSCP 32-49
DSCP-to-CoS 32-52
DSCP-to-DSCP-mutation 32-53
IP-precedence-to-DSCP 32-50
policed-DSCP 32-51
described 32-10
marking
action in policy map 32-44
action with aggregate policers 32-47
described 32-3, 32-8
matching, ACLs 31-7
maximum aging time
MSTP 18-22
STP 17-23
maximum hop count, MSTP 18-22
maximum-paths command 34-47, 34-62
membership mode, VLAN port 13-3
member switch
adding 6-18
automatic discovery 6-5
defined 6-2
managing 6-23
passwords 6-13
recovering from lost connectivity 39-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
menu bar variations 3-4
messages
logging ACL violations 31-16
to users through banners 7-18
metrics, in BGP 34-48
metric translations, between routing protocols 34-68
MHSRP 35-7
MIBs
accessing files with FTP A-3
location of files A-3
overview 30-1
SNMP interaction with 30-5
supported A-1
mini-point-of-presence
See POP
mirroring traffic for analysis 27-1
mismatches, autonegotiation 39-13
module number 11-7
monitoring
access groups 31-40
ACL configuration 31-40
BGP 34-59
cables for unidirectional links 26-1
CDP 25-5
CEF 34-61
EIGRP 34-39
fallback bridging 38-11
features 1-9
Flex Links 20-3
HSRP 35-11
IGMP
filters 23-25
snooping 23-12
interfaces 11-24
IP
address tables 34-18
multicast routing 36-50
routes 34-74
MSDP peers 37-19
multicast router interfaces 23-12
MVR 23-19
network traffic for analysis with probe 27-2
OSPF 34-33
port
blocking 24-16
protection 24-16
private VLANs 15-15
RP mapping information 36-23
SFPs
status 11-24, 39-14
SFP status 1-9
source-active messages 37-19
speed and duplex mode 11-16
traffic flowing among switches 28-1
traffic suppression 24-16
VLAN
filters 31-41
maps 31-41
VLANs 13-16
VMPS 13-32
VTP 14-16
MSDP
benefits of 37-3
clearing MSDP connections and statistics 37-19
controlling source information
forwarded by switch 37-12
originated by switch 37-9
received by switch 37-14
default configuration 37-4
dense-mode regions
sending SA messages to 37-17
specifying the originating address 37-18
filtering
incoming SA messages 37-14
SA messages to a peer 37-12
SA requests from a peer 37-11
join latency, defined 37-6
meshed groups
configuring 37-16
defined 37-16
originating address, changing 37-18
overview 37-1
peer-RPF flooding 37-2
peers
configuring a default 37-4
monitoring 37-19
peering relationship, overview 37-1
requesting source information from 37-8
shutting down 37-16
source-active messages
caching 37-6
clearing cache entries 37-19
defined 37-2
filtering from a peer 37-11
filtering incoming 37-14
filtering to a peer 37-12
limiting data with TTL 37-14
monitoring 37-19
restricting advertised sources 37-9
support for 1-9
MSTP
boundary ports
configuration guidelines 18-14
described 18-5
BPDU filtering
described 19-3
enabling 19-14
BPDU guard
described 19-3
enabling 19-13
CIST, described 18-3
configuration guidelines 18-13, 19-12
configuring
forward-delay time 18-21
hello time 18-20
link type for rapid convergence 18-23
maximum aging time 18-22
maximum hop count 18-22
MST region 18-14
path cost 18-19
port priority 18-18
root switch 18-15
secondary root switch 18-17
switch priority 18-20
CST
defined 18-3
operations between regions 18-4
default configuration 18-13
default optional feature configuration 19-12
displaying status 18-24
enabling the mode 18-14
EtherChannel guard
described 19-10
enabling 19-17
extended system ID
effects on root switch 18-15
effects on secondary root switch 18-17
unexpected behavior 18-16
instances supported 17-10
interface state, blocking to forwarding 19-2
interoperability and compatibility among modes 17-11
interoperability with 802.1D
described 18-6
restarting migration process 18-23
IST
defined 18-3
master 18-3
operations within a region 18-3
loop guard
described 19-11
enabling 19-18
mapping VLANs to MST instance 18-14
MST region
CIST 18-3
configuring 18-14
described 18-2
hop-count mechanism 18-5
IST 18-3
supported spanning-tree instances 18-2
optional features supported 1-6
overview 18-2
Port Fast
described 19-2
enabling 19-12
preventing root switch selection 19-10
root guard
described 19-10
enabling 19-17
root switch
configuring 18-16
effects of extended system ID 18-15
unexpected behavior 18-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 18-6
status, displaying 18-24
multicast groups
Immediate Leave 23-5
joining 23-3
leaving 23-5
static joins 23-10
multicast packets
ACLs on 31-40
blocking 24-6
multicast router interfaces, monitoring 23-12
multicast router ports, adding 23-9
Multicast Source Discovery Protocol
See MSDP
multicast storm 24-2
multicast storm-control command 24-4
Multicast VLAN Registration
See MVR
Multiple HSRP
See MHSRP
Multiple Spanning Tree Protocol
See MSTP
MVR
and address aliasing 23-16
configuring interfaces 23-17
default configuration 23-15
described 23-13
in the switch stack 23-15
modes 23-17
monitoring 23-19
setting global parameters 23-16
support for 1-4
N
named IP ACLs 31-15
native VLAN
configuring 13-23
default 13-23
neighbor discovery/recovery, EIGRP 34-34
neighbors, BGP 34-54
network configuration examples
cost-effective wiring closet 1-14
high-performance wiring closet 1-14
increasing network performance 1-12
large network 1-18
long-distance, high-bandwidth transport 1-22
multidwelling network 1-21
providing network services 1-13
redundant Gigabit backbone 1-15
server aggregation and Linux server cluster 1-15
small to medium-sized network 1-17
network design
performance 1-13
services 1-13
network management
CDP 25-1
RMON 28-1
SNMP 30-1
Network Time Protocol
See NTP
no commands 2-4
non-IP traffic filtering 31-27
nontrunking mode 13-18
normal-range VLANs
configuration modes 13-7
defined 13-1
no switchport command 11-4
note, described xxxvi
not-so-stubby areas
See NSSA
NSSA, OSPF 34-29
NTP
associations
authenticating 7-5
defined 7-2
enabling broadcast messages 7-7
peer 7-6
server 7-6
default configuration 7-4
displaying the configuration 7-11
overview 7-2
restricting access
creating an access group 7-9
disabling NTP services per interface 7-10
source IP address, configuring 7-10
stratum 7-2
support for 1-5
synchronizing devices 7-6
time
services 7-2
synchronizing 7-2
O
offline configuration for switch stacks 5-7
Open Shortest Path First
See OSPF
optimizing system resources 8-1
options, management 1-4
OSPF
area parameters, configuring 34-29
configuring 34-27
default configuration
metrics 34-31
route 34-31
settings 34-26
described 34-25
interface parameters, configuring 34-28
LSA group pacing 34-32
monitoring 34-33
router IDs 34-32
route summarization 34-30
support for 1-8
virtual links 34-30
out-of-profile markdown 1-8
P
packet modification, with QoS 32-17
PAgP
See EtherChannel
parallel paths, in routing tables 34-62
passive interfaces
configuring 34-71
OSPF 34-31
passwords
default configuration 9-2
disabling recovery of 9-5
encrypting 9-4
for security 1-6
in clusters 6-14, 6-19
overview 9-1
recovery of 39-4
setting
enable 9-3
enable secret 9-4
Telnet 9-6
with usernames 9-7
VTP domain 14-9
path cost
MSTP 18-19
STP 17-20
PBR
defined 34-68
enabling 34-69
fast-switched policy-based routing 34-70
local policy-based routing 34-70
PC (passive command switch) 6-10, 6-21
peers, BGP 34-54
performance, network design 1-12
performance features 1-3
per-VLAN spanning-tree plus
See PVST+
physical ports 11-2
PIM
default configuration 36-8
dense mode
overview 36-4
rendezvous point (RP), described 36-4
RPF lookups 36-7
displaying neighbors 36-52
enabling a mode 36-11
overview 36-3
router-query message interval, modifying 36-26
shared tree and source tree, overview 36-23
shortest path tree, delaying the use of 36-25
sparse mode
join messages and shared tree 36-4
overview 36-4
prune messages 36-5
RPF lookups 36-7
support for 1-9
versions
interoperability 36-9
troubleshooting interoperability problems 36-23
v2 improvements 36-4
PIM-DVMRP, as snooping method 23-8
ping
character output description 39-15
executing 39-15
overview 39-14
PoE
configuring 11-19
support for 1-9
troubleshooting 39-13
policed-DSCP map for QoS 32-51
policers
configuring
for each matched traffic class 32-44
for more than one traffic class 32-47
described 32-3
displaying 32-67
number of 32-31
types of 32-8
policing
described 32-3
token-bucket algorithm 32-9
policy-based routing
See PBR
policy maps for QoS
characteristics of 32-44
configuring 32-44
described 32-7
displaying 32-68
POP 1-21
port ACLs
defined 31-2
types of 31-3
Port Aggregation Protocol
See EtherChannel
port-based authentication
accounting 10-5
authentication server
defined 10-2
RADIUS server 10-2
client, defined 10-2
configuration guidelines 10-12
configuring
802.1x authentication 10-13
guest VLAN 10-20
host mode 10-19
manual re-authentication of a client 10-16
periodic re-authentication 10-16
quiet period 10-17
RADIUS server 10-16
RADIUS server parameters on the switch 10-15
switch-to-client frame-retransmission number 10-18
switch-to-client retransmission time 10-17
default configuration 10-11
described 10-1
port-based authentication (continued)
device roles 10-2
displaying statistics 10-22
EAPOL-start frame 10-3
EAP-request/identity frame 10-3
EAP-response/identity frame 10-3
encapsulation 10-3
guest VLAN
configuration guidelines 10-9
described 10-8
initiation and message exchange 10-3
method lists 10-13
multiple-hosts mode, described 10-19
per-user ACLs
AAA authorization 10-13
configuration tasks 10-10
described 10-9
RADIUS server attributes 10-9
ports
authorization state and dot1x port-control command 10-4
authorized and unauthorized 10-4
voice VLAN 10-7
port security
and voice VLAN 10-6
described 10-6
interactions 10-6
multiple-hosts mode 10-19
resetting to default values 10-21
stack changes, effects of 10-10
statistics, displaying 10-22
switch
as proxy 10-2
RADIUS client 10-2
topologies, supported 10-5
upgrading from a previous release 10-13, 32-24
port-based authentication (continued)
VLAN assignment
AAA authorization 10-13
characteristics 10-8
configuration tasks 10-8
described 10-7
voice VLAN
described 10-7
PVID 10-7
VVID 10-7
port blocking 1-3, 24-6
port-channel
See EtherChannel
Port Fast
described 19-2
enabling 19-12
mode, spanning tree 13-29
support for 1-6
port membership modes, VLAN 13-3
port priority
MSTP 18-18
STP 17-18
ports
10-Gigabit Ethernet module 11-4
access 11-3
blocking 24-6
dynamic access 13-4
protected 24-5
routed 11-3
secure 24-7
static-access 13-3, 13-11
switch 11-2
trunks 13-3, 13-17
VLAN assignments 13-11
port security
aging 24-14
and QoS trusted boundary 32-35
and stacking 24-15
configuring 24-10
default configuration 24-9
described 24-7
displaying 24-16
on trunk ports 24-11, 24-12
sticky learning 24-8
violations 24-8
with other features 24-10
port-shutdown response, VMPS 13-28
Power over Ethernet
See PoE
preferential treatment of traffic
See QoS
prefix lists, BGP 34-51
preventing unauthorized access 9-1
primary links 20-1
primary VLANs 15-1, 15-3
priority
HSRP 35-6
overriding CoS 16-6
trusting CoS 16-6
private VLAN edge ports
See protected ports
private VLANs
across multiple switches 15-4
and SDM template 15-4
and SVIs 15-5
and switch stacks 15-5
benefits of 15-1
community ports 15-2
community VLANs 15-2, 15-3
private VLANs (continued)
configuration guidelines 15-7, 15-8
configuration tasks 15-6
configuring 15-10
default configuration 15-7
end station access to 15-3
IP addressing 15-3
isolated port 15-2
isolated VLANs 15-2, 15-3
mapping 15-14
monitoring 15-15
ports
community 15-2
configuration guidelines 15-8
configuring host ports 15-11
configuring promiscuous ports 15-13
described 13-4
isolated 15-2
promiscuous 15-2
primary VLANs 15-1, 15-3
promiscuous ports 15-2
secondary VLANs 15-2
subdomains 15-1
traffic in 15-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 9-9
command switch 6-23
exiting 9-10
in CMS 3-7
logging into 9-10
mapping on member switches 6-23
overview 9-2, 9-8
setting a command with 9-8
promiscuous ports
configuring 15-13
defined 15-2
protected ports 1-7, 24-5
protocol-dependent modules, EIGRP 34-35
Protocol-Independent Multicast Protocol
See PIM
provisioning new members for a switch stack 5-7
proxy ARP
configuring 34-11
definition 34-9
with IP routing disabled 34-12
pruning, VTP
disabling
in VTP domain 14-14
on a port 13-23
enabling
in VTP domain 14-14
on a port 13-22
examples 14-5
overview 14-5
pruning-eligible list
changing 13-22
for VTP pruning 14-5
VLANs 14-15
PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Q
QoS
and MQC commands 32-1
auto-QoS
categorizing traffic 32-18
configuration and defaults display 32-28
configuration guidelines 32-23
described 32-18
disabling 32-25
displaying generated commands 32-25
displaying the initial configuration 32-28
effects on running configuration 32-23
egress queue defaults 32-19
auto-QoS (continued)
enabling for VoIP 32-24
example configuration 32-26
ingress queue defaults 32-19
list of generated commands 32-20
basic model 32-3
classification
class maps, described 32-7
defined 32-3
flowchart 32-6
forwarding treatment 32-3
in frames and packets 32-2
IP ACLs, described 32-5, 32-7
MAC ACLs, described 32-5, 32-7
options for IP traffic 32-5
options for non-IP traffic 32-5
policy maps, described 32-7
trust DSCP, described 32-5
trusted CoS, described 32-5
trust IP precedence, described 32-5
class maps
configuring 32-42
displaying 32-67
configuration guidelines
auto-QoS 32-23
standard QoS 32-31
configuring
aggregate policers 32-47
auto-QoS 32-18
default port CoS value 32-34
DSCP maps 32-49
DSCP trust states bordering another domain 32-36
egress queue characteristics 32-60
ingress queue characteristics 32-55
IP extended ACLs 32-40
IP standard ACLs 32-38
MAC ACLs 32-41
policy maps 32-44
configuring (continued)
port trust states within the domain 32-32
trusted boundary 32-35
default auto configuration 32-18
default standard configuration 32-29
displaying statistics 32-67
egress queues
allocating buffer space 32-60
buffer allocation scheme, described 32-16
configuring shaped weights for SRR 32-64
configuring shared weights for SRR 32-65
described 32-4
displaying the threshold map 32-63
flowchart 32-15
mapping DSCP or CoS values 32-62
scheduling, described 32-4
setting WTD thresholds 32-60
WTD, described 32-17
enabling globally 32-32
flowcharts
classification 32-6
egress queueing and scheduling 32-15
ingress queueing and scheduling 32-13
policing and marking 32-9
implicit deny 32-7
ingress queues
allocating bandwidth 32-58
allocating buffer space 32-57
buffer and bandwidth allocation, described 32-14
configuring shared weights for SRR 32-58
configuring the priority queue 32-59
described 32-3
displaying the threshold map 32-56
flowchart 32-13
mapping DSCP or CoS values 32-56
priority queue, described 32-14
scheduling, described 32-3
ingress queues (continued)
setting WTD thresholds 32-56
WTD, described 32-14
IP phones
automatic classification and queueing 32-18
detection and trusted settings 32-18, 32-35
limiting bandwidth on egress interface 32-66
mapping tables
CoS-to-DSCP 32-50
displaying 32-67
DSCP-to-CoS 32-52
DSCP-to-DSCP-mutation 32-53
IP-precedence-to-DSCP 32-50
policed-DSCP 32-51
types of 32-10
marked-down actions 32-46
marking, described 32-3, 32-8
overview 32-1
packet modification 32-17
policers
configuring 32-46, 32-48
described 32-8
displaying 32-67
number of 32-31
types of 32-8
policies, attaching to an interface 32-9
policing
described 32-3, 32-8
token bucket algorithm 32-9
policy maps
characteristics of 32-44
configuring 32-44
displaying 32-68
QoS label, defined 32-3
queues
configuring egress characteristics 32-60
configuring ingress characteristics 32-55
high priority (expedite) 32-17, 32-66
location of 32-11
SRR, described 32-12
WTD, described 32-11
rewrites 32-17
support for 1-7
trust states
bordering another domain 32-36
described 32-5
trusted device 32-35
within the domain 32-32
quality of service
See QoS
queries, IGMP 23-4
R
RADIUS
attributes
vendor-proprietary 9-31
vendor-specific 9-29
configuring
accounting 9-28
authentication 9-23
authorization 9-27
communication, global 9-21, 9-29
communication, per-server 9-21
multiple UDP ports 9-21
default configuration 9-20
defining AAA server groups 9-25
displaying the configuration 9-31
identifying the server 9-21
in clusters 6-16
limiting the services to the user 9-27
method list, defined 9-20
operation of 9-19
overview 9-18
suggested network environments 9-18
support for 1-7
tracking services accessed by user 9-28
range
macro 11-10
of interfaces 11-9
rapid convergence 18-8
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Rapid Spanning Tree Protocol
See RSTP
RARP 34-9
rcommand command 6-23
RCP
configuration files
downloading B-17
overview B-16
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-31
preparing the server B-29
uploading B-33
reconfirmation interval, VMPS, changing 13-31
recovery procedures 39-1
redundancy
EtherChannel 33-2
HSRP 35-1
STP
backbone 17-9
multidrop backbone 19-5
path cost 13-26
port priority 13-24
redundant clusters
See cluster standby group
redundant links and UplinkFast 19-15
reliable transport protocol, EIGRP 34-34
reloading software 4-16
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
report suppression, IGMP
described 23-5
disabling 23-11
requirements
cluster
See release notes
resequencing ACL entries 31-15
resets, in BGP 34-46
resetting a UDLD-shutdown interface 26-6
restricting access
NTP services 7-8
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-18
TACACS+ 9-10
retry count, VMPS, changing 13-32
reverse address resolution 34-9
Reverse Address Resolution Protocol
See RARP
RFC
1058, RIP 34-20
1112, IP multicast and IGMP 23-2
1157, SNMPv1 30-2
1163, BGP 34-40
1166, IP addresses 34-6
1253, OSPF 34-25
1267, BGP 34-40
1305, NTP 7-2
1587, NSSAs 34-25
1757, RMON 28-2
1771, BGP 34-40
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 23-2
2273-2275, SNMPv3 30-2
RIP
advertisements 34-20
authentication 34-23
configuring 34-21
default configuration 34-20
described 34-20
hop counts 34-20
split horizon 34-23
summary addresses 34-23
support for 1-8
RMON
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
statistics
collecting group Ethernet 28-6
collecting group history 28-5
support for 1-9
root guard
described 19-10
enabling 19-17
support for 1-6
root switch
MSTP 18-15
STP 17-16
route calculation timers, OSPF 34-31
route dampening, BGP 34-58
routed packets, ACLs on 31-39
routed ports
configuring 34-4
defined 11-3
in switch clusters 6-8
IP addresses on 11-21, 34-5
route-map command 34-70
route maps
BGP 34-49
policy-based routing 34-68
router ACLs
defined 31-2
types of 31-4
route reflectors, BGP 34-57
router ID, OSPF 34-32
route selection, BGP 34-47
route summarization, OSPF 34-30
routing
default 34-2
dynamic 34-3
redistribution of information 34-64
static 34-2
routing domain confederation, BGP 34-56
Routing Information Protocol
See RIP
routing protocol administrative distances 34-63
RSPAN
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-11
destination ports 27-8
displaying status 27-24
in a switch stack 27-2
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-9, 27-1
received traffic 27-5
session limits 27-11
sessions
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-23
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
RSTP
active topology 18-7
BPDU
format 18-10
processing 18-11
designated port, defined 18-7
designated switch, defined 18-7
interoperability with 802.1D
described 18-6
restarting migration process 18-23
topology changes 18-11
overview 18-6
port roles
described 18-7
synchronized 18-9
proposal-agreement handshake process 18-8
rapid convergence
cross-stack rapid convergence 18-8
described 18-8
edge ports and Port Fast 18-8
point-to-point links 18-8, 18-23
root ports 18-8
root port, defined 18-7
See also MSTP
running configuration, saving 4-10
S
SC (standby command switch) 6-10, 6-20
scheduled reloads 4-16
SDM
described 8-1
switch stack consideration 5-10
templates
configuring 8-4
number of 8-1
SDM mismatch mode 5-10, 8-2
SDM template
aggregator 8-1
configuring 8-3
desktop 8-1
types of 8-1
secondary VLANs 15-2
secure MAC addresses
and switch stacks 24-16
deleting 24-13
maximum number of 24-8
types of 24-8
secure ports
and switch stacks 24-15
configuring 24-7
secure remote connections 9-38
Secure Shell
See SSH
security, port 24-7
security features 1-6
sequence numbers in log messages 29-8
server mode, VTP 14-3
service-provider network, MSTP and RSTP 18-1
set-request operation 30-5
setup (CLI) program 1-10
See also hardware installation guide
setup program
failed command switch replacement 39-11
replacing failed command switch 39-9
severity levels, defining in system messages 29-9
SFPs
monitoring status of 1-9, 11-24, 39-14
numbering of 11-8
security and identification 39-13
status
displaying 1-9
shaped round robin
See SRR
show access-lists hw-summary command 31-22
show and more command output, filtering 2-8
show cdp traffic command 25-5
show cluster members command 6-23
show configuration command 11-20
show forward command 39-23
show interfaces command 11-16, 11-20
show platform forward command 39-23
show running-config command
displaying ACLs 31-20, 31-21, 31-32, 31-34
interface description in 11-20
shutdown command on interfaces 11-25
Simple Network Management Protocol
See SNMP
small form-factor pluggable modules
See SFPs
Smartports macros
applying Cisco-default macros 12-6
applying global parameter values 12-5, 12-6
applying macros 12-5
applying parameter values 12-5, 12-7
configuration guidelines 12-3
creating 12-4
default configuration 12-2
defined 12-1
displaying 12-8
tracing 12-3
website 12-2
SNAP 25-1
SNMP
accessing MIB variables with 30-5
agent
described 30-4
disabling 30-8
authentication level 30-11
community strings
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-16
default configuration 30-7
engine ID 30-7
groups 30-7, 30-10
host 30-7
ifIndex values 30-6
in-band management 1-5
in clusters 6-14
informs
and trap keyword 30-12
described 30-5
differences from traps 30-5
disabling 30-15
enabling 30-15
limiting access by TFTP servers 30-16
limiting system log messages to NMS 29-10
manager functions 1-4, 30-3
managing clusters with 6-24
MIBs
location of A-3
supported A-1
notifications 30-5
overview 30-1, 30-5
security levels 30-3
status, displaying 30-17
system contact and location 30-15
trap manager, configuring 30-14
traps
described 30-3, 30-5
differences from informs 30-5
disabling 30-15
enabling 30-12
enabling MAC address notification 7-23
overview 30-1, 30-5
types of 30-12
users 30-7, 30-10
versions supported 30-2
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 23-1
software compatibility
See stacks, switch
software images
location in flash B-20
recovery procedures 39-2
scheduling reloads 4-16
tar file format, described B-21
See also downloading and uploading
source addresses, in ACLs 31-12
source-and-destination-IP address based forwarding, EtherChannel 33-8
source-and-destination MAC address forwarding, EtherChannel 33-8
source-IP address based forwarding, EtherChannel 33-8
source-MAC address forwarding, EtherChannel 33-8
SPAN
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-11
destination ports 27-8
displaying status 27-24
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-8
overview 1-9, 27-1
received traffic 27-5
session limits 27-11
sessions
configuring ingress forwarding 27-16, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-14
specifying monitored ports 27-12
with ingress traffic enabled 27-15
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 13-19
Spanning Tree Protocol
See STP
SPAN traffic 27-5
speed, configuring on interfaces 11-14
split horizon
IGRP 34-24
RIP 34-23
SRR
configuring
shaped weights on egress queues 32-64
shared weights on egress queues 32-65
shared weights on ingress queues 32-58
described 32-12
shaped mode 32-12
shared mode 32-12
support for 1-8
SSH
configuring 9-39
cryptographic software image 9-37
described 1-5, 9-38
encryption methods 9-38
switch stack considerations 5-14, 9-38
user authentication methods, supported 9-38
stack changes, effects on
802.1x port-based authentication 10-10
ACL configuration 31-6
CDP 25-2
cross-stack EtherChannel 33-12
EtherChannel 33-9
fallback bridging 38-3
HSRP 35-2
IGMP snooping 23-6
IP routing 34-3
MAC address tables 7-22
MSTP 18-6
multicast routing 36-8
MVR 23-13
port security 24-15
SDM template selection 8-2
SNMP 30-1
SPAN and RSPAN 27-10
STP 17-12
switch clusters 6-14
system message log 29-2
VLANs 13-7
VTP 14-6
stack master
bridge ID (MAC address) 5-5
defined 5-1
election 5-4
re-election 5-4
See also stacks, switch
stack member
accessing CLI of specific member 5-19
configuring
member number 5-17
priority value 5-18
defined 5-1
displaying information of 5-20
number 5-6
priority value 5-7
provisioning a new member 5-18
replacing 5-13
See also stacks, switch
stack member number 11-7
stack protocol version 5-11
stacks, switch
accessing CLI of specific member 5-19
assigning information
member number 5-17
priority value 5-18
provisioning a new member 5-18
benefits 1-2
bridge ID 5-5
CDP considerations 25-2
compatibility, software 5-10
configuration file 5-12
configuration scenarios 5-15
copying an image file from one member to another B-34
default configuration 5-17
description of 5-1
displaying information of 5-20
HSRP considerations 35-2
in clusters 6-14
incompatible software and image upgrades 5-11, B-34
stacks, switch (continued)
MAC address considerations 7-22
management connectivity 5-14
managing 5-1
membership 5-3
merged 5-3
MSTP instances supported 17-10
multicast routing, stack master and member roles 36-8
offline configuration
described 5-7
effects of adding a provisioned switch 5-8
effects of removing a provisioned switch 5-10
effects of replacing a provisioned switch 5-10
provisioned configuration, defined 5-7
provisioned switch, defined 5-7
provisioning a new member 5-18
partitioned 5-3, 39-8
provisioned switch
adding 5-8
removing 5-10
replacing 5-10
replacing a failed member 5-13
See also stack master and stack member
software compatibility 5-10
software image version 5-11
stack protocol version 5-11
STP
bridge ID 17-3
instances supported 17-10
root port selection 17-3
stack root switch election 17-3
system messages
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 7-14
system-wide configuration considerations 5-13
upgrading B-34
StackWise technology, Cisco 1-3
See also stacks, switch
Standby Command Configuration window 6-21
standby command switch
configuring 6-20
considerations 6-11
defined 6-2
priority 6-10
requirements 6-3
virtual IP address 6-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 35-4
standby links 20-1
standby router 35-1
standby timers, HSRP 35-9
startup configuration
booting
manually 4-13
specific image 4-13
clearing B-19
configuration file
automatically downloading 4-12
specifying the filename 4-12
default boot configuration 4-12
static access ports
assigning to VLAN 13-11
defined 11-3, 13-3
static addresses
See addresses
static IP routing 1-8
static MAC addressing 1-6
static routes, configuring 34-62
static routing 34-2
static VLAN membership 13-2
statistics
802.1x 10-22
CDP 25-5
interface 11-24
IP multicast routing 36-51
OSPF 34-33
QoS ingress and egress 32-67
RMON group Ethernet 28-6
RMON group history 28-5
SNMP input and output 30-17
VTP 14-16
sticky learning 24-8
storm control
configuring 24-3
described 24-2
displaying 24-16
support for 1-3
thresholds 24-2
STP
802.1D and bridge ID 17-4
802.1D and multicast addresses 17-9
802.1t and VLAN identifier 17-4
accelerating root port selection 19-4
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
BPDU message exchange 17-3
configuration guidelines 17-13, 19-12
configuring
forward-delay time 17-23
hello time 17-22
maximum aging time 17-23
path cost 17-20
port priority 17-18
root switch 17-16
secondary root switch 17-17
spanning-tree mode 17-14
switch priority 17-21
counters, clearing 17-24
cross-stack UplinkFast
described 19-5
enabling 19-16
default configuration 17-13
default optional feature configuration 19-12
designated port, defined 17-4
designated switch, defined 17-4
detecting indirect link failures 19-8
disabling 17-15
displaying status 17-24
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
extended system ID
effects on root switch 17-16
effects on the secondary root switch 17-17
overview 17-4
unexpected behavior 17-16
features supported 1-5
inferior BPDU 17-3
instances supported 17-10
interface state, blocking to forwarding 19-2
interface states
blocking 17-7
disabled 17-8
forwarding 17-6, 17-7
learning 17-7
listening 17-7
overview 17-5
interoperability and compatibility among modes 17-11
keepalive messages 17-2
limitations with 802.1Q trunks 17-11
load sharing
overview 13-24
using path costs 13-26
using port priorities 13-24
loop guard
described 19-11
enabling 19-18
modes supported 17-10
multicast addresses, effect of 17-9
optional features supported 1-6
overview 17-2
path costs 13-26, 13-27
Port Fast
described 19-2
enabling 19-12
port priorities 13-25
preventing root switch selection 19-10
protocols supported 17-10
redundant connectivity 17-9
root guard
described 19-10
enabling 19-17
root port, defined 17-3
root port selection on a switch stack 17-3
root switch
configuring 17-16
effects of extended system ID 17-4, 17-16
election 17-3
unexpected behavior 17-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 17-12
status, displaying 17-24
superior BPDU 17-3
timers, described 17-22
UplinkFast
described 19-4
enabling 19-15
VLAN-bridge 17-12
stratum, NTP 7-2
stub areas, OSPF 34-29
subdomains, private VLAN 15-1
subnet mask 34-6
subnet zero 34-7
success response, VMPS 13-28
summer time 7-13
SunNet Manager 1-4
supernet 34-7
SVIs
and IP unicast routing 34-4
and router ACLs 31-4
connecting VLANs 11-6
defined 11-4
routing between VLANs 13-2
switch clustering technology 6-1
See also clusters, switch
switch console port 1-5
Switch Database Management
See SDM
switched packets, ACLs on 31-38
Switched Port Analyzer
See SPAN
switched ports 11-2
Switch Manager 3-10
switchport block multicast command 24-6
switchport block unicast command 24-6
switchport command 11-13
switchport protected command 24-5
switch priority
MSTP 18-20
STP 17-21
switch software features 1-1
switch virtual interface
See SVI
synchronization, BGP 34-44
syslog
See system message logging
system clock
configuring
daylight saving time 7-13
manually 7-11
summer time 7-13
time zones 7-12
displaying the time and date 7-12
overview 7-2
See also NTP
system message logging
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-13
enabling 29-5
facility keywords, described 29-13
level keywords, described 29-9
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
system message logging (continued)
stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-9
time stamps, enabling and disabling 29-7
UNIX syslog servers
configuring the daemon 29-11
configuring the logging facility 29-12
facilities supported 29-13
system name
default configuration 7-15
default setting 7-15
manual configuration 7-15
See also DNS
system prompt
default setting 7-14 to 7-15
manual configuration 7-16
system resources, optimizing 8-1
T
TACACS+
accounting, defined 9-11
authentication, defined 9-11
authorization, defined 9-11
configuring
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-17
identifying the server 9-13
in clusters 6-16
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-7
tracking services accessed by user 9-17
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
TDR 1-9
Telnet
accessing management interfaces 2-9
from a browser 2-10
number of connections 1-5
setting a password 9-6
templates, SDM 8-1
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 9-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-11
configuration files in base directory 4-6
configuring for autoconfiguration 4-5
image files
deleting B-24
downloading B-23
preparing the server B-22
uploading B-24
limiting access by servers 30-16
TFTP server 1-4
threshold, traffic level 24-2
time
See NTP and system clock
Time Domain Reflector
See TDR
time-range command 31-17
time ranges in ACLs 31-17
time stamps in log messages 29-7
time zones 7-12
Token Ring VLANs
support for 13-6
VTP support 14-4
Topology view, described 3-2, 3-15
ToS 1-7
traceroute, Layer 2
and ARP 39-17
and CDP 39-16
broadcast traffic 39-16
described 39-16
IP addresses and subnets 39-17
MAC addresses and VLANs 39-16
multicast traffic 39-16
multiple devices on a port 39-17
unicast traffic 39-16
usage guidelines 39-16
traceroute command 39-18
See also IP traceroute
traffic
blocking flooded 24-6
fragmented 31-5
unfragmented 31-5
traffic policing 1-8
traffic suppression 24-2
transparent mode, VTP 14-3, 14-12
trap-door mechanism 4-2
traps
configuring MAC address notification 7-23
configuring managers 30-12
defined 30-3
enabling 7-23, 30-12
notification types 30-12
overview 30-1, 30-5
troubleshooting
connectivity problems 39-14, 39-16, 39-17
detecting unidirectional links 26-1
displaying crash information 39-25
PIMv1 and PIMv2 interoperability problems 36-23
setting packet forwarding 39-23
troubleshooting (continued)
SFP security and identification 39-13
show forward command 39-23
with CiscoWorks 30-5
with debug commands 39-21
with ping 39-14
with system message logging 29-1
with traceroute 39-17
trunking encapsulation 1-6
trunk ports
configuring 13-20
defined 11-3, 13-3
encapsulation 13-20, 13-25, 13-27
secure MAC addresses on 24-11, 24-12
trunks
allowed-VLAN list 13-21
configuring 13-20, 13-25, 13-27
ISL 13-17
load sharing
setting STP path costs 13-26
using STP port priorities 13-24, 13-25
native VLAN for untagged traffic 13-23
parallel 13-26
pruning-eligible list 13-22
to non-DTP device 13-17
understanding 13-17
trusted boundary for QoS 32-35
trusted port states
between QoS domains 32-36
classification options 32-5
ensuring port security for IP phones 32-35
support for 1-8
within a QoS domain 32-32
twisted-pair Ethernet, detecting unidirectional links 26-1
type of service
See ToS
U
UDLD
default configuration 26-4
disabling
fiber-optic interfaces 26-5
globally 26-5
per interface 26-6
echoing detection mechanism 26-3
enabling
globally 26-5
per interface 26-6
link-detection mechanism 26-1
neighbor database 26-2
overview 26-1
resetting an interface 26-6
status, displaying 26-7
support for 1-5
UDP, configuring 34-16
unauthorized ports with 802.1x 10-4
unicast MAC address filtering 1-4
and adding static addresses 7-27
and broadcast MAC addresses 7-26
and CPU packets 7-26
and multicast addresses 7-26
and router MAC addresses 7-26
configuration guidelines 7-26
described 7-26
unicast storm 24-2
unicast storm control command 24-4
unicast traffic, blocking 24-6
UniDirectional Link Detection protocol
See UDLD
UNIX syslog servers
daemon configuration 29-11
facilities supported 29-13
message logging configuration 29-12
unrecognized Type-Length-Value (TLV) support 14-4
upgrading information
See release notes
upgrading software images
See downloading
UplinkFast
described 19-4
disabling 19-16
enabling 19-15
support for 1-5
uploading
configuration files
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
image files
preparing B-22, B-25, B-29
reasons for B-20
using FTP B-28
using RCP B-33
using TFTP B-24
User Datagram Protocol
See UDP
user EXEC mode 2-2
username-based authentication 9-7
V
version-dependent transparent mode 14-4
version mismatch (VM) mode 5-12
virtual IP address
cluster standby group 6-11, 6-21
command switch 6-11, 6-21
See also IP addresses
virtual router 35-1, 35-2
vlan.dat file 13-5
VLAN 1, disabling on a trunk port 13-22
VLAN 1 minimization 13-21
VLAN ACLs
See VLAN maps
vlan-assignment response, VMPS 13-28
VLAN configuration
at bootup 13-8
saving 13-8
VLAN configuration mode 2-2, 13-7
VLAN database
and startup configuration file 13-8
and VTP 14-1
VLAN configuration saved in 13-8
VLANs saved in 13-5
vlan database command 13-7
VLAN filtering and SPAN 27-7
vlan global configuration command 13-7
VLAN ID, discovering 7-28
VLAN management domain 14-2
VLAN Management Policy Server
See VMPS
VLAN map entries, order of 31-30
VLAN maps
applying 31-34
common uses for 31-34
configuration example 31-35
configuration guidelines 31-30
configuring 31-30
creating 31-31
defined 31-2
denying access example 31-36
denying and permitting packets 31-32
displaying 31-41
examples 31-36
removing 31-34
support for 1-7
with router ACLs 31-40
VLAN membership
confirming 13-31
modes 13-3
VLAN Query Protocol
See VQP
VLANs
adding 13-9
adding to VLAN database 13-9
aging dynamic addresses 17-10
allowed on trunk 13-21
and spanning-tree instances 13-3, 13-7, 13-13
configuration guidelines, extended-range VLANs 13-13
configuration guidelines, normal-range VLANs 13-6
configuration options 13-7
configuring 13-1
configuring IDs 1006 to 4094 13-13
connecting through SVIs 11-6
creating in config-vlan mode 13-9
creating in VLAN configuration mode 13-10
default configuration 13-8
deleting 13-11
described 11-2, 13-1
displaying 13-16
extended-range 13-1, 13-12
features 1-6
illustrated 13-2
internal 13-13
in the switch stack 13-7
limiting source traffic with RSPAN 27-23
limiting source traffic with SPAN 27-16
modifying 13-9
native, configuring 13-23
normal-range 13-1, 13-5
number supported 1-6
parameters 13-5
port membership modes 13-3
static-access ports 13-11
STP and 802.1Q trunks 17-11
supported 13-3
Token Ring 13-6
traffic between 13-2
VLAN-bridge STP 17-12, 38-2
VTP modes 14-3
VLAN Trunking Protocol
See VTP
VLAN trunks 13-17
VMPS
administering 13-32
configuration example 13-33
configuration guidelines 13-29
default configuration 13-29
description 13-27
dynamic port membership
described 13-28
reconfirming 13-31
troubleshooting 13-33
entering server address 13-30
mapping MAC addresses to VLANs 13-28
monitoring 13-32
reconfirmation interval, changing 13-31
reconfirming membership 13-31
retry count, changing 13-32
voice-over-IP 16-1
voice VLAN
Cisco 7960 phone, port connections 16-1
configuration guidelines 8-4, 16-3
configuring IP phones for data traffic
override CoS of incoming frame 16-6
trust CoS priority of incoming frame 16-6
configuring ports for voice traffic in
802.1p priority tagged frames 16-5
802.1Q frames 16-4
connecting to an IP phone 16-4
default configuration 16-3
described 16-1
displaying 16-6
VQP 1-6, 13-27
VTP
adding a client to a domain 14-15
advertisements 13-19, 14-3, 14-4
and extended-range VLANs 14-2
and normal-range VLANs 14-2
client mode, configuring 14-11
configuration
global configuration mode 14-7
guidelines 14-8
privileged EXEC mode 14-7
requirements 14-9
saving 14-8
VLAN configuration mode 14-8
configuration mode options 14-7
configuration requirements 14-9
configuration revision number
guideline 14-15
resetting 14-15
configuring
client mode 14-11
server mode 14-10
transparent mode 14-12
consistency checks 14-4
default configuration 14-7
described 14-1
disabling 14-12
domain names 14-8
domains 14-2
modes
client 14-3, 14-11
server 14-3, 14-10
transitions 14-3
transparent 14-3, 14-12
monitoring 14-16
passwords 14-9
pruning
disabling 14-14
enabling 14-14
examples 14-5
overview 14-5
support for 1-6
pruning-eligible list, changing 13-22
server mode, configuring 14-10
statistics 14-16
support for 1-6
Token Ring support 14-4
transparent mode, configuring 14-12
using 14-1
version, guidelines 14-9
Version 1 14-4
Version 2
configuration guidelines 14-9
disabling 14-14
enabling 14-13
overview 14-4
W
weighted tail drop
See WTD
wizards 1-2, 3-6
WTD
described 32-11
setting thresholds
egress queue-sets 32-60
ingress queues 32-56
support for 1-8
X
Xmodem protocol 39-2