Index
Numerics
10-Gigabit Ethernet interfaces 1-7
802.1AE
standard 1-2
802.1AE Tagging 1-2
802.1x-REV 1-2
A
AAA down policy, NAC Layer 2 IP validation 1-13
abbreviating commands 1-3
ABRs 1-27
AC (command switch) 1-10
access control entries
See ACEs
access-denied response, VMPS 1-26
access groups
applying IPv4 ACLs to interfaces 1-22
Layer 3 1-22
access groups, applying IPv4 ACLs to interfaces 1-22
accessing
clusters, switch 1-13
command switches 1-11
member switches 1-13
switch clusters 1-13
accessing stack members 1-30
access lists
See ACLs
access ports
and Layer 2 protocol tunneling 1-12
defined 1-3
in switch clusters 1-9
access template 1-2
accounting
with 802.1x 1-53
with IEEE 802.1x 1-14
with RADIUS 1-34
with TACACS+ 1-11, 1-17
ACEs
and QoS 1-8
defined 1-2
Ethernet 1-2
IP 1-2
ACLs
ACEs 1-2
applying
on bridged packets 1-42
on multicast packets 1-43
on routed packets 1-43
on switched packets 1-41
time ranges to 1-18
to an interface 1-21, 1-7
to QoS 1-7
classifying traffic for QoS 1-49
comments in 1-20
compiling 1-24
defined 1-2, 1-8
examples of 1-24, 1-49
extended IP, configuring for QoS classification 1-50
extended IPv4
creating 1-11
matching criteria 1-8
hardware and software handling 1-23
IP
creating 1-8
fragments and QoS guidelines 1-39
implicit deny 1-11, 1-15, 1-18
implicit masks 1-11
matching criteria 1-8
undefined 1-23
IPv4
applying to interfaces 1-21
creating 1-8
matching criteria 1-8
named 1-16
numbers 1-9
terminal lines, setting on 1-20
unsupported features 1-7
IPv6
and stacking 1-3
applying to interfaces 1-7
configuring 1-4, 1-5
displaying 1-8
interactions with other features 1-4
limitations 1-3
matching criteria 1-3
named 1-3
precedence of 1-2
supported 1-2
unsupported features 1-3
Layer 4 information in 1-41
logging messages 1-9
MAC extended 1-29, 1-53
matching 1-8, 1-22
monitoring 1-44, 1-8
named
IPv4 1-16
IPv6 1-3
names 1-4
number per QoS class map 1-39
port 1-3, 1-2
precedence of 1-3
QoS 1-7, 1-49
resequencing entries 1-16
router 1-3, 1-2
router ACLs and VLAN map configuration guidelines 1-40
standard IP, configuring for QoS classification 1-49, 1-51
standard IPv4
creating 1-10
matching criteria 1-8
support for 1-11
support in hardware 1-23
time ranges 1-18
types supported 1-2
unsupported features
IPv4 1-7
IPv6 1-3
using router ACLs with VLAN maps 1-40
VLAN maps
configuration guidelines 1-33
configuring 1-32
active link 1-4, 1-5, 1-6
active links 1-2
active router 1-2
active traffic monitoring, IP SLAs 1-1
address aliasing 1-2
addresses
displaying the MAC address table 1-23
dynamic
accelerated aging 1-9
changing the aging time 1-14
default aging 1-9
defined 1-12
learning 1-13
removing 1-15
IPv6 1-2
MAC, discovering 1-24
multicast
group address range 1-3
STP address management 1-9
static
adding and removing 1-20
defined 1-12
address resolution 1-24, 1-10
Address Resolution Protocol
See ARP
adjacency tables, with CEF 1-92
administrative distances
defined 1-104
OSPF 1-35
routing protocol defaults 1-94
administrative VLAN
REP, configuring 1-8
administrative VLAN, REP 1-8
advertisements
CDP 1-1
LLDP 1-2
RIP 1-21
VTP 1-17, 1-3, 1-4
age timer, REP 1-8
aggregatable global unicast addresses 1-3
aggregate addresses, BGP 1-62
aggregated ports
See EtherChannel
aggregate policers 1-71
aggregate policing 1-15
aging, accelerating 1-9
aging time
accelerated
for MSTP 1-24
for STP 1-9, 1-24
MAC address table 1-14
maximum
for MSTP 1-24, 1-25
for STP 1-24, 1-25
alarms, RMON 1-3
allowed-VLAN list 1-19
application engines, redirecting traffic to 1-1
area border routers
See ABRs
area routing
IS-IS 1-67
ISO IGRP 1-67
ARP
configuring 1-11
defined 1-7, 1-24, 1-10
encapsulation 1-11
static cache configuration 1-11
table
address resolution 1-24
managing 1-24
ASBRs 1-27
AS-path filters, BGP 1-56
asymmetrical links, and IEEE 802.1Q tunneling 1-4
attributes, RADIUS
vendor-proprietary 1-36
vendor-specific 1-35
attribute-value pairs 1-20
authentication
EIGRP 1-43
HSRP 1-10
local mode with AAA 1-43
open1x 1-31
RADIUS
key 1-27
login 1-29
TACACS+
defined 1-11
key 1-13
login 1-14
See also port-based authentication
authentication failed VLAN
See restricted VLAN
authentication keys, and routing protocols 1-105
authentication manager
CLI commands 1-9
compatibility with older 802.1x CLI commands 1-9 to 1-10
overview 1-7
single session ID 1-35
authoritative time source, described 1-2
authorization
with RADIUS 1-33
with TACACS+ 1-11, 1-16
authorized ports with IEEE 802.1x 1-10
autoconfiguration 1-3
auto enablement 1-33
automatic advise (auto-advise) in switch stacks 1-13
automatic copy (auto-copy) in switch stacks 1-13
automatic discovery
considerations
beyond a noncandidate device 1-8
brand new switches 1-9
connectivity 1-5
different VLANs 1-7
management VLANs 1-7
non-CDP-capable devices 1-6
noncluster-capable devices 1-6
routed ports 1-8
in switch clusters 1-5
See also CDP
automatic extraction (auto-extract) in switch stacks 1-13
automatic QoS
See QoS
automatic recovery, clusters 1-10
See also HSRP
automatic upgrades (auto-upgrade) in switch stacks 1-12
auto-MDIX
configuring 1-35
described 1-34
autonegotiation
duplex mode 1-4
interface configuration guidelines 1-32
mismatches 1-13
autonomous system boundary routers
See ASBRs
autonomous systems, in BGP 1-50
Auto-RP, described 1-7
autosensing, port speed 1-4
autostate exclude 1-6
auxiliary VLAN
See voice VLAN
availability, features 1-9
B
BackboneFast
described 1-7
disabling 1-17
enabling 1-16
support for 1-9
backup interfaces
See Flex Links
backup links 1-2
backup static routing, configuring 1-12
banners
configuring
login 1-12
message-of-the-day login 1-11
default configuration 1-10
when displayed 1-10
Berkeley r-tools replacement 1-54
BGP
aggregate addresses 1-62
aggregate routes, configuring 1-62
CIDR 1-62
clear commands 1-65
community filtering 1-59
configuring neighbors 1-60
default configuration 1-47
described 1-47
enabling 1-50
monitoring 1-65
multipath support 1-54
neighbors, types of 1-50
path selection 1-54
peers, configuring 1-60
prefix filtering 1-58
resetting sessions 1-52
route dampening 1-64
route maps 1-56
route reflectors 1-63
routing domain confederation 1-63
routing session with multi-VRF CE 1-86
show commands 1-65
supernets 1-62
support for 1-16
Version 4 1-47
binding cluster group and HSRP group 1-12
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 1-6
DHCP snooping database 1-6
IP source guard 1-16
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 1-7
Boolean expressions in tracked lists 1-4
booting
boot loader, function of 1-2
boot process 1-2
manually 1-19
specific image 1-20
boot loader
accessing 1-21
described 1-2
environment variables 1-21
prompt 1-21
trap-door mechanism 1-2
Boot Loader Upgrade and Image Verification for the FIPS Mode of Operation 1-25
bootstrap router (BSR), described 1-7
Border Gateway Protocol
See BGP
BPDU
error-disabled state 1-2
filtering 1-3
RSTP format 1-12
BPDU filtering
described 1-3
disabling 1-15
enabling 1-14
support for 1-9
BPDU guard
described 1-2
disabling 1-14
enabling 1-13
support for 1-9
bridged packets, ACLs on 1-42
bridge groups
See fallback bridging
bridge protocol data unit
See BPDU
broadcast flooding 1-18
broadcast packets
directed 1-15
flooded 1-15
broadcast storm-control command 1-4
broadcast storms 1-1, 1-15
C
cables, monitoring for unidirectional links 1-1
candidate switch
automatic discovery 1-5
defined 1-4
requirements 1-4
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 1-51
defined 1-49
CDP
and trusted boundary 1-45
automatic discovery in switch clusters 1-5
configuring 1-2
default configuration 1-2
defined with LLDP 1-1
described 1-1
disabling for routing device 1-4
enabling and disabling
on an interface 1-4
on a switch 1-4
Layer 2 protocol tunneling 1-8
monitoring 1-5
overview 1-1
power negotiation extensions 1-8
support for 1-7
switch stack considerations 1-2
transmission timer and holdtime, setting 1-2
updates 1-2
CEF
defined 1-91
distributed 1-92
IPv6 1-30
CGMP
as IGMP snooping learning method 1-9
enabling server support 1-45
joining multicast group 1-3
overview 1-9
server support only 1-9
switch support of 1-5
CIDR 1-62
CipherSuites 1-50
Cisco 7960 IP Phone 1-1
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco intelligent power management 1-8
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
See IFS
Cisco IOS IP SLAs 1-2
Cisco Redundant Power System 2300
configuring 1-46
managing 1-46
Cisco Secure ACS
attribute-value pairs for downloadable ACLs 1-20
attribute-value pairs for redirect URL 1-20
Cisco StackWise Plus technology 1-3
See also stacks, switch
Cisco TrustSec
credentials 1-10
switch-to-switch security
802.1x mode 1-11
configuration example 1-14
manual mode 1-12
Cisco TrustSec Network Device Admission Control
See NDAC
CiscoWorks 2000 1-6, 1-4
CISP 1-33
CIST regional root
See MSTP
CIST root
See MSTP
civic location 1-3
classless interdomain routing
See CIDR
classless routing 1-8
class maps for QoS
configuring 1-54
described 1-8
class of service
See CoS
clearing interfaces 1-53
CLI
abbreviating commands 1-3
command modes 1-1
configuration logging 1-4
described 1-6
editing features
enabling and disabling 1-6
keystroke editing 1-7
wrapped lines 1-8
error messages 1-4
filtering command output 1-9
getting help 1-3
history
changing the buffer size 1-5
described 1-5
disabling 1-6
recalling commands 1-6
managing clusters 1-16
no and default forms of commands 1-4
Client Information Signalling Protocol
See CISP
client mode, VTP 1-3
client processes, tracking 1-1
CLNS
See ISO CLNS
clock
See system clock
clusters, switch
accessing 1-13
automatic discovery 1-5
automatic recovery 1-10
benefits 1-2
compatibility 1-4
described 1-1
LRE profile considerations 1-16
managing
through CLI 1-16
through SNMP 1-17
planning 1-4
planning considerations
automatic discovery 1-5
automatic recovery 1-10
CLI 1-16
host names 1-13
IP addresses 1-13
LRE profiles 1-16
passwords 1-14
RADIUS 1-16
SNMP 1-14, 1-17
switch stacks 1-14
TACACS+ 1-16
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
cluster standby group
and HSRP group 1-12
automatic recovery 1-12
considerations 1-11
defined 1-2
requirements 1-3
virtual IP address 1-11
See also HSRP
CNS
Configuration Engine
configID, deviceID, hostname 1-3
configuration service 1-2
described 1-1
event service 1-3
embedded agents
described 1-5
enabling automated configuration 1-6
enabling configuration agent 1-9
enabling event agent 1-8
management functions 1-6
CoA Request Commands 1-23
Coarse Wave Division Multiplexer
See CWDM SFPs
command-line interface
See CLI
command modes 1-1
commands
abbreviating 1-3
no and default 1-4
commands, setting privilege levels 1-8
command switch
accessing 1-11
active (AC) 1-10
configuration conflicts 1-12
defined 1-2
passive (PC) 1-10
password privilege levels 1-17
priority 1-10
recovery
from command-switch failure 1-10, 1-9
from lost member connectivity 1-12
redundant 1-10
replacing
with another switch 1-11
with cluster member 1-9
requirements 1-3
standby (SC) 1-10
See also candidate switch, cluster standby group, member switch, and standby command switch
Common Criteria 1-11
common session ID
see single session ID 1-35
community list, BGP 1-59
community ports 1-2
community strings
configuring 1-14, 1-8
for cluster switches 1-4
in clusters 1-14
overview 1-4
SNMP 1-14
community VLANs 1-2, 1-3
compatibility, feature 1-12
compatibility, software
See stacks, switch
configurable leave timer, IGMP 1-6
configuration, initial
defaults 1-20
Express Setup 1-2
configuration conflicts, recovering from lost member connectivity 1-12
configuration examples, network 1-23
configuration files
archiving 1-21
clearing the startup configuration 1-20
creating and using, guidelines for 1-10
creating using a text editor 1-11
deleting a stored configuration 1-20
described 1-9
downloading
automatically 1-18
preparing 1-11, 1-14, 1-17
reasons for 1-9
using FTP 1-14
using RCP 1-18
using TFTP 1-12
invalid combinations when copying 1-6
limiting TFTP server access 1-17
obtaining with DHCP 1-9
password recovery disable considerations 1-5
replacing and rolling back, guidelines for 1-22
replacing a running configuration 1-20, 1-21
rolling back a running configuration 1-20, 1-22
specifying the filename 1-19
system contact and location information 1-16
types and location 1-10
uploading
preparing 1-11, 1-14, 1-17
reasons for 1-9
using FTP 1-16
using RCP 1-19
using TFTP 1-13
configuration guidelines
REP 1-7
configuration guidelines, multi-VRF CE 1-79
configuration logging 1-4
configuration replacement 1-20
configuration rollback 1-20, 1-21
configuration settings, saving 1-16
configure terminal command 1-21
Configuring First Hop Security in IPv6 1-19
Configuring IPv6 Source Guard 1-22
configuring multicast VRFs 1-85
configuring port-based authentication violation modes 1-43 to 1-44
configuring small-frame arrival rate 1-5
Configuring VACL Logging 1-39
conflicts, configuration 1-12
connections, secure remote 1-44
connectivity problems 1-15, 1-16, 1-18
consistency checks in VTP Version 2 1-5
console port
RJ-45 1-16
USB 1-16
console port, connecting to 1-10
content-routing technology
See WCCP
control protocol, IP SLAs 1-4
convergence
REP 1-4
corrupted software, recovery steps with Xmodem 1-2
CoS
in Layer 2 frames 1-2
override priority 1-6
trust priority 1-6
CoS input queue threshold map for QoS 1-18
CoS output queue threshold map for QoS 1-21
CoS-to-DSCP map for QoS 1-73
counters, clearing interface 1-53
CPU utilization, troubleshooting 1-29
crashinfo file 1-24
critical authentication, IEEE 802.1x 1-63
critical VLAN 1-23
cross-stack EtherChannel
configuration guidelines 1-13
configuring
on Layer 2 interfaces 1-13
on Layer 3 physical interfaces 1-16
described 1-3
illustration 1-4
support for 1-9
cross-stack UplinkFast, STP
described 1-5
disabling 1-16
enabling 1-16
fast-convergence events 1-7
Fast Uplink Transition Protocol 1-6
normal-convergence events 1-7
support for 1-9
cryptographic software image
switch stack considerations 1-3, 1-18
customer edge devices 1-77
customizeable web pages, web-based authentication 1-6
CWDM SFPs 1-36
D
DACL
See downloadable ACL
daylight saving time 1-6
dCEF in the switch stack 1-91
debugging
enabling all system diagnostics 1-21
enabling for a specific feature 1-21
redirecting error message output 1-22
using commands 1-20
default commands 1-4
default configuration
802.1x 1-38
auto-QoS 1-24
banners 1-10
BGP 1-47
booting 1-18
CDP 1-2
DHCP 1-8
DHCP option 82 1-8
DHCP snooping 1-8
DHCP snooping binding database 1-9
DNS 1-9
dynamic ARP inspection 1-5
EIGRP 1-39
EtherChannel 1-11
Ethernet interfaces 1-30
fallback bridging 1-3
Flex Links 1-8
HSRP 1-5
IEEE 802.1Q tunneling 1-4
IGMP 1-39
IGMP filtering 1-24
IGMP snooping 1-7, 1-6
IGMP throttling 1-25
initial switch information 1-3
IP addressing, IP routing 1-6
IP multicast routing 1-11
IP SLAs 1-6
IP source guard 1-18
IPv6 1-16
IS-IS 1-68
Layer 2 interfaces 1-30
Layer 2 protocol tunneling 1-12
LLDP 1-5
MAC address table 1-14
MAC address-table move update 1-8
MSDP 1-4
MSTP 1-14
multi-VRF CE 1-79
MVR 1-20
optional spanning-tree configuration 1-12
OSPF 1-28
password and privilege level 1-2
PIM 1-11
private VLANs 1-6
RADIUS 1-27
REP 1-7
RIP 1-21
RMON 1-3
RSPAN 1-12
SDM template 1-5
SNMP 1-6
SPAN 1-12
SSL 1-51
standard QoS 1-37
STP 1-13
switch stacks 1-24
system message logging 1-4
system name and prompt 1-8
TACACS+ 1-13
UDLD 1-4
VLAN, Layer 2 Ethernet interfaces 1-17
VLANs 1-7
VMPS 1-27
voice VLAN 1-3
VTP 1-9
WCCP 1-5
default gateway 1-15, 1-13
default networks 1-95
default router preference
See DRP
default routes 1-95
default routing 1-3
default web-based authentication configuration
802.1X 1-9
deleting VLANs 1-9
denial-of-service attack 1-1
description command 1-39
designing your network, examples 1-23
desktop template 1-11
destination-IP address-based forwarding, EtherChannel 1-9
destination-MAC address forwarding, EtherChannel 1-9
detecting indirect link failures, STP 1-8
device discovery protocol 1-1
device manager
benefits 1-2
described 1-3, 1-6
in-band management 1-8
device sensor
configuring 1-54
DHCP
Cisco IOS server database
configuring 1-14
default configuration 1-9
described 1-6
DHCP for IPv6
See DHCPv6
enabling
relay agent 1-11
server 1-10
DHCP-based autoconfiguration
client request message exchange 1-4
configuring
client side 1-4
DNS 1-8
relay device 1-8
server side 1-7
server-side 1-10
TFTP server 1-7
example 1-10
lease options
for IP address information 1-7
for receiving the configuration file 1-7
overview 1-3
relationship to BOOTP 1-4
relay support 1-7, 1-17
support for 1-7
DHCP-based autoconfiguration and image update
configuring 1-11 to 1-14
understanding 1-5 to 1-6
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 1-11
DHCP option 82
circuit ID suboption 1-5
configuration guidelines 1-9
default configuration 1-8
displaying 1-16
forwarding address, specifying 1-11
helper address 1-11
overview 1-3
packet format, suboption
circuit ID 1-5
remote ID 1-5
remote ID suboption 1-5
DHCP server port-based address allocation
configuration guidelines 1-27
default configuration 1-27
described 1-26
displaying 1-29, 1-12
enabling 1-27
reserved addresses 1-28
DHCP snooping
accepting untrusted packets form edge switch 1-3, 1-13
and private VLANs 1-14
binding database
See DHCP snooping binding database
configuration guidelines 1-9
default configuration 1-8
message exchange process 1-4
option 82 data insertion 1-3
trusted interface 1-2
untrusted interface 1-2
untrusted messages 1-2
DHCP snooping binding database
adding bindings 1-15
binding file
format 1-7
location 1-6
bindings 1-6
clearing agent statistics 1-15
configuration guidelines 1-9
configuring 1-15
default configuration 1-8, 1-9
deleting
binding file 1-15
bindings 1-15
database agent 1-15
described 1-6
enabling 1-15
entry 1-6
renewing database 1-15
resetting
delay value 1-15
timeout value 1-15
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 1-27
default configuration 1-27
described 1-10
enabling client function 1-29
enabling DHCPv6 server function 1-27
diagnostic schedule command 1-2
Differentiated Services architecture, QoS 1-2
Differentiated Services Code Point 1-2
Diffusing Update Algorithm (DUAL) 1-37
directed unicast requests 1-7
directories
changing 1-4
creating and removing 1-5
displaying the working 1-4
discovery, clusters
See automatic discovery
Distance Vector Multicast Routing Protocol
See DVMRP
distance-vector protocols 1-3
distribute-list command 1-104
DNS
and DHCP-based autoconfiguration 1-8
default configuration 1-9
displaying the configuration 1-10
in IPv6 1-4
overview 1-8
setting up 1-9
support for 1-7
DNS-based SSM mapping 1-18, 1-20
domain names
DNS 1-8
VTP 1-9
Domain Name System
See DNS
domains, ISO IGRP routing 1-67
dot1q-tunnel switchport mode 1-16
double-tagged packets
IEEE 802.1Q tunneling 1-2
Layer 2 protocol tunneling 1-11
downloadable ACL 1-18, 1-20, 1-71
downloading
configuration files
preparing 1-11, 1-14, 1-17
reasons for 1-9
using FTP 1-14
using RCP 1-18
using TFTP 1-12
image files
deleting old image 1-30
preparing 1-28, 1-31, 1-36
reasons for 1-25
using CMS 1-3
using FTP 1-32
using HTTP 1-3, 1-25
using RCP 1-37
using TFTP 1-28
using the device manager or Network Assistant 1-25
drop threshold for Layer 2 protocol packets 1-12
DRP
configuring 1-24
described 1-9
IPv6 1-9
DSCP 1-15, 1-2
DSCP input queue threshold map for QoS 1-18
DSCP output queue threshold map for QoS 1-21
DSCP-to-CoS map for QoS 1-76
DSCP-to-DSCP-mutation map for QoS 1-77
DSCP transparency 1-46
DTP 1-10, 1-15
dual-action detection 1-6
DUAL finite state machine, EIGRP 1-38
dual IPv4 and IPv6 templates 1-3, 1-10
dual protocol stacks
IPv4 and IPv6 1-10
SDM templates supporting 1-10
DVMRP
autosummarization
configuring a summary address 1-59
disabling 1-61
connecting PIM domain to DVMRP router 1-51
enabling unicast routing 1-54
interoperability
with Cisco devices 1-49
with Cisco IOS software 1-9
mrinfo requests, responding to 1-54
neighbors
advertising the default route to 1-53
discovery with Probe messages 1-49
displaying information 1-54
prevent peering with nonpruning 1-57
rejecting nonpruning 1-55
overview 1-9
routes
adding a metric offset 1-62
advertising all 1-61
advertising the default route to neighbors 1-53
caching DVMRP routes learned in report messages 1-55
changing the threshold for syslog messages 1-58
favoring one over another 1-62
limiting the number injected into MBONE 1-58
limiting unicast route advertisements 1-49
routing table 1-9
source distribution tree, building 1-9
support for 1-17
tunnels
configuring 1-51
displaying neighbor information 1-54
dynamic access ports
characteristics 1-3
configuring 1-29
defined 1-3
dynamic addresses
See addresses
dynamic ARP inspection
ARP cache poisoning 1-1
ARP requests, described 1-1
ARP spoofing attack 1-1
clearing
log buffer 1-15
statistics 1-15
configuration guidelines 1-6
configuring
ACLs for non-DHCP environments 1-9
in DHCP environments 1-7
log buffer 1-13
rate limit for incoming ARP packets 1-4, 1-10
default configuration 1-5
denial-of-service attacks, preventing 1-10
described 1-1
DHCP snooping binding database 1-2
displaying
statistics 1-15
error-disabled state for exceeding rate limit 1-4
function of 1-2
interface trust states 1-3
log buffer
clearing 1-15
configuring 1-13
logging of dropped packets, described 1-5
man-in-the middle attack, described 1-2
network security issues and interface trust states 1-3
priority of ARP ACLs and DHCP snooping entries 1-4
rate limiting of ARP packets
configuring 1-10
described 1-4
error-disabled state 1-4
statistics
clearing 1-15
displaying 1-15
validation checks, performing 1-12
dynamic auto trunking mode 1-16
dynamic desirable trunking mode 1-16
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 1-27
reconfirming 1-29
troubleshooting 1-31
types of connections 1-29
dynamic routing 1-3
ISO CLNS 1-66
Dynamic Trunking Protocol
See DTP
E
EAC 1-2
EBGP 1-46
editing features
enabling and disabling 1-6
keystrokes used 1-7
wrapped lines 1-8
EEM 3.2 1-5
EIGRP
authentication 1-43
components 1-38
configuring 1-41
default configuration 1-39
definition 1-37
interface parameters, configuring 1-42
monitoring 1-45
stub routing 1-44
support for 1-16
EIGRP IPv6 1-12
elections
See stack master
ELIN location 1-3
embedded event manager
3.2 1-5
actions 1-4
configuring 1-1, 1-6
displaying information 1-8
environmental variables 1-5
event detectors 1-3
policies 1-4
registering and defining an applet 1-6
registering and defining a TCL script 1-7
understanding 1-1
enable password 1-3
enable secret password 1-3
Enable the FIPS mode 1-25
encryption, CipherSuite 1-50
encryption for passwords 1-3
encryption keying 1-2
encryption keys, MKA 1-2
Endpoint Admission Control (EAC) 1-2
Enhanced IGRP
See EIGRP
enhanced object tracking
backup static routing 1-12
defined 1-1
DHCP primary interface 1-11
HSRP 1-7
IP routing state 1-2
IP SLAs 1-9
line-protocol state 1-2
network monitoring with IP SLAs 1-11
routing policy, configuring 1-12
static route primary interface 1-10
tracked lists 1-3
enhanced object tracking static routing 1-10
environmental variables, embedded event manager 1-5
environment variables, function of 1-22
equal-cost routing 1-16, 1-93
error-disabled state, BPDU 1-2
error messages during command entry 1-4
EtherChannel
automatic creation of 1-5, 1-7
channel groups
binding physical and logical interfaces 1-4
numbering of 1-4
configuration guidelines 1-12
configuring
Layer 2 interfaces 1-13
Layer 3 physical interfaces 1-16
Layer 3 port-channel logical interfaces 1-15
default configuration 1-11
described 1-2
displaying status 1-22
forwarding methods 1-8, 1-18
IEEE 802.3ad, described 1-7
interaction
with STP 1-12
with VLANs 1-12
LACP
described 1-7
displaying status 1-22
hot-standby ports 1-20
interaction with other features 1-8
modes 1-7
port priority 1-22
system priority 1-21
Layer 3 interface 1-5
load balancing 1-8, 1-18
logical interfaces, described 1-4
PAgP
aggregate-port learners 1-19
described 1-5
displaying status 1-22
interaction with other features 1-7
interaction with virtual switches 1-6
learn method and priority configuration 1-19
modes 1-6
support for 1-5
with dual-action detection 1-6
port-channel interfaces
described 1-4
numbering of 1-4
port groups 1-6
stack changes, effects of 1-10
support for 1-5
EtherChannel guard
described 1-10
disabling 1-17
enabling 1-17
Ethernet management port
active link 1-27
and routing 1-27
and routing protocols 1-27
and TFTP 1-29
configuring 1-29
connecting to 1-10
default setting 1-27
described 1-26
for network management 1-26
specifying 1-29
supported features 1-28
unsupported features 1-29
Ethernet management port, internal
and routing 1-27
and routing protocols 1-27
unsupported features 1-29
Ethernet VLANs
adding 1-8
defaults and ranges 1-7
modifying 1-8
EUI 1-3
event detectors, embedded event manager 1-3
events, RMON 1-3
examples
network configuration 1-23
expedite queue for QoS 1-89
Express Setup 1-2
See also getting started guide
extended crashinfo file 1-24
extended-range VLANs
configuration guidelines 1-11
configuring 1-10
creating 1-12
creating with an internal VLAN ID 1-13
defined 1-1
extended system ID
MSTP 1-18
STP 1-5, 1-17
extended universal identifier
See EUI
Extensible Authentication Protocol over LAN 1-2
external BGP
See EBGP
external neighbors, BGP 1-50
F
Fa0 port
See Ethernet management port
failover support 1-9
fallback bridging
and protected ports 1-4
bridge groups
creating 1-4
described 1-2
function of 1-2
number supported 1-4
removing 1-5
configuration guidelines 1-4
connecting interfaces with 1-15
default configuration 1-3
described 1-1
frame forwarding
flooding packets 1-2
forwarding packets 1-2
overview 1-1
protocol, unsupported 1-4
stack changes, effects of 1-3
STP
disabling on an interface 1-9
forward-delay interval 1-8
hello BPDU interval 1-8
interface priority 1-6
keepalive messages 1-2
maximum-idle interval 1-9
path cost 1-7
VLAN-bridge spanning-tree priority 1-6
VLAN-bridge STP 1-2
support for 1-16
SVIs and routed ports 1-1
unsupported protocols 1-4
VLAN-bridge STP 1-12
Fast Convergence 1-3
fastethernet0 port
See Ethernet management port
Fast Uplink Transition Protocol 1-6
features, incompatible 1-12
FIB 1-92
fiber-optic, detecting unidirectional links 1-1
files
basic crashinfo
description 1-25
location 1-25
copying 1-5
crashinfo, description 1-24
deleting 1-6
displaying the contents of 1-8
extended crashinfo
description 1-25
location 1-25
tar
creating 1-7
displaying the contents of 1-7
extracting 1-8
image file format 1-26
file system
displaying available file systems 1-2
displaying file information 1-3
local file system names 1-1
network file system names 1-5
setting the default 1-3
filtering
in a VLAN 1-32
IPv6 traffic 1-4, 1-7
non-IP traffic 1-29
show and more command output 1-9
filtering show and more command output 1-9
filters, IP
See ACLs, IP
FIPS 140-2 1-11
flash device, number of 1-1
flexible authentication ordering
configuring 1-74
overview 1-31
Flexible NetFlow
components 1-1
configuring a flow monitor 1-6
configuring flow records 1-3
configuring the exported 1-3
configuring the exporter 1-5
interface configuration 1-7
purpose 1-1
sampling 1-9
unsupported features 1-2
Flex Link Multicast Fast Convergence 1-3
Flex Links
configuring 1-8, 1-9
configuring preferred VLAN 1-11
configuring VLAN load balancing 1-10
default configuration 1-8
description 1-1
link load balancing 1-2
monitoring 1-14
VLANs 1-2
flooded traffic, blocking 1-8
flow-based packet classification 1-15
flowcharts
QoS classification 1-7
QoS egress queueing and scheduling 1-19
QoS ingress queueing and scheduling 1-16
QoS policing and marking 1-11
flowcontrol
configuring 1-34
described 1-33
forward-delay time
MSTP 1-24
STP 1-24
Forwarding Information Base
See FIB
forwarding nonroutable protocols 1-1
FTP
configuration files
downloading 1-14
overview 1-13
preparing the server 1-14
uploading 1-16
image files
deleting old image 1-34
downloading 1-32
preparing the server 1-31
uploading 1-34
G
general query 1-5
Generating IGMP Reports 1-3
get-next-request operation 1-4
get-request operation 1-4
Gigabit modules
See SFPs
global leave, IGMP 1-13
guest VLAN and IEEE 802.1x 1-21
guide mode 1-3
GUIs
See device manager and Network Assistant
H
hardware limitations and Layer 3 interfaces 1-41
hello time
MSTP 1-23
STP 1-23
help, for the command line 1-3
hierarchical policy maps 1-9
configuration guidelines 1-40
configuring 1-63
described 1-12
history
changing the buffer size 1-5
described 1-5
disabling 1-6
recalling commands 1-6
history table, level and number of syslog messages 1-10
host modes, MACsec 1-4
host names in clusters 1-13
host ports
configuring 1-11
kinds of 1-2
hosts, limit on dynamic ports 1-31
Hot Standby Router Protocol
See HSRP
HP OpenView 1-6
HSRP
authentication string 1-10
automatic cluster recovery 1-12
binding to cluster group 1-12
cluster standby group considerations 1-11
command-switch redundancy 1-1, 1-2, 1-9
configuring 1-5
default configuration 1-5
definition 1-1
guidelines 1-6
monitoring 1-13
object tracking 1-7
overview 1-1
priority 1-8
routing redundancy 1-16
support for ICMP redirect messages 1-12
switch stack considerations 1-5
timers 1-10
tracking 1-8
See also clusters, cluster standby group, and standby command switch
HSRP for IPv6
configuring 1-37
guidelines 1-36
HTTP(S) Over IPv6 1-13
HTTP over SSL
see HTTPS
HTTPS
configuring 1-52
described 1-48
self-signed certificate 1-49
HTTP secure server 1-48
I
IBPG 1-46
ICMP
IPv6 1-4
redirect messages 1-13
support for 1-17
time-exceeded messages 1-18
traceroute and 1-18
unreachable messages 1-22
unreachable messages and IPv6 1-4
unreachables and ACLs 1-23
ICMP Echo operation
configuring 1-11
IP SLAs 1-11
ICMP ping
executing 1-15
overview 1-15
ICMP Router Discovery Protocol
See IRDP
ICMPv6 1-4
IDS appliances
and ingress RSPAN 1-22
and ingress SPAN 1-15
IEEE 802.1D
See STP
IEEE 802.1p 1-1
IEEE 802.1Q
and trunk ports 1-4
configuration limitations 1-17
encapsulation 1-15
native VLAN for untagged traffic 1-21
tunneling
compatibility with other features 1-6
defaults 1-4
described 1-1
tunnel ports with other features 1-6
IEEE 802.1s
See MSTP
IEEE 802.1w
See RSTP
IEEE 802.1x
See port-based authentication
IEEE 802.3ad
See EtherChannel
IEEE 802.3af
See PoE
IEEE 802.3x flow control 1-33
ifIndex values, SNMP 1-5
IFS 1-7
IGMP
configurable leave timer
described 1-6
enabling 1-11
configuring the switch
as a member of a group 1-39
statically connected member 1-44
controlling access to groups 1-40
default configuration 1-39
fast switching 1-44
flooded multicast traffic
controlling the length of time 1-12
disabling on an interface 1-13
global leave 1-13
query solicitation 1-13
recovering from flood mode 1-13
host-query interval, modifying 1-42
joining multicast group 1-3
join messages 1-3
leave processing, enabling 1-11, 1-9
leaving multicast group 1-5
multicast reachability 1-39
overview 1-3
queries 1-4
report suppression
described 1-6
disabling 1-16, 1-11
supported versions 1-3
support for 1-5
Version 1
changing to Version 2 1-41
described 1-3
Version 2
changing to Version 1 1-41
described 1-3
maximum query response time value 1-43
pruning groups 1-43
query timeout value 1-42
IGMP filtering
configuring 1-25
default configuration 1-24
described 1-24
support for 1-5
IGMP groups
configuring filtering 1-27
setting the maximum number 1-27
IGMP helper 1-6
IGMP Immediate Leave
configuration guidelines 1-11
described 1-6
enabling 1-11
IGMP profile
applying 1-26
configuration mode 1-25
configuring 1-25
IGMP snooping
and address aliasing 1-2
and stack changes 1-7
configuring 1-7
default configuration 1-7, 1-6
definition 1-2
enabling and disabling 1-8, 1-7
global configuration 1-8
Immediate Leave 1-6
in the switch stack 1-7
method 1-8
monitoring 1-16, 1-12
querier
configuration guidelines 1-14
configuring 1-14
supported versions 1-3
support for 1-5
VLAN configuration 1-8
IGMP throttling
configuring 1-27
default configuration 1-25
described 1-24
displaying action 1-29
IGP 1-27
Immediate Leave, IGMP
described 1-6
enabling 1-9
inaccessible authentication bypass
802.1x 1-23
support for multiauth ports 1-23
initial configuration
defaults 1-20
Express Setup 1-2
interface
number 1-20
range macros 1-24
interface command 1-20 to 1-21
interface configuration
REP 1-9
interfaces
auto-MDIX, configuring 1-34
configuring
procedure 1-21
counters, clearing 1-53
default configuration 1-30
described 1-39
descriptive name, adding 1-39
displaying information about 1-52
duplex and speed configuration guidelines 1-31
flow control 1-33
management 1-6
monitoring 1-51
naming 1-39
physical, identifying 1-20
range of 1-22
restarting 1-53, 1-54
shutting down 1-53
speed and duplex, configuring 1-32
status 1-51
supported 1-20
types of 1-1
interfaces range macro command 1-24
interface types 1-20
Interior Gateway Protocol
See IGP
internal BGP
See IBGP
internal neighbors, BGP 1-50
internal power supplies
See power supplies
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Internet Protocol version 6
See IPv6
Inter-Switch Link
See ISL
inter-VLAN routing 1-16, 1-2
Intrusion Detection System
See IDS appliances
inventory management TLV 1-3
IP ACLs
for QoS classification 1-7
implicit deny 1-11, 1-15
implicit masks 1-11
named 1-16
undefined 1-23
IP addresses
128-bit 1-2
candidate or member 1-4, 1-13
classes of 1-7
cluster access 1-2
command switch 1-3, 1-11, 1-13
default configuration 1-6
discovering 1-24
for IP routing 1-6
IPv6 1-2
MAC address association 1-10
monitoring 1-19
redundant clusters 1-11
standby command switch 1-11, 1-13
See also IP information
IP base feature set 1-1, 1-2
IP base software image 1-1
IP broadcast address 1-17
ip cef distributed command 1-92
IP directed broadcasts 1-15
ip igmp profile command 1-25
IP information
assigned
manually 1-15
through DHCP-based autoconfiguration 1-3
default configuration 1-3
IP multicast routing
addresses
all-hosts 1-3
all-multicast-routers 1-3
host group address range 1-3
administratively-scoped boundaries, described 1-47
and IGMP snooping 1-2
Auto-RP
adding to an existing sparse-mode cloud 1-26
benefits of 1-26
configuration guidelines 1-12
filtering incoming RP announcement messages 1-28
overview 1-7
preventing candidate RP spoofing 1-28
preventing join messages to false RPs 1-28
setting up in a new internetwork 1-26
using with BSR 1-34
bootstrap router
configuration guidelines 1-12
configuring candidate BSRs 1-32
configuring candidate RPs 1-33
defining the IP multicast boundary 1-31
defining the PIM domain border 1-30
overview 1-7
using with Auto-RP 1-34
Cisco implementation 1-2
configuring
basic multicast routing 1-12
IP multicast boundary 1-47
default configuration 1-11
enabling
PIM mode 1-13
group-to-RP mappings
Auto-RP 1-7
BSR 1-7
MBONE
described 1-46
enabling sdr listener support 1-46
limiting DVMRP routes advertised 1-58
limiting sdr cache entry lifetime 1-46
SAP packets for conference session announcement 1-46
Session Directory (sdr) tool, described 1-46
multicast forwarding, described 1-8
PIMv1 and PIMv2 interoperability 1-11
protocol interaction 1-2
reverse path check (RPF) 1-8
RP
assigning manually 1-24
configuring Auto-RP 1-26
configuring PIMv2 BSR 1-30
monitoring mapping information 1-35
using Auto-RP and BSR 1-34
stacking
stack master functions 1-10
stack member functions 1-10
statistics, displaying system and network 1-63
See also CGMP
See also DVMRP
See also IGMP
See also PIM
IP phones
and QoS 1-1
automatic classification and queueing 1-23
configuring 1-4
ensuring port security with QoS 1-45
trusted boundary for QoS 1-45
IP Port Security for Static Hosts
on a Layer 2 access port 1-20
on a PVLAN host port 1-24
IP precedence 1-2
IP-precedence-to-DSCP map for QoS 1-74
IP protocols
routing 1-16
IP routes, monitoring 1-106
IP routing
connecting interfaces with 1-15
disabling 1-20
enabling 1-20
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 1-1
IP services feature set 1-2
IP SLAs
benefits 1-2
configuration guidelines 1-6
configuring object tracking 1-9
Control Protocol 1-4
default configuration 1-6
definition 1-1
ICMP echo operation 1-11
measuring network performance 1-3
monitoring 1-13
multioperations scheduling 1-5
object tracking 1-9
operation 1-3
reachability tracking 1-9
responder
described 1-4
enabling 1-7
response time 1-4
scheduling 1-5
SNMP support 1-2
supported metrics 1-2
threshold monitoring 1-6
track object monitoring agent, configuring 1-11
track state 1-9
UDP jitter operation 1-8
IP source guard
and 802.1x 1-19
and DHCP snooping 1-16
and port security 1-19
and private VLANs 1-19
and routed ports 1-18
and TCAM entries 1-19
and trunk interfaces 1-18
and VRF 1-19
binding configuration
automatic 1-16
manual 1-16
binding table 1-16
configuration guidelines 1-18
default configuration 1-18
described 1-16
disabling 1-20
displaying
bindings 1-26
configuration 1-26
enabling 1-19, 1-21
filtering
source IP address 1-17
source IP and MAC address 1-17
source IP address filtering 1-17
source IP and MAC address filtering 1-17
static bindings
adding 1-19, 1-21
deleting 1-20
static hosts 1-21
IP traceroute
executing 1-18
overview 1-18
IP unicast routing
address resolution 1-10
administrative distances 1-94, 1-104
ARP 1-10
assigning IP addresses to Layer 3 interfaces 1-7
authentication keys 1-105
broadcast
address 1-17
flooding 1-18
packets 1-15
storms 1-15
classless routing 1-8
configuring static routes 1-94
default
addressing configuration 1-6
gateways 1-13
networks 1-95
routes 1-95
routing 1-3
directed broadcasts 1-15
disabling 1-20
dynamic routing 1-3
enabling 1-20
EtherChannel Layer 3 interface 1-5
IGP 1-27
inter-VLAN 1-2
IP addressing
classes 1-7
configuring 1-6
IPv6 1-3
IRDP 1-13
Layer 3 interfaces 1-5
MAC address and IP address 1-10
passive interfaces 1-103
protocols
distance-vector 1-3
dynamic 1-3
link-state 1-3
proxy ARP 1-10
redistribution 1-96
reverse address resolution 1-10
routed ports 1-5
static routing 1-3
steps to configure 1-5
subnet mask 1-7
subnet zero 1-8
supernet 1-8
UDP 1-16
unicast reverse path forwarding 1-17, 1-91
with SVIs 1-5
See also BGP
See also EIGRP
See also OSPF
See also RIP
IPv4 ACLs
applying to interfaces 1-21
extended, creating 1-11
named 1-16
standard, creating 1-10
IPv6
ACLs
displaying 1-8
limitations 1-3
matching criteria 1-3
port 1-2
precedence 1-2
router 1-2
supported 1-2
addresses 1-2
address formats 1-2
and switch stacks 1-15
applications 1-9
assigning address 1-17
autoconfiguration 1-9
CEFv6 1-30
default configuration 1-16
default router preference (DRP) 1-9
defined 1-1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 1-12
EIGRP IPv6 Commands 1-13
Router ID 1-12
feature limitations 1-14
features not supported 1-14
forwarding 1-17
ICMP 1-4
monitoring 1-39
neighbor discovery 1-4
OSPF 1-11
path MTU discovery 1-4
SDM templates 1-3, 1-1
stack master functions 1-15
Stateless Autoconfiguration 1-9
supported features 1-2
switch limitations 1-14
understanding static routes 1-11
IPv6 traffic, filtering 1-4
IRDP
configuring 1-14
definition 1-13
support for 1-17
IS-IS
addresses 1-67
area routing 1-67
default configuration 1-68
monitoring 1-76
show commands 1-76
system routing 1-67
ISL
and IPv6 1-3
and trunk ports 1-4
encapsulation 1-10, 1-15
trunking with IEEE 802.1 tunneling 1-5
ISO CLNS
clear commands 1-76
dynamic routing protocols 1-66
monitoring 1-76
NETs 1-66
NSAPs 1-66
OSI standard 1-66
ISO IGRP
area routing 1-67
system routing 1-67
isolated port 1-2
isolated VLANs 1-2, 1-3
J
join messages, IGMP 1-3
K
KDC
described 1-39
See also Kerberos
keepalive messages 1-2
Kerberos
authenticating to
boundary switch 1-41
KDC 1-41
network services 1-42
configuration examples 1-39
configuring 1-42
credentials 1-39
described 1-39
KDC 1-39
operation 1-41
realm 1-40
server 1-41
support for 1-13
switch as trusted third party 1-39
terms 1-40
TGT 1-41
tickets 1-39
key distribution center
See KDC
L
l2protocol-tunnel command 1-14
LACP
Layer 2 protocol tunneling 1-10
See EtherChannel
Layer 2 frames, classification with CoS 1-2
Layer 2 interfaces, default configuration 1-30
Layer 2 protocol tunneling
configuring 1-11
configuring for EtherChannels 1-15
default configuration 1-12
defined 1-8
guidelines 1-13
Layer 2 traceroute
and ARP 1-17
and CDP 1-17
broadcast traffic 1-16
described 1-16
IP addresses and subnets 1-17
MAC addresses and VLANs 1-17
multicast traffic 1-17
multiple devices on a port 1-17
unicast traffic 1-16
usage guidelines 1-17
Layer 3 features 1-16
Layer 3 interfaces
assigning IP addresses to 1-7
assigning IPv4 and IPv6 addresses to 1-25
assigning IPv6 addresses to 1-17
changing from Layer 2 mode 1-82
types of 1-5
Layer 3 packets, classification methods 1-2
LDAP 1-2
Leaking IGMP Reports 1-4
LEDs, switch
See hardware installation guide
Lightweight Directory Access Protocol
See LDAP
Link Aggregation Control Protocol
See EtherChannel
Link Failure, detecting unidirectional 1-7
link integrity, verifying with REP 1-3
Link Layer Discovery Protocol
See CDP
link local unicast addresses 1-3
link redundancy
See Flex Links
links, unidirectional 1-1
link state advertisements (LSAs) 1-33
link-state protocols 1-3
link-state tracking
configuring 1-25
described 1-23
LLDP
configuring 1-5
characteristics 1-6
default configuration 1-5
enabling 1-6
monitoring and maintaining 1-11
overview 1-1
supported TLVs 1-2
switch stack considerations 1-2
transmission timer and holdtime, setting 1-6
LLDP-MED
configuring
procedures 1-5
TLVs 1-7
monitoring and maintaining 1-11
overview 1-1, 1-2
supported TLVs 1-2
LLDP Media Endpoint Discovery
See LLDP-MED
load balancing 1-4
local SPAN 1-2
location TLV 1-3
logging messages, ACL 1-9
login authentication
with RADIUS 1-29
with TACACS+ 1-14
login banners 1-10
log messages
See system message logging
Long-Reach Ethernet (LRE) technology 1-35
loop guard
described 1-11
enabling 1-18
support for 1-9
LRE profiles, considerations in switch clusters 1-16
M
MAC/PHY configuration status TLV 1-2
MAC addresses
aging time 1-14
and VLAN association 1-13
building the address table 1-13
default configuration 1-14
disabling learning on a VLAN 1-23
discovering 1-24
displaying 1-23
displaying in the IP source binding table 1-26
dynamic
learning 1-13
removing 1-15
in ACLs 1-29
IP address association 1-10
static
adding 1-20
allowing 1-22, 1-23
characteristics of 1-20
dropping 1-21
removing 1-20
MAC address learning 1-7
MAC address learning, disabling on a VLAN 1-23
MAC address notification, support for 1-18
MAC address-table move update
configuration guidelines 1-8
configuring 1-12
default configuration 1-8
description 1-6
monitoring 1-14
MAC address-to-VLAN mapping 1-26
MAC authentication bypass 1-15
MAC extended access lists
applying to Layer 2 interfaces 1-31
configuring for QoS 1-53
creating 1-29
defined 1-29
for QoS classification 1-5
MACSec 1-2
802.1AE Tagging 1-9
MACsec 1-2
and stacking 1-3
configuring on an interface 1-7
defined 1-1, 1-2
switch-to-switch security 1-1
MACsec Key Agreement Protocol
See MKA
magic packet 1-28
manageability features 1-7
management access
in-band
browser session 1-8
CLI session 1-8
device manager 1-8
SNMP 1-8
out-of-band console port connection 1-8
management address TLV 1-2
management options
CLI 1-1
clustering 1-4
CNS 1-1
Network Assistant 1-3
overview 1-6
switch stacks 1-3
management VLAN
considerations in switch clusters 1-7
discovery through different management VLANs 1-7
manual preemption, REP, configuring 1-12
mapping tables for QoS
configuring
CoS-to-DSCP 1-73
DSCP 1-73
DSCP-to-CoS 1-76
DSCP-to-DSCP-mutation 1-77
IP-precedence-to-DSCP 1-74
policed-DSCP 1-75
described 1-13
marking
action in policy map 1-58
action with aggregate policers 1-71
described 1-4, 1-9
matching IPv4 ACLs 1-8
maximum aging time
MSTP 1-24
STP 1-24
maximum hop count, MSTP 1-25
maximum number of allowed devices, port-based authentication 1-41
maximum-paths command 1-54, 1-93
MDA
configuration guidelines 1-31 to 1-32
described 1-12, 1-31
exceptions with authentication process 1-4
Media Access Control Security
See MACsec
membership mode, VLAN port 1-3
member switch
automatic discovery 1-5
defined 1-2
managing 1-16
passwords 1-13
recovering from lost connectivity 1-12
requirements 1-4
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 1-10
metrics, in BGP 1-54
metric translations, between routing protocols 1-99
metro tags 1-2
MHSRP 1-4
MIBs
overview 1-1
SNMP interaction with 1-4
mini-point-of-presence
See POP
mini-type USB console port 1-16
mirroring traffic for analysis 1-1
mismatches, autonegotiation 1-13
MKA
configuring policies 1-6
defined 1-2
policies 1-2
replay protection 1-3
statistics 1-5
virtual ports 1-3
module number 1-20
monitoring
access groups 1-44
BGP 1-65
cables for unidirectional links 1-1
CDP 1-5
CEF 1-92
EIGRP 1-45
fallback bridging 1-10
features 1-18
Flex Links 1-14
HSRP 1-13
IEEE 802.1Q tunneling 1-19
IGMP
snooping 1-16, 1-12
interfaces 1-51
IP
address tables 1-19
multicast routing 1-63
routes 1-106
IP SLAs operations 1-13
IPv4 ACL configuration 1-44
IPv6 1-39
IPv6 ACL configuration 1-8
IS-IS 1-76
ISO CLNS 1-76
Layer 2 protocol tunneling 1-19
MAC address-table move update 1-14
MSDP peers 1-19
multicast router interfaces 1-17
multi-VRF CE 1-90
network traffic for analysis with probe 1-2
object tracking 1-12
OSPF 1-37
private VLANs 1-15
REP 1-13
RP mapping information 1-35
SFP status 1-14
source-active messages 1-19
speed and duplex mode 1-33
SSM mapping 1-22
traffic flowing among switches 1-1
traffic suppression 1-21
tunneling 1-19
VLAN
filters 1-45
maps 1-45
VLANs 1-14
VMPS 1-30
VTP 1-18
mrouter Port 1-3
mrouter port 1-5
MSDP
benefits of 1-3
clearing MSDP connections and statistics 1-19
controlling source information
forwarded by switch 1-12
originated by switch 1-8
received by switch 1-14
default configuration 1-4
dense-mode regions
sending SA messages to 1-17
specifying the originating address 1-18
filtering
incoming SA messages 1-14
SA messages to a peer 1-12
SA requests from a peer 1-11
join latency, defined 1-6
meshed groups
configuring 1-16
defined 1-16
originating address, changing 1-18
overview 1-1
peer-RPF flooding 1-2
peers
configuring a default 1-4
monitoring 1-19
peering relationship, overview 1-1
requesting source information from 1-8
shutting down 1-16
source-active messages
caching 1-6
defined 1-2
filtering from a peer 1-11
filtering incoming 1-14
filtering to a peer 1-12
limiting data with TTL 1-14
restricting advertised sources 1-9
support for 1-17
MSTP
boundary ports
configuration guidelines 1-16
described 1-6
BPDU filtering
described 1-3
enabling 1-14
BPDU guard
described 1-2
enabling 1-13
CIST, described 1-3
CIST regional root 1-3
CIST root 1-5
configuration guidelines 1-15, 1-12
configuring
forward-delay time 1-24
hello time 1-23
link type for rapid convergence 1-25
maximum aging time 1-24
maximum hop count 1-25
MST region 1-16
neighbor type 1-26
path cost 1-21
port priority 1-20
root switch 1-18
secondary root switch 1-19
switch priority 1-22
CST
defined 1-3
operations between regions 1-3
default configuration 1-14
default optional feature configuration 1-12
displaying status 1-27
enabling the mode 1-16
EtherChannel guard
described 1-10
enabling 1-17
extended system ID
effects on root switch 1-18
effects on secondary root switch 1-19
unexpected behavior 1-18
IEEE 802.1s
implementation 1-6
port role naming change 1-6
terminology 1-5
instances supported 1-10
interface state, blocking to forwarding 1-2
interoperability and compatibility among modes 1-11
interoperability with IEEE 802.1D
described 1-8
restarting migration process 1-26
IST
defined 1-2
master 1-3
operations within a region 1-3
loop guard
described 1-11
enabling 1-18
mapping VLANs to MST instance 1-17
MST region
CIST 1-3
configuring 1-16
described 1-2
hop-count mechanism 1-5
IST 1-2
supported spanning-tree instances 1-2
optional features supported 1-9
overview 1-2
Port Fast
described 1-2
enabling 1-12
preventing root switch selection 1-10
root guard
described 1-10
enabling 1-18
root switch
configuring 1-18
effects of extended system ID 1-18
unexpected behavior 1-18
shutdown Port Fast-enabled port 1-2
stack changes, effects of 1-8
status, displaying 1-27
MTU
system 1-43
system jumbo 1-43
system routing 1-43
multiauth
support for inaccessible authentication bypass 1-23
multiauth mode
See multiple-authentication mode
multicast groups
Immediate Leave 1-6
joining 1-3
leaving 1-5
static joins 1-10, 1-8
multicast packets
ACLs on 1-43
blocking 1-8
multicast router interfaces, monitoring 1-17
multicast router ports, adding 1-9, 1-8
Multicast Source Discovery Protocol
See MSDP
multicast storm 1-1
multicast storm-control command 1-4
multicast television application 1-18
multicast VLAN 1-17
Multicast VLAN Registration
See MVR
multidomain authentication
See MDA
multioperations scheduling, IP SLAs 1-5
multiple authentication 1-12
Multiple HSRP
See MHSRP
multiple VPN routing/forwarding in customer edge devices
See multi-VRF CE
multi-VRF CE
configuration example 1-87
configuration guidelines 1-79
configuring 1-79
default configuration 1-79
defined 1-76
displaying 1-90
monitoring 1-90
network components 1-79
packet-forwarding process 1-78
support for 1-16
MVR
and address aliasing 1-20
and IGMPv3 1-21
configuring interfaces 1-22
default configuration 1-20
described 1-17
example application 1-18
in the switch stack 1-20
modes 1-21
multicast television application 1-18
setting global parameters 1-21
support for 1-5
N
NAC
AAA down policy 1-13
critical authentication 1-23, 1-63
IEEE 802.1x authentication using a RADIUS server 1-68
IEEE 802.1x validation using RADIUS server 1-68
inaccessible authentication bypass 1-13, 1-63
Layer 2 IEEE 802.1x validation 1-13, 1-68
Layer 2 IP validation 1-13
named IPv4 ACLs 1-16
named IPv6 ACLs 1-3
NameSpace Mapper
See NSM
native VLAN
and IEEE 802.1Q tunneling 1-4
configuring 1-21
default 1-21
NDAC 1-9, 1-2
defined 1-9
MACsec 1-1
NEAT
configuring 1-69
overview 1-33
neighbor discovery, IPv6 1-4
neighbor discovery/recovery, EIGRP 1-38
neighbor offset numbers, REP 1-4
neighbors, BGP 1-60
Network Admission Control
See NAC
Network Assistant
benefits 1-2
described 1-6
downloading image files 1-3
guide mode 1-3
management options 1-3
managing switch stacks 1-3, 1-17
upgrading a switch 1-25
wizards 1-3
network configuration examples
cost-effective wiring closet 1-24
high-performance wiring closet 1-26
increasing network performance 1-23
large network 1-32
long-distance, high-bandwidth transport 1-36
multidwelling network 1-35
providing network services 1-23
redundant Gigabit backbone 1-28
server aggregation and Linux server cluster 1-28
small to medium-sized network 1-30
network design
performance 1-23
services 1-23
Network Device Admission Control (NDAC) 1-9, 1-2
Network Edge Access Topology
See NEAT
network management
CDP 1-1
RMON 1-1
SNMP 1-1
network performance, measuring with IP SLAs 1-3
network policy TLV 1-2
Network Time Protocol
See NTP
no commands 1-4
nonhierarchical policy maps
configuration guidelines 1-40
configuring 1-58
described 1-10
non-IP traffic filtering 1-29
nontrunking mode 1-16
normal-range VLANs 1-4
configuration guidelines 1-5
configuring 1-4
defined 1-1
no switchport command 1-5
not-so-stubby areas
See NSSA
NSAPs, as ISO IGRP addresses 1-67
NSF Awareness
IS-IS 1-69
NSM 1-3
NSSA, OSPF 1-33
NTP
associations
defined 1-2
overview 1-2
stratum 1-2
support for 1-7
time
services 1-2
synchronizing 1-2
O
OBFL
configuring 1-27
described 1-27
displaying 1-28
object tracking
HSRP 1-7
IP SLAs 1-9
IP SLAs, configuring 1-9
monitoring 1-12
offline configuration for switch stacks 1-8
off mode, VTP 1-4
on-board failure logging
See OBFL
online diagnostics
described 1-1
overview 1-1
running tests 1-4
open1x
configuring 1-74
open1x authentication
overview 1-31
Open Shortest Path First
See OSPF
optimizing system resources 1-1
options, management 1-6
OSPF
area parameters, configuring 1-33
configuring 1-31
default configuration
metrics 1-34
route 1-34
settings 1-28
described 1-27
for IPv6 1-11
interface parameters, configuring 1-32
LSA group pacing 1-36
monitoring 1-37
router IDs 1-36
route summarization 1-34
support for 1-16
virtual links 1-34
out-of-profile markdown 1-15
P
packet modification, with QoS 1-22
PAgP
Layer 2 protocol tunneling 1-10
See EtherChannel
parallel paths, in routing tables 1-93
passive interfaces
configuring 1-103
OSPF 1-35
passwords
default configuration 1-2
disabling recovery of 1-5
encrypting 1-3
for security 1-11
in clusters 1-14
overview 1-1
recovery of 1-3
setting
enable 1-3
enable secret 1-3
Telnet 1-6
with usernames 1-6
VTP domain 1-10
path cost
MSTP 1-21
STP 1-21
path MTU discovery 1-4
payload encryption 1-1
PBR
defined 1-99
enabling 1-101
fast-switched policy-based routing 1-102
local policy-based routing 1-102
PC (passive command switch) 1-10
peers, BGP 1-60
percentage thresholds in tracked lists 1-6
performance, network design 1-23
performance features 1-4
persistent self-signed certificate 1-49
per-user ACLs and Filter-Ids 1-8
per-VLAN spanning-tree plus
See PVST+
PE to CE routing, configuring 1-86
physical ports 1-3
PIM
default configuration 1-11
dense mode
overview 1-4
rendezvous point (RP), described 1-5
RPF lookups 1-9
enabling a mode 1-13
overview 1-4
router-query message interval, modifying 1-38
shared tree and source tree, overview 1-35
shortest path tree, delaying the use of 1-37
sparse mode
join messages and shared tree 1-5
overview 1-5
prune messages 1-5
RPF lookups 1-9
stub routing
configuration guidelines 1-22
enabling 1-23
overview 1-5
support for 1-17
versions
interoperability 1-11
troubleshooting interoperability problems 1-35
v2 improvements 1-4
PIM-DVMRP, as snooping method 1-9
ping
character output description 1-16
executing 1-15
overview 1-15
PoE
auto mode 1-10
CDP with power consumption, described 1-8
CDP with power negotiation, described 1-8
Cisco intelligent power management 1-8
configuring 1-35
devices supported 1-7
high-power devices operating in low-power mode 1-8
IEEE power classification levels 1-9
monitoring 1-11
monitoring power 1-38
policing power consumption 1-38
policing power usage 1-11
power budgeting 1-37
power consumption 1-37
powered-device detection and initial power allocation 1-8
power management modes 1-10
power negotiation extensions to CDP 1-8
standards supported 1-8
static mode 1-10
troubleshooting 1-13
policed-DSCP map for QoS 1-75
policers
configuring
for each matched traffic class 1-58
for more than one traffic class 1-71
described 1-4
number of 1-41
types of 1-10
policing
described 1-4
hierarchical
See hierarchical policy maps
token-bucket algorithm 1-10
policy-based routing
See PBR
policy maps for QoS
characteristics of 1-59
described 1-8
hierarchical 1-9
hierarchical on SVIs
configuration guidelines 1-40
configuring 1-63
described 1-12
nonhierarchical on physical ports
configuration guidelines 1-40
configuring 1-58
described 1-10
POP 1-35
port ACLs
defined 1-3
types of 1-4
Port Aggregation Protocol
See EtherChannel
port-based authentication
accounting 1-14
authentication server
defined 1-3, 1-2
RADIUS server 1-3
client, defined 1-3, 1-2
configuration guidelines 1-39, 1-9
configuring
802.1x authentication 1-44
guest VLAN 1-60
host mode 1-47
inaccessible authentication bypass 1-63
manual re-authentication of a client 1-49
periodic re-authentication 1-48
quiet period 1-49
RADIUS server 1-47, 1-13
RADIUS server parameters on the switch 1-46, 1-11
restricted VLAN 1-62
switch-to-client frame-retransmission number 1-50, 1-51
switch-to-client retransmission time 1-50
violation modes 1-43 to 1-44
default configuration 1-38, 1-9
described 1-1
device roles 1-3, 1-2
displaying statistics 1-76, 1-17
downloadable ACLs and redirect URLs
configuring 1-71 to 1-73, ?? to 1-73
overview 1-18 to 1-21
EAPOL-start frame 1-6
EAP-request/identity frame 1-6
EAP-response/identity frame 1-6
enabling
802.1X authentication 1-11
encapsulation 1-3
flexible authentication ordering
configuring 1-74
overview 1-31
guest VLAN
configuration guidelines 1-22, 1-23
described 1-21
host mode 1-12
inaccessible authentication bypass
configuring 1-63
described 1-23
guidelines 1-40
initiation and message exchange 1-6
magic packet 1-28
maximum number of allowed devices per port 1-41
method lists 1-44
multiple authentication 1-12
multiple-hosts mode, described 1-12
per-user ACLs
AAA authorization 1-44
configuration tasks 1-18
described 1-17
RADIUS server attributes 1-17
ports
authorization state and dot1x port-control command 1-11
authorized and unauthorized 1-10
voice VLAN 1-28
port security
described 1-28
readiness check
configuring 1-41
described 1-15, 1-41
resetting to default values 1-76
stack changes, effects of 1-11
statistics, displaying 1-76
switch
as proxy 1-3, 1-2
RADIUS client 1-3
switch supplicant
configuring 1-69
overview 1-33
user distribution
guidelines 1-27
overview 1-27
VLAN assignment
AAA authorization 1-44
characteristics 1-16
configuration tasks 1-17
described 1-16
voice aware 802.1x security
configuring 1-42
described 1-34, 1-42
voice VLAN
described 1-28
PVID 1-28
VVID 1-28
wake-on-LAN, described 1-28
port-based authentication methods, supported 1-8
port blocking 1-5, 1-7
port-channel
See EtherChannel
port description TLV 1-2
Port Fast
described 1-2
enabling 1-12
mode, spanning tree 1-27
support for 1-9
port membership modes, VLAN 1-3
port priority
MSTP 1-20
STP 1-19
ports
10-Gigabit Ethernet 1-7
access 1-3
blocking 1-7
dynamic access 1-3
protected 1-6
REP 1-6
routed 1-4
secure 1-9
static-access 1-3, 1-9
switch 1-3
trunks 1-3, 1-15
VLAN assignments 1-9
port security
aging 1-17
and other features 1-11
and private VLANs 1-18
and QoS trusted boundary 1-45
and stacking 1-18
configuration guidelines 1-11
configuring 1-13
default configuration 1-11
described 1-8
on trunk ports 1-14
sticky learning 1-9
violations 1-10
port-shutdown response, VMPS 1-26
port VLAN ID TLV 1-2
power inline consumption command 1-14
power management TLV 1-3
Power over Ethernet
See PoE
power supply
configuring 1-46
managing 1-46
preempt delay time, REP 1-5
preemption, default configuration 1-8
preemption delay, default configuration 1-8
preferential treatment of traffic
See QoS
prefix lists, BGP 1-58
preventing unauthorized access 1-1
primary edge port, REP 1-4
primary interface for object tracking, DHCP, configuring 1-11
primary interface for static routing, configuring 1-10
primary links 1-2
primary VLANs 1-1, 1-3
priority
HSRP 1-8
overriding CoS 1-6
trusting CoS 1-6
private VLAN edge ports
See protected ports
private VLANs
across multiple switches 1-4
and SDM template 1-4
and SVIs 1-5
and switch stacks 1-5
benefits of 1-1
community ports 1-2
community VLANs 1-2, 1-3
configuration guidelines 1-7, 1-8
configuration tasks 1-6
configuring 1-10
default configuration 1-6
end station access to 1-3
IP addressing 1-3
isolated port 1-2
isolated VLANs 1-2, 1-3
mapping 1-13
monitoring 1-15
ports
community 1-2
configuration guidelines 1-8
configuring host ports 1-11
configuring promiscuous ports 1-13
isolated 1-2
promiscuous 1-2
primary VLANs 1-1, 1-3
promiscuous ports 1-2
secondary VLANs 1-2
subdomains 1-1
traffic in 1-5
privilege levels
changing the default for lines 1-9
command switch 1-17
exiting 1-9
logging into 1-9
mapping on member switches 1-17
overview 1-2, 1-7
setting a command with 1-8
promiscuous ports
configuring 1-13
defined 1-2
protected ports 1-11, 1-6
protocol-dependent modules, EIGRP 1-38
Protocol-Independent Multicast Protocol
See PIM
protocol storm protection 1-19
provider edge devices 1-77
provisioning new members for a switch stack 1-8
proxy ARP
configuring 1-12
definition 1-10
with IP routing disabled 1-13
proxy reports 1-3
pruning, VTP
disabling
in VTP domain 1-16
on a port 1-21
enabling
in VTP domain 1-16
on a port 1-21
examples 1-7
overview 1-6
pruning-eligible list
changing 1-21
for VTP pruning 1-6
VLANs 1-16
PVST+
described 1-10
IEEE 802.1Q trunking interoperability 1-12
instances supported 1-10
Q
QoS
and MQC commands 1-1
auto-QoS
categorizing traffic 1-24
configuration and defaults display 1-36
configuration guidelines 1-33
described 1-23
disabling 1-35
displaying generated commands 1-35
displaying the initial configuration 1-36
effects on running configuration 1-33
egress queue defaults 1-25
list of generated commands 1-26
basic model 1-4
classification
class maps, described 1-8
defined 1-4
DSCP transparency, described 1-46
flowchart 1-7
forwarding treatment 1-3
in frames and packets 1-3
IP ACLs, described 1-7, 1-8
MAC ACLs, described 1-5, 1-8
options for IP traffic 1-6
options for non-IP traffic 1-5
policy maps, described 1-8
trust DSCP, described 1-5
trusted CoS, described 1-5
trust IP precedence, described 1-5
class maps
configuring 1-54
configuration guidelines
auto-QoS 1-33
standard QoS 1-39
configuring
aggregate policers 1-71
auto-QoS 1-23
default port CoS value 1-44
DSCP maps 1-73
DSCP transparency 1-46
DSCP trust states bordering another domain 1-47
egress queue characteristics 1-83
ingress queue characteristics 1-79
IP extended ACLs 1-50
IP standard ACLs 1-49
MAC ACLs 1-53
policy maps, hierarchical 1-63
policy maps on physical ports 1-58
port trust states within the domain 1-43
trusted boundary 1-45
default auto configuration 1-24
default standard configuration 1-37
DSCP transparency 1-46
egress queues
allocating buffer space 1-84
buffer allocation scheme, described 1-20
configuring shaped weights for SRR 1-88
configuring shared weights for SRR 1-89
described 1-4
displaying the threshold map 1-87
flowchart 1-19
mapping DSCP or CoS values 1-86
scheduling, described 1-4
setting WTD thresholds 1-84
WTD, described 1-22
enabling globally 1-42
flowcharts
classification 1-7
egress queueing and scheduling 1-19
ingress queueing and scheduling 1-16
policing and marking 1-11
implicit deny 1-8
ingress queues
allocating bandwidth 1-81
allocating buffer space 1-81
buffer and bandwidth allocation, described 1-18
configuring shared weights for SRR 1-81
configuring the priority queue 1-82
described 1-4
displaying the threshold map 1-80
flowchart 1-16
mapping DSCP or CoS values 1-80
priority queue, described 1-18
scheduling, described 1-4
setting WTD thresholds 1-80
WTD, described 1-18
IP phones
automatic classification and queueing 1-23
detection and trusted settings 1-23, 1-45
limiting bandwidth on egress interface 1-90
mapping tables
CoS-to-DSCP 1-73
DSCP-to-CoS 1-76
DSCP-to-DSCP-mutation 1-77
IP-precedence-to-DSCP 1-74
policed-DSCP 1-75
types of 1-13
marked-down actions 1-61
marking, described 1-4, 1-9
overview 1-2
packet modification 1-22
policers
configuring 1-61, 1-71
described 1-9
number of 1-41
types of 1-10
policies, attaching to an interface 1-9
policing
described 1-4, 1-9
token bucket algorithm 1-10
policy maps
characteristics of 1-59
hierarchical 1-9
hierarchical on SVIs 1-63
nonhierarchical on physical ports 1-58
QoS label, defined 1-4
queues
configuring egress characteristics 1-83
configuring ingress characteristics 1-79
high priority (expedite) 1-22, 1-89
location of 1-14
SRR, described 1-15
WTD, described 1-15
rewrites 1-22
support for 1-15
trust states
bordering another domain 1-47
described 1-5
trusted device 1-45
within the domain 1-43
quality of service
See QoS
queries, IGMP 1-4
query solicitation, IGMP 1-13
R
RADIUS
attributes
vendor-proprietary 1-36
vendor-specific 1-35
configuring
accounting 1-34
authentication 1-29
authorization 1-33
communication, global 1-27, 1-35
communication, per-server 1-27
multiple UDP ports 1-27
default configuration 1-27
defining AAA server groups 1-31
displaying the configuration 1-39
identifying the server 1-27
in clusters 1-16
limiting the services to the user 1-33
method list, defined 1-26
operation of 1-19
overview 1-18
server load balancing 1-39
suggested network environments 1-18
support for 1-13
tracking services accessed by user 1-34
RADIUS Change of Authorization 1-20
range
macro 1-24
of interfaces 1-22
rapid convergence 1-10
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
described 1-10
IEEE 802.1Q trunking interoperability 1-12
instances supported 1-10
Rapid Spanning Tree Protocol
See RSTP
RARP 1-10
rcommand command 1-16
RCP
configuration files
downloading 1-18
overview 1-17
preparing the server 1-17
uploading 1-19
image files
deleting old image 1-38
downloading 1-37
preparing the server 1-36
uploading 1-38
reachability, tracking IP SLAs IP host 1-9
readiness check
port-based authentication
configuring 1-41
described 1-15, 1-41
reconfirmation interval, VMPS, changing 1-29
reconfirming dynamic VLAN membership 1-29
redirect URL 1-18, 1-20, 1-71
redundancy
EtherChannel 1-3
HSRP 1-1
STP
backbone 1-9
multidrop backbone 1-5
path cost 1-24
port priority 1-22
redundant links and UplinkFast 1-15
redundant power system
See Cisco Redundant Power System 2300
reliable transport protocol, EIGRP 1-38
reloading software 1-23
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
remote SPAN 1-3
REP
administrative VLAN 1-8
administrative VLAN, configuring 1-8
age timer 1-8
and STP 1-6
configuration guidelines 1-7
configuring interfaces 1-9
convergence 1-4
default configuration 1-7
manual preemption, configuring 1-12
monitoring 1-13
neighbor offset numbers 1-4
open segment 1-2
ports 1-6
preempt delay time 1-5
primary edge port 1-4
ring segment 1-2
secondary edge port 1-4
segments 1-1
characteristics 1-2
SNMP traps, configuring 1-13
supported interfaces 1-1
triggering VLAN load balancing 1-5
verifying link integrity 1-3
VLAN blocking 1-12
VLAN load balancing 1-4
report suppression, IGMP
described 1-6
disabling 1-16, 1-11
resequencing ACL entries 1-16
reserved addresses in DHCP pools 1-28
resets, in BGP 1-52
resetting a UDLD-shutdown interface 1-6
Resilient Ethernet Protocol
See REP
responder, IP SLAs
described 1-4
enabling 1-7
response time, measuring with IP SLAs 1-4
restricted VLAN
configuring 1-62
described 1-22
using with IEEE 802.1x 1-22
restricting access
overview 1-1
passwords and privilege levels 1-2
RADIUS 1-17
TACACS+ 1-10
retry count, VMPS, changing 1-30
reverse address resolution 1-10
Reverse Address Resolution Protocol
See RARP
RFC
1058, RIP 1-20
1112, IP multicast and IGMP 1-2
1157, SNMPv1 1-2
1163, BGP 1-45
1166, IP addresses 1-7
1253, OSPF 1-27
1267, BGP 1-45
1305, NTP 1-2
1587, NSSAs 1-27
1757, RMON 1-2
1771, BGP 1-45
1901, SNMPv2C 1-2
1902 to 1907, SNMPv2 1-2
2236, IP multicast and IGMP 1-2
2273-2275, SNMPv3 1-2
RFC 5176 Compliance 1-21
RIP
advertisements 1-21
authentication 1-23
configuring 1-22
default configuration 1-21
described 1-21
for IPv6 1-11
hop counts 1-21
split horizon 1-24
summary addresses 1-24
support for 1-16
RMON
default configuration 1-3
displaying status 1-6
enabling alarms and events 1-3
groups supported 1-2
overview 1-1
statistics
collecting group Ethernet 1-5
collecting group history 1-5
support for 1-18
root guard
described 1-10
enabling 1-18
support for 1-9
root switch
MSTP 1-18
STP 1-17
route calculation timers, OSPF 1-35
route dampening, BGP 1-64
routed packets, ACLs on 1-43
routed ports
configuring 1-5
defined 1-4
in switch clusters 1-8
IP addresses on 1-41, 1-5
route-map command 1-102
route maps
BGP 1-56
policy-based routing 1-100
router ACLs
defined 1-3
types of 1-5
route reflectors, BGP 1-63
router ID, OSPF 1-36
route selection, BGP 1-54
route summarization, OSPF 1-34
route targets, VPN 1-79
routing
default 1-3
dynamic 1-3
redistribution of information 1-96
static 1-3
routing domain confederation, BGP 1-63
Routing Information Protocol
See RIP
routing protocol administrative distances 1-94
RPS
See Cisco Redundant Power System 2300
RPS 2300
See Cisco Redundant Power System 2300
RSPAN 1-3
and stack changes 1-10
characteristics 1-9
configuration guidelines 1-17
default configuration 1-12
destination ports 1-8
displaying status 1-28
in a switch stack 1-3
interaction with other features 1-9
monitored ports 1-7
monitoring ports 1-8
overview 1-18, 1-1
received traffic 1-6
session limits 1-12
sessions
creating 1-18
defined 1-4
limiting source traffic to specific VLANs 1-20
specifying monitored ports 1-18
with ingress traffic enabled 1-22
source ports 1-7
transmitted traffic 1-6
VLAN-based 1-7
RSTP
active topology 1-9
BPDU
format 1-12
processing 1-13
designated port, defined 1-9
designated switch, defined 1-9
interoperability with IEEE 802.1D
described 1-8
restarting migration process 1-26
topology changes 1-13
overview 1-9
port roles
described 1-9
synchronized 1-11
proposal-agreement handshake process 1-10
rapid convergence
cross-stack rapid convergence 1-11
described 1-10
edge ports and Port Fast 1-10
point-to-point links 1-10, 1-25
root ports 1-10
root port, defined 1-9
See also MSTP
running configuration
replacing 1-20, 1-21
rolling back 1-20, 1-22
saving 1-16
S
SAP
defined 1-9
negotiation 1-9
support 1-1
SC (standby command switch) 1-10
scheduled reloads 1-23
scheduling, IP SLAs operations 1-5
SCP
and SSH 1-55
configuring 1-55
SDM
described 1-1
switch stack consideration 1-11
templates
configuring 1-6
number of 1-1
SDM template
configuring 1-5
dual IPv4 and IPv6 1-3
types of 1-1
secondary edge port, REP 1-4
secondary VLANs 1-2
Secure Copy Protocol
secure HTTP client
configuring 1-54
displaying 1-54
secure HTTP server
configuring 1-52
displaying 1-54
secure MAC addresses
and switch stacks 1-18
deleting 1-16
maximum number of 1-10
types of 1-9
secure ports
and switch stacks 1-18
configuring 1-9
secure remote connections 1-44
Secure Shell
See SSH
Secure Socket Layer
See SSL
security, port 1-8
Security Exchange Protocol
See SXP
Security Exchange Protocol
See SAP
Security Exchange Protocol (SXP) 1-2
security features 1-10
Security Group Access Control List (SGACL) 1-2
Security Group Tag (SGT) 1-2
See SCP
sequence numbers in log messages 1-8
server mode, VTP 1-3
service-provider network, MSTP and RSTP 1-1
service-provider networks
and customer VLANs 1-2
and IEEE 802.1Q tunneling 1-1
Layer 2 protocols across 1-8
Layer 2 protocol tunneling for EtherChannels 1-10
session keys, MKA 1-2
set-request operation 1-4
setup program
failed command switch replacement 1-11
replacing failed command switch 1-9
severity levels, defining in system messages 1-9
SFPs
monitoring status of 1-14
numbering of 1-21
security and identification 1-14
status, displaying 1-14
SGACL 1-2
SGT 1-2
shaped round robin
See SRR
show access-lists hw-summary command 1-23
show and more command output, filtering 1-9
show cluster members command 1-16
show configuration command 1-39
show forward command 1-22
show interfaces command 1-33, 1-39
show interfaces switchport 1-4
show l2protocol command 1-14, 1-16, 1-17
show platform forward command 1-22
show running-config command
displaying ACLs 1-34, 1-36
interface description in 1-39
shutdown command on interfaces 1-53
shutdown threshold for Layer 2 protocol packets 1-12
Simple Network Management Protocol
See SNMP
single session ID 1-35
small form-factor pluggable modules
See SFPs
small-frame arrival rate, configuring 1-5
smart logging 1-1, 1-14
SNAP 1-1
SNMP
accessing MIB variables with 1-4
agent
described 1-4
disabling 1-7
and IP SLAs 1-2
authentication level 1-10
community strings
configuring 1-8
for cluster switches 1-4
overview 1-4
configuration examples 1-17
default configuration 1-6
engine ID 1-7
groups 1-7, 1-9
host 1-7
ifIndex values 1-5
in-band management 1-8
in clusters 1-14
informs
and trap keyword 1-12
described 1-5
differences from traps 1-5
disabling 1-15
enabling 1-15
limiting access by TFTP servers 1-17
limiting system log messages to NMS 1-10
manager functions 1-6, 1-3
managing clusters with 1-17
notifications 1-5
overview 1-1, 1-4
security levels 1-3
setting CPU threshold notification 1-16
status, displaying 1-19
system contact and location 1-16
trap manager, configuring 1-14
traps
described 1-5
differences from informs 1-5
disabling 1-15
enabling 1-12
enabling MAC address notification 1-15, 1-17, 1-18
overview 1-1, 1-4
types of 1-12
users 1-7, 1-9
versions supported 1-2
SNMP and Syslog Over IPv6 1-13
SNMP traps
REP 1-13
SNMPv1 1-2
SNMPv2C 1-2
SNMPv3 1-2
snooping, IGMP 1-2
software compatibility
See stacks, switch
software images
location in flash 1-26
recovery procedures 1-2
scheduling reloads 1-24
tar file format, described 1-26
See also downloading and uploading
software images in mixed stacks
See the Cisco Software Activation and Compatibility Document
source-and-destination-IP address based forwarding, EtherChannel 1-9
source-and-destination MAC address forwarding, EtherChannel 1-9
source-IP address based forwarding, EtherChannel 1-9
source-MAC address forwarding, EtherChannel 1-8
Source-specific multicast
See SSM
SPAN
and stack changes 1-10
configuration guidelines 1-12
default configuration 1-12
destination ports 1-8
displaying status 1-28
interaction with other features 1-9
monitored ports 1-7
monitoring ports 1-8
overview 1-18, 1-1
ports, restrictions 1-12
received traffic 1-6
session limits 1-12
sessions
configuring ingress forwarding 1-16, 1-23
creating 1-13, 1-25
defined 1-4
limiting source traffic to specific VLANs 1-16
removing destination (monitoring) ports 1-14
specifying monitored ports 1-13, 1-25
with ingress traffic enabled 1-15
source ports 1-7
transmitted traffic 1-6
VLAN-based 1-7
spanning tree and native VLANs 1-17
Spanning Tree Protocol
See STP
SPAN traffic 1-6
split horizon, RIP 1-24
SRR
configuring
shaped weights on egress queues 1-88
shared weights on egress queues 1-89
shared weights on ingress queues 1-81
described 1-15
shaped mode 1-15
shared mode 1-16
support for 1-15, 1-16
SSH
configuring 1-45
described 1-8, 1-44
encryption methods 1-45
switch stack considerations 1-18
user authentication methods, supported 1-45
SSL
configuration guidelines 1-51
configuring a secure HTTP client 1-54
configuring a secure HTTP server 1-52
described 1-48
monitoring 1-54
SSM
address management restrictions 1-16
CGMP limitations 1-16
components 1-14
configuration guidelines 1-16
configuring 1-14, 1-17
differs from Internet standard multicast 1-14
IGMP snooping 1-16
IGMPv3 1-14
IGMPv3 Host Signalling 1-15
IP address range 1-15
monitoring 1-17
operations 1-15
PIM 1-14
state maintenance limitations 1-16
SSM mapping 1-17
configuration guidelines 1-17
configuring 1-17, 1-19
DNS-based 1-18, 1-20
monitoring 1-22
overview 1-18
restrictions 1-18
static 1-18, 1-20
static traffic forwarding 1-21
stack changes
effects on
IPv6 routing 1-15
stack changes, effects on
ACL configuration 1-7
CDP 1-2
cross-stack EtherChannel 1-13
EtherChannel 1-10
fallback bridging 1-3
HSRP 1-5
IEEE 802.1x port-based authentication 1-11
IGMP snooping 1-7
IP routing 1-4
IPv6 ACLs 1-3
MAC address tables 1-14
MSTP 1-8
multicast routing 1-10
MVR 1-18
port security 1-18
SDM template selection 1-4
SNMP 1-1
SPAN and RSPAN 1-10
STP 1-12
switch clusters 1-14
system message log 1-2
VLANs 1-6
VTP 1-8
stacking
and MACsec 1-3
stack master
bridge ID (MAC address) 1-7
defined 1-2
election 1-6
IPv6 1-15
re-election 1-6
See also stacks, switch
stack member
accessing CLI of specific member 1-30
configuring
member number 1-26
priority value 1-26
defined 1-2
displaying information of 1-30
IPv6 1-15
number 1-7
priority value 1-8
provisioning a new member 1-27
replacing 1-16
See also stacks, switch
stack member number 1-20
stack protocol version 1-12
stacks, switch
accessing CLI of specific member 1-30
assigning information
member number 1-26
priority value 1-26
provisioning a new member 1-27
auto-advise 1-13
auto-copy 1-13
auto-extract 1-13
auto-upgrade 1-12
bridge ID 1-7
Catalyst 3750-X-only 1-2
CDP considerations 1-2
compatibility, software 1-11
configuration file 1-16
configuration scenarios 1-19
copying an image file from one member to another 1-39
default configuration 1-24
description of 1-2
displaying information of 1-30
enabling persistent MAC address timer 1-24
hardware compatibility and SDM mismatch mode 1-11
HSRP considerations 1-5
in clusters 1-14
incompatible software and image upgrades 1-15, 1-39
IPv6 on 1-15
MAC address considerations 1-14
MAC address of 1-24
management connectivity 1-17
managing 1-1
managing mixed
See Catalyst 3750-E and 3750 Switch Stacking Compatibility Guide
membership 1-4
merged 1-5
mixed
hardware 1-2
hardware and software 1-2
software 1-2
with Catalyst 3750-E and 3750 switches 1-2
mixed software images
See Cisco Software Activation and Compatibility Document
MSTP instances supported 1-10
multicast routing, stack master and member roles 1-10
offline configuration
described 1-8
effects of adding a provisioned switch 1-9
effects of removing a provisioned switch 1-11
effects of replacing a provisioned switch 1-11
provisioned configuration, defined 1-8
provisioned switch, defined 1-8
provisioning a new member 1-27
partitioned 1-5, 1-8
provisioned switch
adding 1-9
removing 1-11
replacing 1-11
replacing a failed member 1-16
software compatibility 1-11
software image version 1-11
stack protocol version 1-12
STP
bridge ID 1-3
instances supported 1-10
root port selection 1-3
stack root switch election 1-3
system messages
hostnames in the display 1-1
remotely monitoring 1-2
system prompt consideration 1-7
system-wide configuration considerations 1-16
upgrading 1-39
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 1-12
described 1-12
examples 1-13
manual upgrades with auto-advise 1-13
upgrades with auto-extract 1-13
See also stack master and stack member
StackWise Plus technology, Cisco 1-3
See also stacks, switch
standby command switch
configuring
considerations 1-11
defined 1-2
priority 1-10
requirements 1-3
virtual IP address 1-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 1-6
standby links 1-2
standby router 1-2
standby timers, HSRP 1-10
startup configuration
booting
manually 1-19
specific image 1-20
clearing 1-20
configuration file
automatically downloading 1-18
specifying the filename 1-19
default boot configuration 1-18
static access ports
assigning to VLAN 1-9
defined 1-3
static addresses
See addresses
static IP routing 1-16
static MAC addressing 1-11
static route primary interface, configuring 1-10
static routes
configuring 1-94
understanding 1-11
static routing 1-3
static routing support, enhanced object tracking 1-10
static SSM mapping 1-18, 1-20
static traffic forwarding 1-21
static VLAN membership 1-2
statistics
802.1X 1-17
CDP 1-5
IEEE 802.1x 1-76
interface 1-52
IP multicast routing 1-63
MKA 1-5
OSPF 1-37
RMON group Ethernet 1-5
RMON group history 1-5
SNMP input and output 1-19
VTP 1-18
sticky learning 1-9
storm control
configuring 1-3
described 1-1
disabling 1-5
support for 1-5
thresholds 1-1
STP
accelerating root port selection 1-4
and REP 1-6
BackboneFast
described 1-7
disabling 1-17
enabling 1-16
BPDU filtering
described 1-3
disabling 1-15
enabling 1-14
BPDU guard
described 1-2
disabling 1-14
enabling 1-13
BPDU message exchange 1-3
configuration guidelines 1-14, 1-12
configuring
forward-delay time 1-24
hello time 1-23
maximum aging time 1-24
path cost 1-21
port priority 1-19
root switch 1-17
secondary root switch 1-18
spanning-tree mode 1-15
switch priority 1-22
transmit hold-count 1-25
counters, clearing 1-25
cross-stack UplinkFast
described 1-5
enabling 1-16
default configuration 1-13
default optional feature configuration 1-12
designated port, defined 1-4
designated switch, defined 1-4
detecting indirect link failures 1-8
disabling 1-16
displaying status 1-25
EtherChannel guard
described 1-10
disabling 1-17
enabling 1-17
extended system ID
effects on root switch 1-17
effects on the secondary root switch 1-18
overview 1-5
unexpected behavior 1-17
features supported 1-9
IEEE 802.1D and bridge ID 1-5
IEEE 802.1D and multicast addresses 1-9
IEEE 802.1t and VLAN identifier 1-5
inferior BPDU 1-3
instances supported 1-10
interface state, blocking to forwarding 1-2
interface states
blocking 1-6
disabled 1-8
forwarding 1-6, 1-7
learning 1-7
listening 1-7
overview 1-5
interoperability and compatibility among modes 1-11
keepalive messages 1-2
Layer 2 protocol tunneling 1-8
limitations with IEEE 802.1Q trunks 1-12
load sharing
overview 1-22
using path costs 1-24
using port priorities 1-22
loop guard
described 1-11
enabling 1-18
modes supported 1-10
multicast addresses, effect of 1-9
optional features supported 1-9
overview 1-2
path costs 1-24, 1-25
Port Fast
described 1-2
enabling 1-12
port priorities 1-23
preventing root switch selection 1-10
protocols supported 1-10
redundant connectivity 1-9
root guard
described 1-10
enabling 1-18
root port, defined 1-3
root port selection on a switch stack 1-3
root switch
configuring 1-17
effects of extended system ID 1-5, 1-17
election 1-3
unexpected behavior 1-17
shutdown Port Fast-enabled port 1-2
stack changes, effects of 1-12
status, displaying 1-25
superior BPDU 1-3
timers, described 1-23
UplinkFast
described 1-3
enabling 1-15
VLAN-bridge 1-12
stratum, NTP 1-2
stub areas, OSPF 1-33
stub routing, EIGRP 1-44
subdomains, private VLAN 1-1
subnet mask 1-7
subnet zero 1-8
success response, VMPS 1-26
summer time 1-6
SunNet Manager 1-6
supernet 1-8
supported port-based authentication methods 1-8
SVI autostate exclude
configuring 1-42
defined 1-6
SVI link state 1-6
SVIs
and IP unicast routing 1-5
and router ACLs 1-5
connecting VLANs 1-15
defined 1-5
routing between VLANs 1-2
switch 1-2
switch clustering technology 1-1
See also clusters, switch
switch console port 1-8
Switch Database Management
See SDM
switched packets, ACLs on 1-41
Switched Port Analyzer
See SPAN
switched ports 1-3
switchport backup interface 1-4, 1-5
switchport block multicast command 1-8
switchport block unicast command 1-8
switchport command 1-30
switchport mode dot1q-tunnel command 1-7
switchport protected command 1-7
switch priority
MSTP 1-22
STP 1-22
switch software features 1-1
switch virtual interface
See SVI
SXP 1-2
synchronization, BGP 1-50
syslog
See system message logging
system capabilities TLV 1-2
system clock
configuring
daylight saving time 1-6
manually 1-4
summer time 1-6
time zones 1-5
displaying the time and date 1-5
overview 1-2
See also NTP
system description TLV 1-2
system message logging
default configuration 1-4
defining error message severity levels 1-9
disabling 1-4
displaying the configuration 1-17
enabling 1-5
facility keywords, described 1-14
level keywords, described 1-10
limiting messages 1-10
message format 1-2
overview 1-1
sequence numbers, enabling and disabling 1-8
setting the display destination device 1-5
stack changes, effects of 1-2
synchronizing log messages 1-6
syslog facility 1-18
time stamps, enabling and disabling 1-8
UNIX syslog servers
configuring the daemon 1-12
configuring the logging facility 1-13
facilities supported 1-14
system MTU
and IS-IS LSPs 1-71
system MTU and IEEE 802.1Q tunneling 1-5
system name
default configuration 1-8
default setting 1-8
manual configuration 1-8
See also DNS
system name TLV 1-2
system prompt, default setting 1-7, 1-8
system resources, optimizing 1-1
system routing
IS-IS 1-67
ISO IGRP 1-67
T
TACACS+
accounting, defined 1-11
authentication, defined 1-11
authorization, defined 1-11
configuring
accounting 1-17
authentication key 1-13
authorization 1-16
login authentication 1-14
default configuration 1-13
displaying the configuration 1-17
identifying the server 1-13
in clusters 1-16
limiting the services to the user 1-16
operation of 1-12
overview 1-10
support for 1-13
tracking services accessed by user 1-17
tagged packets
IEEE 802.1Q 1-3
Layer 2 protocol 1-8
tar files
creating 1-7
displaying the contents of 1-7
extracting 1-8
image file format 1-26
TCL script, registering and defining with embedded event manager 1-7
TDR 1-18
Telnet
accessing management interfaces 1-10
number of connections 1-8
setting a password 1-6
templates, SDM 1-2
temporary self-signed certificate 1-49
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 1-6
ternary content addressable memory 1-26
TFTP
configuration files
downloading 1-12
preparing the server 1-11
uploading 1-13
configuration files in base directory 1-8
configuring for autoconfiguration 1-7
image files
deleting 1-30
downloading 1-28
preparing the server 1-28
uploading 1-30
limiting access by servers 1-17
TFTP server 1-7
threshold, traffic level 1-2
threshold monitoring, IP SLAs 1-6
time
See NTP and system clock
Time Domain Reflector
See TDR
time-range command 1-18
time ranges in ACLs 1-18
time stamps in log messages 1-8
time zones 1-5
TLVs
defined 1-2
LLDP 1-2
LLDP-MED 1-2
Token Ring VLANs
support for 1-5
VTP support 1-5
ToS 1-15
traceroute, Layer 2
and ARP 1-17
and CDP 1-17
broadcast traffic 1-16
described 1-16
IP addresses and subnets 1-17
MAC addresses and VLANs 1-17
multicast traffic 1-17
multiple devices on a port 1-17
unicast traffic 1-16
usage guidelines 1-17
traceroute command
See also IP traceroute
tracked lists
configuring 1-3
types 1-3
tracked objects
by Boolean expression 1-4
by threshold percentage 1-6
by threshold weight 1-5
tracking interface line-protocol state 1-2
tracking IP routing state 1-2
tracking objects 1-1
tracking process 1-1
track state, tracking IP SLAs 1-9
traffic
blocking flooded 1-8
fragmented 1-6
fragmented IPv6 1-2
unfragmented 1-6
traffic policing 1-15
traffic suppression 1-1
transmit hold-count
see STP
transparent mode, VTP 1-4
trap-door mechanism 1-2
traps
configuring MAC address notification 1-15, 1-17, 1-18
configuring managers 1-12
enabling 1-15, 1-17, 1-18, 1-12
notification types 1-12
overview 1-1, 1-4
troubleshooting
connectivity problems 1-15, 1-16, 1-18
CPU utilization 1-29
detecting unidirectional links 1-1
displaying crash information 1-24
PIMv1 and PIMv2 interoperability problems 1-35
setting packet forwarding 1-22
SFP security and identification 1-14
show forward command 1-22
with CiscoWorks 1-4
with debug commands 1-20
with ping 1-15
with system message logging 1-1
with traceroute 1-18
trunk failover
See link-state tracking
trunking encapsulation 1-10
trunk ports
configuring 1-18
defined 1-4, 1-3
encapsulation 1-19, 1-23
trunks
allowed-VLAN list 1-19
configuring 1-19, 1-23
ISL 1-15
load sharing
setting STP path costs 1-24
using STP port priorities 1-22, 1-23
native VLAN for untagged traffic 1-21
parallel 1-24
pruning-eligible list 1-21
to non-DTP device 1-15
trusted boundary for QoS 1-45
trusted port states
between QoS domains 1-47
classification options 1-5
ensuring port security for IP phones 1-45
support for 1-15
within a QoS domain 1-43
trustpoints, CA 1-49
tunneling
defined 1-1
IEEE 802.1Q 1-1
Layer 2 protocol 1-8
tunnel ports
described 1-4, 1-2
IEEE 802.1Q, configuring 1-7
incompatibilities with other features 1-6
twisted-pair Ethernet, detecting unidirectional links 1-1
type of service
See ToS
U
UDLD
configuration guidelines 1-4
default configuration 1-4
disabling
globally 1-5
on fiber-optic interfaces 1-5
per interface 1-6
echoing detection mechanism 1-3
enabling
globally 1-5
per interface 1-6
Layer 2 protocol tunneling 1-11
link-detection mechanism 1-1
neighbor database 1-2
overview 1-1
resetting an interface 1-6
status, displaying 1-7
support for 1-9
UDP, configuring 1-16
UDP jitter, configuring 1-9
UDP jitter operation, IP SLAs 1-8
unauthorized ports with IEEE 802.1x 1-10
unicast MAC address filtering 1-7
and adding static addresses 1-21
and broadcast MAC addresses 1-21
and CPU packets 1-21
and multicast addresses 1-21
and router MAC addresses 1-21
configuration guidelines 1-21
described 1-21
unicast storm 1-1
unicast storm control command 1-4
unicast traffic, blocking 1-8
UniDirectional Link Detection protocol
See UDLD
universal software image 1-1
feature set
IP base 1-1, 1-2
IP services 1-2
UNIX syslog servers
daemon configuration 1-12
facilities supported 1-14
message logging configuration 1-13
unrecognized Type-Length-Value (TLV) support 1-5
upgrading software images
See downloading
UplinkFast
described 1-3
disabling 1-16
enabling 1-15
support for 1-9
uploading
configuration files
preparing 1-11, 1-14, 1-17
reasons for 1-9
using FTP 1-16
using RCP 1-19
using TFTP 1-13
image files
preparing 1-28, 1-31, 1-36
reasons for 1-25
using FTP 1-34
using RCP 1-38
using TFTP 1-30
USB flash devices 1-18
USB inactivity timer 1-17
USB port
mini-type B 1-16
USB ports 1-16
USB Type A port 1-8
USB type A port 1-18
User Datagram Protocol
See UDP
username-based authentication 1-6
Using Memory Consistency Check Routines 1-26
V
VACLs
logging
configuration example 1-40
version-dependent transparent mode 1-5
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 1-12
described 1-12
displaying 1-12
manual upgrades with auto-advise 1-13
upgrades with auto-extract 1-13
virtual IP address
cluster standby group 1-11
command switch 1-11
virtual ports, MKA 1-3
Virtual Private Network
See VPN
virtual router 1-1, 1-2
virtual switches and PAgP 1-6
vlan.dat file 1-4
VLAN 1
disabling on a trunk port 1-20
minimization 1-20
VLAN ACLs
See VLAN maps
vlan-assignment response, VMPS 1-26
VLAN blocking, REP 1-12
VLAN configuration
at bootup 1-7
saving 1-7
VLAN database
and startup configuration file 1-7
and VTP 1-1
VLAN configuration saved in 1-7
VLANs saved in 1-4
vlan dot1q tag native command 1-5
VLAN filtering and SPAN 1-8
vlan global configuration command 1-6
VLAN ID, discovering 1-24
VLAN link state 1-6
VLAN load balancing
REP 1-4
VLAN load balancing, triggering 1-5
VLAN load balancing on flex links
configuration guidelines 1-8
described 1-2
VLAN management domain 1-2
VLAN Management Policy Server
See VMPS
VLAN map entries, order of 1-33
VLAN maps
applying 1-36
common uses for 1-36
configuration guidelines 1-33
configuring 1-32
creating 1-34
defined 1-3
denying access to a server example 1-38
denying and permitting packets 1-34
displaying 1-45
examples of ACLs and VLAN maps 1-34
removing 1-36
support for 1-11
wiring closet configuration example 1-37
VLAN membership
confirming 1-29
modes 1-3
VLAN Query Protocol
See VQP
VLANs
adding 1-8
adding to VLAN database 1-8
aging dynamic addresses 1-9
allowed on trunk 1-19
and spanning-tree instances 1-3, 1-6, 1-11
configuration guidelines, extended-range VLANs 1-11
configuration guidelines, normal-range VLANs 1-5
configuring 1-1
configuring IDs 1006 to 4094 1-11
connecting through SVIs 1-15
customer numbering in service-provider networks 1-3
default configuration 1-7
deleting 1-9
described 1-2, 1-1
displaying 1-14
extended-range 1-1, 1-10
features 1-10
illustrated 1-2
internal 1-11
in the switch stack 1-6
limiting source traffic with RSPAN 1-20
limiting source traffic with SPAN 1-16
modifying 1-8
multicast 1-17
native, configuring 1-21
normal-range 1-1, 1-4
number supported 1-10
parameters 1-4
port membership modes 1-3
static-access ports 1-9
STP and IEEE 802.1Q trunks 1-12
supported 1-2
Token Ring 1-5
traffic between 1-2
VLAN-bridge STP 1-12, 1-2
VTP modes 1-3
VLAN Trunking Protocol
See VTP
VLAN trunks 1-15
VMPS
administering 1-30
configuration example 1-31
configuration guidelines 1-27
default configuration 1-27
description 1-26
dynamic port membership
described 1-27
reconfirming 1-29
troubleshooting 1-31
entering server address 1-28
mapping MAC addresses to VLANs 1-26
monitoring 1-30
reconfirmation interval, changing 1-29
reconfirming membership 1-29
retry count, changing 1-30
voice aware 802.1x security
port-based authentication
configuring 1-42
described 1-34, 1-42
voice-over-IP 1-1
voice VLAN
Cisco 7960 phone, port connections 1-1
configuration guidelines 1-3
configuring IP phones for data traffic
override CoS of incoming frame 1-6
trust CoS priority of incoming frame 1-6
configuring ports for voice traffic in
802.1p priority tagged frames 1-5
IEEE 802.1Q frames 1-5
connecting to an IP phone 1-4
default configuration 1-3
described 1-1
displaying 1-7
IP phone data traffic, described 1-2
IP phone voice traffic, described 1-2
VPN
configuring routing in 1-85
forwarding 1-79
in service provider networks 1-76
routes 1-77
VPN routing and forwarding table
See VRF
VQP 1-10, 1-26
VRF
defining 1-79
tables 1-76
VRF-aware services
ARP 1-81
configuring 1-81
ftp 1-84
HSRP 1-82
ping 1-82
RADIUS 1-83
SNMP 1-82
syslog 1-83
tftp 1-84
traceroute 1-84
uRPF 1-83
VRFs, configuring multicast 1-85
VTP
adding a client to a domain 1-17
advertisements 1-17, 1-4
and extended-range VLANs 1-2
and normal-range VLANs 1-2
client mode, configuring 1-13
configuration
requirements 1-11
saving 1-9
configuration requirements 1-11
configuration revision number
guideline 1-17
resetting 1-17
consistency checks 1-5
default configuration 1-9
described 1-1
domain names 1-9
domains 1-2
Layer 2 protocol tunneling 1-8
modes
client 1-3
off 1-4
server 1-3
transitions 1-3
transparent 1-4
monitoring 1-18
passwords 1-10
pruning
disabling 1-16
enabling 1-16
examples 1-7
overview 1-6
support for 1-10
pruning-eligible list, changing 1-21
server mode, configuring 1-11, 1-14
statistics 1-18
support for 1-10
Token Ring support 1-5
transparent mode, configuring 1-12
using 1-1
Version
enabling 1-15
version, guidelines 1-10
Version 1 1-5
Version 2
configuration guidelines 1-10
overview