- Index
- Preface
- Product Overview
- Command-Line Interfaces
- Configuring the Switch for the First Time
- Configuring Interfaces
- Checking Port Status and Connectivity
- Configuring Supervisor Engine Redundancy using RPR and SSO
- Environmental Monitoring and Power Management
- Configuring Power over Ethernet
- Managing a Network of Switches
- Understanding and Configuring VLANs
- Configuring Dynamic VLAN Membership
- Configuring Layer 2 Ethernet Interfaces
- Configuring SmartPort Macros
- Understanding and Configuring STP
- Configuring STP Features
- Understanding and Configuring Multiple Spanning Trees
- Understanding and Configuring EtherChannel
- Configuring IGMP Snooping and Filtering
- Configuring 802.1Q and Layer 2 Protocol Tunneling
- Understanding and Configuring CDP
- Configuring UDLD
- Configuring Unidirectional Ethernet
- Configuring Layer 3 Interfaces
- Configuring Cisco Express Forwarding
- Understanding and Configuring IP Multicast
- Configuring Policy-Based Routing
- Understanding and Configuring VTP
- Configuring VRF-lite
- Configuring QoS
- Configuring Voice Interfaces
- Understanding and Configuring 802.1X Port-Based Authentication
- Configuring Port Security
- Configuring DHCP Snooping and IP Source Guard
- Understanding and Configuring Dynamic ARP Inspection
- Configuring Network Security with ACLs
- Configuring Private VLANs
- Port Unicast and Multicast Flood Blocking
- Configuring Port-Based Traffic Control
- Configuring SPAN and RSPAN
- Configuring NetFlow Statistics Collection
- Acronyms
Index
Numerics
10/100 autonegotiation feature, forced4-7
802.10 SAID (default)10-4
802.1Q
trunks14-6
tunneling
compatibility with other features19-5
defaults19-4
described19-2
tunnel ports with other features19-6
802.1Q VLANs
encapsulation12-3
trunk restrictions12-5
802.1s
802.1w
802.1X
802.1X authentication
for guest VLANs31-6
RADIUS accounting31-7
with port security31-6
with VLAN assignment31-5
with voice VLAN ports31-10
802.3ad
A
abbreviating commands2-5
access control entries
access list filtering, SPAN enhancement39-13
access ports
and Layer 2 protocol tunneling19-9
configuring12-8
access VLANs12-6
accounting
configuring for 802.1X31-16
ACEs
ACLs35-2
Ethernet35-2
IP35-2
Layer 4 operation restrictions35-8
ACLs
ACEs35-2
and SPAN39-5
and TCAM programming35-6
applying on routed packets35-21
applying on switched packets35-20
compatibility on the same switch35-3
configuring with VLAN maps35-20
CPU impact35-9
hardware and software support35-5
IP, matching criteria for port ACLs35-4
MAC extended35-11
matching criteria for router ACLs35-3
port
and voice VLAN35-4
defined35-2
limitations35-4
processing35-9
types supported35-2
acronyms, list ofA-1
active queue management29-13
addresses
adjacency tables
description24-2
displaying statistics24-9
advertisements, VTP
alarms
major7-2
minor7-2
asymmetrical links, and 802.1Q tunneling19-4
audiencexxi
authentication
See also port-based authentication
authentication server
defined31-3
RADIUS server31-3
authorized and unauthorized ports31-4
authorized ports with 802.1X31-4
autoconfiguration3-2
automatic QoS
autonegotiation feature
forced 10/100Mbps4-7
Auto-QoS
configuring29-16
auto-sync command6-8
B
BackboneFast
adding a switch (figure)15-2
and MST16-2
configuring15-15
link failure (figure)15-7, 15-8
not supported MST16-2
understanding15-6
BGP1-8
routing session with multi-VRF CE28-6
blocking packets37-1
blocking state (STP)
RSTP comparisons (table)16-4
boot bootldr command3-24
boot command3-21
boot fields
See configuration register boot fields
boot system flash command3-21
Border Gateway Protocol
boundary ports
description16-6
BPDU Guard
and MST16-2
configuring15-12
overview15-4
BPDUs
and media speed14-2
pseudobridges and16-5
what they contain14-3
bridge ID
bridge priority (STP)14-16
bridge protocol data units
broadcast storm control
disabling38-4
BSR
configuration example25-21
burst rate29-44
burst size29-27
C
candidate switch
defined9-12
requirements9-12
See also command switch and member switch
cautions for passwords
encrypting3-16
TACACS+3-15
CDP
and trusted boundary29-25
configuration20-2
displaying configuration20-3
enabling on interfaces20-3
Layer 2 protocol tunneling19-7
maintaining20-3
monitoring20-3
cdp enable command20-3
CEF
adjacency tables24-2
configuring load balancing24-7
displaying statistics24-8
enabling24-6
hardware switching24-4
load balancing24-6
overview24-1
software switching24-4
CGMP
overview18-1
channel-group group command17-7, 17-10
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IOS NSF-awareness support6-2
Cisco IP Phones
configuring30-2
Cisco IP phones
sound quality30-1
CIST
description16-2
class-map command29-28
class of service
clear cdp counters command20-4
clear cdp table command20-3
clear counters command4-14
clearing
IP multicast table entries25-20
clear ip flow stats command40-8
CLI
accessing2-1
backing out one level2-5
getting commands2-5
history substitution2-3
managing clusters9-13
modes2-5
monitoring environments39-1
ROM monitor2-6
software basics2-4
clients
in 802.1X authentication31-2
clustering switches
command switch characteristics9-11, 9-12
and VTY9-12
managing
through CLI9-13
overview9-11
planning considerations
CLI9-13
command-line processing2-3
command modes2-5
commands
listing2-5
command switch
requirements9-11
common and internal spanning tree
common spanning tree
community ports
description36-1
community VLANs
and SPAN features36-4
configure as a PVLAN36-5
description36-1
config-register command3-22
config terminal command3-9
configuration files
obtaining with DHCP3-6
saving3-10
configuration register
boot fields
listing value3-22
modifying3-21
configuring3-19
settings at startup3-20
configure terminal command3-22, 4-2
console configuration mode2-5
console port
disconnecting user sessions5-5
monitoring user sessions5-4
copy running-config startup-config command3-10
copy system:running-config nvram:startup-config command3-24
CoS
configuring port value29-41
definition29-3
figure29-2
overriding on Cisco IP Phones30-3
priority30-3
CoS-to-DSCP maps29-46
counters
clearing MFIB25-20
clearing on interfaces4-14
CPU port sniffing39-10
CST
description16-5
IST and16-2
MST and16-2
customer edge devices28-2
D
default configuration
802.1X31-12
auto-QoS29-16
IGMP filtering18-17
Layer 2 protocol tunneling19-9
multi-VRF CE28-3
SPAN and RSPAN39-6
default gateway
configuring3-11
verifying configuration3-11
default ports
and support for 802.1X authentication31-13
description command4-9
detecting unidirectional links21-1
DHCP-based autoconfiguration
client request message exchange3-3
configuring
client side3-2
DNS3-5
relay device3-5
server-side3-3
TFTP server3-4
example3-7
lease options
for IP address information3-4
for receiving the configuration file3-4
overview3-2
relationship to BOOTP3-2
DHCP snooping
configuring33-3
default configuration33-3
displaying binding tables33-10
displaying configuration33-10
enabling33-4
enabling on private VLAN33-5
enabling the database agent33-6
overview33-1
Snooping database agent33-2
DHCP Snooping Database Agent
adding to the database (example)33-9
enabling (example)33-6
overview33-2
reading from a TFTP file (example)33-8
Differentiated Services Code Point values
DiffServ architecture, QoS29-2
disabled state
RSTP comparisons (table)16-4
disabling
broadcast storm control38-4
disconnect command5-5
DNS
and DHCP-based autoconfiguration3-5
documentation
organizationxxi
relatedxxiii
double-tagged packets
802.1Q tunneling19-2
Layer 2 protocol tunneling19-9
drop threshold for Layer 2 protocol packets19-9
DSCP maps29-45
DSCP-to-CoS maps
configuring29-47
DSCP values
configuring maps29-45
configuring port value29-42
definition29-3
IP precedence29-2
mapping markdown29-23
mapping to transmit queues29-43
DTP
VLAN trunks and12-3
duplex command4-8
duplex mode
configuring interface4-7
Dynamic Host Configuration Protocol snooping
dynamic port VLAN membership
limit on hosts11-9
reconfirming11-7
troubleshooting11-9
Dynamic Trunking Protocol
E
EAP frame
request/identity31-3
response/identity31-3
EAP frames
changing retransmission time31-20
exchanging (figure)31-4
setting retransmission number31-21
EAPOL frames
802.1X authentication and31-2
OTP authentication, example (figure)31-4
start31-3
edge ports
description16-7
EGP
overview1-8
EIGRP
overview1-8
Embedded CiscoView
displaying information9-16
installing and configuring9-14
overview9-13
enable mode2-5
encapsulation types12-3
Enhanced Interior Gateway Routing Protocol
environmental monitoring
LED indications7-2
SNMP traps7-2
supervisor engine7-2
switching modules7-2
using CLI commands7-1
EtherChannel
channel-group group command17-7, 17-10
configuration guidelines17-5
configuring Layer 217-9
configuring Layer 317-6
interface port-channel command17-7
lacp system-priority
command example17-12
modes17-3
overview17-1
PAgP
Understanding17-3
physical interface configuration17-7
port-channel interfaces17-2
port-channel load-balance command17-12
ports, 802.1X authentication not supported in31-13
removing17-14
removing interfaces17-13
explicit host tracking
enabling18-8
extended range VLANs
Extensible Authentication Protocol over LAN31-2
Exterior Gateway Protocol
F
FastDrop
clearing entries25-20
displaying entries25-19
overview25-10
FIB
description24-2
filtering
in a VLAN35-12
non-IP traffic35-11
flags25-11
Flash memory
configuring router to boot from3-24
loading system images from3-23
security precautions3-23
flooded traffic, blocking37-2
forward-delay time (STP)
configuring14-18
forwarding information base
G
gateway
global configuration mode2-5
Guest-VLANs
configure with 802.1X31-17, 31-18
H
hardware and software ACL support35-5
hardware switching24-5
hello time (STP)
configuring14-17
history
CLI2-3
hop counts
configuring MST bridges16-7
host
configuring host statically18-8
limit on dynamic port11-9
Hot Standby Routing Protocol
HSRP
description1-6
hw-module module num power command7-15
I
ICMP
enabling5-10
ping5-5
running IP traceroute5-7
time exceeded messages5-7
IDS
using with SPAN and RSPAN39-2
IEEE 802.1s
IEEE 802.1w
IEEE 802.3ad
IGMP
description25-3
enabling25-13
explicit host tracking18-3, 18-8
immediate-leave processing18-3
overview18-1
IGMP filtering
configuring18-17
default configuration18-17
described18-16
monitoring18-20
IGMP groups
setting the maximum number18-19
IGMP profile
applying18-18
configuration mode18-17
configuring18-17
IGMP snooping
configuration guidelines18-4
enabling18-5
IP multicast and25-4
monitoring18-11
overview18-1
IGRP
description1-8
immediate-leave processing
enabling18-7
IGMP
ingress packets, SPAN enhancement39-12
inline power
configuring on Cisco IP phones30-4
Intelligent Power Management8-5
interface port-channel command17-7
interface range command4-4
interface range macro command4-5
interfaces
adding descriptive name4-9
clearing counters4-14
configuring4-2
configuring ranges4-4
displaying information about4-13
Layer 2 modes12-4
maintaining4-13
monitoring4-13
naming4-9
numbers4-2
overview4-1
restarting4-14
Interior Gateway Routing Protocol
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link encapsulation
Intrusion Detection System
IP
configuring default gateway3-11
configuring static routes3-11
displaying statistics24-8
flow switching cache40-8
IP addresses
candidate or member9-12
command switch9-12
ip cef command24-6
ip flow-aggregation cache destination-prefix command40-10
ip flow-aggregation cache prefix command40-10
ip flow-aggregation cache source-prefix command40-10
ip flow-export command40-8
ip icmp rate-limit unreachable command5-11
ip igmp profile command18-17
ip igmp snooping tcn flood command18-10
ip igmp snooping tcn flood query count command18-10
ip igmp snooping tcn query solicit command18-11
IP information
assigned
through DHCP-based autoconfiguration3-2
ip load-sharing per-destination command24-7
ip local policy route-map command26-5
ip mask-reply command5-12
IP multicast
clearing table entries25-20
configuring25-12
default configuration25-13
displaying PIM information25-15
displaying the routing table information25-16
enabling25-13
enabling dense-mode PIM25-14
enabling sparse-mode25-14
features not supported25-12
hardware forwarding25-8
monitoring25-15
overview25-1
routing protocols25-2
software forwarding25-8
See also Auto-RP; IGMP; PIM; RP; RPF
ip multicast-routing command25-13
IP phones
automatic classification and queueing29-16
configuring voice ports30-2
See Cisco IP Phones30-1
trusted boundary for QoS29-24
ip pim command25-14
ip pim dense-mode command25-14
ip pim sparse-dense-mode command25-15
ip policy route-map command26-4
ip redirects command5-11
ip route-cache flow command40-7
IP routing tables
deleting entries25-20
IP Source Guard
configuring33-11
configuring on private VLANs33-12
overview33-10
IP statistics
displaying24-8
IP traceroute
executing5-7
overview5-7
IP unicast
displaying statistics24-8
ip unreachables command5-10
IPX
redistribution of route information with EIGRP1-8
ISL
encapsulation12-3
trunking with 802.1Q tunneling19-4
isolated ports
description36-1
isolated VLANs
description36-1
IST
description16-2
master16-7
MST regions and16-2
J
jumbo frames
and ethernet ports4-11
configuring MTU sizes for4-12
ports and linecards that support4-10
VLAN interfaces4-11
K
keyboard shortcuts2-3
L
l2protocol-tunnel command19-11
labels
definition29-3
LACP
system ID17-4
Layer 2 access ports12-8
Layer 2 frames
classification with CoS29-2
Layer 2 interfaces
assigning VLANs10-8
configuring12-5
configuring as PVLAN host ports36-8
configuring as PVLAN promiscuous ports36-7
configuring as PVLAN trunk ports36-9
defaults12-5
disabling configuration12-9
modes12-4
show interfaces command12-7
Layer 2 interface type
resetting36-12
setting36-12
Layer 2 protocol tunneling
configuring19-9
default configuration19-9
defined19-7
guidelines19-10
Layer 2 switching
overview12-1
Layer 2 Traceroute
and ARP5-9
and CDP5-8
described5-8
host-to-host paths5-8
IP addresses and subnets5-9
MAC addresses and VLANs5-9
multicast traffic5-9
multiple devices on a port5-9
usage guidelines5-8
Layer 2 trunks
configuring12-6
overview12-3
Layer 3 packets
classification methods29-2
Layer 4 port operations
configuration guidelines35-8
restrictions35-8
LEDs
description (table)7-2
listening state (STP)
RSTP comparisons (table)16-4
load balancing
configuring for CEF24-7
configuring for EtherChannel17-12
per-destination24-7
login timer
changing5-4
logoutwarning command5-4
loop guard
and MST16-2
configuring15-9
overview15-2
M
MAC addresses
allocating14-5
building tables12-2
convert dynamic to sticky secure32-2
displaying5-3
displaying in DHCP snooping binding table33-10
in ACLs35-11
sticky32-2
sticky secure, adding32-2
MAC extended access lists35-11
macros
main-cpu command6-8
mapping
DSCP markdown values29-23
DSCP values to transmit queues29-43
mapping tables
configuring DSCP29-45
described29-13
mask destination command40-10
mask source command40-10
match ip address command26-3
maximum aging time (STP)
configuring14-18
member switch
defined9-11
managing9-13
requirements9-12
metro tags19-2
MFIB
CEF25-5
displaying25-18
overview25-11
modules
checking status5-1
powering down7-15
monitoring
802.1Q tunneling19-12
ACL information35-28
IGMP filters18-20
IGMP snooping18-11
Layer 2 protocol tunneling19-12
multi-VRF CE28-11
tunneling19-12
VLAN filters35-19
VLAN maps35-19
M-record16-2
MST
and multiple spanning trees1-4, 16-2
boundary ports16-6
BPDUs16-2
configuration parameters16-5
configuring16-9
displaying configurations16-13
edge ports16-7
enabling16-9
hop count16-7
instances
configuring parameters16-12
description16-2
number supported16-5
interoperability with PVST+16-2
link type16-7
master16-7
message age16-7
restrictions16-8
to-SST interoperability16-4
MSTP
M-record16-2
M-tree16-2
M-tree16-2
MTU size
configuring4-12
default10-4
multicast
multicast packets
blocking37-2
multicast routers
displaying routing tables25-16
flood suppression18-9
Multicast Storm Control
overview38-6
suppression on WS-X401438-7
suppression on WS-X401638-6
multiple forwarding paths1-4, 16-2
Multiple Spanning Tree
multiple VPN routing/forwarding
multi-VRF CE
components28-3
configuration example28-7
default configuration28-3
defined28-1
displaying28-11
monitoring28-11
network components28-3
packet-forwarding process28-3
N
native VLAN
and 802.1Q tunneling19-4
specifying12-6
NetFlow
aggregation
minimum mask,default value40-10
destination-prefix aggregation
configuration (example)40-15
minimum mask, configuring40-10
IP
flow switching cache40-8
prefix aggregation
configuration (example)40-13
minimum mask, configuring40-10
source-prefix aggregation
minimum mask, configuring40-10
switching
configuration (example)40-11
configuring40-7
exporting cache entries40-8
statistics40-8
NetFlow statistics
caveats on supervisor40-6
configuring collection40-6
implementing collection40-6
overview of collection40-1
Network Assistant
and VTY9-12
configure
display configuration9-9
enable communication with switch9-4
enable inter-cluster communication9-7
connect to a device9-10
default configuration9-3
installation requirements9-2
installing9-3
launch9-10
overview of CLI commands9-4
software and hardware requirements9-2
understanding9-2
network fault tolerance1-4, 16-2
network management
configuring20-1
Next Hop Resolution Protocol
NFFC/NFFC II
IGMP snooping and18-4
NHRP
support1-8
non-IP traffic filtering35-11
non-RPF traffic
description25-9
in redundant configurations (figure)25-10
nonvolatile random-access memory
normal-range VLANs
NSF-awareness support6-2
NVRAM
saving settings3-10
O
OIR
overview4-13
online insertion and removal
Open Shortest Path First
operating system images
OSPF
area concept1-7
description1-7
P
packets
modifying29-15
software processed
and QoS29-15
packet type filtering
overview39-14
SPAN enhancement39-14
PAgP
understanding17-3
passwords
configuring enable password3-14
configuring enable secret password3-14
encrypting3-15
recovering lost enable password3-18
setting line password3-14
setting TACACS+3-15
PBR (policy-based routing)
configuration (example)26-5
enabling26-3
features26-2
overview26-1
route maps26-2
when to use26-2
per-port and VLAN Access Control List33-10
Per-VLAN Rapid Spanning Tree14-6
enabling14-20
overview14-6
PE to CE routing, configuring28-6
PIM
configuring dense mode25-14
configuring sparse mode25-14
displaying information25-15
displaying statistics25-20
enabling sparse-dense mode25-14, 25-15
overview25-3
PIM-DM25-3
PIM-SM25-3
ping
executing5-6
overview5-5
PoE8-7
configuring power consumption for single device8-4
configuring power consumption for switch8-4
power consumption for powered devices
Intelligent Power Management8-5
overview8-3
supported cabling topology8-5
powering down a module7-15
power management modes8-1
show interface status8-6
point-to-point
in 802.1X authentication (figure)31-2, 31-8
police command29-32
policed-DSCP map29-46
policers
description29-5
types of29-9
policies
policing
policy-map command29-29, 29-31
policy maps
attaching to interfaces29-34
configuring29-30
port ACLs
and voice VLAN35-4
defined35-2
limitations35-4
Port Aggregation Protocol
port-based authentication
802.1X with voice VLAN31-10
changing the quiet period31-19
client, defined31-2
configuration guidelines31-13
configure 802.1X accounting31-16
configure switch-to-RADIUS server communication31-15
configure with Guest-VLANs31-17, 31-18
configuring Guest-VLAN31-15
configuring manual re-authentication of a client31-19
controlling authorization state31-4
default configuration31-12
described31-2
device roles31-2
disabling31-14
displaying statistics31-22
enabling31-13
enabling multiple hosts31-21
enabling periodic re-authentication31-18
encapsulation31-2
initiation and message exchange31-3
method lists31-13
ports not supported31-4
resetting to default values31-22
setting retransmission number31-21
setting retransmission time31-20
topologies, supported31-10
using with port security31-6
with VLAN assignment31-5
port-based QoS features
port-channel interfaces
creating17-6
overview17-2
port-channel load-balance
command17-12
command example17-12
port-channel load-balance command17-12
port cost (STP)
configuring14-15
PortFast
and MST16-2
BPDU filter, configuring15-12
configuring or enabling15-11
overview15-3
PortFast BPDU filtering
and MST16-2
enabling15-12
overview15-4
port priority
configuring MST instances16-12
configuring STP14-13
ports
blocking37-1
checking status5-2
community36-1
dynamic VLAN membership
reconfirming11-7
forwarding, resuming37-3
isolated36-1
PVLAN types36-1
secure32-1
port security
aging32-6
and QoS trusted boundary29-24
configuring32-4
default configuration32-3
described32-1
displaying32-7
RADIUS accounting31-7
sticky learning32-2
using with 802.1X31-6
violations32-2
with other features32-3
port states
description14-5
port trust state
power
inline30-4
power dc input command7-11
power inline command8-2
power inline consumption command8-4
power management
1+1 redundancy mode7-12
2+1 redundancy mode7-12
Catalyst 4006 switch7-12
Catalyst 4500 series7-4
Catalyst 4500 Series power supplies7-9
Catalyst 4948 series7-3
combined mode7-5
configuring combined mode7-8
configuring redundant mode7-7
overview7-1
redundancy7-12
redundant mode7-5
power redundancy
setting on Catalyst 40067-14
power redundancy-mode command7-8
power supplies
fixed7-4
power supplies required command7-14
primary VLANs
associating with secondary VLANs36-6
configuring as a PVLAN36-5
description36-1
priority
overriding CoS of incoming frames30-3
privileged EXEC mode2-5
privileges
changing default3-17
configuring levels3-16
exiting3-17
logging in3-17
promiscuous ports
configuring PVLAN36-7
description36-1
setting mode36-12
protocol timers14-4
provider edge devices28-2
pruning, VTP
pseudobridges
description16-5
PVACL33-10
PVID (port VLAN ID)
and 802.1X with voice VLAN ports31-10
PVLANs
802.1q support36-5
configuration guidelines36-3
configuring36-3
configuring a VLAN36-5
configuring promiscuous ports36-7
host ports
configuring a Layer 2 interface36-8
setting36-12
isolated VLANs36-1
overview36-1
permitting routing, example36-11
promiscuous mode
setting36-12
setting
interface mode36-12
Q
QoS
allocating bandwidth29-44
and software processed packets29-15
auto-QoS
configuration and defaults display29-19
configuration guidelines29-17
described29-16
displaying29-19
effects on NVRAM configuration29-17
enabling for VoIP29-18
basic model29-5
burst size29-27
configuration guidelines29-24
auto-QoS29-17
configuring
auto-QoS29-16
DSCP maps29-45
traffic shaping29-44
trusted boundary29-24
VLAN-based29-39
configuring user based rate limiting29-35
hierarchical policers29-37
creating policing rules29-28
default auto configuration29-16
default configuration29-22
definitions29-3
disabling on interfaces29-34
enabling on interfaces29-34
IP phones
automatic classification and queueing29-16
detection and trusted settings29-16, 29-24
overview29-1
packet modification29-15
port-based29-39
priority29-14
traffic shaping29-14
transmit rate29-44
trust states
trusted device29-24
VLAN-based29-39
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length29-13
QoS labels
definition29-3
QoS mapping tables
CoS-to-DSCP29-46
DSCP-to-CoS29-47
policed-DSCP29-46
types29-13
QoS marking
description29-4
QoS policers
burst size29-27
types of29-9
QoS policing
definition29-4
QoS policy
attaching to interfaces29-10
overview of configuration29-28
QoS transmit queues
allocating bandwidth29-44
burst29-14
configuring29-43
configuring traffic shaping29-44
mapping DHCP values to29-43
maximum rate29-14
overview29-13
sharing link bandwidth29-14
Quality of service
R
RADIUS server
configure to-Switch communication31-15
configuring settings31-16
parameters on the switch31-15
range command4-4
range macros
defining4-5
ranges of interfaces
configuring4-4
Rapid Spanning Tree
rcommand command9-13
re-authentication of a client
configuring manual31-19
enabling periodic31-18
reduced MAC address14-2
redundancy
configuring6-8
guidelines and restrictions6-7
changes made through SNMP6-8, 6-10
NSF-awareness support6-2
overview6-3
redundancy command6-8
understanding synchronization6-6
redundancy(RPR)
route processor redundancy6-4
synchronization6-6
redundancy(SSO)
route processor redundancy6-4
synchronization6-7
related documentationxxiii
replication
description25-8
reserved-range VLANs
retransmission number
setting in 802.1X authentication31-21
retransmission time
changing in 802.1X authentication31-20
RIP
description1-7
ROM monitor
boot process and3-19
CLI2-6
root bridge
configuring14-9
selecting in MST16-2
root guard
and MST16-2
enabling15-8
overview15-2
routed packets
ACLs35-21
route-map (IP) command26-3
route maps
defining26-3
PBR26-2
router ACLs
description35-2
using with VLAN maps35-20
route targets
VPN28-3
Routing Information Protocol
RSPAN
configuration guidelines39-16
destination ports39-5
IDS39-2
monitored ports39-4
monitoring ports39-5
received traffic39-3
sessions
creating39-17
defined39-3
limiting source traffic to specific VLANs39-23
monitoring VLANs39-22
removing source (monitored) ports39-21
specifying monitored ports39-17
source ports39-4
transmitted traffic39-4
VLAN-based39-5
RSTP
compatibility16-3
description16-2
port roles16-3
port states16-4
S
SAID
scheduling29-13
defined29-4
overview29-5
secondary root switch14-12
secondary VLANs
associating with primary36-6
description36-2
permitting routing36-11
secure ports, configuring32-1
Security Association Identifier
servers, VTP
service-policy command29-29
service-policy input command22-2, 29-34
service-provider networks
and customer VLANs19-2
Layer 2 protocols across19-7
set default interface command26-4
set interface command26-4
set ip default next-hop command26-4
set ip next-hop command26-4
show adjacency command24-9
show boot command3-24
show catalyst4000 chassis-mac-address command14-3
show cdp entry command20-4
show cdp interface command20-3
show cdp neighbors command20-4
show cdp traffic command20-4
show ciscoview package command9-16
show ciscoview version command9-16
show cluster members command9-13
show configuration command4-9
show debugging command20-4
show environment command7-2
show history command2-4
show interfaces command4-12, 4-13
show interfaces status command5-2
show ip cache flow aggregation destination-prefix command40-11
show ip cache flow aggregation prefix command40-11
show ip cache flow aggregation source-prefix command40-11
show ip cache flow command40-8
show ip cef command24-8
show ip interface command25-15
show ip local policy command26-5
show ip mroute command25-15
show ip pim interface command25-15
show l2protocol command19-11
show mac-address-table address command5-3
show mac-address-table interface command5-3
show mls entry command24-8
show PoE consumed8-7
show power command7-14
show power inline command8-6
show power inline consumption command8-4
show power supplies command7-8
show protocols command4-13
show running-config command
adding description for an interface4-9
checking your settings3-9
displaying ACLs35-14, 35-16, 35-23, 35-24
show startup-config command3-10
show users command5-4
show version command3-22
shutdown, command4-14
shutdown threshold for Layer 2 protocol packets19-9
shutting down
interfaces4-14
single spanning tree
slot numbers, description4-2
SmartPort macros
configuration guidelines13-4
configuring13-2
creating and applying13-4
default configuration13-2
defined13-1
displaying13-8
tracing13-4
SNMP
documentation1-13
support1-13
software
upgrading6-12
software configuration register3-19
software switching
description24-5
interfaces24-6
key data structures used25-7
SPAN
and ACLs39-5
configuration guidelines39-7
destination ports39-5
IDS39-2
monitored port, defined39-4
monitoring port, defined39-5
received traffic39-3
sessions
defined39-3
source ports39-4
transmitted traffic39-4
VLAN-based39-5
SPAN and RSPAN
concepts and terminology39-3
default configuration39-6
displaying status39-24
overview39-1
session limits39-6
SPAN destination ports
802.1X authentication not supported31-13
SPAN enhancements
access list filtering39-13
configuration example39-15
CPU port sniffing39-10
encapsulation configuration39-12
ingress packets39-12
packet type filtering39-14
spanning-tree backbonefast command15-15
spanning-tree cost command14-15
spanning-tree guard root command15-8
spanning-tree portfast bpdu-guard command15-12
spanning-tree portfast command15-11
spanning-tree port-priority command14-13
spanning-tree uplinkfast command15-14
spanning-tree vlan
command14-9
command example14-9
spanning-tree vlan command14-8
spanning-tree vlan cost command14-15
spanning-tree vlan forward-time command14-19
spanning-tree vlan hello-time command14-17
spanning-tree vlan max-age command14-18
spanning-tree vlan port-priority command14-13
spanning-tree vlan priority command14-17
spanning-tree vlan root primary command14-10
spanning-tree vlan root secondary command14-12
speed
configuring interface4-7
speed command4-7
SST
description16-2
interoperability16-4
static routes
configuring3-11
verifying3-12
statistics
displaying 802.1X31-22
displaying PIM25-20
NetFlow accounting40-8
sticky learning
configuration file32-2
defined32-2
disabling32-2
enabling32-2
saving addresses32-2
sticky MAC addresses
configuring32-4
defined32-2
Storm Control
disabling38-4
displaying38-4
enabling38-3
hardware-based, implementing38-2
overview38-1
STP
bridge ID14-2
creating topology14-4
defaults14-6
disabling14-19
enabling14-7
enabling extended system ID14-8
enabling Per-VLAN Rapid Spanning Tree14-20
forward-delay time14-18
hello time14-17
Layer 2 protocol tunneling19-7
maximum aging time14-18
per-VLAN rapid spanning tree14-6
port cost14-15
port priority14-13
root bridge14-9
supervisor engine
accessing the redundant6-14
copying files to standby6-14
default configuration3-1
default gateways3-11
environmental monitoring7-1
ROM monitor3-19
startup configuration3-18
static routes3-11
synchronizing configurations6-10
SVIs
and router ACLs35-3
switched packets
and ACLs35-20
Switched Port Analyzer
switching, NetFlow
configuration (example)40-11
configuring40-7
exporting cache entries40-8
switchport
show interfaces4-12
switchport access vlan command12-6, 12-8
switchport block multicast command37-2
switchport block unicast command37-2
switchport mode access command12-8
switchport mode dot1q-tunnel command19-6
switchport mode dynamic command12-6
switchport mode trunk command12-6
switch ports
switchport trunk allowed vlan command12-6
switchport trunk encapsulation command12-6
switchport trunk encapsulation dot1q command12-3
switchport trunk encapsulation isl command12-3
switchport trunk encapsulation negotiate command12-3
switchport trunk native vlan command12-6
switchport trunk pruning vlan command12-6
switch-to-RADIUS server communication
configuring31-15
syslog messages7-2
system
reviewing configuration3-10
settings at startup3-20
system images
loading from Flash memory3-23
modifying boot field3-20
specifying3-23
system MTU
802.1Q tunneling19-5
maximums19-5
T
TACACS+
setting passwords3-15
tagged packets
802.1Q19-3
Layer 2 protocol19-7
TCAM programming and ACLs35-6
Telnet
accessing CLI2-2
disconnecting user sessions5-5
executing5-3
monitoring user sessions5-4
telnet command5-4
TFTP
configuration files in base directory3-5
configuring for autoconfiguration3-4
time exceeded messages5-7
timer
Token Ring
media not supported (note)10-4, 27-3
TOS
description29-3
trace command5-7
traceroute
traceroute mac command5-9
traceroute mac ip command5-9
traffic
blocking flooded37-2
traffic control
using ACLs (figure)35-4
using VLAN maps (figure)35-5
traffic shaping29-14
translational bridge numbers (defaults)10-4
transmit queues
transmit rate29-44
troubleshooting
with traceroute5-7
trunk ports
802.1X authentication not supported on31-13
trunks
802.1Q restrictions12-5
configuring12-6
configuring access VLANs12-6
configuring allowed VLANs12-6
default interface configuration12-6
different VTP domains12-3
enabling to non-DTP device12-4
encapsulation12-3
specifying native VLAN12-6
understanding12-3
trusted boundary for QoS29-24
trust states
configuring29-40
tunneling
defined19-1
Layer 2 protocol19-7
tunnel ports
802.1Q, configuring19-6
described19-2
incompatibilities with other features19-5
type of service
U
UDLD
default configuration21-2
disabling21-3
enabling21-3
unauthorized ports with 802.1X31-4
unicast
unicast flood blocking
configuring37-1
unicast traffic
blocking37-2
unidirectional ethernet
enabling22-2
example of setting22-2
overview22-1
UniDirectional Link Detection Protocol
UplinkFast
and MST16-2
enabling15-14
MST and16-3
overview15-5
user EXEC mode2-5
user sessions
disconnecting5-5
monitoring5-4
V
VACLs
Layer 4 port operations35-7
virtual LANs
Virtual Private Network
VLAN ACLs
vlan database command10-7
vlan dot1q tag native command19-4
VLAN Management Policy Server
VLAN maps
common uses for35-16
configuration example35-17
configuration guidelines35-13
configuring35-12
creating entries35-13
defined35-3
denying access example35-18
denying packets35-14
displaying35-19
examples35-18
order of entries35-13
permitting packets35-14
router ACLs and35-20
using (figure)35-5
VLANs
allowed on trunk12-6
configuration guidelines10-3
configuring10-4
customer numbering in service-provider networks19-3
default configuration10-4
description1-5
extended range10-3
IDs (default)10-4
interface assignment10-8
limiting source traffic with RSPAN39-23
monitoring with RSPAN39-22
name (default)10-4
normal range10-3
overview10-1
reserved range10-3
VLAN Trunking Protocol
VLAN trunks
overview12-3
VMPS
configuring dynamic access ports on client11-6
configuring retry interval11-8
dynamic port membership
reconfirming11-7
reconfirming assignments11-7
reconfirming membership interval11-7
server overview11-1
VMPS client
administering and monitoring11-8
configure switch
configure reconfirmation interval11-7
dynamic ports11-6
entering IP VMPS address11-5
reconfirmation interval11-8
reconfirm VLAM membership11-7
default configuration11-4
dynamic VLAN membership overview11-4
troubleshooting dynamic port VLAN membership11-9
VMPS server
fall-back VLAN11-3
illegal VMPS client requests11-3
overview11-1
security modes
multiple11-3
open11-2
secure11-3
voice interfaces
configuring30-1
Voice over IP
configuring30-1
voice ports
configuring VVID30-2
voice VLAN ports
using 802.1X31-10
VPN
configuring routing in28-5
forwarding28-3
in service provider networks28-1
routes28-2
routing and forwarding table
VRF
defining28-3
tables28-1
VTP
configuration guidelines27-5
configuring transparent mode27-9
default configuration27-5
disabling27-9
Layer 2 protocol tunneling19-7
monitoring27-10
overview27-1
VTP advertisements
description27-3
VTP clients
configuring27-8
VTP domains
description27-2
VTP modes27-2
VTP pruning
enabling27-6
overview27-3
VTP servers
configuring27-7
VTP statistics
displaying27-10
VTP version 2
enabling27-7
overview27-3
VTY and Network Assistant9-12
VVID (voice VLAN ID)
and 802.1X authentication31-10
configuring30-2