Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
Index
ACLs
applying IPv6 ACLs to a Layer 3 interface 42-21
Numerics
10/100 autonegotiation feature, forced 6-13
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 6-9
10-Gigabit Ethernet port
deploy with Gigabit Ethernet SFP ports 6-7
1400 W DC Power supply
special considerations 10-16
1400 W DC SP Triple Input power supply
special considerations 10-17
802.10 SAID (default) 12-4
802.1Q
trunks 16-6
tunneling
compatibility with other features 23-5
defaults 23-4
described 23-2
tunnel ports with other features 23-6
802.1Q VLANs
encapsulation 14-3
trunk restrictions 14-5
802.1s
See MST
802.1w
See MST
802.1X
See port-based authentication
802.1X authentication
for Critical Authentication 37-12
for guest VLANs 37-8
for MAC Authentication Bypass 37-9
for Wake-on-LAN 37-12
RADIUS accounting 37-16
with port security 37-15
with VLAN assignment 37-7
with voice VLAN ports 37-18
802.3ad
See LACP
A
AAA 39-1
abbreviating commands 2-5
access control entries
See ACEs
access control entries and lists 39-1
access-group mode, configuring on Layer 2 interface 42-34
access-group mode, using PACL with 42-34
access list filtering, SPAN enhancement 45-13
access lists
using with WCCP 52-7
access ports
and Layer 2 protocol tunneling 23-9
configure port security 38-6, 38-21
configuring 14-8
access VLANs 14-6
accounting
configuring for 802.1X 37-32
with TACACS+ 3-16, 3-21
ACEs
ACLs 42-2
IP 42-2
Layer 4 operation restrictions 42-15
ACEs and ACLs 39-1
ACLs
ACEs 42-2
and SPAN 45-5
and TCAM programming for Sup 6-E 42-15
and TCAM programming for Sup II-Plus thru V-10GE 42-6
applying on routed packets 42-31
applying on switched packets 42-30
chaning the TCAM programming algorithm 42-9
compatibility on the same switch 42-3
configuring with VLAN maps 42-30
CPU impact 42-17
hardware and software support 42-5
IP, matching criteria for port ACLs 42-4
MAC extended 42-19
matching criteria for router ACLs 42-3
port
and voice VLAN 42-4
defined 42-3
limitations 42-5
processing 42-17
resize the TCAM regions 42-10
selecting mode of capturing control packets 42-12
TCAM programming algorithm 42-7
troubleshooting high CPU 42-12
types supported 42-3
understanding 42-2
VLAN maps 42-5
ACLs and VLAN maps, examples 42-24
acronyms, list of A-1
action drivers, marking 34-76
active queue management 34-14
active queue management via DBL, QoS on Sup 6-E 34-89
active traffic monitoring, IP SLAs 49-1
adding members to a community 11-8
addresses
displaying the MAC address table 4-30
dynamic
changing the aging time 4-21
defined 4-19
learning 4-20
removing 4-22
MAC, discovering 4-30
See MAC addresses
static
adding and removing 4-27
defined 4-19
address resolution 4-30
adjacency tables
description 29-3
displaying statistics 29-10
administrative VLAN
REP, configuring 18-8
administrative VLAN, REP 18-7
advertisements
LLDP 1-3, 25-2
advertisements, VTP
See VTP advertisements
aggregation switch, enabling DHCP snooping 40-9
aging time
MAC address table 4-21
applying IPv6 ACLs to a Layer 3 interface 42-21
AQM via DBL, QoS on Sup 6-E 34-89
ARP
defined 4-30
table
address resolution 4-30
managing 4-30
asymmetrical links, and 802.1Q tunneling 23-4
authentication
NTP associations 4-4
See also port-based authentication
TACACS+
defined 3-16
key 3-18
login 3-19
Authentication, Authorization, and Accounting (AAA) 39-1
Authentication Failed VLAN assignment
configure with 802.1X 37-40
authentication server
defined 37-3
RADIUS server 37-3
authoritative time source, described 4-2
authorization
with TACACS+ 3-16, 3-21
authorized and unauthorized ports 37-4
authorized ports with 802.1X 37-4
autoconfiguration 3-2
automatic discovery
considerations 11-7
automatic QoS
See QoS
Auto-MDIX on a port
configuring 6-24
displaying the configuration 6-25
overview 6-23
autonegotiation feature
forced 10/100Mbps 6-13
Auto-QoS
configuring 34-17
auto-sync command 8-8
B
Baby Giants
interacting with 6-21
BackboneFast
adding a switch (figure) 19-4
and MST 16-23
configuring 19-16
link failure (figure) 19-14, 19-15
not supported MST 16-23
understanding 19-14
See also STP
banners
configuring
login 4-19
message-of-the-day login 4-18
default configuration 4-18
when displayed 4-17
b command 54-3
b flash command 54-3
BGP 1-8
routing session with multi-VRF CE 33-7
blocking packets 43-1
blocking state (STP)
RSTP comparisons (table) 16-24
boot bootldr command 3-31
boot command 3-28
boot commands 54-3
boot fields
See configuration register boot fields
bootstrap program
See ROM monitor
boot system command 3-26, 3-31
boot system flash command 3-28
Border Gateway Protocol
See BGP
boundary ports
description 16-27
BPDU Guard
and MST 16-23
configuring 19-16
overview 19-8
BPDUs
and media speed 16-2
pseudobridges and 16-25
what they contain 16-3
bridge ID
See STP bridge ID
bridge priority (STP) 16-16
bridge protocol data units
See BPDUs
Broadcast Storm Control
disabling 44-6
enabling 44-3
BSR
configuration example 31-21
burst rate 34-57
burst size 34-32
C
cache engine clusters 52-1
cache engines 52-1
cache farms
See cache engine clusters
candidates
automatic discovery 11-7
candidate switch, cluster
defined 11-12
requirements 11-12
Capturing control packets
selecting mode 42-12
cautions
Unicast RPF
BGP optional attributes 30-5
cautions for passwords
encrypting 3-22
CDP
and trusted boundary 34-27
automatic discovery in communities 11-7
configuration 24-2
defined with LLDP 25-1
displaying configuration 24-3
enabling on interfaces 24-3
Layer 2 protocol tunneling 23-7
maintaining 24-3
monitoring 24-3
overview 1-2, 24-1
cdp enable command 24-3
CEF
adjacency tables 29-3
and NSF with SSO 9-5
configuring load balancing 29-8
displaying statistics 29-9
enabling 29-7
hardware switching 29-5
load balancing 29-7
overview 29-2
software switching 29-5
CGMP
overview 21-1
channel-group group command 20-7, 20-10
Cisco 7600 series Internet router
enabling SNMP 53-16
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS IP SLAs 49-1
Cisco IOS NSF-aware
support 9-2
Cisco IOS NSF-capable support 9-2
Cisco IP Phones
configuring 35-3
sound quality 35-1
CiscoWorks 2000 47-4
CIST
description 16-22
class level, configure in a service policy 34-86
class-map command 34-34
class of service
See CoS
clear cdp counters command 24-4
clear cdp table command 24-3
clear counters command 6-27
clearing
IP multicast table entries 31-20
clear ip eigrp neighbors command 28-18
clear ip flow stats command 48-9
CLI
accessing 2-1
backing out one level 2-5
getting commands 2-5
history substitution 2-4
managing clusters 11-12
modes 2-5
monitoring environments 45-1
ROM monitor 2-7
software basics 2-4
clients
in 802.1X authentication 37-2
clock
See system clock
clustering switches
command switch characteristics 11-11, 11-12
and VTY 11-11
convert to a community 11-9
managing
through CLI 11-12
overview 11-10
planning considerations
CLI 11-12
passwords 11-8
command-line processing 2-3
command modes 2-5
commands
b 54-3
b flash 54-3
boot 54-3
confreg 54-3
dev 54-3
dir device 54-3
frame 54-5
i 54-3
listing 2-5
meminfo 54-5
reset 54-3
ROM monitor54-2to 54-3
ROM monitor debugging 54-5
SNMP 53-16
sysret 54-5
command switch, cluster
requirements 11-11
common and internal spanning tree
See CIST
common spanning tree
See CST
community of switches
access modes in Network Assistant 11-8
adding devices 11-8
candidate characterisitcs 11-6
communication protocols 11-8
community name 11-7
configuration information 11-8
converting from a cluster 11-9
host name 11-7
passwords 11-8
community ports 36-4
community strings
configuring 47-7
overview 47-4
community VLANs 36-3, 36-4
and SPAN features 36-12
configure as a PVLAN 36-13
compiling MIBs 53-16
config-register command 3-29
config terminal command 3-9
configurable leave timer,IGMP 21-4
configuration examples
SNMP 47-16
configuration files
limiting TFTP server access 47-15
obtaining with DHCP 3-6
saving 3-10
system contact and location information 47-15
configuration guidelines
REP 18-6
SNMP 47-6
configuration register
boot fields
listing value 3-29
modifying 3-28
changing from ROM monitor 54-3
changing settings3-28to 3-29
configuring 3-26
settings at startup 3-27
configure class-level queue-limit in a service policy 34-86
configure terminal command 3-28, 6-2
configuring access-group mode on Layer 2 interface 42-34
configuring flow control 6-16
configuring interface link and trunk status envents 6-28
configuring named IPv6 ACLs 42-20
configuring named MAC extended ACLs 42-19
configuring unicast MAC address filtering 42-19
configuring VLAN maps 42-22
confreg command 54-3
console configuration mode 2-5
console download54-4to 54-5
console port
disconnecting user sessions 7-6
monitoring user sessions 7-6
control plane policing
See CoPP
control protocol, IP SLAs 49-4
convergence
REP 18-3
CoPP
applying QoS service policy to control plane 39-4
configuring
ACLs to match traffic 39-4
enabling MLS QoS 39-4
packet classification criteria 39-4
service-policy map 39-4
control plane configuration mode
entering 39-4
displaying
dynamic information 39-8
number of conforming bytes and packets 39-8
rate information 39-8
entering control plane configuration mode 39-4
monitoring statistics 39-8
overview 39-2
copy running-config startup-config command 3-10
copy system:running-config nvram:startup-config command 3-31
CoS
definition 34-3
figure 34-2
overriding on Cisco IP Phones 35-5
priority 35-5
CoS Mutation
configuring 34-41
CoS-to-DSCP maps 34-58
CoS value, configuring for an interface 34-53
counters
clearing MFIB 31-21
clearing on interfaces 6-27
CPU, impact of ACL processing 42-17
CPU port sniffing 45-10
Critical Authentication
configure with 802.1X 37-36
CST
description 16-25
IST and 16-22
MST and 16-22
customer edge devices 33-2
D
database agent
configuration examples 40-12
enabling the DHCP Snooping 40-12
daylight saving time 4-13
debug commands, ROM monitor 54-5
default configuration
802.1X 37-22
auto-QoS 34-18
banners 4-18
DNS 4-16
IGMP filtering 21-18
IGMP snooping 22-5, 22-6
IP SLAs 49-6
Layer 2 protocol tunneling 23-9
LLDP 25-3
MAC address table 4-21
multi-VRF CE 33-4
NTP 4-4
private VLANs 36-11
REP 18-6
resetting the interface 6-30
RMON 50-3
SNMP 47-6
SPAN and RSPAN 45-6
system message logging 46-3
system name and prompt 4-15
TACACS+ 3-18
default gateway
configuring 3-11
verifying configuration 3-11
default settings, erase commad 3-31
denial-of-service attacks
IP address spoofing, mitigating 30-5
Unicast RPF, deploying 30-5
denying access to a server on another VLAN 42-28
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 6-7
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 6-9
description command 6-15
detecting unidirectional links 26-1
dev command 54-3
device discovery protocol 25-1
DHCP-based autoconfiguration
client request message exchange 3-3
configuring
client side 3-3
DNS 3-5
relay device 3-5
server-side 3-4
TFTP server 3-4
example 3-7
lease options
for IP address information 3-4
for receiving the configuration file 3-4
overview 3-2
relationship to BOOTP 3-3
DHCP option 82
overview 40-4
DHCP Snooping
enabling, and Option 82 40-9
DHCP snooping
accepting untrusted packets form edge switch 40-10
configuring 40-6
default configuration 40-7
displaying binding tables 40-16
displaying configuration 40-16
displaying information 40-16
enabling 40-7
enabling on private VLAN 40-11
enabling on the aggregation switch 40-9
enabling the database agent 40-12
message exchange process 40-4
monitoring 40-20
option 82 data insertion 40-4
overview 40-1
Snooping database agent 40-2
DHCP Snooping Database Agent
adding to the database (example) 40-15
enabling (example) 40-13
overview 40-2
reading from a TFTP file (example) 40-14
Diagnostics
online 51-1
troubleshooting 51-2
Power-On-Self-Test
causes of failure 51-14
how it works 51-3
overview 51-3
Power-On-Self-Test for Supervisor Engine V-10GE 51-8
Differentiated Services Code Point values
See DSCP values
DiffServ architecture, QoS 34-2
Digital optical monitoring transceiver support 6-12
dir device command 54-3
disabled state
RSTP comparisons (table) 16-24
disabling
broadcast storm control 44-6
disabling multicast storm control 44-7
disconnect command 7-6
discovery, clusters
See automatic discovery
displaying EtherChannel to a Virtual Switch System 20-15
displaying storm control 44-7
DNS
and DHCP-based autoconfiguration 3-5
default configuration 4-16
displaying the configuration 4-17
overview 4-15
setting up 4-16
domain names
DNS 4-15
Domain Name System
See DNS
double-tagged packets
802.1Q tunneling 23-2
Layer 2 protocol tunneling 23-9
downloading MIBs 53-14, 53-15
drop threshold for Layer 2 protocol packets 23-10
DSCP maps 34-58
DSCP-to-CoS maps
configuring 34-60
DSCP values
configuring maps 34-58
definition 34-4
IP precedence 34-2
mapping markdown 34-24
mapping to transmit queues 34-55
DSCP values, configuring port value 34-54
DTP
VLAN trunks and 14-3
duplex command 6-14
duplex mode
configuring interface 6-13
dynamic 12-17
dynamic ARP inspection
ARP cache poisoning 41-2
configuring
ACLs for non-DHCP environments 41-11
in DHCP environments 41-5
log buffer 41-14
rate limit for incoming ARP packets 41-16
denial-of-service attacks, preventing 41-16
interface trust state, security coverage 41-3
log buffer
configuring 41-14
logging of dropped packets 41-4
overview 41-1
port channels, their behavior 41-5
priority of static bindings 41-4
purpose of 41-2
rate limiting of ARP packets 41-4
configuring 41-16
validation checks, performing 41-19
dynamic buffer limiting
globally 34-28
on specific CoS values 34-30
on specific IP DSCP values 34-29
Dynamic Host Configuration Protocol snooping
See DHCP snooping
dynamic port VLAN membership
example 12-25
limit on hosts 12-25
reconfirming 12-23
troubleshooting 12-25
Dynamic Trunking Protocol
See DTP
E
EAP frames
changing retransmission time 37-45
exchanging (figure) 37-4, 37-6, 37-11
request/identity 37-3
response/identity 37-3
setting retransmission number 37-46
EAPOL frames
802.1X authentication and 37-3
OTP authentication, example (figure) 37-4, 37-11
start 37-3
edge ports
description 16-27
EGP
overview 1-8
EIGRP
configuration examples 28-19
monitoring and maintaining 28-18
EIGRP (Enhanced IGRP)
stub routing
benefits 28-17
configuration tasks 28-17
configuring 28-13
overview 28-13
restrictions 28-17
verifying 28-18
EIGRP (enhanced IGRP)
overview 1-8
eigrp stub command 28-18
EIGRP stub routing, configuring 28-12
Embedded CiscoView
displaying information 4-33
installing and configuring 4-31
overview 4-31
emergency alarms on Sup Engine 6-E systems 10-3
enable command 3-9, 3-28
enable mode 2-5
enabling or disabling QOS on an interface 34-51
enabling SNMP 53-16
encapsulation types 14-3
Enhanced Interior Gateway Routing Protocol
See EIGRP
Enhanced PoE support on E-series 10-12
environmental conditions
Sup Engine 6-E 10-3
Sup Engines II-Plus to V-10GE 10-2
Supervisor Engine 6-E 10-3
Supervisor Engines II-Plus to V-10GE 10-2
environmental monitoring
using CLI commands 10-1
EtherChannel
channel-group group command 20-7, 20-10
configuration guidelines 20-5
configuring20-6to 20-14
configuring Layer 2 20-9
configuring Layer 3 20-6
displaying to a virtual switch system 20-15
interface port-channel command 20-7
lacp system-priority
command example 20-12
modes 20-3
overview 20-1
PAgP
Understanding 20-3
physical interface configuration 20-7
port-channel interfaces 20-2
port-channel load-balance command 20-13
removing 20-14
removing interfaces 20-14
EtherChannel guard
disabling 19-7
enabling 19-6
overview 19-6
explicit host tracking
enabling 21-10
extended range VLANs
See VLANs
Extensible Authentication Protocol over LAN 37-1
Exterior Gateway Protocol
See EGP
F
FastDrop
clearing entries 31-20
displaying entries 31-19
overview 31-10
FIB
description 29-3
See also MFIB
filtering
in a VLAN 42-22
non-IP traffic 42-19
flags 31-11
Flash memory
configuring router to boot from 3-30
loading system images from 3-30
security precautions 3-30
flooded traffic, blocking 43-2
flowchart, traffic marking procedure 34-76
flow control, configuring 6-16
forward-delay time (STP)
configuring 16-18
forwarding information base
See FIB
frame command 54-5
G
gateway
See default gateway
get-bulk-request operation 47-3
get-next-request operation 47-3, 47-4
get-request operation 47-3, 47-4
get-response operation 47-3
Gigabit Ethernet SFP ports
deploy with 10-Gigabit Ethernet 6-7
global configuration mode 2-5
Guest-VLANs
configure with 802.1X 37-32, 37-41
H
hardware and software ACL support 42-5
hardware switching 29-6
hello time (STP)
configuring 16-17
hierarchical policers, configuring 34-46
hierarchical policies, QoS on Sup 6-E 34-90
high CPU due to ACLs, troubleshooting 42-12
history
CLI 2-4
history table, level and number of syslog messages 46-10
hop counts
configuring MST bridges 16-28
host
configuring host statically 21-10
limit on dynamic port 12-25
host ports
kinds of 36-5
Hot Standby Routing Protocol
See HSRP
HSRP
description 1-7
http
//www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html 49-1, 49-3, 49-5, 49-6
//www.cisco.com/en/US/docs/ios/fundamentals/command reference/cf_book.html 46-1
hw-module module num power command 10-20
I
ICMP
enabling 7-11
ping 7-7
running IP traceroute 7-8
time exceeded messages 7-8
ICMP Echo operation
configuring 49-12
IP SLAs 49-11
i command 54-3
IDS
using with SPAN and RSPAN 45-2
IEEE 802.1s
See MST
IEEE 802.1w
See MST
IEEE 802.3ad
See LACP
IGMP
configurable leave timer
enabling 21-8
configurable-leave timer 21-4
description 31-3
enabling 31-13
explicit host tracking 21-4, 21-10
immediate-leave processing 21-3
leave processing, enabling 22-8
overview 21-1
report suppression
disabling 22-11
IGMP filtering
configuring 21-18
default configuration 21-18
described 21-18
monitoring 21-21
IGMP groups
setting the maximum number 21-20
IGMP Immediate Leave
configuration guidelines 21-8
IGMP profile
applying 21-19
configuration mode 21-18
configuring 21-19
IGMP snooping
configuration guidelines 21-5
default configuration 22-5, 22-6
enabling 21-5, 21-6
enabling and disabling 22-6
IP multicast and 31-4
monitoring 21-13, 22-11
overview 21-1
IGRP
description 1-9
Immediate Leave, IGMP
enabling 22-8
immediate-leave processing
enabling 21-8
IGMP
See fast-leave processing
Ingress Packets, SPAN enhancement 45-12
ingress packets, SPAN enhancement 45-12
inline power
configuring on Cisco IP phones 35-5
insufficient inline power handling for Supervisor Engine II-TS 10-18
Intelligent Power Management 10-4
interacting with Baby Giants 6-21
interface command 3-9, 6-2
interface configuration
REP 18-9
interface link and trunk status events
configuring 6-28
interface port-channel command 20-7
interface range command 6-5
interface range macro command 6-6
interfaces
adding descriptive name 6-15
clearing counters 6-27
configuring 6-2
configuring ranges 6-5
displaying information about 6-26
Layer 2 modes 14-4
maintaining 6-26
monitoring 6-26
naming 6-15
numbers 6-2
overview 6-2
restarting 6-27, 6-28
See also Layer 2 interfaces
Interior Gateway Routing Protocol
See IGRP
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Inter-Switch Link encapsulation
See ISL encapsulation
Intrusion Detection System
See IDS
inventory management TLV 25-3, 25-6
IP
configuring default gateway 3-11
configuring static routes 3-11
displaying statistics 29-9
flow switching cache 48-9
IP addresses
cluster candidate or member 11-12
cluster command switch 11-11
discovering 4-30
ip cef command 29-7
IP Enhanced IGRP
interfaces, displaying 28-18
ip flow-aggregation cache destination-prefix command 48-11
ip flow-aggregation cache prefix command 48-11
ip flow-aggregation cache source-prefix command 48-12
ip flow-export command 48-9
ip icmp rate-limit unreachable command 7-12
ip igmp profile command 21-18
ip igmp snooping tcn flood command 21-12
ip igmp snooping tcn flood query count command 21-12
ip igmp snooping tcn query solicit command 21-13
IP information
assigned
through DHCP-based autoconfiguration 3-2
ip load-sharing per-destination command 29-8
ip local policy route-map command 32-5
ip mask-reply command 7-13
IP MTU sizes, configuring 28-8
IP MTU sizes,configuring 28-8
IP multicast
clearing table entries 31-20
configuring 31-12
default configuration 31-13
displaying PIM information 31-16
displaying the routing table information 31-16
enabling 31-13
enabling dense-mode PIM 31-14
enabling sparse-mode 31-14
features not supported 31-12
hardware forwarding 31-8
IGMP snooping and 21-4, 31-4
monitoring 31-15
overview 31-1
routing protocols 31-2
software forwarding 31-8
See also Auto-RP; IGMP; PIM; RP; RPF
ip multicast-routing command 31-13
IP phones
automatic classification and queueing 34-17
configuring voice ports 35-3
See Cisco IP Phones 35-1
trusted boundary for QoS 34-26
ip pim command 31-14
ip pim dense-mode command 31-14
ip pim sparse-dense-mode command 31-15
ip policy route-map command 32-4
IP Port Security for Static Hosts
on a Layer 2 access port 40-22
on a PVLAN host port 40-25
overview 40-21
ip redirects command 7-12
ip route-cache flow command 48-7
IP routing tables
deleting entries 31-20
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 49-1
IP SLAs
benefits 49-2
Control Protocol 49-4
default configuration 49-6
definition 49-1
ICMP echo operation 49-11
measuring network performance 49-3
monitoring 49-14
multioperations scheduling 49-5
operation 49-3
responder
described 49-4
enabling 49-8
response time 49-4
scheduling 49-5
SNMP support 49-2
supported metrics 49-2
threshold monitoring 49-6
UDP jitter operation 49-8
IP Source Guard
configuring 40-18
configuring on private VLANs 40-19
displaying 40-19, 40-20
overview 40-17
IP statistics
displaying 29-9
IP traceroute
executing 7-8
overview 7-8
IP unicast
displaying statistics 29-9
IP Unnumbered support
configuring on a range of Ethernet VLANs 13-5
configuring on LAN and VLAN interfaces 13-4
configuring with connected host polling 13-6
DHCP Option 82 13-2
displaying settings 13-7
format of agent remote ID suboptions 13-3
troubleshooting 13-8
with conected host polling 13-3
with DHCP server and Relay agent 13-2
ip unreachables command 7-11
IPX
redistribution of route information with EIGRP 1-8
ISL
encapsulation 14-3
trunking with 802.1Q tunneling 23-4
isolated port 36-5
isolated VLANs 36-3, 36-4, 36-5
ISSU
compatibility matrix 5-13
compatiblity verification using Cisco Feature Navigator 5-14
NSF overview 5-4
perform the process
aborting a software upgrade 5-26
configuring the rollback timer as a safeguard 5-27
displaying a compatibility matrix 5-29
loading the new software on the new standby 5-24
stopping the rollback timer 5-23
switching to the standby 5-20
verify the ISSU state 5-17
verify the redundancy mode 5-15
verify the software installation 5-15
vload the new software on standby 5-17
prerequisites 5-2
process overview 5-7
restrictions 5-2
SNMP support 5-13
SSO overview 5-4
versioning capability in software to support 5-12
IST
and MST regions 16-22
description 16-22
master 16-27
J
jumbo frames
and ethernet ports 6-20
configuring MTU sizes for 6-20
ports and linecards that support 6-18
understanding MTUs 6-19
understanding support 6-19
VLAN interfaces 6-20
K
keyboard shortcuts 2-3
L
l2protocol-tunnel command 23-11
labels, definition 34-3
LACP
system ID 20-4
Layer 2 access ports 14-8
Layer 2 Control Packet QoS
feature interaction 34-65
overview 34-61
usage guidelines 34-64
Layer 2 frames
classification with CoS 34-2
Layer 2 interface, configuring access-mode mode on 42-34
Layer 2 interfaces
assigning VLANs 12-8
configuring 14-5
configuring as PVLAN host ports 36-16
configuring as PVLAN promiscuous ports 36-15
configuring as PVLAN trunk ports 36-17
defaults 14-5
disabling configuration 14-9
modes 14-4
show interfaces command 14-7
Layer 2 interface type
resetting 36-22
setting 36-22
Layer 2 protocol tunneling
default configuration 23-9
guidelines 23-10
Layer 2 switching
overview 14-1
Layer 2 Traceroute
and ARP 7-10
and CDP 7-9
host-to-host paths 7-9
IP addresses and subnets 7-10
MAC addresses and VLANs 7-10
multicast traffic 7-10
multiple devices on a port 7-10
unicast traffic 1-21, 7-9
usage guidelines 7-9
Layer 2 trunks
configuring 14-6
overview 14-3
Layer 3 interface, applying IPv6 ACLs 42-21
Layer 3 interface counters,configuring 28-10
Layer 3 interface counters,understanding 28-4
Layer 3 interfaces
configuration guidelines 28-5
overview 28-1
logical 28-2
physical 28-2
VLANs as interfaces 28-7
Layer 3 packets
classification methods 34-2
Layer 4 port operations
configuration guidelines 42-16
restrictions 42-15
limitations on using a TwinGig Convertor 6-10
link and trunk status events
configuring interface 6-28
link integrity, verifying with REP 18-3
Link Layer Discovery Protocol
See CDP
listening state (STP)
RSTP comparisons (table) 16-24
LLDP
configuring 25-3
characteristics 25-3
default configuration 25-3
disabling and enabling
globally 25-5
on an interface 25-5
monitoring and maintaining 25-7
overview 25-1
transmission timer and holdtime, setting 25-3
LLDP-MED
configuring
procedures 25-3
TLVs 25-6
monitoring and maintaining 25-7
overview 25-1
supported TLVs 25-2
LLDP Media Endpoint Discovery
See LLDP-MED
load balancing
configuring for CEF 29-8
configuring for EtherChannel 20-13
overview 20-5, 29-7
per-destination 29-8
location TLV 25-6
Logical Layer 3 interfaces
configuring 28-5
login authentication
with TACACS+ 3-19
login banners 4-17
login timer
changing 7-5
logoutwarning command 7-6
loop guard
and MST 16-23
configuring 19-5
overview 19-3
M
MAC/PHY configuration status TLV 25-2
MAC addresses
aging time 4-21
allocating 16-5
and VLAN association 4-20
building tables 4-20, 14-2
convert dynamic to sticky secure 38-5
default configuration 4-21
discovering 4-30
displaying 4-30, 7-3
displaying in DHCP snooping binding table 40-16
dynamic
learning 4-20
removing 4-22
in ACLs 42-19
static
adding 4-28
allowing 4-29
characteristics of 4-27
dropping 4-29
removing 4-28
sticky 38-4
sticky secure, adding 38-5
MAC Authentication Bypass
configure with 802.1X 37-35
MAC extended access lists 42-19
macros
See Smartports macros
main-cpu command 8-8
management address TLV 25-2
management options
SNMP 47-1
manual preemption, REP, configuring 18-11
mapping
DSCP markdown values 34-24
DSCP values to transmit queues 34-55
mapping tables
configuring DSCP 34-58
described 34-14
marking
hardware capabilities 34-78
marking action drivers 34-76
marking network traffic 34-73
marking support, multi-attribute 34-77
mask destination command 48-11
mask source command 48-11, 48-12
Match CoS for non-IPV4 traffic
configuring 34-36
match ip address command 32-3
maximum aging time (STP)
configuring 16-18
MDA
configuration 37-28
configuration guidelines37-19to 37-20
described 37-19
members
automatic discovery 11-7
member switch
managing 11-12
member switch, cluster
defined 11-11
requirements 11-12
meminfo command 54-5
messages, to users through banners 4-17
metro tags 23-2
MFIB
CEF 31-5
displaying 31-18
displaying fast drop entries 31-19
flags supported 31-11
overview 31-11
MIBs
compiling 53-16
downloading 53-14, 53-15
overview 47-1
related information 53-15
SNMP interaction with 47-4
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
MLD Snooping
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
Multicast client aging robustness 22-3
Multicast router discovery 22-3
overview 22-1
Mode of capturing control packets, selecting 42-12
module, displaying PoE consumed 10-8
modules
checking status 7-2
powering down 10-20
monitoring
802.1Q tunneling 23-12
ACL information 42-38
IGMP
snooping 22-11
IGMP filters 21-21
IGMP snooping 21-13
IP SLAs operations 49-14
Layer 2 protocol tunneling 23-12
multicast router interfaces 22-11
multi-VRF CE 33-12
REP 18-12
traffic flowing among switches 50-1
tunneling 23-12
VLAN filters 42-29
VLAN maps 42-29
M-record 16-23
MST
and multiple spanning trees 1-3, 16-22
boundary ports 16-27
BPDUs 16-23
configuration parameters 16-26
configuring 16-29
displaying configurations 16-33
edge ports 16-27
enabling 16-29
hop count 16-28
instances
configuring parameters 16-32
description 16-22
number supported 16-26
interoperability with PVST+ 16-23
link type 16-28
master 16-27
message age 16-28
regions 16-26
restrictions 16-29
to-SST interoperability 16-24
MSTP
EtherChannel guard
enabling 19-6
M-record 16-23
M-tree 16-23
M-tree 16-23
MTUS
understanding 6-19
MTU size
configuring 6-20, 6-22, 6-29
default 12-4
multicast
See IP multicast
Multicast client aging robustness 22-3
multicast groups
static joins 22-7
multicast packets
blocking 43-2
Multicast router discovery 22-3
multicast router interfaces, monitoring 22-11
multicast router ports, adding 22-8
multicast routers
displaying routing tables 31-16
flood suppression 21-10
Multicast Storm Control
enabling 44-4
disabling 44-7
suppression on Sup 6-E 44-4
suppression on WS-X4014 44-5
suppression on WS-X4016 44-5
WS-X4515, WS-X4014, and WS-X4013+ Sup Engs 44-5
WS-X4516 Sup Eng 44-5
multidomain authentication
See MDA
multioperations scheduling, IP SLAs 49-5
Multiple Domain Authentication
configuring 37-28
overview of Host Mode 37-6
multiple forwarding paths 1-3, 16-22
Multiple Spanning Tree
See MST
multiple VPN routing/forwarding
See multi-VRF CE
multi-VRF CE
components 33-4
configuration example 33-8
default configuration 33-4
defined 33-1
displaying 33-12
monitoring 33-12
network components 33-4
packet-forwarding process 33-4
N
named aggregate policers, creating 34-31
named IPv6 ACLs, configuring
ACLs
configuring named IPv6 ACLs 42-20
named MAC extended ACLs
ACLs
configuring named MAC extended 42-19
native VLAN
and 802.1Q tunneling 23-4
specifying 14-6
neighbor offset numbers, REP 18-4
NetFlow
aggregation
minimum mask,default value 48-11
destination-prefix aggregation
configuration (example) 48-16
minimum mask, configuring 48-11
IP
flow switching cache 48-9
prefix aggregation
configuration (example) 48-14
minimum mask, configuring 48-11
source-prefix aggregation
minimum mask, configuring 48-11
switching
checking for required hardware 48-6
configuration (example) 48-13
configuring switched IP flows 48-8
enabling Collection 48-7
exporting cache entries 48-9
statistics 48-9
NetFlow statistics
caveats on supervisor 48-6
checking for required hardware 48-6
configuring collection 48-6
enabling Collection 48-7
exporting cache entries 48-9
overview of collection 48-2
switched/bridged IP flows 48-8
Network Assistant
and VTY 11-11
configure
enable communication with switch 11-13, 11-17
default configuration 11-2
overview of CLI commands 11-2
network fault tolerance 1-3, 16-22
network management
configuring 24-1
RMON 50-1
SNMP 47-1
network performance, measuring with IP SLAs 49-3
network policy TLV 25-2, 25-6
Network Time Protocol
See NTP
network traffic, marking 34-73
New Software Features in Release 7.7
TDR 7-3
Next Hop Resolution Protocol
See NHRP
NFFC/NFFC II
IGMP snooping and 21-5
NHRP
support 1-9
non-IP traffic filtering 42-19
non-RPF traffic
description 31-9
in redundant configurations (figure) 31-10
Nonstop Forwarding
See NSF
nonvolatile random-access memory
See NVRAM
normal-range VLANs
See VLANs
NSF
defined 9-1
guidelines and restrictions 9-9
operation 9-5
NSF-aware
supervisor engines 9-3
support 9-2
NSF-capable
supervisor engines 9-3
support 9-2
NSF with SSO supervisor engine redundancy
and CEF 9-5
overview 9-4
SSO operation 9-4
NTP
associations
authenticating 4-4
defined 4-2
enabling broadcast messages 4-7
peer 4-6
server 4-6
default configuration 4-4
displaying the configuration 4-11
overview 4-2
restricting access
creating an access group 4-9
disabling NTP services per interface 4-10
source IP address, configuring 4-10
stratum 4-2
synchronizing devices 4-6
time
services 4-2
synchronizing 4-2
NVRAM
saving settings 3-10
O
OIR
overview 6-26
Online Diagnostics 51-1
online insertion and removal
See OIR
Open Shortest Path First
See OSPF
operating system images
See system images
Option 82
enabling DHCP Snooping 40-9
OSPF
area concept 1-10
description 1-10
P
packets
modifying 34-16
software processed
and QoS 34-16
packet type filtering
overview 45-15
SPAN enhancement 45-15
PACL, using with access-group mode 42-34
PACL with VLAN maps and router ACLs 42-36
PAgP
understanding 20-3
passwords
configuring enable password 3-13
configuring enable secret password 3-13
encrypting 3-22
in clusters 11-8
recovering lost enable password 3-25
setting line password 3-14
PBR (policy-based routing)
configuration (example) 32-5
enabling 32-3
features 32-2
overview 32-1, 32-2
route maps 32-2
when to use 32-2
per-port and VLAN Access Control List 40-17
per-port per-VLAN QoS
enabling 34-48
overview 34-16
Per-VLAN Rapid Spanning Tree 16-6
enabling 16-20
overview 16-6
PE to CE routing, configuring 33-7
Physical Layer 3 interfaces, configuring 28-11
PIM
configuring dense mode 31-14
configuring sparse mode 31-14
displaying information 31-15
displaying statistics 31-20
enabling sparse-dense mode 31-14, 31-15
overview 31-3
PIM-DM 31-3
PIM-SM 31-3
ping
executing 7-7
overview 7-7
ping command 7-7, 31-16
PoE
configuring power consumption for single device 10-6
configuring power consumption for switch 10-5
displaying PoE consumed by a module 10-8
Enhanced support on E-series 10-12
power consumption for powered devices
Intelligent Power Management 10-4
powering down a module 10-20
power management modes 10-2
show interface status 10-7
point-to-point
in 802.1X authentication (figure) 37-2, 37-17
police command 34-38
policed-DSCP map 34-59
policers
description 34-5
types of 34-10
policies
See QoS policies
policing
how to implement 34-73
See QoS policing
policy associations, QoS on Sup 6-E 34-92
policy-map command 34-34, 34-36
policy map marking action, configuring 34-78
policy maps
attaching to interfaces 34-40
configuring 34-36
port ACLs
and voice VLAN 42-4
defined 42-3
limitations 42-5
Port Aggregation Protocol
see PAgP
port-based authentication
802.1X with voice VLAN 37-18
changing the quiet period 37-44
client, defined 37-2
configuration guidelines 37-23
configure 802.1X accounting 37-32
configure switch-to-RADIUS server communication 37-26
configure with Authentication Failed VLAN assignment 37-40
configure with Critical Authentication 37-36
configure with Guest-VLANs 37-32, 37-41
configure with MAC Authentication Bypass 37-35
configure with Wake-on-LAN 37-39
configuring
Multiple Domain Authentication 37-28
configuring Guest-VLAN 37-26
configuring manual re-authentication of a client 37-47
controlling authorization state 37-5
default configuration 37-22
described 37-1
device roles 37-2
displaying statistics 37-48
enabling 37-23
enabling multiple hosts 37-43
enabling periodic re-authentication 37-42
encapsulation 37-3
host mode 37-6
initiation and message exchange 37-3
method lists 37-23
multidomain authentication 37-19
multiple-hosts mode, described 37-6
port security
multiple-hosts mode 37-7
ports not supported 37-4
resetting to default values 37-48
setting retransmission number 37-46
setting retransmission time 37-45
topologies, supported 37-21
using with port security 37-15
with Critical Authentication 37-12
with Guest VLANs 37-8
with MAC Authentication Bypass 37-9
with VLAN assignment 37-7
port-based QoS features
See QoS
port-channel interfaces
See also EtherChannel
creating 20-6
overview 20-2
port-channel load-balance
command 20-12
command example 20-12
port-channel load-balance command 20-13
port cost (STP)
configuring 16-15
port description TLV 25-2
PortFast
and MST 16-23
BPDU filter, configuring 19-10
configuring or enabling 19-16
overview 19-7
PortFast BPDU filtering
and MST 16-23
enabling 19-10
overview 19-9
port numbering with TwinGig Convertors 6-9
port priority
configuring MST instances 16-32
configuring STP 16-13
ports
blocking 43-1
checking status 7-2
dynamic VLAN membership
example 12-25
reconfirming 12-23
forwarding, resuming 43-3
REP 18-5
See also interfaces
port security
aging 38-5
and QoS trusted boundary 34-26
configuring 38-7
displaying 38-27
guidelines and restrictions 38-32
on access ports 38-6, 38-21
on private VLAN 38-13
host 38-14
over Layer 2 EtherChannel 38-32
promiscuous 38-15
topology 38-14, 38-17, 38-32
on trunk port 38-16
guidelines and restrictions 38-14, 38-17, 38-20, 38-32
port mode changes 38-21
on voice ports 38-21
RADIUS accounting 37-16
sticky learning 38-5
using with 802.1X 37-15
violations 38-6
with 802.1X Authentication 38-31
with DHCP and IP Source Guard 38-30
with other features 38-32
port states
description 16-5
port trust state
See trust states
port VLAN ID TLV 25-2
power
inline 35-5
power dc input command 10-17
power handling for Supervisor Engine II-TS 10-12
power inline command 10-3
power inline consumption command 10-5, 10-6
power management
Catalyst 4500 series 10-6
Catalyst 4500 Switch power supplies 10-13
Catalyst 4948 series 10-20
configuring combined mode 10-12
configuring redundant mode 10-11
overview 10-1
redundancy 10-6
power management for Catalyst 4500 Switch
combined mode 10-8
redundant mode 10-8
power management limitations in Catalyst 4500 Switch 10-9
power management mode
selecting 10-8
power management TLV 25-2, 25-6
Power-On-Self-Test diagnostics 51-3, 51-14
Power-On-Self-Test for Supervisor Engine V-10GE 51-8
power redundancy-mode command 10-11
power supplies
available power for Catalyst 4500 Switch 10-13
fixed 10-7
variable 10-7, 10-20
preempt delay time, REP 18-5
primary edge port, REP 18-4
primary VLANs 36-3, 36-5
associating with secondary VLANs 36-14
configuring as a PVLAN 36-13
priority
overriding CoS of incoming frames 35-5
priority queuing, QoS on Sup 6-E 34-85
private VLAN
configure port security 38-14
enabling DHCP Snooping 40-11
private VLANs
across multiple switches 36-5
and SVIs 36-10
benefits of 36-3
community ports 36-4
community VLANs 36-3, 36-4
default configuration 36-11
end station access to 36-3
isolated port 36-5
isolated VLANs 36-3, 36-4, 36-5
ports
community 36-4
isolated 36-5
promiscuous 36-5
primary VLANs 36-3, 36-5
promiscuous ports 36-5
secondary VLANs 36-3
subdomains 36-3
traffic in 36-9
privileged EXEC mode 2-5
privileges
changing default 3-23
configuring levels 3-23
exiting 3-24
logging in 3-24
promiscuous ports
configuring PVLAN 36-15
defined 36-5
setting mode 36-22
protocol timers 16-4
provider edge devices 33-2
pruning, VTP
See VTP pruning
pseudobridges
description 16-25
PVACL 40-17
PVID (port VLAN ID)
and 802.1X with voice VLAN ports 37-18
PVLAN promiscuous trunk port
configuring 36-2, 36-15, 36-19
PVLANs
802.1q support 36-12
across multiple switches 36-6
configuration guidelines 36-11
configure port security 38-13, 38-15, 38-17
configure port security in a wireless setting 38-32
configure port security over Layer 2 EtherChannel 38-32
configuring 36-10
configuring a VLAN 36-13
configuring promiscuous ports 36-15
host ports
configuring a Layer 2 interface 36-16
setting 36-22
overview 36-1
permitting routing, example 36-21
promiscuous mode
setting 36-22
setting
interface mode 36-22
Q
QoS
allocating bandwidth 34-56
and software processed packets 34-16
auto-QoS
configuration and defaults display 34-20
configuration guidelines 34-19
described 34-17
displaying 34-20
effects on NVRAM configuration 34-19
enabling for VoIP 34-19
basic model 34-5
burst size 34-32
classification34-6to 34-10
configuration guidelines 34-25
auto-QoS 34-19
configuring
auto-QoS 34-17
DSCP maps 34-58
dynamic buffer limiting 34-28
traffic shaping 34-57
trusted boundary 34-26
configuring Layer 2 Control Packet QoS, feature interaction 34-65
configuring Layer 2 Control Packet QoS, guidelines 34-64
configuring Layer 2 Control Packet QoS, overview 34-61
configuring UBRL 34-42
configuring VLAN-based on Layer 2 interfaces 34-52
creating named aggregate policers 34-31
creating policing rules 34-33
default auto configuration 34-18
default configuration 34-24
definitions 34-3
disabling on interfaces 34-40
enabling and disabling 34-51
enabling hierarchical policers 34-46
enabling on interfaces 34-40
enabling per-port per-VLAN 34-48
flowcharts 34-8, 34-12
IP phones
automatic classification and queueing 34-17
detection and trusted settings 34-17, 34-26
overview 34-2
overview of per-port per-VLAN 34-16
packet modification 34-16
port-based 34-52
priority 34-15
traffic shaping 34-16
transmit rate 34-57
trust states
trusted device 34-26
VLAN-based 34-52
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length 34-14
QoS labels
definition 34-3
QoS mapping tables
CoS-to-DSCP 34-58
DSCP-to-CoS 34-60
policed-DSCP 34-59
types 34-14
QoS marking
description 34-5
QoS on Sup 6-E
Active Queue management via DBL 34-89
active queue management via DBL 34-82, 34-89
classification 34-72
configuring 34-68
configuring the policy map marking action 34-78
hardware capabilities for marking 34-78
hierarchical policies 34-90
how to implement policing 34-73
marking action drivers 34-76
marking network traffic 34-73
MQC-based QoS configuration 34-68
multi-attribute marking support 34-77
platform hardware capabilities 34-71
platform restrictions 34-73
platform-supported classification criteria and QoS features 34-68, 34-70
policing 34-72
policy associations 34-92
prerequisites for applying a service policy 34-71
priority queuing 34-85
queue-limiting 34-86
restrictions for applying a service policy 34-71
shaping 34-80
sharing(bandwidth) 34-82
sharing(blandwidth), shapring, and priority queuing 34-80
software QoS 34-93
traffic marking procedure flowchart 34-76
QoS policers
burst size 34-32
types of 34-10
QoS policing
definition 34-5
described 34-5, 34-10
QoS policy
attaching to interfaces 34-11
overview of configuration 34-33
QoS service policy
prerequisites 34-71
restrictions for applying 34-71
QoS transmit queues
allocating bandwidth 34-56
burst 34-16
configuring traffic shaping 34-57
mapping DHCP values to 34-55
maximum rate 34-16
overview 34-14
sharing link bandwidth 34-15
QoS transmit queues, configuring 34-55
Quality of service
See QoS
queueing 34-6, 34-14
queue-limiting, QoS on Sup 6-E 34-86
R
RADIUS server
configure to-Switch communication 37-26
configuring settings 37-28
parameters on the switch 37-26
range command 6-5
range macros
defining 6-6
ranges of interfaces
configuring 6-5
Rapid Spanning Tree
See RSTP
rcommand command 11-12
re-authentication of a client
configuring manual 37-47
enabling periodic 37-42
reconfirming dynamic VLAN membership 12-23
reduced MAC address 16-2
redundancy
configuring 8-8
guidelines and restrictions 8-6
changes made through SNMP 8-11
NSF-aware support 9-2
NSF-capable support 9-2
overview 8-2
redundancy command 8-8
understanding synchronization 8-5
redundancy (NSF) 9-1
configuring
BGP 9-11
CEF 9-11
EIGRP 9-16
IS-IS 9-14
OSPF 9-13
routing protocols 9-5
redundancy (RPR)
route processor redundancy 8-3
synchronization 8-5
redundancy (SSO)
redundancy command 9-10
route processor redundancy 8-3
synchronization 8-5
reload command 3-28, 3-29
Remote Network Monitoring
See RMON
REP
administrative VLAN 18-7
administrative VLAN, configuring 18-8
and STP 18-5
configuration guidelines 18-6
configuring interfaces 18-9
convergence 18-3
default configuration 18-6
manual preemption, configuring 18-11
monitoring 18-12
neighbor offset numbers 18-4
open segment 18-2
ports 18-5
preempt delay time 18-5
primary edge port 18-4
ring segment 18-2
secondary edge port 18-4
segments 18-1
characteristics 18-2
SNMP traps, configuring 18-12
supported interfaces 18-1
triggering VLAN load balancing 18-5
verifying link integrity 18-3
VLAN blocking 18-11
VLAN load balancing 18-4
replication
description 31-8
report suppression, IGMP
disabling 22-11
reserved-range VLANs
See VLANs
reset command 54-3
resetting an interface to default configuration 6-30
resetting a switch to defaults 3-31
Resilient Ethernet ProtocolLSee REP
responder, IP SLAs
described 49-4
enabling 49-8
response time, measuring with IP SLAs 49-4
restricting access
NTP services 4-8
TACACS+ 3-15
retransmission number
setting in 802.1X authentication 37-46
retransmission time
changing in 802.1X authentication 37-45
RFC
1157, SNMPv1 47-2
1305, NTP 4-2
1757, RMON 50-2
1901, SNMPv2C 47-2
1902 to 1907, SNMPv2 47-2
2273-2275, SNMPv3 47-2
RIP
description 1-10
RMON
default configuration 50-3
displaying status 50-7
enabling alarms and events 50-4
groups supported 50-2
overview 50-1
ROM monitor
boot process and 3-26
CLI 2-7
commands54-2to 54-3
debug commands 54-5
entering 54-2
exiting 54-6
overview 54-1
root bridge
configuring 16-9
selecting in MST 16-22
root guard
and MST 16-23
enabling 19-2
overview 19-2
routed packets
ACLs 42-31
route-map (IP) command 32-3
route maps
defining 32-3
PBR 32-2
router ACLs
description 42-3
using with VLAN maps 42-30
router ACLs, using PACL with VLAN maps 42-36
route targets
VPN 33-4
Routing Information Protocol
See RIP
RPF
<Emphasis>See Unicast RPF
RSPAN
configuration guidelines 45-16
destination ports 45-5
IDS 45-2
monitored ports 45-4
monitoring ports 45-5
received traffic 45-3
sessions
creating 45-17
defined 45-3
limiting source traffic to specific VLANs 45-23
monitoring VLANs 45-22
removing source (monitored) ports 45-21
specifying monitored ports 45-17
source ports 45-4
transmitted traffic 45-4
VLAN-based 45-5
RSTP
compatibility 16-23
description 16-22
port roles 16-24
port states 16-24
S
SAID
See 802.10 SAID
scheduling 34-14
defined 34-5
overview 34-6
scheduling, IP SLAs operations 49-5
secondary edge port, REP 18-4
secondary root switch 16-12
secondary VLANs 36-3
associating with primary 36-14
permitting routing 36-21
security
configuring 39-1
Security Association Identifier
See 802.10 SAID
selecting a power management mode 10-8
selecting X2/TwinGig Convertor Mode 6-10
sequence numbers in log messages 46-8
servers, VTP
See VTP servers
service policy, configure class-level queue-limit 34-86
service-policy command 34-34
service-policy input command 27-2, 34-40
service-provider networks
and customer VLANs 23-2
set default interface command 32-4
set interface command 32-4
set ip default next-hop command 32-4
set ip next-hop command 32-3
set-request operation 47-4
severity levels, defining in system messages 46-9
shaping, QoS on Sup 6-E 34-80
sharing(bandwidth), QoS on Sup 6-E 34-82
show adjacency command 29-10
show boot command 3-31
show catalyst4000 chassis-mac-address command 16-3
show cdp command 24-2, 24-3
show cdp entry command 24-4
show cdp interface command 24-3
show cdp neighbors command 24-4
show cdp traffic command 24-4
show ciscoview package command 4-33
show ciscoview version command 4-33
show cluster members command 11-12
show configuration command 6-15
show debugging command 24-4
show environment command 10-2
show history command 2-4
show interfaces command 6-20, 6-22, 6-27, 6-29
show interfaces status command 7-2
show ip cache flow aggregation destination-prefix command 48-12
show ip cache flow aggregation prefix command 48-12
show ip cache flow aggregation source-prefix command 48-12
show ip cache flow command 48-9
show ip cef command 29-9
show ip eigrp interfaces command 28-18
show ip eigrp neighbors command 28-18
show ip eigrp topology command 28-18
show ip eigrp traffic command 28-18
show ip interface command 31-16
show ip local policy command 32-5
show ip mroute command 31-16
show ip pim interface command 31-16
show l2protocol command 23-12
show lldp traffic command 25-8
show mac-address-table address command 7-3
show mac-address-table interface command 7-3
show mls entry command 29-9
show module command 7-2, 16-5
show power inline command 10-7
show power inline consumption command 10-5
show power supplies command 10-11
show protocols command 6-27
show running-config command
adding description for an interface 6-15
checking your settings 3-9
displaying ACLs 42-24, 42-26, 42-33, 42-34
show startup-config command 3-10
show users command 7-6
show version command 3-29
shutdown, command 6-28
shutdown threshold for Layer 2 protocol packets 23-9
shutting down
interfaces 6-27
Simple Network Management Protocol
See SNMP
single spanning tree
See SST
slot numbers, description 6-2
Smartports macros
applying global parameter values 15-8
applying macros 15-8
applying parameter values 15-8
configuration guidelines 15-6
configuring 15-2
creating 15-7
default configuration 15-3
defined 15-1
displaying 15-13
tracing 15-6
SNMP
accessing MIB variables with 47-4
agent
described 47-4
disabling 47-7
and IP SLAs 49-2
authentication level 47-10
community strings 47-4
configuring 47-7
overview 47-4
configuration examples 47-16
configuration guidelines 47-6
default configuration 47-6
enabling 53-16
engine ID 47-6
groups 47-6, 47-9
host 47-6
informs
and trap keyword 47-11
described 47-5
differences from traps 47-5
enabling 47-14
limiting access by TFTP servers 47-15
limiting system log messages to NMS 46-10
manager functions 47-3
notifications 47-5
overview 47-1, 47-4
security levels 47-3
status, displaying 47-17
system contact and location 47-15
trap manager, configuring 47-13
traps
described 47-3, 47-5
differences from informs 47-5
enabling 47-11
enabling MAC address notification 4-22
enabling MAC move notification 4-24
enabling MAC threshold notification 4-26
overview 47-1, 47-4
types of 47-11
users 47-6, 47-9
versions supported 47-2
SNMP commands 53-16
SNMP traps
REP 18-12
SNMPv1 47-2
SNMPv2C 47-2
SNMPv3 47-2
software
upgrading 8-13
software configuration register 3-26
software QoS, on Sup 6-E 34-93
software switching
description 29-6
interfaces 29-7
key data structures used 31-7
SPAN
and ACLs 45-5
configuration guidelines 45-7
configuring45-6to 45-10
destination ports 45-5
IDS 45-2
monitored port, defined 45-4
monitoring port, defined 45-5
received traffic 45-3
sessions
defined 45-3
source ports 45-4
transmitted traffic 45-4
VLAN-based 45-5
SPAN and RSPAN
concepts and terminology 45-3
default configuration 45-6
displaying status 45-25
overview 45-1
session limits 45-6
SPAN enhancements
access list filtering 45-13
configuration example 45-16
CPU port sniffing 45-10
encapsulation configuration 45-12
ingress packets 45-12
packet type filtering 45-15
spanning-tree backbonefast command 19-16
spanning-tree cost command 16-15
spanning-tree guard root command 19-2
spanning-tree portfast bpdu-guard command 19-9
spanning-tree portfast command 19-7
spanning-tree port-priority command 16-13
spanning-tree uplinkfast command 19-13
spanning-tree vlan
command 16-9
command example 16-9
spanning-tree vlan command 16-8
spanning-tree vlan cost command 16-15
spanning-tree vlan forward-time command 16-19
spanning-tree vlan hello-time command 16-17
spanning-tree vlan max-age command 16-18
spanning-tree vlan port-priority command 16-13
spanning-tree vlan priority command 16-17
spanning-tree vlan root primary command 16-10
spanning-tree vlan root secondary command 16-12
speed
configuring interface 6-13
speed command 6-13
SSO
configuring 9-10
SSO operation 9-4
SST
description 16-22
interoperability 16-24
static addresses
See addresses
static routes
configuring 3-11
verifying 3-12
statistics
displaying 802.1X 37-48
displaying PIM 31-20
LLDP 25-7
LLDP-MED 25-7
NetFlow accounting 48-9
SNMP input and output 47-17
sticky learning
configuration file 38-5
defined 38-5
disabling 38-5
enabling 38-5
saving addresses 38-5
sticky MAC addresses
configuring 38-7
defined 38-4
Storm Control
displaying 44-7
enabling Broadcast 44-3
enabling Multicast 44-4
hardware-based, implementing 44-2
overview 44-1
software-based, implementing 44-3
STP
and REP 18-5
bridge ID 16-2
configuring16-7to 16-20
creating topology 16-4
defaults 16-6
disabling 16-19
enabling 16-7
enabling extended system ID 16-8
enabling Per-VLAN Rapid Spanning Tree 16-20
EtherChannel guard
disabling 19-7
forward-delay time 16-18
hello time 16-17
Layer 2 protocol tunneling 23-7
maximum aging time 16-18
overview 16-2, 16-3
per-VLAN rapid spanning tree 16-6
port cost 16-15
port priority 16-13
root bridge 16-9
stratum, NTP 4-2
stub routing (EIGRP)
benefits 28-17
configuration tasks 28-17
configuring 28-13
overview 28-12, 28-13
restrictions 28-17
verifying 28-18
subdomains, private VLAN 36-3
summer time 4-13
supervisor engine
accessing the redundant 8-15
configuring3-8to 3-13
copying files to standby 8-15
default configuration 3-1
default gateways 3-11
environmental monitoring 10-1
redundancy 9-1
ROM monitor 3-26
startup configuration 3-25
static routes 3-11
synchronizing configurations 8-11
Supervisor Engine II-TS
insufficient inline power handling 10-18, 10-12
SVI Autostate Exclude
understanding 28-3
SVI Autostate exclude
configuring 28-7
switched packets
and ACLs 42-30
Switched Port Analyzer
See SPAN
switching, NetFlow
checking for required hardware 48-6
configuration (example) 48-13
configuring switched IP flows 48-8
enabling Collection 48-7
exporting cache entries 48-9
switchport
show interfaces 6-20, 6-22, 6-29
switchport access vlan command 14-6, 14-8
switchport block multicast command 43-2
switchport block unicast command 43-2
switchport mode access command 14-8
switchport mode dot1q-tunnel command 23-6
switchport mode dynamic command 14-6
switchport mode trunk command 14-6
switch ports
See access ports
switchport trunk allowed vlan command 14-6
switchport trunk encapsulation command 14-6
switchport trunk encapsulation dot1q command 14-3
switchport trunk encapsulation isl command 14-3
switchport trunk encapsulation negotiate command 14-3
switchport trunk native vlan command 14-6
switchport trunk pruning vlan command 14-7
switch-to-RADIUS server communication
configuring 37-26
sysret command 54-5
system
reviewing configuration 3-10
settings at startup 3-27
system alarms
on Sup 2+ to V-10GE 10-5
on Sup 6-E 10-5
overview 10-4
system capabilities TLV 25-2
system clock
configuring
daylight saving time 4-13
manually 4-11
summer time 4-13
time zones 4-12
displaying the time and date 4-12
overview 4-2
See also NTP
system description TLV 25-2
system image
specifying the startup 3-30
system images
loading from Flash memory 3-30
modifying boot field 3-27
specifying 3-30
system message logging
default configuration 46-3
defining error message severity levels 46-9
disabling 46-5
displaying the configuration 46-13
enabling 46-5
facility keywords, described 46-13
level keywords, described 46-9
limiting messages 46-10
message format 46-2
overview 46-1
sequence numbers, enabling and disabling 46-8
setting the display destination device 46-5
synchronizing log messages 46-6
timestamps, enabling and disabling 46-8
UNIX syslog servers
configuring the daemon 46-11
configuring the logging facility 46-12
facilities supported 46-13
system MTU
802.1Q tunneling 23-5
maximums 23-5
system name
default configuration 4-15
default setting 4-15
manual configuration 4-15
See also DNS
system name TLV 25-2
system prompt, default setting 4-14, 4-15
T
TACACS+ 39-1
accounting, defined 3-16
authentication, defined 3-16
authorization, defined 3-16
configuring
accounting 3-21
authentication key 3-18
authorization 3-21
login authentication 3-19
default configuration 3-18
displaying the configuration 3-22
identifying the server 3-18
limiting the services to the user 3-21
operation of 3-17
overview 3-15
tracking services accessed by user 3-21
tagged packets
802.1Q 23-3
Layer 2 protocol 23-7
TCAM programming algorithm
changing 42-9
TCAM programming algorithm, overview 42-7
TCAM programming and ACLs 42-10, 42-12
for Sup II-Plust thru V-10GE 42-6
TCAM programming and ACLs for Sup 6-E 42-15
TCAM region, changing the algorithm 42-9
TCAM region, resizing 42-10
TDR
checking cable connectivity 7-3
enabling and disabling test 7-3
guidelines 7-3
Telnet
accessing CLI 2-2
disconnecting user sessions 7-6
executing 7-5
monitoring user sessions 7-6
telnet command 7-5
Terminal Access Controller Access Control System Plus
See TACACS+
TFTP
configuration files in base directory 3-5
configuring for autoconfiguration 3-4
limiting access by servers 47-15
TFTP download
See also console download
threshold monitoring, IP SLAs 49-6
time
See NTP and system clock
Time Domain Reflectometer
See TDR
time exceeded messages 7-8
timer
See login timer
timestamps in log messages 46-8
time zones 4-12
TLVs
defined 1-3, 25-2
LLDP-MED 25-2
Token Ring
media not supported (note) 12-5, 12-10
Topology change notification processing
MLD Snooping
Topology change notification processing 22-5
TOS
description 34-4
trace command 7-9
traceroute
See IP traceroute
See Layer 2 Traceroute
traceroute mac command 7-10
traceroute mac ip command 7-10
traffic
blocking flooded 43-2
traffic control
using ACLs (figure) 42-4
using VLAN maps (figure) 42-5
traffic marking procedure flowchart 34-76
traffic shaping 34-16
translational bridge numbers (defaults) 12-4
transmit queues
See QoS transmit queues
transmit rate 34-57
traps
configuring MAC address notification 4-22
configuring MAC move notification 4-24
configuring MAC threshold notification 4-26
configuring managers 47-11
defined 47-3
enabling 4-22, 4-24, 4-26, 47-11
notification types 47-11
overview 47-1, 47-4
troubleshooting
with CiscoWorks 47-4
with system message logging 46-1
with traceroute 7-8
troubleshooting high CPU due to ACLs 42-12
trunk ports
configure port security 38-16
configuring PVLAN36-17to 36-19
trunks
802.1Q restrictions 14-5
configuring 14-6
configuring access VLANs 14-6
configuring allowed VLANs 14-6
default interface configuration 14-6
different VTP domains 14-3
enabling to non-DTP device 14-4
encapsulation 14-3
specifying native VLAN 14-6
understanding 14-3
trusted boundary for QoS 34-26
Trust State of interfaces, configuring
trust states
configuring 34-53
tunneling
defined 23-1
tunnel ports
802.1Q, configuring 23-6
described 23-2
incompatibilities with other features 23-5
TwinGig Convertors
limitations on using 6-10
port numbering 6-9
selecting X2/TwinGig Convertor mode 6-10
type of service
See TOS
U
UDLD
default configuration 26-2
disabling 26-4, 26-5
enabling 26-4
UDP jitter, configuring 49-9
UDP jitter operation, IP SLAs 49-8
unauthorized ports with 802.1X 37-4
Understanding Spanning-Tree Protocol 16-2
Understanding VLANS 12-1
Understanding VTP 12-8
unicast
See IP unicast
unicast flood blocking
configuring 43-1
unicast MAC address filtering
and adding static addresses 4-29
and broadcast MAC addresses 4-28
and CPU packets 4-29
and multicast addresses 4-28
and router MAC addresses 4-28
configuration guidelines 4-28
described 4-28
unicast MAC address filtering, configuring
ACLs
configuring unicast MAC address filtering 42-19
Unicast RPF (Unicast Reverse Path Forwarding)
applying 30-5
BGP attributes
caution 30-5
CEF
requirement 30-2
tables 30-7
configuring 30-9
(examples)??to 30-12
BOOTP 30-8
DHCP 30-8
enterprise network (figure) 30-6
prerequisites 30-9
routing table requirements 30-7
tasks 30-9
verifying 30-10
deploying 30-5
description 30-2
disabling 30-11
enterprise network (figure) 30-6
FIB 30-2
implementing 30-4
maintaining 30-10
monitoring 30-10
packets, dropping (figure) 30-4
prerequisites 30-9
restrictions
basic 30-8
routing asymmetry 30-7
routing asymmetry (figure) 30-8
routing table requirements 30-7
security policy
applying 30-5
attacks, mitigating 30-5
deploying 30-5
tunneling 30-5
source addresses, validating 30-3
(figure) 30-3, 30-4
failure 30-3
traffic filtering 30-5
tunneling 30-5
validation
failure 30-3, 30-4
packets, dropping 30-3
source addresses 30-3
verifying 30-10
unicast traffic
blocking 43-2
unidirectional ethernet
enabling 27-2
example of setting 27-2
overview 27-1
UniDirectional Link Detection Protocol
See UDLD
UNIX syslog servers
daemon configuration 46-11
facilities supported 46-13
message logging configuration 46-12
UplinkFast
and MST 16-23
enabling 19-16
MST and 16-23
overview 19-11
User Based Rate Limiting
configuring 34-43
overview 34-42
user EXEC mode 2-5
user sessions
disconnecting 7-6
monitoring 7-6
using PACL with access-group mode 42-34
V
VACLs
Layer 4 port operations 42-15
virtual configuration register 54-3
virtual LANs
See VLANs
Virtual Private Network
See VPN
Virtual Switch System(VSS), displaying EtherChannel to 20-15
VLAN ACLs
See VLAN maps
VLAN-based QoS on Layer 2 interfaces, configuring 34-52
VLAN blocking, REP 18-11
vlan command 12-7
vlan dot1q tag native command 23-4
VLAN ID, discovering 4-30
VLAN load balancing
REP 18-4
VLAN load balancing, triggering 18-5
VLAN Management Policy Server
See VMPS
VLAN maps
applying to a VLAN 42-26
configuration example 42-27
configuration guidelines 42-23
configuring 42-22
creating and deleting entries 42-23
defined 42-3
denying access example 42-28
denying packets 42-24
displaying 42-29
order of entries 42-23
permitting packets 42-24
router ACLs and 42-30
using (figure) 42-5
using in your network 42-26
VLAN maps, PACL and Router ACLs 42-36
VLANs
allowed on trunk 14-6
configuration guidelines 12-3
configuring 12-5
customer numbering in service-provider networks 23-3
default configuration 12-4
description 1-6
extended range 12-3
IDs (default) 12-4
interface assignment 12-8
limiting source traffic with RSPAN 45-23
monitoring with RSPAN 45-22
name (default) 12-4
normal range 12-3
overview 12-1
reserved range 12-3
See also PVLANs
VLAN Trunking Protocol
See VTP
VLAN trunks
overview 14-3
VMPS
configuration file example 12-28
configuring dynamic access ports on client 12-22
configuring retry interval 12-23
database configuration file 12-28
dynamic port membership
example 12-25
reconfirming 12-23
reconfirming assignments 12-23
reconfirming membership interval 12-23
server overview 12-17
VMPS client
administering and monitoring 12-24
configure switch
configure reconfirmation interval 12-23
dynamic ports 12-22
entering IP VMPS address 12-21
reconfirmation interval 12-23
reconfirm VLAM membership 12-23
default configuration 12-20
dynamic VLAN membership overview 12-20
troubleshooting dynamic port VLAN membership 12-25
VMPS server
fall-back VLAN 12-19
illegal VMPS client requests 12-19
overview 12-17
security modes
multiple 12-19
open 12-18
secure 12-18
voice interfaces
configuring 35-1
Voice over IP
configuring 35-1
voice ports
configuring VVID 35-3
voice traffic 10-2, 35-5
voice VLAN
IP phone data traffic, described 35-2
IP phone voice traffic, described 35-2
voice VLAN ports
using 802.1X 37-18
VPN
configuring routing in 33-6
forwarding 33-4
in service provider networks 33-1
routes 33-2
routing and forwarding table
See VRF
VRF
defining 33-4
tables 33-1
VTP
configuration guidelines 12-12
configuring12-12to 12-17
configuring transparent mode 12-16
default configuration 12-12
disabling 12-16
Layer 2 protocol tunneling 23-7
monitoring 12-16
overview 12-8
See also VTP version 2
VTP advertisements
description 12-9
VTP clients
configuring 12-15
VTP domains
description 12-9
VTP modes 12-9
VTP pruning
enabling 12-13
overview 12-10
VTP servers
configuring 12-14
VTP statistics
displaying 12-16
VTP version 2
enabling 12-14
overview 12-10
See also VTP
VTY and Network Assistant 11-11
VVID (voice VLAN ID)
and 802.1X authentication 37-18
configuring 35-3
W
Wake-on-LAN
configure with 802.1X 37-39
WCCP
configuration examples 52-8
configuring on a router 52-1, 52-10
features 52-4
restrictions 52-5
service groups 52-6
Web Cache Communication Protocol
See WCCP 52-1
web caches
See cache engines
web cache services
description 52-4
web caching
See web cache services
See also WCCP