- Preface
- Product Overview
- Command-Line Interfaces
- Configuring the Switch for the First Time
- Administering the Switch
- Configuring Virtual Switching Systems
- Configuring the Cisco IOS In-Service Software Upgrade Process
- Configuring the Cisco IOS XE In Service Software Upgrade Process
- Configuring Interfaces
- Checking Port Status and Connectivity
- Configuring Trustsec
- RPR
- Configuring Supervisor Engine Redundancy Using RPR and SSO on Supervisor Engine 7-E and Supervisor Engine 7L-E
- Configuring Cisco NSF with SSO Supervisor Engine Redundancy
- Environmental Monitoring and Power Management
- Configuring Power over Ethernet
- Configuring the Catalyst 4500 Series Switch with Cisco Network Assistant
- Configuring VLANs, VTP, and VMPS
- Configuring IP Unnumbered Interface
- Configuring Layer 2 Ethernet Interfaces
- Configuring SmartPort Macros
- Configuring Cisco IOS Auto Smartport Macros
- Configuring STP and MST
- Configuring Flex Links and MAC Address-Table Move Update
- Configuring Resilient Ethernet Protocol
- Configuring Optional STP Features
- Configuring EtherChannel and Link State Tracking
- Configuring IGMP Snooping and Filtering, and MVR
- Configuring IPv6 MLD Snooping
- Configuring 802.1Q Tunneling, VLAN Mapping, and Layer 2 Protocol Tunneling
- Configuring CDP
- Configuring LLDP, LLDP-MED, and Location Service
- Configuring UDLD
- Configuring Unidirectional Ethernet
- Configuring Layer 3 Interfaces
- Configuring Cisco Express Forwarding
- Configuring Unicast Reverse Path Forwarding
- Configuring IP Multicast
- Configuring ANCP Client
- Configuring Bidirectional Forwarding Detection
- Configuring Policy-Based Routing
- Configuring VRF-lite
- Configuring Quality of Service
- Configuring Voice Interfaces
- Configuring Private VLANs
- Configuring MACsec Encryption
- Configuring 802.1X Port-Based Authentication
- Configuring the PPPoE Intermediate Agent
- Configuring Web-Based Authentication
- Configuring Port Security
- Configuring Control Plane Policing and Layer 2 Control Packet QoS
- Configuring Dynamic ARP Inspection
- Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
- Configuring Network Security with ACLs
- Support for IPv6
- Port Unicast and Multicast Flood Blocking
- Configuring Storm Control
- Configuring SPAN and RSPAN
- Configuring Wireshark
- Configuring Enhanced Object Tracking
- Configuring System Message Logging
- Onboard Failure Logging (OBFL)
- Configuring SNMP
- Configuring NetFlow-lite
- Configuring Flexible NetFlow
- Configuring Ethernet OAM and CFM
- Configuring Y.1731 (AIS and RDI)
- Configuring Call Home
- Configuring Cisco IOS IP SLA Operations
- Configuring RMON
- Performing Diagnostics
- Configuring WCCP Version 2 Services
- Configuring MIB Support
- ROM Monitor
- Acronyms and Abbreviations
- configIX
Index
10/100 autonegotiation feature, forced 8-21
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 8-13
deploy with Gigabit Ethernet SFP ports 8-12, 8-13
10-slot chassis, support for WS-X46490-CSFP-E 8-17
special considerations 14-21
1400 W DC SP Triple Input power supply
special considerations 14-22
802.10 SAID (default) 17-5
standard 45-2
trunks 22-6
compatibility with other features 29-5
defaults 29-3
described 29-2
tunnel ports with other features 29-6
trunk restrictions 19-4
Authentication Failed VLAN assignment 46-17
for Critical Authentication 46-14
for guest VLANs 46-11
for MAC Authentication Bypass 46-12
for Unidirectional Controlled Port 46-15
VLAN User Distribution 46-16
web-based authentication 46-14
with port security 46-19
with VLAN assignment 46-10
with voice VLAN ports 46-22
802.1X Host Mode 46-6
multiauthentication mode 46-8
multidomain authentication mode 46-7
single-host 46-7
802.1x-REV 45-2
9000W AC, displaying OBFL 14-4
AAA 50-1
AAA (authentication, authorization, and accounting). See also port-based authentication. 48-2
abbreviating commands 2-5
about Wireshark 58-5
access control entries and lists 50-1
access-group mode, configuring on Layer 2 interface 53-31
access-group mode, using PACL with 53-30
access list filtering, SPAN enhancement 57-13
using with WCCP 71-8
and Layer 2 protocol tunneling 29-15
configure port security 49-7, 49-22
configuring 19-7
access VLANs 19-5
with RADIUS 46-111
with TACACS+ 3-16, 3-21
ACLs 53-2
IP 1-41, 53-2
Layer 4 operation restrictions 53-10
ACEs and ACLs 50-1
ACL assignments, port-based authentication 46-20
ACL assignments and redirect URLs, configure 46-38
ACL configuration, displaying a Layer 2 interface 53-32
ACEs 53-2
and SPAN 57-5
and TCAM programming for Sup 6-E 53-10
and TCAM programming for Sup II-Plus thru V-10GE 53-6
applying IPv6 ACLs to a Layer 3 interface 53-17
applying on routed packets 53-26
applying on switched packets 53-25
compatibility on the same switch 53-3
configuring with VLAN maps 53-25
CPU impact 53-12
downloadable 48-7
hardware and software support 53-6
IP, matching criteria for port ACLs 53-4
MAC extended 53-14
matching criteria for router ACLs 53-3
and voice VLAN 53-4
defined 53-3
processing 53-12
selecting mode of capturing control packets 53-7
troubleshooting high CPU 53-6
types supported 53-3
understanding 53-2
VLAN maps 53-5
ACLs, applying to a Layer 2 interface 53-31
ACLs and VLAN maps, examples 53-19
acronyms, list of 1-1
action drivers, marking 42-21, 42-55
activating and deactivating a capture point, Wireshark 58-13
activating and deactivating Wiresharkcapture points, conceptual, Wireshark 58-9
active queue management 42-9
active queue management via DBL, QoS on Sup 6-E 42-34, 42-68
active traffic monitoring, IP SLAs 68-1
adding members to a community 16-9
displaying the MAC table 4-44
changing the aging time 4-30
defined 4-28
learning 4-29
removing 4-31
IPv6 54-2
MAC, discovering 4-44
adding and removing 4-36
defined 4-28
address resolution 4-44
description 35-2
displaying statistics 35-9
REP, configuring 24-9
administrative VLAN, REP 24-8
LLDP 1-7, 31-2
aggregation switch, enabling DHCP snooping 52-9
MAC address table 4-30
All Auth manager sessions, displaying summary 46-126
All Auth manager sessions on the switch authorized for a specified authentication method 46-126
enabling and configuring 38-2
guidelines and restrictions 38-5
identify a port with DHCP option 82 38-4
identify a port with protocol 38-2
overview 38-1
identifying a port with 38-2
applying IPv6 ACLs to a Layer 3 interface 53-17
AQM via DBL, QoS on Sup 6-E 42-34, 42-68
archiving crashfiles information 2-8
defined 4-44
address resolution 4-44
managing 4-44
asymmetrical links, and 802.1Q tunneling 29-3
attachment points, Wireshark 58-6
vendor-proprietary 46-114
vendor-specific 46-112
NTP associations 4-4
key 46-104
login 46-106
See also port-based authentication
defined 3-16
key 3-18
login 3-19
Authentication, Authorization, and Accounting (AAA) 50-1
Authentication Failed, configuring 80.1X 46-70
Authentication methods registered with the Auth manager, determining 46-125
authentication open comand 46-8
authentication proxy web pages 48-4
defined 46-3
RADIUS server 46-3
Auth manager session for an interface, verifying 46-126
Auth manager summary, displaying 46-126
authoritative time source, described 4-2
with RADIUS 46-110
with TACACS+ 3-16, 3-21
authorized and unauthorized ports 46-5
authorized ports with 802.1X 46-5
autoconfiguration 3-2
considerations 16-7
configuring 8-31
displaying the configuration 8-32
overview 8-30
forced 10/100Mbps 8-21
Auto SmartPorts built-in macros
configuring parameters 21-6
built-in macros 21-5
configuration guidelines 21-5
default configuration 21-4
defined 21-1
displaying 21-13
enabling 21-4
IOS shell 21-2, 21-10
defined 1-2
Auto SmartPorts user-defined macros
configuring 21-10
auto-sync command 11-8, 12-7
interacting with 8-29
adding a switch (figure) 25-3
and MST 22-23
configuring 25-15
link failure (figure) 25-14, 25-15
not supported MST 22-23
understanding 25-13
login 4-27
message-of-the-day login 4-24
default configuration 4-24
when displayed 4-24
b command 73-3
and hardware support 39-7
BFD in a BGP network 39-25
BFD in an EIGRP network with echo mode enabled by default 39-17
BFD in an OSPF network 39-22
support for static routing 39-27
Echo mode 39-15
session parameters on the interface 39-8
Slow timer 39-16
support for BGP 39-9
support for dynamic routing protocols 39-9
support for EIGRP 39-10
support for OSPF 39-11
support for static routing 39-13
disabling echo mode without asymmetry 39-16
monitoring and troubleshooting 39-17
neighbor relationships 39-3
operation 39-3
prerequisites 39-2
restrictions 39-2
b flash command 73-3
BGP 1-17
routing session with multi-VRF CE 41-9
blocking packets 55-1
RSTP comparisons (table) 22-24
Boolean expressions in tracked lists 59-4
boot bootldr command 3-31
boot command 3-28
boot commands 73-3
See configuration register boot fields
boot system command 3-26, 3-31
boot system flash command 3-28
description 22-27
and MST 22-23
configuring 25-15
overview 25-8
and media speed 22-2
pseudobridges and 22-25
what they contain 22-3
bridge priority (STP) 22-17
disabling 56-5
enabling 56-3
Built-in macros and user-defined triggers, configuring mapping 21-9
cache engine clusters 71-1
cache engines 71-1
description 1-24, 67-2
message format options 67-2
format options 67-2
call home 67-1
alert groups 67-6
configuring e-mail options 67-9
contact information 67-4
default settings 67-18
destination profiles 67-5
displaying information 67-14
mail-server priority 67-10
pattern matching 67-9
periodic notification 67-8
rate limit messages 67-9
severity threshold 67-8
smart call home feature 67-2
SMTP server 67-9
testing communications 67-10
configuring 67-6
description 67-6
subscribing 67-7
assigning information 67-4
call home destination profiles
attributes 67-5
configuring 67-5
description 67-5
displaying 67-16
full-txt format for syslog 67-25
XML format for syslog 67-28
automatic discovery 16-7
defined 16-12
capture filter, Wireshark 58-7
capture points, Wireshark 58-6
selecting mode 53-7
BGP optional attributes 36-4
encrypting 3-22
automatic discovery in communities 16-7
configuration 30-2
defined with LLDP 31-1
displaying configuration 30-3
enabling on interfaces 30-3
host presence detection 46-8
Layer 2 protocol tunneling 29-13
maintaining 30-3
monitoring 30-3
overview 1-3, 30-1
cdp enable command 30-3
adjacency tables 35-2
and NSF with SSO 13-5
configuring load balancing 35-7
displaying statistics 35-8
enabling 35-6, 70-2
hardware switching 35-4
load balancing 35-6
overview 35-1
software switching 35-4
certificate authority (CA) 67-3
and Ethernet OAM, configuring 65-51
and Ethernet OAM interaction 65-51
clearing 65-31
configuration guidelines 65-7, 66-4
configuring crosscheck for VLANs 65-11
configuring fault alarms 65-16
configuring port MEP 65-14
configuring static remote MEP 65-13, 65-16, 65-18
crosscheck 65-5
defined 65-2
EtherChannel support 65-7, 66-4
configuring 65-16
IP SLAs support for 65-6
IP SLAs with endpoint discovers 65-21
maintenance domain 65-2
manually configuring IP SLAs ping or jitter 65-19
measuring network performance 65-6
monitoring 65-32, 65-33
port MEP, configuring 65-14
remote MEPs 65-5
static RMEP, configuring 65-13, 65-16, 65-18
static RMEP check 65-5
described 65-27
overview 27-2
Change of Authorization, RADIUS 46-97
channel-group group command 5-46, 26-8, 26-10
Cisco 7600 series Internet router
enabling SNMP 72-4, 72-5
Cisco Group Management Protocol
Cisco IOS IP SLAs 68-2
support 13-2
Cisco IOS NSF-capable support 13-2
configuring 43-3
sound quality 43-1
credentials 45-10
802.1x mode 45-11
configuration example 45-14
manual mode 45-12
Cisco TrustSec Network Device Admission Control
CiscoWorks 2000 62-4
description 22-22
civic location 31-3
class level, configure in a service policy 42-31, 42-65
clear cdp counters command 30-4
clear cdp table command 30-3
clear counters command 8-36
Ethernet CFM 65-31
IP multicast table entries 37-28
clear ip eigrp neighbors command 34-19
accessing 2-2
backing out one level 2-5
getting commands 2-5
history substitution 2-4
managing clusters 16-13
modes 2-5
monitoring environments 57-1
ROM monitor 2-7
software basics 2-4
client processes, tracking 59-1
in 802.1X authentication 46-3
command switch characteristics
and VTY 16-12
convert to a community 16-10
through CLI 16-13
overview 16-2
CLI 16-13
passwords 16-8
CoA Request Commands 46-100
command-line processing 2-3
command modes 2-5
b 73-3
b flash 73-3
boot 73-3
confreg 73-3
dev 73-3
dir device 73-3
frame 73-5
i 73-3
listing 2-5
meminfo 73-5
reset 73-3
ROM monitor 73-2 to 73-3
ROM monitor debugging 73-5
SNMP 72-4
sysret 73-5
requirements 16-11
common and internal spanning tree
access modes in Network Assistant 16-9
adding devices 16-9
communication protocols 16-8
community name 16-8
configuration information 16-9
converting from a cluster 16-10
host name 16-8
passwords 16-8
community ports 44-3
configuring 62-7
overview 62-4
community VLANs 44-2, 44-3
configure as a PVLAN 44-15
compiling MIBs 72-4
config-register command 3-29
config terminal command 3-9
configurable leave timer,IGMP 27-4
SNMP 62-15
limiting TFTP server access 62-15
obtaining with DHCP 3-6
saving 3-10
system contact and location information 62-14
CFM 65-7, 66-4
Ethernet OAM 65-35
REP 24-7
SNMP 62-6
VLAN mapping 29-10
listing value 3-29
modifying 3-28
changing from ROM monitor 73-3
changing settings 3-28 to 3-29
configuring 3-26
settings at startup 3-27
configure class-level queue-limit in a service policy 42-31, 42-65
configure terminal command 3-29, 8-2
configuring access-group mode on Layer 2 interface 53-31
configuring flow control 8-23
configuring interface link and trunk status envents 8-37
configuring named IPv6 ACLs 53-16
configuring named MAC extended ACLs 53-14, 53-15
configuring unicast MAC address filtering 53-13
configuring VLAN maps 53-17
confreg command 73-3
console configuration mode 2-5
console download 73-4 to 73-5
disconnecting user sessions 9-7
monitoring user sessions 9-6
assigning for call home 67-4
controlling switch access with RADIUS 46-95
and Layer 2 Control packet QoS, configuration example 50-14
configuration guidelines and restrictions 50-8
configuring for control plane traffic 50-4
configuring for data plane and management plan traffic 50-5
defaults 50-4
general guidelines 50-3
monitoring 50-9
understanding 50-2
control protocol, IP SLAs 68-4
REP 24-4
copy running-config startup-config command 3-10
copy system:running-config nvram:startup-config command 3-32
core system filter, Wireshark 58-6
definition 42-3
figure 42-2
overriding on Cisco IP Phones 43-5
priority 43-5
clearing MFIB 37-28
clearing on interfaces 8-36
CPU, impact of ACL processing 53-12
CPU port sniffing 57-10
crashfiles information, archiving 2-8
configure with 802.1X 46-62
crosscheck, CFM 65-5, 65-11
description 22-25
IST and 22-22
MST and 22-22
customer edge devices 41-2
C-VLAN 1-2, 29-7
configuration examples 52-15
enabling the DHCP Snooping 52-13
daylight saving time 4-13
debug commands, ROM monitor 73-5
decoding and displaying packets, Wireshark 58-9
802.1X 46-27
banners 4-24
DNS 4-23
Ethernet OAM 65-35
IGMP filtering 27-30
IGMP snooping 28-5, 28-6
IP SLAs 68-6
IPv6 54-7
Layer 2 protocol tunneling 29-16
LLDP 31-5
MAC address table 4-30
MVR 27-23
NTP 4-4
private VLANs 44-12
RADIUS 46-103
REP 24-7
resetting the interface 8-40
RMON 69-3
SNMP 62-5
SPAN and RSPAN 57-6
system message logging 60-3
TACACS+ 3-18
VLAN mapping 29-9
Y.1731 65-29
configuring 3-11
verifying configuration 3-11
default settings, erase commad 3-32
default web-based authentication configuration
802.1X 48-6
defining/modifying/deleting a capture point, Wireshark 58-12
IP address spoofing, mitigating 36-5
Unicast RPF, deploying 36-5
denying access to a server on another VLAN 53-23
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 8-12, 8-13
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 8-13
description command 8-23
dev command 73-3
device discovery protocol 31-1
call home format 67-21, 67-22
configuring 46-118
rate limit for incoming packets 52-13
denial-of-service attacks, preventing 52-13
configuring 52-13
client request message exchange 3-3
client side 3-3
DNS 3-5
relay device 3-5
server-side 3-4
TFTP server 3-4
example 3-7
for IP address information 3-4
for receiving the configuration file 3-4
overview 3-2
relationship to BOOTP 3-3
identifying a port with 38-4
overview 52-4
enabling, and Option 82 52-10
accepting untrusted packets form edge switch 52-10
configuring 52-6
default configuration 52-7
displaying binding tables 52-19
displaying configuration 52-19
displaying information 52-18
enabling 52-7
enabling on private VLAN 52-12
enabling on the aggregation switch 52-9
enabling the database agent 52-13
message exchange process 52-4
monitoring 52-23
option 82 data insertion 52-4
overview 52-1
Snooping database agent 52-2
adding to the database (example) 52-18
enabling (example) 52-15
overview 52-2
reading from a TFTP file (example) 52-17
online 70-1
causes of failure 70-20
how it works 70-10
overview 70-10
Power-On-Self-Test for Supervisor Engine V-10GE 70-13
Differentiated Services Code Point values
DiffServ architecture, QoS 42-2
Digital optical monitoring transceiver support 8-19
dir device command 73-3
RSTP comparisons (table) 22-24
broadcast storm control 56-5
disabling multicast storm control 56-5
disconnect command 9-7
discovery, Ethernet OAM 65-34
display dection and removal events 15-7
display filter, Wireshark 58-7
Auth Manager sumary for an interface 46-126
MAB details 46-128
summary of all Auth manager sessions 46-126
summary of all Auth manager sessions on the switch authorized for a specified authentication method 46-126
displaying EtherChannel to a Virtual Switch System 26-16
displaying storm control 56-6
displaying Wireshark information 58-14
display PoE consumed by a module 15-8
display PoE detection and removal events 15-7
and DHCP-based autoconfiguration 3-5
default configuration 4-23
displaying the configuration 4-24
overview 4-22
setting up 4-23
DNS 4-22
802.1Q tunneling 29-2
Layer 2 protocol tunneling 29-15
downloading MIBs 72-3, 72-4
drop threshold for Layer 2 protocol packets 29-16
definition 42-4
IP precedence 42-2
using Enhanced PAgP 5-23
Dual-Active Detection, using Fast-Hello 5-24
duplex command 8-22
configuring interface 8-20
ARP cache poisoning 51-2
ACLs for non-DHCP environments 51-11
in DHCP environments 51-5
log buffer 51-14
rate limit for incoming ARP packets 51-16
denial-of-service attacks, preventing 51-16
interface trust state, security coverage 51-3
configuring 51-14
logging of dropped packets 51-4
overview 51-1
port channels, their behavior 51-5
priority of static bindings 51-4
purpose of 51-2
rate limiting of ARP packets 51-4
configuring 51-16
validation checks, performing 51-19
Dynamic Host Configuration Protocol snooping
example 17-29
limit on hosts 17-28
reconfirming 17-26
troubleshooting 17-28
changing retransmission time 46-85
exchanging (figure) 46-4, 46-6, 46-13
request/identity 46-4
response/identity 46-4
setting retransmission number 46-86
802.1X authentication and 46-3
OTP authentication, example (figure) 46-4, 46-13
start 46-4
Echo mode,configuring BFD 39-15
description 22-27
overview 1-17
configuration examples 34-19
monitoring and maintaining 34-19
benefits 34-17
configuration tasks 34-18
configuring 34-14
overview 34-14
restrictions 34-17
verifying 34-18
overview 1-17
eigrp stub command 34-18
EIGRP stub routing, configuring 34-13
ELIN location 31-3
assigning for call home 67-4
Call Home 1-24, 67-2
displaying information 4-48
installing and configuring 4-45
overview 4-45
emergency alarms on Sup Engine 6-E systems 14-5
enable command 3-9, 3-28
enable mode 2-5
enabling SNMP 72-4, 72-5
encryption keying 45-2
encryption keys, MKA 45-2
Enhanced Interior Gateway Routing Protocol
defined 59-1
IP routing state 59-2
line-protocol state 59-2
tracked lists 59-3
Enhanced PoE support on E-series 15-15
Enhanced PoE support on E-series,configuring Universal PoE 15-16
using CLI commands 14-1
EPM logging 46-129
configuring 15-14
channel-group group command 5-46, 26-8, 26-10
configuration guidelines 5-30, 26-5
configuring 26-6 to 26-16
configuring (tasks) 5-30
configuring Layer 2 26-10
configuring Layer 3 26-7
DFC restriction, see CSCdt27074 in the Release Notes
displaying to a virtual switch system 26-16
interface port-channel command 26-7
command example 26-13
modes 26-3
overview 26-2
Understanding 26-4
physical interface configuration 5-46, 26-7
port-channel interfaces 26-2
port-channel load-balance command 26-14
removing 26-15
removing interfaces 26-15
understanding 5-2
disabling 25-6
enabling 25-6
overview 25-6
and routing 8-6
and routing protocols 8-6
configuring 8-10
default setting 8-6
described 1-29, 8-6
for network management 1-29, 8-6
specifying 8-10
supported features 8-10
unsupported features 8-10
Ethernet management port, internal
and routing protocols 8-6
Ethernet Management Port, using 8-6
Ethernet OAM 65-34
and CFM interaction 65-51
configuration guidelines 65-35
configuring with CFM 65-51
default configuration 65-35
discovery 65-34
enabling 65-36, 65-52
link monitoring 65-34, 65-38
messages 65-34
defined 65-33
monitoring 65-49
remote failure indications 65-34
remote loopback 65-34, 65-37
templates 65-45
Ethernet OAM protocol CFM notifications 65-51
Ethernet Remote Defect Indication (ETH-RDI) 65-28
configuring, 802.1X-based 21-8
configuring, MAC address-based 21-9
enabling 27-11
Extensible Authentication Protocol over LAN 46-2
Failure detection, using BFD 39-7
configure with 802.1X 46-77
overview 37-11
dual-active detection 5-24
Fast-Hello dual-active detection, configuring 5-50
on VSL failure 5-14
configuring probe message interval 32-8
default configuration 32-4
displaying link status 32-9
enabling globally 32-5
enabling on individual interface 32-7
enabling per-interface 32-6
modes of operation 32-3
resetting disabled LAN interfaces 32-8
use case 32-2
Fast UDLD, overview 32-1
feature interactions, Wireshark 58-10
description 35-2
disabling UDLD 32-7
Filter-ID ACL and Per-User ACL, configureport-based authentication
configure Per-User ACL and Filter-ID ACL 46-45
in a VLAN 53-18
non-IP traffic 53-14, 53-15
filters, Wireshark 58-6
flags 37-12
configuring router to boot from 3-31
loading system images from 3-30
security precautions 3-31
caveats 64-1, 64-7
defined 1-4, 64-1
configuration guidelines 23-6
configuring 23-6, 23-7
configuring preferred VLAN 23-9
configuring VLAN load balancing 23-8
monitoring 23-12
flooded traffic, blocking 55-2
flowchart, traffic marking procedure 42-21, 42-55
flow control, configuring 8-23
For 15-13
configuring 22-19
frame command 73-5
get-bulk-request operation 62-3
get-next-request operation 62-3, 62-4
get-request operation 62-3, 62-4
get-response operation 62-3
deploy with 10-Gigabit Ethernet 8-12, 8-13
GLBP, introduction 1-15
global configuration mode 2-5
configure with 802.1X 46-57
hardware and software ACL support 53-6
hardware switching 35-5
configuring 22-17
high CPU due to ACLs, troubleshooting 53-6
CLI 2-4
history table, level and number of syslog messages 60-9
configuring MST bridges 22-28
limit on dynamic port 17-28
host modes, MACsec 45-3
kinds of 44-4
host presence CDP message 46-8
description 1-16
HSRP, introduction 1-16
hw-module module num power command 14-22
enabling 9-12
ping 9-7
running IP traceroute 9-9
time exceeded messages 9-9
configuring 68-11
IP SLAs 68-11
i command 73-3
using with SPAN and RSPAN 57-2
IEEE 802.1ag 65-2
configurable-leave timer 27-4
description 37-3
enabling 37-14
explicit host tracking 27-4
immediate-leave processing 27-3
leave processing, enabling 28-8
overview 27-2
disabling 28-10
configuring 27-31
default configuration 27-30
described 27-30
monitoring 27-34
setting the maximum number 27-33
configuration guidelines 27-9
applying 27-32
configuration mode 27-31
configuring 27-31
leave timer 27-9
Learning Methods 27-7
static connection to a multicast router 27-8
configuring host statically 27-11
explicit host tracking 27-11
suppressing multicast flooding 27-12
configuration guidelines 27-5
default configuration 28-5, 28-6
globally 27-6
on a VLAN 27-6
enabling and disabling 28-6
IP multicast and 37-4
monitoring 27-14, 28-10
overview 27-2
group 27-16
hot membership 27-15
how to 27-15
MAC address entries 27-18
multicast router interfaces 27-17
on a VLAN interface 27-18
Querier information 27-19
IGMPSnooping Querier, configuring 27-10
enabling 28-8
enabling 27-8
ingress packets, SPAN enhancement 57-12
configuring on Cisco IP phones 43-5
insufficient inline power handling for Supervisor Engine II-TS 14-22
Intelligent Power Management 15-4
interacting with Baby Giants 8-29
displaying operational status 15-6
interface command 3-9, 8-2
REP 24-10
interface link and trunk status events
configuring 8-37
interface port-channel command 5-45, 26-7
interface range command 8-4
interface range macro command 8-11
adding descriptive name 8-23
clearing counters 8-36
configuring 8-2
configuring ranges 8-4
displaying information about 8-36
Layer 2 modes 19-3
maintaining 8-35
monitoring 8-35
naming 8-23
numbers 8-2
overview 8-2
restarting 8-37
using the Ethernet Management Port 8-6
Internet Control Message Protocol
Internet Group Management Protocol
802.1X Identity-Based Network Security, list of supported features 1-34
Bidirectional Forwarding Detection 1-14
Cisco Call Home 1-24
Cisco Energy Wise 1-24
Cisco Express Forwarding 1-14
Cisco IOS IP Service Level Agreements 1-24
Cisco IOS Mediatrace and Performance Monitor 1-26
Cisco Medianet AutoQoS 1-25
Cisco Medianet Flow Metadata 1-26
Cisco Media Services Proxy 1-25
Cisco TrustSec MACsec Encryption 1-35
Cisco TrustSec Security Architecture 1-36
Debugging Features (platform and debug platform) 1-43
Device Sensor 1-14
Dynamic Host Control Protocol 1-28
Easy Virtual Network 1-28
EIGRP Stub routing 1-14
Embedded Event Manager 1-29
Enhanced Object Tracking 1-15
EtherChannel bundles 1-3
Ethernet CFM 1-3
Ethernet Management Port 1-29
Ethernet OAM Protocol 1-3
FAT File Management System (Sup 60-E, 6L-E, 4948E, and 4900M) 1-30
File System Management (Sup 7-E and 7L-E) 1-29
Flexible Netflow (Sup 7-E and 7L-E) 1-4
Flex Link and MAC Address-Table Move Update 1-4
GLBP 1-15
hard-based Control Plane Policing 1-37
HSRP 1-16
In Service Software Upgrade 1-19
Intelligent Power Management 1-30
Internet Group Management Protocol (IGMP) Snooping 1-4
IP Routing protocols 1-17
IP Source Guard 1-38
IP Source Guard or Static Hosts 1-38
IPv6 1-19
IPv6 First Hop Security 1-39
IPv6 Multicast BSR and BSR Scoped Zone Support, introduction 1-5
IPv6 Multicast Listen Discovery (MLD) and Multicast Listen Discovery Snooping 1-6
IS-IS 1-18
Jumbo Frame 1-6
Layer 2 traceroute 1-43
Link Aggregation Control Protocol 1-7
MAC Address Notification 1-30
Layer 2 802.1X authentication 1-40
Layer 2 IP validation 1-40
NetFlow-lite 1-30
Network Security with ACLs (IP ACLs, MAC ACLs, Port ACLs, Router, ACLs, and VLAN ACLs) 1-41
NSF with SSO 1-20
OSPF 1-18
OSPF for Routed Access 1-21
Port Security 1-41
Power over Ethernet 1-31
RIP 1-19
Simple Network Management Protocol 1-31
SPAN and RSPAN 1-32
Time Domain Reflectometry 1-43
Unicast Reverse Path Forwarding 1-22
Universal Power over Ethernet 1-32
Virtual Router Redundancy Protocol 1-22
VRF-lite 1-22
Web-based Authentication 1-43
Web Content Coordination Protocol 1-32
Wireshark 1-33
XML-PI 1-33
inventory management TLV 31-3, 31-9
configuring default gateway 3-11
configuring static routes 3-11
displaying statistics 35-8
128-bit 54-2
cluster candidate or member 16-12
cluster command switch 16-11
discovering 4-44
IPv6 54-2
ip cef command 35-6, 70-2
interfaces, displaying 34-19
ip icmp rate-limit unreachable command 9-12
ip igmp profile command 27-31
ip igmp snooping tcn flood command 27-13
ip igmp snooping tcn flood query count command 27-14
ip igmp snooping tcn query solicit command 27-14
through DHCP-based autoconfiguration 3-2
ip load-sharing per-destination command 35-7
ip local policy route-map command 40-8
ip mask-reply command 9-13
IP MTU sizes,configuring 34-9
clearing table entries 37-28
configuring 37-13
default configuration 37-13
displaying PIM information 37-23
displaying the routing table information 37-24
enabling dense-mode PIM 37-15
enabling sparse-mode 37-15
features not supported 37-13
hardware forwarding 37-9
IGMP snooping and 27-5, 37-4
overview 37-1
routing protocols 37-2
software forwarding 37-9
See also Auto-RP; IGMP; PIM; RP; RPF
enabling 37-14
monitoring and maintaining 37-23
ip multicast-routing command 37-14
IP multicast traffic, load splitting 37-22
configuring voice ports 43-3
See Cisco IP Phones 43-1
ip pim command 37-15
ip pim dense-mode command 37-15
ip pim sparse-dense-mode command 37-16
ip policy route-map command 40-7
IP Port Security for Static Hosts
on a Layer 2 access port 52-25
on a PVLAN host port 52-28
overview 52-24
ip redirects command 9-13
deleting entries 37-28
IPsec VPN, introduction 1-38
IP service levels, analyzing 68-1
benefits 68-2
CFM endpoint discovery 65-21
configuration guidelines 68-7
Control Protocol 68-4
default configuration 68-6
definition 68-1
ICMP echo operation 68-11
manually configuring CFM ping or jitter 65-19
measuring network performance 68-3
multioperations scheduling 68-5
operation 68-3
reachability tracking 59-9
described 68-4
enabling 68-7
response time 68-4
scheduling 68-5
SNMP support 68-2
supported metrics 68-2
threshold monitoring 68-6
track state 59-9
UDP jitter operation 68-8
configuring 52-20
configuring on private VLANs 52-22
displaying 52-22, 52-23
overview 52-23
displaying 35-8
executing 9-9
overview 9-8
displaying statistics 35-8
configuring on a range of Ethernet VLANs 18-5
configuring on LAN and VLAN interfaces 18-4
configuring with connected host polling 18-6
DHCP Option 82 18-2
displaying settings 18-7
format of agent remote ID suboptions 18-2
troubleshooting 18-8
with conected host polling 18-3
with DHCP server and Relay agent 18-2
ip unreachables command 9-12
IPv4, IPv6, and MAC ACLs, configuring on a Layer 2 interface 53-29
addresses 54-2
default configuration 54-7
defined 1-19, 54-1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 54-6
Router ID 54-6
OSPF 54-6
IPv6 control traffic, policing 50-16
IPv6 First Hop Security, introduction 1-39
redistribution of route information with EIGRP 1-17
is 29-19
IS-IS, introduction 1-18
trunking with 802.1Q tunneling 29-4
isolated port 44-4
isolated VLANs 44-2, 44-3, 44-4
compatibility matrix 5-59, 6-14, 7-13
compatiblity verification using Cisco Feature Navigator 5-60, 6-15, 7-14
NSF overview 6-3, 7-3
aborting a software upgrade 5-76, 6-34, 7-33
configuring the rollback timer as a safeguard 5-77, 6-35, 7-35
displaying a compatibility matrix 5-79, 6-36, 6-40, 7-36
loading the new software on the new standby 5-69, 6-27, 7-26
stopping the rollback timer 5-68, 6-26, 7-25
switching to the standby 5-66, 6-24, 7-23
verify the ISSU state 5-63, 6-20, 7-20
verify the redundancy mode 5-62, 6-19, 7-19
verify the software installation 5-61, 6-18, 7-18
vload the new software on standby 5-65, 6-21, 7-21
prerequisites 5-55, 6-2, 7-2
process overview 6-6, 7-6
restrictions 5-55, 6-2, 7-2
SNMP support 6-15, 7-14
SSO overview 6-3, 7-3
versioning capability in software to support 6-13
and MST regions 22-22
description 22-22
master 22-27
and ethernet ports 8-27
configuring MTU sizes for 8-28
ports and linecards that support 8-26
understanding MTUs 8-26
understanding support 8-26
VLAN interfaces 8-28
keyboard shortcuts 2-3
l2protocol-tunnel command 29-17
labels, definition 42-3
system ID 26-4
Layer 2 access ports 19-7
and CoPP configuration example 50-14
default configuation 50-11
disabling 50-13
enabvling 50-12
guideline and restrictions 50-16
understanding 50-11
classification with CoS 42-2
applying ACLs 53-31
configuring access-mode mode on 53-31
configuring IPv4, IPv6, and MAC ACLs 53-29
displaying an ACL configuration 53-32
assigning VLANs 17-7
configuring 19-5
configuring as PVLAN host ports 44-18
configuring as PVLAN promiscuous ports 44-17
configuring as PVLAN trunk ports 44-19
defaults 19-4
disabling configuration 19-8
modes 19-3
show interfaces command 19-6
resetting 44-24
setting 44-24
default configuration 29-16
guidelines 29-16
overview 19-1
and ARP 9-10
and CDP 9-10
host-to-host paths 9-10
IP addresses and subnets 9-10
MAC addresses and VLANs 9-10
multicast traffic 9-10
multiple devices on a port 9-10
unicast traffic 1-43, 9-9
usage guidelines 9-10
configuring 19-5
overview 19-3
Layer 3 interface, applying IPv6 ACLs 53-17
Layer 3 interface counters,configuring 34-10
Layer 3 interface counters,understanding 34-3
changing from Layer 2 mode 41-16
configuration guidelines 34-5
configuring VLANs as interfaces 34-7
overview 34-1
counters 34-3
logical 34-2
physical 34-2
SVI autostate exclude 34-3
classification methods 42-2
configuration guidelines 53-11
restrictions 53-10
Leave timer, enabling 27-9
licenses, managing with PRTU 4-14
limitations on using a TwinGig Convertor 8-14
Link Aggregation Control Protocol, introduction 1-7
configuring interface 8-37
link integrity, verifying with REP 24-4
link monitoring, Ethernet OAM 65-34, 65-38
configuration guidelines 26-21
default configuration 26-21
described 26-18
displaying status 26-22
generic configuration procedure 26-21
link status, displaying UDLD 32-9
RSTP comparisons (table) 22-24
configuring 31-4
characteristics 31-5
default configuration 31-5
globally 31-6
on an interface 31-7
monitoring and maintaining 31-14
overview 31-1
transmission timer and holdtime, setting 31-5
procedures 31-4
TLVs 31-9, 31-11
monitoring and maintaining 31-14
overview 31-1
supported TLVs 31-2
configuring for CEF 35-7
configuring for EtherChannel 26-14
overview 26-5, 35-6
per-destination 35-7
load splitting IP multicast traffic 37-22
overview 31-1
configuring 31-12
understanding 31-3
location TLV 31-3, 31-9
logging, EPM 46-129
configuring 34-6
logical layer 3 VLAN interfaces 34-2
with RADIUS 46-106
with TACACS+ 3-19
login banners 4-24
changing 9-6
logoutwarning command 9-6
and MST 22-23
configuring 25-4
overview 25-3
MAC/PHY configuration status TLV 31-2
aging time 4-30
allocating 22-6
and VLAN association 4-29
building tables 4-28, 19-2
convert dynamic to sticky secure 49-5
default configuration 4-30
disabling learning on a VLAN 4-39
discovering 4-44
displaying 9-3
displaying in DHCP snooping binding table 52-19
learning 4-29
removing 4-31
in ACLs 53-14
adding 4-37
allowing 4-38
characteristics of 4-36
dropping 4-38
removing 4-37
sticky 49-4
sticky secure, adding 49-5
MAC address learning, disabling on a VLAN 4-39
confuguring 4-39
deployment scenarios 4-40
feature compatibility 4-42
feature incompatibility 4-43
feature inompatibility 4-43
usage guidelines 4-40
displaying 4-44
configuration guidelines 23-10
configuring 23-10
monitoring 23-12
configure with 802.1X 46-60
MAC details, displaying 46-128
MAC extended access lists 53-14
macl 53-14
802.1AE Tagging 45-9
MACsec 45-2
configuring on an interface 45-7
defined 45-1, 45-2
switch-to-switch security 45-1
main-cpu command 11-8, 12-7
management address TLV 31-2
SNMP 62-1
Management Port, Ethernet 8-6
managing software licenses, using PRTU 4-14
manual preemption, REP, configuring 24-13
hardware capabilities 42-23, 42-57
marking action drivers 42-21, 42-55
marking network traffic 42-18, 42-52
marking support, multi-attribute 42-22, 42-56
match ip address command 40-6
configuring 22-18
configuration guidelines 46-23 to ??
described 46-23
configuration 5-45
described 5-14
failure 5-15
automatic discovery 16-7
managing 16-13
defined 16-2
meminfo command 73-5
messages, Ethernet OAM 65-34
messages, to users through banners 4-24
Y.1731 (AIS and RDI), introduction 1-12
metro tags 29-2
CEF 37-6
overview 37-12
displaying 37-26
compiling 72-4
downloading 72-3, 72-4
overview 62-1
related information 72-3
SNMP interaction with 62-4
configuring policies 45-6
defined 45-2
policies 45-2
replay protection 45-3
statistics 45-4
virtual ports 45-3
MLD Done messages and Immediate-leave 28-4
MLD messages 28-2
MLD queries 28-3
MLD reports 28-4
MLD Done messages and Immediate-leave 28-4
MLD messages 28-2
MLD queries 28-3
MLD reports 28-4
Multicast client aging robustness 28-3
Multicast router discovery 28-3
overview 28-1
Mode of capturing control packets, selecting 53-7
checking status 9-1
powering down 14-22
802.1Q tunneling 29-18
ACL information 53-35
Ethernet CFM 65-32, 65-33
Ethernet OAM 65-49
Ethernet OAM protocol 65-49
Flex Links 23-12
snooping 28-10
IGMP filters 27-34
IGMP snooping 27-14
Layer 2 protocol tunneling 29-18
MAC address-table move update 23-12
multicast router interfaces 28-11
multi-VRF CE 41-14, 41-21, 41-22
MVR 27-29
object tracking 59-12
REP 24-14
traffic flowing among switches 69-1
tunneling 29-18
VLAN filters 53-24
VLAN maps 53-24
monitoring and troubleshooting
BFD 39-17
M-record 22-23
and multiple spanning trees 1-8, 22-22
boundary ports 22-27
BPDUs 22-23
configuration parameters 22-26
configuring 22-29
displaying configurations 22-33
edge ports 22-27
enabling 22-29
hop count 22-28
configuring parameters 22-32
description 22-23
number supported 22-26
interoperability with PVST+ 22-23
link type 22-28
master 22-27
message age 22-28
regions 22-26
restrictions 22-29
to-SST interoperability 22-24
enabling 25-6
M-record 22-23
M-tree 22-23
M-tree 22-23
understanding 8-26
configuring 8-28, 8-29, 8-38
default 17-5
described 46-23
multiauthentication mode 46-8
Multicast client aging robustness 28-3
multicast Ethernet loopback, using 65-31
multicast Ethernet loopback (ETH-LB) 65-29
Multicast Forwarding Information Base (MFIB) 37-12
static joins 28-7
Multicast HA 37-13
HA 37-13
MFIB 37-12
S/M, 224/4 37-13
blocking 55-2
Multicast router discovery 28-3
multicast router interfaces, displaying 27-17
multicast router interfaces, monitoring 28-11
multicast router ports, adding 28-7
flood suppression 27-12
displaying 37-24
enabling 56-4
disabling 56-5
multicast television application, using MVR 27-21
see MEC 5-14
multidomain authentication mode 46-7
multioperations scheduling, IP SLAs 68-5
Multiple AuthorizationAuthentication
configuring 46-34
Multiple Domain Authentication 46-34
multiple forwarding paths 1-8, 22-22
multiple-hosts mode 46-7
multiple VPN routing/forwarding
components 41-3
configuration example 41-17
defined 41-1
displaying 41-14, 41-21, 41-22
monitoring 41-14, 41-21, 41-22
network components 41-3
packet-forwarding process 41-3
configuration guidelines and limitations 27-23
configuring global parameters 27-24
configuring on access ports 27-26
configuring on a trunk port 27-27
default configuration 27-23
displaying information 27-29
in a multicast television application 27-21
monitoring 27-29
setting global parameters 27-24
NAC Layer 2 802.1X authentication, intro 1-40
NAC Layer 2 IP validation, intro 1-40
configuring named IPv6 ACLs 53-16
configuring named MAC extended 53-14, 53-15
and 802.1Q tunneling 29-4
specifying 19-5
NDAC 45-9
defined 45-9
MACsec 45-1
configuring 46-88
overview 46-24
neighbor offset numbers, REP 24-5
clear commands 63-9
display commands 63-8
about 63-2
and VTY 16-12
enable communication with switch 16-13, 16-17
default configuration 16-3
overview of CLI commands 16-3
Network Device Admission Control (NDAC) 45-9
network fault tolerance 1-8, 22-22
configuring 30-1
RMON 69-1
SNMP 62-1
network performance, measuring with IP SLAs 68-3
network policy TLV 31-2, 31-9
network traffic, marking 42-18, 42-52
New Software Features in Release 7.7
TDR 9-3
support 1-18
disabling UDLD 32-7
non-IP traffic filtering 53-14, 53-15
description 37-10
in redundant configurations (figure) 37-11
nonvolatile random-access memory
defined 13-1
guidelines and restrictions 13-9
operation 13-4
supervisor engines 13-3
support 13-2
supervisor engines 13-3
support 13-2
NSF with SSO supervisor engine redundancy
and CEF 13-5
overview 13-3
SSO operation 13-4
authenticating 4-4
defined 4-2
enabling broadcast messages 4-7
peer 4-6
server 4-6
default configuration 4-4
displaying the configuration 4-11
overview 4-2
creating an access group 4-9
disabling NTP services per interface 4-10
source IP address, configuring 4-10
stratum 4-2
synchronizing devices 4-6
services 4-2
synchronizing 4-2
PPPoE Intermediate Agent 1-41
Storm Control 1-42
uRPF Strict Mode 1-42
saving settings 3-10
client 65-34
features 65-34
sublayer 65-34
configuring 65-52
with CFM and Ethernet OAM 65-51
OAM PDUs 65-35
OAM protocol data units 65-33
OBFL, displaying for the 9000W AC 14-4
monitoring 59-12
overview 8-33
on-demaind online diagnostics 70-2
troubleshooting 70-8
Online Diagnostics 70-1
configuring on-demaind 70-2
data path, displaying test results 70-7
displaying tests and test results 70-4
linecard 70-8
scheduling 70-2
starting and stopping tests 70-3
enabling DHCP Snooping 52-10
area concept 1-18
description 1-18
for IPv6 54-6
OSPF, introduction 1-18
OSPF for Routed Access, introduction 1-21
modifying 42-9
overview 57-14
SPAN enhancement 57-14
using with access-group mode 53-30
PACL configuration guidelines 53-28
PACL with VLAN maps and router ACLs 53-32
understanding 26-4
PAgP, dual-active detection 5-23
configuring enable password 3-14
configuring enable secret password 3-14
encrypting 3-22
in clusters 16-8
recovering lost enable password 3-25
setting line password 3-14
configuration (example) 40-8
enabling 40-6
features 40-2
overview 40-1
route-map processing logic 40-3
route-map processing logic example 40-4
route maps 40-2
when to use 40-5
percentage thresholds in tracked lists 59-6
Permanent Right-To_Use 4-14
per-port and VLAN Access Control List 52-19
enabling 42-36, 42-70
overview 42-10
Per-User ACL and Filter-ID ACL, configure 46-45
Per-VLAN Rapid Spanning Tree 22-6
enabling 22-20
overview 22-6
PE to CE routing, configuring 41-9
physical layer 3 interfaces 34-2
Physical Layer 3 interfaces, configuring 34-12
configuring dense mode 37-15
configuring sparse mode 37-15
displaying information 37-23
displaying statistics 37-27
enabling sparse-dense mode 37-15, 37-16
overview 37-3
PIM-DM 37-3
PIM on an interface, enabling 37-14
PIM-SM 37-3
PIM-SSM mapping, enabling 37-17
executing 9-8
overview 9-7
ping command 9-8, 37-23
PoE 15-7, 15-8
configuring power consumption, powered devices 15-5
configuring power consumption for single device 15-5, 15-16
displaying operational status for an interface 15-6
Enhanced PoE support on E-series 15-15
policing and monitoring 15-12
power consumption for powered devices
Intelligent Power Management 15-4
powering down a module 14-22
power management modes 15-2
configuring errdisable recovery 15-14
configuring on an interface 15-13
displaying on an interface 15-14
power modes 15-12
in 802.1X authentication (figure) 46-3
how to implement 42-18, 42-52
policing, PoE 15-12
policing IPv6 control traffic 50-16
policy associations, QoS on Sup 6-E 42-39, 42-73
policy-map command 42-16, 42-51
policy map marking action, configuring 42-23, 42-57
and voice VLAN 53-4
defined 53-3
802.1X with voice VLAN 46-22
Authentication Failed VLAN assignment 46-17
defined 48-2
changing the quiet period 46-84
client, defined 46-3, 48-2
configuration guidelines 46-29, 48-6
configure ACL assignments and redirect URLs 46-38
configure switch-to-RADIUS server communication 46-32
configure with Authentication Failed 46-70
configure with Critical Authentication 46-62
configure with Guest-VLANs 46-57
configure with MAC Authentication Bypass 46-60
configure with VLAN User Distribution 46-68
configure with Voice VLAN 46-72
Multiple Domain Authentication and Multiple Authorization 46-34
RADIUS server 48-10
RADIUS server parameters on the switch 48-9
configuring Fallback Authentication 46-77
configuring Guest-VLAN 46-32
configuring manual re-authentication of a client 46-94
configuring with Unidirectional Controlled Port 46-66
controlling authorization state 46-5
default configuration 46-27, 48-6
described 46-1
device roles 46-2, 48-2
displaying statistics 46-125, 48-14
enabling 46-29
802.1X authentication 48-9
enabling multiple hosts 46-83
enabling periodic re-authentication 46-81
encapsulation 46-3
host mode 46-6
how 802.1X fails on a port 46-25
initiation and message exchange 46-4
method lists 46-29
modes 46-6
multidomain authentication 46-23
multiple-hosts mode, described 46-7
multiple-hosts mode 46-7
ports not supported 46-5
pre-authentication open access 46-8
resetting to default values 46-95
setting retransmission number 46-86
setting retransmission time 46-85
as proxy 48-2
configuring 46-88
overview 46-24
topologies, supported 46-26
using with ACL assignments and redirect URLs 46-20
using with port security 46-19
configuring 46-74
described 46-22, 46-73
with Critical Authentication 46-14
with Guest VLANs 46-11
with MAC Authentication Bypass 46-12
with Unidirectional Controlled Port 46-15
with VLAN assignment 46-10
with VLAN User Distribution 46-16
creating 5-45, 26-7
overview 26-2
command 26-13
command example 26-13
port-channel load-balance command 26-14
configuring 22-15
port description TLV 31-2
and MST 22-23
BPDU filter, configuring 25-9
configuring or enabling 25-15
overview 25-6
and MST 22-23
enabling 25-9
overview 25-9
port numbering with TwinGig Convertors 8-13
configuring MST instances 22-32
configuring STP 22-13
blocking 55-1
checking status 9-2
example 17-29
reconfirming 17-26
forwarding, resuming 55-3
REP 24-6
aging 49-5
configuring 49-7
displaying 49-28
guidelines and restrictions 49-33
on access ports 49-7, 49-22
on private VLAN 49-14
host 49-14
promiscuous 49-16
topology 49-15, 49-18, 49-32
on trunk port 49-17
guidelines and restrictions 49-15, 49-18, 49-32
port mode changes 49-22
on voice ports 49-22
sticky learning 49-5
using with 802.1X 46-19
violations 49-6
with 802.1X Authentication 49-32
with DHCP and IP Source Guard 49-31
with other features 49-33
description 22-5
port VLAN ID TLV 31-2
inline 43-5
power dc input command 14-21
powered devices, configuring power consumption 15-5
power handling for Supervisor Engine II-TS 15-12
power inline command 15-3
power inline consumption command 15-5
Catalyst 4500 series 14-7
Catalyst 4500 Switch power supplies 14-14
Catalyst 4948 series 14-23
configuring combined mode 14-13
configuring redundant mode 14-12
overview 14-1
redundancy 14-7
power management for Catalyst 4500 Switch
combined mode 14-9
redundant mode 14-9
power management limitations in Catalyst 4500 Switch 14-10
selecting 14-10
power management TLV 31-2, 31-3, 31-9
through LLDP 31-11
Power-On-Self-Test diagnostics 70-10, 70-20
Power-On-Self-Test for Supervisor Engine V-10GE 70-13
power policing, displaying on an interface 15-14
power redundancy-mode command 14-13
available power for Catalyst 4500 Switch 14-14
fixed 14-8
variable 14-8, 14-23
pre-authentication open access 46-8
pre-authentication open access. See port-based authentication.
preempt delay time, REP 24-5
primary edge port, REP 24-4
primary VLANs 44-2, 44-4
associating with secondary VLANs 44-16
configuring as a PVLAN 44-15
overriding CoS of incoming frames 43-5
priority queuing, QoS on Sup 6-E 42-30, 42-64
configure port security 49-14, 49-15
enabling DHCP Snooping 52-12
across multiple switches 44-5
and SVIs 44-10
benefits of 44-2
community ports 44-3
community VLANs 44-2, 44-3
default configuration 44-12
end station access to 44-3
isolated port 44-4
isolated VLANs 44-2, 44-3, 44-4
community 44-3
isolated 44-4
promiscuous 44-4
primary VLANs 44-2, 44-4
promiscuous ports 44-4
secondary VLANs 44-2
subdomains 44-2
traffic in 44-9
privileged EXEC mode 2-5
changing default 3-23
configuring levels 3-23
exiting 3-24
logging in 3-24
configuring PVLAN 44-17
defined 44-4
setting mode 44-24
protocol timers 22-4
provider edge devices 41-2
PRTU, managing software licenses 4-14
description 22-25
PVACL 52-19
and 802.1X with voice VLAN ports 46-22
configuring 44-11, 44-17, 44-21
802.1q support 44-14
across multiple switches 44-5
configuration guidelines 44-12
configure port security 49-14, 49-16, 49-18
configure port security in a wireless setting 49-32
configuring 44-11
configuring a VLAN 44-15
configuring promiscuous ports 44-17
configuring a Layer 2 interface 44-18
setting 44-24
overview 44-1
permitting routing, example 44-23
setting 44-24
interface mode 44-24
classification 42-6 to ??
definitions 42-3
enabling per-port per-VLAN 42-36, 42-70
overview 42-1
overview of per-port per-VLAN 42-10
packet modification 42-9
traffic shaping 42-9
See also COS; DSCP values; transmit queues
tracking queue length 42-9
definition 42-3
description 42-5
Active Queue management via DBL 42-34, 42-68
active queue management via DBL 42-27, 42-34, 42-61, 42-68
classification 42-16, 42-50
configuring 42-13, 42-47
configuring CoS mutation 42-45, 42-79
configuring the policy map marking action 42-23, 42-57
hardware capabilities for marking 42-23, 42-57
how to implement policing 42-18, 42-52
marking action drivers 42-21, 42-55
marking network traffic 42-18, 42-52
MQC-based QoS configuration 42-13, 42-48
multi-attribute marking support 42-22, 42-56
platform hardware capabilities 42-15, 42-49
platform restrictions 42-18, 42-52
platform-supported classification criteria and QoS features 42-13, 42-14, 42-48
policing 42-17, 42-51
policy associations 42-39, 42-73
prerequisites for applying a service policy 42-15, 42-49
priority queuing 42-30, 42-64
queue-limiting 42-31, 42-65
restrictions for applying a service policy 42-15, 42-50
shaping 42-25, 42-59
sharing(bandwidth) 42-27, 42-61
sharing(blandwidth), shapring, and priority queuing 42-25, 42-59
software QoS 42-40, 42-74
traffic marking procedure flowchart 42-21, 42-55
definition 42-5
described 42-8
attaching to interfaces 42-8
prerequisites 42-15, 42-49
restrictions for applying 42-15, 42-50
burst 42-9
maximum rate 42-9
sharing link bandwidth 42-9
uplink forwarding 5-6
queueing 42-8
queue-limiting, QoS on Sup 6-E 42-31, 42-65
vendor-proprietary 46-114
vendor-specific 46-112
change of authorization 46-97
accounting 46-111
authentication 46-106
authorization 46-110
communication, global 46-104, 46-112
communication, per-server 46-103, 46-104
multiple UDP ports 46-104
default configuration 46-103
defining AAA server groups 46-108
displaying the configuration 46-116
identifying the server 46-103
limiting the services to the user 46-110
method list, defined 46-103
operation of 46-97
server load balancing 46-116
suggested network environments 46-96
tracking services accessed by user 46-111
understanding 46-96
RADIUS, controlling switch access with 46-95
RADIUS Change of Authorization 46-97
configure to-Switch communication 46-32
configuring settings 46-34
parameters on the switch 46-32
configuring 53-36
deployment 53-36
examples 53-37
introduction 53-35
usage guidelines 53-38
range command 8-4
defining 8-11
configuring 8-4
rcommand command 16-13
reachability, tracking IP SLAs IP host 59-9
configuring manual 46-94
enabling periodic 46-81
redirect URLs, port-based authentication 46-20
reduced MAC address 22-2
configuring 11-7, 12-7
guidelines and restrictions 11-5, 12-5
changes made through SNMP 11-11, 12-11
NSF-aware support 13-2
NSF-capable support 13-2
overview 11-2, 12-2
redundancy command 11-8, 12-7
understanding synchronization 11-4, 12-5
redundancy (NSF) 13-1
BGP 13-11
CEF 13-10
EIGRP 13-16
IS-IS 13-13
OSPF 13-12
routing protocols 13-5
route processor redundancy 11-2, 12-3
synchronization 11-5, 12-5
redundancy command 13-10
route processor redundancy 11-3, 12-3
synchronization 11-5, 12-5
reload command 3-28, 3-29
Remote Authentication Dial-In User Service
remote failure indications 65-34
remote loopback, Ethernet OAM 65-34, 65-37
rendezvous point, configuring 37-17
rendezvous point, configuring single static 37-20
administrative VLAN 24-8
administrative VLAN, configuring 24-9
and STP 24-6
configuration guidelines 24-7
configuring interfaces 24-10
convergence 24-4
default configuration 24-7
manual preemption, configuring 24-13
monitoring 24-14
neighbor offset numbers 24-5
open segment 24-2
ports 24-6
preempt delay time 24-5
primary edge port 24-4
ring segment 24-2
secondary edge port 24-4
segments 24-1
characteristics 24-2
SNMP traps, configuring 24-14
supported interfaces 24-1
triggering VLAN load balancing 24-6
verifying link integrity 24-4
VLAN blocking 24-13
VLAN load balancing 24-4
description 37-9
disabling 28-10
reset command 73-3
resetting an interface to default configuration 8-40
resetting a switch to defaults 3-32
Resilient Ethernet ProtocolLSee REP
described 68-4
enabling 68-7
response time, measuring with IP SLAs 68-4
NTP services 4-8
RADIUS 46-95
TACACS+ 3-15
setting in 802.1X authentication 46-86
changing in 802.1X authentication 46-85
1157, SNMPv1 62-2
1305, NTP 4-2
1757, RMON 69-2
1901, SNMPv2C 62-2
1902 to 1907, SNMPv2 62-2
2273-2275, SNMPv3 62-2
RFC 5176 Compliance 46-98
description 1-19
for IPv6 54-5
RIP, introduction 1-19
default configuration 69-3
displaying status 69-6
enabling alarms and events 69-3
groups supported 69-2
overview 69-1
boot process and 3-26
CLI 2-7
commands 73-2 to 73-3
debug commands 73-5
entering 73-1
exiting 73-6
overview 73-1
configuring 22-9
selecting in MST 22-22
and MST 22-23
enabling 25-2
overview 25-2
ACLs 53-26
route-map (IP) command 40-6
defining 40-6
PBR 40-2
description 1-41, 53-3
using with VLAN maps 53-25
router ACLs, using PACL with VLAN maps 53-32
VPN 41-3
See Unicast RPF
configuration guidelines 57-16
destination ports 57-5
IDS 57-2
monitored ports 57-4
monitoring ports 57-5
received traffic 57-3
creating 57-17
defined 57-3
limiting source traffic to specific VLANs 57-23
monitoring VLANs 57-21
removing source (monitored) ports 57-20
specifying monitored ports 57-17
source ports 57-4
transmitted traffic 57-4
VLAN-based 57-5
compatibility 22-23
description 22-22
port roles 22-24
port states 22-24
S/M, 224/4 37-13
defined 45-9
negotiation 45-9
support 45-1
scheduling 42-8
scheduling, IP SLAs operations 68-5
secondary edge port, REP 24-4
secondary root switch 22-12
secondary VLANs 44-2
associating with primary 44-16
permitting routing 44-23
configuring 50-1
Security Association Identifier
selecting a power management mode 14-10
selecting X2/TwinGig Convertor Mode 8-14
sequence numbers in log messages 60-7
description 67-23
service policy, configure class-level queue-limit 42-31, 42-65
service-policy input command 33-2
and customer VLANs 29-2
session keys, MKA 45-2
set default interface command 40-7
set interface command 40-7
set ip default next-hop command 40-7
set ip next-hop command 40-6
set-request operation 62-4
severity levels, defining in system messages 60-8
shaping, QoS on Sup 6-E 42-25, 42-59
sharing(bandwidth), QoS on Sup 6-E 42-27, 42-61
show adjacency command 35-9
show boot command 3-32
show catalyst4000 chassis-mac-address command 22-3
show cdp command 30-2, 30-3
show cdp entry command 30-4
show cdp interface command 30-3
show cdp neighbors command 30-4
show cdp traffic command 30-4
show ciscoview package command 4-48
show ciscoview version command 4-48
show cluster members command 16-13
show configuration command 8-23
show debugging command 30-4
show environment command 14-2
show history command 2-4
show interfaces command 8-28, 8-29, 8-36, 8-38
show interfaces status command 9-2
show ip cef command 35-8
show ip eigrp interfaces command 34-19
show ip eigrp neighbors command 34-19
show ip eigrp topology command 34-19
show ip eigrp traffic command 34-19
show ip interface command 37-23
show ip local policy command 40-8
show ip mroute command 37-23
show ip pim interface command 37-23
show l2protocol command 29-18
show lldp traffic command 31-15
show mac-address-table address command 9-3
show mac-address-table interface command 9-3
show mls entry command 35-8
show module command 9-1, 22-6
show PoE consumed 15-8
show power inline command 15-6
show power supplies command 14-13
show protocols command 8-36
adding description for an interface 8-23
checking your settings 3-9
displaying ACLs 53-19, 53-21, 53-30, 53-31
show startup-config command 3-10
show users command 9-6
show version command 3-29
shutdown, command 8-37
shutdown threshold for Layer 2 protocol packets 29-16
interfaces 8-37
Simple Network Management Protocol
single-host mode 46-7
single static RP, configuring 37-20
slot numbers, description 8-2
Slow timer, configuring BFD 39-16
smart call home 67-1
description 67-2
destination profile (note) 67-5
registration requirements 67-3
service contract requirements 67-3
Transport Gateway (TG) aggregation point 67-2
smart call home registration 67-3
applying global parameter values 20-8, 20-15
applying macros 20-8
applying parameter values 20-9
configuration guidelines 20-6, 20-14
configuring 20-2
creating 20-8
default configuration 20-4, 20-13
defined 1-10, 20-1
displaying 20-13
tracing 20-7, 20-14
accessing MIB variables with 62-4
described 62-4
disabling 62-7
and IP SLAs 68-2
authentication level 62-10
configuring 62-7
overview 62-4
configuration examples 62-15
configuration guidelines 62-6
default configuration 62-5
enabling 72-4, 72-5
engine ID 62-6
groups 62-6, 62-9
host 62-6
and trap keyword 62-11
described 62-5
differences from traps 62-5
enabling 62-14
limiting access by TFTP servers 62-15
limiting system log messages to NMS 60-9
manager functions 62-3
notifications 62-5
overview 62-1, 62-4
status, displaying 62-16
system contact and location 62-14
trap manager, configuring 62-13
described 62-3, 62-5
differences from informs 62-5
enabling 62-11
enabling MAC address notification 4-31
enabling MAC move notification 4-33
enabling MAC threshold notification 4-35
overview 62-1, 62-4
types of 62-11
users 62-6, 62-9
versions supported 62-2
SNMP commands 72-4
REP 24-14
SNMPv1 62-2
SNMPv2C 62-2
SNMPv3 62-2
upgrading 11-13, 12-12
software configuration register 3-26
software QoS, on Sup 6-E 42-40, 42-74
description 35-5
interfaces 35-6
key data structures used 37-8
call home event format 67-22
and ACLs 57-5
configuration guidelines 57-7
configuring 57-6 to 57-10
destination ports 57-5
IDS 57-2
monitored port, defined 57-4
monitoring port, defined 57-5
received traffic 57-3
defined 57-3
source ports 57-4
transmitted traffic 57-4
VLAN-based 57-5
concepts and terminology 57-3
default configuration 57-6
displaying status 57-24
overview 57-1
session limits 57-6
access list filtering 57-13
configuration example 57-15
CPU port sniffing 57-10
encapsulation configuration 57-12
ingress packets 57-12
packet type filtering 57-14
spanning-tree backbonefast command 25-16
spanning-tree cost command 22-15
spanning-tree guard root command 25-2
spanning-tree portfast bpdu-guard command 25-8
spanning-tree portfast command 25-7
spanning-tree port-priority command 22-13
spanning-tree uplinkfast command 25-12
command 22-9
command example 22-9
spanning-tree vlan command 22-8
spanning-tree vlan cost command 22-16
spanning-tree vlan forward-time command 22-19
spanning-tree vlan hello-time command 22-18
spanning-tree vlan max-age command 22-18
spanning-tree vlan port-priority command 22-13
spanning-tree vlan priority command 22-17
spanning-tree vlan root primary command 22-10
spanning-tree vlan root secondary command 22-12
configuring interface 8-20
speed command 8-21
configuring 13-10
SSO operation 13-4
description 22-22
interoperability 22-24
static ACL, removing the requirement 53-28
configuring 3-11
verifying 3-12
802.1X 48-14
displaying 802.1X 46-125
displaying PIM 37-27
LLDP 31-14
LLDP-MED 31-14
MKA 45-4
SNMP input and output 62-16
configuration file 49-6
defined 49-5
disabling 49-6
enabling 49-5
saving addresses 49-6
configuring 49-7
defined 49-4
storing captured packets to a.pcap file, Wireshark 58-8
displaying 56-6
enabling Broadcast 56-3
enabling Multicast 56-4
hardware-based, implementing 56-2
overview 56-1
software-based, implementing 56-2
and REP 24-6
bridge ID 22-2
configuring 22-7 to 22-20
creating topology 22-5
defaults 22-7
disabling 22-20
enabling 22-8
enabling extended system ID 22-9
enabling Per-VLAN Rapid Spanning Tree 22-20
disabling 25-6
forward-delay time 22-19
hello time 22-17
Layer 2 protocol tunneling 29-13
maximum aging time 22-18
overview 22-1, 22-3
per-VLAN rapid spanning tree 22-6
port cost 22-15
port priority 22-13
root bridge 22-9
stratum, NTP 4-2
benefits 34-17
configuration tasks 34-18
configuring 34-14
overview 34-13, 34-14
restrictions 34-17
verifying 34-18
subdomains, private VLAN 44-2
summer time 4-13
accessing the redundant 11-14, 12-14
configuring 3-8 to 3-13
copying files to standby 11-14, 12-14
default configuration 3-1
default gateways 3-11
environmental monitoring 14-1
redundancy 13-1
ROM monitor 3-26
startup configuration 3-25
static routes 3-11
synchronizing configurations 11-11, 12-10
Supervisor Engine 7L-E, selecting the uplink port 8-18
insufficient inline power handling 14-22, 15-12
See also Auto Smartports macros
understanding 34-3
configuring 34-7
S-VLAN 1-2, 29-7
switch 54-2
switch access with RADIUS, controlling 46-95
and ACLs 53-25
show interfaces 8-28, 8-29, 8-38
switchport access vlan command 19-5, 19-7
switchport block multicast command 55-2
switchport block unicast command 55-2
switchport mode access command 19-7
switchport mode dot1q-tunnel command 29-6
switchport mode dynamic command 19-5
switchport mode trunk command 19-5
switchport trunk allowed vlan command 19-5
switchport trunk encapsulation command 19-5
switchport trunk native vlan command 19-5
switchport trunk pruning vlan command 19-6
switch-to-RADIUS server communication
configuring 46-32
sysret command 73-5
reviewing configuration 3-10
settings at startup 3-27
overview 14-6
system and network statistics, displaying 37-23
system capabilities TLV 31-2
daylight saving time 4-13
manually 4-11
summer time 4-13
time zones 4-12
displaying the time and date 4-12
overview 4-2
system description TLV 31-2
loading from Flash memory 3-30
modifying boot field 3-27
specifying 3-30
default configuration 60-3
defining error message severity levels 60-8
disabling 60-4
displaying the configuration 60-12
enabling 60-4
facility keywords, described 60-12
level keywords, described 60-9
limiting messages 60-9
message format 60-2
overview 60-1
sequence numbers, enabling and disabling 60-7
setting the display destination device 60-5
synchronizing log messages 60-6
timestamps, enabling and disabling 60-7
configuring the daemon 60-10
configuring the logging facility 60-11
facilities supported 60-12
802.1Q tunneling 29-5
maximums 29-5
manual configuration 4-22
system name TLV 31-2
system prompt, default setting 4-21
TACACS+ 50-1
accounting, defined 3-16
authentication, defined 3-16
authorization, defined 3-16
accounting 3-21
authentication key 3-18
authorization 3-21
login authentication 3-19
default configuration 3-18
displaying the configuration 3-22
identifying the server 3-18
limiting the services to the user 3-21
operation of 3-17
overview 3-15
tracking services accessed by user 3-21
802.1Q 29-3
Layer 2 protocol 29-13
TCAM programming and ACLs 53-7
for Sup II-Plust thru V-10GE 53-6
TCAM programming and ACLs for Sup 6-E 53-10
checking cable connectivity 9-3
enabling and disabling test 9-3
guidelines 9-3
accessing CLI 2-2
disconnecting user sessions 9-7
executing 9-5
monitoring user sessions 9-6
telnet command 9-6
templates, Ethernet OAM 65-45
Terminal Access Controller Access Control System Plus
configuration files in base directory 3-5
configuring for autoconfiguration 3-4
limiting access by servers 62-15
threshold monitoring, IP SLAs 68-6
time exceeded messages 9-9
timestamps in log messages 60-7
time zones 4-12
host presence detection 46-8
defined 1-7, 31-2
LLDP-MED 31-2
media not supported (note) 17-5, 17-10
Topology change notification processing
Topology change notification processing 28-4
description 42-4
trace command 9-9
traceroute mac command 9-11
traceroute mac ip command 9-11
configuring 59-3
types 59-3
by Boolean expression 59-4
by threshold percentage 59-6
by threshold weight 59-5
tracking interface line-protocol state 59-2
tracking IP routing state 59-2
tracking objects 59-1
tracking process 59-1
track state, tracking IP SLAs 59-9
blocking flooded 55-2
using ACLs (figure) 53-4
using VLAN maps (figure) 53-5
traffic marking procedure flowchart 42-21, 42-55
traffic shaping 42-9
translational bridge numbers (defaults) 17-5
configuring MAC address notification 4-31
configuring MAC move notification 4-33
configuring MAC threshold notification 4-35
configuring managers 62-11
defined 62-3
enabling 4-31, 4-33, 4-35, 62-11
notification types 62-11
overview 62-1, 62-4
with CiscoWorks 62-4
with system message logging 60-1
with traceroute 9-8
troubleshooting high CPU due to ACLs 53-6
configure port security 49-17
configuring PVLAN 44-19 to 44-21
802.1Q restrictions 19-4
configuring 19-5
configuring access VLANs 19-5
configuring allowed VLANs 19-5
default interface configuration 19-5
enabling to non-DTP device 19-3
specifying native VLAN 19-5
understanding 19-3
trustpoint 67-3
defined 29-1
802.1Q, configuring 29-6
described 29-2
incompatibilities with other features 29-5
limitations on using 8-14
port numbering 8-13
selecting X2/TwinGig Convertor mode 8-14
configuring probe message interval per-interface 32-8
default configuration 32-4
disabling on fiber-optic interfaces 32-7
disabling on non-fiber-optic interfaces 32-7
displaying link status 32-9
enabling globally 32-5
enabling per-interface 32-6
modes of operation 32-3
resetting disabled LAN interfaces 32-8
use case 32-2
UDLD, overview 32-1
UDP jitter, configuring 68-9
UDP jitter operation, IP SLAs 68-8
unauthorized ports with 802.1X 46-5
configuring 55-1
and adding static addresses 4-38
and broadcast MAC addresses 4-37
and CPU packets 4-37
and multicast addresses 4-37
and router MAC addresses 4-37
configuration guidelines 4-37
described 4-37
unicast MAC address filtering, configuring
configuring unicast MAC address filtering 53-13
Unicast RPF (Unicast Reverse Path Forwarding)
applying 36-5
caution 36-4
requirement 36-2
tables 36-7
configuring 36-9
(examples) ?? to 36-12
BOOTP 36-8
DHCP 36-8
enterprise network (figure) 36-6
prerequisites 36-9
routing table requirements 36-7
tasks 36-9
verifying 36-10
deploying 36-5
description 1-22, 36-1
disabling 36-11
enterprise network (figure) 36-6
FIB 36-2
implementing 36-4
packets, dropping (figure) 36-4
prerequisites 36-9
basic 36-8
routing asymmetry 36-7
routing asymmetry (figure) 36-8
routing table requirements 36-7
applying 36-5
attacks, mitigating 36-5
deploying 36-5
tunneling 36-5
source addresses, validating 36-3
(figure) 36-3, 36-4
failure 36-3
traffic filtering 36-5
tunneling 36-5
failure 36-3, 36-4
packets, dropping 36-3
source addresses 36-3
verifying 36-10
blocking 55-2
Unidirectional Controlled Port, configuring 802.1X 46-66
enabling 33-2
example of setting 33-2
overview 33-1
UniDirectional Link Detection Protocol
Universal PoE, configuring 15-16
daemon configuration 60-10
facilities supported 60-12
message logging configuration 60-11
and MST 22-23
enabling 25-15
MST and 22-23
overview 25-11
quad-supervisor 5-6
uplink mode, selecting on supervisor engine 6-E 8-16
uplink port, selecting on a supervisor engine 7L-E 8-18
usage examples, Wireshark 58-18
configuring, 802.1X-based 21-8
configuring, MAC address-based 21-9
User-defined triggers and built-in macros, configuring mapping 21-9
user EXEC mode 2-5
disconnecting 9-7
monitoring 9-6
Layer 4 port operations 53-10
virtual configuration register 73-3
virtual ports, MKA 45-3
Virtual Router Redundancy Protocol, introduction 1-22
Virtual Switch System(VSS), displaying EtherChannel to 26-16
VLAN blocking, REP 24-13
vlan command 17-6
vlan dot1q tag native command 29-4
service provider 29-9
VLAN ID, discovering 4-44
REP 24-4
VLAN load balancing, triggering 24-6
VLAN load balancing on flex links 23-2
configuration guidelines 23-6
1-to-1 29-8
1-to-1, configuring 29-11
configuration guidelines 29-10
configuring 29-11
configuring on a trunk port 29-11
default 29-9
described 1-2, 29-7
selective QinQ 29-8
selective Q-in-Q, configuring 29-12
traditional QinQ 29-8
traditional Q-in-Q, configuring 29-12
types of 29-8
applying to a VLAN 53-21
configuration example 53-22
configuration guidelines 53-18
configuring 53-17
creating and deleting entries 53-19
defined 1-41
denying access example 53-23
denying packets 53-19
displaying 53-24
order of entries 53-18
permitting packets 53-19
router ACLs and 53-25
using (figure) 53-5
using in your network 53-22
VLAN maps, PACL and Router ACLs 53-32
allowed on trunk 19-5
configuration guidelines 17-3
configuring 17-5
configuring as Layer 3 interfaces 34-7
customer numbering in service-provider networks 29-3
default configuration 17-4
description 1-11
extended range 17-3
IDs (default) 17-5
interface assignment 17-7
limiting source traffic with RSPAN 57-23
monitoring with RSPAN 57-21
name (default) 17-5
normal range 17-3
overview 17-1
reserved range 17-3
overview 19-3
VLAN User Distribution, configuring 802.1X 46-68
configuration file example 17-32
configuring dynamic access ports on client 17-25
configuring retry interval 17-27
database configuration file 17-32
example 17-29
reconfirming 17-26
reconfirming assignments 17-26
reconfirming membership interval 17-26
server overview 17-21
administering and monitoring 17-27
configure reconfirmation interval 17-26
dynamic ports 17-25
entering IP VMPS address 17-24
reconfirmation interval 17-27
reconfirm VLAM membership 17-26
default configuration 17-24
dynamic VLAN membership overview 17-23
troubleshooting dynamic port VLAN membership 17-28
fall-back VLAN 17-22
illegal VMPS client requests 17-23
overview 17-21
multiple 17-22
open 17-21
secure 17-22
configuring 46-74
described 46-22, 46-73
configuring 43-1
configuring 43-1
configuring VVID 43-3
voice traffic 15-2, 43-5
IP phone data traffic, described 43-2
IP phone voice traffic, described 43-2
Voice VLAN, configure 802.1X 46-72
using 802.1X 46-22
configuring routing in 41-8
forwarding 41-3
routes 41-2
defining 41-3
tables 41-1
configuring 41-6, 41-15
ftp 41-16
ping 41-15
tftp 41-16
traceroute 41-16
uRPF 41-16
description 1-22
displaying 5-51
Enhanced PAgP, advantages 5-23
enhanced PAgP, configuring 5-49
Enhanced PAgP, description 5-23
fast-hello, configuring 5-50
client, configuring 17-16
configuration guidelines 17-12
default configuration 17-13
disabling 17-16
Layer 2 protocol tunneling 29-14
monitoring 17-19
overview 17-8
configuring 17-15
server, configuring 17-16
statistics 17-19
transparent mode, configuring 17-16
enabling 17-15
description 17-9
description 17-8
VTP modes 17-9
overview 17-11
overview 17-9
VTY and Network Assistant 16-12
and 802.1X authentication 46-22
configuring 43-3
configuration examples 71-10
configuring on a router 71-2, 71-11
features 71-4
restrictions 71-5
service groups 71-6
authentication proxy web pages 48-4
description 1-43, 46-14, 48-1
web-based authentication, interactions with other features 48-4
Web Cache Communication Protocol
See WCCP 71-1
description 71-4
web scaling 71-1
weight thresholds in tracked lists 59-5
activating and deactivating, capture points, conceptual 58-9
attachment points 58-6
capture filter 58-7
capture points 58-6
core system filter 58-6
decoding and displaying packets 58-9
display filter 58-7
feature interactions 58-10
filters 58-6
storing captured packets to a.pcap filter 58-8
usage examples 58-18
Wireshark, about 58-5
Wireshark, activating and deactivating a capture point 58-13
Wireshark, defining/modifying/deleting a capture point 58-12
Wireshark, displaying information 58-14
WS-X46490-CSFP-E, support on a 10-slot chassis 8-17
default configuration 65-29
described 65-27
Ethernet Alarm Signal function (ETH-AIS)
ETH-RDI 65-28
multicast Ethernet loopback 65-31
multicast ETH-LB 65-29
terminology 65-27
Index
10/100 autonegotiation feature, forced 8-21
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 8-13
deploy with Gigabit Ethernet SFP ports 8-12, 8-13
10-slot chassis, support for WS-X46490-CSFP-E 8-17
special considerations 14-21
1400 W DC SP Triple Input power supply
special considerations 14-22
802.10 SAID (default) 17-5
standard 45-2
trunks 22-6
compatibility with other features 29-5
defaults 29-3
described 29-2
tunnel ports with other features 29-6
trunk restrictions 19-4
Authentication Failed VLAN assignment 46-17
for Critical Authentication 46-14
for guest VLANs 46-11
for MAC Authentication Bypass 46-12
for Unidirectional Controlled Port 46-15
VLAN User Distribution 46-16
web-based authentication 46-14
with port security 46-19
with VLAN assignment 46-10
with voice VLAN ports 46-22
802.1X Host Mode 46-6
multiauthentication mode 46-8
multidomain authentication mode 46-7
single-host 46-7
802.1x-REV 45-2
9000W AC, displaying OBFL 14-4
AAA 50-1
AAA (authentication, authorization, and accounting). See also port-based authentication. 48-2
abbreviating commands 2-5
about Wireshark 58-5
access control entries and lists 50-1
access-group mode, configuring on Layer 2 interface 53-31
access-group mode, using PACL with 53-30
access list filtering, SPAN enhancement 57-13
using with WCCP 71-8
and Layer 2 protocol tunneling 29-15
configure port security 49-7, 49-22
configuring 19-7
access VLANs 19-5
with RADIUS 46-111
with TACACS+ 3-16, 3-21
ACLs 53-2
IP 1-41, 53-2
Layer 4 operation restrictions 53-10
ACEs and ACLs 50-1
ACL assignments, port-based authentication 46-20
ACL assignments and redirect URLs, configure 46-38
ACL configuration, displaying a Layer 2 interface 53-32
ACEs 53-2
and SPAN 57-5
and TCAM programming for Sup 6-E 53-10
and TCAM programming for Sup II-Plus thru V-10GE 53-6
applying IPv6 ACLs to a Layer 3 interface 53-17
applying on routed packets 53-26
applying on switched packets 53-25
compatibility on the same switch 53-3
configuring with VLAN maps 53-25
CPU impact 53-12
downloadable 48-7
hardware and software support 53-6
IP, matching criteria for port ACLs 53-4
MAC extended 53-14
matching criteria for router ACLs 53-3
and voice VLAN 53-4
defined 53-3
processing 53-12
selecting mode of capturing control packets 53-7
troubleshooting high CPU 53-6
types supported 53-3
understanding 53-2
VLAN maps 53-5
ACLs, applying to a Layer 2 interface 53-31
ACLs and VLAN maps, examples 53-19
acronyms, list of 1-1
action drivers, marking 42-21, 42-55
activating and deactivating a capture point, Wireshark 58-13
activating and deactivating Wiresharkcapture points, conceptual, Wireshark 58-9
active queue management 42-9
active queue management via DBL, QoS on Sup 6-E 42-34, 42-68
active traffic monitoring, IP SLAs 68-1
adding members to a community 16-9
displaying the MAC table 4-44
changing the aging time 4-30
defined 4-28
learning 4-29
removing 4-31
IPv6 54-2
MAC, discovering 4-44
adding and removing 4-36
defined 4-28
address resolution 4-44
description 35-2
displaying statistics 35-9
REP, configuring 24-9
administrative VLAN, REP 24-8
LLDP 1-7, 31-2
aggregation switch, enabling DHCP snooping 52-9
MAC address table 4-30
All Auth manager sessions, displaying summary 46-126
All Auth manager sessions on the switch authorized for a specified authentication method 46-126
enabling and configuring 38-2
guidelines and restrictions 38-5
identify a port with DHCP option 82 38-4
identify a port with protocol 38-2
overview 38-1
identifying a port with 38-2
applying IPv6 ACLs to a Layer 3 interface 53-17
AQM via DBL, QoS on Sup 6-E 42-34, 42-68
archiving crashfiles information 2-8
defined 4-44
address resolution 4-44
managing 4-44
asymmetrical links, and 802.1Q tunneling 29-3
attachment points, Wireshark 58-6
vendor-proprietary 46-114
vendor-specific 46-112
NTP associations 4-4
key 46-104
login 46-106
See also port-based authentication
defined 3-16
key 3-18
login 3-19
Authentication, Authorization, and Accounting (AAA) 50-1
Authentication Failed, configuring 80.1X 46-70
Authentication methods registered with the Auth manager, determining 46-125
authentication open comand 46-8
authentication proxy web pages 48-4
defined 46-3
RADIUS server 46-3
Auth manager session for an interface, verifying 46-126
Auth manager summary, displaying 46-126
authoritative time source, described 4-2
with RADIUS 46-110
with TACACS+ 3-16, 3-21
authorized and unauthorized ports 46-5
authorized ports with 802.1X 46-5
autoconfiguration 3-2
considerations 16-7
configuring 8-31
displaying the configuration 8-32
overview 8-30
forced 10/100Mbps 8-21
Auto SmartPorts built-in macros
configuring parameters 21-6
built-in macros 21-5
configuration guidelines 21-5
default configuration 21-4
defined 21-1
displaying 21-13
enabling 21-4
IOS shell 21-2, 21-10
defined 1-2
Auto SmartPorts user-defined macros
configuring 21-10
auto-sync command 11-8, 12-7
interacting with 8-29
adding a switch (figure) 25-3
and MST 22-23
configuring 25-15
link failure (figure) 25-14, 25-15
not supported MST 22-23
understanding 25-13
login 4-27
message-of-the-day login 4-24
default configuration 4-24
when displayed 4-24
b command 73-3
and hardware support 39-7
BFD in a BGP network 39-25
BFD in an EIGRP network with echo mode enabled by default 39-17
BFD in an OSPF network 39-22
support for static routing 39-27
Echo mode 39-15
session parameters on the interface 39-8
Slow timer 39-16
support for BGP 39-9
support for dynamic routing protocols 39-9
support for EIGRP 39-10
support for OSPF 39-11
support for static routing 39-13
disabling echo mode without asymmetry 39-16
monitoring and troubleshooting 39-17
neighbor relationships 39-3
operation 39-3
prerequisites 39-2
restrictions 39-2
b flash command 73-3
BGP 1-17
routing session with multi-VRF CE 41-9
blocking packets 55-1
RSTP comparisons (table) 22-24
Boolean expressions in tracked lists 59-4
boot bootldr command 3-31
boot command 3-28
boot commands 73-3
See configuration register boot fields
boot system command 3-26, 3-31
boot system flash command 3-28
description 22-27
and MST 22-23
configuring 25-15
overview 25-8
and media speed 22-2
pseudobridges and 22-25
what they contain 22-3
bridge priority (STP) 22-17
disabling 56-5
enabling 56-3
Built-in macros and user-defined triggers, configuring mapping 21-9
cache engine clusters 71-1
cache engines 71-1
description 1-24, 67-2
message format options 67-2
format options 67-2
call home 67-1
alert groups 67-6
configuring e-mail options 67-9
contact information 67-4
default settings 67-18
destination profiles 67-5
displaying information 67-14
mail-server priority 67-10
pattern matching 67-9
periodic notification 67-8
rate limit messages 67-9
severity threshold 67-8
smart call home feature 67-2
SMTP server 67-9
testing communications 67-10
configuring 67-6
description 67-6
subscribing 67-7
assigning information 67-4
call home destination profiles
attributes 67-5
configuring 67-5
description 67-5
displaying 67-16
full-txt format for syslog 67-25
XML format for syslog 67-28
automatic discovery 16-7
defined 16-12
capture filter, Wireshark 58-7
capture points, Wireshark 58-6
selecting mode 53-7
BGP optional attributes 36-4
encrypting 3-22
automatic discovery in communities 16-7
configuration 30-2
defined with LLDP 31-1
displaying configuration 30-3
enabling on interfaces 30-3
host presence detection 46-8
Layer 2 protocol tunneling 29-13
maintaining 30-3
monitoring 30-3
overview 1-3, 30-1
cdp enable command 30-3
adjacency tables 35-2
and NSF with SSO 13-5
configuring load balancing 35-7
displaying statistics 35-8
enabling 35-6, 70-2
hardware switching 35-4
load balancing 35-6
overview 35-1
software switching 35-4
certificate authority (CA) 67-3
and Ethernet OAM, configuring 65-51
and Ethernet OAM interaction 65-51
clearing 65-31
configuration guidelines 65-7, 66-4
configuring crosscheck for VLANs 65-11
configuring fault alarms 65-16
configuring port MEP 65-14
configuring static remote MEP 65-13, 65-16, 65-18
crosscheck 65-5
defined 65-2
EtherChannel support 65-7, 66-4
configuring 65-16
IP SLAs support for 65-6
IP SLAs with endpoint discovers 65-21
maintenance domain 65-2
manually configuring IP SLAs ping or jitter 65-19
measuring network performance 65-6
monitoring 65-32, 65-33
port MEP, configuring 65-14
remote MEPs 65-5
static RMEP, configuring 65-13, 65-16, 65-18
static RMEP check 65-5
described 65-27
overview 27-2
Change of Authorization, RADIUS 46-97
channel-group group command 5-46, 26-8, 26-10
Cisco 7600 series Internet router
enabling SNMP 72-4, 72-5
Cisco Group Management Protocol
Cisco IOS IP SLAs 68-2
support 13-2
Cisco IOS NSF-capable support 13-2
configuring 43-3
sound quality 43-1
credentials 45-10
802.1x mode 45-11
configuration example 45-14
manual mode 45-12
Cisco TrustSec Network Device Admission Control
CiscoWorks 2000 62-4
description 22-22
civic location 31-3
class level, configure in a service policy 42-31, 42-65
clear cdp counters command 30-4
clear cdp table command 30-3
clear counters command 8-36
Ethernet CFM 65-31
IP multicast table entries 37-28
clear ip eigrp neighbors command 34-19
accessing 2-2
backing out one level 2-5
getting commands 2-5
history substitution 2-4
managing clusters 16-13
modes 2-5
monitoring environments 57-1
ROM monitor 2-7
software basics 2-4
client processes, tracking 59-1
in 802.1X authentication 46-3
command switch characteristics
and VTY 16-12
convert to a community 16-10
through CLI 16-13
overview 16-2
CLI 16-13
passwords 16-8
CoA Request Commands 46-100
command-line processing 2-3
command modes 2-5
b 73-3
b flash 73-3
boot 73-3
confreg 73-3
dev 73-3
dir device 73-3
frame 73-5
i 73-3
listing 2-5
meminfo 73-5
reset 73-3
ROM monitor 73-2 to 73-3
ROM monitor debugging 73-5
SNMP 72-4
sysret 73-5
requirements 16-11
common and internal spanning tree
access modes in Network Assistant 16-9
adding devices 16-9
communication protocols 16-8
community name 16-8
configuration information 16-9
converting from a cluster 16-10
host name 16-8
passwords 16-8
community ports 44-3
configuring 62-7
overview 62-4
community VLANs 44-2, 44-3
configure as a PVLAN 44-15
compiling MIBs 72-4
config-register command 3-29
config terminal command 3-9
configurable leave timer,IGMP 27-4
SNMP 62-15
limiting TFTP server access 62-15
obtaining with DHCP 3-6
saving 3-10
system contact and location information 62-14
CFM 65-7, 66-4
Ethernet OAM 65-35
REP 24-7
SNMP 62-6
VLAN mapping 29-10
listing value 3-29
modifying 3-28
changing from ROM monitor 73-3
changing settings 3-28 to 3-29
configuring 3-26
settings at startup 3-27
configure class-level queue-limit in a service policy 42-31, 42-65
configure terminal command 3-29, 8-2
configuring access-group mode on Layer 2 interface 53-31
configuring flow control 8-23
configuring interface link and trunk status envents 8-37
configuring named IPv6 ACLs 53-16
configuring named MAC extended ACLs 53-14, 53-15
configuring unicast MAC address filtering 53-13
configuring VLAN maps 53-17
confreg command 73-3
console configuration mode 2-5
console download 73-4 to 73-5
disconnecting user sessions 9-7
monitoring user sessions 9-6
assigning for call home 67-4
controlling switch access with RADIUS 46-95
and Layer 2 Control packet QoS, configuration example 50-14
configuration guidelines and restrictions 50-8
configuring for control plane traffic 50-4
configuring for data plane and management plan traffic 50-5
defaults 50-4
general guidelines 50-3
monitoring 50-9
understanding 50-2
control protocol, IP SLAs 68-4
REP 24-4
copy running-config startup-config command 3-10
copy system:running-config nvram:startup-config command 3-32
core system filter, Wireshark 58-6
definition 42-3
figure 42-2
overriding on Cisco IP Phones 43-5
priority 43-5
clearing MFIB 37-28
clearing on interfaces 8-36
CPU, impact of ACL processing 53-12
CPU port sniffing 57-10
crashfiles information, archiving 2-8
configure with 802.1X 46-62
crosscheck, CFM 65-5, 65-11
description 22-25
IST and 22-22
MST and 22-22
customer edge devices 41-2
C-VLAN 1-2, 29-7
configuration examples 52-15
enabling the DHCP Snooping 52-13
daylight saving time 4-13
debug commands, ROM monitor 73-5
decoding and displaying packets, Wireshark 58-9
802.1X 46-27
banners 4-24
DNS 4-23
Ethernet OAM 65-35
IGMP filtering 27-30
IGMP snooping 28-5, 28-6
IP SLAs 68-6
IPv6 54-7
Layer 2 protocol tunneling 29-16
LLDP 31-5
MAC address table 4-30
MVR 27-23
NTP 4-4
private VLANs 44-12
RADIUS 46-103
REP 24-7
resetting the interface 8-40
RMON 69-3
SNMP 62-5
SPAN and RSPAN 57-6
system message logging 60-3
TACACS+ 3-18
VLAN mapping 29-9
Y.1731 65-29
configuring 3-11
verifying configuration 3-11
default settings, erase commad 3-32
default web-based authentication configuration
802.1X 48-6
defining/modifying/deleting a capture point, Wireshark 58-12
IP address spoofing, mitigating 36-5
Unicast RPF, deploying 36-5
denying access to a server on another VLAN 53-23
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 8-12, 8-13
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 8-13
description command 8-23
dev command 73-3
device discovery protocol 31-1
call home format 67-21, 67-22
configuring 46-118
rate limit for incoming packets 52-13
denial-of-service attacks, preventing 52-13
configuring 52-13
client request message exchange 3-3
client side 3-3
DNS 3-5
relay device 3-5
server-side 3-4
TFTP server 3-4
example 3-7
for IP address information 3-4
for receiving the configuration file 3-4
overview 3-2
relationship to BOOTP 3-3
identifying a port with 38-4
overview 52-4
enabling, and Option 82 52-10
accepting untrusted packets form edge switch 52-10
configuring 52-6
default configuration 52-7
displaying binding tables 52-19
displaying configuration 52-19
displaying information 52-18
enabling 52-7
enabling on private VLAN 52-12
enabling on the aggregation switch 52-9
enabling the database agent 52-13
message exchange process 52-4
monitoring 52-23
option 82 data insertion 52-4
overview 52-1
Snooping database agent 52-2
adding to the database (example) 52-18
enabling (example) 52-15
overview 52-2
reading from a TFTP file (example) 52-17
online 70-1
causes of failure 70-20
how it works 70-10
overview 70-10
Power-On-Self-Test for Supervisor Engine V-10GE 70-13
Differentiated Services Code Point values
DiffServ architecture, QoS 42-2
Digital optical monitoring transceiver support 8-19
dir device command 73-3
RSTP comparisons (table) 22-24
broadcast storm control 56-5
disabling multicast storm control 56-5
disconnect command 9-7
discovery, Ethernet OAM 65-34
display dection and removal events 15-7
display filter, Wireshark 58-7
Auth Manager sumary for an interface 46-126
MAB details 46-128
summary of all Auth manager sessions 46-126
summary of all Auth manager sessions on the switch authorized for a specified authentication method 46-126
displaying EtherChannel to a Virtual Switch System 26-16
displaying storm control 56-6
displaying Wireshark information 58-14
display PoE consumed by a module 15-8
display PoE detection and removal events 15-7
and DHCP-based autoconfiguration 3-5
default configuration 4-23
displaying the configuration 4-24
overview 4-22
setting up 4-23
DNS 4-22
802.1Q tunneling 29-2
Layer 2 protocol tunneling 29-15
downloading MIBs 72-3, 72-4
drop threshold for Layer 2 protocol packets 29-16
definition 42-4
IP precedence 42-2
using Enhanced PAgP 5-23
Dual-Active Detection, using Fast-Hello 5-24
duplex command 8-22
configuring interface 8-20
ARP cache poisoning 51-2
ACLs for non-DHCP environments 51-11
in DHCP environments 51-5
log buffer 51-14
rate limit for incoming ARP packets 51-16
denial-of-service attacks, preventing 51-16
interface trust state, security coverage 51-3
configuring 51-14
logging of dropped packets 51-4
overview 51-1
port channels, their behavior 51-5
priority of static bindings 51-4
purpose of 51-2
rate limiting of ARP packets 51-4
configuring 51-16
validation checks, performing 51-19
Dynamic Host Configuration Protocol snooping
example 17-29
limit on hosts 17-28
reconfirming 17-26
troubleshooting 17-28
changing retransmission time 46-85
exchanging (figure) 46-4, 46-6, 46-13
request/identity 46-4
response/identity 46-4
setting retransmission number 46-86
802.1X authentication and 46-3
OTP authentication, example (figure) 46-4, 46-13
start 46-4
Echo mode,configuring BFD 39-15
description 22-27
overview 1-17
configuration examples 34-19
monitoring and maintaining 34-19
benefits 34-17
configuration tasks 34-18
configuring 34-14
overview 34-14
restrictions 34-17
verifying 34-18
overview 1-17
eigrp stub command 34-18
EIGRP stub routing, configuring 34-13
ELIN location 31-3
assigning for call home 67-4
Call Home 1-24, 67-2
displaying information 4-48
installing and configuring 4-45
overview 4-45
emergency alarms on Sup Engine 6-E systems 14-5
enable command 3-9, 3-28
enable mode 2-5
enabling SNMP 72-4, 72-5
encryption keying 45-2
encryption keys, MKA 45-2
Enhanced Interior Gateway Routing Protocol
defined 59-1
IP routing state 59-2
line-protocol state 59-2
tracked lists 59-3
Enhanced PoE support on E-series 15-15
Enhanced PoE support on E-series,configuring Universal PoE 15-16
using CLI commands 14-1
EPM logging 46-129
configuring 15-14
channel-group group command 5-46, 26-8, 26-10
configuration guidelines 5-30, 26-5
configuring 26-6 to 26-16
configuring (tasks) 5-30
configuring Layer 2 26-10
configuring Layer 3 26-7
DFC restriction, see CSCdt27074 in the Release Notes
displaying to a virtual switch system 26-16
interface port-channel command 26-7
command example 26-13
modes 26-3
overview 26-2
Understanding 26-4
physical interface configuration 5-46, 26-7
port-channel interfaces 26-2
port-channel load-balance command 26-14
removing 26-15
removing interfaces 26-15
understanding 5-2
disabling 25-6
enabling 25-6
overview 25-6
and routing 8-6
and routing protocols 8-6
configuring 8-10
default setting 8-6
described 1-29, 8-6
for network management 1-29, 8-6
specifying 8-10
supported features 8-10
unsupported features 8-10
Ethernet management port, internal
and routing protocols 8-6
Ethernet Management Port, using 8-6
Ethernet OAM 65-34
and CFM interaction 65-51
configuration guidelines 65-35
configuring with CFM 65-51
default configuration 65-35
discovery 65-34
enabling 65-36, 65-52
link monitoring 65-34, 65-38
messages 65-34
defined 65-33
monitoring 65-49
remote failure indications 65-34
remote loopback 65-34, 65-37
templates 65-45
Ethernet OAM protocol CFM notifications 65-51
Ethernet Remote Defect Indication (ETH-RDI) 65-28
configuring, 802.1X-based 21-8
configuring, MAC address-based 21-9
enabling 27-11
Extensible Authentication Protocol over LAN 46-2
Failure detection, using BFD 39-7
configure with 802.1X 46-77
overview 37-11
dual-active detection 5-24
Fast-Hello dual-active detection, configuring 5-50
on VSL failure 5-14
configuring probe message interval 32-8
default configuration 32-4
displaying link status 32-9
enabling globally 32-5
enabling on individual interface 32-7
enabling per-interface 32-6
modes of operation 32-3
resetting disabled LAN interfaces 32-8
use case 32-2
Fast UDLD, overview 32-1
feature interactions, Wireshark 58-10
description 35-2
disabling UDLD 32-7
Filter-ID ACL and Per-User ACL, configureport-based authentication
configure Per-User ACL and Filter-ID ACL 46-45
in a VLAN 53-18
non-IP traffic 53-14, 53-15
filters, Wireshark 58-6
flags 37-12
configuring router to boot from 3-31
loading system images from 3-30
security precautions 3-31
caveats 64-1, 64-7
defined 1-4, 64-1
configuration guidelines 23-6
configuring 23-6, 23-7
configuring preferred VLAN 23-9
configuring VLAN load balancing 23-8
monitoring 23-12
flooded traffic, blocking 55-2
flowchart, traffic marking procedure 42-21, 42-55
flow control, configuring 8-23
For 15-13
configuring 22-19
frame command 73-5
get-bulk-request operation 62-3
get-next-request operation 62-3, 62-4
get-request operation 62-3, 62-4
get-response operation 62-3
deploy with 10-Gigabit Ethernet 8-12, 8-13
GLBP, introduction 1-15
global configuration mode 2-5
configure with 802.1X 46-57
hardware and software ACL support 53-6
hardware switching 35-5
configuring 22-17
high CPU due to ACLs, troubleshooting 53-6
CLI 2-4
history table, level and number of syslog messages 60-9
configuring MST bridges 22-28
limit on dynamic port 17-28
host modes, MACsec 45-3
kinds of 44-4
host presence CDP message 46-8
description 1-16
HSRP, introduction 1-16
hw-module module num power command 14-22
enabling 9-12
ping 9-7
running IP traceroute 9-9
time exceeded messages 9-9
configuring 68-11
IP SLAs 68-11
i command 73-3
using with SPAN and RSPAN 57-2
IEEE 802.1ag 65-2
configurable-leave timer 27-4
description 37-3
enabling 37-14
explicit host tracking 27-4
immediate-leave processing 27-3
leave processing, enabling 28-8
overview 27-2
disabling 28-10
configuring 27-31
default configuration 27-30
described 27-30
monitoring 27-34
setting the maximum number 27-33
configuration guidelines 27-9
applying 27-32
configuration mode 27-31
configuring 27-31
leave timer 27-9
Learning Methods 27-7
static connection to a multicast router 27-8
configuring host statically 27-11
explicit host tracking 27-11
suppressing multicast flooding 27-12
configuration guidelines 27-5
default configuration 28-5, 28-6
globally 27-6
on a VLAN 27-6
enabling and disabling 28-6
IP multicast and 37-4
monitoring 27-14, 28-10
overview 27-2
group 27-16
hot membership 27-15
how to 27-15
MAC address entries 27-18
multicast router interfaces 27-17
on a VLAN interface 27-18
Querier information 27-19
IGMPSnooping Querier, configuring 27-10
enabling 28-8
enabling 27-8
ingress packets, SPAN enhancement 57-12
configuring on Cisco IP phones 43-5
insufficient inline power handling for Supervisor Engine II-TS 14-22
Intelligent Power Management 15-4
interacting with Baby Giants 8-29
displaying operational status 15-6
interface command 3-9, 8-2
REP 24-10
interface link and trunk status events
configuring 8-37
interface port-channel command 5-45, 26-7
interface range command 8-4
interface range macro command 8-11
adding descriptive name 8-23
clearing counters 8-36
configuring 8-2
configuring ranges 8-4
displaying information about 8-36
Layer 2 modes 19-3
maintaining 8-35
monitoring 8-35
naming 8-23
numbers 8-2
overview 8-2
restarting 8-37
using the Ethernet Management Port 8-6
Internet Control Message Protocol
Internet Group Management Protocol
802.1X Identity-Based Network Security, list of supported features 1-34
Bidirectional Forwarding Detection 1-14
Cisco Call Home 1-24
Cisco Energy Wise 1-24
Cisco Express Forwarding 1-14
Cisco IOS IP Service Level Agreements 1-24
Cisco IOS Mediatrace and Performance Monitor 1-26
Cisco Medianet AutoQoS 1-25
Cisco Medianet Flow Metadata 1-26
Cisco Media Services Proxy 1-25
Cisco TrustSec MACsec Encryption 1-35
Cisco TrustSec Security Architecture 1-36
Debugging Features (platform and debug platform) 1-43
Device Sensor 1-14
Dynamic Host Control Protocol 1-28
Easy Virtual Network 1-28
EIGRP Stub routing 1-14
Embedded Event Manager 1-29
Enhanced Object Tracking 1-15
EtherChannel bundles 1-3
Ethernet CFM 1-3
Ethernet Management Port 1-29
Ethernet OAM Protocol 1-3
FAT File Management System (Sup 60-E, 6L-E, 4948E, and 4900M) 1-30
File System Management (Sup 7-E and 7L-E) 1-29
Flexible Netflow (Sup 7-E and 7L-E) 1-4
Flex Link and MAC Address-Table Move Update 1-4
GLBP 1-15
hard-based Control Plane Policing 1-37
HSRP 1-16
In Service Software Upgrade 1-19
Intelligent Power Management 1-30
Internet Group Management Protocol (IGMP) Snooping 1-4
IP Routing protocols 1-17
IP Source Guard 1-38