Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - Y -

Index

Numerics

1-rate, 2-color policing 35-16

2-rate, 3-color policing 35-17

802.1ad

configuration guidelines 14-14

configuring 14-13

supported features 14-13

802.1ad EtherChannels

configuration example 14-15

configuration guidelines 14-14, 14-15

802.1ad ports 35-5

802.1ad QoS

configuration examples 35-91

configuration guidelines 35-90

configuring 35-90

802.1ad split horizon

configuration guidelines 14-14

configuring 14-18

802.1Q ports and CoS mapping 35-8

802.1Q tag for ingress QoS classification 35-78

802.1Q tunneling

QoS classification 35-78

A

abbreviating commands 2-3

ABRs 33-23

access-class command 32-18

access control entries

See ACEs

access-denied response, VMPS 12-24

access groups

applying IPv4 ACLs to interfaces 32-19

Layer 2 32-19

Layer 3 32-20

access lists

See ACLs

access ports

and Layer 2 protocol tunneling 14-23

defined 10-4

accounting

with IEEE 802.1x 9-5, 9-22

with RADIUS 8-29

with TACACS+ 8-11, 8-17

ACEs

defined 32-2

Ethernet 32-2

IP 32-2

ACL classification, QoS 35-11

ACLs

ACEs 32-2

any keyword 32-12, 35-39

applying

on multicast packets 32-41

on routed packets 32-40

on switched packets 32-39

time ranges to 32-16

to an interface 32-19, 39-7

to IPv6 interfaces 39-7

applying to QoS 35-11

classifying traffic for QoS 35-37

comments in 32-18

compiling 32-22

defined 32-1, 32-7

examples of 32-22

extended IPv4

creating 32-10

matching criteria 32-7

hardware and software handling 32-20

host keyword 32-12, 35-39

IP

creating 32-7

implicit deny 32-9, 32-13, 32-15

implicit masks 32-9

matching criteria 32-7

undefined 32-20

IPv4

applying to interfaces 32-19

creating 32-7

matching criteria 32-7

named 32-14

numbers 32-8

terminal lines, setting on 32-18

unsupported features 32-6

IPv6

applying to interfaces 39-7

configuring 39-3, 39-4

displaying 39-8

interactions with other features 39-4

limitations 39-3

matching criteria 39-3

named 39-3

precedence of 39-2

supported 39-2

unsupported features 39-3

Layer 4 information in 32-39

logging messages 32-8

MAC extended 32-27

matching 32-7, 32-20

monitoring 32-41, 39-8

named

IPv6 39-3

named, IPv4 32-14

names 39-4

port 32-2, 39-2

precedence of 32-2

QoS 35-11

resequencing entries 32-14

router 32-2, 39-2

router ACLs and VLAN map configuration guidelines 32-38

standard IPv4

creating 32-9

matching criteria 32-7

support for 1-8

support in hardware 32-20

time ranges 32-16

types supported 32-2

unsupported features

IPv6 39-3

unsupported features, IPv4 32-6

using router ACLs with VLAN maps 32-38

VLAN maps

configuration guidelines 32-30

configuring 32-30

ACLs, QoS, configuring 35-37

active link 19-4, 19-5, 19-6

active links 19-2

active router 40-2

active traffic monitoring, IP SLAs 41-1

address aliasing 22-2

addresses

displaying the MAC address table 5-31

dynamic

accelerated aging 15-9

changing the aging time 5-21

default aging 15-9

defined 5-19

learning 5-20

removing 5-22

IPv6 37-2

MAC, discovering 5-31

multicast

group address range 45-2

STP address management 15-9

static

adding and removing 5-27

defined 5-19

address resolution 5-31, 33-7

Address Resolution Protocol

See ARP

adjacency tables, with CEF 33-96

administrative distances

defined 33-109

OSPF 33-31

routing protocol defaults 33-98

administrative VLAN

REP, configuring 18-8

administrative VLAN, REP 18-8

advertisements

CDP 24-1

LLDP 25-1

RIP 33-18

age timer, REP 18-8

aggregatable global unicast addresses 37-3

aggregate addresses, BGP 33-58

aggregated ports

See EtherChannel

aggregate policers

configuration guidelines 35-54

configuring 35-54

described 35-18

aging, accelerating 15-9

aging time

accelerated

for MSTP 16-23

for STP 15-9, 15-22

MAC address table 5-21

maximum

for MSTP 16-24

for STP 15-22

alarms, RMON 28-3

allowed-VLAN list 12-18

area border routers

See ABRs

area routing

IS-IS 33-62

ISO IGRP 33-62

ARP

configuring 33-8

defined 1-4, 5-31, 33-7

encapsulation 33-9

static cache configuration 33-8

table

address resolution 5-31

managing 5-31

ASBRs 33-23

AS-path filters, BGP 33-52

assured forwarding, DSCP 35-9

asymmetrical links, and IEEE 802.1Q tunneling 14-4

attributes, RADIUS

vendor-proprietary 8-31

vendor-specific 8-30

authentication

EIGRP 33-39

HSRP 40-10

local mode with AAA 8-37

NTP associations 5-5

RADIUS

key 8-22

login 8-24

TACACS+

defined 8-11

key 8-13

login 8-14

See also port-based authentication

authentication keys, and routing protocols 33-109

authentication manager

single session ID 9-10

authoritative time source, described 5-2

authorization

with RADIUS 8-28

with TACACS+ 8-11, 8-16

authorized ports with 802.1x 9-4

autoconfiguration 3-3

auto enablement 9-9

autonegotiation

duplex mode 1-2

interface configuration guidelines 10-18

mismatches 47-8

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP 33-46

Auto-RP, described 45-6

autosensing, port speed 1-2

availability, features 1-5

B

backup interfaces

See Flex Links

backup links 19-2

backup static routing, configuring 42-12

bandwidth, QoS, configuring 35-67

bandwidth command

for CBWFQ 35-26

QoS, configuring 35-67

QoS, described 35-28

with police command 35-30

bandwidth remaining percent command 35-30

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

Berkeley r-tools replacement 8-42

best-effort packet delivery 35-1

BGP

aggregate addresses 33-58

aggregate routes, configuring 33-58

CIDR 33-58

clear commands 33-61

community filtering 33-55

configuring neighbors 33-56

default configuration 33-44, 33-74

described 33-43

enabling 33-46

monitoring 33-61

multipath support 33-50

neighbors, types of 33-46

path selection 33-50

peers, configuring 33-56

prefix filtering 33-54

resetting sessions 33-49

route dampening 33-60

route maps 33-52

route reflectors 33-59

routing domain confederation 33-59

routing session with multi-VRF CE 33-90

show commands 33-61

supernets 33-58

support for 1-10

Version 4 33-43

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-6

IP source guard 20-19

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-6

Boolean expressions in tracked lists 42-4

booting

boot loader, function of 3-2

boot process 3-1

manually 3-20

specific image 3-20

boot loader

accessing 3-21

described 3-2

environment variables 3-21

prompt 3-21

trap-door mechanism 3-2

bootstrap router (BSR), described 45-6

Border Gateway Protocol

See BGP

BPDU

error-disabled state 17-3

filtering 17-3

RSTP format 16-12

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

support for 1-6

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

support for 1-6

broadcast flooding 33-15

broadcast packets

directed 33-12

flooded 33-12

broadcast storm-control command 23-4

broadcast storms 23-1, 33-12

bulk statistics

defined 30-6

file 30-6

object list, configuring 30-18

object list, described 30-6

schema, configuring 30-18

schema, described 30-6

transfer 30-19

bulkstat object-list 30-18

bulkstat schema 30-18

byte-level statistics 35-17

C

cables, monitoring for unidirectional links 26-1

CBWFQ

and bandwidth command 35-28, 35-67

configuration guidelines 35-67

QoS scheduling 35-26

CDP

configuring 24-2

default configuration 24-2

defined with LLDP 25-1

described 24-1

disabling for routing device24-3to 24-4

enabling and disabling

on an interface 24-4

on a switch 24-3

Layer 2 protocol tunneling 14-20

monitoring 24-5

overview 24-1

support for 1-4

transmission timer and holdtime, setting 24-2

updates 24-2

CEF

defined 33-96

enabling 33-96

IPv6 37-21

CFM

and Ethernet OAM, configuring 43-55

and Ethernet OAM interaction 43-54

and OAM manager 43-48

and other features 43-8

and tunnels 43-8

clearing 43-31

configuration errors 43-6

configuration guidelines 43-8

configuring crosscheck 43-12

configuring fault alarms 43-16

configuring port MEP 43-14

configuring static remote MEP 43-13

configuring the network 43-8

continuity check messages 43-5

crosscheck 43-5

default configuration 43-7

defined 43-2

down MEPs 43-4

draft 1 43-4

draft 8.1 43-4

EtherChannel support 43-8

fault alarms

configuring 43-16

defined 43-5

IEEE 802.1ag 43-2

IP SLAs support for 43-6

IP SLAs with endpoint discovers 43-19

loopback messages 43-5

maintenance association 43-3

maintenance domain 43-2

maintenance point 43-3

manually configuring IP SLAs ping or jitter 43-18

measuring network performance 43-6

messages

continuity check 43-5

loopback 43-5

traceroute 43-5

monitoring 43-31, 43-32

on EtherChannel port channels 43-8

port MEP, configuring 43-14

remote MEPs 43-5

SNMP traps 43-5

static RMEP, configuring 43-13

static RMEP check 43-5

traceroute messages 43-5

types of messages 43-5

UNIs 43-4

up MEPs 43-4

version interoperability 43-6

Y.1731

described 43-23

child policies, QoS 35-13, 35-28

CIDR 33-58

Cisco Configuration Engine 1-3

Cisco Data Collection MIB 30-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 41-1

Cisco Process MIB 30-1

CiscoWorks 2000 1-3, 30-4

CISP 9-9

CIST regional root

See MSTP

CIST root

See MSTP

civic location 25-3

class-based priority queuing, QoS 35-20

class-based shaping

configuration guidelines 35-69

configuring 35-69

for QoS 35-27

Class-Based-Weighted-Fair-Queuing

See CBWFQ

classification

based on ACL lookup 35-11

based on DEI bit 35-10

in packet headers 35-6

of 802.1ad frames 35-10

per-port per VLAN 35-13, 35-60

QoS comparisons 35-10

QoS group 35-12

classless interdomain routing

See CIDR

classless routing 33-6

class map

match-all option 35-7

match-any option 35-7

class-map command 35-3

class maps

for QinQ input policy maps 35-82

for QinQ output policy maps 35-85

class maps, QoS

configuring 35-41

described 35-7

class of service

See CoS

class selectors, DSCP 35-9

clearing

Ethernet CFM 43-31

clearing interfaces 10-30

CLI

abbreviating commands 2-3

command modes 2-1

described 1-3

editing features

enabling and disabling 2-6

keystroke editing 2-6

wrapped lines 2-8

error messages 2-4

filtering command output 2-8

getting help 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client processes, tracking 42-1

CLNS

See ISO CLNS

clock

See system clock

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-8

for upgrading 4-14

command-line interface

See CLI

command macros

applying global parameter values 11-4

applying macros 11-4

applying parameter values 11-4

configuration guidelines 11-2

creating 11-3

default configuration 11-2

defined 11-1

displaying 11-5

tracing 11-2

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 8-8

common session ID

see single session ID 9-10

community list, BGP 33-55

community ports 13-3

community strings

configuring 30-8

overview 30-4

community VLANs 13-2, 13-3

compatibility, feature 23-11

config.text 3-19

configurable leave timer, IGMP 22-5

configurable policer profiles 35-45

configuration, initial

defaults 1-12

configuration example

802.1ad EtherChannels 14-15

configuration examples

802.1ad QoS 35-91

network 1-15

policy maps 35-100

QoS

adding customers 35-102

adding or deleting a class 35-105

adding or deleting classification criteria 35-102, 35-103

adding or deleting configured actions 35-104

changing queuing or scheduling parameters 35-104

initial 35-100

QoS classification for QinQ 35-86

QoS marking and queuing, CPU-generated traffic 35-95

configuration files

archiving A-19

clearing the startup configuration A-19

creating using a text editor A-10

default name 3-19

deleting a stored configuration A-19

described A-8

downloading

automatically 3-19

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

guidelines for creating and using A-9

guidelines for replacing and rolling back A-20

invalid combinations when copying A-5

limiting TFTP server access 30-17, 30-18, 30-19, 30-20

obtaining with DHCP 3-8

password recovery disable considerations 8-5

replacing a running configuration A-19, A-20

rolling back a running configuration A-19, A-20

specifying the filename 3-19

system contact and location information 30-17

types and location A-9

uploading

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-14

using RCP A-18

using TFTP A-11

configuration guidelines

802.1ad and split horizon 14-14

802.1ad EtherChannels 14-14, 14-15

802.1ad QoS 35-90

aggregate policers 35-54

CBWFQ 35-67

CFM 43-8

class-based shaping 35-69

C-VLAN child policy maps 35-81

C-VLAN parent policy maps 35-80

EtherChannel 36-10

Ethernet OAM 43-35

HSRP 40-5

individual policers 35-46

input policy maps 35-45

link-state tracking 36-24

marking in policy maps 35-58

multi-VRF CE 33-85

OAM manager 43-49

output policy maps 35-65

per-port, per-VLAN QoS 35-60

PIM stub routing 45-12

port security 23-10

QoS, general 35-35

QoS ACLs 35-37

QoS classification for QinQ 35-79

QoS class maps 35-41

QoS table maps 35-43

REP 18-7

rollback and replacement A-20

SSM 45-16

SSM mapping 45-17

strict priority queuing 35-71

unconditional priority policing 35-73

UNI VLANs 12-12

VLAN mapping 14-9

VLANs 12-8

WTD 35-76

configuration replacement A-19

configuration rollback A-19

configuration settings, saving 3-15

configure terminal command 10-8

Configure the VACL logging parameters 32-37

configuring 44-3

configuring marking in input policy maps 35-58

configuring port-based authentication violation modes 9-17

Configuring VACL Logging 32-36

conform, exceed, and violate actions 35-54

congestion avoidance, QoS 35-2, 35-32

congestion management, QoS 35-2, 35-26

connections, secure remote 8-38

Connectivity Fault Management

See CFM

connectivity problems 47-9, 47-13, 47-14

console port, connecting to 2-9

control packets

and control-plane security 34-2

dropping and rate-limiting 34-2

control-plane security

configuring 34-6

control packets 34-2

monitoring 34-7

policers 34-4

policing 34-2

purpose of 34-1

control protocol, IP SLAs 41-4

convergence

REP 18-4

corrupted software, recovery steps with Xmodem 47-2

CoS

classification 35-8

values 35-6

CoS mapping 35-8

counters, clearing interface 10-30

CPU-generated traffic

marking and queuing 35-93

CPU overload, protection from 34-1

CPU policers 34-6

CPU protection 34-4

CPU threshold notification 30-21

CPU threshold table 30-1, 30-20

CPU utilization statistics 30-20

crashinfo file 47-21

crosscheck, CFM 43-5, 43-12

cryptographic software image

Kerberos 8-33

SSH 8-38

C-UNI isolated ports 14-18

C-UNIs 14-13

customer edge devices 1-18, 33-83

C-VLAN 14-7

D

data collection, bulk statistics 30-20

daylight saving time 5-13

debugging

enabling all system diagnostics 47-18

enabling for a specific feature 47-17

redirecting error message output 47-18

using commands 47-17

default

policer configuration

ENIs and UNIs 34-4

NNIs 34-6

default actions, table maps 35-15

default commands 2-4

default configuration

banners 5-17

BGP 33-44, 33-74

booting 3-19

CDP 24-2

CFM 43-7

DHCP 20-8

DHCP option 82 20-8

DHCP snooping 20-8

DHCP snooping binding database 20-8

DNS 5-16

dynamic ARP inspection 21-5

EIGRP 33-36

E-LMI and OAM 43-48

EtherChannel 36-10

Ethernet OAM 43-35

Flex Links 19-7

HSRP 40-5

IEEE 802.1Q tunneling 14-4

IEEE 802.1x 9-11

IGMP 45-37

IGMP filtering 22-24

IGMP snooping 22-6, 38-5, 38-6

IGMP throttling 22-25

initial switch information 3-3

IP addressing, IP routing 33-4

IP multicast routing 45-9

IP SLAs 41-6

IP source guard 20-21

IPv6 37-11

IS-IS 33-63

Layer 2 interfaces 10-15

Layer 2 protocol tunneling 14-23

LLDP 25-3

MAC address table 5-21

MAC address-table move update 19-7

MSDP 46-3

MSTP 16-14

multi-VRF CE 33-84

MVR 22-18

NTP 5-4

optional spanning-tree configuration 17-5

OSPF 33-24

password and privilege level 8-2

PIM 45-9

private VLANs 13-6

QoS 35-35

RADIUS 8-21

REP 18-7

RIP 33-18

RMON 28-3

RSPAN 27-9

SDM template 7-3

SNMP 30-7

SPAN 27-9

STP 15-11

system message logging 29-3

system name and prompt 5-15

TACACS+ 8-13

UDLD 26-4

VLAN, Layer 2 Ethernet interfaces 12-16

VLAN mapping 14-9

VLANs 12-7

VMPS 12-25

Y.1731 43-26

default gateway 3-15, 33-10

default networks 33-99

default router preference

See DRP

default routes 33-99

default routing 33-2

default service, DSCP 35-9

default template 7-1

DEI bit

for classification 35-5

ingress classification 35-90

ingress marking 35-90

ingress policing 35-90

location 35-6

DEI classification 35-10

denial-of-service attacks, preventing 34-1

description command 10-24

designing your network, examples 1-15

destination addresses

in IPv6 ACLs 39-5

destination addresses, in IPv4 ACLs 32-11

destination-IP address-based forwarding, EtherChannel 36-8

destination-MAC address forwarding, EtherChannel 36-7

device discovery protocol 24-1, 25-1

DHCP

DHCP for IPv6

See DHCPv6

DHCP, enabling the relay agent 20-10

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-8

server side 3-6

TFTP server 3-7

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-4, 1-11

support for 1-3

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP object tracking, configuring primary interface 42-11

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-8

default configuration 20-8

displaying 20-15

forwarding address, specifying 20-10

helper address 20-10

overview 20-3

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP server port-based address allocation

configuration guidelines 20-16

default configuration 20-16

described 20-15

displaying 20-18

enabling 20-16

reserved addresses 20-17

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-12

and private VLANs 20-13

binding database

See DHCP snooping binding database

configuration guidelines 20-8

default configuration 20-8

displaying binding tables 20-15

message exchange process 20-4

option 82 data insertion 20-3

trusted interface 20-2

untrusted interface 20-2

untrusted messages 20-2

DHCP snooping binding database

adding bindings 20-13

binding entries, displaying 20-15

binding file

format 20-7

location 20-6

bindings 20-6

clearing agent statistics 20-14

configuration guidelines 20-9

configuring 20-13

default configuration 20-8

deleting

binding file 20-14

bindings 20-14

database agent 20-14

described 20-6

displaying 20-15

binding entries 20-15

status and statistics 20-15

enabling 20-13

entry 20-6

renewing database 20-14

resetting

delay value 20-14

timeout value 20-14

DHCP snooping binding table

See DHCP snooping binding database

DHCPv6

configuration guidelines 37-16

default configuration 37-16

described 37-6

enabling client function 37-19

enabling DHCPv6 server function 37-17

diagnostic schedule command 48-2

Differentiated Services Code Point

See DSCP

Diffusing Update Algorithm (DUAL) 33-34

Digital Optical Monitoring

see DoM

directed unicast requests 1-4

directories

changing A-3

creating and removing A-4

displaying the working A-3

discovery, Ethernet OAM 43-34

distribute-list command 33-108

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-16

displaying the configuration 5-17

in IPv6 37-4

overview 5-15

setting up 5-16

support for 1-3

DNS-based SSM mapping 45-19, 45-20

DoM

displaying supported transceivers 10-30

domain names, DNS 5-15

Domain Name System

See DNS

domains, ISO IGRP routing 33-62

dot1q-tunnel switchport mode 12-15

double-tagged packets

IEEE 802.1Q tunneling 14-3

Layer 2 protocol tunneling 14-22

downloading

configuration files

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

image files

deleting old image A-27

preparing A-25, A-28, A-32

reasons for A-23

using FTP A-29

using RCP A-33

using TFTP A-26

using the device manager or Network Assistant A-23

drop eligibility indicator

See DEI

drop threshold for Layer 2 protocol packets 14-23

DRP

configuring 37-14

described 37-4

IPv6 37-4

DSCP

assured forwarding 35-9

classification 35-9

class selectors 35-9

default service 35-9

expedited forwarding 35-9

values 35-6

DUAL finite state machine, EIGRP 33-35

dual IPv4 and IPv6 templates 7-2, 37-5

dual protocol stacks

IPv4 and IPv6 37-5

SDM templates supporting 37-6

dual-purpose ports

default port type 10-7

defaults 10-20

defined 10-6

frame size 10-20

LEDs 10-7

setting the type 10-20

duplex mode, configuring 10-18

dynamic access ports

characteristics 12-5

configuring 12-26

defined 10-4

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 21-1

ARP requests, described 21-1

ARP spoofing attack 21-1

clearing

log buffer 21-15

statistics 21-15

configuration guidelines 21-6

configuring

ACLs for non-DHCP environments 21-8

in DHCP environments 21-7

log buffer 21-13

rate limit for incoming ARP packets 21-4, 21-10

default configuration 21-5

denial-of-service attacks, preventing 21-10

described 21-1

DHCP snooping binding database 21-2

displaying

ARP ACLs 21-14

configuration and operating state 21-14

log buffer 21-15

statistics 21-15

trust state and rate limit 21-14

error-disabled state for exceeding rate limit 21-4

function of 21-2

interface trust states 21-3

log buffer

clearing 21-15

configuring 21-13

displaying 21-15

logging of dropped packets, described 21-4

man-in-the middle attack, described 21-2

network security issues and interface trust states 21-3

priority of ARP ACLs and DHCP snooping entries 21-4

rate limiting of ARP packets

configuring 21-10

described 21-4

error-disabled state 21-4

statistics

clearing 21-15

displaying 21-15

validation checks, performing 21-12

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

types of connections 12-26

dynamic routing

ISO CLNS 33-62

protocols 33-3

E

EBGP 33-42

editing features

enabling and disabling 2-6

keystrokes used 2-6

wrapped lines 2-8

EEM 3.2 31-5

EIGRP

authentication 33-39

components 33-35

configuring 33-37

default configuration 33-36

definition 33-34

interface parameters, configuring 33-38

monitoring 33-41

stub routing 33-40

support for 1-10

EIGRP IPv6 37-7

ELIN location 25-3

E-LMI

and OAM Manager 43-47

CE device configuration 43-53

configuration guidelines 43-49

configuring a CE device 43-52

configuring a PE device 43-52

default configuration 43-48

defined 43-47

enabling 43-52

information 43-47

monitoring 43-54

PE device configuration 43-53

embedded event manager

3.2 31-5

actions 31-4

configuring 31-1, 31-5

displaying information 31-7

environmental variables 31-4

event detectors 31-2

policies 31-4

registering and defining an applet 31-6

registering and defining a TCL script 31-7

understanding 31-1

enable password 8-3

enable secret password 8-3

encryption for passwords 8-3

Enhanced IGRP

See EIGRP

enhanced network interface

See ENI

enhanced object tracking

backup static routing 42-12

commands 42-1

defined 42-1

DHCP primary interface 42-11

HSRP 42-7

IP routing state 42-2

IP SLAs 42-9

line-protocol state 42-2

network monitoring with IP SLAs 42-11

routing policy, configuring 42-12

static route primary interface 42-10

tracked lists 42-3

ENI

configuring 10-17

described 10-2

protocol control packets on 34-1

environmental variables, embedded event manager 31-4

environment variables, function of 3-22

equal-cost routing 1-11, 33-97

error messages during command entry 2-4

EtherChannel

802.3ad, described 36-6

automatic creation of 36-4, 36-6

channel groups

binding physical and logical interfaces 36-3

numbering of 36-3

configuration guidelines 36-10

configuring

Layer 2 interfaces 36-11

Layer 3 physical interfaces 36-15

Layer 3 port-channel logical interfaces 36-14

default configuration 36-10

described 36-2

displaying status 36-22

forwarding methods 36-7, 36-17

interaction

with STP 36-10

with VLANs 36-11

LACP

described 36-6

displaying status 36-22

hot-standby ports 36-19

interaction with other features 36-7

modes 36-6

port priority 36-21

system priority 36-20

Layer 3 interface 33-3

load balancing 36-7, 36-17

logical interfaces, described 36-3

PAgP

aggregate-port learners 36-18

compatibility with Catalyst 1900 36-18

described 36-4

displaying status 36-22

interaction with other features 36-5

learn method and priority configuration 36-18

modes 36-5

support for 1-2

port-channel interfaces

described 36-3

numbering of 36-3

port groups 10-6

support for 1-2

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

Ethernet Frame Delay 41-13

Ethernet frame delay measurement

ETH-DM 44-2

Ethernet infrastructure 43-1

Ethernet Link Management Interface

See E-LMI

Ethernet Locked Signal (ETH-LCK) 43-25

Ethernet loopback

characteristics 43-44

Ethernet management port

and routing 10-12

and routing protocols 10-13

and TFTP 10-14

configuring 10-14

default setting 10-12

described 10-5, 10-12

for network management 10-5, 10-12

specifying 10-14

supported features 10-13

unsupported features 10-14

Ethernet management port, internal

and routing 10-12

and routing protocols 10-13

unsupported features 10-14

Ethernet OAM 43-34

and CFM interaction 43-54

configuration guidelines 43-35

configuring with CFM 43-55

default configuration 43-35

discovery 43-34

enabling 43-35, 43-56

link monitoring 43-34, 43-37

manager 43-1

messages 43-34

protocol

defined 43-33

monitoring 43-43

remote failure indications 43-34, 43-40

remote loopback 43-34, 43-36

templates 43-40

Ethernet OAM protocol 43-1

Ethernet OAM protocol CFM notifications 43-54

Ethernet operation, administration, and maintenance

See Ethernet OAM

Ethernet Remote Defect Indication (ETH-RDI) 43-24

Ethernet terminal loopback 35-99

Ethernet virtual connections

See EVCs

Ethernet VLANs

adding 12-9

defaults and ranges 12-8

modifying 12-9

EUI 37-3

EVCs

configuring 43-49

in CFM domains 43-47

event detectors, embedded event manager 31-2

events, RMON 28-3

example, configuration 44-5

examples

network configuration 1-15

expedited forwarding, DSCP 35-9

extended-range VLANs

creating with an internal VLAN ID 12-12

defined 12-1

extended system ID

MSTP 16-17

STP 15-4, 15-15

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 9-1

external BGP

See EBGP

external neighbors, BGP 33-46

F

Fa0 port

See Ethernet management port

Fast Convergence 19-3

fastethernet0 port

See Ethernet management port

features, incompatible 23-11

FIB 33-96

fiber-optic, detecting unidirectional links 26-1

files

copying A-4

crashinfo

description 47-21

displaying the contents of 47-21

location 47-21

deleting A-5

displaying the contents of A-8

tar

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-24

file system

displaying available file systems A-2

displaying file information A-3

local file system names A-1

network file system names A-4

setting the default A-3

filtering

in a VLAN 32-30

IPv6 traffic 39-3, 39-7

non-IP traffic 32-27

show and more command output 2-8

filtering show and more command output 2-8

filters, IP

See ACLs, IP

flash device, number of A-1

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-8, 19-9

configuring preferred VLAN 19-11

configuring VLAN load balancing 19-10

default configuration 19-7

description 19-1

link load balancing 19-2

monitoring 19-14

VLANs 19-2

flooded traffic, blocking 23-7

flow control 1-2, 10-22

forward-delay time

MSTP 16-23

STP 15-22

Forwarding Information Base

See FIB

FTP

configuration files

downloading A-13

overview A-12

preparing the server A-13

uploading A-14

image files

deleting old image A-31

downloading A-29

preparing the server A-28

uploading A-31

G

general query 19-5

Generating IGMP Reports 19-3

get-bulk-request operation 30-3

get-next-request operation 30-3, 30-4

get-request operation 30-3, 30-4

get-response operation 30-3

global configuration mode 2-2

global leave, IGMP 22-11

H

hardware limitations and Layer 3 interfaces 10-25

hello time

MSTP 16-23

STP 15-21

help, for the command line 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

history table, level and number of syslog messages 29-10

host ports

configuring 13-11

kinds of 13-2

hosts, limit on dynamic ports 12-28

Hot Standby Router Protocol

See HSRP

HP OpenView 1-3

HSRP

authentication string 40-10

command-switch redundancy 1-6

configuration guidelines 40-5

configuring 40-5

default configuration 40-5

definition 40-1

monitoring 40-12

object tracking 42-7

overview 40-2

priority 40-7

routing redundancy 1-10

support for ICMP redirect messages 40-12

timers 40-10

tracking 40-8

HTTP(S) Over IPv6 37-8

I

IBPG 33-42

ICMP

IPv6 37-4

redirect messages 33-10

support for 1-11

time-exceeded messages 47-15

traceroute 47-15

unreachable messages 32-19

unreachable messages and IPv6 39-4

unreachables and ACLs 32-20

ICMP Echo operation

configuring 41-11

IP SLAs 41-11

ICMP ping

executing 47-10

overview 47-10

ICMP Router Discovery Protocol

See IRDP

ICMPv6 37-4

IDS appliances

and ingress RSPAN 27-20

and ingress SPAN 27-13

IEEE 802.1ad 14-13

IEEE 802.1ag 43-2

IEEE 802.1D

See STP

IEEE 802.1Q

and trunk ports 10-4

configuration limitations 12-15

encapsulation 12-15

native VLAN for untagged traffic 12-19

tunneling

compatibility with other features 14-6

defaults 14-4

described 14-2

tunnel ports with other features 14-6

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ah Ethernet OAM discovery 43-1

IEEE 802.3z flow control 10-22

ifIndex values, SNMP 30-5

IFS 1-4

IGMP

configurable leave timer, described 22-5

configurable leave timer, procedures 22-9

configuring the switch

as a member of a group 45-37

statically connected member 45-42

controlling access to groups 45-38

default configuration 45-37

deleting cache entries 45-46

displaying groups 45-47

fast switching 45-42

flooded multicast traffic

controlling flooding time 22-10

disabling on an interface 22-11

global leave 22-11

query solicitation 22-11

recovering from flood mode 22-11

host-query interval, modifying 45-40

joining multicast group 22-3

join messages 22-3

leave processing, enabling 22-9, 38-9

leaving multicast group 22-5

multicast reachability 45-37

overview 45-2

queries 22-3

report suppression

described 22-6

disabling 22-14, 38-11

supported versions 22-2

support for 1-2

Version 1

changing to Version 2 45-39

described 45-3

Version 2

changing to Version 1 45-39

described 45-3

maximum query response time value 45-41

pruning groups 45-41

query timeout value 45-41

IGMP configurable leave timer 22-5

IGMP filtering

configuring 22-25

default configuration 22-24

described 22-24

monitoring 22-29

support for 1-3

IGMP groups

configuring filtering 22-27

setting the maximum number 22-27

IGMP helper 45-5

IGMP leave timer, configuring 22-9

IGMP profile

applying 22-26

configuration mode 22-25

configuring 22-25

IGMP snooping

and address aliasing 22-2

configuring 22-6

default configuration 22-6, 38-5, 38-6

definition 22-1

enabling and disabling 22-7, 38-6

global configuration 22-7

Immediate Leave 22-5

monitoring 22-14, 38-11

querier

configuration guidelines 22-12

configuring 22-12

supported versions 22-2

support for 1-2

VLAN configuration 22-7

IGMP throttling

configuring 22-27

default configuration 22-25

described 22-24

displaying action 22-29

IGP 33-23

Immediate Leave, IGMP

configuration guidelines 22-9

described 22-5

enabling 22-9, 38-9

individual policers

configuration guidelines 35-46

configuring 35-46

initial configuration

defaults 1-12

inner CoS to outer CoS mapping 35-8

input policy maps

classification criteria 35-5

configuration guidelines 35-45

configuring 35-45

displaying statistics 35-99

interface

number 10-8

range macros 10-10

interface command 10-8

interface configuration, REP 18-9

interface configuration mode 2-2

interfaces 44-3

configuration guidelines, duplex and speed 10-18

configuring

duplex mode 10-18

procedure 10-8

speed 10-18

counters, clearing 10-30

described 10-24

descriptive name, adding 10-24

displaying information about 10-29

flow control 10-22

management 1-3

monitoring 10-29

naming 10-24

physical, identifying 10-8

range of 10-9

restarting 10-31

shutting down 10-31

status 10-29

supported 10-8

types of 10-1

interfaces range macro command 10-10

interface types 10-8

ENI 10-2

NNI 10-2

UNI 10-2

Interior Gateway Protocol

See IGP

Intermediate System-to-Intermediate System

See IS-IS

internal BGP

See IBGP

internal neighbors, BGP 33-46

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

inter-VLAN routing 1-11, 33-2

Intrusion Detection System

See IDS appliances

inventory management TLV 25-6

IP ACLs

for QoS classification 35-11

implicit deny 32-9, 32-13

implicit masks 32-9

named 32-14

undefined 32-20

IP addresses

128-bit 37-2

classes of 33-5

default configuration 33-4

discovering 5-31

for IP routing 33-4

IPv6 37-2

MAC address association 33-7

monitoring 33-16

virtual 40-13

IP broadcast address 33-14

ip cef distributed command 33-96

IP directed broadcasts 33-13

ip igmp profile command 22-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP multicast routing

addresses

all-hosts 45-2

all-multicast-routers 45-2

host group address range 45-2

administratively-scoped boundaries, described 45-44

and IGMP snooping 22-1

Auto-RP

adding to an existing sparse-mode cloud 45-24

benefits of 45-24

clearing the cache 45-46

configuration guidelines 45-10

filtering incoming RP announcement messages 45-27

overview 45-6

preventing candidate RP spoofing 45-27

preventing join messages to false RPs 45-26

setting up in a new internetwork 45-24

using with BSR 45-32

bootstrap router

configuration guidelines 45-10

configuring candidate BSRs 45-30

configuring candidate RPs 45-31

defining the IP multicast boundary 45-29

defining the PIM domain border 45-28

overview 45-6

using with Auto-RP 45-32

Cisco implementation 45-1

configuring

basic multicast routing 45-10

IP multicast boundary 45-44

default configuration 45-9

enabling

multicast forwarding 45-11

PIM mode 45-12

group-to-RP mappings

Auto-RP 45-6

BSR 45-6

MBONE

deleting sdr cache entries 45-46

described 45-43

displaying sdr cache 45-47

enabling sdr listener support 45-43

limiting sdr cache entry lifetime 45-44

SAP packets for conference session announcement 45-43

Session Directory (sdr) tool, described 45-43

monitoring

packet rate loss 45-47

peering devices 45-47

tracing a path 45-47

multicast forwarding, described 45-7

PIMv1 and PIMv2 interoperability 45-9

reverse path check (RPF) 45-7

routing table

deleting 45-46

displaying 45-47

RP

assigning manually 45-22

configuring Auto-RP 45-24

configuring PIMv2 BSR 45-28

monitoring mapping information 45-33

using Auto-RP and BSR 45-32

statistics, displaying system and network 45-46

See also IGMP

See also PIM

IP packets, classification 35-6

IP Port Security for Static Hosts

on a Layer 2 access port 20-23

on a PVLAN host port 20-26

IP precedence

classification 35-9

values 35-6

IP protocols

routing 1-10

IP routes, monitoring 33-110

IP routing

connecting interfaces with 10-7

disabling 33-17

enabling 33-17

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 41-1

IP SLAs

benefits 41-2

CFM endpoint discovery 43-19

configuration guidelines 41-6

configuring object tracking 42-9

Control Protocol 41-4

default configuration 41-6

definition 41-1

ICMP echo operation 41-11

manually configuring CFM ping or jitter 43-18

measuring network performance 41-3

monitoring 41-13

multioperations scheduling 41-5

object tracking 42-9

operation 41-3

reachability tracking 42-9

responder

described 41-4

enabling 41-7

response time 41-4

scheduling 41-5

SNMP support 41-2

supported metrics 41-2

threshold monitoring 41-6

track object monitoring agent, configuring 42-11

track state 42-9

UDP jitter operation 41-8

IP source guard

and 802.1x 20-21

and DHCP snooping 20-19

and EtherChannels 20-21

and port security 20-21

and private VLANs 20-21

and routed ports 20-21

and TCAM entries 20-21

and trunk interfaces 20-21

and VRF 20-21

binding configuration

automatic 20-19

manual 20-19

binding table 20-19

configuration guidelines 20-21

default configuration 20-21

described 20-19

disabling 20-22

displaying

bindings 20-28

configuration 20-28

enabling 20-22, 20-23

filtering

source IP address 20-19

source IP and MAC address 20-20

source IP address filtering 20-19

source IP and MAC address filtering 20-20

static bindings

adding 20-22, 20-23

deleting 20-22

static hosts 20-23

IP traceroute

executing 47-15

overview 47-14

IP unicast routing

address resolution 33-7

administrative distances 33-98, 33-109

ARP 33-7

assigning IP addresses to Layer 3 interfaces 33-5

authentication keys 33-109

broadcast

address 33-14

flooding 33-15

packets 33-12

storms 33-12

classless routing 33-6

configuring static routes 33-97

default

addressing configuration 33-4

gateways 33-10

networks 33-99

routes 33-99

routing 33-2

directed broadcasts 33-13

disabling 33-17

dynamic routing 33-3

enabling 33-17

EtherChannel Layer 3 interface 33-3

IGP 33-23

inter-VLAN 33-2

IP addressing

classes 33-5

configuring 33-4

IPv6 37-2

IRDP 33-11

Layer 3 interfaces 33-3

MAC address and IP address 33-7

passive interfaces 33-107

proxy ARP 33-8

redistribution 33-100

reverse address resolution 33-7

routed ports 33-3

static routing 33-2

steps to configure 33-3

subnet mask 33-5

subnet zero 33-5

supernet 33-6

UDP 33-14

with SVIs 33-3

See also BGP

See also EIGRP

See also IS-IS

See also OSPF

See also RIP

IPv4 ACLs

applying to interfaces 32-19

extended, creating 32-10

named 32-14

standard, creating 32-9

IPv6

ACLs

displaying 39-8

limitations 39-3

matching criteria 39-3

port 39-2

precedence 39-2

router 39-2

supported 39-2

addresses 37-2

address formats 37-2

applications 37-5

assigning address 37-11

autoconfiguration 37-5

CEFv6 37-21

default configuration 37-11

default router preference (DRP) 37-4

defined 37-1

Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 37-7

Router ID 37-7

feature limitations 37-10

features not supported 37-9

forwarding 37-11

ICMP 37-4

neighbor discovery 37-4

OSPF 37-7

path MTU discovery 37-4

SDM templates 7-2, 38-1, 39-1

Stateless Autoconfiguration 37-5

supported features 37-2

switch limitations 37-10

understanding static routes 37-7

IPv6 traffic, filtering 39-3

IRDP

configuring 33-11

definition 33-11

support for 1-11

IS-IS

addresses 33-62

area routing 33-62

default configuration 33-63

monitoring 33-71

show commands 33-71

support for 1-10

system routing 33-62

ISL trunking with IEEE 802.1 tunneling 14-5

ISO CLNS

clear commands 33-71

dynamic routing protocols 33-62

monitoring 33-71

NETs 33-62

NSAPs 33-62

OSI standard 33-62

ISO IGRP

area routing 33-62

system routing 33-62

isolated port 13-2

isolated VLANs 13-2, 13-3

ITU-T Y.1731

See Y.1731

J

join messages, IGMP 22-3

K

KDC

described 8-33

See also Kerberos

keepalive command 10-17

keepalive messages 15-3

keepalive messages, default 10-17

Kerberos

authenticating to

boundary switch 8-35

KDC 8-35

network services 8-36

configuration examples 8-33

configuring 8-36

credentials 8-33

cryptographic software image 8-33

described 8-33

KDC 8-33

operation 8-35

realm 8-34

server 8-34

support for 1-8

switch as trusted third party 8-33

terms 8-34

TGT 8-35

tickets 8-33

key distribution center

See KDC

L

l2protocol forward command 14-14

l2protocol peer command 14-14

l2protocol-tunnel command 14-25

LACP

Layer 2 protocol tunneling 14-22

See EtherChannel

Layer 2 interfaces, default configuration 10-15

Layer 2 packets, classification 35-6

Layer 2 protocol packets, and control-plane security 34-2

Layer 2 protocol tunneling

configuring 14-22

configuring for EtherChannels 14-26

default configuration 14-23

defined 14-20

layer-2 template 7-1

Layer 2 traceroute

and ARP 47-14

and CDP 47-13

broadcast traffic 47-13

described 47-13

IP addresses and subnets 47-14

MAC addresses and VLANs 47-13

multicast traffic 47-13

multiple devices on a port 47-14

unicast traffic 47-13

usage guidelines 47-13

Layer 3 features 1-10

Layer 3 interfaces

assigning IP addresses to 33-5

assigning IPv4 and IPv6 addresses to 37-15

assigning IPv6 addresses to 37-12

changing from Layer 2 mode 33-5, 33-88

types of 33-3

LDAP 4-2

Leaking IGMP Reports 19-4

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

Link Failure, detecting unidirectional 16-8

link integrity, verifying with REP 18-3

Link Layer Discovery Protocol

See CDP

link local unicast addresses 37-3

link monitoring, Ethernet OAM 43-34, 43-37

link redundancy

See Flex Links

links, unidirectional 26-1

link state advertisements (LSAs) 33-30

link-state tracking

configuration guidelines 36-24

configuring 36-24

described 36-22

LLDP

configuring 25-3

characteristics 25-4

default configuration 25-3

disabling and enabling

globally 25-5

on an interface 25-5

monitoring and maintaining 25-8

overview 25-1

supported TLVs 25-2

transmission timer and holdtime, setting 25-4

LLDP-MED

configuring 25-3

configuring TLVs 25-6

monitoring and maintaining 25-8

overview 25-1, 25-2

supported TLVs 25-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing 40-4, 40-13

local SPAN 27-2

location TLV 25-3, 25-6

logging messages, ACL 32-8

login authentication

with RADIUS 8-24

with TACACS+ 8-14

login banners 5-17

log messages

See system message logging

loop guard

described 17-5

enabling 17-10

support for 1-6

M

MAC addresses

aging time 5-21

and VLAN association 5-20

building the address table 5-20

default configuration 5-21

disabling learning on a VLAN 5-30

discovering 5-31

displaying 5-31

displaying in the IP source binding table 20-28

dynamic

learning 5-20

removing 5-22

in ACLs 32-27

IP address association 33-7

static

adding 5-28

allowing 5-29, 5-30

characteristics of 5-27

dropping 5-29

removing 5-28

virtual 40-13

MAC address learning, disabling on a VLAN 5-30

MAC address notification, support for 1-11

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-7

description 19-6

monitoring 19-14

MAC address-to-VLAN mapping 12-23

MAC extended access lists

applying to Layer 2 interfaces 32-29

configuring for QoS 35-40

creating 32-27

defined 32-27

macros

See command macros

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

manageability features 1-3

management access

in-band

CLI session 1-4

SNMP 1-4

out-of-band console port connection 1-4

management options

CLI 2-1

CNS 4-1

overview 1-3

manual preemption, REP, configuring 18-13

marking

action with aggregate policers 35-54

described 35-2, 35-16

match command, QoS

for classification 35-3, 35-7

guidelines 35-41

matching, IPv4 ACLs 32-7

matching classifications, QoS 35-7

maximum aging time

MSTP 16-24

STP 15-22

maximum hop count, MSTP 16-24

maximum number of allowed devices, port-based authentication 9-13

maximum-paths command 33-50, 33-97

ME 34000EG-2CS switch policers 34-4

ME 3400E-24TS switch policers 34-4

ME 3400EG-12CS switch policers 34-4

media-type command 10-20

membership mode, VLAN port 12-5

MEPs

and STP 43-4

defined 43-3

messages

Ethernet OAM 43-34

to users through banners 5-17

metrics, in BGP 33-50

metric translations, between routing protocols 33-104

metro tags 14-2

MHSRP 40-4

MIBs

overview 30-1

SNMP interaction with 30-4

MIPs

and STP 43-4

defined 43-4

mirroring traffic for analysis 27-1

mismatches, autonegotiation 47-8

modular QoS command-line interface

See MQC

module number 10-8

monitoring

access groups 32-41

BGP 33-61

cables for unidirectional links 26-1

CDP 24-5

CEF 33-96

control-plane security 34-7

EIGRP 33-41

E-LMI 43-54

Ethernet CFM 43-31, 43-32

Ethernet OAM 43-43

Ethernet OAM protocol 43-43

features 1-11

Flex Links 19-14

HSRP 40-12

IEEE 802.1Q tunneling 14-30

IGMP

filters 22-29

snooping 22-14, 38-11

interfaces 10-29

IP

address tables 33-16

multicast routing 45-46

routes 33-110

IP SLAs operations 41-13

IPv4 ACL configuration 32-41

IPv6 ACL configuration 39-8

IS-IS 33-71

ISO CLNS 33-71

Layer 2 protocol tunneling 14-30

MAC address-table move update 19-14

MSDP peers 46-17

multicast router interfaces 22-15, 38-12

multi-VRF CE 33-95

MVR 22-23

network traffic for analysis with probe 27-2

OAM manager 43-54

object tracking 42-12

OSPF 33-34

port

blocking 23-18

protection 23-18

private VLANs 13-15

QoS 35-99

REP 18-14

RP mapping information 45-33

SFPs

status 10-30

SFP status 1-12, 10-30, 47-9

source-active messages 46-17

speed and duplex mode 10-20

SSM mapping 45-22

traffic flowing among switches 28-1

traffic suppression 23-18

tunneling 14-30

VLAN

filters 32-42

maps 32-42

VLANs 12-14

VMPS 12-28

MQC

process 35-3

steps to configure 35-3

mrouter Port 19-3

mrouter port 19-5

MSDP

benefits of 46-3

clearing MSDP connections and statistics 46-17

controlling source information

forwarded by switch 46-11

originated by switch 46-8

received by switch 46-13

default configuration 46-3

dense-mode regions

sending SA messages to 46-15

specifying the originating address 46-16

filtering

incoming SA messages 46-13

SA messages to a peer 46-11

SA requests from a peer 46-10

join latency, defined 46-6

meshed groups

configuring 46-14

defined 46-14

originating address, changing 46-16

overview 46-1

peer-RPF flooding 46-2

peers

configuring a default 46-4

monitoring 46-17

peering relationship, overview 46-1

requesting source information from 46-7

shutting down 46-15

source-active messages

caching 46-6

clearing cache entries 46-18

defined 46-2

filtering from a peer 46-10

filtering incoming 46-13

filtering to a peer 46-11

limiting data with TTL 46-12

monitoring 46-17

restricting advertised sources 46-8

support for 1-11

MSTP

boundary ports

configuration guidelines 16-15

described 16-6

BPDU filtering

described 17-3

enabling 17-8

BPDU guard

described 17-3

enabling 17-7

CIST, described 16-3

CIST regional root

CIST root 16-5

configuration guidelines 16-15, 17-6

configuring

forward-delay time 16-23

hello time 16-23

link type for rapid convergence 16-25

maximum aging time 16-24

maximum hop count 16-24

MST region 16-16

neighbor type 16-25

path cost 16-21

port priority 16-19

root switch 16-17

secondary root switch 16-19

switch priority 16-22

CST

defined 16-3

operations between regions 16-3

default configuration 16-14

default optional feature configuration 17-5

displaying status 16-27

enabling the mode 16-16

EtherChannel guard

described 17-3

enabling 17-9

extended system ID

effects on root switch 16-17

effects on secondary root switch 16-19

unexpected behavior 16-18

IEEE 802.1s

implementation 16-6

port role naming change 16-7

instances supported 15-10

interface state, blocking to forwarding 17-2

interoperability and compatibility among modes 15-10

interoperability with 802.1D

described 16-8

restarting migration process 16-26

IST

defined 16-2

master 16-3

operations within a region 16-3

loop guard

described 17-5

enabling 17-10

mapping VLANs to MST instance 16-16

MST region

CIST 16-3

configuring 16-16

described 16-2

hop-count mechanism 16-5

IST 16-2

supported spanning-tree instances 16-2

optional features supported 1-6

overview 16-2

Port Fast

described 17-2

enabling 17-6

preventing root switch selection 17-4

root guard

described 17-4

enabling 17-10

root switch

configuring 16-18

effects of extended system ID 16-17

unexpected behavior 16-18

shutdown Port Fast-enabled port 17-3

status, displaying 16-27

multicast Ethernet loopback (ETH-LB) 43-25

multicast Ethernet loopback, using 43-30

multicast groups

Immediate Leave 22-5

leaving 22-5

static joins 22-8, 38-8

multicast packets

ACLs on 32-41

multicast router interfaces, monitoring 22-15, 38-12

multicast router ports, adding 22-7, 38-8

Multicast Source Discovery Protocol

See MSDP

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 22-16

multicast VLAN 22-15

Multicast VLAN Registration

See MVR

multioperations scheduling, IP SLAs 41-5

Multiple HSRP

See MHSRP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example 33-91

configuration guidelines 33-85

configuring 33-84

default configuration 33-84

defined 1-18, 33-82

displaying 33-95

monitoring 33-95

network components 33-84

packet-forwarding process 33-84

support for 1-11

MVR

and address aliasing 22-19

and IGMPv3 22-19

configuration guidelines 22-18

configuring interfaces 22-21

default configuration 22-18

described 22-15

example application 22-16

in the switch stack 22-18

modes 22-20

monitoring 22-23

multicast television application 22-16

setting global parameters 22-19

support for 1-3

MVRoT, guidelines 22-18

MVR over trunk ports

See MVRoT

N

named IPv4 ACLs 32-14

named IPv6 ACLs 39-3

NameSpace Mapper

See NSM

native VLAN

and IEEE 802.1Q tunneling 14-4

configuring 12-19

default 12-19

NEAT

configuring 9-24

overview 9-9

neighbor discovery, IPv6 37-4

neighbor discovery/recovery, EIGRP 33-35

neighbor offset numbers, REP 18-4

neighbors, BGP 33-56

Network Edge Access Topology

See NEAT

network management

CDP 24-1

RMON 28-1

SNMP 30-1

network node interface

See NNI

network performance, measuring with IP SLAs 41-3

network policy TLV 25-7

Network Time Protocol

See NTP

NNI

configuring 10-17

described 10-2

protocol control packets on 34-1

NNIs, 802.1ad 14-13

no commands 2-4

non-IP traffic filtering 32-27

Nonstop Forwarding Awareness

See NSF Awareness

nontrunking mode 12-15

normal-range VLANs

characteristics 12-3

configuring 12-7

defined 12-1

no switchport command 10-5

not-so-stubby areas

See NSSA

NSAPs, as ISO IGRP addresses 33-62

NSF Awareness

BGP 33-46

EIGRP 33-37

IS-IS 33-64

OSPF 33-25

NSM 4-3

NSSA, OSPF 33-30

NTP

associations

authenticating 5-5

defined 5-2

enabling broadcast messages 5-7

peer 5-6

server 5-6

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

support for 1-4

synchronizing devices 5-6

time

services 5-2

synchronizing 5-2

O

OAM

client 43-33

features 43-34

sublayer 43-33

OAM manager

and E-LMI 43-47

configuration guidelines 43-49

configuring 43-49, 43-55

monitoring 43-54

purpose of 43-47

with CFM 43-48

with CFM and Ethernet OAM 43-54

OAM PDUs 43-35

OAM protocol data units 43-33

OBFL

configuring 47-22

described 47-22

displaying 47-23

object tracking

HSRP 42-7

IP SLAs 42-9

IP SLAs, configuring 42-9

monitoring 42-12

on-board failure logging

See OBFL

online diagnostics

described 48-1

overview 48-1

running tests 48-5

Open Shortest Path First

See OSPF

optimizing system resources 7-1

options, management 1-3

OSPF

area parameters, configuring 33-30

configuring 33-25

default configuration

metrics 33-31

route 33-31

settings 33-24

described 33-23

for IPv6 37-7

interface parameters, configuring 33-26

LSA group pacing 33-32

monitoring 33-34

network types, configuring 33-29

router IDs 33-33

route summarization 33-31

support for 1-10

virtual links 33-31

output policies 35-5

output policy maps

classification criteria 35-5

configuration guidelines 35-65

configuring 35-65

displaying statistics 35-100

P

packet classification

defined 35-6

to organize traffic 35-2

packet marking

configuring 35-58

defined 35-21

packet policing, for QoS 35-2

PAgP

Layer 2 protocol tunneling 14-22

See EtherChannel

parallel paths, in routing tables 33-97

parent policies, QoS 35-13, 35-28

passive interfaces

configuring 33-107

OSPF 33-31

passwords

default configuration 8-2

disabling recovery of 8-5

encrypting 8-3

for security 1-7

overview 8-1

recovery of 47-3

setting

enable 8-3

enable secret 8-3

Telnet 8-6

with usernames 8-6

path cost

MSTP 16-21

STP 15-19

path MTU discovery 37-4

PBR

defined 33-104

enabling 33-106

fast-switched policy-based routing 33-107

local policy-based routing 33-107

peers, BGP 33-56

percentage thresholds in tracked lists 42-6

performance features 1-2

periodic data collection and transfer mechanism 30-6

per-port, per-VLAN policy maps, configuration guidelines 35-60

per-port facility loopback

defined 43-44

per-port per VLAN policing 35-13, 35-60

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring 33-90

physical ports 10-3

PIM

default configuration 45-9

dense mode

overview 45-4

rendezvous point (RP), described 45-4

RPF lookups 45-8

displaying neighbors 45-47

enabling a mode 45-12

overview 45-3

router-query message interval, modifying 45-36

shared tree and source tree, overview 45-33

shortest path tree, delaying the use of 45-35

sparse mode

join messages and shared tree 45-4

overview 45-4

prune messages 45-4

RPF lookups 45-8

stub routing

configuration guidelines 45-12

enabling 45-13

overview 45-5

support for 1-11

versions

interoperability 45-9

troubleshooting interoperability problems 45-33

v2 improvements 45-3

ping

executing 47-10

overview 47-10

police aggregate command 35-57

police command, with individual policers 35-46, 35-63

policer aggregate command 35-54

policer configuration

default for ENIs and UNIs 34-4

default for NNIs 34-6

policer instances supported 35-4

policers

configuring for more than one traffic class 35-54

described 35-2

number supported per port 35-4

policing

aggregate in input policy maps 35-18

described 35-2

individual in input policy maps 35-16

priority in output policy maps 35-20

QoS 35-16

policy-based routing

See PBR

policy-map command 35-3

policy-map marking, configuration guidelines 35-58

policy maps

attaching 35-4, 35-44

configuration examples 35-100

described 35-16

input

configuring 35-45

described 35-4

output

configuring 35-65

described 35-4

port ACLs

defined 32-2

types of 32-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-5

authentication server

defined 9-3

RADIUS server 9-3

client, defined 9-2

configuration guidelines 9-12

configuring

802.1x authentication 9-13

host mode 9-21

manual re-authentication of a client 9-18

periodic re-authentication 9-17

quiet period 9-18

RADIUS server 9-15

RADIUS server parameters on the switch 9-14

switch-to-client frame-retransmission number 9-20

switch-to-client retransmission time 9-19

violation modes 9-17

default configuration 9-11

described 9-1

device roles 9-2

displaying statistics 9-26

EAPOL-start frame 9-3

EAP-request/identity frame 9-3

EAP-response/identity frame 9-3

encapsulation 9-3

host mode 9-6

initiation and message exchange 9-3

maximum number of allowed devices per port 9-13

method lists 9-13

multiple-hosts mode, described 9-6

ports

authorization state and dot1x port-control command 9-4

authorized and unauthorized 9-4

port security

described 9-7

readiness check

configuring 9-16

described 9-7, 9-16

resetting to default values 9-22

statistics, displaying 9-26

switch

as proxy 9-3

RADIUS client 9-3

switch supplicant

configuring 9-24

overview 9-9

user distribution

guidelines 9-8

overview 9-8

VLAN assignment

AAA authorization 9-13

characteristics 9-7

configuration tasks 9-8

described 9-7

port blocking 1-2, 23-6

port-channel

See EtherChannel

Port Fast

described 17-2

enabling 17-6

support for 1-6

port membership modes, VLAN 12-4

port priority

MSTP 16-19

STP 15-17

ports

access 10-4

blocking 23-6

dual-purpose 10-6

dynamic access 12-5

IEEE 802.1Q tunnel 12-5

protected 23-5

REP 18-6

routed 10-5

secure 23-8

static-access 12-5, 12-11

switch 10-3

trunks 12-5, 12-15

VLAN assignments 12-11

port security

aging 23-15

and private VLANs 23-16

configuration guidelines 23-10

configuring 23-12

default configuration 23-10

described 23-8

displaying 23-18

enabling 23-17

on trunk ports 23-13

sticky learning 23-9

violations 23-9

with other features 23-10

port shaping

configuring 35-70

described 35-27

port-shutdown response, VMPS 12-24

port types 10-2

power 25-7

power management TLV 25-7

preempt delay time, REP 18-5

preemption, default configuration 19-7

preemption delay, default configuration 19-7

preferential treatment of traffic

See QoS

prefix lists, BGP 33-54

preventing unauthorized access 8-1

primary edge port, REP 18-4

primary interface for object tracking, DHCP, configuring 42-11

primary interface for static routing, configuring 42-10

primary links 19-2

primary VLANs 13-1, 13-3

priority

HSRP 40-7

priority command 35-20

configuring strict priority queuing 35-71

for QoS scheduling 35-26

for strict priority queuing 35-30

priority policing, described 35-20

priority queues

configuring 35-71

described 35-30

for QoS scheduling 35-26

priority with police 35-31

commands 35-20

configuring 35-73

described 35-30

priority with unconditional policing, QoS 35-26

private VLANs

across multiple switches 13-4

and SVIs 13-5

and UNI VLANs 12-13

benefits of 13-1

community ports 13-3

community VLANs 13-2, 13-3

configuration guidelines 13-6, 13-7, 13-8

configuration tasks 13-6

configuring 13-10

default configuration 13-6

end station access to 13-3

IP addressing 13-4

isolated port 13-2

isolated VLANs 13-2, 13-3

mapping 13-13

monitoring 13-15

ports

community 13-3

configuration guidelines 13-8

configuring host ports 13-11

configuring promiscuous ports 13-12

described 12-5

isolated 13-2

promiscuous 13-2

primary VLANs 13-1, 13-3

promiscuous ports 13-2

secondary VLANs 13-2

subdomains 13-1

traffic in 13-5

privileged EXEC mode 2-2

privilege levels

changing the default for lines 8-9

exiting 8-9

logging into 8-9

overview 8-2, 8-7

setting a command with 8-8

promiscuous ports

configuring 13-12

defined 13-2

protected ports 23-5

protocol control packets 34-1

protocol-dependent modules, EIGRP 33-35

Protocol-Independent Multicast Protocol

See PIM

provider edge devices 1-18, 33-83

proxy ARP

configuring 33-10

definition 33-8

with IP routing disabled 33-10

proxy reports 19-3

PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Q

QinQ

See IEEE 802.1Q tunneling

QinQ QoS classification

configuration examples 35-86

QoS

802.1ad, configuring 35-90

aggregate policers 35-18

and MQC 35-1

basic model 35-2

CBWFQ 35-28

CBWFQ, configuring 35-67

CIR bandwidth 35-29

class-based shaping, described 35-27

classification

ACL lookup 35-11

based on CoS value 35-8

based on DSCP 35-9

based on IP precedence 35-9

based on QoS group 35-12

based on VLAN IDs 35-13, 35-60

class maps, described 35-7

comparisons 35-10

criteria 35-6

in frames and packets 35-6

policy maps, described 35-16

class maps, configuration guidelines 35-41

class maps, configuring 35-41

configuration examples

adding customers 35-102

adding or deleting a class 35-105

adding or deleting classification criteria 35-102, 35-103

adding or deleting configured actions 35-104

changing queuing or scheduling parameters 35-104

configuration guidelines

aggregate policers 35-54

CBWFQ 35-67

class-based shaping 35-69

class maps 35-41

general 35-35

individual policers 35-46

input policy maps 35-45

marking 35-58

output policy maps 35-65

unconditional priority policing 35-73

WTD 35-76

configuring

aggregate policers 35-54

class-based shaping 35-69

classification with IP ACLs 35-37

class maps 35-41

individual policers 35-47, 35-50

individual policing 35-46, 35-63

input policy maps with marking 35-58

IP ACLs 35-37

MAC ACLs 35-40

output policy maps 35-65

port shaping 35-70

priority queues 35-71

queue size 35-32

requirements 35-35

service policies 35-44

strict priority queuing 35-71

table maps 35-43

unconditional priority policing 35-73

WTD 35-75, 35-76

congestion avoidance 35-2, 35-32

congestion management 35-2, 35-26

CPU-generated traffic

configuring output policy classification criteria 35-5

configuring QoS group number 35-12

configuring queue-limit 35-76

output remarking 35-6

default configuration 35-35

initial configuration example 35-100

input policy maps

configuring 35-45

described 35-5

IP packet classification 35-6

Layer 2 packet classification 35-6

Layer 3 packet classification 35-6

marking, described 35-2

match command 35-7

output policy maps

configuring 35-66

described 35-5

overview 35-1

packet classification 35-2

packet marking 35-21

packet policing 35-2

parent-child hierarchy 35-13, 35-28

parent-level VLAN class 35-80

per-port, per-VLAN hierarchical policy maps

configuring 35-60

described 35-13

policers

configuring 35-47, 35-50, 35-56, 35-74

described 35-16

policing

aggregate 35-18

described 35-2, 35-16

individual 35-16

priority 35-20

policy maps

attaching 35-44

attaching to an interface 35-19

displaying statistics 35-99

port shaping, described 35-27

preconfiguration 35-35

priority policing, described 35-20

priority with police 35-30

queue size 35-32

scheduling 35-26

CBWFQ 35-26

priority queuing 35-26

traffic shaping 35-26

strict priority queuing 35-30

support for 1-9

table maps 35-15

testing 35-99

traffic shaping, described 35-26

unconditional priority policing 35-30

WTD 35-32

QoS ACL

configuration guidelines 35-37

QoS ACLs

configuring IP extended 35-39

configuring IP standard 35-37, 35-38

configuring MAC 35-40

QoS groups

classification 35-12, 35-13, 35-60

described 35-5, 35-12

QoS information, displaying 35-99

quality of service

See QoS

queries, IGMP 22-3

query solicitation, IGMP 22-11

queue bandwidth and queue size, relationship 35-34

queue-limit command, QoS 35-32, 35-33, 35-75

queue size, QoS, managing 35-32

R

RADIUS

attributes

vendor-proprietary 8-31

vendor-specific 8-30

configuring

accounting 8-29

authentication 8-24

authorization 8-28

communication, global 8-22, 8-30

communication, per-server 8-21, 8-22

multiple UDP ports 8-22

default configuration 8-21

defining AAA server groups 8-26

displaying the configuration 8-32

identifying the server 8-21

limiting the services to the user 8-28

method list, defined 8-21

operation of 8-19

overview 8-18

server load balancing 8-32

suggested network environments 8-18

support for 1-8

tracking services accessed by user 8-29

range

macro 10-10

of interfaces 10-9

rapid convergence 16-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Rapid Spanning Tree Protocol

See RSTP

RARP 33-8

rate-limiting threshold, CPU protection 34-6

RCP

configuration files

downloading A-17

overview A-15

preparing the server A-16

uploading A-18

image files

deleting old image A-35

downloading A-33

preparing the server A-32

uploading A-35

reachability, tracking IP SLAs IP host 42-9

readiness check

port-based authentication

configuring 9-16

described 9-7, 9-16

reconfirmation interval, VMPS, changing 12-27

reconfirming dynamic VLAN membership 12-27

recovery procedures 47-1

redundancy

EtherChannel 36-3

GLBP 40-13

HSRP 40-2

STP

backbone 15-8

path cost 12-21

port priority 12-20

reliable transport protocol, EIGRP 33-35

reloading software 3-22

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

remote failure indications 43-34

remote failure indications, Ethernet OAM 43-40

remote loopback, Ethernet OAM 43-34, 43-36

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-2

REP

administrative VLAN 18-8

administrative VLAN, configuring 18-8

age timer 18-8

and STP 18-6

configuration guidelines 18-7

configuring interfaces 18-9

convergence 18-4

default configuration 18-7

manual preemption, configuring 18-13

monitoring 18-14

neighbor offset numbers 18-4

open segment 18-2

ports 18-6

preempt delay time 18-5

primary edge port 18-4

ring segment 18-2

secondary edge port 18-4

segments 18-1

characteristics 18-2

SNMP traps, configuring 18-13

supported interfaces 18-1

triggering VLAN load balancing 18-5

verifying link integrity 18-3

VLAN blocking 18-12

VLAN load balancing 18-4

report suppression, IGMP

described 22-6

disabling 22-14, 38-11

resequencing ACL entries 32-14

reserved addresses in DHCP pools 20-17

resets, in BGP 33-49

resetting a UDLD-shutdown interface 26-6

Resilient Ethernet Protocol

See REP

responder, IP SLAs

described 41-4

enabling 41-7

response time, measuring with IP SLAs 41-4

restricting access

NTP services 5-8

overview 8-1

passwords and privilege levels 8-2

RADIUS 8-18

TACACS+ 8-10

restrictions 44-3

retry count, VMPS, changing 12-27

reverse address resolution 33-7

Reverse Address Resolution Protocol

See RARP

RFC

1112, IP multicast and IGMP 22-2

1157, SNMPv1 30-2

1305, NTP 5-2

1587, NSSAs 33-23

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 22-2

2273-2275, SNMPv3 30-2

2475, DSCP 35-10

2597, AF per-hop behavior 35-10

2598, EF 35-10

RIP

advertisements 33-18

authentication 33-21

configuring 33-19

default configuration 33-18

described 33-18

for IPv6 37-7

hop counts 33-18

summary addresses 33-22

support for 1-10

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-5

collecting group history 28-5

support for 1-12

root guard

described 17-4

enabling 17-10

support for 1-6

root switch

MSTP 16-17

STP 15-15

route calculation timers, OSPF 33-31

route dampening, BGP 33-60

routed packets, ACLs on 32-40

routed ports

configuring 33-3

defined 10-5

IP addresses on 10-25, 33-3

route-map command 33-106

route maps

BGP 33-52

policy-based routing 33-104

router ACLs

defined 32-2

types of 32-4

route reflectors, BGP 33-59

router ID, OSPF 33-33

route selection, BGP 33-50

route summarization, OSPF 33-31

route targets, VPN 33-84

routing

default 33-2

dynamic 33-3

IPv6 traffic 37-2

redistribution of information 33-100

static 33-2

routing domain confederation, BGP 33-59

Routing Information Protocol

See RIP

routing protocol administrative distances 33-98

RSPAN

characteristics 27-7

configuration guidelines 27-16

default configuration 27-9

defined 27-2

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-12, 27-1

received traffic 27-4

session limits 27-10

sessions

creating 27-17

defined 27-3

limiting source traffic to specific VLANs 27-21

specifying monitored ports 27-17

with ingress traffic enabled 27-20

source ports 27-5

transmitted traffic 27-5

VLAN-based 27-6

RSPAN VLANs, and UNI VLANs 12-13

RSTP

active topology 16-9

BPDU

format 16-12

processing 16-13

designated port, defined 16-9

designated switch, defined 16-9

interoperability with 802.1D

described 16-8

restarting migration process 16-26

topology changes 16-13

overview 16-8

port roles

described 16-9

synchronized 16-11

proposal-agreement handshake process 16-10

rapid convergence

described 16-10

edge ports and Port Fast 16-10

point-to-point links 16-10, 16-25

root ports 16-10

root port, defined 16-9

See also MSTP

running configuration

replacing A-19, A-20

rolling back A-19, A-20

running configuration, saving 3-15

S

scheduled reloads 3-22

scheduling, IP SLAs operations 41-5

scheduling, QoS 35-26

SCP

and SSH 8-42

configuring 8-42

SDM

described 7-1

templates

configuring 7-4

number of 7-1

SDM template

configuration guidelines 7-4

configuring 7-3

default 7-1

dual IPv4 and IPv6 7-2

layer 2 7-1

types of 7-1

secondary edge port, REP 18-4

secondary VLANs 13-2

Secure Copy Protocol

secure MAC addresses

deleting 23-14

maximum number of 23-9

types of 23-8

secure ports, configuring 23-8

secure remote connections 8-38

Secure Shell

See SSH

security, port 23-8

security features 1-7

See SCP

sequence numbers in log messages 29-8

service-policy command

attaching policy maps 35-4

guidelines 35-66

using 35-44

service-provider network, MSTP and RSTP 16-1

service-provider networks

and customer VLANs 14-2

and IEEE 802.1Q tunneling 14-2

Layer 2 protocols across 14-20

Layer 2 protocol tunneling for EtherChannels 14-22

set command

for QoS marking 35-21

guidelines 35-58

set-request operation 30-4

severity levels, defining in system messages 29-8

SFPs

monitoring status of 1-12, 10-30, 47-9

security and identification 47-8

status, displaying 1-12

shape average command, QoS 35-26, 35-27, 35-69

shaped round robin

See SRR

show access-lists hw-summary command 32-21

show and more command output, filtering 2-8

show cdp traffic command 24-5

show configuration command 10-24

show forward command 47-19

show interfaces command 10-20, 10-24

show interfaces switchport 19-4

show l2protocol command 14-26, 14-27, 14-28

show lldp traffic command 25-8

show platform forward command 47-19

show running-config command

displaying ACLs 32-19, 32-20, 32-32, 32-34

interface description in 10-24

shutdown command on interfaces 10-31

shutdown threshold for Layer 2 protocol packets 14-23

Simple Network Management Protocol

See SNMP

single session ID 9-10

SMNP traps, and CFM 43-5

SNAP 24-1

SNMP

accessing MIB variables with 30-4

agent

described 30-4

disabling 30-8

and IP SLAs 41-2

authentication level 30-11

community strings

configuring 30-8

overview 30-4

configuration examples 30-21

default configuration 30-7

engine ID 30-7

groups 30-7, 30-10

host 30-7

ifIndex values 30-5

in-band management 1-4

informs

and trap keyword 30-12

described 30-5

differences from traps 30-5

disabling 30-16

enabling 30-16

limiting access by TFTP servers 30-17

limiting system log messages to NMS 29-10

manager functions 1-3, 30-3

notifications 30-5

overview 30-1, 30-4

security levels 30-3

setting CPU threshold notification 30-16

status, displaying 30-23

system contact and location 30-17

trap manager, configuring 30-14

traps

described 30-4, 30-5

differences from informs 30-5

disabling 30-16

enabling 30-12

enabling MAC address notification 5-22, 5-24, 5-25

overview 30-1, 30-4

types of 30-13

users 30-7, 30-10

versions supported 30-2

SNMP and Syslog Over IPv6 37-7

SNMP traps

REP 18-13

SNMPv1 30-2

SNMPv2C 30-2

SNMPv3 30-3

snooping, IGMP 22-1

software images

location in flash A-23

recovery procedures 47-2

scheduling reloads 3-23

tar file format, described A-24

See also downloading and uploading

source addresses

in IPv6 ACLs 39-5

source addresses, in IPv4 ACLs 32-11

source-and-destination-IP address based forwarding, EtherChannel 36-8

source-and-destination MAC address forwarding, EtherChannel 36-8

source-IP address based forwarding, EtherChannel 36-8

source-MAC address forwarding, EtherChannel 36-7

Source-specific multicast

See SSM

SPAN

configuration guidelines 27-10

default configuration 27-9

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-12, 27-1

ports, restrictions 23-11

received traffic 27-4

session limits 27-10

sessions

configuring ingress forwarding 27-14, 27-21

creating 27-11

defined 27-3

limiting source traffic to specific VLANs 27-15

removing destination (monitoring) ports 27-12

specifying monitored ports 27-11

with ingress traffic enabled 27-13

source ports 27-5

traffic 27-4

transmitted traffic 27-5

VLAN-based 27-6

spanning tree and native VLANs 12-16

Spanning Tree Protocol

See STP

speed, configuring on interfaces 10-18

SRR, support for 1-9

SSH

configuring 8-39

cryptographic software image 8-38

described 1-4, 8-38

encryption methods 8-38

user authentication methods, supported 8-38

SSM

address management restrictions 45-16

CGMP limitations 45-16

components 45-14

configuration guidelines 45-16

configuring 45-14, 45-17

differs from Internet standard multicast 45-14

IGMP snooping 45-16

IGMPv3 45-14

IGMPv3 Host Signalling 45-15

IP address range 45-15

monitoring 45-17

operations 45-15

PIM 45-14

state maintenance limitations 45-16

SSM mapping

configuration guidelines 45-17

configuring 45-17, 45-20

defined 45-17

DNS-based 45-19, 45-20

monitoring 45-22

overview 45-18

restrictions 45-18

static 45-18, 45-20

static traffic forwarding 45-21

standby ip command 40-6

standby links 19-2

standby router 40-2

standby timers, HSRP 40-10

startup configuration

booting

manually 3-20

specific image 3-20

clearing A-19

configuration file

automatically downloading 3-19

specifying the filename 3-19

default boot configuration 3-19

static access ports

assigning to VLAN 12-11

defined 10-4, 12-5

static addresses

See addresses

static IP routing 1-11

static MAC addressing 1-8

static route primary interface, configuring 42-10

static routes

understanding 37-7

static routes, configuring 33-97

static routing 33-2

static SSM mapping 45-18, 45-20

static traffic forwarding 45-21

static VLAN membership 12-2

statistics

802.1x 9-26

CDP 24-5

interface 10-29

IP multicast routing 45-46

LLDP 25-8

LLDP-MED 25-8

OSPF 33-34

RMON group Ethernet 28-5

RMON group history 28-5

SNMP input and output 30-23

sticky learning 23-9

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-18

support for 1-2

thresholds 23-1

STP

and REP 18-6

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

BPDU message exchange 15-3

configuration guidelines 15-12, 17-6

configuring

forward-delay time 15-22

hello time 15-21

maximum aging time 15-22

path cost 15-19

port priority 15-17

root switch 15-15

secondary root switch 15-17

spanning-tree mode 15-14

switch priority 15-20

counters, clearing 15-23

default configuration 15-11

default optional feature configuration 17-5

designated port, defined 15-4

designated switch, defined 15-4

disabling 15-15

displaying status 15-23

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

extended system ID

effects on root switch 15-15

effects on the secondary root switch 15-17

overview 15-4

unexpected behavior 15-16

features supported 1-5

IEEE 802.1D and bridge ID 15-4

IEEE 802.1D and multicast addresses 15-9

IEEE 802.1t and VLAN identifier 15-4

inferior BPDU 15-3

instances supported 15-10

interface state, blocking to forwarding 17-2

interface states

blocking 15-6

disabled 15-7

forwarding 15-6, 15-7

learning 15-7

listening 15-6

overview 15-4

interoperability and compatibility among modes 15-10

keepalive messages 15-3

Layer 2 protocol tunneling 14-20

limitations with 802.1Q trunks 15-11

load sharing

overview 12-19

using path costs 12-21

using port priorities 12-20

loop guard

described 17-5

enabling 17-10

modes supported 15-9

multicast addresses, effect of 15-9

optional features supported 1-6

overview 15-2

path costs 12-21, 12-22

Port Fast

described 17-2

enabling 17-6

port priorities 12-20

preventing root switch selection 17-4

protocols supported 15-9

redundant connectivity 15-8

root guard

described 17-4

enabling 17-10

root port, defined 15-3

root switch

configuring 15-15

effects of extended system ID 15-4, 15-15

election 15-3

unexpected behavior 15-16

status, displaying 15-23

superior BPDU 15-3

timers, described 15-21

stratum, NTP 5-2

strict priority queuing 35-71

configuration guidelines 35-71

configuring 35-72

defined 35-30

QoS 35-30

stub areas, OSPF 33-30

stub routing, EIGRP 33-40

subdomains, private VLAN 13-1

subnet mask 33-5

subnet zero 33-5

success response, VMPS 12-24

summer time 5-13

S-UNI isolated ports 14-18

S-UNIs 14-13

SunNet Manager 1-3

supernet 33-6

SVIs

and IP unicast routing 33-3

and router ACLs 32-4

connecting VLANs 10-7

defined 10-5

routing between VLANs 12-2

S-VLAN 14-7

S-VLAN and C-VLAN in parent policy maps 35-80

switch 37-2

switch console port 1-4

Switch Database Management

See SDM

switched packets, ACLs on 32-39

Switched Port Analyzer

See SPAN

switched ports 10-3

switchport backup interface 19-4, 19-5

switchport block multicast command 23-7

switchport block unicast command 23-7

switchport command 10-15

switchport mode dot1q-tunnel command 14-7

switchport protected command 23-6

switch priority

MSTP 16-22

STP 15-20

switch software features 1-1

switch virtual interface

See SVI

synchronization, BGP 33-46

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-2

See also NTP

system message logging

default configuration 29-3

defining error message severity levels 29-8

disabling 29-4

displaying the configuration 29-13

enabling 29-4

facility keywords, described 29-13

level keywords, described 29-9

limiting messages 29-10

message format 29-2

overview 29-1

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

synchronizing log messages 29-6

syslog facility 1-12

time stamps, enabling and disabling 29-7

UNIX syslog servers

configuring the daemon 29-12

configuring the logging facility 29-12

facilities supported 29-13

system MTU

and IEEE 802.1Q tunneling 14-5

and IS-IS LSPs 33-67

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-15

system resources, optimizing 7-1

system routing

IS-IS 33-62

ISO IGRP 33-62

System-to-Intermediate System Protocol

See IS-IS

T

table maps

default actions 35-15

described 35-15

for QoS marking 35-21

QoS

configuration guidelines 35-43

configuring QoS table maps 35-43

supported table maps 35-15, 35-43

QoS, configuring 35-43

TACACS+

accounting, defined 8-11

authentication, defined 8-11

authorization, defined 8-11

configuring

accounting 8-17

authentication key 8-13

authorization 8-16

login authentication 8-14

default configuration 8-13

displaying the configuration 8-17

identifying the server 8-13

limiting the services to the user 8-16

operation of 8-12

overview 8-10

support for 1-8

tracking services accessed by user 8-17

tagged packets

IEEE 802.1Q 14-4

Layer 2 protocol 14-20

tar files

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-24

TCL script, registering and defining with embedded event manager 31-7

TDR 1-12

Telnet

accessing management interfaces 2-9

number of connections 1-4

setting a password 8-6

templates

Ethernet OAM 43-40

SDM 7-2

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 8-6

terminal loopback

defined 43-44

TFTP

configuration files

downloading A-11

preparing the server A-10

uploading A-11

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting A-27

downloading A-26

preparing the server A-25

uploading A-27

limiting access by servers 30-17

TFTP server 1-3

threshold, traffic level 23-2

threshold monitoring, IP SLAs 41-6

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32-16

time ranges in ACLs 32-16

time stamps in log messages 29-7

time-to-live 33-15

time zones 5-12

TLVs

defined 25-1

LLDP 25-2

LLDP-MED 25-2

traceroute, Layer 2

and ARP 47-14

and CDP 47-13

broadcast traffic 47-13

described 47-13

IP addresses and subnets 47-14

MAC addresses and VLANs 47-13

multicast traffic 47-13

multiple devices on a port 47-14

unicast traffic 47-13

usage guidelines 47-13

traceroute command 47-15

See also IP traceroute

tracked lists

configuring 42-3

types 42-3

tracked objects

by Boolean expression 42-4

by threshold percentage 42-6

by threshold weight 42-5

tracking interface line-protocol state 42-2

tracking IP routing state 42-2

tracking objects 42-1

tracking process 42-1

track state, tracking IP SLAs 42-9

traffic

blocking flooded 23-7

fragmented 32-5

fragmented IPv6 39-2

unfragmented 32-5

traffic class, defined 35-3

traffic classification, typical values 35-10

traffic marking 35-21

traffic policies, elements in 35-3

traffic shaping

for QoS scheduling 35-26

QoS traffic control 35-26

traffic suppression 23-1

trap-door mechanism 3-2

traps

configuring MAC address notification 5-22, 5-24, 5-25

configuring managers 30-12

defined 30-4

enabling 5-22, 5-24, 5-25, 30-12

notification types 30-13

overview 30-1, 30-4

troubleshooting 44-11

connectivity problems 47-9, 47-13, 47-14

detecting unidirectional links 26-1

displaying crash information 47-21

PIMv1 and PIMv2 interoperability problems 45-33

setting packet forwarding 47-19

SFP security and identification 47-8

show forward command 47-19

with CiscoWorks 30-4

with debug commands 47-17

with ping 47-10

with system message logging 29-1

with traceroute 47-14

trunk failover

See link-state tracking

trunking encapsulation 1-7

trunk ports

configuring 12-17

defined 10-4, 12-5

trunks

allowed-VLAN list 12-18

load sharing

setting STP path costs 12-21

using STP port priorities 12-20

native VLAN for untagged traffic 12-19

parallel 12-21

tunneling

802.1Q and QoS 35-78

defined 14-1

IEEE 802.1Q 14-2

Layer 2 protocol 14-20

tunnel ports

defined 12-5

described 10-4, 14-2

IEEE 802.1Q, configuring 14-6

incompatibilities with other features 14-6

twisted-pair Ethernet, detecting unidirectional links 26-1

two-way ETH-DM 44-3

U

UDLD

configuration guidelines 26-4

default configuration 26-4

disabling

globally 26-5

on fiber-optic interfaces 26-5

per interface 26-5

echoing detection mechanism 26-2

enabling

globally 26-5

per interface 26-5

Layer 2 protocol tunneling 14-22

link-detection mechanism 26-1

neighbor database 26-2

overview 26-1

resetting an interface 26-6

status, displaying 26-6

support for 1-5

UDP

datagrams 33-15

defined

forwarding 33-14

UDP, configuring 33-14

UDP jitter, configuring 41-9

UDP jitter operation, IP SLAs 41-8

unauthorized ports with 802.1x 9-4

unconditional priority policing

configuration guidelines 35-73

priority with police 35-30

UN-ENI VLANs

defined 12-5

UNI

configuring 10-17

described 10-2

protocol control packets on 34-1

unicast MAC address filtering

and adding static addresses 5-29

and broadcast MAC addresses 5-28

and CPU packets 5-28

and multicast addresses 5-28

and router MAC addresses 5-28

configuration guidelines 5-28

described 5-28

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-7

UNI community VLAN 12-6

UniDirectional Link Detection protocol

See UDLD

UNI isolated VLAN 12-6

UNIs, remote (CFM) 43-48

UNI VLANs

and private VLANs 12-13

and RSPAN VLANs 12-13

configuration guidelines 12-12

configuring 12-13

UNIX syslog servers

daemon configuration 29-12

facilities supported 29-13

message logging configuration 29-12

upgrading software images

See downloading

upgrading with CNS 4-14

uploading

configuration files

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-14

using RCP A-18

using TFTP A-11

image files

preparing A-25, A-28, A-32

reasons for A-23

using FTP A-31

using RCP A-35

using TFTP A-27

usage guidelines

Layer 2 traceroute 47-13

User Datagram Protocol

See UDP

user EXEC mode 2-2

username-based authentication 8-6

user network interface

See UNI

V

VACLs

logging

configuration example 32-38

verifying frame delay 44-5

Virtual Private Network

See VPN

virtual router 40-2, 40-13

vlan.dat file 12-3

VLAN 1

disabling on a trunk port 12-18

minimization 12-18

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 12-24

VLAN blocking, REP 18-12

VLAN configuration mode 2-2

VLAN database

VLAN configuration saved in 12-10

VLANs saved in 12-3

vlan dot1q tag native command 14-5

VLAN filtering and SPAN 27-6

vlan global configuration command 12-7, 12-9

VLAN ID

discovering 5-31

service provider 14-8

VLAN ID translation

See VLAN mapping

VLAN load balancing

configuration guidelines on flex links 19-8

on flex links 19-2

REP 18-4

triggering 18-5

VLAN loopback

defined 43-44

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 32-30

VLAN mapping

1-to-1 14-8

1-to-1, configuring 14-10

configuration guidelines 14-9

configuring 14-10

configuring on a trunk port 14-10

default 14-9

described 14-7

selective QinQ 14-8

selective Q-in-Q, configuring 14-12

traditional QinQ 14-8

traditional Q-in-Q, configuring 14-11

types of 14-8

VLAN maps

applying 32-34

common uses for 32-34

configuration guidelines 32-30

configuring 32-30

creating 32-31

defined 32-2, 32-5

denying access to a server example 32-35

denying and permitting packets 32-32

displaying 32-42

examples of ACLs and VLAN maps 32-32

removing 32-34

support for 1-8

wiring closet configuration example 32-35

with router ACLs 32-41

VLAN membership

confirming 12-27

modes 12-5

VLAN Query Protocol

See VQP

VLANs

adding 12-9

aging dynamic addresses 15-9

allowed on trunk 12-18

and spanning-tree instances 12-3, 12-9

configuration guidelines 12-8

configuration guidelines, normal-range VLANs 12-8

configuring 12-1

connecting through SVIs 10-7

customer numbering in service-provider networks 14-3

default configuration 12-7

described 10-2, 12-1

displaying 12-14

extended-range 12-1

features 1-6

illustrated 12-2

internal 12-9

limiting source traffic with RSPAN 27-21

limiting source traffic with SPAN 27-15

modifying 12-9

multicast 22-15

native, configuring 12-19

normal-range 12-1, 12-3

number supported 1-6

parameters 12-3

port membership modes 12-4

static-access ports 12-11

STP and 802.1Q trunks 15-11

supported 12-3

traffic between 12-2

UNI 12-5

UNI community 12-6

UNI isolated 12-6

VLAN trunks 12-15

VMPS

administering 12-28

configuration example 12-28

configuration guidelines 12-25

default configuration 12-25

description 12-23

dynamic port membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

mapping MAC addresses to VLANs 12-23

monitoring 12-28

reconfirmation interval, changing 12-27

reconfirming membership 12-27

retry count, changing 12-27

VPN

configuring routing in 33-90

forwarding 33-84

in service provider networks 33-82

routes 1-18, 33-83

VPN routing and forwarding table

See VRF

VQP 1-6, 12-23

VRF

defining 33-84

tables 1-18, 33-82

VRF-aware services

ARP