Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - Y -

Index

Numerics

1-rate, 2-color policing 36-16

2-rate, 3-color policing 36-17

802.1ad

configuration guidelines 15-14

configuring 15-13

supported features 15-13

802.1ad EtherChannels

configuration example 15-15

configuration guidelines 15-14, 15-15

802.1ad ports 36-5

802.1ad QoS

configuration examples 36-91

configuration guidelines 36-90

configuring 36-90

802.1ad split horizon

configuration guidelines 15-14

configuring 15-18

802.1Q ports and CoS mapping 36-8

802.1Q tag for ingress QoS classification 36-78

802.1Q tunneling

QoS classification 36-78

A

abbreviating commands 2-3

ABRs 34-23

access-class command 33-18

access control entries

See ACEs

access-denied response, VMPS 13-24

access groups

applying IPv4 ACLs to interfaces 33-19

Layer 2 33-19

Layer 3 33-20

access lists

See ACLs

access ports

and Layer 2 protocol tunneling 15-23

defined 11-4

accounting

with IEEE 802.1x 9-5, 9-22

with RADIUS 8-29

with TACACS+ 8-11, 8-17

ACEs

defined 33-2

Ethernet 33-2

IP 33-2

ACL classification, QoS 36-11

ACLs

ACEs 33-2

any keyword 33-12, 36-39

applying

on multicast packets 33-41

on routed packets 33-40

on switched packets 33-39

time ranges to 33-16

to an interface 33-19, 40-7

to IPv6 interfaces 40-7

applying to QoS 36-11

classifying traffic for QoS 36-37

comments in 33-18

compiling 33-22

defined 33-1, 33-7

examples of 33-22

extended IPv4

creating 33-10

matching criteria 33-7

hardware and software handling 33-20

host keyword 33-12, 36-39

IP

creating 33-7

implicit deny 33-9, 33-13, 33-15

implicit masks 33-9

matching criteria 33-7

undefined 33-20

IPv4

applying to interfaces 33-19

creating 33-7

matching criteria 33-7

named 33-14

numbers 33-8

terminal lines, setting on 33-18

unsupported features 33-6

IPv6

applying to interfaces 40-7

configuring 40-3, 40-4

displaying 40-8

interactions with other features 40-4

limitations 40-3

matching criteria 40-3

named 40-3

precedence of 40-2

supported 40-2

unsupported features 40-3

Layer 4 information in 33-39

logging messages 33-8

MAC extended 33-27

matching 33-7, 33-20

monitoring 33-41, 40-8

named

IPv6 40-3

named, IPv4 33-14

names 40-4

port 33-2, 40-2

precedence of 33-2

QoS 36-11

resequencing entries 33-14

router 33-2, 40-2

router ACLs and VLAN map configuration guidelines 33-38

standard IPv4

creating 33-9

matching criteria 33-7

support for 1-8

support in hardware 33-20

time ranges 33-16

types supported 33-2

unsupported features

IPv6 40-3

unsupported features, IPv4 33-6

using router ACLs with VLAN maps 33-38

VLAN maps

configuration guidelines 33-30

configuring 33-30

ACLs, QoS, configuring 36-37

active link 20-4, 20-5, 20-6

active links 20-2

active router 41-2

active traffic monitoring, IP SLAs 42-1

address aliasing 23-2

addresses

displaying the MAC address table 5-31

dynamic

accelerated aging 16-9

changing the aging time 5-21

default aging 16-9

defined 5-19

learning 5-20

removing 5-22

IPv6 38-2

MAC, discovering 5-31

multicast

group address range 46-2

STP address management 16-9

static

adding and removing 5-27

defined 5-19

address resolution 5-31, 34-7

Address Resolution Protocol

See ARP

adjacency tables, with CEF 34-97

administrative distances

defined 34-109

OSPF 34-31

routing protocol defaults 34-99

administrative VLAN

REP, configuring 19-8

administrative VLAN, REP 19-8

advertisements

CDP 25-1

LLDP 26-1

RIP 34-18

age timer, REP 19-8

aggregatable global unicast addresses 38-3

aggregate addresses, BGP 34-58

aggregated ports

See EtherChannel

aggregate policers

configuration guidelines 36-54

configuring 36-54

described 36-18

aging, accelerating 16-9

aging time

accelerated

for MSTP 17-23

for STP 16-9, 16-22

MAC address table 5-21

maximum

for MSTP 17-24

for STP 16-22

alarms, RMON 29-3

allowed-VLAN list 13-18

area border routers

See ABRs

area routing

IS-IS 34-63

ISO IGRP 34-63

ARP

configuring 34-8

defined 1-4, 5-31, 34-7

encapsulation 34-9

static cache configuration 34-8

table

address resolution 5-31

managing 5-31

ASBRs 34-23

AS-path filters, BGP 34-53

assured forwarding, DSCP 36-9

asymmetrical links, and IEEE 802.1Q tunneling 15-4

attributes, RADIUS

vendor-proprietary 8-31

vendor-specific 8-30

authentication

EIGRP 34-39

HSRP 41-10

local mode with AAA 8-37

NTP associations 5-5

RADIUS

key 8-22

login 8-24

TACACS+

defined 8-11

key 8-13

login 8-14

See also port-based authentication

authentication keys, and routing protocols 34-109

authentication manager

single session ID 9-10

authoritative time source, described 5-2

authorization

with RADIUS 8-28

with TACACS+ 8-11, 8-16

authorized ports with 802.1x 9-4

autoconfiguration 3-3

auto enablement 9-9

autonegotiation

duplex mode 1-2

interface configuration guidelines 11-18

mismatches 48-8

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP 34-46

Auto-RP, described 46-6

autosensing, port speed 1-2

availability, features 1-5

B

backup interfaces

See Flex Links

backup links 20-2

backup static routing, configuring 43-12

bandwidth, QoS, configuring 36-67

bandwidth command

for CBWFQ 36-26

QoS, configuring 36-67

QoS, described 36-28

with police command 36-30

bandwidth remaining percent command 36-30

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

Berkeley r-tools replacement 8-42

best-effort packet delivery 36-1

BGP

aggregate addresses 34-58

aggregate routes, configuring 34-58

CIDR 34-58

clear commands 34-62

community filtering 34-55

configuring neighbors 34-57

default configuration 34-44, 34-75

described 34-43

enabling 34-46

monitoring 34-62

multipath support 34-50

neighbors, types of 34-46

path selection 34-50

peers, configuring 34-57

prefix filtering 34-54

resetting sessions 34-49

route dampening 34-61

route maps 34-52

route reflectors 34-60

routing domain confederation 34-59

routing session with multi-VRF CE 34-91

show commands 34-62

supernets 34-58

support for 1-10

Version 4 34-43

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 21-6

IP source guard 21-19

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 24-6

Boolean expressions in tracked lists 43-4

booting

boot loader, function of 3-2

boot process 3-1

manually 3-20

specific image 3-20

boot loader

accessing 3-21

described 3-2

environment variables 3-21

prompt 3-21

trap-door mechanism 3-2

bootstrap router (BSR), described 46-6

Border Gateway Protocol

See BGP

BPDU

error-disabled state 18-3

filtering 18-3

RSTP format 17-12

BPDU filtering

described 18-3

disabling 18-9

enabling 18-8

support for 1-6

BPDU guard

described 18-3

disabling 18-8

enabling 18-7

support for 1-6

broadcast flooding 34-15

broadcast packets

directed 34-12

flooded 34-12

broadcast storm-control command 24-4

broadcast storms 24-1, 34-12

bulk statistics

defined 31-6

file 31-6

object list, configuring 31-18

object list, described 31-6

schema, configuring 31-18

schema, described 31-6

transfer 31-19

bulkstat object-list 31-18

bulkstat schema 31-18

byte-level statistics 36-17

C

cables, monitoring for unidirectional links 27-1

CBWFQ

and bandwidth command 36-28, 36-67

configuration guidelines 36-67

QoS scheduling 36-26

CDP

configuring 25-2

default configuration 25-2

defined with LLDP 26-1

described 25-1

disabling for routing device25-3to 25-4

enabling and disabling

on an interface 25-4

on a switch 25-3

Layer 2 protocol tunneling 15-20

monitoring 25-5

overview 25-1

support for 1-4

transmission timer and holdtime, setting 25-2

updates 25-2

CEF

defined 34-97

enabling 34-97

IPv6 38-21

CFM

and Ethernet OAM, configuring 44-56

and Ethernet OAM interaction 44-55

and OAM manager 44-49

and other features 44-8

and tunnels 44-8

clearing 44-31

configuration errors 44-6

configuration guidelines 44-8

configuring crosscheck 44-12

configuring fault alarms 44-16

configuring port MEP 44-14

configuring static remote MEP 44-13

configuring the network 44-8

continuity check messages 44-5

crosscheck 44-5

default configuration 44-7

defined 44-2

down MEPs 44-4

draft 1 44-4

draft 8.1 44-4

EtherChannel support 44-8

fault alarms

configuring 44-16

defined 44-5

IEEE 802.1ag 44-2

IP SLAs support for 44-6

IP SLAs with endpoint discovers 44-19

loopback messages 44-5

maintenance association 44-3

maintenance domain 44-2

maintenance point 44-3

manually configuring IP SLAs ping or jitter 44-18

measuring network performance 44-6

messages

continuity check 44-5

loopback 44-5

traceroute 44-5

monitoring 44-31, 44-32

on EtherChannel port channels 44-8

port MEP, configuring 44-14

remote MEPs 44-5

SNMP traps 44-5

static RMEP, configuring 44-13

static RMEP check 44-5

traceroute messages 44-5

types of messages 44-5

UNIs 44-4

up MEPs 44-4

version interoperability 44-6

Y.1731

described 44-23

child policies, QoS 36-13, 36-28

CIDR 34-58

Cisco Configuration Engine 1-3

Cisco Data Collection MIB 31-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 42-1

Cisco Process MIB 31-1

CiscoWorks 2000 1-3, 31-4

CISP 9-9

CIST regional root

See MSTP

CIST root

See MSTP

civic location 26-3

class-based priority queuing, QoS 36-20

class-based shaping

configuration guidelines 36-69

configuring 36-69

for QoS 36-27

Class-Based-Weighted-Fair-Queuing

See CBWFQ

classification

based on ACL lookup 36-11

based on DEI bit 36-10

in packet headers 36-6

of 802.1ad frames 36-10

per-port per VLAN 36-13, 36-60

QoS comparisons 36-10

QoS group 36-12

classless interdomain routing

See CIDR

classless routing 34-6

class map

match-all option 36-7

match-any option 36-7

class-map command 36-3

class maps

for QinQ input policy maps 36-82

for QinQ output policy maps 36-85

class maps, QoS

configuring 36-41

described 36-7

class of service

See CoS

class selectors, DSCP 36-9

clearing

Ethernet CFM 44-31

clearing interfaces 11-30

CLI

abbreviating commands 2-3

command modes 2-1

described 1-3

editing features

enabling and disabling 2-6

keystroke editing 2-6

wrapped lines 2-8

error messages 2-4

filtering command output 2-8

getting help 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client processes, tracking 43-1

CLNS

See ISO CLNS

clock

See system clock

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-8

for upgrading 4-14

command-line interface

See CLI

command macros

applying global parameter values 12-4

applying macros 12-4

applying parameter values 12-4

configuration guidelines 12-2

creating 12-3

default configuration 12-2

defined 12-1

displaying 12-5

tracing 12-2

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 8-8

common session ID

see single session ID 9-10

community list, BGP 34-56

community ports 14-3

community strings

configuring 31-8

overview 31-4

community VLANs 14-2, 14-3

compatibility, feature 24-11

config.text 3-19

configurable leave timer, IGMP 23-5

configurable policer profiles 36-45

configuration, initial

defaults 1-12

configuration example

802.1ad EtherChannels 15-15

configuration examples

802.1ad QoS 36-91

network 1-15

policy maps 36-100

QoS

adding customers 36-102

adding or deleting a class 36-105

adding or deleting classification criteria 36-102, 36-103

adding or deleting configured actions 36-104

changing queuing or scheduling parameters 36-104

initial 36-100

QoS classification for QinQ 36-86

QoS marking and queuing, CPU-generated traffic 36-95

configuration files

archiving A-19

clearing the startup configuration A-19

creating using a text editor A-10

default name 3-19

deleting a stored configuration A-19

described A-8

downloading

automatically 3-19

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

guidelines for creating and using A-9

guidelines for replacing and rolling back A-20

invalid combinations when copying A-5

limiting TFTP server access 31-17, 31-18, 31-19, 31-20

obtaining with DHCP 3-8

password recovery disable considerations 8-5

replacing a running configuration A-19, A-20

rolling back a running configuration A-19, A-20

specifying the filename 3-19

system contact and location information 31-17

types and location A-9

uploading

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-14

using RCP A-18

using TFTP A-11

configuration guidelines

802.1ad and split horizon 15-14

802.1ad EtherChannels 15-14, 15-15

802.1ad QoS 36-90

aggregate policers 36-54

CBWFQ 36-67

CFM 44-8

class-based shaping 36-69

C-VLAN child policy maps 36-81

C-VLAN parent policy maps 36-80

EtherChannel 37-10

Ethernet OAM 44-35

HSRP 41-5

individual policers 36-46

input policy maps 36-45

link-state tracking 37-24

marking in policy maps 36-58

multi-VRF CE 34-86

OAM manager 44-49

output policy maps 36-65

per-port, per-VLAN QoS 36-60

PIM stub routing 46-12

port security 24-10

QoS, general 36-35

QoS ACLs 36-37

QoS classification for QinQ 36-79

QoS class maps 36-41

QoS table maps 36-43

REP 19-7

rollback and replacement A-20

SSM 46-16

SSM mapping 46-17

strict priority queuing 36-71

unconditional priority policing 36-73

UNI VLANs 13-12

VLAN mapping 15-9

VLANs 13-8

WTD 36-76

configuration replacement A-19

configuration rollback A-19

configuration settings, saving 3-15

configure terminal command 11-8

Configure the VACL logging parameters 33-37

configuring 45-4

configuring marking in input policy maps 36-58

configuring port-based authentication violation modes 9-17

Configuring VACL Logging 33-36

conform, exceed, and violate actions 36-54

congestion avoidance, QoS 36-2, 36-32

congestion management, QoS 36-2, 36-26

connections, secure remote 8-38

Connectivity Fault Management

See CFM

connectivity problems 48-9, 48-13, 48-14

console port, connecting to 2-9

control packets

and control-plane security 35-2

dropping and rate-limiting 35-2

control-plane security

configuring 35-6

control packets 35-2

monitoring 35-7

policers 35-4

policing 35-2

purpose of 35-1

control protocol, IP SLAs 42-4

convergence

REP 19-4

corrupted software, recovery steps with Xmodem 48-2

CoS

classification 36-8

values 36-6

CoS mapping 36-8

counters, clearing interface 11-30

CPU-generated traffic

marking and queuing 36-93

CPU overload, protection from 35-1

CPU policers 35-6

CPU protection 35-4

CPU threshold notification 31-21

CPU threshold table 31-1, 31-20

CPU utilization statistics 31-20

crashinfo file 48-21

crosscheck, CFM 44-5, 44-12

cryptographic software image

Kerberos 8-33

SSH 8-38

C-UNI isolated ports 15-18

C-UNIs 15-13

customer edge devices 1-18, 34-84

C-VLAN 15-7

D

data collection, bulk statistics 31-20

daylight saving time 5-13

debugging

enabling all system diagnostics 48-18

enabling for a specific feature 48-17

redirecting error message output 48-18

using commands 48-17

default

policer configuration

ENIs and UNIs 35-4

NNIs 35-6

default actions, table maps 36-15

default commands 2-4

default configuration

banners 5-17

BGP 34-44, 34-75

booting 3-19

CDP 25-2

CFM 44-7

DHCP 21-8

DHCP option 82 21-8

DHCP snooping 21-8

DHCP snooping binding database 21-8

DNS 5-16

dynamic ARP inspection 22-5

EIGRP 34-36

E-LMI and OAM 44-49

EtherChannel 37-10

Ethernet OAM 44-35

Flex Links 20-7

HSRP 41-5

IEEE 802.1Q tunneling 15-4

IEEE 802.1x 9-11

IGMP 46-37

IGMP filtering 23-24

IGMP snooping 23-6, 39-5, 39-6

IGMP throttling 23-25

initial switch information 3-3

IP addressing, IP routing 34-4

IP multicast routing 46-9

IP SLAs 42-6

IP source guard 21-21

IPv6 38-11

IS-IS 34-64

Layer 2 interfaces 11-15

Layer 2 protocol tunneling 15-23

LLDP 26-3

MAC address table 5-21

MAC address-table move update 20-7

MSDP 47-3

MSTP 17-14

multi-VRF CE 34-85

MVR 23-18

NTP 5-4

optional spanning-tree configuration 18-5

OSPF 34-24

password and privilege level 8-2

PIM 46-9

private VLANs 14-6

QoS 36-35

RADIUS 8-21

REP 19-7

RIP 34-18

RMON 29-3

RSPAN 28-9

SDM template 7-3

SNMP 31-7

SPAN 28-9

STP 16-11

system message logging 30-3

system name and prompt 5-15

TACACS+ 8-13

UDLD 27-4

VLAN, Layer 2 Ethernet interfaces 13-16

VLAN mapping 15-9

VLANs 13-7

VMPS 13-25

Y.1731 44-26

default gateway 3-15, 34-10

default networks 34-100

default router preference

See DRP

default routes 34-100

default routing 34-2

default service, DSCP 36-9

default template 7-1

DEI bit

for classification 36-5

ingress classification 36-90

ingress marking 36-90

ingress policing 36-90

location 36-6

DEI classification 36-10

denial-of-service attacks, preventing 35-1

description command 11-24

designing your network, examples 1-15

destination addresses

in IPv6 ACLs 40-5

destination addresses, in IPv4 ACLs 33-11

destination-IP address-based forwarding, EtherChannel 37-8

destination-MAC address forwarding, EtherChannel 37-7

device discovery protocol 25-1, 26-1

DHCP

DHCP for IPv6

See DHCPv6

DHCP, enabling the relay agent 21-10

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-8

server side 3-6

TFTP server 3-7

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-4, 1-11

support for 1-3

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP object tracking, configuring primary interface 43-11

DHCP option 82

circuit ID suboption 21-5

configuration guidelines 21-8

default configuration 21-8

displaying 21-15

forwarding address, specifying 21-10

helper address 21-10

overview 21-3

packet format, suboption

circuit ID 21-5

remote ID 21-5

remote ID suboption 21-5

DHCP server port-based address allocation

configuration guidelines 21-16

default configuration 21-16

described 21-15

displaying 21-18

enabling 21-16

reserved addresses 21-17

DHCP snooping

accepting untrusted packets form edge switch 21-3, 21-12

and private VLANs 21-13

binding database

See DHCP snooping binding database

configuration guidelines 21-8

default configuration 21-8

displaying binding tables 21-15

message exchange process 21-4

option 82 data insertion 21-3

trusted interface 21-2

untrusted interface 21-2

untrusted messages 21-2

DHCP snooping binding database

adding bindings 21-13

binding entries, displaying 21-15

binding file

format 21-7

location 21-6

bindings 21-6

clearing agent statistics 21-14

configuration guidelines 21-9

configuring 21-13

default configuration 21-8

deleting

binding file 21-14

bindings 21-14

database agent 21-14

described 21-6

displaying 21-15

binding entries 21-15

status and statistics 21-15

enabling 21-13

entry 21-6

renewing database 21-14

resetting

delay value 21-14

timeout value 21-14

DHCP snooping binding table

See DHCP snooping binding database

DHCPv6

configuration guidelines 38-16

default configuration 38-16

described 38-6

enabling client function 38-19

enabling DHCPv6 server function 38-17

diagnostic schedule command 49-2

Differentiated Services Code Point

See DSCP

Diffusing Update Algorithm (DUAL) 34-34

Digital Optical Monitoring

see DoM

directed unicast requests 1-4

directories

changing A-3

creating and removing A-4

displaying the working A-3

discovery, Ethernet OAM 44-34

distribute-list command 34-108

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-16

displaying the configuration 5-17

in IPv6 38-4

overview 5-15

setting up 5-16

support for 1-3

DNS-based SSM mapping 46-19, 46-20

DoM

displaying supported transceivers 11-30

domain names, DNS 5-15

Domain Name System

See DNS

domains, ISO IGRP routing 34-63

dot1q-tunnel switchport mode 13-15

double-tagged packets

IEEE 802.1Q tunneling 15-3

Layer 2 protocol tunneling 15-22

downloading

configuration files

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

image files

deleting old image A-27

preparing A-25, A-28, A-32

reasons for A-23

using FTP A-29

using RCP A-33

using TFTP A-26

using the device manager or Network Assistant A-23

drop eligibility indicator

See DEI

drop threshold for Layer 2 protocol packets 15-23

DRP

configuring 38-14

described 38-4

IPv6 38-4

DSCP

assured forwarding 36-9

classification 36-9

class selectors 36-9

default service 36-9

expedited forwarding 36-9

values 36-6

DUAL finite state machine, EIGRP 34-35

dual IPv4 and IPv6 templates 7-2, 38-5

dual protocol stacks

IPv4 and IPv6 38-5

SDM templates supporting 38-6

dual-purpose ports

default port type 11-7

defaults 11-20

defined 11-6

frame size 11-20

LEDs 11-7

setting the type 11-20

duplex mode, configuring 11-18

dying gasp 44-43

dynamic access ports

characteristics 13-5

configuring 13-26

defined 11-4

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 22-1

ARP requests, described 22-1

ARP spoofing attack 22-1

clearing

log buffer 22-15

statistics 22-15

configuration guidelines 22-6

configuring

ACLs for non-DHCP environments 22-8

in DHCP environments 22-7

log buffer 22-13

rate limit for incoming ARP packets 22-4, 22-10

default configuration 22-5

denial-of-service attacks, preventing 22-10

described 22-1

DHCP snooping binding database 22-2

displaying

ARP ACLs 22-14

configuration and operating state 22-14

log buffer 22-15

statistics 22-15

trust state and rate limit 22-14

error-disabled state for exceeding rate limit 22-4

function of 22-2

interface trust states 22-3

log buffer

clearing 22-15

configuring 22-13

displaying 22-15

logging of dropped packets, described 22-4

man-in-the middle attack, described 22-2

network security issues and interface trust states 22-3

priority of ARP ACLs and DHCP snooping entries 22-4

rate limiting of ARP packets

configuring 22-10

described 22-4

error-disabled state 22-4

statistics

clearing 22-15

displaying 22-15

validation checks, performing 22-12

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 13-24

reconfirming 13-27

troubleshooting 13-28

types of connections 13-26

dynamic routing

ISO CLNS 34-63

protocols 34-3

E

EBGP 34-42

editing features

enabling and disabling 2-6

keystrokes used 2-6

wrapped lines 2-8

EEM 3.2 32-5

EIGRP

authentication 34-39

components 34-35

configuring 34-37

default configuration 34-36

definition 34-34

interface parameters, configuring 34-38

monitoring 34-41

stub routing 34-40

support for 1-10

EIGRP IPv6 38-7

ELIN location 26-3

E-LMI

and OAM Manager 44-48

CE device configuration 44-54

configuration guidelines 44-49

configuring a CE device 44-52

configuring a PE device 44-52

default configuration 44-49

defined 44-48

enabling 44-52

information 44-48

monitoring 44-54

PE device configuration 44-53

embedded event manager

3.2 32-5

actions 32-4

configuring 32-1, 32-5

displaying information 32-7

environmental variables 32-4

event detectors 32-2

policies 32-4

registering and defining an applet 32-6

registering and defining a TCL script 32-7

understanding 32-1

enable password 8-3

enable secret password 8-3

encryption for passwords 8-3

Enhanced IGRP

See EIGRP

enhanced network interface

See ENI

enhanced object tracking

backup static routing 43-12

commands 43-1

defined 43-1

DHCP primary interface 43-11

HSRP 43-7

IP routing state 43-2

IP SLAs 43-9

line-protocol state 43-2

network monitoring with IP SLAs 43-11

routing policy, configuring 43-12

static route primary interface 43-10

tracked lists 43-3

ENI

configuring 11-17

described 11-2

protocol control packets on 35-1

environmental variables, embedded event manager 32-4

environment variables, function of 3-22

equal-cost routing 1-11, 34-98

error messages during command entry 2-4

EtherChannel

802.3ad, described 37-6

automatic creation of 37-4, 37-6

channel groups

binding physical and logical interfaces 37-3

numbering of 37-3

configuration guidelines 37-10

configuring

Layer 2 interfaces 37-11

Layer 3 physical interfaces 37-15

Layer 3 port-channel logical interfaces 37-14

default configuration 37-10

described 37-2

displaying status 37-22

forwarding methods 37-7, 37-17

interaction

with STP 37-10

with VLANs 37-11

LACP

described 37-6

displaying status 37-22

hot-standby ports 37-19

interaction with other features 37-7

modes 37-6

port priority 37-21

system priority 37-20

Layer 3 interface 34-3

load balancing 37-7, 37-17

logical interfaces, described 37-3

PAgP

aggregate-port learners 37-18

compatibility with Catalyst 1900 37-18

described 37-4

displaying status 37-22

interaction with other features 37-5

learn method and priority configuration 37-18

modes 37-5

support for 1-2

port-channel interfaces

described 37-3

numbering of 37-3

port groups 11-6

support for 1-2

EtherChannel guard

described 18-3

disabling 18-10

enabling 18-9

Ethernet Frame Delay 42-13

Ethernet frame delay measurement

ETH-DM 45-2

Ethernet infrastructure 44-1

Ethernet Link Management Interface

See E-LMI

Ethernet Locked Signal (ETH-LCK) 44-25

Ethernet loopback

characteristics 44-45

Ethernet management port

and routing 11-12

and routing protocols 11-13

and TFTP 11-14

configuring 11-14

default setting 11-12

described 11-5, 11-12

for network management 11-5, 11-12

specifying 11-14

supported features 11-13

unsupported features 11-14

Ethernet management port, internal

and routing 11-12

and routing protocols 11-13

unsupported features 11-14

Ethernet OAM 44-34

and CFM interaction 44-55

configuration guidelines 44-35

configuring with CFM 44-56

default configuration 44-35

discovery 44-34

dying gasp 44-43

enabling 44-35, 44-57

link monitoring 44-34, 44-37

manager 44-1

messages 44-34

protocol

defined 44-33

monitoring 44-44

remote failure indications 44-34, 44-40

remote loopback 44-34, 44-36

templates 44-40

Ethernet OAM protocol 44-1

Ethernet OAM protocol CFM notifications 44-55

Ethernet operation, administration, and maintenance

See Ethernet OAM

Ethernet Remote Defect Indication (ETH-RDI) 44-24

Ethernet terminal loopback 36-99

Ethernet virtual connections

See EVCs

Ethernet VLANs

adding 13-9

defaults and ranges 13-8

modifying 13-9

EUI 38-3

EVCs

configuring 44-50

in CFM domains 44-48

event detectors, embedded event manager 32-2

events, RMON 29-3

example, configuration 45-5

examples

network configuration 1-15

expedited forwarding, DSCP 36-9

extended-range VLANs

creating with an internal VLAN ID 13-12

defined 13-1

extended system ID

MSTP 17-17

STP 16-4, 16-15

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 9-1

external BGP

See EBGP

external neighbors, BGP 34-46

F

Fa0 port

See Ethernet management port

Fast Convergence 20-3

fastethernet0 port

See Ethernet management port

features, incompatible 24-11

FIB 34-97

fiber-optic, detecting unidirectional links 27-1

files

copying A-4

crashinfo

description 48-21

displaying the contents of 48-21

location 48-21

deleting A-5

displaying the contents of A-8

tar

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-24

file system

displaying available file systems A-2

displaying file information A-3

local file system names A-1

network file system names A-4

setting the default A-3

filtering

in a VLAN 33-30

IPv6 traffic 40-3, 40-7

non-IP traffic 33-27

show and more command output 2-8

filtering show and more command output 2-8

filters, IP

See ACLs, IP

flash device, number of A-1

Flex Link Multicast Fast Convergence 20-3

Flex Links

configuration guidelines 20-8

configuring 20-8, 20-9

configuring preferred VLAN 20-11

configuring VLAN load balancing 20-10

default configuration 20-7

description 20-1

link load balancing 20-2

monitoring 20-14

VLANs 20-2

flooded traffic, blocking 24-7

flow control 1-2, 11-22

forward-delay time

MSTP 17-23

STP 16-22

Forwarding Information Base

See FIB

FTP

configuration files

downloading A-13

overview A-12

preparing the server A-13

uploading A-14

image files

deleting old image A-31

downloading A-29

preparing the server A-28

uploading A-31

G

general query 20-5

Generating IGMP Reports 20-3

get-bulk-request operation 31-3

get-next-request operation 31-3, 31-4

get-request operation 31-3, 31-4

get-response operation 31-3

global configuration mode 2-2

global leave, IGMP 23-11

H

hardware limitations and Layer 3 interfaces 11-25

hello time

MSTP 17-23

STP 16-21

help, for the command line 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

history table, level and number of syslog messages 30-10

host ports

configuring 14-11

kinds of 14-2

hosts, limit on dynamic ports 13-28

Hot Standby Router Protocol

See HSRP

HP OpenView 1-3

HSRP

authentication string 41-10

command-switch redundancy 1-6

configuration guidelines 41-5

configuring 41-5

default configuration 41-5

definition 41-1

monitoring 41-12

object tracking 43-7

overview 41-2

priority 41-7

routing redundancy 1-10

support for ICMP redirect messages 41-12

timers 41-10

tracking 41-8

HTTP(S) Over IPv6 38-8

I

IBPG 34-42

ICMP

IPv6 38-4

redirect messages 34-10

support for 1-11

time-exceeded messages 48-15

traceroute 48-15

unreachable messages 33-19

unreachable messages and IPv6 40-4

unreachables and ACLs 33-20

ICMP Echo operation

configuring 42-11

IP SLAs 42-11

ICMP ping

executing 48-10

overview 48-10

ICMP Router Discovery Protocol

See IRDP

ICMPv6 38-4

IDS appliances

and ingress RSPAN 28-20

and ingress SPAN 28-13

IEEE 802.1ad 15-13

IEEE 802.1ag 44-2

IEEE 802.1D

See STP

IEEE 802.1Q

and trunk ports 11-4

configuration limitations 13-15

encapsulation 13-15

native VLAN for untagged traffic 13-19

tunneling

compatibility with other features 15-6

defaults 15-4

described 15-2

tunnel ports with other features 15-6

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ah Ethernet OAM discovery 44-1

IEEE 802.3z flow control 11-22

ifIndex values, SNMP 31-5

IFS 1-4

IGMP

configurable leave timer, described 23-5

configurable leave timer, procedures 23-9

configuring the switch

as a member of a group 46-37

statically connected member 46-42

controlling access to groups 46-38

default configuration 46-37

deleting cache entries 46-46

displaying groups 46-47

fast switching 46-42

flooded multicast traffic

controlling flooding time 23-10

disabling on an interface 23-11

global leave 23-11

query solicitation 23-11

recovering from flood mode 23-11

host-query interval, modifying 46-40

joining multicast group 23-3

join messages 23-3

leave processing, enabling 23-9, 39-9

leaving multicast group 23-5

multicast reachability 46-37

overview 46-2

queries 23-3

report suppression

described 23-6

disabling 23-14, 39-11

supported versions 23-2

support for 1-2

Version 1

changing to Version 2 46-39

described 46-3

Version 2

changing to Version 1 46-39

described 46-3

maximum query response time value 46-41

pruning groups 46-41

query timeout value 46-41

IGMP configurable leave timer 23-5

IGMP filtering

configuring 23-25

default configuration 23-24

described 23-24

monitoring 23-29

support for 1-3

IGMP groups

configuring filtering 23-27

setting the maximum number 23-27

IGMP helper 46-5

IGMP leave timer, configuring 23-9

IGMP profile

applying 23-26

configuration mode 23-25

configuring 23-25

IGMP snooping

and address aliasing 23-2

configuring 23-6

default configuration 23-6, 39-5, 39-6

definition 23-1

enabling and disabling 23-7, 39-6

global configuration 23-7

Immediate Leave 23-5

monitoring 23-14, 39-11

querier

configuration guidelines 23-12

configuring 23-12

supported versions 23-2

support for 1-2

VLAN configuration 23-7

IGMP throttling

configuring 23-27

default configuration 23-25

described 23-24

displaying action 23-29

IGP 34-23

Immediate Leave, IGMP

configuration guidelines 23-9

described 23-5

enabling 23-9, 39-9

individual policers

configuration guidelines 36-46

configuring 36-46

initial configuration

defaults 1-12

inner CoS to outer CoS mapping 36-8

input policy maps

classification criteria 36-5

configuration guidelines 36-45

configuring 36-45

displaying statistics 36-99

interface

number 11-8

range macros 11-10

interface command 11-8

interface configuration, REP 19-9

interface configuration mode 2-2

interfaces 45-3

configuration guidelines, duplex and speed 11-18

configuring

duplex mode 11-18

procedure 11-8

speed 11-18

counters, clearing 11-30

described 11-24

descriptive name, adding 11-24

displaying information about 11-29

flow control 11-22

management 1-3

monitoring 11-29

naming 11-24

physical, identifying 11-8

range of 11-9

restarting 11-31

shutting down 11-31

status 11-29

supported 11-8

types of 11-1

interfaces range macro command 11-10

interface types 11-8

ENI 11-2

NNI 11-2

UNI 11-2

Interior Gateway Protocol

See IGP

Intermediate System-to-Intermediate System

See IS-IS

internal BGP

See IBGP

internal neighbors, BGP 34-46

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

inter-VLAN routing 1-11, 34-2

Intrusion Detection System

See IDS appliances

inventory management TLV 26-6

IP ACLs

for QoS classification 36-11

implicit deny 33-9, 33-13

implicit masks 33-9

named 33-14

undefined 33-20

IP addresses

128-bit 38-2

classes of 34-5

default configuration 34-4

discovering 5-31

for IP routing 34-4

IPv6 38-2

MAC address association 34-7

monitoring 34-16

virtual 41-13

IP broadcast address 34-14

ip cef distributed command 34-97

IP directed broadcasts 34-13

ip igmp profile command 23-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP multicast routing

addresses

all-hosts 46-2

all-multicast-routers 46-2

host group address range 46-2

administratively-scoped boundaries, described 46-44

and IGMP snooping 23-1

Auto-RP

adding to an existing sparse-mode cloud 46-24

benefits of 46-24

clearing the cache 46-46

configuration guidelines 46-10

filtering incoming RP announcement messages 46-27

overview 46-6

preventing candidate RP spoofing 46-27

preventing join messages to false RPs 46-26

setting up in a new internetwork 46-24

using with BSR 46-32

bootstrap router

configuration guidelines 46-10

configuring candidate BSRs 46-30

configuring candidate RPs 46-31

defining the IP multicast boundary 46-29

defining the PIM domain border 46-28

overview 46-6

using with Auto-RP 46-32

Cisco implementation 46-1

configuring

basic multicast routing 46-10

IP multicast boundary 46-44

default configuration 46-9

enabling

multicast forwarding 46-11

PIM mode 46-12

group-to-RP mappings

Auto-RP 46-6

BSR 46-6

MBONE

deleting sdr cache entries 46-46

described 46-43

displaying sdr cache 46-47

enabling sdr listener support 46-43

limiting sdr cache entry lifetime 46-44

SAP packets for conference session announcement 46-43

Session Directory (sdr) tool, described 46-43

monitoring

packet rate loss 46-47

peering devices 46-47

tracing a path 46-47

multicast forwarding, described 46-7

PIMv1 and PIMv2 interoperability 46-9

reverse path check (RPF) 46-7

routing table

deleting 46-46

displaying 46-47

RP

assigning manually 46-22

configuring Auto-RP 46-24

configuring PIMv2 BSR 46-28

monitoring mapping information 46-33

using Auto-RP and BSR 46-32

statistics, displaying system and network 46-46

See also IGMP

See also PIM

IP packets, classification 36-6

IP Port Security for Static Hosts

on a Layer 2 access port 21-23

on a PVLAN host port 21-26

IP precedence

classification 36-9

values 36-6

IP protocols

routing 1-10

IP routes, monitoring 34-110

IP routing

connecting interfaces with 11-7

disabling 34-17

enabling 34-17

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 42-1

IP SLAs

benefits 42-2

CFM endpoint discovery 44-19

configuration guidelines 42-6

configuring object tracking 43-9

Control Protocol 42-4

default configuration 42-6

definition 42-1

ICMP echo operation 42-11

manually configuring CFM ping or jitter 44-18

measuring network performance 42-3

monitoring 42-13

multioperations scheduling 42-5

object tracking 43-9

operation 42-3

reachability tracking 43-9

responder

described 42-4

enabling 42-7

response time 42-4

scheduling 42-5

SNMP support 42-2

supported metrics 42-2

threshold monitoring 42-6

track object monitoring agent, configuring 43-11

track state 43-9

UDP jitter operation 42-8

IP source guard

and 802.1x 21-21

and DHCP snooping 21-19

and EtherChannels 21-21

and port security 21-21

and private VLANs 21-21

and routed ports 21-21

and TCAM entries 21-21

and trunk interfaces 21-21

and VRF 21-21

binding configuration

automatic 21-19

manual 21-19

binding table 21-19

configuration guidelines 21-21

default configuration 21-21

described 21-19

disabling 21-22

displaying

bindings 21-28

configuration 21-28

enabling 21-22, 21-23

filtering

source IP address 21-19

source IP and MAC address 21-20

source IP address filtering 21-19

source IP and MAC address filtering 21-20

static bindings

adding 21-22, 21-23

deleting 21-22

static hosts 21-23

IP traceroute

executing 48-15

overview 48-14

IP unicast routing

address resolution 34-7

administrative distances 34-99, 34-109

ARP 34-7

assigning IP addresses to Layer 3 interfaces 34-5

authentication keys 34-109

broadcast

address 34-14

flooding 34-15

packets 34-12

storms 34-12

classless routing 34-6

configuring static routes 34-98

default

addressing configuration 34-4

gateways 34-10

networks 34-100

routes 34-100

routing 34-2

directed broadcasts 34-13

disabling 34-17

dynamic routing 34-3

enabling 34-17

EtherChannel Layer 3 interface 34-3

IGP 34-23

inter-VLAN 34-2

IP addressing

classes 34-5

configuring 34-4

IPv6 38-2

IRDP 34-11

Layer 3 interfaces 34-3

MAC address and IP address 34-7

passive interfaces 34-107

proxy ARP 34-8

redistribution 34-101

reverse address resolution 34-7

routed ports 34-3

static routing 34-2

steps to configure 34-3

subnet mask 34-5

subnet zero 34-5

supernet 34-6

UDP 34-14

with SVIs 34-3

See also BGP

See also EIGRP

See also IS-IS

See also OSPF

See also RIP

IPv4 ACLs

applying to interfaces 33-19

extended, creating 33-10

named 33-14

standard, creating 33-9

IPv6

ACLs

displaying 40-8

limitations 40-3

matching criteria 40-3

port 40-2

precedence 40-2

router 40-2

supported 40-2

addresses 38-2

address formats 38-2

applications 38-5

assigning address 38-11

autoconfiguration 38-5

CEFv6 38-21

default configuration 38-11

default router preference (DRP) 38-4

defined 38-1

Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 38-7

Router ID 38-7

feature limitations 38-10

features not supported 38-9

forwarding 38-11

ICMP 38-4

neighbor discovery 38-4

OSPF 38-7

path MTU discovery 38-4

SDM templates 7-2, 39-1, 40-1

Stateless Autoconfiguration 38-5

supported features 38-2

switch limitations 38-10

understanding static routes 38-7

IPv6 traffic, filtering 40-3

IRDP

configuring 34-11

definition 34-11

support for 1-11

IS-IS

addresses 34-63

area routing 34-63

default configuration 34-64

monitoring 34-72

show commands 34-72

support for 1-10

system routing 34-63

ISL trunking with IEEE 802.1 tunneling 15-5

ISO CLNS

clear commands 34-72

dynamic routing protocols 34-63

monitoring 34-72

NETs 34-63

NSAPs 34-63

OSI standard 34-63

ISO IGRP

area routing 34-63

system routing 34-63

isolated port 14-2

isolated VLANs 14-2, 14-3

ITU-T Y.1731

See Y.1731

J

join messages, IGMP 23-3

K

KDC

described 8-33

See also Kerberos

keepalive command 11-17

keepalive messages 16-3

keepalive messages, default 11-17

Kerberos

authenticating to

boundary switch 8-35

KDC 8-35

network services 8-36

configuration examples 8-33

configuring 8-36

credentials 8-33

cryptographic software image 8-33

described 8-33

KDC 8-33

operation 8-35

realm 8-34

server 8-34

support for 1-8

switch as trusted third party 8-33

terms 8-34

TGT 8-35

tickets 8-33

key distribution center

See KDC

L

l2protocol forward command 15-14

l2protocol peer command 15-14

l2protocol-tunnel command 15-25

LACP

Layer 2 protocol tunneling 15-22

See EtherChannel

Layer 2 interfaces, default configuration 11-15

Layer 2 packets, classification 36-6

Layer 2 protocol packets, and control-plane security 35-2

Layer 2 protocol tunneling

configuring 15-22

configuring for EtherChannels 15-26

default configuration 15-23

defined 15-20

layer-2 template 7-1

Layer 2 traceroute

and ARP 48-14

and CDP 48-13

broadcast traffic 48-13

described 48-13

IP addresses and subnets 48-14

MAC addresses and VLANs 48-13

multicast traffic 48-13

multiple devices on a port 48-14

unicast traffic 48-13

usage guidelines 48-13

Layer 3 features 1-10

Layer 3 interfaces

assigning IP addresses to 34-5

assigning IPv4 and IPv6 addresses to 38-15

assigning IPv6 addresses to 38-12

changing from Layer 2 mode 34-5, 34-89

types of 34-3

LDAP 4-2

Leaking IGMP Reports 20-4

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

Link Failure, detecting unidirectional 17-8

link integrity, verifying with REP 19-3

Link Layer Discovery Protocol

See CDP

link local unicast addresses 38-3

link monitoring, Ethernet OAM 44-34, 44-37

link redundancy

See Flex Links

links, unidirectional 27-1

link state advertisements (LSAs) 34-30

link-state tracking

configuration guidelines 37-24

configuring 37-24

described 37-22

LLDP

configuring 26-3

characteristics 26-4

default configuration 26-3

disabling and enabling

globally 26-5

on an interface 26-5

monitoring and maintaining 26-8

overview 26-1

supported TLVs 26-2

transmission timer and holdtime, setting 26-4

LLDP-MED

configuring 26-3

configuring TLVs 26-6

monitoring and maintaining 26-8

overview 26-1, 26-2

supported TLVs 26-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing 41-4, 41-13

local SPAN 28-2

location TLV 26-3, 26-6

logging messages, ACL 33-8

login authentication

with RADIUS 8-24

with TACACS+ 8-14

login banners 5-17

log messages

See system message logging

loop guard

described 18-5

enabling 18-10

support for 1-6

M

MAC addresses

aging time 5-21

and VLAN association 5-20

building the address table 5-20

default configuration 5-21

disabling learning on a VLAN 5-30

discovering 5-31

displaying 5-31

displaying in the IP source binding table 21-28

dynamic

learning 5-20

removing 5-22

in ACLs 33-27

IP address association 34-7

static

adding 5-28

allowing 5-29, 5-30

characteristics of 5-27

dropping 5-29

removing 5-28

virtual 41-13

MAC address learning, disabling on a VLAN 5-30

MAC address notification, support for 1-11

MAC address-table move update

configuration guidelines 20-8

configuring 20-12

default configuration 20-7

description 20-6

monitoring 20-14

MAC address-to-VLAN mapping 13-23

MAC extended access lists

applying to Layer 2 interfaces 33-29

configuring for QoS 36-40

creating 33-27

defined 33-27

macros

See command macros

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

manageability features 1-3

management access

in-band

CLI session 1-4

SNMP 1-4

out-of-band console port connection 1-4

management options

CLI 2-1

CNS 4-1

overview 1-3

manual preemption, REP, configuring 19-13

marking

action with aggregate policers 36-54

described 36-2, 36-16

match command, QoS

for classification 36-3, 36-7

guidelines 36-41

matching, IPv4 ACLs 33-7

matching classifications, QoS 36-7

maximum aging time

MSTP 17-24

STP 16-22

maximum hop count, MSTP 17-24

maximum number of allowed devices, port-based authentication 9-13

maximum-paths command 34-50, 34-98

ME 34000EG-2CS switch policers 35-4

ME 3400E-24TS switch policers 35-4

ME 3400EG-12CS switch policers 35-4

media-type command 11-20

membership mode, VLAN port 13-5

MEPs

and STP 44-4

defined 44-3

messages

Ethernet OAM 44-34

to users through banners 5-17

metrics, in BGP 34-51

metric translations, between routing protocols 34-104

metro tags 15-2

MHSRP 41-4

MIBs

overview 31-1

SNMP interaction with 31-4

MIPs

and STP 44-4

defined 44-4

mirroring traffic for analysis 28-1

mismatches, autonegotiation 48-8

modular QoS command-line interface

See MQC

module number 11-8

monitoring

access groups 33-41

BGP 34-62

cables for unidirectional links 27-1

CDP 25-5

CEF 34-97

control-plane security 35-7

EIGRP 34-41

E-LMI 44-54

Ethernet CFM 44-31, 44-32

Ethernet OAM 44-44

Ethernet OAM protocol 44-44

features 1-11

Flex Links 20-14

HSRP 41-12

IEEE 802.1Q tunneling 15-30

IGMP

filters 23-29

snooping 23-14, 39-11

interfaces 11-29

IP

address tables 34-16

multicast routing 46-46

routes 34-110

IP SLAs operations 42-13

IPv4 ACL configuration 33-41

IPv6 ACL configuration 40-8

IS-IS 34-72

ISO CLNS 34-72

Layer 2 protocol tunneling 15-30

MAC address-table move update 20-14

MSDP peers 47-17

multicast router interfaces 23-15, 39-12

multi-VRF CE 34-96

MVR 23-23

network traffic for analysis with probe 28-2

OAM manager 44-54

object tracking 43-12

OSPF 34-34

port

blocking 24-18

protection 24-18

private VLANs 14-15

QoS 36-99

REP 19-14

RP mapping information 46-33

SFPs

status 11-30

SFP status 1-12, 11-30, 48-9

source-active messages 47-17

speed and duplex mode 11-20

SSM mapping 46-22

traffic flowing among switches 29-1

traffic suppression 24-18

tunneling 15-30

VLAN

filters 33-42

maps 33-42

VLANs 13-14

VMPS 13-28

MQC

process 36-3

steps to configure 36-3

mrouter Port 20-3

mrouter port 20-5

MSDP

benefits of 47-3

clearing MSDP connections and statistics 47-17

controlling source information

forwarded by switch 47-11

originated by switch 47-8

received by switch 47-13

default configuration 47-3

dense-mode regions

sending SA messages to 47-15

specifying the originating address 47-16

filtering

incoming SA messages 47-13

SA messages to a peer 47-11

SA requests from a peer 47-10

join latency, defined 47-6

meshed groups

configuring 47-14

defined 47-14

originating address, changing 47-16

overview 47-1

peer-RPF flooding 47-2

peers

configuring a default 47-4

monitoring 47-17

peering relationship, overview 47-1

requesting source information from 47-7

shutting down 47-15

source-active messages

caching 47-6

clearing cache entries 47-18

defined 47-2

filtering from a peer 47-10

filtering incoming 47-13

filtering to a peer 47-11

limiting data with TTL 47-12

monitoring 47-17

restricting advertised sources 47-8

support for 1-11

MSTP

boundary ports

configuration guidelines 17-15

described 17-6

BPDU filtering

described 18-3

enabling 18-8

BPDU guard

described 18-3

enabling 18-7

CIST, described 17-3

CIST regional root

CIST root 17-5

configuration guidelines 17-15, 18-6

configuring

forward-delay time 17-23

hello time 17-23

link type for rapid convergence 17-25

maximum aging time 17-24

maximum hop count 17-24

MST region 17-16

neighbor type 17-25

path cost 17-21

port priority 17-19

root switch 17-17

secondary root switch 17-19

switch priority 17-22

CST

defined 17-3

operations between regions 17-3

default configuration 17-14

default optional feature configuration 18-5

displaying status 17-27

enabling the mode 17-16

EtherChannel guard

described 18-3

enabling 18-9

extended system ID

effects on root switch 17-17

effects on secondary root switch 17-19

unexpected behavior 17-18

IEEE 802.1s

implementation 17-6

port role naming change 17-7

instances supported 16-10

interface state, blocking to forwarding 18-2

interoperability and compatibility among modes 16-10

interoperability with 802.1D

described 17-8

restarting migration process 17-26

IST

defined 17-2

master 17-3

operations within a region 17-3

loop guard

described 18-5

enabling 18-10

mapping VLANs to MST instance 17-16

MST region

CIST 17-3

configuring 17-16

described 17-2

hop-count mechanism 17-5

IST 17-2

supported spanning-tree instances 17-2

optional features supported 1-6

overview 17-2

Port Fast

described 18-2

enabling 18-6

preventing root switch selection 18-4

root guard

described 18-4

enabling 18-10

root switch

configuring 17-18

effects of extended system ID 17-17

unexpected behavior 17-18

shutdown Port Fast-enabled port 18-3

status, displaying 17-27

multicast Ethernet loopback (ETH-LB) 44-25

multicast Ethernet loopback, using 44-30

multicast groups

Immediate Leave 23-5

leaving 23-5

static joins 23-8, 39-8

multicast packets

ACLs on 33-41

multicast router interfaces, monitoring 23-15, 39-12

multicast router ports, adding 23-7, 39-8

Multicast Source Discovery Protocol

See MSDP

multicast storm 24-1

multicast storm-control command 24-4

multicast television application 23-16

multicast VLAN 23-15

Multicast VLAN Registration

See MVR

multioperations scheduling, IP SLAs 42-5

Multiple HSRP

See MHSRP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example 34-92

configuration guidelines 34-86

configuring 34-85

default configuration 34-85

defined 1-18, 34-83

displaying 34-96

monitoring 34-96

network components 34-85

packet-forwarding process 34-85

support for 1-11

MVR

and address aliasing 23-19

and IGMPv3 23-19

configuration guidelines 23-18

configuring interfaces 23-21

default configuration 23-18

described 23-15

example application 23-16

in the switch stack 23-18

modes 23-20

monitoring 23-23

multicast television application 23-16

setting global parameters 23-19

support for 1-3

MVRoT, guidelines 23-18

MVR over trunk ports

See MVRoT

N

named IPv4 ACLs 33-14

named IPv6 ACLs 40-3

NameSpace Mapper

See NSM

native VLAN

and IEEE 802.1Q tunneling 15-4

configuring 13-19

default 13-19

NEAT

configuring 9-24

overview 9-9

neighbor discovery, IPv6 38-4

neighbor discovery/recovery, EIGRP 34-35

neighbor offset numbers, REP 19-4

neighbors, BGP 34-57

Network Edge Access Topology

See NEAT

network management

CDP 25-1

RMON 29-1

SNMP 31-1

network node interface

See NNI

network performance, measuring with IP SLAs 42-3

network policy TLV 26-7

Network Time Protocol

See NTP

NNI

configuring 11-17

described 11-2

protocol control packets on 35-1

NNIs, 802.1ad 15-13

no commands 2-4

non-IP traffic filtering 33-27

Nonstop Forwarding Awareness

See NSF Awareness

nontrunking mode 13-15

normal-range VLANs

characteristics 13-3

configuring 13-7

defined 13-1

no switchport command 11-5

not-so-stubby areas

See NSSA

NSAPs, as ISO IGRP addresses 34-63

NSF Awareness

BGP 34-46

EIGRP 34-37

IS-IS 34-65

OSPF 34-25

NSM 4-3

NSSA, OSPF 34-30

NTP

associations

authenticating 5-5

defined 5-2

enabling broadcast messages 5-7

peer 5-6

server 5-6

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

support for 1-4

synchronizing devices 5-6

time

services 5-2

synchronizing 5-2

O

OAM

client 44-33

features 44-34

sublayer 44-33

OAM manager

and E-LMI 44-48

configuration guidelines 44-49

configuring 44-50, 44-56

monitoring 44-54

purpose of 44-48

with CFM 44-49

with CFM and Ethernet OAM 44-55

OAM PDUs 44-35

OAM protocol data units 44-33

OBFL

configuring 48-22

described 48-22

displaying 48-23

object tracking

HSRP 43-7

IP SLAs 43-9

IP SLAs, configuring 43-9

monitoring 43-12

on-board failure logging

See OBFL

online diagnostics

described 49-1

overview 49-1

running tests 49-5

Open Shortest Path First

See OSPF

optimizing system resources 7-1

options, management 1-3

OSPF

area parameters, configuring 34-30

configuring 34-25

default configuration

metrics 34-31

route 34-31

settings 34-24

described 34-23

for IPv6 38-7

interface parameters, configuring 34-26

LSA group pacing 34-32

monitoring 34-34

network types, configuring 34-29

router IDs 34-33

route summarization 34-31

support for 1-10

virtual links 34-31

output policies 36-5

output policy maps

classification criteria 36-5

configuration guidelines 36-65

configuring 36-65

displaying statistics 36-100

P

packet classification

defined 36-6

to organize traffic 36-2

packet marking

configuring 36-58

defined 36-21

packet policing, for QoS 36-2

PAgP

Layer 2 protocol tunneling 15-22

See EtherChannel

parallel paths, in routing tables 34-98

parent policies, QoS 36-13, 36-28

passive interfaces

configuring 34-107

OSPF 34-31

passwords

default configuration 8-2

disabling recovery of 8-5

encrypting 8-3

for security 1-7

overview 8-1

recovery of 48-3

setting

enable 8-3

enable secret 8-3

Telnet 8-6

with usernames 8-6

path cost

MSTP 17-21

STP 16-19

path MTU discovery 38-4

PBR

defined 34-104

enabling 34-106

fast-switched policy-based routing 34-107

local policy-based routing 34-107

peers, BGP 34-57

percentage thresholds in tracked lists 43-6

performance features 1-2

periodic data collection and transfer mechanism 31-6

per-port, per-VLAN policy maps, configuration guidelines 36-60

per-port facility loopback

defined 44-44

per-port per VLAN policing 36-13, 36-60

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring 34-91

physical ports 11-3

PIM

default configuration 46-9

dense mode

overview 46-4

rendezvous point (RP), described 46-4

RPF lookups 46-8

displaying neighbors 46-47

enabling a mode 46-12

overview 46-3

router-query message interval, modifying 46-36

shared tree and source tree, overview 46-33

shortest path tree, delaying the use of 46-35

sparse mode

join messages and shared tree 46-4

overview 46-4

prune messages 46-4

RPF lookups 46-8

stub routing

configuration guidelines 46-12

enabling 46-13

overview 46-5

support for 1-11

versions

interoperability 46-9

troubleshooting interoperability problems 46-33

v2 improvements 46-3

ping

executing 48-10

overview 48-10

police aggregate command 36-57

police command, with individual policers 36-46, 36-63

policer aggregate command 36-54

policer configuration

default for ENIs and UNIs 35-4

default for NNIs 35-6

policer instances supported 36-4

policers

configuring for more than one traffic class 36-54

described 36-2

number supported per port 36-4

policing

aggregate in input policy maps 36-18

described 36-2

individual in input policy maps 36-16

priority in output policy maps 36-20

QoS 36-16

policy-based routing

See PBR

policy-map command 36-3

policy-map marking, configuration guidelines 36-58

policy maps

attaching 36-4, 36-44

configuration examples 36-100

described 36-16

input

configuring 36-45

described 36-4

output

configuring 36-65

described 36-4

port ACLs

defined 33-2

types of 33-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-5

authentication server

defined 9-3

RADIUS server 9-3

client, defined 9-2

configuration guidelines 9-12

configuring

802.1x authentication 9-13

host mode 9-21

manual re-authentication of a client 9-18

periodic re-authentication 9-17

quiet period 9-18

RADIUS server 9-15

RADIUS server parameters on the switch 9-14

switch-to-client frame-retransmission number 9-20

switch-to-client retransmission time 9-19

violation modes 9-17

default configuration 9-11

described 9-1

device roles 9-2

displaying statistics 9-26

EAPOL-start frame 9-3

EAP-request/identity frame 9-3

EAP-response/identity frame 9-3

encapsulation 9-3

host mode 9-6

initiation and message exchange 9-3

maximum number of allowed devices per port 9-13

method lists 9-13

multiple-hosts mode, described 9-6

ports

authorization state and dot1x port-control command 9-4

authorized and unauthorized 9-4

port security

described 9-7

readiness check

configuring 9-16

described 9-7, 9-16

resetting to default values 9-22

statistics, displaying 9-26

switch

as proxy 9-3

RADIUS client 9-3

switch supplicant

configuring 9-24

overview 9-9

user distribution

guidelines 9-8

overview 9-8

VLAN assignment

AAA authorization 9-13

characteristics 9-7

configuration tasks 9-8

described 9-7

port blocking 1-2, 24-6

port-channel

See EtherChannel

Port Fast

described 18-2

enabling 18-6

support for 1-6

port membership modes, VLAN 13-4

port priority

MSTP 17-19

STP 16-17

ports

access 11-4

blocking 24-6

dual-purpose 11-6

dynamic access 13-5

IEEE 802.1Q tunnel 13-5

protected 24-5

REP 19-6

routed 11-5

secure 24-8

static-access 13-5, 13-11

switch 11-3

trunks 13-5, 13-15

VLAN assignments 13-11

port security

aging 24-15

and private VLANs 24-16

configuration guidelines 24-10

configuring 24-12

default configuration 24-10

described 24-8

displaying 24-18

enabling 24-17

on trunk ports 24-13

sticky learning 24-9

violations 24-9

with other features 24-10

port shaping

configuring 36-70

described 36-27

port-shutdown response, VMPS 13-24

port types 11-2

power 26-7

power management TLV 26-7

PPPoE IA

clearing counters 10-12

configuring

interface 10-5

switch 10-2

vlan 10-9

debugging 10-13

displaying configuration 10-11

etherchannel 10-2

overview 10-1

restrictions 10-2

troubleshooting 10-13

preempt delay time, REP 19-5

preemption, default configuration 20-7

preemption delay, default configuration 20-7

preferential treatment of traffic

See QoS

prefix lists, BGP 34-54

preventing unauthorized access 8-1

primary edge port, REP 19-4

primary interface for object tracking, DHCP, configuring 43-11

primary interface for static routing, configuring 43-10

primary links 20-2

primary VLANs 14-1, 14-3

priority

HSRP 41-7

priority command 36-20

configuring strict priority queuing 36-71

for QoS scheduling 36-26

for strict priority queuing 36-30

priority policing, described 36-20

priority queues

configuring 36-71

described 36-30

for QoS scheduling 36-26

priority with police 36-31

commands 36-20

configuring 36-73

described 36-30

priority with unconditional policing, QoS 36-26

private VLANs

across multiple switches 14-4

and SVIs 14-5

and UNI VLANs 13-13

benefits of 14-1

community ports 14-3

community VLANs 14-2, 14-3

configuration guidelines 14-6, 14-7, 14-8

configuration tasks 14-6

configuring 14-10

default configuration 14-6

end station access to 14-3

IP addressing 14-4

isolated port 14-2

isolated VLANs 14-2, 14-3

mapping 14-13

monitoring 14-15

ports

community 14-3

configuration guidelines 14-8

configuring host ports 14-11

configuring promiscuous ports 14-12

described 13-5

isolated 14-2

promiscuous 14-2

primary VLANs 14-1, 14-3

promiscuous ports 14-2

secondary VLANs 14-2

subdomains 14-1

traffic in 14-5

privileged EXEC mode 2-2

privilege levels

changing the default for lines 8-9

exiting 8-9

logging into 8-9

overview 8-2, 8-7

setting a command with 8-8

promiscuous ports

configuring 14-12

defined 14-2

protected ports 24-5

protocol control packets 35-1

protocol-dependent modules, EIGRP 34-35

Protocol-Independent Multicast Protocol

See PIM

provider edge devices 1-18, 34-84

proxy ARP

configuring 34-10

definition 34-8

with IP routing disabled 34-10

proxy reports 20-3

PVST+

802.1Q trunking interoperability 16-11

described 16-9

instances supported 16-10

Q

QinQ

See IEEE 802.1Q tunneling

QinQ QoS classification

configuration examples 36-86

QoS

802.1ad, configuring 36-90

aggregate policers 36-18

and MQC 36-1

basic model 36-2

CBWFQ 36-28

CBWFQ, configuring 36-67

CIR bandwidth 36-29

class-based shaping, described 36-27

classification

ACL lookup 36-11

based on CoS value 36-8

based on DSCP 36-9

based on IP precedence 36-9

based on QoS group 36-12

based on VLAN IDs 36-13, 36-60

class maps, described 36-7

comparisons 36-10

criteria 36-6

in frames and packets 36-6

policy maps, described 36-16

class maps, configuration guidelines 36-41

class maps, configuring 36-41

configuration examples

adding customers 36-102

adding or deleting a class 36-105

adding or deleting classification criteria 36-102, 36-103

adding or deleting configured actions 36-104

changing queuing or scheduling parameters 36-104

configuration guidelines

aggregate policers 36-54

CBWFQ 36-67

class-based shaping 36-69

class maps 36-41

general 36-35

individual policers 36-46

input policy maps 36-45

marking 36-58

output policy maps 36-65

unconditional priority policing 36-73

WTD 36-76

configuring

aggregate policers 36-54

class-based shaping 36-69

classification with IP ACLs 36-37

class maps 36-41

individual policers 36-47, 36-50

individual policing 36-46, 36-63

input policy maps with marking 36-58

IP ACLs 36-37

MAC ACLs 36-40

output policy maps 36-65

port shaping 36-70

priority queues 36-71

queue size 36-32

requirements 36-35

service policies 36-44

strict priority queuing 36-71

table maps 36-43

unconditional priority policing 36-73

WTD 36-75, 36-76

congestion avoidance 36-2, 36-32

congestion management 36-2, 36-26

CPU-generated traffic

configuring output policy classification criteria 36-5

configuring QoS group number 36-12

configuring queue-limit 36-76

output remarking 36-6

default configuration 36-35

initial configuration example 36-100

input policy maps

configuring 36-45

described 36-5

IP packet classification 36-6

Layer 2 packet classification 36-6

Layer 3 packet classification 36-6

marking, described 36-2

match command 36-7

output policy maps

configuring 36-66

described 36-5

overview 36-1

packet classification 36-2

packet marking 36-21

packet policing 36-2

parent-child hierarchy 36-13, 36-28

parent-level VLAN class 36-80

per-port, per-VLAN hierarchical policy maps

configuring 36-60

described 36-13

policers

configuring 36-47, 36-50, 36-56, 36-74

described 36-16

policing

aggregate 36-18

described 36-2, 36-16

individual 36-16

priority 36-20

policy maps

attaching 36-44

attaching to an interface 36-19

displaying statistics 36-99

port shaping, described 36-27

preconfiguration 36-35

priority policing, described 36-20

priority with police 36-30

queue size 36-32

scheduling 36-26

CBWFQ 36-26

priority queuing 36-26

traffic shaping 36-26

strict priority queuing 36-30

support for 1-9

table maps 36-15

testing 36-99

traffic shaping, described 36-26

unconditional priority policing 36-30

WTD 36-32

QoS ACL

configuration guidelines 36-37

QoS ACLs

configuring IP extended 36-39

configuring IP standard 36-37, 36-38

configuring MAC 36-40

QoS groups

classification 36-12, 36-13, 36-60

described 36-5, 36-12

QoS information, displaying 36-99

quality of service

See QoS

queries, IGMP 23-3

query solicitation, IGMP 23-11

queue bandwidth and queue size, relationship 36-34

queue-limit command, QoS 36-32, 36-33, 36-75

queue size, QoS, managing 36-32

R

RADIUS

attributes

vendor-proprietary 8-31

vendor-specific 8-30

configuring

accounting 8-29

authentication 8-24

authorization 8-28

communication, global 8-22, 8-30

communication, per-server 8-21, 8-22

multiple UDP ports 8-22

default configuration 8-21

defining AAA server groups 8-26

displaying the configuration 8-32

identifying the server 8-21

limiting the services to the user 8-28

method list, defined 8-21

operation of 8-19

overview 8-18

server load balancing 8-32

suggested network environments 8-18

support for 1-8

tracking services accessed by user 8-29

range

macro 11-10

of interfaces 11-9

rapid convergence 17-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability 16-11

described 16-9

instances supported 16-10

Rapid Spanning Tree Protocol

See RSTP

RARP 34-8

rate-limiting threshold, CPU protection 35-6

RCP

configuration files

downloading A-17

overview A-15

preparing the server A-16

uploading A-18

image files

deleting old image A-35

downloading A-33

preparing the server A-32

uploading A-35

reachability, tracking IP SLAs IP host 43-9

readiness check

port-based authentication

configuring 9-16

described 9-7, 9-16

reconfirmation interval, VMPS, changing 13-27

reconfirming dynamic VLAN membership 13-27

recovery procedures 48-1

redundancy

EtherChannel 37-3

GLBP 41-13

HSRP 41-2

STP

backbone 16-8

path cost 13-21

port priority 13-20

reliable transport protocol, EIGRP 34-35

reloading software 3-22

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

remote failure indications 44-34

remote failure indications, Ethernet OAM 44-40

remote loopback, Ethernet OAM 44-34, 44-36

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 28-2

REP

administrative VLAN 19-8

administrative VLAN, configuring 19-8

age timer 19-8

and STP 19-6

configuration guidelines 19-7

configuring interfaces 19-9

convergence 19-4

default configuration 19-7

manual preemption, configuring 19-13

monitoring 19-14

neighbor offset numbers 19-4

open segment 19-2

ports 19-6

preempt delay time 19-5

primary edge port 19-4

ring segment 19-2

secondary edge port 19-4

segments 19-1

characteristics 19-2

SNMP traps, configuring 19-13

supported interfaces 19-1

triggering VLAN load balancing 19-5

verifying link integrity 19-3

VLAN blocking 19-12

VLAN load balancing 19-4

report suppression, IGMP

described 23-6

disabling 23-14, 39-11

resequencing ACL entries 33-14

reserved addresses in DHCP pools 21-17

resets, in BGP 34-49

resetting a UDLD-shutdown interface 27-6

Resilient Ethernet Protocol

See REP

responder, IP SLAs

described 42-4

enabling 42-7

response time, measuring with IP SLAs 42-4

restricting access

NTP services 5-8

overview 8-1

passwords and privilege levels 8-2

RADIUS 8-18

TACACS+ 8-10

restrictions 45-3

retry count, VMPS, changing 13-27

reverse address resolution 34-7

Reverse Address Resolution Protocol

See RARP

RFC

1112, IP multicast and IGMP 23-2

1157, SNMPv1 31-2

1305, NTP 5-2

1587, NSSAs 34-23

1757, RMON 29-2

1901, SNMPv2C 31-2

1902 to 1907, SNMPv2 31-2

2236, IP multicast and IGMP 23-2

2273-2275, SNMPv3 31-2

2475, DSCP 36-10

2597, AF per-hop behavior 36-10

2598, EF 36-10

RIP

advertisements 34-18

authentication 34-21

configuring 34-19

default configuration 34-18

described 34-18

for IPv6 38-7

hop counts 34-18

summary addresses 34-22

support for 1-10

RMON

default configuration 29-3

displaying status 29-6

enabling alarms and events 29-3

groups supported 29-2

overview 29-1

statistics

collecting group Ethernet 29-5

collecting group history 29-5

support for 1-12

root guard

described 18-4

enabling 18-10

support for 1-6

root switch

MSTP 17-17

STP 16-15

route calculation timers, OSPF 34-31

route dampening, BGP 34-61

routed packets, ACLs on 33-40

routed ports

configuring 34-3

defined 11-5

IP addresses on 11-25, 34-3

route-map command 34-106

route maps

BGP 34-52

policy-based routing 34-104

router ACLs

defined 33-2

types of 33-4

route reflectors, BGP 34-60

router ID, OSPF 34-33

route selection, BGP 34-50

route summarization, OSPF 34-31

route targets, VPN 34-85

routing

default 34-2

dynamic 34-3

IPv6 traffic 38-2

redistribution of information 34-101

static 34-2

routing domain confederation, BGP 34-59

Routing Information Protocol

See RIP

routing protocol administrative distances 34-99

RSPAN

characteristics 28-7

configuration guidelines 28-16

default configuration 28-9

defined 28-2

destination ports 28-6

displaying status 28-22

interaction with other features 28-8

monitored ports 28-5

monitoring ports 28-6

overview 1-12, 28-1

received traffic 28-4

session limits 28-10

sessions

creating 28-17

defined 28-3

limiting source traffic to specific VLANs 28-21

specifying monitored ports 28-17

with ingress traffic enabled 28-20

source ports 28-5

transmitted traffic 28-5

VLAN-based 28-6

RSPAN VLANs, and UNI VLANs 13-13

RSTP

active topology 17-9

BPDU

format 17-12

processing 17-13

designated port, defined 17-9

designated switch, defined 17-9

interoperability with 802.1D

described 17-8

restarting migration process 17-26

topology changes 17-13

overview 17-8

port roles

described 17-9

synchronized 17-11

proposal-agreement handshake process 17-10

rapid convergence

described 17-10

edge ports and Port Fast 17-10

point-to-point links 17-10, 17-25

root ports 17-10

root port, defined 17-9

See also MSTP

running configuration

replacing A-19, A-20

rolling back A-19, A-20

running configuration, saving 3-15

S

scheduled reloads 3-22

scheduling, IP SLAs operations 42-5

scheduling, QoS 36-26

SCP

and SSH 8-42

configuring 8-42

SDM

described 7-1

templates

configuring 7-4

number of 7-1

SDM template

configuration guidelines 7-4

configuring 7-3

default 7-1

dual IPv4 and IPv6 7-2

layer 2 7-1

types of 7-1

secondary edge port, REP 19-4

secondary VLANs 14-2

Secure Copy Protocol

secure MAC addresses

deleting 24-14

maximum number of 24-9

types of 24-8

secure ports, configuring 24-8

secure remote connections 8-38

Secure Shell

See SSH

security, port 24-8

security features 1-7

See SCP

sequence numbers in log messages 30-8

service-policy command

attaching policy maps 36-4

guidelines 36-66

using 36-44

service-provider network, MSTP and RSTP 17-1

service-provider networks

and customer VLANs 15-2

and IEEE 802.1Q tunneling 15-2

Layer 2 protocols across 15-20

Layer 2 protocol tunneling for EtherChannels 15-22

set command

for QoS marking 36-21

guidelines 36-58

set-request operation 31-4

severity levels, defining in system messages 30-8

SFPs

monitoring status of 1-12, 11-30, 48-9

security and identification 48-8

status, displaying 1-12

shape average command, QoS 36-26, 36-27, 36-69

shaped round robin

See SRR

show access-lists hw-summary command 33-21

show and more command output, filtering 2-8

show cdp traffic command 25-5

show configuration command 11-24

show forward command 48-19

show interfaces command 11-20, 11-24

show interfaces switchport 20-4

show l2protocol command 15-26, 15-27, 15-28

show lldp traffic command 26-8

show platform forward command 48-19

show running-config command

displaying ACLs 33-19, 33-20, 33-32, 33-34

interface description in 11-24

shutdown command on interfaces 11-31

shutdown threshold for Layer 2 protocol packets 15-23

Simple Network Management Protocol

See SNMP

single session ID 9-10

SMNP traps, and CFM 44-5

SNAP 25-1

SNMP

accessing MIB variables with 31-4

agent

described 31-4

disabling 31-8

and IP SLAs 42-2

authentication level 31-11

community strings

configuring 31-8

overview 31-4

configuration examples 31-21

default configuration 31-7

engine ID 31-7

groups 31-7, 31-10

host 31-7

ifIndex values 31-5

in-band management 1-4

informs

and trap keyword 31-12

described 31-5

differences from traps 31-5

disabling 31-16

enabling 31-16

limiting access by TFTP servers 31-17

limiting system log messages to NMS 30-10

manager functions 1-3, 31-3

notifications 31-5

overview 31-1, 31-4

security levels 31-3

setting CPU threshold notification 31-16

status, displaying 31-23

system contact and location 31-17

trap manager, configuring 31-14

traps

described 31-4, 31-5

differences from informs 31-5

disabling 31-16

enabling 31-12

enabling MAC address notification 5-22, 5-24, 5-25

overview 31-1, 31-4

types of 31-13

users 31-7, 31-10

versions supported 31-2

SNMP and Syslog Over IPv6 38-7

SNMP traps

REP 19-13

SNMPv1 31-2

SNMPv2C 31-2

SNMPv3 31-3

snooping, IGMP 23-1

software images

location in flash A-23

recovery procedures 48-2

scheduling reloads 3-23

tar file format, described A-24

See also downloading and uploading

source addresses

in IPv6 ACLs 40-5

source addresses, in IPv4 ACLs 33-11

source-and-destination-IP address based forwarding, EtherChannel 37-8

source-and-destination MAC address forwarding, EtherChannel 37-8

source-IP address based forwarding, EtherChannel 37-8

source-MAC address forwarding, EtherChannel 37-7

Source-specific multicast

See SSM

SPAN

configuration guidelines 28-10

default configuration 28-9

destination ports 28-6

displaying status 28-22

interaction with other features 28-8

monitored ports 28-5

monitoring ports 28-6

overview 1-12, 28-1

ports, restrictions 24-11

received traffic 28-4

session limits 28-10

sessions

configuring ingress forwarding 28-14, 28-21

creating 28-11

defined 28-3

limiting source traffic to specific VLANs 28-15

removing destination (monitoring) ports 28-12

specifying monitored ports 28-11

with ingress traffic enabled 28-13

source ports 28-5

traffic 28-4

transmitted traffic 28-5

VLAN-based 28-6

spanning tree and native VLANs 13-16

Spanning Tree Protocol

See STP

speed, configuring on interfaces 11-18

SRR, support for 1-9

SSH

configuring 8-39

cryptographic software image 8-38

described 1-4, 8-38

encryption methods 8-38

user authentication methods, supported 8-38

SSM

address management restrictions 46-16

CGMP limitations 46-16

components 46-14

configuration guidelines 46-16

configuring 46-14, 46-17

differs from Internet standard multicast 46-14

IGMP snooping 46-16

IGMPv3 46-14

IGMPv3 Host Signalling 46-15

IP address range 46-15

monitoring 46-17

operations 46-15

PIM 46-14

state maintenance limitations 46-16

SSM mapping

configuration guidelines 46-17

configuring 46-17, 46-20

defined 46-17

DNS-based 46-19, 46-20

monitoring 46-22

overview 46-18

restrictions 46-18

static 46-18, 46-20

static traffic forwarding 46-21

standby ip command 41-6

standby links 20-2

standby router 41-2

standby timers, HSRP 41-10

startup configuration

booting

manually 3-20

specific image 3-20

clearing A-19

configuration file

automatically downloading 3-19

specifying the filename 3-19

default boot configuration 3-19

static access ports

assigning to VLAN 13-11

defined 11-4, 13-5

static addresses

See addresses

static IP routing 1-11

static MAC addressing 1-8

static route primary interface, configuring 43-10

static routes

understanding 38-7

static routes, configuring 34-98

static routing 34-2

static SSM mapping 46-18, 46-20

static traffic forwarding 46-21

static VLAN membership 13-2

statistics

802.1x 9-26

CDP 25-5

interface 11-29

IP multicast routing 46-46

LLDP 26-8

LLDP-MED 26-8

OSPF 34-34

RMON group Ethernet 29-5

RMON group history 29-5

SNMP input and output 31-23

sticky learning 24-9

storm control

configuring 24-3

described 24-1

disabling 24-5

displaying 24-18

support for 1-2

thresholds 24-1

STP

and REP 19-6

BPDU filtering

described 18-3

disabling 18-9

enabling 18-8

BPDU guard

described 18-3

disabling 18-8

enabling 18-7

BPDU message exchange 16-3

configuration guidelines 16-12, 18-6

configuring

forward-delay time 16-22

hello time 16-21

maximum aging time 16-22

path cost 16-19

port priority 16-17

root switch 16-15

secondary root switch 16-17

spanning-tree mode 16-14

switch priority 16-20

counters, clearing 16-23

default configuration 16-11

default optional feature configuration 18-5

designated port, defined 16-4

designated switch, defined 16-4

disabling 16-15

displaying status 16-23

EtherChannel guard

described 18-3

disabling 18-10

enabling 18-9

extended system ID

effects on root switch 16-15

effects on the secondary root switch 16-17

overview 16-4

unexpected behavior 16-16

features supported 1-5

IEEE 802.1D and bridge ID 16-4

IEEE 802.1D and multicast addresses 16-9

IEEE 802.1t and VLAN identifier 16-4

inferior BPDU 16-3

instances supported 16-10

interface state, blocking to forwarding 18-2

interface states

blocking 16-6

disabled 16-7

forwarding 16-6, 16-7

learning 16-7

listening 16-6

overview 16-4

interoperability and compatibility among modes 16-10

keepalive messages 16-3

Layer 2 protocol tunneling 15-20

limitations with 802.1Q trunks 16-11

load sharing

overview 13-19

using path costs 13-21

using port priorities 13-20

loop guard

described 18-5

enabling 18-10

modes supported 16-9

multicast addresses, effect of 16-9

optional features supported 1-6

overview 16-2

path costs 13-21, 13-22

Port Fast

described 18-2

enabling 18-6

port priorities 13-20

preventing root switch selection 18-4

protocols supported 16-9

redundant connectivity 16-8

root guard

described 18-4

enabling 18-10

root port, defined 16-3

root switch

configuring 16-15

effects of extended system ID 16-4, 16-15

election 16-3

unexpected behavior 16-16

status, displaying 16-23

superior BPDU 16-3

timers, described 16-21

stratum, NTP 5-2

strict priority queuing 36-71

configuration guidelines 36-71

configuring 36-72

defined 36-30

QoS 36-30

stub areas, OSPF 34-30

stub routing, EIGRP 34-40

subdomains, private VLAN 14-1

subnet mask 34-5

subnet zero 34-5

success response, VMPS 13-24

summer time 5-13

S-UNI isolated ports 15-18

S-UNIs 15-13

SunNet Manager 1-3

supernet 34-6

SVIs

and IP unicast routing 34-3

and router ACLs 33-4

connecting VLANs 11-7

defined 11-5

routing between VLANs 13-2

S-VLAN 15-7

S-VLAN and C-VLAN in parent policy maps 36-80

switch 38-2

switch console port 1-4

Switch Database Management

See SDM

switched packets, ACLs on 33-39

Switched Port Analyzer

See SPAN

switched ports 11-3

switchport backup interface 20-4, 20-5

switchport block multicast command 24-7

switchport block unicast command 24-7

switchport command 11-15

switchport mode dot1q-tunnel command 15-7

switchport protected command 24-6

switch priority

MSTP 17-22

STP 16-20

switch software features 1-1

switch virtual interface

See SVI

synchronization, BGP 34-46

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-2

See also NTP

system message logging

default configuration 30-3

defining error message severity levels 30-8

disabling 30-4

displaying the configuration 30-13

enabling 30-4

facility keywords, described 30-13

level keywords, described 30-9

limiting messages 30-10

message format 30-2

overview 30-1

sequence numbers, enabling and disabling 30-8

setting the display destination device 30-5

synchronizing log messages 30-6

syslog facility 1-12

time stamps, enabling and disabling 30-7

UNIX syslog servers

configuring the daemon 30-12

configuring the logging facility 30-12

facilities supported 30-13

system MTU

and IEEE 802.1Q tunneling 15-5

and IS-IS LSPs 34-68

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-15

system resources, optimizing 7-1

system routing

IS-IS 34-63

ISO IGRP 34-63

System-to-Intermediate System Protocol

See IS-IS

T

table maps

default actions 36-15

described 36-15

for QoS marking 36-21

QoS

configuration guidelines 36-43

configuring QoS table maps 36-43

supported table maps 36-15, 36-43

QoS, configuring 36-43

TACACS+

accounting, defined 8-11

authentication, defined 8-11

authorization, defined 8-11

configuring

accounting 8-17

authentication key 8-13

authorization 8-16

login authentication 8-14

default configuration 8-13

displaying the configuration 8-17

identifying the server 8-13

limiting the services to the user 8-16

operation of 8-12

overview 8-10

support for 1-8

tracking services accessed by user 8-17

tagged packets

IEEE 802.1Q 15-4

Layer 2 protocol 15-20

tar files

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-24

TCL script, registering and defining with embedded event manager 32-7

TDR 1-12

Telnet

accessing management interfaces 2-9

number of connections 1-4

setting a password 8-6

templates

Ethernet OAM 44-40

SDM 7-2

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 8-6

terminal loopback

defined 44-44

TFTP

configuration files

downloading A-11

preparing the server A-10

uploading A-11

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting A-27

downloading A-26

preparing the server A-25

uploading A-27

limiting access by servers 31-17

TFTP server 1-3

threshold, traffic level 24-2

threshold monitoring, IP SLAs 42-6

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 33-16

time ranges in ACLs 33-16

time stamps in log messages 30-7

time-to-live 34-15

time zones 5-12

TLVs

defined 26-1

LLDP 26-2

LLDP-MED 26-2

traceroute, Layer 2

and ARP 48-14

and CDP 48-13

broadcast traffic 48-13

described 48-13

IP addresses and subnets 48-14

MAC addresses and VLANs 48-13

multicast traffic 48-13

multiple devices on a port 48-14

unicast traffic 48-13

usage guidelines 48-13

traceroute command 48-15

See also IP traceroute

tracked lists

configuring 43-3

types 43-3

tracked objects

by Boolean expression 43-4

by threshold percentage 43-6

by threshold weight 43-5

tracking interface line-protocol state 43-2

tracking IP routing state 43-2

tracking objects 43-1

tracking process 43-1

track state, tracking IP SLAs 43-9

traffic

blocking flooded 24-7

fragmented 33-5

fragmented IPv6 40-2

unfragmented 33-5

traffic class, defined 36-3

traffic classification, typical values 36-10

traffic marking 36-21

traffic policies, elements in 36-3

traffic shaping

for QoS scheduling 36-26

QoS traffic control 36-26

traffic suppression 24-1

trap-door mechanism 3-2

traps

configuring MAC address notification 5-22, 5-24, 5-25

configuring managers 31-12

defined 31-4

enabling 5-22, 5-24, 5-25, 31-12

notification types 31-13

overview 31-1, 31-4

troubleshooting 45-18

connectivity problems 48-9, 48-13, 48-14

detecting unidirectional links 27-1

displaying crash information 48-21

PIMv1 and PIMv2 interoperability problems 46-33

setting packet forwarding 48-19

SFP security and identification 48-8

show forward command 48-19

with CiscoWorks 31-4

with debug commands 48-17

with ping 48-10

with system message logging 30-1

with traceroute 48-14

trunk failover

See link-state tracking

trunking encapsulation 1-7

trunk ports

configuring 13-17

defined 11-4, 13-5

trunks

allowed-VLAN list 13-18

load sharing

setting STP path costs 13-21

using STP port priorities 13-20

native VLAN for untagged traffic 13-19

parallel 13-21

tunneling

802.1Q and QoS 36-78

defined 15-1

IEEE 802.1Q 15-2

Layer 2 protocol 15-20

tunnel ports

defined 13-5

described 11-4, 15-2

IEEE 802.1Q, configuring 15-6

incompatibilities with other features 15-6

twisted-pair Ethernet, detecting unidirectional links 27-1

two-way ETH-DM 45-3

U

UDLD

configuration guidelines 27-4

default configuration 27-4

disabling

globally 27-5

on fiber-optic interfaces 27-5

per interface 27-5

echoing detection mechanism 27-2

enabling

globally 27-5

per interface 27-5

Layer 2 protocol tunneling 15-22

link-detection mechanism 27-1

neighbor database 27-2

overview 27-1

resetting an interface 27-6

status, displaying 27-6

support for 1-5

UDP

datagrams 34-15

defined

forwarding 34-14

UDP, configuring 34-14

UDP jitter, configuring 42-9

UDP jitter operation, IP SLAs 42-8

unauthorized ports with 802.1x 9-4

unconditional priority policing

configuration guidelines 36-73

priority with police 36-30

UN-ENI VLANs

defined 13-5

UNI

configuring 11-17

described 11-2

protocol control packets on 35-1

unicast MAC address filtering

and adding static addresses 5-29

and broadcast MAC addresses 5-28

and CPU packets 5-28

and multicast addresses 5-28

and router MAC addresses 5-28

configuration guidelines 5-28

described 5-28

unicast storm 24-1

unicast storm control command 24-4

unicast traffic, blocking 24-7

UNI community VLAN 13-6

UniDirectional Link Detection protocol

See UDLD

UNI isolated VLAN 13-6

UNIs, remote (CFM) 44-48

UNI VLANs

and private VLANs 13-13

and RSPAN VLANs 13-13

configuration guidelines 13-12

configuring 13-13

UNIX syslog servers

daemon configuration 30-12

facilities supported 30-13

message logging configuration 30-12

upgrading software images

See downloading

upgrading with CNS 4-14

uploading

configuration files

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-14

using RCP A-18

using TFTP A-11

image files

preparing A-25, A-28, A-32

reasons for A-23

using FTP A-31

using RCP A-35

using TFTP A-27

usage guidelines

Layer 2 traceroute 48-13

User Datagram Protocol

See UDP

user EXEC mode 2-2

username-based authentication 8-6

user network interface

See UNI

V

VACLs

logging

configuration example 33-38

verifying frame delay 45-13

Virtual Private Network

See VPN

virtual router 41-2, 41-13

vlan.dat file 13-3

VLAN 1

disabling on a trunk port 13-18

minimization 13-18

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 13-24

VLAN blocking, REP 19-12

VLAN configuration mode 2-2

VLAN database

VLAN configuration saved in 13-10

VLANs saved in 13-3

vlan dot1q tag native command 15-5

VLAN filtering and SPAN 28-6

vlan global configuration command 13-7, 13-9

VLAN ID

discovering 5-31

service provider 15-8

VLAN ID translation

See VLAN mapping

VLAN load balancing

configuration guidelines on flex links 20-8

on flex links 20-2

REP 19-4

triggering 19-5

VLAN loopback

defined 44-44

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 33-30

VLAN mapping

1-to-1 15-8

1-to-1, configuring 15-10

configuration guidelines 15-9

configuring 15-10

configuring on a trunk port 15-10

default 15-9

described 15-7

selective QinQ 15-8

selective Q-in-Q, configuring 15-12

traditional QinQ 15-8

traditional Q-in-Q, configuring 15-11

types of 15-8

VLAN maps

applying 33-34

common uses for 33-34

configuration guidelines 33-30

configuring 33-30

creating 33-31

defined 33-2, 33-5

denying access to a server example 33-35

denying and permitting packets 33-32

displaying 33-42

examples of ACLs and VLAN maps 33-32

removing 33-34

support for 1-8

wiring closet configuration example 33-35

with router ACLs 33-41

VLAN membership

confirming 13-27

modes 13-5

VLAN Query Protocol

See VQP

VLANs

adding 13-9

aging dynamic addresses 16-9

allowed on trunk 13-18

and spanning-tree instances 13-3, 13-9

configuration guidelines 13-8

configuration guidelines, normal-range VLANs 13-8

configuring 13-1

connecting through SVIs 11-7

customer numbering in service-provider networks 15-3

default configuration 13-7

described 11-2, 13-1

displaying 13-14

extended-range 13-1

features 1-6

illustrated 13-2

internal 13-9

limiting source traffic with RSPAN 28-21

limiting source traffic with SPAN 28-15

modifying 13-9

multicast 23-15

native, configuring 13-19

normal-range 13-1, 13-3

number supported 1-6

parameters 13-3

port membership modes 13-4

static-access ports 13-11

STP and 802.1Q trunks 16-11

supported 13-3

traffic between 13-2

UNI 13-5

UNI community 13-6

UNI isolated 13-6

VLAN trunks 13-15

VMPS

administering 13-28

configuration example 13-28

configuration guidelines 13-25

default configuration 13-25

description 13-23

dynamic port membership

described 13-24

reconfirming 13-27

troubleshooting 13-28

mapping MAC addresses to VLANs 13-23

monitoring 13-28

reconfirmation interval, changing 13-27

reconfirming membership 13-27

retry count, changing 13-27

VPN

configuring routing in 34-91

forwarding 34-85

in service provider networks 34-83

routes 1-18, 34-84

VPN routing and forwarding table

See VRF

VQP 1-6, 13-23

VRF

defining 34-85

tables 1-18, 34-83

VRF-aware services

ARP 34-88

configuring 34-87

ftp 34-90

HSRP 34-89

ping 34-88

RADIUS 34-90

SNMP 34-88

syslog