- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Administering the Switch
- Configuring Switch Alarms
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring the PPPoE Intermediate Agent
- Configuring Interface Characteristics
- Configuring Command Macros
- Configuring VLANs
- Configuring Private VLANs
- Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring Optional Spanning-Tree Features
- Configuring Resilient Ethernet Protocol
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring LLDP and LLDP-MED
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Embedded Event Manager
- Configuring Network Security wit
- Configuring Control-Plane Security
- Configuring QoS
- Configuring EtherChannels and Link State Tracking
- Configuring IP Unicast Routing
- Configuring IPv6 Unicast Routing
- Configuring IPv6 MLD Snooping
- Configuring IPv6 ACLs
- Configuring HSRP, VRRP, and GLBP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Enhanced Object Tracking
- Configuring Ethernet OAM, CFM, and E-LMI
- Configuring Y.1731 Performance Monitoring
- Configuring IP Multicast Routing
- Configuring MSDP
- Troubleshooting
- Configuring Online Diagnostics
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(58)EZ
- Index
Index
Numerics
1-rate, 2-color policing 36-16
2-rate, 3-color policing 36-17
802.1ad
configuration guidelines 15-14
configuring 15-13
supported features 15-13
802.1ad EtherChannels
configuration example 15-15
configuration guidelines 15-14, 15-15
802.1ad ports 36-5
802.1ad QoS
configuration examples 36-91
configuration guidelines 36-90
configuring 36-90
802.1ad split horizon
configuration guidelines 15-14
configuring 15-18
802.1Q ports and CoS mapping 36-8
802.1Q tag for ingress QoS classification 36-78
802.1Q tunneling
QoS classification 36-78
A
abbreviating commands 2-3
ABRs 34-23
access-class command 33-18
access control entries
access-denied response, VMPS 13-24
access groups
applying IPv4 ACLs to interfaces 33-19
Layer 2 33-19
Layer 3 33-20
access lists
access ports
and Layer 2 protocol tunneling 15-23
defined 11-4
accounting
with RADIUS 8-29
ACEs
defined 33-2
Ethernet 33-2
IP 33-2
ACL classification, QoS 36-11
ACLs
ACEs 33-2
applying
on multicast packets 33-41
on routed packets 33-40
on switched packets 33-39
time ranges to 33-16
to IPv6 interfaces 40-7
applying to QoS 36-11
classifying traffic for QoS 36-37
comments in 33-18
compiling 33-22
examples of 33-22
extended IPv4
creating 33-10
matching criteria 33-7
hardware and software handling 33-20
IP
creating 33-7
implicit deny 33-9, 33-13, 33-15
implicit masks 33-9
matching criteria 33-7
undefined 33-20
IPv4
applying to interfaces 33-19
creating 33-7
matching criteria 33-7
named 33-14
numbers 33-8
terminal lines, setting on 33-18
unsupported features 33-6
IPv6
applying to interfaces 40-7
displaying 40-8
interactions with other features 40-4
limitations 40-3
matching criteria 40-3
named 40-3
precedence of 40-2
supported 40-2
unsupported features 40-3
Layer 4 information in 33-39
logging messages 33-8
MAC extended 33-27
named
IPv6 40-3
named, IPv4 33-14
names 40-4
precedence of 33-2
QoS 36-11
resequencing entries 33-14
router ACLs and VLAN map configuration guidelines 33-38
standard IPv4
creating 33-9
matching criteria 33-7
support for 1-8
support in hardware 33-20
time ranges 33-16
types supported 33-2
unsupported features
IPv6 40-3
unsupported features, IPv4 33-6
using router ACLs with VLAN maps 33-38
VLAN maps
configuration guidelines 33-30
configuring 33-30
ACLs, QoS, configuring 36-37
active links 20-2
active router 41-2
active traffic monitoring, IP SLAs 42-1
address aliasing 23-2
addresses
displaying the MAC address table 5-31
dynamic
accelerated aging 16-9
changing the aging time 5-21
default aging 16-9
defined 5-19
learning 5-20
removing 5-22
IPv6 38-2
MAC, discovering 5-31
multicast
group address range 46-2
STP address management 16-9
static
adding and removing 5-27
defined 5-19
Address Resolution Protocol
adjacency tables, with CEF 34-97
administrative distances
defined 34-109
OSPF 34-31
routing protocol defaults 34-99
administrative VLAN
REP, configuring 19-8
administrative VLAN, REP 19-8
advertisements
CDP 25-1
LLDP 26-1
RIP 34-18
age timer, REP 19-8
aggregatable global unicast addresses 38-3
aggregate addresses, BGP 34-58
aggregated ports
aggregate policers
configuration guidelines 36-54
configuring 36-54
described 36-18
aging, accelerating 16-9
aging time
accelerated
for MSTP 17-23
MAC address table 5-21
maximum
for MSTP 17-24
for STP 16-22
alarms, RMON 29-3
allowed-VLAN list 13-18
area border routers
area routing
IS-IS 34-63
ISO IGRP 34-63
ARP
configuring 34-8
encapsulation 34-9
static cache configuration 34-8
table
address resolution 5-31
managing 5-31
ASBRs 34-23
AS-path filters, BGP 34-53
assured forwarding, DSCP 36-9
asymmetrical links, and IEEE 802.1Q tunneling 15-4
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-30
authentication
EIGRP 34-39
HSRP 41-10
local mode with AAA 8-37
NTP associations 5-5
RADIUS
key 8-22
login 8-24
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authentication keys, and routing protocols 34-109
authentication manager
single session ID 9-10
authoritative time source, described 5-2
authorization
with RADIUS 8-28
authorized ports with 802.1x 9-4
autoconfiguration 3-3
auto enablement 9-9
autonegotiation
duplex mode 1-2
interface configuration guidelines 11-18
mismatches 48-8
autonomous system boundary routers
autonomous systems, in BGP 34-46
Auto-RP, described 46-6
autosensing, port speed 1-2
availability, features 1-5
B
backup interfaces
backup links 20-2
backup static routing, configuring 43-12
bandwidth, QoS, configuring 36-67
bandwidth command
for CBWFQ 36-26
QoS, configuring 36-67
QoS, described 36-28
with police command 36-30
bandwidth remaining percent command 36-30
banners
configuring
login 5-19
message-of-the-day login 5-18
default configuration 5-17
when displayed 5-17
Berkeley r-tools replacement 8-42
best-effort packet delivery 36-1
BGP
aggregate addresses 34-58
aggregate routes, configuring 34-58
CIDR 34-58
clear commands 34-62
community filtering 34-55
configuring neighbors 34-57
default configuration 34-44, 34-75
described 34-43
enabling 34-46
monitoring 34-62
multipath support 34-50
neighbors, types of 34-46
path selection 34-50
peers, configuring 34-57
prefix filtering 34-54
resetting sessions 34-49
route dampening 34-61
route maps 34-52
route reflectors 34-60
routing domain confederation 34-59
routing session with multi-VRF CE 34-91
show commands 34-62
supernets 34-58
support for 1-10
Version 4 34-43
binding database
DHCP snooping
See DHCP snooping binding database
bindings
DHCP snooping database 21-6
IP source guard 21-19
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-6
Boolean expressions in tracked lists 43-4
booting
boot loader, function of 3-2
boot process 3-1
manually 3-20
specific image 3-20
boot loader
accessing 3-21
described 3-2
environment variables 3-21
prompt 3-21
trap-door mechanism 3-2
bootstrap router (BSR), described 46-6
Border Gateway Protocol
BPDU
error-disabled state 18-3
filtering 18-3
RSTP format 17-12
BPDU filtering
described 18-3
disabling 18-9
enabling 18-8
support for 1-6
BPDU guard
described 18-3
disabling 18-8
enabling 18-7
support for 1-6
broadcast flooding 34-15
broadcast packets
directed 34-12
flooded 34-12
broadcast storm-control command 24-4
bulk statistics
defined 31-6
file 31-6
object list, configuring 31-18
object list, described 31-6
schema, configuring 31-18
schema, described 31-6
transfer 31-19
bulkstat object-list 31-18
bulkstat schema 31-18
byte-level statistics 36-17
C
cables, monitoring for unidirectional links 27-1
CBWFQ
and bandwidth command 36-28, 36-67
configuration guidelines 36-67
QoS scheduling 36-26
CDP
configuring 25-2
default configuration 25-2
defined with LLDP 26-1
described 25-1
disabling for routing device25-3to 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
Layer 2 protocol tunneling 15-20
monitoring 25-5
overview 25-1
support for 1-4
transmission timer and holdtime, setting 25-2
updates 25-2
CEF
defined 34-97
enabling 34-97
IPv6 38-21
CFM
and Ethernet OAM, configuring 44-56
and Ethernet OAM interaction 44-55
and OAM manager 44-49
and other features 44-8
and tunnels 44-8
clearing 44-31
configuration errors 44-6
configuration guidelines 44-8
configuring crosscheck 44-12
configuring fault alarms 44-16
configuring port MEP 44-14
configuring static remote MEP 44-13
configuring the network 44-8
continuity check messages 44-5
crosscheck 44-5
default configuration 44-7
defined 44-2
down MEPs 44-4
draft 1 44-4
draft 8.1 44-4
EtherChannel support 44-8
fault alarms
configuring 44-16
defined 44-5
IEEE 802.1ag 44-2
IP SLAs support for 44-6
IP SLAs with endpoint discovers 44-19
loopback messages 44-5
maintenance association 44-3
maintenance domain 44-2
maintenance point 44-3
manually configuring IP SLAs ping or jitter 44-18
measuring network performance 44-6
messages
continuity check 44-5
loopback 44-5
traceroute 44-5
on EtherChannel port channels 44-8
port MEP, configuring 44-14
remote MEPs 44-5
SNMP traps 44-5
static RMEP, configuring 44-13
static RMEP check 44-5
traceroute messages 44-5
types of messages 44-5
UNIs 44-4
up MEPs 44-4
version interoperability 44-6
Y.1731
described 44-23
child policies, QoS 36-13, 36-28
CIDR 34-58
Cisco Configuration Engine 1-3
Cisco Data Collection MIB 31-1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco IOS File System
Cisco IOS IP SLAs 42-1
Cisco Process MIB 31-1
CISP 9-9
CIST regional root
CIST root
civic location 26-3
class-based priority queuing, QoS 36-20
class-based shaping
configuration guidelines 36-69
configuring 36-69
for QoS 36-27
Class-Based-Weighted-Fair-Queuing
classification
based on ACL lookup 36-11
based on DEI bit 36-10
in packet headers 36-6
of 802.1ad frames 36-10
per-port per VLAN 36-13, 36-60
QoS comparisons 36-10
QoS group 36-12
classless interdomain routing
classless routing 34-6
class map
match-all option 36-7
match-any option 36-7
class-map command 36-3
class maps
for QinQ input policy maps 36-82
for QinQ output policy maps 36-85
class maps, QoS
configuring 36-41
described 36-7
class of service
class selectors, DSCP 36-9
clearing
Ethernet CFM 44-31
clearing interfaces 11-30
CLI
abbreviating commands 2-3
command modes 2-1
described 1-3
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
no and default forms of commands 2-4
Client Information Signalling Protocol
client processes, tracking 43-1
CLNS
clock
CNS
Configuration Engine
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-8
for upgrading 4-14
command-line interface
command macros
applying global parameter values 12-4
applying macros 12-4
applying parameter values 12-4
configuration guidelines 12-2
creating 12-3
default configuration 12-2
defined 12-1
displaying 12-5
tracing 12-2
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 8-8
common session ID
see single session ID 9-10
community list, BGP 34-56
community ports 14-3
community strings
configuring 31-8
overview 31-4
compatibility, feature 24-11
config.text 3-19
configurable leave timer, IGMP 23-5
configurable policer profiles 36-45
configuration, initial
defaults 1-12
configuration example
802.1ad EtherChannels 15-15
configuration examples
802.1ad QoS 36-91
network 1-15
policy maps 36-100
QoS
adding customers 36-102
adding or deleting a class 36-105
adding or deleting classification criteria 36-102, 36-103
adding or deleting configured actions 36-104
changing queuing or scheduling parameters 36-104
initial 36-100
QoS classification for QinQ 36-86
QoS marking and queuing, CPU-generated traffic 36-95
configuration files
archiving A-19
clearing the startup configuration A-19
creating using a text editor A-10
default name 3-19
deleting a stored configuration A-19
described A-8
downloading
automatically 3-19
reasons for A-8
using FTP A-13
using RCP A-17
using TFTP A-11
guidelines for creating and using A-9
guidelines for replacing and rolling back A-20
invalid combinations when copying A-5
limiting TFTP server access 31-17, 31-18, 31-19, 31-20
obtaining with DHCP 3-8
password recovery disable considerations 8-5
replacing a running configuration A-19, A-20
rolling back a running configuration A-19, A-20
specifying the filename 3-19
system contact and location information 31-17
types and location A-9
uploading
reasons for A-8
using FTP A-14
using RCP A-18
using TFTP A-11
configuration guidelines
802.1ad and split horizon 15-14
802.1ad EtherChannels 15-14, 15-15
802.1ad QoS 36-90
aggregate policers 36-54
CBWFQ 36-67
CFM 44-8
class-based shaping 36-69
C-VLAN child policy maps 36-81
C-VLAN parent policy maps 36-80
EtherChannel 37-10
Ethernet OAM 44-35
HSRP 41-5
individual policers 36-46
input policy maps 36-45
link-state tracking 37-24
marking in policy maps 36-58
multi-VRF CE 34-86
OAM manager 44-49
output policy maps 36-65
per-port, per-VLAN QoS 36-60
PIM stub routing 46-12
port security 24-10
QoS, general 36-35
QoS ACLs 36-37
QoS classification for QinQ 36-79
QoS class maps 36-41
QoS table maps 36-43
REP 19-7
rollback and replacement A-20
SSM 46-16
SSM mapping 46-17
strict priority queuing 36-71
unconditional priority policing 36-73
UNI VLANs 13-12
VLAN mapping 15-9
VLANs 13-8
WTD 36-76
configuration replacement A-19
configuration rollback A-19
configuration settings, saving 3-15
configure terminal command 11-8
Configure the VACL logging parameters 33-37
configuring 45-4
configuring marking in input policy maps 36-58
configuring port-based authentication violation modes 9-17
Configuring VACL Logging 33-36
conform, exceed, and violate actions 36-54
congestion avoidance, QoS 36-2, 36-32
congestion management, QoS 36-2, 36-26
connections, secure remote 8-38
Connectivity Fault Management
connectivity problems 48-9, 48-13, 48-14
console port, connecting to 2-9
control packets
and control-plane security 35-2
dropping and rate-limiting 35-2
control-plane security
configuring 35-6
control packets 35-2
monitoring 35-7
policers 35-4
policing 35-2
purpose of 35-1
control protocol, IP SLAs 42-4
convergence
REP 19-4
corrupted software, recovery steps with Xmodem 48-2
CoS
classification 36-8
values 36-6
CoS mapping 36-8
counters, clearing interface 11-30
CPU-generated traffic
marking and queuing 36-93
CPU overload, protection from 35-1
CPU policers 35-6
CPU protection 35-4
CPU threshold notification 31-21
CPU threshold table 31-1, 31-20
CPU utilization statistics 31-20
crashinfo file 48-21
cryptographic software image
Kerberos 8-33
SSH 8-38
C-UNI isolated ports 15-18
C-UNIs 15-13
customer edge devices 1-18, 34-84
C-VLAN 15-7
D
data collection, bulk statistics 31-20
daylight saving time 5-13
debugging
enabling all system diagnostics 48-18
enabling for a specific feature 48-17
redirecting error message output 48-18
using commands 48-17
default
policer configuration
ENIs and UNIs 35-4
NNIs 35-6
default actions, table maps 36-15
default commands 2-4
default configuration
banners 5-17
booting 3-19
CDP 25-2
CFM 44-7
DHCP 21-8
DHCP option 82 21-8
DHCP snooping 21-8
DHCP snooping binding database 21-8
DNS 5-16
dynamic ARP inspection 22-5
EIGRP 34-36
E-LMI and OAM 44-49
EtherChannel 37-10
Ethernet OAM 44-35
Flex Links 20-7
HSRP 41-5
IEEE 802.1Q tunneling 15-4
IEEE 802.1x 9-11
IGMP 46-37
IGMP filtering 23-24
IGMP snooping 23-6, 39-5, 39-6
IGMP throttling 23-25
initial switch information 3-3
IP addressing, IP routing 34-4
IP multicast routing 46-9
IP SLAs 42-6
IP source guard 21-21
IPv6 38-11
IS-IS 34-64
Layer 2 interfaces 11-15
Layer 2 protocol tunneling 15-23
LLDP 26-3
MAC address table 5-21
MAC address-table move update 20-7
MSDP 47-3
MSTP 17-14
multi-VRF CE 34-85
MVR 23-18
NTP 5-4
optional spanning-tree configuration 18-5
OSPF 34-24
password and privilege level 8-2
PIM 46-9
private VLANs 14-6
QoS 36-35
RADIUS 8-21
REP 19-7
RIP 34-18
RMON 29-3
RSPAN 28-9
SDM template 7-3
SNMP 31-7
SPAN 28-9
STP 16-11
system message logging 30-3
system name and prompt 5-15
TACACS+ 8-13
UDLD 27-4
VLAN, Layer 2 Ethernet interfaces 13-16
VLAN mapping 15-9
VLANs 13-7
VMPS 13-25
Y.1731 44-26
default networks 34-100
default router preference
default routes 34-100
default routing 34-2
default service, DSCP 36-9
default template 7-1
DEI bit
for classification 36-5
ingress classification 36-90
ingress marking 36-90
ingress policing 36-90
location 36-6
DEI classification 36-10
denial-of-service attacks, preventing 35-1
description command 11-24
designing your network, examples 1-15
destination addresses
in IPv6 ACLs 40-5
destination addresses, in IPv4 ACLs 33-11
destination-IP address-based forwarding, EtherChannel 37-8
destination-MAC address forwarding, EtherChannel 37-7
device discovery protocol 25-1, 26-1
DHCP
DHCP for IPv6
DHCP, enabling the relay agent 21-10
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-7
relay device 3-8
server side 3-6
TFTP server 3-7
example 3-9
lease options
for IP address information 3-6
for receiving the configuration file 3-6
overview 3-3
relationship to BOOTP 3-3
support for 1-3
DHCP-based autoconfiguration and image update
understanding 3-5
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 43-11
DHCP option 82
circuit ID suboption 21-5
configuration guidelines 21-8
default configuration 21-8
displaying 21-15
forwarding address, specifying 21-10
helper address 21-10
overview 21-3
packet format, suboption
circuit ID 21-5
remote ID 21-5
remote ID suboption 21-5
DHCP server port-based address allocation
configuration guidelines 21-16
default configuration 21-16
described 21-15
displaying 21-18
enabling 21-16
reserved addresses 21-17
DHCP snooping
accepting untrusted packets form edge switch 21-3, 21-12
and private VLANs 21-13
binding database
See DHCP snooping binding database
configuration guidelines 21-8
default configuration 21-8
displaying binding tables 21-15
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-13
binding entries, displaying 21-15
binding file
format 21-7
location 21-6
bindings 21-6
clearing agent statistics 21-14
configuration guidelines 21-9
configuring 21-13
default configuration 21-8
deleting
binding file 21-14
bindings 21-14
database agent 21-14
described 21-6
displaying 21-15
binding entries 21-15
status and statistics 21-15
enabling 21-13
entry 21-6
renewing database 21-14
resetting
delay value 21-14
timeout value 21-14
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 38-16
default configuration 38-16
described 38-6
enabling client function 38-19
enabling DHCPv6 server function 38-17
diagnostic schedule command 49-2
Differentiated Services Code Point
Diffusing Update Algorithm (DUAL) 34-34
Digital Optical Monitoring
directed unicast requests 1-4
directories
changing A-3
creating and removing A-4
displaying the working A-3
discovery, Ethernet OAM 44-34
distribute-list command 34-108
DNS
and DHCP-based autoconfiguration 3-7
default configuration 5-16
displaying the configuration 5-17
in IPv6 38-4
overview 5-15
setting up 5-16
support for 1-3
DNS-based SSM mapping 46-19, 46-20
DoM
displaying supported transceivers 11-30
domain names, DNS 5-15
Domain Name System
domains, ISO IGRP routing 34-63
dot1q-tunnel switchport mode 13-15
double-tagged packets
IEEE 802.1Q tunneling 15-3
Layer 2 protocol tunneling 15-22
downloading
configuration files
reasons for A-8
using FTP A-13
using RCP A-17
using TFTP A-11
image files
deleting old image A-27
reasons for A-23
using FTP A-29
using RCP A-33
using TFTP A-26
using the device manager or Network Assistant A-23
drop eligibility indicator
drop threshold for Layer 2 protocol packets 15-23
DRP
configuring 38-14
described 38-4
IPv6 38-4
DSCP
assured forwarding 36-9
classification 36-9
class selectors 36-9
default service 36-9
expedited forwarding 36-9
values 36-6
DUAL finite state machine, EIGRP 34-35
dual IPv4 and IPv6 templates 7-2, 38-5
dual protocol stacks
IPv4 and IPv6 38-5
SDM templates supporting 38-6
dual-purpose ports
default port type 11-7
defaults 11-20
defined 11-6
frame size 11-20
LEDs 11-7
setting the type 11-20
duplex mode, configuring 11-18
dying gasp 44-43
dynamic access ports
characteristics 13-5
configuring 13-26
defined 11-4
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
clearing
log buffer 22-15
statistics 22-15
configuration guidelines 22-6
configuring
ACLs for non-DHCP environments 22-8
in DHCP environments 22-7
log buffer 22-13
rate limit for incoming ARP packets 22-4, 22-10
default configuration 22-5
denial-of-service attacks, preventing 22-10
described 22-1
DHCP snooping binding database 22-2
displaying
ARP ACLs 22-14
configuration and operating state 22-14
log buffer 22-15
statistics 22-15
trust state and rate limit 22-14
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
log buffer
clearing 22-15
configuring 22-13
displaying 22-15
logging of dropped packets, described 22-4
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
rate limiting of ARP packets
configuring 22-10
described 22-4
error-disabled state 22-4
statistics
clearing 22-15
displaying 22-15
validation checks, performing 22-12
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 13-24
reconfirming 13-27
troubleshooting 13-28
types of connections 13-26
dynamic routing
ISO CLNS 34-63
protocols 34-3
E
EBGP 34-42
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EEM 3.2 32-5
EIGRP
authentication 34-39
components 34-35
configuring 34-37
default configuration 34-36
definition 34-34
interface parameters, configuring 34-38
monitoring 34-41
stub routing 34-40
support for 1-10
EIGRP IPv6 38-7
ELIN location 26-3
E-LMI
and OAM Manager 44-48
CE device configuration 44-54
configuration guidelines 44-49
configuring a CE device 44-52
configuring a PE device 44-52
default configuration 44-49
defined 44-48
enabling 44-52
information 44-48
monitoring 44-54
PE device configuration 44-53
embedded event manager
3.2 32-5
actions 32-4
displaying information 32-7
environmental variables 32-4
event detectors 32-2
policies 32-4
registering and defining an applet 32-6
registering and defining a TCL script 32-7
understanding 32-1
enable password 8-3
enable secret password 8-3
encryption for passwords 8-3
Enhanced IGRP
enhanced network interface
enhanced object tracking
backup static routing 43-12
commands 43-1
defined 43-1
DHCP primary interface 43-11
HSRP 43-7
IP routing state 43-2
IP SLAs 43-9
line-protocol state 43-2
network monitoring with IP SLAs 43-11
routing policy, configuring 43-12
static route primary interface 43-10
tracked lists 43-3
ENI
configuring 11-17
described 11-2
protocol control packets on 35-1
environmental variables, embedded event manager 32-4
environment variables, function of 3-22
equal-cost routing 1-11, 34-98
error messages during command entry 2-4
EtherChannel
802.3ad, described 37-6
automatic creation of 37-4, 37-6
channel groups
binding physical and logical interfaces 37-3
numbering of 37-3
configuration guidelines 37-10
configuring
Layer 2 interfaces 37-11
Layer 3 physical interfaces 37-15
Layer 3 port-channel logical interfaces 37-14
default configuration 37-10
described 37-2
displaying status 37-22
forwarding methods 37-7, 37-17
interaction
with STP 37-10
with VLANs 37-11
LACP
described 37-6
displaying status 37-22
hot-standby ports 37-19
interaction with other features 37-7
modes 37-6
port priority 37-21
system priority 37-20
Layer 3 interface 34-3
logical interfaces, described 37-3
PAgP
aggregate-port learners 37-18
compatibility with Catalyst 1900 37-18
described 37-4
displaying status 37-22
interaction with other features 37-5
learn method and priority configuration 37-18
modes 37-5
support for 1-2
port-channel interfaces
described 37-3
numbering of 37-3
port groups 11-6
support for 1-2
EtherChannel guard
described 18-3
disabling 18-10
enabling 18-9
Ethernet Frame Delay 42-13
Ethernet frame delay measurement
ETH-DM 45-2
Ethernet infrastructure 44-1
Ethernet Link Management Interface
Ethernet Locked Signal (ETH-LCK) 44-25
Ethernet loopback
characteristics 44-45
Ethernet management port
and routing 11-12
and routing protocols 11-13
and TFTP 11-14
configuring 11-14
default setting 11-12
for network management 11-5, 11-12
specifying 11-14
supported features 11-13
unsupported features 11-14
Ethernet management port, internal
and routing 11-12
and routing protocols 11-13
unsupported features 11-14
Ethernet OAM 44-34
and CFM interaction 44-55
configuration guidelines 44-35
configuring with CFM 44-56
default configuration 44-35
discovery 44-34
dying gasp 44-43
manager 44-1
messages 44-34
protocol
defined 44-33
monitoring 44-44
remote failure indications 44-34, 44-40
templates 44-40
Ethernet OAM protocol 44-1
Ethernet OAM protocol CFM notifications 44-55
Ethernet operation, administration, and maintenance
Ethernet Remote Defect Indication (ETH-RDI) 44-24
Ethernet terminal loopback 36-99
Ethernet virtual connections
Ethernet VLANs
adding 13-9
defaults and ranges 13-8
modifying 13-9
EUI 38-3
EVCs
configuring 44-50
in CFM domains 44-48
event detectors, embedded event manager 32-2
events, RMON 29-3
example, configuration 45-5
examples
network configuration 1-15
expedited forwarding, DSCP 36-9
extended-range VLANs
creating with an internal VLAN ID 13-12
defined 13-1
extended system ID
MSTP 17-17
extended universal identifier
Extensible Authentication Protocol over LAN 9-1
external BGP
external neighbors, BGP 34-46
F
Fa0 port
Fast Convergence 20-3
fastethernet0 port
features, incompatible 24-11
FIB 34-97
fiber-optic, detecting unidirectional links 27-1
files
copying A-4
crashinfo
description 48-21
displaying the contents of 48-21
location 48-21
deleting A-5
displaying the contents of A-8
tar
creating A-6
displaying the contents of A-6
extracting A-7
image file format A-24
file system
displaying available file systems A-2
displaying file information A-3
local file system names A-1
network file system names A-4
setting the default A-3
filtering
in a VLAN 33-30
non-IP traffic 33-27
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
flash device, number of A-1
Flex Link Multicast Fast Convergence 20-3
Flex Links
configuration guidelines 20-8
configuring preferred VLAN 20-11
configuring VLAN load balancing 20-10
default configuration 20-7
description 20-1
link load balancing 20-2
monitoring 20-14
VLANs 20-2
flooded traffic, blocking 24-7
forward-delay time
MSTP 17-23
STP 16-22
Forwarding Information Base
FTP
configuration files
downloading A-13
overview A-12
preparing the server A-13
uploading A-14
image files
deleting old image A-31
downloading A-29
preparing the server A-28
uploading A-31
G
general query 20-5
Generating IGMP Reports 20-3
get-bulk-request operation 31-3
get-next-request operation 31-3, 31-4
get-request operation 31-3, 31-4
get-response operation 31-3
global configuration mode 2-2
global leave, IGMP 23-11
H
hardware limitations and Layer 3 interfaces 11-25
hello time
MSTP 17-23
STP 16-21
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 30-10
host ports
configuring 14-11
kinds of 14-2
hosts, limit on dynamic ports 13-28
Hot Standby Router Protocol
HP OpenView 1-3
HSRP
authentication string 41-10
command-switch redundancy 1-6
configuration guidelines 41-5
configuring 41-5
default configuration 41-5
definition 41-1
monitoring 41-12
object tracking 43-7
overview 41-2
priority 41-7
routing redundancy 1-10
support for ICMP redirect messages 41-12
timers 41-10
tracking 41-8
HTTP(S) Over IPv6 38-8
I
IBPG 34-42
ICMP
IPv6 38-4
redirect messages 34-10
support for 1-11
time-exceeded messages 48-15
traceroute 48-15
unreachable messages 33-19
unreachable messages and IPv6 40-4
unreachables and ACLs 33-20
ICMP Echo operation
configuring 42-11
IP SLAs 42-11
ICMP ping
executing 48-10
overview 48-10
ICMP Router Discovery Protocol
ICMPv6 38-4
IDS appliances
and ingress RSPAN 28-20
and ingress SPAN 28-13
IEEE 802.1ad 15-13
IEEE 802.1ag 44-2
IEEE 802.1D
IEEE 802.1Q
and trunk ports 11-4
configuration limitations 13-15
encapsulation 13-15
native VLAN for untagged traffic 13-19
tunneling
compatibility with other features 15-6
defaults 15-4
described 15-2
tunnel ports with other features 15-6
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3ah Ethernet OAM discovery 44-1
IEEE 802.3z flow control 11-22
ifIndex values, SNMP 31-5
IFS 1-4
IGMP
configurable leave timer, described 23-5
configurable leave timer, procedures 23-9
configuring the switch
as a member of a group 46-37
statically connected member 46-42
controlling access to groups 46-38
default configuration 46-37
deleting cache entries 46-46
displaying groups 46-47
fast switching 46-42
flooded multicast traffic
controlling flooding time 23-10
disabling on an interface 23-11
global leave 23-11
query solicitation 23-11
recovering from flood mode 23-11
host-query interval, modifying 46-40
joining multicast group 23-3
join messages 23-3
leave processing, enabling 23-9, 39-9
leaving multicast group 23-5
multicast reachability 46-37
overview 46-2
queries 23-3
report suppression
described 23-6
supported versions 23-2
support for 1-2
Version 1
changing to Version 2 46-39
described 46-3
Version 2
changing to Version 1 46-39
described 46-3
maximum query response time value 46-41
pruning groups 46-41
query timeout value 46-41
IGMP configurable leave timer 23-5
IGMP filtering
configuring 23-25
default configuration 23-24
described 23-24
monitoring 23-29
support for 1-3
IGMP groups
configuring filtering 23-27
setting the maximum number 23-27
IGMP helper 46-5
IGMP leave timer, configuring 23-9
IGMP profile
applying 23-26
configuration mode 23-25
configuring 23-25
IGMP snooping
and address aliasing 23-2
configuring 23-6
default configuration 23-6, 39-5, 39-6
definition 23-1
enabling and disabling 23-7, 39-6
global configuration 23-7
Immediate Leave 23-5
querier
configuration guidelines 23-12
configuring 23-12
supported versions 23-2
support for 1-2
VLAN configuration 23-7
IGMP throttling
configuring 23-27
default configuration 23-25
described 23-24
displaying action 23-29
IGP 34-23
Immediate Leave, IGMP
configuration guidelines 23-9
described 23-5
individual policers
configuration guidelines 36-46
configuring 36-46
initial configuration
defaults 1-12
inner CoS to outer CoS mapping 36-8
input policy maps
classification criteria 36-5
configuration guidelines 36-45
configuring 36-45
displaying statistics 36-99
interface
number 11-8
range macros 11-10
interface command 11-8
interface configuration, REP 19-9
interface configuration mode 2-2
interfaces 45-3
configuration guidelines, duplex and speed 11-18
configuring
duplex mode 11-18
procedure 11-8
speed 11-18
counters, clearing 11-30
described 11-24
descriptive name, adding 11-24
displaying information about 11-29
flow control 11-22
management 1-3
monitoring 11-29
naming 11-24
physical, identifying 11-8
range of 11-9
restarting 11-31
shutting down 11-31
status 11-29
supported 11-8
types of 11-1
interfaces range macro command 11-10
interface types 11-8
ENI 11-2
NNI 11-2
UNI 11-2
Interior Gateway Protocol
Intermediate System-to-Intermediate System
internal BGP
internal neighbors, BGP 34-46
Internet Control Message Protocol
Internet Group Management Protocol
Internet Protocol version 6
Intrusion Detection System
inventory management TLV 26-6
IP ACLs
for QoS classification 36-11
implicit masks 33-9
named 33-14
undefined 33-20
IP addresses
128-bit 38-2
classes of 34-5
default configuration 34-4
discovering 5-31
for IP routing 34-4
IPv6 38-2
MAC address association 34-7
monitoring 34-16
virtual 41-13
IP broadcast address 34-14
ip cef distributed command 34-97
IP directed broadcasts 34-13
ip igmp profile command 23-25
IP information
assigned
manually 3-14
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing
addresses
all-hosts 46-2
all-multicast-routers 46-2
host group address range 46-2
administratively-scoped boundaries, described 46-44
and IGMP snooping 23-1
Auto-RP
adding to an existing sparse-mode cloud 46-24
benefits of 46-24
clearing the cache 46-46
configuration guidelines 46-10
filtering incoming RP announcement messages 46-27
overview 46-6
preventing candidate RP spoofing 46-27
preventing join messages to false RPs 46-26
setting up in a new internetwork 46-24
using with BSR 46-32
bootstrap router
configuration guidelines 46-10
configuring candidate BSRs 46-30
configuring candidate RPs 46-31
defining the IP multicast boundary 46-29
defining the PIM domain border 46-28
overview 46-6
using with Auto-RP 46-32
Cisco implementation 46-1
configuring
basic multicast routing 46-10
IP multicast boundary 46-44
default configuration 46-9
enabling
multicast forwarding 46-11
PIM mode 46-12
group-to-RP mappings
Auto-RP 46-6
BSR 46-6
MBONE
deleting sdr cache entries 46-46
described 46-43
displaying sdr cache 46-47
enabling sdr listener support 46-43
limiting sdr cache entry lifetime 46-44
SAP packets for conference session announcement 46-43
Session Directory (sdr) tool, described 46-43
monitoring
packet rate loss 46-47
peering devices 46-47
tracing a path 46-47
multicast forwarding, described 46-7
PIMv1 and PIMv2 interoperability 46-9
reverse path check (RPF) 46-7
routing table
deleting 46-46
displaying 46-47
RP
assigning manually 46-22
configuring Auto-RP 46-24
configuring PIMv2 BSR 46-28
monitoring mapping information 46-33
using Auto-RP and BSR 46-32
statistics, displaying system and network 46-46
IP packets, classification 36-6
IP Port Security for Static Hosts
on a Layer 2 access port 21-23
on a PVLAN host port 21-26
IP precedence
classification 36-9
values 36-6
IP protocols
routing 1-10
IP routes, monitoring 34-110
IP routing
connecting interfaces with 11-7
disabling 34-17
enabling 34-17
IP Service Level Agreements
IP service levels, analyzing 42-1
IP SLAs
benefits 42-2
CFM endpoint discovery 44-19
configuration guidelines 42-6
configuring object tracking 43-9
Control Protocol 42-4
default configuration 42-6
definition 42-1
ICMP echo operation 42-11
manually configuring CFM ping or jitter 44-18
measuring network performance 42-3
monitoring 42-13
multioperations scheduling 42-5
object tracking 43-9
operation 42-3
reachability tracking 43-9
responder
described 42-4
enabling 42-7
response time 42-4
scheduling 42-5
SNMP support 42-2
supported metrics 42-2
threshold monitoring 42-6
track object monitoring agent, configuring 43-11
track state 43-9
UDP jitter operation 42-8
IP source guard
and 802.1x 21-21
and DHCP snooping 21-19
and EtherChannels 21-21
and port security 21-21
and private VLANs 21-21
and routed ports 21-21
and TCAM entries 21-21
and trunk interfaces 21-21
and VRF 21-21
binding configuration
automatic 21-19
manual 21-19
binding table 21-19
configuration guidelines 21-21
default configuration 21-21
described 21-19
disabling 21-22
displaying
bindings 21-28
configuration 21-28
filtering
source IP address 21-19
source IP and MAC address 21-20
source IP address filtering 21-19
source IP and MAC address filtering 21-20
static bindings
deleting 21-22
static hosts 21-23
IP traceroute
executing 48-15
overview 48-14
IP unicast routing
address resolution 34-7
administrative distances 34-99, 34-109
ARP 34-7
assigning IP addresses to Layer 3 interfaces 34-5
authentication keys 34-109
broadcast
address 34-14
flooding 34-15
packets 34-12
storms 34-12
classless routing 34-6
configuring static routes 34-98
default
addressing configuration 34-4
gateways 34-10
networks 34-100
routes 34-100
routing 34-2
directed broadcasts 34-13
disabling 34-17
dynamic routing 34-3
enabling 34-17
EtherChannel Layer 3 interface 34-3
IGP 34-23
inter-VLAN 34-2
IP addressing
classes 34-5
configuring 34-4
IPv6 38-2
IRDP 34-11
Layer 3 interfaces 34-3
MAC address and IP address 34-7
passive interfaces 34-107
proxy ARP 34-8
redistribution 34-101
reverse address resolution 34-7
routed ports 34-3
static routing 34-2
steps to configure 34-3
subnet mask 34-5
subnet zero 34-5
supernet 34-6
UDP 34-14
with SVIs 34-3
IPv4 ACLs
applying to interfaces 33-19
extended, creating 33-10
named 33-14
standard, creating 33-9
IPv6
ACLs
displaying 40-8
limitations 40-3
matching criteria 40-3
port 40-2
precedence 40-2
router 40-2
supported 40-2
addresses 38-2
address formats 38-2
applications 38-5
assigning address 38-11
autoconfiguration 38-5
CEFv6 38-21
default configuration 38-11
default router preference (DRP) 38-4
defined 38-1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 38-7
Router ID 38-7
feature limitations 38-10
features not supported 38-9
forwarding 38-11
ICMP 38-4
neighbor discovery 38-4
OSPF 38-7
path MTU discovery 38-4
Stateless Autoconfiguration 38-5
supported features 38-2
switch limitations 38-10
understanding static routes 38-7
IPv6 traffic, filtering 40-3
IRDP
configuring 34-11
definition 34-11
support for 1-11
IS-IS
addresses 34-63
area routing 34-63
default configuration 34-64
monitoring 34-72
show commands 34-72
support for 1-10
system routing 34-63
ISL trunking with IEEE 802.1 tunneling 15-5
ISO CLNS
clear commands 34-72
dynamic routing protocols 34-63
monitoring 34-72
NETs 34-63
NSAPs 34-63
OSI standard 34-63
ISO IGRP
area routing 34-63
system routing 34-63
isolated port 14-2
ITU-T Y.1731
J
join messages, IGMP 23-3
K
KDC
described 8-33
keepalive command 11-17
keepalive messages 16-3
keepalive messages, default 11-17
Kerberos
authenticating to
boundary switch 8-35
KDC 8-35
network services 8-36
configuration examples 8-33
configuring 8-36
credentials 8-33
cryptographic software image 8-33
described 8-33
KDC 8-33
operation 8-35
realm 8-34
server 8-34
support for 1-8
switch as trusted third party 8-33
terms 8-34
TGT 8-35
tickets 8-33
key distribution center
L
l2protocol forward command 15-14
l2protocol peer command 15-14
l2protocol-tunnel command 15-25
LACP
Layer 2 protocol tunneling 15-22
Layer 2 interfaces, default configuration 11-15
Layer 2 packets, classification 36-6
Layer 2 protocol packets, and control-plane security 35-2
Layer 2 protocol tunneling
configuring 15-22
configuring for EtherChannels 15-26
default configuration 15-23
defined 15-20
layer-2 template 7-1
Layer 2 traceroute
and ARP 48-14
and CDP 48-13
broadcast traffic 48-13
described 48-13
IP addresses and subnets 48-14
MAC addresses and VLANs 48-13
multicast traffic 48-13
multiple devices on a port 48-14
unicast traffic 48-13
usage guidelines 48-13
Layer 3 features 1-10
Layer 3 interfaces
assigning IP addresses to 34-5
assigning IPv4 and IPv6 addresses to 38-15
assigning IPv6 addresses to 38-12
changing from Layer 2 mode 34-5, 34-89
types of 34-3
LDAP 4-2
Leaking IGMP Reports 20-4
lightweight directory access protocol
line configuration mode 2-2
Link Aggregation Control Protocol
Link Failure, detecting unidirectional 17-8
link integrity, verifying with REP 19-3
Link Layer Discovery Protocol
link local unicast addresses 38-3
link monitoring, Ethernet OAM 44-34, 44-37
link redundancy
links, unidirectional 27-1
link state advertisements (LSAs) 34-30
link-state tracking
configuration guidelines 37-24
configuring 37-24
described 37-22
LLDP
configuring 26-3
characteristics 26-4
default configuration 26-3
disabling and enabling
globally 26-5
on an interface 26-5
monitoring and maintaining 26-8
overview 26-1
supported TLVs 26-2
transmission timer and holdtime, setting 26-4
LLDP-MED
configuring 26-3
configuring TLVs 26-6
monitoring and maintaining 26-8
supported TLVs 26-2
LLDP Media Endpoint Discovery
local SPAN 28-2
logging messages, ACL 33-8
login authentication
with RADIUS 8-24
with TACACS+ 8-14
login banners 5-17
log messages
loop guard
described 18-5
enabling 18-10
support for 1-6
M
MAC addresses
aging time 5-21
and VLAN association 5-20
building the address table 5-20
default configuration 5-21
disabling learning on a VLAN 5-30
discovering 5-31
displaying 5-31
displaying in the IP source binding table 21-28
dynamic
learning 5-20
removing 5-22
in ACLs 33-27
IP address association 34-7
static
adding 5-28
characteristics of 5-27
dropping 5-29
removing 5-28
virtual 41-13
MAC address learning, disabling on a VLAN 5-30
MAC address notification, support for 1-11
MAC address-table move update
configuration guidelines 20-8
configuring 20-12
default configuration 20-7
description 20-6
monitoring 20-14
MAC address-to-VLAN mapping 13-23
MAC extended access lists
applying to Layer 2 interfaces 33-29
configuring for QoS 36-40
creating 33-27
defined 33-27
macros
Maintenance end points
Maintenance intermediate points
manageability features 1-3
management access
in-band
CLI session 1-4
SNMP 1-4
out-of-band console port connection 1-4
management options
CLI 2-1
CNS 4-1
overview 1-3
manual preemption, REP, configuring 19-13
marking
action with aggregate policers 36-54
match command, QoS
guidelines 36-41
matching, IPv4 ACLs 33-7
matching classifications, QoS 36-7
maximum aging time
MSTP 17-24
STP 16-22
maximum hop count, MSTP 17-24
maximum number of allowed devices, port-based authentication 9-13
maximum-paths command 34-50, 34-98
ME 34000EG-2CS switch policers 35-4
ME 3400E-24TS switch policers 35-4
ME 3400EG-12CS switch policers 35-4
media-type command 11-20
membership mode, VLAN port 13-5
MEPs
and STP 44-4
defined 44-3
messages
Ethernet OAM 44-34
to users through banners 5-17
metrics, in BGP 34-51
metric translations, between routing protocols 34-104
metro tags 15-2
MHSRP 41-4
MIBs
overview 31-1
SNMP interaction with 31-4
MIPs
and STP 44-4
defined 44-4
mirroring traffic for analysis 28-1
mismatches, autonegotiation 48-8
modular QoS command-line interface
module number 11-8
monitoring
access groups 33-41
BGP 34-62
cables for unidirectional links 27-1
CDP 25-5
CEF 34-97
control-plane security 35-7
EIGRP 34-41
E-LMI 44-54
Ethernet OAM 44-44
Ethernet OAM protocol 44-44
features 1-11
Flex Links 20-14
HSRP 41-12
IEEE 802.1Q tunneling 15-30
IGMP
filters 23-29
interfaces 11-29
IP
address tables 34-16
multicast routing 46-46
routes 34-110
IP SLAs operations 42-13
IPv4 ACL configuration 33-41
IPv6 ACL configuration 40-8
IS-IS 34-72
ISO CLNS 34-72
Layer 2 protocol tunneling 15-30
MAC address-table move update 20-14
MSDP peers 47-17
multicast router interfaces 23-15, 39-12
multi-VRF CE 34-96
MVR 23-23
network traffic for analysis with probe 28-2
OAM manager 44-54
object tracking 43-12
OSPF 34-34
port
blocking 24-18
protection 24-18
private VLANs 14-15
QoS 36-99
REP 19-14
RP mapping information 46-33
SFPs
status 11-30
source-active messages 47-17
speed and duplex mode 11-20
SSM mapping 46-22
traffic flowing among switches 29-1
traffic suppression 24-18
tunneling 15-30
VLAN
filters 33-42
maps 33-42
VLANs 13-14
VMPS 13-28
MQC
process 36-3
steps to configure 36-3
mrouter Port 20-3
mrouter port 20-5
MSDP
benefits of 47-3
clearing MSDP connections and statistics 47-17
controlling source information
forwarded by switch 47-11
originated by switch 47-8
received by switch 47-13
default configuration 47-3
dense-mode regions
sending SA messages to 47-15
specifying the originating address 47-16
filtering
incoming SA messages 47-13
SA messages to a peer 47-11
SA requests from a peer 47-10
join latency, defined 47-6
meshed groups
configuring 47-14
defined 47-14
originating address, changing 47-16
overview 47-1
peer-RPF flooding 47-2
peers
configuring a default 47-4
monitoring 47-17
peering relationship, overview 47-1
requesting source information from 47-7
shutting down 47-15
source-active messages
caching 47-6
clearing cache entries 47-18
defined 47-2
filtering from a peer 47-10
filtering incoming 47-13
filtering to a peer 47-11
limiting data with TTL 47-12
monitoring 47-17
restricting advertised sources 47-8
support for 1-11
MSTP
boundary ports
configuration guidelines 17-15
described 17-6
BPDU filtering
described 18-3
enabling 18-8
BPDU guard
described 18-3
enabling 18-7
CIST, described 17-3
CIST root 17-5
configuration guidelines 17-15, 18-6
configuring
forward-delay time 17-23
hello time 17-23
link type for rapid convergence 17-25
maximum aging time 17-24
maximum hop count 17-24
MST region 17-16
neighbor type 17-25
path cost 17-21
port priority 17-19
root switch 17-17
secondary root switch 17-19
switch priority 17-22
CST
defined 17-3
operations between regions 17-3
default configuration 17-14
default optional feature configuration 18-5
displaying status 17-27
enabling the mode 17-16
EtherChannel guard
described 18-3
enabling 18-9
extended system ID
effects on root switch 17-17
effects on secondary root switch 17-19
unexpected behavior 17-18
IEEE 802.1s
implementation 17-6
port role naming change 17-7
instances supported 16-10
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-10
interoperability with 802.1D
described 17-8
restarting migration process 17-26
IST
defined 17-2
master 17-3
operations within a region 17-3
loop guard
described 18-5
enabling 18-10
mapping VLANs to MST instance 17-16
MST region
CIST 17-3
configuring 17-16
described 17-2
hop-count mechanism 17-5
IST 17-2
supported spanning-tree instances 17-2
optional features supported 1-6
overview 17-2
Port Fast
described 18-2
enabling 18-6
preventing root switch selection 18-4
root guard
described 18-4
enabling 18-10
root switch
configuring 17-18
effects of extended system ID 17-17
unexpected behavior 17-18
shutdown Port Fast-enabled port 18-3
status, displaying 17-27
multicast Ethernet loopback (ETH-LB) 44-25
multicast Ethernet loopback, using 44-30
multicast groups
Immediate Leave 23-5
leaving 23-5
multicast packets
ACLs on 33-41
multicast router interfaces, monitoring 23-15, 39-12
multicast router ports, adding 23-7, 39-8
Multicast Source Discovery Protocol
multicast storm 24-1
multicast storm-control command 24-4
multicast television application 23-16
multicast VLAN 23-15
Multicast VLAN Registration
multioperations scheduling, IP SLAs 42-5
Multiple HSRP
multiple VPN routing/forwarding in customer edge devices
multi-VRF CE
configuration example 34-92
configuration guidelines 34-86
configuring 34-85
default configuration 34-85
displaying 34-96
monitoring 34-96
network components 34-85
packet-forwarding process 34-85
support for 1-11
MVR
and address aliasing 23-19
and IGMPv3 23-19
configuration guidelines 23-18
configuring interfaces 23-21
default configuration 23-18
described 23-15
example application 23-16
in the switch stack 23-18
modes 23-20
monitoring 23-23
multicast television application 23-16
setting global parameters 23-19
support for 1-3
MVRoT, guidelines 23-18
MVR over trunk ports
N
named IPv4 ACLs 33-14
named IPv6 ACLs 40-3
NameSpace Mapper
native VLAN
and IEEE 802.1Q tunneling 15-4
configuring 13-19
default 13-19
NEAT
configuring 9-24
overview 9-9
neighbor discovery, IPv6 38-4
neighbor discovery/recovery, EIGRP 34-35
neighbor offset numbers, REP 19-4
neighbors, BGP 34-57
Network Edge Access Topology
network management
CDP 25-1
RMON 29-1
SNMP 31-1
network node interface
network performance, measuring with IP SLAs 42-3
network policy TLV 26-7
Network Time Protocol
NNI
configuring 11-17
described 11-2
protocol control packets on 35-1
NNIs, 802.1ad 15-13
no commands 2-4
non-IP traffic filtering 33-27
Nonstop Forwarding Awareness
nontrunking mode 13-15
normal-range VLANs
characteristics 13-3
configuring 13-7
defined 13-1
no switchport command 11-5
not-so-stubby areas
NSAPs, as ISO IGRP addresses 34-63
NSF Awareness
BGP 34-46
EIGRP 34-37
IS-IS 34-65
OSPF 34-25
NSM 4-3
NSSA, OSPF 34-30
NTP
associations
authenticating 5-5
defined 5-2
enabling broadcast messages 5-7
peer 5-6
server 5-6
default configuration 5-4
displaying the configuration 5-11
overview 5-2
restricting access
creating an access group 5-8
disabling NTP services per interface 5-10
source IP address, configuring 5-10
stratum 5-2
support for 1-4
synchronizing devices 5-6
time
services 5-2
synchronizing 5-2
O
OAM
client 44-33
features 44-34
sublayer 44-33
OAM manager
and E-LMI 44-48
configuration guidelines 44-49
monitoring 44-54
purpose of 44-48
with CFM 44-49
with CFM and Ethernet OAM 44-55
OAM PDUs 44-35
OAM protocol data units 44-33
OBFL
configuring 48-22
described 48-22
displaying 48-23
object tracking
HSRP 43-7
IP SLAs 43-9
IP SLAs, configuring 43-9
monitoring 43-12
on-board failure logging
online diagnostics
described 49-1
overview 49-1
running tests 49-5
Open Shortest Path First
optimizing system resources 7-1
options, management 1-3
OSPF
area parameters, configuring 34-30
configuring 34-25
default configuration
metrics 34-31
route 34-31
settings 34-24
described 34-23
for IPv6 38-7
interface parameters, configuring 34-26
LSA group pacing 34-32
monitoring 34-34
network types, configuring 34-29
router IDs 34-33
route summarization 34-31
support for 1-10
virtual links 34-31
output policies 36-5
output policy maps
classification criteria 36-5
configuration guidelines 36-65
configuring 36-65
displaying statistics 36-100
P
packet classification
defined 36-6
to organize traffic 36-2
packet marking
configuring 36-58
defined 36-21
packet policing, for QoS 36-2
PAgP
Layer 2 protocol tunneling 15-22
parallel paths, in routing tables 34-98
parent policies, QoS 36-13, 36-28
passive interfaces
configuring 34-107
OSPF 34-31
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-3
for security 1-7
overview 8-1
recovery of 48-3
setting
enable 8-3
enable secret 8-3
Telnet 8-6
with usernames 8-6
path cost
MSTP 17-21
STP 16-19
path MTU discovery 38-4
PBR
defined 34-104
enabling 34-106
fast-switched policy-based routing 34-107
local policy-based routing 34-107
peers, BGP 34-57
percentage thresholds in tracked lists 43-6
performance features 1-2
periodic data collection and transfer mechanism 31-6
per-port, per-VLAN policy maps, configuration guidelines 36-60
per-port facility loopback
defined 44-44
per-port per VLAN policing 36-13, 36-60
per-VLAN spanning-tree plus
PE to CE routing, configuring 34-91
physical ports 11-3
PIM
default configuration 46-9
dense mode
overview 46-4
rendezvous point (RP), described 46-4
RPF lookups 46-8
displaying neighbors 46-47
enabling a mode 46-12
overview 46-3
router-query message interval, modifying 46-36
shared tree and source tree, overview 46-33
shortest path tree, delaying the use of 46-35
sparse mode
join messages and shared tree 46-4
overview 46-4
prune messages 46-4
RPF lookups 46-8
stub routing
configuration guidelines 46-12
enabling 46-13
overview 46-5
support for 1-11
versions
interoperability 46-9
troubleshooting interoperability problems 46-33
v2 improvements 46-3
ping
executing 48-10
overview 48-10
police aggregate command 36-57
police command, with individual policers 36-46, 36-63
policer aggregate command 36-54
policer configuration
default for ENIs and UNIs 35-4
default for NNIs 35-6
policer instances supported 36-4
policers
configuring for more than one traffic class 36-54
described 36-2
number supported per port 36-4
policing
aggregate in input policy maps 36-18
described 36-2
individual in input policy maps 36-16
priority in output policy maps 36-20
QoS 36-16
policy-based routing
policy-map command 36-3
policy-map marking, configuration guidelines 36-58
policy maps
configuration examples 36-100
described 36-16
input
configuring 36-45
described 36-4
output
configuring 36-65
described 36-4
port ACLs
defined 33-2
types of 33-3
Port Aggregation Protocol
port-based authentication
accounting 9-5
authentication server
defined 9-3
RADIUS server 9-3
client, defined 9-2
configuration guidelines 9-12
configuring
802.1x authentication 9-13
host mode 9-21
manual re-authentication of a client 9-18
periodic re-authentication 9-17
quiet period 9-18
RADIUS server 9-15
RADIUS server parameters on the switch 9-14
switch-to-client frame-retransmission number 9-20
switch-to-client retransmission time 9-19
violation modes 9-17
default configuration 9-11
described 9-1
device roles 9-2
displaying statistics 9-26
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-3
host mode 9-6
initiation and message exchange 9-3
maximum number of allowed devices per port 9-13
method lists 9-13
multiple-hosts mode, described 9-6
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
port security
described 9-7
readiness check
configuring 9-16
resetting to default values 9-22
statistics, displaying 9-26
switch
as proxy 9-3
RADIUS client 9-3
switch supplicant
configuring 9-24
overview 9-9
user distribution
guidelines 9-8
overview 9-8
VLAN assignment
AAA authorization 9-13
characteristics 9-7
configuration tasks 9-8
described 9-7
port-channel
Port Fast
described 18-2
enabling 18-6
support for 1-6
port membership modes, VLAN 13-4
port priority
MSTP 17-19
STP 16-17
ports
access 11-4
blocking 24-6
dual-purpose 11-6
dynamic access 13-5
IEEE 802.1Q tunnel 13-5
protected 24-5
REP 19-6
routed 11-5
secure 24-8
switch 11-3
VLAN assignments 13-11
port security
aging 24-15
and private VLANs 24-16
configuration guidelines 24-10
configuring 24-12
default configuration 24-10
described 24-8
displaying 24-18
enabling 24-17
on trunk ports 24-13
sticky learning 24-9
violations 24-9
with other features 24-10
port shaping
configuring 36-70
described 36-27
port-shutdown response, VMPS 13-24
port types 11-2
power 26-7
power management TLV 26-7
PPPoE IA
clearing counters 10-12
configuring
interface 10-5
switch 10-2
vlan 10-9
debugging 10-13
displaying configuration 10-11
etherchannel 10-2
overview 10-1
restrictions 10-2
troubleshooting 10-13
preempt delay time, REP 19-5
preemption, default configuration 20-7
preemption delay, default configuration 20-7
preferential treatment of traffic
prefix lists, BGP 34-54
preventing unauthorized access 8-1
primary edge port, REP 19-4
primary interface for object tracking, DHCP, configuring 43-11
primary interface for static routing, configuring 43-10
primary links 20-2
priority
HSRP 41-7
priority command 36-20
configuring strict priority queuing 36-71
for QoS scheduling 36-26
for strict priority queuing 36-30
priority policing, described 36-20
priority queues
configuring 36-71
described 36-30
for QoS scheduling 36-26
priority with police 36-31
commands 36-20
configuring 36-73
described 36-30
priority with unconditional policing, QoS 36-26
private VLANs
across multiple switches 14-4
and SVIs 14-5
and UNI VLANs 13-13
benefits of 14-1
community ports 14-3
configuration guidelines 14-6, 14-7, 14-8
configuration tasks 14-6
configuring 14-10
default configuration 14-6
end station access to 14-3
IP addressing 14-4
isolated port 14-2
mapping 14-13
monitoring 14-15
ports
community 14-3
configuration guidelines 14-8
configuring host ports 14-11
configuring promiscuous ports 14-12
described 13-5
isolated 14-2
promiscuous 14-2
promiscuous ports 14-2
secondary VLANs 14-2
subdomains 14-1
traffic in 14-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
exiting 8-9
logging into 8-9
setting a command with 8-8
promiscuous ports
configuring 14-12
defined 14-2
protected ports 24-5
protocol control packets 35-1
protocol-dependent modules, EIGRP 34-35
Protocol-Independent Multicast Protocol
provider edge devices 1-18, 34-84
proxy ARP
configuring 34-10
definition 34-8
with IP routing disabled 34-10
proxy reports 20-3
PVST+
802.1Q trunking interoperability 16-11
described 16-9
instances supported 16-10
Q
QinQ
QinQ QoS classification
configuration examples 36-86
QoS
802.1ad, configuring 36-90
aggregate policers 36-18
and MQC 36-1
basic model 36-2
CBWFQ 36-28
CBWFQ, configuring 36-67
CIR bandwidth 36-29
class-based shaping, described 36-27
classification
ACL lookup 36-11
based on CoS value 36-8
based on DSCP 36-9
based on IP precedence 36-9
based on QoS group 36-12
based on VLAN IDs 36-13, 36-60
class maps, described 36-7
comparisons 36-10
criteria 36-6
in frames and packets 36-6
policy maps, described 36-16
class maps, configuration guidelines 36-41
class maps, configuring 36-41
configuration examples
adding customers 36-102
adding or deleting a class 36-105
adding or deleting classification criteria 36-102, 36-103
adding or deleting configured actions 36-104
changing queuing or scheduling parameters 36-104
configuration guidelines
aggregate policers 36-54
CBWFQ 36-67
class-based shaping 36-69
class maps 36-41
general 36-35
individual policers 36-46
input policy maps 36-45
marking 36-58
output policy maps 36-65
unconditional priority policing 36-73
WTD 36-76
configuring
aggregate policers 36-54
class-based shaping 36-69
classification with IP ACLs 36-37
class maps 36-41
individual policers 36-47, 36-50
individual policing 36-46, 36-63
input policy maps with marking 36-58
IP ACLs 36-37
MAC ACLs 36-40
output policy maps 36-65
port shaping 36-70
priority queues 36-71
queue size 36-32
requirements 36-35
service policies 36-44
strict priority queuing 36-71
table maps 36-43
unconditional priority policing 36-73
congestion avoidance 36-2, 36-32
congestion management 36-2, 36-26
CPU-generated traffic
configuring output policy classification criteria 36-5
configuring QoS group number 36-12
configuring queue-limit 36-76
output remarking 36-6
default configuration 36-35
initial configuration example 36-100
input policy maps
configuring 36-45
described 36-5
IP packet classification 36-6
Layer 2 packet classification 36-6
Layer 3 packet classification 36-6
marking, described 36-2
match command 36-7
output policy maps
configuring 36-66
described 36-5
overview 36-1
packet classification 36-2
packet marking 36-21
packet policing 36-2
parent-child hierarchy 36-13, 36-28
parent-level VLAN class 36-80
per-port, per-VLAN hierarchical policy maps
configuring 36-60
described 36-13
policers
configuring 36-47, 36-50, 36-56, 36-74
described 36-16
policing
aggregate 36-18
individual 36-16
priority 36-20
policy maps
attaching 36-44
attaching to an interface 36-19
displaying statistics 36-99
port shaping, described 36-27
preconfiguration 36-35
priority policing, described 36-20
priority with police 36-30
queue size 36-32
scheduling 36-26
CBWFQ 36-26
priority queuing 36-26
traffic shaping 36-26
strict priority queuing 36-30
support for 1-9
table maps 36-15
testing 36-99
traffic shaping, described 36-26
unconditional priority policing 36-30
WTD 36-32
QoS ACL
configuration guidelines 36-37
QoS ACLs
configuring IP extended 36-39
configuring IP standard 36-37, 36-38
configuring MAC 36-40
QoS groups
classification 36-12, 36-13, 36-60
QoS information, displaying 36-99
quality of service
queries, IGMP 23-3
query solicitation, IGMP 23-11
queue bandwidth and queue size, relationship 36-34
queue-limit command, QoS 36-32, 36-33, 36-75
queue size, QoS, managing 36-32
R
RADIUS
attributes
vendor-proprietary 8-31
vendor-specific 8-30
configuring
accounting 8-29
authentication 8-24
authorization 8-28
communication, global 8-22, 8-30
communication, per-server 8-21, 8-22
multiple UDP ports 8-22
default configuration 8-21
defining AAA server groups 8-26
displaying the configuration 8-32
identifying the server 8-21
limiting the services to the user 8-28
method list, defined 8-21
operation of 8-19
overview 8-18
server load balancing 8-32
suggested network environments 8-18
support for 1-8
tracking services accessed by user 8-29
range
macro 11-10
of interfaces 11-9
rapid convergence 17-10
rapid per-VLAN spanning-tree plus
rapid PVST+
802.1Q trunking interoperability 16-11
described 16-9
instances supported 16-10
Rapid Spanning Tree Protocol
RARP 34-8
rate-limiting threshold, CPU protection 35-6
RCP
configuration files
downloading A-17
overview A-15
preparing the server A-16
uploading A-18
image files
deleting old image A-35
downloading A-33
preparing the server A-32
uploading A-35
reachability, tracking IP SLAs IP host 43-9
readiness check
port-based authentication
configuring 9-16
reconfirmation interval, VMPS, changing 13-27
reconfirming dynamic VLAN membership 13-27
recovery procedures 48-1
redundancy
EtherChannel 37-3
GLBP 41-13
HSRP 41-2
STP
backbone 16-8
path cost 13-21
port priority 13-20
reliable transport protocol, EIGRP 34-35
reloading software 3-22
Remote Authentication Dial-In User Service
Remote Copy Protocol
remote failure indications 44-34
remote failure indications, Ethernet OAM 44-40
remote loopback, Ethernet OAM 44-34, 44-36
Remote Network Monitoring
Remote SPAN
remote SPAN 28-2
REP
administrative VLAN 19-8
administrative VLAN, configuring 19-8
age timer 19-8
and STP 19-6
configuration guidelines 19-7
configuring interfaces 19-9
convergence 19-4
default configuration 19-7
manual preemption, configuring 19-13
monitoring 19-14
neighbor offset numbers 19-4
open segment 19-2
ports 19-6
preempt delay time 19-5
primary edge port 19-4
ring segment 19-2
secondary edge port 19-4
segments 19-1
characteristics 19-2
SNMP traps, configuring 19-13
supported interfaces 19-1
triggering VLAN load balancing 19-5
verifying link integrity 19-3
VLAN blocking 19-12
VLAN load balancing 19-4
report suppression, IGMP
described 23-6
resequencing ACL entries 33-14
reserved addresses in DHCP pools 21-17
resets, in BGP 34-49
resetting a UDLD-shutdown interface 27-6
Resilient Ethernet Protocol
responder, IP SLAs
described 42-4
enabling 42-7
response time, measuring with IP SLAs 42-4
restricting access
NTP services 5-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-18
TACACS+ 8-10
restrictions 45-3
retry count, VMPS, changing 13-27
reverse address resolution 34-7
Reverse Address Resolution Protocol
RFC
1112, IP multicast and IGMP 23-2
1157, SNMPv1 31-2
1305, NTP 5-2
1587, NSSAs 34-23
1757, RMON 29-2
1901, SNMPv2C 31-2
1902 to 1907, SNMPv2 31-2
2236, IP multicast and IGMP 23-2
2273-2275, SNMPv3 31-2
2475, DSCP 36-10
2597, AF per-hop behavior 36-10
2598, EF 36-10
RIP
advertisements 34-18
authentication 34-21
configuring 34-19
default configuration 34-18
described 34-18
for IPv6 38-7
hop counts 34-18
summary addresses 34-22
support for 1-10
RMON
default configuration 29-3
displaying status 29-6
enabling alarms and events 29-3
groups supported 29-2
overview 29-1
statistics
collecting group Ethernet 29-5
collecting group history 29-5
support for 1-12
root guard
described 18-4
enabling 18-10
support for 1-6
root switch
MSTP 17-17
STP 16-15
route calculation timers, OSPF 34-31
route dampening, BGP 34-61
routed packets, ACLs on 33-40
routed ports
configuring 34-3
defined 11-5
route-map command 34-106
route maps
BGP 34-52
policy-based routing 34-104
router ACLs
defined 33-2
types of 33-4
route reflectors, BGP 34-60
router ID, OSPF 34-33
route selection, BGP 34-50
route summarization, OSPF 34-31
route targets, VPN 34-85
routing
default 34-2
dynamic 34-3
IPv6 traffic 38-2
redistribution of information 34-101
static 34-2
routing domain confederation, BGP 34-59
Routing Information Protocol
routing protocol administrative distances 34-99
RSPAN
characteristics 28-7
configuration guidelines 28-16
default configuration 28-9
defined 28-2
destination ports 28-6
displaying status 28-22
interaction with other features 28-8
monitored ports 28-5
monitoring ports 28-6
received traffic 28-4
session limits 28-10
sessions
creating 28-17
defined 28-3
limiting source traffic to specific VLANs 28-21
specifying monitored ports 28-17
with ingress traffic enabled 28-20
source ports 28-5
transmitted traffic 28-5
VLAN-based 28-6
RSPAN VLANs, and UNI VLANs 13-13
RSTP
active topology 17-9
BPDU
format 17-12
processing 17-13
designated port, defined 17-9
designated switch, defined 17-9
interoperability with 802.1D
described 17-8
restarting migration process 17-26
topology changes 17-13
overview 17-8
port roles
described 17-9
synchronized 17-11
proposal-agreement handshake process 17-10
rapid convergence
described 17-10
edge ports and Port Fast 17-10
point-to-point links 17-10, 17-25
root ports 17-10
root port, defined 17-9
running configuration
running configuration, saving 3-15
S
scheduled reloads 3-22
scheduling, IP SLAs operations 42-5
scheduling, QoS 36-26
SCP
and SSH 8-42
configuring 8-42
SDM
described 7-1
templates
configuring 7-4
number of 7-1
SDM template
configuration guidelines 7-4
configuring 7-3
default 7-1
dual IPv4 and IPv6 7-2
layer 2 7-1
types of 7-1
secondary edge port, REP 19-4
secondary VLANs 14-2
secure MAC addresses
deleting 24-14
maximum number of 24-9
types of 24-8
secure ports, configuring 24-8
secure remote connections 8-38
security, port 24-8
security features 1-7
sequence numbers in log messages 30-8
service-policy command
attaching policy maps 36-4
guidelines 36-66
using 36-44
service-provider network, MSTP and RSTP 17-1
service-provider networks
and customer VLANs 15-2
and IEEE 802.1Q tunneling 15-2
Layer 2 protocols across 15-20
Layer 2 protocol tunneling for EtherChannels 15-22
set command
for QoS marking 36-21
guidelines 36-58
set-request operation 31-4
severity levels, defining in system messages 30-8
SFPs
monitoring status of 1-12, 11-30, 48-9
security and identification 48-8
status, displaying 1-12
shape average command, QoS 36-26, 36-27, 36-69
shaped round robin
show access-lists hw-summary command 33-21
show and more command output, filtering 2-8
show cdp traffic command 25-5
show configuration command 11-24
show forward command 48-19
show interfaces command 11-20, 11-24
show interfaces switchport 20-4
show l2protocol command 15-26, 15-27, 15-28
show lldp traffic command 26-8
show platform forward command 48-19
show running-config command
displaying ACLs 33-19, 33-20, 33-32, 33-34
interface description in 11-24
shutdown command on interfaces 11-31
shutdown threshold for Layer 2 protocol packets 15-23
Simple Network Management Protocol
single session ID 9-10
SMNP traps, and CFM 44-5
SNAP 25-1
SNMP
accessing MIB variables with 31-4
agent
described 31-4
disabling 31-8
and IP SLAs 42-2
authentication level 31-11
community strings
configuring 31-8
overview 31-4
configuration examples 31-21
default configuration 31-7
engine ID 31-7
host 31-7
ifIndex values 31-5
in-band management 1-4
informs
and trap keyword 31-12
described 31-5
differences from traps 31-5
disabling 31-16
enabling 31-16
limiting access by TFTP servers 31-17
limiting system log messages to NMS 30-10
notifications 31-5
security levels 31-3
setting CPU threshold notification 31-16
status, displaying 31-23
system contact and location 31-17
trap manager, configuring 31-14
traps
differences from informs 31-5
disabling 31-16
enabling 31-12
enabling MAC address notification 5-22, 5-24, 5-25
types of 31-13
versions supported 31-2
SNMP and Syslog Over IPv6 38-7
SNMP traps
REP 19-13
SNMPv1 31-2
SNMPv2C 31-2
SNMPv3 31-3
snooping, IGMP 23-1
software images
location in flash A-23
recovery procedures 48-2
scheduling reloads 3-23
tar file format, described A-24
See also downloading and uploading
source addresses
in IPv6 ACLs 40-5
source addresses, in IPv4 ACLs 33-11
source-and-destination-IP address based forwarding, EtherChannel 37-8
source-and-destination MAC address forwarding, EtherChannel 37-8
source-IP address based forwarding, EtherChannel 37-8
source-MAC address forwarding, EtherChannel 37-7
Source-specific multicast
SPAN
configuration guidelines 28-10
default configuration 28-9
destination ports 28-6
displaying status 28-22
interaction with other features 28-8
monitored ports 28-5
monitoring ports 28-6
ports, restrictions 24-11
received traffic 28-4
session limits 28-10
sessions
configuring ingress forwarding 28-14, 28-21
creating 28-11
defined 28-3
limiting source traffic to specific VLANs 28-15
removing destination (monitoring) ports 28-12
specifying monitored ports 28-11
with ingress traffic enabled 28-13
source ports 28-5
traffic 28-4
transmitted traffic 28-5
VLAN-based 28-6
spanning tree and native VLANs 13-16
Spanning Tree Protocol
speed, configuring on interfaces 11-18
SRR, support for 1-9
SSH
configuring 8-39
cryptographic software image 8-38
encryption methods 8-38
user authentication methods, supported 8-38
SSM
address management restrictions 46-16
CGMP limitations 46-16
components 46-14
configuration guidelines 46-16
differs from Internet standard multicast 46-14
IGMP snooping 46-16
IGMPv3 46-14
IGMPv3 Host Signalling 46-15
IP address range 46-15
monitoring 46-17
operations 46-15
PIM 46-14
state maintenance limitations 46-16
SSM mapping
configuration guidelines 46-17
defined 46-17
monitoring 46-22
overview 46-18
restrictions 46-18
static traffic forwarding 46-21
standby ip command 41-6
standby links 20-2
standby router 41-2
standby timers, HSRP 41-10
startup configuration
booting
manually 3-20
specific image 3-20
clearing A-19
configuration file
automatically downloading 3-19
specifying the filename 3-19
default boot configuration 3-19
static access ports
assigning to VLAN 13-11
static addresses
static IP routing 1-11
static MAC addressing 1-8
static route primary interface, configuring 43-10
static routes
understanding 38-7
static routes, configuring 34-98
static routing 34-2
static SSM mapping 46-18, 46-20
static traffic forwarding 46-21
static VLAN membership 13-2
statistics
802.1x 9-26
CDP 25-5
interface 11-29
IP multicast routing 46-46
LLDP 26-8
LLDP-MED 26-8
OSPF 34-34
RMON group Ethernet 29-5
RMON group history 29-5
SNMP input and output 31-23
sticky learning 24-9
storm control
configuring 24-3
described 24-1
disabling 24-5
displaying 24-18
support for 1-2
thresholds 24-1
STP
and REP 19-6
BPDU filtering
described 18-3
disabling 18-9
enabling 18-8
BPDU guard
described 18-3
disabling 18-8
enabling 18-7
BPDU message exchange 16-3
configuration guidelines 16-12, 18-6
configuring
forward-delay time 16-22
hello time 16-21
maximum aging time 16-22
path cost 16-19
port priority 16-17
root switch 16-15
secondary root switch 16-17
spanning-tree mode 16-14
switch priority 16-20
counters, clearing 16-23
default configuration 16-11
default optional feature configuration 18-5
designated port, defined 16-4
designated switch, defined 16-4
disabling 16-15
displaying status 16-23
EtherChannel guard
described 18-3
disabling 18-10
enabling 18-9
extended system ID
effects on root switch 16-15
effects on the secondary root switch 16-17
overview 16-4
unexpected behavior 16-16
features supported 1-5
IEEE 802.1D and bridge ID 16-4
IEEE 802.1D and multicast addresses 16-9
IEEE 802.1t and VLAN identifier 16-4
inferior BPDU 16-3
instances supported 16-10
interface state, blocking to forwarding 18-2
interface states
blocking 16-6
disabled 16-7
learning 16-7
listening 16-6
overview 16-4
interoperability and compatibility among modes 16-10
keepalive messages 16-3
Layer 2 protocol tunneling 15-20
limitations with 802.1Q trunks 16-11
load sharing
overview 13-19
using path costs 13-21
using port priorities 13-20
loop guard
described 18-5
enabling 18-10
modes supported 16-9
multicast addresses, effect of 16-9
optional features supported 1-6
overview 16-2
Port Fast
described 18-2
enabling 18-6
port priorities 13-20
preventing root switch selection 18-4
protocols supported 16-9
redundant connectivity 16-8
root guard
described 18-4
enabling 18-10
root port, defined 16-3
root switch
configuring 16-15
effects of extended system ID 16-4, 16-15
election 16-3
unexpected behavior 16-16
status, displaying 16-23
superior BPDU 16-3
timers, described 16-21
stratum, NTP 5-2
strict priority queuing 36-71
configuration guidelines 36-71
configuring 36-72
defined 36-30
QoS 36-30
stub areas, OSPF 34-30
stub routing, EIGRP 34-40
subdomains, private VLAN 14-1
subnet mask 34-5
subnet zero 34-5
success response, VMPS 13-24
summer time 5-13
S-UNI isolated ports 15-18
S-UNIs 15-13
SunNet Manager 1-3
supernet 34-6
SVIs
and IP unicast routing 34-3
and router ACLs 33-4
connecting VLANs 11-7
defined 11-5
routing between VLANs 13-2
S-VLAN 15-7
S-VLAN and C-VLAN in parent policy maps 36-80
switch 38-2
switch console port 1-4
Switch Database Management
switched packets, ACLs on 33-39
Switched Port Analyzer
switched ports 11-3
switchport backup interface 20-4, 20-5
switchport block multicast command 24-7
switchport block unicast command 24-7
switchport command 11-15
switchport mode dot1q-tunnel command 15-7
switchport protected command 24-6
switch priority
MSTP 17-22
STP 16-20
switch software features 1-1
switch virtual interface
synchronization, BGP 34-46
syslog
system clock
configuring
daylight saving time 5-13
manually 5-11
summer time 5-13
time zones 5-12
displaying the time and date 5-12
overview 5-2
system message logging
default configuration 30-3
defining error message severity levels 30-8
disabling 30-4
displaying the configuration 30-13
enabling 30-4
facility keywords, described 30-13
level keywords, described 30-9
limiting messages 30-10
message format 30-2
overview 30-1
sequence numbers, enabling and disabling 30-8
setting the display destination device 30-5
synchronizing log messages 30-6
syslog facility 1-12
time stamps, enabling and disabling 30-7
UNIX syslog servers
configuring the daemon 30-12
configuring the logging facility 30-12
facilities supported 30-13
system MTU
and IEEE 802.1Q tunneling 15-5
and IS-IS LSPs 34-68
system name
default configuration 5-15
default setting 5-15
manual configuration 5-15
system prompt, default setting 5-15
system resources, optimizing 7-1
system routing
IS-IS 34-63
ISO IGRP 34-63
System-to-Intermediate System Protocol
T
table maps
default actions 36-15
described 36-15
for QoS marking 36-21
QoS
configuration guidelines 36-43
configuring QoS table maps 36-43
supported table maps 36-15, 36-43
QoS, configuring 36-43
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-17
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-8
tracking services accessed by user 8-17
tagged packets
IEEE 802.1Q 15-4
Layer 2 protocol 15-20
tar files
creating A-6
displaying the contents of A-6
extracting A-7
image file format A-24
TCL script, registering and defining with embedded event manager 32-7
TDR 1-12
Telnet
accessing management interfaces 2-9
number of connections 1-4
setting a password 8-6
templates
Ethernet OAM 44-40
SDM 7-2
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 8-6
terminal loopback
defined 44-44
TFTP
configuration files
downloading A-11
preparing the server A-10
uploading A-11
configuration files in base directory 3-7
configuring for autoconfiguration 3-7
image files
deleting A-27
downloading A-26
preparing the server A-25
uploading A-27
limiting access by servers 31-17
TFTP server 1-3
threshold, traffic level 24-2
threshold monitoring, IP SLAs 42-6
time
Time Domain Reflector
time-range command 33-16
time ranges in ACLs 33-16
time stamps in log messages 30-7
time-to-live 34-15
time zones 5-12
TLVs
defined 26-1
LLDP 26-2
LLDP-MED 26-2
traceroute, Layer 2
and ARP 48-14
and CDP 48-13
broadcast traffic 48-13
described 48-13
IP addresses and subnets 48-14
MAC addresses and VLANs 48-13
multicast traffic 48-13
multiple devices on a port 48-14
unicast traffic 48-13
usage guidelines 48-13
traceroute command 48-15
tracked lists
configuring 43-3
types 43-3
tracked objects
by Boolean expression 43-4
by threshold percentage 43-6
by threshold weight 43-5
tracking interface line-protocol state 43-2
tracking IP routing state 43-2
tracking objects 43-1
tracking process 43-1
track state, tracking IP SLAs 43-9
traffic
blocking flooded 24-7
fragmented 33-5
fragmented IPv6 40-2
unfragmented 33-5
traffic class, defined 36-3
traffic classification, typical values 36-10
traffic marking 36-21
traffic policies, elements in 36-3
traffic shaping
for QoS scheduling 36-26
QoS traffic control 36-26
traffic suppression 24-1
trap-door mechanism 3-2
traps
configuring MAC address notification 5-22, 5-24, 5-25
configuring managers 31-12
defined 31-4
enabling 5-22, 5-24, 5-25, 31-12
notification types 31-13
troubleshooting 45-18
connectivity problems 48-9, 48-13, 48-14
detecting unidirectional links 27-1
displaying crash information 48-21
PIMv1 and PIMv2 interoperability problems 46-33
setting packet forwarding 48-19
SFP security and identification 48-8
show forward command 48-19
with CiscoWorks 31-4
with debug commands 48-17
with ping 48-10
with system message logging 30-1
with traceroute 48-14
trunk failover
trunking encapsulation 1-7
trunk ports
configuring 13-17
trunks
allowed-VLAN list 13-18
load sharing
setting STP path costs 13-21
using STP port priorities 13-20
native VLAN for untagged traffic 13-19
parallel 13-21
tunneling
802.1Q and QoS 36-78
defined 15-1
IEEE 802.1Q 15-2
Layer 2 protocol 15-20
tunnel ports
defined 13-5
IEEE 802.1Q, configuring 15-6
incompatibilities with other features 15-6
twisted-pair Ethernet, detecting unidirectional links 27-1
two-way ETH-DM 45-3
U
UDLD
configuration guidelines 27-4
default configuration 27-4
disabling
globally 27-5
on fiber-optic interfaces 27-5
per interface 27-5
echoing detection mechanism 27-2
enabling
globally 27-5
per interface 27-5
Layer 2 protocol tunneling 15-22
link-detection mechanism 27-1
neighbor database 27-2
overview 27-1
resetting an interface 27-6
status, displaying 27-6
support for 1-5
UDP
datagrams 34-15
forwarding 34-14
UDP, configuring 34-14
UDP jitter, configuring 42-9
UDP jitter operation, IP SLAs 42-8
unauthorized ports with 802.1x 9-4
unconditional priority policing
configuration guidelines 36-73
priority with police 36-30
UN-ENI VLANs
defined 13-5
UNI
configuring 11-17
described 11-2
protocol control packets on 35-1
unicast MAC address filtering
and adding static addresses 5-29
and broadcast MAC addresses 5-28
and CPU packets 5-28
and multicast addresses 5-28
and router MAC addresses 5-28
configuration guidelines 5-28
described 5-28
unicast storm 24-1
unicast storm control command 24-4
unicast traffic, blocking 24-7
UNI community VLAN 13-6
UniDirectional Link Detection protocol
UNI isolated VLAN 13-6
UNIs, remote (CFM) 44-48
UNI VLANs
and private VLANs 13-13
and RSPAN VLANs 13-13
configuration guidelines 13-12
configuring 13-13
UNIX syslog servers
daemon configuration 30-12
facilities supported 30-13
message logging configuration 30-12
upgrading software images
upgrading with CNS 4-14
uploading
configuration files
reasons for A-8
using FTP A-14
using RCP A-18
using TFTP A-11
image files
reasons for A-23
using FTP A-31
using RCP A-35
using TFTP A-27
usage guidelines
Layer 2 traceroute 48-13
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 8-6
user network interface
V
VACLs
logging
configuration example 33-38
verifying frame delay 45-13
Virtual Private Network
vlan.dat file 13-3
VLAN 1
disabling on a trunk port 13-18
minimization 13-18
VLAN ACLs
vlan-assignment response, VMPS 13-24
VLAN blocking, REP 19-12
VLAN configuration mode 2-2
VLAN database
VLAN configuration saved in 13-10
VLANs saved in 13-3
vlan dot1q tag native command 15-5
VLAN filtering and SPAN 28-6
vlan global configuration command 13-7, 13-9
VLAN ID
discovering 5-31
service provider 15-8
VLAN ID translation
VLAN load balancing
configuration guidelines on flex links 20-8
on flex links 20-2
REP 19-4
triggering 19-5
VLAN loopback
defined 44-44
VLAN Management Policy Server
VLAN map entries, order of 33-30
VLAN mapping
1-to-1 15-8
1-to-1, configuring 15-10
configuration guidelines 15-9
configuring 15-10
configuring on a trunk port 15-10
default 15-9
described 15-7
selective QinQ 15-8
selective Q-in-Q, configuring 15-12
traditional QinQ 15-8
traditional Q-in-Q, configuring 15-11
types of 15-8
VLAN maps
applying 33-34
common uses for 33-34
configuration guidelines 33-30
configuring 33-30
creating 33-31
denying access to a server example 33-35
denying and permitting packets 33-32
displaying 33-42
examples of ACLs and VLAN maps 33-32
removing 33-34
support for 1-8
wiring closet configuration example 33-35
with router ACLs 33-41
VLAN membership
confirming 13-27
modes 13-5
VLAN Query Protocol
VLANs
adding 13-9
aging dynamic addresses 16-9
allowed on trunk 13-18
and spanning-tree instances 13-3, 13-9
configuration guidelines 13-8
configuration guidelines, normal-range VLANs 13-8
configuring 13-1
connecting through SVIs 11-7
customer numbering in service-provider networks 15-3
default configuration 13-7
displaying 13-14
extended-range 13-1
features 1-6
illustrated 13-2
internal 13-9
limiting source traffic with RSPAN 28-21
limiting source traffic with SPAN 28-15
modifying 13-9
multicast 23-15
native, configuring 13-19
number supported 1-6
parameters 13-3
port membership modes 13-4
static-access ports 13-11
STP and 802.1Q trunks 16-11
supported 13-3
traffic between 13-2
UNI 13-5
UNI community 13-6
UNI isolated 13-6
VLAN trunks 13-15
VMPS
administering 13-28
configuration example 13-28
configuration guidelines 13-25
default configuration 13-25
description 13-23
dynamic port membership
described 13-24
reconfirming 13-27
troubleshooting 13-28
mapping MAC addresses to VLANs 13-23
monitoring 13-28
reconfirmation interval, changing 13-27
reconfirming membership 13-27
retry count, changing 13-27
VPN
configuring routing in 34-91
forwarding 34-85
in service provider networks 34-83
VPN routing and forwarding table
VRF
defining 34-85
VRF-aware services
ARP 34-88
configuring 34-87
ftp 34-90
HSRP 34-89
ping 34-88
RADIUS 34-90
SNMP 34-88
syslog