Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
Y -
Index
ACLs
applying IPv6 ACLs to a Layer 3 interface 43-16, 43-17
Numerics
10/100 autonegotiation feature, forced 7-13
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 7-7
10-Gigabit Ethernet port
deploy with Gigabit Ethernet SFP ports 7-7
1400 W DC Power supply
special considerations 11-17
1400 W DC SP Triple Input power supply
special considerations 11-18
802.10 SAID (default) 13-5
802.1Q
trunks 17-6
tunneling
compatibility with other features 23-5
defaults 23-3
described 23-2
tunnel ports with other features 23-6
802.1Q VLANs
encapsulation 15-3
trunk restrictions 15-5
802.1s
See MST
802.1w
See MST
802.1X
See port-based authentication
802.1X authentication
for Critical Authentication 37-13
for guest VLANs 37-10
for MAC Authentication Bypass 37-11
for Wake-on-LAN 37-14
web-based authentication 37-13
with port security 37-17
with VLAN assignment 37-9
with voice VLAN ports 37-20
802.1X Host Mode 37-6
multiauthentication mode 37-8
multidomain authentication mode 37-7
single-host 37-7
802.3ad
See LACP
A
AAA 40-1
AAA (authentication, authorization, and accounting). See also port-based authentication. 38-1
abbreviating commands 2-5
access control entries
See ACEs
access control entries and lists 40-1
access-group mode, configuring on Layer 2 interface 43-31
access-group mode, using PACL with 43-30
access list filtering, SPAN enhancement 50-13
access ports
configure port security 39-7, 39-22
configuring 15-8
access VLANs 15-6
accounting
with TACACS+ 3-16, 3-21
ACEs
ACLs 43-2
IP 43-2
Layer 4 operation restrictions 43-9
ACEs and ACLs 40-1
ACL assignments, port-based authentication 37-18
ACL assignments and redirect URLs, configure 37-33
ACLs
ACEs 43-2
and SPAN 50-5
and TCAM programming for Sup II-Plus thru V-10GE 43-6
applying on routed packets 43-27
applying on switched packets 43-26
compatibility on the same switch 43-3
configuring with VLAN maps 43-25
CPU impact 43-11
downloadable 38-7
hardware and software support 43-5
IP, matching criteria for port ACLs 43-4
MAC extended 43-13
matching criteria for router ACLs 43-3
port
and voice VLAN 43-4
defined 43-3
limitations 43-5
processing 43-11
selecting mode of capturing control packets 43-7
troubleshooting high CPU 43-6
types supported 43-3
understanding 43-2
VLAN maps 43-5
ACLs and VLAN maps, examples 43-20
acronyms, list of A-1
action drivers, marking 34-20
active queue management 34-9
active queue management via DBL, QoS on Sup 6-E 34-33
active traffic monitoring, IP SLAs 48-1
adding members to a community 12-8
addresses
displaying the MAC address table 4-32
dynamic
changing the aging time 4-23
defined 4-21
learning 4-21
removing 4-24
IPv6 44-2
MAC, discovering 4-32
See MAC addresses
static
adding and removing 4-29
defined 4-21
address resolution 4-32
adjacency tables
description 28-2
displaying statistics 28-9
advertisements
LLDP 1-4, 24-2
advertisements, VTP
See VTP advertisements
aggregation switch, enabling DHCP snooping 41-9
aging time
MAC address table 4-23
All Auth manager sessions, displaying summary 37-69
All Auth manager sessions on the switch authorized for a specified authentication method 37-69
applying IPv6 ACLs to a Layer 3 interface 43-16, 43-17
AQM via DBL, QoS on Sup 6-E 34-33
ARP
defined 4-32
table
address resolution 4-32
managing 4-32
asymmetrical links, and 802.1Q tunneling 23-3
authentication
NTP associations 4-4
See also port-based authentication
TACACS+
defined 3-16
key 3-18
login 3-19
Authentication, Authorization, and Accounting (AAA) 40-1
Authentication Failed VLAN assignment
configure with 802.1X 37-54
Authentication methods registered with the Auth manager, determining 37-69
authentication open comand 37-8
authentication proxy web pages 38-4
authentication server
defined 37-3
RADIUS server 37-3
Auth manager session for an interface, verifying 37-70
Auth manager summary, displaying 37-69
authoritative time source, described 4-2
authorization
with TACACS+ 3-16, 3-21
authorized and unauthorized ports 37-4
authorized ports with 802.1X 37-4
autoconfiguration 3-2
automatic discovery
considerations 12-7
Auto-MDIX on a port
configuring 7-23
displaying the configuration 7-24
overview 7-22
autonegotiation feature
forced 10/100Mbps 7-13
auto-sync command 5-8
B
Baby Giants
interacting with 7-21
BackboneFast
adding a switch (figure) 18-4
and MST 17-23
configuring 18-16
link failure (figure) 18-14, 18-15
not supported MST 17-23
understanding 18-14
See also STP
banners
configuring
login 4-20
message-of-the-day login 4-18
default configuration 4-18
when displayed 4-17
b command 56-3
BGP 1-11
routing session with multi-VRF CE 32-11
blocking packets 45-1
blocking state (STP)
RSTP comparisons (table) 17-24
boot bootldr command 3-31
boot command 3-28
boot commands 56-3
boot fields
See configuration register boot fields
boot system command 3-26, 3-31
boot system flash command 3-28
Border Gateway Protocol
See BGP
boundary ports
description 17-27
BPDU Guard
and MST 17-23
configuring 18-16
overview 18-8
BPDUs
and media speed 17-2
pseudobridges and 17-25
what they contain 17-3
bridge ID
See STP bridge ID
bridge priority (STP) 17-16
bridge protocol data units
See BPDUs
Broadcast Storm Control
disabling 49-5
enabling 49-3
C
Call Home
description 1-16, 54-1
message format options 54-2
messages
format options 54-2
call home 54-1
alert groups 54-6
configuring e-mail options 54-9
contact information 54-4
default settings 54-19
destination profiles 54-5
displaying information 54-14
mail-server priority 54-10
pattern matching 54-9
periodic notification 54-8
rate limit messages 54-9
severity threshold 54-8
smart call home feature 54-2
SMTP server 54-9
testing communications 54-11
call home alert groups
configuring 54-6
description 54-6
subscribing 54-7
call home contacts
assigning information 54-4
call home destination profiles
attributes 54-5
configuring 54-5
description 54-5
displaying 54-17
call home notifications
full-txt format for syslog 54-26
XML format for syslog 54-35
candidates
automatic discovery 12-7
candidate switch, cluster
defined 12-12
requirements 12-12
Capturing control packets
selecting mode 43-7
cautions
Unicast RPF
BGP optional attributes 29-5
cautions for passwords
encrypting 3-22
CDP
automatic discovery in communities 12-7
configuration 20-2
defined with LLDP 24-1
displaying configuration 20-3
enabling on interfaces 20-3
host presence detection 37-8
maintaining 20-3
monitoring 20-3
overview 1-2, 20-1
cdp enable command 20-3
CEF
adjacency tables 28-2
and NSF with SSO 9-4
configuring load balancing 28-7
displaying statistics 28-8
enabling 28-6, 55-2
hardware switching 28-4
load balancing 28-6
overview 28-2
software switching 28-4
certificate authority (CA) 54-3
CFM
clearing 46-30
configuration guidelines 46-7, 47-4
configuring crosscheck for VLANs 46-10
configuring fault alarms 46-15
configuring port MEP 46-13
configuring static remote MEP 46-12, 46-13, 46-15, 46-17
crosscheck 46-5
defined 46-1
EtherChannel support 46-7, 47-4
fault alarms
configuring 46-15
IP SLAs support for 46-5
IP SLAs with endpoint discovers 46-20
maintenance domain 46-2
manually configuring IP SLAs ping or jitter 46-18
measuring network performance 46-5
monitoring 46-31, 46-32
port MEP, configuring 46-13
remote MEPs 46-5
static RMEP, configuring 46-12, 46-13, 46-15, 46-17
static RMEP check 46-5
Y.1731
described 46-26
CGMP
overview 21-1
channel-group group command 19-8, 19-10
Cisco 7600 series Internet router
enabling SNMP 57-4, 57-5
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS IP SLAs 48-2
Cisco IOS NSF-aware
support 9-2
Cisco IOS NSF-capable support 9-2
Cisco IP Phones
configuring 35-3
sound quality 35-1
CiscoWorks 2000 52-4
CIST
description 17-22
civic location 24-3
class level, configure in a service policy 34-30
class of service
See CoS
clear cdp counters command 20-4
clear cdp table command 20-3
clear counters command 7-26
clearing
Ethernet CFM 46-30
IP multicast table entries 30-26
clear ip eigrp neighbors command 27-18
CLI
accessing 2-2
backing out one level 2-5
getting commands 2-5
history substitution 2-4
managing clusters 12-12
modes 2-5
monitoring environments 50-1
ROM monitor 2-7
software basics 2-4
clients
in 802.1X authentication 37-3
clock
See system clock
clustering switches
command switch characteristics 12-11, 12-12
and VTY 12-11
convert to a community 12-9
managing
through CLI 12-12
overview 12-11
planning considerations
CLI 12-12
passwords 12-8
command-line processing 2-3
command modes 2-5
commands
b 56-3
boot 56-3
dev 56-3
dir device 56-3
i 56-3
listing 2-5
reset 56-3
ROM monitor56-2to ??
SNMP 57-4
command switch, cluster
requirements 12-11
common and internal spanning tree
See CIST
common spanning tree
See CST
community of switches
access modes in Network Assistant 12-8
adding devices 12-8
candidate characterisitcs 12-6
communication protocols 12-8
community name 12-7
configuration information 12-8
converting from a cluster 12-9
host name 12-7
passwords 12-8
community ports 36-3
community strings
configuring 52-7
overview 52-4
community VLANs 36-2, 36-3
and SPAN features 36-13
configure as a PVLAN 36-15
compiling MIBs 57-4
config-register command 3-29
config terminal command 3-9
configurable leave timer,IGMP 21-4
configuration examples
SNMP 52-16
configuration files
limiting TFTP server access 52-15
obtaining with DHCP 3-6
saving 3-10
system contact and location information 52-15
configuration guidelines
CFM 46-7, 47-4
SNMP 52-6
configuration register
boot fields
listing value 3-29
modifying 3-28
changing from ROM monitor 56-3
changing settings3-28to 3-29
configuring 3-26
settings at startup 3-27
configure class-level queue-limit in a service policy 34-30
configure terminal command 3-29, 7-2
configuring access-group mode on Layer 2 interface 43-31
configuring flow control 7-15
configuring interface link and trunk status envents 7-27
configuring named IPv6 ACLs 43-15
configuring named MAC extended ACLs 43-13, 43-14
configuring unicast MAC address filtering 43-13
configuring VLAN maps 43-18
Connectivity Fault Management
See CFM
console configuration mode 2-5
console port
disconnecting user sessions 8-7
monitoring user sessions 8-6
contact information
assigning for call home 54-4
control plane policing
See CoPP
control protocol, IP SLAs 48-4
CoPP
applying QoS service policy to control plane 40-3
configuring
ACLs to match traffic 40-3
enabling MLS QoS 40-3
packet classification criteria 40-3
service-policy map 40-3
control plane configuration mode
entering 40-3
displaying
dynamic information 40-7
number of conforming bytes and packets 40-7
rate information 40-7
entering control plane configuration mode 40-3
monitoring statistics 40-7
overview 40-2
copy running-config startup-config command 3-10
copy system:running-config nvram:startup-config command 3-31
CoS
definition 34-3
figure 34-2
overriding on Cisco IP Phones 35-5
priority 35-5
counters
clearing MFIB 30-26
clearing on interfaces 7-26
CPU, impact of ACL processing 43-11
CPU port sniffing 50-10
crashinfo
kernel file 3-34
process core dump file 3-34
process file 3-33
crashinfo, configuring
commands 3-35
default 3-35
determining the process that crashed 3-39
enabling generation of process core dump 3-38
saving files to a secondary device 3-39
show commands 3-36
Critical Authentication
configure with 802.1X 37-51
crosscheck, CFM 46-5, 46-10
CST
description 17-25
IST and 17-22
MST and 17-22
customer edge devices 32-2
D
database agent
configuration examples 41-15
enabling the DHCP Snooping 41-12
daylight saving time 4-13
default configuration
802.1X 37-24
banners 4-18
DNS 4-16
IGMP filtering 21-20
IGMP snooping 22-5, 22-6
IP SLAs 48-7
IPv6 44-7
LLDP 24-3
MAC address table 4-23
multi-VRF CE 32-3
NTP 4-4
private VLANs 36-12
resetting the interface 7-29
RMON 53-3
SNMP 52-5
SPAN and RSPAN 50-6
system message logging 51-3
TACACS+ 3-18
Y.1731 46-28
default gateway
configuring 3-11
verifying configuration 3-11
default settings, erase commad 3-32
default web-based authentication configuration
802.1X 38-6
denial-of-service attacks
IP address spoofing, mitigating 29-5
Unicast RPF, deploying 29-5
denying access to a server on another VLAN 43-24
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 7-7
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 7-7
description command 7-15
detecting unidirectional links 25-1
dev command 56-3
device discovery protocol 24-1
device IDs
call home format 54-22, 54-23
DHCP
configuring
rate limit for incoming packets 41-13
denial-of-service attacks, preventing 41-13
rate limiting of packets
configuring 41-13
DHCP-based autoconfiguration
client request message exchange 3-3
configuring
client side 3-3
DNS 3-5
relay device 3-5
server-side 3-4
TFTP server 3-4
example 3-7
lease options
for IP address information 3-4
for receiving the configuration file 3-4
overview 3-2
relationship to BOOTP 3-3
DHCP option 82
overview 41-3
DHCP Snooping
enabling, and Option 82 41-10
DHCP snooping
accepting untrusted packets form edge switch 41-10
configuring 41-6
default configuration 41-7
displaying binding tables 41-18
displaying configuration 41-19
displaying information 41-18
enabling 41-7
enabling on private VLAN 41-11
enabling on the aggregation switch 41-9
enabling the database agent 41-12
message exchange process 41-4
monitoring 41-23
option 82 data insertion 41-3
overview 41-1
Snooping database agent 41-2
DHCP Snooping Database Agent
adding to the database (example) 41-18
enabling (example) 41-15
overview 41-2
reading from a TFTP file (example) 41-16
Diagnostics
online 55-1
troubleshooting 55-7
Power-On-Self-Test
causes of failure 55-18
how it works 55-9
overview 55-9
Power-On-Self-Test for Supervisor Engine V-10GE 55-12
Differentiated Services Code Point values
See DSCP values
DiffServ architecture, QoS 34-2
Digital optical monitoring transceiver support 7-11
Digital Signing 56-6
dir device command 56-3
disabled state
RSTP comparisons (table) 17-24
disabling
broadcast storm control 49-5
disabling multicast storm control 49-6
disconnect command 8-7
discovery, clusters
See automatic discovery
display dection and removal events 10-7
displaying
Auth Manager sumary for an interface 37-69
MAB details 37-71
summary of all Auth manager sessions 37-69
summary of all Auth manager sessions on the switch authorized for a specified authentication method 37-69
displaying EtherChannel to a Virtual Switch System 19-16
displaying storm control 49-6
display PoE consumed by a module 10-8
display PoE detection and removal events 10-7
DNS
and DHCP-based autoconfiguration 3-5
default configuration 4-16
displaying the configuration 4-17
overview 4-15
setting up 4-16
domain names
DNS 4-15
Domain Name System
See DNS
double-tagged packets
802.1Q tunneling 23-2
downloading MIBs 57-2, 57-3, 57-4
DSCP values
definition 34-4
IP precedence 34-2
DTP
VLAN trunks and 15-3
duplex command 7-14
duplex mode
configuring interface 7-12
dynamic ARP inspection
ARP cache poisoning 42-2
configuring
ACLs for non-DHCP environments 42-11
in DHCP environments 42-5
log buffer 42-14
rate limit for incoming ARP packets 42-16
denial-of-service attacks, preventing 42-16
interface trust state, security coverage 42-3
log buffer
configuring 42-14
logging of dropped packets 42-4
overview 42-1
port channels, their behavior 42-5
priority of static bindings 42-4
purpose of 42-2
rate limiting of ARP packets 42-4
configuring 42-16
validation checks, performing 42-19
Dynamic Host Configuration Protocol snooping
See DHCP snooping
dynamic port VLAN membership
example 13-29
limit on hosts 13-29
reconfirming 13-26
troubleshooting 13-29
Dynamic Trunking Protocol
See DTP
E
EAP frames
changing retransmission time 37-65
exchanging (figure) 37-4, 37-6, 37-12
request/identity 37-3
response/identity 37-3
setting retransmission number 37-66
EAPOL frames
802.1X authentication and 37-3
OTP authentication, example (figure) 37-4, 37-12
start 37-4
edge ports
description 17-27
EGP
overview 1-11
EIGRP
configuration examples 27-18
monitoring and maintaining 27-18
EIGRP (Enhanced IGRP)
stub routing
benefits 27-16
configuration tasks 27-17
configuring 27-13
overview 27-13
restrictions 27-17
verifying 27-17
EIGRP (enhanced IGRP)
overview 1-11
eigrp stub command 27-17
EIGRP stub routing, configuring 27-12
ELIN location 24-3
e-mail addresses
assigning for call home 54-4
e-mail notifications
Call Home 1-16, 54-1
Embedded CiscoView
displaying information 4-35
installing and configuring 4-33
overview 4-33
emergency alarms on Sup Engine 6-E systems 11-3
enable command 3-9, 3-28
enable mode 2-5
enabling SNMP 57-4, 57-5
encapsulation types 15-3
Enhanced Interior Gateway Routing Protocol
See EIGRP
Enhanced PoE support on E-series 10-15
Enhanced PoE support on E-series,configuring Universal PoE 10-16
environmental monitoring
using CLI commands 11-1
EPM logging 37-72
errdisable recovery
configuring 10-14
EtherChannel
channel-group group command 19-8, 19-10
configuration guidelines 19-5
configuring19-6to 19-15
configuring Layer 2 19-10
configuring Layer 3 19-6
displaying to a virtual switch system 19-16
interface port-channel command 19-7
lacp system-priority
command example 19-13
modes 19-3
overview 19-1
PAgP
Understanding 19-3
physical interface configuration 19-7
port-channel interfaces 19-2
port-channel load-balance command 19-14
removing 19-15
removing interfaces 19-15
EtherChannel guard
disabling 18-7
enabling 18-6
overview 18-6
Ethernet Remote Defect Indication (ETH-RDI) 46-27
explicit host tracking
enabling 21-11
extended range VLANs
See VLANs
Extensible Authentication Protocol over LAN 37-2
Exterior Gateway Protocol
See EGP
F
Fallback Authentication
configure with 802.1X 37-58
FastDrop
overview 30-10
FIB
description 28-2
See also MFIB
Filter-ID ACL and Per-User ACL, configureport-based authentication
configure Per-User ACL and Filter-ID ACL 37-39
filtering
in a VLAN 43-18
non-IP traffic 43-13, 43-14
flags 30-11
Flash memory
configuring router to boot from 3-31
loading system images from 3-30
security precautions 3-31
Flexible NetFlow
defined 1-2, 33-1
items to consider 33-1
flooded traffic, blocking 45-2
flowchart, traffic marking procedure 34-20
flow control, configuring 7-15
FNF and supported fields, available options 33-4
For 10-13
forward-delay time (STP)
configuring 17-18
forwarding information base
See FIB
G
gateway
See default gateway
get-bulk-request operation 52-3
get-next-request operation 52-3, 52-4
get-request operation 52-3, 52-4
get-response operation 52-3
Gigabit Ethernet SFP ports
deploy with 10-Gigabit Ethernet 7-7
global configuration mode 2-5
Guest-VLANs
configure with 802.1X 37-47, 37-56
H
hardware and software ACL support 43-5
hardware switching 28-5
hello time (STP)
configuring 17-17
high CPU due to ACLs, troubleshooting 43-6
history
CLI 2-4
history table, level and number of syslog messages 51-9
hop counts
configuring MST bridges 17-28
host
limit on dynamic port 13-29
host ports
kinds of 36-4
host presence CDP message 37-8
Hot Standby Routing Protocol
See HSRP
HSRP
description 1-9
http
//www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html 48-1, 48-4
//www.cisco.com/en/US/docs/ios/fundamentals/command reference/cf_book.html 51-1, 52-1, 53-1
hw-module module num power command 11-18
I
ICMP
enabling 8-12
ping 8-8
running IP traceroute 8-9
time exceeded messages 8-9
ICMP Echo operation
configuring 48-12
IP SLAs 48-11
i command 56-3
IDS
using with SPAN and RSPAN 50-3
IEEE 802.1ag 46-1
IEEE 802.1s
See MST
IEEE 802.1w
See MST
IEEE 802.3ad
See LACP
IGMP
configurable-leave timer 21-4
description 30-3
enabling 30-13
explicit host tracking 21-4
immediate-leave processing 21-3
leave processing, enabling 22-8
overview 21-1
report suppression
disabling 22-10
IGMP filtering
configuring 21-21
default configuration 21-20
described 21-20
monitoring 21-24
IGMP groups
setting the maximum number 21-23
IGMP Immediate Leave
configuration guidelines 21-9
IGMP profile
applying 21-22
configuration mode 21-21
configuring 21-21
IGMP Snooping
configure
leave timer 21-9
configuring
Learning Methods 21-7
static connection to a multicast router 21-8
configuring host statically 21-11
enabling
Immediate-Leave processing
explicit host tracking 21-11
suppressing multicast flooding 21-12
IGMP snooping
configuration guidelines 21-5
default configuration 22-5, 22-6
enabling
globally 21-6
on a VLAN 21-6
enabling and disabling 22-6
IP multicast and 30-4
monitoring 21-14, 22-11
overview 21-1
IGMP Snooping, displaying
group 21-16
hot membership 21-15
how to 21-15
MAC address entries 21-18
multicast router interfaces 21-17
on a VLAN interface 21-18
Querier information 21-19
IGMPSnooping Querier, configuring 21-10
Immediate Leave, IGMP
enabling 22-8
immediate-leave processing
enabling 21-8
IGMP
See fast-leave processing
ingress packets, SPAN enhancement 50-12
inline power
configuring on Cisco IP phones 35-5
Intelligent Power Management 10-4
interacting with Baby Giants 7-21
interface
displaying operational status 10-6
interface command 3-9, 7-2
interface link and trunk status events
configuring 7-27
interface port-channel command 19-7
interface range command 7-5
interface range macro command 7-6
interfaces
adding descriptive name 7-15
clearing counters 7-26
configuring 7-2
configuring ranges 7-4
displaying information about 7-25
Layer 2 modes 15-4
maintaining 7-25
monitoring 7-25
naming 7-15
numbers 7-2
overview 7-2
restarting 7-26, 7-27
See also Layer 2 interfaces
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Internet Protocol version 6
See IPv6
Inter-Switch Link encapsulation
See ISL encapsulation
Intrusion Detection System
See IDS
inventory management TLV 24-2, 24-7
IP
configuring default gateway 3-11
configuring static routes 3-11
displaying statistics 28-8
IP addresses
128-bit 44-2
cluster candidate or member 12-12
cluster command switch 12-11
discovering 4-32
IPv6 44-2
ip cef command 28-6, 55-2
IP Enhanced IGRP
interfaces, displaying 27-18
ip icmp rate-limit unreachable command 8-13
ip igmp profile command 21-21
ip igmp snooping tcn flood command 21-13
ip igmp snooping tcn flood query count command 21-14
ip igmp snooping tcn query solicit command 21-14
IP information
assigned
through DHCP-based autoconfiguration 3-2
ip load-sharing per-destination command 28-7
ip local policy route-map command 31-8
ip mask-reply command 8-14
IP MTU sizes, configuring 27-8
IP MTU sizes,configuring 27-8
IP multicast
clearing table entries 30-26
configuring 30-12
default configuration 30-12
displaying PIM information 30-21
displaying the routing table information 30-22
enabling dense-mode PIM 30-14
enabling sparse-mode 30-14
features not supported 30-12
hardware forwarding 30-8
IGMP snooping and 21-5, 30-4
overview 30-1
routing protocols 30-2
software forwarding 30-8
See also Auto-RP; IGMP; PIM; RP; RPF
IP multicast routing
enabling 30-13
monitoring and maintaining 30-21
ip multicast-routing command 30-13
IP phones
configuring voice ports 35-3
See Cisco IP Phones 35-1
ip pim command 30-14
ip pim dense-mode command 30-14
ip pim sparse-dense-mode command 30-15
ip policy route-map command 31-7
ip redirects command 8-13
IP routing tables
deleting entries 30-26
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 48-1
IP SLAs
benefits 48-3
CFM endpoint discovery 46-20
Control Protocol 48-4
default configuration 48-7
definition 48-1
ICMP echo operation 48-11
manually configuring CFM ping or jitter 46-18
measuring network performance 48-3
monitoring 48-13
multioperations scheduling 48-6
operation 48-4
responder
described 48-4
enabling 48-8
response time 48-5
scheduling 48-6
SNMP support 48-3
supported metrics 48-3
threshold monitoring 48-6
UDP jitter operation 48-9
IP Source Guard
configuring 41-20
configuring on private VLANs 41-21
displaying 41-22, 41-23
overview 41-19
IP statistics
displaying 28-8
IP traceroute
executing 8-9
overview 8-9
IP unicast
displaying statistics 28-8
IP Unnumbered support
configuring on a range of Ethernet VLANs 14-6
configuring on LAN and VLAN interfaces 14-5
configuring with connected host polling 14-7
DHCP Option 82 14-3
displaying settings 14-8
format of agent remote ID suboptions 14-3
troubleshooting 14-9
with conected host polling 14-4
with DHCP server and Relay agent 14-2
ip unreachables command 8-12
IPv6
addresses 44-2
default configuration 44-7
defined 1-13, 44-1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 44-6
Router ID 44-6
OSPF 44-5
IPX
redistribution of route information with EIGRP 1-11
ISL
encapsulation 15-3
trunking with 802.1Q tunneling 23-4
isolated port 36-4
isolated VLANs 36-2, 36-3, 36-4
ISSU
compatibility matrix 6-13
compatiblity verification using Cisco Feature Navigator 6-14
NSF overview 6-3
perform the process
aborting a software upgrade 6-31
configuring the rollback timer as a safeguard 6-32
displaying a compatibility matrix 6-34
loading the new software on the new standby 6-24
stopping the rollback timer 6-23
switching to the standby 6-21
verify the ISSU state 6-17
verify the redundancy mode 6-16
verify the software installation 6-15
vload the new software on standby 6-18
prerequisites 6-2
process overview 6-6
restrictions 6-2
SNMP support 6-14
SSO overview 6-3
IST
and MST regions 17-22
description 17-22
master 17-27
ITU-T Y.1731
See Y.1731
J
jumbo frames
and ethernet ports 7-19
configuring MTU sizes for 7-20
ports and linecards that support 7-18
understanding MTUs 7-19
understanding support 7-18
VLAN interfaces 7-20
K
keyboard shortcuts 2-3
L
labels, definition 34-3
LACP
system ID 19-4
Layer 2 access ports 15-8
Layer 2 frames
classification with CoS 34-2
Layer 2 interface, configuring access-mode mode on 43-31
Layer 2 interfaces
assigning VLANs 13-7
configuring 15-5
configuring as PVLAN host ports 36-18
configuring as PVLAN promiscuous ports 36-17
configuring as PVLAN trunk ports 36-19
defaults 15-5
disabling configuration 15-9
modes 15-4
show interfaces command 15-7
Layer 2 interface type
resetting 36-23
setting 36-23
Layer 2 switching
overview 15-1
Layer 2 Traceroute
and ARP 8-11
and CDP 8-10
host-to-host paths 8-10
IP addresses and subnets 8-11
MAC addresses and VLANs 8-10
multicast traffic 8-10
multiple devices on a port 8-11
unicast traffic 1-25, 8-10
usage guidelines 8-10
Layer 2 trunks
configuring 15-6
overview 15-3
Layer 3 interface, applying IPv6 ACLs 43-16, 43-17
Layer 3 interface counters,configuring 27-10
Layer 3 interface counters,understanding 27-3
Layer 3 interfaces
changing from Layer 2 mode 32-7
configuration guidelines 27-5
overview 27-1
logical 27-2
physical 27-2
VLANs as interfaces 27-7
Layer 3 packets
classification methods 34-2
Layer 4 port operations
configuration guidelines 43-10
restrictions 43-9
Leave timer, enabling 21-9
link and trunk status events
configuring interface 7-27
Link Layer Discovery Protocol
See CDP
listening state (STP)
RSTP comparisons (table) 17-24
LLDP
configuring 24-3
characteristics 24-4
default configuration 24-3
disabling and enabling
globally 24-5
on an interface 24-6
monitoring and maintaining 24-10
overview 24-1
transmission timer and holdtime, setting 24-4
LLDP-MED
configuring
procedures 24-3
TLVs 24-7, 24-8
monitoring and maintaining 24-10
overview 24-1
supported TLVs 24-2
load balancing
configuring for CEF 28-7
configuring for EtherChannel 19-14
overview 19-5, 28-6
per-destination 28-7
location service
configuring 24-9
location TLV 24-3, 24-7
logging, EPM 37-72
Logical Layer 3 interfaces
configuring 27-6
login authentication
with TACACS+ 3-19
login banners 4-17
login timer
changing 8-6
logoutwarning command 8-6
loop guard
and MST 17-23
configuring 18-5
overview 18-3
M
MAC/PHY configuration status TLV 24-2
MAC addresses
aging time 4-23
allocating 17-5
and VLAN association 4-22
building tables 4-21, 15-2
convert dynamic to sticky secure 39-5
default configuration 4-23
discovering 4-32
displaying 4-32, 8-3
displaying in DHCP snooping binding table 41-19
dynamic
learning 4-21
removing 4-24
in ACLs 43-13
static
adding 4-30
allowing 4-31
characteristics of 4-29
dropping 4-31
removing 4-30
sticky 39-4
sticky secure, adding 39-5
MAC Authentication Bypass
configure with 802.1X 37-49
MAC details, displaying 37-71
MAC extended access lists 43-13
macros
See Smartports macros
main-cpu command 5-8
management address TLV 24-2
management options
SNMP 52-1
marking
hardware capabilities 34-22
marking action drivers 34-20
marking network traffic 34-17
marking support, multi-attribute 34-21
match ip address command 31-6
maximum aging time (STP)
configuring 17-18
MDA
configuration guidelines37-21to 37-22
described 37-21
members
automatic discovery 12-7
member switch
managing 12-12
member switch, cluster
defined 12-11
requirements 12-12
messages, to users through banners 4-17
metro tags 23-2
MFIB
CEF 30-5
overview 30-11
MFIB, IP
displaying 30-24
MIBs
compiling 57-4
downloading 57-2, 57-3, 57-4
overview 52-1
SNMP interaction with 52-4
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
MLD Snooping
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
Multicast client aging robustness 22-3
Multicast router discovery 22-3
overview 22-1
Mode of capturing control packets, selecting 43-7
modules
checking status 8-2
monitoring
802.1Q tunneling 23-7
ACL information 43-35
Ethernet CFM 46-31, 46-32
IGMP
snooping 22-11
IGMP filters 21-24
IGMP snooping 21-14
IP SLAs operations 48-13
Layer 2 protocol tunneling 23-7
multicast router interfaces 22-11
multi-VRF CE 32-16
traffic flowing among switches 53-1
tunneling 23-7
VLAN filters 43-25
VLAN maps 43-25
M-record 17-22
MST
and multiple spanning trees 1-5, 17-22
boundary ports 17-27
BPDUs 17-22
configuration parameters 17-26
configuring 17-29
displaying configurations 17-33
edge ports 17-27
enabling 17-29
hop count 17-28
instances
configuring parameters 17-32
description 17-22
number supported 17-26
interoperability with PVST+ 17-23
link type 17-28
master 17-27
message age 17-28
regions 17-26
restrictions 17-29
to-SST interoperability 17-24
MSTP
EtherChannel guard
enabling 18-6
M-record 17-22
M-tree 17-22
M-tree 17-22
MTUS
understanding 7-19
MTU size
configuring 7-20, 7-21, 7-28
default 13-5
multiauthentication mode 37-8
multicast
See IP multicast
Multicast client aging robustness 22-3
multicast Ethernet loopback (ETH-LB) 46-28
multicast Ethernet loopback, using 46-30
multicast groups
static joins 22-7
multicast packets
blocking 45-2
Multicast router discovery 22-3
multicast router interfaces, displaying 21-17
multicast router interfaces, monitoring 22-11
multicast router ports, adding 22-7
multicast routers
flood suppression 21-12
multicast router table
displaying 30-22
Multicast Storm Control
enabling 49-4
disabling 49-6
multidomain authentication
See MDA
multidomain authentication mode 37-7
multioperations scheduling, IP SLAs 48-6
Multiple Authentication
described 37-21
Multiple AuthorizationAuthentication
configuring 37-30
Multiple Domain Authentication 37-30
multiple forwarding paths 1-5, 17-22
multiple-hosts mode 37-7
Multiple Spanning Tree
See MST
multiple VPN routing/forwarding
See multi-VRF CE
multi-VRF CE
components 32-3
configuration example 32-12
default configuration 32-3
defined 32-1
displaying 32-16
monitoring 32-16
network components 32-3
packet-forwarding process 32-3
N
named IPv6 ACLs, configuring
ACLs
configuring named IPv6 ACLs 43-15
named MAC extended ACLs
ACLs
configuring named MAC extended 43-13, 43-14
native VLAN
and 802.1Q tunneling 23-4
specifying 15-6
Network Assistant
and VTY 12-11
configure
enable communication with switch 12-13, 12-17
default configuration 12-2
overview of CLI commands 12-2
network fault tolerance 1-5, 17-22
network management
configuring 20-1
RMON 53-1
SNMP 52-1
network performance, measuring with IP SLAs 48-3
network policy TLV 24-2, 24-7
Network Time Protocol
See NTP
network traffic, marking 34-17
New Software Features in Release 7.7
TDR 8-3
Next Hop Resolution Protocol
See NHRP
NHRP
support 1-12
non-IP traffic filtering 43-13, 43-14
non-RPF traffic
description 30-9
in redundant configurations (figure) 30-10
Nonstop Forwarding
See NSF
nonvolatile random-access memory
See NVRAM
normal-range VLANs
See VLANs
NSF
defined 9-1
guidelines and restrictions 9-7
operation 9-4
NSF-aware
support 9-2
NSF-capable
supervisor engines 9-2
support 9-2
NSF with SSO supervisor engine redundancy
and CEF 9-4
overview 9-3
SSO operation 9-3
NTP
associations
authenticating 4-4
defined 4-2
enabling broadcast messages 4-7
peer 4-6
server 4-6
default configuration 4-4
displaying the configuration 4-11
overview 4-2
restricting access
creating an access group 4-9
disabling NTP services per interface 4-10
source IP address, configuring 4-10
stratum 4-2
synchronizing devices 4-6
time
services 4-2
synchronizing 4-2
NVRAM
saving settings 3-10
O
OIR
overview 7-25
Online Diagnostics 55-1
online insertion and removal
See OIR
Open Shortest Path First
See OSPF
operating system images
See system images
Option 82
enabling DHCP Snooping 41-10
OSPF
area concept 1-13
description 1-12
for IPv6 44-5
P
Packet Length Map, packet length configured 33-3
packets
modifying 34-10
packet type filtering
overview 50-14
SPAN enhancement 50-14
PACL, using with access-group mode 43-30
PACL with VLAN maps and router ACLs 43-32
PAgP
understanding 19-3
passwords
configuring enable password 3-14
configuring enable secret password 3-14
encrypting 3-22
in clusters 12-8
recovering lost enable password 3-25
setting line password 3-14
PBR (policy-based routing)
configuration (example) 31-8
enabling 31-6
features 31-2
overview 31-1
route-map processing logic 31-3
route-map processing logic example 31-4
route maps 31-2
when to use 31-5
per-port and VLAN Access Control List 41-19
per-port per-VLAN QoS
enabling 34-35
overview 34-10
Per-User ACL and Filter-ID ACL, configure 37-39
Per-VLAN Rapid Spanning Tree 17-6
enabling 17-20
overview 17-6
PE to CE routing, configuring 32-11
Physical Layer 3 interfaces, configuring 27-11
PIM
configuring dense mode 30-14
configuring sparse mode 30-14
displaying information 30-21
displaying statistics 30-25
enabling sparse-dense mode 30-14, 30-15
overview 30-3
PIM-DM 30-3
PIM on an interface, enabling 30-13
PIM-SM 30-4
PIM-SSM mapping, enabling 30-16
ping
executing 8-8
overview 8-8
ping command 8-8, 30-21
PoE 10-7, 10-8
configuring power consumption, powered devices 10-5
configuring power consumption for single device 10-5, 10-16
displaying operational status for an interface 10-6
Enhanced PoE support on E-series 10-15
policing and monitoring 10-12
power consumption for powered devices
Intelligent Power Management 10-4
power management modes 10-3
PoE policing
configuring errdisable recovery 10-14
configuring on an interface 10-12
displaying on an interface 10-14
power modes 10-12
point-to-point
in 802.1X authentication (figure) 37-2
policing
how to implement 34-17
See QoS policing
policing, PoE 10-12
policy associations, QoS on Sup 6-E 34-38
policy-map command 34-15
policy map marking action, configuring 34-22
port ACLs
and voice VLAN 43-4
defined 43-3
limitations 43-5
Port Aggregation Protocol
see PAgP
port-based authentication
802.1X with voice VLAN 37-20
authentication server
defined 38-2
changing the quiet period 37-64
client, defined 37-3, 38-2
configuration guidelines 37-25, 38-6
configure ACL assignments and redirect URLs 37-33
configure switch-to-RADIUS server communication 37-28
configure with Authentication Failed VLAN assignment 37-54
configure with Critical Authentication 37-51
configure with Guest-VLANs 37-47, 37-56
configure with MAC Authentication Bypass 37-49
configure with Wake-on-LAN 37-53
configuring
Multiple Domain Authentication and Multiple Authorization 37-30
RADIUS server 38-10
RADIUS server parameters on the switch 38-9
configuring Fallback Authentication 37-58
configuring Guest-VLAN 37-28
configuring manual re-authentication of a client 37-67
controlling authorization state 37-5
default configuration 37-24, 38-6
described 37-1
device roles 37-2, 38-2
displaying statistics 37-68, 38-13
enabling 37-25
802.1X authentication 38-9
enabling multiple hosts 37-63
enabling periodic re-authentication 37-62
encapsulation 37-3
host mode 37-6
how 802.1X fails on a port 37-22
initiation and message exchange 37-3
method lists 37-25
modes 37-6
multidomain authentication 37-21
multiple-hosts mode, described 37-7
port security
multiple-hosts mode 37-7
ports not supported 37-4
pre-authentication open access 37-8
resetting to default values 37-68
setting retransmission number 37-66
setting retransmission time 37-65
switch
as proxy 38-2
topologies, supported 37-22
using with ACL assignments and redirect URLs 37-18
using with port security 37-17
with Critical Authentication 37-13
with Guest VLANs 37-10
with MAC Authentication Bypass 37-11
with VLAN assignment 37-9
port-channel interfaces
See also EtherChannel
creating 19-7
overview 19-2
port-channel load-balance
command 19-13
command example 19-13
port-channel load-balance command 19-14
port cost (STP)
configuring 17-15
port description TLV 24-2
PortFast
and MST 17-23
BPDU filter, configuring 18-10
configuring or enabling 18-16
overview 18-7
PortFast BPDU filtering
and MST 17-23
enabling 18-10
overview 18-9
port numbering with TwinGig Convertors 7-7
port priority
configuring MST instances 17-32
configuring STP 17-13
ports
blocking 45-1
checking status 8-2
dynamic VLAN membership
example 13-29
reconfirming 13-26
forwarding, resuming 45-3
See also interfaces
port security
aging 39-5
configuring 39-7
displaying 39-28
guidelines and restrictions 39-33
on access ports 39-7, 39-22
on private VLAN 39-14
host 39-14
promiscuous 39-16
topology 39-15, 39-18, 39-32
on trunk port 39-17
guidelines and restrictions 39-15, 39-18, 39-21, 39-32
port mode changes 39-22
on voice ports 39-22
sticky learning 39-5
using with 802.1X 37-17
violations 39-6
with 802.1X Authentication 39-32
with DHCP and IP Source Guard 39-31
with other features 39-33
port states
description 17-5
port VLAN ID TLV 24-2
power
inline 35-5
power dc input command 11-17
powered devices, configuring power consumption 10-5
power handling for Supervisor Engine II-TS 10-11
power inline command 10-3
power inline consumption command 10-5
power management
Catalyst 4500 series 11-5
Catalyst 4500 Switch power supplies 11-12
configuring combined mode 11-11
configuring redundant mode 11-10
overview 11-1
redundancy 11-5
power management for Catalyst 4500 Switch
combined mode 11-7
redundant mode 11-7
power management limitations in Catalyst 4500 Switch 11-8
power management mode
selecting 11-7
power management TLV 24-2, 24-7
power negotiation
through LLDP 24-8
Power-On-Self-Test diagnostics 55-9, 55-18
Power-On-Self-Test for Supervisor Engine V-10GE 55-12
power policing, displaying on an interface 10-14
power redundancy-mode command 11-10
power supplies
available power for Catalyst 4500 Switch 11-12
fixed 11-6
variable 11-6
pre-authentication open access 37-8
pre-authentication open access. See port-based authentication.
primary VLANs 36-2, 36-4
associating with secondary VLANs 36-16
configuring as a PVLAN 36-15
priority
overriding CoS of incoming frames 35-5
priority queuing, QoS on Sup 6-E 34-29
private VLAN
configure port security 39-14, 39-15
enabling DHCP Snooping 41-11
private VLANs
across multiple switches 36-5
and SVIs 36-10
benefits of 36-2
community ports 36-3
community VLANs 36-2, 36-3
default configuration 36-12
end station access to 36-3
isolated port 36-4
isolated VLANs 36-2, 36-3, 36-4
ports
community 36-3
isolated 36-4
promiscuous 36-4
primary VLANs 36-2, 36-4
promiscuous ports 36-4
secondary VLANs 36-2
subdomains 36-2
traffic in 36-9
privileged EXEC mode 2-5
privileges
changing default 3-23
configuring levels 3-23
exiting 3-24
logging in 3-24
promiscuous ports
configuring PVLAN 36-17
defined 36-4
setting mode 36-23
protocol timers 17-4
provider edge devices 32-2
pruning, VTP
See VTP pruning
pseudobridges
description 17-25
PVACL 41-19
PVID (port VLAN ID)
and 802.1X with voice VLAN ports 37-20
PVLAN promiscuous trunk port
configuring 36-11, 36-17, 36-21
PVLANs
802.1q support 36-14
across multiple switches 36-5
configuration guidelines 36-12
configure port security 39-14, 39-16, 39-18
configure port security in a wireless setting 39-32
configuring 36-11
configuring a VLAN 36-15
configuring promiscuous ports 36-17
host ports
configuring a Layer 2 interface 36-18
setting 36-23
overview 36-1
permitting routing, example 36-22
promiscuous mode
setting 36-23
setting
interface mode 36-23
Q
QoS
classification34-6to ??
definitions 34-3
enabling per-port per-VLAN 34-35
overview 34-1
overview of per-port per-VLAN 34-10
packet modification 34-10
traffic shaping 34-9
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length 34-9
QoS labels
definition 34-3
QoS marking
description 34-5
QoS on Sup 6-E
Active Queue management via DBL 34-33
active queue management via DBL 34-26, 34-33
classification 34-14
configuring 34-12
configuring the policy map marking action 34-22
hardware capabilities for marking 34-22
how to implement policing 34-17
marking action drivers 34-20
marking network traffic 34-17
MQC-based QoS configuration 34-12
multi-attribute marking support 34-21
platform hardware capabilities 34-14
platform restrictions 34-17
platform-supported classification criteria and QoS features 34-12, 34-13
policing 34-16
policy associations 34-38
prerequisites for applying a service policy 34-14
priority queuing 34-29
queue-limiting 34-30
restrictions for applying a service policy 34-14
shaping 34-24
sharing(bandwidth) 34-26
sharing(blandwidth), shapring, and priority queuing 34-24
software QoS 34-39
traffic marking procedure flowchart 34-20
QoS policing
definition 34-5
described 34-8
QoS policy
attaching to interfaces 34-9
QoS service policy
prerequisites 34-14
restrictions for applying 34-14
QoS transmit queues
burst 34-9
maximum rate 34-9
sharing link bandwidth 34-9
Quality of service
See QoS
queueing 34-9
queue-limiting, QoS on Sup 6-E 34-30
R
RADIUS server
configure to-Switch communication 37-28
configuring settings 37-30
parameters on the switch 37-28
range command 7-5
range macros
defining 7-6
ranges of interfaces
configuring 7-4
Rapid Spanning Tree
See RSTP
rcommand command 12-12
re-authentication of a client
configuring manual 37-67
enabling periodic 37-62
redirect URLs, port-based authentication 37-18
reduced MAC address 17-2
redundancy
configuring 5-7
guidelines and restrictions 5-6
changes made through SNMP 5-11
NSF-aware support 9-2
NSF-capable support 9-2
overview 5-2
redundancy command 5-8
understanding synchronization 5-5
redundancy (NSF) 9-1
configuring
BGP 9-9
CEF 9-9
EIGRP 9-12
OSPF 9-11
routing protocols 9-5
redundancy (RPR)
route processor redundancy 5-3
synchronization 5-5
redundancy (SSO)
redundancy command 9-8
route processor redundancy 5-3
synchronization 5-6
reload command 3-28, 3-29, 3-40
Remote Network Monitoring
See RMON
rendezvous point, configuring 30-16
rendezvous point, configuring single static 30-19
replication
description 30-8
report suppression, IGMP
disabling 22-10
reserved-range VLANs
See VLANs
reset command 56-3
resetting an interface to default configuration 7-29
resetting a switch to defaults 3-32
responder, IP SLAs
described 48-4
enabling 48-8
response time, measuring with IP SLAs 48-5
restricting access
NTP services 4-8
TACACS+ 3-15
retransmission number
setting in 802.1X authentication 37-66
retransmission time
changing in 802.1X authentication 37-65
RFC
1157, SNMPv1 52-2
1305, NTP 4-2
1757, RMON 53-2
1901, SNMPv2C 52-2
1902 to 1907, SNMPv2 52-2
2273-2275, SNMPv3 52-2
RIP
description 1-13
for IPv6 44-5
RMON
default configuration 53-3
displaying status 53-6
enabling alarms and events 53-3
groups supported 53-2
overview 53-1
ROM monitor
boot process and 3-26
CLI 2-7
commands56-2to ??
exiting 56-5
root bridge
configuring 17-9
selecting in MST 17-22
root guard
and MST 17-23
enabling 18-2
overview 18-2
routed packets
ACLs 43-27
route-map (IP) command 31-6
route maps
defining 31-6
PBR 31-2
router ACLs
description 43-3
using with VLAN maps 43-25
router ACLs, using PACL with VLAN maps 43-32
route targets
VPN 32-3
Routing Information Protocol
See RIP
RPF
<Emphasis>See Unicast RPF
RSPAN
configuration guidelines 50-16
destination ports 50-5
IDS 50-3
monitored ports 50-4
monitoring ports 50-5
received traffic 50-3
sessions
creating 50-17
defined 50-3
limiting source traffic to specific VLANs 50-23
monitoring VLANs 50-22
removing source (monitored) ports 50-21
specifying monitored ports 50-17
source ports 50-4
transmitted traffic 50-4
VLAN-based 50-5
RSTP
compatibility 17-23
description 17-22
port roles 17-23
port states 17-24
S
SAID
See 802.10 SAID
scheduling 34-9
scheduling, IP SLAs operations 48-6
secondary root switch 17-12
secondary VLANs 36-2
associating with primary 36-16
permitting routing 36-22
security
configuring 40-1
Security Association Identifier
See 802.10 SAID
selecting a power management mode 11-7
selecting X2/TwinGig Convertor Mode 7-8
sequence numbers in log messages 51-7
server IDs
description 54-24
service policy, configure class-level queue-limit 34-30
service-policy input command 26-2
service-provider networks
and customer VLANs 23-2
set default interface command 31-7
set interface command 31-7
set ip default next-hop command 31-7
set ip next-hop command 31-6
set-request operation 52-4
severity levels, defining in system messages 51-8
shaping, QoS on Sup 6-E 34-24
sharing(bandwidth), QoS on Sup 6-E 34-26
show adjacency command 28-9
show boot command 3-31
show catalyst4000 chassis-mac-address command 17-3
show cdp command 20-2, 20-3
show cdp entry command 20-3
show cdp interface command 20-3
show cdp neighbors command 20-4
show cdp traffic command 20-4
show ciscoview package command 4-35
show ciscoview version command 4-35
show cluster members command 12-12
show configuration command 7-15
show debugging command 20-4
show environment command 11-2
show history command 2-4
show interfaces command 7-20, 7-21, 7-26, 7-28
show interfaces status command 8-2
show ip cef command 28-8
show ip eigrp interfaces command 27-18
show ip eigrp neighbors command 27-18
show ip eigrp topology command 27-18
show ip eigrp traffic command 27-18
show ip interface command 30-21
show ip local policy command 31-8
show ip mroute command 30-21
show ip pim interface command 30-21
show lldp traffic command 24-10
show mac-address-table address command 8-3
show mac-address-table interface command 8-3
show mls entry command 28-8
show module command 8-2, 17-5
show PoE consumed 10-8
show power inline command 10-6
show power supplies command 11-10
show protocols command 7-26
show running-config command
adding description for an interface 7-15
checking your settings 3-9
displaying ACLs 43-19, 43-22, 43-29, 43-30, 43-31
show startup-config command 3-10
show users command 8-7
show version command 3-29
shutdown, command 7-27
shutting down
interfaces 7-26
Simple Network Management Protocol
See SNMP
single-host mode 37-7
single spanning tree
See SST
single static RP, configuring 30-19
slot numbers, description 7-2
smart call home 54-1
description 54-2
destination profile (note) 54-5
registration requirements 54-3
service contract requirements 54-3
Transport Gateway (TG) aggregation point 54-2
SMARTnet
smart call home registration 54-3
Smartports macros
applying global parameter values 16-8
applying macros 16-8
applying parameter values 16-8
configuration guidelines 16-6
configuring 16-2
creating 16-7
default configuration 16-3
defined 16-1
displaying 16-12
tracing 16-6
SNMP
accessing MIB variables with 52-4
agent
described 52-4
disabling 52-7
and IP SLAs 48-3
authentication level 52-10
community strings
configuring 52-7
overview 52-4
configuration examples 52-16
configuration guidelines 52-6
default configuration 52-5
enabling 57-4, 57-5
engine ID 52-6
groups 52-6, 52-9
host 52-6
informs
and trap keyword 52-11
described 52-5
differences from traps 52-5
enabling 52-15
limiting access by TFTP servers 52-15
limiting system log messages to NMS 51-9
manager functions 52-3
notifications 52-5
overview 52-1, 52-4
status, displaying 52-17
system contact and location 52-15
trap manager, configuring 52-13
traps
described 52-3, 52-5
differences from informs 52-5
enabling 52-11
enabling MAC address notification 4-24
enabling MAC move notification 4-26
enabling MAC threshold notification 4-28
overview 52-1, 52-4
types of 52-11
users 52-6, 52-9
versions supported 52-2
SNMP commands 57-4
SNMPv1 52-2
SNMPv2C 52-2
SNMPv3 52-2
software
upgrading 5-13
software configuration register 3-26
software QoS, on Sup 6-E 34-39
software switching
description 28-5
interfaces 28-6
key data structures used 30-7
source IDs
call home event format 54-23
SPAN
and ACLs 50-5
configuration guidelines 50-7
configuring50-7to 50-10
destination ports 50-5
IDS 50-3
monitored port, defined 50-4
monitoring port, defined 50-5
received traffic 50-3
sessions
defined 50-3
source ports 50-4
transmitted traffic 50-4
VLAN-based 50-5
SPAN and RSPAN
concepts and terminology 50-3
default configuration 50-6
displaying status 50-24
overview 50-2
session limits 50-6
SPAN enhancements
access list filtering 50-13
configuration example 50-15
CPU port sniffing 50-10
encapsulation configuration 50-12
ingress packets 50-12
packet type filtering 50-14
spanning-tree backbonefast command 18-16
spanning-tree cost command 17-15
spanning-tree guard root command 18-2
spanning-tree portfast bpdu-guard command 18-9
spanning-tree portfast command 18-7
spanning-tree port-priority command 17-13
spanning-tree uplinkfast command 18-13
spanning-tree vlan
command 17-9
command example 17-9
spanning-tree vlan command 17-8
spanning-tree vlan cost command 17-15
spanning-tree vlan forward-time command 17-19
spanning-tree vlan hello-time command 17-17
spanning-tree vlan max-age command 17-18
spanning-tree vlan port-priority command 17-13
spanning-tree vlan priority command 17-17
spanning-tree vlan root primary command 17-10
spanning-tree vlan root secondary command 17-12
speed
configuring interface 7-12
speed command 7-13
SSO
configuring 9-8
SSO operation 9-3
SST
description 17-22
interoperability 17-24
static addresses
See addresses
static routes
configuring 3-11
verifying 3-12
statistics
802.1X 38-13
displaying 802.1X 37-68
displaying PIM 30-25
LLDP 24-10
LLDP-MED 24-10
SNMP input and output 52-17
sticky learning
configuration file 39-5
defined 39-5
disabling 39-5
enabling 39-5
saving addresses 39-5
sticky MAC addresses
configuring 39-7
defined 39-4
Storm Control
displaying 49-6
enabling Broadcast 49-3
enabling Multicast 49-4
hardware-based, implementing 49-2
overview 49-1
software-based, implementing 49-2
STP
bridge ID 17-2
configuring17-7to 17-20
creating topology 17-4
defaults 17-6
disabling 17-19
enabling 17-7
enabling extended system ID 17-8
enabling Per-VLAN Rapid Spanning Tree 17-20
EtherChannel guard
disabling 18-7
forward-delay time 17-18
hello time 17-17
maximum aging time 17-18
overview 17-1, 17-3
per-VLAN rapid spanning tree 17-6
port cost 17-15
port priority 17-13
root bridge 17-9
stratum, NTP 4-2
stub routing (EIGRP)
benefits 27-16
configuration tasks 27-17
configuring 27-13
overview 27-12, 27-13
restrictions 27-17
verifying 27-17
subdomains, private VLAN 36-2
summer time 4-13
supervisor engine
accessing the redundant 5-14
configuring3-8to 3-13
copying files to standby 5-14
default configuration 3-1
default gateways 3-11
environmental monitoring 11-1
redundancy 9-1
ROM monitor 3-26
startup configuration 3-25
static routes 3-11
synchronizing configurations 5-11
Supervisor Engine II-TS
insufficient inline power handling 10-11
SVI Autostate Exclude
understanding 27-3
SVI Autostate exclude
configuring 27-7
switch 44-2
switched packets
and ACLs 43-26
Switched Port Analyzer
See SPAN
switchport
show interfaces 7-20, 7-21, 7-28
switchport access vlan command 15-6, 15-8
switchport block multicast command 45-2
switchport block unicast command 45-2
switchport mode access command 15-8
switchport mode dot1q-tunnel command 23-6
switchport mode dynamic command 15-6
switchport mode trunk command 15-6
switch ports
See access ports
switchport trunk allowed vlan command 15-6
switchport trunk encapsulation command 15-6
switchport trunk encapsulation dot1q command 15-3
switchport trunk encapsulation isl command 15-3
switchport trunk encapsulation negotiate command 15-3
switchport trunk native vlan command 15-6
switchport trunk pruning vlan command 15-7
switch-to-RADIUS server communication
configuring 37-28
system
reviewing configuration 3-10
settings at startup 3-27
system alarms
on Sup 2+ to V-10GE 11-4
overview 11-4
system and network statistics, displaying 30-21
system capabilities TLV 24-2
system clock
configuring
daylight saving time 4-13
manually 4-11
summer time 4-13
time zones 4-12
displaying the time and date 4-12
overview 4-2
See also NTP
system description TLV 24-2
system images
loading from Flash memory 3-30
modifying boot field 3-27
specifying 3-30
system message logging
default configuration 51-3
defining error message severity levels 51-8
disabling 51-4
displaying the configuration 51-12
enabling 51-4
facility keywords, described 51-12
level keywords, described 51-9
limiting messages 51-9
message format 51-2
overview 51-1
sequence numbers, enabling and disabling 51-7
setting the display destination device 51-5
synchronizing log messages 51-6
timestamps, enabling and disabling 51-7
UNIX syslog servers
configuring the daemon 51-10
configuring the logging facility 51-11
facilities supported 51-12
system MTU
802.1Q tunneling 23-5
maximums 23-5
system name
manual configuration 4-15
See also DNS
system name TLV 24-2
system prompt, default setting 4-14
T
TACACS+ 40-1
accounting, defined 3-16
authentication, defined 3-16
authorization, defined 3-16
configuring
accounting 3-21
authentication key 3-18
authorization 3-21
login authentication 3-19
default configuration 3-18
displaying the configuration 3-22
identifying the server 3-18
limiting the services to the user 3-21
operation of 3-17
overview 3-15
tracking services accessed by user 3-21
tagged packets
802.1Q 23-3
TCAM programming and ACLs 43-7
for Sup II-Plust thru V-10GE 43-6
TDR
checking cable connectivity 8-3
enabling and disabling test 8-3
guidelines 8-3
Telnet
accessing CLI 2-2
disconnecting user sessions 8-7
executing 8-6
monitoring user sessions 8-6
telnet command 8-6
Terminal Access Controller Access Control System Plus
See TACACS+
TFTP
configuration files in base directory 3-5
configuring for autoconfiguration 3-4
limiting access by servers 52-15
threshold monitoring, IP SLAs 48-6
time
See NTP and system clock
Time Domain Reflectometer
See TDR
time exceeded messages 8-9
timer
See login timer
timestamps in log messages 51-7
time zones 4-12
TLV
host presence detection 37-8
TLVs
defined 1-4, 24-2
LLDP-MED 24-2
Token Ring
media not supported (note) 13-5, 13-9
Topology change notification processing
MLD Snooping
Topology change notification processing 22-4
TOS
description 34-4
trace command 8-9
traceroute
See IP traceroute
See Layer 2 Traceroute
traceroute mac command 8-11
traceroute mac ip command 8-11
traffic
blocking flooded 45-2
traffic control
using ACLs (figure) 43-4
using VLAN maps (figure) 43-5
traffic marking procedure flowchart 34-20
traffic shaping 34-9
translational bridge numbers (defaults) 13-5
traps
configuring MAC address notification 4-24
configuring MAC move notification 4-26
configuring MAC threshold notification 4-28
configuring managers 52-11
defined 52-3
enabling 4-24, 4-26, 4-28, 52-11
notification types 52-11
overview 52-1, 52-4
troubleshooting
with CiscoWorks 52-4
with system message logging 51-1
with traceroute 8-9
troubleshooting high CPU due to ACLs 43-6
trunk ports
configure port security 39-17
configuring PVLAN36-19to 36-20
trunks
802.1Q restrictions 15-5
configuring 15-6
configuring access VLANs 15-6
configuring allowed VLANs 15-6
default interface configuration 15-6
different VTP domains 15-3
enabling to non-DTP device 15-4
encapsulation 15-3
specifying native VLAN 15-6
understanding 15-3
trustpoint 54-3
TTL Map, TTL configured 33-3
tunneling
defined 23-1
tunnel ports
802.1Q, configuring 23-6
described 23-2
incompatibilities with other features 23-5
TwinGig Convertors
port numbering 7-7
selecting X2/TwinGig Convertor mode 7-8
type length value
See TLV
type of service
See TOS
U
UDLD
default configuration 25-2
disabling 25-5
enabling 25-4
overview 25-1
UDP jitter, configuring 48-9
UDP jitter operation, IP SLAs 48-9
unauthorized ports with 802.1X 37-4
unicast
See IP unicast
unicast flood blocking
configuring 45-1
unicast MAC address filtering
and adding static addresses 4-31
and broadcast MAC addresses 4-30
and CPU packets 4-31
and multicast addresses 4-30
and router MAC addresses 4-30
configuration guidelines 4-30
described 4-30
unicast MAC address filtering, configuring
ACLs
configuring unicast MAC address filtering 43-13
Unicast RPF (Unicast Reverse Path Forwarding)
applying 29-5
BGP attributes
caution 29-5
CEF
requirement 29-2
tables 29-7
configuring 29-9
(examples)??to 29-12
BOOTP 29-8
DHCP 29-8
enterprise network (figure) 29-6
prerequisites 29-9
routing table requirements 29-7
tasks 29-9
verifying 29-10
deploying 29-5
description 1-15, 29-2
disabling 29-11
enterprise network (figure) 29-6
FIB 29-2
implementing 29-4
maintaining 29-11
monitoring 29-11
packets, dropping (figure) 29-4
prerequisites 29-9
restrictions
basic 29-8
routing asymmetry 29-7
routing asymmetry (figure) 29-8
routing table requirements 29-7
security policy
applying 29-5
attacks, mitigating 29-5
deploying 29-5
tunneling 29-5
source addresses, validating 29-3
(figure) 29-3, 29-4
failure 29-3
traffic filtering 29-5
tunneling 29-5
validation
failure 29-3, 29-4
packets, dropping 29-3
source addresses 29-3
verifying 29-10
unicast traffic
blocking 45-2
unidirectional ethernet
enabling 26-2
example of setting 26-2
overview 26-1
UniDirectional Link Detection Protocol
See UDLD
Universal PoE, configuring 10-16
UNIX syslog servers
daemon configuration 51-10
facilities supported 51-12
message logging configuration 51-11
UplinkFast
and MST 17-23
enabling 18-16
MST and 17-23
overview 18-11
user EXEC mode 2-5
user sessions
disconnecting 8-7
monitoring 8-6
using PACL with access-group mode 43-30
V
VACLs
Layer 4 port operations 43-9
virtual configuration register 56-3
virtual LANs
See VLANs
Virtual Private Network
See VPN
Virtual Switch System(VSS), displaying EtherChannel to 19-16
VLAN ACLs
See VLAN maps
vlan command 13-6
vlan dot1q tag native command 23-4
VLAN ID, discovering 4-32
VLAN Management Policy Server
See VMPS
VLAN maps
applying to a VLAN 43-22
configuration example 43-23
configuration guidelines 43-18
configuring 43-18
creating and deleting entries 43-19
defined 43-3
denying access example 43-24
denying packets 43-20
displaying 43-25
order of entries 43-19
permitting packets 43-20
router ACLs and 43-25
using (figure) 43-5
using in your network 43-22
VLAN maps, PACL and Router ACLs 43-32
VLANs
allowed on trunk 15-6
configuration guidelines 13-3
configuring 13-5
customer numbering in service-provider networks 23-3
default configuration 13-4
description 1-7
extended range 13-3
IDs (default) 13-5
interface assignment 13-7
limiting source traffic with RSPAN 50-23
monitoring with RSPAN 50-22
name (default) 13-5
normal range 13-3
overview 13-1
reserved range 13-3
See also PVLANs
VLAN Trunking Protocol
See VTP
VLAN trunks
overview 15-3
VMPS
configuration file example 13-32
configuring dynamic access ports on client 13-25
configuring retry interval 13-27
database configuration file 13-32
dynamic port membership
example 13-29
reconfirming 13-26
reconfirming assignments 13-26
reconfirming membership interval 13-26
server overview 13-21
VMPS client
administering and monitoring 13-28
configure switch
configure reconfirmation interval 13-26
dynamic ports 13-25
entering IP VMPS address 13-24
reconfirmation interval 13-27
reconfirm VLAM membership 13-26
default configuration 13-24
dynamic VLAN membership overview 13-23
troubleshooting dynamic port VLAN membership 13-29
VMPS server
fall-back VLAN 13-23
illegal VMPS client requests 13-23
overview 13-21
security modes
multiple 13-22
open 13-22
secure 13-22
voice interfaces
configuring 35-1
Voice over IP
configuring 35-1
voice ports
configuring VVID 35-3
voice traffic 10-2, 35-5
voice VLAN
IP phone data traffic, described 35-2
IP phone voice traffic, described 35-2
voice VLAN ports
using 802.1X 37-20
VPN
configuring routing in 32-11
forwarding 32-3
in service provider networks 32-1
routes 32-2
routing and forwarding table
See VRF
VRF
defining 32-3
tables 32-1
VRF-aware services
ARP 32-6, 32-9
configuring 32-6
ftp 32-8
ping 32-7
SNMP 32-7
syslog 32-8
tftp 32-8
traceroute 32-8
uRPF 32-7
VTP
client, configuring 13-16
configuration guidelines 13-12
default configuration 13-13
disabling 13-16
monitoring 13-19
overview 13-8
pruning
configuring 13-15
See also VTP version 2
server, configuring 13-16
statistics 13-19
transparent mode, configuring 13-16
version 2
enabling 13-15
VTP advertisements
description 13-9
VTP domains
description 13-8
VTP modes 13-9
VTP pruning
overview 13-11
VTP versions 2 and 3
overview 13-9
See also VTP
VTY and Network Assistant 12-11
VVID (voice VLAN ID)
and 802.1X authentication 37-20
configuring 35-3
W
Wake-on-LAN
configure with 802.1X 37-53
web-based authentication
authentication proxy web pages 38-4
description 1-26, 37-13, 38-1
web-based authentication, interactions with other features 38-4
Y
Y.1731
default configuration 46-28
described 46-26
ETH-AIS
Ethernet Alarm Signal function (ETH-AIS)
1
ETH-RDI 46-27
multicast Ethernet loopback 46-30
multicast ETH-LB 46-28
terminology 46-26