Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
Index
ACLs
applying IPv6 ACLs to a Layer 3 interface 43-21
Numerics
10/100 autonegotiation feature, forced 6-16
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 6-11
10-Gigabit Ethernet port
deploy with Gigabit Ethernet SFP ports 6-10
1400 W DC Power supply
special considerations 10-16
1400 W DC SP Triple Input power supply
special considerations 10-17
802.10 SAID (default) 13-4
802.1Q
trunks 17-6
tunneling
compatibility with other features 24-5
defaults 24-4
described 24-2
tunnel ports with other features 24-6
802.1Q VLANs
encapsulation 15-3
trunk restrictions 15-5
802.1s
See MST
802.1w
See MST
802.1X
See port-based authentication
802.1X authentication
for Critical Authentication 38-12
for guest VLANs 38-8
for MAC Authentication Bypass 38-9
for Wake-on-LAN 38-12
RADIUS accounting 38-16
with port security 38-15
with VLAN assignment 38-7
with voice VLAN ports 38-18
802.3ad
See LACP
A
AAA 40-1
abbreviating commands 2-5
access control entries
See ACEs
access control entries and lists 40-1
access-group mode, configuring on Layer 2 interface 43-34
access-group mode, using PACL with 43-34
access list filtering, SPAN enhancement 46-13
access lists
using with WCCP 53-7
access ports
and Layer 2 protocol tunneling 24-9
configure port security 39-6, 39-21
configuring 15-8
access VLANs 15-6
accounting
configuring for 802.1X 38-32
with TACACS+ 3-16, 3-21
ACEs
ACLs 43-2
IP 43-3
Layer 4 operation restrictions 43-15
ACEs and ACLs 40-1
ACLs
ACEs 43-2
and SPAN 46-5
and TCAM programming for Sup 6-E 43-15
and TCAM programming for Sup II-Plus thru V-10GE 43-6
applying on routed packets 43-31
applying on switched packets 43-30
chaning the TCAM programming algorithm 43-9
compatibility on the same switch 43-3
configuring with VLAN maps 43-30
CPU impact 43-17
hardware and software support 43-5
IP, matching criteria for port ACLs 43-4
MAC extended 43-19
matching criteria for router ACLs 43-3
port
and voice VLAN 43-5
defined 43-3
limitations 43-5
processing 43-17
resize the TCAM regions 43-10
selecting mode of capturing control packets 43-12
TCAM programming algorithm 43-7
troubleshooting high CPU 43-12
types supported 43-3
understanding 43-2
VLAN maps 43-5
ACLs and VLAN maps, examples 43-24
acronyms, list of A-1
action drivers, marking 35-77
active queue management 35-14
active queue management via DBL, QoS on Sup 6-E 35-90
active traffic monitoring, IP SLAs 50-1
adding members to a community 12-8
addresses
displaying the MAC address table 4-30
dynamic
changing the aging time 4-21
defined 4-19
learning 4-20
removing 4-22
MAC, discovering 4-30
See MAC addresses
static
adding and removing 4-27
defined 4-19
address resolution 4-30
adjacency tables
description 30-2
displaying statistics 30-9
administrative VLAN
REP, configuring 19-8
administrative VLAN, REP 19-7
advertisements
LLDP 1-4, 26-2
advertisements, VTP
See VTP advertisements
aggregation switch, enabling DHCP snooping 41-9
aging time
MAC address table 4-21
applying IPv6 ACLs to a Layer 3 interface 43-21
AQM via DBL, QoS on Sup 6-E 35-90
ARP
defined 4-30
table
address resolution 4-30
managing 4-30
asymmetrical links, and 802.1Q tunneling 24-4
asymmetrical routing environment, Unicast RPF blocking traffic 31-7
authentication
NTP associations 4-4
See also port-based authentication
TACACS+
defined 3-16
key 3-18
login 3-19
Authentication, Authorization, and Accounting (AAA) 40-1
Authentication Failed VLAN assignment
configure with 802.1X 38-39
authentication server
defined 38-3
RADIUS server 38-3
authoritative time source, described 4-2
authorization
with TACACS+ 3-16, 3-21
authorized and unauthorized ports 38-4
authorized ports with 802.1X 38-4
autoconfiguration 3-2
automatic discovery
considerations 12-7
automatic QoS
See QoS
Auto-MDIX on a port
configuring 6-26
displaying the configuration 6-26
overview 6-25
autonegotiation feature
forced 10/100Mbps 6-16
Auto-QoS
configuring 35-17
auto-sync command 7-8
B
Baby Giants
interacting with 6-24
BackboneFast
adding a switch (figure) 20-3
and MST 17-23
configuring 20-16
link failure (figure) 20-14, 20-15
not supported MST 17-23
understanding 20-13
See also STP
banners
configuring
login 4-19
message-of-the-day login 4-18
default configuration 4-18
when displayed 4-17
b command 54-3
b flash command 54-3
BGP 1-9
routing session with multi-VRF CE 34-7
blocking packets 44-1
blocking state (STP)
RSTP comparisons (table) 17-24
boot bootldr command 3-31
boot command 3-28
boot commands 54-3
boot fields
See configuration register boot fields
BOOTP and DHCP, Unicast RPF 31-8
bootstrap program
See ROM monitor
boot system command 3-26, 3-31
boot system flash command 3-28
Border Gateway Protocol
See BGP
boundary ports
description 17-27
BPDU Guard
and MST 17-23
configuring 20-16
overview 20-8
BPDUs
and media speed 17-2
pseudobridges and 17-25
what they contain 17-3
bridge ID
See STP bridge ID
bridge priority (STP) 17-16
bridge protocol data units
See BPDUs
Broadcast Storm Control
disabling 45-6
enabling 45-3
burst rate 35-57
burst size 35-32
C
cache engine clusters 53-1
cache engines 53-1
cache farms
See cache engine clusters
candidates
automatic discovery 12-7
candidate switch, cluster
defined 12-12
requirements 12-12
Capturing control packets
selecting mode 43-12
cautions for passwords
encrypting 3-22
CDP
and trusted boundary 35-27
automatic discovery in communities 12-7
configuration 25-2
defined with LLDP 26-1
displaying configuration 25-3
enabling on interfaces 25-3
Layer 2 protocol tunneling 24-7
maintaining 25-3
monitoring 25-3
overview 1-2, 25-1
cdp enable command 25-3
CEF
adjacency tables 30-2
and NSF with SSO 9-5
configuring load balancing 30-7
displaying statistics 30-8
enabling 30-6
hardware switching 30-4
load balancing 30-6
overview 30-1
software switching 30-4
CFM
and Ethernet OAM interaction 56-34
configuration guidelines 56-7, 57-4
configuring crosscheck 56-10
configuring the network 56-8
crosscheck 56-6
default configuration 56-7
defined 56-2
EtherChannel support 56-7, 57-4
IP SLAs support for 56-6
IP SLAs with endpoint discovers 56-14
maintenance domain 56-2
maintenance point 56-3
manually configuring IP SLAs ping or jitter 56-12
measuring network performance 56-6
monitoring 56-15, 56-16
on EtherChannel port channels 56-7
SNMP traps 56-6
types of messages 56-5
CGMP
overview 22-1
channel-group group command 21-7, 21-10
Cisco 7600 series Internet router
enabling SNMP 55-10
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS IP SLAs 50-1
Cisco IOS NSF-aware
support 9-2
Cisco IOS NSF-capable support 9-2
Cisco IP Phones
configuring 36-3
sound quality 36-1
CiscoWorks 2000 48-4
CIST
description 17-22
civic location 26-3
class level, configure in a service policy 35-87
class-map command 35-34
class of service
See CoS
clear cdp counters command 25-4
clear cdp table command 25-3
clear counters command 6-29
clearing
IP multicast table entries 32-26
clear ip eigrp neighbors command 29-18
clear ip flow stats command 49-9
CLI
accessing 2-2
backing out one level 2-5
getting commands 2-5
history substitution 2-4
managing clusters 12-12
modes 2-5
monitoring environments 46-1
ROM monitor 2-7
software basics 2-4
clients
in 802.1X authentication 38-2
clock
See system clock
clustering switches
command switch characteristics 12-11, 12-12
and VTY 12-11
convert to a community 12-9
managing
through CLI 12-12
overview 12-10
planning considerations
CLI 12-12
passwords 12-8
command-line processing 2-3
command modes 2-5
commands
b 54-3
b flash 54-3
boot 54-3
confreg 54-3
dev 54-3
dir device 54-3
frame 54-5
i 54-3
listing 2-5
meminfo 54-5
reset 54-3
ROM monitor54-2to 54-3
ROM monitor debugging 54-5
SNMP 55-10
sysret 54-5
command switch, cluster
requirements 12-11
common and internal spanning tree
See CIST
common spanning tree
See CST
community of switches
access modes in Network Assistant 12-8
adding devices 12-8
candidate characterisitcs 12-6
communication protocols 12-8
community name 12-7
configuration information 12-8
converting from a cluster 12-9
host name 12-7
passwords 12-8
community ports 37-4
community strings
configuring 48-7
overview 48-4
community VLANs 37-3, 37-4
and SPAN features 37-12
configure as a PVLAN 37-13
compiling MIBs 55-10
config-register command 3-29
config terminal command 3-9
configurable leave timer,IGMP 22-4
configuration examples
SNMP 48-16
configuration files
limiting TFTP server access 48-15
obtaining with DHCP 3-6
saving 3-10
system contact and location information 48-15
configuration guidelines
CFM 56-7, 57-4
Ethernet OAM 56-20
REP 19-6
SNMP 48-6
configuration register
boot fields
listing value 3-29
modifying 3-28
changing from ROM monitor 54-3
changing settings3-28to 3-29
configuring 3-26
settings at startup 3-27
configure class-level queue-limit in a service policy 35-87
configure terminal command 3-28, 6-2
configuring access-group mode on Layer 2 interface 43-34
configuring flow control 6-18
configuring interface link and trunk status envents 6-30
configuring named IPv6 ACLs 43-20
configuring named MAC extended ACLs 43-19
configuring unicast MAC address filtering 43-19
configuring VLAN maps 43-22
confreg command 54-3
Connectivity Fault Management
See CFM
console configuration mode 2-5
console download54-4to 54-5
console port
disconnecting user sessions 8-7
monitoring user sessions 8-7
control plane policing
See CoPP
control protocol, IP SLAs 50-4
convergence
REP 19-3
CoPP
applying QoS service policy to control plane 40-4
configuring
ACLs to match traffic 40-4
enabling MLS QoS 40-4
packet classification criteria 40-4
service-policy map 40-4
control plane configuration mode
entering 40-4
displaying
dynamic information 40-8
number of conforming bytes and packets 40-8
rate information 40-8
entering control plane configuration mode 40-4
monitoring statistics 40-8
overview 40-2
copy running-config startup-config command 3-10
copy system:running-config nvram:startup-config command 3-31
CoS
definition 35-3
figure 35-2
overriding on Cisco IP Phones 36-5
priority 36-5
CoS Mutation
configuring 35-41
CoS-to-DSCP maps 35-59
CoS value, configuring for an interface 35-54
counters
clearing MFIB 32-26
clearing on interfaces 6-29
CPU, impact of ACL processing 43-17
CPU port sniffing 46-10
Critical Authentication
configure with 802.1X 38-36
crosscheck, CFM 56-6, 56-10
CST
description 17-25
IST and 17-22
MST and 17-22
customer edge devices 34-2
D
database agent
configuration examples 41-13
enabling the DHCP Snooping 41-12
daylight saving time 4-13
debug commands, ROM monitor 54-5
default configuration
802.1X 38-22
auto-QoS 35-18
banners 4-18
CFM 56-7
DNS 4-16
Ethernet OAM 56-19
IGMP filtering 22-18
IGMP snooping 23-5, 23-6
IP SLAs 50-6
Layer 2 protocol tunneling 24-9
LLDP 26-3
MAC address table 4-21
multi-VRF CE 34-4
NTP 4-4
private VLANs 37-11
REP 19-6
resetting the interface 6-32
RMON 51-3
SNMP 48-6
SPAN and RSPAN 46-6
system message logging 47-3
system name and prompt 4-15
TACACS+ 3-18
default gateway
configuring 3-11
verifying configuration 3-11
default settings, erase commad 3-31
denying access to a server on another VLAN 43-28
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 6-10
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 6-11
description command 6-18
detecting unidirectional links 27-1
dev command 54-3
device discovery protocol 26-1
DHCP-based autoconfiguration
client request message exchange 3-3
configuring
client side 3-3
DNS 3-5
relay device 3-5
server-side 3-4
TFTP server 3-4
example 3-7
lease options
for IP address information 3-4
for receiving the configuration file 3-4
overview 3-2
relationship to BOOTP 3-3
DHCP option 82
overview 41-4
DHCP Snooping
enabling, and Option 82 41-9
DHCP snooping
accepting untrusted packets form edge switch 41-10
configuring 41-6
default configuration 41-7
displaying binding tables 41-16
displaying configuration 41-17
displaying information 41-16
enabling 41-7
enabling on private VLAN 41-11
enabling on the aggregation switch 41-9
enabling the database agent 41-12
message exchange process 41-4
monitoring 41-21
option 82 data insertion 41-4
overview 41-1
Snooping database agent 41-2
DHCP Snooping Database Agent
adding to the database (example) 41-15
enabling (example) 41-13
overview 41-2
reading from a TFTP file (example) 41-14
Diagnostics
online 52-1
troubleshooting 52-2
Power-On-Self-Test
causes of failure 52-14
how it works 52-3
overview 52-3
Power-On-Self-Test for Supervisor Engine V-10GE 52-8
Differentiated Services Code Point values
See DSCP values
DiffServ architecture, QoS 35-2
Digital optical monitoring transceiver support 6-14
dir device command 54-3
disabled state
RSTP comparisons (table) 17-24
disabling
broadcast storm control 45-6
disabling multicast storm control 45-7
disconnect command 8-7
discovery, clusters
See automatic discovery
discovery, Ethernet OAM 56-18
displaying EtherChannel to a Virtual Switch System 21-15
displaying storm control 45-7
display PoE consumed by a module 11-8
DNS
and DHCP-based autoconfiguration 3-5
default configuration 4-16
displaying the configuration 4-17
overview 4-15
setting up 4-16
domain names
DNS 4-15
Domain Name System
See DNS
double-tagged packets
802.1Q tunneling 24-3
Layer 2 protocol tunneling 24-9
downloading MIBs 55-8, 55-9
drop threshold for Layer 2 protocol packets 24-10
DSCP maps 35-58
DSCP-to-CoS maps
configuring 35-60
DSCP values
configuring maps 35-58
definition 35-4
IP precedence 35-2
mapping markdown 35-24
mapping to transmit queues 35-56
DSCP values, configuring port value 35-55
DTP
VLAN trunks and 15-3
duplex command 6-17
duplex mode
configuring interface 6-15
dynamic ARP inspection
ARP cache poisoning 42-2
configuring
ACLs for non-DHCP environments 42-11
in DHCP environments 42-5
log buffer 42-14
rate limit for incoming ARP packets 42-16
denial-of-service attacks, preventing 42-16
interface trust state, security coverage 42-3
log buffer
configuring 42-14
logging of dropped packets 42-4
overview 42-1
port channels, their behavior 42-5
priority of static bindings 42-4
purpose of 42-2
rate limiting of ARP packets 42-4
configuring 42-16
validation checks, performing 42-19
dynamic buffer limiting
globally 35-28
on specific CoS values 35-30
on specific IP DSCP values 35-29
Dynamic Host Configuration Protocol snooping
See DHCP snooping
dynamic port VLAN membership
example 13-25
limit on hosts 13-25
reconfirming 13-23
troubleshooting 13-25
Dynamic Trunking Protocol
See DTP
E
EAP frames
changing retransmission time 38-44
exchanging (figure) 38-4, 38-6, 38-11
request/identity 38-3
response/identity 38-3
setting retransmission number 38-45
EAPOL frames
802.1X authentication and 38-3
OTP authentication, example (figure) 38-4, 38-11
start 38-3
edge ports
description 17-27
EGP
overview 1-9
EIGRP
configuration examples 29-19
monitoring and maintaining 29-18
EIGRP (Enhanced IGRP)
stub routing
benefits 29-17
configuration tasks 29-17
configuring 29-13
overview 29-13
restrictions 29-17
verifying 29-18
EIGRP (enhanced IGRP)
overview 1-10
eigrp stub command 29-18
EIGRP stub routing, configuring 29-12
ELIN location 26-3
Embedded CiscoView
displaying information 4-33
installing and configuring 4-31
overview 4-31
emergency alarms on Sup Engine 6-E systems 10-3
enable command 3-9, 3-28
enable mode 2-5
enabling or disabling QOS on an interface 35-51
enabling SNMP 55-10
encapsulation types 15-3
Enhanced Interior Gateway Routing Protocol
See EIGRP
Enhanced PoE support on E-series 11-12
environmental conditions
Sup Engine 6-E 10-3
Sup Engines II-Plus to V-10GE 10-2
environmental monitoring
using CLI commands 10-1
EtherChannel
channel-group group command 21-7, 21-10
configuration guidelines 21-5
configuring21-6to 21-14
configuring Layer 2 21-9
configuring Layer 3 21-6
displaying to a virtual switch system 21-15
interface port-channel command 21-7
lacp system-priority
command example 21-12
modes 21-3
overview 21-1
PAgP
Understanding 21-3
physical interface configuration 21-7
port-channel interfaces 21-2
port-channel load-balance command 21-13
removing 21-14
removing interfaces 21-14
EtherChannel guard
disabling 20-6
enabling 20-6
overview 20-6
Ethernet infrastructure 56-1
Ethernet management port
and routing 6-7
and routing protocols 6-7
and switch stacks 6-7
configuring 6-9
default setting 6-7
described 1-15, 6-7
for network management 1-15, 6-7
specifying 6-9
supported features 6-8
unsupported features 6-9
Ethernet management port, internal
and routing protocols 6-7
Ethernet Management Port, using 6-6
Ethernet OAM 56-19
and CFM interaction 56-34
configuration guidelines 56-20
default configuration 56-19
discovery 56-18
enabling 56-20
link monitoring 56-19, 56-23
manager 56-1
messages 56-19
protocol
defined 56-18
monitoring 56-32
remote failure indications 56-19
remote loopback 56-19, 56-22
templates 56-28
Ethernet OAM protocol CFM notifications 56-34
Ethernet operation, administration, and maintenance
See Ethernet OAM
explicit host tracking
enabling 22-10
extended range VLANs
See VLANs
Extensible Authentication Protocol over LAN 38-1
Exterior Gateway Protocol
See EGP
F
Fa0 port
See Ethernet management port
FastDrop
overview 32-10
fastethernet0 port
See Ethernet management port
FIB
description 30-2
See also MFIB
filtering
in a VLAN 43-22
non-IP traffic 43-19
flags 32-11
Flash memory
configuring router to boot from 3-30
loading system images from 3-30
security precautions 3-30
Flex Links
configuration guidelines 18-5
configuring 18-6, 18-7
configuring preferred VLAN 18-9
configuring VLAN load balancing 18-8
monitoring 18-11
flooded traffic, blocking 44-2
flowchart, traffic marking procedure 35-77
flow control, configuring 6-18
forward-delay time (STP)
configuring 17-18
forwarding information base
See FIB
frame command 54-5
G
gateway
See default gateway
get-bulk-request operation 48-3
get-next-request operation 48-3, 48-4
get-request operation 48-3, 48-4
get-response operation 48-3
Gigabit Ethernet SFP ports
deploy with 10-Gigabit Ethernet 6-10
global configuration mode 2-5
Guest-VLANs
configure with 802.1X 38-32, 38-41
H
hardware and software ACL support 43-5
hardware switching 30-5
hello time (STP)
configuring 17-17
hierarchical policers, configuring 35-47
high CPU due to ACLs, troubleshooting 43-12
history
CLI 2-4
history table, level and number of syslog messages 47-10
hop counts
configuring MST bridges 17-28
host
configuring host statically 22-10
limit on dynamic port 13-25
host ports
kinds of 37-4
Hot Standby Routing Protocol
See HSRP
HSRP
description 1-9
http
//www.cisco.com/en/US/docs/ios/fundamentals/command reference/cf_book.html 47-1, 48-1
hw-module module num power command 10-20
I
ICMP
enabling 8-12
ping 8-8
running IP traceroute 8-9
time exceeded messages 8-9
ICMP Echo operation
configuring 50-12
IP SLAs 50-11
i command 54-3
IDS
using with SPAN and RSPAN 46-2
IEEE 802.1ag 56-2
IEEE 802.1s
See MST
IEEE 802.1w
See MST
IEEE 802.3ad
See LACP
IEEE 802.3ah Ethernet OAM discovery 56-1
IGMP
configurable leave timer
enabling 22-8
configurable-leave timer 22-4
description 32-3
enabling 32-13
explicit host tracking 22-4, 22-10
immediate-leave processing 22-3
leave processing, enabling 23-8
overview 22-1
report suppression
disabling 23-11
IGMP filtering
configuring 22-18
default configuration 22-18
described 22-18
monitoring 22-21
IGMP groups
setting the maximum number 22-20
IGMP Immediate Leave
configuration guidelines 22-8
IGMP profile
applying 22-19
configuration mode 22-18
configuring 22-19
IGMP snooping
configuration guidelines 22-5
default configuration 23-5, 23-6
enabling 22-5, 22-6
enabling and disabling 23-6
IP multicast and 32-4
monitoring 22-13, 23-11
overview 22-1
IGRP
description 1-10
Immediate Leave, IGMP
enabling 23-8
immediate-leave processing
enabling 22-8
IGMP
See fast-leave processing
ingress packets, SPAN enhancement 46-12
inline power
configuring on Cisco IP phones 36-5
insufficient inline power handling for Supervisor Engine II-TS 10-18
Intelligent Power Management 11-4
interacting with Baby Giants 6-24
interface command 3-9, 6-2
interface configuration
REP 19-9
interface link and trunk status events
configuring 6-30
interface port-channel command 21-7
interface range command 6-4
interface range macro command 6-9
interfaces
adding descriptive name 6-18
clearing counters 6-29
configuring 6-2
configuring ranges 6-4
displaying information about 6-28
Layer 2 modes 15-4
maintaining 6-28
monitoring 6-28
naming 6-18
numbers 6-2
overview 6-2
restarting 6-29
See also Layer 2 interfaces
using the Ethernet Management Port 6-6
Interior Gateway Routing Protocol
See IGRP
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Inter-Switch Link encapsulation
See ISL encapsulation
Intrusion Detection System
See IDS
inventory management TLV 26-3, 26-7
IP
configuring default gateway 3-11
configuring static routes 3-11
displaying statistics 30-8
flow switching cache 49-9
IP addresses
cluster candidate or member 12-12
cluster command switch 12-11
discovering 4-30
ip cef command 30-6
IP Enhanced IGRP
interfaces, displaying 29-18
ip flow-aggregation cache destination-prefix command 49-11
ip flow-aggregation cache prefix command 49-11
ip flow-aggregation cache source-prefix command 49-12
ip flow-export command 49-9
ip icmp rate-limit unreachable command 8-13
ip igmp profile command 22-18
ip igmp snooping tcn flood command 22-12
ip igmp snooping tcn flood query count command 22-12
ip igmp snooping tcn query solicit command 22-13
IP information
assigned
through DHCP-based autoconfiguration 3-2
ip load-sharing per-destination command 30-7
ip local policy route-map command 33-5
ip mask-reply command 8-14
IP MTU sizes, configuring 29-8
IP MTU sizes,configuring 29-8
IP multicast
clearing table entries 32-26
configuring 32-12
default configuration 32-12
displaying PIM information 32-22
displaying the routing table information 32-22
enabling dense-mode PIM 32-14
enabling sparse-mode 32-14
features not supported 32-12
hardware forwarding 32-8
IGMP snooping and 22-4, 32-4
overview 32-1
routing protocols 32-2
software forwarding 32-8
See also Auto-RP; IGMP; PIM; RP; RPF
IP multicast routing
enabling 32-13
monitoring and maintaining 32-21
ip multicast-routing command 32-13
IP phones
automatic classification and queueing 35-17
configuring voice ports 36-3
See Cisco IP Phones 36-1
trusted boundary for QoS 35-26
ip pim command 32-14
ip pim dense-mode command 32-14
ip pim sparse-dense-mode command 32-15
ip policy route-map command 33-4
IP Port Security for Static Hosts
on a Layer 2 access port 41-22
on a PVLAN host port 41-25
overview 41-21
ip redirects command 8-13
ip route-cache flow command 49-7
IP routing tables
deleting entries 32-26
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 50-1
IP SLAs
benefits 50-2
CFM endpoint discovery 56-14
Control Protocol 50-4
default configuration 50-6
definition 50-1
ICMP echo operation 50-11
manually configuring CFM ping or jitter 56-12
measuring network performance 50-3
monitoring 50-14
multioperations scheduling 50-5
operation 50-3
responder
described 50-4
enabling 50-8
response time 50-4
scheduling 50-5
SNMP support 50-2
supported metrics 50-2
threshold monitoring 50-6
UDP jitter operation 50-8
IP Source Guard
configuring 41-18
configuring on private VLANs 41-19
displaying 41-19, 41-21
overview 41-17
IP statistics
displaying 30-8
IP traceroute
executing 8-9
overview 8-9
IP unicast
displaying statistics 30-8
IP Unnumbered support
configuring on a range of Ethernet VLANs 14-5
configuring on LAN and VLAN interfaces 14-4
configuring with connected host polling 14-6
DHCP Option 82 14-2
displaying settings 14-7
format of agent remote ID suboptions 14-3
troubleshooting 14-8
with conected host polling 14-3
with DHCP server and Relay agent 14-2
ip unreachables command 8-12
IPX
redistribution of route information with EIGRP 1-10
ISL
encapsulation 15-3
trunking with 802.1Q tunneling 24-4
isolated port 37-4
isolated VLANs 37-3, 37-4, 37-5
ISSU
compatibility matrix 5-13
compatiblity verification using Cisco Feature Navigator 5-14
NSF overview 5-4
perform the process
aborting a software upgrade 5-26
configuring the rollback timer as a safeguard 5-27
displaying a compatibility matrix 5-29
loading the new software on the new standby 5-24
stopping the rollback timer 5-23
switching to the standby 5-21
verify the ISSU state 5-17
verify the redundancy mode 5-16
verify the software installation 5-15
vload the new software on standby 5-17
prerequisites 5-2
process overview 5-7
restrictions 5-2
SNMP support 5-14
SSO overview 5-4
versioning capability in software to support 5-12
IST
and MST regions 17-22
description 17-22
master 17-27
J
jumbo frames
and ethernet ports 6-22
configuring MTU sizes for 6-23
ports and linecards that support 6-21
understanding MTUs 6-21
understanding support 6-21
VLAN interfaces 6-22
K
keyboard shortcuts 2-3
L
l2protocol-tunnel command 24-11
labels, definition 35-3
LACP
system ID 21-4
Layer 2 access ports 15-8
Layer 2 Control Packet QoS
feature interaction 35-65
overview 35-61
usage guidelines 35-65
Layer 2 frames
classification with CoS 35-2
Layer 2 interface, configuring access-mode mode on 43-34
Layer 2 interfaces
assigning VLANs 13-8
configuring 15-5
configuring as PVLAN host ports 37-16
configuring as PVLAN promiscuous ports 37-15
configuring as PVLAN trunk ports 37-17
defaults 15-5
disabling configuration 15-9
modes 15-4
show interfaces command 15-7
Layer 2 interface type
resetting 37-22
setting 37-22
Layer 2 protocol tunneling
default configuration 24-9
guidelines 24-10
Layer 2 switching
overview 15-1
Layer 2 Traceroute
and ARP 8-11
and CDP 8-10
host-to-host paths 8-10
IP addresses and subnets 8-11
MAC addresses and VLANs 8-11
multicast traffic 8-11
multiple devices on a port 8-11
unicast traffic 1-23, 8-10
usage guidelines 8-10
Layer 2 trunks
configuring 15-6
overview 15-3
Layer 3 interface, applying IPv6 ACLs 43-21
Layer 3 interface counters,configuring 29-10
Layer 3 interface counters,understanding 29-4
Layer 3 interfaces
configuration guidelines 29-5
overview 29-1
logical 29-2
physical 29-2
VLANs as interfaces 29-7
Layer 3 packets
classification methods 35-2
Layer 4 port operations
configuration guidelines 43-16
restrictions 43-15
limitations on using a TwinGig Convertor 6-12
link and trunk status events
configuring interface 6-30
link integrity, verifying with REP 19-3
Link Layer Discovery Protocol
See CDP
link monitoring, Ethernet OAM 56-19, 56-23
listening state (STP)
RSTP comparisons (table) 17-24
LLDP
configuring 26-3
characteristics 26-4
default configuration 26-3
disabling and enabling
globally 26-5
on an interface 26-5
monitoring and maintaining 26-7
overview 26-1
transmission timer and holdtime, setting 26-4
LLDP-MED
configuring
procedures 26-3
TLVs 26-6
monitoring and maintaining 26-7
overview 26-1
supported TLVs 26-2
LLDP Media Endpoint Discovery
See LLDP-MED
load balancing
configuring for CEF 30-7
configuring for EtherChannel 21-13
overview 21-5, 30-6
per-destination 30-7
location TLV 26-3, 26-7
Logical Layer 3 interfaces
configuring 29-5
login authentication
with TACACS+ 3-19
login banners 4-17
login timer
changing 8-6
logoutwarning command 8-7
loop guard
and MST 17-23
configuring 20-4
overview 20-3
M
MAC/PHY configuration status TLV 26-2
MAC addresses
aging time 4-21
allocating 17-5
and VLAN association 4-20
building tables 4-20, 15-2
convert dynamic to sticky secure 39-5
default configuration 4-21
discovering 4-30
displaying 4-30, 8-4
displaying in DHCP snooping binding table 41-17
dynamic
learning 4-20
removing 4-22
in ACLs 43-19
static
adding 4-28
allowing 4-29
characteristics of 4-27
dropping 4-29
removing 4-28
sticky 39-4
sticky secure, adding 39-5
MAC address-table move update
configuration guidelines 18-6
configuring 18-9
description 18-3
monitoring 18-11
MAC Authentication Bypass
configure with 802.1X 38-35
MAC extended access lists 43-19
macros
See Smartports macros
main-cpu command 7-8
Maintenance end points
See MEPs
Maintenance intermediate points
See MIPs
management address TLV 26-2
management options
SNMP 48-1
Management Port, Ethernet 6-6
manual preemption, REP, configuring 19-11
mapping
DSCP markdown values 35-24
DSCP values to transmit queues 35-56
mapping tables
configuring DSCP 35-58
described 35-14
marking
hardware capabilities 35-79
marking action drivers 35-77
marking network traffic 35-74
marking support, multi-attribute 35-78
mask destination command 49-11
mask source command 49-11, 49-12
Match CoS for non-IPV4 traffic
configuring 35-36
match ip address command 33-3
maximum aging time (STP)
configuring 17-18
MDA
configuration guidelines38-19to 38-20
described 38-19
members
automatic discovery 12-7
member switch
managing 12-12
member switch, cluster
defined 12-11
requirements 12-12
meminfo command 54-5
MEPs
defined 56-3
messages, Ethernet OAM 56-19
messages, to users through banners 4-17
Metro features
Ethernet CFM, introduction 1-3
Ethernet OAM Protocol, introduction 1-3
Flex Link and MAC Address-Table Move Update, introduction 1-3
Y.1731 (AIS and RDI), introduction 1-8
metro tags 24-3
MFIB
CEF 32-5
overview 32-11
MFIB, IP
displaying 32-24
MIBs
compiling 55-10
downloading 55-8, 55-9
overview 48-1
related information 55-9
SNMP interaction with 48-4
MIPs
defined 56-4
MLD Done messages and Immediate-leave 23-4
MLD messages 23-2
MLD queries 23-3
MLD reports 23-4
MLD Snooping
MLD Done messages and Immediate-leave 23-4
MLD messages 23-2
MLD queries 23-3
MLD reports 23-4
Multicast client aging robustness 23-3
Multicast router discovery 23-3
overview 23-1
Mode of capturing control packets, selecting 43-12
modules
checking status 8-2
powering down 10-20
monitoring
802.1Q tunneling 24-12
ACL information 43-38
Ethernet CFM 56-15, 56-16
Ethernet OAM 56-32
Ethernet OAM protocol 56-32
Flex Links 18-11
IGMP
snooping 23-11
IGMP filters 22-21
IGMP snooping 22-13
IP SLAs operations 50-14
Layer 2 protocol tunneling 24-12
MAC address-table move update 18-11
multicast router interfaces 23-11
multi-VRF CE 34-12
REP 19-12
traffic flowing among switches 51-1
tunneling 24-12
VLAN filters 43-29
VLAN maps 43-29
M-record 17-23
MST
and multiple spanning trees 1-4, 17-22
boundary ports 17-27
BPDUs 17-23
configuration parameters 17-26
configuring 17-29
displaying configurations 17-33
edge ports 17-27
enabling 17-29
hop count 17-28
instances
configuring parameters 17-32
description 17-22
number supported 17-26
interoperability with PVST+ 17-23
link type 17-28
master 17-27
message age 17-28
regions 17-26
restrictions 17-29
to-SST interoperability 17-24
MSTP
EtherChannel guard
enabling 20-6
M-record 17-23
M-tree 17-23
M-tree 17-23
MTUS
understanding 6-21
MTU size
configuring 6-23, 6-24, 6-30, 6-31
default 13-4
multicast
See IP multicast
Multicast client aging robustness 23-3
multicast groups
static joins 23-7
multicast packets
blocking 44-2
Multicast router discovery 23-3
multicast router interfaces, monitoring 23-11
multicast router ports, adding 23-8
multicast routers
flood suppression 22-10
multicast router table
displaying 32-22
Multicast Storm Control
enabling 45-4
disabling 45-7
suppression on Sup 6-E 45-4
suppression on WS-X4014 45-5
suppression on WS-X4016 45-5
WS-X4515, WS-X4014, and WS-X4013+ Sup Engs 45-5
WS-X4516 Sup Eng 45-5
multidomain authentication
See MDA
multioperations scheduling, IP SLAs 50-5
Multiple Domain Authentication
configuring 38-28
overview of Host Mode 38-6
multiple forwarding paths 1-4, 17-22
Multiple Spanning Tree
See MST
multiple VPN routing/forwarding
See multi-VRF CE
multi-VRF CE
components 34-4
configuration example 34-8
default configuration 34-4
defined 34-1
displaying 34-12
monitoring 34-12
network components 34-4
packet-forwarding process 34-4
N
named aggregate policers, creating 35-31
named IPv6 ACLs, configuring
ACLs
configuring named IPv6 ACLs 43-20
named MAC extended ACLs
ACLs
configuring named MAC extended 43-19
native VLAN
and 802.1Q tunneling 24-4
specifying 15-6
neighbor offset numbers, REP 19-4
NetFlow
aggregation
minimum mask,default value 49-11
destination-prefix aggregation
configuration (example) 49-16
minimum mask, configuring 49-11
IP
flow switching cache 49-9
prefix aggregation
configuration (example) 49-14
minimum mask, configuring 49-11
source-prefix aggregation
minimum mask, configuring 49-11
switching
checking for required hardware 49-6
configuration (example) 49-13
configuring switched IP flows 49-8
enabling Collection 49-7
exporting cache entries 49-9
statistics 49-9
NetFlow statistics
caveats on supervisor 49-6
checking for required hardware 49-6
configuring collection 49-6
enabling Collection 49-7
exporting cache entries 49-9
overview of collection 49-2
switched/bridged IP flows 49-8
Network Assistant
and VTY 12-11
configure
enable communication with switch 12-13, 12-17
default configuration 12-2
overview of CLI commands 12-2
network fault tolerance 1-4, 17-22
network management
configuring 25-1
RMON 51-1
SNMP 48-1
network performance, measuring with IP SLAs 50-3
network policy TLV 26-2, 26-7
Network Time Protocol
See NTP
network traffic, marking 35-74
New Software Features in Release 7.7
TDR 8-4
Next Hop Resolution Protocol
See NHRP
NFFC/NFFC II
IGMP snooping and 22-5
NHRP
support 1-10
non-IP traffic filtering 43-19
non-RPF traffic
description 32-9
in redundant configurations (figure) 32-10
Nonstop Forwarding
See NSF
nonvolatile random-access memory
See NVRAM
normal-range VLANs
See VLANs
NSF
defined 9-1
guidelines and restrictions 9-9
operation 9-5
NSF-aware
supervisor engines 9-3
support 9-2
NSF-capable
supervisor engines 9-3
support 9-2
NSF with SSO supervisor engine redundancy
and CEF 9-5
overview 9-4
SSO operation 9-4
NTP
associations
authenticating 4-4
defined 4-2
enabling broadcast messages 4-7
peer 4-6
server 4-6
default configuration 4-4
displaying the configuration 4-11
overview 4-2
restricting access
creating an access group 4-9
disabling NTP services per interface 4-10
source IP address, configuring 4-10
stratum 4-2
synchronizing devices 4-6
time
services 4-2
synchronizing 4-2
NVRAM
saving settings 3-10
O
OAM
client 56-18
features 56-18
sublayer 56-18
OAM manager
with CFM and Ethernet OAM 56-34
OAM PDUs 56-20
OAM protocol data units 56-18
OIR
overview 6-27
Online Diagnostics 52-1
online insertion and removal
See OIR
Open Shortest Path First
See OSPF
operating system images
See system images
Option 82
enabling DHCP Snooping 41-9
OSPF
area concept 1-11
description 1-11
P
packets
modifying 35-16
software processed
and QoS 35-16
packet type filtering
overview 46-15
SPAN enhancement 46-15
PACL, using with access-group mode 43-34
PACL with VLAN maps and router ACLs 43-36
PAgP
understanding 21-3
passwords
configuring enable password 3-13
configuring enable secret password 3-13
encrypting 3-22
in clusters 12-8
recovering lost enable password 3-25
setting line password 3-14
PBR (policy-based routing)
configuration (example) 33-5
enabling 33-3
features 33-2
overview 33-1, 33-2
route maps 33-2
when to use 33-2
per-port and VLAN Access Control List 41-17
per-port per-VLAN QoS
enabling 35-49
overview 35-16
Per-VLAN Rapid Spanning Tree 17-6
enabling 17-20
overview 17-6
PE to CE routing, configuring 34-7
Physical Layer 3 interfaces, configuring 29-11
PIM
configuring dense mode 32-14
configuring sparse mode 32-14
displaying information 32-22
displaying statistics 32-26
enabling sparse-dense mode 32-14, 32-15
overview 32-3
PIM-DM 32-3
PIM on an interface, enabling 32-13
PIM-SM 32-3
PIM-SSM mapping, enabling 32-15
ping
executing 8-8
overview 8-8
ping command 8-8, 32-22
PoE 11-8
configuring power consumption for single device 11-6
configuring power consumption for switch 11-5
Enhanced PoE support on E-series 11-12
power consumption for powered devices
Intelligent Power Management 11-4
powering down a module 10-20
power management modes 11-2
point-to-point
in 802.1X authentication (figure) 38-2, 38-17
police command 35-38
policed-DSCP map 35-59
policers
description 35-5
types of 35-10
policies
See QoS policies
policing
how to implement 35-73
See QoS policing
policy associations, QoS on Sup 6-E 35-91
policy-map command 35-34, 35-37
policy map marking action, configuring 35-79
policy maps
attaching to interfaces 35-41
configuring 35-36
port ACLs
and voice VLAN 43-5
defined 43-3
limitations 43-5
Port Aggregation Protocol
see PAgP
port-based authentication
802.1X with voice VLAN 38-18
changing the quiet period 38-43
client, defined 38-2
configuration guidelines 38-23
configure 802.1X accounting 38-32
configure switch-to-RADIUS server communication 38-26
configure with Authentication Failed VLAN assignment 38-39
configure with Critical Authentication 38-36
configure with Guest-VLANs 38-32, 38-41
configure with MAC Authentication Bypass 38-35
configure with Wake-on-LAN 38-38
configuring
Multiple Domain Authentication 38-28
configuring Guest-VLAN 38-26
configuring manual re-authentication of a client 38-46
controlling authorization state 38-5
default configuration 38-22
described 38-1
device roles 38-2
displaying statistics 38-47
enabling 38-23
enabling multiple hosts 38-42
enabling periodic re-authentication 38-41
encapsulation 38-3
host mode 38-6
initiation and message exchange 38-3
method lists 38-23
multidomain authentication 38-19
multiple-hosts mode, described 38-6
port security
multiple-hosts mode 38-7
ports not supported 38-4
resetting to default values 38-47
setting retransmission number 38-45
setting retransmission time 38-44
topologies, supported 38-21
using with port security 38-15
with Critical Authentication 38-12
with Guest VLANs 38-8
with MAC Authentication Bypass 38-9
with VLAN assignment 38-7
port-based QoS features
See QoS
port-channel interfaces
See also EtherChannel
creating 21-6
overview 21-2
port-channel load-balance
command 21-12
command example 21-12
port-channel load-balance command 21-13
port cost (STP)
configuring 17-15
port description TLV 26-2
PortFast
and MST 17-23
BPDU filter, configuring 20-9
configuring or enabling 20-16
overview 20-6
PortFast BPDU filtering
and MST 17-23
enabling 20-9
overview 20-9
port numbering with TwinGig Convertors 6-11
port priority
configuring MST instances 17-32
configuring STP 17-13
ports
blocking 44-1
checking status 8-3
dynamic VLAN membership
example 13-25
reconfirming 13-23
forwarding, resuming 44-3
REP 19-5
See also interfaces
port security
aging 39-5
and QoS trusted boundary 35-26
configuring 39-7
displaying 39-27
guidelines and restrictions 39-32
on access ports 39-6, 39-21
on private VLAN 39-13
host 39-14
over Layer 2 EtherChannel 39-32
promiscuous 39-15
topology 39-14, 39-17, 39-32
on trunk port 39-16
guidelines and restrictions 39-14, 39-17, 39-20, 39-32
port mode changes 39-21
on voice ports 39-21
RADIUS accounting 38-16
sticky learning 39-5
using with 802.1X 38-15
violations 39-6
with 802.1X Authentication 39-31
with DHCP and IP Source Guard 39-30
with other features 39-32
port states
description 17-5
port trust state
See trust states
port VLAN ID TLV 26-2
power
inline 36-5
power dc input command 10-17
power handling for Supervisor Engine II-TS 11-12
power inline command 11-3
power inline consumption command 11-5, 11-6
power management
Catalyst 4500 series 10-6
Catalyst 4500 Switch power supplies 10-13
Catalyst 4948 series 10-20
configuring combined mode 10-12
configuring redundant mode 10-11
overview 10-1
redundancy 10-6
power management for Catalyst 4500 Switch
combined mode 10-8
redundant mode 10-8
power management limitations in Catalyst 4500 Switch 10-9
power management mode
selecting 10-8
power management TLV 26-2, 26-7
Power-On-Self-Test diagnostics 52-3, 52-14
Power-On-Self-Test for Supervisor Engine V-10GE 52-8
power redundancy-mode command 10-11
power supplies
available power for Catalyst 4500 Switch 10-13
fixed 10-7
variable 10-7, 10-20
preempt delay time, REP 19-5
primary edge port, REP 19-4
primary VLANs 37-3, 37-5
associating with secondary VLANs 37-14
configuring as a PVLAN 37-13
priority
overriding CoS of incoming frames 36-5
priority queuing, QoS on Sup 6-E 35-86
private VLAN
configure port security 39-14
enabling DHCP Snooping 41-11
private VLANs
across multiple switches 37-5
and SVIs 37-10
benefits of 37-3
community ports 37-4
community VLANs 37-3, 37-4
default configuration 37-11
end station access to 37-3
isolated port 37-4
isolated VLANs 37-3, 37-4, 37-5
ports
community 37-4
isolated 37-4
promiscuous 37-5
primary VLANs 37-3, 37-5
promiscuous ports 37-5
secondary VLANs 37-3
subdomains 37-3
traffic in 37-9
privileged EXEC mode 2-5
privileges
changing default 3-23
configuring levels 3-23
exiting 3-24
logging in 3-24
promiscuous ports
configuring PVLAN 37-15
defined 37-5
setting mode 37-22
protocol timers 17-4
provider edge devices 34-2
pruning, VTP
See VTP pruning
pseudobridges
description 17-25
PVACL 41-17
PVID (port VLAN ID)
and 802.1X with voice VLAN ports 38-18
PVLAN promiscuous trunk port
configuring 37-2, 37-15, 37-19
PVLANs
802.1q support 37-12
across multiple switches 37-6
configuration guidelines 37-11
configure port security 39-13, 39-15, 39-17
configure port security in a wireless setting 39-32
configure port security over Layer 2 EtherChannel 39-32
configuring 37-10
configuring a VLAN 37-13
configuring promiscuous ports 37-15
host ports
configuring a Layer 2 interface 37-16
setting 37-22
overview 37-1
permitting routing, example 37-21
promiscuous mode
setting 37-22
setting
interface mode 37-22
Q
QoS
allocating bandwidth 35-57
and software processed packets 35-16
auto-QoS
configuration and defaults display 35-20
configuration guidelines 35-19
described 35-17
displaying 35-20
effects on NVRAM configuration 35-19
enabling for VoIP 35-19
basic model 35-5
burst size 35-32
classification35-6to 35-10
configuration guidelines 35-25
auto-QoS 35-19
configuring
auto-QoS 35-17
DSCP maps 35-58
dynamic buffer limiting 35-28
traffic shaping 35-57
trusted boundary 35-26
configuring Layer 2 Control Packet QoS, feature interaction 35-65
configuring Layer 2 Control Packet QoS, guidelines 35-65
configuring Layer 2 Control Packet QoS, overview 35-61
configuring UBRL 35-43
configuring VLAN-based on Layer 2 interfaces 35-52
creating named aggregate policers 35-31
creating policing rules 35-33
default auto configuration 35-18
default configuration 35-24
definitions 35-3
disabling on interfaces 35-41
enabling and disabling 35-51
enabling hierarchical policers 35-47
enabling on interfaces 35-41
enabling per-port per-VLAN 35-49
flowcharts 35-8, 35-12
IP phones
automatic classification and queueing 35-17
detection and trusted settings 35-17, 35-26
overview 35-2
overview of per-port per-VLAN 35-16
packet modification 35-16
port-based 35-52
priority 35-15
traffic shaping 35-16
transmit rate 35-57
trust states
trusted device 35-26
VLAN-based 35-52
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length 35-14
QoS labels
definition 35-3
QoS mapping tables
CoS-to-DSCP 35-59
DSCP-to-CoS 35-60
policed-DSCP 35-59
types 35-14
QoS marking
description 35-5
QoS on Sup 6-E
Active Queue management via DBL 35-90
active queue management via DBL 35-83, 35-90
classification 35-72
configuring 35-68
configuring the policy map marking action 35-79
hardware capabilities for marking 35-79
how to implement policing 35-73
marking action drivers 35-77
marking network traffic 35-74
MQC-based QoS configuration 35-69
multi-attribute marking support 35-78
platform hardware capabilities 35-71
platform restrictions 35-73
platform-supported classification criteria and QoS features 35-69, 35-70
policing 35-72
policy associations 35-91
prerequisites for applying a service policy 35-72
priority queuing 35-86
queue-limiting 35-87
restrictions for applying a service policy 35-72
shaping 35-81
sharing(bandwidth) 35-83
sharing(blandwidth), shapring, and priority queuing 35-81
software QoS 35-93
traffic marking procedure flowchart 35-77
QoS policers
burst size 35-32
types of 35-10
QoS policing
definition 35-5
described 35-5, 35-10
QoS policy
attaching to interfaces 35-11
overview of configuration 35-34
QoS service policy
prerequisites 35-72
restrictions for applying 35-72
QoS transmit queues
allocating bandwidth 35-57
burst 35-16
configuring traffic shaping 35-57
mapping DHCP values to 35-56
maximum rate 35-16
overview 35-14
sharing link bandwidth 35-15
QoS transmit queues, configuring 35-55
Quality of service
See QoS
queueing 35-6, 35-14
queue-limiting, QoS on Sup 6-E 35-87
R
RADIUS server
configure to-Switch communication 38-26
configuring settings 38-28
parameters on the switch 38-26
range command 6-4
range macros
defining 6-9
ranges of interfaces
configuring 6-4
Rapid Spanning Tree
See RSTP
rcommand command 12-12
re-authentication of a client
configuring manual 38-46
enabling periodic 38-41
reduced MAC address 17-2
redundancy
configuring 7-8
guidelines and restrictions 7-6
changes made through SNMP 7-11
NSF-aware support 9-2
NSF-capable support 9-2
overview 7-2
redundancy command 7-8
understanding synchronization 7-5
redundancy (NSF) 9-1
configuring
BGP 9-11
CEF 9-11
EIGRP 9-16
IS-IS 9-14
OSPF 9-13
routing protocols 9-5
redundancy (RPR)
route processor redundancy 7-3
synchronization 7-5
redundancy (SSO)
redundancy command 9-10
route processor redundancy 7-3
synchronization 7-5
reload command 3-28, 3-29
remote failure indications 56-19
remote loopback, Ethernet OAM 56-19, 56-22
Remote Network Monitoring
See RMON
rendezvous point, configuring 32-15
rendezvous point, configuring single static 32-19
REP
administrative VLAN 19-7
administrative VLAN, configuring 19-8
and STP 19-5
configuration guidelines 19-6
configuring interfaces 19-9
convergence 19-3
default configuration 19-6
manual preemption, configuring 19-11
monitoring 19-12
neighbor offset numbers 19-4
open segment 19-2
ports 19-5
preempt delay time 19-5
primary edge port 19-4
ring segment 19-2
secondary edge port 19-4
segments 19-1
characteristics 19-2
SNMP traps, configuring 19-12
supported interfaces 19-1
triggering VLAN load balancing 19-5
verifying link integrity 19-3
VLAN blocking 19-11
VLAN load balancing 19-4
replication
description 32-8
report suppression, IGMP
disabling 23-11
reserved-range VLANs
See VLANs
reset command 54-3
resetting an interface to default configuration 6-32
resetting a switch to defaults 3-31
Resilient Ethernet ProtocolLSee REP
responder, IP SLAs
described 50-4
enabling 50-8
response time, measuring with IP SLAs 50-4
restricting access
NTP services 4-8
TACACS+ 3-15
retransmission number
setting in 802.1X authentication 38-45
retransmission time
changing in 802.1X authentication 38-44
RFC
1157, SNMPv1 48-2
1305, NTP 4-2
1757, RMON 51-2
1901, SNMPv2C 48-2
1902 to 1907, SNMPv2 48-2
2273-2275, SNMPv3 48-2
RIP
description 1-11
RMON
default configuration 51-3
displaying status 51-7
enabling alarms and events 51-4
groups supported 51-2
overview 51-1
ROM monitor
boot process and 3-26
CLI 2-7
commands54-2to 54-3
debug commands 54-5
entering 54-2
exiting 54-6
overview 54-1
root bridge
configuring 17-9
selecting in MST 17-22
root guard
and MST 17-23
enabling 20-2
overview 20-2
routed packets
ACLs 43-31
route-map (IP) command 33-3
route maps
defining 33-3
PBR 33-2
router ACLs
description 43-3
using with VLAN maps 43-30
router ACLs, using PACL with VLAN maps 43-36
route targets
VPN 34-4
Routing Information Protocol
See RIP
routing table requirements, and RPF 31-7
RSPAN
configuration guidelines 46-16
destination ports 46-5
IDS 46-2
monitored ports 46-4
monitoring ports 46-5
received traffic 46-3
sessions
creating 46-17
defined 46-3
limiting source traffic to specific VLANs 46-23
monitoring VLANs 46-22
removing source (monitored) ports 46-21
specifying monitored ports 46-17
source ports 46-4
transmitted traffic 46-4
VLAN-based 46-5
RSTP
compatibility 17-23
description 17-22
port roles 17-24
port states 17-24
S
SAID
See 802.10 SAID
scheduling 35-14
defined 35-5
overview 35-6
scheduling, IP SLAs operations 50-5
secondary edge port, REP 19-4
secondary root switch 17-12
secondary VLANs 37-3
associating with primary 37-14
permitting routing 37-21
security
configuring 40-1
Security Association Identifier
See 802.10 SAID
security policy and Unicast RPF 31-5
selecting a power management mode 10-8
selecting X2/TwinGig Convertor Mode 6-12
sequence numbers in log messages 47-8
servers, VTP
See VTP servers
service policy, configure class-level queue-limit 35-87
service-policy command 35-34
service-policy input command 28-2, 35-41
service-provider networks
and customer VLANs 24-3
set default interface command 33-4
set interface command 33-4
set ip default next-hop command 33-4
set ip next-hop command 33-3
set-request operation 48-4
severity levels, defining in system messages 47-9
shaping, QoS on Sup 6-E 35-81
sharing(bandwidth), QoS on Sup 6-E 35-83
show adjacency command 30-9
show boot command 3-31
show catalyst4000 chassis-mac-address command 17-3
show cdp command 25-2, 25-3
show cdp entry command 25-4
show cdp interface command 25-3
show cdp neighbors command 25-4
show cdp traffic command 25-4
show ciscoview package command 4-33
show ciscoview version command 4-33
show cluster members command 12-12
show configuration command 6-18
show debugging command 25-4
show environment command 10-2
show history command 2-4
show interfaces command 6-23, 6-24, 6-28, 6-30, 6-31
show interfaces status command 8-3
show ip cache flow aggregation destination-prefix command 49-12
show ip cache flow aggregation prefix command 49-12
show ip cache flow aggregation source-prefix command 49-12
show ip cache flow command 49-9
show ip cef command 30-8
show ip eigrp interfaces command 29-18
show ip eigrp neighbors command 29-18
show ip eigrp topology command 29-18
show ip eigrp traffic command 29-18
show ip interface command 32-22
show ip local policy command 33-5
show ip mroute command 32-22
show ip pim interface command 32-22
show l2protocol command 24-12
show lldp traffic command 26-8
show mac-address-table address command 8-4
show mac-address-table interface command 8-4
show mls entry command 30-8
show module command 8-2, 17-5
show PoE consumed 11-8
show power inline command 11-7
show power inline consumption command 11-5
show power supplies command 10-11
show protocols command 6-28
show running-config command
adding description for an interface 6-18
checking your settings 3-9
displaying ACLs 43-24, 43-26, 43-33, 43-34
show startup-config command 3-10
show users command 8-7
show version command 3-29
shutdown, command 6-29
shutdown threshold for Layer 2 protocol packets 24-9
shutting down
interfaces 6-29
Simple Network Management Protocol
See SNMP
single spanning tree
See SST
single static RP, configuring 32-19
slot numbers, description 6-2
Smartports macros
applying global parameter values 16-8
applying macros 16-8
applying parameter values 16-8
configuration guidelines 16-6
configuring 16-2
creating 16-7
default configuration 16-3
defined 16-1
displaying 16-13
tracing 16-6
SMNP traps, and CFM 56-6
SNMP
accessing MIB variables with 48-4
agent
described 48-4
disabling 48-7
and IP SLAs 50-2
authentication level 48-10
community strings
configuring 48-7
overview 48-4
configuration examples 48-16
configuration guidelines 48-6
default configuration 48-6
enabling 55-10
engine ID 48-6
groups 48-6, 48-9
host 48-6
informs
and trap keyword 48-11
described 48-5
differences from traps 48-5
enabling 48-14
limiting access by TFTP servers 48-15
limiting system log messages to NMS 47-10
manager functions 48-3
notifications 48-5
overview 48-1, 48-4
status, displaying 48-17
system contact and location 48-15
trap manager, configuring 48-13
traps
described 48-3, 48-5
differences from informs 48-5
enabling 48-11
enabling MAC address notification 4-22
enabling MAC move notification 4-24
enabling MAC threshold notification 4-26
overview 48-1, 48-4
types of 48-11
users 48-6, 48-9
versions supported 48-2
SNMP commands 55-10
SNMP traps
REP 19-12
SNMPv1 48-2
SNMPv2C 48-2
SNMPv3 48-2
software
upgrading 7-13
software configuration register 3-26
software QoS, on Sup 6-E 35-93
software switching
description 30-5
interfaces 30-6
key data structures used 32-7
SPAN
and ACLs 46-5
configuration guidelines 46-7
configuring46-7to 46-10
destination ports 46-5
IDS 46-2
monitored port, defined 46-4
monitoring port, defined 46-5
received traffic 46-3
sessions
defined 46-3
source ports 46-4
transmitted traffic 46-4
VLAN-based 46-5
SPAN and RSPAN
concepts and terminology 46-3
default configuration 46-6
displaying status 46-25
overview 46-1
session limits 46-6
SPAN enhancements
access list filtering 46-13
configuration example 46-16
CPU port sniffing 46-10
encapsulation configuration 46-12
ingress packets 46-12
packet type filtering 46-15
spanning-tree backbonefast command 20-16
spanning-tree cost command 17-15
spanning-tree guard root command 20-2
spanning-tree portfast bpdu-guard command 20-8
spanning-tree portfast command 20-7
spanning-tree port-priority command 17-13
spanning-tree uplinkfast command 20-12
spanning-tree vlan
command 17-9
command example 17-9
spanning-tree vlan command 17-8
spanning-tree vlan cost command 17-15
spanning-tree vlan forward-time command 17-19
spanning-tree vlan hello-time command 17-17
spanning-tree vlan max-age command 17-18
spanning-tree vlan port-priority command 17-13
spanning-tree vlan priority command 17-17
spanning-tree vlan root primary command 17-10
spanning-tree vlan root secondary command 17-12
speed
configuring interface 6-15
speed command 6-16
SSO
configuring 9-10
SSO operation 9-4
SST
description 17-22
interoperability 17-24
static addresses
See addresses
static routes
configuring 3-11
verifying 3-12
statistics
displaying 802.1X 38-47
displaying PIM 32-26
LLDP 26-7
LLDP-MED 26-7
NetFlow accounting 49-9
SNMP input and output 48-17
sticky learning
configuration file 39-5
defined 39-5
disabling 39-5
enabling 39-5
saving addresses 39-5
sticky MAC addresses
configuring 39-7
defined 39-4
Storm Control
displaying 45-7
enabling Broadcast 45-3
enabling Multicast 45-4
hardware-based, implementing 45-2
overview 45-1
software-based, implementing 45-3
STP
and REP 19-5
bridge ID 17-2
configuring17-7to 17-20
creating topology 17-4
defaults 17-6
disabling 17-19
enabling 17-8
enabling extended system ID 17-9
enabling Per-VLAN Rapid Spanning Tree 17-20
EtherChannel guard
disabling 20-6
forward-delay time 17-18
hello time 17-17
Layer 2 protocol tunneling 24-7
maximum aging time 17-18
overview 17-2, 17-3
per-VLAN rapid spanning tree 17-6
port cost 17-15
port priority 17-13
root bridge 17-9
stratum, NTP 4-2
stub routing (EIGRP)
benefits 29-17
configuration tasks 29-17
configuring 29-13
overview 29-12, 29-13
restrictions 29-17
verifying 29-18
subdomains, private VLAN 37-3
summer time 4-13
supervisor engine
accessing the redundant 7-15
configuring3-8to 3-13
copying files to standby 7-15
default configuration 3-1
default gateways 3-11
environmental monitoring 10-1
redundancy 9-1
ROM monitor 3-26
startup configuration 3-25
static routes 3-11
synchronizing configurations 7-11
Supervisor Engine II-TS
insufficient inline power handling 10-18, 11-12
SVI Autostate Exclude
understanding 29-3
SVI Autostate exclude
configuring 29-7
switched packets
and ACLs 43-30
Switched Port Analyzer
See SPAN
switching, NetFlow
checking for required hardware 49-6
configuration (example) 49-13
configuring switched IP flows 49-8
enabling Collection 49-7
exporting cache entries 49-9
switchport
show interfaces 6-23, 6-24, 6-30, 6-31
switchport access vlan command 15-6, 15-8
switchport block multicast command 44-2
switchport block unicast command 44-2
switchport mode access command 15-8
switchport mode dot1q-tunnel command 24-6
switchport mode dynamic command 15-6
switchport mode trunk command 15-6
switch ports
See access ports
switchport trunk allowed vlan command 15-6
switchport trunk encapsulation command 15-6
switchport trunk encapsulation dot1q command 15-3
switchport trunk encapsulation isl command 15-3
switchport trunk encapsulation negotiate command 15-3
switchport trunk native vlan command 15-6
switchport trunk pruning vlan command 15-7
switch-to-RADIUS server communication
configuring 38-26
sysret command 54-5
system
reviewing configuration 3-10
settings at startup 3-27
system alarms
on Sup 2+ to V-10GE 10-5
on Sup 6-E 10-5
overview 10-4
system and network statistics, displaying 32-22
system capabilities TLV 26-2
system clock
configuring
daylight saving time 4-13
manually 4-11
summer time 4-13
time zones 4-12
displaying the time and date 4-12
overview 4-2
See also NTP
system description TLV 26-2
system images
loading from Flash memory 3-30
modifying boot field 3-27
specifying 3-30
system message logging
default configuration 47-3
defining error message severity levels 47-9
disabling 47-5
displaying the configuration 47-13
enabling 47-5
facility keywords, described 47-13
level keywords, described 47-9
limiting messages 47-10
message format 47-2
overview 47-1
sequence numbers, enabling and disabling 47-8
setting the display destination device 47-5
synchronizing log messages 47-6
timestamps, enabling and disabling 47-8
UNIX syslog servers
configuring the daemon 47-11
configuring the logging facility 47-12
facilities supported 47-13
system MTU
802.1Q tunneling 24-5
maximums 24-5
system name
default configuration 4-15
default setting 4-15
manual configuration 4-15
See also DNS
system name TLV 26-2
system prompt, default setting 4-14, 4-15
T
TACACS+ 40-1
accounting, defined 3-16
authentication, defined 3-16
authorization, defined 3-16
configuring
accounting 3-21
authentication key 3-18
authorization 3-21
login authentication 3-19
default configuration 3-18
displaying the configuration 3-22
identifying the server 3-18
limiting the services to the user 3-21
operation of 3-17
overview 3-15
tracking services accessed by user 3-21
tagged packets
802.1Q 24-3
Layer 2 protocol 24-7
TCAM programming algorithm
changing 43-9
TCAM programming algorithm, overview 43-7
TCAM programming and ACLs 43-10, 43-12
for Sup II-Plust thru V-10GE 43-6
TCAM programming and ACLs for Sup 6-E 43-15
TCAM region, changing the algorithm 43-9
TCAM region, resizing 43-10
TDR
checking cable connectivity 8-4
enabling and disabling test 8-4
guidelines 8-4
Telnet
accessing CLI 2-2
disconnecting user sessions 8-7
executing 8-6
monitoring user sessions 8-7
telnet command 8-6
templates, Ethernet OAM 56-28
Terminal Access Controller Access Control System Plus
See TACACS+
TFTP
configuration files in base directory 3-5
configuring for autoconfiguration 3-4
limiting access by servers 48-15
TFTP download
See also console download
threshold monitoring, IP SLAs 50-6
time
See NTP and system clock
Time Domain Reflectometer
See TDR
time exceeded messages 8-9
timer
See login timer
timestamps in log messages 47-8
time zones 4-12
TLVs
defined 1-4, 26-2
LLDP-MED 26-2
Token Ring
media not supported (note) 13-5, 13-10
Topology change notification processing
MLD Snooping
Topology change notification processing 23-5
TOS
description 35-4
trace command 8-10
traceroute
See IP traceroute
See Layer 2 Traceroute
traceroute mac command 8-11
traceroute mac ip command 8-11
traffic
blocking flooded 44-2
traffic control
using ACLs (figure) 43-4
using VLAN maps (figure) 43-5
traffic marking procedure flowchart 35-77
traffic shaping 35-16
translational bridge numbers (defaults) 13-4
transmit queues
See QoS transmit queues
transmit rate 35-57
traps
configuring MAC address notification 4-22
configuring MAC move notification 4-24
configuring MAC threshold notification 4-26
configuring managers 48-11
defined 48-3
enabling 4-22, 4-24, 4-26, 48-11
notification types 48-11
overview 48-1, 48-4
troubleshooting
with CiscoWorks 48-4
with system message logging 47-1
with traceroute 8-9
troubleshooting high CPU due to ACLs 43-12
trunk ports
configure port security 39-16
configuring PVLAN37-17to 37-19
trunks
802.1Q restrictions 15-5
configuring 15-6
configuring access VLANs 15-6
configuring allowed VLANs 15-6
default interface configuration 15-6
different VTP domains 15-3
enabling to non-DTP device 15-4
encapsulation 15-3
specifying native VLAN 15-6
understanding 15-3
trusted boundary for QoS 35-26
Trust State of interfaces, configuring
trust states
configuring 35-53
tunneling
defined 24-1
tunnel ports
802.1Q, configuring 24-6
described 24-2
incompatibilities with other features 24-5
TwinGig Convertors
limitations on using 6-12
port numbering 6-11
selecting X2/TwinGig Convertor mode 6-12
type of service
See TOS
U
UDLD
default configuration 27-2
disabling 27-4, 27-5
enabling 27-3
overview 27-1
UDP jitter, configuring 50-9
UDP jitter operation, IP SLAs 50-8
unauthorized ports with 802.1X 38-4
unicast
See IP unicast
unicast flood blocking
configuring 44-1
unicast MAC address filtering
and adding static addresses 4-29
and broadcast MAC addresses 4-28
and CPU packets 4-29
and multicast addresses 4-28
and router MAC addresses 4-28
configuration guidelines 4-28
described 4-28
unicast MAC address filtering, configuring
ACLs
configuring unicast MAC address filtering 43-19
Unicast Reverse Path Forwarding
about 31-2
and security policy 31-5
blockng traffic, asymmetrical routing environment 31-7
configuration example, inbound and outbound filters 31-11
configuration task list 31-9
configured with ACLs 31-2
droppiung packets that fail verification, illustration 31-4
Enterprise Network for ingress filtering 31-6
how it works 31-2
implementing 31-4
IP source addresses, illustration 31-3
monitoring and maintaining 31-10
routing table requirements 31-7
where not to use 31-7
where to use 31-5
with BOOTP and DHCP 31-8
unicast traffic
blocking 44-2
unidirectional ethernet
enabling 28-2
example of setting 28-2
overview 28-1
UniDirectional Link Detection Protocol
See UDLD
UNIX syslog servers
daemon configuration 47-11
facilities supported 47-13
message logging configuration 47-12
UplinkFast
and MST 17-23
enabling 20-16
MST and 17-23
overview 20-11
User Based Rate Limiting
configuring 35-43
overview 35-43
user EXEC mode 2-5
user sessions
disconnecting 8-7
monitoring 8-7
using PACL with access-group mode 43-34
V
VACLs
Layer 4 port operations 43-15
virtual configuration register 54-3
virtual LANs
See VLANs
Virtual Private Network
See VPN
Virtual Switch System(VSS), displaying EtherChannel to 21-15
VLAN ACLs
See VLAN maps
VLAN-based QoS on Layer 2 interfaces, configuring 35-52
VLAN blocking, REP 19-11
vlan command 13-7
vlan dot1q tag native command 24-4
VLAN ID, discovering 4-30
VLAN load balancing
REP 19-4
VLAN load balancing, triggering 19-5
VLAN load balancing on flex links 18-2
configuration guidelines 18-6
VLAN Management Policy Server
See VMPS
VLAN maps
applying to a VLAN 43-26
configuration example 43-27
configuration guidelines 43-23
configuring 43-22
creating and deleting entries 43-23
defined 43-3
denying access example 43-28
denying packets 43-24
displaying 43-29
order of entries 43-23
permitting packets 43-24
router ACLs and 43-30
using (figure) 43-5
using in your network 43-26
VLAN maps, PACL and Router ACLs 43-36
VLANs
allowed on trunk 15-6
configuration guidelines 13-3
configuring 13-5
customer numbering in service-provider networks 24-3
default configuration 13-4
description 1-7
extended range 13-3
IDs (default) 13-4
interface assignment 13-8
limiting source traffic with RSPAN 46-23
monitoring with RSPAN 46-22
name (default) 13-4
normal range 13-3
overview 13-1
reserved range 13-3
See also PVLANs
VLAN Trunking Protocol
See VTP
VLAN trunks
overview 15-3
VMPS
configuration file example 13-28
configuring dynamic access ports on client 13-22
configuring retry interval 13-23
database configuration file 13-28
dynamic port membership
example 13-25
reconfirming 13-23
reconfirming assignments 13-23
reconfirming membership interval 13-23
server overview 13-17
VMPS client
administering and monitoring 13-24
configure switch
configure reconfirmation interval 13-23
dynamic ports 13-22
entering IP VMPS address 13-21
reconfirmation interval 13-23
reconfirm VLAM membership 13-23
default configuration 13-20
dynamic VLAN membership overview 13-20
troubleshooting dynamic port VLAN membership 13-25
VMPS server
fall-back VLAN 13-19
illegal VMPS client requests 13-19
overview 13-17
security modes
multiple 13-19
open 13-18
secure 13-18
voice interfaces
configuring 36-1
Voice over IP
configuring 36-1
voice ports
configuring VVID 36-3
voice traffic 11-2, 36-5
voice VLAN
IP phone data traffic, described 36-2
IP phone voice traffic, described 36-2
voice VLAN ports
using 802.1X 38-18
VPN
configuring routing in 34-6
forwarding 34-4
in service provider networks 34-1
routes 34-2
routing and forwarding table
See VRF
VRF
defining 34-4
tables 34-1
VTP
configuration guidelines 13-12
configuring13-12to 13-17
configuring transparent mode 13-16
default configuration 13-12
disabling 13-16
Layer 2 protocol tunneling 24-7
monitoring 13-16
overview 13-8
See also VTP version 2
VTP advertisements
description 13-9
VTP clients
configuring 13-15
VTP domains
description 13-9
VTP modes 13-9
VTP pruning
enabling 13-13
overview 13-10
VTP servers
configuring 13-14
VTP statistics
displaying 13-16
VTP version 2
enabling 13-14
overview 13-10
See also VTP
VTY and Network Assistant 12-11
VVID (voice VLAN ID)
and 802.1X authentication 38-18
configuring 36-3
W
Wake-on-LAN
configure with 802.1X 38-38
WCCP
configuration examples 53-9
configuring on a router 53-2, 53-10
features 53-4
restrictions 53-5
service groups 53-6
Web Cache Communication Protocol
See WCCP 53-1
web caches
See cache engines
web cache services
description 53-4
web caching
See web cache services
See also WCCP
web scaling 53-1