-
Catalyst 4500 Series Switch Software Configuration Guide, 12.2(44)SG
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch for the First Time
-
Administering the Switch
-
Configuring the Cisco IOS In Service Software Upgrade Process
-
Configuring Interfaces
-
Checking Port Status and Connectivity
-
Configuring Supervisor Engine Redundancy Using RPR and SSO
-
Configuring Cisco NSF with SSO Supervisor Engine Redundancy
-
Environmental Monitoring and Power Management
-
Configuring Power over Ethernet
-
Configuring the Catalyst 4500 Series Switch with Cisco Network Assistant
-
Configuring VLANs, VTP, and VMPS
-
Configuring IP Unnumbered Interface
-
Configuring Layer 2 Ethernet Interfaces
-
Configuring SmartPort Macros
-
Configuring STP and MST
-
Configuring Resilient Ethernet Protocol
-
Configuring Optional STP Features
-
Configuring EtherChannel
-
Configuring IGMP Snooping and Filtering
-
Configuring IPv6 MLD Snooping
-
Configuring 802.1Q and Layer 2 Protocol Tunneling
-
Configuring CDP
-
Configuring LLDP
-
Configuring UDLD
-
Configuring Layer 3 Interfaces
-
Configuring Cisco Express Forwarding
-
Configuring Unicast Reverse Path Forwarding
-
Configuring Unidirectional Ethernet
-
Configuring IP Multicast
-
Configuring Policy-Based Routing
-
Configuring VRF-lite
-
Configuring Quality of Service
-
Configuring Voice Interfaces
-
Configuring Private VLANs
-
Configuring 802.1X Port-Based Authentication
-
Configuring Port Security
-
Configuring Control Plane Policing
-
Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
-
Configuring Dynamic ARP Inspection
-
Configuring Network Security with ACLs
-
Port Unicast and Multicast Flood Blocking
-
Configuring Storm Control
-
Configuring SPAN and RSPAN
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring NetFlow
-
Configuring RMON
-
Performing Diagnostics
-
Configuring WCCP Version 2 Services
-
Configuring MIB Support
-
ROM Monitor
-
Acronym
-
Index
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -
Index
ACLs
applying IPv6 ACLs to a Layer 3 interface 42-21
Numerics
10/100 autonegotiation feature, forced 6-12
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 6-8
10-Gigabit Ethernet port
deploy with Gigabit Ethernet SFP ports 6-6
1400 W DC Power supply
special considerations 10-16
1400 W DC SP Triple Input power supply
special considerations 10-17
802.10 SAID (default) 13-4
802.1Q
trunks 17-6
tunneling
compatibility with other features 23-5
defaults 23-4
described 23-2
tunnel ports with other features 23-6
802.1Q VLANs
encapsulation 15-3
trunk restrictions 15-5
802.1s
802.1w
802.1X
802.1X authentication
for Critical Authentication 37-12
for guest VLANs 37-8
for MAC Authentication Bypass 37-9
for Wake-on-LAN 37-12
RADIUS accounting 37-16
with port security 37-15
with VLAN assignment 37-7
with voice VLAN ports 37-19
802.3ad
A
AAA 39-1
abbreviating commands 2-5
access control entries
access control entries and lists 39-1
access-group mode, configuring on Layer 2 interface 42-34
access-group mode, using PACL with 42-34
access list filtering, SPAN enhancement 45-13
access lists
using with WCCP 51-7
access ports
and Layer 2 protocol tunneling 23-9
configure port security 38-6, 38-21
configuring 15-8
access VLANs 15-6
accounting
configuring for 802.1X 37-32
ACEs
ACLs 42-2
IP 42-2
Layer 4 operation restrictions 42-15
ACEs and ACLs 39-1
ACLs
ACEs 42-2
and SPAN 45-5
and TCAM programming for Sup 6-E 42-15
and TCAM programming for Sup II-Plus thru V-10GE 42-6
applying on routed packets 42-31
applying on switched packets 42-30
chaning the TCAM programming algorithm 42-9
compatibility on the same switch 42-3
configuring with VLAN maps 42-30
CPU impact 42-17
hardware and software support 42-5
IP, matching criteria for port ACLs 42-4
MAC extended 42-19
matching criteria for router ACLs 42-3
port
and voice VLAN 42-4
defined 42-3
limitations 42-5
processing 42-17
resize the TCAM regions 42-10
selecting mode of capturing control packets 42-12
TCAM programming algorithm 42-7
troubleshooting high CPU 42-12
types supported 42-3
understanding 42-2
VLAN maps 42-5
ACLs and VLAN maps, examples 42-24
acronyms, list of A-1
action drivers, marking 34-75
active queue management 34-14
active queue management via DBL, QoS on Sup 6-E 34-88
adding members to a community 12-8
addresses
displaying the MAC address table 4-30
dynamic
changing the aging time 4-21
defined 4-19
learning 4-20
removing 4-22
MAC, discovering 4-30
static
adding and removing 4-27
defined 4-19
address resolution 4-30
adjacency tables
description 29-2
displaying statistics 29-9
administrative VLAN
REP, configuring 18-8
administrative VLAN, REP 18-7
advertisements
advertisements, VTP
aggregation switch, enabling DHCP snooping 40-9
aging time
MAC address table 4-21
applying IPv6 ACLs to a Layer 3 interface 42-21
AQM via DBL, QoS on Sup 6-E 34-88
ARP
defined 4-30
table
address resolution 4-30
managing 4-30
asymmetrical links, and 802.1Q tunneling 23-4
authentication
NTP associations 4-4
See also port-based authentication
TACACS+
defined 3-16
key 3-18
login 3-19
Authentication, Authorization, and Accounting (AAA) 39-1
Authentication Failed VLAN assignment
configure with 802.1X 37-40
authentication server
defined 37-3
RADIUS server 37-3
authoritative time source, described 4-2
authorization
authorized and unauthorized ports 37-4
authorized ports with 802.1X 37-4
autoconfiguration 3-2
automatic discovery
considerations 12-7
automatic QoS
Auto-MDIX on a port
configuring 6-22
displaying the configuration 6-23
overview 6-21
autonegotiation feature
forced 10/100Mbps 6-12
Auto-QoS
configuring 34-17
auto-sync command 8-8
B
Baby Giants
interacting with 6-20
BackboneFast
adding a switch (figure) 19-3
and MST 17-23
configuring 19-15
link failure (figure) 19-13, 19-14
not supported MST 17-23
understanding 19-12
banners
configuring
login 4-19
message-of-the-day login 4-18
default configuration 4-18
when displayed 4-17
b command 53-3
b flash command 53-3
BGP 1-8
routing session with multi-VRF CE 33-6
blocking packets 43-1
blocking state (STP)
RSTP comparisons (table) 17-24
boot bootldr command 3-31
boot command 3-28
boot commands 53-3
boot fields
See configuration register boot fields
bootstrap program
boot system command 3-26, 3-31
boot system flash command 3-28
Border Gateway Protocol
boundary ports
description 17-27
BPDU Guard
and MST 17-23
configuring 19-15
overview 19-7
BPDUs
and media speed 17-2
pseudobridges and 17-25
what they contain 17-3
bridge ID
bridge priority (STP) 17-16
bridge protocol data units
Broadcast Storm Control
disabling 44-6
enabling 44-3
BSR
configuration example 31-21
burst rate 34-56
burst size 34-31
C
cache engine clusters 51-1
cache engines 51-1
cache farms
candidates
automatic discovery 12-7
candidate switch, cluster
defined 12-12
requirements 12-12
Capturing control packets
selecting mode 42-12
cautions
Unicast RPF
BGP optional attributes 30-4
cautions for passwords
encrypting 3-22
CDP
and trusted boundary 34-26
automatic discovery in communities 12-7
configuration 24-2
defined with LLDP 25-1
displaying configuration 24-3
enabling on interfaces 24-3
Layer 2 protocol tunneling 23-7
maintaining 24-3
monitoring 24-3
cdp enable command 24-3
CEF
adjacency tables 29-2
and NSF with SSO 9-5
configuring load balancing 29-7
displaying statistics 29-8
enabling 29-6
hardware switching 29-4
load balancing 29-6
overview 29-1
software switching 29-4
CGMP
overview 21-1
channel-group group command 20-7, 20-10
Cisco 7600 series Internet router
enabling SNMP 52-16
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IOS NSF-aware
support 9-2
Cisco IOS NSF-capable support 9-2
Cisco IP Phones
configuring 35-2
sound quality 35-1
CiscoWorks 2000 47-4
CIST
description 17-22
class level, configure in a service policy 34-85
class-map command 34-33
class of service
clear cdp counters command 24-4
clear cdp table command 24-3
clear counters command 6-25
clearing
IP multicast table entries 31-20
clear ip eigrp neighbors command 28-18
clear ip flow stats command 48-9
CLI
accessing 2-1
backing out one level 2-5
getting commands 2-5
history substitution 2-3
managing clusters 12-12
modes 2-5
monitoring environments 45-1
ROM monitor 2-7
software basics 2-4
clients
in 802.1X authentication 37-2
clock
clustering switches
command switch characteristics 12-11, 12-12
and VTY 12-11
convert to a community 12-9
managing
through CLI 12-12
overview 12-11
planning considerations
CLI 12-12
passwords 12-8
command-line processing 2-3
command modes 2-5
commands
b 53-3
b flash 53-3
boot 53-3
confreg 53-3
dev 53-3
dir device 53-3
frame 53-5
i 53-3
listing 2-5
meminfo 53-5
reset 53-3
ROM monitor debugging 53-5
SNMP 52-16
sysret 53-5
command switch, cluster
requirements 12-11
common and internal spanning tree
common spanning tree
community of switches
access modes in Network Assistant 12-8
adding devices 12-8
candidate characterisitcs 12-6
communication protocols 12-8
community name 12-7
configuration information 12-8
converting from a cluster 12-9
host name 12-7
passwords 12-8
community ports 36-4
community strings
configuring 47-7
overview 47-4
and SPAN features 36-11
configure as a PVLAN 36-12
compiling MIBs 52-16
config-register command 3-29
config terminal command 3-9
configurable leave timer,IGMP 21-3
configuration examples
SNMP 47-16
configuration files
limiting TFTP server access 47-15
obtaining with DHCP 3-6
saving 3-10
system contact and location information 47-15
configuration guidelines
REP 18-6
SNMP 47-6
configuration register
boot fields
listing value 3-29
modifying 3-28
changing from ROM monitor 53-3
configuring 3-26
settings at startup 3-27
configure class-level queue-limit in a service policy 34-85
configure terminal command 3-28, 6-2
configuring access-group mode on Layer 2 interface 42-34
configuring flow control 6-15
configuring interface link and trunk status envents 6-26
configuring named IPv6 ACLs 42-20
configuring named MAC extended ACLs 42-19
configuring unicast MAC address filtering 42-19
configuring VLAN maps 42-22
confreg command 53-3
console configuration mode 2-5
console port
disconnecting user sessions 7-6
monitoring user sessions 7-6
control plane policing
convergence
REP 18-3
CoPP
applying QoS service policy to control plane 39-4
configuring
ACLs to match traffic 39-4
enabling MLS QoS 39-4
packet classification criteria 39-4
service-policy map 39-4
control plane configuration mode
entering 39-4
displaying
dynamic information 39-8
number of conforming bytes and packets 39-8
rate information 39-8
entering control plane configuration mode 39-4
monitoring statistics 39-8
overview 39-2
copy running-config startup-config command 3-10
copy system:running-config nvram:startup-config command 3-31
CoS
definition 34-3
figure 34-2
overriding on Cisco IP Phones 35-4
priority 35-4
CoS Mutation
configuring 34-40
CoS-to-DSCP maps 34-57
CoS value, configuring for an interface 34-53
counters
clearing MFIB 31-20
clearing on interfaces 6-25
CPU, impact of ACL processing 42-17
CPU port sniffing 45-10
Critical Authentication
configure with 802.1X 37-36
CST
description 17-25
IST and 17-22
MST and 17-22
customer edge devices 33-2
D
database agent
configuration examples 40-12
enabling the DHCP Snooping 40-12
daylight saving time 4-13
debug commands, ROM monitor 53-5
default configuration
802.1X 37-22
auto-QoS 34-17
banners 4-18
DNS 4-16
IGMP filtering 21-18
Layer 2 protocol tunneling 23-9
LLDP 25-3
MAC address table 4-21
multi-VRF CE 33-3
NTP 4-4
private VLANs 36-10
REP 18-6
resetting the interface 6-28
RMON 49-3
SNMP 47-6
SPAN and RSPAN 45-6
system message logging 46-3
system name and prompt 4-15
TACACS+ 3-18
default gateway
configuring 3-11
verifying configuration 3-11
default settings, erase commad 3-31
denial-of-service attacks
IP address spoofing, mitigating 30-5
Unicast RPF, deploying 30-5
denying access to a server on another VLAN 42-28
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 6-6
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 6-8
description command 6-14
detecting unidirectional links 26-1
dev command 53-3
device discovery protocol 25-1
DHCP-based autoconfiguration
client request message exchange 3-3
configuring
client side 3-2
DNS 3-5
relay device 3-5
server-side 3-3
TFTP server 3-4
example 3-7
lease options
for IP address information 3-3
for receiving the configuration file 3-4
overview 3-2
relationship to BOOTP 3-2
DHCP option 82
overview 40-3
DHCP Snooping
enabling, and Option 82 40-9
DHCP snooping
accepting untrusted packets form edge switch 40-10
configuring 40-6
default configuration 40-7
displaying binding tables 40-16
displaying configuration 40-16
displaying information 40-15
enabling 40-7
enabling on private VLAN 40-11
enabling on the aggregation switch 40-9
enabling the database agent 40-12
message exchange process 40-4
monitoring 40-20
option 82 data insertion 40-3
overview 40-1
Snooping database agent 40-2
DHCP Snooping Database Agent
adding to the database (example) 40-15
enabling (example) 40-12
overview 40-2
reading from a TFTP file (example) 40-14
Diagnostics
online 50-1
troubleshooting 50-2
Power-On-Self-Test
causes of failure 50-14
how it works 50-3
overview 50-3
Power-On-Self-Test for Supervisor Engine V-10GE 50-8
Differentiated Services Code Point values
DiffServ architecture, QoS 34-2
Digital optical monitoring transceiver support 6-11
dir device command 53-3
disabled state
RSTP comparisons (table) 17-24
disabling
broadcast storm control 44-6
disabling multicast storm control 44-7
disconnect command 7-6
discovery, clusters
displaying storm control 44-7
DNS
and DHCP-based autoconfiguration 3-5
default configuration 4-16
displaying the configuration 4-17
overview 4-15
setting up 4-16
domain names
DNS 4-15
Domain Name System
double-tagged packets
802.1Q tunneling 23-2
Layer 2 protocol tunneling 23-9
drop threshold for Layer 2 protocol packets 23-10
DSCP maps 34-57
DSCP-to-CoS maps
configuring 34-59
DSCP values
configuring maps 34-57
definition 34-4
IP precedence 34-2
mapping markdown 34-24
mapping to transmit queues 34-55
DSCP values, configuring port value 34-54
DTP
VLAN trunks and 15-3
duplex command 6-13
duplex mode
configuring interface 6-12
dynamic ARP inspection
ARP cache poisoning 41-2
configuring
ACLs for non-DHCP environments 41-10
in DHCP environments 41-5
log buffer 41-14
rate limit for incoming ARP packets 41-16
denial-of-service attacks, preventing 41-16
interface trust state, security coverage 41-3
log buffer
configuring 41-14
logging of dropped packets 41-4
overview 41-1
port channels, their behavior 41-4
priority of static bindings 41-4
purpose of 41-2
rate limiting of ARP packets 41-4
configuring 41-16
validation checks, performing 41-19
dynamic buffer limiting
globally 34-27
on specific CoS values 34-29
on specific IP DSCP values 34-28
Dynamic Host Configuration Protocol snooping
dynamic port VLAN membership
example 13-25
limit on hosts 13-24
reconfirming 13-22
troubleshooting 13-24
Dynamic Trunking Protocol
E
EAP frames
changing retransmission time 37-45
exchanging (figure) 37-4, 37-6, 37-11
request/identity 37-3
response/identity 37-3
setting retransmission number 37-46
EAPOL frames
802.1X authentication and 37-3
OTP authentication, example (figure) 37-4, 37-11
start 37-3
edge ports
description 17-27
EGP
overview 1-8
EIGRP
configuration examples 28-19
monitoring and maintaining 28-18
EIGRP (Enhanced IGRP)
stub routing
benefits 28-17
configuration tasks 28-17
configuring 28-13
overview 28-13
restrictions 28-17
verifying 28-18
EIGRP (enhanced IGRP)
overview 1-8
eigrp stub command 28-18
EIGRP stub routing, configuring 28-12
Embedded CiscoView
displaying information 4-33
installing and configuring 4-31
overview 4-31
emergency alarms on Sup Engine 6-E systems 10-3
enable mode 2-5
enabling or disabling QOS on an interface 34-50
enabling SNMP 52-16
encapsulation types 15-3
Enhanced Interior Gateway Routing Protocol
Enhanced PoE support on E-series 11-12
environmental conditions
Sup Engine 6-E 10-2
Sup Engines II-Plus to V-10GE 10-2
environmental monitoring
using CLI commands 10-1
EtherChannel
channel-group group command 20-7, 20-10
configuration guidelines 20-5
configuring Layer 2 20-9
configuring Layer 3 20-6
interface port-channel command 20-7
lacp system-priority
command example 20-12
modes 20-3
overview 20-1
PAgP
Understanding 20-3
physical interface configuration 20-7
port-channel interfaces 20-2
port-channel load-balance command 20-13
removing 20-14
removing interfaces 20-14
explicit host tracking
enabling 21-10
extended range VLANs
Extensible Authentication Protocol over LAN 37-1
Exterior Gateway Protocol
F
FastDrop
clearing entries 31-20
displaying entries 31-19
overview 31-10
FIB
description 29-2
filtering
in a VLAN 42-22
non-IP traffic 42-19
flags 31-11
Flash memory
configuring router to boot from 3-30
loading system images from 3-30
security precautions 3-30
flooded traffic, blocking 43-2
flowchart, traffic marking procedure 34-75
flow control, configuring 6-15
forward-delay time (STP)
configuring 17-18
forwarding information base
frame command 53-5
G
gateway
get-bulk-request operation 47-3
get-next-request operation 47-3, 47-4
get-request operation 47-3, 47-4
get-response operation 47-3
Gigabit Ethernet SFP ports
deploy with 10-Gigabit Ethernet 6-6
global configuration mode 2-5
Guest-VLANs
configure with 802.1X 37-32, 37-41
H
hardware and software ACL support 42-5
hardware switching 29-5
hello time (STP)
configuring 17-17
hierarchical policers, configuring 34-46
hierarchical policies, QoS on Sup 6-E 34-89
high CPU due to ACLs, troubleshooting 42-12
history
CLI 2-3
history table, level and number of syslog messages 46-9
hop counts
configuring MST bridges 17-28
host
configuring host statically 21-10
limit on dynamic port 13-24
host ports
kinds of 36-4
Hot Standby Routing Protocol
HSRP
description 1-7
http
//www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a008042fbb3.html 1-7
//www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcr/tcf_r/index.htm 24-1, 46-1, 47-1, 49-1
hw-module module num power command 10-20
I
ICMP
enabling 7-11
ping 7-7
running IP traceroute 7-8
time exceeded messages 7-8
i command 53-3
IDS
using with SPAN and RSPAN 45-2
IEEE 802.1s
IEEE 802.1w
IEEE 802.3ad
IGMP
configurable leave timer
enabling 21-8
configurable-leave timer 21-3
description 31-3
enabling 31-13
explicit host tracking 21-4, 21-10
immediate-leave processing 21-3
leave processing, enabling 22-8
overview 21-1
report suppression
disabling 22-11
IGMP filtering
configuring 21-18
default configuration 21-18
described 21-18
monitoring 21-21
IGMP groups
setting the maximum number 21-20
IGMP Immediate Leave
configuration guidelines 21-8
IGMP profile
applying 21-19
configuration mode 21-18
configuring 21-19
IGMP snooping
configuration guidelines 21-4
default configuration 22-5, 22-6
enabling and disabling 22-6
IP multicast and 31-4
overview 21-1
IGRP
description 1-9
Immediate Leave, IGMP
enabling 22-8
immediate-leave processing
enabling 21-8
IGMP
ingress packets, SPAN enhancement 45-12
inline power
configuring on Cisco IP phones 35-5
insufficient inline power handling for Supervisor Engine II-TS 10-18
Intelligent Power Management 11-4
interacting with Baby Giants 6-20
interface configuration
REP 18-9
interface link and trunk status events
configuring 6-26
interface port-channel command 20-7
interface range command 6-4
interface range macro command 6-5
interfaces
adding descriptive name 6-14
clearing counters 6-25
configuring 6-2
configuring ranges 6-4
displaying information about 6-25
Layer 2 modes 15-4
maintaining 6-24
monitoring 6-24
naming 6-14
numbers 6-2
overview 6-1
restarting 6-26
Interior Gateway Routing Protocol
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link encapsulation
Intrusion Detection System
inventory management TLV 25-3, 25-6
IP
configuring default gateway 3-11
configuring static routes 3-11
displaying statistics 29-8
flow switching cache 48-9
IP addresses
cluster candidate or member 12-12
cluster command switch 12-11
discovering 4-30
ip cef command 29-6
IP Enhanced IGRP
interfaces, displaying 28-18
ip flow-aggregation cache destination-prefix command 48-11
ip flow-aggregation cache prefix command 48-11
ip flow-aggregation cache source-prefix command 48-12
ip flow-export command 48-9
ip icmp rate-limit unreachable command 7-12
ip igmp profile command 21-18
ip igmp snooping tcn flood command 21-12
ip igmp snooping tcn flood query count command 21-12
ip igmp snooping tcn query solicit command 21-13
IP information
assigned
through DHCP-based autoconfiguration 3-2
ip load-sharing per-destination command 29-7
ip local policy route-map command 32-5
ip mask-reply command 7-13
IP MTU sizes, configuring 28-8
IP MTU sizes,configuring 28-8
IP multicast
clearing table entries 31-20
configuring 31-12
default configuration 31-13
displaying PIM information 31-15
displaying the routing table information 31-16
enabling 31-13
enabling dense-mode PIM 31-14
enabling sparse-mode 31-14
features not supported 31-12
hardware forwarding 31-8
monitoring 31-15
overview 31-1
routing protocols 31-2
software forwarding 31-8
See also Auto-RP; IGMP; PIM; RP; RPF
ip multicast-routing command 31-13
IP phones
automatic classification and queueing 34-17
configuring voice ports 35-3
See Cisco IP Phones 35-1
trusted boundary for QoS 34-26
ip pim command 31-14
ip pim dense-mode command 31-14
ip pim sparse-dense-mode command 31-15
ip policy route-map command 32-4
IP Port Security for Static Hosts
on a Layer 2 access port 40-21
on a PVLAN host port 40-24
overview 40-21
ip redirects command 7-12
ip route-cache flow command 48-7
IP routing tables
deleting entries 31-20
IP Source Guard
configuring 40-17
configuring on private VLANs 40-19
overview 40-16
IP statistics
displaying 29-8
IP traceroute
executing 7-8
overview 7-8
IP unicast
displaying statistics 29-8
IP Unnumbered support
configuring on a range of Ethernet VLANs 14-5
configuring on LAN and VLAN interfaces 14-4
configuring with connected host polling 14-6
DHCP Option 82 14-2
displaying settings 14-7
format of agent remote ID suboptions 14-3
troubleshooting 14-8
with conected host polling 14-3
with DHCP server and Relay agent 14-2
ip unreachables command 7-11
IPX
redistribution of route information with EIGRP 1-8
ISL
encapsulation 15-3
trunking with 802.1Q tunneling 23-4
isolated port 36-4
ISSU
compatibility matrix 5-12
compatiblity verification using Cisco Feature Navigator 5-13
NSF overview 5-3
perform the process
aborting a software upgrade 5-25
configuring the rollback timer as a safeguard 5-26
displaying a compatibility matrix 5-28
loading the new software on the new standby 5-23
stopping the rollback timer 5-22
switching to the standby 5-19
verify the ISSU state 5-16
verify the redundancy mode 5-14
verify the software installation 5-14
vload the new software on standby 5-16
prerequisites 5-2
process overview 5-6
restrictions 5-2
SNMP support 5-12
SSO overview 5-3
versioning capability in software to support 5-11
IST
and MST regions 17-22
description 17-22
master 17-27
J
jumbo frames
and ethernet ports 6-19
configuring MTU sizes for 6-19
ports and linecards that support 6-17
understanding MTUs 6-18
understanding support 6-18
VLAN interfaces 6-19
K
keyboard shortcuts 2-3
L
l2protocol-tunnel command 23-11
labels, definition 34-3
LACP
system ID 20-4
Layer 2 access ports 15-8
Layer 2 Control Packet QoS
feature interaction 34-64
overview 34-60
usage guidelines 34-64
Layer 2 frames
classification with CoS 34-2
Layer 2 interface, configuring access-mode mode on 42-34
Layer 2 interfaces
assigning VLANs 13-7
configuring 15-5
configuring as PVLAN host ports 36-16
configuring as PVLAN promiscuous ports 36-15
configuring as PVLAN trunk ports 36-17
defaults 15-5
disabling configuration 15-9
modes 15-4
show interfaces command 15-7
Layer 2 interface type
resetting 36-21
setting 36-21
Layer 2 protocol tunneling
default configuration 23-9
guidelines 23-10
Layer 2 switching
overview 15-1
Layer 2 Traceroute
and ARP 7-10
and CDP 7-9
host-to-host paths 7-9
IP addresses and subnets 7-10
MAC addresses and VLANs 7-10
multicast traffic 7-10
multiple devices on a port 7-10
usage guidelines 7-9
Layer 2 trunks
configuring 15-6
overview 15-3
Layer 3 interface, applying IPv6 ACLs 42-21
Layer 3 interface counters,configuring 28-10
Layer 3 interface counters,understanding 28-4
Layer 3 interfaces
configuration guidelines 28-5
overview 28-1
logical 28-2
physical 28-2
VLANs as interfaces 28-7
Layer 3 packets
classification methods 34-2
Layer 4 port operations
configuration guidelines 42-16
restrictions 42-15
limitations on using a TwinGig Convertor 6-9
link and trunk status events
configuring interface 6-26
link integrity, verifying with REP 18-3
Link Layer Discovery Protocol
listening state (STP)
RSTP comparisons (table) 17-24
LLDP
configuring 25-3
characteristics 25-3
default configuration 25-3
disabling and enabling
globally 25-5
on an interface 25-5
monitoring and maintaining 25-7
overview 25-1
transmission timer and holdtime, setting 25-3
LLDP-MED
configuring
procedures 25-3
TLVs 25-6
monitoring and maintaining 25-7
overview 25-1
supported TLVs 25-2
LLDP Media Endpoint Discovery
load balancing
configuring for CEF 29-7
configuring for EtherChannel 20-13
per-destination 29-7
location TLV 25-6
Logical Layer 3 interfaces
configuring 28-5
login authentication
with TACACS+ 3-19
login banners 4-17
login timer
changing 7-5
logoutwarning command 7-6
loop guard
and MST 17-23
configuring 19-4
overview 19-3
M
MAC/PHY configuration status TLV 25-2
MAC addresses
aging time 4-21
allocating 17-5
and VLAN association 4-20
convert dynamic to sticky secure 38-5
default configuration 4-21
discovering 4-30
displaying in DHCP snooping binding table 40-16
dynamic
learning 4-20
removing 4-22
in ACLs 42-19
static
adding 4-28
allowing 4-29
characteristics of 4-27
dropping 4-29
removing 4-28
sticky 38-4
sticky secure, adding 38-5
MAC Authentication Bypass
configure with 802.1X 37-35
MAC extended access lists 42-19
macros
main-cpu command 8-8
management address TLV 25-2
management options
SNMP 47-1
manual preemption, REP, configuring 18-11
mapping
DSCP markdown values 34-24
DSCP values to transmit queues 34-55
mapping tables
configuring DSCP 34-57
described 34-14
marking
hardware capabilities 34-77
marking action drivers 34-75
marking network traffic 34-72
marking support, multi-attribute 34-76
mask destination command 48-11
mask source command 48-11, 48-12
Match CoS for non-IPV4 traffic
configuring 34-35
match ip address command 32-3
maximum aging time (STP)
configuring 17-18
MDA
configuration guidelines 37-20
described 37-19
members
automatic discovery 12-7
member switch
managing 12-12
member switch, cluster
defined 12-11
requirements 12-12
meminfo command 53-5
messages, to users through banners 4-17
metro tags 23-2
MFIB
CEF 31-5
displaying 31-18
overview 31-11
MIBs
compiling 52-16
overview 47-1
related information 52-15
SNMP interaction with 47-4
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
MLD Snooping
MLD Done messages and Immediate-leave 22-4
MLD messages 22-2
MLD queries 22-3
MLD reports 22-4
Multicast client aging robustness 22-3
Multicast router discovery 22-3
overview 22-1
Mode of capturing control packets, selecting 42-12
module, displaying PoE consumed 11-8
modules
checking status 7-1
powering down 10-20
monitoring
802.1Q tunneling 23-12
ACL information 42-38
IGMP
snooping 22-11
IGMP filters 21-21
IGMP snooping 21-13
Layer 2 protocol tunneling 23-12
multicast router interfaces 22-11
multi-VRF CE 33-11
REP 18-12
traffic flowing among switches 49-1
tunneling 23-12
VLAN filters 42-29
VLAN maps 42-29
M-record 17-23
MST
and multiple spanning trees 1-3, 17-22
boundary ports 17-27
BPDUs 17-23
configuration parameters 17-26
configuring 17-29
displaying configurations 17-33
edge ports 17-27
enabling 17-29
hop count 17-28
instances
configuring parameters 17-32
description 17-22
number supported 17-26
interoperability with PVST+ 17-23
link type 17-28
master 17-27
message age 17-28
regions 17-26
restrictions 17-29
to-SST interoperability 17-24
MSTP
M-record 17-23
M-tree 17-23
M-tree 17-23
MTUS
understanding 6-18
MTU size
default 13-4
multicast
Multicast client aging robustness 22-3
multicast groups
static joins 22-7
multicast packets
blocking 43-2
Multicast router discovery 22-3
multicast router interfaces, monitoring 22-11
multicast router ports, adding 22-8
multicast routers
displaying routing tables 31-16
flood suppression 21-10
Multicast Storm Control
enabling 44-4
disabling 44-7
suppression on Sup 6-E 44-4
suppression on WS-X4014 44-6
suppression on WS-X4016 44-5
WS-X4515, WS-X4014, and WS-X4013+ Sup Engs 44-6
WS-X4516 Sup Eng 44-5
multidomain authentication
Multiple Domain Authentication
configuring 37-28
overview of Host Mode 37-6
multiple forwarding paths 1-3, 17-22
Multiple Spanning Tree
multiple VPN routing/forwarding
multi-VRF CE
components 33-3
configuration example 33-7
default configuration 33-3
defined 33-1
displaying 33-11
monitoring 33-11
network components 33-3
packet-forwarding process 33-3
N
named aggregate policers, creating 34-31
named IPv6 ACLs, configuring
ACLs
configuring named IPv6 ACLs 42-20
named MAC extended ACLs
ACLs
configuring named MAC extended 42-19
native VLAN
and 802.1Q tunneling 23-4
specifying 15-6
neighbor offset numbers, REP 18-4
NetFlow
aggregation
minimum mask,default value 48-11
destination-prefix aggregation
configuration (example) 48-16
minimum mask, configuring 48-11
IP
flow switching cache 48-9
prefix aggregation
configuration (example) 48-14
minimum mask, configuring 48-11
source-prefix aggregation
minimum mask, configuring 48-11
switching
checking for required hardware 48-6
configuration (example) 48-13
configuring switched IP flows 48-8
enabling Collection 48-7
exporting cache entries 48-9
statistics 48-9
NetFlow statistics
caveats on supervisor 48-6
checking for required hardware 48-6
configuring collection 48-6
enabling Collection 48-7
exporting cache entries 48-9
overview of collection 48-1
switched/bridged IP flows 48-8
Network Assistant
and VTY 12-11
configure
enable communication with switch 12-13, 12-17
default configuration 12-2
overview of CLI commands 12-2
network fault tolerance 1-3, 17-22
network management
configuring 24-1
RMON 49-1
SNMP 47-1
Network Time Protocol
network traffic, marking 34-72
New Software Features in Release 7.7
TDR 7-3
Next Hop Resolution Protocol
NFFC/NFFC II
IGMP snooping and 21-4
NHRP
support 1-9
non-IP traffic filtering 42-19
non-RPF traffic
description 31-9
in redundant configurations (figure) 31-10
Nonstop Forwarding
nonvolatile random-access memory
normal-range VLANs
NSF
defined 9-1
guidelines and restrictions 9-9
operation 9-4
NSF-aware
supervisor engines 9-3
support 9-2
NSF-capable
supervisor engines 9-3
support 9-2
NSF with SSO supervisor engine redundancy
and CEF 9-5
overview 9-3
SSO operation 9-4
NTP
associations
authenticating 4-4
defined 4-2
enabling broadcast messages 4-7
peer 4-6
server 4-6
default configuration 4-4
displaying the configuration 4-11
overview 4-2
restricting access
creating an access group 4-9
disabling NTP services per interface 4-10
source IP address, configuring 4-10
stratum 4-2
synchronizing devices 4-6
time
services 4-2
synchronizing 4-2
NVRAM
saving settings 3-10
O
OIR
overview 6-24
Online Diagnostics 50-1
online insertion and removal
Open Shortest Path First
operating system images
Option 82
enabling DHCP Snooping 40-9
OSPF
area concept 1-10
description 1-10
P
packets
modifying 34-16
software processed
and QoS 34-16
packet type filtering
overview 45-15
SPAN enhancement 45-15
PACL, using with access-group mode 42-34
PACL with VLAN maps and router ACLs 42-36
PAgP
understanding 20-3
passwords
configuring enable password 3-13
configuring enable secret password 3-13
encrypting 3-22
in clusters 12-8
recovering lost enable password 3-25
setting line password 3-14
PBR (policy-based routing)
configuration (example) 32-5
enabling 32-3
features 32-2
overview 32-1
route maps 32-2
when to use 32-2
per-port and VLAN Access Control List 40-16
per-port per-VLAN QoS
enabling 34-48
overview 34-16
Per-VLAN Rapid Spanning Tree 17-6
enabling 17-20
overview 17-6
PE to CE routing, configuring 33-6
Physical Layer 3 interfaces, configuring 28-11
PIM
configuring dense mode 31-14
configuring sparse mode 31-14
displaying information 31-15
displaying statistics 31-20
enabling sparse-dense mode 31-14, 31-15
overview 31-3
PIM-DM 31-3
PIM-SM 31-3
ping
executing 7-7
overview 7-7
PoE
configuring power consumption for single device 11-5
configuring power consumption for switch 11-5
displaying PoE consumed by a module 11-8
Enhanced support on E-series 11-12
power consumption for powered devices
Intelligent Power Management 11-4
overview 11-5
supported cabling topology 11-6
powering down a module 10-20
power management modes 11-2
show interface status 11-7
point-to-point
in 802.1X authentication (figure) 37-2, 37-17
police command 34-37
policed-DSCP map 34-58
policers
description 34-5
types of 34-10
policies
policing
how to implement 34-72
policy associations, QoS on Sup 6-E 34-91
policy-map command 34-33, 34-36
policy map marking action, configuring 34-77
policy maps
attaching to interfaces 34-40
configuring 34-35
port ACLs
and voice VLAN 42-4
defined 42-3
limitations 42-5
Port Aggregation Protocol
port-based authentication
802.1X with voice VLAN 37-19
changing the quiet period 37-44
client, defined 37-2
configuration guidelines 37-23
configure 802.1X accounting 37-32
configure switch-to-RADIUS server communication 37-26
configure with Authentication Failed VLAN assignment 37-40
configure with Critical Authentication 37-36
configure with Guest-VLANs 37-32, 37-41
configure with MAC Authentication Bypass 37-35
configure with Wake-on-LAN 37-39
configuring
Multiple Domain Authentication 37-28
configuring Guest-VLAN 37-26
configuring manual re-authentication of a client 37-47
controlling authorization state 37-4
default configuration 37-22
described 37-1
device roles 37-2
displaying statistics 37-48
enabling 37-23
enabling multiple hosts 37-43
enabling periodic re-authentication 37-42
encapsulation 37-3
host mode 37-6
initiation and message exchange 37-3
method lists 37-23
multidomain authentication 37-19
multiple-hosts mode, described 37-6
port security
multiple-hosts mode 37-7
ports not supported 37-4
resetting to default values 37-48
setting retransmission number 37-46
setting retransmission time 37-45
topologies, supported 37-21
using with port security 37-15
with Critical Authentication 37-12
with Guest VLANs 37-8
with MAC Authentication Bypass 37-9
with VLAN assignment 37-7
port-based QoS features
port-channel interfaces
creating 20-6
overview 20-2
port-channel load-balance
command 20-12
command example 20-12
port-channel load-balance command 20-13
port cost (STP)
configuring 17-15
port description TLV 25-2
PortFast
and MST 17-23
BPDU filter, configuring 19-9
configuring or enabling 19-15
overview 19-6
PortFast BPDU filtering
and MST 17-23
enabling 19-9
overview 19-8
port numbering with TwinGig Convertors 6-8
port priority
configuring MST instances 17-32
configuring STP 17-13
ports
blocking 43-1
checking status 7-2
dynamic VLAN membership
example 13-25
reconfirming 13-22
forwarding, resuming 43-3
REP 18-5
port security
aging 38-5
and QoS trusted boundary 34-26
configuring 38-7
displaying 38-27
guidelines and restrictions 38-32
on private VLAN 38-13
host 38-14
over Layer 2 EtherChannel 38-32
promiscuous 38-15
on trunk port 38-16
guidelines and restrictions 38-14, 38-17, 38-20, 38-32
port mode changes 38-21
on voice ports 38-21
RADIUS accounting 37-16
sticky learning 38-5
using with 802.1X 37-15
violations 38-5
with 802.1X Authentication 38-31
with DHCP and IP Source Guard 38-30
with other features 38-32
port states
description 17-5
port trust state
port VLAN ID TLV 25-2
power
inline 35-5
power dc input command 10-17
power handling for Supervisor Engine II-TS 11-12
power inline command 11-3
power inline consumption command 11-5
power management
Catalyst 4500 series 10-6
Catalyst 4500 Switch power supplies 10-13
Catalyst 4948 series 10-20
configuring combined mode 10-12
configuring redundant mode 10-11
overview 10-1
redundancy 10-6
power management for Catalyst 4500 Switch
combined mode 10-8
redundant mode 10-8
power management limitations in Catalyst 4500 Switch 10-9
power management mode
selecting 10-8
power management TLV 25-2, 25-6
Power-On-Self-Test diagnostics 50-3, 50-14
Power-On-Self-Test for Supervisor Engine V-10GE 50-8
power redundancy-mode command 10-11
power supplies
available power for Catalyst 4500 Switch 10-13
fixed 10-7
preempt delay time, REP 18-5
primary edge port, REP 18-4
associating with secondary VLANs 36-14
configuring as a PVLAN 36-12
priority
overriding CoS of incoming frames 35-4
priority queuing, QoS on Sup 6-E 34-84
private VLAN
configure port security 38-14
enabling DHCP Snooping 40-11
private VLANs
across multiple switches 36-5
and SVIs 36-9
benefits of 36-2
community ports 36-4
default configuration 36-10
end station access to 36-3
isolated port 36-4
ports
community 36-4
isolated 36-4
promiscuous 36-5
promiscuous ports 36-5
secondary VLANs 36-3
subdomains 36-2
traffic in 36-8
privileged EXEC mode 2-5
privileges
changing default 3-23
configuring levels 3-23
exiting 3-24
logging in 3-24
promiscuous ports
configuring PVLAN 36-15
defined 36-5
setting mode 36-21
protocol timers 17-4
provider edge devices 33-2
pruning, VTP
pseudobridges
description 17-25
PVACL 40-16
PVID (port VLAN ID)
and 802.1X with voice VLAN ports 37-19
PVLAN promiscuous trunk port
configuring 36-2, 36-15, 36-19
PVLANs
802.1q support 36-12
across multiple switches 36-5
configuration guidelines 36-10
configure port security 38-13, 38-15, 38-17
configure port security in a wireless setting 38-32
configure port security over Layer 2 EtherChannel 38-32
configuring 36-9
configuring a VLAN 36-12
configuring promiscuous ports 36-15
host ports
configuring a Layer 2 interface 36-16
setting 36-21
overview 36-1
permitting routing, example 36-21
promiscuous mode
setting 36-21
setting
interface mode 36-21
Q
QoS
allocating bandwidth 34-56
and software processed packets 34-16
auto-QoS
configuration and defaults display 34-20
configuration guidelines 34-19
described 34-17
displaying 34-20
effects on NVRAM configuration 34-19
enabling for VoIP 34-19
basic model 34-5
burst size 34-31
configuration guidelines 34-25
auto-QoS 34-19
configuring
auto-QoS 34-17
DSCP maps 34-57
dynamic buffer limiting 34-27
traffic shaping 34-56
trusted boundary 34-26
configuring Layer 2 Control Packet QoS, feature interaction 34-64
configuring Layer 2 Control Packet QoS, guidelines 34-64
configuring Layer 2 Control Packet QoS, overview 34-60
configuring UBRL 34-42
configuring VLAN-based on Layer 2 interfaces 34-51
creating named aggregate policers 34-31
creating policing rules 34-32
default auto configuration 34-17
default configuration 34-23
definitions 34-3
disabling on interfaces 34-40
enabling and disabling 34-50
enabling hierarchical policers 34-46
enabling on interfaces 34-40
enabling per-port per-VLAN 34-48
IP phones
automatic classification and queueing 34-17
detection and trusted settings 34-17, 34-26
overview 34-1
overview of per-port per-VLAN 34-16
packet modification 34-16
port-based 34-51
priority 34-15
traffic shaping 34-16
transmit rate 34-56
trust states
trusted device 34-26
VLAN-based 34-51
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length 34-14
QoS labels
definition 34-3
QoS mapping tables
CoS-to-DSCP 34-57
DSCP-to-CoS 34-59
policed-DSCP 34-58
types 34-14
QoS marking
description 34-5
QoS on Sup 6-E
Active Queue management via DBL 34-88
active queue management via DBL 34-81, 34-88
classification 34-71
configuring 34-67
configuring the policy map marking action 34-77
hardware capabilities for marking 34-77
hierarchical policies 34-89
high level mode 34-69
how to implement policing 34-72
marking action drivers 34-75
marking network traffic 34-72
MQC-based QoS configuration 34-68
multi-attribute marking support 34-76
platform hardware capabilities 34-70
platform restrictions 34-72
platform-supported classification criteria and QoS features 34-68, 34-69
policing 34-71
policy associations 34-91
prerequisites for applying a service policy 34-70
priority queuing 34-84
queue-limiting 34-85
restrictions for applying a service policy 34-71
shaping 34-79
sharing(bandwidth) 34-81
sharing(blandwidth), shapring, and priority queuing 34-79
software QoS 34-92
traffic marking procedure flowchart 34-75
QoS policers
burst size 34-31
types of 34-10
QoS policing
definition 34-5
QoS policy
attaching to interfaces 34-11
overview of configuration 34-33
QoS service policy
prerequisites 34-70
restrictions for applying 34-71
QoS transmit queues
allocating bandwidth 34-56
burst 34-16
configuring traffic shaping 34-56
mapping DHCP values to 34-55
maximum rate 34-16
overview 34-14
sharing link bandwidth 34-15
QoS transmit queues, configuring 34-54
Quality of service
queue-limiting, QoS on Sup 6-E 34-85
R
RADIUS server
configure to-Switch communication 37-26
configuring settings 37-28
parameters on the switch 37-26
range command 6-4
range macros
defining 6-5
ranges of interfaces
configuring 6-4
Rapid Spanning Tree
rcommand command 12-12
re-authentication of a client
configuring manual 37-47
enabling periodic 37-42
reduced MAC address 17-2
redundancy
configuring 8-7
guidelines and restrictions 8-6
changes made through SNMP 8-11
NSF-aware support 9-2
NSF-capable support 9-2
overview 8-2
redundancy command 8-8
understanding synchronization 8-5
redundancy (NSF) 9-1
configuring
BGP 9-11
CEF 9-11
EIGRP 9-16
IS-IS 9-14
OSPF 9-13
routing protocols 9-5
redundancy (RPR)
route processor redundancy 8-3
synchronization 8-5
redundancy (SSO)
redundancy command 9-10
route processor redundancy 8-3
synchronization 8-5
Remote Network Monitoring
REP
administrative VLAN 18-7
administrative VLAN, configuring 18-8
and STP 18-5
configuration guidelines 18-6
configuring interfaces 18-9
convergence 18-3
default configuration 18-6
manual preemption, configuring 18-11
monitoring 18-12
neighbor offset numbers 18-4
open segment 18-2
ports 18-5
preempt delay time 18-5
primary edge port 18-4
ring segment 18-2
secondary edge port 18-4
segments 18-1
characteristics 18-2
SNMP traps, configuring 18-12
supported interfaces 18-1
triggering VLAN load balancing 18-5
verifying link integrity 18-3
VLAN blocking 18-11
VLAN load balancing 18-4
replication
description 31-8
report suppression, IGMP
disabling 22-11
reserved-range VLANs
reset command 53-3
resetting an interface to default configuration 6-28
resetting a switch to defaults 3-31
Resilient Ethernet ProtocolLSee REP
restricting access
NTP services 4-8
TACACS+ 3-15
retransmission number
setting in 802.1X authentication 37-46
retransmission time
changing in 802.1X authentication 37-45
RFC
1157, SNMPv1 47-2
1305, NTP 4-2
1757, RMON 49-2
1901, SNMPv2C 47-2
1902 to 1907, SNMPv2 47-2
2273-2275, SNMPv3 47-2
RIP
description 1-10
RMON
default configuration 49-3
displaying status 49-7
enabling alarms and events 49-4
groups supported 49-2
overview 49-1
ROM monitor
boot process and 3-26
CLI 2-7
debug commands 53-5
entering 53-2
exiting 53-6
overview 53-1
root bridge
configuring 17-9
selecting in MST 17-22
root guard
and MST 17-23
enabling 19-2
overview 19-2
routed packets
ACLs 42-31
route-map (IP) command 32-3
route maps
defining 32-3
PBR 32-2
router ACLs
description 42-3
using with VLAN maps 42-30
router ACLs, using PACL with VLAN maps 42-36
route targets
VPN 33-3
Routing Information Protocol
RSPAN
configuration guidelines 45-16
destination ports 45-5
IDS 45-2
monitored ports 45-4
monitoring ports 45-5
received traffic 45-3
sessions
creating 45-17
defined 45-3
limiting source traffic to specific VLANs 45-23
monitoring VLANs 45-22
removing source (monitored) ports 45-21
specifying monitored ports 45-17
source ports 45-4
transmitted traffic 45-4
VLAN-based 45-5
RSTP
compatibility 17-23
description 17-22
port roles 17-24
port states 17-24
S
SAID
scheduling 34-14
defined 34-5
overview 34-6
secondary edge port, REP 18-4
secondary root switch 17-12
secondary VLANs 36-3
associating with primary 36-14
permitting routing 36-21
security
configuring 39-1
IP
denial-of-service attacks 30-9
TCP SYN-flooding attacks 30-9
Security Association Identifier
selecting a power management mode 10-8
selecting X2/TwinGig Convertor Mode 6-9
sequence numbers in log messages 46-7
servers, VTP
service policy, configure class-level queue-limit 34-85
service-policy command 34-33
service-policy input command 27-2, 34-40
service-provider networks
and customer VLANs 23-2
set default interface command 32-4
set interface command 32-3
set ip default next-hop command 32-4
set ip next-hop command 32-3
set-request operation 47-4
severity levels, defining in system messages 46-8
shaping, QoS on Sup 6-E 34-79
sharing(bandwidth), QoS on Sup 6-E 34-81
show adjacency command 29-9
show boot command 3-31
show catalyst4000 chassis-mac-address command 17-3
show cdp entry command 24-4
show cdp interface command 24-3
show cdp neighbors command 24-4
show cdp traffic command 24-4
show ciscoview package command 4-33
show ciscoview version command 4-33
show cluster members command 12-12
show configuration command 6-14
show debugging command 24-4
show environment command 10-2
show history command 2-4
show interfaces command 6-19, 6-21, 6-25, 6-27
show interfaces status command 7-2
show ip cache flow aggregation destination-prefix command 48-12
show ip cache flow aggregation prefix command 48-12
show ip cache flow aggregation source-prefix command 48-12
show ip cache flow command 48-9
show ip cef command 29-8
show ip eigrp interfaces command 28-18
show ip eigrp neighbors command 28-18
show ip eigrp topology command 28-18
show ip eigrp traffic command 28-18
show ip interface command 31-15
show ip local policy command 32-5
show ip mroute command 31-15
show ip pim interface command 31-15
show l2protocol command 23-12
show lldp traffic command 25-8
show mac-address-table address command 7-3
show mac-address-table interface command 7-3
show mls entry command 29-8
show power inline command 11-7
show power inline consumption command 11-5
show power supplies command 10-11
show protocols command 6-25
show running-config command
adding description for an interface 6-14
checking your settings 3-9
displaying ACLs 42-24, 42-26, 42-33, 42-34
show startup-config command 3-10
show users command 7-6
show version command 3-29
shutdown, command 6-26
shutdown threshold for Layer 2 protocol packets 23-9
shutting down
interfaces 6-26
Simple Network Management Protocol
single spanning tree
slot numbers, description 6-2
Smartports macros
applying global parameter values 16-8
applying macros 16-8
applying parameter values 16-8
configuration guidelines 16-6
configuring 16-2
creating 16-7
default configuration 16-3
defined 16-1
displaying 16-13
tracing 16-6
website 16-2
SNMP
accessing MIB variables with 47-4
agent
described 47-4
disabling 47-7
authentication level 47-10
community strings
configuring 47-7
overview 47-4
configuration examples 47-16
configuration guidelines 47-6
default configuration 47-6
enabling 52-16
engine ID 47-6
host 47-6
informs
and trap keyword 47-11
described 47-5
differences from traps 47-5
enabling 47-14
limiting access by TFTP servers 47-15
limiting system log messages to NMS 46-9
manager functions 47-3
notifications 47-5
status, displaying 47-17
system contact and location 47-15
trap manager, configuring 47-13
traps
differences from informs 47-5
enabling 47-11
enabling MAC address notification 4-22
enabling MAC move notification 4-24
enabling MAC threshold notification 4-26
types of 47-11
versions supported 47-2
SNMP commands 52-16
SNMP traps
REP 18-12
SNMPv1 47-2
SNMPv2C 47-2
SNMPv3 47-2
software
upgrading 8-13
software configuration register 3-26
software QoS, on Sup 6-E 34-92
software switching
description 29-5
interfaces 29-6
key data structures used 31-7
SPAN
and ACLs 45-5
configuration guidelines 45-7
destination ports 45-5
IDS 45-2
monitored port, defined 45-4
monitoring port, defined 45-5
received traffic 45-3
sessions
defined 45-3
source ports 45-4
transmitted traffic 45-4
VLAN-based 45-5
SPAN and RSPAN
concepts and terminology 45-3
default configuration 45-6
displaying status 45-25
overview 45-1
session limits 45-6
SPAN enhancements
access list filtering 45-13
configuration example 45-16
CPU port sniffing 45-10
encapsulation configuration 45-12
ingress packets 45-12
packet type filtering 45-15
spanning-tree backbonefast command 19-15
spanning-tree cost command 17-15
spanning-tree guard root command 19-2
spanning-tree portfast bpdu-guard command 19-7
spanning-tree portfast command 19-6
spanning-tree port-priority command 17-13
spanning-tree uplinkfast command 19-12
spanning-tree vlan
command 17-9
command example 17-9
spanning-tree vlan command 17-8
spanning-tree vlan cost command 17-15
spanning-tree vlan forward-time command 17-19
spanning-tree vlan hello-time command 17-17
spanning-tree vlan max-age command 17-18
spanning-tree vlan port-priority command 17-13
spanning-tree vlan priority command 17-17
spanning-tree vlan root primary command 17-10
spanning-tree vlan root secondary command 17-12
speed
configuring interface 6-12
speed command 6-12
SSO
configuring 9-10
SSO operation 9-4
SST
description 17-22
interoperability 17-24
static addresses
static routes
configuring 3-11
verifying 3-12
statistics
displaying 802.1X 37-48
displaying PIM 31-20
LLDP 25-7
LLDP-MED 25-7
NetFlow accounting 48-9
SNMP input and output 47-17
sticky learning
configuration file 38-5
defined 38-5
disabling 38-5
enabling 38-5
saving addresses 38-5
sticky MAC addresses
configuring 38-7
defined 38-4
Storm Control
displaying 44-7
enabling Broadcast 44-3
enabling Multicast 44-4
hardware-based, implementing 44-2
overview 44-1
software-based, implementing 44-2
STP
and REP 18-5
bridge ID 17-2
creating topology 17-4
defaults 17-6
disabling 17-19
enabling 17-7
enabling extended system ID 17-8
enabling Per-VLAN Rapid Spanning Tree 17-20
forward-delay time 17-18
hello time 17-17
Layer 2 protocol tunneling 23-7
maximum aging time 17-18
per-VLAN rapid spanning tree 17-6
port cost 17-15
port priority 17-13
root bridge 17-9
stratum, NTP 4-2
stub routing (EIGRP)
benefits 28-17
configuration tasks 28-17
configuring 28-13
restrictions 28-17
verifying 28-18
subdomains, private VLAN 36-2
summer time 4-13
supervisor engine
accessing the redundant 8-14
copying files to standby 8-14
default configuration 3-1
default gateways 3-11
environmental monitoring 10-1
redundancy 9-1
ROM monitor 3-26
startup configuration 3-25
static routes 3-11
synchronizing configurations 8-11
Supervisor Engine II-TS
insufficient inline power handling 10-18, 11-12
SVI Autostate Exclude
understanding 28-3
SVI Autostate exclude
configuring 28-7
switched packets
and ACLs 42-30
Switched Port Analyzer
switching, NetFlow
checking for required hardware 48-6
configuration (example) 48-13
configuring switched IP flows 48-8
enabling Collection 48-7
exporting cache entries 48-9
switchport
show interfaces 6-19, 6-21, 6-27
switchport access vlan command 15-6, 15-8
switchport block multicast command 43-2
switchport block unicast command 43-2
switchport mode access command 15-8
switchport mode dot1q-tunnel command 23-6
switchport mode dynamic command 15-6
switchport mode trunk command 15-6
switch ports
switchport trunk allowed vlan command 15-6
switchport trunk encapsulation command 15-6
switchport trunk encapsulation dot1q command 15-3
switchport trunk encapsulation isl command 15-3
switchport trunk encapsulation negotiate command 15-3
switchport trunk native vlan command 15-6
switchport trunk pruning vlan command 15-7
switch-to-RADIUS server communication
configuring 37-26
sysret command 53-5
system
reviewing configuration 3-10
settings at startup 3-27
system alarms
on Sup 2+ to V-10GE 10-5
on Sup 6-E 10-5
overview 10-4
system capabilities TLV 25-2
system clock
configuring
daylight saving time 4-13
manually 4-11
summer time 4-13
time zones 4-12
displaying the time and date 4-12
overview 4-2
system description TLV 25-2
system images
loading from Flash memory 3-30
modifying boot field 3-27
specifying 3-30
system message logging
default configuration 46-3
defining error message severity levels 46-8
disabling 46-4
displaying the configuration 46-12
enabling 46-4
facility keywords, described 46-12
level keywords, described 46-8
limiting messages 46-9
message format 46-2
overview 46-1
sequence numbers, enabling and disabling 46-7
setting the display destination device 46-4
synchronizing log messages 46-5
timestamps, enabling and disabling 46-7
UNIX syslog servers
configuring the daemon 46-10
configuring the logging facility 46-11
facilities supported 46-12
system MTU
802.1Q tunneling 23-5
maximums 23-5
system name
default configuration 4-15
default setting 4-15
manual configuration 4-15
system name TLV 25-2
system prompt, default setting 4-14, 4-15
T
TACACS+ 39-1
accounting, defined 3-16
authentication, defined 3-16
authorization, defined 3-16
configuring
accounting 3-21
authentication key 3-18
authorization 3-21
login authentication 3-19
default configuration 3-18
displaying the configuration 3-22
identifying the server 3-18
limiting the services to the user 3-21
operation of 3-17
overview 3-15
tracking services accessed by user 3-21
tagged packets
802.1Q 23-3
Layer 2 protocol 23-7
TCAM programming algorithm
changing 42-9
TCAM programming algorithm, overview 42-7
TCAM programming and ACLs 42-10, 42-12
for Sup II-Plust thru V-10GE 42-6
TCAM programming and ACLs for Sup 6-E 42-15
TCAM region, changing the algorithm 42-9
TCAM region, resizing 42-10
TDR
checking cable connectivity 7-3
enabling and disabling test 7-3
guidelines 7-3
Telnet
accessing CLI 2-2
disconnecting user sessions 7-6
executing 7-5
monitoring user sessions 7-6
telnet command 7-5
Terminal Access Controller Access Control System Plus
TFTP
configuration files in base directory 3-4
configuring for autoconfiguration 3-4
limiting access by servers 47-15
TFTP download
time
Time Domain Reflectometer
time exceeded messages 7-8
timer
timestamps in log messages 46-7
time zones 4-12
TLVs
LLDP-MED 25-2
Token Ring
media not supported (note) 13-4, 13-9
Topology change notification processing
MLD Snooping
Topology change notification processing 22-5
TOS
description 34-4
trace command 7-9
traceroute
traceroute mac command 7-10
traceroute mac ip command 7-10
traffic
blocking flooded 43-2
traffic control
using ACLs (figure) 42-4
using VLAN maps (figure) 42-5
traffic marking procedure flowchart 34-75
traffic shaping 34-16
translational bridge numbers (defaults) 13-4
transmit queues
transmit rate 34-56
traps
configuring MAC address notification 4-22
configuring MAC move notification 4-24
configuring MAC threshold notification 4-26
configuring managers 47-11
defined 47-3
enabling 4-22, 4-24, 4-26, 47-11
notification types 47-11
troubleshooting
with CiscoWorks 47-4
with system message logging 46-1
with traceroute 7-8
troubleshooting high CPU due to ACLs 42-12
trunk ports
configure port security 38-16
configuring PVLAN36-17to 36-18
trunks
802.1Q restrictions 15-5
configuring 15-6
configuring access VLANs 15-6
configuring allowed VLANs 15-6
default interface configuration 15-6
different VTP domains 15-3
enabling to non-DTP device 15-4
encapsulation 15-3
specifying native VLAN 15-6
understanding 15-3
trusted boundary for QoS 34-26
Trust State of interfaces, configuring
trust states
configuring 34-52
tunneling
defined 23-1
tunnel ports
802.1Q, configuring 23-6
described 23-2
incompatibilities with other features 23-5
TwinGig Convertors
limitations on using 6-9
port numbering 6-8
selecting X2/TwinGig Convertor mode 6-9
type of service
U
UDLD
default configuration 26-2
disabling 26-4
enabling 26-3
overview 26-1
unauthorized ports with 802.1X 37-4
unicast
unicast flood blocking
configuring 43-1
unicast MAC address filtering
and adding static addresses 4-29
and broadcast MAC addresses 4-28
and CPU packets 4-29
and multicast addresses 4-28
and router MAC addresses 4-28
configuration guidelines 4-28
described 4-28
unicast MAC address filtering, configuring
ACLs
configuring unicast MAC address filtering 42-19
Unicast RPF (Unicast Reverse Path Forwarding)
aggregation routers (figure) 30-7
applying 30-5
BGP attributes
caution 30-4
CEF
requirement 30-2
tables 30-8
configuring 30-10
aggregation routers (figure) 30-7
BOOTP 30-9
DHCP 30-9
enterprise network (figure) 30-6
prerequisites 30-10
routing table requirements 30-8
tasks 30-10
verifying 30-11
deploying 30-5
description 30-1
disabling 30-12
enterprise network (figure) 30-6
FIB 30-2
implementing 30-4
maintaining 30-12
monitoring 30-12
packets, dropping (figure) 30-4
prerequisites 30-10
restrictions
basic 30-9
routing asymmetry 30-8
routing asymmetry (figure) 30-8
routing table requirements 30-8
security policy
applying 30-5
attacks, mitigating 30-5
deploying 30-5
tunneling 30-5
source addresses, validating 30-3
failure 30-3
traffic filtering 30-5
tunneling 30-5
validation
packets, dropping 30-3
source addresses 30-3
verifying 30-11
unicast traffic
blocking 43-2
unidirectional ethernet
enabling 27-2
example of setting 27-2
overview 27-1
UniDirectional Link Detection Protocol
UNIX syslog servers
daemon configuration 46-10
facilities supported 46-12
message logging configuration 46-11
UplinkFast
and MST 17-23
enabling 19-15
MST and 17-23
overview 19-10
User Based Rate Limiting
configuring 34-42
overview 34-42
user EXEC mode 2-5
user sessions
disconnecting 7-6
monitoring 7-6
using PACL with access-group mode 42-34
V
VACLs
Layer 4 port operations 42-15
virtual configuration register 53-3
virtual LANs
Virtual Private Network
VLAN ACLs
VLAN-based QoS on Layer 2 interfaces, configuring 34-51
VLAN blocking, REP 18-11
vlan command 13-6
vlan dot1q tag native command 23-4
VLAN ID, discovering 4-30
VLAN load balancing
REP 18-4
VLAN load balancing, triggering 18-5
VLAN Management Policy Server
VLAN maps
applying to a VLAN 42-26
configuration example 42-27
configuration guidelines 42-23
configuring 42-22
creating and deleting entries 42-23
defined 42-3
denying access example 42-28
denying packets 42-24
displaying 42-29
order of entries 42-23
permitting packets 42-24
router ACLs and 42-30
using (figure) 42-5
using in your network 42-26
VLAN maps, PACL and Router ACLs 42-36
VLANs
allowed on trunk 15-6
configuration guidelines 13-3
configuring 13-4
customer numbering in service-provider networks 23-3
default configuration 13-4
description 1-6
extended range 13-3
IDs (default) 13-4
interface assignment 13-7
limiting source traffic with RSPAN 45-23
monitoring with RSPAN 45-22
name (default) 13-4
normal range 13-3
overview 13-1
reserved range 13-3
VLAN Trunking Protocol
VLAN trunks
overview 15-3
VMPS
configuration file example 13-28
configuring dynamic access ports on client 13-21
configuring retry interval 13-23
database configuration file 13-28
dynamic port membership
example 13-25
reconfirming 13-22
reconfirming assignments 13-22
reconfirming membership interval 13-22
server overview 13-16
VMPS client
administering and monitoring 13-23
configure switch
configure reconfirmation interval 13-22
dynamic ports 13-21
entering IP VMPS address 13-20
reconfirmation interval 13-23
reconfirm VLAM membership 13-22
default configuration 13-20
dynamic VLAN membership overview 13-19
troubleshooting dynamic port VLAN membership 13-24
VMPS server
fall-back VLAN 13-18
illegal VMPS client requests 13-19
overview 13-16
security modes
multiple 13-18
open 13-17
secure 13-18
voice interfaces
configuring 35-1
Voice over IP
configuring 35-1
voice ports
configuring VVID 35-3
voice VLAN
IP phone data traffic, described 35-2
IP phone voice traffic, described 35-2
voice VLAN ports
using 802.1X 37-19
VPN
configuring routing in 33-5
forwarding 33-3
in service provider networks 33-1
routes 33-2
routing and forwarding table
VRF
defining 33-3
tables 33-1
VTP
configuration guidelines 13-11
configuring transparent mode 13-15
default configuration 13-11
disabling 13-15
Layer 2 protocol tunneling 23-7
monitoring 13-15
overview 13-7
VTP advertisements
description 13-8
VTP clients
configuring 13-14
VTP domains
description 13-8
VTP modes 13-8
VTP pruning
enabling 13-12
overview 13-9
VTP servers
configuring 13-13
VTP statistics
displaying 13-15
VTP version 2
enabling 13-13
overview 13-9
VTY and Network Assistant 12-11
VVID (voice VLAN ID)
and 802.1X authentication 37-19
configuring 35-3
W
Wake-on-LAN
configure with 802.1X 37-39
WCCP
configuration examples 51-8
configuring on a router 51-2, 51-10
features 51-4
restrictions 51-5
service groups 51-6
Web Cache Communication Protocol
See WCCP 51-1
web caches
web cache services
description 51-4
web caching
web scaling 51-1