- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring IE2100 CNS Agents
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Interface Characteristics
- Configuring Smartports Macros
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links
- Configuring DHCP Features
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring SPAN and RSPAN
- Configuring UDLD
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels
- Troubleshooting
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Recommendations for Upgrading a Catalyst 2950 Switch to a Catalyst 2960 Switch
- Unsupported Commands in Cisco IOS Release 12.2(25)FX
Index
A
abbreviating commands 2-4
access-class command 28-16
access control entries
access-denied response, VMPS 12-24
access groups, applying IPv4 ACLs to interfaces 28-17
access lists
access ports, defined 10-2
accounting
with 802.1x 9-21
with IEEE 802.1x 9-5
with RADIUS 8-28
ACEs
and QoS 29-7
defined 28-2
Ethernet 28-2
IP 28-2
ACLs
ACEs 28-2
any keyword 28-9
applying
time ranges to 28-14
to an interface 28-17
to QoS 29-7
classifying traffic for QoS 29-40
comments in 28-15
compiling 28-18
ACLs (continued)
extended IP
configuring for QoS classification 29-41
extended IPv4
creating 28-8
matching criteria 28-5
hardware and software handling 28-17
host keyword 28-10
IP
creating 28-5
fragments and QoS guidelines 29-31
implicit deny 28-7, 28-11, 28-13
implicit masks 28-7
matching criteria 28-5
undefined 28-17
IPv4
applying to interfaces 28-17
creating 28-5
matching criteria 28-5
named 28-12
numbers 28-6
terminal lines, setting on 28-16
unsupported features 28-5
monitoring 28-22
named, IPv4 28-12
number per QoS class map 29-31
resequencing entries 28-12
standard IP, configuring for QoS classification 29-40
ACLs (continued)
standard IPv4
creating 28-7
matching criteria 28-5
support for 1-6
support in hardware 28-17
time ranges 28-14
unsupported features, IPv4 28-5
active links 18-1
address aliasing 20-2
addresses
displaying the MAC address table 6-25
dynamic
accelerated aging 15-8
changing the aging time 6-21
default aging 15-8
defined 6-19
learning 6-20
removing 6-21
MAC, discovering 6-26
multicast, STP address management 15-8
static
adding and removing 6-23
defined 6-19
address resolution 6-26
Address Resolution Protocol
advertisements
CDP 22-1
aggregated ports
aggregate policers 29-48
aggregate policing 1-7
aging, accelerating 15-8
aging time
accelerated
for MSTP 16-20
MAC address table 6-21
maximum
for STP 15-21
alarms, RMON 25-3
allowed-VLAN list 12-18
ARP
table
address resolution 6-26
managing 6-26
attributes, RADIUS
vendor-proprietary 8-30
vendor-specific 8-29
audience xxvii
authentication
local mode with AAA 8-32
NTP associations 6-5
RADIUS
key 8-21
login 8-23
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authoritative time source, described 6-2
authorization
with RADIUS 8-27
authorized ports with IEEE 802.1x 9-4
autoconfiguration 3-3
automatic QoS
auto-MDIX
configuring 10-15
described 10-15
autonegotiation
duplex mode 1-3
interface configuration guidelines 10-11
mismatches 31-11
autosensing, port speed 1-3
auxiliary VLAN
availability, features 1-5
B
BackboneFast
described 17-5
disabling 17-14
enabling 17-14
support for 1-5
backup interfaces
backup links 18-1
banners
configuring
login 6-18
message-of-the-day login 6-18
default configuration 6-17
when displayed 6-17
binding database
DHCP snooping
See DHCP snooping binding database
bindings
DHCP snooping database 19-5
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 21-6
booting
boot loader, function of 3-2
boot process 3-1
manually 3-13
specific image 3-13
boot loader
accessing 3-14
described 3-2
environment variables 3-14
prompt 3-14
trap-door mechanism 3-2
BPDU
error-disabled state 17-3
filtering 17-3
RSTP format 16-9
BPDU filtering
described 17-3
disabling 17-12
enabling 17-12
support for 1-5
BPDU guard
described 17-3
disabling 17-11
enabling 17-11
support for 1-5
bridge protocol data unit
broadcast storm-control command 21-4
broadcast storms 21-1
C
cables, monitoring for unidirectional links 24-1
candidate switch
defined 5-3
requirements 5-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 8-40
defined 8-38
caution, described xxviii
CDP
and trusted boundary 29-36
configuring 22-2
default configuration 22-2
described 22-1
disabling for routing device 22-3 to 22-4
enabling and disabling
on an interface 22-4
on a switch 22-3
monitoring 22-5
overview 22-1
support for 1-4
transmission timer and holdtime, setting 22-2
updates 22-2
CGMP
as IGMP snooping learning method 20-8
joining multicast group 20-3
CipherSuites 8-39
Cisco 7960 IP Phone 14-1
Cisco Discovery Protocol
Cisco Intelligence Engine 2100 Series Configuration Registrar
Cisco IOS File System
Cisco Network Assistant
Cisco Networking Services
class maps for QoS
configuring 29-43
described 29-7
displaying 29-69
class of service
clearing interfaces 10-19
CLI
abbreviating commands 2-4
command modes 2-1
described 1-4
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-8
error messages 2-5
filtering command output 2-9
getting help 2-3
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
managing clusters 5-3
no and default forms of commands 2-4
client mode, VTP 13-3
clock
cluster requirements xxix
clusters, switch
benefits 1-2
described 5-1
managing
through CLI 5-3
through SNMP 5-4
planning considerations
CLI 5-3
SNMP 5-4
See also Getting Started with Cisco Network Assistant
cluster standby group, requirements 5-2
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
commands, setting privilege levels 8-8
command switch
configuration conflicts 31-11
defined 5-2
password privilege levels 5-4
recovery
from command-switch failure 31-7
from lost member connectivity 31-11
replacing
with another switch 31-9
with cluster member 31-8
requirements 5-2
See also candidate switch, cluster standby group, member switch, and standby command switch
community strings
configuring 27-8
for cluster switches 27-4
overview 27-4
compatibility, feature 21-11
config.text 3-12
configurable leave timer, IGMP 20-5
configuration, initial
defaults 1-8
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration conflicts, recovering from lost member connectivity 31-11
configuration examples, network 1-11
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 3-12
deleting a stored configuration B-19
configuration files (continued)
described B-8
downloading
automatically 3-12
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 27-15
obtaining with DHCP 3-7
password recovery disable considerations 8-5
specifying the filename 3-12
system contact and location information 27-14
types and location B-9
uploading
reasons for B-8
using FTP B-14
using RCP B-18
using TFTP B-11
configuration settings, saving 3-10
configure terminal command 10-5
conflicts, configuration 31-11
connections, secure remote 8-33
connectivity problems 31-12, 31-13, 31-15
consistency checks in VTP Version 2 13-4
console port, connecting to 2-10
conventions
command xxviii
for examples xxviii
publication xxviii
text xxviii
corrupted software, recovery steps with Xmodem 31-2
CoS
in Layer 2 frames 29-2
override priority 14-6
trust priority 14-6
CoS input queue threshold map for QoS 29-14
CoS output queue threshold map for QoS 29-17
CoS-to-DSCP map for QoS 29-51
counters, clearing interface 10-19
crashinfo file 31-21
cryptographic software image
SSH 8-33
SSL 8-37
CWDM SFPs 1-15
D
daylight saving time 6-13
debugging
enabling all system diagnostics 31-19
enabling for a specific feature 31-18
redirecting error message output 31-19
using commands 31-18
default commands 2-4
default configuration
802.1x 9-11
auto-QoS 29-19
banners 6-17
booting 3-12
CDP 22-2
DHCP 19-7
DHCP option 82 19-7
DHCP snooping 19-7
DHCP snooping binding database 19-7
DNS 6-16
EtherChannel 30-9
Ethernet interfaces 10-9
Flex Links 18-2
IGMP filtering 20-23
IGMP snooping 20-6
default configuration (continued)
IGMP throttling 20-23
initial switch information 3-3
Layer 2 interfaces 10-9
MAC address table 6-20
MSTP 16-11
MVR 20-18
NTP 6-4
optional spanning-tree configuration 17-9
password and privilege level 8-2
RADIUS 8-20
RMON 25-3
RSPAN 23-9
SDM template 7-2
SNMP 27-6
SPAN 23-9
SSL 8-39
standard QoS 29-29
STP 15-11
system message logging 26-3
system name and prompt 6-15
TACACS+ 8-13
UDLD 24-4
VLAN, Layer 2 Ethernet interfaces 12-16
VLANs 12-7
VMPS 12-25
voice VLAN 14-3
VTP 13-6
default gateway 3-10
deleting VLANs 12-9
denial-of-service attack 21-1
description command 10-16
designing your network, examples 1-11
destination addresses, in IPv4 ACLs 28-9
destination-IP address-based forwarding, EtherChannel 30-7
destination-MAC address forwarding, EtherChannel 30-6
detecting indirect link failures, STP 17-5
device B-19
device discovery protocol 22-1
device manager
benefits 1-2
in-band management 1-4
requirements xxviii
upgrading a switch B-19
DHCP
enabling
relay agent 19-8
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
TFTP server 3-5
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-3
relay support 1-4
support for 1-4
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 19-5
configuration guidelines 19-7
default configuration 19-7
displaying 19-11
overview 19-3
DHCP option 82 (continued)
packet format, suboption
circuit ID 19-5
remote ID 19-5
remote ID suboption 19-5
DHCP snooping
accepting untrusted packets form edge switch 19-3, 19-9
binding database
See DHCP snooping binding database
configuration guidelines 19-7
default configuration 19-7
displaying binding tables 19-11
message exchange process 19-4
option 82 data insertion 19-3
trusted interface 19-2
untrusted interface 19-2
untrusted messages 19-2
DHCP snooping binding database
adding bindings 19-10
binding entries, displaying 19-11
binding file
format 19-6
location 19-5
bindings 19-5
clearing agent statistics 19-11
configuration guidelines 19-8
configuring 19-10
default configuration 19-7
deleting
binding file 19-11
bindings 19-11
database agent 19-11
described 19-5
displaying 19-11
displaying status and statistics 19-11
enabling 19-10
entry 19-5
renewing database 19-11
resetting
DHCP snooping binding database (continued)
delay value 19-11
timeout value 19-11
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 29-2
Differentiated Services Code Point 29-2
directed unicast requests 1-4
directories
changing B-3
creating and removing B-4
displaying the working B-3
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-16
displaying the configuration 6-17
overview 6-15
setting up 6-16
support for 1-4
documentation, related xxviii
document conventions xxviii
domain names
DNS 6-15
VTP 13-8
Domain Name System
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-23
downloading (continued)
image files (continued)
reasons for B-19
using CMS 1-2
using FTP B-26
using RCP B-31
using TFTP B-22
using the device manager or Network Assistant B-19
DSCP input queue threshold map for QoS 29-14
DSCP output queue threshold map for QoS 29-17
DSCP-to-CoS map for QoS 29-54
DSCP-to-DSCP-mutation map for QoS 29-55
DSCP transparency 29-36
dual-purpose uplinks
defined 10-4
setting the type 10-11
dynamic access ports
characteristics 12-3
configuring 12-26
defined 10-3
dynamic addresses
dynamic auto trunking mode 12-15
dynamic desirable trunking mode 12-15
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-24
reconfirming 12-27
troubleshooting 12-29
types of connections 12-26
Dynamic Trunking Protocol
E
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-8
enable password 8-3
enable secret password 8-3
encryption, CipherSuite 8-39
encryption for passwords 8-3
environment variables, function of 3-15
error messages during command entry 2-5
EtherChannel
automatic creation of 30-4, 30-5
channel groups
binding physical and logical interfaces 30-3
numbering of 30-3
configuration guidelines 30-9
configuring Layer 2 interfaces 30-10
default configuration 30-9
described 30-2
displaying status 30-16
forwarding methods 30-6, 30-12
IEEE 802.3ad, described 30-5
interaction
with STP 30-9
with VLANs 30-10
LACP
described 30-5
displaying status 30-16
hot-standby ports 30-14
interaction with other features 30-6
modes 30-5
port priority 30-15
system priority 30-15
EtherChannel (continued)
PAgP
aggregate-port learners 30-13
compatibility with Catalyst 1900 30-13
described 30-4
displaying status 30-16
interaction with other features 30-5
learn method and priority configuration 30-13
modes 30-4
support for 1-3
port-channel interfaces
described 30-3
numbering of 30-3
port groups 10-3
support for 1-3
EtherChannel guard
described 17-7
disabling 17-14
enabling 17-14
Ethernet VLANs
adding 12-8
defaults and ranges 12-7
modifying 12-8
events, RMON 25-3
examples
conventions for xxviii
network configuration 1-11
expedite queue for QoS 29-68
Express Setup 1-2
See also getting started guide
extended-range VLANs
configuration guidelines 12-12
configuring 12-11
creating 12-12
defined 12-1
extended system ID
MSTP 16-14
Extensible Authentication Protocol over LAN 9-1
F
features, incompatible 21-11
fiber-optic, detecting unidirectional links 24-1
files
copying B-4
crashinfo
description 31-21
displaying the contents of 31-21
location 31-21
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-20
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
non-IP traffic 28-20
show and more command output 2-9
filtering show and more command output 2-9
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 18-2
configuring 18-3
default configuration 18-2
description 18-1
monitoring 18-3
flooded traffic, blocking 21-7
flow-based packet classification 1-7
flowcharts
QoS classification 29-6
QoS egress queueing and scheduling 29-16
QoS ingress queueing and scheduling 29-13
QoS policing and marking 29-10
flowcontrol
configuring 10-14
described 10-14
forward-delay time
MSTP 16-20
STP 15-21
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-14
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 27-3
get-next-request operation 27-3, 27-4
get-request operation 27-3, 27-4
get-response operation 27-3
global configuration mode 2-2
global leave, IGMP 20-12
guest VLAN and 802.1x 9-10
guide
audience xxvii
purpose of xxvii
guide mode 1-2
GUIs
See device manager and Network Assistant 1-3
H
hello time
MSTP 16-19
STP 15-20
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-6
history table, level and number of syslog messages 26-9
hosts, limit on dynamic ports 12-29
HP OpenView 1-4
HTTP over SSL
HTTPS 8-37
configuring 8-41
self-signed certificate 8-38
HTTP secure server 8-37
I
ICMP
time-exceeded messages 31-15
traceroute and 31-15
ICMP ping
executing 31-13
overview 31-12
IDS appliances
and ingress RSPAN 23-20
and ingress SPAN 23-13
IE2100
CNS embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-8
IE2100 (continued)
Configuration Registrar
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
IEEE 802.1D
IEEE 802.1p 14-1
IEEE 802.1Q
and trunk ports 10-3
configuration limitations 12-15
encapsulation 12-14
native VLAN for untagged traffic 12-19
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3x flow control 10-14
ifIndex values, SNMP 27-5
IFS 1-4
IGMP
configurable leave timer
described 20-5
enabling 20-10
flooded multicast traffic
controlling the length of time 20-11
disabling on an interface 20-12
global leave 20-12
query solicitation 20-12
recovering from flood mode 20-12
joining multicast group 20-3
join messages 20-3
leave processing, enabling 20-9
leaving multicast group 20-4
IGMP (continued)
queries 20-3
report suppression
described 20-5
disabling 20-14
supported versions 20-2
support for 1-3
IGMP filtering
configuring 20-23
default configuration 20-23
described 20-22
monitoring 20-27
support for 1-3
IGMP groups
configuring filtering 20-25
setting the maximum number 20-25
IGMP Immediate Leave
configuration guidelines 20-10
described 20-5
enabling 20-9
IGMP profile
applying 20-24
configuration mode 20-23
configuring 20-23
IGMP snooping
and address aliasing 20-2
configuring 20-6
default configuration 20-6
definition 20-1
enabling and disabling 20-6
global configuration 20-7
Immediate Leave 20-5
method 20-7
monitoring 20-14
querier
configuration guidelines 20-13
configuring 20-13
IGMP snooping (continued)
supported versions 20-2
support for 1-3
VLAN configuration 20-7
IGMP throttling
configuring 20-25
default configuration 20-23
described 20-22
displaying action 20-27
Immediate Leave, IGMP 20-5
initial configuration
defaults 1-8
Express Setup 1-2
See also getting started guide and hardware installation guide
Intelligence Engine 2100 Series CNS Agents
interface
number 10-5
range macros 10-7
interface command 10-5
interface configuration mode 2-3
interfaces
auto-MDIX, configuring 10-15
configuration guidelines
duplex and speed 10-11
configuring
procedure 10-5
counters, clearing 10-19
default configuration 10-9
described 10-16
descriptive name, adding 10-16
displaying information about 10-18
flow control 10-14
management 1-3
monitoring 10-18
naming 10-16
physical, identifying 10-4, 10-5
range of 10-6
interfaces (continued)
restarting 10-19
shutting down 10-19
speed and duplex, configuring 10-13
status 10-18
supported 10-4
types of 10-1
interfaces range macro command 10-7
interface types 10-5
Intrusion Detection System
IP ACLs
for QoS classification 29-7
implicit masks 28-7
named 28-12
undefined 28-17
IP addresses
candidate or member 5-3
command switch 5-2
discovering 6-26
ip igmp profile command 20-23
IP information
assigned
manually 3-9
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP phones
and QoS 14-1
automatic classification and queueing 29-19
configuring 14-4
ensuring port security with QoS 29-35
trusted boundary for QoS 29-35
IP precedence 29-2
IP-precedence-to-DSCP map for QoS 29-52
IP protocols in ACLs 28-9
IP traceroute
executing 31-16
overview 31-15
IPv4 ACLs
applying to interfaces 28-17
extended, creating 28-8
named 28-12
standard, creating 28-7
J
join messages, IGMP 20-3
L
LACP
Layer 2 frames, classification with CoS 29-2
Layer 2 interfaces, default configuration 10-9
Layer 2 traceroute
and ARP 31-14
and CDP 31-14
broadcast traffic 31-14
described 31-14
IP addresses and subnets 31-14
MAC addresses and VLANs 31-14
multicast traffic 31-14
multiple devices on a port 31-15
unicast traffic 31-14
usage guidelines 31-14
Layer 3 packets, classification methods 29-2
LDAP 4-2
LEDs, switch
See hardware installation guide
lightweight directory access protocol
line configuration mode 2-3
Link Aggregation Control Protocol
link redundancy
links, unidirectional 24-1
local SPAN 23-2
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-17
log messages
Long-Reach Ethernet (LRE) technology 1-12
loop guard
described 17-9
enabling 17-15
support for 1-5
M
MAC addresses
aging time 6-21
and VLAN association 6-20
building the address table 6-20
default configuration 6-20
discovering 6-26
displaying 6-25
dynamic
learning 6-20
removing 6-21
in ACLs 28-20
static
adding 6-24
allowing 6-25
characteristics of 6-23
dropping 6-25
removing 6-24
MAC address notification, support for 1-8
MAC address-to-VLAN mapping 12-24
MAC extended access lists
applying to Layer 2 interfaces 28-21
configuring for QoS 29-42
creating 28-20
defined 28-20
for QoS classification 29-5
macros
manageability features 1-4
management access
in-band
browser session 1-4
CLI session 1-4
device manager 1-4
SNMP 1-5
out-of-band console port connection 1-5
management options
CLI 2-1
clustering 1-2
CNS 4-1
Network Assistant 1-2
overview 1-3
mapping tables for QoS
configuring
CoS-to-DSCP 29-51
DSCP 29-51
DSCP-to-CoS 29-54
DSCP-to-DSCP-mutation 29-55
IP-precedence-to-DSCP 29-52
policed-DSCP 29-53
described 29-10
marking
action in policy map 29-45
action with aggregate policers 29-48
matching, IPv4 ACLs 28-5
maximum aging time
MSTP 16-20
STP 15-21
maximum hop count, MSTP 16-21
membership mode, VLAN port 12-3
member switch
defined 5-2
managing 5-3
recovering from lost connectivity 31-11
requirements 5-3
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 6-17
MIBs
accessing files with FTP A-3
location of files A-3
overview 27-1
SNMP interaction with 27-4
supported A-1
mirroring traffic for analysis 23-1
mismatches, autonegotiation 31-11
module number 10-5
monitoring
access groups 28-22
cables for unidirectional links 24-1
CDP 22-5
features 1-8
Flex Links 18-3
IGMP
filters 20-27
snooping 20-14
interfaces 10-18
IPv4 ACL configuration 28-22
multicast router interfaces 20-15
MVR 20-21
network traffic for analysis with probe 23-2
port
blocking 21-16
protection 21-16
speed and duplex mode 10-13
traffic flowing among switches 25-1
monitoring (continued)
traffic suppression 21-16
VLANs 12-13
VMPS 12-28
VTP 13-16
MSTP
boundary ports
configuration guidelines 16-12
described 16-5
BPDU filtering
described 17-3
enabling 17-12
BPDU guard
described 17-3
enabling 17-11
CIST, described 16-3
configuration guidelines 16-12, 17-10
configuring
forward-delay time 16-20
hello time 16-19
link type for rapid convergence 16-21
maximum aging time 16-20
maximum hop count 16-21
MST region 16-13
path cost 16-17
port priority 16-16
root switch 16-14
secondary root switch 16-15
switch priority 16-18
CST
defined 16-3
operations between regions 16-4
default configuration 16-11
default optional feature configuration 17-9
displaying status 16-22
enabling the mode 16-13
EtherChannel guard
described 17-7
enabling 17-14
MSTP (continued)
extended system ID
effects on root switch 16-14
effects on secondary root switch 16-15
unexpected behavior 16-14
instances supported 15-9
interface state, blocking to forwarding 17-2
interoperability and compatibility among modes 15-10
interoperability with IEEE 802.1D
described 16-5
restarting migration process 16-22
IST
defined 16-3
master 16-3
operations within a region 16-3
loop guard
described 17-9
enabling 17-15
mapping VLANs to MST instance 16-13
MST region
CIST 16-3
configuring 16-13
described 16-2
hop-count mechanism 16-5
IST 16-3
supported spanning-tree instances 16-2
optional features supported 1-5
overview 16-2
Port Fast
described 17-2
enabling 17-10
preventing root switch selection 17-8
root guard
described 17-8
enabling 17-15
root switch
configuring 16-14
effects of extended system ID 16-14
unexpected behavior 16-14
MSTP (continued)
shutdown Port Fast-enabled port 17-3
status, displaying 16-22
multicast groups
Immediate Leave 20-5
joining 20-3
leaving 20-4
static joins 20-9
multicast router interfaces, monitoring 20-15
multicast router ports, adding 20-8
multicast storm 21-1
multicast storm-control command 21-4
multicast television application 20-16
multicast VLAN 20-16
Multicast VLAN Registration
MVR
and address aliasing 20-19
and IGMPv3 20-19
configuration guidelines 20-18
configuring interfaces 20-20
default configuration 20-18
described 20-16
example application 20-16
modes 20-19
monitoring 20-21
multicast television application 20-16
setting global parameters 20-19
support for 1-3
N
named IPv4 ACLs 28-12
NameSpace Mapper
native VLAN
configuring 12-19
default 12-19
Network Assistant
benefits 1-2
described 1-3
downloading image files 1-2
guide mode 1-2
management options 1-2
requirements xxviii
upgrading a switch B-19
wizards 1-2
network configuration examples
increasing network performance 1-11
long-distance, high-bandwidth transport 1-15
providing network services 1-12
server aggregation and Linux server cluster 1-13
small to medium-sized network 1-14
network design
performance 1-11
services 1-12
network management
CDP 22-1
RMON 25-1
SNMP 27-1
Network Time Protocol
no commands 2-4
nonhierarchical policy maps
configuring 29-45
described 29-9
non-IP traffic filtering 28-20
nontrunking mode 12-15
normal-range VLANs 12-4
configuration guidelines 12-5
configuration modes 12-6
configuring 12-4
defined 12-1
note, described xxviii
NSM 4-3
NTP
associations
authenticating 6-5
defined 6-2
enabling broadcast messages 6-7
peer 6-6
server 6-6
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-9
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-4
synchronizing devices 6-6
time
services 6-2
synchronizing 6-2
O
optimizing system resources 7-1
options, management 1-3
out-of-profile markdown 1-7
P
packet modification, with QoS 29-18
PAgP
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-3
for security 1-6
overview 8-1
passwords (continued)
recovery of 31-3
setting
enable 8-3
enable secret 8-3
Telnet 8-6
with usernames 8-7
VTP domain 13-8
path cost
MSTP 16-17
STP 15-17
performance, network design 1-11
performance features 1-3
persistent self-signed certificate 8-38
per-VLAN spanning-tree plus
physical ports 10-2
PIM-DVMRP, as snooping method 20-7
ping
character output description 31-13
executing 31-13
overview 31-12
policed-DSCP map for QoS 29-53
policers
configuring
for each matched traffic class 29-45
for more than one traffic class 29-48
described 29-4
displaying 29-69
number of 29-31
types of 29-9
policing
described 29-4
token-bucket algorithm 29-9
policy maps for QoS
characteristics of 29-45
described 29-7
displaying 29-70
nonhierarchical on physical ports
policy maps for QoS (continued)
configuring 29-45
described 29-9
port ACLs, described 28-2
Port Aggregation Protocol
port-based authentication
accounting 9-5
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-12
configuring
802.1x authentication 9-12
guest VLAN 9-19
host mode 9-18
manual re-authentication of a client 9-15
periodic re-authentication 9-15
quiet period 9-16
RADIUS server 9-15
RADIUS server parameters on the switch 9-14
switch-to-client frame-retransmission number 9-17
switch-to-client retransmission time 9-16
default configuration 9-11
described 9-1
device roles 9-2
displaying statistics 9-22
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-2
guest VLAN
configuration guidelines 9-10
described 9-10
host mode 9-6
initiation and message exchange 9-3
method lists 9-12
multiple-hosts mode, described 9-6
port-based authentication (continued)
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
voice VLAN 9-8
port security
and voice VLAN 9-8
described 9-7
interactions 9-7
multiple-hosts mode 9-7
resetting to default values 9-20
statistics, displaying 9-22
switch
as proxy 9-2
RADIUS client 9-2
VLAN assignment
AAA authorization 9-13
characteristics 9-9
configuration tasks 9-9
described 9-8
voice VLAN
described 9-8
PVID 9-8
VVID 9-8
port-channel
Port Fast
described 17-2
enabling 17-10
mode, spanning tree 12-25
support for 1-5
port membership modes, VLAN 12-3
port priority
MSTP 16-16
STP 15-16
ports
access 10-2
blocking 21-6
dual-purpose uplink 10-4
dynamic access 12-3
protected 21-5
secure 21-7
switch 10-2
VLAN assignments 12-10
port security
aging 21-15
and QoS trusted boundary 29-35
configuring 21-11
default configuration 21-10
described 21-7
displaying 21-16
on trunk ports 21-12
sticky learning 21-8
violations 21-9
with other features 21-10
port-shutdown response, VMPS 12-24
preferential treatment of traffic
preventing unauthorized access 8-1
primary links 18-1
priority
overriding CoS 14-6
trusting CoS 14-6
private VLAN edge ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 5-4
exiting 8-10
privilege levels (continued)
logging into 8-10
mapping on member switches 5-4
setting a command with 8-8
pruning, VTP
disabling
in VTP domain 13-14
on a port 12-19
enabling
in VTP domain 13-14
on a port 12-19
examples 13-5
overview 13-4
pruning-eligible list
changing 12-19
for VTP pruning 13-4
VLANs 13-14
PVST+
described 15-9
IEEE 802.1Q trunking interoperability 15-10
instances supported 15-9
Q
QoS
and MQC commands 29-1
auto-QoS
categorizing traffic 29-19
configuration and defaults display 29-28
configuration guidelines 29-24
described 29-19
disabling 29-25
displaying generated commands 29-25
displaying the initial configuration 29-28
effects on running configuration 29-24
egress queue defaults 29-20
enabling for VoIP 29-25
QoS (continued)
auto-QoS (continued)
example configuration 29-26
ingress queue defaults 29-20
list of generated commands 29-21
basic model 29-4
classification
class maps, described 29-7
defined 29-4
DSCP transparency, described 29-36
flowchart 29-6
forwarding treatment 29-3
in frames and packets 29-3
MAC ACLs, described 29-5, 29-7
options for IP traffic 29-5
options for non-IP traffic 29-5
policy maps, described 29-7
trust DSCP, described 29-5
trusted CoS, described 29-5
trust IP precedence, described 29-5
class maps
configuring 29-43
displaying 29-69
configuration guidelines
auto-QoS 29-24
standard QoS 29-31
configuring
aggregate policers 29-48
auto-QoS 29-19
default port CoS value 29-34
DSCP maps 29-51
DSCP transparency 29-36
DSCP trust states bordering another domain 29-37
egress queue characteristics 29-62
ingress queue characteristics 29-57
IP extended ACLs 29-41
IP standard ACLs 29-40
MAC ACLs 29-42
QoS (continued)
configuring (continued)
policy maps on physical ports 29-45
port trust states within the domain 29-33
trusted boundary 29-35
default auto configuration 29-19
default standard configuration 29-29
displaying statistics 29-69
DSCP transparency 29-36
egress queues
allocating buffer space 29-62
buffer allocation scheme, described 29-16
configuring shaped weights for SRR 29-66
configuring shared weights for SRR 29-67
described 29-4
displaying the threshold map 29-65
flowchart 29-16
mapping DSCP or CoS values 29-64
scheduling, described 29-4
setting WTD thresholds 29-62
WTD, described 29-17
enabling globally 29-32
flowcharts
classification 29-6
egress queueing and scheduling 29-16
ingress queueing and scheduling 29-13
policing and marking 29-10
implicit deny 29-7
ingress queues
allocating bandwidth 29-60
allocating buffer space 29-59
buffer and bandwidth allocation, described 29-14
configuring shared weights for SRR 29-60
configuring the priority queue 29-61
described 29-4
displaying the threshold map 29-58
flowchart 29-13
mapping DSCP or CoS values 29-57
priority queue, described 29-15
QoS (continued)
ingress queues (continued)
scheduling, described 29-4
setting WTD thresholds 29-57
WTD, described 29-14
IP phones
automatic classification and queueing 29-19
detection and trusted settings 29-19, 29-35
limiting bandwidth on egress interface 29-68
mapping tables
CoS-to-DSCP 29-51
displaying 29-69
DSCP-to-CoS 29-54
DSCP-to-DSCP-mutation 29-55
IP-precedence-to-DSCP 29-52
policed-DSCP 29-53
types of 29-10
marked-down actions 29-47
overview 29-1
packet modification 29-18
policers
described 29-8
displaying 29-69
number of 29-31
types of 29-9
policies, attaching to an interface 29-8
policing
token bucket algorithm 29-9
policy maps
characteristics of 29-45
displaying 29-70
nonhierarchical on physical ports 29-45
QoS label, defined 29-4
queues
configuring egress characteristics 29-62
configuring ingress characteristics 29-57
QoS (continued)
queues (continued)
high priority (expedite) 29-18, 29-68
location of 29-11
SRR, described 29-12
WTD, described 29-12
rewrites 29-18
support for 1-7
trust states
bordering another domain 29-37
described 29-5
trusted device 29-35
within the domain 29-33
quality of service
queries, IGMP 20-3
query solicitation, IGMP 20-12
R
RADIUS
attributes
vendor-proprietary 8-30
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-20, 8-21
multiple UDP ports 8-21
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-20
limiting the services to the user 8-27
method list, defined 8-20
operation of 8-19
overview 8-18
RADIUS (continued)
suggested network environments 8-18
support for 1-7
tracking services accessed by user 8-28
range
macro 10-7
of interfaces 10-6
rapid convergence 16-7
rapid per-VLAN spanning-tree plus
rapid PVST+
described 15-9
IEEE 802.1Q trunking interoperability 15-10
instances supported 15-9
Rapid Spanning Tree Protocol
rcommand command 5-3
RCP
configuration files
downloading B-17
overview B-15
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-31
preparing the server B-29
uploading B-32
reconfirmation interval, VMPS, changing 12-27
reconfirming dynamic VLAN membership 12-27
recovery procedures 31-1
redundancy
EtherChannel 30-2
STP
backbone 15-8
path cost 12-22
port priority 12-20
redundant links and UplinkFast 17-13
reloading software 3-15
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
remote SPAN 23-2
report suppression, IGMP
described 20-5
disabling 20-14
requirements
cluster xxix
device manager xxviii
Network Assistant xxviii
resequencing ACL entries 28-12
resetting a UDLD-shutdown interface 24-6
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-17
TACACS+ 8-10
retry count, VMPS, changing 12-28
RFC
1112, IP multicast and IGMP 20-2
1157, SNMPv1 27-2
1305, NTP 6-2
1757, RMON 25-2
1901, SNMPv2C 27-2
1902 to 1907, SNMPv2 27-2
2236, IP multicast and IGMP 20-2
2273-2275, SNMPv3 27-2
RMON
default configuration 25-3
displaying status 25-6
enabling alarms and events 25-3
groups supported 25-2
RMON (continued)
overview 25-1
statistics
collecting group Ethernet 25-6
collecting group history 25-5
support for 1-8
root guard
described 17-8
enabling 17-15
support for 1-5
root switch
MSTP 16-14
STP 15-14
RSPAN 23-2
characteristics 23-8
configuration guidelines 23-16
default configuration 23-9
destination ports 23-6
displaying status 23-23
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-6
received traffic 23-4
sessions
creating 23-17
defined 23-3
limiting source traffic to specific VLANs 23-22
specifying monitored ports 23-17
with ingress traffic enabled 23-20
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
RSTP
active topology 16-6
BPDU
format 16-9
processing 16-10
designated port, defined 16-6
RSTP (continued)
designated switch, defined 16-6
interoperability with IEEE 802.1D
described 16-5
restarting migration process 16-22
topology changes 16-10
overview 16-6
port roles
described 16-6
synchronized 16-8
proposal-agreement handshake process 16-7
rapid convergence
described 16-7
edge ports and Port Fast 16-7
point-to-point links 16-7, 16-21
root ports 16-7
root port, defined 16-6
running configuration, saving 3-10
S
scheduled reloads 3-15
SDM
described 7-1
templates
configuring 7-2
number of 7-1
SDM template
configuration guidelines 7-2
configuring 7-2
types of 7-1
secure HTTP client
configuring 8-42
displaying 8-43
secure HTTP server
configuring 8-41
displaying 8-43
secure MAC addresses
deleting 21-14
maximum number of 21-8
types of 21-8
secure ports, configuring 21-7
secure remote connections 8-33
Secure Socket Layer
security, port 21-7
security features 1-6
sequence numbers in log messages 26-7
server mode, VTP 13-3
service-provider network, MSTP and RSTP 16-1
set-request operation 27-4
setup program
failed command switch replacement 31-9
replacing failed command switch 31-8
severity levels, defining in system messages 26-8
SFPs
monitoring status of 10-18, 31-12
security and identification 31-11
status, displaying 31-12
shaped round robin
show access-lists hw-summary command 28-17
show and more command output, filtering 2-9
show cdp traffic command 22-5
show cluster members command 5-3
show configuration command 10-16
show forward command 31-19
show interfaces command 10-13, 10-16
show platform forward command 31-19
show running-config command
interface description in 10-16
shutdown command on interfaces 10-19
Simple Network Management Protocol
Smartports macros
applying Cisco-default macros 11-6
applying global parameter values 11-5, 11-6
applying macros 11-5
applying parameter values 11-5, 11-7
configuration guidelines 11-3
creating 11-4
default configuration 11-2
defined 11-1
displaying 11-8
tracing 11-3
website 11-2
SNAP 22-1
SNMP
accessing MIB variables with 27-4
agent
described 27-4
disabling 27-8
authentication level 27-10
community strings
configuring 27-8
for cluster switches 27-4
overview 27-4
configuration examples 27-15
default configuration 27-6
engine ID 27-7
host 27-7
ifIndex values 27-5
in-band management 1-5
informs
and trap keyword 27-11
described 27-5
differences from traps 27-5
disabling 27-14
enabling 27-14
SNMP (continued)
limiting access by TFTP servers 27-15
limiting system log messages to NMS 26-9
managing clusters with 5-4
MIBs
location of A-3
supported A-1
notifications 27-5
security levels 27-3
status, displaying 27-16
system contact and location 27-14
trap manager, configuring 27-13
traps
differences from informs 27-5
disabling 27-14
enabling 27-11
enabling MAC address notification 6-21
types of 27-11
versions supported 27-2
SNMPv1 27-2
SNMPv2C 27-2
SNMPv3 27-2
snooping, IGMP 20-1
software images
location in flash B-20
recovery procedures 31-2
scheduling reloads 3-16
tar file format, described B-20
See also downloading and uploading
source addresses, in IPv4 ACLs 28-9
source-and-destination-IP address based forwarding, EtherChannel 30-7
source-and-destination MAC address forwarding, EtherChannel 30-7
source-IP address based forwarding, EtherChannel 30-7
source-MAC address forwarding, EtherChannel 30-6
SPAN
configuration guidelines 23-10
default configuration 23-9
destination ports 23-6
displaying status 23-23
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-6
ports, restrictions 21-11
received traffic 23-4
sessions
configuring ingress forwarding 23-14, 23-21
creating 23-10
defined 23-3
limiting source traffic to specific VLANs 23-15
removing destination (monitoring) ports 23-12
specifying monitored ports 23-10
with ingress traffic enabled 23-13
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
spanning tree and native VLANs 12-15
Spanning Tree Protocol
SPAN traffic 23-4
SRR
configuring
shaped weights on egress queues 29-66
shared weights on egress queues 29-67
shared weights on ingress queues 29-60
described 29-12
shaped mode 29-12
shared mode 29-13
SSH
configuring 8-34
cryptographic software image 8-33
encryption methods 8-33
user authentication methods, supported 8-34
SSL
configuration guidelines 8-40
configuring a secure HTTP client 8-42
configuring a secure HTTP server 8-41
cryptographic software image 8-37
described 8-37
monitoring 8-43
standby command switch, requirements 5-2
standby links 18-1
startup configuration
booting
manually 3-13
specific image 3-13
clearing B-19
configuration file
automatically downloading 3-12
specifying the filename 3-12
default boot configuration 3-12
static access ports
assigning to VLAN 12-10
static addresses
static MAC addressing 1-6
static VLAN membership 12-2
statistics
802.1x 9-22
CDP 22-5
interface 10-18
QoS ingress and egress 29-69
RMON group Ethernet 25-6
statistics (continued)
RMON group history 25-5
SNMP input and output 27-16
VTP 13-16
sticky learning 21-8
storm control
configuring 21-3
described 21-1
disabling 21-5
displaying 21-16
support for 1-3
thresholds 21-1
STP
accelerating root port selection 17-4
BackboneFast
described 17-5
disabling 17-14
enabling 17-14
BPDU filtering
described 17-3
disabling 17-12
enabling 17-12
BPDU guard
described 17-3
disabling 17-11
enabling 17-11
BPDU message exchange 15-3
configuration guidelines 15-11, 17-10
configuring
forward-delay time 15-21
hello time 15-20
maximum aging time 15-21
path cost 15-17
port priority 15-16
root switch 15-14
secondary root switch 15-15
spanning-tree mode 15-12
switch priority 15-19
counters, clearing 15-22
STP (continued)
default configuration 15-11
default optional feature configuration 17-9
designated port, defined 15-3
designated switch, defined 15-3
detecting indirect link failures 17-5
disabling 15-13
displaying status 15-22
EtherChannel guard
described 17-7
disabling 17-14
enabling 17-14
extended system ID
effects on root switch 15-14
effects on the secondary root switch 15-15
overview 15-4
unexpected behavior 15-14
features supported 1-5
IEEE 802.1D and bridge ID 15-4
IEEE 802.1D and multicast addresses 15-8
IEEE 802.1t and VLAN identifier 15-4
inferior BPDU 15-3
instances supported 15-9
interface state, blocking to forwarding 17-2
interface states
blocking 15-6
disabled 15-7
learning 15-6
listening 15-6
overview 15-4
interoperability and compatibility among modes 15-10
limitations with IEEE 802.1Q trunks 15-10
load sharing
overview 12-20
using path costs 12-22
using port priorities 12-21
STP (continued)
loop guard
described 17-9
enabling 17-15
modes supported 15-9
multicast addresses, effect of 15-8
optional features supported 1-5
overview 15-2
Port Fast
described 17-2
enabling 17-10
port priorities 12-21
preventing root switch selection 17-8
protocols supported 15-9
redundant connectivity 15-8
root guard
described 17-8
enabling 17-15
root port, defined 15-3
root switch
configuring 15-14
effects of extended system ID 15-4, 15-14
election 15-3
unexpected behavior 15-14
shutdown Port Fast-enabled port 17-3
status, displaying 15-22
superior BPDU 15-3
timers, described 15-19
UplinkFast
described 17-4
enabling 17-13
stratum, NTP 6-2
success response, VMPS 12-24
summer time 6-13
SunNet Manager 1-4
switch clustering technology 5-1
switch console port 1-5
Switch Database Management
Switched Port Analyzer
switched ports 10-2
switchport block multicast command 21-7
switchport block unicast command 21-7
switchport protected command 21-6
switch priority
MSTP 16-18
STP 15-19
switch software features 1-1
syslog
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-2
system message logging
default configuration 26-3
defining error message severity levels 26-8
disabling 26-3
displaying the configuration 26-12
enabling 26-4
facility keywords, described 26-12
level keywords, described 26-9
limiting messages 26-9
message format 26-2
overview 26-1
sequence numbers, enabling and disabling 26-7
setting the display destination device 26-4
synchronizing log messages 26-5
syslog facility 1-8
time stamps, enabling and disabling 26-7
system message logging (continued)
UNIX syslog servers
configuring the daemon 26-11
configuring the logging facility 26-11
facilities supported 26-12
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
system prompt, default setting 6-14, 6-15
system resources, optimizing 7-1
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-17
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-7
tracking services accessed by user 8-17
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-20
TDR 1-8
Telnet
accessing management interfaces 2-10
number of connections 1-4
setting a password 8-6
templates, SDM 7-1
temporary self-signed certificate 8-38
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-11
configuration files in base directory 3-6
configuring for autoconfiguration 3-5
image files
deleting B-23
downloading B-22
preparing the server B-21
uploading B-24
limiting access by servers 27-15
TFTP server 1-4
threshold, traffic level 21-2
time
Time Domain Reflector
time-range command 28-14
time ranges in ACLs 28-14
time stamps in log messages 26-7
time zones 6-12
Token Ring VLANs
support for 12-5
VTP support 13-4
ToS 1-7
traceroute, Layer 2
and ARP 31-14
and CDP 31-14
broadcast traffic 31-14
described 31-14
IP addresses and subnets 31-14
MAC addresses and VLANs 31-14
multicast traffic 31-14
multiple devices on a port 31-15
unicast traffic 31-14
usage guidelines 31-14
traceroute command 31-16
traffic
blocking flooded 21-7
fragmented 28-3
unfragmented 28-3
traffic policing 1-7
traffic suppression 21-1
transparent mode, VTP 13-3, 13-12
trap-door mechanism 3-2
traps
configuring MAC address notification 6-21
configuring managers 27-11
defined 27-3
notification types 27-11
troubleshooting
connectivity problems 31-12, 31-13, 31-15
detecting unidirectional links 24-1
displaying crash information 31-21
setting packet forwarding 31-19
SFP security and identification 31-11
show forward command 31-19
with CiscoWorks 27-4
with debug commands 31-18
troubleshooting (continued)
with ping 31-12
with system message logging 26-1
with traceroute 31-15
trunking encapsulation 1-6
trunk ports
configuring 12-17
trunks
allowed-VLAN list 12-18
load sharing
setting STP path costs 12-22
using STP port priorities 12-20, 12-21
native VLAN for untagged traffic 12-19
parallel 12-22
pruning-eligible list 12-19
to non-DTP device 12-14
trusted boundary for QoS 29-35
trusted port states
between QoS domains 29-37
classification options 29-5
ensuring port security for IP phones 29-35
support for 1-7
within a QoS domain 29-33
trustpoints, CA 8-37
twisted-pair Ethernet, detecting unidirectional links 24-1
type of service
U
UDLD
configuration guidelines 24-4
default configuration 24-4
disabling
globally 24-5
on fiber-optic interfaces 24-5
per interface 24-5
UDLD (continued)
echoing detection mechanism 24-3
enabling
globally 24-5
per interface 24-5
link-detection mechanism 24-1
neighbor database 24-2
overview 24-1
resetting an interface 24-6
status, displaying 24-6
support for 1-5
unauthorized ports with IEEE 802.1x 9-4
unicast MAC address filtering 1-4
and adding static addresses 6-24
and broadcast MAC addresses 6-24
and CPU packets 6-24
and multicast addresses 6-24
and router MAC addresses 6-24
configuration guidelines 6-24
described 6-24
unicast storm 21-1
unicast storm control command 21-4
unicast traffic, blocking 21-7
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 26-11
facilities supported 26-12
message logging configuration 26-11
unrecognized Type-Length-Value (TLV) support 13-4
upgrading a Catalyst 2950 switch
configuration compatibility issues C-1
differences in configuration commands C-1
feature behavior incompatibilities C-5
incompatible command messages C-1
recommendations C-1
upgrading information
upgrading software images
UplinkFast
described 17-4
disabling 17-13
enabling 17-13
support for 1-5
uploading
configuration files
reasons for B-8
using FTP B-14
using RCP B-18
using TFTP B-11
image files
reasons for B-19
using FTP B-28
using RCP B-32
using TFTP B-24
user EXEC mode 2-2
username-based authentication 8-7
V
version-dependent transparent mode 13-4
vlan.dat file 12-4
VLAN 1, disabling on a trunk port 12-18
VLAN 1 minimization 12-18
vlan-assignment response, VMPS 12-24
VLAN configuration
at bootup 12-7
saving 12-7
VLAN configuration mode 2-2, 12-6
VLAN database
and startup configuration file 12-7
and VTP 13-1
VLAN configuration saved in 12-6
VLANs saved in 12-4
vlan database command 12-6
VLAN filtering and SPAN 23-6
vlan global configuration command 12-6
VLAN ID, discovering 6-26
VLAN management domain 13-2
VLAN Management Policy Server
VLAN membership
confirming 12-27
modes 12-3
VLAN Query Protocol
VLANs
adding 12-8
adding to VLAN database 12-8
aging dynamic addresses 15-9
allowed on trunk 12-18
and spanning-tree instances 12-2, 12-6, 12-12
configuration guidelines, extended-range VLANs 12-12
configuration guidelines, normal-range VLANs 12-5
configuration options 12-6
configuring 12-1
configuring IDs 1006 to 4094 12-12
creating in config-vlan mode 12-8
creating in VLAN configuration mode 12-9
default configuration 12-7
deleting 12-9
displaying 12-13
features 1-6
illustrated 12-2
limiting source traffic with RSPAN 23-22
limiting source traffic with SPAN 23-15
modifying 12-8
multicast 20-16
native, configuring 12-19
number supported 1-6
VLANs (continued)
parameters 12-4
port membership modes 12-3
static-access ports 12-10
STP and IEEE 802.1Q trunks 15-10
supported 12-2
Token Ring 12-5
traffic between 12-2
VTP modes 13-3
VLAN Trunking Protocol
VLAN trunks 12-14
VMPS
administering 12-28
configuration example 12-29
configuration guidelines 12-25
default configuration 12-25
description 12-23
dynamic port membership
described 12-24
reconfirming 12-27
troubleshooting 12-29
entering server address 12-26
mapping MAC addresses to VLANs 12-24
monitoring 12-28
reconfirmation interval, changing 12-27
reconfirming membership 12-27
retry count, changing 12-28
voice-over-IP 14-1
voice VLAN
Cisco 7960 phone, port connections 14-1
configuration guidelines 14-3
configuring IP phones for data traffic
override CoS of incoming frame 14-6
trust CoS priority of incoming frame 14-6
configuring ports for voice traffic in
802.1p priority tagged frames 14-5
802.1Q frames 14-5
connecting to an IP phone 14-4
voice VLAN (continued)
default configuration 14-3
described 14-1
displaying 14-6
IP phone data traffic, described 14-2
IP phone voice traffic, described 14-2
VTP
adding a client to a domain 13-14
and extended-range VLANs 13-1
and normal-range VLANs 13-1
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-7
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-6
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
VTP (continued)
modes
transitions 13-3
monitoring 13-16
passwords 13-8
pruning
disabling 13-14
enabling 13-14
examples 13-5
overview 13-4
support for 1-6
pruning-eligible list, changing 12-19
server mode, configuring 13-9
statistics 13-16
support for 1-6
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-8
Version 1 13-4
Version 2
configuration guidelines 13-8
disabling 13-13
enabling 13-13
overview 13-4
W
weighted tail drop
wizards 1-2
WTD
described 29-12
setting thresholds
egress queue-sets 29-62
ingress queues 29-57
X
Xmodem protocol 31-2