- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring IE2100 CNS Agents
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Interface Characteristics
- Configuring Smartports Macros
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links
- Configuring DHCP Features
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring SPAN and RSPAN
- Configuring UDLD
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels
- Troubleshooting
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Recommendations for Upgrading a Catalyst 2950 Switch to a Catalyst 2960 Switch
- Unsupported Commands in Cisco IOS Release 12.2(25)SED
Index
A
abbreviating commands 2-4
AC (command switch) 5-9
access-class command 28-16
access control entries
access-denied response, VMPS 12-24
access groups, applying IPv4 ACLs to interfaces 28-17
accessing
clusters, switch 5-12
command switches 5-10
member switches 5-12
switch clusters 5-12
access lists
access ports
in switch clusters 5-8
access ports, defined 10-2
accounting
with 802.1x 9-25
with IEEE 802.1x 9-5
with RADIUS 8-28
ACEs
and QoS 29-7
defined 28-2
Ethernet 28-2
IP 28-2
ACLs
ACEs 28-2
any keyword 28-9
applying
time ranges to 28-14
to an interface 28-16
to QoS 29-7
classifying traffic for QoS 29-41
comments in 28-15
compiling 28-17
extended IP
configuring for QoS classification 29-42
extended IPv4
creating 28-8
matching criteria 28-5
hardware and software handling 28-17
host keyword 28-10
IP
creating 28-5
fragments and QoS guidelines 29-32
implicit deny 28-7, 28-11, 28-13
implicit masks 28-7
matching criteria 28-5
undefined 28-17
IPv4
applying to interfaces 28-16
creating 28-5
matching criteria 28-5
named 28-12
numbers 28-6
terminal lines, setting on 28-16
unsupported features 28-4
monitoring 28-22
named, IPv4 28-12
number per QoS class map 29-32
resequencing entries 28-12
standard IP, configuring for QoS classification 29-41
standard IPv4
creating 28-7
matching criteria 28-5
support for 1-6
support in hardware 28-17
time ranges 28-14
unsupported features, IPv4 28-4
active links 18-1
address aliasing 20-2
addresses
displaying the MAC address table 6-26
dynamic
accelerated aging 15-8
changing the aging time 6-20
default aging 15-8
defined 6-19
learning 6-20
removing 6-21
MAC, discovering 6-26
multicast, STP address management 15-8
static
adding and removing 6-23
defined 6-19
address resolution 6-26
Address Resolution Protocol
advertisements
CDP 22-1
aggregated ports
aggregate policers 29-49
aggregate policing 1-8
aging, accelerating 15-8
aging time
accelerated
for MSTP 16-23
MAC address table 6-20
maximum
alarms, RMON 25-3
allowed-VLAN list 12-18
ARP
table
address resolution 6-26
managing 6-26
attributes, RADIUS
vendor-proprietary 8-30
vendor-specific 8-29
audience xxxi
authentication
local mode with AAA 8-32
NTP associations 6-4
RADIUS
key 8-21
login 8-23
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authentication failed VLAN
authoritative time source, described 6-2
authorization
with RADIUS 8-27
authorized ports with IEEE 802.1x 9-4
autoconfiguration 3-3
automatic discovery
considerations
beyond a noncandidate device 5-7
brand new switches 5-8
connectivity 5-4
different VLANs 5-6
management VLANs 5-7
non-CDP-capable devices 5-6
noncluster-capable devices 5-6
in switch clusters 5-4
automatic QoS
automatic recovery, clusters 5-9
auto-MDIX
configuring 10-15
described 10-15
autonegotiation
duplex mode 1-3
interface configuration guidelines 10-11
mismatches 31-11
autosensing, port speed 1-3
auxiliary VLAN
availability, features 1-5
B
BackboneFast
described 17-5
disabling 17-14
enabling 17-13
support for 1-5
backup interfaces
backup links 18-1
banners
configuring
login 6-18
message-of-the-day login 6-18
default configuration 6-17
when displayed 6-17
binding database
DHCP snooping
See DHCP snooping binding database
bindings
DHCP snooping database 19-5
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 21-6
booting
boot loader, function of 3-2
boot process 3-1
manually 3-13
specific image 3-13
boot loader
accessing 3-14
described 3-2
environment variables 3-14
prompt 3-14
trap-door mechanism 3-2
BPDU
error-disabled state 17-3
filtering 17-3
RSTP format 16-12
BPDU filtering
described 17-3
disabling 17-12
enabling 17-12
support for 1-5
BPDU guard
described 17-3
disabling 17-11
enabling 17-11
support for 1-5
bridge protocol data unit
broadcast storm-control command 21-4
broadcast storms 21-1
C
cables, monitoring for unidirectional links 24-1
candidate switch
automatic discovery 5-4
defined 5-3
requirements 5-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 8-41
defined 8-38
caution, described xxxii
CDP
and trusted boundary 29-37
automatic discovery in switch clusters 5-4
configuring 22-2
default configuration 22-2
described 22-1
disabling for routing device 22-3 to 22-4
enabling and disabling
on an interface 22-4
on a switch 22-3
monitoring 22-4
overview 22-1
support for 1-4
transmission timer and holdtime, setting 22-2
updates 22-2
CGMP
as IGMP snooping learning method 20-8
joining multicast group 20-3
CipherSuites 8-39
Cisco 7960 IP Phone 14-1
Cisco Discovery Protocol
Cisco Intelligence Engine 2100 Series Configuration Registrar
Cisco IOS File System
Cisco Network Assistant
Cisco Networking Services
CIST regional root
CIST root
class maps for QoS
configuring 29-44
described 29-7
displaying 29-69
class of service
clearing interfaces 10-19
CLI
abbreviating commands 2-4
command modes 2-1
configuration logging 2-5
described 1-4
editing features
enabling and disabling 2-7
keystroke editing 2-7
wrapped lines 2-9
error messages 2-5
filtering command output 2-10
getting help 2-3
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
managing clusters 5-14
no and default forms of commands 2-4
client mode, VTP 13-3
clock
cluster requirements xxxiii
clusters, switch
accessing 5-12
automatic discovery 5-4
automatic recovery 5-9
benefits 1-1
compatibility 5-4
described 5-1
LRE profile considerations 5-14
managing
through CLI 5-14
through SNMP 5-15
planning 5-4
planning considerations
automatic discovery 5-4
automatic recovery 5-9
CLI 5-14
host names 5-12
IP addresses 5-12
LRE profiles 5-14
passwords 5-13
RADIUS 5-13
TACACS+ 5-13
cluster standby group
automatic recovery 5-11
considerations 5-10
defined 5-2
requirements 5-3
virtual IP address 5-10
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-4
no and default 2-4
commands, setting privilege levels 8-8
command switch
accessing 5-10
active (AC) 5-9
configuration conflicts 31-11
defined 5-2
passive (PC) 5-9
password privilege levels 5-14
priority 5-9
recovery
from command-switch failure 5-9, 31-7
from lost member connectivity 31-11
redundant 5-9
replacing
with another switch 31-10
with cluster member 31-8
requirements 5-3
standby (SC) 5-9
See also candidate switch, cluster standby group, member switch, and standby command switch
community strings
for cluster switches 27-4
in clusters 5-13
overview 27-4
SNMP 5-13
compatibility, feature 21-11
config.text 3-12
configurable leave timer, IGMP 20-5
configuration, initial
defaults 1-9
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration conflicts, recovering from lost member connectivity 31-11
configuration examples, network 1-11
configuration files
clearing the startup configuration B-18
creating using a text editor B-9
default name 3-12
deleting a stored configuration B-18
described B-8
downloading
automatically 3-12
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-10
guidelines for creating and using B-8
invalid combinations when copying B-5
limiting TFTP server access 27-16
obtaining with DHCP 3-7
password recovery disable considerations 8-5
specifying the filename 3-12
system contact and location information 27-15
types and location B-9
uploading
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
configuration logging 2-5
configuration settings, saving 3-10
configure terminal command 10-5
conflicts, configuration 31-11
connections, secure remote 8-33
connectivity problems 31-13, 31-14, 31-16
consistency checks in VTP Version 2 13-4
console port, connecting to 2-10
conventions
command xxxii
for examples xxxii
publication xxxii
text xxxii
corrupted software, recovery steps with Xmodem 31-2
CoS
in Layer 2 frames 29-2
override priority 14-6
trust priority 14-6
CoS input queue threshold map for QoS 29-15
CoS output queue threshold map for QoS 29-18
CoS-to-DSCP map for QoS 29-52
counters, clearing interface 10-19
crashinfo file 31-22
cryptographic software image
SSH 8-33
SSL 8-38
CWDM SFPs 1-16
D
daylight saving time 6-13
debugging
enabling all system diagnostics 31-20
enabling for a specific feature 31-19
redirecting error message output 31-20
using commands 31-19
default commands 2-4
default configuration
802.1x 9-12
auto-QoS 29-20
banners 6-17
booting 3-12
CDP 22-2
DHCP 19-7
DHCP option 82 19-7
DHCP snooping 19-7
DHCP snooping binding database 19-7
DNS 6-16
EtherChannel 30-8
Ethernet interfaces 10-9
Flex Links 18-4
IGMP filtering 20-24
IGMP snooping 20-6
IGMP throttling 20-24
initial switch information 3-3
Layer 2 interfaces 10-9
MAC address table 6-20
MAC address-table move update 18-4
MSTP 16-14
MVR 20-19
NTP 6-4
optional spanning-tree configuration 17-9
password and privilege level 8-2
RADIUS 8-20
RMON 25-3
RSPAN 23-9
SDM template 7-2
SNMP 27-7
SPAN 23-9
SSL 8-40
standard QoS 29-30
STP 15-11
system message logging 26-3
system name and prompt 6-15
TACACS+ 8-13
UDLD 24-4
VLAN, Layer 2 Ethernet interfaces 12-16
VLANs 12-7
VMPS 12-25
voice VLAN 14-3
VTP 13-6
default gateway 3-10
deleting VLANs 12-9
denial-of-service attack 21-1
description command 10-16
designing your network, examples 1-11
destination addresses, in IPv4 ACLs 28-9
destination-IP address-based forwarding, EtherChannel 30-7
destination-MAC address forwarding, EtherChannel 30-6
detecting indirect link failures, STP 17-5
device B-18
device discovery protocol 22-1
device manager
benefits 1-1
in-band management 1-5
requirements xxxii
upgrading a switch B-18
DHCP
Cisco IOS server database
configuring 19-10
enabling
relay agent 19-8
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
TFTP server 3-5
example 3-8
lease options
DHCP-based autoconfiguration (continued)
lease options (continued)
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-3
relay support 1-4
support for 1-4
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 19-5
configuration guidelines 19-7
default configuration 19-7
displaying 19-11
overview 19-3
packet format, suboption
circuit ID 19-5
remote ID 19-5
remote ID suboption 19-5
DHCP snooping
accepting untrusted packets form edge switch 19-3, 19-9
binding database
See DHCP snooping binding database
configuration guidelines 19-7
default configuration 19-7
displaying binding tables 19-11
message exchange process 19-4
option 82 data insertion 19-3
trusted interface 19-2
untrusted interface 19-2
untrusted messages 19-2
DHCP snooping binding database
adding bindings 19-10
binding entries, displaying 19-11
DHCP snooping binding database
binding file
format 19-6
location 19-5
bindings 19-5
clearing agent statistics 19-11
configuration guidelines 19-8
configuring 19-10
default configuration 19-7
deleting
binding file 19-11
bindings 19-11
database agent 19-11
described 19-5
displaying 19-11
displaying status and statistics 19-11
enabling 19-10
entry 19-5
renewing database 19-11
resetting
delay value 19-11
timeout value 19-11
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 29-2
Differentiated Services Code Point 29-2
directed unicast requests 1-4
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, clusters
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-16
displaying the configuration 6-17
overview 6-15
setting up 6-16
support for 1-4
documentation, related xxxii
document conventions xxxii
domain names
DNS 6-15
VTP 13-8
Domain Name System
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-16
using TFTP B-10
image files
deleting old image B-22
reasons for B-19
using CMS 1-2
using FTP B-25
using RCP B-29
using TFTP B-21
using the device manager or Network Assistant B-18
DSCP input queue threshold map for QoS 29-15
DSCP output queue threshold map for QoS 29-18
DSCP-to-CoS map for QoS 29-55
DSCP-to-DSCP-mutation map for QoS 29-56
DSCP transparency 29-37
dual-purpose uplinks
defined 10-4
setting the type 10-11
dynamic access ports
characteristics 12-3
configuring 12-26
defined 10-3
dynamic addresses
dynamic auto trunking mode 12-15
dynamic desirable trunking mode 12-15
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-24
reconfirming 12-27
troubleshooting 12-29
types of connections 12-26
Dynamic Trunking Protocol
E
editing features
enabling and disabling 2-7
keystrokes used 2-7
wrapped lines 2-9
enable password 8-3
enable secret password 8-3
encryption, CipherSuite 8-40
encryption for passwords 8-3
environment variables, function of 3-15
error messages during command entry 2-5
EtherChannel
automatic creation of 30-3, 30-5
channel groups
binding physical and logical interfaces 30-3
numbering of 30-3
configuration guidelines 30-9
configuring Layer 2 interfaces 30-10
default configuration 30-8
described 30-2
displaying status 30-16
forwarding methods 30-6, 30-12
IEEE 802.3ad, described 30-5
interaction
with STP 30-9
with VLANs 30-9
LACP
described 30-5
displaying status 30-16
hot-standby ports 30-14
interaction with other features 30-5
modes 30-5
port priority 30-15
system priority 30-15
PAgP
aggregate-port learners 30-13
compatibility with Catalyst 1900 30-13
described 30-3
displaying status 30-16
interaction with other features 30-4
learn method and priority configuration 30-13
modes 30-4
support for 1-3
port-channel interfaces
described 30-3
numbering of 30-3
port groups 10-3
support for 1-3
EtherChannel guard
described 17-7
disabling 17-14
enabling 17-14
Ethernet VLANs
adding 12-8
defaults and ranges 12-7
modifying 12-8
events, RMON 25-3
examples
conventions for xxxii
network configuration 1-11
expedite queue for QoS 29-67
Express Setup 1-2
See also getting started guide
extended crashinfo file 31-22
extended-range VLANs
configuration guidelines 12-12
configuring 12-11
creating 12-12
defined 12-1
extended system ID
MSTP 16-17
Extensible Authentication Protocol over LAN 9-1
F
features, incompatible 21-11
fiber-optic, detecting unidirectional links 24-1
files
basic crashinfo
description 31-22
location 31-22
copying B-4
crashinfo
description 31-22
deleting B-5
displaying the contents of B-7
extended crashinfo
description 31-23
location 31-23
tar
creating B-5
displaying the contents of B-6
extracting B-7
image file format B-19
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
non-IP traffic 28-19
show and more command output 2-10
filtering show and more command output 2-10
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 18-4
configuring 18-5
default configuration 18-4
description 18-1
monitoring 18-7
flooded traffic, blocking 21-7
flow-based packet classification 1-7
flowcharts
QoS classification 29-6
QoS egress queueing and scheduling 29-16
QoS ingress queueing and scheduling 29-14
QoS policing and marking 29-10
flowcontrol
configuring 10-14
described 10-14
forward-delay time
MSTP 16-23
STP 15-21
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-12
uploading B-14
image files
deleting old image B-27
downloading B-25
preparing the server B-24
uploading B-27
G
get-bulk-request operation 27-3
get-next-request operation 27-3, 27-5
get-request operation 27-3, 27-5
get-response operation 27-3
global configuration mode 2-2
global leave, IGMP 20-12
guest VLAN and 802.1x 9-10
guide
audience xxxi
purpose of xxxi
guide mode 1-2
GUIs
See device manager and Network Assistant
H
hello time
MSTP 16-22
STP 15-20
help, for the command line 2-3
history
changing the buffer size 2-6
described 2-6
disabling 2-7
recalling commands 2-6
history table, level and number of syslog messages 26-9
host names
in clusters 5-12
hosts, limit on dynamic ports 12-29
HP OpenView 1-4
HSRP
automatic cluster recovery 5-11
cluster standby group considerations 5-10
See also clusters, cluster standby group, and standby command switch
HTTP over SSL
HTTPS 8-38
configuring 8-42
self-signed certificate 8-39
HTTP secure server 8-38
I
ICMP
time-exceeded messages 31-16
traceroute and 31-16
ICMP ping
executing 31-14
overview 31-13
IDS appliances
and ingress RSPAN 23-20
and ingress SPAN 23-13
IE2100
CNS embedded agents
described 4-5
enabling automated configuration 4-6
enabling configuration agent 4-9
enabling event agent 4-8
Configuration Registrar
configID, deviceID, hostname 4-3
configuration service 4-2
described 4-1
event service 4-3
IEEE 802.1D
IEEE 802.1p 14-1
IEEE 802.1Q
and trunk ports 10-3
configuration limitations 12-15
encapsulation 12-14
native VLAN for untagged traffic 12-19
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3x flow control 10-14
ifIndex values, SNMP 27-6
IFS 1-4
IGMP
configurable leave timer
described 20-5
enabling 20-11
flooded multicast traffic
controlling the length of time 20-12
disabling on an interface 20-13
global leave 20-12
query solicitation 20-12
recovering from flood mode 20-12
joining multicast group 20-3
join messages 20-3
leave processing, enabling 20-10
leaving multicast group 20-5
queries 20-4
report suppression
described 20-6
disabling 20-15
supported versions 20-2
support for 1-3
IGMP filtering
configuring 20-24
default configuration 20-24
described 20-23
monitoring 20-28
support for 1-3
IGMP groups
configuring filtering 20-27
setting the maximum number 20-26
IGMP Immediate Leave
configuration guidelines 20-11
described 20-5
enabling 20-10
IGMP profile
applying 20-25
configuration mode 20-24
configuring 20-25
IGMP snooping
and address aliasing 20-2
configuring 20-6
default configuration 20-6
definition 20-1
enabling and disabling 20-7
global configuration 20-7
Immediate Leave 20-5
method 20-8
monitoring 20-15
querier
configuration guidelines 20-14
configuring 20-14
supported versions 20-2
support for 1-3
VLAN configuration 20-7
IGMP throttling
configuring 20-27
default configuration 20-24
described 20-24
displaying action 20-28
Immediate Leave, IGMP 20-5
initial configuration
defaults 1-9
Express Setup 1-2
See also getting started guide and hardware installation guide
Intelligence Engine 2100 Series CNS Agents
interface
number 10-5
range macros 10-7
interface command 10-5
interface configuration mode 2-3
interfaces
auto-MDIX, configuring 10-15
configuration guidelines
duplex and speed 10-10
configuring
procedure 10-5
counters, clearing 10-19
default configuration 10-9
described 10-16
descriptive name, adding 10-16
displaying information about 10-18
flow control 10-14
management 1-3
monitoring 10-18
naming 10-16
physical, identifying 10-4, 10-5
range of 10-6
restarting 10-19
shutting down 10-19
speed and duplex, configuring 10-13
status 10-18
supported 10-4
types of 10-1
interfaces range macro command 10-7
interface types 10-5
Intrusion Detection System
IP ACLs
for QoS classification 29-7
implicit masks 28-7
named 28-12
undefined 28-17
IP addresses
cluster access 5-2
command switch 5-3, 5-10, 5-12
discovering 6-26
redundant clusters 5-10
standby command switch 5-10, 5-12
ip igmp profile command 20-24
IP information
assigned
manually 3-9
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP phones
and QoS 14-1
automatic classification and queueing 29-19
configuring 14-4
ensuring port security with QoS 29-36
trusted boundary for QoS 29-36
IP precedence 29-2
IP-precedence-to-DSCP map for QoS 29-53
IP protocols in ACLs 28-9
IP traceroute
executing 31-17
overview 31-16
IPv4 ACLs
applying to interfaces 28-16
extended, creating 28-8
named 28-12
standard, creating 28-7
J
join messages, IGMP 20-3
L
LACP
Layer 2 frames, classification with CoS 29-2
Layer 2 interfaces, default configuration 10-9
Layer 2 traceroute
and ARP 31-15
and CDP 31-15
broadcast traffic 31-15
described 31-15
IP addresses and subnets 31-15
MAC addresses and VLANs 31-15
multicast traffic 31-15
multiple devices on a port 31-16
unicast traffic 31-15
usage guidelines 31-15
Layer 3 packets, classification methods 29-2
LDAP 4-2
LEDs, switch
See hardware installation guide
lightweight directory access protocol
line configuration mode 2-3
Link Aggregation Control Protocol
Link Failure
detecting unidirectional 16-8
link redundancy
links, unidirectional 24-1
local SPAN 23-2
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-17
log messages
Long-Reach Ethernet (LRE) technology 1-12
loop guard
described 17-9
enabling 17-15
support for 1-6
LRE profiles, considerations in switch clusters 5-14
M
MAC addresses
aging time 6-20
and VLAN association 6-20
building the address table 6-20
default configuration 6-20
discovering 6-26
displaying 6-26
dynamic
learning 6-20
removing 6-21
in ACLs 28-19
static
adding 6-24
allowing 6-25
characteristics of 6-23
dropping 6-25
removing 6-24
MAC address notification, support for 1-8
MAC address-table move update
configuration guidelines 18-4
configuring 18-5
default configuration 18-4
description 18-2
monitoring 18-7
MAC address-to-VLAN mapping 12-24
MAC extended access lists
applying to Layer 2 interfaces 28-21
configuring for QoS 29-43
creating 28-19
defined 28-19
for QoS classification 29-5
macros
magic packet 9-11
manageability features 1-4
management access
in-band
browser session 1-5
CLI session 1-5
device manager 1-5
SNMP 1-5
out-of-band console port connection 1-5
management options
CLI 2-1
clustering 1-2
CNS 4-1
Network Assistant 1-2
overview 1-3
management VLAN
considerations in switch clusters 5-7
discovery through different management VLANs 5-7
mapping tables for QoS
configuring
CoS-to-DSCP 29-52
DSCP 29-51
DSCP-to-CoS 29-55
DSCP-to-DSCP-mutation 29-56
IP-precedence-to-DSCP 29-53
policed-DSCP 29-54
described 29-11
marking
action in policy map 29-46
action with aggregate policers 29-49
matching, IPv4 ACLs 28-5
maximum aging time
MSTP 16-23
STP 15-21
maximum hop count, MSTP 16-24
membership mode, VLAN port 12-3
member switch
automatic discovery 5-4
defined 5-2
managing 5-14
passwords 5-12
recovering from lost connectivity 31-11
requirements 5-3
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 6-17
MIBs
accessing files with FTP A-3
location of files A-3
overview 27-1
SNMP interaction with 27-4
supported A-1
mirroring traffic for analysis 23-1
mismatches, autonegotiation 31-11
module number 10-5
monitoring
access groups 28-22
cables for unidirectional links 24-1
CDP 22-4
features 1-8
Flex Links 18-7
IGMP
filters 20-28
snooping 20-15
interfaces 10-18
IPv4 ACL configuration 28-22
MAC address-table move update 18-7
multicast router interfaces 20-16
MVR 20-23
network traffic for analysis with probe 23-2
port
blocking 21-16
protection 21-16
speed and duplex mode 10-13
traffic flowing among switches 25-1
traffic suppression 21-16
VLANs 12-13
VMPS 12-28
VTP 13-16
MSTP
boundary ports
configuration guidelines 16-15
described 16-6
BPDU filtering
described 17-3
enabling 17-12
BPDU guard
described 17-3
enabling 17-11
CIST, described 16-3
CIST root 16-5
configuration guidelines 16-15, 17-10
configuring
forward-delay time 16-23
hello time 16-22
link type for rapid convergence 16-24
maximum aging time 16-23
maximum hop count 16-24
MST region 16-16
neighbor type 16-25
path cost 16-20
port priority 16-19
root switch 16-17
secondary root switch 16-18
switch priority 16-21
CST
defined 16-3
operations between regions 16-4
default configuration 16-14
default optional feature configuration 17-9
displaying status 16-26
enabling the mode 16-16
EtherChannel guard
described 17-7
enabling 17-14
extended system ID
effects on root switch 16-17
effects on secondary root switch 16-18
unexpected behavior 16-17
IEEE 802.1s
implementation 16-6
port role naming change 16-7
terminology 16-5
instances supported 15-9
interface state, blocking to forwarding 17-2
interoperability and compatibility among modes 15-10
interoperability with IEEE 802.1D
described 16-8
restarting migration process 16-25
IST
defined 16-3
master 16-3
operations within a region 16-3
loop guard
described 17-9
enabling 17-15
mapping VLANs to MST instance 16-16
MST region
CIST 16-3
configuring 16-16
described 16-2
hop-count mechanism 16-5
IST 16-3
MST region (continued)
supported spanning-tree instances 16-2
optional features supported 1-5
overview 16-2
Port Fast
described 17-2
enabling 17-10
preventing root switch selection 17-8
root guard
described 17-8
enabling 17-15
root switch
configuring 16-17
effects of extended system ID 16-17
unexpected behavior 16-17
shutdown Port Fast-enabled port 17-3
status, displaying 16-26
multicast groups
Immediate Leave 20-5
joining 20-3
leaving 20-5
static joins 20-10
multicast router interfaces, monitoring 20-16
multicast router ports, adding 20-9
multicast storm 21-1
multicast storm-control command 21-4
multicast television application 20-18
multicast VLAN 20-17
Multicast VLAN Registration
MVR
and address aliasing 20-20
and IGMPv3 20-20
configuration guidelines 20-20
configuring interfaces 20-21
default configuration 20-19
described 20-17
example application 20-18
modes 20-21
monitoring 20-23
multicast television application 20-18
setting global parameters 20-20
support for 1-3
N
named IPv4 ACLs 28-12
NameSpace Mapper
native VLAN
configuring 12-19
default 12-19
Network Assistant
benefits 1-1
described 1-3
downloading image files 1-2
guide mode 1-2
management options 1-2
requirements xxxii
upgrading a switch B-18
wizards 1-2
network configuration examples
increasing network performance 1-11
long-distance, high-bandwidth transport 1-16
providing network services 1-12
server aggregation and Linux server cluster 1-13
small to medium-sized network 1-14
network design
performance 1-11
services 1-12
network management
CDP 22-1
RMON 25-1
SNMP 27-1
Network Time Protocol
no commands 2-4
nonhierarchical policy maps
configuring 29-46
described 29-8
non-IP traffic filtering 28-19
nontrunking mode 12-15
normal-range VLANs 12-4
configuration guidelines 12-5
configuration modes 12-6
configuring 12-4
defined 12-1
note, described xxxii
NSM 4-3
NTP
associations
authenticating 6-4
defined 6-2
enabling broadcast messages 6-6
peer 6-5
server 6-5
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-8
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-4
synchronizing devices 6-5
time
services 6-2
synchronizing 6-2
O
optimizing system resources 7-1
options, management 1-3
out-of-profile markdown 1-8
P
packet modification, with QoS 29-18
PAgP
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-3
for security 1-6
in clusters 5-13
overview 8-1
recovery of 31-3
setting
enable 8-3
enable secret 8-3
Telnet 8-6
with usernames 8-6
VTP domain 13-8
path cost
MSTP 16-20
STP 15-18
PC (passive command switch) 5-9
performance, network design 1-11
performance features 1-3
persistent self-signed certificate 8-39
per-VLAN spanning-tree plus
physical ports 10-2
PIM-DVMRP, as snooping method 20-8
ping
character output description 31-14
executing 31-14
overview 31-13
policed-DSCP map for QoS 29-54
policers
configuring
for each matched traffic class 29-46
for more than one traffic class 29-49
described 29-4
displaying 29-69
number of 29-32
types of 29-8
policing
described 29-4
token-bucket algorithm 29-9
policy maps for QoS
characteristics of 29-46
described 29-7
displaying 29-69
nonhierarchical on physical ports
configuring 29-46
described 29-8
port ACLs, described 28-2
Port Aggregation Protocol
port-based authentication
accounting 9-5
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-14
configuring
802.1x authentication 9-15
guest VLAN 9-22
host mode 9-21
manual re-authentication of a client 9-19
periodic re-authentication 9-18
quiet period 9-19
RADIUS server 9-17
RADIUS server parameters on the switch 9-16
restricted VLAN 9-24
switch-to-client frame-retransmission number 9-20, 9-21
switch-to-client retransmission time 9-19
default configuration 9-12
described 9-1
device roles 9-2
displaying statistics 9-26
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-3
guest VLAN
configuration guidelines 9-10, 9-11
described 9-10
host mode 9-6
initiation and message exchange 9-3
magic packet 9-11
method lists 9-15
multiple-hosts mode, described 9-6
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
voice VLAN 9-8
port security
and voice VLAN 9-8
described 9-7
interactions 9-7
multiple-hosts mode 9-7
resetting to default values 9-25
statistics, displaying 9-26
switch
as proxy 9-3
RADIUS client 9-3
VLAN assignment
AAA authorization 9-15
characteristics 9-9
configuration tasks 9-9
described 9-8
voice VLAN
described 9-8
PVID 9-8
voice VLAN (continued)
VVID 9-8
wake-on-LAN, described 9-11
port-channel
Port Fast
described 17-2
enabling 17-10
mode, spanning tree 12-25
support for 1-5
port membership modes, VLAN 12-3
port priority
MSTP 16-19
STP 15-16
ports
access 10-2
blocking 21-6
dual-purpose uplink 10-4
dynamic access 12-3
protected 21-5
secure 21-7
switch 10-2
VLAN assignments 12-10
port security
aging 21-15
and QoS trusted boundary 29-36
configuring 21-11
default configuration 21-10
described 21-7
displaying 21-16
on trunk ports 21-12
sticky learning 21-8
violations 21-9
with other features 21-10
port-shutdown response, VMPS 12-24
preferential treatment of traffic
preventing unauthorized access 8-1
primary links 18-2
priority
overriding CoS 14-6
trusting CoS 14-6
private VLAN edge ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 5-14
exiting 8-9
logging into 8-9
mapping on member switches 5-14
setting a command with 8-8
pruning, VTP
disabling
in VTP domain 13-14
on a port 12-19
enabling
in VTP domain 13-14
on a port 12-19
examples 13-5
overview 13-4
pruning-eligible list
changing 12-19
for VTP pruning 13-4
VLANs 13-14
PVST+
described 15-9
IEEE 802.1Q trunking interoperability 15-10
instances supported 15-9
Q
QoS
and MQC commands 29-1
auto-QoS
categorizing traffic 29-20
configuration and defaults display 29-29
configuration guidelines 29-24
described 29-19
disabling 29-26
displaying generated commands 29-26
displaying the initial configuration 29-29
effects on running configuration 29-24
egress queue defaults 29-20
enabling for VoIP 29-25
example configuration 29-27
ingress queue defaults 29-20
list of generated commands 29-21
basic model 29-4
classification
class maps, described 29-7
defined 29-4
DSCP transparency, described 29-37
flowchart 29-6
forwarding treatment 29-3
in frames and packets 29-3
MAC ACLs, described 29-5, 29-7
options for IP traffic 29-5
options for non-IP traffic 29-5
policy maps, described 29-7
trust DSCP, described 29-5
trusted CoS, described 29-5
trust IP precedence, described 29-5
class maps
configuring 29-44
displaying 29-69
configuration guidelines
auto-QoS 29-24
standard QoS 29-32
configuring
aggregate policers 29-49
auto-QoS 29-19
default port CoS value 29-35
DSCP maps 29-51
DSCP transparency 29-37
DSCP trust states bordering another domain 29-38
egress queue characteristics 29-61
ingress queue characteristics 29-57
IP extended ACLs 29-42
IP standard ACLs 29-41
MAC ACLs 29-43
policy maps on physical ports 29-46
port trust states within the domain 29-34
trusted boundary 29-36
default auto configuration 29-20
default standard configuration 29-30
displaying statistics 29-69
DSCP transparency 29-37
egress queues
allocating buffer space 29-62
buffer allocation scheme, described 29-17
configuring shaped weights for SRR 29-66
configuring shared weights for SRR 29-67
described 29-4
displaying the threshold map 29-65
flowchart 29-16
mapping DSCP or CoS values 29-64
scheduling, described 29-4
setting WTD thresholds 29-62
WTD, described 29-18
enabling globally 29-33
flowcharts
classification 29-6
egress queueing and scheduling 29-16
flowcharts (continued)
ingress queueing and scheduling 29-14
policing and marking 29-10
implicit deny 29-7
ingress queues
allocating bandwidth 29-59
allocating buffer space 29-59
buffer and bandwidth allocation, described 29-15
configuring shared weights for SRR 29-59
configuring the priority queue 29-60
described 29-4
displaying the threshold map 29-58
flowchart 29-14
mapping DSCP or CoS values 29-58
priority queue, described 29-15
scheduling, described 29-4
setting WTD thresholds 29-58
WTD, described 29-15
IP phones
automatic classification and queueing 29-19
detection and trusted settings 29-19, 29-36
limiting bandwidth on egress interface 29-68
mapping tables
CoS-to-DSCP 29-52
displaying 29-69
DSCP-to-CoS 29-55
DSCP-to-DSCP-mutation 29-56
IP-precedence-to-DSCP 29-53
policed-DSCP 29-54
types of 29-11
marked-down actions 29-48
overview 29-1
packet modification 29-18
policers
described 29-8
displaying 29-69
policers (continued)
number of 29-32
types of 29-8
policies, attaching to an interface 29-8
policing
token bucket algorithm 29-9
policy maps
characteristics of 29-46
displaying 29-69
nonhierarchical on physical ports 29-46
QoS label, defined 29-4
queues
configuring egress characteristics 29-61
configuring ingress characteristics 29-57
high priority (expedite) 29-18, 29-67
location of 29-12
SRR, described 29-13
WTD, described 29-12
rewrites 29-18
support for 1-7
trust states
bordering another domain 29-38
described 29-5
trusted device 29-36
within the domain 29-34
quality of service
queries, IGMP 20-4
query solicitation, IGMP 20-12
R
RADIUS
attributes
vendor-proprietary 8-30
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-20, 8-21
multiple UDP ports 8-20
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-20
in clusters 5-13
limiting the services to the user 8-27
method list, defined 8-19
operation of 8-19
overview 8-17
suggested network environments 8-18
support for 1-7
tracking services accessed by user 8-28
range
macro 10-7
of interfaces 10-6
rapid convergence 16-10
rapid per-VLAN spanning-tree plus
rapid PVST+
described 15-9
IEEE 802.1Q trunking interoperability 15-10
instances supported 15-9
Rapid Spanning Tree Protocol
rcommand command 5-14
RCP
configuration files
downloading B-16
overview B-15
preparing the server B-15
uploading B-17
image files
deleting old image B-31
downloading B-29
preparing the server B-28
uploading B-31
reconfirmation interval, VMPS, changing 12-27
reconfirming dynamic VLAN membership 12-27
recovery procedures 31-1
redundancy
EtherChannel 30-2
STP
backbone 15-8
path cost 12-22
port priority 12-20
redundant links and UplinkFast 17-13
reloading software 3-15
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
remote SPAN 23-2
report suppression, IGMP
described 20-6
disabling 20-15
requirements
cluster xxxiii
device manager xxxii
Network Assistant xxxii
resequencing ACL entries 28-12
resetting a UDLD-shutdown interface 24-6
restricted VLAN
configuring 9-24
described 9-10
using with IEEE 802.1x 9-10
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-17
TACACS+ 8-10
retry count, VMPS, changing 12-28
RFC
1112, IP multicast and IGMP 20-2
1157, SNMPv1 27-2
1305, NTP 6-2
1757, RMON 25-2
1901, SNMPv2C 27-2
1902 to 1907, SNMPv2 27-2
2236, IP multicast and IGMP 20-2
2273-2275, SNMPv3 27-2
RMON
default configuration 25-3
displaying status 25-6
enabling alarms and events 25-3
groups supported 25-2
overview 25-1
statistics
collecting group Ethernet 25-5
collecting group history 25-5
support for 1-8
root guard
described 17-8
enabling 17-15
support for 1-5
root switch
MSTP 16-17
STP 15-14
RSPAN 23-2
characteristics 23-7
configuration guidelines 23-16
default configuration 23-9
destination ports 23-6
displaying status 23-22
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-6
received traffic 23-4
sessions
creating 23-16
defined 23-3
limiting source traffic to specific VLANs 23-21
specifying monitored ports 23-16
with ingress traffic enabled 23-20
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
RSTP
active topology 16-9
BPDU
format 16-12
processing 16-13
designated port, defined 16-9
designated switch, defined 16-9
interoperability with IEEE 802.1D
described 16-8
restarting migration process 16-25
topology changes 16-13
overview 16-8
port roles
described 16-9
synchronized 16-11
proposal-agreement handshake process 16-10
rapid convergence
described 16-10
edge ports and Port Fast 16-10
point-to-point links 16-10, 16-24
root ports 16-10
root port, defined 16-9
running configuration, saving 3-10
S
SC (standby command switch) 5-9
scheduled reloads 3-15
SDM
described 7-1
templates
configuring 7-2
number of 7-1
SDM template
configuration guidelines 7-2
configuring 7-2
types of 7-1
secure HTTP client
configuring 8-43
displaying 8-44
secure HTTP server
configuring 8-42
displaying 8-44
secure MAC addresses
deleting 21-14
maximum number of 21-8
types of 21-8
secure ports, configuring 21-7
secure remote connections 8-33
Secure Socket Layer
security, port 21-7
security features 1-6
sequence numbers in log messages 26-7
server mode, VTP 13-3
service-provider network, MSTP and RSTP 16-1
set-request operation 27-5
setup program
failed command switch replacement 31-10
replacing failed command switch 31-8
severity levels, defining in system messages 26-8
SFPs
monitoring status of 10-18, 31-13
security and identification 31-12
status, displaying 31-13
shaped round robin
show access-lists hw-summary command 28-17
show and more command output, filtering 2-10
show cdp traffic command 22-5
show cluster members command 5-14
show configuration command 10-16
show forward command 31-20
show interfaces command 10-13, 10-16
show platform forward command 31-20
show running-config command
interface description in 10-16
shutdown command on interfaces 10-19
Simple Network Management Protocol
Smartports macros
applying Cisco-default macros 11-6
applying global parameter values 11-5, 11-6
applying macros 11-5
applying parameter values 11-5, 11-7
configuration guidelines 11-3
creating 11-4
default configuration 11-2
defined 11-1
displaying 11-8
tracing 11-3
website 11-2
SNAP 22-1
SNMP
accessing MIB variables with 27-4
agent
described 27-4
disabling 27-8
authentication level 27-11
community strings
configuring 27-8
for cluster switches 27-4
overview 27-4
configuration examples 27-16
default configuration 27-7
engine ID 27-7
host 27-7
ifIndex values 27-6
in-band management 1-5
in clusters 5-13
informs
and trap keyword 27-12
described 27-5
differences from traps 27-5
disabling 27-15
enabling 27-15
limiting access by TFTP servers 27-16
limiting system log messages to NMS 26-9
managing clusters with 5-15
MIBs
location of A-3
supported A-1
notifications 27-5
security levels 27-3
status, displaying 27-17
system contact and location 27-15
trap manager, configuring 27-14
traps
differences from informs 27-5
disabling 27-15
enabling 27-12
enabling MAC address notification 6-21
types of 27-12
versions supported 27-2
SNMPv1 27-2
SNMPv2C 27-2
SNMPv3 27-2
snooping, IGMP 20-1
software images
location in flash B-19
recovery procedures 31-2
scheduling reloads 3-16
tar file format, described B-19
See also downloading and uploading
source addresses, in IPv4 ACLs 28-9
source-and-destination-IP address based forwarding, EtherChannel 30-7
source-and-destination MAC address forwarding, EtherChannel 30-6
source-IP address based forwarding, EtherChannel 30-6
source-MAC address forwarding, EtherChannel 30-6
SPAN
configuration guidelines 23-10
default configuration 23-9
destination ports 23-6
displaying status 23-22
interaction with other features 23-8
monitored ports 23-5
monitoring ports 23-6
ports, restrictions 21-11
received traffic 23-4
sessions
configuring ingress forwarding 23-14, 23-21
creating 23-10
defined 23-3
limiting source traffic to specific VLANs 23-14
removing destination (monitoring) ports 23-12
specifying monitored ports 23-10
with ingress traffic enabled 23-13
source ports 23-5
transmitted traffic 23-5
VLAN-based 23-6
spanning tree and native VLANs 12-15
Spanning Tree Protocol
SPAN traffic 23-4
SRR
configuring
shaped weights on egress queues 29-66
shared weights on egress queues 29-67
shared weights on ingress queues 29-59
described 29-13
shaped mode 29-13
shared mode 29-13
support for 1-8
SSH
configuring 8-35
cryptographic software image 8-33
encryption methods 8-33
user authentication methods, supported 8-34
SSL
configuration guidelines 8-40
configuring a secure HTTP client 8-43
configuring a secure HTTP server 8-42
cryptographic software image 8-38
described 8-38
monitoring 8-44
standby command switch
considerations 5-10
defined 5-2
priority 5-9
requirements 5-3
virtual IP address 5-10
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby links 18-2
startup configuration
booting
manually 3-13
specific image 3-13
clearing B-18
configuration file
automatically downloading 3-12
specifying the filename 3-12
default boot configuration 3-12
static access ports
assigning to VLAN 12-10
static addresses
static MAC addressing 1-6
static VLAN membership 12-2
statistics
802.1x 9-26
CDP 22-4
interface 10-18
QoS ingress and egress 29-69
RMON group Ethernet 25-5
RMON group history 25-5
SNMP input and output 27-17
VTP 13-16
sticky learning 21-8
storm control
configuring 21-3
described 21-1
disabling 21-5
displaying 21-16
support for 1-3
thresholds 21-1
STP
accelerating root port selection 17-4
BackboneFast
described 17-5
disabling 17-14
enabling 17-13
BPDU filtering
described 17-3
disabling 17-12
enabling 17-12
BPDU guard
described 17-3
disabling 17-11
enabling 17-11
BPDU message exchange 15-3
configuration guidelines 15-11, 17-10
configuring
forward-delay time 15-21
hello time 15-20
maximum aging time 15-21
path cost 15-18
port priority 15-16
root switch 15-14
secondary root switch 15-16
spanning-tree mode 15-13
switch priority 15-19
counters, clearing 15-22
default configuration 15-11
default optional feature configuration 17-9
designated port, defined 15-3
designated switch, defined 15-3
detecting indirect link failures 17-5
disabling 15-14
displaying status 15-22
EtherChannel guard
described 17-7
disabling 17-14
enabling 17-14
extended system ID
effects on root switch 15-14
effects on the secondary root switch 15-16
overview 15-4
unexpected behavior 15-14
features supported 1-5
IEEE 802.1D and bridge ID 15-4
IEEE 802.1D and multicast addresses 15-8
IEEE 802.1t and VLAN identifier 15-4
inferior BPDU 15-3
instances supported 15-9
interface state, blocking to forwarding 17-2
interface states
blocking 15-6
disabled 15-7
learning 15-6
listening 15-6
overview 15-4
interoperability and compatibility among modes 15-10
limitations with IEEE 802.1Q trunks 15-10
load sharing
overview 12-20
using path costs 12-22
using port priorities 12-20
loop guard
described 17-9
enabling 17-15
modes supported 15-9
multicast addresses, effect of 15-8
optional features supported 1-5
overview 15-2
path costs 12-22
Port Fast
described 17-2
enabling 17-10
port priorities 12-21
preventing root switch selection 17-8
protocols supported 15-9
redundant connectivity 15-8
root guard
described 17-8
enabling 17-15
root port, defined 15-3
root switch
configuring 15-14
effects of extended system ID 15-4, 15-14
election 15-3
unexpected behavior 15-14
shutdown Port Fast-enabled port 17-3
status, displaying 15-22
superior BPDU 15-3
timers, described 15-20
UplinkFast
described 17-4
enabling 17-13
stratum, NTP 6-2
success response, VMPS 12-24
summer time 6-13
SunNet Manager 1-4
switch clustering technology 5-1
switch console port 1-5
Switch Database Management
Switched Port Analyzer
switched ports 10-2
switchport block multicast command 21-7
switchport block unicast command 21-7
switchport protected command 21-6
switch priority
MSTP 16-21
STP 15-19
switch software features 1-1
syslog
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-1
system message logging
default configuration 26-3
defining error message severity levels 26-8
disabling 26-3
displaying the configuration 26-12
enabling 26-4
facility keywords, described 26-12
level keywords, described 26-9
limiting messages 26-9
message format 26-2
overview 26-1
sequence numbers, enabling and disabling 26-7
setting the display destination device 26-4
synchronizing log messages 26-5
syslog facility 1-8
time stamps, enabling and disabling 26-7
UNIX syslog servers
configuring the daemon 26-10
configuring the logging facility 26-11
facilities supported 26-12
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
system prompt, default setting 6-14, 6-15
system resources, optimizing 7-1
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-16
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
in clusters 5-13
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-7
tracking services accessed by user 8-16
tar files
creating B-5
displaying the contents of B-6
extracting B-7
image file format B-19
TDR 1-8
Telnet
accessing management interfaces 2-10
number of connections 1-5
setting a password 8-6
templates, SDM 7-1
temporary self-signed certificate 8-39
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-10
preparing the server B-10
uploading B-11
configuration files in base directory 3-5
configuring for autoconfiguration 3-5
image files
deleting B-22
downloading B-21
preparing the server B-21
uploading B-23
limiting access by servers 27-16
TFTP server 1-4
threshold, traffic level 21-2
time
Time Domain Reflector
time-range command 28-14
time ranges in ACLs 28-14
time stamps in log messages 26-7
time zones 6-12
Token Ring VLANs
support for 12-5
VTP support 13-4
ToS 1-7
traceroute, Layer 2
and ARP 31-15
and CDP 31-15
broadcast traffic 31-15
described 31-15
IP addresses and subnets 31-15
MAC addresses and VLANs 31-15
multicast traffic 31-15
multiple devices on a port 31-16
unicast traffic 31-15
usage guidelines 31-15
traceroute command 31-17
traffic
blocking flooded 21-7
fragmented 28-3
unfragmented 28-3
traffic policing 1-7
traffic suppression 21-1
transmit hold-count
transparent mode, VTP 13-3, 13-12
trap-door mechanism 3-2
traps
configuring MAC address notification 6-21
configuring managers 27-12
defined 27-3
notification types 27-12
troubleshooting
connectivity problems 31-13, 31-14, 31-16
detecting unidirectional links 24-1
displaying crash information 31-22
setting packet forwarding 31-20
SFP security and identification 31-12
show forward command 31-20
with CiscoWorks 27-4
with debug commands 31-19
with ping 31-13
with system message logging 26-1
with traceroute 31-16
trunking encapsulation 1-6
trunk ports
configuring 12-17
trunks
allowed-VLAN list 12-18
load sharing
setting STP path costs 12-22
using STP port priorities 12-20, 12-21
native VLAN for untagged traffic 12-19
parallel 12-22
pruning-eligible list 12-19
to non-DTP device 12-14
trusted boundary for QoS 29-36
trusted port states
between QoS domains 29-38
classification options 29-5
ensuring port security for IP phones 29-36
support for 1-7
within a QoS domain 29-34
trustpoints, CA 8-38
twisted-pair Ethernet, detecting unidirectional links 24-1
type of service
U
UDLD
configuration guidelines 24-4
default configuration 24-4
disabling
globally 24-5
on fiber-optic interfaces 24-5
per interface 24-5
echoing detection mechanism 24-2
enabling
globally 24-5
per interface 24-5
link-detection mechanism 24-1
neighbor database 24-2
overview 24-1
resetting an interface 24-6
status, displaying 24-6
support for 1-5
unauthorized ports with IEEE 802.1x 9-4
unicast MAC address filtering 1-4
and adding static addresses 6-25
and broadcast MAC addresses 6-24
and CPU packets 6-24
and multicast addresses 6-24
and router MAC addresses 6-24
configuration guidelines 6-24
described 6-24
unicast storm 21-1
unicast storm control command 21-4
unicast traffic, blocking 21-7
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 26-10
facilities supported 26-12
message logging configuration 26-11
unrecognized Type-Length-Value (TLV) support 13-4
upgrading a Catalyst 2950 switch
configuration compatibility issues C-1
differences in configuration commands C-1
feature behavior incompatibilities C-5
incompatible command messages C-1
recommendations C-1
upgrading information
upgrading software images
UplinkFast
described 17-4
disabling 17-13
enabling 17-13
support for 1-5
uploading
configuration files
reasons for B-8
using FTP B-14
using RCP B-17
using TFTP B-11
image files
reasons for B-19
using FTP B-27
using RCP B-31
using TFTP B-23
user EXEC mode 2-2
username-based authentication 8-6
V
version-dependent transparent mode 13-4
virtual IP address
cluster standby group 5-10
command switch 5-10
vlan.dat file 12-4
VLAN 1, disabling on a trunk port 12-18
VLAN 1 minimization 12-18
vlan-assignment response, VMPS 12-24
VLAN configuration
at bootup 12-7
saving 12-7
VLAN configuration mode 2-2, 12-6
VLAN database
and startup configuration file 12-7
and VTP 13-1
VLAN configuration saved in 12-6
VLANs saved in 12-4
vlan database command 12-6
VLAN filtering and SPAN 23-6
vlan global configuration command 12-6
VLAN ID, discovering 6-26
VLAN management domain 13-2
VLAN Management Policy Server
VLAN membership
confirming 12-27
modes 12-3
VLAN Query Protocol
VLANs
adding 12-8
adding to VLAN database 12-8
aging dynamic addresses 15-9
allowed on trunk 12-18
and spanning-tree instances 12-2, 12-6, 12-12
configuration guidelines, extended-range VLANs 12-12
configuration guidelines, normal-range VLANs 12-5
configuration options 12-6
configuring 12-1
configuring IDs 1006 to 4094 12-12
creating in config-vlan mode 12-8
creating in VLAN configuration mode 12-9
default configuration 12-7
deleting 12-9
displaying 12-13
features 1-6
illustrated 12-2
limiting source traffic with RSPAN 23-21
limiting source traffic with SPAN 23-14
modifying 12-8
multicast 20-17
native, configuring 12-19
number supported 1-6
parameters 12-4
port membership modes 12-3
static-access ports 12-10
STP and IEEE 802.1Q trunks 15-10
supported 12-2
Token Ring 12-5
traffic between 12-2
VTP modes 13-3
VLAN Trunking Protocol
VLAN trunks 12-14
VMPS
administering 12-28
configuration example 12-29
configuration guidelines 12-25
default configuration 12-25
description 12-23
dynamic port membership
described 12-24
reconfirming 12-27
troubleshooting 12-29
entering server address 12-26
mapping MAC addresses to VLANs 12-24
monitoring 12-28
reconfirmation interval, changing 12-27
reconfirming membership 12-27
retry count, changing 12-28
voice-over-IP 14-1
voice VLAN
Cisco 7960 phone, port connections 14-1
configuration guidelines 14-3
configuring IP phones for data traffic
override CoS of incoming frame 14-6
trust CoS priority of incoming frame 14-6
configuring ports for voice traffic in
802.1p priority tagged frames 14-5
802.1Q frames 14-5
connecting to an IP phone 14-4
default configuration 14-3
described 14-1
displaying 14-6
IP phone data traffic, described 14-2
IP phone voice traffic, described 14-2
VTP
adding a client to a domain 13-14
and extended-range VLANs 13-1
and normal-range VLANs 13-1
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-7
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-6
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
modes
transitions 13-3
monitoring 13-16
passwords 13-8
pruning
disabling 13-14
enabling 13-14
examples 13-5
overview 13-4
support for 1-6
pruning-eligible list, changing 12-19
server mode, configuring 13-9
statistics 13-16
support for 1-6
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-8
Version 1 13-4
Version 2
configuration guidelines 13-8
disabling 13-13
enabling 13-13
overview 13-4
W
weighted tail drop
wizards 1-2
WTD
described 29-12
setting thresholds
egress queue-sets 29-62
ingress queues 29-58
support for 1-8
X
Xmodem protocol 31-2