- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Interface Characteristics
- Configuring Auto Smartports Macros
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring UDLD
- Configuring CDP
- Configuring LLDP, LLDP-MED, and Wired Location Service
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Network Security with ACLs
- Configuring Cisco IOS IP SLAs Operations
- Configuring QoS
- Configuring IPv6 Host
- Configuring IPv6 MLD Snooping
- Configuring EtherChannels and Link-State Tracking
- Troubleshooting
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Recommendations for Upgrading a Catalyst 2950 Switch to a Catalyst 2960 Switch
- Unsupported Commands in Cisco IOS Release 12.2(52)SE
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
A
abbreviating commands 4
AC (command switch) 9
access-class command 34
access control entries
access-denied response, VMPS 23
access groups, applying IPv4 ACLs to interfaces 35
accessing
clusters, switch 12
command switches 10
member switches 12
switch clusters 12
access lists
access ports
in switch clusters 8
access ports, defined 2
accounting
with 802.1x 47
with IEEE 802.1x 15
with RADIUS 33
ACEs
and QoS 7
defined 20
Ethernet 20
IP 20
ACLs
ACEs 20
any keyword 27
applying
time ranges to 32
to an interface 34
to QoS 7
classifying traffic for QoS 40
comments in 33
compiling 37
extended IP, configuring for QoS classification 41
extended IPv4
creating 26
matching criteria 23
hardware and software handling 36
host keyword 28
IP
creating 23
fragments and QoS guidelines 31
implicit masks 25
matching criteria 23
undefined 35
IPv4
applying to interfaces 34
creating 23
matching criteria 23
named 30
numbers 24
terminal lines, setting on 34
unsupported features 22
monitoring 42
named, IPv4 30
number per QoS class map 31
resequencing entries 30
standard IP, configuring for QoS classification 40
standard IPv4
creating 25
matching criteria 23
support for 10
support in hardware 36
time ranges 32
unsupported features, IPv4 22
active links 2
active traffic monitoring, IP SLAs 1
address aliasing 2
addresses
displaying the MAC address table 29
dynamic
accelerated aging 8
changing the aging time 21
default aging 8
defined 19
learning 20
removing 21
IPv6 2
MAC, discovering 30
multicast, STP address management 8
static
adding and removing 26
defined 19
address resolution 30
Address Resolution Protocol
advertisements
CDP 1
aggregatable global unicast addresses 3
aggregated ports
aggregate policers 48
aggregate policing 13
aging, accelerating 8
aging time
accelerated
for MSTP 23
MAC address table 21
maximum
alarms, RMON 3
allowed-VLAN list 16
ARP
table
address resolution 30
managing 30
attributes, RADIUS
vendor-proprietary 36
vendor-specific 34
attribute-value pairs 13, 15, 19, 20
authentication
local mode with AAA 38
NTP associations 4
open1x 29
RADIUS
key 26
login 28
TACACS+
defined 11
key 13
login 14
See also port-based authentication
authentication compatibility with Catalyst 6000 switches 9
authentication failed VLAN
authentication manager
CLI commands 10
compatibility with older 802.1x CLI commands10to ??
overview 8
authoritative time source, described 2
authorization
with RADIUS 32
authorized ports with IEEE 802.1x 11
autoconfiguration 3
auto enablement 30
automatic discovery
considerations
beyond a noncandidate device 7
brand new switches 8
connectivity 4
different VLANs 6
management VLANs 7
non-CDP-capable devices 6
noncluster-capable devices 6
in switch clusters 4
automatic QoS
automatic recovery, clusters 9
auto-MDIX
configuring 20
described 20
autonegotiation
duplex mode 3
interface configuration guidelines 17
mismatches 11
autosensing, port speed 3
Auto Smartports macros
Cisco Medianet 2
configuration guidelines 4
default configuration 3
defined 1
displaying 19
event triggers 12
LLDP 1
mapping 9
user-defined macros 15
auxiliary VLAN
availability, features 7
B
BackboneFast
described 5
disabling 14
enabling 13
support for 7
backup interfaces
backup links 2
banners
configuring
login 18
message-of-the-day login 18
default configuration 17
when displayed 17
Berkeley r-tools replacement 50
binding database
DHCP snooping
See DHCP snooping binding database
bindings
DHCP snooping database 6
IP source guard 13
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 7
booting
boot loader, function of 2
boot process 1
manually 17
specific image 18
boot loader
accessing 18
described 2
environment variables 18
prompt 18
trap-door mechanism 2
BPDU
error-disabled state 2
filtering 3
RSTP format 12
BPDU filtering
described 3
disabling 12
enabling 12
support for 8
BPDU guard
described 2
disabling 12
enabling 11
support for 8
bridge protocol data unit
broadcast storm-control command 4
broadcast storms 1
C
cables, monitoring for unidirectional links 1
candidate switch
automatic discovery 4
defined 3
requirements 3
See also command switch, cluster standby group, and member switch
Catalyst 6000 switches
authentication compatibility 9
CA trustpoint
configuring 47
defined 45
CDP
and trusted boundary 35
automatic discovery in switch clusters 4
configuring 2
default configuration 2
defined with LLDP 1
described 1
disabling for routing device3to 4
enabling and disabling
on an interface 4
on a switch 3
monitoring 4
overview 1
power negotiation extensions 4
support for 5
transmission timer and holdtime, setting 2
updates 2
CGMP
as IGMP snooping learning method 8
joining multicast group 3
CipherSuites 46
Cisco 7960 IP Phone 1
Cisco Discovery Protocol
Cisco intelligent power management 4
Cisco IOS File System
Cisco IOS IP Service Level Agreements (SLAs) responder 4
Cisco IOS IP SLAs 1
Cisco Medianet
Cisco Secure ACS
attribute-value pairs for downloadable ACLs 20
attribute-value pairs for redirect URL 19
Cisco Secure ACS configuration guide 59
CISP 30
CIST regional root
CIST root
civic location 3
class maps for QoS
configuring 43
described 7
displaying 68
class of service
clearing interfaces 28
CLI
abbreviating commands 4
command modes 1
configuration logging 5
described 5
editing features
enabling and disabling 7
keystroke editing 7
wrapped lines 9
error messages 5
filtering command output 9
getting help 3
history
changing the buffer size 6
described 5
disabling 6
recalling commands 6
managing clusters 14
no and default forms of commands 4
Client Information Signalling Protocol
client mode, VTP 3
clock
clusters, switch
accessing 12
automatic discovery 4
automatic recovery 9
benefits 2
compatibility 4
described 1
LRE profile considerations 13
managing
through CLI 14
through SNMP 14
planning 4
planning considerations
automatic discovery 4
automatic recovery 9
CLI 14
host names 12
IP addresses 12
LRE profiles 13
passwords 12
RADIUS 13
TACACS+ 13
cluster standby group
automatic recovery 11
considerations 10
defined 2
requirements 3
virtual IP address 10
CNS 5
management functions 5
CoA Request Commands 23
Coarse Wave Division Multiplexer
command-line interface
command modes 1
commands
abbreviating 4
no and default 4
commands, setting privilege levels 8
command switch
accessing 10
active (AC) 9
configuration conflicts 11
defined 2
passive (PC) 9
password privilege levels 14
priority 9
recovery
from command-switch failure 9, 7
from lost member connectivity 11
redundant 9
replacing
with another switch 9
with cluster member 8
requirements 3
standby (SC) 9
See also candidate switch, cluster standby group, member switch, and standby command switch
community strings
for cluster switches 4
in clusters 13
overview 4
SNMP 13
compatibility, feature 12
config.text 16
configurable leave timer, IGMP 5
configuration, initial
defaults 14
Express Setup 2
configuration changes, logging 10
configuration conflicts, recovering from lost member connectivity 11
configuration examples, network 17
configuration files
archiving 19
clearing the startup configuration 19
creating using a text editor 10
default name 16
deleting a stored configuration 19
described 8
downloading
automatically 16
reasons for 8
using FTP 13
using RCP 17
using TFTP 11
guidelines for creating and using 9
guidelines for replacing and rolling back 20
invalid combinations when copying 5
limiting TFTP server access 16
obtaining with DHCP 8
password recovery disable considerations 5
replacing a running configuration 19, 20
rolling back a running configuration 19, 20
specifying the filename 16
system contact and location information 16
types and location 9
uploading
reasons for 8
using FTP 14
using RCP 18
using TFTP 11
configuration logger 10
configuration logging 5
configuration replacement 19
configuration rollback 19
configuration settings, saving 15
configure terminal command 10
configuring 802.1x user distribution 54
configuring port-based authentication violation modes 38
configuring small-frame arrival rate 5
config-vlan mode 2
conflicts, configuration 11
connections, secure remote 40
connectivity problems 13, 14, 16
consistency checks in VTP Version 2 5
console port, connecting to 10
control protocol, IP SLAs 4
corrupted software, recovery steps with Xmodem 2
CoS
in Layer 2 frames 2
override priority 6
trust priority 6
CoS input queue threshold map for QoS 14
CoS output queue threshold map for QoS 17
CoS-to-DSCP map for QoS 51
counters, clearing interface 28
CPU utilization, troubleshooting 23
crashinfo file 22
critical authentication, IEEE 802.1x 51
critical VLAN 22
cryptographic software image
SSH 39
SSL 44
customjzeable web pages, web-based authentication 6
CWDM SFPs 22
D
DACL
daylight saving time 13
debugging
enabling all system diagnostics 19
enabling for a specific feature 19
redirecting error message output 20
using commands 18
default commands 4
default configuration
802.1x 32
auto-QoS 19
banners 17
booting 16
CDP 2
DHCP 7
DHCP option 82 8
DHCP snooping 8
DHCP snooping binding database 8
DNS 16
dynamic ARP inspection 5
EtherChannel 9
Ethernet interfaces 14
Flex Links 8
IGMP filtering 24
IGMP throttling 24
initial switch information 3
IP SLAs 5
IP source guard 15
IPv6 6
Layer 2 interfaces 14
LLDP 5
MAC address table 20
MAC address-table move update 8
MSTP 14
MVR 19
NTP 4
optional spanning-tree configuration 9
password and privilege level 2
RADIUS 26
RMON 3
RSPAN 9
SDM template 2
SNMP 6
SPAN 9
SSL 46
standard QoS 28
STP 11
system message logging 3
system name and prompt 15
TACACS+ 13
UDLD 4
VLAN, Layer 2 Ethernet interfaces 14
VLANs 7
VMPS 24
voice VLAN 3
VTP 8
default gateway 14
default web-based authentication configuration
802.1X 9
deleting VLANs 9
denial-of-service attack 1
description command 25
designing your network, examples 17
destination addresses
in IPv4 ACLs 27
destination-IP address-based forwarding, EtherChannel 7
destination-MAC address forwarding, EtherChannel 7
detecting indirect link failures, STP 5
device 23
device discovery protocol 1
device manager
benefits 2
in-band management 6
upgrading a switch 23
DHCP
Cisco IOS server database
configuring 12
enabling
relay agent 9
DHCP-based autoconfiguration
client request message exchange 4
configuring
client side 3
DNS 7
relay device 8
server side 6
TFTP server 7
example 9
lease options
for IP address information 6
for receiving the configuration file 6
overview 3
relationship to BOOTP 3
relay support 5
support for 5
DHCP-based autoconfiguration and image update
understanding 5
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 5
configuration guidelines 8
default configuration 7
displaying 13
overview 3
packet format, suboption
circuit ID 5
remote ID 5
remote ID suboption 5
DHCP server port-based address allocation
configuration guidelines 22
default configuration 22
described 21
displaying 24
enabling 22
reserved addresses 22
DHCP server port-based address assignment
support for 5
DHCP snooping
accepting untrusted packets form edge switch 3, 10
binding database
See DHCP snooping binding database
configuration guidelines 8
default configuration 7
displaying binding tables 13
message exchange process 4
option 82 data insertion 3
trusted interface 3
untrusted interface 3
untrusted messages 2
DHCP snooping binding database
adding bindings 12
binding entries, displaying 13
binding file
format 6
location 6
bindings 6
clearing agent statistics 13
configuration guidelines 9
configuring 12
deleting
binding file 12
bindings 13
database agent 12
described 6
displaying 13
displaying status and statistics 13
enabling 12
entry 6
renewing database 13
resetting
delay value 12
timeout value 12
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 2
Differentiated Services Code Point 2
directed unicast requests 5
directories
changing 3
creating and removing 4
displaying the working 3
discovery, clusters
DNS
and DHCP-based autoconfiguration 7
default configuration 16
displaying the configuration 17
in IPv6 3
overview 15
setting up 16
support for 5
domain names
DNS 15
VTP 8
Domain Name System
downloading
configuration files
reasons for 8
using FTP 13
using RCP 17
using TFTP 11
image files
deleting old image 27
reasons for 23
using CMS 2
using FTP 29
using RCP 33
using TFTP 25
using the device manager or Network Assistant 23
DRP
support for 13
DSCP input queue threshold map for QoS 14
DSCP output queue threshold map for QoS 17
DSCP-to-CoS map for QoS 54
DSCP-to-DSCP-mutation map for QoS 55
DSCP transparency 36
dual-action detection 5
dual IPv4 and IPv6 templates 5
dual protocol stacks
IPv4 and IPv6 5
SDM templates supporting 5
dual-purpose uplinks
defined 4
LEDs 4
setting the type 15
dynamic access ports
characteristics 4
configuring 25
defined 3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 1
ARP requests, described 1
ARP spoofing attack 1
clearing
log buffer 15
statistics 14
configuration guidelines 6
configuring
ACLs for non-DHCP environments 8
in DHCP environments 7
log buffer 12
rate limit for incoming ARP packets 4, 10
default configuration 5
denial-of-service attacks, preventing 10
described 1
DHCP snooping binding database 2
displaying
ARP ACLs 14
configuration and operating state 14
log buffer 15
statistics 14
trust state and rate limit 14
error-disabled state for exceeding rate limit 4
function of 2
interface trust states 3
log buffer
clearing 15
configuring 12
displaying 15
logging of dropped packets, described 4
man-in-the middle attack, described 2
network security issues and interface trust states 3
priority of ARP ACLs and DHCP snooping entries 4
rate limiting of ARP packets
configuring 10
described 4
error-disabled state 4
statistics
clearing 14
displaying 14
validation checks, performing 11
dynamic auto trunking mode 13
dynamic desirable trunking mode 13
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 23
reconfirming 26
troubleshooting 28
types of connections 25
Dynamic Trunking Protocol
E
editing features
enabling and disabling 7
keystrokes used 7
wrapped lines 9
ELIN location 3
enable password 3
enable secret password 3
encryption, CipherSuite 46
encryption for passwords 3
environment variables, function of 19
error-disabled state, BPDU 2
error messages during command entry 5
EtherChannel
channel groups
binding physical and logical interfaces 3
numbering of 3
configuration guidelines 9
configuring Layer 2 interfaces 10
default configuration 9
described 2
displaying status 17
IEEE 802.3ad, described 5
interaction
with STP 10
with VLANs 10
LACP
described 5
displaying status 17
hot-standby ports 15
interaction with other features 6
modes 6
port priority 16
system priority 15
PAgP
aggregate-port learners 13
compatibility with Catalyst 1900 14
described 4
displaying status 17
interaction with other features 5
interaction with virtual switches 5
learn method and priority configuration 13
modes 4
support for 3
with dual-action detection 5
port-channel interfaces
described 3
numbering of 3
port groups 3
support for 3
EtherChannel guard
described 7
disabling 14
enabling 14
Ethernet VLANs
adding 7
defaults and ranges 7
modifying 7
EUI 3
events, RMON 3
examples
network configuration 17
expedite queue for QoS 67
Express Setup 2
See also getting started guide
extended crashinfo file 22
extended-range VLANs
configuration guidelines 11
configuring 10
creating 11
defined 1
extended system ID
MSTP 17
extended universal identifier
Extensible Authentication Protocol over LAN 1
F
fa0 interface 6
Fast Convergence 3
features, incompatible 12
fiber-optic, detecting unidirectional links 1
files
basic crashinfo
description 22
location 22
copying 4
crashinfo, description 22
deleting 5
displaying the contents of 8
extended crashinfo
description 22
location 22
tar
creating 6
displaying the contents of 6
extracting 7
image file format 24
file system
displaying available file systems 2
displaying file information 3
local file system names 1
network file system names 4
setting the default 3
filtering
non-IP traffic 39
show and more command output 9
filtering show and more command output 9
filters, IP
flash device, number of 1
flexible authentication ordering
configuring 62
overview 28
Flex Link Multicast Fast Convergence 3
Flex Links
configuration guidelines 8
configuring 9
configuring preferred VLAN 12
configuring VLAN load balancing 11
default configuration 8
description 2
link load balancing 2
monitoring 14
VLANs 2
flooded traffic, blocking 8
flow-based packet classification 12
flowcharts
QoS classification 6
QoS egress queueing and scheduling 16
QoS ingress queueing and scheduling 13
QoS policing and marking 10
flowcontrol
configuring 19
described 19
forward-delay time
MSTP 23
STP 21
FTP
accessing MIB files 3
configuration files
downloading 13
overview 12
preparing the server 13
uploading 14
image files
deleting old image 31
downloading 29
preparing the server 28
uploading 31
G
general query 5
Generating IGMP Reports 4
get-bulk-request operation 3
get-next-request operation 3, 4
get-response operation 3
global configuration mode 2
global leave, IGMP 12
guest VLAN and 802.1x 20
guide mode 2
GUIs
See device manager and Network Assistant
H
hello time
MSTP 22
STP 20
help, for the command line 3
history
changing the buffer size 6
described 5
disabling 6
recalling commands 6
history table, level and number of syslog messages 10
host names, in clusters 12
hosts, limit on dynamic ports 28
HP OpenView 5
HSRP
automatic cluster recovery 11
cluster standby group considerations 10
See also clusters, cluster standby group, and standby command switch
HTTP over SSL
HTTPS 44
configuring 48
self-signed certificate 45
HTTP secure server 44
I
ICMP
IPv6 3
time-exceeded messages 16
traceroute and 16
ICMP ping
executing 13
overview 13
ICMPv6 3
IDS appliances
and ingress RSPAN 20
and ingress SPAN 13
IEEE 802.1D
IEEE 802.1p 1
IEEE 802.1Q
and trunk ports 3
configuration limitations 14
encapsulation 13
native VLAN for untagged traffic 18
IEEE 802.1s
IEEE 802.1w
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3af
IEEE 802.3x flow control 19
ifIndex values, SNMP 5
IFS 6
IGMP
configurable leave timer
described 5
enabling 10
flooded multicast traffic
controlling the length of time 11
disabling on an interface 12
global leave 12
query solicitation 12
recovering from flood mode 12
joining multicast group 3
join messages 3
leave processing, enabling 10, 9
leaving multicast group 5
queries 4
report suppression
described 6
supported versions 2
support for 4
IGMP filtering
configuring 24
default configuration 24
described 23
monitoring 28
support for 4
IGMP groups
configuring filtering 27
setting the maximum number 26
IGMP Immediate Leave
configuration guidelines 10
described 5
enabling 10
IGMP profile
applying 25
configuration mode 24
configuring 25
IGMP snooping
and address aliasing 2
configuring 6
definition 1
global configuration 7
Immediate Leave 5
method 8
querier
configuration guidelines 13
configuring 13
supported versions 2
support for 4
VLAN configuration 7
IGMP throttling
configuring 27
default configuration 24
described 24
displaying action 28
Immediate Leave, IGMP 5
enabling 9
inaccessible authentication bypass 22
support for multiauth ports 23
initial configuration
defaults 14
Express Setup 2
interface
number 9
range macros 12
interface configuration mode 3
interfaces
auto-MDIX, configuring 20
configuration guidelines
duplex and speed 17
configuring
procedure 10
counters, clearing 28
default configuration 14
described 25
descriptive name, adding 25
displaying information about 27
flow control 19
management 4
monitoring 27
naming 25
physical, identifying 9
range of 10
restarting 28
shutting down 28
speed and duplex, configuring 18
status 27
supported 9
types of 1
interfaces range macro command 12
interface types 9
Internet Protocol version 6
Intrusion Detection System
IOS shell
IP ACLs
for QoS classification 7
implicit masks 25
named 30
undefined 35
IP addresses
128-bit 2
cluster access 2
discovering 30
IPv6 2
redundant clusters 10
ip igmp profile command 24
IP information
assigned
manually 14
through DHCP-based autoconfiguration 3
default configuration 3
IP phones
and QoS 1
automatic classification and queueing 19
configuring 4
ensuring port security with QoS 35
trusted boundary for QoS 35
IP Port Security for Static Hosts
on a Layer 2 access port 17
IP precedence 2
IP-precedence-to-DSCP map for QoS 52
IP protocols in ACLs 27
IP Service Level Agreements
IP service levels, analyzing 1
IP SLAs
benefits 2
configuration guidelines 5
Control Protocol 4
default configuration 5
definition 1
measuring network performance 3
monitoring 6
operation 3
responder
described 4
enabling 6
response time 4
SNMP support 2
supported metrics 2
IP source guard
and 802.1x 16
and DHCP snooping 13
and EtherChannels 16
and port security 16
and private VLANs 16
and routed ports 15
and TCAM entries 16
and trunk interfaces 15
and VRF 16
binding configuration
automatic 13
manual 13
binding table 13
configuration guidelines 15
default configuration 15
described 13
disabling 17
displaying
active IP or MAC bindings 21
bindings 21
configuration 21
filtering
source IP address 14
source IP and MAC address 14
source IP address filtering 14
source IP and MAC address filtering 14
static bindings
deleting 17
static hosts 17
IP traceroute
executing 17
overview 16
IPv4 ACLs
applying to interfaces 34
extended, creating 26
named 30
standard, creating 25
IPv4 and IPv6
dual protocol stacks 4
IPv6
addresses 2
address formats 2
applications 4
assigning address 6
autoconfiguration 4
configuring static routes 10
default configuration 6
defined 1
forwarding 6
ICMP 3
monitoring 11
neighbor discovery 3
SDM templates 1
Stateless Autoconfiguration 4
supported features 2
understanding static routes 5
J
join messages, IGMP 3
L
LACP
Layer 2 frames, classification with CoS 2
Layer 2 interfaces, default configuration 14
Layer 2 traceroute
and ARP 15
and CDP 15
broadcast traffic 14
described 14
IP addresses and subnets 15
MAC addresses and VLANs 15
multicast traffic 15
multiple devices on a port 15
unicast traffic 14
usage guidelines 15
Layer 3 features 13
Layer 3 interfaces
assigning IPv6 addresses to 7
Layer 3 packets, classification methods 2
Leaking IGMP Reports 4
LEDs, switch
See hardware installation guide
line configuration mode 3
Link Aggregation Control Protocol
link failure, detecting unidirectional 7
Link Layer Discovery Protocol
link local unicast addresses 3
link redundancy
links, unidirectional 1
link-state tracking
configuring 20
described 17
LLDP
configuring 5
characteristics 7
default configuration 5
enabling 6
monitoring and maintaining 11
overview 1
supported TLVs 2
switch stack considerations 2
transmission timer and holdtime, setting 7
LLDP-MED
configuring
procedures 5
TLVs 7
monitoring and maintaining 11
supported TLVs 2
LLDP Media Endpoint Discovery
local SPAN 2
login authentication
with RADIUS 28
with TACACS+ 14
login banners 17
log messages
Long-Reach Ethernet (LRE) technology 19
loop guard
described 9
enabling 15
support for 8
LRE profiles, considerations in switch clusters 13
M
MAB
MAB inactivity timer
default setting 33
range 35
MAC/PHY configuration status TLV 2
MAC addresses
aging time 21
and VLAN association 20
building the address table 20
default configuration 20
disabling learning on a VLAN 29
discovering 30
displaying 29
displaying in the IP source binding table 21
dynamic
learning 20
removing 21
in ACLs 39
static
adding 26
characteristics of 26
dropping 28
removing 27
MAC address learning 5
MAC address learning, disabling on a VLAN 29
MAC address notification, support for 14
MAC address-table move update
configuration guidelines 8
configuring 12
default configuration 8
description 6
monitoring 14
MAC address-to-VLAN mapping 22
MAC authentication bypass 35
configuring 54
overview 16
MAC extended access lists
applying to Layer 2 interfaces 40
configuring for QoS 42
creating 39
defined 39
for QoS classification 5
macros
magic packet 25
manageability features 5
management access
in-band
browser session 6
CLI session 6
device manager 6
SNMP 6
out-of-band console port connection 6
management address TLV 2
management options
CLI 1
clustering 3
Network Assistant 2
overview 4
management VLAN
considerations in switch clusters 7
discovery through different management VLANs 7
mapping tables for QoS
configuring
CoS-to-DSCP 51
DSCP 50
DSCP-to-CoS 54
DSCP-to-DSCP-mutation 55
IP-precedence-to-DSCP 52
policed-DSCP 53
described 10
marking
action with aggregate policers 48
matching, IPv4 ACLs 23
maximum aging time
MSTP 23
STP 21
maximum hop count, MSTP 24
maximum number of allowed devices, port-based authentication 35
MDA
configuration guidelines 13
exceptions with authentication process 6
Medianet
membership mode, VLAN port 3
member switch
automatic discovery 4
defined 2
managing 14
passwords 12
recovering from lost connectivity 11
requirements 3
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 17
MIBs
accessing files with FTP 3
location of files 3
overview 1
SNMP interaction with 4
supported 1
mirroring traffic for analysis 1
mismatches, autonegotiation 11
module number 9
monitoring
access groups 42
cables for unidirectional links 1
CDP 4
features 14
Flex Links 14
IGMP
filters 28
interfaces 27
IP SLAs operations 6
IPv4 ACL configuration 42
IPv6 11
MAC address-table move update 14
multicast router interfaces 16, 11
MVR 23
network traffic for analysis with probe 2
port
blocking 18
protection 18
speed and duplex mode 18
traffic flowing among switches 1
traffic suppression 18
VLANs 12
VMPS 27
VTP 16
mrouter Port 3
mrouter port 5
MSTP
boundary ports
configuration guidelines 15
described 6
BPDU filtering
described 3
enabling 12
BPDU guard
described 2
enabling 11
CIST, described 3
CIST root 5
configuration guidelines 14, 10
configuring
forward-delay time 23
hello time 22
link type for rapid convergence 24
maximum aging time 23
maximum hop count 24
MST region 15
neighbor type 25
path cost 20
port priority 19
root switch 17
secondary root switch 18
switch priority 21
CST
defined 3
operations between regions 3
default configuration 14
default optional feature configuration 9
displaying status 26
enabling the mode 15
EtherChannel guard
described 7
enabling 14
extended system ID
effects on root switch 17
effects on secondary root switch 18
unexpected behavior 17
IEEE 802.1s
implementation 6
port role naming change 6
terminology 5
instances supported 9
interface state, blocking to forwarding 2
interoperability and compatibility among modes 10
interoperability with IEEE 802.1D
described 8
restarting migration process 25
IST
defined 2
master 3
operations within a region 3
loop guard
described 9
enabling 15
mapping VLANs to MST instance 16
MST region
CIST 3
configuring 15
described 2
hop-count mechanism 5
IST 2
supported spanning-tree instances 2
optional features supported 8
overview 2
Port Fast
described 2
enabling 10
preventing root switch selection 8
root guard
described 8
enabling 15
root switch
configuring 17
effects of extended system ID 17
unexpected behavior 17
shutdown Port Fast-enabled port 2
status, displaying 26
multiauth
support for inaccessible authentication bypass 23
multiauth mode
See multiple-authentication mode
multicast groups
Immediate Leave 5
joining 3
leaving 5
multicast router interfaces, monitoring 16, 11
multicast router ports, adding 9, 8
multicast storm 1
multicast storm-control command 4
multicast television application 17
multicast VLAN 16
Multicast VLAN Registration
multidomain authentication
multiple authentication 14
multiple authentication mode
configuring 41
MVR
and address aliasing 20
and IGMPv3 20
configuration guidelines 19
configuring interfaces 21
default configuration 19
described 16
example application 17
modes 20
monitoring 23
multicast television application 17
setting global parameters 20
support for 4
N
NAC
critical authentication 22, 51
IEEE 802.1x authentication using a RADIUS server 57
IEEE 802.1x validation using RADIUS server 57
inaccessible authentication bypass 51
Layer 2 IEEE 802.1x validation 11, 28, 57
named IPv4 ACLs 30
native VLAN
configuring 18
default 18
NEAT
configuring 58
overview 29
neighbor discovery, IPv6 3
Network Admission Control
Network Assistant
benefits 2
described 4
downloading image files 2
guide mode 2
management options 2
upgrading a switch 23
wizards 2
network configuration examples
increasing network performance 18
long-distance, high-bandwidth transport 22
providing network services 18
server aggregation and Linux server cluster 20
small to medium-sized network 21
network design
performance 18
services 18
Network Edge Access Topology
network management
CDP 1
RMON 1
SNMP 1
network performance, measuring with IP SLAs 3
Network Time Protocol
no commands 4
nonhierarchical policy maps
described 9
non-IP traffic filtering 39
nontrunking mode 13
normal-range VLANs 4
configuration guidelines 6
configuring 4
defined 1
NTP
associations
authenticating 4
defined 2
enabling broadcast messages 6
peer 5
server 5
default configuration 4
displaying the configuration 11
overview 2
restricting access
creating an access group 8
disabling NTP services per interface 10
source IP address, configuring 10
stratum 2
support for 6
synchronizing devices 5
time
services 2
synchronizing 2
O
off mode, VTP 3
open1x
configuring 63
open1x authentication
overview 29
optimizing system resources 1
options, management 4
out-of-profile markdown 13
P
packet modification, with QoS 18
PAgP
passwords
default configuration 2
disabling recovery of 5
encrypting 3
for security 9
in clusters 12
overview 1
recovery of 3
setting
enable 3
enable secret 3
Telnet 6
with usernames 6
VTP domain 9
path cost
MSTP 20
STP 18
PC (passive command switch) 9
performance, network design 18
performance features 3
persistent self-signed certificate 45
per-user ACLs and Filter-Ids 9
per-VLAN spanning-tree plus
physical ports 2
PIM-DVMRP, as snooping method 8
ping
character output description 14
executing 13
overview 13
PoE
auto mode 6
CDP with power consumption, described 4
CDP with power negotiation, described 4
Cisco intelligent power management 4
configuring 21
cutoff power
determining 7
cutoff-power
support for 7
devices supported 4
high-power devices operating in low-power mode 5
IEEE power classification levels 5
monitoring 7
monitoring power 24
policing power consumption 24
policing power usage 7
power budgeting 22
powered-device detection and initial power allocation 5
power management modes 6
power monitoring 7
power negotiation extensions to CDP 4
power sensing 7
standards supported 4
static mode 6
total available power 8
troubleshooting 11
policed-DSCP map for QoS 53
policers
configuring
for each matched traffic class 45
for more than one traffic class 48
described 4
displaying 68
number of 31
types of 9
policing
described 4
token-bucket algorithm 9
policy maps for QoS
characteristics of 45
described 7
displaying 69
nonhierarchical on physical ports
described 9
port ACLs, described 20
Port Aggregation Protocol
port-based authentication
accounting 15
authentication server
RADIUS server 3
configuration guidelines 33, 9
configuring
802.1x authentication 39
guest VLAN 48
host mode 41
inaccessible authentication bypass 51
manual re-authentication of a client 44
periodic re-authentication 43
quiet period 44
RADIUS server parameters on the switch 40, 11
restricted VLAN 49
switch-to-client frame-retransmission number 45, 46
switch-to-client retransmission time 45
violation modes 38
described 1
downloadable ACLs and redirect URLs
EAPOL-start frame 6
EAP-request/identity frame 6
EAP-response/identity frame 6
enabling
802.1X authentication 11
encapsulation 3
flexible authentication ordering
configuring 62
overview 28
guest VLAN
configuration guidelines 21, 22
described 20
host mode 12
inaccessible authentication bypass
configuring 51
described 22
guidelines 34
initiation and message exchange 6
magic packet 25
maximum number of allowed devices per port 35
method lists 39
multiple authentication 14
per-user ACLs
configuration tasks 19
described 18
RADIUS server attributes 18
ports
authorization state and dot1x port-control command 11
authorized and unauthorized 11
voice VLAN 24
port security
and voice VLAN 25
described 24
interactions 25
multiple-hosts mode 12
readiness check
configuring 35
resetting to default values 64
statistics, displaying 64
switch
RADIUS client 3
switch supplicant
configuring 58
overview 29
user distribution
guidelines 27
overview 27
VLAN assignment
AAA authorization 39
characteristics 17
configuration tasks 17
described 16
voice aware 802.1x security
configuring 36
voice VLAN
described 24
PVID 24
VVID 24
wake-on-LAN, described 25
with ACLs and RADIUS Filter-Id attribute 31
port-based authentication methods, supported 8
port-channel
port description TLV 2
Port Fast
described 2
enabling 10
mode, spanning tree 24
support for 8
port membership modes, VLAN 3
port priority
MSTP 19
STP 16
ports
access 2
blocking 7
dual-purpose uplink 4
dynamic access 4
protected 6
secure 8
switch 2
VLAN assignments 9
port security
aging 17
and QoS trusted boundary 35
configuring 12
default configuration 11
described 8
displaying 18
on trunk ports 14
sticky learning 9
violations 10
with other features 11
port-shutdown response, VMPS 23
port VLAN ID TLV 2
Power over Ethernet
preemption, default configuration 8
preemption delay, default configuration 8
preferential treatment of traffic
preventing unauthorized access 1
primary links 2
priority
overriding CoS 6
trusting CoS 6
private VLAN edge ports
privileged EXEC mode 2
privilege levels
changing the default for lines 9
command switch 14
exiting 9
logging into 9
mapping on member switches 14
setting a command with 8
proxy reports 4
pruning, VTP
disabling
in VTP domain 15
on a port 18
enabling
in VTP domain 14
on a port 17
examples 6
overview 6
pruning-eligible list
changing 17
for VTP pruning 6
VLANs 15
PVST+
described 9
IEEE 802.1Q trunking interoperability 10
instances supported 9
Q
QoS
and MQC commands 1
auto-QoS
categorizing traffic 19
configuration and defaults display 27
configuration guidelines 24
described 19
disabling 25
displaying generated commands 25
displaying the initial configuration 27
effects on running configuration 24
egress queue defaults 20
enabling for VoIP 25
example configuration 26
ingress queue defaults 20
list of generated commands 21
basic model 4
classification
class maps, described 7
defined 4
DSCP transparency, described 36
flowchart 6
forwarding treatment 3
in frames and packets 3
options for IP traffic 5
options for non-IP traffic 5
policy maps, described 7
trust DSCP, described 5
trusted CoS, described 5
trust IP precedence, described 5
class maps
configuring 43
displaying 68
configuration guidelines
auto-QoS 24
standard QoS 31
configuring
aggregate policers 48
auto-QoS 19
default port CoS value 34
DSCP maps 50
DSCP transparency 36
DSCP trust states bordering another domain 37
egress queue characteristics 60
ingress queue characteristics 56
IP extended ACLs 41
IP standard ACLs 40
MAC ACLs 42
port trust states within the domain 33
trusted boundary 35
default auto configuration 19
default standard configuration 28
displaying statistics 68
DSCP transparency 36
egress queues
allocating buffer space 61
buffer allocation scheme, described 16
configuring shaped weights for SRR 65
configuring shared weights for SRR 66
described 4
displaying the threshold map 64
flowchart 16
mapping DSCP or CoS values 63
scheduling, described 4
setting WTD thresholds 61
WTD, described 17
enabling globally 32
flowcharts
classification 6
egress queueing and scheduling 16
ingress queueing and scheduling 13
policing and marking 10
implicit deny 7
ingress queues
allocating bandwidth 58
allocating buffer space 58
buffer and bandwidth allocation, described 14
configuring shared weights for SRR 58
configuring the priority queue 59
described 4
displaying the threshold map 57
flowchart 13
mapping DSCP or CoS values 57
priority queue, described 14
scheduling, described 4
setting WTD thresholds 57
WTD, described 14
IP phones
automatic classification and queueing 19
detection and trusted settings 19, 35
limiting bandwidth on egress interface 67
mapping tables
CoS-to-DSCP 51
displaying 68
DSCP-to-CoS 54
DSCP-to-DSCP-mutation 55
IP-precedence-to-DSCP 52
policed-DSCP 53
types of 10
marked-down actions 47
overview 2
packet modification 18
policers
described 8
displaying 68
number of 31
types of 9
policies, attaching to an interface 8
policing
token bucket algorithm 9
policy maps
characteristics of 45
displaying 69
nonhierarchical on physical ports 45
QoS label, defined 4
queues
configuring egress characteristics 60
configuring ingress characteristics 56
high priority (expedite) 18, 67
location of 11
SRR, described 12
WTD, described 12
rewrites 18
support for 12
trust states
bordering another domain 37
described 5
trusted device 35
within the domain 33
quality of service
queries, IGMP 4
query solicitation, IGMP 12
R
RADIUS
attributes
vendor-proprietary 36
vendor-specific 34
configuring
accounting 33
authentication 28
authorization 32
communication, per-server 26
multiple UDP ports 26
default configuration 26
defining AAA server groups 30
displaying the configuration 38
identifying the server 26
in clusters 13
limiting the services to the user 32
method list, defined 25
operation of 19
overview 18
server load balancing 38
suggested network environments 18
support for 11
tracking services accessed by user 33
RADIUS Change of Authorization 19
range
macro 12
of interfaces 11
rapid convergence 9
rapid per-VLAN spanning-tree plus
rapid PVST+
described 9
IEEE 802.1Q trunking interoperability 10
instances supported 9
Rapid Spanning Tree Protocol
rcommand command 14
RCP
configuration files
downloading 17
overview 15
preparing the server 16
uploading 18
image files
deleting old image 35
downloading 33
preparing the server 32
uploading 35
readiness check
port-based authentication
configuring 35
reconfirmation interval, VMPS, changing 26
reconfirming dynamic VLAN membership 26
recovery procedures 1
redundancy
EtherChannel 3
STP
backbone 8
path cost 21
port priority 19
redundant links and UplinkFast 13
reloading software 20
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
remote SPAN 2
report suppression, IGMP
described 6
resequencing ACL entries 30
reserved addresses in DHCP pools 22
resetting a UDLD-shutdown interface 6
responder, IP SLAs
described 4
enabling 6
response time, measuring with IP SLAs 4
restricted VLAN
configuring 49
described 21
using with IEEE 802.1x 21
restricting access
NTP services 8
overview 1
passwords and privilege levels 2
RADIUS 17
TACACS+ 10
retry count, VMPS, changing 27
RFC
1112, IP multicast and IGMP 2
1157, SNMPv1 2
1305, NTP 2
1757, RMON 2
1901, SNMPv2C 2
1902 to 1907, SNMPv2 2
2236, IP multicast and IGMP 2
2273-2275, SNMPv3 2
RFC 5176 Compliance 20
RMON
default configuration 3
displaying status 6
enabling alarms and events 3
groups supported 2
overview 1
statistics
collecting group Ethernet 5
collecting group history 5
support for 14
root guard
described 8
enabling 15
support for 8
root switch
MSTP 17
STP 14
RSPAN
characteristics 7
configuration guidelines 16
default configuration 9
defined 2
destination ports 6
displaying status 23
interaction with other features 8
monitored ports 5
monitoring ports 6
received traffic 4
sessions
creating 17
defined 3
limiting source traffic to specific VLANs 22
specifying monitored ports 17
with ingress traffic enabled 20
source ports 5
transmitted traffic 5
VLAN-based 6
RSTP
active topology 9
BPDU
format 12
processing 12
designated port, defined 9
designated switch, defined 9
interoperability with IEEE 802.1D
described 8
restarting migration process 25
topology changes 13
overview 8
port roles
described 9
synchronized 11
proposal-agreement handshake process 10
rapid convergence
described 9
edge ports and Port Fast 9
root ports 10
root port, defined 9
running configuration
running configuration, saving 15
S
SC (standby command switch) 9
scheduled reloads 20
SCP
and SSH 51
configuring 51
SDM
templates
configuring 3
number of 1
SDM template
configuration guidelines 2
configuring 2
types of 1
secure HTTP client
configuring 49
displaying 50
secure HTTP server
configuring 48
displaying 50
secure MAC addresses
deleting 16
maximum number of 10
types of 9
secure ports, configuring 8
secure remote connections 40
Secure Socket Layer
security, port 8
security features 9
sequence numbers in log messages 8
server mode, VTP 3
service-provider network, MSTP and RSTP 1
set-request operation 4
setup program
failed command switch replacement 9
replacing failed command switch 8
severity levels, defining in system messages 8
SFPs
security and identification 12
status, displaying 13
shaped round robin
Shell functions
Shell triggers
show access-lists hw-summary command 36
show and more command output, filtering 9
show cdp traffic command 5
show cluster members command 14
show configuration command 25
show forward command 20
show interfaces command 18, 25
show interfaces switchport 4
show lldp traffic command 12
show platform forward command 20
show running-config command
interface description in 25
shutdown command on interfaces 28
Simple Network Management Protocol
small-frame arrival rate, configuring 5
Smartports macros
applying Cisco-default macros 18
applying global parameter values 18
configuration guidelines 17
default configuration 17
defined 1
displaying 19
tracing 17
SNAP 1
SNMP
accessing MIB variables with 4
agent
described 4
disabling 7
and IP SLAs 2
authentication level 10
community strings
configuring 8
for cluster switches 4
overview 4
configuration examples 17
default configuration 6
engine ID 7
host 7
ifIndex values 5
in-band management 6
in clusters 13
informs
and trap keyword 11
described 5
differences from traps 5
disabling 15
enabling 15
limiting access by TFTP servers 16
limiting system log messages to NMS 10
managing clusters with 14
MIBs
location of 3
supported 1
notifications 5
security levels 3
setting CPU threshold notification 15
status, displaying 18
system contact and location 16
trap manager, configuring 13
traps
differences from informs 5
disabling 15
enabling 11
enabling MAC address notification 21, 23, 25
types of 12
versions supported 2
SNMP and Syslog Over IPv6 5
SNMPv1 2
SNMPv2C 2
SNMPv3 2
snooping, IGMP 1
software images
location in flash 23
recovery procedures 2
scheduling reloads 20
tar file format, described 24
See also downloading and uploading
source addresses
in IPv4 ACLs 27
source-and-destination-IP address based forwarding, EtherChannel 7
source-and-destination MAC address forwarding, EtherChannel 7
source-IP address based forwarding, EtherChannel 7
source-MAC address forwarding, EtherChannel 7
SPAN
configuration guidelines 10
default configuration 9
destination ports 6
displaying status 23
interaction with other features 8
monitored ports 5
monitoring ports 6
ports, restrictions 12
received traffic 4
sessions
configuring ingress forwarding 14, 21
creating 10
defined 3
limiting source traffic to specific VLANs 15
removing destination (monitoring) ports 12
specifying monitored ports 10
with ingress traffic enabled 13
source ports 5
transmitted traffic 5
VLAN-based 6
spanning tree and native VLANs 14
Spanning Tree Protocol
SPAN traffic 4
SRR
configuring
shaped weights on egress queues 65
shared weights on egress queues 66
shared weights on ingress queues 58
described 12
shaped mode 13
shared mode 13
support for 13
SSH
configuring 41
cryptographic software image 39
encryption methods 40
user authentication methods, supported 40
SSL
configuration guidelines 47
configuring a secure HTTP client 49
configuring a secure HTTP server 48
cryptographic software image 44
described 44
monitoring 50
standby command switch
considerations 10
defined 2
priority 9
requirements 3
virtual IP address 10
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby links 2
startup configuration
booting
manually 17
specific image 18
clearing 19
configuration file
automatically downloading 16
specifying the filename 16
default boot configuration 16
static access ports
assigning to VLAN 9
defined 3
static addresses
static MAC addressing 9
static routes
configuring for IPv6 10
understanding 5
static VLAN membership 2
statistics
802.1X 17
802.1x 64
CDP 4
interface 27
LLDP 11
LLDP-MED 11
NMSP 11
QoS ingress and egress 68
RMON group Ethernet 5
RMON group history 5
SNMP input and output 18
VTP 16
sticky learning 9
storm control
configuring 3
described 1
disabling 5
displaying 18
support for 3
thresholds 1
STP
accelerating root port selection 4
BackboneFast
described 5
disabling 14
enabling 13
BPDU filtering
described 3
disabling 12
enabling 12
BPDU guard
described 2
disabling 12
enabling 11
BPDU message exchange 3
configuration guidelines 12, 10
configuring
forward-delay time 21
hello time 20
maximum aging time 21
path cost 18
port priority 16
root switch 14
secondary root switch 16
spanning-tree mode 13
switch priority 19
transmit hold-count 22
counters, clearing 22
default configuration 11
default optional feature configuration 9
designated port, defined 3
designated switch, defined 3
detecting indirect link failures 5
disabling 14
displaying status 22
EtherChannel guard
described 7
disabling 14
enabling 14
extended system ID
effects on root switch 14
effects on the secondary root switch 16
overview 4
unexpected behavior 14
features supported 7
IEEE 802.1D and bridge ID 4
IEEE 802.1D and multicast addresses 8
IEEE 802.1t and VLAN identifier 4
inferior BPDU 3
instances supported 9
interface state, blocking to forwarding 2
interface states
blocking 5
disabled 7
learning 6
listening 6
overview 4
interoperability and compatibility among modes 10
limitations with IEEE 802.1Q trunks 10
load sharing
overview 19
using path costs 21
using port priorities 19
loop guard
described 9
enabling 15
modes supported 9
multicast addresses, effect of 8
optional features supported 8
overview 2
path costs 21
Port Fast
described 2
enabling 10
port priorities 20
preventing root switch selection 8
protocols supported 9
redundant connectivity 8
root guard
described 8
enabling 15
root port, defined 3
root switch
configuring 14
effects of extended system ID 4, 14
election 3
unexpected behavior 14
shutdown Port Fast-enabled port 2
status, displaying 22
superior BPDU 3
timers, described 20
UplinkFast
described 3
enabling 13
stratum, NTP 2
success response, VMPS 23
summer time 13
SunNet Manager 5
supported port-based authentication methods 8
Smartports macros
See also Auto Smartports macros
switch 2
switch clustering technology 1
switch console port 6
Switch Database Management
Switched Port Analyzer
switched ports 2
switchport backup interface 4, 5
switchport block multicast command 8
switchport block unicast command 8
switchport protected command 7
switch priority
MSTP 21
STP 19
switch software features 1
syslog
system capabilities TLV 2
system clock
configuring
daylight saving time 13
manually 11
summer time 13
time zones 12
displaying the time and date 12
overview 1
system description TLV 2
system message logging
default configuration 3
defining error message severity levels 8
disabling 4
displaying the configuration 13
enabling 4
facility keywords, described 13
level keywords, described 9
limiting messages 10
message format 2
overview 1
sequence numbers, enabling and disabling 8
setting the display destination device 5
synchronizing log messages 6
syslog facility 14
time stamps, enabling and disabling 7
UNIX syslog servers
configuring the daemon 12
configuring the logging facility 12
facilities supported 13
system name
default configuration 15
default setting 15
manual configuration 15
system name TLV 2
system prompt, default setting 14, 15
system resources, optimizing 1
T
TACACS+
accounting, defined 11
authentication, defined 11
authorization, defined 11
configuring
accounting 17
authentication key 13
authorization 16
login authentication 14
default configuration 13
displaying the configuration 17
identifying the server 13
in clusters 13
limiting the services to the user 16
operation of 12
overview 10
support for 11
tracking services accessed by user 17
tar files
creating 6
displaying the contents of 6
extracting 7
image file format 24
TDR 14
Telnet
accessing management interfaces 10
number of connections 6
setting a password 6
temporary self-signed certificate 45
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 6
TFTP
configuration files
downloading 11
preparing the server 10
uploading 11
configuration files in base directory 7
configuring for autoconfiguration 7
image files
deleting 27
downloading 25
preparing the server 25
uploading 27
limiting access by servers 16
TFTP server 5
threshold, traffic level 2
time
Time Domain Reflector
time-range command 32
time ranges in ACLs 32
time stamps in log messages 7
time zones 12
TLVs
defined 1
LLDP 2
LLDP-MED 2
Token Ring VLANs
support for 5
VTP support 4
ToS 12
traceroute, Layer 2
and ARP 15
and CDP 15
broadcast traffic 14
described 14
IP addresses and subnets 15
MAC addresses and VLANs 15
multicast traffic 15
multiple devices on a port 15
unicast traffic 14
usage guidelines 15
traceroute command 17
traffic
blocking flooded 8
fragmented 21
unfragmented 21
traffic policing 13
traffic suppression 1
transmit hold-count
transparent mode, VTP 3
trap-door mechanism 2
traps
configuring MAC address notification 21, 23, 25
configuring managers 11
defined 3
notification types 12
troubleshooting
connectivity problems 13, 14, 16
CPU utilization 23
detecting unidirectional links 1
displaying crash information 22
setting packet forwarding 20
SFP security and identification 12
show forward command 20
with CiscoWorks 4
with debug commands 18
with ping 13
with system message logging 1
with traceroute 16
trunk failover
trunking encapsulation 8
trunk ports
configuring 15
defined 3
trunks
allowed-VLAN list 16
load sharing
setting STP path costs 21
using STP port priorities 19, 20
native VLAN for untagged traffic 18
parallel 21
pruning-eligible list 17
to non-DTP device 13
trusted boundary for QoS 35
trusted port states
between QoS domains 37
classification options 5
ensuring port security for IP phones 35
support for 12
within a QoS domain 33
trustpoints, CA 44
twisted-pair Ethernet, detecting unidirectional links 1
type of service
U
UDLD
configuration guidelines 4
default configuration 4
disabling
globally 5
on fiber-optic interfaces 5
per interface 5
echoing detection mechanism 2
enabling
globally 5
per interface 5
link-detection mechanism 1
neighbor database 2
overview 1
resetting an interface 6
status, displaying 6
support for 7
unauthorized ports with IEEE 802.1x 11
unicast MAC address filtering 5
and adding static addresses 27
and broadcast MAC addresses 27
and CPU packets 27
and multicast addresses 27
and router MAC addresses 27
configuration guidelines 27
described 27
unicast storm 1
unicast storm control command 4
unicast traffic, blocking 8
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 12
facilities supported 13
message logging configuration 12
unrecognized Type-Length-Value (TLV) support 4
upgrading a Catalyst 2950 switch
configuration compatibility issues 1
differences in configuration commands 1
feature behavior incompatibilities 5
incompatible command messages 1
recommendations 1
upgrading software images
UplinkFast
described 3
disabling 13
enabling 13
support for 7
uploading
configuration files
reasons for 8
using FTP 14
using RCP 18
using TFTP 11
image files
reasons for 23
using FTP 31
using RCP 35
using TFTP 27
user EXEC mode 2
username-based authentication 6
V
version-dependent transparent mode 4
virtual IP address
cluster standby group 10
command switch 10
virtual switches and PAgP 5
vlan.dat file 4
VLAN 1, disabling on a trunk port 17
VLAN 1 minimization 16
vlan-assignment response, VMPS 23
VLAN configuration
at bootup 7
saving 7
VLAN configuration mode 2
VLAN database
and startup configuration file 7
and VTP 1
VLAN configuration saved in 6
VLANs saved in 4
VLAN filtering and SPAN 6
vlan global configuration command 6
VLAN ID, discovering 30
VLAN load balancing on flex links 2
configuration guidelines 8
VLAN management domain 2
VLAN Management Policy Server
VLAN membership
confirming 26
modes 3
VLAN Query Protocol
VLANs
adding 7
adding to VLAN database 7
aging dynamic addresses 9
allowed on trunk 16
and spanning-tree instances 3, 6, 11
configuration guidelines, extended-range VLANs 11
configuration guidelines, normal-range VLANs 6
configuring 1
configuring IDs 1006 to 4094 11
creating 8
default configuration 7
deleting 9
displaying 12
features 8
illustrated 2
limiting source traffic with RSPAN 22
limiting source traffic with SPAN 15
modifying 7
multicast 16
native, configuring 18
number supported 8
parameters 5
port membership modes 3
static-access ports 9
STP and IEEE 802.1Q trunks 10
supported 2
Token Ring 5
traffic between 2
VTP modes 3
VLAN Trunking Protocol
VLAN trunks 13
VMPS
administering 27
configuration example 28
configuration guidelines 24
default configuration 24
description 22
dynamic port membership
described 23
reconfirming 26
troubleshooting 28
entering server address 25
mapping MAC addresses to VLANs 22
monitoring 27
reconfirmation interval, changing 26
reconfirming membership 26
retry count, changing 27
voice aware 802.1x security
port-based authentication
configuring 36
voice-over-IP 1
voice VLAN
Cisco 7960 phone, port connections 1
configuration guidelines 3
configuring IP phones for data traffic
override CoS of incoming frame 6
trust CoS priority of incoming frame 6
configuring ports for voice traffic in
802.1p priority tagged frames 5
802.1Q frames 5
connecting to an IP phone 4
default configuration 3
described 1
displaying 7
IP phone data traffic, described 2
IP phone voice traffic, described 2
VTP
adding a client to a domain 15
and extended-range VLANs 2
and normal-range VLANs 2
client mode, configuring 12
configuration
guidelines 8
requirements 10
saving 8
configuration requirements 10
configuration revision number
guideline 15
resetting 16
consistency checks 5
default configuration 8
described 1
domain names 8
domains 2
modes
client 3
off 3
server 3
transitions 3
transparent 3
monitoring 16
passwords 9
pruning
disabling 15
enabling 14
examples 6
overview 6
support for 8
pruning-eligible list, changing 17
server mode, configuring 10, 13
statistics 16
support for 8
Token Ring support 4
transparent mode, configuring 10
using 1
Version
enabling 13
version, guidelines 9
Version 1 4
Version 2
configuration guidelines 9
overview 4
Version 3
overview 5
W
web authentication 16
configuring16to ??
described 9
web-based authentication
customizeable web pages 6
description 1
web-based authentication, interactions with other features 7
weighted tail drop
wired location service
configuring 10
displaying 11
location TLV 3
understanding 3
wizards 2
WTD
described 12
setting thresholds
egress queue-sets 61
ingress queues 57
support for 13
X
Xmodem protocol 2
Feedback