Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
Numerics
802.1D
See STP
802.1Q
and trunk ports 10-3
configuration limitations 12-19
encapsulation 12-16
native VLAN for untagged traffic 12-23
802.1s
See MSTP
802.1w
See RSTP
802.1x
See port-based authentication
802.3ad
See EtherChannel
802.3af
See PoE
802.3z flow control 10-15
A
abbreviating commands 2-3
ABRs 33-24
AC (command switch) 5-10, 5-18
access-class command 30-19
access control entries
See ACEs
access-denied response, VMPS 12-28
access groups
applying ACLs to interfaces 30-20
IP 30-20
Layer 2 30-20
Layer 3 30-20
accessing
clusters, switch 5-13
command switches 5-11
member switches 5-13
switch clusters 5-13
access lists
See ACLs
access ports
defined 10-3
in switch clusters 5-9
accounting
with 802.1x 9-5, 9-20
with RADIUS 8-28
with TACACS+ 8-11, 8-17
ACEs
and QoS 31-7
defined 30-2
Ethernet 30-2
IP 30-2
ACLs
ACEs 30-2
any keyword 30-12
applying
on bridged packets 30-37
on multicast packets 30-39
on routed packets 30-38
on switched packets 30-37
time ranges to 30-16
ACLs (continued)
applying (continued)
to an interface 30-19
to QoS 31-7
classifying traffic for QoS 31-38
comments in 30-18
compiling 30-22
configuring with VLAN maps 30-36
defined 30-1, 30-7
examples of 30-22, 31-38
extended IP
configuring for QoS classification 31-40
creating 30-10
matching criteria 30-7
hardware and software handling 30-21
host keyword 30-12
IP
applying to an interface 30-19
applying to interfaces 30-19
creating 30-7
fragments and QoS guidelines 31-31
implicit deny 30-9, 30-13, 30-15
implicit masks 30-9
matching criteria 30-7
named 30-14
terminal lines, setting on 30-19
undefined 30-21
violations, logging 30-15
limiting actions 30-37
logging messages 30-9
log keyword 30-15
MAC extended 30-26, 31-41
matching 30-7, 30-20
monitoring 30-39
named 30-14
number per QoS class map 31-31
numbers 30-7
port 30-2
precedence of 30-2
ACLs (continued)
QoS 31-7, 31-38
resequencing entries 30-14
router 30-2
standard IP
configuring for QoS classification 31-39
creating 30-8
matching criteria 30-7
supported features 30-21
support for 1-6
time ranges 30-16
unsupported features 30-6
using router ACLs with VLAN maps 30-36
VLAN maps
configuration guidelines 30-29
configuring 30-29
active links 19-1
active router 34-1
address aliasing 22-2
addresses
displaying the MAC address table 6-27
dynamic
accelerated aging 16-8
changing the aging time 6-22
default aging 16-8
defined 6-20
learning 6-21
removing 6-22
MAC, discovering 6-27
multicast
group address range 35-3
STP address management 16-8
static
adding and removing 6-25
defined 6-20
address resolution 6-27, 33-8
Address Resolution Protocol
See ARP
adjacency tables, with CEF 33-60
administrative distances
defined 33-71
OSPF 33-29
routing protocol defaults 33-62
advertisements
CDP 24-1
RIP 33-19
VTP 12-19, 13-3
aggregate addresses, BGP 33-55
aggregated ports
See EtherChannel
aggregate policers 31-47
aggregate policing 1-7
aging, accelerating 16-8
aging time
accelerated
for MSTP 17-20
for STP 16-8, 16-21
MAC address table 6-22
maximum
for MSTP 17-21
for STP 16-21
alarms, RMON 27-3
allowed-VLAN list 12-21
area border routers
See ABRs
ARP
configuring 33-9
defined 1-4, 6-27, 33-8
encapsulation 33-10
static cache configuration 33-9
table
address resolution 6-27
managing 6-27
ASBRs 33-24
AS-path filters, BGP 33-49
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-29
audience xxxv
authentication
EIGRP 33-37
HSRP 34-9
local mode with AAA 8-36
NTP associations 6-5
RADIUS
key 8-21
login 8-23
See also port-based authentication
TACACS+
defined 8-11
key 8-13
login 8-14
authentication keys, and routing protocols 33-72
authoritative time source, described 6-2
authorization
with RADIUS 8-27
with TACACS+ 8-11, 8-16
authorized ports with 802.1x 9-4
autoconfiguration 4-3
automatic discovery
adding member switches 5-16
considerations
beyond a noncandidate device 5-7
brand new switches 5-9
connectivity 5-4
different VLANs 5-6
management VLANs 5-7
non-CDP-capable devices 5-6
noncluster-capable devices 5-6
routed ports 5-8
creating a cluster standby group 5-18
in switch clusters 5-4
See also CDP
automatic QoS
See QoS
automatic recovery, clusters 5-10
See also HSRP
autonegotiation
duplex mode 1-3
interface configuration guidelines 10-14
mismatches 38-12
autonomous system boundary routers
See ASBRs
autonomous systems, in BGP 33-43
Auto-RP, described 35-5
autosensing, port speed 1-3
auxiliary VLAN
See voice VLAN
availability, features 1-5
B
BackboneFast
described 18-5
disabling 18-14
enabling 18-13
support for 1-5
backup interfaces
See Flex Links
backup links 19-1
banners
configuring
login 6-20
message-of-the-day login 6-19
default configuration 6-18
when displayed 6-18
BGP
aggregate addresses 33-55
aggregate routes, configuring 33-55
CIDR 33-55
clear commands 33-58
community filtering 33-51
configuring neighbors 33-53
default configuration 33-41
described 33-40
enabling 33-43
BGP (continued)
monitoring 33-58
multipath support 33-46
neighbors, types of 33-43
path selection 33-46
peers, configuring 33-53
prefix filtering 33-50
resetting sessions 33-45
route dampening 33-57
route maps 33-48
route reflectors 33-56
routing domain confederation 33-55
show commands 33-58
supernets 33-55
support for 1-8
Version 4 33-40
binding cluster group and HSRP group 34-11
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 20-5
DHCP snooping database 20-5
IP source guard 20-15
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 23-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-13
boot loader
accessing 4-14
described 4-2
environment variables 4-14
boot loader (continued)
prompt 4-14
trap-door mechanism 4-2
bootstrap router (BSR), described 35-5
Border Gateway Protocol
See BGP
BPDU
error-disabled state 18-3
filtering 18-3
RSTP format 17-9
BPDU filtering
described 18-3
disabling 18-12
enabling 18-12
support for 1-5
BPDU guard
described 18-3
disabling 18-11
enabling 18-11
support for 1-5
bridged packets, ACLs on 30-37
bridge groups
See fallback bridging
bridge protocol data unit
See BPDU
broadcast flooding 33-16
broadcast packets
directed 33-13
flooded 33-13
broadcast storm-control command 23-3
broadcast storms 23-2, 33-13
C
cables, monitoring for unidirectional links 25-1
candidate switch
adding 5-16
automatic discovery 5-4
defined 5-3
candidate switch (continued)
HC 5-19
passwords 5-17
requirements 5-3
standby group 5-18
See also command switch, cluster standby group, and member switch
caution, described xxxvi
CC (command switch) 5-19
CDP
and trusted boundary 31-35
automatic discovery in switch clusters 5-4
configuring 24-2
default configuration 24-2
described 24-1
disabling for routing device 24-3 to 24-4
enabling and disabling
on an interface 24-4
on a switch 24-3
monitoring 24-5
overview 24-1
support for 1-4
transmission timer and holdtime, setting 24-2
updates 24-2
CEF 33-59
CGMP
as IGMP snooping learning method 22-7
clearing cached group entries 35-50
enabling server support 35-32
joining multicast group 22-3
overview 35-7
server support only 35-7
switch support of 1-3
CIDR 33-55
Cisco 7960 IP Phone 15-1
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
See IFS
CiscoWorks 2000 1-4, 29-4
classless interdomain routing
See CIDR
classless routing 33-6
class maps for QoS
configuring 31-42
described 31-7
displaying 31-67
class of service
See CoS
clearing interfaces 10-23
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 5-20
no and default forms of commands 2-4
client mode, VTP 13-3
clock
See system clock
Cluster Management Suite
See CMS
cluster requirements
See release notes
clusters, switch
accessing 5-13
adding member switches 5-16
automatic discovery 5-4
automatic recovery 5-10
benefits 1-2
command switch configuration 5-16
compatibility 5-4
creating 5-15
creating a cluster standby group 5-18
described 5-1
LRE profile considerations 5-15
managing
through CLI 5-20
through SNMP 5-21
planning 5-4
planning considerations
automatic discovery 5-4
automatic recovery 5-10
CLI 5-20
host names 5-13
IP addresses 5-13
LRE profiles 5-15
passwords 5-14
RADIUS 5-14
SNMP 5-14, 5-21
switch-specific features 5-15
TACACS+ 5-14
redundancy 5-18
troubleshooting 5-20
verifying 5-19, 5-20
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
cluster standby group
and HSRP group 34-11
automatic recovery 5-12
considerations 5-11
creating 5-18
defined 5-2
requirements 5-3
virtual IP address 5-11
See also HSRP
CMS
benefits 1-2
configuration modes 3-5
described 1-2, 1-4
downloading image files 1-2, 3-15, B-20
Front Panel view, described 3-1
operating systems and supported browsers 3-8
privilege levels 3-6
requirements 3-7 to 3-8
Topology view 3-14
wizards 3-6
Coarse Wave Division Multiplexer
See CWDM SFPs
command-line interface
See CLI
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 8-8
command switch
accessing 5-11
active (AC) 5-10, 5-18
command switch with HSRP disabled (CC) 5-19
configuration conflicts 38-11
defined 5-2
enabling 5-16
passive (PC) 5-10, 5-18
password privilege levels 5-21
priority 5-10
command switch (continued)
recovery
from command-switch failure 5-10, 38-8
from lost member connectivity 38-11
redundant 5-10, 5-18
replacing
with another switch 38-10
with cluster member 38-8
requirements 5-2
standby (SC) 5-10, 5-18
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 33-52
community ports 14-2
community strings
configuring 5-14, 29-8
for cluster switches 29-4
in clusters 5-14
overview 29-4
SNMP 5-14
community VLANs 14-2, 14-3
config.text 4-12
configuration, initial
defaults 1-9
Express Setup 1-2, 1-9, 3-11
setup (CLI) program 1-9
See also hardware installation guide
configuration conflicts, recovering from lost member connectivity 38-11
configuration examples, network 1-12
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 4-12
deleting a stored configuration B-19
described B-8
downloading
automatically 4-12
preparing B-10, B-13, B-16
configuration files (continued)
downloading (continued)
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-8
invalid combinations when copying B-5
limiting TFTP server access 29-15
obtaining with DHCP 4-7
password recovery disable considerations 8-5
specifying the filename 4-12
system contact and location information 29-14
types and location B-9
uploading
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
configuration modes, CMS 3-5
configuration settings, saving 4-10
configure terminal command 10-8
config-vlan mode 2-2, 12-7
conflicts, configuration 38-11
connections, secure remote 8-38
connectivity problems 38-13, 38-14, 38-16
consistency checks in VTP Version 2 13-4
console port, connecting to 2-9
conventions
command xxxvi
for examples xxxvi
publication xxxvi
text xxxvi
corrupted software, recovery steps with Xmodem 38-2
CoS
in Layer 2 frames 31-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 31-14
CoS output queue threshold map for QoS 31-17
CoS-to-DSCP map for QoS 31-50
counters, clearing interface 10-23
crashinfo file 38-22
cryptographic software image
Kerberos 8-32
SSH 8-37
CWDM SFPs 1-16
D
daylight saving time 6-13
debugging
enabling all system diagnostics 38-19
enabling for a specific feature 38-18
redirecting error message output 38-19
using commands 38-18
default commands 2-4
default configuration
802.1x 9-10
auto-QoS 31-18
banners 6-18
BGP 33-41
booting 4-11
CDP 24-2
DHCP 20-7
DHCP option 82 20-7
DHCP snooping 20-7
DHCP snooping binding database 20-7
DNS 6-17
dynamic ARP inspection 21-5
EIGRP 33-34
EtherChannel 32-9
fallback bridging 37-3
Flex Links 19-2
HSRP 34-4
IGMP 35-26
IGMP filtering 22-19
default configuration (continued)
IGMP snooping 22-6
IGMP throttling 22-19
initial switch information 4-3
IP addressing, IP routing 33-4
IP multicast routing 35-8
IP source guard 20-16
Layer 2 interfaces 10-12
MAC address table 6-22
MSDP 36-4
MSTP 17-12
MVR 22-14
NTP 6-4
optional spanning-tree configuration 18-9
OSPF 33-25
password and privilege level 8-2
PIM 35-8
private VLANs 14-6
RADIUS 8-20
RIP 33-19
RMON 27-3
RSPAN 26-10
SNMP 29-6
SPAN 26-10
standard QoS 31-29
STP 16-11
system message logging 28-3
system name and prompt 6-15
TACACS+ 8-13
UDLD 25-4
VLAN, Layer 2 Ethernet interfaces 12-19
VLANs 12-8
VMPS 12-29
voice VLAN 15-3
VTP 13-6
default gateway 4-10, 33-11
default networks 33-63
default routes 33-62
default routing 33-2
deleting VLANs 12-10
description command 10-19
designing your network, examples 1-12
destination addresses, in ACLs 30-11
destination-IP address-based forwarding, EtherChannel 32-7
destination-MAC address forwarding, EtherChannel 32-7
detecting indirect link failures, STP 18-5
device discovery protocol 24-1
Device Manager 3-9
DHCP
Cisco IOS server database
configuring 20-12
default configuration 20-7
described 20-5
enabling
relay agent 20-9
server 20-8
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-6
relay device 4-6
server side 4-5
server-side 20-8
TFTP server 4-5
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
overview 4-3
relationship to BOOTP 4-3
relay support 1-4, 1-8
support for 1-4
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 20-4
configuration guidelines 20-7
default configuration 20-7
displaying 20-13
forwarding address, specifying 20-9
helper address 20-9
overview 20-3
packet format, suboption
circuit ID 20-4
remote ID 20-4
remote ID suboption 20-4
DHCP snooping
and private VLANs 20-11
binding database
See DHCP snooping binding database
configuration guidelines 20-7
default configuration 20-7
displaying binding database 20-14
displaying configuration 20-13
message exchange process 20-4
option 82 data insertion 20-3
trusted interface 20-2
untrusted interface 20-2
untrusted messages 20-2
DHCP snooping binding database
adding bindings 20-12
binding file
format 20-6
location 20-5
bindings 20-5
clearing agent statistics 20-12
configuration guidelines 20-8
configuring 20-12
default configuration 20-7
deleting
binding file 20-12
bindings 20-13
database agent 20-12
DHCP snooping binding database (continued)
described 20-5
displaying
binding entries 20-13
status and statistics 20-14
enabling 20-12
entry 20-5
renewing database 20-12
resetting
delay value 20-12
timeout value 20-12
updating process 20-6
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 31-1
Differentiated Services Code Point 31-2
Diffusing Update Algorithm (DUAL) 33-32
directed unicast requests 1-4
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, clusters
See automatic discovery
Distance Vector Multicast Routing Protocol
See DVMRP
distance-vector protocols 33-3
distribute-list command 33-71
DNS
and DHCP-based autoconfiguration 4-6
default configuration 6-17
displaying the configuration 6-18
overview 6-16
setting up 6-17
support for 1-4
documentation, related xxxvii
document conventions xxxvi
domain names
DNS 6-16
VTP 13-8
Domain Name System
See DNS
downloading
configuration files
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-24
preparing B-22, B-25, B-29
reasons for B-20
using CMS 1-2, 3-15, B-20
using FTP B-26
using HTTP 1-2, 3-15, B-20
using RCP B-30
using TFTP B-23
DSCP 1-7, 31-2
DSCP input queue threshold map for QoS 31-14
DSCP output queue threshold map for QoS 31-17
DSCP-to-CoS map for QoS 31-52
DSCP-to-DSCP-mutation map for QoS 31-53
DTP 1-6, 12-17
DUAL finite state machine, EIGRP 33-33
duplex mode, configuring 10-13
DVMRP
autosummarization
configuring a summary address 35-46
disabling 35-48
connecting PIM domain to DVMRP router 35-38
enabling unicast routing 35-42
interoperability
with Cisco devices 35-36
with Cisco IOS software 35-7
mrinfo requests, responding to 35-41
DVMRP (continued)
neighbors
advertising the default route to 35-40
discovery with Probe messages 35-36
displaying information 35-41
prevent peering with nonpruning 35-44
rejecting nonpruning 35-42
overview 35-7
routes
adding a metric offset 35-48
advertising all 35-48
advertising the default route to neighbors 35-40
caching DVMRP routes learned in report messages 35-42
changing the threshold for syslog messages 35-45
deleting 35-50
displaying 35-50
favoring one over another 35-48
limiting the number injected into MBONE 35-45
limiting unicast route advertisements 35-36
routing table 35-7
source distribution tree, building 35-7
support for 1-8
tunnels
configuring 35-38
displaying neighbor information 35-41
dynamic access ports
characteristics 12-4
configuring 12-30
defined 10-3
dynamic addresses
See addresses
dynamic ARP inspection
ARP cache poisoning 21-1
ARP requests, described 21-1
ARP spoofing attack 21-1
clearing
log buffer 21-15
statistics 21-15
dynamic ARP inspection (continued)
configuration guidelines 21-6
configuring
ACLs for non-DHCP environments 21-8
in DHCP environments 21-7
log buffer 21-12
rate limit for incoming ARP packets 21-4, 21-10
default configuration 21-5
denial-of-service attacks, preventing 21-10
described 21-1
DHCP snooping binding database 21-2
displaying
ARP ACLs 21-14
configuration and operating state 21-14
log buffer 21-15
statistics 21-15
trust state and rate limit 21-14
error-disabled state for exceeding rate limit 21-4
function of 21-2
interface trust states 21-3
log buffer
clearing 21-15
configuring 21-12
displaying 21-15
logging of dropped packets, described 21-4
man-in-the middle attack, described 21-2
network security issues and interface trust states 21-3
priority of ARP ACLs and DHCP snooping entries 21-4
rate limiting of ARP packets
configuring 21-10
described 21-4
error-disabled state 21-4
statistics
clearing 21-15
displaying 21-15
validation checks, performing 21-11
dynamic auto trunking mode 12-18
dynamic desirable trunking mode 12-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
types of connections 12-30
dynamic routing 33-3
Dynamic Trunking Protocol
See DTP
E
EBGP 33-39
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EIGRP
and IGRP 33-35
authentication 33-37
components 33-33
configuring 33-35
default configuration 33-34
definition 33-32
interface parameters, configuring 33-36
monitoring 33-38
support for 1-8
enable password 8-4
enable secret password 8-4
encryption for passwords 8-4
Enhanced IGRP
See EIGRP
environment variables, function of 4-15
equal-cost routing 1-8, 33-61
error messages during command entry 2-4
EtherChannel
802.3ad, described 32-5
automatic creation of 32-4, 32-5
EtherChannel (continued)
channel groups
binding physical and logical interfaces 32-3
numbering of 32-3
configuration guidelines 32-9
configuring
Layer 2 interfaces 32-11
Layer 3 physical interfaces 32-14
Layer 3 port-channel logical interfaces 32-13
default configuration 32-9
described 32-2
displaying status 32-21
forwarding methods 32-6, 32-16
interaction
with STP 32-9
with VLANs 32-10
LACP
described 32-5
displaying status 32-21
hot-standby ports 32-18
interaction with other features 32-6
modes 32-6
port priority 32-20
system priority 32-19
Layer 3 interface 33-3
load balancing 32-6, 32-16
logical interfaces, described 32-3
PAgP
aggregate-port learners 32-17
compatibility with Catalyst 1900 32-17
described 32-4
displaying status 32-21
interaction with other features 32-5
learn method and priority configuration 32-17
modes 32-4
support for 1-3
EtherChannel (continued)
port-channel interfaces
described 32-3
numbering of 32-3
port groups 10-5
support for 1-3
EtherChannel guard
described 18-7
disabling 18-14
enabling 18-14
Ethernet VLANs
adding 12-9
defaults and ranges 12-8
modifying 12-9
events, RMON 27-3
examples
conventions for xxxvi
network configuration 1-12
expedite queue for QoS 31-66
expert mode 3-6
Express Setup 1-2, 1-9, 3-11
See also hardware installation guide
extended-range VLANs
configuration guidelines 12-13
configuring 12-12
creating 12-13
defined 12-1
extended system ID
MSTP 17-14
STP 16-4, 16-14
Extensible Authentication Protocol over LAN 9-1
external BGP
See EBGP
external neighbors, BGP 33-43
F
fallback bridging
and protected ports 37-3
bridge groups
creating 37-3
described 37-1
displaying 37-10
function of 37-2
number supported 37-4
removing 37-4
bridge table
clearing 37-10
displaying 37-10
configuration guidelines 37-3
connecting interfaces with 10-7
default configuration 37-3
described 37-1
frame forwarding
flooding packets 37-2
forwarding packets 37-2
overview 37-1
protocol, unsupported 37-3
STP
disabling on an interface 37-10
forward-delay interval 37-9
hello BPDU interval 37-8
interface priority 37-6
keepalive messages 16-2
maximum-idle interval 37-9
path cost 37-7
VLAN-bridge spanning-tree priority 37-6
VLAN-bridge STP 37-2
support for 1-8
SVIs and routed ports 37-1
unsupported protocols 37-3
VLAN-bridge STP 16-11
FIB 33-59
fiber-optic, detecting unidirectional links 25-1
files
copying B-4
crashinfo
description 38-22
displaying the contents of 38-22
location 38-22
deleting B-5
displaying the contents of B-7
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 30-29
non-IP traffic 30-26
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
See ACLs, IP
flash device, number of B-1
Flex Links
configuration guidelines 19-2
configuring 19-3
default configuration 19-2
description 19-1
monitoring 19-3
flooded traffic, blocking 23-6
flow-based packet classification 1-7
flowcharts
QoS classification 31-6
QoS egress queueing and scheduling 31-15
flowcharts (continued)
QoS ingress queueing and scheduling 31-13
QoS policing and marking 31-9
flow control 1-3, 10-15
forward-delay time
MSTP 17-20
STP 16-21
Forwarding Information Base
See FIB
forwarding nonroutable protocols 37-1
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-15
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 29-3
get-next-request operation 29-3, 29-4
get-request operation 29-3, 29-4
get-response operation 29-3
global configuration mode 2-2
guest VLAN and 802.1x 9-8
guide
audience xxxv
purpose of xxxv
guide mode 1-2, 3-5
H
hardware limitations and Layer 3 interfaces 10-20
HC (candidate switch) 5-19
hello time
MSTP 17-19
STP 16-20
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 28-9
host names
abbreviations appended to 5-18
in clusters 5-13
host ports
configuring 14-11
kinds of 14-2
hosts, limit on dynamic ports 12-33
Hot Standby Router Protocol
See HSRP
HP OpenView 1-4
HSRP
authentication string 34-9
automatic cluster recovery 5-12
binding to cluster group 34-11
cluster standby group considerations 5-11
command-switch redundancy 1-1, 1-5
configuring 34-3
default configuration 34-4
definition 34-1
guidelines 34-4
monitoring 34-11
HSRP (continued)
overview 34-1
priority 34-6
routing redundancy 1-8
support for ICMP redirect messages 34-10 to 34-11
timers 34-9
tracking 34-6
See also clusters, cluster standby group, and standby command switch
I
IBPG 33-39
ICMP
redirect messages 33-11
support for 1-8
time-exceeded messages 38-16
traceroute and 38-16
unreachable messages 30-20
unreachables and ACLs 30-21
ICMP ping
executing 38-13
overview 38-13
ICMP Router Discovery Protocol
See IRDP
IDS appliances
and ingress RSPAN 26-20
and ingress SPAN 26-13
IEEE 802.1p 15-1
ifIndex values, SNMP 29-5
IFS 1-4
IGMP
configuring the switch
as a member of a group 35-26
statically connected member 35-31
controlling access to groups 35-27
default configuration 35-26
deleting cache entries 35-50
displaying groups 35-50
IGMP (continued)
fast switching 35-31
host-query interval, modifying 35-29
joining multicast group 22-3
join messages 22-3
leave processing, enabling 22-10
leaving multicast group 22-4
multicast reachability 35-26
overview 35-2
queries 22-3
report suppression
described 22-5
disabling 22-10
support for 1-3
Version 1
changing to Version 2 35-28
described 35-3
Version 2
changing to Version 1 35-28
described 35-3
maximum query response time value 35-30
pruning groups 35-30
query timeout value 35-30
IGMP filtering
configuring 22-20
default configuration 22-19
described 22-19
monitoring 22-24
support for 1-3
IGMP groups
configuring filtering 22-22
setting the maximum number 22-22
IGMP profile
applying 22-21
configuration mode 22-20
configuring 22-20
IGMP snooping
and address aliasing 22-2
configuring 22-5
IGMP snooping (continued)
default configuration 22-6
definition 22-1
enabling and disabling 22-6
global configuration 22-6
Immediate Leave 22-5
method 22-7
monitoring 22-11
support for 1-3
VLAN configuration 22-6
IGMP throttling
configuring 22-22
default configuration 22-19
described 22-19
displaying action 22-24
IGP 33-24
IGRP
split horizon 33-23
support for 1-8
Immediate Leave, IGMP
described 22-5
enabling 22-10
initial configuration
defaults 1-9
Express Setup 1-2, 1-9, 3-11
setup (CLI) program 1-9
See also hardware installation guide
interface
number 10-7
range macros 10-10
interface command 10-7 to 10-8
interface configuration mode 2-2
interfaces
configuration guidelines
duplex and speed 10-14
configuring
duplex mode 10-13
procedure 10-8
speed 10-13
interfaces (continued)
counters, clearing 10-23
described 10-19
descriptive name, adding 10-19
displaying information about 10-23
flow control 10-15
management 1-4
monitoring 10-22
naming 10-19
physical, identifying 10-7
range of 10-8
restarting 10-24
shutting down 10-24
status 10-22
supported 10-7
types of 10-1
interfaces range macro command 10-10
interface types 10-7
Interior Gateway Protocol
See IGP
Interior Gateway Routing Protocol
See IGRP
internal BGP
See IBGP
internal neighbors, BGP 33-43
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Inter-Switch Link
See ISL
inter-VLAN routing 1-8, 33-2
Intrusion Detection System
See IDS appliances
inventory, cluster 5-20
ip access group command 30-20
IP ACLs
applying to an interface 30-19
extended, creating 30-10
IP ACLs (continued)
for QoS classification 31-7
implicit deny 30-9, 30-13, 30-15
implicit masks 30-9
logging 30-15
named 30-14
standard, creating 30-8
undefined 30-21
virtual terminal lines, setting on 30-19
IP addresses
candidate or member 5-3, 5-13
classes of 33-5
cluster access 5-2
command switch 5-2, 5-11, 5-13
default configuration 33-4
discovering 6-27
for IP routing 33-4
MAC address association 33-8
monitoring 33-17
redundant clusters 5-11
standby command switch 5-11, 5-13
See also IP information
IP broadcast address 33-15
ip cef distributed command 33-60
IP directed broadcasts 33-13
ip igmp profile command 22-20
IP information
assigned
manually 4-9
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP multicast routing
addresses
all-hosts 35-3
all-multicast-routers 35-3
host group address range 35-3
administratively-scoped boundaries, described 35-34
and IGMP snooping 22-1
IP multicast routing (continued)
Auto-RP
adding to an existing sparse-mode cloud 35-14
benefits of 35-13
clearing the cache 35-50
configuration guidelines 35-9
filtering incoming RP announcement messages 35-16
overview 35-5
preventing candidate RP spoofing 35-16
preventing join messages to false RPs 35-15
setting up in a new internetwork 35-13
using with BSR 35-21
bootstrap router
configuration guidelines 35-9
configuring candidate BSRs 35-19
configuring candidate RPs 35-20
defining the IP multicast boundary 35-18
defining the PIM domain border 35-17
overview 35-5
using with Auto-RP 35-21
Cisco implementation 35-2
configuring
basic multicast routing 35-10
IP multicast boundary 35-34
default configuration 35-8
enabling
multicast forwarding 35-10
PIM mode 35-11
group-to-RP mappings
Auto-RP 35-5
BSR 35-5
MBONE
deleting sdr cache entries 35-50
described 35-33
displaying sdr cache 35-51
enabling sdr listener support 35-33
limiting DVMRP routes advertised 35-45
limiting sdr cache entry lifetime 35-34
IP multicast routing (continued)
MBONE (continued)
SAP packets for conference session announcement 35-33
Session Directory (sdr) tool, described 35-33
monitoring
packet rate loss 35-51
peering devices 35-51
tracing a path 35-51
multicast forwarding, described 35-6
PIMv1 and PIMv2 interoperability 35-9
protocol interaction 35-2
reverse path check (RPF) 35-6
routing table
deleting 35-50
displaying 35-51
RP
assigning manually 35-12
configuring Auto-RP 35-13
configuring PIMv2 BSR 35-17
monitoring mapping information 35-22
using Auto-RP and BSR 35-21
statistics, displaying system and network 35-50
See also CGMP
See also DVMRP
See also IGMP
See also PIM
IP phones
and QoS 15-1
automatic classification and queueing 31-18
configuring 15-4
ensuring port security with QoS 31-35
trusted boundary for QoS 31-35
IP precedence 31-2
IP-precedence-to-DSCP map for QoS 31-50
IP protocols
in ACLs 30-11
routing 1-8
IP routes, monitoring 33-73
IP routing
connecting interfaces with 10-7
disabling 33-18
enabling 33-18
IP source guard
and 802.1x 20-16
and DHCP snooping 20-15
and EtherChannels 20-16
and port security 20-16
and routed ports 20-16
and TCAM entries 20-16
and trunk interfaces 20-16
and VRF 20-16
binding configuration
automatic 20-15
manual 20-15
binding table 20-15
configuration guidelines 20-16
default configuration 20-16
described 20-15
disabling 20-17
displaying
bindings 20-18
configuration 20-18
enabling 20-17
filtering
source IP address 20-15
source IP and MAC address 20-15
source IP address filtering 20-15
source IP and MAC address filtering 20-15
static bindings
adding 20-17
deleting 20-17
IP traceroute
executing 38-17
overview 38-16
IP unicast routing
address resolution 33-8
administrative distances 33-62, 33-71
IP unicast routing (continued)
ARP 33-8
assigning IP addresses to Layer 3 interfaces 33-5
authentication keys 33-72
broadcast
address 33-15
flooding 33-16
packets 33-13
storms 33-13
classless routing 33-6
configuring static routes 33-61
default
addressing configuration 33-4
gateways 33-11
networks 33-63
routes 33-62
routing 33-2
directed broadcasts 33-13
disabling 33-18
dynamic routing 33-3
enabling 33-18
EtherChannel Layer 3 interface 33-3
IGP 33-24
inter-VLAN 33-2
IP addressing
classes 33-5
configuring 33-4
IRDP 33-12
Layer 3 interfaces 33-3
MAC address and IP address 33-8
passive interfaces 33-70
protocols
distance-vector 33-3
dynamic 33-3
link-state 33-3
proxy ARP 33-8
redistribution 33-63
reverse address resolution 33-8
routed ports 33-3
IP unicast routing (continued)
static routing 33-2
steps to configure 33-4
subnet mask 33-5
subnet zero 33-6
supernet 33-6
UDP 33-15
with SVIs 33-3
See also BGP
See also EIGRP
See also OSPF
See also RIP
IRDP
configuring 33-12
definition 33-12
support for 1-8
ISL
and trunk ports 10-3
encapsulation 1-6, 12-16
isolated port 14-2
isolated VLANs 14-2, 14-3
J
join messages, IGMP 22-3
K
KDC
described 8-32
See also Kerberos
keepalive messages 16-2
Kerberos
authenticating to
boundary switch 8-35
KDC 8-35
network services 8-35
configuration examples 8-32
Kerberos (continued)
configuring 8-36
credentials 8-32
cryptographic software image 8-32
described 8-32
KDC 8-32
operation 8-34
realm 8-33
server 8-33
support for 1-7
switch as trusted third party 8-32
terms 8-33
TGT 8-34
tickets 8-32
key distribution center
See KDC
L
LACP
See EtherChannel
Layer 2 frames, classification with CoS 31-2
Layer 2 interfaces, default configuration 10-12
Layer 2 traceroute
and ARP 38-15
and CDP 38-15
broadcast traffic 38-15
described 38-15
IP addresses and subnets 38-15
MAC addresses and VLANs 38-15
multicast traffic 38-15
multiple devices on a port 38-16
unicast traffic 38-15
usage guidelines 38-15
Layer 2 trunks 12-17
Layer 3 features 1-8
Layer 3 interfaces
assigning IP addresses to 33-5
changing from Layer 2 mode 33-5
types of 33-3
Layer 3 packets, classification methods 31-2
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
See EtherChannel
link redundancy
See Flex Links
links, unidirectional 25-1
link state advertisements (LSAs) 33-28
link-state protocols 33-3
load balancing 34-6
logging messages, ACL 30-9
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-18
log messages
See system message logging
Long-Reach Ethernet (LRE) technology 1-13
loop guard
described 18-9
enabling 18-15
support for 1-5
LRE profiles, considerations in switch clusters 5-15
M
MAC addresses
aging time 6-22
and VLAN association 6-21
building the address table 6-21
MAC addresses (continued)
default configuration 6-22
discovering 6-27
displaying 6-27
displaying in DHCP snooping binding database 20-14
displaying in the IP source binding table 20-18
dynamic
learning 6-21
removing 6-22
in ACLs 30-26
IP address association 33-8
static
adding 6-25
allowing 6-27
characteristics of 6-25
dropping 6-26
removing 6-25
MAC address notification, support for 1-9
MAC address-to-VLAN mapping 12-28
MAC extended access lists
applying to Layer 2 interfaces 30-28
configuring for QoS 31-41
creating 30-26
defined 30-26
for QoS classification 31-5
macros
See Smartports macros
manageability features 1-4
management access
in-band
browser session 1-4
CLI session 1-4
CMS 1-4
SNMP 1-4
out-of-band console port connection 1-4
management options
CLI 2-1
clustering 1-3
CMS 1-2
overview 1-4
management VLAN
considerations in switch clusters 5-7
discovery through different management VLANs 5-7
mapping tables for QoS
configuring
CoS-to-DSCP 31-50
DSCP 31-49
DSCP-to-CoS 31-52
DSCP-to-DSCP-mutation 31-53
IP-precedence-to-DSCP 31-50
policed-DSCP 31-51
described 31-10
marking
action in policy map 31-44
action with aggregate policers 31-47
described 31-3, 31-8
matching, ACLs 30-7
maximum aging time
MSTP 17-21
STP 16-21
maximum hop count, MSTP 17-21
maximum-paths command 33-46, 33-61
membership mode, VLAN port 12-3
member switch
adding 5-16
automatic discovery 5-4
defined 5-2
managing 5-20
passwords 5-13
recovering from lost connectivity 38-11
requirements 5-3
See also candidate switch, cluster standby group, and standby command switch
menu bar variations 3-4
messages
logging ACL violations 30-15
to users through banners 6-18
metrics, in BGP 33-47
metric translations, between routing protocols 33-67
MHSRP 34-7
MIBs
accessing files with FTP A-3
location of files A-3
overview 29-1
SNMP interaction with 29-4
supported A-1
mirroring traffic for analysis 26-1
mismatches, autonegotiation 38-12
module number 10-7
monitoring
access groups 30-39
ACL configuration 30-39
BGP 33-58
cables for unidirectional links 25-1
CDP 24-5
CEF 33-60
EIGRP 33-38
fallback bridging 37-10
features 1-9
Flex Links 19-3
HSRP 34-11
IGMP
filters 22-24
snooping 22-11
interfaces 10-22
IP
address tables 33-17
multicast routing 35-49
routes 33-73
monitoring (continued)
MSDP peers 36-19
multicast router interfaces 22-11
MVR 22-18
network traffic for analysis with probe 26-2
OSPF 33-32
port
blocking 23-16
protection 23-16
private VLANs 14-15
RP mapping information 35-22
SFPs status 10-23, 38-13
source-active messages 36-19
speed and duplex mode 10-15
traffic flowing among switches 27-1
traffic suppression 23-15
VLAN
filters 30-40
maps 30-40
VLANs 12-15
VMPS 12-32
VTP 13-15
MSDP
benefits of 36-3
clearing MSDP connections and statistics 36-19
controlling source information
forwarded by switch 36-12
originated by switch 36-9
received by switch 36-14
default configuration 36-4
dense-mode regions
sending SA messages to 36-17
specifying the originating address 36-18
filtering
incoming SA messages 36-14
SA messages to a peer 36-12
SA requests from a peer 36-11
join latency, defined 36-6
MSDP (continued)
meshed groups
configuring 36-16
defined 36-16
originating address, changing 36-18
overview 36-1
peer-RPF flooding 36-2
peers
configuring a default 36-4
monitoring 36-19
peering relationship, overview 36-1
requesting source information from 36-8
shutting down 36-16
source-active messages
caching 36-6
clearing cache entries 36-19
defined 36-2
filtering from a peer 36-11
filtering incoming 36-14
filtering to a peer 36-12
limiting data with TTL 36-14
monitoring 36-19
restricting advertised sources 36-9
support for 1-8
MSTP
boundary ports
configuration guidelines 17-13
described 17-5
BPDU filtering
described 18-3
enabling 18-12
BPDU guard
described 18-3
enabling 18-11
CIST, described 17-3
configuration guidelines 17-12, 18-10
MSTP (continued)
configuring
forward-delay time 17-20
hello time 17-19
link type for rapid convergence 17-22
maximum aging time 17-21
maximum hop count 17-21
MST region 17-13
path cost 17-18
port priority 17-17
root switch 17-14
secondary root switch 17-16
switch priority 17-19
CST
defined 17-3
operations between regions 17-4
default configuration 17-12
default optional feature configuration 18-9
displaying status 17-23
enabling the mode 17-13
EtherChannel guard
described 18-7
enabling 18-14
extended system ID
effects on root switch 17-14
effects on secondary root switch 17-16
unexpected behavior 17-15
instances supported 16-9
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-10
interoperability with 802.1D
described 17-5
restarting migration process 17-22
IST
defined 17-3
master 17-3
operations within a region 17-3
MSTP (continued)
loop guard
described 18-9
enabling 18-15
mapping VLANs to MST instance 17-13
MST region
CIST 17-3
configuring 17-13
described 17-2
hop-count mechanism 17-5
IST 17-3
supported spanning-tree instances 17-2
optional features supported 1-5
overview 17-2
Port Fast
described 18-2
enabling 18-10
preventing root switch selection 18-8
root guard
described 18-8
enabling 18-14
root switch
configuring 17-15
effects of extended system ID 17-14
unexpected behavior 17-15
shutdown Port Fast-enabled port 18-3
status, displaying 17-23
multicast groups
Immediate Leave 22-5
joining 22-3
leaving 22-4
static joins 22-9
multicast packets
ACLs on 30-39
blocking 23-6
multicast router interfaces, monitoring 22-11
multicast router ports, adding 22-8
Multicast Source Discovery Protocol
See MSDP
multicast storm 23-2
multicast storm-control command 23-4
Multicast VLAN Registration
See MVR
Multiple HSRP
See MHSRP
Multiple Spanning Tree Protocol
See MSTP
MVR
and address aliasing 22-15
configuring interfaces 22-16
default configuration 22-14
described 22-12
modes 22-16
monitoring 22-18
setting global parameters 22-15
support for 1-3
N
named IP ACLs 30-14
native VLAN
configuring 12-23
default 12-23
neighbor discovery/recovery, EIGRP 33-33
neighbors, BGP 33-53
network configuration examples
increasing network performance 1-12
large network 1-15
long-distance, high-bandwidth transport 1-16
providing network services 1-13
small to medium-sized network 1-13
network design
performance 1-12
services 1-13
network management
CDP 24-1
RMON 27-1
SNMP 29-1
Network Time Protocol
See NTP
no commands 2-4
non-IP traffic filtering 30-26
nontrunking mode 12-18
normal-range VLANs
configuration modes 12-7
defined 12-1
no switchport command 10-4
note, described xxxvi
not-so-stubby areas
See NSSA
NSSA, OSPF 33-28
NTP
associations
authenticating 6-5
defined 6-2
enabling broadcast messages 6-7
peer 6-6
server 6-6
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-9
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-4
synchronizing devices 6-6
time
services 6-2
synchronizing 6-2
O
Open Shortest Path First
See OSPF
optimizing system resources 7-1
options, management 1-4
OSPF
area parameters, configuring 33-28
configuring 33-26
default configuration
metrics 33-29
route 33-29
settings 33-25
described 33-24
interface parameters, configuring 33-27
LSA group pacing 33-31
monitoring 33-32
router IDs 33-31
route summarization 33-29
support for 1-8
virtual links 33-29
out-of-profile markdown 1-7
P
packet modification, with QoS 31-17
PAgP
See EtherChannel
parallel paths, in routing tables 33-61
passive interfaces
configuring 33-70
OSPF 33-29
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-4
for security 1-6
in clusters 5-14, 5-17
overview 8-1
recovery of 38-4
setting
enable 8-3
passwords (continued)
setting (continued)
enable secret 8-4
Telnet 8-6
with usernames 8-7
VTP domain 13-8
path cost
MSTP 17-18
STP 16-18
PBR
defined 33-67
enabling 33-68
fast-switched policy-based routing 33-69
local policy-based routing 33-69
PC (passive command switch) 5-10, 5-18
peers, BGP 33-53
performance, network design 1-12
performance features 1-3
per-VLAN spanning-tree plus
See PVST+
physical ports 10-2
PIM
default configuration 35-8
dense mode
overview 35-4
rendezvous point (RP), described 35-4
RPF lookups 35-7
displaying neighbors 35-51
enabling a mode 35-11
overview 35-3
router-query message interval, modifying 35-25
shared tree and source tree, overview 35-22
shortest path tree, delaying the use of 35-24
sparse mode
join messages and shared tree 35-4
overview 35-4
prune messages 35-5
RPF lookups 35-7
support for 1-8
PIM (continued)
versions
interoperability 35-9
troubleshooting interoperability problems 35-22
v2 improvements 35-4
PIM-DVMRP, as snooping method 22-7
ping
character output description 38-14
executing 38-13
overview 38-13
PoE
configuring 10-17
support for 1-9
troubleshooting 38-12
policed-DSCP map for QoS 31-51
policers
configuring
for each matched traffic class 31-44
for more than one traffic class 31-47
described 31-3
displaying 31-67
number of 31-31
types of 31-8
policing
described 31-3
token-bucket algorithm 31-9
policy-based routing
See PBR
policy maps for QoS
characteristics of 31-44
configuring 31-44
described 31-7
displaying 31-68
port ACLs
defined 30-2
types of 30-3
Port Aggregation Protocol
See EtherChannel
port-based authentication
accounting 9-5
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-11
configuring
802.1x authentication 9-12
guest VLAN 9-19
host mode 9-18
manual re-authentication of a client 9-15
periodic re-authentication 9-15
quiet period 9-15
RADIUS server 9-14
RADIUS server parameters on the switch 9-13
switch-to-client frame-retransmission number 9-17
switch-to-client retransmission time 9-16
default configuration 9-10
described 9-1
device roles 9-2
displaying statistics 9-21
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-3
guest VLAN
configuration guidelines 9-8
described 9-8
initiation and message exchange 9-3
method lists 9-12
multiple-hosts mode, described 9-18
per-user ACLs
AAA authorization 9-12
configuration tasks 9-9
described 9-9
RADIUS server attributes 9-9
port-based authentication (continued)
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
voice VLAN 9-7
port security
and voice VLAN 9-6
described 9-6
interactions 9-6
multiple-hosts mode 9-18
resetting to default values 9-20
statistics, displaying 9-21
switch
as proxy 9-2
RADIUS client 9-2
topologies, supported 9-5
upgrading from a previous release 31-24
VLAN assignment
AAA authorization 9-12
characteristics 9-7
configuration tasks 9-8
described 9-7
voice VLAN
described 9-7
PVID 9-7
VVID 9-7
port blocking 1-3, 23-6
port-channel
See EtherChannel
Port Fast
described 18-2
enabling 18-10
mode, spanning tree 12-29
support for 1-5
port membership modes, VLAN 12-3
port priority
MSTP 17-17
STP 16-17
ports
access 10-3
blocking 23-6
dynamic access 12-4
protected 23-5
routed 10-4
secure 23-7
static-access 12-3, 12-11
switch 10-2
trunks 12-3, 12-16
VLAN assignments 12-11
port security
aging 23-14
and QoS trusted boundary 31-35
configuring 23-10
default configuration 23-9
described 23-7
displaying 23-16
on trunk ports 23-11, 23-12
sticky learning 23-8
violations 23-8
with other features 23-10
port-shutdown response, VMPS 12-28
Power over Ethernet
See PoE
preferential treatment of traffic
See QoS
prefix lists, BGP 33-50
preventing unauthorized access 8-1
primary links 19-1
primary VLANs 14-1, 14-3
priority
HSRP 34-6
overriding CoS 15-6
trusting CoS 15-6
private VLAN edge ports
See protected ports
private VLANs
across multiple switches 14-4
and SDM template 14-4
and SVIs 14-5
benefits of 14-1
community ports 14-2
community VLANs 14-2, 14-3
configuration guidelines 14-6, 14-7, 14-8
configuration tasks 14-6
configuring 14-10
default configuration 14-6
end station access to 14-3
IP addressing 14-3
isolated port 14-2
isolated VLANs 14-2, 14-3
mapping 14-14
monitoring 14-15
ports
community 14-2
configuration guidelines 14-8
configuring host ports 14-11
configuring promiscuous ports 14-13
described 12-4
isolated 14-2
promiscuous 14-2
primary VLANs 14-1, 14-3
promiscuous ports 14-2
secondary VLANs 14-2
subdomains 14-1
traffic in 14-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 5-21
exiting 8-10
in CMS 3-6
logging into 8-10
privilege levels (continued)
mapping on member switches 5-21
overview 8-2, 8-8
setting a command with 8-8
promiscuous ports
configuring 14-13
defined 14-2
protected ports 1-6, 23-5
protocol-dependent modules, EIGRP 33-33
Protocol-Independent Multicast Protocol
See PIM
proxy ARP
configuring 33-10
definition 33-8
with IP routing disabled 33-11
pruning, VTP
disabling
in VTP domain 13-14
on a port 12-23
enabling
in VTP domain 13-13
on a port 12-22
examples 13-5
overview 13-4
pruning-eligible list
changing 12-22
for VTP pruning 13-4
VLANs 13-14
PVST+
802.1Q trunking interoperability 16-10
described 16-9
instances supported 16-9
Q
QoS
and MQC commands 31-1
auto-QoS
categorizing traffic 31-18
configuration and defaults display 31-28
configuration guidelines 31-23
described 31-18
disabling 31-25
displaying generated commands 31-25
displaying the initial configuration 31-28
effects on running configuration 31-23
egress queue defaults 31-19
enabling for VoIP 31-24
example configuration 31-26
ingress queue defaults 31-19
list of generated commands 31-20
basic model 31-3
classification
class maps, described 31-7
defined 31-3
flowchart 31-6
forwarding treatment 31-3
in frames and packets 31-2
IP ACLs, described 31-5, 31-7
MAC ACLs, described 31-5, 31-7
options for IP traffic 31-5
options for non-IP traffic 31-5
policy maps, described 31-7
trust DSCP, described 31-5
trusted CoS, described 31-5
trust IP precedence, described 31-5
QoS (continued)
class maps
configuring 31-42
displaying 31-67
configuration guidelines
auto-QoS 31-23
standard QoS 31-31
configuring
aggregate policers 31-47
auto-QoS 31-18
default port CoS value 31-34
DSCP maps 31-49
DSCP trust states bordering another domain 31-36
egress queue characteristics 31-60
ingress queue characteristics 31-55
IP extended ACLs 31-40
IP standard ACLs 31-38
MAC ACLs 31-41
policy maps 31-44
port trust states within the domain 31-32
trusted boundary 31-35
default auto configuration 31-18
default standard configuration 31-29
displaying statistics 31-67
egress queues
allocating buffer space 31-60
buffer allocation scheme, described 31-16
configuring shaped weights for SRR 31-64
configuring shared weights for SRR 31-65
described 31-4
displaying the threshold map 31-63
flowchart 31-15
mapping DSCP or CoS values 31-62
scheduling, described 31-4
setting WTD thresholds 31-60
WTD, described 31-17
enabling globally 31-32
QoS (continued)
flowcharts
classification 31-6
egress queueing and scheduling 31-15
ingress queueing and scheduling 31-13
policing and marking 31-9
implicit deny 31-7
ingress queues
allocating bandwidth 31-58
allocating buffer space 31-57
buffer and bandwidth allocation, described 31-14
configuring shared weights for SRR 31-58
configuring the priority queue 31-59
described 31-3
displaying the threshold map 31-56
flowchart 31-13
mapping DSCP or CoS values 31-55
priority queue, described 31-14
scheduling, described 31-3
setting WTD thresholds 31-55
WTD, described 31-14
IP phones
automatic classification and queueing 31-18
detection and trusted settings 31-18, 31-35
limiting bandwidth on egress interface 31-66
mapping tables
CoS-to-DSCP 31-50
displaying 31-67
DSCP-to-CoS 31-52
DSCP-to-DSCP-mutation 31-53
IP-precedence-to-DSCP 31-50
policed-DSCP 31-51
types of 31-10
marked-down actions 31-45
marking, described 31-3, 31-8
overview 31-1
packet modification 31-17
QoS (continued)
policers
configuring 31-45, 31-48
described 31-8
displaying 31-67
number of 31-31
types of 31-8
policies, attaching to an interface 31-9
policing
described 31-3, 31-8
token bucket algorithm 31-9
policy maps
characteristics of 31-44
configuring 31-44
displaying 31-68
QoS label, defined 31-3
queues
configuring egress characteristics 31-60
configuring ingress characteristics 31-55
high priority (expedite) 31-17, 31-66
location of 31-11
SRR, described 31-12
WTD, described 31-11
rewrites 31-17
support for 1-7
trust states
bordering another domain 31-36
described 31-5
trusted device 31-35
within the domain 31-32
quality of service
See QoS
queries, IGMP 22-3
R
RADIUS
attributes
vendor-proprietary 8-31
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-21
multiple UDP ports 8-21
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-21
in clusters 5-14
limiting the services to the user 8-27
method list, defined 8-20
operation of 8-19
overview 8-18
suggested network environments 8-18
support for 1-7
tracking services accessed by user 8-28
range
macro 10-10
of interfaces 10-9
rapid convergence 17-7
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
802.1Q trunking interoperability 16-10
described 16-9
instances supported 16-9
Rapid Spanning Tree Protocol
See RSTP
RARP 33-8
rcommand command 5-20
RCP
configuration files
downloading B-17
overview B-16
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-30
preparing the server B-29
uploading B-32
reconfirmation interval, VMPS, changing 12-31
recovery procedures 38-1
redundancy
EtherChannel 32-2
HSRP 34-1
STP
backbone 16-8
path cost 12-26
port priority 12-24
redundant clusters
See cluster standby group
redundant links and UplinkFast 18-12
reliable transport protocol, EIGRP 33-33
reloading software 4-16
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
report suppression, IGMP
described 22-5
disabling 22-10
requirements
cluster
See release notes
resequencing ACL entries 30-14
resets, in BGP 33-45
resetting a UDLD-shutdown interface 25-6
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-18
TACACS+ 8-10
retry count, VMPS, changing 12-32
reverse address resolution 33-8
Reverse Address Resolution Protocol
See RARP
RFC
1058, RIP 33-19
1112, IP multicast and IGMP 22-2
1157, SNMPv1 29-2
1163, BGP 33-39
1166, IP addresses 33-5
1253, OSPF 33-24
1267, BGP 33-39
1305, NTP 6-2
1587, NSSAs 33-24
1757, RMON 27-2
1771, BGP 33-39
1901, SNMPv2C 29-2
1902 to 1907, SNMPv2 29-2
2236, IP multicast and IGMP 22-2
2273-2275, SNMPv3 29-2
RIP
advertisements 33-19
authentication 33-21
configuring 33-20
default configuration 33-19
described 33-19
hop counts 33-19
split horizon 33-22
summary addresses 33-22
support for 1-8
RMON
default configuration 27-3
displaying status 27-6
enabling alarms and events 27-3
groups supported 27-2
overview 27-1
statistics
collecting group Ethernet 27-6
collecting group history 27-5
support for 1-9
root guard
described 18-8
enabling 18-14
support for 1-5
root switch
MSTP 17-14
STP 16-14
route calculation timers, OSPF 33-30
route dampening, BGP 33-57
routed packets, ACLs on 30-38
routed ports
configuring 33-3
defined 10-4
in switch clusters 5-8
IP addresses on 10-20, 33-3
route-map command 33-69
route maps
BGP 33-48
policy-based routing 33-67
router ACLs
defined 30-2
types of 30-4
route reflectors, BGP 33-56
router ID, OSPF 33-31
route selection, BGP 33-46
route summarization, OSPF 33-29
routing
default 33-2
dynamic 33-3
redistribution of information 33-63
static 33-2
routing domain confederation, BGP 33-55
Routing Information Protocol
See RIP
routing protocol administrative distances 33-62
RSPAN
characteristics 26-8
configuration guidelines 26-16
default configuration 26-10
destination ports 26-7
displaying status 26-23
interaction with other features 26-8
monitored ports 26-5
monitoring ports 26-7
overview 1-9, 26-1
received traffic 26-4
session limits 26-10
sessions
creating 26-17
defined 26-3
limiting source traffic to specific VLANs 26-22
specifying monitored ports 26-17
with ingress traffic enabled 26-20
source ports 26-5
transmitted traffic 26-5
VLAN-based 26-6
RSTP
active topology 17-6
BPDU
format 17-9
processing 17-10
designated port, defined 17-6
RSTP (continued)
designated switch, defined 17-6
interoperability with 802.1D
described 17-5
restarting migration process 17-22
topology changes 17-10
overview 17-6
port roles
described 17-6
synchronized 17-8
proposal-agreement handshake process 17-7
rapid convergence
described 17-7
edge ports and Port Fast 17-7
point-to-point links 17-7, 17-22
root ports 17-7
root port, defined 17-6
See also MSTP
running configuration, saving 4-10
S
SC (standby command switch) 5-10, 5-18
scheduled reloads 4-16
SDM
described 7-1
templates
configuring 7-3
number of 7-1
SDM template
configuring 7-2
types of 7-1
secondary VLANs 14-2
secure MAC addresses
deleting 23-13
maximum number of 23-8
types of 23-8
secure ports, configuring 23-7
secure remote connections 8-38
Secure Shell
See SSH
security, port 23-7
security features 1-6
sequence numbers in log messages 28-7
server mode, VTP 13-3
service-provider network, MSTP and RSTP 17-1
set-request operation 29-4
setup (CLI) program 1-9
See also hardware installation guide
setup program
failed command switch replacement 38-10
replacing failed command switch 38-8
severity levels, defining in system messages 28-8
SFPs
monitoring status of 1-9, 10-23, 38-13
security and identification 38-12
shaped round robin
See SRR
show access-lists hw-summary command 30-21
show and more command output, filtering 2-8
show cdp traffic command 24-5
show cluster members command 5-20
show configuration command 10-19
show forward command 38-19
show interfaces command 10-15, 10-19
show platform forward command 38-19
show running-config command
displaying ACLs 30-19, 30-20, 30-31, 30-33
interface description in 10-19
shutdown command on interfaces 10-24
Simple Network Management Protocol
See SNMP
Smartports macros
applying Cisco-default macros 11-6
applying global parameter values 11-5, 11-6
applying macros 11-5
Smartports macros (continued)
applying parameter values 11-5, 11-7
configuration guidelines 11-3
creating 11-4
default configuration 11-2
defined 11-1
displaying 11-8
tracing 11-3
website 11-2
SNAP 24-1
SNMP
accessing MIB variables with 29-4
agent
described 29-4
disabling 29-8
authentication level 29-10
community strings
configuring 29-8
for cluster switches 29-4
overview 29-4
configuration examples 29-15
default configuration 29-6
engine ID 29-7
groups 29-7, 29-9
host 29-7
ifIndex values 29-5
in-band management 1-4
in clusters 5-14
informs
and trap keyword 29-11
described 29-5
differences from traps 29-5
disabling 29-14
enabling 29-14
limiting access by TFTP servers 29-15
limiting system log messages to NMS 28-9
manager functions 1-4, 29-3
managing clusters with 5-21
SNMP (continued)
MIBs
location of A-3
supported A-1
notifications 29-5
overview 29-1, 29-4
security levels 29-3
status, displaying 29-16
system contact and location 29-14
trap manager, configuring 29-13
traps
described 29-3, 29-5
differences from informs 29-5
disabling 29-14
enabling 29-11
enabling MAC address notification 6-23
overview 29-1, 29-4
types of 29-11
users 29-7, 29-9
versions supported 29-2
SNMPv1 29-2
SNMPv2C 29-2
SNMPv3 29-2
snooping, IGMP 22-1
software images
location in flash B-20
recovery procedures 38-2
scheduling reloads 4-16
tar file format, described B-21
See also downloading and uploading
source addresses, in ACLs 30-11
source-and-destination-IP address based forwarding, EtherChannel 32-7
source-and-destination MAC address forwarding, EtherChannel 32-7
source-IP address based forwarding, EtherChannel 32-7
source-MAC address forwarding, EtherChannel 32-7
SPAN
configuration guidelines 26-10
default configuration 26-10
destination ports 26-7
displaying status 26-23
interaction with other features 26-8
monitored ports 26-5
monitoring ports 26-7
overview 1-9, 26-1
received traffic 26-4
session limits 26-10
sessions
configuring ingress forwarding 26-14, 26-21
creating 26-11
defined 26-3
limiting source traffic to specific VLANs 26-15
removing destination (monitoring) ports 26-12
specifying monitored ports 26-11
with ingress traffic enabled 26-13
source ports 26-5
transmitted traffic 26-5
VLAN-based 26-6
spanning tree and native VLANs 12-19
Spanning Tree Protocol
See STP
SPAN traffic 26-4
speed, configuring on interfaces 10-13
split horizon
IGRP 33-23
RIP 33-22
SRR
configuring
shaped weights on egress queues 31-64
shared weights on egress queues 31-65
shared weights on ingress queues 31-58
described 31-12
shaped mode 31-12
shared mode 31-12
support for 1-7, 1-8
SSH
configuring 8-39
cryptographic software image 8-37
described 1-4, 8-38
encryption methods 8-38
user authentication methods, supported 8-38
Standby Command Configuration window 5-19
standby command switch
configuring 5-18
considerations 5-11
defined 5-2
priority 5-10
requirements 5-3
virtual IP address 5-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 34-4
standby links 19-1
standby router 34-1
standby timers, HSRP 34-9
startup configuration
booting
manually 4-13
specific image 4-13
clearing B-19
configuration file
automatically downloading 4-12
specifying the filename 4-12
default boot configuration 4-11
static access ports
assigning to VLAN 12-11
defined 10-3, 12-3
static addresses
See addresses
static IP routing 1-8
static MAC addressing 1-6
static routes, configuring 33-61
static routing 33-2
static VLAN membership 12-2
statistics
802.1x 9-21
CDP 24-5
interface 10-23
IP multicast routing 35-50
OSPF 33-32
QoS ingress and egress 31-67
RMON group Ethernet 27-6
RMON group history 27-5
SNMP input and output 29-16
VTP 13-15
sticky learning 23-8
storm control
configuring 23-3
described 23-2
displaying 23-16
support for 1-3
thresholds 23-2
STP
802.1D and bridge ID 16-4
802.1D and multicast addresses 16-8
802.1t and VLAN identifier 16-4
accelerating root port selection 18-4
BackboneFast
described 18-5
disabling 18-14
enabling 18-13
BPDU filtering
described 18-3
disabling 18-12
enabling 18-12
BPDU guard
described 18-3
disabling 18-11
enabling 18-11
BPDU message exchange 16-3
configuration guidelines 16-12, 18-10
STP (continued)
configuring
forward-delay time 16-21
hello time 16-20
maximum aging time 16-21
path cost 16-18
port priority 16-17
root switch 16-14
secondary root switch 16-16
spanning-tree mode 16-13
switch priority 16-19
counters, clearing 16-22
default configuration 16-11
default optional feature configuration 18-9
designated port, defined 16-3
designated switch, defined 16-3
detecting indirect link failures 18-5
disabling 16-14
displaying status 16-22
EtherChannel guard
described 18-7
disabling 18-14
enabling 18-14
extended system ID
effects on root switch 16-14
effects on the secondary root switch 16-16
overview 16-4
unexpected behavior 16-15
features supported 1-5
inferior BPDU 16-3
instances supported 16-9
interface state, blocking to forwarding 18-2
interface states
blocking 16-6
disabled 16-7
forwarding 16-5, 16-6
learning 16-6
listening 16-6
overview 16-4
STP (continued)
interoperability and compatibility among modes 16-10
keepalive messages 16-2
limitations with 802.1Q trunks 16-10
load sharing
overview 12-24
using path costs 12-26
using port priorities 12-24
loop guard
described 18-9
enabling 18-15
modes supported 16-9
multicast addresses, effect of 16-8
optional features supported 1-5
overview 16-2
path costs 12-26
Port Fast
described 18-2
enabling 18-10
port priorities 12-25
preventing root switch selection 18-8
protocols supported 16-9
redundant connectivity 16-8
root guard
described 18-8
enabling 18-14
root port, defined 16-3
root switch
configuring 16-15
effects of extended system ID 16-4, 16-14
election 16-3
unexpected behavior 16-15
shutdown Port Fast-enabled port 18-3
status, displaying 16-22
superior BPDU 16-3
timers, described 16-20
STP (continued)
UplinkFast
described 18-4
enabling 18-12
VLAN-bridge 16-11
stratum, NTP 6-2
stub areas, OSPF 33-28
subdomains, private VLAN 14-1
subnet mask 33-5
subnet zero 33-6
success response, VMPS 12-28
summer time 6-13
SunNet Manager 1-4
supernet 33-6
SVIs
and IP unicast routing 33-3
and router ACLs 30-4
connecting VLANs 10-6
defined 10-4
routing between VLANs 12-2
switch clustering technology 5-1
See also clusters, switch
switch console port 1-4
Switch Database Management
See SDM
switched packets, ACLs on 30-37
Switched Port Analyzer
See SPAN
switched ports 10-2
Switch Manager 3-9
switchport block multicast command 23-6
switchport block unicast command 23-6
switchport command 10-12
switchport protected command 23-5
switch priority
MSTP 17-19
STP 16-19
switch software features 1-1
switch virtual interface
See SVI
synchronization, BGP 33-43
syslog
See system message logging
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-2
See also NTP
system message logging
default configuration 28-3
defining error message severity levels 28-8
disabling 28-3
displaying the configuration 28-12
enabling 28-4
facility keywords, described 28-12
level keywords, described 28-8
limiting messages 28-9
message format 28-2
overview 28-1
sequence numbers, enabling and disabling 28-7
setting the display destination device 28-4
synchronizing log messages 28-5
syslog facility 1-9
time stamps, enabling and disabling 28-7
UNIX syslog servers
configuring the daemon 28-10
configuring the logging facility 28-11
facilities supported 28-12
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
See also DNS
system prompt
default setting 6-14 to 6-15
manual configuration 6-16
system resources, optimizing 7-1
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-17
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
in clusters 5-14
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-7
tracking services accessed by user 8-17
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-21
Telnet
accessing management interfaces 2-9
from a browser 2-9
number of connections 1-4
setting a password 8-6
templates, SDM 7-1
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-11
configuration files in base directory 4-6
configuring for autoconfiguration 4-5
image files
deleting B-24
downloading B-23
preparing the server B-22
uploading B-24
limiting access by servers 29-15
TFTP server 1-4
threshold, traffic level 23-2
time
See NTP and system clock
time-range command 30-16
time ranges in ACLs 30-16
time stamps in log messages 28-7
time zones 6-12
Token Ring VLANs
support for 12-6
VTP support 13-4
Topology view, described 3-2, 3-14
ToS 1-7
traceroute, Layer 2
and ARP 38-15
and CDP 38-15
broadcast traffic 38-15
described 38-15
IP addresses and subnets 38-15
MAC addresses and VLANs 38-15
multicast traffic 38-15
multiple devices on a port 38-16
unicast traffic 38-15
usage guidelines 38-15
traceroute command 38-17
See also IP traceroute
traffic
blocking flooded 23-6
fragmented 30-5
unfragmented 30-5
traffic policing 1-7
traffic suppression 23-2
transparent mode, VTP 13-3, 13-12
trap-door mechanism 4-2
traps
configuring MAC address notification 6-23
configuring managers 29-11
defined 29-3
enabling 6-23, 29-11
notification types 29-11
overview 29-1, 29-4
troubleshooting
connectivity problems 38-13, 38-14, 38-16
detecting unidirectional links 25-1
displaying crash information 38-22
PIMv1 and PIMv2 interoperability problems 35-22
setting packet forwarding 38-19
SFP security and identification 38-12
troubleshooting (continued)
show forward command 38-19
with CiscoWorks 29-4
with debug commands 38-18
with ping 38-13
with system message logging 28-1
with traceroute 38-16
trunking encapsulation 1-6
trunk ports
configuring 12-20
defined 10-3, 12-3
encapsulation 12-20, 12-25, 12-26
secure MAC addresses on 23-11, 23-12
trunks
allowed-VLAN list 12-21
configuring 12-20, 12-25, 12-26
ISL 12-16
load sharing
setting STP path costs 12-26
using STP port priorities 12-24, 12-25
native VLAN for untagged traffic 12-23
parallel 12-26
pruning-eligible list 12-22
to non-DTP device 12-17
understanding 12-17
trusted boundary for QoS 31-35
trusted port states
between QoS domains 31-36
classification options 31-5
ensuring port security for IP phones 31-35
support for 1-7
within a QoS domain 31-32
twisted-pair Ethernet, detecting unidirectional links 25-1
type of service
See ToS
U
UDLD
default configuration 25-4
disabling
fiber-optic interfaces 25-5
globally 25-5
per interface 25-6
echoing detection mechanism 25-2
enabling
globally 25-5
per interface 25-6
link-detection mechanism 25-1
neighbor database 25-2
overview 25-1
resetting an interface 25-6
status, displaying 25-7
support for 1-5
UDP, configuring 33-15
unauthorized ports with 802.1x 9-4
unicast MAC address filtering 1-4
and adding static addresses 6-26
and broadcast MAC addresses 6-26
and CPU packets 6-26
and multicast addresses 6-26
and router MAC addresses 6-26
configuration guidelines 6-26
described 6-26
unicast storm 23-2
unicast storm control command 23-4
unicast traffic, blocking 23-6
UniDirectional Link Detection protocol
See UDLD
UNIX syslog servers
daemon configuration 28-10
facilities supported 28-12
message logging configuration 28-11
unrecognized Type-Length-Value (TLV) support 13-4
upgrading information
See release notes
upgrading software images
See downloading
UplinkFast
described 18-4
disabling 18-13
enabling 18-12
support for 1-5
uploading
configuration files
preparing B-10, B-13, B-16
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-11
image files
preparing B-22, B-25, B-29
reasons for B-20
using FTP B-28
using RCP B-32
using TFTP B-24
User Datagram Protocol
See UDP
user EXEC mode 2-2
username-based authentication 8-7
V
version-dependent transparent mode 13-4
virtual IP address
cluster standby group 5-11, 5-19
command switch 5-11, 5-19
See also IP addresses
virtual router 34-1, 34-2
vlan.dat file 12-5
VLAN 1, disabling on a trunk port 12-22
VLAN 1 minimization 12-21
VLAN ACLs
See VLAN maps
vlan-assignment response, VMPS 12-28
VLAN configuration
at bootup 12-8
saving 12-8
VLAN configuration mode 2-2, 12-7
VLAN database
and startup configuration file 12-8
and VTP 13-1
VLAN configuration saved in 12-7
VLANs saved in 12-4
vlan database command 12-7
VLAN filtering and SPAN 26-6
vlan global configuration command 12-7
VLAN ID, discovering 6-27
VLAN management domain 13-2
VLAN Management Policy Server
See VMPS
VLAN map entries, order of 30-29
VLAN maps
applying 30-33
common uses for 30-33
configuration example 30-34
configuration guidelines 30-29
configuring 30-29
creating 30-30
defined 30-2
denying access example 30-35
denying and permitting packets 30-31
displaying 30-40
examples 30-35
removing 30-33
support for 1-6
with router ACLs 30-39
VLAN membership
confirming 12-31
modes 12-3
VLAN Query Protocol
See VQP
VLANs
adding 12-9
adding to VLAN database 12-9
aging dynamic addresses 16-9
allowed on trunk 12-21
and spanning-tree instances 12-3, 12-6, 12-13
configuration guidelines, extended-range VLANs 12-13
configuration guidelines, normal-range VLANs 12-6
configuration options 12-7
configuring 12-1
configuring IDs 1006 to 4094 12-13
connecting through SVIs 10-6
creating in config-vlan mode 12-9
creating in VLAN configuration mode 12-10
default configuration 12-8
deleting 12-10
described 10-2, 12-1
displaying 12-15
extended-range 12-1, 12-12
features 1-5
illustrated 12-2
internal 12-13
limiting source traffic with RSPAN 26-22
limiting source traffic with SPAN 26-15
modifying 12-9
native, configuring 12-23
normal-range 12-1, 12-4
number supported 1-5
parameters 12-5
port membership modes 12-3
static-access ports 12-11
STP and 802.1Q trunks 16-10
supported 12-3
Token Ring 12-6
traffic between 12-2
VLAN-bridge STP 16-11, 37-1
VTP modes 13-3
VLAN Trunking Protocol
See VTP
VLAN trunks 12-16, 12-17
VMPS
administering 12-32
configuration example 12-33
configuration guidelines 12-29
default configuration 12-29
description 12-27
dynamic port membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
entering server address 12-30
mapping MAC addresses to VLANs 12-28
monitoring 12-32
reconfirmation interval, changing 12-31
reconfirming membership 12-31
retry count, changing 12-32
voice-over-IP 15-1
voice VLAN
Cisco 7960 phone, port connections 15-1
configuration guidelines 7-2, 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-6
trust CoS priority of incoming frame 15-6
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-4
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-6
VQP 1-5, 12-27
VTP
adding a client to a domain 13-14
advertisements 12-19, 13-3
and extended-range VLANs 13-1
and normal-range VLANs 13-2
VTP (continued)
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-7
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-6
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
modes
client 13-3, 13-11
server 13-3, 13-9
transitions 13-3
transparent 13-3, 13-12
monitoring 13-15
passwords 13-8
pruning
disabling 13-14
enabling 13-13
examples 13-5
overview 13-4
support for 1-6
pruning-eligible list, changing 12-22
server mode, configuring 13-9
VTP (continued)
statistics 13-15
support for 1-6
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-8
Version 1 13-4
Version 2
configuration guidelines 13-8
disabling 13-13
enabling 13-12
overview 13-4
W
weighted tail drop
See WTD
wizards 1-2, 3-6
WTD
described 31-11
setting thresholds
egress queue-sets 31-60
ingress queues 31-55
support for 1-7, 1-8
X
Xmodem protocol 38-2