A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
Index
A
AAA down policy, NAC Layer 2 IP validation 10
abbreviating commands 4
ABRs 24
AC (command switch) 10
access-class command 19
access control entries
See ACEs
access control entry (ACE) 3
access-denied response, VMPS 28
access groups
applying IPv4 ACLs to interfaces 20
Layer 2 20
Layer 3 20
accessing
clusters, switch 13
command switches 11
member switches 13
switch clusters 13
access lists
See ACLs
access ports
and Layer 2 protocol tunneling 11
defined 3
in switch clusters 9
access template 1
accounting
with 802.1x 39
with IEEE 802.1x 8
with RADIUS 28
with TACACS+ 11, 17
ACEs
and QoS 7
defined 2
Ethernet 2
IP 2
ACLs
ACEs 2
any keyword 12
applying
on bridged packets 37
on multicast packets 39
on routed packets 38
on switched packets 37
time ranges to 16
to an interface 19, 7
to IPv6 interfaces 7
to QoS 7
classifying traffic for QoS 43
comments in 18
compiling 21
defined 1, 7
examples of 21, 43
extended IP, configuring for QoS classification 44
extended IPv4
creating 10
matching criteria 7
hardware and software handling 21
host keyword 12
IP
creating 7
fragments and QoS guidelines 33
implicit deny 9, 13, 15
implicit masks 9
matching criteria 7
undefined 20
IPv4
applying to interfaces 19
creating 7
matching criteria 7
named 14
numbers 8
terminal lines, setting on 18
unsupported features 6
IPv6
applying to interfaces 7
configuring 4, 5
displaying 8
interactions with other features 4
limitations 3
matching criteria 3
named 3
precedence of 2
supported 2
unsupported features 3
Layer 4 information in 36
logging messages 8
MAC extended 26, 45
matching 7, 20, 3
monitoring 39, 8
named, IPv4 14
named, IPv6 3
names 4
number per QoS class map 33
port 2
precedence of 2
QoS 7, 43
resequencing entries 14
router 2
router ACLs and VLAN map configuration guidelines 36
standard IP, configuring for QoS classification 43
standard IPv4
creating 9
matching criteria 7
support for 9
support in hardware 21
time ranges 16
types supported 2
unsupported features, IPv4 6
unsupported features, IPv6 3
using router ACLs with VLAN maps 35
VLAN maps
configuration guidelines 29
configuring 28
active link 4, 5, 6
active links 2
active router 1
active traffic monitoring, IP SLAs 1
address aliasing 2
addresses
displaying the MAC address table 27
dynamic
accelerated aging 8
changing the aging time 21
default aging 8
defined 19
learning 20
removing 22
IPv6 2
MAC, discovering 27
multicast
group address range 3
STP address management 8
static
adding and removing 24
defined 19
address resolution 27, 8
Address Resolution Protocol
See ARP
adjacency tables, with CEF 76
administrative distances
defined 89
OSPF 30
routing protocol defaults 79
advanced IP services image 1
advertisements
CDP 1
LLDP 2
RIP 19
VTP 19, 3
aggregatable global unicast addresses 3
aggregate addresses, BGP 57
aggregated ports
See EtherChannel
aggregate policers 58
aggregate policing 11
aging, accelerating 8
aging time
accelerated
for MSTP 23
for STP 8, 21
MAC address table 21
maximum
for MSTP 23, 24
for STP 21, 22
alarms, RMON 3
allowed-VLAN list 21
AP1250 (Cisco wireless access point) 7
application engines, redirecting traffic to 1
area border routers
See ABRs
ARP
configuring 9
defined 5, 27, 8
encapsulation 9
static cache configuration 9
table
address resolution 27
managing 27
ASBRs 24
AS-path filters, BGP 51
asymmetrical links, and IEEE 802.1Q tunneling 4
attributes, RADIUS
vendor-proprietary 31
vendor-specific 29
authentication
EIGRP 38
HSRP 10
local mode with AAA 36
NTP associations 4
RADIUS
key 21
login 23
TACACS+
defined 11
key 13
login 14
See also port-based authentication
authentication failed VLAN
See restricted VLAN
authentication keys, and routing protocols 89
authoritative time source, described 2
authorization
with RADIUS 27
with TACACS+ 11, 16
authorized ports with IEEE 802.1x 7
autoconfiguration 3
automatic discovery
considerations
beyond a noncandidate device 7
brand new switches 9
connectivity 4
different VLANs 6
management VLANs 7
non-CDP-capable devices 6
noncluster-capable devices 6
routed ports 8
in switch clusters 4
See also CDP
automatic QoS
See QoS
automatic recovery, clusters 10
See also HSRP
auto-MDIX
configuring 21
described 21
autonegotiation
duplex mode 3
interface configuration guidelines 18
mismatches 11
autonomous system boundary routers
See ASBRs
autonomous systems, in BGP 45
Auto-RP, described 6
autosensing, port speed 3
autostate exclude 5
auxiliary VLAN
See voice VLAN
availability, features 7
B
BackboneFast
described 5
disabling 14
enabling 13
support for 7
backup interfaces
See Flex Links
backup links 2
backup static routing, configuring 12
banners
configuring
login 18
message-of-the-day login 18
default configuration 17
when displayed 17
Berkeley r-tools replacement 48
BGP
aggregate addresses 57
aggregate routes, configuring 57
CIDR 57
clear commands 60
community filtering 54
configuring neighbors 55
default configuration 42
described 42
enabling 45
monitoring 60
multipath support 49
neighbors, types of 45
path selection 49
peers, configuring 55
prefix filtering 53
resetting sessions 48
route dampening 59
route maps 51
route reflectors 58
routing domain confederation 58
routing session with multi-VRF CE 71
show commands 60
supernets 57
support for 12
Version 4 42
binding cluster group and HSRP group 12
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 6
DHCP snooping database 6
IP source guard 15
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 7
Boolean expressions in tracked lists 4
booting
boot loader, function of 2
boot process 2
manually 17
specific image 18
boot loader
accessing 18
described 2
environment variables 18
prompt 18
trap-door mechanism 2
bootstrap router (BSR), described 7
Border Gateway Protocol
See BGP
BPDU
error-disabled state 2
filtering 3
RSTP format 12
BPDU filtering
described 3
disabling 12
enabling 12
support for 7
BPDU guard
described 2
disabling 12
enabling 11
support for 7
bridged packets, ACLs on 37
bridge groups
See fallback bridging
bridge protocol data unit
See BPDU
broadcast flooding 16
broadcast packets
directed 13
flooded 13
broadcast storm-control command 4
broadcast storms 1, 13
C
cables, monitoring for unidirectional links 1
candidate switch
automatic discovery 4
defined 3
requirements 3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 44
defined 42
CDP
and trusted boundary 39
automatic discovery in switch clusters 4
configuring 2
default configuration 2
defined with LLDP 1
described 1
disabling for routing device3to 4
enabling and disabling
on an interface 4
on a switch 3
Layer 2 protocol tunneling 7
monitoring 4
overview 1
power negotiation extensions 7
support for 6
transmission timer and holdtime, setting 2
updates 2
CEF
defined 76
enabling 77
IPv6 19
CGMP
as IGMP snooping learning method 9
clearing cached group entries 60
enabling server support 43
joining multicast group 3
overview 9
server support only 9
switch support of 4
CIDR 57
CipherSuites 43
Cisco 7960 IP Phone 1
Cisco AP1250 wireless access point 7
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco intelligent power management 7
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
See IFS
Cisco IOS IP SLAs 1
CiscoWorks 2000 5, 4
CIST regional root
See MSTP
CIST root
See MSTP
civic location 3
classless interdomain routing
See CIDR
classless routing 6
class maps for QoS
configuring 46
described 7
displaying 78
class of service
See CoS
clearing interfaces 31
CLI
abbreviating commands 4
command modes 1
configuration logging 5
described 5
editing features
enabling and disabling 7
keystroke editing 7
wrapped lines 9
error messages 5
filtering command output 10
getting help 3
history
changing the buffer size 6
described 6
disabling 7
recalling commands 6
managing clusters 14
no and default forms of commands 4
client mode, VTP 3
client processes, tracking 1
clock
See system clock
clusters, switch
accessing 13
automatic discovery 4
automatic recovery 10
benefits 2
compatibility 4
described 1
LRE profile considerations 14
managing
through CLI 14
through SNMP 15
planning 4
planning considerations
automatic discovery 4
automatic recovery 10
CLI 14
host names 13
IP addresses 13
LRE profiles 14
passwords 13
RADIUS 14
SNMP 14, 15
TACACS+ 14
See also candidate switch, command switch, cluster standby group, member switch, and standby command switch
cluster standby group
and HSRP group 12
automatic recovery 12
considerations 11
defined 2
requirements 3
virtual IP address 11
See also HSRP
CNS 5
Configuration Engine
configID, deviceID, hostname 3
configuration service 2
described 1
event service 3
embedded agents
described 5
enabling automated configuration 6
enabling configuration agent 9
enabling event agent 7
management functions 5
Coarse Wave Division Multiplexer
See CWDM SFPs
command-line interface
See CLI
command modes 1
commands
abbreviating 4
no and default 4
commands, setting privilege levels 8
command switch
accessing 11
active (AC) 10
configuration conflicts 11
defined 2
passive (PC) 10
password privilege levels 15
priority 10
recovery
from command-switch failure 10, 7
from lost member connectivity 11
redundant 10
replacing
with another switch 9
with cluster member 8
requirements 3
standby (SC) 10
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 54
community ports 2
community strings
configuring 14, 8
for cluster switches 4
in clusters 14
overview 4
SNMP 14
community VLANs 2, 3
compatibility, feature 12
config.text 16
configurable leave timer, IGMP 6
configuration, initial
defaults 14
Express Setup 2
configuration changes, logging 10
configuration conflicts, recovering from lost member connectivity 11
configuration examples, network 17
configuration files
archiving 18
clearing the startup configuration 18
creating using a text editor 9
default name 16
deleting a stored configuration 18
described 7
downloading
automatically 16
preparing 9, 12, 15
reasons for 7
using FTP 12
using RCP 16
using TFTP 10
guidelines for creating and using 8
guidelines for replacing and rolling back 20
invalid combinations when copying 4
limiting TFTP server access 15
obtaining with DHCP 8
password recovery disable considerations 5
replacing a running configuration 18, 19
rolling back a running configuration 18, 19
specifying the filename 16
system contact and location information 15
types and location 8
uploading
preparing 9, 12, 15
reasons for 7
using FTP 13
using RCP 17
using TFTP 10
configuration guidelines, multi-VRF CE 64
configuration logger 10
configuration logging 5
configuration replacement 18
configuration rollback 18
configuration settings, saving 15
configure terminal command 11
configuring port-based authentication violation modes 31
configuring small-frame arrival rate 5
config-vlan mode 2, 7
conflicts, configuration 11
connections, secure remote 37
connectivity problems 13, 14, 16
consistency checks in VTP Version 2 4
console port, connecting to 10
content-routing technology
See WCCP
control protocol, IP SLAs 4
corrupted software, recovery steps with Xmodem 2
CoS
in Layer 2 frames 2
override priority 6
trust priority 6
CoS input queue threshold map for QoS 16
CoS output queue threshold map for QoS 18
CoS-to-DSCP map for QoS 60
counters, clearing interface 31
CPU utilization, troubleshooting 24
crashinfo file 23
critical authentication, IEEE 802.1x 43
cryptographic software image
Kerberos 32
SSH 37
SSL 41
customer edge devices 62
CWDM SFPs 22
D
daylight saving time 13
debugging
enabling all system diagnostics 20
enabling for a specific feature 19
redirecting error message output 20
using commands 19
default commands 4
default configuration
802.1x 25
auto-QoS 20
banners 17
BGP 42
booting 16
CDP 2
DHCP 8
DHCP option 82 8
DHCP snooping 8
DHCP snooping binding database 8
DNS 16
dynamic ARP inspection 5
EIGRP 35
EtherChannel 9
Ethernet interfaces 15
fallback bridging 3
Flex Links 7, 8
HSRP 5
IEEE 802.1Q tunneling 4
IGMP 37
IGMP filtering 25
IGMP snooping 7, 5, 6
IGMP throttling 25
initial switch information 3
IP addressing, IP routing 4
IP multicast routing 10
IP SLAs 6
IP source guard 16
IPv6 10
Layer 2 interfaces 15
Layer 2 protocol tunneling 11
LLDP 3
MAC address table 21
MAC address-table move update 8
MSDP 4
MSTP 14
multi-VRF CE 64
MVR 20
NTP 4
optional spanning-tree configuration 9
OSPF 25
password and privilege level 2
PIM 10
private VLANs 6
RADIUS 20
RIP 19
RMON 3
RSPAN 9
SDM template 3
SNMP 6
SPAN 9
SSL 44
standard QoS 30
STP 11
system message logging 3
system name and prompt 15
TACACS+ 13
UDLD 4
VLAN, Layer 2 Ethernet interfaces 19
VLANs 8
VMPS 29
voice VLAN 3
VTP 6
WCCP 5
default gateway 14, 11
default networks 79
default router preference
See DRP
default routes 79
default routing 2
deleting VLANs 10
denial-of-service attack 1
description command 25
designing your network, examples 17
destination addresses
in IPv4 ACLs 11
in IPv6 ACLs 5
destination-IP address-based forwarding, EtherChannel 7
destination-MAC address forwarding, EtherChannel 7
detecting indirect link failures, STP 5
device 22
device discovery protocol 1
device manager
benefits 2
described 2, 5
in-band management 6
upgrading a switch 22
DHCP
Cisco IOS server database
configuring 14
default configuration 8
described 6
DHCP for IPv6
See DHCPv6
enabling
relay agent 10
server 10
DHCP-based autoconfiguration
client request message exchange 4
configuring
client side 3
DNS 7
relay device 8
server side 6
server-side 10
TFTP server 7
example 9
lease options
for IP address information 6
for receiving the configuration file 6
overview 3
relationship to BOOTP 4
relay support 5, 13
support for 5
DHCP-based autoconfiguration and image update
configuring11to 13
understanding 5
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP object tracking, configuring primary interface 11
DHCP option 82
circuit ID suboption 5
configuration guidelines 9
default configuration 8
displaying 15
forwarding address, specifying 10
helper address 10
overview 3
packet format, suboption
circuit ID 5
remote ID 5
remote ID suboption 5
DHCP server port-based address allocation
configuration guidelines 20
default configuration 19
described 19
displaying 22
enabling 20
DHCP server port-based address assignment
support for 5
DHCP snooping
accepting untrusted packets form edge switch 3, 12
and private VLANs 13
binding database
See DHCP snooping binding database
configuration guidelines 9
default configuration 8
displaying binding tables 15
message exchange process 4
option 82 data insertion 3
trusted interface 2
untrusted interface 2
untrusted messages 2
DHCP snooping binding database
adding bindings 14
binding file
format 7
location 6
bindings 6
clearing agent statistics 15
configuration guidelines 9
configuring 14
default configuration 8
deleting
binding file 14
bindings 15
database agent 14
described 6
displaying 15
binding entries 15
status and statistics 15
enabling 14
entry 6
renewing database 15
resetting
delay value 14
timeout value 14
DHCP snooping binding table
See DHCP snooping binding database
DHCPv6
configuration guidelines 14
default configuration 14
described 6
enabling client function 17
enabling DHCPv6 server function 15
support for 13
Differentiated Services architecture, QoS 2
Differentiated Services Code Point 2
Diffusing Update Algorithm (DUAL) 33
directed unicast requests 5
directories
changing 3
creating and removing 3
displaying the working 3
discovery, clusters
See automatic discovery
Distance Vector Multicast Routing Protocol
See DVMRP
distance-vector protocols 3
distribute-list command 88
DNS
and DHCP-based autoconfiguration 7
default configuration 16
displaying the configuration 17
in IPv6 4
overview 15
setting up 16
support for 5
DNS-based SSM mapping 18, 20
domain names
DNS 15
VTP 8
Domain Name System
See DNS
dot1q-tunnel switchport mode 18
double-tagged packets
IEEE 802.1Q tunneling 2
Layer 2 protocol tunneling 10
downloading
configuration files
preparing 9, 12, 15
reasons for 7
using FTP 12
using RCP 16
using TFTP 10
image files
deleting old image 26
preparing 24, 28, 32
reasons for 22
using CMS 3
using FTP 29
using HTTP 3, 22
using RCP 33
using TFTP 25
using the device manager or Network Assistant 22
drop threshold for Layer 2 protocol packets 11
DRP
configuring 12
described 4
IPv6 4
support for 13
DSCP 11, 2
DSCP input queue threshold map for QoS 16
DSCP output queue threshold map for QoS 18
DSCP-to-CoS map for QoS 63
DSCP-to-DSCP-mutation map for QoS 64
DSCP transparency 40
DTP 8, 17
dual-action detection 5
DUAL finite state machine, EIGRP 34
dual IPv4 and IPv6 templates 2, 5, 6
dual protocol stacks
IPv4 and IPv6 6
SDM templates supporting 6
dual-purpose uplinks
defined 6
LEDs 6
link selection 6, 16
setting the type 16
DVMRP
autosummarization
configuring a summary address 57
disabling 59
connecting PIM domain to DVMRP router 50
enabling unicast routing 53
interoperability
with Cisco devices 48
with Cisco IOS software 9
mrinfo requests, responding to 52
neighbors
advertising the default route to 51
discovery with Probe messages 48
displaying information 52
prevent peering with nonpruning 55
rejecting nonpruning 54
overview 8
routes
adding a metric offset 59
advertising all 59
advertising the default route to neighbors 51
caching DVMRP routes learned in report messages 53
changing the threshold for syslog messages 56
deleting 60
displaying 61
favoring one over another 59
limiting the number injected into MBONE 56
limiting unicast route advertisements 48
routing table 9
source distribution tree, building 9
support for 13
tunnels
configuring 50
displaying neighbor information 52
dynamic access ports
characteristics 3
configuring 30
defined 3
dynamic addresses
See addresses
dynamic ARP inspection
ARP cache poisoning 1
ARP requests, described 1
ARP spoofing attack 1
clearing
log buffer 14
statistics 14
configuration guidelines 6
configuring
ACLs for non-DHCP environments 8
in DHCP environments 7
log buffer 12
rate limit for incoming ARP packets 4, 10
default configuration 5
denial-of-service attacks, preventing 10
described 1
DHCP snooping binding database 2
displaying
ARP ACLs 14
configuration and operating state 14
log buffer 14
statistics 14
trust state and rate limit 14
error-disabled state for exceeding rate limit 4
function of 2
interface trust states 3
log buffer
clearing 14
configuring 12
displaying 14
logging of dropped packets, described 4
man-in-the middle attack, described 2
network security issues and interface trust states 3
priority of ARP ACLs and DHCP snooping entries 4
rate limiting of ARP packets
configuring 10
described 4
error-disabled state 4
statistics
clearing 14
displaying 14
validation checks, performing 11
dynamic auto trunking mode 18
dynamic desirable trunking mode 18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 28
reconfirming 31
troubleshooting 33
types of connections 30
dynamic routing 3
Dynamic Trunking Protocol
See DTP
E
EBGP 41
editing features
enabling and disabling 7
keystrokes used 7
wrapped lines 9
EIGRP
authentication 38
components 34
configuring 36
default configuration 35
definition 33
interface parameters, configuring 37
monitoring 40
stub routing 39
ELIN location 3
embedded event manager
actions 3
configuring 1, 5
displaying information 7
environmental variables 4
event detectors 2
policies 4
registering and defining an applet 5
registering and defining a TCL script 6
understanding 1
enable password 3
enable secret password 3
encryption, CipherSuite 43
encryption for passwords 3
Enhanced IGRP
See EIGRP
enhanced object tracking
backup static routing 12
commands 1
defined 1
DHCP primary interface 11
HSRP 7
IP routing state 2
IP SLAs 9
line-protocol state 2
network monitoring with IP SLAs 11
routing policy, configuring 12
static route primary interface 10
tracked lists 3
enhanced object tracking static routing 10
enhanced PoE 7
environmental variables, embedded event manager 4
environment variables, function of 19
equal-cost routing 12, 78
error-disabled state, BPDU 2
error messages during command entry 5
EtherChannel
automatic creation of 4, 5
channel groups
binding physical and logical interfaces 3
numbering of 3
configuration guidelines 9
configuring
Layer 2 interfaces 10
Layer 3 physical interfaces 14
Layer 3 port-channel logical interfaces 13
default configuration 9
described 2
displaying status 20
forwarding methods 7, 16
IEEE 802.3ad, described 5
interaction
with STP 10
with VLANs 10
LACP
described 5
displaying status 20
hot-standby ports 18
interaction with other features 6
modes 6
port priority 19
system priority 19
Layer 3 interface 3
load balancing 7, 16
logical interfaces, described 3
PAgP
aggregate-port learners 16
compatibility with Catalyst 1900 17
described 4
displaying status 20
interaction with other features 5
interaction with virtual switches 5
learn method and priority configuration 16
modes 4
support for 3
with dual-action detection 5
port-channel interfaces
described 3
numbering of 3
port groups 6
support for 3
EtherChannel guard
described 7
disabling 14
enabling 14
Ethernet VLANs
adding 9
defaults and ranges 8
modifying 9
EUI 3
event detectors, embedded event manager 2
events, RMON 3
examples
network configuration 17
expedite queue for QoS 76
Express Setup 2
See also getting started guide
extended crashinfo file 23
extended-range VLANs
configuration guidelines 13
configuring 12
creating 13
creating with an internal VLAN ID 15
defined 1
extended system ID
MSTP 17
STP 4, 14
extended universal identifier
See EUI
Extensible Authentication Protocol over LAN 1
external BGP
See EBGP
external neighbors, BGP 45
F
fa0 interface 6
fallback bridging
and protected ports 3
bridge groups
creating 3
described 1
displaying 10
function of 2
number supported 4
removing 4
bridge table
clearing 10
displaying 10
configuration guidelines 3
connecting interfaces with 10
default configuration 3
described 1
frame forwarding
flooding packets 2
forwarding packets 2
overview 1
protocol, unsupported 3
STP
disabling on an interface 9
forward-delay interval 8
hello BPDU interval 8
interface priority 6
keepalive messages 2
maximum-idle interval 9
path cost 6
VLAN-bridge spanning-tree priority 5
VLAN-bridge STP 2
support for 12
SVIs and routed ports 1
unsupported protocols 3
VLAN-bridge STP 10
Fast Convergence 3
features, incompatible 12
FIB 76
fiber-optic, detecting unidirectional links 1
files
basic crashinfo
description 23
location 23
copying 4
crashinfo, description 23
deleting 4
displaying the contents of 7
extended crashinfo
description 23
location 23
tar
creating 5
displaying the contents of 5
extracting 6
image file format 23
file system
displaying available file systems 2
displaying file information 2
local file system names 1
network file system names 4
setting the default 2
filtering
in a VLAN 28
IPv6 traffic 4, 7
non-IP traffic 26
show and more command output 10
filtering show and more command output 10
filters, IP
See ACLs, IP
flash device, number of 1
Flex Link Multicast Fast Convergence 3
Flex Links
configuration guidelines 8
configuring 8, 9
configuring preferred VLAN 11
configuring VLAN load balancing 10
default configuration 7
description 1
link load balancing 2
monitoring 14
VLANs 2
flooded traffic, blocking 8
flow-based packet classification 11
flowcharts
QoS classification 6
QoS egress queueing and scheduling 17
QoS ingress queueing and scheduling 15
QoS policing and marking 10
flowcontrol
configuring 20
described 20
forward-delay time
MSTP 23
STP 21
Forwarding Information Base
See FIB
forwarding nonroutable protocols 1
FTP
accessing MIB files 3
configuration files
downloading 12
overview 11
preparing the server 12
uploading 13
image files
deleting old image 30
downloading 29
preparing the server 28
uploading 30
G
general query 5
Generating IGMP Reports 3
get-bulk-request operation 3
get-next-request operation 3, 4
get-request operation 3, 4
get-response operation 3
global configuration mode 2
global leave, IGMP 13
guest VLAN and 802.1x 12
guide mode 3
GUIs
See device manager and Network Assistant
H
hardware limitations and Layer 3 interfaces 27
hello time
MSTP 22
STP 20
help, for the command line 3
hierarchical policy maps 8
configuration guidelines 33
configuring 52
described 11
history
changing the buffer size 6
described 6
disabling 7
recalling commands 6
history table, level and number of syslog messages 10
host names, in clusters 13
host ports
configuring 11
kinds of 2
hosts, limit on dynamic ports 33
Hot Standby Router Protocol
See HSRP
HP OpenView 5
HSRP
authentication string 10
automatic cluster recovery 12
binding to cluster group 12
cluster standby group considerations 11
command-switch redundancy 1, 7
configuring 4
default configuration 5
definition 1
guidelines 5
monitoring 13
object tracking 7
overview 1
priority 7
routing redundancy 12
support for ICMP redirect messages 12
timers 10
tracking 8
See also clusters, cluster standby group, and standby command switch
HSRP for IPv6
configuring 25
guidelines 24
HTTP over SSL
see HTTPS
HTTPS 42
configuring 45
self-signed certificate 42
HTTP secure server 42
I
IBPG 41
ICMP
IPv6 4
redirect messages 11
support for 12
time-exceeded messages 16
traceroute and 16
unreachable messages 19
unreachable messages and IPv6 4
unreachables and ACLs 21
ICMP Echo operation
configuring 12
IP SLAs 11
ICMP ping
executing 13
overview 13
ICMP Router Discovery Protocol
See IRDP
ICMPv6 4
IDS appliances
and ingress RSPAN 20
and ingress SPAN 13
IEEE 802.1D
See STP
IEEE 802.1p 1
IEEE 802.1Q
and trunk ports 3
configuration limitations 19
encapsulation 16
native VLAN for untagged traffic 23
tunneling
compatibility with other features 6
defaults 4
described 1
tunnel ports with other features 6
IEEE 802.1s
See MSTP
IEEE 802.1w
See RSTP
IEEE 802.1x
See port-based authentication
IEEE 802.3ad
See EtherChannel
IEEE 802.3af
See PoE
IEEE 802.3x flow control 20
ifIndex values, SNMP 5
IFS 6
IGMP
configurable leave timer
described 6
enabling 11
configuring the switch
as a member of a group 38
statically connected member 42
controlling access to groups 39
default configuration 37
deleting cache entries 61
displaying groups 61
fast switching 42
flooded multicast traffic
controlling the length of time 12
disabling on an interface 13
global leave 13
query solicitation 13
recovering from flood mode 13
host-query interval, modifying 40
joining multicast group 3
join messages 3
leave processing, enabling 11, 8
leaving multicast group 5
multicast reachability 38
overview 3
queries 4
report suppression
described 6
disabling 16, 11
supported versions 3
support for 4
Version 1
changing to Version 2 40
described 3
Version 2
changing to Version 1 40
described 3
maximum query response time value 42
pruning groups 42
query timeout value 41
IGMP filtering
configuring 25
default configuration 25
described 24
monitoring 29
support for 4
IGMP groups
configuring filtering 28
setting the maximum number 27
IGMP helper 4, 6
IGMP Immediate Leave
configuration guidelines 11
described 5
enabling 11
IGMP profile
applying 27
configuration mode 25
configuring 26
IGMP snooping
and address aliasing 2
configuring 7
default configuration 7, 5, 6
definition 2
enabling and disabling 7, 6
global configuration 7
Immediate Leave 5
method 8
monitoring 16, 11
querier
configuration guidelines 14
configuring 14
supported versions 3
support for 4
VLAN configuration 8
IGMP throttling
configuring 28
default configuration 25
described 25
displaying action 29
IGP 24
Immediate Leave, IGMP 5
enabling 8
inaccessible authentication bypass 14
initial configuration
defaults 14
Express Setup 2
interface
number 11
range macros 13
interface command 11
interface configuration mode 3
interfaces
auto-MDIX, configuring 21
configuration guidelines
duplex and speed 18
configuring
procedure 11
counters, clearing 31
default configuration 15
described 25
descriptive name, adding 25
displaying information about 30
flow control 20
management 5
monitoring 30
naming 25
physical, identifying 10, 11
range of 12
restarting 32
shutting down 32
speed and duplex, configuring 18
status 30
supported 10
types of 1
interfaces range macro command 13
interface types 11
Interior Gateway Protocol
See IGP
internal BGP
See IBGP
internal neighbors, BGP 45
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Internet Protocol version 6
See IPv6
Inter-Switch Link
See ISL
inter-VLAN routing 12, 2
Intrusion Detection System
See IDS appliances
inventory management TLV 2, 6
IP ACLs
for QoS classification 7
implicit deny 9, 13
implicit masks 9
named 14
undefined 20
IP addresses
128-bit 2
candidate or member 3, 13
classes of 5
cluster access 2
command switch 3, 11, 13
default configuration 4
discovering 27
for IP routing 4
IPv6 2
MAC address association 8
monitoring 17
redundant clusters 11
standby command switch 11, 13
See also IP information
IP base image 1
IP broadcast address 15
ip cef distributed command 77
IP directed broadcasts 13
ip igmp profile command 25
IP information
assigned
manually 14
through DHCP-based autoconfiguration 3
default configuration 3
IP multicast routing
addresses
all-hosts 3
all-multicast-routers 3
host group address range 3
administratively-scoped boundaries, described 45
and IGMP snooping 2
Auto-RP
adding to an existing sparse-mode cloud 25
benefits of 25
clearing the cache 61
configuration guidelines 11
filtering incoming RP announcement messages 28
overview 6
preventing candidate RP spoofing 28
preventing join messages to false RPs 27
setting up in a new internetwork 25
using with BSR 33
bootstrap router
configuration guidelines 11
configuring candidate BSRs 31
configuring candidate RPs 32
defining the IP multicast boundary 30
defining the PIM domain border 29
overview 7
using with Auto-RP 33
Cisco implementation 2
configuring
basic multicast routing 11
IP multicast boundary 45
default configuration 10
enabling
multicast forwarding 12
PIM mode 13
group-to-RP mappings
Auto-RP 6
BSR 7
MBONE
deleting sdr cache entries 61
described 44
displaying sdr cache 62
enabling sdr listener support 45
limiting DVMRP routes advertised 56
limiting sdr cache entry lifetime 45
SAP packets for conference session announcement 44
Session Directory (sdr) tool, described 44
monitoring
packet rate loss 62
peering devices 62
tracing a path 62
multicast forwarding, described 7
PIMv1 and PIMv2 interoperability 10
protocol interaction 2
reverse path check (RPF) 7
routing table
deleting 61
displaying 61
RP
assigning manually 23
configuring Auto-RP 25
configuring PIMv2 BSR 29
monitoring mapping information 33
using Auto-RP and BSR 33
statistics, displaying system and network 61
See also CGMP
See also DVMRP
See also IGMP
See also PIM
IP phones
and QoS 1
automatic classification and queueing 20
configuring 4
ensuring port security with QoS 38
trusted boundary for QoS 38
IP precedence 2
IP-precedence-to-DSCP map for QoS 61
IP protocols
in ACLs 11
routing 12
IP routes, monitoring 90
IP routing
connecting interfaces with 10
disabling 18
enabling 18
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 1
IP services image 1
IP SLAs
benefits 2
configuration guidelines 6
configuring object tracking 9
Control Protocol 4
default configuration 6
definition 1
ICMP echo operation 11
measuring network performance 3
monitoring 13
multioperations scheduling 5
object tracking 9
operation 3
reachability tracking 9
responder
described 4
enabling 8
response time 4
scheduling 5
SNMP support 2
supported metrics 2
threshold monitoring 6
track object monitoring agent, configuring 11
track state 9
UDP jitter operation 8
IP source guard
and 802.1x 17
and DHCP snooping 15
and EtherChannels 17
and port security 17
and private VLANs 17
and routed ports 17
and TCAM entries 17
and trunk interfaces 17
and VRF 17
binding configuration
automatic 15
manual 15
binding table 15
configuration guidelines 17
default configuration 16
described 15
disabling 18
displaying
bindings 19
configuration 19
enabling 17
filtering
source IP address 16
source IP and MAC address 16
source IP address filtering 16
source IP and MAC address filtering 16
static bindings
adding 17
deleting 18
IP traceroute
executing 17
overview 16
IP unicast routing
address resolution 8
administrative distances 79, 89
ARP 8
assigning IP addresses to Layer 3 interfaces 5
authentication keys 89
broadcast
address 15
flooding 16
packets 13
storms 13
classless routing 6
configuring static routes 78
default
addressing configuration 4
gateways 11
networks 79
routes 79
routing 2
directed broadcasts 13
disabling 18
dynamic routing 3
enabling 18
EtherChannel Layer 3 interface 3
IGP 24
inter-VLAN 2
IP addressing
classes 5
configuring 4
IPv6 3
IRDP 11
Layer 3 interfaces 3
MAC address and IP address 8
passive interfaces 87
protocols
distance-vector 3
dynamic 3
link-state 3
proxy ARP 8
redistribution 80
reverse address resolution 8
routed ports 3
static routing 3
steps to configure 4
subnet mask 5
subnet zero 6
supernet 6
UDP 14
with SVIs 3
See also BGP
See also EIGRP
See also OSPF
See also RIP
IPv4 ACLs
applying to interfaces 19
extended, creating 10
named 14
standard, creating 9
IPv4 and IPv6
dual protocol stacks 5
IPv6
ACLs
displaying 8
limitations 3
matching criteria 3
port 2
precedence 2
router 2
supported 2
addresses 2
address formats 2
applications 5
assigning address 10
autoconfiguration 5
CEFv6 19
configuring static routes 20
default configuration 10
default router preference (DRP) 4
defined 1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 7
EIGRP IPv6 Commands 7
Router ID 7
feature limitations 8
features not supported 8
forwarding 10
ICMP 4
monitoring 27
neighbor discovery 4
OSPF 6
path MTU discovery 4
SDM templates 2, 1
Stateless Autoconfiguration 5
supported features 2
switch limitations 8
understanding static routes 6
IPv6 traffic, filtering 4
IRDP
configuring 12
definition 11
support for 12
ISL
and IPv6 3
and trunk ports 3
encapsulation 8, 16
trunking with IEEE 802.1 tunneling 5
isolated port 2
isolated VLANs 2, 3
J
join messages, IGMP 3
K
KDC
described 32
See also Kerberos
keepalive messages 2
Kerberos
authenticating to
boundary switch 34
KDC 34
network services 35
configuration examples 32
configuring 35
credentials 32
cryptographic software image 32
described 32
KDC 32
operation 34
realm 33
server 33
support for 10
switch as trusted third party 32
terms 33
TGT 34
tickets 32
key distribution center
See KDC
L
l2protocol-tunnel command 13
LACP
Layer 2 protocol tunneling 9
See EtherChannel
LAN base image 1
Layer 2 frames, classification with CoS 2
Layer 2 interfaces, default configuration 15
Layer 2 protocol tunneling
configuring 10
configuring for EtherChannels 14
default configuration 11
defined 8
guidelines 11
Layer 2 traceroute
and ARP 15
and CDP 15
broadcast traffic 15
described 15
IP addresses and subnets 15
MAC addresses and VLANs 15
multicast traffic 15
multiple devices on a port 16
unicast traffic 15
usage guidelines 15
Layer 3 features 12
Layer 3 interfaces
assigning IP addresses to 5
assigning IPv4 and IPv6 addresses to 13
assigning IPv6 addresses to 11
changing from Layer 2 mode 5, 68, 69
types of 3
Layer 3 packets, classification methods 2
LDAP 2
Leaking IGMP Reports 4
LEDs, switch
See hardware installation guide
lightweight directory access protocol
See LDAP
line configuration mode 3
Link Aggregation Control Protocol
See EtherChannel
link failure, detecting unidirectional 7
Link Layer Discovery Protocol
See CDP
link local unicast addresses 3
link redundancy
See Flex Links
links, unidirectional 1
link state advertisements (LSAs) 28
link-state protocols 3
link-state tracking
configuring 23
described 21
LLDP
configuring 3
characteristics 4
default configuration 3
disabling and enabling
globally 4
on an interface 5
monitoring and maintaining 7
overview 1
supported TLVs 2
switch stack considerations 2
transmission timer and holdtime, setting 4
LLDP-MED
configuring
procedures 3
TLVs 6
monitoring and maintaining 7
overview 1, 2
supported TLVs 2
LLDP Media Endpoint Discovery
See LLDP-MED
load balancing 4
local SPAN 2
location TLV 3, 6
logging messages, ACL 8
login authentication
with RADIUS 23
with TACACS+ 14
login banners 17
log messages
See system message logging
Long-Reach Ethernet (LRE) technology 18
loop guard
described 9
enabling 15
support for 7
LRE profiles, considerations in switch clusters 14
M
MAB aging timer 8
MAB inactivity timer
default setting 25
range 28
MAC/PHY configuration status TLV 2
MAC addresses
aging time 21
and VLAN association 20
building the address table 20
default configuration 21
disabling learning on a VLAN 26
discovering 27
displaying 27
displaying in the IP source binding table 19
dynamic
learning 20
removing 22
in ACLs 26
IP address association 8
static
adding 24
allowing 26, 27
characteristics of 24
dropping 25
removing 24
MAC address learning 6
MAC address learning, disabling on a VLAN 26
MAC address notification, support for 13
MAC address-table move update
configuration guidelines 8
configuring 12
default configuration 8
description 6
monitoring 14
MAC address-to-VLAN mapping 28
MAC authentication bypass 10
See MAB
MAC extended access lists
applying to Layer 2 interfaces 27
configuring for QoS 45
creating 26
defined 26
for QoS classification 5
macros
See Smartports macros
magic packet 17
manageability features 5
management access
in-band
browser session 6
CLI session 6
device manager 6
SNMP 6
out-of-band console port connection 6
management address TLV 2
management options
CLI 1
clustering 3
CNS 1
Network Assistant 2
overview 5
management VLAN
considerations in switch clusters 7
discovery through different management VLANs 7
mapping tables for QoS
configuring
CoS-to-DSCP 60
DSCP 60
DSCP-to-CoS 63
DSCP-to-DSCP-mutation 64
IP-precedence-to-DSCP 61
policed-DSCP 62
described 12
marking
action with aggregate policers 58
described 4, 8
matching
IPv6 ACLs 3
matching, IPv4 ACLs 7
maximum aging time
MSTP 23
STP 21
maximum hop count, MSTP 24
maximum number of allowed devices, port-based authentication 28
maximum-paths command 49, 78
MDA
configuration guidelines19to 20
described 9, 19
exceptions with authentication process 4
membership mode, VLAN port 3
member switch
automatic discovery 4
defined 2
managing 14
passwords 13
recovering from lost connectivity 11
requirements 3
See also candidate switch, cluster standby group, and standby command switch
messages, to users through banners 17
metrics, in BGP 49
metric translations, between routing protocols 83
metro tags 2
MHSRP 4
MIBs
accessing files with FTP 3
location of files 3
overview 1
SNMP interaction with 4
supported 1
mirroring traffic for analysis 1
mismatches, autonegotiation 11
module number 11
monitoring
access groups 39
BGP 60
cables for unidirectional links 1
CDP 4
CEF 77
EIGRP 40
fallback bridging 10
features 13
Flex Links 14
HSRP 13
IEEE 802.1Q tunneling 17
IGMP
filters 29
snooping 16, 11
interfaces 30
IP
address tables 17
multicast routing 60
routes 90
IP SLAs operations 13
IPv4 ACL configuration 39
IPv6 27
IPv6 ACL configuration 8
Layer 2 protocol tunneling 17
MAC address-table move update 14
MSDP peers 18
multicast router interfaces 17, 11
multi-VRF CE 75
MVR 24
network traffic for analysis with probe 2
object tracking 12
OSPF 32
port
blocking 19
protection 19
private VLANs 14
RP mapping information 33
SFP status 31, 13
source-active messages 18
speed and duplex mode 19
SSM mapping 21
traffic flowing among switches 1
traffic suppression 19
tunneling 17
VLAN
filters 40
maps 40
VLANs 16
VMPS 32
VTP 16
mrouter Port 3
mrouter port 5
MSDP
benefits of 3
clearing MSDP connections and statistics 18
controlling source information
forwarded by switch 11
originated by switch 8
received by switch 13
default configuration 4
dense-mode regions
sending SA messages to 16
specifying the originating address 17
filtering
incoming SA messages 14
SA messages to a peer 12
SA requests from a peer 10
join latency, defined 6
meshed groups
configuring 15
defined 15
originating address, changing 17
overview 1
peer-RPF flooding 2
peers
configuring a default 4
monitoring 18
peering relationship, overview 1
requesting source information from 8
shutting down 15
source-active messages
caching 6
clearing cache entries 18
defined 2
filtering from a peer 10
filtering incoming 14
filtering to a peer 12
limiting data with TTL 13
monitoring 18
restricting advertised sources 9
support for 12
MSTP
boundary ports
configuration guidelines 15
described 6
BPDU filtering
described 3
enabling 12
BPDU guard
described 2
enabling 11
CIST, described 3
CIST regional root 3
CIST root 5
configuration guidelines 14, 10
configuring
forward-delay time 23
hello time 22
link type for rapid convergence 24
maximum aging time 23
maximum hop count 24
MST region 15
neighbor type 25
path cost 20
port priority 19
root switch 17
secondary root switch 18
switch priority 21
CST
defined 3
operations between regions 3
default configuration 14
default optional feature configuration 9
displaying status 26
enabling the mode 15
EtherChannel guard
described 7
enabling 14
extended system ID
effects on root switch 17
effects on secondary root switch 18
unexpected behavior 17
IEEE 802.1s
implementation 6
port role naming change 6
terminology 5
instances supported 9
interface state, blocking to forwarding 2
interoperability and compatibility among modes 10
interoperability with IEEE 802.1D
described 8
restarting migration process 25
IST
defined 2
master 3
operations within a region 3
loop guard
described 9
enabling 15
mapping VLANs to MST instance 16
MST region
CIST 3
configuring 15
described 2
hop-count mechanism 5
IST 2
supported spanning-tree instances 2
optional features supported 7
overview 2
Port Fast
described 2
enabling 10
preventing root switch selection 8
root guard
described 8
enabling 15
root switch
configuring 17
effects of extended system ID 17
unexpected behavior 17
shutdown Port Fast-enabled port 2
status, displaying 26
multicast groups
Immediate Leave 5
joining 3
leaving 5
static joins 10, 7
multicast packets
ACLs on 39
blocking 8
multicast router interfaces, monitoring 17, 11
multicast router ports, adding 9, 8
Multicast Source Discovery Protocol
See MSDP
multicast storm 1
multicast storm-control command 4
multicast television application 18
multicast VLAN 17
Multicast VLAN Registration
See MVR
multidomain authentication
See MDA
multioperations scheduling, IP SLAs 5
Multiple HSRP
See MHSRP
multiple VPN routing/forwarding in customer edge devices
See multi-VRF CE
multi-VRF CE
configuration example 72
configuration guidelines 64
configuring 64
default configuration 64
defined 61
displaying 75
monitoring 75
network components 64
packet-forwarding process 63
support for 12
MVR
and address aliasing 21
and IGMPv3 21
configuration guidelines 20
configuring interfaces 22
default configuration 20
described 17
example application 18
modes 21
monitoring 24
multicast television application 18
setting global parameters 21
support for 4
N
NAC
AAA down policy 10
critical authentication 14, 43
IEEE 802.1x authentication using a RADIUS server 47
IEEE 802.1x validation using RADIUS server 47
inaccessible authentication bypass 10, 43
Layer 2 IEEE 802.1x validation 10, 19, 47
Layer 2 IP validation 10
named IPv4 ACLs 14
NameSpace Mapper
See NSM
native VLAN
and IEEE 802.1Q tunneling 4
configuring 23
default 23
neighbor discovery, IPv6 4
neighbor discovery/recovery, EIGRP 34
neighbors, BGP 55
Network Admission Control
NAC
Network Admission Control Software Configuration Guide 49, 50
Network Assistant
benefits 2
described 5
downloading image files 3
guide mode 3
management options 2
upgrading a switch 22
wizards 3
network configuration examples
increasing network performance 17
large network 21
long-distance, high-bandwidth transport 22
providing network services 17
server aggregation and Linux server cluster 19
small to medium-sized network 20
network design
performance 17
services 17
network management
CDP 1
RMON 1
SNMP 1
network performance, measuring with IP SLAs 3
network policy TLV 2, 6
Network Time Protocol
See NTP
no commands 4
nonhierarchical policy maps
configuration guidelines 33
described 9
non-IP traffic filtering 26
nontrunking mode 18
normal-range VLANs 4
configuration guidelines 6
configuration modes 7
configuring 4
defined 1
no switchport command 4
not-so-stubby areas
See NSSA
NSM 3
NSSA, OSPF 28
NTP
associations
authenticating 4
defined 2
enabling broadcast messages 6
peer 5
server 5
default configuration 4
displaying the configuration 11
overview 2
restricting access
creating an access group 8
disabling NTP services per interface 10
source IP address, configuring 10
stratum 2
support for 6
synchronizing devices 5
time
services 2
synchronizing 2
O
object tracking
HSRP 7
IP SLAs 9
IP SLAs, configuring 9
monitoring 12
online diagnostics
overview 1
running tests 3
understanding 1
Open Shortest Path First
See OSPF
optimizing system resources 1
options, management 5
OSPF
area parameters, configuring 28
configuring 26
default configuration
metrics 30
route 30
settings 25
described 24
for IPv6 6
interface parameters, configuring 27
LSA group pacing 31
monitoring 32
router IDs 32
route summarization 30
support for 12
virtual links 30
out-of-profile markdown 11
P
packet modification, with QoS 19
PAgP
Layer 2 protocol tunneling 9
See EtherChannel
parallel paths, in routing tables 78
passive interfaces
configuring 87
OSPF 30
passwords
default configuration 2
disabling recovery of 5
encrypting 3
for security 8
in clusters 13
overview 1
recovery of 3
setting
enable 3
enable secret 3
Telnet 6
with usernames 6
VTP domain 8
path cost
MSTP 20
STP 18
path MTU discovery 4
PBR
defined 84
enabling 85
fast-switched policy-based routing 87
local policy-based routing 87
PC (passive command switch) 10
peers, BGP 55
percentage thresholds in tracked lists 6
performance, network design 17
performance features 3
persistent self-signed certificate 42
per-VLAN spanning-tree plus
See PVST+
PE to CE routing, configuring 71
physical ports 2
PIM
default configuration 10
dense mode
overview 4
rendezvous point (RP), described 5
RPF lookups 8
displaying neighbors 61
enabling a mode 13
overview 4
router-query message interval, modifying 36
shared tree and source tree, overview 34
shortest path tree, delaying the use of 35
sparse mode
join messages and shared tree 5
overview 5
prune messages 5
RPF lookups 8
stub routing
configuration guidelines 22
displaying 61
enabling 22
overview 5
support for 12
versions
interoperability 10
troubleshooting interoperability problems 34
v2 improvements 4
PIM-DVMRP, as snooping method 8
ping
character output description 14
executing 13
overview 13
PoE
auto mode 8
CDP with power consumption, described 7
CDP with power negotiation, described 7
Cisco intelligent power management 7
configuring 22
devices supported 6
enhanced 7
supported watts per port 7
high-power devices operating in low-power mode 7
IEEE power classification levels 8
monitoring power 24
policing power consumption 24
power budgeting 23
power consumption 23
powered-device detection and initial power allocation 7
power management modes 8
power negotiation extensions to CDP 7
standards supported 7
static mode 9
supported watts per port 7
troubleshooting 11
policed-DSCP map for QoS 62
policers
configuring
for each matched traffic class 48
for more than one traffic class 58
described 4
displaying 78
number of 34
types of 9
policing
described 4
hierarchical
See hierarchical policy maps
token-bucket algorithm 9
policy-based routing
See PBR
policy maps for QoS
characteristics of 48
described 7
displaying 78
hierarchical 8
hierarchical on SVIs
configuration guidelines 33
configuring 52
described 11
nonhierarchical on physical ports
configuration guidelines 33
described 9
port ACLs
defined 2
types of 3
Port Aggregation Protocol
See EtherChannel
port-based authentication
accounting 8
authentication server
defined 3
RADIUS server 3
client, defined 2
configuration guidelines 26
configuring
802.1x authentication 32
guest VLAN 40
host mode 34
inaccessible authentication bypass 43
manual re-authentication of a client 36
periodic re-authentication 35
quiet period 37
RADIUS server 34
RADIUS server parameters on the switch 33
restricted VLAN 41
switch-to-client frame-retransmission number 38
switch-to-client retransmission time 37
violation mode 17
violation modes 31
default configuration 25
described 1
device roles 2
displaying statistics 52
EAPOL-start frame 5
EAP-request/identity frame 5
EAP-response/identity frame 5
encapsulation 3
guest VLAN
configuration guidelines 13, 14
described 12
host mode 7
inaccessible authentication bypass
configuring 43
described 14
guidelines 27
initiation and message exchange 5
magic packet 17
maximum number of allowed devices per port 28
method lists 32
multiple-hosts mode, described 8
per-user ACLs
AAA authorization 32
configuration tasks 12
described 11
RADIUS server attributes 12
ports
authorization state and dot1x port-control command 7
authorized and unauthorized 7
critical 14
voice VLAN 15
port security
and voice VLAN 17
described 16
interactions 16
multiple-hosts mode 8
readiness check
configuring 29
described 10, 29
resetting to default values 51
statistics, displaying 52
switch
as proxy 3
RADIUS client 3
upgrading from a previous release 28, 26
VLAN assignment
AAA authorization 32
characteristics 10
configuration tasks 11
described 10
voice aware 802.1x security
configuring 30
described 20, 30
voice VLAN
described 15
PVID 15
VVID 15
wake-on-LAN, described 17
port blocking 4, 7
port-channel
See EtherChannel
port description TLV 2
Port Fast
described 2
enabling 10
mode, spanning tree 29
support for 7
port membership modes, VLAN 3
port priority
MSTP 19
STP 17
ports
access 3
blocking 7
dual-purpose uplink 6
dynamic access 3
IEEE 802.1Q tunnel 4
protected 6
routed 4
secure 8
static-access 3, 11
switch 2
trunks 3, 16
VLAN assignments 11
port security
aging 17
and private VLANs 18
and QoS trusted boundary 38
configuring 12
default configuration 11
described 8
displaying 19
enabling 18
on trunk ports 14
sticky learning 9
violations 10
with other features 11
port-shutdown response, VMPS 28
port VLAN ID TLV 2
power management TLV 2, 6
Power over Ethernet
See PoE
preemption, default configuration 7
preemption delay, default configuration 8
preferential treatment of traffic
See QoS
prefix lists, BGP 53
preventing unauthorized access 1
primary interface for object tracking, DHCP, configuring 11
primary interface for static routing, configuring 10
primary links 2
primary VLANs 1, 3
priority
HSRP 7
overriding CoS 6
trusting CoS 6
private VLAN edge ports
See protected ports
private VLANs
across multiple switches 4
and SDM template 4
and SVIs 5
benefits of 1
community ports 2
community VLANs 2, 3
configuration guidelines 6, 8
configuration tasks 6
configuring 9
default configuration 6
end station access to 3
IP addressing 3
isolated port 2
isolated VLANs 2, 3
mapping 13
monitoring 14
ports
community 2
configuration guidelines 8
configuring host ports 11
configuring promiscuous ports 12
described 4
isolated 2
promiscuous 2
primary VLANs 1, 3
promiscuous ports 2
secondary VLANs 2
subdomains 1
traffic in 5
privileged EXEC mode 2
privilege levels
changing the default for lines 9
command switch 15
exiting 9
logging into 9
mapping on member switches 15
overview 2, 7
setting a command with 8
promiscuous ports
configuring 12
defined 2
protected ports 9, 6
protocol-dependent modules, EIGRP 34
Protocol-Independent Multicast Protocol
See PIM
provider edge devices 62
proxy ARP
configuring 10
definition 8
with IP routing disabled 11
proxy reports 3
pruning, VTP
disabling
in VTP domain 14
on a port 23
enabling
in VTP domain 14
on a port 22
examples 5
overview 4
pruning-eligible list
changing 22
for VTP pruning 4
VLANs 14
PVST+
described 9
IEEE 802.1Q trunking interoperability 10
instances supported 9
Q
QoS
and MQC commands 1
auto-QoS
categorizing traffic 20
configuration and defaults display 29
configuration guidelines 25
described 20
disabling 27
displaying generated commands 27
displaying the initial configuration 29
effects on running configuration 25
egress queue defaults 21
enabling for VoIP 27
example configuration 28
ingress queue defaults 21
list of generated commands 22
basic model 4
classification
class maps, described 7
defined 4
DSCP transparency, described 40
flowchart 6
forwarding treatment 3
in frames and packets 3
IP ACLs, described 5, 7
MAC ACLs, described 5, 7
options for IP traffic 5
options for non-IP traffic 5
policy maps, described 7
trust DSCP, described 5
trusted CoS, described 5
trust IP precedence, described 5
class maps
configuring 46
displaying 78
configuration guidelines
auto-QoS 25
standard QoS 33
configuring
aggregate policers 58
auto-QoS 20
default port CoS value 38
DSCP maps 60
DSCP transparency 40
DSCP trust states bordering another domain 40
egress queue characteristics 70
ingress queue characteristics 66
IP extended ACLs 44
IP standard ACLs 43
MAC ACLs 45
policy maps, hierarchical 52
port trust states within the domain 36
trusted boundary 38
default auto configuration 20
default standard configuration 30
displaying statistics 78
DSCP transparency 40
egress queues
allocating buffer space 71
buffer allocation scheme, described 17
configuring shaped weights for SRR 74
configuring shared weights for SRR 75
described 4
displaying the threshold map 74
flowchart 17
mapping DSCP or CoS values 73
scheduling, described 4
setting WTD thresholds 71
WTD, described 18
enabling globally 35
flowcharts
classification 6
egress queueing and scheduling 17
ingress queueing and scheduling 15
policing and marking 10
implicit deny 7
ingress queues
allocating bandwidth 68
allocating buffer space 68
buffer and bandwidth allocation, described 16
configuring shared weights for SRR 68
configuring the priority queue 69
described 4
displaying the threshold map 67
flowchart 15
mapping DSCP or CoS values 66
priority queue, described 16
scheduling, described 4
setting WTD thresholds 66
WTD, described 16
IP phones
automatic classification and queueing 20
detection and trusted settings 20, 38
limiting bandwidth on egress interface 77
mapping tables
CoS-to-DSCP 60
displaying 78
DSCP-to-CoS 63
DSCP-to-DSCP-mutation 64
IP-precedence-to-DSCP 61
policed-DSCP 62
types of 12
marked-down actions 50, 55
marking, described 4, 8
overview 2
packet modification 19
policers
configuring 50, 55, 58
described 8
displaying 78
number of 34
types of 9
policies, attaching to an interface 8
policing
described 4, 8
token bucket algorithm 9
policy maps
characteristics of 48
displaying 78
hierarchical 8
hierarchical on SVIs 52
nonhierarchical on physical ports 48
QoS label, defined 4
queues
configuring egress characteristics 70
configuring ingress characteristics 66
high priority (expedite) 19, 76
location of 13
SRR, described 14
WTD, described 13
rewrites 19
support for 11
trust states
bordering another domain 40
described 5
trusted device 38
within the domain 36
quality of service
See QoS
queries, IGMP 4
query solicitation, IGMP 13
R
RADIUS
attributes
vendor-proprietary 31
vendor-specific 29
configuring
accounting 28
authentication 23
authorization 27
communication, global 21, 29
communication, per-server 20, 21
multiple UDP ports 20
default configuration 20
defining AAA server groups 25
displaying the configuration 31
identifying the server 20
in clusters 14
limiting the services to the user 27
method list, defined 19
operation of 19
overview 18
suggested network environments 18
support for 10
tracking services accessed by user 28
range
macro 13
of interfaces 12
rapid convergence 9
rapid per-VLAN spanning-tree plus
See rapid PVST+
rapid PVST+
described 9
IEEE 802.1Q trunking interoperability 10
instances supported 9
Rapid Spanning Tree Protocol
See RSTP
RARP 8
rcommand command 14
RCP
configuration files
downloading 16
overview 14
preparing the server 15
uploading 17
image files
deleting old image 35
downloading 33
preparing the server 32
uploading 35
reachability, tracking IP SLAs IP host 9
readiness check
port-based authentication
configuring 29
described 10, 29
reconfirmation interval, VMPS, changing 31
reconfirming dynamic VLAN membership 31
recovery procedures 1
redundancy
EtherChannel 3
HSRP 1
STP
backbone 8
path cost 26
port priority 24
redundant links and UplinkFast 13
reliable transport protocol, EIGRP 34
reloading software 20
Remote Authentication Dial-In User Service
See RADIUS
Remote Copy Protocol
See RCP
Remote Network Monitoring
See RMON
Remote SPAN
See RSPAN
remote SPAN 2
report suppression, IGMP
described 6
disabling 16, 11
resequencing ACL entries 14
resets, in BGP 48
resetting a UDLD-shutdown interface 6
responder, IP SLAs
described 4
enabling 8
response time, measuring with IP SLAs 4
restricted VLAN
configuring 41
described 13
using with IEEE 802.1x 13
restricting access
NTP services 8
overview 1
passwords and privilege levels 2
RADIUS 17
TACACS+ 10
retry count, VMPS, changing 32
reverse address resolution 8
Reverse Address Resolution Protocol
See RARP
RFC
1058, RIP 18
1112, IP multicast and IGMP 2
1157, SNMPv1 2
1163, BGP 40
1166, IP addresses 5
1253, OSPF 24
1267, BGP 40
1305, NTP 2
1587, NSSAs 24
1757, RMON 2
1771, BGP 40
1901, SNMPv2C 2
1902 to 1907, SNMPv2 2
2236, IP multicast and IGMP 2
2273-2275, SNMPv3 2
RIP
advertisements 19
authentication 21
configuring 20
default configuration 19
described 19
for IPv6 6
hop counts 19
split horizon 22
summary addresses 22
support for 12
RMON
default configuration 3
displaying status 6
enabling alarms and events 3
groups supported 2
overview 1
statistics
collecting group Ethernet 5
collecting group history 5
support for 14
root guard
described 8
enabling 15
support for 7
root switch
MSTP 17
STP 14
route calculation timers, OSPF 30
route dampening, BGP 59
routed packets, ACLs on 38
routed ports
configuring 3
defined 4
in switch clusters 8
IP addresses on 27, 4
route-map command 86
route maps
BGP 51
policy-based routing 84
router ACLs
defined 2
types of 4
route reflectors, BGP 58
router ID, OSPF 32
route selection, BGP 49
route summarization, OSPF 30
route targets, VPN 64
routing
default 2
dynamic 3
redistribution of information 80
static 3
routing domain confederation, BGP 58
Routing Information Protocol
See RIP
routing protocol administrative distances 79
RSPAN
characteristics 8
configuration guidelines 15
default configuration 9
defined 2
destination ports 7
displaying status 23
interaction with other features 8
monitored ports 5
monitoring ports 7
overview 13, 1
received traffic 4
sessions
creating 16
defined 3
limiting source traffic to specific VLANs 22
specifying monitored ports 16
with ingress traffic enabled 20
source ports 5
transmitted traffic 5
VLAN-based 6
RSTP
active topology 9
BPDU
format 12
processing 12
designated port, defined 9
designated switch, defined 9
interoperability with IEEE 802.1D
described 8
restarting migration process 25
topology changes 13
overview 8
port roles
described 9
synchronized 11
proposal-agreement handshake process 10
rapid convergence
described 9
edge ports and Port Fast 9
point-to-point links 10, 24
root ports 10
root port, defined 9
See also MSTP
running configuration
replacing 18, 19
rolling back 18, 19
running configuration, saving 15
S
SC (standby command switch) 10
scheduled reloads 20
scheduling, IP SLAs operations 5
SCP
and SSH 48
configuring 48
SDM
described 1
templates
configuring 4
number of 1
SDM template 4
configuration guidelines 4
configuring 3
dual IPv4 and IPv6 2
types of 1
secondary VLANs 2
Secure Copy Protocol
secure HTTP client
configuring 47
displaying 48
secure HTTP server
configuring 46
displaying 48
secure MAC addresses
deleting 16
maximum number of 10
types of 9
secure ports, configuring 8
secure remote connections 37
Secure Shell
See SSH
Secure Socket Layer
See SSL
security, port 8
security features 8
See SCP
sequence numbers in log messages 8
server mode, VTP 3
service-provider network, MSTP and RSTP 1
service-provider networks
and customer VLANs 2
and IEEE 802.1Q tunneling 1
Layer 2 protocols across 8
Layer 2 protocol tunneling for EtherChannels 9
set-request operation 4
setup program
failed command switch replacement 9
replacing failed command switch 8
severity levels, defining in system messages 8
SFPs
monitoring status of 31, 13
security and identification 12
status, displaying 13
shaped round robin
See SRR
show access-lists hw-summary command 21
show and more command output, filtering 10
show cdp traffic command 5
show cluster members command 14
show configuration command 25
show forward command 20
show interfaces command 19, 25
show interfaces switchport 4
show l2protocol command 13, 15, 16
show lldp traffic command 7
show platform forward command 20
show running-config command
displaying ACLs 19, 20, 30, 33
interface description in 25
shutdown command on interfaces 32
shutdown threshold for Layer 2 protocol packets 11
Simple Network Management Protocol
See SNMP
small-frame arrival rate, configuring 5
Smartports macros
applying Cisco-default macros 6
applying global parameter values 5, 6
applying macros 5
applying parameter values 5, 7
configuration guidelines 2
creating 4
default configuration 2
defined 1
displaying 8
tracing 3
SNAP 1
SNMP
accessing MIB variables with 4
agent
described 3
disabling 7
and IP SLAs 2
authentication level 10
community strings
configuring 8
for cluster switches 4
overview 4
configuration examples 16
default configuration 6
engine ID 7
groups 6, 9
host 6
ifIndex values 5
in-band management 6
in clusters 14
informs
and trap keyword 11
described 5
differences from traps 5
disabling 15
enabling 15
limiting access by TFTP servers 15
limiting system log messages to NMS 10
manager functions 5, 3
managing clusters with 15
MIBs
location of 3
supported 1
notifications 5
overview 1, 4
security levels 3
status, displaying 17
system contact and location 15
trap manager, configuring 13
traps
described 3, 5
differences from informs 5
disabling 15
enabling 11
enabling MAC address notification 22
overview 1, 4
types of 11
users 6, 9
versions supported 2
SNMP and Syslog Over IPv6 7
SNMPv1 2
SNMPv2C 2
SNMPv3 2
snooping, IGMP 2
software images
location in flash 23
recovery procedures 2
scheduling reloads 20
tar file format, described 23
See also downloading and uploading
source addresses
in IPv4 ACLs 11
in IPv6 ACLs 5
source-and-destination-IP address based forwarding, EtherChannel 7
source-and-destination MAC address forwarding, EtherChannel 7
source-IP address based forwarding, EtherChannel 7
source-MAC address forwarding, EtherChannel 7
Source-specific multicast
See SSM
SPAN
configuration guidelines 10
default configuration 9
destination ports 7
displaying status 23
interaction with other features 8
monitored ports 5
monitoring ports 7
overview 13, 1
ports, restrictions 12
received traffic 4
sessions
configuring ingress forwarding 14, 21
creating 11
defined 3
limiting source traffic to specific VLANs 14
removing destination (monitoring) ports 12
specifying monitored ports 11
with ingress traffic enabled 13
source ports 5
transmitted traffic 5
VLAN-based 6
spanning tree and native VLANs 19
Spanning Tree Protocol
See STP
SPAN traffic 4
split horizon, RIP 22
SRR
configuring
shaped weights on egress queues 74
shared weights on egress queues 75
shared weights on ingress queues 68
described 14
shaped mode 14
shared mode 14
support for 11, 12
SSH
configuring 38
cryptographic software image 37
described 6, 37
encryption methods 38
user authentication methods, supported 38
SSL
configuration guidelines 44
configuring a secure HTTP client 47
configuring a secure HTTP server 45
cryptographic software image 41
described 41
monitoring 48
SSM
address management restrictions 15
CGMP limitations 15
components 13
configuration guidelines 15
configuring 13, 16
differs from Internet standard multicast 14
IGMP snooping 15
IGMPv3 13
IGMPv3 Host Signalling 15
IP address range 14
monitoring 16
operations 14
PIM 13
state maintenance limitations 16
SSM mapping 16
configuration guidelines 17
configuring 16, 19
DNS-based 18, 20
monitoring 21
overview 17
restrictions 17
static 18, 19
static traffic forwarding 20
standby command switch
configuring
considerations 11
defined 2
priority 10
requirements 3
virtual IP address 11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 6
standby links 2
standby router 1
standby timers, HSRP 10
startup configuration
booting
manually 17
specific image 18
clearing 18
configuration file
automatically downloading 16
specifying the filename 16
default boot configuration 16
static access ports
assigning to VLAN 11
defined 3
static addresses
See addresses
static IP routing 12
static MAC addressing 9
static route primary interface,configuring 10
static routes
configuring 78
configuring for IPv6 20
understanding 6
static routing 3
static routing support, enhanced object tracking 10
static SSM mapping 18, 19
static traffic forwarding 20
static VLAN membership 2
statistics
802.1x 52
CDP 4
interface 30
IP multicast routing 61
LLDP 7
LLDP-MED 7
OSPF 32
QoS ingress and egress 78
RMON group Ethernet 5
RMON group history 5
SNMP input and output 17
VTP 16
sticky learning 9
storm control
configuring 3
described 1
disabling 5
displaying 19
support for 4
thresholds 1
STP
accelerating root port selection 4
BackboneFast
described 5
disabling 14
enabling 13
BPDU filtering
described 3
disabling 12
enabling 12
BPDU guard
described 2
disabling 12
enabling 11
BPDU message exchange 3
configuration guidelines 12, 10
configuring
forward-delay time 21
hello time 20
maximum aging time 21
path cost 18
port priority 17
root switch 14
secondary root switch 16
spanning-tree mode 13
switch priority 19
transmit hold-count 22
counters, clearing 22
default configuration 11
default optional feature configuration 9
designated port, defined 3
designated switch, defined 3
detecting indirect link failures 5
disabling 14
displaying status 22
EtherChannel guard
described 7
disabling 14
enabling 14
extended system ID
effects on root switch 14
effects on the secondary root switch 16
overview 4
unexpected behavior 15
features supported 7
IEEE 802.1D and bridge ID 4
IEEE 802.1D and multicast addresses 8
IEEE 802.1t and VLAN identifier 4
inferior BPDU 3
instances supported 9
interface state, blocking to forwarding 2
interface states
blocking 5
disabled 7
forwarding 5, 6
learning 6
listening 6
overview 4
interoperability and compatibility among modes 10
keepalive messages 2
Layer 2 protocol tunneling 7
limitations with IEEE 802.1Q trunks 10
load sharing
overview 24
using path costs 26
using port priorities 24
loop guard
described 9
enabling 15
modes supported 9
multicast addresses, effect of 8
optional features supported 7
overview 2
path costs 26
Port Fast
described 2
enabling 10
port priorities 25
preventing root switch selection 8
protocols supported 9
redundant connectivity 8
root guard
described 8
enabling 15
root port, defined 3
root switch
configuring 15
effects of extended system ID 4, 14
election 3
unexpected behavior 15
shutdown Port Fast-enabled port 2
status, displaying 22
superior BPDU 3
timers, described 20
UplinkFast
described 3
enabling 13
VLAN-bridge 10
stratum, NTP 2
stub areas, OSPF 28
stub routing, EIGRP 39
subdomains, private VLAN 1
subnet mask 5
subnet zero 6
success response, VMPS 28
summer time 13
SunNet Manager 5
supernet 6
supported watts per port 7
SVI autostate exclude
configuring 28
defined 5
SVI link state 5
SVIs
and IP unicast routing 3
and router ACLs 4
connecting VLANs 9
defined 4
routing between VLANs 2
switch 2
switch clustering technology 1
See also clusters, switch
switch console port 6
Switch Database Management
See SDM
switched packets, ACLs on 37
Switched Port Analyzer
See SPAN
switched ports 2
switchport backup interface 4, 5
switchport block multicast command 8
switchport block unicast command 8
switchport command 15
switchport mode dot1q-tunnel command 6
switchport protected command 7
switch priority
MSTP 21
STP 19
switch software features 1
switch virtual interface
See SVI
synchronization, BGP 45
syslog
See system message logging
system capabilities TLV 2
system clock
configuring
daylight saving time 13
manually 11
summer time 13
time zones 12
displaying the time and date 12
overview 1
See also NTP
system description TLV 2
system message logging
default configuration 3
defining error message severity levels 8
disabling 4
displaying the configuration 13
enabling 4
facility keywords, described 13
level keywords, described 9
limiting messages 10
message format 2
overview 1
sequence numbers, enabling and disabling 8
setting the display destination device 5
synchronizing log messages 6
syslog facility 14
time stamps, enabling and disabling 7
UNIX syslog servers
configuring the daemon 12
configuring the logging facility 12
facilities supported 13
system MTU and IEEE 802.1Q tunneling 5
system name
default configuration 15
default setting 15
manual configuration 15
See also DNS
system name TLV 2
system prompt, default setting 14, 15
system resources, optimizing 1
T
TACACS+
accounting, defined 11
authentication, defined 11
authorization, defined 11
configuring
accounting 17
authentication key 13
authorization 16
login authentication 14
default configuration 13
displaying the configuration 17
identifying the server 13
in clusters 14
limiting the services to the user 16
operation of 12
overview 10
support for 10
tracking services accessed by user 17
tagged packets
IEEE 802.1Q 3
Layer 2 protocol 7
tar files
creating 5
displaying the contents of 5
extracting 6
image file format 23
TCL script, registering and defining with embedded event manager 6
TDR 14
Telnet
accessing management interfaces 10
number of connections 6
setting a password 6
templates, SDM 1
temporary self-signed certificate 42
Terminal Access Controller Access Control System Plus
See TACACS+
terminal lines, setting a password 6
TFTP
configuration files
downloading 10
preparing the server 9
uploading 10
configuration files in base directory 7
configuring for autoconfiguration 7
image files
deleting 26
downloading 25
preparing the server 24
uploading 27
limiting access by servers 15
TFTP server 5
threshold, traffic level 2
threshold monitoring, IP SLAs 6
time
See NTP and system clock
Time Domain Reflector
See TDR
time-range command 16
time ranges in ACLs 16
time stamps in log messages 7
time zones 12
TLVs
defined 2
LLDP 2
LLDP-MED 2
Token Ring VLANs
support for 6
VTP support 4
ToS 11
traceroute, Layer 2
and ARP 15
and CDP 15
broadcast traffic 15
described 15
IP addresses and subnets 15
MAC addresses and VLANs 15
multicast traffic 15
multiple devices on a port 16
unicast traffic 15
usage guidelines 15
traceroute command 17
See also IP traceroute
tracked lists
configuring 3
types 3
tracked objects
by Boolean expression 4
by threshold percentage 6
by threshold weight 5
tracking interface line-protocol state 2
tracking IP routing state 2
tracking objects 1
tracking process 1
track state, tracking IP SLAs 9
traffic
blocking flooded 8
fragmented 5
fragmented IPv6 2
unfragmented 5
traffic policing 11
traffic suppression 1
transmit hold-count
see STP
transparent mode, VTP 3, 12
trap-door mechanism 2
traps
configuring MAC address notification 22
configuring managers 11
defined 3
enabling 22, 11
notification types 11
overview 1, 4
troubleshooting
connectivity problems 13, 14, 16
CPU utilization 24
detecting unidirectional links 1
displaying crash information 23
PIMv1 and PIMv2 interoperability problems 34
setting packet forwarding 20
SFP security and identification 12
show forward command 20
with CiscoWorks 4
with debug commands 19
with ping 13
with system message logging 1
with traceroute 16
trunk failover
See link-state tracking
trunking encapsulation 8
trunk ports
configuring 20
defined 3
encapsulation 20, 25, 26
trunks
allowed-VLAN list 21
configuring 20, 25, 26
ISL 16
load sharing
setting STP path costs 26
using STP port priorities 24, 25
native VLAN for untagged traffic 23
parallel 26
pruning-eligible list 22
to non-DTP device 17
trusted boundary for QoS 38
trusted port states
between QoS domains 40
classification options 5
ensuring port security for IP phones 38
support for 11
within a QoS domain 36
trustpoints, CA 42
tunneling
defined 1
IEEE 802.1Q 1
Layer 2 protocol 8
tunnel ports
defined 4
described 3, 1
IEEE 802.1Q, configuring 6
incompatibilities with other features 6
twisted-pair Ethernet, detecting unidirectional links 1
type of service
See ToS
U
UDLD
configuration guidelines 4
default configuration 4
disabling
globally 5
on fiber-optic interfaces 5
per interface 5
echoing detection mechanism 2
enabling
globally 5
per interface 5
Layer 2 protocol tunneling 10
link-detection mechanism 1
neighbor database 2
overview 1
resetting an interface 6
status, displaying 6
support for 7
UDP, configuring 14
UDP jitter, configuring 9
UDP jitter operation, IP SLAs 8
unauthorized ports with IEEE 802.1x 7
unicast MAC address filtering 5
and adding static addresses 25
and broadcast MAC addresses 25
and CPU packets 25
and multicast addresses 25
and router MAC addresses 25
configuration guidelines 25
described 25
unicast storm 1
unicast storm control command 4
unicast traffic, blocking 8
UniDirectional Link Detection protocol
See UDLD
UNIX syslog servers
daemon configuration 12
facilities supported 13
message logging configuration 12
unrecognized Type-Length-Value (TLV) support 4
upgrading software images
See downloading
UplinkFast
described 3
disabling 13
enabling 13
support for 7
uploading
configuration files
preparing 9, 12, 15
reasons for 7
using FTP 13
using RCP 17
using TFTP 10
image files
preparing 24, 28, 32
reasons for 22
using FTP 30
using RCP 35
using TFTP 27
User Datagram Protocol
See UDP
user EXEC mode 2
username-based authentication 6
V
version-dependent transparent mode 4
virtual IP address
cluster standby group 11
command switch 11
Virtual Private Network
See VPN
virtual router 1, 2
virtual switches and PAgP 5
vlan.dat file 5
VLAN 1, disabling on a trunk port 22
VLAN 1 minimization 21
VLAN ACLs
See VLAN maps
vlan-assignment response, VMPS 28
VLAN configuration
at bootup 8
saving 8
VLAN configuration mode 2, 7
VLAN database
and startup configuration file 8
and VTP 1
VLAN configuration saved in 7
VLANs saved in 4
vlan database command 7
vlan dot1q tag native command 5
VLAN filtering and SPAN 6
vlan global configuration command 7
VLAN ID, discovering 27
VLAN link state 5
VLAN load balancing on flex links 2
configuration guidelines 8
VLAN management domain 2
VLAN Management Policy Server
See VMPS
VLAN map entries, order of 29
VLAN maps
applying 33
common uses for 33
configuration guidelines 29
configuring 28
creating 30
defined 2
denying access to a server example 34
denying and permitting packets 30
displaying 40
examples of ACLs and VLAN maps 31
removing 33
support for 9
wiring closet configuration example 34
VLAN membership
confirming 31
modes 3
VLAN Query Protocol
See VQP
VLANs
adding 9
adding to VLAN database 9
aging dynamic addresses 9
allowed on trunk 21
and spanning-tree instances 3, 6, 13
configuration guidelines, extended-range VLANs 13
configuration guidelines, normal-range VLANs 6
configuration options 7
configuring 1
configuring IDs 1006 to 4094 13
connecting through SVIs 9
creating in config-vlan mode 9
creating in VLAN configuration mode 10
customer numbering in service-provider networks 3
default configuration 8
deleting 10
described 2, 1
displaying 16
extended-range 1, 12
features 8
illustrated 2
internal 13
limiting source traffic with RSPAN 22
limiting source traffic with SPAN 14
modifying 9
multicast 17
native, configuring 23
normal-range 1, 4
number supported 8
parameters 5
port membership modes 3
static-access ports 11
STP and IEEE 802.1Q trunks 10
supported 2
Token Ring 6
traffic between 2
VLAN-bridge STP 10, 2
VTP modes 3
VLAN Trunking Protocol
See VTP
VLAN trunks 16
VMPS
administering 32
configuration example 33
configuration guidelines 29
default configuration 29
description 27
dynamic port membership
described 28
reconfirming 31
troubleshooting 33
entering server address 30
mapping MAC addresses to VLANs 28
monitoring 32
reconfirmation interval, changing 31
reconfirming membership 31
retry count, changing 32
voice aware 802.1x security
port-based authentication
configuring 30
described 20, 30
voice-over-IP 1
voice VLAN
Cisco 7960 phone, port connections 1
configuration guidelines 3
configuring IP phones for data traffic
override CoS of incoming frame 6
trust CoS priority of incoming frame 6
configuring ports for voice traffic in
802.1p priority tagged frames 5
802.1Q frames 5
connecting to an IP phone 4
default configuration 3
described 1
displaying 7
IP phone data traffic, described 2
IP phone voice traffic, described 2
VPN
configuring routing in 70
forwarding 64
in service provider networks 61
routes 62
VPN routing and forwarding table
See VRF
VQP 8, 27
VRF
defining 64
tables 61
VRF-aware services
ARP 67
configuring 67
ftp 70
HSRP 68
ping 68
SNMP 68
syslog 69
tftp 70
traceroute 70
uRPF 69
VTP
adding a client to a domain 14
advertisements 19, 3
and extended-range VLANs 1
and normal-range VLANs 1
client mode, configuring 11
configuration
global configuration mode 7
guidelines 8
privileged EXEC mode 7
requirements 9
saving 7
VLAN configuration mode 7
configuration mode options 7
configuration requirements 9
configuration revision number
guideline 14
resetting 15
configuring
client mode 11
server mode 9
transparent mode 12
consistency checks 4
default configuration 6
described 1
disabling 12
domain names 8
domains 2
Layer 2 protocol tunneling 8
modes
client 3, 11
server 3, 9
transitions 3
transparent 3, 12
monitoring 16
passwords 8
pruning
disabling 14
enabling 14
examples 5
overview 4
support for 8
pruning-eligible list, changing 22
server mode, configuring 9
statistics 16
support for 8
Token Ring support 4
transparent mode, configuring 12
using 1
version, guidelines 8
Version 1 4
Version 2
configuration guidelines 8
disabling 13
enabling 13
overview 4
W
WCCP
authentication 3
configuration guidelines 5
default configuration 5
described 1
displaying 9
dynamic service groups 3
enabling 6
features unsupported 4
forwarding method 3
Layer-2 header rewrite 3
MD5 security 3
message exchange 2
monitoring and maintaining 9
negotiation 3
packet redirection 3
packet-return method 3
redirecting traffic received from a client 6
setting the password 6
unsupported WCCPv2 features 4
web authentication 10
configuring47to50, 50to ??
described 8, 21
fallback for IEEE 802.1x 49
Web Cache Communication Protocol
See WCCP
weighted tail drop
See WTD
weight thresholds in tracked lists 5
wireless access point, Cisco AP1250 7
wizards 3
WTD
described 13
setting thresholds
egress queue-sets 71
ingress queues 66
support for 11, 12
X
Xmodem protocol 2