- Index
- Preface
- Overview
- Using the Command-Line Interface
- Getting Started with CMS
- Assigning the Switch IP Address and Default Gateway
- Managing Switch Stacks
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring 802.1X Port-Based Authentication
- Configuring Interface Characteristics
- Configuring SmartPort Macros
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring DHCP Features
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels
- Configuring IP Unicast Routing
- Configuring HSRP
- Configuring IP Multicast Routing
- Configuring MSDP
- Configuring Fallback Bridging
- Troubleshooting
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.1(19)EA1
Index
Numerics
802.1D
802.1Q
and trunk ports 11-3
configuration limitations 13-18
encapsulation 13-16
native VLAN for untagged traffic 13-23
802.1s
802.1w
802.1X
802.3ad
802.3af
See PoE 1-9
802.3z flow control 11-15
A
abbreviating commands 2-3
ABRs 31-30
AC (command switch) 6-10, 6-21
access-class command 28-19
access control entries
access-denied response, VMPS 13-28
access groups
applying ACLs to interfaces 28-20
IP 28-20
Layer 2 28-20
Layer 3 28-20
accessing
clusters, switch 6-13
command switches 6-11
member switches 6-13
stack members 5-15
switch clusters 6-13
access lists
access ports
defined 11-3
in switch clusters 6-9
accounting
with RADIUS 9-28
ACEs
and QoS 29-7
defined 28-2
Ethernet 28-2
IP 28-2
ACLs
ACEs 28-2
any keyword 28-12
applying
on bridged packets 28-38
on multicast packets 28-39
on routed packets 28-38
on switched packets 28-37
time ranges to 28-16
to an interface 28-19
to QoS 29-7
classifying traffic for QoS 29-37
comments in 28-18
compiling 28-21
configuring with VLAN maps 28-36
extended IP
configuring for QoS classification 29-38
creating 28-10
matching criteria 28-7
hardware and software handling 28-21
host keyword 28-12
IP
applying to interface 28-19
applying to interfaces 28-19
creating 28-7
fragments and QoS guidelines 29-29
implicit deny 28-9, 28-13, 28-15
implicit masks 28-9
matching criteria 28-7
named 28-14
terminal lines, setting on 28-18
undefined 28-20
violations, logging 28-15
limiting actions 28-37
logging messages 28-10
log keyword 28-15
monitoring 28-40
named 28-14
number per QoS class map 29-29
numbers 28-8
port 28-2
precedence of 28-2
router 28-2
standard IP
configuring for QoS classification 29-37
creating 28-9
matching criteria 28-7
supported features 28-21
support for 1-7
time ranges 28-16
unsupported features 28-6
using router ACLs with VLAN maps 28-36
VLAN maps
configuration guidelines 28-29
configuring 28-29
active router 32-1
address aliasing 20-2
addresses
displaying the MAC address table 7-28
dynamic
accelerated aging 16-9
changing the aging time 7-22
default aging 16-9
defined 7-21
learning 7-21
removing 7-23
MAC, discovering 7-28
multicast
group address range 33-3
STP address management 16-9
static
adding and removing 7-25
defined 7-21
Address Resolution Protocol
adjacency tables, with CEF 31-66
administrative distances
defined 31-77
OSPF 31-35
routing protocol defaults 31-68
advertisements
CDP 22-1
IGRP 31-24
RIP 31-20
aggregate addresses, BGP 31-61
aggregated ports
aggregate policers 29-45
aggregate policing 1-8
aging, accelerating 16-9
aging time
accelerated
for MSTP 17-21
MAC address table 7-22
maximum
for MSTP 17-22
for STP 16-23
alarms, RMON 25-3
allowed-VLAN list 13-21
alternate routes, IGRP 31-26
area border routers
ARP
configuring 31-10
encapsulation 31-11
static cache configuration 31-10
table
address resolution 7-28
managing 7-28
ASBRs 31-30
AS-path filters, BGP 31-55
attributes, RADIUS
vendor-proprietary 9-31
vendor-specific 9-29
audience xxxv
authentication
EIGRP 31-43
HSRP 32-8
local mode with AAA 9-36
NTP associations 7-5
RADIUS
key 9-21
login 9-23
See also port-based authentication
TACACS+
defined 9-11
key 9-13
login 9-14
authentication keys, and routing protocols 31-78
authoritative time source, described 7-2
authorization
with RADIUS 9-27
authorized ports with 802.1X 10-4
autoconfiguration 4-3
automatic discovery
adding member switches 6-18
considerations
beyond a non-candidate device 6-8
brand new switches 6-9
connectivity 6-5
different VLANs 6-7
management VLANs 6-8
non-CDP-capable devices 6-6
non-cluster-capable devices 6-6
routed ports 6-9
creating a cluster standby group 6-20
in switch clusters 6-5
automatic QoS
automatic recovery, clusters 6-10
autonegotiation
duplex mode 1-3
interface configuration guidelines 11-13
mismatches 36-12
autonomous system boundary routers
autonomous systems, in BGP 31-49
Auto-RP, described 33-5
autosensing, port speed 1-3
auxiliary VLAN
availability, features 1-5
B
BackboneFast
described 18-7
enabling 18-16
support for 1-5
banners
configuring
login 7-20
message-of-the-day login 7-19
default configuration 7-18
when displayed 7-18
BGP
aggregate addresses 31-61
aggregate routes, configuring 31-61
CIDR 31-61
clear commands 31-64
community filtering 31-58
configuring neighbors 31-59
default configuration 31-46
described 31-46
enabling 31-49
monitoring 31-64
multipath support 31-52
neighbors, types of 31-49
path selection 31-52
peers, configuring 31-59
prefix filtering 31-57
resetting sessions 31-51
route dampening 31-63
route maps 31-54
route reflectors 31-62
routing domain confederation 31-62
show commands 31-64
supernets 31-61
support for 1-8
Version 4 31-46
binding cluster group and HSRP group 32-9
blocking packets 21-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-14
boot loader
accessing 4-15
described 4-2
environment variables 4-15
prompt 4-15
trap-door mechanism 4-2
bootstrap router (BSR), described 33-5
Border Gateway Protocol
BPDU
error-disabled state 18-3
filtering 18-3
RSTP format 17-10
BPDU filtering
described 18-3
enabling 18-14
support for 1-6
BPDU guard
described 18-3
enabling 18-13
support for 1-6
bridged packets, ACLs on 28-38
bridge groups
bridge protocol data unit
broadcast flooding 31-17
broadcast packets
directed 31-14
flooded 31-14
broadcast storm-control command 21-3
C
cables, monitoring for unidirectional links 23-1
candidate switch
adding 6-18
automatic discovery 6-5
defined 6-4
HC 6-21
passwords 6-19
requirements 6-4
standby group 6-20
See also command switch, cluster standby group, and member switch
caution, described xxxvi
CC (command switch) 6-21
CDP
and trusted boundary 29-34
automatic discovery in switch clusters 6-5
configuring 22-2
default configuration 22-2
described 22-1
disabling for routing device 22-3, 22-4
enabling and disabling
on an interface 22-4
on a switch 22-3
monitoring 22-5
overview 22-1
support for 1-4
switch stack considerations 22-2
transmission timer and holdtime, setting 22-2
updates 22-2
CEF 31-66
CGMP
as IGMP snooping learning method 20-7
clearing cached group entries 33-51
enabling server support 33-33
joining multicast group 20-3
overview 33-7
server support only 33-7
switch support of 1-3
CIDR 31-61
Cisco 7960 IP Phone 15-1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco IOS File System
Cisco StackWise technology 1-3
Cisco Technical Assistance Center xxxviii
classless interdomain routing
classless routing 31-7
class maps for QoS
configuring 29-40
described 29-7
displaying 29-64
class of service
clearing interfaces 11-24
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 6-23
no and default forms of commands 2-4
client mode, VTP 14-3
clock
Cluster Management Suite
cluster requirements
See release notes xxxvii
clusters, switch
accessing 6-13
adding member switches 6-18
automatic discovery 6-5
automatic recovery 6-10
benefits 1-2
command switch configuration 6-17
compatibility 6-4
creating 6-17
creating a cluster standby group 6-20
described 6-1
LRE profile considerations 6-17
managing
through CLI 6-23
through SNMP 6-24
planning 6-4
planning considerations
automatic discovery 6-5
automatic recovery 6-10
CLI 6-23
host names 6-14
IP addresses 6-13
LRE profiles 6-17
passwords 6-14
RADIUS 6-16
switch-specific features 6-17
switch stacks 6-15
TACACS+ 6-16
redundancy 6-20
troubleshooting 6-22
verifying 6-22
cluster standby group
and HSRP group 32-9
automatic recovery 6-13
considerations 6-11
creating 6-20
defined 6-2
requirements 6-3
virtual IP address 6-11
CMS
benefits 1-2
configuration modes 3-5
Front Panel view
described 3-2
hardware configurations, minimum 3-8
operating systems and supported browsers 3-9
plug-in requirements 3-9
privilege levels 3-7
Topology view 3-15
troubleshooting 3-9
wizards 3-6
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 9-8
command switch
accessing 6-11
command switch with HSRP disabled (CC) 6-21
configuration conflicts 36-12
defined 6-2
enabling 6-17
password privilege levels 6-23
priority 6-10
recovery
from command-switch failure 6-10
from failure 36-9
from lost member connectivity 36-12
replacing
with another switch 36-11
with cluster member 36-9
requirements 6-3
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 31-58
community strings
for cluster switches 27-4
in clusters 6-14
overview 27-4
SNMP 6-14
compatibility, software
config.text 4-12
configuration, initial
defaults 1-10
Express Setup 1-10
See also hardware installation guide
setup (CLI) program 1-10
configuration conflicts, recovering from lost member connectivity 36-12
configuration examples, network 1-12
configuration files
clearing the startup configuration B-20
creating using a text editor B-11
default name 4-12
deleting a stored configuration B-20
described B-9
downloading
automatically 4-12
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
guidelines for creating and using B-10
invalid combinations when copying B-5
limiting TFTP server access 27-14
obtaining with DHCP 4-8
password recovery disable considerations 9-5
specifying the filename 4-13
system contact and location information 27-14
types and location B-10
uploading
reasons for B-9
using FTP B-16
using RCP B-19
using TFTP B-12
configuration modes, CMS 3-5
configuration settings, saving 4-11
configure terminal command 11-8
conflicts, configuration 36-12
connections, secure remote 9-38
connectivity problems 36-13, 36-15, 36-17
consistency checks in VTP version 2 14-4
console port, connecting to 2-9
conventions
command xxxvi
for examples xxxvi
publication xxxvi
text xxxvi
corrupted software, recovery steps with XMODEM 36-2
CoS
in Layer 2 frames 29-2
override priority 15-5
trust priority 15-5
CoS input queue threshold map for QoS 29-14
CoS output queue threshold map for QoS 29-17
CoS-to-DSCP map for QoS 29-47
counters, clearing interface 11-24
crashinfo file 36-25
cross-stack EtherChannel
configuration guidelines 30-12
configuring
on Layer 2 interfaces 30-12
on Layer 3 physical interfaces 30-15
described 30-2
illustration 30-3
support for 1-5
cross-stack UplinkFast, STP
described 18-5
enabling 18-16
fast-convergence events 18-7
Fast Uplink Transition Protocol 18-6
normal-convergence events 18-7
support for 1-5
cryptographic software image
Kerberos 9-32
SSH 9-37
switch stack considerations 5-2, 5-11, 9-38
CWDM 1-23
CWDM SFPs 1-23
D
daylight saving time 7-13
debugging
enabling all system diagnostics 36-22
enabling for a specific feature 36-21
redirecting error message output 36-22
using commands 36-21
default commands 2-4
default configuration
802.1X 10-11
auto-QoS 29-18
banners 7-18
BGP 31-46
booting 4-12
CDP 22-2
DHCP 19-3
DNS 7-17
EIGRP 31-40
EtherChannel 30-10
fallback bridging 35-4
HSRP 32-4
IGMP 33-27
IGMP filtering 20-20
IGMP snooping 20-6
IGMP throttling 20-20
IGRP 31-26
initial switch information 4-3
IP addressing, IP routing 31-5
IP multicast routing 33-9
Layer 2 interfaces 11-12
MAC address table 7-22
MSDP 34-4
MSTP 17-13
MVR 20-15
NTP 7-4
optional spanning-tree features 18-12
OSPF 31-31
password and privilege level 9-2
RADIUS 9-20
RIP 31-20
RMON 25-3
RSPAN 24-11
SNMP 27-7
SPAN 24-11
standard QoS 29-27
STP 16-13
switch stacks 5-14
system message logging 26-4
system name and prompt 7-15
TACACS+ 9-13
UDLD 23-4
VLAN, Layer 2 Ethernet interfaces 13-19
VLANs 13-8
VMPS 13-29
voice VLAN 15-3
VTP 14-7
default networks 31-69
default routes 31-69
default routing 31-2
deleting VLANs 13-10
description command 11-19
designing your network, examples 1-12
destination addresses, in ACLs 28-11
destination-IP address based forwarding, EtherChannel 30-8
destination-MAC address forwarding, EtherChannel 30-8
detecting indirect link failures, STP 18-8
device discovery protocol 22-1
Device Manager 3-15
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-7
relay device 4-7
server-side 4-5
TFTP server 4-6
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
overview 4-3
relationship to BOOTP 4-4
support for 1-4
DHCP option 82
configuration guidelines 19-3
default configuration 19-3
displaying 19-5
overview 19-2
DHCP snooping
configuration guidelines 19-3
default configuration 19-3
displaying binding tables 19-5
displaying configuration 19-6
message exchange process 19-2
option 82 data insertion 19-2
Differentiated Services architecture, QoS 29-1
Differentiated Services Code Point 29-2
Diffusing Update Algorithm (DUAL) 31-38
directed unicast requests 1-4
directories
changing B-4
creating and removing B-4
displaying the working B-4
discovery, clusters
Distance Vector Multicast Routing Protocol
distance-vector protocols 31-3
distribute-list command 31-77
DNS
and DHCP-based autoconfiguration 4-7
default configuration 7-17
displaying the configuration 7-18
overview 7-16
setting up 7-17
support for 1-4
documentation
feedback xxxviii
obtaining
world wide web xxxvii
ordering xxxviii
related xxxvii
document conventions xxxvi
domain names
DNS 7-16
VTP 14-8
Domain Name System
downloading
configuration files
reasons for B-9
using FTP B-14
using RCP B-18
using TFTP B-12
image files
deleting old image B-25
reasons for B-21
using FTP B-27
using RCP B-32
using TFTP B-24
DSCP input queue threshold map for QoS 29-14
DSCP output queue threshold map for QoS 29-17
DSCP-to-CoS map for QoS 29-50
DSCP-to-DSCP-mutation map for QoS 29-51
DUAL finite state machine, EIGRP 31-39
duplex mode, configuring 11-13
DVMRP
autosummarization
configuring a summary address 33-47
disabling 33-49
connecting PIM domain to DVMRP router 33-39
enabling unicast routing 33-43
interoperability
with Cisco devices 33-37
with IOS software 33-7
mrinfo requests, responding to 33-42
neighbors
advertising the default route to 33-41
discovery with Probe messages 33-37
displaying information 33-42
prevent peering with nonpruning 33-45
rejecting nonpruning 33-43
overview 33-7
routes
adding a metric offset 33-49
advertising all 33-49
advertising the default route to neighbors 33-41
caching DVMRP routes learned in report messages 33-43
changing the threshold for syslog messages 33-46
deleting 33-51
displaying 33-51
favoring one over another 33-49
limiting the number injected into MBONE 33-46
limiting unicast route advertisements 33-37
routing table 33-7
source distribution tree, building 33-7
support for 1-9
tunnels
configuring 33-39
displaying neighbor information 33-42
dynamic access ports
characteristics 13-4
configuring 13-30
defined 11-3
dynamic addresses
dynamic auto trunking mode 13-17
dynamic desirable trunking mode 13-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 13-28
reconfirming 13-31
troubleshooting 13-33
types of connections 13-30
dynamic routing 31-3
Dynamic Trunking Protocol
E
EBGP 31-45
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EIGRP
and IGRP 31-41
authentication 31-43
components 31-39
configuring 31-41
default configuration 31-40
definition 31-38
interface parameters, configuring 31-42
monitoring 31-44
support for 1-8
elections
enable password 9-4
enable secret password 9-4
encryption for passwords 9-4
Enhanced IGRP
environment variables
function of 4-16
error messages during command entry 2-4
EtherChannel
802.3ad, described 30-6
automatic creation of 30-5, 30-6
channel groups
binding physical and logical interfaces 30-4
numbering of 30-4
configuration guidelines 30-11
configuring
Layer 2 interfaces 30-12
Layer 3 physical interfaces 30-15
Layer 3 port-channel logical interfaces 30-14
configuring Layer 2 interfaces 30-12
default configuration 30-10
described 30-2
displaying status 30-22
forwarding methods 30-7, 30-17
interaction
with STP 30-11
with VLANs 30-11
LACP
described 30-6
displaying status 30-22
hot-standby ports 30-19
interaction with other features 30-7
modes 30-7
port priority 30-21
system priority 30-20
LACP, support for 1-3
Layer 3 interface 31-4
logical interfaces, described 30-4
PAgP
aggregate-port learners 30-18
compatibility with Catalyst 1900 30-18
described 30-5
displaying status 30-22
interaction with other features 30-6
learn method and priority configuration 30-18
modes 30-5
silent mode 30-6
support for 1-3
port-channel interfaces
described 30-4
numbering of 30-4
port groups 11-5
stack changes, effects of 30-9
support for 1-3
EtherChannel guard
described 18-10
enabling 18-17
Ethernet VLANs
adding 13-8
defaults and ranges 13-8
modifying 13-8
events, RMON 25-3
examples
conventions for xxxvi
network configuration 1-12
expedite queue for QoS
configuring 29-63
expert mode 3-6
See also hardware installation guide
extended-range VLANs
configuration guidelines 13-13
configuring 13-12
defined 13-1
extended system ID
MSTP 17-15
Extensible Authentication Protocol over LAN 10-1
exterior routes, IGRP 31-25
external BGP
external neighbors, BGP 31-49
F
failover support 1-5
fallback bridging
and protected ports 35-4
bridge groups
creating 35-4
described 35-2
displaying 35-11
function of 35-2
number supported 35-5
removing 35-5
bridge table
clearing 35-11
displaying 35-11
configuration guidelines 35-4
connecting interfaces with 11-6
default configuration 35-4
described 35-1
frame forwarding
flooding packets 35-2
forwarding packets 35-2
overview 35-1
stack changes, effects of 35-3
STP
disabling on an interface 35-11
forward-delay interval 35-10
hello BPDU interval 35-9
interface priority 35-7
maximum-idle interval 35-10
path cost 35-8
VLAN-bridge spanning-tree priority 35-7
VLAN-bridge STP 35-2
support for 1-8
SVIs and routed ports 35-1
Fast Uplink Transition Protocol 18-6
feedback to Cisco Systems, web xxxviii
FIB 31-66
fiber-optic, detecting unidirectional links 23-1
files
copying B-5
crashinfo
description 36-25
displaying the contents of 36-25
location 36-25
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-7
extracting B-8
image file format B-22
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-5
setting the default B-3
filtering
in a VLAN 28-29
non-IP traffic 28-26
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
flash device, number of B-1
flash updates, IGRP 31-26
flooded traffic, blocking 21-6
flow-based packet classification 1-7
flowcharts
QoS classification 29-6
QoS egress queueing and scheduling 29-15
QoS ingress queueing and scheduling 29-13
QoS policing and marking 29-9
forward-delay time
MSTP 17-21
STP 16-23
Forwarding Information Base
forwarding non-routable protocols 35-1
FTP
accessing MIB files A-3
configuration files
downloading B-14
overview B-13
preparing the server B-14
uploading B-16
image files
deleting old image B-29
downloading B-27
preparing the server B-26
uploading B-29
G
get-bulk-request operation 27-3
get-next-request operation 27-3, 27-5
get-request operation 27-3, 27-5
get-response operation 27-3
Gigabit modules
global configuration mode 2-2
guest VLAN and 802.1X 10-8
guide
audience xxxv
purpose of xxxv
H
hardware limitations and Layer 3 interfaces 11-20
HC (candidate switch) 6-21
hello time
MSTP 17-20
STP 16-22
help, for the command line 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 26-10
host names
abbreviations appended to 6-21
in clusters 6-14
hosts, limit on dynamic ports 13-33
Hot Standby Router Protocol
HP OpenView 1-4
HSRP
authentication string 32-8
automatic cluster recovery 6-13
binding to cluster group 32-9
cluster standby group considerations 6-11
command-switch redundancy 1-1, 1-5
configuring 32-3
default configuration 32-4
definition 32-1
guidelines 32-4
monitoring 32-10
overview 32-1
priority 32-6
routing redundancy 1-8
switch stack considerations 32-2
timers 32-8
tracking 32-6
See also clusters, cluster standby group, and standby command switch
I
IBPG 31-45
ICMP
redirect messages 31-12
support for 1-8
time exceeded messages 36-17
traceroute and 36-17
unreachable messages 28-19
unreachables and ACLs 28-21
ICMP ping
executing 36-14
overview 36-14
ICMP Router Discovery Protocol
IDS appliances
and ingress RSPAN 24-21
and ingress SPAN 24-14
IEEE 802.1p 15-1
ifIndex values, SNMP 27-6
IFS 1-5
IGMP
configuring the switch
as a member of a group 33-27
statically connected member 33-32
controlling access to groups 33-28
default configuration 33-27
deleting cache entries 33-51
displaying groups 33-51
fast switching 33-32
host-query interval, modifying 33-30
joining multicast group 20-3
join messages 20-3
leave processing, enabling 20-10
leaving multicast group 20-4
multicast reachability 33-27
overview 33-2
queries 20-3
report suppression
described 20-5
disabling 20-11
support for 1-3
Version 1
changing to Version 2 33-29
described 33-3
Version 2
changing to Version 1 33-29
described 33-3
maximum query response time value 33-31
pruning groups 33-31
query timeout value 33-31
IGMP filtering
configuring 20-20
default configuration 20-20
described 20-19
monitoring 20-24
support for 1-4
IGMP groups
configuring the filtering action 20-23
setting the maximum number 20-22
IGMP profile
applying 20-21
configuration mode 20-20
configuring 20-21
IGMP snooping
and address aliasing 20-2
and stack changes 20-5
configuring 20-6
default configuration 20-6
definition 20-2
enabling and disabling 20-6
global configuration 20-6
Immediate Leave 20-5
in the switch stack 20-5
method 20-7
monitoring 20-12
support for 1-3
VLAN configuration 20-7
IGMP throttling
configuring 20-23
default configuration 20-20
described 20-20
displaying action 20-24
IGP 31-30
IGRP
advertisements 31-24
alternate routes 31-26
configuring 31-27
default configuration 31-26
described 31-24
exterior routes 31-25
flash updates 31-26
interior routes 31-24
load balancing 31-26
poison-reverse updates 31-26
split horizon 31-29
support for 1-8
system routes 31-25
traffic sharing 31-27
unequal-cost load balancing 31-26
Immediate-Leave, IGMP 20-5
initial configuration
defaults 1-10
Express Setup 1-10
See also hardware installation guide
setup (CLI) program 1-10
interface
number 11-7
range macros 11-10
interface configuration mode 2-2
interfaces
configuration guidelines 11-13
configuring 11-8
configuring duplex mode 11-13
configuring speed 11-13
counters, clearing 11-24
described 11-19
descriptive name, adding 11-19
displaying information about 11-23
flow control 11-15
management 1-4
monitoring 11-23
naming 11-19
physical, identifying 11-6, 11-7
range of 11-8
restarting 11-24
shutting down 11-24
supported 11-6
types of 11-1
interfaces range macro command 11-10
interface types 11-7
Interior Gateway Protocol
Interior Gateway Routing Protocol
interior routes, IGRP 31-24
internal BGP
internal neighbors, BGP 31-49
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link
Intrusion Detection System
inventory, cluster 6-22
IOS File System
ip access group command 28-20
IP ACLs
applying to an interface 28-19
extended, creating 28-10
for QoS classification 29-7
implicit deny 28-9, 28-13, 28-15
implicit masks 28-9
logging 28-15
named 28-14
standard, creating 28-9
undefined 28-20
virtual terminal lines, setting on 28-18
IP addresses
classes of 31-6
cluster access 6-2
command switch 6-3, 6-11, 6-13
default configuration 31-5
discovering 7-28
for IP routing 31-5
MAC address association 31-9
monitoring 31-18
redundant clusters 6-11
standby command switch 6-11, 6-13
IP broadcast address 31-16
ip cef distributed command 31-66
IP directed broadcasts 31-14
ip igmp profile command 20-20
IP information
assigned
manually 4-10
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP multicast routing
addresses
all-hosts 33-3
all-multicast-routers 33-3
host group address range 33-3
administratively-scoped boundaries, described 33-35
and IGMP snooping 20-2
Auto-RP
adding to an existing sparse-mode cloud 33-14
benefits of 33-14
clearing the cache 33-51
configuration guidelines 33-10
filtering incoming RP announcement messages 33-16
overview 33-5
preventing candidate RP spoofing 33-16
preventing join messages to false RPs 33-16
setting up in a new internetwork 33-14
using with BSR 33-22
bootstrap router
configuration guidelines 33-10
configuring candidate BSRs 33-20
configuring candidate RPs 33-21
defining the IP multicast boundary 33-19
defining the PIM domain border 33-18
overview 33-5
using with Auto-RP 33-22
Cisco implementation 33-2
configuring
basic multicast routing 33-10
IP multicast boundary 33-35
default configuration 33-9
enabling
multicast forwarding 33-11
PIM mode 33-11
group-to-RP mappings
Auto-RP 33-5
BSR 33-5
MBONE
deleting sdr cache entries 33-51
described 33-34
displaying sdr cache 33-52
enabling sdr listener support 33-34
limiting DVMRP routes advertised 33-46
limiting sdr cache entry lifetime 33-35
SAP packets for conference session announcement 33-34
Session Directory (sdr) tool, described 33-34
monitoring
packet rate loss 33-52
peering devices 33-52
tracing a path 33-52
multicast forwarding, described 33-6
PIMv1 and PIMv2 interoperability 33-9
protocol interaction 33-2
reverse path check (RPF) 33-6
routing table
deleting 33-51
displaying 33-52
RP
assigning manually 33-12
configuring Auto-RP 33-14
configuring PIMv2 BSR 33-18
monitoring mapping information 33-23
using Auto-RP and BSR 33-22
stacking
stack master functions 33-8
stack member functions 33-8
statistics, displaying system and network 33-51
IP phones
and QoS 15-1
automatic classification and queueing 29-18
configuring 15-4
ensuring port security with QoS 29-34
trusted boundary for QoS 29-34
IP precedence 29-2
IP-precedence-to-DSCP map for QoS 29-48
IP protocols
in ACLs 28-11
routing 1-8
IP routes, monitoring 31-79
IP routing
connecting interfaces with 11-6
enabling 31-19
IP traceroute
executing 36-18
overview 36-17
IP unicast routing
address resolution 31-9
administrative distances 31-68, 31-77
ARP 31-9
assigning IP addresses to Layer 3 interfaces 31-7
authentication keys 31-78
broadcast
address 31-16
flooding 31-17
packets 31-14
storms 31-14
classless routing 31-7
configuring static routes 31-67
default
addressing configuration 31-5
gateways 31-12
networks 31-69
routes 31-69
routing 31-2
directed broadcasts 31-14
dynamic routing 31-3
enabling 31-19
EtherChannel Layer 3 interface 31-4
IGP 31-30
inter-VLAN 31-2
IP addressing
classes 31-6
configuring 31-5
IRDP 31-13
Layer 3 interfaces 31-4
MAC address and IP address 31-9
passive interfaces 31-76
protocols
distance-vector 31-3
dynamic 31-3
link-state 31-3
proxy ARP 31-9
redistribution 31-69
reverse address resolution 31-9
routed ports 31-4
static routing 31-2
steps to configure 31-5
subnet mask 31-6
subnet zero 31-7
supernet 31-7
UDP 31-16
with SVIs 31-4
IRDP
configuring 31-13
definition 31-13
support for 1-8
ISL
and trunk ports 11-3
J
join messages, IGMP 20-3
K
KDC
described 9-32
Kerberos
authenticating to
boundary switch 9-35
KDC 9-35
network services 9-35
configuration examples 9-32
configuring 9-36
credentials 9-32
cryptographic software image 9-32
described 9-32
KDC 9-32
operation 9-34
realm 9-33
server 9-33
support for 1-7
switch as trusted third party 9-32
terms 9-33
TGT 9-34
tickets 9-32
key distribution center
L
LACP
Layer 2 frames, classification with CoS 29-2
Layer 2 interfaces, default configuration 11-12
Layer 2 traceroute
and ARP 36-16
and CDP 36-16
described 36-15
IP addresses and subnets 36-16
MAC addresses and VLANs 36-16
multicast traffic 36-16
multiple devices on a port 36-16
unicast traffic 36-15
usage guidelines 36-16
Layer 2 trunks 13-17
Layer 3 features 1-8
Layer 3 interfaces
assigning IP addresses to 31-7
changing from Layer 2 mode 31-7
types of 31-4
Layer 3 packets, classification methods 29-2
leave processing, IGMP 20-10
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
links, unidirectional 23-1
link state advertisements (LSAs) 31-34
link-state protocols 31-3
load balancing, IGRP 31-26
logging messages, ACL 28-10
login authentication
with RADIUS 9-23
with TACACS+ 9-14
login banners 7-18
log messages
Long-Reach Ethernet (LRE) technology 1-14, 1-21
loop guard
described 18-11
enabling 18-18
support for 1-6
LRE profiles, considerations in switch clusters 6-17
M
MAC addresses
aging time 7-22
and VLAN association 7-22
building the address table 7-21
default configuration 7-22
discovering 7-28
displaying 7-28
displaying in DHCP snooping binding table 19-6
dynamic
learning 7-21
removing 7-23
in ACLs 28-26
IP address association 31-9
static
adding 7-26
allowing 7-27
characteristics of 7-25
dropping 7-27
removing 7-26
MAC address notification, support for 1-9
MAC address-to-VLAN mapping 13-28
MAC extended access lists
applying to Layer 2 interfaces 28-28
configuring for QoS 29-39
creating 28-26
defined 28-26
for QoS classification 29-5
macros
manageability features 1-4
management access
in-band
browser session 1-5
CLI session 1-5
SNMP 1-5
out-of-band console port connection 1-5
management options
benefits
clustering 1-3
CMS 1-2
switch stacks 1-3
CLI 2-1
overview 1-4
management VLAN
considerations in switch clusters 6-8
discovery through different management VLANs 6-8
mapping tables for QoS
configuring
CoS-to-DSCP 29-47
DSCP 29-47
DSCP-to-CoS 29-50
DSCP-to-DSCP-mutation 29-51
IP-precedence-to-DSCP 29-48
policed-DSCP 29-49
described 29-10
marking
action in policy map 29-42
action with aggregate policers 29-45
matching, ACLs 28-7
maximum aging time
MSTP 17-22
STP 16-23
maximum hop count, MSTP 17-22
maximum-paths command 31-52, 31-67
membership mode, VLAN port 13-3
member switch
adding 6-18
automatic discovery 6-5
defined 6-2
managing 6-23
passwords 6-13
recovering from lost connectivity 36-12
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
menu bar
variations 3-4
messages
logging ACL violations 28-15
to users through banners 7-18
metrics, in BGP 31-53
metric translations, between routing protocols 31-72
MIBs
accessing files with FTP A-3
location of files A-3
overview 27-1
SNMP interaction with 27-5
supported A-1
mini-point-of-presence
mirroring traffic for analysis 24-1
mismatches, autonegotiation 36-12
module number 11-7
monitoring
access groups 28-40
ACL configuration 28-40
BGP 31-64
cables for unidirectional links 23-1
CDP 22-5
CEF 31-66
EIGRP 31-44
fallback bridging 35-11
features 1-9
HSRP 32-10
IGMP
filters 20-24
snooping 20-12
interfaces 11-23
IP
address tables 31-18
multicast routing 33-50
routes 31-79
MSDP peers 34-19
multicast router interfaces 20-12
MVR 20-19
network traffic for analysis with probe 24-2
OSPF 31-38
port
blocking 21-15
protection 21-15
RP mapping information 33-23
source-active messages 34-19
speed and duplex mode 11-15
traffic flowing among switches 25-1
traffic suppression 21-15
VLAN
filters 28-40
maps 28-40
VLANs 13-16
VMPS 13-32
VTP 14-15
MSDP
benefits of 34-3
clearing MSDP connections and statistics 34-19
controlling source information
forwarded by switch 34-12
originated by switch 34-9
received by switch 34-14
default configuration 34-4
dense-mode regions
sending SA messages to 34-17
specifying the originating address 34-18
filtering
incoming SA messages 34-14
SA messages to a peer 34-12
SA requests from a peer 34-11
join latency, defined 34-6
meshed groups
configuring 34-16
defined 34-16
originating address, changing 34-18
overview 34-1
peer-RPF flooding 34-2
peers
configuring a default 34-4
monitoring 34-19
peering relationship, overview 34-1
requesting source information from 34-8
shutting down 34-16
source-active messages
caching 34-6
clearing cache entries 34-19
defined 34-2
filtering from a peer 34-11
filtering incoming 34-14
filtering to a peer 34-12
limiting data with TTL 34-14
monitoring 34-19
restricting advertised sources 34-9
support for 1-9
MSTP
boundary ports
configuration guidelines 17-14
described 17-5
BPDU filtering
described 18-3
enabling 18-14
BPDU guard
described 18-3
enabling 18-13
CIST, described 17-3
configuration guidelines 17-13, 18-12
configuring
forward-delay time 17-21
hello time 17-20
link type for rapid convergence 17-23
maximum aging time 17-22
maximum hop count 17-22
MST region 17-14
path cost 17-19
port priority 17-18
root switch 17-15
secondary root switch 17-17
switch priority 17-20
CST
defined 17-3
operations between regions 17-4
default configuration 17-13
default optional feature configuration 18-12
displaying status 17-24
enabling the mode 17-14
EtherChannel guard
described 18-10
enabling 18-17
extended system ID
effects on root switch 17-15
effects on secondary root switch 17-17
unexpected behavior 17-16
instances supported 16-10
interface state, blocking to forwarding 18-2
interoperability and compatibility among modes 16-11
interoperability with 802.1D
described 17-6
restarting migration process 17-23
IST
defined 17-3
master 17-3
operations within a region 17-3
loop guard
described 18-11
enabling 18-18
mapping VLANs to MST instance 17-14
MST region
CIST 17-3
configuring 17-14
described 17-2
hop-count mechanism 17-5
IST 17-3
supported spanning-tree instances 17-2
optional features supported 1-6
overview 17-2
Port Fast
described 18-2
enabling 18-12
preventing root switch selection 18-10
root guard
described 18-10
enabling 18-17
root switch
configuring 17-16
effects of extended system ID 17-15
unexpected behavior 17-16
shutdown Port Fast-enabled port 18-3
stack changes, effects of 17-6
status, displaying 17-24
multicast groups
Immediate Leave 20-5
joining 20-3
leaving 20-4
static joins 20-10
multicast packets
ACLs on 28-39
blocking 21-6
multicast router interfaces, monitoring 20-12
multicast router ports, adding 20-9
Multicast Source Discovery Protocol
multicast storm-control command 21-4
multicast storms 21-2
Multicast VLAN Registration
Multiple Spanning Tree Protocol
MVR
and address aliasing 20-16
configuring interfaces 20-17
default configuration 20-15
described 20-13
in the switch stack 20-15
modes 20-17
monitoring 20-19
setting global parameters 20-16
support for 1-4
N
named IP ACLs 28-14
native VLAN
configuring 13-23
default 13-23
neighbor discovery/recovery, EIGRP 31-39
neighbors, BGP 31-59
network configuration examples
cost-effective wiring closet 1-14
high-performance wiring closet 1-15
increasing network performance 1-12
large network 1-19
long-distance, high-bandwidth transport 1-23
multidwelling network 1-21
providing network services 1-13
redundant Gigabit backbone 1-15
server aggregation and Linux server cluster 1-16
small to medium-sized network 1-17
network design
performance 1-13
services 1-13
network management
CDP 22-1
RMON 25-1
SNMP 27-1
Network Time Protocol
no commands 2-4
non-IP traffic filtering 28-26
nontrunking mode 13-17
normal-range VLANs
configuration modes 13-6
defined 13-1
no switchport command 11-4
note, described xxxvi
not-so-stubby areas
NSSA, OSPF 31-34
NTP
associations
authenticating 7-5
defined 7-2
enabling broadcast messages 7-7
peer 7-6
server 7-6
default configuration 7-4
displaying the configuration 7-11
overview 7-2
restricting access
creating an access group 7-9
disabling NTP services per interface 7-10
source IP address, configuring 7-10
stratum 7-2
support for 1-4
synchronizing devices 7-6
time
services 7-2
synchronizing 7-2
O
Open Shortest Path First
optimizing system resources 8-1
options, management 1-4
OSPF
area parameters, configuring 31-34
configuring 31-32
default configuration
metrics 31-35
route 31-35
settings 31-31
described 31-29
interface parameters, configuring 31-33
LSA group pacing 31-36
monitoring 31-38
router IDs 31-37
route summarization 31-35
support for 1-8
virtual links 31-35
out-of-profile markdown 1-8
P
packet modification, with QoS 29-17
PAgP
parallel paths, in routing tables 31-67
passive interfaces
configuring 31-76
OSPF 31-35
passwords
default configuration 9-2
disabling recovery of 9-5
encrypting 9-4
for security 1-6
overview 9-1
recovery of 36-4
setting
enable 9-3
enable secret 9-4
Telnet 9-6
with usernames 9-7
VTP domain 14-8
path cost
MSTP 17-19
STP 16-20
PBR
defined 31-73
enabling 31-74
fast-switched policy-based routing 31-75
local policy-based routing 31-75
PC (passive command switch) 6-10, 6-21
peers, BGP 31-59
performance, network design 1-12
performance features 1-3
per-VLAN spanning-tree plus
physical ports 11-2
PIM
default configuration 33-9
dense mode
overview 33-4
rendezvous point (RP), described 33-4
RPF lookups 33-7
displaying neighbors 33-52
enabling a mode 33-11
overview 33-3
router-query message interval, modifying 33-26
shared tree and source tree, overview 33-23
shortest path tree, delaying the use of 33-25
sparse mode
join messages and shared tree 33-4
overview 33-4
prune messages 33-5
RPF lookups 33-7
support for 1-9
versions
interoperability 33-9
troubleshooting interoperability problems 33-23
v2 improvements 33-4
PIM-DVMRP, as snooping method 20-7
ping
character output description 36-14
executing 36-14
overview 36-14
PoE
configuring 11-17
support for 1-9
troubleshooting 36-13
poison-reverse updates, IGRP 31-26
policed-DSCP map for QoS 29-49
policers
configuring
for each matched traffic class 29-42
for more than one traffic class 29-45
described 29-3
displaying 29-64
number of 29-29
types of 29-8
policing
described 29-3
token-bucket algorithm 29-9
policy-based routing
policy maps for QoS
characteristics of 29-42
configuring 29-42
described 29-7
displaying 29-65
POP 1-21
port ACLs
defined 28-2
types of 28-3
Port Aggregation Protocol
port-based authentication
authentication server
defined 10-2
RADIUS server 10-2
client, defined 10-2
configuration guidelines 10-12
configuring
802.1X authentication 10-13
guest VLAN 10-19
host mode 10-18
manual re-authentication of a client 10-16
periodic re-authentication 10-15
quiet period 10-16
RADIUS server 10-15
RADIUS server parameters on the switch 10-14
switch-to-client frame-retransmission number 10-17
switch-to-client retransmission time 10-16
default configuration 10-11
described 10-1
device roles 10-2
displaying statistics 10-20
EAPOL-start frame 10-3
EAP-request/identity frame 10-3
EAP-response/identity frame 10-3
encapsulation 10-2
guest VLAN
configuration guidelines 10-8
described 10-8
initiation and message exchange 10-3
method lists 10-13
multiple-hosts mode, described 10-18
per-user ACLs
AAA authorization 10-13
configuration tasks 10-9
described 10-8
RADIUS server attributes 10-9
ports
authorization state and dot1x port-control command 10-4
authorized and unauthorized 10-4
voice VLAN 10-6
port security
and voice VLAN 10-6
described 10-5
interactions 10-6
multiple-hosts mode 10-18
resetting to default values 10-19
stack changes, effects of 10-9
statistics, displaying 10-20
switch
as proxy 10-2
RADIUS client 10-2
topologies, supported 10-5
upgrading from a previous release 10-12
VLAN assignment
AAA authorization 10-13
characteristics 10-7
configuration tasks 10-8
described 10-7
voice VLAN
described 10-6
PVID 10-6
VVID 10-6
port-channel
Port Fast
described 18-2
enabling 18-12
mode, spanning tree 13-29
support for 1-6
port membership modes, VLAN 13-3
port priority
MSTP 17-18
STP 16-18
ports
access 11-3
blocking 21-6
dynamic access 13-4
protected 21-5
routed 11-3
secure 21-7
switch 11-2
VLAN assignments 13-11
port security
aging 21-14
and QoS trusted boundary 29-34
and stacking 21-15
configuring 21-11
default configuration 21-10
described 21-7
displaying 21-16
on trunk ports 21-12
sticky learning 21-8
violations 21-9
with other features 21-10
port-shutdown response, VMPS 13-28
Power over Ethernet
preferential treatment of traffic
prefix lists, BGP 31-57
preventing unauthorized access 9-1
priority
HSRP 32-6
overriding CoS 15-5
trusting CoS 15-5
private VLAN edge ports
privileged EXEC mode 2-2
privilege levels
changing the default for lines 9-9
command switch 6-23
exiting 9-10
in CMS 3-7
logging into 9-10
mapping on member switches 6-23
setting a command with 9-8
protocol-dependent modules, EIGRP 31-39
Protocol-Independent Multicast Protocol
proxy ARP
configuring 31-11
definition 31-9
with IP routing disabled 31-12
pruning, VTP
enabling 14-13
enabling on a port 13-22
examples 14-5
overview 14-4
pruning-eligible list
changing 13-22
for VTP pruning 14-5
VLANs 14-14
publications for products, technologies, and network solutions xxxix
PVST+
802.1Q trunking interoperability 16-11
described 16-10
instances supported 16-10
Q
QoS
auto-QoS
categorizing traffic 29-18
configuration and defaults display 29-26
configuration guidelines 29-22
described 29-18
disabling 29-23
displaying generated commands 29-23
displaying the initial configuration 29-26
effects on running configuration 29-22
egress queue defaults 29-19
enabling for VoIP 29-23
example configuration 29-24
ingress queue defaults 29-19
list of generated commands 29-20
basic model 29-3
classification
class maps, described 29-7
defined 29-3
flowchart 29-6
forwarding treatment 29-3
in frames and packets 29-2
MAC ACLs, described 29-5, 29-7
options for IP traffic 29-5
options for non-IP traffic 29-5
policy maps, described 29-7
trust DSCP, described 29-5
trusted CoS, described 29-5
trust IP precedence, described 29-5
class maps
configuring 29-40
displaying 29-64
configuration guidelines
auto-QoS 29-22
standard QoS 29-29
configuring
aggregate policers 29-45
auto-QoS 29-18
default port CoS value 29-33
DSCP maps 29-47
DSCP trust states bordering another domain 29-35
egress queue characteristics 29-57
ingress queue characteristics 29-52
IP extended ACLs 29-38
IP standard ACLs 29-37
MAC ACLs 29-39
policy maps 29-42
port trust states within the domain 29-31
trusted boundary 29-34
default auto configuration 29-18
default standard configuration 29-27
displaying statistics 29-64
egress queues
allocating buffer space 29-57
buffer allocation scheme, described 29-16
configuring shaped weights for SRR 29-60
configuring shared weights for SRR 29-62
described 29-4
displaying the threshold map 29-60
flowchart 29-15
mapping DSCP or CoS values 29-59
scheduling, described 29-4
setting WTD thresholds 29-57
WTD, described 29-17
enabling globally 29-30
flowcharts
classification 29-6
egress queueing and scheduling 29-15
ingress queueing and scheduling 29-13
policing and marking 29-9
implicit deny 29-7
ingress queues
allocating bandwidth 29-55
allocating buffer space 29-54
buffer and bandwidth allocation, described 29-14
configuring shared weights for SRR 29-55
configuring the priority queue 29-56
described 29-3
displaying the threshold map 29-53
flowchart 29-13
mapping DSCP or CoS values 29-53
priority queue, described 29-14
scheduling, described 29-3
setting WTD thresholds 29-53
WTD, described 29-14
IP phones
automatic classification and queueing 29-18
detection and trusted settings 29-18, 29-34
limiting bandwidth on egress interface 29-63
mapping tables
CoS-to-DSCP 29-47
displaying 29-64
DSCP-to-CoS 29-50
DSCP-to-DSCP-mutation 29-51
IP-precedence-to-DSCP 29-48
policed-DSCP 29-49
types of 29-10
marked-down actions 29-43
overview 29-1
packet modification 29-17
policers
described 29-8
displaying 29-64
number of 29-29
types of 29-8
policies, attaching to an interface 29-9
policing
token bucket algorithm 29-9
policy maps
characteristics of 29-42
configuring 29-42
displaying 29-65
QoS label, defined 29-3
queues
configuring egress characteristics 29-57
configuring ingress characteristics 29-52
high priority (expedite) 29-17, 29-63
location of 29-11
SRR, described 29-12
WTD, described 29-11
rewrites 29-17
support for 1-7
trust states
bordering another domain 29-35
described 29-5
trusted device 29-34
within the domain 29-31
quality of service
queries, IGMP 20-3
R
RADIUS
attributes
vendor-proprietary 9-31
vendor-specific 9-29
configuring
accounting 9-28
authentication 9-23
authorization 9-27
communication, global 9-21, 9-29
communication, per-server 9-21
multiple UDP ports 9-21
default configuration 9-20
defining AAA server groups 9-25
displaying the configuration 9-31
identifying the server 9-21
in clusters 6-16
limiting the services to the user 9-27
method list, defined 9-20
operation of 9-19
overview 9-18
suggested network environments 9-18
support for 1-7
tracking services accessed by user 9-28
range
macro 11-10
of interfaces 11-9
rapid convergence 17-8
rapid per-VLAN spanning-tree plus
rapid PVST+
802.1Q trunking interoperability 16-11
described 16-10
instances supported 16-10
Rapid Spanning Tree Protocol
RARP 31-9
rcommand command 6-23
RCP
configuration files
downloading B-18
overview B-17
preparing the server B-17
uploading B-19
image files
deleting old image B-33
downloading B-32
preparing the server B-30
uploading B-34
reconfirmation interval, VMPS, changing 13-31
recovery procedures 36-1
redundancy
EtherChannel 30-2
HSRP 32-1
STP
backbone 16-8
multidrop backbone 18-5
path cost 13-26
port priority 13-24
redundant clusters
redundant links and UplinkFast 18-15
reliable transport protocol, EIGRP 31-39
reloading software 4-17
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
report suppression, IGMP
described 20-5
disabling 20-11
requirements
cluster
See release notes xxxvii
resets, in BGP 31-51
resetting a UDLD-shutdown interface 23-6
restricting access
NTP services 7-8
overview 9-1
passwords and privilege levels 9-2
RADIUS 9-18
TACACS+ 9-10
retry count, VMPS, changing 13-32
reverse address resolution 31-9
Reverse Address Resolution Protocol
RFC
1058, RIP 31-20
1112, IP multicast and IGMP 20-2
1157, SNMPv1 27-2
1163, BGP 31-45
1166, IP addresses 31-6
1253, OSPF 31-30
1267, BGP 31-45
1305, NTP 7-2
1587, NSSAs 31-30
1757, RMON 25-2
1771, BGP 31-45
1901, SNMPv2C 27-2
1902 to 1907, SNMPv2 27-2
2236, IP multicast and IGMP 20-2
2273-2275, SNMPv3 27-2
RIP
advertisements 31-20
authentication 31-23
configuring 31-21
default configuration 31-20
described 31-20
hop counts 31-20
split horizon 31-23
summary addresses 31-23
support for 1-8
RMON
default configuration 25-3
displaying status 25-6
enabling alarms and events 25-3
groups supported 25-2
overview 25-1
statistics
collecting group Ethernet 25-6
collecting group history 25-5
support for 1-9
root guard
described 18-10
enabling 18-17
support for 1-6
root switch
MSTP 17-15
STP 16-16
route calculation timers, OSPF 31-36
route dampening, BGP 31-63
routed packets, ACLs on 28-38
routed ports
configuring 31-4
defined 11-3
in switch clusters 6-9
route-map command 31-75
route maps
BGP 31-54
policy-based routing 31-73
router ACLs
defined 28-2
types of 28-4
route reflectors, BGP 31-62
router ID, OSPF 31-37
route selection, BGP 31-52
route summarization, OSPF 31-35
routing
default 31-2
dynamic 31-3
redistribution of information 31-69
static 31-2
routing domain confederation, BGP 31-62
Routing Information Protocol
routing protocol administrative distances 31-68
RSPAN
and stack changes 24-10
characteristics 24-9
configuration guidelines 24-17
default configuration 24-11
destination ports 24-8
displaying status 24-24
in a switch stack 24-2
interaction with other features 24-9
monitored ports 24-6
monitoring ports 24-8
received traffic 24-5
session limits 24-11
sessions
creating 24-18
defined 24-4
limiting source traffic to specific VLANs 24-23
specifying monitored ports 24-18
with ingress traffic enabled 24-21
source ports 24-6
transmitted traffic 24-6
VLAN-based 24-7
RSTP
active topology, determining 17-7
BPDU
format 17-10
processing 17-11
designated port, defined 17-7
designated switch, defined 17-7
interoperability with 802.1D
described 17-6
restarting migration process 17-23
topology changes 17-11
overview 17-7
port roles
described 17-7
synchronized 17-9
proposal-agreement handshake process 17-8
rapid convergence
cross-stack rapid convergence 17-8
described 17-8
edge ports and Port Fast 17-8
point-to-point links 17-8, 17-23
root ports 17-8
root port, defined 17-7
running configuration, saving 4-11
S
SC (standby command switch) 6-10, 6-21
scheduled reloads 4-17
SDM
described 8-1
switch stack consideration 5-7
templates
configuring 8-4
number of 8-1
SDM template
aggregator 8-1
configuring 8-3
desktop 8-1
secure MAC addresses
and switch stacks 21-15
deleting 21-13
maximum number of 21-8
types of 21-8
secure ports
and switch stacks 21-15
configuring 21-7
secure remote connections 9-38
security, port 21-7
security features 1-6
sequence numbers in log messages 26-8
server mode, VTP 14-3
service-provider network
MSTP and RSTP 17-1
set-request operation 27-5
setup (CLI) program 1-10
See also hardware installation guide
setup program
failed command switch replacement 36-9, 36-11
severity levels, defining in system messages 26-9
SFPs
numbering of 11-7
security and identification 36-13
shaped round robin
show access-lists hw-summary command 28-21
show and more command output, filtering 2-8
show cdp traffic command 22-5
show cluster members command 6-23
show configuration command 11-19
show forward command 36-23
show interfaces command 11-15, 11-19
show platform forward command 36-23
show running-config command
displaying ACLs 28-19, 28-20, 28-30, 28-33
interface description in 11-19
shutdown command on interfaces 11-24
Simple Network Management Protocol
small form-factor pluggable modules
Smartports macros
configuration guidelines 12-2
creating and applying 12-3
default configuration 12-2
defined 12-1
displaying 12-4
tracing 12-2
SNAP 22-1
SNMP
accessing MIB variables with 27-5
agent
described 27-4
disabling 27-8
authentication level 27-10
community strings
configuring 27-8
for cluster switches 27-4
overview 27-4
configuration examples 27-15
default configuration 27-7
engine ID 27-7
host 27-7
ifIndex values 27-6
in-band management 1-5
in clusters 6-14
informs
and trap keyword 27-11
described 27-5
differences from traps 27-5
enabling 27-14
limiting access by TFTP servers 27-14
limiting system log messages to NMS 26-10
managing clusters with 6-24
MIBs
location of A-3
supported A-1
notifications 27-5
security levels 27-3
status, displaying 27-16
system contact and location 27-14
trap manager, configuring 27-13
traps
differences from informs 27-5
enabling 27-11
enabling MAC address notification 7-23
types of 27-11
versions supported 27-2
SNMPv1 27-2
SNMPv2C 27-2
SNMPv3 27-2
snooping, IGMP 20-2
software compatibility
software images
location in flash B-21
recovery procedures 36-2
scheduling reloads 4-17
tar file format, described B-22
See also downloading and uploading
source addresses, in ACLs 28-11
source-and-destination-IP address based forwarding, EtherChannel 30-8
source-and-destination MAC address forwarding, EtherChannel 30-8
source-IP address based forwarding, EtherChannel 30-8
source-MAC address forwarding, EtherChannel 30-8
SPAN
and stack changes 24-10
configuration guidelines 24-11
default configuration 24-11
destination ports 24-8
displaying status 24-24
interaction with other features 24-9
monitored ports 24-6
monitoring ports 24-8
received traffic 24-5
session limits 24-11
sessions
configuring ingress forwarding 24-15, 24-22
creating 24-12
defined 24-4
limiting source traffic to specific VLANs 24-16
removing destination (monitoring) ports 24-13
specifying monitored ports 24-12
with ingress traffic enabled 24-14
source ports 24-6
transmitted traffic 24-6
VLAN-based 24-7
spanning tree and native VLANs 13-19
Spanning Tree Protocol
SPAN traffic 24-5
speed, configuring on interfaces 11-13
split horizon
IGRP 31-29
RIP 31-23
SRR
configuring
shaped weights on egress queues 29-60
shared weights on egress queues 29-62
shared weights on ingress queues 29-55
described 29-12
shaped mode 29-12
shared mode 29-12
support for 1-8
SSH
configuring 9-39
cryptographic software image 9-37
encryption methods 9-38
switch stack considerations 5-11, 9-38
user authentication methods, supported 9-38
stack changes, effects on
802.1X port-based authentication 10-9
ACL configuration 28-6
CDP 22-2
cross-stack EtherChannel 30-12
EtherChannel 30-9
fallback bridging 35-3
HSRP 32-2
IGMP snooping 20-5
IP routing 31-3
MAC address tables 7-22
MSTP 17-6
multicast routing 33-8
MVR 20-13
port security 21-15
SDM template selection 8-2
SNMP 27-1
SPAN and RSPAN 24-10
STP 16-12
switch clusters 6-15
system message log 26-2
VLANs 13-6
VTP 14-6
stack master
bridge ID (MAC address) 5-5
defined 5-1
election 5-4
re-election 5-4
stack member
accessing CLI of specific member 5-15
configuring
member number 5-14
priority value 5-15
defined 5-1
displaying information of 5-15
hot-swappable 5-9
number 5-5
priority value 5-6
stack member number 11-7
stack protocol version 5-8
stacks, switch
accessing CLI of specific member 5-15
assigning information
member number 5-14
priority value 5-15
benefits 1-2
bridge ID 5-5
CDP considerations 22-2
compatibility, software 5-7
configuration file 5-9
configuration scenarios 5-11
default configuration 5-14
default settings 5-14
description of 5-1
displaying information of 5-15
hot-swappable 5-9
HSRP considerations 32-2
in clusters 6-15
MAC address considerations 7-22
management connectivity 5-10
managing 5-1
membership 5-3
merged 5-3
MSTP instances supported 16-10
multicast routing, stack master and member roles 33-8
See also stack master and stack member
software compatibility 5-7
software image version 5-7
stack protocol version 5-8
STP
bridge ID 16-3
instances supported 16-10
root port selection 16-3
stack root switch election 16-3
system messages
hostnames in the display 26-1
remotely monitoring 26-2
system prompt consideration 7-15
system-wide configuration considerations 5-10
upgrading B-35
StackWise technology, Cisco 1-3
Standby Command Configuration window 6-21
standby command switch
considerations 6-11
defined 6-2
priority 6-10
requirements 6-3
virtual IP address 6-11
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 32-5
standby router 32-1
standby timers, HSRP 32-8
startup configuration
booting
manually 4-13
specific image 4-14
clearing B-20
configuration file
automatically downloading 4-12
specifying the filename 4-13
default boot configuration 4-12
static access ports
assigning to VLAN 13-11
static addresses
static IP routing 1-8
static MAC addressing 1-6
static routes, configuring 31-67
static routing 31-2
static VLAN membership 13-2
statistics
802.1X 10-20
CDP 22-5
interface 11-23
IP multicast routing 33-51
OSPF 31-38
QoS ingress and egress 29-64
RMON group Ethernet 25-6
RMON group history 25-5
SNMP input and output 27-16
VTP 14-15
sticky learning 21-8
storm control
configuring 21-3
described 21-2
displaying 21-15
support for 1-3
thresholds 21-2
STP
802.1D and bridge ID 16-4
802.1D and multicast addresses 16-9
802.1t and VLAN identifier 16-4
accelerating root port selection 18-4
BackboneFast
described 18-7
enabling 18-16
BPDU filtering
described 18-3
enabling 18-14
BPDU guard
described 18-3
enabling 18-13
BPDU message exchange 16-3
configuration guidelines 16-13, 18-12
configuring
forward-delay time 16-23
hello time 16-22
maximum aging time 16-23
path cost 16-20
port priority 16-18
root switch 16-16
secondary root switch 16-18
spanning-tree mode 16-15
switch priority 16-21
counters, clearing 16-24
cross-stack UplinkFast
described 18-5
enabling 18-16
default configuration 16-13
default optional feature configuration 18-12
designated port, defined 16-4
designated switch, defined 16-4
detecting indirect link failures 18-8
disabling 16-16
displaying status 16-24
EtherChannel guard
described 18-10
enabling 18-17
extended system ID
effects on root switch 16-16
effects on the secondary root switch 16-18
overview 16-4
unexpected behavior 16-16
features supported 1-5
inferior BPDU 16-3
instances supported 16-10
interface state, blocking to forwarding 18-2
interface states
blocking 16-6
disabled 16-7
learning 16-7
listening 16-7
overview 16-5
interoperability and compatibility among modes 16-11
limitations with 802.1Q trunks 16-11
load sharing
overview 13-24
using path costs 13-26
using port priorities 13-24
loop guard
described 18-11
enabling 18-18
modes supported 16-10
multicast addresses, effect of 16-9
optional features supported 1-6
overview 16-2
path costs 13-26
Port Fast
described 18-2
enabling 18-12
port priorities 13-25
preventing root switch selection 18-10
protocols supported 16-10
redundant connectivity 16-8
root guard
described 18-10
enabling 18-17
root port, defined 16-3
root port selection on a switch stack 16-3
root switch
configuring 16-16
effects of extended system ID 16-4, 16-16
election 16-3
unexpected behavior 16-16
shutdown Port Fast-enabled port 18-3
stack changes, effects of 16-12
status, displaying 16-24
superior BPDU 16-3
timers, described 16-22
UplinkFast
described 18-4
enabling 18-15
VLAN-bridge 16-12
stratum, NTP 7-2
stub areas, OSPF 31-34
subnet mask 31-6
subnet zero 31-7
success response, VMPS 13-28
summer time 7-13
SunNet Manager 1-4
supernet 31-7
SVIs
and IP unicast routing 31-4
and router ACLs 28-4
connecting VLANs 11-5
defined 11-4
routing between VLANs 13-2
switch clustering technology 6-1
See also clusters, switch 1-3
switch console port 1-5
Switch Database Management
switched packets, ACLs on 28-37
Switched Port Analyzer
switched ports 11-2
Switch Manager 3-15
switchport block multicast command 21-6
switchport block unicast command 21-6
switchport command 11-12
switchport protected command 21-5
switch priority
MSTP 17-20
STP 16-21
switch software features 1-1
switch virtual interface
synchronization, BGP 31-49
syslog
system clock
configuring
daylight saving time 7-13
manually 7-11
summer time 7-13
time zones 7-12
displaying the time and date 7-12
overview 7-2
system message logging
default configuration 26-4
defining error message severity levels 26-9
disabling 26-4
displaying the configuration 26-13
enabling 26-5
facility keywords, described 26-12
level keywords, described 26-9
limiting messages 26-10
message format 26-2
overview 26-1
sequence numbers, enabling and disabling 26-8
setting the display destination device 26-5
stack changes, effects of 26-2
synchronizing log messages 26-6
syslog facility 1-9
time stamps, enabling and disabling 26-8
UNIX syslog servers
configuring the daemon 26-11
configuring the logging facility 26-12
facilities supported 26-12
system name
default configuration 7-15
default setting 7-15
manual configuration 7-15
system prompt
default setting 7-15
manual configuration 7-16
system resources, optimizing 8-1
system routes, IGRP 31-25
T
TAC
case priority definitions xxxix
toll-free telephone numbers xxxix
website xxxviii
TACACS+
accounting, defined 9-11
authentication, defined 9-11
authorization, defined 9-11
configuring
accounting 9-17
authentication key 9-13
authorization 9-16
login authentication 9-14
default configuration 9-13
displaying the configuration 9-17
identifying the server 9-13
in clusters 6-16
limiting the services to the user 9-16
operation of 9-12
overview 9-10
support for 1-7
tracking services accessed by user 9-17
tar files
creating B-6
displaying the contents of B-7
extracting B-8
image file format B-22
TDR 1-9
technical assistance
case priority definitions xxxix
TAC xxxviii
TAC website xxxviii
toll-free telephone numbers xxxix
Telnet
accessing management interfaces 2-9
from a browser 2-10
number of connections 1-5
setting a password 9-6
templates, SDM 8-1
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 9-6
TFTP
configuration files
downloading B-12
preparing the server B-11
uploading B-12
configuration files in base directory 4-6
configuring for autoconfiguration 4-6
image files
deleting B-25
downloading B-24
preparing the server B-23
uploading B-25
limiting access by servers 27-14
TFTP server 1-4
threshold, traffic level 21-2
time
Time Domain Reflector
time-range command 28-16
time ranges in ACLs 28-16
time stamps in log messages 26-8
time zones 7-12
Token Ring VLANs
support for 13-5
VTP support 14-4
Topology view
TOS 1-7
traceroute, Layer 2
and ARP 36-16
and CDP 36-16
described 36-15
IP addresses and subnets 36-16
MAC addresses and VLANs 36-16
multicast traffic 36-16
multiple devices on a port 36-16
unicast traffic 36-15
usage guidelines 36-16
traceroute command 36-18
traffic
blocking flooded 21-6
fragmented 28-5
unfragmented 28-5
traffic policing 1-8
traffic suppression 21-2
transparent mode, VTP 14-3, 14-12
trap-door mechanism 4-2
traps
configuring MAC address notification 7-23
configuring managers 27-11
defined 27-3
notification types 27-11
troubleshooting
connectivity problems 36-13, 36-15, 36-17
detecting unidirectional links 23-1
determining packet forwarding 36-23
displaying crash information 36-25
PIMv1 and PIMv2 interoperability problems 33-23
SFP security and identification 36-13
show forward command 36-23
with CiscoWorks 27-5
with debug commands 36-21
with ping 36-14
with system message logging 26-1
with traceroute 36-17
troubleshooting CMS 3-9
trunking encapsulation 1-6
trunk ports
configuring 13-20
encapsulation 13-20, 13-25, 13-26
secure MAC addresses on 21-11
trunks
allowed-VLAN list 13-21
configuring 13-20, 13-25, 13-26
ISL 13-16
load sharing
setting STP path costs 13-26
using STP port priorities 13-24, 13-25
native VLAN for untagged traffic 13-23
parallel 13-26
pruning-eligible list 13-22
to non-DTP device 13-17
understanding 13-17
trusted boundary for QoS 29-34
trusted port states
between QoS domains 29-35
classification options 29-5
ensuring port security for IP phones 29-34
support for 1-7
within a QoS domain 29-31
twisted-pair Ethernet, detecting unidirectional links 23-1
type of service
U
UDLD
default configuration 23-4
echoing detection mechanism 23-3
enabling
globally 23-5
per interface 23-6
link-detection mechanism 23-1
neighbor database 23-2
overview 23-1
resetting an interface 23-6
status, displaying 23-7
support for 1-5
UDP, configuring 31-16
unauthorized ports with 802.1X 10-4
unequal-cost load balancing, IGRP 31-26
unicast MAC address filtering 1-4
and adding static addresses 7-27
and broadcast MAC addresses 7-26
and CPU packets 7-26
and multicast addresses 7-26
and router MAC addresses 7-26
configuration guidelines 7-26
described 7-26
unicast storm control command 21-4
unicast storms 21-2
unicast traffic, blocking 21-6
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 26-11
facilities supported 26-12
message logging configuration 26-12
unrecognized Type-Length-Value (TLV) support 14-4
upgrading information
See release notes xxxvii
upgrading software images
UplinkFast
described 18-4
enabling 18-15
support for 1-5
uploading
configuration files
reasons for B-9
using FTP B-16
using RCP B-19
using TFTP B-12
image files
reasons for B-21
using FTP B-29
using RCP B-34
using TFTP B-25
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 9-7
V
version-dependent transparent mode 14-4
version mismatch (VM) mode 5-8
virtual IP address
cluster standby group 6-11, 6-21
vlan.dat file 13-4
VLAN 1, disabling on a trunk port 13-21
VLAN 1 minimization 13-21
VLAN ACLs
vlan-assignment response, VMPS 13-28
VLAN configuration
at bootup 13-7
saving 13-7
VLAN configuration mode 2-2, 13-7
VLAN database
and startup configuration file 13-7
and VTP 14-1
VLAN configuration saved in 13-7
VLANs saved in 13-4
vlan database command 13-7
VLAN filtering, and SPAN 24-7
vlan global configuration command 13-7
VLAN ID, discovering 7-28
VLAN management domain 14-2
VLAN Management Policy Server
VLAN map entries, order of 28-29
VLAN maps
applying 28-33
common uses for 28-33
configuration example 28-34
configuration guidelines 28-29
configuring 28-29
creating 28-30
defined 28-2
denying access example 28-35
denying and permitting packets 28-31
displaying 28-40
examples 28-35
support for 1-7
with router ACLs 28-40
VLAN membership
confirming 13-31
modes 13-3
VLAN Query Protocol
VLANs
adding 13-8
adding to VLAN database 13-8
aging dynamic addresses 16-9
allowed on trunk 13-21
and spanning-tree instances 13-3, 13-6, 13-13
configuration guidelines, extended-range VLANs 13-13
configuration guidelines, normal-range VLANs 13-6
configuration options 13-6
configuring 13-1
configuring IDs 1006 to 4094 13-13
connecting through SVIs 11-5
creating in config-vlan mode 13-9
creating in VLAN configuration mode 13-10
default configuration 13-8
deleting 13-10
displaying 13-16
features 1-6
illustrated 13-2
internal 13-13
in the switch stack 13-6
limiting source traffic with RSPAN 24-23
limiting source traffic with SPAN 24-16
modifying 13-8
native, configuring 13-23
number supported 1-6
parameters 13-5
port membership modes 13-3
static-access ports 13-11
STP and 802.1Q trunks 16-11
supported 13-3
Token Ring 13-5
traffic between 13-2
VTP modes 14-3
VLAN Trunking Protocol
VMPS
administering 13-32
configuration example 13-33
configuration guidelines 13-29
default configuration 13-29
description 13-27
dynamic port membership
described 13-28
reconfirming 13-31
troubleshooting 13-33
entering server address 13-30
mapping MAC addresses to VLANs 13-28
monitoring 13-32
reconfirmation interval, changing 13-31
reconfirming membership 13-31
retry count, changing 13-32
voice-over-IP 15-1
voice VLAN
Cisco 7960 phone, port connections 15-1
configuration guidelines 8-4, 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-5
trust CoS priority of incoming frame 15-5
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-4
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-6
VTP
adding a client to a domain 14-14
and extended-range VLANs 14-2
and normal-range VLANs 14-2
client mode, configuring 14-11
configuration
global configuration mode 14-7
guidelines 14-8
privileged EXEC mode 14-7
requirements 14-9
saving 14-7
VLAN configuration mode 14-8
configuration mode options 14-7
configuration requirements 14-9
configuration revision number
guideline 14-14
resetting 14-15
configuring
client mode 14-11
server mode 14-9
transparent mode 14-12
consistency checks 14-4
default configuration 14-7
described 14-1
disabling 14-12
domain names 14-8
domains 14-2
modes
transitions 14-3
monitoring 14-15
passwords 14-8
pruning
disabling 14-14
enabling 14-13
examples 14-5
overview 14-4
support for 1-6
pruning-eligible list, changing 13-22
server mode, configuring 14-9
statistics 14-15
support for 1-6
Token Ring support 14-4
transparent mode, configuring 14-12
using 14-1
version, guidelines 14-9
version 1 14-4
version 2
configuration guidelines 14-9
disabling 14-13
enabling 14-13
overview 14-4
W
weighted tail drop
WTD
described 29-11
setting thresholds
egress queue-sets 29-57
ingress queues 29-53
support for 1-8
X
XMODEM protocol 36-2