- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Managing Switch Stacks
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring 802.1x Port-Based Authentication
- Configuring Interface Characteristics
- Configuring Smartports Macros
- Configuring VLANs
- Configuring VTP
- Configuring Private VLANs
- Configuring Voice VLAN
- Configuring 802.1Q and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels
- Configuring IP Unicast Routing
- Configuring HSRP
- Configuring IP Multicast Routing
- Configuring MSDP
- Configuring Fallback Bridging
- Troubleshooting
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(25)SE
Numerics -
A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
K -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
W -
X -
ACLs (continued)
ACLs (continued)
ACLs (continued)
BGP (continued)
CDP (continued)
configuration files (continued)
default configuration (continued)
default configuration (continued)
downloading (continued)
DVMRP (continued)
dynamic ARP inspection (continued)
EtherChannel (continued)
fallback bridging (continued)
HSRP (continued)
IGMP (continued)
interfaces (continued)
IP multicast routing (continued)
IP multicast routing (continued)
IP unicast routing (continued)
monitoring (continued)
MSTP (continued)
passwords (continued)
PIM (continued)
privilege levels (continued)
QoS (continued)
QoS (continued)
QoS (continued)
RSTP (continued)
SNMP (continued)
SNMP (continued)
SPAN (continued)
stacks, switch (continued)
stacks, switch (continued)
statistics (continued)
STP (continued)
STP (continued)
STP (continued)
system message logging (continued)
troubleshooting (continued)
VLAN maps (continued)
VLANs (continued)
VTP (continued)
Index
Numerics
10-Gigabit Ethernet interfaces
configuration guidelines 10-16
defined 10-6
802.1D
802.1Q
and trunk ports 10-3
configuration limitations 12-19
encapsulation 12-16
native VLAN for untagged traffic 12-23
tunneling
compatibility with other features 16-6
defaults 16-4
described 16-1
tunnel ports with other features 16-6
802.1s
802.1w
802.1x
802.3ad
802.3af
802.3z flow control 10-19
A
abbreviating commands 2-3
ABRs 34-25
access-class command 31-21
access control entries
access-denied response, VMPS 12-28
access groups
applying ACLs to interfaces 31-22
IP 31-22
Layer 2 31-22
Layer 3 31-22
accessing stack members 4-22
access lists
access ports
and Layer 2 protocol tunneling 16-11
defined 10-3
accounting
with RADIUS 8-28
ACEs
and QoS 32-7
defined 31-2
Ethernet 31-2
IP 31-2
ACLs
ACEs 31-2
any keyword 31-14
applying
on bridged packets 31-39
on multicast packets 31-41
on routed packets 31-40
on switched packets 31-39
time ranges to 31-18
applying (continued)
to an interface 31-21
to QoS 32-7
classifying traffic for QoS 32-42
comments in 31-20
compiling 31-24
configuring with VLAN maps 31-38
extended IP
configuring for QoS classification 32-44
creating 31-11
matching criteria 31-8
hardware and software handling 31-23
host keyword 31-14
IP
applying to an interface 31-21
applying to interfaces 31-21
creating 31-8
fragments and QoS guidelines 32-33
implicit deny 31-10, 31-15, 31-17
implicit masks 31-10
matching criteria 31-8
named 31-16
terminal lines, setting on 31-21
undefined 31-23
violations, logging 31-17
limiting actions 31-39
logging messages 31-11
log keyword 31-17
monitoring 31-41
named 31-16
number per QoS class map 32-33
numbers 31-9
port 31-2
precedence of 31-3
resequencing entries 31-16
router 31-2
standard IP
configuring for QoS classification 32-43
creating 31-10
matching criteria 31-8
supported features 31-23
support for 1-7
time ranges 31-18
unsupported features 31-7
using router ACLs with VLAN maps 31-38
VLAN maps
configuration guidelines 31-31
configuring 31-31
active links 20-1
active router 35-1
address aliasing 23-2
addresses
displaying the MAC address table 6-28
dynamic
accelerated aging 17-9
changing the aging time 6-22
default aging 17-9
defined 6-20
learning 6-21
removing 6-23
MAC, discovering 6-28
multicast
group address range 36-3
STP address management 17-9
static
adding and removing 6-25
defined 6-20
Address Resolution Protocol
adjacency tables, with CEF 34-61
administrative distances
defined 34-72
OSPF 34-31
routing protocol defaults 34-63
advertisements
CDP 25-1
RIP 34-20
aggregate addresses, BGP 34-55
aggregated ports
aggregate policers 32-57
aggregate policing 1-9
aging, accelerating 17-9
aging time
accelerated
for MSTP 18-21
MAC address table 6-22
maximum
for MSTP 18-22
for STP 17-23
alarms, RMON 28-3
allowed-VLAN list 12-21
area border routers
ARP
configuring 34-10
encapsulation 34-11
static cache configuration 34-10
table
address resolution 6-28
managing 6-28
ASBRs 34-25
AS-path filters, BGP 34-50
asymmetrical links, and 802.1Q tunneling 16-4
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-29
audience xxxvii
authentication
EIGRP 34-38
HSRP 35-9
local mode with AAA 8-36
NTP associations 6-5
RADIUS
key 8-21
login 8-23
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authentication keys, and routing protocols 34-73
authoritative time source, described 6-2
authorization
with RADIUS 8-27
authorized ports with 802.1x 9-4
autoconfiguration 3-3
automatic advise (auto-advise) in switch stacks 4-12
automatic copy (auto-copy) in switch stacks 4-12
automatic QoS
automatic upgrades (auto-upgrade) in switch stacks 4-12
autonegotiation
duplex mode 1-3
interface configuration guidelines 10-17
mismatches 39-13
autonomous system boundary routers
autonomous systems, in BGP 34-44
Auto-RP, described 36-5
autosensing, port speed 1-3
auxiliary VLAN
availability, features 1-5
B
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
support for 1-6
backup interfaces
backup links 20-1
banners
configuring
login 6-20
message-of-the-day login 6-19
default configuration 6-18
when displayed 6-18
BGP
aggregate addresses 34-55
aggregate routes, configuring 34-55
CIDR 34-55
clear commands 34-59
community filtering 34-52
configuring neighbors 34-54
default configuration 34-41
described 34-41
enabling 34-43
monitoring 34-59
multipath support 34-47
neighbors, types of 34-43
path selection 34-47
peers, configuring 34-54
prefix filtering 34-51
resetting sessions 34-46
route dampening 34-58
route maps 34-49
route reflectors 34-57
routing domain confederation 34-56
show commands 34-59
supernets 34-55
support for 1-9
Version 4 34-41
binding cluster group and HSRP group 35-11
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 21-5
DHCP snooping database 21-5
IP source guard 21-14
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-6
booting
boot loader, function of 3-2
boot process 3-1
manually 3-13
specific image 3-13
boot loader
accessing 3-14
described 3-2
environment variables 3-14
prompt 3-14
trap-door mechanism 3-2
bootstrap router (BSR), described 36-5
Border Gateway Protocol
BPDU
error-disabled state 19-3
filtering 19-3
RSTP format 18-10
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
support for 1-6
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
support for 1-6
bridged packets, ACLs on 31-39
bridge groups
bridge protocol data unit
broadcast flooding 34-17
broadcast packets
directed 34-14
flooded 34-14
broadcast storm-control command 24-4
C
cables, monitoring for unidirectional links 26-1
candidate switch
defined 5-3
requirements 5-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 8-45
defined 8-42
caution, described xxxviii
CDP
and trusted boundary 32-39
configuring 25-2
default configuration 25-2
described 25-1
disabling for routing device 25-3 to 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
Layer 2 protocol tunneling 16-8
monitoring 25-5
overview 25-1
power negotiation extensions 10-6
support for 1-5
switch stack considerations 25-2
transmission timer and holdtime, setting 25-2
updates 25-2
CEF 34-60
CGMP
as IGMP snooping learning method 23-8
clearing cached group entries 36-50
enabling server support 36-33
joining multicast group 23-3
overview 36-7
server support only 36-7
switch support of 1-4
CIDR 34-55
CipherSuites 8-43
Cisco 7960 IP Phone 15-1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco intelligent power management 10-6
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco Network Assistant
Cisco StackWise technology 1-3
classless interdomain routing
classless routing 34-7
class maps for QoS
configuring 32-46
described 32-7
displaying 32-77
class of service
clearing interfaces 10-27
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 5-4
no and default forms of commands 2-4
client mode, VTP 13-3
clock
cluster requirements xxxix
clusters, switch
benefits 1-2
described 5-1
managing
through CLI 5-4
through SNMP 5-5
planning considerations
CLI 5-4
SNMP 5-5
See also Getting Started with Cisco Network Assistant
cluster standby group
and HSRP group 35-11
requirements 5-2
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 8-8
command switch
configuration conflicts 39-13
defined 5-2
password privilege levels 5-4
recovery
from command-switch failure 39-9
from lost member connectivity 39-13
replacing
with another switch 39-11
with cluster member 39-10
requirements 5-2
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 34-53
community ports 14-2
community strings
configuring 30-8
for cluster switches 30-4
overview 30-4
compatibility, feature 24-11
compatibility, software
config.text 3-12
configuration, initial
defaults 1-11
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration conflicts, recovering from lost member connectivity 39-13
configuration examples, network 1-13
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 3-12
deleting a stored configuration B-19
described B-8
downloading
automatically 3-12
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 30-15
obtaining with DHCP 3-7
password recovery disable considerations 8-5
specifying the filename 3-12
system contact and location information 30-15
types and location B-10
uploading
reasons for B-8
using FTP B-14
using RCP B-18
using TFTP B-12
configuration settings, saving 3-10
configure terminal command 10-11
conflicts, configuration 39-13
connections, secure remote 8-38
connectivity problems 39-15, 39-16, 39-18
consistency checks in VTP Version 2 13-4
console port, connecting to 2-9
conventions
command xxxviii
for examples xxxviii
publication xxxviii
text xxxviii
corrupted software, recovery steps with Xmodem 39-2
CoS
in Layer 2 frames 32-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 32-16
CoS output queue threshold map for QoS 32-19
CoS-to-DSCP map for QoS 32-59
counters, clearing interface 10-27
crashinfo file 39-25
cross-stack EtherChannel
configuration guidelines 33-12
configuring
on Layer 2 interfaces 33-12
on Layer 3 physical interfaces 33-16
described 33-2
illustration 33-3
support for 1-5
cross-stack UplinkFast, STP
described 19-5
disabling 19-16
enabling 19-16
fast-convergence events 19-7
Fast Uplink Transition Protocol 19-6
normal-convergence events 19-7
support for 1-6
cryptographic software image
Kerberos 8-32
SSH 8-37
SSL 8-42
switch stack considerations 4-2, 4-17, 8-38
CWDM SFPs 1-24
D
daylight saving time 6-13
debugging
enabling all system diagnostics 39-22
enabling for a specific feature 39-21
redirecting error message output 39-22
using commands 39-21
default commands 2-4
default configuration
802.1Q tunneling 16-4
802.1x 9-11
auto-QoS 32-20
banners 6-18
BGP 34-41
booting 3-12
CDP 25-2
DHCP 21-7
DHCP option 82 21-7
DHCP snooping 21-7
DHCP snooping binding database 21-7
DNS 6-17
dynamic ARP inspection 22-5
EIGRP 34-35
EtherChannel 33-10
fallback bridging 38-3
Flex Links 20-2
HSRP 35-5
IGMP 36-27
IGMP filtering 23-20
IGMP snooping 23-6
IGMP throttling 23-20
initial switch information 3-3
IP addressing, IP routing 34-5
IP multicast routing 36-8
IP source guard 21-15
Layer 2 interfaces 10-15
Layer 2 protocol tunneling 16-11
MAC address table 6-22
MSDP 37-4
MSTP 18-13
MVR 23-15
NTP 6-4
optional spanning-tree configuration 19-12
OSPF 34-26
password and privilege level 8-2
PIM 36-8
private VLANs 14-7
RADIUS 8-20
RIP 34-20
RMON 28-3
RSPAN 27-11
SNMP 30-6
SPAN 27-11
SSL 8-44
standard QoS 32-31
STP 17-13
switch stacks 4-20
system message logging 29-4
system name and prompt 6-15
TACACS+ 8-13
UDLD 26-4
VLAN, Layer 2 Ethernet interfaces 12-19
VLANs 12-8
VMPS 12-29
voice VLAN 15-3
VTP 13-7
default networks 34-63
default routes 34-63
default routing 34-2
deleting VLANs 12-10
description command 10-23
designing your network, examples 1-13
destination addresses, in ACLs 31-13
destination-IP address-based forwarding, EtherChannel 33-8
destination-MAC address forwarding, EtherChannel 33-8
detecting indirect link failures, STP 19-8
device B-19
device discovery protocol 25-1
device manager
benefits 1-2
in-band management 1-5
requirements xxxviii
upgrading a switch B-19
DHCP
Cisco IOS server database
configuring 21-12
default configuration 21-7
described 21-5
enabling
relay agent 21-9
server 21-8
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
server-side 21-8
TFTP server 3-5
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-4
support for 1-5
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 21-4
configuration guidelines 21-8
default configuration 21-7
displaying 21-13
forwarding address, specifying 21-9
helper address 21-9
overview 21-3
packet format, suboption
circuit ID 21-4
remote ID 21-4
remote ID suboption 21-4
DHCP snooping
and private VLANs 21-12
binding database
See DHCP snooping binding database
configuration guidelines 21-8
default configuration 21-7
displaying binding tables 21-13
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-12
binding file
format 21-6
location 21-5
bindings 21-5
clearing agent statistics 21-13
configuration guidelines 21-8
configuring 21-12
default configuration 21-7
deleting
binding file 21-13
bindings 21-13
database agent 21-13
described 21-5
displaying 21-13
binding entries 21-13
status and statistics 21-13
enabling 21-12
entry 21-5
renewing database 21-13
resetting
delay value 21-13
timeout value 21-13
updating process 21-6
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 32-2
Differentiated Services Code Point 32-2
Diffusing Update Algorithm (DUAL) 34-34
directed unicast requests 1-5
directories
changing B-4
creating and removing B-4
displaying the working B-4
Distance Vector Multicast Routing Protocol
distance-vector protocols 34-3
distribute-list command 34-71
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-17
displaying the configuration 6-18
overview 6-16
setting up 6-17
support for 1-5
documentation, related xxxviii
document conventions xxxviii
domain names
DNS 6-16
VTP 13-8
Domain Name System
dot1q-tunnel switchport mode 12-18
double-tagged packets
802.1Q tunneling 16-2
Layer 2 protocol tunneling 16-10
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-23
reasons for B-19
using CMS 1-2
using FTP B-26
using Network Assistant 1-2
using RCP B-31
using TFTP B-22
using the device manager or Network Assistant B-19
drop threshold for Layer 2 protocol packets 16-11
DSCP input queue threshold map for QoS 32-16
DSCP output queue threshold map for QoS 32-19
DSCP-to-CoS map for QoS 32-62
DSCP-to-DSCP-mutation map for QoS 32-63
DSCP transparency 32-39
DUAL finite state machine, EIGRP 34-34
duplex mode, configuring 10-16
DVMRP
autosummarization
configuring a summary address 36-47
disabling 36-49
connecting PIM domain to DVMRP router 36-39
enabling unicast routing 36-43
interoperability
with Cisco devices 36-37
with Cisco IOS software 36-7
mrinfo requests, responding to 36-42
neighbors
advertising the default route to 36-41
discovery with Probe messages 36-37
displaying information 36-42
prevent peering with nonpruning 36-45
rejecting nonpruning 36-43
overview 36-7
routes
adding a metric offset 36-49
advertising all 36-49
advertising the default route to neighbors 36-41
caching DVMRP routes learned in report messages 36-43
changing the threshold for syslog messages 36-46
deleting 36-50
displaying 36-51
favoring one over another 36-49
limiting the number injected into MBONE 36-46
limiting unicast route advertisements 36-37
routing table 36-7
source distribution tree, building 36-7
support for 1-10
tunnels
configuring 36-39
displaying neighbor information 36-42
dynamic access ports
characteristics 12-4
configuring 12-30
defined 10-3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
clearing
log buffer 22-15
statistics 22-15
configuration guidelines 22-6
configuring
ACLs for non-DHCP environments 22-8
in DHCP environments 22-7
log buffer 22-12
rate limit for incoming ARP packets 22-4, 22-10
default configuration 22-5
denial-of-service attacks, preventing 22-10
described 22-1
DHCP snooping binding database 22-2
displaying
ARP ACLs 22-14
configuration and operating state 22-14
log buffer 22-15
statistics 22-15
trust state and rate limit 22-14
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
log buffer
clearing 22-15
configuring 22-12
displaying 22-15
logging of dropped packets, described 22-5
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
rate limiting of ARP packets
configuring 22-10
described 22-4
error-disabled state 22-4
statistics
clearing 22-15
displaying 22-15
validation checks, performing 22-11
dynamic auto trunking mode 12-18
dynamic desirable trunking mode 12-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
types of connections 12-30
dynamic routing 34-3
Dynamic Trunking Protocol
E
EBGP 34-40
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EIGRP
authentication 34-38
components 34-34
configuring 34-36
default configuration 34-35
definition 34-34
interface parameters, configuring 34-37
monitoring 34-39
support for 1-9
elections
enable password 8-4
enable secret password 8-4
encryption, CipherSuite 8-44
encryption for passwords 8-4
Enhanced IGRP
environment variables, function of 3-15
error messages during command entry 2-4
EtherChannel
802.3ad, described 33-6
automatic creation of 33-5, 33-6
channel groups
binding physical and logical interfaces 33-4
numbering of 33-4
configuration guidelines 33-11
configuring
Layer 2 interfaces 33-12
Layer 3 physical interfaces 33-16
Layer 3 port-channel logical interfaces 33-15
default configuration 33-10
described 33-2
displaying status 33-23
forwarding methods 33-7, 33-18
interaction
with STP 33-11
with VLANs 33-12
LACP
described 33-6
displaying status 33-23
hot-standby ports 33-20
interaction with other features 33-7
modes 33-6
port priority 33-22
system priority 33-21
Layer 3 interface 34-4
logical interfaces, described 33-4
PAgP
aggregate-port learners 33-19
compatibility with Catalyst 1900 33-19
described 33-5
displaying status 33-23
interaction with other features 33-6
learn method and priority configuration 33-19
modes 33-5
support for 1-4
port-channel interfaces
described 33-4
numbering of 33-4
port groups 10-5
stack changes, effects of 33-9
support for 1-3
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
Ethernet VLANs
adding 12-9
defaults and ranges 12-8
modifying 12-9
events, RMON 28-3
examples
conventions for xxxviii
network configuration 1-13
expedite queue for QoS 32-76
Express Setup 1-2
See also getting started guide
extended-range VLANs
configuration guidelines 12-13
configuring 12-12
creating 12-14
defined 12-1
extended system ID
MSTP 18-15
Extensible Authentication Protocol over LAN 9-1
external BGP
external neighbors, BGP 34-43
F
failover support 1-5
fallback bridging
and protected ports 38-4
bridge groups
creating 38-4
described 38-2
displaying 38-11
function of 38-2
bridge groups (continued)
number supported 38-5
removing 38-5
bridge table
clearing 38-11
displaying 38-11
configuration guidelines 38-4
connecting interfaces with 10-9
default configuration 38-3
described 38-1
frame forwarding
flooding packets 38-2
forwarding packets 38-2
overview 38-1
protocol, unsupported 38-4
stack changes, effects of 38-3
STP
disabling on an interface 38-11
forward-delay interval 38-10
hello BPDU interval 38-9
interface priority 38-7
keepalive messages 17-2
maximum-idle interval 38-10
path cost 38-8
VLAN-bridge spanning-tree priority 38-7
VLAN-bridge STP 38-2
support for 1-9
SVIs and routed ports 38-1
unsupported protocols 38-4
VLAN-bridge STP 17-12
Fast Uplink Transition Protocol 19-6
features, incompatible 24-11
FIB 34-60
fiber-optic, detecting unidirectional links 26-1
files
copying B-5
crashinfo
description 39-25
displaying the contents of 39-25
location 39-25
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-7
extracting B-7
image file format B-20
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-5
setting the default B-3
filtering
in a VLAN 31-31
non-IP traffic 31-28
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 20-2
configuring 20-3
default configuration 20-2
description 20-1
monitoring 20-3
flooded traffic, blocking 24-7
flow-based packet classification 1-8
flowcharts
QoS classification 32-6
QoS egress queueing and scheduling 32-17
QoS ingress queueing and scheduling 32-15
QoS policing and marking 32-11
forward-delay time
MSTP 18-21
STP 17-23
Forwarding Information Base
forwarding nonroutable protocols 38-1
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-14
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-4
get-request operation 30-3, 30-4
get-response operation 30-3
Gigabit modules
global configuration mode 2-2
guest VLAN and 802.1x 9-8
guide
audience xxxvii
purpose of xxxvii
guide mode 1-2
GUIs
See device manager and Network Assistant 1-4
H
hardware limitations and Layer 3 interfaces 10-24
hello time
MSTP 18-20
STP 17-22
help, for the command line 2-3
hierarchical policy maps 32-8
configuration guidelines 32-33
configuring 32-51
described 32-10
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 29-10
host ports
configuring 14-12
kinds of 14-2
hosts, limit on dynamic ports 12-33
Hot Standby Router Protocol
HP OpenView 1-4
HSRP
authentication string 35-9
binding to cluster group 35-11
command-switch redundancy 1-1, 1-5
configuring 35-4
default configuration 35-5
definition 35-1
guidelines 35-5
monitoring 35-11
overview 35-1
priority 35-7
routing redundancy 1-9
support for ICMP redirect messages 35-11
switch stack considerations 35-4
timers 35-9
tracking 35-7
HTTP over SSL
HTTPS 8-42
configuring 8-45
self-signed certificate 8-43
HTTP secure server 8-42
I
IBPG 34-40
ICMP
redirect messages 34-12
support for 1-10
time-exceeded messages 39-18
traceroute and 39-18
unreachable messages 31-22
unreachables and ACLs 31-23
ICMP ping
executing 39-15
overview 39-15
ICMP Router Discovery Protocol
IDS appliances
and ingress RSPAN 27-21
and ingress SPAN 27-15
IEEE 802.1p 15-1
ifIndex values, SNMP 30-5
IFS 1-5
IGMP
configuring the switch
as a member of a group 36-27
statically connected member 36-32
controlling access to groups 36-28
default configuration 36-27
deleting cache entries 36-51
displaying groups 36-51
fast switching 36-32
host-query interval, modifying 36-30
joining multicast group 23-3
join messages 23-3
leave processing, enabling 23-10
leaving multicast group 23-5
multicast reachability 36-27
overview 36-2
queries 23-4
report suppression
described 23-5
disabling 23-10
support for 1-4
Version 1
changing to Version 2 36-29
described 36-3
Version 2
changing to Version 1 36-29
described 36-3
maximum query response time value 36-31
pruning groups 36-31
query timeout value 36-31
IGMP filtering
configuring 23-20
default configuration 23-20
described 23-19
monitoring 23-24
support for 1-4
IGMP groups
configuring filtering 23-23
setting the maximum number 23-22
IGMP profile
applying 23-21
configuration mode 23-20
configuring 23-21
IGMP snooping
and address aliasing 23-2
and stack changes 23-6
configuring 23-6
default configuration 23-6
definition 23-1
enabling and disabling 23-7
global configuration 23-7
Immediate Leave 23-5
in the switch stack 23-6
method 23-7
monitoring 23-11
support for 1-4
VLAN configuration 23-7
IGMP throttling
configuring 23-23
default configuration 23-20
described 23-20
displaying action 23-24
IGP 34-25
Immediate Leave, IGMP
described 23-5
enabling 23-10
initial configuration
defaults 1-11
Express Setup 1-2
See also getting started guide and hardware installation guide
interface
number 10-10
range macros 10-13
interface command 10-10 to 10-11
interface configuration mode 2-2
interfaces
configuration guidelines
10-Gigabit Ethernet 10-16
duplex and speed 10-17
configuring
duplex mode 10-16
procedure 10-11
speed 10-16
counters, clearing 10-27
described 10-23
descriptive name, adding 10-23
displaying information about 10-26
flow control 10-19
management 1-4
monitoring 10-26
naming 10-23
physical, identifying 10-10
range of 10-11
restarting 10-28
shutting down 10-28
status 10-26
supported 10-10
types of 10-1
interfaces range macro command 10-13
interface types 10-10
Interior Gateway Protocol
internal BGP
internal neighbors, BGP 34-43
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link
Intrusion Detection System
ip access group command 31-22
IP ACLs
applying to an interface 31-21
extended, creating 31-11
for QoS classification 32-7
implicit deny 31-10, 31-15, 31-17
implicit masks 31-10
logging 31-17
named 31-16
standard, creating 31-10
undefined 31-23
virtual terminal lines, setting on 31-21
IP addresses
candidate or member 5-3
classes of 34-6
command switch 5-2
default configuration 34-5
discovering 6-28
for IP routing 34-5
MAC address association 34-9
monitoring 34-18
IP broadcast address 34-16
ip cef distributed command 34-61
IP directed broadcasts 34-14
ip igmp profile command 23-20
IP information
assigned
manually 3-9
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing
addresses
all-hosts 36-3
all-multicast-routers 36-3
host group address range 36-3
administratively-scoped boundaries, described 36-35
and IGMP snooping 23-1
Auto-RP
adding to an existing sparse-mode cloud 36-14
benefits of 36-14
clearing the cache 36-51
configuration guidelines 36-10
filtering incoming RP announcement messages 36-17
overview 36-5
preventing candidate RP spoofing 36-17
preventing join messages to false RPs 36-16
setting up in a new internetwork 36-14
using with BSR 36-22
bootstrap router
configuration guidelines 36-10
configuring candidate BSRs 36-20
configuring candidate RPs 36-21
defining the IP multicast boundary 36-19
defining the PIM domain border 36-18
overview 36-5
using with Auto-RP 36-22
Cisco implementation 36-2
configuring
basic multicast routing 36-10
IP multicast boundary 36-35
default configuration 36-8
enabling
multicast forwarding 36-11
PIM mode 36-11
group-to-RP mappings
Auto-RP 36-5
BSR 36-5
MBONE
deleting sdr cache entries 36-51
described 36-34
displaying sdr cache 36-52
enabling sdr listener support 36-34
limiting DVMRP routes advertised 36-46
limiting sdr cache entry lifetime 36-35
MBONE (continued)
SAP packets for conference session announcement 36-34
Session Directory (sdr) tool, described 36-34
monitoring
packet rate loss 36-52
peering devices 36-52
tracing a path 36-52
multicast forwarding, described 36-6
PIMv1 and PIMv2 interoperability 36-9
protocol interaction 36-2
reverse path check (RPF) 36-6
routing table
deleting 36-51
displaying 36-51
RP
assigning manually 36-12
configuring Auto-RP 36-14
configuring PIMv2 BSR 36-18
monitoring mapping information 36-23
using Auto-RP and BSR 36-22
stacking
stack master functions 36-8
stack member functions 36-8
statistics, displaying system and network 36-51
IP phones
and QoS 15-1
automatic classification and queueing 32-20
configuring 15-4
ensuring port security with QoS 32-38
trusted boundary for QoS 32-38
IP precedence 32-2
IP-precedence-to-DSCP map for QoS 32-60
IP protocols
in ACLs 31-13
routing 1-9
IP routes, monitoring 34-74
IP routing
connecting interfaces with 10-9
disabling 34-19
enabling 34-19
IP source guard
and 802.1x 21-15
and DHCP snooping 21-14
and EtherChannels 21-15
and port security 21-15
and private VLANs 21-15
and routed ports 21-15
and TCAM entries 21-15
and trunk interfaces 21-15
and VRF 21-15
binding configuration
automatic 21-14
manual 21-14
binding table 21-14
configuration guidelines 21-15
default configuration 21-15
described 21-14
disabling 21-16
displaying
bindings 21-17
configuration 21-17
enabling 21-16
filtering
source IP address 21-14
source IP and MAC address 21-14
source IP address filtering 21-14
source IP and MAC address filtering 21-14
static bindings
adding 21-16
deleting 21-16
IP traceroute
executing 39-19
overview 39-18
IP unicast routing
address resolution 34-9
administrative distances 34-63, 34-72
ARP 34-9
assigning IP addresses to Layer 3 interfaces 34-6
authentication keys 34-73
broadcast
address 34-16
flooding 34-17
packets 34-14
storms 34-14
classless routing 34-7
configuring static routes 34-62
default
addressing configuration 34-5
gateways 34-12
networks 34-63
routes 34-63
routing 34-2
directed broadcasts 34-14
disabling 34-19
dynamic routing 34-3
enabling 34-19
EtherChannel Layer 3 interface 34-4
IGP 34-25
inter-VLAN 34-2
IP addressing
classes 34-6
configuring 34-5
IRDP 34-13
Layer 3 interfaces 34-4
MAC address and IP address 34-9
passive interfaces 34-70
protocols
distance-vector 34-3
dynamic 34-3
link-state 34-3
proxy ARP 34-9
redistribution 34-64
reverse address resolution 34-9
routed ports 34-4
static routing 34-2
steps to configure 34-5
subnet mask 34-6
subnet zero 34-7
supernet 34-7
UDP 34-16
with SVIs 34-4
IRDP
configuring 34-13
definition 34-13
support for 1-10
ISL
and trunk ports 10-3
trunking with 802.1 tunneling 16-5
isolated port 14-2
J
join messages, IGMP 23-3
K
KDC
described 8-32
keepalive messages 17-2
Kerberos
authenticating to
boundary switch 8-35
KDC 8-35
network services 8-35
configuration examples 8-32
configuring 8-36
credentials 8-32
cryptographic software image 8-32
described 8-32
KDC 8-32
operation 8-34
realm 8-33
server 8-33
support for 1-8
switch as trusted third party 8-32
terms 8-33
TGT 8-34
tickets 8-32
key distribution center
L
l2protocol-tunnel command 16-13
LACP
Layer 2 protocol tunneling 16-9
Layer 2 frames, classification with CoS 32-2
Layer 2 interfaces, default configuration 10-15
Layer 2 protocol tunneling
configuring 16-10
configuring for EtherChannels 16-14
default configuration 16-11
defined 16-8
guidelines 16-12
Layer 2 traceroute
and ARP 39-17
and CDP 39-17
broadcast traffic 39-17
described 39-17
IP addresses and subnets 39-17
MAC addresses and VLANs 39-17
multicast traffic 39-17
multiple devices on a port 39-18
unicast traffic 39-17
usage guidelines 39-17
Layer 2 trunks 12-17
Layer 3 features 1-9
Layer 3 interfaces
assigning IP addresses to 34-6
changing from Layer 2 mode 34-6
types of 34-4
Layer 3 packets, classification methods 32-2
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
link redundancy
links, unidirectional 26-1
link state advertisements (LSAs) 34-29
link-state protocols 34-3
load balancing 35-3
logging messages, ACL 31-11
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-18
log messages
Long-Reach Ethernet (LRE) technology 1-15, 1-23
loop guard
described 19-11
enabling 19-18
support for 1-6
M
MAC addresses
aging time 6-22
and VLAN association 6-21
building the address table 6-21
default configuration 6-22
discovering 6-28
displaying 6-28
displaying in the IP source binding table 21-17
dynamic
learning 6-21
removing 6-23
in ACLs 31-28
IP address association 34-9
static
adding 6-26
allowing 6-27
characteristics of 6-25
dropping 6-27
removing 6-26
MAC address notification, support for 1-10
MAC address-to-VLAN mapping 12-28
MAC extended access lists
applying to Layer 2 interfaces 31-30
configuring for QoS 32-45
creating 31-28
defined 31-28
for QoS classification 32-5
macros
manageability features 1-5
management access
in-band
browser session 1-5
CLI session 1-5
device manager 1-5
SNMP 1-5
out-of-band console port connection 1-5
management options
CLI 2-1
clustering 1-3
Network Assistant 1-2
overview 1-4
switch stacks 1-3
mapping tables for QoS
configuring
CoS-to-DSCP 32-59
DSCP 32-59
DSCP-to-CoS 32-62
DSCP-to-DSCP-mutation 32-63
IP-precedence-to-DSCP 32-60
policed-DSCP 32-61
described 32-12
marking
action in policy map 32-48
action with aggregate policers 32-57
matching, ACLs 31-8
maximum aging time
MSTP 18-22
STP 17-23
maximum hop count, MSTP 18-22
maximum-paths command 34-47, 34-62
membership mode, VLAN port 12-3
member switch
defined 5-2
managing 5-4
recovering from lost connectivity 39-13
requirements 5-3
See also candidate switch, cluster standby group, and standby command switch
messages
logging ACL violations 31-17
to users through banners 6-18
messages, to users through banners 6-18
metrics, in BGP 34-48
metric translations, between routing protocols 34-67
metro tags 16-2
MHSRP 35-3
MIBs
accessing files with FTP A-3
location of files A-3
overview 30-1
SNMP interaction with 30-4
supported A-1
mini-point-of-presence
mirroring traffic for analysis 27-1
mismatches, autonegotiation 39-13
module number 10-10
monitoring
802.1Q tunneling 16-18
access groups 31-41
ACL configuration 31-41
BGP 34-59
cables for unidirectional links 26-1
CDP 25-5
CEF 34-61
EIGRP 34-39
fallback bridging 38-11
features 1-10
Flex Links 20-3
HSRP 35-11
IGMP
filters 23-24
snooping 23-11
interfaces 10-26
IP
address tables 34-18
multicast routing 36-50
routes 34-74
Layer 2 protocol tunneling 16-18
MSDP peers 37-19
multicast router interfaces 23-12
MVR 23-19
network traffic for analysis with probe 27-2
OSPF 34-33
port
blocking 24-16
protection 24-16
private VLANs 14-15
RP mapping information 36-23
source-active messages 37-19
speed and duplex mode 10-19
traffic flowing among switches 28-1
traffic suppression 24-16
tunneling 16-18
VLAN
filters 31-42
maps 31-42
VLANs 12-15
VMPS 12-32
MSDP
benefits of 37-3
clearing MSDP connections and statistics 37-19
controlling source information
forwarded by switch 37-12
originated by switch 37-9
received by switch 37-14
default configuration 37-4
dense-mode regions
sending SA messages to 37-17
specifying the originating address 37-18
filtering
incoming SA messages 37-14
SA messages to a peer 37-12
SA requests from a peer 37-11
join latency, defined 37-6
meshed groups
configuring 37-16
defined 37-16
originating address, changing 37-18
overview 37-1
peer-RPF flooding 37-2
peers
configuring a default 37-4
monitoring 37-19
peering relationship, overview 37-1
requesting source information from 37-8
shutting down 37-16
source-active messages
caching 37-6
clearing cache entries 37-19
defined 37-2
filtering from a peer 37-11
filtering incoming 37-14
filtering to a peer 37-12
limiting data with TTL 37-14
monitoring 37-19
restricting advertised sources 37-9
support for 1-10
MSTP
boundary ports
configuration guidelines 18-14
described 18-5
BPDU filtering
described 19-3
enabling 19-14
BPDU guard
described 19-3
enabling 19-13
CIST, described 18-3
configuration guidelines 18-13, 19-12
configuring
forward-delay time 18-21
hello time 18-20
link type for rapid convergence 18-23
maximum aging time 18-22
maximum hop count 18-22
MST region 18-14
path cost 18-19
port priority 18-18
root switch 18-15
secondary root switch 18-17
switch priority 18-20
CST
defined 18-3
operations between regions 18-4
default configuration 18-13
default optional feature configuration 19-12
displaying status 18-24
enabling the mode 18-14
EtherChannel guard
described 19-10
enabling 19-17
extended system ID
effects on root switch 18-15
effects on secondary root switch 18-17
unexpected behavior 18-16
instances supported 17-10
interface state, blocking to forwarding 19-2
interoperability and compatibility among modes 17-11
interoperability with 802.1D
described 18-6
restarting migration process 18-23
IST
defined 18-3
master 18-3
operations within a region 18-3
loop guard
described 19-11
enabling 19-18
mapping VLANs to MST instance 18-14
MST region
CIST 18-3
configuring 18-14
described 18-2
hop-count mechanism 18-5
IST 18-3
supported spanning-tree instances 18-2
optional features supported 1-6
overview 18-2
Port Fast
described 19-2
enabling 19-12
preventing root switch selection 19-10
root guard
described 19-10
enabling 19-17
root switch
configuring 18-16
effects of extended system ID 18-15
unexpected behavior 18-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 18-6
status, displaying 18-24
multicast groups
Immediate Leave 23-5
joining 23-3
leaving 23-5
static joins 23-9
multicast packets
ACLs on 31-41
blocking 24-7
multicast router interfaces, monitoring 23-12
multicast router ports, adding 23-8
Multicast Source Discovery Protocol
multicast storm 24-1
multicast storm-control command 24-4
Multicast VLAN Registration
Multiple HSRP
MVR
and address aliasing 23-16
configuring interfaces 23-17
default configuration 23-15
described 23-12
in the switch stack 23-15
modes 23-17
monitoring 23-19
setting global parameters 23-16
support for 1-4
N
named IP ACLs 31-16
native VLAN
and 802.1Q tunneling 16-4
configuring 12-23
default 12-23
neighbor discovery/recovery, EIGRP 34-34
neighbors, BGP 34-54
Network Assistant
benefits 1-2
described 1-4
downloading image files 1-2
guide mode 1-2
management options 1-2
managing switch stacks 4-2, 4-16
requirements xxxviii
upgrading a switch B-19
wizards 1-2
network configuration examples
cost-effective wiring closet 1-15
high-performance wiring closet 1-16
increasing network performance 1-14
large network 1-20
long-distance, high-bandwidth transport 1-24
multidwelling network 1-23
providing network services 1-15
redundant Gigabit backbone 1-17
server aggregation and Linux server cluster 1-17
small to medium-sized network 1-19
network design
performance 1-14
services 1-15
network management
CDP 25-1
RMON 28-1
SNMP 30-1
Network Time Protocol
no commands 2-4
nonhierarchical policy maps
configuration guidelines 32-33
configuring 32-48
described 32-9
non-IP traffic filtering 31-28
nontrunking mode 12-18
normal-range VLANs
configuration modes 12-7
defined 12-1
no switchport command 10-4
note, described xxxviii
not-so-stubby areas
NSSA, OSPF 34-29
NTP
associations
authenticating 6-5
defined 6-2
enabling broadcast messages 6-7
peer 6-6
server 6-6
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-9
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-5
synchronizing devices 6-6
time
services 6-2
synchronizing 6-2
O
offline configuration for switch stacks 4-7
Open Shortest Path First
optimizing system resources 7-1
options, management 1-4
OSPF
area parameters, configuring 34-29
configuring 34-27
default configuration
metrics 34-31
route 34-31
settings 34-26
described 34-25
interface parameters, configuring 34-28
LSA group pacing 34-32
monitoring 34-33
router IDs 34-32
route summarization 34-30
support for 1-9
virtual links 34-30
out-of-profile markdown 1-9
P
packet modification, with QoS 32-19
PAgP
Layer 2 protocol tunneling 16-9
parallel paths, in routing tables 34-62
passive interfaces
configuring 34-70
OSPF 34-31
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-4
for security 1-7
overview 8-1
recovery of 39-3
setting
enable 8-3
enable secret 8-4
Telnet 8-6
with usernames 8-7
VTP domain 13-8
path cost
MSTP 18-19
STP 17-20
PBR
defined 34-67
enabling 34-69
fast-switched policy-based routing 34-70
local policy-based routing 34-70
peers, BGP 34-54
performance, network design 1-14
performance features 1-3
persistent self-signed certificate 8-43
per-VLAN spanning-tree plus
physical ports 10-2
PIM
default configuration 36-8
dense mode
overview 36-4
rendezvous point (RP), described 36-4
RPF lookups 36-7
displaying neighbors 36-51
enabling a mode 36-11
overview 36-3
router-query message interval, modifying 36-26
shared tree and source tree, overview 36-23
shortest path tree, delaying the use of 36-25
sparse mode
join messages and shared tree 36-4
overview 36-4
prune messages 36-5
RPF lookups 36-7
support for 1-10
versions
interoperability 36-9
troubleshooting interoperability problems 36-23
v2 improvements 36-4
PIM-DVMRP, as snooping method 23-8
ping
character output description 39-16
executing 39-15
overview 39-15
PoE
auto mode 10-8
CDP with power consumption, described 10-6
CDP with power negotiation, described 10-6
Cisco intelligent power management 10-6
configuring 10-21
devices supported 10-6
high-power devices operating in low-power mode 10-6
IEEE power classification levels 10-7
powered-device detection and initial power allocation 10-7
power management modes 10-8
power negotiation extensions to CDP 10-6
standards supported 10-6
static mode 10-8
supported watts per port 10-6
troubleshooting 39-13
policed-DSCP map for QoS 32-61
policers
configuring
for each matched traffic class 32-48
for more than one traffic class 32-57
described 32-4
displaying 32-77
number of 32-33
types of 32-9
policing
described 32-4
hierarchical
token-bucket algorithm 32-9
policy-based routing
policy maps
hierarchical 32-8
policy maps for QoS
characteristics of 32-48
described 32-7
displaying 32-78
hierarchical on SVIs
configuration guidelines 32-33
configuring 32-51
described 32-10
nonhierarchical on physical ports
configuration guidelines 32-33
configuring 32-48
described 32-9
POP 1-23
port ACLs
defined 31-2
types of 31-3
Port Aggregation Protocol
port-based authentication
accounting 9-5
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-12
configuring
802.1x authentication 9-14
guest VLAN 9-20
host mode 9-19
manual re-authentication of a client 9-17
periodic re-authentication 9-16
quiet period 9-17
RADIUS server 9-16
RADIUS server parameters on the switch 9-15
switch-to-client frame-retransmission number 9-18, 9-19
switch-to-client retransmission time 9-17
default configuration 9-11
described 9-1
device roles 9-2
displaying statistics 9-23
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-3
guest VLAN
configuration guidelines 9-9
described 9-8
host mode 9-5
initiation and message exchange 9-3
method lists 9-14
multiple-hosts mode, described 9-5
per-user ACLs
AAA authorization 9-14
configuration tasks 9-10
described 9-9
RADIUS server attributes 9-9
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
voice VLAN 9-7
port security
and voice VLAN 9-6
described 9-6
interactions 9-6
multiple-hosts mode 9-5
resetting to default values 9-22
stack changes, effects of 9-10
statistics, displaying 9-23
switch
as proxy 9-2
RADIUS client 9-2
upgrading from a previous release 9-13, 32-26
VLAN assignment
AAA authorization 9-14
characteristics 9-8
configuration tasks 9-8
described 9-7
voice VLAN
described 9-7
PVID 9-7
VVID 9-7
port-channel
Port Fast
described 19-2
enabling 19-12
mode, spanning tree 12-29
support for 1-6
port membership modes, VLAN 12-3
port priority
MSTP 18-18
STP 17-18
ports
10-Gigabit Ethernet module 10-6
802.1Q tunnel 12-4
access 10-3
blocking 24-6
dynamic access 12-4
protected 24-5
routed 10-4
secure 24-7
switch 10-2
VLAN assignments 12-11
port security
aging 24-15
and QoS trusted boundary 32-38
and stacking 24-16
configuring 24-12
default configuration 24-10
described 24-7
displaying 24-16
on trunk ports 24-13
sticky learning 24-8
violations 24-9
with other features 24-10
port-shutdown response, VMPS 12-28
Power over Ethernet
preferential treatment of traffic
prefix lists, BGP 34-51
preventing unauthorized access 8-1
primary links 20-1
priority
HSRP 35-7
overriding CoS 15-6
trusting CoS 15-6
private VLAN edge ports
private VLANs
across multiple switches 14-4
and SDM template 14-4
and SVIs 14-5
and switch stacks 14-6
benefits of 14-1
community ports 14-2
configuration guidelines 14-7, 14-9
configuration tasks 14-6
configuring 14-10
default configuration 14-7
end station access to 14-3
IP addressing 14-3
isolated port 14-2
mapping 14-14
monitoring 14-15
ports
community 14-2
configuration guidelines 14-9
configuring host ports 14-12
configuring promiscuous ports 14-13
described 12-4
isolated 14-2
promiscuous 14-2
promiscuous ports 14-2
secondary VLANs 14-2
subdomains 14-1
traffic in 14-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 5-4
exiting 8-10
logging into 8-10
mapping on member switches 5-4
setting a command with 8-8
promiscuous ports
configuring 14-13
defined 14-2
protocol-dependent modules, EIGRP 34-35
Protocol-Independent Multicast Protocol
provisioning new members for a switch stack 4-7
proxy ARP
configuring 34-11
definition 34-9
with IP routing disabled 34-12
pruning, VTP
disabling
in VTP domain 13-14
on a port 12-23
enabling
in VTP domain 13-14
on a port 12-22
examples 13-5
overview 13-4
pruning-eligible list
changing 12-22
for VTP pruning 13-5
VLANs 13-14
PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Q
QoS
and MQC commands 32-1
auto-QoS
categorizing traffic 32-20
configuration and defaults display 32-30
configuration guidelines 32-25
described 32-20
disabling 32-27
displaying generated commands 32-27
displaying the initial configuration 32-30
effects on running configuration 32-25
egress queue defaults 32-21
enabling for VoIP 32-27
example configuration 32-28
ingress queue defaults 32-21
list of generated commands 32-22
basic model 32-4
classification
class maps, described 32-7
defined 32-4
DSCP transparency, described 32-39
flowchart 32-6
forwarding treatment 32-3
in frames and packets 32-3
MAC ACLs, described 32-5, 32-7
options for IP traffic 32-5
options for non-IP traffic 32-5
policy maps, described 32-7
trust DSCP, described 32-5
trusted CoS, described 32-5
trust IP precedence, described 32-5
class maps
configuring 32-46
displaying 32-77
configuration guidelines
auto-QoS 32-25
standard QoS 32-33
configuring
aggregate policers 32-57
auto-QoS 32-20
default port CoS value 32-37
DSCP maps 32-59
DSCP transparency 32-39
DSCP trust states bordering another domain 32-40
egress queue characteristics 32-70
ingress queue characteristics 32-65
IP extended ACLs 32-44
IP standard ACLs 32-42
MAC ACLs 32-45
policy maps, hierarchical 32-51
policy maps on physical ports 32-48
port trust states within the domain 32-35
trusted boundary 32-38
default auto configuration 32-20
default standard configuration 32-31
displaying statistics 32-77
DSCP transparency 32-39
egress queues
allocating buffer space 32-70
buffer allocation scheme, described 32-18
configuring shaped weights for SRR 32-74
configuring shared weights for SRR 32-75
described 32-4
displaying the threshold map 32-73
flowchart 32-17
mapping DSCP or CoS values 32-72
scheduling, described 32-4
setting WTD thresholds 32-70
WTD, described 32-19
enabling globally 32-34
flowcharts
classification 32-6
egress queueing and scheduling 32-17
ingress queueing and scheduling 32-15
policing and marking 32-11
implicit deny 32-7
ingress queues
allocating bandwidth 32-68
allocating buffer space 32-67
buffer and bandwidth allocation, described 32-16
configuring shared weights for SRR 32-68
configuring the priority queue 32-69
described 32-4
displaying the threshold map 32-66
flowchart 32-15
mapping DSCP or CoS values 32-66
priority queue, described 32-16
scheduling, described 32-4
setting WTD thresholds 32-66
WTD, described 32-16
IP phones
automatic classification and queueing 32-20
detection and trusted settings 32-20, 32-38
limiting bandwidth on egress interface 32-76
mapping tables
CoS-to-DSCP 32-59
displaying 32-77
DSCP-to-CoS 32-62
DSCP-to-DSCP-mutation 32-63
IP-precedence-to-DSCP 32-60
policed-DSCP 32-61
types of 32-12
marked-down actions 32-50, 32-54
overview 32-2
packet modification 32-19
policers
configuring 32-50, 32-54, 32-57
described 32-8
displaying 32-77
number of 32-33
types of 32-9
policies, attaching to an interface 32-8
policing
token bucket algorithm 32-9
policy maps
characteristics of 32-48
displaying 32-78
hierarchical 32-8
hierarchical on SVIs 32-51
nonhierarchical on physical ports 32-48
QoS label, defined 32-4
queues
configuring egress characteristics 32-70
configuring ingress characteristics 32-65
high priority (expedite) 32-19, 32-76
location of 32-13
SRR, described 32-14
WTD, described 32-13
rewrites 32-19
support for 1-8
trust states
bordering another domain 32-40
described 32-5
trusted device 32-38
within the domain 32-35
quality of service
queries, IGMP 23-4
R
RADIUS
attributes
vendor-proprietary 8-31
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-21
multiple UDP ports 8-21
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-21
limiting the services to the user 8-27
method list, defined 8-20
operation of 8-19
overview 8-18
suggested network environments 8-18
support for 1-8
tracking services accessed by user 8-28
range
macro 10-13
of interfaces 10-12
rapid convergence 18-8
rapid per-VLAN spanning-tree plus
rapid PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Rapid Spanning Tree Protocol
RARP 34-9
rcommand command 5-4
RCP
configuration files
downloading B-17
overview B-15
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-31
preparing the server B-29
uploading B-33
reconfirmation interval, VMPS, changing 12-31
recovery procedures 39-1
redundancy
EtherChannel 33-2
HSRP 35-1
STP
backbone 17-9
multidrop backbone 19-5
path cost 12-26
port priority 12-24
redundant links and UplinkFast 19-15
reliable transport protocol, EIGRP 34-34
reloading software 3-16
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
report suppression, IGMP
described 23-5
disabling 23-10
requirements
cluster xxxix
device manager xxxviii
Network Assistant xxxviii
resequencing ACL entries 31-16
resets, in BGP 34-46
resetting a UDLD-shutdown interface 26-6
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-17
TACACS+ 8-10
retry count, VMPS, changing 12-32
reverse address resolution 34-9
Reverse Address Resolution Protocol
RFC
1058, RIP 34-20
1112, IP multicast and IGMP 23-2
1157, SNMPv1 30-2
1163, BGP 34-40
1166, IP addresses 34-6
1253, OSPF 34-25
1267, BGP 34-40
1305, NTP 6-2
1587, NSSAs 34-25
1757, RMON 28-2
1771, BGP 34-40
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 23-2
2273-2275, SNMPv3 30-2
RIP
advertisements 34-20
authentication 34-23
configuring 34-21
default configuration 34-20
described 34-20
hop counts 34-20
split horizon 34-23
summary addresses 34-23
support for 1-9
RMON
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
statistics
collecting group Ethernet 28-6
collecting group history 28-5
support for 1-10
root guard
described 19-10
enabling 19-17
support for 1-6
root switch
MSTP 18-15
STP 17-16
route calculation timers, OSPF 34-31
route dampening, BGP 34-58
routed packets, ACLs on 31-40
routed ports
configuring 34-4
defined 10-4
route-map command 34-69
route maps
BGP 34-49
policy-based routing 34-68
router ACLs
defined 31-2
types of 31-4
route reflectors, BGP 34-57
router ID, OSPF 34-32
route selection, BGP 34-47
route summarization, OSPF 34-30
routing
default 34-2
dynamic 34-3
redistribution of information 34-64
static 34-2
routing domain confederation, BGP 34-56
Routing Information Protocol
routing protocol administrative distances 34-63
RSPAN
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-11
destination ports 27-7
displaying status 27-24
in a switch stack 27-2
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-7
received traffic 27-5
session limits 27-11
sessions
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-23
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
RSTP
active topology 18-7
BPDU
format 18-10
processing 18-11
designated port, defined 18-7
designated switch, defined 18-7
interoperability with 802.1D
described 18-6
restarting migration process 18-23
topology changes 18-11
overview 18-6
port roles
described 18-7
synchronized 18-9
proposal-agreement handshake process 18-8
rapid convergence
cross-stack rapid convergence 18-8
described 18-8
edge ports and Port Fast 18-8
point-to-point links 18-8, 18-23
root ports 18-8
root port, defined 18-7
running configuration, saving 3-10
S
scheduled reloads 3-16
SDM
described 7-1
switch stack consideration 4-10
templates
configuring 7-4
number of 7-1
SDM template
aggregator 7-1
configuring 7-3
desktop 7-1
types of 7-1
secondary VLANs 14-2
secure HTTP client
configuring 8-47
displaying 8-48
secure HTTP server
configuring 8-46
displaying 8-48
secure MAC addresses
and switch stacks 24-16
deleting 24-14
maximum number of 24-8
types of 24-8
secure ports
and switch stacks 24-16
configuring 24-7
secure remote connections 8-38
Secure Socket Layer
security, port 24-7
security features 1-7
sequence numbers in log messages 29-8
server mode, VTP 13-3
service-provider network, MSTP and RSTP 18-1
service-provider networks
and 802.1Q tunneling 16-1
and customer VLANs 16-2
Layer 2 protocols across 16-8
Layer 2 protocol tunneling for EtherChannels 16-9
set-request operation 30-4
setup program
failed command switch replacement 39-11
replacing failed command switch 39-10
severity levels, defining in system messages 29-9
SFPs
monitoring status of 1-11, 10-27, 39-15
numbering of 10-10
security and identification 39-14
status, displaying 1-11
shaped round robin
show access-lists hw-summary command 31-23
show and more command output, filtering 2-8
show cdp traffic command 25-5
show cluster members command 5-4
show configuration command 10-23
show forward command 39-23
show interfaces command 10-19, 10-23
show l2protocol command 16-13, 16-15, 16-16
show platform forward command 39-23
show running-config command
displaying ACLs 31-21, 31-22, 31-33, 31-35
interface description in 10-23
shutdown command on interfaces 10-28
shutdown threshold for Layer 2 protocol packets 16-11
Simple Network Management Protocol
small form-factor pluggable modules
Smartports macros
applying Cisco-default macros 11-6
applying global parameter values 11-5, 11-6
applying macros 11-5
applying parameter values 11-5, 11-7
configuration guidelines 11-3
creating 11-4
default configuration 11-2
defined 11-1
displaying 11-8
tracing 11-3
website 11-2
SNAP 25-1
SNMP
accessing MIB variables with 30-4
agent
described 30-4
disabling 30-8
authentication level 30-10
community strings
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-16
default configuration 30-6
engine ID 30-7
host 30-7
ifIndex values 30-5
in-band management 1-5
informs
and trap keyword 30-11
described 30-5
differences from traps 30-5
disabling 30-14
enabling 30-14
limiting access by TFTP servers 30-15
limiting system log messages to NMS 29-10
managing clusters with 5-5
MIBs
location of A-3
supported A-1
notifications 30-5
security levels 30-3
status, displaying 30-17
system contact and location 30-15
trap manager, configuring 30-13
traps
differences from informs 30-5
disabling 30-14
enabling 30-11
enabling MAC address notification 6-23
types of 30-11
versions supported 30-2
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 23-1
software compatibility
software images
location in flash B-20
recovery procedures 39-2
scheduling reloads 3-16
tar file format, described B-20
See also downloading and uploading
source addresses, in ACLs 31-13
source-and-destination-IP address based forwarding, EtherChannel 33-8
source-and-destination MAC address forwarding, EtherChannel 33-8
source-IP address based forwarding, EtherChannel 33-8
source-MAC address forwarding, EtherChannel 33-7
SPAN
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-11
destination ports 27-7
displaying status 27-24
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-7
ports, restrictions 24-11
received traffic 27-5
session limits 27-11
sessions
configuring ingress forwarding 27-16, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-14
specifying monitored ports 27-12
with ingress traffic enabled 27-15
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 12-19
Spanning Tree Protocol
SPAN traffic 27-5
speed, configuring on interfaces 10-16
split horizon, RIP 34-23
SRR
configuring
shaped weights on egress queues 32-74
shared weights on egress queues 32-75
shared weights on ingress queues 32-68
described 32-14
shaped mode 32-14
shared mode 32-14
support for 1-9
SSH
configuring 8-39
cryptographic software image 8-37
encryption methods 8-38
switch stack considerations 4-17, 8-38
user authentication methods, supported 8-38
SSL
configuration guidelines 8-44
configuring a secure HTTP client 8-47
configuring a secure HTTP server 8-45
cryptographic software image 8-42
described 8-41
monitoring 8-48
stack changes, effects on
802.1x port-based authentication 9-10
ACL configuration 31-7
CDP 25-2
cross-stack EtherChannel 33-12
EtherChannel 33-9
fallback bridging 38-3
HSRP 35-4
IGMP snooping 23-6
IP routing 34-3
MAC address tables 6-22
MSTP 18-6
multicast routing 36-8
MVR 23-13
port security 24-16
SDM template selection 7-2
SNMP 30-1
SPAN and RSPAN 27-10
STP 17-12
system message log 29-2
VLANs 12-7
VTP 13-6
stack master
bridge ID (MAC address) 4-5
defined 4-1
election 4-4
re-election 4-4
stack member
accessing CLI of specific member 4-22
configuring
member number 4-20
priority value 4-21
defined 4-1
displaying information of 4-22
number 4-6
priority value 4-7
provisioning a new member 4-21
replacing 4-15
stack member number 10-10
stack protocol version 4-11
stacks, switch
accessing CLI of specific member 4-22
assigning information
member number 4-20
priority value 4-21
provisioning a new member 4-21
auto-advise 4-12
auto-copy 4-12
auto-upgrade 4-12
benefits 1-2
bridge ID 4-5
CDP considerations 25-2
compatibility, software 4-10
configuration file 4-15
configuration scenarios 4-17
copying an image file from one member to another B-34
default configuration 4-20
description of 4-1
displaying information of 4-22
hardware compatibility and SDM mismatch mode 4-10
HSRP considerations 35-4
incompatible software and image upgrades 4-15, B-34
MAC address considerations 6-22
management connectivity 4-16
managing 4-1
membership 4-3
merged 4-3
MSTP instances supported 17-10
multicast routing, stack master and member roles 36-8
offline configuration
described 4-7
effects of adding a provisioned switch 4-8
effects of removing a provisioned switch 4-10
effects of replacing a provisioned switch 4-10
provisioned configuration, defined 4-7
provisioned switch, defined 4-7
provisioning a new member 4-21
provisioned switch
adding 4-8
removing 4-10
replacing 4-10
replacing a failed member 4-15
See also stack master and stack member
software compatibility 4-10
software image version 4-10
stack protocol version 4-11
STP
bridge ID 17-3
instances supported 17-10
root port selection 17-3
stack root switch election 17-3
system messages
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 6-14
system-wide configuration considerations 4-16
upgrading B-34
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 4-12
described 4-12
examples 4-13
manual upgrades with auto-advise 4-12
StackWise technology, Cisco 1-3
standby command switch, requirements 5-2
standby ip command 35-5
standby links 20-1
standby router 35-1
standby timers, HSRP 35-9
startup configuration
booting
manually 3-13
specific image 3-13
clearing B-19
configuration file
automatically downloading 3-12
specifying the filename 3-12
default boot configuration 3-12
static access ports
assigning to VLAN 12-11
static addresses
static IP routing 1-9
static MAC addressing 1-7
static routes, configuring 34-62
static routing 34-2
static VLAN membership 12-2
statistics
802.1x 9-23
CDP 25-5
interface 10-26
IP multicast routing 36-51
OSPF 34-33
QoS ingress and egress 32-77
RMON group Ethernet 28-6
RMON group history 28-5
SNMP input and output 30-17
VTP 13-15
sticky learning 24-8
storm control
configuring 24-3
described 24-1
disabling 24-5
displaying 24-16
support for 1-4
thresholds 24-1
STP
802.1D and bridge ID 17-4
802.1D and multicast addresses 17-9
802.1t and VLAN identifier 17-4
accelerating root port selection 19-4
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
BPDU message exchange 17-3
configuration guidelines 17-13, 19-12
configuring
forward-delay time 17-23
hello time 17-22
maximum aging time 17-23
path cost 17-20
port priority 17-18
root switch 17-16
secondary root switch 17-18
spanning-tree mode 17-15
switch priority 17-21
counters, clearing 17-24
cross-stack UplinkFast
described 19-5
enabling 19-16
default configuration 17-13
default optional feature configuration 19-12
designated port, defined 17-4
designated switch, defined 17-4
detecting indirect link failures 19-8
disabling 17-16
displaying status 17-24
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
extended system ID
effects on root switch 17-16
effects on the secondary root switch 17-18
overview 17-4
unexpected behavior 17-16
features supported 1-6
inferior BPDU 17-3
instances supported 17-10
interface state, blocking to forwarding 19-2
interface states
blocking 17-7
disabled 17-8
learning 17-7
listening 17-7
overview 17-5
interoperability and compatibility among modes 17-11
keepalive messages 17-2
Layer 2 protocol tunneling 16-8
limitations with 802.1Q trunks 17-11
load sharing
overview 12-24
using path costs 12-26
using port priorities 12-24
loop guard
described 19-11
enabling 19-18
modes supported 17-10
multicast addresses, effect of 17-9
optional features supported 1-6
overview 17-2
Port Fast
described 19-2
enabling 19-12
port priorities 12-25
preventing root switch selection 19-10
protocols supported 17-10
redundant connectivity 17-9
root guard
described 19-10
enabling 19-17
root port, defined 17-3
root port selection on a switch stack 17-3
root switch
configuring 17-16
effects of extended system ID 17-4, 17-16
election 17-3
unexpected behavior 17-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 17-12
status, displaying 17-24
superior BPDU 17-3
timers, described 17-22
UplinkFast
described 19-4
enabling 19-15
VLAN-bridge 17-12
stratum, NTP 6-2
stub areas, OSPF 34-29
subdomains, private VLAN 14-1
subnet mask 34-6
subnet zero 34-7
success response, VMPS 12-28
summer time 6-13
SunNet Manager 1-4
supernet 34-7
SVIs
and IP unicast routing 34-4
and router ACLs 31-4
connecting VLANs 10-9
defined 10-5
routing between VLANs 12-2
switch clustering technology 5-1
switch console port 1-5
Switch Database Management
switched packets, ACLs on 31-39
Switched Port Analyzer
switched ports 10-2
switchport block multicast command 24-7
switchport block unicast command 24-7
switchport command 10-15
switchport mode dot1q-tunnel command 16-6
switchport protected command 24-6
switch priority
MSTP 18-20
STP 17-21
switch software features 1-1
switch virtual interface
synchronization, BGP 34-44
syslog
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-2
system message logging
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-13
enabling 29-5
facility keywords, described 29-13
level keywords, described 29-10
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-10
time stamps, enabling and disabling 29-8
UNIX syslog servers
configuring the daemon 29-11
configuring the logging facility 29-12
facilities supported 29-13
system MTU and 802.1Q tunneling 16-5
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
system prompt
manual configuration 6-16
system resources, optimizing 7-1
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-17
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-8
tracking services accessed by user 8-17
tagged packets
802.1Q 16-3
Layer 2 protocol 16-8
tar files
creating B-6
displaying the contents of B-7
extracting B-7
image file format B-20
TDR 1-11
Telnet
accessing management interfaces 2-9
number of connections 1-5
setting a password 8-6
templates, SDM 7-1
temporary self-signed certificate 8-43
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-12
configuration files in base directory 3-6
configuring for autoconfiguration 3-5
image files
deleting B-23
downloading B-22
preparing the server B-21
uploading B-24
limiting access by servers 30-15
TFTP server 1-5
threshold, traffic level 24-2
time
Time Domain Reflector
time-range command 31-18
time ranges in ACLs 31-18
time stamps in log messages 29-8
time zones 6-12
Token Ring VLANs
support for 12-6
VTP support 13-4
ToS 1-8
traceroute, Layer 2
and ARP 39-17
and CDP 39-17
broadcast traffic 39-17
described 39-17
IP addresses and subnets 39-17
MAC addresses and VLANs 39-17
multicast traffic 39-17
multiple devices on a port 39-18
unicast traffic 39-17
usage guidelines 39-17
traceroute command 39-19
traffic
blocking flooded 24-6
fragmented 31-6
unfragmented 31-6
traffic policing 1-9
traffic suppression 24-1
transparent mode, VTP 13-3, 13-12
trap-door mechanism 3-2
traps
configuring MAC address notification 6-23
configuring managers 30-11
defined 30-3
notification types 30-11
troubleshooting
connectivity problems 39-15, 39-16, 39-18
detecting unidirectional links 26-1
displaying crash information 39-25
PIMv1 and PIMv2 interoperability problems 36-23
setting packet forwarding 39-23
SFP security and identification 39-14
show forward command 39-23
with CiscoWorks 30-4
with debug commands 39-21
with ping 39-15
with system message logging 29-1
with traceroute 39-18
trunking encapsulation 1-6
trunk ports
configuring 12-20
encapsulation 12-20, 12-25, 12-27
secure MAC addresses on 24-12
trunks
allowed-VLAN list 12-21
configuring 12-20, 12-25, 12-27
ISL 12-16
load sharing
setting STP path costs 12-26
using STP port priorities 12-24, 12-25
native VLAN for untagged traffic 12-23
parallel 12-26
pruning-eligible list 12-22
to non-DTP device 12-17
understanding 12-17
trusted boundary for QoS 32-38
trusted port states
between QoS domains 32-40
classification options 32-5
ensuring port security for IP phones 32-38
support for 1-8
within a QoS domain 32-35
trustpoints, CA 8-42
tunneling
802.1Q 16-1
defined 16-1
Layer 2 protocol 16-8
tunnel ports
802.1Q, configuring 16-6
defined 12-4
incompatibilities with other features 16-6
twisted-pair Ethernet, detecting unidirectional links 26-1
type of service
U
UDLD
default configuration 26-4
disabling
fiber-optic interfaces 26-5
globally 26-5
per interface 26-5
echoing detection mechanism 26-3
enabling
globally 26-4
per interface 26-5
Layer 2 protocol tunneling 16-10
link-detection mechanism 26-1
neighbor database 26-2
overview 26-1
resetting an interface 26-6
status, displaying 26-6
support for 1-6
UDP, configuring 34-16
unauthorized ports with 802.1x 9-4
unicast MAC address filtering 1-5
and adding static addresses 6-27
and broadcast MAC addresses 6-26
and CPU packets 6-26
and multicast addresses 6-26
and router MAC addresses 6-26
configuration guidelines 6-26
described 6-26
unicast storm 24-1
unicast storm control command 24-4
unicast traffic, blocking 24-7
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 29-11
facilities supported 29-13
message logging configuration 29-12
unrecognized Type-Length-Value (TLV) support 13-4
upgrading information
upgrading software images
UplinkFast
described 19-4
disabling 19-16
enabling 19-15
support for 1-6
uploading
configuration files
reasons for B-8
using FTP B-14
using RCP B-18
using TFTP B-12
image files
reasons for B-19
using FTP B-28
using RCP B-33
using TFTP B-24
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 8-7
V
version-dependent transparent mode 13-4
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 4-12
described 4-12
displaying 4-12
manual upgrades with auto-advise 4-12
vlan.dat file 12-5
VLAN 1, disabling on a trunk port 12-22
VLAN 1 minimization 12-21
VLAN ACLs
vlan-assignment response, VMPS 12-28
VLAN configuration
at bootup 12-8
saving 12-8
VLAN configuration mode 2-2, 12-7
VLAN database
and startup configuration file 12-8
and VTP 13-1
VLAN configuration saved in 12-7
VLANs saved in 12-4
vlan database command 12-7
vlan dot1q tag native command 16-5
VLAN filtering and SPAN 27-7
vlan global configuration command 12-7
VLAN ID, discovering 6-28
VLAN management domain 13-2
VLAN Management Policy Server
VLAN map entries, order of 31-31
VLAN maps
applying 31-35
common uses for 31-35
configuration example 31-36
configuration guidelines 31-31
configuring 31-31
creating 31-32
defined 31-2
denying access example 31-37
denying and permitting packets 31-33
displaying 31-42
examples 31-37
removing 31-35
support for 1-7
with router ACLs 31-41
VLAN membership
confirming 12-31
modes 12-3
VLAN Query Protocol
VLANs
adding 12-9
adding to VLAN database 12-9
aging dynamic addresses 17-10
allowed on trunk 12-21
and spanning-tree instances 12-3, 12-6, 12-13
configuration guidelines, extended-range VLANs 12-13
configuration guidelines, normal-range VLANs 12-6
configuration options 12-7
configuring 12-1
configuring IDs 1006 to 4094 12-13
connecting through SVIs 10-9
creating in config-vlan mode 12-9
creating in VLAN configuration mode 12-10
customer numbering in service-provider networks 16-3
default configuration 12-8
deleting 12-10
displaying 12-15
features 1-6
illustrated 12-2
internal 12-13
in the switch stack 12-7
limiting source traffic with RSPAN 27-23
limiting source traffic with SPAN 27-16
modifying 12-9
native, configuring 12-23
number supported 1-6
parameters 12-5
port membership modes 12-3
static-access ports 12-11
STP and 802.1Q trunks 17-11
supported 12-3
Token Ring 12-6
traffic between 12-2
VTP modes 13-3
VLAN Trunking Protocol
VMPS
administering 12-32
configuration example 12-33
configuration guidelines 12-29
default configuration 12-29
description 12-27
dynamic port membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
entering server address 12-30
mapping MAC addresses to VLANs 12-28
monitoring 12-32
reconfirmation interval, changing 12-31
reconfirming membership 12-31
retry count, changing 12-32
voice-over-IP 15-1
voice VLAN
Cisco 7960 phone, port connections 15-1
configuration guidelines 7-4, 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-6
trust CoS priority of incoming frame 15-6
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-5
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-6
VTP
adding a client to a domain 13-14
and extended-range VLANs 13-2
and normal-range VLANs 13-2
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-8
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-7
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
Layer 2 protocol tunneling 16-8
modes
transitions 13-3
monitoring 13-15
passwords 13-8
pruning
disabling 13-14
enabling 13-14
examples 13-5
overview 13-4
support for 1-7
pruning-eligible list, changing 12-22
server mode, configuring 13-9
statistics 13-15
support for 1-7
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-9
Version 1 13-4
Version 2
configuration guidelines 13-9
disabling 13-13
enabling 13-13
overview 13-4
W
weighted tail drop
wizards 1-2
WTD
described 32-13
setting thresholds
egress queue-sets 32-70
ingress queues 32-66
support for 1-9
X
Xmodem protocol 39-2
Feedback