- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Managing Switch Stacks
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring 802.1x Port-Based Authentication
- Configuring Interface Characteristics
- Configuring Smartports Macros
- Configuring VLANs
- Configuring VTP
- Configuring Private VLANs
- Configuring Voice VLAN
- Configuring 802.1Q and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels
- Configuring IP Unicast Routing
- Configuring HSRP
- Configuring IP Multicast Routing
- Configuring MSDP
- Configuring Fallback Bridging
- Troubleshooting
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(25)SE
Index
Numerics
10-Gigabit Ethernet interfaces
configuration guidelines 10-16
defined 10-6
802.1D
802.1Q
and trunk ports 10-3
configuration limitations 12-19
encapsulation 12-16
native VLAN for untagged traffic 12-23
tunneling
compatibility with other features 16-6
defaults 16-4
described 16-1
tunnel ports with other features 16-6
802.1s
802.1w
802.1x
802.3ad
802.3af
802.3z flow control 10-19
A
abbreviating commands 2-3
ABRs 34-25
access-class command 31-21
access control entries
access-denied response, VMPS 12-28
access groups
applying ACLs to interfaces 31-22
IP 31-22
Layer 2 31-22
Layer 3 31-22
accessing stack members 4-22
access lists
access ports
and Layer 2 protocol tunneling 16-11
defined 10-3
accounting
with RADIUS 8-28
ACEs
and QoS 32-7
defined 31-2
Ethernet 31-2
IP 31-2
ACLs
ACEs 31-2
any keyword 31-14
applying
on bridged packets 31-39
on multicast packets 31-41
on routed packets 31-40
on switched packets 31-39
time ranges to 31-18
applying (continued)
to an interface 31-21
to QoS 32-7
classifying traffic for QoS 32-42
comments in 31-20
compiling 31-24
configuring with VLAN maps 31-38
extended IP
configuring for QoS classification 32-44
creating 31-11
matching criteria 31-8
hardware and software handling 31-23
host keyword 31-14
IP
applying to an interface 31-21
applying to interfaces 31-21
creating 31-8
fragments and QoS guidelines 32-33
implicit deny 31-10, 31-15, 31-17
implicit masks 31-10
matching criteria 31-8
named 31-16
terminal lines, setting on 31-21
undefined 31-23
violations, logging 31-17
limiting actions 31-39
logging messages 31-11
log keyword 31-17
monitoring 31-41
named 31-16
number per QoS class map 32-33
numbers 31-9
port 31-2
precedence of 31-3
resequencing entries 31-16
router 31-2
standard IP
configuring for QoS classification 32-43
creating 31-10
matching criteria 31-8
supported features 31-23
support for 1-7
time ranges 31-18
unsupported features 31-7
using router ACLs with VLAN maps 31-38
VLAN maps
configuration guidelines 31-31
configuring 31-31
active links 20-1
active router 35-1
address aliasing 23-2
addresses
displaying the MAC address table 6-28
dynamic
accelerated aging 17-9
changing the aging time 6-22
default aging 17-9
defined 6-20
learning 6-21
removing 6-23
MAC, discovering 6-28
multicast
group address range 36-3
STP address management 17-9
static
adding and removing 6-25
defined 6-20
Address Resolution Protocol
adjacency tables, with CEF 34-61
administrative distances
defined 34-72
OSPF 34-31
routing protocol defaults 34-63
advertisements
CDP 25-1
RIP 34-20
aggregate addresses, BGP 34-55
aggregated ports
aggregate policers 32-57
aggregate policing 1-9
aging, accelerating 17-9
aging time
accelerated
for MSTP 18-21
MAC address table 6-22
maximum
for MSTP 18-22
for STP 17-23
alarms, RMON 28-3
allowed-VLAN list 12-21
area border routers
ARP
configuring 34-10
encapsulation 34-11
static cache configuration 34-10
table
address resolution 6-28
managing 6-28
ASBRs 34-25
AS-path filters, BGP 34-50
asymmetrical links, and 802.1Q tunneling 16-4
attributes, RADIUS
vendor-proprietary 8-31
vendor-specific 8-29
audience xxxvii
authentication
EIGRP 34-38
HSRP 35-9
local mode with AAA 8-36
NTP associations 6-5
RADIUS
key 8-21
login 8-23
TACACS+
defined 8-11
key 8-13
login 8-14
See also port-based authentication
authentication keys, and routing protocols 34-73
authoritative time source, described 6-2
authorization
with RADIUS 8-27
authorized ports with 802.1x 9-4
autoconfiguration 3-3
automatic advise (auto-advise) in switch stacks 4-12
automatic copy (auto-copy) in switch stacks 4-12
automatic QoS
automatic upgrades (auto-upgrade) in switch stacks 4-12
autonegotiation
duplex mode 1-3
interface configuration guidelines 10-17
mismatches 39-13
autonomous system boundary routers
autonomous systems, in BGP 34-44
Auto-RP, described 36-5
autosensing, port speed 1-3
auxiliary VLAN
availability, features 1-5
B
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
support for 1-6
backup interfaces
backup links 20-1
banners
configuring
login 6-20
message-of-the-day login 6-19
default configuration 6-18
when displayed 6-18
BGP
aggregate addresses 34-55
aggregate routes, configuring 34-55
CIDR 34-55
clear commands 34-59
community filtering 34-52
configuring neighbors 34-54
default configuration 34-41
described 34-41
enabling 34-43
monitoring 34-59
multipath support 34-47
neighbors, types of 34-43
path selection 34-47
peers, configuring 34-54
prefix filtering 34-51
resetting sessions 34-46
route dampening 34-58
route maps 34-49
route reflectors 34-57
routing domain confederation 34-56
show commands 34-59
supernets 34-55
support for 1-9
Version 4 34-41
binding cluster group and HSRP group 35-11
binding database
address, DHCP server
See DHCP, Cisco IOS server database
DHCP snooping
See DHCP snooping binding database
bindings
address, Cisco IOS DHCP server 21-5
DHCP snooping database 21-5
IP source guard 21-14
binding table, DHCP snooping
See DHCP snooping binding database
blocking packets 24-6
booting
boot loader, function of 3-2
boot process 3-1
manually 3-13
specific image 3-13
boot loader
accessing 3-14
described 3-2
environment variables 3-14
prompt 3-14
trap-door mechanism 3-2
bootstrap router (BSR), described 36-5
Border Gateway Protocol
BPDU
error-disabled state 19-3
filtering 19-3
RSTP format 18-10
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
support for 1-6
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
support for 1-6
bridged packets, ACLs on 31-39
bridge groups
bridge protocol data unit
broadcast flooding 34-17
broadcast packets
directed 34-14
flooded 34-14
broadcast storm-control command 24-4
C
cables, monitoring for unidirectional links 26-1
candidate switch
defined 5-3
requirements 5-3
See also command switch, cluster standby group, and member switch
CA trustpoint
configuring 8-45
defined 8-42
caution, described xxxviii
CDP
and trusted boundary 32-39
configuring 25-2
default configuration 25-2
described 25-1
disabling for routing device 25-3 to 25-4
enabling and disabling
on an interface 25-4
on a switch 25-3
Layer 2 protocol tunneling 16-8
monitoring 25-5
overview 25-1
power negotiation extensions 10-6
support for 1-5
switch stack considerations 25-2
transmission timer and holdtime, setting 25-2
updates 25-2
CEF 34-60
CGMP
as IGMP snooping learning method 23-8
clearing cached group entries 36-50
enabling server support 36-33
joining multicast group 23-3
overview 36-7
server support only 36-7
switch support of 1-4
CIDR 34-55
CipherSuites 8-43
Cisco 7960 IP Phone 15-1
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco intelligent power management 10-6
Cisco IOS DHCP server
See DHCP, Cisco IOS DHCP server
Cisco IOS File System
Cisco Network Assistant
Cisco StackWise technology 1-3
classless interdomain routing
classless routing 34-7
class maps for QoS
configuring 32-46
described 32-7
displaying 32-77
class of service
clearing interfaces 10-27
CLI
abbreviating commands 2-3
command modes 2-1
described 1-4
editing features
enabling and disabling 2-6
keystroke editing 2-6
wrapped lines 2-8
error messages 2-4
filtering command output 2-8
getting help 2-3
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
managing clusters 5-4
no and default forms of commands 2-4
client mode, VTP 13-3
clock
cluster requirements xxxix
clusters, switch
benefits 1-2
described 5-1
managing
through CLI 5-4
through SNMP 5-5
planning considerations
CLI 5-4
SNMP 5-5
See also Getting Started with Cisco Network Assistant
cluster standby group
and HSRP group 35-11
requirements 5-2
Coarse Wave Division Multiplexer
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
commands, setting privilege levels 8-8
command switch
configuration conflicts 39-13
defined 5-2
password privilege levels 5-4
recovery
from command-switch failure 39-9
from lost member connectivity 39-13
replacing
with another switch 39-11
with cluster member 39-10
requirements 5-2
See also candidate switch, cluster standby group, member switch, and standby command switch
community list, BGP 34-53
community ports 14-2
community strings
configuring 30-8
for cluster switches 30-4
overview 30-4
compatibility, feature 24-11
compatibility, software
config.text 3-12
configuration, initial
defaults 1-11
Express Setup 1-2
See also getting started guide and hardware installation guide
configuration conflicts, recovering from lost member connectivity 39-13
configuration examples, network 1-13
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 3-12
deleting a stored configuration B-19
described B-8
downloading
automatically 3-12
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 30-15
obtaining with DHCP 3-7
password recovery disable considerations 8-5
specifying the filename 3-12
system contact and location information 30-15
types and location B-10
uploading
reasons for B-8
using FTP B-14
using RCP B-18
using TFTP B-12
configuration settings, saving 3-10
configure terminal command 10-11
conflicts, configuration 39-13
connections, secure remote 8-38
connectivity problems 39-15, 39-16, 39-18
consistency checks in VTP Version 2 13-4
console port, connecting to 2-9
conventions
command xxxviii
for examples xxxviii
publication xxxviii
text xxxviii
corrupted software, recovery steps with Xmodem 39-2
CoS
in Layer 2 frames 32-2
override priority 15-6
trust priority 15-6
CoS input queue threshold map for QoS 32-16
CoS output queue threshold map for QoS 32-19
CoS-to-DSCP map for QoS 32-59
counters, clearing interface 10-27
crashinfo file 39-25
cross-stack EtherChannel
configuration guidelines 33-12
configuring
on Layer 2 interfaces 33-12
on Layer 3 physical interfaces 33-16
described 33-2
illustration 33-3
support for 1-5
cross-stack UplinkFast, STP
described 19-5
disabling 19-16
enabling 19-16
fast-convergence events 19-7
Fast Uplink Transition Protocol 19-6
normal-convergence events 19-7
support for 1-6
cryptographic software image
Kerberos 8-32
SSH 8-37
SSL 8-42
switch stack considerations 4-2, 4-17, 8-38
CWDM SFPs 1-24
D
daylight saving time 6-13
debugging
enabling all system diagnostics 39-22
enabling for a specific feature 39-21
redirecting error message output 39-22
using commands 39-21
default commands 2-4
default configuration
802.1Q tunneling 16-4
802.1x 9-11
auto-QoS 32-20
banners 6-18
BGP 34-41
booting 3-12
CDP 25-2
DHCP 21-7
DHCP option 82 21-7
DHCP snooping 21-7
DHCP snooping binding database 21-7
DNS 6-17
dynamic ARP inspection 22-5
EIGRP 34-35
EtherChannel 33-10
fallback bridging 38-3
Flex Links 20-2
HSRP 35-5
IGMP 36-27
IGMP filtering 23-20
IGMP snooping 23-6
IGMP throttling 23-20
initial switch information 3-3
IP addressing, IP routing 34-5
IP multicast routing 36-8
IP source guard 21-15
Layer 2 interfaces 10-15
Layer 2 protocol tunneling 16-11
MAC address table 6-22
MSDP 37-4
MSTP 18-13
MVR 23-15
NTP 6-4
optional spanning-tree configuration 19-12
OSPF 34-26
password and privilege level 8-2
PIM 36-8
private VLANs 14-7
RADIUS 8-20
RIP 34-20
RMON 28-3
RSPAN 27-11
SNMP 30-6
SPAN 27-11
SSL 8-44
standard QoS 32-31
STP 17-13
switch stacks 4-20
system message logging 29-4
system name and prompt 6-15
TACACS+ 8-13
UDLD 26-4
VLAN, Layer 2 Ethernet interfaces 12-19
VLANs 12-8
VMPS 12-29
voice VLAN 15-3
VTP 13-7
default networks 34-63
default routes 34-63
default routing 34-2
deleting VLANs 12-10
description command 10-23
designing your network, examples 1-13
destination addresses, in ACLs 31-13
destination-IP address-based forwarding, EtherChannel 33-8
destination-MAC address forwarding, EtherChannel 33-8
detecting indirect link failures, STP 19-8
device B-19
device discovery protocol 25-1
device manager
benefits 1-2
in-band management 1-5
requirements xxxviii
upgrading a switch B-19
DHCP
Cisco IOS server database
configuring 21-12
default configuration 21-7
described 21-5
enabling
relay agent 21-9
server 21-8
DHCP-based autoconfiguration
client request message exchange 3-4
configuring
client side 3-3
DNS 3-6
relay device 3-6
server side 3-5
server-side 21-8
TFTP server 3-5
example 3-8
lease options
for IP address information 3-5
for receiving the configuration file 3-5
overview 3-3
relationship to BOOTP 3-4
support for 1-5
DHCP binding database
See DHCP snooping binding database
DHCP binding table
See DHCP snooping binding database
DHCP option 82
circuit ID suboption 21-4
configuration guidelines 21-8
default configuration 21-7
displaying 21-13
forwarding address, specifying 21-9
helper address 21-9
overview 21-3
packet format, suboption
circuit ID 21-4
remote ID 21-4
remote ID suboption 21-4
DHCP snooping
and private VLANs 21-12
binding database
See DHCP snooping binding database
configuration guidelines 21-8
default configuration 21-7
displaying binding tables 21-13
message exchange process 21-4
option 82 data insertion 21-3
trusted interface 21-2
untrusted interface 21-2
untrusted messages 21-2
DHCP snooping binding database
adding bindings 21-12
binding file
format 21-6
location 21-5
bindings 21-5
clearing agent statistics 21-13
configuration guidelines 21-8
configuring 21-12
default configuration 21-7
deleting
binding file 21-13
bindings 21-13
database agent 21-13
described 21-5
displaying 21-13
binding entries 21-13
status and statistics 21-13
enabling 21-12
entry 21-5
renewing database 21-13
resetting
delay value 21-13
timeout value 21-13
updating process 21-6
DHCP snooping binding table
See DHCP snooping binding database
Differentiated Services architecture, QoS 32-2
Differentiated Services Code Point 32-2
Diffusing Update Algorithm (DUAL) 34-34
directed unicast requests 1-5
directories
changing B-4
creating and removing B-4
displaying the working B-4
Distance Vector Multicast Routing Protocol
distance-vector protocols 34-3
distribute-list command 34-71
DNS
and DHCP-based autoconfiguration 3-6
default configuration 6-17
displaying the configuration 6-18
overview 6-16
setting up 6-17
support for 1-5
documentation, related xxxviii
document conventions xxxviii
domain names
DNS 6-16
VTP 13-8
Domain Name System
dot1q-tunnel switchport mode 12-18
double-tagged packets
802.1Q tunneling 16-2
Layer 2 protocol tunneling 16-10
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-23
reasons for B-19
using CMS 1-2
using FTP B-26
using Network Assistant 1-2
using RCP B-31
using TFTP B-22
using the device manager or Network Assistant B-19
drop threshold for Layer 2 protocol packets 16-11
DSCP input queue threshold map for QoS 32-16
DSCP output queue threshold map for QoS 32-19
DSCP-to-CoS map for QoS 32-62
DSCP-to-DSCP-mutation map for QoS 32-63
DSCP transparency 32-39
DUAL finite state machine, EIGRP 34-34
duplex mode, configuring 10-16
DVMRP
autosummarization
configuring a summary address 36-47
disabling 36-49
connecting PIM domain to DVMRP router 36-39
enabling unicast routing 36-43
interoperability
with Cisco devices 36-37
with Cisco IOS software 36-7
mrinfo requests, responding to 36-42
neighbors
advertising the default route to 36-41
discovery with Probe messages 36-37
displaying information 36-42
prevent peering with nonpruning 36-45
rejecting nonpruning 36-43
overview 36-7
routes
adding a metric offset 36-49
advertising all 36-49
advertising the default route to neighbors 36-41
caching DVMRP routes learned in report messages 36-43
changing the threshold for syslog messages 36-46
deleting 36-50
displaying 36-51
favoring one over another 36-49
limiting the number injected into MBONE 36-46
limiting unicast route advertisements 36-37
routing table 36-7
source distribution tree, building 36-7
support for 1-10
tunnels
configuring 36-39
displaying neighbor information 36-42
dynamic access ports
characteristics 12-4
configuring 12-30
defined 10-3
dynamic addresses
dynamic ARP inspection
ARP cache poisoning 22-1
ARP requests, described 22-1
ARP spoofing attack 22-1
clearing
log buffer 22-15
statistics 22-15
configuration guidelines 22-6
configuring
ACLs for non-DHCP environments 22-8
in DHCP environments 22-7
log buffer 22-12
rate limit for incoming ARP packets 22-4, 22-10
default configuration 22-5
denial-of-service attacks, preventing 22-10
described 22-1
DHCP snooping binding database 22-2
displaying
ARP ACLs 22-14
configuration and operating state 22-14
log buffer 22-15
statistics 22-15
trust state and rate limit 22-14
error-disabled state for exceeding rate limit 22-4
function of 22-2
interface trust states 22-3
log buffer
clearing 22-15
configuring 22-12
displaying 22-15
logging of dropped packets, described 22-5
man-in-the middle attack, described 22-2
network security issues and interface trust states 22-3
priority of ARP ACLs and DHCP snooping entries 22-4
rate limiting of ARP packets
configuring 22-10
described 22-4
error-disabled state 22-4
statistics
clearing 22-15
displaying 22-15
validation checks, performing 22-11
dynamic auto trunking mode 12-18
dynamic desirable trunking mode 12-18
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
types of connections 12-30
dynamic routing 34-3
Dynamic Trunking Protocol
E
EBGP 34-40
editing features
enabling and disabling 2-6
keystrokes used 2-6
wrapped lines 2-8
EIGRP
authentication 34-38
components 34-34
configuring 34-36
default configuration 34-35
definition 34-34
interface parameters, configuring 34-37
monitoring 34-39
support for 1-9
elections
enable password 8-4
enable secret password 8-4
encryption, CipherSuite 8-44
encryption for passwords 8-4
Enhanced IGRP
environment variables, function of 3-15
error messages during command entry 2-4
EtherChannel
802.3ad, described 33-6
automatic creation of 33-5, 33-6
channel groups
binding physical and logical interfaces 33-4
numbering of 33-4
configuration guidelines 33-11
configuring
Layer 2 interfaces 33-12
Layer 3 physical interfaces 33-16
Layer 3 port-channel logical interfaces 33-15
default configuration 33-10
described 33-2
displaying status 33-23
forwarding methods 33-7, 33-18
interaction
with STP 33-11
with VLANs 33-12
LACP
described 33-6
displaying status 33-23
hot-standby ports 33-20
interaction with other features 33-7
modes 33-6
port priority 33-22
system priority 33-21
Layer 3 interface 34-4
logical interfaces, described 33-4
PAgP
aggregate-port learners 33-19
compatibility with Catalyst 1900 33-19
described 33-5
displaying status 33-23
interaction with other features 33-6
learn method and priority configuration 33-19
modes 33-5
support for 1-4
port-channel interfaces
described 33-4
numbering of 33-4
port groups 10-5
stack changes, effects of 33-9
support for 1-3
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
Ethernet VLANs
adding 12-9
defaults and ranges 12-8
modifying 12-9
events, RMON 28-3
examples
conventions for xxxviii
network configuration 1-13
expedite queue for QoS 32-76
Express Setup 1-2
See also getting started guide
extended-range VLANs
configuration guidelines 12-13
configuring 12-12
creating 12-14
defined 12-1
extended system ID
MSTP 18-15
Extensible Authentication Protocol over LAN 9-1
external BGP
external neighbors, BGP 34-43
F
failover support 1-5
fallback bridging
and protected ports 38-4
bridge groups
creating 38-4
described 38-2
displaying 38-11
function of 38-2
bridge groups (continued)
number supported 38-5
removing 38-5
bridge table
clearing 38-11
displaying 38-11
configuration guidelines 38-4
connecting interfaces with 10-9
default configuration 38-3
described 38-1
frame forwarding
flooding packets 38-2
forwarding packets 38-2
overview 38-1
protocol, unsupported 38-4
stack changes, effects of 38-3
STP
disabling on an interface 38-11
forward-delay interval 38-10
hello BPDU interval 38-9
interface priority 38-7
keepalive messages 17-2
maximum-idle interval 38-10
path cost 38-8
VLAN-bridge spanning-tree priority 38-7
VLAN-bridge STP 38-2
support for 1-9
SVIs and routed ports 38-1
unsupported protocols 38-4
VLAN-bridge STP 17-12
Fast Uplink Transition Protocol 19-6
features, incompatible 24-11
FIB 34-60
fiber-optic, detecting unidirectional links 26-1
files
copying B-5
crashinfo
description 39-25
displaying the contents of 39-25
location 39-25
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-7
extracting B-7
image file format B-20
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-5
setting the default B-3
filtering
in a VLAN 31-31
non-IP traffic 31-28
show and more command output 2-8
filtering show and more command output 2-8
filters, IP
flash device, number of B-1
Flex Links
configuration guidelines 20-2
configuring 20-3
default configuration 20-2
description 20-1
monitoring 20-3
flooded traffic, blocking 24-7
flow-based packet classification 1-8
flowcharts
QoS classification 32-6
QoS egress queueing and scheduling 32-17
QoS ingress queueing and scheduling 32-15
QoS policing and marking 32-11
forward-delay time
MSTP 18-21
STP 17-23
Forwarding Information Base
forwarding nonroutable protocols 38-1
FTP
accessing MIB files A-3
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-14
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
get-bulk-request operation 30-3
get-next-request operation 30-3, 30-4
get-request operation 30-3, 30-4
get-response operation 30-3
Gigabit modules
global configuration mode 2-2
guest VLAN and 802.1x 9-8
guide
audience xxxvii
purpose of xxxvii
guide mode 1-2
GUIs
See device manager and Network Assistant 1-4
H
hardware limitations and Layer 3 interfaces 10-24
hello time
MSTP 18-20
STP 17-22
help, for the command line 2-3
hierarchical policy maps 32-8
configuration guidelines 32-33
configuring 32-51
described 32-10
history
changing the buffer size 2-5
described 2-4
disabling 2-5
recalling commands 2-5
history table, level and number of syslog messages 29-10
host ports
configuring 14-12
kinds of 14-2
hosts, limit on dynamic ports 12-33
Hot Standby Router Protocol
HP OpenView 1-4
HSRP
authentication string 35-9
binding to cluster group 35-11
command-switch redundancy 1-1, 1-5
configuring 35-4
default configuration 35-5
definition 35-1
guidelines 35-5
monitoring 35-11
overview 35-1
priority 35-7
routing redundancy 1-9
support for ICMP redirect messages 35-11
switch stack considerations 35-4
timers 35-9
tracking 35-7
HTTP over SSL
HTTPS 8-42
configuring 8-45
self-signed certificate 8-43
HTTP secure server 8-42
I
IBPG 34-40
ICMP
redirect messages 34-12
support for 1-10
time-exceeded messages 39-18
traceroute and 39-18
unreachable messages 31-22
unreachables and ACLs 31-23
ICMP ping
executing 39-15
overview 39-15
ICMP Router Discovery Protocol
IDS appliances
and ingress RSPAN 27-21
and ingress SPAN 27-15
IEEE 802.1p 15-1
ifIndex values, SNMP 30-5
IFS 1-5
IGMP
configuring the switch
as a member of a group 36-27
statically connected member 36-32
controlling access to groups 36-28
default configuration 36-27
deleting cache entries 36-51
displaying groups 36-51
fast switching 36-32
host-query interval, modifying 36-30
joining multicast group 23-3
join messages 23-3
leave processing, enabling 23-10
leaving multicast group 23-5
multicast reachability 36-27
overview 36-2
queries 23-4
report suppression
described 23-5
disabling 23-10
support for 1-4
Version 1
changing to Version 2 36-29
described 36-3
Version 2
changing to Version 1 36-29
described 36-3
maximum query response time value 36-31
pruning groups 36-31
query timeout value 36-31
IGMP filtering
configuring 23-20
default configuration 23-20
described 23-19
monitoring 23-24
support for 1-4
IGMP groups
configuring filtering 23-23
setting the maximum number 23-22
IGMP profile
applying 23-21
configuration mode 23-20
configuring 23-21
IGMP snooping
and address aliasing 23-2
and stack changes 23-6
configuring 23-6
default configuration 23-6
definition 23-1
enabling and disabling 23-7
global configuration 23-7
Immediate Leave 23-5
in the switch stack 23-6
method 23-7
monitoring 23-11
support for 1-4
VLAN configuration 23-7
IGMP throttling
configuring 23-23
default configuration 23-20
described 23-20
displaying action 23-24
IGP 34-25
Immediate Leave, IGMP
described 23-5
enabling 23-10
initial configuration
defaults 1-11
Express Setup 1-2
See also getting started guide and hardware installation guide
interface
number 10-10
range macros 10-13
interface command 10-10 to 10-11
interface configuration mode 2-2
interfaces
configuration guidelines
10-Gigabit Ethernet 10-16
duplex and speed 10-17
configuring
duplex mode 10-16
procedure 10-11
speed 10-16
counters, clearing 10-27
described 10-23
descriptive name, adding 10-23
displaying information about 10-26
flow control 10-19
management 1-4
monitoring 10-26
naming 10-23
physical, identifying 10-10
range of 10-11
restarting 10-28
shutting down 10-28
status 10-26
supported 10-10
types of 10-1
interfaces range macro command 10-13
interface types 10-10
Interior Gateway Protocol
internal BGP
internal neighbors, BGP 34-43
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link
Intrusion Detection System
ip access group command 31-22
IP ACLs
applying to an interface 31-21
extended, creating 31-11
for QoS classification 32-7
implicit deny 31-10, 31-15, 31-17
implicit masks 31-10
logging 31-17
named 31-16
standard, creating 31-10
undefined 31-23
virtual terminal lines, setting on 31-21
IP addresses
candidate or member 5-3
classes of 34-6
command switch 5-2
default configuration 34-5
discovering 6-28
for IP routing 34-5
MAC address association 34-9
monitoring 34-18
IP broadcast address 34-16
ip cef distributed command 34-61
IP directed broadcasts 34-14
ip igmp profile command 23-20
IP information
assigned
manually 3-9
through DHCP-based autoconfiguration 3-3
default configuration 3-3
IP multicast routing
addresses
all-hosts 36-3
all-multicast-routers 36-3
host group address range 36-3
administratively-scoped boundaries, described 36-35
and IGMP snooping 23-1
Auto-RP
adding to an existing sparse-mode cloud 36-14
benefits of 36-14
clearing the cache 36-51
configuration guidelines 36-10
filtering incoming RP announcement messages 36-17
overview 36-5
preventing candidate RP spoofing 36-17
preventing join messages to false RPs 36-16
setting up in a new internetwork 36-14
using with BSR 36-22
bootstrap router
configuration guidelines 36-10
configuring candidate BSRs 36-20
configuring candidate RPs 36-21
defining the IP multicast boundary 36-19
defining the PIM domain border 36-18
overview 36-5
using with Auto-RP 36-22
Cisco implementation 36-2
configuring
basic multicast routing 36-10
IP multicast boundary 36-35
default configuration 36-8
enabling
multicast forwarding 36-11
PIM mode 36-11
group-to-RP mappings
Auto-RP 36-5
BSR 36-5
MBONE
deleting sdr cache entries 36-51
described 36-34
displaying sdr cache 36-52
enabling sdr listener support 36-34
limiting DVMRP routes advertised 36-46
limiting sdr cache entry lifetime 36-35
MBONE (continued)
SAP packets for conference session announcement 36-34
Session Directory (sdr) tool, described 36-34
monitoring
packet rate loss 36-52
peering devices 36-52
tracing a path 36-52
multicast forwarding, described 36-6
PIMv1 and PIMv2 interoperability 36-9
protocol interaction 36-2
reverse path check (RPF) 36-6
routing table
deleting 36-51
displaying 36-51
RP
assigning manually 36-12
configuring Auto-RP 36-14
configuring PIMv2 BSR 36-18
monitoring mapping information 36-23
using Auto-RP and BSR 36-22
stacking
stack master functions 36-8
stack member functions 36-8
statistics, displaying system and network 36-51
IP phones
and QoS 15-1
automatic classification and queueing 32-20
configuring 15-4
ensuring port security with QoS 32-38
trusted boundary for QoS 32-38
IP precedence 32-2
IP-precedence-to-DSCP map for QoS 32-60
IP protocols
in ACLs 31-13
routing 1-9
IP routes, monitoring 34-74
IP routing
connecting interfaces with 10-9
disabling 34-19
enabling 34-19
IP source guard
and 802.1x 21-15
and DHCP snooping 21-14
and EtherChannels 21-15
and port security 21-15
and private VLANs 21-15
and routed ports 21-15
and TCAM entries 21-15
and trunk interfaces 21-15
and VRF 21-15
binding configuration
automatic 21-14
manual 21-14
binding table 21-14
configuration guidelines 21-15
default configuration 21-15
described 21-14
disabling 21-16
displaying
bindings 21-17
configuration 21-17
enabling 21-16
filtering
source IP address 21-14
source IP and MAC address 21-14
source IP address filtering 21-14
source IP and MAC address filtering 21-14
static bindings
adding 21-16
deleting 21-16
IP traceroute
executing 39-19
overview 39-18
IP unicast routing
address resolution 34-9
administrative distances 34-63, 34-72
ARP 34-9
assigning IP addresses to Layer 3 interfaces 34-6
authentication keys 34-73
broadcast
address 34-16
flooding 34-17
packets 34-14
storms 34-14
classless routing 34-7
configuring static routes 34-62
default
addressing configuration 34-5
gateways 34-12
networks 34-63
routes 34-63
routing 34-2
directed broadcasts 34-14
disabling 34-19
dynamic routing 34-3
enabling 34-19
EtherChannel Layer 3 interface 34-4
IGP 34-25
inter-VLAN 34-2
IP addressing
classes 34-6
configuring 34-5
IRDP 34-13
Layer 3 interfaces 34-4
MAC address and IP address 34-9
passive interfaces 34-70
protocols
distance-vector 34-3
dynamic 34-3
link-state 34-3
proxy ARP 34-9
redistribution 34-64
reverse address resolution 34-9
routed ports 34-4
static routing 34-2
steps to configure 34-5
subnet mask 34-6
subnet zero 34-7
supernet 34-7
UDP 34-16
with SVIs 34-4
IRDP
configuring 34-13
definition 34-13
support for 1-10
ISL
and trunk ports 10-3
trunking with 802.1 tunneling 16-5
isolated port 14-2
J
join messages, IGMP 23-3
K
KDC
described 8-32
keepalive messages 17-2
Kerberos
authenticating to
boundary switch 8-35
KDC 8-35
network services 8-35
configuration examples 8-32
configuring 8-36
credentials 8-32
cryptographic software image 8-32
described 8-32
KDC 8-32
operation 8-34
realm 8-33
server 8-33
support for 1-8
switch as trusted third party 8-32
terms 8-33
TGT 8-34
tickets 8-32
key distribution center
L
l2protocol-tunnel command 16-13
LACP
Layer 2 protocol tunneling 16-9
Layer 2 frames, classification with CoS 32-2
Layer 2 interfaces, default configuration 10-15
Layer 2 protocol tunneling
configuring 16-10
configuring for EtherChannels 16-14
default configuration 16-11
defined 16-8
guidelines 16-12
Layer 2 traceroute
and ARP 39-17
and CDP 39-17
broadcast traffic 39-17
described 39-17
IP addresses and subnets 39-17
MAC addresses and VLANs 39-17
multicast traffic 39-17
multiple devices on a port 39-18
unicast traffic 39-17
usage guidelines 39-17
Layer 2 trunks 12-17
Layer 3 features 1-9
Layer 3 interfaces
assigning IP addresses to 34-6
changing from Layer 2 mode 34-6
types of 34-4
Layer 3 packets, classification methods 32-2
LEDs, switch
See hardware installation guide
line configuration mode 2-2
Link Aggregation Control Protocol
link redundancy
links, unidirectional 26-1
link state advertisements (LSAs) 34-29
link-state protocols 34-3
load balancing 35-3
logging messages, ACL 31-11
login authentication
with RADIUS 8-23
with TACACS+ 8-14
login banners 6-18
log messages
Long-Reach Ethernet (LRE) technology 1-15, 1-23
loop guard
described 19-11
enabling 19-18
support for 1-6
M
MAC addresses
aging time 6-22
and VLAN association 6-21
building the address table 6-21
default configuration 6-22
discovering 6-28
displaying 6-28
displaying in the IP source binding table 21-17
dynamic
learning 6-21
removing 6-23
in ACLs 31-28
IP address association 34-9
static
adding 6-26
allowing 6-27
characteristics of 6-25
dropping 6-27
removing 6-26
MAC address notification, support for 1-10
MAC address-to-VLAN mapping 12-28
MAC extended access lists
applying to Layer 2 interfaces 31-30
configuring for QoS 32-45
creating 31-28
defined 31-28
for QoS classification 32-5
macros
manageability features 1-5
management access
in-band
browser session 1-5
CLI session 1-5
device manager 1-5
SNMP 1-5
out-of-band console port connection 1-5
management options
CLI 2-1
clustering 1-3
Network Assistant 1-2
overview 1-4
switch stacks 1-3
mapping tables for QoS
configuring
CoS-to-DSCP 32-59
DSCP 32-59
DSCP-to-CoS 32-62
DSCP-to-DSCP-mutation 32-63
IP-precedence-to-DSCP 32-60
policed-DSCP 32-61
described 32-12
marking
action in policy map 32-48
action with aggregate policers 32-57
matching, ACLs 31-8
maximum aging time
MSTP 18-22
STP 17-23
maximum hop count, MSTP 18-22
maximum-paths command 34-47, 34-62
membership mode, VLAN port 12-3
member switch
defined 5-2
managing 5-4
recovering from lost connectivity 39-13
requirements 5-3
See also candidate switch, cluster standby group, and standby command switch
messages
logging ACL violations 31-17
to users through banners 6-18
messages, to users through banners 6-18
metrics, in BGP 34-48
metric translations, between routing protocols 34-67
metro tags 16-2
MHSRP 35-3
MIBs
accessing files with FTP A-3
location of files A-3
overview 30-1
SNMP interaction with 30-4
supported A-1
mini-point-of-presence
mirroring traffic for analysis 27-1
mismatches, autonegotiation 39-13
module number 10-10
monitoring
802.1Q tunneling 16-18
access groups 31-41
ACL configuration 31-41
BGP 34-59
cables for unidirectional links 26-1
CDP 25-5
CEF 34-61
EIGRP 34-39
fallback bridging 38-11
features 1-10
Flex Links 20-3
HSRP 35-11
IGMP
filters 23-24
snooping 23-11
interfaces 10-26
IP
address tables 34-18
multicast routing 36-50
routes 34-74
Layer 2 protocol tunneling 16-18
MSDP peers 37-19
multicast router interfaces 23-12
MVR 23-19
network traffic for analysis with probe 27-2
OSPF 34-33
port
blocking 24-16
protection 24-16
private VLANs 14-15
RP mapping information 36-23
source-active messages 37-19
speed and duplex mode 10-19
traffic flowing among switches 28-1
traffic suppression 24-16
tunneling 16-18
VLAN
filters 31-42
maps 31-42
VLANs 12-15
VMPS 12-32
MSDP
benefits of 37-3
clearing MSDP connections and statistics 37-19
controlling source information
forwarded by switch 37-12
originated by switch 37-9
received by switch 37-14
default configuration 37-4
dense-mode regions
sending SA messages to 37-17
specifying the originating address 37-18
filtering
incoming SA messages 37-14
SA messages to a peer 37-12
SA requests from a peer 37-11
join latency, defined 37-6
meshed groups
configuring 37-16
defined 37-16
originating address, changing 37-18
overview 37-1
peer-RPF flooding 37-2
peers
configuring a default 37-4
monitoring 37-19
peering relationship, overview 37-1
requesting source information from 37-8
shutting down 37-16
source-active messages
caching 37-6
clearing cache entries 37-19
defined 37-2
filtering from a peer 37-11
filtering incoming 37-14
filtering to a peer 37-12
limiting data with TTL 37-14
monitoring 37-19
restricting advertised sources 37-9
support for 1-10
MSTP
boundary ports
configuration guidelines 18-14
described 18-5
BPDU filtering
described 19-3
enabling 19-14
BPDU guard
described 19-3
enabling 19-13
CIST, described 18-3
configuration guidelines 18-13, 19-12
configuring
forward-delay time 18-21
hello time 18-20
link type for rapid convergence 18-23
maximum aging time 18-22
maximum hop count 18-22
MST region 18-14
path cost 18-19
port priority 18-18
root switch 18-15
secondary root switch 18-17
switch priority 18-20
CST
defined 18-3
operations between regions 18-4
default configuration 18-13
default optional feature configuration 19-12
displaying status 18-24
enabling the mode 18-14
EtherChannel guard
described 19-10
enabling 19-17
extended system ID
effects on root switch 18-15
effects on secondary root switch 18-17
unexpected behavior 18-16
instances supported 17-10
interface state, blocking to forwarding 19-2
interoperability and compatibility among modes 17-11
interoperability with 802.1D
described 18-6
restarting migration process 18-23
IST
defined 18-3
master 18-3
operations within a region 18-3
loop guard
described 19-11
enabling 19-18
mapping VLANs to MST instance 18-14
MST region
CIST 18-3
configuring 18-14
described 18-2
hop-count mechanism 18-5
IST 18-3
supported spanning-tree instances 18-2
optional features supported 1-6
overview 18-2
Port Fast
described 19-2
enabling 19-12
preventing root switch selection 19-10
root guard
described 19-10
enabling 19-17
root switch
configuring 18-16
effects of extended system ID 18-15
unexpected behavior 18-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 18-6
status, displaying 18-24
multicast groups
Immediate Leave 23-5
joining 23-3
leaving 23-5
static joins 23-9
multicast packets
ACLs on 31-41
blocking 24-7
multicast router interfaces, monitoring 23-12
multicast router ports, adding 23-8
Multicast Source Discovery Protocol
multicast storm 24-1
multicast storm-control command 24-4
Multicast VLAN Registration
Multiple HSRP
MVR
and address aliasing 23-16
configuring interfaces 23-17
default configuration 23-15
described 23-12
in the switch stack 23-15
modes 23-17
monitoring 23-19
setting global parameters 23-16
support for 1-4
N
named IP ACLs 31-16
native VLAN
and 802.1Q tunneling 16-4
configuring 12-23
default 12-23
neighbor discovery/recovery, EIGRP 34-34
neighbors, BGP 34-54
Network Assistant
benefits 1-2
described 1-4
downloading image files 1-2
guide mode 1-2
management options 1-2
managing switch stacks 4-2, 4-16
requirements xxxviii
upgrading a switch B-19
wizards 1-2
network configuration examples
cost-effective wiring closet 1-15
high-performance wiring closet 1-16
increasing network performance 1-14
large network 1-20
long-distance, high-bandwidth transport 1-24
multidwelling network 1-23
providing network services 1-15
redundant Gigabit backbone 1-17
server aggregation and Linux server cluster 1-17
small to medium-sized network 1-19
network design
performance 1-14
services 1-15
network management
CDP 25-1
RMON 28-1
SNMP 30-1
Network Time Protocol
no commands 2-4
nonhierarchical policy maps
configuration guidelines 32-33
configuring 32-48
described 32-9
non-IP traffic filtering 31-28
nontrunking mode 12-18
normal-range VLANs
configuration modes 12-7
defined 12-1
no switchport command 10-4
note, described xxxviii
not-so-stubby areas
NSSA, OSPF 34-29
NTP
associations
authenticating 6-5
defined 6-2
enabling broadcast messages 6-7
peer 6-6
server 6-6
default configuration 6-4
displaying the configuration 6-11
overview 6-2
restricting access
creating an access group 6-9
disabling NTP services per interface 6-10
source IP address, configuring 6-10
stratum 6-2
support for 1-5
synchronizing devices 6-6
time
services 6-2
synchronizing 6-2
O
offline configuration for switch stacks 4-7
Open Shortest Path First
optimizing system resources 7-1
options, management 1-4
OSPF
area parameters, configuring 34-29
configuring 34-27
default configuration
metrics 34-31
route 34-31
settings 34-26
described 34-25
interface parameters, configuring 34-28
LSA group pacing 34-32
monitoring 34-33
router IDs 34-32
route summarization 34-30
support for 1-9
virtual links 34-30
out-of-profile markdown 1-9
P
packet modification, with QoS 32-19
PAgP
Layer 2 protocol tunneling 16-9
parallel paths, in routing tables 34-62
passive interfaces
configuring 34-70
OSPF 34-31
passwords
default configuration 8-2
disabling recovery of 8-5
encrypting 8-4
for security 1-7
overview 8-1
recovery of 39-3
setting
enable 8-3
enable secret 8-4
Telnet 8-6
with usernames 8-7
VTP domain 13-8
path cost
MSTP 18-19
STP 17-20
PBR
defined 34-67
enabling 34-69
fast-switched policy-based routing 34-70
local policy-based routing 34-70
peers, BGP 34-54
performance, network design 1-14
performance features 1-3
persistent self-signed certificate 8-43
per-VLAN spanning-tree plus
physical ports 10-2
PIM
default configuration 36-8
dense mode
overview 36-4
rendezvous point (RP), described 36-4
RPF lookups 36-7
displaying neighbors 36-51
enabling a mode 36-11
overview 36-3
router-query message interval, modifying 36-26
shared tree and source tree, overview 36-23
shortest path tree, delaying the use of 36-25
sparse mode
join messages and shared tree 36-4
overview 36-4
prune messages 36-5
RPF lookups 36-7
support for 1-10
versions
interoperability 36-9
troubleshooting interoperability problems 36-23
v2 improvements 36-4
PIM-DVMRP, as snooping method 23-8
ping
character output description 39-16
executing 39-15
overview 39-15
PoE
auto mode 10-8
CDP with power consumption, described 10-6
CDP with power negotiation, described 10-6
Cisco intelligent power management 10-6
configuring 10-21
devices supported 10-6
high-power devices operating in low-power mode 10-6
IEEE power classification levels 10-7
powered-device detection and initial power allocation 10-7
power management modes 10-8
power negotiation extensions to CDP 10-6
standards supported 10-6
static mode 10-8
supported watts per port 10-6
troubleshooting 39-13
policed-DSCP map for QoS 32-61
policers
configuring
for each matched traffic class 32-48
for more than one traffic class 32-57
described 32-4
displaying 32-77
number of 32-33
types of 32-9
policing
described 32-4
hierarchical
token-bucket algorithm 32-9
policy-based routing
policy maps
hierarchical 32-8
policy maps for QoS
characteristics of 32-48
described 32-7
displaying 32-78
hierarchical on SVIs
configuration guidelines 32-33
configuring 32-51
described 32-10
nonhierarchical on physical ports
configuration guidelines 32-33
configuring 32-48
described 32-9
POP 1-23
port ACLs
defined 31-2
types of 31-3
Port Aggregation Protocol
port-based authentication
accounting 9-5
authentication server
defined 9-2
RADIUS server 9-2
client, defined 9-2
configuration guidelines 9-12
configuring
802.1x authentication 9-14
guest VLAN 9-20
host mode 9-19
manual re-authentication of a client 9-17
periodic re-authentication 9-16
quiet period 9-17
RADIUS server 9-16
RADIUS server parameters on the switch 9-15
switch-to-client frame-retransmission number 9-18, 9-19
switch-to-client retransmission time 9-17
default configuration 9-11
described 9-1
device roles 9-2
displaying statistics 9-23
EAPOL-start frame 9-3
EAP-request/identity frame 9-3
EAP-response/identity frame 9-3
encapsulation 9-3
guest VLAN
configuration guidelines 9-9
described 9-8
host mode 9-5
initiation and message exchange 9-3
method lists 9-14
multiple-hosts mode, described 9-5
per-user ACLs
AAA authorization 9-14
configuration tasks 9-10
described 9-9
RADIUS server attributes 9-9
ports
authorization state and dot1x port-control command 9-4
authorized and unauthorized 9-4
voice VLAN 9-7
port security
and voice VLAN 9-6
described 9-6
interactions 9-6
multiple-hosts mode 9-5
resetting to default values 9-22
stack changes, effects of 9-10
statistics, displaying 9-23
switch
as proxy 9-2
RADIUS client 9-2
upgrading from a previous release 9-13, 32-26
VLAN assignment
AAA authorization 9-14
characteristics 9-8
configuration tasks 9-8
described 9-7
voice VLAN
described 9-7
PVID 9-7
VVID 9-7
port-channel
Port Fast
described 19-2
enabling 19-12
mode, spanning tree 12-29
support for 1-6
port membership modes, VLAN 12-3
port priority
MSTP 18-18
STP 17-18
ports
10-Gigabit Ethernet module 10-6
802.1Q tunnel 12-4
access 10-3
blocking 24-6
dynamic access 12-4
protected 24-5
routed 10-4
secure 24-7
switch 10-2
VLAN assignments 12-11
port security
aging 24-15
and QoS trusted boundary 32-38
and stacking 24-16
configuring 24-12
default configuration 24-10
described 24-7
displaying 24-16
on trunk ports 24-13
sticky learning 24-8
violations 24-9
with other features 24-10
port-shutdown response, VMPS 12-28
Power over Ethernet
preferential treatment of traffic
prefix lists, BGP 34-51
preventing unauthorized access 8-1
primary links 20-1
priority
HSRP 35-7
overriding CoS 15-6
trusting CoS 15-6
private VLAN edge ports
private VLANs
across multiple switches 14-4
and SDM template 14-4
and SVIs 14-5
and switch stacks 14-6
benefits of 14-1
community ports 14-2
configuration guidelines 14-7, 14-9
configuration tasks 14-6
configuring 14-10
default configuration 14-7
end station access to 14-3
IP addressing 14-3
isolated port 14-2
mapping 14-14
monitoring 14-15
ports
community 14-2
configuration guidelines 14-9
configuring host ports 14-12
configuring promiscuous ports 14-13
described 12-4
isolated 14-2
promiscuous 14-2
promiscuous ports 14-2
secondary VLANs 14-2
subdomains 14-1
traffic in 14-5
privileged EXEC mode 2-2
privilege levels
changing the default for lines 8-9
command switch 5-4
exiting 8-10
logging into 8-10
mapping on member switches 5-4
setting a command with 8-8
promiscuous ports
configuring 14-13
defined 14-2
protocol-dependent modules, EIGRP 34-35
Protocol-Independent Multicast Protocol
provisioning new members for a switch stack 4-7
proxy ARP
configuring 34-11
definition 34-9
with IP routing disabled 34-12
pruning, VTP
disabling
in VTP domain 13-14
on a port 12-23
enabling
in VTP domain 13-14
on a port 12-22
examples 13-5
overview 13-4
pruning-eligible list
changing 12-22
for VTP pruning 13-5
VLANs 13-14
PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Q
QoS
and MQC commands 32-1
auto-QoS
categorizing traffic 32-20
configuration and defaults display 32-30
configuration guidelines 32-25
described 32-20
disabling 32-27
displaying generated commands 32-27
displaying the initial configuration 32-30
effects on running configuration 32-25
egress queue defaults 32-21
enabling for VoIP 32-27
example configuration 32-28
ingress queue defaults 32-21
list of generated commands 32-22
basic model 32-4
classification
class maps, described 32-7
defined 32-4
DSCP transparency, described 32-39
flowchart 32-6
forwarding treatment 32-3
in frames and packets 32-3
MAC ACLs, described 32-5, 32-7
options for IP traffic 32-5
options for non-IP traffic 32-5
policy maps, described 32-7
trust DSCP, described 32-5
trusted CoS, described 32-5
trust IP precedence, described 32-5
class maps
configuring 32-46
displaying 32-77
configuration guidelines
auto-QoS 32-25
standard QoS 32-33
configuring
aggregate policers 32-57
auto-QoS 32-20
default port CoS value 32-37
DSCP maps 32-59
DSCP transparency 32-39
DSCP trust states bordering another domain 32-40
egress queue characteristics 32-70
ingress queue characteristics 32-65
IP extended ACLs 32-44
IP standard ACLs 32-42
MAC ACLs 32-45
policy maps, hierarchical 32-51
policy maps on physical ports 32-48
port trust states within the domain 32-35
trusted boundary 32-38
default auto configuration 32-20
default standard configuration 32-31
displaying statistics 32-77
DSCP transparency 32-39
egress queues
allocating buffer space 32-70
buffer allocation scheme, described 32-18
configuring shaped weights for SRR 32-74
configuring shared weights for SRR 32-75
described 32-4
displaying the threshold map 32-73
flowchart 32-17
mapping DSCP or CoS values 32-72
scheduling, described 32-4
setting WTD thresholds 32-70
WTD, described 32-19
enabling globally 32-34
flowcharts
classification 32-6
egress queueing and scheduling 32-17
ingress queueing and scheduling 32-15
policing and marking 32-11
implicit deny 32-7
ingress queues
allocating bandwidth 32-68
allocating buffer space 32-67
buffer and bandwidth allocation, described 32-16
configuring shared weights for SRR 32-68
configuring the priority queue 32-69
described 32-4
displaying the threshold map 32-66
flowchart 32-15
mapping DSCP or CoS values 32-66
priority queue, described 32-16
scheduling, described 32-4
setting WTD thresholds 32-66
WTD, described 32-16
IP phones
automatic classification and queueing 32-20
detection and trusted settings 32-20, 32-38
limiting bandwidth on egress interface 32-76
mapping tables
CoS-to-DSCP 32-59
displaying 32-77
DSCP-to-CoS 32-62
DSCP-to-DSCP-mutation 32-63
IP-precedence-to-DSCP 32-60
policed-DSCP 32-61
types of 32-12
marked-down actions 32-50, 32-54
overview 32-2
packet modification 32-19
policers
configuring 32-50, 32-54, 32-57
described 32-8
displaying 32-77
number of 32-33
types of 32-9
policies, attaching to an interface 32-8
policing
token bucket algorithm 32-9
policy maps
characteristics of 32-48
displaying 32-78
hierarchical 32-8
hierarchical on SVIs 32-51
nonhierarchical on physical ports 32-48
QoS label, defined 32-4
queues
configuring egress characteristics 32-70
configuring ingress characteristics 32-65
high priority (expedite) 32-19, 32-76
location of 32-13
SRR, described 32-14
WTD, described 32-13
rewrites 32-19
support for 1-8
trust states
bordering another domain 32-40
described 32-5
trusted device 32-38
within the domain 32-35
quality of service
queries, IGMP 23-4
R
RADIUS
attributes
vendor-proprietary 8-31
vendor-specific 8-29
configuring
accounting 8-28
authentication 8-23
authorization 8-27
communication, global 8-21, 8-29
communication, per-server 8-21
multiple UDP ports 8-21
default configuration 8-20
defining AAA server groups 8-25
displaying the configuration 8-31
identifying the server 8-21
limiting the services to the user 8-27
method list, defined 8-20
operation of 8-19
overview 8-18
suggested network environments 8-18
support for 1-8
tracking services accessed by user 8-28
range
macro 10-13
of interfaces 10-12
rapid convergence 18-8
rapid per-VLAN spanning-tree plus
rapid PVST+
802.1Q trunking interoperability 17-11
described 17-10
instances supported 17-10
Rapid Spanning Tree Protocol
RARP 34-9
rcommand command 5-4
RCP
configuration files
downloading B-17
overview B-15
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-31
preparing the server B-29
uploading B-33
reconfirmation interval, VMPS, changing 12-31
recovery procedures 39-1
redundancy
EtherChannel 33-2
HSRP 35-1
STP
backbone 17-9
multidrop backbone 19-5
path cost 12-26
port priority 12-24
redundant links and UplinkFast 19-15
reliable transport protocol, EIGRP 34-34
reloading software 3-16
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
Remote SPAN
report suppression, IGMP
described 23-5
disabling 23-10
requirements
cluster xxxix
device manager xxxviii
Network Assistant xxxviii
resequencing ACL entries 31-16
resets, in BGP 34-46
resetting a UDLD-shutdown interface 26-6
restricting access
NTP services 6-8
overview 8-1
passwords and privilege levels 8-2
RADIUS 8-17
TACACS+ 8-10
retry count, VMPS, changing 12-32
reverse address resolution 34-9
Reverse Address Resolution Protocol
RFC
1058, RIP 34-20
1112, IP multicast and IGMP 23-2
1157, SNMPv1 30-2
1163, BGP 34-40
1166, IP addresses 34-6
1253, OSPF 34-25
1267, BGP 34-40
1305, NTP 6-2
1587, NSSAs 34-25
1757, RMON 28-2
1771, BGP 34-40
1901, SNMPv2C 30-2
1902 to 1907, SNMPv2 30-2
2236, IP multicast and IGMP 23-2
2273-2275, SNMPv3 30-2
RIP
advertisements 34-20
authentication 34-23
configuring 34-21
default configuration 34-20
described 34-20
hop counts 34-20
split horizon 34-23
summary addresses 34-23
support for 1-9
RMON
default configuration 28-3
displaying status 28-6
enabling alarms and events 28-3
groups supported 28-2
overview 28-1
statistics
collecting group Ethernet 28-6
collecting group history 28-5
support for 1-10
root guard
described 19-10
enabling 19-17
support for 1-6
root switch
MSTP 18-15
STP 17-16
route calculation timers, OSPF 34-31
route dampening, BGP 34-58
routed packets, ACLs on 31-40
routed ports
configuring 34-4
defined 10-4
route-map command 34-69
route maps
BGP 34-49
policy-based routing 34-68
router ACLs
defined 31-2
types of 31-4
route reflectors, BGP 34-57
router ID, OSPF 34-32
route selection, BGP 34-47
route summarization, OSPF 34-30
routing
default 34-2
dynamic 34-3
redistribution of information 34-64
static 34-2
routing domain confederation, BGP 34-56
Routing Information Protocol
routing protocol administrative distances 34-63
RSPAN
and stack changes 27-10
characteristics 27-9
configuration guidelines 27-17
default configuration 27-11
destination ports 27-7
displaying status 27-24
in a switch stack 27-2
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-7
received traffic 27-5
session limits 27-11
sessions
creating 27-18
defined 27-4
limiting source traffic to specific VLANs 27-23
specifying monitored ports 27-18
with ingress traffic enabled 27-21
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
RSTP
active topology 18-7
BPDU
format 18-10
processing 18-11
designated port, defined 18-7
designated switch, defined 18-7
interoperability with 802.1D
described 18-6
restarting migration process 18-23
topology changes 18-11
overview 18-6
port roles
described 18-7
synchronized 18-9
proposal-agreement handshake process 18-8
rapid convergence
cross-stack rapid convergence 18-8
described 18-8
edge ports and Port Fast 18-8
point-to-point links 18-8, 18-23
root ports 18-8
root port, defined 18-7
running configuration, saving 3-10
S
scheduled reloads 3-16
SDM
described 7-1
switch stack consideration 4-10
templates
configuring 7-4
number of 7-1
SDM template
aggregator 7-1
configuring 7-3
desktop 7-1
types of 7-1
secondary VLANs 14-2
secure HTTP client
configuring 8-47
displaying 8-48
secure HTTP server
configuring 8-46
displaying 8-48
secure MAC addresses
and switch stacks 24-16
deleting 24-14
maximum number of 24-8
types of 24-8
secure ports
and switch stacks 24-16
configuring 24-7
secure remote connections 8-38
Secure Socket Layer
security, port 24-7
security features 1-7
sequence numbers in log messages 29-8
server mode, VTP 13-3
service-provider network, MSTP and RSTP 18-1
service-provider networks
and 802.1Q tunneling 16-1
and customer VLANs 16-2
Layer 2 protocols across 16-8
Layer 2 protocol tunneling for EtherChannels 16-9
set-request operation 30-4
setup program
failed command switch replacement 39-11
replacing failed command switch 39-10
severity levels, defining in system messages 29-9
SFPs
monitoring status of 1-11, 10-27, 39-15
numbering of 10-10
security and identification 39-14
status, displaying 1-11
shaped round robin
show access-lists hw-summary command 31-23
show and more command output, filtering 2-8
show cdp traffic command 25-5
show cluster members command 5-4
show configuration command 10-23
show forward command 39-23
show interfaces command 10-19, 10-23
show l2protocol command 16-13, 16-15, 16-16
show platform forward command 39-23
show running-config command
displaying ACLs 31-21, 31-22, 31-33, 31-35
interface description in 10-23
shutdown command on interfaces 10-28
shutdown threshold for Layer 2 protocol packets 16-11
Simple Network Management Protocol
small form-factor pluggable modules
Smartports macros
applying Cisco-default macros 11-6
applying global parameter values 11-5, 11-6
applying macros 11-5
applying parameter values 11-5, 11-7
configuration guidelines 11-3
creating 11-4
default configuration 11-2
defined 11-1
displaying 11-8
tracing 11-3
website 11-2
SNAP 25-1
SNMP
accessing MIB variables with 30-4
agent
described 30-4
disabling 30-8
authentication level 30-10
community strings
configuring 30-8
for cluster switches 30-4
overview 30-4
configuration examples 30-16
default configuration 30-6
engine ID 30-7
host 30-7
ifIndex values 30-5
in-band management 1-5
informs
and trap keyword 30-11
described 30-5
differences from traps 30-5
disabling 30-14
enabling 30-14
limiting access by TFTP servers 30-15
limiting system log messages to NMS 29-10
managing clusters with 5-5
MIBs
location of A-3
supported A-1
notifications 30-5
security levels 30-3
status, displaying 30-17
system contact and location 30-15
trap manager, configuring 30-13
traps
differences from informs 30-5
disabling 30-14
enabling 30-11
enabling MAC address notification 6-23
types of 30-11
versions supported 30-2
SNMPv1 30-2
SNMPv2C 30-2
SNMPv3 30-2
snooping, IGMP 23-1
software compatibility
software images
location in flash B-20
recovery procedures 39-2
scheduling reloads 3-16
tar file format, described B-20
See also downloading and uploading
source addresses, in ACLs 31-13
source-and-destination-IP address based forwarding, EtherChannel 33-8
source-and-destination MAC address forwarding, EtherChannel 33-8
source-IP address based forwarding, EtherChannel 33-8
source-MAC address forwarding, EtherChannel 33-7
SPAN
and stack changes 27-10
configuration guidelines 27-11
default configuration 27-11
destination ports 27-7
displaying status 27-24
interaction with other features 27-9
monitored ports 27-6
monitoring ports 27-7
ports, restrictions 24-11
received traffic 27-5
session limits 27-11
sessions
configuring ingress forwarding 27-16, 27-22
creating 27-12
defined 27-4
limiting source traffic to specific VLANs 27-16
removing destination (monitoring) ports 27-14
specifying monitored ports 27-12
with ingress traffic enabled 27-15
source ports 27-6
transmitted traffic 27-6
VLAN-based 27-7
spanning tree and native VLANs 12-19
Spanning Tree Protocol
SPAN traffic 27-5
speed, configuring on interfaces 10-16
split horizon, RIP 34-23
SRR
configuring
shaped weights on egress queues 32-74
shared weights on egress queues 32-75
shared weights on ingress queues 32-68
described 32-14
shaped mode 32-14
shared mode 32-14
support for 1-9
SSH
configuring 8-39
cryptographic software image 8-37
encryption methods 8-38
switch stack considerations 4-17, 8-38
user authentication methods, supported 8-38
SSL
configuration guidelines 8-44
configuring a secure HTTP client 8-47
configuring a secure HTTP server 8-45
cryptographic software image 8-42
described 8-41
monitoring 8-48
stack changes, effects on
802.1x port-based authentication 9-10
ACL configuration 31-7
CDP 25-2
cross-stack EtherChannel 33-12
EtherChannel 33-9
fallback bridging 38-3
HSRP 35-4
IGMP snooping 23-6
IP routing 34-3
MAC address tables 6-22
MSTP 18-6
multicast routing 36-8
MVR 23-13
port security 24-16
SDM template selection 7-2
SNMP 30-1
SPAN and RSPAN 27-10
STP 17-12
system message log 29-2
VLANs 12-7
VTP 13-6
stack master
bridge ID (MAC address) 4-5
defined 4-1
election 4-4
re-election 4-4
stack member
accessing CLI of specific member 4-22
configuring
member number 4-20
priority value 4-21
defined 4-1
displaying information of 4-22
number 4-6
priority value 4-7
provisioning a new member 4-21
replacing 4-15
stack member number 10-10
stack protocol version 4-11
stacks, switch
accessing CLI of specific member 4-22
assigning information
member number 4-20
priority value 4-21
provisioning a new member 4-21
auto-advise 4-12
auto-copy 4-12
auto-upgrade 4-12
benefits 1-2
bridge ID 4-5
CDP considerations 25-2
compatibility, software 4-10
configuration file 4-15
configuration scenarios 4-17
copying an image file from one member to another B-34
default configuration 4-20
description of 4-1
displaying information of 4-22
hardware compatibility and SDM mismatch mode 4-10
HSRP considerations 35-4
incompatible software and image upgrades 4-15, B-34
MAC address considerations 6-22
management connectivity 4-16
managing 4-1
membership 4-3
merged 4-3
MSTP instances supported 17-10
multicast routing, stack master and member roles 36-8
offline configuration
described 4-7
effects of adding a provisioned switch 4-8
effects of removing a provisioned switch 4-10
effects of replacing a provisioned switch 4-10
provisioned configuration, defined 4-7
provisioned switch, defined 4-7
provisioning a new member 4-21
provisioned switch
adding 4-8
removing 4-10
replacing 4-10
replacing a failed member 4-15
See also stack master and stack member
software compatibility 4-10
software image version 4-10
stack protocol version 4-11
STP
bridge ID 17-3
instances supported 17-10
root port selection 17-3
stack root switch election 17-3
system messages
hostnames in the display 29-1
remotely monitoring 29-2
system prompt consideration 6-14
system-wide configuration considerations 4-16
upgrading B-34
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 4-12
described 4-12
examples 4-13
manual upgrades with auto-advise 4-12
StackWise technology, Cisco 1-3
standby command switch, requirements 5-2
standby ip command 35-5
standby links 20-1
standby router 35-1
standby timers, HSRP 35-9
startup configuration
booting
manually 3-13
specific image 3-13
clearing B-19
configuration file
automatically downloading 3-12
specifying the filename 3-12
default boot configuration 3-12
static access ports
assigning to VLAN 12-11
static addresses
static IP routing 1-9
static MAC addressing 1-7
static routes, configuring 34-62
static routing 34-2
static VLAN membership 12-2
statistics
802.1x 9-23
CDP 25-5
interface 10-26
IP multicast routing 36-51
OSPF 34-33
QoS ingress and egress 32-77
RMON group Ethernet 28-6
RMON group history 28-5
SNMP input and output 30-17
VTP 13-15
sticky learning 24-8
storm control
configuring 24-3
described 24-1
disabling 24-5
displaying 24-16
support for 1-4
thresholds 24-1
STP
802.1D and bridge ID 17-4
802.1D and multicast addresses 17-9
802.1t and VLAN identifier 17-4
accelerating root port selection 19-4
BackboneFast
described 19-7
disabling 19-17
enabling 19-16
BPDU filtering
described 19-3
disabling 19-15
enabling 19-14
BPDU guard
described 19-3
disabling 19-14
enabling 19-13
BPDU message exchange 17-3
configuration guidelines 17-13, 19-12
configuring
forward-delay time 17-23
hello time 17-22
maximum aging time 17-23
path cost 17-20
port priority 17-18
root switch 17-16
secondary root switch 17-18
spanning-tree mode 17-15
switch priority 17-21
counters, clearing 17-24
cross-stack UplinkFast
described 19-5
enabling 19-16
default configuration 17-13
default optional feature configuration 19-12
designated port, defined 17-4
designated switch, defined 17-4
detecting indirect link failures 19-8
disabling 17-16
displaying status 17-24
EtherChannel guard
described 19-10
disabling 19-17
enabling 19-17
extended system ID
effects on root switch 17-16
effects on the secondary root switch 17-18
overview 17-4
unexpected behavior 17-16
features supported 1-6
inferior BPDU 17-3
instances supported 17-10
interface state, blocking to forwarding 19-2
interface states
blocking 17-7
disabled 17-8
learning 17-7
listening 17-7
overview 17-5
interoperability and compatibility among modes 17-11
keepalive messages 17-2
Layer 2 protocol tunneling 16-8
limitations with 802.1Q trunks 17-11
load sharing
overview 12-24
using path costs 12-26
using port priorities 12-24
loop guard
described 19-11
enabling 19-18
modes supported 17-10
multicast addresses, effect of 17-9
optional features supported 1-6
overview 17-2
Port Fast
described 19-2
enabling 19-12
port priorities 12-25
preventing root switch selection 19-10
protocols supported 17-10
redundant connectivity 17-9
root guard
described 19-10
enabling 19-17
root port, defined 17-3
root port selection on a switch stack 17-3
root switch
configuring 17-16
effects of extended system ID 17-4, 17-16
election 17-3
unexpected behavior 17-16
shutdown Port Fast-enabled port 19-3
stack changes, effects of 17-12
status, displaying 17-24
superior BPDU 17-3
timers, described 17-22
UplinkFast
described 19-4
enabling 19-15
VLAN-bridge 17-12
stratum, NTP 6-2
stub areas, OSPF 34-29
subdomains, private VLAN 14-1
subnet mask 34-6
subnet zero 34-7
success response, VMPS 12-28
summer time 6-13
SunNet Manager 1-4
supernet 34-7
SVIs
and IP unicast routing 34-4
and router ACLs 31-4
connecting VLANs 10-9
defined 10-5
routing between VLANs 12-2
switch clustering technology 5-1
switch console port 1-5
Switch Database Management
switched packets, ACLs on 31-39
Switched Port Analyzer
switched ports 10-2
switchport block multicast command 24-7
switchport block unicast command 24-7
switchport command 10-15
switchport mode dot1q-tunnel command 16-6
switchport protected command 24-6
switch priority
MSTP 18-20
STP 17-21
switch software features 1-1
switch virtual interface
synchronization, BGP 34-44
syslog
system clock
configuring
daylight saving time 6-13
manually 6-11
summer time 6-13
time zones 6-12
displaying the time and date 6-12
overview 6-2
system message logging
default configuration 29-4
defining error message severity levels 29-9
disabling 29-4
displaying the configuration 29-13
enabling 29-5
facility keywords, described 29-13
level keywords, described 29-10
limiting messages 29-10
message format 29-2
overview 29-1
sequence numbers, enabling and disabling 29-8
setting the display destination device 29-5
stack changes, effects of 29-2
synchronizing log messages 29-6
syslog facility 1-10
time stamps, enabling and disabling 29-8
UNIX syslog servers
configuring the daemon 29-11
configuring the logging facility 29-12
facilities supported 29-13
system MTU and 802.1Q tunneling 16-5
system name
default configuration 6-15
default setting 6-15
manual configuration 6-15
system prompt
manual configuration 6-16
system resources, optimizing 7-1
T
TACACS+
accounting, defined 8-11
authentication, defined 8-11
authorization, defined 8-11
configuring
accounting 8-17
authentication key 8-13
authorization 8-16
login authentication 8-14
default configuration 8-13
displaying the configuration 8-17
identifying the server 8-13
limiting the services to the user 8-16
operation of 8-12
overview 8-10
support for 1-8
tracking services accessed by user 8-17
tagged packets
802.1Q 16-3
Layer 2 protocol 16-8
tar files
creating B-6
displaying the contents of B-7
extracting B-7
image file format B-20
TDR 1-11
Telnet
accessing management interfaces 2-9
number of connections 1-5
setting a password 8-6
templates, SDM 7-1
temporary self-signed certificate 8-43
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 8-6
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-12
configuration files in base directory 3-6
configuring for autoconfiguration 3-5
image files
deleting B-23
downloading B-22
preparing the server B-21
uploading B-24
limiting access by servers 30-15
TFTP server 1-5
threshold, traffic level 24-2
time
Time Domain Reflector
time-range command 31-18
time ranges in ACLs 31-18
time stamps in log messages 29-8
time zones 6-12
Token Ring VLANs
support for 12-6
VTP support 13-4
ToS 1-8
traceroute, Layer 2
and ARP 39-17
and CDP 39-17
broadcast traffic 39-17
described 39-17
IP addresses and subnets 39-17
MAC addresses and VLANs 39-17
multicast traffic 39-17
multiple devices on a port 39-18
unicast traffic 39-17
usage guidelines 39-17
traceroute command 39-19
traffic
blocking flooded 24-6
fragmented 31-6
unfragmented 31-6
traffic policing 1-9
traffic suppression 24-1
transparent mode, VTP 13-3, 13-12
trap-door mechanism 3-2
traps
configuring MAC address notification 6-23
configuring managers 30-11
defined 30-3
notification types 30-11
troubleshooting
connectivity problems 39-15, 39-16, 39-18
detecting unidirectional links 26-1
displaying crash information 39-25
PIMv1 and PIMv2 interoperability problems 36-23
setting packet forwarding 39-23
SFP security and identification 39-14
show forward command 39-23
with CiscoWorks 30-4
with debug commands 39-21
with ping 39-15
with system message logging 29-1
with traceroute 39-18
trunking encapsulation 1-6
trunk ports
configuring 12-20
encapsulation 12-20, 12-25, 12-27
secure MAC addresses on 24-12
trunks
allowed-VLAN list 12-21
configuring 12-20, 12-25, 12-27
ISL 12-16
load sharing
setting STP path costs 12-26
using STP port priorities 12-24, 12-25
native VLAN for untagged traffic 12-23
parallel 12-26
pruning-eligible list 12-22
to non-DTP device 12-17
understanding 12-17
trusted boundary for QoS 32-38
trusted port states
between QoS domains 32-40
classification options 32-5
ensuring port security for IP phones 32-38
support for 1-8
within a QoS domain 32-35
trustpoints, CA 8-42
tunneling
802.1Q 16-1
defined 16-1
Layer 2 protocol 16-8
tunnel ports
802.1Q, configuring 16-6
defined 12-4
incompatibilities with other features 16-6
twisted-pair Ethernet, detecting unidirectional links 26-1
type of service
U
UDLD
default configuration 26-4
disabling
fiber-optic interfaces 26-5
globally 26-5
per interface 26-5
echoing detection mechanism 26-3
enabling
globally 26-4
per interface 26-5
Layer 2 protocol tunneling 16-10
link-detection mechanism 26-1
neighbor database 26-2
overview 26-1
resetting an interface 26-6
status, displaying 26-6
support for 1-6
UDP, configuring 34-16
unauthorized ports with 802.1x 9-4
unicast MAC address filtering 1-5
and adding static addresses 6-27
and broadcast MAC addresses 6-26
and CPU packets 6-26
and multicast addresses 6-26
and router MAC addresses 6-26
configuration guidelines 6-26
described 6-26
unicast storm 24-1
unicast storm control command 24-4
unicast traffic, blocking 24-7
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 29-11
facilities supported 29-13
message logging configuration 29-12
unrecognized Type-Length-Value (TLV) support 13-4
upgrading information
upgrading software images
UplinkFast
described 19-4
disabling 19-16
enabling 19-15
support for 1-6
uploading
configuration files
reasons for B-8
using FTP B-14
using RCP B-18
using TFTP B-12
image files
reasons for B-19
using FTP B-28
using RCP B-33
using TFTP B-24
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 8-7
V
version-dependent transparent mode 13-4
version-mismatch (VM) mode
automatic upgrades with auto-upgrade 4-12
described 4-12
displaying 4-12
manual upgrades with auto-advise 4-12
vlan.dat file 12-5
VLAN 1, disabling on a trunk port 12-22
VLAN 1 minimization 12-21
VLAN ACLs
vlan-assignment response, VMPS 12-28
VLAN configuration
at bootup 12-8
saving 12-8
VLAN configuration mode 2-2, 12-7
VLAN database
and startup configuration file 12-8
and VTP 13-1
VLAN configuration saved in 12-7
VLANs saved in 12-4
vlan database command 12-7
vlan dot1q tag native command 16-5
VLAN filtering and SPAN 27-7
vlan global configuration command 12-7
VLAN ID, discovering 6-28
VLAN management domain 13-2
VLAN Management Policy Server
VLAN map entries, order of 31-31
VLAN maps
applying 31-35
common uses for 31-35
configuration example 31-36
configuration guidelines 31-31
configuring 31-31
creating 31-32
defined 31-2
denying access example 31-37
denying and permitting packets 31-33
displaying 31-42
examples 31-37
removing 31-35
support for 1-7
with router ACLs 31-41
VLAN membership
confirming 12-31
modes 12-3
VLAN Query Protocol
VLANs
adding 12-9
adding to VLAN database 12-9
aging dynamic addresses 17-10
allowed on trunk 12-21
and spanning-tree instances 12-3, 12-6, 12-13
configuration guidelines, extended-range VLANs 12-13
configuration guidelines, normal-range VLANs 12-6
configuration options 12-7
configuring 12-1
configuring IDs 1006 to 4094 12-13
connecting through SVIs 10-9
creating in config-vlan mode 12-9
creating in VLAN configuration mode 12-10
customer numbering in service-provider networks 16-3
default configuration 12-8
deleting 12-10
displaying 12-15
features 1-6
illustrated 12-2
internal 12-13
in the switch stack 12-7
limiting source traffic with RSPAN 27-23
limiting source traffic with SPAN 27-16
modifying 12-9
native, configuring 12-23
number supported 1-6
parameters 12-5
port membership modes 12-3
static-access ports 12-11
STP and 802.1Q trunks 17-11
supported 12-3
Token Ring 12-6
traffic between 12-2
VTP modes 13-3
VLAN Trunking Protocol
VMPS
administering 12-32
configuration example 12-33
configuration guidelines 12-29
default configuration 12-29
description 12-27
dynamic port membership
described 12-28
reconfirming 12-31
troubleshooting 12-33
entering server address 12-30
mapping MAC addresses to VLANs 12-28
monitoring 12-32
reconfirmation interval, changing 12-31
reconfirming membership 12-31
retry count, changing 12-32
voice-over-IP 15-1
voice VLAN
Cisco 7960 phone, port connections 15-1
configuration guidelines 7-4, 15-3
configuring IP phones for data traffic
override CoS of incoming frame 15-6
trust CoS priority of incoming frame 15-6
configuring ports for voice traffic in
802.1p priority tagged frames 15-5
802.1Q frames 15-5
connecting to an IP phone 15-4
default configuration 15-3
described 15-1
displaying 15-6
VTP
adding a client to a domain 13-14
and extended-range VLANs 13-2
and normal-range VLANs 13-2
client mode, configuring 13-11
configuration
global configuration mode 13-7
guidelines 13-8
privileged EXEC mode 13-7
requirements 13-9
saving 13-7
VLAN configuration mode 13-8
configuration mode options 13-7
configuration requirements 13-9
configuration revision number
guideline 13-14
resetting 13-15
configuring
client mode 13-11
server mode 13-9
transparent mode 13-12
consistency checks 13-4
default configuration 13-7
described 13-1
disabling 13-12
domain names 13-8
domains 13-2
Layer 2 protocol tunneling 16-8
modes
transitions 13-3
monitoring 13-15
passwords 13-8
pruning
disabling 13-14
enabling 13-14
examples 13-5
overview 13-4
support for 1-7
pruning-eligible list, changing 12-22
server mode, configuring 13-9
statistics 13-15
support for 1-7
Token Ring support 13-4
transparent mode, configuring 13-12
using 13-1
version, guidelines 13-9
Version 1 13-4
Version 2
configuration guidelines 13-9
disabling 13-13
enabling 13-13
overview 13-4
W
weighted tail drop
wizards 1-2
WTD
described 32-13
setting thresholds
egress queue-sets 32-70
ingress queues 32-66
support for 1-9
X
Xmodem protocol 39-2