A -
B -
C -
D -
E -
F -
G -
H -
I -
J -
L -
M -
N -
O -
P -
Q -
R -
S -
T -
U -
V -
Index
A
aaa accounting dot1x command 2-1
aaa authentication dot1x command 2-3, 2-827
aaa authorization network command 2-5, 2-28, 2-34, 2-36, 2-38, 2-40, 2-42, 2-135, 2-299, 2-491, B-8, B-33
AAA methods 2-3, 2-827
access control entries
See ACEs
access control lists
See ACLs
access groups
IP 2-187
MAC, displaying 2-610
access list, IPv6 2-257
access map configuration mode 2-325
access mode 2-787
access ports 2-787
ACEs 2-126, 2-403
ACLs
deny 2-124
displaying 2-467
for non-IP protocols 2-303
IP 2-187
matching 2-325
on Layer 2 interfaces 2-187
permit 2-401
action command 2-6
address aliasing 2-375
aggregate-port learner 2-389
alarm command 2-12
alarm facility fcs-hysteresis command 2-8
alarm facility power-supply command 2-9
alarm facility temperature command 2-10
alarm IDs 2-13, 2-470
alarm profile
attaching to a port 2-14
creating 2-12
displaying 2-471
alarm profile (global configuration) command 2-12
alarm profile (interface configuration) command 2-14
alarm profile configuration mode 2-12
allowed VLANs 2-806
archive download-sw command 2-16
archive tar command 2-19
archive upload-sw command 2-22
arp access-list command 2-24
authentication command bounce-port ignore 2-26
authentication command disable-port ignore 2-27
authentication control-direction command 2-28
authentication event command 2-30
authentication failed VLAN
See dot1x auth-fail vlan
authentication fallback command 2-34
authentication host-mode command 2-36
authentication mac-move permit command 2-38
authentication open command 2-40
authentication order command 2-42
authentication periodic command 2-44
authentication port-control command 2-46
authentication priority command 2-48
authentication timer command 2-50
authentication violation command 2-52
auth-fail max-attempts
See dot1x auth-fail max-attempts
auth-fail vlan
See dot1x auth-fail vlan
auth open command 2-40
auth order command 2-42
authorization state of controlled port 2-153
auth timer command 2-50
autonegotiation of duplex mode 2-165
auto qos voip command 2-54
B
BackboneFast, for STP 2-721
backup interfaces
configuring 2-780
displaying 2-541
boot (boot loader) command A-2
boot config-file command 2-60
boot enable-break command 2-61
boot helper command 2-62
boot helper-config file command 2-63
booting
Cisco IOS image 2-66
displaying environment variables 2-485
interrupting 2-61
manually 2-64
boot loader
accessing A-1
booting
Cisco IOS image A-2
helper image 2-62
directories
creating A-14
displaying a list of A-7
removing A-18
displaying
available commands A-12
memory heap utilization A-13
version A-25
environment variables
described A-19
displaying settings A-19
location of A-20
setting A-19
unsetting A-23
files
copying A-5
deleting A-6
displaying a list of A-7
displaying the contents of A-4, A-15, A-22
renaming A-16
file system
formatting A-10
initializing flash A-9
running a consistency check A-11
resetting the system A-17
boot manual command 2-64
boot private-config-file command 2-65
boot system command 2-66
boundary clock mode 2-422
BPDU filtering, for spanning tree 2-722, 2-753
BPDU guard, for spanning tree 2-724, 2-753
broadcast storm control 2-771
C
candidate switches
See clusters
cat (boot loader) command A-4
CDP, enabling protocol tunneling for 2-281
channel-group command 2-67
channel-protocol command 2-70
Cisco SoftPhone
auto-QoS configuration 2-54
trusting packets sent from 2-366
CISP
See Client Information Signalling Protocol
cisp
debug platform cisp command B-33
cisp enable command 2-73
class command 2-74
class-map command 2-77
class maps
creating 2-77
defining the match criteria 2-327
displaying 2-492
class of service
See CoS
clear dot1x command 2-79
clear eap sessions command 2-80
clear errdisable interface 2-81
clear ip arp inspection log command 2-82
clear ip arp inspection statistics command 2-83
clear ipc command 2-86
clear ip dhcp snooping database command 2-84
clear ipv6 dhcp conflict command 2-87
clear l2protocol-tunnel counters command 2-88
clear lacp command 2-89
clear mac address-table command 2-90, 2-92
clear nmsp statistics command 2-93
clear pagp command 2-94, 2-97
clear port-security command 2-95
clear spanning-tree counters command 2-98
clear spanning-tree detected-protocols command 2-99
clear vmps statistics command 2-100
clear vtp counters command 2-101
Client Information Signalling Protocol 2-73, 2-135, 2-491, B-8, B-33
cluster commander-address command 2-102
cluster discovery hop-count command 2-104
cluster enable command 2-105
cluster holdtime command 2-106
cluster member command 2-107
cluster outside-interface command 2-109
cluster run command 2-110
clusters
adding candidates 2-107
binding to HSRP group 2-111
building manually 2-107
communicating with
devices outside the cluster 2-109
members by using Telnet 2-431
debug messages, display B-9
displaying
candidate switches 2-495
debug messages B-9
member switches 2-497
status 2-493
hop-count limit for extended discovery 2-104
HSRP standby groups 2-111
redundancy 2-111
SNMP trap 2-711
cluster standby-group command 2-111
cluster timer command 2-113
command modes defined 1-1
command switch
See clusters
configuration files
password recovery disable considerations A-1
specifying the name 2-60, 2-65
configuring multiple interfaces 2-183
copy (boot loader) command A-5
CoS
assigning default value to incoming packets 2-336
assigning to Layer 2 protocol packets 2-284
overriding the incoming value 2-336
CoS-to-DSCP map 2-340
CPU ASIC statistics, displaying 2-499
crashinfo files 2-175
critical VLAN 2-31
D
debug authentication B-2
debug auto qos command B-4
debug backup command B-6, B-7
debug cip B-7
debug cisp command B-8
debug cluster command B-9
debug dot1x command B-11
debug dtp command B-12
debug eap command B-13, B-87
debug etherchannel command B-14
debug interface command B-15
debug ip dhcp snooping command B-16
debug ip igmp filter command B-18
debug ip igmp max-groups command B-19
debug ip igmp snooping command B-20
debug ip verify source packet command B-17
debug lacp command B-21
debug lldp packets command B-22
debug mac-notification command B-23
debug matm command B-24
debug matm move update command B-25
debug monitor command B-26
debug mvrdbg command B-27
debug nmsp command B-28
debug nvram command B-29
debug pagp command B-30
debug platform acl command B-31
debug platform backup interface command B-32
debug platform cisp command B-33
debug platform cpu-queues command B-34
debug platform dot1x command B-36
debug platform etherchannel command B-37
debug platform fallback-bridging command B-38
debug platform forw-tcam command B-39
debug platform ip arp inspection command B-40
debug platform ip dhcp command B-41
debug platform ip igmp snooping command B-42
debug platform ip multicast command B-44
debug platform ip source-guard command B-46
debug platform ip unicast command B-47
debug platform ip wccp command B-49
debug platform led command B-50
debug platform matm command B-51
debug platform messaging application command B-52
debug platform phy command B-53
debug platform pm command B-55
debug platform port-asic command B-57
debug platform port-security command B-58
debug platform qos-acl-tcam command B-59
debug platform resource-manager command B-60
debug platform snmp command B-61
debug platform span command B-62
debug platform supervisor-asic command B-63
debug platform sw-bridge command B-64
debug platform tcam command B-65
debug platform udld command B-68
debug platform vlan command B-69
debug pm command B-70
debug port-security command B-72
debug profinet alarm B-73
debug profinet cyclic B-75
debug profinet error B-77
debug profinet packet B-79
debug profinet platform B-81
debug profinet topology B-83
debug profinet trace B-85
debug qos-manager command B-88
debug spanning-tree backbonefast command B-91
debug spanning-tree bpdu command B-92
debug spanning-tree bpdu-opt command B-93
debug spanning-tree command B-89
debug spanning-tree mstp command B-94
debug spanning-tree switch command B-96
debug spanning-tree uplinkfast command B-98
debug sw-vlan command B-99
debug sw-vlan ifs command B-101
debug sw-vlan notification command B-102
debug sw-vlan vtp command B-103
debug udld command B-105
debug vqpc command B-107
defaultPort profile 2-13, 2-14
define interface-range command 2-114
delete (boot loader) command A-6
delete command 2-116
deny (ARP access-list configuration) command 2-117
deny (IPv6) command 2-119
deny command 2-124
detect mechanism, causes 2-167
DHCP snooping
accepting untrusted packets from edge switch 2-218
enabling
on a VLAN 2-225
option 82 2-216, 2-218
trust on an interface 2-223
error recovery timer 2-172
rate limiting 2-222
DHCP snooping binding database
binding file, configuring 2-214
bindings
adding 2-212
deleting 2-212
displaying 2-561
clearing database agent statistics 2-84
database agent, configuring 2-214
displaying
binding entries 2-561
database agent status 2-563, 2-565
renewing 2-435
dir (boot loader) command A-7
directories, deleting 2-116
domain name, VTP 2-842
dot1x auth-fail max-attempts 2-129
dot1x auth-fail vlan 2-131
dot1x command 2-127
dot1x control-direction command 2-133
dot1x credentials (global configuration) command 2-135
dot1x critical global configuration command 2-136
dot1x critical interface configuration command 2-138
dot1x default command 2-140
dot1x fallback command 2-141
dot1x guest-vlan command 2-142
dot1x host-mode command 2-144
dot1x initialize command 2-146
dot1x mac-auth-bypass command 2-147
dot1x max-reauth-req command 2-149
dot1x max-req command 2-151
dot1x pae command 2-152
dot1x port-control command 2-153
dot1x re-authenticate command 2-155
dot1x reauthentication command 2-156
dot1x supplicant force-multicast command 2-157
dot1x test eapol-capable command 2-158
dot1x test timeout command 2-159
dot1x timeout command 2-160
dot1x violation-mode command 2-163
dropping packets, with ACL matches 2-6
drop threshold, Layer 2 protocol tunneling 2-281
DSCP-to-CoS map 2-340
DSCP-to-DSCP-mutation map 2-340
DTP 2-788
DTP flap
error detection for 2-167
error recovery timer 2-172
DTP negotiation 2-792
dual-purpose uplink ports
selecting the type 2-330
duplex command 2-164
dynamic-access ports
configuring 2-776
restrictions 2-777
dynamic ARP inspection
ARP ACLs
apply to a VLAN 2-195
define 2-24
deny packets 2-117
display 2-476
permit packets 2-393
clear
log buffer 2-82
statistics 2-83
display
ARP ACLs 2-476
configuration and operating state 2-556
log buffer 2-556
statistics 2-556
trust state and rate limit 2-556
enable per VLAN 2-205
error detection for 2-167
error recovery timer 2-172
log buffer
clear 2-82
configure 2-199
display 2-556
rate-limit incoming ARP packets 2-197
statistics
clear 2-83
display 2-556
trusted interface state 2-201
type of packet logged 2-206
validation checks 2-203
dynamic auto VLAN membership mode 2-787
dynamic desirable VLAN membership mode 2-787
Dynamic Host Configuration Protocol (DHCP)
See DHCP snooping
Dynamic Trunking Protocol
See DTP
E
EAP-request/identity frame
maximum number to send 2-151
response time before retransmitting 2-160
environmental alarms, displaying 2-473
environment variables, displaying 2-485
epm access-control open 2-166
errdisable detect cause command 2-167
errdisable detect cause small-frame comand 2-169
errdisable recovery cause small-frame 2-171
errdisable recovery command 2-172
error conditions, displaying 2-526
error disable detection 2-167
error-disabled interfaces, displaying 2-541
EtherChannel
assigning Ethernet interface to channel group 2-67
creating port-channel logical interface 2-181
debug EtherChannel/PAgP, display B-14
debug platform-specific events, display B-37
displaying 2-530
enabling Layer 2 protocol tunneling for
LACP 2-282
PAgP 2-282
UDLD 2-282
interface information, displaying 2-541
LACP
clearing channel-group information 2-89
debug messages, display B-21
displaying 2-601
modes 2-67
port priority for hot-standby ports 2-285
restricting a protocol 2-70
system priority 2-287
load-distribution methods 2-411
PAgP
aggregate-port learner 2-389
clearing channel-group information 2-94
debug messages, display B-30
displaying 2-658
error detection for 2-167
error recovery timer 2-172
learn method 2-389
modes 2-67
physical-port learner 2-389
priority of interface for transmitted traffic 2-391
Ethernet controller, internal register display 2-501
Ethernet statistics, collecting 2-451
exception crashinfo command 2-175
Express Setup button, and password recovery 2-455
extended discovery of candidate switches 2-104
extended-range VLANs
and allowed VLAN list 2-806
and pruning-eligible list 2-806
extended system ID for STP 2-730
F
facility alarm relays, displaying 2-533
facility alarm status, displaying 2-534
fallback profile command 2-176
fallback profiles, displaying 2-535
FCS bit error rate
displaying 2-537
fluctuation threshold 2-8
setting 2-178
FCS hysteresis threshold 2-8
fcs-threshold command 2-178
file name, VTP 2-842
files, deleting 2-116
flash_init (boot loader) command A-9
flexible authentication ordering 2-42
Flex Links
configuring 2-780
configuring preferred VLAN 2-782
displaying 2-541
flowcontrol command 2-179
format (boot loader) command A-10
forwarding packets, with ACL matches 2-6
forwarding results, display C-6
frame check sequence
See FCS
frame forwarding information, displaying C-6
fsck (boot loader) command A-11
G
global configuration mode 1-2, 1-3
H
hardware ACL statistics 2-467
help (boot loader) command A-12
hierarchical policy maps 2-409
hop-count limit for clusters 2-104
host connection, port configuration 2-786
host ports, private VLANs 2-790
Hot Standby Router Protocol
See HSRP
HSRP
binding HSRP group to cluster 2-111
standby group 2-111
I
IEEE 802.1Q trunk ports and native VLANs 2-833
IEEE 802.1Q tunnel ports
configuring 2-787
displaying 2-512
limitations 2-788
IEEE 802.1x
and switchport modes 2-788
violation error recovery 2-172
See also port-based authentication
IEEE 802.1X Port Based Authentication
enabling guest VLAN supplicant 2-130, 2-141, 2-177
IGMP filters
applying 2-228
debug messages, display B-18
IGMP groups, setting maximum 2-229
IGMP maximum groups, debugging B-19
IGMP profiles
creating 2-231
displaying 2-568
IGMP snooping
adding ports as a static member of a group 2-247
displaying 2-569, 2-574, 2-576
enabling 2-233
enabling the configurable-leave timer 2-235
enabling the Immediate-Leave feature 2-244
flooding query count 2-241
interface topology change notification behavior 2-243
multicast table 2-572
querier 2-237
query solicitation 2-241
report suppression 2-239
switch topology change notification behavior 2-241
images
See software images
Immediate-Leave feature, MVR 2-377
immediate-leave processing 2-244
Immediate-Leave processing, IPv6 2-277
interface configuration mode 1-2, 1-4
interface port-channel command 2-181
interface range command 2-183
interface-range macros 2-114
interfaces
assigning Ethernet interface to channel group 2-67
configuring 2-164
configuring multiple 2-183
creating port-channel logical 2-181
debug messages, display B-15
disabling 2-707
displaying the MAC address table 2-622
restarting 2-707
interface speed, configuring 2-763
interface vlan command 2-185
internal registers, displaying 2-501, 2-508
Internet Group Management Protocol
See IGMP
invalid GBIC
error detection for 2-167
error recovery timer 2-172
ip access-group command 2-187
ip address command 2-190
IP addresses, setting 2-190
IP address matching 2-325
ip admission command 2-192
ip admission name proxy http command 2-193
ip arp inspection filter vlan command 2-195
ip arp inspection limit command 2-197
ip arp inspection log-buffer command 2-199
ip arp inspection trust command 2-201
ip arp inspection validate command 2-203
ip arp inspection vlan command 2-205
ip arp inspection vlan logging command 2-206
ip device tracking command 2-210
ip device tracking probe command 2-208
IP DHCP snooping
See DHCP snooping
ip dhcp snooping binding command 2-212
ip dhcp snooping command 2-211
ip dhcp snooping database command 2-214
ip dhcp snooping information option allow-untrusted command 2-218
ip dhcp snooping information option command 2-216
ip dhcp snooping information option format remote-id command 2-220
ip dhcp snooping limit rate command 2-222
ip dhcp snooping trust command 2-223
ip dhcp snooping verify command 2-224
ip dhcp snooping vlan command 2-225
ip dhcp snooping vlan information option format-type circuit-id string command 2-226
ip igmp filter command 2-228
ip igmp max-groups command 2-229, 2-252, 2-254
ip igmp profile command 2-231
ip igmp snooping command 2-233
ip igmp snooping last-member-query-interval command 2-235
ip igmp snooping querier command 2-237
ip igmp snooping report-suppression command 2-239
ip igmp snooping tcn command 2-241
ip igmp snooping tcn flood command 2-243
ip igmp snooping vlan immediate-leave command 2-244
ip igmp snooping vlan mrouter command 2-245
ip igmp snooping vlan static command 2-247
IP multicast addresses 2-374
IP phones
auto-QoS configuration 2-54
trusting packets sent from 2-366
IP-precedence-to-DSCP map 2-340
ip source binding command 2-249
IP source guard
disabling 2-256
displaying
binding entries 2-578
configuration 2-579
dynamic binding entries only 2-561
enabling 2-256
static IP source bindings 2-249
ip ssh command 2-251
IPv6 access list, deny conditions 2-119
ipv6 access-list command 2-257
ipv6 address dhcp command 2-259
ipv6 dhcp client request vendor command 2-260
ipv6 dhcp ping packets command 2-261
ipv6 dhcp pool command 2-262
ipv6 dhcp server command 2-264
ipv6 mld snooping command 2-266
ipv6 mld snooping last-listener-query count command 2-268
ipv6 mld snooping last-listener-query-interval command 2-270
ipv6 mld snooping listener-message-suppression command 2-272
ipv6 mld snooping robustness-variable command 2-273
ipv6 mld snooping tcn command 2-275
ipv6 mld snooping vlan command 2-277
IPv6 SDM template 2-452
ipv6 traffic-filter command 2-279
ip verify source command 2-256
J
jumbo frames
See MTU
L
l2protocol-tunnel command 2-281
l2protocol-tunnel cos command 2-284
LACP
See EtherChannel
lacp port-priority command 2-285
lacp system-priority command 2-287
Layer 2 mode, enabling 2-774
Layer 2 protocol ports, displaying 2-598
Layer 2 protocol-tunnel
error detection for 2-167
error recovery timer 2-172
Layer 2 protocol tunnel counters 2-88
Layer 2 protocol tunneling error recovery 2-282
Layer 2 traceroute
IP addresses 2-818
MAC addresses 2-815
Layer 3 mode, enabling 2-774
line configuration mode 1-2, 1-4
Link Aggregation Control Protocol
See EtherChannel
link flap
error detection for 2-167
error recovery timer 2-172
link state group command 2-289
link state track command 2-291
load-distribution methods for EtherChannel 2-411
location (global configuration) command 2-292
location (interface configuration) command 2-294
logging event command 2-296
logging file command 2-297
logical interface 2-181
loopback error
detection for 2-167
recovery timer 2-172
loop guard, for spanning tree 2-731, 2-735
M
mab request format attribute 32 command 2-299
mac access-group command 2-301
MAC access-groups, displaying 2-610
MAC access list configuration mode 2-303
mac access-list extended command 2-303
MAC access lists 2-124
MAC addresses
disabling MAC address learning per VLAN 2-306
displaying
aging time 2-616
all 2-614
dynamic 2-620
MAC address-table move updates 2-625
notification settings 2-624, 2-627
number of addresses in a VLAN 2-618
per interface 2-622
per VLAN 2-631
static 2-629
static and dynamic entries 2-612
dynamic
aging time 2-305
deleting 2-90
displaying 2-620
enabling MAC address notification 2-310
enabling MAC address-table move update 2-308
matching 2-325
static
adding and removing 2-312
displaying 2-629
dropping on an interface 2-313
tables 2-614
MAC address notification, debugging B-23
mac address-table aging-time 2-301, 2-325
mac address-table aging-time command 2-305
mac address-table learning command 2-306
mac address-table move update command 2-308
mac address-table notification command 2-310
mac address-table static command 2-312
mac address-table static drop command 2-313
macro apply command 2-315
macro description command 2-318
macro global command 2-319
macro global description command 2-322
macro name command 2-323
macros
adding a description 2-318
adding a global description 2-322
applying 2-319
creating 2-323
displaying 2-660
interface range 2-114, 2-183
specifying parameter values 2-319
tracing 2-319
maps
QoS
defining 2-340
displaying 2-640
VLAN
creating 2-830
defining 2-325
displaying 2-698
match (access-map configuration) command 2-325
match (class-map configuration) command 2-327
maximum transmission unit
See MTU
mdix auto command 2-329
media-type (interface configuration) command 2-330
member switches
See clusters
memory (boot loader) command A-13
mkdir (boot loader) command A-14
MLD snooping
configuring 2-272, 2-273
configuring queries 2-268, 2-270
configuring topology change notification 2-275
displaying 2-588, 2-590, 2-592, 2-594
enabling 2-266
MLD snooping on a VLAN, enabling 2-277
mls qos aggregate-policer command 2-334
mls qos command 2-332
mls qos cos command 2-336
mls qos dscp-mutation command 2-338
mls qos map command 2-340
mls qos queue-set output buffers command 2-344
mls qos queue-set output threshold command 2-346
mls qos rewrite ip dscp command 2-348
mls qos srr-queue input bandwidth command 2-350
mls qos srr-queue input buffers command 2-352
mls qos-srr-queue input cos-map command 2-354
mls qos srr-queue input dscp-map command 2-356
mls qos srr-queue input priority-queue command 2-358
mls qos srr-queue input threshold command 2-360
mls qos-srr-queue output cos-map command 2-362
mls qos srr-queue output dscp-map command 2-364
mls qos trust command 2-366
mls qos vlan-based command 2-368
mode, MVR 2-374
Mode button, and password recovery 2-455
modes, commands 1-1
monitor session command 2-369
more (boot loader) command A-15
MSTP
displaying 2-680
interoperability 2-99
link type 2-733
MST region
aborting changes 2-737
applying changes 2-737
configuration name 2-737
configuration revision number 2-737
current or pending display 2-737
displaying 2-680
MST configuration mode 2-737
VLANs-to-instance mapping 2-737
path cost 2-739
protocol mode 2-736
restart protocol migration process 2-99
root port
loop guard 2-731
preventing from becoming designated 2-731
restricting which can be root 2-731
root guard 2-731
root switch
affects of extended system ID 2-730
hello-time 2-742, 2-749
interval between BDPU messages 2-743
interval between hello BPDU messages 2-742, 2-749
max-age 2-743
maximum hop count before discarding BPDU 2-744
port priority for selection of 2-745
primary or secondary 2-749
switch priority 2-748
state changes
blocking to forwarding state 2-755
enabling BPDU filtering 2-722, 2-753
enabling BPDU guard 2-724, 2-753
enabling Port Fast 2-753, 2-755
forward-delay time 2-741
length of listening and learning states 2-741
rapid transition to forwarding 2-733
shutting down Port Fast-enabled ports 2-753
state information display 2-679
MTU
configuring size 2-811
displaying global setting 2-687
Multicase Listener Discovery
See MLD
multicast group address, MVR 2-377
multicast groups, MVR 2-375
Multicast Listener Discovery
See MLD
multicast router learning method 2-245
multicast router ports, configuring 2-245
multicast router ports, IPv6 2-277
multicast storm control 2-771
multicast VLAN, MVR 2-374
multicast VLAN registration
See MVR
Multiple Spanning Tree Protocol
See MSTP
MVR
and address aliasing 2-375
configuring 2-374
configuring interfaces 2-377
debug messages, display B-27
displaying 2-648
displaying interface information 2-650
members, displaying 2-652
mvr (global configuration) command 2-374
mvr (interface configuration) command 2-377
mvr vlan group command 2-378
N
native VLANs 2-806
native VLAN tagging 2-833
Network Admission Control Software Configuration Guide 2-192, 2-194
network-policy (global configuration) command 2-381
network-policy command 2-380
network-policy profile (network-policy configuration) command 2-382
nmsp attachment suppress command 2-385
nmsp command 2-384
no authentication logging verbose 2-386
no dot1x logging verbose 2-387
no mab logging verbose 2-388
nonegotiate, speed 2-763
nonegotiating DTP messaging 2-792
non-IP protocols
denying 2-124
forwarding 2-401
non-IP traffic access lists 2-303
non-IP traffic forwarding
denying 2-124
permitting 2-401
normal-range VLANs 2-829
notifies command 2-12
O
online diagnostics
global configuration mode
clearing health monitoring diagnostic test schedule 2-82
setting health monitoring diagnostic testing 2-82
setting up health monitoring diagnostic test schedule 2-82
P
PAgP
See EtherChannel
pagp learn-method command 2-389
pagp port-priority command 2-391
password, VTP 2-843
password-recovery mechanism, enabling and disabling 2-455
permit (ARP access-list configuration) command 2-393
permit (IPv6) command 2-395
permit (MAC access-list configuration) command 2-401
per-VLAN spanning-tree plus
See STP
physical-port learner 2-389
PID, displaying 2-555
PIM-DVMRP, as multicast router learning method 2-245
police aggregate command 2-406
police command 2-404
policed-DSCP map 2-340
policy-map command 2-408
policy maps
applying to an interface 2-457, 2-462
creating 2-408
displaying 2-663
hierarchical 2-409
policers
displaying 2-634
for a single class 2-404
for multiple classes 2-334, 2-406
policed-DSCP map 2-340
traffic classification
defining the class 2-74
defining trust states 2-820
setting DSCP or IP precedence values 2-460
Port Aggregation Protocol
See EtherChannel
port-based authentication
AAA method list 2-3, 2-827
configuring violation modes 2-163
debug messages, display B-11
enabling IEEE 802.1x
globally 2-127
per interface 2-153
guest VLAN 2-142
host modes 2-144
IEEE 802.1x AAA accounting methods 2-1
initialize an interface 2-146, 2-159
MAC authentication bypass 2-147
manual control of authorization state 2-153
PAE as authenticator 2-152
periodic re-authentication
enabling 2-156
time between attempts 2-160
quiet period between failed authentication exchanges 2-160
re-authenticating IEEE 802.1x-enabled ports 2-155
resetting configurable IEEE 802.1x parameters 2-140
switch-to-authentication server retransmission time 2-160
switch-to-client frame-retransmission number2-149to 2-151
switch-to-client retransmission time 2-160
test for IEEE 802.1x readiness 2-158
port-channel load-balance command 2-411
Port Fast, for spanning tree 2-755
port ranges, defining 2-114
ports, debugging B-70
ports, protected 2-805
port security
aging 2-799
debug messages, display B-72
enabling 2-794
violation error recovery 2-172
port trust states for QoS 2-366
port types, MVR 2-377
power supply alarms, setting 2-9
power-supply dual command 2-412, 2-423
power-supply mode 2-412, 2-423
Precision Time Protocol
primary temperature alarm 2-10
priority-queue command 2-413
private-vlan command 2-415
private-vlan mapping command 2-418
private VLANs
association 2-803
configuring 2-415
configuring ports 2-790
displaying 2-693
host ports 2-790
mapping
configuring 2-803
displaying 2-541
promiscuous ports 2-790
privileged EXEC mode 1-2, 1-3
product identification information, displaying 2-555
profinet 2-420
promiscuous ports, private VLANs 2-790
protected ports, displaying 2-547
pruning
VLANs 2-806
VTP
displaying interface information 2-541
enabling 2-843
pruning-eligible VLAN list 2-807
ptp global configuration command 2-422
ptp interface configuration command 2-424
PTP settings 2-422, 2-424
PVST+
See STP
Q
QoS
auto-QoS
configuring 2-54
debug messages, display B-4
displaying 2-481
class maps
creating 2-77
defining the match criteria 2-327
displaying 2-492
defining the CoS value for an incoming packet 2-336
displaying configuration information 2-481, 2-633
DSCP transparency 2-348
DSCP trusted ports
applying DSCP-to-DSCP-mutation map to 2-338
defining DSCP-to-DSCP-mutation map 2-340
egress queues
allocating buffers 2-344
defining the CoS output queue threshold map 2-362
defining the DSCP output queue threshold map 2-364
displaying buffer allocations 2-637
displaying CoS output queue threshold map 2-640
displaying DSCP output queue threshold map 2-640
displaying queueing strategy 2-637
displaying queue-set settings 2-643
enabling bandwidth shaping and scheduling 2-767
enabling bandwidth sharing and scheduling 2-769
limiting the maximum output on a port 2-765
mapping a port to a queue-set 2-426
mapping CoS values to a queue and threshold 2-362
mapping DSCP values to a queue and threshold 2-364
setting maximum and reserved memory allocations 2-346
setting WTD thresholds 2-346
enabling 2-332
ingress queues
allocating buffers 2-352
assigning SRR scheduling weights 2-350
defining the CoS input queue threshold map 2-354
defining the DSCP input queue threshold map 2-356
displaying buffer allocations 2-637
displaying CoS input queue threshold map 2-640
displaying DSCP input queue threshold map 2-640
displaying queueing strategy 2-637
displaying settings for 2-635
enabling the priority queue 2-358
mapping CoS values to a queue and threshold 2-354
mapping DSCP values to a queue and threshold 2-356
setting WTD thresholds 2-360
maps
defining 2-340, 2-354, 2-356, 2-362, 2-364
displaying 2-640
policy maps
applying an aggregate policer 2-406
applying to an interface 2-457, 2-462
creating 2-408
defining policers 2-334, 2-404
displaying policers 2-634
displaying policy maps 2-663
hierarchical 2-409
policed-DSCP map 2-340
setting DSCP or IP precedence values 2-460
traffic classifications 2-74
trust states 2-820
port trust states 2-366
queues, enabling the expedite 2-413
statistics
in-profile and out-of-profile packets 2-637
packets enqueued or dropped 2-637
sent and received CoS values 2-637
sent and received DSCP values 2-637
trusted boundary for IP phones 2-366
VLAN-based 2-368
quality of service
See QoS
querytime, MVR 2-374
queue-set command 2-426
R
radius-server dead-criteria command 2-427
radius-server host command 2-429
rapid per-VLAN spanning-tree plus
See STP
rapid PVST+
See STP
rcommand command 2-431
re-authenticating IEEE 802.1x-enabled ports 2-155
re-authentication
periodic 2-156
time between attempts 2-160
receiver ports, MVR 2-377
receiving flow-control packets 2-179
recovery mechanism
causes 2-172
display 2-81, 2-487, 2-524, 2-528
timer interval 2-173
redundancy for cluster switches 2-111
relay-major command 2-12
relay-minor command 2-12
remote-span command 2-433
Remote Switched Port Analyzer
See RSPAN
rename (boot loader) command A-16
renew ip dhcp snooping database command 2-435
rep admin vlan command 2-437
rep block port command 2-438
rep lsl-age-timer command 2-441
rep preempt delay command 2-443
rep preempt segment command 2-445
rep segment command 2-446
rep stcn command 2-449
reset (boot loader) command A-17
resource templates, displaying 2-675
restricted VLAN
See dot1x auth-fail vlan
rmdir (boot loader) command A-18
rmon collection stats command 2-451
root guard, for spanning tree 2-731
routed ports
IP addresses on 2-191
number supported 2-191
RSPAN
configuring 2-369
displaying 2-646
filter RSPAN traffic 2-369
remote-span command 2-433
sessions
displaying 2-646
S
sdm prefer command 2-452
SDM templates
displaying 2-675
dual IPv4 and IPv6 2-452
secondary temperature alarm 2-10
secure ports, limitations 2-796
see PTP
sending flow-control packets 2-179
service password-recovery command 2-455
service-policy command 2-457
set (boot loader) command A-19
set command 2-460
setup command 2-462
setup express command 2-465
show access-lists command 2-467
show alarm description port 2-470
show alarm description port command 2-470
show alarm profile command 2-471
show alarm settings command 2-473
show archive status command 2-475
show arp access-list command 2-476
show authentication command 2-477
show auto qos command 2-481
show boot command 2-485
show cable-diagnostics tdr command 2-487
show cisp command 2-491
show class-map command 2-492
show cluster candidates command 2-495
show cluster command 2-493
show cluster members command 2-497
show controllers cpu-interface command 2-499
show controllers ethernet-controller command 2-501
show controllers tcam command 2-508
show controller utilization command 2-510
show dot1q-tunnel command 2-512
show dot1x command 2-514
show dtp 2-518
show eap command 2-520
show env command 2-523
show errdisable detect command 2-524
show errdisable flap-values command 2-526
show errdisable recovery command 2-528
show etherchannel command 2-530
show facility-alarm relay command 2-533
show facility-alarm status 2-533
show facility-alarm status command 2-534
show fallback profile command 2-535
show fcs threshold command 2-537
show flowcontrol command 2-539
show interface rep command 2-553
show interfaces command 2-541
show interfaces counters command 2-551
show interfaces rep command 2-553
show inventory command 2-555
show ip arp inspection command 2-556
show ipc command 2-581
show ip dhcp snooping binding command 2-561
show ip dhcp snooping command 2-560
show ip dhcp snooping database command 2-563, 2-565
show ip igmp profile command 2-568
show ip igmp snooping address command 2-590
show ip igmp snooping command 2-569, 2-588
show ip igmp snooping groups command 2-572
show ip igmp snooping mrouter command 2-574, 2-592
show ip igmp snooping querier command 2-576, 2-594
show ip source binding command 2-578
show ipv6 access-list command 2-585
show ipv6 dhcp conflict command 2-587
show ipv6 route updated 2-596
show ip verify source command 2-579
show l2protocol-tunnel command 2-598
show lacp command 2-601
show link state group command 2-608
show lldp command 2-605
show location 2-606
show mac access-group command 2-610
show mac address-table address command 2-614
show mac address-table aging time command 2-616
show mac address-table command 2-612
show mac address-table count command 2-618
show mac address-table dynamic command 2-620
show mac address-table interface command 2-622
show mac address-table learning command 2-624
show mac address-table move update command 2-625
show mac address-table notification command 2-92, 2-627, B-25
show mac address-table static command 2-629
show mac address-table vlan command 2-631
show mls qos aggregate-policer command 2-634
show mls qos command 2-633
show mls qos input-queue command 2-635
show mls qos interface command 2-637
show mls qos maps command 2-640
show mls qos queue-set command 2-643
show mls qos vlan command 2-645
show monitor command 2-646
show mvr command 2-648
show mvr interface command 2-650
show mvr members command 2-652
show network-policy profile command 2-654
show nmsp command 2-655
show pagp command 2-658
show parser macro command 2-660
show platform acl command C-2
show platform backup interface command C-3
show platform configuration command C-4
show platform etherchannel command C-5
show platform forward command C-6
show platform igmp snooping command C-8
show platform ip multicast command C-10
show platform ip unicast command C-11
show platform ipv6 unicast command C-16
show platform ip wccp command C-15
show platform layer4op command C-18
show platform mac-address-table command C-19
show platform messaging command C-20
show platform monitor command C-21
show platform mvr table command C-22
show platform pm command C-23
show platform port-asic command C-24
show platform port-security command C-29
show platform qos command C-30
show platform resource-manager command C-31
show platform snmp counters command C-33
show platform spanning-tree command C-34
show platform stp-instance command C-35
show platform tcam command C-36
show platform vlan command C-39
show policy-map command 2-663
show port security command 2-664
show profinet 2-667
show ptp command 2-669
show rep topology command 2-672
show sdm prefer command 2-675
show setup express command 2-678
show spanning-tree command 2-679
show storm-control command 2-685
show system mtu command 2-687
show trust command 2-820
show udld command 2-688
show version command 2-691
show vlan access-map command 2-698
show vlan command 2-693
show vlan command, fields 2-695
show vlan filter command 2-699
show vmps command 2-700
show vtp command 2-702
shutdown command 2-707
shutdown threshold, Layer 2 protocol tunneling 2-281
shutdown vlan command 2-708
small violation-rate command 2-709
Smartports macros
See macros
SNMP host, specifying 2-715
SNMP informs, enabling the sending of 2-711
snmp-server enable traps command 2-711
snmp-server host command 2-715
snmp trap mac-notification change command 2-719
SNMP traps
enabling MAC address notification trap 2-719
enabling the MAC address notification feature 2-310
enabling the sending of 2-711
SoftPhone
See Cisco SoftPhone
software images
deleting 2-116
downloading 2-16
upgrading 2-16
uploading 2-22
software version, displaying 2-691
source ports, MVR 2-377
SPAN
configuring 2-369
debug messages, display B-26
displaying 2-646
filter SPAN traffic 2-369
sessions
add interfaces to 2-369
displaying 2-646
start new 2-369
spanning-tree backbonefast command 2-721
spanning-tree bpdufilter command 2-722
spanning-tree bpduguard command 2-724
spanning-tree cost command 2-726
spanning-tree etherchannel command 2-728
spanning-tree extend system-id command 2-730
spanning-tree guard command 2-731
spanning-tree link-type command 2-733
spanning-tree loopguard default command 2-735
spanning-tree mode command 2-736
spanning-tree mst configuration command 2-737
spanning-tree mst cost command 2-739
spanning-tree mst forward-time command 2-741
spanning-tree mst hello-time command 2-742
spanning-tree mst max-age command 2-743
spanning-tree mst max-hops command 2-744
spanning-tree mst port-priority command 2-745
spanning-tree mst pre-standard command 2-747
spanning-tree mst priority command 2-748
spanning-tree mst root command 2-749
spanning-tree portfast (global configuration) command 2-753
spanning-tree portfast (interface configuration) command 2-755
spanning-tree port-priority command 2-751
Spanning Tree Protocol
See STP
spanning-tree transmit hold-count command 2-757
spanning-tree uplinkfast command 2-758
spanning-tree vlan command 2-760
speed command 2-763
srr-queue bandwidth limit command 2-765
srr-queue bandwidth share command 2-769
SSH, configuring version 2-251
static-access ports, configuring 2-776
statistics, Ethernet group 2-451
sticky learning, enabling 2-794
storm-control command 2-771
STP
BackboneFast 2-721
counters, clearing 2-98
debug messages, display
BackboneFast events B-91
MSTP B-94
optimized BPDUs handling B-93
spanning-tree activity B-89
switch shim B-96
transmitted and received BPDUs B-92
UplinkFast B-98
detection of indirect link failures 2-721
enabling protocol tunneling for 2-281
EtherChannel misconfiguration 2-728
extended system ID 2-730
path cost 2-726
protocol modes 2-736
root port
accelerating choice of new 2-758
loop guard 2-731
preventing from becoming designated 2-731
restricting which can be root 2-731
root guard 2-731
UplinkFast 2-758
root switch
affects of extended system ID 2-730, 2-761
hello-time 2-760
interval between BDPU messages 2-760
interval between hello BPDU messages 2-760
max-age 2-760
port priority for selection of 2-751
primary or secondary 2-760
switch priority 2-760
state changes
blocking to forwarding state 2-755
enabling BPDU filtering 2-722, 2-753
enabling BPDU guard 2-724, 2-753
enabling Port Fast 2-753, 2-755
enabling timer to recover from error state 2-172
forward-delay time 2-760
length of listening and learning states 2-760
shutting down Port Fast-enabled ports 2-753
state information display 2-679
VLAN options 2-748, 2-760
SVIs, creating 2-185
SVI status calculation 2-778
Switched Port Analyzer
See SPAN
switching characteristics
modifying 2-774
returning to interfaces 2-774
switchport access command 2-776
switchport autostate exclude command 2-778
switchport backup interface command 2-780
switchport block command 2-784
switchport command 2-774
switchport host command 2-786
switchport mode command 2-787
switchport mode private-vlan command 2-790
switchport nonegotiate command 2-792
switchport port-security aging command 2-799
switchport port-security command 2-794
switchport priority extend command 2-801
switchport private-vlan command 2-803
switchport protected command 2-805
switchports, displaying 2-541
switchport trunk command 2-806
switchport voice vlan command 2-809
syslog command 2-12
system message logging, save message to flash 2-297
system mtu command 2-811
system resource templates 2-452
T
tar files, creating, listing, and extracting 2-19
TDR, running 2-813
Telnet, using to communicate to cluster switches 2-431
temperature alarms, setting 2-10
templates, system resources 2-452
test cable-diagnostics tdr command 2-813
test relay 2-814
test relay command 2-814
traceroute mac command 2-815
traceroute mac ip command 2-818
trunking, VLAN mode 2-787
trunk mode 2-787
trunk ports 2-787
trunks, to non-DTP device 2-788
trusted boundary for QoS 2-366
trusted port states for QoS 2-366
tunnel ports, Layer 2 protocol, displaying 2-598
type (boot loader) command A-22
U
UDLD
aggressive mode 2-822, 2-824
debug messages, display B-105
enable globally 2-822
enable per interface 2-824
error recovery timer 2-172
message timer 2-822
normal mode 2-822, 2-824
reset a shutdown interface 2-826
status 2-688
udld command 2-822
udld port command 2-824
udld reset command 2-826
unicast storm control 2-771
UniDirectional Link Detection
See UDLD
unknown multicast traffic, preventing 2-784
unknown unicast traffic, preventing 2-784
unset (boot loader) command A-23
upgrading
software images
downloading 2-16
monitoring status of 2-475
UplinkFast, for STP 2-758
user EXEC mode 1-2
V
version (boot loader) command A-25
vlan access-map command 2-830
VLAN access map configuration mode 2-830
VLAN access maps
actions 2-6
displaying 2-698
VLAN-based QoS 2-368
VLAN configuration mode
commands
VLAN 2-829
VTP 2-848
description 1-4
entering 2-832
summary 1-2
vlan dot1q tag native command 2-833
vlan filter command 2-835
VLAN filters, displaying 2-699
VLAN maps
applying 2-835
creating 2-830
defining 2-325
displaying 2-698
VLAN Query Protocol
See VQP
VLANs
configuring 2-829
debug messages, display
ISL B-102
VLAN IOS file system error tests B-101
VLAN manager activity B-99
VTP B-103
displaying configurations 2-693
enabling guest VLAN supplicant 2-130, 2-141, 2-177
MAC addresses
displaying 2-631
number of 2-618
normal-range 2-829
private 2-790
configuring 2-415
displaying 2-693
See also private VLANs
restarting 2-708
shutting down 2-708
SNMP traps for VTP 2-713, 2-716
suspending 2-708
VLAN Trunking Protocol
See VTP
VMPS
configuring servers 2-840
displaying 2-700
error recovery timer 2-173
reconfirming dynamic VLAN assignments 2-837
vmps reconfirm (global configuration) command 2-838
vmps reconfirm (privileged EXEC) command 2-837
vmps retry command 2-839
vmps server command 2-840
voice VLAN
configuring 2-809
setting port priority 2-801
VQP
and dynamic-access ports 2-777
clearing client statistics 2-100
displaying information 2-700
per-server retry count 2-839
reconfirmation interval 2-838
reconfirming dynamic VLAN assignments 2-837
VTP
changing characteristics 2-842
clearing pruning counters 2-101
configuring
domain name 2-842
file name 2-842
mode 2-842
password 2-843
counters display fields 2-703
displaying information 2-702
enabling
pruning 2-843
tunneling for 2-281
Version 2 2-843
enabling per port 2-847
mode 2-842
pruning 2-843
statistics 2-702
status 2-702
status display fields 2-705
vtp (global configuration) command 2-842
vtp interface configuration) command 2-847
vtp primary command 2-849