-
Catalyst 3550 Multilayer Switch Software Configuration Guide, 12.1(9)EA1
-
Index
-
Preface
-
Overview
-
Using the Command-Line Interface
-
Getting Started with CMS
-
Configuring the Switch IP Address and Default Gateway
-
Configuring IE2100 CNS Agents
-
Clustering Switches
-
Administering the Switch
-
Configuring 802.1X Port-Based Authentication
-
Configuring Interface Characteristics
-
Creating and Maintaining VLANs
-
Configuring VTP
-
Configuring Voice VLAN
-
Configuring 802.1Q and Layer 2 Protocol Tunneling
-
Configuring STP
-
Configuring RSTP and MSTP
-
Configuring Optional Spanning-Tree Features
-
Configuring the DHCP Option 82 for Subscriber Identification
-
Configuring IGMP Snooping and MVR
-
Configuring Port-Based Traffic Control
-
Configuring CDP
-
Configuring UDLD
-
Configuring SPAN
-
Configuring RMON
-
Configuring System Message Logging
-
Configuring SNMP
-
Configuring Network Security with ACLs
-
Configuring QoS
-
Configuring EtherChannels
-
Configuring IP Unicast Routing
-
Configuring HSRP
-
Configuring IP Multicast Routing
-
Configuring MSDP
-
Configuring Fallback Bridging
-
Troubleshooting
-
Supported MIBs
-
Working with the IOS File System, Configuration Files, and Software Images
-
Unsupported CLI Commands for Release 12.1(9)EA1
-
Feedback
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -
Index
Numerics
802.1Q
and trunk ports 9-3
configuration limitations 10-20
encapsulation 10-18
native VLAN for untagged traffic 10-25
trunk mode 3-9
tunneling
compatibility with other features 13-5
defaults 13-4
described 13-1
tunnel ports and ACLs 26-3
tunnel ports with other features 13-6
802.1X
802.3Z flow control 9-15
A
abbreviating commands 2-3
ABRs 29-35
AC (command switch) 6-14, 6-24
access-class command 26-20
access control entries
access-denied response, VMPS 10-30
access groups
IP 26-21
Layer 3 26-21
viewing 26-42
accessing
clusters, switch 6-17
CMS 3-29
modes 3-30
command switches 6-15
HTTP port 3-30
member switches 6-17
switch clusters 6-17
access levels, CMS 3-30
access lists
access ports
and Layer 2 protocol tunneling 13-9
defined 9-2
in switch clusters 6-13
accounting
with RADIUS 7-27
ACEs
and QoS 27-7
defined 26-2
Ethernet 26-2
IP 26-2
ACLs
ACEs 26-2
and logging 26-7
any keyword 26-13
applying
on bridged packets 26-38
on multicast packets 26-40
on routed packets 26-39
on switched packets 26-37
ACLs (continued)applying (continued)
time ranges to 26-17
to Layer 2 and Layer 3 interfaces 26-20
to QoS 27-7
classifying traffic for QoS 27-27
comments in 26-19
compatibility on the same switch 26-2
compiling 26-21
configuration conflict examples 26-45
configuring with VLAN maps 26-36
defined 26-1
displaying interface 26-42
examples, not fitting in hardware 26-46
extended IP
configuring for QoS classification 27-28
creating 26-11
matching criteria 26-8
feature manager 26-44
hardware and software handling 26-7
hardware support for 26-7
host keyword 26-13
IP
applying to interface 26-19
creating 26-8
defined 26-8
fragments and QoS guidelines 27-20
implicit deny 26-10, 26-14, 26-16
implicit masks 26-10
matching criteria 26-8
matching criteria for port ACLs 26-4
matching criteria for router ACLs 26-3
named 26-15
options and QoS guidelines 27-20
undefined 26-21
violations, logging 26-16
virtual terminal lines, setting on 26-19
ACLs (continued)limiting actions 26-37
logging messages 26-10
log keyword 26-16
merge failure examples 26-47
monitoring 26-41
named 26-15
not fitting in hardware 26-46
number per QoS class map 27-20
numbers 26-8
policy maps and QoS classification 27-20
port
and voice VLAN 26-4
defined 26-2
limitations 26-4
router 26-2
standard IP
configuring for QoS classification 27-27
creating 26-9
matching criteria 26-8
support for 1-4
time ranges 26-17
undefined 26-28
unsupported features 26-7
using router ACLs with VLAN maps 26-36
VLAN maps
configuration guidelines 26-30
configuring 26-29
defined 26-5
active router 30-1
addresses
displaying the MAC address table 7-58
dynamic
accelerated aging 14-9
changing the aging time 7-54
default aging 14-9
defined 7-52
learning 7-53
preventing frame forwarding 33-5
removing 7-55
filtering frames by MAC address 33-6
multicast
group address range 31-1
STP address management 14-8
static
adding and removing 7-57
defined 7-52
address resolution 29-10
Address Resolution Protocol
adjacency tables, with CEF 29-53
administrative distances
defined 29-62
OSPF 29-41
routing protocol defaults 29-56
advertisements
CDP 20-1
IGRP 29-30
RIP 29-25
aggregated ports
aggregate policers 27-37
aggregate policing 1-5
aging, accelerating 14-9
aging time
accelerated
for MSTP 15-20
bridge table for fallback bridging 33-6
MAC address table 7-54
maximum
for MSTP 15-21
for STP 14-19
alarms, RMON 23-3
allowed-VLAN list 10-24
alternate routes, IGRP 29-31
Apply button 3-28
area border routers
ARP
configuring 29-11
defined 29-10
encapsulation 29-12
static cache configuration 29-11
support for 1-2
ASBRs 29-35
asymmetrical links, and 802.1Q tunneling 13-4
attributes, RADIUS
vendor-proprietary 7-29
vendor-specific 7-28
audience xxxi
authentication
EIGRP 29-50
HSRP 30-8
local mode with AAA 7-31
NTP associations 7-36
RADIUS
key 7-21
login 7-23
See also port-based authentication
authentication (continued)TACACS+
defined 7-11
key 7-13
login 7-14
authentication keys, and routing protocols 29-63
authoritative time source, described 7-33
authorization
with RADIUS 7-26
authorized ports with 802.1X 8-4
autoconfiguration 4-3
automatic discovery
adding member switches 6-22
considerations
beyond a non-candidate device 6-9, 6-10
brand new switches 6-13
connectivity 6-5
different VLANs 6-8
non-CDP-capable devices 6-7
non-cluster-capable devices 6-7
routed ports 6-12
creating a cluster standby group 6-24
in switch clusters 6-5
automatic recovery, clusters 6-14
autonegotiation
duplex mode 1-2
interface configuration guidelines 9-14
mismatches 34-10
autonomous system boundary routers
Auto-RP, described 31-8
autosensing, port speed 1-2
auxiliary VLAN
B
BackboneFast
described 16-10
enabling 16-19
support for 1-3
bandwidth for QoS
allocating 27-50
described 27-13
bandwidth graphs 3-8
banners
configuring
login 7-52
message-of-the-day login 7-51
default configuration 7-50
when displayed 7-50
binding cluster group and HSRP group 30-9
blocking packets 19-6
booting
boot loader, function of 4-2
boot process 4-1
manually 4-13
specific image 4-14
boot loader
accessing 4-15
described 4-2
environment variables 4-15
prompt 4-15
trap-door mechanism 4-2
bootstrap router (BSR), described 31-8
BPDU
error-disabled state 16-3
filtering 16-3
RSTP format 15-5
BPDU filtering
described 16-3
enabling 16-16
support for 1-3
BPDU guard
described 16-3
enabling 16-15
support for 1-3
bridged packets, ACLs on 26-38
bridge groups
bridge protocol data unit
broadcast flooding 29-20
broadcast packets
directed 29-17
flooded 29-17
broadcast storm-control command 19-3
browser configuration 3-1, 6-1
buttons, CMS 3-28
C
cables, monitoring for unidirectional links 21-1
CAMs, ACLs not loading in 26-46
Cancel button 3-28
candidate switch
adding 6-22
automatic discovery 6-5
defined 6-4
HC 6-24
passwords 6-22
requirements 6-4
standby group 6-24
See also command switch, cluster standby group, and member switch
caution, described xxxv
CC (command switch) 6-24
CDP
automatic discovery in switch clusters 6-5
configuring 20-2
default configuration 20-2
described 20-1
disabling for routing device 20-3, 20-4
enabling and disabling
on an interface 20-4
on a switch 20-3
Layer 2 protocol tunneling 13-7
monitoring 20-5
overview 20-1
support for 1-2
transmission timer and holdtime, setting 20-2
updates 20-2
CEF 29-53
CGMP
as IGMP snooping learning method 18-6
clearing cached group entries 31-58
enabling server support 31-38
FastLeave feature 31-13
hosts
joining a group 31-12
leaving a group 31-13
joining multicast group 18-2
overview 31-11
server support only 31-11
switch support of 1-2
change notification, CMS 3-31
Cisco Discovery Protocol
Cisco Express Forwarding
Cisco Group Management Protocol
Cisco Intelligence Engine 2100 Series Configuration Registrar
Cisco Networking Services
Cisco Technical Assistance Center xxxvii
classless routing 29-8
class maps for QoS
configuring 27-30
described 27-7
displaying 27-56
class of service
clearing interfaces 9-19
CLI
abbreviating commands 2-3
command modes 2-1
described 1-6
editing features
enabling and disabling 2-6
keystroke editing 2-7
wrapped lines 2-8
error messages 2-4
filtering command output 2-9
getting help 2-3
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-5
managing clusters 6-27
no and default forms of commands 2-4
client mode, VTP 11-3
clock
Cluster Management Suite
clusters, switch
accessing 6-17
adding member switches 6-22
automatic discovery 6-5
automatic recovery 6-14
benefits 1-7
command switch configuration 6-21
compatibility 6-5
creating 6-20
creating a cluster standby group 6-24
described 6-1
LRE profile considerations 6-20
managing
through CLI 6-27
through SNMP 6-28
planning considerations 6-5
automatic discovery 6-5
automatic recovery 6-14
CLI 6-27
host names 6-18
IP addresses 6-17
LRE profiles 6-20
passwords 6-18
RADIUS 6-19
switch-specific features 6-20
TACACS+ 6-19
redundancy 6-24
troubleshooting 6-26
verifying 6-26
cluster standby group
and HSRP group 30-9
automatic recovery 6-17
considerations 6-15
creating 6-24
cluster standby group (continued)defined 6-2
requirements 6-3
virtual IP address 6-15
cluster tree
described 3-5
icons 3-5
CMS
accessing 3-29
access levels 3-30
benefits 1-7
change notification 3-31
cluster tree 3-5
different versions of 3-32
displaying system messages 3-18
error checking 3-31
features 3-2
Front Panel images 3-6
Front Panel view 3-4
interaction modes 3-25
menu bar 3-14
online help 3-26
privilege level 3-30
requirements 3-29
saving configuration changes 3-31
toolbar 3-20
tool tips 3-26
Topology view 3-9
verifying configuration changes 3-31
window components 3-27
wizards 3-25
Coarse Wave Division Multiplexer GBIC modules
Collapse Cluster view 3-10
command-line interface
command modes 2-1
commands
abbreviating 2-3
no and default 2-4
setting privilege levels 7-8
command switch
accessing 6-15
command switch with HSRP disabled (CC) 6-24
configuration conflicts 34-10
defined 6-2
enabling 6-21
password privilege levels 6-27
priority 6-14
recovery
from failure 34-7
from lost member connectivity 34-10
recovery from command-switch failure 6-14
replacing
with another switch 34-9
with cluster member 34-7
requirements 6-3
See also candidate switch, cluster standby group, member switch, and standby command switch
community strings
for cluster switches 25-3
in clusters 6-18
overview 25-3
SNMP 6-18
config.text 4-12
configuration changes, saving 3-31
configuration conflicts
ACL, displaying 26-44
recovering from lost member connectivity 34-10
configuration examples, network 1-8
configuration files
clearing the startup configuration B-19
creating using a text editor B-10
default name 4-12
deleting a stored configuration B-19
described B-8
downloading
automatically 4-12
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
guidelines for creating and using B-9
invalid combinations when copying B-5
limiting TFTP server access 25-9
obtaining with DHCP 4-7
password recovery disable considerations 7-5
specifying the filename 4-13
system contact and location information 25-9
types and location B-9
uploading
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-12
VMPS database 10-31
configuration settings, saving 4-10
configure terminal command 9-7
conflicts, configuration 34-10
congestion-avoidance techniques 27-13
congestion-management techniques 27-13, 27-15
connections, secure remote 7-32
connectivity problems 34-11
consistency checks in VTP version 2 11-4
conventions
command xxxiv
for examples xxxv
publication xxxiv
text xxxiv
CoS
in Layer 2 frames 27-2
override priority 12-5
trust priority 12-6
CoS-to-DSCP map for QoS 27-39
CoS-to-egress-queue map 27-45
counters, clearing interface 9-19
CPU q, in show forward command output 34-17
crashinfo file 34-17
cross-stack UplinkFast, STP
connecting stack ports 16-8
described 16-5
enabling 16-18
fast-convergence events 16-7
Fast Uplink Transition Protocol 16-6
limitations 16-8
normal-convergence events 16-7
Stack Membership Discovery Protocol 16-6
support for 1-3
crypto software image 7-32
CWDM GBIC modules
network example 1-17
wavelength colors on CMS 3-7
CWDM OADM modules 1-17
D
daylight saving time 7-45
debugging
enabling all system diagnostics 34-15
enabling for a specific feature 34-15
redirecting error message output 34-16
using commands 34-14
default commands 2-4
default configuration
802.1Q tunneling 13-4
802.1X 8-6
banners 7-50
booting 4-12
CDP 20-2
DHCP 17-3
DNS 7-49
EIGRP 29-47
EtherChannel 28-7
fallback bridging 33-3
HSRP 30-3
IGMP 31-31
IGMP filtering 18-20
IGMP snooping 18-5
IGRP 29-30
initial switch information 4-3
IP addressing, IP routing 29-4
IP multicast routing 31-13
Layer 2 interfaces 9-13
Layer 2 protocol tunneling 13-9
MAC address table 7-54
MSDP 32-4
MVR 18-15
NTP 7-36
optional spanning-tree features 16-14
OSPF 29-36
password and privilege level 7-3
QoS 27-18
RADIUS 7-20
RIP 29-25
RMON 23-3
RSTP and MSTP 15-12
SNMP 25-4
SPAN 22-7
STP 14-10
system message logging 24-3
system name and prompt 7-47
TACACS+ 7-13
default configuration (continued)
UDLD 21-3
VLAN, Layer 2 Ethernet interfaces 10-21
VLANs 10-8
VMPS 10-33
voice VLAN 12-2
VTP 11-6
default networks 29-56
default routes 29-56
default routing 29-2
deleting VLANs 10-10
description command 9-17
designing your network, examples 1-8
destination addresses, in ACLs 26-12
detecting indirect link failures, STP 16-10
device discovery protocol 20-1
device icons
Front Panel view 3-5
Topology view 3-11
device labels 3-12
Device Manager 3-2
device pop-up menu
Front Panel view 3-21
Topology view 3-23
DHCP-based autoconfiguration
client request message exchange 4-4
configuring
client side 4-3
DNS 4-6
relay device 4-6
server-side 4-5
TFTP server 4-5
example 4-8
lease options
for IP address information 4-5
for receiving the configuration file 4-5
DHCP-based autoconfiguration (continued)
overview 4-3
relationship to BOOTP 4-3
relay support 1-5
support for 1-2
DHCP option 82
configuration guidelines 17-4
default configuration 17-3
displaying 17-7
enabling
relay agent 17-4
relay agent information option 17-4
example, metropolitan Ethernet network 17-2
forwarding address, specifying 17-5
helper address 17-5
message exchange process 17-2
overview 17-1
policy for reforwarding 17-5
protected ports for subscriber isolation 17-7
reforwarding policy 17-5
subscriber identification 17-2
support for 1-2
suppressing broadcasts 17-7
validating 17-4
Differentiated Services architecture, QoS 27-1
Differentiated Services Code Point 27-2
Diffusing Update Algorithm (DUAL) 29-46
directed unicast requests 1-2
directories
changing B-3
creating and removing B-4
displaying the working B-3
discovery, clusters
display options, Topology view 3-13
Disqualification Code option 3-24
Distance Vector Multicast Routing Protocol
distance-vector protocols 29-2
distribute-list command 29-62
DNS
and DHCP-based autoconfiguration 4-6
default configuration 7-49
displaying the configuration 7-50
overview 7-48
setting up 7-49
support for 1-2
documentation
feedback xxxvi
obtaining
CD-ROM xxxvi
world wide web xxxvi
ordering xxxvi
related xxxv
document conventions xxxiv
domain names
DNS 7-48
VTP 11-8
Domain Name System
dot1q-tunnel switchport mode 10-19
double-tagged packets
802.1Q tunneling 13-2
Layer 2 protocol tunneling 13-9
downloading
configuration files
reasons for B-8
using FTP B-13
using RCP B-17
using TFTP B-11
image files
deleting old image B-23
reasons for B-19
using FTP B-26
using RCP B-30
using TFTP B-22
DSCP-to-CoS map for QoS 27-42
DSCP-to-DSCP-mutation map for QoS 27-43
DSCP-to-threshold map for QoS 27-47
DUAL finite state machine, EIGRP 29-46
duplex mode, configuring 9-14
DVMRP
all-DVMRP-routers multicast group address 31-11
autosummarization
configuring a summary address 31-54
disabling 31-56
connecting PIM domain to DVMRP router 31-46
enabling unicast routing 31-50
interoperability
with Cisco devices 31-44
with IOS software 31-11
mrinfo requests, responding to 31-49
neighbors
advertising the default route to 31-48
discovery with Probe messages 31-11, 31-44
displaying information 31-49
prevent peering with nonpruning 31-52
rejecting nonpruning 31-51
overview 31-11
routes
adding a metric offset 31-56
advertising all 31-56
advertising the default route to neighbors 31-48
caching DVMRP routes learned in report messages 31-50
changing the threshold for syslog messages 31-54
deleting 31-58
displaying 31-58
favoring one over another 31-56
limiting the number injected into MBONE 31-53
limiting unicast route advertisements 31-44
route table, building 31-11
source distribution tree, building 31-11
DVMRP (continued)
support for 1-5
tunnels
configuring 31-46
displaying neighbor information 31-49
dynamic access mode 3-9
dynamic access ports
characteristics 10-3
configuring 10-34
defined 9-3
dynamic addresses
dynamic desirable trunking mode 10-19
Dynamic Host Configuration Protocol
See DHCP-based autoconfiguration
dynamic port VLAN membership 10-31
reconfirming 10-35
troubleshooting 10-37
types of connections 10-34
VMPS database configuration file 10-31
dynamic routing 29-2
Dynamic Trunking Protocol
E
editing features
enabling and disabling 2-6
keystrokes used 2-7
wrapped lines 2-8
egress q, in show forward command output 34-17
EIGRP
and IGRP 29-48
authentication 29-50
components 29-46
configuring 29-48
default configuration 29-47
definition 29-46
EIGRP (continued)
interface parameters, configuring 29-49
monitoring 29-51
support for 1-5
enable password 7-4
enable secret password 7-4
encrypted software image 7-32
encryption for passwords 7-4
Enhanced IGRP
environment variables
function of 4-16
location in Flash 4-15
error checking, CMS 3-31
error messages
during command entry 2-4
setting the display destination device 24-4
severity levels 24-8
system message format 24-2
EtherChannel
automatic creation of 28-3
channel groups
binding physical and logical interfaces 28-2
numbering of 28-2
configuration guidelines 28-8
configuring
Layer 2 interfaces 28-9
Layer 3 physical interfaces 28-12
Layer 3 port-channel logical interfaces 28-11
default configuration 28-7
destination MAC address forwarding 28-5
displaying status 28-16
forwarding methods 28-5, 28-13
interaction
with STP 28-8
with VLANs 28-8
Layer 3 interface 29-3
EtherChannel (continued)logical interfaces, described 28-2
number of interfaces per 28-1
overview 28-1
PAgP
aggregate-port learners 28-5
compatibility with Catalyst 1900 28-14
displaying status 28-16
interaction with other features 28-5
learn method and priority configuration 28-14
modes 28-4
overview 28-3
silent mode 28-4
support for 1-2
port-channel interfaces
described 28-2
numbering of 28-2
port groups 9-4
source MAC address forwarding 28-5
support for 1-2
Ethernet VLANs
adding 10-8
defaults and ranges 10-8
modifying 10-8
events, RMON 23-3
examples
conventions for xxxv
network configuration 1-8
Expand Cluster view 3-10
expedite queue for QoS
10/100 Ethernet ports
allocating bandwidth 27-54
configuring 27-54
described 27-15
Gigabit-capable Ethernet ports
allocating bandwidth 27-50
configuring 27-50
described 27-13
expert mode 3-25
extended-range VLANs
configuration guidelines 10-13
configuring 10-12
creating 10-13
defined 10-1
extended system ID
MSTP 15-14
Extensible Authentication Protocol over LAN 8-1
exterior routes, IGRP 29-30
F
fallback bridging
and protected ports 33-4
bridge groups
creating 33-4
described 33-2
displaying 33-12
function of 33-2
number supported 33-4
removing 33-4
bridge table
changing the aging time 33-6
clearing 33-12
displaying 33-12
connecting interfaces with 9-7
default configuration 33-3
described 33-1
frame forwarding
filtering by MAC address 33-6
flooding packets 33-2
for static addresses 33-5
forwarding packets 33-2
preventing for dynamically learned stations 33-5
to static addresses 33-5
overview 33-1
fallback bridging (continued)
STP
disabling on an interface 33-12
forward-delay interval 33-10
hello BPDU interval 33-10
interface priority 33-8
maximum-idle interval 33-11
path cost 33-9
switch priority 33-8
support for 1-5
SVIs and routed ports 33-1
VLAN-bridge STP 14-8
fallback VLAN name 10-31
fan fault indication 3-5
Fast Uplink Transition Protocol 16-6
feature manager, ACL 26-44
feedback to Cisco Systems, web xxxvi
FIB 29-53
fiber-optic, detecting unidirectional links 21-1
files
copying B-4
crashinfo
description 34-17
displaying the contents of 34-17
location 34-17
deleting B-5
displaying the contents of B-8
tar
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-20
file system
displaying available file systems B-2
displaying file information B-3
local file system names B-1
network file system names B-4
setting the default B-3
filtering
in a VLAN 26-29
non-IP traffic 26-26
show and more command output 2-9
with fallback bridging 33-6
filters, IP
Flash device, number of B-1
flash updates, IGRP 29-31
flooded traffic, blocking 19-6
flow-based packet classification 1-4
flowcharts
QoS classification 27-6
QoS policing and marking 27-10
QoS queueing and scheduling
10/100 ports 27-15
Gigabit-capable ports 27-12
forward-delay time
MSTP 15-20
Forwarding Information Base
forwarding non-routable protocols 33-1
Front Panel images, CMS 3-6
Front Panel view
cluster tree 3-5
described 3-4
pop-up menus 3-21
port icons 3-6
port LEDs 3-8
RPS LED 3-7
switch images 3-6
FTP
accessing MIB files A-2
configuration files
downloading B-13
overview B-12
preparing the server B-13
uploading B-15
image files
deleting old image B-28
downloading B-26
preparing the server B-25
uploading B-28
G
GBICs
1000BASE-LX/LH module 1-10
1000BASE-SX module 1-10
1000BASE-T module 1-10
1000BASE-ZX module 1-10
CWDM module 1-17
GigaStack module 1-9
security and identification 34-11
get-bulk-request operation 25-2
get-next-request operation 25-2, 25-3
get-request operation 25-2, 25-3
get-response operation 25-2
Gigabit GBIC modules
Gigabit Interface Converters
GigaStack GBIC
fast transition of redundant link 16-5
global configuration mode 2-2
graphs, bandwidth 3-8
guide
audience xxxi
organization of xxxii
purpose of xxxi
H
hardware, determining ACL configuration fit 26-46
HC (candidate switch) 6-24
hello time
MSTP 15-19
STP 14-18
help, for the command line 2-3
Help button, CMS 3-28
Help Contents 3-26
history
changing the buffer size 2-5
described 2-5
disabling 2-6
recalling commands 2-5
history table, level and number of syslog messages 24-10
host name list, CMS 3-27
host names
abbreviations appended to 6-24
in clusters 6-18
hosts, limit on dynamic ports 10-37
Hot Standby Router Protocol
HP OpenView 1-6
HSRP
authentication string 30-8
automatic cluster recovery 6-17
binding to cluster group 30-9
cluster standby group considerations 6-15
command-switch redundancy 1-1
configuring 30-3
default configuration 30-3
definition 30-1
HSRP (continued)
monitoring 30-10
overview 30-1
priority 30-6
routing redundancy 1-5
timers 30-8
tracking 30-6
See also clusters, cluster standby group, and standby command switch
Hypertext Transfer Protocol
I
ICMP
redirect messages 29-15
support for 1-5
time exceeded messages 34-13
traceroute and 34-13
unreachable messages 26-6
unreachables and ACLs 26-7
ICMP ping
executing 34-12
overview 34-11
ICMP Router Discovery Protocol
icons
cluster tree 3-5
colors
cluster tree 3-5
Topology view 3-13
editable table cell 3-28
Front Panel view 3-6
multilink 3-22
sorting 3-28
toolbar 3-20
Topology view 3-11
web link 3-28
IE2100
CNS embedded agents
described 5-5
enabling automated configuration 5-6
enabling configuration agent 5-9
enabling event agent 5-8
Configuration Registrar
configID, deviceID, hostname 5-3
configuration service 5-2
described 5-1
event service 5-3
described 1-6
support for 1-2
IEEE 802.1P 12-1
IFS 1-2
IGMP
configuring the switch
as a member of a group 31-34
statically connected member 31-36
controlling access to groups 31-35
default configuration 31-31
deleting cache entries 31-58
displaying groups 31-58
fast switching 31-37
host-query interval, modifying 31-36
joining multicast group 18-2
join messages 18-2
leave processing, enabling 18-9
leaving multicast group 18-4
multicast reachability 31-34
overview 31-3
queries 18-3
support for 1-2
IGMP (continued)
Version 1
changing to Version 2 31-32
hosts joining a group 31-3
hosts leaving a group 31-3
membership queries 31-3
overview 31-3
query-response model 31-3
Version 2
changing to Version 1 31-32
enhancements over Version 1 31-4
hosts leaving a group 31-4
maximum query response time value 31-33
new features 31-4
overview 31-4
pruning groups 31-33
query timeout value 31-32
IGMP filtering
configuring 18-20
default configuration 18-20
described 18-20
monitoring 18-24
IGMP groups, setting the maximum number 18-23
IGMP profile
applying 18-22
configuration mode 18-20
configuring 18-21
IGMP snooping
configuring 18-5
default configuration 18-5
definition 18-1
enabling and disabling 18-5
global configuration 18-5
Immediate Leave 18-4
method 18-6
monitoring 18-9
support for 1-2
VLAN configuration 18-6
IGP 29-35
IGRP
advertisements 29-30
alternate routes 29-31
configuring 29-32
default configuration 29-30
described 29-30
exterior routes 29-30
flash updates 29-31
interior routes 29-30
load balancing 29-31
poison-reverse updates 29-31
split horizon 29-34
support for 1-5
system routes 29-30
traffic sharing 29-32
unequal-cost load balancing 29-31
Immediate-Leave, IGMP 18-4
Intelligence Engine 2100 Series CNS Agents
interaction modes, CMS 3-25
interface
number 9-7
range macros 9-11
interface command 9-7
interface configuration mode 2-2
interfaces
configuration guidelines 9-14
configuring 9-7
configuring duplex mode 9-14
configuring speed 9-14
counters, clearing 9-19
described 9-17
descriptive name, adding 9-17
displaying information about 9-18
flow control 9-15
management 1-6
monitoring 9-18
naming 9-17
interfaces (continued)
physical, identifying 9-7
range of 9-9
restarting 9-20
shutting down 9-20
supported 9-7
types of 9-1
interfaces range macro command 9-11
Interior Gateway Protocol
Interior Gateway Routing Protocol
interior routes, IGRP 29-30
Internet Control Message Protocol
Internet Group Management Protocol
Inter-Switch Link
inventory, cluster 6-26
IOS File System
ip access-group command 26-21
IP ACLs
applying to an interface 26-19
extended, creating 26-11
for QoS classification 27-7
implicit deny 26-10, 26-14, 26-16
implicit masks 26-10
logging 26-16
named 26-15
standard, creating 26-9
undefined 26-21
virtual terminal lines, setting on 26-19
IP addresses
classes of 29-5
cluster access 6-2
command switch 6-3, 6-15, 6-17
default configuration 29-4
for IP routing 29-4
MAC address association 29-10
monitoring 29-21
redundant clusters 6-15
standby command switch 6-15, 6-17
IP broadcast address 29-20
ip cef command 29-53
IP directed broadcasts 29-17
ip igmp profile command 18-20
IP information
assigned
manually 4-10
through DHCP-based autoconfiguration 4-3
default configuration 4-3
IP multicast routing
addresses
all-hosts 31-1
all-multicast-routers 31-1
all-PIM-routers 31-10
Cisco-RP-Announce 31-8
Cisco-RP-Discovery 31-8
host group address range 31-1
administratively-scoped boundaries, described 31-42
Auto-RP
adding to an existing sparse-mode cloud 31-19
benefits of 31-18
clearing the cache 31-58
configuration guidelines 31-15
IOS release 31-5
overview 31-8
IP multicast routing (continued)
Auto-RP (continued)
preventing candidate RP spoofing 31-21
preventing join messages to false RPs 31-20
setting up in a new internetwork 31-19
using with BSR 31-27
bootstrap router
configuration guidelines 31-15
configuring candidate BSRs 31-25
configuring candidate RPs 31-26
defining the IP multicast boundary 31-24
defining the PIM domain border 31-22
IOS release 31-5
overview 31-8
using with Auto-RP 31-27
Cisco implementation 31-2
configuring
basic multicast routing 31-15
IP multicast boundary 31-42
TTL threshold 31-40
default configuration 31-13
enabling
multicast forwarding 31-15
PIM mode 31-16
group-to-RP mappings
Auto-RP 31-8
BSR 31-8
MBONE
deleting sdr cache entries 31-58
described 31-39
displaying sdr cache 31-59
enabling sdr listener support 31-39
limiting DVMRP routes advertised 31-53
limiting sdr cache entry lifetime 31-39
SAP packets for conference session announcement 31-39
Session Directory (sdr) tool, described 31-39
IP multicast routing (continued)
monitoring
packet rate loss 31-59
peering devices 31-59
tracing a path 31-59
multicast forwarding, described 31-9
PIMv1 and PIMv2 interoperability 31-14
protocol interaction 31-2
reverse path check (RPF) 31-9
routing table
deleting 31-58
displaying 31-58
RP
assigning manually 31-17
configuring Auto-RP 31-18
configuring PIMv2 BSR 31-22
monitoring mapping information 31-27
using Auto-RP and BSR 31-27
statistics, displaying system and network 31-58
TTL thresholds, described 31-40
IP phone
calls 12-1
configuring 12-3
IP precedence 27-2
IP-precedence-to-DSCP map for QoS 27-40
IP protocols
in ACLs 26-12
routing 1-5
IP routes, monitoring 29-64
IP routing
connecting interfaces with 9-6
enabling 29-24
IP traceroute
executing 34-13
overview 34-13
IP unicast routing
address resolution 29-10
administrative distances 29-56, 29-62
ARP 29-10
assigning IP addresses to Layer 3 interfaces 29-6
authentication keys 29-63
broadcast
address 29-20
flooding 29-20
packets 29-17
storms 29-17
classless routing 29-8
configuring static routes 29-55
default
addressing configuration 29-4
gateways 29-15
networks 29-56
routes 29-56
routing 29-2
directed broadcasts 29-17
dynamic routing 29-2
enabling 29-24
EtherChannel Layer 3 interface 29-3
IGP 29-35
inter-VLAN 29-2
IP addressing
classes 29-5
configuring 29-4
IRDP 29-15
Layer 3 interfaces 29-3
MAC address and IP address 29-10
passive interfaces 29-61
protocols
distance-vector 29-2
dynamic 29-2
link-state 29-2
proxy ARP 29-10
IP unicast routing (continued)
redistribution 29-57
reverse address resolution 29-10
routed ports 29-3
static routing 29-2
steps to configure 29-3
subnet mask 29-5
subnet zero 29-8
supernet 29-8
UDP 29-19
with SVIs 29-3
ip unreachables command 26-6
IRDP
configuring 29-16
definition 29-15
support for 1-5
ISL
and trunk ports 9-3
trunking with 802.1 tunneling 13-4
trunk mode 3-9
J
Java plug-in configuration 3-1, 6-1
join messages, IGMP 18-2
L
l2protocol-tunnel command 13-10
Layer 2 frames, classification with CoS 27-2
Layer 2 interfaces, default configuration 9-13
Layer 2 protocol tunneling
configuring 13-9
default configuration 13-9
defined 13-7
guidelines 13-10
Layer 2 trunks 10-18
Layer 3 features 1-5
Layer 3 interfaces
assigning IP addresses to 29-6
changing from Layer 2 mode 29-6
types of 29-3
Layer 3 packets, classification methods 27-2
LDAP 5-2
leave processing, IGMP 18-9
LEDs
port 3-8
port modes 3-8
RPS 3-7
legend, CMS icons and labels 3-19
lightweight directory access protocol
line configuration mode 2-2
link icons, Topology view 3-12
link labels 3-12
link pop-up menu, Topology view 3-22
links, unidirectional 21-1
link state advertisements (LSAs) 29-39
link-state protocols 29-2
lists, CMS 3-28
load balancing, IGRP 29-31
logging messages, ACL 26-10
login authentication
with RADIUS 7-23
with TACACS+ 7-14
login banners 7-50
log messages
long-distance, high-bandwidth transport configuration example 1-17
Long-Reach Ethernet (LRE) technology 1-9
loop guard
described 16-13
enabling 16-20
support for 1-3
LRE profiles
considerations in switch clusters 6-20
M
mac access-group command 26-28
MAC ACLs and Layer 2 interfaces 26-28
MAC addresses
aging time 7-54
and VLAN association 7-53
building the address table 7-53
default configuration 7-54
displaying 7-58
dynamic
learning 7-53
removing 7-55
in ACLs 26-26
IP address association 29-10
static
adding 7-57
characteristics of 7-57
removing 7-57
MAC address multicast entries, monitoring 18-10
MAC address-to-VLAN mapping 10-30
MAC extended access lists 26-26, 27-4, 27-29
MAN
CWDM configuration example 1-17
long-distance, high-bandwidth transport configuration example 1-17
manageability features 1-2
management options
benefits
clustering 1-7
CMS 1-7
CLI 2-1
CMS 3-1
CNS 5-1
overview 1-6
management VLAN
discovery through different management VLANs 6-10
discovery through same management VLAN 6-9
mapping tables for QoS
configuring
CoS-to-DSCP 27-39
CoS-to-egress-queue 27-45
DSCP 27-39
DSCP-to-CoS 27-42
DSCP-to-DSCP-mutation 27-43
DSCP-to-threshold 27-47
IP-precedence-to-DSCP 27-40
policed-DSCP 27-41
described 27-11
marking
action in policy map 27-32
action with aggregate policers 27-37
matching, ACLs 26-8
maximum aging time
MSTP 15-21
STP 14-19
maximum hop count, MSTP 15-21
maximum-paths command 29-54
membership mode, VLAN port 3-9, 10-3
member switch
adding 6-22
automatic discovery 6-5
defined 6-2
managing 6-27
passwords 6-17
recovering from lost connectivity 34-10
requirements 6-4
See also candidate switch, cluster standby group, and standby command switch
memory, optimizing 7-58
menu bar
described 3-14
variations 3-14
messages
logging ACL violations 26-16
system 3-18
to users through banners 7-50
metric translations, between routing protocols 29-60
metropolitan-area networks
metro tags 13-2
MIBs
accessing files with FTP A-2
location of files A-2
overview 25-1
SNMP interaction with 25-3
supported A-1
minimum-reserve levels
assigning to a queue 27-15, 27-53
configuring the buffer size 27-16, 27-53
default size 27-15
mini-point-of-presence
mirroring traffic for analysis 22-1
mismatches, autonegotiation 34-10
Mode button 3-8
modes
access to CMS 3-30
port 3-8
VLAN port membership 3-9
Modify button 3-28
modules, GBIC
1000BASE-LX/LH 1-10
1000BASE-SX 1-10
1000BASE-T 1-10
1000BASE-ZX 1-10
CWDM 1-17
GigaStack 1-9
monitoring
802.1Q tunneling 13-11
access groups 26-41
ACL
configuration 26-41
configuration conflicts 26-44
fit in hardware 26-46
information 26-41
cables for unidirectional links 21-1
CDP 20-5
CEF 29-54
EIGRP 29-51
fallback bridging 33-12
features 1-6
HSRP 30-10
IGMP
filters 18-24
snooping 18-9
interfaces 9-18
IP
address tables 29-21
multicast routing 31-57
routes 29-64
Layer 2 protocol tunneling 13-11
MSDP peers 32-19
multicast router interfaces 18-10
MVR 18-18
monitoring (continued)
network traffic for analysis with probe 22-1
OSPF 29-44
port
blocking 19-13
protection 19-13
RP mapping information 31-27
source-active messages 32-19
speed and duplex mode 9-15
traffic flowing among switches 23-1
traffic suppression 19-13
tunneling 13-11
VLAN
filters 26-43
maps 26-43
VLANs 10-15
VMPS 10-36
VTP 11-16
MSDP
and dense-mode regions
sending SA messages to 32-17
specifying the originating address 32-18
benefits of 32-3
clearing MSDP connections and statistics 32-19
controlling source information
forwarded by switch 32-12
originated by switch 32-8
received by switch 32-14
default configuration 32-4
filtering
incoming SA messages 32-14
SA messages to a peer 32-12
SA requests from a peer 32-11
join latency, defined 32-6
meshed groups
configuring 32-16
defined 32-16
originating address, changing 32-18
overview 32-1
MSDP (continued)
peer-RPF flooding 32-2
peers
configuring a default 32-4
monitoring 32-19
peering relationship, overview 32-1
requesting source information from 32-8
shutting down 32-16
source-active messages
caching 32-6
clearing cache entries 32-19
defined 32-2
filtering from a peer 32-11
filtering incoming 32-14
filtering to a peer 32-12
limiting data with TTL 32-14
monitoring 32-19
restricting advertised sources 32-9
MSTP
boundary ports
configuration guidelines 15-12
described 15-10
BPDU filtering
described 16-3
enabling 16-16
BPDU guard
described 16-3
enabling 16-15
CIST, described 15-8
configuration guidelines 15-12
configuring
forward-delay time 15-20
hello time 15-19
link type for rapid convergence 15-22
maximum aging time 15-21
maximum hop count 15-21
MST region 15-13
path cost 15-18
port priority 15-17
MSTP (continued)
configuring (continued)
root switch 15-14
secondary root switch 15-16
switch priority 15-19
CST
defined 15-8
operations between regions 15-9
default configuration 15-12
default optional feature configuration 16-14
displaying status 15-23
enabling the mode 15-13
extended system ID
affects on root switch 15-14
affects on secondary root switch 15-16
unexpected behavior 15-14
interface state, blocking to forwarding 16-2
interoperability with 802.1D
described 15-11
restarting migration process 15-22
IST
defined 15-8
master 15-8
operations within a region 15-8
loop guard
described 16-13
enabling 16-20
mapping VLANs to MST instance 15-13
MST region
CIST 15-8
configuring 15-13
described 15-7
hop-count mechanism 15-10
IST 15-8
supported spanning-tree instances 15-7
optional features supported 1-3
overview 15-7
MSTP (continued)Port Fast
described 16-2
enabling 16-14
preventing root switch selection 16-12
root guard
described 16-12
enabling 16-19
root switch
affects of extended system ID 15-14
configuring 15-14
unexpected behavior 15-14
shutdown Port Fast-enabled port 16-3
multicast groups
and IGMP snooping 18-5
Immediate Leave 18-4
joining 18-2
leaving 18-4
static joins 18-8
multicast packets
ACLs on 26-40
blocking 19-6
multicast router interfaces, monitoring 18-10
multicast router ports, adding 18-7
Multicast Source Discovery Protocol
multicast storm-control command 19-3
multicast storms 19-1
Multicast VLAN Registration
Multilink Decomposer window 3-22
multilink icon 3-22
Multiple Spanning Tree Protocol
MVR
configuring interfaces 18-16
default configuration 18-15
described 18-12
modes 18-16
monitoring 18-18
setting global parameters 18-15
support for 1-2
N
named IP ACLs 26-15
NameSpace Mapper
native VLAN
and 802.1Q tunneling 13-4
configuring 10-25
default 10-25
negotiate trunk mode 3-9
neighbor discovery/recovery, EIGRP 29-46
neighboring devices, types of 3-11
network configuration examples
increasing network performance 1-8
large network 1-14
long-distance, high-bandwidth transport 1-17
providing network services 1-9
small to medium-sized network 1-12
network design
performance 1-8
services 1-9
network management
CDP 20-1
RMON 23-1
SNMP 25-1
Network Time Protocol
no commands 2-4
non-IP traffic filtering 26-26
nontrunking mode 10-19
normal-range VLANs
configuration modes 10-6
defined 10-1
no switchport command 9-5
note, described xxxv
not-so-stubby areas
NSM 5-3
NSSA, OSPF 29-39
NTP
associations
authenticating 7-36
defined 7-34
enabling broadcast messages 7-38
peer 7-37
server 7-37
default configuration 7-36
displaying the configuration 7-42
overview 7-33
restricting access
creating an access group 7-40
disabling NTP services per interface 7-41
source IP address, configuring 7-41
stratum 7-33
support for 1-2
synchronizing devices 7-37
time
services 7-34
synchronizing 7-33
O
OADM modules
OK button 3-28
online help 3-26
Open Shortest Path First
optical add/drop multiplexer modules
optimizing system resources 7-58
options, management 1-6
OSPF
area parameters, configuring 29-39
configuring 29-37
default configuration
metrics 29-41
route 29-41
settings 29-36
described 29-35
interface parameters, configuring 29-38
LSA group pacing 29-43
monitoring 29-44
router IDs 29-43
route summarization 29-41
support for 1-5
virtual links 29-41
out-of-profile markdown 1-5
output interface, getting information about 34-17
overheating indication, switch 3-5
P
packet modification, with QoS 27-17
PAgP
parallel paths, in routing tables 29-54
passive interfaces
configuring 29-61
OSPF 29-42
passwords
default configuration 7-3
disabling recovery of 7-5
encrypting 7-4
for security 1-4
passwords (continued)in CMS 3-29
overview 7-1
recovery of 34-3
setting
enable 7-3
enable secret 7-4
Telnet 7-6
with usernames 7-7
VTP domain 11-8
path cost
MSTP 15-18
STP 14-16
PC (passive command switch) 6-14, 6-24
performance, network design 1-8
performance features 1-2
per-VLAN Spanning Tree (PVST) 14-2
per-VLAN Spanning Tree+ (PVST+) 14-8
physical ports 9-2
PIM
default configuration 31-13
dense mode
(S,G) notation 31-6
graft messages 31-6
overview 31-5
pruning and SPT 31-5
rendezvous point (RP), described 31-7
RPF lookups 31-10
displaying neighbors 31-59
enabling a mode 31-16
neighbor discovery and adjacencies 31-10
overview 31-5
router-query message interval, modifying 31-30
shared tree and source tree, overview 31-28
shortest path tree, delaying the use of 31-29
PIM (continued)sparse mode
(*,G) notation 31-7
join messages and shared tree 31-7
overview 31-7
prune messages 31-8
RPF lookups 31-10
support for 1-5
versions
interoperability 31-14
supported 31-5
troubleshooting interoperability problems 31-28
v2 improvements 31-5
PIM-DVMRP, as snooping method 18-6
ping
character output description 34-12
executing 34-12
overview 34-11
planning considerations, switch clusters
LRE profiles 6-20
switch-specific features 6-20
poison-reverse updates, IGRP 29-31
policed-DSCP map for QoS 27-41
policers
configuring
for each matched traffic class 27-32
for more than one traffic class 27-37
described 27-3
displaying 27-56
types of 27-8
policing
described 27-3
token bucket algorithm 27-8
policy maps for QoS
characteristics of 27-32
configuring 27-32
described 27-7
displaying 27-56
POP 1-15
port ACLs
and voice VLAN 26-4
defined 26-2
limitations 26-4
Port Aggregation Protocol
port-based authentication
authentication server
defined 8-2
RADIUS server 8-2
client, defined 8-2
configuration guidelines 8-7
configuring
manual re-authentication of a client 8-11
quiet period 8-11
RADIUS server 8-10
RADIUS server parameters on the switch 8-9
switch-to-client frame-retransmission number 8-13
switch-to-client retransmission time 8-12
default configuration 8-6
described 8-1
device roles 8-2
displaying statistics 8-14
EAPOL-start frame 8-3
EAP-request/identity frame 8-3
EAP-response/identity frame 8-3
enabling
802.1X authentication 8-8
periodic re-authentication 8-10
encapsulation 8-2
initiation and message exchange 8-3
method lists 8-8
ports
authorization state and dot1x port-control command 8-4
authorized and unauthorized 8-4
resetting to default values 8-14
port-based authentication (continued)
switch
as proxy 8-2
RADIUS client 8-2
topologies, supported 8-4
port-channel
Port Fast
described 16-2
enabling 16-14
mode, spanning tree 10-33
support for 1-3
port icons, Front Panel view 3-6
port LEDs 3-8
DUPLX 3-8
port modes 3-8
SPEED 3-8
STAT 3-8
port membership modes, VLAN 3-9, 10-3
port modes
described 3-8
LEDs 3-8
port pop-up menu, Front Panel view 3-21
port priority
MSTP 15-17
STP 14-15
ports
802.1Q trunk 3-9
802.1Q tunnel 10-3
access 9-2
blocking 19-6
forwarding, resuming 19-7
ISL trunk 3-9
negotiate trunk 3-9
protected 19-5
routed 9-5
secure 19-8
ports (continued)
static-access 3-9, 10-3, 10-11
switch 9-2
VLAN assignments 10-11
port security
aging 19-11
configuring 19-9
default configuration 19-9
described 19-8
displaying 19-13
violations 19-8
with other features 19-9
port-shutdown response, VMPS 10-30
preferential treatment of traffic
preventing unauthorized access 7-1
priority
HSRP 30-6
overriding CoS 12-5
trusting CoS 12-6
private VLAN edge ports
privileged EXEC mode 2-2
privilege levels
access modes
read-only 3-30
read-write 3-30
changing the default for lines 7-9
CMS 3-30
command switch 6-27
exiting 7-10
logging into 7-10
mapping on member switches 6-27
setting a command with 7-8
protocol-dependent modules, EIGRP 29-47
Protocol-Independent Multicast Protocol
proxy ARP
configuring 29-13
definition 29-10
with IP routing disabled 29-14
pruning, VTP
enabling 11-14
enabling on a port 10-25
examples 11-5
overview 11-4
pruning-eligible list
changing 10-25
for VTP pruning 11-4
VLANs 11-14
publications, related xxxv
PVST 10-2
Q
QoS
basic model 27-3
classification
class maps, described 27-7
defined 27-3
flowchart 27-6
forwarding treatment 27-3
in frames and packets 27-2
MAC ACLs, described 27-4, 27-7
policy maps, described 27-7
port default, described 27-4
trust DSCP, described 27-4
trusted CoS, described 27-4
trust IP precedence, described 27-4
types for IP traffic 27-5
types for non-IP traffic 27-4
QoS (continued)
class maps
configuring 27-30
displaying 27-56
configuration examples
common wiring closet 27-57
distribution layer 27-59
intelligent wiring closet 27-58
configuration guidelines 27-20
configuring
aggregate policers 27-37
default port CoS value 27-24
DSCP maps 27-39
DSCP trust states bordering another domain 27-25
egress queues on 10/100 Ethernet ports 27-51
egress queues on Gigabit-capable Ethernet ports 27-44
IP extended ACLs 27-28
IP standard ACLs 27-27
MAC ACLs 27-29
policy maps 27-32
port trust states within the domain 27-22
default configuration 27-18
displaying statistics 27-56
enabling globally 27-21
flowcharts
classification 27-6
policing and marking 27-10
queueing and scheduling 27-12, 27-15
implicit deny 27-7
mapping tables
CoS-to-DSCP 27-39
CoS-to-egress-queue 27-45
displaying 27-56
DSCP-to-CoS 27-42
DSCP-to-DSCP-mutation 27-43
DSCP-to-threshold 27-47
IP-precedence-to-DSCP 27-40
QoS (continued)
mapping tables (continued)
policed-DSCP 27-41
types of 27-11
marked-down actions 27-35
overview 27-1
packet modification 27-17
policers
described 27-8
displaying 27-56
number of 27-9
types of 27-8
policies, attaching to an interface 27-9
policing
token bucket algorithm 27-8
policy maps
characteristics of 27-32
configuring 27-32
displaying 27-56
queueing, defined 27-3
queues
CoS-to-egress-queue map 27-45
for 10/100 Ethernet ports 27-15
high priority (expedite) 27-13, 27-50
minimum-reserve levels 27-53
size ratios 27-46
tail-drop threshold percentages 27-13, 27-47
WRED drop-percentage thresholds 27-13, 27-48
WRR scheduling 27-50
scheduling
allocating bandwidth on 10/100 Ethernet ports 27-54
allocating bandwidth on Gigabit-capable ports 27-50
defined 27-3
support for 1-4
QoS (continued)
tail drop
configuring drop threshold percentages 27-47
described 27-13
trust states 27-4
WRED
configuring drop-percentage thresholds 27-48
described 27-14
WRR scheduling 27-50
quality of service
queries, IGMP 18-3
R
RADIUS
attributes
vendor-proprietary 7-29
vendor-specific 7-28
configuring
accounting 7-27
authentication 7-23
authorization 7-26
communication, global 7-21, 7-28
communication, per-server 7-20, 7-21
multiple UDP ports 7-20
default configuration 7-20
defining AAA server groups 7-24
displaying the configuration 7-30
identifying the server 7-20
in clusters 6-19
limiting the services to the user 7-26
method list, defined 7-19
operation of 7-19
overview 7-18
suggested network environments 7-18
tracking services accessed by user 7-27
Random Early Detection, described 27-14
range
macro 9-11
of interfaces 9-9
Rapid Spanning Tree Protocol
RARP 29-10
rcommand command 6-27
RCP
configuration files
downloading B-17
overview B-16
preparing the server B-16
uploading B-18
image files
deleting old image B-32
downloading B-30
preparing the server B-29
uploading B-32
read-only access mode 3-30
read-write access mode 3-30
reconfirmation interval, VMPS, changing 10-35
recovery procedures 34-1
redundancy
EtherChannel 28-1
features 1-3
HSRP 30-1
STP
backbone 14-9
multidrop backbone 16-5
path cost 10-28
port priority 10-26
redundant clusters
redundant links and UplinkFast 16-17
redundant power system
Refresh button 3-28
reliable transport protocol, EIGRP 29-46
reloading software 4-17
Remote Authentication Dial-In User Service
Remote Copy Protocol
Remote Network Monitoring
resetting a UDLD-shutdown interface 21-4
restricting access
NTP services 7-39
overview 7-1
passwords and privilege levels 7-2
RADIUS 7-17
TACACS+ 7-10
retry count, VMPS, changing 10-36
reverse address resolution 29-10
Reverse Address Resolution Protocol
RFC
1058, RIP 29-25
1112, IP multicast and IGMP 18-2
1157, SNMPv1 25-2
1166, IP addresses 29-5
1253, OSPF 29-35
1305, NTP 7-33
1587, NSSAs 29-35
1757, RMON 23-2
1901, SNMPv2C 25-2
1902 to 1907, SNMPv2 25-2
2236, IP multicast and IGMP 18-2
RIP
advertisements 29-25
authentication 29-28
configuring 29-26
default configuration 29-25
described 29-25
hop counts 29-25
split horizon 29-29
summary addresses 29-29
support for 1-5
RMON
default configuration 23-3
displaying status 23-6
enabling alarms and events 23-3
groups supported 23-2
overview 23-1
statistics
collecting group Ethernet 23-5
collecting group history 23-5
support for 1-6
root guard
described 16-12
enabling 16-19
support for 1-3
root switch
MSTP 15-14
STP 14-12
route calculation timers, OSPF 29-42
routed packets, ACLs on 26-39
routed ports
configuring 29-3
defined 9-5
in switch clusters 6-12
router ACLs 26-2
router ID, OSPF 29-43
route summarization, OSPF 29-41
routing
default 29-2
dynamic 29-2
redistribution of information 29-57
static 29-2
Routing Information Protocol
routing protocol administrative distances 29-56
RSTP
active topology, determining 15-2
BPDU
format 15-5
processing 15-6
configuration guidelines 15-12
designated port, defined 15-2
designated switch, defined 15-2
interoperability with 802.1D
described 15-11
restarting migration process 15-22
topology changes 15-6
overview 15-2
port roles
described 15-2
synchronized 15-4
proposal-agreement handshake process 15-3
rapid convergence
edge ports and Port Fast 15-3
point-to-point links 15-3, 15-22
root ports 15-3
root port, defined 15-2
running configuration, saving 4-10
S
saving changes in CMS 3-31
SC (standby command switch) 6-14, 6-24
scheduled reloads 4-17
SDM
configuring 7-60
described 7-58
templates
number of 7-58
resources used for Fast Ethernet switches 7-59
resources used for Gigabit Ethernet switches 7-59
secure ports, configuring 19-8
secure remote connections 7-32
Secure Shell
security, port 19-8
security features 1-4
sequence numbers in log messages 24-8
server mode, VTP 11-3
service-provider network
DHCP option 82 17-1
MSTP and RSTP 15-1
service-provider networks
and 802.1Q tunneling 13-1
and customer VLANs 13-2
Layer 2 protocols across 13-7
set-request operation 25-3
setup program, failed command switch replacement 34-7, 34-9
severity levels, defining in system messages 24-8
show access-lists hw-summary command 26-7
show cdp traffic command 20-5
show cluster members command 6-27
show configuration command 9-17
show fm command 26-44
show forward command 34-16
show interfaces command 9-15, 9-17
show l2protocol command 13-11
show mac access-group command 26-28
show running-config command
displaying ACLs 26-20, 26-30, 26-33
interface description in 9-17
show tcam command 26-44
shutdown command on interfaces 9-20
shutdown threshold for Layer 2 protocol packets 13-9
Simple Network Management Protocol
SNAP 20-1
SNMP
accessing MIB variables with 25-3
agent
described 25-3
disabling 25-5
community strings
configuring 25-5
for cluster switches 25-3
overview 25-3
configuration examples 25-10
default configuration 25-4
in-band management 1-2
in clusters 6-18
limiting access by TFTP servers 25-9
limiting system log messages to NMS 24-10
managing clusters with 6-28
MIBs
location of A-2
supported A-1
status, displaying 25-10
system contact and location 25-9
trap manager, configuring 25-8
traps
described 25-2
enabling 25-7
enabling MAC address notification 7-55
types of 25-7
versions supported 25-2
snooping, IGMP 18-1
software images
location in Flash B-20
recovery procedures 34-2
scheduling reloads 4-17
tar file format, described B-20
See also downloading and uploading
source addresses, in ACLs 26-12
SPAN
configuration guidelines 22-7
default configuration 22-7
destination ports 22-4
displaying status 22-13
interaction with other features 22-5
monitored ports 22-4
monitoring ports 22-4
received traffic 22-3
sessions
creating 22-8
defined 22-2
limiting source traffic to specific VLANs 22-12
monitoring VLANs 22-11
removing destination (monitoring) ports 22-10
removing source (monitored) ports 22-10
specifying monitored ports 22-8
source ports 22-4
transmitted traffic 22-3
VLAN-based 22-5
spanning tree and native VLANs 10-20
Spanning Tree Protocol
speed, configuring on interfaces 9-14
split horizon
IGRP 29-34
RIP 29-29
SSH
configuring 7-32
crypto software image 7-32
described 7-32
displaying settings 7-32
Stack Membership Discovery Protocol 16-6
Standby Command Configuration window 6-25
standby command switch
considerations 6-15
defined 6-2
priority 6-14
requirements 6-3
virtual IP address 6-15
See also cluster standby group and HSRP
standby group, cluster
See cluster standby group and HSRP
standby ip command 30-4
standby router 30-1
standby timers, HSRP 30-8
startup configuration
booting
manually 4-13
specific image 4-14
clearing B-19
configuration file
automatically downloading 4-12
specifying the filename 4-13
default boot configuration 4-12
static access mode 3-9
static access ports
assigning to VLAN 10-11
static addresses
static IP routing 1-5
static MAC addressing 1-4
static routes, configuring 29-55
static routing 29-2
static VLAN membership 10-2
statistics
802.1X 8-14
CDP 20-5
interface 9-18
IP multicast routing 31-58
OSPF 29-44
statistics (continued)
QoS ingress and egress 27-56
RMON group Ethernet 23-5
RMON group history 23-5
SNMP input and output 25-10
VTP 11-16
status bar
change notification 3-31
error notification 3-31
storm control
configuring 19-3
described 19-1
displaying 19-13
thresholds 19-1
STP
accelerating root port selection 16-4
BackboneFast
described 16-10
enabling 16-19
BPDU filtering
described 16-3
enabling 16-16
BPDU guard
described 16-3
enabling 16-15
BPDU message exchange 14-2
configuration guidelines 14-11
configuring
forward-delay time 14-18
hello time 14-18
in cascaded stack 14-19
maximum aging time 14-19
path cost 14-16
root switch 14-12
secondary root switch 14-14
switch priority 14-17
STP (continued)
cross-stack UplinkFast
described 16-5
enabling 16-18
default configuration 14-10
default optional feature configuration 16-14
designated port, defined 14-3
designated switch, defined 14-3
detecting indirect link failures 16-10
disabling 14-12
displaying status 14-20
extended system ID
affects on root switch 14-12
affects on the secondary root switch 14-14
overview 14-4
unexpected behavior 14-13
features supported 1-3
inferior BPDU 14-3
interface state, blocking to forwarding 16-2
interface states
blocking 14-7
disabled 14-8
learning 14-7
listening 14-7
overview 14-5
Layer 2 protocol tunneling 13-7
limitations with 802.1Q trunks 14-8
load sharing
overview 10-26
using path costs 10-28
using port priorities 10-26
loop guard
described 16-13
enabling 16-20
multicast addresses, affect of 14-8
optional features supported 1-3
overview 14-2
STP (continued)
Port Fast
described 16-2
enabling 16-14
port priorities 10-27
preventing root switch selection 16-12
redundant connectivity 14-9
root guard
described 16-12
enabling 16-19
root port, defined 14-3
root switch
affects of extended system ID 14-4, 14-12
configuring 14-12
election 14-3
unexpected behavior 14-13
settings in a cascaded stack 14-19
shutdown Port Fast-enabled port 16-3
superior BPDU 14-3
supported number of spanning-tree instances 14-2
timers, described 14-4
UplinkFast
described 16-4
enabling 16-17
VLAN-bridge 14-8
stratum, NTP 7-33
stub areas, OSPF 29-39
subnet mask 29-5
subnet zero 29-8
summer time 7-45
SunNet Manager 1-6
supernet 29-8
SVIs
and IP unicast routing 29-3
and router ACLs 26-3
connecting VLANs 9-6
defined 9-4
routing between VLANs 10-2
switch clustering technology 6-1
switch console port 1-3
switched packets, ACLs on 26-37
switched ports 9-2
switchport block multicast command 19-6
switchport block unicast command 19-6
switchport command 9-12
switchport mode dot1q-tunnel command 13-6
switchport protected command 19-5
switch priority
MSTP 15-19
STP 14-17
switch software features 1-1
switch virtual interface
syslog
system clock
configuring
daylight saving time 7-45
manually 7-43
summer time 7-45
time zones 7-44
displaying the time and date 7-43
overview 7-33
System Database Management
system message logging
default configuration 24-3
defining error message severity levels 24-8
disabling 24-4
displaying the configuration 24-12
enabling 24-4
facility keywords, described 24-12
level keywords, described 24-9
system message logging (continued)
limiting messages 24-10
message format 24-2
overview 24-1
sequence numbers, enabling and disabling 24-8
setting the display destination device 24-4
synchronizing log messages 24-6
syslog facility 1-6
timestamps, enabling and disabling 24-7
UNIX syslog servers
configuring the daemon 24-11
configuring the logging facility 24-11
facilities supported 24-12
system messages on CMS 3-18
system MTU
802.1Q tunneling 13-5
maximums 13-5
system name
default configuration 7-47
default setting 7-47
manual configuration 7-47
system prompt
default setting 7-47
manual configuration 7-48
system resource templates 7-58
system routes, IGRP 29-30
T
tables, CMS 3-28
tabs, CMS 3-28
TAC
inquiries xxxvii
toll-free telephone numbers xxxviii
website xxxviii
TACACS+
accounting, defined 7-11
authentication, defined 7-11
authorization, defined 7-11
configuring
accounting 7-17
authentication key 7-13
authorization 7-16
login authentication 7-14
default configuration 7-13
displaying the configuration 7-17
identifying the server 7-13
in clusters 6-19
limiting the services to the user 7-16
operation of 7-12
overview 7-10
support for 1-4
tracking services accessed by user 7-17
tagged packets
802.1Q 13-3
Layer 2 protocol 13-7
tail drop
described 27-13
support for 1-5
tar files
creating B-6
displaying the contents of B-6
extracting B-7
image file format B-20
TCAMs
ACL regions 26-48
ACLs not loading in 26-46
allocations, monitoring 26-49
monitoring usage 26-48
technical assistance
Cisco.com xxxvii
TAC xxxvii
TAC website xxxviii
toll-free telephone numbers xxxviii
Telnet
number of connections 1-2
setting a password 7-6
templates, system resources 7-58
Terminal Access Controller Access Control System Plus
terminal lines, setting a password 7-6
ternary content addressable memory. See TCAM
TFTP
configuration files
downloading B-11
preparing the server B-10
uploading B-12
configuration files in base directory 4-6
configuring for autoconfiguration 4-5
image files
deleting B-23
downloading B-22
preparing the server B-22
uploading B-24
limiting access by servers 25-9
TFTP server 1-2
threshold, traffic level 19-2
time
time-range command 26-17
time ranges in ACLs 26-17
timestamps in log messages 24-7
time zones 7-44
Token Ring VLANs
support for 10-5
VTP support 11-4
toolbar 3-20
tool tips 3-26
Topology view
Collapse Cluster view 3-10
described 3-9
device labels 3-12
display options 3-13
Expand Cluster view 3-10
icons 3-11
link icons 3-12
link labels 3-12
multilink icon 3-22
neighboring devices 3-11
pop-up menus 3-22
TOS 1-4
traceroute command 34-13
traffic
blocking flooded 19-6
fragmented 26-5
unfragmented 26-5
traffic policing 1-5
traffic suppression 19-1
transparent mode, VTP 11-3, 11-12
trap-door mechanism 4-2
traps
configuring MAC address notification 7-55
configuring managers 25-7
defined 25-2
notification types 25-7
troubleshooting
connectivity problems 34-11
detecting unidirectional links 21-1
determining packet disposition 34-16
displaying crash information 34-17
GBIC security and identification 34-11
troubleshooting (continued)
PIMv1 and PIMv2 interoperability problems 31-28
show forward command 34-16
with CiscoWorks 25-3
with debug commands 34-14
with ping 34-11
with system message logging 24-1
with traceroute 34-13
trunking encapsulation 1-3
trunk ports
configuring 10-22
encapsulation 10-22, 10-27, 10-29
trunks
allowed-VLAN list 10-24
configuring 10-22, 10-27, 10-29
ISL 10-18
load sharing
setting STP path costs 10-28
using STP port priorities 10-26, 10-27
native VLAN for untagged traffic 10-25
parallel 10-28
pruning-eligible list 10-25
to non-DTP device 10-18
understanding 10-18
tunneling
802.1Q 13-1
defined 13-1
Layer 2 protocol 13-7
tunnel ports
802.1Q, configuring 13-6
802.1Q and ACLs 26-3
defined 10-3
routing not supported on 13-5
twisted-pair Ethernet, detecting unidirectional links 21-1
type-of-service
U
UDLD
default configuration 21-3
echoing detection mechanism 21-2
enabling
globally 21-3
per interface 21-4
link-detection mechanism 21-1
neighbor database 21-2
overview 21-1
resetting an interface 21-4
status, displaying 21-5
support for 1-3
UDP, configuring 29-19
unauthorized ports with 802.1X 8-4
unequal-cost load balancing, IGRP 29-31
unicast storm control command 19-3
unicast storms 19-1
unicast traffic, blocking 19-6
UniDirectional Link Detection protocol
UNIX syslog servers
daemon configuration 24-11
facilities supported 24-12
message logging configuration 24-11
unrecognized Type-Length-Value (TLV) support 11-4
upgrading software images
UplinkFast
described 16-4
enabling 16-17
support for 1-3
uploading
configuration files
reasons for B-8
using FTP B-15
using RCP B-18
using TFTP B-12
image files
reasons for B-19
using FTP B-28
using RCP B-32
using TFTP B-24
URLs, Cisco xxxvi
User Datagram Protocol
user EXEC mode 2-2
username-based authentication 7-7
V
verifying changes in CMS 3-31
version-dependent transparent mode 11-4
virtual IP address
cluster standby group 6-15, 6-24
vlan.dat file 10-4
VLAN ACLs
VLAN configuration
at bootup 10-7
saving 10-7
VLAN configuration mode 2-2, 10-6
VLAN database
and startup configuration file 10-7
and VTP 11-1
VLAN configuration saved in 10-7
VLANs saved in 10-4
vlan database command 10-6
vlan dot1q tag native command 13-4
vlan global configuration command 10-6
VLAN management domain 11-2
VLAN Management Policy Server
VLAN map entries, order of 26-30
VLAN maps
applying 26-33
common uses for 26-33
configuration example 26-34
configuration guidelines 26-30
configuring 26-29
creating 26-30
defined 26-2
denying access example 26-35
denying and permitting packets 26-31
displaying 26-43
examples 26-35
support for 1-4
usage 26-5
VLAN membership
confirming 10-35
VLAN Query Protocol (VQP) 10-30
VLANs
adding 10-8
adding to VLAN database 10-8
aging dynamic addresses 14-9
allowed on trunk 10-24
and spanning-tree instances 10-2, 10-6, 10-13
VLANs (continued)
configuration guidelines, normal-range VLANs 10-5
configuration options 10-6
configuring 10-1
configuring IDs 1006 to 4094 10-13
connecting through SVIs 9-6
creating in config-vlan mode 10-9
creating in VLAN configuration mode 10-9
customer numbering in service-provider networks 13-3
default configuration 10-8
deleting 10-10
displaying 10-15
features 1-3
illustrated 10-2
internal 10-13
limiting source traffic with SPAN 22-12
modifying 10-8
monitoring with SPAN 22-11
native, configuring 10-25
number supported 1-3
parameters 10-4
port membership modes 3-9, 10-3
static-access ports 10-11
STP and 802.1Q trunks 14-8
supported 10-2
Token Ring 10-5
traffic between 10-2
VTP modes 11-3
VLAN Trunking Protocol
VLAN trunks 10-18
VMPS
administering 10-36
configuration example 10-37
configuration guidelines 10-33
default configuration 10-33
description 10-30
dynamic port membership
described 10-31
reconfirming 10-35
troubleshooting 10-37
entering server address 10-34
mapping MAC addresses to VLANs 10-30
monitoring 10-36
reconfirmation interval, changing 10-35
reconfirming membership 10-35
retry count, changing 10-36
voice VLAN
Cisco 7960 phone, port connections 12-1
configuration guidelines 12-3
configuring IP phone for data traffic
override CoS of incoming frame 12-5
trust CoS priority of incoming frame 12-6
configuring ports for voice traffic in
802.1P priority tagged frames 12-4
802.1Q frames 12-4
connecting to an IP phone 12-3
default configuration 12-2
described 12-1
displaying 12-6
VQP 1-3
VTP
adding a client to a domain 11-15
and extended-range VLANs 11-1
and normal-range VLANs 11-1
client mode, configuring 11-11
VTP (continued)
configuration
global configuration mode 11-7
guidelines 11-8
privileged EXEC mode 11-7
requirements 11-9
saving 11-7
VLAN configuration mode 11-7
configuration mode options 11-7
configuration requirements 11-9
configuration revision number
guideline 11-15
resetting 11-15
configuring
client mode 11-11
server mode 11-9
transparent mode 11-12
consistency checks 11-4
default configuration 11-6
described 11-1
disabling 11-12
domain names 11-8
domains 11-2
Layer 2 protocol tunneling 13-7
modes
transitions 11-3
monitoring 11-16
passwords 11-8
pruning
disabling 11-14
enabling 11-14
examples 11-5
overview 11-4
support for 1-4
pruning-eligible list, changing 10-25
server mode, configuring 11-9
VTP (continued)
statistics 11-16
support for 1-4
Token Ring support 11-4
transparent mode, configuring 11-12
using 11-1
version, guidelines 11-9
version 1 11-4
version 2
configuration guidelines 11-9
disabling 11-13
enabling 11-13
overview 11-4
W
web-based management software
Weighted Random Early Detection
Weighted Round Robin
weighted round robin, described 27-3
window components, CMS 3-27
X
XMODEM protocol 34-2