-
Catalyst 4500 Series Switch Cisco IOS Command Reference, 12.2(52)SG
-
Quick Links to Catalyst 4500 Series Switch Cisco IOS Commands
-
Index
-
Preface
-
aaa accounting dot1x default start-stop group radius through instance
-
interface port-channel through shape
-
Command-Line Interface
-
show access-group mode interface through show vtp
-
snmp ifindex clear through vtp v2-mode
-
Acronyms and Abbreviations
-
Feedback
Table Of Contents
Symbols - Numerics - A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W -
Index
Symbols
$ matches the end of a string 1-7
( ) in commands 1-11
* matches 0 or more sequences of a pattern 1-7
+ matches 1 or more sequences of a pattern 1-7
. matches any single character 1-7
? command 1-1
? matches 0 or 1 occurrence of a pattern 1-7
^ matches the beginning of a string 1-7
_ matches a comma (,), left brace ({), left parenthesis 1-7
" 1-10
Numerics
10-Gigabit Ethernet uplink
selecting 2-210
802.1Q trunk ports and native VLANs 2-894
802.1Q tunnel ports
configuring 2-836
802.1S Multiple Spanning Tree
802.1X
configuring for multiple hosts 2-167
configuring for single host 2-167
configuring multiple domains 2-167
disabling port control 2-160
enabling port control 2-160
802.1X Critical Authentication
disabling on a port 2-161
disabling on a VLAN 2-164
EAPOL
disabling send success packets 2-162
enabling send success packets 2-162
enabling on a port 2-161
enabling on a VLAN 2-164
returning delay time to default setting 2-163
setting delay time on a port 2-163
802.1X critical authentication
configure parameters 2-25
802.1X critical recovery delay, configuring 2-25
802.1X Port Based Authentication
debugging 802.1X Port Based Authentication 2-111
displaying port based authentication 2-529
enabling accounting for authentication sessions 2-4
enabling authentication on the system 2-178
enabling guest VLAN 2-165
enabling guest VLAN supplicant 2-158, 2-166
enabling manual control of auth state 2-174
enabling periodic re-authentication of the client 2-177
initializing re-authentication of dot1x ports 2-176
initializing state machines 2-169
receive session termination message upon reboot 2-5
setting maximum number for EAP requests 2-172
setting the reauthentication timer 2-179
A
abbreviating commands
context-sensitive help 1-1
Access Gateway Module
connecting to a module 2-22
connecting to a remote module 2-460
connecting to a specific remote module 2-472
access-group
displaying mac interface 2-656
show mode interface 2-405, 2-491, 2-714
access groups
IP 2-6
access lists
clearing an access template 2-74
defining ARP 2-21
displaying ARP information 2-495
See also ACLs, MAC ACLs, and VACLs
access maps
applying with VLAN filter 2-896
access-node-identifier, setting for the switch 2-408
access-policies, applying using host-mode 2-29
ACLs
access-group mode 2-6
balancing hardware regions 2-12
capturing control packets 2-8
determining ACL hardware programming 2-10
disabling hardware statistics 2-205
displaying mac access-group interface 2-656
enabling hardware statisctics 2-205
using ACL naming conventions for MAC ACLs 2-322
action clause
specifying drop or forward action in a VACL 2-13
addresses, configuring a maximum 2-394
adjacency
debugging the adjacency table 2-104
disabling the debug facility 2-104
displaying information about the adjacency table 2-492
displaying IPC table entries 2-104
aggregate policer
displaying information 2-715
aging time
displaying MAC address aging time 2-659
MAC address table 2-325
alarms
displaying operational status 2-537
alternation
description 1-10
anchoring
description 1-10
ancp, show multicast 2-494
ANCP client
port identifier 2-16
remote server 2-17
set router to become 2-18
ARP
access list, displaying detailed information 2-495
defining access-lists 2-21
ARP inspection
enforce certain types of checking 2-228
ARP packet
deny based on DHCP bindings 2-146
permit based on DHCP bindings 2-373
changing the control-direction 2-23
configure actions for events
configuring the actions 2-26
configuring port-control 2-35
enabling reauthentication 2-34
enabling Webauth fallback 2-28
host-mode configuration 2-29
setting priority of methods 2-37
setting the timer 2-39
setting username 2-881
specifying the order of methods 2-32
using an MD5-type encryption method 2-881
verifying MD5 signature 2-883
verifying the checksum for Flash memory 2-883
authentication control-direction command 2-23
authentication critical recovery delay command 2-25
authentication event command 2-26
authentication fallback command 2-28
authentication host-mode 2-29
authentication methods, setting priority 2-37
authentication methods, specifying the order of attempts 2-32
authentication open command 2-31
authentication order command 2-32
authentication periodic command 2-34
authentication port-control command 2-35
authentication priority command 2-37
authentication timer, setting 2-39
authentication timer command 2-39
authentication violation command 2-41
auth fail VLAN
enable on a port 2-159
set max number of attempts 2-158
Auth Manager
configuring
authentication timer 2-39
authorization state
enabling manual control 2-174
authorization state of a controlled port 2-174
automatic installation
displaying status 2-500
automatic medium-dependent interface crossover
Auto-MDIX
disabling 2-353
enabling 2-353
auto-negotiate interface speed
example 2-813
auto-QoS
configuring for VoIP 2-42
displaying configuration 2-501
B
baby giants
displaying the system MTU setting 2-746
setting the maximum Layer 2 payload size 2-861
BackboneFast
displaying debugging messages 2-133
displaying spanning tree status 2-736
enabling debugging 2-133
bandwidth command 2-46
bindings
store for DHCP snooping 2-240
BOOT environment variable
displaying information 2-504
bootflash
displaying information 2-502
BPDUs
debugging spanning tree activities 2-131
bridge protocol data units
broadcast
counters 2-101
broadcast suppression level
C
cable diagnostics
TDR
displaying test results 2-505
testing conditions of copper cables 2-863
call home
displaying information 2-507
e-mailing output 2-54
entering configuration submode 2-49
executing 2-54
manually send test message 2-57
receiving information 2-52
sending alert group message 2-55
submitting information 2-52
call home destination profiles
displaying 2-509
Catalyst 4507R 2-392
CDP
configuring tunneling encapsulation rate 2-309
displaying
neighbor information 2-512
enabling protocol tunneling for 2-304
set drop threshold for 2-307
CEF
displaying next-hop information 2-586
displaying VLAN configuration information 2-586
chassis
displaying
chassis MAC address ranges 2-653
current and peak traffic meter readings 2-653
percentage of backplane utilization 2-653
switching clock failure recovery mode 2-653
circuit-id
setting for an interface 2-410
circuit-id, setting for an interface VLAN range 2-411
cisco-desktop
macro apply 2-332
Cisco Express Forwarding
cisco-phone
macro apply 2-334
cisco-router
macro apply 2-336
cisco-switch
macro apply 2-338
class maps
creating 2-65
defining the match criteria 2-346
clear commands
clearing Gigabit Ethernet interfaces 2-72
clearing IGMP group cache entries 2-81
clearing interface counters 2-67
clearing IP access lists 2-74, 2-75
clearing IP ARP inspection statistics VLAN 2-76
clearing IP DHCP snooping database statistics 2-80
clearing MFIB counters and routes 2-84
clearing MFIB fastdrop entries 2-85
clearing PAgP channel information 2-91
clearing QoS aggregate counters 2-95
clearing VLAN interfaces 2-73
clear energywise neighbors command 2-69
clear nmsp statistics command 2-90
CLI string search
anchoring 1-10
expressions 1-7
filtering 1-6
multiple-character patterns 1-8
multipliers 1-9
parentheses for recall 1-11
searching outputs 1-6
single-character patterns 1-7
using 1-6
command modes
accessing privileged EXEC mode 1-5
exiting 1-5
understanding user EXEC and configuration modes 1-5
condition interface
debugging interface-related activities 2-106
condition vlan
debugging VLAN output 2-109
configuration, saving 1-11
configuring
root as secondary 2-797
configuring a SPAN session to monitor
limit SPAN source traffic 2-358
configuring critical recovery 2-25
configuring forward delay 2-793
configuring root as primary 2-797
CoPP
attaching
policy map to control plane 2-470
displaying
policy-map class information 2-688
entering configuration mode 2-99
removing
service policy from control plane 2-470
CoS
assigning to Layer 2 protocol packets 2-306
CoS QoS default
defining value on an interface 2-436
Cost of Service
counters
clearing interface counters 2-67
critical authentication, configure 802.1X parameters 2-25
critical recovery, configuring 802.1X parameter 2-25
D
DAI
clear statistics 2-76
DBL
displaying qos dbl 2-716
enabling DBL globally on the switch 2-437
debug commands
debugging backup events 2-105
debugging DHCP snooping events 2-116
debugging DHCP snooping messages 2-117
debugging EtherChannel/PAgP/shim 2-112
debugging IPC activity 2-115
debugging IP DHCP snooping security messages 2-118
debugging NVRAM activities 2-122
debugging PAgP activities 2-123
debugging port manager activities 2-126
debugging spanning tree activities 2-131
debugging spanning tree backbonefast 2-133
debugging spanning tree UplinkFast 2-136
debugging supervisor redundancy 2-130
debugging VLAN manager activities 2-137
displaying monitor activity 2-120
displaying the adjacency table 2-104
enabling debug dot1x 2-111
enabling debugging messages for ISL VLAN IDs 2-140
enabling debugging messages for VTP 2-141
enabling debugging of UDLD activity 2-142
enabling switch shim debugging 2-134
enabling VLAN manager file system error tests 2-138
limiting debugging output for VLANs 2-109
limiting interface debugging output 2-106
limiting output for debugging standby state changes 2-107
shortcut to the debug condition interface 2-114
debugging
activity monitoring 2-120
DHCP snooping events 2-116
DHCP snooping packets 2-117
IPC activities 2-115
IP DHCP snooping security packets 2-118
NVRAM activities 2-122
PAgP activities 2-123
PAgP shim 2-112
PM activities 2-126
PPPoE Intermediate Agent 2-128
spanning tree BackboneFast events 2-133
spanning tree switch shim 2-134
spanning tree UplinkFast events 2-136
VLAN manager activities 2-137
VLAN manager IOS file system error tests 2-138
VTP protocol debug messages 2-141
debug nmsp command 2-121
debug spanning tree switch 2-134
debug sw-vlan vtp 2-141
default CoS value 2-436
default form of a command, using 1-6
defining egress DSCP-to-CoS mapping 2-443
DHCP
clearing database statistics 2-80
DHCP bindings
configuring bindings 2-238
deny ARP packet based on matches 2-146
permit ARP packet based on matches 2-373
DHCP snooping
clearing binding entries 2-77
clearing database 2-79
displaying binding table 2-589
displaying configuration information 2-587
displaying status of DHCP database 2-592
displaying status of error detection 2-540
enabling DHCP globally 2-237
enabling IP source guard 2-277
enabling on a VLAN 2-247
enabling option 82 2-242, 2-244
enabling option-82 2-249
enabling rate limiting on an interface 2-245
enabling trust on an interface 2-246
establishing binding configuration 2-238
renew binding database 2-462
store generated bindings 2-240
diagnostic test
bootup packet memory 2-523
displaying attributes 2-517
display module-based results 2-519
running 2-157
show results for TDR 2-505
testing conditions of copper cables 2-863
displaying error disable recovery 2-541
displaying inline power status 2-703
displaying monitoring activity 2-120
displaying PoE policing and monitoring status 2-711
displaying SEEPROM information
GBIC 2-551
displaying SPAN session information 2-745, 2-816
document conventions 1-xx
document organization 1-xix
DoS
CoPP
attaching policy map to control plane 2-470
displaying policy-map class information 2-688
entering configuration mode 2-99
removing service policy from control plane 2-470
entering
CoPP configuration mode 2-99
DOS attack
protecting system's resources 2-223
drop threshold, Layer 2 protocol tunneling 2-307
DSCP rewrite for IP packets
enable 2-447
dual-capable port
selecting a connector 2-355
duplex mode
configuring autonegotiation on an interface 2-181
configuring full duplex on an interface 2-181
configuring half duplex on an interface 2-181
dynamic ARP inspection
preventing 2-223
Dynamic Buffer Limiting
Dynamic Host Configuration Protocol
E
EAP
restarting authentication process 2-172
EIGRP (Enhanced IGRP)
filters
routing updates, preventing 2-370
enabling
debugging for UDLD 2-142
voice VLANs 2-829
enabling open access 2-31
EnergyWise
display power information through queries 2-190
display setting, status of entity and PoE ports 2-533
on an entity
enable, assign to domain, and set password 2-188
on an entity, enable and configure 2-183
on a PoE port
configuring on PoE port 2-185
energywise (global configuration) command 2-183, 2-185
energywise domain command 2-188
EnergyWise neighbor table, deleting 2-69
energywise query command 2-190
environmental
alarms 2-537
displaying information 2-537
status 2-537
temperature 2-537
erase a file 2-194
error disable detection
clearing error disable on an interface 2-70
enabling error disable detection 2-70, 2-197
enabling per-VLAN on BPDU guard 2-197
error-disabled state
displaying 2-570
error disable recovery
configuring recovery mechanism variables 2-199
displaying recovery timer information 2-541
enabling ARP inspection timeout 2-199
specifying recovery cause 2-199
EtherChannel
assigning interfaces to EtherChannel groups 2-58
debugging EtherChannel 2-112
debugging PAgP shim 2-112
debugging spanning tree activities 2-131
displaying information for a channel 2-543
removing interfaces from EtherChannel groups 2-58
EtherChannel guard
detecting STP misconfiguration 2-783
Explicit Host Tracking
clearing the database 2-83
enabling per-VLAN 2-261
expressions
matching multiple expression occurrences 1-9
multiple-character patterns 1-8
multiplying pattern occurrence 1-11
single-character patterns 1-7
Extensible Authentication Protocol
F
fallback profile, specifying 2-28
field replaceable unit (FRU)
displaying status information 2-537
filters
EIGRP
routing updates, preventing 2-370
Flash memory file system
displaying file system information 2-502
verifying checksum 2-883
flow control
configuring a gigabit interface for pause frames 2-202
displaying per-interface statistics for flow control 2-547
G
GBIC
displaying SEEPROM information 2-551
generic-error-message, setting for the switch 2-408
Gigabit Ethernet interface
clearing the hardware logic 2-72
Gigabit Ethernet uplink
selecting 2-210
global configuration mode
using 1-5
H
hardware module
resetting a module by toggling the power 2-207
hardware statistics
disabling 2-205
enabling 2-205
hardware uplink
changing the mode 2-208
selecting the mode 2-210
helper addresses, IP 2-607
hot standby protocol
debugging 2-107
disabling debugging 2-107
limiting output 2-107
I
identifier-string, setting for the switch 2-408
ID mapping, creating an ANCP client 2-16
IDPROMs
displaying SEEPROM information
chassis 2-551
clock module 2-551
fan trays 2-551
module 2-551
mux buffer 2-551
power supplies 2-551
supervisor engine 2-551
ifIndex persistence
clearing SNMP ifIndex commands 2-769
compress SNMP ifIndex table format 2-776
disabling globally 2-775
disabling on an interface 2-771
enabling globally 2-775
enabling on an interface 2-771
IGMP
applying filters for host joining on Layer 2 interfaces 2-251
clearing IGMP group cache entries 2-81
configuring frequency for IGMP host-query messages 2-254
creating an IGMP profile 2-253
displaying IGMP interface configuration information 2-594
displaying profiles 2-596
setting maximum group numbers 2-252
IGMP profiles
displaying 2-596
IGMP snooping
clearing the EHT database 2-83
configuring a Layer 2 interface as a group member 2-267
configuring a Layer 2 interface as a multicast router 2-265
configuring a static VLAN interface 2-267
displaying multicast information 2-603
displaying VLAN information 2-597, 2-601, 2-604
enabling 2-256
enabling immediate-leave processing 2-263
enabling on a VLAN 2-260
enabling per-VLAN Explicit Host Tracking 2-261
informs
enabling 2-773
inline power
displaying inline power status 2-703
In Service Software Upgrade
inspection log
clearing log buffer 2-75
interface
displaying suppressed multicast bytes 2-564
interface capabilities
displaying 2-560
interface configuration mode
summary 1-5
interface link
display cable disconnect time 2-567
interfaces
configuring dot1q tunnel ports 2-836
creating an interface-range macro 2-145
debugging output of interface related activities 2-106
displaying description 2-566
displaying error-disabled state 2-570
displaying information when tunneling is enabled 2-647
displaying status 2-566
displaying traffic for a specific interface 2-557
entering interface configuration mode 2-215
executing a command on multiple ports in a range 2-218
selecting an interface to configure 2-215
setting a CoS value for Layer 2 packets 2-306
setting drop threshold for Layer 2 packets 2-307
setting the interface type 2-836
interface speed
configuring interface speed 2-811
interface transceiver
displaying diagnostic data 2-574
internal VLAN allocation
configuring 2-897
default setting 2-897
displaying allocation information 2-758
Internet Group Management Protocol
IP address of remote ANCP server, setting 2-17
IP ARP
applying ARP ACL to VLAN 2-221
clearing inspection statistics 2-76
clearing status of log buffer 2-75
controlling packet logging 2-232
enabling dynamic inspection 2-230
limit rate of incoming requests 2-223
set per-port config trust state 2-227
showing status of dynamic ARP inspection 2-581
showing status of log buffer 2-584
IPC
debugging IPC activities 2-115
IP DHCP Snooping
IP header validation
disabling 2-276
enabling 2-276
IP interfaces
displaying usability status 2-606
IP multicast
displaying multicast routing table information 2-612
IP packets
enable DSCP rewrite 2-447
IP phone and standard desktop
enabling Cisco-recommended features 2-334
IP Port Security
enabling 2-277
IP source binding
adding or deleting 2-273
displaying bindingstagging 2-617
IP source guard
debugging messages 2-118
displaying configuration and filters 2-618
enabling on DHCP snooping 2-277
IPv6 MLD
configuring queries 2-283, 2-285
configuring snooping last-listener-query-intervals 2-285
configuring snooping listener-message-suppression 2-287
configuring snooping robustness-variables 2-288
configuring tcn topology change notifications 2-290
counting snooping last-listener-queries 2-283
displaying information 2-623
displaying ports for a switch or VLAN 2-625
displaying querier information 2-626
enabling snooping 2-281
enabling snooping on a VLAN 2-291
ISSU
canceling process 2-293
configuring rollback timer 2-303
displaying capability 2-628
displaying client information 2-630
displaying compatibility matrix 2-632
displaying endpoint information 2-637
displaying entities 2-638
displaying FSM session 2-639
displaying messages 2-640
displaying negotiated 2-642
displaying rollback-timer 2-643
displaying session information 2-644
displaying software version 2-645
displaying state 2-645
forcing switchover to standby supervisor engine 2-301
loading new image 2-297
starting process 2-299
stopping rollback timer 2-295
J
Jumbo frames
enabling jumbo frames 2-364
L
LACP
deselecting channeling protocol 2-60
enabling LACP on an interface 2-60
setting channeling protocol 2-60
Layer 2
displaying ACL configuration 2-656
Layer 2 interface type
specifying a nontrunking, nontagged single VLAN interface 2-836
specifying a trunking VLAN interface 2-836
Layer 2 protocol ports
displaying 2-647
Layer 2 protocol tunneling error recovery 2-309
Layer 2 switching
enabling voice VLANs 2-829
modifying switching characteristics 2-829
Layer 2 traceroute
IP addresses 2-868
Layer 3 switching
displaying information about an adjacency table 2-492
displaying port status 2-572
displaying status of native VLAN tagging 2-572
link-status event messages
disabling
enabling
lldp run command 2-313
log buffer
show status 2-584
logging
controlling IP ARP packets 2-232
M
MAB, display information 2-653
MAB, enable and configure 2-320
mab command 2-320
MAC Access Control Lists
MAC ACLs
defining extended MAC access list 2-322
displaying MAC ACL information 2-755
naming an ACL 2-322
MAC address filtering
configuring 2-331
disabling 2-331
enabling 2-331
MAC address table
adding static entries 2-343
clearing dynamic entries 2-87, 2-89
configuring aging time 2-325
displaying dynamic table entry information 2-663
displaying entry count 2-661
displaying information 2-657
displaying interface-based information 2-665
displaying multicast information 2-667
displaying notification information 2-669
displaying protocol-based information 2-671
displaying static table entry information 2-673
displaying the MAC address aging time 2-659
displaying VLAN-based information 2-676
enabling authentication bypass 2-170
enabling notifications 2-329
learning in the protocol buckets 2-326
removing static entries 2-343
MAC address tables
adding static entries 2-331
deleting secure or specific addresses 2-92
disabling IGMP snooping on static MAC addresses 2-331
removing static entries 2-331
mac-address-table static 2-331
MAC address unicast filtering
dropping unicast traffic 2-331
MAC authentication bypass (MAB), display information 2-653
MAC authorization bypass(MAB), enable and configure 2-320
macro
displaying descriptions 2-342
macro keywords
help strings 2-2
macros
adding a global description 2-342
cisco global 2-340
system-cpp 2-341
mapping secondary VLANs to MST instance 2-424
mapping VLAN(s) to an MST instance 2-212
match (class-map configuration) command 2-14, 2-148, 2-150, 2-152, 2-154, 2-346, 2-817, 2-819, 2-821, 2-823, 2-827
maximum transmission unit (MTU)
displaying the system MTU setting 2-746
setting the maximum Layer 2 payload size 2-861
MD5
verifying MD5 signature 2-883
message digest 5
MFIB
clearing ip mfib counters 2-84
clearing ip mfib fastdrop 2-85
displaying all active MFIB routes 2-609
displaying MFIB fastdrop table entries 2-611
enabling IP MFIB fastdrops 2-270
MLD
configuring snooping last-listener-query-intervals 2-285
configuring snooping listener-message-suppression 2-287
configuring snooping robustness-variables 2-288
configuring topology change notifications 2-290
counting snooping last-listener-queries 2-283
enabling snooping 2-281
enabling snooping on a VLAN 2-291
MLD snooping
displaying 2-626
modes
access-group 2-6
show access-group interface 2-405, 2-491, 2-714
switching between PVST+, MST, and Rapid PVST 2-788
module password clearing 2-71
module reset
resetting a module by toggling the power 2-207
--More-- prompt
filter 1-6
search 1-7
MST
designating the primary and secondary root 2-797
displaying MST protocol information 2-741
displaying region configuration information 2-741
displaying spanning tree information 2-741
entering MST configuration submode 2-791
setting configuration revision number 2-464
setting path cost and port priority for instances 2-789
setting the forward delay timer for all instances 2-793
setting the hello-time delay timer for all instances 2-794
setting the max-age timer for all instances 2-795
setting the MST region name 2-365
specifying the maximum number of hops 2-796
switching between PVST+ and Rapid PVST 2-788
using the MST configuration submode revision command 2-464
using the submode name command 2-365
MTU
displaying global MTU settings 2-746
multi-auth, setting 2-29
Multicase Listener Discovery
multicast
counters 2-101
enabling storm control 2-816
show ancp 2-494
multicast/unicast packets
prevent forwarding 2-835
Multicast Forwarding Information Base
multi-domain, setting 2-29
multiple-character patterns 1-8
Multiple Spanning Tree
N
native VLAN
controlling tagging of traffic 2-856
displaying ports eligible for native tagging 2-757
displaying ports eligible for tagging 2-757
enabling tagging on 802.1Q trunk ports 2-894
specifing the tagging of traffic 2-857
NetFlow
enabling NetFlow statistics 2-271
including infer fields in routing statistics 2-271
next-hop
displaying CEF VLAN information 2-586
nmsp attachment suppress command 2-367
nmsp command 2-366
no form of a command, using 1-6
NVRAM
debugging NVRAM activities 2-122
O
open access on a port, enabling 2-31
output
pattern searches 1-7
P
packet counters (statistics)
clear for PPPoE Intermediate Agent 2-94
packet counters, display for PPPoE Intermediate Agent 2-712
packet forwarding
prevent unknown packets 2-835
packet memory failure
direct switch action upon detection 2-156
packet memory test
bootup, displaying results 2-523, 2-525
ongoing, displaying results 2-527
PACL
access-group mode 2-6
paging prompt
PAgP
clearing port channel information 2-91
debugging PAgP activity 2-123
deselecting channeling protocol 2-60
displaying port channel information 2-685
hot standby mode
returning to defaults 2-369
selecting ports 2-369
input interface of incoming packets
learning 2-368
returning to defaults 2-368
setting channeling protocol 2-60
parentheses 1-11
password
clearing on an intelligent line module 2-71
establishing enhanced password security 2-881
setting username 2-881
PBR
redistributing route maps 1-xx
PM activities
debugging 2-126
disabling debugging 2-126
PoE policing
configure on an interface 2-400
PoE policing and monitoring
displaying status 2-711
police (percent) command 2-380
police (two rates) command 2-382, 2-384
police command 2-375
policing, configure PoE 2-400
policing and monitoring status
displaying PoE 2-711
Policy Based Routing
policy maps
creating 2-388
marking 2-474
See also QoS, hierarchical policies
traffic classification
defining trust states 2-871
port, dual-capable
selecting the connector 2-355
Port Aggregation Protocol
port-based authentication
displaying debug messages 2-111
displaying statistics and status 2-529
enabling 802.1X 2-174
host modes 2-167
manual control of authorization state 2-174
periodic re-authentication
enabling 2-177
re-authenticating 802.1X-enabled ports 2-176
switch-to-client frame-retransmission number 2-172
port channel
accessing 2-217
creating 2-217
displaying information 2-685
load distribution method
resetting to defaults 2-390
setting 2-390
port control, changing from unidirectional or bidirectional 2-23
port-control value, configuring 2-35
port range
executing 2-218
port security
debugging ports security 2-127
deleting secure or specific addresses 2-92
displaying settings for an interface or switch 2-696
enabling 2-841
filter source IP and MAC addresses 2-277
setting action upon security violation 2-841
setting the rate limit for bad packets 2-841
sticky port 2-841
Port Trust Device
displaying 2-717
power status
displaying inline power 2-703
displaying power status 2-703
power supply
configuring combined and redundant power on the Catalyst 4507R 2-392
configuring inline power 2-397
configuring power consumption 2-392
displaying the SEEPROM 2-551
setting inline power state 2-396
PPPoE Discovery
enable vendor-tag stripping on packetsPPPoE Server
enable vendor-tag stripping on Discovery packets 2-414
PPPoE Discovery packets, limit rate arriving on an interfsce 2-412
PPPoE Intermediate Agent
clear statistics (packet counters) 2-94
debugging 2-128
pppoe intermediate-agent
enable intermediate agent on a switch 2-404
enable on an interface VLAN range 2-407
enable PPPoE Intermediate Agent on an interface 2-405
enable vendor-tag stripping of Discovery packets 2-414
format-type (global) 2-408
limit rate of PPPoE Discovery packets 2-412
set circuit-id or remote-id for an interface 2-410
set circuit-id or remote-id for an interface VLAN range 2-411
set trust configuration on an interface 2-412, 2-413
PPPoE Intermediate Agent, display configuration and statistics (packet counters) 2-712
priority command 2-415
priority-queue command 2-102
Private VLAN
privileged EXEC mode, summary 1-5
prompts
system 1-5
protocol tunneling
configuring encapsulation rate 2-309
disabling 2-304
displaying port information 2-647
enabling 2-304
setting a CoS value for Layer 2 packets 2-306
setting a drop threshold for Layer 2 packets 2-307
PVLANs
configuring isolated, primary, and community PVLANs 2-417
controlling tagging of native VLAN traffic 2-856
disabling sticky-ARP 2-274
displaying map information for VLAN SVIs 2-569
displaying PVLAN information 2-760
enabling interface configuration mode 2-836
enabling sticky-ARP 2-274
mapping VLANs to the same SVI 2-421
specifying host ports 2-836
specifying promiscuous ports 2-836
PVST+
switching between PVST and MST 2-788
Q
QoS
account Layer 2 encapsulation 2-429
attaching a policy-map to an interface 2-465
automatic configuration 2-42
class maps
creating 2-65
defining the match criteria 2-346
clearing aggregate counters 2-95
configuring auto 2-42
defining a named aggregate policer 2-431
defining default CoS value 2-436
defining ingress CoS-to-DSCP mapping 2-441
displaying aggregate policer information 2-715
displaying auto configuration 2-501
displaying class maps information 2-515
displaying configuration information 2-501
displaying configurations of policies 2-691
displaying policy map information 2-687, 2-694
displaying QoS information 2-714
displaying QoS map information 2-719
egress queue-sets
enabling the priority queue 2-102
enabling global configuration mode 2-427
enabling on control packets 2-434
enabling per-VLAN QoS for a Layer 2 interface 2-450
enabling QoS on an interface 2-428
hierarchical policies
average-rate traffic shaping on a class 2-487
bandwidth allocation for a class 2-46, 2-64
creating a service policy 2-468
marking 2-474
strict priority queueing (LLQ) 2-415
mapping DSCP values to transmit queues 2-443
mapping egress DSCP-to-CoS 2-443
mapping the DSCP-to-CoS value 2-443
policy maps
creating 2-388
marking 2-474
trust states 2-871
setting the mapping of policed DSCP values 2-445
setting the trust state 2-448
specifying flow-based match criteria 2-349
Supervisor Engine 6-E
setting CoS 2-476
setting DSCP 2-479
setting precedence values 2-482
setting QoS group identifiers 2-485
QoS CoS
configuring for tunneled Layer 2 protocol packets 2-306
defining default CoS value 2-436
qos dbl 2-437
quality of service
question command 1-1
queueing information
displaying 2-717
queue limiting
configuring packet limits 2-452
R
Rapid PVST
switching between PVST and MST 2-788
re-authenticating 802.1X-enabled ports 2-176
re-authentication
periodic 2-177
set the time 2-179
reauthentication, enabling 2-34
reboots
restoring bindings across 2-238
redundancy
accessing the main CPU 2-454
changing from active to standby supervisor engine 2-458
displaying information 2-721
displaying ISSU config-sync failure information 2-725
displaying redundancy facility information 2-721
displaying RF client list 2-721
displaying RF operational counters 2-721
displaying RF states 2-721
enabling automatic synchronization 2-45
forcing switchover to standby supervisor engine 2-458
mismatched command listing 2-456
set the mode 2-356
synchronizing the route processor configurations 2-343
related documentation 1-xix
remote-id, setting for an interface 2-410
remote-id, setting for an interface VLAN range 2-411
remote SPAN
renew commands
ip dhcp snooping database 2-462
resetting PVLAN trunk
setting switchport to trunk 2-836
retry failed authentiation, configuring 2-26
rj45 connector, selecting the connector 2-355
ROM monitor mode
summary 1-6
Route Processor Redundancy
router, set to become ANCP client 2-18
RPF
disabling IPv4 exists-only checks 2-279
enabling IPv4 exists-only checks 2-279
RPR
set the redundancy mode 2-356
RSPAN
converting VLAN to RSPAN VLAN 2-461
displaying list 2-762
S
saving configuration changes 1-11
secure address, configuring 2-392
secure ports, limitations 2-842
server (AAA) alive actions, configuring 2-26
server (AAA) dead actions, configuring 2-26
service-policy command (policy-map class) 2-468
session classification, defining 2-29
set the redundancy mode 2-356
sfp connector, selecting the connector 2-355
shape command 2-487
show ancp multicast 2-494
show authentication interface command 2-496
show authentication registration command 2-496
show authentication sessions command 2-496
show commands
filtering parameters 1-7
searching and filtering 1-6
show platform commands 1-11
show energywise command 2-533
show mab command 2-653
show nmsp command 2-682
Simple Network Management Protocol
single-character patterns
special characters 1-7
single-host, setting 2-29
slaveslot0
displaying information on the standby supervisor 2-732
slot0
displaying information about the system 2-734
SNMP
debugging spanning tree activities 2-131
ifIndex persistence
clearing SNMP ifIndex commands 2-769
compress SNMP ifIndex table format 2-776
disabling globally 2-775
disabling on an interface 2-771
enabling globally 2-775
enabling on an interface 2-771
informs
disabling 2-773
enabling 2-773
traps
configuring to send when storm occurs 2-814
disabling 2-773
enabling 2-773
mac-notification
adding 1
removing 1
SPAN commands
configuring a SPAN session to monitor 2-358
displaying SPAN session information 2-745, 2-816
SPAN enhancements
displaying status 2-680
Spanning Tree Protocol
SPAN session
displaying session information 2-680
filter ACLs 2-358
specify encap type 2-358
turn off host learning based on ingress packets 2-358
special characters
anchoring, table 1-10
SSO 2-356
standard desktop
enabling Cisco-recommended features 2-332
standard desktop and Cisco IP phone
enabling Cisco-recommended features 2-334
sticky address, configuring 2-393
sticky-ARP
disabling on PVLANs 2-274
enabling on PVLANs 2-274
sticky port
deleting 2-92
enabling security 2-841
storm control
configuring for action when storm occurs 2-814
disabling suppression mode 2-540
displaying settings 2-744
enabling 2-814
enabling broadcast 2-814, 2-816
enabling multicast 2-814, 2-816
enabling suppression mode 2-540
enabling timer to recover from error disable 2-199
multicast, enabling 2-816
setting high and low levels 2-814
setting suppression level 2-540
STP
configuring link type for a port 2-786
configuring tunneling encapsulation rate 2-309
debugging all activities 2-131
debugging spanning tree activities 2-131
debugging spanning tree BackboneFast events 2-133
debugging spanning tree UplinkFast 2-136
detecting misconfiguration 2-783
displaying active interfaces only 2-736
displaying BackboneFast status 2-736
displaying bridge status and configuration 2-736
displaying spanning tree debug messages 2-131
displaying summary of interface information 2-736
enabling BPDU filtering by default on all PortFast ports 2-802
enabling BPDU filtering on an interface 2-779
enabling BPDU guard by default on all PortFast ports 2-804
enabling BPDU guard on an interface 2-781
enabling extended system ID 2-784
enabling loop guard as a default on all ports 2-787
enabling PortFast by default on all access ports 2-805
enabling PortFast mode 2-800
enabling protocol tunneling for 2-304
enabling root guard 2-785
enabling spanning tree BackboneFast 2-778
enabling spanning tree on a per VLAN basis 2-809
enabling spanning tree UplinkFast 2-807
setting an interface priority 2-806
setting drop threshold for 2-307
setting pathcost 2-782
setting the default pathcost calculation method 2-799
subinterface configuration mode, summary 1-6
SVI
creating a Layer 3 interface on a VLAN 2-220
switching characteristics
excluding from link-up calculation 2-833
modifying 2-833
returning to interfaces
capture function 2-833
switchport 2-857
switchport interfaces
displaying status of Layer 3 port 2-572
displaying status of native VLAN tagging 2-572
switch shim
debugging 2-134
disabling debugging 2-134
switch to router connection
enabling Cisco-recommended features 2-336
switch to switch connection
enabling Cisco-recommended features 2-338
switch virtual interface
sw-vlan 2-137
system prompts 1-5
T
Tab key
command completion 1-1
tables
characters with special meaning 1-7
mac access-list extended subcommands 2-322
multipliers 1-9
relationship between duplex and speed commands 2-812
show cable-diagnostics tdr command output fields 2-506
show cdp neighbors detail field descriptions 2-514
show cdp neighbors field descriptions 2-513
show ip dhcp snooping command output 2-497, 2-653
show ip interface field descriptions 2-607
show policy-map control-plane field descriptions 2-690
show vlan command output fields 2-761
show vtp command output fields 2-766
special characters 1-9
special characters used for anchoring 1-10
speed command options 2-349, 2-812
valid interface types 2-215
TAC
displaying information useful to TAC 2-747
TCAM
debugging spanning tree activities 2-131
TDR
displaying cable diagnostic test results 2-505
test condition of copper cables 2-863
temperature readings
displaying information 2-537
Ten-Gigabit Ethernet uplink
blocking ports on redundant Supervisor Engine 6-E 2-208
timer information 2-541
traffic monitor
display status 2-653
traffic shaping
enable on an interface 2-489
traps, enabling 2-773
trunk encapsulation
setting format 2-857
trunk interfaces
displaying trunk interfaces information 2-579
trust configuration, setting on an interface 2-412, 2-413
trust state
setting 2-227
tunnel ports
displaying information about Layer 2 protocol 2-647
TX queues
allocating bandwidth 2-873
returning to default values 2-873
setting priority to high 2-873
specifying burst size 2-873
specifying traffic rate 2-873
U
UDLD
displaying administrative and operational status 2-749
enabling by default on all fiber interfaces 2-875
enabling on an individual interface 2-877
preventing a fiber interface from being enabled 2-877
resetting all shutdown ports 2-879
setting the message timer 2-875
unicast
counters 2-101
Unidirectional Link Detection
unidirection port control, changing from bidirectional 2-23
unknown multicast traffic, preventing 2-835
unknown unicast traffic, preventing 2-835
user EXEC mode, summary 1-5
username
setting password and privilege level 2-881
V
VACLs
access-group mode 2-6
applying VLAN access maps 2-896
displaying VLAN access map information 2-755
specifying an action in a VLAN access map 2-13
specifying the match clause for a VLAN access-map sequence 2-344
using a VLAN filter 2-896
VLAN
applying an ARP ACL 2-221
configuring 2-885
configuring service policies 2-890
converting to RSPAN VLAN 2-461
displaying CEF information 2-586
displaying CEF next-hop information 2-586
displaying information on switch interfaces 2-597, 2-601
displaying information on VLAN switch interfaces 2-604
displaying information sorted by group IP address 2-597, 2-601
displaying IP address and version information 2-597, 2-601
displaying Layer 2 VLAN information 2-751
displaying statistical information 2-678
displaying VLAN information 2-753
enabling dynamic ARP inspection 2-230
enabling Explicit Host Tracking 2-261
enabling guest per-port 2-165
enabling guest VLAN supplicant 2-158, 2-166
entering VLAN configuration mode 2-890, 2-892
native frames
enabling tagging on all 802.1Q trunk ports 2-894
pruning the list for VTP 2-857
setting the list of allowed 2-857
VLAN Access Control Lists
VLAN access map
VLAN database
resetting 2-463
VLAN debugging
limiting output 2-109
VLAN link-up calculation
excluding a switch port 2-833
including a switch port 2-833
VLAN manager
debugging 2-137
disabling debugging 2-137
IOS file system error tests
debugging 2-138
disabling debugging 2-138
VLAN Query Protocol
VLAN query protocol (VQPC)
debugging 2-144
VLANs
clearing
counters 2-97
clearing hardware logic 2-73
configuring
internal allocation scheme 2-897
displaying
internal VLAN allocation information 2-758
RSPAN VLANs 2-762
entering VLAN configuration mode 2-892
VMPS
configuring servers 2-901
reconfirming dynamic VLAN assignments 2-144, 2-899
voice VLANs
enabling 2-829
VoIP
configuring auto-QoS 2-42
VQP
per-server retry count 2-900
reconfirming dynamic VLAN assignments 2-144, 2-899
VTP
configuring the administrative domain name 2-905
configuring the device in VTP client mode 2-904
configuring the device in VTP server mode 2-908
configuring the device in VTP transparent mode 2-909
configuring tunnel encapsulation rate 2-309
creating a VTP domain password 2-906
displaying domain information 2-765
displaying statistics information 2-765
enabling protocol tunneling for 2-304
enabling pruning in the VLAN database 2-907
enabling VTP version 2 mode 2-910
modifying the VTP configuration storage file name 2-903
set drop threshold for 2-307
VTP protocol code
activating debug messages 2-141
deactivating debug messages 2-141
W
Webauth fallback, enabling 2-28