A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

A

abbreviating commands 2-3

ABRs 36-23

access-class command 32-18

access control entries

See ACEs

access-denied response, VMPS 12-24

access groups

applying IPv4 ACLs to interfaces 32-19

Layer 2 32-19

Layer 3 32-20

access lists

See ACLs

access ports

and Layer 2 protocol tunneling 14-16

defined 10-4

accounting

with IEEE 802.1x 9-5, 9-20

with RADIUS 8-28

with TACACS+ 8-11, 8-17

ACEs

defined 32-2

Ethernet 32-2

IP 32-2

ACL classification, QoS 34-10

ACLs

ACEs 32-2

any keyword 32-12, 34-34

applying

on multicast packets 32-38

on routed packets 32-37

on switched packets 32-37

time ranges to 32-16

to an interface 32-19

to QoS 34-10

classifying traffic for QoS 34-32

comments in 32-18

compiling 32-22

defined 32-1, 32-7

examples of 32-22

extended IPv4

creating 32-10

matching criteria 32-7

hardware and software handling 32-20

host keyword 32-12, 34-34

IP

creating 32-7

implicit deny 32-9, 32-13, 32-15

implicit masks 32-9

matching criteria 32-7

undefined 32-20

IPv4

applying to interfaces 32-19

creating 32-7

matching criteria 32-7

named 32-14

numbers 32-8

terminal lines, setting on 32-18

unsupported features 32-6

ACLs

Layer 4 information in 32-36

logging messages 32-8

MAC extended 32-26

matching 32-7, 32-20

monitoring 32-39

named, IPv4 32-14

port 32-2

precedence of 32-2

QoS 34-10

resequencing entries 32-14

router 32-2

router ACLs and VLAN map configuration guidelines 32-36

standard IPv4

creating 32-9

matching criteria 32-7

support for 1-7

support in hardware 32-20

time ranges 32-16

types supported 32-2

unsupported features, IPv4 32-6

using router ACLs with VLAN maps 32-35

VLAN maps

configuration guidelines 32-29

configuring 32-29

active link 19-4, 19-5, 19-6

active links 19-2

active router 37-1

active traffic monitoring, IP SLAs 38-1

address aliasing 22-2

addresses

displaying the MAC address table 5-28

dynamic

accelerated aging 15-9

changing the aging time 5-21

default aging 15-9

defined 5-19

learning 5-20

removing 5-22

MAC, discovering 5-28

multicast

group address range 41-2

STP address management 15-9

static

adding and removing 5-24

defined 5-19

address resolution 5-28, 36-7

Address Resolution Protocol

See ARP

adjacency tables, with CEF 36-87

administrative distances

defined 36-99

OSPF 36-31

routing protocol defaults 36-89

administrative VLAN

REP, configuring 18-8

administrative VLAN, REP 18-8

advertisements

CDP 24-1

LLDP 25-1

RIP 36-18

aggregate addresses, BGP 36-58

aggregated ports

See EtherChannel

aggregate policers

configuration guidelines 34-45

configuring 34-45

described 34-17

aging, accelerating 15-9

aging time

accelerated

for MSTP 16-23

for STP 15-9, 15-22

MAC address table 5-21

maximum

for MSTP 16-24

for STP 15-22

alarms, RMON 28-3

allowed-VLAN list 12-17

area border routers

See ABRs

area routing

IS-IS 36-62

ISO IGRP 36-62

ARP

configuring 36-8

defined 1-4, 5-28, 36-7

encapsulation 36-9

static cache configuration 36-8

table

address resolution 5-28

managing 5-28

ASBRs 36-23

AS-path filters, BGP 36-52

assured forwarding, DSCP 34-8

asymmetrical links, and IEEE 802.1Q tunneling 14-4

attributes, RADIUS

vendor-proprietary 8-30

vendor-specific 8-29

authentication

EIGRP 36-39

HSRP 37-9

local mode with AAA 8-36

NTP associations 5-4

RADIUS

key 8-21

login 8-23

authentication

TACACS+

defined 8-11

key 8-13

login 8-14

See also port-based authentication

authentication keys, and routing protocols 36-99

authoritative time source, described 5-2

authorization

with RADIUS 8-27

with TACACS+ 8-11, 8-16

authorized ports with 802.1x 9-4

autoconfiguration 3-3

autonegotiation

duplex mode 1-2

interface configuration guidelines 10-19

mismatches 43-8

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP 36-46

Auto-RP, described 41-6

autosensing, port speed 1-2

availability, features 1-5

B

backup interfaces

See Flex Links

backup links 19-2

bandwidth, QoS, configuring 34-57

bandwidth command

for CBWFQ 34-22

QoS, configuring 34-57

QoS, described 34-24

with police command 34-26

bandwidth remaining percent command 34-26

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

Berkeley r-tools replacement 8-41

best-effort packet delivery 34-1

BGP

aggregate addresses 36-58

aggregate routes, configuring 36-58

CIDR 36-58

clear commands 36-61

community filtering 36-55

configuring neighbors 36-56

default configuration 36-44

described 36-43

enabling 36-46

monitoring 36-61

multipath support 36-50

neighbors, types of 36-46

path selection 36-50

peers, configuring 36-56

prefix filtering 36-54

resetting sessions 36-49

route dampening 36-60

route maps 36-52

route reflectors 36-59

routing domain confederation 36-59

routing session with multi-VRF CE 36-81

show commands 36-61

supernets 36-58

support for 1-9

Version 4 36-43

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-6

IP source guard 20-15

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-6

Boolean expressions in tracked lists 39-4

booting

boot loader, function of 3-2

boot process 3-1

manually 3-18

specific image 3-18

boot loader

accessing 3-19

described 3-2

environment variables 3-19

prompt 3-19

trap-door mechanism 3-2

bootstrap router (BSR), described 41-6

Border Gateway Protocol

See BGP

BPDU

error-disabled state 17-3

filtering 17-3

RSTP format 16-12

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

support for 1-5

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

support for 1-5

broadcast flooding 36-15

broadcast packets

directed 36-12

flooded 36-12

broadcast storm-control command 23-4

broadcast storms 23-1, 36-12

bulk statistics

defined 30-6

file 30-6

object list, configuring 30-17

object list, described 30-6

schema, configuring 30-17

schema, described 30-6

transfer 30-18

bulkstat object-list 30-17

bulkstat schema 30-17

C

cables, monitoring for unidirectional links 26-1

CBWFQ

and bandwidth command 34-24, 34-57

configuration guidelines 34-57

QoS scheduling 34-22

CDP

configuring 24-2

default configuration 24-2

defined with LLDP 25-1

described 24-1

disabling for routing device24-3to 24-4

enabling and disabling

on an interface 24-4

on a switch 24-3

Layer 2 protocol tunneling 14-13

monitoring 24-5

overview 24-1

support for 1-4

transmission timer and holdtime, setting 24-2

updates 24-2

CEF

defined 36-86

enabling 36-87

CFM

and Ethernet OAM, configuring 40-34

and Ethernet OAM interaction 40-33

and OAM manager 40-27

configuration guidelines 40-6

configuring crosscheck 40-8

configuring service 40-7

configuring the network 40-6

crosscheck 40-4

default configuration 40-5

defined 40-2

EtherChannel support 40-6

IP SLAs support for 40-5

IP SLAs with endpoint discovers 40-12

maintenance domain 40-2

maintenance point 40-3

manually configuring IP SLAs ping or jitter 40-10

measuring network performance 40-5

monitoring 40-13, 40-14

on EtherChannel port channels 40-6

SNMP traps 40-4

types of messages 40-4

UNIs 40-4

child policies, QoS 34-12, 34-24

CIDR 36-58

Cisco Configuration Engine 1-3

Cisco Data Collection MIB 30-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 38-1

Cisco Process MIB 30-1

CiscoWorks 2000 1-3, 30-4

CIST regional root

See MSTP

CIST root

See MSTP

civic location 25-3

class-based priority queuing, QoS 34-20

class-based shaping

configuration guidelines 34-59

configuring 34-58

for QoS 34-23

Class-Based-Weighted-Fair-Queuing

See CBWFQ

classification

based on ACL lookup 34-10

in packet headers 34-5

per-port per VLAN 34-12, 34-51

QoS comparisons 34-9

QoS group 34-11

classless interdomain routing

See CIDR

classless routing 36-6

class map

match-all option 34-7

match-any option 34-7

class-map command 34-3

class maps, QoS

configuring 34-36

described 34-6

class of service

See CoS

class selectors, DSCP 34-8

clearing interfaces 10-30

CLI

abbreviating commands 2-3

command modes 2-1

described 1-3

editing features

enabling and disabling 2-6

keystroke editing 2-6

wrapped lines 2-8

error messages 2-4

CLI

filtering command output 2-8

getting help 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

no and default forms of commands 2-4

client processes, tracking 39-1

CLNS

See ISO CLNS

clock

See system clock

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-7

for upgrading 4-14

command-line interface

See CLI

command macros

applying global parameter values 11-4

applying macros 11-4

applying parameter values 11-4

configuration guidelines 11-2

creating 11-3

default configuration 11-2

defined 11-1

displaying 11-5

tracing 11-2

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 8-8

community list, BGP 36-55

community ports 13-3

community strings

configuring 30-8

overview 30-4

community VLANs 13-2, 13-3

compatibility, feature 23-11

config.text 3-17

configurable leave timer, IGMP 22-5

configuratin guidelines

PIM stub routing 41-12

configuration, initial

defaults 1-10

configuration examples

network 1-13

policy maps 34-69

QoS

adding customers 34-71

adding or deleting a class 34-74

adding or deleting classification criteria 34-71, 34-72

adding or deleting configured actions 34-73

changing queuing or scheduling parameters 34-72

initial 34-69

configuration files

archiving B-19

clearing the startup configuration B-19

creating using a text editor B-10

default name 3-17

deleting a stored configuration B-19

described B-8

configuration files

downloading

automatically 3-17

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

guidelines for creating and using B-9

guidelines for replacing and rolling back B-20

invalid combinations when copying B-5

limiting TFTP server access 30-16, 30-17, 30-18, 30-20

obtaining with DHCP 3-8

password recovery disable considerations 8-5

replacing a running configuration B-19, B-20

rolling back a running configuration B-19, B-20

specifying the filename 3-17

system contact and location information 30-16

types and location B-9

uploading

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-14

using RCP B-18

using TFTP B-11

configuration guidelines

aggregate policers 34-45

CBWFQ 34-57

CFM 40-6

class-based shaping 34-59

EtherChannel 35-10

Ethernet OAM 40-16

HSRP 37-5

individual policers 34-41

input policy maps 34-40

link-state tracking 35-24

marking in policy maps 34-49

multi-VRF CE 36-75

OAM manager 40-28

configuration guidelines

output policy maps 34-56

per-port, per-VLAN QoS 34-51

port security 23-10

QoS, general 34-31

QoS class maps 34-36

REP 18-7

rollback and replacement B-20

SSM 41-15

SSM mapp 41-17

strict priority queuing 34-61

unconditional priority policing 34-63

UNI VLANs 12-12

VLAN mapping 14-9

VLANs 12-8

WTD 34-65

configuration replacement B-19

configuration rollback B-19

configuration settings, saving 3-14

configure terminal command 10-8

configuring marking in input policy maps 34-49

configuring port-based authentication violation modes9-12to 9-13

congestion avoidance, QoS 34-2, 34-27

congestion management, QoS 34-2, 34-22

connections, secure remote 8-37

Connectivity Fault Management

See CFM

connectivity problems 43-9, 43-12, 43-14

connectivity testing 40-24

console port, connecting to 2-9

control packets

and control-plane security 33-1

dropping and rate-limiting 33-2

control-plane security

configuring 33-6

control packets 33-1

monitoring 33-6

policers 33-3

policing 33-2

purpose of 33-1

control protocol, IP SLAs 38-4

convergence

REP 18-4

corrupted software, recovery steps with Xmodem 43-2

CoS

classification 34-7

values 34-5

counters, clearing interface 10-30

CPU overload, protection from 33-1

CPU policers 33-6

CPU protection 33-3

CPU threshold notification 30-20

CPU threshold table 30-1, 30-19

CPU utilization statistics 30-20

crashinfo file 43-21

crosscheck, CFM 40-4, 40-8

cryptographic software image

Kerberos 8-32

SSH 8-37

customer edge devices 1-16, 36-73

C-VLAN 14-7

D

data collection, bulk statistics 30-19

daylight saving time 5-13

debugging

enabling all system diagnostics 43-18

enabling for a specific feature 43-17

redirecting error message output 43-18

using commands 43-17

default

policer configuration

ENIs and UNIs 33-4

NNIs 33-5

default actions, table maps 34-14

default commands 2-4

default configuration

banners 5-17

BGP 36-44

booting 3-17

CDP 24-2

CFM 40-5

DHCP 20-8

DHCP option 82 20-8

DHCP snooping 20-8

DHCP snooping binding database 20-8

DNS 5-16

dynamic ARP inspection 21-5

EIGRP 36-36

E-LMI and OAM 40-28

EtherChannel 35-10

Ethernet OAM 40-16

Flex Links 19-7

HSRP 37-4

IEEE 802.1Q tunneling 14-4

IEEE 802.1x 9-10

IGMP 41-37

IGMP filtering 22-24

IGMP snooping 22-6

IGMP throttling 22-24

initial switch information 3-3

IP addressing, IP routing 36-4

IP multicast routing 41-8

IP SLAs 38-6

IP source guard 20-16

IS-IS 36-63

Layer 2 interfaces 10-15

Layer 2 protocol tunneling 14-16

LLDP 25-3

default configuration

MAC address table 5-21

MAC address-table move update 19-8

MSDP 42-4

MSTP 16-14

multi-VRF CE 36-75

MVR 22-18

NTP 5-4

optional spanning-tree configuration 17-5

OSPF 36-24

password and privilege level 8-2

PIM 41-8

private VLANs 13-6

QoS 34-31

RADIUS 8-20

REP 18-7

RIP 36-18

RMON 28-3

RSPAN 27-9

SDM template 7-2

SNMP 30-7

SPAN 27-9

STP 15-11

system message logging 29-3

system name and prompt 5-15

TACACS+ 8-13

UDLD 26-4

VLAN, Layer 2 Ethernet interfaces 12-16

VLAN mapping 14-9

VLANs 12-7

VMPS 12-25

default gateway 3-14, 36-10

default networks 36-89

default routes 36-89

default routing 36-2

default service, DSCP 34-8

default template 7-1

denial-of-service attacks, preventing 33-1

description command 10-25

designing your network, examples 1-13

destination addresses, in IPv4 ACLs 32-11

destination-IP address-based forwarding, EtherChannel 35-8

destination-MAC address forwarding, EtherChannel 35-7

device discovery protocol 24-1, 25-1

DHCP, enabling the relay agent 20-10

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-7

server side 3-6

TFTP server 3-6

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-3, 1-9

support for 1-3

DHCP-based autoconfiguration and image update

configuring3-10to 3-13

understanding3-4to 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-8

default configuration 20-8

displaying 20-15

forwarding address, specifying 20-10

helper address 20-10

overview 20-3

DHCP option 82

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-12

and private VLANs 20-13

binding database

See DHCP snooping binding database

configuration guidelines 20-8

default configuration 20-8

displaying binding tables 20-15

message exchange process 20-4

option 82 data insertion 20-3

trusted interface 20-2

untrusted interface 20-2

untrusted messages 20-2

DHCP snooping binding database

adding bindings 20-14

binding entries, displaying 20-15

binding file

format 20-7

location 20-6

bindings 20-6

clearing agent statistics 20-14

configuration guidelines 20-9

configuring 20-14

default configuration 20-8

deleting

binding file 20-14

bindings 20-14

database agent 20-14

described 20-6

displaying 20-15

binding entries 20-15

status and statistics 20-15

enabling 20-14

DHCP snooping binding database

entry 20-6

renewing database 20-14

resetting

delay value 20-14

timeout value 20-14

DHCP snooping binding table

See DHCP snooping binding database

diagnostic schedule command 44-2

Differentiated Services Code Point

See DSCP

Diffusing Update Algorithm (DUAL) 36-34

Digital Optical Monitoring

see DoM

directed unicast requests 1-4

directories

changing B-3

creating and removing B-4

displaying the working B-3

discovery, Ethernet OAM 40-15

distribute-list command 36-98

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-16

displaying the configuration 5-17

overview 5-15

setting up 5-16

support for 1-3

DNS-based SSM mapping 41-18, 41-20

DoM

displaying supported transceivers 10-30

domain names, DNS 5-15

Domain Name System

See DNS

domains, ISO IGRP routing 36-62

dot1q-tunnel switchport mode 12-15

double-tagged packets

IEEE 802.1Q tunneling 14-2

Layer 2 protocol tunneling 14-15

downloading

configuration files

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

image files

deleting old image B-27

preparing B-25, B-28, B-32

reasons for B-23

using FTP B-29

using RCP B-33

using TFTP B-26

using the device manager or Network Assistant B-23

drop threshold for Layer 2 protocol packets 14-16

DSCP

assured forwarding 34-8

classification 34-8

class selectors 34-8

default service 34-8

expedited forwarding 34-8

values 34-5

DUAL finite state machine, EIGRP 36-35

dual-purpose ports

default port type 10-7

defaults 10-21

defined 10-6

frame size 10-21

LEDs 10-7

setting the type 10-21

duplex mode, configuring 10-18

dynamic access ports

characteristics 12-5

configuring 12-26

defined 10-4

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 21-1

ARP requests, described 21-1

ARP spoofing attack 21-1

clearing

log buffer 21-15

statistics 21-15

configuration guidelines 21-6

configuring

ACLs for non-DHCP environments 21-8

in DHCP environments 21-7

log buffer 21-12

rate limit for incoming ARP packets 21-4, 21-10

default configuration 21-5

denial-of-service attacks, preventing 21-10

described 21-1

DHCP snooping binding database 21-2

displaying

ARP ACLs 21-14

configuration and operating state 21-14

log buffer 21-15

statistics 21-15

trust state and rate limit 21-14

error-disabled state for exceeding rate limit 21-4

function of 21-2

interface trust states 21-3

log buffer

clearing 21-15

configuring 21-12

displaying 21-15

logging of dropped packets, described 21-4

man-in-the middle attack, described 21-2

network security issues and interface trust states 21-3

priority of ARP ACLs and DHCP snooping entries 21-4

rate limiting of ARP packets

configuring 21-10

described 21-4

error-disabled state 21-4

dynamic ARP inspection

statistics

clearing 21-15

displaying 21-15

validation checks, performing 21-12

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

types of connections 12-26

dynamic routing

ISO CLNS 36-62

protocols 36-2

E

EBGP 36-42

editing features

enabling and disabling 2-6

keystrokes used 2-6

wrapped lines 2-8

EIGRP

authentication 36-39

components 36-35

configuring 36-37

default configuration 36-36

definition 36-34

interface parameters, configuring 36-38

monitoring 36-41

stub routing 36-40

support for 1-9

ELIN location 25-3

E-LMI

and OAM Manager 40-27

CE device configuration 40-32

configuration guidelines 40-28

configuring a CE device 40-31

configuring a PE device 40-31

default configuration 40-28

defined 40-26

enabling 40-31

information 40-26

monitoring 40-33

PE device configuration 40-32

embedded event manager

actions 31-3

configuring 31-1, 31-4

displaying information 31-6

environmental variables 31-4

event detectors 31-2

policies 31-4

registering and defining an applet 31-5

registering and defining a TCL script 31-6

understanding 31-1

enable password 8-3

enable secret password 8-3

encryption for passwords 8-3

Enhanced IGRP

See EIGRP

enhanced network interface

See ENI

enhanced object tracking

commands 39-1

defined 39-1

HSRP 39-7

IP routing state 39-2

IP SLAs 39-9

line-protocol state 39-2

tracked lists 39-3

ENI

configuring 10-17

described 10-2

protocol control packets on 33-1

environmental variables, embedded event manager 31-4

environment variables, function of 3-20

equal-cost routing 1-9, 36-88

error messages during command entry 2-4

EtherChannel

802.3ad, described 35-6

automatic creation of 35-4, 35-6

channel groups

binding physical and logical interfaces 35-3

numbering of 35-3

configuration guidelines 35-10

configuring

Layer 2 interfaces 35-11

Layer 3 physical interfaces 35-15

Layer 3 port-channel logical interfaces 35-14

default configuration 35-10

described 35-2

displaying status 35-22

forwarding methods 35-7, 35-17

interaction

with STP 35-10

with VLANs 35-11

LACP

described 35-6

displaying status 35-22

hot-standby ports 35-19

interaction with other features 35-7

modes 35-6

port priority 35-21

system priority 35-20

Layer 3 interface 36-3

load balancing 35-7, 35-17

logical interfaces, described 35-3

EtherChannel

PAgP

aggregate-port learners 35-18

compatibility with Catalyst 1900 35-18

described 35-4

displaying status 35-22

interaction with other features 35-5

learn method and priority configuration 35-18

modes 35-5

support for 1-2

port-channel interfaces

described 35-3

numbering of 35-3

port groups 10-6

support for 1-2

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

Ethernet infrastructure 40-1

Ethernet Link Management Interface

See E-LMI

Ethernet loopback

characteristics 40-25

ethernet loopback facility 40-24

Ethernet management port

and routing 10-13

and routing protocols 10-13

and TFTP 10-14

configuring 10-14

default setting 10-13

described 10-5, 10-12

for network management 10-5, 10-12

specifying 10-14

supported features 10-14

unsupported features 10-14

Ethernet management port, internal

and routing 10-13

and routing protocols 10-13

unsupported features 10-14

Ethernet OAM 40-15

and CFM interaction 40-33

configuration guidelines 40-16

configuring with CFM 40-34

default configuration 40-16

discovery 40-15

enabling 40-16, 40-35

link monitoring 40-15, 40-18

manager 40-1

messages 40-15

protocol

defined 40-14

monitoring 40-24

remote failure indications 40-15, 40-21

remote loopback 40-15, 40-17

templates 40-21

Ethernet OAM protocol 40-1

Ethernet OAM protocol CFM notifications 40-33

Ethernet operation, administration, and maintenance

See Ethernet OAM

Ethernet virtual connections

See EVCs

Ethernet VLANs

adding 12-9

defaults and ranges 12-7

modifying 12-9

EVCs

configuring 40-29

in CFM domains 40-26

event detectors, embedded event manager 31-2

events, RMON 28-3

examples

network configuration 1-13

expedited forwarding, DSCP 34-8

extended-range VLANs

creating with an internal VLAN ID 12-11

defined 12-1

extended system ID

MSTP 16-17

STP 15-4, 15-15

Extensible Authentication Protocol over LAN 9-1

external BGP

See EBGP

external neighbors, BGP 36-46

F

Fa0 port

See Ethernet management port

facility loopback

configuring 40-24

Fast Convergence 19-3

fastethernet0 port

See Ethernet management port

features, incompatible 23-11

FIB 36-86

fiber-optic, detecting unidirectional links 26-1

files

copying B-4

crashinfo

description 43-21

displaying the contents of 43-21

location 43-21

deleting B-5

displaying the contents of B-8

tar

creating B-6

displaying the contents of B-6

extracting B-7

image file format B-24

file system

displaying available file systems B-2

displaying file information B-3

local file system names B-1

network file system names B-4

setting the default B-3

filtering

in a VLAN 32-29

non-IP traffic 32-26

show and more command output 2-8

filtering show and more command output 2-8

filters, IP

See ACLs, IP

flash device, number of B-1

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-9

configuring preferred VLAN 19-12

configuring VLAN load balancing 19-11

default configuration 19-7

description 19-1

link load balancing 19-2

monitoring 19-14

VLANs 19-2

flooded traffic, blocking 23-7

flow control 1-2, 10-23

forward-delay time

MSTP 16-23

STP 15-22

Forwarding Information Base

See FIB

FTP

accessing MIB files A-3

configuration files

downloading B-13

overview B-12

preparing the server B-13

uploading B-14

FTP

image files

deleting old image B-31

downloading B-29

preparing the server B-28

uploading B-31

G

general query 19-5

Generating IGMP Reports 19-3

get-bulk-request operation 30-3

get-next-request operation 30-3, 30-4

get-request operation 30-3, 30-4

get-response operation 30-3

global configuration mode 2-2

global leave, IGMP 22-11

H

hardware limitations and Layer 3 interfaces 10-26

hello time

MSTP 16-23

STP 15-21

help, for the command line 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

history table, level and number of syslog messages 29-10

host ports

configuring 13-11

kinds of 13-3

hosts, limit on dynamic ports 12-28

Hot Standby Router Protocol

See HSRP

HP OpenView 1-3

HSRP

authentication string 37-9

command-switch redundancy 1-5

configuration guidelines 37-5

configuring 37-4

default configuration 37-4

definition 37-1

monitoring 37-11

object tracking 39-7

overview 37-1

priority 37-6

routing redundancy 1-9

support for ICMP redirect messages 37-11

timers 37-9

tracking 37-7

I

IBPG 36-42

ICMP

redirect messages 36-10

support for 1-9

time-exceeded messages 43-14

traceroute 43-14

unreachable messages 32-19

unreachables and ACLs 32-20

ICMP Echo operation

configuring 38-11

IP SLAs 38-11

ICMP ping

executing 43-10

overview 43-9

ICMP Router Discovery Protocol

See IRDP

IDS appliances

and ingress RSPAN 27-19

and ingress SPAN 27-12

IEEE 802.1ag 40-2

IEEE 802.1D

See STP

IEEE 802.1Q

and trunk ports 10-4

configuration limitations 12-15

encapsulation 12-14

native VLAN for untagged traffic 12-19

tunneling

compatibility with other features 14-5

defaults 14-4

described 14-1

tunnel ports with other features 14-6

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ah Ethernet OAM discovery 40-1

IEEE 802.3z flow control 10-23

ifIndex values, SNMP 30-5

IFS 1-4

IGMP

configurable leave timer, described 22-5

configurable leave timer, procedures 22-9

configuring the switch

as a member of a group 41-37

statically connected member 41-42

controlling access to groups 41-38

default configuration 41-37

deleting cache entries 41-46

displaying groups 41-47

fast switching 41-42

IGMP

flooded multicast traffic

controlling flooding time 22-10

disabling on an interface 22-11

global leave 22-11

query solicitation 22-11

recovering from flood mode 22-11

host-query interval, modifying 41-40

joining multicast group 22-3

join messages 22-3

leave processing, enabling 22-9

leaving multicast group 22-5

multicast reachability 41-37

overview 41-2

queries 22-3

report suppression

described 22-6

disabling 22-14

supported versions 22-2

support for 1-2

Version 1

changing to Version 2 41-39

described 41-3

Version 2

changing to Version 1 41-39

described 41-3

maximum query response time value 41-41

pruning groups 41-41

query timeout value 41-41

IGMP configurable leave timer 22-5

IGMP filtering

configuring 22-25

default configuration 22-24

described 22-23

monitoring 22-29

support for 1-3

IGMP groups

configuring filtering 22-27

setting the maximum number 22-26

IGMP helper 41-5

IGMP leave timer, configuring 22-9

IGMP profile

applying 22-26

configuration mode 22-25

configuring 22-25

IGMP snooping

and address aliasing 22-2

configuring 22-6

default configuration 22-6

definition 22-1

enabling and disabling 22-7

global configuration 22-7

Immediate Leave 22-5

monitoring 22-14

querier

configuration guidelines 22-12

configuring 22-12

supported versions 22-2

support for 1-2

VLAN configuration 22-7

IGMP throttling

configuring 22-27

default configuration 22-24

described 22-24

displaying action 22-29

IGP 36-22

Immediate Leave, IGMP

configuration guidelines 22-9

described 22-5

enabling 22-9

individual policers

configuration guidelines 34-41

configuring 34-41

initial configuration

defaults 1-10

input policy maps

classification criteria 34-4

configuration guidelines 34-40

configuring 34-40

displaying statistics 34-68

interface

number 10-8

range macros 10-10

interface command 10-8

interface configuration, REP 18-9

interface configuration mode 2-2

interfaces

configuration guidelines, duplex and speed 10-18

configuring

duplex mode 10-18

procedure 10-8

speed 10-18

counters, clearing 10-30

described 10-25

descriptive name, adding 10-25

displaying information about 10-29

flow control 10-23

management 1-3

monitoring 10-29

naming 10-25

physical, identifying 10-8

range of 10-9

restarting 10-31

shutting down 10-31

status 10-29

supported 10-8

types of 10-1

interfaces range macro command 10-10

interface types 10-8

ENI 10-2

NNI 10-2

UNI 10-2

Interior Gateway Protocol

See IGP

Intermediate System-to-Intermediate System

See IS-IS

internal BGP

See IBGP

internal neighbors, BGP 36-46

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

inter-VLAN routing 1-9, 36-2

Intrusion Detection System

See IDS appliances

inventory management TLV 25-6

IP ACLs

for QoS classification 34-10

implicit deny 32-9, 32-13

implicit masks 32-9

named 32-14

undefined 32-20

IP addresses

classes of 36-5

default configuration 36-4

discovering 5-28

for IP routing 36-3

MAC address association 36-7

monitoring 36-16

IP broadcast address 36-14

ip cef distributed command 36-87

IP directed broadcasts 36-12

ip igmp profile command 22-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP multicast routing

addresses

all-hosts 41-2

all-multicast-routers 41-2

host group address range 41-2

administratively-scoped boundaries, described 41-44

and IGMP snooping 22-1

Auto-RP

adding to an existing sparse-mode cloud 41-24

benefits of 41-24

clearing the cache 41-46

configuration guidelines 41-10

filtering incoming RP announcement messages 41-27

overview 41-6

preventing candidate RP spoofing 41-27

preventing join messages to false RPs 41-26

setting up in a new internetwork 41-24

using with BSR 41-32

bootstrap router

configuration guidelines 41-10

configuring candidate BSRs 41-30

configuring candidate RPs 41-31

defining the IP multicast boundary 41-29

defining the PIM domain border 41-28

overview 41-6

using with Auto-RP 41-32

Cisco implementation 41-1

configuring

basic multicast routing 41-10

IP multicast boundary 41-44

default configuration 41-8

enabling

multicast forwarding 41-11

PIM mode 41-11

group-to-RP mappings

Auto-RP 41-6

BSR 41-6

IP multicast routing

MBONE

deleting sdr cache entries 41-46

described 41-43

displaying sdr cache 41-47

enabling sdr listener support 41-43

limiting sdr cache entry lifetime 41-44

SAP packets for conference session announcement 41-43

Session Directory (sdr) tool, described 41-43

monitoring

packet rate loss 41-47

peering devices 41-47

tracing a path 41-47

multicast forwarding, described 41-7

PIMv1 and PIMv2 interoperability 41-9

reverse path check (RPF) 41-7

routing table

deleting 41-46

displaying 41-47

RP

assigning manually 41-22

configuring Auto-RP 41-24

configuring PIMv2 BSR 41-28

monitoring mapping information 41-33

using Auto-RP and BSR 41-32

statistics, displaying system and network 41-46

See also IGMP

See also PIM

IP packets, classification 34-5

IP precedence

classification 34-8

values 34-5

IP protocols

routing 1-9

IP routes, monitoring 36-100

IP routing

connecting interfaces with 10-7

disabling 36-17

enabling 36-17

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 38-1

IP SLAs

benefits 38-2

CFM endpoint discovery 40-12

configuration guidelines 38-6

configuring object tracking 39-9

Control Protocol 38-4

default configuration 38-6

definition 38-1

ICMP echo operation 38-11

manually configuring CFM ping or jitter 40-10

measuring network performance 38-3

monitoring 38-13

multioperations scheduling 38-5

object tracking 39-9

operation 38-3

reachability tracking 39-9

responder

described 38-4

enabling 38-7

response time 38-4

scheduling 38-5

SNMP support 38-2

supported metrics 38-2

threshold monitoring 38-6

track state 39-9

UDP jitter operation 38-8

IP source guard

and 802.1x 20-17

and DHCP snooping 20-15

and EtherChannels 20-17

and port security 20-17

and private VLANs 20-17

and routed ports 20-17

and TCAM entries 20-17

and trunk interfaces 20-17

and VRF 20-17

binding configuration

automatic 20-15

manual 20-15

binding table 20-15

configuration guidelines 20-17

default configuration 20-16

disabling 20-18

displaying

bindings 20-19

configuration 20-19

enabling 20-17

filtering

source IP address 20-16

source IP and MAC address 20-16

source IP address filtering 20-16

source IP and MAC address filtering 20-16

static bindings

adding 20-17

deleting 20-18

IP traceroute

executing 43-15

overview 43-14

IP unicast routing

address resolution 36-7

administrative distances 36-89, 36-99

ARP 36-7

assigning IP addresses to Layer 3 interfaces 36-5

authentication keys 36-99

IP unicast routing

broadcast

address 36-14

flooding 36-15

packets 36-12

storms 36-12

classless routing 36-6

configuring static routes 36-88

default

addressing configuration 36-4

gateways 36-10

networks 36-89

routes 36-89

routing 36-2

directed broadcasts 36-12

disabling 36-17

dynamic routing 36-2

enabling 36-17

EtherChannel Layer 3 interface 36-3

IGP 36-22

inter-VLAN 36-2

IP addressing

classes 36-5

configuring 36-3

IRDP 36-10

Layer 3 interfaces 36-3

MAC address and IP address 36-7

passive interfaces 36-97

proxy ARP 36-7

redistribution 36-90

reverse address resolution 36-7

routed ports 36-3

static routing 36-2

steps to configure 36-3

subnet mask 36-5

subnet zero 36-5

supernet 36-6

UDP 36-13

with SVIs 36-3

IP unicast routing

See also BGP

See also EIGRP

See also IS-IS

See also OSPF

See also RIP

IPv4 ACLs

applying to interfaces 32-19

extended, creating 32-10

named 32-14

standard, creating 32-9

IRDP

configuring 36-11

definition 36-10

support for 1-9

IS-IS

addresses 36-62

area routing 36-62

default configuration 36-63

monitoring 36-71

show commands 36-71

support for 1-9

system routing 36-62

ISL trunking with IEEE 802.1 tunneling 14-4

ISO CLNS

clear commands 36-71

dynamic routing protocols 36-62

monitoring 36-71

NETs 36-62

NSAPs 36-62

OSI standard 36-62

ISO IGRP

area routing 36-62

system routing 36-62

isolated port 13-3

isolated VLANs 13-2, 13-3

J

join messages, IGMP 22-3

K

KDC

described 8-32

See also Kerberos

keepalive command 10-17

keepalive messages 15-3

keepalive messages, default 10-17

Kerberos

authenticating to

boundary switch 8-34

KDC 8-34

network services 8-35

configuration examples 8-32

configuring 8-35

credentials 8-32

cryptographic software image 8-32

described 8-32

KDC 8-32

operation 8-34

realm 8-33

server 8-33

support for 1-7

switch as trusted third party 8-32

terms 8-33

TGT 8-34

tickets 8-32

key distribution center

See KDC

L

l2protocol-tunnel command 14-18

LACP

Layer 2 protocol tunneling 14-14

See EtherChannel

Layer 2 interfaces, default configuration 10-15

Layer 2 packets, classification 34-5

Layer 2 protocol packets, and control-plane security 33-2

Layer 2 protocol tunneling

configuring 14-15

configuring for EtherChannels 14-19

default configuration 14-16

defined 14-13

guidelines 14-16

layer-2 template 7-1

Layer 2 traceroute

and ARP 43-13

and CDP 43-13

broadcast traffic 43-13

described 43-13

IP addresses and subnets 43-13

MAC addresses and VLANs 43-13

multicast traffic 43-13

multiple devices on a port 43-14

unicast traffic 43-13

usage guidelines 43-13

Layer 3 features 1-9

Layer 3 interfaces

assigning IP addresses to 36-5

changing from Layer 2 mode 36-5, 36-78, 36-79

types of 36-3

LDAP 4-2

Leaking IGMP Reports 19-4

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

Link Failure, detecting unidirectional 16-8

link integrity, verifying with REP 18-3

Link Layer Discovery Protocol

See CDP

link monitoring, Ethernet OAM 40-15, 40-18

link redundancy

See Flex Links

links, unidirectional 26-1

link state advertisements (LSAs) 36-29

link-state tracking

configuration guidelines 35-24

configuring 35-24

described 35-22

LLDP

configuring 25-3

characteristics 25-4

default configuration 25-3

disabling and enabling

globally 25-5

on an interface 25-5

monitoring and maintaining 25-8

overview 25-1

supported TLVs 25-2

transmission timer and holdtime, setting 25-4

LLDP-MED

configuring 25-3

configuring TLVs 25-6

monitoring and maintaining 25-8

overview 25-1, 25-2

supported TLVs 25-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing 37-3

local SPAN 27-2

location TLV 25-3, 25-6

logging messages, ACL 32-8

login authentication

with RADIUS 8-23

with TACACS+ 8-14

login banners 5-17

log messages

See system message logging

loop guard

described 17-5

enabling 17-10

support for 1-5

M

MAC addresses

aging time 5-21

and VLAN association 5-20

building the address table 5-20

default configuration 5-21

disabling learning on a VLAN 5-27

discovering 5-28

displaying 5-28

displaying in the IP source binding table 20-19

dynamic

learning 5-20

removing 5-22

in ACLs 32-26

IP address association 36-7

static

adding 5-25

allowing 5-26, 5-27

characteristics of 5-24

dropping 5-26

removing 5-25

MAC address learning, disabling on a VLAN 5-27

MAC address notification, support for 1-10

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-8

description 19-6

monitoring 19-14

MAC address-to-VLAN mapping 12-23

MAC extended access lists

applying to Layer 2 interfaces 32-28

configuring for QoS 34-35

creating 32-26

defined 32-26

macros

See command macros

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

manageability features 1-3

management access

in-band

CLI session 1-4

SNMP 1-4

out-of-band console port connection 1-4

management options

CLI 2-1

CNS 4-1

overview 1-3

manual preemption, REP, configuring 18-12

marking

action with aggregate policers 34-45

described 34-2, 34-15

match command, QoS

for classification 34-3, 34-7

guidelines 34-36

matching, IPv4 ACLs 32-7

matching classifications, QoS 34-7

maximum aging time

MSTP 16-24

STP 15-22

maximum hop count, MSTP 16-24

maximum number of allowed devices, port-based authentication 9-11

maximum-paths command 36-50, 36-88

ME 34000EG-2CS switch policers 33-3

ME 3400E-24TS switch policers 33-3

ME 3400EG-12CS switch policers 33-3

media-type command 10-21

membership mode, VLAN port 12-5

MEPs

and STP 40-4

defined 40-3

messages

Ethernet OAM 40-15

to users through banners 5-17

metrics, in BGP 36-50

metric translations, between routing protocols 36-93

metro tags 14-2

MHSRP 37-3

MIBs

accessing files with FTP A-3

location of files A-3

overview 30-1

SNMP interaction with 30-4

supported A-1

MIPs

and STP 40-4

defined 40-4

mirroring traffic for analysis 27-1

mismatches, autonegotiation 43-8

modular QoS command-line interface

See MQC

module number 10-8

monitoring

access groups 32-39

BGP 36-61

cables for unidirectional links 26-1

CDP 24-5

CEF 36-87

control-plane security 33-6

EIGRP 36-41

E-LMI 40-33

Ethernet CFM 40-13, 40-14

Ethernet OAM 40-24

Ethernet OAM protocol 40-24

monitoring

features 1-9

Flex Links 19-14

HSRP 37-11

IEEE 802.1Q tunneling 14-23

IGMP

filters 22-29

snooping 22-14

interfaces 10-29

IP

address tables 36-16

multicast routing 41-46

routes 36-100

IP SLAs operations 38-13

IPv4 ACL configuration 32-39

IS-IS 36-71

ISO CLNS 36-71

Layer 2 protocol tunneling 14-23

MAC address-table move update 19-14

MSDP peers 42-18

multicast router interfaces 22-15

multi-VRF CE 36-86

MVR 22-23

network traffic for analysis with probe 27-2

OAM manager 40-33

object tracking 39-10

OSPF 36-34

port

blocking 23-17

protection 23-17

private VLANs 13-15

QoS 34-68

REP 18-13

RP mapping information 41-33

SFPs

status 10-30

SFP status 1-10, 43-9

source-active messages 42-18

speed and duplex mode 10-20

monitoring

SSM mapping 41-22

traffic flowing among switches 28-1

traffic suppression 23-17

tunneling 14-23

VLAN

filters 32-39

maps 32-39

VLANs 12-14

VMPS 12-28

MQC

process 34-3

steps to configure 34-3

mrouter Port 19-3

mrouter port 19-5

MSDP

benefits of 42-3

clearing MSDP connections and statistics 42-18

controlling source information

forwarded by switch 42-11

originated by switch 42-8

received by switch 42-13

default configuration 42-4

dense-mode regions

sending SA messages to 42-16

specifying the originating address 42-17

filtering

incoming SA messages 42-14

SA messages to a peer 42-12

SA requests from a peer 42-10

join latency, defined 42-6

meshed groups

configuring 42-15

defined 42-15

originating address, changing 42-17

overview 42-1

peer-RPF flooding 42-2

MSDP

peers

configuring a default 42-4

monitoring 42-18

peering relationship, overview 42-1

requesting source information from 42-8

shutting down 42-15

source-active messages

caching 42-6

clearing cache entries 42-18

defined 42-2

filtering from a peer 42-10

filtering incoming 42-14

filtering to a peer 42-12

limiting data with TTL 42-13

monitoring 42-18

restricting advertised sources 42-9

support for 1-9

MSTP

boundary ports

configuration guidelines 16-15

described 16-6

BPDU filtering

described 17-3

enabling 17-8

BPDU guard

described 17-3

enabling 17-7

CIST, described 16-3

CIST regional root

CIST root 16-5

configuration guidelines 16-15, 17-6

MSDP

configuring

forward-delay time 16-23

hello time 16-23

link type for rapid convergence 16-25

maximum aging time 16-24

maximum hop count 16-24

MST region 16-16

neighbor type 16-25

path cost 16-21

port priority 16-19

root switch 16-17

secondary root switch 16-18

switch priority 16-22

CST

defined 16-3

operations between regions 16-4

default configuration 16-14

default optional feature configuration 17-5

displaying status 16-27

enabling the mode 16-16

EtherChannel guard

described 17-3

enabling 17-9

extended system ID

effects on root switch 16-17

effects on secondary root switch 16-18

unexpected behavior 16-17

IEEE 802.1s

implementation 16-6

port role naming change 16-7

instances supported 15-10

interface state, blocking to forwarding 17-2

interoperability and compatibility among modes 15-10

interoperability with 802.1D

described 16-8

restarting migration process 16-26

MSDP

IST

defined 16-3

master 16-3

operations within a region 16-3

loop guard

described 17-5

enabling 17-10

mapping VLANs to MST instance 16-16

MST region

CIST 16-3

configuring 16-16

described 16-2

hop-count mechanism 16-5

IST 16-3

supported spanning-tree instances 16-2

optional features supported 1-5

overview 16-2

Port Fast

described 17-2

enabling 17-6

preventing root switch selection 17-4

root guard

described 17-4

enabling 17-10

root switch

configuring 16-17

effects of extended system ID 16-17

unexpected behavior 16-17

shutdown Port Fast-enabled port 17-3

stack changes, effects of 16-8

status, displaying 16-27

multicast groups

Immediate Leave 22-5

leaving 22-5

static joins 22-8

multicast packets

ACLs on 32-38

multicast router interfaces, monitoring 22-15

multicast router ports, adding 22-7

Multicast Source Discovery Protocol

See MSDP

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 22-16

multicast VLAN 22-15

Multicast VLAN Registration

See MVR

multioperations scheduling, IP SLAs 38-5

Multiple HSRP

See MHSRP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example 36-82

configuration guidelines 36-75

configuring 36-74

default configuration 36-75

defined 1-16, 36-72

displaying 36-86

monitoring 36-86

network components 36-74

packet-forwarding process 36-74

support for 1-9

MVR

and address aliasing 22-19

and IGMPv3 22-19

configuration guidelines 22-18

configuring interfaces 22-20

default configuration 22-18

described 22-15

example application 22-16

in the switch stack 22-18

modes 22-19

monitoring 22-23

multicast television application 22-16

MVR

setting global parameters 22-19

support for 1-3

MVRoT, guidelines 22-18

MVR over trunk ports

See MVRoT

N

named IPv4 ACLs 32-14

NameSpace Mapper

See NSM

native VLAN

and IEEE 802.1Q tunneling 14-4

configuring 12-19

default 12-19

neighbor discovery/recovery, EIGRP 36-35

neighbor offset numbers, REP 18-4

neighbors, BGP 36-56

network management

CDP 24-1

RMON 28-1

SNMP 30-1

network node interface

See NNI

network performance, measuring with IP SLAs 38-3

network policy TLV 25-7

Network Time Protocol

See NTP

NNI

configuring 10-17

described 10-2

protocol control packets on 33-1

no commands 2-4

non-IP traffic filtering 32-26

Nonstop Forwarding Awareness

See NSF Awareness

nontrunking mode 12-15

normal-range VLANs

characteristics 12-3

configuring 12-7

defined 12-1

no switchport command 10-5

not-so-stubby areas

See NSSA

NSAPs, as ISO IGRP addresses 36-62

NSF Awareness

BGP 36-46

EIGRP 36-37

IS-IS 36-64

OSPF 36-25

NSM 4-3

NSSA, OSPF 36-29

NTP

associations

authenticating 5-4

defined 5-2

enabling broadcast messages 5-6

peer 5-5

server 5-5

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

support for 1-4

synchronizing devices 5-5

time

services 5-2

synchronizing 5-2

O

OAM

client 40-14

features 40-15

sublayer 40-15

OAM manager

and E-LMI 40-27

configuration guidelines 40-28

configuring 40-28, 40-34

monitoring 40-33

purpose of 40-26

with CFM 40-27

with CFM and Ethernet OAM 40-33

OAM PDUs 40-16

OAM protocol data units 40-14

OBFL

configuring 43-22

described 43-21

displaying 43-23

object tracking

HSRP 39-7

IP SLAs 39-9

IP SLAs, configuring 39-9

monitoring 39-10

on-board failure logging

See OBFL

online diagnostics

described 44-1

overview 44-1

running tests 44-5

Open Shortest Path First

See OSPF

optimizing system resources 7-1

options, management 1-3

OSPF

area parameters, configuring 36-29

configuring 36-25

default configuration

metrics 36-31

route 36-31

settings 36-24

described 36-22

interface parameters, configuring 36-26

LSA group pacing 36-32

monitoring 36-34

network types, configuring 36-28

router IDs 36-33

route summarization 36-31

support for 1-9

virtual links 36-31

output policies 34-5

output policy maps

classification criteria 34-5

configuration guidelines 34-56

configuring 34-55

displaying statistics 34-68

P

packet classification

defined 34-5

to organize traffic 34-2

packet marking

configuring 34-49

defined 34-20

packet policing, for QoS 34-2

PAgP

Layer 2 protocol tunneling 14-14

See EtherChannel

parallel paths, in routing tables 36-88

parent policies, QoS 34-12, 34-24

passive interfaces

configuring 36-97

OSPF 36-31

passwords

default configuration 8-2

disabling recovery of 8-5

encrypting 8-3

for security 1-7

overview 8-1

recovery of 43-3

setting

enable 8-3

enable secret 8-3

Telnet 8-6

with usernames 8-6

path cost

MSTP 16-21

STP 15-19

PBR

defined 36-94

enabling 36-95

fast-switched policy-based routing 36-96

local policy-based routing 36-97

peers, BGP 36-56

percentage thresholds in tracked lists 39-6

performance features 1-2

periodic data collection and transfer mechanism 30-6

per-port, per-VLAN policy maps, configuration guidelines 34-51

per-port per VLAN policing 34-12, 34-51

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring 36-81

physical ports 10-3

PIM

default configuration 41-8

dense mode

overview 41-4

rendezvous point (RP), described 41-4

RPF lookups 41-8

displaying neighbors 41-47

enabling a mode 41-11

overview 41-3

router-query message interval, modifying 41-36

shared tree and source tree, overview 41-33

shortest path tree, delaying the use of 41-35

sparse mode

join messages and shared tree 41-4

overview 41-4

prune messages 41-4

RPF lookups 41-8

stub routing

configuration guidelines 41-12

enabling 41-12

overview 41-4

support for 1-1, 1-9

versions

interoperability 41-9

troubleshooting interoperability problems 41-33

v2 improvements 41-3

ping

executing 43-10

overview 43-9

police aggregate command 34-48

police command, with individual policers 34-41, 34-53

policer aggregate command 34-45

policer configuration

default for ENIs and UNIs 33-4

default for NNIs 33-5

policers

configuring for more than one traffic class 34-45

described 34-2

policing

aggregate in input policy maps 34-17

described 34-2

individual in input policy maps 34-15

priority in output policy maps 34-20

QoS 34-15

policy-based routing

See PBR

policy-map command 34-3

policy-map marking, configuration guidelines 34-49

policy maps

attaching 34-3, 34-39

configuration examples 34-69

described 34-15

input

configuring 34-40

described 34-4

output

configuring 34-55

described 34-4

port ACLs

defined 32-2

types of 32-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-5

authentication server

defined 9-2

RADIUS server 9-2

client, defined 9-2

configuration guidelines 9-11

port-based authentication

configuring

802.1x authentication 9-13

host mode 9-19

manual re-authentication of a client 9-16

periodic re-authentication 9-15

quiet period 9-16

RADIUS server 9-15

RADIUS server parameters on the switch 9-14

switch-to-client frame-retransmission number 9-18

switch-to-client retransmission time 9-17

violation mode 9-8

violation modes9-12to 9-13

default configuration 9-10

described 9-1

device roles 9-2

displaying statistics 9-21

EAPOL-start frame 9-3

EAP-request/identity frame 9-3

EAP-response/identity frame 9-3

encapsulation 9-3

host mode 9-6

initiation and message exchange 9-3

maximum number of allowed devices per port 9-11

method lists 9-13

multiple-hosts mode, described 9-6

ports

authorization state and dot1x port-control command 9-4

authorized and unauthorized 9-4

port security

described 9-7

interactions 9-7

multiple-hosts mode 9-6

readiness check

configuring 9-12

described 9-7, 9-11

resetting to default values 9-20

port-based authentication

statistics, displaying 9-21

switch

as proxy 9-3

RADIUS client 9-3

VLAN assignment

AAA authorization 9-13

characteristics 9-8

configuration tasks 9-9

described 9-8

port blocking 1-2, 23-6

port-channel

See EtherChannel

Port Fast

described 17-2

enabling 17-6

support for 1-5

port membership modes, VLAN 12-4

port priority

MSTP 16-19

STP 15-17

ports

access 10-4

blocking 23-6

dual-purpose 10-6

dynamic access 12-5

IEEE 802.1Q tunnel 12-5

protected 23-5

REP 18-6

routed 10-5

secure 23-8

static-access 12-5, 12-11

switch 10-3

trunks 12-5, 12-14

VLAN assignments 12-11

port security

aging 23-15

and private VLANs 23-16

configuration guidelines 23-10

configuring 23-11

default configuration 23-10

described 23-8

displaying 23-17

enabling 23-16

on trunk ports 23-12

sticky learning 23-9

violations 23-9

with other features 23-10

port shaping

configuring 34-60

described 34-23

port-shutdown response, VMPS 12-24

port types 10-2

power 25-7

power management TLV 25-7

preempt delay time, REP 18-5

preemption, default configuration 19-7

preemption delay, default configuration 19-7

preferential treatment of traffic

See QoS

prefix lists, BGP 36-54

preventing unauthorized access 8-1

primary edge port, REP 18-4

primary links 19-2

primary VLANs 13-2, 13-3

priority

HSRP 37-6

priority command 34-20

configuring strict priority queuing 34-61

for QoS scheduling 34-22

for strict priority queuing 34-26

priority policing, described 34-20

priority queues

configuring 34-61

described 34-26

for QoS scheduling 34-22

priority with police

commands 34-20

configuring 34-63

described 34-26

priority with unconditional policing, QoS 34-22

private VLANs

across multiple switches 13-4

and SVIs 13-5

and UNI VLANs 12-12

benefits of 13-1

community ports 13-3

community VLANs 13-2, 13-3

configuration guidelines 13-6, 13-7, 13-8

configuration tasks 13-6

configuring 13-10

default configuration 13-6

end station access to 13-3

IP addressing 13-4

isolated port 13-3

isolated VLANs 13-2, 13-3

mapping 13-14

monitoring 13-15

ports

community 13-3

configuration guidelines 13-8

configuring host ports 13-11

configuring promiscuous ports 13-13

described 12-5

isolated 13-3

promiscuous 13-2

primary VLANs 13-2, 13-3

promiscuous ports 13-2

secondary VLANs 13-2

subdomains 13-1

traffic in 13-5

privileged EXEC mode 2-2

privilege levels

changing the default for lines 8-9

exiting 8-9

logging into 8-9

overview 8-2, 8-7

setting a command with 8-8

promiscuous ports

configuring 13-13

defined 13-2

protected ports 23-5

protocol control packets 33-1

protocol-dependent modules, EIGRP 36-35

Protocol-Independent Multicast Protocol

See PIM

provider edge devices 1-16, 36-73

proxy ARP

configuring 36-9

definition 36-7

with IP routing disabled 36-10

proxy reports 19-3

PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Q

QinQ

See IEEE 802.1Q tunneling

QoS

aggregate policers 34-17

and MQC 34-1

basic model 34-2

CBWFQ 34-24

CBWFQ, configuring 34-57

class-based shaping, described 34-23

QoS

classification

ACL lookup 34-10

based on CoS value 34-7

based on DSCP 34-8

based on IP precedence 34-8

based on QoS group 34-11

based on VLAN IDs 34-12, 34-51

class maps, described 34-6

comparisons 34-9

criteria 34-5

in frames and packets 34-6

policy maps, described 34-15

class maps, configuration guidelines 34-36

class maps, configuring 34-36

configuration examples

adding customers 34-71

adding or deleting a class 34-74

adding or deleting classification criteria 34-71, 34-72

adding or deleting configured actions 34-73

changing queuing or scheduling parameters 34-72

configuration guidelines

aggregate policers 34-45

CBWFQ 34-57

class-based shaping 34-59

class maps 34-36

general 34-31

individual policers 34-41

input policy maps 34-40

marking 34-49

output policy maps 34-56

unconditional priority policing 34-63

WTD 34-65

QoS

configuring

aggregate policers 34-45

class-based shaping 34-59

classification with IP ACLs 34-32

class maps 34-36

individual policers 34-42

individual policing 34-41, 34-53

input policy maps with marking 34-49

IP ACLs 34-32

MAC ACLs 34-35

output policy maps 34-55

port shaping 34-60

priority queues 34-61

queue size 34-28

requirements 34-30

service policies 34-39

strict priority queuing 34-61

table maps 34-38

unconditional priority policing 34-63

WTD 34-65, 34-66

congestion avoidance 34-2, 34-27

congestion management 34-2, 34-22

CPU-generated traffic

configuring output policy classification criteria 34-5

configuring QoS group number 34-11

configuring queue-limit 34-65

output remarking 34-5

QoS groups 34-21

default configuration 34-31

initial configuration example 34-69

input policy maps

configuring 34-40

described 34-4

IP packet classification 34-5

Layer 2 packet classification 34-5

Layer 3 packet classification 34-5

marking, described 34-2

QoS

match command 34-7

output policy maps

configuring 34-57

described 34-5

overview 34-1

packet classification 34-2

packet marking 34-20

packet policing 34-2

parent-child hierarchy 34-12, 34-24

per-port, per-VLAN hierarchical policy maps

described 34-12

policers

configuring 34-42, 34-47, 34-63

described 34-15

policing

aggregate 34-17

described 34-2, 34-15

individual 34-15

priority 34-20

policy maps

attaching 34-39

attaching to an interface 34-18

displaying statistics 34-68

port shaping, described 34-23

preconfiguration 34-30

priority policing, described 34-20

priority with police 34-26

queue size 34-28

scheduling 34-22

CBWFQ 34-22

priority queuing 34-22

traffic shaping 34-22

strict priority queuing 34-26

supported table maps 34-14

support for 1-8

table maps 34-14

traffic shaping, described 34-23

QoS

unconditional priority policing 34-26

WTD 34-28

QoS groups

classification 34-11, 34-12, 34-51

described 34-5, 34-11

QoS information, displaying 34-68

quality of service

See QoS

queries, IGMP 22-3

query solicitation, IGMP 22-11

queue bandwidth and queue size, relationship 34-29

queue-limit command, QoS 34-28, 34-29, 34-65

queue size, QoS, managing 34-28

R

RADIUS

attributes

vendor-proprietary 8-30

vendor-specific 8-29

configuring

accounting 8-28

authentication 8-23

authorization 8-27

communication, global 8-21, 8-29

communication, per-server 8-20, 8-21

multiple UDP ports 8-21

default configuration 8-20

defining AAA server groups 8-25

displaying the configuration 8-31

identifying the server 8-20

limiting the services to the user 8-27

method list, defined 8-20

operation of 8-19

overview 8-18

suggested network environments 8-18

support for 1-7

tracking services accessed by user 8-28

range

macro 10-10

of interfaces 10-9

rapid convergence 16-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Rapid Spanning Tree Protocol

See RSTP

RARP 36-7

rate-limiting threshold, CPU protection 33-6

RCP

configuration files

downloading B-17

overview B-15

preparing the server B-16

uploading B-18

image files

deleting old image B-35

downloading B-33

preparing the server B-32

uploading B-35

reachability, tracking IP SLAs IP host 39-9

readiness check

port-based authentication

configuring 9-12

described 9-7, 9-11

reconfirmation interval, VMPS, changing 12-27

reconfirming dynamic VLAN membership 12-27

recovery procedures 43-1

redundancy

EtherChannel 35-3

HSRP 37-1

STP

backbone 15-8

path cost 12-21

port priority 12-20

reliable transport protocol, EIGRP 36-35

reloading software 3-21

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

remote failure indications 40-15

remote failure indications, Ethernet OAM 40-21

remote loopback, Ethernet OAM 40-15, 40-17

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-2

REP

administrative VLAN 18-8

administrative VLAN, configuring 18-8

and STP 18-5

configuration guidelines 18-7

configuring interfaces 18-9

convergence 18-4

default configuration 18-7

manual preemption, configuring 18-12

monitoring 18-13

neighbor offset numbers 18-4

open segment 18-2

ports 18-6

preempt delay time 18-5

primary edge port 18-4

ring segment 18-2

secondary edge port 18-4

segments 18-1

characteristics 18-2

SNMP traps, configuring 18-13

supported interfaces 18-1

triggering VLAN load balancing 18-5

verifying link integrity 18-3

VLAN blocking 18-12

VLAN load balancing 18-4

report suppression, IGMP

described 22-6

disabling 22-14

resequencing ACL entries 32-14

resets, in BGP 36-49

resetting a UDLD-shutdown interface 26-6

Resilient Ethernet ProtocolLSee REP

responder, IP SLAs

described 38-4

enabling 38-7

response time, measuring with IP SLAs 38-4

restricting access

NTP services 5-8

overview 8-1

passwords and privilege levels 8-2

RADIUS 8-17

TACACS+ 8-9

retry count, VMPS, changing 12-27

reverse address resolution 36-7

Reverse Address Resolution Protocol

See RARP

RFC

1112, IP multicast and IGMP 22-2

1157, SNMPv1 30-2

1305, NTP 5-2

1587, NSSAs 36-23

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 22-2

2273-2275, SNMPv3 30-2

2475, DSCP 34-9

2597, AF per-hop behavior 34-9

2598, EF 34-9

RIP

advertisements 36-18

authentication 36-20

configuring 36-19

default configuration 36-18

described 36-18

hop counts 36-18

summary addresses 36-21

support for 1-9

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-5

collecting group history 28-5

support for 1-10

root guard

described 17-4

enabling 17-10

support for 1-5

root switch

MSTP 16-17

STP 15-15

route calculation timers, OSPF 36-31

route dampening, BGP 36-60

routed packets, ACLs on 32-37

routed ports

configuring 36-3

defined 10-5

IP addresses on 10-26, 36-3

route-map command 36-96

route maps

BGP 36-52

policy-based routing 36-94

router ACLs

defined 32-2

types of 32-4

route reflectors, BGP 36-59

router ID, OSPF 36-33

route selection, BGP 36-50

route summarization, OSPF 36-31

route targets, VPN 36-74

routing

default 36-2

dynamic 36-2

redistribution of information 36-90

static 36-2

routing domain confederation, BGP 36-59

Routing Information Protocol

See RIP

routing protocol administrative distances 36-89

RSPAN

characteristics 27-7

configuration guidelines 27-15

default configuration 27-9

defined 27-2

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-10, 27-1

received traffic 27-4

session limits 27-10

sessions

creating 27-16

defined 27-3

limiting source traffic to specific VLANs 27-21

specifying monitored ports 27-16

with ingress traffic enabled 27-19

source ports 27-5

transmitted traffic 27-5

VLAN-based 27-6

RSPAN VLANs, and UNI VLANs 12-13

RSTP

active topology 16-9

BPDU

format 16-12

processing 16-13

designated port, defined 16-9

designated switch, defined 16-9

interoperability with 802.1D

described 16-8

restarting migration process 16-26

topology changes 16-13

overview 16-8

port roles

described 16-9

synchronized 16-11

proposal-agreement handshake process 16-10

rapid convergence

described 16-10

edge ports and Port Fast 16-10

point-to-point links 16-10, 16-25

root ports 16-10

root port, defined 16-9

See also MSTP

running configuration

replacing B-19, B-20

rolling back B-19, B-20

running configuration, saving 3-14

S

scheduled reloads 3-21

scheduling, IP SLAs operations 38-5

scheduling, QoS 34-22

SCP

and SSH 8-41

configuring 8-41

SDM

described 7-1

templates

configuring 7-3

number of 7-1

SDM template

configuration guidelines 7-2

configuring 7-2

default 7-1

layer 2 7-1

types of 7-1

secondary edge port, REP 18-4

secondary VLANs 13-2

Secure Copy Protocol

secure MAC addresses

deleting 23-14

maximum number of 23-9

types of 23-8

secure ports, configuring 23-8

secure remote connections 8-37

Secure Shell

See SSH

security, port 23-8

security features 1-6

See SCP

sequence numbers in log messages 29-8

service-policy command

attaching policy maps 34-3

guidelines 34-56

using 34-39

service-provider network, MSTP and RSTP 16-1

service-provider networks

and customer VLANs 14-2

and IEEE 802.1Q tunneling 14-1

Layer 2 protocols across 14-13

Layer 2 protocol tunneling for EtherChannels 14-14

set command

for QoS marking 34-21

guidelines 34-49

set-request operation 30-4

severity levels, defining in system messages 29-8

SFPs

monitoring status of 1-10, 10-30, 43-9

security and identification 43-8

status, displaying 1-10

shape average command, QoS 34-22, 34-23, 34-58

shaped round robin

See SRR

show access-lists hw-summary command 32-21

show and more command output, filtering 2-8

show cdp traffic command 24-5

show configuration command 10-25

show forward command 43-18

show interfaces command 10-20, 10-25

show interfaces switchport 19-4

show l2protocol command 14-18, 14-20, 14-21

show lldp traffic command 25-8

show platform forward command 43-18

show running-config command

displaying ACLs 32-19, 32-31, 32-33

interface description in 10-25

shutdown command on interfaces 10-31

shutdown threshold for Layer 2 protocol packets 14-16

Simple Network Management Protocol

See SNMP

SMNP traps, and CFM 40-4

SNAP 24-1

SNMP

accessing MIB variables with 30-4

agent

described 30-4

disabling 30-8

and IP SLAs 38-2

authentication level 30-11

community strings

configuring 30-8

overview 30-4

configuration examples 30-20

SNMP

default configuration 30-7

engine ID 30-7

groups 30-7, 30-10

host 30-7

ifIndex values 30-5

in-band management 1-4

informs

and trap keyword 30-12

described 30-5

differences from traps 30-5

disabling 30-16

enabling 30-16

limiting access by TFTP servers 30-16

limiting system log messages to NMS 29-10

manager functions 1-3, 30-3

MIBs

location of A-3

supported A-1

notifications 30-5

overview 30-1, 30-4

security levels 30-3

status, displaying 30-22

system contact and location 30-16

trap manager, configuring 30-14

traps

described 30-3, 30-5

differences from informs 30-5

disabling 30-16

enabling 30-12

enabling MAC address notification 5-22

overview 30-1, 30-4

types of 30-12

users 30-7, 30-10

versions supported 30-2

SNMP traps

REP 18-13

SNMPv1 30-2

SNMPv2C 30-2

SNMPv3 30-3

snooping, IGMP 22-1

software images

location in flash B-23

recovery procedures 43-2

scheduling reloads 3-21

tar file format, described B-24

See also downloading and uploading

source addresses, in IPv4 ACLs 32-11

source-and-destination-IP address based forwarding, EtherChannel 35-8

source-and-destination MAC address forwarding, EtherChannel 35-8

source-IP address based forwarding, EtherChannel 35-8

source-MAC address forwarding, EtherChannel 35-7

Source-specific multicast

See SSM

SPAN

configuration guidelines 27-10

default configuration 27-9

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-10, 27-1

ports, restrictions 23-11

received traffic 27-4

session limits 27-10

sessions

configuring ingress forwarding 27-13, 27-20

creating 27-10

defined 27-3

limiting source traffic to specific VLANs 27-14

removing destination (monitoring) ports 27-12

specifying monitored ports 27-10

with ingress traffic enabled 27-12

source ports 27-5

traffic 27-4

SPAN

transmitted traffic 27-5

VLAN-based 27-6

spanning tree and native VLANs 12-16

Spanning Tree Protocol

See STP

SPAN traffic 27-4

speed, configuring on interfaces 10-18

SRR, support for 1-8

SSH

configuring 8-38

cryptographic software image 8-37

described 1-4, 8-37

encryption methods 8-38

user authentication methods, supported 8-38

SSM

address management restrictions 41-15

CGMP limitations 41-16

components 41-14

configuration guidelines 41-15

configuring 41-13, 41-16

differs from Internet standard multicast 41-14

IGMP snooping 41-16

IGMPv3 41-14

IGMPv3 Host Signalling 41-15

IP address range 41-14

monitoring 41-16

operations 41-14

PIM 41-14

state maintenance limitations 41-16

SSM mapping

configuration guidelines 41-17

configuring 41-17, 41-19

defined 41-17

DNS-based 41-18, 41-20

monitoring 41-22

overview 41-17

restrictions 41-17

static 41-18, 41-20

static traffic forwarding 41-21

standby ip command 37-5

standby links 19-2

standby router 37-1

standby timers, HSRP 37-9

startup configuration

booting

manually 3-18

specific image 3-18

clearing B-19

configuration file

automatically downloading 3-17

specifying the filename 3-17

default boot configuration 3-17

static access ports

assigning to VLAN 12-11

defined 10-4, 12-5

static addresses

See addresses

static IP routing 1-9

static MAC addressing 1-7

static routes, configuring 36-88

static routing 36-2

static SSM mapping 41-18, 41-20

static traffic forwarding 41-21

static VLAN membership 12-2

statistics

802.1x 9-21

CDP 24-5

interface 10-29

IP multicast routing 41-46

LLDP 25-8

LLDP-MED 25-8

OSPF 36-34

RMON group Ethernet 28-5

RMON group history 28-5

SNMP input and output 30-22

sticky learning 23-9

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-17

support for 1-2

thresholds 23-1

STP

and REP 18-5

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

BPDU message exchange 15-3

configuration guidelines 15-12, 17-6

configuring

forward-delay time 15-22

hello time 15-21

maximum aging time 15-22

path cost 15-19

port priority 15-17

root switch 15-15

secondary root switch 15-17

spanning-tree mode 15-14

switch priority 15-20

counters, clearing 15-23

default configuration 15-11

default optional feature configuration 17-5

designated port, defined 15-4

designated switch, defined 15-4

disabling 15-15

displaying status 15-23

STP

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

extended system ID

effects on root switch 15-15

effects on the secondary root switch 15-17

overview 15-4

unexpected behavior 15-16

features supported 1-5

IEEE 802.1D and bridge ID 15-4

IEEE 802.1D and multicast addresses 15-9

IEEE 802.1t and VLAN identifier 15-4

inferior BPDU 15-3

instances supported 15-10

interface state, blocking to forwarding 17-2

interface states

blocking 15-6

disabled 15-7

forwarding 15-6, 15-7

learning 15-7

listening 15-6

overview 15-4

interoperability and compatibility among modes 15-10

keepalive messages 15-3

Layer 2 protocol tunneling 14-13

limitations with 802.1Q trunks 15-11

load sharing

overview 12-19

using path costs 12-21

using port priorities 12-20

loop guard

described 17-5

enabling 17-10

modes supported 15-9

multicast addresses, effect of 15-9

optional features supported 1-5

STP

overview 15-2

path costs 12-21, 12-22

Port Fast

described 17-2

enabling 17-6

port priorities 12-20

preventing root switch selection 17-4

protocols supported 15-9

redundant connectivity 15-8

root guard

described 17-4

enabling 17-10

root port, defined 15-3

root switch

configuring 15-15

effects of extended system ID 15-4, 15-15

election 15-3

unexpected behavior 15-16

status, displaying 15-23

superior BPDU 15-3

timers, described 15-21

stratum, NTP 5-2

strict priority queuing 34-61

configuration guidelines 34-61

configuring 34-61

defined 34-26

QoS 34-26

stub areas, OSPF 36-29

stub routing, EIGRP 36-40

subdomains, private VLAN 13-1

subnet mask 36-5

subnet zero 36-5

success response, VMPS 12-24

summer time 5-13

SunNet Manager 1-3

supernet 36-6

SVIs

and IP unicast routing 36-3

and router ACLs 32-4

connecting VLANs 10-7

defined 10-5

routing between VLANs 12-2

S-VLAN 14-7

switch console port 1-4

Switch Database Management

See SDM

switched packets, ACLs on 32-37

Switched Port Analyzer

See SPAN

switched ports 10-3

switchport backup interface 19-4, 19-5

switchport block multicast command 23-7

switchport block unicast command 23-7

switchport command 10-15

switchport mode dot1q-tunnel command 14-6

switchport protected command 23-6

switch priority

MSTP 16-22

STP 15-20

switch software features 1-1

switch virtual interface

See SVI

synchronization, BGP 36-46

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-2

See also NTP

system message logging

default configuration 29-3

defining error message severity levels 29-8

disabling 29-4

displaying the configuration 29-13

enabling 29-4

facility keywords, described 29-13

level keywords, described 29-9

limiting messages 29-10

message format 29-2

overview 29-1

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

synchronizing log messages 29-6

syslog facility 1-10

time stamps, enabling and disabling 29-7

UNIX syslog servers

configuring the daemon 29-12

configuring the logging facility 29-12

facilities supported 29-13

system MTU

and IEEE 802.1Q tunneling 14-5

and IS-IS LSPs 36-67

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-15

system resources, optimizing 7-1

system routing

IS-IS 36-62

ISO IGRP 36-62

System-to-Intermediate System Protocol

See IS-IS

T

table maps

default actions 34-14

described 34-14

for QoS marking 34-21

QoS, configuring 34-38

types of 34-14

TACACS+

accounting, defined 8-11

authentication, defined 8-11

authorization, defined 8-11

configuring

accounting 8-17

authentication key 8-13

authorization 8-16

login authentication 8-14

default configuration 8-13

displaying the configuration 8-17

identifying the server 8-13

limiting the services to the user 8-16

operation of 8-12

overview 8-10

support for 1-7

tracking services accessed by user 8-17

tagged packets

IEEE 802.1Q 14-3

Layer 2 protocol 14-13

tar files

creating B-6

displaying the contents of B-6

extracting B-7

image file format B-24

TCL script, registering and defining with embedded event manager 31-6

TDR 1-10

Telnet

accessing management interfaces 2-9

number of connections 1-4

setting a password 8-6

templates

Ethernet OAM 40-21

SDM 7-2

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 8-6

testing connectivity 40-24

TFTP

configuration files

downloading B-11

preparing the server B-10

uploading B-11

configuration files in base directory 3-7

configuring for autoconfiguration 3-6

image files

deleting B-27

downloading B-26

preparing the server B-25

uploading B-27

limiting access by servers 30-16

TFTP server 1-3

threshold, traffic level 23-2

threshold monitoring, IP SLAs 38-6

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32-16

time ranges in ACLs 32-16

time stamps in log messages 29-7

time-to-live 36-15

time zones 5-12

TLVs

defined 25-1

LLDP 25-2

LLDP-MED 25-2

traceroute, Layer 2

and ARP 43-13

and CDP 43-13

broadcast traffic 43-13

described 43-13

IP addresses and subnets 43-13

MAC addresses and VLANs 43-13

multicast traffic 43-13

multiple devices on a port 43-14

unicast traffic 43-13

usage guidelines 43-13

traceroute command 43-15

See also IP traceroute

tracked lists

configuring 39-3

types 39-3

tracked objects

by Boolean expression 39-4

by threshold percentage 39-6

by threshold weight 39-5

tracking interface line-protocol state 39-2

tracking IP routing state 39-2

tracking objects 39-1

tracking process 39-1

track state, tracking IP SLAs 39-9

traffic

blocking flooded 23-7

fragmented 32-5

unfragmented 32-5

traffic class, defined 34-3

traffic classification, typical values 34-9

traffic marking 34-20

traffic policies, elements in 34-3

traffic shaping

for QoS scheduling 34-22

QoS traffic control 34-23

traffic suppression 23-1

trap-door mechanism 3-2

traps

configuring MAC address notification 5-22

configuring managers 30-12

defined 30-3

enabling 5-22, 30-12

notification types 30-12

overview 30-1, 30-4

troubleshooting

connectivity problems 43-9, 43-12, 43-14

detecting unidirectional links 26-1

displaying crash information 43-21

PIMv1 and PIMv2 interoperability problems 41-33

setting packet forwarding 43-18

SFP security and identification 43-8

show forward command 43-18

with CiscoWorks 30-4

with debug commands 43-17

with ping 43-9

with system message logging 29-1

with traceroute 43-14

trunk failover

See link-state tracking

trunking encapsulation 1-6

trunk ports

configuring 12-17

defined 10-4, 12-5

trunks

allowed-VLAN list 12-17

load sharing

setting STP path costs 12-21

using STP port priorities 12-20

native VLAN for untagged traffic 12-19

parallel 12-21

tunneling

defined 14-1

IEEE 802.1Q 14-1

Layer 2 protocol 14-13

tunnel ports

defined 12-5

described 10-4, 14-1

IEEE 802.1Q, configuring 14-6

incompatibilities with other features 14-6

twisted-pair Ethernet, detecting unidirectional links 26-1

U

UDLD

configuration guidelines 26-4

default configuration 26-4

disabling

globally 26-5

on fiber-optic interfaces 26-5

per interface 26-5

echoing detection mechanism 26-2

enabling

globally 26-5

per interface 26-5

Layer 2 protocol tunneling 14-15

link-detection mechanism 26-1

neighbor database 26-2

overview 26-1

resetting an interface 26-6

status, displaying 26-6

support for 1-5

UDP

datagrams 36-15

defined

forwarding 36-13

UDP, configuring 36-13

UDP jitter, configuring 38-9

UDP jitter operation, IP SLAs 38-8

unauthorized ports with 802.1x 9-4

unconditional priority policing

configuration guidelines 34-63

priority with police 34-26

UNI

configuring 10-17

described 10-2

protocol control packets on 33-1

unicast MAC address filtering

and adding static addresses 5-26

and broadcast MAC addresses 5-25

and CPU packets 5-26

and multicast addresses 5-25

and router MAC addresses 5-25

configuration guidelines 5-25

described 5-25

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-7

UNI community VLAN 12-6

UniDirectional Link Detection protocol

See UDLD

UNI isolated VLAN 12-6

UNIs, remote (CFM) 40-27

UNI-ENI VLANs

and private VLANs 12-12

and RSPAN VLANs 12-13

configuration guidelines 12-12

configuring 12-13

defined 12-5

UNIX syslog servers

daemon configuration 29-12

facilities supported 29-13

message logging configuration 29-12

upgrading software images

See downloading

upgrading with CNS 4-14

uploading

configuration files

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-14

using RCP B-18

using TFTP B-11

image files

preparing B-25, B-28, B-32

reasons for B-23

using FTP B-31

using RCP B-35

using TFTP B-27

usage guidelines

Layer 2 traceroute 43-13

User Datagram Protocol

See UDP

user EXEC mode 2-2

username-based authentication 8-6

user network interface

See UNI

V

Virtual Private Network

See VPN

virtual router 37-1, 37-2

vlan.dat file 12-3

VLAN 1

disabling on a trunk port 12-18

minimization 12-18

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 12-24

VLAN blocking, REP 18-12

VLAN configuration mode 2-2

VLAN database

and VTP 31-1

VLAN configuration saved in 12-9

VLANs saved in 12-3

vlan dot1q tag native command 14-4

VLAN filtering and SPAN 27-6

vlan global configuration command 12-7, 12-9

VLAN ID

discovering 5-28

service provider 14-8

VLAN ID translation

See VLAN mapping

VLAN load balancing

configuration guidelines on flex links 19-8

on flex links 19-2

REP 18-4

triggering 18-5

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 32-29

VLAN mapping

1-to-1 14-8

1-to-1, configuring 14-10

configuration guidelines 14-9

configuring 14-10

configuring on a trunk port 14-10

default 14-9

described 14-7

selective QinQ 14-8

selective Q-in-Q, configuring 14-12

traditional QinQ 14-8

traditional Q-in-Q, configuring 14-11

types of 14-8

VLAN maps

applying 32-33

common uses for 32-33

configuration guidelines 32-29

configuring 32-29

creating 32-30

defined 32-2, 32-5

denying access to a server example 32-34

denying and permitting packets 32-31

displaying 32-39

examples of ACLs and VLAN maps 32-31

removing 32-33

support for 1-7

wiring closet configuration example 32-34

with router ACLs 32-39

VLAN membership

confirming 12-27

modes 12-5

VLAN Query Protocol

See VQP

VLANs

adding 12-9

aging dynamic addresses 15-9

allowed on trunk 12-17

and spanning-tree instances 12-3, 12-8

configuration guidelines 12-8

configuration guidelines, normal-range VLANs 12-8

configuring 12-1

connecting through SVIs 10-7

customer numbering in service-provider networks 14-3

default configuration 12-7

described 10-2, 12-1

displaying 12-14

extended-range 12-1

features 1-6

illustrated 12-2

internal 12-9

limiting source traffic with RSPAN 27-21

VLANs

limiting source traffic with SPAN 27-14

modifying 12-9

multicast 22-15

native, configuring 12-19

normal-range 12-1, 12-3

number supported 1-6

parameters 12-3

port membership modes 12-4

static-access ports 12-11

STP and 802.1Q trunks 15-11

supported 12-3

traffic between 12-2

UNI 12-5

UNI community 12-6

UNI isolated 12-6

VLAN Trunking Protocol

See VTP

VLAN trunks 12-14

VMPS

administering 12-28

configuration example 12-28

configuration guidelines 12-25

default configuration 12-25

description 12-23

dynamic port membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

mapping MAC addresses to VLANs 12-23

monitoring 12-28

reconfirmation interval, changing 12-27

reconfirming membership 12-27

retry count, changing 12-27

VPN

configuring routing in 36-80

forwarding 36-75

in service provider networks 36-72

routes 1-16, 36-73

VPN routing and forwarding table

See VRF

VQP 1-6, 12-23

VRF

defining 36-74

tables 1-16, 36-72

VRF-aware services

ARP 36-77

configuring 36-77

ftp 36-80

HSRP 36-78

ping 36-77

SNMP 36-78

syslog 36-79

tftp 36-80

traceroute 36-80

uRPF 36-79

VTP Layer 2 protocol tunneling 14-13

W

weighted tail drop

See WTD

weight thresholds in tracked lists 39-5

WTD

configuration guidelines 34-65

configuring 34-65, 34-66

described 34-27

support for 1-8