A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

A

abbreviating commands 2-3

ABRs 36-23

access-class command 32-18

access control entries

See ACEs

access-denied response, VMPS 12-24

access groups

applying IPv4 ACLs to interfaces 32-19

Layer 2 32-19

Layer 3 32-20

access lists

See ACLs

access ports

and Layer 2 protocol tunneling 14-16

defined 10-4

accounting

with IEEE 802.1x 9-5, 9-21

with RADIUS 8-28

with TACACS+ 8-11, 8-17

ACEs

defined 32-2

Ethernet 32-2

IP 32-2

ACL classification, QoS 34-11

ACLs

ACEs 32-2

any keyword 32-12, 34-34

applying

on multicast packets 32-38

on routed packets 32-37

on switched packets 32-37

time ranges to 32-16

to an interface 32-19, 38-7

to IPv6 interfaces 38-7

to QoS 34-11

classifying traffic for QoS 34-32

comments in 32-18

compiling 32-22

defined 32-1, 32-7

examples of 32-22

extended IPv4

creating 32-10

matching criteria 32-7

hardware and software handling 32-20

host keyword 32-12, 34-34

IP

creating 32-7

implicit deny 32-9, 32-13, 32-15

implicit masks 32-9

matching criteria 32-7

undefined 32-20

ACLs

IPv4

applying to interfaces 32-19

creating 32-7

matching criteria 32-7

named 32-14

numbers 32-8

terminal lines, setting on 32-18

unsupported features 32-6

IPv6

applying to interfaces 38-7

configuring 38-3, 38-4

displaying 38-8

interactions with other features 38-4

limitations 38-3

matching criteria 38-3

named 38-3

precedence of 38-2

supported 38-2

unsupported features 38-3

Layer 4 information in 32-36

logging messages 32-8

MAC extended 32-26

matching 32-7, 32-20

monitoring 32-39, 38-8

named

IPv6 38-3

named, IPv4 32-14

names 38-4

port 32-2, 38-2

precedence of 32-2

QoS 34-11

resequencing entries 32-14

router 32-2, 38-2

router ACLs and VLAN map configuration guidelines 32-36

ACLs

standard IPv4

creating 32-9

matching criteria 32-7

support for 1-7

support in hardware 32-20

time ranges 32-16

types supported 32-2

unsupported features

IPv6 38-3

unsupported features, IPv4 32-6

using router ACLs with VLAN maps 32-35

VLAN maps

configuration guidelines 32-29

configuring 32-29

active link 19-4, 19-5, 19-6

active links 19-2

active router 39-1

active traffic monitoring, IP SLAs 40-1

address aliasing 22-2

addresses

displaying the MAC address table 5-28

dynamic

accelerated aging 15-9

changing the aging time 5-21

default aging 15-9

defined 5-19

learning 5-20

removing 5-22

IPv6 37-2

MAC, discovering 5-28

multicast

group address range 43-2

STP address management 15-9

static

adding and removing 5-24

defined 5-19

address resolution 5-28, 36-7

Address Resolution Protocol

See ARP

adjacency tables, with CEF 36-96

administrative distances

defined 36-108

OSPF 36-31

routing protocol defaults 36-98

administrative VLAN

REP, configuring 18-8

administrative VLAN, REP 18-8

advertisements

CDP 24-1

LLDP 25-1

RIP 36-18

age timer, REP 18-8

aggregatable global unicast addresses 37-3

aggregate addresses, BGP 36-58

aggregated ports

See EtherChannel

aggregate policers

configuration guidelines 34-46

configuring 34-46

described 34-17

aging, accelerating 15-9

aging time

accelerated

for MSTP 16-23

for STP 15-9, 15-22

MAC address table 5-21

maximum

for MSTP 16-24

for STP 15-22

alarms, RMON 28-3

allowed-VLAN list 12-17

area border routers

See ABRs

area routing

IS-IS 36-62

ISO IGRP 36-62

ARP

configuring 36-8

defined 1-4, 5-28, 36-7

encapsulation 36-9

static cache configuration 36-8

table

address resolution 5-28

managing 5-28

ASBRs 36-23

AS-path filters, BGP 36-52

assured forwarding, DSCP 34-8

asymmetrical links, and IEEE 802.1Q tunneling 14-4

attributes, RADIUS

vendor-proprietary 8-30

vendor-specific 8-29

authentication

EIGRP 36-39

HSRP 39-10

local mode with AAA 8-36

NTP associations 5-4

RADIUS

key 8-21

login 8-23

TACACS+

defined 8-11

key 8-13

login 8-14

See also port-based authentication

authentication keys, and routing protocols 36-108

authoritative time source, described 5-2

authorization

with RADIUS 8-27

with TACACS+ 8-11, 8-16

authorized ports with 802.1x 9-4

autoconfiguration 3-3

auto enablement 9-9

autonegotiation

duplex mode 1-2

interface configuration guidelines 10-18

mismatches 45-8

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP 36-46

Auto-RP, described 43-6

autosensing, port speed 1-2

availability, features 1-5

B

backup interfaces

See Flex Links

backup links 19-2

backup static routing, configuring 41-12

bandwidth, QoS, configuring 34-58

bandwidth command

for CBWFQ 34-22

QoS, configuring 34-58

QoS, described 34-25

with police command 34-27

bandwidth remaining percent command 34-27

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

Berkeley r-tools replacement 8-41

best-effort packet delivery 34-1

BGP

aggregate addresses 36-58

aggregate routes, configuring 36-58

CIDR 36-58

clear commands 36-61

community filtering 36-55

configuring neighbors 36-56

default configuration 36-44, 36-74

described 36-43

enabling 36-46

monitoring 36-61

multipath support 36-50

neighbors, types of 36-46

path selection 36-50

peers, configuring 36-56

prefix filtering 36-54

resetting sessions 36-49

route dampening 36-60

route maps 36-52

route reflectors 36-59

routing domain confederation 36-59

routing session with multi-VRF CE 36-90

show commands 36-61

supernets 36-58

support for 1-9

Version 4 36-43

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-6

IP source guard 20-19

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-6

Boolean expressions in tracked lists 41-4

booting

boot loader, function of 3-2

boot process 3-1

manually 3-18

specific image 3-19

boot loader

accessing 3-20

described 3-2

environment variables 3-20

prompt 3-20

trap-door mechanism 3-2

bootstrap router (BSR), described 43-6

Border Gateway Protocol

See BGP

BPDU

error-disabled state 17-3

filtering 17-3

RSTP format 16-12

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

support for 1-5

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

support for 1-5

broadcast flooding 36-15

broadcast packets

directed 36-12

flooded 36-12

broadcast storm-control command 23-4

broadcast storms 23-1, 36-12

bulk statistics

defined 30-6

file 30-6

object list, configuring 30-18

object list, described 30-6

schema, configuring 30-18

schema, described 30-6

transfer 30-19

bulkstat object-list 30-18

bulkstat schema 30-18

C

cables, monitoring for unidirectional links 26-1

CBWFQ

and bandwidth command 34-25, 34-58

configuration guidelines 34-58

QoS scheduling 34-22

CDP

configuring 24-2

default configuration 24-2

defined with LLDP 25-1

described 24-1

disabling for routing device24-3to 24-4

enabling and disabling

on an interface 24-4

on a switch 24-3

Layer 2 protocol tunneling 14-13

monitoring 24-5

overview 24-1

support for 1-4

transmission timer and holdtime, setting 24-2

updates 24-2

CEF

defined 36-95

enabling 36-96

IPv6 37-17

CFM

and Ethernet OAM, configuring 42-36

and Ethernet OAM interaction 42-35

and OAM manager 42-29

configuration guidelines 42-6

configuring crosscheck 42-8

configuring service 42-7

configuring the network 42-6

crosscheck 42-4

default configuration 42-5

defined 42-2

EtherChannel support 42-6

IP SLAs support for 42-5

IP SLAs with endpoint discovers 42-12

maintenance domain 42-2

maintenance point 42-3

manually configuring IP SLAs ping or jitter 42-10

measuring network performance 42-5

monitoring 42-13, 42-14

on EtherChannel port channels 42-6

SNMP traps 42-4

types of messages 42-4

UNIs 42-4

child policies, QoS 34-12, 34-24

CIDR 36-58

Cisco Configuration Engine 1-3

Cisco Data Collection MIB 30-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 40-1

Cisco Process MIB 30-1

CiscoWorks 2000 1-3, 30-4

CISP 9-9

CIST regional root

See MSTP

CIST root

See MSTP

civic location 25-3

class-based priority queuing, QoS 34-20

class-based shaping

configuration guidelines 34-60

configuring 34-60

for QoS 34-23

Class-Based-Weighted-Fair-Queuing

See CBWFQ

classification

based on ACL lookup 34-11

in packet headers 34-6

per-port per VLAN 34-12, 34-52

QoS comparisons 34-10

QoS group 34-11

classless interdomain routing

See CIDR

classless routing 36-6

class map

match-all option 34-7

match-any option 34-7

class-map command 34-3

class maps, QoS

configuring 34-36

described 34-7

class of service

See CoS

class selectors, DSCP 34-8

clearing interfaces 10-30

CLI

abbreviating commands 2-3

command modes 2-1

described 1-3

editing features

enabling and disabling 2-6

keystroke editing 2-6

wrapped lines 2-8

error messages 2-4

CLI

filtering command output 2-8

getting help 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client processes, tracking 41-1

CLNS

See ISO CLNS

clock

See system clock

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-7

for upgrading 4-14

command-line interface

See CLI

command macros

applying global parameter values 11-4

applying macros 11-4

applying parameter values 11-4

configuration guidelines 11-2

creating 11-3

default configuration 11-2

defined 11-1

displaying 11-5

tracing 11-2

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 8-8

community list, BGP 36-55

community ports 13-3

community strings

configuring 30-8

overview 30-4

community VLANs 13-2, 13-3

compatibility, feature 23-11

config.text 3-17

configurable leave timer, IGMP 22-5

configuratin guidelines

PIM stub routing 43-12

configuration, initial

defaults 1-11

configuration examples

network 1-14

policy maps 34-70

QoS

adding customers 34-72

adding or deleting a class 34-76

adding or deleting classification criteria 34-72, 34-73

adding or deleting configured actions 34-75

changing queuing or scheduling parameters 34-74

initial 34-70

configuration files

archiving B-19

clearing the startup configuration B-19

creating using a text editor B-10

default name 3-17

deleting a stored configuration B-19

described B-8

downloading

automatically 3-17

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

guidelines for creating and using B-9

guidelines for replacing and rolling back B-20

invalid combinations when copying B-5

limiting TFTP server access 30-17, 30-18, 30-19, 30-21

obtaining with DHCP 3-8

password recovery disable considerations 8-5

replacing a running configuration B-19, B-20

rolling back a running configuration B-19, B-20

specifying the filename 3-17

system contact and location information 30-17

types and location B-9

uploading

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-14

using RCP B-18

using TFTP B-11

configuration guidelines

aggregate policers 34-46

CBWFQ 34-58

CFM 42-6

class-based shaping 34-60

EtherChannel 35-10

Ethernet OAM 42-16

HSRP 39-5

configuratin guidelines

individual policers 34-41

input policy maps 34-40

link-state tracking 35-24

marking in policy maps 34-50

multi-VRF CE 36-84

OAM manager 42-30

output policy maps 34-57

per-port, per-VLAN QoS 34-52

port security 23-10

QoS, general 34-31

QoS class maps 34-36

REP 18-7

rollback and replacement B-20

SSM 43-15

SSM mapp 43-17

strict priority queuing 34-62

unconditional priority policing 34-64

UNI VLANs 12-12

VLAN mapping 14-9

VLANs 12-8

WTD 34-67

configuration replacement B-19

configuration rollback B-19

configuration settings, saving 3-14

configure terminal command 10-8

configuring marking in input policy maps 34-50

configuring port-based authentication violation modes 9-14

congestion avoidance, QoS 34-2, 34-28

congestion management, QoS 34-2, 34-22

connections, secure remote 8-37

Connectivity Fault Management

See CFM

connectivity problems 45-9, 45-13, 45-14

console port, connecting to 2-9

control packets

and control-plane security 33-2

dropping and rate-limiting 33-2

control-plane security

configuring 33-6

control packets 33-2

monitoring 33-7

policers 33-3

policing 33-2

purpose of 33-1

control protocol, IP SLAs 40-4

convergence

REP 18-4

corrupted software, recovery steps with Xmodem 45-2

CoS

classification 34-8

values 34-6

counters, clearing interface 10-30

CPU overload, protection from 33-1

CPU policers 33-6

CPU protection 33-3

CPU threshold notification 30-21

CPU threshold table 30-1, 30-20

CPU utilization statistics 30-21

crashinfo file 45-21

crosscheck, CFM 42-4, 42-8

cryptographic software image

Kerberos 8-32

SSH 8-37

customer edge devices 1-17, 36-82

C-VLAN 14-7

D

data collection, bulk statistics 30-20

daylight saving time 5-13

debugging

enabling all system diagnostics 45-18

enabling for a specific feature 45-17

redirecting error message output 45-18

using commands 45-17

default

policer configuration

ENIs and UNIs 33-4

NNIs 33-6

default actions, table maps 34-14

default commands 2-4

default configuration

banners 5-17

BGP 36-44, 36-74

booting 3-17

CDP 24-2

CFM 42-5

DHCP 20-8

DHCP option 82 20-8

DHCP snooping 20-8

DHCP snooping binding database 20-8

DNS 5-16

dynamic ARP inspection 21-5

EIGRP 36-36

E-LMI and OAM 42-30

EtherChannel 35-10

Ethernet OAM 42-16

Flex Links 19-7

HSRP 39-5

IEEE 802.1Q tunneling 14-4

IEEE 802.1x 9-11

IGMP 43-37

IGMP filtering 22-24

IGMP snooping 22-6

IGMP throttling 22-24

initial switch information 3-3

IP addressing, IP routing 36-4

IP multicast routing 43-8

IP SLAs 40-6

IP source guard 20-19

IPv6 37-9

IS-IS 36-63

Layer 2 interfaces 10-15

Layer 2 protocol tunneling 14-16

default configuration

LLDP 25-3

MAC address table 5-21

MAC address-table move update 19-7

MSDP 44-3

MSTP 16-14

multi-VRF CE 36-84

MVR 22-18

NTP 5-4

optional spanning-tree configuration 17-5

OSPF 36-24

password and privilege level 8-2

PIM 43-8

private VLANs 13-6

QoS 34-31

RADIUS 8-20

REP 18-7

RIP 36-18

RMON 28-3

RSPAN 27-9

SDM template 7-3

SNMP 30-7

SPAN 27-9

STP 15-11

system message logging 29-3

system name and prompt 5-15

TACACS+ 8-13

UDLD 26-4

VLAN, Layer 2 Ethernet interfaces 12-16

VLAN mapping 14-9

VLANs 12-7

VMPS 12-25

default gateway 3-14, 36-10

default networks 36-98

default router preference

See DRP

default routes 36-98

default routing 36-2

default service, DSCP 34-8

default template 7-1

denial-of-service attacks, preventing 33-1

description command 10-24

designing your network, examples 1-14

destination addresses

in IPv6 ACLs 38-5

destination addresses, in IPv4 ACLs 32-11

destination-IP address-based forwarding, EtherChannel 35-8

destination-MAC address forwarding, EtherChannel 35-7

device discovery protocol 24-1, 25-1

DHCP

DHCP for IPv6

See DHCPv6

DHCP, enabling the relay agent 20-10

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-7

server side 3-6

TFTP server 3-6

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-3, 1-10

support for 1-3

DHCP-based autoconfiguration and image update

configuring3-10to 3-13

understanding3-4to 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP object tracking, configuring primary interface 41-11

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-8

default configuration 20-8

displaying 20-15

forwarding address, specifying 20-10

helper address 20-10

overview 20-3

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP server port-based address allocation

configuration guidelines 20-16

default configuration 20-16

described 20-15

displaying 20-18

enabling 20-16

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-12

and private VLANs 20-13

binding database

See DHCP snooping binding database

configuration guidelines 20-8

default configuration 20-8

displaying binding tables 20-15

message exchange process 20-4

option 82 data insertion 20-3

trusted interface 20-2

untrusted interface 20-2

untrusted messages 20-2

DHCP snooping binding database

adding bindings 20-14

binding entries, displaying 20-15

binding file

format 20-7

location 20-6

bindings 20-6

clearing agent statistics 20-14

configuration guidelines 20-9

configuring 20-14

default configuration 20-8

deleting

binding file 20-14

bindings 20-14

database agent 20-14

described 20-6

displaying 20-15

binding entries 20-15

status and statistics 20-15

enabling 20-14

entry 20-6

renewing database 20-14

resetting

delay value 20-14

timeout value 20-14

DHCP snooping binding table

See DHCP snooping binding database

DHCPv6

configuration guidelines 37-14

default configuration 37-13

described 37-6

enabling client function 37-16

enabling DHCPv6 server function 37-14

diagnostic schedule command 46-2

Differentiated Services Code Point

See DSCP

Diffusing Update Algorithm (DUAL) 36-34

Digital Optical Monitoring

see DoM

directed unicast requests 1-4

directories

changing B-3

creating and removing B-4

displaying the working B-3

discovery, Ethernet OAM 42-15

distribute-list command 36-107

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-16

displaying the configuration 5-17

in IPv6 37-3

overview 5-15

setting up 5-16

support for 1-3

DNS-based SSM mapping 43-18, 43-20

DoM

displaying supported transceivers 10-29

domain names, DNS 5-15

Domain Name System

See DNS

domains, ISO IGRP routing 36-62

dot1q-tunnel switchport mode 12-15

double-tagged packets

IEEE 802.1Q tunneling 14-2

Layer 2 protocol tunneling 14-15

downloading

configuration files

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-13

using RCP B-17

using TFTP B-11

image files

deleting old image B-27

preparing B-25, B-28, B-32

reasons for B-23

using FTP B-29

using RCP B-33

downloading

using TFTP B-26

using the device manager or Network Assistant B-23

drop threshold for Layer 2 protocol packets 14-16

DRP

configuring 37-11

described 37-4

IPv6 37-4

DSCP

assured forwarding 34-8

classification 34-8

class selectors 34-8

default service 34-8

expedited forwarding 34-8

values 34-6

DUAL finite state machine, EIGRP 36-35

dual IPv4 and IPv6 templates 7-2, 37-5

dual protocol stacks

IPv4 and IPv6 37-5

SDM templates supporting 37-6

dual-purpose ports

default port type 10-7

defaults 10-20

defined 10-6

frame size 10-20

LEDs 10-7

setting the type 10-20

duplex mode, configuring 10-18

dynamic access ports

characteristics 12-5

configuring 12-26

defined 10-4

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 21-1

ARP requests, described 21-1

ARP spoofing attack 21-1

clearing

log buffer 21-15

statistics 21-15

configuration guidelines 21-6

configuring

ACLs for non-DHCP environments 21-8

in DHCP environments 21-7

log buffer 21-13

rate limit for incoming ARP packets 21-4, 21-10

default configuration 21-5

denial-of-service attacks, preventing 21-10

described 21-1

DHCP snooping binding database 21-2

displaying

ARP ACLs 21-14

configuration and operating state 21-14

log buffer 21-15

statistics 21-15

trust state and rate limit 21-14

error-disabled state for exceeding rate limit 21-4

function of 21-2

interface trust states 21-3

log buffer

clearing 21-15

configuring 21-13

displaying 21-15

logging of dropped packets, described 21-4

man-in-the middle attack, described 21-2

network security issues and interface trust states 21-3

priority of ARP ACLs and DHCP snooping entries 21-4

rate limiting of ARP packets

configuring 21-10

described 21-4

error-disabled state 21-4

dynamic ARP inspection

statistics

clearing 21-15

displaying 21-15

validation checks, performing 21-12

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

types of connections 12-26

dynamic routing

ISO CLNS 36-62

protocols 36-2

E

EBGP 36-42

editing features

enabling and disabling 2-6

keystrokes used 2-6

wrapped lines 2-8

EIGRP

authentication 36-39

components 36-35

configuring 36-37

default configuration 36-36

definition 36-34

interface parameters, configuring 36-38

monitoring 36-41

stub routing 36-40

support for 1-9

EIGRP IPv6 37-6

ELIN location 25-3

E-LMI

and OAM Manager 42-29

CE device configuration 42-34

configuration guidelines 42-30

configuring a CE device 42-33

configuring a PE device 42-33

default configuration 42-30

defined 42-28

enabling 42-33

information 42-28

monitoring 42-35

PE device configuration 42-34

embedded event manager

actions 31-4

configuring 31-1, 31-5

displaying information 31-6

environmental variables 31-4

event detectors 31-2

policies 31-4

registering and defining an applet 31-5

registering and defining a TCL script 31-6

understanding 31-1

enable password 8-3

enable secret password 8-3

encryption for passwords 8-3

Enhanced IGRP

See EIGRP

enhanced network interface

See ENI

enhanced object tracking

backup static routing 41-12

commands 41-1

defined 41-1

DHCP primary interface 41-11

HSRP 41-7

IP routing state 41-2

IP SLAs 41-9

line-protocol state 41-2

network monitoring with IP SLAs 41-11

enhanced object tracking

routing policy, configuring 41-12

static route primary interface 41-10

tracked lists 41-3

ENI

configuring 10-17

described 10-2

protocol control packets on 33-1

environmental variables, embedded event manager 31-4

environment variables, function of 3-20

equal-cost routing 1-9, 36-97

error messages during command entry 2-4

EtherChannel

802.3ad, described 35-6

automatic creation of 35-4, 35-6

channel groups

binding physical and logical interfaces 35-3

numbering of 35-3

configuration guidelines 35-10

configuring

Layer 2 interfaces 35-11

Layer 3 physical interfaces 35-15

Layer 3 port-channel logical interfaces 35-14

default configuration 35-10

described 35-2

displaying status 35-22

forwarding methods 35-7, 35-17

interaction

with STP 35-10

with VLANs 35-11

LACP

described 35-6

displaying status 35-22

hot-standby ports 35-19

interaction with other features 35-7

modes 35-6

port priority 35-21

system priority 35-20

Layer 3 interface 36-3

EtherChannel

load balancing 35-7, 35-17

logical interfaces, described 35-3

PAgP

aggregate-port learners 35-18

compatibility with Catalyst 1900 35-18

described 35-4

displaying status 35-22

interaction with other features 35-5

learn method and priority configuration 35-18

modes 35-5

support for 1-2

port-channel interfaces

described 35-3

numbering of 35-3

port groups 10-6

support for 1-2

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

Ethernet infrastructure 42-1

Ethernet Link Management Interface

See E-LMI

Ethernet loopback

characteristics 42-25

Ethernet management port

and routing 10-13

and routing protocols 10-13

and TFTP 10-14

configuring 10-14

default setting 10-13

described 10-5, 10-12

for network management 10-5, 10-12

specifying 10-14

supported features 10-13

unsupported features 10-14

Ethernet management port, internal

and routing 10-13

and routing protocols 10-13

unsupported features 10-14

Ethernet OAM 42-15

and CFM interaction 42-35

configuration guidelines 42-16

configuring with CFM 42-36

default configuration 42-16

discovery 42-15

enabling 42-16, 42-37

link monitoring 42-15, 42-18

manager 42-1

messages 42-15

protocol

defined 42-14

monitoring 42-24

remote failure indications 42-15, 42-21

remote loopback 42-15, 42-17

templates 42-21

Ethernet OAM protocol 42-1

Ethernet OAM protocol CFM notifications 42-35

Ethernet operation, administration, and maintenance

See Ethernet OAM

Ethernet terminal loopback 34-69

Ethernet virtual connections

See EVCs

Ethernet VLANs

adding 12-9

defaults and ranges 12-7

modifying 12-9

EUI 37-3

EVCs

configuring 42-31

in CFM domains 42-28

event detectors, embedded event manager 31-2

events, RMON 28-3

examples

network configuration 1-14

expedited forwarding, DSCP 34-8

extended-range VLANs

creating with an internal VLAN ID 12-11

defined 12-1

extended system ID

MSTP 16-17

STP 15-4, 15-15

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 9-1

external BGP

See EBGP

external neighbors, BGP 36-46

F

Fa0 port

See Ethernet management port

Fast Convergence 19-3

fastethernet0 port

See Ethernet management port

features, incompatible 23-11

FIB 36-95

fiber-optic, detecting unidirectional links 26-1

files

copying B-4

crashinfo

description 45-21

displaying the contents of 45-21

location 45-21

deleting B-5

displaying the contents of B-8

tar

creating B-6

displaying the contents of B-6

extracting B-7

image file format B-24

file system

displaying available file systems B-2

displaying file information B-3

local file system names B-1

network file system names B-4

setting the default B-3

filtering

in a VLAN 32-29

IPv6 traffic 38-3, 38-7

non-IP traffic 32-26

show and more command output 2-8

filtering show and more command output 2-8

filters, IP

See ACLs, IP

flash device, number of B-1

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-8, 19-9

configuring preferred VLAN 19-11

configuring VLAN load balancing 19-10

default configuration 19-7

description 19-1

link load balancing 19-2

monitoring 19-14

VLANs 19-2

flooded traffic, blocking 23-7

flow control 1-2, 10-22

forward-delay time

MSTP 16-23

STP 15-22

Forwarding Information Base

See FIB

FTP

accessing MIB files A-3

configuration files

downloading B-13

overview B-12

preparing the server B-13

uploading B-14

image files

deleting old image B-31

downloading B-29

preparing the server B-28

uploading B-31

G

general query 19-5

Generating IGMP Reports 19-3

get-bulk-request operation 30-3

get-next-request operation 30-3, 30-4

get-request operation 30-3, 30-4

get-response operation 30-3

global configuration mode 2-2

global leave, IGMP 22-11

H

hardware limitations and Layer 3 interfaces 10-25

hello time

MSTP 16-23

STP 15-21

help, for the command line 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

history table, level and number of syslog messages 29-10

host ports

configuring 13-11

kinds of 13-2

hosts, limit on dynamic ports 12-28

Hot Standby Router Protocol

See HSRP

HP OpenView 1-3

HSRP

authentication string 39-10

command-switch redundancy 1-6

configuration guidelines 39-5

configuring 39-5

default configuration 39-5

definition 39-1

monitoring 39-12

object tracking 41-7

overview 39-1

priority 39-7

routing redundancy 1-9

support for ICMP redirect messages 39-12

timers 39-10

tracking 39-8

HTTP(S) Over IPv6 37-7

I

IBPG 36-42

ICMP

IPv6 37-4

redirect messages 36-10

support for 1-9

time-exceeded messages 45-15

traceroute 45-15

unreachable messages 32-19

unreachable messages and IPv6 38-4

unreachables and ACLs 32-20

ICMP Echo operation

configuring 40-11

IP SLAs 40-11

ICMP ping

executing 45-10

overview 45-10

ICMP Router Discovery Protocol

See IRDP

ICMPv6 37-4

IDS appliances

and ingress RSPAN 27-19

and ingress SPAN 27-13

IEEE 802.1ag 42-2

IEEE 802.1D

See STP

IEEE 802.1Q

and trunk ports 10-4

configuration limitations 12-15

encapsulation 12-14

native VLAN for untagged traffic 12-19

tunneling

compatibility with other features 14-5

defaults 14-4

described 14-1

tunnel ports with other features 14-6

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ah Ethernet OAM discovery 42-1

IEEE 802.3z flow control 10-22

ifIndex values, SNMP 30-5

IFS 1-4

IGMP

configurable leave timer, described 22-5

configurable leave timer, procedures 22-9

configuring the switch

as a member of a group 43-37

statically connected member 43-42

controlling access to groups 43-38

default configuration 43-37

deleting cache entries 43-46

displaying groups 43-47

fast switching 43-42

flooded multicast traffic

controlling flooding time 22-10

disabling on an interface 22-11

global leave 22-11

query solicitation 22-11

recovering from flood mode 22-11

host-query interval, modifying 43-40

joining multicast group 22-3

join messages 22-3

leave processing, enabling 22-9

leaving multicast group 22-5

multicast reachability 43-37

overview 43-2

queries 22-3

report suppression

described 22-6

disabling 22-14

supported versions 22-2

support for 1-2

Version 1

changing to Version 2 43-39

described 43-3

Version 2

changing to Version 1 43-39

described 43-3

maximum query response time value 43-41

pruning groups 43-41

query timeout value 43-41

IGMP configurable leave timer 22-5

IGMP filtering

configuring 22-25

default configuration 22-24

described 22-23

monitoring 22-29

support for 1-3

IGMP groups

configuring filtering 22-27

setting the maximum number 22-26

IGMP helper 43-5

IGMP leave timer, configuring 22-9

IGMP profile

applying 22-26

configuration mode 22-25

configuring 22-25

IGMP snooping

and address aliasing 22-2

configuring 22-6

default configuration 22-6

definition 22-1

enabling and disabling 22-7

global configuration 22-7

Immediate Leave 22-5

monitoring 22-14

querier

configuration guidelines 22-12

configuring 22-12

supported versions 22-2

support for 1-2

VLAN configuration 22-7

IGMP throttling

configuring 22-27

default configuration 22-24

described 22-24

displaying action 22-28

IGP 36-23

Immediate Leave, IGMP

configuration guidelines 22-9

described 22-5

enabling 22-9

individual policers

configuration guidelines 34-41

configuring 34-41

initial configuration

defaults 1-11

input policy maps

classification criteria 34-5

configuration guidelines 34-40

configuring 34-40

displaying statistics 34-70

interface

number 10-8

range macros 10-10

interface command 10-8

interface configuration, REP 18-9

interface configuration mode 2-2

interfaces

configuration guidelines, duplex and speed 10-18

configuring

duplex mode 10-18

procedure 10-8

speed 10-18

counters, clearing 10-30

described 10-24

descriptive name, adding 10-24

displaying information about 10-28

flow control 10-22

management 1-3

monitoring 10-28

naming 10-24

physical, identifying 10-8

range of 10-9

restarting 10-30

shutting down 10-30

status 10-28

interfaces

supported 10-8

types of 10-1

interfaces range macro command 10-10

interface types 10-8

ENI 10-2

NNI 10-2

UNI 10-2

Interior Gateway Protocol

See IGP

Intermediate System-to-Intermediate System

See IS-IS

internal BGP

See IBGP

internal neighbors, BGP 36-46

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

inter-VLAN routing 1-9, 36-2

Intrusion Detection System

See IDS appliances

inventory management TLV 25-6

IP ACLs

for QoS classification 34-11

implicit deny 32-9, 32-13

implicit masks 32-9

named 32-14

undefined 32-20

IP addresses

128-bit 37-2

classes of 36-5

default configuration 36-4

discovering 5-28

for IP routing 36-3

IPv6 37-2

MAC address association 36-7

monitoring 36-16

IP broadcast address 36-14

ip cef distributed command 36-96

IP directed broadcasts 36-12

ip igmp profile command 22-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP multicast routing

addresses

all-hosts 43-2

all-multicast-routers 43-2

host group address range 43-2

administratively-scoped boundaries, described 43-44

and IGMP snooping 22-1

Auto-RP

adding to an existing sparse-mode cloud 43-24

benefits of 43-24

clearing the cache 43-46

configuration guidelines 43-10

filtering incoming RP announcement messages 43-27

overview 43-6

preventing candidate RP spoofing 43-27

preventing join messages to false RPs 43-26

setting up in a new internetwork 43-24

using with BSR 43-32

bootstrap router

configuration guidelines 43-10

configuring candidate BSRs 43-30

configuring candidate RPs 43-31

defining the IP multicast boundary 43-29

defining the PIM domain border 43-28

overview 43-6

using with Auto-RP 43-32

Cisco implementation 43-1

IP multicast routing

configuring

basic multicast routing 43-10

IP multicast boundary 43-44

default configuration 43-8

enabling

multicast forwarding 43-11

PIM mode 43-11

group-to-RP mappings

Auto-RP 43-6

BSR 43-6

MBONE

deleting sdr cache entries 43-46

described 43-43

displaying sdr cache 43-47

enabling sdr listener support 43-43

limiting sdr cache entry lifetime 43-44

SAP packets for conference session announcement 43-43

Session Directory (sdr) tool, described 43-43

monitoring

packet rate loss 43-47

peering devices 43-47

tracing a path 43-47

multicast forwarding, described 43-7

PIMv1 and PIMv2 interoperability 43-9

reverse path check (RPF) 43-7

routing table

deleting 43-46

displaying 43-47

RP

assigning manually 43-22

configuring Auto-RP 43-24

configuring PIMv2 BSR 43-28

monitoring mapping information 43-33

using Auto-RP and BSR 43-32

statistics, displaying system and network 43-46

See also IGMP

See also PIM

IP packets, classification 34-6

IP precedence

classification 34-8

values 34-6

IP protocols

routing 1-9

IP routes, monitoring 36-109

IP routing

connecting interfaces with 10-7

disabling 36-17

enabling 36-17

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 40-1

IP SLAs

benefits 40-2

CFM endpoint discovery 42-12

configuration guidelines 40-6

configuring object tracking 41-9

Control Protocol 40-4

default configuration 40-6

definition 40-1

ICMP echo operation 40-11

manually configuring CFM ping or jitter 42-10

measuring network performance 40-3

monitoring 40-13

multioperations scheduling 40-5

object tracking 41-9

operation 40-3

reachability tracking 41-9

responder

described 40-4

enabling 40-7

response time 40-4

scheduling 40-5

SNMP support 40-2

supported metrics 40-2

threshold monitoring 40-6

track object monitoring agent, configuring 41-11

IP SLAs

track state 41-9

UDP jitter operation 40-8

IP source guard

and 802.1x 20-20

and DHCP snooping 20-18

and EtherChannels 20-20

and port security 20-20

and private VLANs 20-20

and routed ports 20-20

and TCAM entries 20-20

and trunk interfaces 20-20

and VRF 20-20

binding configuration

automatic 20-19

manual 20-19

binding table 20-19

configuration guidelines 20-20

default configuration 20-19

disabling 20-21

displaying

bindings 20-22

configuration 20-22

enabling 20-20

filtering

source IP address 20-19

source IP and MAC address 20-19

source IP address filtering 20-19

source IP and MAC address filtering 20-19

static bindings

adding 20-20

deleting 20-21

IP traceroute

executing 45-15

overview 45-14

IP unicast routing

address resolution 36-7

administrative distances 36-98, 36-108

ARP 36-7

assigning IP addresses to Layer 3 interfaces 36-5

authentication keys 36-108

broadcast

address 36-14

flooding 36-15

packets 36-12

storms 36-12

classless routing 36-6

configuring static routes 36-97

default

addressing configuration 36-4

gateways 36-10

networks 36-98

routes 36-98

routing 36-2

directed broadcasts 36-12

disabling 36-17

dynamic routing 36-2

enabling 36-17

EtherChannel Layer 3 interface 36-3

IGP 36-23

inter-VLAN 36-2

IP addressing

classes 36-5

configuring 36-3

IPv6 37-2

IRDP 36-10

Layer 3 interfaces 36-3

MAC address and IP address 36-7

passive interfaces 36-106

proxy ARP 36-7

redistribution 36-99

reverse address resolution 36-7

routed ports 36-3

static routing 36-2

IP unicast routing

steps to configure 36-3

subnet mask 36-5

subnet zero 36-5

supernet 36-6

UDP 36-13

with SVIs 36-3

See also BGP

See also EIGRP

See also IS-IS

See also OSPF

See also RIP

IPv4 ACLs

applying to interfaces 32-19

extended, creating 32-10

named 32-14

standard, creating 32-9

IPv6

ACLs

displaying 38-8

limitations 38-3

matching criteria 38-3

port 38-2

precedence 38-2

router 38-2

supported 38-2

addresses 37-2

address formats 37-2

applications 37-5

assigning address 37-9

autoconfiguration 37-4

CEFv6 37-17

default configuration 37-9

default router preference (DRP) 37-4

defined 37-1

Enhanced Interior Gateway Routing Protocol (EIGRP) 37-6

Router ID 37-6

feature limitations 37-7

IPv6

features not supported 37-7

forwarding 37-9

ICMP 37-4

neighbor discovery 37-4

OSPF 37-6

path MTU discovery 37-4

SDM templates 7-2, 38-1

Stateless Autoconfiguration 37-4

supported features 37-2

switch limitations 37-7

understanding static routes 37-6

IPv6 traffic, filtering 38-3

IRDP

configuring 36-11

definition 36-10

support for 1-9

IS-IS

addresses 36-62

area routing 36-62

default configuration 36-63

monitoring 36-71

show commands 36-71

support for 1-9

system routing 36-62

ISL trunking with IEEE 802.1 tunneling 14-4

ISO CLNS

clear commands 36-71

dynamic routing protocols 36-62

monitoring 36-71

NETs 36-62

NSAPs 36-62

OSI standard 36-62

ISO IGRP

area routing 36-62

system routing 36-62

isolated port 13-2

isolated VLANs 13-2, 13-3

J

join messages, IGMP 22-3

K

KDC

described 8-32

See also Kerberos

keepalive command 10-17

keepalive messages 15-3

keepalive messages, default 10-17

Kerberos

authenticating to

boundary switch 8-34

KDC 8-34

network services 8-35

configuration examples 8-32

configuring 8-35

credentials 8-32

cryptographic software image 8-32

described 8-32

KDC 8-32

operation 8-34

realm 8-33

server 8-33

support for 1-7

switch as trusted third party 8-32

terms 8-33

TGT 8-34

tickets 8-32

key distribution center

See KDC

L

l2protocol-tunnel command 14-18

LACP

Layer 2 protocol tunneling 14-14

See EtherChannel

Layer 2 interfaces, default configuration 10-15

Layer 2 packets, classification 34-6

Layer 2 protocol packets, and control-plane security 33-2

Layer 2 protocol tunneling

configuring 14-15

configuring for EtherChannels 14-19

default configuration 14-16

defined 14-13

guidelines 14-16

layer-2 template 7-1

Layer 2 traceroute

and ARP 45-14

and CDP 45-13

broadcast traffic 45-13

described 45-13

IP addresses and subnets 45-14

MAC addresses and VLANs 45-13

multicast traffic 45-13

multiple devices on a port 45-14

unicast traffic 45-13

usage guidelines 45-13

Layer 3 features 1-9

Layer 3 interfaces

assigning IP addresses to 36-5

assigning IPv4 and IPv6 addresses to 37-12

assigning IPv6 addresses to 37-10

changing from Layer 2 mode 36-5, 36-87, 36-88

types of 36-3

LDAP 4-2

Leaking IGMP Reports 19-4

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

Link Failure, detecting unidirectional 16-8

link integrity, verifying with REP 18-3

Link Layer Discovery Protocol

See CDP

link local unicast addresses 37-3

link monitoring, Ethernet OAM 42-15, 42-18

link redundancy

See Flex Links

links, unidirectional 26-1

link state advertisements (LSAs) 36-29

link-state tracking

configuration guidelines 35-24

configuring 35-24

described 35-22

LLDP

configuring 25-3

characteristics 25-4

default configuration 25-3

disabling and enabling

globally 25-5

on an interface 25-5

monitoring and maintaining 25-8

overview 25-1

supported TLVs 25-2

transmission timer and holdtime, setting 25-4

LLDP-MED

configuring 25-3

configuring TLVs 25-6

monitoring and maintaining 25-8

overview 25-1, 25-2

supported TLVs 25-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing 39-4

local SPAN 27-2

location TLV 25-3, 25-6

logging messages, ACL 32-8

login authentication

with RADIUS 8-23

with TACACS+ 8-14

login banners 5-17

log messages

See system message logging

loop guard

described 17-5

enabling 17-10

support for 1-5

M

MAC addresses

aging time 5-21

and VLAN association 5-20

building the address table 5-20

default configuration 5-21

disabling learning on a VLAN 5-27

discovering 5-28

displaying 5-28

displaying in the IP source binding table 20-22

dynamic

learning 5-20

removing 5-22

in ACLs 32-26

IP address association 36-7

static

adding 5-25

allowing 5-26, 5-27

characteristics of 5-24

dropping 5-26

removing 5-25

MAC address learning, disabling on a VLAN 5-27

MAC address notification, support for 1-10

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-7

description 19-6

monitoring 19-14

MAC address-to-VLAN mapping 12-23

MAC extended access lists

applying to Layer 2 interfaces 32-28

configuring for QoS 34-35

creating 32-26

defined 32-26

macros

See command macros

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

manageability features 1-3

management access

in-band

CLI session 1-4

SNMP 1-4

out-of-band console port connection 1-4

management options

CLI 2-1

CNS 4-1

overview 1-3

manual preemption, REP, configuring 18-13

marking

action with aggregate policers 34-46

described 34-2, 34-15

match command, QoS

for classification 34-3, 34-7

guidelines 34-36

matching, IPv4 ACLs 32-7

matching classifications, QoS 34-7

maximum aging time

MSTP 16-24

STP 15-22

maximum hop count, MSTP 16-24

maximum number of allowed devices, port-based authentication 9-12

maximum-paths command 36-50, 36-97

ME 34000EG-2CS switch policers 33-4

ME 3400E-24TS switch policers 33-3, 33-4

ME 3400EG-12CS switch policers 33-4

media-type command 10-20

membership mode, VLAN port 12-5

MEPs

and STP 42-4

defined 42-3

messages

Ethernet OAM 42-15

to users through banners 5-17

metrics, in BGP 36-50

metric translations, between routing protocols 36-102

metro tags 14-2

MHSRP 39-4

MIBs

accessing files with FTP A-3

location of files A-3

overview 30-1

SNMP interaction with 30-4

supported A-1

MIPs

and STP 42-4

defined 42-4

mirroring traffic for analysis 27-1

mismatches, autonegotiation 45-8

modular QoS command-line interface

See MQC

module number 10-8

monitoring

access groups 32-39

BGP 36-61

cables for unidirectional links 26-1

CDP 24-5

CEF 36-96

control-plane security 33-7

EIGRP 36-41

E-LMI 42-35

Ethernet CFM 42-13, 42-14

Ethernet OAM 42-24

Ethernet OAM protocol 42-24

features 1-10

Flex Links 19-14

HSRP 39-12

IEEE 802.1Q tunneling 14-23

IGMP

filters 22-29

snooping 22-14

interfaces 10-28

IP

address tables 36-16

multicast routing 43-46

routes 36-109

IP SLAs operations 40-13

IPv4 ACL configuration 32-39

IPv6 ACL configuration 38-8

IS-IS 36-71

ISO CLNS 36-71

Layer 2 protocol tunneling 14-23

MAC address-table move update 19-14

MSDP peers 44-17

multicast router interfaces 22-15

multi-VRF CE 36-95

MVR 22-23

network traffic for analysis with probe 27-2

OAM manager 42-35

object tracking 41-12

OSPF 36-34

monitoring

port

blocking 23-17

protection 23-17

private VLANs 13-14

QoS 34-69

REP 18-14

RP mapping information 43-33

SFPs

status 10-29

SFP status 1-10, 45-9

source-active messages 44-17

speed and duplex mode 10-20

SSM mapping 43-22

traffic flowing among switches 28-1

traffic suppression 23-17

tunneling 14-23

VLAN

filters 32-39

maps 32-39

VLANs 12-14

VMPS 12-28

MQC

process 34-3

steps to configure 34-3

mrouter Port 19-3

mrouter port 19-5

MSDP

benefits of 44-3

clearing MSDP connections and statistics 44-17

controlling source information

forwarded by switch 44-10

originated by switch 44-8

received by switch 44-12

default configuration 44-3

dense-mode regions

sending SA messages to 44-15

specifying the originating address 44-16

MSDP

filtering

incoming SA messages 44-13

SA messages to a peer 44-11

SA requests from a peer 44-9

join latency, defined 44-6

meshed groups

configuring 44-14

defined 44-14

originating address, changing 44-16

overview 44-1

peer-RPF flooding 44-2

peers

configuring a default 44-3

monitoring 44-17

peering relationship, overview 44-1

requesting source information from 44-7

shutting down 44-14

source-active messages

caching 44-6

clearing cache entries 44-17

defined 44-2

filtering from a peer 44-9

filtering incoming 44-13

filtering to a peer 44-11

limiting data with TTL 44-12

monitoring 44-17

restricting advertised sources 44-8

support for 1-10

MSTP

boundary ports

configuration guidelines 16-15

described 16-6

BPDU filtering

described 17-3

enabling 17-8

BPDU guard

described 17-3

enabling 17-7

MSTP

CIST, described 16-3

CIST regional root

CIST root 16-5

configuration guidelines 16-15, 17-6

configuring

forward-delay time 16-23

hello time 16-23

link type for rapid convergence 16-25

maximum aging time 16-24

maximum hop count 16-24

MST region 16-16

neighbor type 16-25

path cost 16-21

port priority 16-19

root switch 16-17

secondary root switch 16-18

switch priority 16-22

CST

defined 16-3

operations between regions 16-3

default configuration 16-14

default optional feature configuration 17-5

displaying status 16-27

enabling the mode 16-16

EtherChannel guard

described 17-3

enabling 17-9

extended system ID

effects on root switch 16-17

effects on secondary root switch 16-18

unexpected behavior 16-17

IEEE 802.1s

implementation 16-6

port role naming change 16-7

instances supported 15-10

interface state, blocking to forwarding 17-2

interoperability and compatibility among modes 15-10

MSTP

interoperability with 802.1D

described 16-8

restarting migration process 16-26

IST

defined 16-2

master 16-3

operations within a region 16-3

loop guard

described 17-5

enabling 17-10

mapping VLANs to MST instance 16-16

MST region

CIST 16-3

configuring 16-16

described 16-2

hop-count mechanism 16-5

IST 16-2

supported spanning-tree instances 16-2

optional features supported 1-5

overview 16-2

Port Fast

described 17-2

enabling 17-6

preventing root switch selection 17-4

root guard

described 17-4

enabling 17-10

root switch

configuring 16-17

effects of extended system ID 16-17

unexpected behavior 16-17

shutdown Port Fast-enabled port 17-3

status, displaying 16-27

multicast groups

Immediate Leave 22-5

leaving 22-5

static joins 22-8

multicast packets

ACLs on 32-38

multicast router interfaces, monitoring 22-15

multicast router ports, adding 22-7

Multicast Source Discovery Protocol

See MSDP

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 22-16

multicast VLAN 22-15

Multicast VLAN Registration

See MVR

multioperations scheduling, IP SLAs 40-5

Multiple HSRP

See MHSRP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example 36-91

configuration guidelines 36-84

configuring 36-83

default configuration 36-84

defined 1-17, 36-81

displaying 36-95

monitoring 36-95

network components 36-83

packet-forwarding process 36-83

support for 1-10

MVR

and address aliasing 22-19

and IGMPv3 22-19

configuration guidelines 22-18

configuring interfaces 22-20

default configuration 22-18

described 22-15

example application 22-16

in the switch stack 22-18

modes 22-19

MVR

monitoring 22-23

multicast television application 22-16

setting global parameters 22-19

support for 1-3

MVRoT, guidelines 22-18

MVR over trunk ports

See MVRoT

N

named IPv4 ACLs 32-14

named IPv6 ACLs 38-3

NameSpace Mapper

See NSM

native VLAN

and IEEE 802.1Q tunneling 14-4

configuring 12-19

default 12-19

NEAT

configuring 9-22

overview 9-9

neighbor discovery, IPv6 37-4

neighbor discovery/recovery, EIGRP 36-35

neighbor offset numbers, REP 18-4

neighbors, BGP 36-56

Network Edge Access Toplogy

See NEAT

network management

CDP 24-1

RMON 28-1

SNMP 30-1

network node interface

See NNI

network performance, measuring with IP SLAs 40-3

network policy TLV 25-7

Network Time Protocol

See NTP

NNI

configuring 10-17

described 10-2

protocol control packets on 33-1

no commands 2-4

non-IP traffic filtering 32-26

Nonstop Forwarding Awareness

See NSF Awareness

nontrunking mode 12-15

normal-range VLANs

characteristics 12-3

configuring 12-7

defined 12-1

no switchport command 10-5

not-so-stubby areas

See NSSA

NSAPs, as ISO IGRP addresses 36-62

NSF Awareness

BGP 36-46

EIGRP 36-37

IS-IS 36-64

OSPF 36-25

NSM 4-3

NSSA, OSPF 36-29

NTP

associations

authenticating 5-4

defined 5-2

enabling broadcast messages 5-6

peer 5-5

server 5-5

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

NTP

support for 1-4

synchronizing devices 5-5

time

services 5-2

synchronizing 5-2

O

OAM

client 42-14

features 42-15

sublayer 42-15

OAM manager

and E-LMI 42-29

configuration guidelines 42-30

configuring 42-30, 42-36

monitoring 42-35

purpose of 42-28

with CFM 42-29

with CFM and Ethernet OAM 42-35

OAM PDUs 42-16

OAM protocol data units 42-14

OBFL

configuring 45-22

described 45-22

displaying 45-23

object tracking

HSRP 41-7

IP SLAs 41-9

IP SLAs, configuring 41-9

monitoring 41-12

on-board failure logging

See OBFL

online diagnostics

described 46-1

overview 46-1

running tests 46-5

Open Shortest Path First

See OSPF

optimizing system resources 7-1

options, management 1-3

OSPF

area parameters, configuring 36-29

configuring 36-25

default configuration

metrics 36-31

route 36-31

settings 36-24

described 36-23

for IPv6 37-6

interface parameters, configuring 36-26

LSA group pacing 36-32

monitoring 36-34

network types, configuring 36-28

router IDs 36-33

route summarization 36-31

support for 1-9

virtual links 36-31

output policies 34-5

output policy maps

classification criteria 34-5

configuration guidelines 34-57

configuring 34-57

displaying statistics 34-70

P

packet classification

defined 34-5

to organize traffic 34-2

packet marking

configuring 34-50

defined 34-21

packet policing, for QoS 34-2

PAgP

Layer 2 protocol tunneling 14-14

See EtherChannel

parallel paths, in routing tables 36-97

parent policies, QoS 34-12, 34-24

passive interfaces

configuring 36-106

OSPF 36-31

passwords

default configuration 8-2

disabling recovery of 8-5

encrypting 8-3

for security 1-7

overview 8-1

recovery of 45-3

setting

enable 8-3

enable secret 8-3

Telnet 8-6

with usernames 8-6

path cost

MSTP 16-21

STP 15-19

path MTU discovery 37-4

PBR

defined 36-103

enabling 36-104

fast-switched policy-based routing 36-105

local policy-based routing 36-106

peers, BGP 36-56

percentage thresholds in tracked lists 41-6

performance features 1-2

periodic data collection and transfer mechanism 30-6

per-port, per-VLAN policy maps, configuration guidelines 34-52

per-port facility loopback

defined 42-25

per-port per VLAN policing 34-12, 34-52

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring 36-90

physical ports 10-3

PIM

default configuration 43-8

dense mode

overview 43-4

rendezvous point (RP), described 43-4

RPF lookups 43-8

displaying neighbors 43-47

enabling a mode 43-11

overview 43-3

router-query message interval, modifying 43-36

shared tree and source tree, overview 43-33

shortest path tree, delaying the use of 43-35

sparse mode

join messages and shared tree 43-4

overview 43-4

prune messages 43-4

RPF lookups 43-8

stub routing

configuration guidelines 43-12

enabling 43-12

overview 43-5

support for 1-1, 1-9

versions

interoperability 43-9

troubleshooting interoperability problems 43-33

v2 improvements 43-3

ping

executing 45-10

overview 45-10

police aggregate command 34-49

police command, with individual policers 34-41, 34-54

policer aggregate command 34-46

policer configuration

default for ENIs and UNIs 33-4

default for NNIs 33-6

policers

configuring for more than one traffic class 34-46

described 34-2

policing

aggregate in input policy maps 34-17

described 34-2

individual in input policy maps 34-16

priority in output policy maps 34-20

QoS 34-15

policy-based routing

See PBR

policy-map command 34-3

policy-map marking, configuration guidelines 34-50

policy maps

attaching 34-3, 34-39

configuration examples 34-70

described 34-16

input

configuring 34-40

described 34-4

output

configuring 34-57

described 34-4

port ACLs

defined 32-2

types of 32-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-5

authentication server

defined 9-2

RADIUS server 9-2

client, defined 9-2

configuration guidelines 9-12

port-based authentication

configuring

802.1x authentication 9-14

host mode 9-20

manual re-authentication of a client 9-17

periodic re-authentication 9-17

quiet period 9-18

RADIUS server 9-17

RADIUS server parameters on the switch 9-16

switch-to-client frame-retransmission number 9-19, 9-20

switch-to-client retransmission time 9-18

violation mode 9-8

violation modes 9-14

default configuration 9-11

described 9-1

device roles 9-2

displaying statistics 9-24

EAPOL-start frame 9-3

EAP-request/identity frame 9-3

EAP-response/identity frame 9-3

encapsulation 9-3

host mode 9-6

initiation and message exchange 9-3

maximum number of allowed devices per port 9-12

method lists 9-14

multiple-hosts mode, described 9-6

ports

authorization state and dot1x port-control command 9-4

authorized and unauthorized 9-4

port security

described 9-7

interactions 9-7

multiple-hosts mode 9-6

readiness check

configuring 9-13

described 9-7, 9-13

resetting to default values 9-21

port-based authentication

statistics, displaying 9-24

switch

as proxy 9-3

RADIUS client 9-3

switch supplicant

configuring 9-22

overview 9-9

VLAN assignment

AAA authorization 9-14

characteristics 9-8

configuration tasks 9-9

described 9-8

port blocking 1-2, 23-6

port-channel

See EtherChannel

Port Fast

described 17-2

enabling 17-6

support for 1-5

port membership modes, VLAN 12-4

port priority

MSTP 16-19

STP 15-17

ports

access 10-4

blocking 23-6

dual-purpose 10-6

dynamic access 12-5

IEEE 802.1Q tunnel 12-5

protected 23-5

REP 18-6

routed 10-5

secure 23-8

static-access 12-5, 12-11

switch 10-3

trunks 12-5, 12-14

VLAN assignments 12-11

port security

aging 23-15

and private VLANs 23-16

configuration guidelines 23-10

configuring 23-11

default configuration 23-10

described 23-8

displaying 23-17

enabling 23-16

on trunk ports 23-12

sticky learning 23-9

violations 23-9

with other features 23-10

port shaping

configuring 34-61

described 34-24

port-shutdown response, VMPS 12-24

port types 10-2

power 25-7

power management TLV 25-7

preempt delay time, REP 18-5

preemption, default configuration 19-7

preemption delay, default configuration 19-7

preferential treatment of traffic

See QoS

prefix lists, BGP 36-54

preventing unauthorized access 8-1

primary edge port, REP 18-4

primary interface for object tracking, DHCP, configuring 41-11

primary interface for static routing, configuring 41-10

primary links 19-2

primary VLANs 13-1, 13-3

priority

HSRP 39-7

priority command 34-20

configuring strict priority queuing 34-62

for QoS scheduling 34-22

for strict priority queuing 34-26

priority policing, described 34-20

priority queues

configuring 34-62

described 34-26

for QoS scheduling 34-22

priority with police

commands 34-20

configuring 34-64

described 34-26

priority with unconditional policing, QoS 34-23

private VLANs

across multiple switches 13-4

and SVIs 13-5

and UNI VLANs 12-12

benefits of 13-1

community ports 13-3

community VLANs 13-2, 13-3

configuration guidelines 13-6, 13-7, 13-8

configuration tasks 13-6

configuring 13-9

default configuration 13-6

end station access to 13-3

IP addressing 13-4

isolated port 13-2

isolated VLANs 13-2, 13-3

mapping 13-13

monitoring 13-14

ports

community 13-3

configuration guidelines 13-8

configuring host ports 13-11

configuring promiscuous ports 13-12

described 12-5

isolated 13-2

promiscuous 13-2

primary VLANs 13-1, 13-3

promiscuous ports 13-2

secondary VLANs 13-2

subdomains 13-1

traffic in 13-5

privileged EXEC mode 2-2

privilege levels

changing the default for lines 8-9

exiting 8-9

logging into 8-9

overview 8-2, 8-7

setting a command with 8-8

promiscuous ports

configuring 13-12

defined 13-2

protected ports 23-5

protocol control packets 33-1

protocol-dependent modules, EIGRP 36-35

Protocol-Independent Multicast Protocol

See PIM

provider edge devices 1-17, 36-82

proxy ARP

configuring 36-9

definition 36-7

with IP routing disabled 36-10

proxy reports 19-3

PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Q

QinQ

See IEEE 802.1Q tunneling

QoS

aggregate policers 34-17

and MQC 34-1

basic model 34-2

CBWFQ 34-25

CBWFQ, configuring 34-58

class-based shaping, described 34-23

QoS

classification

ACL lookup 34-11

based on CoS value 34-8

based on DSCP 34-8

based on IP precedence 34-8

based on QoS group 34-11

based on VLAN IDs 34-12, 34-52

class maps, described 34-7

comparisons 34-10

criteria 34-5

in frames and packets 34-6

policy maps, described 34-16

class maps, configuration guidelines 34-36

class maps, configuring 34-36

configuration examples

adding customers 34-72

adding or deleting a class 34-76

adding or deleting classification criteria 34-72, 34-73

adding or deleting configured actions 34-75

changing queuing or scheduling parameters 34-74

configuration guidelines

aggregate policers 34-46

CBWFQ 34-58

class-based shaping 34-60

class maps 34-36

general 34-31

individual policers 34-41

input policy maps 34-40

marking 34-50

output policy maps 34-57

unconditional priority policing 34-64

WTD 34-67

QoS

configuring

aggregate policers 34-46

class-based shaping 34-60

classification with IP ACLs 34-32

class maps 34-36

individual policers 34-42

individual policing 34-41, 34-54

input policy maps with marking 34-50

IP ACLs 34-32

MAC ACLs 34-35

output policy maps 34-57

port shaping 34-61

priority queues 34-62

queue size 34-28

requirements 34-31

service policies 34-39

strict priority queuing 34-62

table maps 34-38

unconditional priority policing 34-64

WTD 34-66, 34-67

congestion avoidance 34-2, 34-28

congestion management 34-2, 34-22

CPU-generated traffic

configuring output policy classification criteria 34-5

configuring QoS group number 34-12

configuring queue-limit 34-67

output remarking 34-6

QoS groups 34-22

default configuration 34-31

initial configuration example 34-70

input policy maps

configuring 34-40

described 34-5

IP packet classification 34-6

Layer 2 packet classification 34-6

Layer 3 packet classification 34-6

marking, described 34-2

match command 34-7

QoS

output policy maps

configuring 34-58

described 34-5

overview 34-1

packet classification 34-2

packet marking 34-21

packet policing 34-2

parent-child hierarchy 34-12, 34-24

per-port, per-VLAN hierarchical policy maps

described 34-12

policers

configuring 34-42, 34-48, 34-65

described 34-15

policing

aggregate 34-17

described 34-2, 34-15

individual 34-16

priority 34-20

policy maps

attaching 34-39

attaching to an interface 34-19

displaying statistics 34-70

port shaping, described 34-24

preconfiguration 34-31

priority policing, described 34-20

priority with police 34-26

queue size 34-28

scheduling 34-22

CBWFQ 34-22

priority queuing 34-22

traffic shaping 34-22

strict priority queuing 34-26

supported table maps 34-14

support for 1-8

table maps 34-14

testing 34-69

QoS

traffic shaping, described 34-23

unconditional priority policing 34-27

WTD 34-28

QoS groups

classification 34-11, 34-12, 34-52

described 34-5, 34-11

QoS information, displaying 34-69

quality of service

See QoS

queries, IGMP 22-3

query solicitation, IGMP 22-11

queue bandwidth and queue size, relationship 34-30

queue-limit command, QoS 34-28, 34-29, 34-66

queue size, QoS, managing 34-28

R

RADIUS

attributes

vendor-proprietary 8-30

vendor-specific 8-29

configuring

accounting 8-28

authentication 8-23

authorization 8-27

communication, global 8-21, 8-29

communication, per-server 8-20, 8-21

multiple UDP ports 8-21

default configuration 8-20

defining AAA server groups 8-25

displaying the configuration 8-31

identifying the server 8-20

limiting the services to the user 8-27

method list, defined 8-20

operation of 8-19

overview 8-18

server load balancing 8-31

suggested network environments 8-18

RADIUS

support for 1-7

tracking services accessed by user 8-28

range

macro 10-10

of interfaces 10-9

rapid convergence 16-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Rapid Spanning Tree Protocol

See RSTP

RARP 36-7

rate-limiting threshold, CPU protection 33-6

RCP

configuration files

downloading B-17

overview B-15

preparing the server B-16

uploading B-18

image files

deleting old image B-35

downloading B-33

preparing the server B-32

uploading B-35

reachability, tracking IP SLAs IP host 41-9

readiness check

port-based authentication

configuring 9-13

described 9-7, 9-13

reconfirmation interval, VMPS, changing 12-27

reconfirming dynamic VLAN membership 12-27

recovery procedures 45-1

redundancy

EtherChannel 35-3

HSRP 39-1

STP

backbone 15-8

path cost 12-21

port priority 12-20

reliable transport protocol, EIGRP 36-35

reloading software 3-21

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

remote failure indications 42-15

remote failure indications, Ethernet OAM 42-21

remote loopback, Ethernet OAM 42-15, 42-17

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-2

REP

administrative VLAN 18-8

administrative VLAN, configuring 18-8

age timer 18-8

and STP 18-6

configuration guidelines 18-7

configuring interfaces 18-9

convergence 18-4

default configuration 18-7

manual preemption, configuring 18-13

monitoring 18-14

neighbor offset numbers 18-4

open segment 18-2

ports 18-6

preempt delay time 18-5

primary edge port 18-4

ring segment 18-2

secondary edge port 18-4

REP

segments 18-1

characteristics 18-2

SNMP traps, configuring 18-13

supported interfaces 18-1

triggering VLAN load balancing 18-5

verifying link integrity 18-3

VLAN blocking 18-12

VLAN load balancing 18-4

report suppression, IGMP

described 22-6

disabling 22-14

resequencing ACL entries 32-14

resets, in BGP 36-49

resetting a UDLD-shutdown interface 26-6

Resilient Ethernet ProtocolLSee REP

responder, IP SLAs

described 40-4

enabling 40-7

response time, measuring with IP SLAs 40-4

restricting access

NTP services 5-8

overview 8-1

passwords and privilege levels 8-2

RADIUS 8-17

TACACS+ 8-10

retry count, VMPS, changing 12-27

reverse address resolution 36-7

Reverse Address Resolution Protocol

See RARP

RFC

1112, IP multicast and IGMP 22-2

1157, SNMPv1 30-2

1305, NTP 5-2

1587, NSSAs 36-23

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 22-2

RFC

2273-2275, SNMPv3 30-2

2475, DSCP 34-9

2597, AF per-hop behavior 34-9

2598, EF 34-9

RIP

advertisements 36-18

authentication 36-20

configuring 36-19

default configuration 36-18

described 36-18

for IPv6 37-6

hop counts 36-18

summary addresses 36-21

support for 1-9

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-5

collecting group history 28-5

support for 1-10

root guard

described 17-4

enabling 17-10

support for 1-5

root switch

MSTP 16-17

STP 15-15

route calculation timers, OSPF 36-31

route dampening, BGP 36-60

routed packets, ACLs on 32-37

routed ports

configuring 36-3

defined 10-5

IP addresses on 10-25, 36-3

route-map command 36-105

route maps

BGP 36-52

policy-based routing 36-103

router ACLs

defined 32-2

types of 32-4

route reflectors, BGP 36-59

router ID, OSPF 36-33

route selection, BGP 36-50

route summarization, OSPF 36-31

route targets, VPN 36-83

routing

default 36-2

dynamic 36-2

IPv6 traffic 37-2

redistribution of information 36-99

static 36-2

routing domain confederation, BGP 36-59

Routing Information Protocol

See RIP

routing protocol administrative distances 36-98

RSPAN

characteristics 27-7

configuration guidelines 27-15

default configuration 27-9

defined 27-2

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-10, 27-1

received traffic 27-4

session limits 27-10

RSPAN

sessions

creating 27-16

defined 27-3

limiting source traffic to specific VLANs 27-21

specifying monitored ports 27-16

with ingress traffic enabled 27-19

source ports 27-5

transmitted traffic 27-5

VLAN-based 27-6

RSPAN VLANs, and UNI VLANs 12-13

RSTP

active topology 16-9

BPDU

format 16-12

processing 16-13

designated port, defined 16-9

designated switch, defined 16-9

interoperability with 802.1D

described 16-8

restarting migration process 16-26

topology changes 16-13

overview 16-8

port roles

described 16-9

synchronized 16-11

proposal-agreement handshake process 16-10

rapid convergence

described 16-10

edge ports and Port Fast 16-10

point-to-point links 16-10, 16-25

root ports 16-10

root port, defined 16-9

See also MSTP

running configuration

replacing B-19, B-20

rolling back B-19, B-20

running configuration, saving 3-14

S

scheduled reloads 3-21

scheduling, IP SLAs operations 40-5

scheduling, QoS 34-22

SCP

and SSH 8-41

configuring 8-41

SDM

described 7-1

templates

configuring 7-4

number of 7-1

SDM template

configuration guidelines 7-4

configuring 7-3

default 7-1

dual IPv4 and IPv6 7-2

layer 2 7-1

types of 7-1

secondary edge port, REP 18-4

secondary VLANs 13-2

Secure Copy Protocol

secure MAC addresses

deleting 23-14

maximum number of 23-9

types of 23-8

secure ports, configuring 23-8

secure remote connections 8-37

Secure Shell

See SSH

security, port 23-8

security features 1-6

See SCP

sequence numbers in log messages 29-8

service-policy command

attaching policy maps 34-3

guidelines 34-57

using 34-39

service-provider network, MSTP and RSTP 16-1

service-provider networks

and customer VLANs 14-2

and IEEE 802.1Q tunneling 14-1

Layer 2 protocols across 14-13

Layer 2 protocol tunneling for EtherChannels 14-14

set command

for QoS marking 34-21

guidelines 34-50

set-request operation 30-4

severity levels, defining in system messages 29-8

SFPs

monitoring status of 1-10, 10-29, 45-9

security and identification 45-8

status, displaying 1-10

shape average command, QoS 34-22, 34-24, 34-60

shaped round robin

See SRR

show access-lists hw-summary command 32-21

show and more command output, filtering 2-8

show cdp traffic command 24-5

show configuration command 10-24

show forward command 45-19

show interfaces command 10-20, 10-24

show interfaces switchport 19-4

show l2protocol command 14-18, 14-20, 14-21

show lldp traffic command 25-8

show platform forward command 45-19

show running-config command

displaying ACLs 32-19, 32-31, 32-33

interface description in 10-24

shutdown command on interfaces 10-30

shutdown threshold for Layer 2 protocol packets 14-16

Simple Network Management Protocol

See SNMP

SMNP traps, and CFM 42-4

SNAP 24-1

SNMP

accessing MIB variables with 30-4

agent

described 30-4

disabling 30-8

and IP SLAs 40-2

authentication level 30-11

community strings

configuring 30-8

overview 30-4

configuration examples 30-21

default configuration 30-7

engine ID 30-7

groups 30-7, 30-10

host 30-7

ifIndex values 30-5

in-band management 1-4

informs

and trap keyword 30-12

described 30-5

differences from traps 30-5

disabling 30-16

enabling 30-16

limiting access by TFTP servers 30-17

limiting system log messages to NMS 29-10

manager functions 1-3, 30-3

MIBs

location of A-3

supported A-1

notifications 30-5

overview 30-1, 30-4

security levels 30-3

setting CPU threshold notification 30-16

status, displaying 30-23

system contact and location 30-17

trap manager, configuring 30-14

SNMP

traps

described 30-3, 30-5

differences from informs 30-5

disabling 30-16

enabling 30-12

enabling MAC address notification 5-22

overview 30-1, 30-4

types of 30-12

users 30-7, 30-10

versions supported 30-2

SNMP traps

REP 18-13

SNMPv1 30-2

SNMPv2C 30-2

SNMPv3 30-3

snooping, IGMP 22-1

software images

location in flash B-23

recovery procedures 45-2

scheduling reloads 3-21

tar file format, described B-24

See also downloading and uploading

source addresses

in IPv6 ACLs 38-5

source addresses, in IPv4 ACLs 32-11

source-and-destination-IP address based forwarding, EtherChannel 35-8

source-and-destination MAC address forwarding, EtherChannel 35-8

source-IP address based forwarding, EtherChannel 35-8

source-MAC address forwarding, EtherChannel 35-7

Source-specific multicast

See SSM

SPAN

configuration guidelines 27-10

default configuration 27-9

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-10, 27-1

ports, restrictions 23-11

received traffic 27-4

session limits 27-10

sessions

configuring ingress forwarding 27-14, 27-20

creating 27-10

defined 27-3

limiting source traffic to specific VLANs 27-14

removing destination (monitoring) ports 27-12

specifying monitored ports 27-10

with ingress traffic enabled 27-13

source ports 27-5

traffic 27-4

transmitted traffic 27-5

VLAN-based 27-6

spanning tree and native VLANs 12-16

Spanning Tree Protocol

See STP

speed, configuring on interfaces 10-18

SRR, support for 1-8

SSH

configuring 8-38

cryptographic software image 8-37

described 1-4, 8-37

encryption methods 8-38

user authentication methods, supported 8-38

SSM

address management restrictions 43-15

CGMP limitations 43-16

components 43-14

configuration guidelines 43-15

configuring 43-13, 43-16

differs from Internet standard multicast 43-14

IGMP snooping 43-16

IGMPv3 43-14

IGMPv3 Host Signalling 43-15

IP address range 43-14

monitoring 43-16

operations 43-14

PIM 43-14

state maintenance limitations 43-16

SSM mapping

configuration guidelines 43-17

configuring 43-17, 43-19

defined 43-17

DNS-based 43-18, 43-20

monitoring 43-22

overview 43-17

restrictions 43-17

static 43-18, 43-20

static traffic forwarding 43-21

standby ip command 39-6

standby links 19-2

standby router 39-1

standby timers, HSRP 39-10

startup configuration

booting

manually 3-18

specific image 3-19

clearing B-19

configuration file

automatically downloading 3-17

specifying the filename 3-17

default boot configuration 3-17

static access ports

assigning to VLAN 12-11

defined 10-4, 12-5

static addresses

See addresses

static IP routing 1-9

static MAC addressing 1-7

static route primary interface,configuring 41-10

static routes

understanding 37-6

static routes, configuring 36-97

static routing 36-2

static SSM mapping 43-18, 43-20

static traffic forwarding 43-21

static VLAN membership 12-2

statistics

802.1x 9-24

CDP 24-5

interface 10-29

IP multicast routing 43-46

LLDP 25-8

LLDP-MED 25-8

OSPF 36-34

RMON group Ethernet 28-5

RMON group history 28-5

SNMP input and output 30-23

sticky learning 23-9

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-17

support for 1-2

thresholds 23-1

STP

and REP 18-6

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

BPDU message exchange 15-3

configuration guidelines 15-12, 17-6

configuring

forward-delay time 15-22

hello time 15-21

maximum aging time 15-22

path cost 15-19

port priority 15-17

root switch 15-15

secondary root switch 15-17

spanning-tree mode 15-14

switch priority 15-20

counters, clearing 15-23

default configuration 15-11

default optional feature configuration 17-5

designated port, defined 15-4

designated switch, defined 15-4

disabling 15-15

displaying status 15-23

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

extended system ID

effects on root switch 15-15

effects on the secondary root switch 15-17

overview 15-4

unexpected behavior 15-16

features supported 1-5

STP

IEEE 802.1D and bridge ID 15-4

IEEE 802.1D and multicast addresses 15-9

IEEE 802.1t and VLAN identifier 15-4

inferior BPDU 15-3

instances supported 15-10

interface state, blocking to forwarding 17-2

interface states

blocking 15-6

disabled 15-7

forwarding 15-6, 15-7

learning 15-7

listening 15-6

overview 15-4

interoperability and compatibility among modes 15-10

keepalive messages 15-3

Layer 2 protocol tunneling 14-13

limitations with 802.1Q trunks 15-11

load sharing

overview 12-19

using path costs 12-21

using port priorities 12-20

loop guard

described 17-5

enabling 17-10

modes supported 15-9

multicast addresses, effect of 15-9

optional features supported 1-5

overview 15-2

path costs 12-21, 12-22

Port Fast

described 17-2

enabling 17-6

port priorities 12-20

preventing root switch selection 17-4

protocols supported 15-9

redundant connectivity 15-8

STP

root guard

described 17-4

enabling 17-10

root port, defined 15-3

root switch

configuring 15-15

effects of extended system ID 15-4, 15-15

election 15-3

unexpected behavior 15-16

status, displaying 15-23

superior BPDU 15-3

timers, described 15-21

stratum, NTP 5-2

strict priority queuing 34-62

configuration guidelines 34-62

configuring 34-63

defined 34-26

QoS 34-26

stub areas, OSPF 36-29

stub routing, EIGRP 36-40

subdomains, private VLAN 13-1

subnet mask 36-5

subnet zero 36-5

success response, VMPS 12-24

summer time 5-13

SunNet Manager 1-3

supernet 36-6

SVIs

and IP unicast routing 36-3

and router ACLs 32-4

connecting VLANs 10-7

defined 10-5

routing between VLANs 12-2

S-VLAN 14-7

switch 37-2

switch console port 1-4

Switch Database Management

See SDM

switched packets, ACLs on 32-37

Switched Port Analyzer

See SPAN

switched ports 10-3

switchport backup interface 19-4, 19-5

switchport block multicast command 23-7

switchport block unicast command 23-7

switchport command 10-15

switchport mode dot1q-tunnel command 14-6

switchport protected command 23-6

switch priority

MSTP 16-22

STP 15-20

switch software features 1-1

switch virtual interface

See SVI

synchronization, BGP 36-46

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-2

See also NTP

system message logging

default configuration 29-3

defining error message severity levels 29-8

disabling 29-4

displaying the configuration 29-13

enabling 29-4

facility keywords, described 29-13

level keywords, described 29-9

limiting messages 29-10

message format 29-2

overview 29-1

system message logging

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

synchronizing log messages 29-6

syslog facility 1-10

time stamps, enabling and disabling 29-7

UNIX syslog servers

configuring the daemon 29-12

configuring the logging facility 29-12

facilities supported 29-13

system MTU

and IEEE 802.1Q tunneling 14-5

and IS-IS LSPs 36-67

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-15

system resources, optimizing 7-1

system routing

IS-IS 36-62

ISO IGRP 36-62

System-to-Intermediate System Protocol

See IS-IS

T

table maps

default actions 34-14

described 34-14

for QoS marking 34-21

QoS, configuring 34-38

types of 34-14

TACACS+

accounting, defined 8-11

authentication, defined 8-11

authorization, defined 8-11

configuring

accounting 8-17

authentication key 8-13

authorization 8-16

login authentication 8-14

default configuration 8-13

displaying the configuration 8-17

identifying the server 8-13

limiting the services to the user 8-16

operation of 8-12

overview 8-10

support for 1-7

tracking services accessed by user 8-17

tagged packets

IEEE 802.1Q 14-3

Layer 2 protocol 14-13

tar files

creating B-6

displaying the contents of B-6

extracting B-7

image file format B-24

TCL script, registering and defining with embedded event manager 31-6

TDR 1-10

Telnet

accessing management interfaces 2-9

number of connections 1-4

setting a password 8-6

templates

Ethernet OAM 42-21

SDM 7-2

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 8-6

terminal loopback

defined 42-25

TFTP

configuration files

downloading B-11

preparing the server B-10

uploading B-11

configuration files in base directory 3-7

configuring for autoconfiguration 3-6

image files

deleting B-27

downloading B-26

preparing the server B-25

uploading B-27

limiting access by servers 30-17

TFTP server 1-3

threshold, traffic level 23-2

threshold monitoring, IP SLAs 40-6

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32-16

time ranges in ACLs 32-16

time stamps in log messages 29-7

time-to-live 36-15

time zones 5-12

TLVs

defined 25-1

LLDP 25-2

LLDP-MED 25-2

traceroute, Layer 2

and ARP 45-14

and CDP 45-13

broadcast traffic 45-13

described 45-13

IP addresses and subnets 45-14

MAC addresses and VLANs 45-13

multicast traffic 45-13

traceroute, Layer 2

multiple devices on a port 45-14

unicast traffic 45-13

usage guidelines 45-13

traceroute command 45-15

See also IP traceroute

tracked lists

configuring 41-3

types 41-3

tracked objects

by Boolean expression 41-4

by threshold percentage 41-6

by threshold weight 41-5

tracking interface line-protocol state 41-2

tracking IP routing state 41-2

tracking objects 41-1

tracking process 41-1

track state, tracking IP SLAs 41-9

traffic

blocking flooded 23-7

fragmented 32-5

fragmented IPv6 38-2

unfragmented 32-5

traffic class, defined 34-3

traffic classification, typical values 34-10

traffic marking 34-21

traffic policies, elements in 34-3

traffic shaping

for QoS scheduling 34-22

QoS traffic control 34-23

traffic suppression 23-1

trap-door mechanism 3-2

traps

configuring MAC address notification 5-22

configuring managers 30-12

defined 30-3

enabling 5-22, 30-12

notification types 30-12

overview 30-1, 30-4

troubleshooting

connectivity problems 45-9, 45-13, 45-14

detecting unidirectional links 26-1

displaying crash information 45-21

PIMv1 and PIMv2 interoperability problems 43-33

setting packet forwarding 45-19

SFP security and identification 45-8

show forward command 45-19

with CiscoWorks 30-4

with debug commands 45-17

with ping 45-10

with system message logging 29-1

with traceroute 45-14

trunk failover

See link-state tracking

trunking encapsulation 1-6

trunk ports

configuring 12-17

defined 10-4, 12-5

trunks

allowed-VLAN list 12-17

load sharing

setting STP path costs 12-21

using STP port priorities 12-20

native VLAN for untagged traffic 12-19

parallel 12-21

tunneling

defined 14-1

IEEE 802.1Q 14-1

Layer 2 protocol 14-13

tunnel ports

defined 12-5

described 10-4, 14-1

IEEE 802.1Q, configuring 14-6

incompatibilities with other features 14-6

twisted-pair Ethernet, detecting unidirectional links 26-1

U

UDLD

configuration guidelines 26-4

default configuration 26-4

disabling

globally 26-5

on fiber-optic interfaces 26-5

per interface 26-5

echoing detection mechanism 26-2

enabling

globally 26-5

per interface 26-5

Layer 2 protocol tunneling 14-15

link-detection mechanism 26-1

neighbor database 26-2

overview 26-1

resetting an interface 26-6

status, displaying 26-6

support for 1-5

UDP

datagrams 36-15

defined

forwarding 36-13

UDP, configuring 36-13

UDP jitter, configuring 40-9

UDP jitter operation, IP SLAs 40-8

unauthorized ports with 802.1x 9-4

unconditional priority policing

configuration guidelines 34-64

priority with police 34-27

UN-ENI VLANs

defined 12-5

UNI

configuring 10-17

described 10-2

protocol control packets on 33-1

unicast MAC address filtering

and adding static addresses 5-26

and broadcast MAC addresses 5-25

and CPU packets 5-26

and multicast addresses 5-25

and router MAC addresses 5-25

configuration guidelines 5-25

described 5-25

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-7

UNI community VLAN 12-6

UniDirectional Link Detection protocol

See UDLD

UNI isolated VLAN 12-6

UNIs, remote (CFM) 42-29

UNI VLANs

and private VLANs 12-12

and RSPAN VLANs 12-13

configuration guidelines 12-12

configuring 12-13

UNIX syslog servers

daemon configuration 29-12

facilities supported 29-13

message logging configuration 29-12

upgrading software images

See downloading

upgrading with CNS 4-14

uploading

configuration files

preparing B-10, B-13, B-16

reasons for B-8

using FTP B-14

using RCP B-18

using TFTP B-11

uploading

image files

preparing B-25, B-28, B-32

reasons for B-23

using FTP B-31

using RCP B-35

using TFTP B-27

usage guidelines

Layer 2 traceroute 45-13

User Datagram Protocol

See UDP

user EXEC mode 2-2

username-based authentication 8-6

user network interface

See UNI

V

Virtual Private Network

See VPN

virtual router 39-1, 39-2

vlan.dat file 12-3

VLAN 1

disabling on a trunk port 12-18

minimization 12-18

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 12-24

VLAN blocking, REP 18-12

VLAN configuration mode 2-2

VLAN database

and VTP 31-1

VLAN configuration saved in 12-9

VLANs saved in 12-3

vlan dot1q tag native command 14-4

VLAN filtering and SPAN 27-6

vlan global configuration command 12-7, 12-9

VLAN ID

discovering 5-28

service provider 14-8

VLAN ID translation

See VLAN mapping

VLAN load balancing

configuration guidelines on flex links 19-8

on flex links 19-2

REP 18-4

triggering 18-5

VLAN loopback

defined 42-25

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 32-29

VLAN mapping

1-to-1 14-8

1-to-1, configuring 14-10

configuration guidelines 14-9

configuring 14-10

configuring on a trunk port 14-10

default 14-9

described 14-7

selective QinQ 14-8

selective Q-in-Q, configuring 14-12

traditional QinQ 14-8

traditional Q-in-Q, configuring 14-11

types of 14-8

VLAN maps

applying 32-33

common uses for 32-33

configuration guidelines 32-29

configuring 32-29

creating 32-30

defined 32-2, 32-5

denying access to a server example 32-34

denying and permitting packets 32-31

displaying 32-39

examples of ACLs and VLAN maps 32-31

VLAN maps

removing 32-33

support for 1-8

wiring closet configuration example 32-34

with router ACLs 32-39

VLAN membership

confirming 12-27

modes 12-5

VLAN Query Protocol

See VQP

VLANs

adding 12-9

aging dynamic addresses 15-9

allowed on trunk 12-17

and spanning-tree instances 12-3, 12-8

configuration guidelines 12-8

configuration guidelines, normal-range VLANs 12-8

configuring 12-1

connecting through SVIs 10-7

customer numbering in service-provider networks 14-3

default configuration 12-7

described 10-2, 12-1

displaying 12-14

extended-range 12-1

features 1-6

illustrated 12-2

internal 12-9

limiting source traffic with RSPAN 27-21

limiting source traffic with SPAN 27-14

modifying 12-9

multicast 22-15

native, configuring 12-19

normal-range 12-1, 12-3

number supported 1-6

parameters 12-3

port membership modes 12-4

static-access ports 12-11

STP and 802.1Q trunks 15-11

VLANs

supported 12-3

traffic between 12-2

UNI 12-5

UNI community 12-6

UNI isolated 12-6

VLAN Trunking Protocol

See VTP

VLAN trunks 12-14

VMPS

administering 12-28

configuration example 12-28

configuration guidelines 12-25

default configuration 12-25

description 12-23

dynamic port membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

mapping MAC addresses to VLANs 12-23

monitoring 12-28

reconfirmation interval, changing 12-27

reconfirming membership 12-27

retry count, changing 12-27

VPN

configuring routing in 36-89

forwarding 36-84

in service provider networks 36-81

routes 1-17, 36-82

VPN routing and forwarding table

See VRF

VQP 1-6, 12-23

VRF

defining 36-83

tables 1-17, 36-81

VRF-aware services

ARP 36-86

configuring 36-86

ftp 36-89

HSRP 36-87

ping 36-86

SNMP 36-87

syslog 36-88

tftp 36-89

traceroute 36-89

uRPF 36-88

VTP Layer 2 protocol tunneling 14-13

W

weighted tail drop

See WTD

weight thresholds in tracked lists 41-5

WTD

configuration guidelines 34-67

configuring 34-66, 34-67

described 34-28

support for 1-8