Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - Y -

Index

Numerics

1-rate, 2-color policing 34-16

2-rate, 3-color policing 34-17

802.1ad

configuration guidelines 14-14

configuring 14-13

supported features 14-13

802.1ad EtherChannels

configuration example 14-15

configuration guidelines 14-14, 14-15

802.1ad ports 34-5

802.1ad QoS

configuration examples 34-90

configuration guidelines 34-89

configuring 34-89

802.1ad split horizon

configuration guidelines 14-14

configuring 14-18

802.1Q ports and CoS mapping 34-8

802.1Q tag for ingress QoS classification 34-78

802.1Q tunneling

QoS classification 34-78

A

abbreviating commands 2-3

ABRs 36-23

access-class command 32-18

access control entries

See ACEs

access-denied response, VMPS 12-24

access groups

applying IPv4 ACLs to interfaces 32-19

Layer 2 32-19

Layer 3 32-20

access lists

See ACLs

access ports

and Layer 2 protocol tunneling 14-23

defined 10-4

accounting

with IEEE 802.1x 9-5, 9-22

with RADIUS 8-29

with TACACS+ 8-11, 8-17

ACEs

defined 32-2

Ethernet 32-2

IP 32-2

ACL classification, QoS 34-11

ACLs

ACEs 32-2

any keyword 32-12, 34-39

applying

on multicast packets 32-41

on routed packets 32-40

on switched packets 32-39

time ranges to 32-16

to an interface 32-19, 39-7

to IPv6 interfaces 39-7

applying to QoS 34-11

classifying traffic for QoS 34-37

comments in 32-18

compiling 32-22

defined 32-1, 32-7

examples of 32-22

extended IPv4

creating 32-10

matching criteria 32-7

hardware and software handling 32-20

host keyword 32-12, 34-39

IP

creating 32-7

implicit deny 32-9, 32-13, 32-15

implicit masks 32-9

matching criteria 32-7

undefined 32-20

IPv4

applying to interfaces 32-19

creating 32-7

matching criteria 32-7

named 32-14

numbers 32-8

terminal lines, setting on 32-18

unsupported features 32-6

IPv6

applying to interfaces 39-7

configuring 39-3, 39-4

displaying 39-8

interactions with other features 39-4

limitations 39-3

matching criteria 39-3

named 39-3

precedence of 39-2

supported 39-2

unsupported features 39-3

Layer 4 information in 32-39

logging messages 32-8

MAC extended 32-27

matching 32-7, 32-20

monitoring 32-41, 39-8

named

IPv6 39-3

named, IPv4 32-14

names 39-4

port 32-2, 39-2

precedence of 32-2

QoS 34-11

resequencing entries 32-14

router 32-2, 39-2

router ACLs and VLAN map configuration guidelines 32-38

standard IPv4

creating 32-9

matching criteria 32-7

support for 1-8

support in hardware 32-20

time ranges 32-16

types supported 32-2

unsupported features

IPv6 39-3

unsupported features, IPv4 32-6

using router ACLs with VLAN maps 32-38

VLAN maps

configuration guidelines 32-30

configuring 32-30

ACLs, QoS, configuring 34-37

active link 19-4, 19-5, 19-6

active links 19-2

active router 40-2

active traffic monitoring, IP SLAs 41-1

address aliasing 22-2

addresses

displaying the MAC address table 5-31

dynamic

accelerated aging 15-9

changing the aging time 5-21

default aging 15-9

defined 5-19

learning 5-20

removing 5-22

IPv6 37-2

MAC, discovering 5-31

multicast

group address range 44-2

STP address management 15-9

static

adding and removing 5-27

defined 5-19

address resolution 5-31, 36-7

Address Resolution Protocol

See ARP

adjacency tables, with CEF 36-96

administrative distances

defined 36-109

OSPF 36-31

routing protocol defaults 36-98

administrative VLAN

REP, configuring 18-8

administrative VLAN, REP 18-8

advertisements

CDP 24-1

LLDP 25-1

RIP 36-18

age timer, REP 18-8

aggregatable global unicast addresses 37-3

aggregate addresses, BGP 36-58

aggregated ports

See EtherChannel

aggregate policers

configuration guidelines 34-54

configuring 34-54

described 34-18

aging, accelerating 15-9

aging time

accelerated

for MSTP 16-23

for STP 15-9, 15-22

MAC address table 5-21

maximum

for MSTP 16-24

for STP 15-22

alarms, RMON 28-3

allowed-VLAN list 12-18

area border routers

See ABRs

area routing

IS-IS 36-62

ISO IGRP 36-62

ARP

configuring 36-8

defined 1-4, 5-31, 36-7

encapsulation 36-9

static cache configuration 36-8

table

address resolution 5-31

managing 5-31

ASBRs 36-23

AS-path filters, BGP 36-52

assured forwarding, DSCP 34-9

asymmetrical links, and IEEE 802.1Q tunneling 14-4

attributes, RADIUS

vendor-proprietary 8-31

vendor-specific 8-30

authentication

EIGRP 36-39

HSRP 40-10

local mode with AAA 8-37

NTP associations 5-5

RADIUS

key 8-22

login 8-24

TACACS+

defined 8-11

key 8-13

login 8-14

See also port-based authentication

authentication keys, and routing protocols 36-109

authentication manager

single session ID 9-10

authoritative time source, described 5-2

authorization

with RADIUS 8-28

with TACACS+ 8-11, 8-16

authorized ports with 802.1x 9-4

autoconfiguration 3-3

auto enablement 9-9

autonegotiation

duplex mode 1-2

interface configuration guidelines 10-19

mismatches 46-8

autonomous system boundary routers

See ASBRs

autonomous systems, in BGP 36-46

Auto-RP, described 44-6

autosensing, port speed 1-2

availability, features 1-5

B

backup interfaces

See Flex Links

backup links 19-2

backup static routing, configuring 42-12

bandwidth, QoS, configuring 34-67

bandwidth command

for CBWFQ 34-26

QoS, configuring 34-67

QoS, described 34-28

with police command 34-30

bandwidth remaining percent command 34-30

banners

configuring

login 5-19

message-of-the-day login 5-18

default configuration 5-17

when displayed 5-17

Berkeley r-tools replacement 8-42

best-effort packet delivery 34-1

BGP

aggregate addresses 36-58

aggregate routes, configuring 36-58

CIDR 36-58

clear commands 36-61

community filtering 36-55

configuring neighbors 36-56

default configuration 36-44, 36-74

described 36-43

enabling 36-46

monitoring 36-61

multipath support 36-50

neighbors, types of 36-46

path selection 36-50

peers, configuring 36-56

prefix filtering 36-54

resetting sessions 36-49

route dampening 36-60

route maps 36-52

route reflectors 36-59

routing domain confederation 36-59

routing session with multi-VRF CE 36-90

show commands 36-61

supernets 36-58

support for 1-10

Version 4 36-43

binding database

DHCP snooping

See DHCP snooping binding database

bindings

DHCP snooping database 20-6

IP source guard 20-19

binding table, DHCP snooping

See DHCP snooping binding database

blocking packets 23-6

Boolean expressions in tracked lists 42-4

booting

boot loader, function of 3-2

boot process 3-1

manually 3-20

specific image 3-20

boot loader

accessing 3-21

described 3-2

environment variables 3-21

prompt 3-21

trap-door mechanism 3-2

bootstrap router (BSR), described 44-6

Border Gateway Protocol

See BGP

BPDU

error-disabled state 17-3

filtering 17-3

RSTP format 16-12

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

support for 1-6

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

support for 1-6

broadcast flooding 36-15

broadcast packets

directed 36-12

flooded 36-12

broadcast storm-control command 23-4

broadcast storms 23-1, 36-12

bulk statistics

defined 30-6

file 30-6

object list, configuring 30-18

object list, described 30-6

schema, configuring 30-18

schema, described 30-6

transfer 30-19

bulkstat object-list 30-18

bulkstat schema 30-18

byte-level statistics 34-17

C

cables, monitoring for unidirectional links 26-1

CBWFQ

and bandwidth command 34-28, 34-67

configuration guidelines 34-67

QoS scheduling 34-26

CDP

configuring 24-2

default configuration 24-2

defined with LLDP 25-1

described 24-1

disabling for routing device24-3to 24-4

enabling and disabling

on an interface 24-4

on a switch 24-3

Layer 2 protocol tunneling 14-20

monitoring 24-5

overview 24-1

support for 1-4

transmission timer and holdtime, setting 24-2

updates 24-2

CEF

defined 36-96

enabling 36-96

IPv6 37-21

CFM

and Ethernet OAM, configuring 43-55

and Ethernet OAM interaction 43-54

and OAM manager 43-48

and other features 43-8

and tunnels 43-8

clearing 43-31

configuration errors 43-6

configuration guidelines 43-8

configuring crosscheck 43-12

configuring fault alarms 43-16

configuring port MEP 43-14

configuring static remote MEP 43-13

configuring the network 43-8

continuity check messages 43-5

crosscheck 43-5

default configuration 43-7

defined 43-2

down MEPs 43-4

draft 1 43-4

draft 8.1 43-4

EtherChannel support 43-8

fault alarms

configuring 43-16

defined 43-5

IEEE 802.1ag 43-2

IP SLAs support for 43-6

IP SLAs with endpoint discovers 43-19

loopback messages 43-5

maintenance association 43-3

maintenance domain 43-2

maintenance point 43-3

manually configuring IP SLAs ping or jitter 43-18

measuring network performance 43-6

messages

continuity check 43-5

loopback 43-5

traceroute 43-5

monitoring 43-31, 43-32

on EtherChannel port channels 43-8

port MEP, configuring 43-14

remote MEPs 43-5

SNMP traps 43-5

static RMEP, configuring 43-13

static RMEP check 43-5

traceroute messages 43-5

types of messages 43-5

UNIs 43-4

up MEPs 43-4

version interoperability 43-6

Y.1731

described 43-23

child policies, QoS 34-13, 34-28

CIDR 36-58

Cisco Configuration Engine 1-3

Cisco Data Collection MIB 30-1

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco IOS File System

See IFS

Cisco IOS IP SLAs 41-1

Cisco Process MIB 30-1

CiscoWorks 2000 1-3, 30-4

CISP 9-9

CIST regional root

See MSTP

CIST root

See MSTP

civic location 25-3

class-based priority queuing, QoS 34-20

class-based shaping

configuration guidelines 34-69

configuring 34-69

for QoS 34-27

Class-Based-Weighted-Fair-Queuing

See CBWFQ

classification

based on ACL lookup 34-11

based on DEI bit 34-10

in packet headers 34-6

of 802.1ad frames 34-10

per-port per VLAN 34-13, 34-60

QoS comparisons 34-10

QoS group 34-12

classless interdomain routing

See CIDR

classless routing 36-6

class map

match-all option 34-7

match-any option 34-7

class-map command 34-3

class maps

for QinQ input policy maps 34-81

for QinQ output policy maps 34-84

class maps, QoS

configuring 34-41

described 34-7

class of service

See CoS

class selectors, DSCP 34-9

clearing

Ethernet CFM 43-31

clearing interfaces 10-31

CLI

abbreviating commands 2-3

command modes 2-1

described 1-3

editing features

enabling and disabling 2-6

keystroke editing 2-6

wrapped lines 2-8

error messages 2-4

filtering command output 2-8

getting help 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

no and default forms of commands 2-4

Client Information Signalling Protocol

See CISP

client processes, tracking 42-1

CLNS

See ISO CLNS

clock

See system clock

CNS

Configuration Engine

configID, deviceID, hostname 4-3

configuration service 4-2

described 4-1

event service 4-3

embedded agents

described 4-5

enabling automated configuration 4-6

enabling configuration agent 4-9

enabling event agent 4-7

for upgrading 4-14

command-line interface

See CLI

command macros

applying global parameter values 11-4

applying macros 11-4

applying parameter values 11-4

configuration guidelines 11-2

creating 11-3

default configuration 11-2

defined 11-1

displaying 11-5

tracing 11-2

command modes 2-1

commands

abbreviating 2-3

no and default 2-4

commands, setting privilege levels 8-8

common session ID

see single session ID 9-10

community list, BGP 36-55

community ports 13-3

community strings

configuring 30-8

overview 30-4

community VLANs 13-2, 13-3

compatibility, feature 23-11

config.text 3-19

configurable leave timer, IGMP 22-5

configurable policer profiles 34-45

configuration, initial

defaults 1-12

configuration example

802.1ad EtherChannels 14-15

configuration examples

802.1ad QoS 34-90

network 1-15

policy maps 34-99

QoS

adding customers 34-101

adding or deleting a class 34-104

adding or deleting classification criteria 34-101, 34-102

adding or deleting configured actions 34-103

changing queuing or scheduling parameters 34-103

initial 34-99

QoS classification for QinQ 34-85

QoS marking and queuing, CPU-generated traffic 34-94

configuration files

archiving A-19

clearing the startup configuration A-19

creating using a text editor A-10

default name 3-19

deleting a stored configuration A-19

described A-8

downloading

automatically 3-19

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

guidelines for creating and using A-9

guidelines for replacing and rolling back A-20

invalid combinations when copying A-5

limiting TFTP server access 30-17, 30-18, 30-19, 30-20

obtaining with DHCP 3-8

password recovery disable considerations 8-5

replacing a running configuration A-19, A-20

rolling back a running configuration A-19, A-20

specifying the filename 3-19

system contact and location information 30-17

types and location A-9

uploading

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-14

using RCP A-18

using TFTP A-11

configuration guidelines

802.1ad and split horizon 14-14

802.1ad EtherChannels 14-14, 14-15

802.1ad QoS 34-89

aggregate policers 34-54

CBWFQ 34-67

CFM 43-8

class-based shaping 34-69

C-VLAN child policy maps 34-80

C-VLAN parent policy maps 34-79

EtherChannel 35-10

Ethernet OAM 43-35

HSRP 40-5

individual policers 34-46

input policy maps 34-45

link-state tracking 35-24

marking in policy maps 34-58

multi-VRF CE 36-85

OAM manager 43-49

output policy maps 34-65

per-port, per-VLAN QoS 34-60

PIM stub routing 44-12

port security 23-10

QoS, general 34-35

QoS ACLs 34-37

QoS classification for QinQ 34-78

QoS class maps 34-41

QoS table maps 34-43

REP 18-7

rollback and replacement A-20

SSM 44-16

SSM mapping 44-17

strict priority queuing 34-71

unconditional priority policing 34-73

UNI VLANs 12-12

VLAN mapping 14-9

VLANs 12-8

WTD 34-76

configuration replacement A-19

configuration rollback A-19

configuration settings, saving 3-15

configure terminal command 10-8

Configure the VACL logging parameters 32-37

configuring marking in input policy maps 34-58

configuring port-based authentication violation modes 9-17

Configuring VACL Logging 32-36

conform, exceed, and violate actions 34-54

congestion avoidance, QoS 34-2, 34-32

congestion management, QoS 34-2, 34-26

connections, secure remote 8-38

Connectivity Fault Management

See CFM

connectivity problems 46-9, 46-13, 46-14

console port, connecting to 2-9

control packets

and control-plane security 33-2

dropping and rate-limiting 33-2

control-plane security

configuring 33-6

control packets 33-2

monitoring 33-7

policers 33-4

policing 33-2

purpose of 33-1

control protocol, IP SLAs 41-4

convergence

REP 18-4

corrupted software, recovery steps with Xmodem 46-2

CoS

classification 34-8

values 34-6

CoS mapping 34-8

counters, clearing interface 10-31

CPU-generated traffic

marking and queuing 34-92

CPU overload, protection from 33-1

CPU policers 33-6

CPU protection 33-4

CPU threshold notification 30-21

CPU threshold table 30-1, 30-20

CPU utilization statistics 30-20

crashinfo file 46-21

crosscheck, CFM 43-5, 43-12

cryptographic software image

Kerberos 8-33

SSH 8-38

C-UNI isolated ports 14-18

C-UNIs 14-13

customer edge devices 1-18, 36-83

C-VLAN 14-7

D

data collection, bulk statistics 30-20

daylight saving time 5-13

debugging

enabling all system diagnostics 46-18

enabling for a specific feature 46-17

redirecting error message output 46-18

using commands 46-17

default

policer configuration

ENIs and UNIs 33-4

NNIs 33-6

default actions, table maps 34-15

default commands 2-4

default configuration

banners 5-17

BGP 36-44, 36-74

booting 3-19

CDP 24-2

CFM 43-7

DHCP 20-8

DHCP option 82 20-8

DHCP snooping 20-8

DHCP snooping binding database 20-8

DNS 5-16

dynamic ARP inspection 21-5

EIGRP 36-36

E-LMI and OAM 43-48

EtherChannel 35-10

Ethernet OAM 43-35

Flex Links 19-7

HSRP 40-5

IEEE 802.1Q tunneling 14-4

IEEE 802.1x 9-11

IGMP 44-37

IGMP filtering 22-24

IGMP snooping 22-6, 38-5, 38-6

IGMP throttling 22-25

initial switch information 3-3

IP addressing, IP routing 36-4

IP multicast routing 44-9

IP SLAs 41-6

IP source guard 20-21

IPv6 37-11

IS-IS 36-63

Layer 2 interfaces 10-15

Layer 2 protocol tunneling 14-23

LLDP 25-3

MAC address table 5-21

MAC address-table move update 19-7

MSDP 45-3

MSTP 16-14

multi-VRF CE 36-84

MVR 22-18

NTP 5-4

optional spanning-tree configuration 17-5

OSPF 36-24

password and privilege level 8-2

PIM 44-9

private VLANs 13-6

QoS 34-35

RADIUS 8-21

REP 18-7

RIP 36-18

RMON 28-3

RSPAN 27-9

SDM template 7-3

SNMP 30-7

SPAN 27-9

STP 15-11

system message logging 29-3

system name and prompt 5-15

TACACS+ 8-13

UDLD 26-4

VLAN, Layer 2 Ethernet interfaces 12-16

VLAN mapping 14-9

VLANs 12-7

VMPS 12-25

Y.1731 43-26

default gateway 3-15, 36-10

default networks 36-99

default router preference

See DRP

default routes 36-99

default routing 36-2

default service, DSCP 34-9

default template 7-1

DEI bit

for classification 34-5

ingress classification 34-89

ingress marking 34-89

ingress policing 34-89

location 34-6

DEI classification 34-10

denial-of-service attacks, preventing 33-1

description command 10-25

designing your network, examples 1-15

destination addresses

in IPv6 ACLs 39-5

destination addresses, in IPv4 ACLs 32-11

destination-IP address-based forwarding, EtherChannel 35-8

destination-MAC address forwarding, EtherChannel 35-7

device discovery protocol 24-1, 25-1

DHCP

DHCP for IPv6

See DHCPv6

DHCP, enabling the relay agent 20-10

DHCP-based autoconfiguration

client request message exchange 3-4

configuring

client side 3-3

DNS 3-7

relay device 3-8

server side 3-6

TFTP server 3-7

example 3-9

lease options

for IP address information 3-6

for receiving the configuration file 3-6

overview 3-3

relationship to BOOTP 3-3

relay support 1-4, 1-11

support for 1-3

DHCP-based autoconfiguration and image update

configuring3-11to 3-14

understanding 3-5

DHCP binding database

See DHCP snooping binding database

DHCP binding table

See DHCP snooping binding database

DHCP object tracking, configuring primary interface 42-11

DHCP option 82

circuit ID suboption 20-5

configuration guidelines 20-8

default configuration 20-8

displaying 20-15

forwarding address, specifying 20-10

helper address 20-10

overview 20-3

packet format, suboption

circuit ID 20-5

remote ID 20-5

remote ID suboption 20-5

DHCP server port-based address allocation

configuration guidelines 20-16

default configuration 20-16

described 20-15

displaying 20-18

enabling 20-16

reserved addresses 20-17

DHCP snooping

accepting untrusted packets form edge switch 20-3, 20-12

and private VLANs 20-13

binding database

See DHCP snooping binding database

configuration guidelines 20-8

default configuration 20-8

displaying binding tables 20-15

message exchange process 20-4

option 82 data insertion 20-3

trusted interface 20-2

untrusted interface 20-2

untrusted messages 20-2

DHCP snooping binding database

adding bindings 20-13

binding entries, displaying 20-15

binding file

format 20-7

location 20-6

bindings 20-6

clearing agent statistics 20-14

configuration guidelines 20-9

configuring 20-13

default configuration 20-8

deleting

binding file 20-14

bindings 20-14

database agent 20-14

described 20-6

displaying 20-15

binding entries 20-15

status and statistics 20-15

enabling 20-13

entry 20-6

renewing database 20-14

resetting

delay value 20-14

timeout value 20-14

DHCP snooping binding table

See DHCP snooping binding database

DHCPv6

configuration guidelines 37-16

default configuration 37-16

described 37-6

enabling client function 37-19

enabling DHCPv6 server function 37-17

diagnostic schedule command 47-2

Differentiated Services Code Point

See DSCP

Diffusing Update Algorithm (DUAL) 36-34

Digital Optical Monitoring

see DoM

directed unicast requests 1-4

directories

changing A-3

creating and removing A-4

displaying the working A-3

discovery, Ethernet OAM 43-34

distribute-list command 36-108

DNS

and DHCP-based autoconfiguration 3-7

default configuration 5-16

displaying the configuration 5-17

in IPv6 37-4

overview 5-15

setting up 5-16

support for 1-3

DNS-based SSM mapping 44-19, 44-20

DoM

displaying supported transceivers 10-31

domain names, DNS 5-15

Domain Name System

See DNS

domains, ISO IGRP routing 36-62

dot1q-tunnel switchport mode 12-15

double-tagged packets

IEEE 802.1Q tunneling 14-3

Layer 2 protocol tunneling 14-22

downloading

configuration files

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-13

using RCP A-17

using TFTP A-11

image files

deleting old image A-27

preparing A-25, A-28, A-32

reasons for A-23

using FTP A-29

using RCP A-33

using TFTP A-26

using the device manager or Network Assistant A-23

drop eligibility indicator

See DEI

drop threshold for Layer 2 protocol packets 14-23

DRP

configuring 37-14

described 37-4

IPv6 37-4

DSCP

assured forwarding 34-9

classification 34-9

class selectors 34-9

default service 34-9

expedited forwarding 34-9

values 34-6

DUAL finite state machine, EIGRP 36-35

dual IPv4 and IPv6 templates 7-2, 37-5

dual protocol stacks

IPv4 and IPv6 37-5

SDM templates supporting 37-6

dual-purpose ports

default port type 10-7

defaults 10-21

defined 10-6

frame size 10-21

LEDs 10-7

setting the type 10-21

duplex mode, configuring 10-18

dynamic access ports

characteristics 12-5

configuring 12-26

defined 10-4

dynamic addresses

See addresses

dynamic ARP inspection

ARP cache poisoning 21-1

ARP requests, described 21-1

ARP spoofing attack 21-1

clearing

log buffer 21-15

statistics 21-15

configuration guidelines 21-6

configuring

ACLs for non-DHCP environments 21-8

in DHCP environments 21-7

log buffer 21-13

rate limit for incoming ARP packets 21-4, 21-10

default configuration 21-5

denial-of-service attacks, preventing 21-10

described 21-1

DHCP snooping binding database 21-2

displaying

ARP ACLs 21-14

configuration and operating state 21-14

log buffer 21-15

statistics 21-15

trust state and rate limit 21-14

error-disabled state for exceeding rate limit 21-4

function of 21-2

interface trust states 21-3

log buffer

clearing 21-15

configuring 21-13

displaying 21-15

logging of dropped packets, described 21-4

man-in-the middle attack, described 21-2

network security issues and interface trust states 21-3

priority of ARP ACLs and DHCP snooping entries 21-4

rate limiting of ARP packets

configuring 21-10

described 21-4

error-disabled state 21-4

statistics

clearing 21-15

displaying 21-15

validation checks, performing 21-12

Dynamic Host Configuration Protocol

See DHCP-based autoconfiguration

dynamic port VLAN membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

types of connections 12-26

dynamic routing

ISO CLNS 36-62

protocols 36-3

E

EBGP 36-42

editing features

enabling and disabling 2-6

keystrokes used 2-6

wrapped lines 2-8

EEM 3.2 31-5

EIGRP

authentication 36-39

components 36-35

configuring 36-37

default configuration 36-36

definition 36-34

interface parameters, configuring 36-38

monitoring 36-41

stub routing 36-40

support for 1-10

EIGRP IPv6 37-7

ELIN location 25-3

E-LMI

and OAM Manager 43-47

CE device configuration 43-53

configuration guidelines 43-49

configuring a CE device 43-52

configuring a PE device 43-52

default configuration 43-48

defined 43-47

enabling 43-52

information 43-47

monitoring 43-54

PE device configuration 43-53

embedded event manager

3.2 31-5

actions 31-4

configuring 31-1, 31-5

displaying information 31-7

environmental variables 31-4

event detectors 31-2

policies 31-4

registering and defining an applet 31-6

registering and defining a TCL script 31-7

understanding 31-1

enable password 8-3

enable secret password 8-3

encryption for passwords 8-3

Enhanced IGRP

See EIGRP

enhanced network interface

See ENI

enhanced object tracking

backup static routing 42-12

commands 42-1

defined 42-1

DHCP primary interface 42-11

HSRP 42-7

IP routing state 42-2

IP SLAs 42-9

line-protocol state 42-2

network monitoring with IP SLAs 42-11

routing policy, configuring 42-12

static route primary interface 42-10

tracked lists 42-3

ENI

configuring 10-17

described 10-2

protocol control packets on 33-1

environmental variables, embedded event manager 31-4

environment variables, function of 3-22

equal-cost routing 1-11, 36-97

error messages during command entry 2-4

EtherChannel

802.3ad, described 35-6

automatic creation of 35-4, 35-6

channel groups

binding physical and logical interfaces 35-3

numbering of 35-3

configuration guidelines 35-10

configuring

Layer 2 interfaces 35-11

Layer 3 physical interfaces 35-15

Layer 3 port-channel logical interfaces 35-14

default configuration 35-10

described 35-2

displaying status 35-22

forwarding methods 35-7, 35-17

interaction

with STP 35-10

with VLANs 35-11

LACP

described 35-6

displaying status 35-22

hot-standby ports 35-19

interaction with other features 35-7

modes 35-6

port priority 35-21

system priority 35-20

Layer 3 interface 36-3

load balancing 35-7, 35-17

logical interfaces, described 35-3

PAgP

aggregate-port learners 35-18

compatibility with Catalyst 1900 35-18

described 35-4

displaying status 35-22

interaction with other features 35-5

learn method and priority configuration 35-18

modes 35-5

support for 1-2

port-channel interfaces

described 35-3

numbering of 35-3

port groups 10-6

support for 1-2

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

Ethernet infrastructure 43-1

Ethernet Link Management Interface

See E-LMI

Ethernet Locked Signal (ETH-LCK) 43-25

Ethernet loopback

characteristics 43-44

Ethernet management port

and routing 10-13

and routing protocols 10-13

and TFTP 10-14

configuring 10-14

default setting 10-13

described 10-5, 10-12

for network management 10-5, 10-12

specifying 10-14

supported features 10-14

unsupported features 10-14

Ethernet management port, internal

and routing 10-13

and routing protocols 10-13

unsupported features 10-14

Ethernet OAM 43-34

and CFM interaction 43-54

configuration guidelines 43-35

configuring with CFM 43-55

default configuration 43-35

discovery 43-34

enabling 43-35, 43-56

link monitoring 43-34, 43-37

manager 43-1

messages 43-34

protocol

defined 43-33

monitoring 43-43

remote failure indications 43-34, 43-40

remote loopback 43-34, 43-36

templates 43-40

Ethernet OAM protocol 43-1

Ethernet OAM protocol CFM notifications 43-54

Ethernet operation, administration, and maintenance

See Ethernet OAM

Ethernet Remote Defect Indication (ETH-RDI) 43-24

Ethernet terminal loopback 34-98

Ethernet virtual connections

See EVCs

Ethernet VLANs

adding 12-9

defaults and ranges 12-8

modifying 12-9

EUI 37-3

EVCs

configuring 43-49

in CFM domains 43-47

event detectors, embedded event manager 31-2

events, RMON 28-3

examples

network configuration 1-15

expedited forwarding, DSCP 34-9

extended-range VLANs

creating with an internal VLAN ID 12-12

defined 12-1

extended system ID

MSTP 16-17

STP 15-4, 15-15

extended universal identifier

See EUI

Extensible Authentication Protocol over LAN 9-1

external BGP

See EBGP

external neighbors, BGP 36-46

F

Fa0 port

See Ethernet management port

Fast Convergence 19-3

fastethernet0 port

See Ethernet management port

features, incompatible 23-11

FIB 36-96

fiber-optic, detecting unidirectional links 26-1

files

copying A-4

crashinfo

description 46-21

displaying the contents of 46-21

location 46-21

deleting A-5

displaying the contents of A-8

tar

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-24

file system

displaying available file systems A-2

displaying file information A-3

local file system names A-1

network file system names A-4

setting the default A-3

filtering

in a VLAN 32-30

IPv6 traffic 39-3, 39-7

non-IP traffic 32-27

show and more command output 2-8

filtering show and more command output 2-8

filters, IP

See ACLs, IP

flash device, number of A-1

Flex Link Multicast Fast Convergence 19-3

Flex Links

configuration guidelines 19-8

configuring 19-8, 19-9

configuring preferred VLAN 19-11

configuring VLAN load balancing 19-10

default configuration 19-7

description 19-1

link load balancing 19-2

monitoring 19-14

VLANs 19-2

flooded traffic, blocking 23-7

flow control 1-2, 10-23

forward-delay time

MSTP 16-23

STP 15-22

Forwarding Information Base

See FIB

FTP

configuration files

downloading A-13

overview A-12

preparing the server A-13

uploading A-14

image files

deleting old image A-31

downloading A-29

preparing the server A-28

uploading A-31

G

general query 19-5

Generating IGMP Reports 19-3

get-bulk-request operation 30-3

get-next-request operation 30-3, 30-4

get-request operation 30-3, 30-4

get-response operation 30-3

global configuration mode 2-2

global leave, IGMP 22-11

H

hardware limitations and Layer 3 interfaces 10-26

hello time

MSTP 16-23

STP 15-21

help, for the command line 2-3

history

changing the buffer size 2-5

described 2-4

disabling 2-5

recalling commands 2-5

history table, level and number of syslog messages 29-10

host ports

configuring 13-11

kinds of 13-2

hosts, limit on dynamic ports 12-28

Hot Standby Router Protocol

See HSRP

HP OpenView 1-3

HSRP

authentication string 40-10

command-switch redundancy 1-6

configuration guidelines 40-5

configuring 40-5

default configuration 40-5

definition 40-1

monitoring 40-12

object tracking 42-7

overview 40-2

priority 40-7

routing redundancy 1-10

support for ICMP redirect messages 40-12

timers 40-10

tracking 40-8

HTTP(S) Over IPv6 37-8

I

IBPG 36-42

ICMP

IPv6 37-4

redirect messages 36-10

support for 1-11

time-exceeded messages 46-15

traceroute 46-15

unreachable messages 32-19

unreachable messages and IPv6 39-4

unreachables and ACLs 32-20

ICMP Echo operation

configuring 41-11

IP SLAs 41-11

ICMP ping

executing 46-10

overview 46-10

ICMP Router Discovery Protocol

See IRDP

ICMPv6 37-4

IDS appliances

and ingress RSPAN 27-20

and ingress SPAN 27-13

IEEE 802.1ad 14-13

IEEE 802.1ag 43-2

IEEE 802.1D

See STP

IEEE 802.1Q

and trunk ports 10-4

configuration limitations 12-15

encapsulation 12-15

native VLAN for untagged traffic 12-19

tunneling

compatibility with other features 14-6

defaults 14-4

described 14-2

tunnel ports with other features 14-6

IEEE 802.1s

See MSTP

IEEE 802.1w

See RSTP

IEEE 802.1x

See port-based authentication

IEEE 802.3ad

See EtherChannel

IEEE 802.3ah Ethernet OAM discovery 43-1

IEEE 802.3z flow control 10-23

ifIndex values, SNMP 30-5

IFS 1-4

IGMP

configurable leave timer, described 22-5

configurable leave timer, procedures 22-9

configuring the switch

as a member of a group 44-37

statically connected member 44-42

controlling access to groups 44-38

default configuration 44-37

deleting cache entries 44-46

displaying groups 44-47

fast switching 44-42

flooded multicast traffic

controlling flooding time 22-10

disabling on an interface 22-11

global leave 22-11

query solicitation 22-11

recovering from flood mode 22-11

host-query interval, modifying 44-40

joining multicast group 22-3

join messages 22-3

leave processing, enabling 22-9, 38-9

leaving multicast group 22-5

multicast reachability 44-37

overview 44-2

queries 22-3

report suppression

described 22-6

disabling 22-14, 38-11

supported versions 22-2

support for 1-2

Version 1

changing to Version 2 44-39

described 44-3

Version 2

changing to Version 1 44-39

described 44-3

maximum query response time value 44-41

pruning groups 44-41

query timeout value 44-41

IGMP configurable leave timer 22-5

IGMP filtering

configuring 22-25

default configuration 22-24

described 22-24

monitoring 22-29

support for 1-3

IGMP groups

configuring filtering 22-27

setting the maximum number 22-27

IGMP helper 44-5

IGMP leave timer, configuring 22-9

IGMP profile

applying 22-26

configuration mode 22-25

configuring 22-25

IGMP snooping

and address aliasing 22-2

configuring 22-6

default configuration 22-6, 38-5, 38-6

definition 22-1

enabling and disabling 22-7, 38-6

global configuration 22-7

Immediate Leave 22-5

monitoring 22-14, 38-11

querier

configuration guidelines 22-12

configuring 22-12

supported versions 22-2

support for 1-2

VLAN configuration 22-7

IGMP throttling

configuring 22-27

default configuration 22-25

described 22-24

displaying action 22-29

IGP 36-23

Immediate Leave, IGMP

configuration guidelines 22-9

described 22-5

enabling 22-9, 38-9

individual policers

configuration guidelines 34-46

configuring 34-46

initial configuration

defaults 1-12

inner CoS to outer CoS mapping 34-8

input policy maps

classification criteria 34-5

configuration guidelines 34-45

configuring 34-45

displaying statistics 34-98

interface

number 10-8

range macros 10-10

interface command 10-8

interface configuration, REP 18-9

interface configuration mode 2-2

interfaces

configuration guidelines, duplex and speed 10-18

configuring

duplex mode 10-18

procedure 10-8

speed 10-18

counters, clearing 10-31

described 10-25

descriptive name, adding 10-25

displaying information about 10-30

flow control 10-23

management 1-3

monitoring 10-30

naming 10-25

physical, identifying 10-8

range of 10-9

restarting 10-32

shutting down 10-32

status 10-30

supported 10-8

types of 10-1

interfaces range macro command 10-10

interface types 10-8

ENI 10-2

NNI 10-2

UNI 10-2

Interior Gateway Protocol

See IGP

Intermediate System-to-Intermediate System

See IS-IS

internal BGP

See IBGP

internal neighbors, BGP 36-46

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

inter-VLAN routing 1-11, 36-2

Intrusion Detection System

See IDS appliances

inventory management TLV 25-6

IP ACLs

for QoS classification 34-11

implicit deny 32-9, 32-13

implicit masks 32-9

named 32-14

undefined 32-20

IP addresses

128-bit 37-2

classes of 36-5

default configuration 36-4

discovering 5-31

for IP routing 36-4

IPv6 37-2

MAC address association 36-7

monitoring 36-16

virtual 40-13

IP broadcast address 36-14

ip cef distributed command 36-96

IP directed broadcasts 36-13

ip igmp profile command 22-25

IP information

assigned

manually 3-14

through DHCP-based autoconfiguration 3-3

default configuration 3-3

IP multicast routing

addresses

all-hosts 44-2

all-multicast-routers 44-2

host group address range 44-2

administratively-scoped boundaries, described 44-44

and IGMP snooping 22-1

Auto-RP

adding to an existing sparse-mode cloud 44-24

benefits of 44-24

clearing the cache 44-46

configuration guidelines 44-10

filtering incoming RP announcement messages 44-27

overview 44-6

preventing candidate RP spoofing 44-27

preventing join messages to false RPs 44-26

setting up in a new internetwork 44-24

using with BSR 44-32

bootstrap router

configuration guidelines 44-10

configuring candidate BSRs 44-30

configuring candidate RPs 44-31

defining the IP multicast boundary 44-29

defining the PIM domain border 44-28

overview 44-6

using with Auto-RP 44-32

Cisco implementation 44-1

configuring

basic multicast routing 44-10

IP multicast boundary 44-44

default configuration 44-9

enabling

multicast forwarding 44-11

PIM mode 44-12

group-to-RP mappings

Auto-RP 44-6

BSR 44-6

MBONE

deleting sdr cache entries 44-46

described 44-43

displaying sdr cache 44-47

enabling sdr listener support 44-43

limiting sdr cache entry lifetime 44-44

SAP packets for conference session announcement 44-43

Session Directory (sdr) tool, described 44-43

monitoring

packet rate loss 44-47

peering devices 44-47

tracing a path 44-47

multicast forwarding, described 44-7

PIMv1 and PIMv2 interoperability 44-9

reverse path check (RPF) 44-7

routing table

deleting 44-46

displaying 44-47

RP

assigning manually 44-22

configuring Auto-RP 44-24

configuring PIMv2 BSR 44-28

monitoring mapping information 44-33

using Auto-RP and BSR 44-32

statistics, displaying system and network 44-46

See also IGMP

See also PIM

IP packets, classification 34-6

IP Port Security for Static Hosts

on a Layer 2 access port 20-23

on a PVLAN host port 20-26

IP precedence

classification 34-9

values 34-6

IP protocols

routing 1-10

IP routes, monitoring 36-110

IP routing

connecting interfaces with 10-7

disabling 36-17

enabling 36-17

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 41-1

IP SLAs

benefits 41-2

CFM endpoint discovery 43-19

configuration guidelines 41-6

configuring object tracking 42-9

Control Protocol 41-4

default configuration 41-6

definition 41-1

ICMP echo operation 41-11

manually configuring CFM ping or jitter 43-18

measuring network performance 41-3

monitoring 41-13

multioperations scheduling 41-5

object tracking 42-9

operation 41-3

reachability tracking 42-9

responder

described 41-4

enabling 41-7

response time 41-4

scheduling 41-5

SNMP support 41-2

supported metrics 41-2

threshold monitoring 41-6

track object monitoring agent, configuring 42-11

track state 42-9

UDP jitter operation 41-8

IP source guard

and 802.1x 20-21

and DHCP snooping 20-19

and EtherChannels 20-21

and port security 20-21

and private VLANs 20-21

and routed ports 20-21

and TCAM entries 20-21

and trunk interfaces 20-21

and VRF 20-21

binding configuration

automatic 20-19

manual 20-19

binding table 20-19

configuration guidelines 20-21

default configuration 20-21

described 20-19

disabling 20-22

displaying

bindings 20-28

configuration 20-28

enabling 20-22, 20-23

filtering

source IP address 20-19

source IP and MAC address 20-20

source IP address filtering 20-19

source IP and MAC address filtering 20-20

static bindings

adding 20-22, 20-23

deleting 20-22

static hosts 20-23

IP traceroute

executing 46-15

overview 46-14

IP unicast routing

address resolution 36-7

administrative distances 36-98, 36-109

ARP 36-7

assigning IP addresses to Layer 3 interfaces 36-5

authentication keys 36-109

broadcast

address 36-14

flooding 36-15

packets 36-12

storms 36-12

classless routing 36-6

configuring static routes 36-97

default

addressing configuration 36-4

gateways 36-10

networks 36-99

routes 36-99

routing 36-2

directed broadcasts 36-13

disabling 36-17

dynamic routing 36-3

enabling 36-17

EtherChannel Layer 3 interface 36-3

IGP 36-23

inter-VLAN 36-2

IP addressing

classes 36-5

configuring 36-4

IPv6 37-2

IRDP 36-11

Layer 3 interfaces 36-3

MAC address and IP address 36-7

passive interfaces 36-107

proxy ARP 36-8

redistribution 36-100

reverse address resolution 36-7

routed ports 36-3

static routing 36-2

steps to configure 36-3

subnet mask 36-5

subnet zero 36-5

supernet 36-6

UDP 36-14

with SVIs 36-3

See also BGP

See also EIGRP

See also IS-IS

See also OSPF

See also RIP

IPv4 ACLs

applying to interfaces 32-19

extended, creating 32-10

named 32-14

standard, creating 32-9

IPv6

ACLs

displaying 39-8

limitations 39-3

matching criteria 39-3

port 39-2

precedence 39-2

router 39-2

supported 39-2

addresses 37-2

address formats 37-2

applications 37-5

assigning address 37-11

autoconfiguration 37-5

CEFv6 37-21

default configuration 37-11

default router preference (DRP) 37-4

defined 37-1

Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 37-7

Router ID 37-7

feature limitations 37-10

features not supported 37-9

forwarding 37-11

ICMP 37-4

neighbor discovery 37-4

OSPF 37-7

path MTU discovery 37-4

SDM templates 7-2, 38-1, 39-1

Stateless Autoconfiguration 37-5

supported features 37-2

switch limitations 37-10

understanding static routes 37-7

IPv6 traffic, filtering 39-3

IRDP

configuring 36-11

definition 36-11

support for 1-11

IS-IS

addresses 36-62

area routing 36-62

default configuration 36-63

monitoring 36-71

show commands 36-71

support for 1-10

system routing 36-62

ISL trunking with IEEE 802.1 tunneling 14-5

ISO CLNS

clear commands 36-71

dynamic routing protocols 36-62

monitoring 36-71

NETs 36-62

NSAPs 36-62

OSI standard 36-62

ISO IGRP

area routing 36-62

system routing 36-62

isolated port 13-2

isolated VLANs 13-2, 13-3

ITU-T Y.1731

See Y.1731

J

join messages, IGMP 22-3

K

KDC

described 8-33

See also Kerberos

keepalive command 10-17

keepalive messages 15-3

keepalive messages, default 10-17

Kerberos

authenticating to

boundary switch 8-35

KDC 8-35

network services 8-36

configuration examples 8-33

configuring 8-36

credentials 8-33

cryptographic software image 8-33

described 8-33

KDC 8-33

operation 8-35

realm 8-34

server 8-34

support for 1-8

switch as trusted third party 8-33

terms 8-34

TGT 8-35

tickets 8-33

key distribution center

See KDC

L

l2protocol forward command 14-14

l2protocol peer command 14-14

l2protocol-tunnel command 14-25

LACP

Layer 2 protocol tunneling 14-22

See EtherChannel

Layer 2 interfaces, default configuration 10-15

Layer 2 packets, classification 34-6

Layer 2 protocol packets, and control-plane security 33-2

Layer 2 protocol tunneling

configuring 14-22

configuring for EtherChannels 14-26

default configuration 14-23

defined 14-20

layer-2 template 7-1

Layer 2 traceroute

and ARP 46-14

and CDP 46-13

broadcast traffic 46-13

described 46-13

IP addresses and subnets 46-14

MAC addresses and VLANs 46-13

multicast traffic 46-13

multiple devices on a port 46-14

unicast traffic 46-13

usage guidelines 46-13

Layer 3 features 1-10

Layer 3 interfaces

assigning IP addresses to 36-5

assigning IPv4 and IPv6 addresses to 37-15

assigning IPv6 addresses to 37-12

changing from Layer 2 mode 36-5, 36-88

types of 36-3

LDAP 4-2

Leaking IGMP Reports 19-4

lightweight directory access protocol

See LDAP

line configuration mode 2-2

Link Aggregation Control Protocol

See EtherChannel

Link Failure, detecting unidirectional 16-8

link integrity, verifying with REP 18-3

Link Layer Discovery Protocol

See CDP

link local unicast addresses 37-3

link monitoring, Ethernet OAM 43-34, 43-37

link redundancy

See Flex Links

links, unidirectional 26-1

link state advertisements (LSAs) 36-30

link-state tracking

configuration guidelines 35-24

configuring 35-24

described 35-22

LLDP

configuring 25-3

characteristics 25-4

default configuration 25-3

disabling and enabling

globally 25-5

on an interface 25-5

monitoring and maintaining 25-8

overview 25-1

supported TLVs 25-2

transmission timer and holdtime, setting 25-4

LLDP-MED

configuring 25-3

configuring TLVs 25-6

monitoring and maintaining 25-8

overview 25-1, 25-2

supported TLVs 25-2

LLDP Media Endpoint Discovery

See LLDP-MED

load balancing 40-4, 40-13

local SPAN 27-2

location TLV 25-3, 25-6

logging messages, ACL 32-8

login authentication

with RADIUS 8-24

with TACACS+ 8-14

login banners 5-17

log messages

See system message logging

loop guard

described 17-5

enabling 17-10

support for 1-6

M

MAC addresses

aging time 5-21

and VLAN association 5-20

building the address table 5-20

default configuration 5-21

disabling learning on a VLAN 5-30

discovering 5-31

displaying 5-31

displaying in the IP source binding table 20-28

dynamic

learning 5-20

removing 5-22

in ACLs 32-27

IP address association 36-7

static

adding 5-28

allowing 5-29, 5-30

characteristics of 5-27

dropping 5-29

removing 5-28

virtual 40-13

MAC address learning, disabling on a VLAN 5-30

MAC address notification, support for 1-11

MAC address-table move update

configuration guidelines 19-8

configuring 19-12

default configuration 19-7

description 19-6

monitoring 19-14

MAC address-to-VLAN mapping 12-23

MAC extended access lists

applying to Layer 2 interfaces 32-29

configuring for QoS 34-40

creating 32-27

defined 32-27

macros

See command macros

Maintenance end points

See MEPs

Maintenance intermediate points

See MIPs

manageability features 1-3

management access

in-band

CLI session 1-4

SNMP 1-4

out-of-band console port connection 1-4

management options

CLI 2-1

CNS 4-1

overview 1-3

manual preemption, REP, configuring 18-13

marking

action with aggregate policers 34-54

described 34-2, 34-16

match command, QoS

for classification 34-3, 34-7

guidelines 34-41

matching, IPv4 ACLs 32-7

matching classifications, QoS 34-7

maximum aging time

MSTP 16-24

STP 15-22

maximum hop count, MSTP 16-24

maximum number of allowed devices, port-based authentication 9-13

maximum-paths command 36-50, 36-97

ME 34000EG-2CS switch policers 33-4

ME 3400E-24TS switch policers 33-4

ME 3400EG-12CS switch policers 33-4

media-type command 10-21

membership mode, VLAN port 12-5

MEPs

and STP 43-4

defined 43-3

messages

Ethernet OAM 43-34

to users through banners 5-17

metrics, in BGP 36-50

metric translations, between routing protocols 36-104

metro tags 14-2

MHSRP 40-4

MIBs

overview 30-1

SNMP interaction with 30-4

MIPs

and STP 43-4

defined 43-4

mirroring traffic for analysis 27-1

mismatches, autonegotiation 46-8

modular QoS command-line interface

See MQC

module number 10-8

monitoring

access groups 32-41

BGP 36-61

cables for unidirectional links 26-1

CDP 24-5

CEF 36-96

control-plane security 33-7

EIGRP 36-41

E-LMI 43-54

Ethernet CFM 43-31, 43-32

Ethernet OAM 43-43

Ethernet OAM protocol 43-43

features 1-11

Flex Links 19-14

HSRP 40-12

IEEE 802.1Q tunneling 14-30

IGMP

filters 22-29

snooping 22-14, 38-11

interfaces 10-30

IP

address tables 36-16

multicast routing 44-46

routes 36-110

IP SLAs operations 41-13

IPv4 ACL configuration 32-41

IPv6 ACL configuration 39-8

IS-IS 36-71

ISO CLNS 36-71

Layer 2 protocol tunneling 14-30

MAC address-table move update 19-14

MSDP peers 45-17

multicast router interfaces 22-15, 38-12

multi-VRF CE 36-95

MVR 22-23

network traffic for analysis with probe 27-2

OAM manager 43-54

object tracking 42-12

OSPF 36-34

port

blocking 23-18

protection 23-18

private VLANs 13-15

QoS 34-98

REP 18-14

RP mapping information 44-33

SFPs

status 10-31

SFP status 1-12, 10-31, 46-9

source-active messages 45-17

speed and duplex mode 10-20

SSM mapping 44-22

traffic flowing among switches 28-1

traffic suppression 23-18

tunneling 14-30

VLAN

filters 32-42

maps 32-42

VLANs 12-14

VMPS 12-28

MQC

process 34-3

steps to configure 34-3

mrouter Port 19-3

mrouter port 19-5

MSDP

benefits of 45-3

clearing MSDP connections and statistics 45-17

controlling source information

forwarded by switch 45-11

originated by switch 45-8

received by switch 45-13

default configuration 45-3

dense-mode regions

sending SA messages to 45-15

specifying the originating address 45-16

filtering

incoming SA messages 45-13

SA messages to a peer 45-11

SA requests from a peer 45-10

join latency, defined 45-6

meshed groups

configuring 45-14

defined 45-14

originating address, changing 45-16

overview 45-1

peer-RPF flooding 45-2

peers

configuring a default 45-4

monitoring 45-17

peering relationship, overview 45-1

requesting source information from 45-7

shutting down 45-15

source-active messages

caching 45-6

clearing cache entries 45-18

defined 45-2

filtering from a peer 45-10

filtering incoming 45-13

filtering to a peer 45-11

limiting data with TTL 45-12

monitoring 45-17

restricting advertised sources 45-8

support for 1-11

MSTP

boundary ports

configuration guidelines 16-15

described 16-6

BPDU filtering

described 17-3

enabling 17-8

BPDU guard

described 17-3

enabling 17-7

CIST, described 16-3

CIST regional root

CIST root 16-5

configuration guidelines 16-15, 17-6

configuring

forward-delay time 16-23

hello time 16-23

link type for rapid convergence 16-25

maximum aging time 16-24

maximum hop count 16-24

MST region 16-16

neighbor type 16-25

path cost 16-21

port priority 16-19

root switch 16-17

secondary root switch 16-19

switch priority 16-22

CST

defined 16-3

operations between regions 16-3

default configuration 16-14

default optional feature configuration 17-5

displaying status 16-27

enabling the mode 16-16

EtherChannel guard

described 17-3

enabling 17-9

extended system ID

effects on root switch 16-17

effects on secondary root switch 16-19

unexpected behavior 16-18

IEEE 802.1s

implementation 16-6

port role naming change 16-7

instances supported 15-10

interface state, blocking to forwarding 17-2

interoperability and compatibility among modes 15-10

interoperability with 802.1D

described 16-8

restarting migration process 16-26

IST

defined 16-2

master 16-3

operations within a region 16-3

loop guard

described 17-5

enabling 17-10

mapping VLANs to MST instance 16-16

MST region

CIST 16-3

configuring 16-16

described 16-2

hop-count mechanism 16-5

IST 16-2

supported spanning-tree instances 16-2

optional features supported 1-6

overview 16-2

Port Fast

described 17-2

enabling 17-6

preventing root switch selection 17-4

root guard

described 17-4

enabling 17-10

root switch

configuring 16-18

effects of extended system ID 16-17

unexpected behavior 16-18

shutdown Port Fast-enabled port 17-3

status, displaying 16-27

multicast Ethernet loopback (ETH-LB) 43-25

multicast Ethernet loopback, using 43-30

multicast groups

Immediate Leave 22-5

leaving 22-5

static joins 22-8, 38-8

multicast packets

ACLs on 32-41

multicast router interfaces, monitoring 22-15, 38-12

multicast router ports, adding 22-7, 38-8

Multicast Source Discovery Protocol

See MSDP

multicast storm 23-1

multicast storm-control command 23-4

multicast television application 22-16

multicast VLAN 22-15

Multicast VLAN Registration

See MVR

multioperations scheduling, IP SLAs 41-5

Multiple HSRP

See MHSRP

multiple VPN routing/forwarding in customer edge devices

See multi-VRF CE

multi-VRF CE

configuration example 36-91

configuration guidelines 36-85

configuring 36-84

default configuration 36-84

defined 1-18, 36-82

displaying 36-95

monitoring 36-95

network components 36-84

packet-forwarding process 36-84

support for 1-11

MVR

and address aliasing 22-19

and IGMPv3 22-19

configuration guidelines 22-18

configuring interfaces 22-21

default configuration 22-18

described 22-15

example application 22-16

in the switch stack 22-18

modes 22-20

monitoring 22-23

multicast television application 22-16

setting global parameters 22-19

support for 1-3

MVRoT, guidelines 22-18

MVR over trunk ports

See MVRoT

N

named IPv4 ACLs 32-14

named IPv6 ACLs 39-3

NameSpace Mapper

See NSM

native VLAN

and IEEE 802.1Q tunneling 14-4

configuring 12-19

default 12-19

NEAT

configuring 9-24

overview 9-9

neighbor discovery, IPv6 37-4

neighbor discovery/recovery, EIGRP 36-35

neighbor offset numbers, REP 18-4

neighbors, BGP 36-56

Network Edge Access Topology

See NEAT

network management

CDP 24-1

RMON 28-1

SNMP 30-1

network node interface

See NNI

network performance, measuring with IP SLAs 41-3

network policy TLV 25-7

Network Time Protocol

See NTP

NNI

configuring 10-17

described 10-2

protocol control packets on 33-1

NNIs, 802.1ad 14-13

no commands 2-4

non-IP traffic filtering 32-27

Nonstop Forwarding Awareness

See NSF Awareness

nontrunking mode 12-15

normal-range VLANs

characteristics 12-3

configuring 12-7

defined 12-1

no switchport command 10-5

not-so-stubby areas

See NSSA

NSAPs, as ISO IGRP addresses 36-62

NSF Awareness

BGP 36-46

EIGRP 36-37

IS-IS 36-64

OSPF 36-25

NSM 4-3

NSSA, OSPF 36-30

NTP

associations

authenticating 5-5

defined 5-2

enabling broadcast messages 5-7

peer 5-6

server 5-6

default configuration 5-4

displaying the configuration 5-11

overview 5-2

restricting access

creating an access group 5-8

disabling NTP services per interface 5-10

source IP address, configuring 5-10

stratum 5-2

support for 1-4

synchronizing devices 5-6

time

services 5-2

synchronizing 5-2

O

OAM

client 43-33

features 43-34

sublayer 43-33

OAM manager

and E-LMI 43-47

configuration guidelines 43-49

configuring 43-49, 43-55

monitoring 43-54

purpose of 43-47

with CFM 43-48

with CFM and Ethernet OAM 43-54

OAM PDUs 43-35

OAM protocol data units 43-33

OBFL

configuring 46-22

described 46-22

displaying 46-23

object tracking

HSRP 42-7

IP SLAs 42-9

IP SLAs, configuring 42-9

monitoring 42-12

on-board failure logging

See OBFL

online diagnostics

described 47-1

overview 47-1

running tests 47-5

Open Shortest Path First

See OSPF

optimizing system resources 7-1

options, management 1-3

OSPF

area parameters, configuring 36-30

configuring 36-25

default configuration

metrics 36-31

route 36-31

settings 36-24

described 36-23

for IPv6 37-7

interface parameters, configuring 36-26

LSA group pacing 36-32

monitoring 36-34

network types, configuring 36-29

router IDs 36-33

route summarization 36-31

support for 1-10

virtual links 36-31

output policies 34-5

output policy maps

classification criteria 34-5

configuration guidelines 34-65

configuring 34-65

displaying statistics 34-99

P

packet classification

defined 34-6

to organize traffic 34-2

packet marking

configuring 34-58

defined 34-21

packet policing, for QoS 34-2

PAgP

Layer 2 protocol tunneling 14-22

See EtherChannel

parallel paths, in routing tables 36-97

parent policies, QoS 34-13, 34-28

passive interfaces

configuring 36-107

OSPF 36-31

passwords

default configuration 8-2

disabling recovery of 8-5

encrypting 8-3

for security 1-7

overview 8-1

recovery of 46-3

setting

enable 8-3

enable secret 8-3

Telnet 8-6

with usernames 8-6

path cost

MSTP 16-21

STP 15-19

path MTU discovery 37-4

PBR

defined 36-104

enabling 36-106

fast-switched policy-based routing 36-107

local policy-based routing 36-107

peers, BGP 36-56

percentage thresholds in tracked lists 42-6

performance features 1-2

periodic data collection and transfer mechanism 30-6

per-port, per-VLAN policy maps, configuration guidelines 34-60

per-port facility loopback

defined 43-44

per-port per VLAN policing 34-13, 34-60

per-VLAN spanning-tree plus

See PVST+

PE to CE routing, configuring 36-90

physical ports 10-3

PIM

default configuration 44-9

dense mode

overview 44-4

rendezvous point (RP), described 44-4

RPF lookups 44-8

displaying neighbors 44-47

enabling a mode 44-12

overview 44-3

router-query message interval, modifying 44-36

shared tree and source tree, overview 44-33

shortest path tree, delaying the use of 44-35

sparse mode

join messages and shared tree 44-4

overview 44-4

prune messages 44-4

RPF lookups 44-8

stub routing

configuration guidelines 44-12

enabling 44-13

overview 44-5

support for 1-11

versions

interoperability 44-9

troubleshooting interoperability problems 44-33

v2 improvements 44-3

ping

executing 46-10

overview 46-10

police aggregate command 34-57

police command, with individual policers 34-46, 34-63

policer aggregate command 34-54

policer configuration

default for ENIs and UNIs 33-4

default for NNIs 33-6

policer instances supported 34-4

policers

configuring for more than one traffic class 34-54

described 34-2

number supported per port 34-4

policing

aggregate in input policy maps 34-18

described 34-2

individual in input policy maps 34-16

priority in output policy maps 34-20

QoS 34-16

policy-based routing

See PBR

policy-map command 34-3

policy-map marking, configuration guidelines 34-58

policy maps

attaching 34-4, 34-44

configuration examples 34-99

described 34-16

input

configuring 34-45

described 34-4

output

configuring 34-65

described 34-4

port ACLs

defined 32-2

types of 32-3

Port Aggregation Protocol

See EtherChannel

port-based authentication

accounting 9-5

authentication server

defined 9-3

RADIUS server 9-3

client, defined 9-2

configuration guidelines 9-12

configuring

802.1x authentication 9-13

host mode 9-21

manual re-authentication of a client 9-18

periodic re-authentication 9-17

quiet period 9-18

RADIUS server 9-15

RADIUS server parameters on the switch 9-14

switch-to-client frame-retransmission number 9-20

switch-to-client retransmission time 9-19

violation modes 9-17

default configuration 9-11

described 9-1

device roles 9-2

displaying statistics 9-26

EAPOL-start frame 9-3

EAP-request/identity frame 9-3

EAP-response/identity frame 9-3

encapsulation 9-3

host mode 9-6

initiation and message exchange 9-3

maximum number of allowed devices per port 9-13

method lists 9-13

multiple-hosts mode, described 9-6

ports

authorization state and dot1x port-control command 9-4

authorized and unauthorized 9-4

port security

described 9-7

readiness check

configuring 9-16

described 9-7, 9-16

resetting to default values 9-22

statistics, displaying 9-26

switch

as proxy 9-3

RADIUS client 9-3

switch supplicant

configuring 9-24

overview 9-9

user distribution

guidelines 9-8

overview 9-8

VLAN assignment

AAA authorization 9-13

characteristics 9-7

configuration tasks 9-8

described 9-7

port blocking 1-2, 23-6

port-channel

See EtherChannel

Port Fast

described 17-2

enabling 17-6

support for 1-6

port membership modes, VLAN 12-4

port priority

MSTP 16-19

STP 15-17

ports

access 10-4

blocking 23-6

dual-purpose 10-6

dynamic access 12-5

IEEE 802.1Q tunnel 12-5

protected 23-5

REP 18-6

routed 10-5

secure 23-8

static-access 12-5, 12-11

switch 10-3

trunks 12-5, 12-15

VLAN assignments 12-11

port security

aging 23-15

and private VLANs 23-16

configuration guidelines 23-10

configuring 23-12

default configuration 23-10

described 23-8

displaying 23-18

enabling 23-17

on trunk ports 23-13

sticky learning 23-9

violations 23-9

with other features 23-10

port shaping

configuring 34-70

described 34-27

port-shutdown response, VMPS 12-24

port types 10-2

power 25-7

power management TLV 25-7

preempt delay time, REP 18-5

preemption, default configuration 19-7

preemption delay, default configuration 19-7

preferential treatment of traffic

See QoS

prefix lists, BGP 36-54

preventing unauthorized access 8-1

primary edge port, REP 18-4

primary interface for object tracking, DHCP, configuring 42-11

primary interface for static routing, configuring 42-10

primary links 19-2

primary VLANs 13-1, 13-3

priority

HSRP 40-7

priority command 34-20

configuring strict priority queuing 34-71

for QoS scheduling 34-26

for strict priority queuing 34-30

priority policing, described 34-20

priority queues

configuring 34-71

described 34-30

for QoS scheduling 34-26

priority with police 34-31

commands 34-20

configuring 34-73

described 34-30

priority with unconditional policing, QoS 34-26

private VLANs

across multiple switches 13-4

and SVIs 13-5

and UNI VLANs 12-13

benefits of 13-1

community ports 13-3

community VLANs 13-2, 13-3

configuration guidelines 13-6, 13-7, 13-8

configuration tasks 13-6

configuring 13-10

default configuration 13-6

end station access to 13-3

IP addressing 13-4

isolated port 13-2

isolated VLANs 13-2, 13-3

mapping 13-13

monitoring 13-15

ports

community 13-3

configuration guidelines 13-8

configuring host ports 13-11

configuring promiscuous ports 13-12

described 12-5

isolated 13-2

promiscuous 13-2

primary VLANs 13-1, 13-3

promiscuous ports 13-2

secondary VLANs 13-2

subdomains 13-1

traffic in 13-5

privileged EXEC mode 2-2

privilege levels

changing the default for lines 8-9

exiting 8-9

logging into 8-9

overview 8-2, 8-7

setting a command with 8-8

promiscuous ports

configuring 13-12

defined 13-2

protected ports 23-5

protocol control packets 33-1

protocol-dependent modules, EIGRP 36-35

Protocol-Independent Multicast Protocol

See PIM

provider edge devices 1-18, 36-83

proxy ARP

configuring 36-10

definition 36-8

with IP routing disabled 36-10

proxy reports 19-3

PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Q

QinQ

See IEEE 802.1Q tunneling

QinQ QoS classification

configuration examples 34-85

QoS

802.1ad, configuring 34-89

aggregate policers 34-18

and MQC 34-1

basic model 34-2

CBWFQ 34-28

CBWFQ, configuring 34-67

CIR bandwidth 34-29

class-based shaping, described 34-27

classification

ACL lookup 34-11

based on CoS value 34-8

based on DSCP 34-9

based on IP precedence 34-9

based on QoS group 34-12

based on VLAN IDs 34-13, 34-60

class maps, described 34-7

comparisons 34-10

criteria 34-6

in frames and packets 34-6

policy maps, described 34-16

class maps, configuration guidelines 34-41

class maps, configuring 34-41

configuration examples

adding customers 34-101

adding or deleting a class 34-104

adding or deleting classification criteria 34-101, 34-102

adding or deleting configured actions 34-103

changing queuing or scheduling parameters 34-103

configuration guidelines

aggregate policers 34-54

CBWFQ 34-67

class-based shaping 34-69

class maps 34-41

general 34-35

individual policers 34-46

input policy maps 34-45

marking 34-58

output policy maps 34-65

unconditional priority policing 34-73

WTD 34-76

configuring

aggregate policers 34-54

class-based shaping 34-69

classification with IP ACLs 34-37

class maps 34-41

individual policers 34-47, 34-50

individual policing 34-46, 34-63

input policy maps with marking 34-58

IP ACLs 34-37

MAC ACLs 34-40

output policy maps 34-65

port shaping 34-70

priority queues 34-71

queue size 34-32

requirements 34-35

service policies 34-44

strict priority queuing 34-71

table maps 34-43

unconditional priority policing 34-73

WTD 34-75, 34-76

congestion avoidance 34-2, 34-32

congestion management 34-2, 34-26

CPU-generated traffic

configuring output policy classification criteria 34-5

configuring QoS group number 34-12

configuring queue-limit 34-76

output remarking 34-6

default configuration 34-35

initial configuration example 34-99

input policy maps

configuring 34-45

described 34-5

IP packet classification 34-6

Layer 2 packet classification 34-6

Layer 3 packet classification 34-6

marking, described 34-2

match command 34-7

output policy maps

configuring 34-66

described 34-5

overview 34-1

packet classification 34-2

packet marking 34-21

packet policing 34-2

parent-child hierarchy 34-13, 34-28

parent-level VLAN class 34-79

per-port, per-VLAN hierarchical policy maps

configuring 34-60

described 34-13

policers

configuring 34-47, 34-50, 34-56, 34-74

described 34-16

policing

aggregate 34-18

described 34-2, 34-16

individual 34-16

priority 34-20

policy maps

attaching 34-44

attaching to an interface 34-19

displaying statistics 34-98

port shaping, described 34-27

preconfiguration 34-35

priority policing, described 34-20

priority with police 34-30

queue size 34-32

scheduling 34-26

CBWFQ 34-26

priority queuing 34-26

traffic shaping 34-26

strict priority queuing 34-30

support for 1-9

table maps 34-15

testing 34-98

traffic shaping, described 34-26

unconditional priority policing 34-30

WTD 34-32

QoS ACL

configuration guidelines 34-37

QoS ACLs

configuring IP extended 34-39

configuring IP standard 34-37, 34-38

configuring MAC 34-40

QoS groups

classification 34-12, 34-13, 34-60

described 34-5, 34-12

QoS information, displaying 34-98

quality of service

See QoS

queries, IGMP 22-3

query solicitation, IGMP 22-11

queue bandwidth and queue size, relationship 34-34

queue-limit command, QoS 34-32, 34-33, 34-75

queue size, QoS, managing 34-32

R

RADIUS

attributes

vendor-proprietary 8-31

vendor-specific 8-30

configuring

accounting 8-29

authentication 8-24

authorization 8-28

communication, global 8-22, 8-30

communication, per-server 8-21, 8-22

multiple UDP ports 8-22

default configuration 8-21

defining AAA server groups 8-26

displaying the configuration 8-32

identifying the server 8-21

limiting the services to the user 8-28

method list, defined 8-21

operation of 8-19

overview 8-18

server load balancing 8-32

suggested network environments 8-18

support for 1-8

tracking services accessed by user 8-29

range

macro 10-10

of interfaces 10-9

rapid convergence 16-10

rapid per-VLAN spanning-tree plus

See rapid PVST+

rapid PVST+

802.1Q trunking interoperability 15-11

described 15-9

instances supported 15-10

Rapid Spanning Tree Protocol

See RSTP

RARP 36-8

rate-limiting threshold, CPU protection 33-6

RCP

configuration files

downloading A-17

overview A-15

preparing the server A-16

uploading A-18

image files

deleting old image A-35

downloading A-33

preparing the server A-32

uploading A-35

reachability, tracking IP SLAs IP host 42-9

readiness check

port-based authentication

configuring 9-16

described 9-7, 9-16

reconfirmation interval, VMPS, changing 12-27

reconfirming dynamic VLAN membership 12-27

recovery procedures 46-1

redundancy

EtherChannel 35-3

GLBP 40-13

HSRP 40-2

STP

backbone 15-8

path cost 12-21

port priority 12-20

reliable transport protocol, EIGRP 36-35

reloading software 3-23

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

remote failure indications 43-34

remote failure indications, Ethernet OAM 43-40

remote loopback, Ethernet OAM 43-34, 43-36

Remote Network Monitoring

See RMON

Remote SPAN

See RSPAN

remote SPAN 27-2

REP

administrative VLAN 18-8

administrative VLAN, configuring 18-8

age timer 18-8

and STP 18-6

configuration guidelines 18-7

configuring interfaces 18-9

convergence 18-4

default configuration 18-7

manual preemption, configuring 18-13

monitoring 18-14

neighbor offset numbers 18-4

open segment 18-2

ports 18-6

preempt delay time 18-5

primary edge port 18-4

ring segment 18-2

secondary edge port 18-4

segments 18-1

characteristics 18-2

SNMP traps, configuring 18-13

supported interfaces 18-1

triggering VLAN load balancing 18-5

verifying link integrity 18-3

VLAN blocking 18-12

VLAN load balancing 18-4

report suppression, IGMP

described 22-6

disabling 22-14, 38-11

resequencing ACL entries 32-14

reserved addresses in DHCP pools 20-17

resets, in BGP 36-49

resetting a UDLD-shutdown interface 26-6

Resilient Ethernet Protocol

See REP

responder, IP SLAs

described 41-4

enabling 41-7

response time, measuring with IP SLAs 41-4

restricting access

NTP services 5-8

overview 8-1

passwords and privilege levels 8-2

RADIUS 8-18

TACACS+ 8-10

retry count, VMPS, changing 12-27

reverse address resolution 36-7

Reverse Address Resolution Protocol

See RARP

RFC

1112, IP multicast and IGMP 22-2

1157, SNMPv1 30-2

1305, NTP 5-2

1587, NSSAs 36-23

1757, RMON 28-2

1901, SNMPv2C 30-2

1902 to 1907, SNMPv2 30-2

2236, IP multicast and IGMP 22-2

2273-2275, SNMPv3 30-2

2475, DSCP 34-10

2597, AF per-hop behavior 34-10

2598, EF 34-10

RIP

advertisements 36-18

authentication 36-21

configuring 36-19

default configuration 36-18

described 36-18

for IPv6 37-7

hop counts 36-18

summary addresses 36-22

support for 1-10

RMON

default configuration 28-3

displaying status 28-6

enabling alarms and events 28-3

groups supported 28-2

overview 28-1

statistics

collecting group Ethernet 28-5

collecting group history 28-5

support for 1-12

root guard

described 17-4

enabling 17-10

support for 1-6

root switch

MSTP 16-17

STP 15-15

route calculation timers, OSPF 36-31

route dampening, BGP 36-60

routed packets, ACLs on 32-40

routed ports

configuring 36-3

defined 10-5

IP addresses on 10-26, 36-3

route-map command 36-106

route maps

BGP 36-52

policy-based routing 36-104

router ACLs

defined 32-2

types of 32-4

route reflectors, BGP 36-59

router ID, OSPF 36-33

route selection, BGP 36-50

route summarization, OSPF 36-31

route targets, VPN 36-84

routing

default 36-2

dynamic 36-3

IPv6 traffic 37-2

redistribution of information 36-100

static 36-2

routing domain confederation, BGP 36-59

Routing Information Protocol

See RIP

routing protocol administrative distances 36-98

RSPAN

characteristics 27-7

configuration guidelines 27-16

default configuration 27-9

defined 27-2

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-12, 27-1

received traffic 27-4

session limits 27-10

sessions

creating 27-17

defined 27-3

limiting source traffic to specific VLANs 27-21

specifying monitored ports 27-17

with ingress traffic enabled 27-20

source ports 27-5

transmitted traffic 27-5

VLAN-based 27-6

RSPAN VLANs, and UNI VLANs 12-13

RSTP

active topology 16-9

BPDU

format 16-12

processing 16-13

designated port, defined 16-9

designated switch, defined 16-9

interoperability with 802.1D

described 16-8

restarting migration process 16-26

topology changes 16-13

overview 16-8

port roles

described 16-9

synchronized 16-11

proposal-agreement handshake process 16-10

rapid convergence

described 16-10

edge ports and Port Fast 16-10

point-to-point links 16-10, 16-25

root ports 16-10

root port, defined 16-9

See also MSTP

running configuration

replacing A-19, A-20

rolling back A-19, A-20

running configuration, saving 3-15

S

scheduled reloads 3-23

scheduling, IP SLAs operations 41-5

scheduling, QoS 34-26

SCP

and SSH 8-42

configuring 8-42

SDM

described 7-1

templates

configuring 7-4

number of 7-1

SDM template

configuration guidelines 7-4

configuring 7-3

default 7-1

dual IPv4 and IPv6 7-2

layer 2 7-1

types of 7-1

secondary edge port, REP 18-4

secondary VLANs 13-2

Secure Copy Protocol

secure MAC addresses

deleting 23-14

maximum number of 23-9

types of 23-8

secure ports, configuring 23-8

secure remote connections 8-38

Secure Shell

See SSH

security, port 23-8

security features 1-7

See SCP

sequence numbers in log messages 29-8

service-policy command

attaching policy maps 34-4

guidelines 34-66

using 34-44

service-provider network, MSTP and RSTP 16-1

service-provider networks

and customer VLANs 14-2

and IEEE 802.1Q tunneling 14-2

Layer 2 protocols across 14-20

Layer 2 protocol tunneling for EtherChannels 14-22

set command

for QoS marking 34-21

guidelines 34-58

set-request operation 30-4

severity levels, defining in system messages 29-8

SFPs

monitoring status of 1-12, 10-31, 46-9

security and identification 46-8

status, displaying 1-12

shape average command, QoS 34-26, 34-27, 34-69

shaped round robin

See SRR

show access-lists hw-summary command 32-21

show and more command output, filtering 2-8

show cdp traffic command 24-5

show configuration command 10-25

show forward command 46-19

show interfaces command 10-20, 10-25

show interfaces switchport 19-4

show l2protocol command 14-26, 14-27, 14-28

show lldp traffic command 25-8

show platform forward command 46-19

show running-config command

displaying ACLs 32-19, 32-20, 32-32, 32-34

interface description in 10-25

shutdown command on interfaces 10-32

shutdown threshold for Layer 2 protocol packets 14-23

Simple Network Management Protocol

See SNMP

single session ID 9-10

SMNP traps, and CFM 43-5

SNAP 24-1

SNMP

accessing MIB variables with 30-4

agent

described 30-4

disabling 30-8

and IP SLAs 41-2

authentication level 30-11

community strings

configuring 30-8

overview 30-4

configuration examples 30-21

default configuration 30-7

engine ID 30-7

groups 30-7, 30-10

host 30-7

ifIndex values 30-5

in-band management 1-4

informs

and trap keyword 30-12

described 30-5

differences from traps 30-5

disabling 30-16

enabling 30-16

limiting access by TFTP servers 30-17

limiting system log messages to NMS 29-10

manager functions 1-3, 30-3

notifications 30-5

overview 30-1, 30-4

security levels 30-3

setting CPU threshold notification 30-16

status, displaying 30-23

system contact and location 30-17

trap manager, configuring 30-14

traps

described 30-4, 30-5

differences from informs 30-5

disabling 30-16

enabling 30-12

enabling MAC address notification 5-22, 5-24, 5-26

overview 30-1, 30-4

types of 30-13

users 30-7, 30-10

versions supported 30-2

SNMP and Syslog Over IPv6 37-7

SNMP traps

REP 18-13

SNMPv1 30-2

SNMPv2C 30-2

SNMPv3 30-3

snooping, IGMP 22-1

software images

location in flash A-23

recovery procedures 46-2

scheduling reloads 3-23

tar file format, described A-24

See also downloading and uploading

source addresses

in IPv6 ACLs 39-5

source addresses, in IPv4 ACLs 32-11

source-and-destination-IP address based forwarding, EtherChannel 35-8

source-and-destination MAC address forwarding, EtherChannel 35-8

source-IP address based forwarding, EtherChannel 35-8

source-MAC address forwarding, EtherChannel 35-7

Source-specific multicast

See SSM

SPAN

configuration guidelines 27-10

default configuration 27-9

destination ports 27-6

displaying status 27-22

interaction with other features 27-8

monitored ports 27-5

monitoring ports 27-6

overview 1-12, 27-1

ports, restrictions 23-11

received traffic 27-4

session limits 27-10

sessions

configuring ingress forwarding 27-14, 27-21

creating 27-11

defined 27-3

limiting source traffic to specific VLANs 27-15

removing destination (monitoring) ports 27-12

specifying monitored ports 27-11

with ingress traffic enabled 27-13

source ports 27-5

traffic 27-4

transmitted traffic 27-5

VLAN-based 27-6

spanning tree and native VLANs 12-16

Spanning Tree Protocol

See STP

speed, configuring on interfaces 10-18

SRR, support for 1-9

SSH

configuring 8-39

cryptographic software image 8-38

described 1-4, 8-38

encryption methods 8-38

user authentication methods, supported 8-38

SSM

address management restrictions 44-16

CGMP limitations 44-16

components 44-14

configuration guidelines 44-16

configuring 44-14, 44-17

differs from Internet standard multicast 44-14

IGMP snooping 44-16

IGMPv3 44-14

IGMPv3 Host Signalling 44-15

IP address range 44-15

monitoring 44-17

operations 44-15

PIM 44-14

state maintenance limitations 44-16

SSM mapping

configuration guidelines 44-17

configuring 44-17, 44-20

defined 44-17

DNS-based 44-19, 44-20

monitoring 44-22

overview 44-18

restrictions 44-18

static 44-18, 44-20

static traffic forwarding 44-21

standby ip command 40-6

standby links 19-2

standby router 40-2

standby timers, HSRP 40-10

startup configuration

booting

manually 3-20

specific image 3-20

clearing A-19

configuration file

automatically downloading 3-19

specifying the filename 3-19

default boot configuration 3-19

static access ports

assigning to VLAN 12-11

defined 10-4, 12-5

static addresses

See addresses

static IP routing 1-11

static MAC addressing 1-8

static route primary interface, configuring 42-10

static routes

understanding 37-7

static routes, configuring 36-97

static routing 36-2

static SSM mapping 44-18, 44-20

static traffic forwarding 44-21

static VLAN membership 12-2

statistics

802.1x 9-26

CDP 24-5

interface 10-30

IP multicast routing 44-46

LLDP 25-8

LLDP-MED 25-8

OSPF 36-34

RMON group Ethernet 28-5

RMON group history 28-5

SNMP input and output 30-23

sticky learning 23-9

storm control

configuring 23-3

described 23-1

disabling 23-5

displaying 23-18

support for 1-2

thresholds 23-1

STP

and REP 18-6

BPDU filtering

described 17-3

disabling 17-9

enabling 17-8

BPDU guard

described 17-3

disabling 17-8

enabling 17-7

BPDU message exchange 15-3

configuration guidelines 15-12, 17-6

configuring

forward-delay time 15-22

hello time 15-21

maximum aging time 15-22

path cost 15-19

port priority 15-17

root switch 15-15

secondary root switch 15-17

spanning-tree mode 15-14

switch priority 15-20

counters, clearing 15-23

default configuration 15-11

default optional feature configuration 17-5

designated port, defined 15-4

designated switch, defined 15-4

disabling 15-15

displaying status 15-23

EtherChannel guard

described 17-3

disabling 17-10

enabling 17-9

extended system ID

effects on root switch 15-15

effects on the secondary root switch 15-17

overview 15-4

unexpected behavior 15-16

features supported 1-5

IEEE 802.1D and bridge ID 15-4

IEEE 802.1D and multicast addresses 15-9

IEEE 802.1t and VLAN identifier 15-4

inferior BPDU 15-3

instances supported 15-10

interface state, blocking to forwarding 17-2

interface states

blocking 15-6

disabled 15-7

forwarding 15-6, 15-7

learning 15-7

listening 15-6

overview 15-4

interoperability and compatibility among modes 15-10

keepalive messages 15-3

Layer 2 protocol tunneling 14-20

limitations with 802.1Q trunks 15-11

load sharing

overview 12-19

using path costs 12-21

using port priorities 12-20

loop guard

described 17-5

enabling 17-10

modes supported 15-9

multicast addresses, effect of 15-9

optional features supported 1-6

overview 15-2

path costs 12-21, 12-22

Port Fast

described 17-2

enabling 17-6

port priorities 12-20

preventing root switch selection 17-4

protocols supported 15-9

redundant connectivity 15-8

root guard

described 17-4

enabling 17-10

root port, defined 15-3

root switch

configuring 15-15

effects of extended system ID 15-4, 15-15

election 15-3

unexpected behavior 15-16

status, displaying 15-23

superior BPDU 15-3

timers, described 15-21

stratum, NTP 5-2

strict priority queuing 34-71

configuration guidelines 34-71

configuring 34-72

defined 34-30

QoS 34-30

stub areas, OSPF 36-30

stub routing, EIGRP 36-40

subdomains, private VLAN 13-1

subnet mask 36-5

subnet zero 36-5

success response, VMPS 12-24

summer time 5-13

S-UNI isolated ports 14-18

S-UNIs 14-13

SunNet Manager 1-3

supernet 36-6

SVIs

and IP unicast routing 36-3

and router ACLs 32-4

connecting VLANs 10-7

defined 10-5

routing between VLANs 12-2

S-VLAN 14-7

S-VLAN and C-VLAN in parent policy maps 34-79

switch 37-2

switch console port 1-4

Switch Database Management

See SDM

switched packets, ACLs on 32-39

Switched Port Analyzer

See SPAN

switched ports 10-3

switchport backup interface 19-4, 19-5

switchport block multicast command 23-7

switchport block unicast command 23-7

switchport command 10-15

switchport mode dot1q-tunnel command 14-7

switchport protected command 23-6

switch priority

MSTP 16-22

STP 15-20

switch software features 1-1

switch virtual interface

See SVI

synchronization, BGP 36-46

syslog

See system message logging

system clock

configuring

daylight saving time 5-13

manually 5-11

summer time 5-13

time zones 5-12

displaying the time and date 5-12

overview 5-2

See also NTP

system message logging

default configuration 29-3

defining error message severity levels 29-8

disabling 29-4

displaying the configuration 29-13

enabling 29-4

facility keywords, described 29-13

level keywords, described 29-9

limiting messages 29-10

message format 29-2

overview 29-1

sequence numbers, enabling and disabling 29-8

setting the display destination device 29-5

synchronizing log messages 29-6

syslog facility 1-12

time stamps, enabling and disabling 29-7

UNIX syslog servers

configuring the daemon 29-12

configuring the logging facility 29-12

facilities supported 29-13

system MTU

and IEEE 802.1Q tunneling 14-5

and IS-IS LSPs 36-67

system name

default configuration 5-15

default setting 5-15

manual configuration 5-15

See also DNS

system prompt, default setting 5-15

system resources, optimizing 7-1

system routing

IS-IS 36-62

ISO IGRP 36-62

System-to-Intermediate System Protocol

See IS-IS

T

table maps

default actions 34-15

described 34-15

for QoS marking 34-21

QoS

configuration guidelines 34-43

configuring QoS table maps 34-43

supported table maps 34-15, 34-43

QoS, configuring 34-43

TACACS+

accounting, defined 8-11

authentication, defined 8-11

authorization, defined 8-11

configuring

accounting 8-17

authentication key 8-13

authorization 8-16

login authentication 8-14

default configuration 8-13

displaying the configuration 8-17

identifying the server 8-13

limiting the services to the user 8-16

operation of 8-12

overview 8-10

support for 1-8

tracking services accessed by user 8-17

tagged packets

IEEE 802.1Q 14-4

Layer 2 protocol 14-20

tar files

creating A-6

displaying the contents of A-6

extracting A-7

image file format A-24

TCL script, registering and defining with embedded event manager 31-7

TDR 1-12

Telnet

accessing management interfaces 2-9

number of connections 1-4

setting a password 8-6

templates

Ethernet OAM 43-40

SDM 7-2

Terminal Access Controller Access Control System Plus

See TACACS+

terminal lines, setting a password 8-6

terminal loopback

defined 43-44

TFTP

configuration files

downloading A-11

preparing the server A-10

uploading A-11

configuration files in base directory 3-7

configuring for autoconfiguration 3-7

image files

deleting A-27

downloading A-26

preparing the server A-25

uploading A-27

limiting access by servers 30-17

TFTP server 1-3

threshold, traffic level 23-2

threshold monitoring, IP SLAs 41-6

time

See NTP and system clock

Time Domain Reflector

See TDR

time-range command 32-16

time ranges in ACLs 32-16

time stamps in log messages 29-7

time-to-live 36-15

time zones 5-12

TLVs

defined 25-1

LLDP 25-2

LLDP-MED 25-2

traceroute, Layer 2

and ARP 46-14

and CDP 46-13

broadcast traffic 46-13

described 46-13

IP addresses and subnets 46-14

MAC addresses and VLANs 46-13

multicast traffic 46-13

multiple devices on a port 46-14

unicast traffic 46-13

usage guidelines 46-13

traceroute command 46-15

See also IP traceroute

tracked lists

configuring 42-3

types 42-3

tracked objects

by Boolean expression 42-4

by threshold percentage 42-6

by threshold weight 42-5

tracking interface line-protocol state 42-2

tracking IP routing state 42-2

tracking objects 42-1

tracking process 42-1

track state, tracking IP SLAs 42-9

traffic

blocking flooded 23-7

fragmented 32-5

fragmented IPv6 39-2

unfragmented 32-5

traffic class, defined 34-3

traffic classification, typical values 34-10

traffic marking 34-21

traffic policies, elements in 34-3

traffic shaping

for QoS scheduling 34-26

QoS traffic control 34-26

traffic suppression 23-1

trap-door mechanism 3-2

traps

configuring MAC address notification 5-22, 5-24, 5-26

configuring managers 30-12

defined 30-4

enabling 5-22, 5-24, 5-26, 30-12

notification types 30-13

overview 30-1, 30-4

troubleshooting

connectivity problems 46-9, 46-13, 46-14

detecting unidirectional links 26-1

displaying crash information 46-21

PIMv1 and PIMv2 interoperability problems 44-33

setting packet forwarding 46-19

SFP security and identification 46-8

show forward command 46-19

with CiscoWorks 30-4

with debug commands 46-17

with ping 46-10

with system message logging 29-1

with traceroute 46-14

trunk failover

See link-state tracking

trunking encapsulation 1-7

trunk ports

configuring 12-17

defined 10-4, 12-5

trunks

allowed-VLAN list 12-18

load sharing

setting STP path costs 12-21

using STP port priorities 12-20

native VLAN for untagged traffic 12-19

parallel 12-21

tunneling

802.1Q and QoS 34-78

defined 14-1

IEEE 802.1Q 14-2

Layer 2 protocol 14-20

tunnel ports

defined 12-5

described 10-4, 14-2

IEEE 802.1Q, configuring 14-6

incompatibilities with other features 14-6

twisted-pair Ethernet, detecting unidirectional links 26-1

U

UDLD

configuration guidelines 26-4

default configuration 26-4

disabling

globally 26-5

on fiber-optic interfaces 26-5

per interface 26-5

echoing detection mechanism 26-2

enabling

globally 26-5

per interface 26-5

Layer 2 protocol tunneling 14-22

link-detection mechanism 26-1

neighbor database 26-2

overview 26-1

resetting an interface 26-6

status, displaying 26-6

support for 1-5

UDP

datagrams 36-15

defined

forwarding 36-14

UDP, configuring 36-14

UDP jitter, configuring 41-9

UDP jitter operation, IP SLAs 41-8

unauthorized ports with 802.1x 9-4

unconditional priority policing

configuration guidelines 34-73

priority with police 34-30

UN-ENI VLANs

defined 12-5

UNI

configuring 10-17

described 10-2

protocol control packets on 33-1

unicast MAC address filtering

and adding static addresses 5-29

and broadcast MAC addresses 5-28

and CPU packets 5-28

and multicast addresses 5-28

and router MAC addresses 5-28

configuration guidelines 5-28

described 5-28

unicast storm 23-1

unicast storm control command 23-4

unicast traffic, blocking 23-7

UNI community VLAN 12-6

UniDirectional Link Detection protocol

See UDLD

UNI isolated VLAN 12-6

UNIs, remote (CFM) 43-48

UNI VLANs

and private VLANs 12-13

and RSPAN VLANs 12-13

configuration guidelines 12-12

configuring 12-13

UNIX syslog servers

daemon configuration 29-12

facilities supported 29-13

message logging configuration 29-12

upgrading software images

See downloading

upgrading with CNS 4-14

uploading

configuration files

preparing A-10, A-13, A-16

reasons for A-8

using FTP A-14

using RCP A-18

using TFTP A-11

image files

preparing A-25, A-28, A-32

reasons for A-23

using FTP A-31

using RCP A-35

using TFTP A-27

usage guidelines

Layer 2 traceroute 46-13

User Datagram Protocol

See UDP

user EXEC mode 2-2

username-based authentication 8-6

user network interface

See UNI

V

VACLs

logging

configuration example 32-38

Virtual Private Network

See VPN

virtual router 40-2, 40-13

vlan.dat file 12-3

VLAN 1

disabling on a trunk port 12-18

minimization 12-18

VLAN ACLs

See VLAN maps

vlan-assignment response, VMPS 12-24

VLAN blocking, REP 18-12

VLAN configuration mode 2-2

VLAN database

VLAN configuration saved in 12-10

VLANs saved in 12-3

vlan dot1q tag native command 14-5

VLAN filtering and SPAN 27-6

vlan global configuration command 12-7, 12-9

VLAN ID

discovering 5-31

service provider 14-8

VLAN ID translation

See VLAN mapping

VLAN load balancing

configuration guidelines on flex links 19-8

on flex links 19-2

REP 18-4

triggering 18-5

VLAN loopback

defined 43-44

VLAN Management Policy Server

See VMPS

VLAN map entries, order of 32-30

VLAN mapping

1-to-1 14-8

1-to-1, configuring 14-10

configuration guidelines 14-9

configuring 14-10

configuring on a trunk port 14-10

default 14-9

described 14-7

selective QinQ 14-8

selective Q-in-Q, configuring 14-12

traditional QinQ 14-8

traditional Q-in-Q, configuring 14-11

types of 14-8

VLAN maps

applying 32-34

common uses for 32-34

configuration guidelines 32-30

configuring 32-30

creating 32-31

defined 32-2, 32-5

denying access to a server example 32-35

denying and permitting packets 32-32

displaying 32-42

examples of ACLs and VLAN maps 32-32

removing 32-34

support for 1-8

wiring closet configuration example 32-35

with router ACLs 32-41

VLAN membership

confirming 12-27

modes 12-5

VLAN Query Protocol

See VQP

VLANs

adding 12-9

aging dynamic addresses 15-9

allowed on trunk 12-18

and spanning-tree instances 12-3, 12-9

configuration guidelines 12-8

configuration guidelines, normal-range VLANs 12-8

configuring 12-1

connecting through SVIs 10-7

customer numbering in service-provider networks 14-3

default configuration 12-7

described 10-2, 12-1

displaying 12-14

extended-range 12-1

features 1-6

illustrated 12-2

internal 12-9

limiting source traffic with RSPAN 27-21

limiting source traffic with SPAN 27-15

modifying 12-9

multicast 22-15

native, configuring 12-19

normal-range 12-1, 12-3

number supported 1-6

parameters 12-3

port membership modes 12-4

static-access ports 12-11

STP and 802.1Q trunks 15-11

supported 12-3

traffic between 12-2

UNI 12-5

UNI community 12-6

UNI isolated 12-6

VLAN trunks 12-15

VMPS

administering 12-28

configuration example 12-28

configuration guidelines 12-25

default configuration 12-25

description 12-23

dynamic port membership

described 12-24

reconfirming 12-27

troubleshooting 12-28

mapping MAC addresses to VLANs 12-23

monitoring 12-28

reconfirmation interval, changing 12-27

reconfirming membership 12-27

retry count, changing 12-27

VPN

configuring routing in 36-90

forwarding 36-84

in service provider networks 36-82

routes 1-18, 36-83

VPN routing and forwarding table

See VRF

VQP 1-6, 12-23

VRF

defining 36-84

tables 1-18, 36-82

VRF-aware services

ARP 36-87

configuring 36-86

ftp 36-89

HSRP 36-88

ping 36-87

RADIUS 36-89

SNMP 36-87

syslog 36-88

tftp 36-89

traceroute 36-89

VTP Layer 2 protocol tunneling 14-20

W

weighted tail drop

See WTD

weight thresholds in tracked lists 42-5

WTD

configuration guidelines 34-76

configuring 34-75, 34-76

described 34-32

support for 1-9

Y

Y.1731

default configuration 43-26

described 43-23

ETH-AIS

configuring 43-26

Ethernet Alarm Signal function (ETH-AIS) 43-24

ETH-LCK 43-25

configuring 43-28

ETH-RDI 43-24

multicast Ethernet loopback 43-30

multicast ETH-LB 43-25

terminology 43-23