Index Security Exchange Protocol
See SXP
Symbols
“A” Record 3
Numerics
10/100 autonegotiation feature, forced 28
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 13
10-Gigabit Ethernet port
deploy with Gigabit Ethernet SFP ports 12, 13
10-slot chassis, support for WS-X46490-CSFP-E 21
12-class Easy QoS Model 11
1400 W DC Power supply
special considerations 21
1400 W DC SP Triple Input power supply
special considerations 22
802.10 SAID (default) 4
802.1AE
standard 2
802.1Q
trunks 6
tunnel ports with other features 5
tunneling
compatibility with other features 5
defaults 3
described 2
802.1Q VLANs
trunk restrictions 4
802.1s
See MST
802.1w
See MST
802.1X
See port-based authentication
802.1X authentication
Authentication Failed VLAN assignment 16
for Critical Authentication 14
for guest VLANs 10
for MAC Authentication Bypass 11
for Unidirectional Controlled Port 15
VLAN User Distribution 15
web-based authentication 13
with port security 18
with VLAN assignment 9
with voice VLAN ports 21
802.1X Host Mode 6
multiauthentication mode 8
multidomain authentication mode 7
single-host 7
802.1x-REV 2
802.3ad
See LACP
9000W AC, displaying OBFL 4
A
AAA 1
AAA (authentication, authorization, and accounting). See also port-based authentication. 1
abbreviating commands 5
about Wireshark 5
access control entries
See ACEs
access control entries and lists 1
access list filtering, SPAN enhancement 13
access lists
using with WCCP 8
access ports
and Layer 2 protocol tunneling 15
configure port security 7, 22
configuring 7
access VLANs 5
access-group mode, configuring on Layer 2 interface 35
access-group mode, using PACL with 34
accounting
with RADIUS 110
with TACACS+ 16, 21
ACEs
ACLs 2
IP 41, 2
Layer 4 operation restrictions 11
ACEs and ACLs 1
ACL assignments and redirect URLs, configure 38
ACL assignments, port-based authentication 19
ACL configuration, displaying a Layer 2 interface 36
ACLs
ACEs 2
and SPAN 5
and TCAM programming for Sup 6-E 10
and TCAM programming for Sup II-Plus thru V-10GE 7
applying IPv6 ACLs to a Layer 3 interface 20
applying on routed packets 30
applying on switched packets 29
compatibility on the same switch 3
configuring with VLAN maps 29
CPU impact 13
downloadable 7
hardware and software support 6
IP, matching criteria for port ACLs 4
MAC extended 16
matching criteria for router ACLs 3
port
and voice VLAN 5
defined 3
processing 13
selecting mode of capturing control packets 7
troubleshooting high CPU 7
types supported 3
understanding 2
VLAN maps 5
ACLs and VLAN maps, examples 23
ACLs, applying to a Layer 2 interface 35
acronyms, list of 1
action drivers, marking 21, 55
activating and deactivating a capture point, Wireshark 14
activating and deactivating Wiresharkcapture points, conceptual, Wireshark 10
active queue management 9
active queue management via DBL, QoS on Sup 6-E 34, 68
active traffic monitoring, IP SLAs 1
adding members to a community 9
address resolution 44
addresses
displaying the MAC table 44
dynamic
changing the aging time 30
defined 28
learning 29
removing 31
IPv6 2
MAC, discovering 44
See MAC addresses
static
adding and removing 36
defined 28
adjacency tables
description 2
displaying statistics 10
administrative VLAN
REP, configuring 9
administrative VLAN per segment 9
administrative VLAN, REP 8
advertisements
LLDP 7, 2
advertisements, VTP
See VTP advertisements
aggregation switch, enabling DHCP snooping 9
aging time
MAC address table 30
All Auth manager sessions on the switch authorized for a specified authentication method 124
All Auth manager sessions, displaying summary 124
ANCP client
enabling and configuring 2
guidelines and restrictions 5
identify a port with DHCP option 82 4
identify a port with protocol 2
overview 1
ANCP protocol
identifying a port with 2
app-class and QoS Traffic Mapping 12
applying IPv6 ACLs to a Layer 3 interface 20
AQM via DBL, QoS on Sup 6-E 34, 68
archiving crashfiles information 8
ARP
defined 44
table
address resolution 44
managing 44
asymmetrical links, and 802.1Q tunneling 3
attachment points, Wireshark 6
attributes, RADIUS
vendor-proprietary 112
vendor-specific 111
Auth manager session for an interface, verifying 125
Auth manager summary, displaying 124
authentication
NTP associations 4
RADIUS
key 103
login 105
See also port-based authentication
TACACS+
defined 16
key 18
login 19
Authentication Failed, configuring 80.1X 71
Authentication methods registered with the Auth manager, determining 124
authentication open comand 8
authentication proxy web pages 4
authentication server
defined 3
RADIUS server 3
Authentication, Authorization, and Accounting (AAA) 1
Authoritative DNS server 3
authoritative time source, described 2
authorization
with RADIUS 109
with TACACS+ 16, 21
authorized and unauthorized ports 4
authorized ports with 802.1X 4
Auto Identity
Built-in Policies 4
Class Map Templates 4
Global Template 2
Interface Templates 3
Overview 2
Parameter Maps 5
Service Templates 5
Auto SmartPorts built-in macros
configuring parameters 6
Auto SmartPorts macros
built-in macros 4
configuration guidelines 5
default configuration 4
defined 1
displaying 13
enabling 3
IOS shell 2, 10
Auto Smartports macros
defined 2
Auto SmartPorts user-defined macros
configuring 10
autoconfiguration 2
automatic discovery
considerations 7
Auto-MDIX on a port
configuring 39
displaying the configuration 40
overview 39
autonegotiation feature
forced 10/100Mbps 28
auto-sync command 8, 7
Auto SmartPorts macros
See also SmartPorts macros
Auto Smartports macros
See also Smartports macros
AVC with DNS-AS 1
AVC with DNS-AS Process Flow 4
B
b command 3
b flash command 3
Baby Giants
interacting with 37
BackboneFast
adding a switch (figure) 3
and MST 23
configuring 23
link failure (figure) 22, 23
not supported MST 23
understanding 21
See also STP
banners
configuring
login 27
message-of-the-day login 24
default configuration 24
when displayed 24
BFD
and hardware support 7
configuration example
BFD in a BGP network 25
BFD in an EIGRP network with echo mode enabled by default 17
BFD in an OSPF network 22
support for static routing 27
configuring
Echo mode 15
session parameters on the interface 8
Slow timer 16
support for BGP 9
support for dynamic routing protocols 9
support for EIGRP 10
support for OSPF 11
support for static routing 13
disabling echo mode without asymmetry 16
monitoring and troubleshooting 17
neighbor relationships 3
operation 3
prerequisites 2
restrictions 2
BGP 17
routing session with multi-VRF CE 9
Binding table 3
blocking packets 1
blocking state (STP)
RSTP comparisons (table) 24
Boolean expressions in tracked lists 5
boot bootldr command 32
boot command 28
boot commands 3
boot fields
See configuration register boot fields
boot system command 26, 32
boot system flash command 28
bootstrap program
See ROM monitor
Border Gateway Protocol
See BGP
boundary ports
description 27
BPDU Guard
and MST 23
configuring 23
overview 15
BPDUs
and media speed 2
pseudobridges and 25
what they contain 3
Bridge Assurance 8, 11
bridge ID
See STP bridge ID
bridge priority (STP) 17
bridge protocol data units
See BPDUs
bridging loop 40
Broadcast Storm Control
disabling 5
enabling 2
Built-in macros and user-defined triggers, configuring mapping 9
C
cache engine clusters 1
cache engines 1
cache farms
See cache engine clusters
Call Home
description 24, 1
message format options 2
messages
format options 2
call home 1
alert groups 6
configuring e-mail options 9
contact information 4
default settings 18
destination profiles 5
displaying information 13
mail-server priority 10
pattern matching 8
periodic notification 8
rate limit messages 9
severity threshold 8
smart call home feature 2
SMTP server 9
testing communications 10
call home alert groups
configuring 6
description 6
subscribing 7
call home contacts
assigning information 4
call home destination profiles
attributes 5
configuring 5
description 5
displaying 16
call home notifications
full-txt format for syslog 25
XML format for syslog 28
candidate switch, cluster
defined 12
candidates
automatic discovery 7
capture filter, Wireshark 7
capture points, Wireshark 6
Capturing control packets
selecting mode 7
cautions
Unicast RPF
BGP optional attributes 4
cautions for passwords
encrypting 22
CDP
automatic discovery in communities 7
configuration 1
defined with LLDP 1
displaying configuration 3
enabling on interfaces 2
host presence detection 8
Layer 2 protocol tunneling 13
maintaining 3
monitoring 3
overview 2, 1
cdp enable command 2
CEF
adjacency tables 2
and NSF with SSO 5
configuring load balancing 7
displaying statistics 8
enabling 7, 2
hardware switching 4
load balancing 6
overview 1
software switching 4
certificate authority (CA) 3
CFM
and Ethernet OAM interaction 51
and Ethernet OAM, configuring 51
clearing 31
configuration guidelines 7, 4
configuring crosscheck for VLANs 11
configuring fault alarms 16
configuring port MEP 14
configuring static remote MEP 13, 16, 18
crosscheck 5
defined 2
EtherChannel support 7, 4
fault alarms
configuring 16
IP SLAs support for 6
IP SLAs with endpoint discovers 21
maintenance domain 3
manually configuring IP SLAs ping or jitter 19
measuring network performance 6
monitoring 32, 33
port MEP, configuring 14
remote MEPs 5
static RMEP check 5
static RMEP, configuring 13, 16, 18
Y.1731
described 27
CGMP
overview 1
Change of Authorization, RADIUS 97
channel-group group command 49, 9, 11
Cisco 7600 series Internet router
enabling SNMP 4
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS IP SLAs 2
Cisco IOS NSF-aware
support 2
Cisco IOS NSF-capable support 2
Cisco IP Phones
configuring 2
sound quality 1
Cisco TrustSec
credentials 21
switch-to-switch security
802.1x mode 22
configuration example 24
manual mode 23
Cisco TrustSec Network Device Admission Control
See NDAC
CiscoWorks 2000 4
CIST
description 22
civic location 3
class level, configure in a service policy 31, 65
class of service
See CoS
clear cdp counters command 3
clear cdp table command 3
clear counters command 45
clear ip eigrp neighbors command 19
clearing
Ethernet CFM 31
IP multicast table entries 28
CLI
accessing 2
backing out one level 5
getting commands 5
history substitution 4
managing clusters 13
modes 5
monitoring environments 1
ROM monitor 7
software basics 4
client processes, tracking 1
clients
in 802.1X authentication 3
clock
See system clock
clustering switches
command switch characteristics
and VTY 12
convert to a community 10
managing
through CLI 13
overview 2
planning considerations
CLI 13
passwords 8
CoA Request Commands 100
command modes 5
command switch, cluster
requirements 11
command-line processing 3
commands
b 3
b flash 3
boot 3
confreg 3
dev 3
dir device 3
frame 5
i 3
listing 5
meminfo 6
reset 3
ROM monitor 2–3
ROM monitor debugging 5–6
SNMP 4
sysret 5
common and internal spanning tree
See CIST
common spanning tree
See CST
community of switches
access modes in Network Assistant 9
adding devices 9
communication protocols 8
community name 8
configuration information 9
converting from a cluster 10
host name 8
passwords 8
community ports 3
community strings
configuring 7
overview 4
community VLANs 2, 3
configure as a PVLAN 15
compiling MIBs 4
config terminal command 9
config-register command 29
configurable leave timer,IGMP 4
configuration examples
SNMP 15
configuration files
limiting TFTP server access 15
obtaining with DHCP 6
saving 10
system contact and location information 14
configuration guidelines
CFM 7, 4
Ethernet OAM 35
REP 7
SNMP 6
VLAN mapping 9
configuration register
boot fields
listing value 30
modifying 29
changing from ROM monitor 3
changing settings ??–29
configuring 26
settings at startup 28
configure class-level queue-limit in a service policy 31, 65
configure terminal command 2
Configuring a DNS Server as the Authoritative Server 9
configuring access-group mode on Layer 2 interface 35
configuring flow control 32
configuring interface link and trunk status envents 46
configuring named IPv6 ACLs 18
configuring named MAC extended ACLs 16, 17
Configuring QoS for AVC with DNS-AS 11
configuring unicast MAC address filtering 16
configuring VLAN maps 21
confreg command 3
Connectivity Fault Management
See CFM
console configuration mode 5
console download 4–5
console port
disconnecting user sessions 7
monitoring user sessions 6
contact information
assigning for call home 4
Control Plane Policing
and Layer 2 Control packet QoS, configuration example 18
configuration guidelines and restrictions 9
configuring for control plane traffic 5
configuring for data plane and management plan traffic 6
defaults 4
general guidelines 4
monitoring 10
understanding 2
control protocol, IP SLAs 4
controlling switch access with RADIUS 95
convergence
REP 4
copy running-config startup-config command 10
copy system:running-config nvram:startup-config command 33
core system filter, Wireshark 7
CoS
definition 3
figure 2
overriding on Cisco IP Phones 4
priority 4
counters
clearing MFIB 29
clearing on interfaces 44
CPU port sniffing 10
CPU, impact of ACL processing 13
crashfiles information, archiving 8
Critical Authentication
configure with 802.1X 62
crosscheck, CFM 5, 11
CST
description 25
IST and 22
MST and 22
CTS Fields 6
customer edge devices 2
C-VLAN 2, 7
D
database agent
configuration examples 15
enabling the DHCP Snooping 13
daylight saving time 13
debug commands, ROM monitor 5–6
decoding and displaying packets, Wireshark 9
Default Configuration 6
default configuration
802.1X 27
banners 24
DNS 23
Ethernet OAM 35
IGMP filtering 30
IGMP snooping 5, 6
IP SLAs 6
IPv6 8
Layer 2 protocol tunneling 16
LLDP 5
MAC address table 30
MVR 23
NTP 4
private VLANs 12
RADIUS 102
REP 7
resetting the interface 48
RMON 3
SNMP 5
SPAN and RSPAN 6
system message logging 3
TACACS+ 18
VLAN mapping 9
Y.1731 29
default gateway
configuring 11
verifying configuration 11
default settings, erase commad 34
default web-based authentication configuration
802.1X 6
defining/modifying/deleting a capture point, Wireshark 12
denial-of-service attacks
IP address spoofing, mitigating 5
Unicast RPF, deploying 5
denying access to a server on another VLAN 27
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 12, 13
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 13
description command 32
dev command 3
device discovery protocol 1
device IDs
call home format 21, 22
device sensor
configuring 117
DHCP
configuring
rate limit for incoming packets 13
denial-of-service attacks, preventing 13
rate limiting of packets
configuring 13
DHCP option 82
identifying a port with 4
overview 3
DHCP Snooping
enabling, and Option 82 10
DHCP snooping
accepting untrusted packets form edge switch 10
configuring 6
default configuration 7
displaying binding tables 19
displaying configuration 19
displaying information 18
enabling 7
enabling on private VLAN 12
enabling on the aggregation switch 9
enabling the database agent 13
message exchange process 4
monitoring 23
option 82 data insertion 3
overview 1
Snooping database agent 2
DHCP Snooping Database Agent
adding to the database (example) 18
enabling (example) 15
overview 2
reading from a TFTP file (example) 17
DHCP-based autoconfiguration
client request message exchange 3
configuring
client side 2
DNS 5
relay device 5
server-side 4
TFTP server 4
example 7
lease options
for IP address information 4
for receiving the configuration file 4
overview 2
relationship to BOOTP 2
Diagnostics
online 1
Power-On-Self-Test
causes of failure 20
how it works 10
overview 10
Power-On-Self-Test for Supervisor Engine V-10GE 13
Differentiated Services Code Point values
See DSCP values
DiffServ architecture, QoS 2
Digital optical monitoring transceiver support 26
dir device command 3
disabled state
RSTP comparisons (table) 24
disabling
broadcast storm control 5
disabling multicast storm control 6
disconnect command 7
discovery, clusters
See automatic discovery
discovery, Ethernet OAM 34
display dection and removal events 7
display filter, Wireshark 7
display PoE consumed by a module 8
display PoE detection and removal events 7
displaying
Auth Manager sumary for an interface 124
MAB details 126
summary of all Auth manager sessions 124
summary of all Auth manager sessions on the switch authorized for a specified authentication method 124
displaying EtherChannel to a Virtual Switch System 20
displaying storm control 6
displaying Wireshark information 14
dispute mechanism 40
DNS
and DHCP-based autoconfiguration 5
default configuration 23
displaying the configuration 24
overview 22
setting up 23
DNS client 3
Domain Name System
See DNS
domain names
DNS 22
double-tagged packets
802.1Q tunneling 2
Layer 2 protocol tunneling 15
downloading MIBs 2, 3
drop threshold for Layer 2 protocol packets 16
DSCP values
definition 4
IP precedence 2
Dual_Active Detection
using Enhanced PAgP 23
Dual-Active Detection, using Fast-Hello 24
duplex command 30
duplex mode
configuring interface 27
dynamic ARP inspection
ARP cache poisoning 2
configuring
ACLs for non-DHCP environments 11
in DHCP environments 5
log buffer 14
rate limit for incoming ARP packets 16
denial-of-service attacks, preventing 16
interface trust state, security coverage 3
log buffer
configuring 14
logging of dropped packets 4
overview 1
port channels, their behavior 5
priority of static bindings 4
purpose of 2
rate limiting of ARP packets 4
configuring 16
validation checks, performing 19
Dynamic Host Configuration Protocol snooping
See DHCP snooping
dynamic port VLAN membership
example 28
limit on hosts 28
reconfirming 25, 26
troubleshooting 28
E
EAP frames
changing retransmission time 85
exchanging (figure) 4, 6, 13
request/identity 4
response/identity 4
setting retransmission number 86
EAPOL frames
802.1X authentication and 3
OTP authentication, example (figure) 4, 13
start 4
Echo mode,configuring BFD 15
edge ports
description 27
EGP
overview 17
EIGRP
configuration examples 20
monitoring and maintaining 19
EIGRP (Enhanced IGRP)
stub routing
benefits 18
configuration tasks 18
configuring 14
overview 14
restrictions 18
verifying 19
EIGRP (enhanced IGRP)
overview 18
eigrp stub command 19
EIGRP stub routing, configuring 13
ELIN location 3
e-mail addresses
assigning for call home 4
e-mail notifications
Call Home 24, 1
Embedded CiscoView
displaying information 48
installing and configuring 45
overview 45
emergency alarms on Sup Engine 6-E systems 5
enable command 9
enable mode 5
enabling SNMP 4
encryption keying 2
encryption keys, MKA 2
Enhanced Interior Gateway Routing Protocol
See EIGRP
enhanced object tracking
defined 1
IP routing state 2
line-protocol state 2
tracked lists 3
Enhanced PoE support on E-series 15
Enhanced PoE support on E-series,configuring Universal PoE 16
environmental monitoring
using CLI commands 1
EPM logging 127
errdisable recovery
configuring 14
ERSPAN
Overview 2
EtherChannel
channel-group group command 49, 9, 11
configuration guidelines 32, 6
configuring 7–20
configuring (tasks) 30
configuring Layer 2 11
configuring Layer 3 7
DFC restriction, see CSCdt27074 in the Release Notes
displaying to a virtual switch system 20
interface port-channel command 8
lacp system-priority
command example 16
modes 3
overview 1
PAgP
Understanding 4
physical interface configuration 49, 8
port-channel interfaces 2
port-channel load-balance command 19
removing 20
removing interfaces 19
understanding 1
EtherChannel guard
disabling 7
enabling 6
overview 6
Ethernet management port
and routing 6
and routing protocols 6
configuring 10
default setting 6
described 29, 6
for network management 29, 6
specifying 10
supported features 9
unsupported features 10
Ethernet management port, internal
and routing protocols 6
Ethernet Management Port, using 5
Ethernet OAM 34
and CFM interaction 51
configuration guidelines 35
configuring with CFM 51
default configuration 35
discovery 34
enabling 36, 52
link monitoring 34, 38
messages 34
protocol
defined 33
monitoring 49
remote failure indications 34
remote loopback 34, 37
templates 45
Ethernet OAM protocol CFM notifications 51
Ethernet Remote Defect Indication (ETH-RDI) 28
event triggers, user-defined
configuring, 802.1X-based 8
configuring, MAC address-based 9
explicit host tracking
enabling 11
extended range VLANs
See VLANs
Extensible Authentication Protocol over LAN 1
Exterior Gateway Protocol
See EGP
F
Fa0 port
See Ethernet management port
Failure detection, using BFD 7
Fallback Authentication
configure with 802.1X 77
fast link notification
on VSL failure 13
Fast UDLD
configuring probe message interval 8
default configuration 3
displaying link status 9
enabling globally 5
enabling on individual interface 7
enabling per-interface 6
modes of operation 3
resetting disabled LAN interfaces 8
use case 2
Fast UDLD, overview 1
FastDrop
overview 11
fastethernet0 port
See Ethernet management port
Fast-Hello
dual-active detection 24
Fast-Hello dual-active detection, configuring 53
feature interactions, Wireshark 10
FIB
description 2
See also MFIB
fiber-optics interfaces
disabling UDLD 7
Filter-ID ACL and Per-User ACL, configureport-based authentication
configure Per-User ACL and Filter-ID ACL 45
filtering
in a VLAN 21
non-IP traffic 16, 17
filters, Wireshark 6
flags 12
Flash memory
configuring router to boot from 32
loading system images from 31
security precautions 32
Flex Links
configuration guidelines 5
configuring 6
configuring preferred VLAN 9
configuring VLAN load balancing 8
monitoring 12
Flexible NetFlow
caveats 8
defined 4, 1
flooded traffic, blocking 2
flow control, configuring 32
flowchart, traffic marking procedure 21, 55
For 13
Forward look-up 2
forward-delay time (STP)
configuring 19
forwarding information base
See FIB
frame command 5
G
gateway
See default gateway
get-bulk-request operation 3
get-next-request operation 3, 4
get-request operation 3, 4
get-response operation 3
Gigabit Ethernet SFP ports
deploy with 10-Gigabit Ethernet 12, 13
GLBP, introduction 15
global configuration mode 5
Guest-VLANs
configure with 802.1X 57
H
hardware and software ACL support 6
hardware switching 5
hello time (STP)
configuring 17
High Availability and ISSU for AVC with DNS-AS 5
high CPU due to ACLs, troubleshooting 7
history
CLI 4
history table, level and number of syslog messages 9
hop counts
configuring MST bridges 28
Host 2
host
limit on dynamic port 28
host modes, MACsec 5
host ports
kinds of 4
host presence CDP message 8
Hot Standby Routing Protocol
See HSRP
HSRP
description 16
HSRP, introduction 16
hw-module module num power command 22
I
i command 3
ICMP
enabling 12
ping 7
running IP traceroute 9
time exceeded messages 9
ICMP Echo operation
configuring 11
IP SLAs 11
IDS
using with SPAN and RSPAN 2
IEEE 802.1ag 2
IEEE 802.1s
See MST
IEEE 802.1w
See MST
IEEE 802.3ad
See LACP
IGMP
configurable-leave timer 4
description 3
enabling 15
explicit host tracking 4
immediate-leave processing 3
leave processing, enabling 8
overview 1
report suppression
disabling 10
IGMP filtering
configuring 31
default configuration 30
described 30
monitoring 34
IGMP groups
setting the maximum number 33
IGMP Immediate Leave
configuration guidelines 9
IGMP profile
applying 32
configuration mode 31
configuring 31
IGMP Snooping
configure
leave timer 9
configuring
Learning Methods 7
static connection to a multicast router 8
configuring host statically 11
enabling
Immediate-Leave processing
explicit host tracking 11
suppressing multicast flooding 12
IGMP snooping
configuration guidelines 5
default configuration 5, 6
enabling
globally 6
on a VLAN 6
enabling and disabling 6
IP multicast and 4
monitoring 14, 10
overview 1
IGMP Snooping, displaying
group 16
hot membership 15
how to 15
MAC address entries 18
multicast router interfaces 17
on a VLAN interface 18
Querier information 19
IGMPSnooping Querier, configuring 10
Immediate Leave, IGMP
enabling 8
immediate-leave processing
enabling 8
IGMP
See fast-leave processing
ingress packets, SPAN enhancement 12
inline power
configuring on Cisco IP phones 5
insufficient inline power handling for Supervisor Engine II-TS 22
Intelligent Power Management 4
interacting with Baby Giants 37
interface
displaying operational status 6
interface command 9, 2
interface configuration
REP 10
interface link and trunk status events
configuring 46
interface port-channel command 48, 8
interface range command 4
interface range macro command 10
interfaces
adding descriptive name 32
clearing counters 44
configuring 2
configuring ranges 4
displaying information about 44
Layer 2 modes 3
maintaining 44
monitoring 44
naming 32
numbers 2
overview 2
restarting 45
See also Layer 2 interfaces
using the Ethernet Management Port 5
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Internet Protocol version 6
See IPv6
introduction
802.1X Identity-Based Network Security, list of supported features 34
Bidirectional Forwarding Detection 14
Cisco Call Home 24
Cisco Energy Wise 24
Cisco Express Forwarding 14
Cisco IOS IP Service Level Agreements 25
Cisco IOS Mediatrace and Performance Monitor 27
Cisco Media Services Proxy 25
Cisco Medianet AutoQoS 26
Cisco Medianet Flow Metadata 26
Cisco TrustSec MACsec Encryption 36
Cisco TrustSec Security Architecture 36
Debugging Features (platform and debug platform) 43
Device Sensor 14
Dynamic Host Control Protocol 28
Easy Virtual Network 28
EIGRP Stub routing 14
Embedded Event Manager 29
Enhanced Object Tracking 15
EtherChannel bundles 3
Ethernet CFM 3
Ethernet Management Port 29
Ethernet OAM Protocol 3
FAT File Management System (Sup 60-E, 6L-E, 4948E, and 4900M) 30
File System Management (Sup 7-E and 7L-E) 29
Flex Link and MAC Address-Table Move Update 3
Flexible Netflow (Sup 7-E and 7L-E) 4
GLBP 15
hard-based Control Plane Policing 37
HSRP 16
In Service Software Upgrade 19
Intelligent Power Management 30
Internet Group Management Protocol (IGMP) Snooping 4
IP Routing protocols 17
IP Source Guard 38
IP Source Guard or Static Hosts 38
IPv6 20
IPv6 First Hop Security 38
IPv6 Multicast BSR and BSR Scoped Zone Support, introduction 5
IPv6 Multicast Listen Discovery (MLD) and Multicast Listen Discovery Snooping 6
IS-IS 18
Jumbo Frame 6
Layer 2 traceroute 43
Link Aggregation Control Protocol 7
MAC Address Notification 30
NAC
Layer 2 802.1X authentication 40
Layer 2 IP validation 40
NetFlow-lite 31
Network Security with ACLs (IP ACLs, MAC ACLs, Port ACLs, Router, ACLs, and VLAN ACLs) 41
NSF with SSO 21
OSPF 19
OSPF for Routed Access 21
Port Security 41
Power over Ethernet 31
RIP 19
Simple Network Management Protocol 31
SPAN and RSPAN 32
Time Domain Reflectometry 43
Unicast Reverse Path Forwarding 22
Universal Power over Ethernet 32
Virtual Router Redundancy Protocol 23
VRF-lite 23
Web Content Coordination Protocol 32
Web-based Authentication 43
Wireshark 33
XML-PI 33
Intrusion Detection System
See IDS
inventory management TLV 3, 9
IOS shell
See Auto SmartPorts macros
IP
configuring default gateway 11
configuring static routes 11
displaying statistics 8
IP addresses
128-bit 2
cluster candidate or member 12
cluster command switch 11
discovering 44
IPv6 2
ip cef command 7, 2
IP Enhanced IGRP
interfaces, displaying 20
ip icmp rate-limit unreachable command 12
ip igmp profile command 31
ip igmp snooping tcn flood command 13
ip igmp snooping tcn flood query count command 14
ip igmp snooping tcn query solicit command 14
IP information
assigned
through DHCP-based autoconfiguration 2
ip load-sharing per-destination command 8
ip local policy route-map command 12
ip mask-reply command 13
IP MTU sizes,configuring 9
IP multicast
clearing table entries 28
configuring 13
default configuration 14
displaying PIM information 24
displaying the routing table information 24
enabling dense-mode PIM 15
enabling sparse-mode 15
features not supported 13
hardware forwarding 9
IGMP snooping and 5, 4
overview 1
routing protocols 2
software forwarding 9
See also Auto-RP; IGMP; PIM; RP; RPF
IP multicast routing
enabling 14
monitoring and maintaining 23
IP multicast traffic, load splitting 22
ip multicast-routing command 14
IP phones
configuring voice ports 3
See Cisco IP Phones 1
ip pim command 15
ip pim dense-mode command 15
ip pim sparse-dense-mode command 16, 17
ip policy route-map command 9, 11, 14, 15
IP Port Security for Static Hosts
on a Layer 2 access port 25
on a PVLAN host port 28
overview 24
ip redirects command 13
IP routing tables
deleting entries 28
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 1
IP SLAs
benefits 2
CFM endpoint discovery 21
configuration guidelines 7
Control Protocol 4
default configuration 6
definition 1
ICMP echo operation 11
manually configuring CFM ping or jitter 19
measuring network performance 3
multioperations scheduling 5
operation 3
reachability tracking 10
responder
described 4
enabling 7
response time 4
scheduling 5
SNMP support 2
supported metrics 2
threshold monitoring 6
track state 10
UDP jitter operation 8
IP Source Guard
configuring 20
configuring on private VLANs 22
displaying 22, 23
overview 23
IP statistics
displaying 8
IP traceroute
executing 9
overview 8
IP unicast
displaying statistics 8
IP Unnumbered support
configuring on a range of Ethernet VLANs 5
configuring on LAN and VLAN interfaces 4
configuring with connected host polling 6
DHCP Option 82 2
displaying settings 7
format of agent remote ID suboptions 2
troubleshooting 8
with conected host polling 3
with DHCP server and Relay agent 2
ip unreachables command 12
IPsec VPN, introduction 40
IPv4, IPv6, and MAC ACLs, configuring on a Layer 2 interface 33
IPv6
addresses 2
default configuration 8
defined 20, 1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 6
Router ID 7
OSPF 6
IPv6 control traffic, policing 20
IPv6 First Hop Security, introduction 38
IPX
redistribution of route information with EIGRP 18
is 23
IS-IS, introduction 18
ISL
trunking with 802.1Q tunneling 4
isolated port 4
isolated VLANs 2, 3, 4
ISSU
compatibility matrix 63, 14
compatiblity verification using Cisco Feature Navigator 64, 15
NSF overview 3, 4
perform the process
aborting a software upgrade 79, 34, 36
configuring the rollback timer as a safeguard 81, 35, 37
displaying a compatibility matrix 82, 36, 40, 39
loading the new software on the new standby 72, 27, 28
stopping the rollback timer 72, 26, 27
switching to the standby 70, 24, 25
verify the ISSU state 67, 20, 21
verify the redundancy mode 65, 19
verify the software installation 65, 18, 19
vload the new software on standby 68, 21
prerequisites 58, 1, 2
process overview 6, 7
restrictions 58, 1, 2
SNMP support 15
SSO overview 3, 4
versioning capability in software to support 13
IST
and MST regions 22
description 22
master 27
ITU-T Y.1731
See Y.1731
J
jumbo frames
and ethernet ports 36
configuring MTU sizes for 37
ports and linecards that support 34
understanding MTUs 35
understanding support 35
VLAN interfaces 36
K
keyboard shortcuts 3
L
l2protocol-tunnel command 17, 19
labels, definition 3
LACP
system ID 5
Layer 2 access ports 7
Layer 2 Control Packet QoS
and CoPP configuration example 18
default configuation 15
disabling 17
enabvling 15
guideline and restrictions 20
understanding 15
Layer 2 frames
classification with CoS 2
Layer 2 interface
applying ACLs 35
configuring access-mode mode on 35
configuring IPv4, IPv6, and MAC ACLs 33
displaying an ACL configuration 36
Layer 2 interface type
resetting 24
setting 24
Layer 2 interfaces
assigning VLANs 7
configuring 5
configuring as PVLAN host ports 18
configuring as PVLAN promiscuous ports 17
configuring as PVLAN trunk ports 19
defaults 4
disabling configuration 8
modes 3
show interfaces command 6
Layer 2 protocol tunneling
default configuration 16
guidelines 16
Layer 2 switching
overview 1
Layer 2 Traceroute
and ARP 10
and CDP 10
host-to-host paths 10
IP addresses and subnets 10
MAC addresses and VLANs 10
multicast traffic 10
multiple devices on a port 10
unicast traffic 43, 9
usage guidelines 10
Layer 2 trunks
configuring 5
overview 3
Layer 3 interface counters,configuring 11
Layer 3 interface counters,understanding 3
Layer 3 interface, applying IPv6 ACLs 20
Layer 3 interfaces
changing from Layer 2 mode 15
configuration guidelines 5
configuring VLANs as interfaces 8
overview 1
counters 3
logical 2
physical 2
SVI autostate exclude 3
Layer 3 packets
classification methods 2
Layer 4 port operations
configuration guidelines 12
restrictions 11
Leave timer, enabling 9
licenses, managing with PRTU 14
limitations on using a TwinGig Convertor 13
Link Aggregation Control Protocol, introduction 7
link and trunk status events
configuring interface 46
link integrity, verifying with REP 4
Link Layer Discovery Protocol
See CDP
link monitoring, Ethernet OAM 34, 38
link status, displaying UDLD 9
link-state tracking
configuration guidelines 26
default configuration 26
described 23
displaying status 27
generic configuration procedure 26
listening state (STP)
RSTP comparisons (table) 24
LLDP
configuring 4
characteristics 5
default configuration 5
disabling and enabling
globally 6
on an interface 7
monitoring and maintaining 14
overview 1
transmission timer and holdtime, setting 5
LLDP Media Endpoint Discovery
See LLDP-MED
LLDP-MED
configuring
procedures 4
TLVs 9, 11
monitoring and maintaining 14
overview 1
supported TLVs 2
load balancing
configuring for CEF 7
configuring for EtherChannel 18
overview 6
per-destination 7
load splitting IP multicast traffic 22
Location Service
overview 1
location service
configuring 12
understanding 3
location TLV 3, 9
logging, EPM 127
Logical Layer 3 interfaces
configuring 6
logical layer 3 VLAN interfaces 2
login authentication
with RADIUS 105
with TACACS+ 19
login banners 24
login timer
changing 6
logoutwarning command 6
loop guard
and MST 23
configuring 5
overview 3
M
MAC address learning, disabling on a VLAN 39
confuguring 39
deployment scenarios 40
feature compatibility 42
feature incompatibility 43
feature inompatibility 43
usage guidelines 40
MAC address table
displaying 44
MAC addresses
aging time 30
allocating 6
and VLAN association 29
building tables 28, 2
convert dynamic to sticky secure 5
default configuration 30
disabling learning on a VLAN 39
discovering 44
displaying 3
displaying in DHCP snooping binding table 19
dynamic
learning 29
removing 31
in ACLs 16
static
adding 37
allowing 38
characteristics of 36
dropping 38
removing 37
sticky 4
sticky secure, adding 5
MAC address-table move update
configuration guidelines 9
configuring 10
monitoring 12
MAC Authentication Bypass
configure with 802.1X 60
MAC details, displaying 126
MAC extended access lists 16
MAC/PHY configuration status TLV 2
macl 17
macros
See Auto SmartPorts macros
See Auto Smartports macros
See Smartports macros
MACSec
802.1AE Tagging 20
MACsec 2
configuring on an interface 8, 15
defined 1, 2
switch-to-switch security 1
MACsec Key Agreement Protocol
See MKA
main-cpu command 8, 7
management address TLV 2
management options
SNMP 1
Management Port, Ethernet 5
managing software licenses, using PRTU 14
manual preemption, REP, configuring 13
marking
hardware capabilities 23, 57
marking action drivers 21, 55
marking network traffic 18, 52
marking support, multi-attribute 22, 56
match ip address command 8, 10, 12, 13
maximum aging time (STP)
configuring 18
MDA
configuration guidelines 22–??
described 22
MEC
configuration 48
described 13
failure 14
Media Access Control Security
See MACsec
member switch
managing 13
member switch, cluster
defined 2
members
automatic discovery 7
meminfo command 6
messages, Ethernet OAM 34
messages, to users through banners 24
Metadata 2
Metro features
Y.1731 (AIS and RDI), introduction 13
metro tags 2
MFIB
CEF 6
overview 12
MFIB, IP
displaying 26
MIBs
compiling 4
downloading 2, 3
overview 1
related information 3
SNMP interaction with 4
MKA
configuring policies 7
defined 2
policies 3
replay protection 3
statistics 6
virtual ports 4
MLD Done messages and Immediate-leave 4
MLD messages 2
MLD queries 3
MLD reports 4
MLD Snooping
MLD Done messages and Immediate-leave 4
MLD messages 2
MLD queries 3
MLD reports 4
Multicast client aging robustness 3
Multicast router discovery 3
overview 1
Mode of capturing control packets, selecting 7
modules
checking status 1
powering down 22
monitoring
802.1Q tunneling 23
ACL information 39
Ethernet CFM 32, 33
Ethernet OAM 49
Ethernet OAM protocol 49
Flex Links 12
IGMP
snooping 10
IGMP filters 34
IGMP snooping 14
Layer 2 protocol tunneling 23
MAC address-table move update 12
multicast router interfaces 11
multi-VRF CE 14, 21
MVR 29
object tracking 13
REP 14
traffic flowing among switches 1
tunneling 23
VLAN filters 28
VLAN maps 28
monitoring and troubleshooting
BFD 17
Monitoring AVC with DNS-AS 20
M-record 23
MST
and multiple spanning trees 8, 22
boundary ports 27
BPDUs 23
configuration parameters 26
configuring 28
displaying configurations 32
edge ports 27
enabling 29
hop count 28
instances
configuring parameters 31
description 23
number supported 26
interoperability with PVST+ 23
link type 28
master 27
message age 28
regions 26
restrictions 28
to-SST interoperability 24
MSTP
EtherChannel guard
enabling 6
M-record 23
M-tree 23
MST-to-PVST+ Interoperability (PVST+ simulation) 35
MST-to-PVST+ Interoperability guidelines 35
M-tree 23
MTU size
configuring 37, 38, 46, 47
default 4
MTUS
understanding 35
Multi-authentication
described 22
multiauthentication mode 8
multicast
See IP multicast
Multicast client aging robustness 3
multicast Ethernet loopback (ETH-LB) 29
multicast Ethernet loopback, using 31
Multicast Forwarding Information Base (MFIB) 12
multicast groups
static joins 7
Multicast HA 13
Multicast implementation
HA 13
MFIB 12
S/M, 224/4 13
multicast packets
blocking 2
Multicast router discovery 3
multicast router interfaces, displaying 17
multicast router interfaces, monitoring 11
multicast router ports, adding 7
multicast router table
displaying 24
multicast routers
flood suppression 12
Multicast Storm Control
enabling 4
disabling 6
multicast television application, using MVR 21
Multicast VLAN Registration
See MVR
multichassis EtherChannel
see MEC 13
multidomain authentication
See MDA
multidomain authentication mode 7
multioperations scheduling, IP SLAs 5
Multiple AuthorizationAuthentication
configuring 34
Multiple Domain Authentication 34
multiple forwarding paths 8, 22
Multiple Spanning Tree
See MST
multiple VPN routing/forwarding
See multi-VRF CE
multiple-hosts mode 7
multi-VRF CE
components 3
configuration example 17
defined 1
displaying 14, 21
monitoring 14, 21
network components 3
packet-forwarding process 3
MVR
configuration guidelines and limitations 23
configuring global parameters 24
configuring on a trunk port 27
configuring on access ports 26
default configuration 23
displaying information 29
in a multicast television application 21
monitoring 29
setting global parameters 24
N
NAC Layer 2 802.1X authentication, intro 40
NAC Layer 2 IP validation, intro 40
named IPv6 ACLs, configuring
ACLs
configuring named IPv6 ACLs 18
named MAC extended ACLs
ACLs
configuring named MAC extended 16, 17
native VLAN
and 802.1Q tunneling 3
specifying 5
NDAC 20
defined 20
MACsec 1
NEAT
configuring 88
overview 24
neighbor offset numbers, REP 5
NetFlow packet sampling
about 1
NetFlow-lite
clear commands 9
display commands 8
Network Assistant
and VTY 12
configure
enable communication with switch 13, 17
default configuration 2
overview of CLI commands 3
Network Device Admission Control (NDAC) 20
Network Edge Access Topology
See NEAT
network fault tolerance 8, 22
network management
configuring 1
RMON 1
SNMP 1
network performance, measuring with IP SLAs 3
network policy TLV 2, 9
Network Time Protocol
See NTP
network traffic, marking 18, 52
New Software Features in Release 7.7
TDR 3
Next Hop Resolution Protocol
See NHRP
NHRP
support 18
non-fiber-optics interfaces
disabling UDLD 7
non-IP traffic filtering 16, 17
non-RPF traffic
description 10
in redundant configurations (figure) 11
Nonstop Forwarding
See NSF
nonvolatile random-access memory
See NVRAM
normal-range VLANs
See VLANs
NSF
defined 1
guidelines and restrictions 9
operation 4
NSF with SSO supervisor engine redundancy
and CEF 5
overview 3
SSO operation 4
NSF-aware
supervisor engines 3
support 2
NSF-capable
supervisor engines 3
support 2
NTP
associations
authenticating 4
defined 2
enabling broadcast messages 7
peer 6
server 6
default configuration 4
displaying the configuration 11
overview 2
restricting access
creating an access group 9
disabling NTP services per interface 10
source IP address, configuring 10
stratum 2
synchronizing devices 6
time
services 2
synchronizing 2
ntroduction
PPPoE Intermediate Agent 41
Storm Control 42
uRPF Strict Mode 42
NVRAM
saving settings 10
O
OAM
client 34
features 34
sublayer 34
OAM manager
configuring 52
with CFM and Ethernet OAM 51
OAM PDUs 35
OAM protocol data units 33
OBFL, displaying for the 9000W AC 4
object tracking
monitoring 13
OIR
overview 41
on-demaind online diagnostics 2
online diagnostic
troubleshooting 8
Online Diagnostics 1
online diagnostics
configuring on-demaind 2
data path, displaying test results 7
displaying tests and test results 4
linecard 8
scheduling 2
starting and stopping tests 3
online insertion and removal
See OIR
Open Shortest Path First
See OSPF
operating system images
See system images
Option 82
enabling DHCP Snooping 10
OSPF
area concept 19
description 19
for IPv6 6
OSPF for Routed Access, introduction 21
OSPF, introduction 19
P
packet type filtering
overview 14
SPAN enhancement 14
packets
modifying 9
PACL
using with access-group mode 34
PACL configuration guidelines 32
PACL with VLAN maps and router ACLs 36
PAgP
understanding 4
PAgP, dual-active detection 23
passwords
configuring enable password 14
configuring enable secret password 14
encrypting 22
in clusters 8
recovering lost enable password 25
setting line password 14
PBR (policy-based routing)
configuration (example) 16
enabling 7, 10
features 2
overview 1
route maps 2
route-map processing logic 3
when to use 6
PE to CE routing, configuring 9
percentage thresholds in tracked lists 7
Permanent Right-To_Use 14
per-port and VLAN Access Control List 19
per-port per-VLAN QoS
enabling 36, 70
overview 10
Per-User ACL and Filter-ID ACL, configure 45
Per-VLAN Rapid Spanning Tree 6
enabling 20
overview 6
physical layer 3 interfaces 2
Physical Layer 3 interfaces, configuring 12
PIM
configuring dense mode 15
configuring sparse mode 15
displaying information 24
displaying statistics 28
enabling sparse-dense mode 15, 16
overview 3
PIM on an interface, enabling 15
PIM-DM 3
PIM-SM 3
PIM-SSM mapping, enabling 17
ping
executing 8
overview 7
ping command 8, 24
PoE 7, 8
configuring power consumption for single device 5, 16
configuring power consumption, powered devices 5
displaying operational status for an interface 6
Enhanced PoE support on E-series 15
policing and monitoring 12
power consumption for powered devices
Intelligent Power Management 4
power management modes 2
powering down a module 22
PoE policing
configuring errdisable recovery 14
configuring on an interface 13
displaying on an interface 14
power modes 12
point-to-point
in 802.1X authentication (figure) 3
policing
how to implement 18, 52
See QoS policing
policing IPv6 control traffic 20
policing, PoE 12
policy associations, QoS on Sup 6-E 39, 73
policy map marking action, configuring 23, 57
policy-map command 16, 51
port ACLs
and voice VLAN 5
defined 3
Port Aggregation Protocol
see PAgP
port cost (STP)
configuring 15
port description TLV 2
port numbering with TwinGig Convertors 13
port priority
configuring MST instances 31
configuring STP 13
port security
aging 5
configuring 7
displaying 28
guidelines and restrictions 33
on access ports 7, 22
on private VLAN 14
host 14
promiscuous 16
topology 15, 18, 32
on trunk port 17
guidelines and restrictions 15, 18, 32
port mode changes 22
on voice ports 22
sticky learning 5
using with 802.1X 18
violations 6
with 802.1X Authentication 32
with DHCP and IP Source Guard 31
with other features 33
port states
description 5
port VLAN ID TLV 2
port-based authentication
802.1X with voice VLAN 21
Authentication Failed VLAN assignment 16
authentication server
defined 2
changing the quiet period 84
client, defined 3, 2
configuration guidelines 28, 6
configure ACL assignments and redirect URLs 38
configure switch-to-RADIUS server communication 32
configure with Authentication Failed 71
configure with Critical Authentication 62
configure with Guest-VLANs 57
configure with MAC Authentication Bypass 60
configure with VLAN User Distribution 68
configure with Voice VLAN 73
configuring
Multiple Domain Authentication and Multiple Authorization 34
RADIUS server 10
RADIUS server parameters on the switch 9
configuring Fallback Authentication 77
configuring Guest-VLAN 32
configuring manual re-authentication of a client 94
configuring with Unidirectional Controlled Port 66
controlling authorization state 5
default configuration 27, 6
described 1
device roles 2
displaying statistics 123, 14
enabling 29
802.1X authentication 9
enabling multiple hosts 83
enabling periodic re-authentication 81
encapsulation 3
host mode 6
how 802.1X fails on a port 25
initiation and message exchange 4
method lists 29
modes 6
multidomain authentication 22
multiple-hosts mode, described 7
port security
multiple-hosts mode 7
ports not supported 4
pre-authentication open access 8
resetting to default values 95
setting retransmission number 86
setting retransmission time 85
switch
as proxy 2
switch supplicant
configuring 88
overview 24
topologies, supported 26
using with ACL assignments and redirect URLs 19
using with port security 18
voice aware 802.1x security
configuring 74
described 21, 74
with Critical Authentication 14
with Guest VLANs 10
with MAC Authentication Bypass 11
with Unidirectional Controlled Port 15
with VLAN assignment 9
with VLAN User Distribution 15
port-channel
see EtherChannel
port-channel interfaces
See also EtherChannel
creating 48, 8
overview 2
port-channel load-balance
command 14, 16
command example 16
port-channel load-balance command 19
PortFast
and MST 23
configuring or enabling 23
overview 7
PortFast BPDU filtering
and MST 23
overview 16
PortFast Edge BPDU Filtering 17
ports
blocking 1
checking status 2
dynamic VLAN membership
example 28
reconfirming 25, 26
forwarding, resuming 3
REP 6
See also interfaces
power
inline 5
power dc input command 21
power handling for Supervisor Engine II-TS 12
power inline command 3
power inline consumption command 5
power management
Catalyst 4500 series 7
Catalyst 4500 Switch power supplies 14
Catalyst 4948 series 23
configuring combined mode 13
configuring redundant mode 12
overview 1
redundancy 7
power management for Catalyst 4500 Switch
combined mode 9
redundant mode 9
power management limitations in Catalyst 4500 Switch 10
power management mode
selecting 10
power management TLV 2, 3, 9
power negotiation
through LLDP 11
power policing, displaying on an interface 14
power redundancy-mode command 13
power supplies
available power for Catalyst 4500 Switch 14
fixed 8
variable 8, 23
powered devices, configuring power consumption 5
Power-On-Self-Test diagnostics 10, 20
Power-On-Self-Test for Supervisor Engine V-10GE 13
pre-authentication open access 8
pre-authentication open access. See port-based authentication.
preempt delay time, REP 5
primary edge port, REP 4
primary VLANs 2, 4
associating with secondary VLANs 16
configuring as a PVLAN 15
priority
overriding CoS of incoming frames 4
priority queuing, QoS on Sup 6-E 30, 64
private VLAN
configure port security 14, 15
enabling DHCP Snooping 12
private VLANs
across multiple switches 5
and SVIs 10
benefits of 2
community ports 3
community VLANs 2, 3
default configuration 12
end station access to 3
isolated port 4
isolated VLANs 2, 3, 4
ports
community 3
isolated 4
promiscuous 4
primary VLANs 2, 4
promiscuous ports 4
secondary VLANs 2
subdomains 2
traffic in 9
privileged EXEC mode 5
privileges
changing default 23
configuring levels 23
exiting 24
logging in 24
promiscuous ports
configuring PVLAN 17
defined 4
setting mode 24
protocol timers 4
provider edge devices 2
PRTU, managing software licenses 14
pruning, VTP
See VTP pruning
pseudobridges
description 25
PVACL 19
PVID (port VLAN ID)
and 802.1X with voice VLAN ports 21
PVLAN promiscuous trunk port
configuring 11, 17, 21
PVLANs
802.1q support 14
across multiple switches 5
configuration guidelines 12
configure port security 14, 16, 18
configure port security in a wireless setting 32
configuring 11
configuring a VLAN 15
configuring promiscuous ports 17
host ports
configuring a Layer 2 interface 18
setting 24
overview 1
permitting routing, example 23
promiscuous mode
setting 24
setting
interface mode 24
PVST+ simulation 36
Q
QoS
classification 6–??
definitions 3
enabling per-port per-VLAN 36, 70
overview 1
overview of per-port per-VLAN 10
packet modification 9
traffic shaping 9
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length 9
QoS labels
definition 3
QoS marking
description 5
QoS on Sup 6-E
Active Queue management via DBL 34, 68
active queue management via DBL 27, 34, 61, 68
classification 16, 50
configuring 13, 47
configuring CoS mutation 45, 79
configuring the policy map marking action 23, 57
hardware capabilities for marking 23, 57
how to implement policing 18, 52
marking action drivers 21, 55
marking network traffic 18, 52
MQC-based QoS configuration 13, 48
multi-attribute marking support 22, 56
platform hardware capabilities 15, 49
platform restrictions 18, 52
platform-supported classification criteria and QoS features 13, 14, 48
policing 17, 51
policy associations 39, 73
prerequisites for applying a service policy 15, 49
priority queuing 30, 64
queue-limiting 31, 65
restrictions for applying a service policy 15, 50
shaping 25, 59
sharing(bandwidth) 27, 61
sharing(blandwidth), shapring, and priority queuing 25, 59
software QoS 40, 74
traffic marking procedure flowchart 21, 55
QoS policing
definition 5
described 8
QoS policy
attaching to interfaces 8
QoS service policy
prerequisites 15, 49
restrictions for applying 15, 50
QoS transmit queues
burst 9
maximum rate 9
sharing link bandwidth 9
quad-supervisor
uplink forwarding 6
Quality of service
See QoS
queueing 8
queue-limiting, QoS on Sup 6-E 31, 65
R
RA Guard
configuring 51
deployment 50
examples 51
introduction 49
usage guidelines 52
RADIUS
attributes
vendor-proprietary 112
vendor-specific 111
change of authorization 97
configuring
accounting 110
authentication 105
authorization 109
communication, global 103, 110
communication, per-server 103
multiple UDP ports 103
default configuration 102
defining AAA server groups 107
displaying the configuration 115
identifying the server 103
limiting the services to the user 109
method list, defined 102
operation of 97
server load balancing 115
suggested network environments 96
tracking services accessed by user 110
understanding 96
RADIUS Change of Authorization 97
RADIUS server
configure to-Switch communication 32
configuring settings 34
parameters on the switch 32
RADIUS, controlling switch access with 95
range command 4
range macros
defining 10
ranges of interfaces
configuring 4
Rapid Spanning Tree
See RSTP
rcommand command 13
reachability, tracking IP SLAs IP host 10
re-authentication of a client
configuring manual 94
enabling periodic 81
redirect URLs, port-based authentication 19
reduced MAC address 2
redundancy
configuring 7
guidelines and restrictions 5
changes made through SNMP 11
NSF-aware support 2
NSF-capable support 2
overview 2
redundancy command 8, 7
understanding synchronization 4
redundancy (NSF) 1
configuring
BGP 11
CEF 11
EIGRP 16
IS-IS 14
OSPF 13
routing protocols 5
redundancy (RPR)
route processor redundancy 2
synchronization 4, 5
redundancy (SSO)
redundancy command 10
route processor redundancy 3
synchronization 5
reload command 29
Remote Authentication Dial-In User Service
See RADIUS
remote failure indications 34
remote loopback, Ethernet OAM 34, 37
Remote Network Monitoring
See RMON
rendezvous point, configuring 17
rendezvous point, configuring single static 21
REP
administrative VLAN 8
administrative VLAN, configuring 9
and STP 6
configuration guidelines 7
configuring interfaces 10
convergence 4
default configuration 7
manual preemption, configuring 13
monitoring 14
neighbor offset numbers 5
open segment 2
ports 6
preempt delay time 5
primary edge port 4
ring segment 2
secondary edge port 4
segments 1
characteristics 2
SNMP traps, configuring 14
supported interfaces 1
triggering VLAN load balancing 6
verifying link integrity 4
VLAN blocking 13
VLAN load balancing 4
replication
description 9
report suppression, IGMP
disabling 10
reserved-range VLANs
See VLANs
reset command 3
resetting a switch to defaults 34
resetting an interface to default configuration 48
Resilient Ethernet ProtocolLSee REP
responder, IP SLAs
described 4
enabling 7
response time, measuring with IP SLAs 4
restricting access
NTP services 8
RADIUS 95
TACACS+ 15
Restrictions and Guidelines for Configuring AVC with DNS-AS 6
retransmission number
setting in 802.1X authentication 86
retransmission time
changing in 802.1X authentication 85
RFC
1157, SNMPv1 2
1305, NTP 2
1757, RMON 2
1901, SNMPv2C 2
1902 to 1907, SNMPv2 2
2273-2275, SNMPv3 2
RFC 5176 Compliance 98
RIP
description 19
for IPv6 6
RIP, introduction 19
RMON
default configuration 3
displaying status 6
enabling alarms and events 3
groups supported 2
overview 1
ROM monitor
boot process and 26
CLI 7
commands 2–3
debug commands 5–6
entering 1
exiting 6
overview 1
root bridge
configuring 9
selecting in MST 22
root guard
and MST 23
enabling 2
overview 2
route maps
defining 8, 10, 12
PBR 2
route targets
VPN 3
routed packets
ACLs 30
route-map (IP) command 8, 10, 12
router ACLs
description 41, 3
using with VLAN maps 29
router ACLs, using PACL with VLAN maps 36
Routing Information Protocol
See RIP
RPF
See Unicast RPF
RSPAN
configuration guidelines 16
destination ports 5
IDS 2
monitored ports 4
monitoring ports 5
received traffic 3
sessions
creating 17
defined 3
limiting source traffic to specific VLANs 23
monitoring VLANs 21
removing source (monitored) ports 20
specifying monitored ports 17
source ports 4
transmitted traffic 4
VLAN-based 5
RSTP
compatibility 23
description 22
port roles 24
port states 24
S
S/M, 224/4 13
SAID
See 802.10 SAID
SAP
defined 20
negotiation 20
support 1
scheduling 8
scheduling, IP SLAs operations 5
secondary edge port, REP 4
secondary root switch 12
secondary VLANs 2
associating with primary 16
permitting routing 23
security
configuring 1
Security Association Identifier
See 802.10 SAID
Security Exchange Protocol
See SAP
selecting a power management mode 10
selecting X2/TwinGig Convertor Mode 14
sequence numbers in log messages 7
server IDs
description 23
service policy, configure class-level queue-limit 31, 65
service-policy input command 2
service-provider networks
and customer VLANs 2
session keys, MKA 2
set default interface command 9, 11
set interface command 8, 10
set ip default next-hop command 9, 11
set ip next-hop command 8, 10, 16
set-request operation 4
severity levels, defining in system messages 8
shaping, QoS on Sup 6-E 25, 59
sharing(bandwidth), QoS on Sup 6-E 27, 61
Shell functions
See Auto SmartPorts macros
See Auto Smartports macros
Shell triggers
See Auto SmartPorts macros
See Auto Smartports macros
show adjacency command 10
show boot command 33
show catalyst4000 chassis-mac-address command 3
show cdp command 2, 3
show cdp entry command 3
show cdp interface command 3
show cdp neighbors command 3
show cdp traffic command 3
show ciscoview package command 48
show ciscoview version command 48
show cluster members command 13
show configuration command 32
show debugging command 3
show environment command 2
show history command 4
show interfaces command 37, 38, 44, 46, 47
show interfaces status command 2
show ip cef command 8
show ip eigrp interfaces command 20
show ip eigrp neighbors command 20
show ip eigrp topology command 20
show ip eigrp traffic command 20
show ip interface command 24
show ip local policy command 12
show ip mroute command 24
show ip pim interface command 24
show l2protocol command 18
show lldp traffic command 15
show mac-address-table address command 3
show mac-address-table interface command 3
show mls entry command 8
show module command 1, 6
show PoE consumed 8
show power inline command 6
show power supplies command 13
show protocols command 44
show running-config command
adding description for an interface 32
checking your settings 9
displaying ACLs 23, 25, 34, 35
show startup-config command 10
show users command 6
show version command 30
shutdown threshold for Layer 2 protocol packets 16
shutdown, command 45
shutting down
interfaces 45
Simple Network Management Protocol
See SNMP
single spanning tree
See SST
single static RP, configuring 21
single-host mode 7
slot numbers, description 2
Slow timer, configuring BFD 16
smart call home 1
description 2
destination profile (note) 5
registration requirements 3
service contract requirements 3
Transport Gateway (TG) aggregation point 2
SMARTnet
smart call home registration 3
Smartports macros
applying global parameter values 8, 14
applying macros 8
applying parameter values 8
configuration guidelines 6, 13
configuring 2
creating 7
default configuration 3, 13
defined 10, 1
displaying 12
tracing 6, 13
SNMP
accessing MIB variables with 4
agent
described 4
disabling 7
and IP SLAs 2
authentication level 10
community strings
configuring 7
overview 4
configuration examples 15
configuration guidelines 6
default configuration 5
enabling 4
engine ID 6
groups 6, 9
host 6
informs
and trap keyword 11
described 5
differences from traps 5
enabling 14
limiting access by TFTP servers 15
limiting system log messages to NMS 9
manager functions 3
notifications 5
overview 1, 4
status, displaying 16
system contact and location 14
trap manager, configuring 13
traps
described 3, 5
differences from informs 5
enabling 11
enabling MAC address notification 31
enabling MAC move notification 33
enabling MAC threshold notification 35
overview 1, 4
types of 11
users 6, 9
versions supported 2
SNMP commands 4
SNMP traps
REP 14
SNMPv1 2
SNMPv2C 2
SNMPv3 2
software
upgrading 13, 12
software configuration register 26
software QoS, on Sup 6-E 40, 74
software switching
description 5
interfaces 6
key data structures used 8
source group tag 4, 10
source IDs
call home event format 22
SPAN
and ACLs 5
configuration guidelines 7
configuring 7–10
destination ports 5
IDS 2
monitored port, defined 4
monitoring port, defined 5
received traffic 3
sessions
defined 3
source ports 4
transmitted traffic 4
VLAN-based 5
SPAN and RSPAN
concepts and terminology 3
default configuration 6
displaying status 24
overview 1
session limits 6
SPAN enhancements
access list filtering 13
configuration example 15
CPU port sniffing 10
encapsulation configuration 12
ingress packets 12
packet type filtering 14
spanning-tree backbonefast command 24
spanning-tree cost command 15
spanning-tree guard root command 2
spanning-tree port-priority command 13
spanning-tree uplinkfast command 20
spanning-tree vlan
command 9
command example 9
spanning-tree vlan command 8
spanning-tree vlan cost command 16
spanning-tree vlan forward-time command 19
spanning-tree vlan hello-time command 18
spanning-tree vlan max-age command 18
spanning-tree vlan port-priority command 13
spanning-tree vlan priority command 17
spanning-tree vlan root primary command 10
spanning-tree vlan root secondary command 12
speed
configuring interface 27
speed command 28, 29
SSO
configuring 10
SSO operation 4
SST
description 22
interoperability 24
static ACL, removing the requirement 32
static addresses
See addresses
static routes
configuring 11
verifying 12
statistics
802.1X 14
displaying 802.1X 123
displaying PIM 28
LLDP 14
LLDP-MED 14
MKA 6
SNMP input and output 16
sticky learning
configuration file 5
defined 5
disabling 5
enabling 5
saving addresses 5
sticky MAC addresses
configuring 7
defined 4
storing captured packets to a.pcap file, Wireshark 8
Storm Control
displaying 6
enabling Broadcast 2
enabling Multicast 4
hardware-based, implementing 1
overview 1
software-based, implementing 2
STP
and REP 6
bridge ID 2
configuring 7–20
creating topology 5
defaults 7
disabling 20
enabling 8
enabling extended system ID 9
enabling Per-VLAN Rapid Spanning Tree 20
EtherChannel guard
disabling 7
forward-delay time 19
hello time 17
Layer 2 protocol tunneling 13
maximum aging time 18
overview 1, 3
per-VLAN rapid spanning tree 6
port cost 15
port priority 13
root bridge 9
stratum, NTP 2
stub routing (EIGRP)
benefits 18
configuration tasks 18
configuring 14
overview 13, 14
restrictions 18
verifying 19
subdomains, private VLAN 2
summer time 13
supervisor engine
accessing the redundant 14
configuring 8–13
copying files to standby 14
default configuration 1
default gateways 11
environmental monitoring 1
redundancy 1
ROM monitor 26
startup configuration 25
static routes 11
synchronizing configurations 11, 10
Supervisor Engine 7L-E, selecting the uplink port 25
Supervisor Engine II-TS
insufficient inline power handling 22, 12
Smartports macros
See also Auto Smartports macros
SVI Autostate Exclude
understanding 3
SVI Autostate exclude
configuring 8
S-VLAN 2, 7
switch 2
switch access with RADIUS, controlling 95
switch ports
See access ports
switched packets
and ACLs 29
Switched Port Analyzer
See SPAN
switchport
show interfaces 37, 38, 46, 47
switchport access vlan command 5, 7
switchport block multicast command 2
switchport block unicast command 2
switchport mode access command 7
switchport mode dot1q-tunnel command 6
switchport mode dynamic command 5
switchport mode trunk command 5
switchport trunk allowed vlan command 5
switchport trunk encapsulation command 5
switchport trunk native vlan command 5
switchport trunk pruning vlan command 6
switch-to-RADIUS server communication
configuring 32
sysret command 5
system
reviewing configuration 10
settings at startup 28
system alarms
overview 6
system and network statistics, displaying 24
system capabilities TLV 2
system clock
configuring
daylight saving time 13
manually 11
summer time 13
time zones 12
displaying the time and date 12
overview 2
See also NTP
system description TLV 2
system images
loading from Flash memory 31
modifying boot field 28
specifying 31
system message logging
default configuration 3
defining error message severity levels 8
disabling 3
displaying the configuration 12
enabling 4
facility keywords, described 12
level keywords, described 8
limiting messages 9
message format 2
overview 1
sequence numbers, enabling and disabling 7
setting the display destination device 4
synchronizing log messages 5
timestamps, enabling and disabling 6
UNIX syslog servers
configuring the daemon 10
configuring the logging facility 11
facilities supported 12
system MTU
802.1Q tunneling 5
maximums 5
system name
manual configuration 22
See also DNS
system name TLV 2
system prompt, default setting 21
T
TACACS+ 1
accounting, defined 16
authentication, defined 16
authorization, defined 16
configuring
accounting 21
authentication key 18
authorization 21
login authentication 19
default configuration 18
displaying the configuration 22
identifying the server 18
limiting the services to the user 21
operation of 17
overview 15
tracking services accessed by user 21
tagged packets
802.1Q 3
Layer 2 protocol 13
TCAM programming and ACLs 7
for Sup II-Plust thru V-10GE 7
TCAM programming and ACLs for Sup 6-E 10
TDR
checking cable connectivity 3
enabling and disabling test 3
guidelines 3
Telnet
accessing CLI 2
disconnecting user sessions 7
executing 5
monitoring user sessions 6
telnet command 6
templates, Ethernet OAM 45
Terminal Access Controller Access Control System Plus
See TACACS+
TFTP
configuration files in base directory 5
configuring for autoconfiguration 4
limiting access by servers 15
TFTP download
See also console download
threshold monitoring, IP SLAs 6
time
See NTP and system clock
Time Domain Reflectometer
See TDR
time exceeded messages 9
time zones 12
timer
See login timer
timestamps in log messages 6
TLV
host presence detection 8
TLVs
defined 7, 2
LLDP-MED 2
Token Ring
media not supported (note) 5, 9
Topology change notification processing
MLD Snooping
Topology change notification processing 4
TOS
description 4
trace command 9
traceroute
See IP traceroute
See Layer 2 Traceroute
traceroute mac command 11
traceroute mac ip command 11
track state, tracking IP SLAs 10
tracked lists
configuring 3
types 3
tracked objects
by Boolean expression 5
by threshold percentage 7
by threshold weight 6
tracking interface line-protocol state 2
tracking IP routing state 2
tracking objects 2
tracking process 2
traffic
blocking flooded 2
traffic control
using ACLs (figure) 4
using VLAN maps (figure) 6
traffic marking procedure flowchart 21, 55
traffic shaping 9
translational bridge numbers (defaults) 5
traps
configuring MAC address notification 31
configuring MAC move notification 33
configuring MAC threshold notification 35
configuring managers 11
defined 3
enabling 31, 33, 35, 11
notification types 11
overview 1, 4
troubleshooting
with CiscoWorks 4
with system message logging 1
with traceroute 8
Troubleshooting AVC with DNS-AS 24
troubleshooting high CPU due to ACLs 7
trunk failover
See link-state tracking
trunk ports
configure port security 17
configuring PVLAN 19–21
trunks
802.1Q restrictions 4
configuring 5
configuring access VLANs 5
configuring allowed VLANs 5
default interface configuration 5
enabling to non-DTP device 3
specifying native VLAN 5
understanding 3
trustpoint 3
TTL 3
tunnel ports
802.1Q, configuring 5
described 2
incompatibilities with other features 5
tunneling
defined 1
TwinGig Convertors
limitations on using 13
port numbering 13
selecting X2/TwinGig Convertor mode 14
TXT DNS Resource Record 3
TXT record 3
type length value
See TLV
type of service
See TOS
U
UDLD
configuring probe message interval per-interface 8
default configuration 3
disabling on fiber-optic interfaces 7
disabling on non-fiber-optic interfaces 7
displaying link status 9
enabling globally 5
enabling per-interface 6
modes of operation 3
resetting disabled LAN interfaces 8
use case 2
UDLD, overview 1
UDP jitter operation, IP SLAs 8
UDP jitter, configuring 9
unauthorized ports with 802.1X 4
unicast
See IP unicast
unicast flood blocking
configuring 1
unicast MAC address filtering
and adding static addresses 38
and broadcast MAC addresses 37
and CPU packets 37
and multicast addresses 37
and router MAC addresses 37
configuration guidelines 37
described 37
unicast MAC address filtering, configuring
ACLs
configuring unicast MAC address filtering 16
Unicast RPF (Unicast Reverse Path Forwarding)
applying 5
BGP attributes
caution 4
CEF
requirement 2
tables 7
configuring 9
(examples) ??–12
BOOTP 8
DHCP 8
enterprise network (figure) 6
prerequisites 9
routing table requirements 7
tasks 9
verifying 10
deploying 5
description 22, 1
disabling 11
enterprise network (figure) 6
FIB 2
implementing 4
packets, dropping (figure) 4
prerequisites 9
restrictions
basic 8
routing asymmetry 7
routing asymmetry (figure) 8
routing table requirements 7
security policy
applying 5
attacks, mitigating 5
deploying 5
tunneling 5
source addresses, validating 3
(figure) 3, 4
failure 3
traffic filtering 5
tunneling 5
validation
failure 3, 4
packets, dropping 3
source addresses 3
verifying 10
unicast traffic
blocking 2
Unidirectional Controlled Port, configuring 802.1X 66
unidirectional ethernet
enabling 2
example of setting 2
overview 1
UniDirectional Link Detection Protocol
See UDLD
Universal PoE, configuring 16
UNIX syslog servers
daemon configuration 10
facilities supported 12
message logging configuration 11
uplink forwarding
quad-supervisor 6
uplink mode, selecting on supervisor engine 6-E 20
uplink port, selecting on a supervisor engine 7L-E 25
UplinkFast
and MST 23
enabling 23
MST and 23
overview 19
usage examples, Wireshark 18
user EXEC mode 5
user sessions
disconnecting 7
monitoring 6
user-defined event triggers
configuring, 802.1X-based 8
configuring, MAC address-based 9
User-defined triggers and built-in macros, configuring mapping 9
V
VACLs
Layer 4 port operations 10
virtual configuration register 3
virtual LANs
See VLANs
virtual ports, MKA 4
Virtual Router Redundancy Protocol, introduction 23
Virtual Switch System(VSS), displaying EtherChannel to 20
VLAN ACLs
See VLAN maps
VLAN blocking, REP 13
vlan command 6
vlan dot1q tag native command 4
VLAN ID
service provider 8
VLAN ID translation
See VLAN mapping
VLAN ID, discovering 44
VLAN load balancing
REP 4
VLAN load balancing on flex links 2
configuration guidelines 5
VLAN load balancing, triggering 6
VLAN Management Policy Server
See VMPS
VLAN mapping
1-to-1 7
1-to-1, configuring 10
configuration guidelines 9
configuring 10
configuring on a trunk port 10
default 9
described 2, 7
selective QinQ 8
selective Q-in-Q, configuring 12
traditional QinQ 8
traditional Q-in-Q, configuring 11
types of 7
VLAN maps
applying to a VLAN 25
configuration example 26
configuration guidelines 22
configuring 21
creating and deleting entries 22
defined 41
denying access example 27
denying packets 23
displaying 28
order of entries 22
permitting packets 23
router ACLs and 29
using (figure) 5
using in your network 25
VLAN maps, PACL and Router ACLs 36
VLAN Trunking Protocol
See VTP
VLAN trunks
overview 3
VLAN User Distribution, configuring 802.1X 68
VLANs
allowed on trunk 5
configuration guidelines 3
configuring 5
configuring as Layer 3 interfaces 8
customer numbering in service-provider networks 3
default configuration 4
description 11
extended range 3
IDs (default) 4
interface assignment 7
limiting source traffic with RSPAN 23
monitoring with RSPAN 21
name (default) 4
normal range 3
overview 1
reserved range 3
See also PVLANs
VMPS
configuration file example 31
configuring dynamic access ports on client 24
configuring retry interval 26
database configuration file 31
dynamic port membership
example 28
reconfirming 25, 26
reconfirming assignments 25
reconfirming membership interval 26
server overview 20
VMPS client
administering and monitoring 27
configure switch
configure reconfirmation interval 26
dynamic ports 24
entering IP VMPS address 24
reconfirm VLAM membership 25
reconfirmation interval 26
default configuration 23
dynamic VLAN membership overview 23
troubleshooting dynamic port VLAN membership 28
VMPS server
fall-back VLAN 22
illegal VMPS client requests 22
overview 20
security modes
multiple 22
open 21
secure 21
voice aware 802.1x security
port-based authentication
configuring 74
described 21, 74
voice interfaces
configuring 1
Voice over IP
configuring 1
voice ports
configuring VVID 3
voice traffic 2, 5
voice VLAN
IP phone data traffic, described 2
IP phone voice traffic, described 2
voice VLAN ports
using 802.1X 21
Voice VLAN, configure 802.1X 73
VPN
configuring routing in 8
forwarding 3
routes 2
routing and forwarding table
See VRF
VRF
defining 3
tables 1
VRF-aware services
ARP 6, 15, 17
configuring 5, 14
ftp 16
ping 15
tftp 16
traceroute 16
uRPF 15
VRF-lite
description 23
VSS
dual-active detection
displaying 54
Enhanced PAgP, advantages 23
enhanced PAgP, configuring 52
Enhanced PAgP, description 23
fast-hello, configuring 53
VTP
client, configuring 16
configuration guidelines 12
default configuration 13
disabling 16
Layer 2 protocol tunneling 13
monitoring 19
overview 7
pruning
configuring 15
See also VTP version 2
server, configuring 16
statistics 19
transparent mode, configuring 16
version 2
enabling 15
VTP advertisements
description 9
VTP domains
description 8
VTP modes 8
VTP pruning
overview 10
VTP versions 2 and 3
overview 9
See also VTP
VTY and Network Assistant 12
VVID (voice VLAN ID)
and 802.1X authentication 21
configuring 3
W
WCCP
configuration examples 9
configuring on a router 2, 13
features 3
restrictions 5
service groups 5
Web Cache Communication Protocol
See WCCP 1
web cache services
description 4
web caches
See cache engines
web caching
See web cache services
See also WCCP
web-based authentication
authentication proxy web pages 4
description 43, 13, 1
web-based authentication, interactions with other features 4
weight thresholds in tracked lists 6
wireless mode 29, 30
Wireshark
activating and deactivating, capture points, conceptual 10
attachment points 6
capture filter 7
capture points 6
core system filter 7
decoding and displaying packets 9
display filter 7
feature interactions 10
filters 6
storing captured packets to a.pcap filter 8
usage examples 18
Wireshark, about 5
Wireshark, activating and deactivating a capture point 14
Wireshark, defining/modifying/deleting a capture point 12
Wireshark, displaying information 14
WS-X46490-CSFP-E, support on a 10-slot chassis 21
X
X.509v3 Certificates for SSH Authentication
Overview 2
Y
Y.1731
default configuration 29
described 27
ETH-AIS
Ethernet Alarm Signal function (ETH-AIS)
28
ETH-RDI 28
multicast Ethernet loopback 31
multicast ETH-LB 29
terminology 27
Index
Security Exchange Protocol
See SXP
Symbols
“A” Record 3
Numerics
10/100 autonegotiation feature, forced 28
10-Gigabit Ethernet or Gigabit Ethernet ports
deploy on WS-X4606-10GE-E and Sup 6-E 13
10-Gigabit Ethernet port
deploy with Gigabit Ethernet SFP ports 12, 13
10-slot chassis, support for WS-X46490-CSFP-E 21
12-class Easy QoS Model 11
1400 W DC Power supply
special considerations 21
1400 W DC SP Triple Input power supply
special considerations 22
802.10 SAID (default) 4
802.1AE
standard 2
802.1Q
trunks 6
tunnel ports with other features 5
tunneling
compatibility with other features 5
defaults 3
described 2
802.1Q VLANs
trunk restrictions 4
802.1s
See MST
802.1w
See MST
802.1X
See port-based authentication
802.1X authentication
Authentication Failed VLAN assignment 16
for Critical Authentication 14
for guest VLANs 10
for MAC Authentication Bypass 11
for Unidirectional Controlled Port 15
VLAN User Distribution 15
web-based authentication 13
with port security 18
with VLAN assignment 9
with voice VLAN ports 21
802.1X Host Mode 6
multiauthentication mode 8
multidomain authentication mode 7
single-host 7
802.1x-REV 2
802.3ad
See LACP
9000W AC, displaying OBFL 4
A
AAA 1
AAA (authentication, authorization, and accounting). See also port-based authentication. 1
abbreviating commands 5
about Wireshark 5
access control entries
See ACEs
access control entries and lists 1
access list filtering, SPAN enhancement 13
access lists
using with WCCP 8
access ports
and Layer 2 protocol tunneling 15
configure port security 7, 22
configuring 7
access VLANs 5
access-group mode, configuring on Layer 2 interface 35
access-group mode, using PACL with 34
accounting
with RADIUS 110
with TACACS+ 16, 21
ACEs
ACLs 2
IP 41, 2
Layer 4 operation restrictions 11
ACEs and ACLs 1
ACL assignments and redirect URLs, configure 38
ACL assignments, port-based authentication 19
ACL configuration, displaying a Layer 2 interface 36
ACLs
ACEs 2
and SPAN 5
and TCAM programming for Sup 6-E 10
and TCAM programming for Sup II-Plus thru V-10GE 7
applying IPv6 ACLs to a Layer 3 interface 20
applying on routed packets 30
applying on switched packets 29
compatibility on the same switch 3
configuring with VLAN maps 29
CPU impact 13
downloadable 7
hardware and software support 6
IP, matching criteria for port ACLs 4
MAC extended 16
matching criteria for router ACLs 3
port
and voice VLAN 5
defined 3
processing 13
selecting mode of capturing control packets 7
troubleshooting high CPU 7
types supported 3
understanding 2
VLAN maps 5
ACLs and VLAN maps, examples 23
ACLs, applying to a Layer 2 interface 35
acronyms, list of 1
action drivers, marking 21, 55
activating and deactivating a capture point, Wireshark 14
activating and deactivating Wiresharkcapture points, conceptual, Wireshark 10
active queue management 9
active queue management via DBL, QoS on Sup 6-E 34, 68
active traffic monitoring, IP SLAs 1
adding members to a community 9
address resolution 44
addresses
displaying the MAC table 44
dynamic
changing the aging time 30
defined 28
learning 29
removing 31
IPv6 2
MAC, discovering 44
See MAC addresses
static
adding and removing 36
defined 28
adjacency tables
description 2
displaying statistics 10
administrative VLAN
REP, configuring 9
administrative VLAN per segment 9
administrative VLAN, REP 8
advertisements
LLDP 7, 2
advertisements, VTP
See VTP advertisements
aggregation switch, enabling DHCP snooping 9
aging time
MAC address table 30
All Auth manager sessions on the switch authorized for a specified authentication method 124
All Auth manager sessions, displaying summary 124
ANCP client
enabling and configuring 2
guidelines and restrictions 5
identify a port with DHCP option 82 4
identify a port with protocol 2
overview 1
ANCP protocol
identifying a port with 2
app-class and QoS Traffic Mapping 12
applying IPv6 ACLs to a Layer 3 interface 20
AQM via DBL, QoS on Sup 6-E 34, 68
archiving crashfiles information 8
ARP
defined 44
table
address resolution 44
managing 44
asymmetrical links, and 802.1Q tunneling 3
attachment points, Wireshark 6
attributes, RADIUS
vendor-proprietary 112
vendor-specific 111
Auth manager session for an interface, verifying 125
Auth manager summary, displaying 124
authentication
NTP associations 4
RADIUS
key 103
login 105
See also port-based authentication
TACACS+
defined 16
key 18
login 19
Authentication Failed, configuring 80.1X 71
Authentication methods registered with the Auth manager, determining 124
authentication open comand 8
authentication proxy web pages 4
authentication server
defined 3
RADIUS server 3
Authentication, Authorization, and Accounting (AAA) 1
Authoritative DNS server 3
authoritative time source, described 2
authorization
with RADIUS 109
with TACACS+ 16, 21
authorized and unauthorized ports 4
authorized ports with 802.1X 4
Auto Identity
Built-in Policies 4
Class Map Templates 4
Global Template 2
Interface Templates 3
Overview 2
Parameter Maps 5
Service Templates 5
Auto SmartPorts built-in macros
configuring parameters 6
Auto SmartPorts macros
built-in macros 4
configuration guidelines 5
default configuration 4
defined 1
displaying 13
enabling 3
IOS shell 2, 10
Auto Smartports macros
defined 2
Auto SmartPorts user-defined macros
configuring 10
autoconfiguration 2
automatic discovery
considerations 7
Auto-MDIX on a port
configuring 39
displaying the configuration 40
overview 39
autonegotiation feature
forced 10/100Mbps 28
auto-sync command 8, 7
Auto SmartPorts macros
See also SmartPorts macros
Auto Smartports macros
See also Smartports macros
AVC with DNS-AS 1
AVC with DNS-AS Process Flow 4
B
b command 3
b flash command 3
Baby Giants
interacting with 37
BackboneFast
adding a switch (figure) 3
and MST 23
configuring 23
link failure (figure) 22, 23
not supported MST 23
understanding 21
See also STP
banners
configuring
login 27
message-of-the-day login 24
default configuration 24
when displayed 24
BFD
and hardware support 7
configuration example
BFD in a BGP network 25
BFD in an EIGRP network with echo mode enabled by default 17
BFD in an OSPF network 22
support for static routing 27
configuring
Echo mode 15
session parameters on the interface 8
Slow timer 16
support for BGP 9
support for dynamic routing protocols 9
support for EIGRP 10
support for OSPF 11
support for static routing 13
disabling echo mode without asymmetry 16
monitoring and troubleshooting 17
neighbor relationships 3
operation 3
prerequisites 2
restrictions 2
BGP 17
routing session with multi-VRF CE 9
Binding table 3
blocking packets 1
blocking state (STP)
RSTP comparisons (table) 24
Boolean expressions in tracked lists 5
boot bootldr command 32
boot command 28
boot commands 3
boot fields
See configuration register boot fields
boot system command 26, 32
boot system flash command 28
bootstrap program
See ROM monitor
Border Gateway Protocol
See BGP
boundary ports
description 27
BPDU Guard
and MST 23
configuring 23
overview 15
BPDUs
and media speed 2
pseudobridges and 25
what they contain 3
Bridge Assurance 8, 11
bridge ID
See STP bridge ID
bridge priority (STP) 17
bridge protocol data units
See BPDUs
bridging loop 40
Broadcast Storm Control
disabling 5
enabling 2
Built-in macros and user-defined triggers, configuring mapping 9
C
cache engine clusters 1
cache engines 1
cache farms
See cache engine clusters
Call Home
description 24, 1
message format options 2
messages
format options 2
call home 1
alert groups 6
configuring e-mail options 9
contact information 4
default settings 18
destination profiles 5
displaying information 13
mail-server priority 10
pattern matching 8
periodic notification 8
rate limit messages 9
severity threshold 8
smart call home feature 2
SMTP server 9
testing communications 10
call home alert groups
configuring 6
description 6
subscribing 7
call home contacts
assigning information 4
call home destination profiles
attributes 5
configuring 5
description 5
displaying 16
call home notifications
full-txt format for syslog 25
XML format for syslog 28
candidate switch, cluster
defined 12
candidates
automatic discovery 7
capture filter, Wireshark 7
capture points, Wireshark 6
Capturing control packets
selecting mode 7
cautions
Unicast RPF
BGP optional attributes 4
cautions for passwords
encrypting 22
CDP
automatic discovery in communities 7
configuration 1
defined with LLDP 1
displaying configuration 3
enabling on interfaces 2
host presence detection 8
Layer 2 protocol tunneling 13
maintaining 3
monitoring 3
overview 2, 1
cdp enable command 2
CEF
adjacency tables 2
and NSF with SSO 5
configuring load balancing 7
displaying statistics 8
enabling 7, 2
hardware switching 4
load balancing 6
overview 1
software switching 4
certificate authority (CA) 3
CFM
and Ethernet OAM interaction 51
and Ethernet OAM, configuring 51
clearing 31
configuration guidelines 7, 4
configuring crosscheck for VLANs 11
configuring fault alarms 16
configuring port MEP 14
configuring static remote MEP 13, 16, 18
crosscheck 5
defined 2
EtherChannel support 7, 4
fault alarms
configuring 16
IP SLAs support for 6
IP SLAs with endpoint discovers 21
maintenance domain 3
manually configuring IP SLAs ping or jitter 19
measuring network performance 6
monitoring 32, 33
port MEP, configuring 14
remote MEPs 5
static RMEP check 5
static RMEP, configuring 13, 16, 18
Y.1731
described 27
CGMP
overview 1
Change of Authorization, RADIUS 97
channel-group group command 49, 9, 11
Cisco 7600 series Internet router
enabling SNMP 4
Cisco Discovery Protocol
See CDP
Cisco Express Forwarding
See CEF
Cisco Group Management Protocol
See CGMP
Cisco IOS IP SLAs 2
Cisco IOS NSF-aware
support 2
Cisco IOS NSF-capable support 2
Cisco IP Phones
configuring 2
sound quality 1
Cisco TrustSec
credentials 21
switch-to-switch security
802.1x mode 22
configuration example 24
manual mode 23
Cisco TrustSec Network Device Admission Control
See NDAC
CiscoWorks 2000 4
CIST
description 22
civic location 3
class level, configure in a service policy 31, 65
class of service
See CoS
clear cdp counters command 3
clear cdp table command 3
clear counters command 45
clear ip eigrp neighbors command 19
clearing
Ethernet CFM 31
IP multicast table entries 28
CLI
accessing 2
backing out one level 5
getting commands 5
history substitution 4
managing clusters 13
modes 5
monitoring environments 1
ROM monitor 7
software basics 4
client processes, tracking 1
clients
in 802.1X authentication 3
clock
See system clock
clustering switches
command switch characteristics
and VTY 12
convert to a community 10
managing
through CLI 13
overview 2
planning considerations
CLI 13
passwords 8
CoA Request Commands 100
command modes 5
command switch, cluster
requirements 11
command-line processing 3
commands
b 3
b flash 3
boot 3
confreg 3
dev 3
dir device 3
frame 5
i 3
listing 5
meminfo 6
reset 3
ROM monitor 2–3
ROM monitor debugging 5–6
SNMP 4
sysret 5
common and internal spanning tree
See CIST
common spanning tree
See CST
community of switches
access modes in Network Assistant 9
adding devices 9
communication protocols 8
community name 8
configuration information 9
converting from a cluster 10
host name 8
passwords 8
community ports 3
community strings
configuring 7
overview 4
community VLANs 2, 3
configure as a PVLAN 15
compiling MIBs 4
config terminal command 9
config-register command 29
configurable leave timer,IGMP 4
configuration examples
SNMP 15
configuration files
limiting TFTP server access 15
obtaining with DHCP 6
saving 10
system contact and location information 14
configuration guidelines
CFM 7, 4
Ethernet OAM 35
REP 7
SNMP 6
VLAN mapping 9
configuration register
boot fields
listing value 30
modifying 29
changing from ROM monitor 3
changing settings ??–29
configuring 26
settings at startup 28
configure class-level queue-limit in a service policy 31, 65
configure terminal command 2
Configuring a DNS Server as the Authoritative Server 9
configuring access-group mode on Layer 2 interface 35
configuring flow control 32
configuring interface link and trunk status envents 46
configuring named IPv6 ACLs 18
configuring named MAC extended ACLs 16, 17
Configuring QoS for AVC with DNS-AS 11
configuring unicast MAC address filtering 16
configuring VLAN maps 21
confreg command 3
Connectivity Fault Management
See CFM
console configuration mode 5
console download 4–5
console port
disconnecting user sessions 7
monitoring user sessions 6
contact information
assigning for call home 4
Control Plane Policing
and Layer 2 Control packet QoS, configuration example 18
configuration guidelines and restrictions 9
configuring for control plane traffic 5
configuring for data plane and management plan traffic 6
defaults 4
general guidelines 4
monitoring 10
understanding 2
control protocol, IP SLAs 4
controlling switch access with RADIUS 95
convergence
REP 4
copy running-config startup-config command 10
copy system:running-config nvram:startup-config command 33
core system filter, Wireshark 7
CoS
definition 3
figure 2
overriding on Cisco IP Phones 4
priority 4
counters
clearing MFIB 29
clearing on interfaces 44
CPU port sniffing 10
CPU, impact of ACL processing 13
crashfiles information, archiving 8
Critical Authentication
configure with 802.1X 62
crosscheck, CFM 5, 11
CST
description 25
IST and 22
MST and 22
CTS Fields 6
customer edge devices 2
C-VLAN 2, 7
D
database agent
configuration examples 15
enabling the DHCP Snooping 13
daylight saving time 13
debug commands, ROM monitor 5–6
decoding and displaying packets, Wireshark 9
Default Configuration 6
default configuration
802.1X 27
banners 24
DNS 23
Ethernet OAM 35
IGMP filtering 30
IGMP snooping 5, 6
IP SLAs 6
IPv6 8
Layer 2 protocol tunneling 16
LLDP 5
MAC address table 30
MVR 23
NTP 4
private VLANs 12
RADIUS 102
REP 7
resetting the interface 48
RMON 3
SNMP 5
SPAN and RSPAN 6
system message logging 3
TACACS+ 18
VLAN mapping 9
Y.1731 29
default gateway
configuring 11
verifying configuration 11
default settings, erase commad 34
default web-based authentication configuration
802.1X 6
defining/modifying/deleting a capture point, Wireshark 12
denial-of-service attacks
IP address spoofing, mitigating 5
Unicast RPF, deploying 5
denying access to a server on another VLAN 27
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 12, 13
deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 13
description command 32
dev command 3
device discovery protocol 1
device IDs
call home format 21, 22
device sensor
configuring 117
DHCP
configuring
rate limit for incoming packets 13
denial-of-service attacks, preventing 13
rate limiting of packets
configuring 13
DHCP option 82
identifying a port with 4
overview 3
DHCP Snooping
enabling, and Option 82 10
DHCP snooping
accepting untrusted packets form edge switch 10
configuring 6
default configuration 7
displaying binding tables 19
displaying configuration 19
displaying information 18
enabling 7
enabling on private VLAN 12
enabling on the aggregation switch 9
enabling the database agent 13
message exchange process 4
monitoring 23
option 82 data insertion 3
overview 1
Snooping database agent 2
DHCP Snooping Database Agent
adding to the database (example) 18
enabling (example) 15
overview 2
reading from a TFTP file (example) 17
DHCP-based autoconfiguration
client request message exchange 3
configuring
client side 2
DNS 5
relay device 5
server-side 4
TFTP server 4
example 7
lease options
for IP address information 4
for receiving the configuration file 4
overview 2
relationship to BOOTP 2
Diagnostics
online 1
Power-On-Self-Test
causes of failure 20
how it works 10
overview 10
Power-On-Self-Test for Supervisor Engine V-10GE 13
Differentiated Services Code Point values
See DSCP values
DiffServ architecture, QoS 2
Digital optical monitoring transceiver support 26
dir device command 3
disabled state
RSTP comparisons (table) 24
disabling
broadcast storm control 5
disabling multicast storm control 6
disconnect command 7
discovery, clusters
See automatic discovery
discovery, Ethernet OAM 34
display dection and removal events 7
display filter, Wireshark 7
display PoE consumed by a module 8
display PoE detection and removal events 7
displaying
Auth Manager sumary for an interface 124
MAB details 126
summary of all Auth manager sessions 124
summary of all Auth manager sessions on the switch authorized for a specified authentication method 124
displaying EtherChannel to a Virtual Switch System 20
displaying storm control 6
displaying Wireshark information 14
dispute mechanism 40
DNS
and DHCP-based autoconfiguration 5
default configuration 23
displaying the configuration 24
overview 22
setting up 23
DNS client 3
Domain Name System
See DNS
domain names
DNS 22
double-tagged packets
802.1Q tunneling 2
Layer 2 protocol tunneling 15
downloading MIBs 2, 3
drop threshold for Layer 2 protocol packets 16
DSCP values
definition 4
IP precedence 2
Dual_Active Detection
using Enhanced PAgP 23
Dual-Active Detection, using Fast-Hello 24
duplex command 30
duplex mode
configuring interface 27
dynamic ARP inspection
ARP cache poisoning 2
configuring
ACLs for non-DHCP environments 11
in DHCP environments 5
log buffer 14
rate limit for incoming ARP packets 16
denial-of-service attacks, preventing 16
interface trust state, security coverage 3
log buffer
configuring 14
logging of dropped packets 4
overview 1
port channels, their behavior 5
priority of static bindings 4
purpose of 2
rate limiting of ARP packets 4
configuring 16
validation checks, performing 19
Dynamic Host Configuration Protocol snooping
See DHCP snooping
dynamic port VLAN membership
example 28
limit on hosts 28
reconfirming 25, 26
troubleshooting 28
E
EAP frames
changing retransmission time 85
exchanging (figure) 4, 6, 13
request/identity 4
response/identity 4
setting retransmission number 86
EAPOL frames
802.1X authentication and 3
OTP authentication, example (figure) 4, 13
start 4
Echo mode,configuring BFD 15
edge ports
description 27
EGP
overview 17
EIGRP
configuration examples 20
monitoring and maintaining 19
EIGRP (Enhanced IGRP)
stub routing
benefits 18
configuration tasks 18
configuring 14
overview 14
restrictions 18
verifying 19
EIGRP (enhanced IGRP)
overview 18
eigrp stub command 19
EIGRP stub routing, configuring 13
ELIN location 3
e-mail addresses
assigning for call home 4
e-mail notifications
Call Home 24, 1
Embedded CiscoView
displaying information 48
installing and configuring 45
overview 45
emergency alarms on Sup Engine 6-E systems 5
enable command 9
enable mode 5
enabling SNMP 4
encryption keying 2
encryption keys, MKA 2
Enhanced Interior Gateway Routing Protocol
See EIGRP
enhanced object tracking
defined 1
IP routing state 2
line-protocol state 2
tracked lists 3
Enhanced PoE support on E-series 15
Enhanced PoE support on E-series,configuring Universal PoE 16
environmental monitoring
using CLI commands 1
EPM logging 127
errdisable recovery
configuring 14
ERSPAN
Overview 2
EtherChannel
channel-group group command 49, 9, 11
configuration guidelines 32, 6
configuring 7–20
configuring (tasks) 30
configuring Layer 2 11
configuring Layer 3 7
DFC restriction, see CSCdt27074 in the Release Notes
displaying to a virtual switch system 20
interface port-channel command 8
lacp system-priority
command example 16
modes 3
overview 1
PAgP
Understanding 4
physical interface configuration 49, 8
port-channel interfaces 2
port-channel load-balance command 19
removing 20
removing interfaces 19
understanding 1
EtherChannel guard
disabling 7
enabling 6
overview 6
Ethernet management port
and routing 6
and routing protocols 6
configuring 10
default setting 6
described 29, 6
for network management 29, 6
specifying 10
supported features 9
unsupported features 10
Ethernet management port, internal
and routing protocols 6
Ethernet Management Port, using 5
Ethernet OAM 34
and CFM interaction 51
configuration guidelines 35
configuring with CFM 51
default configuration 35
discovery 34
enabling 36, 52
link monitoring 34, 38
messages 34
protocol
defined 33
monitoring 49
remote failure indications 34
remote loopback 34, 37
templates 45
Ethernet OAM protocol CFM notifications 51
Ethernet Remote Defect Indication (ETH-RDI) 28
event triggers, user-defined
configuring, 802.1X-based 8
configuring, MAC address-based 9
explicit host tracking
enabling 11
extended range VLANs
See VLANs
Extensible Authentication Protocol over LAN 1
Exterior Gateway Protocol
See EGP
F
Fa0 port
See Ethernet management port
Failure detection, using BFD 7
Fallback Authentication
configure with 802.1X 77
fast link notification
on VSL failure 13
Fast UDLD
configuring probe message interval 8
default configuration 3
displaying link status 9
enabling globally 5
enabling on individual interface 7
enabling per-interface 6
modes of operation 3
resetting disabled LAN interfaces 8
use case 2
Fast UDLD, overview 1
FastDrop
overview 11
fastethernet0 port
See Ethernet management port
Fast-Hello
dual-active detection 24
Fast-Hello dual-active detection, configuring 53
feature interactions, Wireshark 10
FIB
description 2
See also MFIB
fiber-optics interfaces
disabling UDLD 7
Filter-ID ACL and Per-User ACL, configureport-based authentication
configure Per-User ACL and Filter-ID ACL 45
filtering
in a VLAN 21
non-IP traffic 16, 17
filters, Wireshark 6
flags 12
Flash memory
configuring router to boot from 32
loading system images from 31
security precautions 32
Flex Links
configuration guidelines 5
configuring 6
configuring preferred VLAN 9
configuring VLAN load balancing 8
monitoring 12
Flexible NetFlow
caveats 8
defined 4, 1
flooded traffic, blocking 2
flow control, configuring 32
flowchart, traffic marking procedure 21, 55
For 13
Forward look-up 2
forward-delay time (STP)
configuring 19
forwarding information base
See FIB
frame command 5
G
gateway
See default gateway
get-bulk-request operation 3
get-next-request operation 3, 4
get-request operation 3, 4
get-response operation 3
Gigabit Ethernet SFP ports
deploy with 10-Gigabit Ethernet 12, 13
GLBP, introduction 15
global configuration mode 5
Guest-VLANs
configure with 802.1X 57
H
hardware and software ACL support 6
hardware switching 5
hello time (STP)
configuring 17
High Availability and ISSU for AVC with DNS-AS 5
high CPU due to ACLs, troubleshooting 7
history
CLI 4
history table, level and number of syslog messages 9
hop counts
configuring MST bridges 28
Host 2
host
limit on dynamic port 28
host modes, MACsec 5
host ports
kinds of 4
host presence CDP message 8
Hot Standby Routing Protocol
See HSRP
HSRP
description 16
HSRP, introduction 16
hw-module module num power command 22
I
i command 3
ICMP
enabling 12
ping 7
running IP traceroute 9
time exceeded messages 9
ICMP Echo operation
configuring 11
IP SLAs 11
IDS
using with SPAN and RSPAN 2
IEEE 802.1ag 2
IEEE 802.1s
See MST
IEEE 802.1w
See MST
IEEE 802.3ad
See LACP
IGMP
configurable-leave timer 4
description 3
enabling 15
explicit host tracking 4
immediate-leave processing 3
leave processing, enabling 8
overview 1
report suppression
disabling 10
IGMP filtering
configuring 31
default configuration 30
described 30
monitoring 34
IGMP groups
setting the maximum number 33
IGMP Immediate Leave
configuration guidelines 9
IGMP profile
applying 32
configuration mode 31
configuring 31
IGMP Snooping
configure
leave timer 9
configuring
Learning Methods 7
static connection to a multicast router 8
configuring host statically 11
enabling
Immediate-Leave processing
explicit host tracking 11
suppressing multicast flooding 12
IGMP snooping
configuration guidelines 5
default configuration 5, 6
enabling
globally 6
on a VLAN 6
enabling and disabling 6
IP multicast and 4
monitoring 14, 10
overview 1
IGMP Snooping, displaying
group 16
hot membership 15
how to 15
MAC address entries 18
multicast router interfaces 17
on a VLAN interface 18
Querier information 19
IGMPSnooping Querier, configuring 10
Immediate Leave, IGMP
enabling 8
immediate-leave processing
enabling 8
IGMP
See fast-leave processing
ingress packets, SPAN enhancement 12
inline power
configuring on Cisco IP phones 5
insufficient inline power handling for Supervisor Engine II-TS 22
Intelligent Power Management 4
interacting with Baby Giants 37
interface
displaying operational status 6
interface command 9, 2
interface configuration
REP 10
interface link and trunk status events
configuring 46
interface port-channel command 48, 8
interface range command 4
interface range macro command 10
interfaces
adding descriptive name 32
clearing counters 44
configuring 2
configuring ranges 4
displaying information about 44
Layer 2 modes 3
maintaining 44
monitoring 44
naming 32
numbers 2
overview 2
restarting 45
See also Layer 2 interfaces
using the Ethernet Management Port 5
Internet Control Message Protocol
See ICMP
Internet Group Management Protocol
See IGMP
Internet Protocol version 6
See IPv6
introduction
802.1X Identity-Based Network Security, list of supported features 34
Bidirectional Forwarding Detection 14
Cisco Call Home 24
Cisco Energy Wise 24
Cisco Express Forwarding 14
Cisco IOS IP Service Level Agreements 25
Cisco IOS Mediatrace and Performance Monitor 27
Cisco Media Services Proxy 25
Cisco Medianet AutoQoS 26
Cisco Medianet Flow Metadata 26
Cisco TrustSec MACsec Encryption 36
Cisco TrustSec Security Architecture 36
Debugging Features (platform and debug platform) 43
Device Sensor 14
Dynamic Host Control Protocol 28
Easy Virtual Network 28
EIGRP Stub routing 14
Embedded Event Manager 29
Enhanced Object Tracking 15
EtherChannel bundles 3
Ethernet CFM 3
Ethernet Management Port 29
Ethernet OAM Protocol 3
FAT File Management System (Sup 60-E, 6L-E, 4948E, and 4900M) 30
File System Management (Sup 7-E and 7L-E) 29
Flex Link and MAC Address-Table Move Update 3
Flexible Netflow (Sup 7-E and 7L-E) 4
GLBP 15
hard-based Control Plane Policing 37
HSRP 16
In Service Software Upgrade 19
Intelligent Power Management 30
Internet Group Management Protocol (IGMP) Snooping 4
IP Routing protocols 17
IP Source Guard 38
IP Source Guard or Static Hosts 38
IPv6 20
IPv6 First Hop Security 38
IPv6 Multicast BSR and BSR Scoped Zone Support, introduction 5
IPv6 Multicast Listen Discovery (MLD) and Multicast Listen Discovery Snooping 6
IS-IS 18
Jumbo Frame 6
Layer 2 traceroute 43
Link Aggregation Control Protocol 7
MAC Address Notification 30
NAC
Layer 2 802.1X authentication 40
Layer 2 IP validation 40
NetFlow-lite 31
Network Security with ACLs (IP ACLs, MAC ACLs, Port ACLs, Router, ACLs, and VLAN ACLs) 41
NSF with SSO 21
OSPF 19
OSPF for Routed Access 21
Port Security 41
Power over Ethernet 31
RIP 19
Simple Network Management Protocol 31
SPAN and RSPAN 32
Time Domain Reflectometry 43
Unicast Reverse Path Forwarding 22
Universal Power over Ethernet 32
Virtual Router Redundancy Protocol 23
VRF-lite 23
Web Content Coordination Protocol 32
Web-based Authentication 43
Wireshark 33
XML-PI 33
Intrusion Detection System
See IDS
inventory management TLV 3, 9
IOS shell
See Auto SmartPorts macros
IP
configuring default gateway 11
configuring static routes 11
displaying statistics 8
IP addresses
128-bit 2
cluster candidate or member 12
cluster command switch 11
discovering 44
IPv6 2
ip cef command 7, 2
IP Enhanced IGRP
interfaces, displaying 20
ip icmp rate-limit unreachable command 12
ip igmp profile command 31
ip igmp snooping tcn flood command 13
ip igmp snooping tcn flood query count command 14
ip igmp snooping tcn query solicit command 14
IP information
assigned
through DHCP-based autoconfiguration 2
ip load-sharing per-destination command 8
ip local policy route-map command 12
ip mask-reply command 13
IP MTU sizes,configuring 9
IP multicast
clearing table entries 28
configuring 13
default configuration 14
displaying PIM information 24
displaying the routing table information 24
enabling dense-mode PIM 15
enabling sparse-mode 15
features not supported 13
hardware forwarding 9
IGMP snooping and 5, 4
overview 1
routing protocols 2
software forwarding 9
See also Auto-RP; IGMP; PIM; RP; RPF
IP multicast routing
enabling 14
monitoring and maintaining 23
IP multicast traffic, load splitting 22
ip multicast-routing command 14
IP phones
configuring voice ports 3
See Cisco IP Phones 1
ip pim command 15
ip pim dense-mode command 15
ip pim sparse-dense-mode command 16, 17
ip policy route-map command 9, 11, 14, 15
IP Port Security for Static Hosts
on a Layer 2 access port 25
on a PVLAN host port 28
overview 24
ip redirects command 13
IP routing tables
deleting entries 28
IP Service Level Agreements
See IP SLAs
IP service levels, analyzing 1
IP SLAs
benefits 2
CFM endpoint discovery 21
configuration guidelines 7
Control Protocol 4
default configuration 6
definition 1
ICMP echo operation 11
manually configuring CFM ping or jitter 19
measuring network performance 3
multioperations scheduling 5
operation 3
reachability tracking 10
responder
described 4
enabling 7
response time 4
scheduling 5
SNMP support 2
supported metrics 2
threshold monitoring 6
track state 10
UDP jitter operation 8
IP Source Guard
configuring 20
configuring on private VLANs 22
displaying 22, 23
overview 23
IP statistics
displaying 8
IP traceroute
executing 9
overview 8
IP unicast
displaying statistics 8
IP Unnumbered support
configuring on a range of Ethernet VLANs 5
configuring on LAN and VLAN interfaces 4
configuring with connected host polling 6
DHCP Option 82 2
displaying settings 7
format of agent remote ID suboptions 2
troubleshooting 8
with conected host polling 3
with DHCP server and Relay agent 2
ip unreachables command 12
IPsec VPN, introduction 40
IPv4, IPv6, and MAC ACLs, configuring on a Layer 2 interface 33
IPv6
addresses 2
default configuration 8
defined 20, 1
Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 6
Router ID 7
OSPF 6
IPv6 control traffic, policing 20
IPv6 First Hop Security, introduction 38
IPX
redistribution of route information with EIGRP 18
is 23
IS-IS, introduction 18
ISL
trunking with 802.1Q tunneling 4
isolated port 4
isolated VLANs 2, 3, 4
ISSU
compatibility matrix 63, 14
compatiblity verification using Cisco Feature Navigator 64, 15
NSF overview 3, 4
perform the process
aborting a software upgrade 79, 34, 36
configuring the rollback timer as a safeguard 81, 35, 37
displaying a compatibility matrix 82, 36, 40, 39
loading the new software on the new standby 72, 27, 28
stopping the rollback timer 72, 26, 27
switching to the standby 70, 24, 25
verify the ISSU state 67, 20, 21
verify the redundancy mode 65, 19
verify the software installation 65, 18, 19
vload the new software on standby 68, 21
prerequisites 58, 1, 2
process overview 6, 7
restrictions 58, 1, 2
SNMP support 15
SSO overview 3, 4
versioning capability in software to support 13
IST
and MST regions 22
description 22
master 27
ITU-T Y.1731
See Y.1731
J
jumbo frames
and ethernet ports 36
configuring MTU sizes for 37
ports and linecards that support 34
understanding MTUs 35
understanding support 35
VLAN interfaces 36
K
keyboard shortcuts 3
L
l2protocol-tunnel command 17, 19
labels, definition 3
LACP
system ID 5
Layer 2 access ports 7
Layer 2 Control Packet QoS
and CoPP configuration example 18
default configuation 15
disabling 17
enabvling 15
guideline and restrictions 20
understanding 15
Layer 2 frames
classification with CoS 2
Layer 2 interface
applying ACLs 35
configuring access-mode mode on 35
configuring IPv4, IPv6, and MAC ACLs 33
displaying an ACL configuration 36
Layer 2 interface type
resetting 24
setting 24
Layer 2 interfaces
assigning VLANs 7
configuring 5
configuring as PVLAN host ports 18
configuring as PVLAN promiscuous ports 17
configuring as PVLAN trunk ports 19
defaults 4
disabling configuration 8
modes 3
show interfaces command 6
Layer 2 protocol tunneling
default configuration 16
guidelines 16
Layer 2 switching
overview 1
Layer 2 Traceroute
and ARP 10
and CDP 10
host-to-host paths 10
IP addresses and subnets 10
MAC addresses and VLANs 10
multicast traffic 10
multiple devices on a port 10
unicast traffic 43, 9
usage guidelines 10
Layer 2 trunks
configuring 5
overview 3
Layer 3 interface counters,configuring 11
Layer 3 interface counters,understanding 3
Layer 3 interface, applying IPv6 ACLs 20
Layer 3 interfaces
changing from Layer 2 mode 15
configuration guidelines 5
configuring VLANs as interfaces 8
overview 1
counters 3
logical 2
physical 2
SVI autostate exclude 3
Layer 3 packets
classification methods 2
Layer 4 port operations
configuration guidelines 12
restrictions 11
Leave timer, enabling 9
licenses, managing with PRTU 14
limitations on using a TwinGig Convertor 13
Link Aggregation Control Protocol, introduction 7
link and trunk status events
configuring interface 46
link integrity, verifying with REP 4
Link Layer Discovery Protocol
See CDP
link monitoring, Ethernet OAM 34, 38
link status, displaying UDLD 9
link-state tracking
configuration guidelines 26
default configuration 26
described 23
displaying status 27
generic configuration procedure 26
listening state (STP)
RSTP comparisons (table) 24
LLDP
configuring 4
characteristics 5
default configuration 5
disabling and enabling
globally 6
on an interface 7
monitoring and maintaining 14
overview 1
transmission timer and holdtime, setting 5
LLDP Media Endpoint Discovery
See LLDP-MED
LLDP-MED
configuring
procedures 4
TLVs 9, 11
monitoring and maintaining 14
overview 1
supported TLVs 2
load balancing
configuring for CEF 7
configuring for EtherChannel 18
overview 6
per-destination 7
load splitting IP multicast traffic 22
Location Service
overview 1
location service
configuring 12
understanding 3
location TLV 3, 9
logging, EPM 127
Logical Layer 3 interfaces
configuring 6
logical layer 3 VLAN interfaces 2
login authentication
with RADIUS 105
with TACACS+ 19
login banners 24
login timer
changing 6
logoutwarning command 6
loop guard
and MST 23
configuring 5
overview 3
M
MAC address learning, disabling on a VLAN 39
confuguring 39
deployment scenarios 40
feature compatibility 42
feature incompatibility 43
feature inompatibility 43
usage guidelines 40
MAC address table
displaying 44
MAC addresses
aging time 30
allocating 6
and VLAN association 29
building tables 28, 2
convert dynamic to sticky secure 5
default configuration 30
disabling learning on a VLAN 39
discovering 44
displaying 3
displaying in DHCP snooping binding table 19
dynamic
learning 29
removing 31
in ACLs 16
static
adding 37
allowing 38
characteristics of 36
dropping 38
removing 37
sticky 4
sticky secure, adding 5
MAC address-table move update
configuration guidelines 9
configuring 10
monitoring 12
MAC Authentication Bypass
configure with 802.1X 60
MAC details, displaying 126
MAC extended access lists 16
MAC/PHY configuration status TLV 2
macl 17
macros
See Auto SmartPorts macros
See Auto Smartports macros
See Smartports macros
MACSec
802.1AE Tagging 20
MACsec 2
configuring on an interface 8, 15
defined 1, 2
switch-to-switch security 1
MACsec Key Agreement Protocol
See MKA
main-cpu command 8, 7
management address TLV 2
management options
SNMP 1
Management Port, Ethernet 5
managing software licenses, using PRTU 14
manual preemption, REP, configuring 13
marking
hardware capabilities 23, 57
marking action drivers 21, 55
marking network traffic 18, 52
marking support, multi-attribute 22, 56
match ip address command 8, 10, 12, 13
maximum aging time (STP)
configuring 18
MDA
configuration guidelines 22–??
described 22
MEC
configuration 48
described 13
failure 14
Media Access Control Security
See MACsec
member switch
managing 13
member switch, cluster
defined 2
members
automatic discovery 7
meminfo command 6
messages, Ethernet OAM 34
messages, to users through banners 24
Metadata 2
Metro features
Y.1731 (AIS and RDI), introduction 13
metro tags 2
MFIB
CEF 6
overview 12
MFIB, IP
displaying 26
MIBs
compiling 4
downloading 2, 3
overview 1
related information 3
SNMP interaction with 4
MKA
configuring policies 7
defined 2
policies 3
replay protection 3
statistics 6
virtual ports 4
MLD Done messages and Immediate-leave 4
MLD messages 2
MLD queries 3
MLD reports 4
MLD Snooping
MLD Done messages and Immediate-leave 4
MLD messages 2
MLD queries 3
MLD reports 4
Multicast client aging robustness 3
Multicast router discovery 3
overview 1
Mode of capturing control packets, selecting 7
modules
checking status 1
powering down 22
monitoring
802.1Q tunneling 23
ACL information 39
Ethernet CFM 32, 33
Ethernet OAM 49
Ethernet OAM protocol 49
Flex Links 12
IGMP
snooping 10
IGMP filters 34
IGMP snooping 14
Layer 2 protocol tunneling 23
MAC address-table move update 12
multicast router interfaces 11
multi-VRF CE 14, 21
MVR 29
object tracking 13
REP 14
traffic flowing among switches 1
tunneling 23
VLAN filters 28
VLAN maps 28
monitoring and troubleshooting
BFD 17
Monitoring AVC with DNS-AS 20
M-record 23
MST
and multiple spanning trees 8, 22
boundary ports 27
BPDUs 23
configuration parameters 26
configuring 28
displaying configurations 32
edge ports 27
enabling 29
hop count 28
instances
configuring parameters 31
description 23
number supported 26
interoperability with PVST+ 23
link type 28
master 27
message age 28
regions 26
restrictions 28
to-SST interoperability 24
MSTP
EtherChannel guard
enabling 6
M-record 23
M-tree 23
MST-to-PVST+ Interoperability (PVST+ simulation) 35
MST-to-PVST+ Interoperability guidelines 35
M-tree 23
MTU size
configuring 37, 38, 46, 47
default 4
MTUS
understanding 35
Multi-authentication
described 22
multiauthentication mode 8
multicast
See IP multicast
Multicast client aging robustness 3
multicast Ethernet loopback (ETH-LB) 29
multicast Ethernet loopback, using 31
Multicast Forwarding Information Base (MFIB) 12
multicast groups
static joins 7
Multicast HA 13
Multicast implementation
HA 13
MFIB 12
S/M, 224/4 13
multicast packets
blocking 2
Multicast router discovery 3
multicast router interfaces, displaying 17
multicast router interfaces, monitoring 11
multicast router ports, adding 7
multicast router table
displaying 24
multicast routers
flood suppression 12
Multicast Storm Control
enabling 4
disabling 6
multicast television application, using MVR 21
Multicast VLAN Registration
See MVR
multichassis EtherChannel
see MEC 13
multidomain authentication
See MDA
multidomain authentication mode 7
multioperations scheduling, IP SLAs 5
Multiple AuthorizationAuthentication
configuring 34
Multiple Domain Authentication 34
multiple forwarding paths 8, 22
Multiple Spanning Tree
See MST
multiple VPN routing/forwarding
See multi-VRF CE
multiple-hosts mode 7
multi-VRF CE
components 3
configuration example 17
defined 1
displaying 14, 21
monitoring 14, 21
network components 3
packet-forwarding process 3
MVR
configuration guidelines and limitations 23
configuring global parameters 24
configuring on a trunk port 27
configuring on access ports 26
default configuration 23
displaying information 29
in a multicast television application 21
monitoring 29
setting global parameters 24
N
NAC Layer 2 802.1X authentication, intro 40
NAC Layer 2 IP validation, intro 40
named IPv6 ACLs, configuring
ACLs
configuring named IPv6 ACLs 18
named MAC extended ACLs
ACLs
configuring named MAC extended 16, 17
native VLAN
and 802.1Q tunneling 3
specifying 5
NDAC 20
defined 20
MACsec 1
NEAT
configuring 88
overview 24
neighbor offset numbers, REP 5
NetFlow packet sampling
about 1
NetFlow-lite
clear commands 9
display commands 8
Network Assistant
and VTY 12
configure
enable communication with switch 13, 17
default configuration 2
overview of CLI commands 3
Network Device Admission Control (NDAC) 20
Network Edge Access Topology
See NEAT
network fault tolerance 8, 22
network management
configuring 1
RMON 1
SNMP 1
network performance, measuring with IP SLAs 3
network policy TLV 2, 9
Network Time Protocol
See NTP
network traffic, marking 18, 52
New Software Features in Release 7.7
TDR 3
Next Hop Resolution Protocol
See NHRP
NHRP
support 18
non-fiber-optics interfaces
disabling UDLD 7
non-IP traffic filtering 16, 17
non-RPF traffic
description 10
in redundant configurations (figure) 11
Nonstop Forwarding
See NSF
nonvolatile random-access memory
See NVRAM
normal-range VLANs
See VLANs
NSF
defined 1
guidelines and restrictions 9
operation 4
NSF with SSO supervisor engine redundancy
and CEF 5
overview 3
SSO operation 4
NSF-aware
supervisor engines 3
support 2
NSF-capable
supervisor engines 3
support 2
NTP
associations
authenticating 4
defined 2
enabling broadcast messages 7
peer 6
server 6
default configuration 4
displaying the configuration 11
overview 2
restricting access
creating an access group 9
disabling NTP services per interface 10
source IP address, configuring 10
stratum 2
synchronizing devices 6
time
services 2
synchronizing 2
ntroduction
PPPoE Intermediate Agent 41
Storm Control 42
uRPF Strict Mode 42
NVRAM
saving settings 10
O
OAM
client 34
features 34
sublayer 34
OAM manager
configuring 52
with CFM and Ethernet OAM 51
OAM PDUs 35
OAM protocol data units 33
OBFL, displaying for the 9000W AC 4
object tracking
monitoring 13
OIR
overview 41
on-demaind online diagnostics 2
online diagnostic
troubleshooting 8
Online Diagnostics 1
online diagnostics
configuring on-demaind 2
data path, displaying test results 7
displaying tests and test results 4
linecard 8
scheduling 2
starting and stopping tests 3
online insertion and removal
See OIR
Open Shortest Path First
See OSPF
operating system images
See system images
Option 82
enabling DHCP Snooping 10
OSPF
area concept 19
description 19
for IPv6 6
OSPF for Routed Access, introduction 21
OSPF, introduction 19
P
packet type filtering
overview 14
SPAN enhancement 14
packets
modifying 9
PACL
using with access-group mode 34
PACL configuration guidelines 32
PACL with VLAN maps and router ACLs 36
PAgP
understanding 4
PAgP, dual-active detection 23
passwords
configuring enable password 14
configuring enable secret password 14
encrypting 22
in clusters 8
recovering lost enable password 25
setting line password 14
PBR (policy-based routing)
configuration (example) 16
enabling 7, 10
features 2
overview 1
route maps 2
route-map processing logic 3
when to use 6
PE to CE routing, configuring 9
percentage thresholds in tracked lists 7
Permanent Right-To_Use 14
per-port and VLAN Access Control List 19
per-port per-VLAN QoS
enabling 36, 70
overview 10
Per-User ACL and Filter-ID ACL, configure 45
Per-VLAN Rapid Spanning Tree 6
enabling 20
overview 6
physical layer 3 interfaces 2
Physical Layer 3 interfaces, configuring 12
PIM
configuring dense mode 15
configuring sparse mode 15
displaying information 24
displaying statistics 28
enabling sparse-dense mode 15, 16
overview 3
PIM on an interface, enabling 15
PIM-DM 3
PIM-SM 3
PIM-SSM mapping, enabling 17
ping
executing 8
overview 7
ping command 8, 24
PoE 7, 8
configuring power consumption for single device 5, 16
configuring power consumption, powered devices 5
displaying operational status for an interface 6
Enhanced PoE support on E-series 15
policing and monitoring 12
power consumption for powered devices
Intelligent Power Management 4
power management modes 2
powering down a module 22
PoE policing
configuring errdisable recovery 14
configuring on an interface 13
displaying on an interface 14
power modes 12
point-to-point
in 802.1X authentication (figure) 3
policing
how to implement 18, 52
See QoS policing
policing IPv6 control traffic 20
policing, PoE 12
policy associations, QoS on Sup 6-E 39, 73
policy map marking action, configuring 23, 57
policy-map command 16, 51
port ACLs
and voice VLAN 5
defined 3
Port Aggregation Protocol
see PAgP
port cost (STP)
configuring 15
port description TLV 2
port numbering with TwinGig Convertors 13
port priority
configuring MST instances 31
configuring STP 13
port security
aging 5
configuring 7
displaying 28
guidelines and restrictions 33
on access ports 7, 22
on private VLAN 14
host 14
promiscuous 16
topology 15, 18, 32
on trunk port 17
guidelines and restrictions 15, 18, 32
port mode changes 22
on voice ports 22
sticky learning 5
using with 802.1X 18
violations 6
with 802.1X Authentication 32
with DHCP and IP Source Guard 31
with other features 33
port states
description 5
port VLAN ID TLV 2
port-based authentication
802.1X with voice VLAN 21
Authentication Failed VLAN assignment 16
authentication server
defined 2
changing the quiet period 84
client, defined 3, 2
configuration guidelines 28, 6
configure ACL assignments and redirect URLs 38
configure switch-to-RADIUS server communication 32
configure with Authentication Failed 71
configure with Critical Authentication 62
configure with Guest-VLANs 57
configure with MAC Authentication Bypass 60
configure with VLAN User Distribution 68
configure with Voice VLAN 73
configuring
Multiple Domain Authentication and Multiple Authorization 34
RADIUS server 10
RADIUS server parameters on the switch 9
configuring Fallback Authentication 77
configuring Guest-VLAN 32
configuring manual re-authentication of a client 94
configuring with Unidirectional Controlled Port 66
controlling authorization state 5
default configuration 27, 6
described 1
device roles 2
displaying statistics 123, 14
enabling 29
802.1X authentication 9
enabling multiple hosts 83
enabling periodic re-authentication 81
encapsulation 3
host mode 6
how 802.1X fails on a port 25
initiation and message exchange 4
method lists 29
modes 6
multidomain authentication 22
multiple-hosts mode, described 7
port security
multiple-hosts mode 7
ports not supported 4
pre-authentication open access 8
resetting to default values 95
setting retransmission number 86
setting retransmission time 85
switch
as proxy 2
switch supplicant
configuring 88
overview 24
topologies, supported 26
using with ACL assignments and redirect URLs 19
using with port security 18
voice aware 802.1x security
configuring 74
described 21, 74
with Critical Authentication 14
with Guest VLANs 10
with MAC Authentication Bypass 11
with Unidirectional Controlled Port 15
with VLAN assignment 9
with VLAN User Distribution 15
port-channel
see EtherChannel
port-channel interfaces
See also EtherChannel
creating 48, 8
overview 2
port-channel load-balance
command 14, 16
command example 16
port-channel load-balance command 19
PortFast
and MST 23
configuring or enabling 23
overview 7
PortFast BPDU filtering
and MST 23
overview 16
PortFast Edge BPDU Filtering 17
ports
blocking 1
checking status 2
dynamic VLAN membership
example 28
reconfirming 25, 26
forwarding, resuming 3
REP 6
See also interfaces
power
inline 5
power dc input command 21
power handling for Supervisor Engine II-TS 12
power inline command 3
power inline consumption command 5
power management
Catalyst 4500 series 7
Catalyst 4500 Switch power supplies 14
Catalyst 4948 series 23
configuring combined mode 13
configuring redundant mode 12
overview 1
redundancy 7
power management for Catalyst 4500 Switch
combined mode 9
redundant mode 9
power management limitations in Catalyst 4500 Switch 10
power management mode
selecting 10
power management TLV 2, 3, 9
power negotiation
through LLDP 11
power policing, displaying on an interface 14
power redundancy-mode command 13
power supplies
available power for Catalyst 4500 Switch 14
fixed 8
variable 8, 23
powered devices, configuring power consumption 5
Power-On-Self-Test diagnostics 10, 20
Power-On-Self-Test for Supervisor Engine V-10GE 13
pre-authentication open access 8
pre-authentication open access. See port-based authentication.
preempt delay time, REP 5
primary edge port, REP 4
primary VLANs 2, 4
associating with secondary VLANs 16
configuring as a PVLAN 15
priority
overriding CoS of incoming frames 4
priority queuing, QoS on Sup 6-E 30, 64
private VLAN
configure port security 14, 15
enabling DHCP Snooping 12
private VLANs
across multiple switches 5
and SVIs 10
benefits of 2
community ports 3
community VLANs 2, 3
default configuration 12
end station access to 3
isolated port 4
isolated VLANs 2, 3, 4
ports
community 3
isolated 4
promiscuous 4
primary VLANs 2, 4
promiscuous ports 4
secondary VLANs 2
subdomains 2
traffic in 9
privileged EXEC mode 5
privileges
changing default 23
configuring levels 23
exiting 24
logging in 24
promiscuous ports
configuring PVLAN 17
defined 4
setting mode 24
protocol timers 4
provider edge devices 2
PRTU, managing software licenses 14
pruning, VTP
See VTP pruning
pseudobridges
description 25
PVACL 19
PVID (port VLAN ID)
and 802.1X with voice VLAN ports 21
PVLAN promiscuous trunk port
configuring 11, 17, 21
PVLANs
802.1q support 14
across multiple switches 5
configuration guidelines 12
configure port security 14, 16, 18
configure port security in a wireless setting 32
configuring 11
configuring a VLAN 15
configuring promiscuous ports 17
host ports
configuring a Layer 2 interface 18
setting 24
overview 1
permitting routing, example 23
promiscuous mode
setting 24
setting
interface mode 24
PVST+ simulation 36
Q
QoS
classification 6–??
definitions 3
enabling per-port per-VLAN 36, 70
overview 1
overview of per-port per-VLAN 10
packet modification 9
traffic shaping 9
See also COS; DSCP values; transmit queues
QoS active queue management
tracking queue length 9
QoS labels
definition 3
QoS marking
description 5
QoS on Sup 6-E
Active Queue management via DBL 34, 68
active queue management via DBL 27, 34, 61, 68
classification 16, 50
configuring 13, 47
configuring CoS mutation 45, 79
configuring the policy map marking action 23, 57
hardware capabilities for marking 23, 57
how to implement policing 18, 52
marking action drivers 21, 55
marking network traffic 18, 52
MQC-based QoS configuration 13, 48
multi-attribute marking support 22, 56
platform hardware capabilities 15, 49
platform restrictions 18, 52
platform-supported classification criteria and QoS features 13, 14, 48
policing 17, 51
policy associations 39, 73
prerequisites for applying a service policy 15, 49
priority queuing 30, 64
queue-limiting 31, 65
restrictions for applying a service policy 15, 50
shaping 25, 59
sharing(bandwidth) 27, 61
sharing(blandwidth), shapring, and priority queuing 25, 59
software QoS 40, 74
traffic marking procedure flowchart 21, 55
QoS policing
definition 5
described 8
QoS policy
attaching to interfaces 8
QoS service policy
prerequisites 15, 49
restrictions for applying 15, 50
QoS transmit queues
burst 9
maximum rate 9
sharing link bandwidth 9
quad-supervisor
uplink forwarding 6
Quality of service
See QoS
queueing 8
queue-limiting, QoS on Sup 6-E 31, 65
R
RA Guard
configuring 51
deployment 50
examples 51
introduction 49
usage guidelines 52
RADIUS
attributes
vendor-proprietary 112
vendor-specific 111
change of authorization 97
configuring
accounting 110
authentication 105
authorization 109
communication, global 103, 110
communication, per-server 103
multiple UDP ports 103
default configuration 102
defining AAA server groups 107
displaying the configuration 115
identifying the server 103
limiting the services to the user 109
method list, defined 102
operation of 97
server load balancing 115
suggested network environments 96
tracking services accessed by user 110
understanding 96
RADIUS Change of Authorization 97
RADIUS server
configure to-Switch communication 32
configuring settings 34
parameters on the switch 32
RADIUS, controlling switch access with 95
range command 4
range macros
defining 10
ranges of interfaces
configuring 4
Rapid Spanning Tree
See RSTP
rcommand command 13
reachability, tracking IP SLAs IP host 10
re-authentication of a client
configuring manual 94
enabling periodic 81
redirect URLs, port-based authentication 19
reduced MAC address 2
redundancy
configuring 7
guidelines and restrictions 5
changes made through SNMP 11
NSF-aware support 2
NSF-capable support 2
overview 2
redundancy command 8, 7
understanding synchronization 4
redundancy (NSF) 1
configuring
BGP 11
CEF 11
EIGRP 16
IS-IS 14
OSPF 13
routing protocols 5
redundancy (RPR)
route processor redundancy 2
synchronization 4, 5
redundancy (SSO)
redundancy command 10
route processor redundancy 3
synchronization 5
reload command 29
Remote Authentication Dial-In User Service
See RADIUS
remote failure indications 34
remote loopback, Ethernet OAM 34, 37
Remote Network Monitoring
See RMON
rendezvous point, configuring 17
rendezvous point, configuring single static 21
REP
administrative VLAN 8
administrative VLAN, configuring 9
and STP 6
configuration guidelines 7
configuring interfaces 10
convergence 4
default configuration 7
manual preemption, configuring 13
monitoring 14
neighbor offset numbers 5
open segment 2
ports 6
preempt delay time 5
primary edge port 4
ring segment 2
secondary edge port 4
segments 1
characteristics 2
SNMP traps, configuring 14
supported interfaces 1
triggering VLAN load balancing 6
verifying link integrity 4
VLAN blocking 13
VLAN load balancing 4
replication
description 9
report suppression, IGMP
disabling 10
reserved-range VLANs
See VLANs
reset command 3
resetting a switch to defaults 34
resetting an interface to default configuration 48
Resilient Ethernet ProtocolLSee REP
responder, IP SLAs
described 4
enabling 7
response time, measuring with IP SLAs 4
restricting access
NTP services 8
RADIUS 95
TACACS+ 15
Restrictions and Guidelines for Configuring AVC with DNS-AS 6
retransmission number
setting in 802.1X authentication 86
retransmission time
changing in 802.1X authentication 85
RFC
1157, SNMPv1 2
1305, NTP 2
1757, RMON 2
1901, SNMPv2C 2
1902 to 1907, SNMPv2 2
2273-2275, SNMPv3 2
RFC 5176 Compliance 98
RIP
description 19
for IPv6 6
RIP, introduction 19
RMON
default configuration 3
displaying status 6
enabling alarms and events 3
groups supported 2
overview 1
ROM monitor
boot process and 26
CLI 7
commands 2–3
debug commands 5–6
entering 1
exiting 6
overview 1
root bridge
configuring 9
selecting in MST 22
root guard
and MST 23
enabling 2
overview 2
route maps
defining 8, 10, 12
PBR 2
route targets
VPN 3
routed packets
ACLs 30
route-map (IP) command 8, 10, 12
router ACLs
description 41, 3
using with VLAN maps 29
router ACLs, using PACL with VLAN maps 36
Routing Information Protocol
See RIP
RPF
See Unicast RPF
RSPAN
configuration guidelines 16
destination ports 5
IDS 2
monitored ports 4
monitoring ports 5
received traffic 3
sessions
creating 17
defined 3
limiting source traffic to specific VLANs 23
monitoring VLANs 21
removing source (monitored) ports 20
specifying monitored ports 17
source ports 4
transmitted traffic 4
VLAN-based 5
RSTP
compatibility 23
description 22
port roles 24
port states 24
S
S/M, 224/4 13
SAID
See 802.10 SAID
SAP
defined 20
negotiation 20
support 1
scheduling 8
scheduling, IP SLAs operations 5
secondary edge port, REP 4
secondary root switch 12
secondary VLANs 2
associating with primary 16
permitting routing 23
security
configuring 1
Security Association Identifier
See 802.10 SAID
Security Exchange Protocol
See SAP
selecting a power management mode 10
selecting X2/TwinGig Convertor Mode 14
sequence numbers in log messages 7
server IDs
description 23
service policy, configure class-level queue-limit 31, 65
service-policy input command 2
service-provider networks
and customer VLANs 2
session keys, MKA 2
set default interface command 9, 11
set interface command 8, 10
set ip default next-hop command 9, 11
set ip next-hop command 8, 10, 16
set-request operation 4
severity levels, defining in system messages 8
shaping, QoS on Sup 6-E 25, 59
sharing(bandwidth), QoS on Sup 6-E 27, 61
Shell functions
See Auto SmartPorts macros
See Auto Smartports macros
Shell triggers
See Auto SmartPorts macros
See Auto Smartports macros
show adjacency command 10
show boot command 33
show catalyst4000 chassis-mac-address command 3
show cdp command 2, 3
show cdp entry command 3
show cdp interface command 3
show cdp neighbors command 3
show cdp traffic command 3
show ciscoview package command 48
show ciscoview version command 48
show cluster members command 13
show configuration command 32
show debugging command 3
show environment command 2
show history command 4
show interfaces command 37, 38, 44, 46, 47
show interfaces status command 2
show ip cef command 8
show ip eigrp interfaces command 20
show ip eigrp neighbors command 20
show ip eigrp topology command 20
show ip eigrp traffic command 20
show ip interface command 24
show ip local policy command 12
show ip mroute command 24
show ip pim interface command 24
show l2protocol command 18
show lldp traffic command 15
show mac-address-table address command 3
show mac-address-table interface command 3
show mls entry command 8
show module command 1, 6
show PoE consumed 8
show power inline command 6
show power supplies command 13
show protocols command 44
show running-config command
adding description for an interface 32
checking your settings 9
displaying ACLs 23, 25, 34, 35
show startup-config command 10
show users command 6
show version command 30
shutdown threshold for Layer 2 protocol packets 16
shutdown, command 45
shutting down
interfaces 45
Simple Network Management Protocol
See SNMP
single spanning tree
See SST
single static RP, configuring 21
single-host mode 7
slot numbers, description 2
Slow timer, configuring BFD 16
smart call home 1
description 2
destination profile (note) 5
registration requirements 3
service contract requirements 3
Transport Gateway (TG) aggregation point 2
SMARTnet
smart call home registration 3
Smartports macros
applying global parameter values 8, 14
applying macros 8
applying parameter values 8
configuration guidelines 6, 13
configuring 2
creating 7
default configuration 3, 13
defined 10, 1
displaying 12
tracing 6, 13
SNMP
accessing MIB variables with 4
agent
described 4
disabling 7
and IP SLAs 2
authentication level 10
community strings
configuring 7
overview 4
configuration examples 15
configuration guidelines 6
default configuration 5
enabling 4
engine ID 6
groups 6, 9
host 6
informs
and trap keyword 11
described 5
differences from traps 5
enabling 14
limiting access by TFTP servers 15
limiting system log messages to NMS 9
manager functions 3
notifications 5
overview 1, 4
status, displaying 16
system contact and location 14
trap manager, configuring 13
traps
described 3, 5
differences from informs 5
enabling 11
enabling MAC address notification 31
enabling MAC move notification 33
enabling MAC threshold notification 35
overview 1, 4
types of 11
users 6, 9
versions supported 2
SNMP commands 4
SNMP traps
REP 14
SNMPv1 2
SNMPv2C 2
SNMPv3 2
software
upgrading 13, 12
software configuration register 26
software QoS, on Sup 6-E 40, 74
software switching
description 5
interfaces 6
key data structures used 8
source group tag 4, 10
source IDs
call home event format 22
SPAN
and ACLs 5
configuration guidelines 7
configuring 7–10
destination ports 5
IDS 2
monitored port, defined 4
monitoring port, defined 5
received traffic 3
sessions
defined 3
source ports 4
transmitted traffic 4
VLAN-based 5
SPAN and RSPAN
concepts and terminology 3
default configuration 6
displaying status 24
overview 1
session limits 6
SPAN enhancements
access list filtering 13
configuration example 15
CPU port sniffing 10
encapsulation configuration 12
ingress packets 12
packet type filtering 14
spanning-tree backbonefast command 24
spanning-tree cost command 15
spanning-tree guard root command 2
spanning-tree port-priority command 13
spanning-tree uplinkfast command 20
spanning-tree vlan
command 9
command example 9
spanning-tree vlan command 8
spanning-tree vlan cost command 16
spanning-tree vlan forward-time command 19
spanning-tree vlan hello-time command 18
spanning-tree vlan max-age command 18
spanning-tree vlan port-priority command 13
spanning-tree vlan priority command 17
spanning-tree vlan root primary command 10
spanning-tree vlan root secondary command 12
speed
configuring interface 27
speed command 28, 29
SSO
configuring 10
SSO operation 4
SST
description 22
interoperability 24
static ACL, removing the requirement 32
static addresses
See addresses
static routes
configuring 11
verifying 12
statistics
802.1X 14
displaying 802.1X 123
displaying PIM 28
LLDP 14
LLDP-MED 14
MKA 6
SNMP input and output 16
sticky learning
configuration file 5
defined 5
disabling 5
enabling 5
saving addresses 5
sticky MAC addresses
configuring 7
defined 4
storing captured packets to a.pcap file, Wireshark 8
Storm Control
displaying 6
enabling Broadcast 2
enabling Multicast 4
hardware-based, implementing 1
overview 1
software-based, implementing 2
STP
and REP 6
bridge ID 2
configuring 7–20
creating topology 5
defaults 7
disabling 20
enabling 8
enabling extended system ID 9
enabling Per-VLAN Rapid Spanning Tree 20
EtherChannel guard
disabling 7
forward-delay time 19
hello time 17
Layer 2 protocol tunneling 13
maximum aging time 18
overview 1, 3
per-VLAN rapid spanning tree 6
port cost 15
port priority 13
root bridge 9
stratum, NTP 2
stub routing (EIGRP)
benefits 18
configuration tasks 18
configuring 14
overview 13, 14
restrictions 18
verifying 19
subdomains, private VLAN 2
summer time 13
supervisor engine
accessing the redundant 14
configuring 8–13
copying files to standby 14
default configuration 1
default gateways 11
environmental monitoring 1
redundancy 1
ROM monitor 26
startup configuration 25
static routes 11
synchronizing configurations 11, 10
Supervisor Engine 7L-E, selecting the uplink port 25
Supervisor Engine II-TS
insufficient inline power handling 22, 12
Smartports macros
See also Auto Smartports macros
SVI Autostate Exclude
understanding 3
SVI Autostate exclude
configuring 8
S-VLAN 2, 7
switch 2
switch access with RADIUS, controlling 95
switch ports
See access ports
switched packets
and ACLs 29
Switched Port Analyzer
See SPAN
switchport
show interfaces 37, 38, 46, 47
switchport access vlan command 5, 7
switchport block multicast command 2
switchport block unicast command 2
switchport mode access command 7
switchport mode dot1q-tunnel command 6
switchport mode dynamic command 5
switchport mode trunk command 5
switchport trunk allowed vlan command 5
switchport trunk encapsulation command 5
switchport trunk native vlan command 5
switchport trunk pruning vlan command 6
switch-to-RADIUS server communication
configuring 32
sysret command 5
system
reviewing configuration 10
settings at startup 28
system alarms
overview 6
system and network statistics, displaying 24
system capabilities TLV 2
system clock
configuring
daylight saving time 13
manually 11
summer time 13
time zones 12
displaying the time and date 12
overview 2
See also NTP
system description TLV 2
system images
loading from Flash memory 31
modifying boot field 28
specifying 31
system message logging
default configuration 3
defining error message severity levels 8
disabling 3
displaying the configuration 12
enabling 4
facility keywords, described 12
level keywords, described 8
limiting messages 9
message format 2
overview 1
sequence numbers, enabling and disabling 7
setting the display destination device 4
synchronizing log messages 5
timestamps, enabling and disabling 6
UNIX syslog servers
configuring the daemon 10
configuring the logging facility 11
facilities supported 12
system MTU
802.1Q tunneling 5
maximums 5
system name
manual configuration 22
See also DNS
system name TLV 2
system prompt, default setting 21
T
TACACS+ 1
accounting, defined 16
authentication, defined 16
authorization, defined 16
configuring
accounting 21
authentication key 18
authorization 21
login authentication 19
default configuration 18
displaying the configuration 22
identifying the server 18
limiting the services to the user 21
operation of 17
overview 15
tracking services accessed by user 21
tagged packets
802.1Q 3
Layer 2 protocol 13
TCAM programming and ACLs 7
for Sup II-Plust thru V-10GE 7
TCAM programming and ACLs for Sup 6-E 10
TDR
checking cable connectivity 3
enabling and disabling test 3
guidelines 3
Telnet
accessing CLI 2
disconnecting user sessions 7
executing 5
monitoring user sessions 6
telnet command 6
templates, Ethernet OAM 45
Terminal Access Controller Access Control System Plus
See TACACS+
TFTP
configuration files in base directory 5
configuring for autoconfiguration 4
limiting access by servers 15
TFTP download
See also console download
threshold monitoring, IP SLAs 6
time
See NTP and system clock
Time Domain Reflectometer
See TDR
time exceeded messages 9
time zones 12
timer
See login timer
timestamps in log messages 6
TLV
host presence detection 8
TLVs
defined 7, 2
LLDP-MED 2
Token Ring
media not supported (note) 5, 9
Topology change notification processing
MLD Snooping
Topology change notification processing 4
TOS
description 4
trace command 9
traceroute
See IP traceroute
See Layer 2 Traceroute
traceroute mac command 11
traceroute mac ip command 11
track state, tracking IP SLAs 10
tracked lists
configuring 3
types 3
tracked objects
by Boolean expression 5
by threshold percentage 7
by threshold weight 6
tracking interface line-protocol state 2
tracking IP routing state 2
tracking objects 2
tracking process 2
traffic
blocking flooded 2
traffic control
using ACLs (figure) 4
using VLAN maps (figure) 6
traffic marking procedure flowchart 21, 55
traffic shaping 9
translational bridge numbers (defaults) 5
traps
configuring MAC address notification 31
configuring MAC move notification 33
configuring MAC threshold notification 35
configuring managers 11
defined 3
enabling 31, 33, 35, 11
notification types 11
overview 1, 4
troubleshooting
with CiscoWorks 4
with system message logging 1
with traceroute 8
Troubleshooting AVC with DNS-AS 24
troubleshooting high CPU due to ACLs 7
trunk failover
See link-state tracking
trunk ports
configure port security 17
configuring PVLAN 19–21
trunks
802.1Q restrictions 4
configuring 5
configuring access VLANs 5
configuring allowed VLANs 5
default interface configuration 5
enabling to non-DTP device 3
specifying native VLAN 5
understanding 3
trustpoint 3
TTL 3
tunnel ports
802.1Q, configuring 5
described 2
incompatibilities with other features 5
tunneling
defined 1
TwinGig Convertors
limitations on using 13
port numbering 13
selecting X2/TwinGig Convertor mode 14
TXT DNS Resource Record 3
TXT record 3
type length value
See TLV
type of service
See TOS
U
UDLD
configuring probe message interval per-interface 8
default configuration 3
disabling on fiber-optic interfaces 7
disabling on non-fiber-optic interfaces 7
displaying link status 9
enabling globally 5
enabling per-interface 6
modes of operation 3
resetting disabled LAN interfaces 8
use case 2
UDLD, overview 1
UDP jitter operation, IP SLAs 8
UDP jitter, configuring 9
unauthorized ports with 802.1X 4
unicast
See IP unicast
unicast flood blocking
configuring 1
unicast MAC address filtering
and adding static addresses 38
and broadcast MAC addresses 37
and CPU packets 37
and multicast addresses 37
and router MAC addresses 37
configuration guidelines 37
described 37
unicast MAC address filtering, configuring
ACLs
configuring unicast MAC address filtering 16
Unicast RPF (Unicast Reverse Path Forwarding)
applying 5
BGP attributes
caution 4
CEF
requirement 2
tables 7
configuring 9
(examples) ??–12
BOOTP 8
DHCP 8
enterprise network (figure) 6
prerequisites 9
routing table requirements 7
tasks 9
verifying 10
deploying 5
description 22, 1
disabling 11
enterprise network (figure) 6
FIB 2
implementing 4
packets, dropping (figure) 4
prerequisites 9
restrictions
basic 8
routing asymmetry 7
routing asymmetry (figure) 8
routing table requirements 7
security policy
applying 5
attacks, mitigating 5
deploying 5
tunneling 5
source addresses, validating 3
(figure) 3, 4
failure 3
traffic filtering 5
tunneling 5
validation
failure 3, 4
packets, dropping 3
source addresses 3
verifying 10
unicast traffic
blocking 2
Unidirectional Controlled Port, configuring 802.1X 66
unidirectional ethernet
enabling 2
example of setting 2
overview 1
UniDirectional Link Detection Protocol
See UDLD
Universal PoE, configuring 16
UNIX syslog servers
daemon configuration 10
facilities supported 12
message logging configuration 11
uplink forwarding
quad-supervisor 6
uplink mode, selecting on supervisor engine 6-E 20
uplink port, selecting on a supervisor engine 7L-E 25
UplinkFast
and MST 23
enabling 23
MST and 23
overview 19
usage examples, Wireshark 18
user EXEC mode 5
user sessions
disconnecting 7
monitoring 6
user-defined event triggers
configuring, 802.1X-based 8
configuring, MAC address-based 9
User-defined triggers and built-in macros, configuring mapping 9
V
VACLs
Layer 4 port operations 10
virtual configuration register 3
virtual LANs
See VLANs
virtual ports, MKA 4
Virtual Router Redundancy Protocol, introduction 23
Virtual Switch System(VSS), displaying EtherChannel to 20
VLAN ACLs
See VLAN maps
VLAN blocking, REP 13
vlan command 6
vlan dot1q tag native command 4
VLAN ID
service provider 8
VLAN ID translation
See VLAN mapping
VLAN ID, discovering 44
VLAN load balancing
REP 4
VLAN load balancing on flex links 2
configuration guidelines 5
VLAN load balancing, triggering 6
VLAN Management Policy Server
See VMPS
VLAN mapping
1-to-1 7
1-to-1, configuring 10
configuration guidelines 9
configuring 10
configuring on a trunk port 10
default 9
described 2, 7
selective QinQ 8
selective Q-in-Q, configuring 12
traditional QinQ 8
traditional Q-in-Q, configuring 11
types of 7
VLAN maps
applying to a VLAN 25
configuration example 26
configuration guidelines 22
configuring 21
creating and deleting entries 22
defined 41
denying access example 27
denying packets 23
displaying 28
order of entries 22
permitting packets 23
router ACLs and 29
using (figure) 5
using in your network 25
VLAN maps, PACL and Router ACLs 36
VLAN Trunking Protocol
See VTP
VLAN trunks
overview 3
VLAN User Distribution, configuring 802.1X 68
VLANs
allowed on trunk 5
configuration guidelines 3
configuring 5
configuring as Layer 3 interfaces 8
customer numbering in service-provider networks 3
default configuration 4
description 11
extended range 3
IDs (default) 4
interface assignment 7
limiting source traffic with RSPAN 23
monitoring with RSPAN 21
name (default) 4
normal range 3
overview 1
reserved range 3
See also PVLANs
VMPS
configuration file example 31
configuring dynamic access ports on client 24
configuring retry interval 26
database configuration file 31
dynamic port membership
example 28
reconfirming 25, 26
reconfirming assignments 25
reconfirming membership interval 26
server overview 20
VMPS client
administering and monitoring 27
configure switch
configure reconfirmation interval 26
dynamic ports 24
entering IP VMPS address 24
reconfirm VLAM membership 25
reconfirmation interval 26
default configuration 23
dynamic VLAN membership overview 23
troubleshooting dynamic port VLAN membership 28
VMPS server
fall-back VLAN 22
illegal VMPS client requests 22
overview 20
security modes
multiple 22
open 21
secure 21
voice aware 802.1x security
port-based authentication
configuring 74
described 21, 74
voice interfaces
configuring 1
Voice over IP
configuring 1
voice ports
configuring VVID 3
voice traffic 2, 5
voice VLAN
IP phone data traffic, described 2
IP phone voice traffic, described 2
voice VLAN ports
using 802.1X 21
Voice VLAN, configure 802.1X 73
VPN
configuring routing in 8
forwarding 3
routes 2
routing and forwarding table
See VRF
VRF
defining 3
tables 1
VRF-aware services
ARP 6, 15, 17
configuring 5, 14
ftp 16
ping 15
tftp 16
traceroute 16
uRPF 15
VRF-lite
description 23
VSS
dual-active detection
displaying 54
Enhanced PAgP, advantages 23
enhanced PAgP, configuring 52
Enhanced PAgP, description 23
fast-hello, configuring 53
VTP
client, configuring 16
configuration guidelines 12
default configuration 13
disabling 16
Layer 2 protocol tunneling 13
monitoring 19
overview 7
pruning
configuring 15
See also VTP version 2
server, configuring 16
statistics 19
transparent mode, configuring 16
version 2
enabling 15
VTP advertisements
description 9
VTP domains
description 8
VTP modes 8
VTP pruning
overview 10
VTP versions 2 and 3
overview 9
See also VTP
VTY and Network Assistant 12
VVID (voice VLAN ID)
and 802.1X authentication 21
configuring 3
W
WCCP
configuration examples 9
configuring on a router 2, 13
features 3
restrictions 5
service groups 5
Web Cache Communication Protocol
See WCCP 1
web cache services
description 4
web caches
See cache engines
web caching
See web cache services
See also WCCP
web-based authentication
authentication proxy web pages 4
description 43, 13, 1
web-based authentication, interactions with other features 4
weight thresholds in tracked lists 6
wireless mode 29, 30
Wireshark
activating and deactivating, capture points, conceptual 10
attachment points 6
capture filter 7
capture points 6
core system filter 7
decoding and displaying packets 9
display filter 7
feature interactions 10
filters 6
storing captured packets to a.pcap filter 8
usage examples 18
Wireshark, about 5
Wireshark, activating and deactivating a capture point 14
Wireshark, defining/modifying/deleting a capture point 12
Wireshark, displaying information 14
WS-X46490-CSFP-E, support on a 10-slot chassis 21
X
X.509v3 Certificates for SSH Authentication
Overview 2
Y
Y.1731
default configuration 29
described 27
ETH-AIS
Ethernet Alarm Signal function (ETH-AIS)
28
ETH-RDI 28
multicast Ethernet loopback 31
multicast ETH-LB 29
terminology 27