Index

Security Exchange Protocol

See SXP

Symbols

“A” Record 3

Numerics

10/100 autonegotiation feature, forced 28

10-Gigabit Ethernet or Gigabit Ethernet ports

deploy on WS-X4606-10GE-E and Sup 6-E 13

10-Gigabit Ethernet port

deploy with Gigabit Ethernet SFP ports 12, 13

10-slot chassis, support for WS-X46490-CSFP-E 21

12-class Easy QoS Model 11

1400 W DC Power supply

special considerations 21

1400 W DC SP Triple Input power supply

special considerations 22

802.10 SAID (default) 4

802.1AE

standard 2

802.1Q

trunks 6

tunnel ports with other features 5

tunneling

compatibility with other features 5

defaults 3

described 2

802.1Q VLANs

trunk restrictions 4

802.1s

See MST

802.1w

See MST

802.1X

See port-based authentication

802.1X authentication

Authentication Failed VLAN assignment 16

for Critical Authentication 14

for guest VLANs 10

for MAC Authentication Bypass 11

for Unidirectional Controlled Port 15

VLAN User Distribution 15

web-based authentication 13

with port security 18

with VLAN assignment 9

with voice VLAN ports 21

802.1X Host Mode 6

multiauthentication mode 8

multidomain authentication mode 7

single-host 7

802.1x-REV 2

802.3ad

See LACP

9000W AC, displaying OBFL 4

A

AAA 1

AAA (authentication, authorization, and accounting). See also port-based authentication. 1

abbreviating commands 5

about Wireshark 5

access control entries

See ACEs

access control entries and lists 1

access list filtering, SPAN enhancement 13

access lists

using with WCCP 8

access ports

and Layer 2 protocol tunneling 15

configure port security 7, 22

configuring 7

access VLANs 5

access-group mode, configuring on Layer 2 interface 35

access-group mode, using PACL with 34

accounting

with RADIUS 110

with TACACS+ 16, 21

ACEs

ACLs 2

IP 41, 2

Layer 4 operation restrictions 11

ACEs and ACLs 1

ACL assignments and redirect URLs, configure 38

ACL assignments, port-based authentication 19

ACL configuration, displaying a Layer 2 interface 36

ACLs

ACEs 2

and SPAN 5

and TCAM programming for Sup 6-E 10

and TCAM programming for Sup II-Plus thru V-10GE 7

applying IPv6 ACLs to a Layer 3 interface 20

applying on routed packets 30

applying on switched packets 29

compatibility on the same switch 3

configuring with VLAN maps 29

CPU impact 13

downloadable 7

hardware and software support 6

IP, matching criteria for port ACLs 4

MAC extended 16

matching criteria for router ACLs 3

port

and voice VLAN 5

defined 3

processing 13

selecting mode of capturing control packets 7

troubleshooting high CPU 7

types supported 3

understanding 2

VLAN maps 5

ACLs and VLAN maps, examples 23

ACLs, applying to a Layer 2 interface 35

acronyms, list of 1

action drivers, marking 21, 55

activating and deactivating a capture point, Wireshark 14

activating and deactivating Wiresharkcapture points, conceptual, Wireshark 10

active queue management 9

active queue management via DBL, QoS on Sup 6-E 34, 68

active traffic monitoring, IP SLAs 1

adding members to a community 9

address resolution 44

addresses

displaying the MAC table 44

dynamic

changing the aging time 30

defined 28

learning 29

removing 31

IPv6 2

MAC, discovering 44

See MAC addresses

static

adding and removing 36

defined 28

adjacency tables

description 2

displaying statistics 10

administrative VLAN

REP, configuring 9

administrative VLAN per segment 9

administrative VLAN, REP 8

advertisements

LLDP 7, 2

advertisements, VTP

See VTP advertisements

aggregation switch, enabling DHCP snooping 9

aging time

MAC address table 30

All Auth manager sessions on the switch authorized for a specified authentication method 124

All Auth manager sessions, displaying summary 124

ANCP client

enabling and configuring 2

guidelines and restrictions 5

identify a port with DHCP option 82 4

identify a port with protocol 2

overview 1

ANCP protocol

identifying a port with 2

app-class and QoS Traffic Mapping 12

applying IPv6 ACLs to a Layer 3 interface 20

AQM via DBL, QoS on Sup 6-E 34, 68

archiving crashfiles information 8

ARP

defined 44

table

address resolution 44

managing 44

asymmetrical links, and 802.1Q tunneling 3

attachment points, Wireshark 6

attributes, RADIUS

vendor-proprietary 112

vendor-specific 111

Auth manager session for an interface, verifying 125

Auth manager summary, displaying 124

authentication

NTP associations 4

RADIUS

key 103

login 105

See also port-based authentication

TACACS+

defined 16

key 18

login 19

Authentication Failed, configuring 80.1X 71

Authentication methods registered with the Auth manager, determining 124

authentication open comand 8

authentication proxy web pages 4

authentication server

defined 3

RADIUS server 3

Authentication, Authorization, and Accounting (AAA) 1

Authoritative DNS server 3

authoritative time source, described 2

authorization

with RADIUS 109

with TACACS+ 16, 21

authorized and unauthorized ports 4

authorized ports with 802.1X 4

Auto Identity

Built-in Policies 4

Class Map Templates 4

Global Template 2

Interface Templates 3

Overview 2

Parameter Maps 5

Service Templates 5

Auto SmartPorts built-in macros

configuring parameters 6

Auto SmartPorts macros

built-in macros 4

configuration guidelines 5

default configuration 4

defined 1

displaying 13

enabling 3

IOS shell 2, 10

Auto Smartports macros

defined 2

Auto SmartPorts user-defined macros

configuring 10

autoconfiguration 2

automatic discovery

considerations 7

Auto-MDIX on a port

configuring 39

displaying the configuration 40

overview 39

autonegotiation feature

forced 10/100Mbps 28

auto-sync command 8, 7

Auto SmartPorts macros

See also SmartPorts macros

Auto Smartports macros

See also Smartports macros

AVC with DNS-AS 1

AVC with DNS-AS Process Flow 4

B

b command 3

b flash command 3

Baby Giants

interacting with 37

BackboneFast

adding a switch (figure) 3

and MST 23

configuring 23

link failure (figure) 22, 23

not supported MST 23

understanding 21

See also STP

banners

configuring

login 27

message-of-the-day login 24

default configuration 24

when displayed 24

BFD

and hardware support 7

configuration example

BFD in a BGP network 25

BFD in an EIGRP network with echo mode enabled by default 17

BFD in an OSPF network 22

support for static routing 27

configuring

Echo mode 15

session parameters on the interface 8

Slow timer 16

support for BGP 9

support for dynamic routing protocols 9

support for EIGRP 10

support for OSPF 11

support for static routing 13

disabling echo mode without asymmetry 16

monitoring and troubleshooting 17

neighbor relationships 3

operation 3

prerequisites 2

restrictions 2

BGP 17

routing session with multi-VRF CE 9

Binding table 3

blocking packets 1

blocking state (STP)

RSTP comparisons (table) 24

Boolean expressions in tracked lists 5

boot bootldr command 32

boot command 28

boot commands 3

boot fields

See configuration register boot fields

boot system command 26, 32

boot system flash command 28

bootstrap program

See ROM monitor

Border Gateway Protocol

See BGP

boundary ports

description 27

BPDU Guard

and MST 23

configuring 23

overview 15

BPDUs

and media speed 2

pseudobridges and 25

what they contain 3

Bridge Assurance 8, 11

bridge ID

See STP bridge ID

bridge priority (STP) 17

bridge protocol data units

See BPDUs

bridging loop 40

Broadcast Storm Control

disabling 5

enabling 2

Built-in macros and user-defined triggers, configuring mapping 9

C

cache engine clusters 1

cache engines 1

cache farms

See cache engine clusters

Call Home

description 24, 1

message format options 2

messages

format options 2

call home 1

alert groups 6

configuring e-mail options 9

contact information 4

default settings 18

destination profiles 5

displaying information 13

mail-server priority 10

pattern matching 8

periodic notification 8

rate limit messages 9

severity threshold 8

smart call home feature 2

SMTP server 9

testing communications 10

call home alert groups

configuring 6

description 6

subscribing 7

call home contacts

assigning information 4

call home destination profiles

attributes 5

configuring 5

description 5

displaying 16

call home notifications

full-txt format for syslog 25

XML format for syslog 28

candidate switch, cluster

defined 12

candidates

automatic discovery 7

capture filter, Wireshark 7

capture points, Wireshark 6

Capturing control packets

selecting mode 7

cautions

Unicast RPF

BGP optional attributes 4

cautions for passwords

encrypting 22

CDP

automatic discovery in communities 7

configuration 1

defined with LLDP 1

displaying configuration 3

enabling on interfaces 2

host presence detection 8

Layer 2 protocol tunneling 13

maintaining 3

monitoring 3

overview 2, 1

cdp enable command 2

CEF

adjacency tables 2

and NSF with SSO 5

configuring load balancing 7

displaying statistics 8

enabling 7, 2

hardware switching 4

load balancing 6

overview 1

software switching 4

certificate authority (CA) 3

CFM

and Ethernet OAM interaction 51

and Ethernet OAM, configuring 51

clearing 31

configuration guidelines 7, 4

configuring crosscheck for VLANs 11

configuring fault alarms 16

configuring port MEP 14

configuring static remote MEP 13, 16, 18

crosscheck 5

defined 2

EtherChannel support 7, 4

fault alarms

configuring 16

IP SLAs support for 6

IP SLAs with endpoint discovers 21

maintenance domain 3

manually configuring IP SLAs ping or jitter 19

measuring network performance 6

monitoring 32, 33

port MEP, configuring 14

remote MEPs 5

static RMEP check 5

static RMEP, configuring 13, 16, 18

Y.1731

described 27

CGMP

overview 1

Change of Authorization, RADIUS 97

channel-group group command 49, 9, 11

Cisco 7600 series Internet router

enabling SNMP 4

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco Group Management Protocol

See CGMP

Cisco IOS IP SLAs 2

Cisco IOS NSF-aware

support 2

Cisco IOS NSF-capable support 2

Cisco IP Phones

configuring 2

sound quality 1

Cisco TrustSec

credentials 21

switch-to-switch security

802.1x mode 22

configuration example 24

manual mode 23

Cisco TrustSec Network Device Admission Control

See NDAC

CiscoWorks 2000 4

CIST

description 22

civic location 3

class level, configure in a service policy 31, 65

class of service

See CoS

clear cdp counters command 3

clear cdp table command 3

clear counters command 45

clear ip eigrp neighbors command 19

clearing

Ethernet CFM 31

IP multicast table entries 28

CLI

accessing 2

backing out one level 5

getting commands 5

history substitution 4

managing clusters 13

modes 5

monitoring environments 1

ROM monitor 7

software basics 4

client processes, tracking 1

clients

in 802.1X authentication 3

clock

See system clock

clustering switches

command switch characteristics

and VTY 12

convert to a community 10

managing

through CLI 13

overview 2

planning considerations

CLI 13

passwords 8

CoA Request Commands 100

command modes 5

command switch, cluster

requirements 11

command-line processing 3

commands

b 3

b flash 3

boot 3

confreg 3

dev 3

dir device 3

frame 5

i 3

listing 5

meminfo 6

reset 3

ROM monitor 2–3

ROM monitor debugging 5–6

SNMP 4

sysret 5

common and internal spanning tree

See CIST

common spanning tree

See CST

community of switches

access modes in Network Assistant 9

adding devices 9

communication protocols 8

community name 8

configuration information 9

converting from a cluster 10

host name 8

passwords 8

community ports 3

community strings

configuring 7

overview 4

community VLANs 2, 3

configure as a PVLAN 15

compiling MIBs 4

config terminal command 9

config-register command 29

configurable leave timer,IGMP 4

configuration examples

SNMP 15

configuration files

limiting TFTP server access 15

obtaining with DHCP 6

saving 10

system contact and location information 14

configuration guidelines

CFM 7, 4

Ethernet OAM 35

REP 7

SNMP 6

VLAN mapping 9

configuration register

boot fields

listing value 30

modifying 29

changing from ROM monitor 3

changing settings ??–29

configuring 26

settings at startup 28

configure class-level queue-limit in a service policy 31, 65

configure terminal command 2

Configuring a DNS Server as the Authoritative Server 9

configuring access-group mode on Layer 2 interface 35

configuring flow control 32

configuring interface link and trunk status envents 46

configuring named IPv6 ACLs 18

configuring named MAC extended ACLs 16, 17

Configuring QoS for AVC with DNS-AS 11

configuring unicast MAC address filtering 16

configuring VLAN maps 21

confreg command 3

Connectivity Fault Management

See CFM

console configuration mode 5

console download 4–5

console port

disconnecting user sessions 7

monitoring user sessions 6

contact information

assigning for call home 4

Control Plane Policing

and Layer 2 Control packet QoS, configuration example 18

configuration guidelines and restrictions 9

configuring for control plane traffic 5

configuring for data plane and management plan traffic 6

defaults 4

general guidelines 4

monitoring 10

understanding 2

control protocol, IP SLAs 4

controlling switch access with RADIUS 95

convergence

REP 4

copy running-config startup-config command 10

copy system:running-config nvram:startup-config command 33

core system filter, Wireshark 7

CoS

definition 3

figure 2

overriding on Cisco IP Phones 4

priority 4

counters

clearing MFIB 29

clearing on interfaces 44

CPU port sniffing 10

CPU, impact of ACL processing 13

crashfiles information, archiving 8

Critical Authentication

configure with 802.1X 62

crosscheck, CFM 5, 11

CST

description 25

IST and 22

MST and 22

CTS Fields 6

customer edge devices 2

C-VLAN 2, 7

D

database agent

configuration examples 15

enabling the DHCP Snooping 13

daylight saving time 13

debug commands, ROM monitor 5–6

decoding and displaying packets, Wireshark 9

Default Configuration 6

default configuration

802.1X 27

banners 24

DNS 23

Ethernet OAM 35

IGMP filtering 30

IGMP snooping 5, 6

IP SLAs 6

IPv6 8

Layer 2 protocol tunneling 16

LLDP 5

MAC address table 30

MVR 23

NTP 4

private VLANs 12

RADIUS 102

REP 7

resetting the interface 48

RMON 3

SNMP 5

SPAN and RSPAN 6

system message logging 3

TACACS+ 18

VLAN mapping 9

Y.1731 29

default gateway

configuring 11

verifying configuration 11

default settings, erase commad 34

default web-based authentication configuration

802.1X 6

defining/modifying/deleting a capture point, Wireshark 12

denial-of-service attacks

IP address spoofing, mitigating 5

Unicast RPF, deploying 5

denying access to a server on another VLAN 27

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 12, 13

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 13

description command 32

dev command 3

device discovery protocol 1

device IDs

call home format 21, 22

device sensor

configuring 117

DHCP

configuring

rate limit for incoming packets 13

denial-of-service attacks, preventing 13

rate limiting of packets

configuring 13

DHCP option 82

identifying a port with 4

overview 3

DHCP Snooping

enabling, and Option 82 10

DHCP snooping

accepting untrusted packets form edge switch 10

configuring 6

default configuration 7

displaying binding tables 19

displaying configuration 19

displaying information 18

enabling 7

enabling on private VLAN 12

enabling on the aggregation switch 9

enabling the database agent 13

message exchange process 4

monitoring 23

option 82 data insertion 3

overview 1

Snooping database agent 2

DHCP Snooping Database Agent

adding to the database (example) 18

enabling (example) 15

overview 2

reading from a TFTP file (example) 17

DHCP-based autoconfiguration

client request message exchange 3

configuring

client side 2

DNS 5

relay device 5

server-side 4

TFTP server 4

example 7

lease options

for IP address information 4

for receiving the configuration file 4

overview 2

relationship to BOOTP 2

Diagnostics

online 1

Power-On-Self-Test

causes of failure 20

how it works 10

overview 10

Power-On-Self-Test for Supervisor Engine V-10GE 13

Differentiated Services Code Point values

See DSCP values

DiffServ architecture, QoS 2

Digital optical monitoring transceiver support 26

dir device command 3

disabled state

RSTP comparisons (table) 24

disabling

broadcast storm control 5

disabling multicast storm control 6

disconnect command 7

discovery, clusters

See automatic discovery

discovery, Ethernet OAM 34

display dection and removal events 7

display filter, Wireshark 7

display PoE consumed by a module 8

display PoE detection and removal events 7

displaying

Auth Manager sumary for an interface 124

MAB details 126

summary of all Auth manager sessions 124

summary of all Auth manager sessions on the switch authorized for a specified authentication method 124

displaying EtherChannel to a Virtual Switch System 20

displaying storm control 6

displaying Wireshark information 14

dispute mechanism 40

DNS

and DHCP-based autoconfiguration 5

default configuration 23

displaying the configuration 24

overview 22

setting up 23

DNS client 3

Domain Name System

See DNS

domain names

DNS 22

double-tagged packets

802.1Q tunneling 2

Layer 2 protocol tunneling 15

downloading MIBs 2, 3

drop threshold for Layer 2 protocol packets 16

DSCP values

definition 4

IP precedence 2

Dual_Active Detection

using Enhanced PAgP 23

Dual-Active Detection, using Fast-Hello 24

duplex command 30

duplex mode

configuring interface 27

dynamic ARP inspection

ARP cache poisoning 2

configuring

ACLs for non-DHCP environments 11

in DHCP environments 5

log buffer 14

rate limit for incoming ARP packets 16

denial-of-service attacks, preventing 16

interface trust state, security coverage 3

log buffer

configuring 14

logging of dropped packets 4

overview 1

port channels, their behavior 5

priority of static bindings 4

purpose of 2

rate limiting of ARP packets 4

configuring 16

validation checks, performing 19

Dynamic Host Configuration Protocol snooping

See DHCP snooping

dynamic port VLAN membership

example 28

limit on hosts 28

reconfirming 25, 26

troubleshooting 28

E

EAP frames

changing retransmission time 85

exchanging (figure) 4, 6, 13

request/identity 4

response/identity 4

setting retransmission number 86

EAPOL frames

802.1X authentication and 3

OTP authentication, example (figure) 4, 13

start 4

Echo mode,configuring BFD 15

edge ports

description 27

EGP

overview 17

EIGRP

configuration examples 20

monitoring and maintaining 19

EIGRP (Enhanced IGRP)

stub routing

benefits 18

configuration tasks 18

configuring 14

overview 14

restrictions 18

verifying 19

EIGRP (enhanced IGRP)

overview 18

eigrp stub command 19

EIGRP stub routing, configuring 13

ELIN location 3

e-mail addresses

assigning for call home 4

e-mail notifications

Call Home 24, 1

Embedded CiscoView

displaying information 48

installing and configuring 45

overview 45

emergency alarms on Sup Engine 6-E systems 5

enable command 9

enable mode 5

enabling SNMP 4

encryption keying 2

encryption keys, MKA 2

Enhanced Interior Gateway Routing Protocol

See EIGRP

enhanced object tracking

defined 1

IP routing state 2

line-protocol state 2

tracked lists 3

Enhanced PoE support on E-series 15

Enhanced PoE support on E-series,configuring Universal PoE 16

environmental monitoring

using CLI commands 1

EPM logging 127

errdisable recovery

configuring 14

ERSPAN

Overview 2

EtherChannel

channel-group group command 49, 9, 11

configuration guidelines 32, 6

configuring 7–20

configuring (tasks) 30

configuring Layer 2 11

configuring Layer 3 7

DFC restriction, see CSCdt27074 in the Release Notes

displaying to a virtual switch system 20

interface port-channel command 8

lacp system-priority

command example 16

modes 3

overview 1

PAgP

Understanding 4

physical interface configuration 49, 8

port-channel interfaces 2

port-channel load-balance command 19

removing 20

removing interfaces 19

understanding 1

EtherChannel guard

disabling 7

enabling 6

overview 6

Ethernet management port

and routing 6

and routing protocols 6

configuring 10

default setting 6

described 29, 6

for network management 29, 6

specifying 10

supported features 9

unsupported features 10

Ethernet management port, internal

and routing protocols 6

Ethernet Management Port, using 5

Ethernet OAM 34

and CFM interaction 51

configuration guidelines 35

configuring with CFM 51

default configuration 35

discovery 34

enabling 36, 52

link monitoring 34, 38

messages 34

protocol

defined 33

monitoring 49

remote failure indications 34

remote loopback 34, 37

templates 45

Ethernet OAM protocol CFM notifications 51

Ethernet Remote Defect Indication (ETH-RDI) 28

event triggers, user-defined

configuring, 802.1X-based 8

configuring, MAC address-based 9

explicit host tracking

enabling 11

extended range VLANs

See VLANs

Extensible Authentication Protocol over LAN 1

Exterior Gateway Protocol

See EGP

F

Fa0 port

See Ethernet management port

Failure detection, using BFD 7

Fallback Authentication

 

configure with 802.1X 77

fast link notification

on VSL failure 13

Fast UDLD

configuring probe message interval 8

default configuration 3

displaying link status 9

enabling globally 5

enabling on individual interface 7

enabling per-interface 6

modes of operation 3

resetting disabled LAN interfaces 8

use case 2

Fast UDLD, overview 1

FastDrop

overview 11

fastethernet0 port

See Ethernet management port

Fast-Hello

dual-active detection 24

Fast-Hello dual-active detection, configuring 53

feature interactions, Wireshark 10

FIB

description 2

See also MFIB

fiber-optics interfaces

disabling UDLD 7

Filter-ID ACL and Per-User ACL, configureport-based authentication

configure Per-User ACL and Filter-ID ACL 45

filtering

in a VLAN 21

non-IP traffic 16, 17

filters, Wireshark 6

flags 12

Flash memory

configuring router to boot from 32

loading system images from 31

security precautions 32

Flex Links

configuration guidelines 5

configuring 6

configuring preferred VLAN 9

configuring VLAN load balancing 8

monitoring 12

Flexible NetFlow

caveats 8

defined 4, 1

flooded traffic, blocking 2

flow control, configuring 32

flowchart, traffic marking procedure 21, 55

For 13

Forward look-up 2

forward-delay time (STP)

configuring 19

forwarding information base

See FIB

frame command 5

G

gateway

See default gateway

get-bulk-request operation 3

get-next-request operation 3, 4

get-request operation 3, 4

get-response operation 3

Gigabit Ethernet SFP ports

deploy with 10-Gigabit Ethernet 12, 13

GLBP, introduction 15

global configuration mode 5

Guest-VLANs

configure with 802.1X 57

H

hardware and software ACL support 6

hardware switching 5

hello time (STP)

configuring 17

High Availability and ISSU for AVC with DNS-AS 5

high CPU due to ACLs, troubleshooting 7

history

CLI 4

history table, level and number of syslog messages 9

hop counts

configuring MST bridges 28

Host 2

host

limit on dynamic port 28

host modes, MACsec 5

host ports

kinds of 4

host presence CDP message 8

Hot Standby Routing Protocol

See HSRP

HSRP

description 16

HSRP, introduction 16

hw-module module num power command 22

I

i command 3

ICMP

enabling 12

ping 7

running IP traceroute 9

time exceeded messages 9

ICMP Echo operation

configuring 11

IP SLAs 11

IDS

using with SPAN and RSPAN 2

IEEE 802.1ag 2

IEEE 802.1s

See MST

IEEE 802.1w

See MST

IEEE 802.3ad

See LACP

IGMP

configurable-leave timer 4

description 3

enabling 15

explicit host tracking 4

immediate-leave processing 3

leave processing, enabling 8

overview 1

report suppression

disabling 10

IGMP filtering

configuring 31

default configuration 30

described 30

monitoring 34

IGMP groups

setting the maximum number 33

IGMP Immediate Leave

configuration guidelines 9

IGMP profile

applying 32

configuration mode 31

configuring 31

IGMP Snooping

configure

leave timer 9

configuring

Learning Methods 7

static connection to a multicast router 8

configuring host statically 11

enabling

Immediate-Leave processing

explicit host tracking 11

suppressing multicast flooding 12

IGMP snooping

configuration guidelines 5

default configuration 5, 6

enabling

globally 6

on a VLAN 6

enabling and disabling 6

IP multicast and 4

monitoring 14, 10

overview 1

IGMP Snooping, displaying

group 16

hot membership 15

how to 15

MAC address entries 18

multicast router interfaces 17

on a VLAN interface 18

Querier information 19

IGMPSnooping Querier, configuring 10

Immediate Leave, IGMP

enabling 8

immediate-leave processing

enabling 8

IGMP

See fast-leave processing

ingress packets, SPAN enhancement 12

inline power

configuring on Cisco IP phones 5

insufficient inline power handling for Supervisor Engine II-TS 22

Intelligent Power Management 4

interacting with Baby Giants 37

interface

displaying operational status 6

interface command 9, 2

interface configuration

REP 10

interface link and trunk status events

configuring 46

interface port-channel command 48, 8

interface range command 4

interface range macro command 10

interfaces

adding descriptive name 32

clearing counters 44

configuring 2

configuring ranges 4

displaying information about 44

Layer 2 modes 3

maintaining 44

monitoring 44

naming 32

numbers 2

overview 2

restarting 45

See also Layer 2 interfaces

using the Ethernet Management Port 5

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

introduction

802.1X Identity-Based Network Security, list of supported features 34

Bidirectional Forwarding Detection 14

Cisco Call Home 24

Cisco Energy Wise 24

Cisco Express Forwarding 14

Cisco IOS IP Service Level Agreements 25

Cisco IOS Mediatrace and Performance Monitor 27

Cisco Media Services Proxy 25

Cisco Medianet AutoQoS 26

Cisco Medianet Flow Metadata 26

Cisco TrustSec MACsec Encryption 36

Cisco TrustSec Security Architecture 36

Debugging Features (platform and debug platform) 43

Device Sensor 14

Dynamic Host Control Protocol 28

Easy Virtual Network 28

EIGRP Stub routing 14

Embedded Event Manager 29

Enhanced Object Tracking 15

EtherChannel bundles 3

Ethernet CFM 3

Ethernet Management Port 29

Ethernet OAM Protocol 3

FAT File Management System (Sup 60-E, 6L-E, 4948E, and 4900M) 30

File System Management (Sup 7-E and 7L-E) 29

Flex Link and MAC Address-Table Move Update 3

Flexible Netflow (Sup 7-E and 7L-E) 4

GLBP 15

hard-based Control Plane Policing 37

HSRP 16

In Service Software Upgrade 19

Intelligent Power Management 30

Internet Group Management Protocol (IGMP) Snooping 4

IP Routing protocols 17

IP Source Guard 38

IP Source Guard or Static Hosts 38

IPv6 20

IPv6 First Hop Security 38

IPv6 Multicast BSR and BSR Scoped Zone Support, introduction 5

IPv6 Multicast Listen Discovery (MLD) and Multicast Listen Discovery Snooping 6

IS-IS 18

Jumbo Frame 6

Layer 2 traceroute 43

Link Aggregation Control Protocol 7

MAC Address Notification 30

NAC

Layer 2 802.1X authentication 40

Layer 2 IP validation 40

NetFlow-lite 31

Network Security with ACLs (IP ACLs, MAC ACLs, Port ACLs, Router, ACLs, and VLAN ACLs) 41

NSF with SSO 21

OSPF 19

OSPF for Routed Access 21

Port Security 41

Power over Ethernet 31

RIP 19

Simple Network Management Protocol 31

SPAN and RSPAN 32

Time Domain Reflectometry 43

Unicast Reverse Path Forwarding 22

Universal Power over Ethernet 32

Virtual Router Redundancy Protocol 23

VRF-lite 23

Web Content Coordination Protocol 32

Web-based Authentication 43

Wireshark 33

XML-PI 33

Intrusion Detection System

See IDS

inventory management TLV 3, 9

IOS shell

See Auto SmartPorts macros

IP

configuring default gateway 11

configuring static routes 11

displaying statistics 8

IP addresses

128-bit 2

cluster candidate or member 12

cluster command switch 11

discovering 44

IPv6 2

ip cef command 7, 2

IP Enhanced IGRP

interfaces, displaying 20

ip icmp rate-limit unreachable command 12

ip igmp profile command 31

ip igmp snooping tcn flood command 13

ip igmp snooping tcn flood query count command 14

ip igmp snooping tcn query solicit command 14

IP information

assigned

through DHCP-based autoconfiguration 2

ip load-sharing per-destination command 8

ip local policy route-map command 12

ip mask-reply command 13

IP MTU sizes,configuring 9

IP multicast

clearing table entries 28

configuring 13

default configuration 14

displaying PIM information 24

displaying the routing table information 24

enabling dense-mode PIM 15

enabling sparse-mode 15

features not supported 13

hardware forwarding 9

IGMP snooping and 5, 4

overview 1

routing protocols 2

software forwarding 9

See also Auto-RP; IGMP; PIM; RP; RPF

IP multicast routing

enabling 14

monitoring and maintaining 23

IP multicast traffic, load splitting 22

ip multicast-routing command 14

IP phones

configuring voice ports 3

See Cisco IP Phones 1

ip pim command 15

ip pim dense-mode command 15

ip pim sparse-dense-mode command 16, 17

ip policy route-map command 9, 11, 14, 15

IP Port Security for Static Hosts

on a Layer 2 access port 25

on a PVLAN host port 28

overview 24

ip redirects command 13

IP routing tables

deleting entries 28

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 1

IP SLAs

benefits 2

CFM endpoint discovery 21

configuration guidelines 7

Control Protocol 4

default configuration 6

definition 1

ICMP echo operation 11

manually configuring CFM ping or jitter 19

measuring network performance 3

multioperations scheduling 5

operation 3

reachability tracking 10

responder

described 4

enabling 7

response time 4

scheduling 5

SNMP support 2

supported metrics 2

threshold monitoring 6

track state 10

UDP jitter operation 8

IP Source Guard

configuring 20

configuring on private VLANs 22

displaying 22, 23

overview 23

IP statistics

displaying 8

IP traceroute

executing 9

overview 8

IP unicast

displaying statistics 8

IP Unnumbered support

configuring on a range of Ethernet VLANs 5

configuring on LAN and VLAN interfaces 4

configuring with connected host polling 6

DHCP Option 82 2

displaying settings 7

format of agent remote ID suboptions 2

troubleshooting 8

with conected host polling 3

with DHCP server and Relay agent 2

ip unreachables command 12

IPsec VPN, introduction 40

IPv4, IPv6, and MAC ACLs, configuring on a Layer 2 interface 33

IPv6

addresses 2

default configuration 8

defined 20, 1

Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 6

Router ID 7

OSPF 6

IPv6 control traffic, policing 20

IPv6 First Hop Security, introduction 38

IPX

redistribution of route information with EIGRP 18

is 23

IS-IS, introduction 18

ISL

trunking with 802.1Q tunneling 4

isolated port 4

isolated VLANs 2, 3, 4

ISSU

compatibility matrix 63, 14

compatiblity verification using Cisco Feature Navigator 64, 15

NSF overview 3, 4

perform the process

aborting a software upgrade 79, 34, 36

configuring the rollback timer as a safeguard 81, 35, 37

displaying a compatibility matrix 82, 36, 40, 39

loading the new software on the new standby 72, 27, 28

stopping the rollback timer 72, 26, 27

switching to the standby 70, 24, 25

verify the ISSU state 67, 20, 21

verify the redundancy mode 65, 19

verify the software installation 65, 18, 19

vload the new software on standby 68, 21

prerequisites 58, 1, 2

process overview 6, 7

restrictions 58, 1, 2

SNMP support 15

SSO overview 3, 4

versioning capability in software to support 13

IST

and MST regions 22

description 22

master 27

ITU-T Y.1731

See Y.1731

J

jumbo frames

and ethernet ports 36

configuring MTU sizes for 37

ports and linecards that support 34

understanding MTUs 35

understanding support 35

VLAN interfaces 36

K

keyboard shortcuts 3

L

l2protocol-tunnel command 17, 19

labels, definition 3

LACP

system ID 5

Layer 2 access ports 7

Layer 2 Control Packet QoS

and CoPP configuration example 18

default configuation 15

disabling 17

enabvling 15

guideline and restrictions 20

understanding 15

Layer 2 frames

classification with CoS 2

Layer 2 interface

applying ACLs 35

configuring access-mode mode on 35

configuring IPv4, IPv6, and MAC ACLs 33

displaying an ACL configuration 36

Layer 2 interface type

resetting 24

setting 24

Layer 2 interfaces

assigning VLANs 7

configuring 5

configuring as PVLAN host ports 18

configuring as PVLAN promiscuous ports 17

configuring as PVLAN trunk ports 19

defaults 4

disabling configuration 8

modes 3

show interfaces command 6

Layer 2 protocol tunneling

default configuration 16

guidelines 16

Layer 2 switching

overview 1

Layer 2 Traceroute

and ARP 10

and CDP 10

host-to-host paths 10

IP addresses and subnets 10

MAC addresses and VLANs 10

multicast traffic 10

multiple devices on a port 10

unicast traffic 43, 9

usage guidelines 10

Layer 2 trunks

configuring 5

overview 3

Layer 3 interface counters,configuring 11

Layer 3 interface counters,understanding 3

Layer 3 interface, applying IPv6 ACLs 20

Layer 3 interfaces

changing from Layer 2 mode 15

configuration guidelines 5

configuring VLANs as interfaces 8

overview 1

counters 3

logical 2

physical 2

SVI autostate exclude 3

Layer 3 packets

classification methods 2

Layer 4 port operations

configuration guidelines 12

restrictions 11

Leave timer, enabling 9

licenses, managing with PRTU 14

limitations on using a TwinGig Convertor 13

Link Aggregation Control Protocol, introduction 7

link and trunk status events

configuring interface 46

link integrity, verifying with REP 4

Link Layer Discovery Protocol

See CDP

link monitoring, Ethernet OAM 34, 38

link status, displaying UDLD 9

link-state tracking

configuration guidelines 26

default configuration 26

described 23

displaying status 27

generic configuration procedure 26

listening state (STP)

RSTP comparisons (table) 24

LLDP

configuring 4

characteristics 5

default configuration 5

disabling and enabling

globally 6

on an interface 7

monitoring and maintaining 14

overview 1

transmission timer and holdtime, setting 5

LLDP Media Endpoint Discovery

See LLDP-MED

LLDP-MED

configuring

procedures 4

TLVs 9, 11

monitoring and maintaining 14

overview 1

supported TLVs 2

load balancing

configuring for CEF 7

configuring for EtherChannel 18

overview 6

per-destination 7

load splitting IP multicast traffic 22

Location Service

overview 1

location service

configuring 12

understanding 3

location TLV 3, 9

logging, EPM 127

Logical Layer 3 interfaces

configuring 6

logical layer 3 VLAN interfaces 2

login authentication

with RADIUS 105

with TACACS+ 19

login banners 24

login timer

changing 6

logoutwarning command 6

loop guard

and MST 23

configuring 5

overview 3

M

MAC address learning, disabling on a VLAN 39

confuguring 39

deployment scenarios 40

feature compatibility 42

feature incompatibility 43

feature inompatibility 43

usage guidelines 40

MAC address table

displaying 44

MAC addresses

aging time 30

allocating 6

and VLAN association 29

building tables 28, 2

convert dynamic to sticky secure 5

default configuration 30

disabling learning on a VLAN 39

discovering 44

displaying 3

displaying in DHCP snooping binding table 19

dynamic

learning 29

removing 31

in ACLs 16

static

adding 37

allowing 38

characteristics of 36

dropping 38

removing 37

sticky 4

sticky secure, adding 5

MAC address-table move update

configuration guidelines 9

configuring 10

monitoring 12

MAC Authentication Bypass

configure with 802.1X 60

MAC details, displaying 126

MAC extended access lists 16

MAC/PHY configuration status TLV 2

macl 17

macros

See Auto SmartPorts macros

See Auto Smartports macros

See Smartports macros

MACSec

802.1AE Tagging 20

MACsec 2

configuring on an interface 8, 15

defined 1, 2

switch-to-switch security 1

MACsec Key Agreement Protocol

See MKA

main-cpu command 8, 7

management address TLV 2

management options

SNMP 1

Management Port, Ethernet 5

managing software licenses, using PRTU 14

manual preemption, REP, configuring 13

marking

hardware capabilities 23, 57

marking action drivers 21, 55

marking network traffic 18, 52

marking support, multi-attribute 22, 56

match ip address command 8, 10, 12, 13

maximum aging time (STP)

configuring 18

MDA

configuration guidelines 22–??

described 22

MEC

configuration 48

described 13

failure 14

Media Access Control Security

See MACsec

member switch

managing 13

member switch, cluster

defined 2

members

automatic discovery 7

meminfo command 6

messages, Ethernet OAM 34

messages, to users through banners 24

Metadata 2

Metro features

Y.1731 (AIS and RDI), introduction 13

metro tags 2

MFIB

CEF 6

overview 12

MFIB, IP

displaying 26

MIBs

compiling 4

downloading 2, 3

overview 1

related information 3

SNMP interaction with 4

MKA

configuring policies 7

defined 2

policies 3

replay protection 3

statistics 6

virtual ports 4

MLD Done messages and Immediate-leave 4

MLD messages 2

MLD queries 3

MLD reports 4

MLD Snooping

MLD Done messages and Immediate-leave 4

MLD messages 2

MLD queries 3

MLD reports 4

Multicast client aging robustness 3

Multicast router discovery 3

overview 1

Mode of capturing control packets, selecting 7

modules

checking status 1

powering down 22

monitoring

802.1Q tunneling 23

ACL information 39

Ethernet CFM 32, 33

Ethernet OAM 49

Ethernet OAM protocol 49

Flex Links 12

IGMP

snooping 10

IGMP filters 34

IGMP snooping 14

Layer 2 protocol tunneling 23

MAC address-table move update 12

multicast router interfaces 11

multi-VRF CE 14, 21

MVR 29

object tracking 13

REP 14

traffic flowing among switches 1

tunneling 23

VLAN filters 28

VLAN maps 28

monitoring and troubleshooting

BFD 17

Monitoring AVC with DNS-AS 20

M-record 23

MST

and multiple spanning trees 8, 22

boundary ports 27

BPDUs 23

configuration parameters 26

configuring 28

displaying configurations 32

edge ports 27

enabling 29

hop count 28

instances

configuring parameters 31

description 23

number supported 26

interoperability with PVST+ 23

link type 28

master 27

message age 28

regions 26

restrictions 28

to-SST interoperability 24

MSTP

EtherChannel guard

enabling 6

M-record 23

M-tree 23

MST-to-PVST+ Interoperability (PVST+ simulation) 35

MST-to-PVST+ Interoperability guidelines 35

M-tree 23

MTU size

configuring 37, 38, 46, 47

default 4

MTUS

understanding 35

Multi-authentication

described 22

multiauthentication mode 8

multicast

See IP multicast

Multicast client aging robustness 3

multicast Ethernet loopback (ETH-LB) 29

multicast Ethernet loopback, using 31

Multicast Forwarding Information Base (MFIB) 12

multicast groups

static joins 7

Multicast HA 13

Multicast implementation

HA 13

MFIB 12

S/M, 224/4 13

multicast packets

blocking 2

Multicast router discovery 3

multicast router interfaces, displaying 17

multicast router interfaces, monitoring 11

multicast router ports, adding 7

multicast router table

displaying 24

multicast routers

flood suppression 12

Multicast Storm Control

 

enabling 4

disabling 6

multicast television application, using MVR 21

Multicast VLAN Registration

See MVR

multichassis EtherChannel

see MEC 13

multidomain authentication

See MDA

multidomain authentication mode 7

multioperations scheduling, IP SLAs 5

Multiple AuthorizationAuthentication

configuring 34

Multiple Domain Authentication 34

multiple forwarding paths 8, 22

Multiple Spanning Tree

See MST

multiple VPN routing/forwarding

See multi-VRF CE

multiple-hosts mode 7

multi-VRF CE

components 3

configuration example 17

defined 1

displaying 14, 21

monitoring 14, 21

network components 3

packet-forwarding process 3

MVR

configuration guidelines and limitations 23

configuring global parameters 24

configuring on a trunk port 27

configuring on access ports 26

default configuration 23

displaying information 29

in a multicast television application 21

monitoring 29

setting global parameters 24

N

NAC Layer 2 802.1X authentication, intro 40

NAC Layer 2 IP validation, intro 40

named IPv6 ACLs, configuring

ACLs

configuring named IPv6 ACLs 18

named MAC extended ACLs

ACLs

configuring named MAC extended 16, 17

native VLAN

and 802.1Q tunneling 3

specifying 5

NDAC 20

defined 20

MACsec 1

NEAT

configuring 88

overview 24

neighbor offset numbers, REP 5

NetFlow packet sampling

about 1

NetFlow-lite

clear commands 9

display commands 8

Network Assistant

and VTY 12

configure

enable communication with switch 13, 17

default configuration 2

overview of CLI commands 3

Network Device Admission Control (NDAC) 20

Network Edge Access Topology

See NEAT

network fault tolerance 8, 22

network management

configuring 1

RMON 1

SNMP 1

network performance, measuring with IP SLAs 3

network policy TLV 2, 9

Network Time Protocol

See NTP

network traffic, marking 18, 52

New Software Features in Release 7.7

TDR 3

Next Hop Resolution Protocol

See NHRP

NHRP

support 18

non-fiber-optics interfaces

disabling UDLD 7

non-IP traffic filtering 16, 17

non-RPF traffic

description 10

in redundant configurations (figure) 11

Nonstop Forwarding

See NSF

nonvolatile random-access memory

See NVRAM

normal-range VLANs

See VLANs

NSF

defined 1

guidelines and restrictions 9

operation 4

NSF with SSO supervisor engine redundancy

and CEF 5

overview 3

SSO operation 4

NSF-aware

supervisor engines 3

support 2

NSF-capable

supervisor engines 3

support 2

NTP

associations

authenticating 4

defined 2

enabling broadcast messages 7

peer 6

server 6

default configuration 4

displaying the configuration 11

overview 2

restricting access

creating an access group 9

disabling NTP services per interface 10

source IP address, configuring 10

stratum 2

synchronizing devices 6

time

services 2

synchronizing 2

ntroduction

PPPoE Intermediate Agent 41

Storm Control 42

uRPF Strict Mode 42

NVRAM

saving settings 10

O

OAM

client 34

features 34

sublayer 34

OAM manager

configuring 52

with CFM and Ethernet OAM 51

OAM PDUs 35

OAM protocol data units 33

OBFL, displaying for the 9000W AC 4

object tracking

monitoring 13

OIR

overview 41

on-demaind online diagnostics 2

online diagnostic

troubleshooting 8

Online Diagnostics 1

online diagnostics

configuring on-demaind 2

data path, displaying test results 7

displaying tests and test results 4

linecard 8

scheduling 2

starting and stopping tests 3

online insertion and removal

See OIR

Open Shortest Path First

See OSPF

operating system images

See system images

Option 82

enabling DHCP Snooping 10

OSPF

area concept 19

description 19

for IPv6 6

OSPF for Routed Access, introduction 21

OSPF, introduction 19

P

packet type filtering

overview 14

SPAN enhancement 14

packets

modifying 9

PACL

using with access-group mode 34

PACL configuration guidelines 32

PACL with VLAN maps and router ACLs 36

PAgP

understanding 4

PAgP, dual-active detection 23

passwords

configuring enable password 14

configuring enable secret password 14

encrypting 22

in clusters 8

recovering lost enable password 25

setting line password 14

PBR (policy-based routing)

configuration (example) 16

enabling 7, 10

features 2

overview 1

route maps 2

route-map processing logic 3

when to use 6

PE to CE routing, configuring 9

percentage thresholds in tracked lists 7

Permanent Right-To_Use 14

per-port and VLAN Access Control List 19

per-port per-VLAN QoS

enabling 36, 70

overview 10

Per-User ACL and Filter-ID ACL, configure 45

Per-VLAN Rapid Spanning Tree 6

enabling 20

overview 6

physical layer 3 interfaces 2

Physical Layer 3 interfaces, configuring 12

PIM

configuring dense mode 15

configuring sparse mode 15

displaying information 24

displaying statistics 28

enabling sparse-dense mode 15, 16

overview 3

PIM on an interface, enabling 15

PIM-DM 3

PIM-SM 3

PIM-SSM mapping, enabling 17

ping

executing 8

overview 7

ping command 8, 24

PoE 7, 8

configuring power consumption for single device 5, 16

configuring power consumption, powered devices 5

displaying operational status for an interface 6

Enhanced PoE support on E-series 15

policing and monitoring 12

power consumption for powered devices

Intelligent Power Management 4

power management modes 2

powering down a module 22

PoE policing

configuring errdisable recovery 14

configuring on an interface 13

displaying on an interface 14

power modes 12

point-to-point

in 802.1X authentication (figure) 3

policing

how to implement 18, 52

See QoS policing

policing IPv6 control traffic 20

policing, PoE 12

policy associations, QoS on Sup 6-E 39, 73

policy map marking action, configuring 23, 57

policy-map command 16, 51

port ACLs

and voice VLAN 5

defined 3

Port Aggregation Protocol

see PAgP

port cost (STP)

configuring 15

port description TLV 2

port numbering with TwinGig Convertors 13

port priority

configuring MST instances 31

configuring STP 13

port security

aging 5

configuring 7

displaying 28

guidelines and restrictions 33

on access ports 7, 22

on private VLAN 14

host 14

promiscuous 16

topology 15, 18, 32

on trunk port 17

guidelines and restrictions 15, 18, 32

port mode changes 22

on voice ports 22

sticky learning 5

using with 802.1X 18

violations 6

with 802.1X Authentication 32

with DHCP and IP Source Guard 31

with other features 33

port states

description 5

port VLAN ID TLV 2

port-based authentication

802.1X with voice VLAN 21

Authentication Failed VLAN assignment 16

authentication server

defined 2

changing the quiet period 84

client, defined 3, 2

configuration guidelines 28, 6

configure ACL assignments and redirect URLs 38

configure switch-to-RADIUS server communication 32

configure with Authentication Failed 71

configure with Critical Authentication 62

configure with Guest-VLANs 57

configure with MAC Authentication Bypass 60

configure with VLAN User Distribution 68

configure with Voice VLAN 73

configuring

Multiple Domain Authentication and Multiple Authorization 34

RADIUS server 10

RADIUS server parameters on the switch 9

configuring Fallback Authentication 77

configuring Guest-VLAN 32

configuring manual re-authentication of a client 94

configuring with Unidirectional Controlled Port 66

controlling authorization state 5

default configuration 27, 6

described 1

device roles 2

displaying statistics 123, 14

enabling 29

802.1X authentication 9

enabling multiple hosts 83

enabling periodic re-authentication 81

encapsulation 3

host mode 6

how 802.1X fails on a port 25

initiation and message exchange 4

method lists 29

modes 6

multidomain authentication 22

multiple-hosts mode, described 7

port security

multiple-hosts mode 7

ports not supported 4

pre-authentication open access 8

resetting to default values 95

setting retransmission number 86

setting retransmission time 85

switch

as proxy 2

switch supplicant

configuring 88

overview 24

topologies, supported 26

using with ACL assignments and redirect URLs 19

using with port security 18

voice aware 802.1x security

configuring 74

described 21, 74

with Critical Authentication 14

with Guest VLANs 10

with MAC Authentication Bypass 11

with Unidirectional Controlled Port 15

with VLAN assignment 9

with VLAN User Distribution 15

port-channel

see EtherChannel

port-channel interfaces

See also EtherChannel

creating 48, 8

overview 2

port-channel load-balance

command 14, 16

command example 16

port-channel load-balance command 19

PortFast

and MST 23

configuring or enabling 23

overview 7

PortFast BPDU filtering

and MST 23

overview 16

PortFast Edge BPDU Filtering 17

ports

blocking 1

checking status 2

dynamic VLAN membership

example 28

reconfirming 25, 26

forwarding, resuming 3

REP 6

See also interfaces

power

inline 5

power dc input command 21

power handling for Supervisor Engine II-TS 12

power inline command 3

power inline consumption command 5

power management

Catalyst 4500 series 7

Catalyst 4500 Switch power supplies 14

Catalyst 4948 series 23

configuring combined mode 13

configuring redundant mode 12

overview 1

redundancy 7

power management for Catalyst 4500 Switch

combined mode 9

redundant mode 9

power management limitations in Catalyst 4500 Switch 10

power management mode

selecting 10

power management TLV 2, 3, 9

power negotiation

through LLDP 11

power policing, displaying on an interface 14

power redundancy-mode command 13

power supplies

available power for Catalyst 4500 Switch 14

fixed 8

variable 8, 23

powered devices, configuring power consumption 5

Power-On-Self-Test diagnostics 10, 20

Power-On-Self-Test for Supervisor Engine V-10GE 13

pre-authentication open access 8

pre-authentication open access. See port-based authentication.

preempt delay time, REP 5

primary edge port, REP 4

primary VLANs 2, 4

associating with secondary VLANs 16

configuring as a PVLAN 15

priority

overriding CoS of incoming frames 4

priority queuing, QoS on Sup 6-E 30, 64

private VLAN

configure port security 14, 15

enabling DHCP Snooping 12

private VLANs

across multiple switches 5

and SVIs 10

benefits of 2

community ports 3

community VLANs 2, 3

default configuration 12

end station access to 3

isolated port 4

isolated VLANs 2, 3, 4

ports

community 3

isolated 4

promiscuous 4

primary VLANs 2, 4

promiscuous ports 4

secondary VLANs 2

subdomains 2

traffic in 9

privileged EXEC mode 5

privileges

changing default 23

configuring levels 23

exiting 24

logging in 24

promiscuous ports

configuring PVLAN 17

defined 4

setting mode 24

protocol timers 4

provider edge devices 2

PRTU, managing software licenses 14

pruning, VTP

See VTP pruning

pseudobridges

description 25

PVACL 19

PVID (port VLAN ID)

and 802.1X with voice VLAN ports 21

PVLAN promiscuous trunk port

configuring 11, 17, 21

PVLANs

802.1q support 14

across multiple switches 5

configuration guidelines 12

configure port security 14, 16, 18

configure port security in a wireless setting 32

configuring 11

configuring a VLAN 15

configuring promiscuous ports 17

host ports

configuring a Layer 2 interface 18

setting 24

overview 1

permitting routing, example 23

promiscuous mode

setting 24

setting

interface mode 24

PVST+ simulation 36

Q

QoS

classification 6–??

definitions 3

enabling per-port per-VLAN 36, 70

overview 1

overview of per-port per-VLAN 10

packet modification 9

traffic shaping 9

See also COS; DSCP values; transmit queues

QoS active queue management

tracking queue length 9

QoS labels

definition 3

QoS marking

description 5

QoS on Sup 6-E

Active Queue management via DBL 34, 68

active queue management via DBL 27, 34, 61, 68

classification 16, 50

configuring 13, 47

configuring CoS mutation 45, 79

configuring the policy map marking action 23, 57

hardware capabilities for marking 23, 57

how to implement policing 18, 52

marking action drivers 21, 55

marking network traffic 18, 52

MQC-based QoS configuration 13, 48

multi-attribute marking support 22, 56

platform hardware capabilities 15, 49

platform restrictions 18, 52

platform-supported classification criteria and QoS features 13, 14, 48

policing 17, 51

policy associations 39, 73

prerequisites for applying a service policy 15, 49

priority queuing 30, 64

queue-limiting 31, 65

restrictions for applying a service policy 15, 50

shaping 25, 59

sharing(bandwidth) 27, 61

sharing(blandwidth), shapring, and priority queuing 25, 59

software QoS 40, 74

traffic marking procedure flowchart 21, 55

QoS policing

definition 5

described 8

QoS policy

attaching to interfaces 8

QoS service policy

prerequisites 15, 49

restrictions for applying 15, 50

QoS transmit queues

burst 9

maximum rate 9

sharing link bandwidth 9

quad-supervisor

uplink forwarding 6

Quality of service

See QoS

queueing 8

queue-limiting, QoS on Sup 6-E 31, 65

R

RA Guard

configuring 51

deployment 50

examples 51

introduction 49

usage guidelines 52

RADIUS

attributes

vendor-proprietary 112

vendor-specific 111

change of authorization 97

configuring

accounting 110

authentication 105

authorization 109

communication, global 103, 110

communication, per-server 103

multiple UDP ports 103

default configuration 102

defining AAA server groups 107

displaying the configuration 115

identifying the server 103

limiting the services to the user 109

method list, defined 102

operation of 97

server load balancing 115

suggested network environments 96

tracking services accessed by user 110

understanding 96

RADIUS Change of Authorization 97

RADIUS server

configure to-Switch communication 32

configuring settings 34

parameters on the switch 32

RADIUS, controlling switch access with 95

range command 4

range macros

defining 10

ranges of interfaces

configuring 4

Rapid Spanning Tree

See RSTP

rcommand command 13

reachability, tracking IP SLAs IP host 10

re-authentication of a client

configuring manual 94

enabling periodic 81

redirect URLs, port-based authentication 19

reduced MAC address 2

redundancy

configuring 7

guidelines and restrictions 5

changes made through SNMP 11

NSF-aware support 2

NSF-capable support 2

overview 2

redundancy command 8, 7

understanding synchronization 4

redundancy (NSF) 1

configuring

BGP 11

CEF 11

EIGRP 16

IS-IS 14

OSPF 13

routing protocols 5

redundancy (RPR)

route processor redundancy 2

synchronization 4, 5

redundancy (SSO)

redundancy command 10

route processor redundancy 3

synchronization 5

reload command 29

Remote Authentication Dial-In User Service

See RADIUS

remote failure indications 34

remote loopback, Ethernet OAM 34, 37

Remote Network Monitoring

See RMON

rendezvous point, configuring 17

rendezvous point, configuring single static 21

REP

administrative VLAN 8

administrative VLAN, configuring 9

and STP 6

configuration guidelines 7

configuring interfaces 10

convergence 4

default configuration 7

manual preemption, configuring 13

monitoring 14

neighbor offset numbers 5

open segment 2

ports 6

preempt delay time 5

primary edge port 4

ring segment 2

secondary edge port 4

segments 1

characteristics 2

SNMP traps, configuring 14

supported interfaces 1

triggering VLAN load balancing 6

verifying link integrity 4

VLAN blocking 13

VLAN load balancing 4

replication

description 9

report suppression, IGMP

disabling 10

reserved-range VLANs

See VLANs

reset command 3

resetting a switch to defaults 34

resetting an interface to default configuration 48

Resilient Ethernet ProtocolLSee REP

responder, IP SLAs

described 4

enabling 7

response time, measuring with IP SLAs 4

restricting access

NTP services 8

RADIUS 95

TACACS+ 15

Restrictions and Guidelines for Configuring AVC with DNS-AS 6

retransmission number

setting in 802.1X authentication 86

retransmission time

changing in 802.1X authentication 85

RFC

1157, SNMPv1 2

1305, NTP 2

1757, RMON 2

1901, SNMPv2C 2

1902 to 1907, SNMPv2 2

2273-2275, SNMPv3 2

RFC 5176 Compliance 98

RIP

description 19

for IPv6 6

RIP, introduction 19

RMON

default configuration 3

displaying status 6

enabling alarms and events 3

groups supported 2

overview 1

ROM monitor

boot process and 26

CLI 7

commands 2–3

debug commands 5–6

entering 1

exiting 6

overview 1

root bridge

configuring 9

selecting in MST 22

root guard

and MST 23

enabling 2

overview 2

route maps

defining 8, 10, 12

PBR 2

route targets

VPN 3

routed packets

ACLs 30

route-map (IP) command 8, 10, 12

router ACLs

description 41, 3

using with VLAN maps 29

router ACLs, using PACL with VLAN maps 36

Routing Information Protocol

See RIP

RPF

See Unicast RPF

RSPAN

configuration guidelines 16

destination ports 5

IDS 2

monitored ports 4

monitoring ports 5

received traffic 3

sessions

creating 17

defined 3

limiting source traffic to specific VLANs 23

monitoring VLANs 21

removing source (monitored) ports 20

specifying monitored ports 17

source ports 4

transmitted traffic 4

VLAN-based 5

RSTP

compatibility 23

description 22

port roles 24

port states 24

S

S/M, 224/4 13

SAID

See 802.10 SAID

SAP

defined 20

negotiation 20

support 1

scheduling 8

scheduling, IP SLAs operations 5

secondary edge port, REP 4

secondary root switch 12

secondary VLANs 2

associating with primary 16

permitting routing 23

security

configuring 1

Security Association Identifier

See 802.10 SAID

Security Exchange Protocol

See SAP

selecting a power management mode 10

selecting X2/TwinGig Convertor Mode 14

sequence numbers in log messages 7

server IDs

description 23

service policy, configure class-level queue-limit 31, 65

service-policy input command 2

service-provider networks

and customer VLANs 2

session keys, MKA 2

set default interface command 9, 11

set interface command 8, 10

set ip default next-hop command 9, 11

set ip next-hop command 8, 10, 16

set-request operation 4

severity levels, defining in system messages 8

shaping, QoS on Sup 6-E 25, 59

sharing(bandwidth), QoS on Sup 6-E 27, 61

Shell functions

See Auto SmartPorts macros

See Auto Smartports macros

Shell triggers

See Auto SmartPorts macros

See Auto Smartports macros

show adjacency command 10

show boot command 33

show catalyst4000 chassis-mac-address command 3

show cdp command 2, 3

show cdp entry command 3

show cdp interface command 3

show cdp neighbors command 3

show cdp traffic command 3

show ciscoview package command 48

show ciscoview version command 48

show cluster members command 13

show configuration command 32

show debugging command 3

show environment command 2

show history command 4

show interfaces command 37, 38, 44, 46, 47

show interfaces status command 2

show ip cef command 8

show ip eigrp interfaces command 20

show ip eigrp neighbors command 20

show ip eigrp topology command 20

show ip eigrp traffic command 20

show ip interface command 24

show ip local policy command 12

show ip mroute command 24

show ip pim interface command 24

show l2protocol command 18

show lldp traffic command 15

show mac-address-table address command 3

show mac-address-table interface command 3

show mls entry command 8

show module command 1, 6

show PoE consumed 8

show power inline command 6

show power supplies command 13

show protocols command 44

show running-config command

adding description for an interface 32

checking your settings 9

displaying ACLs 23, 25, 34, 35

show startup-config command 10

show users command 6

show version command 30

shutdown threshold for Layer 2 protocol packets 16

shutdown, command 45

shutting down

interfaces 45

Simple Network Management Protocol

See SNMP

single spanning tree

See SST

single static RP, configuring 21

single-host mode 7

slot numbers, description 2

Slow timer, configuring BFD 16

smart call home 1

description 2

destination profile (note) 5

registration requirements 3

service contract requirements 3

Transport Gateway (TG) aggregation point 2

SMARTnet

smart call home registration 3

Smartports macros

applying global parameter values 8, 14

applying macros 8

applying parameter values 8

configuration guidelines 6, 13

configuring 2

creating 7

default configuration 3, 13

defined 10, 1

displaying 12

tracing 6, 13

SNMP

accessing MIB variables with 4

agent

described 4

disabling 7

and IP SLAs 2

authentication level 10

community strings

configuring 7

overview 4

configuration examples 15

configuration guidelines 6

default configuration 5

enabling 4

engine ID 6

groups 6, 9

host 6

informs

and trap keyword 11

described 5

differences from traps 5

enabling 14

limiting access by TFTP servers 15

limiting system log messages to NMS 9

manager functions 3

notifications 5

overview 1, 4

status, displaying 16

system contact and location 14

trap manager, configuring 13

traps

described 3, 5

differences from informs 5

enabling 11

enabling MAC address notification 31

enabling MAC move notification 33

enabling MAC threshold notification 35

overview 1, 4

types of 11

users 6, 9

versions supported 2

SNMP commands 4

SNMP traps

REP 14

SNMPv1 2

SNMPv2C 2

SNMPv3 2

software

upgrading 13, 12

software configuration register 26

software QoS, on Sup 6-E 40, 74

software switching

description 5

interfaces 6

key data structures used 8

source group tag 4, 10

source IDs

call home event format 22

SPAN

and ACLs 5

configuration guidelines 7

configuring 7–10

destination ports 5

IDS 2

monitored port, defined 4

monitoring port, defined 5

received traffic 3

sessions

defined 3

source ports 4

transmitted traffic 4

VLAN-based 5

SPAN and RSPAN

concepts and terminology 3

default configuration 6

displaying status 24

overview 1

session limits 6

SPAN enhancements

access list filtering 13

configuration example 15

CPU port sniffing 10

encapsulation configuration 12

ingress packets 12

packet type filtering 14

spanning-tree backbonefast command 24

spanning-tree cost command 15

spanning-tree guard root command 2

spanning-tree port-priority command 13

spanning-tree uplinkfast command 20

spanning-tree vlan

command 9

command example 9

spanning-tree vlan command 8

spanning-tree vlan cost command 16

spanning-tree vlan forward-time command 19

spanning-tree vlan hello-time command 18

spanning-tree vlan max-age command 18

spanning-tree vlan port-priority command 13

spanning-tree vlan priority command 17

spanning-tree vlan root primary command 10

spanning-tree vlan root secondary command 12

speed

configuring interface 27

speed command 28, 29

SSO

configuring 10

SSO operation 4

SST

description 22

interoperability 24

static ACL, removing the requirement 32

static addresses

See addresses

static routes

configuring 11

verifying 12

statistics

802.1X 14

displaying 802.1X 123

displaying PIM 28

LLDP 14

LLDP-MED 14

MKA 6

SNMP input and output 16

sticky learning

configuration file 5

defined 5

disabling 5

enabling 5

saving addresses 5

sticky MAC addresses

configuring 7

defined 4

storing captured packets to a.pcap file, Wireshark 8

Storm Control

displaying 6

enabling Broadcast 2

enabling Multicast 4

hardware-based, implementing 1

overview 1

software-based, implementing 2

STP

and REP 6

bridge ID 2

configuring 7–20

creating topology 5

defaults 7

disabling 20

enabling 8

enabling extended system ID 9

enabling Per-VLAN Rapid Spanning Tree 20

EtherChannel guard

disabling 7

forward-delay time 19

hello time 17

Layer 2 protocol tunneling 13

maximum aging time 18

overview 1, 3

per-VLAN rapid spanning tree 6

port cost 15

port priority 13

root bridge 9

stratum, NTP 2

stub routing (EIGRP)

benefits 18

configuration tasks 18

configuring 14

overview 13, 14

restrictions 18

verifying 19

subdomains, private VLAN 2

summer time 13

supervisor engine

accessing the redundant 14

configuring 8–13

copying files to standby 14

default configuration 1

default gateways 11

environmental monitoring 1

redundancy 1

ROM monitor 26

startup configuration 25

static routes 11

synchronizing configurations 11, 10

Supervisor Engine 7L-E, selecting the uplink port 25

Supervisor Engine II-TS

insufficient inline power handling 22, 12

Smartports macros

See also Auto Smartports macros

SVI Autostate Exclude

understanding 3

SVI Autostate exclude

configuring 8

S-VLAN 2, 7

switch 2

switch access with RADIUS, controlling 95

switch ports

See access ports

switched packets

and ACLs 29

Switched Port Analyzer

See SPAN

switchport

show interfaces 37, 38, 46, 47

switchport access vlan command 5, 7

switchport block multicast command 2

switchport block unicast command 2

switchport mode access command 7

switchport mode dot1q-tunnel command 6

switchport mode dynamic command 5

switchport mode trunk command 5

switchport trunk allowed vlan command 5

switchport trunk encapsulation command 5

switchport trunk native vlan command 5

switchport trunk pruning vlan command 6

switch-to-RADIUS server communication

configuring 32

sysret command 5

system

reviewing configuration 10

settings at startup 28

system alarms

overview 6

system and network statistics, displaying 24

system capabilities TLV 2

system clock

configuring

daylight saving time 13

manually 11

summer time 13

time zones 12

displaying the time and date 12

overview 2

See also NTP

system description TLV 2

system images

loading from Flash memory 31

modifying boot field 28

specifying 31

system message logging

default configuration 3

defining error message severity levels 8

disabling 3

displaying the configuration 12

enabling 4

facility keywords, described 12

level keywords, described 8

limiting messages 9

message format 2

overview 1

sequence numbers, enabling and disabling 7

setting the display destination device 4

synchronizing log messages 5

timestamps, enabling and disabling 6

UNIX syslog servers

configuring the daemon 10

configuring the logging facility 11

facilities supported 12

system MTU

802.1Q tunneling 5

maximums 5

system name

manual configuration 22

See also DNS

system name TLV 2

system prompt, default setting 21

T

TACACS+ 1

accounting, defined 16

authentication, defined 16

authorization, defined 16

configuring

accounting 21

authentication key 18

authorization 21

login authentication 19

default configuration 18

displaying the configuration 22

identifying the server 18

limiting the services to the user 21

operation of 17

overview 15

tracking services accessed by user 21

tagged packets

802.1Q 3

Layer 2 protocol 13

TCAM programming and ACLs 7

for Sup II-Plust thru V-10GE 7

TCAM programming and ACLs for Sup 6-E 10

TDR

checking cable connectivity 3

enabling and disabling test 3

guidelines 3

Telnet

accessing CLI 2

disconnecting user sessions 7

executing 5

monitoring user sessions 6

telnet command 6

templates, Ethernet OAM 45

Terminal Access Controller Access Control System Plus

See TACACS+

TFTP

configuration files in base directory 5

configuring for autoconfiguration 4

limiting access by servers 15

TFTP download

See also console download

threshold monitoring, IP SLAs 6

time

See NTP and system clock

Time Domain Reflectometer

See TDR

time exceeded messages 9

time zones 12

timer

See login timer

timestamps in log messages 6

TLV

host presence detection 8

TLVs

defined 7, 2

LLDP-MED 2

Token Ring

media not supported (note) 5, 9

Topology change notification processing

MLD Snooping

Topology change notification processing 4

TOS

description 4

trace command 9

traceroute

See IP traceroute

See Layer 2 Traceroute

traceroute mac command 11

traceroute mac ip command 11

track state, tracking IP SLAs 10

tracked lists

configuring 3

types 3

tracked objects

by Boolean expression 5

by threshold percentage 7

by threshold weight 6

tracking interface line-protocol state 2

tracking IP routing state 2

tracking objects 2

tracking process 2

traffic

blocking flooded 2

traffic control

using ACLs (figure) 4

using VLAN maps (figure) 6

traffic marking procedure flowchart 21, 55

traffic shaping 9

translational bridge numbers (defaults) 5

traps

configuring MAC address notification 31

configuring MAC move notification 33

configuring MAC threshold notification 35

configuring managers 11

defined 3

enabling 31, 33, 35, 11

notification types 11

overview 1, 4

troubleshooting

with CiscoWorks 4

with system message logging 1

with traceroute 8

Troubleshooting AVC with DNS-AS 24

troubleshooting high CPU due to ACLs 7

trunk failover

See link-state tracking

trunk ports

configure port security 17

configuring PVLAN 19–21

trunks

802.1Q restrictions 4

configuring 5

configuring access VLANs 5

configuring allowed VLANs 5

default interface configuration 5

enabling to non-DTP device 3

specifying native VLAN 5

understanding 3

trustpoint 3

TTL 3

tunnel ports

802.1Q, configuring 5

described 2

incompatibilities with other features 5

tunneling

defined 1

TwinGig Convertors

limitations on using 13

port numbering 13

selecting X2/TwinGig Convertor mode 14

TXT DNS Resource Record 3

TXT record 3

type length value

See TLV

type of service

See TOS

U

UDLD

configuring probe message interval per-interface 8

default configuration 3

disabling on fiber-optic interfaces 7

disabling on non-fiber-optic interfaces 7

displaying link status 9

enabling globally 5

enabling per-interface 6

modes of operation 3

resetting disabled LAN interfaces 8

use case 2

UDLD, overview 1

UDP jitter operation, IP SLAs 8

UDP jitter, configuring 9

unauthorized ports with 802.1X 4

unicast

See IP unicast

unicast flood blocking

configuring 1

unicast MAC address filtering

and adding static addresses 38

and broadcast MAC addresses 37

and CPU packets 37

and multicast addresses 37

and router MAC addresses 37

configuration guidelines 37

described 37

unicast MAC address filtering, configuring

ACLs

configuring unicast MAC address filtering 16

Unicast RPF (Unicast Reverse Path Forwarding)

applying 5

BGP attributes

caution 4

CEF

requirement 2

tables 7

configuring 9

(examples) ??–12

BOOTP 8

DHCP 8

enterprise network (figure) 6

prerequisites 9

routing table requirements 7

tasks 9

verifying 10

deploying 5

description 22, 1

disabling 11

enterprise network (figure) 6

FIB 2

implementing 4

packets, dropping (figure) 4

prerequisites 9

restrictions

basic 8

routing asymmetry 7

routing asymmetry (figure) 8

routing table requirements 7

security policy

applying 5

attacks, mitigating 5

deploying 5

tunneling 5

source addresses, validating 3

(figure) 3, 4

failure 3

traffic filtering 5

tunneling 5

validation

failure 3, 4

packets, dropping 3

source addresses 3

verifying 10

unicast traffic

blocking 2

Unidirectional Controlled Port, configuring 802.1X 66

unidirectional ethernet

enabling 2

example of setting 2

overview 1

UniDirectional Link Detection Protocol

See UDLD

Universal PoE, configuring 16

UNIX syslog servers

daemon configuration 10

facilities supported 12

message logging configuration 11

uplink forwarding

quad-supervisor 6

uplink mode, selecting on supervisor engine 6-E 20

uplink port, selecting on a supervisor engine 7L-E 25

UplinkFast

and MST 23

enabling 23

MST and 23

overview 19

usage examples, Wireshark 18

user EXEC mode 5

user sessions

disconnecting 7

monitoring 6

user-defined event triggers

configuring, 802.1X-based 8

configuring, MAC address-based 9

User-defined triggers and built-in macros, configuring mapping 9

V

VACLs

Layer 4 port operations 10

virtual configuration register 3

virtual LANs

See VLANs

virtual ports, MKA 4

Virtual Router Redundancy Protocol, introduction 23

Virtual Switch System(VSS), displaying EtherChannel to 20

VLAN ACLs

See VLAN maps

VLAN blocking, REP 13

vlan command 6

vlan dot1q tag native command 4

VLAN ID

service provider 8

VLAN ID translation

See VLAN mapping

VLAN ID, discovering 44

VLAN load balancing

REP 4

VLAN load balancing on flex links 2

configuration guidelines 5

VLAN load balancing, triggering 6

VLAN Management Policy Server

See VMPS

VLAN mapping

1-to-1 7

1-to-1, configuring 10

configuration guidelines 9

configuring 10

configuring on a trunk port 10

default 9

described 2, 7

selective QinQ 8

selective Q-in-Q, configuring 12

traditional QinQ 8

traditional Q-in-Q, configuring 11

types of 7

VLAN maps

applying to a VLAN 25

configuration example 26

configuration guidelines 22

configuring 21

creating and deleting entries 22

defined 41

denying access example 27

denying packets 23

displaying 28

order of entries 22

permitting packets 23

router ACLs and 29

using (figure) 5

using in your network 25

VLAN maps, PACL and Router ACLs 36

VLAN Trunking Protocol

See VTP

VLAN trunks

overview 3

VLAN User Distribution, configuring 802.1X 68

VLANs

allowed on trunk 5

configuration guidelines 3

configuring 5

configuring as Layer 3 interfaces 8

customer numbering in service-provider networks 3

default configuration 4

description 11

extended range 3

IDs (default) 4

interface assignment 7

limiting source traffic with RSPAN 23

monitoring with RSPAN 21

name (default) 4

normal range 3

overview 1

reserved range 3

See also PVLANs

VMPS

configuration file example 31

configuring dynamic access ports on client 24

configuring retry interval 26

database configuration file 31

dynamic port membership

example 28

reconfirming 25, 26

reconfirming assignments 25

reconfirming membership interval 26

server overview 20

VMPS client

administering and monitoring 27

configure switch

configure reconfirmation interval 26

dynamic ports 24

entering IP VMPS address 24

reconfirm VLAM membership 25

reconfirmation interval 26

default configuration 23

dynamic VLAN membership overview 23

troubleshooting dynamic port VLAN membership 28

VMPS server

fall-back VLAN 22

illegal VMPS client requests 22

overview 20

security modes

multiple 22

open 21

secure 21

voice aware 802.1x security

port-based authentication

configuring 74

described 21, 74

voice interfaces

configuring 1

Voice over IP

configuring 1

voice ports

configuring VVID 3

voice traffic 2, 5

voice VLAN

IP phone data traffic, described 2

IP phone voice traffic, described 2

voice VLAN ports

using 802.1X 21

Voice VLAN, configure 802.1X 73

VPN

configuring routing in 8

forwarding 3

routes 2

routing and forwarding table

See VRF

VRF

defining 3

tables 1

VRF-aware services

ARP 6, 15, 17

configuring 5, 14

ftp 16

ping 15

tftp 16

traceroute 16

uRPF 15

VRF-lite

description 23

VSS

dual-active detection

displaying 54

Enhanced PAgP, advantages 23

enhanced PAgP, configuring 52

Enhanced PAgP, description 23

fast-hello, configuring 53

VTP

client, configuring 16

configuration guidelines 12

default configuration 13

disabling 16

Layer 2 protocol tunneling 13

monitoring 19

overview 7

pruning

configuring 15

See also VTP version 2

server, configuring 16

statistics 19

transparent mode, configuring 16

version 2

enabling 15

VTP advertisements

description 9

VTP domains

description 8

VTP modes 8

VTP pruning

overview 10

VTP versions 2 and 3

overview 9

See also VTP

VTY and Network Assistant 12

VVID (voice VLAN ID)

and 802.1X authentication 21

configuring 3

W

WCCP

configuration examples 9

configuring on a router 2, 13

features 3

restrictions 5

service groups 5

Web Cache Communication Protocol

See WCCP 1

web cache services

description 4

web caches

See cache engines

web caching

See web cache services

See also WCCP

web-based authentication

authentication proxy web pages 4

description 43, 13, 1

web-based authentication, interactions with other features 4

weight thresholds in tracked lists 6

wireless mode 29, 30

Wireshark

activating and deactivating, capture points, conceptual 10

attachment points 6

capture filter 7

capture points 6

core system filter 7

decoding and displaying packets 9

display filter 7

feature interactions 10

filters 6

storing captured packets to a.pcap filter 8

usage examples 18

Wireshark, about 5

Wireshark, activating and deactivating a capture point 14

Wireshark, defining/modifying/deleting a capture point 12

Wireshark, displaying information 14

WS-X46490-CSFP-E, support on a 10-slot chassis 21

X

X.509v3 Certificates for SSH Authentication

Overview 2

Y

Y.1731

default configuration 29

described 27

ETH-AIS

Ethernet Alarm Signal function (ETH-AIS)

28

ETH-RDI 28

multicast Ethernet loopback 31

multicast ETH-LB 29

terminology 27

Index

Security Exchange Protocol

See SXP

Symbols

“A” Record 3

Numerics

10/100 autonegotiation feature, forced 28

10-Gigabit Ethernet or Gigabit Ethernet ports

deploy on WS-X4606-10GE-E and Sup 6-E 13

10-Gigabit Ethernet port

deploy with Gigabit Ethernet SFP ports 12, 13

10-slot chassis, support for WS-X46490-CSFP-E 21

12-class Easy QoS Model 11

1400 W DC Power supply

special considerations 21

1400 W DC SP Triple Input power supply

special considerations 22

802.10 SAID (default) 4

802.1AE

standard 2

802.1Q

trunks 6

tunnel ports with other features 5

tunneling

compatibility with other features 5

defaults 3

described 2

802.1Q VLANs

trunk restrictions 4

802.1s

See MST

802.1w

See MST

802.1X

See port-based authentication

802.1X authentication

Authentication Failed VLAN assignment 16

for Critical Authentication 14

for guest VLANs 10

for MAC Authentication Bypass 11

for Unidirectional Controlled Port 15

VLAN User Distribution 15

web-based authentication 13

with port security 18

with VLAN assignment 9

with voice VLAN ports 21

802.1X Host Mode 6

multiauthentication mode 8

multidomain authentication mode 7

single-host 7

802.1x-REV 2

802.3ad

See LACP

9000W AC, displaying OBFL 4

A

AAA 1

AAA (authentication, authorization, and accounting). See also port-based authentication. 1

abbreviating commands 5

about Wireshark 5

access control entries

See ACEs

access control entries and lists 1

access list filtering, SPAN enhancement 13

access lists

using with WCCP 8

access ports

and Layer 2 protocol tunneling 15

configure port security 7, 22

configuring 7

access VLANs 5

access-group mode, configuring on Layer 2 interface 35

access-group mode, using PACL with 34

accounting

with RADIUS 110

with TACACS+ 16, 21

ACEs

ACLs 2

IP 41, 2

Layer 4 operation restrictions 11

ACEs and ACLs 1

ACL assignments and redirect URLs, configure 38

ACL assignments, port-based authentication 19

ACL configuration, displaying a Layer 2 interface 36

ACLs

ACEs 2

and SPAN 5

and TCAM programming for Sup 6-E 10

and TCAM programming for Sup II-Plus thru V-10GE 7

applying IPv6 ACLs to a Layer 3 interface 20

applying on routed packets 30

applying on switched packets 29

compatibility on the same switch 3

configuring with VLAN maps 29

CPU impact 13

downloadable 7

hardware and software support 6

IP, matching criteria for port ACLs 4

MAC extended 16

matching criteria for router ACLs 3

port

and voice VLAN 5

defined 3

processing 13

selecting mode of capturing control packets 7

troubleshooting high CPU 7

types supported 3

understanding 2

VLAN maps 5

ACLs and VLAN maps, examples 23

ACLs, applying to a Layer 2 interface 35

acronyms, list of 1

action drivers, marking 21, 55

activating and deactivating a capture point, Wireshark 14

activating and deactivating Wiresharkcapture points, conceptual, Wireshark 10

active queue management 9

active queue management via DBL, QoS on Sup 6-E 34, 68

active traffic monitoring, IP SLAs 1

adding members to a community 9

address resolution 44

addresses

displaying the MAC table 44

dynamic

changing the aging time 30

defined 28

learning 29

removing 31

IPv6 2

MAC, discovering 44

See MAC addresses

static

adding and removing 36

defined 28

adjacency tables

description 2

displaying statistics 10

administrative VLAN

REP, configuring 9

administrative VLAN per segment 9

administrative VLAN, REP 8

advertisements

LLDP 7, 2

advertisements, VTP

See VTP advertisements

aggregation switch, enabling DHCP snooping 9

aging time

MAC address table 30

All Auth manager sessions on the switch authorized for a specified authentication method 124

All Auth manager sessions, displaying summary 124

ANCP client

enabling and configuring 2

guidelines and restrictions 5

identify a port with DHCP option 82 4

identify a port with protocol 2

overview 1

ANCP protocol

identifying a port with 2

app-class and QoS Traffic Mapping 12

applying IPv6 ACLs to a Layer 3 interface 20

AQM via DBL, QoS on Sup 6-E 34, 68

archiving crashfiles information 8

ARP

defined 44

table

address resolution 44

managing 44

asymmetrical links, and 802.1Q tunneling 3

attachment points, Wireshark 6

attributes, RADIUS

vendor-proprietary 112

vendor-specific 111

Auth manager session for an interface, verifying 125

Auth manager summary, displaying 124

authentication

NTP associations 4

RADIUS

key 103

login 105

See also port-based authentication

TACACS+

defined 16

key 18

login 19

Authentication Failed, configuring 80.1X 71

Authentication methods registered with the Auth manager, determining 124

authentication open comand 8

authentication proxy web pages 4

authentication server

defined 3

RADIUS server 3

Authentication, Authorization, and Accounting (AAA) 1

Authoritative DNS server 3

authoritative time source, described 2

authorization

with RADIUS 109

with TACACS+ 16, 21

authorized and unauthorized ports 4

authorized ports with 802.1X 4

Auto Identity

Built-in Policies 4

Class Map Templates 4

Global Template 2

Interface Templates 3

Overview 2

Parameter Maps 5

Service Templates 5

Auto SmartPorts built-in macros

configuring parameters 6

Auto SmartPorts macros

built-in macros 4

configuration guidelines 5

default configuration 4

defined 1

displaying 13

enabling 3

IOS shell 2, 10

Auto Smartports macros

defined 2

Auto SmartPorts user-defined macros

configuring 10

autoconfiguration 2

automatic discovery

considerations 7

Auto-MDIX on a port

configuring 39

displaying the configuration 40

overview 39

autonegotiation feature

forced 10/100Mbps 28

auto-sync command 8, 7

Auto SmartPorts macros

See also SmartPorts macros

Auto Smartports macros

See also Smartports macros

AVC with DNS-AS 1

AVC with DNS-AS Process Flow 4

B

b command 3

b flash command 3

Baby Giants

interacting with 37

BackboneFast

adding a switch (figure) 3

and MST 23

configuring 23

link failure (figure) 22, 23

not supported MST 23

understanding 21

See also STP

banners

configuring

login 27

message-of-the-day login 24

default configuration 24

when displayed 24

BFD

and hardware support 7

configuration example

BFD in a BGP network 25

BFD in an EIGRP network with echo mode enabled by default 17

BFD in an OSPF network 22

support for static routing 27

configuring

Echo mode 15

session parameters on the interface 8

Slow timer 16

support for BGP 9

support for dynamic routing protocols 9

support for EIGRP 10

support for OSPF 11

support for static routing 13

disabling echo mode without asymmetry 16

monitoring and troubleshooting 17

neighbor relationships 3

operation 3

prerequisites 2

restrictions 2

BGP 17

routing session with multi-VRF CE 9

Binding table 3

blocking packets 1

blocking state (STP)

RSTP comparisons (table) 24

Boolean expressions in tracked lists 5

boot bootldr command 32

boot command 28

boot commands 3

boot fields

See configuration register boot fields

boot system command 26, 32

boot system flash command 28

bootstrap program

See ROM monitor

Border Gateway Protocol

See BGP

boundary ports

description 27

BPDU Guard

and MST 23

configuring 23

overview 15

BPDUs

and media speed 2

pseudobridges and 25

what they contain 3

Bridge Assurance 8, 11

bridge ID

See STP bridge ID

bridge priority (STP) 17

bridge protocol data units

See BPDUs

bridging loop 40

Broadcast Storm Control

disabling 5

enabling 2

Built-in macros and user-defined triggers, configuring mapping 9

C

cache engine clusters 1

cache engines 1

cache farms

See cache engine clusters

Call Home

description 24, 1

message format options 2

messages

format options 2

call home 1

alert groups 6

configuring e-mail options 9

contact information 4

default settings 18

destination profiles 5

displaying information 13

mail-server priority 10

pattern matching 8

periodic notification 8

rate limit messages 9

severity threshold 8

smart call home feature 2

SMTP server 9

testing communications 10

call home alert groups

configuring 6

description 6

subscribing 7

call home contacts

assigning information 4

call home destination profiles

attributes 5

configuring 5

description 5

displaying 16

call home notifications

full-txt format for syslog 25

XML format for syslog 28

candidate switch, cluster

defined 12

candidates

automatic discovery 7

capture filter, Wireshark 7

capture points, Wireshark 6

Capturing control packets

selecting mode 7

cautions

Unicast RPF

BGP optional attributes 4

cautions for passwords

encrypting 22

CDP

automatic discovery in communities 7

configuration 1

defined with LLDP 1

displaying configuration 3

enabling on interfaces 2

host presence detection 8

Layer 2 protocol tunneling 13

maintaining 3

monitoring 3

overview 2, 1

cdp enable command 2

CEF

adjacency tables 2

and NSF with SSO 5

configuring load balancing 7

displaying statistics 8

enabling 7, 2

hardware switching 4

load balancing 6

overview 1

software switching 4

certificate authority (CA) 3

CFM

and Ethernet OAM interaction 51

and Ethernet OAM, configuring 51

clearing 31

configuration guidelines 7, 4

configuring crosscheck for VLANs 11

configuring fault alarms 16

configuring port MEP 14

configuring static remote MEP 13, 16, 18

crosscheck 5

defined 2

EtherChannel support 7, 4

fault alarms

configuring 16

IP SLAs support for 6

IP SLAs with endpoint discovers 21

maintenance domain 3

manually configuring IP SLAs ping or jitter 19

measuring network performance 6

monitoring 32, 33

port MEP, configuring 14

remote MEPs 5

static RMEP check 5

static RMEP, configuring 13, 16, 18

Y.1731

described 27

CGMP

overview 1

Change of Authorization, RADIUS 97

channel-group group command 49, 9, 11

Cisco 7600 series Internet router

enabling SNMP 4

Cisco Discovery Protocol

See CDP

Cisco Express Forwarding

See CEF

Cisco Group Management Protocol

See CGMP

Cisco IOS IP SLAs 2

Cisco IOS NSF-aware

support 2

Cisco IOS NSF-capable support 2

Cisco IP Phones

configuring 2

sound quality 1

Cisco TrustSec

credentials 21

switch-to-switch security

802.1x mode 22

configuration example 24

manual mode 23

Cisco TrustSec Network Device Admission Control

See NDAC

CiscoWorks 2000 4

CIST

description 22

civic location 3

class level, configure in a service policy 31, 65

class of service

See CoS

clear cdp counters command 3

clear cdp table command 3

clear counters command 45

clear ip eigrp neighbors command 19

clearing

Ethernet CFM 31

IP multicast table entries 28

CLI

accessing 2

backing out one level 5

getting commands 5

history substitution 4

managing clusters 13

modes 5

monitoring environments 1

ROM monitor 7

software basics 4

client processes, tracking 1

clients

in 802.1X authentication 3

clock

See system clock

clustering switches

command switch characteristics

and VTY 12

convert to a community 10

managing

through CLI 13

overview 2

planning considerations

CLI 13

passwords 8

CoA Request Commands 100

command modes 5

command switch, cluster

requirements 11

command-line processing 3

commands

b 3

b flash 3

boot 3

confreg 3

dev 3

dir device 3

frame 5

i 3

listing 5

meminfo 6

reset 3

ROM monitor 2–3

ROM monitor debugging 5–6

SNMP 4

sysret 5

common and internal spanning tree

See CIST

common spanning tree

See CST

community of switches

access modes in Network Assistant 9

adding devices 9

communication protocols 8

community name 8

configuration information 9

converting from a cluster 10

host name 8

passwords 8

community ports 3

community strings

configuring 7

overview 4

community VLANs 2, 3

configure as a PVLAN 15

compiling MIBs 4

config terminal command 9

config-register command 29

configurable leave timer,IGMP 4

configuration examples

SNMP 15

configuration files

limiting TFTP server access 15

obtaining with DHCP 6

saving 10

system contact and location information 14

configuration guidelines

CFM 7, 4

Ethernet OAM 35

REP 7

SNMP 6

VLAN mapping 9

configuration register

boot fields

listing value 30

modifying 29

changing from ROM monitor 3

changing settings ??–29

configuring 26

settings at startup 28

configure class-level queue-limit in a service policy 31, 65

configure terminal command 2

Configuring a DNS Server as the Authoritative Server 9

configuring access-group mode on Layer 2 interface 35

configuring flow control 32

configuring interface link and trunk status envents 46

configuring named IPv6 ACLs 18

configuring named MAC extended ACLs 16, 17

Configuring QoS for AVC with DNS-AS 11

configuring unicast MAC address filtering 16

configuring VLAN maps 21

confreg command 3

Connectivity Fault Management

See CFM

console configuration mode 5

console download 4–5

console port

disconnecting user sessions 7

monitoring user sessions 6

contact information

assigning for call home 4

Control Plane Policing

and Layer 2 Control packet QoS, configuration example 18

configuration guidelines and restrictions 9

configuring for control plane traffic 5

configuring for data plane and management plan traffic 6

defaults 4

general guidelines 4

monitoring 10

understanding 2

control protocol, IP SLAs 4

controlling switch access with RADIUS 95

convergence

REP 4

copy running-config startup-config command 10

copy system:running-config nvram:startup-config command 33

core system filter, Wireshark 7

CoS

definition 3

figure 2

overriding on Cisco IP Phones 4

priority 4

counters

clearing MFIB 29

clearing on interfaces 44

CPU port sniffing 10

CPU, impact of ACL processing 13

crashfiles information, archiving 8

Critical Authentication

configure with 802.1X 62

crosscheck, CFM 5, 11

CST

description 25

IST and 22

MST and 22

CTS Fields 6

customer edge devices 2

C-VLAN 2, 7

D

database agent

configuration examples 15

enabling the DHCP Snooping 13

daylight saving time 13

debug commands, ROM monitor 5–6

decoding and displaying packets, Wireshark 9

Default Configuration 6

default configuration

802.1X 27

banners 24

DNS 23

Ethernet OAM 35

IGMP filtering 30

IGMP snooping 5, 6

IP SLAs 6

IPv6 8

Layer 2 protocol tunneling 16

LLDP 5

MAC address table 30

MVR 23

NTP 4

private VLANs 12

RADIUS 102

REP 7

resetting the interface 48

RMON 3

SNMP 5

SPAN and RSPAN 6

system message logging 3

TACACS+ 18

VLAN mapping 9

Y.1731 29

default gateway

configuring 11

verifying configuration 11

default settings, erase commad 34

default web-based authentication configuration

802.1X 6

defining/modifying/deleting a capture point, Wireshark 12

denial-of-service attacks

IP address spoofing, mitigating 5

Unicast RPF, deploying 5

denying access to a server on another VLAN 27

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports 12, 13

deploying 10-Gigabit Ethernet and a Gigabit Ethernet SFP ports on WS-X4606-10GE-E and Sup 6-E 13

description command 32

dev command 3

device discovery protocol 1

device IDs

call home format 21, 22

device sensor

configuring 117

DHCP

configuring

rate limit for incoming packets 13

denial-of-service attacks, preventing 13

rate limiting of packets

configuring 13

DHCP option 82

identifying a port with 4

overview 3

DHCP Snooping

enabling, and Option 82 10

DHCP snooping

accepting untrusted packets form edge switch 10

configuring 6

default configuration 7

displaying binding tables 19

displaying configuration 19

displaying information 18

enabling 7

enabling on private VLAN 12

enabling on the aggregation switch 9

enabling the database agent 13

message exchange process 4

monitoring 23

option 82 data insertion 3

overview 1

Snooping database agent 2

DHCP Snooping Database Agent

adding to the database (example) 18

enabling (example) 15

overview 2

reading from a TFTP file (example) 17

DHCP-based autoconfiguration

client request message exchange 3

configuring

client side 2

DNS 5

relay device 5

server-side 4

TFTP server 4

example 7

lease options

for IP address information 4

for receiving the configuration file 4

overview 2

relationship to BOOTP 2

Diagnostics

online 1

Power-On-Self-Test

causes of failure 20

how it works 10

overview 10

Power-On-Self-Test for Supervisor Engine V-10GE 13

Differentiated Services Code Point values

See DSCP values

DiffServ architecture, QoS 2

Digital optical monitoring transceiver support 26

dir device command 3

disabled state

RSTP comparisons (table) 24

disabling

broadcast storm control 5

disabling multicast storm control 6

disconnect command 7

discovery, clusters

See automatic discovery

discovery, Ethernet OAM 34

display dection and removal events 7

display filter, Wireshark 7

display PoE consumed by a module 8

display PoE detection and removal events 7

displaying

Auth Manager sumary for an interface 124

MAB details 126

summary of all Auth manager sessions 124

summary of all Auth manager sessions on the switch authorized for a specified authentication method 124

displaying EtherChannel to a Virtual Switch System 20

displaying storm control 6

displaying Wireshark information 14

dispute mechanism 40

DNS

and DHCP-based autoconfiguration 5

default configuration 23

displaying the configuration 24

overview 22

setting up 23

DNS client 3

Domain Name System

See DNS

domain names

DNS 22

double-tagged packets

802.1Q tunneling 2

Layer 2 protocol tunneling 15

downloading MIBs 2, 3

drop threshold for Layer 2 protocol packets 16

DSCP values

definition 4

IP precedence 2

Dual_Active Detection

using Enhanced PAgP 23

Dual-Active Detection, using Fast-Hello 24

duplex command 30

duplex mode

configuring interface 27

dynamic ARP inspection

ARP cache poisoning 2

configuring

ACLs for non-DHCP environments 11

in DHCP environments 5

log buffer 14

rate limit for incoming ARP packets 16

denial-of-service attacks, preventing 16

interface trust state, security coverage 3

log buffer

configuring 14

logging of dropped packets 4

overview 1

port channels, their behavior 5

priority of static bindings 4

purpose of 2

rate limiting of ARP packets 4

configuring 16

validation checks, performing 19

Dynamic Host Configuration Protocol snooping

See DHCP snooping

dynamic port VLAN membership

example 28

limit on hosts 28

reconfirming 25, 26

troubleshooting 28

E

EAP frames

changing retransmission time 85

exchanging (figure) 4, 6, 13

request/identity 4

response/identity 4

setting retransmission number 86

EAPOL frames

802.1X authentication and 3

OTP authentication, example (figure) 4, 13

start 4

Echo mode,configuring BFD 15

edge ports

description 27

EGP

overview 17

EIGRP

configuration examples 20

monitoring and maintaining 19

EIGRP (Enhanced IGRP)

stub routing

benefits 18

configuration tasks 18

configuring 14

overview 14

restrictions 18

verifying 19

EIGRP (enhanced IGRP)

overview 18

eigrp stub command 19

EIGRP stub routing, configuring 13

ELIN location 3

e-mail addresses

assigning for call home 4

e-mail notifications

Call Home 24, 1

Embedded CiscoView

displaying information 48

installing and configuring 45

overview 45

emergency alarms on Sup Engine 6-E systems 5

enable command 9

enable mode 5

enabling SNMP 4

encryption keying 2

encryption keys, MKA 2

Enhanced Interior Gateway Routing Protocol

See EIGRP

enhanced object tracking

defined 1

IP routing state 2

line-protocol state 2

tracked lists 3

Enhanced PoE support on E-series 15

Enhanced PoE support on E-series,configuring Universal PoE 16

environmental monitoring

using CLI commands 1

EPM logging 127

errdisable recovery

configuring 14

ERSPAN

Overview 2

EtherChannel

channel-group group command 49, 9, 11

configuration guidelines 32, 6

configuring 7–20

configuring (tasks) 30

configuring Layer 2 11

configuring Layer 3 7

DFC restriction, see CSCdt27074 in the Release Notes

displaying to a virtual switch system 20

interface port-channel command 8

lacp system-priority

command example 16

modes 3

overview 1

PAgP

Understanding 4

physical interface configuration 49, 8

port-channel interfaces 2

port-channel load-balance command 19

removing 20

removing interfaces 19

understanding 1

EtherChannel guard

disabling 7

enabling 6

overview 6

Ethernet management port

and routing 6

and routing protocols 6

configuring 10

default setting 6

described 29, 6

for network management 29, 6

specifying 10

supported features 9

unsupported features 10

Ethernet management port, internal

and routing protocols 6

Ethernet Management Port, using 5

Ethernet OAM 34

and CFM interaction 51

configuration guidelines 35

configuring with CFM 51

default configuration 35

discovery 34

enabling 36, 52

link monitoring 34, 38

messages 34

protocol

defined 33

monitoring 49

remote failure indications 34

remote loopback 34, 37

templates 45

Ethernet OAM protocol CFM notifications 51

Ethernet Remote Defect Indication (ETH-RDI) 28

event triggers, user-defined

configuring, 802.1X-based 8

configuring, MAC address-based 9

explicit host tracking

enabling 11

extended range VLANs

See VLANs

Extensible Authentication Protocol over LAN 1

Exterior Gateway Protocol

See EGP

F

Fa0 port

See Ethernet management port

Failure detection, using BFD 7

Fallback Authentication

 

configure with 802.1X 77

fast link notification

on VSL failure 13

Fast UDLD

configuring probe message interval 8

default configuration 3

displaying link status 9

enabling globally 5

enabling on individual interface 7

enabling per-interface 6

modes of operation 3

resetting disabled LAN interfaces 8

use case 2

Fast UDLD, overview 1

FastDrop

overview 11

fastethernet0 port

See Ethernet management port

Fast-Hello

dual-active detection 24

Fast-Hello dual-active detection, configuring 53

feature interactions, Wireshark 10

FIB

description 2

See also MFIB

fiber-optics interfaces

disabling UDLD 7

Filter-ID ACL and Per-User ACL, configureport-based authentication

configure Per-User ACL and Filter-ID ACL 45

filtering

in a VLAN 21

non-IP traffic 16, 17

filters, Wireshark 6

flags 12

Flash memory

configuring router to boot from 32

loading system images from 31

security precautions 32

Flex Links

configuration guidelines 5

configuring 6

configuring preferred VLAN 9

configuring VLAN load balancing 8

monitoring 12

Flexible NetFlow

caveats 8

defined 4, 1

flooded traffic, blocking 2

flow control, configuring 32

flowchart, traffic marking procedure 21, 55

For 13

Forward look-up 2

forward-delay time (STP)

configuring 19

forwarding information base

See FIB

frame command 5

G

gateway

See default gateway

get-bulk-request operation 3

get-next-request operation 3, 4

get-request operation 3, 4

get-response operation 3

Gigabit Ethernet SFP ports

deploy with 10-Gigabit Ethernet 12, 13

GLBP, introduction 15

global configuration mode 5

Guest-VLANs

configure with 802.1X 57

H

hardware and software ACL support 6

hardware switching 5

hello time (STP)

configuring 17

High Availability and ISSU for AVC with DNS-AS 5

high CPU due to ACLs, troubleshooting 7

history

CLI 4

history table, level and number of syslog messages 9

hop counts

configuring MST bridges 28

Host 2

host

limit on dynamic port 28

host modes, MACsec 5

host ports

kinds of 4

host presence CDP message 8

Hot Standby Routing Protocol

See HSRP

HSRP

description 16

HSRP, introduction 16

hw-module module num power command 22

I

i command 3

ICMP

enabling 12

ping 7

running IP traceroute 9

time exceeded messages 9

ICMP Echo operation

configuring 11

IP SLAs 11

IDS

using with SPAN and RSPAN 2

IEEE 802.1ag 2

IEEE 802.1s

See MST

IEEE 802.1w

See MST

IEEE 802.3ad

See LACP

IGMP

configurable-leave timer 4

description 3

enabling 15

explicit host tracking 4

immediate-leave processing 3

leave processing, enabling 8

overview 1

report suppression

disabling 10

IGMP filtering

configuring 31

default configuration 30

described 30

monitoring 34

IGMP groups

setting the maximum number 33

IGMP Immediate Leave

configuration guidelines 9

IGMP profile

applying 32

configuration mode 31

configuring 31

IGMP Snooping

configure

leave timer 9

configuring

Learning Methods 7

static connection to a multicast router 8

configuring host statically 11

enabling

Immediate-Leave processing

explicit host tracking 11

suppressing multicast flooding 12

IGMP snooping

configuration guidelines 5

default configuration 5, 6

enabling

globally 6

on a VLAN 6

enabling and disabling 6

IP multicast and 4

monitoring 14, 10

overview 1

IGMP Snooping, displaying

group 16

hot membership 15

how to 15

MAC address entries 18

multicast router interfaces 17

on a VLAN interface 18

Querier information 19

IGMPSnooping Querier, configuring 10

Immediate Leave, IGMP

enabling 8

immediate-leave processing

enabling 8

IGMP

See fast-leave processing

ingress packets, SPAN enhancement 12

inline power

configuring on Cisco IP phones 5

insufficient inline power handling for Supervisor Engine II-TS 22

Intelligent Power Management 4

interacting with Baby Giants 37

interface

displaying operational status 6

interface command 9, 2

interface configuration

REP 10

interface link and trunk status events

configuring 46

interface port-channel command 48, 8

interface range command 4

interface range macro command 10

interfaces

adding descriptive name 32

clearing counters 44

configuring 2

configuring ranges 4

displaying information about 44

Layer 2 modes 3

maintaining 44

monitoring 44

naming 32

numbers 2

overview 2

restarting 45

See also Layer 2 interfaces

using the Ethernet Management Port 5

Internet Control Message Protocol

See ICMP

Internet Group Management Protocol

See IGMP

Internet Protocol version 6

See IPv6

introduction

802.1X Identity-Based Network Security, list of supported features 34

Bidirectional Forwarding Detection 14

Cisco Call Home 24

Cisco Energy Wise 24

Cisco Express Forwarding 14

Cisco IOS IP Service Level Agreements 25

Cisco IOS Mediatrace and Performance Monitor 27

Cisco Media Services Proxy 25

Cisco Medianet AutoQoS 26

Cisco Medianet Flow Metadata 26

Cisco TrustSec MACsec Encryption 36

Cisco TrustSec Security Architecture 36

Debugging Features (platform and debug platform) 43

Device Sensor 14

Dynamic Host Control Protocol 28

Easy Virtual Network 28

EIGRP Stub routing 14

Embedded Event Manager 29

Enhanced Object Tracking 15

EtherChannel bundles 3

Ethernet CFM 3

Ethernet Management Port 29

Ethernet OAM Protocol 3

FAT File Management System (Sup 60-E, 6L-E, 4948E, and 4900M) 30

File System Management (Sup 7-E and 7L-E) 29

Flex Link and MAC Address-Table Move Update 3

Flexible Netflow (Sup 7-E and 7L-E) 4

GLBP 15

hard-based Control Plane Policing 37

HSRP 16

In Service Software Upgrade 19

Intelligent Power Management 30

Internet Group Management Protocol (IGMP) Snooping 4

IP Routing protocols 17

IP Source Guard 38

IP Source Guard or Static Hosts 38

IPv6 20

IPv6 First Hop Security 38

IPv6 Multicast BSR and BSR Scoped Zone Support, introduction 5

IPv6 Multicast Listen Discovery (MLD) and Multicast Listen Discovery Snooping 6

IS-IS 18

Jumbo Frame 6

Layer 2 traceroute 43

Link Aggregation Control Protocol 7

MAC Address Notification 30

NAC

Layer 2 802.1X authentication 40

Layer 2 IP validation 40

NetFlow-lite 31

Network Security with ACLs (IP ACLs, MAC ACLs, Port ACLs, Router, ACLs, and VLAN ACLs) 41

NSF with SSO 21

OSPF 19

OSPF for Routed Access 21

Port Security 41

Power over Ethernet 31

RIP 19

Simple Network Management Protocol 31

SPAN and RSPAN 32

Time Domain Reflectometry 43

Unicast Reverse Path Forwarding 22

Universal Power over Ethernet 32

Virtual Router Redundancy Protocol 23

VRF-lite 23

Web Content Coordination Protocol 32

Web-based Authentication 43

Wireshark 33

XML-PI 33

Intrusion Detection System

See IDS

inventory management TLV 3, 9

IOS shell

See Auto SmartPorts macros

IP

configuring default gateway 11

configuring static routes 11

displaying statistics 8

IP addresses

128-bit 2

cluster candidate or member 12

cluster command switch 11

discovering 44

IPv6 2

ip cef command 7, 2

IP Enhanced IGRP

interfaces, displaying 20

ip icmp rate-limit unreachable command 12

ip igmp profile command 31

ip igmp snooping tcn flood command 13

ip igmp snooping tcn flood query count command 14

ip igmp snooping tcn query solicit command 14

IP information

assigned

through DHCP-based autoconfiguration 2

ip load-sharing per-destination command 8

ip local policy route-map command 12

ip mask-reply command 13

IP MTU sizes,configuring 9

IP multicast

clearing table entries 28

configuring 13

default configuration 14

displaying PIM information 24

displaying the routing table information 24

enabling dense-mode PIM 15

enabling sparse-mode 15

features not supported 13

hardware forwarding 9

IGMP snooping and 5, 4

overview 1

routing protocols 2

software forwarding 9

See also Auto-RP; IGMP; PIM; RP; RPF

IP multicast routing

enabling 14

monitoring and maintaining 23

IP multicast traffic, load splitting 22

ip multicast-routing command 14

IP phones

configuring voice ports 3

See Cisco IP Phones 1

ip pim command 15

ip pim dense-mode command 15

ip pim sparse-dense-mode command 16, 17

ip policy route-map command 9, 11, 14, 15

IP Port Security for Static Hosts

on a Layer 2 access port 25

on a PVLAN host port 28

overview 24

ip redirects command 13

IP routing tables

deleting entries 28

IP Service Level Agreements

See IP SLAs

IP service levels, analyzing 1

IP SLAs

benefits 2

CFM endpoint discovery 21

configuration guidelines 7

Control Protocol 4

default configuration 6

definition 1

ICMP echo operation 11

manually configuring CFM ping or jitter 19

measuring network performance 3

multioperations scheduling 5

operation 3

reachability tracking 10

responder

described 4

enabling 7

response time 4

scheduling 5

SNMP support 2

supported metrics 2

threshold monitoring 6

track state 10

UDP jitter operation 8

IP Source Guard

configuring 20

configuring on private VLANs 22

displaying 22, 23

overview 23

IP statistics

displaying 8

IP traceroute

executing 9

overview 8

IP unicast

displaying statistics 8

IP Unnumbered support

configuring on a range of Ethernet VLANs 5

configuring on LAN and VLAN interfaces 4

configuring with connected host polling 6

DHCP Option 82 2

displaying settings 7

format of agent remote ID suboptions 2

troubleshooting 8

with conected host polling 3

with DHCP server and Relay agent 2

ip unreachables command 12

IPsec VPN, introduction 40

IPv4, IPv6, and MAC ACLs, configuring on a Layer 2 interface 33

IPv6

addresses 2

default configuration 8

defined 20, 1

Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 6

Router ID 7

OSPF 6

IPv6 control traffic, policing 20

IPv6 First Hop Security, introduction 38

IPX

redistribution of route information with EIGRP 18

is 23

IS-IS, introduction 18

ISL

trunking with 802.1Q tunneling 4

isolated port 4

isolated VLANs 2, 3, 4

ISSU

compatibility matrix 63, 14

compatiblity verification using Cisco Feature Navigator 64, 15

NSF overview 3, 4

perform the process

aborting a software upgrade 79, 34, 36

configuring the rollback timer as a safeguard 81, 35, 37

displaying a compatibility matrix 82, 36, 40, 39

loading the new software on the new standby 72, 27, 28

stopping the rollback timer 72, 26, 27

switching to the standby 70, 24, 25

verify the ISSU state 67, 20, 21

verify the redundancy mode 65, 19

verify the software installation 65, 18, 19

vload the new software on standby 68, 21

prerequisites 58, 1, 2

process overview 6, 7

restrictions 58, 1, 2

SNMP support 15

SSO overview 3, 4

versioning capability in software to support 13

IST

and MST regions 22

description 22

master 27

ITU-T Y.1731

See Y.1731

J

jumbo frames

and ethernet ports 36

configuring MTU sizes for 37

ports and linecards that support 34

understanding MTUs 35

understanding support 35

VLAN interfaces 36

K

keyboard shortcuts 3

L

l2protocol-tunnel command 17, 19

labels, definition 3

LACP

system ID 5

Layer 2 access ports 7

Layer 2 Control Packet QoS

and CoPP configuration example 18

default configuation 15

disabling 17

enabvling 15

guideline and restrictions 20

understanding 15

Layer 2 frames

classification with CoS 2

Layer 2 interface

applying ACLs 35

configuring access-mode mode on 35

configuring IPv4, IPv6, and MAC ACLs 33

displaying an ACL configuration 36

Layer 2 interface type

resetting 24

setting 24

Layer 2 interfaces

assigning VLANs 7

configuring 5

configuring as PVLAN host ports 18

configuring as PVLAN promiscuous ports 17

configuring as PVLAN trunk ports 19

defaults 4

disabling configuration 8

modes 3

show interfaces command 6

Layer 2 protocol tunneling

default configuration 16

guidelines 16

Layer 2 switching

overview 1

Layer 2 Traceroute

and ARP 10

and CDP 10

host-to-host paths 10

IP addresses and subnets 10

MAC addresses and VLANs 10

multicast traffic 10

multiple devices on a port 10

unicast traffic 43, 9

usage guidelines 10

Layer 2 trunks

configuring 5

overview 3

Layer 3 interface counters,configuring 11

Layer 3 interface counters,understanding 3

Layer 3 interface, applying IPv6 ACLs 20

Layer 3 interfaces

changing from Layer 2 mode 15

configuration guidelines 5

configuring VLANs as interfaces 8

overview 1

counters 3

logical 2

physical 2

SVI autostate exclude 3

Layer 3 packets

classification methods 2

Layer 4 port operations

configuration guidelines 12

restrictions 11

Leave timer, enabling 9

licenses, managing with PRTU 14

limitations on using a TwinGig Convertor 13

Link Aggregation Control Protocol, introduction 7

link and trunk status events

configuring interface 46

link integrity, verifying with REP 4

Link Layer Discovery Protocol

See CDP

link monitoring, Ethernet OAM 34, 38

link status, displaying UDLD 9

link-state tracking

configuration guidelines 26

default configuration 26

described 23

displaying status 27

generic configuration procedure 26

listening state (STP)

RSTP comparisons (table) 24

LLDP

configuring 4

characteristics 5

default configuration 5

disabling and enabling

globally 6

on an interface 7

monitoring and maintaining 14

overview 1

transmission timer and holdtime, setting 5

LLDP Media Endpoint Discovery

See LLDP-MED

LLDP-MED

configuring

procedures 4

TLVs 9, 11

monitoring and maintaining 14

overview 1

supported TLVs 2

load balancing

configuring for CEF 7

configuring for EtherChannel 18

overview 6

per-destination 7

load splitting IP multicast traffic 22

Location Service

overview 1

location service

configuring 12

understanding 3

location TLV 3, 9

logging, EPM 127

Logical Layer 3 interfaces

configuring 6

logical layer 3 VLAN interfaces 2

login authentication

with RADIUS 105

with TACACS+ 19

login banners 24

login timer

changing 6

logoutwarning command 6

loop guard

and MST 23

configuring 5

overview 3

M

MAC address learning, disabling on a VLAN 39

confuguring 39

deployment scenarios 40

feature compatibility 42

feature incompatibility 43

feature inompatibility 43

usage guidelines 40

MAC address table

displaying 44

MAC addresses

aging time 30

allocating 6

and VLAN association 29

building tables 28, 2

convert dynamic to sticky secure 5

default configuration 30

disabling learning on a VLAN 39

discovering 44

displaying 3

displaying in DHCP snooping binding table 19

dynamic

learning 29

removing 31

in ACLs 16

static

adding 37

allowing 38

characteristics of 36

dropping 38

removing 37

sticky 4

sticky secure, adding 5

MAC address-table move update

configuration guidelines 9

configuring 10

monitoring 12

MAC Authentication Bypass

configure with 802.1X 60

MAC details, displaying 126

MAC extended access lists 16

MAC/PHY configuration status TLV 2

macl 17

macros

See Auto SmartPorts macros

See Auto Smartports macros

See Smartports macros

MACSec

802.1AE Tagging 20

MACsec 2

configuring on an interface 8, 15

defined 1, 2

switch-to-switch security 1

MACsec Key Agreement Protocol

See MKA

main-cpu command 8, 7

management address TLV 2

management options

SNMP 1

Management Port, Ethernet 5

managing software licenses, using PRTU 14

manual preemption, REP, configuring 13

marking

hardware capabilities 23, 57

marking action drivers 21, 55

marking network traffic 18, 52

marking support, multi-attribute 22, 56

match ip address command 8, 10, 12, 13

maximum aging time (STP)

configuring 18

MDA

configuration guidelines 22–??

described 22

MEC

configuration 48

described 13

failure 14

Media Access Control Security

See MACsec

member switch

managing 13

member switch, cluster

defined 2

members

automatic discovery 7

meminfo command 6

messages, Ethernet OAM 34

messages, to users through banners 24

Metadata 2

Metro features

Y.1731 (AIS and RDI), introduction 13

metro tags 2

MFIB

CEF 6

overview 12

MFIB, IP

displaying 26

MIBs

compiling 4

downloading 2, 3

overview 1

related information 3

SNMP interaction with 4

MKA

configuring policies 7

defined 2

policies 3

replay protection 3

statistics 6

virtual ports 4

MLD Done messages and Immediate-leave 4

MLD messages 2

MLD queries 3

MLD reports 4

MLD Snooping

MLD Done messages and Immediate-leave 4

MLD messages 2

MLD queries 3

MLD reports 4

Multicast client aging robustness 3

Multicast router discovery 3

overview 1

Mode of capturing control packets, selecting 7

modules

checking status 1

powering down 22

monitoring

802.1Q tunneling 23

ACL information 39

Ethernet CFM 32, 33

Ethernet OAM 49

Ethernet OAM protocol 49

Flex Links 12

IGMP

snooping 10

IGMP filters 34

IGMP snooping 14

Layer 2 protocol tunneling 23

MAC address-table move update 12

multicast router interfaces 11

multi-VRF CE 14, 21

MVR 29

object tracking 13

REP 14

traffic flowing among switches 1

tunneling 23

VLAN filters 28

VLAN maps 28

monitoring and troubleshooting

BFD 17

Monitoring AVC with DNS-AS 20

M-record 23

MST

and multiple spanning trees 8, 22

boundary ports 27

BPDUs 23

configuration parameters 26

configuring 28

displaying configurations 32

edge ports 27

enabling 29

hop count 28

instances

configuring parameters 31

description 23

number supported 26

interoperability with PVST+ 23

link type 28

master 27

message age 28

regions 26

restrictions 28

to-SST interoperability 24

MSTP

EtherChannel guard

enabling 6

M-record 23

M-tree 23

MST-to-PVST+ Interoperability (PVST+ simulation) 35

MST-to-PVST+ Interoperability guidelines 35

M-tree 23

MTU size

configuring 37, 38, 46, 47

default 4

MTUS

understanding 35

Multi-authentication

described 22

multiauthentication mode 8

multicast

See IP multicast

Multicast client aging robustness 3

multicast Ethernet loopback (ETH-LB) 29

multicast Ethernet loopback, using 31

Multicast Forwarding Information Base (MFIB) 12

multicast groups

static joins 7

Multicast HA 13

Multicast implementation

HA 13

MFIB 12

S/M, 224/4 13

multicast packets

blocking 2

Multicast router discovery 3

multicast router interfaces, displaying 17

multicast router interfaces, monitoring 11

multicast router ports, adding 7

multicast router table

displaying 24

multicast routers

flood suppression 12

Multicast Storm Control

 

enabling 4

disabling 6

multicast television application, using MVR 21

Multicast VLAN Registration

See MVR

multichassis EtherChannel

see MEC 13

multidomain authentication

See MDA

multidomain authentication mode 7

multioperations scheduling, IP SLAs 5

Multiple AuthorizationAuthentication

configuring 34

Multiple Domain Authentication 34

multiple forwarding paths 8, 22

Multiple Spanning Tree

See MST

multiple VPN routing/forwarding

See multi-VRF CE

multiple-hosts mode 7

multi-VRF CE

components 3

configuration example 17

defined 1

displaying 14, 21

monitoring 14, 21

network components 3

packet-forwarding process 3

MVR

configuration guidelines and limitations 23

configuring global parameters 24

configuring on a trunk port 27

configuring on access ports 26

default configuration 23

displaying information 29

in a multicast television application 21

monitoring 29

setting global parameters 24

N

NAC Layer 2 802.1X authentication, intro 40

NAC Layer 2 IP validation, intro 40

named IPv6 ACLs, configuring

ACLs

configuring named IPv6 ACLs 18

named MAC extended ACLs

ACLs

configuring named MAC extended 16, 17

native VLAN

and 802.1Q tunneling 3

specifying 5

NDAC 20

defined 20

MACsec 1

NEAT

configuring 88

overview 24

neighbor offset numbers, REP 5

NetFlow packet sampling

about 1

NetFlow-lite

clear commands 9

display commands 8

Network Assistant

and VTY 12

configure

enable communication with switch 13, 17

default configuration 2

overview of CLI commands 3

Network Device Admission Control (NDAC) 20

Network Edge Access Topology

See NEAT

network fault tolerance 8, 22

network management

configuring 1

RMON 1

SNMP 1

network performance, measuring with IP SLAs 3

network policy TLV 2, 9

Network Time Protocol

See NTP

network traffic, marking 18, 52

New Software Features in Release 7.7

TDR 3

Next Hop Resolution Protocol

See NHRP

NHRP

support 18

non-fiber-optics interfaces

disabling UDLD 7

non-IP traffic filtering 16, 17

non-RPF traffic

description 10

in redundant configurations (figure) 11

Nonstop Forwarding

See NSF

nonvolatile random-access memory

See NVRAM

normal-range VLANs

See VLANs

NSF

defined 1

guidelines and restrictions 9

operation 4

NSF with SSO supervisor engine redundancy

and CEF 5

overview 3

SSO operation 4

NSF-aware

supervisor engines 3

support 2

NSF-capable

supervisor engines 3

support 2

NTP

associations

authenticating 4

defined 2

enabling broadcast messages 7

peer 6

server 6

default configuration 4

displaying the configuration 11

overview 2

restricting access

creating an access group 9

disabling NTP services per interface 10

source IP address, configuring 10

stratum 2

synchronizing devices 6

time

services 2

synchronizing 2

ntroduction

PPPoE Intermediate Agent 41

Storm Control 42

uRPF Strict Mode 42

NVRAM

saving settings 10

O

OAM

client 34

features 34

sublayer 34

OAM manager

configuring 52

with CFM and Ethernet OAM 51

OAM PDUs 35

OAM protocol data units 33

OBFL, displaying for the 9000W AC 4

object tracking

monitoring 13

OIR

overview 41

on-demaind online diagnostics 2

online diagnostic

troubleshooting 8

Online Diagnostics 1

online diagnostics

configuring on-demaind 2

data path, displaying test results 7

displaying tests and test results 4

linecard 8

scheduling 2

starting and stopping tests 3

online insertion and removal

See OIR

Open Shortest Path First

See OSPF

operating system images

See system images

Option 82

enabling DHCP Snooping 10

OSPF

area concept 19

description 19

for IPv6 6

OSPF for Routed Access, introduction 21

OSPF, introduction 19

P

packet type filtering

overview 14

SPAN enhancement 14

packets

modifying 9

PACL

using with access-group mode 34

PACL configuration guidelines 32

PACL with VLAN maps and router ACLs 36

PAgP

understanding 4

PAgP, dual-active detection 23

passwords

configuring enable password 14

configuring enable secret password 14

encrypting 22

in clusters 8

recovering lost enable password 25

setting line password 14

PBR (policy-based routing)

configuration (example) 16

enabling 7, 10

features 2

overview 1

route maps 2

route-map processing logic 3

when to use 6

PE to CE routing, configuring 9

percentage thresholds in tracked lists 7

Permanent Right-To_Use 14

per-port and VLAN Access Control List 19

per-port per-VLAN QoS

enabling 36, 70

overview 10

Per-User ACL and Filter-ID ACL, configure 45

Per-VLAN Rapid Spanning Tree 6

enabling 20

overview 6

physical layer 3 interfaces 2

Physical Layer 3 interfaces, configuring 12

PIM

configuring dense mode 15

configuring sparse mode 15

displaying information 24

displaying statistics 28

enabling sparse-dense mode 15, 16

overview 3

PIM on an interface, enabling 15

PIM-DM 3

PIM-SM 3

PIM-SSM mapping, enabling 17

ping

executing 8

overview 7

ping command 8, 24

PoE 7, 8

configuring power consumption for single device 5, 16

configuring power consumption, powered devices 5

displaying operational status for an interface 6

Enhanced PoE support on E-series 15

policing and monitoring 12

power consumption for powered devices

Intelligent Power Management 4

power management modes 2

powering down a module 22

PoE policing

configuring errdisable recovery 14

configuring on an interface 13

displaying on an interface 14

power modes 12

point-to-point

in 802.1X authentication (figure) 3

policing

how to implement 18, 52

See QoS policing

policing IPv6 control traffic 20

policing, PoE 12

policy associations, QoS on Sup 6-E 39, 73

policy map marking action, configuring 23, 57

policy-map command 16, 51

port ACLs

and voice VLAN 5

defined 3

Port Aggregation Protocol

see PAgP

port cost (STP)

configuring 15

port description TLV 2

port numbering with TwinGig Convertors 13

port priority

configuring MST instances 31

configuring STP 13

port security

aging 5

configuring 7

displaying 28

guidelines and restrictions 33

on access ports 7, 22

on private VLAN 14

host 14

promiscuous 16

topology 15, 18, 32

on trunk port 17

guidelines and restrictions 15, 18, 32

port mode changes 22

on voice ports 22

sticky learning 5

using with 802.1X 18

violations 6

with 802.1X Authentication 32

with DHCP and IP Source Guard 31

with other features 33

port states

description 5

port VLAN ID TLV 2

port-based authentication

802.1X with voice VLAN 21

Authentication Failed VLAN assignment 16

authentication server

defined 2

changing the quiet period 84

client, defined 3, 2

configuration guidelines 28, 6

configure ACL assignments and redirect URLs 38

configure switch-to-RADIUS server communication 32

configure with Authentication Failed 71

configure with Critical Authentication 62

configure with Guest-VLANs 57

configure with MAC Authentication Bypass 60

configure with VLAN User Distribution 68

configure with Voice VLAN 73

configuring

Multiple Domain Authentication and Multiple Authorization 34

RADIUS server 10

RADIUS server parameters on the switch 9

configuring Fallback Authentication 77

configuring Guest-VLAN 32

configuring manual re-authentication of a client 94

configuring with Unidirectional Controlled Port 66

controlling authorization state 5

default configuration 27, 6

described 1

device roles 2

displaying statistics 123, 14

enabling 29

802.1X authentication 9

enabling multiple hosts 83

enabling periodic re-authentication 81

encapsulation 3

host mode 6

how 802.1X fails on a port 25

initiation and message exchange 4

method lists 29

modes 6

multidomain authentication 22

multiple-hosts mode, described 7

port security

multiple-hosts mode 7

ports not supported 4

pre-authentication open access 8

resetting to default values 95

setting retransmission number 86

setting retransmission time 85

switch

as proxy 2

switch supplicant

configuring 88

overview 24

topologies, supported 26

using with ACL assignments and redirect URLs 19

using with port security 18

voice aware 802.1x security

configuring 74

described 21, 74

with Critical Authentication 14

with Guest VLANs 10

with MAC Authentication Bypass 11

with Unidirectional Controlled Port 15

with VLAN assignment 9

with VLAN User Distribution 15

port-channel

see EtherChannel

port-channel interfaces

See also EtherChannel

creating 48, 8

overview 2

port-channel load-balance

command 14, 16

command example 16

port-channel load-balance command 19

PortFast

and MST 23

configuring or enabling 23

overview 7

PortFast BPDU filtering

and MST 23

overview 16

PortFast Edge BPDU Filtering 17

ports

blocking 1

checking status 2

dynamic VLAN membership

example 28

reconfirming 25, 26

forwarding, resuming 3

REP 6

See also interfaces

power

inline 5

power dc input command 21

power handling for Supervisor Engine II-TS 12

power inline command 3

power inline consumption command 5

power management

Catalyst 4500 series 7

Catalyst 4500 Switch power supplies 14

Catalyst 4948 series 23

configuring combined mode 13

configuring redundant mode 12

overview 1

redundancy 7

power management for Catalyst 4500 Switch

combined mode 9

redundant mode 9

power management limitations in Catalyst 4500 Switch 10

power management mode

selecting 10

power management TLV 2, 3, 9

power negotiation

through LLDP 11

power policing, displaying on an interface 14

power redundancy-mode command 13

power supplies

available power for Catalyst 4500 Switch 14

fixed 8

variable 8, 23

powered devices, configuring power consumption 5

Power-On-Self-Test diagnostics 10, 20

Power-On-Self-Test for Supervisor Engine V-10GE 13

pre-authentication open access 8

pre-authentication open access. See port-based authentication.

preempt delay time, REP 5

primary edge port, REP 4

primary VLANs 2, 4

associating with secondary VLANs 16

configuring as a PVLAN 15

priority

overriding CoS of incoming frames 4

priority queuing, QoS on Sup 6-E 30, 64

private VLAN

configure port security 14, 15

enabling DHCP Snooping 12

private VLANs

across multiple switches 5

and SVIs 10

benefits of 2

community ports 3

community VLANs 2, 3

default configuration 12

end station access to 3

isolated port 4

isolated VLANs 2, 3, 4

ports

community 3

isolated 4

promiscuous 4

primary VLANs 2, 4

promiscuous ports 4

secondary VLANs 2

subdomains 2

traffic in 9

privileged EXEC mode 5

privileges

changing default 23

configuring levels 23

exiting 24

logging in 24

promiscuous ports

configuring PVLAN 17

defined 4

setting mode 24

protocol timers 4

provider edge devices 2

PRTU, managing software licenses 14

pruning, VTP

See VTP pruning

pseudobridges

description 25

PVACL 19

PVID (port VLAN ID)

and 802.1X with voice VLAN ports 21

PVLAN promiscuous trunk port

configuring 11, 17, 21

PVLANs

802.1q support 14

across multiple switches 5

configuration guidelines 12

configure port security 14, 16, 18

configure port security in a wireless setting 32

configuring 11

configuring a VLAN 15

configuring promiscuous ports 17

host ports

configuring a Layer 2 interface 18

setting 24

overview 1

permitting routing, example 23

promiscuous mode

setting 24

setting

interface mode 24

PVST+ simulation 36

Q

QoS

classification 6–??

definitions 3

enabling per-port per-VLAN 36, 70

overview 1

overview of per-port per-VLAN 10

packet modification 9

traffic shaping 9

See also COS; DSCP values; transmit queues

QoS active queue management

tracking queue length 9

QoS labels

definition 3

QoS marking

description 5

QoS on Sup 6-E

Active Queue management via DBL 34, 68

active queue management via DBL 27, 34, 61, 68

classification 16, 50

configuring 13, 47

configuring CoS mutation 45, 79

configuring the policy map marking action 23, 57

hardware capabilities for marking 23, 57

how to implement policing 18, 52

marking action drivers 21, 55

marking network traffic 18, 52

MQC-based QoS configuration 13, 48

multi-attribute marking support 22, 56

platform hardware capabilities 15, 49

platform restrictions 18, 52

platform-supported classification criteria and QoS features 13, 14, 48

policing 17, 51

policy associations 39, 73

prerequisites for applying a service policy 15, 49

priority queuing 30, 64

queue-limiting 31, 65

restrictions for applying a service policy 15, 50

shaping 25, 59

sharing(bandwidth) 27, 61

sharing(blandwidth), shapring, and priority queuing 25, 59

software QoS 40, 74

traffic marking procedure flowchart 21, 55

QoS policing

definition 5

described 8

QoS policy

attaching to interfaces 8

QoS service policy

prerequisites 15, 49

restrictions for applying 15, 50

QoS transmit queues

burst 9

maximum rate 9

sharing link bandwidth 9

quad-supervisor

uplink forwarding 6

Quality of service

See QoS

queueing 8

queue-limiting, QoS on Sup 6-E 31, 65

R

RA Guard

configuring 51

deployment 50

examples 51

introduction 49

usage guidelines 52

RADIUS

attributes

vendor-proprietary 112

vendor-specific 111

change of authorization 97

configuring

accounting 110

authentication 105

authorization 109

communication, global 103, 110

communication, per-server 103

multiple UDP ports 103

default configuration 102

defining AAA server groups 107

displaying the configuration 115

identifying the server 103

limiting the services to the user 109

method list, defined 102

operation of 97

server load balancing 115

suggested network environments 96

tracking services accessed by user 110

understanding 96

RADIUS Change of Authorization 97

RADIUS server

configure to-Switch communication 32

configuring settings 34

parameters on the switch 32

RADIUS, controlling switch access with 95

range command 4

range macros

defining 10

ranges of interfaces

configuring 4

Rapid Spanning Tree

See RSTP

rcommand command 13

reachability, tracking IP SLAs IP host 10

re-authentication of a client

configuring manual 94

enabling periodic 81

redirect URLs, port-based authentication 19

reduced MAC address 2

redundancy

configuring 7

guidelines and restrictions 5

changes made through SNMP 11

NSF-aware support 2

NSF-capable support 2

overview 2

redundancy command 8, 7

understanding synchronization 4

redundancy (NSF) 1

configuring

BGP 11

CEF 11

EIGRP 16

IS-IS 14

OSPF 13

routing protocols 5

redundancy (RPR)

route processor redundancy 2

synchronization 4, 5

redundancy (SSO)

redundancy command 10

route processor redundancy 3

synchronization 5

reload command 29

Remote Authentication Dial-In User Service

See RADIUS

remote failure indications 34

remote loopback, Ethernet OAM 34, 37

Remote Network Monitoring

See RMON

rendezvous point, configuring 17

rendezvous point, configuring single static 21

REP

administrative VLAN 8

administrative VLAN, configuring 9

and STP 6

configuration guidelines 7

configuring interfaces 10

convergence 4

default configuration 7

manual preemption, configuring 13

monitoring 14

neighbor offset numbers 5

open segment 2

ports 6

preempt delay time 5

primary edge port 4

ring segment 2

secondary edge port 4

segments 1

characteristics 2

SNMP traps, configuring 14

supported interfaces 1

triggering VLAN load balancing 6

verifying link integrity 4

VLAN blocking 13

VLAN load balancing 4

replication

description 9

report suppression, IGMP

disabling 10

reserved-range VLANs

See VLANs

reset command 3

resetting a switch to defaults 34

resetting an interface to default configuration 48

Resilient Ethernet ProtocolLSee REP

responder, IP SLAs

described 4

enabling 7

response time, measuring with IP SLAs 4

restricting access

NTP services 8

RADIUS 95

TACACS+ 15

Restrictions and Guidelines for Configuring AVC with DNS-AS 6

retransmission number

setting in 802.1X authentication 86

retransmission time

changing in 802.1X authentication 85

RFC

1157, SNMPv1 2

1305, NTP 2

1757, RMON 2

1901, SNMPv2C 2

1902 to 1907, SNMPv2 2

2273-2275, SNMPv3 2

RFC 5176 Compliance 98

RIP

description 19

for IPv6 6

RIP, introduction 19

RMON

default configuration 3

displaying status 6

enabling alarms and events 3

groups supported 2

overview 1

ROM monitor

boot process and 26

CLI 7

commands 2–3

debug commands 5–6

entering 1

exiting 6

overview 1

root bridge

configuring 9

selecting in MST 22

root guard

and MST 23

enabling 2

overview 2

route maps

defining 8, 10, 12

PBR 2

route targets

VPN 3

routed packets

ACLs 30

route-map (IP) command 8, 10, 12

router ACLs

description 41, 3

using with VLAN maps 29

router ACLs, using PACL with VLAN maps 36

Routing Information Protocol

See RIP

RPF

See Unicast RPF

RSPAN

configuration guidelines 16

destination ports 5

IDS 2

monitored ports 4

monitoring ports 5

received traffic 3

sessions

creating 17

defined 3

limiting source traffic to specific VLANs 23

monitoring VLANs 21

removing source (monitored) ports 20

specifying monitored ports 17

source ports 4

transmitted traffic 4

VLAN-based 5

RSTP

compatibility 23

description 22

port roles 24

port states 24

S

S/M, 224/4 13

SAID

See 802.10 SAID

SAP

defined 20

negotiation 20

support 1

scheduling 8

scheduling, IP SLAs operations 5

secondary edge port, REP 4

secondary root switch 12

secondary VLANs 2

associating with primary 16

permitting routing 23

security

configuring 1

Security Association Identifier

See 802.10 SAID

Security Exchange Protocol

See SAP

selecting a power management mode 10

selecting X2/TwinGig Convertor Mode 14

sequence numbers in log messages 7

server IDs

description 23

service policy, configure class-level queue-limit 31, 65

service-policy input command 2

service-provider networks

and customer VLANs 2

session keys, MKA 2

set default interface command 9, 11

set interface command 8, 10

set ip default next-hop command 9, 11

set ip next-hop command 8, 10, 16

set-request operation 4

severity levels, defining in system messages 8

shaping, QoS on Sup 6-E 25, 59

sharing(bandwidth), QoS on Sup 6-E 27, 61

Shell functions

See Auto SmartPorts macros

See Auto Smartports macros

Shell triggers

See Auto SmartPorts macros

See Auto Smartports macros

show adjacency command 10

show boot command 33

show catalyst4000 chassis-mac-address command 3

show cdp command 2, 3

show cdp entry command 3

show cdp interface command 3

show cdp neighbors command 3

show cdp traffic command 3

show ciscoview package command 48

show ciscoview version command 48

show cluster members command 13

show configuration command 32

show debugging command 3

show environment command 2

show history command 4

show interfaces command 37, 38, 44, 46, 47

show interfaces status command 2

show ip cef command 8

show ip eigrp interfaces command 20

show ip eigrp neighbors command 20

show ip eigrp topology command 20

show ip eigrp traffic command 20

show ip interface command 24

show ip local policy command 12

show ip mroute command 24

show ip pim interface command 24

show l2protocol command 18

show lldp traffic command 15

show mac-address-table address command 3

show mac-address-table interface command 3

show mls entry command 8

show module command 1, 6

show PoE consumed 8

show power inline command 6

show power supplies command 13

show protocols command 44

show running-config command

adding description for an interface 32

checking your settings 9

displaying ACLs 23, 25, 34, 35

show startup-config command 10

show users command 6

show version command 30

shutdown threshold for Layer 2 protocol packets 16

shutdown, command 45

shutting down

interfaces 45

Simple Network Management Protocol

See SNMP

single spanning tree

See SST

single static RP, configuring 21

single-host mode 7

slot numbers, description 2

Slow timer, configuring BFD 16

smart call home 1

description 2

destination profile (note) 5

registration requirements 3

service contract requirements 3

Transport Gateway (TG) aggregation point 2

SMARTnet

smart call home registration 3

Smartports macros

applying global parameter values 8, 14

applying macros 8

applying parameter values 8

configuration guidelines 6, 13

configuring 2

creating 7

default configuration 3, 13

defined 10, 1

displaying 12

tracing 6, 13

SNMP

accessing MIB variables with 4

agent

described 4

disabling 7

and IP SLAs 2

authentication level 10

community strings

configuring 7

overview 4

configuration examples 15

configuration guidelines 6

default configuration 5

enabling 4

engine ID 6

groups 6, 9

host 6

informs

and trap keyword 11

described 5

differences from traps 5

enabling 14

limiting access by TFTP servers 15

limiting system log messages to NMS 9

manager functions 3

notifications 5

overview 1, 4

status, displaying 16

system contact and location 14

trap manager, configuring 13

traps

described 3, 5

differences from informs 5

enabling 11

enabling MAC address notification 31

enabling MAC move notification 33

enabling MAC threshold notification 35

overview 1, 4

types of 11

users 6, 9

versions supported 2

SNMP commands 4

SNMP traps

REP 14

SNMPv1 2

SNMPv2C 2

SNMPv3 2

software

upgrading 13, 12

software configuration register 26

software QoS, on Sup 6-E 40, 74

software switching

description 5

interfaces 6

key data structures used 8

source group tag 4, 10

source IDs

call home event format 22

SPAN

and ACLs 5

configuration guidelines 7

configuring 7–10

destination ports 5

IDS 2

monitored port, defined 4

monitoring port, defined 5

received traffic 3

sessions

defined 3

source ports 4

transmitted traffic 4

VLAN-based 5

SPAN and RSPAN

concepts and terminology 3

default configuration 6

displaying status 24

overview 1

session limits 6

SPAN enhancements

access list filtering 13

configuration example 15

CPU port sniffing 10

encapsulation configuration 12

ingress packets 12

packet type filtering 14

spanning-tree backbonefast command 24

spanning-tree cost command 15

spanning-tree guard root command 2

spanning-tree port-priority command 13

spanning-tree uplinkfast command 20

spanning-tree vlan

command 9

command example 9

spanning-tree vlan command 8

spanning-tree vlan cost command 16

spanning-tree vlan forward-time command 19

spanning-tree vlan hello-time command 18

spanning-tree vlan max-age command 18

spanning-tree vlan port-priority command 13

spanning-tree vlan priority command 17

spanning-tree vlan root primary command 10

spanning-tree vlan root secondary command 12

speed

configuring interface 27

speed command 28, 29

SSO

configuring 10

SSO operation 4

SST

description 22

interoperability 24

static ACL, removing the requirement 32

static addresses

See addresses

static routes

configuring 11

verifying 12

statistics

802.1X 14

displaying 802.1X 123

displaying PIM 28

LLDP 14

LLDP-MED 14

MKA 6

SNMP input and output 16

sticky learning

configuration file 5

defined 5

disabling 5

enabling 5

saving addresses 5

sticky MAC addresses

configuring 7

defined 4

storing captured packets to a.pcap file, Wireshark 8

Storm Control

displaying 6

enabling Broadcast 2

enabling Multicast 4

hardware-based, implementing 1

overview 1

software-based, implementing 2

STP

and REP 6

bridge ID 2

configuring 7–20

creating topology 5

defaults 7

disabling 20

enabling 8

enabling extended system ID 9

enabling Per-VLAN Rapid Spanning Tree 20

EtherChannel guard

disabling 7

forward-delay time 19

hello time 17

Layer 2 protocol tunneling 13

maximum aging time 18

overview 1, 3

per-VLAN rapid spanning tree 6

port cost 15

port priority 13

root bridge 9

stratum, NTP 2

stub routing (EIGRP)

benefits 18

configuration tasks 18

configuring 14

overview 13, 14

restrictions 18

verifying 19

subdomains, private VLAN 2

summer time 13

supervisor engine

accessing the redundant 14

configuring 8–13

copying files to standby 14

default configuration 1

default gateways 11

environmental monitoring 1

redundancy 1

ROM monitor 26

startup configuration 25

static routes 11

synchronizing configurations 11, 10

Supervisor Engine 7L-E, selecting the uplink port 25

Supervisor Engine II-TS

insufficient inline power handling 22, 12

Smartports macros

See also Auto Smartports macros

SVI Autostate Exclude

understanding 3

SVI Autostate exclude

configuring 8

S-VLAN 2, 7

switch 2

switch access with RADIUS, controlling 95

switch ports

See access ports

switched packets

and ACLs 29

Switched Port Analyzer

See SPAN

switchport

show interfaces 37, 38, 46, 47

switchport access vlan command 5, 7

switchport block multicast command 2

switchport block unicast command 2

switchport mode access command 7

switchport mode dot1q-tunnel command 6

switchport mode dynamic command 5

switchport mode trunk command 5

switchport trunk allowed vlan command 5

switchport trunk encapsulation command 5

switchport trunk native vlan command 5

switchport trunk pruning vlan command 6

switch-to-RADIUS server communication

configuring 32

sysret command 5

system

reviewing configuration 10

settings at startup 28

system alarms

overview 6

system and network statistics, displaying 24

system capabilities TLV 2

system clock

configuring

daylight saving time 13

manually 11

summer time 13

time zones 12

displaying the time and date 12

overview 2

See also NTP

system description TLV 2

system images

loading from Flash memory 31

modifying boot field 28

specifying 31

system message logging

default configuration 3

defining error message severity levels 8

disabling 3

displaying the configuration 12

enabling 4

facility keywords, described 12

level keywords, described 8

limiting messages 9

message format 2

overview 1

sequence numbers, enabling and disabling 7

setting the display destination device 4

synchronizing log messages 5

timestamps, enabling and disabling 6

UNIX syslog servers

configuring the daemon 10

configuring the logging facility 11

facilities supported 12

system MTU

802.1Q tunneling 5

maximums 5

system name

manual configuration 22

See also DNS

system name TLV 2

system prompt, default setting 21

T

TACACS+ 1

accounting, defined 16

authentication, defined 16

authorization, defined 16

configuring

accounting 21

authentication key 18

authorization 21

login authentication 19

default configuration 18

displaying the configuration 22

identifying the server 18

limiting the services to the user 21

operation of 17

overview 15

tracking services accessed by user 21

tagged packets

802.1Q 3

Layer 2 protocol 13

TCAM programming and ACLs 7

for Sup II-Plust thru V-10GE 7

TCAM programming and ACLs for Sup 6-E 10

TDR

checking cable connectivity 3

enabling and disabling test 3

guidelines 3

Telnet

accessing CLI 2

disconnecting user sessions 7

executing 5

monitoring user sessions 6

telnet command 6

templates, Ethernet OAM 45

Terminal Access Controller Access Control System Plus

See TACACS+

TFTP

configuration files in base directory 5

configuring for autoconfiguration 4

limiting access by servers 15

TFTP download

See also console download

threshold monitoring, IP SLAs 6

time

See NTP and system clock

Time Domain Reflectometer

See TDR

time exceeded messages 9

time zones 12

timer

See login timer

timestamps in log messages 6

TLV

host presence detection 8

TLVs

defined 7, 2

LLDP-MED 2

Token Ring

media not supported (note) 5, 9

Topology change notification processing

MLD Snooping

Topology change notification processing 4

TOS

description 4

trace command 9

traceroute

See IP traceroute

See Layer 2 Traceroute

traceroute mac command 11

traceroute mac ip command 11

track state, tracking IP SLAs 10

tracked lists

configuring 3

types 3

tracked objects

by Boolean expression 5

by threshold percentage 7

by threshold weight 6

tracking interface line-protocol state 2

tracking IP routing state 2

tracking objects 2

tracking process 2

traffic

blocking flooded 2

traffic control

using ACLs (figure) 4

using VLAN maps (figure) 6

traffic marking procedure flowchart 21, 55

traffic shaping 9

translational bridge numbers (defaults) 5

traps

configuring MAC address notification 31

configuring MAC move notification 33

configuring MAC threshold notification 35

configuring managers 11

defined 3

enabling 31, 33, 35, 11

notification types 11

overview 1, 4

troubleshooting

with CiscoWorks 4

with system message logging 1

with traceroute 8

Troubleshooting AVC with DNS-AS 24

troubleshooting high CPU due to ACLs 7

trunk failover

See link-state tracking

trunk ports

configure port security 17

configuring PVLAN 19–21

trunks

802.1Q restrictions 4

configuring 5

configuring access VLANs 5

configuring allowed VLANs 5

default interface configuration 5

enabling to non-DTP device 3

specifying native VLAN 5

understanding 3

trustpoint 3

TTL 3

tunnel ports

802.1Q, configuring 5

described 2

incompatibilities with other features 5

tunneling

defined 1

TwinGig Convertors

limitations on using 13

port numbering 13

selecting X2/TwinGig Convertor mode 14

TXT DNS Resource Record 3

TXT record 3

type length value

See TLV

type of service

See TOS

U

UDLD

configuring probe message interval per-interface 8

default configuration 3

disabling on fiber-optic interfaces 7

disabling on non-fiber-optic interfaces 7

displaying link status 9

enabling globally 5

enabling per-interface 6

modes of operation 3

resetting disabled LAN interfaces 8

use case 2

UDLD, overview 1

UDP jitter operation, IP SLAs 8

UDP jitter, configuring 9

unauthorized ports with 802.1X 4

unicast

See IP unicast

unicast flood blocking

configuring 1

unicast MAC address filtering

and adding static addresses 38

and broadcast MAC addresses 37

and CPU packets 37

and multicast addresses 37

and router MAC addresses 37

configuration guidelines 37

described 37

unicast MAC address filtering, configuring

ACLs

configuring unicast MAC address filtering 16

Unicast RPF (Unicast Reverse Path Forwarding)

applying 5

BGP attributes

caution 4

CEF

requirement 2

tables 7

configuring 9

(examples) ??–12

BOOTP 8

DHCP 8

enterprise network (figure) 6

prerequisites 9

routing table requirements 7

tasks 9

verifying 10

deploying 5

description 22, 1

disabling 11

enterprise network (figure) 6

FIB 2

implementing 4

packets, dropping (figure) 4

prerequisites 9

restrictions

basic 8

routing asymmetry 7

routing asymmetry (figure) 8

routing table requirements 7

security policy

applying 5

attacks, mitigating 5

deploying 5

tunneling 5

source addresses, validating 3

(figure) 3, 4

failure 3

traffic filtering 5

tunneling 5

validation

failure 3, 4

packets, dropping 3

source addresses 3

verifying 10

unicast traffic

blocking 2

Unidirectional Controlled Port, configuring 802.1X 66

unidirectional ethernet

enabling 2

example of setting 2

overview 1

UniDirectional Link Detection Protocol

See UDLD

Universal PoE, configuring 16

UNIX syslog servers

daemon configuration 10

facilities supported 12

message logging configuration 11

uplink forwarding

quad-supervisor 6

uplink mode, selecting on supervisor engine 6-E 20

uplink port, selecting on a supervisor engine 7L-E 25

UplinkFast

and MST 23

enabling 23

MST and 23

overview 19

usage examples, Wireshark 18

user EXEC mode 5

user sessions

disconnecting 7

monitoring 6

user-defined event triggers

configuring, 802.1X-based 8

configuring, MAC address-based 9

User-defined triggers and built-in macros, configuring mapping 9

V

VACLs

Layer 4 port operations 10

virtual configuration register 3

virtual LANs

See VLANs

virtual ports, MKA 4

Virtual Router Redundancy Protocol, introduction 23

Virtual Switch System(VSS), displaying EtherChannel to 20

VLAN ACLs

See VLAN maps

VLAN blocking, REP 13

vlan command 6

vlan dot1q tag native command 4

VLAN ID

service provider 8

VLAN ID translation

See VLAN mapping

VLAN ID, discovering 44

VLAN load balancing

REP 4

VLAN load balancing on flex links 2

configuration guidelines 5

VLAN load balancing, triggering 6

VLAN Management Policy Server

See VMPS

VLAN mapping

1-to-1 7

1-to-1, configuring 10

configuration guidelines 9

configuring 10

configuring on a trunk port 10

default 9

described 2, 7

selective QinQ 8

selective Q-in-Q, configuring 12

traditional QinQ 8

traditional Q-in-Q, configuring 11

types of 7

VLAN maps

applying to a VLAN 25

configuration example 26

configuration guidelines 22

configuring 21

creating and deleting entries 22

defined 41

denying access example 27

denying packets 23

displaying 28

order of entries 22

permitting packets 23

router ACLs and 29

using (figure) 5

using in your network 25

VLAN maps, PACL and Router ACLs 36

VLAN Trunking Protocol

See VTP

VLAN trunks

overview 3

VLAN User Distribution, configuring 802.1X 68

VLANs

allowed on trunk 5

configuration guidelines 3

configuring 5

configuring as Layer 3 interfaces 8

customer numbering in service-provider networks 3

default configuration 4

description 11

extended range 3

IDs (default) 4

interface assignment 7

limiting source traffic with RSPAN 23

monitoring with RSPAN 21

name (default) 4

normal range 3

overview 1

reserved range 3

See also PVLANs

VMPS

configuration file example 31

configuring dynamic access ports on client 24

configuring retry interval 26

database configuration file 31

dynamic port membership

example 28

reconfirming 25, 26

reconfirming assignments 25

reconfirming membership interval 26

server overview 20

VMPS client

administering and monitoring 27

configure switch

configure reconfirmation interval 26

dynamic ports 24

entering IP VMPS address 24

reconfirm VLAM membership 25

reconfirmation interval 26

default configuration 23

dynamic VLAN membership overview 23

troubleshooting dynamic port VLAN membership 28

VMPS server

fall-back VLAN 22

illegal VMPS client requests 22

overview 20

security modes

multiple 22

open 21

secure 21

voice aware 802.1x security

port-based authentication

configuring 74

described 21, 74

voice interfaces

configuring 1

Voice over IP

configuring 1

voice ports

configuring VVID 3

voice traffic 2, 5

voice VLAN

IP phone data traffic, described 2

IP phone voice traffic, described 2

voice VLAN ports

using 802.1X 21

Voice VLAN, configure 802.1X 73

VPN

configuring routing in 8

forwarding 3

routes 2

routing and forwarding table

See VRF

VRF

defining 3

tables 1

VRF-aware services

ARP 6, 15, 17

configuring 5, 14

ftp 16

ping 15

tftp 16

traceroute 16

uRPF 15

VRF-lite

description 23

VSS

dual-active detection

displaying 54

Enhanced PAgP, advantages 23

enhanced PAgP, configuring 52

Enhanced PAgP, description 23

fast-hello, configuring 53

VTP

client, configuring 16

configuration guidelines 12

default configuration 13

disabling 16

Layer 2 protocol tunneling 13

monitoring 19

overview 7

pruning

configuring 15

See also VTP version 2

server, configuring 16

statistics 19

transparent mode, configuring 16

version 2

enabling 15

VTP advertisements

description 9

VTP domains

description 8

VTP modes 8

VTP pruning

overview 10

VTP versions 2 and 3

overview 9

See also VTP

VTY and Network Assistant 12

VVID (voice VLAN ID)

and 802.1X authentication 21

configuring 3

W

WCCP

configuration examples 9

configuring on a router 2, 13

features 3

restrictions 5

service groups 5

Web Cache Communication Protocol

See WCCP 1

web cache services

description 4

web caches

See cache engines

web caching

See web cache services

See also WCCP

web-based authentication

authentication proxy web pages 4

description 43, 13, 1

web-based authentication, interactions with other features 4

weight thresholds in tracked lists 6

wireless mode 29, 30

Wireshark

activating and deactivating, capture points, conceptual 10

attachment points 6

capture filter 7

capture points 6

core system filter 7

decoding and displaying packets 9

display filter 7

feature interactions 10

filters 6

storing captured packets to a.pcap filter 8

usage examples 18

Wireshark, about 5

Wireshark, activating and deactivating a capture point 14

Wireshark, defining/modifying/deleting a capture point 12

Wireshark, displaying information 14

WS-X46490-CSFP-E, support on a 10-slot chassis 21

X

X.509v3 Certificates for SSH Authentication

Overview 2

Y

Y.1731

default configuration 29

described 27

ETH-AIS

Ethernet Alarm Signal function (ETH-AIS)

28

ETH-RDI 28

multicast Ethernet loopback 31

multicast ETH-LB 29

terminology 27