Text Part Number OL-9775-02
Americas Headquarters
Page
Iii
N T E N T S
Assigning the Switch IP Address and Default Gateway
Understanding Cisco Configuration Engine Software
Clustering Switches
Vii
Catalyst 1900 and Catalyst 2820 CLI Considerations
Viii
Creating a Banner
Changing the Default Privilege Level for Lines
Device Roles
Bypass
Xii
Routed Ports
Xiii
Monitoring and Maintaining the Interfaces
Xiv
Encapsulation Types
Domain Names
Xvi
Private-VLAN Configuration Guidelines
Xvii
Disabled State
Xviii
Boundary Ports
19-25
Xix
Dhcp Server
Xxi
Configuring Dynamic ARP Inspection
Xxii
Configuring MVR
Xxiii
Understanding Storm Control
Xxiv
Understanding Udld Modes of Operation
Xxv
Creating an Rspan Source Session
Xxvi
Snmp Agent Functions
Xxvii
Creating a Numbered Extended ACL
Xxviii
Interaction with Other Features and Switches
Xxix
Xxx
Port-Channel Interfaces
Xxxi
Configuring IP Addressing
Xxxii
Nonstop Forwarding Awareness
Xxxiii
IPv6 Addresses
Xxxiv
Configuring Hsrp Priority
Xxxv
Configuring IP Multicast Routing
Xxxvi
Configuring Basic Dvmrp Interoperability Features
Xxxvii
Using a Filter
45-14
Xxxviii
Xxxix
Configuring Online Diagnostics
Unsupported Route-Map Configuration Commands C-1
Xli
Hsrp
Xlii
VTP
Conventions
Preface
Audience
Purpose
Xliv
Related Publications
Xlv
Xlvi
Overview
Features
Availability and Redundancy Features, Vlan Features,
Deployment Features
Overview Features
Performance Features
Management Options
Manageability Features
Availability and Redundancy Features
Security Features
Vlan Features
Overview Features
QoS and CoS Features
Layer 3 Features
Power over Ethernet Features
Default Settings After Initial Switch Configuration
Monitoring Features
Vlan
Overview Default Settings After Initial Switch Configuration
Overview Default Settings After Initial Switch Configuration
Design Concepts for Using the Switch
Network Configuration Examples
Network Demands Suggested Design Methods
Cost-Effective Wiring Closet
High-Performance Wiring Closet
High-Performance Workgroup Gigabit-to-the-Desktop
Redundant Gigabit Backbone
Server Aggregation
Linux Server Cluster
Cisco SoftPhone Software Gigabit servers
Internet Cisco 2600 or 3700 routers Catalyst 3560-E switches
Large Network Using Catalyst 3750-E and 3560-E Switches
Cisco 7x00 routers Catalyst
Catalyst 3560-E
Multidwelling Network Using Catalyst 3750-E Switches
11 Catalyst 3750-E Switches in a MAN Configuration
Long-Distance, High-Bandwidth Transport Configuration
Access layer Aggregation layer
Where to Go Next
OL-9775-02
Understanding Command Modes
Using the Command-Line Interface
Ctrl-Z
Mode Access Method Prompt Exit Method About This Mode
Configure
Quit
Line vty or line
Console command
Command Purpose
Understanding the Help System
Command keyword ?
Understanding Abbreviated Commands
Understanding no and default Forms of Commands
Command ?
Understanding CLI Error Messages
Using Configuration Logging
Error Message Meaning How to Get Help
Action1 Result
Using Command History
Changing the Command History Buffer Size
Recalling Commands
Switch# terminal editing
Using Editing Features
Disabling the Command History Feature
Enabling and Disabling Editing Features
Capability Keystroke1 Purpose
Editing Commands through Keystrokes
Editing Command Lines that Wrap
Return and Space bar
Press Ctrl-L or Ctrl-R
Accessing the CLI
Command begin include exclude regular-expression
Switch# show interfaces include protocol
Using the Command-Line Interface Accessing the CLI
OL-9775-02
Understanding the Boot Process
Assigning the Switch IP Address and Default Gateway
Assigning Switch Information
Default Switch Information
Understanding DHCP-Based Autoconfiguration
Feature Default Setting
Dhcp Client and Server Message Exchange
Dhcp Client Request Process
Dhcp Server Configuration Guidelines
Configuring DHCP-Based Autoconfiguration
Configuring the DNS
Configuring the Tftp Server
Configuring the Relay Device
Obtaining Configuration Files
Routerconfig-if#ip helper-address
Tftpserver
Example Configuration
Dhcp Client Configuration
Switch a Switch B Switch C Switch D
DNS Server Configuration
Tftp Server Configuration on Unix
Manually Assigning IP Information
Checking and Saving the Running Configuration
Switch# show running-config
Switch# copy running-config startup-config
Modifying the Startup Configuration
Default Boot Configuration
Automatically Downloading a Configuration File
Configure terminal Enter global configuration mode
Booting Manually
Boot config-file flash/ file-url
Show boot
Boot system filesystem /file-url
Booting a Specific Software Image
Controlling Environment Variables
Boot system switch number all
Set Switchpriority
Set Manualboot yes Boot manual
Set Switchnumber
Switch current-stack-member-number renumber
Reload in hhmm text
Configuring a Scheduled Reload
Scheduling a Reload of the Software Image
Variable Description
Switch# reload at
Switch# reload at 0200 jun
Displaying Scheduled Reload Information
Understanding Cisco Configuration Engine Software
Configuring Cisco IOS CNS Agents
Configuration Engine Architectural Overview
Configuration Service
NameSpace Mapper
Event Service
ConfigID
What You Should Know About the CNS IDs and Device Hostnames
Using Hostname, DeviceID, and ConfigID
DeviceID
Hostname and DeviceID
Understanding Cisco IOS Agents
Initial Configuration
Enabling Automated CNS Configuration
Configuring Cisco IOS Agents
Incremental Partial Configuration
Synchronized Configuration
Device Required Configuration
Show cns event connections
Backup init-retry retry-count keepalive seconds
Show running-config
Enabling the CNS Event Agent
Enabling the Cisco IOS CNS Agent
Enabling an Initial Configuration
Cns id hardware-serial hostname string string
Cns config initial ip-address hostname
Cns id interface num dns-reverse ipaddress
Mac-address event
Show cns config stats
Enabling a Partial Configuration
Show running-config Verify your entries
Cns config partial ip-address hostname
Show cns event subject
Displaying CNS Configuration
Show cns config connections
Show cns event stats
Understanding Switch Stacks
Managing Switch Stacks
Managing Switch Stacks Understanding Switch Stacks
Switch Stack Membership
Creating a Switch Stack from Two Standalone Switches
Stack Master Election and Re-Election
Adding a Standalone Switch to a Switch Stack
Stack Member Numbers
Switch Stack Bridge ID and Router MAC Address
Stack Member Priority Values
Switch Stack Offline Configuration
Effects of Adding a Provisioned Switch to a Switch Stack
Scenario Result
Scenario Result
Effects of Replacing a Provisioned Switch in a Switch Stack
Switch Stack Software Compatibility Recommendations
Major Version Number Incompatibility Among Switches
Minor Version Number Incompatibility Among Switches
Stack Protocol Version Compatibility
Understanding Auto-Upgrade and Auto-Advise
Auto-Upgrade and Auto-Advise Example Messages
Switch
Directory
Mar 1 000422.537%IMAGEMGR-6-AUTOADVISESW
Switch Stack Configuration Files
Incompatible Software and Stack Member Image Upgrades
Switch Stack Management Connectivity
Connectivity to the Switch Stack Through an IP Address
Connectivity to the Switch Stack Through an SSH Session
Connectivity to Specific Stack Members
Switch Stack Configuration Scenarios
Use the switch stack-member-number
Priority new-priority-number global
Current-stack-member-number Renumber new-stack-member-number
Configuring the Switch Stack
Default Switch Stack Configuration
Enabling Persistent MAC Address
Time-value
Stack-mac persistent timer
Show switch
Switchconfig# stack-mac persistent timer
Setting the Stack Member Priority Value
Assigning Stack Member Information
Assigning a Stack Member Number
Provisioning a New Member for a Switch Stack
Show switch stack-member-number
Accessing the CLI of a Specific Stack Member
Displaying Switch Stack Information
Command Description
Show switch stack-ports
Show switch stack-ring activity
Detail
OL-9775-02
Understanding Switch Clusters
Clustering Switches
Switch Cisco IOS Release Cluster Capability
Standby Cluster Command Switch Characteristics
Cluster Command Switch Characteristics
Candidate Switch and Cluster Member Switch Characteristics
Planning a Switch Cluster
Discovery Through CDP Hops
Automatic Discovery of Cluster Candidates and Members
Discovery Through CDP Hops
Discovery Through Different VLANs
Discovery Through Different VLANs
Discovery Through Different Management VLANs
Discovery Through Routed Ports
New out-of-box
Discovery of Newly Installed Switches
Hsrp and Standby Cluster Command Switches
Other Considerations for Cluster Standby Groups
Virtual IP Addresses
Automatic Recovery of Cluster Configuration
Hostnames
IP Addresses
Snmp Community Strings
Passwords
Switch Clusters and Switch Stacks
Switch Stack Switch Cluster
Members Other cluster member switches
LRE Profiles
TACACS+ and Radius
Using the CLI to Manage Switch Clusters
Switch# rcommand
Catalyst 1900 and Catalyst 2820 CLI Considerations
Snmp Management for a Cluster
Using Snmp to Manage Switch Clusters
OL-9775-02
Administering the Switch
Managing the System Time and Date
Understanding the System Clock
NTP
Understanding Network Time Protocol
Typical NTP Network Configuration
Configuring NTP
Default NTP Configuration
Configuring NTP Authentication
Ntp authenticate
Configuring NTP Associations
Key keyid source interface prefer
Configuring NTP Broadcast Service
Switchconfig# ntp server 172.16.22.44 version
Ntp peer ip-address version number
Ntp broadcast client
Interface interface-id
Ntp broadcast version number key keyid
Destination-address
Serve-onl y serve peer
Configuring NTP Access Restrictions
Ntp broadcastdelay microseconds
Ntp access-group query-only
Command Purpose
Interface interface-id
Configuring the Source IP Address for NTP Packets
Fundamentals Command Reference, Release
Configuring Time and Date Manually
Displaying the NTP Configuration
Setting the System Clock
Minutes-offset
Displaying the Time and Date Configuration
Configuring the Time Zone
Clock timezone zone hours-offset
Hh mm offset
Configuring Summer Time Daylight Saving Time
Clock summer-time zone recurring
Week day month hh mm week day month
Configuring a System Name and Prompt
Clock summer-time zone date month
Clock summer-time zone date date
Understanding DNS
Default System Name and Prompt Configuration
Configuring a System Name
Copy running-config startup-confi g
Ip name-server server-address1
Default DNS Configuration
Setting Up DNS
Ip domain-name name
Default Banner Configuration
Displaying the DNS Configuration
Creating a Banner
Configuring a Message-of-the-Day Login Banner
Banner motd c message c
Unix telnet
Configuring a Login Banner
Banner login c message c
Managing the MAC Address Table
MAC Addresses and VLANs
Building the Address Table
MAC Addresses and Switch Stacks
Default MAC Address Table Configuration
Changing the Address Aging Time
Show mac address-table aging-time
Configuring MAC Address Notification Traps
Removing Dynamic Address Entries
Mac address-table aging-time
Mac address-table notification
String by using the snmp-server community
Snmp-server enable traps mac-notification
Snmp-server host host-addr traps informs version
Adding and Removing Static Address Entries
Show mac address-table static
Configuring Unicast MAC Address Filtering
Mac address-table static mac-addr
Vlan vlan-id interface interface-id
Vlan vlan-id drop
Displaying Address Table Entries
Managing the ARP Table
OL-9775-02
Understanding the SDM Templates
Configuring SDM Templates
Dual IPv4 and IPv6 SDM Templates
Resource Access Default Routing
IPv4-and-IPv6 Resource Default Routing
SDM Templates and Switch Stacks
Configuring the Switch SDM Template
Default SDM Template
SDM Template Configuration Guidelines
Vlan routing vlan
Setting the SDM Template
Sdm prefer access default
Dual-ipv4-and-ipv6 default routing
Switchconfig# sdm prefer routing
Switchconfig# sdm prefer dual-ipv4-and-ipv6 default
Displaying the SDM Templates
Policy based routing aces 25K
OL-9775-02
Preventing Unauthorized Access to Your Switch
Configuring Switch-Based Authentication
Default Password and Privilege Level Configuration
Protecting Access to Privileged Exec Commands
Setting or Changing a Static Enable Password
Enable password password
Switchconfig# enable password l1u2c3k4y5
Service password-encryption
Enable password level level password
Encryption-type encrypted-password
Enable secret level level password
Disabling Password Recovery
No service password-recovery
Show version
Switchconfig-line#password let45me67in89
Setting a Telnet Password for a Terminal Line
Configuring Username and Password Pairs
Password password
Username name privilege level
Configuring Multiple Privilege Levels
Username command
Login local
Setting the Privilege Level for a Command
Privilege mode level level command
Show privilege
Changing the Default Privilege Level for Lines
Command
Logging into and Exiting a Privilege Level
Understanding TACACS+
Controlling Switch Access with TACACS+
Typical TACACS+ Network Configuration
TACACS+ Operation
Configuring TACACS+
Aaa group server tacacs+ group-name
Default TACACS+ Configuration
Tacacs-server host hostname port
Aaa new-model
Configuring TACACS+ Login Authentication
Aaa new-model Enable AAA
Show tacacs Verify your entries
Line console tty vty line-number
Aaa authentication login default
Login authentication default
Authentication login command
Show running-config Verify your entries
Controlling Switch Access with Radius
Displaying the TACACS+ Configuration
Starting TACACS+ Accounting
Understanding Radius
Radius Operation
Transitioning from Radius to TACACS+ Services
Configuring Radius
Default Radius Configuration
Identifying the Radius Server Host
Page
Seconds retransmit retries key
Acct-port port-number timeout
Radius-server host hostname
Ip-address auth-port port-number
Switchconfig# radius-server host host1
Configuring Radius Login Authentication
Server Host section on
Defining AAA Server Groups
Aaa group server radius group-name
Radius
Aaa authorization network radius
Starting Radius Accounting
Radius-server retransmit retries
Configuring Settings for All Radius Servers
Radius-server timeout seconds
Radius-server key string
Cisco-avpair=ipoutacl#2=deny ip 10.10.10.10 0.0.255.255 any
Authentication
Radius-server vsa send accounting
Cisco-avpair=shellpriv-lvl=15
Controlling Switch Access with Kerberos
Displaying the Radius Configuration
Radius-server host hostname ip-address non-standard
Understanding Kerberos
KDC
Term Definition
Srvtab
Authenticating to a Boundary Switch
Kerberos Operation
Keytab
Configuring Kerberos
Authenticating to Network Services
Obtaining a TGT from a KDC
Aaa authentication login default local
Aaa authorization exec local
Aaa authorization network local
Configuring the Switch for Secure Shell
Username command
Username name privilege level
SSH Servers, Integrated Clients, and Supported Versions
Understanding SSH
Configuring SSH
Configuration Guidelines
Limitations
Setting Up the Switch to Run SSH
Authentication-retries number
Displaying the SSH Configuration and Status
Configuring the SSH Server
Ip ssh timeout seconds
Configuring the Switch for Secure Socket Layer Http
Understanding Secure Http Servers and Clients
Certificate Authority Trustpoints
Rsakeypair TP-self-signed-3080755072
Configuring Secure Http Servers and Clients
Default SSL Configuration
CipherSuites
Configuring a CA Trustpoint
SSL Configuration Guidelines
Configuring the Secure Http Server
Ip http client secure-trustpoint name
Configuring the Secure Http Client
Ip http timeout-policy idle seconds life
Show ip http server secure status
Show ip http client secure status
Configuring the Switch for Secure Copy Protocol
Displaying Secure Http Server and Client Status
Ip http client secure-ciphersuite
Html
Information About Secure Copy
OL-9775-02
Configuring Ieee 802.1x Port-Based Authentication
Understanding Ieee 802.1x Port-Based Authentication
10-1
10-2
Device Roles
10-3
Authentication Process
10-4
Authentication Flowchart
10-5
Authentication Initiation and Message Exchange
EAPOL-Start
10-6
Ieee 802.1x Authentication and Switch Stacks
Ports in Authorized and Unauthorized States
10-7
10-8
Ieee 802.1x Host Mode
10-9
Ieee 802.1x Accounting
Ieee 802.1x Accounting Attribute-Value Pairs
Attribute Number AV Pair Name
10-10
Using Ieee 802.1x Authentication with Vlan Assignment
10-11
Using Ieee 802.1x Authentication with Per-User ACLs
10-12
Using Ieee 802.1x Authentication with Guest Vlan
10-13
Using Ieee 802.1x Authentication with Restricted Vlan
10-14
10-15
Using Ieee 802.1x Authentication with Voice Vlan Ports
10-16
Using Ieee 802.1x Authentication with Port Security
10-17
Using Ieee 802.1x Authentication with Wake-on-LAN
10-18
Using Multidomain Authentication
Network Admission Control Layer 2 Ieee 802.1x Validation
10-19
Using Web Authentication
For example
10-20
10-21
Configuring Ieee 802.1x Authentication
Default Ieee 802.1x Authentication Configuration
AAA
10-22
Ieee 802.1x Authentication Configuration Guidelines
Ieee 802.1x Authentication
10-23
10-24
Configuring Ieee 802.1x Authentication
MAC Authentication Bypass
10-25
10-26
Configuring the Switch-to-RADIUS-Server Communication
10-27
Ip-address auth-port port-number key
Show dot1x interface interface-id
Configuring the Host Mode
Dot1x host-mode multi-host
Multi-domain
Configuring Periodic Re-Authentication
Manually Re-Authenticating a Client Connected to a Port
10-29
Show dot1x interface interface-id Verify your entries
Changing the Switch-to-Client Retransmission Time
Dot1x timeout tx-period seconds
Changing the Quiet Period
Dot1x max-reauth-req count
Setting the Switch-to-Client Frame-Retransmission Number
Switchconfig-if#dot1x timeout tx-period
Show dot1xinterface interface-id Verify your entries
10-32
Setting the Re-Authentication Number
Configuring Ieee 802.1x Accounting
Switchconfig-if#dot1x max-reauth-req
10-33
Configuring a Guest Vlan
Dot1x guest-vlan vlan-id
Configuring a Restricted Vlan
Switchport mode private-vlan host
Switchconfig# interface gigabitethernet2/0/2
10-35
Dot1x auth-fail vlan vlan-id
Dot1x auth-fail max-attempts max
Attempts
Tries tries
Configuring the Inaccessible Authentication Bypass Feature
Switchconfig-if#dot1x auth-fail max-attempts
Radius-server dead-criteria time time
10-37
Show dot1x interface interface-id
Configuring Ieee 802.1x Authentication with WoL
Dot1x critical recovery action
Reinitialize vlan vlan-id
Dot1x control-direction both
Configuring MAC Authentication Bypass
Switchconfig-if#dot1x control-direction both
Switchconfig-if#dot1x mac-auth-bypass
10-40
Configuring NAC Layer 2 Ieee 802.1x Validation
10-41
Configuring Web Authentication
10-42
10-43
Disabling Ieee 802.1x Authentication on the Port
No dot1x pae Disable Ieee 802.1x authentication on the port
Dot1x fallback fallback-profile
10-44
Displaying Ieee 802.1x Statistics and Status
Configuring Interface Characteristics
Understanding Interface Types
11-1
Switch Ports
Port-Based VLANs
11-2
Access Ports
Trunk Ports
11-3
Routed Ports
Tunnel Ports
11-4
Switch Virtual Interfaces
EtherChannel Port Groups
11-5
11-6
Power over Ethernet Ports
Gigabit Ethernet Interfaces
Supported Protocols and Standards
Powered-Device Detection and Initial Power Allocation
Class
11-7
11-8
Power Management Modes
11-9
Power Monitoring and Power Policing
11-10
Maximum Power Allocation Cutoff Power on a PoE Port
11-11
Connecting Interfaces
11-12
Ethernet Management Port
11-13
Connecting a Switch Stack to a PC
11-14
Tftp
Mgmtclr
Using Interface Configuration Mode
Mgmtinit
Mgmtshow
11-16
Procedures for Configuring Interfaces
Show interfaces interface-id
Configuring a Range of Interfaces
Interface range port-range macro
Macroname
11-18
Interface range macro macroname
Configuring and Using Interface Range Macros
Show running-config include define
Define interface-range macroname
11-20
Configuring Ethernet Interfaces
Switch# show running-config include define
Switch# show run include define
11-21
Default Ethernet Interface Configuration
Configuring Interface Speed and Duplex Mode
Speed and Duplex Configuration Guidelines
11-22
Duplex auto full half
Setting the Interface Speed and Duplex Parameters
Speed 10 100 1000 auto 10
Nonegotiate
Configuring Ieee 802.3x Flow Control
Flowcontrol receive on off desired
11-24
11-25
Configuring Auto-MDIX on an Interface
Local Side Auto-MDIX
With Correct Cabling
Configuring a Power Management Mode on a PoE Port
Interface-id phy
11-26
Neve r static max max-wattage
Budgeting Power for Devices Connected to a PoE Port
Power inline auto max max-wattage
Show power inline i nterface-id
11-28
Wattage
11-29
Configuring Power Policing
11-30
Adding a Description for an Interface
11-31
Configuring Layer 3 Interfaces
Configuring Ethernet Management Ports
Switch# show interfaces gigabitethernet1/0/2 description
11-32
No switchport
Interface gigabitethernet interface-id vlan vlan-id
No shutdown
11-33
Configuring the System MTU
11-34
Use the system mtu jumbo Use the system mtu routing
System mtu jumbo bytes
System mtu routing bytes
Show system mtu
Configuring the Cisco Redundant Power System
System mtu bytes
Reload
11-36
Power rps switch-number name string serialnumber
Power rps switch-number port rps-port-id mode active
Standby
Show env rps
Configuring the Power Supplies
Power supply switch-numberoff on
Show env power
Monitoring and Maintaining the Interfaces
Monitoring Interface Status
11-38
11-39
Clearing and Resetting Interfaces and Counters
11-40
Shutting Down and Restarting the Interface
Interface vlan vlan-id gigabitethernet interface-id
Shutdown
Configuring Smartports Macros
Understanding Smartports Macros
12-1
12-2
Configuring Smartports Macros
Default Smartports Macro Configuration
Macro Name Description
12-3
Smartports Macro Configuration Guidelines
Show parser macro name macro-name
Creating Smartports Macros
Macro name macro-name
Name Sample-Macro and macro name sample-macro will result
12-5
Applying Smartports Macros
12-6
Applying Cisco-Default Smartports Macros
Show parser macro
Show parser macro macro-name
Switch# show parser macro cisco-desktop
Switchconfig-if#macro apply cisco-desktop $AVID
12-7
12-8
Displaying Smartports Macros
Show parser macro brief
Show parser macro description interface
Configuring VLANs
Understanding VLANs
13-1
13-2
Supported VLANs
Vlan Port Membership Modes
13-3
13-4
Configuring Normal-Range VLANs
13-5
Vlan ID
Normal-Range Vlan Configuration Guidelines
Token Ring VLANs
13-6
Vlan Configuration in Vlan Database Configuration Mode
Vlan Configuration Mode Options
Saving Vlan Configuration
Vlan Configuration in config-vlan Mode
13-8
Default Ethernet Vlan Configuration
Parameter Default Range
VLANxxxx, where
13-9
Copy running-config startup config
Creating or Modifying an Ethernet Vlan
Remote-span
Deleting a Vlan
Vlan database
13-10
Show vlan brief
Assigning Static-Access Ports to a Vlan
Switchport access vlan vlan-id
No vlan vlan-id
Vlan fields of the display
Configuring Extended-Range VLANs
Default Vlan Configuration
Show interfaces interface-id switchport
13-13
Extended-Range Vlan Configuration Guidelines
13-14
Vtp mode transparent
Creating an Extended-Range Vlan
Show vlan id vlan-id
Show vlan internal usage
Switchconfig# vtp mode transparent
Switch# copy running-config startup config
Creating an Extended-Range Vlan with an Internal Vlan ID
Trunking Overview
Configuring Vlan Trunks
Command Command Mode Purpose
Displaying VLANs
13-17
Switches in an ISL Trunking Environment
13-18
Mode Function
Encapsulation Types
Encapsulation Function
13-19
Default Layer 2 Ethernet Interface Vlan Configuration
Configuring an Ethernet Interface as a Trunk Port
Ieee 802.1Q Configuration Considerations
13-20
Interaction with Other Features
Configuring a Trunk Port
Dot1q negotiate
13-21
Defining the Allowed VLANs on a Trunk
13-22
Switchport trunk allowed vlan add
Changing the Pruning-Eligible List
All except remove vlan-list
Vlan ,vlan
Configuring the Native Vlan for Untagged Traffic
Switchport trunk pruning vlan add
Except none remove vlan-list
13-24
Configuring Trunk Ports for Load Sharing
Load Sharing Using STP Port Priorities
Switchport trunk native vlan vlan-id
13-25
Exit Return to global configuration mode
Load Sharing Using STP Path Cost
Or switch stack
Connect to the trunk ports configured on Switch a
Spanning-tree vlan 2-4 cost
Switchport trunk encapsulation
Interface gigabitethernet1/0/1
Isl dot1q negotiate
Configuring Vmps
Understanding Vmps
13-28
13-29
Default Vmps Client Configuration
Vmps Configuration Guidelines
Dynamic-Access Port Vlan Membership
Configuring the Vmps Client
Entering the IP Address of the Vmps
13-30
Vmps reconfirm
Configuring Dynamic-Access Ports on Vmps Clients
Switchport access vlan dynamic
Reconfirming Vlan Memberships
13-32
Changing the Reconfirmation Interval
Changing the Retry Count
Vmps reconfirm minutes
Monitoring the Vmps
Troubleshooting Dynamic-Access Port Vlan Membership
Vmps Configuration Example
Switch# show vmps
13-34
Dynamic Port Vlan Membership Configuration
Configuring VTP
Understanding VTP
14-1
14-2
VTP Domain
14-3
VTP Mode Description
VTP Modes
VTP Advertisements
VTP Version
VTP Pruning
14-4
Vlan
14-5
Configuring VTP
VTP and Switch Stacks
14-6
14-7
Default VTP Configuration
VTP Configuration Options
VTP Configuration in Global Configuration Mode
Domain Names
VTP Configuration Guidelines
VTP Configuration in Vlan Database Configuration Mode
Passwords
14-9
Configuring a VTP Server
Configuration Requirements
VTP Version
Vtp server
Vtp password password
Vtp password password
Show vtp status
14-11
Configuring a VTP Client
Vtp mode client
Switch# vlan database
14-12
Disabling VTP VTP Transparent Mode
Enabling VTP Version
Vtp version
14-13
14-14
Adding a VTP Client Switch to a VTP Domain
Enabling VTP Pruning
Vtp pruning
14-15
14-16
Monitoring VTP
Configuring Voice Vlan
Understanding Voice Vlan
15-1
Cisco IP Phone Voice Traffic
Cisco IP Phone Data Traffic
15-2
15-3
Configuring Voice Vlan
Default Voice Vlan Configuration
Voice Vlan Configuration Guidelines
15-4
Configuring a Port Connected to a Cisco 7960 IP Phone
15-5
Configuring Cisco IP Phone Voice Traffic
15-6
Configuring the Priority of Incoming Data Frames
15-7
Displaying Voice Vlan
15-8
Configuring Private VLANs
Understanding Private VLANs
16-1
Private-VLAN Domain
16-2
16-3
IP Addressing Scheme with Private VLANs
Private VLANs across Multiple Switches
Private-VLAN Interaction with Other Features
16-4
Private VLANs and Unicast, Broadcast, and Multicast Traffic
Private VLANs and SVIs
16-5
16-6
Configuring Private VLANs
Tasks for Configuring Private VLANs
Private VLANs and Switch Stacks
16-7
Default Private-VLAN Configuration
Private-VLAN Configuration Guidelines
Secondary and Primary Vlan Configuration
16-8
Private-VLAN Port Configuration
16-9
Limitations with Other Features
16-10
Configuring and Associating VLANs in a Private Vlan
Show vlan private-vlan type
Show interfaces status
16-11
Primaryvlanid secondaryvlanid
Configuring a Layer 2 Interface as a Private-VLAN Host Port
Switchport private-vlan host-association
Switch# show interfaces gigabitethernet1/0/22 switchport
16-13
Switchport mode private-vlan promiscuous
Switchport private-vlan mapping primaryvlanid
Add remove secondaryvlanlist
Show interface private-vlan mapping
Switch# show interfaces private-vlan mapping
Interface vlan primaryvlanid
Private-vlan mapping add remove
16-15
Monitoring Private VLANs
16-16
Configuring Ieee 802.1Q and Layer 2 Protocol Tunneling
Understanding Ieee 802.1Q Tunneling
17-1
17-2
Ieee 802.1Q Tunnel Ports in a Service-Provider Network
17-3
Native VLANs
Configuring Ieee 802.1Q Tunneling
Default Ieee 802.1Q Tunneling Configuration
Ieee 802.1Q Tunneling Configuration Guidelines
17-5
System MTU
17-6
Ieee 802.1Q Tunneling and Other Features
Show vlan dot1q tag native
Configuring an Ieee 802.1Q Tunneling Port
Vlan dot1q tag native
Show dot1q-tunnel
17-8
Understanding Layer 2 Protocol Tunneling
Layer 2 Protocol Tunneling
17-9
17-10
Configuring Layer 2 Protocol Tunneling
17-11
Default Layer 2 Protocol Tunneling Configuration
17-12
Layer 2 Protocol Tunneling Configuration Guidelines
17-13
Configuring Layer 2 Protocol Tunneling
Pagp lacp udld
Configuring Layer 2 Tunneling for EtherChannels
Configuring the SP Edge Switch
L2protocol-tunnel point-to-point
17-15
17-16
Configuring the Customer Switch
Switchconfig-if#channel-group 1 mode desirable
Switchconfig# interface port-channel
17-17
17-18
Monitoring and Maintaining Tunneling Status
Configuring STP
Understanding Spanning-Tree Features
18-1
18-2
STP Overview
18-3
Spanning-Tree Topology and BPDUs
18-4
Bridge ID, Switch Priority, and Extended System ID
32768 16384 8192 4096 2048 1024 512 256 128
Switch Priority Value
Spanning-Tree Interface States
Bit
18-6
2illustrates how an interface moves through the states
Forwarding State
Blocking State
Listening State
Learning State
How a Switch or Port Becomes the Root Switch or Root Port
Disabled State
18-8
18-9
Spanning Tree and Redundant Connectivity
Spanning-Tree Address Management
Accelerated Aging to Retain Connectivity
Spanning-Tree Modes and Protocols
Supported Spanning-Tree Instances
18-10
Rapid PVST+
Spanning-Tree Interoperability and Backward Compatibility
STP and Ieee 802.1Q Trunks
VLAN-Bridge Spanning Tree
Configuring Spanning-Tree Features
Spanning Tree and Switch Stacks
18-12
Default Spanning-Tree Configuration
Spanning-Tree Configuration Guidelines
18-13
18-14
18-15
Changing the Spanning-Tree Mode
18-16
Configuring the Root Switch
Disabling Spanning Tree
Show spanning-tree vlan vlan-id Verify your entries
18-17
Spanning-tree vlan vlan-id root primary
Diameter net-diameter hello-time seconds
Show spanning-tree detail
Diameter net-diameter hello-time
Configuring a Secondary Root Switch
Configuring Port Priority
Spanning-tree vlan vlan-id root secondary
Show spanning-tree vlan vlan-id
Spanning-tree port-priority priority
Spanning-tree vlan vlan-id port-priority priority
Show spanning-tree interface interface-id
Spanning-tree vlan vlan-id cost cost
Configuring Path Cost
Port-channel-number
Spanning-tree cost cost
Configuring the Switch Priority of a Vlan
Spanning-tree vlan vlan-id priority priority
18-21
18-22
Configuring Spanning-Tree Timers
Configuring the Hello Time
Spanning-tree vlan vlan-id hello-time seconds
Spanning-tree vlan vlan-idmax-age seconds
Configuring the Forwarding-Delay Time for a Vlan
Configuring the Maximum-Aging Time for a Vlan
Spanning-tree vlan vlan-id forward-time
18-24
Configuring the Transmit Hold-Count
Displaying the Spanning-Tree Status
Show spanning-tree detail Verify your entries
19-1
Configuring Mstp
Understanding Mstp
Multiple Spanning-Tree Regions
19-2
IST, CIST, and CST
Operations Within an MST Region
19-3
19-4
Operations Between MST Regions
19-5
Hop Count
Ieee 802.1s Terminology
Cisco Prestandard Cisco Standard
Boundary Ports
Ieee 802.1s Implementation
19-6
Interoperation Between Legacy and Standard Switches
Port Role Naming Change
19-7
Mstp and Switch Stacks
Detecting Unidirectional Link Failure
19-8
19-9
Understanding Rstp
Interoperability with Ieee 802.1D STP
Port Roles and the Active Topology
19-10
Rapid Convergence
19-11
Synchronization of Port Roles
Bridge Protocol Data Unit Format and Processing
Bit Function
19-12
19-13
Topology Changes
Processing Superior Bpdu Information
Processing Inferior Bpdu Information
19-14
Configuring Mstp Features
Default Mstp Configuration
Mstp Configuration Guidelines
19-15
Name name
Specifying the MST Region Configuration and Enabling Mstp
Spanning-tree mst configuration
Instance instance-id vlan vlan-range
Exit
Spanning-tree mode mst
Revision version
Show pending
19-18
Spanning-tree mst instance-id root primary
19-19
Spanning-tree mst instance-id port-priority priority
Show spanning-tree mst interface interface-id
19-20
19-21
Spanning-tree mst instance-id cost cost
19-22
Configuring the Switch Priority
Configuring the Hello Time
Spanning-tree mst instance-id priority priority
Show spanning-tree mst
Configuring the Forwarding-Delay Time
Show spanning-tree mst Verify your entries
Spanning-tree mst forward-time seconds
Spanning-tree mst max-age seconds
Configuring the Maximum-Aging Time
Configuring the Maximum-Hop Count
Specifying the Link Type to Ensure Rapid Transitions
19-25
Designating the Neighbor Type
Displaying the MST Configuration and Status
Restarting the Protocol Migration Process
19-26
Configuring Optional Spanning-Tree Features
Understanding Optional Spanning-Tree Features
20-1
Understanding Port Fast
Understanding Bpdu Guard
20-2
Understanding Bpdu Filtering
Understanding UplinkFast
20-3
20-4
Switches in a Hierarchical Network
20-5
Understanding Cross-Stack UplinkFast
20-6
How Csuf Works
Understanding BackboneFast
Events that Cause Fast Convergence
20-7
BackboneFast Example Before Indirect Link Failure
20-8
20-9
Adding a Switch in a Shared-Medium Topology
Understanding EtherChannel Guard
Understanding Root Guard
20-10
20-11
Understanding Loop Guard
20-12
Default Optional Spanning-Tree Configuration
Optional Spanning-Tree Configuration Guidelines
Enabling Port Fast
Portfast
Spanning-tree portfast trunk interface configuration
Enabling Bpdu Guard
Spanning-tree portfast trunk
Spanning-tree portfast Enable the Port Fast feature
Enabling Bpdu Filtering
20-14
20-15
Enabling UplinkFast for Use with Redundant Links
Enabling BackboneFast
Spanning-tree uplinkfast max-update-rate
Uplinkfast command
Enabling Cross-Stack UplinkFast
20-17
Spanning-tree backbonefast Enable BackboneFast
Enabling EtherChannel Guard
Show spanning-tree summary Verify your entries
Enabling Root Guard
Enabling Loop Guard
20-18
20-19
20-20
21-1
Flex Links
Switchport backup interface preemption delay commands
Vlan Flex Link Load Balancing and Support
21-2
21-3
MAC Address-Table Move Update
21-4
MAC Address-Table Move Update Example
Configuration Guidelines
Default Configuration
21-5
Switch# show interface switchport backup
Configuring Flex Links
Switchport backup interface interface-id
Show interface interface-id switchport backup
21-7
Switchport backup interface interface-id preemption
Mode forced bandwidth off
Delay delay-time
Switch#show interfaces switchport backup
Configuring Vlan Load Balancing on Flex Links
Switchport backup interface interface-id prefer vlan
Show interfaces interface-id switchport backup
21-9
Configuring the MAC Address-Table Move Update Feature
Switchport backup interface interface-idmmu
Primary vlan vlan-id
21-10
End Return to global configuration mode
Switchconf# mac address-table move update transmit
Switch# show mac-address-table move update
21-11
Monitoring Flex Links and the MAC Address-Table Move Update
21-12
Configuring Dhcp Features and IP Source Guard
Understanding Dhcp Features
22-1
22-2
Dhcp Server
Dhcp Relay Agent
Dhcp Snooping
22-3
Option-82 Data Insertion
Dhcp Relay Agent in a Metropolitan Ethernet Network
22-4
22-5
Remote ID Suboption Frame Format
22-6
Cisco IOS Dhcp Server Database
Dhcp Snooping Binding Database
Release
22-7
22-8
Configuring Dhcp Features
Dhcp Snooping and Switch Stacks
Default Dhcp Configuration
22-9
Dhcp Snooping Configuration Guidelines
Configuring the Dhcp Server
Dhcp Server and Switch Stacks
22-10
22-11
Configuring the Dhcp Relay Agent
Specifying the Packet Forwarding Address
Ip helper-address address
Interface range port-range
Switchport mode access
Switchport access vlan vlan-id
Enabling Dhcp Snooping and Option
22-13
Ip dhcp snooping database
Enabling Dhcp Snooping on Private VLANs
Enabling the Cisco IOS Dhcp Server Database
Enabling the Dhcp Snooping Binding Database Agent
22-15
Displaying Dhcp Snooping Information
Understanding IP Source Guard
Source IP Address Filtering
22-16
Source IP and MAC Address Filtering
Configuring IP Source Guard
Default IP Source Guard Configuration
IP Source Guard Configuration Guidelines
22-18
Enabling IP Source Guard
22-19
Displaying IP Source Guard Information
22-20
Configuring Dynamic ARP Inspection
Understanding Dynamic ARP Inspection
23-1
ARP Cache Poisoning
23-2
23-3
Interface Trust States and Network Security
Rate Limiting of ARP Packets
Relative Priority of ARP ACLs and Dhcp Snooping Entries
23-4
23-5
Configuring Dynamic ARP Inspection
Default Dynamic ARP Inspection Configuration
Logging of Dropped Packets
23-6
Dynamic ARP Inspection Configuration Guidelines
23-7
Configuring Dynamic ARP Inspection in Dhcp Environments
Show cdp neighbors
Ip arp inspection vlan vlan-range
23-8
Configuring ARP ACLs for Non-DHCP Environments
23-9
Specified with the ip arp inspection vlan logging
Show arp access-list acl-name
Limiting the Rate of Incoming ARP Packets
No ip arp inspection trust
23-11
Performing Validation Checks
Show ip arp inspection vlan
Configuring the Log Buffer
Ip arp inspection validate
Src-mac dst-mac ip
Ip arp inspection log-buffer entries
Number logs number interval
23-13
23-14
Displaying Dynamic ARP Inspection Information
Show ip arp inspection log
Clear ip arp inspection statistics
Show ip arp inspection statistics vlan
Clear ip arp inspection log
23-16
24-1
Configuring Igmp Snooping and MVR
24-2
Understanding Igmp Snooping
Igmp Versions
Joining a Multicast Group
24-3
24-4
224.1.2.3
24-5
Leaving a Multicast Group
24-6
Igmp Configurable-Leave Timer
Immediate Leave
Igmp Report Suppression
PIM-DVMRP
Configuring Igmp Snooping
Igmp Snooping and Switch Stacks
Default Igmp Snooping Configuration
Enabling or Disabling Igmp Snooping
Ip igmp snooping vlan vlan-id
24-8
Show ip igmp snooping
Setting the Snooping Method
Ip igmp snooping vlan vlan-id mrouter
Learn cgmp pim-dvmrp
Configuring a Multicast Router Port
Show ip igmp snooping mrouter vlan vlan-id
24-10
Show ip igmp snooping groups
Configuring a Host Statically to Join a Group
Enabling Igmp Immediate Leave
Ip igmp snooping vlan vlan-id static ipaddress
24-12
Configuring the Igmp Leave Timer
Count
Configuring TCN-Related Commands
Recovering from Flood Mode
Controlling the Multicast Flooding Time After a TCN Event
Disabling Multicast Flooding During a TCN Event
No ip igmp snooping tcn flood
24-14
24-15
Configuring the Igmp Snooping Querier
Disabling Igmp Report Suppression
No ip igmp snooping report-suppression
24-16
24-17
Displaying Igmp Snooping Information
24-18
Understanding Multicast Vlan Registration
24-19
Using MVR in a Multicast Television Application
24-20
Configuring MVR
Default MVR Configuration
MVR
24-21
MVR Configuration Guidelines and Limitations
Configuring MVR Global Parameters
Mvr Enable MVR on the switch
24-22
Configuring MVR Interfaces
Show mvr interface Show mvr members
Mvr type source receiver
Mvr immediate
Show mvr
Configuring Igmp Filtering and Throttling
Displaying MVR Information
24-24
Default Igmp Filtering and Throttling Configuration
Configuring Igmp Profiles
24-25
Show ip igmp profile profile number
Ip igmp profile profile number
Permit deny
Range ip multicast address
Ip igmp filter profile number
Setting the Maximum Number of Igmp Groups
Switch# show ip igmp profile
Applying Igmp Profiles
Interface-id
Configuring the Igmp Throttling Action
Show running-config interface Verify the configuration
EtherChannel group or a EtherChannel interface
Show ip igmp profile profile
Displaying Igmp Filtering and Throttling Configuration
Ip igmp max-groups action deny
Replace
24-30
Configuring IPv6 MLD Snooping
Understanding MLD Snooping
25-1
25-2
25-3
MLD Messages
MLD Queries
Multicast Client Aging Robustness
25-4
Multicast Router Discovery
MLD Reports
MLD Done Messages and Immediate-Leave
25-5
Configuring IPv6 MLD Snooping
MLD Snooping in Switch Stacks
Topology Change Notification Processing
Default MLD Snooping Configuration
MLD Snooping Configuration Guidelines
25-6
25-7
Enabling or Disabling MLD Snooping
Ipv6 mld snooping
Ipv6 mld snooping vlan vlan-id
Show ipv6 mld snooping multicast-address vlan
Configuring a Static Multicast Group
Ipv6 mld snooping vlan vlan-id static
Show ipv6 mld snooping multicast-address user
25-9
Enabling MLD Immediate Leave
Ipv6 mld snooping vlan vlan-id mrouter
Show ipv6 mld snooping mrouter vlan vlan-id
25-10
Configuring MLD Snooping Queries
Displaying MLD Snooping Information
Disabling MLD Listener Message Suppression
25-11
25-12
Show ipv6 mld snooping querier vlan vlan-id
Vlan-id count dynamic user
Vlan-id ipv6-multicast-address
26-1
Configuring Port-Based Traffic Control
Configuring Storm Control
Understanding Storm Control
Broadcast Storm Control Example
26-2
Default Storm Control Configuration
Configuring Storm Control and Threshold Levels
26-3
Storm-control action shutdown trap
Storm-control broadcast multicast
Unicast level level level-low bps bps
Bps-low pps pps pps-low
Multicast unicast
Configuring Protected Ports
Default Protected Port Configuration
Show storm-control interface-id broadcast
26-6
Configuring Port Blocking
Protected Port Configuration Guidelines
Configuring a Protected Port
26-7
Configuring Port Security
Default Port Blocking Configuration
Blocking Flooded Traffic on an Interface
Understanding Port Security
Secure MAC Addresses
26-8
26-9
Security Violations
26-10
Default Port Security Configuration
Port Security Configuration Guidelines
Forwarded1 Trap Message Message2 Increments
26-11
26-12
Enabling and Configuring Port Security
26-13
Switchport port-security violation
Protect restrict shutdown
Shutdown vlan
26-14
Switchconfig-if#switchport port-security violation restrict
Switchconfig-if#switchport port-security
Switchconfig-if#switchport port-security maximum
Switchconfig-if#switchport port-security mac-address sticky
26-16
Enabling and Configuring Port Security Aging
26-17
Port Security and Switch Stacks
Switchconfig# interface GigabitEthernet 1/0/8
Port Security and Private VLANs
26-18
Displaying Port-Based Traffic Control Settings
Show port-security interface interface-idaddress
Show port-security interface interface-idvlan
Configuring CDP
Understanding CDP
27-1
Configuring the CDP Characteristics
Configuring CDP
CDP and Switch Stacks
Default CDP Configuration
Show cdp
Disabling and Enabling CDP
Cdp holdtime seconds
Cdp advertise-v2
27-4
No cdp enable Disable CDP on the interface
Cdp enable Enable CDP on the interface after disabling it
Disabling and Enabling CDP on an Interface
27-5
Monitoring and Maintaining CDP
27-6
28-1
Configuring Lldp and LLDP-MED
Understanding Lldp and LLDP-MED
Understanding Lldp
28-2
Understanding LLDP-MED
28-3
Configuring Lldp and LLDP-MED
Default Lldp Configuration
Configuring Lldp Characteristics
28-4
Disabling and Enabling Lldp Globally
28-5
Disabling and Enabling Lldp on an Interface
Lldp med-tlv-select tlv Specify the TLV to enable
Configuring LLDP-MED TLVs
TLV, and enter interface configuration mode
No lldp med-tlv-select tlv Specify the TLV to disable
28-7
Monitoring and Maintaining Lldp and LLDP-MED
28-8
29-1
Configuring Udld
Understanding Udld
Modes of Operation
29-2
Methods to Detect Unidirectional Links
29-3
Configuring Udld
29-4
Default Udld Configuration
Show udld
Udld aggressive enable message time
Message-timer-interval
Enabling Udld Globally
Udld port aggressive
Resetting an Interface Disabled by Udld
Udld reset Show udld
Enabling Udld on an Interface
29-7
Displaying Udld Status
29-8
Configuring Span and Rspan
Understanding Span and Rspan
30-1
30-2
Local Span
30-3
Remote Span
Span and Rspan Concepts and Terminology
Span Sessions
30-4
30-5
Monitored Traffic
30-6
Source Ports
Source VLANs
Vlan Filtering
30-7
30-8
Destination Port
Span and Rspan Interaction with Other Features
Rspan Vlan
30-9
Configuring Span and Rspan
Span and Rspan and Switch Stacks
30-10
30-11
Default Span and Rspan Configuration
Configuring Local Span
Span Configuration Guidelines
30-12
Creating a Local Span Session
Show monitor session sessionnumber
Monitor session sessionnumber
Destination interface interface-id
Encapsulation replicate
30-14
Specifying VLANs to Filter
Monitor session sessionnumber filter vlan
30-15
30-16
Configuring Rspan
Rspan Configuration Guidelines
Be a Vlan
30-17
Configuring a Vlan as an Rspan Vlan
30-18
Creating an Rspan Source Session
Interfaces port-channelport-channel-number. Valid
Destination remote vlan vlan-id
Creating an Rspan Destination Session
Remote vlan vlan-id
30-19
30-20
Ingress dot1q vlan vlan-id isl untagged
Untagged vlan vlan-id or vlan vlan-id- Forward incoming
30-21
30-22
Show monitor session sessionnumber
30-23
Displaying Span and Rspan Status
30-24
Configuring Rmon
Understanding Rmon
31-1
31-2
Configuring Rmon
Default Rmon Configuration
Configuring Rmon Alarms and Events
31-3
Rmon event number description string log owner string
Add an event in the Rmon event table that is
31-4
Show rmon history
Collecting Group History Statistics on an Interface
Collecting Group Ethernet Statistics on an Interface
Rmon collection history index
31-6
Displaying Rmon Status
Rmon collection stats index owner ownername
Show rmon statistics
Configuring System Message Logging
Understanding System Message Logging
32-1
Configuring System Message Logging
System Log Message Format
32-2
Hhmmss short uptime
Text string that uniquely describes the message
32-3
Disabling Message Logging
Default System Message Logging Configuration
No logging console Disable message logging
Show running-config Verify your entries Show logging
32-5
Setting the Message Display Destination Device
Logging buffered size
Logging host
Session to see the debugging messages
Synchronizing Log Messages
Logging file flash filename
Terminal monitor
All limit number-of-buffers
Line console vty line-number
Line vty
Logging synchronous level severity-level
Enabling and Disabling Time Stamps on Log Messages
Enabling and Disabling Sequence Numbers in Log Messages
32-8
Logging trap level
Defining the Message Severity Level
Logging console level
Logging monitor level
32-10
Level Description Syslog Definition
32-11
Enabling the Configuration-Change Logger
Logging history level
Logging history size number
Configuring Unix Syslog Servers
Logging Messages to a Unix Syslog Daemon
32-12
32-13
Configuring the Unix System Logging Facility
Logging facility facility-type
Facility-type keywords
Displaying the Logging Configuration
Facility Type Keyword Description
32-14
Configuring Snmp
Understanding Snmp
33-1
33-2
Snmp Versions
Operation Description
Model Level Authentication Encryption Result
Snmp Manager Functions
DES
Using Snmp to Access MIB Variables
Snmp Agent Functions
33-4
33-5
Snmp Notifications
SVI
Configuring Snmp
Snmp ifIndex MIB Object Values
IfIndex Range
Default Snmp Configuration
Snmp Configuration Guidelines
33-7
33-8
Configuring Community Strings
No snmp-server Disable the Snmp agent operation
Disabling the Snmp Agent
Permit source source-wildcard
View-name ro rw access-list-number
Access-list access-list-number deny
Snmp-server community string view
33-10
Configuring Snmp Groups and Users
Snmp-server engineID local engineid-string
Snmp-server engineID local
33-11
Write writeview notify notifyview access
Snmp-server group groupname v1 v2c
Auth noauth priv read readview
Notification Type Keyword Description
Configuring Snmp Notifications
Remote host udp-port port v1 access
Encrypted access access-list auth md5
33-13
33-14
Notification-types
Setting the Agent Contact and Location Information
33-12 , or enter snmp-server enable traps ?
Enable traps command for each trap type
Snmp-server tftp-server-list
Switchconfig# snmp-server community public
Limiting Tftp Servers Used Through Snmp
Snmp Examples
33-17
Displaying Snmp Status
33-18
Configuring Network Security with ACLs
Understanding ACLs
34-1
34-2
Supported ACLs
34-3
Port ACLs
34-4
Router ACLs
Handling Fragmented and Unfragmented Traffic
Vlan Maps
34-5
34-6
ACLs and Switch Stacks
34-7
Configuring IPv4 ACLs
34-8
Access List Numbers
Access List Number Type Supported
Creating Standard and Extended IPv4 ACLs
34-9
ACL Logging
Source source-wildcard log
Access-list access-list-number deny permit
Show access-lists number name
Creating a Numbered Standard ACL
34-11
Creating a Numbered Extended ACL
34-12
34-13
34-14
Resequencing ACEs in an ACL
Creating Named Standard and Extended ACLs
34-15
Tos tos established log time-range
Ip access-list standard name
Ip access-list extended name
Any log
34-17
Using Time Ranges with ACLs
34-18
Absolute start time date
Periodic weekdays weekend daily
Show time-range
34-19
Switch# show ip access-lists
Applying an IPv4 ACL to a Terminal Line
Including Comments in ACLs
34-20
Access-class access-list-number
Applying an IPv4 ACL to an Interface
Out
34-21
Ip access-group access-list-number
IPv4 ACL Configuration Examples
Hardware and Software Treatment of IP ACLs
34-22
Switchconfig# access-list 6 permit 172.20.128.64
Switchconfig# access-list 106 permit ip any 172.20.128.64
34-23
Numbered ACLs
Extended ACLs
34-24
34-25
Named ACLs
Time Range Applied to an IP ACL
Commented IP ACL Entries
Switch# show logging
Switchconfig-if#ip access-group ext1
34-26
34-27
Creating Named MAC Extended ACLs
34-28
Applying a MAC ACL to a Layer 2 Interface
ACL
Configuring Vlan Maps
Mac access-group name
Show mac access-group interface interface-id
34-30
Vlan Map Configuration Guidelines
Match ip mac address name
Vlan access-map name number
Creating a Vlan Map
Action drop forward
34-32
Examples of ACLs and Vlan Maps
34-33
Vlan filter mapname vlan-list list
Using Vlan Maps in Your Network
Wiring Closet Configuration
Applying a Vlan Map to a Vlan
Switchconfig# vlan filter map2 vlan
Denying Access to a Server on Anothera Vlan
Switchconfig# vlan access-map map2
Switchconfig# ip access-list extended matchall
34-36
Using Vlan Maps with Router ACLs
34-37
Vlan Maps and Router ACL Configuration Guidelines
34-38
ACLs and Switched Packets
Examples of Router ACLs and Vlan Maps Applied to VLANs
ACLs and Bridged Packets
34-39
ACLs and Routed Packets
34-40
Displaying IPv4 ACL Configuration
Show ip access-lists number name
ACLs and Multicast Packets
34-41
Show running-config interface interface-id
Show mac access-group interface interface-id
Show ip interface interface-id
34-42
35-1
Configuring IPv6 ACLs
35-2
Understanding IPv6 ACLs
35-3
Supported ACL Features
IPv6 ACLs and Switch Stacks
IPv6 ACL Limitations
35-4
Configuring IPv6 ACLs
Default IPv6 ACL Configuration
Interaction with Other Features and Switches
Ipv6 access-list access-list-name
Creating IPv6 ACLs
35-5
35-6
Dscp value fragments log
Log-input routing sequence
Value time-range name
35-7
35-8
Ipv6 traffic-filter access-list-name
Applying an IPv6 ACL to an Interface
Ipv6 address ipv6-address
35-9
Show access-lists
Show ipv6 access-list access-list-name
Displaying IPv6 ACLs
35-10
36-1
Configuring QoS
36-2
Understanding QoS
36-3
Basic QoS Model
Basic QoS Model
36-4
36-5
Classification
Check if packet came with CoS label tag Yes
36-6
Classification Based on QoS ACLs
Classification Based on Class Maps and Policy Maps
36-7
36-8
Policing and Marking
36-9
Policing on Physical Ports
36-10
Policing on SVIs
36-11
Policing and Marking Flowchart on SVIs
36-12
Mapping Tables
36-13
Queueing and Scheduling Overview
Weighted Tail Drop
SRR Shaping and Sharing
36-14
36-15
Queueing and Scheduling on Ingress Queues
36-16
Queue Type Function
36-17
WTD Thresholds
36-18
Queueing and Scheduling on Egress Queues
36-19
36-20
Buffer and Memory Allocation
36-21
Packet Modification
36-22
Configuring Auto-QoS
36-23
Generated Auto-QoS Configuration
36-24
Description Automatically Generated Command
36-25
Or shared on the egress queues mapped to the port
Switch automatically configures the egress queue buffer
Sizes. It configures the bandwidth and the SRR mode shaped
If you entered the auto qos voip trust command, the switch
Effects of Auto-QoS on the Configuration
Auto-QoS Configuration Guidelines
36-27
Show auto qos interface interface-id
Enabling Auto-QoS for VoIP
Auto qos voip cisco-phone
Cisco-softphone trust
36-29
36-30
Auto-QoS Configuration Example
Show auto qos
Cdp enable
Debug auto qos
Auto qos voip trust
Configuring Standard QoS
Displaying Auto-QoS Information
36-32
Default Standard QoS Configuration
Default Ingress Queue Configuration
36-33
Default Egress Queue Configuration
Dscp Value Queue ID -Threshold ID
36-34
Applying QoS on Interfaces
Standard QoS Configuration Guidelines
Default Mapping Table Configuration
QoS ACL Guidelines
Policing Guidelines
General QoS Guidelines
36-36
Enabling QoS Globally
Enabling VLAN-Based QoS on Physical Ports
36-37
Configuring Classification Using Port Trust States
Configuring the Trust State on Ports within the QoS Domain
36-38
15 Port Trusted States within the QoS Domain
36-39
36-40
Configuring the CoS Value for an Interface
Mls qos trust cos dscp ip-precedence
Show mls qos interface
Configuring a Trusted Boundary to Ensure Port Security
Mls qos cos default-cos override
36-41
36-42
Enabling Dscp Transparency Mode
Mls qos trust dscp
Mls qos trust device cisco-phone
36-43
No mls qos rewrite ip dscp
36-44
Mls qos map dscp-mutation
Mls qos dscp-mutation
Show mls qos maps dscp-mutation
Configuring a QoS Policy
Switchconfig-if#mls qos dscp-mutation gi1/0/2-mutation
36-45
36-46
Classifying Traffic by Using ACLs
Source-wildcard
Switchconfig# access-list 100 permit ip any any dscp
Switchconfig# access-list 102 permit pim any 224.0.0.2 dscp
Permit protocol source source-wildcard
36-48
Mac access-list extended name
Match-any keywords
Classifying Traffic by Using Class Maps
Class-map match-all match-any
Is match-all
Show class-map
Match access-group acl-index-or-name
Ip dscp dscp-list ip precedence
Ip-precedence-list
36-51
Policy-map policy-map-name
Class class-map-name
36-52
36-53
Service-policy input policy-map-name
Show policy-map policy-map-nameclass
36-54
36-55
Switchconfig# policy-map macpolicy1
Switchconfig-pmap#class macclass2 maclist2
Switchconfig-if#service-policy input macpolicy1
36-56
Traffic by Using Class Maps section on
36-57
36-58
Police rate-bps burst-byte exceed-action
Drop policed-dscp-transmit
Exceed-action policed-dscp-transmit keywords to mark down
36-59
Service-policy policy-map-name
Service-policy input policy-map-name
Show policy-map policy-map-nameclass
Show mls qos vlan-based
Policed-dscp-transmit
Mls qos aggregate-policer
Aggregate-policer-name rate-bps burst-byte
Exceed-action drop
Only one policy map per ingress port is supported
Show mls qos aggregate-policer
Aggregate-policer-name
CoS Value Dscp Value
Configuring Dscp Maps
Configuring the CoS-to-DSCP Map
Switchconfig-pmap-c#police aggregate transmit1
36-64
Configuring the IP-Precedence-to-DSCP Map
Mls qos map cos-dscp dscp1...dscp8
IP Precedence Value Dscp Value
36-65
Configuring the Policed-DSCP Map
Show
Configuring the DSCP-to-CoS Map
Dscp Value CoS Value
36-66
36-67
Configuring the DSCP-to-DSCP-Mutation Map
Mls qos map dscp-cos dscp-list to cos
Show mls qos maps dscp-to-cos
Switchconfig-if#mls qos dscp-mutation mutation1
Switch# show mls qos maps dscp-mutation mutation1
36-68
36-69
Configuring Ingress Queue Characteristics
Show mls qos maps
Mls qos srr-queue input dscp-map
Mls qos srr-queue input cos-map
Mls qos srr-queue input threshold
Show mls qos interface buffer
Allocating Buffer Space Between the Ingress Queues
Allocating Bandwidth Between the Ingress Queues
Mls qos srr-queue input buffers
Show mls qos interface queueing
Configuring the Ingress Priority Queue
Weight1 weight2
Mls qos srr-queue input bandwidth
Priority-queue queue-id bandwidth
Configuring Egress Queue Characteristics
Weight
Mls qos srr-queue input
36-74
Mls qos queue-set output qset-id
Queue-set qset-id
36-75
36-76
Mls qos srr-queue output dscp-map
Mls qos srr-queue output cos-map
36-77
Queueing
Configuring SRR Shaped Weights on Egress Queues
Srr-queue bandwidth shape weight1
Weight2 weight3 weight4
36-79
Configuring SRR Shared Weights on Egress Queues
Configuring the Egress Expedite Queue
Srr-queue bandwidth share weight1
36-80
Mls qos Enable QoS on a switch
Srr-queue bandwidth limit weight1
Limiting the Bandwidth on an Egress Interface
36-81
Displaying Standard QoS Information
36-82
Show running-config include rewrite
Configuring EtherChannels and Link-State Tracking
Understanding EtherChannels
37-1
37-2
EtherChannel Overview
37-3
Single-Switch EtherChannel
37-4
Port-Channel Interfaces
37-5
Port Aggregation Protocol
Auto
PAgP Interaction with Other Features
Mode Description
PAgP Modes
37-7
Lacp Interaction with Other Features
Link Aggregation Control Protocol
Lacp Modes
EtherChannel On Mode
Load-Balancing and Forwarding Methods
37-8
37-9
37-10
EtherChannel and Switch Stacks
Configuring EtherChannels
Default EtherChannel Configuration
37-11
37-12
EtherChannel Configuration Guidelines
37-13
Configuring Layer 2 EtherChannels
Auto non-silent desirable non-silent on
Active passive
37-14
37-15
Configuring Layer 3 EtherChannels
Switchconfig-if-range#channel-group 5 mode active
Creating Port-Channel Logical Interfaces
No ip address
Configuring the Physical Interfaces
Interface port-channel port-channel-number
Show etherchannel channel-group-number detail
37-17
Partner that is PAgP capable, configure the switch port for
For channel-group-number, the range is 1 to 48. This number
Must be the same as the port-channel-number logical port
37-18
Configuring EtherChannel Load-Balancing
Port-channel load-balance dst-ip dst-mac
Src-dst-ip src-dst-mac src-ip src-mac
Configuring the PAgP Learn Method and Priority
Show etherchannel load-balance Verify your entries
37-19
Show pagp channel-group-number internal
Configuring Lacp Hot-Standby Ports
Pagp learn-method physical-port
Pagp port-priority priority
Configuring the Lacp System Priority
Show running-config Verify your entries Show lacp sys-id
37-21
Internal
Configuring the Lacp Port Priority
Lacp port-priority priority
Show lacp channel-group-number
Displaying EtherChannel, PAgP, and Lacp Status
Understanding Link-State Tracking
37-23
37-24
37-25
Configuring Link-State Tracking
37-26
Default Link-State Tracking Configuration
Link-State Tracking Configuration Guidelines
Configuring Link-State Tracking
37-27
Switch show link state group
Switch show link state group detail
Displaying Link-State Tracking Status
37-28
38-1
Configuring IP Unicast Routing
Understanding IP Routing
Types of Routing
38-2
38-3
IP Routing and Switch Stacks
38-4
Steps for Configuring Routing
Configuring IP Addressing
38-5
38-6
Default Addressing Configuration
ARP
Irdp
38-7
Show running-config Verify your entry
Assigning IP Addresses to Network Interfaces
Use of Subnet Zero
38-8
Classless Routing
Configuring Address Resolution Methods
No ip classless Disable classless routing behavior
38-9
Define a Static ARP Cache
Arp ip-address hardware-address type
38-10
38-11
Set ARP Encapsulation
Proxy ARP
Routing Assistance When IP Routing is Disabled
Enable Proxy ARP
Default Gateway
38-13
Icmp Router Discovery Protocol Irdp
38-14
Configuring Broadcast Packet Handling
Ip directed-broadcast access-list-number
Ip forward-protocol udp port nd sdns
38-15
38-16
Forwarding UDP Broadcast Packets and Protocols
38-17
Establishing an IP Broadcast Address
Flooding IP Broadcasts
Ip broadcast-address ip-address
Clear ip route network mask
Monitoring and Maintaining IP Addressing
Clear arp-cache
Clear host name
38-19
Enabling IP Unicast Routing
38-20
Configuring RIP
Network network number
Default RIP Configuration
Configuring Basic RIP Parameters
Router rip
38-22
Ip rip authentication mode text md5
Configuring RIP Authentication
Configuring Summary Addresses and Split Horizon
Ip rip authentication key-chain name-of-chain
No ip split horizon
Configuring Split Horizon
Switchconfig-router#neighbor 2.2.2.2 peer-group mygroup
Ip summary-address rip ip address ip-network mask
Configuring Ospf
No ip split-horizon
38-25
38-26
Default Ospf Configuration
38-27
Ospf Nonstop Forwarding
38-28
Ospf NSF Awareness
Configuring Basic Ospf Parameters
Configuring Ospf Interfaces
38-29
38-30
38-31
Configuring Ospf Area Parameters
38-32
Configuring Other Ospf Parameters
38-33
38-34
Configuring a Loopback Interface
Changing LSA Group Pacing
Ip address address mask
Configuring Eigrp
Monitoring Ospf
38-35
38-36
38-37
Default Eigrp Configuration
38-38
Eigrp Nonstop Forwarding
Eigrp log-neighbor-changes
Configuring Basic Eigrp Parameters
Router eigrp autonomous-system
Network network-number
38-40
Configuring Eigrp Interfaces
No auto-summary
Ip summary-address eigrp
Show ip eigrp interface
Configuring Eigrp Route Authentication
Ip hello-interval eigrp autonomous-system-number
No ip split-horizon eigrp autonomous-system-number
38-42
Eigrp Stub Routing
Configuring BGP
Monitoring and Maintaining Eigrp
38-43
EBGP, IBGP, and Multiple Autonomous Systems
38-44
38-45
Default BGP Configuration
38-46
38-47
Nonstop Forwarding Awareness
Route-map route-map-name
Enabling BGP Routing
Router bgp autonomous-system
Network network-number mask network-mask
38-49
38-50
Switchconfig-router#neighbor 192.208.10.2 remote-as
Switch# show ip bgp neighbors
Managing Routing Policy Changes
Show ip bgp
Type of Reset Advantages Disadvantages
Show ip bgp neighbors
Clear ip bgp * address
38-52
Configuring BGP Decision Attributes
38-53
Configuring BGP Filtering with Route Maps
Configuring BGP Filtering by Neighbor
38-54
Show ip bgp neighbors paths
Ip as-path access-list access-list-number
Out weight weight
Route-map map-tag in out
38-56
Configuring Prefix Lists for BGP Filtering
Send-community
Configuring BGP Community Filtering
Ip community-listcommunity-list-number
Permit deny community-number
Show ip bgp community
Configuring BGP Neighbors and Peer Groups
Set comm-list list-num delete
Ip bgp-community new-format
38-59
38-60
Configuring Aggregate Addresses
Configuring Routing Domain Confederations
Configuring BGP Route Reflectors
38-61
No bgp client-to-client reflection
Configuring Route Dampening
Route-reflector-client
Bgp cluster-id cluster-id
38-63
Monitoring and Maintaining BGP
38-64
Configuring Multi-VRF CE
38-65
Understanding Multi-VRF CE
38-66
38-67
Default Multi-VRF CE Configuration
Multi-VRF CE Configuration Guidelines
VRF
Ip vrf forwarding vrf-name
Configuring VRFs
Route-target export import both
Import map route-map
Redistribute bgp
Configuring a VPN Routing Session
Show ip vrf brief detail interfaces
Log-adjacency-changes
Configuring BGP PE to CE Routing Sessions
Multi-VRF CE Configuration Example
38-70
VPN2 CE1
38-71
38-72
Configuring Switch a
38-73
Switchconfig-router-af#network 8.8.2.0 mask
Switchconfig-router-af#network 8.8.1.0 mask
Switchconfig-if#ip address 208.0.0.20
38-74
Router# configure terminal
Configuring Unicast Reverse Path Forwarding
Displaying Multi-VRF CE Status
38-75
Configuring Protocol-Independent Features
Configuring Distributed Cisco Express Forwarding
38-76
38-77
Configuring the Number of Equal-Cost Routing Paths
Show ip route
Configuring Static Unicast Routes
Router bgp rip ospf eigrp
Maximum-paths maximum
38-79
Specifying Default Routes and Networks
Route Source Default Distance
Ip default-network network number Specify a default network
38-80
Using Route Maps to Redistribute Routing Information
38-81
38-82
38-83
Configuring Policy-Based Routing
38-84
PBR Configuration Guidelines
38-85
Enabling PBR
38-86
Ip policy route-map map-tag
Ip route-cache policy
Ip local policy route-map map-tag
Setting Passive Interfaces
Filtering Routing Information
38-87
38-88
Controlling Advertising and Processing in Routing Updates
Filtering Sources of Routing Information
Router bgp rip eigrp
38-89
Managing Authentication Keys
Distance weight ip-address ip-address mask
Ip access list
38-90
Monitoring and Maintaining the IP Network
38-91
38-92
Configuring IPv6 Unicast Routing
Understanding IPv6
39-1
39-2
IPv6 Addresses
Supported IPv6 Unicast Routing Features
Bit Wide Unicast Addresses
39-3
Neighbor Discovery
DNS for IPv6
Path MTU Discovery for IPv6 Unicast
ICMPv6
39-5
IPv6 Applications
Unsupported IPv6 Unicast Routing Features
Dual IPv4 and IPv6 Protocol Stacks
39-6
IPv6 and Switch Stacks
Limitations
39-7
39-8
SDM Templates
Dual IPv4-and IPv6 SDM Templates
39-9
39-10
Configuring IPv6
Default IPv6 Configuration
Configuring IPv6 Addressing and Enabling IPv6 Routing
39-11
39-12
39-13
Configuring IPv4 and IPv6 Protocol Stacks
Ip routing Enable routing on the switch
Switchconfig-if#ipv6 address 20010DB8c181/64 eui
39-14
Show ipv6 interface interface-id
Configuring IPv6 Icmp Rate Limiting
Configuring CEF and dCEF for IPv6
Ipv6 icmp error-interval interval bucketsize
39-16
Configuring Static Routing for IPv6
39-17
Administrative distance
Ipv6 route ipv6-prefix/prefix length
Ipv6-address interface-id ipv6-address
Interface-id recursive detail
Configuring RIP for IPv6
Show ipv6 route static updated
Show ipv6 static ipv6-address
39-19
39-20
Configuring Ospf for IPv6
39-21
Switch# show ipv6 interface
Displaying IPv6
39-22
39-23
Switch# show ipv6 cef /0
Switch# show ipv6 protocols
Switch# show ipv6 rip
Switch# show ipv6 traffic
Switch# show ipv6 neighbors
Switch# show ipv6 static
Switch# show ipv6 route
39-25
39-26
Configuring Hsrp and Enhanced Object Tracking
Understanding Hsrp
40-1
40-2
40-3
Multiple Hsrp
Configuring Hsrp
Hsrp and Switch Stacks
40-4
40-5
Default Hsrp Configuration
Hsrp Configuration Guidelines
Enabling Hsrp
Show standby interface-id group
Switch# show standby
Standby group-number ip ip-address
Secondary
40-7
Configuring Hsrp Priority
40-8
Priority preempt delay delay
Standby group-number priority
Standby group-number track
40-9
Configuring Mhsrp
Configuring Hsrp Authentication and Timers
Switchconfig-if#standby 2 ip
Holdtime
Standby group-number authentication string
Standby group-number timers hellotime
Switchconfig-if#standby 1 authentication word
Show standby interface-idgroup brief detail
Displaying Hsrp Configurations
Configuring Hsrp Groups and Clustering
Enabling Hsrp Support for Icmp Redirect Messages
Configuring Enhanced Object Tracking
Understanding Enhanced Object Tracking
40-12
40-13
Configuring Enhanced Object Tracking Features
Tracking Interface Line-Protocol or IP Routing State
Track object-number interface
Object object-number not
Configuring a Tracked List
Switch# show track 33 Track
Track track-numberlist boolean
40-15
Weight
Threshold weight up number
Track track-numberlist threshold
Threshold percentage up number
Track track-number list threshold
Percentage
Object object-number
40-17
Configuring Hsrp Object Tracking
Configuring Other Tracking Characteristics
Show standby
40-18
Configuring Web Cache Services By Using
Understanding Wccp
41-1
41-2
Wccp Message Exchange
41-3
Packet Redirection and Service Groups
Wccp Negotiation
MD5 Security
41-4
Wccp and Switch Stacks
Wccp Configuration Guidelines
Configuring Wccp
Unsupported Wccp Features
Default Wccp Configuration
41-6
Enabling the Web Cache Service
41-7
41-8
41-9
Switchconfig# interface range gigabitethernet1/0/3
Switchconfig-if-range#switchport access vlan
Monitoring and Maintaining Wccp
41-10
Enabled / disabled
42-1
Configuring IP Multicast Routing
IP Multicast Routing Protocols
42-2
Understanding Igmp
Igmp Version
42-3
42-4
Understanding PIM
PIM Versions
PIM Modes
42-5
PIM Stub Routing
42-6
Auto-RP
Bootstrap Router
Multicast Forwarding and Reverse Path Check
42-7
Understanding Dvmrp
Network Port
42-8
Multicast Routing and Switch Stacks
Understanding Cgmp
42-9
42-10
Configuring IP Multicast Routing
Default Multicast Routing Configuration
Multicast Routing Configuration Guidelines
Auto-RP and BSR Configuration Guidelines
PIMv1 and PIMv2 Interoperability
42-11
Configuring Basic Multicast Routing
Ip multicast-routing distributed
42-12
Sparse-dense-mode
Configuring PIM Stub Routing
Ip pim version 1
Ip pim dense-mode sparse-mode
42-14
Configuring a Rendezvous Point
Manually Assigning an RP to Multicast Groups
Ip pim passive
Access-list-number override
Ip pim rp-address ip-address
42-15
42-16
Configuring Auto-RP
42-17
Scope ttl group-list access-list-number
Ip pim send-rp-announce interface-id
Interval seconds
42-18
Ip pim send-rp-discovery scope ttl
Show ip pim rp mapping
Show ip pim rp
Access-list-number group-list
Ip pim rp-announce-filter rp-list
42-19
Configuring PIMv2 BSR
Ip pim bsr-border
42-20
42-21
Ip multicast boundary
Ip pim bsr-candidate interface-id
Hash-mask-length priority
42-22
Group-list access-list-number
Ip pim rp-candidate interface-id
42-23
Show ip pim rp-hash group
Using Auto-RP and a BSR
Show ip pim rp group-name
Group-address mapping
Understanding PIM Shared Tree and Source Tree
Configuring Advanced PIM Features
Troubleshooting PIMv1 and PIMv2 Interoperability Problems
Monitoring the RP Mapping Information
Shared Tree and Source Tree Shortest-Path Tree
42-26
Delaying the Use of PIM Shortest-Path Tree
Ip pim spt-threshold kbps infinity
42-27
Show ip igmp interface interface-id
Configuring Optional Igmp Features
Modifying the PIM Router-Query Message Interval
Ip pim query-interval seconds
42-29
Default Igmp Configuration
Configuring the Switch as a Member of a Group
Ip igmp join-group group-address
42-30
Controlling Access to IP Multicast Groups
Ip igmp access-group access-list-number
Show ip igmp interface interface-id Verify your entries
Query-interval or the ip igmp query-max-response-time
Changing the Igmp Version
Modifying the Igmp Host-Query Message Interval
Ip igmp version 1
42-32
Changing the Igmp Query Timeout for IGMPv2
Ip igmp querier-timeout seconds
Ip igmp query-interval seconds
42-33
Configuring the Switch as a Statically Connected Member
Changing the Maximum Query Response Time for IGMPv2
Ip igmp query-max-response-time
42-34
Configuring Optional Multicast Routing Features
Enabling Cgmp Server Support
Ip igmp static-group group-address
Configuring sdr Listener Support
Ip cgmp proxy
42-35
42-36
Ip sdr listen Enable sdr listener support
Enabling sdr Listener Support
Limiting How Long an sdr Cache Entry Exists
42-37
Configuring an IP Multicast Boundary
42-38
Configuring Basic Dvmrp Interoperability Features
42-39
Configuring Dvmrp Interoperability
42-40
Ip dvmrp metric metric list
42-41
Configuring a Dvmrp Tunnel
Ip dvmrp accept-filter
Access-list-number distance
Neighbor-list access-list-number
Advertising Network 0.0.0.0 to Dvmrp Neighbors
Originate only
Configuring Advanced Dvmrp Interoperability Features
Ip dvmrp default-information
Responding to mrinfo Requests
42-44
Enabling Dvmrp Unicast Routing
42-45
Rejecting a Dvmrp Nonpruning Neighbor
42-46
Enter interface configuration mode
Changing the Dvmrp Route Threshold
By default, 7000 routes are advertised. The range is 0 to
Controlling Route Exchanges
Limiting the Number of Dvmrp Routes Advertised
42-48
Configuring a Dvmrp Summary Address
Default is 10,000 routes. The range is 1 to
Route-count
42-49
No ip dvmrp auto-summary
Disabling Dvmrp Autosummarization
Ip dvmrp summary-address address
Mask metric value
42-51
Adding a Metric Offset to the Dvmrp Route
Ip dvmrp metric-offset in out
Increment
42-52
Monitoring and Maintaining IP Multicast Routing
Clearing Caches, Tables, and Databases
Displaying System and Network Statistics
42-53
Monitoring IP Multicast Routing
42-54
Configuring Msdp
Understanding Msdp
43-1
43-2
Msdp Operation
43-3
Msdp Benefits
43-4
Configuring Msdp
Default Msdp Configuration
Configuring a Default Msdp Peer
Ip msdp default-peer ip-address name
Prefix-list list
43-5
Ip msdp description peer-name
Caching Source-Active State
Ip prefix-list name description string
Seq number permit deny network
43-7
Ip msdp cache-sa-state list
43-8
Switchconfig# ip msdp sa-request
Requesting Source Information from an Msdp Peer
Ip msdp sa-request ip-address name
43-9
Controlling Source Information that Your Switch Originates
Redistributing Sources
Ip msdp redistribute list
43-10
43-11
Name list access-list-number
Filtering Source-Active Request Messages
Ip msdp filter-sa-request ip-address
Route-map map-tag
Controlling Source Information that Your Switch Forwards
Using a Filter
Ip msdp sa-filter out ip-address name
43-13
Ttl
Controlling Source Information that Your Switch Receives
Using TTL to Limit the Multicast Data Sent in SA Messages
Ip msdp ttl-threshold ip-address name
Switchconfig# ip msdp sa-filter in switch.cisco.com
Ip msdp sa-filter in ip-address name
43-15
43-16
Configuring an Msdp Mesh Group
Shutting Down an Msdp Peer
Ip msdp mesh-group name ip-address
43-17
Including a Bordering PIM Dense-Mode Region in Msdp
Ip msdp shutdown peer-name peer
Ip msdp border sa-address interface-id
43-18
Configuring an Originating Address other than the RP Address
Clear ip msdp sa-cache group-addressname
Monitoring and Maintaining Msdp
Clear ip msdp peer peer-addressname
Clear ip msdp statistics peer-addressname
43-20
44-1
Configuring Fallback Bridging
Understanding Fallback Bridging
Fallback Bridging Overview
44-2
Configuring Fallback Bridging
Fallback Bridging and Switch Stacks
44-3
44-4
Default Fallback Bridging Configuration
Fallback Bridging Configuration Guidelines
Creating a Bridge Group
44-5
Bridge bridge-group protocol
Vlan-bridge
Bridge-group bridge-group
Adjusting Spanning-Tree Parameters
Switchconfig# bridge 10 protocol vlan-bridge
44-6
Bridge-group bridge-grouppriority
Changing the VLAN-Bridge Spanning-Tree Priority
Changing the Interface Priority
Bridge bridge-group priority number
44-8
Assigning a Path Cost
Bridge-group bridge-group path-cost
Cost
44-9
Adjusting Bpdu Intervals
Switchconfig# bridge 10 hello-time
Bridge bridge-group hello-time seconds
Bridge bridge-group max-age seconds
Switchconfig# bridge 10 forward-time
Switchconfig# bridge 10 max-age
Bridge bridge-group forward-time
Show bridge bridge-group group
Monitoring and Maintaining Fallback Bridging
Disabling the Spanning Tree on an Interface
Clear bridge bridge-group
44-12
45-1
Troubleshooting
45-2
Recovering from a Software Failure
Switch copy xmodem flashimagefilename.bin
Recovering from a Lost or Forgotten Password
Switch flashinit
Switch loadhelper
45-4
45-5
Procedure with Password Recovery Enabled
45-6
Copy the configuration file into memory
Procedure with Password Recovery Disabled
Switch dir flash
45-7
45-8
Preventing Switch Stack Problems
45-9
Recovering from a Command Switch Failure
Replacing a Failed Command Switch with a Cluster Member
Switchconfig# no cluster commander-address
45-10
45-11
Replacing a Failed Command Switch with Another Switch
45-12
45-13
Recovering from Lost Cluster Member Connectivity
Troubleshooting Power over Ethernet Switch Ports
Preventing Autonegotiation Mismatches
SFP Module Security and Identification
Disabled Port Caused by Power Loss
Disabled Port Caused by False Link Up
Show controllers power inline privileged Exec command
Understanding Ping
Monitoring Temperature
Using Ping
Monitoring SFP Module Status
45-16
Switch# ping
Executing Ping
Character Description
45-17
Using Layer 2 Traceroute
Understanding Layer 2 Traceroute
Usage Guidelines
45-18
Using IP Traceroute
Displaying the Physical Path
Understanding IP Traceroute
Trace the path that packets take through the network
Switch# traceroute ip
Executing IP Traceroute
Traceroute ip host
Using TDR
Understanding TDR
45-20
45-21
Using Debug Commands
Enabling Debugging on a Specific Feature
Running TDR and Displaying the Results
Enabling All-System Diagnostics
Redirecting Debug and Error Message Output
45-22
Using the show platform forward Command
45-23
Udp 10
45-24
Using the crashinfo Files
Basic crashinfo Files
45-25
45-26
Using On-Board Failure Logging
Extended crashinfo Files
Understanding Obfl
45-27
Configuring Obfl
Displaying Obfl Information
Show logging onboard module
45-28
Configuring Online Diagnostics
Understanding Online Diagnostics
46-1
Non-disruptive daily hhmm
Configuring Online Diagnostics
Scheduling Online Diagnostics
Diagnostic schedule switch
Diagnostic monitor syslog
Configuring Health-Monitoring Diagnostics
Diagnostic monitor interval switch
Diagnostic content command output
Schedule status switch
Diagnostic monitor threshold switch
Diagnostic monitor switch number test
Show diagnostic content post result
All basic non-disruptive
Running Online Diagnostic Tests
Starting Online Diagnostic Tests
Diagnostic start switch number
46-6
Displaying Online Diagnostic Tests and Test Results
Supported MIBs
MIB List
CISCO-FTP-CLIENT-MIB CISCO-HSRP-MIB
IGMP-MIB INET-ADDRESS-MIB IPMROUTE-MIB
CISCO-IGMP-FILTER-MIB
CISCO-RTTMON-MIB CISCO-SMI-MIB
ETHERLIKE-MIB IEEE8021-PAE-MIB IEEE8023-LAG-MIB
TCP-MIB UDP-MIB
Using FTP to Access the MIB Files
Working with the Flash File System
Displaying Available File Systems
Switch# show file systems
Field Value
Setting the Default File System
Pwd
Cd newconfigs
Displaying Information about Files on a File System
Changing Directories and Displaying the Working Directory
Mkdir oldconfigs
Creating and Removing Directories
Copying Files
Switch# delete myconfig
Deleting Files
Creating, Displaying, and Extracting Files
Archive /create destination-url
Flash
Archive /table source-url
More /ascii /binary /ebcdic
Archive /xtract source-url
Extract a file into a directory on the flash file system
Directories are extracted
Working with Configuration Files
Configuration File Types and Location
Guidelines for Creating and Using Configuration Files
Copying Configuration Files By Using Tftp
Creating a Configuration File By Using a Text Editor
Uploading the Configuration File By Using Tftp
Downloading the Configuration File By Using Tftp
Copying Configuration Files By Using FTP
Downloading a Configuration File By Using FTP
Ip ftp password password
Ip ftp username username
Filename nvramstartup-config
Uploading a Configuration File By Using FTP
Ftp // username password @ location /directory
Filename systemrunning-config
Ftp // username password @ location /directory Filename
Copying Configuration Files By Using RCP
Copy systemrunning-config
Copy nvramstartup-config
Hostname Switch1 Ip rcmd remote-username User0
Ip rcmd remote-username username
Downloading a Configuration File By Using RCP
Systemrunning-config
Nvramstartup-config
Clearing Configuration Information
Uploading a Configuration File By Using RCP
Switch# copy nvramstartup-config rcp
Clearing the Startup Configuration File
Deleting a Stored Configuration File
Working with Software Images
File Format of Images on a Server or Cisco.com
Image Location on the Switch
Field Description
Copying Image Files By Using Tftp
Downloading an Image File By Using Tftp
Preparing to Download or Upload an Image File By Using Tftp
Archive download-sw /directory
Allow-feature-upgrade /directory
Archive download-sw
Overwrite /reload
Uploading an Image File By Using Tftp
Archive upload-sw
Tftp //location /directory /image-name .tar
Preparing to Download or Upload an Image File By Using FTP
Copying Image Files By Using FTP
Downloading an Image File By Using FTP
Directory /image-name2 .tar image-name3 .tar
Archive download-sw /allow-feature-upgrade
Directory /overwrite /reload
For /directory /image-name1 .tar
Uploading an Image File By Using FTP
Copying Image Files By Using RCP
Preparing to Download or Upload an Image File By Using RCP
File By Using RCP section on page B-31
Downloading an Image File By Using RCP
Or Upload an Image File By Using RCP section on
Uploading an Image File By Using RCP
Copying an Image File from One Stack Member to Another
Rcp // username @ location /directory /image-na
Me.tar
For /destination-system destination-stack-member-number
Archive copy-sw /destination-system
Destination-stack-member-number /force-reload
Source-stack-member-number
Unsupported Global Configuration Commands
Unsupported Commands Cisco IOS Release 12.237SE
Access Control Lists
Unsupported Privileged Exec Commands
Debug Commands
Archive Commands
ARP Commands
Boot Loader Commands
Bridge bridge-group domain domain-name bridge irb
Fallback Bridging
Bridge bridge-groupacquire
Bridge crb
X25 map bridge x.121-address broadcast options-keywords
Hsrp
Igmp Snooping Commands
Interface Commands
IP Multicast Routing
Ip multicast-routing vrf vrf-name
Ip pim accept-rpaddress auto-rpgroup-access-list-number
Show ip pim vc group-address name type number
Show ip rtp header-compression type number detail
IP Unicast Routing
Unsupported Privileged Exec or User Exec Commands
Unsupported BGP Router Configuration Commands
Unsupported VPN Configuration Commands
Unsupported Route Map Commands
Set tag tag-value
MAC Address Commands
Show cable-diagnostics prbs Test cable-diagnostics prbs
Miscellaneous
Msdp
NetFlow Commands
QoS
Network Address Translation NAT Commands
Unsupported Global Configuration Command
Unsupported Policy-Map Configuration Command
Spanning Tree
Unsupported Interface Configuration Command
Unsupported User Exec Commands
Unsupported Privileged Exec Command
IN-1
Numerics
IN-2
ACLs
TACACS+
CDP Lldp RIP
Eigrp
Hsrp
BGP
Cidr
IN-4
IN-5
Bpdu
CLI
CDP
CEF
Cgmp
IN-7
CNS
IN-8
Dhcp
DNS
IN-9
Wccp
Snmp
TACACS+ Udld
Vmps
IN-11
Dhcp option
IN-12
DTP
IN-13
Dvmrp
IN-14
Dynamic ARP inspection
IN-15
Lacp
STP
FIB
IN-16
Mstp STP
FTP
IN-17
Https
Icmp
IN-18
IN-19
Igmp
IN-20
IN-21
IP addresses
IN-22
Mbone
IN-23
IGP
IN-24
IP unicast routing
IN-25
ISL
IN-26
LLDP-MED
IN-27
MDA
Mhsrp
IN-28
IN-29
Msdp
IN-30
CST
IST
MTU
IN-31
NAC
IN-32
NSSA, Ospf
Obfl
PBR
IN-33
IN-34
PIM
IN-35
Port-based authentication
Pvid
Vvid
IN-36
IN-37
Private VLANs
IN-38
QoS
IN-39
IN-40
RCP
IN-41
Radius TACACS+
RFC
Rmon
IN-42
RPS
Rspan
Rstp
IN-43
SDM
IN-44
Snmp
Span
SRR
IN-45
SSL
VTP
IN-46
IN-47
Stacks, switch
IN-48
LLDP-MED Ospf
IN-49
STP
IN-50
IN-51
System message logging
IN-52
IN-53
IN-54
IN-55
VLANs
VPN
VQP
IN-56
IN-57
WTD
IN-58
