Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - L - M - N - P - Q - R - S - T - U - V - W -
Index
Numerics
802.1Q trunk ports and native VLANs 2-515
802.1Q tunnel ports
configuring 2-461
displaying 2-251
limitations 2-462
802.1X
and switchport modes 2-462
See also port-based authentication
A
aaa authentication dot1x command 2-1
AAA methods 2-1
abort command 2-512
access control entries
access control lists
access groups
IP 2-98
MAC
configuring 2-137
displaying 2-303
access-list hardware program nonblocking command 2-3
access lists
IP 2-98
on Layer 2 interfaces 2-98, 2-137
access map configuration mode 2-153
access mode 2-461
access ports 2-461
ACLs
deny 2-64
displaying 2-227
for non-IP protocols 2-139
matching 2-153
permit 2-193
action command 2-5
aggregate-port learner 2-189
allowed VLANs 2-476
apply command 2-512
archive download-sw command 2-7
archive tar command 2-9
archive upload-sw command 2-12
audience xv
authorization state of controlled port 2-74
autonegotiation of duplex mode 2-83
auto qos voip command 2-14
B
BackboneFast, for STP 2-405
boot (boot loader) command A-2
boot boothlpr command 2-18
boot buffersize command 2-19
boot config-file command 2-20
boot enable-break command 2-21
boot helper command 2-22
boot helper-config file command 2-23
booting
Cisco IOS image 2-26
displaying environment variables 2-231
interrupting 2-21
manually 2-24
boot loader
accessing A-1
booting
Cisco IOS image A-2
helper image 2-22
directories
creating A-15
displaying a list of A-6
removing A-19
displaying
available commands A-11
memory heap utilization A-13
version A-26
environment variables
described A-20
displaying settings A-20
location of A-21
setting A-20
unsetting A-24
files
copying A-4
deleting A-5
displaying a list of A-6
displaying the contents of A-3, A-16, A-23
renaming A-17
file system
formatting A-9
initializing Flash A-8
running a consistency check A-10
loading helper images A-12
prompt A-1
resetting the system A-18
boot manual command 2-24
boot private-config-file command 2-25
boot system command 2-26
BPDU filtering, for spanning tree 2-406, 2-438
BPDU guard, for spanning tree 2-408, 2-438
broadcast storm control 2-451
broadcast traffic counters 2-284
C
candidate switches
cat (boot loader) command A-3
caution, description xvi
CDP, enabling protocol tunneling for 2-129
channel-group command 2-27
channel-protocol command 2-30
class command 2-32
class-map command 2-34
class maps
creating 2-34
defining the match criteria 2-155
displaying 2-233
class of service
clear l2protocol-tunnel counters command 2-37
clear lacp command 2-36
clear mac address-table command 2-38
clear pagp command 2-40
clear port-security command 2-41
clear setup express command 2-43
clear spanning-tree counters command 2-44
clear spanning-tree detected-protocols command 2-45
clear vmps statistics command 2-46
clear vtp counters command 2-47
cluster commander-address command 2-48
cluster discovery hop-count command 2-50
cluster enable command 2-51
cluster holdtime command 2-53
cluster member command 2-54
cluster outside-interface command 2-56
cluster run command 2-57
clusters
adding candidates 2-54
binding to HSRP group 2-58
building manually 2-54
communicating with
devices outside the cluster 2-56
members by using Telnet 2-207
debug messages, display B-5
displaying
candidate switches 2-236
debug messages B-5
member switches 2-238
status 2-234
hop-count limit for extended discovery 2-50
HSRP standby groups 2-58
redundancy 2-58
SNMP trap 2-394
cluster standby-group command 2-58
cluster timer command 2-60
command modes defined 1-1
command switch
configuration conflicts, ACL, displaying 2-265
configuration files
password recovery disable considerations A-1
setting the NVRAM size for 2-19
specifying the name 2-20, 2-25
configuring multiple interfaces 2-94
config-vlan mode
commands 2-498
description 1-4
entering 2-497
summary 1-2
conventions
command xvi
for examples xvi
publication xvi
text xvi
copy (boot loader) command A-4
CoS
assigning default value to incoming packets 2-165
assigning to Layer 2 protocol packets 2-132
defining in a policy map 2-167
overriding the incoming value 2-165
CoS-to-DSCP map 2-171
CoS-to-egress-queue map 2-535
CPU ASIC
debug messages, display B-7
statistics display 2-241
CPU statistics, displaying 2-241
cross-stack UplinkFast, for STP 2-442
D
debug acltcam command B-2
debug autoqos command B-3
debug cluster command B-5
debug cpu-interface command B-7
debug dot1x command B-8
debug etherchannel command B-9
debug ethernet-controller ram-access command B-10
debug fallback-bridging command B-11
debug gigastack command B-12
debug ilpower controller command B-13
debug ilpower process command B-14
debug ip dhcp snooping command B-15
debug ip igmp filter command B-16
debug ip igmp max-groups command B-17
debug l3multicast command B-18
debug l3tcam command B-19
debug l3unicast command B-20
debug mac-manager command B-21
debug mac-notification command B-22
debug met command B-23
debug mvrdbg command B-24
debug pagp command B-25
debug pbr command B-26
debug pm command B-27
debug port-security command B-29
debug spanning-tree backbonefast command B-33
debug spanning-tree bpdu command B-34
debug spanning-tree bpdu-opt command B-35
debug spanning-tree command B-31
debug spanning-tree mstp command B-36
debug spanning-tree switch command B-38
debug spanning-tree uplinkfast command B-40
debug span-session command B-30
debug sw-vlan command B-41
debug sw-vlan ifs command B-43
debug sw-vlan notification command B-44
debug sw-vlan vtp command B-45
debug udld command B-47
define interface-range command 2-61
delete (boot loader) command A-5
delete command 2-63
deny command 2-64
detect mechanism, causes 2-85
DHCP snooping
enabling on a VLAN 2-109
enabling option 82 2-104, 2-106
enabling rate limiting on an interface 2-107
enabling trust on an interface 2-108
error recovery timer 2-87
dir (boot loader) command A-6
directories, deleting 2-63
documentation, related xvii
document conventions xvi
dot1x default command 2-67
dot1x guest-vlan command 2-68
dot1x host-mode command 2-69
dot1x initialize command 2-71
dot1x max-req command 2-72
dot1x multiple-hosts command 2-73
dot1x port-control command 2-74
dot1x re-authenticate command 2-76
dot1x re-authentication command 2-77
dot1x reauthentication command 2-78
dot1x system-auth-control command 2-80
dropping packets, with ACL matches 2-5
drop threshold, Layer 2 protocol tunneling 2-129
DSCP-to-CoS map 2-171
DSCP-to-DSCP-mutation map 2-171
DSCP-to-threshold map 2-537
DTP 2-462
DTP flap
error detection for 2-85
error recovery timer 2-87
duplex command 2-83
dynamic-access ports
configuring 2-457
restrictions 2-458
dynamic auto VLAN membership mode 2-461
dynamic desirable VLAN membership mode 2-461
Dynamic Host Configuration Protocol (DHCP)
Dynamic Trunking Protocol
E
EAP-request/identity frame
maximum number to send 2-72
response time before retransmitting 2-81
encapsulation methods 2-476
environment variables, displaying 2-231
errdisable detect cause command 2-85
errdisable recovery command 2-87
error conditions, displaying 2-258
error disable detection 2-85
error-disabled interfaces, displaying 2-276
EtherChannel
assigning Ethernet interface to channel group 2-27
creating port-channel logical interface 2-92
debug messages, display B-9, B-25
displaying 2-262
enabling Layer 2 protocol tunneling for
LACP 2-130
PAgP 2-130
UDLD 2-130
interface information, displaying 2-276
LACP modes 2-27
load-distribution methods 2-203
PAgP
aggregate-port learner 2-189
clearing channel-group information 2-36, 2-40
debug messages, display B-25
error detection for 2-85
error recovery timer 2-87
learn method 2-189
modes 2-27
physical-port learner 2-189
priority of interface for transmitted traffic 2-191
Ethernet controller
debug messages, display B-10
internal register display 2-243
Ethernet statistics, collecting 2-210
examples, conventions for xvi
exit command 2-512
express setup-related commands 2-43, 2-225, 2-357
extended discovery of candidate switches 2-50
extended-range VLANs
and allowed VLAN list 2-476
and pruning-eligible list 2-476
configuring 2-497
extended system ID for STP 2-414
F
fallback bridging, debugging B-11
fan information, displaying 2-255
feature manager
displaying 2-265
displaying summaries 2-270
label information 2-265
per-interface information 2-268
per-VLAN information 2-270
file name, VTP 2-523
files, deleting 2-63
flash_init (boot loader) command A-8
flowcontrol command 2-89
format (boot loader) command A-9
forwarding information base (FIB), debugging B-20
forwarding packets, with ACL matches 2-5
forwarding results, display 2-271
frame forwarding information, displaying 2-271
fsck (boot loader) command A-10
G
GigaStack GBIC, debugging B-12
global configuration mode 1-2, 1-3
H
hardware ACL statistics 2-227
help (boot loader) command A-11
hop-count limit for clusters 2-50
HSRP
binding HSRP group to cluster 2-58
standby group 2-58
I
IDS, using with SPAN and RSPAN 2-181
IGMP filters
applying 2-110
debug messages, display B-16
IGMP groups
configuring throttling action 2-112
setting maximum 2-112
IGMP maximum groups, debugging B-17
IGMP profiles
creating 2-114
displaying 2-290
IGMP snooping
displaying 2-291
enabling 2-116
MAC address tables 2-317
report suppression 2-119
source-only-learning aging time 2-121
images
Immediate-Leave feature, MVR 2-186
Immediate-Leave processing 2-116
import map command 2-126
inline power command 2-204
interface command 2-96
interface configuration mode 1-2, 1-4
interface port-channel command 2-92
interface range command 2-94
interface-range macros 2-61
interfaces
assigning Ethernet interface to channel group 2-27
configuring 2-83
configuring multiple 2-94
creating port-channel logical 2-92
disabling 2-392
displaying the MAC address table 2-315
restarting 2-392
interface speed, configuring 2-449
internal registers, displaying 2-243, 2-249
Intrusion Detection System
invalid GBIC
error detection for 2-85
error recovery timer 2-87
ip address command 2-100
IP addresses, setting 2-100
IP address matching 2-153
IP DHCP snooping
ip dhcp snooping command 2-102
ip dhcp snooping information option command 2-104
ip dhcp snooping information option format snmp-ifindex command 2-106
ip dhcp snooping limit rate command 2-107
ip dhcp snooping trust command 2-108
ip dhcp snooping vlan command 2-109
ip igmp filter command 2-110
ip igmp max-groups command 2-112
ip igmp profile command 2-114
ip igmp snooping command 2-116
ip igmp snooping report-suppression command 2-119
ip igmp snooping source-only-learning command age-timer 2-121
IP multicast addresses 2-183
IP-precedence-to-DSCP map 2-171
ip ssh command 2-123
ip vrf (global configuration) command 2-125
ip vrf command 2-127
J
jumbo frames
L
l2protocol-tunnel command 2-129
l2protocol-tunnel cos command 2-132
LACP
lacp port-priority command 2-133
lacp system-priority command 2-134
Layer 2 mode, enabling 2-455
Layer 2 protocol ports, displaying 2-294
Layer 2 protocol-tunnel
error detection for 2-85
error recovery timer 2-87
Layer 2 protocol tunnel counters 2-37
Layer 2 protocol tunneling error recovery 2-130
Layer 2 traceroute
IP addresses 2-488
MAC addresses 2-485
Layer 3 mode, enabling 2-455
line configuration mode 1-2, 1-5
Link Aggregation Control Protocol
link flap
enable timer to recover from error state 2-87
error detection for 2-85
load_helper (boot loader) command A-12
load-distribution methods for EtherChannel 2-203
logging file command 2-135
logical interface 2-92
loopback error, recovery timer 2-87
loop guard, for spanning tree 2-416, 2-419
M
mac access-group 2-137
MAC access-groups, displaying 2-303
MAC access list configuration mode 2-139
mac access-list extended command 2-139
MAC access lists 2-64
MAC addresses
and port security 2-467
debug learning on bridge groups B-11
debug learning on VLANs B-21
displaying
aging time 2-309
all 2-307
dynamic 2-313
Layer 2 multicast entries 2-317
notification settings 2-319
number of addresses in a VLAN 2-311
per interface 2-315
per VLAN 2-323
static 2-321
static and dynamic entries 2-305
dynamic
aging time 2-141
deleting 2-38
displaying 2-313
enabling MAC address notification 2-143
matching 2-153
static
adding and removing 2-145
displaying 2-321
dropping on an interface 2-146
tables 2-307
MAC address notification, debugging B-22
mac address-table aging-time 2-141
mac address-table aging-time command 2-141
mac address-table notification command 2-143
mac address-table static command 2-145
mac address-table static drop command 2-146
MAC named extended access lists 2-139
macro apply command 2-148
macro description command 2-150
macro name command 2-151
macros
adding a description 2-150
applying 2-148
creating 2-151
displaying 2-344
tracing 2-148
macros, interface range 2-61, 2-94
manual
audience xv
purpose of xv
maps
QoS
defining 2-171
displaying 2-331
VLAN
creating 2-509
defining 2-153
displaying 2-384
match (access-map configuration) command 2-153
match (class-map configuration) command 2-155
maximum transmission unit
member switches
memory (boot loader) command A-13
merge failures, displaying 2-265
mkdir (boot loader) command A-15
mls aclmerge delay command 2-158
mls qos aggregate-policer command 2-163
mls qos command 2-160
mls qos cos command 2-165
mls qos cos policy-map command 2-167
mls qos dscp-mutation command 2-169
mls qos map command 2-171
mls qos min-reserve command 2-174
mls qos monitor command 2-175
mls qos trust command 2-177
mode, MVR 2-183
Mode button, and password recovery 2-214
modes, commands 1-1
monitor session command 2-179
more (boot loader) command A-16
MSTP
displaying 2-359
interoperability 2-45
link type 2-418
MST region
aborting changes 2-423
applying changes 2-423
configuration name 2-423
configuration revision number 2-423
current or pending display 2-423
displaying 2-359
MST configuration mode 2-423
VLANs-to-instance mapping 2-423
path cost 2-425
protocol mode 2-421
restart protocol migration process 2-45
root port
loop guard 2-416
preventing from becoming designated 2-416
restricting which can be root 2-416
root guard 2-416
root switch
affects of extended system ID 2-414
interval between BDPU messages 2-429
interval between hello BPDU messages 2-428, 2-434
max-age 2-429
maximum hop count before discarding BPDU 2-430
port priority for selection of 2-431
primary or secondary 2-434
switch priority 2-433
state changes
blocking to forwarding state 2-440
enabling BPDU filtering 2-406, 2-438
enabling BPDU guard 2-408, 2-438
enabling Port Fast 2-438, 2-440
forward-delay time 2-427
length of listening and learning states 2-427
rapid transition to forwarding 2-418
shutting down Port Fast-enabled ports 2-438
state information display 2-358
MTU
configuring size 2-483
displaying global setting 2-366
multicast expansion table (MET), debugging B-23
multicast group address, MVR 2-186
multicast groups, MVR 2-184
multicast router learning method 2-116
multicast router ports, configuring 2-116
multicast routes, debugging B-18, B-19
multicast storm control 2-451
multicast traffic counters 2-284
multicast VLAN, MVR 2-183
multicast VLAN registration
multiple hosts on authorized port 2-69
Multiple Spanning Tree Protocol
multi VPN routing/forwarding instances in customer edge devices
MVR
configuring 2-183
configuring interfaces 2-186
debug messages, display B-24
displaying 2-336
displaying interface information 2-338
members, displaying 2-340
mvr (global configuration) command 2-183
mvr (interface configuration) command 2-186
mvr group command 2-184
mvr vlan group command 2-187
N
native VLANs 2-476
native VLAN tagging 2-515
nonegotiate
DTP messaging 2-465
speed 2-449
non-IP protocols
denying 2-64
forwarding 2-193
non-IP traffic access lists 2-139
non-IP traffic forwarding
denying 2-64
permitting 2-193
normal-range VLANs 2-497, 2-503
note, description xvi
P
PAgP
pagp learn-method command 2-189
pagp port-priority command 2-191
password, VTP 2-523, 2-527, 2-529
password-recovery mechanism, enabling and disabling 2-214
PBR, debug messages, display B-26
permit command 2-193
per-VLAN spanning-tree plus
physical-port learner 2-189
PIM-DVMRP, as multicast router learning method 2-116
police aggregate command 2-198
police command 2-196
policed-DSCP map 2-171
policy-based routing
policy-map command 2-200
policy maps
applying to an interface 2-217, 2-221
creating 2-200
displaying 2-346
policers
for a single class 2-196
for multiple classes 2-163, 2-198
policed-DSCP map 2-171
traffic classification
defining the class 2-32
defining trust states 2-490
setting DSCP or IP precedence values 2-219
Port Aggregation Protocol
port-based authentication
AAA method list 2-1
debug messages, display B-8
enabling 802.1X 2-74
guest VLAN 2-68
manual control of authorization state 2-74
multiple hosts on authorized port 2-69
periodic re-authentication
enabling 2-78
time between attempts 2-81
quiet period between failed authentication exchanges 2-81
re-authenticating 802.1X-enabled ports 2-76
resetting configurable 802.1X parameters 2-67
statistics and status display 2-252
switch-to-client frame-retransmission number 2-72
switch-to-client retransmission time 2-81
port-channel load-balance command 2-203
Port Fast, for spanning tree 2-440
port labels 2-265, 2-268, 2-367
port ranges, defining 2-61
ports, debugging B-27
ports, protected 2-475
port security
aging 2-471
debug messages, display B-29
enabling 2-467
violation error recovery 2-87
port trust states for QoS 2-177
port types, MVR 2-186
power information, displaying 2-255
power inline command 2-204
priority-queue command 2-206
protected ports, displaying 2-282
pruning
VLANs 2-476
VTP
displaying interface information 2-276
publications, related xvii
PVST+
Q
QoS
automatic configuration 2-14
class maps
creating 2-34
defining the match criteria 2-155
displaying 2-233
defining the CoS value for an incoming packet 2-165
displaying configuration information 2-229, 2-325
DSCP trusted ports
applying DSCP-to-DSCP-mutation map to 2-169
defining DSCP-to-DSCP-mutation map 2-171
enabling 2-160
maps
defining 2-171
displaying 2-331
policy maps
applying an aggregate policer 2-198
applying to an interface 2-217, 2-221
creating 2-200
defining CoS 2-167
defining policers 2-163, 2-196
displaying policers 2-326, 2-327
displaying policy maps 2-346
policed-DSCP map 2-171
setting DSCP or IP precedence values 2-219
traffic classifications 2-32
trust states 2-490
port trust states 2-177
queues
CoS-to-egress-queue map 2-535
displaying buffer settings 2-327
displaying queueing strategies 2-327
enabling the expedite 2-206
mapping DSCPs to thresholds 2-537
minimum-reserve level 2-539
minimum-reserve level buffer sizes 2-174
ratio of queue sizes 2-540
tail-drop threshold percentages 2-543
WRED threshold percentages 2-541
WRR weights 2-533
statistics
collecting on specified DSCPs 2-175
displaying DSCP information 2-327
tail-drop
assigning threshold percentages 2-543
mapping DSCPs to thresholds 2-537
WRED
assigning threshold percentages 2-541
enabling 2-541
mapping DSCPs to thresholds 2-537
quality of service
querytime, MVR 2-183
R
rapid per-VLAN spanning-tree plus
rapid PVST+
rcommand command 2-207
re-authenticating 802.1X-enabled ports 2-76
re-authentication
periodic 2-78
time between attempts 2-81
receiver ports, MVR 2-186
receiving flow-control packets 2-89
recovery mechanism
causes 2-87
timer interval 2-87
redundancy for cluster switches 2-58
remote-span command 2-209
Remote Switched Port Analyzer
rename (boot loader) command A-17
reset (boot loader) command A-18
reset command 2-512
resource templates, displaying 2-355
rmdir (boot loader) command A-19
rmon collection stats command 2-210
root guard, for spanning tree 2-416
route distinguisher 2-126
routed ports
IP addresses on 2-101
route-target command 2-126
RSPAN
and IDS 2-181
configuring 2-179
displaying 2-334
filter RSPAN traffic 2-179
remote-span command 2-209
sessions
add interfaces to 2-179
start new 2-179
S
sdm prefer command 2-211
secure ports, limitations 2-469
sending flow-control packets 2-89
service password-recovery command 2-214
service-policy command 2-217
set (boot loader) command A-20
set command 2-219
setup command 2-221
setup express command 2-225
show access-lists command 2-227
show auto qos command 2-229
show boot command 2-231
show changes command 2-512
show class-map command 2-233
show cluster candidates command 2-236
show cluster command 2-234
show cluster members command 2-238
show controllers cpu-interface command 2-241
show controllers ethernet-controller command 2-243
show controllers switch command 2-248
show controllers tcam command 2-249
show current command 2-512
show dot1q-tunnel command 2-251
show dot1x command 2-252
show env command 2-255
show errdisable detect command 2-257
show errdisable flap-values command 2-258
show errdisable recovery command 2-260
show etherchannel command 2-262
show fm command 2-265
show fm interface command 2-268
show fm vlan command 2-270
show forward command 2-271
show interfaces command 2-276
show interfaces counters command 2-284
show ip dhcp snooping binding command 2-288
show ip dhcp snooping command 2-287
show ip igmp profile command 2-290
show ip igmp snooping command 2-291