Corporate Headquarters Cisco Systems, Inc.
170 West Tasman Drive San Jose, CA 95134-1706 USA
http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387) Fax: 408 526-4100
Catalyst 3560 Switch Software Configuration Guide
Cisco IOS Release 12.2(25)SEC July 2005
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R)
Catalyst 3560 Switch Software Configuration Guide
© 2004–2005 Cisco Systems, Inc. All rights reserved.
C O N T E N T S
Preface xxxvii
Audience
xxxviiPurpose
xxxviiConventions
xxxviiiRelated Publications
xxxviiiObtaining Documentation
xxxixCisco.com
xxxixProduct Documentation DVD
xlOrdering Documentation
xlDocumentation Feedback
xlCisco Product Security Overview
xliReporting Security Problems in Cisco Products
xliObtaining Technical Assistance
xliiCisco Technical Support & Documentation Website
xliiSubmitting a Service Request
xliiDefinitions of Service Request Severity
xliiiObtaining Additional Publications and Information
xliiiC H A P T E R 1 Overview 1-1
Features
1-1Ease-of-Use and Ease-of-Deployment Features
1-2Performance Features
1-3Management Options
1-4Manageability Features
1-4Availability Features
1-5VLAN Features
1-6Security Features
1-7QoS and CoS Features
1-8Layer 3 Features
1-9Power over Ethernet Features
1-10Monitoring Features
1-10Default Settings After Initial Switch Configuration
1-11Network Configuration Examples
1-13Design Concepts for Using the Switch
1-14Small to Medium-Sized Network Using Catalyst 3560 Switches
1-17Large Network Using Catalyst 3560 Switches
1-19Long-Distance, High-Bandwidth Transport Configuration
1-20Where to Go Next
1-21C H A P T E R 2 Using the Command-Line Interface 2-1
Understanding Command Modes
2-1Understanding the Help System
2-3Understanding Abbreviated Commands
2-4Understanding no and default Forms of Commands
2-4Understanding CLI Error Messages
2-5Using Configuration Logging
2-5Using Command History
2-6Changing the Command History Buffer Size
2-6Recalling Commands
2-6Disabling the Command History Feature
2-7Using Editing Features
2-7Enabling and Disabling Editing Features
2-7Editing Commands through Keystrokes
2-7Editing Command Lines that Wrap
2-9Searching and Filtering Output of show and more Commands
2-10Accessing the CLI
2-10Accessing the CLI through a Console Connection or through Telnet
2-10C H A P T E R 3 Assigning the Switch IP Address and Default Gateway 3-1
Understanding the Boot Process
3-1Assigning Switch Information
3-2Default Switch Information
3-3Understanding DHCP-Based Autoconfiguration
3-3DHCP Client Request Process
3-4Configuring DHCP-Based Autoconfiguration
3-5DHCP Server Configuration Guidelines
3-5Configuring the TFTP Server
3-5Configuring the DNS
3-6Configuring the Relay Device
3-6Contents
Obtaining Configuration Files
3-7Example Configuration
3-8Manually Assigning IP Information
3-9Checking and Saving the Running Configuration
3-10Modifying the Startup Configuration
3-11Default Boot Configuration
3-12Automatically Downloading a Configuration File
3-12Specifying the Filename to Read and Write the System Configuration
3-12Booting Manually
3-13Booting a Specific Software Image
3-13Controlling Environment Variables
3-14Scheduling a Reload of the Software Image
3-15Configuring a Scheduled Reload
3-16Displaying Scheduled Reload Information
3-17C H A P T E R 4 Configuring IE2100 CNS Agents 4-1
Understanding IE2100 Series Configuration Registrar Software
4-1CNS Configuration Service
4-2CNS Event Service
4-3NameSpace Mapper
4-3What You Should Know About ConfigID, DeviceID, and Hostname
4-3ConfigID
4-3DeviceID
4-4Hostname and DeviceID
4-4Using Hostname, DeviceID, and ConfigID
4-4Understanding CNS Embedded Agents
4-5Initial Configuration
4-5Incremental (Partial) Configuration
4-6Synchronized Configuration
4-6Configuring CNS Embedded Agents
4-6Enabling Automated CNS Configuration
4-6Enabling the CNS Event Agent
4-8Enabling the CNS Configuration Agent
4-9Enabling an Initial Configuration
4-9Enabling a Partial Configuration
4-12Displaying CNS Configuration
4-13C H A P T E R 5 Clustering Switches 5-1
Understanding Switch Clusters
5-1Clustering Overview
5-1Cluster Command Switch Characteristics
5-2Standby Cluster Command Switch Characteristics
5-2Candidate Switch and Cluster Member Switch Characteristics
5-3Using the CLI to Manage Switch Clusters
5-3Catalyst 1900 and Catalyst 2820 CLI Considerations
5-4Using SNMP to Manage Switch Clusters
5-4C H A P T E R 6 Administering the Switch 6-1
Managing the System Time and Date
6-1Understanding the System Clock
6-2Understanding Network Time Protocol
6-2Configuring NTP
6-4Default NTP Configuration
6-4Configuring NTP Authentication
6-5Configuring NTP Associations
6-6Configuring NTP Broadcast Service
6-7Configuring NTP Access Restrictions
6-8Configuring the Source IP Address for NTP Packets
6-10Displaying the NTP Configuration
6-11Configuring Time and Date Manually
6-11Setting the System Clock
6-11Displaying the Time and Date Configuration
6-12Configuring the Time Zone
6-12Configuring Summer Time (Daylight Saving Time)
6-13Configuring a System Name and Prompt
6-14Default System Name and Prompt Configuration
6-15Configuring a System Name
6-15Understanding DNS
6-15Default DNS Configuration
6-16Setting Up DNS
6-16Displaying the DNS Configuration
6-17Creating a Banner
6-17Default Banner Configuration
6-17Configuring a Message-of-the-Day Login Banner
6-18Configuring a Login Banner
6-19Contents
Managing the MAC Address Table
6-19Building the Address Table
6-20MAC Addresses and VLANs
6-20Default MAC Address Table Configuration
6-21Changing the Address Aging Time
6-21Removing Dynamic Address Entries
6-21Configuring MAC Address Notification Traps
6-22Adding and Removing Static Address Entries
6-24Configuring Unicast MAC Address Filtering
6-25Displaying Address Table Entries
6-26Managing the ARP Table
6-26C H A P T E R 7 Configuring SDM Templates 7-1
Understanding the SDM Templates
7-1Dual IPv4 and IPv6 SDM Templates
7-2Configuring the Switch SDM Template
7-3Default SDM Template
7-3SDM Template Configuration Guidelines
7-4Setting the SDM Template
7-4Displaying the SDM Templates
7-5C H A P T E R 8 Configuring Switch-Based Authentication 8-1
Preventing Unauthorized Access to Your Switch
8-1Protecting Access to Privileged EXEC Commands
8-2Default Password and Privilege Level Configuration
8-2Setting or Changing a Static Enable Password
8-3Protecting Enable and Enable Secret Passwords with Encryption
8-3Disabling Password Recovery
8-5Setting a Telnet Password for a Terminal Line
8-6Configuring Username and Password Pairs
8-6Configuring Multiple Privilege Levels
8-8Setting the Privilege Level for a Command
8-8Changing the Default Privilege Level for Lines
8-9Logging into and Exiting a Privilege Level
8-10Controlling Switch Access with TACACS+
8-10Understanding TACACS+
8-10TACACS+ Operation
8-12Configuring TACACS+
8-12Default TACACS+ Configuration
8-13Identifying the TACACS+ Server Host and Setting the Authentication Key
8-13Configuring TACACS+ Login Authentication
8-14Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services
8-16Starting TACACS+ Accounting
8-17Displaying the TACACS+ Configuration
8-17Controlling Switch Access with RADIUS
8-17Understanding RADIUS
8-18RADIUS Operation
8-19Configuring RADIUS
8-19Default RADIUS Configuration
8-20Identifying the RADIUS Server Host
8-20Configuring RADIUS Login Authentication
8-23Defining AAA Server Groups
8-25Configuring RADIUS Authorization for User Privileged Access and Network Services
8-27Starting RADIUS Accounting
8-28Configuring Settings for All RADIUS Servers
8-29Configuring the Switch to Use Vendor-Specific RADIUS Attributes
8-29Configuring the Switch for Vendor-Proprietary RADIUS Server Communication
8-30Displaying the RADIUS Configuration
8-31Controlling Switch Access with Kerberos
8-32Understanding Kerberos
8-32Kerberos Operation
8-34Authenticating to a Boundary Switch
8-35Obtaining a TGT from a KDC
8-35Authenticating to Network Services
8-35Configuring Kerberos
8-36Configuring the Switch for Local Authentication and Authorization
8-36Configuring the Switch for Secure Shell
8-37Understanding SSH
8-38SSH Servers, Integrated Clients, and Supported Versions
8-38Limitations
8-38Configuring SSH
8-39Configuration Guidelines
8-39Setting Up the Switch to Run SSH
8-39Configuring the SSH Server
8-40Displaying the SSH Configuration and Status
8-41Contents
Configuring the Switch for Secure Socket Layer HTTP
8-41Understanding Secure HTTP Servers and Clients
8-42Certificate Authority Trustpoints
8-42CipherSuites
8-43Configuring Secure HTTP Servers and Clients
8-44Default SSL Configuration
8-44SSL Configuration Guidelines
8-44Configuring a CA Trustpoint
8-45Configuring the Secure HTTP Server
8-46Configuring the Secure HTTP Client
8-47Displaying Secure HTTP Server and Client Status
8-48Configuring the Switch for Secure Copy Protocol
8-48C H A P T E R 9 Configuring IEEE 802.1x Port-Based Authentication 9-1
Understanding IEEE 802.1x Port-Based Authentication
9-1Device Roles
9-2Authentication Initiation and Message Exchange
9-3Ports in Authorized and Unauthorized States
9-4IEEE 802.1x Accounting
9-5IEEE 802.1x Accounting Attribute-Value Pairs
9-5IEEE 802.1x Host Mode
9-6Using IEEE 802.1x with Port Security
9-7Using IEEE 802.1x with Voice VLAN Ports
9-8Using IEEE 802.1x with VLAN Assignment
9-8Using IEEE 802.1x with Guest VLAN
9-10Using IEEE 802.1x with Wake-on-LAN
9-10Unidirectional State
9-10Bidirectional State
9-11Using IEEE 802.1x with Per-User ACLs
9-11Configuring IEEE 802.1x Authentication
9-12Default IEEE 802.1x Configuration
9-12IEEE 802.1x Configuration Guidelines
9-14Configuring IEEE 802.1x Authentication
9-15Configuring the Switch-to-RADIUS-Server Communication
9-16Configuring IEEE 802.1x Authentication Using a RADIUS Server
9-18Configuring Periodic Re-Authentication
9-18Manually Re-Authenticating a Client Connected to a Port
9-19Changing the Quiet Period
9-19Changing the Switch-to-Client Retransmission Time
9-20Setting the Switch-to-Client Frame-Retransmission Number
9-21Setting the Re-Authentication Number
9-21Configuring the Host Mode
9-22Configuring a Guest VLAN
9-23Resetting the IEEE 802.1x Configuration to the Default Values
9-24Configuring IEEE 802.1x Accounting
9-25Displaying IEEE 802.1x Statistics and Status
9-26C H A P T E R 10 Configuring Interface Characteristics 10-1
Understanding Interface Types
10-1Port-Based VLANs
10-2Switch Ports
10-2Access Ports
10-3Trunk Ports
10-3Tunnel Ports
10-4Routed Ports
10-4Switch Virtual Interfaces
10-5EtherChannel Port Groups
10-5Power over Ethernet Ports
10-6Supported Protocols and Standards
10-6Powered-Device Detection and Initial Power Allocation
10-7Power Management Modes
10-8Connecting Interfaces
10-9Using Interface Configuration Mode
10-10Procedures for Configuring Interfaces
10-10Configuring a Range of Interfaces
10-11Configuring and Using Interface Range Macros
10-12Configuring Ethernet Interfaces
10-14Default Ethernet Interface Configuration
10-14Configuring Interface Speed and Duplex Mode
10-15Configuration Guidelines
10-16Setting the Interface Speed and Duplex Parameters
10-17Configuring IEEE 802.3z Flow Control
10-18Configuring Auto-MDIX on an Interface
10-19Configuring a Power Management Mode on a PoE Port
10-20Adding a Description for an Interface
10-21Configuring Layer 3 Interfaces
10-22Configuring the System MTU
10-24Contents
Monitoring Interface Status
10-25Clearing and Resetting Interfaces and Counters
10-26Shutting Down and Restarting the Interface
10-26C H A P T E R 11 Configuring Smartports Macros 11-1
Understanding Smartports Macros
11-1Configuring Smartports Macros
11-2Default Smartports Macro Configuration
11-2Smartports Macro Configuration Guidelines
11-3Creating Smartports Macros
11-4Applying Smartports Macros
11-5Applying Cisco-Default Smartports Macros
11-6Displaying Smartports Macros
11-8C H A P T E R 12 Configuring VLANs 12-1
Understanding VLANs
12-1Supported VLANs
12-2VLAN Port Membership Modes
12-3Configuring Normal-Range VLANs
12-4Token Ring VLANs
12-6Normal-Range VLAN Configuration Guidelines
12-6VLAN Configuration Mode Options
12-7VLAN Configuration in config-vlan Mode
12-7VLAN Configuration in VLAN Database Configuration Mode
12-7Saving VLAN Configuration
12-7Default Ethernet VLAN Configuration
12-8Creating or Modifying an Ethernet VLAN
12-9Deleting a VLAN
12-10Assigning Static-Access Ports to a VLAN
12-11Configuring Extended-Range VLANs
12-12Default VLAN Configuration
12-12Extended-Range VLAN Configuration Guidelines
12-13Creating an Extended-Range VLAN
12-14Creating an Extended-Range VLAN with an Internal VLAN ID
12-15Displaying VLANs
12-16Configuring VLAN Trunks
12-16Trunking Overview
12-16Encapsulation Types
12-18IEEE 802.1Q Configuration Considerations
12-19Default Layer 2 Ethernet Interface VLAN Configuration
12-19Configuring an Ethernet Interface as a Trunk Port
12-19Interaction with Other Features
12-20Configuring a Trunk Port
12-21Defining the Allowed VLANs on a Trunk
12-22Changing the Pruning-Eligible List
12-23Configuring the Native VLAN for Untagged Traffic
12-23Configuring Trunk Ports for Load Sharing
12-24Load Sharing Using STP Port Priorities
12-24Load Sharing Using STP Path Cost
12-26Configuring VMPS
12-28Understanding VMPS
12-28Dynamic-Access Port VLAN Membership
12-29Default VMPS Client Configuration
12-29VMPS Configuration Guidelines
12-29Configuring the VMPS Client
12-30Entering the IP Address of the VMPS
12-30Configuring Dynamic-Access Ports on VMPS Clients
12-31Reconfirming VLAN Memberships
12-31Changing the Reconfirmation Interval
12-31Changing the Retry Count
12-32Monitoring the VMPS
12-32Troubleshooting Dynamic-Access Port VLAN Membership
12-33VMPS Configuration Example
12-33C H A P T E R 13 Configuring VTP 13-1
Understanding VTP
13-1The VTP Domain
13-2VTP Modes
13-3VTP Advertisements
13-3VTP Version 2
13-4VTP Pruning
13-4Contents
Configuring VTP
13-6Default VTP Configuration
13-6VTP Configuration Options
13-7VTP Configuration in Global Configuration Mode
13-7VTP Configuration in VLAN Database Configuration Mode
13-7VTP Configuration Guidelines
13-8Domain Names
13-8Passwords
13-8VTP Version
13-8Configuration Requirements
13-9Configuring a VTP Server
13-9Configuring a VTP Client
13-11Disabling VTP (VTP Transparent Mode)
13-12Enabling VTP Version 2
13-13Enabling VTP Pruning
13-14Adding a VTP Client Switch to a VTP Domain
13-14Monitoring VTP
13-16C H A P T E R 14 Configuring Private VLANs 14-1
Understanding Private VLANs
14-1IP Addressing Scheme with Private VLANs
14-3Private VLANs across Multiple Switches
14-4Private-VLAN Interaction with Other Features
14-4Private VLANs and Unicast, Broadcast, and Multicast Traffic
14-5Private VLANs and SVIs
14-5Configuring Private VLANs
14-5Tasks for Configuring Private VLANs
14-6Default Private-VLAN Configuration
14-6Private-VLAN Configuration Guidelines
14-6Secondary and Primary VLAN Configuration
14-6Private-VLAN Port Configuration
14-8Limitations with Other Features
14-8Configuring and Associating VLANs in a Private VLAN
14-9Configuring a Layer 2 Interface as a Private-VLAN Host Port
14-11Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port
14-12Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface
14-13Monitoring Private VLANs
14-14C H A P T E R 15 Configuring Voice VLAN 15-1
Understanding Voice VLAN
15-1Cisco IP Phone Voice Traffic
15-2Cisco IP Phone Data Traffic
15-2Configuring Voice VLAN
15-3Default Voice VLAN Configuration
15-3Voice VLAN Configuration Guidelines
15-3Configuring a Port Connected to a Cisco 7960 IP Phone
15-4Configuring IP Phone Voice Traffic
15-5Configuring the Priority of Incoming Data Frames
15-6Displaying Voice VLAN
15-7C H A P T E R 16 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling 16-1
Understanding IEEE 802.1Q Tunneling
16-1Configuring IEEE 802.1Q Tunneling
16-4Default IEEE 802.1Q Tunneling Configuration
16-4IEEE 802.1Q Tunneling Configuration Guidelines
16-4Native VLANs
16-4System MTU
16-5IEEE 802.1Q Tunneling and Other Features
16-6Configuring an IEEE 802.1Q Tunneling Port
16-6Understanding Layer 2 Protocol Tunneling
16-7Configuring Layer 2 Protocol Tunneling
16-10Default Layer 2 Protocol Tunneling Configuration
16-11Layer 2 Protocol Tunneling Configuration Guidelines
16-11Configuring Layer 2 Protocol Tunneling
16-13Configuring Layer 2 Tunneling for EtherChannels
16-14Configuring the SP Edge Switch
16-15Configuring the Customer Switch
16-16Monitoring and Maintaining Tunneling Status
16-18Contents
C H A P T E R 17 Configuring STP 17-1
Understanding Spanning-Tree Features
17-1STP Overview
17-2Spanning-Tree Topology and BPDUs
17-3Bridge ID, Switch Priority, and Extended System ID
17-4Spanning-Tree Interface States
17-4Blocking State
17-6Listening State
17-6Learning State
17-6Forwarding State
17-6Disabled State
17-7How a Switch or Port Becomes the Root Switch or Root Port
17-7Spanning Tree and Redundant Connectivity
17-8Spanning-Tree Address Management
17-8Accelerated Aging to Retain Connectivity
17-8Spanning-Tree Modes and Protocols
17-9Supported Spanning-Tree Instances
17-9Spanning-Tree Interoperability and Backward Compatibility
17-10STP and IEEE 802.1Q Trunks
17-10VLAN-Bridge Spanning Tree
17-10Configuring Spanning-Tree Features
17-11Default Spanning-Tree Configuration
17-11Spanning-Tree Configuration Guidelines
17-12Changing the Spanning-Tree Mode.
17-13Disabling Spanning Tree
17-14Configuring the Root Switch
17-14Configuring a Secondary Root Switch
17-16Configuring Port Priority
17-16Configuring Path Cost
17-17Configuring the Switch Priority of a VLAN
17-19Configuring Spanning-Tree Timers
17-19Configuring the Hello Time
17-20Configuring the Forwarding-Delay Time for a VLAN
17-21Configuring the Maximum-Aging Time for a VLAN
17-21Configuring the Transmit Hold-Count
17-22Displaying the Spanning-Tree Status
17-22C H A P T E R 18 Configuring MSTP 18-1
Understanding MSTP
18-2Multiple Spanning-Tree Regions
18-2IST, CIST, and CST
18-3Operations Within an MST Region
18-3Operations Between MST Regions
18-4IEEE 802.1s Terminology
18-5Hop Count
18-5Boundary Ports
18-6IEEE 802.1s Implementation
18-6Port Role Naming Change
18-7Interoperation Between Legacy and Standard Switches
18-7Detecting Unidirectional Link Failure
18-8Interoperability with IEEE 802.1D STP
18-8Understanding RSTP
18-8Port Roles and the Active Topology
18-9Rapid Convergence
18-10Synchronization of Port Roles
18-11Bridge Protocol Data Unit Format and Processing
18-12Processing Superior BPDU Information
18-13Processing Inferior BPDU Information
18-13Topology Changes
18-13Configuring MSTP Features
18-14Default MSTP Configuration
18-14MSTP Configuration Guidelines
18-15Specifying the MST Region Configuration and Enabling MSTP
18-16Configuring the Root Switch
18-17Configuring a Secondary Root Switch
18-18Configuring Port Priority
18-20Configuring Path Cost
18-21Configuring the Switch Priority
18-22Configuring the Hello Time
18-22Configuring the Forwarding-Delay Time
18-23Configuring the Maximum-Aging Time
18-24Configuring the Maximum-Hop Count
18-24Specifying the Link Type to Ensure Rapid Transitions
18-25Designating the Neighbor Type
18-25Restarting the Protocol Migration Process
18-26Displaying the MST Configuration and Status
Contents
C H A P T E R 19 Configuring Optional Spanning-Tree Features 19-1
Understanding Optional Spanning-Tree Features
19-1Understanding Port Fast
19-2Understanding BPDU Guard
19-3Understanding BPDU Filtering
19-3Understanding UplinkFast
19-4Understanding BackboneFast
19-5Understanding EtherChannel Guard
19-7Understanding Root Guard
19-8Understanding Loop Guard
19-9Configuring Optional Spanning-Tree Features
19-9Default Optional Spanning-Tree Configuration
19-9Optional Spanning-Tree Configuration Guidelines
19-10Enabling Port Fast
19-10Enabling BPDU Guard
19-11Enabling BPDU Filtering
19-12Enabling UplinkFast for Use with Redundant Links
19-12Enabling BackboneFast
19-13Enabling EtherChannel Guard
19-14Enabling Root Guard
19-14Enabling Loop Guard
19-15Displaying the Spanning-Tree Status
19-16C H A P T E R 20 Configuring Flex Links 20-1
Understanding Flex Links
20-1Configuring Flex Links
20-2Default Flex Link Configuration
20-2Flex Link Configuration Guidelines
20-2Configuring Flex Links
20-3Monitoring Flex Links
20-3C H A P T E R 21 Configuring DHCP Features and IP Source Guard 21-1
Understanding DHCP Features
21-1DHCP Server
21-2DHCP Relay Agent
21-2DHCP Snooping
21-2Option-82 Data Insertion
21-3Cisco IOS DHCP Server Database
21-5DHCP Snooping Binding Database
Configuring DHCP Features
21-7Default DHCP Configuration
21-7DHCP Snooping Configuration Guidelines
21-8Configuring the DHCP Server
21-9Configuring the DHCP Relay Agent
21-9Specifying the Packet Forwarding Address
21-9Enabling DHCP Snooping and Option 82
21-10Enabling DHCP Snooping on Private VLANs
21-12Enabling the Cisco IOS DHCP Server Database
21-12Enabling the DHCP Snooping Binding Database Agent
21-12Displaying DHCP Snooping Information
21-13Understanding IP Source Guard
21-14Source IP Address Filtering
21-14Source IP and MAC Address Filtering
21-14Configuring IP Source Guard
21-15Default IP Source Guard Configuration
21-15IP Source Guard Configuration Guidelines
21-15Enabling IP Source Guard
21-16Displaying IP Source Guard Information
21-17C H A P T E R 22 Configuring Dynamic ARP Inspection 22-1
Understanding Dynamic ARP Inspection
22-1Interface Trust States and Network Security
22-3Rate Limiting of ARP Packets
22-4Relative Priority of ARP ACLs and DHCP Snooping Entries
22-4Logging of Dropped Packets
22-4Configuring Dynamic ARP Inspection
22-5Default Dynamic ARP Inspection Configuration
22-5Dynamic ARP Inspection Configuration Guidelines
22-6Configuring Dynamic ARP Inspection in DHCP Environments
22-7Configuring ARP ACLs for Non-DHCP Environments
22-8Limiting the Rate of Incoming ARP Packets
22-10Performing Validation Checks
22-11Configuring the Log Buffer
22-12Displaying Dynamic ARP Inspection Information
22-14Contents
C H A P T E R 23 Configuring IGMP Snooping and MVR 23-1
Understanding IGMP Snooping
23-1IGMP Versions
23-2Joining a Multicast Group
23-3Leaving a Multicast Group
23-4Immediate Leave
23-5IGMP Configurable-Leave Timer
23-5IGMP Report Suppression
23-5Configuring IGMP Snooping
23-6Default IGMP Snooping Configuration
23-6Enabling or Disabling IGMP Snooping
23-6Setting the Snooping Method
23-7Configuring a Multicast Router Port
23-8Configuring a Host Statically to Join a Group
23-9Enabling IGMP Immediate Leave
23-10Configuring the IGMP Leave Timer
23-11Configuring the IGMP Snooping Querier
23-11Disabling IGMP Report Suppression
23-13Displaying IGMP Snooping Information
23-13Understanding Multicast VLAN Registration
23-14Using MVR in a Multicast Television Application
23-15Configuring MVR
23-17Default MVR Configuration
23-17MVR Configuration Guidelines and Limitations
23-17Configuring MVR Global Parameters
23-18Configuring MVR Interfaces
23-19Displaying MVR Information
23-21Configuring IGMP Filtering and Throttling
23-21Default IGMP Filtering and Throttling Configuration
23-22Configuring IGMP Profiles
23-22Applying IGMP Profiles
23-24Setting the Maximum Number of IGMP Groups
23-24Configuring the IGMP Throttling Action
23-25Displaying IGMP Filtering and Throttling Configuration
23-26C H A P T E R 24 Configuring Port-Based Traffic Control 24-1
Configuring Storm Control
24-1Understanding Storm Control
24-1Default Storm Control Configuration
24-3Configuring Storm Control and Threshold Levels
24-3Configuring Protected Ports
24-5Default Protected Port Configuration
24-5Protected Port Configuration Guidelines
24-6Configuring a Protected Port
24-6Configuring Port Blocking
24-6Default Port Blocking Configuration
24-7Blocking Flooded Traffic on an Interface
24-7Configuring Port Security
24-7Understanding Port Security
24-8Secure MAC Addresses
24-8Security Violations
24-9Default Port Security Configuration
24-10Port Security Configuration Guidelines
24-10Enabling and Configuring Port Security
24-12Enabling and Configuring Port Security Aging
24-15Displaying Port-Based Traffic Control Settings
24-16C H A P T E R 25 Configuring CDP 26-1
Understanding CDP
26-1Configuring CDP
26-2Default CDP Configuration
26-2Configuring the CDP Characteristics
26-2Disabling and Enabling CDP
26-3Disabling and Enabling CDP on an Interface
26-4Monitoring and Maintaining CDP
26-5C H A P T E R 26 Configuring UDLD 26-1
Understanding UDLD
26-1Modes of Operation
26-1Methods to Detect Unidirectional Links
26-2Configuring UDLD
26-4Default UDLD Configuration
26-4Configuration Guidelines
26-4Contents
Enabling UDLD Globally
26-5Enabling UDLD on an Interface
26-5Resetting an Interface Disabled by UDLD
26-6Displaying UDLD Status
26-6C H A P T E R 27 Configuring SPAN and RSPAN 27-1
Understanding SPAN and RSPAN
27-1Local SPAN
27-2Remote SPAN
27-2SPAN and RSPAN Concepts and Terminology
27-3SPAN Sessions
27-3Monitored Traffic
27-4Source Ports
27-5Source VLANs
27-6VLAN Filtering
27-6Destination Port
27-6RSPAN VLAN
27-8SPAN and RSPAN Interaction with Other Features
27-8Configuring SPAN and RSPAN
27-9Default SPAN and RSPAN Configuration
27-9Configuring Local SPAN
27-10SPAN Configuration Guidelines
27-10Creating a Local SPAN Session
27-11Creating a Local SPAN Session and Configuring Ingress Traffic
27-13Specifying VLANs to Filter
27-15Configuring RSPAN
27-16RSPAN Configuration Guidelines
27-16Configuring a VLAN as an RSPAN VLAN
27-17Creating an RSPAN Source Session
27-18Creating an RSPAN Destination Session
27-19Creating an RSPAN Destination Session and Configuring Ingress Traffic
27-20Specifying VLANs to Filter
27-22Displaying SPAN and RSPAN Status
27-23C H A P T E R 28 Configuring RMON 28-1
Understanding RMON
28-1Configuring RMON
28-2Default RMON Configuration
28-3Configuring RMON Alarms and Events
28-3Collecting Group History Statistics on an Interface
28-5Collecting Group Ethernet Statistics on an Interface
28-6Displaying RMON Status
28-6C H A P T E R 29 Configuring System Message Logging 29-1
Understanding System Message Logging
29-1Configuring System Message Logging
29-2System Log Message Format
29-2Default System Message Logging Configuration
29-3Disabling Message Logging
29-3Setting the Message Display Destination Device
29-4Synchronizing Log Messages
29-5Enabling and Disabling Time Stamps on Log Messages
29-7Enabling and Disabling Sequence Numbers in Log Messages
29-7Defining the Message Severity Level
29-8Limiting Syslog Messages Sent to the History Table and to SNMP
29-9Configuring UNIX Syslog Servers
29-10Logging Messages to a UNIX Syslog Daemon
29-11Configuring the UNIX System Logging Facility
29-11Displaying the Logging Configuration
29-12C H A P T E R 30 Configuring SNMP 30-1
Understanding SNMP
30-1SNMP Versions
30-2SNMP Manager Functions
30-3SNMP Agent Functions
30-4SNMP Community Strings
30-4Using SNMP to Access MIB Variables
30-4SNMP Notifications
30-5SNMP ifIndex MIB Object Values
30-5Configuring SNMP
30-6Default SNMP Configuration
30-6SNMP Configuration Guidelines
30-7Disabling the SNMP Agent
30-8Configuring Community Strings
30-8Configuring SNMP Groups and Users
30-9Configuring SNMP Notifications
30-11Setting the Agent Contact and Location Information
30-14Contents
Limiting TFTP Servers Used Through SNMP
30-15SNMP Examples
30-15Displaying SNMP Status
30-16C H A P T E R 31 Configuring Network Security with ACLs 31-1
Understanding ACLs
31-1Supported ACLs
31-2Port ACLs
31-3Router ACLs
31-4VLAN Maps
31-5Handling Fragmented and Unfragmented Traffic
31-5Configuring IPv4 ACLs
31-6Creating Standard and Extended IPv4 ACLs
31-7Access List Numbers
31-8ACL Logging
31-8Creating a Numbered Standard ACL
31-9Creating a Numbered Extended ACL
31-10Resequencing ACEs in an ACL
31-14Creating Named Standard and Extended ACLs
31-14Using Time Ranges with ACLs
31-16Including Comments in ACLs
31-18Applying an IPv4 ACL to a Terminal Line
31-18Applying an IPv4 ACL to an Interface
31-19Hardware and Software Treatment of IP ACLs
31-21IPv4 ACL Configuration Examples
31-21Numbered ACLs
31-23Extended ACLs
31-23Named ACLs
31-23Time Range Applied to an IP ACL
31-24Commented IP ACL Entries
31-24ACL Logging
31-25Creating Named MAC Extended ACLs
31-26Applying a MAC ACL to a Layer 2 Interface
31-28Configuring VLAN Maps
31-29VLAN Map Configuration Guidelines
31-29Creating a VLAN Map
31-30Examples of ACLs and VLAN Maps
31-31Applying a VLAN Map to a VLAN
31-33Using VLAN Maps in Your Network
31-33Wiring Closet Configuration
31-34Denying Access to a Server on Another VLAN
31-35Using VLAN Maps with Router ACLs
31-36VLAN Maps and Router ACL Configuration Guidelines
31-36Examples of Router ACLs and VLAN Maps Applied to VLANs
31-37ACLs and Switched Packets
31-37ACLs and Bridged Packets
31-38ACLs and Routed Packets
31-38ACLs and Multicast Packets
31-39Displaying IPv4 ACL Configuration
31-40C H A P T E R 32 Configuring QoS 32-1
Understanding QoS
32-2Basic QoS Model
32-3Classification
32-5Classification Based on QoS ACLs
32-7Classification Based on Class Maps and Policy Maps
32-7Policing and Marking
32-8Policing on Physical Ports
32-9Policing on SVIs
32-10Mapping Tables
32-12Queueing and Scheduling Overview
32-13Weighted Tail Drop
32-13SRR Shaping and Sharing
32-14Queueing and Scheduling on Ingress Queues
32-15Queueing and Scheduling on Egress Queues
32-17Packet Modification
32-19Configuring Auto-QoS
32-20Generated Auto-QoS Configuration
32-20Effects of Auto-QoS on the Configuration
32-25Auto-QoS Configuration Guidelines
32-25Upgrading from a Previous Software Release
32-26Enabling Auto-QoS for VoIP
32-27Auto-QoS Configuration Example
32-28Displaying Auto-QoS Information
32-30Contents
Configuring Standard QoS
32-30Default Standard QoS Configuration
32-31Default Ingress Queue Configuration
32-31Default Egress Queue Configuration
32-32Default Mapping Table Configuration
32-33Standard QoS Configuration Guidelines
32-33QoS ACL Guidelines
32-33Applying QoS on Interfaces
32-33Policing Guidelines
32-34General QoS Guidelines
32-34Enabling QoS Globally
32-35Enabling VLAN-Based QoS on Physical Ports
32-35Configuring Classification Using Port Trust States
32-36Configuring the Trust State on Ports within the QoS Domain
32-36Configuring the CoS Value for an Interface
32-37Configuring a Trusted Boundary to Ensure Port Security
32-38Enabling DSCP Transparency Mode
32-39Configuring the DSCP Trust State on a Port Bordering Another QoS Domain
32-40Configuring a QoS Policy
32-42Classifying Traffic by Using ACLs
32-43Classifying Traffic by Using Class Maps
32-46Classifying, Policing, and Marking Traffic on Physical Ports by Using Policy Maps
32-48Classifying, Policing, and Marking Traffic on SVIs by Using Hierarchical Policy Maps
32-51Classifying, Policing, and Marking Traffic by Using Aggregate Policers
32-58Configuring DSCP Maps
32-60Configuring the CoS-to-DSCP Map
32-60Configuring the IP-Precedence-to-DSCP Map
32-61Configuring the Policed-DSCP Map
32-62Configuring the DSCP-to-CoS Map
32-63Configuring the DSCP-to-DSCP-Mutation Map
32-64Configuring Ingress Queue Characteristics
32-66Mapping DSCP or CoS Values to an Ingress Queue and Setting WTD Thresholds
32-67Allocating Buffer Space Between the Ingress Queues
32-68Allocating Bandwidth Between the Ingress Queues
32-69Configuring the Ingress Priority Queue
32-70Configuring Egress Queue Characteristics
32-71Configuration Guidelines
32-71Allocating Buffer Space to and Setting WTD Thresholds for an Egress Queue-Set
32-71Mapping DSCP or CoS Values to an Egress Queue and to a Threshold ID
32-73Configuring SRR Shaped Weights on Egress Queues
32-75Configuring SRR Shared Weights on Egress Queues
32-76Configuring the Egress Expedite Queue
32-77Limiting the Bandwidth on an Egress Interface
32-77Displaying Standard QoS Information
32-78C H A P T E R 33 Configuring EtherChannels 33-1
Understanding EtherChannels
33-1EtherChannel Overview
33-2Port-Channel Interfaces
33-3Port Aggregation Protocol
33-4PAgP Modes
33-4PAgP Interaction with Other Features
33-5Link Aggregation Control Protocol
33-5LACP Modes
33-6LACP Interaction with Other Features
33-6Load Balancing and Forwarding Methods
33-6Configuring EtherChannels
33-8Default EtherChannel Configuration
33-9EtherChannel Configuration Guidelines
33-9Configuring Layer 2 EtherChannels
33-10Configuring Layer 3 EtherChannels
33-13Creating Port-Channel Logical Interfaces
33-13Configuring the Physical Interfaces
33-14Configuring EtherChannel Load Balancing
33-16Configuring the PAgP Learn Method and Priority
33-17Configuring LACP Hot-Standby Ports
33-18Configuring the LACP System Priority
33-19Configuring the LACP Port Priority
33-19Displaying EtherChannel, PAgP, and LACP Status
33-20C H A P T E R 34 Configuring IP Unicast Routing 34-1
Understanding IP Routing
34-2Types of Routing
34-2Steps for Configuring Routing
34-3Configuring IP Addressing
34-4Default Addressing Configuration
34-4Assigning IP Addresses to Network Interfaces
34-5Use of Subnet Zero
34-6Contents
Configuring Address Resolution Methods
34-8Define a Static ARP Cache
34-9Set ARP Encapsulation
34-10Enable Proxy ARP
34-10Routing Assistance When IP Routing is Disabled
34-11Proxy ARP
34-11Default Gateway
34-11ICMP Router Discovery Protocol (IRDP)
34-12Configuring Broadcast Packet Handling
34-13Enabling Directed Broadcast-to-Physical Broadcast Translation
34-13Forwarding UDP Broadcast Packets and Protocols
34-14Establishing an IP Broadcast Address
34-15Flooding IP Broadcasts
34-16Monitoring and Maintaining IP Addressing
34-17Enabling IP Unicast Routing
34-18Configuring RIP
34-18Default RIP Configuration
34-19Configuring Basic RIP Parameters
34-20Configuring RIP Authentication
34-21Configuring Summary Addresses and Split Horizon
34-22Configuring Split Horizon
34-23Configuring OSPF
34-24Default OSPF Configuration
34-25Nonstop Forwarding Awareness
34-26Configuring Basic OSPF Parameters
34-26Configuring OSPF Interfaces
34-27Configuring OSPF Area Parameters
34-28Configuring Other OSPF Parameters
34-30Changing LSA Group Pacing
34-32Configuring a Loopback Interface
34-32Monitoring OSPF
34-33Configuring EIGRP
34-33Default EIGRP Configuration
34-35Nonstop Forwarding Awareness
34-36Configuring Basic EIGRP Parameters
34-37Configuring EIGRP Interfaces
34-37Configuring EIGRP Route Authentication
34-38Monitoring and Maintaining EIGRP
34-39Configuring BGP
34-40Default BGP Configuration
34-42Nonstop Forwarding Awareness
34-44Enabling BGP Routing
34-44Managing Routing Policy Changes
34-47Configuring BGP Decision Attributes
34-48Configuring BGP Filtering with Route Maps
34-50Configuring BGP Filtering by Neighbor
34-51Configuring Prefix Lists for BGP Filtering
34-52Configuring BGP Community Filtering
34-54Configuring BGP Neighbors and Peer Groups
34-55Configuring Aggregate Addresses
34-57Configuring Routing Domain Confederations
34-58Configuring BGP Route Reflectors
34-58Configuring Route Dampening
34-59Monitoring and Maintaining BGP
34-60Configuring Multi-VRF CE
34-61Understanding Multi-VRF CE
34-62Default Multi-VRF CE Configuration
34-64Multi-VRF CE Configuration Guidelines
34-64Configuring VRFs
34-65Configuring a VPN Routing Session
34-66Configuring BGP PE to CE Routing Sessions
34-67Multi-VRF CE Configuration Example
34-67Displaying Multi-VRF CE Status
34-71Configuring Protocol-Independent Features
34-72Configuring Cisco Express Forwarding
34-72Configuring the Number of Equal-Cost Routing Paths
34-73Configuring Static Unicast Routes
34-74Specifying Default Routes and Networks
34-75Using Route Maps to Redistribute Routing Information
34-76Configuring Policy-Based Routing
34-79PBR Configuration Guidelines
34-80Enabling PBR
34-81Filtering Routing Information
34-82Setting Passive Interfaces
34-82Controlling Advertising and Processing in Routing Updates
34-83Filtering Sources of Routing Information
34-84Managing Authentication Keys
34-85Contents
Monitoring and Maintaining the IP Network
34-86C H A P T E R 35 Configuring IPv6 Unicast Routing 35-1
Understanding IPv6
35-1IPv6 Addresses
35-2Supported IPv6 Unicast Routing Features
35-3128-Bit Wide Unicast Addresses
35-3DNS for IPv6
35-4Path MTU Discovery for IPv6 Unicast
35-4ICMPv6
35-4IPv6 Stateless Autoconfiguration and Duplicate Address Detection
35-4IPv6 Applications
35-5Dual IPv4 and IPv6 Protocol Stacks
35-5Unsupported IPv6 Unicast Routing Features
35-6Limitations
35-6SDM Templates
35-7Dual IPv4-and IPv6 SDM Templates
35-8Configuring IPv6
35-9Default IPv6 Configuration
35-9Configuring IPv6 Addressing and Enabling IPv6 Routing
35-10Configuring IPv4 and IPv6 Protocol Stacks
35-12Configuring IPv6 ICMP Rate Limiting
35-14Configuring CEF for IPv6
35-14Configuring Static Routing for IPv6
35-15Configuring RIP for IPv6
35-17Configuring OSPF for IPv6
35-19Displaying IPv6
35-21C H A P T E R 36 Configuring HSRP 36-1
Understanding HSRP
36-1Multiple HSRP
36-3Configuring HSRP
36-4Default HSRP Configuration
36-5HSRP Configuration Guidelines
36-5Enabling HSRP
36-5Configuring HSRP Priority
36-6Configuring MHSRP
36-9Configuring HSRP Authentication and Timers
36-9Enabling HSRP Support for ICMP Redirect Messages
36-11Configuring HSRP Groups and Clustering
36-11Displaying HSRP Configurations
36-11C H A P T E R 37 Configuring IP Multicast Routing 37-1
Understanding Cisco’s Implementation of IP Multicast Routing
37-2Understanding IGMP
37-2IGMP Version 1
37-3IGMP Version 2
37-3Understanding PIM
37-3PIM Versions
37-4PIM Modes
37-4Auto-RP
37-5Bootstrap Router
37-5Multicast Forwarding and Reverse Path Check
37-6Understanding DVMRP
37-7Understanding CGMP
37-8Configuring IP Multicast Routing
37-8Default Multicast Routing Configuration
37-8Multicast Routing Configuration Guidelines
37-9PIMv1 and PIMv2 Interoperability
37-9Auto-RP and BSR Configuration Guidelines
37-10Configuring Basic Multicast Routing
37-10Configuring a Rendezvous Point
37-12Manually Assigning an RP to Multicast Groups
37-12Configuring Auto-RP
37-13Configuring PIMv2 BSR
37-17Using Auto-RP and a BSR
37-21Monitoring the RP Mapping Information
37-22Troubleshooting PIMv1 and PIMv2 Interoperability Problems
37-22Configuring Advanced PIM Features
37-23Understanding PIM Shared Tree and Source Tree
37-23Delaying the Use of PIM Shortest-Path Tree
37-24Modifying the PIM Router-Query Message Interval
37-25Configuring Optional IGMP Features
37-26Default IGMP Configuration
37-26Configuring the Switch as a Member of a Group
37-26Controlling Access to IP Multicast Groups
37-27Contents
Modifying the IGMP Host-Query Message Interval
37-29Changing the IGMP Query Timeout for IGMPv2
37-30Changing the Maximum Query Response Time for IGMPv2
37-30Configuring the Switch as a Statically Connected Member
37-31Configuring Optional Multicast Routing Features
37-31Enabling CGMP Server Support
37-32Configuring sdr Listener Support
37-33Enabling sdr Listener Support
37-33Limiting How Long an sdr Cache Entry Exists
37-34Configuring an IP Multicast Boundary
37-34Configuring Basic DVMRP Interoperability Features
37-36Configuring DVMRP Interoperability
37-36Configuring a DVMRP Tunnel
37-38Advertising Network 0.0.0.0 to DVMRP Neighbors
37-40Responding to mrinfo Requests
37-41Configuring Advanced DVMRP Interoperability Features
37-41Enabling DVMRP Unicast Routing
37-42Rejecting a DVMRP Nonpruning Neighbor
37-42Controlling Route Exchanges
37-45Limiting the Number of DVMRP Routes Advertised
37-45Changing the DVMRP Route Threshold
37-45Configuring a DVMRP Summary Address
37-46Disabling DVMRP Autosummarization
37-48Adding a Metric Offset to the DVMRP Route
37-48Monitoring and Maintaining IP Multicast Routing
37-49Clearing Caches, Tables, and Databases
37-49Displaying System and Network Statistics
37-50Monitoring IP Multicast Routing
37-51C H A P T E R 38 Configuring MSDP 38-1
Understanding MSDP
38-1MSDP Operation
38-2MSDP Benefits
38-3Configuring MSDP
38-4Default MSDP Configuration
38-4Configuring a Default MSDP Peer
38-4Caching Source-Active State
38-6Requesting Source Information from an MSDP Peer
38-8Controlling Source Information that Your Switch Originates
38-9Redistributing Sources
38-9Filtering Source-Active Request Messages
38-11Controlling Source Information that Your Switch Forwards
38-12Using a Filter
38-12Using TTL to Limit the Multicast Data Sent in SA Messages
38-14Controlling Source Information that Your Switch Receives
38-14Configuring an MSDP Mesh Group
38-16Shutting Down an MSDP Peer
38-16Including a Bordering PIM Dense-Mode Region in MSDP
38-17Configuring an Originating Address other than the RP Address
38-18Monitoring and Maintaining MSDP
38-19C H A P T E R 39 Configuring Fallback Bridging 39-1
Understanding Fallback Bridging
39-1Configuring Fallback Bridging
39-3Default Fallback Bridging Configuration
39-3Fallback Bridging Configuration Guidelines
39-3Creating a Bridge Group
39-4Adjusting Spanning-Tree Parameters
39-5Changing the VLAN-Bridge Spanning-Tree Priority
39-6Changing the Interface Priority
39-6Assigning a Path Cost
39-7Adjusting BPDU Intervals
39-8Disabling the Spanning Tree on an Interface
39-10Monitoring and Maintaining Fallback Bridging
39-10C H A P T E R 40 Troubleshooting 40-1
Recovering from a Software Failure
40-2Recovering from a Lost or Forgotten Password
40-3Procedure with Password Recovery Enabled
40-4Procedure with Password Recovery Disabled
40-6Recovering from a Command Switch Failure
40-7Replacing a Failed Command Switch with a Cluster Member
40-8Replacing a Failed Command Switch with Another Switch
40-10Recovering from Lost Cluster Member Connectivity
40-11Preventing Autonegotiation Mismatches
40-11Contents
Troubleshooting Power over Ethernet Switch Ports
40-12Disabled Port Caused by Power Loss
40-12Disabled Port Caused by False Link Up
40-12SFP Module Security and Identification
40-12Monitoring SFP Module Status
40-13Monitoring Temperature
40-13Using Ping
40-13Understanding Ping
40-13Executing Ping
40-14Using Layer 2 Traceroute
40-15Understanding Layer 2 Traceroute
40-15Usage Guidelines
40-15Displaying the Physical Path
40-16Using IP Traceroute
40-16Understanding IP Traceroute
40-16Executing IP Traceroute
40-17Using TDR
40-18Understanding TDR
40-18Running TDR and Displaying the Results
40-19Using Debug Commands
40-19Enabling Debugging on a Specific Feature
40-19Enabling All-System Diagnostics
40-20Redirecting Debug and Error Message Output
40-20Using the show platform forward Command
40-21Using the crashinfo File
40-23A P P E N D I X A Supported MIBs A-1
MIB List
A-1Using FTP to Access the MIB Files
A-3A P P E N D I X B Working with the Cisco IOS File System, Configuration Files, and Software Images B-1