Section |
Page |
Contents |
3 |
Preface |
32 |
Audience |
32 |
Related Documentation |
32 |
Conventions |
33 |
Product Overview |
35 |
Supported Hardware and Software |
35 |
User Interfaces |
35 |
Configuring Embedded CiscoView Support |
36 |
Understanding Embedded CiscoView |
36 |
Installing and Configuring Embedded CiscoView |
36 |
Displaying Embedded CiscoView Information |
37 |
Software Features Supported in Hardware by the PFC and DFC |
37 |
Software Features Supported in Hardware by the PFC3, PFC2, DFC3, and DFC |
37 |
Software Features Supported in Hardware by the PFC3 and DFC3 |
38 |
Command-Line Interfaces |
41 |
Accessing the CLI |
42 |
Accessing the CLI through the EIA/TIA-232 Console Interface |
42 |
Accessing the CLI through Telnet |
42 |
Performing Command Line Processing |
43 |
Performing History Substitution |
44 |
Cisco IOS Command Modes |
44 |
Displaying a List of Cisco IOS Commands and Syntax |
45 |
Securing the CLI |
46 |
ROM-Monitor Command-Line Interface |
47 |
Configuring the Router for the First Time |
49 |
Default Configuration |
50 |
Configuring the Router |
50 |
Using the Setup Facility or the setup Command |
50 |
Setup Overview |
50 |
Configuring the Global Parameters |
51 |
Configuring Interfaces |
56 |
Using Configuration Mode |
58 |
Checking the Running Configuration Before Saving |
58 |
Saving the Running Configuration Settings |
59 |
Reviewing the Configuration |
59 |
Configuring a Default Gateway |
60 |
Configuring a Static Route |
60 |
Configuring a BOOTP Server |
62 |
Protecting Access to Privileged EXEC Commands |
63 |
Setting or Changing a Static Enable Password |
63 |
Using the enable password and enable secret Commands |
63 |
Setting or Changing a Line Password |
64 |
Setting TACACS+ Password Protection for Privileged EXEC Mode |
64 |
Encrypting Passwords |
65 |
Configuring Multiple Privilege Levels |
65 |
Setting the Privilege Level for a Command |
66 |
Changing the Default Privilege Level for Lines |
66 |
Logging In to a Privilege Level |
66 |
Exiting a Privilege Level |
67 |
Displaying the Password, Access Level, and Privilege Level Configuration |
67 |
Recovering a Lost Enable Password |
67 |
Modifying the Supervisor Engine Startup Configuration |
68 |
Understanding the Supervisor Engine Boot Configuration |
68 |
Understanding the Supervisor Engine Boot Process |
68 |
Understanding the ROM Monitor |
68 |
Configuring the Software Configuration Register |
69 |
Modifying the Boot Field and Using the boot Command |
70 |
Modifying the Boot Field |
71 |
Verifying the Configuration Register Setting |
72 |
Specifying the Startup System Image |
72 |
Understanding Flash Memory |
72 |
Flash Memory Features |
73 |
Security Features |
73 |
Flash Memory Configuration Process |
73 |
CONFIG_FILE Environment Variable |
73 |
Controlling Environment Variables |
74 |
Configuring a Supervisor Engine 720 |
75 |
Using the Bootflash or Bootdisk on a Supervisor Engine 720 |
76 |
Using the Slots on a Supervisor Engine 720 |
76 |
Configuring Supervisor Engine 720 Ports |
76 |
Configuring and Monitoring the Switch Fabric Functionality |
76 |
Understanding How the Switch Fabric Functionality Works |
77 |
Switch Fabric Functionality Overview |
77 |
Forwarding Decisions for Layer 3-Switched Traffic |
77 |
Switching Modes |
77 |
Configuring the Switch Fabric Functionality |
78 |
Monitoring the Switch Fabric Functionality |
78 |
Displaying the Switch Fabric Redundancy Status |
79 |
Displaying Fabric Channel Switching Modes |
79 |
Displaying the Fabric Status |
80 |
Displaying the Fabric Utilization |
80 |
Displaying Fabric Errors |
81 |
Configuring a Supervisor Engine 32 |
83 |
Flash Memory on a Supervisor Engine 32 |
84 |
Supervisor Engine 32 Ports |
84 |
Configuring the Supervisor Engine 2 and the Switch Fabric Module |
85 |
Using the Slots on a Supervisor Engine 2 |
85 |
Understanding How the Switch Fabric Module Works |
86 |
Switch Fabric Module Overview |
86 |
Switch Fabric Module Slots |
86 |
Switch Fabric Redundancy |
86 |
Forwarding Decisions for Layer 3-Switched Traffic |
86 |
Switching Modes |
87 |
Configuring the Switch Fabric Module |
87 |
Configuring the Switching Mode |
88 |
Configuring Fabric-Required Mode |
88 |
Configuring an LCD Message |
89 |
Monitoring the Switch Fabric Module |
89 |
Displaying the Module Information |
91 |
Displaying the Switch Fabric Module Redundancy Status |
91 |
Displaying Fabric Channel Switching Modes |
91 |
Displaying the Fabric Status |
92 |
Displaying the Fabric Utilization |
92 |
Displaying Fabric Errors |
92 |
Configuring NSF with SSO Supervisor Engine Redundancy |
95 |
Understanding NSF with SSO Supervisor Engine Redundancy |
95 |
NSF with SSO Supervisor Engine Redundancy Overview |
96 |
SSO Operation |
96 |
NSF Operation |
97 |
Cisco Express Forwarding |
97 |
Multicast MLS NSF with SSO |
98 |
Routing Protocols |
98 |
BGP Operation |
98 |
OSPF Operation |
99 |
IS-IS Operation |
100 |
IETF IS-IS Configuration |
100 |
Cisco IS-IS Configuration |
101 |
EIGRP Operation |
101 |
NSF Benefits and Restrictions |
102 |
Supervisor Engine Configuration Synchronization |
103 |
Supervisor Engine Redundancy Guidelines and Restrictions |
103 |
Redundancy Configuration Guidelines and Restrictions |
104 |
Hardware Configuration Guidelines and Restrictions |
104 |
Configuration Mode Restrictions |
105 |
NSF Configuration Tasks |
105 |
Configuring SSO |
106 |
Configuring Multicast MLS NSF with SSO |
106 |
Verifying Multicast NSF with SSO |
107 |
Configuring CEF NSF |
107 |
Verifying CEF NSF |
107 |
Configuring BGP NSF |
108 |
Verifying BGP NSF |
108 |
Configuring OSPF NSF |
109 |
Verifying OSPF NSF |
109 |
Configuring IS-IS NSF |
110 |
Verifying IS-IS NSF |
111 |
Configuring EIGRP NSF |
113 |
Verifying EIGRP NSF |
113 |
Synchronizing the Supervisor Engine Configurations |
114 |
Copying Files to the Redundant Supervisor Engine |
114 |
Configuring RPR and RPR+ Supervisor Engine Redundancy |
115 |
Understanding RPR and RPR+ |
116 |
Supervisor Engine Redundancy Overview |
116 |
RPR Operation |
116 |
RPR+ Operation |
117 |
Supervisor Engine Configuration Synchronization |
117 |
RPR Supervisor Engine Configuration Synchronization |
118 |
RPR+ Supervisor Engine Configuration Synchronization |
118 |
Supervisor Engine Redundancy Guidelines and Restrictions |
118 |
Redundancy Guidelines and Restrictions |
118 |
RPR+ Guidelines and Restrictions |
119 |
Hardware Configuration Guidelines and Restrictions |
119 |
Configuration Mode Restrictions |
120 |
Configuring Supervisor Engine Redundancy |
120 |
Configuring Redundancy |
120 |
Synchronizing the Supervisor Engine Configurations |
121 |
Displaying the Redundancy States |
121 |
Performing a Fast Software Upgrade |
122 |
Copying Files to an MSFC |
123 |
Configuring Interfaces |
125 |
Understanding Interface Configuration |
126 |
Using the Interface Command |
126 |
Configuring a Range of Interfaces |
128 |
Defining and Using Interface-Range Macros |
130 |
Configuring Optional Interface Features |
130 |
Configuring Ethernet Interface Speed and Duplex Mode |
131 |
Speed and Duplex Mode Configuration Guidelines |
131 |
Configuring the Ethernet Interface Speed |
131 |
Setting the Interface Duplex Mode |
132 |
Configuring Link Negotiation on Gigabit Ethernet Ports |
132 |
Displaying the Speed and Duplex Mode Configuration |
133 |
Configuring Jumbo Frame Support |
134 |
Understanding Jumbo Frame Support |
134 |
Jumbo Frame Support Overview |
134 |
Bridged and Routed Traffic Size Check at Ingress 10, 10/100, and 100 Mbps Ethernet and 10-Gigabit Ethernet Ports |
135 |
Bridged and Routed Traffic Size Check at Ingress Gigabit Ethernet Ports |
135 |
Routed Traffic Size Check on the PFC |
135 |
Bridged and Routed Traffic Size Check at Egress 10, 10/100, and 100 Mbps Ethernet Ports |
135 |
Bridged and Routed Traffic Size Check at Egress Gigabit Ethernet and 10-Gigabit Ethernet Ports |
135 |
Ethernet Ports |
135 |
Ethernet Port Overview |
135 |
Layer 3 Ethernet Ports |
136 |
Layer 2 Ethernet Ports |
136 |
VLAN Interfaces |
136 |
Configuring MTU Sizes |
136 |
Configuring the MTU Size |
136 |
Configuring the Global Egress LAN Port MTU Size |
137 |
Configuring IEEE 802.3x Flow Control |
137 |
Configuring the Port Debounce Timer |
138 |
Adding a Description for an Interface |
140 |
Understanding Online Insertion and Removal |
140 |
Monitoring and Maintaining Interfaces |
141 |
Monitoring Interface Status |
141 |
Clearing Counters on an Interface |
141 |
Resetting an Interface |
142 |
Shutting Down and Restarting an Interface |
142 |
Checking the Cable Status Using the TDR |
143 |
Configuring LAN Ports for Layer 2 Switching |
145 |
Understanding How Layer 2 Switching Works |
145 |
Understanding Layer 2 Ethernet Switching |
146 |
Layer 2 Ethernet Switching Overview |
146 |
Switching Frames Between Segments |
146 |
Building the Address Table |
146 |
Understanding VLAN Trunks |
147 |
Trunking Overview |
147 |
Encapsulation Types |
147 |
Layer 2 LAN Port Modes |
148 |
Default Layer 2 LAN Interface Configuration |
149 |
Layer 2 LAN Interface Configuration Guidelines and Restrictions |
149 |
Configuring LAN Interfaces for Layer 2 Switching |
150 |
Configuring a LAN Port for Layer 2 Switching |
151 |
Configuring a Layer 2 Switching Port as a Trunk |
152 |
Configuring the Layer 2 Switching Port as an ISL or 802.1Q Trunk |
152 |
Configuring the Layer 2 Trunk to Use DTP |
153 |
Configuring the Layer 2 Trunk Not to Use DTP |
153 |
Configuring the Access VLAN |
154 |
Configuring the 802.1Q Native VLAN |
154 |
Configuring the List of VLANs Allowed on a Trunk |
155 |
Configuring the List of Prune-Eligible VLANs |
155 |
Completing Trunk Configuration |
156 |
Verifying Layer 2 Trunk Configuration |
156 |
Configuration and Verification Examples |
157 |
Configuring a LAN Interface as a Layer 2 Access Port |
158 |
Configuring a Custom IEEE 802.1Q EtherType Field Value |
159 |
Configuring Flex Links |
161 |
Understanding Flex Links |
161 |
Configuring Flex Links |
162 |
Flex Links Default Configuration |
162 |
Flex Links Configuration Guidelines and Restrictions |
162 |
Configuring Flex Links |
163 |
Monitoring Flex Links |
164 |
Configuring EtherChannels |
165 |
Understanding How EtherChannels Work |
165 |
EtherChannel Feature Overview |
166 |
Understanding How EtherChannels Are Configured |
166 |
EtherChannel Configuration Overview |
166 |
Understanding Manual EtherChannel Configuration |
167 |
Understanding PAgP EtherChannel Configuration |
167 |
Understanding IEEE 802.3ad LACP EtherChannel Configuration |
168 |
Understanding Port Channel Interfaces |
169 |
Understanding Load Balancing |
169 |
EtherChannel Feature Configuration Guidelines and Restrictions |
169 |
Configuring EtherChannels |
171 |
Configuring Port Channel Logical Interfaces for Layer 3 EtherChannels |
171 |
Configuring Channel Groups |
172 |
Configuring the LACP System Priority and System ID |
174 |
Configuring EtherChannel Load Balancing |
175 |
Configuring the EtherChannel Min-Links Feature |
176 |
Configuring VTP |
177 |
Understanding How VTP Works |
177 |
Understanding the VTP Domain |
178 |
Understanding VTP Modes |
178 |
Understanding VTP Advertisements |
179 |
Understanding VTP Version 2 |
179 |
Understanding VTP Pruning |
180 |
VTP Default Configuration |
181 |
VTP Configuration Guidelines and Restrictions |
181 |
Configuring VTP |
182 |
Configuring VTP Global Parameters |
182 |
Configuring a VTP Password |
183 |
Enabling VTP Pruning |
183 |
Enabling VTP Version 2 |
184 |
Configuring the VTP Mode |
185 |
Displaying VTP Statistics |
186 |
Configuring VLANs |
189 |
Understanding How VLANs Work |
189 |
VLAN Overview |
190 |
VLAN Ranges |
190 |
Configurable VLAN Parameters |
191 |
Understanding Token Ring VLANs |
191 |
Token Ring TrBRF VLANs |
191 |
Token Ring TrCRF VLANs |
192 |
VLAN Default Configuration |
194 |
VLAN Configuration Guidelines and Restrictions |
196 |
Configuring VLANs |
197 |
VLAN Configuration Options |
197 |
VLAN Configuration in Global Configuration Mode |
197 |
VLAN Configuration in VLAN Database Mode |
198 |
Creating or Modifying an Ethernet VLAN |
198 |
Assigning a Layer 2 LAN Interface to a VLAN |
200 |
Configuring the Internal VLAN Allocation Policy |
200 |
Configuring VLAN Translation |
201 |
VLAN Translation Guidelines and Restrictions |
201 |
Configuring VLAN Translation on a Trunk Port |
203 |
Enabling VLAN Translation on Other Ports in a Port Group |
203 |
Mapping 802.1Q VLANs to ISL VLANs |
204 |
Saving VLAN Information |
205 |
Configuring Private VLANs |
207 |
Understanding How Private VLANs Work |
207 |
Private VLAN Domains |
208 |
Private VLAN Ports |
209 |
Primary, Isolated, and Community VLANs |
209 |
Private VLAN Port Isolation |
210 |
IP Addressing Scheme with Private VLANs |
210 |
Private VLANs Across Multiple Routers |
211 |
Private VLAN Interaction with Other Features |
211 |
Private VLANs and Unicast, Broadcast, and Multicast Traffic |
212 |
Private VLANs and SVIs |
212 |
Private VLAN Configuration Guidelines and Restrictions |
212 |
Secondary and Primary VLAN Configuration |
213 |
Private VLAN Port Configuration |
215 |
Limitations with Other Features |
215 |
Configuring Private VLANs |
217 |
Configuring a VLAN as a Private VLAN |
217 |
Associating Secondary VLANs with a Primary VLAN |
218 |
Mapping Secondary VLANs to the Layer 3 VLAN Interface of a Primary VLAN |
219 |
Configuring a Layer 2 Interface as a Private VLAN Host Port |
220 |
Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port |
221 |
Monitoring Private VLANs |
223 |
Configuring Cisco IP Phone Support |
225 |
Understanding Cisco IP Phone Support |
225 |
Cisco IP Phone Connections |
226 |
Cisco IP Phone Voice Traffic |
226 |
Cisco IP Phone Data Traffic |
227 |
Cisco IP Phone Power Configurations |
227 |
Locally Powered Cisco IP Phones |
227 |
Inline-Powered Cisco IP Phones |
228 |
Other Cisco IP Phone Features |
228 |
Default Cisco IP Phone Support Configuration |
229 |
Cisco IP Phone Support Configuration Guidelines and Restrictions |
229 |
Configuring Cisco IP Phone Support |
230 |
Configuring Voice Traffic Support |
230 |
Configuring Data Traffic Support |
231 |
Configuring Inline Power Support |
232 |
Configuring IEEE 802.1Q Tunneling |
235 |
Understanding How 802.1Q Tunneling Works |
235 |
802.1Q Tunneling Configuration Guidelines and Restrictions |
237 |
Configuring 802.1Q Tunneling |
240 |
Configuring 802.1Q Tunnel Ports |
240 |
Configuring the Router to Tag Native VLAN Traffic |
240 |
Configuring Layer 2 Protocol Tunneling |
243 |
Understanding How Layer 2 Protocol Tunneling Works |
243 |
Configuring Support for Layer 2 Protocol Tunneling |
244 |
Configuring Standard-Compliant IEEE MST |
247 |
Understanding MST |
247 |
MST Overview |
248 |
MST Regions |
248 |
IST, CIST, and CST |
249 |
IST, CIST, and CST Overview |
249 |
Spanning Tree Operation Within an MST Region |
250 |
Spanning Tree Operations Between MST Regions |
250 |
IEEE 802.1s Terminology |
251 |
Hop Count |
252 |
Boundary Ports |
252 |
Standard-Compliant MST Implementation |
253 |
Changes in Port-Role Naming |
253 |
Spanning Tree Interoperation Between Legacy and Standard-Compliant Routers |
254 |
Detecting Unidirectional Link Failure |
254 |
Interoperability with IEEE 802.1D-1998 STP |
255 |
Understanding RSTP |
255 |
Port Roles and the Active Topology |
256 |
Rapid Convergence |
257 |
Synchronization of Port Roles |
258 |
Bridge Protocol Data Unit Format and Processing |
259 |
BPDU Format and Processing Overview |
259 |
Processing Superior BPDU Information |
260 |
Processing Inferior BPDU Information |
260 |
Topology Changes |
261 |
Configuring MST |
261 |
Default MST Configuration |
262 |
MST Configuration Guidelines and Restrictions |
262 |
Specifying the MST Region Configuration and Enabling MST |
263 |
Configuring the Root Bridge |
265 |
Configuring a Secondary Root Bridge |
266 |
Configuring Port Priority |
267 |
Configuring Path Cost |
268 |
Configuring the Switch Priority |
269 |
Configuring the Hello Time |
270 |
Configuring the Forwarding-Delay Time |
271 |
Configuring the Transmit Hold Count |
271 |
Configuring the Maximum-Aging Time |
272 |
Configuring the Maximum-Hop Count |
272 |
Specifying the Link Type to Ensure Rapid Transitions |
272 |
Designating the Neighbor Type |
273 |
Restarting the Protocol Migration Process |
274 |
Displaying the MST Configuration and Status |
274 |
Configuring STP and Prestandard IEEE 802.1s MST |
275 |
Understanding How STP Works |
276 |
STP Overview |
276 |
Understanding the Bridge ID |
276 |
Bridge Priority Value |
277 |
Extended System ID |
277 |
STP MAC Address Allocation |
277 |
Understanding Bridge Protocol Data Units |
278 |
Election of the Root Bridge |
278 |
STP Protocol Timers |
279 |
Creating the Spanning Tree Topology |
279 |
STP Port States |
280 |
STP Port State Overview |
280 |
Blocking State |
282 |
Listening State |
283 |
Learning State |
284 |
Forwarding State |
285 |
Disabled State |
286 |
STP and IEEE 802.1Q Trunks |
286 |
Understanding How IEEE 802.1w RSTP Works |
287 |
IEEE 802.1w RSTP Overview |
287 |
RSTP Port Roles |
287 |
RSTP Port States |
288 |
Rapid-PVST |
288 |
Understanding How Prestandard IEEE 802.1s MST Works |
288 |
IEEE 802.1s MST Overview |
289 |
MST-to-PVST Interoperability |
290 |
Common Spanning Tree |
292 |
MST Instances |
292 |
MST Configuration Parameters |
292 |
MST Regions |
293 |
MST Region Overview |
293 |
Boundary Ports |
293 |
IST Master |
294 |
Edge Ports |
294 |
Link Type |
294 |
Message Age and Hop Count |
294 |
Default STP Configuration |
295 |
STP and MST Configuration Guidelines and Restrictions |
295 |
Configuring STP |
296 |
Enabling STP |
296 |
Enabling the Extended System ID |
298 |
Configuring the Root Bridge |
298 |
Configuring a Secondary Root Bridge |
300 |
Configuring STP Port Priority |
301 |
Configuring STP Port Cost |
302 |
Configuring the Bridge Priority of a VLAN |
304 |
Configuring the Hello Time |
305 |
Configuring the Forward-Delay Time for a VLAN |
306 |
Configuring the Maximum Aging Time for a VLAN |
306 |
Enabling Rapid-PVST |
307 |
Specifying the Link Type |
307 |
Restarting Protocol Migration |
307 |
Configuring Prestandard IEEE 802.1s MST |
307 |
Enabling MST |
308 |
Displaying MST Configurations |
309 |
Configuring MST Instance Parameters |
313 |
Configuring MST Instance Port Parameters |
314 |
Restarting Protocol Migration |
314 |
Configuring Optional STP Features |
317 |
Understanding How PortFast Works |
318 |
Understanding How BPDU Guard Works |
318 |
Understanding How PortFast BPDU Filtering Works |
318 |
Understanding How UplinkFast Works |
319 |
Understanding How BackboneFast Works |
320 |
Understanding How EtherChannel Guard Works |
322 |
Understanding How Root Guard Works |
323 |
Understanding How Loop Guard Works |
323 |
Enabling PortFast |
324 |
Enabling PortFast BPDU Filtering |
326 |
Enabling BPDU Guard |
328 |
Enabling UplinkFast |
328 |
Enabling BackboneFast |
329 |
Enabling EtherChannel Guard |
330 |
Enabling Root Guard |
330 |
Enabling Loop Guard |
331 |
Configuring Layer 3 Interfaces |
333 |
Layer 3 Interface Configuration Guidelines and Restrictions |
334 |
Configuring Subinterfaces on Layer 3 Interfaces |
334 |
Configuring IPv4 Routing and Addresses |
336 |
Configuring IPX Routing and Network Numbers |
340 |
Configuring AppleTalk Routing, Cable Ranges, and Zones |
341 |
Configuring Other Protocols on Layer 3 Interfaces |
342 |
Configuring UDE and UDLR |
343 |
Understanding UDE and UDLR |
343 |
UDE and UDLR Overview |
343 |
Supported Hardware |
344 |
Understanding UDE |
344 |
UDE Overview |
344 |
Understanding Hardware-Based UDE |
344 |
Understanding Software-Based UDE |
345 |
Understanding UDLR |
345 |
Configuring UDE and UDLR |
345 |
Configuring UDE |
345 |
UDE Configuration Guidelines |
346 |
Configuring Hardware-Based UDE |
346 |
Configuring Software-Based UDE |
347 |
Configuring UDLR |
348 |
UDLR Back-Channel Tunnel Configuration Guidelines |
348 |
Configuring a Receive-Only Tunnel Interface for a UDE Send-Only Port |
349 |
Configuring a Send-Only Tunnel Interface for a UDE Receive-Only Port |
349 |
Router A Configuration |
350 |
Router B Configuration |
350 |
Configuring PFC3BXL and PFC3B Mode Multiprotocol Label Switching |
351 |
PFC3BXL and PFC3B Mode MPLS Label Switching |
351 |
Understanding MPLS |
352 |
Understanding PFC3BXL and PFC3B Mode MPLS Label Switching |
352 |
IP to MPLS |
353 |
MPLS to MPLS |
354 |
MPLS to IP |
354 |
MPLS VPN Forwarding |
354 |
Recirculation |
354 |
Supported Hardware Features |
355 |
Supported Cisco IOS Features |
355 |
MPLS Guidelines and Restrictions |
357 |
PFC3BXL and PFC3B Mode MPLS Supported Commands |
357 |
Configuring MPLS |
358 |
MPLS Per-Label Load Balancing |
358 |
Basic MPLS Load Balancing |
358 |
MPLS Layer 2 VPN Load Balancing |
358 |
MPLS Layer 3 VPN Load Balancing |
358 |
MPLS Configuration Examples |
358 |
PFC3BXL or PFC3B Mode VPN Switching |
360 |
PFC3BXL or PFC3B Mode VPN Switching Operation |
360 |
MPLS VPN Guidelines and Restrictions |
361 |
PFC3BXL or PFC3B Mode MPLS VPN Supported Commands |
361 |
Configuring MPLS VPN |
361 |
MPLS VPN Sample Configuration |
362 |
Any Transport over MPLS |
363 |
AToM Load Balancing |
364 |
Understanding EoMPLS |
364 |
EoMPLS Guidelines and Restrictions |
364 |
Configuring EoMPLS |
366 |
Prerequisites |
366 |
Configuring PFC3BXL or PFC3B Mode VLAN-Based EoMPLS |
367 |
Verifying the Configuration |
367 |
Configuring PFC3BXL or PFC3B Mode Port-Based EoMPLS |
369 |
Verifying the Configuration |
371 |
Configuring IPv4 Multicast VPN Support |
375 |
Understanding How MVPN Works |
375 |
MVPN Overview |
376 |
Multicast Routing and Forwarding and Multicast Domains |
376 |
Multicast Distribution Trees |
376 |
Multicast Tunnel Interfaces |
379 |
PE Router Routing Table Support for MVPN |
380 |
Multicast Distributed Switching Support |
380 |
Hardware-Assisted IPv4 Multicast |
380 |
MVPN Configuration Guidelines and Restrictions |
381 |
Configuring MVPN |
382 |
Forcing Ingress Multicast Replication Mode (Optional) |
382 |
Configuring a Multicast VPN Routing and Forwarding Instance |
383 |
Configuring a VRF Entry |
384 |
Configuring the Route Distinguisher |
384 |
Configuring the Route-Target Extended Community |
385 |
Configuring the Default MDT |
385 |
Configuring Data MDTs (Optional) |
386 |
Enabling Data MDT Logging |
386 |
Sample Configuration |
387 |
Displaying VRF Information |
387 |
Configuring Multicast VRF Routing |
389 |
Enabling IPv4 Multicast Routing Globally |
390 |
Enabling IPv4 Multicast VRF Routing |
390 |
Configuring a PIM VRF Register Message Source Address |
390 |
Specifying the PIM VRF Rendezvous Point (RP) Address |
391 |
Configuring a Multicast Source Discovery Protocol (MSDP) Peer |
391 |
Enabling IPv4 Multicast Header Storage |
392 |
Configuring the Maximum Number of Multicast Routes |
392 |
Configuring IPv4 Multicast Route Filtering |
393 |
Sample Configuration |
393 |
Displaying IPv4 Multicast VRF Routing Information |
394 |
Configuring Interfaces for Multicast Routing to Support MVPN |
394 |
Multicast Routing Configuration Overview |
394 |
Configuring PIM on an Interface |
394 |
Configuring an Interface for IPv4 VRF Forwarding |
395 |
Sample Configuration |
396 |
Sample Configurations for MVPN |
396 |
MVPN Configuration with Default MDTs Only |
396 |
MVPN Configuration with Default and Data MDTs |
398 |
Configuring IP Unicast Layer 3 Switching |
403 |
Understanding How Layer 3 Switching Works |
404 |
Understanding Hardware Layer 3 Switching |
404 |
Understanding Layer 3-Switched Packet Rewrite |
404 |
Hardware Layer 3 Switching Examples |
405 |
Default Hardware Layer 3 Switching Configuration |
406 |
Configuration Guidelines and Restrictions |
406 |
Configuring Hardware Layer 3 Switching |
407 |
Displaying Hardware Layer 3 Switching Statistics |
408 |
Configuring IPv6 Multicast PFC3 and DFC3 Layer 3 Switching |
409 |
Features that Support IPv6 Multicast |
410 |
IPv6 Multicast Guidelines and Restrictions |
410 |
New or Changed IPv6 Multicast Commands |
411 |
Configuring IPv6 Multicast Layer 3 Switching |
411 |
Using show Commands to Verify IPv6 Multicast Layer 3 Switching |
411 |
Verifying MFIB Clients |
412 |
Displaying the Switching Capability |
413 |
Verifying the (S,G) Forwarding Capability |
413 |
Verifying the (*,G) Forwarding Capability |
413 |
Verifying the Subnet Entry Support Status |
413 |
Verifying the Current Replication Mode |
413 |
Displaying the Replication Mode Auto Detection Status |
414 |
Displaying the Replication Mode Capabilities |
414 |
Displaying Subnet Entries |
414 |
Displaying the IPv6 Multicast Summary |
414 |
Displaying the NetFlow Hardware Forwarding Count |
415 |
Displaying the FIB Hardware Bridging and Drop Counts |
415 |
Displaying the Shared and Well-Known Hardware Adjacency Counters |
416 |
Configuring IPv4 Multicast Layer 3 Switching |
417 |
Understanding How IPv4 Multicast Layer 3 Switching Works |
417 |
IPv4 Multicast Layer 3 Switching Overview |
418 |
Multicast Layer 3 Switching Cache |
418 |
Layer 3-Switched Multicast Packet Rewrite |
419 |
Partially and Completely Switched Flows |
420 |
Partially Switched Flows |
420 |
Completely Switched Flows |
421 |
Non-RPF Traffic Processing |
421 |
Non-RPF Traffic Overview |
421 |
Filtering of RPF Failures for Stub Networks |
422 |
Rate Limiting of RPF Failure Traffic |
422 |
Multicast Boundary |
423 |
Understanding How IPv4 Bidirectional PIM Works |
423 |
Default IPv4 Multicast Layer 3 Switching Configuration |
423 |
IPv4 Multicast Layer 3 Switching Configuration Guidelines and Restrictions |
424 |
Restrictions |
424 |
Unsupported Features |
425 |
Configuring IPv4 Multicast Layer 3 Switching |
425 |
Source-Specific Multicast with IGMPv3, IGMP v3lite, and URD |
426 |
Enabling IPv4 Multicast Routing Globally |
426 |
Enabling IPv4 PIM on Layer 3 Interfaces |
426 |
Enabling IP Multicast Layer 3 Switching Globally |
427 |
Enabling IP Multicast Layer 3 Switching on Layer 3 Interfaces |
427 |
Configuring the Replication Mode |
428 |
Enabling Local Egress Replication |
430 |
Configuring the Layer 3 Switching Global Threshold |
431 |
Enabling Installation of Directly Connected Subnets |
431 |
Specifying the Flow Statistics Message Interval |
432 |
Enabling Shortcut-Consistency Checking |
432 |
Configuring ACL-Based Filtering of RPF Failures |
433 |
Displaying RPF Failure Rate-Limiting Information |
433 |
Configuring Multicast Boundary |
434 |
Displaying IPv4 Multicast Layer 3 Hardware Switching Summary |
434 |
Displaying the IPv4 Multicast Routing Table |
437 |
Displaying IPv4 Multicast Layer 3 Switching Statistics |
438 |
Configuring IPv4 Bidirectional PIM |
439 |
Enabling IPv4 Bidirectional PIM Globally |
439 |
Configuring the Rendezvous Point for IPv4 Bidirectional PIM Groups |
440 |
Setting the IPv4 Bidirectional PIM Scan Interval |
440 |
Displaying IPv4 Bidirectional PIM Information |
441 |
Using IPv4 Debug Commands |
443 |
Clearing IPv4 Multicast Layer 3 Switching Statistics |
443 |
Redundancy for Multicast Traffic |
444 |
Configuring MLDv2 Snooping for IPv6 Multicast Traffic |
445 |
Understanding How MLDv2 Snooping Works |
446 |
MLDv2 Snooping Overview |
446 |
MLDv2 Messages |
447 |
Source-Based Filtering |
447 |
Explicit Host Tracking |
447 |
MLDv2 Snooping Proxy Reporting |
448 |
Joining an IPv6 Multicast Group |
448 |
Leaving a Multicast Group |
450 |
Normal Leave Processing |
450 |
Fast-Leave Processing |
451 |
Understanding the MLDv2 Snooping Querier |
451 |
Default MLDv2 Snooping Configuration |
452 |
MLDv2 Snooping Configuration Guidelines and Restrictions |
452 |
MLDv2 Snooping Querier Configuration Guidelines and Restrictions |
452 |
Enabling the MLDv2 Snooping Querier |
453 |
Configuring MLDv2 Snooping |
454 |
Enabling MLDv2 Snooping |
454 |
Configuring a Static Connection to a Multicast Receiver |
455 |
Configuring a Multicast Router Port Statically |
455 |
Configuring the MLD Snooping Query Interval |
456 |
Enabling Fast-Leave Processing |
457 |
Enabling SSM Safe Reporting |
457 |
Configuring Explicit Host Tracking |
458 |
Configuring Report Suppression |
458 |
Displaying MLDv2 Snooping Information |
459 |
Displaying Multicast Router Interfaces |
459 |
Displaying MAC Address Multicast Entries |
459 |
Displaying MLDv2 Snooping Information for a VLAN Interface |
460 |
Configuring IGMP Snooping for IPv4 Multicast Traffic |
461 |
Understanding How IGMP Snooping Works |
461 |
IGMP Snooping Overview |
462 |
Joining a Multicast Group |
462 |
Leaving a Multicast Group |
464 |
Normal Leave Processing |
464 |
Fast-Leave Processing |
465 |
Understanding the IGMP Snooping Querier |
465 |
Understanding IGMP Version 3 Support |
465 |
IGMP Version 3 Support Overview |
466 |
IGMPv3 Fast-Leave Processing |
466 |
Proxy Reporting |
466 |
Explicit Host Tracking |
467 |
Default IGMP Snooping Configuration |
467 |
IGMP Snooping Configuration Guidelines and Restrictions |
468 |
IGMP Snooping Querier Configuration Guidelines and Restrictions |
468 |
Enabling the IGMP Snooping Querier |
469 |
Configuring IGMP Snooping |
469 |
Enabling IGMP Snooping |
470 |
Configuring a Static Connection to a Multicast Receiver |
471 |
Configuring a Multicast Router Port Statically |
471 |
Configuring the IGMP Snooping Query Interval |
471 |
Enabling IGMP Fast-Leave Processing |
472 |
Configuring Source Specific Multicast (SSM) Mapping |
472 |
Enabling SSM Safe Reporting |
473 |
Configuring IGMPv3 Explicit Host Tracking |
473 |
Displaying IGMP Snooping Information |
474 |
Displaying Multicast Router Interfaces |
474 |
Displaying MAC Address Multicast Entries |
474 |
Displaying IGMP Snooping Information for a VLAN Interface |
475 |
Displaying IGMP Snooping Statistics |
475 |
Configuring PIM Snooping |
477 |
Understanding How PIM Snooping Works |
477 |
Default PIM Snooping Configuration |
480 |
PIM Snooping Configuration Guidelines and Restrictions |
480 |
Configuring PIM Snooping |
481 |
Enabling PIM Snooping Globally |
481 |
Enabling PIM Snooping in a VLAN |
481 |
Disabling PIM Snooping Designated-Router Flooding |
482 |
Configuring RGMP |
485 |
Understanding How RGMP Works |
485 |
Default RGMP Configuration |
486 |
RGMP Configuration Guidelines and Restrictions |
486 |
Enabling RGMP on Layer 3 Interfaces |
487 |
Configuring Network Security |
489 |
Configuring MAC Address-Based Traffic Blocking |
490 |
Configuring TCP Intercept |
490 |
Configuring Unicast Reverse Path Forwarding Check |
490 |
Understanding PFC3 Unicast RPF Check Support |
490 |
Understanding PFC2 Unicast RPF Check Support |
491 |
Unicast RPF Check Guidelines and Restrictions |
491 |
Configuring Unicast RPF Check |
491 |
Configuring the Unicast RPF Check Mode |
491 |
Configuring the Multiple-Path Unicast RPF Check Mode on a PFC3 |
493 |
Configuring Multiple-Path Interface Groups on a PFC3 |
494 |
Enabling Self-Pinging |
494 |
Understanding Cisco IOS ACL Support |
495 |
Cisco IOS ACL Configuration Guidelines and Restrictions |
495 |
Hardware and Software ACL Support |
496 |
Configuring IPv6 Address Compression |
497 |
Optimized ACL Logging with a PFC3 |
499 |
Understanding OAL |
499 |
OAL Guidelines and Restrictions |
499 |
Configuring OAL |
500 |
Configuring OAL Global Parameters |
500 |
Configuring OAL on an Interface |
501 |
Displaying OAL Information |
501 |
Clearing Cached OAL Entries |
501 |
Guidelines and Restrictions for Using Layer 4 Operators in ACLs |
501 |
Determining Layer 4 Operation Usage |
502 |
Determining Logical Operation Unit Usage |
502 |
Configuring VLAN ACLs |
505 |
Understanding VACLs |
505 |
VACL Overview |
506 |
Bridged Packets |
506 |
Routed Packets |
507 |
Multicast Packets |
508 |
Configuring VACLs |
508 |
VACL Configuration Overview |
509 |
Defining a VLAN Access Map |
509 |
Configuring a Match Clause in a VLAN Access Map Sequence |
510 |
Configuring an Action Clause in a VLAN Access Map Sequence |
511 |
Applying a VLAN Access Map |
512 |
Verifying VLAN Access Map Configuration |
512 |
VLAN Access Map Configuration and Verification Examples |
513 |
Configuring a Capture Port |
513 |
Configuring VACL Logging |
515 |
Configuring Denial of Service Protection |
517 |
Understanding How DoS Protection Works |
518 |
DoS Protection with a PFC2 |
518 |
Security ACLs |
518 |
Security VACLs |
519 |
QoS ACLs |
519 |
FIB Rate Limiting |
520 |
Traffic Storm Control |
521 |
ARP Throttling |
521 |
uRPF Check |
521 |
TCP Intercept |
522 |
Hardware-Based Rate Limiters on the PFC2 |
524 |
Ingress-Egress ACL Bridged Packets (Unicast Only) |
524 |
FIB (CEF) Receive and FIB Glean Cases (Unicast Only) |
525 |
VACL Log (Unicast Only) |
526 |
Layer 3 Security Features (Unicast Only) |
526 |
DoS Protection with a PFC3 |
526 |
Security ACLs and VACLs |
527 |
QoS Rate Limiting |
528 |
uRPF Check |
528 |
Traffic Storm Control |
529 |
Network Under SYN Attack |
529 |
ARP Policing |
530 |
Recommended Rate-Limiter Configuration |
530 |
Hardware-Based Rate Limiters on the PFC3 |
531 |
Ingress-Egress ACL Bridged Packets (Unicast Only) |
531 |
uRPF Check Failure |
532 |
TTL Failure |
532 |
ICMP Unreachable (Unicast Only) |
533 |
FIB (CEF) Receive Cases (Unicast Only) |
533 |
FIB Glean (Unicast Only) |
533 |
Layer 3 Security Features (Unicast Only) |
534 |
ICMP Redirect (Unicast Only) |
534 |
VACL Log (Unicast Only) |
534 |
MTU Failure |
534 |
Layer 2 Multicast IGMP Snooping |
535 |
Layer 2 PDU |
535 |
Layer 2 Protocol Tunneling |
535 |
IP Errors |
535 |
IPv4 Multicast |
535 |
IPv6 Multicast |
536 |
DoS Protection Default Configuration |
537 |
DoS Protection Configuration Guidelines and Restrictions |
538 |
PFC2 |
538 |
PFC3 |
539 |
Monitoring Packet Drop Statistics |
540 |
Monitoring Dropped Packets Using Monitor Session Commands |
540 |
Monitoring Dropped Packets Using show tcam interface Command |
541 |
Monitoring Dropped Packets Using VACL Capture |
542 |
Displaying Rate-Limiter Information |
542 |
Understanding How Control Plane Policing Works |
544 |
CoPP Default Configuration |
544 |
CoPP Configuration Guidelines and Restrictions |
544 |
Configuring CoPP |
545 |
Monitoring CoPP |
547 |
Defining Traffic Classification |
548 |
Traffic Classification Overview |
548 |
Traffic Classification Guidelines |
549 |
Sample Basic ACLs for CoPP Traffic Classification |
549 |
Configuring Sticky ARP |
550 |
Configuring DHCP Snooping |
553 |
Understanding DHCP Snooping |
553 |
Overview of DHCP Snooping |
554 |
Trusted and Untrusted Sources |
554 |
DHCP Snooping Binding Database |
554 |
Packet Validation |
555 |
DHCP Snooping Option-82 Data Insertion |
555 |
Overview of the DHCP Snooping Database Agent |
557 |
Default Configuration for DHCP Snooping |
558 |
DHCP Snooping Configuration Restrictions and Guidelines |
559 |
DHCP Snooping Configuration Restrictions |
559 |
DHCP Snooping Configuration Guidelines |
559 |
Minimum DHCP Snooping Configuration |
560 |
Configuring DHCP Snooping |
561 |
Enabling DHCP Snooping Globally |
561 |
Enabling DHCP Option-82 Data Insertion |
562 |
Enabling the DHCP Option-82 on Untrusted Port Feature |
562 |
Enabling DHCP Snooping MAC Address Verification |
563 |
Enabling DHCP Snooping on VLANs |
564 |
Configuring the DHCP Trust State on Layer 2 LAN Interfaces |
565 |
Configuring DHCP Snooping Rate Limiting on Layer 2 LAN Interfaces |
566 |
Configuring the DHCP Snooping Database Agent |
566 |
Configuration Examples for the Database Agent |
567 |
Example 1: Enabling the Database Agent |
567 |
Example 2: Reading Binding Entries from a TFTP File |
569 |
Example 3: Adding Information to the DHCP Snooping Database |
570 |
Displaying a Binding Table |
570 |
Configuring Dynamic ARP Inspection |
573 |
Understanding DAI |
573 |
Understanding ARP |
574 |
Understanding ARP Spoofing Attacks |
574 |
Understanding DAI and ARP Spoofing Attacks |
574 |
Interface Trust States and Network Security |
575 |
Rate Limiting of ARP Packets |
576 |
Relative Priority of ARP ACLs and DHCP Snooping Entries |
576 |
Logging of Dropped Packets |
577 |
Default DAI Configuration |
577 |
DAI Configuration Guidelines and Restrictions |
578 |
Configuring DAI |
578 |
Enabling DAI on VLANs |
579 |
Configuring the DAI Interface Trust State |
580 |
Applying ARP ACLs for DAI Filtering |
580 |
Configuring ARP Packet Rate Limiting |
581 |
Enabling DAI Error-Disabled Recovery |
583 |
Enabling Additional Validation |
583 |
Configuring DAI Logging |
585 |
DAI Logging Overview |
585 |
Configuring the DAI Logging Buffer Size |
585 |
Configuring the DAI Logging System Messages |
586 |
Configuring DAI Log Filtering |
586 |
Displaying DAI Information |
587 |
DAI Configuration Samples |
588 |
Sample One: Two Switches Support DAI |
588 |
Configuring Router A |
589 |
Configuring Router B |
591 |
Sample Two: One Switch Supports DAI |
593 |
Configuring Traffic Storm Control |
595 |
Understanding Traffic Storm Control |
595 |
Default Traffic Storm Control Configuration |
597 |
Traffic Storm Control Guidelines and Restrictions |
597 |
Enabling Traffic Storm Control |
598 |
Displaying Traffic Storm Control Settings |
599 |
Unknown Unicast and Multicast Flood Blocking |
601 |
Understanding UUFB or UMFB |
601 |
Configuring UUFB |
602 |
Configuring PFC QoS |
603 |
Understanding How PFC QoS Works |
604 |
Port Types Supported by PFC QoS |
604 |
Overview |
604 |
Component Overview |
608 |
Ingress LAN Port PFC QoS Features |
609 |
Flowchart of Ingress LAN Port PFC QoS Features |
610 |
Port Trust |
611 |
Ingress Congestion Avoidance |
611 |
PFC and DFC QoS Features |
611 |
Supported Policy Feature Cards |
612 |
Supported Distributed Forwarding Cards |
612 |
PFC and DFC QoS Feature List and Flowchart |
612 |
Internal DSCP Values |
614 |
Initial Internal DSCP Value |
614 |
Final Internal DSCP Value |
614 |
Port-Based PFC QoS and VLAN-Based PFC QoS |
615 |
PFC QoS Egress Port Features |
615 |
Flowchart of PFC QoS Egress LAN Port Features |
616 |
Egress CoS Values |
616 |
Egress DSCP Mutation with a PFC3 |
617 |
Egress ToS Byte |
617 |
Egress PFC QoS Interfaces |
617 |
Egress ACL Support for Remarked DSCP |
617 |
Marking on Egress OSM Ports |
618 |
Understanding Classification and Marking |
619 |
Classification and Marking at Trusted and Untrusted Ingress Ports |
619 |
Classification and Marking at Untrusted Ingress Ports |
619 |
Ingress Classification and Marking at Trusted Ports |
619 |
Ingress Classification and Marking at Trust CoS LAN Ports |
620 |
Ingress Classification and Marking at Trust IP Precedence Ports |
620 |
Ingress Classification and Marking at Trust DSCP Ports |
620 |
Classification and Marking at Ingress OSM Ports |
620 |
Classification and Marking on the PFC Using Service Policies and Policy Maps |
621 |
Classification and Marking on the MSFC |
622 |
Policers |
622 |
Overview of Policers |
622 |
Aggregate Policers |
623 |
Microflow Policers |
624 |
Understanding Port-Based Queue Types |
625 |
Ingress and Egress Buffers and Layer 2 CoS-Based Queues |
625 |
Ingress Queue Types |
627 |
Egress Queue Types |
628 |
Module to Queue Type Mappings |
629 |
PFC QoS Default Configuration |
632 |
PFC QoS Global Settings |
632 |
Default Values With PFC QoS Enabled |
633 |
Receive-Queue Limits |
633 |
Transmit-Queue Limit s |
633 |
Bandwidth Allocation Ratios |
634 |
Default Drop-Threshold Percentages and CoS Value Mappings |
634 |
1q2t Receive Queues |
635 |
1q4t Receive Queues |
636 |
1p1q4t Receive Queues |
636 |
1p1q0t Receive Queues |
637 |
1p1q8t Receive Queues |
637 |
1q8t Receive Queues |
638 |
2q8t Receive Queues |
639 |
8q4t Receive Queues |
640 |
8q8t Receive Queues |
644 |
2q2t Transmit Queues |
644 |
1p2q2t Transmit Queues |
645 |
1p3q8t Transmit Queues |
646 |
1p7q4t Transmit Queues |
647 |
1p7q8t Transmit Queues |
650 |
1p3q1t Transmit Queues |
651 |
1p2q1t Transmit Queues |
652 |
Default Values With PFC QoS Disabled |
652 |
PFC QoS Configuration Guidelines and Restrictions |
652 |
General Guidelines |
653 |
PFC3 Guidelines |
655 |
PFC2 Guidelines |
655 |
Class Map Command Restrictions |
656 |
Policy Map Command Restrictions |
656 |
Policy Map Class Command Restrictions |
656 |
Supported Granularity for CIR and PIR Rate Values |
657 |
Supported Granularity for CIR and PIR Token Bucket Sizes |
657 |
IP Precedence and DSCP Values |
658 |
Configuring PFC QoS |
658 |
Enabling PFC QoS Globally |
659 |
Enabling Ignore Port Trust |
660 |
Configuring DSCP Transparency |
661 |
Enabling Queueing-Only Mode |
662 |
Enabling Microflow Policing of Bridged Traffic |
662 |
Enabling VLAN-Based PFC QoS on Layer 2 LAN Ports |
663 |
Enabling Egress ACL Support for Remarked DSCP |
664 |
Creating Named Aggregate Policers |
665 |
Configuring a PFC QoS Policy |
667 |
PFC QoS Policy Configuration Overview |
668 |
Configuring MAC ACLs |
669 |
Configuring Protocol-Independent MAC ACL Filtering |
669 |
Enabling VLAN-Based MAC QoS Filtering |
670 |
Configuring MAC ACLs |
671 |
Configuring ARP ACLs for QoS Filtering |
672 |
Configuring a Class Map |
673 |
Creating a Class Map |
673 |
Class Map Filtering Guidelines and Restrictions |
674 |
Configuring Filtering in a Class Map |
675 |
Verifying Class Map Configuration |
676 |
Configuring a Policy Map |
676 |
Creating a Policy Map |
676 |
Policy Map Class Configuration Guidelines and Restrictions |
677 |
Creating a Policy Map Class and Configuring Filtering |
677 |
Configuring Policy Map Class Actions |
677 |
Configuring Policy Map Class Marking |
678 |
Configuring the Policy Map Class Trust State |
679 |
Configuring Policy Map Class Policing |
679 |
Using a Named Aggregate Policer |
679 |
Configuring a Per-Interface Policer |
680 |
Verifying Policy Map Configuration |
683 |
Attaching a Policy Map to an Interface |
683 |
Configuring Egress DSCP Mutation on a PFC3 |
685 |
Configuring Named DSCP Mutation Maps |
685 |
Attaching an Egress DSCP Mutation Map to an Interface |
686 |
Configuring Ingress CoS Mutation on IEEE 802.1Q Tunnel Ports |
687 |
Ingress CoS Mutation Configuration Guidelines and Restrictions |
687 |
Configuring Ingress CoS Mutation Maps |
688 |
Applying Ingress CoS Mutation Maps to IEEE 802.1Q Tunnel Ports |
689 |
Configuring DSCP Value Maps |
689 |
Mapping Received CoS Values to Internal DSCP Values |
690 |
Mapping Received IP Precedence Values to Internal DSCP Values |
690 |
Configuring DSCP Markdown Values |
691 |
Mapping Internal DSCP Values to Egress CoS Values |
692 |
Configuring the Trust State of Ethernet LAN and OSM Ports |
693 |
Configuring the Ingress LAN Port CoS Value |
695 |
Configuring Standard-Queue Drop Threshold Percentages |
695 |
Configuring a Tail-Drop Receive Queue |
696 |
Configuring a WRED-Drop Transmit Queue |
697 |
Configuring a WRED-Drop and Tail-Drop Receive Queue |
698 |
Configuring a WRED-Drop and Tail-Drop Transmit Queue |
698 |
Configuring 1q4t/2q2t Tail-Drop Threshold Percentages |
700 |
Mapping QoS Labels to Queues and Drop Thresholds |
701 |
Queue and Drop Threshold Mapping Guidelines and Restrictions |
701 |
Configuring DSCP-Based Queue Mapping |
702 |
Enabling DSCP-Based Queue Mapping |
702 |
Configuring Ingress DSCP-Based Queue Mapping |
702 |
Configuring the Port to Trust DSCP |
703 |
Mapping DSCP Values to Standard Receive-Queue Thresholds |
703 |
Mapping DSCP Values to Standard Transmit-Queue Thresholds |
705 |
Mapping DSCP Values to the Transmit Strict-Priority Queue |
706 |
Configuring CoS-Based Queue Mapping |
707 |
Mapping CoS Values to Standard Receive-Queue Thresholds |
707 |
Mapping CoS Values to Standard Transmit-Queue Thresholds |
708 |
Mapping CoS Values to Strict-Priority Queues |
709 |
Mapping CoS Values to Tail-Drop Thresholds on 1q4t/2q2t LAN Ports |
710 |
Allocating Bandwidth Between Standard Transmit Queues |
711 |
Setting the Receive-Queue Size Ratio |
713 |
Configuring the Transmit-Queue Size Ratio |
714 |
Common QoS Scenarios |
715 |
Sample Network Design Overview |
715 |
Access Layer |
715 |
Distribution and Core Interswitch Links |
715 |
Classifying Traffic from PCs and IP Phones in the Access Layer |
716 |
Identify the Voice Traffic from an IP Phone (VVLAN) |
717 |
Identify the Voice Signaling Traffic from an IP Phone (VVLAN) |
717 |
Identify the SAP Traffic from the PC (DVLAN) |
717 |
Accepting the Traffic Priority Value on Interswitch Links |
719 |
Prioritizing Traffic on Interswitch Links |
720 |
Using Policers to Limit the Amount of Traffic from a PC |
723 |
PFC QoS Glossary |
725 |
Configuring PFC3BXL or PFC3B Mode MPLS QoS |
727 |
Terminology |
728 |
PFC3BXL or PFC3B Mode MPLS QoS Features |
729 |
MPLS Experimental Field |
729 |
Trust |
729 |
Classification |
729 |
Policing and Marking |
730 |
Preserving IP ToS |
730 |
EXP Mutation |
730 |
MPLS DiffServ Tunneling Modes |
730 |
PFC3BXL or PFC3B Mode MPLS QoS Overview |
731 |
Specifying the QoS in the IP Precedence Field |
731 |
PFC3BXL or PFC3B Mode MPLS QoS |
731 |
LERs at the Input Edge of an MPLS Network |
732 |
LSRs in the Core of an MPLS Network |
733 |
LERs at the Output Edge of an MPLS Network |
733 |
Understanding PFC3BXL or PFC3B Mode MPLS QoS |
734 |
LERs at the EoMPLS Edge |
734 |
Ethernet to MPLS |
735 |
MPLS to Ethernet |
735 |
LERs at the IP Edge (MPLS, MPLS VPN) |
735 |
IP to MPLS |
735 |
Classification for IP-to-MPLS |
735 |
Classification for IP-to-MPLS PFC3BXL or PFC3B Mode MPLS QoS |
736 |
Classification at IP-to-MPLS Ingress Port |
736 |
Classification at IP-to-MPLS Egress Port |
736 |
MPLS to IP |
737 |
Classification for MPLS-to-IP |
737 |
Classification for MPLS-to-IP PFC3BXL or PFC3B Mode MPLS QoS |
738 |
Classification at MPLS-to-IP Ingress Port |
738 |
Classification at MPLS-to-IP Egress Port |
738 |
MPLS VPN |
738 |
LSRs at the MPLS Core |
739 |
MPLS to MPLS |
739 |
Classification for MPLS-to-MPLS |
739 |
Classification for MPLS-to-MPLS PFC3BXL or PFC3B Mode MPLS QoS |
740 |
Classification at MPLS-to-MPLS Ingress Port |
741 |
Classification at MPLS-to-MPLS Egress Port |
741 |
PFC3BXL or PFC3B MPLS QoS Default Configuration |
741 |
MPLS QoS Commands |
742 |
PFC3BXL or PFC3B Mode MPLS QoS Restrictions and Guidelines |
743 |
Configuring PFC3BXL or PFC3B Mode MPLS QoS |
744 |
Enabling QoS Globally |
744 |
Enabling Queueing-Only Mode |
745 |
Restrictions and Usage Guidelines |
746 |
Configuring a Class Map to Classify MPLS Packets |
746 |
Restrictions and Usage Guidelines |
748 |
Configuring the MPLS Packet Trust State on Ingress Ports |
748 |
Restrictions and Usage Guidelines |
749 |
Configuring a Policy Map |
749 |
Configuring a Policy Map to Set the EXP Value on All Imposed Labels |
749 |
EXP Value Imposition Guidelines and Restrictions |
751 |
Configuring a Policy Map Using the Police Command |
752 |
Restrictions and Usage Guidelines |
754 |
Displaying a Policy Map |
754 |
Displaying a PFC3BXL or PFC3B Mode MPLS QoS Policy Map Class Summary |
754 |
Displaying the Configuration of All Classes |
755 |
Configuring PFC3BXL or PFC3B Mode MPLS QoS Egress EXP Mutation |
755 |
Configuring Named EXP Mutation Maps |
756 |
Attaching an Egress EXP Mutation Map to an Interface |
756 |
Configuring EXP Value Maps |
757 |
Configuring an Ingress-EXP to Internal-DSCP Map |
757 |
Configuring a Named Egress-DSCP to Egress-EXP Map |
757 |
MPLS DiffServ Tunneling Modes |
758 |
Short Pipe Mode |
758 |
Short Pipe Mode Restrictions and Guidelines |
759 |
Uniform Mode |
759 |
Uniform Mode Restrictions and Guidelines |
761 |
MPLS DiffServ Tunneling Restrictions and Usage Guidelines |
761 |
Configuring Short Pipe Mode |
761 |
Ingress PE Router-Customer Facing Interface |
761 |
Configuration Example |
762 |
Configuring Ingress PE Router-P Facing Interface |
762 |
Configuration Example |
763 |
Configuring the P Router-Output Interface |
764 |
Configuration Example |
764 |
Configuring the Egress PE Router-Customer Facing Interface |
765 |
Configuration Example |
765 |
Configuring Uniform Mode |
766 |
Configuring the Ingress PE Router-Customer Facing Interface |
766 |
Configuration Example |
767 |
Configuring the Ingress PE Router-P Facing Interface |
767 |
Configuration Example |
768 |
Configuring the Egress PE Router-Customer Facing Interface |
768 |
Configuration Example |
769 |
Configuring PFC QoS Statistics Data Export |
771 |
Understanding PFC QoS Statistics Data Export |
771 |
PFC QoS Statistics Data Export Default Configuration |
772 |
Configuring PFC QoS Statistics Data Export |
772 |
Enabling PFC QoS Statistics Data Export Globally |
772 |
Enabling PFC QoS Statistics Data Export for a Port |
773 |
Enabling PFC QoS Statistics Data Export for a Named Aggregate Policer |
774 |
Enabling PFC QoS Statistics Data Export for a Class Map |
775 |
Setting the PFC QoS Statistics Data Export Time Interval |
776 |
Configuring PFC QoS Statistics Data Export Destination Host and UDP Port |
777 |
Setting the PFC QoS Statistics Data Export Field Delimiter |
779 |
Configuring the Cisco IOS Firewall Feature Set |
781 |
Cisco IOS Firewall Feature Set Support Overview |
781 |
Cisco IOS Firewall Guidelines and Restrictions |
782 |
Additional CBAC Configuration |
783 |
Configuring Network Admission Control |
785 |
Understanding NAC |
785 |
NAC Overview |
786 |
NAC Device Roles |
787 |
AAA Down Policy |
788 |
NAC Layer 2 IP Validation |
788 |
Posture Validation |
789 |
Exception Lists |
789 |
EoU Bypass |
790 |
EAPoUDP Sessions |
790 |
Cisco Secure ACS and AV Pairs |
791 |
Audit Servers |
791 |
ACLs |
792 |
NAC Timers |
792 |
Hold Timer |
793 |
Idle Timer |
793 |
Retransmission Timer |
794 |
Revalidation Timer |
794 |
Status-Query Timer |
795 |
NAC Layer 2 IP Validation and Redundant Supervisor Engines |
795 |
NAC Layer 2 IP Validation and Redundant Modular Switches |
795 |
AAA Down Policy for NAC Layer 2 IP Validation |
795 |
Configuring NAC |
796 |
Default NAC Configuration |
796 |
NAC Layer 2 IP Guidelines, Limitations, and Restrictions |
796 |
Configuring NAC Layer 2 IP Validation |
797 |
Configuring EAPoUDP |
801 |
Configuring Identity Profiles and Policies |
801 |
Configuring a NAC AAA Down Policy |
802 |
Monitoring and Maintaining NAC |
806 |
Clearing Table Entries |
806 |
Displaying NAC Information |
806 |
Configuring IEEE 802.1X Port-Based Authentication |
807 |
Understanding 802.1X Port-Based Authentication |
807 |
Device Roles |
808 |
Authentication Initiation and Message Exchange |
809 |
Ports in Authorized and Unauthorized States |
810 |
Supported Topologies |
811 |
Default 802.1X Port-Based Authentication Configuration |
812 |
802.1X Port-Based Authentication Guidelines and Restrictions |
812 |
Configuring 802.1X Port-Based Authentication |
813 |
Enabling 802.1X Port-Based Authentication |
813 |
Configuring Router-to-RADIUS-Server Communication |
815 |
Enabling Periodic Reauthentication |
816 |
Manually Reauthenticating the Client Connected to a Port |
817 |
Initializing Authentication for the Client Connected to a Port |
817 |
Changing the Quiet Period |
818 |
Changing the Router-to-Client Retransmission Time |
818 |
Setting the Router-to-Client Retransmission Time for EAP-Request Frames |
819 |
Setting the Router-to-Authentication-Server Retransmission Time for Layer 4 Packets |
820 |
Setting the Router-to-Client Frame Retransmission Number |
820 |
Enabling Multiple Hosts |
821 |
Resetting the 802.1X Configuration to the Default Values |
821 |
Displaying 802.1X Status |
822 |
Configuring Port Security |
823 |
Understanding Port Security |
823 |
Port Security with Dynamically Learned and Static MAC Addresses |
824 |
Port Security with Sticky MAC Addresses |
825 |
Default Port Security Configuration |
825 |
Port Security Guidelines and Restrictions |
825 |
Configuring Port Security |
826 |
Enabling Port Security |
827 |
Enabling Port Security on a Trunk |
827 |
Enabling Port Security on an Access Port |
828 |
Configuring the Port Security Violation Mode on a Port |
828 |
Configuring the Port Security Rate Limiter |
829 |
Configuring the Maximum Number of Secure MAC Addresses on a Port |
831 |
Enabling Port Security with Sticky MAC Addresses on a Port |
832 |
Configuring a Static Secure MAC Address on a Port |
833 |
Configuring Secure MAC Address Aging on a Port |
834 |
Configuring the Secure MAC Address Aging Type on a Port |
834 |
Configuring Secure MAC Address Aging Time on a Port |
835 |
Displaying Port Security Settings |
835 |
Configuring CDP |
837 |
Understanding How CDP Works |
837 |
Configuring CDP |
838 |
Enabling CDP Globally |
838 |
Displaying the CDP Global Configuration |
838 |
Enabling CDP on a Port |
839 |
Displaying the CDP Interface Configuration |
839 |
Monitoring and Maintaining CDP |
839 |
Configuring UDLD |
841 |
Understanding How UDLD Works |
841 |
UDLD Overview |
841 |
UDLD Aggressive Mode |
842 |
Default UDLD Configuration |
843 |
Configuring UDLD |
843 |
Enabling UDLD Globally |
843 |
Enabling UDLD on Individual LAN Interfaces |
844 |
Disabling UDLD on Fiber-Optic LAN Interfaces |
844 |
Configuring the UDLD Probe Message Interval |
845 |
Displaying Disabled LAN Interfaces |
845 |
Displaying UDLD Neighbor Interfaces |
845 |
Resetting Disabled LAN Interfaces |
845 |
Configuring NetFlow |
847 |
Understanding NetFlow |
847 |
NetFlow Overview |
848 |
NetFlow on the MSFC |
848 |
NetFlow on the PFC |
849 |
Flow Masks |
849 |
Flow Mask Conflicts |
850 |
Default NetFlow Configuration |
851 |
NetFlow Configuration Guidelines and Restrictions |
851 |
Configuring NetFlow |
852 |
Configuring NetFlow on the PFC |
852 |
NetFlow PFC Commands Summary |
852 |
Enabling NetFlow on the PFC |
853 |
Setting the Minimum IP MLS Flow Mask |
853 |
Configuring the MLS Aging Time |
854 |
Configuring NetFlow Aggregation on the PFC |
855 |
Enabling NetFlow for Ingress-Bridged IP Traffic |
856 |
Enabling NetFlow for Multicast IP Traffic |
856 |
Displaying PFC Netflow Information |
856 |
Configuring NetFlow on the MSFC |
856 |
Summary of NetFlow Commands on the MSFC |
857 |
Enabling NetFlow on the MSFC |
857 |
Configuring NetFlow Aggregation on the MSFC |
857 |
Enabling NetFlow for Ingress-Bridged IP Traffic |
858 |
Enabling NetFlow for Multicast IP Traffic |
859 |
Configuring NDE |
861 |
Understanding NDE |
862 |
NDE Overview |
862 |
NDE on the MSFC |
862 |
NDE on the PFC |
863 |
NDE Flow Mask |
863 |
Additional NDE Fields |
863 |
NDE Versions |
863 |
Exporting NetFlow Data |
867 |
NetFlow Sampling |
867 |
NetFlow Traffic Sampling |
867 |
NetFlow Flow Sampling |
868 |
Packet-based NetFlow Flow Sampling |
868 |
Time-based Netflow Flow Sampling |
869 |
Default NDE Configuration |
870 |
NDE Configuration Guidelines and Restrictions |
870 |
Configuring NDE |
870 |
Configuring NDE on the PFC |
871 |
Enabling NDE From the PFC |
871 |
Populating Additional NDE Fields |
872 |
Configuring NetFlow Flow Sampling |
872 |
Configuring NetFlow Flow Sampling Globally |
872 |
Configuring NetFlow Flow Sampling on a Layer 3 Interface |
873 |
Configuring NDE on the MSFC |
873 |
Configuring the MSFC NDE Source Layer 3 Interface |
873 |
Configuring the NDE Destination |
874 |
Configuring Netflow Flow Sampling |
874 |
Enabling NDE for Ingress-Bridged IP Traffic |
875 |
Displaying the NDE Address and Port Configuration |
875 |
Configuring NDE Flow Filters |
876 |
NDE Flow Filter Overview |
876 |
Configuring a Port Flow Filter |
877 |
Configuring a Host and Port Filter |
877 |
Configuring a Host Flow Filter |
877 |
Configuring a Protocol Flow Filter |
878 |
Displaying the NDE Configuration |
878 |
Configuring Local SPAN, RSPAN, and ERSPAN |
879 |
Understanding How Local SPAN, RSPAN, and ERSPAN Work |
879 |
Local SPAN, RSPAN, and ERSPAN Overview |
880 |
Local SPAN Overview |
880 |
RSPAN Overview |
881 |
ERSPAN Overview |
882 |
Monitored Traffic |
882 |
Monitored Traffic Direction |
883 |
Monitored Traffic |
883 |
Duplicate Traffic |
883 |
Local SPAN, RSPAN, and ERSPAN Sources |
883 |
Source Ports |
883 |
Source VLANs |
883 |
Local SPAN, RSPAN, and ERSPAN Destination Ports |
884 |
Local SPAN, RSPAN, and ERSPAN Configuration Guidelines and Restrictions |
884 |
General Guidelines and Restrictions |
884 |
Feature Incompatiblities |
885 |
Local SPAN, RSPAN, and ERSPAN Session Limits |
886 |
PFC3 |
886 |
PFC2 |
887 |
Local SPAN, RSPAN, and ERSPAN Guidelines and Restrictions |
888 |
VSPAN Guidelines and Restrictions |
889 |
RSPAN Guidelines and Restrictions |
889 |
ERSPAN Guidelines and Restrictions |
890 |
Configuring Local SPAN, RSPAN, and ERSPAN |
892 |
Configuring Destination Port Permit Lists (Optional) |
892 |
Configuring Local SPAN |
893 |
Configuring RSPAN |
894 |
Configuring RSPAN VLANs |
894 |
Configuring RSPAN Source Sessions |
895 |
Configuring RSPAN Destination Sessions |
896 |
Configuring ERSPAN |
897 |
Configuring ERSPAN Source Sessions |
897 |
Configuring ERSPAN Destination Sessions |
900 |
Configuring Source VLAN Filtering for Local SPAN and RSPAN |
902 |
Configuring a Destination Port as an Unconditional Trunk |
902 |
Configuring Destination Trunk Port VLAN Filtering |
903 |
Verifying the Configuration |
904 |
Configuration Examples |
905 |
Configuring SNMP IfIndex Persistence |
907 |
Understanding SNMP IfIndex Persistence |
907 |
Configuring SNMP IfIndex Persistence |
908 |
Enabling SNMP IfIndex Persistence Globally |
908 |
Disabling SNMP IfIndex Persistence Globally |
908 |
Enabling and Disabling SNMP IfIndex Persistence on Specific Interfaces |
909 |
Clearing SNMP IfIndex Persistence Configuration from a Specific Interface |
909 |
Power Management and Environmental Monitoring |
911 |
Understanding How Power Management Works |
911 |
Enabling or Disabling Power Redundancy |
912 |
Powering Modules Off and On |
913 |
Viewing System Power Status |
914 |
Power Cycling Modules |
915 |
Determining System Power Requirements |
915 |
Determining System Hardware Capacity |
915 |
Determining Sensor Temperature Threshold |
918 |
Understanding How Environmental Monitoring Works |
920 |
Monitoring System Environmental Status |
920 |
Understanding LED Environmental Indications |
921 |
Configuring Generic Online Diagnostics |
923 |
Understanding How Online Diagnostics Work |
923 |
Configuring Online Diagnostics |
924 |
Setting Bootup Online Diagnostics Level |
924 |
Configuring On-Demand Online Diagnostics |
925 |
Scheduling Online Diagnostics |
926 |
Configuring Health-Monitoring Diagnostics |
927 |
Running Online Diagnostic Tests |
927 |
Starting and Stopping Online Diagnostic Tests |
928 |
Displaying Online Diagnostic Tests and Test Results |
929 |
Performing Memory Tests |
932 |
Using the Top N Utility |
933 |
Understanding the Top N Utility |
933 |
Top N Utility Overview |
933 |
Understanding Top N Utility Operation |
934 |
Using the Top N Utility |
934 |
Enabling Top N Utility Report Creation |
935 |
Displaying the Top N Utility Reports |
935 |
Clearing Top N Utility Reports |
936 |
Using the Layer 2 Traceroute Utility |
939 |
Understanding the Layer 2 Traceroute Utility |
939 |
Usage Guidelines |
940 |
Using the Layer 2 Traceroute Utility |
941 |
Online Diagnostic Tests |
943 |
Global Health-Monitoring Tests |
944 |
TestSPRPInbandPing |
944 |
TestScratchRegister |
944 |
TestMacNotification |
945 |
Per-Port Tests |
945 |
TestNonDisruptiveLoopback |
946 |
TestLoopback |
946 |
TestActiveToStandbyLoopback |
947 |
TestTransceiverIntegrity |
947 |
TestNetflowInlineRewrite |
947 |
PFC Layer 2 Forwarding Engine Tests |
949 |
TestNewIndexLearn |
949 |
TestDontConditionalLearn |
949 |
TestBadBpduTrap |
950 |
TestMatchCapture |
950 |
TestStaticEntry |
951 |
DFC Layer 2 Forwarding Engine Tests |
951 |
TestDontLearn |
951 |
TestNewLearn |
952 |
TestIndexLearn |
952 |
TestConditionalLearn |
953 |
TestTrap |
953 |
TestBadBpdu |
954 |
TestProtocolMatchChannel |
955 |
TestCapture |
955 |
TestStaticEntry |
956 |
PFC Layer 3 Forwarding Engine Tests |
956 |
TestFibDevices |
956 |
TestIPv4FibShortcut |
957 |
TestIPv6FibShortcut |
957 |
TestMPLSFibShortcut |
958 |
TestNATFibShortcut |
958 |
TestL3Capture2 |
959 |
TestAclPermit |
959 |
TestAclDeny |
960 |
TestNetflowShortcut |
960 |
TestQoS |
960 |
DFC Layer 3 Forwarding Engine Tests |
961 |
TestFibDevices |
961 |
TestIPv4FibShortcut |
962 |
TestIPv6FibShortcut |
962 |
TestMPLSFibShortcut |
963 |
TestNATFibShortcut |
963 |
TestL3Capture2 |
964 |
TestAclPermit |
964 |
TestAclDeny |
965 |
TestQoS |
965 |
TestNetflowShortcut |
966 |
Replication Engine Tests |
966 |
TestL3VlanMet |
966 |
TestIngressSpan |
967 |
TestEgressSpan |
967 |
Fabric Tests |
968 |
TestFabricSnakeForward |
968 |
TestFabricSnakeBackward |
969 |
TestSynchedFabChannel |
969 |
TestFabricCh0Health |
970 |
TestFabricCh1Health |
970 |
Exhaustive Memory Tests |
970 |
TestFibTcamSSRAM |
971 |
TestAsicMemory |
971 |
TestAclQosTcam |
972 |
TestNetflowTcam |
972 |
TestQoSTcam |
972 |
IPSEC Services Modules Tests |
974 |
TestIPSecClearPkt |
974 |
TestHapiEchoPkt |
974 |
TestIPSecEncryptDecryptPkt |
975 |
Stress Tests |
975 |
TestTrafficStress |
975 |
TestEobcStressPing |
976 |
Critical Recovery Tests |
976 |
TestL3HealthMonitoring |
976 |
TestTxPathMonitoring |
977 |
TestSynchedFabChannel |
977 |
General Tests |
978 |
ScheduleSwitchover |
978 |
TestFirmwareDiagStatus |
978 |
Acronyms |
979 |