Section |
Page |
Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide |
1 |
Contents |
3 |
Preface |
29 |
Audience |
29 |
Related Documentation |
29 |
Conventions |
30 |
Product Overview |
33 |
Supported Hardware and Software |
33 |
User Interfaces |
33 |
Configuring Embedded CiscoView Support |
34 |
Understanding Embedded CiscoView |
34 |
Installing and Configuring Embedded CiscoView |
34 |
Displaying Embedded CiscoView Information |
35 |
Software Features Supported in Hardware by the PFC3B |
35 |
Command-Line Interfaces |
39 |
Accessing the CLI |
39 |
Accessing the CLI through the EIA/TIA-232 Console Interface |
40 |
Accessing the CLI through Telnet |
40 |
Performing Command Line Processing |
41 |
Performing History Substitution |
41 |
Cisco IOS Command Modes |
42 |
Displaying a List of Cisco IOS Commands and Syntax |
43 |
Securing the CLI |
44 |
ROM-Monitor Command-Line Interface |
45 |
Configuring the Switch for the First Time |
47 |
Default Configuration |
47 |
Configuring the Switch |
48 |
Using the Setup Facility or the setup Command |
48 |
Setup Overview |
48 |
Configuring the Global Parameters |
49 |
Configuring Interfaces |
54 |
Using Configuration Mode |
56 |
Checking the Running Configuration Before Saving |
56 |
Saving the Running Configuration Settings |
57 |
Reviewing the Configuration |
57 |
Configuring a Static Route |
57 |
Configuring a BOOTP Server |
59 |
Protecting Access to Privileged EXEC Commands |
60 |
Setting or Changing a Static Enable Password |
60 |
Using the enable password and enable secret Commands |
61 |
Setting or Changing a Line Password |
61 |
Setting TACACS+ Password Protection for Privileged EXEC Mode |
62 |
Encrypting Passwords |
62 |
Configuring Multiple Privilege Levels |
63 |
Setting the Privilege Level for a Command |
63 |
Changing the Default Privilege Level for Lines |
63 |
Logging In to a Privilege Level |
64 |
Exiting a Privilege Level |
64 |
Displaying the Password, Access Level, and Privilege Level Configuration |
64 |
Recovering a Lost Enable Password |
64 |
Modifying the Supervisor Engine Startup Configuration |
65 |
Understanding the Supervisor Engine Boot Configuration |
65 |
Understanding the Supervisor Engine Boot Process |
65 |
Understanding the ROM Monitor |
65 |
Configuring the Software Configuration Register |
66 |
Modifying the Boot Field and Using the boot Command |
67 |
Modifying the Boot Field |
68 |
Verifying the Configuration Register Setting |
69 |
Specifying the Startup System Image |
69 |
Understanding Flash Memory |
70 |
Flash Memory Features |
70 |
Security Features |
70 |
Flash Memory Configuration Process |
70 |
CONFIG_FILE Environment Variable |
71 |
Controlling Environment Variables |
71 |
Configuring a Supervisor Engine 32 PISA |
73 |
Flash Memory on a Supervisor Engine 32 PISA |
74 |
Supervisor Engine 32 PISA Ports |
74 |
Supervisor Engine 32 PISA Management Ports |
74 |
Supervisor Engine 32 PISA Data Ports |
74 |
Configuring Full PISA EtherChannel Bandwidth |
75 |
Displaying PISA Platform Statistics |
76 |
Cisco IOS Release 12.2(33)ZYA and earlier releases |
77 |
Cisco IOS Release 12.2(33)ZYA1 and later releases |
77 |
Configuring NSF with SSO Supervisor Engine Redundancy |
79 |
Understanding NSF with SSO Supervisor Engine Redundancy |
79 |
NSF with SSO Supervisor Engine Redundancy Overview |
80 |
SSO Operation |
80 |
NSF Operation |
80 |
Cisco Express Forwarding |
81 |
Multicast MLS NSF with SSO |
81 |
Routing Protocols |
82 |
BGP Operation |
82 |
OSPF Operation |
83 |
IS-IS Operation |
83 |
IETF IS-IS Configuration |
84 |
Cisco IS-IS Configuration |
84 |
EIGRP Operation |
85 |
NSF Benefits and Restrictions |
85 |
Supervisor Engine Configuration Synchronization |
87 |
Supervisor Engine Redundancy Guidelines and Restrictions |
87 |
Redundancy Configuration Guidelines and Restrictions |
87 |
Hardware Configuration Guidelines and Restrictions |
87 |
Configuration Mode Restrictions |
88 |
NSF Configuration Tasks |
88 |
Configuring SSO |
89 |
Configuring Multicast MLS NSF with SSO |
89 |
Verifying Multicast NSF with SSO |
90 |
Configuring CEF NSF |
90 |
Verifying CEF NSF |
90 |
Configuring BGP NSF |
91 |
Verifying BGP NSF |
91 |
Configuring OSPF NSF |
92 |
Verifying OSPF NSF |
92 |
Configuring IS-IS NSF |
93 |
Verifying IS-IS NSF |
94 |
Configuring EIGRP NSF |
96 |
Verifying EIGRP NSF |
96 |
Synchronizing the Supervisor Engine Configurations |
97 |
Copying Files to the Redundant Supervisor Engine |
97 |
Configuring RPR Supervisor Engine Redundancy |
99 |
Understanding RPR |
99 |
Supervisor Engine Redundancy Overview |
100 |
RPR Operation |
100 |
Supervisor Engine Configuration Synchronization |
101 |
Supervisor Engine Redundancy Guidelines and Restrictions |
101 |
Redundancy Guidelines and Restrictions |
101 |
Hardware Configuration Guidelines and Restrictions |
101 |
Configuration Mode Restrictions |
102 |
Configuring Supervisor Engine Redundancy |
102 |
Configuring Redundancy |
102 |
Synchronizing the Supervisor Engine Configurations |
103 |
Displaying the Redundancy States |
103 |
Performing a Fast Software Upgrade |
104 |
Copying Files to the Redundant Supervisor Engine |
105 |
Configuring Interfaces |
107 |
Understanding Interface Configuration |
108 |
Using the Interface Command |
108 |
Configuring a Range of Interfaces |
110 |
Defining and Using Interface-Range Macros |
111 |
Configuring Optional Interface Features |
112 |
Configuring Ethernet Interface Speed and Duplex Mode |
113 |
Speed and Duplex Mode Configuration Guidelines |
113 |
Configuring the Ethernet Interface Speed |
113 |
Setting the Interface Duplex Mode |
114 |
Configuring Link Negotiation on Gigabit Ethernet Ports |
114 |
Displaying the Speed and Duplex Mode Configuration |
115 |
Configuring Jumbo Frame Support |
116 |
Understanding Jumbo Frame Support |
116 |
Jumbo Frame Support Overview |
116 |
Bridged and Routed Traffic Size Check at Ingress 10, 10/100, and 100 Mbps Ethernet and 10-Gigabit Ethernet Ports |
117 |
Bridged and Routed Traffic Size Check at Ingress Gigabit Ethernet Ports |
117 |
Routed Traffic Size Check on the PFC3B |
117 |
Bridged and Routed Traffic Size Check at Egress 10, 10/100, and 100 Mbps Ethernet Ports |
117 |
Bridged and Routed Traffic Size Check at Egress Gigabit Ethernet and 10-Gigabit Ethernet Ports |
117 |
Ethernet Ports |
117 |
Ethernet Port Overview |
117 |
Layer 3 Ethernet Ports |
118 |
Layer 2 Ethernet Ports |
118 |
VLAN Interfaces |
118 |
Configuring MTU Sizes |
118 |
Configuring the MTU Size |
118 |
Configuring the Global Egress LAN Port MTU Size |
119 |
Configuring IEEE 802.3x Flow Control |
119 |
Configuring the Port Debounce Timer |
120 |
Adding a Description for an Interface |
121 |
Understanding Online Insertion and Removal |
122 |
Monitoring and Maintaining Interfaces |
122 |
Monitoring Interface Status |
123 |
Clearing Counters on an Interface |
123 |
Resetting an Interface |
124 |
Shutting Down and Restarting an Interface |
124 |
Checking the Cable Status Using the TDR |
125 |
Configuring LAN Ports for Layer 2 Switching |
127 |
Understanding How Layer 2 Switching Works |
127 |
Understanding Layer 2 Ethernet Switching |
127 |
Layer 2 Ethernet Switching Overview |
128 |
Switching Frames Between Segments |
128 |
Building the Address Table |
128 |
Understanding VLAN Trunks |
128 |
Trunking Overview |
129 |
Encapsulation Types |
129 |
Layer 2 LAN Port Modes |
130 |
Default Layer 2 LAN Interface Configuration |
131 |
Layer 2 LAN Interface Configuration Guidelines and Restrictions |
131 |
Configuring LAN Interfaces for Layer 2 Switching |
132 |
Configuring a LAN Port for Layer 2 Switching |
133 |
Configuring a Layer 2 Switching Port as a Trunk |
134 |
Configuring the Layer 2 Switching Port as an ISL or 802.1Q Trunk |
134 |
Configuring the Layer 2 Trunk to Use DTP |
135 |
Configuring the Layer 2 Trunk Not to Use DTP |
135 |
Configuring the Access VLAN |
136 |
Configuring the 802.1Q Native VLAN |
136 |
Configuring the List of VLANs Allowed on a Trunk |
137 |
Configuring the List of Prune-Eligible VLANs |
137 |
Completing Trunk Configuration |
138 |
Verifying Layer 2 Trunk Configuration |
138 |
Configuration and Verification Examples |
139 |
Configuring a LAN Interface as a Layer 2 Access Port |
140 |
Configuring a Custom IEEE 802.1Q EtherType Field Value |
141 |
Configuring Flex Links |
143 |
Understanding Flex Links |
143 |
Configuring Flex Links |
144 |
Flex Links Default Configuration |
144 |
Flex Links Configuration Guidelines and Restrictions |
144 |
Configuring Flex Links |
145 |
Monitoring Flex Links |
145 |
Configuring EtherChannels |
147 |
Understanding How EtherChannels Work |
147 |
EtherChannel Feature Overview |
147 |
Understanding How EtherChannels Are Configured |
148 |
EtherChannel Configuration Overview |
148 |
Understanding Manual EtherChannel Configuration |
149 |
Understanding PAgP EtherChannel Configuration |
149 |
Understanding IEEE 802.3ad LACP EtherChannel Configuration |
149 |
Understanding Port Channel Interfaces |
150 |
Understanding Load Balancing |
150 |
EtherChannel Feature Configuration Guidelines and Restrictions |
151 |
Configuring EtherChannels |
152 |
Configuring Port Channel Logical Interfaces for Layer 3 EtherChannels |
152 |
Configuring Channel Groups |
153 |
Configuring the LACP System Priority and System ID |
156 |
Configuring EtherChannel Load Balancing |
156 |
Configuring the EtherChannel Min-Links Feature |
157 |
Configuring VTP |
159 |
Understanding How VTP Works |
159 |
Understanding the VTP Domain |
160 |
Understanding VTP Modes |
160 |
Understanding VTP Advertisements |
161 |
Understanding VTP Version 2 |
161 |
Understanding VTP Pruning |
161 |
VTP Default Configuration |
163 |
VTP Configuration Guidelines and Restrictions |
163 |
Configuring VTP |
164 |
Configuring VTP Global Parameters |
164 |
Configuring a VTP Password |
164 |
Enabling VTP Pruning |
165 |
Enabling VTP Version 2 |
165 |
Configuring the VTP Mode |
166 |
Displaying VTP Statistics |
168 |
Configuring VLANs |
169 |
Understanding How VLANs Work |
169 |
VLAN Overview |
169 |
VLAN Ranges |
170 |
Configurable VLAN Parameters |
171 |
Understanding Token Ring VLANs |
171 |
Token Ring TrBRF VLANs |
171 |
Token Ring TrCRF VLANs |
172 |
VLAN Default Configuration |
174 |
VLAN Configuration Guidelines and Restrictions |
176 |
Configuring VLANs |
177 |
VLAN Configuration Options |
177 |
VLAN Configuration in Global Configuration Mode |
177 |
VLAN Configuration in VLAN Database Mode |
178 |
Creating or Modifying an Ethernet VLAN |
178 |
Assigning a Layer 2 LAN Interface to a VLAN |
179 |
Configuring the Internal VLAN Allocation Policy |
180 |
Configuring VLAN Translation |
180 |
VLAN Translation Guidelines and Restrictions |
181 |
Configuring VLAN Translation on a Trunk Port |
182 |
Enabling VLAN Translation on Other Ports in a Port Group |
183 |
Mapping 802.1Q VLANs to ISL VLANs |
183 |
Saving VLAN Information |
184 |
Configuring Private VLANs |
185 |
Understanding How Private VLANs Work |
185 |
Private VLAN Domains |
186 |
Private VLAN Ports |
187 |
Primary, Isolated, and Community VLANs |
187 |
Private VLAN Port Isolation |
188 |
IP Addressing Scheme with Private VLANs |
188 |
Private VLANs Across Multiple Switches |
189 |
Private VLAN Interaction with Other Features |
189 |
Private VLANs and Unicast, Broadcast, and Multicast Traffic |
190 |
Private VLANs and SVIs |
190 |
Private VLAN Configuration Guidelines and Restrictions |
190 |
Secondary and Primary VLAN Configuration |
191 |
Private VLAN Port Configuration |
193 |
Limitations with Other Features |
193 |
Configuring Private VLANs |
195 |
Configuring a VLAN as a Private VLAN |
195 |
Associating Secondary VLANs with a Primary VLAN |
196 |
Mapping Secondary VLANs to the Layer 3 VLAN Interface of a Primary VLAN |
197 |
Configuring a Layer 2 Interface as a Private VLAN Host Port |
198 |
Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port |
199 |
Monitoring Private VLANs |
201 |
Configuring Cisco IP Phone Support |
203 |
Understanding Cisco IP Phone Support |
203 |
Cisco IP Phone Connections |
203 |
Cisco IP Phone Voice Traffic |
204 |
Cisco IP Phone Data Traffic |
205 |
Cisco IP Phone Power Configurations |
205 |
Locally Powered Cisco IP Phones |
205 |
Inline-Powered Cisco IP Phones |
205 |
Inline Power Management |
206 |
Example: Cisco Prestandard IP Phone |
207 |
Example: IEEE 802.3af IP Phone |
207 |
Default Cisco IP Phone Support Configuration |
207 |
Cisco IP Phone Support Configuration Guidelines and Restrictions |
208 |
Configuring Cisco IP Phone Support |
208 |
Configuring Voice Traffic Support |
209 |
Configuring Data Traffic Support |
210 |
Configuring Inline Power Support |
211 |
Configuring IEEE 802.1Q Tunneling |
213 |
Understanding How 802.1Q Tunneling Works |
213 |
802.1Q Tunneling Configuration Guidelines and Restrictions |
215 |
Configuring 802.1Q Tunneling |
218 |
Configuring 802.1Q Tunnel Ports |
218 |
Configuring the Switch to Tag Native VLAN Traffic |
218 |
Configuring Layer 2 Protocol Tunneling |
221 |
Understanding How Layer 2 Protocol Tunneling Works |
221 |
Configuring Support for Layer 2 Protocol Tunneling |
222 |
Configuring STP and MST |
225 |
Understanding How STP Works |
225 |
STP Overview |
226 |
Understanding the Bridge ID |
226 |
Bridge Priority Value |
226 |
Extended System ID |
227 |
STP MAC Address Allocation |
227 |
Understanding Bridge Protocol Data Units |
227 |
Election of the Root Bridge |
228 |
STP Protocol Timers |
228 |
Creating the Spanning Tree Topology |
228 |
STP Port States |
229 |
STP Port State Overview |
229 |
Blocking State |
231 |
Listening State |
231 |
Learning State |
232 |
Forwarding State |
233 |
Disabled State |
234 |
STP and IEEE 802.1Q Trunks |
235 |
Understanding How IEEE 802.1w RSTP Works |
236 |
Port Roles and the Active Topology |
236 |
Rapid Convergence |
237 |
Synchronization of Port Roles |
238 |
Bridge Protocol Data Unit Format and Processing |
239 |
BPDU Format and Processing Overview |
239 |
Processing Superior BPDU Information |
240 |
Processing Inferior BPDU Information |
240 |
Topology Changes |
241 |
Rapid-PVST |
241 |
Understanding MST |
241 |
MST Overview |
242 |
MST Regions |
242 |
IST, CIST, and CST |
243 |
IST, CIST, and CST Overview |
243 |
Spanning Tree Operation Within an MST Region |
244 |
Spanning Tree Operations Between MST Regions |
244 |
IEEE 802.1s Terminology |
245 |
Hop Count |
246 |
Boundary Ports |
246 |
Standard-Compliant MST Implementation |
247 |
Changes in Port-Role Naming |
247 |
Spanning Tree Interoperation Between Legacy and Standard-Compliant Switches |
248 |
Detecting Unidirectional Link Failure |
248 |
Interoperability with IEEE 802.1D-1998 STP |
249 |
Configuring STP |
249 |
Default STP Configuration |
250 |
Enabling STP |
250 |
Enabling the Extended System ID |
252 |
Configuring the Root Bridge |
252 |
Configuring a Secondary Root Bridge |
253 |
Configuring STP Port Priority |
254 |
Configuring STP Port Cost |
256 |
Configuring the Bridge Priority of a VLAN |
257 |
Configuring the Hello Time |
258 |
Configuring the Forward-Delay Time for a VLAN |
259 |
Configuring the Maximum Aging Time for a VLAN |
259 |
Enabling Rapid-PVST |
260 |
Specifying the Link Type |
260 |
Restarting Protocol Migration |
260 |
Configuring MST |
261 |
Default MST Configuration |
261 |
MST Configuration Guidelines and Restrictions |
262 |
Specifying the MST Region Configuration and Enabling MST |
262 |
Configuring the Root Bridge |
264 |
Configuring a Secondary Root Bridge |
265 |
Configuring Port Priority |
266 |
Configuring Path Cost |
267 |
Configuring the Switch Priority |
268 |
Configuring the Hello Time |
269 |
Configuring the Forwarding-Delay Time |
270 |
Configuring the Transmit Hold Count |
270 |
Configuring the Maximum-Aging Time |
271 |
Configuring the Maximum-Hop Count |
271 |
Specifying the Link Type to Ensure Rapid Transitions |
271 |
Designating the Neighbor Type |
272 |
Restarting the Protocol Migration Process |
273 |
Displaying the MST Configuration and Status |
273 |
Configuring Optional STP Features |
275 |
Understanding How PortFast Works |
276 |
Understanding How BPDU Guard Works |
276 |
Understanding How PortFast BPDU Filtering Works |
276 |
Understanding How UplinkFast Works |
277 |
Understanding How BackboneFast Works |
278 |
Understanding How EtherChannel Guard Works |
280 |
Understanding How Root Guard Works |
280 |
Understanding How Loop Guard Works |
280 |
Enabling PortFast |
282 |
Enabling PortFast BPDU Filtering |
284 |
Enabling BPDU Guard |
285 |
Enabling UplinkFast |
286 |
Enabling BackboneFast |
287 |
Enabling EtherChannel Guard |
288 |
Enabling Root Guard |
288 |
Enabling Loop Guard |
289 |
Configuring Layer 3 Interfaces |
291 |
Layer 3 Interface Configuration Guidelines and Restrictions |
291 |
Configuring Subinterfaces on Layer 3 Interfaces |
292 |
Configuring IPv4 Routing and Addresses |
293 |
Configuring IPX Routing and Network Numbers |
296 |
Configuring AppleTalk Routing, Cable Ranges, and Zones |
297 |
Configuring Other Protocols on Layer 3 Interfaces |
298 |
Configuring UDE and UDLR |
299 |
Understanding UDE and UDLR |
299 |
UDE and UDLR Overview |
299 |
Supported Hardware |
300 |
Understanding UDE |
300 |
UDE Overview |
300 |
Understanding Hardware-Based UDE |
300 |
Understanding Software-Based UDE |
301 |
Understanding UDLR |
301 |
Configuring UDE and UDLR |
301 |
Configuring UDE |
301 |
UDE Configuration Guidelines |
302 |
Configuring Hardware-Based UDE |
302 |
Configuring Software-Based UDE |
303 |
Configuring UDLR |
304 |
UDLR Back-Channel Tunnel Configuration Guidelines |
304 |
Configuring a Receive-Only Tunnel Interface for a UDE Send-Only Port |
305 |
Configuring a Send-Only Tunnel Interface for a UDE Receive-Only Port |
305 |
Router A Configuration |
306 |
Router B Configuration |
306 |
Configuring Multiprotocol Label Switching |
307 |
MPLS Label Switching |
307 |
Understanding MPLS |
308 |
Understanding MPLS Label Switching |
308 |
IP to MPLS |
309 |
MPLS to MPLS |
309 |
MPLS to IP |
309 |
MPLS VPN Forwarding |
310 |
Recirculation |
310 |
Supported Hardware Features |
310 |
Supported Cisco IOS Features |
311 |
MPLS Guidelines and Restrictions |
313 |
MPLS Supported Commands |
313 |
Configuring MPLS |
313 |
MPLS Per-Label Load Balancing |
313 |
Basic MPLS Load Balancing |
314 |
MPLS Layer 2 VPN Load Balancing |
314 |
MPLS Layer 3 VPN Load Balancing |
314 |
MPLS Configuration Examples |
314 |
VPN Switching |
315 |
VPN Switching Operation |
316 |
MPLS VPN Guidelines and Restrictions |
317 |
MPLS VPN Supported Commands |
317 |
Configuring MPLS VPN |
317 |
MPLS VPN Sample Configuration |
318 |
Any Transport over MPLS |
319 |
AToM Load Balancing |
320 |
Understanding EoMPLS |
320 |
EoMPLS Guidelines and Restrictions |
320 |
Configuring EoMPLS |
322 |
Prerequisites |
322 |
Configuring VLAN-Based EoMPLS |
322 |
Verifying the Configuration |
323 |
Configuring Port-Based EoMPLS |
325 |
Verifying the Configuration |
327 |
Configuring IPv4 Multicast VPN Support |
329 |
Understanding How MVPN Works |
329 |
MVPN Overview |
329 |
Multicast Routing and Forwarding and Multicast Domains |
330 |
Multicast Distribution Trees |
330 |
Multicast Tunnel Interfaces |
333 |
PE Router Routing Table Support for MVPN |
334 |
Multicast Distributed Switching Support |
334 |
Hardware-Assisted IPv4 Multicast |
334 |
MVPN Configuration Guidelines and Restrictions |
335 |
Configuring MVPN |
336 |
Forcing Ingress Multicast Replication Mode (Optional) |
336 |
Configuring a Multicast VPN Routing and Forwarding Instance |
337 |
Configuring a VRF Entry |
338 |
Configuring the Route Distinguisher |
338 |
Configuring the Route-Target Extended Community |
339 |
Configuring the Default MDT |
339 |
Configuring Data MDTs (Optional) |
340 |
Enabling Data MDT Logging |
340 |
Sample Configuration |
341 |
Displaying VRF Information |
341 |
Configuring Multicast VRF Routing |
343 |
Enabling IPv4 Multicast Routing Globally |
344 |
Enabling IPv4 Multicast VRF Routing |
344 |
Configuring a PIM VRF Register Message Source Address |
344 |
Specifying the PIM VRF Rendezvous Point (RP) Address |
345 |
Configuring a Multicast Source Discovery Protocol (MSDP) Peer |
345 |
Enabling IPv4 Multicast Header Storage |
346 |
Configuring the Maximum Number of Multicast Routes |
346 |
Configuring IPv4 Multicast Route Filtering |
347 |
Sample Configuration |
347 |
Displaying IPv4 Multicast VRF Routing Information |
348 |
Configuring Interfaces for Multicast Routing to Support MVPN |
348 |
Multicast Routing Configuration Overview |
348 |
Configuring PIM on an Interface |
348 |
Configuring an Interface for IPv4 VRF Forwarding |
349 |
Sample Configuration |
350 |
Sample Configurations for MVPN |
350 |
MVPN Configuration with Default MDTs Only |
350 |
MVPN Configuration with Default and Data MDTs |
352 |
Configuring IP Unicast Layer 3 Switching |
357 |
Understanding How Layer 3 Switching Works |
357 |
Understanding Hardware Layer 3 Switching |
358 |
Understanding Layer 3-Switched Packet Rewrite |
358 |
Hardware Layer 3 Switching Examples |
359 |
Default Hardware Layer 3 Switching Configuration |
360 |
Configuration Guidelines and Restrictions |
360 |
Configuring Hardware Layer 3 Switching |
360 |
Displaying Hardware Layer 3 Switching Statistics |
361 |
Configuring IPv6 Multicast PFC3B Layer 3 Switching |
363 |
Features that Support IPv6 Multicast |
363 |
IPv6 Multicast Guidelines and Restrictions |
364 |
New or Changed IPv6 Multicast Commands |
365 |
Configuring IPv6 Multicast Layer 3 Switching |
365 |
Using show Commands to Verify IPv6 Multicast Layer 3 Switching |
365 |
Verifying MFIB Clients |
366 |
Displaying the Switching Capability |
366 |
Verifying the (S,G) Forwarding Capability |
366 |
Verifying the (*,G) Forwarding Capability |
367 |
Verifying the Subnet Entry Support Status |
367 |
Verifying the Current Replication Mode |
367 |
Displaying the Replication Mode Auto Detection Status |
367 |
Displaying the Replication Mode Capabilities |
367 |
Displaying Subnet Entries |
368 |
Displaying the IPv6 Multicast Summary |
368 |
Displaying the NetFlow Hardware Forwarding Count |
368 |
Displaying the FIB Hardware Bridging and Drop Counts |
369 |
Displaying the Shared and Well-Known Hardware Adjacency Counters |
369 |
Configuring IPv4 Multicast Layer 3 Switching |
371 |
Understanding How IPv4 Multicast Layer 3 Switching Works |
371 |
IPv4 Multicast Layer 3 Switching Overview |
372 |
Multicast Layer 3 Switching Cache |
372 |
Layer 3-Switched Multicast Packet Rewrite |
373 |
Partially and Completely Switched Flows |
373 |
Partially Switched Flows |
374 |
Completely Switched Flows |
374 |
Non-RPF Traffic Processing |
375 |
Non-RPF Traffic Overview |
375 |
Filtering of RPF Failures for Stub Networks |
375 |
Rate Limiting of RPF Failure Traffic |
376 |
Understanding How IPv4 Bidirectional PIM Works |
376 |
Default IPv4 Multicast Layer 3 Switching Configuration |
376 |
IPv4 Multicast Layer 3 Switching Configuration Guidelines and Restrictions |
377 |
Restrictions |
377 |
Unsupported Features |
378 |
Configuring IPv4 Multicast Layer 3 Switching |
378 |
Source-Specific Multicast with IGMPv3, IGMP v3lite, and URD |
379 |
Enabling IPv4 Multicast Routing Globally |
379 |
Enabling IPv4 PIM on Layer 3 Interfaces |
379 |
Enabling IP Multicast Layer 3 Switching Globally |
380 |
Enabling IP Multicast Layer 3 Switching on Layer 3 Interfaces |
380 |
Specifying the Maximum Number of Multicast Routes |
381 |
Configuring the Layer 3 Switching Global Threshold |
381 |
Enabling Installation of Directly Connected Subnets |
382 |
Specifying the Flow Statistics Message Interval |
382 |
Enabling Shortcut-Consistency Checking |
382 |
Configuring ACL-Based Filtering of RPF Failures |
383 |
Displaying RPF Failure Rate-Limiting Information |
383 |
Displaying IPv4 Multicast Layer 3 Hardware Switching Summary |
384 |
Displaying the IPv4 Multicast Routing Table |
386 |
Displaying IPv4 Multicast Layer 3 Switching Statistics |
387 |
Configuring IPv4 Bidirectional PIM |
388 |
Enabling IPv4 Bidirectional PIM Globally |
388 |
Configuring the Rendezvous Point for IPv4 Bidirectional PIM Groups |
389 |
Setting the IPv4 Bidirectional PIM Scan Interval |
389 |
Displaying IPv4 Bidirectional PIM Information |
390 |
Using IPv4 Debug Commands |
392 |
Clearing IPv4 Multicast Layer 3 Switching Statistics |
392 |
Redundancy for Multicast Traffic |
393 |
Configuring MLDv2 Snooping for IPv6 Multicast Traffic |
395 |
Understanding How MLDv2 Snooping Works |
395 |
MLDv2 Snooping Overview |
396 |
MLDv2 Messages |
396 |
Source-Based Filtering |
397 |
Explicit Host Tracking |
397 |
MLDv2 Snooping Proxy Reporting |
397 |
Joining an IPv6 Multicast Group |
398 |
Leaving a Multicast Group |
400 |
Normal Leave Processing |
400 |
Fast-Leave Processing |
400 |
Understanding the MLDv2 Snooping Querier |
401 |
Default MLDv2 Snooping Configuration |
401 |
MLDv2 Snooping Configuration Guidelines and Restrictions |
401 |
MLDv2 Snooping Querier Configuration Guidelines and Restrictions |
402 |
Enabling the MLDv2 Snooping Querier |
402 |
Configuring MLDv2 Snooping |
403 |
Enabling MLDv2 Snooping |
403 |
Configuring a Static Connection to a Multicast Receiver |
404 |
Configuring a Multicast Router Port Statically |
405 |
Configuring the MLD Snooping Query Interval |
405 |
Enabling Fast-Leave Processing |
406 |
Enabling SSM Safe Reporting |
406 |
Configuring Explicit Host Tracking |
407 |
Configuring Report Suppression |
407 |
Displaying MLDv6 Snooping Information |
408 |
Displaying Multicast Router Interfaces |
408 |
Displaying MAC Address Multicast Entries |
408 |
Displaying MLDv2 Snooping Information for a VLAN Interface |
409 |
Configuring IGMP Snooping for IPv4 Multicast Traffic |
411 |
Understanding How IGMP Snooping Works |
411 |
IGMP Snooping Overview |
412 |
Joining a Multicast Group |
412 |
Leaving a Multicast Group |
414 |
Normal Leave Processing |
414 |
Fast-Leave Processing |
415 |
Understanding the IGMP Snooping Querier |
415 |
Understanding IGMP Version 3 Support |
415 |
IGMPv3 Fast-Leave Processing |
416 |
Proxy Reporting |
416 |
Explicit Host Tracking |
417 |
Default IGMP Snooping Configuration |
417 |
IGMP Snooping Configuration Guidelines and Restrictions |
417 |
IGMP Snooping Querier Configuration Guidelines and Restrictions |
418 |
Enabling the IGMP Snooping Querier |
418 |
Configuring IGMP Snooping |
419 |
Enabling IGMP Snooping |
420 |
Configuring a Static Connection to a Multicast Receiver |
421 |
Configuring a Multicast Router Port Statically |
421 |
Configuring the IGMP Snooping Query Interval |
421 |
Enabling IGMP Fast-Leave Processing |
422 |
Configuring Source Specific Multicast (SSM) Mapping |
422 |
Configuring IGMPv3 Explicit Host Tracking |
423 |
Displaying IGMP Snooping Information |
424 |
Displaying Multicast Router Interfaces |
424 |
Displaying MAC Address Multicast Entries |
424 |
Displaying IGMP Snooping Information for a VLAN Interface |
425 |
Displaying IGMP Snooping Statistics |
425 |
Configuring PIM Snooping |
427 |
Understanding How PIM Snooping Works |
427 |
Default PIM Snooping Configuration |
430 |
PIM Snooping Configuration Guidelines and Restrictions |
430 |
Configuring PIM Snooping |
430 |
Enabling PIM Snooping Globally |
431 |
Enabling PIM Snooping in a VLAN |
431 |
Disabling PIM Snooping Designated-Router Flooding |
432 |
Configuring RGMP |
433 |
Understanding How RGMP Works |
433 |
Default RGMP Configuration |
434 |
RGMP Configuration Guidelines and Restrictions |
434 |
Enabling RGMP on Layer 3 Interfaces |
435 |
Configuring Network Security |
437 |
Configuring MAC Address-Based Traffic Blocking |
437 |
Configuring TCP Intercept |
438 |
Configuring Unicast Reverse Path Forwarding Check |
438 |
Understanding PFC3B Unicast RPF Check Support |
438 |
Unicast RPF Check Guidelines and Restrictions |
439 |
Configuring Unicast RPF Check |
439 |
Configuring the Unicast RPF Check Mode |
439 |
Configuring the Multiple-Path Unicast RPF Check Mode on a PFC3B |
441 |
Configuring Multiple-Path Interface Groups on a PFC3B |
442 |
Enabling Self-Pinging |
442 |
Understanding Cisco IOS ACL Support |
443 |
Cisco IOS ACL Configuration Guidelines and Restrictions |
443 |
Hardware and Software ACL Support |
444 |
Optimized ACL Logging with a PFC3B |
445 |
Understanding OAL |
445 |
OAL Guidelines and Restrictions |
445 |
Configuring OAL |
446 |
Configuring OAL Global Parameters |
446 |
Configuring OAL on an Interface |
447 |
Displaying OAL Information |
447 |
Clearing Cached OAL Entries |
447 |
Guidelines and Restrictions for Using Layer 4 Operators in ACLs |
447 |
Determining Layer 4 Operation Usage |
448 |
Determining Logical Operation Unit Usage |
448 |
Configuring VLAN ACLs |
451 |
Understanding VACLs |
451 |
VACL Overview |
451 |
Bridged Packets |
452 |
Routed Packets |
452 |
Multicast Packets |
454 |
Configuring VACLs |
454 |
VACL Configuration Overview |
455 |
Defining a VLAN Access Map |
456 |
Configuring a Match Clause in a VLAN Access Map Sequence |
456 |
Configuring an Action Clause in a VLAN Access Map Sequence |
457 |
Applying a VLAN Access Map |
458 |
Verifying VLAN Access Map Configuration |
458 |
VLAN Access Map Configuration and Verification Examples |
459 |
Configuring a Capture Port |
459 |
Configuring VACL Logging |
461 |
Configuring Denial of Service Protection |
463 |
Understanding How DoS Protection Works |
464 |
Security ACLs and VACLs |
464 |
QoS Rate Limiting |
465 |
uRPF Check |
465 |
Traffic Storm Control |
466 |
Network Under SYN Attack |
466 |
ARP Policing |
467 |
Recommended Rate-Limiter Configuration |
468 |
Hardware-Based Rate Limiters on the PFC3B |
468 |
Ingress-Egress ACL Bridged Packets (Unicast Only) |
469 |
uRPF Check Failure |
469 |
TTL Failure |
470 |
ICMP Unreachable (Unicast Only) |
470 |
FIB (CEF) Receive Cases (Unicast Only) |
470 |
FIB Glean (Unicast Only) |
470 |
Layer 3 Security Features (Unicast Only) |
471 |
ICMP Redirect (Unicast Only) |
471 |
VACL Log (Unicast Only) |
471 |
MTU Failure |
472 |
Layer 2 Multicast IGMP Snooping |
472 |
Layer 2 PDU |
472 |
Layer 2 Protocol Tunneling |
472 |
IP Errors |
473 |
IPv4 Multicast |
473 |
IPv6 Multicast |
473 |
DoS Protection Default Configuration |
475 |
DoS Protection Configuration Guidelines and Restrictions |
476 |
Monitoring Packet Drop Statistics |
476 |
Monitoring Dropped Packets Using Monitor Session Commands |
477 |
Monitoring Dropped Packets Using show tcam interface Command |
477 |
Monitoring Dropped Packets Using VACL Capture |
478 |
Displaying Rate-Limiter Information |
479 |
Understanding How Control Plane Policing Works |
480 |
CoPP Default Configuration |
481 |
CoPP Configuration Guidelines and Restrictions |
481 |
Configuring CoPP |
482 |
Monitoring CoPP |
483 |
Defining Traffic Classification |
484 |
Traffic Classification Overview |
484 |
Traffic Classification Guidelines |
485 |
Sample Basic ACLs for CoPP Traffic Classification |
486 |
Configuring Sticky ARP |
487 |
Configuring DHCP Snooping |
489 |
Overview of DHCP Snooping |
489 |
DHCP Snooping Option-82 Data Insertion |
490 |
Overview of the DHCP Snooping Database Agent |
492 |
Default Configuration for DHCP Snooping |
493 |
DHCP Snooping Configuration Guidelines and Restrictions |
494 |
Configuring DHCP Snooping |
495 |
Enabling DHCP Snooping Globally |
495 |
Enabling DHCP Option-82 Data Insertion |
496 |
Enabling the DHCP Option 82 on Untrusted Port Feature |
496 |
Enabling DHCP Snooping MAC Address Verification |
497 |
Enabling DHCP Snooping on VLANs |
497 |
Configuring the DHCP Trust State on Layer 2 LAN Interfaces |
499 |
Configuring DHCP Snooping Rate Limiting on Layer 2 LAN Interfaces |
500 |
Configuring the DHCP Snooping Database Agent |
500 |
Configuration Examples for the Database Agent |
501 |
Example 1: Enabling the Database Agent |
501 |
Example 2: Reading Binding Entries from a TFTP File |
502 |
Example 3: Adding Information to the DHCP Snooping Database |
504 |
Displaying a Binding Table |
504 |
Configuring Dynamic ARP Inspection |
505 |
Understanding DAI |
505 |
Understanding ARP |
505 |
Understanding ARP Spoofing Attacks |
506 |
Understanding DAI and ARP Spoofing Attacks |
506 |
Interface Trust States and Network Security |
507 |
Rate Limiting of ARP Packets |
508 |
Relative Priority of ARP ACLs and DHCP Snooping Entries |
508 |
Logging of Dropped Packets |
508 |
Default DAI Configuration |
509 |
DAI Configuration Guidelines and Restrictions |
509 |
Configuring DAI |
510 |
Enabling DAI on VLANs |
511 |
Configuring the DAI Interface Trust State |
511 |
Applying ARP ACLs for DAI Filtering |
512 |
Configuring ARP Packet Rate Limiting |
513 |
Enabling DAI Error-Disabled Recovery |
514 |
Enabling Additional Validation |
515 |
Configuring DAI Logging |
516 |
DAI Logging Overview |
516 |
Configuring the DAI Logging Buffer Size |
517 |
Configuring the DAI Logging System Messages |
517 |
Configuring DAI Log Filtering |
518 |
Displaying DAI Information |
519 |
DAI Configuration Samples |
520 |
Sample One: Two Switches Support DAI |
520 |
Configuring Switch A |
520 |
Configuring Switch B |
522 |
Sample Two: One Switch Supports DAI |
524 |
Configuring Traffic Storm Control |
527 |
Understanding Traffic Storm Control |
527 |
Default Traffic Storm Control Configuration |
528 |
Configuration Guidelines and Restrictions |
529 |
Enabling Traffic Storm Control |
529 |
Displaying Traffic Storm Control Settings |
531 |
Configuring Unknown Unicast and Multicast Flood Blocking |
533 |
Understanding Unknown Traffic Flood Control |
533 |
Configuring UUFB or UMFB |
534 |
Configuring PFC QoS |
535 |
Understanding How PFC QoS Works |
536 |
Overview |
536 |
Component Overview |
539 |
Ingress LAN Port PFC QoS Features |
539 |
Flowchart of Ingress LAN Port PFC QoS Features |
540 |
Port Trust |
541 |
Ingress Congestion Avoidance |
541 |
PFC QoS Features |
541 |
Supported Policy Feature Cards |
541 |
PFC QoS Feature List and Flowchart |
542 |
Internal DSCP Values |
544 |
Initial Internal DSCP Value |
544 |
Final Internal DSCP Value |
544 |
Port-Based PFC QoS and VLAN-Based PFC QoS |
545 |
PFC QoS Egress Port Features |
545 |
Flowchart of PFC QoS Egress LAN Port Features |
546 |
Egress CoS Values |
546 |
Egress DSCP Mutation with a PFC3B |
546 |
Egress ToS Byte |
547 |
Egress PFC QoS Interfaces |
547 |
Egress ACL Support for Remarked DSCP |
547 |
Understanding Classification and Marking |
548 |
Classification and Marking at Trusted and Untrusted Ingress Ports |
548 |
Classification and Marking at Untrusted Ingress Ports |
548 |
Ingress Classification and Marking at Trusted Ports |
548 |
Ingress Classification and Marking at Trust CoS LAN Ports |
549 |
Ingress Classification and Marking at Trust IP Precedence Ports |
549 |
Ingress Classification and Marking at Trust DSCP Ports |
549 |
Classification and Marking on the PFC3B Using Service Policies and Policy Maps |
549 |
Classification and Marking on the PISA |
550 |
Policers |
551 |
Overview of Policers |
551 |
Aggregate Policers |
552 |
Microflow Policers |
552 |
Understanding Port-Based Queue Types |
553 |
Ingress and Egress Buffers and Layer 2 CoS-Based Queues |
554 |
Ingress Queue Types |
555 |
Egress Queue Types |
556 |
Module to Queue Type Mappings |
557 |
PFC QoS Default Configuration |
559 |
PFC QoS Global Settings |
560 |
Default Values with PFC QoS Enabled |
561 |
Receive-Queue Limits |
561 |
Transmit-Queue Limit s |
561 |
Bandwidth Allocation Ratios |
562 |
Default Drop-Threshold Percentages and CoS Value Mappings |
562 |
1q2t Receive Queues |
563 |
1q4t Receive Queues |
563 |
1p1q4t Receive Queues |
564 |
1p1q0t Receive Queues |
564 |
1p1q8t Receive Queues |
565 |
1q8t Receive Queues |
566 |
2q8t Receive Queues |
567 |
8q8t Receive Queues |
568 |
2q2t Transmit Queues |
568 |
1p2q2t Transmit Queues |
569 |
1p3q8t Transmit Queues |
570 |
1p7q8t Transmit Queues |
571 |
1p3q1t Transmit Queues |
572 |
1p2q1t Transmit Queues |
572 |
Default Values with PFC QoS Disabled |
572 |
PFC QoS Configuration Guidelines and Restrictions |
573 |
General Guidelines |
573 |
PFC3B Guidelines |
575 |
Class Map Command Restrictions |
576 |
Policy Map Command Restrictions |
576 |
Policy Map Class Command Restrictions |
576 |
Supported Granularity for CIR and PIR Rate Values |
576 |
Supported Granularity for CIR and PIR Token Bucket Sizes |
577 |
IP Precedence and DSCP Values |
578 |
Configuring PFC QoS |
578 |
Enabling PFC QoS Globally |
579 |
Enabling Ignore Port Trust |
580 |
Configuring DSCP Transparency |
580 |
Enabling Queueing-Only Mode |
581 |
Enabling Microflow Policing of Bridged Traffic |
582 |
Enabling VLAN-Based PFC QoS on Layer 2 LAN Ports |
582 |
Enabling Egress ACL Support for Remarked DSCP |
583 |
Creating Named Aggregate Policers |
584 |
Configuring a PFC QoS Policy |
586 |
PFC QoS Policy Configuration Overview |
587 |
Configuring MAC ACLs |
588 |
Configuring Protocol-Independent MAC ACL Filtering |
588 |
Enabling VLAN-Based MAC QoS Filtering |
589 |
Configuring MAC ACLs |
590 |
Configuring ARP ACLs for QoS Filtering |
591 |
Configuring a Class Map |
592 |
Creating a Class Map |
592 |
Class Map Filtering Guidelines and Restrictions |
592 |
Configuring Filtering in a Class Map |
593 |
Verifying Class Map Configuration |
594 |
Configuring a Policy Map |
595 |
Creating a Policy Map |
595 |
Policy Map Class Configuration Guidelines and Restrictions |
595 |
Creating a Policy Map Class and Configuring Filtering |
595 |
Configuring Policy Map Class Actions |
596 |
Configuring Policy Map Class Marking |
597 |
Configuring the Policy Map Class Trust State |
597 |
Configuring Policy Map Class Policing |
597 |
Using a Named Aggregate Policer |
598 |
Configuring a Per-Interface Policer |
598 |
Verifying Policy Map Configuration |
600 |
Attaching a Policy Map to an Interface |
601 |
Configuring Egress DSCP Mutation on a PFC3B |
602 |
Configuring Named DSCP Mutation Maps |
602 |
Attaching an Egress DSCP Mutation Map to an Interface |
603 |
Configuring Ingress CoS Mutation on IEEE 802.1Q Tunnel Ports |
604 |
Ingress CoS Mutation Configuration Guidelines and Restrictions |
604 |
Configuring Ingress CoS Mutation Maps |
605 |
Applying Ingress CoS Mutation Maps to IEEE 802.1Q Tunnel Ports |
606 |
Configuring DSCP Value Maps |
606 |
Mapping Received CoS Values to Internal DSCP Values |
607 |
Mapping Received IP Precedence Values to Internal DSCP Values |
607 |
Configuring DSCP Markdown Values |
608 |
Mapping Internal DSCP Values to Egress CoS Values |
609 |
Configuring the Trust State of Ethernet LAN Ports |
610 |
Configuring the Ingress LAN Port CoS Value |
612 |
Configuring Standard-Queue Drop Threshold Percentages |
612 |
Configuring a Tail-Drop Receive Queue |
613 |
Configuring a WRED-Drop Transmit Queue |
614 |
Configuring a WRED-Drop and Tail-Drop Receive Queue |
615 |
Configuring a WRED-Drop and Tail-Drop Transmit Queue |
615 |
Configuring 1q4t/2q2t Tail-Drop Threshold Percentages |
617 |
Mapping QoS Labels to Queues and Drop Thresholds |
618 |
Queue and Drop Threshold Mapping Guidelines and Restrictions |
618 |
Configuring CoS-Based Queue Mapping |
619 |
Mapping CoS Values to Standard Receive-Queue Thresholds |
619 |
Mapping CoS Values to Standard Transmit-Queue Thresholds |
620 |
Mapping CoS Values to Strict-Priority Queues |
620 |
Mapping CoS Values to Tail-Drop Thresholds on 1q4t/2q2t LAN Ports |
621 |
Allocating Bandwidth Between Standard Transmit Queues |
622 |
Setting the Receive-Queue Size Ratio |
624 |
Configuring the Transmit-Queue Size Ratio |
625 |
Common QoS Scenarios |
626 |
Sample Network Design Overview |
626 |
Access Layer |
626 |
Distribution and Core Interswitch Links |
626 |
Classifying Traffic from PCs and IP Phones in the Access Layer |
627 |
Identify the Voice Traffic from an IP Phone (VVLAN) |
628 |
Identify the Voice Signaling Traffic from an IP Phone (VVLAN) |
628 |
Identify the SAP Traffic from the PC (DVLAN) |
628 |
Accepting the Traffic Priority Value on Interswitch Links |
630 |
Prioritizing Traffic on Interswitch Links |
631 |
Using Policers to Limit the Amount of Traffic from a PC |
634 |
PFC QoS Glossary |
636 |
Configuring MPLS QoS |
639 |
Terminology |
640 |
MPLS QoS Features |
641 |
MPLS Experimental Field |
641 |
Trust |
641 |
Classification |
641 |
Policing and Marking |
642 |
Preserving IP ToS |
642 |
EXP Mutation |
642 |
MPLS DiffServ Tunneling Modes |
642 |
MPLS QoS Overview |
642 |
Specifying the QoS in the IP Precedence Field |
643 |
Mode MPLS QoS |
643 |
LERs at the Input Edge of an MPLS Network |
644 |
LSRs in the Core of an MPLS Network |
644 |
LERs at the Output Edge of an MPLS Network |
645 |
Understanding MPLS QoS |
645 |
LERs at the EoMPLS Edge |
646 |
Ethernet to MPLS |
646 |
MPLS to Ethernet |
647 |
LERs at the IP Edge (MPLS, MPLS VPN) |
647 |
IP to MPLS |
647 |
Classification for IP-to-MPLS |
647 |
Classification for IP-to-MPLS MPLS QoS |
648 |
Classification at IP-to-MPLS Ingress Port |
648 |
Classification at IP-to-MPLS Egress Port |
648 |
MPLS to IP |
648 |
Classification for MPLS-to-IP |
649 |
Classification for MPLS-to-IP MPLS QoS |
649 |
Classification at MPLS-to-IP Ingress Port |
649 |
Classification at MPLS-to-IP Egress Port |
650 |
MPLS VPN |
650 |
LSRs at the MPLS Core |
651 |
MPLS to MPLS |
651 |
Classification for MPLS-to-MPLS |
651 |
Classification for MPLS-to-MPLS QoS |
652 |
Classification at MPLS-to-MPLS Ingress Port |
652 |
Classification at MPLS-to-MPLS Egress Port |
652 |
MPLS QoS Default Configuration |
653 |
MPLS QoS Commands |
654 |
MPLS QoS Restrictions and Guidelines |
655 |
Configuring MPLS QoS |
655 |
Enabling QoS Globally |
656 |
Enabling Queueing-Only Mode |
657 |
Restrictions and Usage Guidelines |
657 |
Configuring a Class Map to Classify MPLS Packets |
658 |
Restrictions and Usage Guidelines |
660 |
Configuring the MPLS Packet Trust State on Ingress Ports |
660 |
Restrictions and Usage Guidelines |
660 |
Configuring a Policy Map |
661 |
Configuring a Policy Map to Set the EXP Value on All Imposed Labels |
661 |
EXP Value Imposition Guidelines and Restrictions |
662 |
Configuring a Policy Map Using the Police Command |
663 |
Restrictions and Usage Guidelines |
665 |
Displaying a Policy Map |
665 |
Displaying a MPLS QoS Policy Map Class Summary |
665 |
Displaying the Configuration of All Classes |
666 |
Configuring MPLS QoS Egress EXP Mutation |
666 |
Configuring Named EXP Mutation Maps |
667 |
Attaching an Egress EXP Mutation Map to an Interface |
667 |
Configuring EXP Value Maps |
668 |
Configuring an Ingress-EXP to Internal-DSCP Map |
668 |
Configuring a Named Egress-DSCP to Egress-EXP Map |
668 |
MPLS DiffServ Tunneling Modes |
669 |
Short Pipe Mode |
669 |
Short Pipe Mode Restrictions and Guidelines |
670 |
Uniform Mode |
670 |
Uniform Mode Restrictions and Guidelines |
672 |
MPLS DiffServ Tunneling Restrictions and Usage Guidelines |
672 |
Configuring Short Pipe Mode |
672 |
Ingress PE Router-Customer Facing Interface |
672 |
Configuration Example |
673 |
Configuring Ingress PE Router-P Facing Interface |
673 |
Configuration Example |
674 |
Configuring the P Router-Output Interface |
675 |
Configuration Example |
675 |
Configuring the Egress PE Router-Customer Facing Interface |
676 |
Configuration Example |
676 |
Configuring Uniform Mode |
677 |
Configuring the Ingress PE Router-Customer Facing Interface |
677 |
Configuration Example |
678 |
Configuring the Ingress PE Router-P Facing Interface |
678 |
Configuration Example |
679 |
Configuring the Egress PE Router-Customer Facing Interface |
679 |
Configuration Example |
680 |
Configuring PFC QoS Statistics Data Export |
681 |
Understanding PFC QoS Statistics Data Export |
681 |
PFC QoS Statistics Data Export Default Configuration |
682 |
Configuring PFC QoS Statistics Data Export |
682 |
Enabling PFC QoS Statistics Data Export Globally |
682 |
Enabling PFC QoS Statistics Data Export for a Port |
683 |
Enabling PFC QoS Statistics Data Export for a Named Aggregate Policer |
684 |
Enabling PFC QoS Statistics Data Export for a Class Map |
685 |
Setting the PFC QoS Statistics Data Export Time Interval |
686 |
Configuring PFC QoS Statistics Data Export Destination Host and UDP Port |
687 |
Setting the PFC QoS Statistics Data Export Field Delimiter |
689 |
Configuring Network Admission Control |
691 |
Understanding NAC |
691 |
NAC Overview |
692 |
NAC Device Roles |
692 |
AAA Down Policy |
693 |
NAC Layer 2 IP Validation |
694 |
Posture Validation |
694 |
Exception Lists |
695 |
EoU Bypass |
695 |
EAPoUDP Sessions |
695 |
Cisco Secure ACS and AV Pairs |
696 |
Audit Servers |
697 |
ACLs |
698 |
NAC Timers |
698 |
Hold Timer |
698 |
Idle Timer |
699 |
Retransmission Timer |
700 |
Revalidation Timer |
700 |
Status-Query Timer |
700 |
NAC Layer 2 IP Validation and Redundant Supervisor Engines |
700 |
NAC Layer 2 IP Validation and RPR Redundancy |
701 |
AAA Down Policy for NAC Layer 2 IP Validation |
701 |
Configuring NAC |
701 |
Default NAC Configuration |
701 |
NAC Layer 2 IP Guidelines, Limitations, and Restrictions |
701 |
Configuring NAC Layer 2 IP Validation |
703 |
Configuring EAPoUDP |
706 |
Configuring Identity Profiles and Policies |
707 |
Configuring a NAC AAA Down Policy |
707 |
Monitoring and Maintaining NAC |
711 |
Clearing Table Entries |
711 |
Displaying NAC Information |
711 |
Configuring IEEE 802.1X Port-Based Authentication |
713 |
Understanding 802.1X Port-Based Authentication |
713 |
Device Roles |
714 |
Authentication Initiation and Message Exchange |
715 |
Ports in Authorized and Unauthorized States |
716 |
Supported Topologies |
716 |
Default 802.1X Port-Based Authentication Configuration |
717 |
802.1X Port-Based Authentication Guidelines and Restrictions |
718 |
Configuring 802.1X Port-Based Authentication |
719 |
Enabling 802.1X Port-Based Authentication |
719 |
Configuring Switch-to-RADIUS-Server Communication |
720 |
Enabling Periodic Reauthentication |
722 |
Manually Reauthenticating the Client Connected to a Port |
723 |
Initializing Authentication for the Client Connected to a Port |
723 |
Changing the Quiet Period |
723 |
Changing the Switch-to-Client Retransmission Time |
724 |
Setting the Switch-to-Client Retransmission Time for EAP-Request Frames |
725 |
Setting the Switch-to-Authentication-Server Retransmission Time for Layer 4 Packets |
725 |
Setting the Switch-to-Client Frame Retransmission Number |
726 |
Enabling Multiple Hosts |
726 |
Resetting the 802.1X Configuration to the Default Values |
727 |
Displaying 802.1X Status |
727 |
Configuring Port Security |
729 |
Understanding Port Security |
729 |
Port Security with Dynamically Learned and Static MAC Addresses |
729 |
Port Security with Sticky MAC Addresses |
730 |
Default Port Security Configuration |
731 |
Port Security Guidelines and Restrictions |
731 |
Configuring Port Security |
732 |
Enabling Port Security |
732 |
Enabling Port Security on a Trunk |
732 |
Enabling Port Security on an Access Port |
733 |
Configuring the Port Security Violation Mode on a Port |
734 |
Configuring the Maximum Number of Secure MAC Addresses on a Port |
735 |
Enabling Port Security with Sticky MAC Addresses on a Port |
736 |
Configuring a Static Secure MAC Address on a Port |
737 |
Configuring Secure MAC Address Aging on a Port |
738 |
Configuring the Secure MAC Address Aging Type on a Port |
738 |
Configuring Secure MAC Address Aging Time on a Port |
739 |
Displaying Port Security Settings |
739 |
Configuring CDP |
741 |
Understanding How CDP Works |
741 |
Configuring CDP |
741 |
Enabling CDP Globally |
742 |
Displaying the CDP Global Configuration |
742 |
Enabling CDP on a Port |
742 |
Displaying the CDP Interface Configuration |
743 |
Monitoring and Maintaining CDP |
743 |
Configuring UDLD |
745 |
Understanding How UDLD Works |
745 |
UDLD Overview |
745 |
UDLD Aggressive Mode |
746 |
Default UDLD Configuration |
747 |
Configuring UDLD |
747 |
Enabling UDLD Globally |
747 |
Enabling UDLD on Individual LAN Interfaces |
748 |
Disabling UDLD on Fiber-Optic LAN Interfaces |
748 |
Configuring the UDLD Probe Message Interval |
749 |
Resetting Disabled LAN Interfaces |
749 |
Configuring NDE |
751 |
Understanding NDE |
751 |
NDE Overview |
751 |
NDE on the PISA |
752 |
NDE on the PFC3B |
752 |
NDE Flow Mask |
752 |
Additional NDE Fields |
753 |
NDE Versions |
753 |
Exporting NetFlow Data |
757 |
NetFlow Sampling |
757 |
NetFlow Traffic Sampling |
757 |
NetFlow Flow Sampling |
758 |
Packet-based NetFlow Flow Sampling |
758 |
Time-based Netflow Flow Sampling |
759 |
Default NDE Configuration |
760 |
NDE Configuration Guidelines and Restrictions |
760 |
Configuring NDE |
760 |
Configuring NDE on the PFC3B |
761 |
Enabling NDE From the PFC3B |
761 |
Populating Additional NDE Fields |
761 |
Configuring NetFlow Flow Sampling |
762 |
Configuring NetFlow Flow Sampling Globally |
762 |
Configuring NetFlow Flow Sampling on a Layer 3 Interface |
762 |
Configuring NDE on the PISA |
763 |
Configuring the PISA NDE Source Layer 3 Interface |
763 |
Configuring the NDE Destination |
764 |
Configuring NetFlow Sampling |
764 |
Enabling NDE for Ingress-Bridged IP Traffic |
764 |
Displaying the NDE Address and Port Configuration |
765 |
Configuring NDE Flow Filters |
766 |
NDE Flow Filter Overview |
766 |
Configuring a Port Flow Filter |
766 |
Configuring a Host and Port Filter |
767 |
Configuring a Host Flow Filter |
767 |
Configuring a Protocol Flow Filter |
767 |
Displaying the NDE Configuration |
768 |
Configuring NetFlow |
769 |
Understanding NetFlow |
769 |
NetFlow Overview |
769 |
NetFlow on the PISA |
770 |
NetFlow on the PFC3B |
770 |
Flow Masks |
771 |
Flow Mask Conflicts |
772 |
Default NetFlow Configuration |
773 |
NetFlow Configuration Guidelines and Restrictions |
773 |
Configuring NetFlow |
774 |
Configuring NetFlow on the PFC3B |
774 |
NetFlow PFC3B Commands Summary |
774 |
Enabling NetFlow on the PFC3B |
775 |
Setting the Minimum IP MLS Flow Mask |
775 |
Configuring the MLS Aging Time |
775 |
Configuring NetFlow Aggregation on the PFC3B |
777 |
Enabling NetFlow for Ingress-Bridged IP Traffic |
777 |
Enabling NetFlow for Multicast IP Traffic |
778 |
Displaying PFC3B NetFlow Information |
778 |
Configuring NetFlow on the PISA |
778 |
Summary of NetFlow Commands on the PISA |
778 |
Enabling NetFlow on the PISA |
779 |
Configuring NetFlow Aggregation on the PISA |
779 |
Enabling NetFlow for Ingress-Bridged IP Traffic |
779 |
Enabling NetFlow for Multicast IP Traffic |
780 |
Configuring Local SPAN, RSPAN, and ERSPAN |
781 |
Understanding How Local SPAN, RSPAN, and ERSPAN Work |
781 |
Local SPAN, RSPAN, and ERSPAN Overview |
781 |
Local SPAN Overview |
782 |
RSPAN Overview |
782 |
ERSPAN Overview |
783 |
Monitored Traffic |
784 |
Monitored Traffic Direction |
784 |
Monitored Traffic |
784 |
Duplicate Traffic |
784 |
Local SPAN, RSPAN, and ERSPAN Sources |
785 |
Source Ports |
785 |
Source VLANs |
785 |
Local SPAN, RSPAN, and ERSPAN Destination Ports |
785 |
Local SPAN, RSPAN, and ERSPAN Configuration Guidelines and Restrictions |
786 |
Feature Incompatiblities |
786 |
Local SPAN, RSPAN, and ERSPAN Session Limits |
787 |
Local SPAN, RSPAN, and ERSPAN Guidelines and Restrictions |
787 |
VSPAN Guidelines and Restrictions |
788 |
RSPAN Guidelines and Restrictions |
789 |
ERSPAN Guidelines and Restrictions |
789 |
Configuring Local SPAN, RSPAN, and ERSPAN |
791 |
Configuring Destination Port Permit Lists (Optional) |
791 |
Configuring Local SPAN |
792 |
Configuring RSPAN |
793 |
Configuring RSPAN VLANs |
793 |
Configuring RSPAN Source Sessions |
794 |
Configuring RSPAN Destination Sessions |
795 |
Configuring ERSPAN |
796 |
Configuring ERSPAN Source Sessions |
796 |
Configuring ERSPAN Destination Sessions |
798 |
Configuring Source VLAN Filtering for Local SPAN and RSPAN |
800 |
Configuring a Destination Port as an Unconditional Trunk |
801 |
Configuring Destination Trunk Port VLAN Filtering |
801 |
Verifying the Configuration |
803 |
Configuration Examples |
803 |
Configuring SNMP IfIndex Persistence |
805 |
Understanding SNMP IfIndex Persistence |
805 |
Configuring SNMP IfIndex Persistence |
806 |
Enabling SNMP IfIndex Persistence Globally |
806 |
Disabling SNMP IfIndex Persistence Globally |
806 |
Enabling and Disabling SNMP IfIndex Persistence on Specific Interfaces |
806 |
Clearing SNMP IfIndex Persistence Configuration from a Specific Interface |
807 |
Power Management and Environmental Monitoring |
809 |
Understanding How Power Management Works |
809 |
Enabling or Disabling Power Redundancy |
810 |
Powering Modules Off and On |
811 |
Viewing System Power Status |
812 |
Power Cycling Modules |
813 |
Power Cycling Power Supplies |
813 |
Determining System Power Requirements |
813 |
Determining System Hardware Capacity |
813 |
Determining Sensor Temperature Threshold |
817 |
Understanding How Environmental Monitoring Works |
818 |
Monitoring System Environmental Status |
818 |
Understanding LED Environmental Indications |
820 |
Configuring Online Diagnostics |
823 |
Understanding How Online Diagnostics Work |
823 |
Configuring Online Diagnostics |
824 |
Setting Bootup Online Diagnostics Level |
824 |
Configuring On-Demand Online Diagnostics |
825 |
Scheduling Online Diagnostics |
826 |
Configuring Health-Monitoring Diagnostics |
827 |
Running Online Diagnostic Tests |
828 |
Starting and Stopping Online Diagnostic Tests |
828 |
Displaying Online Diagnostic Tests and Test Results |
828 |
Schedule Switchover |
832 |
Performing Memory Tests |
832 |
Using Top-N Reports |
833 |
Understanding Top-N Reports |
833 |
Top-N Reports Overview |
833 |
Understanding Top-N Reports Operation |
834 |
Using Top-N Reports |
834 |
Enabling Top-N Reports Creation |
835 |
Displaying Top-N Reports |
835 |
Clearing Top-N Reports |
836 |
Using the Layer 2 Traceroute Utility |
837 |
Understanding the Layer 2 Traceroute Utility |
837 |
Usage Guidelines |
837 |
Using the Layer 2 Traceroute Utility |
838 |
Online Diagnostic Tests |
841 |
Global Health-Monitoring Tests |
841 |
TestSPRPInbandPing |
841 |
TestSPNPInbandPing |
842 |
TestScratchRegister |
843 |
Per-Port Tests |
843 |
TestNonDisruptiveLoopback |
843 |
TestLoopback |
844 |
TestActiveToStandbyLoopback |
844 |
TestTransceiverIntegrity |
845 |
TestNetflowInlineRewrite |
845 |
PFC Layer 2 Forwarding Engine Tests |
846 |
TestNewIndexLearn |
846 |
TestDontConditionalLearn |
847 |
TestBadBpduTrap |
847 |
TestMatchCapture |
848 |
TestStaticEntry |
849 |
PFC Layer 3 Forwarding Engine Tests |
849 |
TestFibDevices |
850 |
TestIPv4FibShortcut |
850 |
TestIPv6FibShortcut |
851 |
TestMPLSFibShortcut |
851 |
TestNATFibShortcut |
852 |
TestL3Capture2 |
852 |
TestAclPermit |
853 |
TestAclDeny |
853 |
TestNetflowShortcut |
854 |
TestQoS |
854 |
Replication Engine Tests |
854 |
TestL3VlanMet |
855 |
TestIngressSpan |
855 |
TestEgressSpan |
856 |
Exhaustive Memory Tests |
856 |
TestFibTcamSSRAM |
856 |
TestAsicMemory |
857 |
TestAclQosTcam |
857 |
TestNetflowTcam |
858 |
TestQoSTcam |
858 |
IPSEC Services Modules Tests |
859 |
TestIPSecClearPkt |
859 |
TestHapiEchoPkt |
859 |
TestIPSecEncryptDecryptPkt |
860 |
Stress Tests |
860 |
TestTrafficStress |
860 |
TestEobcStressPing |
861 |
Critical Recovery Test-TestL3HealthMonitoring |
861 |
General Tests |
862 |
ScheduleSwitchover |
862 |
TestFirmwareDiagStatus |
862 |
Acronyms |
863 |