Section |
Page |
About this Guide |
35 |
Objectives |
35 |
Audience |
35 |
Conventions |
36 |
Information Symbols |
36 |
Related Documents |
36 |
Configuration Fundamentals |
37 |
Accessing the Command Line |
37 |
CLI Modes |
38 |
Navigating CLI Modes |
39 |
The do Command |
42 |
Undoing Commands |
42 |
Obtaining Help |
43 |
Entering and Editing Commands |
43 |
Command History |
44 |
Filtering show Command Outputs |
45 |
Multiple Users in Configuration mode |
46 |
Getting Started |
47 |
Default Configuration |
48 |
Configure a Host Name |
49 |
Access the System Remotely |
49 |
Access the C-Series and E-Series Remotely |
49 |
Configure the Management Port IP Address |
50 |
Configure a Management Route |
50 |
Configure a Username and Password |
50 |
Access the S-Series Remotely |
51 |
Configure the Enable Password |
52 |
Configuration File Management |
52 |
Copy Files to and from the System |
53 |
Important Points to Remember |
53 |
Save the Running-configuration |
54 |
View Files |
55 |
View Configuration Files |
56 |
File System Management |
57 |
View command history |
58 |
Upgrading and Downgrading FTOS |
58 |
System Management |
59 |
Configure Privilege Levels |
59 |
Create a Custom Privilege Level |
59 |
Removing a command from EXEC mode |
60 |
Move a command from EXEC Privilege mode to EXEC mode |
60 |
Allow Access to CONFIGURATION mode commands |
60 |
Allow Access to INTERFACE, LINE, ROUTE-MAP, and ROUTER mode |
60 |
Apply a Privilege Level to a Username |
63 |
Apply a Privilege Level to a Terminal Line |
63 |
Configure Logging |
63 |
Log Messages in the Logging Buffer |
64 |
Configuration Task List for System Log Management |
64 |
Disable System Logging |
64 |
Send System Messages to a Syslog Server |
65 |
Configure a Unix System as a Syslog Server |
65 |
Change System Logging Settings |
65 |
Display the Logging Buffer and the Logging Configuration |
66 |
Configure a UNIX Logging Facility Level |
68 |
Synchronize Log Messages |
69 |
Enable Timestamp on Syslog Messages |
69 |
File Transfer Services |
70 |
Configuration Task List for File Transfer Services |
70 |
Enable FTP server |
70 |
Configure FTP server parameters |
70 |
Configure FTP client parameters |
71 |
Terminal Lines |
71 |
Deny and Permit Access to a Terminal Line |
71 |
Configure Login Authentication for Terminal Lines |
72 |
Time out of EXEC Privilege Mode |
73 |
Telnet to Another Network Device |
74 |
Lock CONFIGURATION mode |
74 |
Viewing the Configuration Lock Status |
75 |
Recovering from a Forgotten Password |
76 |
Recovering from a Forgotten Enable Password |
77 |
Recovering from a Forgotten Password on S-Series |
78 |
Recovering from a Failed Start |
79 |
802.1ag |
81 |
Ethernet CFM |
81 |
Maintenance Domains |
82 |
Maintenance Points |
82 |
Maintenance End Points |
83 |
Implementation Information |
84 |
Configure CFM |
84 |
Related Configuration Tasks |
84 |
Enable Ethernet CFM |
85 |
Create a Maintenance Domain |
85 |
Create a Maintenance Association |
86 |
Create Maintenance Points |
86 |
Create a Maintenance End Point |
86 |
Create a Maintenance Intermediate Point |
87 |
MP Databases |
87 |
MP Database Persistence |
88 |
Continuity Check Messages |
89 |
Enable CCM |
90 |
Enable Cross-checking |
90 |
Loopback Message and Response |
90 |
Linktrace Message and Response |
90 |
Link Trace Cache |
91 |
Enable CFM SNMP Traps. |
92 |
Display Ethernet CFM Statistics |
93 |
802.3ah |
95 |
Link Layer OAM Overview |
95 |
Link Layer OAMPDUs |
96 |
OAMPDU Flags |
96 |
Link Layer OAM Operational Modes |
97 |
Link Layer OAM Discovery |
97 |
Link Layer OAM Events |
98 |
Remote Loopback |
98 |
Implementation Information |
98 |
Configure Link Layer OAM |
99 |
Related Configuration Tasks |
99 |
Enable Link Layer OAM |
99 |
Adjust the OAMPDU Transmission Parameters |
101 |
Link Performance Event Monitoring |
101 |
Enable Error Monitoring |
101 |
Set Threshold Values |
102 |
Symbol Errors per Second |
102 |
Frame Errors per Second |
103 |
Frame Errors per Frame Period |
103 |
Error Seconds per Time Period |
103 |
Execute an Action upon Exceeding the High Threshold |
104 |
Remote Failure Indication |
104 |
Remote Loopback |
105 |
Display Link Layer OAM Configuration and Statistics |
106 |
Manage Link Layer OAM |
108 |
Enable MIB Retrieval Support/Function |
108 |
Adjust the Size of the Link OAM Event Log |
108 |
802.1X |
109 |
Protocol Overview |
109 |
The Port-authentication Process |
111 |
EAP over RADIUS |
112 |
RADIUS Attributes for 802.1 Support |
113 |
Configuring 802.1X |
113 |
Related Configuration Tasks |
113 |
Important Points to Remember |
114 |
Enabling 802.1X |
114 |
Configuring Request Identity Re-transmissions |
116 |
Configuring a Quiet Period after a Failed Authentication |
116 |
Forcibly Authorizing or Unauthorizing a Port |
117 |
Re-Authenticating a Port |
118 |
Periodic Re-Authentication |
118 |
Configuring Timeouts |
119 |
Dynamic VLAN Assignment with Port Authentication |
121 |
Guest and Authentication-Fail VLANs |
123 |
Configuring a Guest VLAN |
123 |
Configuring an Authentication-Fail VLAN |
124 |
Multi-Host Authentication |
125 |
Multi-Supplicant Authentication |
127 |
MAC Authentication Bypass |
129 |
MAB in Single-host and Multi-Host Mode |
130 |
MAB in Multi-Supplicant Authentication Mode |
130 |
Dynamic CoS with 802.1X |
132 |
IP Access Control Lists (ACL), Prefix Lists, and Route-maps |
135 |
Overview |
135 |
IP Access Control Lists (ACLs) |
136 |
CAM Profiling, CAM Allocation, and CAM Optimization |
136 |
CAM Profiling |
137 |
User Configurable CAM Allocation |
138 |
CAM optimization |
138 |
Test CAM Usage |
138 |
Implementing ACLs on FTOS |
139 |
ACLs and VLANs |
139 |
ACL Optimization |
139 |
Determine the order in which ACLs are used to classify traffic |
140 |
IP Fragment Handling |
140 |
IP fragments ACL examples |
141 |
Layer 4 ACL rules examples |
141 |
Configure a standard IP ACL |
142 |
Configure an extended IP ACL |
145 |
Configure filters with sequence number |
145 |
Configure filters without sequence number |
147 |
Established Flag |
148 |
Configuring Layer 2 and Layer 3 ACLs on an Interface |
148 |
Assign an IP ACL to an Interface |
149 |
Counting ACL Hits |
150 |
Configuring Ingress ACLs |
151 |
Configuring Egress ACLs |
151 |
Egress Layer 3 ACL Lookup for Control-plane IP Traffic |
152 |
Configuring ACLs to Loopback |
153 |
Applying an ACL on Loopback Interfaces |
153 |
IP Prefix Lists |
155 |
Implementation Information |
155 |
Configuration Task List for Prefix Lists |
155 |
Configure a prefix list |
156 |
Use a prefix list for route redistribution |
158 |
ACL Resequencing |
159 |
Resequencing an ACL or Prefix List |
160 |
Route Maps |
162 |
Implementation Information |
162 |
Important Points to Remember |
163 |
Configuration Task List for Route Maps |
163 |
Create a route map |
163 |
Configure route map filters |
165 |
Configure a route map for route redistribution |
168 |
Configure a route map for route tagging |
169 |
Continue clause |
169 |
Bidirectional Forwarding Detection |
171 |
Protocol Overview |
171 |
How BFD Works |
172 |
BFD packet format |
172 |
BFD sessions |
175 |
BFD three-way handshake |
175 |
Session state changes |
176 |
Important Points to Remember |
177 |
Configuring Bidirectional Forwarding Detection |
177 |
Configuring BFD for Physical Ports |
178 |
Related configuration tasks |
178 |
Enabling BFD globally |
178 |
Establishing a session on physical ports |
178 |
Changing physical port session parameters |
180 |
Disabling and re-enabling BFD |
181 |
Configuring BFD for Static Routes |
182 |
Related configuration tasks |
182 |
Establishing sessions for static routes |
182 |
Changing static route session parameters |
183 |
Disabling BFD for static routes |
183 |
Configuring BFD for OSPF |
184 |
Related configuration tasks |
184 |
Establishing sessions with OSPF neighbors |
184 |
Changing OSPF session parameters |
186 |
Disabling BFD for OSPF |
186 |
Configuring BFD for BGP |
187 |
Prerequisites |
187 |
Establishing sessions with BGP neighbors |
187 |
Disabling BFD for BGP |
189 |
Using BFD in a BGP Peer Group |
189 |
Displaying BFD for BGP Information |
190 |
Configuring BFD for IS-IS |
195 |
Related configuration tasks |
195 |
Establishing sessions with IS-IS neighbors |
195 |
Changing IS-IS session parameters |
196 |
Disabling BFD for IS-IS |
197 |
Configuring BFD for VRRP |
197 |
Related configuration tasks |
197 |
Establishing sessions with all VRRP neighbors |
197 |
Establishing VRRP sessions on VRRP neighbors |
198 |
Changing VRRP session parameters |
199 |
Disabling BFD for VRRP |
200 |
Configuring BFD for VLANs |
200 |
Related configuration tasks |
201 |
Establishing sessions with VLAN neighbors |
201 |
Changing session parameters |
202 |
Disabling BFD for VLANs |
202 |
Configuring BFD for Port-Channels |
203 |
Related configuration tasks |
203 |
Establishing sessions on port-channels |
203 |
Changing port-channel session parameters |
204 |
Disabling BFD for port-channels |
204 |
Configuring Protocol Liveness |
205 |
Troubleshooting BFD |
205 |
Border Gateway Protocol IPv4 (BGPv4) |
207 |
Protocol Overview |
208 |
Autonomous Systems (AS) |
208 |
Sessions and Peers |
210 |
Establishing a session |
210 |
Peer Groups |
211 |
Route Reflectors |
211 |
Confederations |
212 |
Communities |
212 |
BGP Attributes |
213 |
Best Path Selection Criteria |
213 |
Best Path selection details |
214 |
Weight |
216 |
Local Preference |
216 |
Multi-Exit Discriminators (MEDs) |
216 |
Origin |
217 |
AS Path |
218 |
Next Hop |
219 |
Multiprotocol BGP |
219 |
Implementing BGP with FTOS |
219 |
Advertise IGP cost as MED for redistributed routes |
219 |
Ignore Router-ID for some best-path calculations |
220 |
4-Byte AS Numbers |
220 |
AS4 Number Representation |
221 |
Dynamic AS Number Notation application |
222 |
AS Number Migration |
223 |
BGP4 Management Information Base (MIB) |
225 |
Important Points to Remember |
225 |
Configuration Information |
226 |
BGP Configuration |
227 |
Defaults |
227 |
Configuration Task List for BGP |
227 |
Enable BGP |
228 |
Configure AS4 Number Representations |
232 |
Configure Peer Groups |
234 |
BGP fast fall-over |
237 |
Configure passive peering |
240 |
Maintain existing AS numbers during an AS migration |
241 |
Allow an AS number to appear in its own AS path |
242 |
Enable graceful restart |
243 |
Filter on an AS-Path attribute |
245 |
Redistribute routes |
248 |
Configure IP community lists |
249 |
Manipulate the COMMUNITY attribute |
252 |
Change MED attribute |
253 |
Change LOCAL_PREFERENCE attribute |
254 |
Change NEXT_HOP attribute |
255 |
Change WEIGHT attribute |
255 |
Enable multipath |
256 |
Filter BGP routes |
256 |
Configure BGP route reflectors |
259 |
Aggregate routes |
260 |
Configure BGP confederations |
260 |
Enable route flap dampening |
261 |
Change BGP timers |
265 |
BGP neighbor soft-reconfiguration |
265 |
Route map continue |
267 |
MBGP Configuration |
268 |
BGP Regular Expression Optimization |
269 |
Retain NH in BGP Advertisement |
269 |
Debugging BGP |
269 |
Storing Last and Bad PDUs |
270 |
Capturing PDUs |
271 |
PDU Counters |
273 |
Sample Configurations |
273 |
Content Addressable Memory |
283 |
Content Addressable Memory |
284 |
CAM Profiles |
284 |
Microcode |
286 |
CAM Profiling for ACLs |
287 |
Boot Behavior |
288 |
When to Use CAM Profiling |
289 |
Important Points to Remember |
290 |
Differences Between EtherScale and TeraScale |
290 |
Select CAM Profiles |
290 |
CAM Allocation |
291 |
Test CAM Usage |
292 |
View CAM Profiles |
293 |
View CAM-ACL settings |
293 |
View CAM Usage |
294 |
Configure IPv4Flow Sub-partitions |
295 |
Configure Ingress Layer 2 ACL Sub-partitions |
297 |
Return to the Default CAM Configuration |
299 |
CAM Optimization |
300 |
Applications for CAM Profiling |
300 |
LAG Hashing |
300 |
LAG Hashing based on Bidirectional Flow |
301 |
CAM profile for the VLAN ACL group feature |
301 |
Troubleshoot CAM Profiling |
301 |
CAM Profile Mismatches |
301 |
QoS CAM Region Limitation |
302 |
Content Addressable Memory for ExaScale |
303 |
Content Addressable Memory |
303 |
Static Random Access Memory |
304 |
CAM-profile templates |
304 |
Default CAM-profile |
305 |
Recommended CAM-profile templates |
306 |
CAM/SRAM region minimums and maximums |
307 |
Microcode |
308 |
Boot Behavior |
309 |
Select a CAM-profile template |
310 |
Select pre-defined CAM-profile template |
310 |
Create new CAM-profile |
312 |
Assign a microcode to the CAM-profile template |
313 |
Validate CAM-profile templates |
313 |
Show CAM-profile templates |
313 |
Configuration Replace and Rollback |
317 |
Archived Files |
317 |
Configuring Configuration Replace and Rollback |
318 |
Related Configuration Tasks |
318 |
Important Points to Remember |
318 |
Enabling the Archive Service |
318 |
Archiving a Configuration File |
319 |
Viewing the Archive Directory |
319 |
Replacing the Current Running Configuration |
319 |
Rolling Back to the Previous Configuration |
320 |
Configuring an Archive File Maximum |
321 |
Configuring Auto-archive |
322 |
Copying and Deleting an Archive File |
323 |
Viewing and Editing the Contents of an Archive File |
323 |
Viewing the Difference between Configuration Files |
324 |
Dynamic Host Configuration Protocol |
327 |
Protocol Overview |
327 |
DHCP Packet Format and Options |
328 |
Assigning an IP Address using DHCP |
329 |
Implementation Information |
330 |
Configuration Tasks |
330 |
Configure the System to be a DHCP Server |
330 |
Configuration Tasks |
331 |
Related Configuration Tasks |
331 |
Configure the Server for Automatic Address Allocation |
331 |
Create an IP Address Pool |
331 |
Exclude Addresses from the Address Pool |
332 |
Specify an Address Lease Time |
332 |
Specify a Default Gateway |
332 |
Enable DHCP Server |
333 |
Configure a Method of Hostname Resolution |
333 |
Address Resolution using DNS |
333 |
Address Resolution using NetBIOS WINS |
334 |
Allocate Addresses to BOOTP Clients |
334 |
Create Manual Binding Entries |
334 |
Check for Address Conflicts |
335 |
DHCP Clear Commands |
336 |
Configure the System to be a Relay Agent |
336 |
Configure Secure DHCP |
337 |
Option 82 |
338 |
DHCP Snooping |
338 |
Enable DCHP snooping |
339 |
Add a static entry in the binding table |
340 |
Clear the binding table |
340 |
Display the contents of the binding table |
340 |
Drop DHCP packets on snooped VLANs only |
341 |
Dynamic ARP Inspection |
341 |
Bypass the ARP Inspection |
343 |
Source Address Validation |
343 |
IP Source Address Validation |
344 |
DHCP MAC Source Address Validation |
344 |
IP+MAC Source Address Validation |
344 |
Equal Cost Multi-Path |
347 |
ECMP for Flow-based Affinity (E-Series) |
347 |
Configurable Hash Algorithm (E-Series) |
347 |
Deterministic ECMP Next Hop |
348 |
Configurable Hash Algorithm Seed |
348 |
Configurable ECMP Hash Algorithm (C- and S-Series) |
350 |
Force10 Resilient Ring Protocol |
351 |
Protocol Overview |
351 |
Ring Status |
352 |
Ring Checking |
352 |
Ring Failure |
353 |
Ring Restoration |
353 |
Multiple FRRP Rings |
353 |
Member VLAN Spanning Two Rings Connected by One Switch |
353 |
Important FRRP Points |
354 |
Important FRRP Concepts |
355 |
Implementing FRRP |
356 |
FRRP Configuration |
357 |
Create the FRRP group |
357 |
Configure the Control VLAN |
357 |
Configure and add the Member VLANs |
359 |
Set FRRP Timers |
360 |
Clear FRRP counters |
360 |
Show FRRP configuration |
361 |
Show FRRP information |
361 |
Troubleshooting FRRP |
361 |
Configuration Checks |
361 |
Sample Configuration and Topology |
361 |
Force10 Service Agent |
363 |
Implementation Information |
363 |
Configure Force10 Service Agent |
364 |
Related Configuration Tasks |
364 |
Enable Force10 Service Agent |
364 |
Specify an SMTP Server for FTSA |
365 |
Provide an Administrator E-mail Address |
365 |
FTSA Messaging Service |
366 |
Enable the FTSA Messaging Service |
366 |
Add Additional Recipients of FTSA E-mails |
367 |
Encrypt FTSA Messages |
368 |
Create a PGP5 encryption key |
369 |
Provide Administrator Contact Information |
369 |
Set the Frequency of FTSA Type 3 Messages |
370 |
Generate FTSA Type 4 Messages |
370 |
Set Parameters FTSA Type 5 Messages |
370 |
FTSA Message Types |
371 |
FTSA Policies |
373 |
Create an FTSA Policy Test List |
374 |
Choose test conditions for a policy test list |
374 |
Set the match criterion for test lists |
377 |
Create a Policy Action List |
377 |
Add actions to a policy action list |
378 |
Create a Policy and Assign a Test and Action List |
379 |
Additional Policy Configurations |
380 |
FTSA Policy Sample Configurations |
380 |
Line card state-change policy configuration |
380 |
Excessive CRC-error policy configuration |
385 |
Debugging FTSA |
387 |
GARP VLAN Registration Protocol |
389 |
Protocol Overview |
389 |
Important Points to Remember |
389 |
Configuring GVRP |
390 |
Related Configuration Tasks |
391 |
Enabling GVRP Globally |
391 |
Enabling GVRP on a Layer 2 Interface |
392 |
Configuring GVRP Registration |
392 |
Configuring a GARP Timer |
393 |
High Availability |
395 |
Component Redundancy |
396 |
RPM Redundancy |
396 |
Boot the chassis with a single RPM |
396 |
Boot the chassis with dual RPMs |
397 |
Automatic and manual RPM failover |
398 |
Communication between RPMs |
399 |
Support for RPM redundancy by FTOS version |
400 |
RPM synchronization |
401 |
RPM redundancy configuration tasks |
401 |
Online Insertion and Removal |
403 |
RPM Online Insertion and Removal |
403 |
Line Card Online Insertion and Removal |
403 |
Pre-configure a line card slot |
404 |
Replace a line card |
405 |
Hitless Behavior |
405 |
Graceful Restart |
406 |
Software Resiliency |
406 |
Runtime System Health Check |
407 |
SFM Channel Monitoring |
407 |
Software Component Health Monitoring |
408 |
System Health Monitoring |
408 |
Failure and Event Logging |
408 |
Trace Log |
408 |
Core Dumps |
408 |
System Log |
409 |
Hot-lock Behavior |
409 |
Warm Upgrade |
409 |
Configure Cache Boot |
410 |
Cache Boot Pre-requisites |
410 |
Select the Cache Boot Image |
412 |
In-Service Modular Hot-Fixes |
414 |
Process Restartability |
415 |
Internet Group Management Protocol |
419 |
IGMP Implementation Information |
419 |
IGMP Protocol Overview |
419 |
IGMP version 2 |
420 |
Joining a Multicast Group |
420 |
Leaving a Multicast Group |
421 |
IGMP version 3 |
421 |
Joining and Filtering Groups and Sources |
422 |
Leaving and Staying in Groups |
423 |
Configuring IGMP |
424 |
Related Configuration Tasks |
424 |
Viewing IGMP Enabled Interfaces |
424 |
Selecting an IGMP Version |
425 |
Viewing IGMP Groups |
425 |
Adjusting Timers |
426 |
Adjusting Query and Response Timers |
426 |
Adjusting the IGMP Querier Timeout Value |
426 |
Configuring a Static IGMP Group |
427 |
Enabling IGMP Immediate-leave |
427 |
IGMP Snooping |
428 |
IGMP Snooping Implementation Information |
428 |
Configuring IGMP Snooping |
428 |
Related Configuration Tasks |
428 |
Enabling IGMP Immediate-leave |
428 |
Disabling Multicast Flooding |
429 |
Specifying a Port as Connected to a Multicast Router |
429 |
Configuring the Switch as Querier |
429 |
Adjusting the Last Member Query Interval |
430 |
Fast Convergence after MSTP Topology Changes |
430 |
Designating a Multicast Router Interface |
430 |
Interfaces |
431 |
Basic Interface Configuration: |
431 |
Advanced Interface Configuration: |
431 |
Interface Types |
432 |
View Basic Interface Information |
432 |
Enable a Physical Interface |
434 |
Physical Interfaces |
435 |
Configuration Task List for Physical Interfaces |
435 |
Overview of Layer Modes |
436 |
Configure Layer 2 (Data Link) Mode |
436 |
Configure Layer 3 (Network) Mode |
437 |
Management Interfaces |
439 |
Configure Management Interfaces on the E-Series and C-Series |
439 |
Important Things to Remember — virtual-ip |
440 |
Configure Management Interfaces on the S-Series |
440 |
Displaying Information on a Management Interface |
441 |
VLAN Interfaces |
442 |
Loopback Interfaces |
443 |
Null Interfaces |
443 |
Port Channel Interfaces |
444 |
Port channel definition and standards |
444 |
Port channel benefits |
444 |
Port channel implementation |
444 |
10/100/1000 Mbps interfaces in port channels |
445 |
Configuration task list for port channel interfaces |
446 |
Create a port channel |
446 |
Add a physical interface to a port channel |
447 |
Reassign an interface to a new port channel |
449 |
Configure the minimum oper up links in a port channel (LAG) |
450 |
Add or remove a port channel from a VLAN |
450 |
Assign an IP address to a port channel |
451 |
Delete or disable a port channel |
451 |
Load balancing through port channels |
452 |
E-Series load-balancing |
452 |
IPv4, IPv6, and non-IP traffic handling on the E-Series |
454 |
C-Series and S-Series load-balancing |
454 |
Hash algorithm |
455 |
Bulk Configuration |
456 |
Interface Range |
456 |
Bulk Configuration Examples |
457 |
Create a single-range |
457 |
Create a multiple-range |
457 |
Exclude duplicate entries |
457 |
Exclude a smaller port range |
457 |
Overlap port ranges |
458 |
Commas |
458 |
Add ranges |
458 |
Interface Range Macros |
459 |
Define the Interface Range |
459 |
Choose an Interface-range Macro |
460 |
Monitor and Maintain Interfaces |
460 |
Maintenance using TDR |
461 |
Link Debounce Timer |
462 |
Important Points to Remember about Link Debounce Timer |
462 |
Assign a debounce time to an interface |
463 |
Show debounce times in an interface |
463 |
Disable ports when one only SFM is available (E300 only) |
463 |
Disable port on one SFM |
464 |
Link Dampening |
464 |
Important Points to Remember |
464 |
Enable Link Dampening |
465 |
Clear Dampening Counters |
465 |
Link Dampening Support for XML |
466 |
Configure MTU size on an Interface |
466 |
Ethernet Pause Frames |
466 |
Threshold Settings |
467 |
Enable Pause Frames |
468 |
Configure MTU Size on an Interface |
469 |
Port-pipes |
470 |
Auto-Negotiation on Ethernet Interfaces |
471 |
Setting speed and duplex mode of Ethernet Interfaces |
471 |
Setting Auto-Negotiation Options |
472 |
Adjust the keepalive timer |
473 |
View Advanced Interface Information |
473 |
Display Only Configured Interfaces |
473 |
Configure Interface Sampling Size |
474 |
Dynamic Counters |
476 |
Clear interface counters |
477 |
IPv4 Addressing |
479 |
IP Addresses |
479 |
Implementation Information |
480 |
Configuration Task List for IP Addresses |
480 |
Assign IP addresses to an interface |
480 |
Configure static routes |
482 |
Configure static routes for the management interface |
483 |
Directed Broadcast |
484 |
Resolution of Host Names |
484 |
Enable dynamic resolution of host names |
484 |
Specify local system domain and a list of domains |
485 |
DNS with traceroute |
486 |
ARP |
487 |
Configuration Task List for ARP |
487 |
Configure static ARP entries |
487 |
Enable Proxy ARP |
488 |
Clear ARP cache |
488 |
ARP Learning via Gratuitous ARP |
489 |
ARP Learning via ARP Request |
490 |
Configurable ARP Retries |
491 |
ICMP |
491 |
Configuration Task List for ICMP |
491 |
Enable ICMP unreachable messages |
492 |
Enable ICMP redirects |
492 |
UDP Helper |
492 |
Configuring UDP Helper |
493 |
Important Points to Remember about UDP Helper |
493 |
Enabling UDP Helper |
493 |
Configuring a Broadcast Address |
494 |
Configurations Using UDP Helper |
494 |
UDP Helper with Broadcast-all Addresses |
495 |
UDP Helper with Subnet Broadcast Addresses |
495 |
UDP Helper with Configured Broadcast Addresses |
496 |
UDP Helper with No Configured Broadcast Addresses |
497 |
Troubleshooting UDP Helper |
497 |
IPv6 Addressing |
499 |
Protocol Overview |
499 |
Extended Address Space |
500 |
Stateless Autoconfiguration |
500 |
IPv6 Headers |
501 |
Version (4 bits) |
501 |
Traffic Class (8 bits) |
502 |
Flow Label (20 bits) |
502 |
Payload Length (16 bits) |
502 |
Next Header (8 bits) |
502 |
Hop Limit (8 bits) |
503 |
Source Address (128 bits) |
503 |
Destination Address (128 bits) |
503 |
Extension Header fields |
503 |
Hop-by-Hop Options header |
504 |
Addressing |
504 |
Link-local Addresses |
505 |
Static and Dynamic Addressing |
505 |
Implementing IPv6 with FTOS |
506 |
ICMPv6 |
508 |
Path MTU Discovery |
508 |
IPv6 Neighbor Discovery |
509 |
IPv6 Neighbor Discovery of MTU packets |
510 |
Advertise Neighbor Prefixes |
510 |
QoS for IPv6 |
510 |
IPv6 Multicast |
511 |
SSH over an IPv6 Transport |
511 |
Configuration Task List for IPv6 |
512 |
Change your CAM-Profile on an E-Series system |
512 |
Adjust your CAM-Profile on an C-Series or S-Series |
513 |
Assign an IPv6 Address to an Interface |
514 |
Assign a Static IPv6 Route |
515 |
Telnet with IPv6 |
515 |
SNMP over IPv6 |
516 |
Show IPv6 Information |
516 |
Show an IPv6 Interface |
517 |
Show IPv6 Routes |
518 |
Show the Running-Configuration for an Interface |
520 |
Clear IPv6 Routes |
520 |
Intermediate System to Intermediate System |
523 |
Protocol Overview |
523 |
IS-IS Addressing |
524 |
Multi-Topology IS-IS |
525 |
Transition Mode |
525 |
Interface support |
525 |
Adjacencies |
526 |
Graceful Restart |
526 |
Timers |
526 |
Implementation Information |
527 |
Configuration Information |
528 |
Configuration Task List for IS-IS |
529 |
Enable IS-IS |
529 |
Configure Multi-Topology IS-IS (MT IS-IS) |
532 |
Configure Multi-Topology IS-IS (MT IS-IS) |
533 |
Configure IS-IS Graceful Restart |
533 |
Change LSP attributes |
536 |
Configure IS-IS metric style and cost |
537 |
Configuring the distance of a route |
539 |
Change the IS-type |
539 |
Control routing updates |
540 |
Distribute Routes |
541 |
Redistribute routes |
543 |
Configure authentication passwords |
545 |
Set the overload bit |
545 |
Debug IS-IS |
546 |
IS-IS Metric Styles |
547 |
Configure Metric Values |
548 |
Maximum Values in the Routing Table |
548 |
Changing the IS-IS Metric Style in One Level Only |
548 |
Leaking from One Level to Another |
550 |
Sample Configuration |
551 |
Link Aggregation Control Protocol |
557 |
Introduction to Dynamic LAGs and LACP |
557 |
Important Points to Remember |
558 |
LACP modes |
559 |
LACP Configuration Commands |
559 |
LACP Configuration Tasks |
560 |
Create a LAG |
560 |
Configure the LAG interfaces as dynamic |
560 |
Set the LACP long timeout |
561 |
Monitor and Debugging LACP |
562 |
Shared LAG State Tracking |
562 |
Configure Shared LAG State Tracking |
563 |
Important Points about Shared LAG State Tracking |
564 |
Configure LACP as Hitless |
565 |
LACP Basic Configuration Example |
565 |
Configuring a LAG on ALPHA |
566 |
Summary of the configuration on ALPHA |
570 |
Summary of the configuration on BRAVO |
571 |
Layer 2 |
575 |
Managing the MAC Address Table |
575 |
Clear the MAC Address Table |
576 |
Set the Aging Time for Dynamic Entries |
576 |
Set the Aging Time for Dynamic Entries on a VLAN |
576 |
Configure a Static MAC Address |
577 |
Display the MAC Address Table |
577 |
MAC Learning Limit |
578 |
mac learning-limit dynamic |
579 |
mac learning-limit station-move |
579 |
mac learning-limit no-station-move |
580 |
mac learning-limit sticky |
580 |
The sticky-MAC learning feature is supported on platforms: c s. |
580 |
Displaying MAC Learning-Limited Interfaces |
582 |
Learning Limit Violation Actions |
582 |
Station Move Violation Actions |
582 |
Recovering from Learning Limit and Station Move Violations |
583 |
Per-VLAN MAC Learning Limit |
583 |
NIC Teaming |
585 |
MAC Move Optimization |
586 |
Microsoft Clustering |
586 |
Default Behavior |
586 |
Configuring the Switch for Microsoft Server Clustering |
587 |
Enable and Disable VLAN Flooding |
588 |
Configuring Redundant Pairs |
589 |
Important Points about Configuring Redundant Pairs |
590 |
Restricting Layer 2 Flooding |
592 |
Far-end Failure Detection |
593 |
FEFD state changes |
593 |
Important Points to Remember |
594 |
Configuring FEFD |
594 |
Enable FEFD Globally |
594 |
Enable FEFD on an Interface |
595 |
Debugging FEFD |
596 |
During an RPM Failover |
597 |
Link Layer Discovery Protocol |
599 |
802.1AB (LLDP) Overview |
599 |
Protocol Data Units |
599 |
Optional TLVs |
601 |
Management TLVs |
601 |
Organizationally Specific TLVs |
601 |
IEEE Organizationally Specific TLVs |
601 |
TIA-1057 (LLDP-MED) Overview |
602 |
TIA Organizationally Specific TLVs |
603 |
LLDP-MED Capabilities TLV |
604 |
LLDP-MED Network Policies TLV |
605 |
Extended Power via MDI TLV |
606 |
Configuring LLDP |
607 |
Related Configuration Tasks |
607 |
Important Points to Remember |
607 |
LLDP Compatibility |
607 |
CONFIGURATION versus INTERFACE Configurations |
607 |
Enabling LLDP |
608 |
Disabling and Undoing LLDP |
608 |
Advertising TLVs |
608 |
Viewing the LLDP Configuration |
610 |
Viewing Information Advertised by Adjacent LLDP Agents |
610 |
Configuring LLDPDU Intervals |
611 |
Configuring Transmit and Receive Mode |
612 |
Configuring a Time to Live |
613 |
Debugging LLDP |
614 |
Relevant Management Objects |
615 |
Multicast Listener Discovery |
621 |
Protocol Overview |
621 |
MLD Version 1 |
621 |
MLD Querier Router |
622 |
Joining a Multicast Group |
622 |
Leaving a Multicast Group |
623 |
MLD version 2 |
623 |
Implementation Information |
624 |
Enabling MLD |
624 |
Related MLD Configuration Tasks |
624 |
Change MLD Timer Values |
625 |
Reduce Host Response Burstiness |
625 |
Reduce Leave Latency |
625 |
Last Member Query Interval |
626 |
Explicit Tracking |
626 |
Configure a Static Group |
626 |
Display the MLD Group Table |
627 |
Clear MLD Groups |
627 |
Change the MLD Version |
627 |
Debug MLD |
627 |
MLD Snooping |
627 |
Enable MLD Snooping |
628 |
Disable MLD Snooping on a VLAN |
628 |
Configure the Switch as a Querier |
628 |
Disable Multicast Flooding |
628 |
Specify a Port as Connected to a Multicast Router |
628 |
Enable Snooping Explicit Tracking |
629 |
Display the MLD Snooping Table |
629 |
MLDv2 Snooping |
629 |
Port Inheritance on Mixed MLD Mode VLANs |
629 |
Multicast Source Discovery Protocol |
631 |
Protocol Overview |
631 |
Implementation Information |
632 |
Configuring Multicast Source Discovery Protocol |
633 |
Related Configuration Tasks |
633 |
Enable MSDP |
638 |
Manage the Source-active Cache |
638 |
View the Source-active Cache |
639 |
Limit the Source-active Cache |
639 |
Clear the Source-active Cache |
639 |
Enable the Rejected Source-active Cache |
639 |
Accept Source-active Messages that fail the RFP Check |
640 |
Limit the Source-active Messages from a Peer |
642 |
Prevent MSDP from Caching a Local Source |
643 |
Prevent MSDP from Caching a Remote Source |
644 |
Prevent MSDP from Advertising a Local Source |
645 |
Log Changes in Peership States |
646 |
Terminate a Peership |
646 |
Clear Peer Statistics |
647 |
Debug MSDP |
648 |
MSDP with Anycast RP |
648 |
Reducing Source-active Message Flooding |
650 |
Specify the RP Address Used in SA Messages |
650 |
MSDP Sample Configurations |
654 |
Multiple Spanning Tree Protocol |
659 |
Protocol Overview |
659 |
Implementation Information |
660 |
Configure Multiple Spanning Tree Protocol |
660 |
Related Configuration Tasks |
660 |
Enable Multiple Spanning Tree Globally |
661 |
Add and Remove Interfaces |
661 |
Create Multiple Spanning Tree Instances |
661 |
Influence MSTP Root Selection |
663 |
Interoperate with Non-FTOS Bridges |
663 |
Modify Global Parameters |
664 |
Modify Interface Parameters |
666 |
Configure an EdgePort |
667 |
Configure a Root Guard |
668 |
Configure a Loop Guard |
669 |
Flush MAC Addresses after a Topology Change |
670 |
Displaying STP Guard Configuration |
670 |
MSTP Sample Configurations |
671 |
Debugging and Verifying MSTP Configuration |
676 |
Multicast Features |
679 |
Implementation Information |
679 |
Enable IP Multicast |
679 |
Multicast with ECMP |
680 |
Implementation Information |
681 |
Multicast Policies |
681 |
IPv4 Multicast Policies |
681 |
Limit the Number of Multicast Routes |
682 |
Prevent a Host from Joining a Group |
683 |
Rate Limit IGMP Join Requests |
685 |
Prevent a PIM Router from Forming an Adjacency |
685 |
Prevent a Source from Registering with the RP |
685 |
Prevent a PIM Router from Processing a Join |
686 |
Using a Static Multicast MAC Address |
687 |
IPv6 Multicast Policies |
689 |
Limit the Number of IPv6 Multicast Routes |
689 |
Prevent an IPv6 Neighbor from Forming an Adjacency |
689 |
Prevent an IPv6 Source from Registering with the RP |
690 |
Prevent an IPv6 PIM Router from Processing an IPv6 Join |
690 |
Multicast Traceroute |
690 |
Multicast Quality of Service |
691 |
Optimize the E-Series for Multicast Traffic |
691 |
Allocate More Buffer Memory for Multicast WRED |
692 |
Allocate More Bandwidth to Multicast using Egress WFQ |
692 |
Tune the Central Scheduler for Multicast |
692 |
Object Tracking |
693 |
Object Tracking Overview |
693 |
Tracking Layer 2 Interfaces |
694 |
Tracking Layer 3 Interfaces |
695 |
Tracking IPv4 and IPv6 Routes |
695 |
Tracking Route Reachability |
695 |
Tracking a Metric Threshold |
695 |
Setting Tracking Delays |
696 |
VRRP Object Tracking |
696 |
Object Tracking Configuration |
697 |
Tracking a Layer 2 Interface |
697 |
Tracking a Layer 3 Interface |
698 |
Tracking an IPv4/IPv6 Route |
700 |
Tracking Route Reachability |
701 |
Tracking a Metric Threshold |
702 |
Displaying Tracked Objects |
704 |
Open Shortest Path First (OSPFv2 and OSPFv3) |
707 |
Protocol Overview |
708 |
Autonomous System (AS) Areas |
708 |
Area Types |
709 |
Networks and Neighbors |
710 |
Router Types |
710 |
Backbone Router (BR) |
711 |
Area Border Router (ABR) |
712 |
Autonomous System Border Router (ASBR) |
712 |
Internal Router (IR) |
712 |
Designated and Backup Designated Routers |
712 |
Link-State Advertisements (LSAs) |
713 |
Virtual Links |
714 |
Router Priority and Cost |
714 |
Implementing OSPF with FTOS |
715 |
Graceful Restart |
716 |
Fast Convergence (OSPFv2, IPv4 only) |
717 |
Multi-Process OSPF (OSPFv2, IPv4 only) |
717 |
Processing SNMP and Sending SNMP Traps |
718 |
RFC-2328 Compliant OSPF Flooding |
718 |
OSPF ACK Packing |
719 |
OSPF Adjacency with Cisco Routers |
719 |
Configuration Requirements |
720 |
Configuration Task List for OSPFv2 (OSPF for IPv4) |
720 |
Enable OSPFv2 |
721 |
Enable Multi-Process OSPF |
723 |
Assign an OSPFv2 area |
724 |
Enable OSPFv2 on interfaces |
725 |
Configure stub areas |
727 |
Configure OSPF Stub-Router Advertisement |
728 |
Enable passive interfaces |
729 |
Enable fast-convergence |
730 |
Change OSPFv2 parameters on interfaces |
731 |
Enable OSPFv2 authentication |
733 |
Enable OSPFv2 graceful restart |
733 |
Configure virtual links |
735 |
Filter routes |
736 |
Redistribute routes |
737 |
Troubleshooting OSPFv2 |
738 |
Sample Configurations for OSPFv2 |
741 |
Basic OSPFv2 Router Topology |
741 |
Configuration Task List for OSPFv3 (OSPF for IPv6) |
742 |
Enable IPv6 Unicast Routing |
743 |
Assign IPv6 addresses on an interface |
743 |
Assign Area ID on interface |
743 |
Assign OSPFv3 Process ID and Router ID Globally |
744 |
Configure stub areas |
744 |
Configure Passive-Interface |
745 |
Redistribute routes |
746 |
Configure a default route |
746 |
Enable OSPFv3 graceful restart |
747 |
OSPFv3 Authentication Using IPsec |
750 |
OSPFv3 Authentication using IPsec: Configuration Notes |
751 |
Configuring IPsec Authentication on an Interface |
752 |
Configuring IPsec Encryption on an Interface |
753 |
Configuring IPsec Authentication for an OSPFv3 Area |
754 |
Configuring IPsec Encryption for an OSPFv3 Area |
755 |
Displaying OSPFv3 IPsec Security Policies |
756 |
Troubleshooting OSPFv3 |
760 |
PIM Dense-Mode |
763 |
Implementation Information |
763 |
Protocol Overview |
763 |
Refusing Multicast Traffic |
764 |
Requesting Multicast Traffic |
765 |
Configure PIM-DM |
766 |
Related Configuration Tasks |
766 |
Enable PIM-DM |
766 |
PIM Sparse-Mode |
771 |
Implementation Information |
771 |
Protocol Overview |
772 |
Requesting Multicast Traffic |
772 |
Refusing Multicast Traffic |
772 |
Sending Multicast Traffic |
773 |
Important Points to Remember |
773 |
Configure PIM-SM |
773 |
Related Configuration Tasks |
774 |
Enable PIM-SM |
774 |
Configurable S,G Expiry Timers |
775 |
Configure a Static Rendezvous Point |
776 |
Override Bootstrap Router Updates |
777 |
Elect an RP using the BSR Mechanism |
778 |
Configure a Designated Router |
779 |
Create Multicast Boundaries and Domains |
779 |
Set a Threshold for Switching to the SPT |
780 |
PIM-SM Graceful Restart |
780 |
First Packet Forwarding for Lossless Multicast |
781 |
Monitoring PIM |
782 |
PIM-SM and IGMP Snooping: Usage Notes |
782 |
PIM-SM Snooping |
783 |
Feature Overview |
784 |
Configuration Notes and Restrictions |
785 |
PIM-SM Snooping Example |
786 |
PIM-SM Snooping Configuration |
788 |
Enable PIM Snooping |
788 |
Disable PIM Designated-Router Flooding |
788 |
Verify PIM-SM Snooping |
789 |
PIM Source-Specific Mode |
793 |
Implementation Information |
795 |
Important Points to Remember |
795 |
Configure PIM-SM |
795 |
Related Configuration Tasks |
795 |
Enable PIM-SSM |
796 |
Use PIM-SSM with IGMP version 2 Hosts |
796 |
Power over Ethernet |
801 |
Configuring Power over Ethernet |
802 |
Related Configuration Tasks |
803 |
Enabling PoE on a Port |
803 |
Manage Ports using Power Priority and the Power Budget |
805 |
Determine the Power Priority for a Port |
805 |
power-inline mode |
806 |
Extended Power-via-MDI TLV |
806 |
Determine the Affect of a Port on the Power Budget |
807 |
Monitor the Power Budget |
808 |
Manage Power Priorities |
808 |
Recover from a Failed Power Supply |
809 |
Power Additional PoE Ports on the S-Series |
810 |
Deploying VOIP |
811 |
Create VLANs for an Office VOIP Deployment |
811 |
Configure LLDP-MED for an Office VOIP Deployment |
812 |
Configure Quality of Service for an Office VOIP Deployment |
813 |
Honor the incoming DSCP value |
813 |
Honor the incoming dot1p value |
813 |
Classifying VOIP traffic and applying QoS policies |
814 |
Policy-based Routing |
817 |
Overview |
817 |
Implementing Policy-based Routing with FTOS |
819 |
Non-contiguous bitmasks for PBR |
819 |
Hot-Lock PBR |
819 |
Configuration Task List for Policy-based Routing |
820 |
Create a Redirect List |
820 |
Create a Rule for a Redirect-list |
821 |
PBR Exceptions (Permit) |
823 |
Apply a Redirect-list to an Interface using a Redirect-group |
824 |
Show Redirect List Configuration |
825 |
Sample Configuration |
826 |
Port Monitoring |
829 |
Important Points to Remember |
829 |
Port Monitoring on E-Series |
830 |
E-Series TeraScale |
831 |
E-Series ExaScale |
831 |
Port Monitoring on C-Series and S-Series |
832 |
Configuring Port Monitoring |
835 |
Flow-based Monitoring |
836 |
Remote Port Mirroring |
837 |
Remote Port Mirroring Example |
837 |
Configuring Remote Port Mirroring |
838 |
Configuration Notes |
838 |
Restrictions |
840 |
Configuration Procedure |
840 |
Displaying Remote-Port Mirroring Configurations |
844 |
Sample Configuration: Remote Port Mirroring |
845 |
Private VLANs |
847 |
Important Points to Remember |
848 |
Configure Private VLANs |
848 |
Related Configuration Tasks |
849 |
Configure PVLAN Ports |
849 |
Place PVLAN Ports in a Secondary VLAN |
849 |
Place the Secondary VLANs in a Primary VLAN |
850 |
Private VLAN show Commands |
850 |
Per-VLAN Spanning Tree Plus |
851 |
Protocol Overview |
851 |
Implementation Information |
852 |
Configure Per-VLAN Spanning Tree Plus |
852 |
Related Configuration Tasks |
852 |
Enable PVST+ |
853 |
Disable PVST+ |
853 |
Influence PVST+ Root Selection |
853 |
Modify Global PVST+ Parameters |
856 |
Modify Interface PVST+ Parameters |
856 |
Configure an EdgePort |
857 |
Configure a Root Guard |
859 |
Configure a Loop Guard |
860 |
PVST+ in Multi-vendor Networks |
861 |
PVST+ Extended System ID |
861 |
Displaying STP Guard Configuration |
862 |
PVST+ Sample Configurations |
863 |
Quality of Service |
865 |
Implementation Information |
867 |
Port-based QoS Configurations |
868 |
Set dot1p Priorities for Incoming Traffic |
868 |
Honor dot1p Priorities on Ingress Traffic |
869 |
Priority-tagged Frames on the Default VLAN |
869 |
Configure Port-based Rate Policing |
870 |
Configure Port-based Rate Limiting |
871 |
Configure Port-based Rate Shaping |
872 |
Policy-based QoS Configurations |
873 |
Classify Traffic |
873 |
Create a Layer 3 class map |
873 |
Create a Layer 2 class map |
874 |
Determine the order in which ACLs are used to classify traffic |
875 |
Set DSCP values for egress packets based on flow |
875 |
Display configured class maps and match criteria |
875 |
Create a QoS Policy |
877 |
Create an input QoS policy |
877 |
Create an output QoS policy |
878 |
Create Policy Maps |
880 |
Create Input Policy Maps |
880 |
Apply an input policy map to an interface |
884 |
Create Output Policy Maps |
884 |
QoS Rate Adjustment |
885 |
Strict-priority Queueing |
886 |
Weighted Random Early Detection |
886 |
Create WRED Profiles |
887 |
Apply a WRED profile to traffic |
887 |
Configure WRED for Storm Control |
887 |
Display Default and Configured WRED Profiles |
888 |
Display WRED Drop Statistics |
888 |
Allocating Bandwidth to Multicast Queues |
889 |
Pre-calculating Available QoS CAM Space |
890 |
Viewing QoS CAM Entries |
891 |
Routing Information Protocol |
893 |
Protocol Overview |
893 |
RIPv1 |
893 |
RIPv2 |
894 |
Implementation Information |
894 |
Configuration Information |
894 |
Configuration Task List for RIP |
895 |
Enable RIP globally |
895 |
Configure RIP on interfaces |
896 |
Control RIP routing updates |
897 |
Set send and receive version |
898 |
Generate a default route |
900 |
Summarize routes |
900 |
Control route metrics |
901 |
Debug RIP |
901 |
RIP Configuration Example |
902 |
Configuring RIPv2 on Core 2 |
903 |
Core 2 Output |
903 |
RIP Configuration on Core 3 |
905 |
Core 3 RIP Output |
905 |
RIP Configuration Summary |
907 |
Remote Monitoring |
909 |
Implementation |
909 |
Fault Recovery |
910 |
Set rmon alarm |
911 |
Configure an RMON event |
912 |
Configure RMON collection statistics |
913 |
Configure RMON collection history |
914 |
Enable an RMON MIB collection history group |
914 |
Rapid Spanning Tree Protocol |
915 |
Protocol Overview |
915 |
Configuring Rapid Spanning Tree |
915 |
Related Configuration Tasks |
915 |
Important Points to Remember |
916 |
Configure Interfaces for Layer 2 Mode |
916 |
Enable Rapid Spanning Tree Protocol Globally |
917 |
Add and Remove Interfaces |
920 |
Modify Global Parameters |
920 |
Modify Interface Parameters |
922 |
Configure an EdgePort |
922 |
Influence RSTP Root Selection |
924 |
SNMP Traps for Root Elections and Topology Changes |
924 |
Fast Hellos for Link State Detection |
925 |
Configure a Root Guard |
926 |
Configure a Loop Guard |
927 |
Displaying STP Guard Configuration |
928 |
Security |
929 |
AAA Accounting |
929 |
Configuration Task List for AAA Accounting |
930 |
Enable AAA Accounting |
930 |
Suppress AAA Accounting for null username sessions |
931 |
Configure Accounting of EXEC and privilege-level command usage |
931 |
Configure AAA Accounting for terminal lines |
931 |
Monitor AAA Accounting |
931 |
AAA Authentication |
933 |
Configuration Task List for AAA Authentication |
933 |
Configure login authentication for terminal lines |
933 |
Configure AAA Authentication login methods |
934 |
Enable AAA Authentication |
935 |
AAA Authentication—RADIUS |
935 |
Server-side configuration |
936 |
AAA Authorization |
936 |
Privilege Levels Overview |
936 |
Configuration Task List for Privilege Levels |
937 |
Configure a username and password |
937 |
Configure the enable password command |
938 |
Configure custom privilege levels |
938 |
Specify LINE mode password and privilege |
940 |
Enable and disabling privilege levels |
941 |
RADIUS |
941 |
RADIUS Authentication and Authorization |
942 |
Idle Time |
943 |
ACL |
943 |
Auto-command |
944 |
Set access to privilege levels through RADIUS |
944 |
Configuration Task List for RADIUS |
944 |
Define a aaa method list to be used for RADIUS |
944 |
Apply the method list to terminal lines |
945 |
Specify a RADIUS server host |
945 |
Set global communication parameters for all RADIUS server hosts |
946 |
Monitor RADIUS |
947 |
TACACS+ |
947 |
Configuration Task List for TACACS+ |
947 |
Choose TACACS+ as the Authentication Method |
947 |
Monitor TACACS+ |
949 |
TACACS+ Remote Authentication and Authorization |
949 |
Command Authorization |
951 |
Protection from TCP Tiny and Overlapping Fragment Attacks |
951 |
SCP and SSH |
951 |
Using SCP with SSH to copy a software image |
953 |
Secure Shell Authentication |
954 |
Important Points to Remember for SSH Authentication |
954 |
SSH Authentication by Password |
954 |
RSA Authentication of SSH |
955 |
Host-based SSH Authentication |
955 |
Client-based SSH Authentication |
956 |
Troubleshooting SSH |
957 |
Telnet |
957 |
Trace Lists |
958 |
Configuration Tasks for Trace Lists |
958 |
Creating a trace list |
958 |
Apply trace lists |
963 |
VTY Line and Access-Class Configuration |
964 |
VTY Line Local Authentication and Authorization |
964 |
VTY Line Remote Authentication and Authorization |
965 |
VTY MAC-SA Filter Support |
965 |
Service Provider Bridging |
967 |
VLAN Stacking |
967 |
Important Points to Remember |
968 |
Configure VLAN Stacking |
969 |
Related Configuration Tasks |
969 |
Create Access and Trunk Ports |
969 |
Enable VLAN-Stacking for a VLAN |
970 |
Configure the Protocol Type Value for the Outer VLAN Tag |
970 |
FTOS Options for Trunk Ports |
971 |
VLAN Stacking in Multi-vendor Networks |
972 |
VLAN Stacking with E-Series TeraScale Systems |
972 |
TPID 0x8100 on E-Series TeraScale Systems |
973 |
VLAN Stacking with E-Series ExaScale Systems |
974 |
VLAN Stacking with C-Series and S-Series |
975 |
VLAN Stacking Packet Drop Precedence |
978 |
Enable Drop Eligibility |
979 |
Honor the Incoming DEI Value |
979 |
Mark Egress Packets with a DEI Value |
980 |
Dynamic Mode CoS for VLAN Stacking |
981 |
Layer 2 Protocol Tunneling |
983 |
Implementation Information |
985 |
Enable Layer 2 Protocol Tunneling |
986 |
Specify a Destination MAC Address for BPDUs |
986 |
Rate-limit BPDUs on the E-Series |
986 |
Rate-limit BPDUs on the C-Series and S-Series |
987 |
Debug Layer 2 Protocol Tunneling |
987 |
Provider Backbone Bridging |
987 |
sFlow |
989 |
Overview |
989 |
Implementation Information |
990 |
Important Points to Remember |
990 |
Enable and Disable sFlow |
991 |
Enable and Disable on an Interface |
991 |
sFlow Show Commands |
992 |
Show sFlow Globally |
992 |
Show sFlow on an Interface |
992 |
Show sFlow on a Line Card |
993 |
Configure Collectors |
994 |
Polling Intervals |
994 |
Sampling Rate |
995 |
Sub-sampling |
995 |
Back-off Mechanism |
996 |
sFlow on LAG ports |
996 |
Extended sFlow |
996 |
Important Points to Remember |
998 |
Simple Network Management Protocol |
999 |
Protocol Overview |
999 |
Implementation Information |
999 |
Configure Simple Network Management Protocol |
999 |
Related Configuration Tasks |
1000 |
Important Points to Remember |
1000 |
Create a Community |
1000 |
Read Managed Object Values |
1001 |
Write Managed Object Values |
1002 |
Configure Contact and Location Information using SNMP |
1003 |
Subscribe to Managed Object Value Updates using SNMP |
1004 |
Copy Configuration Files Using SNMP |
1006 |
Manage VLANs using SNMP |
1013 |
Create a VLAN |
1013 |
Assign a VLAN Alias |
1013 |
Display the Ports in a VLAN |
1013 |
Add Tagged and Untagged Ports to a VLAN |
1015 |
Enable and Disable a Port using SNMP |
1017 |
Fetch Dynamic MAC Entries using SNMP |
1017 |
Deriving Interface Indices |
1019 |
Monitor Port-channels |
1020 |
Troubleshooting SNMP Operation |
1021 |
SONET/SDH |
1023 |
Packet Over SONET (POS) Interfaces |
1023 |
Important Points to Remember |
1023 |
Configuring POS Interfaces |
1024 |
Encapsulation |
1024 |
Configuring Maximum Transmission Unit (MTU) |
1025 |
10GE WAN Physical Interface |
1025 |
SONET Alarm Reporting |
1026 |
SONET TRAP Example |
1029 |
SONET Syslog Example |
1029 |
Events that Bring Down a SONET Interface |
1029 |
SONET Port Recovery Mechanism |
1030 |
SONET MIB |
1031 |
SONET Traps |
1031 |
Stacking S-Series Switches |
1035 |
S-Series Stacking Overview |
1035 |
High Availability on S-Series Stacks |
1035 |
Management Unit Selection on S-Series Stacks |
1036 |
MAC Addressing on S-Series Stacks |
1037 |
Management Access on S-Series Stacks |
1041 |
Important Points to Remember |
1042 |
S-Series Stacking Installation Tasks |
1042 |
Create an S-Series Stack |
1042 |
Stacking Cable Redundancy |
1044 |
LED Status Indicators on an S-Series Stack |
1045 |
Add a Unit to an S-Series Stack |
1045 |
Remove a Unit from an S-Series Stack |
1048 |
Merge Two S-Series Stacks |
1050 |
Split an S-Series Stack |
1051 |
S-Series Stacking Configuration Tasks |
1051 |
Assign Unit Numbers to Units in an S-Series Stack |
1051 |
Create a Virtual Stack Unit on an S-Series Stack |
1052 |
Display Information about an S-Series Stack |
1052 |
Influence Management Unit Selection on an S-Series Stack |
1055 |
Manage Redundancy on an S-Series Stack |
1055 |
Reset a Unit on an S-Series Stack |
1055 |
Monitor an S-Series Stack with SNMP |
1056 |
Troubleshoot an S-Series Stack |
1056 |
Recover from Stack Link Flaps |
1056 |
Recover from a Card Problem State on an S-Series Stack |
1057 |
Recover from a Card Mismatch State on an S-Series Stack |
1057 |
Broadcast Storm Control |
1059 |
Storm Control Overview |
1059 |
Implementation Information |
1059 |
Broadcast Storm Control |
1060 |
Layer 3 Broadcast Storm Control |
1060 |
Enable Broadcast Storm Control on an Interface |
1060 |
Enable Broadcast Storm Control on all Interfaces |
1061 |
Layer 2 Broadcast Storm Control |
1061 |
Multicast Storm Control |
1061 |
Spanning Tree Protocol |
1063 |
Protocol Overview |
1063 |
Configuring Spanning Tree |
1063 |
Related Configuration Tasks |
1064 |
Important Points to Remember |
1064 |
Configuring Interfaces for Layer 2 Mode |
1065 |
Enabling Spanning Tree Protocol Globally |
1066 |
Adding an Interface to the Spanning Tree Group |
1068 |
Removing an Interface from the Spanning Tree Group |
1068 |
Modifying Global Parameters |
1069 |
Modifying Interface STP Parameters |
1070 |
Enabling PortFast |
1070 |
Preventing Network Disruptions with BPDU Guard |
1071 |
STP Root Selection |
1073 |
STP Root Guard |
1074 |
Root Guard Scenario |
1074 |
Root Guard Configuration |
1077 |
SNMP Traps for Root Elections and Topology Changes |
1077 |
Configuring Spanning Trees as Hitless |
1078 |
STP Loop Guard |
1078 |
Loop Guard Scenario |
1078 |
Loop Guard Configuration |
1081 |
Displaying STP Guard Configuration |
1082 |
System Time and Date |
1083 |
Network Time Protocol |
1083 |
Protocol Overview |
1084 |
Implementation Information |
1085 |
Configuring Network Time Protocol |
1085 |
Related Configuration Tasks |
1085 |
Enable NTP |
1086 |
Set the Hardware Clock with the Time Derived from NTP |
1087 |
Configure NTP broadcasts |
1087 |
Disable NTP on an interface |
1087 |
Configure a source IP address for NTP packets |
1088 |
Configure NTP authentication |
1089 |
FTOS Time and Date |
1091 |
Configuring time and date settings |
1091 |
Set the time and date for the switch hardware clock |
1092 |
Set the time and date for the switch software clock |
1092 |
Set the timezone |
1094 |
Set daylight savings time |
1094 |
Set Daylight Saving Time Once |
1095 |
Set Recurring Daylight Saving Time |
1096 |
Uplink Failure Detection (UFD) |
1099 |
Feature Description |
1099 |
How Uplink Failure Detection Works |
1100 |
UFD and NIC Teaming |
1101 |
Important Points to Remember |
1102 |
Configuring Uplink Failure Detection |
1103 |
Clearing a UFD-Disabled Interface |
1104 |
Displaying Uplink Failure Detection |
1106 |
Sample Configuration: Uplink Failure Detection |
1109 |
Upgrade Procedures |
1111 |
Find the upgrade procedures |
1111 |
Get Help with upgrades |
1111 |
VLAN |
1113 |
Virtual LAN Overview |
1113 |
Port-based VLANs |
1114 |
VLAN Tagging |
1115 |
Default VLAN |
1116 |
Implementation Information |
1116 |
Configuring VLANs |
1116 |
Related Configuration Tasks |
1116 |
Related Protocols and Topics |
1117 |
Create a VLAN |
1117 |
Assign Interfaces to VLANs |
1118 |
Enable Routing between VLANs |
1119 |
Use a Native VLAN on Trunk Ports |
1120 |
Change the Default VLAN ID |
1121 |
Set the Null VLAN as the Default VLAN |
1121 |
Enable VLAN Interface Counters |
1122 |
Virtual Routing and Forwarding (VRF) |
1123 |
VRF Configuration Notes |
1124 |
CAM Profiles |
1126 |
DHCP |
1128 |
IP addressing |
1128 |
VRF Configuration |
1128 |
Load the VRF CAM Profile |
1129 |
Enable VRF |
1129 |
Assign an Interface to a VRF |
1130 |
View VRF instance information |
1131 |
Connect an OSPF process to a VRF instance |
1132 |
Configure VRRP on a VRF Interface |
1132 |
Sample VRF Configuration |
1132 |
Virtual Router Redundancy Protocol (VRRP) |
1141 |
VRRP Overview |
1141 |
VRRP Benefits |
1143 |
VRRP Implementation |
1143 |
VRRP version 3 |
1144 |
VRRP Configuration |
1145 |
Create a Virtual Router |
1145 |
Assign Virtual IP addresses |
1146 |
Set VRRP Group (Virtual Router) Priority |
1149 |
Configure VRRP Authentication |
1150 |
Disable Preempt |
1151 |
Change the Advertisement interval |
1152 |
Track an Interface or Object |
1153 |
VRRP on a VRF Interface |
1156 |
Sample Configurations |
1158 |
VRRP for IPv4 Configuration |
1158 |
VRRP for IPv6 Configuration |
1160 |
VRRP in VRF Configuration |
1163 |
Non-VLAN Scenario |
1163 |
VLAN Scenario |
1165 |
Displaying a VRRP in VRF Configuration |
1168 |
FTOS XML Feature |
1169 |
XML Functionality |
1169 |
The Form of XML Requests and Responses |
1170 |
Request Format |
1170 |
Response Format |
1171 |
The Configuration Request and Response |
1171 |
The “Show” Request and Response |
1172 |
Configuration Task List |
1172 |
Run an FTOS XML session |
1173 |
Configure a standard ACL |
1175 |
Configure an extended ACL |
1175 |
Apply an IP ACL |
1175 |
Create an egress ACL and apply rules to the ACL |
1176 |
XML Error Conditions and Reporting |
1176 |
Summary of XML Limitations |
1176 |
Error Messages |
1176 |
Examples of Error Conditions |
1177 |
XML parsing error |
1177 |
XML schema error |
1178 |
XML command error |
1178 |
XML application error |
1178 |
Using display xml as a Pipe Option |
1179 |
C-Series Debugging and Diagnostics |
1181 |
Switch Fabric overview |
1182 |
Switch Fabric link monitoring |
1182 |
Runtime hardware status monitoring |
1184 |
Inter-CPU timeouts |
1186 |
Bootup diagnostics |
1187 |
Recognizing bootup failure |
1187 |
Troubleshoot bootup failure |
1187 |
Environmental monitoring |
1187 |
Recognize an overtemperature condition |
1188 |
Troubleshoot an overtemperature condition |
1188 |
Recognize an under-voltage condition |
1189 |
Troubleshoot an under-voltage condition |
1189 |
Trace logs |
1189 |
Automatic trace log updates |
1190 |
Save a hardware log to a file on the flash |
1190 |
Manual reload messages |
1191 |
CP software exceptions |
1192 |
Command history |
1192 |
Clearing the command history |
1193 |
Advanced debugging commands |
1193 |
debug commands |
1193 |
show hardware commands |
1194 |
Recognizing a High CPU Condition |
1195 |
Troubleshoot a high CPU condition |
1195 |
Monitoring hardware components with SNMP |
1196 |
Hardware watchdog timer |
1197 |
Offline diagnostics |
1198 |
Configuration task list |
1198 |
Important points to remember |
1198 |
Take the line card offline |
1199 |
Run offline diagnostics |
1199 |
View offline diagnostic test results |
1199 |
Bring the line card online |
1202 |
Buffer tuning |
1203 |
When to tune buffers |
1204 |
Buffer tuning commands |
1205 |
Use a pre-defined buffer profile |
1208 |
Sample configuration |
1208 |
E-Series TeraScale Debugging and Diagnostics |
1211 |
Overview |
1212 |
System health checks |
1212 |
Runtime dataplane loopback check |
1212 |
Disable RPM-SFM walk |
1214 |
RPM-SFM bring down |
1215 |
Manual loopback test |
1215 |
Power the SFM on/off |
1216 |
Reset the SFM |
1218 |
SFM channel monitoring |
1218 |
Respond to PCDFO events |
1219 |
Inter-CPU timeouts |
1220 |
Debug commands |
1222 |
Hardware watchdog timer |
1222 |
Show hardware commands |
1223 |
Offline diagnostics |
1223 |
Important points to remember |
1224 |
Offline configuration task list |
1224 |
Parity error detection and correction |
1225 |
Enable parity error correction |
1225 |
Recognize a transient parity error |
1226 |
Recognize a non-recoverable parity error |
1227 |
Trace logs |
1228 |
Buffer full condition |
1228 |
Manual reload condition |
1229 |
CP software exceptions |
1229 |
View trace buffer content |
1229 |
Write the contents of the trace buffer |
1230 |
Clear the trace buffer |
1230 |
Recognize a high CPU condition |
1231 |
Configure an action upon a hardware error |
1231 |
Buffer traffic manager hardware errors |
1231 |
Flexible packet classifier hardware errors |
1232 |
Line card MAC hardware errors |
1232 |
Core dumps |
1232 |
RPM core dumps |
1232 |
Line card core dumps |
1233 |
E-Series ExaScale Debugging and Diagnostics |
1235 |
Overview |
1236 |
Acronyms |
1236 |
System health checks |
1237 |
Line card loopback checks |
1237 |
Line card to SFM check |
1237 |
Line card on-board TSF3 |
1239 |
Manual loopback test |
1240 |
Power On/Off the SFM |
1241 |
Reset the SFM |
1243 |
SFM channel monitoring |
1243 |
Respond to PCDFO events |
1244 |
Inter-CPU timeouts |
1245 |
Software debugging commands |
1247 |
Hardware debugging commands |
1247 |
show control-traffic |
1248 |
show ipc-traffic |
1250 |
show hardware commands |
1252 |
Switch Fabric commands |
1252 |
Global commands |
1254 |
FPTM commands |
1254 |
BTM CLIs |
1254 |
FPC CLIs |
1255 |
Identify a suspect SFM |
1256 |
Identify a suspect line card |
1257 |
Last restart reason |
1257 |
Hardware watchdog timer |
1258 |
Information files and logs |
1258 |
Trace logs |
1259 |
Automatic trace log updates |
1260 |
Save a trace log to a file on the flash |
1260 |
Manual reload messages |
1260 |
CP/RP1/RP2 software exceptions |
1261 |
Recognize a high CPU condition |
1261 |
Command history |
1262 |
Clearing the command history |
1262 |
Software exception handling on line cards |
1262 |
Crash logs |
1263 |
Core dumps |
1263 |
RPM core dumps |
1263 |
Full core dumps |
1264 |
Mini core dumps |
1264 |
Line card core dumps |
1265 |
Full core dumps |
1265 |
Mini core dump |
1266 |
Console output |
1268 |
S-Series Debugging and Diagnostics |
1271 |
Offline diagnostics |
1271 |
Important Points to Remember |
1272 |
Running Offline Diagnostics |
1272 |
Trace logs |
1275 |
Auto Save on Crash or Rollover |
1276 |
Hardware watchdog timer |
1276 |
Buffer tuning |
1276 |
Deciding to tune buffers |
1278 |
Buffer tuning commands |
1279 |
Using a pre-defined buffer profile |
1281 |
Sample buffer profile configuration |
1281 |
Troubleshooting packet loss |
1282 |
Displaying Drop Counters |
1282 |
Dataplane Statistics |
1284 |
Displaying Stack Port Statistics |
1286 |
Displaying Stack Member Counters |
1286 |
Application core dumps |
1287 |
Mini core dumps |
1287 |
Standards Compliance |
1289 |
IEEE Compliance |
1289 |
RFC and I-D Compliance |
1290 |
General Internet Protocols |
1290 |
General IPv4 Protocols |
1291 |
General IPv6 Protocols |
1292 |
Border Gateway Protocol (BGP) |
1293 |
Open Shortest Path First (OSPF) |
1293 |
Intermediate System to Intermediate System (IS-IS) |
1294 |
Routing Information Protocol (RIP) |
1294 |
Multiprotocol Label Switching (MPLS) |
1295 |
Multicast |
1296 |
Network Management |
1297 |
MIB Location |
1301 |