IP Source Guard. Cisco Catalyst 6800ia Switch , Catalyst 6503-E Switch , Catalyst 6807-XL Switch , Catalyst 6504-E Switch , Catalyst 6840-X Switch , Catalyst 6506-E Switch , Catalyst 6880-X Switch , EOL Details, Catalyst 6509-E Switch , Catalyst C6816-X-LE Switch
Add to My manuals1292 Pages
Cisco Catalyst 6800 Series Switches are high-performance, modular switches that provide a comprehensive range of features for enterprise and data center networks. With their豐富的端口密度、先进的QoS功能和可扩展的架构, they are ideal for supporting a wide variety of applications, including voice, video, and data. The 6800 series switches offer exceptional performance and reliability, making them a valuable asset for any network.
advertisement
C H A P T E R
81
IP Source Guard
•
•
•
•
•
•
•
Prerequisites for IP Source Guard, page 81-1
Restrictions for IP Source Guard, page 81-2
Information About IP Source Guard, page 81-2
Default Settings for IP Source Guard, page 81-3
How to Configure IP Source Guard, page 81-3
Displaying IP Source Guard PACL Information, page 81-5
Displaying IP Source Binding Information, page 81-6
Note •
•
For complete syntax and usage information for the commands used in this chapter, see these publications: http://www.cisco.com/en/US/products/ps11846/prod_command_reference_list.html
Cisco IOS Release 15.4SY supports only Ethernet interfaces. Cisco IOS Release 15.4SY does not support any WAN features or commands.
Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page: http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html
Participate in the Technical Documentation Ideas forum
Prerequisites for IP Source Guard
None.
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
81-1
Chapter 81 IP Source Guard
Restrictions for IP Source Guard
Restrictions for IP Source Guard
Because the IP source guard feature is supported only in hardware, IP source guard is not applied if there are insufficient hardware resources available. These hardware resources are shared by various other ACL features that are configured on the system. The following restrictions apply to IP source guard:
• Supported only on ingress Layer 2 ports.
•
•
•
Supported only in hardware; not applied to any traffic that is processed in software.
Does not support filtering of traffic based on MAC address.
Is not supported on private VLANs.
Information About IP Source Guard
•
•
•
•
•
•
Overview of IP Source Guard, page 81-2
IP Source Guard Interaction with VLAN-Based Features, page 81-2
Layer 2 and Layer 3 Port Conversion, page 81-3
IP Source Guard and Voice VLAN, page 81-3
IP Source Guard and Web-Based Authentication, page 81-3
Overview of IP Source Guard
IP source guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host’s IP address. The feature uses dynamic
DHCP snooping and static IP source binding to match IP addresses to hosts on untrusted Layer 2 access ports.
Initially, all IP traffic on the protected port is blocked except for DHCP packets. After a client receives an IP address from the DHCP server, or after static IP source binding is configured by the administrator, all traffic with that IP source address is permitted from that client. Traffic from other hosts is denied.
This filtering limits a host’s ability to attack the network by claiming a neighbor host’s IP address.
IP source guard is a port-based feature that automatically creates an implicit port access control list
(PACL).
IP Source Guard Interaction with VLAN-Based Features
Use the access-group mode command to specify how IP source guard interacts with VLAN-based features (such as VACL and Cisco IOS ACL and RACL).
In prefer port mode, if IP source guard is configured on an interface, IP source guard overrides other
VLAN-based features. If IP source guard is not configured on the interface, other VLAN-based features are merged in the ingress direction and applied on the interface.
In merge mode, IP source guard and VLAN-based features are merged in the ingress direction and applied on the interface. This is the default access-group mode.
81-2
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 81 IP Source Guard
Default Settings for IP Source Guard
Channel Ports
IP source guard is supported on Layer 2 port-channel interfaces but not on the port members. When IP source guard is applied to a Layer 2 port-channel channel interface, it is applied to all the member ports in the EtherChannel.
Layer 2 and Layer 3 Port Conversion
When an IP source guard policy is configured on a Layer 2 port, if the port is reconfigured as a Layer 3 port, the IP source guard policy no longer functions but is still present in the configuration. If the port is reconfigured as a Layer 2 port, the IP source guard policy becomes effective again.
IP Source Guard and Voice VLAN
IP source guard is supported on a Layer 2 port that belongs to a voice VLAN. For IP source guard to be active on the voice VLAN, DHCP snooping must be enabled on the voice VLAN. In merge mode, the IP source guard feature is merged with VACL and Cisco IOS ACL configured on the access VLAN.
IP Source Guard and Web-Based Authentication
You can configure IP source guard and web-based authentication (see Chapter 86, “Web-Based
) on the same interface. Other VLAN-based features are not supported when IP Source
Guard and web-based authentication are combined.
Default Settings for IP Source Guard
None.
How to Configure IP Source Guard
To enable IP source guard, perform this task:
Command
Step 1 Router(config)# ip dhcp snooping
Step 2 Router(config)# ip dhcp snooping vlan number
[ number ]
Step 3 Router(config)# interface interface-name
Step 4 Router(config-if)# no ip dhcp snooping trust
Purpose
Enables DHCP snooping globally.
Enables DHCP snooping on your VLANs.
Selects the interface to be configured.
Use the no keyword to configure the interface as untrusted.
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
81-3
Chapter 81 IP Source Guard
How to Configure IP Source Guard
Command
Step 5 Router(config-if)# ip verify source vlan dhcp-snooping [ port-security ]
Step 6 Router(config-if)# exit
Step 7 Router(config)# ip source binding mac_address vlan vlan-id ip-address interface interface_name
Step 8 Router(config)# end
Step 9 Router# show ip verify source [ interface interface_name ]
Purpose
Enables IP source guard, source IP address filtering on the port. The following are the command parameters:
• vlan applies the feature to only specific VLANs on the interface. The dhcp-snooping option applies the feature to all VLANs on the interface that have
DHCP snooping enabled.
• port-security enables MAC address filtering. This feature is currently not supported.
Returns to global configuration mode.
(Optional) Configures a static IP binding on the port.
Exits configuration mode.
Verifies the configuration.
81-4
Note The static IP source binding can only be configured on a Layer 2 port. If you enter the ip source binding vlan interface command on a Layer 3 port, you receive this error message:
Static IP source binding can only be configured on switch port.
The no keyword deletes the corresponding IP source binding entry. This command requires an exact match of all the required parameters in order for the deletion to be successful.
This example shows how to enable per-Layer 2 port IP source guard on VLANs 10 through 20:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip dhcp snooping
Router(config)# ip dhcp snooping vlan 10 20
Router(config)# interface gigabitethernet 6/1
Router(config-if)# switchport mode access
Router(config-if)# switchport access vlan 10
Router(config-if)# no ip dhcp snooping trust
Router(config-if)# ip verify source vlan dhcp-snooping
Router(config-if)# end
Router# show ip verify source interface gigabitethernet 6/1
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- ----------------- ----------
Gi6/1 ip active 10.0.0.1 10
Gi6/1 ip active deny-all 11-20
Router#
The output shows that there is one valid DHCP binding to VLAN 10.
This example shows how to configure an interface to use prefer port mode:
Router# configure terminal
Router(config)# interface gigabitethernet 6/1
Router(config-if)# access-group mode prefer port
This example shows how to configure an interface to use merge mode:
Router# configure terminal
Router(config)# interface gigabitEthernet 6/1
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 81 IP Source Guard
Displaying IP Source Guard PACL Information
Router(config-if)# access-group mode merge
Displaying IP Source Guard PACL Information
To display IP source guard PACL information for all interfaces on a switch, perform this task:
Command
Router# show ip verify source [ interface interface-name ]
Purpose
Displays IP source guard PACL information for all interfaces on a switch or for a specified interface.
This example shows that DHCP snooping is enabled on VLAN 10 through 20, interface fa6/1 is configured for IP filtering, and there is an existing IP address binding 10.0.01 on VLAN 10:
Router# show ip verify source interface fa6/1
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- --------fa6/1 ip active 10.0.0.1 10 fa6/1 ip active deny-all 11-20
Note The second entry shows that a default PACL (deny all IP traffic) is installed on the port for those snooping-enabled VLANs that do not have a valid IP source binding.
This example shows the displayed PACL information for a trusted port:
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- --------fa6/2 ip inactive-trust-port
This example shows the displayed PACL information for a port in a VLAN not configured for DHCP snooping:
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- --------fa6/3 ip inactive-no-snooping-vlan
This example shows the displayed PACL information for a port with multiple bindings configured for an
IP/MAC filtering:
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- --------fa6/4 ip active 10.0.0.2 aaaa.bbbb.cccc 10 fa6/4 ip active 11.0.0.1 aaaa.bbbb.cccd 11 fa6/4 ip active deny-all deny-all 12-20
This example shows the displayed PACL information for a port configured for IP/MAC filtering but not for port security:
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- --------fa6/5 ip active 10.0.0.3 permit-all 10 fa6/5 ip active deny-all permit-all 11-20
Note The MAC address filter shows permit-all because port security is not enabled, so the MAC filter cannot apply to the port/VLAN and is effectively disabled. Always enable port security first.
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
81-5
Chapter 81 IP Source Guard
Displaying IP Source Binding Information
This example shows an error message when you enter the show ip verify source command on a port that does not have an IP source filter mode configured:
Router# show ip verify source interface fa6/6
IP Source Guard is not configured on the interface fa6/6.
This example shows how to display all interfaces on the switch that have IP source guard enabled:
Router# show ip verify source
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- --------fa6/1 ip active 10.0.0.1 10 fa6/1 ip active deny-all 11-20 fa6/2 ip inactive-trust-port fa6/3 ip inactive-no-snooping-vlan fa6/4 ip active 10.0.0.2 aaaa.bbbb.cccc 10 fa6/4 ip active 11.0.0.1 aaaa.bbbb.cccd 11 fa6/4 ip active deny-all deny-all 12-20 fa6/5 ip active 10.0.0.3 permit-all 10 fa6/5 ip active deny-all permit-all 11-20
Displaying IP Source Binding Information
To display all IP source bindings configured on all interfaces on a switch, perform this task:
Command
Router# show ip source binding [ ip_address ]
[ mac_address ] [ dhcp-snooping | static ]
[ vlan vlan_id ] [ interface interface_name ]
Purpose
Displays IP source bindings using the optional specified display filters.
The dhcp-snooping filter displays all VLANs on the interface that have DHCP snooping enabled.
This example shows how to display all IP source bindings configured on all interfaces on the switch.
Router# show ip source binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
00:02:B3:3F:3B:99 55.5.5.2 6522 dhcp-snooping 10 GigabitEthernet6/10
00:00:00:0A:00:0B 11.0.0.1 infinite static 10 GigabitEthernet6/10
Router#
Table 81-1 describes the fields in the
show ip source binding command output.
Table 81-1
Field
MAC Address
IP Address
Lease (seconds)
Type
VLAN
Interface show ip source binding Command Output
Description
Client hardware MAC address
Client IP address assigned from the DHCP server
IP address lease time
Binding type; static bindings configured from CLI to dynamic binding learned from DHCP snooping
VLAN number of the client interface
Interface that connects to the DHCP client host
81-6
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 81 IP Source Guard
Displaying IP Source Binding Information
Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page: http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html
Participate in the Technical Documentation Ideas forum
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
81-7
Displaying IP Source Binding Information
Chapter 81 IP Source Guard
81-8
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
advertisement
Key Features
- High port density, with up to 48 Gigabit Ethernet ports or 24 10 Gigabit Ethernet ports per switch
- Advanced QoS features, including traffic shaping, priority queuing, and congestion management
- Modular architecture, allowing for easy expansion of ports and features as needed
- Layer 2 and Layer 3 switching, providing flexibility for a wide range of network topologies
- Comprehensive security features, including access control lists, firewall, and intrusion detection
- Network management tools, including SNMP, Telnet, and CLI, for easy configuration and monitoring
Related manuals
Frequently Answers and Questions
What are the key benefits of using Cisco Catalyst 6800 Series Switches?
What types of networks are Cisco Catalyst 6800 Series Switches ideal for?
How do I configure a Cisco Catalyst 6800 Series Switch?
advertisement
Table of contents
- 41 Preface
- 41 Audience
- 41 Related Documentation
- 41 Conventions
- 42 Obtaining Documentation, Obtaining Support, and Security Guidelines
- 43 Product Overview
- 44 Supervisor Engine 2T-10GE Flash Memory Devices
- 44 Supervisor Engine 2T-10GE Ports
- 45 Supervisor Engine 2T-10GE Connectivity Management Processor (CMP)
- 45 Determining System Hardware Capacity
- 48 Module Status Monitoring
- 48 Enabling Visual Identification of Modules or Ports
- 49 User Interfaces
- 49 Software Features Supported in Hardware by the PFC and DFC
- 53 Command-Line Interfaces
- 53 Accessing the CLI
- 54 Accessing the CLI through the EIA/TIA-232 Console Interface
- 54 Accessing the CLI through Telnet
- 55 Performing Command Line Processing
- 56 Performing History Substitution
- 56 Cisco IOS Command Modes
- 58 Displaying a List of Cisco IOS Commands and Syntax
- 59 Securing the CLI
- 59 ROM-Monitor Command-Line Interface
- 61 Smart Port Macros
- 61 Prerequisites for Smart Port Macros
- 62 Restrictions for Smart Port Macros
- 63 Information About Smart Port Macros
- 63 Information about Cisco-Provided Smart Port Macros
- 64 Information about User-Created Smart Port Macros
- 64 Default Settings for Smart Port Macros
- 64 How to Configure Smart Port Macros
- 64 Using the Cisco-Provided Smart Port Macros
- 64 Using the cisco-global Smart Port Macro
- 65 Using the cisco-desktop Smart Port Macro
- 67 Using the cisco-phone Smart Port Macro
- 69 Using the cisco-switch Smart Port Macro
- 71 Using the cisco-router Smart Port Macro
- 73 Creating Smart Port Macros
- 73 Creating Smart Port Macros
- 74 Applying User-Created Smart Port Macros
- 75 Verifying the Smart Port Macro Configuration
- 77 Virtual Switching Systems
- 77 Prerequisites for VSS
- 78 Restrictions for VSS
- 78 General VSS Restrictions
- 78 VSL Restrictions
- 78 Multichassis EtherChannel (MEC) Restrictions
- 79 Dual-Active Detection Restrictions
- 80 VSS Mode Service Module Restrictions
- 80 Information About Virtual Switching Systems
- 80 VSS Overview
- 81 VSS Topology
- 81 Key Concepts
- 84 VSS Functionality
- 86 Hardware Requirements
- 88 Information about VSL Topology
- 89 VSS Redundancy
- 89 Overview
- 89 RPR and SSO Redundancy
- 90 Failed Chassis Recovery
- 91 VSL Failure
- 91 User Actions
- 91 Multichassis EtherChannels
- 91 Overview
- 92 MEC Failure Scenarios
- 94 Packet Handling
- 94 Packet Handling Overview
- 94 Traffic on the VSL
- 95 Layer 2 Protocols
- 95 Layer 3 Protocols
- 97 SPAN Support with VSS
- 98 System Monitoring
- 98 Power Management
- 98 Environmental Monitoring
- 98 File System Access
- 98 Diagnostics
- 99 Service Modules
- 99 Network Management
- 100 Dual-Active Detection
- 100 Dual-Active Detection Overview
- 100 Dual-Active Detection Using Enhanced PAgP
- 101 Dual-Active Detection Using Dual-Active Fast Hello Packets
- 101 Recovery Actions
- 101 VSS Initialization
- 101 VSS Initialization Overview
- 102 Virtual Switch Link Protocol
- 102 SSO Dependencies
- 103 Initialization Procedure
- 103 Default Settings for VSS
- 104 How to Configure a VSS
- 104 Configuring Easy VSS
- 105 Easy VSS using with-vsl-encryption
- 105 Verifying Easy VSS Configuration
- 106 Converting to a VSS
- 106 VSS Conversion Overview
- 107 Backing Up the Standalone Configuration
- 107 Configuring SSO and NSF
- 108 Assigning Virtual Switch Domain and Switch Numbers
- 109 Configuring the VSL Port Channel
- 110 Configuring the VSL Ports
- 110 Verifying the PFC Operating Mode
- 111 Converting the Chassis to Virtual Switch Mode
- 112 Auto-Configuring the Standby VSL Information
- 112 (Optional) Configuring Standby Chassis Modules
- 113 Displaying VSS Information
- 113 Converting a VSS to Standalone Chassis
- 114 Copying the VSS Configuration to a Backup File
- 114 Converting the Active Chassis to Standalone
- 114 Converting the Peer Chassis to Standalone
- 115 Configuring VSS Parameters
- 115 Configuring VSL Switch Priority
- 116 Configuring the PFC Mode
- 117 Configuring a VSL
- 117 Configuring VSL Encryption
- 119 Displaying VSL Information
- 120 Configuring VSL QoS
- 121 Subcommands for VSL Port Channels
- 121 Subcommands for VSL Ports
- 122 Configuring the Router MAC Address Assignment
- 123 Configuring Deferred Port Activation During Standby Recovery
- 123 Configuring Multichassis EtherChannels
- 124 Configuring Port Load Share Deferral on the Peer Switch
- 124 Configuring Dual-Active Detection
- 124 Configuring Enhanced PAgP Dual-Active Detection
- 126 Configuring Fast Hello Dual-Active Detection
- 127 Configuring the Exclusion List
- 127 Displaying Dual-Active Detection
- 128 Configuring Service Modules in a VSS
- 129 Opening a Session with a Service Module in a VSS
- 129 Assigning a VLAN Group to a Firewall Service Module in a VSS
- 130 Assigning a VLAN Group to an ACE Service Module in a VSS
- 130 Verifying Injected Routes in a Service Module in a VSS
- 131 Viewing Chassis Status and Module Information in a VSS
- 131 How to Upgrade a VSS
- 131 Performing a Fast Software Upgrade of a VSS
- 132 Performing an Enhanced Fast Software Upgrade of a VSS
- 133 eFSU Restrictions and Guidelines
- 134 eFSU Stages for a VSS Upgrade
- 135 Configuring and Performing an eFSU Upgrade
- 137 eFSU Upgrade Example
- 143 Enhanced Fast Software Upgrade
- 144 Prerequisites for eFSU
- 144 Restrictions for eFSU
- 145 Information About eFSU
- 145 eFSU Operation
- 146 Outage Time and Support Considerations
- 146 Reserving Module Memory
- 147 Error Handling for eFSU Preload
- 147 Default Settings for eFSU
- 147 How to Perform an eFSU
- 148 eFSU Summarized Procedure
- 148 Preparing for the Upgrade
- 149 Verifying the Boot Image Version and Boot Variable
- 149 Verifying Redundancy Mode
- 150 Verifying eFSU State
- 150 Copying the New Software Image
- 150 Loading the New Software onto the Standby Supervisor Engine
- 152 Displaying the Maximum Outage Time for Installed Modules (Optional)
- 152 Forcing a Switchover from Active to Standby
- 154 Accepting the New Software Version and Stopping the Rollback Process (Optional)
- 154 Committing the New Software to the Standby
- 154 Verifying the Software Installation
- 155 Aborting the Upgrade Process
- 156 How to Upgrade a Non-eFSU Image to an eFSU Image
- 157 Fast Software Upgrade
- 159 Stateful Switchover (SSO)
- 159 Prerequisites for SSO
- 160 Restrictions for SSO
- 160 General Restrictions
- 160 Configuration Mode Restrictions
- 160 Switchover Process Restrictions
- 161 Information About SSO
- 161 SSO Overview
- 163 SSO Operation
- 164 Route Processor Synchronization
- 164 Synchronization Overview
- 164 Bulk Synchronization During Initialization
- 164 Synchronization of Startup Configuration
- 165 Incremental Synchronization
- 166 SSO Operation
- 166 SSO Conditions
- 167 Switchover Time
- 167 Online Removal of the Active RP
- 167 Fast Software Upgrade
- 167 Core Dump Operation
- 168 SSO-Aware Features
- 168 Default Settings for SSO
- 168 How to Configure SSO
- 169 Troubleshooting SSO
- 169 Possible SSO Problem Situations
- 170 SSO Troubleshooting
- 170 Verifying the SSO Configuration
- 170 Verifying that SSO Is Configured
- 171 Verifying that SSO Is Operating on the Device
- 172 Verifying SSO Features
- 174 Configuration Examples for SSO
- 175 Nonstop Forwarding (NSF)
- 175 Prerequisites for NSF
- 176 Restrictions for NSF
- 176 General Restrictions
- 176 Restrictions for BGP NSF
- 176 Restrictions for EIGRP NSF
- 176 Restrictions for OSPF NSF
- 176 Restrictions for IS-IS NSF
- 177 Restrictions for IPv6 NSF
- 177 Information About NSF
- 177 NSF Overview
- 178 Feature Interaction with NSF
- 178 Cisco Express Forwarding
- 178 Routing Protocol Operation
- 179 BGP Operation
- 179 EIGRP Operation
- 180 IS-IS Operation
- 181 OSPF Operation
- 182 IPv6 Routing Protocol Operation
- 183 Default Settings for NSF
- 183 How to Configure NSF
- 183 Configuring and Verifying BGP for NSF
- 183 Configuring BGP for NSF
- 184 Verifying NSF for BGP
- 184 Configuring and Verifying EIGRP NSF
- 184 Configuring EIGRP for NSF
- 185 Verifying EIGRP for NSF
- 186 Configuring and Verifying OSPF NSF
- 186 Configuring OSPF for NSF
- 186 Verifying OSPF for NSF
- 187 Configuring and Verifying IS-IS NSF
- 187 Configuring NSF for IS-IS
- 188 Verifying NSF for IS-IS
- 188 Troubleshooting Cisco Nonstop Forwarding
- 189 Configuration Examples for NSF
- 189 Example: Configuring BGP NSF
- 189 Example: Configuring BGP NSF Neighbor Device
- 190 Example: Verifying BGP NSF
- 190 Example: Configuring EIGRP NSF Converge Timer
- 190 Example: EIGRP Graceful-Restart Purge-Time Timer Configuration
- 191 Example: Configuring EIGRP NSF Route-Hold Timer
- 191 Example: Configuring EIGRP NSF Signal Timer
- 191 Example: Verifying EIGRP NSF
- 192 Example: Disabling EIGRP NSF Support
- 192 Example: Configuring OSPF NSF
- 192 Example: Verifying OSPF NSF
- 193 Example: Configuring IS-IS NSF
- 193 Example: Verifying IS-IS NSF
- 195 Route Processor Redundancy (RPR)
- 195 Prerequisites for RPR
- 195 Restrictions for RPR
- 196 General RPR Restrictions
- 196 Hardware Restrictions for RPR
- 196 Information About RPR
- 197 Supervisor Engine Redundancy Overview
- 197 RPR Operation
- 198 Supervisor Engine Configuration Synchronization
- 198 Default Settings for RPR
- 198 How to Configure RPR
- 198 Configuring RPR Mode
- 199 Synchronizing the Supervisor Engine Configurations
- 199 Displaying the Redundancy States
- 200 Copying Files to the RP
- 201 Interface Configuration
- 202 Information About Interface Configuration
- 202 How to Configure a Range of Interfaces
- 202 How to Define and Use Interface-Range Macros
- 203 How to Configure Optional Interface Features
- 203 Configuring Ethernet Interface Speed and Duplex Mode
- 204 Speed and Duplex Mode Configuration Guidelines
- 204 Configuring the Ethernet Interface Speed
- 205 Setting the Interface Duplex Mode
- 205 Configuring Link Negotiation on Gigabit Ethernet Ports
- 206 Displaying the Speed and Duplex Mode Configuration
- 206 Configuring Jumbo Frame Support
- 206 Information about Jumbo Frame Support
- 208 Configuring MTU Sizes
- 209 Configuring IEEE 802.3x Flow Control
- 210 Configuring the Port Debounce Timer
- 211 Information About Online Insertion and Removal
- 211 How to Monitor and Maintain Interfaces
- 212 Monitoring Interface Status
- 212 Clearing Counters on an Interface
- 213 Resetting an Interface
- 213 Shutting Down and Restarting an Interface
- 214 How to Check Cable Status with the TDR
- 215 UniDirectional Link Detection ( UDLD)
- 215 Prerequisites for UDLD
- 215 Restrictions for UDLD
- 216 Information About UDLD
- 216 UDLD Overview
- 217 UDLD Aggressive Mode
- 218 Fast UDLD
- 218 Default Settings for UDLD
- 218 How to Configure UDLD
- 219 Enabling UDLD Globally
- 219 Enabling UDLD on LAN Interfaces
- 219 Disabling UDLD on Nonfiber-Optic LAN Interfaces
- 220 Disabling UDLD on Fiber-Optic LAN Interfaces
- 220 Configuring the UDLD Probe Message Interval
- 220 Configuring Fast UDLD
- 221 Configuring Fast UDLD on a Port
- 221 Enabling Fast UDLD Error Reporting
- 221 Resetting Disabled LAN Interfaces
- 223 Instant Access (IA)
- 223 Prerequisites for Instant Access
- 224 Restrictions for Instant Access
- 228 Information About Instant Access
- 229 Default Settings for Instant Access
- 229 How to Configure Instant Access
- 229 Configure Instant Access Staggered Initialization Mode
- 230 Enable FEX Auto-Config
- 230 Enable IA Client Preprovisioning
- 231 Configure Instant Access Port-Channel Interfaces
- 231 Configure Instant Access Channel Groups
- 232 Identify Connected IA Client Stack Modules
- 232 Identify IA Client Stack Modules by Serial Number
- 232 Identify IA Client Modules by Beacon LED
- 233 Easy FEX
- 233 Renumbering FEX Switch-ID
- 236 Configure IA Clients
- 236 Display or Clear SDP and SRP Traffic
- 236 Upgrade FEX using In-Service Software Upgrade (ISSU) Process
- 237 Configure Optional Parameters for an IA Client
- 237 Enter the IA Client Configuration Mode
- 237 Configure a Description
- 238 Configure the Custom Location Type Feature
- 238 Configure MTU
- 239 Configuring EnergyWise
- 241 Power Management
- 241 Power Management Overview
- 242 How to Enable or Disable Power Redundancy
- 243 How to Power Modules Off and On
- 243 How to Display System Power Status
- 244 How to Power Cycle Modules
- 247 Environmental Monitoring
- 247 Environmental Monitoring Overview
- 248 How to Determine Sensor Temperature Thresholds
- 249 How to Monitor the System Environmental Status
- 250 Information About LED Environmental Indications
- 253 Online Diagnostics
- 253 Prerequisites for Online Diagnostics
- 253 Restrictions for Online Diagnostics
- 254 Information About Online Diagnostics
- 254 Default Settings for Online Diagnostics
- 254 How to Configure Online Diagnostics
- 254 Setting Bootup Online Diagnostics Level
- 255 Configuring On-Demand Online Diagnostics
- 257 Scheduling Online Diagnostics
- 257 Configuring Health-Monitoring Diagnostics
- 258 How to Run Online Diagnostic Tests
- 258 Overview of Diagnostic Test Operation
- 258 Starting and Stopping Online Diagnostic Tests
- 259 Running All Online Diagnostic Tests
- 260 Displaying Online Diagnostic Tests and Test Results
- 276 How to Perform Memory Tests
- 276 How to Perform a Diagnostic Sanity Check
- 281 Onboard Failure Logging (OBFL)
- 281 Prerequisites for OBFL
- 282 Restrictions for OBFL
- 282 Information About OBFL
- 282 Overview of OBFL
- 282 Information about Data Collected by OBFL
- 282 OBFL Data Overview
- 283 Temperature
- 284 Operational Uptime
- 287 Interrupts
- 288 Message Logging
- 288 Default Settings for OBFL
- 289 Enabling OBFL
- 290 Configuration Examples for OBFL
- 290 Enabling OBFL Message Logging: Example
- 290 OBFL Message Log: Example
- 290 OBFL Component Uptime Report: Example
- 291 OBFL Report for a Specific Time: Example
- 293 Switch Fabric Functionality
- 293 Prerequisites for Switch Fabric Functionality
- 293 Restrictions for Switch Fabric Functionality
- 294 Information About the Switch Fabric Functionality
- 294 Switch Fabric Functionality Overview
- 294 Forwarding Decisions for Layer 3-Switched Traffic
- 294 Default Settings for Switch Fabric Functionality
- 295 How to Configure the Switch Fabric Functionality
- 296 Monitoring the Switch Fabric Functionality
- 296 Displaying the Switch Fabric Redundancy Status
- 296 Displaying Fabric Channel Switching Modes
- 296 Displaying the Fabric Status
- 297 Displaying the Fabric Utilization
- 297 Displaying Fabric Errors
- 299 Cisco IP Phone Support
- 299 Prerequisites for Cisco IP Phone Support
- 299 Restrictions for Cisco IP Phone Support
- 300 Information About Cisco IP Phone Support
- 300 Cisco IP Phone Connections
- 301 Cisco IP Phone Voice Traffic
- 302 Cisco IP Phone Data Traffic
- 302 Other Cisco IP Phone Features
- 302 Default Setting for Cisco IP Phone Support
- 303 How to Configure Cisco IP Phone Support
- 303 Configuring Voice Traffic Support
- 304 Configuring Data Traffic Support
- 307 Power over Ethernet (PoE) Support
- 307 Prerequisites for PoE
- 307 Restrictions for PoE
- 308 Information About PoE
- 308 Device Roles
- 308 PoE Overview
- 309 CPD-Based PoE Management
- 310 Inline Power IEEE Power Classification Override
- 310 LLDP Inline Power Negotiation for PoE+ (IEEE 802.3at)
- 310 How to Configure PoE Support
- 311 Displaying PoE Status
- 311 Configuring Per-Port PoE Support
- 312 Configuring PoE Power Priority
- 313 Setting the PoE Power Priority Global Enable State
- 313 Configuring PoE Port Power Priority
- 314 Configuring PoE Monitoring and Policing
- 314 Disabling LLDP Power Negotiation (IEEE 802.3at)
- 317 LAN Ports for Layer 2 Switching
- 317 Prerequisites for Layer 2 LAN Interfaces
- 318 Restrictions for Layer 2 LAN Interfaces
- 318 Information About Layer 2 Switching
- 318 Information about Layer 2 Ethernet Switching
- 319 Layer 2 Ethernet Switching Overview
- 319 Building the MAC Address Table
- 320 Information about VLAN Trunks
- 320 Layer 2 LAN Port Modes
- 321 Default Settings for Layer 2 LAN Interfaces
- 321 How to Configure LAN Interfaces for Layer 2 Switching
- 322 Configuring a LAN Port for Layer 2 Switching
- 322 Enabling Out-of-Band MAC Address Table Synchronization
- 323 Configuring MAC Address Table Notification
- 324 Configuring a Layer 2 Switching Port as a Trunk
- 324 Configuring the Layer 2 Trunk to Use DTP
- 325 Configuring the Layer 2 Trunk Not to Use DTP
- 325 Configuring the Access VLAN
- 326 Configuring the 802.1Q Native VLAN
- 326 Configuring the List of VLANs Allowed on a Trunk
- 327 Configuring the List of Prune-Eligible VLANs
- 328 Completing Trunk Configuration
- 328 Verifying Layer 2 Trunk Configuration
- 328 Configuration and Verification Examples
- 329 Configuring a LAN Interface as a Layer 2 Access Port
- 331 Configuring a Custom IEEE 802.1Q EtherType Field Value
- 333 Flex Links
- 333 Prerequisites for Flex Links
- 334 Restrictions for Flex Links
- 334 Information About Flex Links
- 336 Default Settings for Flex Links
- 336 How to Configure Flex Links
- 338 Monitoring Flex Links
- 339 EtherChannels
- 339 Prerequisites for EtherChannels
- 340 Restrictions for EtherChannels
- 341 Information About EtherChannels
- 341 EtherChannel Feature Overview
- 342 Information about EtherChannel Configuration
- 342 EtherChannel Configuration Overview
- 343 Information about Manual EtherChannel Configuration
- 343 Information about PAgP EtherChannel Configuration
- 343 Information about IEEE 802.3ad LACP EtherChannel Configuration
- 344 Information about LACP 1:1 Redundancy
- 345 Information about Port Channel Interfaces
- 345 Information about Load Balancing
- 345 Default Settings for EtherChannels
- 345 How to Configure EtherChannels
- 346 Configuring Port Channel Logical Interfaces
- 347 Configuring Channel Groups
- 349 Configuring the LACP System Priority and System ID
- 349 Configuring EtherChannel Load Balancing
- 350 Configuring the EtherChannel Hash-Distribution Algorithm
- 351 Configuring the Hash-Distribution Algorithm Globally
- 351 Configuring the Hash-Distribution Algorithm for a Port Channel
- 351 Configuring the EtherChannel Min-Links Feature
- 352 Configuring LACP 1:1 Redundancy
- 353 Configuring Auto Interleaved Port Priority For LACP Port Channels
- 354 Configuring LACP Port-Channel Standalone Disable
- 357 IEEE 802.1ak MVRP and MRP
- 357 Prerequisites for IEEE 802.1ak MVRP and MRP
- 358 Restrictions for IEEE 802.1ak MVRP and MRP
- 358 Information About IEEE 802.1ak MVRP and MRP
- 358 Overview
- 360 Dynamic VLAN Creation
- 360 MVRP Interoperability with VTP
- 361 Overview
- 361 VTP in Transparent or Off Mode
- 361 VTP in Server or Client Mode and VTP Pruning is Disabled
- 361 VTP in Server or Client Mode and VTP Pruning is Enabled
- 362 MVRP Interoperation with Non-Cisco Devices
- 362 MVRP Interoperability with Other Software Features and Protocols
- 362 802.1x and Port Security
- 362 DTP
- 363 EtherChannel
- 363 Flex Links
- 363 High Availability
- 363 ISSU and eFSU
- 363 L2PT
- 363 SPAN
- 363 Unknown Unicast and Multicast Flood Control
- 363 STP
- 363 UDLR
- 364 VLANs with MVRP
- 364 Default Settings for IEEE 802.1ak MVRP and MRP
- 364 How to Configure IEEE 802.1ak MVRP and MRP
- 364 Enabling MVRP
- 365 Enabling Automatic Detection of MAC Addresses
- 365 Enabling MVRP Dynamic VLAN Creation
- 366 Changing the MVRP Registrar State
- 366 Troubleshooting the MVRP Configuration
- 367 Configuration Examples for IEEE 802.1ak MVRP and MRP
- 367 Enabling MVRP
- 367 Enabling MVRP Automatic Detection of MAC Addresses
- 368 Enabling Dynamic VLAN Creation
- 368 Changing the MVRP Registrar State
- 369 VLAN Trunking Protocol (VTP)
- 369 Prerequisites for VTP
- 369 Restrictions for VTP
- 370 Information About VTP
- 371 VTP Overview
- 371 VTP Domains
- 372 VTP Modes
- 372 VTP Advertisements
- 373 VTP Authentication
- 373 VTP Version 2
- 374 VTP Version 3
- 375 VTP Pruning
- 377 VLAN Interaction
- 377 Interaction Between VTP Version 3 and VTP Version 2 Devices
- 377 Interaction Between VTP Version 3 and VTP Version 1 Devices
- 377 Default Settings for VTP
- 378 How to Configure VTP
- 378 Configuring VTP Global Parameters
- 378 Configuring VTP Version 1 and Version 2 Passwords
- 379 Configuring VTP Version 3 Password
- 379 Configuring VTP Version 3 Server Type
- 380 Enabling VTP Pruning
- 381 Enabling VTP Version 2
- 381 Enabling VTP Version 3
- 383 Configuring the VTP Mode
- 384 Configuring VTP Mode on a Per-Port Basis
- 385 Displaying VTP Statistics
- 387 Virtual Local Area Networks (VLANs)
- 387 Prerequisites for VLANs
- 388 Restrictions for VLANs
- 388 Information About VLANs
- 388 VLAN Overview
- 388 VLAN Ranges
- 389 Default Settings for VLANs
- 390 How to Configure VLANs
- 390 Configurable VLAN Parameters
- 390 VLAN Locking
- 391 Creating or Modifying an Ethernet VLAN
- 392 Assigning a Layer 2 LAN Interface to a VLAN
- 392 Configuring the Internal VLAN Allocation Policy
- 393 Configuring VLAN Translation
- 393 VLAN Translation Guidelines and Restrictions
- 394 Configuring VLAN Translation on a Trunk Port
- 395 Enabling VLAN Translation on Other Ports in a Port Group
- 395 Saving VLAN Information
- 397 Private VLANs
- 397 Prerequisites for Private VLANs
- 398 Restrictions for Private VLANs
- 398 Secondary and Primary VLANs
- 400 Private VLAN Ports
- 400 Limitations with Other Features
- 401 Information About Private VLANs
- 401 Private VLAN Domains
- 403 Private VLAN Ports
- 403 Primary, Isolated, and Community VLANs
- 404 Private VLAN Port Isolation
- 404 IP Addressing Scheme with Private VLANs
- 405 Private VLANs Across Multiple Switches
- 405 Private VLAN Interaction with Other Features
- 406 Private VLANs and Unicast, Broadcast, and Multicast Traffic
- 406 Private VLANs and SVIs
- 406 Default Settings for Private VLANs
- 406 How to Configure Private VLANs
- 407 Configuring a VLAN as a Private VLAN
- 408 Associating Secondary VLANs with a Primary VLAN
- 409 Mapping Secondary VLANs to the Layer 3 VLAN Interface of a Primary VLAN
- 410 Configuring a Layer 2 Interface as a Private VLAN Host Port
- 411 Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port
- 412 Monitoring Private VLANs
- 413 Private Hosts
- 413 Prerequisites for Private Hosts
- 413 Restrictions for Private Hosts
- 414 General Private Host Restrictions
- 414 Private Host ACL Restrictions
- 415 Private Host VLAN on Trunk Port Restrictions
- 415 Private Host Interaction with Other Features
- 415 Private Host Spoofing Protection
- 416 Private Host Multicast Operation
- 416 Information About Private Hosts
- 416 Private Hosts Overview
- 416 Isolating Hosts in a VLAN
- 417 Restricting Traffic Flow (Using Private Hosts Port Mode and PACLs)
- 419 Port ACLs
- 420 Default Settings for Private Hosts
- 420 How to Configure Private Hosts
- 420 Configuration Summary
- 421 Detailed Configuration Steps
- 422 Configuration Examples
- 425 IEEE 802.1Q Tunneling
- 425 Prerequisites for 802.1Q Tunneling
- 425 Restrictions for 802.1Q Tunneling
- 428 Information About 802.1Q Tunneling
- 429 Default Settings for 802.1Q Tunneling
- 430 How to Configure 802.1Q Tunneling
- 430 Configuring 802.1Q Tunnel Ports
- 430 Configuring the Switch to Tag Native VLAN Traffic
- 431 Configuring the Switch to Tag Native VLAN Traffic Globally
- 431 Configuring Ports Not to Tag Native VLAN Traffic
- 433 Layer 2 Protocol Tunneling
- 433 Prerequisites for Layer 2 Protocol Tunneling
- 433 Restrictions for Layer 2 Protocol Tunneling
- 434 Information About Layer 2 Protocol Tunneling
- 434 Default Settings for Layer 2 Protocol Tunneling
- 435 How to Configure Layer 2 Protocol Tunneling
- 439 Spanning Tree Protocols
- 439 Prerequisites for Spanning Tree Protocols
- 440 Restrictions for Spanning Tree Protocols
- 440 Information About Spanning Tree Protocols
- 440 Information about STP
- 441 STP Overview
- 441 Information about the Bridge ID
- 442 Information about Bridge Protocol Data Units
- 443 Election of the Root Bridge
- 443 STP Protocol Timers
- 444 Creating the Spanning Tree Topology
- 444 STP Port States
- 450 STP and IEEE 802.1Q Trunks
- 451 Information about IEEE 802.1w RSTP
- 451 RSTP Overview
- 451 Port Roles and the Active Topology
- 452 Rapid Convergence
- 453 Synchronization of Port Roles
- 454 Bridge Protocol Data Unit Format and Processing
- 455 Topology Changes
- 456 Information about MST
- 456 MST Overview
- 457 MST Regions
- 457 IST, CIST, and CST
- 460 Hop Count
- 460 Boundary Ports
- 461 Standard-Compliant MST Implementation
- 462 Interoperability with IEEE 802.1D-1998 STP
- 463 Detecting Unidirectional Link Failure
- 463 Default Settings for Spanning Tree Protocols
- 463 Default STP Configuration
- 464 Default MST Configuration
- 464 How to Configure Spanning Tree Protocols
- 464 Configuring STP
- 465 Enabling STP
- 466 Enabling the Extended System ID
- 467 Configuring the Root Bridge
- 468 Configuring a Secondary Root Bridge
- 469 Configuring STP Port Priority
- 470 Configuring STP Port Cost
- 472 Configuring the Bridge Priority of a VLAN
- 473 Configuring the Hello Time
- 473 Configuring the Forward-Delay Time for a VLAN
- 474 Configuring the Maximum Aging Time for a VLAN
- 474 Enabling Rapid-PVST+
- 475 Configuring MST
- 476 Specifying the MST Region Configuration and Enabling MST
- 477 Configuring the Root Bridge
- 478 Configuring a Secondary Root Bridge
- 479 Configuring Port Priority
- 480 Configuring Path Cost
- 481 Configuring the Switch Priority
- 482 Configuring the Hello Time
- 483 Configuring the Forwarding-Delay Time
- 483 Configuring the Transmit Hold Count
- 483 Configuring the Maximum-Aging Time
- 484 Configuring the Maximum-Hop Count
- 484 Specifying the Link Type to Ensure Rapid Transitions
- 484 Designating the Neighbor Type
- 485 Restarting the Protocol Migration Process
- 485 Displaying the MST Configuration and Status
- 487 Optional STP Features
- 488 PortFast
- 488 Information about PortFast
- 488 Enabling PortFast
- 488 Configuring the PortFast Default State
- 489 Enabling PortFast on a Layer 2 Port
- 490 Bridge Assurance
- 490 Information about Bridge Assurance
- 493 Enabling Bridge Assurance
- 493 BPDU Guard
- 493 Information about BPDU Guard
- 493 Enabling BPDU Guard
- 494 Enabling BPDU Guard Globally
- 494 Enabling BPDU Guard on a Port
- 495 PortFast Edge BPDU Filtering
- 495 Information about PortFast Edge BPDU Filtering
- 496 Enabling PortFast Edge BPDU Filtering
- 496 Enabling PortFast Edge BPDU Filtering Globally
- 497 Enabling PortFast Edge BPDU Filtering on a Nontrunking Port
- 497 UplinkFast
- 497 Information about UplinkFast
- 498 Enabling UplinkFast
- 499 BackboneFast
- 499 Information about BackboneFast
- 501 Enabling BackboneFast
- 502 EtherChannel Guard
- 502 Information about EtherChannel Guard
- 502 Enabling EtherChannel Guard
- 503 Root Guard
- 503 Information about Root Guard
- 503 Enabling Root Guard
- 503 Loop Guard
- 503 Information about Loop Guard
- 505 Enabling Loop Guard
- 506 PVST Simulation
- 506 Information about PVST Simulation
- 507 Configuring PVST Simulation
- 507 Verifying the Optional STP Features
- 508 Using the show spanning-tree Commands
- 508 Examples of the show spanning-tree Commands
- 513 IP Unicast Layer 3 Switching
- 513 Prerequisites for Hardware Layer 3 Switching
- 514 Restrictions for Hardware Layer 3 Switching
- 514 Information About Layer 3 Switching
- 514 Hardware Layer 3 Switching
- 514 Layer 3-Switched Packet Rewrite
- 516 Default Settings for Hardware Layer 3 Switching
- 516 How to Configure Hardware Layer 3 Switching
- 517 Displaying Hardware Layer 3 Switching Statistics
- 519 Policy-Based Routing (PBR)
- 519 Prerequisites for PBR
- 520 Restrictions for PBR
- 520 Information About PBR
- 520 PBR Overview
- 521 PBR Recursive Next Hop for IPv4 Traffic
- 521 Default Settings for PBR
- 521 How to Configure PBR
- 522 Configuring PBR
- 523 Configuring Local PBR
- 523 Configuring PBR Recursive Next Hop
- 523 Setting the Recursive Next-Hop IP Address
- 524 Verifying the Recursive Next-Hop Configuration
- 525 Configuration Examples for PBR
- 525 Equal Access Example
- 526 Differing Next Hops Example
- 526 Recursive Next-Hop IP Address: Example
- 527 Layer 3 Interfaces
- 527 Restrictions for Layer 3 Interfaces
- 529 How to Configure Subinterfaces on Layer 3 Interfaces
- 531 Unidirectional Ethernet (UDE) and Unidirectional Link Routing (UDLR)
- 531 Prerequisites for UDE and UDLR
- 532 Restrictions for UDE and UDLR
- 532 UDE Restrictions
- 533 UDLR Back-Channel Tunnel Restrictions
- 533 Information About UDE and UDLR
- 533 UDE and UDLR Overview
- 533 Information about UDE
- 534 UDE Overview
- 534 Hardware-Based UDE
- 534 Software-Based UDE
- 534 Information about UDLR
- 534 Default Settings for UDE and UDLR
- 535 How to Configure UDE and UDLR
- 535 Configuring UDE
- 535 Configuring Hardware-Based UDE
- 535 Configuring Software-Based UDE
- 536 Configuring UDLR
- 537 Configuring a Receive-Only Tunnel Interface for a UDE Send-Only Port
- 537 Configuring a Send-Only Tunnel Interface for a UDE Receive-Only Port
- 539 Multiprotocol Label Switching (MPLS)
- 539 Prerequisites for MPLS
- 539 Restrictions for MPLS
- 540 Information About MPLS
- 540 MPLS Overview
- 542 IP to MPLS
- 542 MPLS to MPLS
- 542 MPLS to IP
- 543 MPLS VPN Forwarding
- 543 Recirculation
- 543 Hardware Supported Features
- 544 Supported MPLS Features
- 545 Default Settings for MPLS
- 545 How to Configure MPLS Features
- 545 Configuring MPLS
- 545 Configuring MUX-UNI Support on LAN Cards
- 547 Configuration Examples for MPLS
- 549 MPLS VPN Support
- 549 Prerequisites for MPLS VPN
- 550 Restrictions for MPLS VPN
- 550 Information About MPLS VPN Support
- 551 How to Configure MPLS VPNs
- 552 Configuration Example for MPLS VPNs
- 555 Ethernet over MPLS (EoMPLS)
- 555 Prerequisites for EoMPLS
- 556 Restrictions for EoMPLS
- 557 Information About EoMPLS
- 557 AToM Overview
- 557 EoMPLS Overview
- 557 Default Settings for EoMPLS
- 558 How to Configure EoMPLS
- 558 Configuring VLAN-Based EoMPLS
- 560 Configuring Port-Based EoMPLS
- 565 Configuring A-VPLS
- 565 Prerequisites for A-VPLS
- 566 Restrictions for A-VPLS
- 566 Information About A-VPLS
- 567 How to Configure A-VPLS
- 567 Enabling Load-Balancing with ECMP and FAT Pseudowires
- 568 Enabling Port-Channel Load-Balancing
- 568 Explicitly Specifying the PE Routers As Part of Virtual Ethernet Interface Configuration
- 569 Configuring an MPLS Traffic Engineering Tunnel
- 570 Configuring a GRE Tunnel
- 572 Routed Pseudo-Wire (RPW) and Routed VPLS
- 575 Ethernet Virtual Connections (EVCs)
- 575 Prerequisites for EVCs
- 576 Restrictions for EVCs
- 577 Information About EVCs
- 577 EVC Overview
- 578 Ethernet Flow Points
- 578 Service Instances and EFPs
- 579 Encapsulation (Flexible Service Mapping)
- 581 EFPs and MSTP
- 581 Bridge Domains
- 581 Bridge Domain Overview
- 582 Ethernet MAC Address Learning
- 582 Flooding of Layer 2 Frames for Unknown MAC and Broadcast Addresses
- 582 Layer 2 Destination MAC Address-Based Forwarding
- 582 MAC Address Aging
- 582 MAC Address Table
- 583 Rewrite Operations
- 583 Layer 3 and Layer 4 ACL Support
- 583 Advanced Frame Manipulation
- 583 Egress Frame Filtering
- 583 Default Settings for EVCs
- 584 How to Configure EVCs
- 586 Two Service Instances Joining the Same Bridge Domain
- 586 Bridge Domains and VLAN Encapsulation
- 587 Rewrite
- 588 Monitoring EVCs
- 589 Layer 2 over Multipoint GRE (L2omGRE)
- 589 Prerequisites for L2omGRE
- 590 Restrictions for L2omGRE
- 590 Information About L2omGRE
- 591 Default Settings for L2omGRE
- 591 How to Configure L2omGRE
- 591 Configuring a Loopback Interface
- 591 Configuring an mGRE Tunnel Interface
- 592 Configuring a VLAN Interface
- 593 L2omGRE Configuration Examples
- 593 Verifying the L2omGRE Configuration
- 595 Campus Fabric
- 595 Understanding Fabric Domain Elements
- 595 Campus Fabric Licensing
- 596 Example: Show commands for license right-to-use
- 596 show license right-to-use
- 597 Campus Fabric Configuration Guidelines
- 598 How to Configure Fabric Overlay
- 598 Configuring Fabric Edge Devices
- 598 Configuring Control-Plane Devices Using IPv4
- 598 Before You Begin
- 599 Configuring Control-Plane Devices Using IPv6
- 599 Before You Begin
- 600 Configuring Border Devices Using IPv4
- 600 Before You Begin
- 601 Configuring Border Devices Using IPv6
- 602 Before You Begin
- 603 Example: Configuring Fabric Border and Control-Plane Devices
- 603 Fabric Border Router Using IPv4
- 604 Fabric Border Router Using IPv6
- 604 Control Plane Using IPv4
- 605 Control Plane Using IPv6
- 607 IPv4 Multicast Layer 3 Features
- 607 Prerequisites for IPv4 Multicast Layer 3 Features
- 607 Restrictions for IPv4 Multicast Layer 3 Features
- 608 Information About IPv4 Multicast Layer 3 Features
- 608 IPv4 Multicast Layer 3 Features Overview
- 609 Distributed MRIB and MFIB Infrastructure
- 610 Multicast Layer 3 Hardware Features Entries
- 610 Layer 3-Switched Multicast Statistics
- 611 Layer 3-Switched Multicast Packet Rewrite
- 611 Replication Modes
- 612 Local Egress Replication Mode
- 612 PIM-SM hardware register support
- 612 PIM-SM hardware SPT-switchover support
- 613 Control Plane Policing (CoPP)
- 613 Non-RPF Traffic Processing
- 613 Multicast Boundary
- 614 IPv4 Bidirectional PIM
- 614 Supported Multicast Features
- 615 Hardware-Supported IPv4 Layer 3 Features
- 616 Unsupported IPv4 Layer 3 Features
- 617 Hardware-Supported IPv6 Layer 3 Multicast Features
- 617 Partially Hardware-Supported IPv6 Layer 3 Multicast Features
- 618 Software-Supported IPv6 Layer 3 Multicast Features
- 618 Unsupported IPv6 Layer 3 Multicast Features
- 618 Hardware-Supported Layer 2 Common Multicast Features
- 618 Unsupported Layer 2 Common Multicast Features
- 619 Hardware-Supported Layer 2 Enterprise Multicast Features
- 619 Unsupported Layer 2 Enterprise Multicast Features
- 619 Hardware-Supported Layer 2 Metro Multicast Features
- 619 Unsupported Layer 2 Metro Multicast Features
- 620 Hardware-Supported MPLS Multicast Features
- 620 Unsupported MPLS Multicast Features
- 620 Hardware-Supported Security Multicast Features
- 620 Software-Supported Security Multicast Features
- 620 Unsupported Security Multicast Features
- 621 Default Settings for IPv4 Multicast Layer 3 Features
- 621 How to Configure IPv4 Multicast Layer 3 Features
- 622 Enabling IPv4 Multicast Routing Globally
- 622 Enabling IPv4 PIM on Layer 3 Interfaces
- 622 Enabling IP Multicast Layer 3 Switching on Layer 3 Interfaces
- 623 Enabling IP MFIB forwarding on Layer 3 Interfaces
- 624 Configuring the Replication Mode
- 624 Configuring Multicast Boundary
- 625 Verifying Local Egress Replication
- 626 Displaying IPv4 Multicast PIM-SM register tunnel information
- 626 Displaying the IPv4 Multicast Routing Table
- 627 Displaying IPv4 MRIB Information
- 628 Displaying IPv4 MFIB Information
- 629 Viewing Directly Connected Entries
- 630 Displaying IPv4 Hardware Switching Information
- 631 Displaying IPv4 CoPP Information
- 632 Source-Specific Multicast with IGMPv3, IGMP v3lite, and URD
- 632 Configuring IPv4 Bidirectional PIM
- 633 Enabling IPv4 Bidirectional PIM Globally
- 633 Configuring the Rendezvous Point for IPv4 Bidirectional PIM Groups
- 633 Displaying IPv4 Bidirectional PIM Information
- 637 Using IPv4 Debug Commands
- 637 Redundancy for Multicast Traffic
- 639 IGMP Snooping for IPv4 Multicast Traffic
- 639 Prerequisites for IGMP Snooping
- 639 Restrictions for IGMP Snooping
- 640 General IGMP Snooping Restrictions
- 640 IGMP Snooping Querier Restrictions
- 640 Information About IGMP Snooping
- 641 IGMP Snooping Overview
- 641 Joining a Multicast Group
- 643 Leaving a Multicast Group
- 643 Normal Leave Processing
- 644 Immediate-Leave Processing
- 644 Information about the IGMP Snooping Querier
- 644 Information about IGMP Version 3 Support
- 645 IGMP Version 3 Support Overview
- 645 IGMPv3 Immediate-Leave Processing
- 645 Proxy Reporting
- 646 Explicit Host Tracking
- 646 Default Settings for IGMP Snooping
- 646 How to Configure IGMP Snooping
- 647 Enabling the IGMP Snooping Querier
- 647 Enabling IGMP Snooping
- 647 Enabling IGMP Snooping Globally
- 648 Enabling IGMP Snooping in a VLAN
- 649 Configuring the IGMP Snooping Lookup Method
- 649 Configuring a Static Connection to a Multicast Receiver
- 650 Configuring a Multicast Router Port Statically
- 650 Configuring the IGMP Snooping Query Interval
- 651 Enabling IGMP Snooping Immediate-Leave Processing
- 651 Configuring IGMPv3 Snooping Explicit Host Tracking
- 652 Displaying IGMP Snooping Information
- 652 Displaying Multicast Router Interfaces
- 653 Displaying MAC Address Multicast Entries
- 653 Displaying IGMP Snooping Information for a VLAN Interface
- 655 PIM Snooping
- 655 Prerequisites for PIM Snooping
- 656 Restrictions for PIM Snooping
- 656 Information About PIM Snooping
- 658 Default Settings for PIM Snooping
- 659 How to Configure PIM Snooping
- 659 Enabling PIM Snooping Globally
- 659 Enabling PIM Snooping in a VLAN
- 660 Disabling PIM Snooping Designated-Router Flooding
- 661 Multicast VLAN Registration (MVR)
- 661 Restrictions for MVR
- 661 Restrictions for MVR
- 662 Information About MVR
- 662 MVR Overview
- 663 Using MVR in a Multicast Television Application
- 665 Default MVR Configuration
- 665 How to Configure MVR
- 665 Configuring MVR Global Parameters
- 666 Configuring MVR Interfaces
- 668 Clearing MVR Counters
- 668 Displaying MVR Information
- 671 IPv4 IGMP Filtering
- 671 Prerequisites for IGMP Filtering
- 671 Restrictions for IGMP Filtering
- 672 Information About IGMP Filtering
- 673 IGMP Filtering Overview
- 674 IGMP Filter Precedence
- 674 Access Mode
- 674 Trunk Mode
- 674 Default Settings for IGMP Filtering
- 674 How to Configure IGMP Filters
- 674 Configuring IGMP Group and Channel Access Control
- 675 Configuring IGMP Group and Channel Limits
- 675 Configuring IGMP Version Filtering
- 676 Clearing IGMP Filtering Statistics
- 676 Verifying the IGMP Filtering Configuration
- 676 Displaying IGMP Filtering Configuration
- 677 Displaying IGMP Filtering Statistics
- 678 Configuration Examples for IGMP Filtering
- 681 IPv4 Router Guard
- 681 Prerequisites for Router Guard
- 681 Restrictions for Router Guard
- 682 Information About Router Guard
- 682 Default Settings for Router Guard
- 682 How to Configure Router Guard
- 683 Enabling Router Guard Globally
- 683 Disabling Router Guard on Ports
- 683 Clearing Router Guard Statistics
- 684 Verifying the Router Guard Configuration
- 684 Displaying Router Guard Configuration
- 685 Displaying Router Guard Interfaces
- 687 IPv4 Multicast VPN Support
- 687 Prerequisites for mVPNs
- 687 Restrictions for mVPNs
- 688 General Restrictions
- 689 mVPN with L3VPN over mGRE Restrictions
- 689 Information About mVPN
- 689 mVPN Overview
- 690 Multicast Routing and Forwarding and Multicast Domains
- 690 Multicast Distribution Trees
- 693 Multicast Tunnel Interfaces
- 694 PE Router Routing Table Support for mVPN
- 694 Multicast Distributed Switching Support
- 694 Hardware-Assisted IPv4 Multicast
- 695 Information About mVPN with L3VPN over mGRE
- 695 Overview
- 695 Route Maps
- 696 Tunnel Endpoint Discovery and Forwarding
- 696 Tunnel Decapsulation
- 696 Tunnel Source
- 696 Default Settings for mVPNs
- 697 How to Configure mVPNs
- 697 Configuring a Multicast VPN Routing and Forwarding Instance
- 697 Configuring a VRF Entry
- 698 Configuring the Route Distinguisher
- 698 Configuring the Route-Target Extended Community
- 699 Configuring the Default MDT
- 699 Configuring Data MDTs (Optional)
- 700 Enabling Data MDT Logging
- 700 Sample Configuration
- 701 Displaying VRF Information
- 702 Configuring Multicast VRF Routing
- 702 Enabling IPv4 Multicast Routing Globally
- 703 Enabling IPv4 Multicast VRF Routing
- 703 Specifying the PIM VRF RP Address
- 704 Configuring a PIM VRF Register Message Source Address (Optional)
- 704 Configuring an MSDP Peer (Optional)
- 704 Configuring the Maximum Number of Multicast Routes (Optional)
- 705 Configuring IPv4 Multicast Route Filtering (Optional)
- 705 Sample Configuration
- 706 Displaying IPv4 Multicast VRF Routing Information
- 706 Configuring Interfaces for Multicast Routing to Support mVPN
- 706 Multicast Routing Configuration Overview
- 707 Configuring PIM on an Interface
- 707 Configuring an Interface for IPv4 VRF Forwarding
- 708 Sample Configuration
- 708 Configuring mVPN with L3VPN over mGRE
- 708 Configuring an L3VPN Encapsulation Profile
- 709 Configuring BGP and Route Maps
- 713 Configuration Examples for mVPNs
- 713 mVPN Configuration with Default MDTs Only
- 715 mVPN Configuration with Default and Data MDTs
- 718 Verifying the mVPN with L3VPN over mGRE Configuration
- 719 Configuration Sequence for mVPN with L3VPN over mGRE
- 721 IPv6 Multicast Support
- 721 Prerequisites for IPv6 Multicast
- 721 Restrictions for IPv6 Multicast
- 722 Information About IPv6 Multicast Support
- 722 Hardware-Supported IPv6 Layer 3 Multicast Features
- 723 Partially Hardware-Supported IPv6 Layer 3 Multicast Features
- 723 Software-Supported IPv6 Layer 3 Multicast Features
- 723 Unsupported IPv6 Layer 3 Multicast Features
- 724 How to Configure IPv6 Multicast Support
- 724 Verifying the IPv6 Multicast Layer 3 Configuration
- 725 Verifying MFIB Clients
- 725 Displaying the Switching Capability
- 725 Verifying the (S,G) Forwarding Capability
- 725 Verifying the (*,G) Forwarding Capability
- 725 Verifying the Subnet Entry Support Status
- 725 Verifying the Current Replication Mode
- 725 Displaying the Replication Mode Auto-Detection Status
- 726 Displaying the Replication Mode Capabilities
- 726 Displaying Subnet Entries
- 726 Displaying the IPv6 Multicast Summary
- 727 Displaying the NetFlow Hardware Forwarding Count
- 727 Displaying the FIB Hardware Bridging and Drop Counts
- 728 Displaying the Shared and Well-Known Hardware Adjacency Counters
- 729 IPv6 MLD Snooping
- 729 Prerequisites for MLD Snooping
- 730 Restrictions for MLD Snooping
- 730 General MLD Snooping Restrictions
- 730 MLD Snooping Querier Restrictions
- 731 Information About MLD Snooping
- 731 MLD Snooping Overview
- 732 MLD Messages
- 732 Source-Based Filtering
- 732 Explicit Host Tracking
- 733 MLD Snooping Proxy Reporting
- 733 Joining an IPv6 Multicast Group
- 735 Leaving a Multicast Group
- 735 Normal Leave Processing
- 736 Fast-Leave Processing
- 736 Information about the MLD Snooping Querier
- 737 Default MLD Snooping Configuration
- 737 How to Configure MLD Snooping
- 738 Enabling the MLD Snooping Querier
- 738 Configuring the MLD Snooping Query Interval
- 739 Enabling MLD Snooping
- 739 Enabling MLD Snooping Globally
- 739 Enabling MLD Snooping in a VLAN
- 740 Configuring a Static Connection to a Multicast Receiver
- 740 Configuring a Multicast Router Port Statically
- 740 Enabling Fast-Leave Processing
- 741 Enabling SSM Safe Reporting
- 741 Configuring Explicit Host Tracking
- 742 Configuring Report Suppression
- 742 Verifying the MLD Snooping Configuration
- 742 Displaying Multicast Router Interfaces
- 742 Displaying MAC Address Multicast Entries
- 743 Displaying MLD Snooping Information for a VLAN Interface
- 745 NetFlow Hardware Support
- 745 Prerequisites for NetFlow Hardware Support
- 745 Restrictions for NetFlow Hardware Support
- 746 Information About NetFlow Hardware Support
- 746 Default Settings for NetFlow Hardware Support
- 746 How to Configure NetFlow Hardware Support
- 747 Configuring Inactive Flow Aging
- 747 Configuring Fast Aging
- 748 Configuring Active Flow Aging
- 748 Verifying the NetFlow Table Aging Configuration
- 751 Call Home
- 752 Prerequisites for Call Home
- 752 Restrictions for Call Home
- 753 Information About Call Home
- 753 Call Home Overview
- 754 Anonymous Reporting
- 754 Smart Call Home
- 755 Alert Group Trigger Events and Commands
- 763 Message Contents
- 767 Sample Syslog Alert Notification in Long-Text Format
- 767 Sample Syslog Alert Notification in XML Format
- 771 Default Settings for Call Home
- 771 How to Configure Call Home
- 771 Configuring Call Home Customer Contact Information
- 772 Configuring Destination Profiles
- 773 Destination Profile Overview
- 773 Configuring Call Home to Use VRF
- 774 Configuring a Destination Profile to Send Email Messages
- 776 Configuring an Anonymous Mode Profile
- 777 Configuring an HTTP Proxy Server
- 777 Configuring a Destination Profile to Send HTTP Messages
- 778 Destination Profile Management
- 781 Subscribing to Alert Groups
- 781 Overview of Alert Group Subscription
- 781 Configuring Alert Group Subscription
- 783 Periodic Notification
- 783 Message Severity Thresholds
- 785 Configuring the Snapshot Command List
- 785 Enabling AAA Authorization to Run IOS Commands for Call Home Messages
- 786 Configuring Syslog Pattern Matching
- 787 Configuring Call Home Data Privacy
- 787 Enabling Call Home
- 788 Configuring Call Home Traffic Rate Limiting
- 788 Configuring Syslog Throttling
- 788 Testing Call Home Communications
- 789 Sending a Call Home Test Message Manually
- 789 Sending a Call Home Alert Group Message Manually
- 790 Sending a Request for an Analysis and Report
- 791 Sending the Output of a Command
- 792 Configuring the Smart Call Home Service
- 792 Smart Call Home Overview
- 792 Smart Call Home Service Prerequisites
- 793 Configuring Smart Call Home with a Single Command
- 794 Enabling the Smart Call Home Service
- 795 Start Smart Call Home Registration
- 795 Verifying the Call Home Configuration
- 803 System Event Archive (SEA)
- 803 Information About the System Event Archive
- 804 How to Display the SEA Logging System
- 805 How to Copy the SEA To Another Device
- 807 Backplane Traffic Monitoring
- 807 Prerequisites for Backplane Traffic Monitoring
- 808 Restrictions for Backplane Traffic Monitoring
- 808 Information About Traffic Monitoring
- 808 Default Settings for Backplane Traffic Monitoring
- 809 How to Configure Backplane Traffic Monitoring
- 811 Local SPAN, RSPAN, and ERSPAN
- 811 Prerequisites for Local SPAN, RSPAN, and ERSPAN
- 812 Restrictions for Local SPAN, RSPAN, and ERSPAN
- 812 Feature Incompatibilities
- 813 Local SPAN, RSPAN, and ERSPAN Session Limits
- 813 Local SPAN, RSPAN, and ERSPAN Interface Limits
- 813 General Restrictions for Local SPAN, RSPAN, and ERSPAN
- 815 Restrictions for VSPAN
- 815 Restrictions for RSPAN
- 816 Restrictions for ERSPAN
- 817 Restrictions for Distributed Egress SPAN Mode
- 817 Information About Local SPAN, RSPAN, and ERSPAN
- 817 Local SPAN, RSPAN, and ERSPAN Overview
- 817 SPAN Operation
- 818 Local SPAN Overview
- 818 RSPAN Overview
- 819 ERSPAN Overview
- 820 Traffic Monitored at SPAN Sources
- 821 Local SPAN, RSPAN, and ERSPAN Sources
- 821 Source Ports and EtherChannels
- 821 Source VLANs
- 822 Local SPAN, RSPAN, and ERSPAN Destinations
- 822 Default Settings for Local SPAN, RSPAN, and ERSPAN
- 822 How to Configure Local SPAN, RSPAN, and ERSPAN
- 823 Configuring a Destination as an Unconditional Trunk (Optional)
- 823 Configuring Destination Trunk VLAN Filtering (Optional)
- 825 Configuring Destination Port Permit Lists (Optional)
- 825 Configuring the Egress SPAN Mode (Optional)
- 826 Configuring Local SPAN
- 826 Configuring Local SPAN (SPAN Configuration Mode)
- 828 Configuring Local SPAN (Global Configuration Mode)
- 830 Configuring RSPAN
- 830 Configuring RSPAN VLANs
- 830 Configuring RSPAN Sessions (SPAN Configuration Mode)
- 833 Configuring RSPAN Sessions (Global Configuration Mode)
- 836 Configuring ERSPAN
- 836 Configuring ERSPAN Source Sessions
- 838 Configuring ERSPAN Destination Sessions
- 840 Configuring Source VLAN Filtering in Global Configuration Mode
- 841 Verifying the SPAN Configuration
- 841 Configuration Examples for SPAN
- 845 SNMP IfIndex Persistence
- 845 Prerequisites for SNMP IfIndex Persistence
- 845 Restrictions for SNMP IfIndex Persistence
- 846 Information About SNMP IfIndex Persistence
- 846 Default Settings for SNMP IfIndex Persistence
- 846 How to Configure SNMP IfIndex Persistence
- 846 Enabling SNMP IfIndex Persistence Globally
- 847 Disabling SNMP IfIndex Persistence Globally
- 847 Enabling and Disabling SNMP IfIndex Persistence on Specific Interfaces
- 848 Clearing SNMP IfIndex Persistence Configuration from a Specific Interface
- 849 Top-N Reports
- 849 Prerequisites for Top-N Reports
- 849 Restrictions for Top-N Reports
- 850 Information About Top-N Reports
- 850 Top-N Reports Overview
- 850 Top-N Reports Operation
- 851 Default Settings for Top-N Reports
- 851 How to Use Top-N Reports
- 851 Enabling Top-N Reports Creation
- 852 Displaying Top-N Reports
- 853 Clearing Top-N Reports
- 855 Layer 2 Traceroute Utility
- 855 Prerequisites for the Layer 2 Traceroute Utility
- 855 Restrictions for the Layer 2 Traceroute Utility
- 856 Information About the Layer 2 Traceroute Utility
- 857 How to Use the Layer 2 Traceroute Utility
- 859 Mini Protocol Analyzer
- 859 Prerequisites for the Mini Protocol Analyzer
- 859 Restrictions for the Mini Protocol Analyzer
- 860 Information About the Mini Protocol Analyzer
- 860 How to Configure the Mini Protocol Analyzer
- 860 Configuring a Capture Session
- 862 Filtering the Packets to be Captured
- 863 Starting and Stopping a Capture
- 865 Displaying and Exporting the Capture Buffer
- 865 Configuration Examples for the Mini Protocol Analyzer
- 866 General Configuration Examples
- 867 Filtering Configuration Examples
- 868 Operation Examples
- 868 Display Examples
- 868 Displaying the Configuration
- 869 Displaying the Capture Session Status
- 870 Displaying the Capture Buffer Contents
- 873 Restrictions for PFC QoS
- 874 General Guidelines
- 876 PFC and DFC Guidelines
- 877 Class Map Command Restrictions
- 877 Policy Map Class Command Restrictions
- 877 Supported Granularity for CIR and PIR Rate Values
- 878 Supported Granularity for CIR and PIR Token Bucket Sizes
- 879 IP Precedence and DSCP Values
- 881 PFC QoS Overview
- 883 Classification, Marking, and Policing
- 883 Information About Classification, Marking, and Policing Policies
- 883 Classification, Marking, and Policing Policy Overview
- 884 Traffic Classification
- 885 Traffic Marking
- 886 Information about Policing
- 886 Overview of Policing
- 887 Per-Interface Policers
- 887 Aggregate Policers
- 888 Microflow Policers
- 889 How to Configure Classification, Marking, and Policing Policies
- 889 Enabling Distributed Aggregate Policing
- 890 Configuring a Class Map
- 890 Creating a Class Map
- 890 Configuring Filtering in a Class Map
- 890 Verifying Class Map Configuration
- 891 Configuring a Policy Map
- 891 Policy Map Overview
- 891 Creating a Policy Map
- 891 Policy Map Class Configuration Guidelines and Restrictions
- 891 Creating a Policy Map Class and Configuring Filtering
- 892 Configuring Policy Map Class Actions
- 898 Verifying Policy Map Configuration
- 899 Attaching a Policy Map to an Interface
- 901 Configuring Dynamic Per-Session Attachment of a Policy Map
- 901 Policy Map Dynamic Per-Session Attachment Prerequisites
- 901 Defining and Associating Policy Maps
- 903 Policy-Based Queueing
- 903 Prerequisites for Policy-Based Queueing
- 904 Restrictions for Policy-Based Queueing
- 906 Information About Policy-Based Queueing
- 906 Port-Based Queue Types
- 906 Ingress and Egress Buffers and Queues
- 907 Ingress Queue Types
- 908 Egress Queue Types
- 909 Module to Queue Type Mappings
- 910 Queueing Policies
- 912 How to Configure Policy-Based Queueing
- 913 Configuring a Queueing Policy Class Map
- 913 Verifying a Queueing Policy Class Map
- 913 Configuring Queueing Policy Maps
- 914 Configuring Policy-Based Queueing on WS-X6904-40G-2T Ports
- 915 Creating a Queueing Policy
- 916 Configuring a Priority Queue
- 916 Configuring Nonpriority Queues
- 917 Configuring Thresholds
- 919 Verifying a Queueing Policy Map
- 919 Attaching a Queueing Policy Map to an Interface
- 920 Configuration Examples for Policy-Based Queueing
- 920 Queueing Policy Sample Configuration
- 921 Queueing Policy Commands Supported by Each Queue Type
- 922 1q2t, 1q8t Ingress Queue Supported Commands
- 923 2q8t Ingress Queue Supported Commands
- 924 8q4t Ingress Queue Supported Commands
- 925 8q8t Ingress Queue Supported Commands
- 926 1p1q4t Ingress Queue Supported Commands
- 927 1p1q8t Ingress Queue Supported Commands
- 928 1p7q2t Ingress Queue Supported Commands
- 929 1p3q8t Egress Queue Supported Commands
- 930 1p7q8t Egress Queue Supported Commands
- 931 1p7q4t, 2p6q4t Ingress or Egress Queue Supported Commands
- 933 WS-X6904-40G-2T 1p7q4t, 2p6q4t Egress Queue Supported Commands
- 935 Queueing Policy Commands Sample Configurations for Each Queue Type
- 935 1q2t Ingress Queue Sample Configuration
- 935 1q8t Ingress Queue Sample Configuration
- 936 2q8t Ingress Queue Sample Configuration
- 937 8q4t, 8q8t Ingress Queue Sample Configuration (CoS-Based Queueing)
- 937 8q4t Ingress Queue Sample Configuration (DSCP-Based Queueing)
- 940 1p1q4t Ingress Queue Sample Configuration
- 940 1p1q8t Ingress Queue Sample Configuration
- 941 1p3q8t Egress Queue Sample Configuration
- 942 1p7q8t Egress Queue Sample Configuration
- 943 1p7q4t Ingress or Egress Queue Sample Configuration (CoS-Based Queueing)
- 944 1p7q4t Ingress or Egress Queue Sample Configuration (DSCP-Based Queueing)
- 947 Queuing on FEX
- 947 Priority Queuing
- 947 Queue Bandwidth
- 947 DSCP to Queue Map
- 947 Queue Buffer
- 949 QoS Global and Interface Options
- 950 How to Configure the Ingress LAN Port CoS Value
- 951 How to Configure Egress DSCP Mutation
- 951 Configuring Named DSCP Mutation Maps
- 952 Attaching an Egress DSCP Mutation Map to an Interface
- 952 How to Configure Ingress CoS Mutation on IEEE 802.1Q Tunnel Ports
- 952 Ingress CoS Mutation Configuration Guidelines and Restrictions
- 954 Configuring Ingress CoS Mutation Maps
- 954 Applying Ingress CoS Mutation Maps to IEEE 802.1Q Tunnel Ports
- 955 How to Configure DSCP Value Maps
- 955 Mapping Received CoS Values to Internal DSCP Values
- 955 Mapping Received IP Precedence Values to Internal DSCP Values
- 956 Configuring DSCP Markdown Values
- 957 Mapping Internal DSCP Values to Egress CoS Values
- 958 How to Configure Trusted Boundary with Cisco Device Verification
- 959 Legacy Configuration Procedures for Queueing-Only Mode
- 960 Legacy Configuration Procedures for VLAN-Based PFC QoS on Layer 2 LAN Ports
- 961 Legacy Configuration Procedures for Port Trust State
- 962 Legacy Configuration Procedures for DSCP-Based Queue Mapping
- 962 Enabling DSCP-Based Queue Mapping
- 963 Configuring Ingress DSCP-Based Queue Mapping
- 963 Mapping DSCP Values to Standard Receive-Queue Thresholds
- 964 Mapping DSCP Values to Standard Transmit-Queue Thresholds
- 966 Mapping DSCP Values to the Transmit Strict-Priority Queue
- 967 AutoQoS
- 967 Prerequisites for AutoQoS
- 968 Restrictions for AutoQoS
- 968 Information About AutoQoS
- 969 AutoQoS Support for a Cisco IP Phone
- 969 AutoQoS Support for Cisco IP Communicator
- 970 AutoQoS Support for Marked Traffic
- 970 Default Settings for AutoQoS
- 970 How to Configure AutoQoS
- 971 Configuring AutoQoS Support for a Cisco IP Phone
- 972 Configuring AutoQoS Support for Cisco IP Communicator
- 973 Configuring AutoQoS Support for Marked Traffic
- 975 MPLS QoS
- 976 Terminology
- 976 MPLS QoS Features
- 977 MPLS Experimental Field
- 977 Trust
- 977 Classification
- 977 Policing and Marking
- 978 Preserving IP ToS
- 978 EXP Mutation
- 978 MPLS DiffServ Tunneling Modes
- 978 MPLS QoS Overview
- 978 Specifying the QoS in the IP Precedence Field
- 979 MPLS QoS
- 979 MPLS Topology Overview
- 980 LERs at the Input Edge of an MPLS Network
- 980 LSRs in the Core of an MPLS Network
- 981 LERs at the Output Edge of an MPLS Network
- 981 LERs at the EoMPLS Edge
- 982 LERs at the IP Edge (MPLS, MPLS VPN)
- 982 IP to MPLS
- 983 MPLS to IP
- 985 MPLS VPN
- 985 LSRs at the MPLS Core
- 985 MPLS to MPLS
- 987 MPLS QoS Default Configuration
- 989 MPLS QoS Commands
- 989 MPLS QoS Restrictions
- 990 How to Configure MPLS QoS
- 991 Enabling Queueing-Only Mode
- 991 Restrictions and Usage Guidelines
- 991 Configuring a Class Map to Classify MPLS Packets
- 993 Restrictions and Usage Guidelines
- 994 Configuring a Policy Map
- 994 Configuring a Policy Map to Set the EXP Value on All Imposed Labels
- 996 Configuring a Policy Map Using the Police Command
- 998 Displaying a Policy Map
- 998 Displaying the Configuration of All Classes
- 998 Configuring MPLS QoS Egress EXP Mutation
- 999 Configuring Named EXP Mutation Maps
- 999 Attaching an Egress EXP Mutation Map to an Interface
- 999 Configuring EXP Value Maps
- 1000 Configuring an Ingress-EXP to Internal-DSCP Map
- 1000 Configuring a Named Egress-DSCP to Egress-EXP Map
- 1000 MPLS DiffServ Tunneling Modes
- 1001 Short Pipe Mode
- 1002 Short Pipe Mode Restrictions
- 1002 Uniform Mode
- 1004 Uniform Mode Restrictions
- 1004 MPLS DiffServ Tunneling Restrictions and Usage Guidelines
- 1004 How to Configure Short Pipe Mode
- 1004 Ingress PE Router—Customer Facing Interface
- 1006 Configuring Ingress PE Router—P Facing Interface
- 1006 Configuration Example
- 1007 Configuring the P Router—Output Interface
- 1007 Configuration Example
- 1008 Configuring the Egress PE Router—Customer Facing Interface
- 1008 Configuration Example
- 1008 How to Configure Uniform Mode
- 1009 Configuring the Ingress PE Router—Customer Facing Interface
- 1009 Configuration Example
- 1010 Configuring the Ingress PE Router—P Facing Interface
- 1011 Configuring the Egress PE Router—Customer Facing Interface
- 1013 PFC QoS Statistics Data Export
- 1013 Prerequisites for PFC QoS Statistics Data Export
- 1013 Restrictions for PFC QoS Statistics Data Export
- 1014 Information About PFC QoS Statistics Data Export
- 1014 Default Settings for PFC QoS Statistics Data Export
- 1014 How to Configure PFC QoS Statistics Data Export
- 1015 Enabling PFC QoS Statistics Data Export Globally
- 1015 Enabling PFC QoS Statistics Data Export for a Port
- 1016 Enabling PFC QoS Statistics Data Export for a Named Aggregate Policer
- 1017 Enabling PFC QoS Statistics Data Export for a Class Map
- 1018 Setting the PFC QoS Statistics Data Export Time Interval
- 1019 Configuring PFC QoS Statistics Data Export Destination Host and UDP Port
- 1020 Setting the PFC QoS Statistics Data Export Field Delimiter
- 1023 Cisco IOS ACL Support
- 1024 Restrictions for Cisco IOS ACLs
- 1024 Restrictions for Layer 4 Operators in ACLs
- 1024 Determining Layer 4 Operation Usage
- 1025 Determining Logical Operation Unit Usage
- 1026 Information About ACL Support
- 1028 Policy-Based ACLs (PBACLs)
- 1028 Restrictions for PBACLs
- 1028 Information about PBACLs
- 1028 How to Configure PBACLs
- 1029 Configuring a PBACL IP Address Object Group
- 1029 Configuring a PBACL Protocol Port Object Group
- 1030 Configuring ACLs with PBACL Object Groups
- 1030 Configuring PBACL on an Interface
- 1030 IPv6 Object Group-Based ACLs (IPv6 OG ACLs)
- 1031 Restrictions for IPv6 OG ACLs
- 1031 Information about IPv6 OG ACLs
- 1031 How to Configure IPv6 OG ACLs
- 1031 Configuring a IPv6 Address Object Group
- 1032 Configuring a IPv6 Protocol Object Group
- 1033 Configuring ACLs with IPv6 Object Groups
- 1033 Configuring IPv6 OG ACL on an Interface
- 1033 MAC ACLs
- 1033 How to Configure Protocol-Independent MAC ACL Filtering
- 1035 How to Enable VLAN-Based MAC QoS Filtering
- 1037 ARP ACLs
- 1037 Optimized ACL Logging
- 1037 Restrictions for OAL
- 1038 Information about OAL
- 1038 How to Configure OAL
- 1038 Configuring OAL Global Parameters
- 1039 Configuring OAL on an Interface
- 1039 Displaying OAL Information
- 1039 Clearing Cached OAL Entries
- 1039 Dry Run Support for ACLs
- 1040 Restrictions for Dry Run Support
- 1040 Information About Dry Run Support
- 1040 How to Configure Dry Run Support for ACLs
- 1041 Hardware ACL Statistics
- 1041 Restrictions for Hardware ACL Statistics
- 1042 Information About Hardware ACL Statistics
- 1042 How to Configure Hardware ACL Statistics
- 1043 Cisco TrustSec (CTS)
- 1044 Flexible MACsec Replay Protection
- 1046 Hardware Supported
- 1047 AutoSecure
- 1047 Prerequisites for AutoSecure
- 1048 Restrictions for AutoSecure
- 1048 Information About AutoSecure
- 1048 AutoSecure Overview
- 1048 AutoSecure Benefits
- 1049 Simplified Switch Security Configuration
- 1049 Enhanced Password Security Enabled by AutoSecure
- 1049 System Logging Message Support
- 1049 Management Plane Security Enabled by AutoSecure
- 1049 Management Plane Security Overview
- 1050 Global Services Disabled by AutoSecure
- 1050 Per-Interface Services Disabled by AutoSecure
- 1051 Global Services Enabled by AutoSecure
- 1051 Switch Access Secured by AutoSecure
- 1052 Logging Options Enabled by AutoSecure
- 1052 Forwarding Plane Security Enabled by AutoSecure
- 1053 How to Configure AutoSecure
- 1053 Configuring AutoSecure Parameters
- 1054 Configuring Additional Security
- 1054 Verifying AutoSecure
- 1055 Examples for AutoSecure Configuration
- 1059 MAC Address-Based Traffic Blocking
- 1061 Port ACLs (PACLs)
- 1061 Prerequisites for PACls
- 1062 Restrictions for PACLs
- 1062 Information About PACLs
- 1062 PACL Overview
- 1063 EtherChannel and PACL Interactions
- 1064 Dynamic ACLs (Applies to Merge Mode Only)
- 1064 Trunk Ports
- 1064 Layer 2 to Layer 3 Port Conversion
- 1064 Port-VLAN Association Changes
- 1064 PACL and VACL Interactions
- 1065 PACL Interaction with VACLs and Cisco IOS ACLs
- 1065 Bridged Packets
- 1065 Routed Packets
- 1066 Multicast Packets
- 1067 How to Configure PACLs
- 1067 Configuring IP and MAC ACLs on a Layer 2 Interface
- 1068 Configuring Access-group Mode on Layer 2 Interface
- 1068 Applying ACLs to a Layer 2 Interface
- 1069 Applying ACLs to a Port Channel
- 1069 Displaying an ACL Configuration on a Layer 2 Interface
- 1071 VLAN ACLs (VACLs)
- 1071 Prerequisites for VACLs
- 1072 Restrictions for VACLs
- 1072 Information About VACLs
- 1073 How to Configure VACLs
- 1073 Defining a VLAN Access Map
- 1074 Configuring a Match Clause in a VLAN Access Map Sequence
- 1074 Configuring an Action Clause in a VLAN Access Map Sequence
- 1075 Applying a VLAN Access Map
- 1075 Verifying VLAN Access Map Configuration
- 1075 VLAN Access Map Configuration and Verification Examples
- 1076 Configuring a Capture Port
- 1077 Configuring VACL Logging
- 1079 Policy-Based Forwarding (PBF)
- 1079 Prerequisites for PBF
- 1080 Restrictions for PBF
- 1080 Information About PBF
- 1080 Default Settings for PBF
- 1080 How to Configure PBF
- 1081 Monitoring PBF
- 1081 Configuration Examples for PBF
- 1083 Denial of Service (DoS) Protection
- 1084 Security ACLs and VACLs
- 1084 QoS Rate Limiting
- 1085 Global Protocol Packet Policing
- 1085 Prerequisites for Global Protocol Packet Policing
- 1085 Restrictions for Global Protocol Packet Policing
- 1087 Information About Global Protocol Packet Policing
- 1087 How to Configure Single-Command Global Protocol Packet Policing
- 1088 How to Configure Policy-Based Global Protocol Packet Policing
- 1088 Configuring a Global Protocol Packet Policing Policy Map
- 1088 Unicast Reverse Path Forwarding (uRPF) Check
- 1089 Prerequisites for uRPF Check
- 1089 Restrictions for uRPF Check
- 1089 Information about uRPF Check
- 1090 How to Configure Unicast RPF Check
- 1090 Configuring the Unicast RPF Check Mode
- 1091 Enabling Self-Pinging
- 1091 Configuring Sticky ARP
- 1092 Monitoring Packet Drop Statistics
- 1092 Prerequisites for Packet Drop Statistics
- 1092 Restrictions for Packet Drop Statistics
- 1092 Information About Packet Drop Statistics
- 1092 How to Monitor Dropped Packets
- 1092 Using show Commands
- 1093 Using SPAN
- 1094 Using VACL Capture
- 1095 Control Plane Policing (CoPP)
- 1095 Prerequisites for CoPP
- 1096 Restrictions for CoPP
- 1097 Information About CoPP
- 1097 Default Settings for CoPP
- 1099 How to Configure CoPP
- 1099 Configuring CoPP
- 1100 Defining CoPP Traffic Classification
- 1100 Traffic Classification Overview
- 1101 Traffic Classification Restrictions
- 1102 Sample Basic ACLs for CoPP Traffic Classification
- 1103 Monitoring CoPP
- 1105 Dynamic Host Configuration Protocol (DHCP) Snooping
- 1105 Prerequisites for DHCP Snooping
- 1106 Restrictions for DHCP Snooping
- 1106 DHCP Snooping Configuration Restrictions
- 1106 DHCP Snooping Configuration Guidelines
- 1107 Minimum DHCP Snooping Configuration
- 1107 Information About DHCP Snooping
- 1108 Overview of DHCP Snooping
- 1108 Trusted and Untrusted Sources
- 1109 DHCP Snooping Binding Database
- 1109 Packet Validation
- 1109 DHCP Snooping Option-82 Data Insertion
- 1111 Overview of the DHCP Snooping Database Agent
- 1112 Default Configuration for DHCP Snooping
- 1113 How to Configure DHCP Snooping
- 1113 Enabling DHCP Snooping Globally
- 1114 Enabling DHCP Option-82 Data Insertion
- 1114 Enabling the DHCP Option-82 on Untrusted Port Feature
- 1115 Enabling DHCP Snooping MAC Address Verification
- 1115 Enabling DHCP Snooping on VLANs
- 1116 Configuring the DHCP Trust State on Layer 2 LAN Interfaces
- 1117 Configuring Spurious DHCP Server Detection
- 1118 Configuring DHCP Snooping Rate Limiting on Layer 2 LAN Interfaces
- 1118 The DHCP Snooping Database Agent
- 1118 Prerequisites for the DHCP Snooping Database Agent
- 1118 Restrictions for the DHCP Snooping Database Agent
- 1119 Default Settings for the DHCP Snooping Database Agent
- 1119 How to Configure the DHCP Snooping Database Agent
- 1119 Configuration Examples for the Database Agent
- 1122 Displaying the DHCP Snooping Binding Table
- 1125 IP Source Guard
- 1125 Prerequisites for IP Source Guard
- 1126 Restrictions for IP Source Guard
- 1126 Information About IP Source Guard
- 1126 Overview of IP Source Guard
- 1126 IP Source Guard Interaction with VLAN-Based Features
- 1127 Channel Ports
- 1127 Layer 2 and Layer 3 Port Conversion
- 1127 IP Source Guard and Voice VLAN
- 1127 IP Source Guard and Web-Based Authentication
- 1127 Default Settings for IP Source Guard
- 1127 How to Configure IP Source Guard
- 1129 Displaying IP Source Guard PACL Information
- 1130 Displaying IP Source Binding Information
- 1133 Dynamic ARP Inspection (DAI)
- 1133 Prerequisites for DAI
- 1134 Restrictions for DAI
- 1135 Information About DAI
- 1135 Information about ARP
- 1135 ARP Spoofing Attacks
- 1136 DAI and ARP Spoofing Attacks
- 1136 Interface Trust States and Network Security
- 1137 Rate Limiting of ARP Packets
- 1138 Relative Priority of ARP ACLs and DHCP Snooping Entries
- 1138 Logging of Dropped Packets
- 1138 Default Settings for DAI
- 1139 How to Configure DAI
- 1139 Enabling DAI on VLANs
- 1140 Configuring DAI Hardware Acceleration
- 1140 Configuring the DAI Interface Trust State
- 1141 Applying ARP ACLs for DAI Filtering
- 1142 Configuring ARP Packet Rate Limiting
- 1143 Enabling DAI Error-Disabled Recovery
- 1143 Enabling Additional Validation
- 1145 Configuring DAI Logging
- 1145 DAI Logging Overview
- 1145 DAI Logging Restrictions
- 1145 Configuring the DAI Logging Buffer Size
- 1146 Configuring the DAI Logging System Messages
- 1147 Configuring DAI Log Filtering
- 1147 Displaying DAI Information
- 1148 Configuration Examples for DAI
- 1148 Two Switches Support DAI
- 1148 Overview
- 1149 Configuring Switch A
- 1150 Configuring Switch B
- 1153 One Switch Supports DAI
- 1155 Traffic Storm Control
- 1155 Prerequisites for Traffic Storm Control
- 1156 Restrictions for Traffic Storm Control
- 1156 Information About Traffic Storm Control
- 1158 Default Setting for Traffic Storm Control
- 1158 How to Enable Traffic Storm Control
- 1159 Displaying Traffic Storm Control Settings
- 1161 Unknown Unicast Flood Control
- 1161 Prerequisites for Unknown Traffic Flood Control
- 1161 Restrictions for Unknown Traffic Flood Control
- 1162 Information About Unknown Traffic Flood Control
- 1162 Default Settings for Unknown Traffic Flood Control
- 1162 How to Configure Unknown Traffic Flood Control
- 1162 How to Configure UUFB
- 1162 How to Configure UUFRL
- 1163 Configuration Examples for Unknown Traffic Flood Control
- 1165 IEEE 802.1X Port-Based Authentication
- 1165 Prerequisites for 802.1X Authentication
- 1166 Restrictions for 802.1X Authentication
- 1166 802.1X Authentication
- 1167 802.1X Host Mode
- 1167 VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass
- 1169 MAC Authentication Bypass
- 1169 Web-Based Authentication
- 1169 Network Edge Access Topology (NEAT) and Client Information Signalling Protocol (CISP)
- 1170 Information About 802.1X Port-Based Authentication
- 1170 802.1X Overview
- 1171 802.1X Device Roles
- 1172 Port-based Authentication Process
- 1174 Authentication Initiation and Message Exchange
- 1176 Ports in Authorized and Unauthorized States
- 1177 802.1X Host Modes
- 1177 Host Mode Overview
- 1177 Single-Host Mode
- 1177 Multiple-Hosts Mode
- 1178 Multidomain Authentication Mode
- 1178 Multi-Auth VLAN Assignment
- 1179 Multiauthentication Mode
- 1179 Pre-Authentication Open Access
- 1179 802.1X Authentication with DHCP Snooping
- 1180 802.1X Accounting
- 1181 802.1X Authentication with VLAN Assignment
- 1182 Multiple VLANs and VLAN User Distribution with VLAN Assignment
- 1183 802.1X Authentication with Guest VLAN
- 1184 802.1X Authentication with Restricted VLAN
- 1185 802.1X Authentication with Inaccessible Authentication Bypass
- 1186 802.1X Authentication with Voice VLAN Ports
- 1187 802.1X Authentication with Port Security
- 1187 802.1X Authentication with ACL Assignments and Redirect URLs
- 1188 Overview
- 1188 Downloadable ACLs Using the Cisco Secure ACS
- 1189 Filter-ID ACLs
- 1189 Redirect URLs
- 1189 Static Sharing of ACLs
- 1190 802.1X Authentication with Port Descriptors
- 1190 802.1X Authentication with MAC Authentication Bypass
- 1191 Network Admission Control Layer 2 IEEE 802.1X Validation
- 1191 NAC Agentless Audit Support
- 1192 802.1X Authentication with Wake-on-LAN
- 1192 MAC Move
- 1193 MAC Replace
- 1194 802.1x Supplicant and Authenticator Switches with Network Edge Access Topology (NEAT)
- 1195 Default Settings for 802.1X Port-Based Authentication
- 1196 How to Configure 802.1X Port-Based Authentication
- 1197 Enabling 802.1X Authentication
- 1198 Configuring Switch-to-RADIUS-Server Communication
- 1199 Configuring 802.1X Authenticator Host Mode
- 1200 Enabling Fallback Authentication
- 1202 Enabling Periodic Reauthentication
- 1203 Manually Reauthenticating the Client Connected to a Port
- 1203 Initializing Authentication for the Client Connected to a Port
- 1204 Removing 802.1X Client Information Globally
- 1204 Removing 802.1X Client Information from an Interface
- 1204 Clearing Authentication Sessions
- 1204 Changing 802.1X Timeouts
- 1205 Setting the Quiet Period
- 1205 Setting the Switch-to-Client Retransmission Time
- 1205 Setting the Switch-to-Client Retransmission Time for EAP-Request Frames
- 1206 Setting the Switch-to-Authentication-Server Retransmission Time for Layer 4 Packets
- 1206 Setting the Switch-to-Client Frame Retransmission Number
- 1207 Setting the Reauthentication Number
- 1207 Configuring IEEE 802.1X Accounting
- 1208 Configuring VLAN User Distribution
- 1209 Configuring a Guest VLAN
- 1210 Configuring a Restricted VLAN
- 1211 Configuring the Inaccessible Authentication Bypass Feature
- 1213 Configuring MAC Authentication Bypass
- 1214 Configuring NAC Layer 2 IEEE 802.1X Validation
- 1215 Configuring NAC Agentless Audit Support
- 1215 Configuring the Switch for DACLs or Redirect URLs
- 1216 Configuring 802.1X Authentication with WoL
- 1217 Enabling MAC Move
- 1217 Enabling MAC Replace
- 1218 Configuring NEAT Authenticator and Supplicant Switches
- 1218 NEAT Authenticator Configuration
- 1219 NEAT Supplicant Configuration
- 1220 Disabling 802.1X Authentication on the Port
- 1221 Resetting the 802.1X Configuration to the Default Values
- 1221 Displaying Authentication Status and Information
- 1221 Displaying 802.1X Status
- 1222 Displaying Authentication Methods and Status
- 1225 Displaying MAC Authentication Bypass Status
- 1227 Web-Based Authentication
- 1227 Prerequisites for Web-based Authentication
- 1227 Restrictions for Web-based Authentication
- 1228 Information About Web-Based Authentication
- 1228 Web-Based Authentication Overview
- 1229 Device Roles
- 1229 Host Detection
- 1230 Session Creation
- 1230 Authentication Process
- 1231 AAA Fail Policy
- 1231 Customization of the Authentication Proxy Web Pages
- 1231 Web-based Authentication Interactions with Other Features
- 1232 Port Security
- 1232 Gateway IP
- 1232 ACLs
- 1232 IP Source Guard
- 1232 EtherChannel
- 1232 Switchover
- 1233 Default Web-Based Authentication Configuration
- 1233 How to Configure Web-Based Authentication
- 1234 Web-based Authentication Configuration Task List
- 1234 Configuring the Authentication Rule and Interfaces
- 1235 Configuring AAA Authentication
- 1235 Configuring Switch-to-RADIUS-Server Communication
- 1237 Configuring the HTTP Server
- 1237 Customizing the Authentication Proxy Web Pages
- 1238 Specifying a Redirection URL for Successful Login
- 1239 Configuring an AAA Fail Policy
- 1240 Configuring the Web-based Authentication Parameters
- 1240 Removing Web-based Authentication Cache Entries
- 1241 Displaying Web-Based Authentication Status
- 1243 Port Security
- 1243 Prerequisites for Port Security
- 1243 Restrictions for Port Security
- 1244 Information About Port Security
- 1245 Port Security with Dynamically Learned and Static MAC Addresses
- 1245 Port Security with Sticky MAC Addresses
- 1246 Port Security with IP Phones
- 1246 Default Port Security Configuration
- 1246 How to Configure Port Security
- 1247 Enabling Port Security
- 1247 Enabling Port Security on a Trunk
- 1248 Enabling Port Security on an Access Port
- 1248 Configuring the Port Security Violation Mode on a Port
- 1249 Configuring the Maximum Number of Secure MAC Addresses on a Port
- 1250 Enabling Port Security with Sticky MAC Addresses on a Port
- 1251 Configuring a Static Secure MAC Address on a Port
- 1252 Configuring Secure MAC Address Aging on a Port
- 1252 Configuring the Secure MAC Address Aging Type on a Port
- 1252 Configuring Secure MAC Address Aging Time on a Port
- 1253 Verifying the Port Security Configuration
- 1255 Lawful Intercept
- 1255 Prerequisites for Lawful Intercept
- 1255 Restrictions for Lawful Intercept
- 1256 General Configuration Restrictions
- 1257 MIB Guidelines
- 1257 Information About Lawful Intercept
- 1258 Lawful Intercept Overview
- 1258 Benefits of Lawful Intercept
- 1259 CALEA for Voice
- 1259 Network Components Used for Lawful Intercept
- 1259 Mediation Device
- 1260 Lawful Intercept Administration
- 1260 Intercept Access Point
- 1260 Content Intercept Access Point
- 1261 Lawful Intercept Processing
- 1261 Lawful Intercept MIBs
- 1261 CISCO-TAP2-MIB
- 1262 CISCO-TAP2-MIB Processing
- 1262 CISCO-IP-TAP-MIB
- 1263 CISCO-IP-TAP-MIB Processing
- 1263 How to Configure Lawful Intercept Support
- 1263 Security Considerations
- 1263 Accessing the Lawful Intercept MIBs
- 1264 Restricting Access to the Lawful Intercept MIBs
- 1264 Configuring SNMPv3
- 1264 Creating a Restricted SNMP View of Lawful Intercept MIBs
- 1265 Configuration Example
- 1266 Enabling SNMP Notifications for Lawful Intercept
- 1266 Disabling SNMP Notifications
- 1267 Index