Cisco IOS Switching Services Command�Reference, Release�12.2
Commands: access-list rate-limit through ip cef
Downloads: This chapterpdf (PDF - 449.0KB) The complete bookPDF (PDF - 4.13MB) | Feedback

access-list rate-limit

Table Of Contents

access-list rate-limit

address-family

append-after

atm-address

bgp default route-target filter

bgp scan-time

cable bundle

cable helper-address

cache

class (MPLS)

clear adjacency

clear atm vc

clear cef interface

clear cef linecard

clear ip cache

clear ip cef event-log

clear ip cef inconsistency

clear ip cef prefix-statistics

clear ip flow stats

clear ip mds

clear ip mds linecard

clear ip mds forwarding

clear ip mroute

clear ip pim interface count

clear ip route vrf

clear lane le-arp

clear lane server

clear mpoa client cache

clear mpoa server cache

clear vlan

clear vlan mapping

client-atm-address name

default-name

enabled (aggregation cache)

encapsulation dot1q

encapsulation isl

encapsulation sde

encapsulation tr-isl trbrf-vlan

exit-address-family

export destination

export map

extended-port

holding-time

import map

index

interface atm

interface fastethernet

interface XTagATM

ip cache-invalidate-delay

ip cef


access-list rate-limit

To configure an access list for use with committed access rate (CAR) policies, use the access-list rate-limit global configuration command. To remove the access list from the configuration, use the no form of this command.

access-list rate-limit acl-index {precedence | mac-address | exp | mask mask}

no access-list rate-limit acl-index {precedence | mac-address | exp | mask mask}

Syntax Description

acl-index

Specifies the access list number. Classification options are as follows:

For IP precedence, use any number from 1 to 99.

For MAC address, use any number from 100 to 199.

For MPLS experimental field, use any number from 200 to 299.

precedence

Specifies the IP precedence. Valid values are from 0 to 7.

mac-address

Specifies the MAC address.

exp

Specifies the MPLS experimental field. Valid values are from 0 to 7.

mask mask

Specifies the mask. Use this option if you want to assign multiple IP precedences or MPLS experimental field values to the same rate-limit access list.


Defaults

No CAR access lists are configured.

Command Modes

Global configuration

Command History

Release
Modification

11.1 CC

This command was introduced.

12.1(5)T

This command now includes an access list based on the MPLS experimental field.


Usage Guidelines

Use this command to classify packets by the specified IP precedence, MAC address, or MPLS experimental field values for a particular CAR access list. You can then apply CAR policies, using the rate-limit command, to individual rate-limit access lists causing packets with different IP precedences, MAC addresses, or MPLS experimental field values to be treated differently by the CAR process.

You can specify only one command for each rate-limit access list. If you enter this command multiple times with the same access list number, the new command overwrites the previous command.

Use the mask keyword to assign multiple IP precedences or MPLS experimental field values to the same rate-limit list. To ascertain the mask value, perform the following steps:


Step 1 Decide which precedences you want to assign to this rate-limit access list.

Step 2 Convert the precedences or MPLS experimental field values into 8-bit numbers with each bit corresponding to one value. For example, an MPLS experimental field value of 0 corresponds to 00000001, 1 corresponds to 00000010, 6 corresponds to 01000000, and 7 corresponds to 10000000.

Step 3 Add the 8-bit numbers for the selected MPLS experimental field values. For example, the mask for MPLS experimental field values 1 and 6 is 01000010.

Step 4 The command expects hexadecimal format. Convert the binary mask into the corresponding hexadecimal number. For example, 01000010 becomes 42. This value is used in the access-list rate-limit command. Any packets that have an MPLS experimental field value of 1 or 6 will match this access list.


A mask of FF matches any precedence; a mask of 00 does not match any precedence.

Examples

In the following example, MPLS experimental fields with the value of 7 are assigned to the rate-limit access list 200:

router(config)# access-list rate-limit 200 7

You can then use the rate-limit access list in a rate-limit command so that the rate limit is applied only to packets matching the rate-limit access list:

router(config)# interface atm4/0.1 mpls
router(config-if)# rate-limit input access-group rate-limit 200 8000 8000 8000 
conform-action set-mpls-exp-transmit 4 exceed-action set-mpls-exp-transmit 0

Related Commands

Command
Description

rate-limit

Configures CAR and DCAR policies.

show access-list rate-limit

Displays information about rate-limit access lists.


address-family

To enter the address family submode for configuring routing protocols such as BGP, RIP, and static routing, use the address-family command in address family configuration submode. To disable the address family submode for configuring routing protocols, use the no form of this command.

VPN-IPv4 Unicast

address-family vpnv4 [unicast]

no address-family vpnv4 [unicast]

IPv4 Unicast

address-family ipv4 [unicast]

no address-family ipv4 [unicast]

IPv4 Unicast with CE router

address-family ipv4 [unicast] vrf vrf-name

no address-family ipv4 [unicast] vrf vrf-name

Syntax Description

vpnv4

Configures sessions that carry customer VPN-IPv4 prefixes, each of which has been made globally unique by adding an 8-byte route distinguisher.

ipv4

Configures sessions that carry standard IPv4 address prefixes.

unicast

(Optional) Specifies unicast prefixes.

vrf vrf-name

Specifies the name of a VPN routing and forwarding instance (VRF) to associate with submode commands.


Defaults

Routing information for address family IPv4 is advertised by default when you configure a BGP session using the neighbor...remote-as command unless you execute the no bgp default ipv4-activate command.

Command Modes

Address family configuration

Command History

Release
Modification

12.0(5)T

This command was introduced.


Usage Guidelines

Using the address-family command puts the router in address family configuration submode (prompt: (config-router-af)# ). Within this submode, you can configure address-family specific parameters for routing protocols, such as BGP, that can accommodate multiple Layer 3 address families.

To leave address family configuration submode and return to router configuration mode, enter the exit-address-family or exit command.

Examples

The address-family command in the following example puts the router into address family configuration submode for the VPNv4 address family. Within the submode, you can configure advertisement of NLRI for the VPNv4 address family using neighbor activate and other related commands:

router bgp 100
address-family vpnv4 

The command in the following example puts the router into address family configuration submode for the IPv4 address family. Use this form of the command, which specifies a VRF, only to configure routing exchanges between PE and CE devices. This address-family command causes subsequent commands entered in the submode to be executed in the context of VRF vrf2. Within the submode, you can use neighbor activate and other related commands to accomplish the following:

Configure advertisement of IPv4 NLRI between the PE and CE routers.

Configure translation of the IPv4 NLRI (that is, translate IPv4 into VPNv4 for NLRI received from the CE, and translate VPNv4 into IPv4 for NLRI to be sent from the PE to the CE).

Enter the routing parameters that apply to this VRF.

The following commands enter the address family submode:

router bgp 100
address-family ipv4 unicast vrf vrf2 

Related Commands

Command
Description

default

Exits from address family submode.

neighbor activate

Enables the exchange of information with a neighboring router.


append-after

To insert a path entry after a specified index number, use the append-after IP explicit path configuration command.

append-after index command

Syntax Description

index

Previous index number. Valid values are from 0 to 65534.

command

An IP explicit path configuration command that creates a path entry. (Use the next-address command to specify the next IP address in the explicit path.)


Defaults

No default behavior or values.

Command Modes

IP explicit path configuration

Command History

Release
Modification

12.0(5)S

This command was introduced.


Examples

In the following example, the next-address command is inserted after index 5:

Router(config-ip-expl-path)# append-after 5 next-address 3.3.27.3

Related Commands

Command
Description

index

Inserts or modifies a path entry at a specific index.

interface fastethernet

Enters the command mode for IP explicit paths and creates or modifies the specified path.

list

Displays all or part of the explicit paths.

next-address

Specifies the next IP address in the explicit path.

show ip explicit-paths

Displays the configured IP explicit paths.


atm-address

To override the control ATM address of an MPC or MPS, use the atm-address command in interface configuration mode. To revert to the default address, use the no form of this command.

atm-address atm-address

no atm-address

Syntax Description

atm-address

Control ATM address.


Defaults

The default is an automatically generated ATM address.

Command Modes

Interface configuration

Command History

Release
Modification

11.3(3a)WA4(5)

This command was introduced.


Usage Guidelines

This command specifies the control ATM address that an MPC or MPS should use when it comes up; that is, when it is associated with a hardware interface.

The atm-address command overrides the default operational control address of the MPC or MPS. When this address is deleted (using the no form of the command), the MPC or MPS uses an automatically generated address as its control address.

Examples

The following example specifies the ATM address for an MPC:

atm-address 47.0091810000000061705b7701.00400BFF0011.00 

The following example specifies the ATM address for an MPS:

atm-address 47.0091810000000061705C2B01.00E034553024.00

bgp default route-target filter

To enable automatic BGP route-target community filtering, use the bgp default route-target filter router configuration command. To disable this feature, use the no form of this command.

bgp default route-target filter

no bgp default route-target filter

Syntax Description

This command has no arguments or keywords.

Defaults

This command is enabled by default.

Command Modes

Router configuration

Command History

Release
Modification

12.1(5)T

This command was introduced.


Usage Guidelines

Use the bgp default route-target filter command to control the distribution of VPN routing information through the list of VPN route-target communities.

When you use the no form of this command, all received VPN-IPv4 routes are accepted by the configured router. Accepting VPN-IPv4 routes is the desired behavior for a router configured as an autonomous system border edge router or as a CEBGP border edge router.

If you configure the router for BGP route-target community filtering, all received EBGP VPN-IPv4 routes are discarded when those routes do not contain a route-target community value that matches the import list of any configured VRFs. This is the desired behavior for a router configured as a PE router.


Note This command is automatically disabled if a PE router is configured as a client of a common VPN-IPv4 route reflector in the autonomous system.


Examples

In the following example, BGP route-target filtering is disabled for autonomous system 120:

Router(config)# router bgp 120
Router(config-router)# no bgp default route-target filter 

Related Commands

Command
Description

show tag-switching forwarding-table

Displays the contents of the LFIB.


bgp scan-time

To configure scanning intervals of BGP routers for next hop validation or to decrease import processing time of Virtual Private Network version 4 (VPNv4) routing information, use the bgp scan-time command in address family or router configuration mode. To return the scanning interval of a router to its default scanning interval of 15 seconds, use the no form of this command.

bgp scan-time [import] scanner-interval

no bgp scan-time [import] scanner-interval

Syntax Description

import

(Optional) Configures import processing of VPNv4 unicast routing information from BGP routers into routing tables.

scanner-interval

Specifies the scanning interval of BGP routing information. Valid values used for selecting the desired scanning interval are from 5 to 60 seconds. The default is 15 seconds.


Defaults

The default scanning interval is 15 seconds.

Command Modes

Address family configuration

Router configuration

Command History

Release
Modification

12.07(T)

This command was introduced.


Usage Guidelines

The import keyword is supported in address family VPNv4 unicast mode only.

Entering the no form of this command does not disable scanning, but removes it from the output of the show running-config command.

Examples

In the following router configuration example, the scanning interval for next hop validation of IPv4 unicast routes for BGP routing tables is set to 20 seconds:

router bgp 100
 no synchronization
 bgp scan-time 20

In the following address family configuration example, the scanning interval for next hop validation of address family VPNv4 unicast routes for BGP routing tables is set to 45 seconds:

router bgp 150
 address-family vpn4 unicast
  bgp scan-time 45

In the following address family configuration example, the scanning interval for importing address family VPNv4 routes into IP routing tables is set to 30 seconds:

router bgp 150
 address-family vpnv4 unicast
  bgp scan-time import 30

Related Commands

Command
Description

address-family vpnv4

Places the router in address family configuration mode for configuring routing sessions such as BGP, RIP, or static routing sessions that use standard VPNv4 address prefixes.


cable bundle

To configure a cable interface to belong to an interface bundle, use the cable bundle interface configuration command. To delete a cable interface bundle definition, use the no form of this command.

cable bundle n [master]

no cable bundle n [master]

Syntax Description

n

Specifies the bundle identifier. Valid range is from 1 to 255.

master

(Optional) Defines the specified interface as the master.


Defaults

No default behavior or values.

Command Modes

Interface configuration

Command History

Release
Modification

12.0(7)XR

This command was introduced.


Usage Guidelines

You can configure up to four interface bundles. In each bundle, specify one interface as the master interface by using the optional master keyword.

Configure only an IP address on the master interface. If an IP address is configured and the interface is not specified as the master interface, any attempt to add an interface to a bundle is rejected.

Specify all generic IP networking information (such as IP address, routing protocols, and switching modes) on the bundle master interface. Do not specify generic IP networking information on bundle slave interfaces.

If you attempt to add an interface to a bundle as nonmaster interface and an IP address is assigned to this interface, the command will fail. You must remove the IP address configuration before you can add the interface to a bundle.

If you have configured an IP address on a bundled interface and the interface is not the master interface, a warning message appears.

Specify generic (not downstream or upstream related) cable interface configurations, such as source-verify or Address Resolution Protocol (ARP) handling, on the master interface. Do not specify generic configuration on nonmaster interfaces.

If you configure an interface as a part of a bundle and it is not the master interface, all generic cable configuration for this interface is removed. The master interface configuration will then apply to all interfaces in the bundle.

If you shut down or remove the master interface in a bundle, no data packets are sent to any of the interfaces in this bundle. Packets are still physically received from nonmaster interfaces that have not been shut down, but those packets will be discarded. This means that modems connected to those interfaces will not be disconnected immediately, but modems going online will not be able to obtain an IP address, download their configuration file, or renew their IP address assignment if the DHCP lease expires.

If you shut down a slave interface, only this shut down interface is affected.

Examples

The following example configures interface 25 to be the master interface:

Router(config-if)# cable bundle 25 master
Router(config-if)#
07:28:17: %UBR7200-5-UPDOWN: Interface Cable3/0 Port U0, changed state to down
07:28:18: %UBR7200-5-UPDOWN: Interface Cable3/0 Port U0, changed state to up

The following example shows the error message that appears if you try to configure an interface with an IP address that is not the master interface:

Router(config-if)# cable bundle 5
Please remove ip address config first then reenter this command

Related Commands

Command
Description

show cable bundle

Displays the forwarding table for the specified interface bundle.


cable helper-address

To specify a destination address for User Datagram Protocol (UDP) broadcast (DHCP) packets, use the cable helper-address interface configuration command.To disable this feature, use the no form of this command.

cable helper-address ip-address {cable-modem | host}

no cable helper-address ip-address {cable-modem | host}

Syntax Description

ip-address

The IP address of a DHCP server.

Based on whether you add the host or cable-modem keyword at the end of the cable helper-address command, it is the IP address of the MSOs CNR server or the ISPs DHCP server.

cable-modem

Specifies that only cable modem UDP broadcasts are forwarded

host

Specifies that only host UDP broadcasts are forwarded.


Defaults

None

Command Modes

Interface configuration

Command History

Release
Modification

11.3 NA

This command was introduced.


Usage Guidelines

If you specify a secondary interface address, the giaddr field in the DHCP requests will be sent to the primary address for DHCP requests received from cable modems, and to the secondary IP address for DHCP requests received from hosts.

Examples

The following example forwards UDP broadcasts from cable modems to the DHCP server at 172.23.66.44:

Router(config-if)# cable helper-address 172.23.66.44 cable-modem

The following example forwards UDP broadcasts from hosts to the DHCP server at 172.23.66.44:

Router(config-if)# cable helper-address 172.23.66.44 host

cache

To configure aggregation cache operational parameters, use the cache command in aggregation cache configuration mode. To disable the operational parameters, use the no form of this command.

cache {entries number | timeout [active minutes | inactive seconds]}

no cache {entries | timeout {active | inactive }}

Syntax Description

entries number

The number of cached entries allowed in the aggregation cache. The number of entries can be 1024 to 524288. The default is 4096.

timeout

Dissolves the session in the aggregation cache.

active minutes

(Optional) The number of minutes that an active entry is active. The range is from 1 to 60 minutes. The default is 30 minutes.

inactive seconds

(Optional) The number of seconds that an inactive entry will stay in the aggregation cache before it times out. The range is from 10 to 600 seconds. The default is 15 seconds.


Defaults

The default for cache entries is 4096.

The default for active cache entries is 30 minutes.

The default for inactive cache entries is 15 seconds.

Command Modes

Aggregation cache configuration

Command History

Release
Modification

12.0(3)T

This command was introduced.


Examples

The following example shows how to set the aggregation cache entry limits:

cache entries 2046
cache timeout inactive 199

Related Commands

Command

Description

default-name

Enables an aggregation cache.

ip cache-invalidate-delay

Enables the exporting of information from NetFlow aggregation caches.

ip flow-aggregation cache

Enables aggregation cache configuration mode.

show ip cache flow aggregation

Displays the aggregation cache configuration.

show mpoa client

Displays the statistics for the data export, including the main cache and all other enabled caches.


class (MPLS)

To configure a defined MPLS CoS map that specifies how classes map to label VCs (LVCs) when combined with a prefix map, use the class command in CoS map submode. To disable this option, use the no form of this command.

class class [available standard premium control]

no class class [available standard premium control]

Syntax Description

class

The precedence of identified traffic to classify traffic.

available

(Optional) Means low precedence (In/Out plus lower two bits = 0,4).

standard

(Optional) Means next precedence (In/Out plus lower two bits = 1,5).

premium

(Optional) Means high precedence (In/Out plus lower two bits = 2,6).

control

(Optional) Means highest precedence pair (In/Out plus lower two bits = 3,7). These bits are reserved for control traffic.


Defaults

No default behavior or values.

Command Modes

CoS map submode

Command History

Release
Modification

12.0(5)T

This command was introduced.


Examples

The following commands configure a CoS map:

tag-switching cos-map 55
class 1 premium
exit

Related Commands

Command
Description

access-list

Configures the access list mechanism for filtering frames by protocol type or vendor code.

show tag-switching cos-map

Displays the CoS map used to assign quantity of LVCs and associated CoS of those LVCs.

tag-switching cos-map

Creates a class map that specifies how classes map to LVCs when combined with a prefix map.

tag-switching prefix-map

Displays the prefix map used to assign a CoS map to network prefixes matching a standard IP access list.


clear adjacency

To clear the Cisco Express Forwarding (CEF) adjacency table, use the clear adjacency command in EXEC mode.

clear adjacency

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

11.2 GS

This command was introduced to support the Cisco 12012 Internet router.

11.1 CC

Multiple platform support was added.


Usage Guidelines

When you issue this command, entries in the adjacency table that reside on the Route Processor (RP) are removed and then adjacency sources (such as ARP and Frame Relay) are requested to repopulate the adjacency tables once again. Layer 2 next hop information is reevaluated.

With distributed CEF (dCEF) mode, the adjacency tables that reside on line cards are always synchronized to the adjacency table that resides on the RP. Therefore, clearing the adjacency table on the RP using the clear adjacency command also clears the adjacency tables on the line cards; all changes are propagated to the line cards.

Clearing adjacencies cause the adjacency table to repopulate from the Layer 2 to Layer 3 mapping tables, such as ARP. To cause the mappings to be re-evaluated, the source information must be cleared by using a Cisco IOS command, such as the clear arp-cache command.

Examples

The following example clears the adjacency table:

Router# clear adjacency

Related Commands

Command
Description

clear arp-cache

Deletes all dynamic entries from the ARP cache.

show adjacency

Displays CEF adjacency table information.


clear atm vc

To release a specified switched virtual circuit (SVC), use the clear atm vc command in EXEC mode.

clear atm vc vcd

Syntax Description

vcd

Virtual channel descriptor of the channel to be released.


Command Modes

EXEC

Command History

Release
Modification

11.0

This command was introduced.


Usage Guidelines

For multicast or control VCCs, this command causes the LANE client to exit and rejoin an emulated LAN.

For data VCCs, this command also removes the associated LAN Emulation Address Resolution Protocol (LE ARP) table entries.

Examples

The following example releases SVC 1024:

clear atm vc 1024

clear cef interface

To clear the Cisco Express Forwarding (CEF) per-interface traffic policy statistics for an interface, use the clear cef interface policy-statistics command in privileged EXEC mode.

clear cef interface [interface-type interface-number] policy-statistics

Syntax Description

interface-type

Type of interface to clear the policy statistics for

interface-number

Port, connector, or interface card number


Defaults

If you do not specify an interface type and interface number the policy statistics for all interfaces are cleared.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(9)S

This command was introduced to support the Cisco 12000 series Internet routers.

12.0(17)ST

This command was introduced to support the Cisco 12000 series Internet routers.

12.2(13)T

This command was integrated into Cisco IOS Release 12.2(13)T.


Usage Guidelines

This command clears the CEF BGP traffic policy statistics counters for an interface.

Examples

The following example clears the CEF BGP traffic policy statistics counters:

R1# clear cef interface ethernet 0/0 policy-statistics 
R1#

Related Commands

Command
Description

bgp-policy

Enables Border Gateway Protocol (BGP) policy accounting or policy propagation on an interface.

show cef interface policy-statistics

Displays detailed Cisco Express Forwarding (CEF) policy statistical information for all interfaces.


clear cef linecard

To clear Cisco Express Forwarding (CEF) information from line cards, use the clear cef linecard command in EXEC mode.

clear cef linecard [slot-number] [adjacency | interface | prefix]

Syntax Description

slot-number

(Optional) Line card slot number to clear. When you omit this argument, all line card slots are cleared.

adjacency

(Optional) Clears line card adjacency tables and rebuilds adjacency for the specified line card.

interface

(Optional) Clears line card interface information and recreates the interface information for the specified line card.

prefix

(Optional) Clears line card prefix tables and starts rebuilding the forwarding information base (FIB) table.


Command Modes

EXEC

Command History

Release
Modification

11.2 GS

This command was introduced to support the Cisco 12012 Internet router.

11.1 CC

Multiple platform support was added.


Usage Guidelines

This command is available only on distributed switching platforms running dCEF.

CEF information on the line cards is cleared, however, CEF information on the Route Processor (RP) is not affected.

Once you clear CEF information from line cards, the corresponding information from the RP is propagated to the line cards. Interprocess communications (IPC) ensures that CEF information on the RP matches the CEF information on the line cards.

Examples

The following example clears the CEF information from the line cards:

clear cef linecard

Related Commands

Command
Description

show cef linecard

Displays CEF-related interface information by line card.


clear ip cache

To delete entries in the routing table cache used to fast switch IP traffic, use the clear ip cache command in the privileged EXEC mode.

clear ip cache [prefix mask]

Syntax Description

prefix mask

(Optional) Deletes only the entries in the cache that match the prefix and mask combination.


Command Modes

Privileged EXEC

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Use this command to clear routes from the routing table cache. You can remove all entries in the routing cache or you can remove only those entries associated with a specified prefix and mask.

Examples

The following command shows how to delete entire in the routing table cache:

Router# clear ip cache

The following command show how to delete entries in the router table associated with the prefix and mask 192.168.32.0 255.255.255.0:

Router# clear ip cache 192.168.32.0 255.255.255.0

Related Commands

Command
Description

ip route-cache

Controls the use of high-speed switching caches for IP routing.

show ip cache

Displays the routing table cache used to fast switch IP traffic.


clear ip cef event-log

To clear the Cisco Express Forwarding (CEF) event-log buffer, use the clear ip cef event-log command in EXEC mode.

clear ip cef event-log

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

12.0(15)S

This command was introduced.

12.2(2)T

This command was integrated into Cisco IOS Release 12.2(2)T.


Usage Guidelines

This command clears the entire CEF table event log that holds forwarding information base (FIB) and adjacency events.

Examples

The following example clears the CEF event-log buffer:

Router# clear ip cef event-log

Related Commands

Command
Description

IP cef table consistency-check

Enables CEF table consistency checker types and parameters.

ip cef table event-log

Controls CEF table event-log characteristics.

show ip cef events

Displays all recorded CEF FIB and adjacency events.


clear ip cef inconsistency

To clear the Cisco Express Forwarding (CEF) inconsistency statistics and records found by the CEF consistency checkers, use the clear ip cef inconsistency command in EXEC mode.

clear ip cef inconsistency

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

12.0(15)S

This command was introduced.

12.2(2)T

This command was integrated into Cisco IOS Release 12.2(2)T.


Usage Guidelines

This command clears the CEF inconsistency checker statistics and records that accumulate when the ip cef table consistency-check command is enabled.

Examples

The following example clears all CEF inconsistency checker statistics and records:

Router# clear ip cef inconsistency

Related Commands

Command
Description

ip cef table consistency-check

Enables CEF table consistency checker types and parameters.

show ip cef inconsistency

Displays CEF IP prefix inconsistencies.


clear ip cef prefix-statistics

To clear Cisco Express Forwarding (CEF) counters by resetting the packet and byte count to zero (0), use the clear ip cef prefix-statistics command in EXEC mode.

clear ip cef {network [mask] | *} prefix-statistics

Syntax Description

network

Clears counters for a forwarding information base (FIB) entry specified by network.

mask

(Optional) Clears counters for a FIB entry specified by network and mask.

*

Clears counters for all FIB entries.


Command Modes

EXEC

Command History

Release
Modification

11.2 GS

This command was introduced to support the Cisco 12012 Internet router.

11.1 CC

Multiple platform support was added.


Usage Guidelines

When the clear statistics flag is set, statistics are cleared as the FIB table is scanned. The time period is up to 60 seconds for all statistics to clear. However, clearing a specific prefix is completed immediately.

Examples

The following example resets the packet and byte counts to zero for all CEF entries:

clear ip cef * prefix-statistics

Related Commands

Command
Description

ip cef accounting

Enables CEF network accounting.

show adjacency

Displays CEF adjacency table information.

show ip cef

Displays entries or a summary of the FIB table.


clear ip flow stats

To clear the NetFlow accounting statistics, use the clear ip flow stats command in privileged EXEC mode.

clear ip flow stats

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release
Modification

11.1CA

This command was introduced.


Usage Guidelines

You must have NetFlow accounting configured on your router before you can use this command.

The show ip cache flow command displays the NetFlow accounting statistics. Use the clear ip flow stats command to clear the NetFlow accounting statistics.

Examples

The following example shows how to clear the NetFlow accounting statistics on the router:

Router# clear ip flow stats

Related Commands

Command
Description

show ip cache flow

Displays a summary of the NetFlow accounting statistics.

show ip cache verbose flow

Displays a detailed summary of the NetFlow accounting statistics.

show ip flow interface

Displays NetFlow accounting configuration on interfaces.

show ip interface

Displays the usability status of interfaces configured for IP.


clear ip mds

To clear multicast distributed switching (MDS) information from the router, use the clear ip mds command in privileged EXEC mode.

clear ip mds {all | [vrf vrf-name] forwarding}

Syntax Description

all

(Optional) Clear all IP MDS information.

vrf

(Optional) A Virtual Private Network (VPN) routing and forwarding (VRF) instance.

vrf-name

(Optional) Name assigned to the VRF.

forwarding

(Optional) Clears all linecard routes from a Multicast Forwarding Information Base (MFIB) table and resynchronizes it with the Route Processor (RP).


Command Modes

Privileged EXEC

Command History

Release
Modification

11.2(11)GS

This command was introduced.


Usage Guidelines

Cisco 12000 Series Internet Router

On a Cisco 12000 Series Internet Router the clear ip mds command must be run in privileged EXEC mode on a linecard.

Examples

The following example clears all line card routes in an MFIB table on a Cisco 12000 Series Internet Router:

Router# attach 1
LC-Slot1> enable
LC-Slot1# clear ip mds forwarding

The following example clears all line card routes in an MFIB table on a Cisco 7500 Series 
Router:
Router# clear ip mds forwarding

Related Commands

Command
Description

show ip mds interface

Displays the MFIB table and forwarding information for MDS on a line card.

show ip mds stats

Display switching statistics or line card statistics for MDS.

show ip mds summary

Displays a summary of the MFIB table for MDS.

show ip mds forwarding

Displays MDS information for all the interfaces on the line card.


clear ip mds linecard

To reset multicast distributed switching (MDS) line card information on the router, use the clear ip mds linecard command in privileged EXEC mode.

clear ip mds linecard {linecard-slot-number | *}

Syntax Description

linecard-slot-number

Slot number containing the line card to be reset.

*

Indicates that the reset should be executed on all line cards.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(19.3)S

This command was introduced.


Usage Guidelines

When the * keyword is specified instead of the linecard-slot-number argument, all MDS information on all line cards is cleared and reset.

Examples

The following example clears and resets all MDS line card information on the router:

Router# clear ip mds linecard *

Related Commands

Command
Description

show ip mds

Clears MDS information from the router.

show ip mds interface

Displays the MFIB table and forwarding information for MDS on a line card.

show ip mds stats

Display switching statistics or line card statistics for MDS.

show ip mds summary

Displays a summary of the MFIB table for MDS.

show ip mds forwarding

Displays MDS information for all the interfaces on the line card.


clear ip mds forwarding

The forwarding keyword for the clear ip mds command is no longer documented as a separate command.

The information for using the forwarding keyword for the clear ip mds command has been incorporated into the clear ip mds command documentation. See the clear ip mds command documentation for more information.

clear ip mroute

To delete entries from the IP multicast routing table, use the clear ip mroute command in EXEC mode.

clear ip mroute {* | group [source]}

Syntax Description

*

Deletes all entries from the IP multicast routing table.

group

Either of the following:

Name of the multicast group, as defined in the DNS hosts table or with the ip host command.

IP address of the multicast group. This is a multicast IP address in four-part, dotted notation.

source

(Optional) If you specify a group name or address, you can also specify a name or address of a multicast source that is sending to the group. A source need not be a member of the group.


Command Modes

EXEC

Command History

Release
Modification

10.0

This command was introduced.

12.0(5) T

The effect of this command was modified. If IP multicast Multilayer Switching (MLS) is enabled, using this command now clears both the multicast routing table on the MMLS-RP and all multicast MLS cache entries for all MMLS-SEs that are performing multicast MLS for the MMLS-RP. That is, the original clearing occurs, and the derived hardware switching table is also cleared.


Examples

The following example deletes all entries from the IP multicast routing table:

clear ip mroute *

The following example deletes from the IP multicast routing table all sources on the 10.3.0.0 subnet that are sending to the multicast group 224.2.205.42. Note that this example deletes all sources on network 10.3, not individual sources.

clear ip mroute 224.2.205.42 10.3.0.0

Related Commands

Command
Description

ip host

Defines a static host name-to-address mapping in the host cache.

mls rp ip multicast

Enables IP multicast MLS (hardware switching) on an external or internal router in conjunction with Layer 3 switching hardware for the Catalyst 5000 switch.

show ip mroute

Displays the contents of the IP multicast routing table.


clear ip pim interface count

To clear all line card counts or packet counts, use the clear ip pim interface count command in EXEC mode.

clear ip pim interface count

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

11.2(11)GS

This command was introduced.


Usage Guidelines

Use this command on a Router Processor (RP) to delete all multicast distributed switching (MDS) statistics for the entire router.

Examples

The following example clears all the line card packets counts:

clear ip pim interface count

Related Commands

Command
Description

clear ip mds forwarding

Clears all routes from the MFIB table of a line card and resynchronizes it with the RP.


clear ip route vrf

To remove routes from the VRF routing table, use the clear ip route vrf command in EXEC mode.

clear ip route vrf vrf-name {* | network [mask]}

Syntax Description

vrf-name

Name of the VPN routing and forwarding instance (VRF) for the static route.

*

Deletes all routes for a given VRF.

network

Destination to be removed, in dotted decimal format.

mask

(Optional) Mask for the specified network destination, in dotted decimal format.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

12.0(5)T

This command was introduced.


Usage Guidelines

Use this command to clear routes from the routing table. Use the asterisk (*) to delete all routes from the forwarding table for a specified VRF, or enter the address and mask of a particular network to delete the route to that network.

Examples

The following command removes the route to the network 10.13.0.0 in the vpn1 routing table:

clear ip route vrf vpn1 10.13.0.0

Related Commands

Command
Description

show ip route vrf

Displays the IP routing table associated with a VRF.


clear lane le-arp

To clear the dynamic LAN Emulation Address Resolution Protocol (LE ARP) table or a single LE ARP entry of the LANE client configured on the specified subinterface or emulated LAN, use the clear lane le-arp command in EXEC mode.

Cisco 7500 Series

clear lane le-arp [interface slot/port [.subinterface-number] | name elan-name] [mac-address mac-address | route-desc segment segment-number bridge bridge-number]

Cisco 4500 and 4700 Routers

clear lane le-arp [interface number [.subinterface-number] | name elan-name] [mac-address mac-address | route-desc segment segment-number bridge bridge-number]

Syntax Description

interface slot/port[.subinterface-number]

(Optional) Interface or subinterface for the LANE client whose LE ARP table or entry is to be cleared for the Cisco 7500 series routers. The space between the interface keyword and the slot argument is optional.

interface number[.subinterface-number]

(Optional) Interface or subinterface for the LANE client whose LE ARP table or entry is to be cleared for the Cisco 4500 or 4700 routers. The space between the interface keyword and the number argument is optional.

name elan-name

(Optional) Name of the emulated LAN for the LANE client whose LE ARP table or entry is to be cleared. Maximum length is 32 characters.

mac-address mac-address

(Optional) Keyword and MAC address of the LANE client.

route-desc segment segment-number

(Optional) Keywords and LANE segment number. The segment number ranges from 1 to 4095.

bridge bridge-number

(Optional) Keyword and bridge number that is contained in the route descriptor. The bridge number ranges from 1 to 15.


Command Modes

EXEC

Command History

Release
Modification

11.0

This command was introduced.


Usage Guidelines

This command removes dynamic LE ARP table entries only. It does not remove static LE ARP table entries.

If you do not specify an interface or an emulated LAN, this command clears all the LE ARP tables of any LANE client in the router.

If you specify a major interface (not a subinterface), this command clears all the LE ARP tables of every LANE client on all the subinterfaces of that interface.

This command also removes the fast-cache entries built from the LE ARP entries.

Examples

The following example clears all the LE ARP tables for all clients on the router:

clear lane le-arp

The following example clears all the LE ARP tables for all LANE clients on all the subinterfaces of interface 1/0:

clear lane le-arp interface 1/0

The following example clears the entry corresponding to MAC address 0800.aa00.0101 from the LE ARP table for the LANE client on the emulated LAN named red:

clear lane le-arp name red 0800.aa00.0101

The following example clears all dynamic entries from the LE ARP table for the LANE client on the emulated LAN named red:

clear lane le-arp name red 

The following example clears the dynamic entry from the LE ARP table for the LANE client on segment number 1, bridge number 1 in the emulated LAN named red:

clear lane le-arp name red route-desc segment 1 bridge 1

Note MAC addresses are written in the same dotted notation for the clear lane le-arp command as they are for the global IP arp command.


clear lane server

To force a LANE server to drop a client and allow the LANE configuration server to assign the client to another emulated LAN, use the clear lane server command in EXEC mode.

Cisco 7500 Series

clear lane server {interface slot/port [.subinterface-number] | name elan-name} [mac-address mac-address | client-atm-address atm-address | lecid lane-client-id | route-desc segment segment-number bridge bridge-number]

Cisco 4500 and 4700 Routers

clear lane server {interface number [.subinterface-number] | name elan-name} [mac-address mac-address | client-atm-address atm-address | lecid lecid | route-desc segment segment-number bridge bridge-number]

Syntax Description

interface slot/port [.subinterface-number]

Interface or subinterface where the LANE server is configured for the Cisco 7500 series. The space between the interface keyword and the slot argument is optional.

interface number [.subinterface-number]

Interface or subinterface where the LANE server is configured for the Cisco 4500 or 4700 routers. The space between the interface keyword and the number argument is optional.

name elan-name

Name of the emulated LAN on which the LANE server is configured. Maximum length is 32 characters.

mac-address mac-address

(Optional) Keyword and MAC address of the LANE client.

client-atm-address atm-address

(Optional) Keyword and ATM address of the LANE client.

lecid lane-client-id

(Optional) Keyword and ID of the LANE client. The LANE client ID is a value from 1 to 4096.

route-desc segment segment-number

(Optional) Keywords and LANE segment number. The segment number ranges from 1 to 4095.

bridge bridge-number

(Optional) Keyword and bridge number that is contained in the route descriptor. The bridge number ranges from 1 to 15.


Command Modes

EXEC

Command History

Release
Modification

11.0

This command was introduced.


Usage Guidelines

After changing the bindings on the configuration server, use this command on the LANE server to force the client to leave one emulated LAN. The LANE server will drop the Control Direct and Control Distribute VCCs to the LANE client. The client will then ask the LANE configuration server for the location of the LANE server of the emulated LAN it should join.

If no LANE client is specified, all LANE clients attached to the LANE server are dropped.

Examples

The following example forces all the LANE clients on the emulated LAN named red to be dropped. The next time they try to join, they will be forced to join a different emulated LAN.

clear lane server name red

Related Commands

Command
Description

client-atm-address name

Adds a LANE client address entry to the configuration database of the configuration server.

lane database

Creates a named configuration database that can be associated with a configuration server.

mac-address

Sets the MAC layer address of the Cisco Token Ring.

show lane server

Displays global information for the LANE server configured on an interface, on any of its subinterfaces, on a specified subinterface, or on an ELAN.


clear mpoa client cache

To clear the ingress and egress cache entries of one or all MPCs, use the clear mpoa client cache command in EXEC mode.

clear mpoa client [name mpc-name] cache [ingress | egress] [ip-address ip-address]

Syntax Description

name mpc-name

(Optional) Specifies the name of the MPC with the specified name.

ingress

(Optional) Clears ingress cache entries associated with the MPC.

egress

(Optional) Clears egress cache entries associated with the MPC.

ip-address ip-address

(Optional) Clears matching cache entries with the specified IP address.


Defaults

The system defaults are:

All MPC cache entries are cleared.

Both caches are cleared.

Entries matching only the specified destination IP address are cleared.

Command Modes

EXEC

Command History

Release
Modification

11.3(3a)WA4(5)

This command was introduced.


Examples

The following example clears the ingress and egress cache entries for the MPC named ip_mpc:

clear mpoa client name ip_mpc cache

Related Commands

Command
Description

show mpoa client cache

Displays the ingress or egress cache entries matching the IP addresses for the MPCs.


clear mpoa server cache

To clear the ingress and egress cache entries, use the clear mpoa server cache command in EXEC mode.

clear mpoa server [name mps-name] cache [ingress | egress] [ip-address ip-address]

Syntax Description

name mps-name

(Optional) Specifies the name of the MPS. If this keyword is omitted, this command will apply to all servers.

ingress

(Optional) Clears ingress cache entries associated with a server.

egress

(Optional) Clears egress cache entries associated with a server.

ip-address ip-address

(Optional) Clears matching cache entries with the specified IP address. If this keyword is omitted, this command will clear all entries.


Command Modes

EXEC

Command History

Release
Modification

11.3(3a)WA4(5)

This command was introduced.


Usage Guidelines

This command clears cache entries.

Examples

The following example clears all cache entries:

clear mpoa server cache

Related Commands

Command
Description

show mpoa server cache

Displays ingress and egress cache entries associated with a server.


clear vlan

To delete an existing virtual LAN (VLAN) from a management domain, use the clear vlan command in privileged EXEC mode.

clear vlan vlan

Syntax Description

vlan

Number of the VLAN. Valid values are 2 to 1000.


Command Modes

Privileged EXEC

Usage Guidelines

Follow these guidelines for deleting VLANs:

When you delete an Ethernet VLAN in Virtual Terminal Protocol (VTP) server mode, the VLAN is removed from all switches in the same VTP domain.

When you delete a VLAN in VTP transparent mode, the VLAN is deleted only on the current switch.

To delete a Token Ring Bridge Relay Function (TRBRF) VLAN, you must either first reassign its child Token Ring Concentrator Relay Functions (TRCRFs) to another parent TRBRF or delete the child TRCRFs.


Caution When you clear a VLAN, all ports assigned to that VLAN become inactive. However, the VLAN port assignments are retained until you move the ports to another VLAN. If the cleared VLAN is reactivated, all ports still configured on that VLAN are also reactivated. A warning is displayed if you clear a VLAN that exists in the mapping table.

Examples

The following example shows how to clear an existing VLAN (VLAN 4) from a management domain:

Router# clear vlan 4 
This command will deactivate all ports on vlan 4 
in the entire management domain 
Do you want to continue(y/n) [n]? y 
VLAN 4 deleted

Related Commands

Command
Description

set vlan

Groups ports into a VLAN.

show vlans

Displays VLAN subinterfaces.


clear vlan mapping

To delete existing 802.1Q virtual LAN (VLAN) to Inter-Switch Link (ISL) VLAN-mapped pairs, use the clear vlan mapping command in privileged EXEC mode.

clear vlan mapping dot1q {1q-vlan | all}

Syntax Description

dot1q

Specifies the 802.1Q VLAN.

1q-vlan

Number of the 802.1Q VLAN for which to remove the mapping.

all

Clears the mapping table of all entries.


Command Modes

Privileged EXEC

Examples

The following example shows how to clear an existing mapped 802.1Q VLAN (VLAN 1044) from the
mapping table:

Router# clear vlan mapping dot1q 1044
Vlan Mapping 1044 Deleted.

The following example shows how to clear all mapped 802.1Q VLANs from the mapping table:

Router# clear vlan mapping dot1q all
All Vlan Mapping Deleted.

Related Commands

Command
Description

set vlan mapping

Maps 802.1Q VLANs to ISL VLANs.

show vlan mapping

Displays VLAN mapping table information.


client-atm-address name

To add a LANE client address entry to the configuration server's configuration database, use the client-atm-address name database configuration command. To remove a client address entry from the table, use the no form of this command.

client-atm-address atm-address-template name elan-name

no client-atm-address atm-address-template

Syntax Description

atm-address-template

Template that explicitly specifies an ATM address or a specific part of an ATM address and uses wildcard characters for other parts of the ATM address, making it easy and convenient to specify multiple addresses matching the explicitly specified part.

Wildcard characters can replace any nibble or group of nibbles in the prefix, the end-system identifier (ESI), or the selector fields of the ATM address.

elan-name

Name of the emulated LAN. Maximum length is 32 characters.


Defaults

No address and no emulated LAN name are provided.

Command Modes

Database configuration

Command History

Release
Modification

11.0

This command was introduced.


Usage Guidelines

The effect of this command is to bind any client whose address matches the specified template into the specified emulated LAN. When a client comes up, it consults the LANE configuration server, which responds with the ATM address of the LANE server for the emulated LAN. The client then initiates join procedures with the LANE server.

Before this command is used, the emulated LAN specified by the elan-name argument must have been created in the configuration server's database by use of the name server-atm-address command.

If an existing entry in the configuration server's database binds the LANE client ATM address to a different emulated LAN, the new command is rejected.

This command affects only the bindings in the named configuration server database. It has no effect on the LANE components themselves.

See the lane database command for information about creating the database, and the name server-atm-address command for information about binding the emulated LAN's name to the server's ATM address.

The client-atm-address name command is a subcommand of the global lane database command.

ATM Addresses

A LANE ATM address has the same syntax as a network service access point (NSAP), but it is not a network-level address. It consists of the following:

A 13-byte prefix that includes the following fields defined by the ATM Forum:

AFI (Authority and Format Identifier) field (1 byte), DCC (Data Country Code) or ICD (International Code Designator) field (2 bytes), DFI field (Domain Specific Part Format Identifier) (1 byte), Administrative Authority field (3 bytes), Reserved field (2 bytes), Routing Domain field (2 bytes), and the Area field (2 bytes)

A 6-byte ESI

A 1-byte selector field

Address Templates

LANE ATM address templates can use two types of wildcards: an asterisk (*) to match any single character (nibble), and an ellipsis (...) to match any number of leading, middle, or trailing characters. The values of the characters replaced by wildcards come from the automatically assigned ATM address.

In LANE, a prefix template explicitly matches the prefix but uses wildcards for the ESI and selector fields. An ESI template explicitly matches the ESI field but uses wildcards for the prefix and selector.

In our implementation of LANE, the prefix corresponds to the switch, the ESI corresponds to the ATM interface, and the selector field corresponds to the specific subinterface of the interface.

Examples

The following example uses an ESI template to specify the part of the ATM address corresponding to the interface. This example allows any client on any subinterface of the interface that corresponds to the displayed ESI value, no matter to which switch the router is connected, to join the engineering emulated LAN:

client-atm-address ...0800.200C.1001.** name engineering

The following example uses a prefix template to specify the part of the ATM address corresponding to the switch. This example allows any client on a subinterface of any interface connected to the switch that corresponds to the displayed prefix to join the marketing emulated LAN:

client-atm-address 47.000014155551212f.00.00... name marketing

Related Commands

Command
Description

default-name

Provides an ELAN name in the database of the configuration server for those client MAC addresses and client ATM addresses that do not have explicit ELAN name bindings.

lane database

Creates a named configuration database that can be associated with a configuration server.

mac-address

Sets the MAC layer address of the Cisco Token Ring.

name server-atm-address

Specifies or replaces the ATM address of the LANE server for the ELAN in the configuration database of the configuration server.


default-name

To provide an emulated LAN name in the configuration server's database for those client MAC addresses and client ATM addresses that do not have explicit emulated LAN name bindings, use the default-name command in database configuration mode. To remove the default name, use the no form of this command.

default-name elan-name

no default-name

Syntax Description

elan-name

Default emulated LAN name for any LANE client MAC address or LANE client ATM address not explicitly bound to any emulated LAN name. Maximum length is 32 characters.


Defaults

No name is provided.

Command Modes

Database configuration

Command History

Release
Modification

11.0

This command was introduced.


Usage Guidelines

This command affects only the bindings in the configuration server's database. It has no effect on the LANE components themselves.

The named emulated LAN must already exist in the configuration server's database before this command is used. If the default name-to-emulated LAN name binding already exists, the new binding replaces it.

The default-name command is a subcommand of the global lane database global configuration command.

Examples

The following example specifies the emulated Token Ring LAN named man as the default emulated LAN. Because none of the emulated LANs are restricted, clients are assigned to whichever emulated LAN they request. Clients that do not request a particular emulated LAN will be assigned to the named man emulated LAN.

lane database example2
 name eng server-atm-address 39.000001415555121101020304.0800.200c.1001.02
 name eng local-seg-id 1000
 name man server-atm-address 39.000001415555121101020304.0800.200c.1001.01
 name man local-seg-id 2000
 name mkt server-atm-address 39.000001415555121101020304.0800.200c.4001.01
 name mkt local-seg-id 3000
 default-name man

Related Commands

Command
Description

client-atm-address name

Adds a LANE client address entry to the configuration database of the configuration server.

lane database

Creates a named configuration database that can be associated with a configuration server.

mac-address

Sets the MAC layer address of the Cisco Token Ring.

name server-atm-address

Specifies or replaces the ATM address of the LANE server for the ELAN in the configuration database of the configuration server.


enabled (aggregation cache)

To enable a NetFlow accounting aggregation cache, use the enabled command in NetFlow aggregation cache configuration mode. To disable a NetFlow accounting aggregation cache, use the no form of this command.

enabled

no enabled

Syntax Description

This command has no arguments or keywords.

Defaults

No aggregation cache is enabled.

Command Modes

NetFlow aggregation cache configuration

Command History

Release
Modification

12.0(3)T

This command was introduced.


Usage Guidelines

You must have NetFlow accounting configured on your router before you can use this command.

Examples

The following example shows how to enable a NetFlow protocol-port aggregation cache:

Router(config)# ip flow-aggregation cache protocol-port

Router(config-flow-cache)# enabled

The following example shows how to disable a NetFlow protocol-port aggregation cache:

Router(config)# ip flow-aggregation cache protocol-port

Router(config-flow-cache)# no enabled

Related Commands

Command
Description

cache

Defines operational parameters for NetFlow accounting aggregation caches.

export destination (aggregation cache)

Enables the exporting of NetFlow accounting information from NetFlow aggregation caches.

ip flow-aggregation cache

Enables NetFlow accounting aggregation cache schemes.

mask (IPv4)

Specifies the source or destination prefix mask for a NetFlow accounting prefix aggregation cache.

show ip cache flow aggregation

Displays the NetFlow accounting aggregation cache statistics.

show ip cache flow

Displays a summary of the NetFlow accounting statistics.

show ip cache verbose flow

Displays a detailed summary of the NetFlow accounting statistics.

show ip flow interface

Displays NetFlow accounting configuration on interfaces.


encapsulation dot1q

To enable IEEE 802.1Q encapsulation of traffic on a specified subinterface in virtual LANs (VLANs), use the encapsulation dot1q subinterface configuration command.

encapsulation dot1q vlan-id [native]

Syntax Description

vlan-id

Virtual LAN identifier. The allowed range is from 1 to 4095.

native

(Optional) Sets the PVID value of the port to the vlan-id value.


Defaults

No default values or behaviors.

Command Modes

Subinterface configuration

Command History

Release
Modification

12.0(1)T

This command was introduced.

12.1(3)T

The native keyword was added.


Usage Guidelines

IEEE 802.1Q encapsulation is configurable on Fast Ethernet interfaces. IEEE 802.1Q is a standard protocol for interconnecting multiple switches and routers and for defining VLAN topologies.

Do not configure encapsulation on the native VLAN of an IEEE 802.1Q trunk without the native keyword. (Always use the native keyword when vlan-id is the ID of the IEEE 802.1Q native VLAN.)

Examples

The following example encapsulates VLAN traffic using the IEEE 802.1Q protocol for VLAN 100:

interface fastethernet 4/1.100
  encapsulation dot1q 100

Related Commands

Command
Description

encapsulation isl

Enables the ISL, a Cisco proprietary protocol for interconnecting multiple switches and maintaining VLAN information as traffic goes between switches.

encapsulation sde

Enables IEEE 802.10 encapsulation of traffic on a specified subinterface in VLANs.


encapsulation isl

To enable the Inter-Switch Link (ISL), use the encapsulation isl command in subinterface configuration mode.

encapsulation isl vlan-identifier

Syntax Description

vlan-identifier

Virtual LAN (VLAN) identifier. The allowed range is from 1 to 1000.


Defaults

No default values or behaviors.

Command Modes

Subinterface configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

ISL is a Cisco protocol for interconnecting multiple switches and routers, and for defining VLAN topologies.

ISL encapsulation is configurable on Fast Ethernet interfaces.

ISL encapsulation adds a 26-byte header to the beginning of the Ethernet frame. The header contains a 10-bit VLAN identifier that conveys VLAN membership identities between switches.

Examples

The following example enables ISL on Fast Ethernet subinterface 2/1.20:

interface FastEthernet 2/1.20 
 encapsulation isl 400

Related Commands

Command
Description

bridge-group

Assigns each network interface to a bridge group.

show bridge vlan

Displays virtual LAN subinterfaces.

show interfaces

Displays statistics for all interfaces configured on the router or access server.

show vlans

Displays virtual LAN subinterfaces.


encapsulation sde

To enable IEEE 802.10 encapsulation of traffic on a specified subinterface in virtual LANs (VLANs), use the encapsulation sde command in subinterface configuration mode. IEEE 802.10 is a standard protocol for interconnecting multiple switches and routers and for defining VLAN topologies.

encapsulation sde said

Syntax Description

said

Security association identifier. This value is used as the VLAN identifier. The valid range is from 0 to 0xFFFFFFFE.


Defaults

No default values or behaviors.

Command Modes

Subinterface configuration

Command History

Release
Modification

10.3

This command was introduced.


Usage Guidelines

SDE encapsulation is configurable only on the following interface types:

IEEE 802.10 Routing
IEEE 802.10 Transparent Bridging

FDDI

Ethernet

FDDI

HDLC Serial

Transparent mode

Token Ring


Examples

The following example enables SDE on FDDI subinterface 2/0.1 and assigns a VLAN identifier of 9999:

interface fddi 2/0.1
 encapsulation sde 9999

Related Commands

Command
Description

bridge-group

Assigns each network interface to a bridge group.

show bridge vlan

Displays virtual LAN subinterfaces.

show interfaces

Displays statistics for all interfaces configured on the router or access server.

show vlans

Displays virtual LAN subinterfaces.


encapsulation tr-isl trbrf-vlan

To enable TRISL, use the encapsulation tr-isl trbrf-vlan command in subinterface configuration mode. TRISL is a Cisco proprietary protocol for interconnecting multiple routers and switches and maintaining VLAN information as traffic goes between switches.

encapsulation tr-isl trbrf-vlan vlan-id bridge-num bridge-number

Syntax Description

vlan-id

Number identifying the VLAN.

bridge-num bridge-number

Keyword and specify the identification number of the bridge number on the ISL trunk. Possible values are from 1 to 4095.


Defaults

Disabled

Command Modes

Subinterface configuration

Command History

Release
Modification

11.3(4)T

This command was introduced.


Examples

In the following example, TRISL is enabled on a Fast Ethernet interface:

interface FastEthernet4/0.2 
 encapsulation tr-isl trbrf-vlan 999 bridge-num 14

Related Commands

Command
Description

clear drip counters

Clears DRiP counters.

clear vlan statistics

Removes virtual LAN statistics from any statically or system configured entries.

multiring

Enables collection and use of RIF information.

multiring trcrf-vlan

Creates a pseudo-ring to terminate the RIF for source-routed traffic and assigns it to a VLAN.

show drip

Displays the status of the DRiP database.

show vlans

Displays virtual LAN subinterfaces.

source-bridge trcrf-vlan

Attaches a TrCRF VLAN to the virtual ring of the router.


exit-address-family

To exit from the address family configuration submode, use the exit-address-family command in address family configuration submode.

exit-address-family

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

Address family configuration submode

Command History

Release
Modification

12.0(5)T

This command was introduced.


Usage Guidelines

This command can be abbreviated to exit.

Examples

The following example shows how to exit the address family configuration mode:

(config-router-af)# exit-address-family

Related Commands

Command
Description

address-family

Enters the address family submode for configuring routing protocols, such as BGP, RIP, and static routing.


export destination

To enable the exporting of information from NetFlow aggregation caches, use the export destination command in aggregation cache configuration mode. To disable the exporting of NetFlow aggregation cache information, use the no form of this command.

export destination ip-address port

no export destination ip-address port

Syntax Description

ip-address

Destination IP address.

port

Destination UDP port.


Defaults

An export destination is not set.

Command Modes

Aggregation cache configuration

Command History

Release
Modification

12.0(3)T

This command was introduced.


Usage Guidelines

For version 8 data exports, the maximum number of aggregated flow records and the maximum size in bytes of each UDP datagram are as follows:

Aggregation Scheme
Max. Number of Flow Records
UDP Packet Size

BGP Autonomous System

51

1456 bytes

Destination Prefix

44

1436 bytes

Prefix

35

1428 bytes

Protocol Port

51

1456 bytes

Source Prefix

44

1436 bytes


Examples

The following example shows how to configure an export destination for an aggregation cache:

export destination 10.41.41.1 9992

Related Commands

Command
Description

clear adjacency

Configures aggregation cache operational parameters.

default-name

Enables an aggregation cache.

ip flow-aggregation cache

Enables aggregation cache configuration mode.

show ip cache flow aggregation

Displays the aggregation cache configuration.

show mpoa client

Displays the statistics for the data export including the main cache and all other enabled caches.


export map

To configure an export route map for a Virtual Private Network (VPN) routing/forwarding instance (VRF), use the export map command in VRF configuration submode. To remove an export route map, use the no form of this command.

export map route-map

no export map route-map

Syntax Description

route-map

Specifies the route map to be used as an export map for the VRF.


Defaults

This command has no default behavior or values. A VRF has no export map unless one is configured using the export map command.

Command Modes

VRF configuration submode

Command History

Release
Modification

12.0(7)T

This command was introduced.


Usage Guidelines

Use an export route map when an application requires finer control over the routes exported by a VRF than provided by the import and export extended communities configured for the importing and exporting VRF.

The export map command associates a route map with the specified VRF. You can use a route map to filter target routes for a target VPN export by a VRF, based on the route target extended community attributes of the route. The route map might deny export to selected routes from a community on the export list.

An export map command with a set extcommunity rt command takes precedence over configured route targets (RTs), unless the additive keyword is specified. If the export map has a set community rt1 rt2 additive command, the previous RT list is kept and rt1 and rt2 are added to the RT list.

Examples

The following example shows how to configure an export map for VRF vpn1:

Router(config)# ip vrf vpn1

Router(config-vrf)# export map export1

Related Commands

Command
Description

import map

Configures an import route map for a VRF.

ip vrf

Configures a VRF routing table.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

route-target

Creates a route-target extended community for a VRF.

show ip vrf

Displays the set of defined VRFs and associated interfaces.


extended-port

To associate the currently selected extended MPLS ATM (XTagATM) interface with a particular external interface on the remotely controlled ATM switch, use the extended-port interface configuration command.

extended-port ctrl-if {bpx bpx-port-number | descriptor vsi-descriptor | vsi vsi-port-number}

Syntax Description

ctrl-if

Identifies the ATM interface used to control the remote ATM switch. You must configure VSI on this interface using the tag-control-protocol interface configuration command.

bpx bpx-port-number

Specifies the associated Cisco BPX interface using the native BPX syntax.

slot.port [.virtual port]

You can use this form of the command only when the controlled switch is a Cisco BPX switch.

descriptor vsi-descriptor

Specifies the associated port by its VSI physical descriptor. The vsi-descriptor string must match the corresponding VSI physical descriptor.

vsi vsi-port-number

Specifies the associated port by its VSI physical descriptor. The vsi-descriptor string must match the corresponding VSI physical descriptor.


Defaults

No default behavior or values.

Command Modes

Interface configuration

Command History

Release
Modification

12.0(3)T

This command was introduced.


Usage Guidelines

The extended-port interface configuration command associates an XTagATM interface with a particular external interface on the remotely controlled ATM switch. The three alternate forms of the command permit the external interface on the controlled ATM switch to be specified in three different ways.

Examples

The following examples show how to create an extended MPLS ATM interface, using different command qualifiers:

The following example creates an extended MPLS ATM interface and binds it to BPX port 2.3:

interface XTagATM23
extended-port atm0/0 bpx 2.3

The following example creates an extended MPLS ATM interface and binds it to port 2.4:

interface XTagATM24
extended-port atm0/0 descriptor 0.2.4.0

The following example creates an extended MPLS ATM interface and binds it to port 1622:

interface XTagATM1622
extended-port atm0/0 vsi 0x00010614

Related Commands

Command
Description

interface XTagATM

Enters interface configuration mode for an extended MPLS ATM (XTagATM) interface.

show controller vsi status

Displays a summary of each VSI-controlled interface.


holding-time

To specify the holding time value for the MPS-p7 variable of an MPS, use the holding-time command in MPS configuration mode. To revert to the default value, use the no form of this command.

holding-time time

no holding-time time

Syntax Description

time

Specifies the holding time value in seconds.


Defaults

The default holding time is 1200 seconds (20 minutes).

Command Modes

MPS configuration

Command History

Release
Modification

11.3(3a)WA4(5)

This command was introduced.


Examples

The following example sets the holding time to 600 seconds (10 minutes):

holding-time 600

import map

To configure an import route map for a VRF, use the import map command in VRF configuration submode.

import map route-map

Syntax Description

route-map

Specifies the route map to be used as an import route map for the VRF.


Defaults

There is no default. A VRF has no import route map unless one is configured using the import map command.

Command Modes

VRF configuration submode

Command History

Release
Modification

12.0(5)T

This command was introduced.


Usage Guidelines

Use an import route map when an application requires finer control over the routes imported into a VRF than provided by the import and export extended communities configured for the importing and exporting VRF.

The import map command associates a route map with the specified VRF. You can use a route map to filter routes that are eligible for import into a VRF, based on the route target extended community attributes of the route. The route map might deny access to selected routes from a community that is on the import list.

The import map command does not replace the need for a route-target import in the VRF configuration. You use the import map command to further filter prefixes that match a route-target import statement in that VRF.

Examples

The following example shows how to configure an import route map for a VRF:

ip vrf vrf_blue
import map blue_import_map

Related Commands

Command
Description

export map

Configures an export map for a VRF.

ip vrf

Configures a VRF routing table.

route-target

Creates a route-target extended community for a VRF.

show ip vrf

Displays the set of defined VRFs and associated interfaces.


index

To insert or modify a path entry at a specific index, use the index ip explicit path subcommand. To disable this feature, use the no form of this command.

index index command

no index index

Syntax Description

index

Index number at which the path entry will be inserted or modified. Valid values are from 0 to 65534.

command

An IP explicit path configuration command that creates or modifies a path entry. (Currently you can use only the next-address command.)


Defaults

No default behavior or values.

Command Modes

IP explicit path configuration

Command History

Release
Modification

12.0(5)S

This command was introduced.


Examples

In the following example, the next-address command is inserted at index 6:

Router(cfg-ip-expl-path)# index 6 next-address 3.3.29.3

Explicit Path identifier 6:
    6: next-address 3.3.29.3

Related Commands

Command
Description

append-after

Inserts the new path entry after the specified index number. Commands might be renumbered as a result.

interface fastethernet

Enters the command mode for IP explicit paths and creates or modifies the specified path.

list

Displays all or part of the explicit paths.

next-address

Specifies the next IP address in the explicit path.

show ip explicit-paths

Displays the configured IP explicit paths.


interface atm

To enter interface configuration mode, specify ATM as the interface type, and create a subinterface on that interface type, use the interface atm global configuration command.

interface atm interface.subinterface-number [mpls | tag-switching | point-to-point | multipoint]

Syntax Description

interface

Specifies a (physical) ATM interface (for example, 3/0).

.subinterface-number

Specifies the subinterface number for the ATM interface. On Cisco 7500 series routers, subinterface numbers can range from 0 to 4294967285.

mpls

(Optional) Specifies MPLS as the interface type for which a subinterface is to be created.

tag-switching

(Optional) Specifies tag switching as the interface type for which a subinterface is to be created.

point-to-point

(Optional) Specifies point-to-point as the interface type for which a subinterface is to be created.

multipoint

(Optional) Specifies multipoint as the interface type for which a subinterface is to be created.


Defaults

This command has no default behavior or values.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.

12.1(3)T

New optional subinterface types were introduced.


Usage Guidelines

The interface atm command enables you to define a subinterface for a specified type of ATM interface. The subinterface for the ATM interface is created the first time this command is issued with a specified subinterface number.

Examples

For physical ATM interface 3/0, the following command creates an ATM MPLS subinterface having subinterface number 1:

Router# interface atm 3/0.1 mpls 

Related Commands

Command
Description

show mpls interfaces

Displays information about one or more MPLS interfaces that have been configured for label switching.


interface fastethernet

To select a particular Fast Ethernet interface for configuration, use the interface fastethernet global configuration command.

Cisco 4500 and 4700 Series Routers

interface fastethernet number

Cisco 7200 Series Routers

interface fastethernet slot/port

Cisco 7500 Series Routers

interface fastethernet slot/port-adapter/port

Syntax Description

number

Port, connector, or interface card number. On Cisco 4500 or 4700 series routers, specifies the Network Interface Module (NIM) or Networking Products Marketplace (NPM) number. The numbers are assigned at the factory at the time of installation or when added to a system.

slot

Number of the slot being configured. Refer to the appropriate hardware manual for slot and port information.

port

Number of the port being configured. Refer to the appropriate hardware manual for slot and port information.

port-adapter

Number of the port adapter being configured. Refer to the appropriate hardware manual for information about port adapter compatibility.


Defaults

No default behavior or values.

Command Modes

Global configuration

Command History

Release
Modification

11.2

This command was introduced.

11.3

Default encapsulation type was changed to Advanced Research Projects Agency (ARPA).


Usage Guidelines

This command does not have a no form.

Examples

The following example configures Fast Ethernet interface 0 for standard ARPA encapsulation (the default setting) on Cisco 4500 or 4700 series routers:

interface fastethernet 0

Related Commands

Command
Description

show interfaces fastethernet

Displays information about the Fast Ethernet interfaces.


interface XTagATM

To enter interface configuration mode for the extended MPLS ATM (XTagATM) interface, use the following interface XTagATM global configuration command.

interface XTagATM if-num

Syntax Description

if-num

Specifies the interface number.


Defaults

No default behavior or values.

Command Modes

Global configuration

Command History

Release
Modification

12.0(5)T

This command was introduced.


Usage Guidelines

Extended MPLS ATM interfaces are virtual interfaces that are created on first reference-like tunnel interfaces. Extended MPLS ATM interfaces are similar to ATM interfaces except that the former only supports LC-ATM encapsulation.

The interface is created the first time this command is issued for a particular interface number.

Examples

The following example shows how you create an extended MPLS ATM interface with interface number 62:

(config)# interface XTagATM62 

Related Commands

Command
Description

extended-port

Associates the currently selected extended MPLS ATM (XTagATM) interface with a remotely controlled switch.


ip cache-invalidate-delay

To control the invalidation rate of the IP route cache, use the ip cache-invalidate-delay command in global configuration mode. To allow the IP route cache to be immediately invalidated, use the no form of this command.

ip cache-invalidate-delay [minimum maximum quiet threshold]

no ip cache-invalidate-delay

Syntax Description

minimum

(Optional) Minimum time (in seconds) between invalidation request and actual invalidation. The default is 2 seconds.

maximum

(Optional) Maximum time (in seconds) between invalidation request and actual invalidation. The default is 5 seconds.

quiet

(Optional) Length of quiet period (in seconds) before invalidation.

threshold

(Optional) Maximum number of invalidation requests considered to be quiet.


Defaults

minimum: 2 seconds
maximum: 5 seconds, and 3 seconds with no more than zero invalidation requests

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

After you enter the ip cache-invalidate-delay command all cache invalidation requests are honored immediately.


Caution This command should only be used under the guidance of technical support personnel. Incorrect settings can seriously degrade network performance. The command-line-interface (CLI) will not allow you to enter the ip cache-invalidate-delay command until you configure the service internal command in global configuration mode.

The IP fast-switching and autonomous-switching features maintain a cache of IP routes for rapid access. When a packet is to be forwarded and the corresponding route is not present in the cache, the packet is process switched and a new cache entry is built. However, when routing table changes occur (such as when a link or an interface goes down), the route cache must be flushed so that it can be rebuilt with up-to-date routing information.

This command controls how the route cache is flushed. The intent is to delay invalidation of the cache until after routing has settled down. Because route table changes tend to be clustered in a short period of time, and the cache may be flushed repeatedly, a high CPU load might be placed on the router.

When this feature is enabled, and the system requests that the route cache be flushed, the request is held for at least minimum seconds. Then the system determines whether the cache has been "quiet" (that is, less than threshold invalidation requests in the last quiet seconds). If the cache has been quiet, the cache is then flushed. If the cache does not become quiet within maximum seconds after the first request, it is flushed unconditionally.

Manipulation of these parameters trades off CPU utilization versus route convergence time. Timing of the routing protocols is not affected, but removal of stale cache entries is affected.

Examples

The following example shows how to set a minimum delay of 5 seconds, a maximum delay of 30 seconds, and a quiet threshold of no more than 5 invalidation requests in the previous 10 seconds:

Router(config)# service internal
Router(config)# ip cache-invalidate-delay 5 30 10 5

Related Commands

Command
Description

ip route-cache

Configures the high-speed switching caches for IP routing.


ip cef

To enable Cisco Express Forwarding (CEF) on the Route Processor card, use the ip cef command in global configuration mode. To disable CEF, use the no form of this command.

ip cef [distributed]

no ip cef [distributed]

Syntax Description

distributed

(Optional) Enables distributed CEF (dCEF) operation. Distributes CEF information to line cards. Line cards perform express forwarding.


Defaults

CEF is disabled by default, excluding these platforms:

CEF is enabled on the Cisco 7100 series router.
CEF is enabled on the Cisco 7200 series router.
CEF is enabled on the Cisco 7500 series Internet router.
Distributed CEF is enabled on the Cisco 6500 series router
Distributed CEF is enabled on the Cisco 12000 series Internet router.

Command Modes

Global configuration

Command History

Release
Modification

11.1 CC

This command was introduced.

12.2

The default for the ip cef command on Cisco 7200 series routers was changed from disabled to enabled.


Usage Guidelines

This command is not available on the Cisco 12000 series because that router series operates only in dCEF mode.

CEF is advanced Layer 3 IP switching technology. CEF optimizes network performance and scalability for networks with dynamic, topologically dispersed traffic patterns, such as those associated with web-based applications and interactive sessions.

If you enable CEF and then create an access list that uses the log keyword, the packets that match the access list are not CEF switched. They are fast switched. Logging disables CEF.

Examples

The following example enables standard CEF operation:

ip cef

The following example enables dCEF operation:

ip cef distributed

Related Commands

Command
Description

ip route-cache

Controls the use of high-speed switching caches for IP routing.