Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Command Reference, Release 4.2.x
IPv4 and IPv6 Commands
Downloads: This chapterpdf (PDF - 1.34MB) The complete bookPDF (PDF - 3.59MB) | Feedback

IPv4 and IPv6 Commands

IPv4 and IPv6 Commands

This module describes the Cisco IOS XR software commands used to configure the IPv4 and IPv6 commands for Broadband Network Gateway (BNG) on the Cisco ASR 9000 Series Router. For details regarding the related configurations, refer to the Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide.

ipv4 mtu (BNG)

To set the maximum transmission unit (MTU) size of IPv4 packets sent on an interface, use the ipv4 mtu command in an appropriate configuration mode. To restore the default MTU size, use the no form of this command.

ipv4 mtu bytes

no ipv4 mtu

Syntax Description

bytes

MTU in bytes. Range is 68 to 65535 bytes for IPv4 packets. The maximum MTU size that can be set on an interface depends on the interface medium.

Command Default

If no MTU size is configured for IPv4 packets sent on an interface, the interface derives the MTU from the Layer 2 MTU.

Command Modes

Dynamic template configuration

Command History

Release

Modification

Release 3.7.2

This command was introduced.

Release 4.2.0

This command was supported in the dynamic template configuration mode for BNG.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

The router punts the packets that needs fragmentation; whereas the software path drops the subscriber traffic that needs fragmentation.

The maximum MTU size that can be set on an interface depends on the interface medium. If the Layer 2 MTU is smaller than the Layer 3 MTU, the Cisco IOS XR software uses the Layer 2 MTU value for the Layer 3 MTU. Conversely, if the Layer 3 MTU is smaller than the Layer 2 MTU, the software uses Layer 3 MTU value. In other words the Cisco IOS XR software uses the lower of the two values for the MTU.

All devices on a physical medium must have the same protocol MTU to operate.

To enter the dynamic template configuration mode, run dynamic-template command in the global configuration mode.


Note


Changing the MTU value (with the mtu interface configuration command) can affect the IPv4 MTU value. If the current IPv4 MTU value is the same as the MTU value, and you change the MTU value, the IPv4 MTU value will be modified automatically to match the new MTU. However, the reverse is not true; changing the IPv4 MTU value has no effect on the value for the mtu command.


Task ID

Task ID

Operations

ipv4

read, write

network

read, write

config-services

read, write

Examples

This example shows how to set the maximum IPv4 packet size to 300 bytes in dynamic template configuration mode:
RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)# dynamic-template type ppp p1
RP/0/RSP0/CPU0:router(config-dynamic-template-type)# ipv4 mtu 300

Related Commands

Command

Description

show ipv4 interface (BNG)

Displays the MTU status of interfaces configured for IPv4.

ipv4 unnumbered (point-to-point -BNG)

To enable IPv4 processing on a point-to-point interface without assigning an explicit IPv4 address to that interface, use the ipv4 unnumbered command in an appropriate configuration mode. To disable this feature, use the no form of this command.

ipv4 unnumbered interface-type interface-instance

no ipv4 unnumbered interface-type interface-instance

Syntax Description

interface-type

Interface type. For more information, use the question mark (?) online help function.

interface-instance

Either a physical interface instance or a virtual interface instance as follows:

  • Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation.
    • rack: Chassis number of the rack.
    • slot: Physical slot number of the modular services card or line card.
    • module: Module number. A physical layer interface module (PLIM) is always 0.
    • port: Physical port number of the interface.
    Note   

    In references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RSP0 ) and the module is CPU0. Example: interface MgmtEth0/RSP0 /CPU0/0.

  • Virtual interface instance. Number range varies depending on interface type.

For more information about the syntax for the router, use the question mark (?) online help function.

Command Default

IPv4 processing on a point-to-point interface is disabled unless an IPv4 address is assigned explicitly to that interface.

Command Modes

Dynamic template configuration

Command History

Release

Modification

Release 3.7.2

This command was introduced.

Release 4.2.0

This command was supported in the dynamic template configuration mode for BNG.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

To enter the dynamic template configuration mode, run dynamic-template command in the global configuration mode.

Whenever the unnumbered interface generates a packet (for example, for a routing update), it uses the address of the specified interface as the source address of the IPv4 packet. It also uses the IPv4 address of the specified interface in determining which routing processes are sending updates over the unnumbered interface. Restrictions include the following:

  • You cannot use the ping EXEC command to determine whether the interface is up because the interface has no address. Simple Network Management Protocol (SNMP) can be used to remotely monitor interface status.

The interface you specify by the interface-type and interface-number arguments must be enabled (listed as “up” in the show interfaces command display).

Task ID

Task ID

Operations

ipv4

read, write

network

read, write

config-services

read, write

Examples

In this example the Bundle-Ether interface is assigned address 100.10 in the dynamic template configuration mode:
RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)# dynamic-template type ppp p1
RP/0/RSP0/CPU0:router(config-dynamic-template-type)# ipv4 unnumbered Bundle-Ether100.10

ipv4 unreachables disable (BNG)

To disable the generation of IPv4 Internet Control Message Protocol (ICMP) unreachable messages, use the ipv4 unreachables disable command in an appropriate configuration mode. To re-enable the generation of ICMP unreachable messages, use the no form of this command.

ipv4 unreachables disable

no ipv4 unreachables disable

Syntax Description

This command has no keywords or arguments.

Command Default

IPv4 ICMP unreachables messages are generated.

Command Modes

Dynamic template configuration

Command History

Release

Modification

Release 3.7.2

This command was introduced.

Release 4.2.0

This command was supported in the dynamic template configuration mode for BNG.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

If the software receives a nonbroadcast packet destined for itself that uses a protocol it does not recognize, it sends an ICMP protocol unreachable message to the source.

If the software receives a datagram that it cannot deliver to its ultimate destination because it knows of no route to the destination address, it replies to the originator of that datagram with an ICMP host unreachable message.

This command affects a number of ICMP unreachable messages.

To enter the dynamic template configuration mode, run dynamic-template command in the global configuration mode.

Task ID

Task ID

Operations

ipv4

read, write

network

read, write

config-services

read, write

Examples

This example shows how to disable the generation of ICMP unreachable messages on dynamic template configuration mode:
RP/0/RSP0/CPU0:router(config)# dynamic-template type ppp foo
RP/0/RSP0/CPU0:router(config-dynamic-template-type)# ipv4 unreachables disable

ipv4 verify unicast source reachable-via (BNG)

To enable IPv4 unicast Reverse Path Forwarding (RPF) checking, use the ipv4 verify unicast source reachable-via command in an appropriate configuration mode. To disable unicast RPF, use the no form of this command.

ipv4 verify unicast source reachable-via { any | rx } [allow-default] [allow-self-ping]

no ipv4 verify unicast source reachable-via { any | rx } [allow-default] [allow-self-ping]

Syntax Description

any

Enables loose unicast RPF checking. If loose unicast RPF is enabled, a packet is not forwarded unless its source prefix exists in the routing table.

rx

Enables strict unicast RPF checking. If strict unicast RPF is enabled, a packet is not forwarded unless its source prefix exists in the routing table and the output interface matches the interface on which the packet was received.

allow-default

(Optional) Enables the matching of default routes. This option applies to both loose and strict RPF.

allow-self-ping

(Optional) Enables the router to ping out an interface.This option applies to both loose and strict RPF.

Command Default

IPv4 unicast RPF is disabled.

Command Modes

Dynamic template configuration

Command History

Release

Modification

Release 3.7.2

This command was introduced.

Release 4.2.0

This command was supported in the dynamic template configuration mode for BNG.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

To enter the dynamic template configuration mode, run dynamic-template command in the global configuration mode.

Use the ipv4 verify unicast source reachable-via interface command to mitigate problems caused by malformed or forged (spoofed) IP source addresses that pass through a router. Malformed or forged source addresses can indicate denial-of-service (DoS) attacks based on source IP address spoofing.

When strict unicast RPF is enabled on an interface, the router examines all packets received on that interface. The router checks to make sure that the source address appears in the routing table and matches the interface on which the packet was received.

When loose unicast RPF is enabled on an interface, the router examines all packets received on that interface. The router checks to make sure that the source address can be reached through any of the router interfaces.

Task ID

Task ID

Operations

ipv4

read, write

network

read, write

config-services

read, write

Examples

This example shows how to configure strict RPF on dynamic template configuration mode:
RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)# dynamic-template type ppp p1
RP/0/RSP0/CPU0:router(config-dynamic-template-type)# ipv4 verify unicast source reachable-via rx

show ipv4 interface (BNG)

To display the usability status of interfaces configured for IPv4, use the show ipv4 interface command in the EXEC mode.

show ipv4 [ vrf vrf-name ] interface [ type interface-path-id | brief | summary ]

Syntax Description

vrf

(Optional)  Displays VPN routing and forwarding (VRF) instance information.

vrf-name

(Optional) Name of a VRF.

type

Interface type. For more information, use the question mark (?) online help function.

interface-path-id

Either a physical interface instance or a virtual interface instance as follows:

  • Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation.
    • rack: Chassis number of the rack.
    • slot: Physical slot number of the modular services card or line card.
    • module: Module number. A physical layer interface module (PLIM) is always 0.
    • port: Physical port number of the interface.
    Note   

    In references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RSP0 ) and the module is CPU0. Example: interface MgmtEth0/RSP0 /CPU0/0.

  • Virtual interface instance. Number range varies depending on interface type.

For more information about the syntax for the router, use the question mark (?) online help function.

brief

(Optional) Displays the primary IPv4 addresses configured on the router’s interfaces and their protocol and line states.

summary

(Optional) Displays the number of interfaces on the router that are assigned, unassigned, or unnumbered.

Command Default

If VRF is not specified, the software displays the default VRF.

Command Modes

EXEC

Command History

Release

Modification

Release 3.7.2

This command was introduced.

Release 4.2.0

This command was supported for BNG.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

The show ipv4 interface command provides output similar to the show ipv6 interface command, except that it is IPv4-specific.

The interface name will be displayed only if the name belongs to the VRF instance. If the vrf-name is not specified then the interface instance will be displayed only if the interface belongs to the default VRF.

Task ID

Task ID

Operations

ipv4

read

network

read

Examples

This is the sample output of the show ipv4 interface command:

RP/0/RSP0/CPU0:router# show ipv4 interface

Loopback0 is Up, line protocol is Up
  Internet address is 10
.0.0.1/8

  Secondary address 10.0.0.2/8
  MTU is 1514 (1514 is available to IP)
  Multicast reserved groups joined: 10.0.0.1
  Directed broadcast forwarding is disabled
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  ICMP redirects are always sent
  ICMP unreachables are always sent
gigabitethernet0/0/0/0 is Up, line protocol is Up
  Internet address is 10.25.58.1/16
  MTU is 1514 (1500 is available to IP)
  Multicast reserved groups joined: 10.0.224.1
  Directed broadcast forwarding is disabled
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  ICMP redirects are always sent
  ICMP unreachables are always sent
gigabitethernet0/0/0/0 is Shutdown, line protocol is Down
  Vrf is default (vrfid 0x60000000)
  Internet protocol processing disabled

This table describes the significant fields shown in the display.



Table 1 show ipv4 interface Command Field Descriptions

Field

Description

Loopback0 is Up

If the interface hardware is usable, the interface is marked “Up.” For an interface to be usable, both the interface hardware and line protocol must be up.

line protocol is Up

If the interface can provide two-way communication, the line protocol is marked “Up.” For an interface to be usable, both the interface hardware and line protocol must be up.

Internet address

IPv4 Internet address and subnet mask of the interface.

Secondary address

Displays a secondary address, if one has been set.

MTU

Displays the IPv4 MTU1 value set on the interface.

Multicast reserved groups joined

Indicates the multicast groups this interface belongs to.

Directed broadcast forwarding

Indicates whether directed broadcast forwarding is enabled or disabled.

Outgoing access list

Indicates whether the interface has an outgoing access list set.

Inbound access list

Indicates whether the interface has an incoming access list set.

Proxy ARP

Indicates whether proxy ARP2 is enabled or disabled on an interface.

ICMP redirects

Specifies whether ICMPv43 redirects are sent on this interface.

ICMP unreachables

Specifies whether unreachable messages are sent on this interface.

Internet protocol processing disabled

Indicates an IPv4 address has not been configured on the interface.

1 MTU = maximum transmission unit
2 ARP = Address Resolution Protocoladdress resolution protocol
3 ICMPv4 = Internet Control Message Protocol internet control message protocol version 4

show ipv4 traffic (BNG)

To display the IPv4 traffic statistics, use the show ipv4 traffic command in the EXEC mode.

show ipv4 traffic [brief]

Syntax Description

brief

(Optional) Displays only IPv4 and Internet Control Message Protocol version 4 (ICMPv4) traffic.

Command Default

None

Command Modes

EXEC

Command History

Release

Modification

Release 3.7.2

This command was introduced .

Release 4.2.0

This command was supported for BNG.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

The show ipv4 traffic command provides output similar to the show ipv6 traffic command, except that it is IPv4-specific.

Task ID

Task ID

Operations

ipv4

read

network

read

Examples

This is the sample output of the show ipv4 traffic command:

RP/0/RSP0/CPU0:router# show ipv4 traffic

IP statistics:
  Rcvd:  16372 total, 16372 local destination
         0 format errors, 0 bad hop count
         0 unknown protocol, 0 not a gateway
         0 security failures, 0 bad source, 0 bad header
         0 with options, 0 bad, 0 unknown
  Opts:  0 end, 0 nop, 0 basic security, 0 extended security
         0 strict source rt, 0 loose source rt, 0 record rt
         0 stream ID, 0 timestamp, 0 alert, 0 cipso
  Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
         0 fragmented, 0 fragment count
  Bcast: 0 sent, 0 received
  Mcast: 0 sent, 0 received
   Drop: 0 encapsulation failed, 0 no route, 0 too big, 0 sanity address check
   Sent: 16372 total

ICMP statistics:
  Sent: 0 admin unreachable, 0 network unreachable
        0 host unreachable, 0 protocol unreachable
        0 port unreachable, 0 fragment unreachable
        0 time to live exceeded, 0 reassembly ttl exceeded
        5 echo request, 0 echo reply
        0 mask request, 0 mask reply
        0 parameter error, 0 redirects
        5 total
  Rcvd: 0 admin unreachable, 0 network unreachable
        2 host unreachable, 0 protocol unreachable
        0 port unreachable, 0 fragment unreachable
        0 time to live exceeded, 0 reassembly ttl exceeded
        0 echo request, 5 echo reply
        0 mask request, 0 mask reply
        0 redirect, 0 parameter error
        0 source quench, 0 timestamp, 0 timestamp reply
        0 router advertisement, 0 router solicitation
        7 total, 0 checksum errors, 0 unknown

UDP statistics:
        16365 packets input, 16367 packets output
        0 checksum errors, 0 no port
        0 forwarded broadcasts

TCP statistics:
        0 packets input, 0 packets output
        0 checksum errors, 0 no port

This table describes the significant fields shown in the display.



Table 2 show ipv4 traffic Command Field Descriptions

Field

Description

bad hop count

Occurs when a packet is discarded because its TTL4 field was decremented to zero.

encapsulation failed

Usually indicates that the router had no ARP request entry and therefore did not send a datagram.

format errors

Indicates a gross error in the packet format, such as an impossible Internet header length.

IP statistics Rcvd total

Indicates the total number of local destination and other packets received in the software plane. It does not account for the IP packets forwarded or discarded in hardware.

no route

Counted when the Cisco IOS XR software discards a datagram it did not know how to route.

4 TTL = time-to-live