Cisco IOS XR Carrier Grade NAT Command Reference for the Cisco CRS Router, Release 4.1
Carrier Grade NAT Commands on Cisco IOS XR Software
Downloads: This chapterpdf (PDF - 1.62MB) The complete bookPDF (PDF - 2.36MB) | Feedback

Carrier Grade NAT Commands on Cisco IOS XR Software

Contents

Carrier Grade NAT Commands on Cisco IOS XR Software

This chapter describes the commands used to configure and use the Carrier Grade NAT (CGN) .

For detailed information about CGN concepts, configuration tasks, and examples, see Cisco IOS XR Software Carrier Grade NAT Configuration Guide for the Cisco CRS Router .

address-family (6rd)

To bind an ipv4 or ipv6 ServiceApp interface to a 6rd instance, use the address-family command in 6RD configuration mode. To unbind the ServiceApp interface, use the no form of this command.

address-family { ipv4 | ipv6 } interface ServiceApp value

no address-family { ipv4 | ipv6 } interface ServiceApp value

Syntax Description

ipv4

Specifies the IPv4 address family.

ipv6

Specifies the IPv6 address family.

interface

Specifies the ServiceApp interface to be used.

ServiceApp

Specifies the SVI interface.

value

Interface value. The range is from 1 to 2000.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.3.1

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to bind ipv4 ServiceApp interface to a 6RD instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn-inst
RP/0/RP0/CPU0:router(config-cgn)# service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# address-family ipv4
RP/0/RP0/CPU0:router(config-cgn-6rd-afi)#interface ServiceApp 100

Examples

This example shows how to bind ipv6 ServiceApp interface to a 6RD instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn-inst
RP/0/RP0/CPU0:router(config-cgn)# service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# address-family ipv6
RP/0/RP0/CPU0:router(config-cgn-6rd-afi)#interface ServiceApp 120

Related Commands

Command

Description

br (6rd)

Enables the Border Relay(BR) configuration.  

path-mtu (6rd)

Configures the ipv4 tunnel MTU (Maximum Transmission Unit) size for an IPv6 Rapid Deployment (6RD) instance.  

reassembly-enable (6rd)

Reassembles the fragmented packets.  

reset-df-bit (6rd)

Enables anycast mode.  

tos (6rd)

 

ttl (6rd)

Configures the time to live of an IPv4 tunnel.  

address-family ipv4 (Stateless NAT64)

To enter the IPv4 address family configuration mode while configuring the Carrier Grade NAT (CGN), use the address-family ipv4 command in an appropriate configuration mode. To disable support for an address family, use the no form of this command.

address-family ipv4 { interface ServiceApp | tcp mss | tos }

no address-family ipv4

Syntax Description

interface

Specifies the ServiceApp interface to be used.

ServiceApp

Specifies the SEAPP SVI interface. The number of service application interfaces to be configured ranges from 1 to 2000.

tcp

Specifies the TCP protocol.

mss

Specifies the maximum segment size for TCP in bytes. The value of maximum segment size ranges from 28 to 1500.

tos

Type of service to be set when translating IPv6 to IPv4. The value of type of service ranges from 0 to 255.

Command Default

None

Command Modes

CGN-NAT64

Command History

Release Modification

Release 3.9.1

This command was introduced.

Release 4.1.0

Updated the Syntax and Usage Guidelines sections.

Usage Guidelines

This command configures the ipv4 address family for NAT64 stateless XLAT.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows the tcp mss for the ipv4 address family:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# address-family ipv4
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-afi)# tcp mss 200

address-family ipv6 (Stateless NAT64)

To enter the IPv6 address family configuration mode, use the address-family ipv6 command. To disable support for an address family, use the no form of this command.

address-family ipv6{interface ServiceApp <1-2000>} { df override } { protocol | { icmp | reset-mtu } } tcp mss<28-1500>traffic-class<0-255>

no address-family ipv6

Syntax Description

interface

Indicates the ServiceApp interface to be used.

ServiceApp

SEAPP SVI Interface.

<1-2000>

Number of service application interfaces to be configured. Range is from 1 to 2000.

df-override

Override DF bit.

protocol

Select a protocol.

icmp

(Optional) ICMP protocol.

reset-mtu

(Optional) Reset maximum transmission unit when packet is too big.

tcp

TCP protocol.

mss

Maximum segment size for TCP in bytes.

<28-1500>

Maximum segment size to be used in bytes.

traffic-class

Traffic class to be set when translating from IPv4 to IPv6.

Command Default

None

Command Modes

CGN-NAT64

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

This command configures the ipv6 address family for NAT64 stateless XLAT.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows the traffic-class setting for the ipv6 address family:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# address-family ipv6
RP/0/RP0/CPU0:router(config-cgn-nat64-stless-afi)# traffic-class 25

Related Commands

Command

Description

df-override (CGN)

Sets the do not fragment bit  

protocol icmp reset-mtu (CGN)

Resets the received packet size.  

service cgn

Enables an instance for the CGN application.  

traffic-class (CGN)

Configures the traffic class value to be used when translating a packet from IPv4 to IPv6  

br (6rd)

To enable the Border Relay(BR) configuration, use the br command in 6RD configuration mode. To disable this feature, use the no form of this command.

br { ipv4 | ipv6-prefix | source-address | unicast }

no br

Syntax Description

ipv4

Specifies the IPv4 related configuration.

ipv6-prefix

Specifies the IPv6 prefix.

source-address

Specifies the source address for the tunnel.

unicast

Specifies the IPv6 unicast address.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the unicast address using the br configuration level commands :

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# ipv6-prefix 2001:db8::/32
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# source-address 10.2.2.2
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# ipv4 prefix length 0
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# ipv4 suffix length 0
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd-br)# unicast address 2001:db8:a02:202::1

Related Commands

Command

Description

ipv4 prefix (6rd)

Assigns a value for the ipv4-prefix length to be used as part of both ends of tunnel.  

ipv4 suffix (6rd)

Assigns a value for the ipv4-suffix length to be used as part of both ends of a tunnel.  

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

source-address (6rd)

Assigns an ipv4 address as the tunnel source address.  

unicast address (6rd)

Assigns an IPv6 address to be used for a IPv6 Rapid Deployment (6RD) Border Relay (BR) unicast configuration.  

clear cgn tunnel v6rd statistics

To clear all the statistics of a IPv6 Rapid Deployment (6RD) instance, use the clear cgn tunnel v6rd statistics command in EXEC mode.

clear cgn tunnel v6rd instance-name statistics

Syntax Description

instance-name

Specifies the name of the 6rd instance.

statistics

6rd instance statistics.

Command Default

None

Command Modes

Exec

Command History

Release Modification
Release 4.3.1

This command was introduced.

Usage Guidelines


Caution


Because the clear cgn tunnel v6rd statistics command clears all statistics counters, use this command with caution.


Task ID

Task ID Operation

cgn

read

Examples

This example shows the statistics entries for a 6RD instance:

RP/0/RP0/CPU0:router# show cgn tunnel v6rd 6rd1 statistics

Tunnel 6rd configuration
=========================
Tunnel 6rd name: 6rd1
IPv6 Prefix/Length: 2001:db8::/32
Source address: 9.1.1.1
BR Unicast address: 2001:db8:901:101::1
IPv4 Prefix length: 0
IPv4 Suffix length: 0
TOS: 0, TTL: 255, Path MTU: 1280
Tunnel 6rd statistics
======================
IPv4 to IPv6
=============
Incoming packet count : 2296951183
Incoming tunneled packets count : 2296951183
Decapsulated packets : 0
ICMP translation count : 0
Insufficient IPv4 payload drop count : 0
Security check failure drops : 0
No DB entry drop count : 0
Unsupported protocol drop count : 0
Invalid IPv6 source prefix drop count : 2296951183
IPv6 to IPv4
=============
Incoming packet count : 0
Encapsulated packets count : 0
No DB drop count : 0
Unsupported protocol drop count : 0
IPv4 ICMP
==========
Incoming packets count : 0
Reply packets count : 0
Throttled packet count : 0
Nontranslatable drops : 0
Unsupported icmp type drop count : 0
IPv6 ICMP
==========
Incoming packets count : 0
Reply packets count : 0
Packet Too Big generated packets count : 0
Packet Too Big not generated packets count : 0
NA generated packets count : 0
TTL expiry generated packets count : 0
Unsupported icmp type drop count : 0
Throttled packet count : 0
IPv4 to IPv6 Fragments
=======================
Incoming fragments count : 0
Reassembled packet count : 0
Reassembled fragments count : 0
ICMP incoming fragments count : 0
Total fragment drop count : 0
Fragments dropped due to timeout : 0
Reassembly throttled drop count : 0
Duplicate fragments drop count : 0
Reassembly disabled drop count : 0
No DB entry fragments drop count : 0
Fragments dropped due to security check failure : 0
Insufficient IPv4 payload fragment drop count : 0
Unsupported protocol fragment drops : 0
Invalid IPv6 prefix fragment drop count : 0
IPv6 to IPv4 Fragments
=======================
Incoming ICMP fragment count : 0
RP/0/RP1/CPU0:#
=================================================================================

The RP/0/RP0/CPU0:router# clear cgn tunnel v6rd 6rd1 statistics command clears the 
output shown above.

Related Commands

Command

Description

show cgn tunnel v6rd statistics

Displays the statistics information for an IPv6 Rapid Deployment (6RD) instance.  

df-override (CGN)

To set the DF (Do not Fragment) bit to 0, use the df-override command . To restore the default behavior, use the no form of this command.

df-override

no df-override

Syntax Description

df-override

Specifies the df-override bit.

Command Default

The df-override bit is set to 1.

Command Modes

CGN-NAT64

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

Use the df-override command to set the DF bit to 0 when translating IPv6 packets to IPv4 packets, provided the original IPv6 packet size is less than 1280 bytes and there is no Fragment header.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the df-override command for the NAT64 stateless configuration.

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# ipv6-prefix 2010:db8:ff00::/40
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# address-family ipv6
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-afi)# df-override

Related Commands

Command

Description

 

interface ServiceApp

Enables the application SVI interface.  

protocol icmp reset-mtu (CGN)

Resets the received packet size.  

service cgn

Enables an instance for the CGN application.  

service-type nat64 (Stateless)

Creates a nat64 stateless application  

tcp mss (CGN)

Adjusts the TCP maximum segment size value for a ServiceApp interface.  

traffic-class (CGN)

Configures the traffic class value to be used when translating a packet from IPv4 to IPv6  

hw-module service cgn location

To enable a CGN service role on a specified location, use the hw-module service cgn location command in global configuration mode. To disable the CGN service role at the specified location, use the no form of this command.

hw-module service cgn location node-id

no hw-module service cgn location node-id

Syntax Description

node-id

Location of the service card for CGN that you want to configure. The node-id argument is entered in the rack/slot/module notation.

Command Default

None

Command Modes

Global configuration

Command History

Release

Modification

Release 3.9.1

This command was introduced.

Usage Guidelines

Task ID

Task ID

Operations

cgn

read, write

root-lr

read, write

Examples

This example shows how to configure the CGN service for location 0/2/CPU0:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# hw-module service cgn location 0/2/CPU0

Related Commands

Command

Description

 

interface ServiceInfra

Enables the infrastructure SVI interface.  

service cgn

Enables an instance for the CGN application.  

service-location (CGN)

Enables the particular instance of the CGN application on the active and standby locations.  

interface ServiceApp

To enable the application SVI interface, use the interface ServiceApp command in global configuration mode. To disable a particular service application interface, use the no form of this command.

interface ServiceApp value

no interface ServiceApp value

Syntax Description

value

Total number of service application interfaces to be configured. Range is from 1 to 244.

Command Default

None

Command Modes

Global configuration

Command History

Release

Modification

Release 3.9.1

This command was introduced.

Usage Guidelines

The total number of service application interfaces per multi-service PLIM card cannot exceed 889.


Note


The name of the serviceapp interfaces is serviceapp n where n can be a number between 1 to 244.


Task ID

Task ID

Operations

interface

read, write

Examples

This example shows how to configure a nat64 stateless service application interface:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)#ipv6-prefix 2010:db8:ff00::/40
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)#address-family ipv6
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-afi)#interface ServiceApp 461

This example shows how to configure 6rd service application interface:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#address-family ipv6
RP/0/RP0/CPU0:router(config-cgn-6rd-afi)#interface ServiceApp 46

This example shows how to configure a nat44service application interface:

RP/0/RP0/CPU0:router#configure
RP/0/RP0/CPU0:router(config)#interface ServiceApp 1
RP/0/RP0/CPU0:router(config)#service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#service type nat44 nat1
RP/0/RP0/CPU0:router(config-cgn-nat44)#address-family ipv4

interface ServiceInfra

To enable the infrastructure SVI interface, use the interface ServiceInfra command in global configuration mode. To disable a particular service infrastructure interface, use the no form of this command.

interface ServiceInfra value

no interface ServiceInfra value

Syntax Description

value

Total number of service infrastructure interfaces to be configured. Range is from 1 to 2000.

Command Default

None

Command Modes

Global configuration

Command History

Release

Modification

Release 3.9.1

This command was introduced.

Usage Guidelines

Only one service infrastructure interface can be configured per ISM.


Note


The Infra SVI interface and its IPv4 address configuration are required to boot the CGSE. The IPv4 address is used as the source address of the netflow v9 logging packet.


Task ID

Task ID

Operations

interface

read, write

Examples

This example shows how to configure one service infrastructure interface:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# interface ServiceInfra 1
RP/0/RP0/CPU0:router(config-if)#ipv4 address 3.1.1.1 255.255.255.248
RP/0/RP0/CPU0:router(config-if)#service-location 0/1/CPU0

ipv4 prefix (6rd)

To assign a value for the ipv4-prefix length to be used as part of both ends of tunnel, use the ipv4 prefix command in 6RD configuration mode. To remove the ipv4 prefix, use the no form of this command.

ipv4 prefix length value

no ipv4 prefix length value

Syntax Description

length

Indicates the IPv4 prefix length to be used while deriving the delegated IPv6 prefix.

value

IPv4 prefix length value. The range is from 0 to 31.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

This command assigns a value for the common ipv4 prefix length to be used as part of both ends of the tunnel. This is an optional br (Border Relay) tunnel configuration parameter. If this parameter is added or modified, the unicast address must be modified.

The sum of the ipv4 prefix length and ipv4 suffix length must not exceed 31. This value is used to calculate 6RD delegated prefix.

Once configured, the ipv4 prefix cannot be deleted individually. It must be deleted along with all the br tunnel configuration. If you want to ignore the prefix length, alternatively you can set it to zero along with the updated unicast address.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the ipv4 prefix length:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd-br)# ipv4 prefix length 16

Related Commands

Command

Description

ipv4 suffix (6rd)

Assigns a value for the ipv4-suffix length to be used as part of both ends of a tunnel.  

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

source-address (6rd)

Assigns an ipv4 address as the tunnel source address.  

unicast address (6rd)

Assigns an IPv6 address to be used for a IPv6 Rapid Deployment (6RD) Border Relay (BR) unicast configuration.  

ipv4 suffix (6rd)

To assign a value for the ipv4-suffix length to be used as part of both ends of a tunnel, use the ipv4 suffix command in 6RD configuration mode. To remove the ipv4 suffix, use the no form of this command.

ipv4 suffix length value

no ipv4 suffix length value

Syntax Description

ipv4 suffix length

Specifies the IPv4 suffix length to be used while deriving the delegated IPv6 prefix.

value

Length of the IPv4 suffix. The range is from 0 to 31.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

This command assigns a value for the common ipv4 suffix length to be used as part of both ends of the tunnel. This is an optional br (Border Relay) tunnel configuration parameter. If this parameter is added or modified, the unicast address should also be modified.


Note


The sum of the ipv4 prefix length and ipv4 suffix length must not exceed 31. This value is used to calculate 6RD delegated prefix.



Note


Once configured, the ipv4 suffix cannot be deleted individually. It must be deleted along with all the br tunnel configuration. If you want to ignore the prefix length, alternatively you can set it to zero along with the updated unicast address.


Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the ipv4 suffix length:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd-br)# ipv4 suffix length 15

Related Commands

Command

Description

ipv4 prefix (6rd)

Assigns a value for the ipv4-prefix length to be used as part of both ends of tunnel.  

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

source-address (6rd)

Assigns an ipv4 address as the tunnel source address.  

unicast address (6rd)

Assigns an IPv6 address to be used for a IPv6 Rapid Deployment (6RD) Border Relay (BR) unicast configuration.  

ipv6-prefix (6rd)

To generate the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application, use the ipv6-prefix command in 6RD configuration mode. To remove the ipv6 prefix assigned for the application, use the no form of this command.

ipv6-prefix X:X::X/length IPV6 subnet mask

no ipv6-prefix X:X::X/length IPV6 subnet mask

Syntax Description

X:X::X/length

IPv6 address.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

The ipv6-prefix command is used for Border Relay (BR) tunnel configurations. It is used to generate a delegated ipv6 prefix for the BR-related configuration. This is a mandatory br tunnel parameter. All mandatory parameters must be added or deleted at the same time.


Note


For a given 6RD domain, there is exactly one 6RD prefix. The ipv6-prefix command is used to convert the ipv4 address into ipv6 address for use by the 6RD domain.



Note


For a 6RD tunnel, configure the ipv6-prefix, ipv4 source-address, and unicast IPv6 address in a single commit operation. Once configured, the ipv6-prefix cannot be deleted individually. It must be deleted along with all the br tunnel configuration parameters.


Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to enter the ipv6-prefix for the 6RD CGN instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd-br)# ipv6-prefix 2010:db8:ff00::/40

Related Commands

Command

Description

ipv4 prefix (6rd)

Assigns a value for the ipv4-prefix length to be used as part of both ends of tunnel.  

ipv4 suffix (6rd)

Assigns a value for the ipv4-suffix length to be used as part of both ends of a tunnel.  

source-address (6rd)

Assigns an ipv4 address as the tunnel source address.  

unicast address (6rd)

Assigns an IPv6 address to be used for a IPv6 Rapid Deployment (6RD) Border Relay (BR) unicast configuration.  

path-mtu (6rd)

To configure the ipv4 tunnel MTU (Maximum Transmission Unit) size in bytes, use the path-mtu command in 6RD configuration mode. To reset the MTU to its default value, use the no form of this command.

path-mtu value

no path-mtu

Syntax Description

value

Path-MTU value, in bytes. The range is from 1280 to 1480.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

This command configures the path MTU size, in bytes, for the ipv4 tunnel. If the size of any incoming packet is more than this path MTU, then an ICMP error is sent as a response.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the path-mtu with the value of 1500:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# path-mtu 1500

Related Commands

Command

Description

address-family (6rd)

Binds an ipv4 or ipv6 ServiceApp interface to a 6rd instance.  

br (6rd)

Enables the Border Relay(BR) configuration.  

reassembly-enable (6rd)

Reassembles the fragmented packets.  

reset-df-bit (6rd)

Enables anycast mode.  

tos (6rd)

 

ttl (6rd)

Configures the time to live of an IPv4 tunnel.  

protocol (CGN)

To enter ICMP, TCP, and UDP protocol configuration mode for a given CGN instance, use the protocol command in the appropriate configuration mode. To remove all the features that are enabled under the protocol configuration mode, use the no form of this command.

protocol { icmp | tcp | udp } { mss | <28-1500> } { static-forward inside address | <A.B.C.D> | port | <1-65535> }

no protocol { icmp | tcp | udp }

Syntax Description

icmp

Enters ICMP protocol configuration mode.

tcp

Enters TCP protocol configuration mode.

udp

Enters UDP protocol configuration mode.

<28-1500>

Maximum segment size to be used in bytes.

static-forward

Configures a static port.

inside

Specifies inside network configuration..

address

Specifies the inside address for static-forward.

<A.B.C.D>

Specifies the inside IP address.

address

Specifies the port number for static-forward.

Command Default

None

Command Modes

CGN inside VRF NAT44 configuration mode

Command History

Release

Modification

Release 3.9.1

This command was introduced.

Usage Guidelines

The protocol command enters the appropriate CGN NAT44 configuration mode.

Task ID

Task ID

Operations

cgn

read, write

Examples

This example shows how to configure the ICMP protocol for a CGN instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat44 nat1
RP/0/RP0/CPU0:router(config-cgn-nat44)# inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)# protocol icmp
RP/0/RP0/CPU0:router(config-cgn-invrf-icmp)# static-forward inside address 192.0.2.1 port 650

Related Commands

Command

Description

service cgn

Enables an instance for the CGN application.  

show cgn nat44 inside-translation

Displays the translation table entries for an inside-address to outside-address for a specified NAT44 CGN instance.  

show cgn nat44 outside-translation

Displays the outside-address to inside-address translation details for a specified NAT44 instance.  

protocol (NAT44)

To enter the ICMP, TCP, and UDP protocol configuration mode, use the protocol command. To remove all features that are enabled under the protocol configuration mode, use the no form of this command.

protocol { icmp | tcp | udp } { session | active | initial } {timeout value}

no protocol { icmp | tcp | udp }

Syntax Description

icmp

Enters the ICMP protocol configuration mode.

tcp

Enters the TCP protocol configuration mode.

udp

Enters the UDP protocol configuration mode.

session

Session related configuration.

active

Active session timeout

initial

Initial session timeout

timeout

Session timeout

value

Timeout in seconds. The range is from 1 to 65535.

Command Default

None

Command Modes

NAT44 configuration mode

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

The protocol command enters the appropriate CGN AFI configuration mode.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the ICMP protocol for a CGN instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type nat44 nat1
RP/0/RP0/CPU0:router(config-cgn-nat44)# protocol icmp timeout 120

This example shows how to configure the UDP protocol for a CGN instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type nat44 nat1
RP/0/RP0/CPU0:router(config-cgn-nat44)# protocol udp session initial timeout 120
RP/0/RP0/CPU0:router(config-cgn-nat44)# protocol udp session active timeout 180

This example shows how to configure the TCP protocol for a CGN instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type nat44 nat1
RP/0/RP0/CPU0:router(config-cgn-nat44)# protocol tcp session active timeout 180

Related Commands

Command

Description

aftr-tunnel-endpoint-address (DS-LITE)

Assigns an IPv6 tunnel endpoint address for a DS-lite instance.  

alg ftp (DS-LITE)

Enables FTP Application-Level Gateway (ALG) for a DS-Lite instance.  

bulk-port-alloc (DS-LITE)

 

external-logging (NAT44 Netflow)

Enables external logging of a NAT44 instance.  

map (NAT44)

Maps an outside VRF and address pool to an inside vrf.  

path-mtu (DS-LITE)

Assigns the path Maximum Transmission Unit (MTU) for the tunnel between routers for every ds-lite instance  

port-limit (DS-LITE)

Restricts the number of entries per private IPv4 address for a given ds-lite instance  

protocol icmp reset-mtu (CGN)

To reset the received packet size to 1280 when the received ipv4 ICMP packet size is less than 1280 bytes, use the protocol icmp reset-mtu command . To copy the received icmp packet size when translating ipv4 to ipv6 packets, use the no form of this command.

protocol icmp reset-mtu

no protocol icmp reset-mtu

Syntax Description

This command has no keywords or arguments.

Command Default

Received packet size will be copied when translating ipv4 to ipv6 for icmp packets.

Command Modes

CGN-NAT64

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

When the icmp reset-mtu protocol is enabled, the ICMP packet size is reset to 1280.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the icmp reset-mtu protocol for a CGN instance:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# ipv6-prefix 2010:db8:ff00::/40
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# address-family ipv6
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-afi)# protocol icmp
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-icmp)# reset-mtu

Related Commands

Command

Description

 

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

service cgn

Enables an instance for the CGN application.  

service-type nat64 (Stateless)

Creates a nat64 stateless application  

traceroute (CGN)

Configures a range of ipv4 addresses that are to be used for mapping when a non-translatable ipv6 address is received.  

ubit-reserved (CGN)

Reserves the bits 64 to 71 for the IPv6 addresses.  

reassembly-enable (6rd)

To reassemble fragmented packets, use the reassembly-enable command in 6RD configuration mode. To disable the reassembly of fragmented packets, use the no form of this command.

reassembly-enable

no reassembly-enable

Syntax Description

This command has no keywords or arguments.

Command Default

By default, reassembly is not allowed.

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to apply the reassembly-enable command for a 6RD tunnel:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# reassembly-enable

Related Commands

Command

Description

address-family (6rd)

Binds an ipv4 or ipv6 ServiceApp interface to a 6rd instance.  

br (6rd)

Enables the Border Relay(BR) configuration.  

path-mtu (6rd)

Configures the ipv4 tunnel MTU (Maximum Transmission Unit) size for an IPv6 Rapid Deployment (6RD) instance.  

reset-df-bit (6rd)

Enables anycast mode.  

tos (6rd)

 

ttl (6rd)

Configures the time to live of an IPv4 tunnel.  

reset-df-bit (6rd)

To reset the Do Not Fragment (DF) bit to enable anycast mode, use the reset-df-bit command in 6RD configuration mode. To disable the anycast mode, use the no form of this command.

reset-df-bit

no reset-df-bit

Syntax Description

This command has no keywords or arguments.

Command Default

Anycast mode is disabled.

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to reset the DF bit:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# reset-df-bit

Related Commands

Command

Description

address-family (6rd)

Binds an ipv4 or ipv6 ServiceApp interface to a 6rd instance.  

br (6rd)

Enables the Border Relay(BR) configuration.  

path-mtu (6rd)

Configures the ipv4 tunnel MTU (Maximum Transmission Unit) size for an IPv6 Rapid Deployment (6RD) instance.  

reassembly-enable (6rd)

Reassembles the fragmented packets.  

tos (6rd)

 

ttl (6rd)

Configures the time to live of an IPv4 tunnel.  

service cgn

To enable an instance for the CGN application, use the service cgn command in global configuration mode. To disable the instance of the CGN application, use the no form of this command.

service cgn instance-name

no service cgn instance-name

Syntax Description

instance-name

Name of the CGN instance that is configured.

Command Default

None

Command Modes

Global configuration

Command History

Release

Modification

Release 3.9.1

This command was introduced.

Usage Guidelines

The service cgn command enters CGN configuration mode.

Task ID

Task ID

Operations

cgn

read, write

Examples

The following example shows how to configure the instance named cgn1 for the CGN application:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# 

service-location (CGN)

To enable the particular instance of the CGN application on the active and standby locations, use the service-location command in CGN configuration mode. To disable the instance that runs at the location of the CGN application, use the no form of this command.

service-location preferred-active node-id [ preferred-standby node-id ]

no service-location preferred-active node-id [ preferred-standby node-id ]

Syntax Description

preferred-active node-id

Specifies the location in which the active CGN application starts. The node-id argument is entered in the rack/slot/module notation.

preferred-standby node-id

(Optional) Specifies the location in which the standby CGN application starts. The node-id argument is entered in the rack/slot/module notation.

Command Default

None

Command Modes

CGN configuration

Command History

Release

Modification

Release 3.9.1

This command was introduced.

Usage Guidelines

Task ID

Task ID

Operations

cgn

read, write

Examples

The following example shows how to specify active and standby locations for the CGN application:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn-nat44)# service-location preferred-active 0/1/CPU0 preferred-standby 0/4/CPU0

Related Commands

Command

Description

hw-module service cgn location

Enables a CGN service role on a specified location.  

 

interface ServiceInfra

Enables the infrastructure SVI interface.  

service cgn

Enables an instance for the CGN application.  

service-location (interface)

To configure the location of a service for the infrastructure service virtual interface (SVI), use the service-location command in interface configuration mode. To disable this feature, use the no form of this command.

service-location node-id

no service-location node-id

Syntax Description

node-id

Specifies the ID of the node. The node-id argument is entered in the rack/slot/module notation.

Command Modes

Interface configuration

Command History

Release

Modification

Release 3.9.1

This command was introduced.

Usage Guidelines

Task ID

Task ID

Operations

interface

read, write

Examples

The following example shows how to configure the service location for 0/1/CPU0:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# interface ServiceInfra 1
RP/0/RP0/CPU0:router(config-if)# service-location 0/1/CPU0
  

service redundancy failover service-type

To initiate failover services to the preferred standby location, use the service redundancy failover service-type command in EXEC mode.

service redundancy failover service-type secgn preferred-active node-id

Syntax Description

secgn

Specifies the CGN service.

preferred-active node-id

Specifies the location from where the failover must start. The node-id argument is entered in the rack/slot/module notation.

Command Default

None

Command Modes

EXEC

Command History

Release

Modification

Release 4.0.0

This command was introduced.

Usage Guidelines

Task ID

Task ID

Operations

cgn

read, write

Examples

The following example shows how to initiate the failover services for the preferred standby location:

RP/0/RP0/CPU0:router# service redundancy failover service-type secgn preferred-active 0/1/cpu0
RP/0/RP0/CPU0:router# 

service redundancy revert service-type

To revert failed over services back to their preferred active location, use the service redundancy revert service-type command in EXEC mode.

service redundancy revert service-type secgn preferred-active node-id

Syntax Description

secgn

Specifies the CGN service.

preferred-active node-id

Specifies the location from where the failover must start. The node-id argument is entered in the rack/slot/module notation.

Command Default

None

Command Modes

EXEC

Command History

Release

Modification

Release 4.0.0

This command was introduced.

Usage Guidelines

Task ID

Task ID

Operations

cgn

read, write

Examples

The following example shows how to revert the failed over services for the preferred active location:

RP/0/RP0/CPU0:router# 
service redundancy revert service-type secgn preferred-active 0/1/cpu0
RP/0/RP0/CPU0:router# 

service-type nat64 (Stateless)

Use the service-type nat64 command to create a nat64 stateless application. To delete the nat64 stateless application, use the no form of this command.

service-type nat64 stateless instance [ address-family | traceroute | ipv6-prefix | ubit-reserved ]

no service-type nat64 statelessinstance

Syntax Description

stateless

Specifies the IPv4 to IPv6 Stateless translation.

instance

Indicates the name of the NAT64 stateless instance.

address-family

Specifies the address-family related configuration.

traceroute

Indicates the traceroute related configuration.

ipv6-prefix

Specifies the IPv6 prefix to be used to translate IPv4 address to IPv6 address.

ubit-reserved

Enables reserving ubits in IPv6 address.

Command Default

None

Command Modes

CONFIG-CGN

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

The NAT64 stateless instance name must be unique across all the CGN NAT44 and NAT64 stateless instance names. There can only be 64 service-type NAT64 configurations per Roddick line card or chassis spanning over different cards.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the nat64 stateless instance named xlat1for the CGN application:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1

Related Commands

Command

Description

address-family ipv4 (Stateless NAT64)

Enters the IPv4 address family configuration mode.  

 

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

service cgn

Enables an instance for the CGN application.  

service-type nat44

Enables a NAT44 instance for the CGN application.  

service-type tunnel v6rd

Creates an IPv6 Rapid Deployment (6RD) tunnel application.  

traceroute (CGN)

Configures a range of ipv4 addresses that are to be used for mapping when a non-translatable ipv6 address is received.  

ubit-reserved (CGN)

Reserves the bits 64 to 71 for the IPv6 addresses.  

service-type tunnel v6rd

To create an IPv6 Rapid Deployment (6RD) tunnel application, use the service-type tunnel command in CGN submode. To delete this instance of the 6RD tunnel application, use the no form of this command.

service-type tunnel v6rd instance address-family | br | path-mtu | reassembly-enable | reset-df-bit | tos | ttl

no service-type tunnel v6rd instance

Syntax Description

v6rd

Specifies the 6RD configuration.

instance

Name of the 6RD instance.

address-family

Specifies the address-family related configuration.

br

Specifies the border relay related configuration.

path-mtu

Specifies the IPv6 MTU value.

reassembly-enable

Enables the reassembly operation.

reset-df-bit

Enables resetting of DF bit.

tos

Specifies the type of service to be used for IPv4 tunnel.

ttl

Specifies the time to live value to be used for IPv4 tunnel.

Command Default

None

Command Modes

CGN submode

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

There can be 64 service-type 6RD tunnel configurations for each line card or chassis spanning over different cards.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the 6RD tunnel instance for the CGN application:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#

Related Commands

Command

Description

address-family (6rd)

Binds an ipv4 or ipv6 ServiceApp interface to a 6rd instance.  

br (6rd)

Enables the Border Relay(BR) configuration.  

path-mtu (6rd)

Configures the ipv4 tunnel MTU (Maximum Transmission Unit) size for an IPv6 Rapid Deployment (6RD) instance.  

reassembly-enable (6rd)

Reassembles the fragmented packets.  

reset-df-bit (6rd)

Enables anycast mode.  

tos (6rd)

 

ttl (6rd)

Configures the time to live of an IPv4 tunnel.  

show cgn tunnel v6rd statistics

To display the IPv6 Rapid Deployment (6RD) tunnel statistics information for a CGN instance, use the show cgn tunnel v6rd statistics command in the EXEC mode.

show cgn tunnel v6rd 6rd-instance statistics

Syntax Description

tunnel

Indicates the tunnel type.

v6rd

Specifies the 6rd information.

6rd-instance

Instance name.

statistics

Specifies the statistics details for 6rd.

Command Default

None

Command Modes

EXEC

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read

Examples

This sample output shows the summary of the statistics entries:

RP/0/RP0/CPU0:router#show cgn tunnel v6rd 6rd1 statistics

Tunnel 6rd configuration
=========================
Tunnel 6rd name: 6rd1
IPv6 Prefix/Length: 2001:db8::/32
Source address: 9.1.1.1
BR Unicast address: 2001:db8:901:101::1
IPv4 Prefix length: 0
IPv4 Suffix length: 0
TOS: 0, TTL: 255, Path MTU: 1280
Tunnel 6rd statistics
======================
IPv4 to IPv6
=============
Incoming packet count : 2296951183
Incoming tunneled packets count : 2296951183
Decapsulated packets : 0
ICMP translation count : 0
Insufficient IPv4 payload drop count : 0
Security check failure drops : 0
No DB entry drop count : 0
Unsupported protocol drop count : 0
Invalid IPv6 source prefix drop count : 2296951183
IPv6 to IPv4
=============
Incoming packet count : 0
Encapsulated packets count : 0
No DB drop count : 0
Unsupported protocol drop count : 0
IPv4 ICMP
==========
Incoming packets count : 0
Reply packets count : 0
Throttled packet count : 0
Nontranslatable drops : 0
Unsupported icmp type drop count : 0
IPv6 ICMP
==========
Incoming packets count : 0
Reply packets count : 0
Packet Too Big generated packets count : 0
Packet Too Big not generated packets count : 0
NA generated packets count : 0
TTL expiry generated packets count : 0
Unsupported icmp type drop count : 0
Throttled packet count : 0
IPv4 to IPv6 Fragments
=======================
Incoming fragments count : 0
Reassembled packet count : 0
Reassembled fragments count : 0
ICMP incoming fragments count : 0
Total fragment drop count : 0
Fragments dropped due to timeout : 0
Reassembly throttled drop count : 0
Duplicate fragments drop count : 0
Reassembly disabled drop count : 0
No DB entry fragments drop count : 0
Fragments dropped due to security check failure : 0
Insufficient IPv4 payload fragment drop count : 0
Unsupported protocol fragment drops : 0
Invalid IPv6 prefix fragment drop count : 0
IPv6 to IPv4 Fragments
=======================
Incoming ICMP fragment count : 0
RP/0/RP1/CPU0:#
=================================================================================

Related Commands

Command

Description

clear cgn tunnel v6rd statistics

Clears all the statistics for a IPv6 Rapid Deployment (6RD) instance  

source-address (6rd)

To assign an ipv4 address as the tunnel source address, use the source-address command in 6RD configuration mode. To remove the source address assigned to the tunnel, use the no form of this command.

source-address address

no source-address address

Syntax Description

address

Indicates the Source IP address.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

For a 6RD tunnel, configure the ipv6-prefix, ipv4 source-address and unicast IPv6 address in a single commit operation. Once configured, the source-address cannot be deleted individually. It must be deleted along with all br tunnel configuration parameters.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the 6RD tunnel source-address:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd-br)# source-address 10.2.2.1

Related Commands

Command

Description

ipv4 prefix (6rd)

Assigns a value for the ipv4-prefix length to be used as part of both ends of tunnel.  

ipv4 suffix (6rd)

Assigns a value for the ipv4-suffix length to be used as part of both ends of a tunnel.  

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

unicast address (6rd)

Assigns an IPv6 address to be used for a IPv6 Rapid Deployment (6RD) Border Relay (BR) unicast configuration.  

tcp mss (CGN)

Use the tcp mss command to adjust the TCP maximum segment size (MSS) value for a ServiceApp interface. To disable a particular service application interface, use the no form of this command.

tcp mss<28-1500>

no tcp mss

Syntax Description

<28-1500>

Maximum segment size to be used in bytes.

Command Default

tcp mss value is disabled by default.

Command Modes

CGN-NAT64

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

If this configuration does not exist, TCP determines the maximum segment size based on the settings specified by the application process, interface maximum transfer unit (MTU), or MTU received from Path MTU Discovery. This is a NAT64 stateless translation command to be applied for each NAT64 stateless CGN instance. This command enables rewriting of the tcp mss value in the translated IPv4 packet (getting translated from IPv6 to IPv4), if the incoming tcp mss value is greater than the value configured by this command.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure TCP MSS value as 1000 for a NAT64 stateless ServiceApp interface:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# interface ServiceApp 2
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# address-family ipv4
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-afi)# tcp mss 1000

Related Commands

Command

Description

inside-vrf (NAT44)

Enters inside VRF configuration mode for a NAT44 instance.  

protocol (NAT44)

Enters the ICMP, TCP, and UDP protocol configuration mode.  

service cgn

Enables an instance for the CGN application.  

tos (6rd)

To configure the IPv4 tunnel type of service, use the tos command in 6RD configuration mode. To disable the type of service, use the no form of this command.

tos value

no tos value

Syntax Description

value

Value of the type of service to be set. The range is from 0 to 255.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the 6RD tunnel type of service:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# tos 25

Related Commands

Command

Description

address-family (6rd)

Binds an ipv4 or ipv6 ServiceApp interface to a 6rd instance.  

br (6rd)

Enables the Border Relay(BR) configuration.  

path-mtu (6rd)

Configures the ipv4 tunnel MTU (Maximum Transmission Unit) size for an IPv6 Rapid Deployment (6RD) instance.  

reassembly-enable (6rd)

Reassembles the fragmented packets.  

reset-df-bit (6rd)

Enables anycast mode.  

ttl (6rd)

Configures the time to live of an IPv4 tunnel.  

traceroute (CGN)

To configure a range of ipv4 addresses that are to be used for mapping when a non-translatable ipv6 address is received, use the traceroute command. To remove the pool of IPv4 addresses used for mapping the non-translatable IPv6 source addresses, use the no form of this command.

traceroute translation address-pool <A.B.C.D/prefix IP subnet mask>algorithm | hash | random | ttl

no traceroute translation

Syntax Description

translation

Specifies the configuration related to translating traceroute addresses.

address-pool

Specifies the IPv4 address pool for traceroute addresses.

A.B.C.D/ prefix IP subnet

Indicates the start address and prefix for the address pool.

algorithm

Indicates the algorithm to translate IPv6 address to IPv4 address.

hash

Indicates the hashing algorithm.

random

Randomly generated algorithm.

ttl

Specifies time to live algorithm.

Command Default

None

Command Modes

CGN-NAT64

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

These IPv4 addresses are not allowed to be configured through this command:

  1. 127.0.01
  2. 224.0.0.0 onwards
  3. All zero addresses
  4. Broadcast address

The value for prefix can range from 1 to 32. There is only one such map per instance of stateless ipv4 to ipv6 service-type. When there is no pool of IPv4 addresses to translate the non-translatable IPv6 source address, packets coming with non-translatable IPv6 source addresses are dropped.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the address-pool:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# traceroute translation address-pool 121.1.2.0/24

This example shows how to configure the random algorithm:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# traceroute translation algorithm Random

This example shows how to configure the hash algorithm:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# traceroute translation algorithm Hash

This example shows how to configure the TTL algorithm:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# traceroute translation algorithm TTL

Related Commands

Command

Description

address-family ipv4 (Stateless NAT64)

Enters the IPv4 address family configuration mode.  

 

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

service cgn

Enables an instance for the CGN application.  

service-type nat64 (Stateless)

Creates a nat64 stateless application  

ubit-reserved (CGN)

Reserves the bits 64 to 71 for the IPv6 addresses.  

traffic-class (CGN)

Use the traffic-class command to configure the traffic class value to be used when translating a packet from IPv4 to IPv6. To copy the traffic-class value from ipv4 packet, use the no form of this command.

traffic-class value

no traffic-class value

Syntax Description

value

The value of traffic class to be set. It ranges from 0 to 255.

Command Default

None

Command Modes

CGN-NAT64

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the CGN-NAT64 traffic class value:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# ipv6-prefix 2010:db8:ff00::/40
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# address-family ipv6
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-afi)# interface ServiceApp 461
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless-afi)# traffic-class 20

Related Commands

Command

Description

 

df-override (CGN)

Sets the do not fragment bit  

service cgn

Enables an instance for the CGN application.  

service-type nat64 (Stateless)

Creates a nat64 stateless application  

ttl (6rd)

To configure the ipv4 tunnel time to live (ttl) , use the ttl command. To undo the configuration, use the no form of this command.

ttl value

no ttl value

Syntax Description

value

Time-to-live value to be used for IPv4 tunnel. The range is from 1 to 255.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the 6RD tunnel time to live value:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router#(config)# service cgn cgn1
RP/0/RP0/CPU0:router#(config-cgn)service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# ttl 25

Related Commands

Command

Description

address-family (6rd)

Binds an ipv4 or ipv6 ServiceApp interface to a 6rd instance.  

br (6rd)

Enables the Border Relay(BR) configuration.  

path-mtu (6rd)

Configures the ipv4 tunnel MTU (Maximum Transmission Unit) size for an IPv6 Rapid Deployment (6RD) instance.  

reassembly-enable (6rd)

Reassembles the fragmented packets.  

reset-df-bit (6rd)

Enables anycast mode.  

tos (6rd)

 

ubit-reserved (CGN)

To reserve the bits 64 to 71 in the IPv6 addresses, use the ubit-reserved command. To cancel the IPv6 addresses from getting reserved to bits 64 to 71, use the no form of this command. They may be used to store IPv4 address octets as part of translation.

ubit-reserved

no ubit-reserved

Syntax Description

This command has no keywords or arguments.

Command Default

None

Command Modes

CGN-NAT64

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines

This is a NAT64 stateless translation command to be applied for each instance of NAT64 stateless of a CGN instance. When this configuration is enabled bits 64 to 71 in the IPv6 addresses are reserved for purposes including U-Bit. These are not used for translation purposes.

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the nat64 stateless ubit-reserved option:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type nat64 stateless xlat1
RP/0/RP0/CPU0:router(config-cgn-nat64-stateless)# ubit-reserved

Related Commands

Command

Description

address-family ipv4 (Stateless NAT64)

Enters the IPv4 address family configuration mode.  

 

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

service cgn

Enables an instance for the CGN application.  

service-type nat64 (Stateless)

Creates a nat64 stateless application  

traceroute (CGN)

Configures a range of ipv4 addresses that are to be used for mapping when a non-translatable ipv6 address is received.  

unicast address (6rd)

To assign an IPv6 address to be used for a IPv6 Rapid Deployment (6RD) Border Relay (BR) unicast configuration, use the unicast address command in 6RD configuration mode. To remove the assigned unicast address, use the no form of this command.

unicast address address

no unicast address address

Syntax Description

address

IPv6 address used for unicast from IPv6 network.

Command Default

None

Command Modes

6RD configuration

Command History

Release Modification
Release 4.1.0

This command was introduced.

Usage Guidelines

For a 6RD tunnel, configure the br with ipv6-prefix, ipv4 source-address and unicast IPv6 address in a single commit operation. Once configured, the unicast address cannot be deleted individually. It must be deleted along with all br (Border Relay) tunnel configuration parameters.

The ipv6 unicast address is derived from these: ipv6 prefix, ipv6 prefix length, ipv4 prefix length and ipv4 suffix length, and tunnel source address.

Here's the formula to calculate the IPv6 unicast address:

ipv6 unicast address = <ipv6-prefix> + (remove ipv4 prefix length bits from starting and ipv4 suffix length bits from ending of tunnel source address) :: <number>

Task ID

Task ID Operation

cgn

read, write

Examples

This example shows how to configure the 6RD tunnel unicast address:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)# service-type tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd-br)# unicast address 2001:db8:a02:102::1

Related Commands

Command

Description

ipv4 prefix (6rd)

Assigns a value for the ipv4-prefix length to be used as part of both ends of tunnel.  

ipv4 suffix (6rd)

Assigns a value for the ipv4-suffix length to be used as part of both ends of a tunnel.  

ipv6-prefix (6rd)

Generates the delegated ipv6 prefix for a IPv6 Rapid Deployment (6RD) application.  

source-address (6rd)

Assigns an ipv4 address as the tunnel source address.  

virtual-service

To configure and activate a virtual service, use the virtual-service command. To disable the virtual service, use the no virtual-service command.

Command Behavior in Different Command Modes

You can run this command in both global configuration mode as well as EXEC mode.

virtual-service <virtual service name> enable

no virtual-service <virtual service name> enable

Syntax Description

<virtual service name>

Specifies the name of the virtual service.

enable

Enables the virtual service.

virtual-service in EXEC Mode

virtual-service [ connect name <virtual service name> [ aux | console node <node name>| install | uninstall] <virtual service name>

Syntax Description

connect name

Connects to the virtual service. The keyword name specifies the name of the appliance.

aux

Connects to the aux port.

console node

Connects to the console port of the particular card specified by the keyword node.

install name

Installs the virtual service. The keyword name specifies the name of the appliance.

uninstall name

Uninstalls the virtual service. The keyword name specifies the name of the appliance.

<virtual service name>

Specifies the name of the virtual service.

<node name>

Specifies the name of the card.

Command Default

None

Command Modes

Global Configuration mode and EXEC mode

Command History

Release Modification

Release 5.1.1

This command was introduced.

Usage Guidelines


Note


Use Ctrl ^ e to disconnect from the VM.

Task ID

Task ID Operation
eem

read, write

Examples

RP/0/RSP0/CPU0:router(config)#virtual-service enable
 RP/0/RSP0/CPU0:router(config)#commit

Examples

RP/0/RSP0/CPU0:router #virtual-service connect name cgn1 console node 0/0/CPU0
 RP/0/RSP0/CPU0:router #commit

vrf (cgn)

Use the vrf command to configure a VPN routing and forwarding (VRF) instance. To disable the VRF, use the no form of this command.

vrf vrf-name

no vrf vrf-name

Syntax Description

vrf-name

The CGN application uses inside vrfs and outside vrfs exclusively. These names cannot be used: all, default, and global.

Command Default

None

Command Modes

CONFIG-IF

Command History

Release Modification

Release 4.1.0

This command was introduced.

Usage Guidelines


Note


The number of supported VRFs is platform specific. For the CGN application, use only these vrf-names: insidevrf1 and outsidevrf1. The CGN application uses inside vrfs and outside vrfs exclusively, and the user needs to name and use them accordingly.


Task ID

Task ID Operation

ip services

read, write

Examples

This example shows how to create an inside and outside VRF using the vrf command:

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# vrf insidevrf1
RP/0/RP0/CPU0:router(config-vrf)# vrf outsidevrf1
RP/0/RP0/CPU0:router(config-vrf)# exit

Related Commands

Command

Description

hw-module service cgn location

Enables a CGN service role on a specified location.  

 

interface ServiceInfra

Enables the infrastructure SVI interface.  

service cgn

Enables an instance for the CGN application.  

service-type nat44

Enables a NAT44 instance for the CGN application.