The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes the Cisco NX-OS unicast routing commands available on the Cisco Nexus 3548 switch.
To enable BGP additional paths for a prefix to be received from a capable peer, use the additional-paths receive command in address family configuration mode. To disable receiving additional-path capability for the address family, use the no form of this command.
Capability of receiving additional paths is disabled for address family.
Address family configuration (config-router-af)
VRF Neighbor address family configuration
Neighbor VPN address family configuration
|
|
---|---|
The additional-paths receive command enables the additional path receive capability for an address family, after successful negotiation with a neighbor. The ability to send and receive additional paths is negotiated between two BGP neighbors during session establishment.
This command controls whether the local device can receive additional paths from all neighbors within an address family. This capability applies to all neighbors under the specified address family unless the capability is explicitly disabled with the neighbor additional-paths receive disable command, which overrides the configuration for the address family or template.
Use the show ip bgp neighbors command to display whether neighbors are capable of sending or receiving additional paths. Use the show ip bgp command with a network address to display the path selections, path IDs, and the capabilities for advertising and receiving additional paths.
To enable additional paths selection capability for a prefix, use the additional-paths selection command in address family configuration mode. To disable configuring additional paths selection for a prefix, use the no form of this command.
additional-paths selection route-map map-name
no additional-paths selection route-map map-name
Address family configuration (config-router-af)
VRF address family configuration
VPN address family configuration
|
|
---|---|
Use the additional-paths selection command to enable additional paths selection mode for some or all prefixes. Specify an appropriate route map to calculate backup paths and to enable Prefix Independent Convergence (PIC) functionality. You can optionally configure the set path-selection all advertise command in the route map to advertise all.
To enable BGP additional paths for a prefix to be sent to a capable peer, use the additional-paths send command in address family configuration mode. To disable the sending of additional-paths for the address family, use the no form of this command.
Capability of sending additional paths is disabled for address family.
Address family configuration (config-router-af)
VRF Neighbor address family configuration
Neighbor VPN address family configuration
|
|
---|---|
The additional-paths send command enables the additional path send capability for an address family, after successful negotiation with a neighbor. The ability to send and receive additional paths is negotiated between two BGP neighbors during session establishment.
This command controls whether the local device can send additional paths to all neighbors within an address family. This capability applies to all neighbors under the specified address family unless the capability is explicitly disabled with the capability additional-paths send disable command, which overrides the configuration for the address family or template.
Use the show ip bgp neighbors command to display whether neighbors are capable of sending or receiving additional paths. Use the show ip bgp command with a network address to display the path selections, path IDs, and the capabilities for advertising and receiving additional paths.
To add a single, primary IP address to a virtual router, use the address command. To remove an IP address from a virtual router, use the no form of this command.
address ip-address [ secondary ]
no address [ ip-address [ secondary ]]
Virtual router address (IPv4). This address should be in the same subnet as the interface IP address. |
|
|
|
---|---|
You can configure one virtual router IP address for a virtual router. If the configured IP address is the same as the interface IP address, this switch automatically owns the IP address. You can configure an IPv4 address only.
The master VRRP router drops the packets addressed to the virtual router's IP address because the virtual router is only intended as a next-hop router to forward packets. In NX-OS devices, some applications require that packets addressed to the virtual router's IP address be accepted and delivered. By using the secondary option to the virtual router IPv4 address, the VRRP router will accept these packets when it is the master.
This example shows how to configure a virtual router IP address:
This example shows how to remove all the IP addresses (primary and secondary) using a single command:
|
|
---|---|
Clears all the software counters for the specified virtual router. |
|
To enter the neighbor address family mode address-family mode and configure submode commands for the Border Gateway Protocol (BGP), use the address-family command. To disable the address family submode for configuring routing protocols, use the no form of this command.
address-family ipv4 { multicast | unicast }
no address-family ipv4 { multicast | unicast }
|
|
---|---|
Use the address-family command to enter various address family configuration modes while configuring BGP routing. When you enter the address-family command from neighbor configuration mode, you enable the neighbor address family and enter the neighbor address family configuration mode. The prompt changes to switch(config-router-neighbor-af)#.
You must configure the address families if you are using route redistribution, load balancing, and other advanced features. IPv4 neighbor sessions support IPv4 unicast and multicast address families.
This example shows how to activate IPv4 multicast for neighbor 192.0.2.1 and place the device in neighbor address family configuration mode for the IPv4 multicast address family:
|
|
---|---|
Configures a BGP routing process to distribute a default route. |
|
Configures the switch software to start storing BGP peer updates. |
|
To enter the address family mode or a virtual routing and forwarding (VRF) address-family mode and configure submode commands for the Border Gateway Protocol (BGP), use the address-family command. To disable the address family submode for configuring routing protocols, use the no form of this command.
address-family ipv4 { multicast | unicast }
no address-family ipv4 { multicast | unicast }
Router configuration mode
VRF configuration mode
|
|
---|---|
Use the address-family command to enter various address family configuration modes while configuring BGP routing. When you enter the address-family command from router configuration mode, you enable the address family and enter global address family configuration mode. The prompt changes to switch(config-router-af)#.
You must configure the address families if you are using route redistribution, address aggregation, load balancing, and other advanced features. IPv4 neighbor sessions support IPv4 unicast and multicast address families.
This example shows how to place the router in global address family configuration mode for the IPv4 unicast address family:
|
|
---|---|
Configures the default metric for routes redistributed into BGP. |
|
Configures the BGP delay for triggering next-hop calculations. |
|
To configure an address family for the Enhanced Interior Gateway Routing Protocol (EIGRP), use the address-family command. To remove an address family, use the no form of this command.
no address-family ipv4 unicast
Router configuration mode
Address family configuration mode
|
|
---|---|
This example shows how to set the IPv4 unicast address family for an EIGRP instance:
|
|
---|---|
Configures the default metric for routes redistributed into EIGRP. |
|
To configure an address family for the Routing Information Protocol (RIP), use the address-family command in router configuration mode.
|
|
---|---|
This example shows how to set the IPv4 unicast address family for a RIP instance:
|
|
---|---|
Configures the default metric for routes redistributed into RIP. |
|
Displays a summary of RIP information for all RIP instances. |
|
To configure Border Gateway Protocol (BGP) conditional advertisement, use the advertise-map command. To remove BGP conditional advertisement, use the no form of this command.
advertise-map adv-map { exist-map exist-rmap | non-exist-map nonexist-rmap }
BGP neighbor address-family command mode
|
|
Use the advertise-map command to conditionally advertise selected routes. The routes or prefixes that BGP conditionally advertises are defined in two route maps, the adv-map and an exist-map or nonexist-map. The e xist-map or nonexist-map specifies the prefix that the BGP tracks. The adv-map specifies the prefix that BGP advertises to the specified neighbor when the condition is met.
This example shows how to configure BGP conditional advertisement:
|
|
---|---|
To specify the time interval between the advertisement packets that are being sent to other Virtual Router Redundancy Protocol (VRRP) routers in the same group, use the advertisement-interval command. To return to the default interval value of 1 second, use the no form of this command.
advertisement-interval seconds
no advertisement-interval [ seconds ]
Number of seconds between advertisement frames being sent. For IPv4, the range is from 1 to 255 seconds. |
|
|
---|---|
VRRP advertisements communicate the priority and state of the virtual router master. The advertisements are encapsulated in IP packets and are sent to the IPv4 multicast address that is assigned to the VRRP group.
VRRP uses a dedicated Internet Assigned Numbers Authority (IANA) standard multicast address (224.0.0.18) for VRRP advertisements. This addressing scheme minimizes the number of routers that must service the multicasts and allows test equipment to accurately identify VRRP packets on a segment. The IANA-assigned VRRP IP protocol number is 112.
This example shows how to specify an advertisement interval of 200 seconds for VRRP group 250:
|
|
---|---|
Clears all the software counters for the specified virtual router. |
|
To create a summary address in a Border Gateway Protocol (BGP) routing table, use the aggregate-address command. To remove the summary address, use the no form of this command.
aggregate-address address / length [ advertise-map map-name ] [ as-set ] [ attribute-map map-name ] [ summary-only ] [ suppress-map map-name ]
no aggregate-address address / length [ advertise-map map-name ] [ as-set ] [ attribute-map map-name ] [ summary-only ] [ suppress-map map-name ]
The atomic aggregate attribute is set automatically when an aggregate route is created with this command unless the as-set keyword is specified.
Address-family configuration mode
|
|
---|---|
You can implement aggregate routing in BGP either by redistributing an aggregate route into BGP, or by using the conditional aggregate routing feature.
Using the aggregate-address command with no keywords will create an aggregate entry in the BGP routing table if any more-specific BGP routes are available that fall within the specified range. (A longer prefix which matches the aggregate must exist in the RIB.) The aggregate route will be advertised as coming from your autonomous system and will have the atomic aggregate attribute set to show that information might be missing. (By default, the atomic aggregate attribute is set unless you specify the as-set keyword.)
Using the as-set keyword creates an aggregate entry using the same rules that the command follows without this keyword, but the path advertised for this route will be an AS_SET consisting of all elements contained in all paths that are being summarized. Do not use this form of the aggregate-address command when aggregating many paths, because this route must be continually withdrawn and updated as autonomous system path reachability information for the summarized routes changes.
Using the summary-only keyword not only creates the aggregate route (for example, 192.*.*.*) but also suppresses advertisements of more-specific routes to all neighbors. If you want to suppress only advertisements to certain neighbors, you may use the neighbor distribute-list command, with caution. If a more-specific route leaks out, all BGP routers will prefer that route over the less-specific aggregate you are generating (using longest-match routing).
Using the suppress-map keyword creates the aggregate route but suppresses advertisement of specified routes. You can use the match clauses of route maps to selectively suppress some more-specific routes of the aggregate and leave others unsuppressed. IP access lists and autonomous system path access lists match clauses are supported.
Using the advertise-map keyword selects specific routes that will be used to build different components of the aggregate route, such as AS_SET or community. This form of the aggregate-address command is useful when the components of an aggregate are in separate autonomous systems and you want to create an aggregate with AS_SET, and advertise it back to some of the same autonomous systems. You must remember to omit the specific autonomous system numbers from the AS_SET to prevent the aggregate from being dropped by the BGP loop detection mechanism at the receiving router. IP access lists and autonomous system path access lists match clauses are supported.
Using the attribute-map keyword allows attributes of the aggregate route to be changed. This form of the aggregate-address command is useful when one of the routes forming the AS_SET is configured with an attribute such as the community no-export attribute, which would prevent the aggregate route from being exported. An attribute map route map can be created to change the aggregate attributes.
This example shows how to create an aggregate BGP address in router configuration mode. The path advertised for this route will be an AS_SET consisting of all elements contained in all paths that are being summarized.
This example shows how to create an aggregate BGP address in address family configuration mode and apply it to the multicast database (SAFI) under the IP Version 4 address family. Because the summary-only keyword is configured, more-specific routes are filtered from updates.
Conditional Aggregation Example
This example shows how to create a route map called MAP-ONE to match on an as-path access list. The path advertised for this route will be an AS_SET consisting of elements contained in paths that are matched in the route map.
|
|
To enable authentication for an Open Shortest Path First (OSPF) area, use the area authentication command. To remove authentication for an area, use the no form of this command.
area area-id authentication [ message-digest ]
no area area-id authentication [ message-digest ]
|
|
---|---|
Use the area authentication command to configure the authentication mode for the entire OSPF area.
The authentication type and authentication password must be the same for all OSPF devices in an area. Use the ip ospf authentication-key command in interface configuration mode to specify this password.
If you enable MD5 authentication with the message-digest keyword, you must configure a password with the ip ospf message-digest-key command in interface configuration mode.
This example shows how to configure authentication for area 0 of OSPF routing process 201:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Assigns a password for simple password authentication for OSPF. |
|
To specify a cost for the default summary route sent into an Open Shortest Path First (OSPF) stub or not-so-stubby area (NSSA), use the area default-cost command. To remove the assigned default route cost, use the no form of this command.
area area-id default-cost cost
no area area-id default-cost cost
The summary route cost is based on the area border router that generated the summary route.
|
|
---|---|
Use the area default-cost command on an Area Border Router (ABR) attached to a stub or NSSA to configure the metric for the summary default route generated by the ABR into the stub area.
This example shows how to set a default cost of 20 to stub network 192.0.2.0:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To filter prefixes advertised in type 3 link-state advertisements (LSAs) between Open Shortest Path First (OSPF) areas of an Area Border Router (ABR), use the area filter-list command. To change or cancel the filter, use the no form of this command.
area area-id filter-list route-map map-name { in | out }
no area area-id filter-list route-map map-name { in | out }
|
|
---|---|
Use the area filter-list command to filter Type 3 LSAs. If you apply the route map with the in keyword, the route map filters all Type 3 LSAs originated by the ABR to this area, including Type 3 LSAs that originated as a result of the area range command in another area.
If you apply the route map with the out keyword, the route map filters all Type 3 LSAs that are advertised by the ABR to all other areas including Type 3 LSAs that originate locally as a result of the area range command configured in this area.
Cisco NX-OS implicitly denies any prefix that does not match an entry in the route map.
This example shows how to filter prefixes that are sent from all other areas to area 1:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Defines the conditions for redistributing routes from one routing protocol into another. |
|
To filter prefixes that are advertised in type 3 link-state advertisements (LSAs) between Open Shortest Path First (OSPF) areas of an Area Border Router (ABR), use the area filter-list command. To change or cancel the filter, use the no form of this command.
area area-id filter-list route-map map-name {in | out}
no area area-id filter-list route-map map-name {in | out}
Route map name. A route map name can be any alphanumeric string up to 63 characters. |
|
|
|
Use the area filter-list command to filter Type 3 LSAs. If you apply the route map with the in keyword, the route map filters all Type 3 LSAs that are originated by the ABR to this area, including Type 3 LSAs that originated as a result of the area range command in another area.
If you apply the route map with the out keyword, the route map filters all Type 3 LSAs that are advertised by the ABR to all other areas including Type 3 LSAs that originate locally as a result of the area range command configured in this area.
The Cisco NX-OS software implicitly denies any prefix that does not match an entry in the route map.
This example shows how to filter prefixes that are sent from all other areas to 0.0.0.10:
This example shows how change or cancel the filter:
To configure an area as an Open Shortest Path First (OSPF) not-so-stubby (NSSA) area, use the area nssa command. To remove the NSSA area, use the no form of this command.
area area-id nssa [ default-information-originate [ route-map map-name ]] [ no-redistribution ] [ no-summary ] [ translate type7 [ always | never ] [ suppress-fa ]]
no area area-id nssa [ default-information-originate [ route-map map-name ]] [ no-redistribution ] [ no-summary ] [ translate type7 [ always | never ] [ suppress-fa ]]
|
|
---|---|
Use the area nssa command to create an NSSA area in an OSPF autonomous system. We recommend that you understand the network topology before configuring forwarding address suppression for translated LSAs. Suboptimal routing might result because there might be better paths to reach the destination’s forwarding address.
This example shows how to configure area 1 as an NSSA area:
This example shows how to configure area 1 as an NSSA area and translate Type 7 LSAs from area 1 to Type 5 LSAs, but not place the Type 7 forwarding address into the Type 5 LSAs. (OSPF places 0.0.0.0 as the forwarding address in the Type 5 LSAs.)
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Redistributes routes learned from one routing protocol to another routing protocol domain. |
|
To consolidate and summarize routes at an Open Shortest Path First (OSPF) area boundary, use the area range command. To disable this function, use the no form of this command.
area area-id range ip-prefix [ not-advertise ] [ cost cost ]
no area area-id range ip-prefix [ not-advertise ] [ cost cost ]
|
|
---|---|
Use the area range command only with Area Border Routers (ABRs) to consolidate or summarize routes for an area. The ABR advertises that a single summary route is advertised to other areas and condenses routing information at area boundaries.
You can configure OSPF to summarize addresses for many different sets of address ranges by configuring multiple area range commands.
This example shows how to configure one summary route to be advertised by the ABR to other areas for all hosts on network 192.0.2.0:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To define an area as an Open Shortest Path First (OSPF) stub area, use the area stub command. To remove the area, use the no form of this command.
area area-id stub [ no-summary ]
no area area-id stub [no-summary]
|
|
---|---|
Use the area stub command to configure all devices attached to the stub area. Use the area default-cost command on an area border router (ABR) attached to the stub area. The area default-cost command provides the metric for the summary default route generated by the ABR into the stub area.
To further reduce the number of link-state advertisements (LSAs) sent into a stub area, you can configure the no-summary keyword on the ABR to prevent it from sending Summary LSAs (Type 3 LSAs3) into the stub area.
This example shows how to create stub area 33 in OSPF 209:
|
|
---|---|
Specifies a cost for the default summary route sent into a stub area. |
|
Saves the configuration changes to the startup configuration file. |
|
To define an Open Shortest Path First (OSPF) virtual link, use the area virtual-link command. To remove a virtual link, use the no form of this command.
area area-id virtual-link router-id
no area area-id virtual-link router-id
|
|
---|---|
Use the area virtual-link command to establish a virtual link from a remote area to the backbone area. In OSPF, all areas must be connected to a backbone area. If the connection to the backbone is lost, it can be repaired by establishing a virtual link.
Use the area virtual-link command to enter the virtual link configuration mode where you can use the following commands:
See each command for syntax and usage details.
You must configure both sides of a virtual link with the same area ID and the corresponding virtual link neighbor router ID. To see the router ID, use the show ip ospf neighbors command in any mode.
Note You cannot configure a virtual link on a not-so-stubby (NSSA) area.
This example shows how to establish a virtual link between two devices, A, and B, with default values for all optional parameters:
To configure authentication for the Hot Standby Router Protocol (HSRP), use the authentication command. To disable authentication, use the no form of this command.
authentication { string | md5 { key-chain key-chain | key-string { 0 | 7 } text [ timeout seconds ]} | text string }
no authentication { string | md5 { key-chain key-chain | key-string { 0 | 7 } text [ timeout seconds ]} | text string }
HSRP configuration or HSRP template mode
|
|
---|---|
Use the authentication text command to prevent misconfigured routers from participating in HSRP groups that they are not intended to participate in. The authentication string is sent unencrypted in all HSRP messages. The same authentication string must be configured on all routers in the same group to ensure interoperation. HSRP protocol packets that do not authenticate are ignored.
This example shows how to configure an authentication string for HSRP group 2:
|
|
---|---|
To specify the authentication type for an Open Shortest Path First (OSPF) virtual link, use the authentication command. To remove the authentication type for a virtual link, use the no form of this command.
authentication [ key-chain key-name | message-digest | null ]
Defaults to password authentication if you configure authentication with none of the optional keywords.
OSPF virtual link configuration mode
|
|
---|---|
Use the authentication command in virtual link configuration mode to configure the authentication method used on the virtual link. Use the message-digest keyword to configure MD5 message digest authentication and use the message-digest-key command to complete this authentication configuration. Use the key-chain keyword to configure password authentication using key chains and use the key chain command to complete this authentication configuration. Use the authentication command with no keywords to configure a password for the virtual link, and use the authentication-key command to complete this authentication configuration.
This example shows how to enable message-digest authentication:
|
|
---|---|
Assigns a password to be used by neighboring routers that are using the password authentication of OSPF. |
|
To configure an authentication for the Virtual Router Redundancy Protocol (VRRP), use the authentication command. To disable authentication, use the no form of this command.
no authentication [ text password ]
Specifies to use a simple text password of up to eight alphanumeric characters. |
|
|
---|---|
This example shows how to configure md5 authentication for VRRP:
|
|
---|---|
Clears all the software counters for the specified virtual router. |
|
To enable authentication for the Enhanced Interior Gateway Routing Protocol (EIGRP) packets and to specify the set of keys that can be used on an interface, use the authentication key-chain command. To prevent authentication, use the no form of this command.
authentication key-chain name-of-chain
no authentication key-chain name-of-chain
Router configuration mode
Address family configuration mode
Router VRF configuration mode
|
|
---|---|
Set the authentication mode using the authentication mode command in VRF configuration mode. You must separately configure a key chain using the key-chain command to complete the authentication configuration for an interface.
This example shows how to configure the interface to accept and send any key that belongs to the key-chain trees:
|
|
---|---|
Enables authentication for EIGRP and specifies the set of keys that can be used on an interface. |
|
Creates a set of keys that can be used by an authentication method. |
|
To specify the type of authentication used in the Enhanced Interior Gateway Routing Protocol (EIGRP) packets, use the authentication mode command. To remove authentication, use the no form of this command.
Router configuration mode
Address family configuration mode
VRF configuration mode
|
|
---|---|
This example shows how to configure the interface to use MD5 authentication:
To assign a password to be used by an Open Shortest Path First (OSPF) virtual link, use the authentication-key command. To remove a previously assigned OSPF password, use the no form of this command.
authentication-key [ 0 | 3 ] password
Any continuous string of characters that can be entered from the keyboard up to 8 bytes. |
OSPF virtual link configuration mode
|
|
---|---|
Use the authentication-key command to configure the password for password authentication on an OSPF virtual link. All devices on the same virtual link must have the same password to be able to exchange OSPF information.
This example shows how to enable the authentication key with the string yourpass:
|
|
---|---|
To control how Open Shortest Path First (OSPF) calculates default metrics for an interface, use the auto-cost command. To assign the default reference bandwidth of 40 Gb/s, use the no form of this command.
auto-cost reference-bandwidth bandwidth [ Gbps | Mbps ]
no auto-cost reference-bandwidth
40 Gb/s. The bandwidth defaults to Gb/s if you do not specify the Gpbs or Mbps keyword.
|
|
---|---|
Use the auto-cost command to set the reference bandwidth used by the OSPF cost-metric calculation.
The value set by the ip ospf cost command overrides the cost that results from the auto-cost command.
This example shows how to set the reference bandwidth for all local interfaces in an OSPF instance:
|
|
---|---|
Explicitly specifies the cost of sending a packet on an interface. |
To configure the autonomous system (AS) number for an Enhanced Interior Gateway Routing Protocol (EIGRP) address family, use the autonomous-system command. To revert to default, use the no form of this command.
no autonomous-system [ as-number ]
Address family configuration mode
|
|
---|---|
Use the autonomous-system command to set a common AS number for all EIGRP instances in an address family.
This example shows how to set an AS number for EIGRP for IPv4 unicast:
|
|
---|---|
To change the default best-path selection algorithm, use the bestpath command. To return the Border Gateway Protocol (BGP) routing process to the default operation, use the no form of this command.
bestpath { always-compare-med | compare-routerid | { med { missing-as-worst | non-deterministic }}
no bestpath { always-compare-med | compare-routerid | { med { missing-as-worst | non-deterministic }}
The default settings are as follows:
med missing-as-worst: A value of 0 is assigned to the missing MED
|
|
---|---|
Before you use this command, ensure that BGP is enabled on the switch by using the feature bgp command.
To enable the comparison of the MED for paths from neighbors in different autonomous systems, use the bgp always-compare-med command.
This example shows how to change the default best-path selection algorithm to compare the MED on paths from different autonomous systems:
|
|
---|---|
Displays the running configuration for BGP for IPv4 networks. |
To configure a Border Gateway Protocol (BGP) routing process to consider the different autonomous system (AS) paths and load balance multiple paths during best path route selection, use the bestpath as-path multipath-relax command. To return the BGP routing process to the default operation, use the no form of this command.
bestpath as-path multipath-relax
no bestpath as-path multipath-relax
Router BGP configuration mode
VRF configuration mode
|
|
---|---|
Before you use this command, ensure that BGP is enabled on the switch by using the feature bgp command.
This example shows how to configure multipath load sharing on paths from different autonomous systems in router mode:
|
|
---|---|
Displays the running configuration for BGP for IPv4 networks. |
To configure the receive additional paths capability for the specified neighbor, use the capability additional-paths receive command in neighbor address family configuration mode or peer policy template configuration mode. To disable the capability of receiving additional paths, use the no form of this command.
capability additional-paths receive [disable]
no capability additional-paths receive [disable]
(Optional) Overrides any address family configuration that enables receiving additional paths. |
Neighbor address family configuration (config-router-af)
VRF Neighbor address family configuration
Neighbor VPN address family configuration
Peer policy template configuration (config-router-ptmp)
|
|
---|---|
Use the capability additional-paths receive command to selectively enable or disable the additional paths receive capability negotiation for a particular neighbor. The ability to send and receive additional paths is negotiated between two BGP neighbors during session establishment.
To advertise additional paths, you also need to:
Use the capability additional-paths receive disable command to override template or address family configurations that enable receiving additional paths.
Use the show ip bgp neighbors command to display whether neighbors are capable of sending or receiving additional paths.
Any changes to this command take effect only after the next session is established and does not cause the tear down of any currently established sessions. You must restart any currently established BGP sessions for the new configuration to take effect. Use the clear bgp command to restart sessions.
In the following example, additional paths can be sent and received by a neighbor using the specified template:
To configure the send additional paths capability for the specified neighbor, use the capability additional-paths send command in neighbor address family configuration mode or peer policy template configuration mode. To disable the capability of sending additional paths, use the no form of the command.
capability additional-paths send [disable]
no capability additional-paths send [disable]
(Optional) Overrides any address family configuration that enables sending additional paths. |
Neighbor address family configuration (config-router-af)
VRF Neighbor address family configuration
Neighbor VPN address family configuration
Peer policy template configuration (config-router-ptmp)
|
|
---|---|
Use the capability additional-paths send command to selectively enable or disable the additional paths send capability negotiation for a particular neighbor. The ability to send and receive additional paths is negotiated between two BGP neighbors during session establishment.
To advertise additional-paths, you also need to:
Use the capability additional-paths send disable command to override template or address family configurations that enable the sending of additional paths.
Use the show ip bgp neighbors command to display whether neighbors are capable of sending or receiving additional paths.
Any changes to this command take effect only after the next session is established and do not cause any currently established sessions to be torn down. You must restart any currently established BGP sessions for the new configuration to take effect. Use the clear bgp command to restart sessions.
To clear Border Gateway Protocol (BGP) routes from the BGP table, use the clear bgp command.
clear bgp { ipv4 { multicast | unicast } | all } { neighbor | * | as-number | peer-template name | prefix } [ vrf vrf-name ]
|
|
---|---|
This example shows how to clear all BGP entries:
|
|
---|---|
To clear Border Gateway Protocol (BGP) route flap dampening information, use the clear bgp dampening command.
clear bgp { ipv4 { unicast | multicast } | all } dampening [ neighbor | prefix ] [ vrf vrf-name | all | default | management ]
|
|
---|---|
This example shows how to clear BGP route flap dampening information:
|
|
---|---|
To clear Border Gateway Protocol (BGP) route flap statistics, use the clear bgp flap-statistics command.
clear bgp { ipv4 { multicast | unicast } | all } flap-statistics [ neighbor | prefix ] [ vrf vrf-name | all | default | management ]
|
|
---|---|
This example shows how to clear BGP route flap statistics:
|
|
---|---|
To clear policy statistics for the Border Gateway Protocol (BGP) topology table, use the clear bgp policy statistics aggregate-address command.
clear bgp policy statistics aggregate-address prefix { advertise-map | suppress-map }
Summary address. The format is x. x. x. x or x. x. x. x / length. The range is from 1 to 32. |
|
|
|
---|---|
This example shows how to clear policy statistics for an aggregate address:
|
|
---|---|
To clear policy statistics for the Border Gateway Protocol (BGP) dampening, use the clear bgp policy statistics dampening command.
clear bgp policy statistics dampening
|
|
---|---|
This example shows how to clear policy statistics for dampening:
|
|
---|---|
To clear policy statistics for the Border Gateway Protocol (BGP) neighbor, use the clear bgp policy statistics neighbor command.
clear bgp policy statistics neighbor prefix [ default-originate | { filter-list | prefix-list | route-map } { in | out }]
(Optional) Clears policy statistics for the default originate policy. |
|
|
|
---|---|
This example shows how to clear policy statistics for an aggregate address:
|
|
---|---|
To clear policy statistics for the Border Gateway Protocol (BGP) topology table, use the clear bgp policy statistics redistribute command.
clear bgp policy statistics redistribute { direct | eigrp id | ospf id | rip id | static } [ vrf { vrf-name | all | default | management }]
|
|
---|---|
This example shows how to clear policy statistics for RIP:
|
|
---|---|
To clear forwarding information, use the clear forwarding route command.
clear forwarding { ip | ipv4 } route [ * | prefix ] [ vrf vrf-name ]
(Optional) Specifies a particular virtual routing and forwarding (VRF) instance. The VRF name can be any case-sensitive, alphanumeric string up to 32 characters. |
|
|
---|---|
This command does not require a license.
We recommend that you use the clear ip route command after using the clear forwarding route command.
This example shows how to clears a route from the FIB:
|
|
---|---|
To clear the Layer 3 inconsistency checker for the Forwarding Information Base (FIB), use the clear forwarding inconsistency command.
clear forwarding inconsistency
|
|
---|---|
This example shows how to clear the Layer 3 inconsistency checker for all modules:
|
|
---|---|
To clear adjacency statistics, use the clear ip adjacency statistics command.
|
|
This example shows how to clear the adjacency statistics:
|
|
---|---|
To clear the Address Resolution Protocol (ARP) information, use the clear ip arp command.
clear ip arp [ ip-addr | ethernet slot / port [. sub_if ] | loopback if_number | port-channel number [. sub_if_number ]] [ force-delete | statistics ] [ vrf vrf-name | all | default | management ]
|
|
This example shows how to clear the ARP table:
|
|
---|---|
To clear Border Gateway Protocol (BGP) routes from the BGP table, use the clear ip bgp command.
clear ip bgp { ipv4 { unicast | multicast } | all } { neighbor | * | as-number | peer-template name | prefix } [ vrf vrf-name | all | default | management ]
|
|
---|---|
This example shows how to clear all BGP entries for the IPv4 address family:
|
|
---|---|
To clear Border Gateway Protocol (BGP) route flap dampening information, use the clear ip bgp dampening command.
clear ip bgp [ ipv4 { unicast | multicast } | all ] dampening [ neighbor | prefix ] [ vrf vrf-name | all | default | management ]
|
|
---|---|
This example shows how to clear BGP route flap dampening information:
|
|
---|---|
To clear Border Gateway Protocol (BGP) route flap statistics, use the clear ip bgp flap-statistics command.
clear ip bgp flap-statistics [ neighbor | prefix ] [ vrf vrf-name | all | default | management ]
|
|
---|---|
This example shows how to clear BGP route flap statistics:
|
|
---|---|
To clear the prefix accounting information for the Enhanced Interior Gateway Routing Protocol (EIGRP) processes, use the clear ip eigrp accounting command.
clear ip eigrp accounting [ vrf { vrf-name | all | default | management }]
|
|
---|---|
This example shows how to clear the EIGRP accounting information:
|
|
---|---|
Displays prefix accounting information for the EIGRP processes. |
To remove and reestablish the Enhanced Interior Gateway Routing Protocol (EIGRP) neighbor entries from the appropriate table, use the clear ip eigrp neighbors command.
clear ip eigrp neighbors [ * | ip-address | ethernet slot / port | loopback if_number | port-channel number ] [ soft ] [ vrf { vrf-name | all | default | management }]
When no autonomous system number, interface, or VRF instance is specified, all EIGRP neighbor entries are cleared from the table.
|
|
---|---|
This example shows how to clear all EIGRP entries for neighbors on Ethernet interface 2/1:
|
|
---|---|
To clear redistribution information for the Enhanced Interior Gateway Routing Protocol (EIGRP), use the clear ip eigrp redistribution command.
clear ip eigrp redistribution [ vrf { vrf-name | all | default | management }]
|
|
---|---|
This example shows how to clear redistribution information:
|
|
---|---|
To clear the Enhanced Interior Gateway Routing Protocol (EIGRP) traffic statistics, use the clear ip eigrp traffic command.
clear ip eigrp traffic [ vrf { vrf-name | all | default | management }]
This command clears information for the default VRF if no VRF is specified.
|
|
---|---|
This example shows how to clear the EIGRP traffic statistics:
|
|
---|---|
To clear IP interface statistics, use the clear ip interface statistics command.
|
|
This example shows how to clear the IP interface statistics:
|
|
---|---|
To clear neighbor statistics and reset adjacencies for Open Shortest Path First (OSPF), use the clear ip ospf neighbor command.
clear ip ospf [ instance-tag ] neighbor { * | neighbor-id | interface-type number | loopback number | port-channel number } [ vrf vrf-name ]
|
|
---|---|
Use the clear ip ospf neighbor command to clear neighbor information from the show ip ospf neighbor command. Use the instance-tag argument to clear the neighbor details from one OSPF instance. If you do not use the instance-tag argument, Cisco NX-OS clears the neighbor details from all OSPF instances. Use the show ip ospf neighbor command to find the neighbor ID.
This example shows how to clear all OSPF neighbor details for neighbor 192.0.2.1 for instance tag 201:
This example shows how to clear all OSPF neighbor details for all OSPF instances:
This example shows how to clear all OSPF neighbor details for all neighbors on Ethernet interface 1/2 for OSPF instance 202:
|
|
---|---|
Displays details for OSPF neighbors including the neighbor ID. |
To clear policy statistics for Open Shortest Path First (OSPF), use the clear ip ospf policy statistics command.
clear ip ospf [ instance-tag ] policy statistics { area area-id filter-list { in | out } | redistribute { bgp autonomous-system | direct | eigrp id | ospf id | rip id | static }} [ vrf vrf-name ]
|
|
---|---|
Use the clear ip ospf statistics command to learn the policy statistics shown in the show ip ospf policy statistics command. Use the instance-tag argument to clear the policy statistics from one OSPF instance. If you do not specify the instance tag, Cisco NX-OS clears the policy statistics from all OSPF instances. Use the show ip ospf policy statistics command to to view the statistics that you are clearing.
This example shows how to clear all OSPF policy statistics for area 99 inbound filtered routes for OSPF 201:
This example shows how to clear all OSPF policy statistics for all BGP redistributed routes for OSPF 202:
|
|
---|---|
To clear redistribution information for Open Shortest Path First (OSPF), use the clear ip ospf redistribution command.
clear ip ospf redistribution [ vrf { vrf-name | all | default | management }]
(Optional) Specifies a particular virtual routing and forwarding (VRF) instance. The VRF name is a case-sensitive, alphanumeric string of up to 32 characters. |
|
|
|
---|---|
This example shows how to clear redistribution information:
|
|
---|---|
To clear Open Shortest Path First (OSPF) event statistics, use the clear ip ospf statistics command.
clear ip ospf [ instance-tag ] statistics [ vrf vrf-name ]
|
|
---|---|
Use the clear ip ospf statistics command to clear the event statistics from one or more OSPF instances. If you do not specify the instance-tag argument, Cisco NX-OS clears statistics from all OSPF instances. Use the show ip ospf statistics command to to view the statistics that you are clearing.
This example shows how to clear all OSPF event statistics:
|
|
---|---|
To clear Open Shortest Path First (OSPF) traffic statistics, use the clear ip ospf traffic command.
clear ip ospf [ instance-tag ] traffic [ interface ] [ vrf vrf-name ]
|
|
---|---|
Use the clear ip ospf traffic command to clear the traffic statistics from one or more OSPF instances. If you do not specify the instance-tag argument, Cisco NX-OS clears traffic statistics from all OSPF instances. Use the show ip ospf traffic statistics command to to view the statistics that you are clearing.
This example shows how to clear OSPF traffic statistics for OSPF 100:
|
|
---|---|
To clear policy statistics for routes redistributed into the Routing Information Protocol (RIP) topology table, use the clear ip rip policy statistics redistribute command in any mode.
clear ip rip policy statistics redistribute { bgp id | direct | eigrp id | ospf id | static } [ vrf vrf-name ]
|
|
---|---|
This example shows how to clear policy statistics for EIGRP:
|
|
---|---|
To clear the Routing Information Protocol (RIP) statistics, use the clear ip rip statistics command in any mode.
clear ip rip statistics [ interface type instance ] [ vrf vrf-name ]
(Optional) Specifies the interface to clear topology entries. |
|
(Optional) Specifies a particular virtual routing and forwarding (VRF) instance. The VRF name can be up to 32 alphanumeric characters. |
|
|
---|---|
This example shows how to clear all RIP statistics:
|
|
---|---|
Displays database and interface entry information for the RIP process. |
To clear individual routes from the unicast Routing Information Base (RIB), use the clear ip route command.
clear ip route [ * | addr | prefix ]] [ vrf vrf-name ]
|
|
Use the clear ip route command to clear individual routes from the route table.
This example shows how to clear the individual route:
|
|
---|---|
To clear IP traffic information, use the clear ip traffic command.
|
|
This example shows how to clear the IP traffic information:
|
|
---|---|
To clear the socket statistics, use the clear sockets statistics command.
clear sockets statistics [ all | raw | tcp | udp ]
|
|
This example shows how to clear the TCP socket statistics:
|
|
---|---|
To clear the Virtual Router Redundancy Protocol (VRRP) statistics, use the clear vrrp command.
clear vrrp vr id interface { ethernet slot / port | port-channel number [. sub_if_number ]}
|
|
---|---|
This example shows how to clear VRRP statistics from a specific Ethernet interface:
|
|
---|---|
To enable or restore route reflection from a Border Gateway Protocol (BGP) route reflector to clients, use the client-to-client reflection command. To disable client-to-client route reflection, use the no form of this command.
no client-to-client reflection
Client-to-client route reflection is enabled by default; when a route reflector is configured, the route reflector reflects routes from a client to other clients.
Router address-family configuration mode
|
|
---|---|
By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the no client-to-client reflection command to disable client-to-client reflection.
This example shows how to configure a router as a route reflector:
|
|
---|---|
Places the router in address family configuration mode for configuring routing sessions that use standard IPv4 address prefixes. |
|
To configure the confederation parameters for the Border Gateway Protocol (BGP), use the confederation command.
confederation { identifier | peers } as-number
Router configuration mode
Router VRF mode
|
|
This example shows how to configure the confederation identifier:
|
|
---|---|
To enable Border Gateway Protocol (BGP) route dampening or change various BGP route dampening factors, use the dampening command. To disable the function or restore the default values, use the no form of this command.
dampening [ half-life | route-map name ]
no dampening [ half-life | route-map name ]
Address family configuration mode
Router configuration mode
|
|
---|---|
If this command is used with no arguments, it enables BGP route dampening.
This example shows how to set the half life to 30 minutes:
|
|
---|---|
To set the interval during which at least one hello packet must be received from a neighbor on an Open Shortest Path First (OSPF) virtual link before the router declares that neighbor as down, use the dead interva l command. To restore the default, use the no form of this command.
Virtual link configuration mode
|
|
---|---|
The dead interval advertised in OSPF hello packets must be the same for all networking devices on the virtual link. The default value for seconds is four times the interval set by the hello-interval command.
You can configure a shorter dead interval ( seconds) to detect a down neighbor faster and improve convergence. A shorter dead interval may lead to virtual link instability by incorrectly declaring a slow neighbor as down.
Use the show ip ospf virtual-links command to verify the dead interval.
This example shows how to configure the OSPF dead interval to 20 seconds:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Configures the interval between hello packets that Cisco NX-OS sends on the virtual link. |
|
To generate a default route into the Enhanced Interior Gateway Routing Protocol (EIGRP), use the default-information originate command. To disable this feature, use the no form of this command.
default-information originate [ always ] [ route-map map-name ]
no default-information originate
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to originate a default route (0.0.0.0/0) to all routes that pass the Condition route map:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Redistributes routes from other routing protocols into EIGRP. |
|
To generate a default external route into an Open Shortest Path First (OSPF) routing domain, use the default-information originate command. To disable this feature, use the no form of this command.
default-information originate [ always ] [ route-map map-name ]
no default-information originate [ always ] [ route-map map-name ]
Advertises the default route if the route is in the route table.
|
|
---|---|
Use the route-map keyword to filter redistributed routes so that Cisco NX-OS generates a default route only for routes that pass the route map. Use the always keyword to generate the default route regardless of whether the default route is in the route table.
Note The default-information originate command ignores match statements in the optional route map.
This example shows how to configure the default route redistributed into the OSPF routing domain for the Enhanced Interior Gateway Protocol (EIGRP):
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To generate a default route into the Routing Information Protocol (RIP), use the default-information originate command. To disable this feature, use the no form of this command.
default-information originate [ always ] [ route-map map-name ]
no default-information originate
Router address-family configuration mode
|
|
---|---|
This example shows how to originate a default route (0.0.0.0/0) to all routes that pass the Condition route map:
|
|
---|---|
To set metrics for an Enhanced Interior Gateway Routing Protocol (EIGRP), use the default-metric command. To remove the metric value and restore the default state, use the no form of this command.
default-metric bandwidth delay reliability loading mtu
bandwidth: 100000
delay: 100 (tens of microseconds)
reliability: 255
loading: 1
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Use the default-metric command with the redistribute command to use the same metric value for all redistributed routes. A default metric helps to solve the problem of redistributing routes with incompatible metrics. Whenever external metrics do not convert to EIGRP metrics, you can use a default metric to provide a reasonable substitute to the external metric and enable the redistribution to proceed.
This example shows how to take redistributed Routing Information Protocol (RIP) metrics and translate them into EIGRP metrics with the following values: bandwidth = 1000, delay = 100, reliability = 250, loading = 100, and MTU = 1500.
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Redistributes routes from one routing domain into another routing domain. |
|
To set default metric values for the Open Shortest Path First (OSPF) routing protocol, use the default-metric command. To return to the default state, use the no form of this command.
no default-metric metric-value
Default metric value appropriate for the specified routing protocol. The range is from 1 to 1677214. |
The metric for redistributed, connected, and static routes is set to 25.
|
|
---|---|
Use the default-metric command with the redistribute command to configure the same metric value for all redistributed routes except static and directly connected routes. A default metric helps to redistribute routes with incompatible metrics. Whenever external route metrics do not convert to an OSPF metric, use a default metric to enable the redistribution to proceed.
Note The default-metric command does not apply to the redistribution of directly connected routes into OSPF. Use a route map to change the default metric for directly connected routes.
This example shows how to configure OSPF to redistribute RIP and BGP and set the default metric to 10:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To set default metric values for the Routing Information Protocol (RIP), use the default-metric command in router address-family configuration mode. To return to the default state, use the no form of this command.
Router address-family configuration mode
|
|
---|---|
Use the default-metric command with the redistribute command to use the same metric value for all redistributed routes. A default metric helps to solve the problem of redistributing routes with incompatible metrics. Whenever external metrics do not convert to RIP metrics, you can use a default metric to provide a reasonable substitute to the external metric and enable the redistribution to proceed.
This example shows how to advertise Open Shortest Path First (OSPF) routes using RIP and assign the OSPF-derived routes with a RIP metric of 10:
|
|
---|---|
Generates a default route for routes redistributed into RIP. |
|
Redistributes routes from one routing domain into another routing domain. |
|
To delay the Hot Standby Router Protocol (HSRP) initialization after a reload or after an interface comes up, use the delay minimum command. To disable this function, use the no form of this command.
delay minimum [ min-delay ] reload [ reload-delay ]
no delay minimum [ min-delay ] reload [ reload-delay ]
|
|
---|---|
The delayed HSRP initialization configuration allows the interface and router to stabilize after the interface comes up and helps to prevent HSRP state flapping.
This example shows how to configure a minimum delay of 3 seconds and a group initialization delay of 10 seconds:
|
|
---|---|
To delay a state change for object tracking, use the delay command. To disable this function, use the no form of this command.
delay { up up-time [ down down-time ] | down down-time [ up up-time ]}
Delays the object track state change for an up condition. The range is from 0 to 180 seconds. |
|
Delays the object track state change for a down condition. The range is from 0 to 180 seconds. |
|
|
---|---|
Use this command to delay when object tracking detects an up or down state change for a tracked object or track list. This delay helps to prevent state flapping.
This example shows how to configure the delay timer for a tracked object:
|
|
---|---|
To allow the use of two administrative distances—internal and external—for the Enhanced Interior Gateway Routing Protocol (EIGRP) that could provide a better route to a node, use the distance command. To return to the default setting, use the no form of this command.
distance internal-distance external-distance
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual router or a group of routers. Numerically, an administrative distance is an integer from 0 to 255. In general, a higher value indicates a lower trust rating. An administrative distance of 255 means that the routing information source cannot be trusted and should be ignored.
Use the distance command if another protocol is known to provide a better route to a node than was actually learned through the external EIGRP or some internal routes should be preferred by EIGRP.
This example shows how to set the administrative distance of all EIGRP 1 internal routes to 80 and all EIGRP external routes to 130:
|
|
---|---|
To define the Open Shortest Path First (OSPF) route administrative distance, use the distance command. To restore the default, use the no form of this command.
Administrative distance for all routes local to this OSPF process. The range is from 1 to 255. |
|
|
---|---|
Use this command to set a distance for an entire group of routes or when you configure multiple routing protocols and you want to choose one set of routes over the other.
This example shows how to set the distance to 200, making the route less reliable:
|
|
---|---|
Saves this configuration change to the startup configuration file. |
To define the administrative distance assigned to routes discovered by the Routing Information Protocol (RIP), use the distance command. To remove the distance and restore the system to its default condition, use the no form of this command.
Administrative distance to be assigned to RIP routes. The range is from 1 to 255. |
Router address-family configuration mode
|
|
---|---|
Use this command to change the preference of RIP routes over other protocol routes. Numerically, an administrative distance is an integer from 1 to 255. In general, a higher value indicates a lower trust rating. An administrative distance of 255 means that the routing information source cannot be trusted at all and should be ignored.
This example shows how to set the administrative distance for RIP:
|
|
---|---|
Displays a summary of RIP information for all RIP instances. |
To configure the exterior Border Gateway Protocol (eBGP) time-to-live (TTL) value to support eBGP multihop, use the ebgp-multihop command. To return to the default setting, use the no form of this command.
TTL value for eBGP multihop. The range is from 2 to 255. You must manually reset the BGP sessions after using this command. |
BGP neighbor configuration mode
|
|
---|---|
In some situations, an eBGP peer is not directly connected to another eBGP peer and requires multiple hops to reach the remote eBGP peer. You can configure the eBGP TTL value for a neighbor session to allow these multihop sessions.
This example shows how to configure the eBGP multihop value:
|
|
---|---|
To enable the logging of changes in Enhanced Interior Gateway Routing Protocol (EIGRP) neighbor adjacencies, use the eigrp log-neighbor-changes command. To disable the logging of changes in EIGRP neighbor adjacencies, use the no form of this command.
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to enable logging of neighbor changes for EIGRP process 209:
|
|
---|---|
To enable the logging of Enhanced Interior Gateway Routing Protocol (EIGRP) neighbor warning messages and to configure the interval between repeated neighbor warning messages, use the eigrp log-neighbor-warnings command. To disable the logging of EIGRP neighbor warning messages, use the no form of this command.
eigrp log-neighbor-warnings [ seconds ]
no eigrp log-neighbor-warnings
(Optional) Time interval (in seconds) between repeated neighbor warning messages. The range of seconds is from 1 to 65535. |
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to log neighbor warning messages for EIGRP process 209 and to repeat the warning messages in 5-minute (300 seconds) intervals:
|
|
---|---|
To set the router ID used by the Enhanced Interior Gateway Routing Protocol (EIGRP) when communicating with its neighbors, use the eigrp router-id command. To remove the configured router ID, use the no form of this command.
EIGRP automatically selects an IP address to use as the router ID when an EIGRP process is started.
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
EIGRP automatically selects an IP address to use as the router ID when an EIGRP process is started. The highest local IP address is selected and loopback interfaces are preferred. The router ID is not changed unless the EIGRP process is removed with the no router eigrp command or if the router ID is manually configured with the eigrp router-id command.
The router ID is used to identify the originating router for external routes. If an external route is received with the local router ID, the route is discarded. The router ID can be configured with any IP address with two exceptions; 0.0.0.0 and 255.255.255.255 are not legal values and cannot be entered. You should configure a unique value for each router.
This example shows how to configure 192.168.0.3 as a fixed router ID:
|
|
---|---|
To configure a router as a stub using the Enhanced Interior Gateway Routing Protocol (EIGRP), use the eigrp stub command. To disable the EIGRP stub routing feature, use the no form of this command.
eigrp stub [ direct | leak-map map-name | receive-only | redistributed ]
no eigrp stub [ direct | leak-map map-name | receive-only | redistributed ]]
(Optional) Advertises directly connected routes. This is enabled by default. |
|
(Optional) Advertises redistributed routes from other protocols and autonomous systems. |
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
The receive-only keyword restricts the router from sharing any of its routes with any other router in that EIGRP autonomous system, and the receive-only keyword does not permit any other option to be specified because it prevents any type of route from being sent.
The redistributed keyword permits the EIGRP Stub Routing feature to send other routing protocols and autonomous systems. Without the configuration of this option, EIGRP does not advertise redistributed routes.
If you use any of these four keywords (direct, leak-map, receive-only, redistributed) with the eigrp stub command, only the route types specified by the particular keyword are advertised.
This example shows how to configure the router as a receive-only neighbor:
|
|
---|---|
To enable the Border Gateway Protocol (BGP), use the feature bgp command. To disable BGP, use the no form of this command.
|
|
---|---|
You must enable the BGP feature before you can configure BGP.
This example shows how to enable a BGP configuration:
This example shows how to disable the BGP feature:
|
|
---|---|
To enable the Enhanced Interior Gateway Protocol (EIGRP), use the feature eigrp command. To disable EIGRP, use the no form of this command.
|
|
---|---|
You must enable the EIGRP feature before you can configure EIGRP.
This example shows how to enable the EIGRP feature:
This example shows how to disable the EIGRP feature:
|
|
---|---|
To enter Hot Standby Router Protocol (HSRP) configuration mode and enable HSRP, use the feature hsrp command. To disable HSRP, use the no form of this command.
|
|
---|---|
You must enable the HSRP feature before you can configure HSRP.
This example shows how to enable HSRP on the switch:
This example shows how to disable HSRP:
|
|
---|---|
To enable the Open Shortest Path First Protocol (OSPF), use the feature ospf command. To disable OSPF, use the no form of this command.
|
|
---|---|
You must enable the OSPF feature before you can configure OSPF.
This example shows how to enable the OSPF feature:
This example shows how to disable the OSPF feature:
|
|
---|---|
To enable the policy-based routing (PBR) feature, use the feature pbr command. To disable PBR, use the no form of this command.
|
|
---|---|
You must enable the PBR feature before you can configure policy-based routing.
This example shows how to enable the PBR feature:
This example shows how to disable the PBR feature:
|
|
---|---|
To enable the Routing Information Protocol (RIP), use the feature rip command. To disable RIP, use the no form of this command.
|
|
---|---|
You must enable the RIP feature before you can configure RIP.
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to enable the RIP feature:
This example shows how to disable the RIP feature:
|
|
---|---|
To enable the Virtual Router Redundancy Protocol (VRRP), use the feature vrrp command. To disable VRRP, use the no form of this command.
|
|
---|---|
You must enable the VRRP feature before you can configure VRRP.
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to enable the VRRP feature:
This example shows how to disable the VRRP feature:
|
|
---|---|
Clears all the software counters for the specified virtual router. |
|
To flush all EIGRP routes in the unicast RIB when an EIGRP instance restarts, use the flush-routes command. To disable this feature, use the no form of this command.
|
|
---|---|
This example shows how to flush routes when an EIGRP instance restarts:
|
|
---|---|
To flush routes on a restart for the Open Shortest Path First (OSPF) protocol, use the flush-routes command. To disable this feature, use the no form of this command.
|
|
---|---|
This command causes OSPF to unregister from the unicast RIB when OSPF shuts down. The unicast RIB removes all the routes associated with this OSPF instance. If you do not configure the flush-routes command, OSPF does not unregister and the OSPF routes will be stale. The OSPF routes are eventually removed from the unicast RIB after a timeout period.
This example shows how to flush routes for an OSPF restart:
|
|
---|---|
To enable Address Resolution Protocol (ARP) throttling, use the hardware ip glean throttle command. To return to the default setting, use the no form of this command.
|
|
---|---|
Note We recommend that you configure the IP glean throttle feature by using the hardware ip glean throttle command to filter the unnecessary glean packets that are sent to the supervisor for ARP resolution for the next hops that are not reachable or do not exist. IP glean throttling boosts software performance and helps to manage traffic more efficiently.
This example shows how to enable ARP throttling:
switch(config)#
hardware ip glean throttle
switch(config)#
|
|
---|---|
To limit the maximum number of drop adjacencies that will be installed in the Forwarding Information Base (FIB), use the hardware ip glean throttle maximum command. To apply the default limits, use the no form of this command.
hardware ip glean throttle maximum count
no hardware ip glean throttle maximum
|
|
---|---|
Before you use this command, make sure that you enable the IP glean throttle feature by using the hardware ip glean throttle command.
If the maximum number of entries are exceeded, the packets for which ARP is not resolved continue to be processed in the software instead of getting dropped in the hardware.
This example shows how to limit the maximum number of drop adjacencies that are installed in the FIB:
|
|
---|---|
To generate a syslog if the number of packets that get dropped for a specific flow exceeds the configured packet count, use the hardware ip glean throttle syslog command. To return to the default setting, use the no form of this command.
hardware ip glean throttle syslog pkt-count
no hardware ip glean throttle syslog
|
|
---|---|
Before you use this command, make sure that you enable the IP glean throttle feature by using the hardware ip glean throttle command.
After the timeout period is exceeded, the drop adjacencies are removed from the FIB.
Note The Adjmgr generates a syslog for the configured packet count that will not be accurate to the dropped glean packets that are forwarded to the FIB. The drop statistics collected from the FIB in the software (Adjmgr) occurs every 2 minutes. The Adjmgr generates a syslog only after it receives the statistics from the FIB every 2 minutes only for the adjacencies where the drop count exceeds the configured packet count.
This example shows how to generate a syslog if the number of packets that get dropped for a specific flow exceed the configured packet count:
switch(config)#
hardware ip glean throttle syslog 1030
switch(config)#
|
|
---|---|
To configure a timeout for the installed drop adjacencies to remain in the Forwarding Information Base (FIB), use the hardware ip glean throttle timeout command. To return to the default setting, use the no form of this command.
hardware ip glean throttle timeout timeout-in-sec
no hardware ip glean throttle timeout
|
|
---|---|
Before you use this command, make sure that you enable the IP glean throttle feature by using the hardware ip glean throttle command.
The timeout value (seconds) must be in multiples of 30.
After the timeout period is exceeded, the drop adjacencies are removed from the FIB.
This example shows how to limit the maximum number of drop adjacencies that are installed in the FIB:
switch(config)#
hardware ip glean throttle timeout 300
switch(config)#
|
|
---|---|
To specify the interval between hello packets that Cisco NX-OS sends on an Open Shortest Path First (OSPF) virtual link, use the hello-interval command. To return to the default setting, use the no form of this command.
Hello interval (in seconds). The value must be the same for all nodes on a specific virtual link. The range is from 1 to 65535. |
Virtual link configuration mode
|
|
---|---|
A shorter hello interval detects topological changes faster but causes more routing traffic. The hello interval must be the same for all devices on a virtual link.
This example shows how to configure the hello interval to 15 seconds:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Sets the time period to declare a neighbor as down if the local device receives no hello packets. |
|
To enter Hot Standby Router Protocol (HSRP) configuration mode and create an HSRP group, use the hsrp command. To disable HSRP, use the no form of this command.
Number of HSRP groups that can be configured on a Gigabit Ethernet port, including the main interfaces and subinterfaces. The range is from 1 to 255. The default value is 0. |
|
|
|
---|---|
You must globally enable HSRP before you can configure any HSRP options or create an HSRP group.
This example shows how to create and activate an HSRP group:
|
|
---|---|
Creates a virtual IP address for the HSRP group. The IP address must be in the same subnet as the interface IP address. |
To delay Hot Standby Router Protocol (HSRP) initialization after a reload or after an interface comes up, use the hsrp delay command. To disable this function, use the no form of this command.
hsrp delay { minimum min-delay | reload reload-delay }
no delay { minimum min-delay | reload reload-delay }
|
|
---|---|
The HSRP delayed initialization configuration allows the interface and router to stabilize after the interface comes up and helps prevent HSRP state flapping.
This example shows how to configure a minimum delay of 3 seconds and a group initialization delay of 10 seconds:
|
|
---|---|
To assign a virtual address to a Hot Standby Router Protocol (HSRP) group, use the ip command. To disable HSRP in the group, use the no form of this command.
ip [ autoconfig | ip-address [ secondary ]]
no ip [ autoconfig | ip-address [ secondary ]]
|
|
---|---|
If you configure a virtual IP address, that address is the designated virtual IP address for the entire HSRP group. For IPv4 groups, if you do not configure a virtual IP address, the gateway learns the virtual IP address from another gateway in the same HSRP group. To allow HSRP to elect an active virtual gateway (AVG), you must configure at least one gateway on the LAN with a virtual IP address.
Configuring the virtual IP address on the AVG always overrides a virtual IP address that is in use.
When you configure the ip command for an IPv4 HSRP group on an interface, the handling of proxy Address Resolution Protocol (ARP) requests changes (unless proxy ARP was disabled). Hosts send ARP requests to map an IP address to a MAC address. The HSRP gateway intercepts the ARP requests and replies to the ARP requests on behalf of the connected nodes. If a forwarder in the HSRP group is active, proxy ARP requests are answered using the MAC address of the first active forwarder in the group. If no forwarder is active, proxy ARP responses are suppressed.
Note You must configure all HSRP options before you use the ip command to assign a virtual IP address and activate the HSRP group so that you can avoid authentication error messages and unexpected state changes that can occur in other routers when a group is enabled first and then there is a delay before the configuration is created. We recommend that you always specify an IP address.
This example shows how to activate HSRP for group 10 on Ethernet interface 1/1. The virtual IP address used by the HSRP group is set to 192.0.2.10.
This example shows how to activate HSRP for group 10 on Ethernet interface 2/1. The virtual IP address used by the HSRP group will be learned from another gateway configured to be in the same HSRP group.
This example shows how to activate HSRP for group 2 on Ethernet interface 1/1 and creates a secondary IP address on the interface:
|
|
---|---|
To set a primary or secondary IP address for an interface, use the ip address command. To remove an IP address or disable IP processing, use the no form of this command.
ip address ip-address mask [ secondary ]
no ip address ip-address mask [ secondary ]
No IP address is defined for the interface.
Interface configuration mode
Subinterface configuration mode
|
|
---|---|
Note Before you use this command, make sure that you use the no switchport command on the interface to use the Layer 3 features.
An interface can have one primary IP address and one secondary IP address.
You can disable IP processing on a particular interface by removing its IP address with the no ip address command.
The optional secondary keyword allows you to specify a secondary IP address. Secondary addresses are treated like primary addresses, except the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and Address Resolution Protocol (ARP) requests are handled, as are interface routes in the IP routing table.
Note When you are routing using the Open Shortest Path First (OSPF) algorithm, ensure that the secondary address of an interface fall into the same OSPF area as the primary addresses. Make sure that the LAN Enterprise Services license is installed.
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to configure the IP address 192.168.0.27 as the primary address and 192.168.0.5 as the secondary address for Ethernet interface 1/5:
|
|
---|---|
Saves the configuration change to the startup configuration file. |
|
To configure a static Address Resolution Protocol (ARP) entry, use the ip arp command. To remove a static ARP entry, use the no form of this command.
Interface configuration mode
Subinterface configuration mode
|
|
---|---|
Use this command on Layer 3 interfaces and Layer 3 subinterfaces.
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to configure a static ARP entry on interface Ethernet 1/2:
This example shows how to configure a static ARP entry on a subinterface:
|
|
---|---|
To enable gratuitous Address Resolution Protocol (ARP), use the ip arp gratuitous command. To disable gratuitous ARP, use the no form of this command.
ip arp gratuitous { request | update }
no ip arp gratuitous { request | update }
Enables sending gratuitous ARP requests when a duplicate address is detected. |
|
|
|
---|---|
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to disable gratuitous ARP request on interface Ethernet 2/1:
|
|
To configure the syslog threshold for the IP Address Resolution Protocol (ARP) table so that a syslog message is generated when the table capacity reaches the specified percentage, use the ip arp syslog-threshold command. To reset the value to the default, use the no form of this command.
ip arp syslog-threshold percentage
Percentage of table capacity. The range is from 1 to 100. The default value is 90 percent. |
|
|
This example shows how to set the syslog threshold to 20 percent for the IP ARP table:
|
|
---|---|
Copies the running configuration to the startup configuration file. |
|
To configure an Address Resolution Protocol (ARP) timeout, use the ip arp timeout command. To revert to the default value, use the no form of this command.
Time (in seconds) that an entry remains in the ARP cache. Valid values are from 60 to 28800, and the default is 1500. |
|
|
---|---|
If the Cisco Nexus 3548 switch is used as a Layer 2 or Layer 3 termination switch, Cisco recommends that you set the mac-address-aging-time to 1800 (higher than the default ARP aging time of 1500 seconds) on all VLANs. Cisco Nexus 3548 switch does not support per-VLAN cam aging timers.
This example shows how to configure the ARP timeout value to 120 seconds:
This example shows how to revert to the default ARP timeout value of 1500 seconds:
|
|
---|---|
Displays the ARP configuration, including the default configurations. |
To configure an access-list filter for Border Gateway Protocol (BGP) autonomous system (AS) numbers, use the ip as-path access-list command. To remove the filter, use the no form of this command.
ip as-path access-list name { deny | permit } regexp
no ip as-path access-list name { deny | permit } regexp
|
|
You can apply autonomous system path filters to both inbound and outbound BGP paths. Each filter is defined by the regular expression. If the regular expression matches the representation of the autonomous system path of the route as an ASCII string, then the permit or deny condition applies. The autonomous system path should not contain the local autonomous system number.
This example shows how to configure an AS path filter for BGP to permit AS numbers 55:33 and 20:01 and apply it to a BGP peer for inbound filtering:
|
|
---|---|
To enable authentication for the Enhanced Interior Gateway Routing Protocol (EIGRP) packets and to specify the set of keys that can be used on an interface, use the ip authentication key-chain eigrp command. To prevent authentication, use the no form of this command.
ip authentication key-chain eigrp instance-tag name-of-chain
no ip authentication key-chain eigrp instance-tag name-of-chain
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
|
---|---|
You must set the authentication mode using the ip authentication mode eigrp command in interface configuration mode. You must separately configure a key chain using the key-chain command to complete the authentication configuration for an interface.
This example shows how to configure the interface to accept and send any key that belongs to the key-chain trees:
|
|
Creates a set of keys that can be used by an authentication method. |
|
To specify the type of authentication used in the Enhanced Interior Gateway Routing Protocol (EIGRP) packets, use the ip authentication mode eigrp command. To remove authentication, use the no form of this command.
ip authentication mode eigrp instance-tag md5
no ip authentication mode eigrp instance-tag md5
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
|
---|---|
This example shows how to configure the interface to use MD5 authentication:
To configure the bandwidth metric on an Enhanced Interior Gateway Routing Protocol (EIGRP) interface, use the ip bandwidth eigrp command. To restore the default, use the no form of this command.
ip bandwidth eigrp instance-tag bandwidth
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
Bandwidth value. The range is from 1 to 2,560,000,000 kilobits. |
|
|
---|---|
This example shows how to configure EIGRP to use a bandwidth metric of 10000 in autonomous system 209:
|
|
---|---|
Sets the percent of the interface bandwidth that EIGRP can use. |
|
To configure the percentage of bandwidth that may be used by the Enhanced Interior Gateway Routing Protocol (EIGRP) on an interface, use the ip bandwidth-percent eigrp command. To restore the default, use the no form of this command.
ip bandwidth-percent eigrp instance-tag percent
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
|
---|---|
EIGRP uses up to 50 percent of the bandwidth of a link, as defined by the ip bandwidth interface configuration command. Use the ip bandwidth-percent command to change this default percent.
This example shows how to configure EIGRP to use up to 75 percent of an interface in autonomous system 209:
|
|
---|---|
To create a community list entry, use the ip community-list command. To remove the entry, use the no form of this command.
ip community-list standard list-name { deny | permit } { aa : nn | internet | no-advertise | no-export }
no ip community-list standard list-name
ip community-list expanded list-name { deny | permit } regexp
no ip community-list expanded list-name
|
|
---|---|
The ip community-list command is used to configure BGP community filtering. BGP community values are configured as a 4-byte number. The first two bytes represent the autonomous system number, and the last two bytes represent a user-defined network number. BGP community attribute exchange between BGP peers is enabled when the send-community command is configured for the specified neighbor. The BGP community attribute is defined in RFC 1997 and RFC 1998.
BGP community exchange is not enabled by default. Use the send-community command in BGP neighbor fix-family configuration mode to enable a BGP community attribute exchange between BGP peers.
The Internet community is applied to all routes or prefixes by default until any other community value is configured with this command or the set community command.
Once you configure a permit value to match a given set of communities, the community list defaults to an implicit deny for all other community values. Use the internet community to apply an implicit permit to the community list.
Standard community lists are used to configure well-known communities and specific community numbers. You can pick more than one of the optional community keywords.A maximum of 16 communities can be configured in a standard community list. If you attempt to configure more than 16 communities, the communities that exceed the limit are not processed or saved to the running configuration file.
You can configure up to 32 communities.
Expanded community lists are used to filter communities using a regular expression. Regular expressions are used to configure patterns to match community attributes. The order for matching using the * or + character is the longest construct is first. Nested constructs are matched from the outside in. Concatenated constructs are matched beginning at the left side. If a regular expression can match two different parts of an input string, it matches the earliest part first.
When multiple values are configured in the same community list statement, a logical AND condition is created. All community values must match to satisfy an AND condition. When multiple values are configured in separate community list statements, a logical OR condition is created. The first list that matches a condition is processed.
This example shows how to configure a standard community list where the routes with this community are advertised to all peers (internal and external):
This example shows how to configure a logical AND condition; all community values must match in order for the list to be processed:
In the above example, a standard community list is configured that permits routes from the following:
This example shows how to configure a standard community list that denies routes that carry communities from network 40 in autonomous system 65534 and from network 60 in autonomous system 65412. This example shows a logical AND condition; all community values must match in order for the list to be processed.
This example shows how to configure a named standard community list that permits routes from network 20 in autonomous system 40000.
This example shows how to configure an expanded community list that denies routes that carry communities from any private autonomous system:
This example shows how to configure a named expanded community list that denies routes from network 1 through 99 in autonomous system 50000:
|
|
---|---|
Configures BGP to propagate community attributes to BGP peers. |
|
To configure the throughput delay for the Enhanced Interior Gateway Routing Protocol (EIGRP) on an interface, use the ip delay eigrp command. To restore the default, use the no form of this command.
ip delay eigrp instance-tag seconds
no ip delay eigrp instance-tag
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
Throughput delay, in tens of microseconds. The range is from 1 to 16777215. |
|
|
---|---|
You configure the throughput delay on an interface in 10-microsecond units. For example, if you set the ip delay eigrp command to 100, the throughput delay is 1000 microseconds.
This example shows how to set the delay to 400 microseconds for the interface:
|
|
---|---|
Configures the hello interval on an interface for the EIGRP routing process that is designated by an autonomous system number. |
|
To enable the translation of a directed broadcast to physical broadcasts, use the ip directed-broadcast command. To disable this function, use the no form of this command.
Interface configuration mode
Subinterface configuration mode
|
|
---|---|
An IP directed broadcast is an IP packet whose destination address is a valid broadcast address for some IP subnet but which originates from a node that is not itself part of that destination subnet.
A device that is not directly connected to its destination subnet forwards an IP directed broadcast in the same way it would forward unicast IP packets destined to a host on that subnet. When a directed broadcast packet reaches a device that is directly connected to its destination subnet, that packet is broadcast on the destination subnet. The destination address in the IP header of the packet is rewritten to the configured IP broadcast address for the subnet, and the packet is sent as a link-layer broadcast.
If directed broadcast is enabled for an interface, incoming IP packets whose addresses identify them as directed broadcasts intended for the subnet to which that interface is attached are broadcast on that subnet.
If the no ip directed-broadcast command has been configured for an interface, directed broadcasts destined for the subnet to which that interface is attached are dropped, rather than being broadcast.
Note Because directed broadcasts, and particularly Internet Control Message Protocol (ICMP) directed broadcasts, have been abused by malicious persons, we recommend that you disable the ip directed-broadcast command on any interface where directed broadcasts are not needed. We also recommend that you use access lists to limit the number of broadcast packets.
This example shows how to enable forwarding of IP directed broadcasts on Ethernet interface 2/1:
|
|
---|---|
To configure a distribution list for the Enhanced Interior Gateway Routing Protocol (EIGRP) on an interface, use the ip distribute-list eigrp command. To restore the default, use the no form of this command.
ip distribute-list eigrp instance-tag { prefix-list list-name | route-map map-name } { in | out }
no ip distribute-list eigrp instance-tag { prefix-list list-name | route-map map-name } { in | out }
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
Specifies the name of an IP prefix list to filter EIGRP routes. |
|
|
|
---|---|
You must configure the named route map or prefix list to complete this configuration.
This example shows how to configure a route map for all EIGRP routes coming into the interface:
|
|
---|---|
To shut down the Enhanced Interior Gateway Routing Protocol (EIGRP) on an interface, use the ip eigrp shutdown command. To restore the default, use the no form of this command.
ip eigrp instance-tag shutdown
no ip eigrp instance-tag shutdown
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
---|---|
When you shut down the interface for EIGRP and prevent EIGRP adjacency for the interface for maintenance purposes, the network address for the interface does not show up in the EIGRP topology table. Use the ip passive-interface eigrp command to prevent EIGRP adjacency but keep the network address in the topology table.
This example shows how to disable EIGRP on an interface:
|
|
---|---|
To create an extended community list entry, use the ip extcommunity-list command. To remove the entry, use the no form of this command.
ip extcommunity-list standard list-name {{ deny | permit } 4byteas-generic { transitive | nontransitive } aa4 : nn }
no ip extcommunity-list standard list-name [[ deny | permit ] 4byteas-generic { transitive | nontransitive } aa4 : nn ]
ip extcommunity-list expanded list-name { deny | permit } regexp
no ip extcommunity-list expanded list-name [[ deny | permit ] regexp ]
|
|
---|---|
Extended community values are configured as a 6-byte number. The first four bytes represent the autonomous system number, and the last two bytes represent a user-defined network number. The BGP generic specific community attribute is defined in draft-ietf-idr-as4octet-extcomm-generic-subtype-00.txt.
BGP extended community exchange is not enabled by default. Use the send-extcommunity command in BGP neighbor fix-family configuration mode to enable extended community attribute exchange between BGP peers.
Once you configure a permit value to match a given set of extended communities, the extended community list defaults to an implicit deny for all other extended community values.
Standard Extended Community Lists
Use standard extended community lists to configure specific extended community numbers. You can configure a maximum of 16 extended communities in a standard extended community list.
Expanded Extended Community Lists
Use expanded extended community lists to filter communities using a regular expression. Use regular expressions to configure patterns to match community attributes. The order for matching using the * or + character is the longest construct is first. Nested constructs are matched from the outside in. Concatenated constructs are matched beginning at the left side. If a regular expression can match two different parts of an input string, it matches the earliest part first.
When you configure multiple values in the same extended community list statement, a logical AND condition is created. All extended community values must match to satisfy the AND condition. When you configure multiple values in separate community list statements, a logical OR condition is created. The first list that matches a condition is processed.
This example shows how to configure a standard generic specific extended community list that permits routes from network 40 in autonomous system 1.65534 and from network 60 in autonomous system 1.65412:
All community values must match in order for the list to be processed.
This example shows how to configure an expanded extended community list that permits advertisements that contain a route target extended community attribute beginning with the pattern 100:.
|
|
---|---|
Configures BGP to propagate community attributes to BGP peers. |
|
To configure the Enhanced Interior Gateway Routing Protocol (EIGRP) hello interval for an interface, use the ip hello-interval eigrp command. To restore the default, use the no form of this command.
ip hello-interval eigrp instance-tag seconds
no ip hello-interval eigrp instance-tag
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
|
---|---|
This example shows how to set the hello interval to 10 seconds for the interface:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To configure the hold time for an Enhanced Interior Gateway Routing Protocol (EIGRP) interface, use the ip hold-time eigrp command. To restore the default, use the no form of this command.
ip hold-time eigrp instance-tag seconds
no ip hold-time eigrp instance-tag
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
|
---|---|
We recommend that you configure the hold time to be at least three times the hello interval. If a router does not receive a hello packet within the specified hold time, routes through this router are considered unavailable.
Increasing the hold time delays route convergence across the network.
This example shows how to set the hold time to 40 seconds for the interface:
To configure the load-sharing algorithm used by the unicast Forwarding Information Base (FIB), use the ip load-sharing address command. To restore the default, use the no form of this command.
ip load-sharing address { destination port destination | source-destination [ port source-destination ]} [ universal-id seed ]
no ip load-sharing address { destination port destination | source-destination [ port source-destination ]} [ universal-id seed ]
|
|
---|---|
This example shows how to set the load-sharing algorithm to use the source and destination address:
|
|
---|---|
Displays the path the RIB and FIB select for a source and destination pair. |
To enable the local proxy Address Resolution Protocol (ARP) feature, use the ip local-proxy-arp command. To disable this feature, use the no form of this command.
Interface configuration mode
Subinterface configuration mode
|
|
Before the local proxy ARP feature can be used, you must enable the IP proxy ARP feature by using the ip proxy-arp command. The IP proxy ARP feature is disabled by default.
Note This command is not applicable to Layer 3 loopback interfaces.
This example shows how to enable the local proxy ARP:
|
|
---|---|
To instruct the Enhanced Interior Gateway Routing Protocol (EIGRP) process to use the local IP address as the next-hop address when advertising these routes, use the ip next-hop-self eigrp command. To use the received next-hop value, use the no form of this command.
ip next-hop-self eigrp instance-tag
no ip next-hop-self eigrp instance-tag
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
---|---|
EIGRP, by default, sets the IP next-hop value to be itself for routes that it is advertising, even when advertising those routes on the same interface from which the router learned them. To change this default, you must use the no ip next-hop-self eigrp command to instruct EIGRP to use the received next-hop value when advertising these routes.
This example shows how to change the default IP next-hop value and instruct EIGRP to use the received next-hop value:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To configure an offset list for the Enhanced Interior Gateway Routing Protocol (EIGRP) on an interface, use the ip offset-list eigrp command. To restore the default, use the no form of this command.
ip offset-list eigrp instance-tag { prefix-list list-name | route-map map-name } { in | out } offset
no ip offset-list eigrp instance-tag { prefix-list list-name | route-map map-name } { in | out } offset
|
|
---|---|
Cisco NX-OS adds the configured offset value to any routes that match the configure prefix list or route map. You must configure the named route map or prefix list to complete this configuration.
This example shows how to configure an offset list filter to add 20 to the metric for EIGRP routes coming into the interface that match the route map OffsetFilter:
|
|
---|---|
To specify the authentication type for an Open Shortest Path First (OSPF) interface, use the ip ospf authentication command. To remove the authentication type for an interface, use the no form of this command.
ip ospf authentication [ key-chain key-name | message-digest | null ]
|
|
---|---|
If you use this command with no keywords, use the ip ospf authentication-key command to configure the password. If you use the message-digest keyword, use the ip ospf message-digest-key command to configure the message-digest key for the interface.
The authentication that you configure on an interface overrides the authentication that you configure for the area.
This example shows how to configure message-digest authentication:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Assigns a password to be used by neighboring routers that are using the password authentication of OSPF. |
|
To assign a password for simple password authentication to be used by neighboring Open Shortest Path First (OSPF) routers, use the ip ospf authentication-key command. To remove a previously assigned OSPF password, use the no form of this command.
ip ospf authentication-key [ 0 | 3 | 7 ] password
(Optional) Configures a Cisco type 7 encrypted password string. |
|
Any continuous string of characters that can be entered from the keyboard up to 8 bytes. |
|
|
---|---|
The password created by this command is used as a key that is inserted directly into the OSPF header when Cisco NX-OS originates routing protocol packets. You can assign a separate password to each network on a per-interface basis. All neighboring routers on the same network must have the same password to be able to exchange OSPF information.
Note Cisco NX-OS uses this key when you enable authentication for an interface with the ip ospf authentication interface configuration command or if you configure the area for authentication with the area authentication command in router configuration mode.
This example shows how to configure an unencrypted authentication key with the string yourpass:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To specify the cost of sending a packet on an interface, use the ip ospf cost command. To reset the path cost to the default, use the no form of this command.
no ip ospf cost interface-cost
Unsigned integer value expressed as the link-state metric. The range is from 1 to 65535. |
Calculates the cost based on the reference bandwidth divided by the configured interface bandwidth. You can configure the reference bandwidth or it defaults to 40 Gb/s.
|
|
---|---|
This command overrides any settings for the reference bandwidth that you set using the reference-bandwidth command in router configuration mode.
If this command is not used, the link cost is calculated using the following formula:
This example shows how to configure the interface cost value to 65:
switch(config)#
interface ethernet 1/2
switch(config-if)#
ip ospf cost 65
switch(config-if)#
|
|
---|---|
Specifies the reference bandwidth that OSPF uses to calculate the link cost. |
To set the interval during which at least one hello packet must be received from a neighbor before the router declares that neighbor as down, use the ip ospf dead-interval command. To restore the default, use the no form of this command.
The default for seconds is four times the interval set by the ip ospf hello-interval command.
|
|
---|---|
The dead interval value must be the same for all networking devices on a specific network.
Configure a shorter dead interval to detect down neighbors faster and improve convergence. Very short dead intervals could cause routing instability.
Use the show ip ospf interface command to verify the dead interval and hello interval.
This example shows how to set the OSPF dead interval to 20 seconds:
|
|
---|---|
Specifies the interval between hello packets that OSPF sends on the interface. |
|
To specify the interval between hello packets that Open Shortest Path First (OSPF) sends on the interface, use the ip ospf hello-interval command. To return to the default, use the no form of this command.
ip ospf hello-interval seconds
Interval (in seconds). The value must be the same for all nodes on a specific network. The range is from 1 to 65535. |
|
|
---|---|
Shorter hello intervals allow OSPF to detect topological changes faster. This value must be the same for all routers and access servers on a specific network.
This example shows how to set the interval between hello packets to 15 seconds:
To enable Open Shortest Path First (OSPF) Message Digest 5 (MD5) authentication, use the ip ospf message-digest-key command. To remove an old MD5 key, use the no form of this command.
ip ospf message-digest-key key-id md5 [ 0 | 3 | 7 ] key
no ip ospf message-digest-key key-id
|
|
---|---|
All neighbor routers must have the same key value on the network.
This example shows how to set key 19 with the password 8ry4222:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To disable Open Shortest Path First (OSPF) maximum transmission unit (MTU) mismatch detection on received Database Descriptor (DBD) packets, use the ip ospf mtu-ignore command. To return to the default, use the no form of this command.
|
|
---|---|
By default, OSPF checks whether neighbors are using the same MTU on a common interface. If the receiving MTU is higher than the IP MTU configured on the incoming interface, OSPF does not establish adjacencies. Use the ip ospf mtu-ignore command to disable this check and allow adjacencies when the MTU value differs between OSPF neighbors.
This example shows how to disable MTU mismatch detection on received DBD packets:
|
|
---|---|
To configure the Open Shortest Path First (OSPF) network type to a type other than the default for an interface, use the ip ospf network command. To return to the default, use the no form of this command.
ip ospf network { broadcast | point-to-point }
|
|
---|---|
The network type influences the behavior of the OSPF interface. An OSPF network type is usually broadcast, which uses OSPF multicasting capabilities. Under this network type, a designated router and backup designated router are elected. For point-to-point networks, there are only two neighbors and multicast is not required. For routers on an interface to become neighbors, the network type for all should match.
This command overrides the medium { broadcast | p2p } command in interface configuration mode.
This example shows how to set an OSPF network as a broadcast network:
|
|
---|---|
To suppress Open Shortest Path First (OSPF) routing updates on an interface, use the ip ospf passive-interface command. To return to the default, use the no form of this command.
|
|
---|---|
If an interface is configured as a passive interface, it does not participate in OSPF and does not establish adjacencies or send routing updates. However, the interface is announced as part of the routing network.
This example shows how to set an interface as passive:
|
|
---|---|
To set the router priority for an Open Shortest Path First (OSPF) interface, use the ip ospf priority command. To return to the default, use the no form of this command.
no ip ospf priority number-value
Number that specifies the priority of the router. The range is from 0 to 255. |
|
|
---|---|
Use this command to set the router priority, which determines the designated router for this network. When two routers are attached to a network, both attempt to become the designated router. The router with the higher router priority takes precedence. If there is a tie, the router with the higher router ID takes precedence. A router with a router priority set to zero cannot become the designated router or backup designated router.
Cisco NX-OS uses this priority value when you configure OSPF for broadcast networks using the neighbor command in router configuration mode.
This example shows how to set the router priority value to 4:
|
|
---|---|
Configures the OSPF network type to a type other than the default for a given medium. |
To specify the time between Open Shortest Path First (OSPF) link-state advertisement (LSA) retransmissions for adjacencies that belongs to the interface, use the ip ospf retransmit-interval command. To return to the default, use the no form of this command.
ip ospf retransmit-interval seconds
no ip ospf retransmit-interval
|
|
---|---|
When a router sends an LSA to its neighbor, it keeps the LSA until it receives an acknowledgment message from the neighbor. If the router receives no acknowledgment within the retransmit interval, the local router resends the LSA.
This example shows how to set the retransmit interval value to 8 seconds:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To shut down an Open Shortest Path First (OSPF) interface, use the ip ospf shutdown command. To return to the default, use the no form of this command.
|
|
---|---|
This example shows how to shut down OSPF on an interface:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To set the estimated time required to send an Open Shortest Path First (OSPF) link-state update packet on the interface, use the ip ospf transmit-delay command. To return to the default, use the no form of this command.
ip ospf transmit-delay seconds
Time (in seconds) required to send a link-state update. The range is from 1 to 450 seconds, and the default is 1. |
|
|
---|---|
OSPF increments the LSA age time by the transmit delay amount before transmitting the LSA update. You should take into account the transmission and propagation delays for the interface when you set this value.
This example shows how to set the transmit delay value to 8 seconds:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Sets the estimated time between LSAs transmitted from this interface. |
|
To suppress all routing updates on an Enhanced Interior Gateway Routing Protocol (EIGRP) interface, use the ip passive-interface eigrp command. To reenable the sending of routing updates, use the no form of this command.
ip passive-interface eigrp instance-tag
no ip passive-interface eigrp instance-tag
Name of the EIGRP instance. The name can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
---|---|
When you use this command to to stop all routing updates on an interface and suppress the formation of EIGRP adjacencies, the network address for the interface remains in the EIGRP topology table.
This example shows how to stop EIGRP routing updates on ethernet 2/1:
|
|
---|---|
To identify a route map to use for policy routing on an interface, use the ip policy route-map command. To remove the route map, use the no form of this command.
Name of the route map. The name can be any alphanumeric string up to 63 characters. |
|
|
---|---|
Use the ip policy route-map command to identify a route map to use for policy routing. Use the route-map command to create the rout map. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which policy routing is allowed for the interface, based on the destination IP address of the packet. The set commands specify the set actions—the particular policy routing actions to perform if the criteria enforced by the match commands are met. The no ip policy route-map command deletes the pointer to the route map.
You can perform policy-based routing on any match criteria that can be defined in an expanded IP access list when using the match ip address command and referencing an expanded IP access list.
You must enable policy-based routing with the feature pbr command before you can use the ip policy route-map command.
This example shows how to configure a policy-based route map to an interface:
|
|
---|---|
To enable the generation of Internet Control Message Protocol (ICMP) port unreachable messages, use the ip port-unreachable command. To disable this function, use the no form of this command.
Interface configuration mode
Subinterface configuration mode
|
|
This example shows how to enable the generation of ICMP port unreachable messages, as appropriate, on an interface:
|
|
---|---|
To create a prefix list to match IP packets or routes against, use the ip prefix-list command. To remove the prefix-list, use the no form of this command.
ip prefix-list name [ seq number ] { permit | deny } prefix [ eq length | [ ge length ] [ le length ]]
no prefix-list name [ seq number ] { permit | deny } prefix [ eq length | [ ge length ] [ le length ]]
|
|
You configure prefix lists with permit or deny keywords to either permit or deny the prefix based on the matching condition. A prefix list consists of an IP address and a bit mask. The bit mask is entered as a number from 1 to 32. An implicit deny is applied to traffic that does not match any prefix-list entry.
You can configure prefix lists to match an exact prefix length or a prefix range. Use the ge and le keywords to specify a range of the prefix lengths to match, which provides a more flexible configuration. If you do not configure a sequence number, Cisco NX-OS applies a a default sequence number of 5 to the prefix list and subsequent prefix list entries are incremented by 5 (for example, 5, 10, 15, and so on). If you configure a sequence number for the first prefix list entry but not subsequent entries, then Cisco NX-OS increments the subsequent entries by 5 (for example, if the first configured sequence number is 3, then subsequent entries will be 8, 13, 18, and so on). You can suppress default sequence numbers by entering the no form of this command with the seq keyword.
Cisco NX-OS evaluates prefix lists that start with the lowest sequence number and continue down the list until a match is made. Once a match is made, the permit or deny statement is applied to that network and the rest of the list is not evaluated.
Tip For the best performance of your network, you should configure the most frequently processed prefix list statements with the lowest sequence numbers. The seq number keyword and argument can be used for resequencing.
The prefix list is applied to inbound or outbound updates for specific peer by entering the prefix-list command in neighbor address-family mode. Prefix list information and counters are displayed in the output of the show ip prefix-list command. Prefix-list counters can be reset by entering the clear ip prefix-list command.
This example shows how to configure a prefix list and apply it to a Border Gateway Protocol (BGP) peer:
|
|
---|---|
To configure a description string for an IP prefix list, use the ip prefix-list description command. To revert to default, use the no form of this command.
ip prefix-list name description string
no ip prefix-list name description
Name of the prefix list. The name can be any alphanumeric string up to 63 characters. |
|
Descriptive string for the prefix list. The string can be any alphanumeric string up to 90 characters. |
|
|
This example shows how to configure a description for an IP prefix list:
|
|
---|---|
To enable proxy Address Resolution Protocol (ARP) on an interface, use the ip proxy-arp command. To disable proxy ARP on the interface, use the no form of this command.
Interface configuration mode
Subinterface configuration mode
|
|
This example shows how to enable proxy ARP:
|
|
---|---|
To enable authentication for the Routing Information Protocol (RIP) Version 2 packets and to specify the set of keys that can be used on an interface, use the ip rip authentication key-chain command. To prevent authentication, use the no form of this command.
ip rip authentication key-chain name-of-chain
no ip rip authentication key-chain [ name-of-chain ]
|
|
---|---|
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to configure the interface to accept and send any key that belongs to the key-chain trees:
|
|
Creates a set of keys that can be used by an authentication method. |
|
Displays a summary of RIP information for all RIP instances. |
To specify the type of authentication used in the Routing Information Protocol (RIP) Version 2 packets, use the ip rip authentication mode command. To restore clear text authentication, use the no form of this command.
ip rip authentication mode { text | md5 }
Clear text authentication is provided for RIP packets if you configured a key chain.
|
|
---|---|
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to configure the interface to use MD5 authentication:
|
|
Enables authentication for RIP Version 2 packets and specifies the set of keys that can be used on an interface. |
|
Displays a summary of RIP information for all RIP instances. |
To add an additional value to the incoming IP Routing Information Protocol (RIP) route metric for an interface, use the ip rip metric-offset command. To return the metric to its default value, use the no form of this command.
Value to add to the incoming route metric for an interface. The range is from 1 to 15. The default is 1. |
|
|
---|---|
This command allows you to add a fixed offset to the route metric of all incoming routes on an interface. For example, if you set the metric-offset to 5 on an interface and the incoming route metric is 5, then Cisco NX-OS adds the route to the route table with a metric of 10.
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to configure a metric offset of 10 for all incoming RIP routes on Ethernet interface 2/1:
|
|
To add an offset to incoming and outgoing metrics to routes learned via Routing Information Protocol (RIP), use the ip rip offset-list command. To remove an offset list, use the no form of this command.
Value to add to the incoming route metric for an interface. The range is from 1 to 15. The default is 1. |
Router address-family configuration mode
|
|
---|---|
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to configure an offset of 10 for all incoming RIP routes on Ethernet interface 2/1:
|
|
To suppress the sending of the Routing Information Protocol (RIP) updates on an interface, use the ip rip passive-interface command. To unsuppress updates, use the no form of this command.
|
|
---|---|
While RIP stops sending routing updates to the multicast (or broadcast) address on a passive interface, RIP continues to receive and process routing updates from its neighbors on that interface.
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to configure Ethernet 1/2 as a passive interface:
|
|
Displays a summary of RIP information for all RIP instances. |
To enable poison-reverse processing of the Routing Information Protocol (RIP) router updates, use the ip rip poison-reverse command. To disable poison-reverse processing of RIP updates, use the no form of this command.
Split horizon is always enabled. Poison-reverse processing is disabled.
|
|
---|---|
By default, Cisco NX-OS does not advertise RIP routes out the interface over which they were learned (split horizon). If you configure both poison reverse and split horizon, then Cisco NX-OS advertises the learned routes as unreachable over the interface on which the route was learned.
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to enable poison-reverse processing for an interface running RIP:
|
|
Displays a summary of RIP information for all RIP instances. |
To filter the Routing Information Protocol (RIP) routes coming in or out of an interface, use the ip rip route-filter command. To remove filtering from an interface, use the no form of this command.
ip rip route-filter { prefix-list list-name | route-map map-name } { in | out }
no ip rip route-filter { prefix-list list-name | route-map map-name } { in | out }
Associates a route map to set the redistribution policy for RIP. |
|
|
|
---|---|
This command does not require a license but if you want to enable Layer 3 interfaces, you must install the LAN Base Services license.
This example shows how to use a route map to filter routes for a RIP interface:
|
|
---|---|
To configure a summary aggregate address under an interface for the Routing Information Protocol (RIP), use the ip rip summary-address command. To disable summarization of the specified address or subnet, use the no form of this command.
ip rip summary-address ip-prefix / mask
no ip rip summary-address ip-prefix / mask
|
|
---|---|
This example shows how to configure the summary address 192.0.2.0 that is advertised out Ethernet interface 1/2:
|
|
Displays a summary of RIP information for all RIP instances. |
To configure a static route, use the ip route command. To remove the static route, use the no form of this command.
ip route ip-prefix / mask {[ interface ] next-hop } [ preference ] [ tag id ]
no ip route ip-prefix / mask {[ interface ] next-hop }} [ preference ] [ tag id ]
|
|
---|---|
Static routes have a default administrative distance of 1. If you want a dynamic routing protocol to take precidence over a static route, you must configure the static route preference argument to be greater than the administrative distance of the dynamic routing protocol. For example, routes derived with the Enhanced Interior Gateway Routing Protocol (EIGRP) have a default administrative distance of 100. To have a static route that would be overridden by an EIGRP dynamic route, you should specify an administrative distance greater than 100.
This example shows how to create a static route for destinations with the IP address prefix 192.168.1.1/32, reachable through the next-hop address 10.0.0.2:
This example shows how to assign a tag to the previous example so that you can configure a route map that can match on this static route:
This example shows how to choose a preference of 110. In this case, packets for prefix 10.0.0.0 are routed to a router at 192.168.0.4 if dynamic route information with an administrative distance less than 110 is not available.
|
|
---|---|
To specify the Enhanced Interior Gateway Routing Protocol (EIGRP) instance for an interface, use the ip router eigrp command. To return to the default, use the no form of this command.
no ip router eigrp instance-tag
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
---|---|
Before you use this command, make sure that you enable EIGRP on the switch.
This example shows how to set the EIGRP instance for an interface:
|
|
---|---|
Saves the configuration changes in the startup configuration file. |
|
To specify the Open Shortest Path First (OSPF) instance and area for an interface, use the ip router ospf area command. To return to the default, use the no form of this command.
ip router ospf instance-tag area area-id [ secondaries none ]
no ip router ospf instance-tag area area-id [ secondaries none ]
|
|
---|---|
This example shows how to configure an interface for OSPF:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
To configure a multi-area adjacency on an Open Shortest Path First (OSPF) interface, use the ip router ospf multi-area command. To return to the default, use the no form of this command.
ip router ospf instance-tag multi-area area-id
no ip router ospf instance-tag multi-area area-id
|
|
---|---|
Before you use this command, make sure that you enable OSPF on the switch.
This example shows how to configure a multi-area adjacency:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To specify the Routing Information Protocol (RIP) instance for an interface, use the ip router rip command. To return to the default, use the no form of this command.
Name of the RIP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
---|---|
Before you use this command, make sure that you enable RIP on the switch.
This example shows how to set the RIP instance for an interface:
|
|
---|---|
Displays a summary of RIP information for all RIP instances. |
To enable split horizon for an Enhanced Interior Gateway Routing Protocol (EIGRP) process, use the ip split-horizon eigrp command. To disable split horizon, use the no form of this command.
ip split-horizon eigrp instance-tag
no ip split-horizon eigrp instance-tag
Name of the EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
---|---|
This example shows how to disable split horizon an an Ethernet link:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To configure a summary aggregate address for the specified Enhanced Interior Gateway Routing Protocol (EIGRP) interface, use the ip summary-address eigrp command. To disable a configuration, use the no form of this command.
ip summary-address eigrp instance-tag { ip-address / length | ip-address mask } [ admin-distance | leak-map map-name ]
no ip summary-address eigrp instance-tag { ip-address / length | ip-address mask }
An administrative distance of 5 is applied to EIGRP summary routes.
No summary addresses are predefined.
|
|
---|---|
This example shows how to configure an administrative distance of 95 on an EIGRP interface for the 192.168.0.0/16 summary address:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To enable path maximum transmission unit (MTU) discovery on an IPv4 interface, use the ip tcp path-mtu discovery command. To disable this feature, use the no form of this command.
|
|
This example shows how to enable path MTU discovery for both IPv4:
|
|
---|---|
To enable the generation of Internet Control Message Protocol (ICMP) unreachable messages, use the ip unreachables command. To disable this function, use the no form of this command.
Interface configuration mode
Subinterface configuration mode
|
|
The ip unreachables command is not supported in Warp mode.
This example shows how to enable the generation of ICMP unreachable messages on an interface:
|
|
---|---|
To enable the logging of changes in the Enhanced Interior Gateway Routing Protocol (EIGRP) adjacency state, use the log-adjacency-changes command. To disable the logging of changes in the EIGRP adjacency state, use the no form of this command.
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to enable logging of adjacency state changes for EIGRP 1:
|
|
---|---|
To configure the router to send a syslog message when the state of an Open Shortest Path First (OSPF) neighbor changes, use the log-adjacency-changes command. To turn off this function, use the no form of this command.
log adjacency changes [ detail ]
(Optional) Provides all (DOWN, INIT, 2WAY, EXSTART, EXCHANGE, LOADING, FULL) adjacency state changes. |
The router sends a system message when the state of an OSPF neighbor changes.
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This command is on by default but only reports the up/down (full/down) events if you do not use the detail keyword.
This example shows how to configure the router to send a system message when an OSPF neighbor state changes:
|
|
---|---|
Saves this configuration change to the startup configuration file. |
To enable the logging of Enhanced Interior Gateway Routing Protocol (EIGRP) neighbor warning messages, use the log-neighbor-warnings command. To disable the logging of EIGRP neighbor warning messages, use the no form of this command.
log-neighbor-warnings [ seconds ]
no log-neighbor-warnings [ seconds ]
(Optional) Time interval (in seconds) between repeated neighbor warning messages. The range of seconds is from 1 to 65535. |
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to log neighbor warning messages for EIGRP process 209 and to repeat the warning messages in 5-minute (300 seconds) intervals:
|
|
---|---|
To exempt a Border Gateway Protocol (BGP) neighbor from a low-memory shutdown, use the low-memory exempt command. To make a BGP neighbor eligible for a low-memory shutdown, use the no form of this command.
|
|
---|---|
This example shows how to exempt a neighbor from low-memory shutdown:
|
|
---|---|
To filter based on a MAC address, use the mac-list command. To remove the MAC list entry, use the no form of this command.
mac-list name [ seq number ] { permit | deny } mac-address [ mac-mask ]
no mac-list name [ seq number ] { permit | deny } mac-address [ mac-mask ]
|
|
---|---|
This example shows how to create the Red MAC list:
|
|
---|---|
To match to a Border Gateway Protocol (BGP) autonomous system (AS) number, use the match as-number command. To remove an AS number list entry, use the no form of this command.
match as-number { number [, number...] | as-path-access-list name [... name ]}
no match as-number { number [, number...] | as-path-access-list name [... name ]}
|
|
---|---|
Use this command to provide a list of AS numbers or an AS-path access list using a regular expression. BGP uses this match criteria to determine the BGP peers that will be used to create a BGP session.
Use the route map to specify a range of AS numbers whose peers can establish a session with the local BGP through prefix peering. Cisco NX-OS ignores any other match commands if the match as-number command is present in the route map.
This example shows how to configure a list of AS numbers:
switch(config
)# route-map IGP2BGP
switch(config
-route-map)# match as-number 64496, 64498-64510
switch(config
-route-map)#
|
|
Defines the conditions for redistributing routes from one routing protocol into another. |
To match a Border Gateway Protocol (BGP) autonomous system (AS) path access list, use the match as-path command. To remove a path list entry, use the no form of this command.
match as-path name [... name ]
no match as-path name [... name ]
Autonomous system path access list. The name can be any alphanumeric string up to 63 characters. |
|
(Optional) Autonomous system path access list. You can configure up to 32 access list names. |
|
|
---|---|
The values set by the match as-path command overrides global values.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route-map section with an explicit match specified.
This example sets the autonomous system path to match BGP autonomous system path access list 20:
switch(config
)# route-map IGP2BGP
switch(config
-route-map)# match as-path 20
switch(config
-route-map)#
To match a Border Gateway Protocol (BGP) community, use the match community command. To restore the system to its default condition where the software removes the BGP community list entry, use the no form of this command.
match community name [... name ] [ exact-match ]
no match community name [... name ] [ exact-match ]
|
|
---|---|
A route map can have several parts. Any route that does not match at least one match command that is related to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route-map section with an explicit match specified.
Matching that is based on the community list number is one of the types of match commands applicable to BGP.
This example shows how to match two BGP communities:
This example shows that the routes that match community list 1 have the weight set to 200. Any route that has the standard community 109 only has the weight set to 200.
This example shows the routes that match the community list 500. Any route that has expanded community 1 have the weight set to 150.
|
|
Defines the conditions for redistributing routes from one routing protocol into another. |
|
To match a Border Gateway Protocol (BGP) extended community in a route map, use the match extcommunity command. To remove the match from the route map, use the no form of this command.
match extcommunity name [... name ] [ exact-match ]
no match extcommunity name [... name ] [ exact-match ]
|
|
---|---|
A route map can have several parts. Any route that does not match at least one match command in the route map is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route-map section with an explicit match specified.
Matching that is based on the extended community list number is one of the types of match commands applicable to BGP.
This example shows how to match two BGP extended community lists:
This example shows that the routes that match the extended community list bgpLocal change from nontransitive to transitive:
|
|
Defines the conditions for redistributing routes from one routing protocol into another. |
|
Configures BGP to propagate community attributes to BGP peers. |
|
To match an interface in a route map, use the match interface command. To remove the match, use the no form of this command.
match interface {{ ethernet slot / port | loopback if_number | mgmt mgmt-id | port-channel number }[, { ethernet slot / port | loopback if_number | mgmt mgmt-id | port-channel number }...]}
no interface {{ ethernet slot / port | loopback if_number | mgmt mgmt-id | port-channel number }[, { ethernet slot / port | loopback if_number | mgmt mgmt-id | port-channel number }...]]}
|
|
---|---|
Route next-hop addresses that are reached by one of the interfaces result in a match for the route map.
A route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route-map section with an explicit match specified.
This example shows how to configure a list of interfaces:
switch#
configure terminal
switch(config
)# route-map test1
switch(config
-route-map)# match interface ethernet 2/1, ethernet 4/3
switch(config
-route-map)#
|
|
---|---|
Defines the conditions for redistributing routes from one routing protocol into another. |
To distribute any routes that have a destination IP network number address that is permitted by a standard access list, an expanded access list, or a prefix list, use the match ip address command. To remove the match ip address entry, use the no form of this command.
match ip address { prefix-list prefix-list-name [ prefix-list-name...]}
no match ip address { prefix-list prefix-list-name [ prefix-list-name...]}
Distributes routes based on a prefix list. The prefix list name can be any alphanumeric string up to 63 characters. The ellipsis indicates that multiple values can be entered, up to 32 prefix lists. |
|
|
---|---|
An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the prefix-list-name argument.
Like matches in the same route map subblock are filtered with “or” semantics. If any one match clause is matched in the entire route map subblock, this match is treated as a successful match. Dissimilar match clauses are filtered with “and” semantics, so dissimilar matches are filtered logically. If the first set of conditions is not met, the second match clause is filtered. This process continues until a match occurs or there are no more match clauses.
Use route maps to redistribute routes.
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
When you are passing routes through a route map, a route map can have several sections that contain specific match clauses. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route map section with an explicit match specified.
This example shows how to match routes that have addresses specified by an access list test:
switch#
configure terminal
switch(config
)# interface ethernet 2/10
switch(config-if
)# no switchport
switch(config-if
)# exit
switch(config
)# route-map chicago
switch(config
-route-map)# match ip address test
switch(config
-route-map)#
To configure the IPv4 multicast features for the route-map matching, use the match ip multicast command. To remove the match, use the no form of this command.
match ip multicast { group address / length | source address / length | rp address / length [ rp-type asm ]}
|
|
---|---|
The match ip multicast command is the only match command that is evaluated in the route map. You can specify the group prefix, group range, and source prefix to filter messages with the match ip multicast command.
Use the route-map command to enter route-map configuration mode. Once you enter the route-map command, the prompt changes to the following:
switch(config-route-map)#
Once you enter route-map configuration mode, you can enter the match ip multicast command.
This example shows how to specify the group IPv4 prefix and the length of the IPv4 prefix for the neighbors to match:
switch#
configure terminal
switch(config-route-map)#
match ip multicast group 192.0.0.0/19
switch(config-route-map)#
This example shows how to specify both the group IPv4 prefix and the rendezvous point of the IPv4 prefix for the neighbors to match:
switch#
configure terminal
switch(config-route-map)#
match ip multicast group 192.0.0.0/19 rp 209.165.201.0/27
switch(config-route-map)#
To redistribute any IPv4 routes that have a next-hop router address passed by one of the access lists specified, use the match ip next-hop prefix-list command. To remove the next hop entry, use the no form of this command.
match ip next-hop prefix-list prefix-list-name [... prefix-list-name ]
no match ip next-hop prefix-list prefix-list-name [... prefix-list-name ]
Number or name of a prefix list. It can be any alphanumeric string up to 63 characters. The ellipsis indicates that multiple values can be entered, up to 32 prefix lists. |
Routes are distributed freely, without being required to match a next hop address.
|
|
---|---|
An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the prefix-list-name argument.
Use the route-map global configuration command, and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
When you are passing routes through a route map, a route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route map section with an explicit match specified.
This example shows how to distributes routes that have a next-hop router address passed by the prefix list test:
switch#
configure terminal
switch(config)#
route-map blue
switch(config-route-map)#
match ip next-hop prefix-list test
switch(config-route-map)#
To redistribute IPv4 routes that have been advertised by routers and access servers at the address specified by the access lists, use the match ip route-source prefix-list command. To remove the route-source entry, use the no form of this command.
match ip route-source prefix-list prefix-list-name [... prefix-list-name ]
no match ip route-source prefix-list prefix-list-name [... prefix-list-name ]
Number or name of a prefix list. It can be any alphanumeric string up to 63 characters. The ellipsis indicates that multiple values can be entered, up to 32 prefix lists. |
|
|
---|---|
An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the prefix-list-name argument.
Use the route-map global configuration command, and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify only some data, you must configure second route map section with an explicit match specified.
There are situations in which the next hop and source router address of the route are not the same.
This example shows how to distribute routes that have been advertised by routers and access servers at the addresses specified by access lists 5 and 80:
switch#
configure terminal
switch(config)#
route-map blue
switch(config-route-map)#
match ip route-source prefix-list 5 80
switch(config-route-map)#
To redistribute routes in the routing table that match the routing metric value, use the match metric command. To remove the tag entry, use the no form of this command.
match metric metric-value [ +- deviation-number ] [... metric-value [ +- deviation-number ]]
no match metric metric-value [ +- deviation-number ] [... metric-value [ +- deviation-number ]]
|
|
---|---|
To redistribute routes with the specified metric, use the match metric command in route-map configuration mode. To remove the entry for the redistributed route from the routing table, use the no form of this command.
You can specify one or more metrics (or) range of metrics using the deviation-number argument. At least one of the specified metrics must match for the command to pass.
An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the arguments.
Use the route-map global configuration command, and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure second route map section with an explicit match specified.
This example shows how to redistribute routes stored in the routing table with a metric of 5:
To redistribute routes in the routing table that match a MAC address in the MAC list, use the match mac-list command. To remove the tag entry, use the no form of this command.
MAC list name. The name can be any case-sensitive, alphanumeric string up to 32 characters. |
|
|
---|---|
Use the route-map global configuration command, and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route map section with an explicit match specified.
This example shows how to redistribute routes stored in the routing table that match entries in the Red MAC list:
To redistribute routes of the specified type, use the match route-type command. To remove the route type entry, use the no form of this command.
match route-type { external | internal | local | nssa-external | type-1 | type-2 }
no match route-type { external | internal | local | nssa-external | type-1 | type-2 }
|
|
---|---|
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route map section with an explicit match specified.
This example shows how to redistribute internal routes:
This example shows how to redistribute internal routes and type-1 OSPF routes:
To redistribute routes in the routing table that match the specified tags, use the match tag command. To remove the tag entry, use the no form of this command.
match tag tag-value [... tag-value ]
no match tag tag-value [... tag-value ]
List of one or more route tag values. Each can be an integer from 0 to 4,294,967,295. You can configure up to 32 tags. |
|
|
---|---|
An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the tag-value argument.
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route map section with an explicit match specified.
This example shows how to redistribute routes stored in the routing table with tag 5:
To filter routes with the specified VLAN, use the match vlan command. To remove the entry for the redistributed route from the routing table, use the no form of this command.
Range of VLAN that this command matches against. The range is from 1 to 4094. |
|
|
---|---|
To filter routes with the specified VLAN, use the match vlan command You can specify one or more VLANs (or) range of VLANs. At least one of the specified VLANs must match for the command to pass. The command matches any VLAN that falls inclusive in the range.
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route map section with an explicit match specified.
This example shows how to redistribute routes that match VLANs 5 to 10:
To configure the Open Shortest Path First (OSPF) protocol to advertise a maximum metric so that other routers do not prefer the router as an intermediate hop in their shortest path first (SPF) calculations, use the max-metric router-lsa command. To disable the advertisement of a maximum metric, use the no form of this command.
max-metric router-lsa [ on-startup [ seconds | wait-for bgp tag ]]
no max-metric router-lsa [ on-startup [ seconds | wait-for bgp tag ]]
Originates router link-state advertisements (LSAs) with normal link metrics.
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This command allows Border Gateway Protocol (BGP) routing tables to converge without attracting transit traffic (if there are not alternate lower cost paths to the router). The router advertises accurate (normal) metrics after the configured or default timers expire or after BGP sends a notification that routing tables have converged.
Note Directly connected links in a stub network are not affected by the configuration of a maximum or infinite metric because the cost of a stub link is always set to the output interface cost.
You can use the max-metric router-lsa command in the following situations:
This example shows how to configure a router that is running OSPF to advertise a maximum metric for 100 seconds:
This example shows how to configure a router to advertise a maximum metric until BGP routing tables converge or until the default timer expires (600 seconds):
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To configure the external Border Gateway Protocol (eBGP) to discard routes that have a high number of autonomous system (AS) numbers in the AS-path attribute, use the maxas-limit command. To revert to the default, use the no form of this command.
(Optional) Maximum number of AS numbers allowed in the AS-path attribute. The range is from 1 to 2000. |
Router configuration mode
VRF configuration mode
|
|
---|---|
This example shows how to set the maximum number of AS numbers to 50:
|
|
---|---|
To control the maximum number of parallel routes that the Border Gateway Protocol (BGP) can support, use the maximum-paths command. To restore the default number of parallel routes, use the no form of this command.
maximum-paths [ ibgp ] number-paths
no maximum-paths [ ibgp ] number-paths
Maximum number of parallel routes that an IP routing protocol installs in a routing table. The range is from 1 to 32. |
Router address family configuration mode
|
|
---|---|
This example shows how to allow a maximum of 16 paths to a destination for a BGP routing process:
|
|
---|---|
To control the maximum number of parallel routes that the Enhanced Interior Gateway Routing Protocol (EIGRP) can support, use the maximum-paths command. To remove the maximum-paths command from the configuration file and restore the default, use the no form of this command.
Maximum number of parallel routes that EIGRP can install in a routing table. The range is from 1 to 32 routes. |
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Multiple paths are installed for both internal and external routes that are learned in the same autonomous system and that have an equal cost (according to the EIGRP best path algorithm).
This example shows how to allow a maximum of 10 paths to a destination:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To configure the maximum number of equal cost parallel routes that the Routing Information Protocol (RIP) can install into the routing table, use the maximum-paths command. To remove the maximum-paths command and restore the system to its default condition, use the no form of this command.
Maximum number of parallel routes that RIP can install in a routing table. The range is from 1 to 32. |
Router address-family configuration mode
|
|
---|---|
This example shows how to allow a maximum of 16 equal cost paths to a destination:
|
|
Displays a summary of RIP information for all RIP instances. |
To control the maximum number of parallel routes that Open Shortest Path First (OSPF) can support, use the maximum-paths command. To remove the maximum-paths command from the configuration file and restore the system to the default, use the no form of this command.
Maximum number of parallel routes that OSPF can install in a routing table. The range is from 1 to 32 routes. |
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Multiple paths are installed for both internal and external routes that are learned in the same autonomous system and that have an equal cost (according to the OSPF shortest path first algorithm).
This example shows how to allow a maximum of 10 paths to a destination:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
To control how many prefixes can be received from a neighbor, use the maximum-prefix command. To disable this function, use the no form of this command.
maximum-prefix maximum [ threshold ] [ restart restart-interval ] [ warning-only ]
This command is disabled by default. Peering sessions are disabled when the maximum number of prefixes is exceeded. If you do not configure the restart interval, a disabled session stays down after the maximum-prefix limit is exceeded.
Peer template configuration mode
BGP router configuration mode
BGP neighbor address-family configuration mode
|
|
---|---|
The number of prefixes that can be configured is limited only by the available system resources on a router.
The maximum-prefix command allows you to configure a maximum number of prefixes that a Border Gateway Protocol (BGP) routing process accepts from the specified peer. This feature provides a mechanism (in addition to distribute lists, filter lists, and route maps) to control prefixes received from a peer.
When the number of received prefixes exceeds the maximum number configured, BGP disables the peering session (by default). If you configure the restart interval, BGP automatically reestablishes the peering session at the configured time interval. If you do not configure the restart interval and a peering session is terminated because the maximum prefix limit has been exceed, the peering session is not reestablished until you enter the clear ip bgp command. If the warning-only keyword is configured, BGP sends only a log message and continues to peer with the sender.
There is no default limit on the number of prefixes that can be configured with this command. Limitations on the number of prefixes that can be configured are determined by the amount of available system resources.
This example shows how to set the maximum prefixes that are accepted from the 192.168.1.1 neighbor to 1000:
This example shows how to set the maximum number of prefixes that are accepted from the 192.168.2.2 neighbor to 5000. The router is also configured to display warning messages when 50 percent of the maximum-prefix limit (2500 prefixes) has been reached.
This example shows how to set the maximum number of prefixes that are accepted from the 192.168.3.3 neighbor to 2000. The router is also configured to reestablish a disabled peering session after 30 minutes.
This example shows how to set the warning messages that are displayed when the maximum-prefix limit (500) for the 192.168.4.4 neighbor is exceeded:
This example shows how to set the maximum number of prefixes that are accepted from the 192.168.1.3 neighbor to 1500.
|
|
---|---|
To enable Open Shortest Path First (OSPF) Message Digest 5 (MD5) authentication on a virtual link, use the message-digest-key command. To remove an old MD5 key, use the no form of this command.
message-digest-key key-id md5 [ 0 | 3 ] key
(Optional) Specifies to use an unencrypted password to generate the md5 key. |
|
(Optional) Specifies to use an encrypted 3DES password to generate the md5 key. |
|
Virtual link configuration mode
|
|
---|---|
When you configure the MD5 digest authentication mode, make sure that both interfaces on the virtual link have the same key value.
This example shows how to set key 19 with the password 8ry4222:
|
|
---|---|
To advertise that those Enhanced Interior Gateway Routing Protocol (EIGRP) routes with a higher hop count than you specified are unreachable, use the metric maximum-hops command. To reset the value to the default, use the no form of this command.
metric maximum-hops hops-number
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Use this command to provide a safety mechanism that causes EIGRP to advertise routes with a hop count greater than the value assigned to the hops-number argument as unreachable.
This example shows how to configure a hop count to 200:
|
|
---|---|
To tune the Enhanced Interior Gateway Routing Protocol (EIGRP) metric calculations, use the metric weights command. To reset the values to their defaults, use the no form of this command.
metric weights tos k1 k2 k3 k4 k5
Constants that convert an EIGRP metric vector into a scalar quantity. The arguments are as follows: |
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to set the metric weights to change the default values:
To configure a Border Gateway Protocol (BGP) neighbor (router or VRF) and enter the neighbor configuration mode, use the neighbor command. To remove an entry, use the no form of this command.
neighbor { ip-addr | ip-prefix / length } [ remote-as { as-num [. as-num ]}
no neighbor { ip-addr | ip-prefix / length } [ remote-as { as-num [. as-num ]}]
Neighbor address-family configuration mode
Router bgp configuration mode
|
|
---|---|
Use the neighbor command to enter the BGP neighbor configuration mode. When you enter the neighbor command, the prompt changes to switch(config-router-neighbor)#.
From the BGP neighbor configuration mode, you can perform the following actions:
Note You should enter this command under the guidance of Cisco technical support staff only.
The Cisco NX-OS software allows BGP sessions to use any operational interface for TCP connections, when you enter the update-source command in neighbor configuration mode. To restore the interface assignment to the closest interface, which is called the best local address, use the no form of this command.
This example shows how to configure a single-hop eBGP peering session between two BGP peers that are reachable on the same network segment through a local loopback interfaces on each router:
This example shows how to source BGP TCP connections for the specified neighbor with the IP address of the loopback interface rather than the best local address:
|
|
---|---|
To configure an IP prefix to advertise, use the network command. To remove the IP prefix to advertise, use the no form of this command.
network ip-addr | ip-prefix / length mask mask-num [ route-map name ]
no network ip-addr | ip-prefix / length mask mask-num [ route-map name ]
Neighbor address-family configuration mode
Router bgp configuration mode
|
|
---|---|
The IP prefix to advertise is considered as a best path and advertisement to peers only if a route of equal or more specificity is present in the routing table.
This example shows how to configure an IP prefix to advertise:
|
|
---|---|
Enters the address family mode and configures submode commands for the Border Gateway Protocol (BGP). |
To specify that Border Gateway Protocol (BGP) routes are resolved using only the next hops that have routes that match specific characteristics, use the nexthop route-map command. To remove the route map, use the no form of this command.
Route map name. The name can be any alphanumeric string up to 63 characters. |
Address-family configuration mode
|
|
---|---|
BGP next-hop filtering allows you to specify that when a next-hop address is checked with the Routing Information Base (RIB), the underlying route for that next-hop address is passed through the route map. If the route map rejects the route, the next-hop address is treated as unreachable.
BGP marks all next hops that are rejected by the route policy as invalid and does not calculate the best path for the routes that use the invalid next-hop address.
This example shows how to configure a route map to filter the next-hop address:
|
|
---|---|
Configures the delay timers for BGP next-hop address tracking. |
|
Defines the conditions for redistributing routes from one routing protocol into another. |
|
To set the IP address of the router as the next hop address, use the next-hop-self command. To revert to the default configuration, use the no form of this command.
BGP neighbor address-family configuration mode
|
|
---|---|
This example shows how to configure the IP address of a router as the next-hop address:
|
|
To specify a Border Gateway Protocol (BGP) delay for triggering next-hop calculations, use the nexthop trigger-delay command. To set the trigger delay to the default value, use the no form of this command.
nexthop trigger-delay { critical delay | non-critical delay }
no nexthop trigger-delay { critical delay | non-critical delay }
Critical delay: 3000 milliseconds.
Noncritical delay: 10000 milliseconds.
Address-family configuration mode
|
|
---|---|
The non-critical delay value must always be set to a value that is at least equal or greater to the critical delay value.
The delay should be slightly higher than the time it takes for the Interior Gateway Protocol (IGP) to settle into a steady state after some event (IGP convergence time).
This example shows how to modify the next-hop address tracking delay:
|
|
---|---|
To configure the interface as a Layer 3 Ethernet interface, use the no switchport command.
|
|
---|---|
You can configure any Ethernet port as a routed interface. When you configure an interface as a Layer 3 interface, any configuration specific to Layer 2 on this interface is deleted.
If you want to configure a Layer 3 interface for Layer 2, enter the switchport command. Then, if you change a Layer 2 interface to a routed interface, enter the no switchport command.
This example shows how to enable an interface as a Layer 3 routed interface:
This example shows how to configure a Layer 3 interface as a Layer 2 interface:
|
|
---|---|
Saves the running configuration to the startup configuration file. |
|
To specify an object for a tracked list, use the object command. To remove the object from the tracked list, use the no form of this command.
object object-number [ not ] [ weight weight-number ]
(Optional) Negates the state of an object. Note You cannot use the not keyword in a weight or percentage threshold list. You can use this keyword only in a Boolean list. |
|
|
|
---|---|
You can configure an object track list that contains multiple tracked objects. A tracked list contains one or more objects.
The Boolean expression enables two types of calculation by using either “and” or “or” operators.
You can also configure an object track list that contains a percentage threshold.The percentage of up objects must exceed the configured track list up percent threshold before the track list is in an up state. For example, if the tracked list has three objects, and you configure an up threshold of 60 percent, two of the objects must be in the up state (66 percent of all objects) for the track list to be in the up state.
You can also configure an object track list that contains a weight threshold. A tracked list contains one or more objects. The combined weight of up objects must exceed the configured track list up weight threshold before the track list is in an up state. For example, if the tracked list has three objects with the default weight of 10 each, and you configure an up threshold of 15, two of the objects must be in the up state (combined weight of 20) for the track list to be in the up state.
This example shows how to configure a track list with an up weight threshold of 30 and a down threshold of 10:
|
|
---|---|
To configure the Border Gateway Protocol (BGP) to use MD5 authentication, use the password command. To disable this function, use the no from of this command.
password [ auth-key string | string ]
no password [ auth-key string | string ]
(Optional) MD5 authentication key. You can enter an unencrypted (cleartext) key, or one of these values followed by a space and the MD5 authentication key: |
|
BGP neighbor configuration mode
|
|
This example shows how to enable an unencrypted key for a BGP neighbor:
switch(config)#
router bgp 101
switch(config-router)#
neighbor 192.0.2.1 remote-as 1.2
switch(config-route-neighbor)#
password 0 myauthkey
switch(config-route-neighbor)#
This example shows how to disable an unencrypted authentication key for a BGP neighbor:
switch(config)#
router bgp 101
switch(config-router)#
neighbor 192.0.2.1 remote-as 1.2
switch(config-route-neighbor)#
no password 0 myauthkey
switch(config-route-neighbor)#
|
|
---|---|
To configure IP packet verification, use the platform ip verify command. To return to the default setting, use the no form of this command.
platform ip verify { checksum | fragment | tcp tiny-frag | version }
no platform ip verify { checksum | fragment }
|
|
---|---|
Use this command to configure packet verification tests on IPv4 packets based on checksum or fragments.
This example shows how to drop fragmented IPv4 packets:
|
|
---|---|
Configures IPv4 packet verification checks based on addresses. |
|
To perform packet verification on IP addresses, use the platform ip verify address command. To return to the default setting, use the no form of this command.
platform ip verify address { destination zero | identical | reserved | source { broadcast | multicast }}
no platform ip verify address { destination zero | identical | reserved | source { broadcast | multicast }}
|
|
---|---|
This example shows how to drop broadcast IPv4 packets:
|
|
---|---|
Configures IPv4 packet verification checks based on checksum or fragments. |
|
To configure IPv4 packet verification based on packet length, use the platform ip verify length command. To return to the default setting, use the no form of this command.
platform ip verify length { consistent | maximum { max-frag | max-tcp | udp } | minimum }
no platform ip verify length { consistent | maximum { max-frag | max-tcp | udp } | minimum }
|
|
---|---|
This example shows how to drop minimum-length IPv4 packets:
|
|
---|---|
Configures IPv4 packet verification checks based on checksum or fragments. |
|
Configures IPv4 packet verification checks based on addresses. |
|
To enable Open Shortest Path First (OSPF) policy statistics, use the policy statistics enabl e command. To disable policy statistics, use the no form of this command.
|
|
---|---|
This example shows how to enable policy statistics gathering on OSPF 2:
|
|
---|---|
To configure a preemption delay, use the preempt command. To disable this feature, use the no form of this command.
preempt [ delay { minimum min-delay | reload rel-delay | sync sync-delay }]
no preempt [ delay { minimum min-delay | reload rel-delay | sync sync-delay }]
Interface configuration or HSRP template mode
|
|
---|---|
Specifying a minimum delay allows routing tables to be updated before a router becomes active. When a router first comes up, it does not have a complete routing table. A high-priority router will only delay preemption if it first receives a hello packet from a low-priority active router. If the high-priority router does not receive a hello packet from the low-priority active router when it is starting up, it assumes there is no active router for the group and becomes active as soon as possible.
This example shows how to configure a delay when a router becomes active when its priority is 110:
|
|
---|---|
To enable a high-priority backup virtual router to preempt the low-priority master virtual router, use the preempt command. To disable a high-priority backup virtual router from preempting the low-priority master virtual router, use the no form of this command.
|
|
---|---|
VRRP enables you to preempt a virtual router backup that has taken over for a failing virtual router master with a high-priority virtual router backup that has become available.
By default, a preemptive scheme is enabled. A backup high-priority virtual router that becomes available takes over for the backup virtual router that was elected to become the virtual router master. If you disable preemption, the backup virtual router that is elected to become the virtual router master remains the master until the original virtual router master recovers and becomes the master again.
Note This preemption does not apply to the primary IP address.
If the virtual IP address is also the IP address for the interface, then preemption is applied.
This example shows how to enable the backup high-priority virtual router to preempt the low-priority master virtual router:
|
|
---|---|
Clears all the software counters for the specified virtual router. |
|
To set the priority level within a Hot Standby Router Protocol (HSRP) group, use the priority command. To remove the priority level, use the no form of this command.
priority level [ forwarding-threshold lower lower-value upper upper-value ]
no priority level [ forwarding-threshold lower lower-value upper upper-value ]
HSRP configuration or HSRP template mode
|
|
---|---|
HSRP compares the priorities of all virtual routers in the HSRP group and selects the router with the numerically highest priority. If two virtual routers have equal priority, HSRP selects the router with the highest IP address.
This example shows how to configure a virtual router with a priority of 254:
|
|
---|---|
To set the priority for the Virtual Router Redundancy Protocol (VRRP), use the priority command. To revert to the default value, use the no form of this command.
priority level [ forwarding-threshold lower lower-value upper upper-value ]
no priority level [ forwarding-threshold lower lower-value upper upper-value ]
The default value is 100. For switches whose interface IP address is the same as the primary virtual IP address, the default value is 254.
|
|
---|---|
The priority determines whether or not a VRRP router functions as a virtual router backup, the order of ascendancy for the VRRP router to become a virtual router master if the virtual router master fails, the role that each VRRP router plays, and what happens if the virtual router master fails.
If a VRRP router owns the IP address of the virtual router and the IP address of the physical interface, then this router functions as a virtual router master.
By default, a preemptive scheme is enabled. A backup high-priority virtual router that becomes available takes over for the backup virtual router that was elected to become the virtual router master. If you disable preemption, then the backup virtual router that is elected to become the virtual router master remains the master until the original virtual router master recovers and becomes the master again.
This example shows how to specify the priority for a virtual router:
|
|
---|---|
To shut down an Open Shortest Path First (OSPF) instance without removing the configuration, use the protocol shutdown command. To disable this function, use the no form of this command.
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to disable OSPF 209:
|
|
---|---|
To inject routes from one routing domain into the Border Gateway Protocol (BGP), use the redistribute command. To remove the redistribute command from the configuration file and restore the system to its default condition in which the software does not redistribute routes, use the no form of this command.
redistribute { direct | eigrp instance-tag | ospf instance-tag | rip instance-tag | static } [ route-map map-name ]
no redistribute { direct | eigrp instance-tag | ospf instance-tag | rip instance-tag | static } [ route-map map-name ]
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
You should always use a route map to filter these routes to ensure that BGP redistributes only the routes that you intend to redistribute.
You must configure a default metric to redistribute routes from another protocol into BGP. You can configure the default metric with the default-metric command or with the route map configured with the redistribute command.
This example shows how to redistribute BGP routes into an EIGRP autonomous system:
|
|
---|---|
To inject routes from one routing domain into the Enhanced Interior Gateway Routing Protocol (EIGRP), use the redistribute command. To remove the redistribute command from the configuration file and restore the system to its default condition in which the software does not redistribute routes, use the no form of this command.
redistribute { bgp as-number | direct | eigrp id | ospf instance-tag | rip instance-tag | static } [ route-map map-name ]
no redistribute { bgp as-number | direct | eigrp as-number | ospf instance-tag | rip instance-tag | static }
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
You should always use a route map to filter these routes to ensure that EIGRP redistributes only the routes that you intend to redistribute.
You must configure a default metric to redistribute routes from another protocol into EIGRP. You can configure the default metric with the default-metric command or with the route map configured with the redistribute command.
This example shows how to redistribute cause BGP routes into an EIGRP autonomous system:
|
|
---|---|
Sets the default metrics for routes redistributed into EIGRP. |
|
To inject routes from one routing domain into Open Shortest Path First (OSPF), use the redistribute command. To remove the redistribute command from the configuration file and restore the system to its default condition in which the software does not redistribute routes, use the no form of this command.
redistribute { bgp as-number | direct | eigrp id | ospf instance-tag | rip instance-tag | static } [ route-map map-name ]
no redistribute { bgp as-number | direct | eigrp id | ospf instance-tag | rip instance-tag | static }
Router configuration mode
Router VRF configuration mode
|
|
---|---|
You should always use a route map to filter these routes to ensure that OSPF redistributes only the routes that you intend.
You must configure a default metric to redistribute routes from another protocol into OSPF. You can configure the default metric with the default-metric command or with the route map configured with the redistribute command.
Note If you redistribute static routes, Cisco NX-OS also redistributes the default static route.
This example shows how to redistribute BGP routes into an OSPF autonomous system:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Sets the default metrics for routes redistributed into OSPF. |
|
To redistribute routes from another routing domain into the Routing Information Protocol (RIP), use the redistribute command. To restore the system to its default condition in which the software does not redistribute routes, use the no form of this command.
redistribute { bgp id | direct | eigrp id | ospf id | static } route-map map-name
Router address-family configuration mode
|
|
---|---|
Cisco NX-OS filters redistributed routing information using a route map. You can configure the route map to set the RIP metric used for redistributed routes. If you do not set the RIP metric with a route map, Cisco NX-OS determines the metric based on the redistributed protocol or by the default-metric command. If Cisco NX-OS cannot determine a valid metric, then it does not redistribute the routes.
This example shows how to redistribute BGP routes into a RIP process:
To limit the number of routes redistributed into Enhanced Interior Gateway Routing Protocol (EIGRP), use the redistribute maximum-prefix command. To return to the default setting, use the no form of this command.
redistribute maximum-prefix max [ threshold ] [ warning-only | withdraw [ num-retries timeout ]]
no redistribute maximum-prefix max [ threshold ] [ warning-only | withdraw [ num-retries timeoutl ]
Router configuration mode
VRF configuration mode
|
|
---|---|
Use the clear ip eigrp redistribute command if all routes are withdrawn.
This example shows how to limit the number of redistributed routes into EIGRP:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To limit the number of routes redistributed into Open Shortest Path First (OSPF), use the redistribute maximum-prefix command. To return to the default setting, use the no form of this command.
redistribute maximum-prefix max [ threshold ] [ warning-only | withdraw [ num-retries timeout ]]
no redistribute maximum-prefix max [ threshold ] [ warning-only | withdraw [ num-retries timeout ]]
Router configuration mode
VRF configuration mode
|
|
---|---|
Use the clear ip ospf redistribute command if all routes are withdrawn.
This example shows how to limit the number of redistributed routes into OSPF:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To specify the autonomous system (AS) number for a neighbor, use the remote-as command. To remove an AS number, use the no form of this command.
AS number. The format is x for a two-byte value or x.x for a four-byte value. The range is from 1 to 65535. |
|
|
---|---|
This example shows how to configure the neighbor AS number:
|
|
To restart a Border Gateway Protocol (BGP) autonomous system and remove all associated neighbors, use the restart bgp command.
restart bgp as-num [. as-num ]
|
|
---|---|
This example shows how to restart the BGP autonomous system:
|
|
---|---|
To restart an Enhanced Interior Gateway Routing Protocol (EIGRP) instance and remove all associated neighbors, use the restart eigrp command.
Name for an EIGRP routing instance. The name can be a maximum of 20 alphanumeric characters. |
|
|
---|---|
This example shows how to restart the OSPFv2 instance and remove all neighbors:
|
|
---|---|
To restart an Open Shortest Path First version 2 (OSPFv2) instance and remove all associated neighbors, use the restart ospf command.
|
|
---|---|
This example shows how to restart the OSPFv2 instance and remove all neighbors:
|
|
---|---|
To restart a Routing Information Protocol (RIP) instance and remove all associated neighbors, use the restart rip command.
Name for an RIP routing instance. The name can be a maximum of 20 alphanumeric characters. |
|
|
---|---|
This example shows how to restart the RIP instance and remove all neighbors:
|
|
---|---|
To specify the time between link-state advertisement (LSA) retransmissions for adjacencies that belong to the virtual link, use the retransmit-interval command. To return to the default, use the no form of this command.
Virtual link configuration mode
|
|
---|---|
Use this command to set the LSA retransmission time. If a router receives no acknowledgment that an LSA was received, the router resends the LSA at the retransmission interval.
This example shows how to set the retransmit interval value to 8 seconds:
|
|
---|---|
To configure RFC 1583 compatibility as the method used to calculate summary route costs, use the rfc1583compatibility command. To disable RFC 1583 compatibility, use the no form of this command.
|
|
---|---|
To minimize the chance of routing loops, all Open Shortest Path First (OSPF) routers in an OSPF routing domain should have RFC compatibility set identically.
Because of the introduction of RFC 2328, OSPF Version 2, the method used to calculate summary route costs has changed. Use the no rfc1583compatibility command to enable the calculation method used per RFC 2328.
This example specifies that the router process is compatible with RFC 1583:
To create a route map, enter the route-map configuration mode, or define the conditions for redistributing routes from one routing protocol into another, use the route-map command. To delete an entry, use the no form of this command.
route-map map-tag [ deny | permit ] [ sequence-number ]
no route-map map-tag [ permit | deny ] [ sequence-number ]
|
|
---|---|
If you make changes to a route map that is used by a client, you must exit the route-map configuration submode before the changes take effect in the client. The route-map changes are not propagated to its clients until you exit from the route-map configuration submode or 60 seconds expire since entering the submode.
Use route maps to redistribute routes.
The redistribute router configuration command uses the map-tag name to reference the route map. Multiple route maps may share the same map tag name.
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must pass to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
Use route maps when you want detailed control over how routes are redistributed between routing processes. The destination routing protocol is the one you specify with the router global configuration command. The source routing protocol is the one you specify with the redistribute router configuration command. See the “Examples” section for an illustration of how route maps are configured.
When you are passing routes through a route map, a route map can have several parts. Any route that does not match at least one match clause that relates to a route-map command is ignored; that is, the route is not advertised for outbound route maps and is not accepted for inbound route maps. If you want to modify some particular data, you must configure a second route map section with an explicit match specified.
This example shows how to redistribute Routing Information Protocol (RIP) routes with a hop count equal to 1 into Open Shortest Path First (OSPF). These routes are redistributed into OSPF as external link-state advertisements (LSAs) with a metric type of Type 1, and a tag equal to 1.
switch(config
)# router ospf 109
switch(config-route-map)# redistribute
rip route-map rip-to-ospf
switch(config-route-map)# route
-map rip-to-ospf permit
switch(config
-route-map)# set metric 5
switch(config
-route-map)# set metric-type type1
switch(config
-route-map)# set tag 1
switch(config
-route-map)#
This example shows how to set the autonomous system path to match BGP autonomous system path access list 20:
switch(config
)# route-map IGP2BGP
switch(config
-route-map)# match as-path 20
switch(config
-route-map)#
This example shows how to configure that the routes matching community list 1 have the weight set to 100. Any route that has community 109 has the weight set to 100.
switch(config
)# ip community-list 1 permit 109
switch(config
)# route-map set_weight
switch(config
-route-map)# match community 1
switch(config
-route-map)# set weight 100
switch(config
-route-map)#
This example shows how to configure that the routes matching community list 1 have the weight set to 200. Any route that has community 109 alone has the weight set to 200.
switch(config
)# ip community-list 1 permit 109
switch(config
)# route-map set_weight
switch(config
-route-map)# match community 1 exact
switch(config
-route-map)# set weight 200
switch(config
-route-map)#
This example shows how to configure that the routes match community list LIST_NAME have the weight set to 100. Any route that has community 101 alone has the weight set to 100.
switch(config
)# ip community-list 1 permit 101
switch(config
)# route-map set_weight
switch(config
-route-map)# match community LIST_NAME
switch(config
-route-map)# set weight 100
switch(config
-route-map)#
To configure the router as a BGP route reflector and configure the specified neighbor as its client, use the route-reflector-client command. To indicate that the neighbor is not a client, use the no form of this command.
BGP Neighbor address-family configuration mode
|
|
---|---|
All the neighbors configured with this command will be members of the client group and the remaining BGP peers will be members of the nonclient group for the local route reflector.
This example shows how to configure the local router as a route reflector to the neighbor at 192.168.0.1:
|
|
---|---|
Enters the router in address family configuration mode for configuring BGP routing sessions. |
|
To assign an autonomous system (AS) number to a router and enter the router BGP configuration mode, use the router bgp command. To remove an AS number assignment, use the no form of this command.
no router bgp as-num [. as-num ]
Address-family configuration mode
Neighbor address-family configuration mode
Router BGP configuration mode
|
|
---|---|
The as-num is the number for the local BGP speaker and allows you to create a unique identifier for the BGP process on the router.
This example shows how to configure a BGP process for autonomous system 120:
This example shows how to log neighbor changes for BGP in router configuration mode:
This example shows how to disable the BGP fast external fallover feature. If the link through which this session is carried flaps, the connection is not reset.
This example shows how all incoming updates from eBGP peers are examined to ensure that the first autonomous system number in the AS_PATH is the local AS number of the transmitting peer. The updates from the 10.100.0.1 peer are discarded if the first AS number is not 65001.
|
|
---|---|
To configure a routing process and enter router configuration mode for Enhanced Interior Gateway Routing Protocol (EIGRP), use the router eigrp command. To turn off the EIGRP routing process, use the no form of this command.
Name of an EIGRP instance. The instance-tag can be any case-sensitive, alphanumeric string up to 20 characters. |
|
|
---|---|
This example shows how to configure a routing process for EIGRP:
|
|
---|---|
Configures the default metric for routes redistributed into EIGRP. |
|
To configure an Open Shortest Path First (OSPF) routing instance, use the router ospf command. To terminate an OSPF routing process, use the no form of this command.
|
|
---|---|
This example shows how to configure a basic OSPF instance:
This example shows how to delete an OSPF instance:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To configure the Routing Information Protocol (RIP) routing process, use the router rip command. To turn off the RIP routing process, use the no form of this command.
|
|
---|---|
This example shows how to begin the RIP routing process:
|
|
To configure a router ID for an Enhanced Interior Gateway Routing Protocol (EIGRP) process, use the router-id command. To cause the software to use the default method of determining the router ID, use the no form of this command.
Unique 32-bit router ID value specified in four-part, dotted-decimal notation. |
If this command is not configured, EIGRP chooses an IPv4 address as the router ID from one of its interfaces.
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Configuring a router ID ensures that EIGRP can function regardless of the interface address configuration.
This example shows how to assign the IP address of 192.0.2.1 to the EIGRP process 1:
|
|
---|---|
To use a fixed router ID for an Open Shortest Path First (OSPF) instance, use the router-id command. To revert to the previous OSPF router ID behavior, use the no form of this command.
If this command is not configured, OSPF chooses an IPv4 address as the router ID from one of its interfaces.
|
|
---|---|
Configuring a router ID ensures that EIGRP can function regardless of the interface address configuration.
If this command is used on an OSPF instance that has neighbors, OSPF uses the new router ID at the next reload or at a restart of OSPF.
This example shows how to configure the router ID:
|
|
---|---|
To set the virtual routing and forwarding (VRF) scope for all EXEC commands, use the routing-context vrf command. To return to the default setting, use the no form of this command.
no routing-context vrf vrf-name
Name of the VRF instance. The name can be any case-sensitive, alphanumeric string up to 32 characters. |
|
|
---|---|
This feature automatically restricts the scope of the output of EXEC commands to the configured VRF. You can override this scope by using the VRF keywords available for some EXEC commands.
This example shows how to limit EXEC commands to the management VRF:
|
|
---|---|
To send the Border Gateway Protocol (BGP) community attribute to a peer, use the send-community command. To revert to the defaults, use the no form of this command.
no send-community [ extended ]
BGP neighbor address-family configuration mode
|
|
---|---|
Before you use this command, you must configure BGP communities using the set community command.
This example shows how to configure the router to send the community attribute to the neighbor 192.168.1.3:
|
|
---|---|
To modify an autonomous system path (as-path) for BGP routes, use the set as-path command. To not modify the autonomous system (AS) path, use the no form of this command.
set as-path { tag | { prepend as-num [... as-num ] | last-as num }}
no as-path { tag | { prepend as-num [... as-num ] | last-as num }}
|
|
---|---|
Once you enter route-map configuration mode, you can enter the set command.
The only global BGP metric available to influence the best path selection is the autonomous system path length. By varying the length of the autonomous system path, a BGP speaker can influence the best-path selection by a peer further away.
By allowing you to convert the tag into an autonomous system path, the set as-path tag variation of this command modifies the autonomous system length. The set as-path prepend variation allows you to prepend an arbitrary autonomous system path string to BGP routes. Usually, the local autonomous system number is prepended multiple times, increasing the autonomous system path length.
This example shows how to convert the tag of a redistributed route into an autonomous system path:
switch(config
)# route-map test1
switch(config
-route-map)# set as-path tag
switch(config
-route-map)#
This example shows how to prepend 100 to all the routes advertised to 10.108.1.1:
switch(config
)# route-map test1
switch(config
-route-map)# match as-path 1
switch(config
-route-map)# set as-path prepend 100
switch(config
)# router bgp 64496
switch(config
-router)# neighbor 10.108.1.1 remote-as 64497
switch(config
-router-neighbor)# address-family ipv4 unicast
switch(config
-router-neighbor-af)# route-map set-as-path test1 out
switch(config
-router-neighbor-af)#
To remove communities from the community attribute of an inbound or outbound update, use the set comm-list delete command. To remove a previous set comm-list delete command, use the no form of this command.
set comm-list community-list-name delete
Standard or expanded community list name. The name is any alphanumeric string up to 63 characters. |
|
|
---|---|
This set command removes communities from the community attribute of an inbound or outbound update using a route map to filter and determine the communities to be deleted. Depending upon whether the route map is applied to the inbound or outbound update for a neighbor, each community that passes the route map permit clause and matches the given community list is removed from the community attribute being received from or sent to the Border Gateway Protocol (BGP) neighbor.
Each entry of a standard community list should list only one community when used with the set comm-list delete command. For example, in order to be able to delete communities 10:10 and 10:20, you must use the following format to create the entries:
The following format for a community list entry, while acceptable otherwise, does not work with the set comm-list delete command:
When both the set community community-number and set comm-list delete commands are configured in the same sequence of a route map attribute, the deletion operation (set comm-list delete) is performed before the set operation (set community community-number).
This example shows how to remove communities from the community attribute of an inbound or outbound update:
switch(config
)# route-map test1
switch(config
-route-map)# match as-path 1
switch(config
-route-map)# set comm-list list1 delete
switch(config
-route-map)#
To set the Border Gateway Protocol (BGP) communities attribute, use the set community command. To delete the entry, use the no form of this command.
set community { none | { aa : nn [... aa : nn ] | additive | no-advertise | no-export }}
no set community { none | { aa : nn | additive | no-advertise | no-export }}
|
|
---|---|
You must have a match clause (even if it points to a “permit everything” list) if you want to set tags.
Use the route-map global configuration command and the match and set route map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The set route map configuration commands specify the redistribution set actions to be performed when all of the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
This example shows how to configure the routes that pass the autonomous system path access list 1 to have the community set to 109:02 and 33:40. Routes that pass the autonomous system path access list 2 have the community set to no-export (these routes are not advertised to any external BGP [eBGP] peers).
switch(config)#
route-map test1 10 permit
switch(config
-route-map)# match as-path 1
switch(config
-route-map)# set community 109:02 33:40
switch(config
-route-map)# exit
switch(config)#
route-map test1 20 permit
switch(config
-route-map)# match as-path 2
switch(config
-route-map)# set community no-export
switch(config
-route-map)#
|
|
Defines the conditions for redistributing routes from one routing protocol into another. |
|
Removes communities from the community attribute of an inbound or outbound update. |
|
To set the Border Gateway Protocol (BGP) route dampening factors, use the set dampening command. To disable this function, use the no form of this command.
set dampening half-life reuse suppress max-suppress-time
|
|
---|---|
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
When a BGP peer is reset, the route is withdrawn and the flap statistics cleared. In this instance, the withdrawal does not incur a penalty even though route flap dampening is enabled.
This example sets the half life to 30 minutes, the reuse value to 1500, the suppress value to 10000, and the maximum suppress time to 120 minutes:
switch(config)#
route-map test1 10 permit
switch(config
-route-map)# set dampening 30 1500 10000 120
switch(config
-route-map)#
To set the Border Gateway Protocol (BGP) extended communities attribute, use the set extcommunity command. To delete the entry, use the no form of this command.
set extcommunity { none | { generic { transitive | nontransitive } aa4 : nn [... aa4 : nn ] } | additive }
no set extcommunity { none | { generic { transitive | nontransitive } aa4 : nn [... aa4 : nn ] } | additive }
|
|
---|---|
You must have a match clause in a route map (even if it points to a “permit everything” list) if you want to use set commands.
The set commands specify the set actions to be performed when all of the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
This example shows how to configure a route map that sets the extended community to 1.5:
switch(config)#
route-map test1 10 permit
switch(config
-route-map)# match as-path 1
switch(config
-route-map)# set extcommunity generic transitive 1.5
switch(config
-route-map)# exit
switch(config
-route-map)#
|
|
Defines the conditions for redistributing routes from one routing protocol into another. |
|
Configures BGP to propagate community attributes to BGP peers. |
|
To remove extended communities from the extended community attribute of an inbound or outbound Border Gateway Protocol (BGP) update, use the set extcomm-list delete command. To remove a previous set extcomm-list delete command, use the no form of this command.
set extcomm-list community-list-name delete
Standard or expanded extended community list name. The name is any alphanumeric string up to 63 characters. |
|
|
---|---|
You must have a match clause in a route map (even if it points to a “permit everything” list) if you want to use set commands.
The set commands specify the set actions to be performed when all of the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
When you configure both the set extcommunity community-number and set ext comm-list delete commands in the same sequence of a route map attribute, the deletion operation (set extcomm-list delete) is performed before the set operation (set extcommunity community-number).
This example shows how to remove extended communities from the extended community attribute of an inbound or outbound update:
switch(config
)# route-map test1
switch(config
-route-map)# match as-path 1
switch(config
-route-map)# set extcomm-list list1 delete
switch(config
-route-map)#
|
|
---|---|
To set the Open Shortest Path First (OSPF) forwarding address for redistributed type-5 Link State Advertisements (LSAs), use the set forwarding-address command. To remove the address, use the no form of this command.
|
|
---|---|
This command is used by the OSPF to set the forwarding address for the redistributed type-5 LSAs. The value of the forwarding address specified by the autonomous system boundary router (ASBR) can be either 0.0.0.0 or nonzero. The 0.0.0.0 address indicates that the originating router (the ASBR) is the next hop.
If the ASBR redistributes routes and OSPF is not enabled on the next hop interface for those routes, the forwarding address is set to 0.0.0.0.
All of the following conditions must be met to set the forwarding address field to a nonzero address:
For all other conditions, set the forwarding address to 0.0.0.0.
This example shows how to set the forwarding address:
switch(config)#
route-map test1 10 permit
switch(config
-route-map)# set forwarding-address
switch(config
-route-map)#
To use a route-map to set the next-hop as peer-address and apply on the outbound Border Gateway Protocol (BGP) advertisements, use the set ip next-hop peer-address command. To remove the next-hop configuration, use the no form of this command.
no set ip next-hop peer-address
|
|
When you use the set ip next-hop peer-address command, the next-hop will change for route reflector clients to the self IP address.
|
|
---|---|
Creates a route map and enters the route-map configuration mode. |
To indicate where to import routes, use the set level command. To delete an entry, use the no form of this command.
set level { level-1 | level-2 | level-1-2 }
no set level { level-1 | level-2 | level-1-2 }
|
|
---|---|
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The set route-map configuration commands specify the redistribution set actions to be performed when all the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
This example shows how to import the routes into the Level 1 area:
|
|
---|---|
Defines the conditions for redistributing routes from one routing protocol to another. |
To specify a preference value for the autonomous system path, use the set local-preference command. To delete an entry, use the no form of this command.
set local-preference number-value
no set local-preference number-value
Preference value. The range is from 0 to 4294967295. The default is 100. |
|
|
---|---|
The preference is sent only to all routers in the local autonomous system.
You must have a match clause (even if it points to a “permit everything” list) if you want to set tags.
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The set route-map configuration commands specify the redistribution set actions to be performed when all the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
You can change the default preference value with the bgp default local-preference command.
This example shows how to set the local preference to 100 for all routes that are included in access list 1:
To set the metric value for a routing protocol, use the set metric command. To return to the default metric value, use the no form of this command.
set metric [ + | - ] bandwidth-metric
set metric bandwidth-metric [ delay-metric reliability-metric load-metric mtu ]
|
|
---|---|
Note We recommend that you consult your Cisco technical support representative before changing the default value.
When you confiture the reliability-metric and the load-metric arguments, 255 means 100 percent reliability.
Use the + or - keywords to modify the existing delay metric value. You can modify only the delay metric with these keywords.
Use the route-map global configuration command and the match and set route-map configuration command to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The set route-map configuration commands specify the redistribution set actions to be performed when all the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
This example shows how to set the bandwith metric value for the routing protocol to 100:
This example shows how to increase the bandwith metric value for the routing protocol by 100:
|
|
---|---|
Defines the conditions for redistributing routes from one routing protocol into another. |
To set the metric type for the destination routing protocol, use the set metric-type command. To return to the default, use the no form of this command.
set metric-type { internal | type-1 | type-2 }
no set metric-type { internal | type-1 | type-2 }
Specifies the Interior Gateway Protocol (IGP) metric as the multi-exit discriminator (MED) for BGP. |
|
Specifies the Open Shortest Path First (OSPF) external Type 1 metric. |
|
|
|
---|---|
Use the route-map global configuration command with match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The set route-map configuration commands specify the redistribution set actions to be performed when all the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
Note This command is not supported for redistributing routes into Border Gateway Protocol (BGP).
This example shows how to set the metric type of the destination protocol to OSPF external Type 1:
To set the Border Gateway Protocol (BGP) origin code, use the set origin command. To delete the entry, use the no form of this command.
set origin { egp as-num [: as-num ] | igp | incomplete }
|
|
---|---|
You must have a match clause (even if it points to a “permit everything” list) if you want to set tags.
Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The set route-map configuration commands specify the redistribution set actions to be performed when all of the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
This example shows how to set the origin of routes that pass the route map to IGP:
Use the set path-selection all advertise command in route-map configuration mode to advertise all BGP paths as additional paths to peers if the receive capability is enabled. To reset to the default, use the no form of this command.
set path-selection all advertise
no set path-selection all advertise
Route-map configuration (config-route-map)
|
|
---|---|
Use the set path-selection all advertise command to advertise all BGP paths as additional paths to peers if the receive capability is enabled with the capability additional-paths receive command.
This command selects all BGP paths with a unique next hop as candidates to advertise to BGP peers; paths with a duplicate next hop are not considered.
The following example shows how to set the advertising of additional paths in a route map:
To set a tag value of the destination routing protocol, use the set tag command. To delete the entry, use the no form of this command.
Name for the tag. The value is an integer from 0 to 4294967295. |
If not specified, the default action is to forward the tag in the source routing protocol onto the new destination protocol.
|
|
---|---|
Use the route-map global configuration command and the match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The set route-map configuration commands specify the redistribution set actions to be performed when all the match criteria of a route map are met. When all match criteria are met, all set actions are performed.
This example shows how to set the tag value of the destination routing protocol to 5:
To specify the Border Gateway Protocol (BGP) weight for the routing table, use the set weight command. To delete an entry, use the no form of this command.
|
|
---|---|
The implemented weight is based on the first matched autonomous system path. Weights indicated when an autonomous system path is matched override the weights assigned by global neighbor commands.
This example shows how to set the BGP weight for the routes that match the autonomous system path access list to 200:
To shut down an instance of the Border Gateway Protocol (BGP) without removing the configuration, use the shutdown command. To disable this function, use the no form of this command.
|
|
---|---|
This example shows how to disable BGP 64496:
|
|
---|---|
To shut down an instance of Enhanced Interior Gateway Routing Protocol (EIGRP) without removing the configuration, use the shutdown command. To disable this function, use the no form of this command.
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to disable eigrp 209:
|
|
---|---|
To stop an Open Shortest Path First (OSPF) instance without removing the configuration, use the shutdown command. To start a stopped OSPF instance, use the no form of this command.
Router configuration mode
VRF configuration mode
|
|
---|---|
The shutdown command is displayed in the running configuration file when enabled.
This example shows how to stop an active OSPF instance:
|
|
---|---|
To disable a Virtual Router Redundancy Protocol (VRRP) configuration, use the shutdown command. To enable a VRRP configuration, use the no form of this command.
|
|
---|---|
Shut down the virtual router before configuring the virtual router parameters; you can only configure the virtual router after it is in the administrative shut down state. Enter the no shutdown command to update the virtual router state after completing configuration.
This example shows how to shut down a VRRP group:
|
|
---|---|
Clears all the software counters for the specified virtual router. |
To configure the switch software to start storing Border Gateway Protocol (BGP) peer updates, use the soft-reconfiguration inbound command. To not store received updates, use the no form of this command.
no soft-reconfiguration inbound
Neighbor address-family configuration mode
|
|
---|---|
Entering this command starts the storage of updates, which is required to do inbound soft reconfiguration.
To use soft reconfiguration, or soft reset, without preconfiguration, both BGP peers must support the soft route refresh capability.
This example shows how to configure the soft reconfiguration on the neighbor at 192.168.0.1:
|
|
---|---|
Enters the router in address family configuration mode for configuring BGP routing sessions. |
|
To configure a router as a stub using the Enhanced Interior Gateway Routing Protocol (EIGRP), use the stub command. To disable the EIGRP stub routing feature, use the no form of this command.
stub [ direct | leak-map map-name | receive-only | redistributed ]
no stub [ direct | leak-map map-name | receive-only | redistributed ]]
(Optional) Advertises directly connected routes. This is enabled by default. |
|
(Optional) Advertises redistributed routes from other protocols and autonomous systems. |
Address-family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
The receive-only keyword restricts the router from sharing any of its routes with any other router in that EIGRP autonomous system, and the receive-only keyword does not permit any other option to be specified because it prevents any type of route from being sent.
The redistributed keyword permits EIGRP stub routing to send other routing protocols and autonomous systems. Without the configuration of this option, EIGRP does not advertise redistributed routes.
If you use any of these four keywords (direct, leak-map, receive-only, redistributed) with the stub command, only the route types specified by the particular keyword(s) are advertised.
This example shows how to configure the router as a receive-only neighbor:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To create aggregate addresses for the Open Shortest Path First (OSPF) protocol, use the summary-address command. To return to the default, use the no form of this command.
summary-address ip-prefix / length [ not-advertise ] [ tag tag ]
no summary-address ip-prefix / length [ not-advertise ] [ tag tag ]
|
|
---|---|
The metric used to advertise the summary is the smallest metric of all the more specific routes.
Use this command to help reduce the size of the routing table and allow an OSPF Autonomous System Boundary Router (ASBR) to advertise one external route as an aggregate for all redistributed routes that are covered by the address.
This example shows how to configure the summary address 192.0.0.0 to include address 192.0.1.0, 192.0.2.0, 192.0.3.0, and so on. Only the address 192.0.0.0 is advertised in an external link-state advertisement.
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To advertise the active routes to a Border Gateway Protocol (BGP) peer only, use the suppress-inactive command. To remove the restriction, use the no form of this command. To return to the default setting, use the default form of this command.
BGP advertises routes to a peer as soon as they are installed in the local routing table, even if the routes are not the active routes in the table.
Neighbor address-family configuration mode
|
|
---|---|
This example shows how to create a summary address. The path advertised for this route is an autonomous system set consisting of all elements contained in all paths that are being summarized.
suppress-inactive
|
|
To create a peer template and enter a peer template configuration mode, use the template command. To remove a peer template, use the no form of this command.
template { peer name | peer-policy name | peer-session name }
no template { peer name | peer-policy name | peer-session name }
Neighbor address-family configuration mode
Router bgp configuration mode
|
|
---|---|
This command allows you to enable a set of predefined attributes that a neighbor inherits.
Note A Border Gateway Protocol (BGP) neighbor cannot be configured to work with both peer groups and peer templates. A BGP neighbor can be configured to belong to a peer group or to inherit policies from peer templates only.
Peer templates support only general policy commands. BGP policy configuration commands that are configured only for specific address families or NLRI configuration modes are configured with peer templates.
General session commands can be configured once in a peer-session template and then applied to many neighbors through the direct application of a peer-session template or through indirect inheritance from a peer-session template. The configuration of peer-session templates simplify the configuration of general session commands that are commonly applied to all neighbors within an autonomous system.
This example shows how to create a peer-session template named CORE1. This example inherits the configuration of the peer-session template named INTERNAL-BGP.
This example shows how to create and configure a peer-policy template named CUSTOMER-A:
This example shows that the maximum prefixes that are accepted from the 192.168.1.1 neighbor is set to 1000:
This example shows that the maximum number of prefixes that are accepted from the 192.168.2.2 neighbor is set to 5000. The router is also configured to display warning messages when 50 percent of the maximum-prefix limit (2500 prefixes) has been reached.
This example shows that the maximum number of prefixes that are accepted from the 192.168.3.3 neighbor is set to 2000. The router is also configured to reestablish a disabled peering session after 30 minutes.
This example shows that the warning messages are displayed when the maximum-prefix limit (500) for the 192.168.4.4 neighbor is exceeded:
This example forces all updates destined for 10.108.1.1 to advertise this router as the next hop:
This example shows that the router belongs to autonomous system 109 and is configured to send the communities attribute to its neighbor at IP address 182.168.0.23:
This example shows that the router belongs to autonomous system 109 and is configured to send the communities attribute to its neighbor at IP address 182.167.0.23:
This example enables inbound soft reconfiguration for the neighbor 192.168.0.1. All the updates received from this neighbor are stored unmodified, regardless of the inbound policy. When inbound soft reconfiguration is done later, the stored information is used to generate a new set of inbound updates.
|
|
---|---|
Enters the address family mode for the Border Gateway Protocol (BGP). |
|
Enters the assign an autonomous system (AS) number to a router and enters the router BGP configuration mode |
To test the forwarding distribution performance of the Forwarding Information Base (FIB), use the test forwarding distribution perf command.
test forwarding distribution perf
|
|
---|---|
This example shows how to test the forwarding distribution performance:
|
|
---|---|
To trigger the Layer 3 inconsistency checker for the Forwarding Information Base (FIB), use the test forwarding inconsistency command.
test forwarding inconsistency [ ip | ipv4 ] [ unicast ] [ vrf vrf-name ] [ module { slot | all }] [ stop ]
|
|
---|---|
This example shows how to trigger the Layer 3 inconsistency checker for all modules:
This example shows how to stop the Layer 3 inconsistency checker for all modules:
|
|
---|---|
To set a threshold percentage for a tracked object in a list of objects, use the threshold percentage command. To disable the threshold percentage, use the no form of this command.
threshold percentage { up number [ down number ] | down number [ up number ]}
|
|
---|---|
When you configure a tracked list using the track object-number list command, there are two keywords available: boolean and threshold. If you specify the threshold keyword, you can specify either the percentage or weight keywords. If you specify the percentage keyword, the weight keyword is unavailable. If you specify the weight keyword, the percentage keyword is unavailable.
You should configure the up percentage first. The valid range is from 1 to 100. The down percentage depends on what you have configured for up. For example, if you configure 50 percent for up, you see a range from 0 to 49 percent for down.
This example shows how to configure the tracked list 11 to measure the threshold using an up percentage of 50 and a down percentage of 32:
|
|
---|---|
Sets a threshold weight for a tracked object in a list of objects. |
|
Specifies a list of objects to be tracked and the thresholds to be used for comparison. |
To set a threshold weight for a tracked object in a list of objects, use the threshold weight command. To disable the threshold weight, use the no form of this command.
threshold weight { up number [ down number ] | down number [ up number ]}
|
|
---|---|
When you configure a tracked list using the track object-number list command, there are two keywords available: boolean and threshold. If you specify the threshold keyword, you can specify either the percentage or weight keywords. If you specify the percentage keyword, the weight keyword is unavailable. If you specify the weight keyword, the percentage keyword is unavailable.
You should configure the up weight first. The valid range is from 1 to 255. The available down weight depends on what you have configured for the up weight. For example, if you configure 25 for up, you will see a range from 0 to 24 for down.
This example shows how to configure the tracked list 12 to measure a threshold using a specified weight:
|
|
---|---|
Sets a threshold percentage for a tracked object in a list of objects. |
|
Specifies a list of objects to be tracked and the thresholds to be used for comparison. |
To adjust the Enhanced Interior Gateway Routing Protocol (EIGRP) time limit for the active state, use the timers active-time command. To disable this function, use the no form of the command.
timers active-time [ time-limit | disabled ]
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Use this command to control the time that the router waits (after a query is sent) before declaring the route to be in the stuck in active (SIA) state.
This example shows how to configure an indefinite routing wait time on the specified EIGRP route:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To adjust the Routing Information Protocol (RIP) network timers, use the timers basic command. To restore the default timers, use the no form of this command.
timers basic update invalid holddown flush
update : 30 seconds
invalid : 180 seconds
holddown : 180 seconds
flush : 240 seconds
Router address-family configuration mode
|
|
---|---|
You can modify the basic timing parameters for RIP. These timers must be the same for all routers and servers in the network.
Note You can view the current and default timer values by using the show ip protocols command.
This example shows how to set updates to broadcast every 5 seconds. If Cisco NX-OS does not hear from a router in 15 seconds (the invalid time), it declares the route as unusable. Cisco NX-OS suppresses further information for an additional 15 seconds (the holddown time). At the end of the suppression period, Cisco NX-OS flushes the route from the routing table.
|
|
Displays a summary of RIP information for all RIP instances. |
To set the minimum interval in which the software accepts the same link-state advertisement (LSA) from Open Shortest Path First (OSPF) neighbors, use the timers lsa-arrival command. To return to the default, use the no form of this command.
timers lsa-arrival milliseconds
Minimum delay (in milliseconds) that must pass between acceptance of the same LSA arriving from neighbors. The range is from 10 to 600,000 milliseconds. The default is 1000 milliseconds. |
Router configuration mode
VRF configuration mode
|
|
---|---|
Use this command to configure the minimum interval for accepting the same LSA. The same LSA is an LSA instance that contains the same LSA ID number, LSA type, and advertising router ID. If an instance of the same LSA arrives sooner than the interval that is set, the software drops the LSA.
We recommend that you keep the milliseconds value of the timers lsa-arrival command less than or equal to the neighbors’ hold-interval value of the timers throttle lsa command.
This example shows how to set the minimum interval for accepting the same LSA at 2000 milliseconds:
|
|
---|---|
To change the interval at which Open Shortest Path First (OSPF) link-state advertisements (LSAs) are collected into a group and refreshed, checksummed, or aged, use the timers lsa-group-pacing command. To return to the default, use the no form of this command.
timers lsa-group-pacing seconds
Time (in seconds) in the interval in which LSAs are grouped and refreshed, checksummed, or aged. The range is from 1 to 1800 seconds. The default value is 240 seconds. |
The default interval for this command is 240 seconds. OSPF LSA group pacing is enabled by default.
Router configuration mode
VRF configuration mode
|
|
---|---|
Use this command to control the rate at which LSA updates occur and reduce the high CPU or buffer utilization that can occur when an area is flooded with a very large number of LSAs. The default settings for OSPF packet pacing timers are suitable for the majority of OSPF deployments. Do not change the packet pacing timers unless you have tried all other options to meet OSPF packet flooding requirements. You should try summarization, stub area usage, queue tuning, and buffer tuning before changing the default flooding timers. There are no guidelines for changing timer values; each OSPF deployment is unique and should be considered on a case-by-case basis.
Cisco NX-OS groups the periodic refresh of LSAs to improve the LSA packing density for the refreshes in large topologies. The group timer controls the interval used for group refreshment of LSAs; however, this timer does not change the frequency that individual LSAs are refreshed (the default refresh rate is every 30 minutes).
The duration of the LSA group pacing is inversely proportional to the number of LSAs that the router is handling. For example, if you have about 10,000 LSAs, you should decrease the pacing interval. If you have a very small database (40 to 100 LSAs), you should increase the pacing interval to 10 to 20 minutes.
This example shows how to configure OSPF group packet-pacing updates between LSA groups to occur in 60-second intervals for OSPF routing process 1:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To adjust the time limit for nonstop forwarding (NSF) convergence for the Enhanced Interior Gateway Routing Protocol (EIGRP), use the timers nsf converge command. To disable this function, use the no form of the command.
Time limit for convergence after an NSF switchover (in seconds). The range is from 60 to 180 seconds. The default value is 120. |
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
This example shows how to configure the NSF convergence time for EIGRP:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To set the timer that determines how long an NSF-aware Enhanced Interior Gateway Routing Protocol (EIGRP) router holds routes for an inactive peer, use the timers nsf route-hold command. To return the route hold timer to the default value, use the no form of this command.
Time, in seconds, that EIGRP holds routes for an inactive peer. The range is from 20 to 300 seconds. The default is 240. |
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Use this command to set the maximum period of time that the NSF-aware router holds known routes for an NSF-capable neighbor during a switchover operation or a well-known failure condition. The route hold timer is configurable so that you can tune network performance and avoid undesired effects, such as “black holing” routes (advertising invalid routes) if the switchover operation takes too much time. When this timer expires, the NSF-aware router scans the topology table and discards any stale routes, allowing EIGRP peers to find alternate routes instead of waiting during a long switchover operation.
This example shows how to set the route hold timer value for an NSF-aware router to 2 minutes (120 seconds):
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To set the time limit to signal a nonstop forwarding (NSF) restart for the Enhanced Interior Gateway Routing Protocol (EIGRP), use the timers nsf signal command. To return the route hold timer to the default, use the no form of this command.
Time, in seconds, that EIGRP waits for a peer to signal an NSF restart. The range is from 10 to 360 seconds. |
Address family configuration mode
Router configuration mode
Router VRF configuration mode
|
|
---|---|
Use this command to set the maximum period of time that the NSF-aware router waits for an NSF-capable neighbor to signal a restart.
This example shows how to set the signal timer value for an NSF-aware router to the maximum (30 seconds):
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
To set rate-limiting values for Open Shortest Path First (OSPF) link-state advertisement (LSA) generation, use the timers throttle lsa command. To return to the default values, use the no form of this command.
timers throttle lsa start-time hold-interval max-time
start-time: 0 milliseconds
hold-interval: 5000 milliseconds
max-time: 5000 milliseconds
Router configuration mode
VRF configuration mode
|
|
---|---|
This example shows how to customize OSPF LSA throttling:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Sets the minimum interval at which the software accepts the same LSA from OSPF neighbors. |
To set the shortest-path first (SPF) best-path schedule initial delay time and the minimum hold between SPF best-path calculation for Open Shortest Path First (OSPF), use the timers throttle spf command. To turn off SPF throttling, use the no form of this command.
timers throttle spf spf-start spf-hold spf-max-wait
no timers throttle spf spf-start spf-hold spf-max-wait
Router configuration mode
VRF configuration mode
|
|
---|---|
The first wait interval between SPF calculations is the amount of time in milliseconds specified by the spf-start argument. Each consecutive wait interval is two times the current hold level in milliseconds until the wait time reaches the maximum time in milliseconds as specified by the spf-maximum argument. Subsequent wait times remain at the maximum until the values are reset or an LSA is received between SPF calculations.
This example shows how to configure a router configured with the start, hold, and maximum interval values for the timers throttle spf command set at 5, 1,000, and 90,000 milliseconds:
|
|
---|---|
Saves the configuration changes to the startup configuration file. |
|
Sets the minimum interval at which the software accepts the same LSA from OSPF neighbors. |
|
To modify the priority for a virtual router based on a tracked object, use the track command. To disable priority tracking for a virtual router, use the no form of this command.
track object-number [ decrement value ]
no track object-number [ decrement value ]
Number for a configured tracked object. The range is from 1 to 500. |
|
(Optional) Decrements the VRRP priority if the tracked object is down. The range is from 1 to 254. |
|
|
---|---|
When the tracked object is down, the priority reverts to the priority value for the virtual router. When the tracked object is up, the priority of the virtual router is restored to the original value.
This example shows how to enable object tracking for a virtual router:
|
|
---|---|
Tracks the state of an interface and modifies the VRRP priority if that interface state goes down. |
|
To configure object tracking on an interface, use the track interface command. To remove the object tracking for this interface, use the no form of this command.
track object-id interface { ethernet slot / port | loopback if_number | port-channel number } { ip routing | line-protocol }
|
|
---|---|
Use this command to track the line protocol status or IPv4 routing state of an interface. This command enters the object tracking command mode. Use the vrf member command in object tracking configuration mode to track objects in a nondefault VRF.
This example shows how to track the IP routing state on interface Ethernet 1/2:
|
|
---|---|
To track the priority for a virtual router based on an interface, use the track interface command. To disable priority tracking for a virtual router, use the no form of this command.
track interface { ethernet slot / port | port-channel number [. sub_if_number ]} priority value
no track interface { ethernet slot / port | port-channel number [. sub_if_number ]} priority value
|
|
---|---|
Use this command to change the priority of the virtual router based on the state of another interface in the switch. When the tracked interface is down, the priority reverts to the priority value for the virtual router. When the tracked interface is up, the priority of the virtual router is restored to the interface state tracking value.
Note Interface state tracking will not be operational unless you enable preemption on the interface.
This example shows how to enable interface state tracking for a virtual router:
|
|
---|---|
To configure object tracking on an IP route, use the track ip route command. To remove the object tracking for this route, use the no form of this command.
track object-id ip route ip-prefix / length reachability
Prefix of route to track. The IP prefix is in dotted decimal format (X.X.X.X). The length can be from 1 to 32. |
|
|
|
---|---|
Use the vrf member command in object tracking configuration mode to track objects in a nondefault VRF.
This example shows how to track an IP route:
|
|
---|---|
To configure object tracking on an object list, use the track list command. To remove the object tracking for this object list, use the no form of this command.
track object-id list boolean { and | or }
track object-id list threshold { percentage | weight }
|
|
---|---|
Use the track list command to create a list of objects to combine into one tracked state. Use the boolean and keywords to combine the tracked objects as an AND function (that is, all objects must be up for the track list to be up). Use the boolean or keywords to combine the tracked objects as an OR (that is if any object is up, the tracked state is up).
This example shows how to create a track list of two objects and AND their state:
This example shows how to configure a track list with an up threshold of 70 percent and a down threshold of 30 percent:
This example shows how to configure a track list with an up weight threshold of 30 and a down threshold of 10:
In this example, the track list is up if object 10 and object 20 are up, and the track list goes to the down state if all three objects are down.
|
|
---|---|
To set the estimated time required to end a link-state update packet on the interface, use the transmit-delay command. To return to the default, use the no form of this command.
Time (in seconds) required to send a link-state update. The range is from 1 to 65535 seconds. The default is 1 second. |
Virtual interface configuration mode
|
|
---|---|
This example sets the retransmit delay value to 3 seconds:
|
|
---|---|
Displays parameters and the current state of OSPF virtual links. |
To create a virtual routing and forwarding (VRF) instance and enter VRF configuration mode, use the vrf context command. To remove a VRF entry, use the no form of this command.
vrf context { name | management }
no vrf context { name | management }
Name of the VRF. The name can be a maximum of 32 alphanumeric characters and is case sensitive. |
|
|
|
---|---|
When you enter the VRF configuration mode, the following commands are available:
Additional commands available in IP configuration mode:
– domain-list —Adds additional domain names.
– domain-lookup —Enables or disables DNS lookup.
– domain-name —Specifies the default domain name.
– host —Adds an entry to the IP hostname table.
– name-server —Specifies the IP address of a DNS name server.
– route —Adds route information by specifying IP addresses of the next hop servers.
This example shows how to enter VRF context mode:
switch(config)#
vrf context management
switch(config-vrf)#
|
|
---|---|
To create a virtual routing and forwarding (VRF) instance or enter the VRF configuration mode and configure submode commands, use the vrf command. To remove a VRF instance or disable the VRF configuration mode, use the no form of this command.
Name of the VRF. The name can be any case-sensitive, alphanumeric string up to 32 characters. |
|
Address-family configuration mode
Router configuration mode
VRF configuration mode
|
|
---|---|
The VRF does not become active until you create an identically named VRF in global configuration mode.
This example shows how to enter VRF configuration mode in a BGP environment:
This example shows how to enter VRF configuration mode in an OSPF environment:
|
|
---|---|
To create a virtual routing and forwarding instance (VRF) and enter VRF configuration mode, use the vrf context command. To remove a VRF entry, use the no form of this command.
vrf context { name | management }
no vrf context { name | management }
Name of the VRF. The name can be any case-sensitive, alphanumeric string up to 32 characters. |
|
|
|
---|---|
This example shows how to create a VRF context:
|
|
---|---|
To add an interface to a virtual routing and forwarding (VRF) instance or to configure object tracking on a VRF instance, use the vrf member command. To remove the object tracking for this route, use the no form of this command.
VRF name. The name can be any case-sensitive, alphanumeric string up to 32 characters. |
Interface configuration mode
Object tracking confiuration mode
|
|
---|---|
This example shows how to track an IP route in VRF Red:
This example shows how to add the Ethernet interface 1/5 to VRF RemoteOfficeVRF:
To create a Virtual Router Redundancy Protocol (VRRP) group on a particular Ethernet interface and assign a number to the VRRP group and enter VRRP configuration mode, use the vrrp command. To remove a VRRP group, use the no form of this command.
VRRP group number, which you can configure for a Gigabit Ethernet port, including the main interfaces and subinterfaces. The range is from 1 to 255. |
|
|
---|---|
You can configure VRRP only if its state is disabled. Make sure that you configure at least one IP address before you attempt to enable a virtual router.
This example shows how to create a VRRP group:
This example shows how to create a VRRP group and configure an IPv4 address for the group:
|
|
---|---|
Clears all the software counters for the specified virtual router. |
|