The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes the Cisco NX-OS unicast routing commands that begin with the letter P.
To suppress routing updates on an interface, use the passive-interface command. To revert to the default settings, use the no form of this command.
|
|
This example shows how to suppress routing updates on the interface:
This example shows how to remove the configuration for the routing updates suppression :
|
|
---|---|
To remove the passive-interface commands on the interface (if any) and return the interface to the default configuration, use the passive-interface default command.
passive-interface default {level-1 | level-1-2 | level-2}
Router configuration (config-router) mode
|
|
---|---|
This example shows how to remove the passive-interface commands on the interface and return the interface to the default configuration:
|
|
---|---|
Creates a new IS-IS instance and enters router configuration mode. |
To suppress Enhanced Interior Gateway Routing Protocol (EIGRP) hellos, use the passive-interface default command. To revert to the default, use the no form of this command.
|
|
---|---|
Suppressing the EIGRP hellos prevents neighbors from forming and sending routing updates on all EIGRP interfaces.
This example shows how to suppress EIGRP hellos:
|
|
---|---|
Creates a new IS-IS instance and enters router configuration mode. |
|
To configure IP packet verification, use the platform ip verify command. To return to default, use the no form of this command.
platform ip verify { checksum | fragment | tcp tiny-frag | version }
no platform ip verif y { checksum | fragment }
|
|
---|---|
This command was replaced by the hardware ip verify command. |
Use the platform ip verify command to configure packet verification tests on IPv4 and IPv6 packets based on checksum or fragments.
This example shows how to drop fragmented IPv4 or IPv6 packets:
|
|
---|---|
Configures IPv4 and IPv6 packet verification checks based on addresses. |
|
To packet verification on IP addresses, use the platform ip verify address command. To return to default, use the no form of this command.
platform ip verify address { destination zero | identical | reserved | source { broadcast | multicast }}
no platform ip verify address { destination zero | identical | reserved | source { broadcast | multicast }}
|
|
---|---|
This command was replaced by the hardware ip verify address command. |
Use the platform ip verify address command to configure packet verification tests on IPv4 and IPv6 packets based on addresses.
This example shows how to drop broadcast IPv4 packets:
|
|
---|---|
Configures IPv4 and IPv6 packet verification checks based on checksum or fragments. |
|
To configure IPv4 packet verification based on packet length, use the platform ip verify length command. To return to the default, use the no form of this command.
platform ip verify length { consistent | maximum { max-frag | max-tcp | udp } | minimum }
no platform ip verify length { consistent | maximum { max-frag | max-tcp | udp } | minimum }
|
|
---|---|
This command was replaced by the hardware ip verify length command. |
Use the platform ip verify length command to configure packet verification tests on IPv4 and IPv6 packets based on packet length
This example shows how to drop minimum-length IPv4 packets:
|
|
---|---|
Configures IPv4 packet verification checks based on checksum or fragments. |
|
Configures IPv4 and IPv6 packet verification checks based on addresses. |
|
To configure IPv6 packet verification, use the platform ipv6 verify command. To return to default, use the no form of this command.
platform ipv6 verify { length { consistent | maximum { max-frag | max-tcp | udp } | tcp tiny-frag | version }
no platform ip verify { checksum | fragment }
|
|
---|---|
This command was replaced by the hardware ipv6 verify command. |
Use the platform ipv6 verify command to configure packet verification tests on IPv6 packets.
This example shows how to drop all IPv4 packets:
|
|
---|---|
Configures IPv4 and IPv6 packet verification checks based on addresses. |
|
To configure the gateway to take over as active virtual gateway (AVG) for a Gateway Load Balancing Protocol (GLBP) group if it has a higher priority than the current AVG, use the glbp preempt command. To disable this feature, use the no form of this command.
Cisco NX-OS Release 4.1(3) and later syntax:
preempt [ delay minimum seconds ]
no preempt [ delay minimum seconds ]
Cisco NX-OS Release 4.1(2) and earlier syntax:
preempt [ delay minimum seconds ]
no preempt [ delay minimum seconds [ sync seconds ] ]
A GLBP gateway with a higher priority than the current AVG cannot assume the role of AVG.
The default delay value is 30 seconds.
|
|
---|---|
This example shows how to configure a router to preempt the current AVG when its priority of 254 is higher than the current AVG. If the router preempts the current AVG, it waits 60 seconds before assuming the role of AVG.
|
|
---|---|
To configure a preemption delay, use the preempt command. To disable this feature, use the no form of this command.
preempt [ delay {minimum min-delay | reload rel-delay | sync sync-delay }]
no preempt [ delay {minimum min-delay | reload rel-delay | sync sync-delay }]
Interface configuration or HSRP template mode
|
|
---|---|
This command does not require a license.
Specifying a minimum delay allows routing tables to be updated before a router becomes active. When a router first comes up, it does not have a complete routing table. A high-priority router will only delay preemption if it first receives a Hello packet from a low-priority active router. If the high-priority router does not receive a Hello packet from the low-priority active router when it is starting up, then it assumes there is no active router for the group and will become active as soon as possible.
This example shows how to configure a delay when a router becomes active when its priority is 110:
|
|
---|---|
To enable a high-priority backup virtual router to preempt the low-priority master virtual router, use the preempt command. To disable a high-priority backup virtual router from preempting the low-priority master virtual router, use the no form of this command.
|
|
---|---|
VRRP enables you to preempt a virtual router backup that has taken over for a failing virtual router master with a high-priority virtual router backup that has become available.
By default, a preemptive scheme is enabled. A backup high-priority virtual router that becomes available takes over for the backup virtual router that was elected to become the virtual router master. If you disable preemption, then the backup virtual router that is elected to become the virtual router master remains the master until the original virtual router master recovers and becomes the master again.
If the virtual IP address is also the IP address for the interface, then preemption is applied.
This example shows how to enable the backup high-priority virtual router to preempt the low-priority master virtual router:
Note This preemption does not apply to the primary IP address.
|
|
---|---|
Clears all the software counters for the specified virtual router. |
To exclude a VLAN from peer gateway, when a VLAN interface is used for Layer 3 backup routing on the virtual port-channel (vPC) peer devices and an F1 module is used as peer-link, use the vpc peer-gateway exclude-vlan command. To revert to the default settings, use the no form of this command.
peer-gateway exclude-vlan vlan-number
peer-gateway exclude-vlan vlan-number
VLAN number. The range is from 1 to 2499 and from 2628 to 4093. |
vPC configuration (config-vpc-domain)
|
|
Use the peer-gateway exclude-vlan command to configure a Layer 3 backup routing VLAN whenever you use the vPC peer-gateway feature.
If the vPC peer link is configured on a Cisco Nexus 32-port 1/10 Gigabit Ethernet (F1-Series) module (N7K-F132XP-15), then you must include the Layer 3 backup routing VLAN in the VLAN list specified by the vpc peer-gateway exclude command.
If the vPC peer link is configured on an M1 series module, then you should include the Layer 3 backup routing VLAN in the VLAN list specified by the vpc peer-gateway exclude command, but it is not required.
The peer-gateway functionality is not enabled for those VLANs specified in the exclude VLAN list. If no exclude VLAN list is specified, then this functionality is enabled for all VLANs.
The latest occurrence of this configuration overwrites all previous configurations.
The no vpc peer-gateway command also disables IP redirects on all VLANs.
This example shows how to exclude a VLAN from peer gateway:
This example shows how to disable the peer-gateway functionality:
|
|
---|---|
To set the priority level of the gateway within a Gateway Load Balancing Protocol (GLBP) group, use the priority command. To remove the priority level of the gateway, use the no form of this command.
Priority of the gateway within the GLBP group. The range is from 1 to 255. The default is 100. |
|
|
---|---|
Use the priority command to control which virtual gateway becomes the active virtual gateway (AVG). GLBP compares the priorities of all virtual gateways in the GLBP group and selects the gateway with the numerically highest priority as the AVG. If two virtual gateways have equal priority, GLBP selects the gateway with the highest IP address.
This example shows how to configure a virtual gateway with a priority of 254:
|
|
---|---|
Configures a gateway to take over as the AVG for a GLBP group if it has a higher priority than the current AVG. |
To set the priority level within a Hot Standby Router Protocol (HSRP) group, use the priority command. To remove the priority level, use the no form of this command.
priority level [ forwarding-threshold lower lower-value upper upper-value ]
no priority level [ forwarding-threshold lower lower-value upper upper-value ]
HSRP configuration or HSRP template mode
|
|
---|---|
Added support for forwarding-threshold, lower, and upper keywords. |
Use the priority command to control which virtual router becomes the active router. HSRP compares the priorities of all virtual routers in the HSRP group and selects the router with the numerically highest priority. If two virtual routers have equal priority, HSRP selects the router with the highest IP address.
This example shows how to configure a virtual router with a priority of 254:
|
|
---|---|
To set the priority for the Virtual Router Redundancy Protocol (VRRP), use the priority command. To revert to the default value, use the no form of this command.
priority level [ forwarding-threshold lower lower-value upper upper-value ]
no priority level [ forwarding-threshold lower lower-value upper upper-value ]
The default value is 100. For switches whose interface IP address is the same as the primary virtual IP address, the default value is 255.
|
|
---|---|
Added support for forwarding-threshold, lower, and upper keywords. |
The priority determines whether or not a VRRP router functions as a virtual router backup, the order of ascendancy for the VRRP router to become a virtual router master if the virtual router master fails, the role that each VRRP router plays, and what happens if the virtual router master fails.
If a VRRP router owns the IP address of the virtual router and the IP address of the physical interface, then this router will function as a virtual router master.
By default, a preemptive scheme is enabled. A backup high-priority virtual router that becomes available takes over for the backup virtual router that was elected to become the virtual router master. If you disable preemption, then the backup virtual router that is elected to become the virtual router master remains the master until the original virtual router master recovers and becomes the master again.
This example shows how to specify the priority for a virtual router:
|
|
---|---|
To shut down an Open Shortest Path First (OSPF) instance, use the protocol shutdown command. To disable this function, use the no form of this command.
Router configuration
Router VRF configuration
|
|
---|---|
Use the protocol shutdown command to configure disable an instance of OSPF without removing the configuration.
This example shows how to disable OSPF 209:
To shut down an Open Shortest Path First version 3 (OSPFv3) instance, use the protocol shutdown command. To disable this function, use the no form of this command.
Router configuration
Router VRF configuration
|
|
---|---|
Use the protocol shutdown command to configure disable an instance of OSPFv3 without removing the configuration.
This example shows how to disable OSPFv3 209: