Access and Communication Servers Command Reference
AppleTalk Routing Commands

Table Of Contents

AppleTalk Routing Commands

access-list additional-zones

access-list cable-range

access-list includes

access-list nbp

access-list network

access-list other-access

access-list other-nbps

access-list within

access-list zone

appletalk access-group

appletalk address

appletalk alternate-addressing

appletalk arp interval

appletalk arp retransmit-count

appletalk arp-timeout

appletalk aurp tickle-time

appletalk aurp update-interval

appletalk cable-range

appletalk checksum

appletalk client-mode

appletalk discovery

appletalk distribute-list in

appletalk distribute-list out

appletalk domain-group

appletalk domain hop-reduction

appletalk domain name

appletalk domain remap-range

appletalk eigrp-splithorizon

appletalk eigrp-timers

appletalk event-logging

appletalk free-trade-zone

appletalk getzonelist-filter

appletalk glean-packets

appletalk ignore-verify-errors

appletalk iptalk

appletalk iptalk-baseport

appletalk lookup-type

appletalk macip dynamic

appletalk macip server

appletalk macip static

appletalk name-lookup-interval

appletalk permit-partial-zones

appletalk pre-fdditalk

appletalk protocol

appletalk proxy-nbp

appletalk require-route-zones

appletalk route-cache

appletalk route-redistribution

appletalk routing

appletalk send-rtmps

appletalk static cable-range

appletalk static network

appletalk strict-rtmp-checking

appletalk timers

appletalk virtual-net

appletalk zip-query-interval

appletalk zip-reply-filter

appletalk zone

clear appletalk arp

clear appletalk neighbor

clear appletalk route

clear appletalk traffic

ping (user)

ping (privileged)

show appletalk access-lists

show appletalk adjacent-routes

show appletalk arp

show appletalk aurp events

show appletalk aurp topology

show appletalk cache

show appletalk domain

show appletalk eigrp neighbors

show appletalk eigrp topology

show appletalk globals

show appletalk interface

show appletalk macip-clients

show appletalk macip-servers

show appletalk macip-traffic

show appletalk name-cache

show appletalk nbp

show appletalk neighbors

show appletalk remap

show appletalk route

show appletalk sockets

show appletalk static

show appletalk traffic

show appletalk zone

show smrp forward

show smrp globals

show smrp group

show smrp neighbor

show smrp port

show smrp route

show smrp traffic

smrp protocol appletalk

smrp routing


AppleTalk Routing Commands


AppleTalk is a local-area network system that was designed and developed by Apple Computer, Inc. It can run over Ethernet, Token Ring, and FDDI networks, and over Apple's proprietary twisted-pair media access system (LocalTalk). AppleTalk specifies a protocol stack comprising several protocols that direct the flow of traffic over the network.

Apple Computer uses the name AppleTalk to refer to the Apple networking architecture. Apple refers to the actual transmission media used in an AppleTalk network as LocalTalk (Apple's proprietary twisted-pair transmission medium for AppleTalk), TokenTalk (AppleTalk over Token Ring), EtherTalk (AppleTalk over Ethernet), and FDDITalk (AppleTalk over Fiber Distributed Data Interface).

Use the commands in this chapter to configure and monitor AppleTalk networks. For AppleTalk configuration information and examples, refer to the "Configuring AppleTalk Routing" chapter in the Access and Communication Servers Configuration Guide .


Note   This chapter discusses routing functionality of your access server. For simplicity, we have used the term access server to indicate those servers which provide routing, and therefore act as routers.


access-list additional-zones

To define the default action to take for access checks that apply to zones, use the access-list additional-zones global configuration command.

access-list access-list-number {deny | permit} additional-zones

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if the conditions are matched.

permit

Permits access if the conditions are matched.


Default

No access lists are predefined.

Command Mode

Global configuration

Usage Guidelines

The access-list additional-zones command defines the action to take for access checks not explicitly defined with the access-list zone command. If you do not specify this command, the default action is to deny other access.

You apply access lists defined with the access-list additional-zones command to outgoing routing updates and GZL filters (using the appletalk distribute-list out, and appletalk getzonelist-filter commands). You cannot apply them to data-packet filters (using the appletalk access-group command) or to incoming routing update filters (using the appletalk distribute-list in command).

Example

The following example creates an access list based on AppleTalk zones:

access-list 610 deny zone Twilight
access-list 610 permit additional-zones

Related Commands

access-list cable-range
access-list includes
access-list network
access-list other-access
access-list within
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
appletalk permit-partial-zones

access-list cable-range

To define an AppleTalk access list for a cable range (for extended networks only), use the access-list cable-range global configuration command. To remove an access list, use the no form of this command.

access-list access-list-number {deny | permit} cable-range cable-range
no access-list access-list-number [{deny | permit} cable-range cable-range]

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if the conditions are matched.

permit

Permits access if the conditions are matched.

cable-range

Cable range value. The argument specifies the start and end of the cable range, separated by a hyphen. These values are decimal numbers from 1 to 65279. The starting network number must be less than or equal to the ending network number.


Default

No access lists are predefined.

Command Mode

Global configuration

Usage Guidelines

When used as a routing update filter, the access-list cable-range command affects matching on extended networks only. The conditions defined by this access list are used only when a cable range in a routing update exactly matches that specified in the access-list cable-range command. The conditions are never used to match a network number (for a nonextended network).

When used as a data-packet filter, the access-list cable-range command affects matching on any type of network number. The conditions defined by this access list are used only when the packet's source network lies in the range defined by the access list.

You apply access lists defined with the access-list cable-range command to data-packet and routing-update filters (using the appletalk access-group, appletalk distribute-list in, and appletalk distribute-list out). You cannot apply them to GetZoneList (GZL) filters (using the appletalk getzonelist-filter command).

To delete an access list, specify the minimum number of keywords and arguments needed to delete the proper access list. For example, to delete the entire access list, use the following command:

no access-list access-list-number

To delete the access list for a specific network, use the following command:

no access-list access-list-number {deny | permit} cable-range cable-range

Priority queuing for AppleTalk operates on the destination network number, not the source network number.

Example

The following access list forwards all packets except those destined to cable range 10 to 20:

access-list 600 deny cable-range 10-20
access-list 600 permit other-access

Related Commands

A dagger (†) indicates that the command is documented in another chapter.

access-list additional-zones
access-list includes
access-list network
access-list other-access
access-list within
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
priority-list
(protocol)

access-list includes

To define an AppleTalk access list that overlaps any part of a range of network numbers or cable ranges (for both extended and nonextended networks), use the access-list includes global configuration command. To remove an access list, use the no form of this command.

access-list access-list-number {deny | permit} includes cable-range
no access-list access-list-number [{deny | permit} includes cable-range]

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if the conditions are matched.

permit

Permits access if the conditions are matched.

cable-range

Cable range or network number. The argument specifies the start and end of the cable range, separated by a hyphen. These values are decimal numbers from 1 to 65279. The starting network number must be less than or equal to the ending network number. To specify a network number, set the starting and ending network numbers to the same value.


Default

No access lists are predefined.

Command Mode

Global configuration

Usage Guidelines

When used as a routing update filter, the access-list includes command affects matching on extended and nonextended AppleTalk networks. The conditions defined by this access list are used when a cable range or network number overlaps, either partially or completely, one (or more) of those specified in the access-list includes command.

When used as a data-packet filter, the conditions defined by this access list are used when the packet's source network lies in the range defined in the access-list includes command.

You apply access lists defined with the access-list includes command to data-packet and routing-update filters (using the appletalk access-group, appletalk distribute-list in, and appletalk distribute-list out). You cannot apply them to GZL filters (using the appletalk getzonelist-filter command).

To delete an access list, specify the minimum number of keywords and arguments needed to delete the proper access list. For example, to delete the entire access list, use the following command:

no access-list access-list-number

To delete the access list for a specific network, use the following command:

no access-list access-list-number {deny | permit} includes cable-range

Priority queuing for AppleTalk operates on the destination network number, not the source network number.

Example

The following example defines an access list that permits access to any network or cable range that overlaps any part of the range 10 to 20. This means, for example, that cable ranges 13 to 16 and 17 to 25 will be permitted. This access list also permits all other ranges.

access-list 600 permit includes 10-20
access-list 600 permit other-access

Related Commands

A dagger (†) indicates that the command is documented in another chapter.

access-list additional-zones
access-list cable-range
access-list network
access-list other-access
access-list within
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
priority-list
(protocol)

access-list nbp

To define an AppleTalk access-list entry for a particular NBP named entity (object), class of NBP named entities (type), or NBP named entities belonging to a specific area (zone), use the access-list nbp global configuration command. To remove an NBP access-list entry from the access list, use the no form of this command.

access-list access-list-number {deny | permit} nbp seq {type | object | zone} string
no access-list access-list-number {deny | permit} nbp seq {type | object | zone} string

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if conditions are matched.

permit

Permits access if conditions are matched.

seq

A number used to tie together two or three portions of an NBP name tuple and to keep track of the number of access-list nbp entries in an access list. Each command entry must have a sequence number.

type

Characterizes string as the portion of an NBP name that identifies a category or type of named entity.

object

Characterizes string as the portion of an NBP name that identifies a particular object or named entity.

zone

Characterizes string as the portion of an NBP name that identifies an AppleTalk zone.

string

A portion of an NBP name identifying the type, object, or zone of a named entity. The name string can be up to 32 characters long and it can include special characters from the Apple Macintosh character set. To include a special character, type a colon followed by two hexadecimal characters. For an NBP name with a leading space, enter the first character as the special sequence :20.


Default

No particular access-list entry for an NBP named entity is defined and the default filtering specified by the access-list other-nbps command takes effect.

Command Mode

Global configuration

Usage Guidelines

The access-list nbp command defines the action to take for filtering NBP packets from a particular type (class of named entities), object (particular named entity), or zone (AppleTalk zone in which named entities reside) superceding the default action for NBP packets from all named entities specified by the access-list other-nbps command. For each command that you enter, you must specify a sequence number. The sequence number serves two purposes. Its principal purpose is to allow you to associate two or three portions of an NBP three-part name, referred to as an NBP tuple. To do this, you enter two or three commands having the same sequence number but each specifying a different keyword and NBP name portion: type, object, or zone. The same sequence number binds them together. This provides you with the ability to restrict forwarding of NBP packets at any level, down to a single named entity.

The second purpose of the sequence number is to allow you to keep track of the number of access-list nbp entries you have made. You must enter a sequence number even if you do not use it to associate portions of an NBP name.

Examples

The following example adds entries to access-list number 607 to allow forwarding of NBP packets from specific sources and deny forwarding of NBP packets from all other sources. The first command adds an entry that allows NBP packets from all printers of type LaserWriter. The second command adds an entry that allows NBP packets from all AppleTalk file servers of type AFPServer. The third command adds an entry that allows NBP packets from all applications called HotShotPaint. For example, there might be an application with a zone name of Accounting and an application with a zone name of engineering, both having the object name of HotShotPaint. NBP packets forwarded from both applications will be allowed.

The final access-list other-nbps command denies forwarding of NBP packets from all other sources.

access-list 607 permit nbp 1 type LaserWriter
access-list 607 permit nbp 2 type AFPServer 
access-list 607 permit nbp 3 object HotShotPaint
access-list 607 deny other-nbps 

The following example adds entries to access-list number 608 to deny forwarding of NBP packets from two specific servers whose fully-qualified NBP names are specified. It permits forwarding of NBP packets from all other sources.

access-list 608 deny nbp 1 object ServerA
access-list 608 deny nbp 1 type AFPServer
access-list 608 deny nbp 1 zone Bld3
access-list 608 deny nbp 2 object ServerB
access-list 608 deny nbp 2 type AFPServer
access-list 608 deny nbp 2 zone Bld3
access-list 608 permit other-nbps 
access-list 608 permit other-access

Related Commands

access-list additional-zones
access-list cable-range
access-list includes
access-list network
access-list other-access
access-list other-nbps
access-list within
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
priority-list protocol

access-list network

To define an AppleTalk access list for a single network number (that is, for a nonextended network), use the access-list network global configuration command. To remove an access list, use the no form of this command.

access-list access-list-number {deny | permit} network network
no access-list access-list-number [{deny | permit} network network]

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if the conditions are matched.

permit

Permits access if the conditions are matched.

network

AppleTalk network number.


Default

No access lists are predefined.

Command Mode

Global configuration

Usage Guidelines

When used as a routing-update filter, the access-list network command affects matching on nonextended networks only. The conditions defined by this access list are used only when the a nonextended number in a routing update matches a network number specified in one of the access-list network commands. The conditions are never used to match a cable range (for an extended network) even if the cable range has the same starting and ending number.

When used as a data-packet filter, the conditions defined by this access list are used only when the packet's source network matches the network number specified in the access-list network command.

You apply access lists defined with the access-list network command to data-packet and routing-update filters (using the appletalk access-group, appletalk distribute-list in, and appletalk distribute-list out). You cannot apply them to GZL filters (using the appletalk getzonelist-filter command).

In software releases before 9.0, the syntax of this command was access-list access-list-number {deny | permit} network. The current version of the software is still able to interpret commands in this format if it finds them in a configuration or boot file. However, it is recommended that you update the commands in your configuration or boot files to match the current syntax.

Use the no access-list command with the access-list-number argument only to remove an entire access list from the configuration. Specify the optional arguments to remove a particular clause.

To delete an access list, specify the minimum number of keywords and arguments needed to delete the proper access list. For example, to delete the entire access list, use the following command:

no access-list access-list-number

To delete the access list for a specific network, use the following command:

no access-list access-list-number {deny | permit} network network

Priority queuing for AppleTalk operates on the destination network number, not the source network number.

Example

The following example defines an access list that forwards all packets except those destined for networks 1 and 2:

access-list 650 deny network 1
access-list 650 deny network 2
access-list 650 permit other-access

Related Commands

A dagger (†) indicates that the command is documented in another chapter.

access-list additional-zones
access-list cable-range
access-list includes
access-list other-access
access-list within
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
priority-list
(protocol)

access-list other-access

To define the default action to take for access checks that apply to networks or cable ranges, use the access-list other-access global configuration command.

access-list access-list-number {deny | permit} other-access

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if the conditions are matched.

permit

Permits access if the conditions are matched.


Default

No access lists are predefined.

Command Mode

Global configuration

Usage Guidelines

The access-list other-access command defines the action to take for access checks not explicitly defined with an access-list network, access-list cable-range, access-list includes, or access-list within command. If you do not specify this command, the default action is to deny other access.

You apply access lists defined with the access-list other-access command to data-packet and routing-update filters (using the appletalk access-group, appletalk distribute-list in, and appletalk distribute-list out). You cannot apply them to GZL filters (using the appletalk getzonelist-filter command).

In software releases before 9.0, the syntax of this command was access-list access-list-number {deny | permit} -1. The current version of the software is still able to interpret commands in this format if it finds them in a configuration or boot file. However, it is recommended that you update the commands in your configuration or boot files to match the current syntax.

Priority queuing for AppleTalk operates on the destination network number, not the source network number.

Example

The following example defines an access list that forwards all packets except those destined for networks 1 and 2:

access-list 650 deny network 1
access-list 650 deny network 2
access-list 650 permit other-access

Related Commands

A dagger (†) indicates that the command is documented in another chapter.

access-list additional-zones
access-list cable-range
access-list includes
access-list network
access-list within
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
priority-list
(protocol)

access-list other-nbps

To define the default action to take for access checks that apply to NBP packets from named entities not otherwise explicitly denied or permitted, use the access-list other-nbps global configuration command.

access-list access-list-number {deny | permit} other-nbps
no access-list access-list-number {deny | permit} other-nbps

Syntax Description

access-list-number

Number of the access list for AppleTalk. This is a decimal number from 600 to 699.

deny

Denies access if conditions are matched.

permit

Permits access if conditions are matched.


Default

Access is denied.

Command Mode

Global configuration

Usage Guidelines

The access-list other-nbps command defines the action to take for filtering of NBP packets from named entities not explicitly defined by an access-list nbp command. It allows you to implement the default AppleTalk network security state at the named entity level. Any access-list nbp commands you enter affect a particular named entity object, class of named entities, or all named entities within a zone. This command sets the security state for all other NBP named entities. If you do not specify this command, the default action is to deny access.

You can use this command to create an entry in an access list before or after you issue access-list nbp commands. The order of the command in the access list is irrelevant.

Examples

The following example permits forwarding of all NBP packets from all sources except AppleTalk file servers of type AFPServer:

access-list 607 deny nbp 2 type AFPServer
access-list 607 permit other-nbps

Related Commands

A dagger (†) indicates that the command is documented in another chapter.

access-list additional-zones
access-list cable-range
access-list includes
access-list nbp
access-list network
access-list other-access
access-list within
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
priority-list
(protocol)

access-list within

To define an AppleTalk access list for an extended or a nonextended network whose network number or cable range is included entirely within the specified cable range, use the access-list within global configuration command. To remove this access list, use the no form of this command.

access-list access-list-number {deny | permit} within cable-range
no access-list access-list-number [{deny | permit} within cable-range]

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if the conditions are matched.

permit

Permits access if the conditions are matched.

cable-range

Cable range or network number. The argument specifies the start and end of the cable range, separated by a hyphen. These values are decimal numbers from 1 to 65279. The starting network number must be less than or equal to the ending network number. To specify a network number, set the starting and ending network numbers to the same value.


Default

No access lists are predefined.

Command Mode

Global configuration

Usage Guidelines

When used as a routing update filter, the access-list within command affects matching on extended and nonextended AppleTalk networks. The conditions defined by this access list are used when a cable range or network number overlaps, either partially or completely, one (or more) of those specified in the access-list within command.

When used as a data-packet filter, the conditions defined by this access list are used when the packet's source network lies in the range defined in the access-list within command.

You apply access lists defined with the access-list within command to data-packet and routing-update (using the appletalk access-group, appletalk distribute-list in, and appletalk distribute-list out). You cannot apply them to GZL filters (using the appletalk getzonelist-filter command).

To delete an access list, specify the minimum number of keywords and arguments needed to delete the proper access list. For example, to delete the entire access list, use the following command:

no access-list access-list-number

To delete the access list for a specific network, use the following command:

no access-list access-list-number {deny | permit} within cable-range

Priority queuing for AppleTalk operates on the destination network number, not the source network number.

Example

The following example defines an access list that permits access to any network or cable range that is completely included in the range 10 to 20. This means, for example, that cable range 13 to 16 will be permitted, but cable range 17 to 25 will not be. The second line of the access list permits all other packets.

access-list 600 permit within 10-20
access-list 600 permit other-access

Related Commands

A dagger (†) indicates that the command is documented in another chapter.

access-list additional-zones
access-list cable-range
access-list includes
access-list network
access-list other-access
access-list zone
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
priority-list
(protocol)

access-list zone

To define an AppleTalk access list that applies to a zone, use the access-list zone global configuration command. To remove an access list, use the no form of this command.

access-list access-list-number {deny | permit} zone zone-name
no access-list access-list-number [{deny | permit} zone zone-name]

Syntax Description

access-list number

Number of the access list. This is a decimal number from 600 to 699.

deny

Denies access if the conditions are matched.

permit

Permits access if the conditions are matched.

zone-name

Name of the zone. The name can include special characters from the Apple Macintosh character set. To include a special character, type a colon followed by two hexadecimal characters. For zone names with a leading space character, enter the first character as the special sequence :20.


Default

No access lists are predefined.

Command Mode

Global configuration

Usage Guidelines

You apply access lists defined with the access-list zones command to outgoing routing update and GZL filters (using the appletalk distribute-list out, and appletalk getzonelist-filter commands). You cannot apply them to data-packet filters (using the appletalk access-group command) or to incoming routing update filters (using the appletalk distribute-list in command).

To delete an access list, specify the minimum number of keywords and arguments needed to delete the proper access list. For example, to delete the entire access list, use the following command:

no access-list access-list-number

To delete the access list for a specific network, use the following command:

no access-list access-list-number {deny | permit} zone zone-name

Use the access-list additional-zones command to define the action to take for access checks not explicitly defined with the access-list zone command.

Example

The following example creates an access list based on AppleTalk zones:

access-list 610 deny zone Twilight
access-list 610 permit additional-zones

Related Commands

access-list additional-zones
access-list cable-range
access-list includes
access-list network
access-list other-access
access-list within
appletalk access-group
appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
appletalk permit-partial-zones

appletalk access-group

To assign an access list to an interface, use the appletalk access-group interface configuration command. To remove the access list use the no form of this command.

appletalk access-group access-list-number
no appletalk access-group [access-list-number]

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.


Default

No access lists are predefined.

Command Mode

Interface configuration

Usage Guidelines

The appletalk access-group command applies data-packets filter to an interface. These filters check data packets being sent out an interface. If the packets' source network has access denied, these packets are not transmitted but rather are discarded.

Data-packet filters use access lists that define conditions for networks and cable ranges only. They ignore any zone information that may be in the access list.

When you apply a data-packet filter to an interface, you should ensure that all networks or cable ranges within a zone are governed by the same filters.

Example

The following example applies access list 601 to Ethernet interface 0:

access-list 601 deny cable-range 1-10
access-list 601 permit other-access
interface ethernet 0
appletalk access-group 601

Related Commands

access-list cable-range
access-list includes
access-list network
access-list other-access
access-list within
appletalk distribute-list in
appletalk distribute-list out

appletalk address

To enable nonextended AppleTalk routing on an interface, use the appletalk address interface configuration command. To disable nonextended AppleTalk routing, use the no form of this command.

appletalk address network.node
no appletalk address [network.node]

Syntax Description

network.node

AppleTalk network address assigned to the interface. The argument network is the 16-bit network number in the range 0 to 65279. The argument node is the 8-bit node number in the range 0 to 254. Both numbers are decimal.


Default

Disabled

Command Mode

Interface configuration

Usage Guidelines

You must enable routing on the interface before assigning zone names.

Specifying an address of 0.0, or 0.node places the interface into discovery mode. When in this mode, the access server attempts to determine network address information from another router or access server on the network. You also can enable discovery mode with the appletalk discovery command. Discovery mode does not run over serial lines.

Example

The following example enables nonextended AppleTalk routing on Ethernet interface 0:

appletalk routing
interface ethernet 0
appletalk address 1.129

Related Commands

access-list cable-range
appletalk discovery
appletalk zone

appletalk alternate-addressing

To display network numbers in a two-octet format, use the appletalk alternate-addressing global configuration command. To return to displaying network numbers in the format network.node, use the no form of this command.

appletalk alternate-addressing
no appletalk alternate-addressing

Syntax Description

This command has no arguments or keywords.

Default

Addresses are displayed in network.node format.

Command Mode

Global configuration

Usage Guidelines

The appletalk alternate-addressing command displays cable ranges in the alternate format wherever applicable. This format consists of printing the upper and lower bytes of a network number as 8-bit decimal values separated by a decimal point. For example, the cable range 511-512 would be printed as 1.255-2.0.

Example

The following example enables the display of network numbers in a two-octet format:

appletalk alternate-addressing

appletalk arp interval

To specify the time interval between the retransmission of Address Resolution Protocol (ARP) packets, use the appletalk arp interval global configuration command. To restore both default intervals, use the no form of this command.

appletalk arp [probe | request] interval interval
no appletalk arp [probe | request] interval interval

Syntax Description

probe

(Optional) Indicates that the interval specified is to be used with AppleTalk Address Resolution Protocol (AARP) requests that are trying to determined the address of the local router when the access server is being configured. If you omit probe and request, probe is the default.

request

(Optional) Indicates that the interval specified is to be used when AARP is attempting to determine the hardware address of another node so that AARP can deliver a packet.

interval

Interval, in milliseconds, between AARP transmissions. The minimum value is 33 milliseconds. When used with the probe keyword, the default interval is 200 milliseconds. When used with the request keyword, the default interval is 1000 milliseconds.


Default

If you omit all keywords, probe is the default.

probe—200 milliseconds
request—1000 milliseconds

Command Mode

Global configuration

Usage Guidelines

The time interval you specify takes effect immediately.

Lengthening the interval between AARP transmissions permits responses from devices that respond slowly, such as printers and overloaded file servers, to be received.

AARP uses the appletalk arp probe interval value when obtaining the address of the local access server. This is done when the access server is being configured. You should not change the default value of this interval unless absolutely necessary, because this value directly modifies the AppleTalk dynamic node assignment algorithm.

AARP uses the appletalk arp request interval value when attempting to determine the hardware address of another node so that it can deliver a packet. You can change this interval as desired, although the default value is optimal for most sites.

The no appletalk arp command restores both the probe and request intervals specified in the appletalk arp interval and appletalk arp retransmit-count commands to their default values.

Example

In the following example, the AppleTalk ARP retry interval is lengthened to 2000 milliseconds:

appletalk arp request interval 2000

Related Commands

appletalk arp retransmit-count
appletalk arp-timeout
appletalk glean-packets
show appletalk globals

appletalk arp retransmit-count

To specify the number of AARP probe or request transmissions, use the appletalk arp retransmit-count global configuration command. To restore both default values, use the no form of this command.

appletalk arp [probe | request] retransmit-count number
no appletalk arp [probe | request] retransmit-count number

Syntax Description

probe

(Optional) Indicates that the number specified is to be used with AARP requests that are trying to determined the address of the local router when the access server is being configured. If you omit probe and request, probe is the default.

request

(Optional) Indicates that the number specified is to be used when AARP is attempting to determine the hardware address of another node so that AARP can deliver a packet.

number

Number of AARP retransmissions that will occur. The minimum number is 1. When used with the probe keyword, the default value is 10 retransmissions. When used with the request keyword, the default value is 5 retransmissions. Specifying 0 selects the default value.


Default

If you omit the keyword, probe is the default.

probe—10
request—5

Command Mode

Global configuration

Usage Guidelines

The value you specify takes effect immediately.

Increasing the number of retransmissions permits responses from devices that respond slowly, such as printers and overloaded file servers, to be received.

AARP uses the appletalk arp probe retransmit-count value when obtaining the address of the local router. This is done when the access server is being configured. You should not change the default value unless absolutely necessary, because this value directly modifies the AppleTalk dynamic node assignment algorithm.

AARP uses the appletalk arp request retransmit-count value when attempting to determine the hardware address of another node so that it can deliver a packet. You can change this interval as desired, although the default value is optimal for most sites.

The no appletalk arp command restores both the probe and request intervals specified in the appletalk arp interval and appletalk arp retransmit-count commands to their default values.

Example

The following example specifies an AARP retransmission count of 10 for AARP packets that are requesting the hardware address of another node on the network:

appletalk arp request retransmit-count 10

Related Commands

appletalk arp interval
appletalk arp-timeout
appletalk glean-packets
show appletalk globals

appletalk arp-timeout

To specify the interval at which entries are aged out of the ARP table, use the appletalk arp-timeout interface configuration command. To return to the default timeout, use the no form of this command.

appletalk arp-timeout interval
no appletalk arp-timeout [interval]

Syntax Description

interval

Time, in minutes, after which an entry is removed from the AppleTalk ARP table. The default is 240 minutes, or 4 hours.


Default

240 minutes (4 hours)

Command Mode

Interface configuration

Example

The following example changes the ARP timeout interval on Ethernet interface 0 to 2 hours:

interface ethernet 0
appletalk cable-range 2-2
appletalk arp-timeout 120

Related Commands

appletalk arp interval
appletalk arp retransmit-count
appletalk glean-packets

appletalk aurp tickle-time

To set the AURP last-heard-from timer value, use the appletalk aurp tickle-time interface configuration command. To return to the default last-heard-from timer value, use the no form of this command.

appletalk aurp tickle-time seconds
no appletalk aurp tickle-time [seconds]

Syntax Description

seconds

Time-out value, in seconds. This value can be a number in the range 30 to infinity. The default is 90 seconds.


Default

90 seconds

Command Mode

Interface configuration

Usage Guidelines

If the tunnel peer has not been heard from with the time specified by the least-heard-from timer value, the access server sends tickle packets to check that the tunnel peer is still up.

You can use this command only on tunnel interfaces.

Example

The following example changes the AURP last-heard-from timer value on tunnel interface 0 to 120 seconds:

interface tunnel 0
appletalk aurp tickle-time 120

Related Command

show appletalk interface

appletalk aurp update-interval

To set the minimum interval between AURP routing updates, use the appletalk aurp update-interval global configuration command. To return to the default interval, use the no form of this command.

appletalk aurp update-interval seconds
no appletalk aurp update-interval [seconds]

Syntax Description

seconds

AURP routing update interval, in seconds. This interval must be a multiple of 10. The default is 30 seconds.


Default

30 seconds

Command Mode

Global configuration

Usage Guidelines

The AURP routing update interval applies only to tunnel interfaces.

Example

The following example changes the AURP routing update interval on tunnel interface 0 to 40 seconds:

interface tunnel 0
appletalk aurp update-interval 40

Related Command

show appletalk globals

appletalk cable-range

To enable an extended AppleTalk network, use the appletalk cable-range interface configuration command. To disable an extended AppleTalk network, use the no form of this command.

appletalk cable-range cable-range [network.node]
no appletalk cable-range cable-range [network.node]

Syntax Description

cable-range

Cable range value. The argument specifies the start and end of the cable range, separated by a hyphen. These values are decimal number from 0 to 65279. The starting network number must be less than or equal to the ending network number.

network.node

(Optional) Suggested AppleTalk address for the interface. The argument network is the 16-bit network number, and the argument node is the 8-bit node number. Both numbers are decimal. The suggested network number must fall within the specified range of network numbers.


Default

Disabled

Command Mode

Interface configuration

Usage Guidelines

You must enable routing on the interface before assigning zone names.

Specifying a cable range value of 0-0 places the interface into discovery mode. When in this mode, the access server attempts to determine cable range information from another router or access server on the network. You also can enable discovery mode with the appletalk discovery command. Discovery mode does not run over serial lines.

Example

The following example assigns a cable range of 3 to 3 to the interface:

interface ethernet 0
appletalk cable-range 3-3

Related Commands

appletalk address
appletalk discovery
appletalk zone

appletalk checksum

To enable the generation and verification of checksums for all AppleTalk packets (except routed packets), use the appletalk checksum global configuration command. To disable checksum generation and verification, use the no form of this command.

appletalk checksum
no appletalk checksum

Syntax Description

This command has no arguments or keywords.

Default

Enabled

Command Mode

Global configuration

Usage Guidelines

When the appletalk checksum command is enabled, the access server discards incoming DDP packets when the checksum is nonzero and is incorrect, and when the access server is the final destination for the packet.

You might want to disable checksum generation and verification if you have very early devices, such as LaserWriter printers, that cannot receive packets that contain checksums.

Our routers and access servers do not check checksums on routed packets, thereby eliminating the need to disable checksum to allow operation of some networking applications.

Example

The following example disables the generation and verification of checksums:

no appletalk checksum

Related Command

show appletalk globals

appletalk client-mode

To allow users to access an AppleTalk zone when dialing into an asychronous line on the access server, use the interface configuration async command appletalk client-mode. Use the no form of the command to disable this configuration.

appletalk client-mode
no appletalk client-mode

Syntax Description

This command has no arguments or keywords.

Default

Client mode is disabled.

Command Mode

Interface configuration

Usage Guidelines

This command allows an asynchronous interface to be used by a remote client to access one or more AppleTalk zones, use networked peripherals, and share files with other Macintosh users.

Before a client can access an AppleTalk zone on the remote network, you must first define the interface as async, the encapsulation as PPP, and create an internal network for the Macintosh client by using the appletalk virtual-net command.

This configuration does not support routing.

Example

The following example allows a user to access AppleTalk functionality on an asynchronous line using PPP:

appletalk client-mode

Related Commands

A dagger (†) indicates that the command is documented in another chapter. Two daggers (††) indicates that the command is documented in the Cisco Access Connection Guide.

appletalk virtual-net
encapsulation

interface async
ppp††

appletalk discovery

To place an interface into discovery mode, use the appletalk discovery interface configuration command. To disable discovery mode, use the no form of this command.

appletalk discovery
no appletalk discovery

Syntax Description

This command has no arguments or keywords.

Default

Discovery mode is disabled.

Command Mode

Interface configuration

Usage Guidelines

If an interface is connected to a network that has at least one other operational AppleTalk router, you can dynamically configure the interface using discovery mode. In discovery mode, an interface acquires network address information about the attached network from an operational router and then uses this information to configure itself.

If you enable discovery mode on an interface, then when the access server is starting up, that interface must acquire information to configure itself from another operational router on the attached network. If no operational router is present on the connected network, the interface will not start up.

If you do not enable discovery mode, then when the access server is starting up, the interface must acquire its configuration from memory. If the stored configuration is not complete, the interface will not start up. If there is another operational router on the connected network, the access server will verify the interface's stored configuration with that router. If there is any discrepancy, the interface will not start up. If there are no neighboring operational routers, the access server will assume the interface's stored configuration is correct and will start up.

Once an interface is operational, it can seed the configurations of other routers on the connected network regardless of whether you have enabled discovery mode on any of the routers.

If you enable appletalk discovery and the interface is restarted, another operational router must still be present on the directly connected network in order for the interface to start up.

It is not advisable to have all routers on a network configured with discovery mode enabled. If all routers were to restart simultaneously (for instance, after a power failure), the network would become inaccessible until at least one router were restarted with discovery mode disabled.

You also can enable discovery mode by specifying an address of 0.0. in the appletalk address command or a cable range of 0-0 in the appletalk cable-range command.

Discovery mode is useful when you are changing a network configuration or when you are adding an access server to an existing network.

Discovery mode does not run over serial lines.

Use the no appletalk discovery command to disable discovery mode. If the interface is not operational when you issue this command (that is, if you have not issued an appletalk zone command on the interface), you must configure the zone name next. If the interface is operational when you issue the no appletalk discovery command, you can save the current configuration (in running memory) in nonvolatile memory by issuing the copy running-config startup-config EXEC command.

Example

The following example enables discovery mode on Ethernet interface 0:

interface ethernet 0
appletalk discovery

Related Commands

A dagger (†) indicates that the command is documented in another chapter.

appletalk address
appletalk cable-range
appletalk zone
show appletalk interface
copy running-config startup-config

appletalk distribute-list in

To filter routing updates received from other routers over a specified interface, use the appletalk distribute-list in interface configuration command. To remove the routing table update filter, use the no form of this command.

appletalk distribute-list access-list-number in
no appletalk distribute-list [access-list-number in]

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.


Default

No routing filters are preconfigured.

Command Mode

Interface configuration

Usage Guidelines

The appletalk distribute-list in command controls which networks and cable ranges in routing updates will be entered into the local routing table.

Filters for incoming routing updates use access lists that define conditions for networks and cable ranges only. They cannot use access lists that define conditions for zones. All zone information in an access list assigned to the interface with the appletalk distribute-list in command is ignored.

An input distribution list filters network numbers received in an incoming routing update. When AppleTalk routing updates are received on the specified interface, each network number and cable range in the update is checked against the access list. Only network numbers and cable ranges that are permitted by the access list are inserted into the access server's AppleTalk routing table.

Example

The following example prevents the access server from accepting routing table updates received from network 10 and on Ethernet interface 3:

access-list 601 deny network 10
access-list 601 permit other-access
interface ethernet 3
appletalk distribute-list 601 in

Related Commands

access-list cable-range
access-list includes
access-list network
access-list other-access
access-list within
appletalk distribute-list out

appletalk distribute-list out

To filter routing updates transmitted to other routers, use the appletalk distribute-list out interface configuration command. To remove the routing table update filter, use the no form of this command.

appletalk distribute-list access-list-number out
no appletalk distribute-list [access-list-number out]

Syntax Description

access-list-number

Number of the access list. This is a decimal number from 600 to 699.


Default

No routing filters are preconfigured.

Command Mode

Interface configuration

Usage Guidel