-
Access and Communication Servers Command Reference
-
About This Manual
-
Access Server and Communication Server Product Overview
-
User Interface Commands
-
System Image and Configuration File Load Commands
-
Configuring Terminal Lines and Modem Support
-
System Management Commands
-
User Interface Config Commands
-
Dial on Demand Routing Commands
-
X.25 Configuration Commands
-
Frame Relay Commands
-
SMDS Commands
-
Telnet Configuration Commands
-
LAT Configuration Commands
-
TN3270 Configuration
-
AppleTalk Remote Access Commands
-
SLIP and PPP Configuration Commands
-
XRemote Configuration Commands
-
AppleTalk Routing Commands
-
IP Commands
-
IP Routing Protocols Commands
-
Novell IPX Commands
-
Protocol Translation Configuration Commands
-
Appendix A, ASCII Character Set
-
Appendix B, Modem and Chat Script Configuration
-
Appendix C, Regular Expressions
-
Appendix D, Refs and Reading
-
Appendix E, X.3 PAD Parameters
-
Table Of Contents
default-information originate (BGP)
default-information originate (EGP)
default-information originate (OSPF)
default-metric (BGP, EGP, OSPF, and RIP)
default-metric (IGRP and Enhanced IGRP)
neighbor advertisement-interval
neighbor peer-group (creating)
neighbor peer-group (assigning members)
IP Routing Protocols Commands
Cisco's implementation of the Internet Protocol (IP) suite provides all major services contained in the Transmission Control Protocol/IP (TCP/IP) specifications.
Use the commands in this chapter to configure and monitor the IP routing protocols. For IP routing protocol configuration information and examples, refer to the "Configuring IP Routing Protocols" chapter of the Access and Communication Servers Configuration Guide.
aggregate-address
Use the aggregate-address router configuration command to create an aggregate entry in a BGP routing table. Use the no form of this command to disable this feature.
aggregate-address address mask [as-set] [summary-only] [suppress-map map-name]
[advertise-map map-name] [attribute-map map-name]
no aggregate-address address mask [as-set] [summary-only] [suppress-map map-name]
[advertise-map map-name] [attribute-map map-name]Syntax Description
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
You can implement aggregate routing in BGP either by redistributing an aggregate route into BGP or by using this conditional aggregate routing feature.
Using the aggregate-address command with no arguments will create an aggregate entry in the BGP routing table if there are any more-specific routes available that fall in the specified range. The aggregate route will be advertised as coming from your autonomous system and has the atomic aggregate attribute set to show that information might be missing. (By default, the atomic aggregate attribute is set unless you specify the as-set keyword in the aggregate-address command.)
Using the as-set keyword creates an aggregate entry using the same rules that the command follows without this keyword, but the path advertised for this route will be an AS_SET consisting of all elements contained in all paths that are being summarized. Do not use this form of aggregate-address when aggregating many paths, because this route must be continually withdrawn and re-updated as autonomous system path reachability information for the summarized routes changes.
Using the summary-only keyword not only creates the aggregate route (for example, 193.*.*.*) but will also suppress advertisements of more specific routes to all neighbors. If you only want to suppress advertisements to certain neighbors, you may use the neighbor distribute-list command, with caution. If a more-specific route leaks out, all BGP speakers will prefer that route over the less- specific aggregate you are generating (using longest-match routing).
Using the suppress-map keyword creates the aggregate route but suppresses advertisement of specified route maps. You can use the match clauses of route maps to selectively suppress some more specific routes of the aggregate and leave others unsuppressed. IP access lists and autonomous system path access lists match clauses are supported.
Example
In the following example, an aggregate address is created. The path advertised for this route will be an AS_SET consisting of all elements contained in all paths that are being summarized.
router bgp 5aggregate-address 192.168.0.0 255.0.0.0 as-setRelated Commands
match as-path
match ip address
route-maparea authentication
Use the area authentication router configuration command to enable authentication for an OSPF area. Use the no form of this command with the authentication keyword to remove the area's authentication specification. Use the command no area area-id (with no other keywords) to remove the specified area from the access server's configuration.
area area-id authentication [message-digest]
no area area-id authentication
no area area-idSyntax Description
Default
Type 0 authentication (no authentication)
Command Mode
Router configuration
Usage Guidelines
Specifying authentication for an area sets the authentication to Type 1 (simple password) as specified in RFC 1247. If this command is not included in the configuration file, authentication of Type 0 (no authentication) is assumed.
The authentication type must be the same for all access servers in an area. The authentication password for all OSPF access servers on a network must be the same if they are to communicate with each other via OSPF. Use the ip ospf authentication-key interface configuration command to specify this password.
If you enable MD5 authentication with the message-digest keyword, you must configure a password with the ip ospf message-digest-key command.
To remove the area's authentication specification, use the no form of this command with the authentication keyword. To remove the specified area from the router's configuration, use the command no area area-id (with no other keywords).
Example
The following example mandates authentication for areas 0 and 10.0.0.0 of OSPF routing process 201. Authentication keys are also provided.
interface ethernet 0ip address 172.19.251.201 255.255.255.0ip ospf authentication-key adcdefgh!interface ethernet 1ip address 10.56.0.201 255.255.0.0ip ospf authentication-key ijklmnop!router ospf 201network 10.0.0.0 0.255.255.255 area 10.0.0.0network 172.19.0.0 0.0.255.255 area 0area 10.0.0.0 authenticationarea 0 authenticationRelated Commands
area default-cost
area stub
ip ospf authentication-key
area default-cost
Use the area default-cost router configuration command to specify a cost for the default summary route sent into a stub area. Use the no form of this command to remove the assigned default route cost.
area area-id default-cost cost
no area area-id default-cost costSyntax Description
Default
Cost of 1
Command Mode
Router configuration
Usage Guidelines
This command is used only on an Area Border Router (ABR) attached to a stub area.
There are two stub area router configuration commands: the stub and default-cost options of the area command. In all access servers attached to the stub area, the area should be configured as a stub area using the stub option of the area command. Use the default-cost option only on an ABR attached to the stub area. The default-cost option provides the metric for the summary default route generated by the ABR into the stub area.
Example
The following example assigns a default-cost of 20 to stub network 10.0.0.0:
interface ethernet 0ip address 10.56.0.201 255.255.0.0!router ospf 201network 10.0.0.0 0.255.255.255 area 10.0.0.0area 10.0.0.0 stubarea 10.0.0.0 default-cost 20Related Commands
area authentication
area stubarea-password
To configure the IS-IS area authentication password, use the area-password router configuration command. To disable the password, use the no form of this command.
area-password password
no area-password [password]Syntax Description
Default
No area password is defined.
Command Mode
Router configuration
Usage Guidelines
This password is inserted in Level 1 (station router level) link state PDUs (LSPs), complete sequence number PDUs (CSNPs), and partial sequence number PDUs (PSNP).
Example
The following example assigns an area authentication password:
router isisarea-password angelarea range
Use the area range router configuration command to consolidate and summarize routes at an area boundary. Use the no form of this command to disable this function for the specified area.
area area-id range address mask
no area area-id range address maskSyntax Description
area-id
Identifier of the area about which routes are to be summarized. It can be specified as either a decimal value or as an IP address.
address
IP address.
mask
IP mask.
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
This command is only used with access servers acting as Area Border Routers (ABRs). It is used to consolidate or summarize routes for an area. The result is that a single summary route is advertised to other areas by the ABR. Routing information is condensed at area boundaries. External to the area, a single route is advertised for each address range. This is called route summarization.
Multiple area router configuration commands specifying the range option can be configured. Thus, OSPF can summarize addresses for many different sets of address ranges.
Example
The following example specifies one summary route to be advertised by the access server acting as an ABR to other areas for all subnets on network 10.0.0.0 and for all hosts on network 192.168.110.0:
interface ethernet 0ip address 192.168.110.201 255.255.255.0!interface ethernet 1ip address 10.56.0.201 255.255.0.0!router ospf 201network 10.0.0.0 0.255.255.255 area 10.0.0.0network 192.168.110.0 0.0.0.255 area 0area 10.0.0.0 range 10.0.0.0 255.0.0.0area 0 range 192.168.110.0 255.255.255.0area stub
Use the area stub router configuration command to define an area as a stub area. Use the no form of this command to disable this function for the specified area.
area area-id stub
no area area-id stubSyntax Description
Default
No stub area is defined.
Command Mode
Router configuration
Usage Guidelines
This command must be configured on all access servers in the stub area. Use the area router configuration command with the default-cost option to specify the cost of a default internal access server sent into a stub area by an access server acting as an Area Border Router (ABR).
There are two stub area router configuration commands: the stub and default-cost options of the area router configuration command. In all access servers attached to the stub area, the area should be configured as a stub area using the stub option of the area command. Use the default-cost option only on an ABR attached to the stub area. The default-cost option provides the metric for the summary default route generated by the Area Border Router (ABR) into the stub area.
Example
The following example assigns a default cost of 20 to stub network 10.0.0.0:
interface ethernet 0ip address 10.56.0.201 255.255.0.0!router ospf 201network 10.0.0.0 0.255.255.255 area 10.0.0.0area 10.0.0.0 stubarea 10.0.0.0 default-cost 20Related Commands
area authentication
area default-costarea virtual-link
To define an OSPF virtual link, use the area virtual-link router configuration command with the optional parameters. To remove a virtual link, use the no form of this command.
area area-id virtual-link router-id [hello-interval seconds] [retransmit-interval seconds]
[transmit-delay seconds] [dead-interval seconds] [authentication-key password]
no area area-id virtual-link router-id [hello-interval seconds] [retransmit-interval seconds]
[transmit-delay seconds] [dead-interval seconds] [authentication-key password]Syntax Description
Default
area-id: No area ID is predefined.
router-id: No router ID is predefined.
hello-interval seconds: 10 seconds
retransmit-interval seconds: 10 seconds
transmit-delay seconds: 1 second
dead-interval seconds: 40 seconds
authentication-key password: No password is predefined.
message-digest-key keyid md5 key: No key is predefined.Command Mode
Router configuration
Usage Guidelines
In OSPF, all areas must be connected to a backbone area. If the connection to the backbone is lost, it can be repaired by establishing a virtual link.
The smaller the Hello interval, the faster topological changes will be detected, but more routing traffic will ensue.
The setting of the retransmit interval should be conservative, or needless retransmissions will result. The value should be larger for serial lines and virtual links.
The transmit delay value should take into account the transmission and propagation delays for the interface.
An access server will use the specified authentication key only when authentication is enabled for the backbone with the area area-id authentication router configuration command.
The two authentication schemes, simple text and MD5 authentication, are mutually exclusive. You can specify one or the other or neither. Any keywords and arguments you specify after authentication-key key or message-digest-key keyid md5 key are ignored. Therefore, specify any optional arguments before such a keyword-argument combination.
Note
Each virtual link neighbor must include the transit area ID and the corresponding virtual link neighbor's router ID in order for a virtual link to be properly configured. Use the show ip ospf EXEC command to see the router ID of an access server.
Examples
The following example establishes a virtual link with default values for all optional parameters:
router ospf 201network 10.0.0.0 0.255.255.255 area 10.0.0.0area 10.0.0.0 virtual-link 36.3.4.5The following example establishes a virtual link with MD5 authentication:
router ospf 201network 10.0.0.0 0.255.255.255 area 10.0.0.0area 10.0.0.0 virtual-link 10.3.4.5 message-digest-key 3 md5 sa5721bk47Related Command
A dagger (†) indicates that the command is documented in another chapter.
area authentication
service password-encryption †
show ip ospfautonomous-system (EGP)
Use the autonomous-system global configuration command to specify the local autonomous system that the access server resides in for EGP. Use the no form of this command to remove the autonomous system number.
autonomous-system local-as
no autonomous-system local-asSyntax Description
Default
No local autonomous system is specified.
Command Mode
Global configuration
Usage Guidelines
Before you can set up EGP routing, you must specify an autonomous system number. The local autonomous system number will be included in EGP messages sent by the access server.
Example
The following sample configuration specifies an autonomous system number of 110:
autonomous-system 110Related Command
auto-summary
To restore the default behavior of automatic summarization of subnet routes into network-level routes, use the use the auto-summary router configuration command. To disable this feature, use the no form of this command.
auto-summary
no auto-summarySyntax Description
This command has no arguments or keywords.
Default
Enabled
Command Mode
Router configuration
Usage Guidelines
By default, BGP does not accept subnets redistributed from IGP. To advertise and carry subnet routes in BGP, use an explicit network command or the no auto-summary command. If you disable auto-summarization and have not entered a network command, you will not advertise network routes for networks with subnet routes unless they contain a summary route.
IP Enhanced IGRP summary routes are given an administrative distance value of 5. You cannot configure this value.
Example
In the following example, network numbers are not summarized automatically:
router bgp 6no auto-summaryThe following example disables automatic summarization for router process eigrp 109:
router eigrp 109no auto-summaryRelated Command
bgp always-compare-med
To allow the comparison of the Multi Exit Discriminator (MED) for paths from neighbors in different autonomous systems, use the bgp always-compare-med router configuration command. To disallow the comparison, use the no form of this command.
bgp always-compare-med
no bgp always-compare-medSyntax Description
This command has no arguments or keywords.
Default
The router does not compare MEDs for paths from neighbors in different autonomous systems.
Command Mode
Router configuration
Usage Guidelines
The MED is one of the parameters that is considered when selecting the best path among many alternative paths. The path with a lower MED is preferred over a path with a higher MED.
By default, during the best path selection process, MED comparision is done only among paths from the same autonomous system. This command changes the default behavior by allowing comparision of MEDs among paths regardless of the autonomous system from which the paths are received.
Example
In the following example, the BGP speaker in autonomous system 100 is configured to compare MEDs among alternative paths, regardless of the autonomous system from which the paths are received:
router bgp 109bgp always-compare-medbgp confederation identifier
To specify a BGP confederation identifier, use the bgp confederation identifier router configuration command. To remove the confederation identifier, use the no form of this command.
bgp confederation identifier autonomous-system
no bgp confederation identifier autonomous-systemSyntax Description
Default
No confederation identifier is configured.
Command Mode
Router configuration
Usage Guidelines
Another way to reduce the IBGP mesh is to divide an autonomous system into multiple autonomous systems and group them into a single confederation. Each autonomous system is fully meshed within itself, and has a few connections to another autonomous system in the same confederation. Even though the peers in different autonomous systems have EBGP sessions, they exchange routing information as if they are IBGP peers. Specifically, the next-hop and local preference information is preserved. This enables to you to retain a single Interior Gateway Protocol (IGP) for all of the autonomous systems. To the outside world, the confederation looks like a single autonomous system.
Example
In the following example, the autonomous system is divided into autonomous systems 4001, 4002, 4003, 4004, 4005, 4006, and 4007 and identified by the confederation identifier 5. Neighbor 1.2.3.4 is someone inside your routing domain confederation. Neighbor 3.4.5.6 is someone outside your routing domain confederation. To the outside world, there appears to be a single autonomous system with the number 5.
router bgp 4001bgp confederation identifier 5bgp confederation peers 4002 4003 4004 4005 4006 4007neighbor 1.2.3.4 remote-as 4002neighbor 3.4.5.6 remote-as 510Related Command
bgp confederation peers
To configure the autonomous systems that belong to the confederation, use the bgp confederation peers router configuration command. To remove an autonomous system from the confederation, use the no form of this command.
bgp confederation peers autonomous-system [autonomous-system]
no bgp confederation peers autonomous-system [autonomous-system]Syntax Description
Default
No confederation peers are configured.
Command Mode
Router configuration
Usage Guidelines
The autonomous systems specified in this command are visible internally to a confederation. Each autonomous system is fully meshed within itself. The bgp confederation identifier command specifies the confederation that the autonomous systems belong to.
Example
The following example specifies that autonomous systems 1090, 1091, 1092, and 1093 belong to a single confederation:
router bgp 1090bgp confederation peers 1091 1092 1093Related Command
bgp default local-preference
Use the bgp default local-preference router configuration command to change the default local preference value of 100. Use the no form of this command to revert to the default setting.
bgp default local-preference value
no bgp default local-preference valueSyntax Description
Default
Local preference value of 100
Command Mode
Router configuration
Usage Guidelines
Generally, the default value of 100 allows you to easily define a particular path as less preferable than paths with no local preference attribute. The preference is sent to all access servers in the local autonomous system.
Example
In the following example, the default local preference value is raised from the default of 100 to 200:
router bgp 200bgp default local-preference 200Related Command
bgp fast-external-fallover
Use the bgp fast-external-fallover router configuration command to immediately reset the BGP sessions of any directly adjacent external peers if the link used to reach them goes down. Use the no form of this command to disable this feature.
bgp fast-external-fallover
no bgp fast-external-falloverSyntax Description
This command has no arguments or keywords.
Default
Enabled
Command Mode
Router configuration
Example
In the following example, the automatic resetting of BGP sessions is disabled:
router bgp 109no bgp fast-external-falloverclear arp-cache
Use the clear arp-cache EXEC command to remove all dynamic entries from the ARP cache and to clear the fast-switching cache.
clear arp-cache
Syntax Description
This command has no arguments or keywords.
Command Mode
EXEC
Example
The following example removes all dynamic entries from the ARP cache and clears the fast-switching cache:
clear arp-cacheclear ip bgp
To reset a BGP connection, use the clear ip bgp EXEC command at the system prompt.
clear ip bgp {* | address}
Syntax Description
Command Mode
EXEC
Usage Guidelines
Use this command whenever any of the following changes occur:
•
•
•
•
•
Example
The following example resets all current BGP sessions:
clear ip bgp *Related Commands
clear ip bgp peer-group
To remove all of the members of a BGP peer group, use the clear ip bgp peer-group EXEC command.
clear ip bgp peer-group tag
Syntax Description
Command Mode
EXEC
Example
The following example removes all members from the BGP peer group internal:
clear ip bgp peer-group internalRelated Command
neighbor peer-group (assigning members)
clear ip dvmrp route
To delete routes from the DVMRP routing table, use the clear ip dvmrp route EXEC command.
clear ip dvmrp route {* | route}
Syntax Description
*
Clears all routes.
route
Clears the longest matched route. Can be an IP address, a network number, or an IP DNS name.
Command Mode
EXEC
Examples
The following example deletes route 10.1.1.1 from the DVMRP routing table:
clear ip dvmrp route 10.1.1.1The following example deletes network 10.0.0.0 from the DVMRP routing table:
clear ip dvmrp route 10.0.0.0clear ip eigrp neighbors
To delete entries from the neighbor table, use the clear ip eigrp neighbors EXEC command.
clear ip eigrp neighbors [ip-address | type number]
Syntax Description
ip-address
(Optional) Address of the neighbor.
type number
(Optional) Interface type and number. Specifying these arguments removes from the neighbor table all entries learned via this interface.
Command Mode
EXEC
Example
The following example removes the neighbor whose address is 172.20.8.3:
clear ip eigrp neighbors 172.20.8.3Related Command
clear ip igmp group
To delete entries from the IGMP cache, use the clear ip igmp group EXEC command.
clear ip igmp group [group-name | group-address | type number]
Syntax Description
Command Mode
EXEC
Usage Guidelines
The IGMP cache contains a list of the multicast groups of which hosts on the directly connected LAN are members. If the access server has joined a group, it is also listed in the cache.
To delete all entries from the IGMP cache, specify the clear ip igmp group command with no arguments.
Example
The following example clears entries for the multicast group 172.16.255.1 from the IGMP cache:
clear ip igmp group 172.16.255.1Related Commands
A dagger (†) indicates that the command is documented in another chapter.
ip host †
show ip igmp groups
show ip igmp interfaceclear ip mroute
To delete entries from the IP multicast routing table, use the clear ip mroute EXEC command.
clear ip mroute * | {group-name [source-address] | group-address [source-address]}
Syntax Description
Command Mode
EXEC
Examples
The following example deletes all entries from the IP multicast routing table:
clear ip mroute *The following example deletes from the IP multicast routing table all sources on the 10.3.0.0 subnet that are transmitting to the multicast group 172.22.205.42. Note that this example deletes all sources on network 10.3, not individual sources.
clear ip mroute 172.22.205.42 10.3.0.0Related Commands
A dagger (†) indicates that the command is documented in another chapter.
ip host †
show ip mrouteclear ip route
Use the clear ip route EXEC command to remove one or more routes from the IP routing table.
clear ip route {network [mask] | *}
Syntax Description
network
Network or subnet address to remove.
mask
(Optional) Network mask associated with the IP address you wish to remove.
*
Removes all entries.
Command Mode
EXEC
Example
The following example removes a route to network 172.30.0.0 from the IP routing table:
clear ip route 172.30.0.0Related Command
show ip route
clear ip sd
To delete a session directory cache entry, use the clear ip sd EXEC command.
clear ip sd [group-address | "session-name"]
Syntax Description
Command Mode
EXEC
Usage Guidelines
If neither argument is specified, the entire session directory cache is deleted.
Examples
The following example deletes the entire session directory cache:
clear ip sdThe following example deletes sessions with the group address 224.2.0.1 from the session directory cache:
clear ip sd 224.2.0.1The following example deletes the session entry called mbone audio from the session directory cache:
clear ip sd "mbone audio"Related Command
default-information allowed
To control the redistribution of routing information between IGRP or IP Enhanced IGRP processes, use the default-information allowed router configuration command. To suppress IGRP or IP Enhanced IGRP exterior or default routes when they are received by an IP Enhanced IGRP process, use the no default-information allowed in command. To suppress IGRP or IP Enhanced IGRP exterior routes in updates, use the no default-information allowed out command.
default-information allowed {in | out} [route-map map-tag]
no default-information allowed {in | out} [route-map map-tag]Syntax Description
Default
Normally, exterior routes are always accepted and default information is passed between IGRP processes when doing redistribution.
Command Mode
Router configuration
Usage Guidelines
The default network of 0.0.0.0 used by RIP cannot be redistributed by IGRP or IP Enhanced IGRP.
Example
The following example allows IGRP exterior or default routes to be received by the IGRP process in autonomous system 23:
router igrp 23default-information allowed inThe following example allows IP Enhanced IGRP exterior or default routes to be received by the IP Enhanced IGRP process in autonomous system 23:
router eigrp 23default-information allowed indefault-information originate (BGP)
Use the default-information originate router configuration command to allow the redistribution of network 0.0.0.0 into BGP. Use the no form of this command to prevent the redistribution of network 0.0.0.0 into BGP.
default-information originate
no default-information originateSyntax Description
This command has no arguments or keywords.
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
The same functionality will result from the network 0.0.0.0 command, using the network router configuration command.
Example
The following example configures BGP to redistribute network 0.0.0.0 into BGP:
router bgp 164default-information originatedefault-information originate (EGP)
Use the default-information originate router configuration command to explicitly configure EGP to generate a default route. Use the no form of this command to disable this function.
default-information originate
no default-information originateSyntax Description
This command has no arguments or keywords.
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
Because EGP can use network 0.0.0.0 as a default route, EGP must be explicitly configured to generate a default route. If the next hop for the default route can be advertised as a third party, it will be included as a third party.
Example
The following example configures EGP to generate a default route:
autonomous system 109router egp 164network 172.16.0.0network 192.168.7.0neighbor 10.2.0.2default-information originatedefault-information originate (OSPF)
Use the default-information originate router configuration command to generate a default route into an OSPF routing domain. Use the no form of this command to disable generation of a default route into the specified OSPF routing domain.
default-information originate [always] [metric metric-value] [metric-type type-value]
[route-map map-name]
no default-information originate [always] [metric metric-value] [metric-type type-value]
[route-map map-name]Syntax Description
originate
For OSPF, causes the access server to generate a default external route into an OSPF domain if the access server already has a default route and you want to propagate to other access servers.
always
(Optional) For OSPF, the default route always will be advertised whether or not the access server has a default route.
metric metric-value
(Optional) Metric used for generating the default route. If a value is not specified for this option, and no value is specified using the default-metric router configuration command, the default metric value is 10. The value used is specific to the protocol.
metric-type type-value
(Optional) For OSPF, the external link type associated with the default route advertised into the OSPF routing domain. It can be one of two values:
1—Type 1 external route
2—Type 2 external route
If a metric-type is not specified, the access server adopts a Type 2 external route.
route-map map-name
(Optional) Routing process will generate the default route if the route-map is satisfied.
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
Whenever you use the redistribute or the default-information router configuration commands to redistribute routes into an OSPF routing domain, the access server automatically becomes an Autonomous System Boundary Router. However, an Autonomous System Boundary Router does not, by default, generate a default route into the OSPF routing domain. The access server still needs to have a default route for itself before it generates one, except when you have specified the always keyword.
When you use this command for the OSPF process, the default network must reside in the routing table and you must satisfy the route-map map-name keyword. Use the default-information originate always route-map map-name form of the command when you do not want the dependency on the default network in the routing table.
Examples
The following example specifies a metric of 100 for the default route redistributed into the OSPF routing domain and an external metric type of Type 1:
router ospf 109redistribute igrp 108 metric 100 subnetsdefault-information originate metric 100 metric-type 1Related Command
default-metric
Use the default-metric router configuration command to set default metric values for the RIP, EGP, IGRP, Enhanced IGRP, and BGP routing protocols. Use the no form of this command to remove the metric value and return to the default state.
default-metric number
no default-metric numberSyntax Description
Default
Built-in, automatic metric translations, as appropriate for each routing protocol
Command Mode
Router configuration
Usage Guidelines
This command is used in conjunction with the redistribute router configuration command to cause the current routing protocol to use the same metric value for all redistributed routes. A default metric helps solve the problem of redistributing routes with incompatible metrics. Whenever metrics do not convert, using a default metric provides a reasonable substitute and enables the redistribution to proceed.
In BGP, this sets the MULTI_EXIT_DISC metric. (The name of this metric for BGP Versions 2 and 3 is INTER_AS.)
Example
The following example shows an access server in autonomous system 109 using both the RIP and the IGRP routing protocols. The example advertises IGRP-derived routes using the RIP protocol and assigns the IGRP-derived routes a RIP metric of 10.
router ripdefault-metric 10redistribute igrp 109Related Command
default-metric (BGP, EGP, OSPF, and RIP)
To set default metric values for the BGP, EGP, OSPF, and RIP routing protocols, use this form of the default-metric router configuration command. To return to the default state, use the no form of this command.
default-metric number
no default-metric numberSyntax Description
Default
Built-in, automatic metric translations, as appropriate for each routing protocol
Command Mode
Router configuration
Usage Guidelines
The default-metric command is used in conjunction with the redistribute router configuration command to cause the current routing protocol to use the same metric value for all redistributed routes. A default metric helps solve the problem of redistributing routes with incompatible metrics. Whenever metrics do not convert, using a default metric provides a reasonable substitute and enables the redistribution to proceed.
In BGP, this sets the multiple exit discriminator (MED) metric. (The name of this metric for BGP Versions 2 and 3 is INTER_AS.)
Example
The following example shows a router in autonomous system 109 using both the RIP and the OSPF routing protocols. The example advertises OSPF-derived routes using the RIP protocol and assigns the IGRP-derived routes a RIP metric of 10.
router ripdefault-metric 10redistribute ospf 109Related Command
default-metric (IGRP and Enhanced IGRP)
Use this form of the default-metric router configuration command to set metrics for IGRP. Use the no form of this command to remove the metric value and return to the default state.
default-metric bandwidth delay reliability loading mtu
no default-metric bandwidth delay reliability loading mtuSyntax Description
Default
Built-in, automatic metric translations
Command Mode
Router configuration
Usage Guidelines
IGRP metric defaults have been carefully set to work for a wide variety of networks. Take great care in changing these values.
Automatic metric translations for IGRP are only supported when redistributing from IGRP or static.
Example
The following example takes redistributed RIP metrics and translates them into IGRP metrics with values as follows: bandwidth = 1000, delay = 100, reliability = 250, loading = 100, and mtu =1500.
router igrp 109network 172.16.0.0redistribute ripdefault-metric 1000 100 250 100 1500Related Command
redistribute
distance
To define an administrative distance, use the distance router configuration command. To remove a distance definition, use the no form of this command.
distance weight [address mask [access-list-number]] [ip]
no distance weight [address mask [access-list-number]] [ip]Syntax Description
Default
Default administrative distances are shown in .
Table 19-1 Default Administrative Distances
Connected interface
0
Static route
1
External BGP
20
IGRP
100
OSPF
110
RIP
120
EGP
140
Internal BGP
200
Unknown
255
Command Mode
Router configuration
Usage Guidelines
Numerically, an administrative distance is an integer between 0 and 255. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
When the optional access list number is used with this command, it is applied when a network is being inserted into the routing table. This behavior allows filtering of networks according to the IP address of the access server supplying the routing information. This could be used, as an example, to filter out possibly incorrect routing information from access servers not under your administrative control.
The order in which you enter distance commands can affect the assigned administrative distances in unexpected ways (see "Example" for further clarification).
Weight values are also subjective; there is no quantitative method for choosing weight values.
For BGP, the distance command sets the administrative distance of the External BGP route.
Theshow ip protocols EXEC command displays the default administrative distance for a specified routing process.
Example
In the following example, the router igrp global configuration command sets up IGRP routing in autonomous system number 109. The network router configuration commands specify IGRP routing on networks 192.168.7.0 and 172.28.0.0. The first distance router configuration command sets the default administrative distance to 255, which instructs the access server to ignore all routing updates from access servers for which an explicit distance has not been set. The second distance command sets the administrative distance for all access servers on the Class C network 192.168.7.0 to 90. The third distance command sets the administrative distance for the access server with the address 172.28.1.3 to 120.
router igrp 109network 192.168.7.0network 172.28.0.0distance 255distance 90 192.168.7.0 0.0.0.255distance 120 172.28.1.3 0.0.0.0Related Command
distance bgp
distance bgp
To allow the use of external, internal, and local administrative distances that could be a better route to a node, use the distance bgp router configuration command. To return to the default values, use the no form of this command.
distance bgp external-distance internal-distance local-distance
no distance bgpSyntax Description
Default
external-distance: 20
internal-distance: 200
local-distance: 200Command Mode
Router configuration
Usage Guidelines
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual access server or a group of access servers. Numerically, an administrative distance is an integer between 0 and 255. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
Use this command if another protocol is known to be able to provide a better route to a node than was actually learned via external BGP, or if some internal routes should really be preferred by BGP.
Note
Example
In the following example, internal routes are known to be preferable to those learned through the IGP, so the administrative distance values are set accordingly:
router bgp 109network 172.16.0.0neighbor 172.29.6.6 remote-as 123neighbor 172.28.1.1 remote-as 47distance bgp 20 20 200Related Command
distance eigrp
To allow the use of internal and external administrative distances that could be a better route to a node, use the distance eigrp router configuration command. To reset these values to their defaults, use the no form of this command.
distance eigrp internal-distance external-distance
no distance eigrpSyntax Description
Default
internal-distance: 90
external-distance: 170Command Mode
Router configuration
Usage Guidelines
An administrative distance is a rating of the trustworthiness of a routing information source, such as an individual access server or a group of access servers. Numerically, an administrative distance is an integer between 0 and 255. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.
Use the distance eigrp command if another protocol is known to be able to provide a better route to a node than was actually learned via external IP Enhanced IGRP or if some internal routes should really be preferred by IP Enhanced IGRP.
lists the default administrative distances.
Table 19-2 Default Enhanced IGRP Administrative Distances
To display the default administrative distance for a specified routing process, use the show ip protocols EXEC command.
Example
In the following example, the router eigrp global configuration command sets up IP Enhanced IGRP routing in autonomous system number 109. The network router configuration commands specify IP Enhanced IGRP routing on networks 192.168.7.0 and 172.28.0.0. The first distance router configuration command sets the default administrative distance to 255, which instructs the access server to ignore all routing updates from access servers for which an explicit distance has not been set. The second distance router configuration command sets the administrative distance for all access servers on the Class C network 192.168.7.0 to 90. The third distance router configuration command sets the administrative distance for the access server with the address 172.28.1.3 to 120.
router eigrp 109network 192.168.7.0network 172.28.0.0distance 255!! use caution when executing the next two commands!!distance 90 192.168.7.0 0.0.0.255distance 120 172.28.1.3 0.0.0.0Related Command
distribute-list in
To filter networks received in updates, use the distribute-list in router configuration command. To change or cancel the filter, use the no form of this command.
distribute-list access-list-number in [type number]
no distribute-list access-list-number in [type number]Syntax Description
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
If no interface is specified, the access list will be applied to all incoming updates.
Example
The following example causes only two networks to be accepted by a RIP routing process: network 0.0.0.0 (the RIP default) and network 172.16.0.0.
access-list 1 permit 0.0.0.0access-list 1 permit 172.16.0.0access-list 1 deny 0.0.0.0 255.255.255.255router ripnetwork 172.16.0.0distribute-list 1 inRelated Commands
A dagger (†) indicates that the command is documented in another chapter.
access-list †
distribute-list out
redistributedistribute-list out
To suppress networks from being advertised in updates, use the distribute-list out router configuration command. To cancel this function, use the no form of this command.
distribute-list access-list-number out [interface-name | routing-process |
autonomous-system-number]
no distribute-list access-list-number out [interface-name | routing-process |
autonomous-system-number]Syntax Description
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
When redistributing networks, a routing process name can be specified as an optional trailing argument to the distribute-list command. This causes the access list to be applied to only those routes derived from the specified routing process. After this access list is applied, any access list specified by a distribute-list command without a process name argument will be applied. Addresses not specified in the distribute-list command will not be advertised in outgoing routing updates.
To filter networks received in updates, use the distribute-list in command.
Examples
The following example would cause only one network to be advertised by a RIP routing process: network 172.16.0.0.
access-list 1 permit 172.16.0.0access-list 1 deny 0.0.0.0 255.255.255.255router ripnetwork 172.16.0.0distribute-list 1 outRelated Commands
A dagger (†) indicates that the command is documented in another chapter.
access-list †
distribute-list in
redistributeip address
Use the ip address interface configuration command to specify the IP address on an interface. Use the no form of this command to remove the specified secondary address.
ip address address mask [secondary]
no ip address address mask [secondary]Syntax Description
Default
Disabled
Command Mode
Interface configuration
Usage Guidelines
The optional keyword secondary allows an unlimited number of secondary addresses to be specified. Secondary addresses are treated like primary addresses, except that the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and ARP requests are handled properly, as are interface routes in the IP routing table.
Secondary IP addresses can be used in many situations. The following are common applications:
•
•
•
Note
Example
The following example specifies 172.16.1.27 as the primary address and 192.168.7.17 as a secondary address for Ethernet interface 0:
interface ethernet 0ip address 172.16.1.27 255.255.255.0ip address 192.168.7.17 255.255.255.0 secondaryip as-path access-list
Use the ip as-path access-list global configuration command to define a BGP-related access list. Use the no form of this command to disable use of the access list.
ip as-path access-list access-list-number {permit | deny} as-regular-expression
no ip as-path access-list access-list-number {permit | deny} as-regular-expressionSyntax Description
Default
No access lists are defined.
Command Mode
Global configuration
Usage Guidelines
You can specify an access list filter on both inbound and outbound BGP routes. In addition, you can assign weights based on a set of filters. Each filter is an access list based on regular expressions. If the regular expression matches the representation of the autonomous system path of the route as an ASCII string, then the permit or deny condition applies. The autonomous system path does not contain the local autonomous system number. Use the ip as-path access-list global configuration command to define an BGP access list, and the neighbor router configuration command to apply a specific access list.
See the "Regular Expressions" appendix for information on forming regular expressions.
Example
The following example specifies that the BGP neighbor with IP address 172.28.1.1 is not sent advertisements about any path through or from the adjacent autonomous system 123:
ip as-path access-list 1 deny _123_ip as-path access-list 1 deny ^123 .*! The space in the above expression (^123.*) is required.router bgp 109network 172.16.0.0neighbor 172.29.6.6 remote-as 123neighbor 172.28.1.1 remote-as 47neighbor 172.28.1.1 filter-list 1 outRelated Commands
neighbor distribute-list
neighbor filter-listip community-list
To create a community list for BGP and control access to it, use the ip community-list global configuration command. To delete the community list, use the no form of this command.
ip community-list community-list-number {permit | deny} community-number
no ip community-list community-list-numberSyntax Description
community-list-number
Integer 1 through 99 that identifies one or more permit or deny groups of communities.
permit
Permits access for a matching condition.
deny
Denies access for a matching condition.
community-number
Community number configured by a set community command. Valid value is one of the following:
•
•
•
•
Default
Once you permit a value for the community number, the community list defaults to an implicit deny for everything else that has not been permitted.
Command Mode
Global configuration
Example
In the following example, the access server permits all routes except the routes with the communities 5 and 10 or 10 and 15:
ip community-list 1 deny 5 10ip community-list 1 deny 10 15ip community-list 1 permit internetRelated Command
set community
ip default-network
Use the ip default-network global configuration command to select a network as a candidate route for computing the gateway of last resort. Use the no form of this command to remove the route.
ip default-network network-number
no ip default-network network-numberSyntax Description
Default
If the access server has a directly connected interface onto the specified network, the dynamic routing protocols running on that access server will generate (or source) a default route. For RIP, this is flagged as the pseudonetwork 0.0.0.0; for IGRP, it is the network itself, flagged as an exterior route.
Command Mode
Global configuration
Usage Guidelines
The access server uses both administrative distance and metric information to determine the default route. Multiple ip default-network commands can be given. All candidate default routes, both static (that is, flagged by ip default-network) and dynamic, appear in the routing table preceded by an asterisk.
If the IP routing table indicates that the specified network number is subnetted and a non-zero subnet number is specified, then the system will automatically configure a static summary route. This static summary route is configured instead of a default network. The effect of the static summary route is to cause traffic destined for subnets that are not explicitly listed in the IP routing table to be routed using the specified subnet.
Examples
The following example defines a static route to network 10.0.0.0 as the static default route:
ip route 10.0.0.0 255.0.0.0 172.16.3.4ip default-network 10.0.0.0If the following command was issued on an access server not connected to network 172.29.0.0, the access server might choose the path to that network as a default route when the network appeared in the routing table:
ip default-network 172.29.0.0Related Command
ip dvmrp accept-filter
To configure an acceptance filter for incoming DVMRP reports, use the ip dvmrp accept-filter interface configuration command. To disable this feature, use the no form of this command.
ip dvmrp accept-filter access-list-number [distance]
no ip dvmrp accept-filter access-list-number [distance]Syntax Description
Default
All destinations are accepted with a distance of 0.
Command Mode
Interface configuration
Usage Guidelines
Any sources that match the access list are stored in the DVMRP routing table.
The distance is used to compare with the same source in the unicast routing table. The route with the lower distance (either the route in the unicast or DVMRP routing table) takes precedence when computing the Reverse Path Forwarding (RPF) interface for a source of a multicast packet.
By default, the administrative distance for DVMRP routes is 0. This means that they always take precedence over unicast routing table routes. If you have two paths to a source, one through unicast routing (using PIM as the multicast routing protocol) and another path using DVMRP (unicast and multicast routing), and if you want to use the PIM path, use the ip dvmrp accept-filter command to increase the administrative distance for DVMRP routes. For example, if the unicast routing protocol is Enhanced IGRP, which has a default administrative distance of 90, you could define and apply the following access list so the RPF interface used to accept multicast packets will be through the Enhanced IGRP/PIM path:
ip dvmrp accept-filter 1 100access-list 1 permit 0.0.0.0 255.255.255.255Example
The following example applies access list 57 to the interface and sets a distance of 4:
access-list 57 permit 172.16.0.0 0.0.255.255access-list 57 permit 192.168.37.0 0.0.0.255access-list 57 deny 0.0.0.0 255.255.255.255ip dvmrp accept-filter 57 4Related Commands
distance
ip dvmrp metric
show ip dvmrp routeip dvmrp default-information
To advertise network 0.0.0.0 to DVMRP neighbors on an interface, use the ip dvmrp default-information interface configuration command. To prevent the advertisement, use the no form of this command.
ip dvmrp default-information {originate | only}
no ip dvmrp default-information {originate | only}Syntax Description
originate
Other routes more specific than 0.0.0.0 can also be advertised.
only
No DVMRP routes other than 0.0.0.0 are advertised.
Default
Disabled
Command Mode
Interface configuration
Usage Guidelines
This command should only be used when the access server is a neighbor to mrouted version 3.6 machines. The mrouted protocol is a public domain implementation of DVMRP.
You can use the ip dvmrp metric command with the ip dvmrp default-information command to tailor the metric used when advertising the default route 0.0.0.0. By default, metric 1 is used.
Example
The following example configures the access server to advertise network 0.0.0.0, in addition to other networks, to DVMRP neighbors:
ip dvmrp default-information originateRelated Command
ip dvmrp metric
To configure the metric associated with a set of destinations for DVMRP reports, use the ip dvmrp metric interface configuration command. To disable this function, use the no form of this command.
ip dvmrp metric metric [list access-list-number] [protocol process-id] | [dvmrp]
no ip dvmrp metric metric [list access-list-number] [protocol process-id] | [dvmrp]Syntax Description
Default
No metric is preconfigured. Only directly connected subnets and networks are advertised to neighboring DVMRP access servers.
Command Mode
Interface configuration
Usage Guidelines
When PIM is configured on an interface and DVMRP neighbors are discovered, the access server sends DVMRP report messages for directly connected networks. The ip dvmrp metric command enables DVMRP report messages for multicast destinations that match the access list. Usually, the metric for these routes is 1. Under certain circumstances, it may be desirable to tailor the metric used for various unicast routes.
Use the access-list-number argument in conjunction with the protocol process-id arguments to selectively list the destinations learned from a given routing protocol.
If you do not specify this command, only directly connected subnets are advertised via DVMRP.
To display DVMRP activity, use the debug ip dvmrp command.
Example
The following example connects a PIM cloud to a DVMRP cloud. Access list 1 permits the sending of DVMRP reports to the DVMRP access servers advertising all sources in the 192.168.35.0 network with a metric of 1. Access list 2 permits all other destinations, but the metric of 0 means that no DVMRP reports are sent for these destinations.
access-list 1 permit 192.168.35.0 0.0.0.255access-list 1 deny 0.0.0.0 255.255.255.255access-list 2 permit 0.0.0.0 255.255.255.255interface tunnel 0ip dvmrp metric 1 list 1ip dvmrp metric 0 list 2Related Commands
A dagger (†) indicates that the command is documented in the Debug Command Reference publication.
debug ip dvmrp †
ip dvmrp accept-filterip gdp
Use the ip gdp interface configuration command to enable GDP routing on an interface. Use the no form of this command to disable GDP routing, with all default parameters.
ip gdp [priority number | reporttime seconds | holdtime seconds]
no ip gdpSyntax Description
Default
priority = 100
reporttime = 5 seconds for broadcast media; 0 for nonbroadcast media
holdtime = 15 secondsCommand Mode
Interface configuration
Usage Guidelines
When enabled on an interface, GDP updates report the primary and secondary IP addresses of that interface.
Example
In the following example, GDP is enabled on Ethernet interface 1 with a report time of 10 seconds, and priority and hold time set to their defaults (because none are specified):
interface ethernet 1ip gdp reporttime 10ip hello-interval eigrp
To configure the hello interval for the IP Enhanced IGRP routing process designated by an autonomous system number, use the ip hello-interval eigrp interface configuration command. To restore the default value, use the no form of this command.
ip hello-interval eigrp autonomous-system-number seconds
no ip hello-interval eigrp autonomous-system-number secondsSyntax Description
Default
For slow-speed, NBMA networks: 60 seconds
For all other networks: 5 seconds
Command Mode
Interface configuration
Usage Guidelines
The default of 60 seconds applies only to nonbroadcast, multiaccess (NBMA) media. Low speed is considered to be a rate of T1 or slower, as specified with the bandwidth interface configuration command. Note that for the purposes of Enhanced IGRP, Frame Relay and SMDS networks may or may not be considered to be NBMA. These networks are considered NBMA if the interface has not been configured to use physical multicasting; otherwise they are considered not to be NBMA.
Example
The following example sets the hello interval for Ethernet interface 0 to 10 seconds:
interface ethernet 0ip hello-interval eigrp 109 10Related Command
ip hold-time eigrp
To configure the hold time for a particular Enhanced IGRP routing process designated by the autonomous system number, use the ip hold-time eigrp interface configuration command. To restore the default value, use the no form of this command.
ip hold-time eigrp autonomous-system-number seconds
no ip hold-time eigrp autonomous-system-number secondsSyntax Description
Default
For slow-speed, NBMA networks: 180 seconds
For all other networks: 15 seconds
Command Mode
Interface configuration
Usage Guidelines
On very congested and large networks, the default hold time might not be sufficient time for all routers to receive hello packets from their neighbors. In this case, you may want to increase the hold time.
The hold time is three times the hello interval. If the current value for the hold time is less than two times the hello interval, the hold time is reset.
If an access server does not receive a hello packet within the specified hold time, routes through the access server are considered available.
Increasing the hold time delays route convergence across the network.
The default of 180 seconds applies only to low speed, nonbroadcase, multiaccess (NBMA) media. Low speed is considered to be a rate of T1 or slower, as specified with the bandwidth interface configuration command.
Example
The following example sets the hold time for Ethernet interface 0 to 40 seconds:
interface ethernet 0ip hold-time eigrp 109 40Related Command
ip igmp access-group
To control the multicast groups that hosts on the subnet serviced on an interface can join, use the ip igmp access-group interface configuration command. To disable groups on an interface, use the no form of this command.
ip igmp access-group access-list-number
no ip igmp access-group access-list-numberSyntax Description
Default
All groups are allowed on an interface.
Command Mode
Interface configuration
Example
In the following example, host services by Ethernet interface 0 can join the group 172.25.2.2 only:
access-list 1 172.25.2.2 0.0.0.0interface ethernet 0ip igmp access-group 1Related Command
ip igmp join-group
To have the access server join a multicast group, use the ip igmp join-group interface configuration command. To cancel membership in a multicast group, use the no form of this command.
ip igmp join-group group-address
no ip igmp join-group group-addressSyntax Description
group-address
Address of the multicast group. This is a multicast IP address in four-part dotted notation.
Default
No multicast group memberships are predefined.
Command Mode
Interface configuration
Usage Guidelines
IP packets that are addressed to the group address are passed to the IP client process in the access server.
If all the multicast-capable access servers that you administer are members of a multicast group, pinging that group causes all access servers to respond. This can be a useful administrative and debugging tool.
Another reason to have an access server join a multicast group is when other hosts on the network have a bug in IGRP that prevents them from correctly answering IGMP queries. Having the access server join the multicast group causes upstream access servers to maintain multicast routing table information for that group and keeps the paths for that group active.
Example
In the following example, the access server joins multicast group 172.25.2.2:
ip igmp join-group 172.25.2.2Related Commands
A dagger (†) indicates that the command is documented in another chapter.
ip igmp access-group
ping †ip igmp query-interval
To configure the frequency at which the access server sends IGMP host-query messages, use the ip igmp query-interval interface configuration command. To return to the default frequency, use the no form of this command.
ip igmp query-interval seconds
no ip igmp query-intervalSyntax Description
seconds
Frequency, in seconds, at which to transmit IGMP host-query messages. The can be a value from 0 to 65535. The default is 60 seconds.
Default
60 seconds
Command Mode
Interface configuration
Usage Guidelines
Multicast access servers send host membership query messages (referred to as host-query messages) to discover which multicast groups have members on the access server's attached networks. Hosts respond with IGMP report messages indicating that they wish to receive multicast packets for specific groups (that is, indicating that the host wants to become a member of the group). Host-query messages are addresses to the all-hosts multicast group, which has the address 172.24.0.1, and have an IP TTL value of 1.
The designated router for a LAN is the only access server that sends IGMP host-query messages. The designated router is elected according to the multicast routing protocol that runs on the LAN.
Note
Example
The following example changes the frequency at which the designated router sends IGMP host-query messages to 2 minutes:
interface tunnel 0ip igmp query-interval 120Related Commands
ip pim query-interval
show ip igmp groupsip irdp
Use the ip irdp interface configuration command to enable ICMP Router Discovery Protocol (IRDP) processing on an interface. Use the no form of this command to disable IRDP routing on the specified interface.
ip irdp [multicast | holdtime seconds | maxadvertinterval seconds | minadvertinterval
seconds | preference number | address address [number]]
no ip irdpSyntax Description
Default
Disabled
When enabled, IRDP uses these defaults:
•
•
•
•
Command Mode
Interface configuration
Usage Guidelines
If you change maxadvertinterval, the other two values also change, so it is important to change maxadvertinterval first before changing either holdtime or minadvertinterval.
The ip irdp multicast command allows for compatibility with Sun Microsystems Solaris, which requires IRDP packets to be sent out as multicasts. Many implementations cannot receive these multicasts; ensure end host ability before using this command.
Example
The following example illustrates how to set the various IRDP processes:
! enable irdp on interface Ethernet 0interface ethernet 0 ip irdp ! send IRDP advertisements to the multicast addressip irdp multicast ! increase access server preference from 100 to 50ip irdp preference 50 ! set maximum time between advertisements to 400 secsip irdp maxadvertinterval 400 ! set minimum time between advertisements to 100 secsip irdp minadvertinterval 100 ! advertisements are good for 6000 secondsip irdp holdtime 6000 ! proxy-advertise 172.16.14.5 with default access server preferenceip irdp address 172.16.14.5 ! 0 proxy-advertise 172.16.14.6 with preference of 50ip irdp address 172.16.14.6 50ip local policy route-map
To identify a route map to use for local policy routing, use the ip local policy route-map global configuration command. To disable local policy routing, use the no form of this command.
ip local policy route-map map-tag
no ip local policy route-map map-tagSyntax Description
map-tag
Name of the route map to use for local policy routing. The name must match a map-tag specified by a route-map command.
Default
Packets that are generated by the router are not policy routed.
Command Mode
Global configuration
Usage Guidelines
Packets that are generated by the router are not normally policy routed. However, you can use this command to policy route such packets. You might enable local policy routing if you want packets originated at the router to take a route other than the obvious shortest path.
The ip local policy route-map command identifies a route map to use for local policy routing. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which packets should be policy routed. The set commands specify the set actions—the particular policy routing actions to perform if the criteria enforced by the match commands are met. The no ip local policy route-map command deletes the reference to the route map and disables local policy routing.
Example
In the following example, packets with a destination IP address matching that allowed by extended access list 131 are sent to the router at IP address 174.21.3.20:
ip local policy route-map xxx!route-map xxxmatch ip address 131set ip next-hop 174.21.3.20Related Commands
match ip address
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hop
show ip local policyip mroute
To configure a multicast static route (mroute), use the ip mroute global configuration command. To remove the route, use the no form of this command.
ip mroute source mask [protocol as-number] {rpf-address | type number} [distance]
no ip mroute source mask [protocol as-number] {rpf-address | type number} [distance]Syntax Description
Default
distance: 0
Command Mode
Global configuration
Usage Guidelines
This command allows you to statically configure where multicast sources are located (even though the unicast routing table says something different).
When a source range is specified, the rpf-address applies only to those sources.
Examples
The following example configures all sources via a single interface (in this case, a tunnel):
ip mroute 0.0.0.0 255.255.255.255 tunnel0The following example configures all specific sources within a network number are reachable through 171.68.10.13:
ip mroute 171.69.0.0 255.255.0.0 171.68.10.13The following example causes this multicast static route to take effect if the unicast routes for any given destination go away:
ip mroute 0.0.0.0 255.255.255.255 serial0 200ip mroute-cache
To configure IP multicast fast switching, use the ip mroute-cache interface configuration command. To disable IP multicast fast switching, use the no form of this command.
ip mroute-cache
no ip mroute-cacheSyntax Description
This command has no arguments or keywords.
Default
Enabled
Command Mode
Interface configuration
Usage Guidelines
If fast switching is disabled on an incoming interface for a multicast routing table entry, the packet will be sent at process level for all interfaces in the outgoing interface list.
If fast switching is disabled on an outgoing interface for a multicast routing table entry, the packet is process level switched for that interface, but might be fast-switched for other interfaces in the outgoing interface list.
When fast switching is enabled (like unicast routing), debug messages are not logged. If you want to log debug messages, disable fast switching.
Example
The following example disables IP multicast fast switching on the interface:
no ip mroute-cacheip multicast rate-limit
To control the rate a sender from the source-list can send to a multicast group in the group-list, use the ip multicast rate-limit interface configuration command. To remove the control, use the no form of this command.
ip multicast rate-limit {in | out} [group-list access-list] [source-list access-list] kbps
no multicast rate-limit {in | out} [group-list access-list] [source-list access-list] kbpsSyntax Description
Default
kbps = 0, meaning that there is no limit on the rate traffic is sent.
Command Mode
Interface configuration
Usage Guidelines
If a router receives a packet and in the last second the user has sent over the limit, the packet is dropped; otherwise, it is forwarded.
Example
In the following example, packets to any group from sources in network 171.69.0.0 will have their packets rate-limited to 64 kilobits per second:
interface serial 0ip multicast rate-limit out group-list 1 source-list 2 64access-list 1 permit 0.0.0.0 255.255.255.255access-list 2 permit 171.69.0.0 0.0.255.255ip multicast-routing
To enable IP multicast routing on the access server, use the ip multicast-routing global configuration command. To disable IP multicast routing, use the no form of this command.
ip multicast-routing
no ip multicast-routingSyntax Description
This command has no keywords or arguments.
Default
IP multicast routing is disabled.
Command Mode
Global configuration
Usage Guidelines
When IP multicast routing is disabled, the access server does not forward any multicast packets.
Example
The following example enables IP multicast routing on the access server:
ip multicast-routingRelated Command
ip multicast ttl-threshold
To configure the time-to-live (TTL) threshold of packets being forwarded out an interface, use the ip multicast ttl-threshold interface configuration command. To return to the default TTL threshold, use the no form of this command.
ip multicast ttl-threshold ttl
no ip multicast ttl-threshold [ttl]Syntax Description
ttl
Time-to-live value, in hops. It can be a value from 0 to 255. The default value is 0, which means that all multicast packets are forwarded out the interface.
Default
0, which means that all multicast packets are forwarded on the interface.
Command Mode
Interface configuration
Usage Guidelines
Any multicast packets with a TTL value less than the threshold are not forwarded out the interface.
You should configure the TTL threshold only on border routers. Conversely, access servers on which you configure a TTL threshold value automatically become border routers.
This command replaces the ip multicast-threshold command, which is obsolete.
Example
In the following example, you set the TTL threshold on a border router to 200, which is a very high value. This means that multicast packets must have a TTL greater than 200 in order to be forwarded out this interface. Multicast applications generally set this value well below 200. Therefore, setting a value of 200 means that no packets will be forwarded out the interface.
interface tunnel 0ip multicast ttl-threshold 200ip ospf authentication-key
Use the ip ospf authentication-key interface configuration command to assign a password to be used by neighboring access servers that are using OSPF's simple password authentication. Use the no form of this command to remove any previously assigned OSPF password.
ip ospf authentication-key password
no ip ospf authentication-keySyntax Description
password
Any continuous string of characters that can be entered from the keyboard up to 8 bytes in length.
Default
No password is specified.
Command Mode
Interface configuration
Usage Guidelines
The password created by this command is used as a "key" that is inserted directly into the OSPF header when the access server originates routing protocol packets. A separate password can be assigned to each network on a per-interface basis. All neighboring access servers on the same network must have the same password to be able to exchange OSPF information.
Note
Example
In the following example, the authentication key is enabled with the string yourpass:
ip ospf authentication-key yourpassRelated Command
ip ospf cost
To explicitly specify the cost of sending a packet on an interface, use the ip ospf cost interface configuration command. To reset the path cost to the default value, use the no form of this command.
ip ospf cost cost
no ip costSyntax Description
cost
Unsigned integer value expressed as the link state metric. It can be a value in the range 1 to 65535.
Default
No default cost is predefined.
Command Mode
Interface configuration
Usage Guidelines
Unlike IGRP, you must set this metric manually using this command, if you need to change the default. Changing the bandwidth does not change the link cost.
The link state metric is advertised as the link cost in the access server's router link advertisement. We do not support Type of Service (TOS), so you can assign only one cost per interface.
In general, the path cost is calculated as follows:
108
³BandwidthUsing the above formula, the default path costs were calculated as noted in the following list. If these values do not suit your network, you can use your own method of calculating path costs.
•
•
•
•
•
•
•
•
Example
The following example sets the interface cost value to 65:
ip ospf cost 65ip ospf dead-interval
Use the ip ospf dead-interval interface configuration command to set the number of seconds that an access server's Hello packets must not have been seen before its neighbors declare the access server down. Use the no form of this command to reset the length of time to the default value.
ip ospf dead-interval seconds
no ip ospf dead-intervalSyntax Description
seconds
Unsigned integer that specifies the interval in seconds; the value must be the same for all nodes on the network.
Default
Four times the interval set for the ip ospf hello-interval command
Command Mode
Interface configuration
Usage Guidelines
The interval is advertised in the access server's Hello packets. This value must be the same for all access servers on a specific network.
Example
The following example sets the OSPF dead interval to 60 seconds:
interface ethernet 1 ip ospf dead-interval 60Related Command
ip ospf hello-interval
Use the ip ospf hello-interval interface configuration command to specify the interval between Hello packets that the access server sends on the interface. Use the no form of this command to reset the interval to the default value.
ip ospf hello-interval seconds
no ip ospf hello-intervalSyntax Description
seconds
Unsigned integer that specifies the interval in seconds. The value must be the same for all nodes on a specific network.
Default
10 seconds
Command Mode
Interface configuration
Usage Guidelines
This value is advertised in the access server's Hello packets. The smaller the Hello interval, the faster topological changes will be detected, but more routing traffic will ensue. This value must be the same for all access servers on a specific network.
Example
The following example sets the interval between Hello packets to 15 seconds:
interface ethernet 1ip ospf hello-interval 15Related Command
ip ospf message-digest-key
To enable OSPF MD5 authentication, use the ip ospf message-digest-key interface configuration command. To remove an old MD5 key, use the no form of this command.
ip ospf message-digest-key keyid md5 key
no ip ospf message-digest-key keyidSyntax Description
Default
OSPF MD5 authentication is disabled.
Command Mode
Interface configuration
Usage Guidelines
Usually there is one key per interface, which is used to generate authentication information when sending packets and to authenticate incoming packets. The same key identifier on the neighbor router must have the same key value.
The process of changing keys is as follows. Suppose the current configuration is as follows:
interface ethernet 1ip ospf message-digest-key 100 md5 OLDYou change the configuration to the following:
interface ethernet 1ip ospf message-digest-key 101 md5 NEWThe system assumes its neighbors do not have the new key yet, so it begins a rollover process. It sends multiple copies of the same packet, each authenticated by different keys. In this example, the system sends out two copies of the same packet—the first one authenticated by key 100 and the second one authenticated by key 101.
Rollover allows neighboring routers to continue communication while the network administrator is updating them with the new key. Rollover stops once the local system finds that all its neighbors know the new key. The system detects that a neighbor has the new key when it receives packets from the neighbor authenticated by the new key.
After all neighbors have been updated with the new key, the old key should be removed. In this example, you would enter the following:
interface ethernet 1no ip ospf message-digest-key 100Then, only key 101 is used for authentication on Ethernet interface 1.
We recommend that you not keep more than one key per interface. Every time you add a new key, you should remove the old key to prevent the local system from continuing to communicate with a hostile system that knows the old key. Removing the old key also reduces overhead during rollover.
Example
The following example sets a new key 19 with the password 8ry4222:
interface ethernet 1ip ospf message-digest-key 10 md5 xvv560qleip ospf message-digest-key 19 md5 8ry4222Related Command
area authentication
ip ospf network
Use the ip ospf network interface configuration command to configure the OSPF network type to a type other than the default for a given media. Use the no form of this command to restore the default.
ip ospf network {broadcast | non-broadcast}
no ip ospf networkSyntax Description
Default
Depends on the network type
Command Mode
Interface configuration
Usage Guidelines
Using this feature, you can configure broadcast networks as nonbroadcast multiaccess networks when, for example, you have access servers in your network that do not support multicast addressing. You can also configure nonbroadcast multiaccess networks, such as X.25, Frame Relay, and SMDS, as broadcast networks. This feature saves you from having to configure neighbors.
If this command is issued on an interface that does not allow it, it will be ignored.
Example
The following example sets your OSPF network as a broadcast network:
interface serial 0 ip address 192.168.77.17 255.255.255.0ip ospf network broadcastencapsulation frame-relayRelated Commands
A dagger (†) indicates that the command is documented in another chapter.
frame-relay map †
neighbor (OSPF)
x25-map †ip ospf priority
Use the ip ospf priority interface configuration command to set the access server's priority, which helps determine the designated access server for this network. Use the no form of this command to reset the access server priority to the default value.
ip ospf priority number
no ip ospf prioritySyntax Description
Default
Priority of 1
Command Mode
Interface configuration
Usage Guidelines
When two access servers attached to a network both attempt to become the designated access server; the one with the higher priority takes precedence. If there is a tie, the access server with the higher ID takes precedence. A access server with a priority set to zero is ineligible to become the designated access server or backup designated access server. Access server priority is only configured for interfaces to multiaccess networks (in other words, not point-to-point networks).
This priority value is used when you configure OSPF for nonbroadcast networks using the neighbor router configuration command for OSPF.
Example
The following example sets the access server priority value to 4:
interface ethernet 0 ip ospf priority 4Related Commands
ip ospf network
neighbor (OSPF)ip ospf retransmit-interval
To specify the number of seconds between link state advertisement retransmissions for adjacencies belonging to the interface, use the ip ospf retransmit-interval interface configuration command. Use the no form of this command to reset the link state advertisement retransmission interval to the default value.
ip ospf retransmit-interval seconds
no ip ospf retransmit-intervalSyntax Description
Default
5 seconds
Command Mode
Interface configuration
Usage Guidelines
When an access server sends a link state advertisement (LSA) to its neighbor, it keeps the LSA until it receives back the acknowledgment. If it receives no acknowledgment in seconds, it will retransmit the LSA.
The setting of this parameter should be conservative, or needless retransmission will result. The value should be larger for serial lines and virtual links.
Example
The following example sets the retransmit-interval value to 8 seconds:
interface ethernet 2 ip ospf retransmit-interval 8ip ospf transmit-delay
Use the ip ospf transmit-delay interface configuration command to set the estimated number of seconds it takes to transmit a link state update packet on the interface. Use the no form of this command to reset the estimated transmission time to the default value.
ip ospf transmit-delay seconds
no ip ospf transmit-delaySyntax Description
seconds
Integer that specifies the number of seconds it takes to transmit a link state update. The range is 1 to 65535 seconds.
Default
1 second
Command Mode
Interface configuration
Usage Guidelines
Link state advertisements in the update packet must have their age incremented by the amount specified in the seconds argument before transmission. The value assigned should take into account the transmission and propagation delays for the interface.
If the delay is not added before transmission over a link, the time in which the LSA propagates over the link is not considered. This setting has more significance on very low speed links.
Example
The following example sets the retransmit-delay value to 3 seconds:
interface ethernet 0 ip ospf transmit-delay 3ip ospf-name-lookup
Use the ip ospf-name-lookup global configuration command to configure OSPF to look up Domain Name System (DNS) names for use in all OSPF show EXEC command displays. Use the no form of this command to disable the feature.
ip ospf-name-lookup
no ip ospf-name-lookupSyntax Description
This command has no arguments or keywords.
Default
Disabled
Command Mode
Global configuration
Usage Guidelines
This feature makes it easier to identify an access server because it is displayed by name rather than by its access server ID or neighbor ID.
Example
The following example configures OSPF to look up DNS names for use in all OSPF show EXEC command displays:
ip ospf-name-lookupSample Display
The following is sample output of the show ip ospf database EXEC command, for example, once you have enabled the DNS name lookup feature.
Router# show ip ospf databaseOSPF Router with id (192.168.41.1) (Autonomous system 109)Router Link States (Area 0.0.0.0)Link ID ADV Router Age Seq# Checksum Link count192.168.41.1 cs 381 0x80000003 0x93BB 4192.168.34.2 neon 380 0x80000003 0xD5C8 2Net Link States (Area 0.0.0.0)Link ID ADV Router Age Seq# Checksum192.168.32.1 cs 381 0x80000001 0xC117ip pim
To enable PIM on an interface, use the ip pim interface configuration command. To disable PIM on the interface, use the no form of this command.
ip pim [dense-mode | sparse-mode]
no ip pim [dense-mode | sparse-mode]Syntax Description
dense-mode
(Optional) Enables dense mode of operation.
sparse-mode
(Optional) Enables sparse mode of operation.
Default
IP multicast routing is disabled on all interfaces.
There is no default mode setting.
Command Mode
Interface configuration
Usage Guidelines
Enabling PIM on an interface also enables IGMP operation on that interface. An interface can be configured to be in dense mode or sparse mode. The mode describes how the access server populates its multicast routing table and how the access server forwards multicast packets it receives from its directly connected LANs. In populating the multicast routing table, dense-mode interfaces are always added to the table. Sparse-mode interfaces are added to the table only when periodic join messages are received from downstream access servers or there is a directly connected member on the interface.
Initially, a dense-mode interface forwards multicast packets until the access server determines that there are group members or downstream access servers, or until a prune message is received from a downstream access server. Then, the dense-mode interface will periodically forward multicast packets out the interface until the same conditions occur. Dense mode assumes that there are multicast group members present. Dense-mode access servers never send a join message. They do send prune messages as soon as they determine they have no members or downstream PIM access servers.
A sparse-mode interface is used only for multicast forwarding if a join message is received from a downstream access server or if there are group members directly connected to the interface. Sparse mode assumes that there are no other multicast group members present. When sparse-mode access servers want to join the shared path, they periodically send join messages toward the RP. When sparse-mode access servers want to join the source path, they periodically send join messages toward the source; they also send periodic prune messages toward to RP to prune the shared path.
Examples
The following command enables sparse-mode PIM on tunnel interface 0 and sets the address of the RP access server to 192.168.0.8:
interface tunnel 0ip pim sparse-modeip pim rp-address 192.168.0.8The following commands enable dense-mode PIM multicast routing on Ethernet interface 1:
interface ethernet 1ip pim dense-modeRelated Commands
ip multicast-routing
ip pim rp-address
show ip igmp interfaceip pim message-interval
To configure the frequency at which a sparse-mode PIM access server sends periodic sparse-mode
join/prune PIM messages, use the ip pim message-interval global configuration command. To return to the default interval, use the no form of this command.ip pim message-interval seconds
no ip pim message-interval [seconds]Syntax Description
seconds
Interval, in seconds, at which periodic sparse-mode join and prune PIM messages are sent. It can be a number from 1 to 65535. The default is 60 seconds.
Default
60 seconds
Command Mode
Global configuration
Usage Guidelines
The join-and-prune message interval should be the same for all access servers in the internetwork.
A access server is pruned from a group if a join message is not heard from it in three times the message interval specified by the seconds argument. By default, this is 3 minutes.
Note
Example
The following example changes the PIM message interval to 90 seconds:
ip pim message-interval 90Related Commands
ip igmp query-interval
ip pim query-intervalip pim nbma-mode
To configure a multiaccess WAN interface to be in nonbroadcast, multiaccess mode, use the ip pim nbma-mode interface configuration command. To disable this feature, use the no form of this command.
ip pim nbma-mode
no pim nbma-modeSyntax Description
This command has no arguments or keywords.
Default
Disabled
Command Mode
Interface configuration
Usage Guidelines
Use this command on Frame Relay, SMDS, or ATM only, especially when these media do not have native multicast available. Do not use this command on multicast-capable LANs such as Ethernet or FDDI.
When this command is configured, each PIM Join message is kept track of in the outgoing interface list of a multicast routing table entry. Therefore, only PIM WAN neighbors that have joined for the group will get packets sent as data link unicasts. This command should only be used when ip pim sparse-mode is configured on the interface. This command is not recommended for LANs that have natural multicast capabilities.
Example
The following example configures an interface to be in nonbroadcast, multiaccess mode:
ip pim nbma-modeRelated Command
ip pim sparse-mode
ip pim query-interval
To configure the frequency of PIM router-query messages, use the ip pim query-interval interface configuration command. To return to the default interval, use the no form of this command.
ip pim query-interval seconds
no ip pim query-interval [seconds]Syntax Description
seconds
Interval, in seconds, at which periodic PIM router-query messages are sent. It can be a number from 1 to 65535. The default is 30 seconds.
Default
30 seconds
Command Mode
Interface configuration
Usage Guidelines
Routers that are configured for IP multicast send PIM router-query messages to determine which access server will be the designated router for each LAN segment (subnet). The designated router is responsible for sending IGMP host-query messages to all hosts on the directly connected LAN. When operating in sparse mode, the designated router is responsible for sending source registration messages to the RP. The designated router is the access server with the largest IP address.
Example
The following example changes the PIM router-query message interval to 45 seconds:
interface tunnel 0ip pim query-interval 45Related Command
ip igmp query-interval
ip pim message-intervalip pim rp-address
To configure the address of a PIM rendezvous point (RP) for a particular group, use the ip pim rp-address global configuration command. To remove an RP address, use the no form of this command.
ip pim rp-address ip-address [access-list-number]
no ip pim rp-address ip-address [access-list-number]Syntax Description
Default
No PIM RPs are preconfigured.
Command Mode
Global configuration
Usage Guidelines
You must configure the IP address of RPs in leaf routers only. Leaf routers are those access servers that are directly connected either to a multicast group member or to a sender of multicast messages.
The RP address is used by first-hop access servers to send register packets on behalf of source multicast hosts to the RP. This address is also used by access servers on behalf of multicast hosts that want to become members of a group to send join messages towards the RP. The RP must be a PIM access server; however, it does not require any special configuration to recognize that it is the RP. Also, RPs are not members of the multicast group; rather, they serve as a "meeting place" for multicast sources and group members.
Choosing the access server that will be an RP requires prior coordination between the people who want to be members of the multicast group. You should examine the length of the paths between members and sources. Remember that most multicast members will eventually want to join to the source tree that is the shortest route between the source and the group member.
You can configure an access server to use a single RP for more than one group. The conditions specified by the access list determine which groups the RP can be used for. If no access list is configured, the RP is used for all groups.
A PIM access server can use multiple RPs.
First-hop access servers for multicast sources send register packets to all configured RPs. First-hop access servers for multicast group members send join packets to one RP at a time. Once this access server begins receiving multicast packets for the group, it will have joined one RP tree. Because the access server does not want to receive multiple copies of the same packet, it joins only one RP tree.
Examples
The following example sets the PIM RP address to 192.168.37.33 for all multicast groups:
ip pim rp-address 192.168.37.33The following example sets the PIM RP address to 192.168.6.22 for the multicast group 172.25.2.2 only:
access list 1 172.25.2.2 0.0.0.0pi pim rp-address 192.168.6.22 1ip policy route-map
To identify a route map to use for policy routing on an interface, use the ip policy route-map interface configuration command. To disable policy routing on the interface, use the no form of this command.
ip policy route-map map-tag
no ip policy route-map map-tagSyntax Description
map-tag
Name of the route map to use for policy routing. Must match a map-tag specified by a route-map command.
Default
No policy routing occurs on the interface.
Command Mode
Interface configuration
Usage Guidelines
You might enable policy routing if you want your packets to take a route other than the obvious shortest path.
The ip policy route-map command identifies a route map to use for policy routing. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which policy routing is allowed for the interface. The set commands specify the set actions—the particular policy routing actions to perform if the criteria enforced by the match commands are met. The no ip policy route-map command deletes the pointer to the route map.
Example
In the following example, packets with the destination IP address of 174.95.16.18 are sent to the router at IP address 174.21.3.20:
interface serial 0ip policy route-map wethersfield!route-map wethersfieldmatch ip address 174.95.16.18set ip next-hop 174.21.3.20Related Commands
match ip address
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hopip route
Use the ip route global configuration command to establish static routes. Use the no form of this command to remove the static routes.
ip route network [mask] {address | interface} [distance]
no ip routeSyntax Description
Default
No static routes are established.
Command Mode
Global configuration
Usage Guidelines
A static route is appropriate when the access server cannot dynamically build a route to the destination.
If you specify an administrative distance, you are flagging a static route that can be overridden by dynamic information. For example, IGRP-derived routes have a default administrative distance of 100. To have a static route that would be overridden by an IGRP dynamic route, specify an administrative distance greater than 100. Static routes have a default administrative distance of 1.
Static routes that point to an interface will be advertised via RIP, IGRP, and other dynamic routing protocols, regardless of whether redistribute static commands were specified for those routing protocols. This is because static routes that point to an interface are considered in the routing table to be connected and hence lose their static nature. However, if you define a static route to an interface that is not one of the networks defined in a network command, no dynamic routing protocols will advertise the route unless a redistribute static command is specified for these protocols.
Examples
In the following example, an administrative distance of 110 was chosen. In this case, packets for network 10.0.0.0 will be routed through to the access server at 172.16.3.4 if dynamic information with administrative distance less than 110 is not available.
ip route 10.0.0.0 255.0.0.0 172.16.3.4 110In the following example, packets for network 172.16.0.0 will be routed to the access server at 172.16.6.6:
ip route 172.16.0.0 255.255.0.0 172.16.6.6ip sd listen
To enable the router to listen to session directory advertisements, use the ip sd listen interface configuration command. To disable this feature, use the no form of this command.
ip sd listen
no ip sd listenSyntax Description
This command has no arguments or keywords.
Default
Disabled
Command Mode
Interface configuration
Usage Guidelines
Session Directory Protocol is a multicast application for creating desktop conferencing sessions. It creates group addresses and allows the user to specify the scope of the group and whether audio, video, or whiteboard applications will be invoked when others open the session.
The ip sd listen command merely enables the router to listen to session directory advertisements. The router joins the default session directory group (group 224.2.127.255) on the interface. Use this command to get contact information.
Example
The following example enables the router to listen to session directory advertisements:
ip sd listenRelated Commands
ip split-horizon
Use the ip split-horizon interface configuration command to enable the split-horizon mechanism. Use the no form of this command to turn off the split-horizon mechanism.
ip split-horizon
no ip split-horizonSyntax Description
This command has no arguments or keywords.
Default
Varies with media
Command Mode
Interface configuration
Usage Guidelines
For all interfaces, except those for which either Frame Relay or SMDS encapsulation is enabled, the default condition for this command is ip split-horizon; in other words, the split horizon feature is active. If the interface configuration includes either the encapsulation frame-relay or encapsulation smds interface configuration commands, then the default is for split horizon to be disabled by default. Split horizon is not disabled by default for interfaces using any of the X.25 encapsulations.
Note
If split horizon has been disabled on an interface and you wish to enable it, use the ip split-horizon command to restore the split horizon mechanism.
Note
Example
The following example illustrates a simple example of disabling split horizon on a serial link. In this example, the serial link is connected to an X.25 network:
interface serial 0encapsulation x25no ip split-horizonip split-horizon eigrp
To enable IP Enhanced IGRP split horizon, use the ip split-horizon eigrp interface configuration command. To disable split horizon, use the no form of this command.
ip split-horizon eigrp autonomous-system-number
no ip split-horizon eigrp autonomous-system-numberSyntax Description
Default
Enabled
Command Mode
Interface configuration
Usage Guidelines
For networks that include links over X.25 PSNs, you can use the neighbor router configuration command to defeat the split horizon feature. As an alternative, you can explicitly specify the no ip split-horizon eigrp command in your configuration. However, if you do so, you must similarly disable split horizon for all access servers in any relevant multicast groups on that network.
Do not change the default state of split horizon unless you are certain that your application requires the change to properly advertise routes. Remember that if split horizon is disabled on a serial interface and that interface is attached to a packet-switched network, you must disable split horizon for all access servers in any relevant multicast groups on that network.
Example
The following example disables split horizon on a serial link connected to an X.25 network:
interface serial 0encapsulation x25no ip split-horizon eigrpRelated Commands
ip split-horizon
neighborip summary-address eigrp
To configure a summary aggregate address for a specified interface, use the ip summary-address eigrp interface configuration command. To disable a configuration, use the no form of this command.
ip summary-address eigrp autonomous-system-number address mask
no ip summary-address eigrp autonomous-system-number address maskSyntax Description
autonomous-system-number
A decimal number between 1 and 65535.
address
IP summary aggregate address to apply to an interface.
mask
Subnet mask.
Default
No summary aggregate addresses are predefined.
Command Mode
Interface configuration
Usage Guidelines
IP Enhanced IGRP summary routes are given an administrative distance value of 5. You cannot configure this value.
Example
The following example sets the IP summary aggregate address for Ethernet interface 0:
interface ethernet 0ip summary-address eigrp 109 192.168.0.0 255.255.0.0Related Command
match as-path
Use the match as-path route-map configuration command to match a BGP autonomous system path access list. Use the no form of this command to remove the path list entry.
match as-path path-list-number
no match as-path path-list-numberSyntax Description
Default
No path lists are defined.
Command Mode
Route-map configuration
Usage Guidelines
The values set by the match and set commands override global values. For example, the weights assigned with the match as-path and set weight route-map commands override the weights assigned using the neighbor weight and neighbor filter-list commands.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want o modify only some data, you must configure second route-map section with an explicit match specified.
The implemented weight is based on the first matched autonomous system path.
Example
In the following example, the autonomous system path is set to match BGP autonomous system path access list 20:
route-map igp2bgpmatch as-path 20Related Commands
match community-list
To match a BGP community, use the match community-list route-map configuration command. To remove the community list entry, use the no form of this command.
match community-list community-list-number [exact]
no match community-list community-list-number [exact]Syntax Description
community-list-number
Community list number in the range from 1 through 99.
exact
(Optional) Indicates an exact match is required.
Default
No community list is defined.
Command Mode
Route-map configuration
Usage Guidelines
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.
Matching based on community list is one of the types of match clauses applicable to BGP.
Examples
In the following example, the routes that match community list 1 will have the weight set to 100. Any route that has community 109 will have the weight set to 100.
ip community-list 1 permit 109!route-map set_weightmatch community-list 1set weight 100In the following example, the routes that match community list 1 will have the weight set to 200. Any route that has community 109 alone will have the weight set to 200.
ip community-list 1 permit 109!route-map set_weightmatch community-list 1 exactset weight 200Related Commands
ip community-list
route-map
set weightmatch interface
To distribute any routes that have their next hop out one of the interfaces specified, use the match interface route-map configuration command. To remove the match interface entry, use the no form of this command.
match interface type number...type number
no match interface type number...type numberSyntax Description
Default
No match interfaces are defined.
Command Mode
Route-map configuration
Usage Guidelines
Use the route-map global configuration command, and the route-map configuration commands match and set, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want o modify only some data, you must configure second route-map section with an explicit match specified.
Example
In the following example, routes that have their next hop out Ethernet interface 0 will be distributed:
route-map namematch interface ethernet 0Related Commands
match ip address
To distribute any routes that have a destination network number address that is permitted by a standard or extended access list, or to perform policy routing on packets, use the match ip address route-map configuration command. To remove the match ip address entry, use the no form of this command.
match ip address access-list-number...access-list-number
no match ip address access-list-number...access-list-numberSyntax Description
access-list-number
Number of a standard or extended access list. It can be an integer from 1 through 199.
Default
No access list numbers are specified.
Command Mode
Route-map configuration
Usage Guidelines
Use route maps to redistribute routes or to subject packets to policy routing. Both purposes are described in this section.
•
Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The related match commands are listed in the section "Related Commands for Redistribution." The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
When you are passing routes through a route map, a route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.
•
Another purpose of route maps is to enable policy routing. Use the ip policy route-map interface configuration command, in addition to the route-map global configuration command, and the match and set route-map configuration commands to define the conditions for policy routing packets. Each route-map command has a list of match and set commands associated with it. The related match and set commands are listed in the section "Related Commands for Policy Routing." The match commands specify the match criteria—the conditions under which policy routing occurs. The set commands specify the set actions—the particular routing actions to perform if the criteria enforced by the match commands are met. You might want to policy route packets based on their source, for example, using an access list.
Examples
In the following example, routes that have addresses specified by access list numbers 5 or 80 will be distributed:
route-map namematch ip address 5 80In the following policy routing example, packets that have addresses specified by access list numbers 6 or 25 will be routed to Ethernet interface 0:
interface serial 0ip policy route-map chicago!route-map chicagomatch ip address 6 25set interface ethernet 0Related Commands for Redistribution
match as-path
match community-list
match interface
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weightRelated Commands for Policy Routing
ip policy route-map
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hopmatch ip next-hop
Use the match ip next-hop route-map configuration command to redistribute any routes that have a next-hop access server address passed by one of the access lists specified. Use the no form of this command to remove the next-hop entry.
match ip next-hop access-list-number...access-list-number
no match ip next-hop access-list-number...access-list-numberSyntax Description
Default
Routes are distributed freely, without being required to match a next-hop address.
Command Mode
Route-map configuration
Usage Guidelines
Use the route-map global configuration command, and the route-map configuration commands match and set, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want o modify only some data, you must configure second route-map section with an explicit match specified.
Example
In the following example, routes that have a next-hop access server address passed by access list 5 or 80 will be distributed:
route-map namematch ip next-hop 5 80Related Commands
match as-path
match community-list
match interface
match ip address
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weightmatch ip route-source
Use the match ip route-source route-map configuration command for any routes that have been advertised by access servers at the address specified by the access lists. Use the no form of this command to remove the route-source entry.
match ip route-source access-list-number...access-list-number
no match ip route-source access-list-number...access-list-numberSyntax Description
Default
No filtering on route source.
Command Mode
Route-map configuration
Usage Guidelines
Use the route-map global configuration command, and the route-map configuration commands match and set, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria— the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want o modify only some data, you must configure second route-map section with an explicit match specified.
There are situations in which a route's next hop and source access server address are not the same.
Example
In the following example, routes that have been advertised by access servers at the addresses specified by access lists 5 and 80 will be distributed:
route-map namematch ip route-source 5 80Related Commands
match as-path
match community-list
match interface
match ip address
match ip next-hop
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weightmatch length
To base policy routing on the Level 3 length of a packet, use the match length route-map configuration command. To remove the entry, use the no form of this command.
match length min max
no match length min maxSyntax Description
Default
No policy routing on the length of a packet.
Command Mode
Route-map configuration
Usage Guidelines
Use the ip policy route-map interface configuration command, the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for policy routing packets. The ip policy route-map command identifies a route map by name. Each route-map has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which policy routing occurs. The set commands specify the set actions—the particular routing actions to perform if the criteria enforced by the match commands are met.
The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the packet to be routed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
You might want to base your policy routing on the length of packets so that your interactive traffic and bulk traffic are directed to different routers.
Example
In the following example, packets 3 to 200 bytes long, inclusive, will be routed to FDDI interface 0.
interface serial 0ip policy route-map interactive!route-map interactivematch length 3 200set interface fddi 0Related Commands
ip policy route-map
match ip address
route-map
set default interface
set interface
set ip default next-hop
set ip next-hopmatch metric
Use the match metric route-map configuration command for any routes with the metric specified. Use the no form of this command to remove the entry.
match metric metric-value
no match metric metric-valueSyntax Description
metric-value
Route metric. This may be an IGRP five-part metric. A metric value from 0 through 4294967295.
Default
No filtering on a metric value.
Command Mode
Route-map configuration
Usage Guidelines
Use the route-map global configuration command, and the route-map configuration commands match and set, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want o modify only some data, you must configure second route-map section with an explicit match specified.
Example
In the following example, routes with the metric 5 will be redistributed.
route-map namematch metric 5Related Commands
match as-path
match community-list
match interface
match ip address
match ip next-hop
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weightmatch route-type
Use the match route-type route-map configuration command for any routes that are of the specified type. Use the no form of this command to remove the route-type entry.
match route-type {local | internal | external [type-1 | type-2]}
no match route-type {local | internal | external [type-1 | type-2]}Syntax Description
Default
Disabled
Command Mode
Route-map configuration
Usage Guidelines
Use the route-map global configuration command, and the route-map configuration commands match and set, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions—the particular redistribution actions that you should perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route-map section with an explicit match specified.
Example
In the following example, internal routes will be redistributed:
route-map namematch route-type internalRelated Commands
match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weightmatch tag
Use the match tag command for any routes stored in the routing table with one of the tags specified. Use the no form of this command to remove the tag entry.
match tag tag-value...tag-value
no match tag tag-value...tag-valueSyntax Description
Default
No match tag values are defined.
Command Mode
Route-map configuration
Usage Guidelines
Use the route-map global configuration command, and the route-map configuration commands match and set, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want o modify only some data, you must configure second route-map section with an explicit match specified.
Example
In the following example, routes stored in the routing table with tag 5 will be redistributed:
route-map namematch tag 5Related Commands
match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weightmbranch
To trace a branch of a multicast tree for a specific group, use the mbranch EXEC command.
mbranch {group-address | group-name} branch-address [ttl]
Syntax Description
Command Mode
EXEC
Usage Guidelines
The mbranch command sends multicast IGMP trace request packets to the specified branch access server. It displays information about the branch starting with the local (requesting) access server and ending with the branch access server. This is considered to be the forward direction.
The information returned shows how a multicast packet sourced by this access server will be forwarded by each access server on the path to the access server with the branch address.
The access server with the address branch-address is the only access server that responds to the trace request packets. The response is unicast to the source.
It is important to specify a value for the ttl argument if you are tracing through an access server on which a multicast threshold has been set with the ip multicast-threshold interface configuration command.
Sample Display
The following is sample output from the mbranch command. This trace is between the same access servers as shown in the example for the mrbranch command. Note the order of responses. Also note that the outgoing interface list is the same.
PIM2# mbranch 172.24.255.2 192.168.118.2Type escape sequence to abort.Tracing route to group CBONE-WB (172.24.255.2) to 192.168.118.2Response from 10.17.118.10, 76 msec1 PIM9 (10.1.22.9) <- PIM2 (10.1.37.2)Interface list: 172.16.62.0/24 172.16.22.0/24 10.7.0.0/162 PIM-CR (172.16.62.18) <- PIM9 (172.16.62.52)Interface list: 172.16.20.0/24 172.16.53.0/24 172.16.50.0/2410.16.0.0/16 10.17.0.0/163 10.17.118.10 <- 10.17.20.31Interface list: 192.168.118.0/26 192.168.118.192/26The mbranch command is interactive if you specify only the word mbranch. The following output shows sample responses to the system prompts:
Router# mbranchTarget IP group address or name:224.0.255.1Target IP router address or name:sj-eng-f2Ttl [30]:10Source address or name:<CR>Interface:ethernet0Type escape sequence to abort.Tracing route to group cbone-audio.cisco.com (224.0.255.1) to 171.69.4.139Response from sj-eng-f2.cisco.com (171.69.4.139), 4 msec1 sj-eng-cc2.cisco.com (171.69.121.2)<- 0.0.0.0Interface list: 171.69.4.0/242 sj-eng-f2.cisco.com (171.69.4.139)<- sj-eng-cc2.cisco.com (171.69.4.135)Interface list: 171.69.60.128/26describes the fields shown in the display.
Table 19-3 Mbranch Field Descriptions
Related Commands
ip multicast ttl-threshold
mbranchmetric holddown
Use the metric holddown router configuration command to keep new IGRP routing information from being used for a certain period of time. Use the no form of this command to disable metric holddown.
metric holddown
no metric holddownSyntax Description
This command has no arguments or keywords.
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
Holddown keeps new routing information from being used for a certain period of time. This can prevent routing loops caused by slow convergence. It is sometimes advantageous to disable holddown to increase the network's ability to quickly respond to topology changes; this command provides this function.
Use the metric holddown command if other access servers within the IGRP autonomous system are not configured with no metric holddown. If all access servers are not configured the same way, you increase the possibility of routing loops.
Example
The following example disables metric holddown:
router igrp 15network 172.16.0.0network 192.168.7.0no metric holddownRelated Commands
metric maximum-hops
metric weights
timers basic (EGP, RIP, IGRP)metric maximum-hops
Use the metric maximum-hops router configuration command to cause the IP routing software to advertise those routes with a hop count higher than is specified by the command (IGRP only) as unreachable. Use the no form of this command to reset the value to the default.
metric maximum-hops hops
no metric maximum-hops hopsSyntax Description
hops
Maximum hop count (in decimal). The default value is 100 hops; the maximum number of hops that can be specified is 255.
Default
100 hops
Command Mode
Router configuration
Usage Guidelines
This command provides a safety mechanism that breaks any potential count-to-infinity problems. It causes the IP routing software to advertise routes with a hop count greater than the value assigned to the hops argument as unreachable.
Example
In the following example, an access server in autonomous system 71 attached to network 10.15.0.0 wants a maximum hop count of 200, doubling the default. The network administrators decided to do this because they have a complex WAN that can generate a large hop count under normal (nonlooping) operations.
router igrp 71network 10.15.0.0metric maximum-hops 200Related Commands
metric weights
Use the metric weights router configuration command to allow the tuning of the IGRP metric calculations. Use the no form of this command to reset the values to their defaults.
metric weights tos k1 k2 k3 k4 k5
no metric weightsSyntax Description
tos
Type of service. Currently it must always be zero.
k1-k5
Constants that convert an IGRP metric vector into a scalar quantity.
Default
tos=0
k1 = 1
k2 = 0
k3 = 1
k4 = 0
k5 = 0Command Mode
Router configuration
Usage Guidelines
Use this command to alter the default behavior of IGRP routing and metric computation and allow the tuning of the IGRP metric calculation for a particular type of service (TOS).
If k5 equals 0, the composite IGRP metric is computed according to the following formula:
metric = [k1 * bandwidth + (k2 * bandwidth)/(256 - load) + k3 * delay]If k5 does not equal zero, an additional operation is done:
metric = metric * [k5 / (reliability + k4)]Bandwidth is inverse minimum bandwidth of the path in bits per second scaled by a factor of 10*1010. The range is from a 1200 bps line to 10 Gbps.
Delay is in units of 10 microseconds. This gives a range of 10 microseconds to 168 seconds. A delay of all ones indicates that the network is unreachable.
The delay parameter is stored in a 24-bit field, in tens of microseconds. Hence, the delay can be from 1 (10 microseconds) to hex FFFFFF (decimal 16777215), which corresponds to 167.77215 seconds. A delay of all ones (that is, a delay of 16777215) indicates that the network is unreachable.
lists the default values used for several common media.
Table 19-4 Bandwidth Values by Media Type
Reliability is given as a fraction of 255. That is, 255 is 100 percent reliability or a perfectly stable link.
Load is given as a fraction of 255. A load of 255 indicates a completely saturated link.
Example
The following example sets the metric weights to slightly different values than the defaults:
router igrp 109network 172.16.0.0metric weights 0 2 0 2 0 0Related Commands
A dagger (†) indicates that the command is documented in another chapter.
bandwidth †
delay †
metric holddown
metric maximum-hopsmrbranch
To trace a branch of a multicast tree for a group in the reverse direction, use the mrbranch EXEC command.
mrbranch {group-address | group-name} branch-address [ttl]
Syntax Description
Command Mode
EXEC
Usage Guidelines
The mrbranch command sends trace request packets to the specified branch access server. Queries are sent recursively to all the access servers in the branch. This command displays information about the branch starting with the access server farthest away and working towards the requesting access server. This is considered to be the reverse direction.
The information returned shows how a multicast packet sourced by this access server will be forwarded by each access server along the branch.
The access server with the address branch-address responds to the trace request packets. The requesting access server then sends a query to the access server that is the first access server's RPF neighbor. Both the request and response packets have unicast addresses.
The number of packets generated by this command is two times the number of access servers between the source access server and the specified branch access server.
Sample Display
The following is sample output from the mrbranch command. This example is between the same access server as shown in the mbranch command. Note the order of the responses. Also note that the outgoing interface list is the same.
PIM2# mrbranch 172.24.255.2 10.17.118.10Type escape sequence to abort.Tracing route to group CBONE-WB (172.24.255.2) from 10.17.118.10Response from 10.17.118.10, 68 msec1 10.17.118.10 <- 10.17.20.31Interface list: 192.168.118.0/26 192.168.118.192/26Response from PIM-CR (172.16.62.18), 12 msec1 PIM-CR (172.16.62.18) <- PIM9 (172.16.62.52)Interface list: 172.16.20.0/24 172.16.53.0/24 172.16.50.0/2410.16.0.0/16 10.17.0.0/16Response from PIM9 (172.16.62.52), 8 msec1 PIM9 (172.16.62.52) <- PIM2 (10.1.37.2)Interface list: 172.16.22.0/24 172.16.62.0/24 10.7.0.0/16The mrbranch command is interactive if you specify only the word mrbranch. The following output shows sample responses to the system prompts:
Router# mrbranchTarget IP group address or name:224.0.255.1Target IP router address or name:sj-eng-f2Ttl [30]:10Source address or name:<CR>Interface:ethernet0Type escape sequence to abort.Tracing route to group cbone-audio.cisco.com (224.0.255.1) to 171.69.4.139Response from sj-eng-f2.cisco.com (171.69.4.139), 4 msec1 sj-eng-f2.cisco.com (171.69.4.139)<- sj-eng-cc2.cisco.com (171.69.4.135)Interface list: 171.69.60.128/26Response from sj-eng-f2.cisco.com (171.69.121.2), 4 msec1 sj-eng-cc2.cisco.com (171.69.121.2)<- 0.0.0.0Interface list: 171.69.4.0/24describes the fields shown in the display.
Table 19-5 Mrbranch Field Descriptions
Related Commands
mtrace
To trace the entire multicast tree for the specified group, use the mtrace user EXEC command.
mtrace {group-address | group-name} [ttl]
Syntax Description
Command Mode
EXEC
Usage Guidelines
The trace request generated by the mtrace command is multicast to the multicast group. Responses are unicast to the source access server.
Responses are delayed by the responders.
Note
Sample Display
The following is sample output from the mtrace command:
Router> mtrace 172.24.255.1Type escape sequence to abort.Tracing route to group CBONE-AUDIO (172.24.255.1)Response from PIM4 (192.168.36.131), 7 msec1 PIM4 (192.168.36.131) <- 0.0.0.0Interface list: 192.168.37.0/24 10.20.0.0/16Response from PIM3 (192.168.36.130), 4 msec1 PIM3 (192.168.36.130) <- 0.0.0.0Interface list: 192.168.35.160/27Response from PIM4 (192.168.37.33), 2 msec1 PIM4 (192.168.37.33) <- 0.0.0.0Interface list: 10.20.0.0/16Response from PIM9 (10.1.22.9), 20 msec1 PIM9 (10.1.22.9) <- PIM2 (10.1.37.2)Interface list: 172.16.62.0/24 172.16.22.0/24 10.7.0.0/16Response from ITCHY (192.168.37.2), 3 msec1 ITCHY (192.168.37.2) <- 0.0.0.0Interface list: Nulldescribes the fields shown in the display.
Table 19-6 Mtrace Field Descriptions
Related Commands
neighbor (EGP, IGRP, RIP)
Use this form of the neighbor router configuration command to define a neighboring access server with which to exchange routing information. Use the no form of this command to remove an entry.
neighbor ip-address
no neighbor ip-addressSyntax Description
Default
No neighboring access servers are defined.
Command Mode
Router configuration
Usage Guidelines
For exterior routing protocol EGP, this command specifies routing peers. For normally broadcast protocols such as IGRP or RIP, this command permits the point-to-point (nonbroadcast) exchange of routing information. When used in combination with the passive-interface router configuration command, routing information can be exchanged between a subset of access servers on a LAN.
Multiple neighbor commands can be used to specify additional neighbors or peers.
OSPF has its own version of the neighbor command. See the neighbor (OSPF) command page in this chapter.
Examples
The following example establishes an EGP neighbor:
autonomous-system 109router egp 110neighbor 172.16.1.1In the following example, IGRP updates are sent to all interfaces on network 172.16.0.0 except Ethernet interface 1. However, in this case a neighbor router configuration command is included. This command permits the sending of routing updates to specific neighbors. One copy of the routing update is generated per neighbor.
router igrp 109network 172.16.0.0passive-interface ethernet 1neighbor 172.16.20.4Related Command
neighbor (OSPF)
Use this form of the neighbor router configuration command to configure OSPF access servers interconnecting to nonbroadcast networks. Use the no form of this command with the appropriate IP address and arguments to remove the configuration.
neighbor ip-address [priority number] [poll-interval seconds]
no neighbor ip-address [priority number] [poll-interval seconds]Syntax Description
Default
No configuration is specified.
Command Mode
Router configuration
Usage Guidelines
X.25 and Frame Relay provide an optional broadcast capability that can be configured in the map to allow OSPF to run as a broadcast network. At the OSPF level you can configure the access server as a broadcast network. See the x25 map and frame-relay map interface configuration command descriptions in "X.25 Commands" and "Frame Relay Commands" chapters, respectively, of this manual for more detail.
One neighbor entry must be included in the access server's configuration for each known nonbroadcast network neighbor. The neighbor address has to be on the primary address of the interface.
If a neighboring access server has become inactive (Hello packets have not been seen for the Router DeadInterval period), it may still be necessary to send Hello packets to the dead neighbor. These Hello packets will be sent at a reduced rate called Poll Interval.
When the access server first starts up, it sends only Hello packets to those access servers with non-zero priority, that is, access servers that are eligible to become designated routers and backup designated routers. After designated routers and backup designated routers are selected, they will then start sending Hello packets to all neighbors in order to form adjacencies.
Example
The following example declares an access server at address 172.16.3.4 on a nonbroadcast network, with a priority of 1 and a poll-interval of 180:
router ospf neighbor 172.16.3.4 priority 1 poll-interval 180Related Command
neighbor advertisement-interval
Use the neighbor advertisement-interval router configuration command to set the minimum interval between sending BGP routing updates. Use the no form of this command to remove an entry.
neighbor {ip-address | peer-group-name} advertisement-interval seconds
no neighbor {ip-address | peer-group-name} advertisement-interval secondsSyntax Description
ip-address
Neighbor's IP address.
peer-group-name
Name of a BGP peer group.
seconds
Time in seconds. Integer from 0 through 600.
Default
30 seconds for external peers and 5 seconds for internal peers.
Command Mode
Router configuration
Example
In the following example, the minimum time between sending BGP routing updates is set to
10 seconds:router bgp 5neighbor 10.4.4.4 advertisement-interval 10neighbor any
Use the neighbor any router configuration command to control how neighbor entries are added to the routing table for both EGP and BGP. Use the no form of this command to remove the configuration.
neighbor any [access-list-number]
no neighbor any [access-list-number]Syntax Description
Default
No configuration is specified.
Command Mode
Router configuration
Example
In the following example, only neighbors permitted by access list 1 are allowed to peer with the local router:
access-list 1 permit 10.0.0.0 0.255.255.255! global access list assignmentrouter egp 0neighbor any 1Related Commands
A dagger (†) indicates that the command is documented in another chapter.
access-list †
neighbor any third-party
router egp 0neighbor any third-party
Use the neighbor any third-party router configuration command to configure an EGP process that determine which neighbors will be treated as the next hop in EGP advertisements. Use the no form of this command to remove the configuration.
neighbor any third-party ip-address [internal | external]
no neighbor any third-party ip-address [internal | external]Syntax Description
Default
No EGP process is configured.
Command Mode
Router configuration
Example
The following example specifies the particular neighbors that an EGP process will view as peers:
access-list 2 permit 10.0.0.0 0.255.255.255! global access list assignmentrouter egp 0neighbor any 2neighbor any third-party 10.1.1.1Related Commands
neighbor configure-neighbors
Use the neighbor configure-neighbors router configuration command to instruct the access server to treat temporary neighbors that have been accepted by a template as if they had been configured by hand. The no form of this command causes any new neighbor accepted by the template to be treated as temporary.
neighbor template-name configure-neighbors
no neighbor template-name configure-neighborsSyntax Description
template-name
A user selectable designation that identifies a particular template (an arbitrary word).
Default
New neighbors are treated as temporary.
Command Mode
Router configuration
Usage Guidelines
Under normal circumstances, neighbors that are allowed to connect to the access server because you had configured a template are treated as temporary. When a temporary neighbor disconnects, the local access server will not try to actively reestablish a connection with it. In addition, information about temporary neighbors will not show up in the access server configuration (show running-config).
When configure-neighbors is enabled on a particular template, any neighbor accepted by that template will be treated as if it had been manually configured. These neighbors will show up in show running-config displays and will be written to the nonvolatile configuration if a copy running-config startup-config command is issued.
Example
In the following example, any BGP speaker matching access-list 7 can connect to the access server and exchange information. Any neighbor that connects will be treated as if it had been manually configured.
access-list 7 permit 172.29.3.0 0.0.0.255neighbor internal-ethernet neighbor-list 7neighbor internal-ethernet configure-neighborsRelated Command
neighbor default-originate
To allow a BGP speaker (the local router) to send the default route 0.0.0.0 to a neighbor for use as a default route, use the neighbor default-originate router configuration command. To remove the default route, use the no form of this command.
neighbor {ip-address | peer-group-name} default-originate [route-map map-name]
no neighbor {ip-address | peer-group-name} default-originate [route-map map-name]Syntax Description
ip-address
Neighbor's IP address.
peer-group-name
Name of a BGP peer group.
map-name
(Optional) Name of the route map. The route map allows route 0.0.0.0 to be injected conditionally.
Default
No default route is sent to the neighbor.
Command Mode
Router configuration
Usage Guidelines
This command does not require the presence of 0.0.0.0 in the local router. When used with a route map, the default route 0.0.0.0 is injected if the route map contains a match ip address clause and there is a route that matches the IP access list exactly. The route map can contain other match clauses also.
Examples
In the following example, the local router injects route 0.0.0.0 to the neighbor 160.89.2.3 unconditionally:
router bgp 109network 160.89.0.0neighbor 160.89.2.3 remote-as 200neighbor 160.89.2.3 default-originateIn the following example, the local router injects route 0.0.0.0 to the neighbor 160.89.2.3 only if there is a route to 198.92.68.0:
router bgp 109network 160.89.0.0neighbor 160.89.2.3 remote-as 200neighbor 160.89.2.3 default-originate route-map default-map!route-map default-map 10 permitmatch ip address 1!access-list 1 permit 198.92.68.0neighbor distribute-list
Use the neighbor distribute-list router configuration command to distribute BGP neighbor information as specified in an access list. Use the no form of this command to remove an entry.
neighbor {ip-address | peer-group-name} distribute-list access-list-number {in | out}
no neighbor {ip-address | peer-group-name} distribute-list access-list-number {in | out}Syntax Description
Default
No BGP neighbor is specified.
Command Mode
Router configuration
Usage Guidelines
Using distribute lists is one of two ways to filter BGP advertisements. The other way is to use autonomous system-path filters, as with the ip as-path access-list global configuration command and the neighbor
filter-list command.If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command. Specifying the command with an IP address will override the value inherited from the peer group.
Example
The following example applies list 39 to incoming advertisements to neighbor 172.23.4.1:
router bgp 109network 172.16.0.0neighbor 172.23.4.1 distribute-list 39 inRelated Commands
ip as-path access-list
neighbor filter-listneighbor ebgp-multihop
Use the neighbor ebgp-multihop router configuration command to accept and attempt BGP connections to external peers residing on networks that are not directly connected. Use the no form of this command to return to the default of allowing only directly connected neighbors.
neighbor {ip-address | peer-group-name} ebgp-multihop
no neighbor {ip-address | peer-group-name}Syntax Description
Default
Only directly connected neighbors are allowed.
Command Mode
Router configuration
Usage Guidelines
This feature should only be used under the guidance of technical support staff.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command.
Example
The following example allows connections to or from neighbor 172.16.1.1, which resides on a network that is not directly connected:
router bgp 109neighbor 172.16.1.1 ebgp-multihopneighbor filter-list
Use the neighbor filter-list router configuration command to set up BGP filters, using access lists defined with the ip as-path access-list command. Use the no form of this command to disable this function.
neighbor {ip-address | peer-group-name} filter-list access-list-number {in | out |
weight weight}
no neighbor {ip-address | peer-group-name} filter-list access-list-number {in | out |
weight weight}Syntax Description
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
This command establishes filters on both inbound and outbound BGP routes. Any number of weight filters are allowed on a per-neighbor basis, but only one in or out filter is allowed. The weight of a route affects BGP's route-selection rules.
The implemented weight is based on the first matched autonomous system path. Weights indicated when an autonomous system path is matched override the weights assigned by global neighbor commands. In other words, the weights assigned with the match as-path and set weight route-map commands override the weights assigned using the neighbor weight and neighbor filter-list commands.
See the "Regular Expressions" appendix for information on forming regular expressions.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command. Specifying the command with an IP address will override the value inherited from the peer group.
Example
In the following example, the BGP neighbor with IP address 172.28.1.1 is not sent advertisements about any path through or from the adjacent autonomous system 123:
ip as-path access-list 1 deny _123_ip as-path access-list 1 deny ^123 .*! The space in the above expression (^123 .*)is required.router bgp 109network 172.16.0.0neighbor 172.29.6.6 remote-as 123neighbor 172.28.1.1 remote-as 47neighbor 172.28.1.1 filter-list 1 outRelated Commands
ip as-path access-list
neighbor distribute-list
neighbor weightneighbor neighbor-list
Use the neighbor neighbor-list router configuration command to configure BGP to support anonymous neighbor peers by configuring a neighbor template. Use the no form of this command to delete the template, and also cause any temporary neighbors accepted by the template to be shut down and removed.
neighbor template-name neighbor-list access-list-number
no neighbor template-name neighbor-listSyntax Description
template-name
A user selectable designation that identifies a particular template (an arbitrary word).
access-list-number
An IP access list number in the range 1 through 99.
Default
No configuration is defined.
Command Mode
Router configuration
Usage Guidelines
To specify a group of anonymous neighbors, configure a neighbor template rather than specifically configure each neighbor. The template allows you to specify an IP access list which defines remote systems that can establish a BGP connection to the access server. External BGP peers must be on a directly connected Ethernet unless they are overridden by the neighbor ebgp-multihop command.
Once you specify a template, you configure the template as if it were a regular neighbor entry, such as setting the protocol version or filter lists, so that anonymous neighbors accepted by the template will receive the settings of the template.
These neighbors accepted by the template appear in the show ip bgp summary and show ip bgp neighbor displays, although they do not appear in the access server configuration. When the session is disconnected, all knowledge about the neighbor is discarded and the access server will not attempt to actively re-establish a connection.
You can use the neighbor configure-neighbors command to request that the access server treat peers learned through a template as if they were manually configured neighbors. These peers will then show up in show running-config displays and can be stored as part of the nonvolatile configuration.
Examples
In the following example, any BGP speaker from 172.29.3.0 can connect to the access server and exchange information:
access-list 7 permit 172.29.3.0 0.0.0.255neighbor internal-ethernet neighbor-list 7 neighbor internal-ethernet configure-neighborsIn the following example, any BGP speaker in the connected internet can establish a BGP connection to the local access server, and the local access server will send them routing information. However, the distribute-list clause instructs the local access server to ignore all information these remote BGP speakers send to it.
access-list 9 permit 0.0.0.0 255.255.255.255access-list 10 deny 0.0.0.0 255.255.255.255neighbor route-server-peers neighbor-list 9neighbor route-server-peers distribute-list 10 inRelated Commands
A dagger (†) indicates that the command is documented in another chapter.
access-list (standard) †
neighbor configure-neighbors
neighbor ebgp-multihopneighbor next-hop-self
Use the neighbor next-hop-self router configuration command to configure the access server to disable next-hop processing on BGP updates. Use the no form of this command to disable this feature.
neighbor ip-address next-hop-self
no neighbor ip-address next-hop-selfSyntax Description
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
This command is useful in nonmeshed networks such as Frame Relay or X.25 where BGP neighbors may not have direct access to all other neighbors on the same IP subnet.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command. Specifying the command with an IP address will override the value inherited from the peer group.
Example
The following example forces all updates destined for 172.16.1.1 to advertise this access server as the next hop:
router bgp 109neighbor 172.16.1.1 next-hop-selfneighbor password
To enable MD5 authentication on a TCP connection between two BGP peers, use the neighbor password router configuration command. To disable this feature, use the no form of this command.
neighbor {ip-address | peer-group-name} password string
no neighbor {ip-address | peer-group-name} passwordSyntax Description
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
You can invoke authentication between two BGP peers, causing each segment sent on the TCP connection between them to be verified. This feature must be configured with the same password on both BGP peers; otherwise, the connection between them will not be made. The authentication feature uses the MD5 algorithm. Specifying this command causes the generation and checking of the MD5 digest on every segment sent on the TCP connection.
Configuring a password for a neighbor causes existing sessions to be torn down and a new one made.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command.
If a router has a password configured for a neighbor, but the neighbor router does not, a message like the following will appear on the console while the routers attempt to establish a BGP session between them:
%TCP-6-BADAUTH: No MD5 digest from [peer's IP address]:11003 to [local router's IP address]:179Similarly, if the two routers have different passwords configured, a message like the following will appear on the console:
%TCP-6-BADAUTH: Invalid MD5 digest from [peer's IP address]:11004 to [local router's IP address]:179Example
The following example enables the authentication feature between this router and the BGP neighbor at 172.16.1.1. The password that must also be configured for the neighbor is bla4u00=2nkq.
router bgp 109neighbor 172.16.1.1 password bla4u00=2nkqRelated Command
neighbor peer-group (creating)
neighbor peer-group (creating)
To create a BGP peer group, use the neighbor peer-group router configuration command. To remove the peer group and all of its members, use the no form of this command.
neighbor peer-group-name peer-group
no neighbor peer-group-name peer-groupSyntax Description
Default
There is no BGP peer group.
Command Mode
Router configuration
Usage Guidelines
Often in a BGP speaker, there are many neighbors configured with the same update policies (that is, same outbound route maps, distribute lists, filter lists, update source, and so on). Neighbors with the same update policies can be grouped into peer groups to simplify configuration and make update calculation more efficient.
Once a peer group is created with the neighbor peer-group command, it can be configured with the neighbor commands. By default, members of the peer group inherit all of the configuration options of the peer group. Members can also be configured to override the options that do not affect outbound updates.
Peer group members will always inherit the following: remote-as (if configured), version, update-source, out-route-map, out-filter-list, out-dist-list, minimum-advertisement-interval, and next-hop-self. All of the peer group members will inherit changes made to the peer group.
If a peer group is not configured with a remote-as, the members can be configured with the neighbor {ip-address | peer-group-name} remote-as command. This allows you to create peer groups containing EBGP neighbors.
Example for an IBGP Peer Group
In the following example, the peer group named internal configures the members of the peer group to be IBGP neighbors. By definition, this is an IBGP peer group because the router bgp command and the neighbor remote-as command indicate the same autonomous system (in this case, AS 100). All the peer group members use loopback 0 as the update source and use set-med as the outbound route-map. The inbound filter-list command shows that except 171.69.232.55 all the neighbor has filter-list 2 as the inbound filter list.
router bgp 100neighbor internal peer-groupneighbor internal remote-as 100neighbor internal update-source loopback 0neighbor internal route-map set-med outneighbor internal filter-list 1 outneighbor internal filter-list 2 inneighbor 172.19.232.53 peer-group internalneighbor 172.19.232.54 peer-group internalneighbor 172.19.232.55 peer-group internalneighbor 172.19.232.55 filter-list 3 inExample for an EBGP Peer Group
In the following example, the peer group external-peers is defined without the neighbor remote-as command. This is what makes it an EBGP peer group. Each individaul member of the peer group is configured with its respective AS-number separately. Thus the peer group consists of members from autonomous systems 200, 300 and 400. All the peer group members have set-metric route map as an outbound route map and filter-list 99 as an outbound filter list. Except for neighbor 172.19.232.110, all of them have 101 as the inbound filter list.
router bgp 100neighbor external-peers peer-groupneighbor external-peers route-map set-metric outneigbhor external-peers filter-list 99 outneighbor external-peers filter-list 101 inneighbor 172.19.232.90 remote-as 200neighbor 172.19.232.90 peer-group external-peersneighbor 172.19.232.100 remote-as 300neighbor 172.19.232.100 peer-group external-peersneighbor 172.19.232.110 remote-as 400neighbor 172.19.232.110 peer-group external-peersneighbor 172.19.232.110 filter-list 400 inRelated Commands
clear ip bgp peer-group
neighbor peer-group (creating)
neighbor peer-group (assigning members)
show ip bgp peer-groupneighbor peer-group (assigning members)
To configure a BGP neighbor to be a member of a peer group, use the neighbor peer-group router configuration command. To remove the neighbor from the peer group, use the no form of this command.
neighbor ip-address peer-group peer-group-name
no neighbor ip-address peer-group peer-group-nameSyntax Description
ip-address
IP address of the BGP neighbor who belongs to the peer group specified by the tag.
peer-group-name
Name of the BGP peer group to which this neighbor belongs.
Default
There are no BGP neighbors in a peer group.
Command Mode
Router configuration
Usage Guidelines
The neighbor at the IP address indicated inherits all the configured options of the peer group.
Example
In the following example,
router bgp 100neighbor internal peer-groupneighbor internal remote-as 100neighbor internal update-source loopback 0neighbor internal route-map set-med outneighbor internal filter-list 1 outneighbor internal filter-list 2 inneighbor 172.19.232.53 peer-group internalneighbor 172.19.232.54 peer-group internalneighbor 172.19.232.55 peer-group internalneighbor 172.19.232.55 filter-list 3 inRelated Commands
neighbor peer-group (creating)
neighbor remote-asneighbor remote-as
Use the neighbor remote-as router configuration command to add an entry to the BGP neighbor table. Use the no form of this command to remove a neighbor.
neighbor {ip-address | peer-group-name} remote-as number
no neighbor {ip-address | peer-group-name} remote-as numberSyntax Description
ip-address
Neighbor's IP address.
peer-group-name
Name of a BGP peer group.
number
Autonomous system to which the neighbor belongs.
Default
There are no BGP neighbor peers.
Command Mode
Router configuration
Usage Guidelines
Specifying a neighbor with an autonomous system number that matches the autonomous system number specified in the router bgp global configuration command identifies the neighbor as internal to the local autonomous system. Otherwise, the neighbor is considered external.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command.
Examples
The following example specifies that the access server at the address 172.16.1.2 is a neighbor in autonomous system number 109:
router bgp 110network 172.16.0.0neighbor 172.16.1.2 remote-as 109In the following example, a BGP access server is assigned to autonomous system 109, and two networks are listed as originating in the autonomous system. Then the addresses of three remote access servers (and their autonomous systems) are listed. The access server being configured will share information about networks 172.16.0.0 and 192.168.7.0 with the neighbor access servers. The first access server listed is in the same Class B network address space, but in a different autonomous system; the second neighbor command illustrates specification of an internal neighbor (with the same autonomous system number) at address 172.16.234.2; and the last neighbor command specifies a neighbor on a different network.
router bgp 109network 172.16.0.0network 192.168.7.0neighbor 172.16.200.1 remote-as 167neighbor 172.16.234.2 remote-as 109neighbor 172.50.64.19 remote-as 99neighbor route-map
Use the neighbor route-map router configuration command to apply a route map to incoming or outgoing routes. Use the no form of this command to remove the entry.
neighbor {ip-address | peer-group-name} route-map route-map-name {in | out}
no neighbor {ip-address | peer-group-name} route-map route-map-name {in | out}Syntax Description
ip-address
Neighbor's IP address.
peer-group-name
Name of a BGP peer group.
route-map-name
Name of route map.
in
Apply to incoming routes.
out
Apply to outgoing routes.
Default
No route maps are applied to a peer.
Command Mode
Router configuration
Usage Guidelines
If an outbound route map is specified, it is proper behavior to only advertise routes that match at least one section of the route map.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command. Specifying the command with an IP address will override the value inherited from the peer group.
Examples
In the following example, route map "internal-map" is applied to incoming route from 192.168.70.24:
router bgp 5neighbor 192.168.70.24 route-map internal-map in!route-map internal-mapmatch as-path 1set local-preference 100neighbor send-community
To specify that a COMMUNITIES attribute should be sent to a BGP neighbor, use the neighbor send-community router configuration command. To remove the entry, use the no form of this command.
neighbor {ip-address | peer-group-name} send-community
no neighbor {ip-address | peer-group-name} send-communitySyntax Description
Default
No COMMUNITIES attribute is sent to any neighbor.
Command Mode
Router configuration
Usage Guidelines
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command.
Examples
In the following example, the router belongs to autonomous system 109 and is configured to send the communities attribute to its neighbor at IP address 192.168.70.23:
router bgp 109neighbor 192.168.70.23 send-communityRelated Commands
ip community-list
match community-list
set communityneighbor third-party
Use the neighbor third-party router configuration command to send updates regarding EGP third-party access servers. Use the no form of this command to disable these updates.
neighbor ip-address third-party third-party-ip-address [internal | external]
no neighbor ip-address third-party third-party-ip-address [internal | external]Syntax Description
Default
Disabled
Command Mode
Router configuration
Usage Guidelines
Using this third-party mechanism, EGP tells its peer that another access server (the third party) on the shared network is the appropriate access server for some set of destinations. If updates mentioning third-party access servers are desired, use this command.
All networks reachable through the third-party access server will be listed in the EGP updates as reachable by the access server. The optional internal and external keywords indicate whether the third-party access server should be listed in the internal or external section of the EGP update. Normally, all networks are mentioned in the internal section.
This command can be used multiple times to specify additional third-party access servers.
Examples
In the following example, routes learned from access server 172.16.6.99 will be advertised to 172.16.6.5 as third-party internal routes:
neighbor 172.16.6.5 third-party 172.16.6.99 internalIn the following example, routes learned from 172.16.6.100 will be advertised to 172.16.6.5 as third-party external routes:
neighbor 172.16.6.5 third-party 172.16.6.100 externalneighbor update-source
Use the neighbor update-source router configuration command to configure the access server to allow internal BGP sessions to use any operational interface for TCP connections. Use the no form of this command to restore the interface assignment to the closest interface, also called the
best-local-address.neighbor {ip-address | peer-group-name} update-source interface
no neighbor {ip-address | peer-group-name} update-source interfaceSyntax Description
ip-address
IP address of the BGP-speaking neighbor.
peer-group-name
Name of a BGP peer group.
interface
Loopback interface.
Default
Best-local-address
Command Mode
Router configuration
Usage Guidelines
This feature works in conjunction with the Loopback interface feature described in the "Configuring Interfaces" chapter of the Access and Communication Servers Configuration Guide.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command.
Example
In the following example, BGP TCP connections for the specified neighbor will be sourced with Loopback interface's IP address rather than the best-local-address:
router bgp 110network 192.168.0.0neighbor 192.168.2.3 remote-as 110 neighbor 192.168.2.3 update-source Loopback0neighbor version
Use the neighbor version router configuration command to configure the access server to accept only a particular version. Use the no form of this command to return the version to the default level of that neighbor.
neighbor {ip-address | peer-group-name} version value
no neighbor {ip-address | peer-group-name} version valueSyntax Description
Default
Version 4
Command Mode
Router configuration
Usage Guidelines
Entering this command disables dynamic version negotiation.
Our implementation of BGP supports Versions 2, 3, and 4 of BGP. If the neighbor does not accept default version 4, dynamic version negotiation is implemented to negotiate down to version 2.
Our implementation of BGP supports BGP Versions 2, 3, and 4. If the neighbor does not accept default Version 4, dynamic version negotiation is implemented to negotiate down to Version 2.
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command.
Example
The following example locks down to Version 4 of the BGP protocol:
router bgp 109 neighbor 172.18.27.2 version 4neighbor weight
Use the neighbor weight router configuration command to specify a weight to assign to a specific neighbor connection. Use the no form of this command to remove the assignment.
neighbor {ip-address | peer-group-name} weight weight
no neighbor {ip-address | peer-group-name} weight weightSyntax Description
ip-address
Neighbor's IP address.
peer-group-name
Name of a BGP peer group.
weight
Weight to assign. Acceptable values are 0 to 65535.
Default
Routes learned through another BGP peer have a default weight of 0 and routes sourced by the local access server have a default weight of 32768.
Command Mode
Router configuration
Usage Guidelines
All routes learned from this neighbor will have the assigned weight initially. The route with the highest weight will be chosen as the preferred route when multiple routes are available to a particular network.
The weights assigned with the match as-path and set weight route-map commands override the weights assigned using the neighbor weight and neighbor filter-list commands.
Note
If you specify a BGP peer group by using the peer-group-name argument, all of the members of the peer group will inherit the characteristic configured with this command.
Example
The following example sets the weight of all routes learned via 172.23.12.1 to 50:
router bgp 109 neighbor 172.23.12.1 weight 50Related Commands
neighbor distribute-list
neighbor filter-listnetwork (BGP)
Use this form of the network router configuration command to specify the list of networks for the BGP routing process. Use the no form of this command to remove the entry.
network network-number mask network-mask
no network network-number mask network-maskSyntax Description
network-number
IP address of a peer access server with which routing information will be exchanged.
mask
Network or subnetwork mask.
network-mask
Network mask address.
Default
No networks are specified.
Command Mode
Router configuration
Usage Guidelines
These types of networks can be learned from connected routes, dynamic routing, and from static route sources.
A maximum of 200 network commands may be specified for a single BGP process.
Example
The following example sets up network 172.16.1.27 to be included in the access server's BGP updates:
router bgp 120network 172.16.1.27 mask 255.255.255.0Related Commands
network backdoor
network mask
network weight
router bgpnetwork (EGP)
Use this form of the network router configuration command to specify the list of networks for the EGP routing process. Use the no form of this command to remove a network from the list.
network network-number
no network network-numberSyntax Description
Default
No networks are specified.
Command Mode
Router configuration
Usage Guidelines
The networks to be advertised to the EGP peers of an EGP routing process are advertised with a distance of zero. The restrictions on the network you specify are that it must appear in the routing table, and the network number must not contain any subnet information. The network can be connected, statically configured, or redistributed into EGP from other routing protocols. Multiple commands can be used to specify additional networks.
Example
The following example illustrates a typical configuration for an EGP access server process. The access server is in autonomous system 109 and is peering with access servers in autonomous system 164. It will advertise the networks 172.16.0.0 and 192.168.7.0 to the access server in autonomous system 164, 10.2.0.2. The information sent and received from peer access servers can be filtered in various ways, including blocking information from certain access servers and suppressing the advertisement of specific routes.
