Table Of Contents
ip dhcp relay forward spanning-tree
ip forward-protocol spanning-tree
ip forward-protocol turbo-flood
IP Addressing Commands
The Internet Protocol (IP) is a packet-based protocol used to exchange data over computer networks. IP handles addressing, fragmentation, reassembly, and protocol demultiplexing. It is the foundation on which all other Internet protocols, collectively referred to as the Internet Protocol suite, are built. IP is a network-layer protocol that contains addressing information and some control information that allows data packets to be routed.
The Transmission Control Protocol (TCP) is built upon the IP layer. TCP is a connection-oriented protocol that specifies the format of data and acknowledgments used in the transfer of data. TCP also specifies the procedures that the computers use to ensure that the data arrives correctly. TCP allows multiple applications on a system to communicate concurrently because it handles all demultiplexing of the incoming traffic among the application programs.
Use the commands in this chapter to configure and monitor the addressing of IP networks. For IP addressing configuration information and examples, refer to the "Configuring IP Addressing" chapter of the Cisco IOS IP and IP Routing Configuration Guide.
arp (global)
To add a permanent entry in the Address Resolution Protocol (ARP) cache, use the arp global configuration command. To remove an entry from the ARP cache, use the no form of this command.
arp ip-address hardware-address type [alias]
no arp ip-address hardware-address type [alias]
Syntax Description
Defaults
No entries are permanently installed in the ARP cache.
Command Modes
Global configuration
Command History
Usage Guidelines
The Cisco IOS software uses ARP cache entries to translate 32-bit IP addresses into 48-bit hardware addresses.
Because most hosts support dynamic resolution, you generally do not need to specify static ARP cache entries.
To remove all nonstatic entries from the ARP cache, use the clear arp-cache privileged EXEC command.
Examples
The following is an example of a static ARP entry for a typical Ethernet host:
arp 192.31.7.19 0800.0900.1834 arpaRelated Commands
arp (interface)
To control the interface-specific handling of IP address resolution into 48-bit Ethernet, FDDI, Frame-Relay, and Token Ring hardware addresses, use the arp interface configuration command. To disable an encapsulation type, use the no form of this command.
arp {arpa | frame-relay | probe | snap}
no arp {arpa | frame-relay | probe | snap}
Syntax Description
Defaults
Standard Ethernet-style ARP
Command Modes
Interface configuration
Command History
Usage Guidelines
Unlike most commands that take multiple arguments, arguments to the arp command are not mutually exclusive. Each command enables or disables a specific type of ARP. For example, if you enter the arp arpa command followed by the arp probe command, the Cisco IOS software would send three (two for probe and one for arpa) packets each time it needed to discover a MAC address.
The arp probe command allows the software to use the Probe protocol (in addition to ARP) whenever it attempts to resolve an IEEE-802.3 or Ethernet local data link address. The subset of Probe that performs address resolution is called Virtual Address Request and Reply. Using Probe, the software can communicate transparently with Hewlett-Packard IEEE-802.3 hosts that use this type of data encapsulation.
Note
Cisco support for HP Probe proxy support changed as of Software Release 8.3(2) and subsequent software releases. The no arp probe command is now the default. All interfaces that will use Probe must now be explicitly configured for the arp probe command.
Given a network protocol address (IP address), the arp frame-relay command determines the corresponding hardware address, which would be a data link connection identifier (DLCI) for frame relay.
The show interfaces EXEC command displays the type of ARP being used on a particular interface. To remove all nonstatic entries from the ARP cache, use the clear arp-cache privileged EXEC command.
Examples
The following example enables probe services:
interface ethernet 0arp probeRelated Commands
Deletes all dynamic entries from the ARP cache.
show interfaces
Displays statistics for all interfaces configured on the router or access server.
arp timeout
To configure how long an entry remains in the ARP cache, use the arp timeout interface configuration command. To restore the default value, use the no form of this command.
arp timeout seconds
no arp timeout seconds
Syntax Description
seconds
Time (in seconds) that an entry remains in the ARP cache. A value of zero means that entries are never cleared from the cache.
Defaults
14400 seconds (4 hours)
Command Modes
Interface configuration
Command History
Usage Guidelines
This command is ignored when issued on interfaces that do not use ARP. The show interfaces EXEC command displays the ARP timeout value. The value follows the "Entry Timeout:" heading, as seen in this sample show interfaces display:
ARP type: ARPA, PROBE, Entry Timeout: 14400 secExamples
The following example sets the ARP timeout to 12000 seconds to allow entries to time out more quickly than the default:
interface ethernet 0arp timeout 12000Related Commands
show interfaces
Displays statistics for all interfaces configured on the router or access server.
clear arp-cache
To delete all dynamic entries from the ARP cache, to clear the fast-switching cache, and to clear the IP route cache, use the clear arp-cache EXEC command.
clear arp-cache
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following example removes all dynamic entries from the ARP cache and clears the fast-switching cache:
clear arp-cacheRelated Commands
Adds a permanent entry in the ARP cache.
Controls the interface-specific handling of IP address resolution into 48-bit Ethernet, FDDI, and Token Ring hardware addresses.
clear host
To delete entries from the host-name-and-address cache, use the clear host EXEC command.
clear host {name | *}
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
The host name entries will not be removed from NVRAM, but will be cleared in running memory.
Examples
The following example clears all entries from the host name-and-address cache:
clear host *Related Commands
clear ip nat translation
To clear dynamic Network Address Translation (NAT) translations from the translation table, use the clear ip nat translation EXEC command.
clear ip nat translation {* | [inside global-ip local-ip] [outside local-ip global-ip]}
clear ip nat translation protocol inside global-ip global-port local-ip local-port [outside
local-ip global-ip]Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
Use this command to clear entries from the translation table before they time out.
Examples
The following example shows the NAT entries before and after the UDP entry being cleared:
Router# show ip nat translationPro Inside global Inside local Outside local Outside globaludp 171.69.233.209:1220 192.168.1.95:1220 171.69.2.132:53 171.69.2.132:53tcp 171.69.233.209:11012 192.168.1.89:11012 171.69.1.220:23 171.69.1.220:23tcp 171.69.233.209:1067 192.168.1.95:1067 171.69.1.161:23 171.69.1.161:23Router# clear ip nat translation udp inside 171.69.233.209 1220 192.168.1.95 1220171.69.2.132 53 171.69.2.132 53Router# show ip nat translationPro Inside global Inside local Outside local Outside globaltcp 171.69.233.209:11012 192.168.1.89:11012 171.69.1.220:23 171.69.1.220:23tcp 171.69.233.209:1067 192.168.1.95:1067 171.69.1.161:23 171.69.1.161:23Related Commands
clear ip nhrp
To clear all dynamic entries from the Next Hop Resolution Protocol (NHRP) cache, use the clear ip nhrp EXEC command.
clear ip nhrp
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
This command does not clear any static (configured) IP-to-nonbroadcast multiaccess (NBMA) address mappings from the NHRP cache.
Examples
The following example clears all dynamic entries from the NHRP cache for the interface:
clear ip nhrpRelated Commands
clear ip route
To delete routes from the IP routing table, use the clear ip route EXEC command.
clear ip route {network [mask] | *}
Syntax Description
network
Network or subnet address to remove.
mask
(Optional) Subnet address to remove.
*
Removes all routing table entries.
Defaults
All entries are removed.
Command Modes
EXEC
Command History
Examples
The following example removes a route to network 132.5.0.0 from the IP routing table:
clear ip route 132.5.0.0ip address
To set a primary or secondary IP address for an interface, use the ip address interface configuration command. To remove an IP address or disable IP processing, use the no form of this command.
ip address ip-address mask [secondary]
no ip address ip-address mask [secondary]
Syntax Description
Defaults
No IP address is defined for the interface.
Command Modes
Interface configuration
Command History
Usage Guidelines
An interface can have one primary IP address and multiple secondary IP addresses. Packets generated by the Cisco IOS software always use the primary IP address. Therefore, all routers and access servers on a segment should share the same primary network number.
Hosts can determine subnet masks using the Internet Control Message Protocol (ICMP) Mask Request message. Routers respond to this request with an ICMP Mask Reply message.
You can disable IP processing on a particular interface by removing its IP address with the no ip address command. If the software detects another host using one of its IP addresses, it will print an error message on the console.
The optional keyword secondary allows you to specify an unlimited number of secondary addresses. Secondary addresses are treated like primary addresses, except the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and ARP requests are handled properly, as are interface routes in the IP routing table.
Secondary IP addresses can be used in a variety of situations. The following are the most common applications:
•
•
•
Note
Note
To transparently bridge IP on an interface, you must do two things:
•
•
To concurrently route and transparently bridge IP on an interface, see the bridge crb command.
Examples
In the following example, 131.108.1.27 is the primary address and 192.31.7.17 and 192.31.8.17 are secondary addresses for Ethernet interface 0:
interface ethernet 0ip address 131.108.1.27 255.255.255.0ip address 192.31.7.17 255.255.255.0 secondaryip address 192.31.8.17 255.255.255.0 secondaryRelated Commands
ip broadcast-address
To define a broadcast address for an interface, use the ip broadcast-address interface configuration command. To restore the default IP broadcast address, use the no form of this command.
ip broadcast-address [ip-address]
no ip broadcast-address [ip-address]
Syntax Description
Defaults
Default address: 255.255.255.255 (all ones)
Command Modes
Interface configuration
Command History
Examples
The following example specifies an IP broadcast address of 0.0.0.0:
ip broadcast-address 0.0.0.0ip cef traffic-statistics
To change the time interval that controls when Next Hop Resolution Protocol (NHRP) will set up or tear down a switched virtual circuit (SVC), use the ip cef traffic-statistics global configuration command. To restore the default values, use the no form of this command.
ip cef traffic-statistics [load-interval seconds] [update-rate seconds]
no ip cef traffic-statistics
Syntax Description
Defaults
load-interval: 30 seconds
update-rate: 10 seconds
Command Modes
Global configuration
Command History
Usage Guidelines
The thresholds in the ip nhrp trigger-svc command must be exceeded during a certain time interval, which is 30 seconds by default. To change that interval, use the load-interval seconds argument of the ip cef traffic-statistics command.
When NHRP is configured on a CEF switching node with a VIP2 adapter, you must make sure the update-rate keyword is set to 5 seconds.
Other features could also use the ip cef traffic-statistics command; this NHRP feature relies on it.
Examples
In the following example, the triggering and teardown thresholds are calculated based on an average over 120 seconds:
ip cef traffic-statistics load-interval 120Related Commands
Configures when NHRP will set up and tear down an SVC based on aggregate traffic rates.
ip classless
At times the router might receive packets destined for a subnet of a network that has no network default route. To have the Cisco IOS software forward such packets to the best supernet route possible, use the ip classless global configuration command. To disable this feature, use the no form of this command.
ip classless
no ip classless
Syntax Description
This command has no arguments or keywords.
Defaults
Enabled
Command Modes
Global configuration
Command History
10.0
This command was introduced.
11.3
The default behavior changed from disabled to enabled.
Usage Guidelines
This command allows the software to forward packets that are destined for unrecognized subnets of directly connected networks. The packets are forwarded to the best supernet route.
When the ip class less featuro2ses
e is disabled, the software discards the packets when a router receives packets for a subnet that numerically falls within its subnetwork addressing scheme, if there is no such subnet number in the routing table and there is no network default route.
Note
Examples
The following example prevents the software from forwarding packets destined for an unrecognized subnet to the best supernet possible:
no ip classlessip default-gateway
To define a default gateway (router) when IP routing is disabled, use the ip default-gateway global configuration command. To disable this function, use the no form of this command.
ip default-gateway ip-address
no ip default-gateway ip-address
Syntax Description
Defaults
Disabled
Command Modes
Global configuration
Command History
Usage Guidelines
The Cisco IOS software sends any packets that need the assistance of a gateway to the address you specify. If another gateway has a better route to the requested host, the default gateway sends an ICMP Redirect message back. The ICMP Redirect message indicates which local router the Cisco IOS software should use.
Examples
The following example defines the router on IP address 192.31.7.18 as the default router:
ip default-gateway 192.31.7.18Related Commands
ip dhcp relay forward spanning-tree
To set the gateway address (giaddr) field in the DHCP packet before forwarding to spanning-tree interfaces, use the ip dhcp relay forward spanning-tree command in global configuration mode. To disable this functionality, use the no form of this command.
ip dhcp relay forward spanning-tree
no ip dhcp relay forward spanning-tree
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
Global configuration
Command History
Usage Guidelines
Prior to Cisco IOS Release 12.1, when the ip forward-protocol spanning-tree any-local-broadcast command was configured, DHCP broadcasts were forwarded to all spanning-tree enabled interfaces after setting the giaddr field in the DHCP packet.
The behavior of the DHCP relay agent was modified in release 12.1 such that the DHCP broadcasts were still forwarded to all spanning-tree enabled interfaces but the giaddr field was not set on the packets. This behavior can cause problems in a network because the DHCP server uses the giaddr field to properly allocate addresses when the client is not in the local network.
Use the ip dhcp relay forward spanning-tree command to set the giaddr to the IP address of the incoming interface before forwarding DHCP broadcasts to spanning-tree enabled interfaces.
The ip forward-protocol udp command is enabled by default and automatically determines that BOOTP client and server datagrams (ports 67 and 68) should be forwarded. This forwarding results in another packet sent to spanning-tree enabled interfaces without the giaddr field set. To avoid these duplicate packets, use the no ip forward-protocol udp bootpc and no ip forward-protocol udp bootps commands.
Examples
In the following example, the giaddr field in the DHCP packet will be set to the IP address of the incoming interface before forwarding to spanning-tree enabled interfaces:
ip dhcp relay forward spanning-treeip forward-protocol spanning-tree any-local-broadcastRelated Commands
ip directed-broadcast
To enable the translation of directed broadcast to physical broadcasts, use the ip directed-broadcast interface configuration command. To disable this function, use the no form of this command.
ip directed-broadcast [access-list-number] | [extended access-list-number]
no ip directed-broadcast [access-list-number] | [extended access-list-number]
Syntax Description
Defaults
Disabled; all IP directed broadcasts are dropped.
Command Modes
Interface configuration
Command History
10.0
This command was introduced.
12.0
The default behavior changed to directed broadcasts being dropped.
Usage Guidelines
An IP directed broadcast is an IP packet whose destination address is a valid broadcast address for some IP subnet, but which originates from a node that is not itself part of that destination subnet.
A router that is not directly connected to its destination subnet forwards an IP directed broadcast in the same way it would forward unicast IP packets destined to a host on that subnet. When a directed broadcast packet reaches a router that is directly connected to its destination subnet, that packet is "exploded" as a broadcast on the destination subnet. The destination address in the IP header of the packet is rewritten to the configured IP broadcast address for the subnet, and the packet is sent as a link-layer broadcast.
The ip directed-broadcast interface command controls the explosion of directed broadcasts when they reach their target subnets. The command affects only the final transmission of the directed broadcast on its ultimate destination subnet. It does not affect the transit unicast routing of IP directed broadcasts.
If directed broadcast is enabled for an interface, incoming IP packets whose addresses identify them as directed broadcasts intended for the subnet to which that interface is attached will be exploded as broadcasts on that subnet. If an access list has been configured with the ip directed-broadcast command, only directed broadcasts that are permitted by the access list in question will be forwarded; all other directed broadcasts destined for the interface subnet will be dropped.
If the no ip directed-broadcast command has been configured for an interface, directed broadcasts destined for the subnet to which that interface is attached will be dropped, rather than being broadcast.
Note
Examples
The following example enables forwarding of IP directed broadcasts on Ethernet interface 0:
interface ethernet 0ip directed-broadcastRelated Commands
Specifies which protocols and ports the router forwards when forwarding broadcast packets.
ip domain-list
To define a list of default domain names to complete unqualified host names, use the ip domain-list global configuration command. To delete a name from a list, use the no form of this command.
ip domain-list name
no ip domain-list name
Syntax Description
name
Domain name. Do not include the initial period that separates an unqualified name from the domain name.
Defaults
No domain names are defined.
Command Modes
Global configuration
Command History
Usage Guidelines
If there is no domain list, the domain name that you specified with the ip domain-name global configuration command is used. If there is a domain list, the default domain name is not used. The ip domain-list command is similar to the ip domain-name command, except that with the ip domain-list command you can define a list of domains, each to be tried in turn.
Examples
The following example adds several domain names to a list:
ip domain-list martinez.comip domain-list stanford.eduThe following example adds a name to and then deletes a name from the list:
ip domain-list sunya.eduno ip domain-list stanford.eduRelated Commands
Defines a default domain name to complete unqualified host names (names without a dotted-decimal domain name).
ip domain-lookup
To enable the IP Domain Naming System (DNS)-based host name-to-address translation, use the ip domain-lookup global configuration command. To disable the DNS, use the no form of this command.
ip domain-lookup
no ip domain-lookup
Syntax Description
This command has no arguments or keywords.
Defaults
Enabled
Command Modes
Global configuration
Command History
Examples
The following example enables the IP Domain Naming System-based host name-to-address translation:
ip domain-lookupRelated Commands
ip domain-name
To define a default domain name that the Cisco IOS software uses to complete unqualified host names (names without a dotted-decimal domain name), use the ip domain-name global configuration command. To disable use of the DNS, use the no form of this command.
ip domain-name name
no ip domain-name
Syntax Description
name
Default domain name used to complete unqualified host names. Do not include the initial period that separates an unqualified name from the domain name.
Defaults
Enabled
Command Modes
Global configuration
Command History
Usage Guidelines
Any IP host name that does not contain a domain name (that is, any name without a dot), will have the dot and cisco.com appended to it before being added to the host table.
Examples
The following example defines cisco.com as the default domain name:
ip domain-name cisco.comRelated Commands
ip forward-protocol
To specify which protocols and ports the router forwards when forwarding broadcast packets, use the ip forward-protocol global configuration command. To remove a protocol or port, use the no form of this command.
ip forward-protocol {udp [port] | nd | sdns}
no ip forward-protocol {udp [port] | nd | sdns}
Syntax Description
Defaults
If an IP helper address is defined, UDP forwarding is enabled on default ports. If UDP flooding is configured, UDP flooding is enabled on the default ports.
If a helper address is specified and UDP forwarding is enabled, broadcast packets destined to the following port numbers are forwarded by default:
•
•
•
•
•
•
•
•
Command Modes
Global configuration
Command History
Usage Guidelines
Enabling a helper address or UDP flooding on an interface causes the Cisco IOS software to forward particular broadcast packets. You can use the ip forward-protocol command to specify exactly which types of broadcast packets you would like to have forwarded. A number of commonly forwarded applications are enabled by default. Enabling forwarding for some ports (for example, RIP) may be hazardous to your network.
If you use the ip forward-protocol command, specifying just UDP, without the port, enables forwarding and flooding on the default ports.
One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP). DHCP is defined in RFC 1531. DHCP protocol information is carried inside of BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the router interface closest to the client. The helper address should specify the address of the DHCP server. If you have multiple servers, you can configure one helper address for each server. Since BOOTP packets are forwarded by default, DHCP information can now be forwarded by the software. The DHCP server now receives broadcasts from the DHCP clients.
Examples
The following example uses the ip forward-protocol command to specify forwarding of UDP port 3001 in addition to the default ports, and then defines a helper address:
ip forward-protocol udp 3001!interface ethernet 1ip helper-address 131.120.1.0Related Commands
ip forward-protocol spanning-tree
To permit IP broadcasts to be flooded throughout the internetwork in a controlled fashion, use the ip forward-protocol spanning-tree global configuration command. To disable the flooding of IP broadcasts, use the no form of this command.
ip forward-protocol spanning-tree [any-local-broadcast]
no ip forward-protocol spanning-tree [any-local-broadcast]
Syntax Description
Defaults
Disabled
Command Modes
Global configuration
Command History
Usage Guidelines
A packet must meet the following criteria to be considered for flooding:
•
•
•
•
•
A flooded UDP datagram is given the destination address specified by the ip broadcast-address interface configuration command on the output interface. The destination address can be set to any desired address. Thus, the destination address may change as the datagram propagates through the network. The source address is never changed. The TTL value is decremented.
After a decision has been made to send the datagram out on an interface (and the destination address possibly changed), the datagram is handed to the normal IP output routines and is therefore subject to access lists, if they are present on the output interface.
The ip forward-protocol spanning-tree command uses the database created by the bridging spanning-tree protocol. Therefore, the transparent bridging option must be in the routing software, and bridging must be configured on each interface that is to participate in the flooding in order to support this capability.
If an interface does not have bridging configured, it still will be able to receive broadcasts, but it will never forward broadcasts received on that interface. Also, it will never use that interface to send broadcasts received on a different interface.
If no actual bridging is desired, you can configure a type-code bridging filter that will deny all packet types from being bridged. Refer to the "Configuring Transparent Bridging" chapter in the Cisco IOS Bridging and IBM Networking Configuration Guide for more information about using access lists to filter bridged traffic. The spanning-tree database is still available to the IP forwarding code to use for the flooding.
The spanning-tree-based flooding mechanism forwards packets whose contents are all ones (255.255.255.255), all zeros (0.0.0.0), and, if subnetting is enabled, all networks (131.108.255.255 as an example in the network number 131.108.0.0). This mechanism also forward packets whose contents are the zeros version of the all-networks broadcast when subnetting is enabled (for example, 131.108.0.0).
This command is an extension of the ip helper-address interface configuration command, in that the same packets that may be subject to the helper address and forwarded to a single network can now be flooded. Only one copy of the packet will be put on each network segment. In some cases, where DHCP broadcast packets are being forwarded to spanning-tree enabled interfaces, a duplicate copy of the packet will be put on a network segment. See the ip dhcp relay forward spanning-tree global configuration command for information on how to ensure that duplicate packets are not copied onto a ne
