Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services, Release 12.3
IP Addressing and Services Commands: serverfarm through show ip nat
Download this chapter
IP Addressing and Services Commands: serverfarm through show ip natIP Addressing and Services Commands: serverfarm through show ip nat
Download the complete book
Book-level PDF: Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services, Release 12.3 Book-level PDF: Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services, Release 12.3 (PDF - 3 MB)
give_us_feedback

Table Of Contents

serverfarm

service dhcp

show access-lists

show access-list compiled

show arp

show glbp

show hosts

show interface mac

show interface precedence

show ip access-list

show ip accounting

show ip aliases

show ip arp

show ip casa affinities

show ip casa oper

show ip casa stats

show ip casa wildcard

show ip dhcp binding

show ip dhcp conflict

show ip dhcp database

show ip dhcp import

show ip dhcp pool

show ip dhcp relay information trusted-sources

show ip dhcp server statistics

show ip dns primary

show ip dns statistics

show ip drp

show ip interface

show ip irdp

show ip masks

show ip nat statistics

show ip nat translations


serverfarm

To associate a real server farm with a virtual server, use the serverfarm command in SLB virtual server configuration mode. To remove the server farm association from the virtual server configuration, use the no form of this command.

serverfarm serverfarm-name

no serverfarm

Syntax Description

serverfarm-name

Name of a server farm that has already been defined using the ip slb serverfarm command.


Defaults

No default behavior or values.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows how the ip slb vserver, virtual, and serverfarm commands are used to associate the real server farm named PUBLIC with the virtual server named PUBLIC_HTTP: 

ip slb vserver PUBLIC_HTTP

 virtual 10.0.0.1 tcp www

 serverfarm PUBLIC

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


service dhcp

To enable the Cisco IOS Dynamic Host Configuration Protocol (DHCP) server and relay agent features on your router, use the service dhcp command in global configuration mode. To disable the Cisco IOS DHCP server and relay agent features, use the no form of this command.

service dhcp

no service dhcp

Syntax Description

This command has no arguments or keywords.

Defaults

Enabled

Command Modes

Global configuration

Command History

Release
Modification

12.0(1)T

This command was introduced.


Usage Guidelines

The BOOTP and DHCP servers in Cisco IOS software both use the ICMP port (port 67) by default. ICMP "port unreachable messages" will only be returned to the sender if both the BOOTP server and DHCP server are disabled. Disabling only one of the servers will not result in ICMP port unreachable messages.

Examples

The following example enables DHCP services on the DHCP server: 

service dhcp

show access-lists

To display the contents of current access lists, use the show access-lists command in privileged EXEC mode.

show access-lists [access-list-number | access-list-name]

Syntax Description

access-list-number

(Optional) Number of the access list to display. The system displays all access lists by default.

access-list-name

(Optional) Name of the IP access list to display.


Defaults

The system displays all access lists.

Command Modes

Privileged EXEC

Command History

Release
Modification

10.0

This command was introduced.

12.1(5)T

The command output was modified to identify compiled access lists.

12.2(2)T

The command output was modified to show information for IPv6 access lists.


Examples

The following is sample output from the show access-lists command when access list 101 is specified: 

Router# show access-lists 101


Extended IP access list 101

    permit tcp host 198.92.32.130 any established (4304 matches) check=5

    permit udp host 198.92.32.130 any eq domain (129 matches)

    permit icmp host 198.92.32.130 any

    permit tcp host 198.92.32.130 host 171.69.2.141 gt 1023

    permit tcp host 198.92.32.130 host 171.69.2.135 eq smtp (2 matches)

    permit tcp host 198.92.32.130 host 198.92.30.32 eq smtp

    permit tcp host 198.92.32.130 host 171.69.108.33 eq smtp

    permit udp host 198.92.32.130 host 171.68.225.190 eq syslog

    permit udp host 198.92.32.130 host 171.68.225.126 eq syslog

    deny   ip 150.136.0.0 0.0.255.255 224.0.0.0 15.255.255.255

    deny   ip 171.68.0.0 0.1.255.255 224.0.0.0 15.255.255.255 (2 matches) check=1

    deny   ip 172.24.24.0 0.0.1.255 224.0.0.0 15.255.255.255

    deny   ip 192.82.152.0 0.0.0.255 224.0.0.0 15.255.255.255

    deny   ip 192.122.173.0 0.0.0.255 224.0.0.0 15.255.255.255

    deny   ip 192.122.174.0 0.0.0.255 224.0.0.0 15.255.255.255

    deny   ip 192.135.239.0 0.0.0.255 224.0.0.0 15.255.255.255

    deny   ip 192.135.240.0 0.0.7.255 224.0.0.0 15.255.255.255

    deny   ip 192.135.248.0 0.0.3.255 224.0.0.0 15.255.255.255

An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match.

The following is sample output from the show access-lists command when the Turbo Access Control List (ACL) feature is configured on all of the following access lists.

Note The permit and deny information displayed by the show access-lists command may not be in the same order as that entered using the access-list command 

Router# show access-lists


Standard IP access list 1 (Compiled)

    deny   any

Standard IP access list 2 (Compiled)

    deny   192.168.0.0, wildcard bits 0.0.0.255

    permit any

Standard IP access list 3 (Compiled)

    deny   0.0.0.0

    deny   192.168.0.1, wildcard bits 0.0.0.255

    permit any

Standard IP access list 4 (Compiled)

    permit 0.0.0.0

    permit 192.168.0.2, wildcard bits 0.0.0.255

The following is sample output from the show access-lists command that shows information for IPv6 access lists when IPv6 is configured on the network: 

Router# show access-lists


IPv6 access list list2

     deny ipv6 FEC0:0:0:2::/64 any sequence 10

     permit ipv6 any any sequence 20

For information on how to configure access lists, refer to the "Configuring IP Services" chapter of the Cisco IOS IP Configuration Guide.

For information on how to configure dynamic access lists, refer to the "Traffic Filtering and Firewalls" part of the Cisco IOS Security Configuration Guide.

Related Commands

Command
Description

access-list (IP extended)

Defines an extended IP access list.

access-list (IP standard)

Defines a standard IP access list.

clear access-list counters

Clears the counters of an access list.

clear access-template

Clears a temporary access list entry from a dynamic access list manually.

ip access-list

Defines an IP access list by name.

show ip access-lists

Displays the contents of all current IP access lists.

show ipv6 access-list

Displays the contents of all current IPv6 access lists.


show access-list compiled

To display a table showing Turbo Access Control Lists (ACLs), use the show access-list compiled command in EXEC mode.

show access-list compiled

Syntax Description

This command has no arguments or keywords.

Command Modes

User EXEC
Privileged EXEC

Command History

Release
Modification

12.0(6)S

This command was introduced.

12.1(1)E

This command was introduced for Cisco 7200 series routers.

12.1(5)T

This command was integrated into Cisco IOS
Release 12.1(5)T.


Usage Guidelines

This command is used to display the status and condition of the Turbo ACL tables associated with each access list. The memory usage is displayed for each table; large and complex access lists may require substantial amounts of memory. If the memory usage is greater than the memory available, you can disable the Turbo ACL feature so that memory exhaustion does not occur, but the acceleration of the access lists is not then enabled.

Examples

The following is partial sample output from the show access-list compiled command: 

Router# show access-list compiled


Compiled ACL statistics:

12 ACLs loaded, 12 compiled tables

 ACL         State      Tables  Entries  Config  Fragment  Redundant  Memory

1           Operational    1        2        1         0          0      1Kb

2           Operational    1        3        2         0          0      1Kb

3           Operational    1        4        3         0          0      1Kb

4           Operational    1        3        2         0          0      1Kb

5           Operational    1        5        4         0          0      1Kb

9           Operational    1        3        2         0          0      1Kb

20          Operational    1        9        8         0          0      1Kb

21          Operational    1        5        4         0          0      1Kb

101         Operational    1       15        9         7          2      1Kb

102         Operational    1       13        6         6          0      1Kb

120         Operational    1        2        1         0          0      1Kb

199         Operational    1        4        3         0          0      1Kb

First level lookup tables:

Block      Use              Rows       Columns   Memory used

  0   TOS/Protocol            6/16     12/16      66048

  1   IP Source (MS)         10/16     12/16      66048

  2   IP Source (LS)         27/32     12/16      132096

  3   IP Dest (MS)            3/16     12/16      66048

  4   IP Dest (LS)            9/16     12/16      66048

  5   TCP/UDP Src Port        1/16     12/16      66048

  6   TCP/UDP Dest Port       3/16     12/16      66048

  7   TCP Flags/Fragment      3/16     12/16      66048

Related Commands

Command
Description

access-list compiled

Enables the Turbo ACL feature.

access-list (extended)

Provides extended access lists that allow more detailed access lists.

access-list (standard)

Creates a standard access list.

clear access-list counters

Clears the counters of an access list.

clear access-temp

Manually clears a temporary access list entry from a dynamic access list.

ip access-list

Defines an IP access list by name.

show ip access-list

Displays the contents of all current IP access lists.


show arp

To display the entries in the Address Resolution Protocol (ARP) table, use the show arp privileged EXEC command.

show arp

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release
Modification

10.0

This command was introduced.


Examples

The following is sample output from the show arp command: 

Router# show arp


Protocol   Address	          Age (min)   	Hardware Addr    	Type    Interface


Internet   131.108.42.112   	120         0000.a710.4baf	   ARPA    Ethernet3

AppleTalk  4028.5	           29	          0000.0c01.0e56   SNAP	    Ethernet2

Internet   131.108.42.114   	105	         0000.a710.859b   ARPA	    Ethernet3

AppleTalk  4028.9           	-           0000.0c02.a03c	   SNAP    Ethernet2

Internet   	131.108.42.121	   42	          0000.a710.68cd	   ARPA	    Ethernet3

Internet   	131.108.36.9     	-	           0000.3080.6fd4	   SNAP    TokenRing0

AppleTalk  4036.9           	-	           0000.3080.6fd4   	SNAP    TokenRing0

Internet   131.108.33.9	     -	           0000.0c01.7bbd	   SNAP	    Fddi0

Table 2 describes the significant fields shown in the display.

Table 2 show arp Field Descriptions 

Field
Description

Protocol

Protocol for network address in the Address field.

Address

The network address that corresponds to the Hardware Address.

Age (min)

Age in munutes of the cache entryh. A hyphen (-) means the address is local.

Hardware Addr

LAN hardware address of a MAC address that corresponds to the network address.

Type

Indicates the encapsulation type the Cisco IOS software is using for the network address in this entry. Possible values include:

ARPA

SNAP

ETLK (EtherTalk)

SMDS

Interface

Indicates the interface associated with this network address.


show glbp

To display Gateway Load Balancing Protocol (GLBP) information, use the show glbp command in privileged EXEC mode.

show glbp [interface-type interface-number] [group] [state] [brief]

Syntax Description

interface-type interface-number

(Optional) Interface type and number for which output is displayed.

group

(Optional) GLBP group number in the range from 0 to 1023.

state

(Optional) State of the GLBP router, one of the following: active, disabled, init, listen, speak, or standby.

brief

(Optional) Summarizes each virtual gateway or virtual forwarder with a single line of output.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(14)S

This command was introduced.

12.2(15)T

This command was integrated into Cisco IOS Release 12.2(15)T.


Usage Guidelines

Use the show glbp command to display information about GLBP groups on a router. The brief keyword displays a single line of information about each virtual gateway or virtual forwarder.

Examples

The following is sample output from the show glbp command: 

Router# show glbp


FastEthernet0/0 - Group 10

  State is Active

    2 state changes, last state change 23:50:33

  Virtual IP address is 10.21.8.10

  Hello time 5 sec, hold time 18 sec

    Next hello sent in 4.300 secs

  Redirect time 600 sec, forwarder time-out 7200 sec

  Authentication text "stringabc"

  Preemption enabled, min delay 60 sec

  Active is local

  Standby is unknown

  Priority 254 (configured)

  Weighting 105 (configured 110), thresholds: lower 95, upper 105

    Track object 2 state Down decrement 5

  Load balancing: host-dependent

  There is 1 forwarder (1 active)

  Forwarder 1

    State is Active

      1 state change, last state change 23:50:15

    MAC address is 0007.b400.0101 (default)

    Owner ID is 0005.0050.6c08

    Redirection enabled

    Preemption enabled, min delay 60 sec

    Active is local, weighting 105

The following is sample output from the show glbp command with the brief keyword specified: 

Router# show glbp brief


Interface   Grp  Fwd Pri State    Address         Active router   Standby router

Fa0/0       10   -   254 Active   10.21.8.10       local           unknown       

Fa0/0       10   1   7   Active   0007.b400.0101   local           -

Table 3 describes the significant fields shown in the displays.

Table 3 show glbp Field Descriptions 

Field
Description

FastEthernet0/0 - Group

Interface type and number and GLBP group number for the interface.

State is

State descriptions for virtual gateways or virtual forwarders are similar but differ in some details. For a virtual gateway the state can be one of the following:

Disabled—Indicates that the virtual IP address has not been configured or learned yet, but other GLBP configuration exists.

Initial—The virtual IP address has been configured or learned but virtual gateway configuration is not complete. An interface must be up and configured to route IP, and an interface IP address must be configured.

Listen—Virtual gateway is receiving hello packets and is ready to change to the "speak" state if the active or standby virtual gateway becomes unavailable.

Speak—Virtual gateway is attempting to become the active or standby virtual gateway.

Standby—Indicates that the gateway is next in line to be the active virtual gateway (AVG).

Active—Indicates that this gateway is the AVG, and that it is responsible for responding to Address Resolution Protocol (ARP) requests for the virtual IP address.

For a virtual forwarder the state can be one of the following:

Disabled—Indicates that the virtual MAC address has not been assigned or learned. This is a transitory state because a virtual forwarder changing to a disabled state is deleted.

Initial—The virtual MAC address is known but virtual forwarder configuration is not complete. An interface must be up and configured to route IP, an interface IP address must be configured, and the virtual IP address must be known.

Listen—Virtual forwarder is receiving hello packets and is ready to change to the "active" state if the active virtual forwarder (AVF) becomes unavailable.

Active—Indicates that this gateway is the AVF, and that it is responsible for forwarding packets sent to the virtual forwarder MAC address.

Virtual IP address is

The virtual IP address of the GLBP group. All secondary virtual IP addresses are listed on separate lines. If one of the virtual IP addresses is a duplicate of an address configured for another device, it will be marked as "duplicate." A duplicate address indicates that the router has failed to defend its ARP cache entry.

Hello time, hold time

The hello time is the time between hello packets (in seconds or milliseconds). The holdtime is the time (in seconds) before other routers declare the active router to be down. All routers in a GLBP group use the hello and holdtime values of the current AVG. If the locally configured values are different, the configured values appear in parentheses after the hello time and holdtime values.

Next hello sent in

Time until GLBP will send the next hello packet (in seconds or milliseconds).

Preemption enabled

Indicates whether GLBP gateway preemption is enabled. If enabled, the minimum delay is the time (in seconds) a higher-priority nonactive router will wait before preempting the lower-priority active router.

This field is also displayed under the forwarder section where it indicates GLBP forwarder preemption.

Active is

Value can be "local," "unknown," or an IP address. Address (and the expiration date of the address) of the current AVG.

This field is also displayed under the forwarder section where it indicates the address of the current AVF.

Standby is

Value can be "local," "unknown," or an IP address. Address (and the expiration date of the address) of the standby gateway (the gateway that is next in line to be the AVG).

Weighting

Initial weighting value with lower and upper threshold values.

Track object

List of objects that are being tracked and their corresponding states.


Related Commands

Command
Description

glbp ip

Enables GLBP.

glbp timers

Configures the time between hello messages and the time before other routers declare the active GLBP router to be down.

glbp weighting track

Specifies an object to be tracked that affects the weighting of a GLBP gateway.


show hosts

To display the default domain name, the style of name lookup service, a list of name server hosts, and the cached list of host names and addresses, use the show hosts command in EXEC mode.

show hosts

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

10.0

This command was introduced.

12.2(4)T

This command was updated to support the Cisco modem user interface feature.


Examples

The following is sample output from the show hosts command: 

Router# show hosts


Default domain is CISCO.COM

Name/address lookup uses domain service

Name servers are 255.255.255.255

Host	              Flag        Age	   Type	       Address(es)

SLAG.CISCO.COM    (temp, OK)  1     IP         172.20.4.10

CHAR.CISCO.COM    (temp, OK)  8     IP         192.168.7.50

CHAOS.CISCO.COM   (temp, OK)  8     IP         172.20.1.115

DIRT.CISCO.COM    (temp, EX)  8     IP         172.20.1.111

DUSTBIN.CISCO.COM (temp, EX)  0     IP         172.20.1.27

DREGS.CISCO.COM   (temp, EX)  24    IP         172.20.1.30

Table 4 describes the significant fields shown in the display.

Table 4 show hosts Field Descriptions 

Field
Description

Flag

A temporary entry is entered by a name server; the Cisco IOS software removes the entry after 72 hours of inactivity.

A permanent entry is entered by a configuration command and is not timed out. Entries marked OK are believed to be valid. Entries marked ?? are considered suspect and subject to revalidation. Entries marked EX are expired.

Age

Indicates the number of hours since the software last referred to the cache entry.

Type

Identifies the type of address, for example, IP, Connectionless Network Service (CLNS), or X.121. If you have used the ip hp-host global configuration command, the show hosts command will display these host names as type HP-IP.

Address(es)

Displays the address of the host. One host may have up to eight addresses.


The following is sample output from a router when a modem telephone number is mapped to an IP host address for the Cisco modem user interface feature using the ip host global configuration command: 

Router# show hosts


Default domain is not set

Name/address lookup uses domain service

Name servers are 255.255.255.255


Codes: u - unknown, e - expired, * - OK, ? - revalidate

       t - temporary, p - permanent


   Host                   Age  Type     Address(es)

*p p4085554567                    0  IP       1.2.1.6

*p t4085551234                    0  IP       1.2.1.5

Under the Host field, a "p" preceding the number indicates a pulse-dialed modem telephone number, and a "t" indicates a tone-dialed modem telephone number. The IP address mapped to the telephone number appears under the Address(es) field. See Table 4 for descriptions of the other fields seen in this display.

Related Commands

Command
Description

clear arp interface

Deletes entries from the host name-to-address cache.

ip helper-address

Defines a static host-name-to-address mapping in the host cache.


show interface mac

To display MAC accounting information for interfaces configured for MAC accounting, use the show interface mac command in user EXEC or privileged EXEC mode.

show interface [type number] mac

Syntax Description

type

(Optional) Interface type supported on your router.

number

(Optional) Port number of the interface. The syntax varies depending on the type of router. For example, on a Cisco 7500 series router the syntax is 0/0/0, where 0 represents the slot, port adapter, and port number (the slash marks are required). Refer to the appropriate hardware manual for numbering information.


Command Modes

User EXEC
Privileged EXEC

Command History

Release
Modification

11.1 CC

This command was introduced.


Usage Guidelines

The show interface mac command displays information for one interface, when specified, or all interfaces configured for MAC accounting.

For incoming packets on the interface, the accounting statistics are gathered before the committed access rate (CAR)/distributed committed access rate (DCAR) functionality is performed on the packet. For outgoing packets on the interface, the accounting statistics are gathered after the CAR output, and before DCAR output or distributed weighted random early detection (DWRED) or distributed weighted fair queuing (DWFQ) functionality is performed on the packet.

Therefore, if DCAR or DWRED is performed on the interface and packets are dropped, the dropped packets are still counted in the show interface mac command.

The maximum number of MAC addresses that can be stored for the input and output addresses is 512 each. After the maximum is reached, subsequent MAC addresses are ignored.

To clear the accounting statistics, use the clear counter EXEC command. To configure an interface for IP accounting based on the MAC address, use the ip accounting mac-address interface configuration command.

Examples

The following is sample output from the show interface mac command: 

Router# show interface ethernet 0/1/1 mac


Ethernet0/1/1 

  Input  (511 free)

    0007.f618.4449(228):  4 packets, 456 bytes, last: 2684ms ago

                  Total:  4 packets, 456 bytes

  Output  (511 free)

    0007.f618.4449(228):  4 packets, 456 bytes, last: 2692ms ago

                  Total:  4 packets, 456 bytes

Table 5 describes the significant fields shown in the display.

Table 5 show interface mac Field Descriptions 

Field
Description

Ethernet0/1/1

Interface type and number.

Input
Output

Number of packets received as input or sent as output by this interface.

0007.f618.4449(228)

MAC address of the interface from or to which this router sends or receives packets.

packets

Total number of messages that have been transmitted or received by the system.

bytes

Total number of bytes, including data and MAC encapsulation, that have been transmitted or received by the system.

last

Time, in milliseconds, since the last IP packet was transmitted or received on the specified interface.


Related Commands

Command
Description

ip accounting mac-address

Enables IP accounting on any interface based on the source and destination MAC address.


show interface precedence

To display precedence accounting information for interfaces configured for precedence accounting, use the show interface precedence command in user EXEC or privileged EXEC mode.

show interface [type number] precedence

Syntax Description

type

(Optional) Interface type supported on your router.

number

(Optional) Port number of the interface. The syntax varies depending on the type of router. For example, on a Cisco 7500 series router the syntax is 0/0/0, where 0 represents the slot, port adapter, and port number (the slash is required). Refer to the appropriate hardware manual for numbering information.


Command Modes

User EXEC
Privileged EXEC

Command History

Release
Modification

11.1 CC

This command was introduced.


Usage Guidelines

The show interface precedence command displays information for one interface, when specified, or all interfaces configured for IP precedence accounting.

For incoming packets on the interface, the accounting statistics are gathered before the committed access rate (CAR)/distributed committed access rate (DCAR) functionality is performed on the packet. For outgoing packets on the interface, the accounting statistics are gathered after the CAR output, and before DCAR output or distributed weighted random early detection (DWRED) or distributed weighted fair queuing (DWFQ) functionality is performed on the packet. Therefore, if DCAR or DWRED is performed on the interface and packets are dropped, the dropped packets are still counted in the show interface mac command.

To clear the accounting statistics, use the clear counter EXEC command.

To configure an interface for IP accounting based on IP precedence, use the ip accounting precedence interface configuration command.

Examples

The following is sample output from the show interface precedence command. In this example, the total packet and byte counts are calculated for the interface that receives (input) or sends (output) IP packets and sorts the results based on IP precedence. 

Router# show interface ethernet 0/1/1 precedence


Ethernet0/1/1 

  Input

    Precedence 0:  4 packets, 456 bytes

  Output

    Precedence 0:  4 packets, 456 bytes

Table 6 describes the fields shown in the display.

Table 6 show interface precedence Field Descriptions 

Field
Description

Ethernet0/1/1

Interface type and number.

Input
Output

An interface that receives or sends IP packets and sorts the results based on IP precedence.

Precedence

Precedence value for the specified interface.

packets

Total number of messages that have been transmitted or received by the system.

bytes

Total number of bytes, including data and MAC encapsulation, that have been transmitted or received by the system.


Related Commands

Command
Description

ip accounting precedence

Enables IP accounting on any interface based on IP precedence.


show ip access-list

To display the contents of all current IP access lists, use the show ip access-list command in user EXEC or privileged EXEC mode.

show ip access-list [access-list-number | access-list-name]

Syntax Description

access-list-number

(Optional) Number of the IP access list to display.

access-list-name

(Optional) Name of the IP access list to display.


Defaults

Displays all standard and extended IP access lists.

Command Modes

User EXEC
Privileged EXEC

Command History

Release
Modification

10.3

This command was introduced.


Usage Guidelines

The show ip access-list command provides output identical to the show access-lists command, except that it is IP-specific and allows you to specify a particular access list.

Examples

The following is sample output from the show ip access-list command when all access lists are requested: 

Router# show ip access-list


Extended IP access list 101

   deny udp any any eq ntp

   permit tcp any any

   permit udp any any eq tftp

   permit icmp any any

   permit udp any any eq domain

The following is sample output from the show ip access-list command when the name of a specific access list is requested: 

Router# show ip access-list Internetfilter


Extended IP access list Internetfilter

   permit tcp any 171.69.0.0 0.0.255.255 eq telnet

   deny tcp any any

   deny udp any 171.69.0.0 0.0.255.255 lt 1024

   deny ip any any log

show ip accounting

To display the active accounting or checkpointed database or to display access list violations, use the show ip accounting command in user EXEC or privileged EXEC mode.

show ip accounting [checkpoint] [output-packets | access-violations]

Syntax Description

checkpoint

(Optional) Indicates that the checkpointed database should be displayed.

output-packets

(Optional) Indicates that information pertaining to packets that passed access control and were routed should be displayed. If neither the output-packets nor access-violations keyword is specified, output-packets is the default.

access-violations

(Optional) Indicates that information pertaining to packets that failed access lists and were not routed should be displayed. If neither the output-packets nor access-violations keyword is specified, output-packets is the default.


Defaults

If neither the output-packets nor access-violations keyword is specified, the show ip accounting command displays information pertaining to packets that passed access control and were routed.

Command Modes

User EXEC
Privileged EXEC

Command History

Release
Modification

10.0

This command was introduced.

10.3

The output-packets and access-violations keywords were added.


Usage Guidelines

If you do not specify any keywords, the show ip accounting command displays information about the active accounting database, and traffic coming from a remote site and transiting through a router.

To display IP access violations, you must use the access-violations keyword. If you do not specify the keyword, the command defaults to displaying the number of packets that have passed access lists and were routed.

To use this command, you must first enable IP accounting on a per-interface basis.

Examples

The following is sample output from the show ip accounting command: 

Router# show ip accounting


   Source           Destination              Packets               Bytes     

 172.16.19.40    192.168.67.20                  7                 306

 172.16.13.55    192.168.67.20                  67                2749

 172.16.2.50     192.168.33.51                  17                1111

 172.16.2.50     172.31.2.1                     5                 319

 172.16.2.50     172.31.1.2                     463               30991

 172.16.19.40    172.16.2.1                      4                 262

 172.16.19.40    172.16.1.2                      28                2552

 172.16.20.2     172.16.6.100                    39                2184

 172.16.13.55    172.16.1.2                      35                3020

 172.16.19.40    192.168.33.51                  1986               95091

 172.16.2.50     192.168.67.20                   233               14908

 172.16.13.28    192.168.67.53                   390               24817

 172.16.13.55    192.168.33.51                214669             9806659

 172.16.13.111   172.16.6.23                  27739             1126607

 172.16.13.44    192.168.33.51                 35412             1523980

 192.168.7.21    172.163.1.2                      11                 824

 172.16.13.28    192.168.33.2                     21                1762

 172.16.2.166    192.168.7.130                   797              141054

 172.16.3.11     192.168.67.53                     4                 246

 192.168.7.21    192.168.33.51                 15696              695635

 192.168.7.24    192.168.67.20                    21                 916

 172.16.13.111   172.16.10.1                     16                1137

 accounting threshold exceeded for 7 packets and 433 bytes

The following is sample output from the show ip accounting access-violations command. The output pertains to packets that failed access lists and were not routed: 

Router# show ip accounting access-violations


   Source           Destination      Packets        Bytes        ACL

172.16.19.40    192.168.67.20              7          306         77

172.16.13.55    192.168.67.20             67         2749        185

172.16.2.50     192.168.33.51             17         1111        140

172.16.2.50     172.16.2.1                5          319        140

172.16.19.40    172.16.2.1                4          262         77

Accounting data age is 41


The following is sample output from the show ip accounting command. The output shows the original source and destination addresses that are separated by three routers: 

Router3# show ip accounting 


Source                  Destination                  Packets                  Bytes

10.225.231.154          172.16.10.2                  44                       28160

10.76.97.34             172.16.10.2                  44                       28160

10.10.11.1              172.16.10.2                  507                      324480

10.10.10.1              172.16.10.2                  507                      318396

10.100.45.1             172.16.10.2                  508                      325120

10.98.32.5              172.16.10.2                  44                       28160


Accounting data age is 2

Table 7 describes the significant fields shown in the displays.

Table 7 show ip accounting Field Descriptions 

Field
Description

Source

Source address of the packet.

Destination

Destination address of the packet.

Packets

Number of packets sent from the source address to the destination address.

With the access-violations keyword, the number of packets sent from the source address to the destination address that violated an access control list (ACL).

Bytes

Sum of the total number of bytes (IP header and data) of all IP packets sent from the source address to the destination address.

With the access-violations keyword, the total number of bytes sent from the source address to the destination address that violated an ACL.

ACL

Number of the access list of the last packet sent from the source to the destination that failed an access list filter.

accounting threshold exceeded...

Data for all packets that could not be entered into the accounting table when the accounting table is full. This data is combined into a single entry.


Related Commands

Command
Description

clear ip accounting

Clears the active or checkpointed database when IP accounting is enabled.

ip accounting

Enables IP accounting on an interface.

ip accounting-list

Defines filters to control the hosts for which IP accounting information is kept.

ip accounting-threshold

Sets the maximum number of accounting entries to be created.

ip accounting-transits

Controls the number of transit records that are stored in the IP accounting database.


show ip aliases

To display the IP addresses mapped to TCP ports (aliases) and Serial Line Internet Protocol (SLIP) addresses, which are treated similarly to aliases, use the show ip aliases EXEC command.

show ip aliases

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

To distinguish a SLIP address from a normal alias address, the command output uses the form SLIP TTY1 for the "port" number, where 1 is the auxiliary port.

Examples

The following is sample output from the show ip aliases command: 

Router# show ip aliases


 IP Address    Port

172.16.0.0     SLIP TTY1

The display lists the IP address and corresponding port number.

Related Commands

Command
Description

show line

Displays the parameters of a terminal line.


show ip arp

To display the Address Resolution Protocol (ARP) cache, where Serial Line Internet Protocol (SLIP) addresses appear as permanent ARP table entries, use the show ip arp EXEC command.

show ip arp [ip-address] [host-name] [mac-address] [interface type number]

Syntax Description

ip-address

(Optional) ARP entries matching this IP address are displayed.

host-name

(Optional) Host name.

mac-address

(Optional) 48-bit MAC address.

interface type number

(Optional) ARP entries learned via this interface type and number are displayed.


Command Modes

EXEC

Command History

Release
Modification

9.0

This command was introduced.


Usage Guidelines

ARP establishes correspondences between network addresses (an IP address, for example) and LAN hardware addresses (Ethernet addresses). A record of each correspondence is kept in a cache for a predetermined amount of time and then discarded.

Examples

The following is sample output from the show ip arp command: 

Router# show ip arp


Protocol  Address	Age(min)  Hardware Addr  Type   Interface

Internet  172.16.233.22	9	0000.0c59.f892 ARPA   Ethernet0/0

Internet  172.16.233.21	8	0000.0c07.ac00 ARPA   Ethernet0/0

Internet  172.16.233.19	-	0000.0c63.1300 ARPA   Ethernet0/0

Internet  172.16.233.30	9	0000.0c36.6965 ARPA   Ethernet0/0

Internet  172.16.168.11	-	0000.0c63.1300 ARPA   Ethernet0/0

Internet  172.16.168.254	9	0000.0c36.6965 ARPA   Ethernet0/0

Table 8 describes the significant fields shown in the display.

Table 8 show ip arp Field Descriptions 

Field
Description

Protocol

Protocol for network address in the Address field.

Address

The network address that corresponds to the Hardware Address.

Age (min)

Age in minutes of the cache entry. A hyphen (-) means the address is local.

Hardware Addr

LAN hardware address of a MAC address that corresponds to the network address.

Type

Indicates the encapsulation type the Cisco IOS software is using the network address in this entry. Possible value include:

ARPA

SNAP

SAP

Interface

Indicates the interface associated with this network address.


show ip casa affinities

To display statistics about affinities, use the show ip casa affinities command in user EXEC or privileged EXEC mode.

show ip casa affinities [stats] | [saddr ip-address [detail]] | [daddr ip-address [detail]] | sport source-port [detail]] | dport destination-port [detail]] | protocol protocol [detail]]