-
Cisco IOS IP Command Reference, Volume 2 of 4: Routing Protocols, Release 12.3
-
Introduction
-
IP Routing Protocol Commands: A through B
-
IP Routing Protocols Commands: C through H
-
IP Routing Protocols Commands: I
-
IP Routing Protocols Commands: K through M
-
IP Routing Protocols Commands: N
-
IP Routing Protocols Commands: O through R
-
IP Routing Protocols Commands: send-lifetime through set-overload-bit
-
IP Routing Protocols Commands: show bgp nsap through show ip local policy
-
IP Routing Protocols Commands: show ip ospf through version
-
Table Of Contents
ip authentication key-chain eigrp
ip ospf database-filter all out
ip prefix-list sequence-number
ip rip authentication key-chain
isis retransmit-throttle-interval
ignore lsa mospf
To suppress the sending of syslog messages when the router receives link-state advertisement (LSA) Type 6 Multicast OSPF (MOSPF) packets, which are unsupported, use the ignore lsa mospf command in router configuration mode. To restore the sending of syslog messages, use the no form of this command.
ignore lsa mospf
no ignore lsa mospf
Syntax Description
This command has no arguments or keywords.
Defaults
This command is disabled by default. Each MOSPF packet causes the router to send a syslog message.
Command Modes
Router configuration
Command History
Usage Guidelines
Cisco routers do not support LSA Type 6 MOSPF packets, and they generate syslog messages if they receive such packets. If the router is receiving many MOSPF packets, you might want to configure the router to ignore the packets and thus prevent a large number of syslog messages.
Examples
The following example configures the router to suppress the sending of syslog messages when it receives MOSPF packets:
router ospf 109ignore lsa mospfinput-queue
The input-queue command defines the number of received, but not yet processed RIP update packets contained in the Routing Information Protocol (RIP) input queue. Use the input-queue command in router configuration mode. To remove the configured depth and restore the default depth, use the no form of this command.
input-queue depth
no input-queue
Syntax Description
Defaults
A depth of 50.
Command Modes
Router configuration
Command History
11.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
Usage Guidelines
Consider using the input-queue command if you have a high-end router that is sending at high speed to a low-speed router that might not be able to receive at the high speed. Configuring this command will help prevent the routing table from losing information.
Another way to prevent the routing table from losing information is to use the output-delay command to change the interpacket delay for RIP updates.
Examples
The following example sets the depth of the RIP input queue to 100:
router ripinput-queue 100Related Commands
ip as-path access-list
To define a BGP autonomous system path access list, use the ip as-path access-list global configuration command. To disable use of the access list, use the no form of this command.
ip as-path access-list access-list-number {permit | deny} as-regexp
no ip as-path access-list access-list-number
Syntax Description
Defaults
No access lists are defined.
Command Modes
Global configuration
Command History
Usage Guidelines
You can specify an access list filter on both inbound and outbound BGP routes. Each filter is an access list based on regular expressions. If the regular expression matches the representation of the autonomous system path of the route as an ASCII string, then the permit or deny condition applies. The autonomous system path does not contain the local autonomous system number. Use the ip as-path access-list global configuration command to define a BGP access list and the neighbor router configuration command to apply a specific access list.
Examples
The following example creates autonomous-system path access list (number 500) that specifies that the BGP neighbor with IP address 10.125.1.1 is not to be sent advertisements about any path through or from the adjacent autonomous system 123:
ip as-path access-list 500 deny _123_ip as-path access-list 500 deny ^123$router bgp 109network 10.108.0.0neighbor 10.140.6.6 remote-as 123neighbor 10.125.1.1 remote-as 47neighbor 10.125.1.1 filter-list 1 outRelated Commands
neighbor distribute-list
Distributes BGP neighbor information as specified in an access list.
neighbor filter-list
Sets up a BGP filter.
ip authentication key-chain eigrp
To enable authentication of Enhanced Interior Gateway Routing Protocol (EIGRP) packets, use the ip authentication key-chain eigrp command in interface configuration mode. To disable such authentication, use the no form of this command.
ip authentication key-chain eigrp as-number key-chain
no ip authentication key-chain eigrp as-number key-chain
Syntax Description
as-number
Autonomous system number to which the authentication applies.
key-chain
Name of the authentication key chain.
Defaults
No authentication is provided for EIGRP packets.
Command Modes
Interface configuration
Command History
Examples
The following example applies authentication to autonomous system 2 and identifies a key chain named SPORTS:
ip authentication key-chain eigrp 2 SPORTSRelated Commands
ip authentication mode eigrp
To specify the type of authentication used in Enhanced Interior Gateway Routing Protocol (EIGRP) packets, use the ip authentication mode eigrp command in interface configuration mode. To disable that type of authentication, use the no form of this command.
ip authentication mode eigrp as-number md5
no ip authentication mode eigrp as-number md5
Syntax Description
Defaults
No authentication is provided for EIGRP packets.
Command Modes
Interface configuration
Command History
Usage Guidelines
Configure authentication to prevent unapproved sources from introducing unauthorized or false routing messages. When authentication is configured, an MD5 keyed digest is added to each EIGRP packet in the specified autonomous system.
Examples
The following example configures the interface to use MD5 authentication in EIGRP packets in autonomous system 10:
ip authentication mode eigrp 10 md5Related Commands
ip bandwidth-percent eigrp
To configure the percentage of bandwidth that may be used by Enhanced Interior Gateway Routing Protocol (EIGRP) on an interface, use the ip bandwidth-percent eigrp command in interface configuration mode. To restore the default value, use the no form of this command.
ip bandwidth-percent eigrp as-number percent
no ip bandwidth-percent eigrp as-number percent
Syntax Description
Defaults
50 percent
Command Modes
Interface configuration
Command History
Usage Guidelines
EIGRP will use up to 50 percent of the bandwidth of a link, as defined by the bandwidth interface configuration command. This command may be used if some other fraction of the bandwidth is desired. Note that values greater than 100 percent may be configured. The configuration option may be useful if the bandwidth is set artificially low for other reasons.
Examples
The following example allows EIGRP to use up to 75 percent (42 kbps) of a 56-kbps serial link in autonomous system 209:
interface serial 0bandwidth 56ip bandwidth-percent eigrp 209 75Related Commands
ip bgp-community new-format
To display BGP communities in the format AA:NN (autonomous system-community number/2-byte number), use the ip bgp-community new-format command in global configuration mode. To reenable the previous display format for BGP communities (one 32-bit number), use the no form of this command.
ip bgp-community new-format
no ip bgp-community new-format
Syntax Description
This command has no argument or keywords.
Defaults
BGP communities are displayed in the Cisco default format, one 32-bit number.
Command Modes
Global configuration
Command History
Usage Guidelines
RFC 1997, BGP Communities Attribute, specifies that a BGP community is made up of two parts that are 2 bytes long. The first part is the autonomous system number and the second part is a 2-byte number. In the most recent version of the RFC, a community is of the form AA:NN. The Cisco default community format is one 32-bit number. The ip bgp-community new-format command changes the community format to AA:NN to conform to RFC 1997.
Examples
The following example upgrades a router that uses the 32-bit number community format to the AA:NN format:
Router(config)# ip bgp-community new-formatThe following example shows how BGP community numbers are displayed when the ip bgp-community new-format command is enabled:
Router# show ip bgp 10.0.0.0BGP routing table entry for 10.0.0.0/8, version 4Paths: (2 available, best #2, table Default-IP-Routing-Table)Advertised to non peer-group peers:10.0.33.353510.0.33.35 from 10.0.33.35 (192.168.3.3)Origin incomplete, metric 10, localpref 100, valid, externalCommunity: 1:1Local0.0.0.0 from 0.0.0.0 (10.0.33.34)Origin incomplete, metric 0, localpref 100, weight 32768, valid, sourced, bestRelated Commands
ip bgp fast-external-fallover
To enable per-interface fast external fallover, enter the ip bgp fast-external-fallover command in interface configuration mode. To revert back to the current behavior, use the no format of this command.
ip bgp fast-external-fallover [permit | deny]
no ip bgp fast-external-fallover [permit | deny]
Syntax Description
permit
Allows per-interface fast external fallover.
deny
Prevents per-interface fast external fallover.
Defaults
Global fast external fallover.
Command Modes
Interface configuration
Command History
12.0ST
This command was introduced.
12.1
This command was integrated into Cisco IOS Release 12.1.
Usage Guidelines
When you specify the ip bgp fast-external-fallover command with the permit or deny keyword, it overrides the global setting. If you enter the no format of the command, the global setting is in effect for this interface.
Examples
The following example enables per-interface fast-external-fallover on interface Ethernet 0/0:
Router(config)# interface ethernet 0/0Router(config-if)# ip bgp fast-external-fallover permitip community-list
To create or configure a Border Gateway Protocol (BGP) community list and to control access to it, use the ip community-list command in global configuration command. To delete the community list, use the no form of this command.
ip community-list {standard | standard list-name {deny | permit} [community-number] [AA:NN] [internet] [local-AS] [no-advertise] [no-export]} | {expanded | expanded list-name {deny | permit} regexp}
no ip community-list standard | expanded | {expanded | standard} list-name
Syntax Description
Defaults
BGP community exchange is not enabled by default. It is enabled on a per-neighbor basis with the neighbor send-community command.
The Internet community is applied to all routes or prefixes by default, until any other community value is configured with this command or the set community command.
Once a permit value has been configured to match a given set of communities, the community list defaults to an implicit deny for all other community values.
Community values entered in the new format (AA:NN) are converted to 32-bit numbers if the ip bgp-community new-format command is not enabled on the local router.
Defaults
Global configuration
Command History
Usage Guidelines
The ip community-list command is used to configure BGP community filtering. BGP community values are configured as a 32-bit number (old format) or as a 4-byte number (new format). The new community format is enabled when the ip bgp-community new-format command is entered in global configuration mode. The new community format consists of a 4-byte value. The first two bytes represent the autonomous system number, and the trailing two bytes represent a user-defined network number. Named and numbered community lists are supported. BGP community attribute exchange between BGP peers is enabled when the neighbor send-community command is configured for the specified neighbor. The BGP community attribute is defined in RFC-1997 and RFC-1998.
Standard Community Lists
Standard community lists are used to configure well-known communities and specific community numbers. A maximum of 16 communities can be configured in a standard community list. If you attempt to configure more than 16 communities, the trailing communities that exceed the limit are not processed or saved to the running configuration file.
Expanded Community Lists
Expanded community lists are used to filter communities using a regular expression. Regular expressions are used to configure patterns to match community attributes. The order for matching using the * or + character is longest construct first. Nested constructs are matched from the outside in. Concatenated constructs are matched beginning at the left side. If a regular expression can match two different parts of an input string, it will match the earliest part first. For more information about configuring regular expressions, see the Regular Expressions appendix of the Cisco IOS Terminal Services Configuration Guide.
Community List Processing
When multiple values are configured in the same community list statement, a logical AND condition is created. All community values must match to satisfy an AND condition. When multiple values are configured in separate community list statements, a logical OR condition is created. The first list that matches a condition is processed.
Examples
In the following example, a standard community list is configured that permits routes that from network 10 in autonomous system 50000:
Router(config)# ip community-list 1 permit 50000:10In the following example, a standard community list is configured that permits only routes from peers in the same autonomous system or from subautonomous system peers in the same confederation:
Router(config)# ip community-list 1 permit no-exportIn the following example, a standard community list is configured to deny routes that carry communities from network 40 in autonomous system 65534 and from network 60 in autonomous system 65412. This example shows a logical AND condition; all community values must match in order for the list to be processed.
Router(config)# ip community-list 2 deny 65534:40 65412:60In the following example, a named standard community list is configured that permits all routes within the local autonomous system or permits routes from network 20 in autonomous system 40000. This example shows a logical OR condition; the first match is processed.
Router(config)# ip community-list standard RED permit local-ASRouter(config)# ip community-list standard RED permit 40000:20In the following example, an expanded community list is configured that will deny routes that carry communities from any private autonomous system:
Router(config)# ip community-list 500 deny _64[6-9][0-9][0-9]_|_65[0-9][0-9][0-9]_In the following example, a named expanded community list configured that denies routes from network 1 through 99 in autonomous system 50000:
Router(config)# ip community-list expanded BLUE deny 50000:[0-9][0-9]_Related Commands
ip default-network
To select a network as a candidate route for computing the gateway of last resort, use the ip default-network command in global configuration mode. To remove a route, use the no form of this command.
ip default-network network-number
no ip default-network network-number
Syntax Description
Defaults
If the router has a directly connected interface onto the specified network, the dynamic routing protocols running on that router will generate (or source) a default route. For Router Information Protocol (RIP), this is flagged as the pseudonetwork 0.0.0.0; for Interior Gateway Routing Protocol (IGRP), it is the network itself, flagged as an exterior route.
Command Modes
Global configuration
Command History
Usage Guidelines
The Cisco IOS software uses both administrative distance and metric information to determine the default route. Multiple ip default-network commands can be given. All candidate default routes, both static (that is, flagged by the ip default-network command) and dynamic, appear in the routing table preceded by an asterisk.
If the IP routing table indicates that the specified network number is subnetted and a nonzero subnet number is specified, then the system will automatically configure a static summary route. This static summary route is configured instead of a default network. The effect of the static summary route is to cause traffic destined for subnets that are not explicitly listed in the IP routing table to be routed using the specified subnet.
Examples
The following example defines a static route to network 10.0.0.0 as the static default route:
ip route 10.0.0.0 255.0.0.0 10.108.3.4ip default-network 10.0.0.0If the following command was issued on a router not connected to network 10.140.0.0, the software might choose the path to that network as a default route when the network appeared in the routing table:
ip default-network 10.140.0.0Related Commands
ip dvmrp metric
To configure the metric associated with a set of destinations for Distance Vector Multicast Routing Protocol (DVMRP) reports, use the ip dvmrp metric command in interface configuration mode. (Note that this command has two different syntax possibilities.) To disable this function, use the no form of this command.
ip dvmrp metric metric [route-map map-name] [mbgp] [list access-list-number] [[protocol process-id] | dvmrp]
no ip dvmrp metric metric [route-map map-name] [mbgp] [list access-list-number] [[protocol process-id] | dvmrp]
Syntax Description
Defaults
No metric is preconfigured. Only directly connected subnets and networks are advertised to neighboring DVMRP routers.
Command Modes
Interface configuration
Command History
10.2
This command was introduced.
11.1
The route-map keyword was added.
11.1(20)CC
This mbgp keyword was added.
12.0(7)T
This mbgp keyword was added.
Usage Guidelines
When Protocol Independent Multicast (PIM) is configured on an interface and DVMRP neighbors are discovered, the Cisco IOS software sends DVMRP report messages for directly connected networks. The ip dvmrp metric command enables DVMRP report messages for multicast destinations that match the access list. Usually, the metric for these routes is 1. Under certain circumstances, you might want to tailor the metric used for various unicast routes. This command lets you configure the metric associated with a set of destinations for report messages sent out this interface.
You can use the access-list-number argument in conjunction with the protocol and process-id arguments to selectively list the destinations learned from a given routing protocol.
To display DVMRP activity, use the debug ip dvmrp command.
Examples
The following example connects a PIM cloud to a DVMRP cloud. Access list 1 permits the sending of DVMRP reports to the DVMRP routers advertising all sources in the 172.16.35.0 network with a metric of 1. Access list 2 permits all other destinations, but the metric of 0 means that no DVMRP reports are sent for these destinations.
access-list 1 permit 172.16.35.0 0.0.0.255access-list 1 deny 0.0.0.0 255.255.255.255access-list 2 permit 0.0.0.0 255.255.255.255interface tunnel 0ip dvmrp metric 1 list 1ip dvmrp metric 0 list 2The following example redistributes IP Version 4 multicast routes into DVMRP neighbors with a metric of 1:
interface tunnel 0ip dvmrp metric 1 mbgpRelated Commands
debug ip dvmrp
Displays information on DVMRP packets received and sent.
ip dvmrp accept-filter
Configures an acceptance filter for incoming DVMRP reports.
ip extcommunity-list
To create an extended community access list and control access to it, use the ip extcommunity-list command in global configuration mode. To delete the community list, use the no form of this command.
ip extcommunity-list standard-list-number expanded-list-number {permit | deny} [regular-expression] [rt | soo extended-community-value]
no ip extcommunity-list
Syntax Description
Defaults
Once you permit a value for the community number, the community list defaults to an implicit deny for everything else that has not been permitted.
Command Modes
Global configuration
Command History
Usage Guidelines
Extended community attributes are used to configure, filter, and identify routes for virtual routing and forwarding instances (VRFs) and Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs).
The ip extcommunity-list command is used to configure extended community lists. All of the standard rules of access lists apply to the configuration of extended community lists. Regular expressions are supported by the expanded range of extended community list numbers. All regular expression configuration options are supported.
The route target (RT) extended community attribute is configured with the rt keyword. This attribute is used to identify a set of sites and VRFs that may receive routes that are tagged with the configured route target. Configuring the route target extended attribute with a route allows that route to be placed in the per-site forwarding tables that are used for routing traffic that is received from corresponding sites.
The site of origin (SOO) extended community attribute is configured with the soo keyword. This attribute uniquely identifies the site from which the Provider Edge (PE) router learned the route. All routes learned from a particular site must be assigned the same site of origin extended community attribute, regardless if a site is connected to a single PE router or multiple PE routers. Configuring this attribute prevents routing loops from occurring when a site is multihomed. The SOO extended community attribute is configured on the interface and is propagated into BGP through redistribution. The SOO can be applied to routes that are learned from VRFs. The SOO should not be configured for stub sites or sites that are not multihomed.
Examples
The following example configures an extended community list that will permit routes from route target 901:10 and site of origin 802:20 and deny routes from route target 703:30 and site of origin 604:40:
Router(config)# ip extcommunity-list 1 permit rt 901:10Router(config)# ip extcommunity-list 1 permit soo 802:20Router(config)# ip extcommunity-list 1 deny rt 703:30 soo 604:40The following example configures an extended community list (in the expanded range) that specifies that the BGP neighbor with IP address 192.168.1.1 is not sent advertisements about any path through or from autonomous system 123:
Router(config)# ip extcommunity-list 500 deny _123_Router(config)# ip extcommunity-list 500 deny ^123 .*Router(config)# router bgp 101Router(config-router)# network 172.16.0.0Router(config-router)# neighbor 10.140.6.6 remote-as 123Router(config-router)# neighbor 192.168.1.1 remote-as 47Router(config-router)# neighbor 10.125.1.1 filter-list 1 outThe following example configures an extended community list (in the expanded range) that permits routes from autonomous system 123 and denies all other routes:
Router(config)# ip extcommunity-list 500 permit (1-3)*Router(config)# ip extcommunity-list 500 deny (^0-9)*The following example configures an expanded extended community list that permits advertisements that contain a route target extended community attribute beginning with the pattern 100:.
Router(config)# ip extcommunity-list 101 permit RT:100:+
Note
For information about regular expressions and how to use them, see Regular Expressions.
Related Commands
ip fast-convergence
To reduce packet loss when the metric of a path is changed, or to fast-flood Intermediate System-to-Intermediate System (IS-IS) link-state packets (LSPs), use the ip fast-convergence command in router configuration mode. To disable packet loss reduction or fast-flooding, use the no version of this command.
ip fast-convergence
no ip fast-convergence
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
Router configuration
Command History
12.2(8)T
This command was introduced to reduce packet loss.
12.2(10)T
This command was modified to enable fast-flooding.
Usage Guidelines
To reduce packet loss when the metric of a path is changed, use the ip fast-convergence command. Entering the ip fast-convergence command is especially helpful when Multiprotocol Label Switching (MPLS) traffic engineering with Fast Reroute (FFR) is deployed.
If you are running Cisco IOS Release 12.2(11)T or a later release, you can enter the ip fast-convergence command to configure the router to flood the first five LSPs that invoke SPF before running SPF. When you speed up the LSP flooding process, you improve overall network convergence time. We recommend that you enable the fast-flooding of LSPs before the router runs the SPF computation, in order to achieve a faster convergence time.
Examples
In the following example, the ip fast-convergence command is entered to configure the router to flood the first five LSPs that invoke SPF, before the SPF computation is started. When the show running-configuration command is entered, the output confirms that fast-flooding has been enabled on the router.
Router> enableRouter# configure terminalRouter(config)# router isisRouter(config-router)# ip fast-convergenceRouter(config-router)# endRouter# show running-configurationfast-floodRelated Commands
ip hello-interval eigrp
To configure the hello interval for the Enhanced Interior Gateway Routing Protocol (EIGRP) routing process designated by an autonomous system number, use the ip hello-interval eigrp command in interface configuration mode. To restore the default value, use the no form of this command.
ip hello-interval eigrp as-number seconds
no ip hello-interval eigrp as-number seconds
Syntax Description
as-number
Autonomous system number.
seconds
Hello interval (in seconds). The range is from 1 to 65535.
Defaults
For low-speed, nonbroadcast multiaccess (NBMA) networks: 60 seconds
For all other networks: 5 seconds
Command Modes
Interface configuration
Command History
Usage Guidelines
The default of 60 seconds applies only to low-speed, NBMA media. Low speed is considered to be a rate of T1 or slower, as specified with the bandwidth interface configuration command. Note that for the purposes of EIGRP, Frame Relay and Switched Multimegabit Data Service (SMDS) networks may be considered to be NBMA. These networks are considered NBMA if the interface has not been configured to use physical multicasting; otherwise, they are considered not to be NBMA.
Examples
The following example sets the hello interval for Ethernet interface 0 to 10 seconds:
interface ethernet 0ip hello-interval eigrp 109 10Related Commands
ip hold-time eigrp
To configure the hold time for a particular Enhanced Interior Gateway Routing Protocol (EIGRP) routing process designated by the autonomous system number, use the ip hold-time eigrp command in interface configuration mode. To restore the default value, use the no form of this command.
ip hold-time eigrp as-number seconds
no ip hold-time eigrp as-number seconds
Syntax Description
Defaults
For low-speed, nonbroadcast multiaccess (NBMA) networks: 180 seconds
For all other networks: 15 seconds
Command Modes
Interface configuration
Command History
Usage Guidelines
On very congested and large networks, the default hold time might not be sufficient time for all routers and access servers to receive hello packets from their neighbors. In this case, you may want to increase the hold time.
We recommend that the hold time be at least three times the hello interval. If a router does not receive a hello packet within the specified hold time, routes through this router are considered unavailable.
Increasing the hold time delays route convergence across the network.
The default of 180 seconds hold time and 60 seconds hello interval apply only to low-speed, NBMA media. Low speed is considered to be a rate of T1 or slower, as specified with the bandwidth interface configuration command.
Examples
The following example sets the hold time for Ethernet interface 0 to 40 seconds:
interface ethernet 0ip hold-time eigrp 109 40Related Commands
ip local policy route-map
To identify a route map to use for local policy routing, use the ip local policy route-map command in global configuration mode. To disable local policy routing, use the no form of this command.
ip local policy route-map map-tag
no ip local policy route-map map-tag
Syntax Description
map-tag
Name of the route map to use for local policy routing. The name must match a map-tag value specified by a route-map command.
Defaults
Packets that are generated by the router are not policy routed.
Command Modes
Global configuration
Command History
Usage Guidelines
Packets that are generat
