-
Cisco IOS Switching Services Command Reference, Release 12.3
-
Introduction
-
Switching Commands: A through D
-
Switching Commands: enabled through ip flow ingress
-
Switching Commands: ip load-sharing through list
-
Switching Commands: mac-address-table aging-time through mpls ip encapsulate explicit-null
-
Switching Commands: mpls ip propagate-ttl through mpls request-labels for
-
Switching Commands: mpls traffic-eng through name server-atm-address
-
Switching Commands: neighbor activate through show cef timers
-
Switching Commands: show controllers vsi control-interface through show ip cache verbose flow
-
Switching Commands: show ip cef through show ip vrf
-
Switching Commands: show isis database verbose through show show mls rp vtp-domain
-
Switching Commands: show mpls atm-ldp bindings through show mpls traffic-eng link-management summary
-
Switching Commands: show mpls traffic-eng topology through show tag-switching tdp bindings
-
Switching Commands: show tag-switching tdp discovery through tag-switching tdp holdtime
-
Switching Commands: tunnel flow egress-records through vtp v2-mode
-
Table Of Contents
encapsulation (Any Transport over MPLS)
ip cef table adjacency-prefix override
ip cef table consistency-check
enabled (aggregation cache)
To enable a NetFlow accounting aggregation cache, use the enabled command in NetFlow aggregation cache configuration mode. To disable a NetFlow accounting aggregation cache, use the no form of this command.
enabled
no enabled
Syntax Description
This command has no arguments or keywords.
Defaults
No aggregation cache is enabled.
Command Modes
NetFlow aggregation cache configuration
Command History
Usage Guidelines
You must have NetFlow accounting configured on your router before you can use this command.
Examples
The following example shows how to enable a NetFlow protocol-port aggregation cache:
Router(config)# ip flow-aggregation cache protocol-port
Router(config-flow-cache)# enabledThe following example shows how to disable a NetFlow protocol-port aggregation cache:
Router(config)# ip flow-aggregation cache protocol-port
Router(config-flow-cache)# no enabledRelated Commands
encapsulation (Any Transport over MPLS)
To configure the ATM adaptation layer (AAL) for an Any Transport over MPLS (AToM) ATM permanent virtual circuit (PVC), use the encapsulation command in AToM VC configuration mode. To remove an encapsulation from an AToM PVC, use the no form of this command.
encapsulation layer-type
no encapsulation layer-type
Syntax Description
layer-type
The adaptation layer type. Possible values are:
aal5—ATM adaptation layer 5
aal0—ATM adaptation layer 0
Defaults
The default encapsulation is AAL5.
Command Modes
AToM VC configuration
Command History
Usage Guidelines
The pvc command and the encapsulation command work together. How you use the commands for AToM is slightly different than for all other applications. The following table shows the differences in how the commands are used:
The following list highlights the differences:
•
pvc command: For most applications, you create a PVC by using the pvc vpi/vci command. For AToM, you must add the l2transport keyword to the pvc command. The l2transport keyword enables the PVC to transport Layer 2 packets.
•
•
When you use the aal5 keyword, incoming cells (except Operation, Administration, and Maintenance [OAM] cells) on that PVC are treated as AAL5 encapsulated packets. The router reassembles the packet from the incoming cells. The router does not check the contents of the packet, so it does not need to know the encapsulation type (such as aal5snap, aal5mux, and so on). After imposing the Multiprotocol Label Switching (MPLS) label stack, the router sends the reassembled packet over the MPLS core network.
When you use the aal0 keyword, the router strips the header error control (HEC) byte from the cell header and adds the MPLS label stack. The router sends the cell over the MPLS core network.
Examples
The following example shows how to configure a PVC to transport ATM Cell Relay packets for AToM:
Router(config-if)# pvc 1/100 l2transportRouter(config-atm-vc)# encapsulation aal0Related Commands
encapsulation dot1q
To enable IEEE 802.1Q encapsulation of traffic on a specified subinterface in a virtual LAN (VLAN), use the encapsulation dot1q command in interface range mode.
encapsulation dot1q vlan-id [native]
Syntax Description
vlan-id
Virtual LAN identifier. The allowed range is from 1 to 4095.
native
(Optional) Sets the VLAN ID value of the port to the value specified by the vlan-id argument.
Defaults
IEEE 802.1Q encapsulation is disabled.
Command Modes
Interface range
Command History
Usage Guidelines
IEEE 802.1Q encapsulation is configurable on Fast Ethernet interfaces. IEEE 802.1Q is a standard protocol for interconnecting multiple switches and routers and for defining VLAN topologies.
Use the encapsulation dot1q command in interface range mode to apply a VLAN ID to each subinterface within the range specified by the interface range command. The VLAN ID specified by the vlan-id argument is applied to the first subinterface in the range. Each subsequent interface is assigned a VLAN ID, which is the specified vlan-id plus the subinterface number minus the first subinterface number (VLAN ID + subinterface number - first subinterface number).
Do not configure encapsulation on the native VLAN of an IEEE 802.1Q trunk without the native keyword. (Always use the native keyword when vlan-id is the ID of the IEEE 802.1Q native VLAN.)
Examples
The following example shows how to create the subinterfaces within the range 0.11 and 0.60 and apply VLAN ID 101 to the Fast Ethernet0/0.11 subinterface, VLAN ID 102 to Fast Ethernet0/0.12 (vlan-id = 101 + 12 - 11 = 102), and so on up to VLAN ID 150 to Fast Ethernet0/0.60 (vlan-id = 101 + 60 - 11 = 150):
Router(config)# interface range fastethernet0/0.11 - fastethernet0/0.60Router(config-int-range)# encapsulation dot1q 101Related Commands
encapsulation isl
To enable the Inter-Switch Link (ISL), use the encapsulation isl command in subinterface configuration mode.
encapsulation isl vlan-identifier
Syntax Description
Defaults
ISL is disabled.
Command Modes
Subinterface configuration
Command History
Usage Guidelines
ISL is a Cisco protocol for interconnecting multiple switches and routers, and for defining VLAN topologies.
ISL encapsulation is configurable on Fast Ethernet interfaces.
ISL encapsulation adds a 26-byte header to the beginning of the Ethernet frame. The header contains a 10-bit VLAN identifier that conveys VLAN membership identities between switches.
Examples
The following example shows how to enable ISL on Fast Ethernet subinterface 2/1.20:
Router(config)# interface FastEthernet 2/1.20Router(config-subif)# encapsulation isl 400Related Commands
encapsulation sde
To enable IEEE 802.10 encapsulation of traffic on a specified subinterface in virtual LANs (VLANs), use the encapsulation sde command in subinterface configuration mode.
encapsulation sde sa-id
Syntax Description
sa-id
Security association identifier. This value is used as the VLAN identifier. The valid range is from 0 to 0xFFFFFFFE.
Defaults
IEEE 802.10 encapsulation is disabled.
Command Modes
Subinterface configuration
Command History
Usage Guidelines
IEEE 802.10 is a standard protocol for interconnecting multiple switches and routers and for defining VLAN topologies.
Secure Data Exchange (SDE) encapsulation is configurable only on the following interface types:
•
•
–
–
–
–
–
Examples
The following example shows how to enable SDE on FDDI subinterface 2/0.1 and assigns a VLAN identifier of 9999:
Router(config)# interface fddi 2/0.1Router(config-subif)# encapsulation sde 9999Related Commands
exit-address-family
To exit from the address family configuration submode, use the exit-address-family command in address family configuration submode.
exit-address-family
Syntax Description
This command has no arguments or keywords.
Defaults
This command has no default behavior or values.
Command Modes
Address family configuration submode
Command History
Usage Guidelines
This command can be abbreviated to exit.
Examples
The following example shows how to exit the address family configuration mode:
(config-router-af)# exit-address-familyRelated Commands
address-family
Enters the address family submode for configuring routing protocols, such as BGP, RIP, and static routing.
export
To enable the exporting of NetFlow accounting information from NetFlow aggregation caches, use the export command in NetFlow aggregation cache configuration mode. To disable the export of NetFlow accounting information from NetFlow aggregation caches, use the no form of this command.
export {destination ip-address | hostname} udp-port | version [8 | 9] | template [refresh-rate packets | timeout-rate minutes]}
no export {destination ip-address | hostname} udp-port | version | template [refresh-rate | timeout-rate]}
Syntax Description
Defaults
A NetFlow aggregation cache export destination is not set.
The default version format is Version 8.
The default for refresh-rate is 20 packets.
The default for timeout-rate is 30 minutes.Command Modes
NetFlow aggregation cache configuration
Command History
Usage Guidelines
You must have NetFlow accounting configured on your router before you can use this command.
export destination
You can configure a maximum of two concurrent destinations per-cache using the destination keyword with the export command.
Determine the Appropriate Export Version for Your Requirements
NetFlow aggregation caches export data in UDP datagrams using either the Version 9 or Version 8 export format. Table 2 describe how to determine the most appropriate export format for your requirements.
NetFlow Version 9 Data Export Format Overview
The NetFlow Version 9 Export Format feature was introduced in Cisco IOS Release 12.0(24)S and was integrated into Cisco IOS Release 12.3(1) and Cisco IOS Release 12.2(18)S.
NetFlow Version 9 is a flexible and extensible means for transferring NetFlow records from a network node to a collector. NetFlow Version 9 has definable record types and is self-describing for easier NetFlow Collection Engine configuration.
Third-party business partners who produce applications that provide NetFlow Collection Engine or display services for NetFlow do not need to recompile their applications each time a new NetFlow technology is added. Instead, with the NetFlow v9 Export Format feature, they can use an external data file that documents the known template formats and field types.
NetFlow Version 9 has the following characteristics:
•
•
•
•
NetFlow Version 9 Template-Based Flow Record Format
The main feature of NetFlow Version 9 export format is that it is template based. A template describes a NetFlow record format and the attributes of the fields (such as type and length) within the record. The router assigns each template an ID, which is communicated to the NetFlow Collection Engine along with the template description. The template ID is used for all further communication from the router to the NetFlow Collection Engine.
NetFlow Version 9 Export Flow Records
The basic output of NetFlow is a flow record. In NetFlow Version 9 export format, a flow record follows the same sequence of fields that is found in the template definition. The template to which NetFlow flow records belong is determined by the prefixing of the template ID to the group of NetFlow flow records that belong to a template. For a complete discussion of existing NetFlow flow-record formats, see the NetFlow Services Solutions Guide.
NetFlow Version 9 Export Packet
In NetFlow Version 9, an export packet consists of the packet header and flowsets. The packet header identifies identifies the NetFlow Export version'. Flowsets are of two types: template flowsets and data flowsets. The template flowset describes the fields that will be in the data flowsets (or flow records). Each data flowset contains the values or statistics of one or more flows that have the same template ID. When the NetFlow Collection Engine receives a template flowset, it stores the flowset and export source address so that subsequent data flowsets that match the flowset ID and source combination are parsed according to the field definitions in the template flowset. Version 9 is supported by NetFlow Collection Engine Version 4.0.
For a complete description of the Version 9 packet headers, template flowsets, and data flowsets, see the Cisco IOS NetFlow Version 9 Flow-Record Format white paper.
NetFlow Version 8 Data Export Format Overview
The Version 8 data export format is the NetFlow export format used when the router-based NetFlow aggregation feature is enabled on Cisco IOS router platforms. The Version 8 format allows for export datagrams to contain a subset of the Version 5 export data that is based on the configured aggregation cache scheme. For example, a certain subset of the Version 5 export data is exported for the destination prefix aggregation scheme, and a different subset is exported for the source-prefix aggregation scheme.
The Version 8 export format was introduced in Cisco IOS 12.0(3)T for the Cisco IOS NetFlow Aggregation feature. An additional six aggregation schemes that also use Version 8 format were defined for the NetFlow ToS-Based Router Aggregation feature introduced in Cisco IOS 12.0(15)S and integrated into Cisco IOS Releases 12.2(4)T and 12.2(14)S.
The Version 8 datagram consists of a header with the version number (which is 8) and time stamp information, followed by one or more records corresponding to individual entries in the NetFlow cache.
Table 3 lists the NetFlow Version 8 export packet header field names and descriptions.
For version 8 data exports, the maximum number of aggregated flow records and the maximum size in bytes of each UDP datagram are shown in Table 4.
Examples
The following example shows how to configure two export destinations for a NetFlow accounting protocol-port aggregation cache scheme:
Router(config)# ip flow-aggregation cache protocol-portRouter(config-flow-cache)# export destination 10.41.41.1 9992Router(config-flow-cache)# export destination 172.16.89.1 9992Router(config-flow-cache)# enabled'The following example shows how to configure the Version 9 template refresh-rate and timeout-rate parameters for a NetFlow accounting protocol-port aggregation cache scheme:
Router(config)# ip flow-aggregation cache protocol-portRouter(config-flow-cache)# version 9Router(config-flow-cache)# export template refresh-rate 100Router(config-flow-cache)# export template timeout-rate 120Router(config-flow-cache)# enabledRelated Commands
export map
To associate an export map with a VPN Routing and Forwarding (VRF) instance, use the export map command in VRF configuration mode.
export map route-map
Syntax Description
Defaults
No default behavior or values
Command Modes
IP VPN Routing/Forwarding configuration mode
Command History
Usage Guidelines
The export map command is used to associate a route map with the specified VRF. The export map is used to filter routes that are eligible for export out of a VRF, based on the route target extended community attributes of the route. Only one export route map can be configured for a VRF.
An export route map can be used when an application requires finer control over the routes that are exported out of a VRF than the control that is provided by import and export extended communities configured for the importing and exporting VRFs.
Examples
In the following example, an export is configured under the VRF and an access list and route map are configured to specify which prefixes are exported:
Router(config)# ip vrf REDRouter(config-vrf)# rd 1:1Router(config-vrf)# export map BLUERouter(config-vrf)# route-target import 2:1Router(config-vrf)# exitRouter(config)# access-list 1 permit 192.168.0.0 0.0.255.255Router(config)# route-map BLUE permit 10Router(config-route-map)# match ip address 1Router(config-route-map)# set extcommunity rt 2:1Router(config-route-map)# endRelated Commands
extended-port
To associate the currently selected extended Multiprotocol Label Switching (MPLS) ATM (XTagATM) interface with a particular external interface on the remotely controlled ATM switch, use the extended-port command in interface configuration mode.
extended-port ctrl-if {bpx bpx-port-number | descriptor vsi-descriptor | vsi vsi-port-number}
Syntax Description
Defaults
Extended MPLS ATM interfaces are not associated.
Command Modes
Interface configuration
Command History
Usage Guidelines
The extended-port interface configuration command associates an XTagATM interface with a particular external interface on the remotely controlled ATM switch. The three alternate forms of the command permit the external interface on the controlled ATM switch to be specified in three different ways.
Examples
The following example shows how to associate an extended MPLS ATM interface and bind it to BPX port 2.3:
ATM(config)# interface XTagATM23ATM(config-if)# extended-port atm0/0 bpx 2.3The following example shows how to associate an extended MPLS ATM interface and bind it to port 2.4:
ATM(config)# interface XTagATM24ATM(config-if)# extended-port atm0/0 descriptor 0.2.4.0The following example shows how to associate an extended MPLS ATM interface and binds it to port 1622:
ATM(config)# interface XTagATM1622ATM(config-if)# extended-port atm0/0 vsi 0x00010614Related Commands
interface XTagATM
Enters interface configuration mode for an extended MPLS ATM (XTagATM) interface.
show controller vsi status
Displays a summary of each VSI-controlled interface.
holding-time
To specify the holding time value for the MPS-p7 variable of a Multiprotocol over ATM server (MPS), use the holding-time command in MPS configuration mode. To revert to the default value, use the no form of this command.
holding-time seconds
no holding-time seconds
Syntax Description
Defaults
The default holding time is 1200 seconds (20 minutes).
Command Modes
MPS configuration
Command History
Examples
The following example shows how to set the holding time to 600 seconds (10 minutes):
holding-time 600import map
To configure an import route map for a Virtual Private Network (VPN) routing/forwarding instance (VRF), use the import map command in VRF configuration submode.
import map route-map
Syntax Description
Defaults
No import route map is configured for a VRF.
Command Modes
VRF configuration submode
Command History
Usage Guidelines
Use an import route map when an application requires finer control over the routes imported into a VRF than provided by the import and export extended communities configured for the importing and exporting VRF.
The import map command associates a route map with the specified VRF. You can use a route map to filter routes that are eligible for import into a VRF, based on the route target extended community attributes of the route. The route map might deny access to selected routes from a community that is on the import list.
The import map command does not replace the need for a route-target import in the VRF configuration. You use the import map command to further filter prefixes that match a route-target import statement in that VRF.
Examples
The following example shows how to configure an import route map for a VRF:
Router(config)# ip vrf vrf_blueRouter(config-vrf)# import map blue_import_mapRelated Commands
ip vrf
Configures a VRF routing table.
route-target
Creates a route-target extended community for a VRF.
show ip vrf
Displays the set of defined VRFs and associated interfaces.
index
To insert or modify a path entry at a specific index, use the index command in IP explicit path configuration mode. To remove the path entry at the specified index, use the no form of this command.
index index command
no index index
Syntax Description
Defaults
This command is disabled by default.
Command Modes
IP explicit path configuration
Command History
Examples
The following example shows how to insert the next address at index 6:
Router(cfg-ip-expl-path)# index 6 next-address 3.3.29.3Explicit Path identifier 6:6: next-address 3.3.29.3Related Commands
interface xtagatm
To create an extended Multiprotocol Label Switching (MPLS) ATM (XTagATM) interface, use the interface xtagatm command in global configuration mode.
interface xtagatm interface-number
Syntax Description
Defaults
XTagATM interfaces are not created.No default behavior or values.
Command Modes
Global configuration
Command History
12.0(5)T
This command was introduced.
12.2(4)T
This command was updated to reflect the MPLS IETF terminology.
Usage Guidelines
XTagATM interfaces are virtual interfaces that are created on reference-like tunnel interfaces. An XTagATM interface is created the first time the interface xtagatm command is issued for a particular interface number. These interfaces are similar to ATM interfaces, except that the former only supports LC-ATM encapsulation.
Examples
The following example shows how to create an XTagATM interface with interface number 62:
Router(config)# interface xtagatm62Related Commands
extended-port
Associates the currently selected extended XTagATM interface with a remotely controlled switch.
ip cache-invalidate-delay
To control the invalidation rate of the IP route cache, use the ip cache-invalidate-delay command in global configuration mode. To allow the IP route cache to be immediately invalidated, use the no form of this command.
ip cache-invalidate-delay [minimum maximum quiet threshold]
no ip cache-invalidate-delay
Syntax Description
Defaults
minimum: 2 seconds
maximum: 5 seconds, and 3 seconds with no more than zero invalidation requestsCommand Modes
Global configuration
Command History
Usage Guidelines
After you enter the ip cache-invalidate-delay command all cache invalidation requests are honored immediately.
Caution
The IP fast-switching and autonomous-switching features maintain a cache of IP routes for rapid access. When a packet is to be forwarded and the corresponding route is not present in the cache, the packet is process switched and a new cache entry is built. However, when routing table changes occur (such as when a link or an interface goes down), the route cache must be flushed so that it can be rebuilt with up-to-date routing information.
This command controls how the route cache is flushed. The intent is to delay invalidation of the cache until after routing has settled down. Because route table changes tend to be clustered in a short period of time, and the cache may be flushed repeatedly, a high CPU load might be placed on the router.
When this feature is enabled, and the system requests that the route cache be flushed, the request is held for at least minimum seconds. Then the system determines whether the cache has been "quiet" (that is, less than threshold invalidation requests in the last quiet seconds). If the cache has been quiet, the cache is then flushed. If the cache does not become quiet within maximum seconds after the first request, it is flushed unconditionally.
Manipulation of these parameters trades off CPU utilization versus route convergence time. Timing of the routing protocols is not affected, but removal of stale cache entries is affected.
Examples
The following example shows how to set a minimum delay of 5 seconds, a maximum delay of 30 seconds, and a quiet threshold of no more than 5 invalidation requests in the previous 10 seconds:
Router(config)# service internalRouter(config)# ip cache-invalidate-delay 5 30 10 5Related Commands
ip cef
To enable Cisco Express Forwarding (CEF) on the route processor card, use the ip cef command in global configuration mode. To disable CEF, use the no form of this command.
ip cef [distributed] [accounting type | load-sharing algorithm algorithm | table type | traffic-statistics]
no ip cef [distributed] [accounting type | load-sharing algorithm algorithm | table type | traffic-statistics]
Syntax Description
Defaults
CEF is disabled by default, excluding these platforms:
•
•
•
•
•
Command Modes
Global configuration
Command History
Usage Guidelines
The ip cef command is not available on the Cisco 12000 series because that router series operates only in dCEF mode.
CEF is advanced Layer 3 IP switching technology. CEF optimizes network performance and scalability for networks with dynamic, topologically dispersed traffic patterns, such as those associated with web-based applications and interactive sessions.
If you enable CEF and then create an access list that uses the log keyword, the packets that match the access list are not CEF switched. They are fast switched. Logging disables CEF.
Use the ip cef command to control whether voice is switched on the router.
Examples
The following example shows how to enable standard CEF operation:
Router(config)# ip cefThe following example shows how to enables dCEF operation:
Router(config)# ip cef distributedThe following example shows IP CEF configured for load sharing using the original algorithm:
Router(config)# ip cef load-sharing algorithm originalRelated Commands
ip cef accounting
To enable Cisco Express Forwarding (CEF) network accounting, use the ip cef accounting command in global configuration mode or interface configuration mode. To disable network accounting of CEF, use the no form of this command.
ip cef accounting {[non-recursive] [per-prefix] [prefix-length]}
no ip cef accounting {[non-recursive] [per-prefix] [prefix-length]}
