-
Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services, Release 12.3 T
-
Introduction
-
IP Addressing and Services Commands: A through C
-
IP Addressing and Services Commands: D through H
-
IP Addressing and Services Commands: idle through ip local-proxy-arp
-
IP Addressing and Services Commands: ip mask-reply through ip web-cache redirect
-
IP Addressing and Services Commands: L through R
-
IP Addressing and Services Commands: serverfarm through show ip nat
-
IP Addressing and Services Commands: show ip nhrp through synguard
-
IP Addressing and Services Commands: T through W
-
Table Of Contents
show ip dhcp relay information trusted-sources
show ip dhcp server statistics
serverfarm
To associate a real server farm with a virtual server, use the serverfarm command in SLB virtual server configuration mode. To remove the server farm association from the virtual server configuration, use the no form of this command.
serverfarm serverfarm-name
no serverfarm
Syntax Description
serverfarm-name
Name of a server farm that has already been defined using the ip slb serverfarm command.
Defaults
No default behavior or values.
Command Modes
SLB virtual server configuration
Command History
12.0(7)XE
This command was introduced.
12.1(5)T
This command was integrated into Cisco IOS Release 12.1(5)T.
Examples
The following example shows how the ip slb vserver, virtual, and serverfarm commands are used to associate the real server farm named PUBLIC with the virtual server named PUBLIC_HTTP:
ip slb vserver PUBLIC_HTTPvirtual 10.0.0.1 tcp wwwserverfarm PUBLICRelated Commands
show ip slb vservers
Displays information about the virtual servers.
virtual
Configures the virtual server attributes.
service dhcp
To enable the Cisco IOS Dynamic Host Configuration Protocol (DHCP) server and relay agent features on your router, use the service dhcp command in global configuration mode. To disable the Cisco IOS DHCP server and relay agent features, use the no form of this command.
service dhcp
no service dhcp
Syntax Description
This command has no arguments or keywords.
Defaults
Enabled
Command Modes
Global configuration
Command History
Usage Guidelines
The BOOTP and DHCP servers in Cisco IOS software both use the ICMP port (port 67) by default. ICMP "port unreachable messages" will only be returned to the sender if both the BOOTP server and DHCP server are disabled. Disabling only one of the servers will not result in ICMP port unreachable messages.
Examples
The following example enables DHCP services on the DHCP server:
service dhcpservice-module ip redundancy
To link the primary HSRP interface status to that of the satellite interface, use the service-module ip redundancy command in satellite interface configuration mode. To remove the link between the primary HSRP interface status and the satellite interface status, use the no form of this command.
service module ip redundancy group-name
no service module ip redundancy group-name
Syntax Description
group-name
Name of the hot standby group. This name must match the hot standby group name configured for the router's primary HSRP interface, which is typically an Ethernet interface.
Defaults
The Hot Standby Router Protocol (HSRP) is disabled.
Command Modes
Satellite interface configuration
Command History
Usage Guidelines
Use the service-module ip redundancy command only when you have two Cisco IP VSAT satellite WAN network modules (NM-1VSAT-GILAT) on separate HSRP-redundant routers that connect to the same outdoor unit (ODU).
This command enables the satellite interface to spoof the line protocol UP state.
Examples
The following example shows how to link the primary HSRP interface status to that of the satellite interface:
Router(config-if)# service-module ip redundancy grp-hsrpRelated Commands
set ip next-hop dynamic dhcp
To set the next hop to the gateway that was most recently learned by the DHCP client, use the set ip next-hop dynamic dhcp command in route-map configuration mode. To restore the default setting, use the no form of this command.
set ip next-hop dynamic dhcp
no set ip next-hop dynamic dhcp
Syntax Description
This command has no arguments or keywords.
Defaults
This command is disabled by default.
Command Modes
Route-map configuration
Command History
12.3(2)XE
This command was introduced.
12.3(8)T
This command was integrated into Cisco IOS Release 12.3(8)T.
Usage Guidelines
The set ip next-hop dynamic dhcp command currently supports only a single DHCP interface. If multiple interfaces have DHCP configured, the gateway that was most recently learned among all interfaces running DHCP will be used by the route map.
Examples
The following example configures a local routing policy that sets the next hop to the gateway that was most recently learned by the DHCP client:
access list 101 permit icmp any host 172.16.23.7 echoroute map MY_LOCAL_POLICY permit 10match ip address 101set ip next-hop dynamic dhcp!ip local policy route-map MY_LOCAL_POLICYRelated Commands
show access-list compiled
To display a table showing Turbo Access Control Lists (ACLs), use the show access-list compiled command in EXEC mode.
show access-list compiled
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXECCommand History
12.0(6)S
This command was introduced.
12.1(1)E
This command was introduced for Cisco 7200 series routers.
12.1(5)T
This command was integrated into Cisco IOS
Release 12.1(5)T.
Usage Guidelines
This command is used to display the status and condition of the Turbo ACL tables associated with each access list. The memory usage is displayed for each table; large and complex access lists may require substantial amounts of memory. If the memory usage is greater than the memory available, you can disable the Turbo ACL feature so that memory exhaustion does not occur, but the acceleration of the access lists is not then enabled.
Examples
The following is partial sample output from the show access-list compiled command:
Router# show access-list compiledCompiled ACL statistics:12 ACLs loaded, 12 compiled tablesACL State Tables Entries Config Fragment Redundant Memory1 Operational 1 2 1 0 0 1Kb2 Operational 1 3 2 0 0 1Kb3 Operational 1 4 3 0 0 1Kb4 Operational 1 3 2 0 0 1Kb5 Operational 1 5 4 0 0 1Kb9 Operational 1 3 2 0 0 1Kb20 Operational 1 9 8 0 0 1Kb21 Operational 1 5 4 0 0 1Kb101 Operational 1 15 9 7 2 1Kb102 Operational 1 13 6 6 0 1Kb120 Operational 1 2 1 0 0 1Kb199 Operational 1 4 3 0 0 1KbFirst level lookup tables:Block Use Rows Columns Memory used0 TOS/Protocol 6/16 12/16 660481 IP Source (MS) 10/16 12/16 660482 IP Source (LS) 27/32 12/16 1320963 IP Dest (MS) 3/16 12/16 660484 IP Dest (LS) 9/16 12/16 660485 TCP/UDP Src Port 1/16 12/16 660486 TCP/UDP Dest Port 3/16 12/16 660487 TCP Flags/Fragment 3/16 12/16 66048Related Commands
show access-lists
To display the contents of current access lists, use the show access-lists command in privileged EXEC mode.
show access-lists [access-list-number | access-list-name]
Syntax Description
access-list-number
(Optional) Number of the access list to display. The system displays all access lists by default.
access-list-name
(Optional) Name of the IP access list to display.
Defaults
The system displays all access lists.
Command Modes
Privileged EXEC
Command History
Examples
The following is sample output from the show access-lists command when access list 101 is specified:
Router# show access-lists 101Extended IP access list 101permit tcp host 198.92.32.130 any established (4304 matches) check=5permit udp host 198.92.32.130 any eq domain (129 matches)permit icmp host 198.92.32.130 anypermit tcp host 198.92.32.130 host 171.69.2.141 gt 1023permit tcp host 198.92.32.130 host 171.69.2.135 eq smtp (2 matches)permit tcp host 198.92.32.130 host 198.92.30.32 eq smtppermit tcp host 198.92.32.130 host 171.69.108.33 eq smtppermit udp host 198.92.32.130 host 171.68.225.190 eq syslogpermit udp host 198.92.32.130 host 171.68.225.126 eq syslogdeny ip 150.136.0.0 0.0.255.255 224.0.0.0 15.255.255.255deny ip 171.68.0.0 0.1.255.255 224.0.0.0 15.255.255.255 (2 matches) check=1deny ip 172.24.24.0 0.0.1.255 224.0.0.0 15.255.255.255deny ip 192.82.152.0 0.0.0.255 224.0.0.0 15.255.255.255deny ip 192.122.173.0 0.0.0.255 224.0.0.0 15.255.255.255deny ip 192.122.174.0 0.0.0.255 224.0.0.0 15.255.255.255deny ip 192.135.239.0 0.0.0.255 224.0.0.0 15.255.255.255deny ip 192.135.240.0 0.0.7.255 224.0.0.0 15.255.255.255deny ip 192.135.248.0 0.0.3.255 224.0.0.0 15.255.255.255An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match.
The following is sample output from the show access-lists command when the Turbo Access Control List (ACL) feature is configured on all of the following access lists.
Note
The permit and deny information displayed by the show access-lists command may not be in the same order as that entered using the access-list command
Router# show access-listsStandard IP access list 1 (Compiled)deny anyStandard IP access list 2 (Compiled)deny 192.168.0.0, wildcard bits 0.0.0.255permit anyStandard IP access list 3 (Compiled)deny 0.0.0.0deny 192.168.0.1, wildcard bits 0.0.0.255permit anyStandard IP access list 4 (Compiled)permit 0.0.0.0permit 192.168.0.2, wildcard bits 0.0.0.255The following is sample output from the show access-lists command that shows information for IPv6 access lists when IPv6 is configured on the network:
Router# show access-listsIPv6 access list list2deny ipv6 FEC0:0:0:2::/64 any sequence 10permit ipv6 any any sequence 20For information on how to configure access lists, refer to the "Configuring IP Services" chapter of the Cisco IOS IP Configuration Guide.
For information on how to configure dynamic access lists, refer to the "Traffic Filtering and Firewalls" part of the Cisco IOS Security Configuration Guide.
Related Commands
show arp
To display the entries in the Address Resolution Protocol (ARP) table, use the show arp privileged EXEC command.
show arp
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Examples
The following is sample output from the show arp command:
Router# show arpProtocol Address Age (min) Hardware Addr Type InterfaceInternet 131.108.42.112 120 0000.a710.4baf ARPA Ethernet3AppleTalk 4028.5 29 0000.0c01.0e56 SNAP Ethernet2Internet 131.108.42.114 105 0000.a710.859b ARPA Ethernet3AppleTalk 4028.9 - 0000.0c02.a03c SNAP Ethernet2Internet 131.108.42.121 42 0000.a710.68cd ARPA Ethernet3Internet 131.108.36.9 - 0000.3080.6fd4 SNAP TokenRing0AppleTalk 4036.9 - 0000.3080.6fd4 SNAP TokenRing0Internet 131.108.33.9 - 0000.0c01.7bbd SNAP Fddi0Table 4 describes the significant fields shown in the display.
show glbp
To display Gateway Load Balancing Protocol (GLBP) information, use the show glbp command in privileged EXEC mode.
show glbp [interface-type interface-number] [group-number] [state] [brief]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use the show glbp command to display information about GLBP groups on a router. The brief keyword displays a single line of information about each virtual gateway or virtual forwarder.
Examples
The following is sample output from the show glbp command:
Router# show glbpFastEthernet0/0 - Group 10State is Active2 state changes, last state change 23:50:33Virtual IP address is 10.21.8.10Hello time 5 sec, hold time 18 secNext hello sent in 4.300 secsRedirect time 600 sec, forwarder time-out 7200 secAuthentication MD5, key "ThisStringIsTheSecretKey"Preemption enabled, min delay 60 secActive is localStandby is unknownPriority 254 (configured)Weighting 105 (configured 110), thresholds: lower 95, upper 105Track object 2 state Down decrement 5Load balancing: host-dependentThere is 1 forwarder (1 active)Forwarder 1State is Active1 state change, last state change 23:50:15MAC address is 0007.b400.0101 (default)Owner ID is 0005.0050.6c08Redirection enabledPreemption enabled, min delay 60 secActive is local, weighting 105The following is sample output from the show glbp command with the brief keyword specified:
Router# show glbp briefInterface Grp Fwd Pri State Address Active router Standby routerFa0/0 10 - 254 Active 10.21.8.10 local unknownFa0/0 10 1 7 Active 0007.b400.0101 local -The following is sample output from the show glbp command that displays GLBP group 10:
Router# show glbp 10FastEthernet0/0 - Group 10State is Active2 state changes, last state change 23:50:33Virtual IP address is 10.21.8.10Hello time 5 sec, hold time 18 secNext hello sent in 4.300 secsRedirect time 600 sec, forwarder time-out 7200 secAuthentication MD5, key "ThisStringIsTheSecretKey"Preemption enabled, min delay 60 secActive is localStandby is unknownPriority 254 (configured)Weighting 105 (configured 110), thresholds: lower 95, upper 105Track object 2 state Down decrement 5Load balancing: host-dependentThere is 1 forwarder (1 active)Forwarder 1State is Active1 state change, last state change 23:50:15MAC address is 0007.b400.0101 (default)Owner ID is 0005.0050.6c08Redirection enabledPreemption enabled, min delay 60 secActive is local, weighting 105The following is sample output from the show glbp command with the brief keyword specified:
Router# show glbp briefInterface Grp Fwd Pri State Address Active router Standby routerFa0/0 10 - 254 Active 10.21.8.10 local unknownFa0/0 10 1 7 Active 0007.b400.0101 local -The following output shows that the redundancy name has been assigned to the "glbp1" group:
Router# show glbp ethernet0/1 1
Ethernet0/1 - Group 1
State is Listen
64 state changes, last state change 00:00:54
Virtual IP address is 10.1.0.7
Hello time 50 msec, hold time 200 msec
Next hello sent in 0.030 secs
Redirect time 600 sec, forwarder time-out 14400 sec
Authentication text "authword"
Preemption enabled, min delay 0 sec
Active is 10.1.0.2, priority 105 (expires in 0.184 sec)
Standby is 10.1.0.3, priority 100 (expires in 0.176 sec)
Priority 96 (configured)
Weighting 100 (configured 100), thresholds: lower 95, upper 100
Track object 1 state Up decrement 10
Load balancing: round-robin
IP redundancy name is "glbp1"
Group members:
0004.4d83.4801 (10.0.0.0)
0010.7b5a.fa41 (10.0.0.1)
00d0.bbd3.bc21 (10.0.0.2) local
Table 5 describes the significant fields shown in the displays.
Related Commands
show hosts
To display the default domain name, the style of name lookup service, a list of name server hosts, and the cached list of host names and addresses, use the show hosts command in EXEC mode.
show hosts
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
10.0
This command was introduced.
12.2(4)T
This command was updated to support the Cisco modem user interface feature.
Examples
The following is sample output from the show hosts command:
Router# show hostsDefault domain is CISCO.COMName/address lookup uses domain serviceName servers are 255.255.255.255Host Flag Age Type Address(es)SLAG.CISCO.COM (temp, OK) 1 IP 172.20.4.10CHAR.CISCO.COM (temp, OK) 8 IP 192.168.7.50CHAOS.CISCO.COM (temp, OK) 8 IP 172.20.1.115DIRT.CISCO.COM (temp, EX) 8 IP 172.20.1.111DUSTBIN.CISCO.COM (temp, EX) 0 IP 172.20.1.27DREGS.CISCO.COM (temp, EX) 24 IP 172.20.1.30Table 6 describes the significant fields shown in the display.
The following is sample output from a router when a modem telephone number is mapped to an IP host address for the Cisco modem user interface feature using the ip host global configuration command:
Router# show hostsDefault domain is not setName/address lookup uses domain serviceName servers are 255.255.255.255Codes: u - unknown, e - expired, * - OK, ? - revalidatet - temporary, p - permanentHost Age Type Address(es)*p p4085554567 0 IP 1.2.1.6*p t4085551234 0 IP 1.2.1.5Under the Host field, a "p" preceding the number indicates a pulse-dialed modem telephone number, and a "t" indicates a tone-dialed modem telephone number. The IP address mapped to the telephone number appears under the Address(es) field. See Table 6 for descriptions of the other fields seen in this display.
Related Commands
clear arp interface
Deletes entries from the host name-to-address cache.
ip helper-address
Defines a static host-name-to-address mapping in the host cache.
show interface mac
To display MAC accounting information for interfaces configured for MAC accounting, use the show interface mac command in user EXEC or privileged EXEC mode.
show interface [type number] mac
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
The show interface mac command displays information for one interface, when specified, or all interfaces configured for MAC accounting.
For incoming packets on the interface, the accounting statistics are gathered before the committed access rate (CAR)/distributed committed access rate (DCAR) functionality is performed on the packet. For outgoing packets on the interface, the accounting statistics are gathered after the CAR output, and before DCAR output or distributed weighted random early detection (DWRED) or distributed weighted fair queuing (DWFQ) functionality is performed on the packet.
Therefore, if DCAR or DWRED is performed on the interface and packets are dropped, the dropped packets are still counted in the show interface mac command.
The maximum number of MAC addresses that can be stored for the input and output addresses is 512 each. After the maximum is reached, subsequent MAC addresses are ignored.
To clear the accounting statistics, use the clear counter EXEC command. To configure an interface for IP accounting based on the MAC address, use the ip accounting mac-address interface configuration command.
Examples
The following is sample output from the show interface mac command:
Router# show interface ethernet 0/1/1 macEthernet0/1/1Input (511 free)0007.f618.4449(228): 4 packets, 456 bytes, last: 2684ms agoTotal: 4 packets, 456 bytesOutput (511 free)0007.f618.4449(228): 4 packets, 456 bytes, last: 2692ms agoTotal: 4 packets, 456 bytesTable 7 describes the significant fields shown in the display.
Related Commands
ip accounting mac-address
Enables IP accounting on any interface based on the source and destination MAC address.
show interface precedence
To display precedence accounting information for interfaces configured for precedence accounting, use the show interface precedence command in user EXEC or privileged EXEC mode.
show interface [type number] precedence
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
The show interface precedence command displays information for one interface, when specified, or all interfaces configured for IP precedence accounting.
For incoming packets on the interface, the accounting statistics are gathered before the committed access rate (CAR)/distributed committed access rate (DCAR) functionality is performed on the packet. For outgoing packets on the interface, the accounting statistics are gathered after the CAR output, and before DCAR output or distributed weighted random early detection (DWRED) or distributed weighted fair queuing (DWFQ) functionality is performed on the packet. Therefore, if DCAR or DWRED is performed on the interface and packets are dropped, the dropped packets are still counted in the show interface mac command.
To clear the accounting statistics, use the clear counter EXEC command.
To configure an interface for IP accounting based on IP precedence, use the ip accounting precedence interface configuration command.
Examples
The following is sample output from the show interface precedence command. In this example, the total packet and byte counts are calculated for the interface that receives (input) or sends (output) IP packets and sorts the results based on IP precedence.
Router# show interface ethernet 0/1/1 precedenceEthernet0/1/1InputPrecedence 0: 4 packets, 456 bytesOutputPrecedence 0: 4 packets, 456 bytesTable 8 describes the fields shown in the display.
Related Commands
ip accounting precedence
Enables IP accounting on any interface based on IP precedence.
show ip access-list
To display the contents of all current IP access lists, use the show ip access-list command in user EXEC or privileged EXEC mode.
show ip access-list [access-list-number | access-list-name | dynamic access-list-name]
Syntax Description
access-list-number
(Optional) Number of the IP access list to display.
access-list-name
(Optional) Name of the IP access list to display.
dynamic
(Optional) Lists dynamic IP access lists.
Defaults
All standard and extended IP access lists are displayed.
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
The show ip access-list command provides output identical to the show access-lists command, except that it is IP-specific and allows you to specify a particular access list.
Examples
The following is sample output from the show ip access-list command when all access lists are requested:
Router# show ip access-listExtended IP access list 101deny udp any any eq ntppermit tcp any anypermit udp any any eq tftppermit icmp any anypermit udp any any eq domainThe following is sample output from the show ip access-list command when the name of a specific access list is requested:
Router# show ip access-list InternetfilterExtended IP access list Internetfilterpermit tcp any 172.31.0.0 0.0.255.255 eq telnetdeny tcp any anydeny udp any 172.31.0.0 0.0.255.255 lt 1024deny ip any any logshow ip accounting
To display the active accounting or checkpointed database or to display access list violations, use the show ip accounting command in user EXEC or privileged EXEC mode.
show ip accounting [checkpoint] [output-packets | access-violations]
Syntax Description
Defaults
If neither the output-packets nor access-violations keyword is specified, the show ip accounting command displays information pertaining to packets that passed access control and were routed.
Command Modes
User EXEC
Privileged EXECCommand History
10.0
This command was introduced.
10.3
The output-packets and access-violations keywords were added.
Usage Guidelines
If you do not specify any keywords, the show ip accounting command displays information about the active accounting database.
To display IP access violations, you must use the access-violations keyword. If you do not specify the keyword, the command defaults to displaying the number of packets that have passed access lists and were routed.
To use this command, you must first enable IP accounting on a per-interface basis.
Examples
The following is sample output from the show ip accounting command:
The following is sample output from the show ip accounting command:
Router# show ip accountingSource Destination Packets Bytes172.16.19.40 192.168.67.20 7 306172.16.13.55 192.168.67.20 67 2749172.16.2.50 192.168.33.51 17 1111172.16.2.50 172.31.2.1 5 319172.16.2.50 172.31.1.2 463 30991172.16.19.40 172.16.2.1 4 262172.16.19.40 172.16.1.2 28 2552172.16.20.2 172.16.6.100 39 2184172.16.13.55 172.16.1.2 35 3020172.16.19.40 192.168.33.51 1986 95091172.16.2.50 192.168.67.20 233 14908172.16.13.28 192.168.67.53 390 24817172.16.13.55 192.168.33.51 214669 9806659172.16.13.111 172.16.6.23 27739 1126607172.16.13.44 192.168.33.51 35412 1523980192.168.7.21 172.163.1.2 11 824172.16.13.28 192.168.33.2 21 1762172.16.2.166 192.168.7.130 797 141054172.16.3.11 192.168.67.53 4 246192.168.7.21 192.168.33.51 15696 695635192.168.7.24 192.168.67.20 21 916172.16.13.111 172.16.10.1 16 1137accounting threshold exceeded for 7 packets and 433 bytesThe following is sample output from the show ip accounting access-violations command. The output pertains to packets that failed access lists and were not routed:
Router# show ip accounting access-violationsSource Destination Packets Bytes ACL172.16.19.40 192.168.67.20 7 306 77172.16.13.55 192.168.67.20 67 2749 185172.16.2.50 192.168.33.51 17 1111 140172.16.2.50 172.16.2.1 5 319 140172.16.19.40 172.16.2.1 4 262 77Accounting data age is 41Table 9 describes the significant fields shown in the displays.
Related Commands
show ip aliases
To display the IP addresses mapped to TCP ports (aliases) and Serial Line Internet Protocol (SLIP) addresses, which are treated similarly to aliases, use the show ip aliases EXEC command.
show ip aliases
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
To distinguish a SLIP address from a normal alias address, the command output uses the form SLIP TTY1 for the "port" number, where 1 is the auxiliary port.
Examples
The following is sample output from the show ip aliases command:
Router# show ip aliasesIP Address Port172.16.29.245 SLIP TTY1The display lists the IP address and corresponding port number.
Related Commands
show ip arp
To display the Address Resolution Protocol (ARP) cache, where Serial Line Internet Protocol (SLIP) addresses appear as permanent ARP table entries, use the show ip arp EXEC command.
show ip arp [ip-address] [host-name] [mac-address] [interface type number]
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
ARP establishes correspondences between network addresses (an IP address, for example) and LAN hardware addresses (Ethernet addresses). A record of each correspondence is kept in a cache for a predetermined amount of time and then discarded.
Examples
The following is sample output from the show ip arp command:
Router# show ip arpProtocol Address Age(min) Hardware Addr Type InterfaceInternet 172.16.233.22 9 0000.0c59.f892 ARPA Ethernet0/0Internet 172.16.233.21 8 0000.0c07.ac00 ARPA Ethernet0/0Internet 172.16.233.19 - 0000.0c63.1300 ARPA Ethernet0/0Internet 172.16.233.30 9 0000.0c36.6965 ARPA Ethernet0/0Internet 172.16.168.11 - 0000.0c63.1300 ARPA Ethernet0/0Internet 172.16.168.254 9 0000.0c36.6965 ARPA Ethernet0/0Table 10 describes the significant fields shown in the display.
show ip casa affinities
To display statistics about affinities, use the show ip casa affinities command in user EXEC or privileged EXEC mode.
show ip casa affinities [stats] | [saddr ip-address [detail]] | [daddr ip-address [detail]] | sport source-port [detail]] | dport destination-port [detail]] | protocol protocol [detail]]
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Examples
The following is sample output of the show ip casa affinities command:
The following is sample output of the show ip casa affinities command:
Router# show ip casa affinitiesAffinity TableSource Address Port Dest Address Port Prot172.16.36.118 1118 172.16.56.13 19 TCP172.16.56.13 19 172.16.36.118 1118 TCPThe following is sample output of the show ip casa affinities detail command:
Router# show ip casa affinities detailAffinity TableSource Address Port Dest Address Port Prot172.44.36.118 1118 172.16.56.13 19 TCPAction Details:Interest Addr: 172.16.56.19 Interest Port: 1638Interest Packet: 0x0102 SYN FRAGInterest Tickle: 0x0005 FIN RSTDispatch (Layer 2): YES Dispatch Address: 172.26.56.33Source Address Port Dest Address Port Prot172.16.56.13 19 172.16.36.118 1118 TCPAction Details:Interest Addr: 172.16.56.19 Interest Port: 1638Interest Packet: 0x0104 RST FRAGInterest Tickle: 0x0003 FIN SYNDispatch (Layer 2): NO Dispatch Address: 10.0.0.0Table 11 describes the significant fields shown in the display.
Related Commands
show ip casa oper
To display operational information about the forwarding agent, use the show ip casa oper command in user EXEC or privileged EXEC mode.
show ip casa oper
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXECCommand History
Examples
The following is sample output from the show ip casa oper command:
Router# show ip casa operCasa is ActiveCasa control address is 10.10.20.34/32Casa multicast address is 239.1.1.1Listening for wildcards on:Port:1637Current passwd:NONE Pending passwd:NONEPasswd timeout:180 sec (Default)Table 12 describes the significant fields shown in the display.
Related Commands
show ip casa stats
To display statistical information about the Forwarding Agent, use the show ip casa stats command in user EXEC or privileged EXEC mode.
show ip casa stats
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXECCommand History
Examples
The following is sample output of the show ip casa stats command:
Router# show ip casa statsCasa is active:Wildcard Stats:Wildcards: 6 Max Wildcards: 6Wildcard Denies: 0 Wildcard Drops: 0Pkts Throughput: 441 Bytes Throughput: 39120Affinity Stats:Affinities: 2 Max Affinities: 2Cache Hits: 444 Cache Misses: 0Affinity Drops: 0Casa Stats:Int Packet: 4 Int Tickle: 0Casa Denies: 0 Drop Count: 0Table 13 describes the significant fields shown in the display.
.
Related Commands
show ip casa wildcard
To display information about wildcard blocks, use the show ip casa wildcard command in user EXEC or privileged EXEC mode.
show ip casa wildcard [detail]
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Examples
TThe following is sample output from the show ip casa wildcard command:
Router# show ip casa wildcardSource Address Source Mask Port Dest Address Dest Mask Port Prot10.0.0.0 0.0.0.0 0 172.16.56.2 255.255.255.255 0 ICMP10.0.0.0 0.0.0.0 0 172.16.56.2 255.255.255.255 0 TCP10.0.0.0 0.0.0.0 0 172.16.56.13 255.255.255.255 0 ICMP10.0.0.0 0.0.0.0 0 172.16.56.13 255.255.255.255 0 TCP172.16.56.2 255.255.255.255 0 10.0.0.0 0.0.0.0 0 TCP172.16.56.13 255.255.255.255 0 10.0.0.0 0.0.0.0 0 TCPThe following is sample output from the show ip casa wildcard detail command:
Router# show ip casa wildcard detailSource Address Source Mask Port Dest Address Dest Mask Port Prot10.0.0.0 0.0.0.0 0 172.16.56.2 255.255.255.255 0 ICMPService Manager Details:Manager Addr: 172.16.56.19 Insert Time: 08:21:27 UTC 04/18/96Affinity Statistics:Affinity Count: 0 Interest Packet Timeouts: 0Packet Statistics:Packets: 0 Bytes: 0Action Details:Interest Addr: 172.16.56.19 Interest Port: 1638Interest Packet: 0x8000 ALLPKTSInterest Tickle: 0x0107 FIN SYN RST FRAGDispatch (Layer 2): NO Dispatch Address: 10.0.0.0Advertise Dest Address: YES Match Fragments: NOSource Address Source Mask Port Dest Address Dest Mask Port Prot10.0.0.0 0.0.0.0 0 172.16.56.2 255.255.255.255 0 TCPService Manager Details:Manager Addr: 172.16.56.19 Insert Time: 08:21:27 UTC 04/18/96Affinity Statistics:Affinity Count: 0 Interest Packet Timeouts: 0Packet Statistics:Packets: 0 Bytes: 0Action Details:Interest Addr: 172.16.56.19 Interest Port: 1638Interest Packet: 0x8102 SYN FRAG ALLPKTSInterest Tickle: 0x0005 FIN RSTDispatch (Layer 2): NO Dispatch Address: 10.0.0.0Advertise Dest Address: YES
Note
Table 14 describes significant fields shown in the display.
Related Commands
show ip ddns update
To display information about the Dynamic Domain Name System (DDNS) updates, use the show ip ddns update command in privileged EXEC mode.
show ip ddns update [interface]
Syntax Description
Command Modes
Privileged EXEC
Command History
12.3(8)YA
This command was introduced.
12.3(14)T
This command was integrated into Cisco IOS Release 12.3(14)T.
Examples
The following example shows the IP DDNS update method o loopback inteface 100 and the destination:
Router# show ip ddns updateDynamica DNS Update on Loopback100:Update Method Name Update Destinationtesting 10.1.2.3Related Commands
show ip ddns update method
To display information about the Dynamic Domain Name System (DDNS) update method, use the show ip ddns update method command in privileged EXEC mode.
show ip ddns update method [method-name]
Syntax Description
Command Modes
Privileged EXEC
Command History
12.3(8)YA
This command was introduced.
12.3(14)T
This command was integrated into Cisco IOS Release 12.3(14)T.
Examples
The following is sample output from the show ip ddns update method command:
Router# show ip ddns update methodDynamic DNS Update Method: testDynamic DNS update in IOS internal name cacheRelated Commands
show ip dfp
To display information about DFP agents and their subsystems, use the show ip dfp command in privileged EXEC command.
show ip dfp [agent subsystem-name] [detail]
Syntax Description
agent subsystem-name
(Optional) DFP agent information.
detail
(Optional) Detailed DFP agent information.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Detailed output for the show ip dfp command includes information about all DFP agents configured with ip slb agent commands, regardless of whether those agents are currently in service.
Examples
The following example shows to display detailed information for SLB:
Router# show ip dfp agent slbUnexpected errors: 0DFP Agent for service: SLBPort: 666 Interval: 10Current passwd: <none> Pending passwd: <none>Passwd timeout: 0Inservice: yes AppActive: yesManager IP Address Timeout------------------ -------172.16.45.27 0The following example shows detailed information for DFP agent slb:
Router# show ip dfp agent slb detailUnexpected errors: 0DFP Agent for service: SLBPort: 666 Interval: 10Current passwd: <none> Pending passwd: <none>Passwd timeout: 0Inservice: yes AppActive: yesManager IP Address Timeout------------------ -------172.16.45.27 0Weight Table Report for Agent SLBWeights for Port: 80 Protocol: TCPIP Address Bind ID Weight--------------- ------- -------10.1.1.1 0 65535Weights for Port: 0 (wildcard) Protocol: 0 (wildcard)IP Address Bind ID Weight--------------- ------- -------10.0.0.0 65534 0Bind ID Table Report for Agent SLBBind IDs for Port: 80 Protocol: TCPBind ID Client IP Client Mask------- --------------- ---------------0 10.0.0.0 0.0.0.0
Related Commands
show ip dhcp binding
To display address bindings on the Cisco IOS Dynamic Host Configuration Protocol (DHCP) server, use the show ip dhcp binding command in user or privileged EXEC mode.
show ip dhcp binding [ip-address]
Syntax Description
ip-address
(Optional) Specifies the IP address of the DHCP client for which bindings will be displayed.
Command Modes
User EXEC
Privileged EXECCommand History
12.0(1)T
This command was introduced.
12.0(15)T
Support to display allocated subnets was added to the output.
Usage Guidelines
This command is used to display DHCP binding information for IP address assignment and subnet allocation. If the address is not specified, all address bindings are shown. Otherwise, only the binding for the specified client is displayed. The output from this command displays binding information for individual IP address assignment and allocated subnets. The output that is generated for DHCP IP address assignment and subnet allocation is almost identical, except that subnet leases display an IP address followed by the subnet mask (which shows the size of the allocated subnet). Bindings for individual IP address only display an IP address and are not followed by a subnet mask.
Examples
IP Address Assignment Example
The following examples show the DHCP binding address parameters, including an IP address, an associated MAC address, a lease expiration date, and the type of address assignment that have occurred. Table 16 lists descriptions of the fields in each example.
Router# show ip dhcp binding 172.16.1.11IP address Hardware address Lease expiration Type172.16.1.11 00a0.9802.32de Feb 01 1998 12:00 AM AutomaticRouter# show ip dhcp binding 172.16.3.254IP address Hardware address Lease expiration Type172.16.3.254 02c7.f800.0422 Infinite Manual
Subnet Allocation Example
The following example shows the subnet lease to MAC address mapping, the lease expiration, and the lease type (subnet lease bindings are configured to be automatically created and released by default). The output that is generated for DHCP IP address assignment and subnet allocation is almost identical, except that subnet leases display an IP address followed by the subnet mask (which shows the size of the allocated subnet) in CIDR bit count notation. Bindings for an individual IP address only display an IP address and are not followed by a subnet mask. Table 17 lists descriptions of the fields in each example.
Router# show ip dhcp bindingBindings from all pools not associated with VRF:IP address Client-ID/ Lease expiration TypeHardware address/User name10.0.0.0/26 0063.6973.636f.2d64. Mar 29 2003 04:36 AM Automatic656d.6574.6572.2d47.4c4f.4241.4c
Related Commands
clear ip dhcp binding
Deletes an automatic address binding from the Cisco IOS DHCP server database.
show ip dhcp conflict
To display address conflicts found by a Cisco IOS Dynamic Host Configuration Protocol (DHCP) server when addresses are offered to the client, use the show ip dhcp conflict command in user EXEC or privileged EXEC mode.
show ip dhcp conflict [ip-address]
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
The server uses ping to detect conflicts. The client uses gratuitous Address Resolution Protocol (ARP) to detect clients. If an address conflict is detected, the address is removed from the pool and the address is not assigned until an administrator resolves the conflict.
Examples
The following example displays the detection method and detection time for all IP addresses the DHCP server has offered that have conflicts with other devices. Table 18 lists descriptions of the fields in the example.
Router# show ip dhcp conflictIP address Detection Method Detection time172.16.1.32 Ping Feb 16 1998 12:28 PM172.16.1.64 Gratuitous ARP Feb 23 1998 08:12 AM
Related Commands
show ip dhcp database
To display Cisco IOS Dynamic Host Configuration Protocol (DHCP) server database agent information, use the show ip dhcp database command in privileged EXEC mode.
show ip dhcp database [url]
Syntax Description
Defaults
If a URL is not specified, all database agent records are shown. Otherwise, only information about the specified agent is displayed.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows all DHCP server database agent information. Table 19 lists descriptions for each field in the example.
Router# show ip dhcp databaseURL : ftp://user:password@172.16.4.253/router-dhcpRead : Dec 01 1997 12:01 AMWritten : NeverStatus : Last read succeeded. Bindings have been loaded in RAM.Delay : 300 secondsTimeout : 300 secondsFailures : 0Successes : 1
Related Commands
ip dhcp database
Configures a Cisco IOS DHCP server to save automatic bindings on a remote host called a database agent.
show ip dhcp import
To display the option parameters that were imported into the Dynamic Host Configuration Protocol (DHCP) server database, use the show ip dhcp import command in privileged EXEC command.
show ip dhcp import
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Imported option parameters are not part of the router configuration and are not saved in NVRAM. Thus, the show ip dhcp import command is necessary to display the imported option parameters.
Examples
The following is sample output from the show ip dhcp import command:
Router# show ip dhcp importAddress Pool Name:2Domain Name Server(s): 1.1.1.1NetBIOS Name Server(s): 3.3.3.3The following example indicates the address pool name:
Address Pool Name:2The following example indicates the imported values, which are domain name and NetBIOS name information:
Domain Name Server(s): 1.1.1.1NetBIOS Name Server(s): 3.3.3.3Related Commands
import all
Imports option parameters into the DHCP database.
show ip dhcp database
Displays Cisco IOS server database information.
show ip dhcp pool
To display information about the Dynamic Host Configuration Protocol (DHCP) address pools, use the show ip dhcp pool command in privileged EXEC configuration mode.
show ip dhcp pool [name]
Syntax Description
name
(Optional) Displays information about a specific address pool. If not specified, displays information about all address pools.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use this command to determine the subnets allocated and to examine the current utilization level for the pool or all the pools if the name argument is not used.
Examples
The following example shows DHCP address pool information for pool 1. Table 20 describes the significant fields in the display.
Router# show ip dhcp pool 1Pool 1:Utilization mark (high/low) : 85 / 15Subnet size (first/next) : 24 / 24 (autogrow)VRF name : abcTotal addresses : 28Leased addresses : 11Pending event : none2 subnets are currently in the pool :Current index IP address range Leased addresses10.1.1.12 10.1.1.1 - 10.1.1.14 1110.1.1.17 10.1.1.17 - 10.1.1.30 0Interface Ethernet0/0 address assignment 10.1.1.1 255.255.255.24810.1.1.17 255.255.255.248 secondary
show ip dhcp relay information trusted-sources
To display all interfaces configured to be a trusted source for the Dynamic Host Configuration Protocol (DHCP) relay information option, use the show ip dhcp relay information trusted-sources command in EXEC mode.
show ip dhcp relay information trusted-sources
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output when the ip dhcp relay information trusted interface configuration command is configured. Note that the display output lists the interfaces that are configured to be trusted sources.
Router# show ip dhcp relay information trusted-sourcesList of trusted sources of relay agent information option:Ethernet1/1 Ethernet1/2 Ethernet1/3 Serial4/1.1Serial4/1.2 Serial4/1.3The following is sample output when the ip dhcp relay information trust-all global configuration command is configured. Note that the display output does not list the individual interfaces.
Router# show ip dhcp relay information trusted-sourcesAll interfaces are trusted source of relay agent information option Serial4/1.1Related Commands
show ip dhcp server statistics
To display Cisco IOS Dynamic Host Configuration Protocol (DHCP) server statistics, use the show ip dhcp server statistics command in privileged EXEC mode.
show ip dhcp server statistics
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Examples
The following example displays DHCP server statistics. Table 21 lists descriptions for each field in the example.
Router> show ip dhcp server statisticsMemory usage 40392Address pools 3Database agents 1Automatic bindings 190Manual bindings 1Expired bindings 3Malformed messages 0Secure arp entries 1Message ReceivedBOOTREQUEST 12DHCPDISCOVER 200DHCPREQUEST 178DHCPDECLINE 0DHCPRELEASE 0DHCPINFORM 0Message SentBOOTREPLY 12DHCPOFFER 190DHCPACK 172DHCPNAK 6
Related Commands
show ip drp
To display information about the Director Response Protocol (DRP) Server Agent for DistributedDirector, use the show ip drp command in user EXEC or privileged EXEC mode.
show ip drp
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXECCommand History
Examples
The following is sample output from the show ip drp command:
Router# show ip drpDirector Responder Protocol Agent is enabled717 director requests, 712 successful lookups, 5 failures, 0 no routeAuthentication is enabled, using "test" key-chainTable 22 describes the significant fields shown in the display.
Related Commands
show ip host-list
To display the assigned hosts in a list, use the show ip host-list command in privileged EXEC mode.
show ip host-list [host-list-name]
Syntax Description
Command Modes
Privileged EXEC
Command History
12.3(8)YA
This command was introduced.
12.3(14)T
This command was integrated into Cisco IOS Release 12.3(14)T.
Examples
The following is sample output from the show ip host-list command example for the abctest group:
Router# show ip host-list abctestHost list: abctestddns.abc.test10.2.3.4ddns2.unit.test10.3.4.5ddns3.com10.3.3.3e.org1.org.2.org3.com10.5.5.5 (VRF: green)Related Commands
show ip interface
To display the usability status of interfaces configured for IP, use the show ip interface command in privileged EXEC mode.
show ip interface [type number] [brief]
Syntax Description
type
(Optional) Interface type.
number
(Optional) Interface number.
brief
(Optional) Displays a summary of the usability status information for each interface.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The Cisco IOS software automatically enters a directly connected route in the routing table if the interface is usable. A usable interface can send and receive packets. If an interface is not usable, the directly connected routing entry is removed from the routing table. Removing the entry allows the software to use dynamic routing protocols to determine backup routes to the network, if any.
If the interface can provide two-way communication, the line protocol is marked "up." If the interface hardware is usable, the interface is marked "up."
If you specify an optional interface type, you see information for that specific interface.
If you specify no optional arguments, you see information on all the interfaces.
When an asynchronous interface is encapsulated with PPP or Serial Line Internet Protocol (SLIP), IP fast switching is enabled. A show ip interface command on an asynchronous interface encapsulated with PPP or SLIP displays a message indicating that IP fast switching is enabled.
The show ip interface brief command can be used to view a summary of the router interfaces. This command displays the IP address, interface status, and additional information.
Examples
The following examples from Cisco IOS Release 12.3(14)YM2 show:
•
•
The highlighted arrows (for documentation purposes only) show the configured output and input features and the additional MPF interface information.
Router# show running-config interface g 0/3interface GigabitEthernet0/3ip address 10.1.1.1 255.255.0.0ip flow egress <== outputip policy route-map PBR_NAME <== inputduplex autospeed automedia-type gbicnegotiation autoendRouter# show ip interface g 0/3GigabitEthernet0/3 is up, line protocol is upInternet address is 10.1.1.1/16Broadcast address is 255.255.255.255Address determined by setup commandMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledOutgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is disabledIP Flow switching is disabledIP CEF switching is enabledIP Feature Fast switching turbo vectorIP VPN Flow CEF switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are Fast, CEFRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledPolicy routing is enabled, using route map PBRNetwork address translation is disabledBGP Policy Mapping is disabledIP Multi-Processor Forwarding is enabled <======== MPF informationIP Input features, "PBR",are not supported by MPF and are IGNOREDIP Output features, "NetFlow",are not supported by MPF and are IGNOREDThe following example identifies a downstream VRF. The highlighted line (for documentation purposes only) identifies the downstream VRF.
Router# show ip interface vi 3Virtual-Access3 is up, line protocol is upInterface is unnumbered. Using address of Loopback2 (10.0.0.8)Broadcast address is 255.255.255.255Peer address is 10.8.1.1MTU is 1492 bytesHelper address is not setDirected broadcast forwarding is disabledOutgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is enabledIP Flow switching is disabledIP CEF switching is enabledIP Feature Fast switching turbo vectorIP VPN CEF switching turbo vectorVPN Routing/Forwarding "U"Downstream VPN Routing/Forwarding "D"IP multicast fast switching is disabledIP multicast distributed fast switching is disabledIP route-cache flags are Fast, CEFRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledPolicy routing is disabledNetwork address translation is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabledBGP Policy Mapping is disabledTable 23 describes the significant fields shown in the display.
The following is sample output from the show ip interface brief command:
Router# show ip interface briefInterface IP-Address OK? Method Status ProtocolEthernet0 10.108.00.5 YES NVRAM up upEthernet1 unassigned YES unset administratively down downLoopback0 10.108.200.5 YES NVRAM up upSerial0 10.108.100.5 YES NVRAM up upSerial1 10.108.40.5 YES NVRAM up upSerial2 10.108.100.5 YES manual up upSerial3 unassigned YES unset administratively down down
Related Commands
show ip irdp
To display ICMP Router Discovery Protocol (HRDP) values, use the show ip irdp EXEC command.
show ip irdp
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show ip irdp command:
Router# show ip irdpEthernet 0 has router discovery enabledAdvertisements will occur between every 450 and 600 seconds.Advertisements are valid for 1800 seconds.Default preference will be 100.--More--Serial 0 has router discovery disabled--More--Ethernet 1 has router discovery disabledAs the display shows, show ip irdp output indicates whether router discovery has been configured for each router interface, and it lists the values of router discovery configurables for those interfaces on which router discovery has been enabled. Explanations for the less obvious lines of output in the display are as follows:
Advertisements will occur between every 450 and 600 seconds.This indicates the configured minimum and maximum advertising interval for the interface.
Advertisements are valid for 1800 seconds.This indicates the configured holdtime values for the interface.
Default preference will be 100.This indicates the configured (or in this case default) preference value for the interface.
Related Commands
show ip masks
To display the masks used for network addresses and the number of subnets using each mask, use the show ip masks EXEC command.
show ip masks address
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
The show ip masks command is useful for debugging when a variable-length subnet mask (VLSM) is used. It shows the number of masks associated with the network and the number of routes for each mask.
Examples
The following is sample output from the show ip masks command:
Router# show ip masks 172.16.0.0Mask Reference count255.255.255.255 2255.255.255.0 3255.255.0.0 1show ip nat statistics
To display Network Address Translation (NAT) statistics, use the show ip nat statistics EXEC command.
show ip nat statistics
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show ip nat statistics command:
Router# show ip nat statisticsTotal translations: 2 (0 static, 2 dynamic; 0 extended)Outside interfaces: Serial0Inside interfaces: Ethernet1Hits: 135 Misses: 5Expired translations: 2Dynamic mappings:-- Inside Sourceaccess-list 1 pool net-208 refcount 2pool net-208: netmask 255.255.255.240start 172.16.233.208 end 172.16.233.221type generic, total addresses 14, allocated 2 (14%), misses 0Table 25 describes the significant fields shown in the display.
Related Commands
show ip nat translations
To display active Network Address Translation (NAT) translations, use the show ip nat translations command in EXEC mode.
show ip nat translations [esp] [icmp] [pptp] [tcp] [udp] [verbose] [vrf vrf-name]
Syntax Description
Command Modes
EXEC
Command History
11.2
This command was introduced.
12.2(13)T
The vrf vrf-name keyword and argument combination was added.
12.2(15)T
The esp keyword was added.
Examples
Router# show ip nat translationsPro Inside global Inside local Outside local Outside global--- 10.69.233.209 192.168.1.95 --- ------ 10.69.233.210 192.168.1.89 --- --With overloading, a translation for a Domain Name Server (DNS) transaction is still active, and translations for two Telnet sessions (from two different hosts) are also active. Note that two different inside hosts appear on the outside with a single IP address.
Router# show ip nat translationsPro Inside global Inside local Outside local Outside globaludp 10.69.233.209:1220 192.168.1.95:1220 172.16.2.132:53 172.16.2.132:53tcp 10.69.233.209:11012 192.168.1.89:11012 172.16.1.220:23 172.16.1.220:23tcp 10.69.233.209:1067 192.168.1.95:1067 172.16.1.161:23 172.16.1.161:23The following is sample output that includes the verbose keyword:
Router# show ip nat translations verbosePro Inside global Inside local Outside local Outside globaludp 172.16.233.209:1220 192.168.1.95:1220 172.16.2.132:53 172.16.2.132:53create 00:00:02, use 00:00:00, flags: extendedtcp 172.16.233.209:11012 192.168.1.89:11012 172.16.1.220:23 172.16.1.220:23create 00:01:13, use 00:00:50, flags: extendedtcp 172.16.233.209:1067 192.168.1.95:1067 172.16.1.161:23 172.16.1.161:23create 00:00:02, use 00:00:00, flags: extendedThe following is sample output that includes the vrf keyword:
Router# show ip nat translations vrf abcPro Inside global Inside local Outside local Outside global--- 10.2.2.1 192.168.121.113 --- ------ 10.2.2.2 192.168.122.49 --- ------ 10.2.2.11 192.168.11.1 --- ------ 10.2.2.12 192.168.11.3 --- ------ 10.2.2.13 172.16.5.20 --- ---Pro Inside global Inside local Outside local Outside global--- 10.2.2.3 192.168.121.113 --- ------ 10.2.2.4 192.168.22.49 --- ---The following is sample output that includes the esp keyword:
Router# show ip nat translations espPro Inside global Inside local Outside local Outside globalesp 192.168.22.40:0 192.168.122.20:0 192.168.22.20:0 192.168.22.20:28726CD9esp 192.168.22.40:0 192.168.122.20:2E59EEF5 192.168.22.20:0 192.168.22.20:0The following is sample output that includes the esp and verbose keywords:
Router# show ip nat translation esp verbosePro Inside global Inside local Outside local Outside globalesp 192.168.22.40:0 192.168.122.20:0 192.168.22.20:0 192.168.22.20:28726CD9create 00:00:00, use 00:00:00,flags:extended, 0x100000, use_count:1, entry-id:192, lc_entries:0esp 192.168.22.40:0 192.168.122.20:2E59EEF5 192.168.22.20:0 192.168.22.20:0create 00:00:00, use 00:00:00, left 00:04:59, Map-Id(In):20,flags:extended, use_count:0, entry-id:191, lc_entries:0Table 26 describes the significant fields shown in the display.
Related Commands
