Cisco IOS IP Command Reference, Volume 2 of 4: Routing Protocols, Release 12.3 T
IP Routing Protocols Commands: K through M

Table Of Contents

key

key chain

key-string (authentication)

limit retransmissions

log-adjacency-changes

lsp-full suppress

lsp-gen-interval (IS-IS)

lsp-refresh-interval (IS-IS)

match as-path

match community

match extcommunity

match interface (IP)

match ip address

match ip next-hop

match ip route-source

match length

match local-preference

match metric (IP)

match policy-list

match route-type (IP)

match source-protocol

match tag

maximum-paths

maximum-paths eibgp

maximum-paths ibgp

maximum-prefix

max-area-addresses

max-lsa

max-metric router-lsa

metric

metric holddown

metric maximum-hops

metric weights (EIGRP)


key

To identify an authentication key on a key chain, use the key command in key-chain configuration mode. To remove the key from the key chain, use the no form of this command.

key key-id

no key key-id

Syntax Description

key-id

Identification number of an authentication key on a key chain. The range of keys is from 0 to 2147483647. The key identification numbers need not be consecutive.


Defaults

No key exists on the key chain.

Command Modes

key-chain configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

Only DRP Agent, Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP) Version 2 use key chains.

It is useful to have multiple keys on a key chain so that the software can sequence through the keys as they become invalid after time, based on the accept-lifetime and send-lifetime key chain key command settings.

Each key has its own key identifier, which is stored locally. The combination of the key identifier and the interface associated with the message uniquely identifies the authentication algorithm and Message Digest 5 (MD5) authentication key in use. Only one authentication packet is sent, regardless of the number of valid keys. The software starts looking at the lowest key identifier number and uses the first valid key.

If the last key expires, authentication will continue and an error message will be generated. To disable authentication, you must manually delete the last valid key.

To remove all keys, remove the key chain by using the no key chain command.

Examples

The following example configures a key chain named trees. The key named chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key named birch will be accepted from 2:30 p.m. to 4:30 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or a discrepancy in the set time of the router. There is a 30-minute leeway on each side to handle time differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
 key 2
 key-string birch
 accept-lifetime 14:30:00 Jan 25 1996 duration 7200
 send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

Command
Description

accept-lifetime

Sets the time period during which the authentication key on a key chain is received as valid.

key chain

Enables authentication for routing protocols.

key-string (authentication)

Specifies the authentication string for a key.

send-lifetime

Sets the time period during which an authentication key on a key chain is valid to be sent.

show key chain

Displays authentication key information.


key chain

To enable authentication for routing protocols, identify a group of authentication keys by using the key chain command in global configuration mode. To remove the key chain, use the no form of this command.

key chain name-of-chain

no key chain name-of-chain

Syntax Description

name-of-chain

Name of a key chain. A key chain must have at least one key and can have up to 2147483647 keys.


Defaults

No key chain exists.

Command Modes

Global configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

Only DRP Agent, Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP) Version 2 use key chains.

You must configure a key chain with keys to enable authentication.

Although you can identify multiple key chains, we recommend using one key chain per interface per routing protocol. Upon specifying the key chain command, you enter key-chain configuration mode.

Examples

The following example configures a key chain named trees. The key named chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key named birch will be accepted from 2:30 p.m. to 4:30 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or a discrepancy in the set time of the router. There is a 30-minute leeway on each side to handle time differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
  key 2
  key-string birch
  accept-lifetime 14:30:00 Jan 25 1996 duration 7200
  send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

Command
Description

accept-lifetime

Sets the time period during which the authentication key on a key chain is received as valid.

ip rip authentication key-chain

Enables authentication for RIP Version 2 packets and specifies the set of keys that can be used on an interface.

key

Identifies an authentication key on a key chain.

key-string (authentication)

Specifies the authentication string for a key.

send-lifetime

Sets the time period during which an authentication key on a key chain is valid to be sent.

show key chain

Displays authentication key information.


key-string (authentication)

To specify the authentication string for a key, use the key-string command in key chain key configuration mode. To remove the authentication string, use the no form of this command.

key-string text

no key-string [text]

Syntax Description

text

Authentication string that must be sent and received in the packets using the routing protocol being authenticated. The string can contain from 1 to 80 uppercase and lowercase alphanumeric characters, except that the first character cannot be a number.


Defaults

No key exists.

Command Modes

Key chain key configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

Only DRP Agent, Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP) Version 2 use key chains. Each key can have only one key string.

If password encryption is configured (with the service password-encryption command), the software saves the key string as encrypted text. When you write to the terminal with the more system:running-config command, the software displays key-string 7 encrypted text.

Examples

The following example configures a key chain named trees. The key named chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key named birch will be accepted from 2:30 p.m. to 4:30 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or a discrepancy in the set time of the router. There is a 30-minute leeway on each side to handle time differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
 key 2
 key-string birch
 accept-lifetime 14:30:00 Jan 25 1996 duration 7200
 send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

Command
Description

accept-lifetime

Sets the time period during which the authentication key on a key chain is received as valid.

key

Identifies an authentication key on a key chain.

key chain

Enables authentication for routing protocols.

send-lifetime

Sets the time period during which an authentication key on a key chain is valid to be sent.

service password-encryption

Encrypts passwords.

show key chain

Displays authentication key information.


limit retransmissions

To change or remove the limit in the number of retransmissions of database exchange and update packets for both demand and non-demand circuits, use the limit retransmissions command in router configuration mode. To reset the maximum number of retransmissions back to the default value of 24, use the no form of this command.

limit retransmissions {[dc {max-number | disable}] [non-dc {max-number | disable}]}

no limit transmissions [dc | non-dc]

Syntax Description

dc

Demand circuit retransmissions.

max-number

Maximum number of retransmissions. Range from 1 to 255.

non-dc

Nondemand circuit retransmissions.

disable

Disables or removes the limit to the number of retransmissions.


Defaults

Maximum number of retransmissions is 24.

Command Modes

Router configuration

Command History

Release
Modification

12.2(11)T

This command was introduced.


Usage Guidelines

Cisco IOS Release 12.2(4)T added a limit to the number of retransmissions of database exchange and update packets for both demand and nondemand circuits. The retransmission of these packets stops once this retry limit is reached, thus preventing unnecessary use of the link in continual retransmission of the packets if, for some reason, a neighbor is not responding during adjacency forming.

The limit for both demand circuit and nondemand circuit retransmissions is 24.

The limit-retransmissions command allows you to either remove (disable) the limit or change the maximum number of retransmissions to be a number from 1 to 255. The configuration of this command provides for backward compatibility for previous or other releases of Cisco IOS Software or other routers that do not have this feature.


Note The limit to the number of retransmissions does not apply for update packets on nonbroadcast multiaccess (NBMA) point-to-multipoint direct circuits. In this situation, the dead timer is used to end communication with nonresponding neighbors and thus stop the retransmissions.


Examples

The following example shows how to set the maximum number of demand circuit retransmissions to 10:

limit retransmissions dc 10

The following example shows how to remove the limit for the number of demand circuit retransmissions:

limit retransmissions dc disable

The following example shows how to set the maximum number of demand circuit retransmissions to 10 and to set the maximum number of nondemand circuit retransmissions to 20:

limit retransmissions dc 10 non-dc 20

The following example shows how to set the maximum number of demand circuit retransmissions to 10, and to remove the limit for the number of nondemand circuit retransmissions:

limit retransmissions dc 10 non-dc disable

The following example shows how to reset both the demand circuit and nondemand circuit maximum number of retransmissions back to the default of 24:

no limit retransmissions

Related Commands

Command
Description

router ospf

Configures an OSPF routing process.


log-adjacency-changes

To configure the router to send a syslog message when an OSPF neighbor goes up or down, use the log-adjacency-changes command in router configuration mode. To turn off this function, use the no form of this command.

log-adjacency-changes [detail]

no log-adjacency-changes [detail]

Syntax Description

detail

(Optional) Sends a syslog message for each state change, not just when a neighbor goes up or down.


Defaults

Enabled

Command Modes

Router configuration

Command History

Release
Modification

11.2

This command was introduced as "ospf log-adjacency-changes".

12.1

The ospf keyword was omitted and the detail keyword was added.


Usage Guidelines

This command allows you to know about OSPF neighbors going up or down without turning on the debug ip ospf adjacency command. The log-adjacency-changes command provides a higher level view of those changes of the peer relationship with less output. This command is on by default but only up/down (full/down) events are reported, unless the detail keyword is also configured.

Examples

The following example configures the router to send a syslog message when an OSPF neighbor state changes:

log-adjacency-changes detail

lsp-full suppress

To control which routes are suppressed when the link-state PDU becomes full, use the lsp-full suppress command in router configuration mode. To stop suppression of redistributed routes, specify none or use the no form of this command.

lsp-full suppress {[external] [interlevel] | none}

no lsp-full suppress

Syntax Description

external

(Optional) Suppresses any redistributed routes on this router.

interlevel

(Optional) Suppresses any routes coming from the other level. For example, if the Level-2 LSP becomes full, routes from Level 1 are suppressed.

none

(Optional) Suppresses no routes.


Defaults

If this command is not specified, or if this command is specified with no keyword, the default value used is external.

Command Modes

Router configuration

Command History

Release
Modification

12.0(25)S

This command was introduced.

12.2(18)S

This command was integrated into Cisco IOS Release 12.2(18)S.

12.3(4)T

This command was integrated into Cisco IOS Release 12.3(4)T.


Usage Guidelines

In networks where there is no limit placed on the number of redistributed routes into IS-IS (that is, the redistribute maximum-prefix command was not configured), it is possible that the link-state PDU (LSP) could become full and routes will be dropped. Use the lsp-full suppress command to define in advance which routes are suppressed in the event that the LSP becomes full.

The external and interlevel keywords can be specified together or separately.

Use the clear isis lsp-full command to clear the LSPFULL state.

Examples

This example specifies that if the LSP becomes full, both redistributed routes and routes from another level will be suppressed from the LSP:

router isis
 lsp-full suppress external interlevel

Related Commands

Command
Description

clear isis lsp-full

Clears the LSPFULL state.

redistribute maximum-prefix

Limits the number of prefixes redistributed into IS-IS or generates a warning when the number of prefixes redistributed into IS-IS reaches a maximum.


lsp-gen-interval (IS-IS)

To customize IS-IS throttling of LSP generation, use the lsp-gen-interval command in router configuration mode. To restore default values, use the no form of this command.

lsp-gen-interval [level-1 | level-2] lsp-max-wait [lsp-initial-wait lsp-second-wait]

no lsp-gen-interval

Syntax Description

level-1

(Optional) Apply intervals to Level-1 areas only.

level-2

(Optional) Apply intervals to Level-2 areas only.

lsp-max-wait

Indicates the maximum interval (in seconds) between two consecutive ocurrences of an LSP being generated. The range is 1 to 120 seconds. The default is 5 seconds.

lsp-initial-wait

(Optional) Indicates the initial LSP generation delay (in milliseconds). The range is 1 to 120,000 milliseconds. The default is 50 milliseconds.

lsp-second-wait

(Optional) Indicates the hold time between the first and second LSP generation (in milliseconds). The range is 1 to 120,000 milliseconds. The default is 5000 milliseconds (5 seconds).


Defaults

lsp-max-wait: 5 seconds
lsp-initial-wait: 50 milliseconds
lsp-second-wait: 5000 milliseconds

Command Modes

Router configuration

Command History

Release
Modification

12.1

This command was introduced.


Usage Guidelines

The following description will help you determine whether to change the default values of this command:

The lsp-initial-wait argument indicates the initial wait time (in milliseconds) before generating the first LSP.

The third argument indicates the amount of time to wait (in milliseconds) between the first and second LSP generation.

Each subsequent wait interval is twice as long as the previous one until the wait interval reaches the lsp-max-wait interval specified, so this value causes the throttling or slowing down of the LSP generation after the initial and second intervals. Once this interval is reached, the wait interval continues at this interval until the network calms down.

After the network calms down and there are no triggers for 2 times the lsp-max-wait interval, fast behavior is restored (the initial wait time).

Notice that the lsp-gen-interval command controls the delay between LSPs being generated, as opposed to the following related commands:

The isis lsp-interval command sets the delay (in milliseconds) between successive LSPs being transmitted (including LSPs generated by another system and forwarded by the local system).

The isis retransmit-interval command sets the amount of time (in seconds) between retransmissions of the same LSP on a point-to-point link.

The isis retransmit-throttle-interval command sets the minimum delay (in milliseconds) between retransmitted LSPs on a point-to-point interface.

These commands can be used in combination to control the rate of LSP packets being generated, transmitted, and retransmitted.

Examples

The following example configures intervals for SPF calculations, PRC, and LSP generation:

router isis
 spf-interval 5 10 20
 prc-interval 5 10 20
 lsp-gen-interval 2 50 100

Related Commands

Command
Description

isis lsp-interval

Sets the time delay between successive IS-IS LSP transmissions.

isis retransmit-interval

Sets the amount of time between retransmission of each IS-IS LSP on a point-to-point link.

isis retransmit-throttle-interval

Sets the minimum delay between retransmissions on each LSP on a point-to-point interface.


lsp-refresh-interval (IS-IS)

To set the link-state packet (LSP) refresh interval, use the lsp-refresh-interval command in router configuration mode. To restore the default refresh interval, use the no form of this command.

lsp-refresh-interval seconds

no lsp-refresh-interval

Syntax Description

seconds

Interval (in seconds) at which LSPs are refreshed.The range is 1 to 65535 seconds. The default value is 900 seconds (15 minutes).


Defaults

900 seconds (15 minutes)

Command Modes

Router configuration

Command History

Release
Modification

10.3

This command was introduced.


Usage Guidelines

The refresh interval determines the rate at which Cisco IOS software periodically transmits in LSPs the route topology information that it originates. This is done to keep the database information from becoming too old.

LSPs must be periodically refreshed before their lifetimes expire. The value set for the lsp-refresh-interval command should be less than the value set for the max-lsp-lifetime command; otherwise, LSPs will time out before they are refreshed. If you misconfigure the LSP lifetime to be too low compared to the LSP refresh interval, the software will reduce the LSP refresh interval to prevent the LSPs from timing out.

Reducing the refresh interval reduces the amount of time that undetected link state database corruption can persist at the cost of increased link utilization. (This is an extremely unlikely event, however, because there are other safeguards against corruption.) Increasing the interval reduces the link utilization caused by the flooding of refreshed packets (although this utilization is very small).

Examples

The following example configures the IS-IS LSP refresh interval to be 1080 seconds (18 minutes):

router isis 
 lsp-refresh-interval 1080

Related Commands

Command
Description

max-lsp-lifetime (IS-IS)

Sets the maximum time that link-state packets (LSPs) can remain in a router's database without being refreshed.


match as-path

To match a BGP autonomous system path access list, use the match as-path command in route-map configuration mode. To remove a path list entry, use the no form of this command.

match as-path path-list-number

no match as-path path-list-number

Syntax Description

path-list-number

Autonomous system path access list. An integer from 1 to 199.


Defaults

No path lists are defined.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The values set by the match as-path and set weight commands override global values. For example, the weights assigned with the match as-path and set weight route-map configuration commands override the weight assigned using the neighbor weight command.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.

Examples

The following example sets the autonomous system path to match BGP autonomous system path access list 20:

route-map IGP2BGP
 match as-path 20

Related Commands

Command
Description

match community

Matches a BGP community.

match interface (IP)

Distributes routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

Command
Description

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match metric (IP)

Redistributes routes with the metric specified.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

neighbor weight

Assigns weight to a neighbor connection.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value in a route map configuration.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set origin (BGP)

Sets the BGP origin code.

set tag (IP)

Sets the value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match community

To match a Border Gateway Protocol (BGP) community, use the match community command in route-map configuration mode. To remove the match community command from the configuration file and restore the system to its default condition where the software removes the BGP community list entry, use the no form of this command.

match community {standard-list-number | expanded-list-number | community-list-name [exact]}

no match community {standard-list-number | expanded-list-number | community-list-name [exact]}

Syntax Description

standard-list-number

Specifies a standard community list number from 1 to 99 that identifies one or more permit or deny groups of communities.

expanded-list-number

Specifies an expanded community list number from 100 to 500 that identifies one or more permit or deny groups of communities.

community-list-name

The community list name.

exact

(Optional) Indicates that an exact match is required. All of the communities and only those communities specified must be present.


Defaults

No community list is matched by the route map.

Command Modes

Route-map configuration

Command History

Release
Modification

12.1

This command was introduced.

12.1(9)E

Named community list support was integrated into Cisco IOS Release 12.1(9)E.

12.2(8)T

Named community list support was integrated into Cisco IOS Release 12.2(8)T.

12.0(22)S

The maximum number of expanded extended community list numbers was changed from 199 to 500 in Cisco IOS Release 12.0(22)S.

12.2(15)T

The maximum number of expanded extended community list numbers was changed from 199 to 500 in Cisco IOS Release 12.2(15)T.


Usage Guidelines

A route map can have several parts. Any route that does not match at least one match command relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.

Matching based on community list number is one of the types of match commands applicable to BGP.

Examples

The following example shows that the routes matching community list 1 will have the weight set to 100. Any route that has community 109 will have the weight set to 100.

Router(config)# ip community-list 1 permit 109
Router(config)# !
Router(config)# route-map set_weight
Router(config-route-map)#  match community 1
Router(config-route-map)# set weight 100

The following example shows that the routes matching community list 1 will have the weight set to 200. Any route that has community 109 alone will have the weight set to 200.

Router(config)# ip community-list 1 permit 109
Router(config)# !
Router(config)# route-map set_weight
Router(config-route-map)# match community 1 exact
Router(config-route-map)# set weight 200

In the following example, the routes that match community list LIST_NAME will have the weight set to 100. Any route that has community 101 alone will have the weight set to 100.

Router(config)# ip community-list 1 permit 101
Router(config)# !
Router(config)# route-map set_weight
Router(config-route-map)# match community LIST_NAME 
Router(config-route-map)# set weight 100

The following example shows that the routes that match expanded community list 500. Any route that has extended community 1 will have the weight set to 150.

Router(config)# ip community-list 500 permit [0-9]*
Router(config)# !
Router(config)# route-map MAP_NAME permit 10
Router(config-route-map)# match extcommunity 500
Router(config-route-map)# set weight 150

Related Commands

Command
Description

ip community-list

Creates a community list for BGP and controls access to it.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another.

set weight

Specifies the BGP weight for the routing table.


match extcommunity

To match Border Gateway Protocol (BGP) extended community list attributes, use the match extcommunity command in route-map configuration mode. To remove the match extcommunity command from the configuration file and remove the BGP extended community list attribute entry, use the no form of this command.

match extcommunity standard-list-number expanded-list-number

no match extcommunity standard-list-number expanded-list-number

Syntax Description

standard-list-number

A standard extended community list number from 1 to 99 that identifies one or more permit or deny groups of extended community attributes.

expanded-list-number

An expanded extended community list number from 100 to 500 that identifies one or more permit or deny groups of extended community attributes.


Defaults

This command is disabled by default.

Command Modes

Route-map configuration

Command History

Release
Modification

12.1

This command was introduced.

12.0(22)S

The maximum number of expanded extended community list numbers was changed from 199 to 500 in Cisco IOS Release 12.0(22)S.

12.2(15)T

The maximum number of expanded extended community list numbers was changed from 199 to 500 in Cisco IOS Release 12.2(15)T.


Usage Guidelines

Extended community attributes are used to configure, filter, and identify routes for virtual routing and forwarding instances (VRFs) and Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs).

The match extcommunity command is used to configure match clauses that use extended community attributes in route maps. The range of numbers that can be configured with the match extcommunity command is from 1 to500. All of the standard rules of match and set clauses apply to the configuration of extended community attributes.

Examples

The following example shows that the routes that match extended community list 500 will have the weight set to 100. Any route that has extended community 1 will have the weight set to 100.

Router(config)# ip extcommunity-list 500 rt 100:2
Router(config)# !
Router(config)# route-map MAP_NAME permit 10
Router(config-route-map)# match extcommunity 1
Router(config-route-map)# set weight 100

Related Commands

Command
Description

ip extcommunity-list

Creates an extended community list for BGP and controls access to it.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another.

set extcommunity

Sets BGP extended community attributes.

set weight

Specifies the BGP weight for the routing table.

show ip extcommunity-list

Displays routes that are permitted by the extended community list.

show route-map

Displays configured route maps.


match interface (IP)

To distribute any routes that have their next hop out one of the interfaces specified, use the match interface command in route-map configuration mode. To remove the match interface entry, use the no form of this command.

match interface interface-type interface-number [... interface-type interface-number]

no match interface interface-type interface-number [... interface-type interface-number]

Syntax Description

interface-type

Interface type.

interface-number

Interface number.


Defaults

No match interfaces are defined.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the interface-type interface-number arguments.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route map section with an explicit match specified.

Examples

In the following example, routes that have their next hop out Ethernet interface 0 will be distributed:

route-map name
 match interface ethernet 0

Related Commands

Command
Description

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match metric (IP)

Redistributes routes with the metric specified.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match ip address

To distribute any routes that have a destination network number address that is permitted by a standard access list, an extended access list, or a prefix list, or to perform policy routing on packets, use the match ip address command in route-map configuration mode. To remove the match ip address entry, use the no form of this command.

match ip address {access-list-number [access-list-number... | access-list-name...] | access-list-name [access-list-number...| access-list-name] | prefix-list prefix-list-name [prefix-list-name...]}

no match ip address {access-list-number [access-list-number... | access-list-name...] | access-list-name [access-list-number...| access-list-name] | prefix-list prefix-list-name [prefix-list-name...]}

Syntax Description

access-list-number...

Number of a standard or extended access list. It can be an integer from 1 to 199. The ellipsis indicates that multiple values can be entered.

access-list-name...

Name of a standard or extended access list. It can be an integer from 1 to 199. The ellipsis indicates that multiple values can be entered.

prefix-list

Distributes routes based on a prefix list.

prefix-list-name...

Name of a specific prefix list. The ellipsis indicates that multiple values can be entered.


Defaults

No access list numbers or prefix lists are specified.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the access-list-number, access-list-name, or prefix-list-name arguments.

Like matches in the same route map subblock are filtered with "or" semantics. If any one match clause is matched in the entire route map subblock, this match is treated as a successful match. Dissimilar match clauses are filtered with "and" semantics. So dissimilar matches are filtered logically. If the first set of conditions is not met, the second match clause is filtered. This process continues until a match occurs or there are no more match clauses.

Use route maps to redistribute routes or to subject packets to policy routing. Both purposes are described in this section.

Redistribution

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

When you are passing routes through a route map, a route map can have several sections that contain specific match clauses. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route map section with an explicit match specified.

Policy Routing

Another purpose of route maps is to enable policy routing. The match ip address command allows you to policy route packets based on criteria that can be matched with an extended access list; for example, a protocol, protocol service, and source or destination IP address. To define the conditions for policy routing packets, use the ip policy route-map interface configuration command, in addition to the route-map global configuration command, and the match and set route-map configuration commands. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which policy routing occurs. The set commands specify the set actions—the particular routing actions to perform if the criteria enforced by the match commands are met. You might want to policy route packets based on their source, for example, using an access list.

Examples

In the following example, routes that have addresses specified by access list numbers 5 or 80 will be matched:

route-map name
 match ip address 5 80

Route maps that use prefix lists can be used for route filtering, default origination, and redistribution in other routing protocols. In the following example, a default route 0.0.0.0/0 is conditionally originated when there exists a prefix 10.1.1.0/24 in the routing table:


ip prefix-list cond permit 10.1.1.0/24
!
route-map default-condition permit 10
match ip address prefix-list cond
!
router rip
default-information originate route-map default-condition
!

In the following policy routing example, packets that have addresses specified by access list numbers 6 or 25 will be routed to Ethernet interface 0:

interface serial 0
 ip policy route-map chicago
!
route-map chicago
 match ip address 6 25 
 set interface ethernet 0

Related Commands

Command
Description

ip local policy route-map

Identifies a route map to use for policy routing on an interface.

ip policy route-map

Identifies a route map to use for policy routing on an interface.

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match interface (IP)

Distributes any routes that have their next hop out one of the interfaces specified.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match length

Bases policy routing on the Level 3 length of a packet.

match metric (IP)

Redistributes routes with the metric specified.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set default interface

Indicates where to output packets that pass a match clause of a route map for policy routing and have no explicit route to the destination.

set interface

Indicates where to output packets that pass a match clause of a route map for policy routing.

set ip default next-hop

Indicates where to output packets that pass a match clause of a route map for policy routing and for which the Cisco IOS software has no explicit route to a destination.

set ip next-hop

Indicates where to output packets that pass a match clause of a route map for policy routing.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match ip next-hop

To redistribute any routes that have a next hop router address passed by one of the access lists specified, use the match ip next-hop command in route-map configuration mode. To remove the next hop entry, use the no form of this command.

match ip next-hop {access-list-number | access-list-name}[...access-list-number | ...access-list-name]

no match ip next-hop {access-list-number | access-list-name}[...access-list-number | ...access-list-name]

Syntax Description

access-list-number | access-list-name

Number or name of a standard or extended access list. It can be an integer from 1 to 199.


Defaults

Routes are distributed freely, without being required to match a next hop address.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the access-list-number or access-list-name argument.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

When you are passing routes through a route map, a route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route map section with an explicit match specified.

Examples

The following example distributes routes that have a next hop router address passed by access list 5 or 80 will be distributed:

route-map name
 match ip next-hop 5 80

Related Commands

Command
Description

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match interface (IP)

Distributes any routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match metric (IP)

Redistributes routes with the metric specified.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match ip route-source

To redistribute routes that have been advertised by routers and access servers at the address specified by the access lists, use the match ip route-source command in route-map configuration mode. To remove the route-source entry, use the no form of this command.

match ip route-source {access-list-number | access-list-name}[...access-list-number | ...access-list-name]

no match ip route-source {access-list-number | access-list-name}[...access-list-number | ...access-list-name]

Syntax Description

access-list-number | access-list-name

Number or name of a standard or extended access list. It can be an integer from 1 to 199.


Defaults

No filtering on route source.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the access-list-number or access-list-name argument.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route map section with an explicit match specified.

There are situations in which the next hop and source router address of the route are not the same.

Examples

The following example distributes routes that have been advertised by routers and access servers at the addresses specified by access lists 5 and 80:

route-map name
 match ip route-source 5 80

Related Commands

Command
Description

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match interface (IP)

Distributes any routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match metric (IP)

Redistributes routes with the metric specified.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match length

To base policy routing on the Level 3 length of a packet, use the match length command in route-map configuration mode. To remove the entry, use the no form of this command.

match length minimum-length maximum-length

no match length minimum-length maximum-length

Syntax Description

minimum-length

Minimum Level 3 length of the packet, inclusive, allowed for a match. Range is from 0 to 0x7FFFFFFF.

maximum-length

Maximum Level 3 length of the packet, inclusive, allowed for a match. Range is from 0 to 0x7FFFFFFF.


Defaults

No policy routing occurs on the length of a packet.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.

12.3(7)T

This command was updated for use in configuring IPv6 policy-based routing (PBR).


Usage Guidelines

In IPv4, use the ip policy route-map interface configuration command, the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for policy routing packets. The ip policy route-map command identifies a route map by name. Each route-map has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which policy routing occurs. The set commands specify the set actions—the particular routing actions to perform if the criteria enforced by the match commands are met.

In PBR for IPv6, use the ipv6 policy route-map or ipv6 local policy route-map command to define conditions for policy routing packets.

In IPv4, the match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the packet to be routed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

In IPv4, you might want to base your policy routing on the length of packets so that your interactive traffic and bulk traffic are directed to different routers.

Examples

In the following example, packets 3 to 200 bytes long, inclusive, will be routed to FDDI interface 0:

interface serial 0
 ip policy route-map interactive
!
route-map interactive
 match length 3 200
 set interface fddi 0

In the following example for IPv6, packets 3 to 200 bytes long, inclusive, will be routed to FDDI interface 0:

interface Ethernet0/0
  ipv6 policy-route-map interactive
!
route-map interactive
 match length 3 200
 set interface fddi 0

Related Commands

Command
Description

ip local policy route-map

Identifies a route map to use for policy routing on an interface.

ipv6 local policy route-map

Configures PBR for IPv6 for originated packets.

ipv6 policy route-map

Configures IPv6 PBR on an interface.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ipv6 address

Specifies an IPv6 access list to use to match packets for PBR for IPv6.

match length

Bases policy routing on the Level 3 length of a packet.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set default interface

Indicates where to output packets that pass a match clause of a route map for policy routing and have no explicit route to the destination.

set interface

Indicates where to output packets that pass a match clause of route map for policy routing.

set ip default next-hop

Indicates where to output packets that pass a match clause of a route map for policy routing and for which the Cisco IOS software has no explicit route to a destination.

set ipv6 default next-hop

Specifies an IPv6 default next hop to which matching packets will be forwarded.

set ip next-hop

Indicates where to output packets that pass a match clause of a route map for policy routing.

set ipv6 next-hop (PBR)

Indicates where to output IPv6 packets that pass a match clause of a route map for policy routing.

set ipv6 precedence

Sets the precedence value in the IPv6 packet header.


match local-preference

To configure a route map to match routes based on the Border Gateway Protocol (BGP) local-preference attribute, use the match local-preference command in route-map configuration mode. To remove the match clause entry from the route map, use the no form of this command.

match local-preference {value}

no match local-preference {value}

Syntax Description

value

The local preference value. This argument can be entered as a number from 0 to 4294967295.


Command Default

Cisco IOS software uses a default value of 100 for the local-preference attribute. However, a local-preference value must be entered when configuring a match clause with this command.

Command Modes

Route-map configuration

Command History

Release
Modification

12.3(14)T

This command was introduced.

12.2(30)S

This command was integrated into Cisco IOS Release 12.2(30)S.


Usage Guidelines

The match local-preference command is used to filter routes based on the value of the local preference attribute. The local-preference attribute is a well-known discretionary attribute that is used to set the preference for an exit point within an autonomous system. The route with the highest local-preference value is preferred by the BGP best path selection process.

Redistributing OER Injected Routes

Optimized Edge Routing (OER) uses a local-preference value of 5000 (default) to move traffic to the preferred exit point in a BGP network (This value can be configured on the OER master controller). The match local-preference command can be used to redistribute OER injected routes within an autonomous system that is monitored and controlled by OER.

Examples

The following example configures the route-map name RED to match OER injected routes:

Router(config)# route-map RED permit 10 
Router(config-route-map)# match local-preference 5000 
Router(config-route-map)# 

Related Commands

Command
Description

bgp default local-preference

Changes the default local-preference value.

route-map (IP)

Defines conditions for redistributing routes.

set local-preference

Applies a local-preference value to routes that pass the match clause.


match metric (IP)

To redistribute routes with the metric specified, use the match metric command in route-map configuration mode. To remove the entry, use the no form of this command.

match metric metric-value | [external [+/- deviation-number]

no match metric metric-value | [external [+/- deviation-number]

Syntax Description

metric-value

Route metric, which can be an EIGRP five-part metric. The range is from 0 to 4294967295.

external [+/-] deviation-number

(Optional) External protocol metric associated with a route and interpreted by a source protocol. The optional +/- keywords specify that a standard deviation number will offset the number configured for the metric-value argument. The deviation-number argument can be any number. There is no default.


Defaults

No filtering on a metric value.

Command Modes

Route-map configuration

Command History

Release
Modification

11.2

This command was introduced.

12.3(8)T

The external and plus/minus keywords were added.


Usage Guidelines

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route map section with an explicit match specified.


Note The match metric external command is not the same as the EIGRP assigned route metric, a figure computed from EIGRP vectorized metric components (delay, bandwidth, reliability, load, and MTU).


Examples

In the following example, routes with the metric 5 will be redistributed:

route-map name
 match metric 5

In the following example, any metric that falls inclusively in the range from 400 to 600 is matched:

route-map name
 match metric 500 +/- 100

Related Commands

Command
Description

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match interface (IP)

Distributes any routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match policy-list

To configure a route map to evaluate and process a Border Gateway Protocol (BGP) policy list in a route map, use the match policy-list command in route-map configuration mode. To remove a path list entry, use the no form of this command.

match policy-list policy-list-name

no match policy-list policy-list-name

Syntax Description

policy-list-name

Name of the policy list to evaluate and process within the route map.


Defaults

This command is not enabled by default.

Command Modes

Route-map configuration

Command History

Release
Modification

12.0(22)S

This command was introduced.

12.2(15)T

This command was integrated into 12.2(15)T.


Usage Guidelines

When a policy list is referenced within a route map, all the match statements within the policy list are evaluated and processed.

Two or more policy lists can be configured with a route map. Policy lists can be configured within a route map to be evaluated with AND semantics or OR semantics.

Policy lists can also coexist with any other preexisting match and set statements that are configured within the same route map but outside of the policy lists.

When multiple policy lists perform matching within a route map entry, all policy lists match on the incoming attribute only.

Examples

The following configuration example creates a route map that references policy lists and separate match and set clauses in the same configuration:

Router(config)# route-map MAP-NAME-1 10
Router(config-route-map)# match ip-address 1
Router(config-route-map)# match policy-list POLICY-LIST-NAME-1 
Router(config-route-map)# set community 10:1
Router(config-route-map)# set local-preference 140
Router(config-route-map)# end

The following configuration example creates a route map that references policy lists and separate match and set clauses in the same configuration. This example processes the policy lists named POLICY-LIST-NAME-2 and POLICY-LIST-NAME-3 with OR semantics. A match is required from only one of the policy lists.

Router(config)# route-map MAP-NAME-2 10
Router(config-route-map)# match policy-list POLICY-LIST-NAME-2 POLICY-LIST-NAME-3
Router(config-route-map)# set community 10:1
Router(config-route-map)# set local-preference 140
Router(config-route-map)# end

Related Commands

Command
Description

ip policy-list

Creates a BGP policy list.

match community

Matches a BGP community.

match interface (IP)

Distributes routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match metric (IP)

Redistributes routes with the metric specified.

match as-path

References a policy list within a route map for evaluation and processing.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

neighbor weight

Assigns weight to a neighbor connection.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.


match route-type (IP)

To redistribute routes of the specified type, use the match route-type command in route-map configuration mode. To remove the route type entry, use the no form of this command.

match route-type {local | internal | external [type-1 | type-2] | level-1 | level-2}

no match route-type {local | internal | external [type-1 | type-2] | level-1 | level-2}

Syntax Description

local

Locally generated Border Gateway Protocol (BGP) routes.

internal

Open Shortest Path First (OSPF) intra-area and interarea routes or Enhanced Interior Gateway Routing Protocol (EIGRP) internal routes.

external [type-1 | type-2]

OSPF external routes, or EIGRP external routes. For OSPF, the external type-1 keyword matches only Type 1 external routes and the external type-2 keyword matches only Type 2 external routes.

level-1

Intermediate System-to-Intermediate System (IS-IS) Level 1 routes.

level-2

IS-IS Level 2 routes.


Defaults

This command is disabled by default.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.

11.2

The local and external [type-1 | type-2] keywords were added.


Usage Guidelines

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route map section with an explicit match specified.

Examples

The following example redistributes internal routes:

route-map name
 match route-type internal

Related Commands

Command
Description

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match interface (IP)

Distributes any routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match metric (IP)

Redistributes routes with the metric specified.

match tag

Redistributes routes in the routing table that match the specified tags.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match source-protocol

To enable matching EIGRP external routes based on a source protocol and autonomous system number, use the match source-protocol command in route-map configuration mode. To remove the protocol to be matched, use the no form of this command.

match source-protocol {source-protocol [as-number]}

no match source-protocol {source-protocol [as-number]}

Syntax Description

source-protocol

Protocol to match. The valid keywords are bgp, connected, eigrp, isis, ospf, rip, and static. There is no default.

as-number

(Optional) Autonomous system number. The AS number is not applicable to the connected, static, and rip keywords. The range is from 1 to 65535. There is no default.


Defaults

No matching of a source protocol.

Command Modes

Route-map configuration

Command History

Release
Modification

12.3(8)T

This command was introduced.


Usage Guidelines

This command may not be useful with a redistribution operation that employs route maps since redistribution usually requires the configuration of a source protocol and an AS value in order to redistribute. It is more useful in many cases to configure the route map that includes matching the route type based on the source protocol and AS using the distribute-list command for EIGRP.

Examples

In the following example, the source protocol is specified as BGP and the AS number is 2 which permits external EIGRP routes of BGP:

match source-protocol bgp 2

Related Commands

Command
Description

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match interface (IP)

Distributes any routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match route-type (IP)

Redistributes routes of the specified type.

match tag

Redistributes routes in the routing table that match the specified tags.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


match tag

To redistribute routes in the routing table that match the specified tags, use the match tag command in route-map configuration mode. To remove the tag entry, use the no form of this command.

match tag tag-value [...tag-value]

no match tag tag-value [...tag-value]

Syntax Description

tag-value

List of one or more route tag values. Each can be an integer from 0 to 4294967295.


Defaults

No match tag values are defined.

Command Modes

Route-map configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

An ellipsis (...) in the command syntax indicates that your command input can include multiple values for the tag-value argument.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route map section with an explicit match specified.

Examples

The following example redistributes routes stored in the routing table with tag 5:

route-map name
 match tag 5

Related Commands

Command
Description

match as-path

Matches a BGP autonomous system path access list.

match community

Matches a BGP community.

match interface (IP)

Distributes any routes that have their next hop out one of the interfaces specified.

match ip address

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets.

match ip next-hop

Redistributes any routes that have a next hop router address passed by one of the access lists specified.

match ip route-source

Redistributes routes that have been advertised by routers and access servers at the address specified by the access lists.

match metric (IP)

Redistributes routes with the metric specified.

match route-type (IP)

Redistributes routes of the specified type.

route-map (IP)

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.

set as-path

Modifies an autonomous system path for BGP routes.

set automatic-tag

Automatically computes the tag value.

set community

Sets the BGP communities attribute.

set level (IP)

Indicates where to import routes.

set local-preference

Specifies a preference value for the autonomous system path.

set metric (BGP, OSPF, RIP)

Sets the metric value for a routing protocol.

set metric-type

Sets the metric type for the destination routing protocol.

set next-hop

Specifies the address of the next hop.

set tag (IP)

Sets a tag value of the destination routing protocol.

set weight

Specifies the BGP weight for the routing table.


maximum-paths

To configure the maximum number of parallel routes that an IP routing protocol will install into the routing table, use the maximum-paths command in router configuration or address family configuration mode. To restore the default value, use the no form of this command.

maximum-paths number [import number]| import number

no maximum-paths number | import number

Syntax Description

number

Specifies the number of routes to install to the routing table. See the usage guidelines for the number of paths that can be configured with this argument.

import number

(Optional) Specifies the number of redundant paths that can be configured as back up multipaths for a VRF. This keyword can only be configured under a VRF in address family configuration mode.

Note We recommend that this feature is enabled only where needed and that the number of import paths be kept to the minimum (Typically, not more than two paths). For more information, see the related note in the usage guidelines of this command reference page.


Defaults

Border Gateway Protocol (BGP) by default will install only one best path in the routing table. The default for all other IP routing protocols is four paths.

Command Modes

Router configuration
Address family configuration

Command History

Release
Modification

11.2

This command was introduced.

12.0(25)S

The import keyword was introduced.

12.2(13)T

The import keyword was integrated into Cisco IOS Release 12.2(13)T.

12.2(14)S

The import keyword was integrated into Cisco IOS Release 12.2(14)S.


Usage Guidelines

The maximum-paths command is used to set the number of parallel (equal-cost) routes that BGP will install in the routing table to configure multipath loadsharing. The number of paths that can be configured is determined by the version of Cisco IOS software. The following list shows current limits:

Cisco IOS Release 12.0S based software: 8 paths

Cisco IOS Release 12.3T based software: 16 paths

Cisco IOS Release 12.2S based software: 32 paths

The maximum-paths command cannot be configured with the maximum-paths eibgp command for the same BGP routing process.

Configuring VRF Import Paths

A VRF will import only one path (best path) per prefix from the source VRF table, unless the prefix is exported with a different route-target. If the best path goes down, the destination will not be reachable until the next import event occurs, and then a new best path will be imported into the VRF table. The import event runs every 15 seconds by default.

The import keyword allows you to configure the VRF table to accept multiple redundant paths in addition to the best path. An import path is a redundant path, and it can have a next hop that matches an installed multipath.This feature should be used when there are multiple paths with identical next hops available to ensure optimal convergence times. A typical application of this feature is to configure redundant paths in a network that has multiple route reflectors for redundancy.


Note Configuring redundant paths with the import keyword can increase CPU and memory utilization significantly, especially in a network where there are many prefixes to learn and a large number of configured VRFs. It is recommended that this feature is only configured as necessary and that the minimum number of redundant paths are configured (Typically, not more than two).


Examples

In the following example, the router is configured to install 2 parallel routes in the BGP routing table:

Router(config)# router bgp 40000
Router(config-router)# maximum-paths 2 

In the following example, the router is configured to install 6 equal-cost routes and 2 import routes (backup) in the VRF routing table:

Router(config)# router bgp 40000 
Router(config-router)# address-family ipv4 vrf RED 
Router(config-router-af)# maximum-paths 6 import 2 

In the following example, the router is configured to install 2 import routes in the VRF routing table:

Router(config)# router bgp 100 
Router(config-router)# address-family ipv4 vrf BLUE 
Router(config-router-af)# maximum-paths import 2 

maximum-paths eibgp

To configure multipath load sharing for external BGP (eBGP) and internal (iBGP) routes, use the maximum-paths eibgp command in address family configuration mode. To disable multipath load sharing for eBGP and iBGP routes, use the no form of this command.

maximum-paths eibgp number [import number]

no maximum-paths eibgp number [import number]

Syntax Description

number

Specifies the number of routes to install to the routing table. See the usage guidelines for the number of paths that can be configured with this argument.

import number

(Optional) Specifies the number of redundant paths that can be configured as back up multipaths for a VRF. This keyword can only be configured under a VRF in address family configuration mode.

Note We recommend that this feature is enabled only where needed and that the number of import paths be kept to the minimum (Typically, not more than two paths). For more information, see the related note in the usage guidelines of this command reference page.


Defaults

Border Gateway Protocol (BGP) by default will install only one best path in the routing table.

Command Modes

Address family configuration

Command History

Release
Modification

12.2(4)T

This command was introduced.

12.0(24)S

This command was integrated into Cisco IOS Release 12.0(24)S.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S.

12.0(25)S

The import keyword was introduced.

12.2(13)T

The import keyword was integrated into Cisco IOS Release 12.2(13)T.

12.2(14)S

The import keyword was integrated into Cisco IOS Release 12.2(14)S.


Usage Guidelines

The maximum-paths eibgp command used to configure Border Gateway Protocol (BGP) multipath load sharing in an Multiprotocol Label Switching (MPLS) virtual private network (VPN) using eBGP and iBGP routes. This feature is configured under a virtual routing and forwarding instance (VRF) in address family configuration mode. The number of multipaths is configured separately for each VRF. The number of paths that can be configured is determined by the version of Cisco IOS software. The following list shows current limits:

Cisco IOS Release 12.0S based software: 8 paths

Cisco IOS Release 12.3T based software: 16 paths

Cisco IOS Release 12.2S based software: 32 paths

The maximum-paths eibgp command cannot be configured with the maximum-paths or maximum-paths ibgp command because the maximum-paths eibgp command is a superset of these commands.


Note The configuration of this command does not override the existing outbound routing policy.


Configuring VRF Import Paths

A VRF will import only one path (best path) per prefix from the source VRF table, unless the prefix is exported with a different route-target. If the best path goes down, the destination will not be reachable until the next import event occurs, and then a new best path will be imported into the VRF table. The import event runs every 15 seconds by default.

The import keyword allows you to configure the VRF table to accept multiple redundant paths in addition to the best path. An import path is a redundant path, and it can have a next hop that matches an installed multipath.This feature should be used when there are multiple paths with identical next hops available to ensure optimal convergence times. A typical application of this feature is to configure redundant paths in a network that has multiple route reflectors for redundancy.


Note Configuring redundant paths with the import keyword can increase CPU and memory utilization significantly, especially in a network where there are many prefixes to learn and a large number of configured VRFs. It is recommended that this feature is only configured as necessary and that the minimum number of redundant paths are configured (Typically, not more than two).


Examples

In the following example, the router is configured to install 6 eBGP or iBGP routes into the VRF routing table:

Router(config)# router bgp 40000 
Router(config-router)# address-family ipv4 vrf YELLOW 
Router(config-router-af)# maximum-paths eibgp 6 

In the following example, the router is configured to install 4 equal-cost routes and 2 import routes (backup) in the VRF routing table:

Router(config)# router bgp 45000 
Router(config-router)# address-family ipv4 vrf GREEN 
Router(config-router-af)# maximum-paths eibgp 4 import 2 

In the following example, the router is configured to install 2 import routes in the VRF routing table:

Router(config)# router bgp 50000
Router(config-router)# address-family ipv4 vrf ORANGE 
Router(config-router-af)# maximum-paths eibgp import 2 

Related Commands

Command
Description

maximum-paths

Configures the number of equal-cost routes that BGP will install in the routing table.

maximum-paths ibgp

Configures the number of equal-cost or unequal-cost routes that BGP will install in the routing table.

show ip bgp

Displays entries in the BGP routing table.


maximum-paths ibgp

To configure the number of number of equal-cost or unequal-cost routes that internal BGP (iBGP) will install in the routing table, use the maximum-paths ibgp command in router configuration mode. To restore the default value, use the no form of this command.

maximum-paths ibgp number [import number] | unequal-cost number [import number]

no maximum-paths ibgp number [import number] | unequal-cost number [import number]

Syntax Description

number

Specifies the number of routes to install to the routing table. See the usage guidelines for the number of paths that can be configured with this argument.

unequal-cost number

Specifies the number of unequal-cost routes to install to the routing table.

import number

(Optional) Specifies the number of redundant paths that can be configured as back up multipaths for a VRF. This keyword can only be configured under a VRF in address family configuration mode.

Note We recommend that this feature is enabled only where needed and that the number of import paths be kept to the minimum (Typically, not more than two paths). For more information, see the related note in the usage guidelines of this command reference page.


Defaults

Border Gateway Protocol (BGP) by default will install only one best path in the routing table.

Command Modes

Address family configuration
Router configuration

Command History

Release
Modification

12.2(2)T

This command was introduced.

12.0(22)S

This command was integrated into Cisco IOS Release 12.0(22)S.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S.

12.0(25)S

The import keyword was introduced.

12.2(13)T

The import keyword was integrated into Cisco IOS Release 12.2(13)T.

12.2(14)S

The import keyword was integrated into Cisco IOS Release 12.2(14)S.


Usage Guidelines

The maximum-paths ibgp command is used to configure equal-cost or unequal-cost multipath load sharing for iBGP peering sessions. In order for a route to be installed as a multipath in the BGP routing table, the route cannot have a next hop that is the same as another route that is already installed. The BGP routing process will still advertise a best path to iBGP peers when iBGP multipath load sharing is configured. For equal-cost routes, the path from the neighbor with the lowest router ID is advertised ad the best path.

To configure equal-cost multipath load sharing, all path attributes must be the same. The path attributes include weight, local preference, autonomous system path (entire attribute and not just the length), origin code, Multi Exit Discriminator (MED), and Interior Gateway Protocol (IGP) distance.

Configuring VRF Import Paths

A VRF will import only one path (best path) per prefix from the source VRF table, unless the prefix is exported with a different route-target. If the best path goes down, the destination will not be reachable until the next import event occurs, and then a new best path will be imported into the VRF table. An import path is a redundant path, and it can have a next hop that matches an installed multipath. The import event runs every 15 seconds by default.

The import keyword allows the network operator to configure the VRF table to accept multiple redundant paths in addition to the best path. This feature should be used when there are multiple paths with identical next hops available to ensure optimal convergence times. A typical application of this feature is to configure redundant paths in a network that has multiple route reflectors for redundancy.


Note Configuring redundant paths with the import keyword can increase CPU and memory utilization significantly, especially in a network where there are many prefixes to learn and a large number of configured VRFs. It is recommended that this feature is only configured as necessary and that the minimum number of redundant paths are configured (Typically, not more than two).


Examples

In the following example, the router is configured to install 6 equal-cost iBGP paths in the routing table. This router is not configured in to use MPLS.

Router(config)# router bgp 40000 
Router(config-router)# address-family ipv4 
Router(config-router-af)# maximum-paths ibgp 6 

In the following example, the router is configured to install 3 equal-cost iBGP paths in the VRF routing table. This router is part of a MPL-VPN topology.

Router(config)# router bgp 45000 
Router(config-router)# address-family ipv4 unicast vrf RED
Router(config-router-af)# maximum-paths ibgp 3 

In the following example, the router is configured to install 2 unequal-cost routes and 2 import routes (backup) in theVRF routing table:

Router(config)# router bgp 50000 
Router(config-router)# address-family ipv4 vrf YELLOW 
Router(config-router-af)# maximum-paths ibgp unequal-cost 2 import 2 

Related Commands

Command
Description

maximum-paths

Configures the number of equal-cost routes that BGP will install in the routing table.

maximum-paths eibgp

Configures the number of equal-cost eBGP or iBGP routes that BGP will install in the routing table.

show ip bgp

Displays entries in the BGP routing table.


maximum-prefix

To limit the number of prefixes that are accepted under an address- family by an Enhanced Interior Gateway Routing Protocol (EIGRP) process, use the maximum-prefix command in address-family configuration mode. To disable this function, use the no form of this command.

maximum-prefix maximum [threshold] [[dampened] [reset-time minutes] [restart minutes] [restart-count number] | [warning-only]]

no maximum-prefix

Syntax Description

maximum

Maximum number of prefixes allowed under an address-family. The range for this argument is a number from 1 to 4294967295.

Note The number of prefixes that can be configured is limited only by the available system resources on the router.

threshold

(Optional) Configures the router to generate syslog warning messages when the specified percentage of the maximum-prefix limit has been exceeded. The prefix percentage number that can be configured for the threshold argument is from 1 to 100. The default is 75 percent.

warning-only

(Optional) Configures the router to only generate syslog messages when the maximum-prefix limit is reached, instead of suspending peering session or route redistribution. This keyword is disabled by default.

restart minutes

(Optional) Configures a time period in which the router will not form adjacencies or accept redistributed routes from the RIB after the maximum-prefix limit has been exceeded. The value for the minutes argument is from 1 to 65535 minutes. The default restart-time period is 5 minutes.

restart-count number

(Optional) Configures the number of times a peering session can be automatically be reestablished after the peering session has been torn down or after the a redistribute route has been cleared and relearned because the maximum-prefix limit has been exceeded. The default restart-count limit is 3.


Warning Once the restart count threshold has been crossed, you will need to enter the clear ip route * or clear ip eigrp neighbor command to reestablish normal peering and/or redistribution.

reset-time minutes

(Optional) Configures the router to reset the restart count to 0 after the default or user-defined reset-time period has expired. The range of values that can be applied with the minutes argument is from 1 to 65535 minutes. The default reset-time period is 15 minutes.

dampened

(Optional) Configures a decay penalty to be applied to the restart-time period each time the maximum-prefix limit is exceeded. The half-life for the decay penalty is 150% of the default or user-defined restart-time value in minutes. This keyword is disabled by default.


Defaults

threshold: 75 percent
reset-time: 15 minutes
restart: 5 minutes
restart-count: 3

Command Modes

Address-family (IPv4 VRF)

Command History

Release
Modification

12.0(29)S

This command was introduced.

12.3(14)T

This command was integrated into Cisco IOS Release 12.3(14)T.


Usage Guidelines

The maximum-prefix is used to configure an EIGRP process to limit the number prefixes that are accepted from all sources. When the maximum-prefix limit is exceeded, sessions with remote peers are torn down, all routes learned from remote peers and through redistribution are removed from the topology and routing tables, and redistribution and peering is suspended for the default or user-defined time period.

Inherited Timer Values

Default or user-defined restart, restart-count, and reset-time values for the process-level configuration of this feature, configured with the maximum-prefix command, are inherited by the redistribute maximum-prefix and neighbor maximum-prefix command configurations by default. If a single peer is configured with the neighbor maximum-prefix command, a process-level configuration or a configuration that is applied to all neighbors will be inherited.

Examples

The following example, starting in global configuration mode, configures the maximum prefix limit for an EIGRP process, which includes routes learned through redistribution and routes learned through EIGRP peering sessions. The maximum limit is set to 50000 prefixes. When the number of prefixes learned through redistribution reaches 37500 (75 percent of 50000), warning messages will be displayed in the console. When the maximum prefix limit is exceeded, all peering sessions will be reset, the topology and routing tables will be cleared and redistributed routes and all peering sessions will be placed in a penalty state.

Router(config)# router eigrp 100
Router(config-router)# address-family ipv4 vrf RED
Router(config-router-af)# maximum-prefix 50000 
Router(config-router-af)# end

Related Commands

Command
Description

clear ip eigrp neighbors

Deletes neighbor entries from the routing table.

clear ip eigrp vrf neighbor

Deletes neighbor entries from the VRF table.

clear ip route

Deletes routes from the IP routing table.


max-area-addresses

To configure additional manual addresses for an IS-IS area, use the max-area-addresses command in router configuration mode. To disable the manual addresses, use the no form of this command.

max-area-addresses number

no max-area-addresses number

Syntax Description

number

Number of manual addresses to add. The range is from 3 to 234. There is no default value.


Command Default

No manual addresses are configured for an IS-IS area.

Command Modes

Router configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The max-area-addresses command allows you to maximize the size of an IS-IS area by configuring additional manual addresses. You specify the number of manual addresses that you want to add by entering the max-area-addresses command, and you assign a NET address to create each manual address by entering the net command.

Examples

The following example configures three manual addresses as follows:

router isis
 max-area-addresses 3
 net 50.3131.3131.3131.00
 net 51.3131.3131.3131.00
 net 52.3131.3131.3131.00

In the following example, an error message appears because the user has exceeded the maximum number of manual addresses that were configured with the max-area-addresses command:

router isis
 max-area-addresses 2
 net 50.3131.3131.3131.00 
 net 51.3131.3131.3131.00 
 net 52.3131.3131.3131.00 
%The maximum allowed addresses already configured

Related Commands

Command
Description

net

Assigns a NET address to an IS-IS router.


max-lsa

To limit the number of nonself-generated link-state advertisements (LSAs) that an Open Shortest Path First (OSPF) routing process can keep in the OSPF link-state database (LSDB), use the max-lsa command in router configuration mode. To remove the limit of non self-generated LSAs that an OSPF routing process can keep in the OSPF LSDB, use the no form of this command.

max-lsa maximum-number [threshold-percentage] [warning-only] [ignore-time minutes] [ignore-count count-number] [reset-time minutes]

no max-lsa maximum-number [threshold-percentage] [warning-only] [ignore-time minutes] [ignore-count count-number] [reset-time minutes]

Syntax Description

maximum-number

Maximum number of nonself-generated LSAs the OSPF process can keep in the OSPF LSBD.

threshold-percentage

(Optional) The percentage of the maximum LSA number, as specified by the maximum-number argument, at which a warning message is logged. The default is 75 percent.

warning-only

(Optional) Specifies that only a warning message is sent when the maximum limit for LSAs is exceeded. Disabled by default.

ignore-time minutes

(Optional) Specifies the time, in minutes, to ignore all neighbors after the maximum limit of LSAs has been exceeded. The default is 5 minutes.

ignore-count count-number

(Optional) Specifies the number of times the OSPF process can consecutively be placed into the ignore state. The default is 5 times.

reset-time minutes

(Optional) Specifies the time, in minutes, after which the ignore count is reset to zero. The default is 10 minutes.


Defaults

The number of nonself-generated LSAs that an OSPF routing process can keep in the OSPF LSDB is not limited.

threshold-percentage: 75 percent
warning-only warning message: disabled
ignore-time minutes: 5 minutes
ignore-count count-number: 5 times
reset-time minutes: 10 minutes

Command Modes

Router configuration

Command History

Release
Modification

12.0(27)S

This command was introduced.

12.3(7)T

This command was integrated into Cisco IOS Release 12.3(7)T.


Usage Guidelines

To prevent the OSPF process from endlessly changing from the normal state of operation to the ignore state as a result of the LSA count exceeding the maximum configured number immediately after it returns from the ignore state to the normal state of operation, the OSPF process keeps a counter on how many times the process went into the ignore state. This counter is called the ignore count. If the ignore count exceeds the maximum number of LSAs that is specified by the ignore-count keyword and counter-number argument, the OSPF process remains in the ignore state permanently. To return the OSPF process to the state of normal operation, enter the clear ip ospf command.

If the router is placed into a permanent ignore state, we recommend that you identify and correct the cause of the problem involving the router that is generating the LSAs, or, if possible, increase the limit that has been configured by the max-lsa command before you try to bring the router back into normal operation.

If the router that has generated large numbers of LSAs is not reachable, these LSAs cannot be removed from the OSPF area and domain. As a result, any other router leaving the ignore state and returning to normal operation may reach the ignore state again. We recommend that you take one of the following actions in order to bring the router back into the network:

Temporarily increase the LSA limit to account for the stale LSAs.

Wait until the stale LSAs are removed as a result of reaching their maximum age.

Make sure that the router that has generated the large number of LSAs is connected to the network and is no longer generating large numbers of LSAs.

When the warning-only keyword is used, the OSPF process never enters the ignore state. When the LSA count exceeds the maximum limit that is specified by the maximum-number argument, only an error message is logged and the OSPF process continues in its normal operation.

When the max-lsa command is entered for the first time or when any of the parameters of the command are changed, the OSPF process undergoes a soft-reset procedure.

Examples

The following example sets a limit of 12,000 LSAs that can be received before the OSPF process enters the ignore state:

Router(config)# router ospf 100
Router(config-router)# router-id 209.165.201.0
Router(config-router)# log-adjacency-changes
Router(config-router)# max-lsa 12000
Router(config-router)# network 209.165.201.1 255.255.255.255

In the following example, an OSPF process has remained in the ignore state permanently. When the clear ip ospf command is entered the OSPF process returns to the state of normal operation and clears redistribution based on the OSPF routing process ID.

Router(config-router)# clear ip ospf 100 process

Related Commands

Command
Description

clear ip ospf

Clears redistribution based on the OSPF routing process ID.


max-metric router-lsa

To configure a router that is running the Open Shortest Path First (OSPF) protocol to advertise a maximum metric so that other routers do not prefer the router as an intermediate hop in their shortest path first (SPF) calculations, use the max-metric router-lsa command in router configuration mode. To disable the advertisement of a maximum metric, use the no form of this command.

max-metric router-lsa [on-startup {announce-time | wait-for-bgp}]

no max-metric router-lsa [on-startup {announce-time | wait-for-bgp}]

Syntax Description

on-startup

(Optional) Configures the router to advertise a maximum metric at startup.

announce-time

(Optional) Advertises a maximum metric for the specified time interval. The configurable range is from 5 to 86400 seconds. There is no default timer value for this configuration option.

wait-for-bgp

(Optional) Advertises a maximum metric until BGP routing tables have converged or the default timer has expired. The default timer is 600 seconds.


Defaults

Router link-state advertisements (LSAs) are originated with normal link metrics.

Command Modes

Router configuration

Command History

Release
Modification

12.0(15)S

This command was introduced.

12.0(16)ST

This command was integrated into Cisco IOS Release 12.0(16)ST.

12.2(4)T

This command was integrated into Cisco IOS Release 12.2(4)T.


Usage Guidelines

Enabling the max-metric router-lsa command will cause a router to originate LSAs with a maximum metric (LSInfinity: 0xFFFF) through all nonstub links, which allows BGP routing tables to converge without attracting transit traffic (if there are not alternate lower cost paths around the router). The router will advertise accurate (normal) metrics after the configured or default timers expire or after BGP sends a notification that routing tables have converged.


Note Directly connected links in a stub network are not affected by the configuration of a maximum or infinite metric because the cost of a stub link is always set to the output interface cost.


The max-metric router-lsa command is useful in the following situations:

Reloading a router. After a router is reloaded, Interior Gateway Protocols (IGPs) converge very quickly, and other routers may try to forward traffic through the newly reloaded router. If the router is still building BGP routing tables, packets destined for other networks that the router has not learned through BGP may be dropped. In the case of an Internet backbone router, a large number of packets may be dropped.

Introducing a router into a network without routing traffic through it. You may want to connect a router to an OSPF network but not want real traffic flowing through the router if there are better alternate paths. If there are no alternate paths, then this router would still accept transit traffic as before.

Gracefully removing a router from a network. This feature allows you to gracefully remove a router from the network by advertising a maximum metric through all links, which allows other routers to select alternate paths for transit traffic to follow before the router is shut down.


Note You should not save the running configuration of a router when it is configured for a graceful shutdown because the router will continue to advertise a maximum metric after it is reloaded.



Note In older OSPF implementations (RFC 1247 and earlier implementations), the router link costs in received LSAs with a metric of LSInfinity are not used during SPF calculations, which means that no transit traffic will be sent to the routers originating these LSAs.


Examples

The following example configures a router that is running OSPF to advertise a maximum metric for 100 seconds:

Router(config)# router ospf 100
 Router(config-router)# max-metric router-lsa on-startup 100

The following example configures a router to advertise a maximum metric until BGP routing tables converge or until the default timer expires (600 seconds):

Router(config)# router ospf 100
 Router(config-router)# max-metric router-lsa on-startup wait-for-bgp

The following example configures a router that is running OSPF to advertise a maximum metric until the router shuts down:

Router(config)# router ospf 100
 Router(config-router)# max-metric router-lsa
 Router(config-router)# exit
 Router(config)# exit
 Router# show ip ospf

Related Commands

Command
Description

show ip ospf

Displays general information about OSPF routing processes.

show ip ospf database

Displays lists of information related to the OSPF database for a specific router.


metric

To globally change the metric value for all Intermediate System-to-Intermediate System (IS-IS) interfaces, use the metric command in interface configuration or address family configuration mode. To disable the metric value and reinstate the default metric value of 10, use the no form of this command.

metric default-value [level-1 | level-2]

no metric default-value [level-1 | level-2]

Syntax Description

default-value

Metric value to be assigned to the link and used to calculate the path cost via the links to destinations. You can configure this metric for Level 1 or Level 2 routing only. For style wide metrics the range is from 1 to 16777214. For style narrow metrics the range is from 1 to 63.

level-1

(Optional) Set IS-IS Level 1 IPv4 or IPv6 metric.

level-2

(Optional) Set IS-IS Level 2 IPv4 or IPv6 metric.


Defaults

The default value for active IS-IS interfaces is 10; the default value for inactive IS-IS interfaces is zero.
If the level-1 or level-2 keyword is not entered, the metric will be applied to both Level 1 and Level 2 IS-IS interfaces.

Command Modes

Interface configuration
Address family configuration

Command History

Release
Modification

12.3(4)T

This command was introduced.


Usage Guidelines

When you need to change the default metric value for all IS-IS interfaces, it is recommended to use the metric command in order to configure all interfaces globally. Globally configuring the metric values prevents user errors, such as unintentionally removing a set metric from an interface without configuring a new value and unintentionally allowing the interface to revert to the default metric 10 and thereby become a highly preferred interface in the network.

For networks running IPv4, enter the metric command in interface configuration mode. For networks running IPv6, enter the metric command in address family configuration mode.

Once you enter the metric command to change the default IS-IS interface metric value, an enabled interface will use the new value instead of the default value 10. Passive interfaces will continue to use the metric value 0.


Note The metric value that is directly configured for a specific interface with either the isis metric command or the isis ipv6 metric command will always take precedence over the metric value you configure with the metric command.


Examples

The following example configures the IS-IS interfaces with a global default value 111 for an IS-IS IPv4 network:

interface Ethernet3/1
 ip address 10.10.10.2 255.255.0.0
 ip router isis area1
 no ip route-cache
 duplex half
!
interface Ethernet3/2
 ip address 10.10.10.130 255.255.255.0
 ip router isis area1
 no ip route-cache
 duplex half
!
router isis area1
 net 01.0000.0309.1234.00
 metric-style wide
 metric 111

Entering the show clns interface command returns the following information:

Router# show clns interface

Ethernet3/1 is up, line protocol is up
  Checksums enabled, MTU 1497, Encapsulation SAP
  ERPDUs enabled, min. interval 10 msec.
  CLNS fast switching enabled
  CLNS SSE switching disabled
  DEC compatibility mode OFF for this interface
  Next ESH/ISH in 39 seconds
  Routing Protocol: IS-IS
    Circuit Type: level-1-2
    Interface number 0x0, local circuit ID 0x1
    Level-1 Metric: 111, Priority: 64, Circuit ID: mekong.01
    Level-1 IPv6 Metric: 10
    Number of active level-1 adjacencies: 0
    Level-2 Metric: 111, Priority: 64, Circuit ID: mekong.01
    Level-2 IPv6 Metric: 10
    Number of active level-2 adjacencies: 0
    Next IS-IS LAN Level-1 Hello in 922 milliseconds
    Next IS-IS LAN Level-2 Hello in 1 seconds
Ethernet3/2 is up, line protocol is up
  Checksums enabled, MTU 1497, Encapsulation SAP
  ERPDUs enabled, min. interval 10 msec.
  CLNS fast switching enabled
  CLNS SSE switching disabled
  DEC compatibility mode OFF for this interface
  Next ESH/ISH in 20 seconds
  Routing Protocol: IS-IS
    Circuit Type: level-1-2
    Interface number 0x1, local circuit ID 0x2
    Level-1 Metric: 111, Priority: 64, Circuit ID: mekong.02
    Level-1 IPv6 Metric: 10
    Number of active level-1 adjacencies: 1
    Level-2 Metric: 111, Priority: 64, Circuit ID: mekong.02
    Level-2 IPv6 Metric: 10
    Number of active level-2 adjacencies: 1
    Next IS-IS LAN Level-1 Hello in 2 seconds
    Next IS-IS LAN Level-2 Hello in 1 seconds

The following example configures IPv6 for IS-IS and a global default value of 222 IPv6 metric for the IS-IS interfaces. The metric of 10 that was entered using the isis metric command will take precedence.

interface Ethernet3/1
 ip address 10.10.10.2 255.255.0.0
 ip router isis area1
 no ip route-cache
 duplex half
 isis metric 10
!
interface Ethernet3/2
 ip address 10.10.10.10 255.255.255.0
 ip router isis area1
 no ip route-cache
 duplex half
router isis area1
 net 01.0000.0309.1234.00
 metric-style wide
 metric 111
 !
 address-family ipv6
 metric 222
 exit-address-family

Enter the show clns interface command to verify that the global default metric for IS-IS IPv6 interfaces for IPv6 network is 222:

Router# show clns interface

Ethernet3/1 is up, line protocol is up
  Checksums enabled, MTU 1497, Encapsulation SAP
  ERPDUs enabled, min. interval 10 msec.
  CLNS fast switching enabled
  CLNS SSE switching disabled
  DEC compatibility mode OFF for this interface
  Next ESH/ISH in 51 seconds
  Routing Protocol: IS-IS
    Circuit Type: level-1-2
    Interface number 0x0, local circuit ID 0x1
    Level-1 Metric: 10, Priority: 64, Circuit ID: mekong.01
    Level-1 IPv6 Metric: 222
    Number of active level-1 adjacencies: 0
    Level-2 Metric: 10, Priority: 64, Circuit ID: mekong.01
    Level-2 IPv6 Metric: 222
    Number of active level-2 adjacencies: 0
    Next IS-IS LAN Level-1 Hello in 2 seconds
    Next IS-IS LAN Level-2 Hello in 2 seconds
Ethernet3/2 is up, line protocol is up
  Checksums enabled, MTU 1497, Encapsulation SAP
  ERPDUs enabled, min. interval 10 msec.
  CLNS fast switching enabled
  CLNS SSE switching disabled
  DEC compatibility mode OFF for this interface
  Next ESH/ISH in 17 seconds
  Routing Protocol: IS-IS
    Circuit Type: level-1-2
    Interface number 0x1, local circuit ID 0x2
    Level-1 Metric: 111, Priority: 64, Circuit ID: mekong.02
    Level-1 IPv6 Metric: 222
    Number of active level-1 adjacencies: 1
    Level-2 Metric: 111, Priority: 64, Circuit ID: mekong.02
    Level-2 IPv6 Metric: 222
    Number of active level-2 adjacencies: 1
    Next IS-IS LAN Level-1 Hello in 1 seconds
    Next IS-IS LAN Level-2 Hello in 89 milliseconds

Related Commands

Command
Description

isis ipv6 metric

Configures the value of an IS-IS IPv6.

isis metric

Configures the metric for an interface.


metric holddown

To keep new Enhanced Interior Gateway Routing Protocol (EIGRP) routing information from being used for a certain period of time, use the metric holddown command in router configuration mode. To disable this feature, use the no form of this command.

metric holddown

no metric holddown

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Router configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The holddown state keeps new routing information from being used for a certain period of time. This function can prevent routing loops caused by slow convergence. It is sometimes advantageous to disable the holddown state to increase the ability of the network to quickly respond to topology changes; this command provides this function.

Use the metric holddown command if other routers or access servers within the autonomous system are not configured with the no metric holddown command. If all routers are not configured the same way, you increase the possibility of routing loops.

Examples

The following example disables metric holddown:

router eigrp 15
 network 172.16.0.0
 network 192.168.7.0
 no metric holddown

Related Commands

Command
Description

metric maximum-hops

Causes the IP routing software to advertise as unreachable those routes with a hop count higher than is specified by the command (IGRP only).

metric weights (EIGRP)

Allows the tuning of the EIGRP metric calculations.


metric maximum-hops

To have the IP routing software advertise as unreachable those routes with a hop count higher than is specified by the command (Enhanced Interior Gateway Routing Protocol [EIGRP] only), use the metric maximum-hops command in router configuration mode. To reset the value to the default, use the no form of this command.

metric maximum-hops {hops-number}

no metric maximum-hops {hops-number}

Syntax Description

hops-number

Maximum hop count (in decimal). The default value is 100 hops; the maximum number of hops that can be specified is 255.


Defaults

100 hops

Command Modes

Router configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This command provides a safety mechanism that breaks any potential count-to-infinity problems. It causes the IP routing software to advertise as unreachable routes with a hop count greater than the value assigned to the hops-number argument.

Examples

In the following example, a router in autonomous system 71 attached to network 15.0.0.0 wants a maximum hop count of 200, doubling the default. The network administrators configured the router hop count to 200 because they have a complex WAN that can generate a large hop count under normal (nonlooping) operations.

router eigrp 71
 network 172.16.0.0
 metric maximum-hops 200

Related Commands

Command
Description

metric holddown

Keeps new EIGRP routing information from being used for a certain period of time.

metric weights (EIGRP)

Allows the tuning of the EIGRP metric calculations.


metric weights (EIGRP)

To allow the tuning of Enhanced Interior Gateway Routing Protocol (EIGRP) metric calculations, use the metric weights command in router configuration mode. To reset the values to their defaults, use the no form of this command.

metric weights tos k1 k2 k3 k4 k5

no metric weights

Syntax Description

tos

Type of service must always be zero.

k1k2 k3 k4 k5

Constants that convert an EIGRP metric vector into a scalar quantity.


Defaults

tos: 0

k1: 1

k2: 0

k3: 1

k4: 0

k5: 0

Command Modes

Router configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Use this command to alter the default behavior of EIGRP routing and metric computation and allow the tuning of the EIGRP metric calculation for a particular type of service (ToS).

If k5 equals 0, the composite EIGRP metric is computed according to the following formula:

metric = [k1 * bandwidth + (k2 * bandwidth)/(256 - load) + k3 * delay]

If k5 does not equal zero, an additional operation is performed:

metric = metric * [k5/(reliability + k4)]

Bandwidth is inverse minimum bandwidth of the path in BPS scaled by a factor of 2.56 * 1012. The range is from a 1200-bps line to 10 terabits per second.

Delay is in units of 10 microseconds. The range of delay is from 10 microseconds to 168 seconds. A delay of all ones indicates that the network is unreachable.

The delay parameter is stored in a 32-bit field, in increments of 39.1 nanoseconds. The range of delay is from 1 (39.1 nanoseconds) to hexadecimal FFFFFFFF (decimal 4,294,967,040 nanoseconds). A delay of all ones (that is, a delay of hexadecimal FFFFFFFF) indicates that the network is unreachable.

Table 4 lists the default values used for several common media.

Table 4 Bandwidth Values by Media Type 

Media Type
Delay
Bandwidth

Satellite

5120 (2 seconds)

5120 (500 megabits)

Ethernet

25600 (1 milliseconds [ms])

256000 (10 megabits)

1.544 Mbps

512000 (20,000 ms)

1,657,856 bits

64 kbps

512000 (20,000 ms)

40,000,000 bits

56 kbps

512000 (20,000 ms)

45,714,176 bits

10 kbps

512000 (20,000 ms)

256,000,000 bits

1 kbps

512000 (20,000 ms)

2,560,000,000 bits


Reliability is given as a fraction of 255. That is, 255 is 100 percent reliability or a perfectly stable link.

Load is given as a fraction of 255. A load of 255 indicates a completely saturated link.

Examples

The following example sets the metric weights to slightly different values than the defaults:

router eigrp 109
 network 192.168.0.0
 metric weights 0 2 0 2 0 0

Related Commands

Command
Description

bandwidth (interface)

Sets a bandwidth value for an interface.

delay (interface)

Sets a delay value for an interface.

metric holddown

Keeps new EIGRP routing information from being used for a certain period of time.

metric maximum-hops

Causes the IP routing software to advertise as unreachable those routes with a hop count higher than is specified by the command (IGRP only).